github-copilot-oauth 1.0.0

package/dist/index.d.ts

@@ -0,0 +1,122 @@
+import { c as GitHubCopilotOAuthSettings, F as FetchLike, a as GitHubCopilotDeviceFlowOptions, G as GitHubCopilotDeviceFlow, C as CopilotInitiator, d as GitHubCopilotOAuthTokens, T as TokenStore, e as GitHubCopilotProviderSettings } from './types-DsdwFDV1.js';
+export { b as GitHubCopilotOAuthError } from './types-DsdwFDV1.js';
+import { ProviderV3, LanguageModelV3, EmbeddingModelV3, ImageModelV3 } from '@ai-sdk/provider';
+
+/** Return true when a chat/completions or responses JSON body contains image input. */
+declare function hasVisionInput(body: string): boolean;
+/**
+ * Create a fetch implementation that authenticates OpenAI-compatible requests
+ * with GitHub Copilot OAuth credentials.
+ */
+declare function createGitHubCopilotOAuthFetch(settings?: GitHubCopilotOAuthSettings): FetchLike;
+/** Create a small Copilot client around `createGitHubCopilotOAuthFetch`. */
+declare function createGitHubCopilotClient(settings?: GitHubCopilotOAuthSettings): Promise<{
+    baseURL: string;
+    fetch: typeof globalThis.fetch;
+    request: (path: string, init?: RequestInit) => Promise<Response>;
+}>;
+/** Route GPT-5 non-mini models to Copilot's Responses endpoint. */
+declare function isCopilotResponsesModel(modelId: string): boolean;
+
+declare const DEFAULT_GITHUB_COPILOT_CLIENT_ID = "Ov23li8tweQw6odWQebz";
+/**
+ * Start GitHub Copilot's device OAuth flow.
+ *
+ * The returned flow contains a URL and user code for authorization. Call
+ * `flow.complete()` after showing those values to poll for authorization and
+ * return the GitHub OAuth token used to mint Copilot API tokens.
+ */
+declare function startGitHubCopilotDeviceFlow(options?: GitHubCopilotDeviceFlowOptions): Promise<GitHubCopilotDeviceFlow>;
+
+/** Normalize and validate a GitHub Enterprise hostname. Returns undefined for github.com. */
+declare function normalizeEnterpriseDomain(enterpriseUrl?: string, options?: {
+    allowEnterprise?: boolean;
+}): string | undefined;
+/** Resolve the Copilot API base URL for github.com or a validated Enterprise hostname. */
+declare function copilotBase(enterpriseUrl?: string, options?: {
+    allowEnterprise?: boolean;
+}): string;
+/** Resolve the GitHub endpoint used to exchange OAuth tokens for Copilot API tokens. */
+declare function copilotTokenExchangeUrl(enterpriseUrl?: string, options?: {
+    allowEnterprise?: boolean;
+}): string;
+/** Resolve the GitHub device OAuth endpoints for github.com or Enterprise. */
+declare function githubOAuthUrls(enterpriseUrl?: string, options?: {
+    allowEnterprise?: boolean;
+}): {
+    domain: string;
+    code: string;
+    token: string;
+};
+
+declare const COPILOT_HEADERS: {
+    readonly 'User-Agent': "GitHubCopilotChat/0.35.0";
+    readonly 'Editor-Version': "vscode/1.107.0";
+    readonly 'Editor-Plugin-Version': "copilot-chat/0.35.0";
+    readonly 'Copilot-Integration-Id': "vscode-chat";
+};
+/** Build headers for Copilot chat/completions and responses requests. */
+declare function copilotHeaders(accessToken: string, options?: {
+    vision?: boolean;
+    initiator?: CopilotInitiator;
+}): {
+    'Copilot-Vision-Request'?: string | undefined;
+    Authorization: string;
+    'Openai-Intent': string;
+    'X-Initiator': CopilotInitiator;
+    'User-Agent': "GitHubCopilotChat/0.35.0";
+    'Editor-Version': "vscode/1.107.0";
+    'Editor-Plugin-Version': "copilot-chat/0.35.0";
+    'Copilot-Integration-Id': "vscode-chat";
+};
+/** Build headers for Copilot model-list requests. */
+declare function copilotModelHeaders(accessToken: string): {
+    Authorization: string;
+    'User-Agent': "GitHubCopilotChat/0.35.0";
+    'Editor-Version': "vscode/1.107.0";
+    'Editor-Plugin-Version': "copilot-chat/0.35.0";
+    'Copilot-Integration-Id': "vscode-chat";
+};
+/** Build headers for GitHub's Copilot token exchange endpoint. */
+declare function copilotTokenExchangeHeaders(githubToken: string): {
+    'User-Agent': "GitHubCopilotChat/0.35.0";
+    'Editor-Version': "vscode/1.107.0";
+    'Editor-Plugin-Version': "copilot-chat/0.35.0";
+    'Copilot-Integration-Id': "vscode-chat";
+    Accept: string;
+    Authorization: string;
+};
+
+/**
+ * Create an in-memory token store.
+ *
+ * This is useful for tests and short-lived scripts. It does not persist tokens
+ * across process restarts.
