hyperclaw 5.0.0 → 5.0.1

package/dist/memory-auto-CpQHZlEJ.js

@@ -0,0 +1,306 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const chalk = require_chunk.__toESM(require("chalk"));
+const fs_extra = require_chunk.__toESM(require("fs-extra"));
+const path = require_chunk.__toESM(require("path"));
+const os = require_chunk.__toESM(require("os"));
+
+//#region packages/core/src/agent/memory-auto.ts
+function isSensitive(text) {
+	return SENSITIVE_PATTERNS.some((p) => p.test(text));
+}
+function extractFactsLocally(turns) {
+	const facts = [];
+	const userMessages = turns.filter((t) => t.role === "user").map((t) => t.content);
+	for (const msg of userMessages) {
+		if (isSensitive(msg)) continue;
+		for (const pattern of PREFERENCE_PATTERNS) {
+			const m = msg.match(pattern);
+			if (m?.[1] && m[1].length > 4) facts.push({
+				fact: `User preference: ${m[1].trim()}`,
+				category: "preference",
+				confidence: "high"
+			});
+		}
+		for (const pattern of IDENTITY_PATTERNS) {
+			const m = msg.match(pattern);
+			if (m?.[1] && m[1].length > 2) facts.push({
+				fact: `About user: ${m[1].trim()}`,
+				category: "identity",
+				confidence: "high"
+			});
+		}
+		for (const pattern of GOAL_PATTERNS) {
+			const m = msg.match(pattern);
+			if (m?.[1] && m[1].length > 8) facts.push({
+				fact: `User goal: ${m[1].trim()}`,
+				category: "goal",
+				confidence: "medium"
+			});
+		}
+	}
+	const seen = /* @__PURE__ */ new Set();
+	return facts.filter((f) => {
+		const key = f.fact.toLowerCase().slice(0, 40);
+		if (seen.has(key)) return false;
+		seen.add(key);
+		return true;
+	});
+}
+async function readMemory() {
+	try {
+		return await fs_extra.default.readFile(MEMORY_FILE, "utf8");
+	} catch {
+		return "";
+	}
+}
+async function appendMemory(facts) {
+	if (facts.length === 0) return 0;
+	const existing = await readMemory();
+	const today = (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
+	let added = 0;
+	const newLines = [];
+	const addedFacts = [];
+	for (const f of facts) {
+		if (existing.toLowerCase().includes(f.fact.toLowerCase().slice(0, 30))) continue;
+		newLines.push(`- ${today} [${f.category}] ${f.fact}`);
+		addedFacts.push(f);
+		added++;
+	}
+	if (newLines.length === 0) return 0;
+	await fs_extra.default.ensureDir(HC_DIR);
+	if (!await fs_extra.default.pathExists(MEMORY_FILE)) await fs_extra.default.writeFile(MEMORY_FILE, "# HyperClaw Memory\n\n");
+	await fs_extra.default.appendFile(MEMORY_FILE, "\n" + newLines.join("\n") + "\n");
+	try {
+		const { onMemoryAppended } = await Promise.resolve().then(() => require("./memory-integration-g2vxwgoE.js"));
+		await onMemoryAppended(addedFacts.map((f) => ({ fact: f.fact })));
+	} catch {}
+	return added;
+}
+async function saveMemoryDirect(text) {
+	await fs_extra.default.ensureDir(HC_DIR);
+	if (!await fs_extra.default.pathExists(MEMORY_FILE)) await fs_extra.default.writeFile(MEMORY_FILE, "# HyperClaw Memory\n\n");
+	const today = (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
+	await fs_extra.default.appendFile(MEMORY_FILE, `\n- ${today} ${text}\n`);
+	try {
+		const { onMemoryAppended } = await Promise.resolve().then(() => require("./memory-integration-g2vxwgoE.js"));
+		await onMemoryAppended([{ fact: text }]);
+	} catch {}
+}
+async function extractFactsWithAI(turns, inferenceOpts) {
+	const totalText = turns.map((t) => t.content).join(" ");
+	if (totalText.length < 100) return [];
+	const localFacts = extractFactsLocally(turns);
+	const hasPersonalContext = /\b(I|my|me|mine|myself)\b/i.test(totalText);
+	if (!hasPersonalContext) return localFacts;
+	try {
+		const { InferenceEngine } = await Promise.resolve().then(() => require("./inference-SzqFe_nk.js"));
+		const engine = new InferenceEngine({
+			model: inferenceOpts.model,
+			apiKey: inferenceOpts.apiKey,
+			provider: inferenceOpts.provider,
+			maxTokens: 512,
+			tools: []
+		});
+		const conversationSummary = turns.slice(-6).map((t) => `${t.role === "user" ? "User" : "AI"}: ${t.content.slice(0, 300)}`).join("\n");
+		const result = await engine.run([{
+			role: "user",
+			content: `Extract ONLY concrete, reusable facts about the USER from this conversation. 
