bloby-bot 0.29.2 → 0.30.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "bloby-bot",
-  "version": "0.29.2",
+  "version": "0.30.1",
   "releaseNotes": [
     "1. # voice note (PTT bubble)",
     "2. # audio file + caption",

package/scripts/tempo-balance.ts

@@ -1,23 +1,23 @@
 // Read on-chain USDC balances for one or more Tempo addresses.
 //
-// Fill in the CONFIG block below, then run from repo root:
-//   cp scripts/tempo-balance.ts /tmp/tempo-transfer/ && \
-//     (cd /tmp/tempo-transfer && ./node_modules/.bin/tsx tempo-balance.ts)
-//
-// (The script must be executed from inside the isolated /tmp/tempo-transfer/
-// install — the repo's own node_modules has a @noble/hashes version conflict
-// that breaks viem's ESM import resolution. To rebuild the isolated dir if
-// missing: mkdir -p /tmp/tempo-transfer && cd /tmp/tempo-transfer \
-//   && npm init -y && npm install viem@2.47.6 tsx)
+// RUN (one-liner, from repo root): cp scripts/tempo-balance.ts /tmp/tempo-transfer/ && (cd /tmp/tempo-transfer && ./node_modules/.bin/tsx tempo-balance.ts)
 //
+// Edit the ACCOUNTS list in the CONFIG block below to add/remove wallets.
 // Each entry prints: USDC balance, nonce (0 = wallet has never sent a tx),
 // and whether the address is an EOA or a contract.
+//
+// Why the copy-into-/tmp dance: the repo's own node_modules has a
+// @noble/hashes version conflict that breaks viem's ESM import resolution,
+// so the script must run from the isolated /tmp/tempo-transfer/ install.
+// To rebuild that dir if it's missing:
+//   mkdir -p /tmp/tempo-transfer && cd /tmp/tempo-transfer && npm init -y && npm install viem@2.47.6 tsx
 
 // ─── CONFIG ──────────────────────────────────────────────────────────────────
 
 const ACCOUNTS = [
-  { label: 'Bot wallet', wallet: '0xc65d8a0dB80f637337B87e42b8BEb5D86D46f942' },
+  { label: 'Bloby', wallet: '0xc65d8a0dB80f637337B87e42b8BEb5D86D46f942' },
   { label: 'Treasury',   wallet: '0x084A80e395FaE8Aaf58F591f47F63DA1EeF06bbC' },
+  { label: 'Serge',   wallet: '0x21AC79F74da90c9F441699Ee6215dA32c0CE9F5a' },
 ];
 
 // ─────────────────────────────────────────────────────────────────────────────

package/worker/codex-auth.ts

@@ -1,9 +1,22 @@
 /**
  * Codex OAuth PKCE flow for ChatGPT Plus/Pro subscription authentication.
- * Adapted from CodeDeck's CodexOAuthService for server-side Node.js.
  *
  * Spins up a temporary HTTP server on port 1455 to capture the OAuth callback.
- * Credentials are stored in ~/.codex/codedeck-auth.json.
+ * Credentials are stored in ~/.codex/auth.json in the same shape Codex CLI
+ * itself writes, so a spawned `codex app-server` process can use them directly.
+ *
+ * Shape on disk (chatgpt mode):
+ *   {
+ *     "OPENAI_API_KEY": null,
+ *     "auth_mode": "chatgpt",
+ *     "tokens": {
+ *       "id_token": "<raw jwt>",
+ *       "access_token": "<jwt>",
+ *       "refresh_token": "...",
+ *       "account_id": "<chatgpt_account_id from id_token claims>"
+ *     },
+ *     "last_refresh": "2026-05-03T12:34:56.789Z"
+ *   }
  */
 
 import crypto from 'crypto';
@@ -23,50 +36,124 @@ const OAUTH_CONFIG = {
 };
 
 const AUTH_DIR = path.join(os.homedir(), '.codex');
-const AUTH_FILE = path.join(AUTH_DIR, 'codedeck-auth.json');
+const AUTH_FILE = path.join(AUTH_DIR, 'auth.json');
+const LEGACY_AUTH_FILE = path.join(AUTH_DIR, 'codedeck-auth.json');
+
+/** Refresh access tokens this many ms before they actually expire. */
+const REFRESH_LEEWAY_MS = 5 * 60 * 1000;
 
 let codeVerifier: string | null = null;
 let oauthState: string | null = null;
-let callbackServer: http.Server | null = null;
+let callbackServers: http.Server[] = [];
 
