ima2-gen 2.0.0 → 2.0.2

package/routes/keys.js

@@ -0,0 +1,254 @@
+import { readFile, writeFile, rename } from "node:fs/promises";
+import { initVertexAuth, clearVertexAuth } from "../lib/vertexAuth.js";
+// Atomic + 0600 config write: temp file then rename, so a crash or concurrent
+// save can't corrupt config.json (which may hold API keys). Rename also forces
+// 0600 perms even if a looser-perm config pre-existed.
+async function writeConfigAtomic(cfgPath, data) {
+    const tmp = `${cfgPath}.${process.pid}.tmp`;
+    await writeFile(tmp, JSON.stringify(data, null, 2), { mode: 0o600 });
+    await rename(tmp, cfgPath);
+}
+const KEY_PREFIX_MAP = {
+    openai: ["sk-"],
+    xai: ["xai-"],
+    gemini: ["AI"],
+};
+const VALIDATE_URL_MAP = {
+    openai: "https://api.openai.com/v1/models",
+    xai: "https://api.x.ai/v1/models",
+    gemini: "https://generativelanguage.googleapis.com/v1beta/models",
+};
+const CONFIG_KEY_MAP = {
+    openai: "apiKey",
+    xai: "xaiApiKey",
+    gemini: "geminiApiKey",
+};
+function isKeyProvider(v) {
+    return v === "openai" || v === "xai" || v === "gemini";
+}
+function maskKey(key) {
+    if (key.length <= 10)
+        return "***";
+    return `${key.slice(0, 4)}..${key.slice(-2)}`;
+}
+function keySourceForProvider(ctx, provider) {
+    if (provider === "openai")
+        return { key: ctx.apiKey, source: ctx.apiKeySource || "none" };
+    if (provider === "xai")
+        return { key: ctx.xaiApiKey, source: ctx.xaiApiKeySource || "none" };
+    if (provider === "gemini")
+        return { key: ctx.geminiApiKey, source: ctx.geminiApiKeySource || "none" };
+    return { key: undefined, source: "none" };
+}
+export function mountKeyRoutes(app, ctx) {
+    app.get("/api/keys/status", (_req, res) => {
+        const status = {};
+        for (const provider of ["openai", "xai", "gemini"]) {
+            const { key, source } = keySourceForProvider(ctx, provider);
+            status[provider] = {
+                configured: !!key,
+                source,
+                valid: !!key,
+                maskedKey: key ? maskKey(key) : null,
+            };
+        }
+        const vertexJson = ctx.vertexServiceAccountJson;
+        const vertexSource = vertexJson
+            ? (process.env.VERTEX_SERVICE_ACCOUNT_JSON ? "env" : "config")
+            : "none";
+        status.vertex = {
+            configured: !!vertexJson,
+            source: vertexSource,
+            valid: !!vertexJson,
+            maskedKey: ctx.vertexProjectId ? `project: ${ctx.vertexProjectId}` : null,
+        };
+        res.json(status);
+    });
+    // Vertex JSON — dedicated route (before generic :provider)
+    app.put("/api/keys/vertex", async (req, res) => {
+        const { serviceAccountJson } = req.body;
+        if (!serviceAccountJson || typeof serviceAccountJson !== "string") {
+            return res.status(400).json({ ok: false, error: "Missing serviceAccountJson", code: "MISSING_KEY" });
+        }
+        const trimmed = serviceAccountJson.trim();
+        if (trimmed.length > 50 * 1024) {
+            return res.status(400).json({ ok: false, error: "Service account JSON too large (max 50KB)", code: "KEY_TOO_LARGE" });
+        }
+        let parsed;
+        try {
+            parsed = JSON.parse(trimmed);
+        }
+        catch {
+            return res.status(400).json({ ok: false, error: "Invalid JSON", code: "INVALID_JSON" });
+        }
+        if (parsed.type !== "service_account" || !parsed.project_id) {
+            return res.status(400).json({
+                ok: false,
+                error: "JSON must be a Google Cloud service account (type: service_account, project_id required)",
+                code: "INVALID_SERVICE_ACCOUNT",
+            });
+        }
+        // Validate by initializing auth (catches key format issues)
+        try {
+            initVertexAuth(trimmed);
+        }
+        catch {
+            return res.status(400).json({ ok: false, error: "Service account validation failed", code: "KEY_VALIDATION_FAILED" });
+        }
+        // Save to config.json
+        const cfgPath = ctx.config.storage.configFile;
+        let existing = {};
+        try {
+            existing = JSON.parse(await readFile(cfgPath, "utf-8"));
+        }
+        catch { /* new file */ }
+        existing.vertexServiceAccountJson = trimmed;