+Skip: passwords, API keys, one-off questions, assistant responses.
+Include: name, job, preferences, ongoing projects, locations, recurring tasks.
+
+Conversation:
+${conversationSummary}
+
+Respond with a JSON array of strings, each a short fact starting with "User".
+If nothing worth saving, respond: []
+Example: ["User's name is Alex", "User prefers TypeScript over JavaScript", "User is building a SaaS app"]`
+		}]);
+		const clean = result.text.replace(/```json|```/g, "").trim();
+		const aiFactStrings = JSON.parse(clean);
+		const allFacts = [...localFacts];
+		const existingFactText = localFacts.map((f) => f.fact.toLowerCase());
+		for (const factStr of aiFactStrings) {
+			if (!factStr || factStr.length < 5) continue;
+			if (isSensitive(factStr)) continue;
+			if (existingFactText.some((e) => e.includes(factStr.toLowerCase().slice(0, 20)))) continue;
+			const cat = /prefer|like|hate|always|never|don't/i.test(factStr) ? "preference" : /goal|want|trying|working on|building/i.test(factStr) ? "goal" : /name|job|work|role|from|based/i.test(factStr) ? "identity" : "context";
+			allFacts.push({
+				fact: factStr,
+				category: cat,
+				confidence: "medium"
+			});
+		}
+		return allFacts;
+	} catch {
+		return localFacts;
+	}
+}
+async function showMemory() {
+	const content = await readMemory();
+	if (!content.trim()) {
+		console.log(chalk.default.gray("\n  🧠 MEMORY.md is empty\n"));
+		return;
+	}
+	console.log(chalk.default.bold.cyan("\n  🧠 MEMORY\n"));
+	const lines = content.split("\n").filter((l) => l.trim());
+	for (const line of lines) if (line.startsWith("#")) console.log(chalk.default.bold.white(line));
+	else if (line.startsWith("-")) {
+		const parts = line.match(/^-\s+(\S+)\s+\[(\w+)\]\s+(.+)$/);
+		if (parts) {
+			const [, date, cat, fact] = parts;
+			const catColor = cat === "preference" ? chalk.default.cyan : cat === "identity" ? chalk.default.yellow : cat === "goal" ? chalk.default.green : chalk.default.gray;
+			console.log(`  ${chalk.default.gray(date)} ${catColor(`[${cat}]`)} ${fact}`);
+		} else console.log(`  ${line}`);
+	}
+	console.log();
+}
+async function clearMemory() {
+	await fs_extra.default.writeFile(MEMORY_FILE, "# HyperClaw Memory\n\n");
+	console.log(chalk.default.green("  ✅ Memory cleared\n"));
+}
+async function searchMemory(query) {
+	const content = await readMemory();
+	const lines = content.split("\n").filter((l) => l.toLowerCase().includes(query.toLowerCase()));
+	if (lines.length === 0) {
+		console.log(chalk.default.gray(`  No memories found for: "${query}"\n`));
+		return;
+	}
+	console.log(chalk.default.bold.cyan(`\n  🔍 Memory search: "${query}"\n`));
+	for (const line of lines) console.log(`  ${line}`);
+	console.log();
+}
+var HC_DIR, MEMORY_FILE, SOUL_FILE, PREFERENCE_PATTERNS, IDENTITY_PATTERNS, GOAL_PATTERNS, SENSITIVE_PATTERNS, AutoMemory;
+var init_memory_auto = require_chunk.__esm({ "packages/core/src/agent/memory-auto.ts"() {
+	HC_DIR = path.default.join(os.default.homedir(), ".hyperclaw");
+	MEMORY_FILE = path.default.join(HC_DIR, "MEMORY.md");
+	SOUL_FILE = path.default.join(HC_DIR, "SOUL.md");
+	PREFERENCE_PATTERNS = [
+		/i (?:prefer|like|love|hate|dislike|always|never)\s+(.{5,80})/i,
+		/(?:my favorite|my preferred)\s+(.{5,80})/i,
+		/(?:please )?always\s+((?:use|do|write|respond|answer|format|reply)\s+.{5,60})/i,
+		/don'?t (?:ever )?(.{5,60})/i,
