better-opencode-openai-codex-auth 0.1.0

package/dist/lib/account-pool.js

@@ -0,0 +1,243 @@
+import { chmodSync, existsSync, mkdirSync, readFileSync, renameSync, writeFileSync } from "node:fs";
+import { homedir } from "node:os";
+import { randomUUID } from "node:crypto";
+import { dirname, join } from "node:path";
+const STORAGE_VERSION = 1;
+const DEFAULT_COOLDOWN_MS = 60_000;
+function storagePath() {
+    if (process.env.OPENAI_CODEX_ACCOUNTS_PATH) {
+        return process.env.OPENAI_CODEX_ACCOUNTS_PATH;
+    }
+    return join(homedir(), ".opencode", "openai-codex-accounts.json");
+}
+function clampIndex(index, size) {
+    if (!Number.isFinite(index) || size <= 0)
+        return 0;
+    const n = Math.floor(index);
+    if (n < 0)
+        return 0;
+    if (n >= size)
+        return size - 1;
+    return n;
+}
+function now() {
+    return Date.now();
+}
+function normalizeEntry(entry) {
+    if (!entry.accountId || !entry.refresh || !entry.access || !Number.isFinite(entry.expires)) {
+        return null;
+    }
+    return {
+        accountId: entry.accountId,
+        refresh: entry.refresh,
+        access: entry.access,
+        expires: Math.floor(entry.expires),
+        email: entry.email,
+        lastUsed: entry.lastUsed,
+        rateLimitedUntil: entry.rateLimitedUntil,
+    };
+}
+function parseStorage(raw) {
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch {
+        return null;
+    }
+    if (!parsed || typeof parsed !== "object")
+        return null;
+    const obj = parsed;
+    const accounts = Array.isArray(obj.accounts)
+        ? obj.accounts
+            .map((e) => normalizeEntry(e))
+            .filter((e) => e !== null)
+        : [];
+    return {
+        version: STORAGE_VERSION,
+        activeIndex: clampIndex(Number(obj.activeIndex ?? 0), accounts.length || 1),
+        accounts,
+    };
+}
+function normalizeCooldown(cooldownMs) {
+    if (!Number.isFinite(cooldownMs) || cooldownMs < 1000) {
+        return DEFAULT_COOLDOWN_MS;
+    }
+    return Math.floor(cooldownMs);
+}
+function retryAfterFromHeaders(headers, fallbackMs) {
+    const maxRetryMs = 86_400_000;
+    const retryAfterMs = headers.get("retry-after-ms");
+    if (retryAfterMs) {
+        const parsed = Number.parseInt(retryAfterMs, 10);
+        if (!Number.isNaN(parsed) && parsed > 0 && parsed <= maxRetryMs)
+            return parsed;
+    }
+    const retryAfter = headers.get("retry-after");
+    if (retryAfter) {
+        const seconds = Number.parseInt(retryAfter, 10);
+        if (!Number.isNaN(seconds) && seconds > 0 && seconds * 1000 <= maxRetryMs) {
+            return seconds * 1000;
+        }
+        const retryDateMs = Date.parse(retryAfter);
+        if (!Number.isNaN(retryDateMs)) {
+            const remaining = retryDateMs - now();
+            if (remaining > 0 && remaining <= maxRetryMs)
+                return remaining;
+        }
+    }
+    const codexPrimary = headers.get("x-codex-primary-reset-after-seconds");
+    if (codexPrimary) {
+        const parsed = Number.parseInt(codexPrimary, 10);
+        if (!Number.isNaN(parsed) && parsed > 0)
+            return parsed * 1000;
+    }
+    return fallbackMs;
+}
+export class AccountPool {
+    accounts = [];
+    activeIndex = 0;
+    static load() {
+        const pool = new AccountPool();
+        const path = storagePath();
+        if (!existsSync(path))
+            return pool;
+        try {
+            const raw = readFileSync(path, "utf8");
+            const parsed = parseStorage(raw);
+            if (!parsed)
+                return pool;
+            pool.accounts = parsed.accounts;
+            pool.activeIndex = clampIndex(parsed.activeIndex, parsed.accounts.length || 1);
+            return pool;
+        }
+        catch {
+            return pool;
+        }
+    }
+    save() {
+        const path = storagePath();
+        const dir = dirname(path);
+        if (!existsSync(dir)) {
+            mkdirSync(dir, { recursive: true });
+        }
+        const payload = {
+            version: STORAGE_VERSION,
+            activeIndex: clampIndex(this.activeIndex, this.accounts.length || 1),
+            accounts: this.accounts,
+        };
+        const tempPath = `${path}.tmp.${process.pid}.${Date.now()}.${randomUUID()}`;