+        existing.geminiAuthMode = "vertex";
+        await writeConfigAtomic(cfgPath, existing);
+        // Hot-update runtime
+        ctx.vertexServiceAccountJson = trimmed;
+        ctx.vertexProjectId = parsed.project_id;
+        ctx.hasVertexKey = true;
+        ctx.geminiAuthMode = "vertex";
+        return res.json({ ok: true, provider: "vertex", source: "config", valid: true, projectId: parsed.project_id });
+    });
+    app.delete("/api/keys/vertex", async (_req, res) => {
+        const source = ctx.vertexServiceAccountJson
+            ? (process.env.VERTEX_SERVICE_ACCOUNT_JSON ? "env" : "config")
+            : "none";
+        if (source === "env") {
+            return res.status(400).json({ ok: false, error: "Cannot remove env-sourced key", code: "ENV_KEY_IMMUTABLE" });
+        }
+        const cfgPath = ctx.config.storage.configFile;
+        let existing = {};
+        try {
+            existing = JSON.parse(await readFile(cfgPath, "utf-8"));
+        }
+        catch { /* ignore */ }
+        delete existing.vertexServiceAccountJson;
+        await writeConfigAtomic(cfgPath, existing);
+        clearVertexAuth();
+        ctx.vertexServiceAccountJson = undefined;
+        ctx.vertexProjectId = undefined;
+        ctx.hasVertexKey = false;
+        return res.json({ ok: true, provider: "vertex", removed: true });
+    });
+    app.put("/api/keys/:provider", async (req, res) => {
+        const { provider } = req.params;
+        if (!isKeyProvider(provider)) {
+            return res.status(400).json({ ok: false, error: "Invalid provider", code: "INVALID_PROVIDER" });
+        }
+        const { apiKey } = req.body;
+        if (!apiKey || typeof apiKey !== "string" || apiKey.trim().length === 0) {
+            return res.status(400).json({ ok: false, error: "Missing apiKey", code: "MISSING_KEY" });
+        }
+        const trimmed = apiKey.trim();
+        if (trimmed.length > 512) {
+            return res.status(400).json({ ok: false, error: "API key too large", code: "KEY_TOO_LARGE" });
+        }
+        // Format check
+        const validPrefix = KEY_PREFIX_MAP[provider].some((p) => trimmed.startsWith(p));
+        if (!validPrefix) {
+            return res.status(400).json({
+                ok: false,
+                error: `Invalid key format for ${provider}: expected prefix ${KEY_PREFIX_MAP[provider].join(" or ")}`,
+                code: "INVALID_KEY_FORMAT",
+            });
+        }
+        // Validate against provider API
+        try {
+            const url = VALIDATE_URL_MAP[provider];
+            const opts = { signal: AbortSignal.timeout(10_000) };
+            if (provider === "gemini") {
+                opts.headers = { "x-goog-api-key": trimmed };
+                const validateRes = await fetch(url, opts);
+                if (!validateRes.ok)
+                    throw new Error(`HTTP ${validateRes.status}`);
+            }
+            else {
+                opts.headers = { Authorization: `Bearer ${trimmed}` };
+                const validateRes = await fetch(url, opts);
+                if (!validateRes.ok)
+                    throw new Error(`HTTP ${validateRes.status}`);
+            }
+        }
+        catch (e) {
+            return res.status(400).json({
+                ok: false,
+                error: `API key validation failed: ${e.message || "unknown"}`,
+                code: "KEY_VALIDATION_FAILED",
+            });
+        }
+        // Save to config.json
+        const cfgPath = ctx.config.storage.configFile;
+        let existing = {};
+        try {
+            existing = JSON.parse(await readFile(cfgPath, "utf-8"));
+        }
+        catch { /* new file */ }
+        existing[CONFIG_KEY_MAP[provider]] = trimmed;
+        await writeConfigAtomic(cfgPath, existing);
+        // Hot-update runtime context
+        if (provider === "openai") {
+            ctx.apiKey = trimmed;
+            ctx.apiKeySource = "config";
+            ctx.hasApiKey = true;
+            try {
+                const OpenAI = (await import("openai")).default;
+                ctx.openai = new OpenAI({ apiKey: trimmed });
+            }
+            catch { /* ignore */ }
+        }
+        else if (provider === "xai") {
+            ctx.xaiApiKey = trimmed;
+            ctx.xaiApiKeySource = "config";
+            ctx.hasXaiApiKey = true;
+        }
+        else if (provider === "gemini") {