-/* ── Helpers ── */
+interface AuthDotJson {
+  OPENAI_API_KEY: string | null;
+  auth_mode?: 'apikey' | 'chatgpt' | 'chatgptAuthTokens' | 'agentIdentity';
+  tokens?: {
+    id_token: string;
+    access_token: string;
+    refresh_token: string;
+    account_id?: string | null;
+  };
+  last_refresh?: string;
+  [key: string]: unknown;
+}
 
-function stopCallbackServer(): void {
-  if (callbackServer) {
-    try { callbackServer.close(); } catch {}
-    callbackServer = null;
+/* ── File I/O ── */
+
+function readAuthFile(): AuthDotJson | null {
+  try {
+    if (!fs.existsSync(AUTH_FILE)) return null;
+    return JSON.parse(fs.readFileSync(AUTH_FILE, 'utf-8'));
+  } catch {
+    return null;
   }
 }
 
-function storeCredentials(tokens: any): void {
-  if (!fs.existsSync(AUTH_DIR)) {
-    fs.mkdirSync(AUTH_DIR, { recursive: true });
+function writeAuthFile(auth: AuthDotJson): void {
+  fs.mkdirSync(AUTH_DIR, { recursive: true });
+  fs.writeFileSync(AUTH_FILE, JSON.stringify(auth, null, 2), 'utf-8');
+  try { fs.chmodSync(AUTH_FILE, 0o600); } catch {}
+}
+
+/** Decode a JWT and return its parsed payload, or null on failure. */
+function decodeJwt(token: string): Record<string, any> | null {
+  try {
+    const parts = token.split('.');
+    if (parts.length < 2) return null;
+    return JSON.parse(Buffer.from(parts[1], 'base64url').toString('utf-8'));
+  } catch {
+    return null;
   }
+}
 
-  const credentials: Record<string, any> = {
-    access_token: tokens.access_token,
-    token_type: tokens.token_type || 'Bearer',
-  };
+/** Read the JWT `exp` claim as a Unix epoch (seconds). Null if missing/invalid. */
+function jwtExpiryMs(token: string): number | null {
+  const payload = decodeJwt(token);
+  if (!payload || typeof payload.exp !== 'number') return null;
+  return payload.exp * 1000;
+}
+
+/** Pull `chatgpt_account_id` out of the id_token JWT claims, if present. */
+function extractAccountId(idToken: string): string | undefined {
+  const payload = decodeJwt(idToken);
+  const authClaims = payload?.['https://api.openai.com/auth'] || {};
+  return authClaims.chatgpt_account_id || undefined;
+}
 
-  if (tokens.refresh_token) credentials.refresh_token = tokens.refresh_token;
-  if (tokens.id_token) credentials.id_token = tokens.id_token;
-  if (tokens.expires_in) {
-    credentials.expires_at = Date.now() + (tokens.expires_in - 300) * 1000;
+/** One-shot migration from the old `codedeck-auth.json` layout (pre-codex-native). */
+function migrateLegacyFile(): void {
+  if (fs.existsSync(AUTH_FILE)) {
+    // If auth.json already has chatgpt tokens, nothing to do.
+    const existing = readAuthFile();
+    if (existing?.tokens?.refresh_token) return;
   }
+  if (!fs.existsSync(LEGACY_AUTH_FILE)) return;
 
-  // Decode JWT claims for account info
   try {
-    const payload = JSON.parse(Buffer.from(tokens.access_token.split('.')[1], 'base64url').toString());
-    const authClaims = payload['https://api.openai.com/auth'] || {};
-    if (authClaims.chatgpt_account_id) credentials.chatgpt_account_id = authClaims.chatgpt_account_id;
-    if (authClaims.chatgpt_plan_type) credentials.chatgpt_plan_type = authClaims.chatgpt_plan_type;
-  } catch {
-    log.warn('Codex: failed to decode JWT claims');
+    const legacy = JSON.parse(fs.readFileSync(LEGACY_AUTH_FILE, 'utf-8'));
+    if (!legacy.access_token || !legacy.refresh_token) return;
+
+    const existing = readAuthFile() || { OPENAI_API_KEY: null };
+    const next: AuthDotJson = {
+      ...existing,
+      auth_mode: 'chatgpt',
+      tokens: {
+        id_token: legacy.id_token || '',
+        access_token: legacy.access_token,
+        refresh_token: legacy.refresh_token,
+        account_id: legacy.chatgpt_account_id || extractAccountId(legacy.access_token),
+      },
+      last_refresh: new Date().toISOString(),
+    };
+    writeAuthFile(next);
+    try { fs.unlinkSync(LEGACY_AUTH_FILE); } catch {}
+    log.ok('Codex: migrated legacy codedeck-auth.json → auth.json');
+  } catch (err: any) {
+    log.warn(`Codex: legacy migration failed — ${err.message}`);
   }
+}
 