+		/(?:i want you to always)\s+(.{5,80})/i
+	];
+	IDENTITY_PATTERNS = [
+		/(?:my name is|i'?m called|call me)\s+([A-ZΑ-Ωa-zα-ω][a-zα-ω]{1,30})/i,
+		/i(?:'m| am) (?:a |an )?([A-Za-zΑ-Ωα-ω][\w\s]{3,40}?)(?:\.|,|$)/i,
+		/i work (?:at|for|as)\s+(.{5,60})/i,
+		/i(?:'m| am) (?:from|in|based in)\s+(.{3,40})/i,
+		/my (?:job|role|position|title) is\s+(.{5,60})/i
+	];
+	GOAL_PATTERNS = [
+		/i(?:'m| am) (?:working on|building|creating|developing)\s+(.{10,100})/i,
+		/i want to\s+(.{10,100})/i,
+		/my goal is (?:to\s+)?(.{10,100})/i,
+		/i'?m trying to\s+(.{10,100})/i
+	];
+	SENSITIVE_PATTERNS = [
+		/password/i,
+		/passwd/i,
+		/secret key/i,
+		/api.?key/i,
+		/credit.?card/i,
+		/\b\d{4}[\s-]\d{4}[\s-]\d{4}[\s-]\d{4}\b/,
+		/ssn|social security/i,
+		/\b\d{3}-\d{2}-\d{4}\b/
+	];
+	AutoMemory = class {
+		turns = [];
+		turnsSinceLastExtract = 0;
+		extractEveryNTurns;
+		useAI;
+		aiOpts;
+		constructor(opts = {}) {
+			this.extractEveryNTurns = opts.extractEveryNTurns ?? 4;
+			this.useAI = opts.useAI ?? false;
+			this.aiOpts = opts.aiOpts;
+		}
+		addTurn(role, content) {
+			this.turns.push({
+				role,
+				content,
+				timestamp: (/* @__PURE__ */ new Date()).toISOString()
+			});
+			this.turnsSinceLastExtract++;
+		}
+		async maybeExtract() {
+			if (this.turnsSinceLastExtract < this.extractEveryNTurns) return 0;
+			this.turnsSinceLastExtract = 0;
+			return this.extract();
+		}
+		async extract() {
+			const facts = this.useAI && this.aiOpts ? await extractFactsWithAI(this.turns, this.aiOpts) : extractFactsLocally(this.turns);
+			const saved = await appendMemory(facts);
+			if (saved > 0) console.log(chalk.default.gray(`  🧠 Auto-saved ${saved} fact${saved === 1 ? "" : "s"} to MEMORY.md`));
+			return saved;
+		}
+		clearTurns() {
+			this.turns = [];
+		}
+		getTurns() {
+			return [...this.turns];
+		}
+	};
+} });
+
+//#endregion
+Object.defineProperty(exports, 'AutoMemory', {
+  enumerable: true,
+  get: function () {
+    return AutoMemory;
+  }
+});
+Object.defineProperty(exports, 'appendMemory', {
+  enumerable: true,
+  get: function () {
+    return appendMemory;
+  }
+});
+Object.defineProperty(exports, 'clearMemory', {
+  enumerable: true,
+  get: function () {
+    return clearMemory;
+  }
+});
+Object.defineProperty(exports, 'extractFactsLocally', {
+  enumerable: true,
+  get: function () {
+    return extractFactsLocally;
+  }
+});
+Object.defineProperty(exports, 'extractFactsWithAI', {
+  enumerable: true,
+  get: function () {
+    return extractFactsWithAI;
+  }
+});
+Object.defineProperty(exports, 'init_memory_auto', {
+  enumerable: true,
+  get: function () {
+    return init_memory_auto;
+  }
+});
+Object.defineProperty(exports, 'readMemory', {
+  enumerable: true,
+  get: function () {
+    return readMemory;
+  }
+});
+Object.defineProperty(exports, 'saveMemoryDirect', {
+  enumerable: true,
+  get: function () {
+    return saveMemoryDirect;
+  }
+});
+Object.defineProperty(exports, 'searchMemory', {
+  enumerable: true,
+  get: function () {
+    return searchMemory;
+  }
+});
+Object.defineProperty(exports, 'showMemory', {
+  enumerable: true,
+  get: function () {
+    return showMemory;
+  }
+});

package/dist/memory-auto-Z6LCf-iK.js

@@ -0,0 +1,5 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const require_memory_auto = require('./memory-auto-CpQHZlEJ.js');
+
+require_memory_auto.init_memory_auto();