+ */
+declare function createMemoryTokenStore(initial?: GitHubCopilotOAuthTokens): TokenStore;
+
+type GitHubCopilotModelId = string;
+/** AI SDK provider for GitHub Copilot OAuth-backed language models. */
+interface GitHubCopilotProvider extends ProviderV3 {
+    (modelId: GitHubCopilotModelId): LanguageModelV3;
+    languageModel(modelId: GitHubCopilotModelId): LanguageModelV3;
+    chat(modelId: GitHubCopilotModelId): LanguageModelV3;
+    responses(modelId: GitHubCopilotModelId): LanguageModelV3;
+    embeddingModel(modelId: string): EmbeddingModelV3;
+    imageModel(modelId: string): ImageModelV3;
+}
+/** Create a Vercel AI SDK provider backed by GitHub Copilot OAuth. */
+declare function createGitHubCopilot(settings?: GitHubCopilotProviderSettings): GitHubCopilotProvider;
+
+/** Exchange a GitHub OAuth token for a short-lived GitHub Copilot API token. */
+declare function exchangeGitHubCopilotToken({ fetch, githubToken, enterpriseUrl, allowEnterprise, }: {
+    fetch: FetchLike;
+    githubToken: string;
+    enterpriseUrl?: string;
+    allowEnterprise?: boolean;
+}): Promise<{
+    token: string;
+    expiresAt: number;
+}>;
+
+export { COPILOT_HEADERS, CopilotInitiator, DEFAULT_GITHUB_COPILOT_CLIENT_ID, FetchLike, GitHubCopilotDeviceFlow, GitHubCopilotDeviceFlowOptions, type GitHubCopilotModelId, GitHubCopilotOAuthSettings, GitHubCopilotOAuthTokens, type GitHubCopilotProvider, GitHubCopilotProviderSettings, TokenStore, copilotBase, copilotHeaders, copilotModelHeaders, copilotTokenExchangeHeaders, copilotTokenExchangeUrl, createGitHubCopilot, createGitHubCopilotClient, createGitHubCopilotOAuthFetch, createMemoryTokenStore, exchangeGitHubCopilotToken, githubOAuthUrls, hasVisionInput, isCopilotResponsesModel, normalizeEnterpriseDomain, startGitHubCopilotDeviceFlow };

package/dist/index.js

@@ -0,0 +1,73 @@
+import {
+  COPILOT_HEADERS,
+  DEFAULT_GITHUB_COPILOT_CLIENT_ID,
+  GitHubCopilotOAuthError,
+  copilotBase,
+  copilotHeaders,
+  copilotModelHeaders,
+  copilotTokenExchangeHeaders,
+  copilotTokenExchangeUrl,
+  createGitHubCopilotClient,
+  createGitHubCopilotOAuthFetch,
+  createMemoryTokenStore,
+  exchangeGitHubCopilotToken,
+  githubOAuthUrls,
+  hasVisionInput,
+  isCopilotResponsesModel,
+  normalizeEnterpriseDomain,
+  startGitHubCopilotDeviceFlow
+} from "./chunk-CUD4IYWR.js";
+
+// src/provider.ts
+import { createOpenAI } from "@ai-sdk/openai";
+import { NoSuchModelError } from "@ai-sdk/provider";
+function createGitHubCopilot(settings = {}) {
+  const providerName = settings.name ?? "github-copilot";
+  const fetch = createGitHubCopilotOAuthFetch(settings);
+  const openai = createOpenAI({
+    apiKey: "oauth",
+    baseURL: settings.baseURL ?? copilotBase(settings.enterpriseUrl ?? settings.tokens?.enterpriseUrl, settings),
+    name: providerName,
+    fetch
+  });
+  const createChatModel = (modelId) => openai.chat(modelId);
+  const createResponsesModel = (modelId) => openai.responses(modelId);
+  const createLanguageModel = (modelId) => isCopilotResponsesModel(modelId) ? createResponsesModel(modelId) : createChatModel(modelId);
+  const provider = Object.assign(
+    (modelId) => createLanguageModel(modelId),
+    {
+      specificationVersion: "v3",
+      languageModel: createLanguageModel,
+      chat: createChatModel,
+      responses: createResponsesModel,
+      embeddingModel: (modelId) => {
+        throw new NoSuchModelError({ modelId, modelType: "embeddingModel" });
+      },
+      imageModel: (modelId) => {
+        throw new NoSuchModelError({ modelId, modelType: "imageModel" });
+      }
+    }
+  );
+  return provider;
+}
+export {
+  COPILOT_HEADERS,
+  DEFAULT_GITHUB_COPILOT_CLIENT_ID,
+  GitHubCopilotOAuthError,
+  copilotBase,
+  copilotHeaders,
+  copilotModelHeaders,
+  copilotTokenExchangeHeaders,
+  copilotTokenExchangeUrl,
+  createGitHubCopilot,
+  createGitHubCopilotClient,
+  createGitHubCopilotOAuthFetch,
+  createMemoryTokenStore,
+  exchangeGitHubCopilotToken,
+  githubOAuthUrls,
+  hasVisionInput,
+  isCopilotResponsesModel,
+  normalizeEnterpriseDomain,
+  startGitHubCopilotDeviceFlow