+            ctx.geminiApiKey = trimmed;
+            ctx.geminiApiKeySource = "config";
+            ctx.hasGeminiApiKey = true;
+            ctx.geminiAuthMode = "apikey";
+            existing[CONFIG_KEY_MAP[provider]] = trimmed;
+            existing.geminiAuthMode = "apikey";
+        }
+        return res.json({ ok: true, provider, source: "config", valid: true });
+    });
+    app.delete("/api/keys/:provider", async (req, res) => {
+        const { provider } = req.params;
+        if (!isKeyProvider(provider)) {
+            return res.status(400).json({ ok: false, error: "Invalid provider", code: "INVALID_PROVIDER" });
+        }
+        const { source } = keySourceForProvider(ctx, provider);
+        if (source === "env") {
+            return res.status(400).json({ ok: false, error: "Cannot remove env-sourced key", code: "ENV_KEY_IMMUTABLE" });
+        }
+        // Remove from config.json
+        const cfgPath = ctx.config.storage.configFile;
+        let existing = {};
+        try {
+            existing = JSON.parse(await readFile(cfgPath, "utf-8"));
+        }
+        catch { /* ignore */ }
+        delete existing[CONFIG_KEY_MAP[provider]];
+        await writeConfigAtomic(cfgPath, existing);
+        // Clear runtime
+        if (provider === "openai") {
+            ctx.apiKey = undefined;
+            ctx.apiKeySource = "none";
+            ctx.hasApiKey = false;
+            ctx.openai = null;
+        }
+        else if (provider === "xai") {
+            ctx.xaiApiKey = undefined;
+            ctx.xaiApiKeySource = "none";
+            ctx.hasXaiApiKey = false;
+        }
+        else if (provider === "gemini") {
+            ctx.geminiApiKey = undefined;
+            ctx.geminiApiKeySource = "none";
+            ctx.hasGeminiApiKey = false;
+        }
+        return res.json({ ok: true, provider, removed: true });
+    });
+}

package/routes/multimode.js

@@ -3,12 +3,15 @@ import { safeWriteSidecar } from "../lib/atomicWrite.js";
 import { join } from "path";
 import { randomBytes } from "crypto";
 import { detectImageMimeFromB64, summarizeReferencePayload, validateAndNormalizeRefs } from "../lib/refs.js";
+import { generateImageThumbnailFromBuffer } from "../lib/imageThumb.js";
 import { classifyUpstreamError } from "../lib/errorClassify.js";
 import { normalizeOAuthParams } from "../lib/oauthNormalize.js";
 import { resolveProviderOptions } from "../lib/providerOptions.js";
 import { generateMultimodeViaResponses } from "../lib/responsesImageAdapter.js";
 import { generateMultimodeViaGrok } from "../lib/grokMultimodeAdapter.js";
-import { startJob, finishJob, registerJobAbortController, isJobCanceled } from "../lib/inflight.js";
+import { generateViaAgy } from "../lib/agyImageAdapter.js";
+import { generateViaGeminiApi } from "../lib/geminiApiImageAdapter.js";
+import { startJob, finishJob, registerJobAbortController, isJobCanceled, isStartJobFailure, INFLIGHT_RETRY_AFTER_SECONDS } from "../lib/inflight.js";
 import { isGenerationCanceledError, makeGenerationCanceledError, throwIfJobCanceled, } from "../lib/generationCancel.js";
 import { logEvent, logError } from "../lib/logger.js";
 import { embedImageMetadataBestEffort } from "../lib/imageMetadataStore.js";
@@ -16,37 +19,35 @@ import { invalidateHistoryIndex } from "../lib/historyIndex.js";
 import { normalizeComposerInsertedPrompts, normalizeComposerPrompt, } from "../lib/composerSnapshot.js";
 import { errInfo } from "../lib/errInfo.js";
 import { requireRuntimeContext } from "../lib/runtimeContext.js";
-function sendSse(res, event, data) {
-    res.write(`event: ${event}\n`);
-    res.write(`data: ${JSON.stringify(data)}\n\n`);
-}
-function validateModeration(ctx, moderation) {
-    if (typeof moderation !== "string" || !ctx.config.oauth.validModeration.has(moderation)) {
-        return { error: "moderation must be one of: auto, low" };
+import { validateModeration, imageFormatFromMime, writeSse } from "../lib/routeHelpers.js";
+import { publish } from "../lib/eventBus.js";
+import { publishJobEvent } from "../lib/ssePublish.js";
+import { normalizeMaxImages, sequenceStatus, } from "../lib/multimodeHelpers.js";
+function dualEmitMultimode(res, requestId, event, data) {
+    if (!res.writableEnded)
+        writeSse(res, event, data);
+    if (event === "done") {
+        publishJobEvent(requestId, event, data);
