dondo-donuts 0.1.0

package/src/antigravity/keychain.ts

@@ -0,0 +1,84 @@
+import { rm } from 'node:fs/promises';
+import { homedir } from 'node:os';
+import { join } from 'node:path';
+import { ANTIGRAVITY_ACCOUNT, ANTIGRAVITY_KEYCHAIN, ANTIGRAVITY_SERVICE } from '../config.ts';
+import { run } from '../shell.ts';
+import type { Snapshot } from '../types.ts';
+
+export const parsePassword = (stderr: string) => {
+    const match = stderr.match(/password: "((?:\\"|[^"])*)"/);
+    if (!match) {
+        throw new Error('Could not read password from security output');
+    }
+    return match[1]?.replace(/\\"/g, '"') ?? '';
+};
+
+const keychainArgs = () => {
+    return ANTIGRAVITY_KEYCHAIN ? [ANTIGRAVITY_KEYCHAIN] : [];
+};
+
+const deleteLivePassword = async () => {
+    await run('security', [
+        'delete-generic-password',
+        '-s',
+        ANTIGRAVITY_SERVICE,
+        '-a',
+        ANTIGRAVITY_ACCOUNT,
+        ...keychainArgs(),
+    ]).catch(() => {});
+};
+
+export const readCurrentSnapshot = async (): Promise<Snapshot> => {
+    const { stderr } = await run('security', [
+        'find-generic-password',
+        '-s',
+        ANTIGRAVITY_SERVICE,
+        '-a',
+        ANTIGRAVITY_ACCOUNT,
+        '-g',
+        ...keychainArgs(),
+    ]);
+    const now = new Date().toISOString();
+    return {
+        account: ANTIGRAVITY_ACCOUNT,
+        createdAt: now,
+        kind: 'Generic Password',
+        label: stderr.match(/"labl"<blob>="([^"]*)"/)?.[1] ?? ANTIGRAVITY_SERVICE,
+        password: parsePassword(stderr),
+        service: ANTIGRAVITY_SERVICE,
+        updatedAt: now,
+    };
+};
+
+export const restoreSnapshot = async (snap: Snapshot) => {
+    await deleteLivePassword();
+    await run('security', [
+        'add-generic-password',
+        '-s',
+        snap.service,
+        '-a',
+        snap.account,
+        '-l',
+        snap.label,
+        '-D',
+        snap.kind,
+        '-w',
+        snap.password,
+        '-U',
+        ...keychainArgs(),
+    ]);
+};
+
+export const clearLiveAuth = async () => {
+    await deleteLivePassword();
+    const home = homedir();
+    await Promise.all(
+        [
+            join(home, '.antigravity-agent', 'cloud_accounts.db'),
+            join(home, '.gemini', 'antigravity'),
+            join(home, '.gemini', 'antigravity-ide'),
+            join(home, '.gemini', 'antigravity-backup'),
+            join(home, 'Library', 'Application Support', 'Antigravity'),
+        ].map((path) => rm(path, { force: true, recursive: true })),
+    );
+};

package/src/antigravity/service.ts

@@ -0,0 +1,111 @@
+import { ANTIGRAVITY_ACCOUNT, ANTIGRAVITY_SERVICE, VAULT_PATH } from '../config.ts';
+import { assertAccountKey, cleanLimitError, publicError } from '../errors.ts';
+import { readVault, updateVault } from '../storage/vault.ts';
+import type { AppVault, LimitResult, Snapshot } from '../types.ts';
+import { decodeToken, fetchLimits } from './google.ts';
+import { clearLiveAuth, readCurrentSnapshot, restoreSnapshot } from './keychain.ts';
+
+const isSameSnapshot = (a: Snapshot | null, b: Snapshot) => {
+    if (a?.service !== b.service || a.account !== b.account) {
+        return false;
+    }
+    const aRefresh = decodeToken(a.password)?.token?.refresh_token;
+    const bRefresh = decodeToken(b.password)?.token?.refresh_token;
+    if (aRefresh || bRefresh) {
+        return aRefresh === bRefresh;
+    }
+    return a.password === b.password;
+};
+
+const hasNoUsageLeft = (quota: LimitResult | null) => {
+    const limits = quota?.ok === true ? Object.values(quota.models) : [];
+    return limits.length > 0 && limits.every((model) => model.percentage <= 0);
+};
+
+const sortEntries = <T extends { active: boolean; key: string; quota: LimitResult | null }>(entries: T[]) => {
+    return [...entries].sort((a, b) => {
