dual-brain 4.5.1 → 4.6.0

package/install.mjs

@@ -9,6 +9,7 @@
  *   npx dual-brain --help
  */
 import { appendFileSync, cpSync, existsSync, mkdirSync, readFileSync, readdirSync, renameSync, statSync, unlinkSync, writeFileSync } from 'fs';
+import https from 'https';
 import { dirname, join, resolve } from 'path';
 import { fileURLToPath } from 'url';
 import { spawnSync } from 'child_process';
@@ -30,6 +31,7 @@ const force = flag('--force');
 const dryRun = flag('--dry-run');
 const jsonOut = flag('--json');
 const yesFlag = flag('--yes') || flag('-y');
+const noLaunch = flag('--no-launch');
 const positional = argv.filter(a => !a.startsWith('-'));
 const subcommand = positional[0] || null;
 
@@ -49,9 +51,12 @@ if (flag('--help') || flag('-h')) {
   Usage:  npx -y dual-brain [command] [options]
 
   Setup:
-    (none)       Show quick start
+    (none)       Start persistent chat (setup if needed)
     init         Alias for default install
-    setup        Configure runtime, providers, auth, and hooks
+    start        Start persistent chat
+    chat         Alias for start
+    auth         Check and repair provider authentication
+    setup        Configure providers, hooks, and preferences
     doctor       Check system health and report issues
     reset        Clear all state files (keeps config/hooks)
     repair       Fix corrupt files, stale locks, re-register hooks
@@ -105,6 +110,7 @@ if (flag('--help') || flag('-h')) {
     --force      Overwrite all existing config
     --dry-run    Detect environment only
     --json       Output detection as JSON
+    --no-launch  Install/setup only, do not open Claude
     --help       Show this help
 
   Routing modes:
@@ -135,6 +141,7 @@ const SUBCOMMANDS = [
   'review', 'think', 'health', 'report', 'gate',
   'vibe', 'plan', 'cost', 'dispatch', 'memory',
   'test', 'ledger', 'doctor', 'reset', 'repair',
+  'auth', 'start', 'chat',
   'chain', 'chains',
   'agent', 'agents',
   'do', 'ship', 'test-run', 'diff', 'runs', 'resume',
@@ -173,6 +180,240 @@ function detectReplit() {
   return { isReplit, hasReplitTools };
 }
 