+    }
+    else {
+        publish(requestId, event, data);
     }
-    return { moderation };
-}
-function normalizeMaxImages(value) {
-    return Math.min(8, Math.max(1, Math.trunc(Number(value) || 1)));
-}
-function sequenceStatus(returned, requested) {
-    if (returned <= 0)
-        return "empty";
-    if (returned < requested)
-        return "partial";
-    return "complete";
 }
-function imageFormatFromMime(mime) {
-    if (mime === "image/jpeg")
-        return "jpeg";
-    if (mime === "image/webp")
-        return "webp";
-    return "png";
+function respondMultimodeValidationError(res, requestId, asyncMode, status, payload) {
+    publish(requestId, "error", payload);
+    if (asyncMode && !res.headersSent) {
+        return res.status(status).json(payload);
+    }
+    if (!res.writableEnded) {
+        writeSse(res, "error", payload);
+        res.end();
+    }
 }
 export function registerMultimodeRoutes(app, ctxRaw) {
     const ctx = requireRuntimeContext(ctxRaw);
     app.post("/api/generate/multimode", async (req, res) => {
         const requestId = typeof req.body?.requestId === "string" ? req.body.requestId : req.id;
+        const asyncMode = req.body?.async === true;
         let finishStatus = "completed";
         let finishHttpStatus = 200;
         let finishErrorCode;
@@ -71,10 +72,12 @@ export function registerMultimodeRoutes(app, ctxRaw) {
         let latestUsage = null;
         let latestWebSearchCalls = 0;
         let latestExtraIgnored = 0;
-        res.setHeader("Content-Type", "text/event-stream; charset=utf-8");
-        res.setHeader("Cache-Control", "no-cache, no-transform");
-        res.setHeader("Connection", "keep-alive");
-        res.flushHeaders?.();
+        if (!asyncMode) {
+            res.setHeader("Content-Type", "text/event-stream; charset=utf-8");
+            res.setHeader("Cache-Control", "no-cache, no-transform");
+            res.setHeader("Connection", "keep-alive");
+            res.flushHeaders?.();
+        }
         try {
             const { prompt, quality: rawQuality = "medium", size = "1024x1024", format = "png", moderation = "low", provider = "auto", references = [], mode: promptMode = "auto", model: rawModel, reasoningEffort: rawReasoningEffort, webSearchEnabled: rawWebSearchEnabled = true, } = req.body;
             const composerPrompt = normalizeComposerPrompt(req.body?.composerPrompt);
@@ -93,8 +96,12 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                 finishStatus = "error";
                 finishHttpStatus = providerOptions.status;
                 finishErrorCode = providerOptions.code;
-                sendSse(res, "error", { error: providerOptions.error, code: providerOptions.code, status: providerOptions.status, requestId });
-                return;
+                return respondMultimodeValidationError(res, requestId, asyncMode, providerOptions.status, {
+                    error: providerOptions.error,
+                    code: providerOptions.code,
+                    status: providerOptions.status,
+                    requestId,
+                });
             }
             const imageModel = providerOptions.model;
             const reasoningEffort = providerOptions.reasoningEffort;
@@ -105,28 +112,41 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                 finishStatus = "error";
                 finishHttpStatus = 400;
                 finishErrorCode = "PROMPT_REQUIRED";
-                sendSse(res, "error", { error: "Prompt is required", code: finishErrorCode, status: 400, requestId });
-                return;
+                return respondMultimodeValidationError(res, requestId, asyncMode, 400, {
+                    error: "Prompt is required",
+                    code: finishErrorCode,
+                    status: 400,
+                    requestId,
+                });
             }
             const moderationCheck = validateModeration(ctx, moderation);
             if (moderationCheck.error) {
                 finishStatus = "error";
                 finishHttpStatus = 400;
                 finishErrorCode = "INVALID_MODERATION";
-                sendSse(res, "error", { error: moderationCheck.error, code: finishErrorCode, status: 400, requestId });
-                return;
+                return respondMultimodeValidationError(res, requestId, asyncMode, 400, {