+        if (a.active !== b.active) {
+            return a.active ? -1 : 1;
+        }
+        if (hasNoUsageLeft(a.quota) !== hasNoUsageLeft(b.quota)) {
+            return hasNoUsageLeft(a.quota) ? 1 : -1;
+        }
+        return a.key.localeCompare(b.key);
+    });
+};
+
+const updateMissingOrStaleLimits = async (vault: AppVault, force: boolean, targetKey?: string) => {
+    let changed = false;
+    if (targetKey && !vault.antigravity.data[targetKey]) {
+        throw publicError(404, `No snapshot named ${targetKey}`);
+    }
+
+    for (const [key, snap] of Object.entries(vault.antigravity.data)) {
+        if ((targetKey && key !== targetKey) || (!force && vault.antigravity.limits[key])) {
+            continue;
+        }
+        const result = await fetchLimits(snap).catch((error) => ({
+            password: undefined,
+            quota: cleanLimitError(error),
+        }));
+        if (result.password) {
+            vault.antigravity.data[key] = { ...snap, password: result.password, updatedAt: new Date().toISOString() };
+        }
+        vault.antigravity.limits[key] = { fetchedAt: new Date().toISOString(), quota: result.quota };
+        changed = true;
+    }
+
+    return changed;
+};
+
+export const saveAntigravity = async (key: string) => {
+    const safeKey = assertAccountKey(key);
+    const snapshot = await readCurrentSnapshot();
+    await updateVault(async (vault) => {
+        vault.antigravity.data[safeKey] = snapshot;
+        delete vault.antigravity.limits[safeKey];
+        return { result: undefined };
+    });
+};
+
+export const loadAntigravity = async (key: string) => {
+    const safeKey = assertAccountKey(key);
+    const snap = (await readVault()).antigravity.data[safeKey];
+    if (!snap) {
+        throw publicError(404, `No snapshot named ${safeKey}`);
+    }
+    await restoreSnapshot(snap);
+};
+
+export const clearAntigravity = async () => {
+    await clearLiveAuth();
+};
+
+export const antigravityState = async (options: { refreshLimitKey?: string; refreshLimits?: boolean } = {}) => {
+    const refreshLimitKey = options.refreshLimitKey ? assertAccountKey(options.refreshLimitKey) : undefined;
+    const vault = await updateVault(async (current) => {
+        const changed = await updateMissingOrStaleLimits(current, options.refreshLimits === true, refreshLimitKey);
+        return { result: current, write: changed };
+    });
+    const live = await readCurrentSnapshot().catch(() => null);
+
+    return {
+        account: ANTIGRAVITY_ACCOUNT,
+        entries: sortEntries(
+            Object.entries(vault.antigravity.data).map(([key, snap]: [string, Snapshot]) => {
+                const cached = vault.antigravity.limits[key];
+                return {
+                    account: snap.account,
+                    active: isSameSnapshot(live, snap),
+                    key,
+                    limitUpdatedAt: cached?.fetchedAt ?? '',
+                    quota: cached?.quota ?? null,
+                    service: snap.service,
+                    updatedAt: snap.updatedAt,
+                };
+            }),
+        ),
+        service: ANTIGRAVITY_SERVICE,
+        vaultPath: VAULT_PATH,
+    };
+};

package/src/codex/service.ts

@@ -0,0 +1,136 @@
+import { CODEX_AUTH_PATH, VAULT_PATH } from '../config.ts';
+import { assertAccountKey, cleanLimitError, publicError } from '../errors.ts';
+import { writePrivateFile } from '../storage/file.ts';
+import { readVault, updateVault } from '../storage/vault.ts';
+import type { AppVault, CodexSnapshot, LimitResult } from '../types.ts';
+import { fetchCodexLimits } from './usage.ts';
+
+const liveAuth = async () => {
+    const file = Bun.file(CODEX_AUTH_PATH);
+    return (await file.exists()) ? await file.text() : '';
+};
+
+const parseAuth = (auth: string) => {
+    try {