+exports.AutoMemory = require_memory_auto.AutoMemory;

package/dist/memory-integration-g2vxwgoE.js

@@ -0,0 +1,91 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const require_paths = require('./paths-AIyBxIzm.js');
+const require_paths$1 = require('./paths-DPovhojT.js');
+const fs_extra = require_chunk.__toESM(require("fs-extra"));
+const path = require_chunk.__toESM(require("path"));
+
+//#region src/services/memory-integration.ts
+async function getConfig() {
+	try {
+		const cfg = await fs_extra.default.readJson(require_paths.getConfigPath());
+		return cfg.memoryIntegration ?? {};
+	} catch {
+		return {};
+	}
+}
+/** Sync MEMORY.md to vault (Obsidian / Raycast / Hazel). */
+async function syncMemoryToVault(vaultDir) {
+	const target = path.default.join(vaultDir, "HyperClaw-MEMORY.md");
+	if (await fs_extra.default.pathExists(MEMORY_FILE)) {
+		await fs_extra.default.ensureDir(vaultDir);
+		await fs_extra.default.copy(MEMORY_FILE, target, { overwrite: true });
+	}
+}
+/** Write daily note with session summary and new facts. */
+async function writeDailyNote(vaultDir, date, content) {
+	const filename = `${date}.md`;
+	const target = path.default.join(vaultDir, "HyperClaw", filename);
+	await fs_extra.default.ensureDir(path.default.dirname(target));
+	const lines = [
+		`# HyperClaw — ${date}`,
+		"",
+		`> Auto-generated daily note from HyperClaw interactions.`,
+		""
+	];
+	if (content.sessionId && (content.turnCount ?? 0) > 0) {
+		lines.push(`## Session ${content.sessionId}`);
+		lines.push(`- Turns: ${content.turnCount}`);
+		lines.push("");
+	}
+	if (content.newFacts?.length) {
+		lines.push("## New memories");
+		for (const f of content.newFacts) lines.push(`- ${f}`);
+		lines.push("");
+	}
+	const body = lines.join("\n");
+	if (await fs_extra.default.pathExists(target)) await fs_extra.default.appendFile(target, "\n---\n" + body);
+	else await fs_extra.default.writeFile(target, body);
+}
+/** Append new fact to daily note (for incremental updates). */
+async function appendToDailyNote(vaultDir, date, fact) {
+	const filename = `${date}.md`;
+	const target = path.default.join(vaultDir, "HyperClaw", filename);
+	await fs_extra.default.ensureDir(path.default.dirname(target));
+	const line = `- ${(/* @__PURE__ */ new Date()).toISOString().slice(11, 19)} ${fact}\n`;
+	if (!await fs_extra.default.pathExists(target)) await fs_extra.default.writeFile(target, `# HyperClaw — ${date}\n\n`);
+	await fs_extra.default.appendFile(target, line);
+}
+/** Called after MEMORY.md append — sync to vault + optionally add to daily note. */
+async function onMemoryAppended(facts) {
+	const cfg = await getConfig();
+	const vaultDir = cfg.vaultDir;
+	if (!vaultDir) return;
+	if (cfg.syncOnAppend !== false) await syncMemoryToVault(vaultDir);
+	if (cfg.dailyNotes && facts.length > 0) {
+		const today = (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
+		for (const f of facts) await appendToDailyNote(vaultDir, today, f.fact);
+	}
+}
+/** Called on session end — sync + write session summary to daily note. */
+async function onSessionEnd(payload) {
+	const cfg = await getConfig();
+	const vaultDir = cfg.vaultDir;
+	if (!vaultDir || !cfg.dailyNotes) return;
+	await syncMemoryToVault(vaultDir);
+	const today = (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
+	await writeDailyNote(vaultDir, today, {
+		sessionId: payload.sessionId,