+// ─── Session Preferences + Auth Helpers ────────────────────────────────────
+
+const SESSION_PREFS_REL = '.claude/dual-brain.session.json';
+const DEFAULT_SESSION_PREFS = {
+  head_model: 'sonnet',
+  effort: 'medium',
+};
+
+function writeAtomicJson(targetPath, data) {
+  const tmpPath = `${targetPath}.tmp.${process.pid}`;
+  writeFileSync(tmpPath, JSON.stringify(data, null, 2) + '\n');
+  renameSync(tmpPath, targetPath);
+}
+
+function loadSessionPrefs(workspace) {
+  const prefsPath = join(workspace, SESSION_PREFS_REL);
+  try {
+    const raw = JSON.parse(readFileSync(prefsPath, 'utf8'));
+    return { ...DEFAULT_SESSION_PREFS, ...raw };
+  } catch {
+    return { ...DEFAULT_SESSION_PREFS };
+  }
+}
+
+function saveSessionPrefs(workspace, prefs) {
+  const claudeDir = join(workspace, '.claude');
+  mkdirSync(claudeDir, { recursive: true });
+  const prefsPath = join(workspace, SESSION_PREFS_REL);
+  writeAtomicJson(prefsPath, { ...DEFAULT_SESSION_PREFS, ...prefs });
+}
+
+function getClaudeCredentialPaths(workspace = process.cwd()) {
+  const configDir = process.env.CLAUDE_CONFIG_DIR;
+  const home = process.env.HOME || '';
+  return [
+    configDir ? join(configDir, '.credentials.json') : null,
+    join(home, '.claude', '.credentials.json'),
+    resolve(workspace, '.replit-tools', '.claude-persistent', '.credentials.json'),
+  ].filter(Boolean);
+}
+
+function safeParseJson(path) {
+  try {
+    return JSON.parse(readFileSync(path, 'utf8'));
+  } catch {
+    return null;
+  }
+}
+
+function decodeJwtPayload(token) {
+  if (!token || typeof token !== 'string') return null;
+  const parts = token.split('.');
+  if (parts.length < 2) return null;
+  try {
+    return JSON.parse(Buffer.from(parts[1], 'base64url').toString());
+  } catch {
+    return null;
+  }
+}
+
+function computeExpiresInHours(expiresAtMs) {
+  if (!Number.isFinite(expiresAtMs)) return null;
+  return Math.round(((expiresAtMs - Date.now()) / 3_600_000) * 10) / 10;
+}
+
+function formatExpires(expiresInHours) {
+  if (expiresInHours == null) return 'unknown';
+  if (expiresInHours <= 0) return 'expired';
+  return `${Math.round(expiresInHours)}h remaining`;
+}
+
+function getClaudeAuthStatus() {
+  const defaults = {
+    valid: false,
+    expiresInHours: null,
+    hasRefreshToken: false,
+    email: null,
+    credPath: null,
+  };
+
+  for (const credPath of getClaudeCredentialPaths(process.cwd())) {
+    const cred = safeParseJson(credPath);
+    const oauth = cred?.claudeAiOauth;
+    if (!oauth) continue;
+
+    const expiresAtMs = typeof oauth.expiresAt === 'number'
+      ? oauth.expiresAt
+      : oauth.expiresAt
+        ? Date.parse(oauth.expiresAt)
+        : NaN;
+    const expiresInHours = computeExpiresInHours(expiresAtMs);
+    const valid = Number.isFinite(expiresAtMs) ? expiresAtMs > Date.now() : false;
+
+    let subscription = null;
+    try {
+      const authOut = run('claude', ['auth', 'status', '--json']);
+      if (authOut.status === 0) {
+        const info = JSON.parse(authOut.stdout.trim());
+        subscription = info.subscriptionType || null;
+      }
+    } catch {}
+    if (!subscription) subscription = oauth.subscriptionType || null;
+
+    return {
+      valid,
+      expiresInHours,
+      hasRefreshToken: !!oauth.refreshToken,
+      email: oauth.email || oauth.account?.email || cred.email || null,
+      subscription,
+      credPath,
+    };
+  }
+
+  return defaults;
+}
+
+function getCodexAuthStatus() {
+  const authPath = join(process.env.HOME || '', '.codex', 'auth.json');
+  const auth = safeParseJson(authPath);
+  const tokens = auth?.tokens || auth;
+  const accessToken = tokens?.access_token;
+  const refreshToken = tokens?.refresh_token;
+  const payload = decodeJwtPayload(accessToken);
+  const expiresAtMs = payload?.exp ? payload.exp * 1000 : NaN;
