hedgequantx 2.5.22 → 2.5.24

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hedgequantx",
-  "version": "2.5.22",
+  "version": "2.5.24",
   "description": "HedgeQuantX - Prop Futures Trading CLI",
   "main": "src/app.js",
   "bin": {

package/src/menus/ai-agent.js

@@ -11,6 +11,7 @@ const { prompts } = require('../utils');
 const aiService = require('../services/ai');
 const { getCategories, getProvidersByCategory } = require('../services/ai/providers');
 const tokenScanner = require('../services/ai/token-scanner');
+const oauthAnthropic = require('../services/ai/oauth-anthropic');
 
 /**
  * Main AI Agent menu
@@ -494,14 +495,39 @@ const showExistingTokens = async () => {
       return await showExistingTokens();
     }
     
-    // Add as new agent
-    const model = provider.defaultModel;
+    spinner.text = 'FETCHING AVAILABLE MODELS...';
+    
+    // Fetch models from API with the token
+    const { fetchAnthropicModels, fetchOpenAIModels } = require('../services/ai/client');
+    
+    let models = null;
+    if (selectedToken.provider === 'anthropic') {
+      models = await fetchAnthropicModels(credentials.apiKey);
+    } else {
+      models = await fetchOpenAIModels(provider.endpoint, credentials.apiKey);
+    }
+    
+    if (!models || models.length === 0) {
+      spinner.fail('COULD NOT FETCH MODELS FROM API');
+      await prompts.waitForEnter();
+      return await showExistingTokens();
+    }
+    
+    spinner.succeed(`FOUND ${models.length} MODELS`);
+    
+    // Let user select model
+    const selectedModel = await selectModelFromList(models, provider.name);
+    if (!selectedModel) {
+      return await showExistingTokens();
+    }
+    
+    // Add agent with selected model
     const agentName = `${provider.name} (${selectedToken.source})`;
-    await aiService.addAgent(selectedToken.provider, 'api_key', credentials, model, agentName);
+    await aiService.addAgent(selectedToken.provider, 'api_key', credentials, selectedModel, agentName);
     
-    spinner.succeed(`AGENT ADDED: ${provider.name}`);
+    console.log(chalk.green(`\n  AGENT ADDED: ${provider.name}`));
     console.log(chalk.gray(`  SOURCE: ${selectedToken.source}`));
-    console.log(chalk.gray(`  MODEL: ${model}`));
+    console.log(chalk.gray(`  MODEL: ${selectedModel}`));
     
     await prompts.waitForEnter();
     return await aiAgentMenu();
@@ -820,10 +846,135 @@ const getCredentialInstructions = (provider, option, field) => {
   return instructions[field] || { title: field.toUpperCase(), steps: [] };
 };
 