+                    error: moderationCheck.error,
+                    code: finishErrorCode,
+                    status: 400,
+                    requestId,
+                });
             }
             const refCheckResult = validateAndNormalizeRefs(references);
             if (refCheckResult.error) {
                 finishStatus = "error";
                 finishHttpStatus = 400;
                 finishErrorCode = refCheckResult.code;
-                sendSse(res, "error", { error: refCheckResult.error, code: refCheckResult.code, status: 400, requestId });
-                return;
+                return respondMultimodeValidationError(res, requestId, asyncMode, 400, {
+                    error: refCheckResult.error,
+                    code: refCheckResult.code,
+                    status: 400,
+                    requestId,
+                });
             }
             const refCheck = refCheckResult;
+            const incomingProviderUrl = typeof req.body?.providerUrl === "string" && req.body.providerUrl.startsWith("http") ? req.body.providerUrl : null;
             const referencePayload = summarizeReferencePayload(references);
-            startJob({
+            const started = startJob({
                 requestId,
                 kind: "multimode",
                 prompt,
@@ -143,7 +163,25 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                     composerInsertedPrompts,
                 },
             });
+            if (started && isStartJobFailure(started)) {
+                finishStatus = "error";
+                finishHttpStatus = started.code === "TOO_MANY_JOBS" ? 429 : 409;
+                finishErrorCode = started.code;
+                if (started.code === "TOO_MANY_JOBS") {
+                    res.setHeader("Retry-After", String(INFLIGHT_RETRY_AFTER_SECONDS));
+                }
+                return respondMultimodeValidationError(res, requestId, asyncMode, finishHttpStatus, {
+                    error: started.code === "TOO_MANY_JOBS"
+                        ? "Too many concurrent generation jobs"
+                        : "Request ID already in use",
+                    code: started.code,
+                    status: finishHttpStatus,
+                    requestId,
+                });
+            }
             registerJobAbortController(requestId, cancelController);
+            if (asyncMode)
+                res.status(202).json({ requestId });
             logEvent("multimode", "request", {
                 requestId,
                 quality,
@@ -158,7 +196,7 @@ export function registerMultimodeRoutes(app, ctxRaw) {
             });
             const startTime = Date.now();
             const mimeMap = { png: "image/png", jpeg: "image/jpeg", webp: "image/webp" };
-            const mmFormat = activeProvider === "grok" ? "jpeg" : String(format);
+            const mmFormat = activeProvider === "grok" || activeProvider === "agy" || activeProvider === "grok-api" || activeProvider === "gemini-api" ? "jpeg" : String(format);
             const mime = mimeMap[mmFormat] || "image/png";
             const sequenceId = `seq_${Date.now().toString(36)}_${randomBytes(4).toString("hex")}`;
             routeMaxImages = maxImages;
@@ -179,12 +217,13 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                 if (persistedIndexes.has(index))
                     return;
                 throwIfJobCanceled(requestId);
-                const resultMime = activeProvider === "grok"
+                const resultMime = activeProvider === "grok" || activeProvider === "agy" || activeProvider === "grok-api" || activeProvider === "gemini-api"
                     ? (image.mime || detectImageMimeFromB64(image.b64) || mime)
                     : mime;
-                const resultFormat = activeProvider === "grok" ? imageFormatFromMime(resultMime) : mmFormat;
+                const resultFormat = activeProvider === "grok" || activeProvider === "agy" || activeProvider === "grok-api" || activeProvider === "gemini-api" ? imageFormatFromMime(resultMime) : mmFormat;
                 const rand = randomBytes(ctx.config.ids.generatedHexBytes).toString("hex");
                 const filename = `${Date.now()}_${rand}_multimode_${index}.${resultFormat}`;
+                const createdAt = Date.now();
                 const meta = {
                     kind: "multimode-image",