+		turnCount: payload.turnCount,
+		newFacts: payload.newFacts
+	});
+}
+var MEMORY_FILE;
+var init_memory_integration = require_chunk.__esm({ "src/services/memory-integration.ts"() {
+	require_paths$1.init_paths();
+	MEMORY_FILE = path.default.join(require_paths.getHyperClawDir(), "MEMORY.md");
+} });
+
+//#endregion
+init_memory_integration();
+exports.onMemoryAppended = onMemoryAppended;
+exports.onSessionEnd = onSessionEnd;

package/dist/moltbook-Cl8cQfxJ.js

@@ -0,0 +1,81 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const https = require_chunk.__toESM(require("https"));
+
+//#region src/services/moltbook.ts
+/** List feed (public or for connected agents). */
+async function getFeed(limit = 20) {
+	if (!MOLTBOOK_API) return [];
+	try {
+		const body = await fetchJson(`${MOLTBOOK_API}/api/feed?limit=${limit}`);
+		return Array.isArray(body.posts) ? body.posts : [];
+	} catch {
+		return [];
+	}
+}
+/** Publish a post as the configured agent. */
+async function publishPost(content, opts) {
+	if (!MOLTBOOK_API) return null;
+	try {
+		const body = await postJson(`${MOLTBOOK_API}/api/posts`, { content }, opts?.agentToken);
+		return body.post || null;
+	} catch {
+		return null;
+	}
+}
+function fetchJson(url) {
+	return new Promise((resolve, reject) => {
+		const u = new URL(url);
+		const req = https.default.get(url, (res) => {
+			let data = "";
+			res.on("data", (c) => data += c);
+			res.on("end", () => {
+				try {
+					resolve(JSON.parse(data));
+				} catch {
+					reject(new Error("Invalid JSON"));
+				}
+			});
+		});
+		req.on("error", reject);
+	});
+}
+function postJson(url, payload, token) {
+	return new Promise((resolve, reject) => {
+		const u = new URL(url);
+		const body = JSON.stringify(payload);
+		const opts = {
+			hostname: u.hostname,
+			port: 443,
+			path: u.pathname,
+			method: "POST",
+			headers: {
+				"Content-Type": "application/json",
+				"Content-Length": Buffer.byteLength(body),
+				...token ? { Authorization: `Bearer ${token}` } : {}
+			}
+		};
+		const req = https.default.request(opts, (res) => {
+			let data = "";
+			res.on("data", (c) => data += c);
+			res.on("end", () => {
+				try {
+					resolve(JSON.parse(data || "{}"));
+				} catch {
+					resolve({});
+				}
+			});
+		});
+		req.on("error", reject);
+		req.write(body);
+		req.end();
+	});
+}
+var MOLTBOOK_API;
+var init_moltbook = require_chunk.__esm({ "src/services/moltbook.ts"() {
+	MOLTBOOK_API = process.env.MOLTBOOK_API_URL || "";
+} });
+
+//#endregion
+init_moltbook();
+exports.getFeed = getFeed;
+exports.publishPost = publishPost;

package/dist/nodes-registry-C9dCFwjh.js

@@ -0,0 +1,52 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const events = require_chunk.__toESM(require("events"));
+
+//#region src/services/nodes-registry.ts
+var NodeRegistryImpl, NodeRegistry;
+var init_nodes_registry = require_chunk.__esm({ "src/services/nodes-registry.ts"() {
+	NodeRegistryImpl = class extends events.EventEmitter {
+		nodes = /* @__PURE__ */ new Map();
+		pendingCommands = /* @__PURE__ */ new Map();
+		register(node) {
+			this.nodes.set(node.nodeId, node);
+			this.emit("node:registered", node);
+		}
+		unregister(nodeId) {
+			this.nodes.delete(nodeId);
+			this.emit("node:unregistered", nodeId);
+		}
+		getNodes() {
+			return Array.from(this.nodes.values());
+		}
+		getNode(nodeId) {
+			return this.nodes.get(nodeId);