+/**
+ * Setup OAuth connection for Anthropic Claude Pro/Max
+ */
+const setupOAuthConnection = async (provider) => {
+  const boxWidth = getLogoWidth();
+  const W = boxWidth - 2;
+  
+  const makeLine = (content) => {
+    const plainLen = content.replace(/\x1b\[[0-9;]*m/g, '').length;
+    const padding = W - plainLen;
+    return chalk.cyan('║') + ' ' + content + ' '.repeat(Math.max(0, padding - 1)) + chalk.cyan('║');
+  };
+  
+  console.clear();
+  displayBanner();
+  drawBoxHeaderContinue('CLAUDE PRO/MAX LOGIN', boxWidth);
+  
+  console.log(makeLine(chalk.yellow('OAUTH AUTHENTICATION')));
+  console.log(makeLine(''));
+  console.log(makeLine(chalk.white('1. A BROWSER WINDOW WILL OPEN')));
+  console.log(makeLine(chalk.white('2. LOGIN WITH YOUR CLAUDE ACCOUNT')));
+  console.log(makeLine(chalk.white('3. COPY THE AUTHORIZATION CODE')));
+  console.log(makeLine(chalk.white('4. PASTE IT HERE')));
+  console.log(makeLine(''));
+  console.log(makeLine(chalk.gray('OPENING BROWSER IN 3 SECONDS...')));
+  
+  drawBoxFooter(boxWidth);
+  
+  // Generate OAuth URL
+  const { url, verifier } = oauthAnthropic.authorize('max');
+  
+  // Wait a moment then open browser
+  await new Promise(resolve => setTimeout(resolve, 3000));
+  openBrowser(url);
+  
+  // Redraw with code input
+  console.clear();
+  displayBanner();
+  drawBoxHeaderContinue('CLAUDE PRO/MAX LOGIN', boxWidth);
+  
+  console.log(makeLine(chalk.green('BROWSER OPENED')));
+  console.log(makeLine(''));
+  console.log(makeLine(chalk.white('AFTER LOGGING IN, YOU WILL SEE A CODE')));
+  console.log(makeLine(chalk.white('COPY THE ENTIRE CODE AND PASTE IT BELOW')));
+  console.log(makeLine(''));
+  console.log(makeLine(chalk.gray('THE CODE LOOKS LIKE: abc123...#xyz789...')));
+  console.log(makeLine(''));
+  console.log(makeLine(chalk.gray('TYPE < TO CANCEL')));
+  
+  drawBoxFooter(boxWidth);
+  console.log();
+  
+  const code = await prompts.textInput(chalk.cyan('PASTE AUTHORIZATION CODE:'));
+  
+  if (!code || code === '<') {
+    return await selectProviderOption(provider);
+  }
+  
+  // Exchange code for tokens
+  const spinner = ora({ text: 'EXCHANGING CODE FOR TOKENS...', color: 'cyan' }).start();
+  
+  const result = await oauthAnthropic.exchange(code.trim(), verifier);
+  
+  if (result.type === 'failed') {
+    spinner.fail(`AUTHENTICATION FAILED: ${result.error || 'Invalid code'}`);
+    await prompts.waitForEnter();
+    return await selectProviderOption(provider);
+  }
+  
+  spinner.text = 'FETCHING AVAILABLE MODELS...';
+  
+  // Store OAuth credentials
+  const credentials = {
+    oauth: {
+      access: result.access,
+      refresh: result.refresh,
+      expires: result.expires
+    }
+  };
+  
+  // Fetch models using OAuth token
+  const { fetchAnthropicModelsOAuth } = require('../services/ai/client');
+  const models = await fetchAnthropicModelsOAuth(result.access);
+  
+  if (!models || models.length === 0) {
+    // Use default models if API doesn't return list
+    spinner.warn('COULD NOT FETCH MODEL LIST, USING DEFAULTS');
+  } else {
+    spinner.succeed(`FOUND ${models.length} MODELS`);
+  }
+  
+  // Let user select model
+  const availableModels = models && models.length > 0 ? models : [
+    'claude-sonnet-4-20250514',
+    'claude-sonnet-4-5-20250514',
+    'claude-3-5-sonnet-20241022',
+    'claude-3-5-haiku-20241022',
+    'claude-3-opus-20240229'
+  ];
+  
+  const selectedModel = await selectModelFromList(availableModels, 'CLAUDE PRO/MAX');
+  if (!selectedModel) {
+    return await selectProviderOption(provider);
+  }
+  
+  // Add agent with OAuth credentials
+  try {
+    await aiService.addAgent('anthropic', 'oauth_max', credentials, selectedModel, 'Claude Pro/Max');
+    
+    console.log(chalk.green('\n  CONNECTED TO CLAUDE PRO/MAX'));
+    console.log(chalk.gray(`  MODEL: ${selectedModel}`));
+    console.log(chalk.gray('  UNLIMITED USAGE WITH YOUR SUBSCRIPTION'));
+  } catch (error) {
+    console.log(chalk.red(`\n  FAILED TO SAVE: ${error.message}`));
+  }
+  
+  await prompts.waitForEnter();
+  return await aiAgentMenu();
+};
+
 /**
  * Setup connection with credentials
  */
 const setupConnection = async (provider, option) => {
+  // Handle OAuth flow separately
+  if (option.authType === 'oauth') {
+    return await setupOAuthConnection(provider);
+  }
+  
   const boxWidth = getLogoWidth();
   const W = boxWidth - 2;
   
@@ -942,8 +1093,67 @@ const setupConnection = async (provider, option) => {
   return await aiAgentMenu();
 };
 