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/provider.ts"],"sourcesContent":["import { createOpenAI } from '@ai-sdk/openai';\r\nimport type { EmbeddingModelV3, ImageModelV3, LanguageModelV3, ProviderV3 } from '@ai-sdk/provider';\r\nimport { NoSuchModelError } from '@ai-sdk/provider';\r\nimport { copilotBase } from './enterprise';\r\nimport { createGitHubCopilotOAuthFetch, isCopilotResponsesModel } from './copilot-fetch';\r\nimport type { GitHubCopilotProviderSettings } from './types';\r\n\r\nexport type GitHubCopilotModelId = string;\r\n\r\n/** AI SDK provider for GitHub Copilot OAuth-backed language models. */\r\nexport interface GitHubCopilotProvider extends ProviderV3 {\r\n  (modelId: GitHubCopilotModelId): LanguageModelV3;\r\n  languageModel(modelId: GitHubCopilotModelId): LanguageModelV3;\r\n  chat(modelId: GitHubCopilotModelId): LanguageModelV3;\r\n  responses(modelId: GitHubCopilotModelId): LanguageModelV3;\r\n  embeddingModel(modelId: string): EmbeddingModelV3;\r\n  imageModel(modelId: string): ImageModelV3;\r\n}\r\n\r\n/** Create a Vercel AI SDK provider backed by GitHub Copilot OAuth. */\r\nexport function createGitHubCopilot(settings: GitHubCopilotProviderSettings = {}): GitHubCopilotProvider {\r\n  const providerName = settings.name ?? 'github-copilot';\r\n  const fetch = createGitHubCopilotOAuthFetch(settings);\r\n  const openai = createOpenAI({\r\n    apiKey: 'oauth',\r\n    baseURL: settings.baseURL ?? copilotBase(settings.enterpriseUrl ?? settings.tokens?.enterpriseUrl, settings),\r\n    name: providerName,\r\n    fetch,\r\n  });\r\n\r\n  const createChatModel = (modelId: GitHubCopilotModelId) => openai.chat(modelId as never);\r\n  const createResponsesModel = (modelId: GitHubCopilotModelId) => openai.responses(modelId as never);\r\n  // Route GPT-5+ non-mini models to the Responses endpoint for multimodal capability.\r\n  // Fall back to Chat Completions for older models.\r\n  const createLanguageModel = (modelId: GitHubCopilotModelId) =>\r\n    isCopilotResponsesModel(modelId) ? createResponsesModel(modelId) : createChatModel(modelId);\r\n  const provider: GitHubCopilotProvider = Object.assign(\r\n    (modelId: GitHubCopilotModelId) => createLanguageModel(modelId),\r\n    {\r\n      specificationVersion: 'v3' as const,\r\n      languageModel: createLanguageModel,\r\n      chat: createChatModel,\r\n      responses: createResponsesModel,\r\n      embeddingModel: (modelId: string) => {\r\n        throw new NoSuchModelError({ modelId, modelType: 'embeddingModel' });\r\n      },\r\n      imageModel: (modelId: string) => {\r\n        throw new NoSuchModelError({ modelId, modelType: 'imageModel' });\r\n      },\r\n    },\r\n  );\r\n\r\n  return provider;\r\n}\r\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,SAAS,oBAAoB;AAE7B,SAAS,wBAAwB;AAkB1B,SAAS,oBAAoB,WAA0C,CAAC,GAA0B;AACvG,QAAM,eAAe,SAAS,QAAQ;AACtC,QAAM,QAAQ,8BAA8B,QAAQ;AACpD,QAAM,SAAS,aAAa;AAAA,IAC1B,QAAQ;AAAA,IACR,SAAS,SAAS,WAAW,YAAY,SAAS,iBAAiB,SAAS,QAAQ,eAAe,QAAQ;AAAA,IAC3G,MAAM;AAAA,IACN;AAAA,EACF,CAAC;AAED,QAAM,kBAAkB,CAAC,YAAkC,OAAO,KAAK,OAAgB;AACvF,QAAM,uBAAuB,CAAC,YAAkC,OAAO,UAAU,OAAgB;AAGjG,QAAM,sBAAsB,CAAC,YAC3B,wBAAwB,OAAO,IAAI,qBAAqB,OAAO,IAAI,gBAAgB,OAAO;AAC5F,QAAM,WAAkC,OAAO;AAAA,IAC7C,CAAC,YAAkC,oBAAoB,OAAO;AAAA,IAC9D;AAAA,MACE,sBAAsB;AAAA,MACtB,eAAe;AAAA,MACf,MAAM;AAAA,MACN,WAAW;AAAA,MACX,gBAAgB,CAAC,YAAoB;AACnC,cAAM,IAAI,iBAAiB,EAAE,SAAS,WAAW,iBAAiB,CAAC;AAAA,MACrE;AAAA,MACA,YAAY,CAAC,YAAoB;AAC/B,cAAM,IAAI,iBAAiB,EAAE,SAAS,WAAW,aAAa,CAAC;AAAA,MACjE;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;","names":[]}

package/dist/proxy.d.ts

@@ -0,0 +1,20 @@
+import { F as FetchLike } from './types-DsdwFDV1.js';
+
+type GitHubCopilotProxyOptions = {
+    /** Custom fetch implementation. Defaults to global fetch. */
+    fetch?: FetchLike;
+    /** OAuth client id. Defaults to the GitHub Copilot Chat client id. */
+    clientId?: string;
+    /** Allow validated custom GitHub Enterprise hostnames. Defaults to false. */
+    allowEnterprise?: boolean;
+};
+/** Create framework-agnostic fetch handlers for browser-safe OAuth/proxy routes. */
+declare function createGitHubCopilotProxy(options?: GitHubCopilotProxyOptions): {
+    deviceCode(request: Request): Promise<Response>;
+    deviceToken(request: Request): Promise<Response>;
+    models(request: Request): Promise<Response>;
+    chatCompletions(request: Request): Promise<Response>;
+    responses(request: Request): Promise<Response>;
+};
+
+export { type GitHubCopilotProxyOptions, createGitHubCopilotProxy };

package/dist/proxy.js

@@ -0,0 +1,177 @@
+import {
+  DEFAULT_GITHUB_COPILOT_CLIENT_ID,
+  GitHubCopilotOAuthError,
+  copilotBase,
+  copilotHeaders,
+  copilotModelHeaders,
+  exchangeGitHubCopilotToken,
+  githubOAuthUrls,
+  hasVisionInput,
+  normalizeEnterpriseDomain
+} from "./chunk-CUD4IYWR.js";
+
+// src/proxy.ts
+function pickFetch(customFetch) {
+  if (typeof customFetch === "function") return customFetch;
+  if (typeof globalThis.fetch === "function") return globalThis.fetch.bind(globalThis);
+  throw new GitHubCopilotOAuthError("fetch_required", "A fetch implementation is required for GitHub Copilot proxy handlers.");