+        writeFileSync(tempPath, `${JSON.stringify(payload, null, 2)}\n`, {
+            encoding: "utf8",
+            mode: 0o600,
+        });
+        renameSync(tempPath, path);
+        try {
+            chmodSync(path, 0o600);
+        }
+        catch {
+        }
+    }
+    upsert(entry) {
+        const normalized = normalizeEntry(entry);
+        if (!normalized)
+            return;
+        const byAccount = this.accounts.findIndex((a) => a.accountId === normalized.accountId);
+        const byEmail = normalized.email && byAccount < 0
+            ? this.accounts.findIndex((a) => a.email && a.email === normalized.email)
+            : -1;
+        const idx = byAccount >= 0 ? byAccount : byEmail;
+        if (idx >= 0) {
+            const existing = this.accounts[idx];
+            if (!existing)
+                return;
+            const incomingIsOlder = normalized.expires < existing.expires;
+            const nextAccess = incomingIsOlder ? existing.access : normalized.access;
+            const nextRefresh = incomingIsOlder ? existing.refresh : normalized.refresh;
+            const nextExpires = incomingIsOlder ? existing.expires : normalized.expires;
+            this.accounts[idx] = {
+                ...existing,
+                ...normalized,
+                access: nextAccess,
+                refresh: nextRefresh,
+                expires: nextExpires,
+                rateLimitedUntil: existing.rateLimitedUntil,
+            };
+        }
+        else {
+            this.accounts.push(normalized);
+        }
+        this.activeIndex = clampIndex(this.activeIndex, this.accounts.length || 1);
+    }
+    count() {
+        return this.accounts.length;
+    }
+    getAvailableCount() {
+        const t = now();
+        return this.accounts.filter((a) => !a.rateLimitedUntil || a.rateLimitedUntil <= t).length;
+    }
+    getMinRetryAfterMs() {
+        const t = now();
+        let min = null;
+        for (const account of this.accounts) {
+            if (!account.rateLimitedUntil || account.rateLimitedUntil <= t)
+                continue;
+            const remaining = account.rateLimitedUntil - t;
+            if (min === null || remaining < min) {
+                min = remaining;
+            }
+        }
+        return min;
+    }
+    markRateLimited(accountId, headers, cooldownMs) {
+        const account = this.accounts.find((a) => a.accountId === accountId);
+        if (!account)
+            return;
+        const fallback = normalizeCooldown(cooldownMs);
+        const retryAfter = retryAfterFromHeaders(headers, fallback);
+        account.rateLimitedUntil = now() + retryAfter;
+    }
+    next(strategy) {
+        if (this.accounts.length === 0)
+            return null;
+        this.clearExpiredLimits();
+        if (strategy === "sticky") {
+            const current = this.accounts[this.activeIndex];
+            if (current && !this.isLimited(current)) {
+                current.lastUsed = now();
+                return current;
+            }
+        }
+        const start = strategy === "round-robin" ? (this.activeIndex + 1) % this.accounts.length : this.activeIndex;
+        for (let i = 0; i < this.accounts.length; i++) {
+            const idx = (start + i) % this.accounts.length;
+            const candidate = this.accounts[idx];
+            if (!candidate || this.isLimited(candidate))
+                continue;
+            this.activeIndex = idx;
+            candidate.lastUsed = now();
+            return candidate;
+        }
+        return null;
+    }
+    replaceAuth(accountId, access, refresh, expires) {
+        const account = this.accounts.find((a) => a.accountId === accountId);
+        if (!account)
+            return;
+        account.access = access;
+        account.refresh = refresh;
+        account.expires = expires;
+    }
+    isLimited(account) {
+        return !!account.rateLimitedUntil && account.rateLimitedUntil > now();
+    }
+    clearExpiredLimits() {
+        const t = now();
+        for (const account of this.accounts) {
+            if (account.rateLimitedUntil && account.rateLimitedUntil <= t) {
+                delete account.rateLimitedUntil;
+            }
+        }
+    }
+}
+//# sourceMappingURL=account-pool.js.map

