npm - jh-web-gateway - Versions diffs - 1.0.0 - Mend

jh-web-gateway 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/cli.js ADDED Viewed

@@ -0,0 +1,2469 @@
+#!/usr/bin/env node
+// src/cli/setup.ts
+import * as p from "@clack/prompts";
+// src/infra/chrome-cdp.ts
+import { chromium } from "playwright-core";
+var DEFAULT_TIMEOUT_MS = 5e3;
+var JH_URL = "https://chat.ai.jh.edu";
+async function getChromeWebSocketUrl(cdpUrl, timeoutMs = DEFAULT_TIMEOUT_MS) {
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), timeoutMs);
+  let raw;
+  try {
+    const res = await fetch(`${cdpUrl}/json/version`, {
+      signal: controller.signal
+    });
+    raw = await res.text();
+  } catch {
+    throw new Error(
+      `Chrome is not running or remote debugging is not enabled at ${cdpUrl}`
+    );
+  } finally {
+    clearTimeout(timer);
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(raw);
+  } catch {
+    throw new Error(`Unexpected CDP response format: ${raw}`);
+  }
+  const wsUrl = parsed !== null && typeof parsed === "object" && "webSocketDebuggerUrl" in parsed ? parsed.webSocketDebuggerUrl : void 0;
+  if (typeof wsUrl !== "string" || wsUrl.length === 0) {
+    throw new Error(`Unexpected CDP response format: ${raw}`);
+  }
+  return wsUrl;
+}
+async function connectToChrome(cdpUrl) {
+  const wsUrl = await getChromeWebSocketUrl(cdpUrl);
+  const browser = await chromium.connectOverCDP(wsUrl);
+  const contexts = browser.contexts();
+  const existingPage = contexts.length > 0 ? contexts[0].pages()[0] : void 0;
+  const page = existingPage ?? await (contexts.length > 0 ? contexts[0].newPage() : (await browser.newContext()).newPage());
+  return { browser, page };
+}
+async function findOrOpenJhPage(browser) {
+  for (const context2 of browser.contexts()) {
+    for (const page2 of context2.pages()) {
+      if (page2.url().includes("chat.ai.jh.edu")) {
+        return page2;
+      }
+    }
+  }
+  const contexts = browser.contexts();
+  const context = contexts.length > 0 ? contexts[0] : await browser.newContext();
+  const page = await context.newPage();
+  await page.goto(JH_URL);
+  return page;
+}
+// src/infra/config.ts
+import { readFile, writeFile, mkdir } from "fs/promises";
+import { homedir } from "os";
+import { join } from "path";
+function getConfigPath() {
+  return join(homedir(), ".jh-gateway", "config.json");
+}
+function getDefaultConfig() {
+  return {
+    cdpUrl: "http://127.0.0.1:9222",
+    port: 8741,
+    defaultModel: "claude-opus-4.5",
+    defaultEndpoint: "AnthropicClaude",
+    credentials: null,
+    auth: { mode: "none", token: null },
+    maxQueueWaitMs: 12e4
+  };
+}
+function validateConfig(raw) {
+  if (typeof raw !== "object" || raw === null) {
+    throw new Error("Config validation error: config must be a JSON object");
+  }
+  const c = raw;
+  if (typeof c.cdpUrl !== "string" || !/^https?:\/\//.test(c.cdpUrl)) {
+    throw new Error(
+      "Config validation error: cdpUrl must be a valid URL starting with http:// or https://"
+    );
+  }
+  if (typeof c.port !== "number" || !Number.isInteger(c.port) || c.port < 1 || c.port > 65535) {
+    throw new Error(
+      "Config validation error: port must be between 1 and 65535"
+    );
+  }
+  if (typeof c.defaultModel !== "string" || c.defaultModel.trim() === "") {
+    throw new Error(
+      "Config validation error: defaultModel must be a non-empty string"
+    );
+  }
+  if (typeof c.defaultEndpoint !== "string" || c.defaultEndpoint.trim() === "") {
+    throw new Error(
+      "Config validation error: defaultEndpoint must be a non-empty string"
+    );
+  }
+  if (c.credentials !== null && c.credentials !== void 0) {
+    if (typeof c.credentials !== "object" || Array.isArray(c.credentials)) {
+      throw new Error(
+        "Config validation error: credentials must be null or an object with bearerToken, cookie, and userAgent strings"
+      );
+    }
+    const creds = c.credentials;
+    for (const field of ["bearerToken", "cookie", "userAgent"]) {
+      if (typeof creds[field] !== "string") {
+        throw new Error(
+          `Config validation error: credentials.${field} must be a string`
+        );
+      }
+    }
+  }
+  if (typeof c.auth !== "object" || c.auth === null || Array.isArray(c.auth)) {
+    throw new Error(
+      "Config validation error: auth must be an object with mode and token fields"
+    );
+  }
+  const auth = c.auth;
+  if (auth.mode !== "none" && auth.mode !== "bearer" && auth.mode !== "basic") {
+    throw new Error(
+      'Config validation error: auth.mode must be "none", "bearer", or "basic"'
+    );
+  }
+  if (auth.token !== null && typeof auth.token !== "string") {
+    throw new Error(
+      "Config validation error: auth.token must be null or a string"
+    );
+  }
+  if (typeof c.maxQueueWaitMs !== "number" || c.maxQueueWaitMs <= 0) {
+    throw new Error(
+      "Config validation error: maxQueueWaitMs must be a positive number"
+    );
+  }
+  return {
+    cdpUrl: c.cdpUrl,
+    port: c.port,
+    defaultModel: c.defaultModel,
+    defaultEndpoint: c.defaultEndpoint,
+    credentials: c.credentials != null ? {
+      bearerToken: c.credentials.bearerToken,
+      cookie: c.credentials.cookie,