+  const expiresInHours = computeExpiresInHours(expiresAtMs);
+
+  return {
+    valid: Number.isFinite(expiresAtMs) ? expiresAtMs > Date.now() : false,
+    expiresInHours,
+    hasRefreshToken: !!refreshToken,
+    email: payload?.email || auth?.email || auth?.user?.email || null,
+  };
+}
+
+function postForm(url, body) {
+  return new Promise((resolve, reject) => {
+    const payload = Buffer.from(new URLSearchParams(body).toString(), 'utf8');
+    const req = https.request(url, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+        'Content-Length': payload.length,
+      },
+      timeout: 8000,
+    }, (res) => {
+      const chunks = [];
+      res.on('data', (chunk) => chunks.push(chunk));
+      res.on('end', () => {
+        const raw = Buffer.concat(chunks).toString('utf8');
+        if (res.statusCode && res.statusCode >= 200 && res.statusCode < 300) {
+          try {
+            resolve(JSON.parse(raw));
+          } catch (err) {
+            reject(err);
+          }
+        } else {
+          reject(new Error(`HTTP ${res.statusCode || 0}`));
+        }
+      });
+    });
+    req.on('timeout', () => req.destroy(new Error('Request timeout')));
+    req.on('error', reject);
+    req.write(payload);
+    req.end();
+  });
+}
+
+async function refreshClaudeToken(credPath) {
+  try {
+    const cred = safeParseJson(credPath);
+    const oauth = cred?.claudeAiOauth;
+    if (!oauth?.refreshToken) return { success: false, expiresInHours: null };
+
+    const refreshed = await postForm('https://console.anthropic.com/v1/oauth/token', {
+      grant_type: 'refresh_token',
+      refresh_token: oauth.refreshToken,
+      client_id: '9d1c250a-e61b-44d9-88ed-5944d1962f5e',
+    });
+
+    const nextOauth = {
+      ...oauth,
+      accessToken: refreshed.access_token || oauth.accessToken,
+      refreshToken: refreshed.refresh_token || oauth.refreshToken,
+      tokenType: refreshed.token_type || oauth.tokenType,
+      scopes: refreshed.scope || oauth.scopes,
+      expiresAt: Date.now() + ((refreshed.expires_in || 0) * 1000),
+    };
+    const updated = { ...cred, claudeAiOauth: nextOauth };
+    writeAtomicJson(credPath, updated);
+
+    return {
+      success: true,
+      expiresInHours: computeExpiresInHours(nextOauth.expiresAt),
+    };
+  } catch {
+    return { success: false, expiresInHours: null };
+  }
+}
+
+async function refreshCodexToken() {
+  try {
+    const authPath = join(process.env.HOME || '', '.codex', 'auth.json');
+    const auth = safeParseJson(authPath);
+    const tokens = auth?.tokens || auth;
+    const refreshToken = tokens?.refresh_token;
+    if (!refreshToken) return { success: false, expiresInHours: null };
+
+    const refreshed = await postForm('https://auth.openai.com/oauth/token', {
+      grant_type: 'refresh_token',
+      refresh_token: refreshToken,
+      client_id: 'app_EMoamEEZ73f0CkXaXp7hrann',
+    });
+
+    const updatedTokens = {
+      ...tokens,
+      access_token: refreshed.access_token || tokens.access_token,
+      refresh_token: refreshed.refresh_token || tokens.refresh_token,
+      id_token: refreshed.id_token || tokens.id_token,
+      token_type: refreshed.token_type || tokens.token_type,
+      scope: refreshed.scope || tokens.scope,
+    };
+    const updated = auth?.tokens ? { ...auth, tokens: updatedTokens } : updatedTokens;
+    writeAtomicJson(authPath, updated);
+
+    const payload = decodeJwtPayload(updatedTokens.access_token);
+    return {
+      success: true,
+      expiresInHours: payload?.exp ? computeExpiresInHours(payload.exp * 1000) : null,
+    };
+  } catch {
+    return { success: false, expiresInHours: null };
+  }
+}
+
 function detectClaude() {
   const result = { installed: false, version: null, authed: false };
 