                     generationStrategy: "one-call-text-sequence",
@@ -207,22 +246,27 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                     moderation,
                     model: activeProvider === "grok" ? (quality === "high" ? "grok-imagine-image-quality" : imageModel) : imageModel,
                     provider: activeProvider,
-                    createdAt: Date.now(),
+                    createdAt,
                     usage: latestUsage,
                     webSearchCalls: latestWebSearchCalls,
                     webSearchEnabled,
                     refsCount: refCheck.refs.length,
+                    ...(image.providerUrl ? { providerUrl: image.providerUrl } : {}),
                 };
                 const rawBuffer = Buffer.from(image.b64, "base64");
                 const embedded = await embedImageMetadataBestEffort(rawBuffer, resultFormat, meta, {
                     version: ctx.packageVersion,
                 });
-                await writeFile(join(ctx.config.storage.generatedDir, filename), embedded.buffer);
-                await safeWriteSidecar(join(ctx.config.storage.generatedDir, filename + ".json"), meta);
+                const mmFilePath = join(ctx.config.storage.generatedDir, filename);
+                await writeFile(mmFilePath, embedded.buffer);
+                await safeWriteSidecar(mmFilePath + ".json", meta);
+                generateImageThumbnailFromBuffer(embedded.buffer, mmFilePath).catch(() => { });
                 invalidateHistoryIndex();
                 const item = {
                     image: `data:${resultMime};base64,${image.b64}`,
                     filename,
+                    createdAt,
+                    ...(image.providerUrl ? { providerUrl: image.providerUrl } : {}),
                     revisedPrompt: image.revisedPrompt || null,
                     sequenceId,
                     sequenceIndex: index + 1,
@@ -232,19 +276,50 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                 };
                 persistedIndexes.add(index);
                 images.push(item);
-                sendSse(res, "image", item);
+                dualEmitMultimode(res, requestId, "image", item);
             };
-            sendSse(res, "phase", { phase: "streaming", requestId, sequenceId, maxImages });
+            dualEmitMultimode(res, requestId, "phase", { phase: "streaming", requestId, sequenceId, maxImages });
             let generated;
-            if (activeProvider === "grok") {
+            if (activeProvider === "gemini-api") {
+                const r = await generateViaGeminiApi(prompt, requireRuntimeContext(ctx), {
+                    model: imageModel,
+                    size: effectiveSize,
+                    signal: cancelController.signal,
+                    requestId,
+                    references: refCheck.refDetails,
+                });
+                generated = {
+                    images: [{ b64: r.b64, revisedPrompt: r.revisedPrompt }],
+                    usage: r.usage,
+                    webSearchCalls: r.webSearchCalls,
+                };
+            }
+            else if (activeProvider === "agy") {
+                const r = await generateViaAgy(prompt, {
+                    references: refCheck.refDetails,
+                    signal: cancelController.signal,
+                    requestId,
+                });
+                generated = {
+                    images: [{ b64: r.b64, revisedPrompt: r.revisedPrompt }],
+                    usage: r.usage,
+                    webSearchCalls: r.webSearchCalls,
+                };
+            }
+            else if (activeProvider === "grok" || activeProvider === "grok-api") {
+                const directApiKey = activeProvider === "grok-api" ? ctx.xaiApiKey : undefined;
                 const grokModel = quality === "high" ? "grok-imagine-image-quality" : imageModel;
+                const grokRefs = incomingProviderUrl
+                    ? [{ b64: "", url: incomingProviderUrl }, ...refCheck.refDetails]
+                    : refCheck.refDetails;
                 generated = await generateMultimodeViaGrok(prompt, ctx, {
                     model: grokModel,
                     maxImages,
                     size: effectiveSize,
                     signal: cancelController.signal,
                     requestId,