+      userAgent: c.credentials.userAgent,
+      expiresAt: typeof c.credentials.expiresAt === "number" ? c.credentials.expiresAt : 0
+    } : null,
+    auth: {
+      mode: auth.mode,
+      token: auth.token ?? null
+    },
+    maxQueueWaitMs: c.maxQueueWaitMs
+  };
+}
+async function loadConfig() {
+  const configPath = getConfigPath();
+  const configDir = join(homedir(), ".jh-gateway");
+  let raw;
+  try {
+    raw = await readFile(configPath, "utf8");
+  } catch (err) {
+    if (isNodeError(err) && (err.code === "ENOENT" || err.code === "ENOTDIR")) {
+      const defaults = getDefaultConfig();
+      await mkdir(configDir, { recursive: true });
+      await writeFile(configPath, JSON.stringify(defaults, null, 2), "utf8");
+      return defaults;
+    }
+    throw err;
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(raw);
+  } catch {
+    throw new Error(
+      `Config validation error: config file at ${configPath} contains malformed JSON`
+    );
+  }
+  return validateConfig(parsed);
+}
+async function saveConfig(config) {
+  const configPath = getConfigPath();
+  const configDir = join(homedir(), ".jh-gateway");
+  await mkdir(configDir, { recursive: true });
+  await writeFile(configPath, JSON.stringify(config, null, 2), "utf8");
+}
+async function updateConfig(partial) {
+  const current = await loadConfig();
+  const updated = { ...current, ...partial };
+  if (partial.auth !== void 0) {
+    updated.auth = { ...current.auth, ...partial.auth };
+  }
+  await saveConfig(updated);
+}
+function isNodeError(err) {
+  return err instanceof Error && "code" in err;
+}
+// src/core/auth-capture.ts
+var JH_HOST = "chat.ai.jh.edu";
+function getTokenExpiry(token) {
+  try {
+    const parts = token.split(".");
+    if (parts.length < 2) return 0;
+    const payload = parts[1].replace(/-/g, "+").replace(/_/g, "/");
+    const json = Buffer.from(payload, "base64").toString("utf8");
+    const parsed = JSON.parse(json);
+    const exp = parsed["exp"];
+    if (typeof exp !== "number") return 0;
+    return exp;
+  } catch {
+    return 0;
+  }
+}
+async function captureCredentials(cdpUrl, timeoutMs = 12e4) {
+  const { browser, page: _initialPage } = await connectToChrome(cdpUrl);
+  const page = await findOrOpenJhPage(browser);
+  return new Promise((resolve, reject) => {
+    let settled = false;
+    const timer = setTimeout(() => {
+      if (settled) return;
+      settled = true;
+      reject(
+        new Error(
+          `Credential capture timed out after ${timeoutMs / 1e3}s. Please log in to chat.ai.jh.edu and send a message to trigger authentication.`
+        )
+      );
+    }, timeoutMs);
+    page.route("**/*", async (route) => {
+      const request = route.request();
+      const headers = await request.headers();
+      const authHeader = headers["authorization"] ?? headers["Authorization"] ?? "";
+      if (!settled && authHeader.startsWith("Bearer ") && request.url().includes(JH_HOST)) {
+        settled = true;
+        clearTimeout(timer);
+        try {
+          const bearerToken = authHeader.slice("Bearer ".length).trim();
+          const rawCookies = await page.context().cookies();
+          const cookie = rawCookies.map((c) => `${c.name}=${c.value}`).join("; ");
+          const userAgent = await page.evaluate(
+            () => navigator.userAgent
+          );
+          const expiresAt = getTokenExpiry(bearerToken);
+          const captured = {
+            bearerToken,
+            cookie,
+            userAgent,
+            expiresAt
+          };
+          await updateConfig({ credentials: captured });
+          resolve(captured);
+        } catch (err) {
+          reject(err);
+        }
+      }
+      await route.continue();
+    }).catch((err) => {
+      if (!settled) {
+        settled = true;
+        clearTimeout(timer);
+        reject(err);
+      }
+    });
+  });
+}
+// src/infra/gateway-auth.ts
+import { randomBytes } from "crypto";
+function generateApiKey() {
+  return `jh-local-${randomBytes(16).toString("hex")}`;
+}
+function authMiddleware(config) {
+  return async (c, next) => {
+    const { mode, token } = config.auth;
+    if (mode === "none") {
+      return next();
+    }
+    const authHeader = c.req.header("authorization");
+    if (!authHeader) {
+      return c.json(
+        {
+          error: {
+            message: "Missing Authorization header",
+            type: "authentication_error",
+            code: "missing_auth",
+            param: null
+          }
+        },
+        401
+      );
+    }
+    if (mode === "bearer") {
+      const expected = `Bearer ${token}`;
+      if (authHeader !== expected) {
+        return c.json(
+          {
+            error: {
+              message: "Invalid bearer token",
+              type: "authentication_error",
+              code: "invalid_auth",
+              param: null
+            }
+          },
+          401
+        );
+      }
+    } else if (mode === "basic") {
+      const expected = `Basic ${Buffer.from(`gateway:${token}`).toString("base64")}`;
+      if (authHeader !== expected) {
+        return c.json(
+          {
+            error: {
+              message: "Invalid basic credentials",
