ai-zero-token 2.0.3 → 2.0.5

package/dist/core/store/codex-auth-store.js

@@ -5,12 +5,197 @@ import path from "node:path";
 function getCodexHomeDir() {
   return process.env.CODEX_HOME || path.join(os.homedir(), ".codex");
 }
+const DEFAULT_CODEX_PROVIDER_ID = "ai-zero-token";
 function getCodexAuthPath() {
   return path.join(getCodexHomeDir(), "auth.json");
 }
+function getCodexConfigPath() {
+  return path.join(getCodexHomeDir(), "config.toml");
+}
 function createBackupSuffix() {
   return (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
 }
+function escapeRegExp(value) {
+  return value.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+}
+function formatTomlString(value) {
+  return JSON.stringify(value);
+}
+function validateProviderId(providerId) {
+  if (!/^[A-Za-z0-9_-]+$/.test(providerId)) {
+    throw new Error("Codex providerId \u53EA\u80FD\u5305\u542B\u5B57\u6BCD\u3001\u6570\u5B57\u3001\u4E0B\u5212\u7EBF\u548C\u77ED\u6A2A\u7EBF\u3002");
+  }
+}
+function normalizeCodexProviderBaseUrl(value) {
+  let normalized = value.trim();
+  if (!normalized) {
+    throw new Error("Codex provider base_url \u4E0D\u80FD\u4E3A\u7A7A\u3002");
+  }
+  if (!/^[A-Za-z][A-Za-z0-9+.-]*:\/\//.test(normalized)) {
+    normalized = `http://${normalized}`;
+  }
+  let url;
+  try {
+    url = new URL(normalized);
+  } catch {
+    throw new Error("Codex provider base_url \u683C\u5F0F\u9519\u8BEF\uFF0C\u8BF7\u586B\u5199\u5B8C\u6574\u7684 http(s) URL\u3002");
+  }
+  if (url.protocol !== "http:" && url.protocol !== "https:") {
+    throw new Error("Codex provider base_url \u5FC5\u987B\u662F http(s) URL\u3002");
+  }
+  url.hash = "";
+  url.search = "";
+  const path2 = url.pathname.replace(/\/+$/g, "");
+  if (!path2 || path2 === "/") {
+    url.pathname = "/codex/v1";
+  } else if (path2 === "/v1") {
+    url.pathname = "/codex/v1";
+  } else if (path2.endsWith("/codex")) {
+    url.pathname = `${path2}/v1`;
+  } else {
+    url.pathname = path2;
+  }
+  return url.toString().replace(/\/+$/g, "");
+}
+function parseTomlStringValue(value) {
+  const trimmed = value.trim().replace(/\s+#.*$/g, "");
+  if (!trimmed) {
+    return void 0;
+  }
+  if (trimmed.startsWith('"')) {
+    try {
+      const parsed = JSON.parse(trimmed);
+      return typeof parsed === "string" ? parsed : void 0;
+    } catch {
+      return void 0;
+    }
+  }
+  if (trimmed.startsWith("'") && trimmed.endsWith("'") && trimmed.length >= 2) {
+    return trimmed.slice(1, -1);
+  }
+  return trimmed;
+}
+function findFirstTableLine(lines) {
+  const index = lines.findIndex((line) => /^\s*\[/.test(line));
+  return index === -1 ? lines.length : index;
+}
+function parseRootModelProvider(raw) {
+  const lines = raw.split(/\r?\n/);
+  const firstTableLine = findFirstTableLine(lines);
+  for (let index = 0; index < firstTableLine; index += 1) {
+    const match = /^\s*model_provider\s*=\s*(.+)$/.exec(lines[index] ?? "");
+    if (match) {
+      return parseTomlStringValue(match[1] ?? "");
+    }
+  }
+  return void 0;
+}
+function parseGatewayProviderTable(raw, providerId) {
+  const lines = raw.split(/\r?\n/);
+  const tablePattern = new RegExp(`^\\s*\\[\\s*model_providers\\.${escapeRegExp(providerId)}\\s*\\]\\s*$`);
+  const start = lines.findIndex((line) => tablePattern.test(line));
+  if (start === -1) {
+    return { exists: false };
+  }
+  let baseUrl;
+  for (let index = start + 1; index < lines.length && !/^\s*\[/.test(lines[index] ?? ""); index += 1) {
+    const match = /^\s*base_url\s*=\s*(.+)$/.exec(lines[index] ?? "");
+    if (match) {
+      baseUrl = parseTomlStringValue(match[1] ?? "");
+    }
+  }
+  return { exists: true, baseUrl };
+}
+function upsertRootModelProvider(raw, providerId) {
+  if (!raw.trim()) {
+    return `model_provider = ${formatTomlString(providerId)}
+`;
+  }
+  const lines = raw.split(/\r?\n/);
+  const firstTableLine = findFirstTableLine(lines);