package/dist/lib/account-pool.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"account-pool.js","sourceRoot":"","sources":["../../lib/account-pool.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACpG,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAG1C,MAAM,eAAe,GAAG,CAAC,CAAC;AAC1B,MAAM,mBAAmB,GAAG,MAAM,CAAC;AAEnC,SAAS,WAAW;IACnB,IAAI,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE,CAAC;QAC5C,OAAO,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC;IAC/C,CAAC;IACD,OAAO,IAAI,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,4BAA4B,CAAC,CAAC;AACnE,CAAC;AAED,SAAS,UAAU,CAAC,KAAa,EAAE,IAAY;IAC9C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,IAAI,IAAI,CAAC;QAAE,OAAO,CAAC,CAAC;IACnD,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC5B,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,CAAC,CAAC;IACpB,IAAI,CAAC,IAAI,IAAI;QAAE,OAAO,IAAI,GAAG,CAAC,CAAC;IAC/B,OAAO,CAAC,CAAC;AACV,CAAC;AAED,SAAS,GAAG;IACX,OAAO,IAAI,CAAC,GAAG,EAAE,CAAC;AACnB,CAAC;AAED,SAAS,cAAc,CAAC,KAAuB;IAC9C,IAAI,CAAC,KAAK,CAAC,SAAS,IAAI,CAAC,KAAK,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5F,OAAO,IAAI,CAAC;IACb,CAAC;IACD,OAAO;QACN,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC;QAClC,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;KACxC,CAAC;AACH,CAAC;AAED,SAAS,YAAY,CAAC,GAAW;IAChC,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACJ,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1B,CAAC;IAAC,MAAM,CAAC;QACR,OAAO,IAAI,CAAC;IACb,CAAC;IACD,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACvD,MAAM,GAAG,GAAG,MAAqC,CAAC;IAClD,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;QAC3C,CAAC,CAAC,GAAG,CAAC,QAAQ;aACX,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,CAAqB,CAAC,CAAC;aACjD,MAAM,CAAC,CAAC,CAAC,EAAyB,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC;IACN,OAAO;QACN,OAAO,EAAE,eAAe;QACxB,WAAW,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,IAAI,CAAC,CAAC;QAC3E,QAAQ;KACR,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB,CAAC,UAAmB;IAC7C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAK,UAAqB,GAAG,IAAI,EAAE,CAAC;QACnE,OAAO,mBAAmB,CAAC;IAC5B,CAAC;IACD,OAAO,IAAI,CAAC,KAAK,CAAC,UAAoB,CAAC,CAAC;AACzC,CAAC;AAED,SAAS,qBAAqB,CAAC,OAAgB,EAAE,UAAkB;IAClE,MAAM,UAAU,GAAG,UAAU,CAAC;IAC9B,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IACnD,IAAI,YAAY,EAAE,CAAC;QAClB,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QACjD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC,IAAI,MAAM,IAAI,UAAU;YAAE,OAAO,MAAM,CAAC;IAChF,CAAC;IACD,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC9C,IAAI,UAAU,EAAE,CAAC;QAChB,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAChD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,OAAO,GAAG,CAAC,IAAI,OAAO,GAAG,IAAI,IAAI,UAAU,EAAE,CAAC;YAC3E,OAAO,OAAO,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAC3C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC;YAChC,MAAM,SAAS,GAAG,WAAW,GAAG,GAAG,EAAE,CAAC;YACtC,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,IAAI,UAAU;gBAAE,OAAO,SAAS,CAAC;QAChE,CAAC;IACF,CAAC;IACD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;IACxE,IAAI,YAAY,EAAE,CAAC;QAClB,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QACjD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC;YAAE,OAAO,MAAM,GAAG,IAAI,CAAC;IAC/D,CAAC;IACD,OAAO,UAAU,CAAC;AACnB,CAAC;AAED,MAAM,OAAO,WAAW;IACf,QAAQ,GAAuB,EAAE,CAAC;IAClC,WAAW,GAAG,CAAC,CAAC;IAExB,MAAM,CAAC,IAAI;QACV,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC;QAC/B,MAAM,IAAI,GAAG,WAAW,EAAE,CAAC;QAC3B,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC;QACnC,IAAI,CAAC;YACJ,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YACvC,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;YACjC,IAAI,CAAC,MAAM;gBAAE,OAAO,IAAI,CAAC;YACzB,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;YAChC,IAAI,CAAC,WAAW,GAAG,UAAU,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC;YAC/E,OAAO,IAAI,CAAC;QACb,CAAC;QAAC,MAAM,CAAC;YACR,OAAO,IAAI,CAAC;QACb,CAAC;IACF,CAAC;IAED,IAAI;QACH,MAAM,IAAI,GAAG,WAAW,EAAE,CAAC;QAC3B,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACrC,CAAC;QACD,MAAM,OAAO,GAAuB;YACnC,OAAO,EAAE,eAAe;YACxB,WAAW,EAAE,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,IAAI,CAAC,CAAC;YACpE,