+              type: "authentication_error",
+              code: "invalid_auth",
+              param: null
+            }
+          },
+          401
+        );
+      }
+    }
+    return next();
+  };
+}
+// src/infra/types.ts
+var MODEL_ENDPOINT_MAP = {
+  "claude-opus-4.5": "AnthropicClaude",
+  "claude-sonnet-4.5": "AnthropicClaude",
+  "claude-haiku-4.5": "AnthropicClaude",
+  "gpt-4.1": "OpenAI",
+  "o3": "OpenAI",
+  "o3-mini": "OpenAI",
+  "gpt-5": "OpenAI",
+  "gpt-5.1": "OpenAI",
+  "gpt-5.2": "OpenAI",
+  "llama3-3-70b-instruct": "Meta"
+};
+// src/cli/setup.ts
+var COMMON_CDP_PORTS = [9222, 9223];
+function formatExpiry(exp) {
+  if (exp === 0) {
+    return "unknown";
+  }
+  return new Date(exp * 1e3).toLocaleString();
+}
+async function detectChrome() {
+  p.log.step("Step 1: Chrome detection");
+  for (const port of COMMON_CDP_PORTS) {
+    const url = `http://127.0.0.1:${port}`;
+    const spinner4 = p.spinner();
+    spinner4.start(`Checking ${url}\u2026`);
+    try {
+      await getChromeWebSocketUrl(url, 2e3);
+      spinner4.stop(`Chrome found at ${url}`);
+      return url;
+    } catch {
+      spinner4.stop(`Not found at ${url}`);
+    }
+  }
+  const custom = await p.text({
+    message: "Enter your Chrome CDP URL (e.g. http://127.0.0.1:9224):",
+    placeholder: "http://127.0.0.1:9222",
+    validate(value) {
+      if (!value.startsWith("http://") && !value.startsWith("https://")) {
+        return "Must be a valid URL starting with http:// or https://";
+      }
+    }
+  });
+  if (p.isCancel(custom)) {
+    p.cancel("Setup cancelled.");
+    process.exit(0);
+  }
+  const spinner3 = p.spinner();
+  spinner3.start(`Checking ${custom}\u2026`);
+  try {
+    await getChromeWebSocketUrl(custom, 5e3);
+    spinner3.stop(`Chrome found at ${custom}`);
+    return custom;
+  } catch (err) {
+    spinner3.stop(`Failed to connect to ${custom}`);
+    throw err;
+  }
+}
+async function captureAuth(cdpUrl) {
+  p.log.step("Step 2: JH authentication");
+  p.log.info(
+    "Opening chat.ai.jh.edu in your browser. Send any message to trigger auth capture\u2026"
+  );
+  const spinner3 = p.spinner();
+  spinner3.start("Waiting for credentials (up to 120s)\u2026");
+  const creds = await captureCredentials(cdpUrl, 12e4);
+  const expiry = getTokenExpiry(creds.bearerToken);
+  spinner3.stop(`Credentials captured! Token expires: ${formatExpiry(expiry)}`);
+  return expiry;
+}
+async function selectPort() {
+  p.log.step("Step 3: Port selection");
+  const input = await p.text({
+    message: "Gateway port:",
+    placeholder: "8741",
+    defaultValue: "8741",
+    validate(value) {
+      const n = Number(value);
+      if (!Number.isInteger(n) || n < 1 || n > 65535) {
+        return "Must be a valid port number (1\u201365535)";
+      }
+    }
+  });
+  if (p.isCancel(input)) {
+    p.cancel("Setup cancelled.");
+    process.exit(0);
+  }
+  return Number(input);
+}
+async function verifyConnection() {
+  p.log.step("Step 4: Verification");
+  const models = Object.keys(MODEL_ENDPOINT_MAP);
+  p.log.success(`Available models: ${models.join(", ")}`);
+}
+async function runSetup() {
+  p.intro("JH Web Gateway \u2014 Setup Wizard");
+  let cdpUrl;
+  let port = 8741;
+  while (true) {
+    try {
+      cdpUrl = await detectChrome();
+      break;
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      p.log.error(`Chrome detection failed: ${msg}`);
+      const retry = await p.confirm({ message: "Retry Chrome detection?" });
+      if (p.isCancel(retry) || !retry) {
+        p.cancel("Setup cancelled.");
+        process.exit(1);
+      }
+    }
+  }
+  await updateConfig({ cdpUrl });
+  while (true) {
+    try {
+      await captureAuth(cdpUrl);
+      break;
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      p.log.error(`Auth capture failed: ${msg}`);
+      const retry = await p.confirm({ message: "Retry authentication?" });
+      if (p.isCancel(retry) || !retry) {
+        p.cancel("Setup cancelled.");
+        process.exit(1);
+      }
+    }
+  }
+  try {
+    port = await selectPort();
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    p.log.error(`Port selection failed: ${msg}`);
+    p.cancel("Setup cancelled.");
+    process.exit(1);
+  }
+  const apiKey = generateApiKey();
+  await updateConfig({
+    port,
+    auth: { mode: "bearer", token: apiKey }
+  });
+  await verifyConnection();
+  const config = await loadConfig();
+  const baseUrl = `http://127.0.0.1:${config.port}`;
+  p.outro("Setup complete!");
+  console.log("\n  Base URL:  " + baseUrl);
+  console.log("  API Key:   " + apiKey);
+  console.log("\n  Test with curl:");
+  console.log(
+    `    curl ${baseUrl}/v1/models -H "Authorization: Bearer ${apiKey}"
+`
+  );
+}
+// src/server.ts
+import { Hono as Hono4 } from "hono";
+import { serve } from "@hono/node-server";
+// src/routes/models.ts
+import { Hono } from "hono";
+var MODEL_LIST = Object.keys(MODEL_ENDPOINT_MAP).map((id) => ({
+  id,
+  object: "model",
+  created: 17e8,
+  owned_by: "jh-web"
+}));
+var MODEL_SET = new Set(Object.keys(MODEL_ENDPOINT_MAP));
+function modelsRouter(_config) {
+  const app = new Hono();
+  app.get("/", (c) => {
+    return c.json({ object: "list", data: MODEL_LIST });
+  });