+/**
+ * Select model from a list (used when adding new agent)
+ * @param {Array} models - Array of model IDs from API
+ * @param {string} providerName - Provider name for display
+ * @returns {string|null} Selected model ID or null if cancelled
+ * 
+ * Data source: models array comes from provider API (/v1/models)
+ */
+const selectModelFromList = async (models, providerName) => {
+  const boxWidth = getLogoWidth();
+  const W = boxWidth - 2;
+  
+  const makeLine = (content) => {
+    const plainLen = content.replace(/\x1b\[[0-9;]*m/g, '').length;
+    const padding = W - plainLen;
+    return chalk.cyan('║') + ' ' + content + ' '.repeat(Math.max(0, padding - 1)) + chalk.cyan('║');
+  };
+  
+  console.clear();
+  displayBanner();
+  drawBoxHeaderContinue(`SELECT MODEL - ${providerName}`, boxWidth);
+  
+  if (!models || models.length === 0) {
+    console.log(makeLine(chalk.red('NO MODELS AVAILABLE')));
+    console.log(makeLine(chalk.gray('[<] BACK')));
+    drawBoxFooter(boxWidth);
+    await prompts.waitForEnter();
+    return null;
+  }
+  
+  // Sort models (newest first)
+  const sortedModels = [...models].sort((a, b) => b.localeCompare(a));
+  
+  // Display models from API
+  sortedModels.forEach((model, index) => {
+    const displayModel = model.length > W - 10 ? model.substring(0, W - 13) + '...' : model;
+    console.log(makeLine(chalk.cyan(`[${index + 1}] ${displayModel}`)));
+  });
+  
+  console.log(makeLine(''));
+  console.log(makeLine(chalk.gray('[<] BACK')));
+  
+  drawBoxFooter(boxWidth);
+  
+  const choice = await prompts.textInput(chalk.cyan('SELECT MODEL:'));
+  
+  if (choice === '<' || choice?.toLowerCase() === 'b') {
+    return null;
+  }
+  
+  const index = parseInt(choice) - 1;
+  if (isNaN(index) || index < 0 || index >= sortedModels.length) {
+    return await selectModelFromList(models, providerName);
+  }
+  
+  return sortedModels[index];
+};
+
 /**
  * Select/change model for an agent
+ * Fetches available models from the provider's API
  */
 const selectModel = async (agent) => {
   const boxWidth = getLogoWidth();
@@ -959,26 +1169,44 @@ const selectModel = async (agent) => {
   displayBanner();
   drawBoxHeaderContinue(`SELECT MODEL - ${agent.name}`, boxWidth);
   
-  const models = agent.provider?.models || [];
+  console.log(makeLine(chalk.gray('FETCHING AVAILABLE MODELS FROM API...')));
+  drawBoxFooter(boxWidth);
+  
+  // Fetch models from real API
+  const { fetchAnthropicModels, fetchOpenAIModels } = require('../services/ai/client');
+  
+  let models = null;
+  const agentCredentials = aiService.getAgentCredentials(agent.id);
+  
+  if (agent.providerId === 'anthropic') {
+    models = await fetchAnthropicModels(agentCredentials?.apiKey);
+  } else {
+    // OpenAI-compatible providers
+    const endpoint = agentCredentials?.endpoint || agent.provider?.endpoint;
+    models = await fetchOpenAIModels(endpoint, agentCredentials?.apiKey);
+  }
   
-  if (models.length === 0) {
-    console.log(makeLine(chalk.gray('NO PREDEFINED MODELS. ENTER MODEL NAME MANUALLY.')));
+  // Redraw with results
+  console.clear();
+  displayBanner();
+  drawBoxHeaderContinue(`SELECT MODEL - ${agent.name}`, boxWidth);
+  
+  if (!models || models.length === 0) {
+    console.log(makeLine(chalk.red('COULD NOT FETCH MODELS FROM API')));
+    console.log(makeLine(chalk.gray('Check your API key or network connection.')));
     console.log(makeLine(''));
     console.log(makeLine(chalk.gray('[<] BACK')));
     drawBoxFooter(boxWidth);
     
-    const model = await prompts.textInput('ENTER MODEL NAME (OR < TO GO BACK):');
-    if (!model || model === '<') {
-      return await aiAgentMenu();
-    }
-    aiService.updateAgent(agent.id, { model });
-    console.log(chalk.green(`\n  MODEL CHANGED TO: ${model}`));
     await prompts.waitForEnter();
     return await aiAgentMenu();
   }
   