+}
+function jsonResponse(body, status) {
+  return new Response(JSON.stringify(body), {
+    status,
+    headers: {
+      "Content-Type": "application/json",
+      "Cache-Control": "no-store"
+    }
+  });
+}
+function passthroughJson(response) {
+  return new Response(response.body, {
+    status: response.status,
+    headers: {
+      "Content-Type": "application/json",
+      "Cache-Control": "no-store"
+    }
+  });
+}
+function parseBearer(value) {
+  const trimmed = value.trim();
+  if (!trimmed) return "";
+  const match = /^Bearer\s+(.+)$/i.exec(trimmed);
+  return match ? match[1].trim() : "";
+}
+function enterpriseFromRequest(request, options) {
+  const fromHeader = request.headers.get("x-copilot-enterprise-url") ?? "";
+  if (fromHeader.trim()) {
+    return normalizeEnterpriseDomain(fromHeader, options);
+  }
+  const fromQuery = new URL(request.url).searchParams.get("enterpriseUrl") ?? "";
+  if (fromQuery.trim()) {
+    return normalizeEnterpriseDomain(fromQuery, options);
+  }
+  return void 0;
+}
+function errorResponse(error) {
+  const status = error instanceof GitHubCopilotOAuthError ? error.code === "unsupported" ? 400 : error.code === "auth_failed" ? 401 : 502 : 502;
+  const message = error instanceof Error ? error.message : "GitHub Copilot request failed.";
+  return jsonResponse({ message }, status);
+}
+async function withCopilotToken(request, options, run) {
+  const fetch = pickFetch(options.fetch);
+  const refreshToken = parseBearer(request.headers.get("authorization") ?? "");
+  if (!refreshToken) {
+    return jsonResponse({ message: "Missing GitHub Copilot OAuth token." }, 401);
+  }
+  const enterpriseUrl = enterpriseFromRequest(request, options);
+  let token = refreshToken;
+  try {
+    const exchanged = await exchangeGitHubCopilotToken({
+      fetch,
+      githubToken: refreshToken,
+      enterpriseUrl,
+      allowEnterprise: options.allowEnterprise
+    });
+    token = exchanged.token;
+  } catch {
+  }
+  const primary = await run({ token, enterpriseUrl });
+  if (token !== refreshToken && (primary.status === 401 || primary.status === 403)) {
+    return run({ token: refreshToken, enterpriseUrl });
+  }
+  return primary;
+}
+function createGitHubCopilotProxy(options = {}) {
+  const fetch = pickFetch(options.fetch);
+  const clientId = options.clientId ?? DEFAULT_GITHUB_COPILOT_CLIENT_ID;
+  return {
+    async deviceCode(request) {
+      try {
+        const enterpriseUrl = enterpriseFromRequest(request, options);
+        const urls = githubOAuthUrls(enterpriseUrl, options);
+        const response = await fetch(urls.code, {
+          method: "POST",
+          headers: {
+            Accept: "application/json",
+            "Content-Type": "application/json"
+          },
+          body: JSON.stringify({
+            client_id: clientId,
+            scope: "read:user"
+          })
+        });
+        return passthroughJson(response);
+      } catch (error) {
+        return errorResponse(error);
+      }
+    },
+    async deviceToken(request) {
+      try {
+        const payload = await request.json().catch(() => ({}));
+        const enterpriseUrl = enterpriseFromRequest(request, options);
+        const urls = githubOAuthUrls(enterpriseUrl, options);
+        const response = await fetch(urls.token, {
+          method: "POST",
+          headers: {
+            Accept: "application/json",
+            "Content-Type": "application/json"
+          },
+          body: JSON.stringify({
+            client_id: clientId,
+            device_code: payload.device_code ?? "",
+            grant_type: payload.grant_type ?? "urn:ietf:params:oauth:grant-type:device_code"
+          })
+        });
+        return passthroughJson(response);
+      } catch (error) {
+        return errorResponse(error);
+      }
+    },
+    async models(request) {
+      try {
+        const upstream = await withCopilotToken(
+          request,
+          options,
+          ({ token, enterpriseUrl }) => fetch(`${copilotBase(enterpriseUrl, options)}/models`, {
+            headers: copilotModelHeaders(token)
+          })
+        );
+        return passthroughJson(upstream);
+      } catch (error) {
+        return errorResponse(error);
+      }
+    },
+    async chatCompletions(request) {
+      return proxyPost(request, "chat/completions");
+    },
+    async responses(request) {
+      return proxyPost(request, "responses");
+    }
+  };
+  async function proxyPost(request, path) {
+    const body = await request.text();
+    try {