+  app.get("/:id", (c) => {
+    const id = c.req.param("id");
+    if (!MODEL_SET.has(id)) {
+      return c.json(
+        {
+          error: {
+            message: `Model '${id}' not found`,
+            type: "invalid_request_error",
+            code: "model_not_found",
+            param: "id"
+          }
+        },
+        404
+      );
+    }
+    return c.json({ id, object: "model", created: 17e8, owned_by: "jh-web" });
+  });
+  return app;
+}
+// src/routes/health.ts
+import { Hono as Hono2 } from "hono";
+function healthRouter(config, startTime) {
+  const app = new Hono2();
+  app.get("/", (c) => {
+    const uptime = (Date.now() - startTime) / 1e3;
+    const tokenExpiry = config.credentials?.bearerToken ? getTokenExpiry(config.credentials.bearerToken) || null : null;
+    const tokenExpired = tokenExpiry !== null && Date.now() / 1e3 > tokenExpiry;
+    return c.json({
+      status: "ok",
+      uptime,
+      tokenExpiry,
+      tokenExpired,
+      cdpUrl: config.cdpUrl
+    });
+  });
+  return app;
+}
+// src/routes/chat-completions.ts
+import { Hono as Hono3 } from "hono";
+import { stream as honoStream } from "hono/streaming";
+// src/core/message-builder.ts
+function formatToolDefinitionsXml(tools) {
+  const defs = tools.map((t) => {
+    const fn = t.function;
+    let xml = `<tool name="${fn.name}"`;
+    if (fn.description) {
+      xml += ` description="${escapeXmlAttr(fn.description)}"`;
+    }
+    xml += ">";
+    if (fn.parameters) {
+      xml += `
+  <parameters>${JSON.stringify(fn.parameters)}</parameters>`;
+    }
+    xml += "\n</tool>";
+    return xml;
+  });
+  return `<tools>
+${defs.join("\n")}
+</tools>`;
+}
+function formatToolResponse(toolCallId, content) {
+  return `<tool_response id="${toolCallId}">${content}</tool_response>`;
+}
+function buildPrompt(messages, tools, toolChoice) {
+  let systemPrompt;
+  const parts = [];
+  for (const msg of messages) {
+    switch (msg.role) {
+      case "system":
+        systemPrompt = systemPrompt ? `${systemPrompt}
+${msg.content ?? ""}` : msg.content ?? "";
+        break;
+      case "user":
+        parts.push(`${msg.content ?? ""}`);
+        break;
+      case "assistant": {
+        let content = msg.content ?? "";
+        if (msg.tool_calls && msg.tool_calls.length > 0) {
+          const toolXml = msg.tool_calls.map(
+            (tc) => `<tool_call id="${tc.id}" name="${tc.function.name}">${tc.function.arguments}</tool_call>`
+          ).join("");
+          content = content ? `${content}
+${toolXml}` : toolXml;
+        }
+        parts.push(`Assistant: ${content}`);
+        break;
+      }
+      case "tool":
+        parts.push(formatToolResponse(msg.tool_call_id ?? "unknown", msg.content ?? ""));
+        break;
+    }
+  }
+  if (tools && tools.length > 0) {
+    const toolsXml = formatToolDefinitionsXml(tools);
+    const toolInstructions = 'You have access to the following tools. To use a tool, respond with <tool_call id="call_ID" name="TOOL_NAME">ARGUMENTS_JSON</tool_call>';
+    const injection = `${toolInstructions}
+${toolsXml}`;
+    systemPrompt = systemPrompt ? `${systemPrompt}
+${injection}` : injection;
+  }
+  if (toolChoice) {
+    let instruction = "";
+    if (toolChoice === "required") {
+      instruction = "You MUST use a tool in your response.";
+    } else if (typeof toolChoice === "object" && toolChoice.function?.name) {
+      instruction = `You MUST use the tool "${toolChoice.function.name}" in your response.`;
+    }
+    if (instruction) {
+      parts.push(instruction);
+    }
+  }
+  return {
+    prompt: parts.join("\n\n"),
+    systemPrompt
+  };
+}
+function escapeXmlAttr(s) {
+  return s.replace(/&/g, "&amp;").replace(/"/g, "&quot;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
+}
+// src/core/client.ts
+var JH_API_BASE = "https://chat.ai.jh.edu/api";
+var JH_DEFAULT_GREETING = "Hello! How can I help you today?";
+var NULL_UUID = "00000000-0000-0000-0000-000000000000";
+function isTokenExpired(token) {
+  try {
+    const parts = token.split(".");
+    if (parts.length < 2) return true;
+    const payload = parts[1].replace(/-/g, "+").replace(/_/g, "/");
+    const json = Buffer.from(payload, "base64").toString("utf8");
+    const parsed = JSON.parse(json);
+    const exp = parsed["exp"];
+    if (typeof exp !== "number") return true;
+    return Date.now() / 1e3 > exp;
+  } catch {
+    return true;
+  }
+}
+async function sendChatRequest(page, credentials, request, options) {
+  const MAX_ATTEMPTS = 3;
+  for (let attempt = 1; attempt <= MAX_ATTEMPTS; attempt++) {
+    try {
+      return await sendChatRequestInner(page, credentials, request, options, false);
+    } catch (err) {
+      const error = err;
+      if (error.statusCode === 404 && attempt < MAX_ATTEMPTS) {
+        console.log(`[gateway] Stream not found, retrying (attempt ${attempt + 1}/${MAX_ATTEMPTS})...`);
+        await new Promise((r) => setTimeout(r, 500));
+        continue;
+      }
+      throw err;
+    }
+  }
+  throw new Error("Unexpected: all retry attempts exhausted");
+}
+async function sendChatRequestInner(page, credentials, request, options, isRetry) {
+  if (!isRetry && isTokenExpired(credentials.bearerToken)) {
+    throw Object.assign(