+  const nextLine = `model_provider = ${formatTomlString(providerId)}`;
+  for (let index = 0; index < firstTableLine; index += 1) {
+    if (/^\s*model_provider\s*=/.test(lines[index])) {
+      lines[index] = nextLine;
+      return lines.join("\n");
+    }
+  }
+  lines.splice(firstTableLine, 0, nextLine, "");
+  return lines.join("\n");
+}
+function buildGatewayProviderBlock(providerId, baseUrl) {
+  return [
+    "# AI Zero Token managed Codex provider",
+    `[model_providers.${providerId}]`,
+    'name = "AI Zero Token"',
+    `base_url = ${formatTomlString(baseUrl)}`,
+    'wire_api = "responses"',
+    "supports_websockets = false"
+  ];
+}
+function upsertGatewayProviderTable(raw, providerId, baseUrl) {
+  const lines = raw.split(/\r?\n/);
+  const tablePattern = new RegExp(`^\\s*\\[\\s*model_providers\\.${escapeRegExp(providerId)}\\s*\\]\\s*$`);
+  const start = lines.findIndex((line) => tablePattern.test(line));
+  const block = buildGatewayProviderBlock(providerId, baseUrl);
+  if (start === -1) {
+    const trimmed = raw.replace(/\s+$/g, "");
+    return `${trimmed}${trimmed ? "\n\n" : ""}${block.join("\n")}
+`;
+  }
+  let end = start + 1;
+  while (end < lines.length && !/^\s*\[/.test(lines[end])) {
+    end += 1;
+  }
+  const replaceStart = start > 0 && /AI Zero Token managed Codex provider/.test(lines[start - 1]) ? start - 1 : start;
+  lines.splice(replaceStart, end - replaceStart, ...block, "");
+  return lines.join("\n").replace(/\s+$/g, "\n");
+}
+function applyGatewayProviderConfig(raw, providerId, baseUrl) {
+  return upsertGatewayProviderTable(upsertRootModelProvider(raw, providerId), providerId, baseUrl);
+}
+function removeRootModelProvider(raw, providerId) {
+  const lines = raw.split(/\r?\n/);
+  const firstTableLine = findFirstTableLine(lines);
+  for (let index = 0; index < firstTableLine; index += 1) {
+    const match = /^\s*model_provider\s*=\s*(.+)$/.exec(lines[index] ?? "");
+    if (!match || parseTomlStringValue(match[1] ?? "") !== providerId) {
+      continue;
+    }
+    lines.splice(index, 1);
+    if (lines[index] === "" && (index === 0 || lines[index - 1] === "")) {
+      lines.splice(index, 1);
+    }
+    return { raw: lines.join("\n").replace(/^\s+\n/g, ""), removed: true };
+  }
+  return { raw, removed: false };
+}
+function removeGatewayProviderTable(raw, providerId) {
+  const lines = raw.split(/\r?\n/);
+  const tablePattern = new RegExp(`^\\s*\\[\\s*model_providers\\.${escapeRegExp(providerId)}\\s*\\]\\s*$`);
+  const start = lines.findIndex((line) => tablePattern.test(line));
+  if (start === -1) {
+    return { raw, removed: false };
+  }
+  let end = start + 1;
+  while (end < lines.length && !/^\s*\[/.test(lines[end])) {
+    end += 1;
+  }
+  const replaceStart = start > 0 && /AI Zero Token managed Codex provider/.test(lines[start - 1]) ? start - 1 : start;
+  lines.splice(replaceStart, end - replaceStart);
+  return {
+    raw: lines.join("\n").replace(/\n{3,}/g, "\n\n").replace(/\s+$/g, "\n"),
+    removed: true
+  };
+}
+function removeGatewayProviderConfig(raw, providerId) {
+  const rootRemoved = removeRootModelProvider(raw, providerId);
+  const tableRemoved = removeGatewayProviderTable(rootRemoved.raw, providerId);
+  return {
+    raw: tableRemoved.raw,
+    removed: rootRemoved.removed || tableRemoved.removed
+  };
+}
 function isRecord(value) {
   return typeof value === "object" && value !== null && !Array.isArray(value);
 }
@@ -23,14 +208,44 @@ async function readCodexAuth() {
     return null;
   }
 }
+async function getCodexGatewayProviderStatus(params) {
+  const providerId = params?.providerId?.trim() || DEFAULT_CODEX_PROVIDER_ID;
+  validateProviderId(providerId);
+  const configPath = getCodexConfigPath();
+  let raw = "";
+  try {
+    raw = await fs.readFile(configPath, "utf8");
+  } catch {
+    return {
+      path: configPath,
+      providerId,
+      exists: false,
+      active: false
+    };
+  }
+  const modelProvider = parseRootModelProvider(raw);