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACvB,CAAC;QACF,MAAM,QAAQ,GAAG,GAAG,IAAI,QAAQ,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,UAAU,EAAE,EAAE,CAAC;QAC5E,aAAa,CAAC,QAAQ,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE;YAChE,QAAQ,EAAE,MAAM;YAChB,IAAI,EAAE,KAAK;SACX,CAAC,CAAC;QACH,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC3B,IAAI,CAAC;YACJ,SAAS,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACxB,CAAC;QAAC,MAAM,CAAC;QACT,CAAC;IACF,CAAC;IAED,MAAM,CAAC,KAAuB;QAC7B,MAAM,UAAU,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;QACzC,IAAI,CAAC,UAAU;YAAE,OAAO;QACxB,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,UAAU,CAAC,SAAS,CAAC,CAAC;QACvF,MAAM,OAAO,GACZ,UAAU,CAAC,KAAK,IAAI,SAAS,GAAG,CAAC;YAChC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,KAAK,KAAK,UAAU,CAAC,KAAK,CAAC;YACzE,CAAC,CAAC,CAAC,CAAC,CAAC;QACP,MAAM,GAAG,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC;QACjD,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC;YACd,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;YACpC,IAAI,CAAC,QAAQ;gBAAE,OAAO;YACtB,MAAM,eAAe,GAAG,UAAU,CAAC,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC;YAC9D,MAAM,UAAU,GAAG,eAAe,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC;YACzE,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC;YAC5E,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC;YAC5E,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG;gBACpB,GAAG,QAAQ;gBACX,GAAG,UAAU;gBACb,MAAM,EAAE,UAAU;gBAClB,OAAO,EAAE,WAAW;gBACpB,OAAO,EAAE,WAAW;gBACpB,gBAAgB,EAAE,QAAQ,CAAC,gBAAgB;aAC3C,CAAC;QACH,CAAC;aAAM,CAAC;YACP,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAChC,CAAC;QACD,IAAI,CAAC,WAAW,GAAG,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC;IAC5E,CAAC;IAED,KAAK;QACJ,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;IAC7B,CAAC;IAED,iBAAiB;QAChB,MAAM,CAAC,GAAG,GAAG,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,gBAAgB,IAAI,CAAC,CAAC,gBAAgB,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC;IAC3F,CAAC;IAED,kBAAkB;QACjB,MAAM,CAAC,GAAG,GAAG,EAAE,CAAC;QAChB,IAAI,GAAG,GAAkB,IAAI,CAAC;QAC9B,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACrC,IAAI,CAAC,OAAO,CAAC,gBAAgB,IAAI,OAAO,CAAC,gBAAgB,IAAI,CAAC;gBAAE,SAAS;YACzE,MAAM,SAAS,GAAG,OAAO,CAAC,gBAAgB,GAAG,CAAC,CAAC;YAC/C,IAAI,GAAG,KAAK,IAAI,IAAI,SAAS,GAAG,GAAG,EAAE,CAAC;gBACrC,GAAG,GAAG,SAAS,CAAC;YACjB,CAAC;QACF,CAAC;QACD,OAAO,GAAG,CAAC;IACZ,CAAC;IAED,eAAe,CAAC,SAAiB,EAAE,OAAgB,EAAE,UAAmB;QACvE,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC;QACrE,IAAI,CAAC,OAAO;YAAE,OAAO;QACrB,MAAM,QAAQ,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;QAC/C,MAAM,UAAU,GAAG,qBAAqB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC5D,OAAO,CAAC,gBAAgB,GAAG,GAAG,EAAE,GAAG,UAAU,CAAC;IAC/C,CAAC;IAED,IAAI,CAAC,QAAkC;QACtC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAC5C,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAC1B,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAChD,IAAI,OAAO,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC;gBACzC,OAAO,CAAC,QAAQ,GAAG,GAAG,EAAE,CAAC;gBACzB,OAAO,OAAO,CAAC;YAChB,CAAC;QACF,CAAC;QAED,MAAM,KAAK,GAAG,QAAQ,KAAK,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC;QAC5G,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC/C,MAAM,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;YAC/C,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;gBAAE,SAAS;YACtD,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC;YACvB,SAAS,CAAC,QAAQ,GAAG,GAAG,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;QAClB,CAAC;QACD,OAAO,IAAI,CAAC;IACb,CAAC;IAED,WAAW,CAAC,SAAiB,EAAE,MAAc,EAAE,OAAe,EAAE,OAAe;QAC9E,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC;QACrE,IAAI,CAAC,OAAO;YAAE,OAAO;QACrB,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC;QACxB,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC;QAC1B,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC;IAC3B,CAAC;IAEO,SAAS,CAAC,OAAyB;QAC1C,OAAO,CAAC,CAAC,OAAO,CAAC,gBAAgB,IAAI,OAAO,CAAC,gBAAgB,GAAG,GAAG,EAAE,CAAC;IACvE,CAAC;IAEO,kBAAkB;QACzB,MAAM,CAAC,GAAG,GAAG,EAAE,CAAC;QAChB,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACrC,IAAI,OAAO,CAAC,gBAAgB,IAAI,OAAO,CAAC,gBAAgB,IAAI,CAAC,EAAE,CAAC;gBAC/D,OAAO,OAAO,CAAC,gBAAgB,CAAC;YACjC,CAAC;QACF,CAAC;IACF,CAAC;CACD"}