+      new Error("Bearer token has expired. Run `jh-gateway auth` to capture fresh credentials."),
+      { statusCode: 401 }
+    );
+  }
+  const endpoint = MODEL_ENDPOINT_MAP[request.model];
+  if (!endpoint) {
+    throw Object.assign(new Error(`Model '${request.model}' is not supported`), { statusCode: 400 });
+  }
+  const conversationId = request.conversationId ?? crypto.randomUUID();
+  const parentMessageId = request.parentMessageId ?? NULL_UUID;
+  const messageId = crypto.randomUUID();
+  const body = {
+    text: request.prompt,
+    sender: "User",
+    clientTimestamp: (/* @__PURE__ */ new Date()).toISOString(),
+    isCreatedByUser: true,
+    parentMessageId,
+    conversationId,
+    messageId,
+    error: false,
+    endpoint,
+    endpointType: "custom",
+    model: request.model,
+    resendFiles: true,
+    greeting: JH_DEFAULT_GREETING,
+    key: "never",
+    modelDisplayLabel: "Claude",
+    isTemporary: true,
+    isRegenerate: false,
+    isContinued: false,
+    ephemeralAgent: {
+      execute_code: false,
+      web_search: false,
+      file_search: false,
+      artifacts: false,
+      mcp: []
+    }
+  };
+  let sseResolve;
+  const ssePromise = new Promise((res) => {
+    sseResolve = res;
+  });
+  let sseResolved = false;
+  const streamPattern = "**/api/agents/chat/stream/*";
+  const routeHandler = async (route) => {
+    console.log(`[gateway] Route handler intercepted: ${route.request().url()}`);
+    const url = route.request().url();
+    const delays = [0, 50, 100, 150, 250, 400, 700, 1200, 2e3, 3500];
+    let lastStatus = 0;
+    let lastBody = "";
+    let lastHeaders = {};
+    const reqHeaders = route.request().headers();
+    for (let i = 0; i < delays.length; i++) {
+      if (delays[i] > 0) {
+        await new Promise((r) => setTimeout(r, delays[i]));
+      }
+      try {
+        const response = await fetch(url, {
+          method: "GET",
+          headers: {
+            Accept: reqHeaders["accept"] ?? "text/event-stream",
+            Authorization: reqHeaders["authorization"] ?? "",
+            Cookie: reqHeaders["cookie"] ?? "",
+            Referer: reqHeaders["referer"] ?? "",
+            "User-Agent": reqHeaders["user-agent"] ?? ""
+          }
+        });
+        lastStatus = response.status;
+        lastBody = await response.text();
+        lastHeaders = {};
+        response.headers.forEach((v, k) => {
+          lastHeaders[k] = v;
+        });
+        if (lastStatus === 200) {
+          console.log(`[gateway] Stream ready on attempt ${i + 1}, body length: ${lastBody.length}`);
+          if (!sseResolved) {
+            sseResolved = true;
+            sseResolve({ error: false, status: 200, statusText: "OK", body: lastBody });
+          }
+          await route.fulfill({ status: 200, headers: lastHeaders, body: lastBody });
+          return;
+        }
+        if (lastStatus !== 404) {
+          console.log(`[gateway] Stream non-404 error: ${lastStatus}, body: ${lastBody.slice(0, 200)}`);
+          break;
+        }
+      } catch (err) {
+        lastBody = String(err);
+        lastStatus = 500;
+        break;
+      }
+    }
+    console.log(`[gateway] Stream fetch failed after ${delays.length} attempts, last status: ${lastStatus}`);
+    if (!sseResolved) {
+      sseResolved = true;
+      sseResolve({ error: true, status: lastStatus, statusText: "stream fetch failed", body: lastBody });
+    }
+    try {
+      await route.fulfill({ status: lastStatus, headers: lastHeaders, body: lastBody });
+    } catch {
+      try {
+        await route.continue();
+      } catch {
+      }
+    }
+  };
+  await page.route(streamPattern, routeHandler);
+  const postResult = await page.evaluate(
+    async ({
+      apiBase,
+      bearerToken,
+      endpointPath,
+      requestBody
+    }) => {
+      try {
+        const res = await fetch(`${apiBase}/agents/chat/${endpointPath}`, {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+            Accept: "text/event-stream",
+            Authorization: `Bearer ${bearerToken}`
+          },
+          body: JSON.stringify(requestBody)
+        });
+        if (!res.ok) {
+          return {
+            error: true,
+            status: res.status,
+            statusText: res.statusText,
+            body: (await res.text()).slice(0, 2e3),
+            contentType: ""
+          };
+        }
+        const ct = res.headers.get("content-type") ?? "";
+        if (ct.includes("text/event-stream")) {
+          const reader = res.body?.getReader();
+          if (!reader) return { error: true, status: 500, statusText: "No body", body: "No SSE body", contentType: ct };
+          const decoder = new TextDecoder();
+          let text2 = "";
+          while (true) {
+            const { done, value } = await reader.read();
+            if (done) break;
+            text2 += decoder.decode(value, { stream: true });
+          }
+          return { error: false, status: 200, statusText: "OK", body: text2, contentType: ct };
+        }
+        const bodyText = await res.text();
+        console.log(`[gateway] POST response content-type: ${ct}, body: ${bodyText.slice(0, 500)}`);