+      const upstream = await withCopilotToken(
+        request,
+        options,
+        ({ token, enterpriseUrl }) => fetch(`${copilotBase(enterpriseUrl, options)}/${path}`, {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+            ...copilotHeaders(token, {
+              vision: hasVisionInput(body),
+              initiator: "user"
+            })
+          },
+          body
+        })
+      );
+      return passthroughJson(upstream);
+    } catch (error) {
+      return errorResponse(error);
+    }
+  }
+}
+export {
+  createGitHubCopilotProxy
+};
+//# sourceMappingURL=proxy.js.map

package/dist/proxy.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/proxy.ts"],"sourcesContent":["import { githubOAuthUrls, normalizeEnterpriseDomain, copilotBase } from './enterprise';\r\nimport { copilotHeaders, copilotModelHeaders } from './headers';\r\nimport { exchangeGitHubCopilotToken } from './token-exchange';\r\nimport { DEFAULT_GITHUB_COPILOT_CLIENT_ID } from './device-flow';\r\nimport { GitHubCopilotOAuthError, type FetchLike } from './types';\r\nimport { hasVisionInput } from './copilot-fetch';\r\n\r\nexport type GitHubCopilotProxyOptions = {\r\n  /** Custom fetch implementation. Defaults to global fetch. */\r\n  fetch?: FetchLike;\r\n  /** OAuth client id. Defaults to the GitHub Copilot Chat client id. */\r\n  clientId?: string;\r\n  /** Allow validated custom GitHub Enterprise hostnames. Defaults to false. */\r\n  allowEnterprise?: boolean;\r\n};\r\n\r\nfunction pickFetch(customFetch?: FetchLike): FetchLike {\r\n  if (typeof customFetch === 'function') return customFetch;\r\n  if (typeof globalThis.fetch === 'function') return globalThis.fetch.bind(globalThis);\r\n  throw new GitHubCopilotOAuthError('fetch_required', 'A fetch implementation is required for GitHub Copilot proxy handlers.');\r\n}\r\n\r\nfunction jsonResponse(body: unknown, status: number): Response {\r\n  return new Response(JSON.stringify(body), {\r\n    status,\r\n    headers: {\r\n      'Content-Type': 'application/json',\r\n      'Cache-Control': 'no-store',\r\n    },\r\n  });\r\n}\r\n\r\nfunction passthroughJson(response: Response): Response {\r\n  return new Response(response.body, {\r\n    status: response.status,\r\n    headers: {\r\n      'Content-Type': 'application/json',\r\n      'Cache-Control': 'no-store',\r\n    },\r\n  });\r\n}\r\n\r\n// Extracts token from Authorization header. Rejects non-Bearer schemes.\r\nfunction parseBearer(value: string): string {\r\n  const trimmed = value.trim();\r\n  if (!trimmed) return '';\r\n  const match = /^Bearer\\s+(.+)$/i.exec(trimmed);\r\n  return match ? match[1].trim() : '';\r\n}\r\n\r\n// Extracts enterprise URL from request: header > query param > undefined.\r\nfunction enterpriseFromRequest(request: Request, options: GitHubCopilotProxyOptions): string | undefined {\r\n  const fromHeader = request.headers.get('x-copilot-enterprise-url') ?? '';\r\n  if (fromHeader.trim()) {\r\n    return normalizeEnterpriseDomain(fromHeader, options);\r\n  }\r\n\r\n  const fromQuery = new URL(request.url).searchParams.get('enterpriseUrl') ?? '';\r\n  if (fromQuery.trim()) {\r\n    return normalizeEnterpriseDomain(fromQuery, options);\r\n  }\r\n\r\n  return undefined;\r\n}\r\n\r\nfunction errorResponse(error: unknown): Response {\r\n  const status = error instanceof GitHubCopilotOAuthError\r\n    ? error.code === 'unsupported'\r\n      ? 400\r\n      : error.code === 'auth_failed'\r\n        ? 401\r\n        : 502\r\n    : 502;\r\n  const message = error instanceof Error ? error.message : 'GitHub Copilot request failed.';\r\n  return jsonResponse({ message }, status);\r\n}\r\n\r\n// Exchanges GitHub token for Copilot token, then calls `run`. Falls back to the\r\n// original GitHub token on 401/403 if exchange succeeded (allows Copilot API retry).\r\nasync function withCopilotToken(\r\n  request: Request,\r\n  options: GitHubCopilotProxyOptions,\r\n  run: (input: { token: string; enterpriseUrl?: string }) => Promise<Response>,\r\n): Promise<Response> {\r\n  const fetch = pickFetch(options.fetch);\r\n  const refreshToken = parseBearer(request.headers.get('authorization') ?? '');\r\n  if (!refreshToken) {\r\n    return jsonResponse({ message: 'Missing GitHub Copilot OAuth token.' }, 401);\r\n  }\r\n\r\n  const enterpriseUrl = enterpriseFromRequest(request, options);\r\n  let token = refreshToken;\r\n\r\n  try {\r\n    const exchanged = await exchangeGitHubCopilotToken({\r\n      fetch,\r\n      githubToken: refreshToken,\r\n      enterpriseUrl,\r\n      allowEnterprise: options.allowEnterprise,\r\n    });\r\n    token = exchanged.token;\r\n  } catch {\r\n  }\r\n\r\n  const primary = await run({ token, enterpriseUrl });\r\n  if (token !