+        return JSON.parse(auth) as {
+            OPENAI_API_KEY?: string | null;
+            tokens?: { account_id?: string; refresh_token?: string };
+        };
+    } catch {
+        return {};
+    }
+};
+
+const isSameAuth = (a: ReturnType<typeof parseAuth>, b: ReturnType<typeof parseAuth>) => {
+    if (a.tokens?.account_id || b.tokens?.account_id) {
+        return a.tokens?.account_id === b.tokens?.account_id;
+    }
+    return !!a.OPENAI_API_KEY && a.OPENAI_API_KEY === b.OPENAI_API_KEY;
+};
+
+const hasNoUsageLeft = (quota: LimitResult | null) => {
+    const limits = quota?.ok === true ? Object.entries(quota.models).filter(([key]) => key !== 'codex-credits') : [];
+    return limits.length > 0 && limits.every(([, model]) => model.percentage <= 0);
+};
+
+const sortEntries = <T extends { active: boolean; key: string; quota: LimitResult | null }>(entries: T[]) => {
+    return [...entries].sort((a, b) => {
+        if (a.active !== b.active) {
+            return a.active ? -1 : 1;
+        }
+        if (hasNoUsageLeft(a.quota) !== hasNoUsageLeft(b.quota)) {
+            return hasNoUsageLeft(a.quota) ? 1 : -1;
+        }
+        return a.key.localeCompare(b.key);
+    });
+};
+
+const updateMissingOrStaleLimits = async (vault: AppVault, force: boolean, targetKey?: string) => {
+    let changed = false;
+    if (targetKey && !vault.codex.data[targetKey]) {
+        throw publicError(404, `No Codex auth named ${targetKey}`);
+    }
+
+    for (const [key, snap] of Object.entries(vault.codex.data)) {
+        if ((targetKey && key !== targetKey) || (!force && vault.codex.limits[key])) {
+            continue;
+        }
+        const result = await fetchCodexLimits(snap.auth).catch((error) => ({
+            auth: undefined,
+            quota: cleanLimitError(error),
+        }));
+        if (result.auth) {
+            vault.codex.data[key] = { ...snap, auth: result.auth, updatedAt: new Date().toISOString() };
+        }
+        vault.codex.limits[key] = { fetchedAt: new Date().toISOString(), quota: result.quota };
+        changed = true;
+    }
+
+    return changed;
+};
+
+export const saveCodex = async (key: string) => {
+    const safeKey = assertAccountKey(key);
+    const authFile = Bun.file(CODEX_AUTH_PATH);
+    if (!(await authFile.exists())) {
+        throw publicError(404, `${CODEX_AUTH_PATH} does not exist`);
+    }
+    const auth = await authFile.text();
+    if (!auth.trim()) {
+        throw publicError(400, `${CODEX_AUTH_PATH} is empty`);
+    }
+    try {
+        JSON.parse(auth);
+    } catch {
+        throw publicError(400, `${CODEX_AUTH_PATH} is not valid JSON`);
+    }
+
+    await updateVault(async (vault) => {
+        const existing = vault.codex.data[safeKey];
+        const now = new Date().toISOString();
+        vault.codex.data[safeKey] = {
+            auth,
+            createdAt: existing?.createdAt ?? now,
+            updatedAt: now,
+        };
+        delete vault.codex.limits[safeKey];
+        return { result: undefined };
+    });
+};
+
+export const loadCodex = async (key: string) => {
+    const safeKey = assertAccountKey(key);
+    const snap = (await readVault()).codex.data[safeKey];
+    if (!snap) {
+        throw publicError(404, `No Codex auth named ${safeKey}`);
+    }
+
+    await writePrivateFile(CODEX_AUTH_PATH, snap.auth);
+};
+
+export const codexState = async (options: { refreshLimitKey?: string; refreshLimits?: boolean } = {}) => {
+    const refreshLimitKey = options.refreshLimitKey ? assertAccountKey(options.refreshLimitKey) : undefined;
+    const vault = await updateVault(async (current) => {
+        const changed = await updateMissingOrStaleLimits(current, options.refreshLimits === true, refreshLimitKey);
+        return { result: current, write: changed };
+    });
+    const activeAuth = await liveAuth().catch(() => '');