+        return { error: false, status: 200, statusText: "OK", body: bodyText, contentType: ct };
+      } catch (err) {
+        return { error: true, status: 500, statusText: "fetch error", body: String(err), contentType: "" };
+      }
+    },
+    {
+      apiBase: JH_API_BASE,
+      bearerToken: credentials.bearerToken,
+      endpointPath: endpoint,
+      requestBody: body
+    }
+  );
+  let result;
+  if (postResult.error) {
+    result = { error: true, status: postResult.status, statusText: postResult.statusText ?? "", body: postResult.body };
+    await page.unroute(streamPattern, routeHandler);
+  } else if (postResult.contentType.includes("text/event-stream")) {
+    result = { error: false, status: 200, statusText: "OK", body: postResult.body };
+    await page.unroute(streamPattern, routeHandler);
+  } else {
+    let streamId;
+    try {
+      streamId = JSON.parse(postResult.body).streamId;
+    } catch {
+    }
+    if (!streamId) {
+      result = { error: false, status: 200, statusText: "OK", body: postResult.body };
+      await page.unroute(streamPattern, routeHandler);
+    } else {
+      const streamUrl = `${JH_API_BASE}/agents/chat/stream/${streamId}`;
+      page.evaluate(
+        async ({ url, token }) => {
+          await new Promise((r) => setTimeout(r, 10));
+          try {
+            await fetch(url, {
+              method: "GET",
+              headers: { Accept: "text/event-stream", Authorization: `Bearer ${token}` }
+            });
+          } catch {
+          }
+        },
+        { url: streamUrl, token: credentials.bearerToken }
+      ).catch(() => {
+      });
+      const timeout = new Promise(
+        (res) => setTimeout(() => {
+          if (!sseResolved) {
+            sseResolved = true;
+            res({ error: true, status: 408, statusText: "timeout", body: "Stream capture timed out after 120s" });
+          }
+        }, 12e4)
+      );
+      result = await Promise.race([ssePromise, timeout]);
+      await page.unroute(streamPattern, routeHandler);
+    }
+  }
+  if (result.error) {
+    const status = result.status;
+    const responseBody = result.body;
+    if (status === 401 && !isRetry) {
+      const cdpUrl = options?.cdpUrl ?? "http://127.0.0.1:9222";
+      try {
+        await page.reload({ waitUntil: "networkidle" });
+        const fresh = await captureCredentials(cdpUrl, 3e4);
+        const newCreds = {
+          bearerToken: fresh.bearerToken,
+          cookie: fresh.cookie,
+          userAgent: fresh.userAgent
+        };
+        options?.onCredentialsRefreshed?.(newCreds);
+        return sendChatRequestInner(page, newCreds, request, options, true);
+      } catch {
+        throw Object.assign(
+          new Error("JH platform returned 401 and automatic re-authentication failed. Run `jh-gateway auth` to capture fresh credentials."),
+          { statusCode: 401 }
+        );
+      }
+    }
+    if (status === 401) {
+      throw Object.assign(
+        new Error("JH platform returned 401 after re-authentication attempt. Run `jh-gateway auth` to capture fresh credentials."),
+        { statusCode: 401 }
+      );
+    }
+    if (status === 403) {
+      throw Object.assign(
+        new Error("JH platform returned 403 \u2014 Cloudflare session has expired. Please open chat.ai.jh.edu in your browser, complete any challenge, then run `jh-gateway auth`."),
+        { statusCode: 403 }
+      );
+    }
+    throw Object.assign(new Error(`JH platform returned ${status}: ${responseBody}`), { statusCode: status });
+  }
+  console.log(`[gateway] Final result: error=${result.error}, status=${result.status}, body length=${result.body.length}`);
+  const rawSseText = result.body;
+  const { newConversationId, newParentMessageId } = extractConversationState(rawSseText, conversationId, messageId);
+  return { rawSseText, conversationId: newConversationId, parentMessageId: newParentMessageId };
+}
+function extractConversationState(rawSse, fallbackConversationId, fallbackParentMessageId) {
+  let newConversationId = fallbackConversationId ?? "";
+  let newParentMessageId = fallbackParentMessageId;
+  const blocks = rawSse.split("\n\n");
+  for (const block of blocks) {
+    const trimmed = block.trim();
+    if (!trimmed) continue;
+    let event = "";
+    let data = "";
+    for (const line of trimmed.split("\n")) {
+      if (line.startsWith("event: ")) event = line.slice(7).trim();
+      else if (line.startsWith("data: ")) data = line.slice(6);
+      else if (line.startsWith("data:")) data = line.slice(5);
+    }
+    if (event === "message" && data) {
+      try {
+        const parsed = JSON.parse(data);
+        if (parsed?.isCreatedByUser === false) {
+          if (parsed.conversationId) newConversationId = parsed.conversationId;
+          if (parsed.messageId) newParentMessageId = parsed.messageId;
+        }
+        const msg = parsed?.message;
+        if (msg?.isCreatedByUser === false) {
+          if (msg.conversationId) newConversationId = msg.conversationId;
+          if (msg.messageId) newParentMessageId = msg.messageId;
+        }
+      } catch {
+      }
+    }
+  }
+  return { newConversationId, newParentMessageId };
+}
+// src/core/stream-translator.ts
+import { randomBytes as randomBytes2 } from "crypto";