@@ -1490,6 +1731,228 @@ async function checkReplitTools() {
   }
 }
 
+// ─── Auth Command ──────────────────────────────────────────────────────────
+
+async function cmdAuth() {
+  console.log('');
+  console.log(`  ${BRAND} — Auth Status`);
+  console.log('  ──────────────────────────────────────────────────');
+
+  const claude = getClaudeAuthStatus();
+  if (claude.valid) {
+    const email = claude.email ? ` — ${claude.email}` : '';
+    const sub = claude.subscription ? ` (${claude.subscription})` : '';
+    console.log(`  ✓ Claude: authenticated (${Math.round(claude.expiresInHours)}h remaining)${email}${sub}`);
+  } else if (claude.hasRefreshToken) {
+    console.log('  ⟳ Claude: expired — attempting refresh...');
+    const r = await refreshClaudeToken(claude.credPath);
+    console.log(r.success ? `  ✓ Claude: refreshed (${Math.round(r.expiresInHours)}h remaining)` : '  ✗ Claude: refresh failed — run: claude login');
+  } else {
+    console.log(`  ✗ Claude: ${claude.credPath ? 'expired' : 'not configured'} — run: claude login`);
+  }
+
+  const codex = getCodexAuthStatus();
+  if (codex.valid) {
+    const email = codex.email ? ` — ${codex.email}` : '';
+    console.log(`  ✓ Codex:  authenticated (${Math.round(codex.expiresInHours)}h remaining)${email}`);
+  } else if (codex.hasRefreshToken) {
+    console.log('  ⟳ Codex:  expired — attempting refresh...');
+    const r = await refreshCodexToken();
+    console.log(r.success ? `  ✓ Codex:  refreshed (${Math.round(r.expiresInHours)}h remaining)` : '  ✗ Codex:  refresh failed — run: codex login');
+  } else {
+    console.log('  ✗ Codex:  not configured — run: codex login');
+    console.log('           (GPT lane will be disabled)');
+  }
+
+  if (IS_REPLIT) {
+    console.log('');
+    console.log('  Replit tip: If login shows localhost errors, use browser-based auth');
+    console.log('  or run the login command from a local machine and copy credentials.');
+  }
+  console.log('');
+}
+
+// ─── Preflight Auth ────────────────────────────────────────────────────────
+
+async function preflightAuth() {
+  const claude = getClaudeAuthStatus();
+  const codex = getCodexAuthStatus();
+  let claudeOk = claude.valid;
+  let codexOk = codex.valid;
+
+  if (!claudeOk && claude.hasRefreshToken) {
+    const r = await refreshClaudeToken(claude.credPath);
+    claudeOk = r.success;
+    if (r.success) console.log(`  ⟳ Claude auth refreshed (${Math.round(r.expiresInHours)}h)`);
+  }
+  if (!codexOk && codex.hasRefreshToken) {
+    const r = await refreshCodexToken();
+    codexOk = r.success;
+    if (r.success) console.log(`  ⟳ Codex auth refreshed (${Math.round(r.expiresInHours)}h)`);
+  }
+
+  if (!claudeOk) {
+    console.log('');
+    console.log('  ✗ Claude auth required. Run: claude login');
+    if (IS_REPLIT) console.log('    (Use browser flow — localhost callbacks may not work)');
+    console.log('');
+    return false;
+  }
+  if (!codexOk) console.log('  ⚠ Codex not authenticated — GPT lane disabled (Claude-only mode)');
+  return true;
+}
+
+// ─── Session Wizard ────────────────────────────────────────────────────────
+
+function recommendModel() {
+  const claude = getClaudeAuthStatus();
+  const codex = getCodexAuthStatus();
+  if (claude.subscription === 'max' && codex.valid) return { model: 'sonnet', reason: 'Both $100 subs — sonnet for chat, opus auto-escalates for thinking' };
+  if (claude.subscription === 'max') return { model: 'sonnet', reason: '$100 Claude Max — sonnet balances speed + quality' };
+  if (claude.subscription === 'pro') return { model: 'haiku', reason: '$20 Claude Pro — haiku conserves limited credits' };
+  return { model: 'sonnet', reason: 'Default — good balance of speed and capability' };
+}
+
+async function askLine(prompt) {
+  if (!process.stdin.isTTY || yesFlag || process.env.CI) return '';
+  process.stdout.write(prompt);
+  const answer = await new Promise(resolve => {
+    process.stdin.setEncoding('utf8');
+    process.stdin.once('data', chunk => resolve(chunk.trim().toLowerCase()));
+    process.stdin.resume();
+  });
+  process.stdin.pause();
+  return answer;
+}
+
+async function runSessionWizard(workspace) {
+  const rec = recommendModel();
+  const claude = getClaudeAuthStatus();
+  const codex = getCodexAuthStatus();
+
+  console.log('');
+  console.log(`  ${BRAND}`);
+  console.log(`  ${BRAND_SUBTITLE}`);
+  console.log('');
+
+  const parts = [];
+  if (claude.subscription) parts.push(`Claude ${claude.subscription}`);
+  if (codex.valid) parts.push('Codex Pro');
+  if (parts.length) {
+    console.log(`  Detected: ${parts.join(' + ')}`);
+    console.log(`  Recommendation: ${rec.reason}`);
+    console.log('');
+  }
+