== refreshToken && (primary.status === 401 || primary.status === 403)) {\r\n    return run({ token: refreshToken, enterpriseUrl });\r\n  }\r\n\r\n  return primary;\r\n}\r\n\r\n/** Create framework-agnostic fetch handlers for browser-safe OAuth/proxy routes. */\r\nexport function createGitHubCopilotProxy(options: GitHubCopilotProxyOptions = {}) {\r\n  const fetch = pickFetch(options.fetch);\r\n  const clientId = options.clientId ?? DEFAULT_GITHUB_COPILOT_CLIENT_ID;\r\n\r\n  return {\r\n    async deviceCode(request: Request): Promise<Response> {\r\n      try {\r\n        const enterpriseUrl = enterpriseFromRequest(request, options);\r\n        const urls = githubOAuthUrls(enterpriseUrl, options);\r\n        const response = await fetch(urls.code, {\r\n          method: 'POST',\r\n          headers: {\r\n            Accept: 'application/json',\r\n            'Content-Type': 'application/json',\r\n          },\r\n          body: JSON.stringify({\r\n            client_id: clientId,\r\n            scope: 'read:user',\r\n          }),\r\n        });\r\n        return passthroughJson(response);\r\n      } catch (error) {\r\n        return errorResponse(error);\r\n      }\r\n    },\r\n\r\n    async deviceToken(request: Request): Promise<Response> {\r\n      try {\r\n        const payload = (await request.json().catch(() => ({}))) as { device_code?: string; grant_type?: string };\r\n        const enterpriseUrl = enterpriseFromRequest(request, options);\r\n        const urls = githubOAuthUrls(enterpriseUrl, options);\r\n        const response = await fetch(urls.token, {\r\n          method: 'POST',\r\n          headers: {\r\n            Accept: 'application/json',\r\n            'Content-Type': 'application/json',\r\n          },\r\n          body: JSON.stringify({\r\n            client_id: clientId,\r\n            device_code: payload.device_code ?? '',\r\n            grant_type: payload.grant_type ?? 'urn:ietf:params:oauth:grant-type:device_code',\r\n          }),\r\n        });\r\n        return passthroughJson(response);\r\n      } catch (error) {\r\n        return errorResponse(error);\r\n      }\r\n    },\r\n\r\n    async models(request: Request): Promise<Response> {\r\n      try {\r\n        const upstream = await withCopilotToken(request, options, ({ token, enterpriseUrl }) =>\r\n          fetch(`${copilotBase(enterpriseUrl, options)}/models`, {\r\n            headers: copilotModelHeaders(token),\r\n          }),\r\n        );\r\n        return passthroughJson(upstream);\r\n      } catch (error) {\r\n        return errorResponse(error);\r\n      }\r\n    },\r\n\r\n    async chatCompletions(request: Request): Promise<Response> {\r\n      return proxyPost(request, 'chat/completions');\r\n    },\r\n\r\n    async responses(request: Request): Promise<Response> {\r\n      return proxyPost(request, 'responses');\r\n    },\r\n  };\r\n\r\n  async function proxyPost(request: Request, path: 'chat/completions' | 'responses'): Promise<Response> {\r\n    const body = await request.text();\r\n    try {\r\n      const upstream = await withCopilotToken(request, options, ({ token, enterpriseUrl }) =>\r\n        fetch(`${copilotBase(enterpriseUrl, options)}/${path}`, {\r\n          method: 'POST',\r\n          headers: {\r\n            'Content-Type': 'application/json',\r\n            ...copilotHeaders(token, {\r\n              vision: hasVisionInput(body),\r\n              initiator: 'user',\r\n            }),\r\n          },\r\n          body,\r\n        }),\r\n      );\r\n      return passthroughJson(upstream);\r\n    } catch (error) {\r\n      return errorResponse(error);\r\n    }\r\n  }\r\n}\r\n"],"mappings":";;;;;;;;;;;;;AAgBA,SAAS,UAAU,aAAoC;AACrD,MAAI,OAAO,gBAAgB,WAAY,QAAO;AAC9C,MAAI,OAAO,WAAW,UAAU,WAAY,QAAO,WAAW,MAAM,KAAK,UAAU;AACnF,QAAM,IAAI,wBAAwB,kBAAkB,uEAAuE;AAC7H;AAEA,SAAS,aAAa,MAAe,QAA0B;AAC7D,SAAO,IAAI,SAAS,KAAK,UAAU,IAAI,GAAG;AAAA,IACxC;AAAA,IACA,SAAS;AAAA,MACP,gBAAgB;AAAA,MAChB,iBAAiB;AAAA,IACnB;AAAA,EACF,CAAC;AACH;AAEA,SAAS,gBAAgB,UAA8B;AACrD,SAAO,IAAI,SAAS,SAAS,MAAM;AAAA,IACjC,QAAQ,SAAS;AAAA,IACjB,SAAS;AAAA,MACP,gBAAgB;AAAA,MAChB,iBAAiB;AAAA,IACnB;AAAA,EACF,CAAC;AACH;AAGA,SAAS,YAAY,OAAuB;AAC1C,QAAM,UAAU,MAAM,KAAK;AAC3B,MAAI,CAAC,QAAS,QAAO;AACrB,QAAM,QAAQ,mBAAmB,KAAK,OAAO;AAC7C,SAAO,QAAQ,MAAM,CAAC,EAAE,KAAK,IAAI;AACnC;AAGA,SAAS,sBAAsB,SAAkB,SAAwD;AACvG,QAAM,aAAa,QAAQ,QAAQ,IAAI,0BAA0B,KAAK;AACtE,MAAI,WAAW,KAAK,GAAG;AACrB,WAAO,0BAA0B,YAAY,OAAO;AAAA,EACtD;AAEA,QAAM,YAAY,IAAI,IAAI,QAAQ,GAAG,EAAE,aAAa,IAAI,eAAe,KAAK;AAC