+// src/core/tool-parser.ts
+var TOOL_CALL_RE = /<tool_call\s+id="([^"]*)"\s+name="([^"]*)">([\s\S]*?)<\/tool_call>/g;
+var THINK_RE = /<think>([\s\S]*?)<\/think>/g;
+function parseToolsAndThinking(text2) {
+  const toolCalls = [];
+  let thinking = null;
+  const thinkMatches = [...text2.matchAll(THINK_RE)];
+  if (thinkMatches.length > 0) {
+    thinking = thinkMatches.map((m) => m[1]).join("\n");
+  }
+  let remaining = text2.replace(THINK_RE, "");
+  const toolMatches = [...remaining.matchAll(TOOL_CALL_RE)];
+  for (const match of toolMatches) {
+    const id = match[1];
+    const name = match[2];
+    const rawArgs = match[3].trim();
+    let args2;
+    try {
+      JSON.parse(rawArgs);
+      args2 = rawArgs;
+    } catch {
+      args2 = JSON.stringify(rawArgs);
+    }
+    toolCalls.push({ id, name, arguments: args2 });
+  }
+  remaining = remaining.replace(TOOL_CALL_RE, "");
+  const cleanedText = remaining.trim();
+  return {
+    text: cleanedText,
+    toolCalls,
+    thinking
+  };
+}
+function toOpenAIToolCalls(calls) {
+  return calls.map((call, index) => ({
+    id: call.id,
+    type: "function",
+    index,
+    function: {
+      name: call.name,
+      arguments: call.arguments
+    }
+  }));
+}
+// src/core/stream-translator.ts
+function parseSseEvents(rawSse) {
+  const events = [];
+  const blocks = rawSse.split("\n\n");
+  for (const block of blocks) {
+    const trimmed = block.trim();
+    if (!trimmed) continue;
+    let event = "";
+    let data = "";
+    for (const line of trimmed.split("\n")) {
+      if (line.startsWith("event: ")) {
+        event = line.slice(7).trim();
+      } else if (line.startsWith("data: ")) {
+        data = line.slice(6);
+      } else if (line.startsWith("data:")) {
+        data = line.slice(5);
+      }
+    }
+    if (event || data) {
+      events.push({ event, data });
+    }
+  }
+  return events;
+}
+function resolveEventType(ev) {
+  if (ev.event && ev.event !== "message") {
+    try {
+      return { type: ev.event, parsed: JSON.parse(ev.data) };
+    } catch {
+      return { type: ev.event, parsed: null };
+    }
+  }
+  if (ev.data) {
+    try {
+      const parsed = JSON.parse(ev.data);
+      const jsonEvent = typeof parsed.event === "string" ? parsed.event : null;
+      return { type: jsonEvent ?? ev.event, parsed };
+    } catch {
+      return { type: ev.event, parsed: null };
+    }
+  }
+  return { type: ev.event, parsed: null };
+}
+function isUserEcho(parsed) {
+  if (!parsed) return false;
+  if (parsed.isCreatedByUser === true) return true;
+  const msg = parsed.message;
+  if (msg?.isCreatedByUser === true || msg?.sender === "User") return true;
+  return false;
+}
+function extractDeltaText(parsed) {
+  if (!parsed) return null;
+  let content = parsed.delta?.content;
+  if (!content) {
+    const dataObj = parsed.data;
+    content = dataObj?.delta?.content;
+  }
+  if (!Array.isArray(content)) return null;
+  const texts = [];
+  for (const item of content) {
+    if (item?.type === "text" && typeof item.text === "string") {
+      texts.push(item.text);
+    }
+  }
+  return texts.length > 0 ? texts.join("") : null;
+}
+function extractMessageText(parsed) {
+  if (!parsed) return null;
+  const msg = parsed.message;
+  if (!msg) return null;
+  if (msg.isCreatedByUser === true || msg.sender === "User") return null;
+  if (typeof msg.text === "string" && msg.text) return msg.text;
+  return null;
+}
+function generateCompletionId() {
+  return `chatcmpl-${randomBytes2(12).toString("hex")}`;
+}
+function extractContentFromJhSse(rawSse) {
+  const events = parseSseEvents(rawSse);
+  const parts = [];
+  let lastMessageText = "";
+  for (const ev of events) {
+    const { type, parsed } = resolveEventType(ev);
+    if (isUserEcho(parsed)) continue;
+    if (type === "on_run_step") continue;
+    if (type === "on_message_delta") {
+      const delta = extractDeltaText(parsed);
+      if (delta !== null) {
+        parts.push(delta);
+      }
+    }
+    if (type === "message" || !type) {
+      const msgText = extractMessageText(parsed);
+      if (msgText && msgText.length > lastMessageText.length) {
+        lastMessageText = msgText;
+      }
+    }
+  }
+  const deltaText = parts.join("");
+  return deltaText || lastMessageText;
+}
+function translateToStream(rawSse, model, completionId) {
+  const id = completionId ?? generateCompletionId();
+  const created = Math.floor(Date.now() / 1e3);
+  const events = parseSseEvents(rawSse);
+  const chunks = [];
+  let lastMessageText = "";
+  chunks.push({
+    id,
+    object: "chat.completion.chunk",
+    created,
+    model,
+    choices: [{ index: 0, delta: { role: "assistant" }, finish_reason: null }]
+  });
+  let gotDeltas = false;
+  for (const ev of events) {
+    const { type, parsed } = resolveEventType(ev);
+    if (isUserEcho(parsed)) continue;
+    if (type === "on_run_step") continue;
+    if (type === "on_message_delta") {
+      const delta = extractDeltaText(parsed);
+      if (delta !== null) {
+        gotDeltas = true;
+        chunks.push({
+          id,
+          object: "chat.completion.chunk",
+          created,
+          model,
+          choices: [{ index: 0, delta: { content: delta }, finish_reason: null }]