+  console.log('  Head session model:');
+  console.log('    [s] Sonnet — fast, cost-effective, great for most work');
+  console.log('    [o] Opus  — slower, smarter, best for complex architecture');
+  console.log('    [h] Haiku — fastest, cheapest, good for simple tasks');
+  const modelKey = await askLine(`  Choice [${rec.model === 'haiku' ? 'h' : 's'}]: `);
+  let model = rec.model === 'haiku' ? 'haiku' : 'sonnet';
+  if (modelKey === 'o' || modelKey === 'opus') model = 'opus';
+  else if (modelKey === 'h' || modelKey === 'haiku') model = 'haiku';
+  else if (modelKey === 's' || modelKey === 'sonnet') model = 'sonnet';
+
+  if (model === 'opus' && process.stdin.isTTY) {
+    console.log('  ⚠  Opus uses ~5x more credits than Sonnet.');
+    const confirm = await askLine('  Continue with Opus? [y/N] ');
+    if (confirm !== 'y' && confirm !== 'yes') { model = 'sonnet'; console.log('  Switched to Sonnet.'); }
+  }
+
+  console.log('');
+  console.log('  Effort level:');
+  console.log('    [l] Low    — faster responses, less thorough');
+  console.log('    [m] Medium — balanced (default)');
+  console.log('    [h] High   — thorough, slower, more expensive');
+  const effortKey = await askLine('  Choice [m]: ');
+  let effort = 'medium';
+  if (effortKey === 'l' || effortKey === 'low') effort = 'low';
+  else if (effortKey === 'h' || effortKey === 'high') effort = 'high';
+
+  const prefs = { head_model: model, effort, created_at: new Date().toISOString(), updated_at: new Date().toISOString() };
+  saveSessionPrefs(workspace, prefs);
+  console.log('');
+  console.log(`  Saved: ${model} / ${effort} effort`);
+  console.log('  Change anytime: npx dual-brain start --model opus --effort high');
+  return prefs;
+}
+
+// ─── Session Launcher ──────────────────────────────────────────────────────
+
+function launchClaudeSession(workspace, prefs) {
+  const model = prefs.head_model || 'sonnet';
+  const args = [];
+  const helpOut = run('claude', ['--help']);
+  const helpText = (helpOut.stdout || '') + (helpOut.stderr || '');
+  if (helpText.includes('--model')) args.push('--model', model);
+  if (helpText.includes('--resume') || helpText.includes('-c')) args.push('-c');
+
+  console.log('');
+  console.log(`  Launching ${model} session...`);
+  console.log('  (Work agents auto-route: haiku/sonnet/opus by task tier)');
+  console.log('');
+
+  const result = spawnSync('claude', args, {
+    stdio: 'inherit',
+    cwd: workspace,
+    env: { ...process.env, DUAL_BRAIN_HEAD_MODEL: model, DUAL_BRAIN_HEAD_EFFORT: prefs.effort || 'medium', DUAL_BRAIN_WORKSPACE: workspace },
+  });
+  process.exit(result.status ?? 0);
+}
+
+// ─── Ensure Setup + Launch ─────────────────────────────────────────────────
+
+async function ensureAndLaunch() {
+  const workspace = resolve(process.cwd());
+  if (!dryRun && !jsonOut) await checkReplitTools();
+
+  const alreadySetUp = existsSync(join(workspace, '.claude', 'hooks'))
+    || existsSync(join(workspace, '.claude', 'settings.json'));
+  if (!alreadySetUp || force) {
+    const env = detectEnvironment();
+    const mode = resolveMode(env);
+    install(env.workspace, env, mode);
+  }
+
+  const authOk = await preflightAuth();
+  if (!authOk) { console.log('  Fix auth first, then run: npx dual-brain'); process.exit(1); }
+
+  const cliModel = argv.find((a, i) => argv[i - 1] === '--model');
+  const cliEffort = argv.find((a, i) => argv[i - 1] === '--effort');
+  let prefs = loadSessionPrefs(workspace);
+
+  if (!prefs.created_at && !noLaunch) prefs = await runSessionWizard(workspace);
+  if (cliModel) prefs.head_model = cliModel;
+  if (cliEffort) prefs.effort = cliEffort;
+
+  if (noLaunch) { printQuickStart(); return; }
+  launchClaudeSession(workspace, prefs);
+}
+
+// ─── Doctor with Auth ──────────────────────────────────────────────────────
+
+async function cmdDoctorWithAuth() {
+  cmdDoctor();
+  console.log('  Auth Status:');
+  const claude = getClaudeAuthStatus();
+  if (claude.valid) {
+    const email = claude.email ? ` — ${claude.email}` : '';
+    const sub = claude.subscription ? ` (${claude.subscription})` : '';
+    console.log(`    ✓ Claude: ${Math.round(claude.expiresInHours)}h remaining${email}${sub}`);
+  } else {
+    console.log('    ✗ Claude: not authenticated — run: npx dual-brain auth');
+  }
+  const codex = getCodexAuthStatus();
+  if (codex.valid) {
+    const email = codex.email ? ` — ${codex.email}` : '';
+    console.log(`    ✓ Codex:  ${Math.round(codex.expiresInHours)}h remaining${email}`);
+  } else {
+    console.log('    ✗ Codex:  not authenticated — run: npx dual-brain auth');
+  }
+  console.log('');
+}
+
 // ─── Main ───────────────────────────────────────────────────────────────────
 