-                    references: refCheck.refDetails,
+                    references: grokRefs,
+                    directApiKey,
                     onFinalImage: async (image, index) => {
                         const totalReturned = Math.max(index + 1, images.length + 1);
                         await persistAndSendImage(image, index, totalReturned, sequenceStatus(totalReturned, maxImages));
@@ -257,14 +332,14 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                     maxImages,
                     reasoningEffort,
                     webSearchEnabled,
-                    onPartialImage: (partial) => isJobCanceled(requestId)
-                        ? undefined
-                        : sendSse(res, "partial", {
-                            image: `data:${mime};base64,${partial.b64}`,
-                            requestId,
-                            sequenceId,
-                            index: partial.index,
-                        }),
+                    onPartialImage: (partial) => {
+                        if (isJobCanceled(requestId))
+                            return;
+                        const pd = { image: `data:${mime};base64,${partial.b64}`, requestId, sequenceId, index: partial.index };
+                        if (!res.writableEnded && !res.destroyed)
+                            writeSse(res, "partial", pd);
+                        publish(requestId, "partial", pd);
+                    },
                     onFinalImage: async (image, index) => {
                         const totalReturned = Math.max(index + 1, images.length + 1);
                         await persistAndSendImage(image, index, totalReturned, sequenceStatus(totalReturned, maxImages));
@@ -287,7 +362,7 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                 finishHttpStatus = 422;
                 finishErrorCode = "EMPTY_RESPONSE";
                 finishMeta = { sequenceId, filenames: [], imageCount: 0, maxImages, status, composerPrompt: routeComposerPrompt, composerInsertedPrompts: routeComposerInsertedPrompts };
-                sendSse(res, "error", {
+                dualEmitMultimode(res, requestId, "error", {
                     error: "No image data returned from the multimode stream",
                     code: finishErrorCode,
                     status: finishHttpStatus,
@@ -306,7 +381,7 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                 composerInsertedPrompts: routeComposerInsertedPrompts,
             };
             finishHttpStatus = 200;
-            sendSse(res, "done", {
+            dualEmitMultimode(res, requestId, "done", {
                 ok: true,
                 requestId,
                 sequenceId,
@@ -345,7 +420,7 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                 finishCanceled = true;
                 finishHttpStatus = canceled.status;
                 finishErrorCode = canceled.code;
-                sendSse(res, "error", {
+                dualEmitMultimode(res, requestId, "error", {
                     error: canceled.message,
                     code: canceled.code,
                     status: canceled.status,
@@ -368,7 +443,7 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                     composerPrompt: routeComposerPrompt,
                     composerInsertedPrompts: routeComposerInsertedPrompts,
                 };
-                sendSse(res, "done", {
+                dualEmitMultimode(res, requestId, "done", {
                     ok: true,
                     partial: true,
                     requestId,
@@ -406,7 +481,7 @@ export function registerMultimodeRoutes(app, ctxRaw) {
             finishHttpStatus = err.status || 500;
             finishErrorCode = fallbackCode || "MULTIMODE_GENERATE_FAILED";
             logError("multimode", "error", err.raw, { requestId, code: finishErrorCode });
-            sendSse(res, "error", {
+            dualEmitMultimode(res, requestId, "error", {
                 error: err.message,
                 code: finishErrorCode,
                 status: finishHttpStatus,
@@ -424,7 +499,8 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                 errorCode: finishErrorCode,
                 meta: finishMeta,
             });
-            res.end();
+            if (!res.writableEnded)
+                res.end();
         }
     });
 }