package/dist/lib/auth/auth.d.ts

@@ -0,0 +1,43 @@
+import type { AuthorizationFlow, TokenResult, ParsedAuthInput, JWTPayload } from "../types.js";
+export declare const CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann";
+export declare const AUTHORIZE_URL = "https://auth.openai.com/oauth/authorize";
+export declare const TOKEN_URL = "https://auth.openai.com/oauth/token";
+export declare const REDIRECT_URI = "http://localhost:1455/auth/callback";
+export declare const SCOPE = "openid profile email offline_access";
+/**
+ * Generate a random state value for OAuth flow
+ * @returns Random hex string
+ */
+export declare function createState(): string;
+/**
+ * Parse authorization code and state from user input
+ * @param input - User input (URL, code#state, or just code)
+ * @returns Parsed authorization data
+ */
+export declare function parseAuthorizationInput(input: string): ParsedAuthInput;
+/**
+ * Exchange authorization code for access and refresh tokens
+ * @param code - Authorization code from OAuth flow
+ * @param verifier - PKCE verifier
+ * @param redirectUri - OAuth redirect URI
+ * @returns Token result
+ */
+export declare function exchangeAuthorizationCode(code: string, verifier: string, redirectUri?: string): Promise<TokenResult>;
+/**
+ * Decode a JWT token to extract payload
+ * @param token - JWT token to decode
+ * @returns Decoded payload or null if invalid
+ */
+export declare function decodeJWT(token: string): JWTPayload | null;
+/**
+ * Refresh access token using refresh token
+ * @param refreshToken - Refresh token
+ * @returns Token result
+ */
+export declare function refreshAccessToken(refreshToken: string): Promise<TokenResult>;
+/**
+ * Create OAuth authorization flow
+ * @returns Authorization flow details
+ */
+export declare function createAuthorizationFlow(): Promise<AuthorizationFlow>;
+//# sourceMappingURL=auth.d.ts.map

package/dist/lib/auth/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../lib/auth/auth.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAY,iBAAiB,EAAE,WAAW,EAAE,eAAe,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGzG,eAAO,MAAM,SAAS,iCAAiC,CAAC;AACxD,eAAO,MAAM,aAAa,4CAA4C,CAAC;AACvE,eAAO,MAAM,SAAS,wCAAwC,CAAC;AAC/D,eAAO,MAAM,YAAY,wCAAwC,CAAC;AAClE,eAAO,MAAM,KAAK,wCAAwC,CAAC;AAE3D;;;GAGG;AACH,wBAAgB,WAAW,IAAI,MAAM,CAEpC;AAED;;;;GAIG;AACH,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,MAAM,GAAG,eAAe,CAwBtE;AAED;;;;;;GAMG;AACH,wBAAsB,yBAAyB,CAC9C,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,WAAW,GAAE,MAAqB,GAChC,OAAO,CAAC,WAAW,CAAC,CAoCtB;AAED;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,UAAU,GAAG,IAAI,CAU1D;AAED;;;;GAIG;AACH,wBAAsB,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAiDnF;AAED;;;GAGG;AACH,wBAAsB,uBAAuB,IAAI,OAAO,CAAC,iBAAiB,CAAC,CAiB1E"}