 async function main() {
@@ -1502,9 +1965,13 @@ async function main() {
   if (subcommand === 'mode')    { cmdMode();    return; }
   if (subcommand === 'budget')  { cmdBudget();  return; }
   if (subcommand === 'explain') { cmdExplain(); return; }
-  if (subcommand === 'doctor')  { cmdDoctor();  return; }
+  if (subcommand === 'doctor')  { await cmdDoctorWithAuth(); return; }
   if (subcommand === 'reset')   { cmdReset();   return; }
   if (subcommand === 'repair')  { cmdRepair();  return; }
+  if (subcommand === 'auth')    { await cmdAuth(); return; }
+  if (subcommand === 'start' || subcommand === 'chat') {
+    await ensureAndLaunch(); return;
+  }
 
   // agent <template> [flags] → agent-templates.mjs --run <template> [flags]
   if (subcommand === 'agent') {
@@ -1779,16 +2246,10 @@ async function main() {
     return;
   }
 
-  // ── Bare invocation (no subcommand): quick start if already set up, else install ──
+  // ── Bare invocation (no subcommand): setup if needed, then launch ──
   if (!subcommand) {
-    const workspace = resolve(process.cwd());
-    const alreadySetUp = existsSync(join(workspace, '.claude', 'hooks'))
-      || existsSync(join(workspace, '.claude', 'settings.json'));
-    if (alreadySetUp && !flag('--force')) {
-      printQuickStart();
-      return;
-    }
-    // Not set up yet — fall through to full install/setup wizard
+    await ensureAndLaunch();
+    return;
   }
 
   if (subcommand === 'setup') {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dual-brain",
-  "version": "4.5.1",
+  "version": "4.6.0",
   "description": "Data-Tools Dual-Brain — dual-provider orchestration extension for data-tools/replit-tools. Tiered routing, budget balancing, and GPT dual-brain review across Claude + OpenAI subscriptions",
   "type": "module",
   "bin": {