+    const active = parseAuth(activeAuth);
+
+    return {
+        authPath: CODEX_AUTH_PATH,
+        entries: sortEntries(
+            Object.entries(vault.codex.data).map(([key, snap]: [string, CodexSnapshot]) => {
+                const cached = vault.codex.limits[key];
+                return {
+                    active: isSameAuth(active, parseAuth(snap.auth)),
+                    key,
+                    limitUpdatedAt: cached?.fetchedAt ?? '',
+                    quota: cached?.quota ?? null,
+                    updatedAt: snap.updatedAt,
+                };
+            }),
+        ),
+        vaultPath: VAULT_PATH,
+    };
+};

package/src/codex/usage.test.ts

@@ -0,0 +1,96 @@
+import { afterEach, expect, it } from 'bun:test';
+import { fetchCodexLimits, parseJwtPayload, tokenExpiredOrNearExpiry, usageToLimitResult } from './usage.ts';
+
+const jwt = (payload: object) =>
+    ['header', Buffer.from(JSON.stringify(payload)).toString('base64url'), 'signature'].join('.');
+
+const originalFetch = globalThis.fetch;
+
+afterEach(() => {
+    globalThis.fetch = originalFetch;
+});
+
+it('should map Codex usage windows into limit cards without null entries', () => {
+    const result = usageToLimitResult({
+        credits: { balance: '0', has_credits: false, unlimited: false },
+        plan_type: 'plus',
+        rate_limit: {
+            primary_window: { limit_window_seconds: 18_000, reset_at: 1_800_000_000, used_percent: 10.2 },
+            secondary_window: null,
+        },
+    });
+
+    expect(result.ok).toBe(true);
+    if (!result.ok) {
+        return;
+    }
+    expect(result.tier).toBe('plus');
+    expect(Object.keys(result.models)).toEqual(['codex-primary', 'codex-credits']);
+    expect(result.models['codex-primary']).toEqual({
+        displayName: '5h Limit (5h)',
+        percentage: 90,
+        resetTime: '2027-01-15T08:00:00.000Z',
+    });
+    expect(result.models['codex-credits']?.percentage).toBe(0);
+});
+
+it('should parse JWT payloads and detect near-expired tokens', () => {
+    expect(parseJwtPayload(jwt({ exp: 123, sub: 'user' }))).toEqual({ exp: 123, sub: 'user' });
+    expect(tokenExpiredOrNearExpiry(jwt({ exp: Math.floor(Date.now() / 1000) + 30 }))).toBe(true);
+    expect(tokenExpiredOrNearExpiry(jwt({ exp: Math.floor(Date.now() / 1000) + 300 }))).toBe(false);
+    expect(tokenExpiredOrNearExpiry('')).toBe(true);
+});
+
+it('should not render a zero-minute usage window suffix', () => {
+    const result = usageToLimitResult({
+        rate_limit: {
+            primary_window: { limit_window_seconds: 0, reset_at: null, used_percent: 20 },
+        },
+    });
+
+    expect(result.ok).toBe(true);
+    if (!result.ok) {
+        return;
+    }
+    expect(result.models['codex-primary']?.displayName).toBe('Primary Limit');
+});
+
+it('should force refresh Codex tokens after a 401 usage response', async () => {
+    const calls: string[] = [];
+    globalThis.fetch = (async (url: string | URL | Request, init?: RequestInit) => {
+        const target = String(url);
+        calls.push(target);
+        if (target.includes('/oauth/token')) {
+            return Response.json({
+                access_token: jwt({ exp: Math.floor(Date.now() / 1000) + 3600 }),
+                refresh_token: 'next-refresh',
+            });
+        }
+        if (calls.filter((call) => call.includes('/wham/usage')).length === 1) {
+            return new Response('', { status: 401 });
+        }
+        expect((init?.headers as Record<string, string>).Authorization).toContain('Bearer ');
+        return Response.json({
+            plan_type: 'plus',
+            rate_limit: {
+                primary_window: { limit_window_seconds: 18_000, reset_at: 1_800_000_000, used_percent: 25 },
+            },
+        });
+    }) as typeof fetch;
+