package/dist/lib/auth/auth.js

@@ -0,0 +1,162 @@
+import { generatePKCE } from "@openauthjs/openauth/pkce";
+import { randomBytes } from "node:crypto";
+// OAuth constants (from openai/codex)
+export const CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann";
+export const AUTHORIZE_URL = "https://auth.openai.com/oauth/authorize";
+export const TOKEN_URL = "https://auth.openai.com/oauth/token";
+export const REDIRECT_URI = "http://localhost:1455/auth/callback";
+export const SCOPE = "openid profile email offline_access";
+/**
+ * Generate a random state value for OAuth flow
+ * @returns Random hex string
+ */
+export function createState() {
+    return randomBytes(16).toString("hex");
+}
+/**
+ * Parse authorization code and state from user input
+ * @param input - User input (URL, code#state, or just code)
+ * @returns Parsed authorization data
+ */
+export function parseAuthorizationInput(input) {
+    const value = (input || "").trim();
+    if (!value)
+        return {};
+    try {
+        const url = new URL(value);
+        return {
+            code: url.searchParams.get("code") ?? undefined,
+            state: url.searchParams.get("state") ?? undefined,
+        };
+    }
+    catch { }
+    if (value.includes("#")) {
+        const [code, state] = value.split("#", 2);
+        return { code, state };
+    }
+    if (value.includes("code=")) {
+        const params = new URLSearchParams(value);
+        return {
+            code: params.get("code") ?? undefined,
+            state: params.get("state") ?? undefined,
+        };
+    }
+    return { code: value };
+}
+/**
+ * Exchange authorization code for access and refresh tokens
+ * @param code - Authorization code from OAuth flow
+ * @param verifier - PKCE verifier
+ * @param redirectUri - OAuth redirect URI
+ * @returns Token result
+ */
+export async function exchangeAuthorizationCode(code, verifier, redirectUri = REDIRECT_URI) {
+    const res = await fetch(TOKEN_URL, {
+        method: "POST",
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: new URLSearchParams({
+            grant_type: "authorization_code",
+            client_id: CLIENT_ID,
+            code,
+            code_verifier: verifier,
+            redirect_uri: redirectUri,
+        }),
+    });
+    if (!res.ok) {
+        const text = await res.text().catch(() => "");
+        console.error("[openai-codex-plugin] code->token failed:", res.status, text);
+        return { type: "failed" };
+    }
+    const json = (await res.json());
+    if (!json?.access_token ||
+        !json?.refresh_token ||
+        typeof json?.expires_in !== "number") {
+        console.error("[openai-codex-plugin] token response missing fields:", json);
+        return { type: "failed" };
+    }
+    return {
+        type: "success",
+        access: json.access_token,
+        refresh: json.refresh_token,
+        expires: Date.now() + json.expires_in * 1000,
+    };
+}
+/**
+ * Decode a JWT token to extract payload
+ * @param token - JWT token to decode
+ * @returns Decoded payload or null if invalid
+ */
+export function decodeJWT(token) {
+    try {
+        const parts = token.split(".");
+        if (parts.length !== 3)
+            return null;
+        const payload = parts[1];
+        const decoded = Buffer.from(payload, "base64").toString("utf-8");
+        return JSON.parse(decoded);
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Refresh access token using refresh token
+ * @param refreshToken - Refresh token
+ * @returns Token result
+ */
+export async function refreshAccessToken(refreshToken) {
+    try {
+        const response = await fetch(TOKEN_URL, {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: new URLSearchParams({
+                grant_type: "refresh_token",
+                refresh_token: refreshToken,
+                client_id: CLIENT_ID,
+            }),
+        });
+        if (!response.ok) {
+            const text = await response.text().catch(() => "");
+            console.error("[openai-codex-plugin] Token refresh failed:", response.status, text);
+            return { type: "failed" };
+        }
+        const json = (await response.json());
+        if (!json?.access_token ||
+            typeof json?.expires_in !== "number") {
+            console.error("[openai-codex-plugin] Token refresh response missing fields:", json);
+            return { type: "failed" };
+        }
+        return {
+            type: "success",
+            access: json.access_token,
+            refresh: json.refresh_token || refreshToken,
+            expires: Date.now() + json.expires_in * 1000,
+        };
+    }
+    catch (error) {
+        const err = error;
+        console.error("[openai-codex-plugin] Token refresh error:", err);
+        return { type: "failed" };
+    }
+}
+/**
+ * Create OAuth authorization flow
+ * @returns Authorization flow details
+ */
+export async function createAuthorizationFlow() {
+    const pkce = (await generatePKCE());
+    const state = createState();
+    const url = new URL(AUTHORIZE_URL);
+    url.searchParams.set("response_type", "code");
+    url.searchParams.set("client_id", CLIENT_ID);
+    url.searchParams.set("redirect_uri", REDIRECT_URI);
+    url.searchParams.set("scope", SCOPE);
+    url.searchParams.set("code_challenge", pkce.challenge);
+    url.searchParams.set("code_challenge_method", "S256");
+    url.searchParams.set("state", state);
+    url.searchParams.set("id_token_add_organizations", "true");
+    url.searchParams.set("codex_cli_simplified_flow", "true");
+    url.searchParams.set("originator", "codex_cli_rs");
+    return { pkce, state, url: url.toString() };
+}
+//# sourceMappingURL=auth.js.map