+  const table = parseGatewayProviderTable(raw, providerId);
+  return {
+    path: configPath,
+    providerId,
+    exists: table.exists,
+    active: modelProvider === providerId && table.exists,
+    baseUrl: table.baseUrl,
+    modelProvider
+  };
+}
 async function getCodexAuthStatus() {
   const authPath = getCodexAuthPath();
-  const auth = await readCodexAuth();
+  const [auth, gatewayProvider] = await Promise.all([
+    readCodexAuth(),
+    getCodexGatewayProviderStatus()
+  ]);
   if (!auth) {
     return {
       path: authPath,
       exists: false,
-      hasIdToken: false
+      hasIdToken: false,
+      gatewayProvider
     };
   }
   const tokens = isRecord(auth.tokens) ? auth.tokens : {};
@@ -39,7 +254,8 @@ async function getCodexAuthStatus() {
     exists: true,
     accountId: typeof tokens.account_id === "string" ? tokens.account_id : void 0,
     hasIdToken: typeof tokens.id_token === "string" && tokens.id_token.length > 0,
-    lastRefresh: typeof auth.last_refresh === "string" ? auth.last_refresh : void 0
+    lastRefresh: typeof auth.last_refresh === "string" ? auth.last_refresh : void 0,
+    gatewayProvider
   };
 }
 async function applyProfileToCodexAuth(profile) {
@@ -82,13 +298,88 @@ async function applyProfileToCodexAuth(profile) {
     accountId: profile.accountId,
     hasIdToken: true,
     lastRefresh: authFile.last_refresh,
+    gatewayProvider: await getCodexGatewayProviderStatus(),
     backupPath,
     appliedProfileId: profile.profileId,
     appliedEmail: profile.email
   };
 }
+async function applyGatewayToCodexProviderConfig(params) {
+  const providerId = params.providerId?.trim() || DEFAULT_CODEX_PROVIDER_ID;
+  validateProviderId(providerId);
+  const baseUrl = normalizeCodexProviderBaseUrl(params.baseUrl);
+  const configPath = getCodexConfigPath();
+  const codexHomeDir = path.dirname(configPath);
+  await fs.mkdir(codexHomeDir, { recursive: true });
+  let raw = "";
+  let backupPath;
+  try {
+    raw = await fs.readFile(configPath, "utf8");
+    backupPath = `${configPath}.azt-backup-${createBackupSuffix()}`;
+    await fs.copyFile(configPath, backupPath);
+  } catch {
+    raw = "";
+    backupPath = void 0;
+  }
+  const next = applyGatewayProviderConfig(raw, providerId, baseUrl);
+  const tmpPath = `${configPath}.tmp-${process.pid}`;
+  await fs.writeFile(tmpPath, next, {
+    encoding: "utf8",
+    mode: 384
+  });
+  await fs.rename(tmpPath, configPath);
+  await fs.chmod(configPath, 384);
+  return {
+    path: configPath,
+    backupPath,
+    providerId,
+    baseUrl
+  };
+}
+async function removeGatewayFromCodexProviderConfig(params) {
+  const providerId = params?.providerId?.trim() || DEFAULT_CODEX_PROVIDER_ID;
+  validateProviderId(providerId);
+  const configPath = getCodexConfigPath();
+  let raw = "";
+  try {
+    raw = await fs.readFile(configPath, "utf8");
+  } catch {
+    return {
+      path: configPath,
+      providerId,
+      removed: false
+    };
+  }
+  const next = removeGatewayProviderConfig(raw, providerId);
+  if (!next.removed) {
+    return {
+      path: configPath,
+      providerId,
+      removed: false
+    };
+  }
+  const backupPath = `${configPath}.azt-backup-${createBackupSuffix()}`;
+  await fs.copyFile(configPath, backupPath);
+  const tmpPath = `${configPath}.tmp-${process.pid}`;
+  await fs.writeFile(tmpPath, next.raw.trim() ? next.raw : "", {
+    encoding: "utf8",
+    mode: 384
+  });
+  await fs.rename(tmpPath, configPath);
+  await fs.chmod(configPath, 384);
+  return {
+    path: configPath,
+    backupPath,
+    providerId,
+    removed: true
+  };
+}
 export {
+  applyGatewayToCodexProviderConfig,
   applyProfileToCodexAuth,
   getCodexAuthPath,
-  getCodexAuthStatus
+  getCodexAuthStatus,
+  getCodexConfigPath,
+  getCodexGatewayProviderStatus,
+  removeGatewayFromCodexProviderConfig
 };

package/dist/core/store/settings-store.js

@@ -1,4 +1,5 @@
 #!/usr/bin/env node