5E,MAAI,UAAU,KAAK,GAAG;AACpB,WAAO,0BAA0B,WAAW,OAAO;AAAA,EACrD;AAEA,SAAO;AACT;AAEA,SAAS,cAAc,OAA0B;AAC/C,QAAM,SAAS,iBAAiB,0BAC5B,MAAM,SAAS,gBACb,MACA,MAAM,SAAS,gBACb,MACA,MACJ;AACJ,QAAM,UAAU,iBAAiB,QAAQ,MAAM,UAAU;AACzD,SAAO,aAAa,EAAE,QAAQ,GAAG,MAAM;AACzC;AAIA,eAAe,iBACb,SACA,SACA,KACmB;AACnB,QAAM,QAAQ,UAAU,QAAQ,KAAK;AACrC,QAAM,eAAe,YAAY,QAAQ,QAAQ,IAAI,eAAe,KAAK,EAAE;AAC3E,MAAI,CAAC,cAAc;AACjB,WAAO,aAAa,EAAE,SAAS,sCAAsC,GAAG,GAAG;AAAA,EAC7E;AAEA,QAAM,gBAAgB,sBAAsB,SAAS,OAAO;AAC5D,MAAI,QAAQ;AAEZ,MAAI;AACF,UAAM,YAAY,MAAM,2BAA2B;AAAA,MACjD;AAAA,MACA,aAAa;AAAA,MACb;AAAA,MACA,iBAAiB,QAAQ;AAAA,IAC3B,CAAC;AACD,YAAQ,UAAU;AAAA,EACpB,QAAQ;AAAA,EACR;AAEA,QAAM,UAAU,MAAM,IAAI,EAAE,OAAO,cAAc,CAAC;AAClD,MAAI,UAAU,iBAAiB,QAAQ,WAAW,OAAO,QAAQ,WAAW,MAAM;AAChF,WAAO,IAAI,EAAE,OAAO,cAAc,cAAc,CAAC;AAAA,EACnD;AAEA,SAAO;AACT;AAGO,SAAS,yBAAyB,UAAqC,CAAC,GAAG;AAChF,QAAM,QAAQ,UAAU,QAAQ,KAAK;AACrC,QAAM,WAAW,QAAQ,YAAY;AAErC,SAAO;AAAA,IACL,MAAM,WAAW,SAAqC;AACpD,UAAI;AACF,cAAM,gBAAgB,sBAAsB,SAAS,OAAO;AAC5D,cAAM,OAAO,gBAAgB,eAAe,OAAO;AACnD,cAAM,WAAW,MAAM,MAAM,KAAK,MAAM;AAAA,UACtC,QAAQ;AAAA,UACR,SAAS;AAAA,YACP,QAAQ;AAAA,YACR,gBAAgB;AAAA,UAClB;AAAA,UACA,MAAM,KAAK,UAAU;AAAA,YACnB,WAAW;AAAA,YACX,OAAO;AAAA,UACT,CAAC;AAAA,QACH,CAAC;AACD,eAAO,gBAAgB,QAAQ;AAAA,MACjC,SAAS,OAAO;AACd,eAAO,cAAc,KAAK;AAAA,MAC5B;AAAA,IACF;AAAA,IAEA,MAAM,YAAY,SAAqC;AACrD,UAAI;AACF,cAAM,UAAW,MAAM,QAAQ,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,cAAM,gBAAgB,sBAAsB,SAAS,OAAO;AAC5D,cAAM,OAAO,gBAAgB,eAAe,OAAO;AACnD,cAAM,WAAW,MAAM,MAAM,KAAK,OAAO;AAAA,UACvC,QAAQ;AAAA,UACR,SAAS;AAAA,YACP,QAAQ;AAAA,YACR,gBAAgB;AAAA,UAClB;AAAA,UACA,MAAM,KAAK,UAAU;AAAA,YACnB,WAAW;AAAA,YACX,aAAa,QAAQ,eAAe;AAAA,YACpC,YAAY,QAAQ,cAAc;AAAA,UACpC,CAAC;AAAA,QACH,CAAC;AACD,eAAO,gBAAgB,QAAQ;AAAA,MACjC,SAAS,OAAO;AACd,eAAO,cAAc,KAAK;AAAA,MAC5B;AAAA,IACF;AAAA,IAEA,MAAM,OAAO,SAAqC;AAChD,UAAI;AACF,cAAM,WAAW,MAAM;AAAA,UAAiB;AAAA,UAAS;AAAA,UAAS,CAAC,EAAE,OAAO,cAAc,MAChF,MAAM,GAAG,YAAY,eAAe,OAAO,CAAC,WAAW;AAAA,YACrD,SAAS,oBAAoB,KAAK;AAAA,UACpC,CAAC;AAAA,QACH;AACA,eAAO,gBAAgB,QAAQ;AAAA,MACjC,SAAS,OAAO;AACd,eAAO,cAAc,KAAK;AAAA,MAC5B;AAAA,IACF;AAAA,IAEA,MAAM,gBAAgB,SAAqC;AACzD,aAAO,UAAU,SAAS,kBAAkB;AAAA,IAC9C;AAAA,IAEA,MAAM,UAAU,SAAqC;AACnD,aAAO,UAAU,SAAS,WAAW;AAAA,IACvC;AAAA,EACF;AAEA,iBAAe,UAAU,SAAkB,MAA2D;AACpG,UAAM,OAAO,MAAM,QAAQ,KAAK;AAChC,QAAI;AACF,YAAM,WAAW,MAAM;AAAA,QAAiB;AAAA,QAAS;AAAA,QAAS,CAAC,EAAE,OAAO,cAAc,MAChF,MAAM,GAAG,YAAY,eAAe,OAAO,CAAC,IAAI,IAAI,IAAI;AAAA,UACtD,QAAQ;AAAA,UACR,SAAS;AAAA,YACP,gBAAgB;AAAA,YAChB,GAAG,eAAe,OAAO;AAAA,cACvB,QAAQ,eAAe,IAAI;AAAA,cAC3B,WAAW;AAAA,YACb,CAAC;AAAA,UACH;AAAA,UACA;AAAA,QACF,CAAC;AAAA,MACH;AACA,aAAO,gBAAgB,QAAQ;AAAA,IACjC,SAAS,OAAO;AACd,aAAO,cAAc,KAAK;AAAA,IAC5B;AAAA,EACF;AACF;","names":[]}

package/dist/types-DsdwFDV1.d.ts

@@ -0,0 +1,88 @@
+type FetchLike = typeof globalThis.fetch;
+/** GitHub OAuth credentials plus optional short-lived Copilot API token. Treat these as account credentials. */
+type GitHubCopilotOAuthTokens = {
+    /** GitHub OAuth access token returned by the device flow. Used to mint Copilot API tokens. */
+    githubToken: string;
+    /** Short-lived token returned by GitHub's Copilot token exchange endpoint. */
+    copilotToken?: string;
+    /** Copilot API token expiry as epoch milliseconds. */
+    copilotTokenExpiresAt?: number;
+    /** Optional validated GitHub Enterprise hostname. Omitted for github.com. */
+    enterpriseUrl?: string;
+};
+/** Async storage interface for loading and persisting GitHub Copilot OAuth credentials. */
+type TokenStore = {
+    /** Load the latest credentials. Return `undefined` when the user is not signed in. */
+    load(): Promise<GitHubCopilotOAuthTokens | undefined>;
+    /** Persist credentials after sign-in or Copilot token exchange. */
+    save(tokens: GitHubCopilotOAuthTokens): Promise<void>;
+};
+/** In-progress GitHub Copilot device authorization flow. */
+type GitHubCopilotDeviceFlow = {
+    providerId: 'github-copilot';
+    /** URL the user should open to authorize the device flow. */
+    url: string;
+    /** User code to enter on the authorization page. */
+    code: string;
+    /** Human-readable instruction string for command-line or app UI. */
+    instructions: string;
+    /** Poll until authorization completes and return GitHub OAuth credentials. */
+    complete(): Promise<GitHubCopilotOAuthTokens>;
+};
+/** Options for starting GitHub Copilot's device OAuth flow. */
+type GitHubCopilotDeviceFlowOptions = {
+    /** Custom fetch implementation, useful for tests and non-standard runtimes. */
+    fetch?: FetchLike;
+    /** Sleep override used between polling attempts. */
+    sleep?: (ms: number) => Promise<void>;