package/dist/lib/auth/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../lib/auth/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAG1C,sCAAsC;AACtC,MAAM,CAAC,MAAM,SAAS,GAAG,8BAA8B,CAAC;AACxD,MAAM,CAAC,MAAM,aAAa,GAAG,yCAAyC,CAAC;AACvE,MAAM,CAAC,MAAM,SAAS,GAAG,qCAAqC,CAAC;AAC/D,MAAM,CAAC,MAAM,YAAY,GAAG,qCAAqC,CAAC;AAClE,MAAM,CAAC,MAAM,KAAK,GAAG,qCAAqC,CAAC;AAE3D;;;GAGG;AACH,MAAM,UAAU,WAAW;IAC1B,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACxC,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,uBAAuB,CAAC,KAAa;IACpD,MAAM,KAAK,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACnC,IAAI,CAAC,KAAK;QAAE,OAAO,EAAE,CAAC;IAEtB,IAAI,CAAC;QACJ,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;QAC3B,OAAO;YACN,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,SAAS;YAC/C,KAAK,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS;SACjD,CAAC;IACH,CAAC;IAAC,MAAM,CAAC,CAAA,CAAC;IAEV,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1C,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IACxB,CAAC;IACD,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7B,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,KAAK,CAAC,CAAC;QAC1C,OAAO;YACN,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,SAAS;YACrC,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS;SACvC,CAAC;IACH,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;AACxB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC9C,IAAY,EACZ,QAAgB,EAChB,cAAsB,YAAY;IAElC,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;QAClC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,eAAe,CAAC;YACzB,UAAU,EAAE,oBAAoB;YAChC,SAAS,EAAE,SAAS;YACpB,IAAI;YACJ,aAAa,EAAE,QAAQ;YACvB,YAAY,EAAE,WAAW;SACzB,CAAC;KACF,CAAC,CAAC;IACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACb,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;QAC9C,OAAO,CAAC,KAAK,CAAC,2CAA2C,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC7E,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC3B,CAAC;IACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAI7B,CAAC;IACF,IACC,CAAC,IAAI,EAAE,YAAY;QACnB,CAAC,IAAI,EAAE,aAAa;QACpB,OAAO,IAAI,EAAE,UAAU,KAAK,QAAQ,EACnC,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,sDAAsD,EAAE,IAAI,CAAC,CAAC;QAC5E,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC3B,CAAC;IACD,OAAO;QACN,IAAI,EAAE,SAAS;QACf,MAAM,EAAE,IAAI,CAAC,YAAY;QACzB,OAAO,EAAE,IAAI,CAAC,aAAa;QAC3B,OAAO,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI;KAC5C,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,SAAS,CAAC,KAAa;IACtC,IAAI,CAAC;QACJ,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QACpC,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACzB,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACjE,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAe,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACR,OAAO,IAAI,CAAC;IACb,CAAC;AACF,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,YAAoB;IAC5D,IAAI,CAAC;QACJ,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;YACvC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;YAChE,IAAI,EAAE,IAAI,eAAe,CAAC;gBACzB,UAAU,EAAE,eAAe;gBAC3B,aAAa,EAAE,YAAY;gBAC3B,SAAS,EAAE,SAAS;aACpB,CAAC;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YAClB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,KAAK,CACZ,6CAA6C,EAC7C,QAAQ,CAAC,MAAM,EACf,IAAI,CACJ,CAAC;YACF,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;QAC3B,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAIlC,CAAC;QACF,IACC,CAAC,IAAI,EAAE,YAAY;YACnB,OAAO,IAAI,EAAE,UAAU,KAAK,QAAQ,EACnC,CAAC;YACF,OAAO,CAAC,KAAK,CACZ,8DAA8D,EAC9D,IAAI,CACJ,CAAC;YACF,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;QAC3B,CAAC;QAED,OAAO;YACN,IAAI,EAAE,SAAS;YACf,MAAM,EAAE,IAAI,CAAC,YAAY;YACzB,OAAO,EAAE,IAAI,CAAC,aAAa,IAAI,YAAY;YAC3C,OAAO,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI;SAC5C,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QAChB,MAAM,GAAG,GAAG,KAAc,CAAC;QAC3B,OAAO,CAAC,KAAK,CAAC,4CAA4C,EAAE,GAAG,CAAC,CAAC;QACjE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC3B,CAAC;AACF,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB;IAC5C,MAAM,IAAI,GAAG,CAAC,MAAM,YAAY,EAAE,CAAa,CAAC;IAChD,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC;IAE5B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,CAAC;IACnC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAC9C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;IAC7C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,YAAY,CAAC,CAAC;IACnD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACrC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IACvD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IACtD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACrC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,4BAA4B,EAAE,MAAM,CAAC,CAAC;IAC3D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,2BAA2B,EAAE,MAAM,CAAC,CAAC;IAC1D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAEnD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,QAAQ,EAAE,EAAE,CAAC;AAC7C,CAAC"}

package/dist/lib/auth/browser.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Browser utilities for OAuth flow
+ * Handles platform-specific browser opening
+ */
+/**
+ * Gets the platform-specific command to open a URL in the default browser
+ * @returns Browser opener command for the current platform
+ */
+export declare function getBrowserOpener(): string;
+/**
+ * Opens a URL in the default browser
+ * Silently fails if browser cannot be opened (user can copy URL manually)
+ * @param url - URL to open
+ * @returns True if a browser launch was attempted
+ */
+export declare function openBrowserUrl(url: string): boolean;
+//# sourceMappingURL=browser.d.ts.map

package/dist/lib/auth/browser.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../../../lib/auth/browser.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAOH;;;GAGG;AACH,wBAAgB,gBAAgB,IAAI,MAAM,CAKzC;AAkCD;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAgBnD"}