+  // Sort models (newest first typically)
+  models.sort((a, b) => b.localeCompare(a));
+  
+  // Display models from API
   models.forEach((model, index) => {
-    // Truncate long model names
     const displayModel = model.length > W - 10 ? model.substring(0, W - 13) + '...' : model;
     const currentMarker = model === agent.model ? chalk.yellow(' (CURRENT)') : '';
     console.log(makeLine(chalk.cyan(`[${index + 1}] ${displayModel}`) + currentMarker));
@@ -995,22 +1223,6 @@ const selectModel = async (agent) => {
     return await aiAgentMenu();
   }
   
-  // Custom model option
-  if (choice?.toLowerCase() === 'c') {
-    console.log(chalk.gray('\n  Enter any model name supported by your provider.'));
-    console.log(chalk.gray('  Examples: claude-opus-4-20250514, gpt-4o-2024-11-20, etc.\n'));
-    
-    const customModel = await prompts.textInput(chalk.cyan('ENTER MODEL NAME:'));
-    if (!customModel || customModel === '<') {
-      return await selectModel(agent);
-    }
-    
-    aiService.updateAgent(agent.id, { model: customModel.trim() });
-    console.log(chalk.green(`\n  MODEL CHANGED TO: ${customModel.trim()}`));
-    await prompts.waitForEnter();
-    return await aiAgentMenu();
-  }
-  
   const index = parseInt(choice) - 1;
   if (isNaN(index) || index < 0 || index >= models.length) {
     return await selectModel(agent);

package/src/services/ai/client.js

@@ -105,8 +105,32 @@ const callOpenAICompatible = async (agent, prompt, systemPrompt) => {
   }
 };
 
+/**
+ * Get valid OAuth token (refresh if needed)
+ * @param {Object} credentials - Agent credentials with oauth data
+ * @returns {Promise<string|null>} Valid access token or null
+ */
+const getValidOAuthToken = async (credentials) => {
+  if (!credentials?.oauth) return null;
+  
+  const oauthAnthropic = require('./oauth-anthropic');
+  const validToken = await oauthAnthropic.getValidToken(credentials.oauth);
+  
+  if (!validToken) return null;
+  
+  // If token was refreshed, we should update storage (handled by caller)
+  if (validToken.refreshed) {
+    credentials.oauth.access = validToken.access;
+    credentials.oauth.refresh = validToken.refresh;
+    credentials.oauth.expires = validToken.expires;
+  }
+  
+  return validToken.access;
+};
+
 /**
  * Call Anthropic Claude API
+ * Supports both API key and OAuth authentication
  * @param {Object} agent - Agent configuration
  * @param {string} prompt - User prompt
  * @param {string} systemPrompt - System prompt
@@ -116,19 +140,31 @@ const callAnthropic = async (agent, prompt, systemPrompt) => {
   const provider = getProvider('anthropic');
   if (!provider) return null;
   
-  const apiKey = agent.credentials?.apiKey;
   const model = agent.model || provider.defaultModel;
-  
-  if (!apiKey) return null;
-  
   const url = `${provider.endpoint}/messages`;
   
-  const headers = {
+  // Determine authentication method
+  const isOAuth = agent.credentials?.oauth?.refresh;
+  let headers = {
     'Content-Type': 'application/json',
-    'x-api-key': apiKey,
     'anthropic-version': '2023-06-01'
   };
   
+  if (isOAuth) {
+    // OAuth Bearer token authentication
+    const accessToken = await getValidOAuthToken(agent.credentials);
+    if (!accessToken) return null;
+    
+    headers['Authorization'] = `Bearer ${accessToken}`;
+    headers['anthropic-beta'] = 'oauth-2025-04-20,interleaved-thinking-2025-05-14';
+  } else {
+    // Standard API key authentication
+    const apiKey = agent.credentials?.apiKey;
+    if (!apiKey) return null;
+    
+    headers['x-api-key'] = apiKey;
+  }
+  
   const body = {
     model,
     max_tokens: 500,
@@ -272,10 +308,104 @@ Analyze and provide recommendation.`;
   }
 };
 