+    /** OAuth client id. Defaults to the GitHub Copilot Chat client id. */
+    clientId?: string;
+    /** Optional GitHub Enterprise hostname. Custom hosts require `allowEnterprise: true`. */
+    enterpriseUrl?: string;
+    /** Allow validated custom GitHub Enterprise hostnames. Defaults to false. */
+    allowEnterprise?: boolean;
+    /** Optional store that receives credentials after successful authorization. */
+    tokenStore?: TokenStore;
+};
+/** Shared settings for Copilot fetch and AI SDK provider creation. */
+type GitHubCopilotOAuthSettings = {
+    /** Custom fetch implementation for both token exchange and Copilot API requests. */
+    fetch?: FetchLike;
+    /** Secure token storage used to load and save exchanged Copilot tokens. */
+    tokenStore?: TokenStore;
+    /** Inline tokens for scripts/tests. Prefer `tokenStore` for production apps. */
+    tokens?: GitHubCopilotOAuthTokens;
+    /** Optional GitHub Enterprise hostname. Custom hosts require `allowEnterprise: true`. */
+    enterpriseUrl?: string;
+    /** Allow validated custom GitHub Enterprise hostnames. Defaults to false. */
+    allowEnterprise?: boolean;
+    /** Copilot API base URL override. Defaults to GitHub's public Copilot API. */
+    baseURL?: string;
+    /** Browser proxy base URL for Copilot API requests. Defaults to `/api/proxy/github-copilot` in browsers. Pass `false` to disable. */
+    browserProxyBaseUrl?: string | false;
+    /** Additional headers sent to the Copilot API before Copilot auth headers are applied. */
+    headers?: Record<string, string>;
+    /** `X-Initiator` header. Defaults to `user`. */
+    initiator?: CopilotInitiator;
+    /** Force `Copilot-Vision-Request` on or off. When omitted, image inputs are detected from JSON bodies. */
+    vision?: boolean;
+    /** Refresh Copilot API token this many milliseconds before expiry. */
+    tokenRefreshMarginMs?: number;
+    /** Allow fallback to the GitHub OAuth token if Copilot token exchange fails or gets 401/403. Defaults to true. */
+    fallbackToGitHubToken?: boolean;
+    /** Called after a successful Copilot token exchange. */
+    onTokens?: (tokens: GitHubCopilotOAuthTokens) => void | Promise<void>;
+};
+/** Settings for the AI SDK provider factory. */
+type GitHubCopilotProviderSettings = GitHubCopilotOAuthSettings & {
+    /** Provider name exposed to AI SDK telemetry and metadata. */
+    name?: string;
+};
+type CopilotInitiator = 'user' | 'agent';
+/** Error class used for OAuth, token, and credential setup failures. */
+declare class GitHubCopilotOAuthError extends Error {
+    readonly code: string;
+    constructor(code: string, message: string, options?: ErrorOptions);
+}
+
+export { type CopilotInitiator as C, type FetchLike as F, type GitHubCopilotDeviceFlow as G, type TokenStore as T, type GitHubCopilotDeviceFlowOptions as a, GitHubCopilotOAuthError as b, type GitHubCopilotOAuthSettings as c, type GitHubCopilotOAuthTokens as d, type GitHubCopilotProviderSettings as e };

package/package.json

@@ -0,0 +1,71 @@
+{
+  "name": "github-copilot-oauth",
+  "version": "1.0.0",
+  "description": "GitHub Copilot OAuth provider and token helpers for the Vercel AI SDK.",
+  "author": "respectmathias",
+  "type": "module",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/RespectMathias/github-copilot-oauth.git"
+  },
+  "bugs": {
+    "url": "https://github.com/RespectMathias/github-copilot-oauth/issues"
+  },
+  "homepage": "https://github.com/RespectMathias/github-copilot-oauth#readme",
+  "sideEffects": false,
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE",
+    "NOTICE"
+  ],
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "default": "./dist/index.js"
+    },
+    "./proxy": {
+      "types": "./dist/proxy.d.ts",
+      "import": "./dist/proxy.js",
+      "default": "./dist/proxy.js"
+    },
+    "./package.json": "./package.json"
+  },
+  "scripts": {
+    "build": "tsup --tsconfig tsconfig.json",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run"
+  },
+  "peerDependencies": {
+    "@ai-sdk/openai": ">=3.0.0",
+    "@ai-sdk/provider": ">=3.0.0",
+    "ai": ">=6.0.0"
+  },
+  "devDependencies": {
+    "@ai-sdk/openai": "^3.0.64",
+    "@ai-sdk/provider": "^3.0.10",
+    "@types/node": "^20.17.24",
+    "ai": "^6.0.184",
+    "tsup": "^8.5.0",
+    "typescript": "^5.8.3",
+    "vitest": "^4.1.5"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "publishConfig": {
+    "provenance": false
+  },
+  "keywords": [
+    "ai-sdk",
+    "github",
+    "copilot",
+    "oauth",
+    "vercel",
+    "openai-compatible"
+  ]
+}