package/dist/lib/auth/browser.js

@@ -0,0 +1,76 @@
+/**
+ * Browser utilities for OAuth flow
+ * Handles platform-specific browser opening
+ */
+import { spawn } from "node:child_process";
+import fs from "node:fs";
+import path from "node:path";
+import { PLATFORM_OPENERS } from "../constants.js";
+/**
+ * Gets the platform-specific command to open a URL in the default browser
+ * @returns Browser opener command for the current platform
+ */
+export function getBrowserOpener() {
+    const platform = process.platform;
+    if (platform === "darwin")
+        return PLATFORM_OPENERS.darwin;
+    if (platform === "win32")
+        return PLATFORM_OPENERS.win32;
+    return PLATFORM_OPENERS.linux;
+}
+function commandExists(command) {
+    if (!command)
+        return false;
+    // "start" is a shell builtin on Windows; rely on shell execution
+    if (process.platform === "win32" && command.toLowerCase() === "start") {
+        return true;
+    }
+    const pathValue = process.env.PATH || "";
+    const entries = pathValue.split(path.delimiter).filter(Boolean);
+    if (entries.length === 0)
+        return false;
+    if (process.platform === "win32") {
+        const pathext = (process.env.PATHEXT || ".EXE;.CMD;.BAT;.COM")
+            .split(";")
+            .filter(Boolean);
+        for (const entry of entries) {
+            for (const ext of pathext) {
+                const candidate = path.join(entry, `${command}${ext}`);
+                if (fs.existsSync(candidate))
+                    return true;
+            }
+        }
+        return false;
+    }
+    for (const entry of entries) {
+        const candidate = path.join(entry, command);
+        if (fs.existsSync(candidate))
+            return true;
+    }
+    return false;
+}
+/**
+ * Opens a URL in the default browser
+ * Silently fails if browser cannot be opened (user can copy URL manually)
+ * @param url - URL to open
+ * @returns True if a browser launch was attempted
+ */
+export function openBrowserUrl(url) {
+    try {
+        const opener = getBrowserOpener();
+        if (!commandExists(opener)) {
+            return false;
+        }
+        const child = spawn(opener, [url], {
+            stdio: "ignore",
+            shell: process.platform === "win32",
+        });
+        child.on("error", () => { });
+        return true;
+    }
+    catch (error) {
+        // Silently fail - user can manually open the URL from instructions
+        return false;
+    }
+}
+//# sourceMappingURL=browser.js.map

package/dist/lib/auth/browser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"browser.js","sourceRoot":"","sources":["../../../lib/auth/browser.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAEnD;;;GAGG;AACH,MAAM,UAAU,gBAAgB;IAC/B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IAClC,IAAI,QAAQ,KAAK,QAAQ;QAAE,OAAO,gBAAgB,CAAC,MAAM,CAAC;IAC1D,IAAI,QAAQ,KAAK,OAAO;QAAE,OAAO,gBAAgB,CAAC,KAAK,CAAC;IACxD,OAAO,gBAAgB,CAAC,KAAK,CAAC;AAC/B,CAAC;AAED,SAAS,aAAa,CAAC,OAAe;IACrC,IAAI,CAAC,OAAO;QAAE,OAAO,KAAK,CAAC;IAE3B,iEAAiE;IACjE,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,IAAI,OAAO,CAAC,WAAW,EAAE,KAAK,OAAO,EAAE,CAAC;QACvE,OAAO,IAAI,CAAC;IACb,CAAC;IAED,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;IACzC,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAChE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAEvC,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QAClC,MAAM,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,qBAAqB,CAAC;aAC5D,KAAK,CAAC,GAAG,CAAC;aACV,MAAM,CAAC,OAAO,CAAC,CAAC;QAClB,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC7B,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;gBAC3B,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,GAAG,OAAO,GAAG,GAAG,EAAE,CAAC,CAAC;gBACvD,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC;oBAAE,OAAO,IAAI,CAAC;YAC3C,CAAC;QACF,CAAC;QACD,OAAO,KAAK,CAAC;IACd,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC5C,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC;YAAE,OAAO,IAAI,CAAC;IAC3C,CAAC;IACD,OAAO,KAAK,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,GAAW;IACzC,IAAI,CAAC;QACJ,MAAM,MAAM,GAAG,gBAAgB,EAAE,CAAC;QAClC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC;YAC5B,OAAO,KAAK,CAAC;QACd,CAAC;QACD,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE;YAClC,KAAK,EAAE,QAAQ;YACf,KAAK,EAAE,OAAO,CAAC,QAAQ,KAAK,OAAO;SACnC,CAAC,CAAC;QACH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAC5B,OAAO,IAAI,CAAC;IACb,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QAChB,mEAAmE;QACnE,OAAO,KAAK,CAAC;IACd,CAAC;AACF,CAAC"}

package/dist/lib/auth/server.d.ts

@@ -0,0 +1,10 @@
+import type { OAuthServerInfo } from "../types.js";
+/**
+ * Start a small local HTTP server that waits for /auth/callback and returns the code
+ * @param options - OAuth state for validation
+ * @returns Promise that resolves to server info
+ */
+export declare function startLocalOAuthServer({ state }: {
+    state: string;
+}): Promise<OAuthServerInfo>;
+//# sourceMappingURL=server.d.ts.map

package/dist/lib/auth/server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../../lib/auth/server.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAMnD;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,EAAE,KAAK,EAAE,EAAE;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,eAAe,CAAC,CAkE5F"}