-  fs.writeFileSync(AUTH_FILE, JSON.stringify(credentials, null, 2), 'utf-8');
-  try { fs.chmodSync(AUTH_FILE, 0o600); } catch {}
-  log.ok('Codex credentials stored');
+/* ── Token exchange & refresh ── */
+
+function storeTokens(tokens: { access_token: string; refresh_token?: string; id_token?: string }): void {
+  const existing = readAuthFile() || { OPENAI_API_KEY: null };
+  const prev = existing.tokens;
+  const idToken = tokens.id_token ?? prev?.id_token ?? '';
+
+  const next: AuthDotJson = {
+    ...existing,
+    OPENAI_API_KEY: existing.OPENAI_API_KEY ?? null,
+    auth_mode: 'chatgpt',
+    tokens: {
+      id_token: idToken,
+      access_token: tokens.access_token,
+      refresh_token: tokens.refresh_token ?? prev?.refresh_token ?? '',
+      account_id: idToken ? extractAccountId(idToken) ?? prev?.account_id : prev?.account_id,
+    },
+    last_refresh: new Date().toISOString(),
+  };
+  writeAuthFile(next);
 }
 
 async function exchangeCode(code: string): Promise<{ success: boolean; error?: string }> {
@@ -94,28 +181,62 @@ async function exchangeCode(code: string): Promise<{ success: boolean; error?: s
     }
 
     const tokens = await response.json();
-    storeCredentials(tokens);
+    if (!tokens.access_token) {
+      return { success: false, error: 'OAuth response missing access_token.' };
+    }
+    storeTokens(tokens);
     codeVerifier = null;
     oauthState = null;
+    log.ok('Codex credentials stored');
+    // Clean up the legacy file on first successful new auth.
+    try { fs.unlinkSync(LEGACY_AUTH_FILE); } catch {}
     return { success: true };
   } catch (err: any) {
     return { success: false, error: err.message };
   }
 }
 
+async function refreshTokens(refreshToken: string): Promise<boolean> {
+  try {
+    log.ok('Codex: refreshing access token...');
+    const response = await fetch(OAUTH_CONFIG.TOKEN_URL, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        client_id: OAUTH_CONFIG.CLIENT_ID,
+        grant_type: 'refresh_token',
+        refresh_token: refreshToken,
+      }),
+    });
+    if (!response.ok) {
+      log.warn(`Codex: refresh failed (${response.status})`);
+      return false;
+    }
+    const tokens = await response.json();
+    if (!tokens.access_token) {
+      log.warn('Codex: refresh response missing access_token');
+      return false;
+    }
+    storeTokens(tokens);
+    log.ok('Codex: token refreshed');
+    return true;
+  } catch (err: any) {
+    log.warn(`Codex: refresh error — ${err.message}`);
+    return false;
+  }
+}
+
 /* ── Public API ── */
 
 export function startCodexOAuth(): Promise<{ success: boolean; authUrl?: string; error?: string }> {
   return new Promise((resolve) => {
     stopCallbackServer();
 
-    // Generate PKCE
     codeVerifier = crypto.randomBytes(32).toString('base64url');
     const codeChallenge = crypto.createHash('sha256').update(codeVerifier).digest('base64url');
     oauthState = crypto.randomUUID();
 
-    // Start local callback server
-    callbackServer = http.createServer((req, res) => {
+    const handleCallback = (req: http.IncomingMessage, res: http.ServerResponse) => {
       if (!req.url?.startsWith('/auth/callback')) {
         res.writeHead(404);
         res.end();
@@ -126,6 +247,7 @@ export function startCodexOAuth(): Promise<{ success: boolean; authUrl?: string;
       const code = url.searchParams.get('code');
       const returnedState = url.searchParams.get('state');
       const error = url.searchParams.get('error');
+      log.ok(`Codex OAuth callback hit (code=${code ? 'yes' : 'no'}, state=${returnedState === oauthState ? 'ok' : 'mismatch'}, error=${error || 'none'})`);
 
       res.writeHead(200, { 'Content-Type': 'text/html' });
       res.end(`<html><body style="font-family:sans-serif;text-align:center;padding:60px;background:#0a0a0a;color:#fff">
@@ -137,11 +259,24 @@ export function startCodexOAuth(): Promise<{ success: boolean; authUrl?: string;
 
       if (error || !code || returnedState !== oauthState) return;
       exchangeCode(code);
-    });
+    };
+
+    // Bind BOTH IPv4 and IPv6 loopback. On dual-stack systems where
+    // `localhost` resolves to ::1 first, an IPv4-only bind silently fails
+    // when the browser hits the callback URL.
+    const bindHosts: Array<{ host: string; required: boolean }> = [
+      { host: '127.0.0.1', required: true },
+      { host: '::1', required: false }, // tolerate machines without IPv6
+    ];
 