+    const result = await fetchCodexLimits(
+        JSON.stringify({
+            auth_mode: 'chatgpt',
+            tokens: {
+                access_token: jwt({ exp: Math.floor(Date.now() / 1000) + 3600 }),
+                account_id: 'account',
+                refresh_token: 'refresh',
+            },
+        }),
+    );
+
+    expect(result.auth).toContain('next-refresh');
+    expect(result.quota.ok).toBe(true);
+    expect(calls.filter((call) => call.includes('/wham/usage'))).toHaveLength(2);
+    expect(calls.filter((call) => call.includes('/oauth/token'))).toHaveLength(1);
+});

package/src/codex/usage.ts

@@ -0,0 +1,219 @@
+import { CODEX_CLIENT_ID, CODEX_TOKEN_URL, CODEX_USAGE_URL, CODEX_USER_AGENT } from '../config.ts';
+import { publicError } from '../errors.ts';
+import type { LimitResult } from '../types.ts';
+
+type CodexAuth = {
+    OPENAI_API_KEY?: string | null;
+    auth_mode?: string;
+    tokens?: {
+        access_token?: string;
+        account_id?: string;
+        id_token?: string;
+        refresh_token?: string;
+    };
+    last_refresh?: string;
+};
+
+type CodexUsagePayload = {
+    plan_type?: string;
+    rate_limit?: {
+        primary_window?: CodexWindow | null;
+        secondary_window?: CodexWindow | null;
+    } | null;
+    credits?: {
+        balance?: string | null;
+        has_credits?: boolean;
+        unlimited?: boolean;
+    } | null;
+};
+
+type CodexWindow = {
+    limit_window_seconds?: number | null;
+    reset_at?: number | null;
+    used_percent?: number;
+};
+
+type CodexLimitFetch = {
+    auth?: string;
+    quota: LimitResult;
+};
+
+const REQUEST_TIMEOUT_MS = 15_000;
+const EXPIRY_GRACE_SECONDS = 60;
+
+const parseAuth = (auth: string): CodexAuth => {
+    try {
+        return JSON.parse(auth) as CodexAuth;
+    } catch {
+        throw publicError(400, 'Saved Codex auth JSON is malformed');
+    }
+};
+
+export const parseJwtPayload = (token: string): Record<string, unknown> | null => {
+    const part = token.split('.')[1];
+    if (!part) {
+        return null;
+    }
+    try {
+        return JSON.parse(Buffer.from(part, 'base64url').toString('utf8')) as Record<string, unknown>;
+    } catch {
+        return null;
+    }
+};
+
+export const tokenExpiredOrNearExpiry = (token: string) => {
+    const exp = parseJwtPayload(token)?.exp;
+    return typeof exp === 'number' ? exp <= Math.floor(Date.now() / 1000) + EXPIRY_GRACE_SECONDS : true;
+};
+
+const refreshTokens = async (refreshToken: string) => {
+    const res = await fetch(CODEX_TOKEN_URL, {
+        body: new URLSearchParams({
+            client_id: CODEX_CLIENT_ID,
+            grant_type: 'refresh_token',
+            refresh_token: refreshToken,
+        }),
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+        method: 'POST',
+        signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS),
+    });
+    if (!res.ok) {
+        throw new Error(`Token refresh failed: HTTP ${res.status}`);
+    }
+    return (await res.json()) as { access_token: string; id_token?: string; refresh_token?: string };
+};
+
+const ensureFreshAuth = async (auth: CodexAuth, force = false) => {
+    const tokens = auth.tokens;
+    const accessToken = tokens?.access_token;
+    const refreshToken = tokens?.refresh_token;
+    if (!refreshToken || (!force && accessToken && !tokenExpiredOrNearExpiry(accessToken))) {
+        return auth;
+    }
+
+    const refreshed = await refreshTokens(refreshToken);
+    return {
+        ...auth,
+        last_refresh: new Date().toISOString(),
+        tokens: {
+            ...tokens,
+            access_token: refreshed.access_token,
+            id_token: refreshed.id_token ?? tokens.id_token,
+            refresh_token: refreshed.refresh_token ?? refreshToken,
+        },
+    };
+};
+
+const codexHeaders = (accessToken: string, accountId?: string) => ({