+import { randomUUID } from "node:crypto";
 import fs from "node:fs/promises";
 import {
   ensureStateMigrated,
@@ -16,7 +17,8 @@ function createDefaultSettings() {
       noProxy: "localhost,127.0.0.1,::1"
     },
     autoSwitch: {
-      enabled: false
+      enabled: false,
+      excludedProfileIds: []
     },
     runtime: {
       quotaSyncConcurrency: 16
@@ -27,32 +29,36 @@ function createDefaultSettings() {
     }
   };
 }
+function normalizeSettings(parsed) {
+  const defaults = createDefaultSettings();
+  return {
+    version: 1,
+    defaultProvider: parsed.defaultProvider ?? defaults.defaultProvider,
+    defaultModel: parsed.defaultModel ?? defaults.defaultModel,
+    networkProxy: {
+      enabled: parsed.networkProxy?.enabled ?? defaults.networkProxy.enabled,
+      url: parsed.networkProxy?.url ?? defaults.networkProxy.url,
+      noProxy: parsed.networkProxy?.noProxy ?? defaults.networkProxy.noProxy
+    },
+    autoSwitch: {
+      enabled: parsed.autoSwitch?.enabled ?? defaults.autoSwitch.enabled,
+      excludedProfileIds: normalizeStringList(parsed.autoSwitch?.excludedProfileIds)
+    },
+    runtime: {
+      quotaSyncConcurrency: normalizeQuotaSyncConcurrency(parsed.runtime?.quotaSyncConcurrency, defaults.runtime.quotaSyncConcurrency)
+    },
+    server: {
+      host: parsed.server?.host ?? defaults.server.host,
+      port: parsed.server?.port ?? defaults.server.port
+    }
+  };
+}
 async function loadSettings() {
   try {
     await ensureStateMigrated();
     const raw = await fs.readFile(getSettingsPath(), "utf8");
     const parsed = JSON.parse(raw);
-    const defaults = createDefaultSettings();
-    return {
-      version: 1,
-      defaultProvider: parsed.defaultProvider ?? defaults.defaultProvider,
-      defaultModel: parsed.defaultModel ?? defaults.defaultModel,
-      networkProxy: {
-        enabled: parsed.networkProxy?.enabled ?? defaults.networkProxy.enabled,
-        url: parsed.networkProxy?.url ?? defaults.networkProxy.url,
-        noProxy: parsed.networkProxy?.noProxy ?? defaults.networkProxy.noProxy
-      },
-      autoSwitch: {
-        enabled: parsed.autoSwitch?.enabled ?? defaults.autoSwitch.enabled
-      },
-      runtime: {
-        quotaSyncConcurrency: normalizeQuotaSyncConcurrency(parsed.runtime?.quotaSyncConcurrency, defaults.runtime.quotaSyncConcurrency)
-      },
-      server: {
-        host: parsed.server?.host ?? defaults.server.host,
-        port: parsed.server?.port ?? defaults.server.port
-      }
-    };
+    return normalizeSettings(parsed);
   } catch {
     return createDefaultSettings();
   }
@@ -64,11 +70,35 @@ function normalizeQuotaSyncConcurrency(value, fallback = 16) {
   }
   return Math.min(32, Math.max(1, Math.trunc(parsed)));
 }
-async function saveSettings(settings) {
+function normalizeStringList(value) {
+  if (!Array.isArray(value)) {
+    return [];
+  }
+  return Array.from(
+    new Set(
+      value.map((item) => typeof item === "string" ? item.trim() : "").filter(Boolean)
+    )
+  );
+}
+let settingsSaveQueue = Promise.resolve();
+async function writeSettingsAtomic(settings) {
   await ensureStateMigrated();
   await fs.mkdir(getStateDir(), { recursive: true });
-  await fs.writeFile(getSettingsPath(), `${JSON.stringify(settings, null, 2)}
+  const settingsPath = getSettingsPath();
+  const tempPath = `${settingsPath}.${process.pid}.${Date.now()}.${randomUUID()}.tmp`;
+  try {
+    await fs.writeFile(tempPath, `${JSON.stringify(settings, null, 2)}
 `, "utf8");
+    await fs.rename(tempPath, settingsPath);
+  } catch (error) {
+    await fs.rm(tempPath, { force: true }).catch(() => void 0);
+    throw error;
+  }
+}
+async function saveSettings(settings) {
+  const nextSave = settingsSaveQueue.then(() => writeSettingsAtomic(settings), () => writeSettingsAtomic(settings));
+  settingsSaveQueue = nextSave.catch(() => void 0);
+  await nextSave;
 }
 export {
   createDefaultSettings,