+/**
+ * Fetch available models from Anthropic API (API Key auth)
+ * @param {string} apiKey - API key
+ * @returns {Promise<Array|null>} Array of model IDs or null on error
+ * 
+ * Data source: https://api.anthropic.com/v1/models (GET)
+ */
+const fetchAnthropicModels = async (apiKey) => {
+  if (!apiKey) return null;
+  
+  const url = 'https://api.anthropic.com/v1/models';
+  
+  const headers = {
+    'x-api-key': apiKey,
+    'anthropic-version': '2023-06-01'
+  };
+  
+  try {
+    const response = await makeRequest(url, { method: 'GET', headers, timeout: 10000 });
+    if (response.data && Array.isArray(response.data)) {
+      return response.data.map(m => m.id).filter(Boolean);
+    }
+    return null;
+  } catch (error) {
+    return null;
+  }
+};
+
+/**
+ * Fetch available models from Anthropic API (OAuth auth)
+ * @param {string} accessToken - OAuth access token
+ * @returns {Promise<Array|null>} Array of model IDs or null on error
+ * 
+ * Data source: https://api.anthropic.com/v1/models (GET with Bearer token)
+ */
+const fetchAnthropicModelsOAuth = async (accessToken) => {
+  if (!accessToken) return null;
+  
+  const url = 'https://api.anthropic.com/v1/models';
+  
+  const headers = {
+    'Authorization': `Bearer ${accessToken}`,
+    'anthropic-version': '2023-06-01',
+    'anthropic-beta': 'oauth-2025-04-20'
+  };
+  
+  try {
+    const response = await makeRequest(url, { method: 'GET', headers, timeout: 10000 });
+    if (response.data && Array.isArray(response.data)) {
+      return response.data.map(m => m.id).filter(Boolean);
+    }
+    return null;
+  } catch (error) {
+    // OAuth may not support /models endpoint, return null to use defaults
+    return null;
+  }
+};
+
+/**
+ * Fetch available models from OpenAI-compatible API
+ * @param {string} endpoint - API endpoint
+ * @param {string} apiKey - API key
+ * @returns {Promise<Array|null>} Array of model IDs or null on error
+ * 
+ * Data source: {endpoint}/models (GET)
+ */
+const fetchOpenAIModels = async (endpoint, apiKey) => {
+  if (!endpoint) return null;
+  
+  const url = `${endpoint}/models`;
+  
+  const headers = {
+    'Content-Type': 'application/json'
+  };
+  
+  if (apiKey) {
+    headers['Authorization'] = `Bearer ${apiKey}`;
+  }
+  
+  try {
+    const response = await makeRequest(url, { method: 'GET', headers, timeout: 10000 });
+    if (response.data && Array.isArray(response.data)) {
+      return response.data.map(m => m.id).filter(Boolean);
+    }
+    return null;
+  } catch (error) {
+    return null;
+  }
+};
+
 module.exports = {
   callAI,
   analyzeTrading,
   callOpenAICompatible,
   callAnthropic,
-  callGemini
+  callGemini,
+  fetchAnthropicModels,
+  fetchAnthropicModelsOAuth,
+  fetchOpenAIModels,
+  getValidOAuthToken
 };

package/src/services/ai/index.js

@@ -159,6 +159,20 @@ const getAgent = (agentId) => {
   };
 };
 
+/**
+ * Get agent credentials by ID
+ * @param {string} agentId - Agent ID
+ * @returns {Object|null} Credentials object or null
+ */
+const getAgentCredentials = (agentId) => {
+  const aiSettings = getAISettings();
+  const agents = aiSettings.agents || [];
+  const agent = agents.find(a => a.id === agentId);
+  
+  if (!agent) return null;
+  return agent.credentials || null;
+};
+
 /**
  * Set active agent
  */
@@ -607,6 +621,7 @@ module.exports = {
   getAgents,
   getAgentCount,
   getAgent,
+  getAgentCredentials,
   getActiveAgent,
   setActiveAgent,
   addAgent,