+		}
+		/** Send a command to a node. Returns result or error. */
+		async sendCommand(nodeId, cmd) {
+			const node = this.nodes.get(nodeId);
+			if (!node) return {
+				ok: false,
+				error: `Node ${nodeId} not connected`
+			};
+			return node.send(cmd);
+		}
+		/** Handle response from a node (called when node replies to a command). */
+		handleCommandResponse(cmdId, result) {
+			const pending = this.pendingCommands.get(cmdId);
+			if (pending) {
+				clearTimeout(pending.timeout);
+				this.pendingCommands.delete(cmdId);
+				pending.resolve(result);
+			}
+		}
+		updateLastSeen(nodeId) {
+			const node = this.nodes.get(nodeId);
+			if (node) node.lastSeenAt = (/* @__PURE__ */ new Date()).toISOString();
+		}
+	};
+	NodeRegistry = new NodeRegistryImpl();
+} });
+
+//#endregion
+init_nodes_registry();
+exports.NodeRegistry = NodeRegistry;

package/dist/oauth-flow-CeaaGAz0.js

@@ -0,0 +1,150 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const path = require_chunk.__toESM(require("path"));
+const os = require_chunk.__toESM(require("os"));
+const crypto = require_chunk.__toESM(require("crypto"));
+const http = require_chunk.__toESM(require("http"));
+
+//#region src/services/oauth-flow.ts
+const HC_DIR = path.default.join(os.default.homedir(), ".hyperclaw");
+const REDIRECT_PORT = 38789;
+const REDIRECT_PATH = "/oauth/callback";
+const PROVIDERS = {
+	google: {
+		authorize_url: "https://accounts.google.com/o/oauth2/v2/auth",
+		token_url: "https://oauth2.googleapis.com/token",
+		scopes: [
+			"openid",
+			"email",
+			"profile",
+			"https://www.googleapis.com/auth/aiplatform"
+		],
+		client_id: process.env.GOOGLE_OAUTH_CLIENT_ID || "",
+		client_secret: process.env.GOOGLE_OAUTH_CLIENT_SECRET
+	},
+	"google-gmail": {
+		authorize_url: "https://accounts.google.com/o/oauth2/v2/auth",
+		token_url: "https://oauth2.googleapis.com/token",
+		scopes: [
+			"openid",
+			"email",
+			"profile",
+			"https://www.googleapis.com/auth/gmail.modify",
+			"https://mail.google.com/"
+		],
+		client_id: process.env.GOOGLE_OAUTH_CLIENT_ID || "",
+		client_secret: process.env.GOOGLE_OAUTH_CLIENT_SECRET
+	},
+	microsoft: {
+		authorize_url: "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
+		token_url: "https://login.microsoftonline.com/common/oauth2/v2.0/token",
+		scopes: [
+			"openid",
+			"profile",
+			"offline_access",
+			"https://cognitiveservices.azure.com/.default"
+		],
+		client_id: process.env.AZURE_OAUTH_CLIENT_ID || process.env.MICROSOFT_OAUTH_CLIENT_ID || "",
+		client_secret: process.env.AZURE_OAUTH_CLIENT_SECRET || process.env.MICROSOFT_OAUTH_CLIENT_SECRET
+	}
+};
+async function runOAuthFlow(providerId, opts) {
+	const cfg = PROVIDERS[providerId];
+	if (!cfg) throw new Error(`OAuth provider "${providerId}" not configured. Supported: google, google-gmail (Gmail Pub/Sub), microsoft. Anthropic/OpenAI: use "hyperclaw auth add" (API keys) or "hyperclaw auth setup-token anthropic" for Claude Pro/Max.`);
+	const clientId = opts?.clientId || cfg.client_id || process.env.OAUTH_CLIENT_ID;
+	const clientSecret = opts?.clientSecret || cfg.client_secret || process.env.OAUTH_CLIENT_SECRET;
+	const scopes = opts?.scopes || cfg.scopes;
+	if (!clientId) {