-    callbackServer.listen(OAUTH_CONFIG.PORT, '127.0.0.1', () => {
-      log.ok(`Codex OAuth callback server on port ${OAUTH_CONFIG.PORT}`);
+    let resolved = false;
+    let pendingBinds = bindHosts.length;
+    let bindFailures = 0;
 
+    const finishWithSuccess = () => {
+      if (resolved) return;
+      resolved = true;
+      log.ok(`Codex OAuth callback servers listening on port ${OAUTH_CONFIG.PORT} (${callbackServers.length} bind${callbackServers.length === 1 ? '' : 's'})`);
       const params = new URLSearchParams({
         response_type: 'code',
         client_id: OAUTH_CONFIG.CLIENT_ID,
@@ -153,16 +288,41 @@ export function startCodexOAuth(): Promise<{ success: boolean; authUrl?: string;
         id_token_add_organizations: 'true',
         codex_cli_simplified_flow: 'true',
       });
-
       resolve({ success: true, authUrl: `${OAUTH_CONFIG.AUTHORIZE_URL}?${params.toString()}` });
-    });
+    };
 
-    callbackServer.on('error', (err: any) => {
-      const error = err.code === 'EADDRINUSE'
+    const finishWithError = (err: any) => {
+      if (resolved) return;
+      resolved = true;
+      stopCallbackServer();
+      const error = err?.code === 'EADDRINUSE'
         ? `Port ${OAUTH_CONFIG.PORT} is busy. Close other Codex instances.`
-        : err.message;
+        : (err?.message || String(err));
       resolve({ success: false, error });
-    });
+    };
+
+    for (const { host, required } of bindHosts) {
+      const server = http.createServer(handleCallback);
+
+      server.once('error', (err: any) => {
+        log.warn(`Codex OAuth bind ${host}:${OAUTH_CONFIG.PORT} failed — ${err.code || err.message}`);
+        if (required) {
+          finishWithError(err);
+        } else {
+          bindFailures++;
+          pendingBinds--;
+          // If only the optional bind failed but we already have at least one
+          // server up, that's still a success.
+          if (pendingBinds === 0 && callbackServers.length > 0) finishWithSuccess();
+        }
+      });
+
+      server.listen(OAUTH_CONFIG.PORT, host, () => {
+        callbackServers.push(server);
+        pendingBinds--;
+        if (pendingBinds === 0) finishWithSuccess();
+      });
+    }
   });
 }
 
@@ -172,28 +332,71 @@ export function cancelCodexOAuth(): void {
   oauthState = null;
 }
 
-export function getCodexAuthStatus(): { authenticated: boolean; plan?: string; error?: string } {
+export async function getCodexAuthStatus(): Promise<{
+  authenticated: boolean;
+  plan?: string;
+  error?: string;
+}> {
   try {
-    if (!fs.existsSync(AUTH_FILE)) return { authenticated: false };
-    const creds = JSON.parse(fs.readFileSync(AUTH_FILE, 'utf-8'));
-    if (!creds.access_token) return { authenticated: false };
-    if (creds.expires_at && Date.now() >= creds.expires_at) {
-      return { authenticated: false, error: 'Token expired' };
+    migrateLegacyFile();
+    const auth = readAuthFile();
+    const tokens = auth?.tokens;
+    if (!tokens?.access_token) return { authenticated: false };
+
+    const expMs = jwtExpiryMs(tokens.access_token);
+    const valid = expMs ? Date.now() + REFRESH_LEEWAY_MS < expMs : true;
+
+    if (!valid && tokens.refresh_token) {
+      const ok = await refreshTokens(tokens.refresh_token);
+      if (!ok) return { authenticated: false, error: 'Token expired and refresh failed' };
     }
-    return { authenticated: true, plan: creds.chatgpt_plan_type || 'plus' };
+
+    const fresh = readAuthFile();
+    const idClaims = fresh?.tokens?.id_token ? decodeJwt(fresh.tokens.id_token) : null;
+    const plan = idClaims?.['https://api.openai.com/auth']?.chatgpt_plan_type || 'plus';
+    return { authenticated: true, plan };
   } catch (err: any) {
     return { authenticated: false, error: err.message };
   }
 }
 