+    ...(accountId ? { 'chatgpt-account-id': accountId } : {}),
+    Authorization: `Bearer ${accessToken}`,
+    'User-Agent': CODEX_USER_AGENT,
+});
+
+const resetIso = (resetAt?: number | null) => (resetAt ? new Date(resetAt * 1000).toISOString() : '');
+
+const windowSuffix = (minutes: number) => {
+    if (minutes <= 0) {
+        return '';
+    }
+    if (minutes >= 10_080) {
+        return 'weekly';
+    }
+    if (minutes >= 60) {
+        return `${Math.round(minutes / 60)}h`;
+    }
+    return `${minutes}m`;
+};
+
+const windowLabel = (fallback: string, suffix: string) => {
+    if (suffix === 'weekly') {
+        return 'Weekly Limit';
+    }
+    if (suffix === '5h') {
+        return '5h Limit';
+    }
+    return fallback;
+};
+
+const windowLimit = (fallbackLabel: string, window?: CodexWindow | null) => {
+    if (!window || typeof window.used_percent !== 'number') {
+        return null;
+    }
+    const minutes = window.limit_window_seconds ? Math.ceil(window.limit_window_seconds / 60) : 0;
+    const suffix = windowSuffix(minutes);
+    return {
+        displayName: `${windowLabel(fallbackLabel, suffix)}${suffix ? ` (${suffix})` : ''}`,
+        percentage: Math.max(0, Math.min(100, Math.round(100 - window.used_percent))),
+        resetTime: resetIso(window.reset_at),
+    };
+};
+
+export const usageToLimitResult = (payload: CodexUsagePayload): LimitResult => {
+    const entries: [string, NonNullable<ReturnType<typeof windowLimit>>][] = [];
+    const primary = windowLimit('Primary Limit', payload.rate_limit?.primary_window);
+    const secondary = windowLimit('Secondary Limit', payload.rate_limit?.secondary_window);
+
+    if (primary) {
+        entries.push(['codex-primary', primary]);
+    }
+    if (secondary) {
+        entries.push(['codex-secondary', secondary]);
+    }
+    if (payload.credits?.balance) {
+        entries.push([
+            'codex-credits',
+            {
+                displayName: `Credits ${payload.credits.balance}`,
+                percentage: payload.credits.unlimited ? 100 : payload.credits.has_credits ? 100 : 0,
+                resetTime: '',
+            },
+        ]);
+    }
+
+    return {
+        expires: '',
+        models: Object.fromEntries(entries),
+        ok: true,
+        tier: payload.plan_type ?? '',
+    };
+};
+
+const requestUsage = async (auth: CodexAuth) => {
+    const accessToken = auth.tokens?.access_token;
+    if (!accessToken) {
+        return { error: 'No Codex access token in snapshot', ok: false as const };
+    }
+
+    const res = await fetch(CODEX_USAGE_URL, {
+        headers: codexHeaders(accessToken, auth.tokens?.account_id),
+        signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS),
+    });
+    if (!res.ok) {
+        throw new Error(`HTTP ${res.status}`);
+    }
+    return usageToLimitResult((await res.json()) as CodexUsagePayload);
+};
+
+export const fetchCodexLimits = async (authText: string): Promise<CodexLimitFetch> => {
+    const auth = parseAuth(authText);
+    if (auth.auth_mode === 'apikey' || auth.auth_mode === 'api_key' || auth.OPENAI_API_KEY) {
+        return { quota: { error: 'Codex usage is only available for ChatGPT login accounts', ok: false } };
+    }
+
+    const freshAuth = await ensureFreshAuth(auth);
+    try {
+        return {
+            auth: freshAuth === auth ? undefined : JSON.stringify(freshAuth, null, 2),
+            quota: await requestUsage(freshAuth),
+        };
+    } catch (error) {
+        if (!String(error).includes('HTTP 401') || !freshAuth.tokens?.refresh_token) {
+            throw error;
+        }
+        const refreshedAuth = await ensureFreshAuth(freshAuth, true);
+        return {
+            auth: JSON.stringify(refreshedAuth, null, 2),
+            quota: await requestUsage(refreshedAuth),
+        };
+    }
+};