+		const hint = providerId === "google" ? "Set GOOGLE_OAUTH_CLIENT_ID or OAUTH_CLIENT_ID. Create at: https://console.cloud.google.com/apis/credentials" : providerId === "microsoft" ? "Set AZURE_OAUTH_CLIENT_ID. Create at: https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade" : "Set OAUTH_CLIENT_ID or pass --client-id";
+		throw new Error(`OAuth client_id required. ${hint}`);
+	}
+	const codeVerifier = crypto.default.randomBytes(32).toString("base64url");
+	const codeChallenge = crypto.default.createHash("sha256").update(codeVerifier).digest("base64url");
+	const authParams = new URLSearchParams({
+		client_id: clientId,
+		redirect_uri: `http://127.0.0.1:${REDIRECT_PORT}${REDIRECT_PATH}`,
+		response_type: "code",
+		scope: scopes.join(" "),
+		code_challenge: codeChallenge,
+		code_challenge_method: "S256",
+		access_type: "offline",
+		prompt: "consent"
+	});
+	const authUrl = `${cfg.authorize_url}?${authParams}`;
+	return new Promise((resolve, reject) => {
+		const server = http.default.createServer(async (req, res) => {
+			const url = new URL(req.url || "/", `http://127.0.0.1`);
+			if (url.pathname !== REDIRECT_PATH) {
+				res.writeHead(404);
+				res.end("Not found");
+				return;
+			}
+			const code = url.searchParams.get("code");
+			const error = url.searchParams.get("error");
+			res.setHeader("Content-Type", "text/html; charset=utf-8");
+			if (error) {
+				res.writeHead(400);
+				res.end(`<h1>OAuth error</h1><p>${error}</p><p>You can close this tab.</p>`);
+				server.close();
+				reject(new Error(`OAuth error: ${error}`));
+				return;
+			}
+			if (!code) {
+				res.writeHead(400);
+				res.end("<h1>No code received</h1><p>You can close this tab.</p>");
+				server.close();
+				reject(new Error("No authorization code received"));
+				return;
+			}
+			const body = new URLSearchParams({
+				grant_type: "authorization_code",
+				code,
+				redirect_uri: `http://127.0.0.1:${REDIRECT_PORT}${REDIRECT_PATH}`,
+				code_verifier: codeVerifier
+			});
+			if (clientSecret) body.set("client_secret", clientSecret);
+			body.set("client_id", clientId);
+			try {
+				const tokenRes = await fetch(cfg.token_url, {
+					method: "POST",
+					headers: { "Content-Type": "application/x-www-form-urlencoded" },
+					body: body.toString()
+				});
+				const tokenData = await tokenRes.json();
+				if (tokenData.error) {
+					res.writeHead(400);
+					res.end(`<h1>Token error</h1><p>${tokenData.error}</p><p>You can close this tab.</p>`);
+					server.close();
+					reject(new Error(tokenData.error_description || tokenData.error));
+					return;
+				}
+				res.writeHead(200);
+				res.end("<h1>Success!</h1><p>HyperClaw has received your tokens. You can close this tab and return to the terminal.</p>");
+				server.close();
+				resolve({
+					access_token: tokenData.access_token,
+					refresh_token: tokenData.refresh_token,
+					expires_in: tokenData.expires_in
+				});
+			} catch (e) {
+				res.writeHead(500);
+				res.end(`<h1>Error</h1><p>${e.message}</p><p>You can close this tab.</p>`);
+				server.close();
+				reject(e);
+			}
+		});
+		server.listen(REDIRECT_PORT, "127.0.0.1", () => {
+			try {
+				const { exec } = require("child_process");
+				const opener = process.platform === "win32" ? `start "" "${authUrl}"` : (process.platform === "darwin" ? "open" : "xdg-open") + ` "${authUrl}"`;
+				exec(opener);
+			} catch {}
+		});
+		server.on("error", (err) => {
+			server.close();
+			reject(err);
+		});
+	});
+}
+
+//#endregion
+exports.runOAuthFlow = runOAuthFlow;