+/**
+ * Read a valid Codex access token, refreshing if expired. Returns null if unavailable.
+ * This is what the Codex harness should call before each app-server invocation.
+ */
+export async function getCodexAccessToken(): Promise<string | null> {
+  migrateLegacyFile();
+  const auth = readAuthFile();
+  const tokens = auth?.tokens;
+  if (!tokens?.access_token) return null;
+
+  const expMs = jwtExpiryMs(tokens.access_token);
+  if (!expMs || Date.now() + REFRESH_LEEWAY_MS < expMs) {
+    return tokens.access_token;
+  }
+
+  if (!tokens.refresh_token) return null;
+  const ok = await refreshTokens(tokens.refresh_token);
+  if (!ok) return null;
+
+  return readAuthFile()?.tokens?.access_token ?? null;
+}
+
+/** Synchronous accessor — returns the stored access token without refreshing. */
 export function readCodexAccessToken(): string | null {
-  try {
-    if (!fs.existsSync(AUTH_FILE)) return null;
-    const creds = JSON.parse(fs.readFileSync(AUTH_FILE, 'utf-8'));
-    if (!creds.access_token) return null;
-    if (creds.expires_at && Date.now() >= creds.expires_at) return null;
-    return creds.access_token;
-  } catch {
-    return null;
+  const auth = readAuthFile();
+  const token = auth?.tokens?.access_token;
+  if (!token) return null;
+  const expMs = jwtExpiryMs(token);
+  if (expMs && Date.now() >= expMs) return null;
+  return token;
+}
+
+/* ── Helpers ── */
+
+function stopCallbackServer(): void {
+  for (const server of callbackServers) {
+    try { server.close(); } catch {}
   }
+  callbackServers = [];
 }

package/worker/index.ts

@@ -9,7 +9,7 @@ import { initDb, closeDb, listConversations, createConversation, deleteConversat
 import webpush from 'web-push';
 import { TOTP } from 'otpauth';
 import QRCode from 'qrcode';
-import { startCodexOAuth, cancelCodexOAuth, getCodexAuthStatus, readCodexAccessToken } from './codex-auth.js';
+import { startCodexOAuth, cancelCodexOAuth, getCodexAuthStatus } from './codex-auth.js';
 import { startClaudeOAuth, exchangeClaudeCode, getClaudeAuthStatus, readClaudeAccessToken } from './claude-auth.js';
 import { checkAvailability, registerHandle, claimReservedHandle, releaseHandle, updateTunnelUrl, startHeartbeat, stopHeartbeat } from '../shared/relay.js';
 import { ensureFileDirs } from '../supervisor/file-saver.js';
@@ -181,8 +181,8 @@ app.post('/api/auth/codex/cancel', (_req, res) => {
   res.json({ ok: true });
 });
 
-app.get('/api/auth/codex/status', (_req, res) => {
-  res.json(getCodexAuthStatus());
+app.get('/api/auth/codex/status', async (_req, res) => {
+  res.json(await getCodexAuthStatus());
 });
 
 // ── Claude OAuth routes ──
@@ -729,10 +729,10 @@ app.post('/api/onboard', (req, res) => {
   currentCfg.ai.model = model || '';
   currentCfg.ai.baseUrl = baseUrl || undefined;
 
-  // Read OAuth token if no API key provided
-  if (!apiKey && provider === 'openai') {
-    currentCfg.ai.apiKey = readCodexAccessToken() || '';
-  } else if (!apiKey && provider === 'anthropic') {
+  // OAuth providers store their tokens in their own credentials files
+  // (~/.codex/auth.json, ~/.claude/.credentials.json) and refresh them as
+  // needed — config.ai.apiKey only holds raw API keys.
+  if (!apiKey && provider === 'anthropic') {
     currentCfg.ai.apiKey = readClaudeAccessToken() || '';
   } else {
     currentCfg.ai.apiKey = apiKey || '';

package/workspace/client/src/App.tsx

@@ -16,9 +16,9 @@ function DashboardError() {
         playsInline
         style={{ height: 120, width: 120, borderRadius: '50%', objectFit: 'cover', marginBottom: 32 }}
       />
-      <h1 style={{ fontSize: 20, fontWeight: 600, marginBottom: 8 }}>Your app crashed</h1>
+      <h1 style={{ fontSize: 20, fontWeight: 600, marginBottom: 8 }}>Oopss.. Something wrong is not right</h1>
       <p style={{ fontSize: 14, color: 'rgba(255,255,255,0.5)', maxWidth: 320, lineHeight: 1.5 }}>
-        Ask the agent to fix it using the chat.
+      If your agent is working, this is normal. If not, go poke them
       </p>
     </div>
   );