package/src/services/ai/oauth-anthropic.js

@@ -0,0 +1,265 @@
+/**
+ * Anthropic OAuth Authentication
+ * 
+ * Implements OAuth 2.0 with PKCE for Anthropic Claude Pro/Max plans.
+ * Based on the public OAuth flow used by OpenCode.
+ * 
+ * Data source: Anthropic OAuth API (https://console.anthropic.com/v1/oauth/token)
+ */
+
+const crypto = require('crypto');
+const https = require('https');
+
+// Public OAuth Client ID (same as OpenCode - registered with Anthropic)
+const CLIENT_ID = '9d1c250a-e61b-44d9-88ed-5944d1962f5e';
+const REDIRECT_URI = 'https://console.anthropic.com/oauth/code/callback';
+
+/**
+ * Generate PKCE code verifier and challenge
+ * @returns {Object} { verifier: string, challenge: string }
+ */
+const generatePKCE = () => {
+  // Generate a random 32-byte code verifier (base64url encoded)
+  const verifier = crypto.randomBytes(32)
+    .toString('base64')
+    .replace(/\+/g, '-')
+    .replace(/\//g, '_')
+    .replace(/=/g, '');
+  
+  // Generate SHA256 hash of verifier, then base64url encode it
+  const challenge = crypto.createHash('sha256')
+    .update(verifier)
+    .digest('base64')
+    .replace(/\+/g, '-')
+    .replace(/\//g, '_')
+    .replace(/=/g, '');
+  
+  return { verifier, challenge };
+};
+
+/**
+ * Generate OAuth authorization URL
+ * @param {'max' | 'console'} mode - 'max' for Claude Pro/Max, 'console' for API key creation
+ * @returns {Object} { url: string, verifier: string }
+ */
+const authorize = (mode = 'max') => {
+  const pkce = generatePKCE();
+  
+  const baseUrl = mode === 'max' 
+    ? 'https://claude.ai/oauth/authorize'
+    : 'https://console.anthropic.com/oauth/authorize';
+  
+  const url = new URL(baseUrl);
+  url.searchParams.set('code', 'true');
+  url.searchParams.set('client_id', CLIENT_ID);
+  url.searchParams.set('response_type', 'code');
+  url.searchParams.set('redirect_uri', REDIRECT_URI);
+  url.searchParams.set('scope', 'org:create_api_key user:profile user:inference');
+  url.searchParams.set('code_challenge', pkce.challenge);
+  url.searchParams.set('code_challenge_method', 'S256');
+  url.searchParams.set('state', pkce.verifier);
+  
+  return {
+    url: url.toString(),
+    verifier: pkce.verifier
+  };
+};
+
+/**
+ * Make HTTPS request
+ * @param {string} url - Full URL
+ * @param {Object} options - Request options
+ * @returns {Promise<Object>} Response JSON
+ */
+const makeRequest = (url, options) => {
+  return new Promise((resolve, reject) => {
+    const req = https.request(url, {
+      method: options.method || 'POST',
+      headers: options.headers || {}
+    }, (res) => {
+      let data = '';
+      res.on('data', chunk => data += chunk);
+      res.on('end', () => {
+        try {
+          const json = JSON.parse(data);
+          if (res.statusCode >= 200 && res.statusCode < 300) {
+            resolve(json);
+          } else {
+            reject(new Error(json.error?.message || `HTTP ${res.statusCode}: ${data}`));
+          }
+        } catch (e) {
+          reject(new Error(`Invalid JSON response: ${data.substring(0, 200)}`));
+        }
+      });
+    });
+    
+    req.on('error', reject);
+    
+    if (options.body) {
+      req.write(JSON.stringify(options.body));
+    }
+    req.end();
+  });
+};
+
+/**
+ * Exchange authorization code for tokens
+ * @param {string} code - Authorization code from callback (format: code#state)
+ * @param {string} verifier - PKCE code verifier
+ * @returns {Promise<Object>} { type: 'success', access: string, refresh: string, expires: number } or { type: 'failed' }
+ * 
+ * Data source: https://console.anthropic.com/v1/oauth/token (POST)
+ */
+const exchange = async (code, verifier) => {
+  try {
+    // Code format from callback: "authorization_code#state"
+    const splits = code.split('#');
+    const authCode = splits[0];
+    const state = splits[1] || '';
+    
+    const response = await makeRequest('https://console.anthropic.com/v1/oauth/token', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json'
+      },
+      body: {
+        code: authCode,
+        state: state,
+        grant_type: 'authorization_code',
+        client_id: CLIENT_ID,
+        redirect_uri: REDIRECT_URI,
+        code_verifier: verifier
+      }
+    });
+    
+    return {
+      type: 'success',
+      access: response.access_token,
+      refresh: response.refresh_token,
+      expires: Date.now() + (response.expires_in * 1000)
+    };
+  } catch (error) {
+    return {
+      type: 'failed',
+      error: error.message
+    };
+  }
+};
+
+/**
+ * Refresh access token using refresh token
+ * @param {string} refreshToken - The refresh token
+ * @returns {Promise<Object>} { type: 'success', access: string, refresh: string, expires: number } or { type: 'failed' }
+ * 
+ * Data source: https://console.anthropic.com/v1/oauth/token (POST)
+ */
+const refreshToken = async (refreshToken) => {
+  try {
+    const response = await makeRequest('https://console.anthropic.com/v1/oauth/token', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json'
+      },
+      body: {
+        grant_type: 'refresh_token',
+        refresh_token: refreshToken,
+        client_id: CLIENT_ID
+      }
+    });
+    
+    return {
+      type: 'success',
+      access: response.access_token,
+      refresh: response.refresh_token,
+      expires: Date.now() + (response.expires_in * 1000)
+    };
+  } catch (error) {
+    return {
+      type: 'failed',
+      error: error.message
+    };
+  }
+};
+
+/**
+ * Create an API key using OAuth token (for console mode)
+ * @param {string} accessToken - The access token
+ * @returns {Promise<Object>} { type: 'success', key: string } or { type: 'failed' }
+ * 
+ * Data source: https://api.anthropic.com/api/oauth/claude_cli/create_api_key (POST)
+ */
+const createApiKey = async (accessToken) => {
+  try {
+    const response = await makeRequest('https://api.anthropic.com/api/oauth/claude_cli/create_api_key', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Authorization': `Bearer ${accessToken}`
+      }
+    });
+    
+    return {
+      type: 'success',
+      key: response.raw_key
+    };
+  } catch (error) {
+    return {
+      type: 'failed',
+      error: error.message
+    };
+  }
+};
+
+/**
+ * Get valid access token (refresh if expired)
+ * @param {Object} oauthData - OAuth data { access, refresh, expires }
+ * @returns {Promise<Object>} { access: string, refresh: string, expires: number, refreshed: boolean }
+ */
+const getValidToken = async (oauthData) => {
+  if (!oauthData || !oauthData.refresh) {
+    return null;
+  }
+  
+  // Check if token is expired or will expire in the next 5 minutes
+  const expirationBuffer = 5 * 60 * 1000; // 5 minutes
+  if (oauthData.expires && oauthData.expires > Date.now() + expirationBuffer) {
+    return {
+      ...oauthData,
+      refreshed: false
+    };
+  }
+  
+  // Token expired or about to expire, refresh it
+  const result = await refreshToken(oauthData.refresh);
+  if (result.type === 'success') {
+    return {
+      access: result.access,
+      refresh: result.refresh,
+      expires: result.expires,
+      refreshed: true
+    };
+  }
+  
+  return null;
+};
+
+/**
+ * Check if credentials are OAuth tokens
+ * @param {Object} credentials - Agent credentials
+ * @returns {boolean}
+ */
+const isOAuthCredentials = (credentials) => {
+  return credentials && credentials.oauth && credentials.oauth.refresh;
+};
+
+module.exports = {
+  CLIENT_ID,
+  REDIRECT_URI,
+  generatePKCE,
+  authorize,
+  exchange,
+  refreshToken,
+  createApiKey,
+  getValidToken,
+  isOAuthCredentials
+};

package/src/services/ai/providers/index.js

@@ -43,22 +43,19 @@ const PROVIDERS = {
     name: 'CLAUDE (ANTHROPIC)',
     description: 'Direct connection to Claude',
     category: 'direct',
-    models: [
-      // Claude 4.5 (Latest flagship)
-      'claude-opus-4-5-20250514',
-      // Claude 4
-      'claude-opus-4-20250514',
-      'claude-sonnet-4-20250514',
-      // Claude 3.5 
-      'claude-3-5-sonnet-20241022',
-      'claude-3-5-haiku-20241022',
-      // Claude 3
-      'claude-3-opus-20240229',
-      'claude-3-sonnet-20240229',
-      'claude-3-haiku-20240307'
-    ],
-    defaultModel: 'claude-opus-4-5-20250514',
+    models: [], // Fetched from API at runtime
+    defaultModel: null, // Will use first model from API
     options: [
+      {
+        id: 'oauth_max',
+        label: 'CLAUDE PRO/MAX (OAUTH)',
+        description: [
+          'Login with your Claude subscription',
+          'Unlimited usage with your plan'
+        ],
+        fields: ['oauth'],
+        authType: 'oauth'
+      },
       {
         id: 'api_key',
         label: 'API KEY (PAY-PER-USE)',