+        });
+      }
+    }
+    if (type === "message" || !type) {
+      const msgText = extractMessageText(parsed);
+      if (msgText && msgText.length > lastMessageText.length) {
+        const delta = msgText.slice(lastMessageText.length);
+        lastMessageText = msgText;
+        if (!gotDeltas && delta) {
+          chunks.push({
+            id,
+            object: "chat.completion.chunk",
+            created,
+            model,
+            choices: [{ index: 0, delta: { content: delta }, finish_reason: null }]
+          });
+        }
+      }
+    }
+  }
+  chunks.push({
+    id,
+    object: "chat.completion.chunk",
+    created,
+    model,
+    choices: [{ index: 0, delta: {}, finish_reason: "stop" }]
+  });
+  return chunks;
+}
+function translateToCompletion(rawSse, model, completionId) {
+  const id = completionId ?? generateCompletionId();
+  const created = Math.floor(Date.now() / 1e3);
+  const fullText = extractContentFromJhSse(rawSse);
+  const parsed = parseToolsAndThinking(fullText);
+  const promptTokens = 0;
+  const completionTokens = Math.max(1, Math.ceil(fullText.length / 4));
+  const message = {
+    role: "assistant",
+    content: parsed.text || null
+  };
+  if (parsed.toolCalls.length > 0) {
+    message.tool_calls = toOpenAIToolCalls(parsed.toolCalls);
+  }
+  return {
+    id,
+    object: "chat.completion",
+    created,
+    model,
+    choices: [{ index: 0, message, finish_reason: "stop" }],
+    usage: {
+      prompt_tokens: promptTokens,
+      completion_tokens: completionTokens,
+      total_tokens: promptTokens + completionTokens
+    }
+  };
+}
+// src/routes/chat-completions.ts
+import { randomBytes as randomBytes3 } from "crypto";
+var MODEL_SET2 = new Set(Object.keys(MODEL_ENDPOINT_MAP));
+function chatCompletionsRouter(_config, deps) {
+  const app = new Hono3();
+  app.post("/", async (c) => {
+    let body;
+    try {
+      body = await c.req.json();
+    } catch {
+      return c.json(
+        {
+          error: {
+            message: "Request body must be valid JSON",
+            type: "invalid_request_error",
+            code: "invalid_json",
+            param: null
+          }
+        },
+        400
+      );
+    }
+    const model = body.model;
+    if (typeof model !== "string" || !model) {
+      return c.json(
+        {
+          error: {
+            message: "Missing required field: model",
+            type: "invalid_request_error",
+            code: "missing_field",
+            param: "model"
+          }
+        },
+        400
+      );
+    }
+    if (!MODEL_SET2.has(model)) {
+      return c.json(
+        {
+          error: {
+            message: `Model '${model}' is not supported. Available models: ${[...MODEL_SET2].join(", ")}`,
+            type: "invalid_request_error",
+            code: "model_not_found",
+            param: "model"
+          }
+        },
+        400
+      );
+    }
+    const messages = body.messages;
+    if (!Array.isArray(messages) || messages.length === 0) {
+      return c.json(
+        {
+          error: {
+            message: "Missing or empty required field: messages",
+            type: "invalid_request_error",
+            code: "missing_field",
+            param: "messages"
+          }
+        },
+        400
+      );
+    }
+    const shouldStream = body.stream === true;
+    const tools = body.tools ?? void 0;
+    const toolChoice = body.tool_choice;
+    const pool = deps.getPool();
+    if (!pool) {
+      return c.json(
+        {
+          error: {
+            message: "Chrome browser is not connected. Run `jh-gateway setup` or `jh-gateway auth`.",
+            type: "service_unavailable",
+            code: "chrome_disconnected",
+            param: null
+          }
+        },
+        503
+      );
+    }
+    const credentials = deps.getCredentials();
+    if (!credentials) {
+      return c.json(
+        {
+          error: {
+            message: "No credentials available. Run `jh-gateway auth` to capture credentials.",
+            type: "authentication_error",
+            code: "no_credentials",
+            param: null
+          }
+        },
+        401
+      );
+    }
+    const completionId = `chatcmpl-${randomBytes3(12).toString("hex")}`;
+    const [built, acquired] = await Promise.all([
+      Promise.resolve(buildPrompt(messages, tools, toolChoice)),
+      pool.acquire()
+    ]);
+    const { page, queue, release } = acquired;
+    const stats = pool.stats;
+    console.log(`[chat] Acquired page (pool: ${stats.busy}/${stats.total} busy)`);
+    try {
+      const response = await queue.enqueue(
+        () => sendChatRequest(page, credentials, {
+          model,
+          prompt: built.prompt
+        })
+      );
+      if (shouldStream) {
+        const chunks = translateToStream(response.rawSseText, model, completionId);
+        return honoStream(c, async (stream) => {
+          c.header("Content-Type", "text/event-stream");
+          c.header("Cache-Control", "no-cache");
+          c.header("Connection", "keep-alive");
+          try {
+            for (const chunk of chunks) {
+              await stream.write(`data: ${JSON.stringify(chunk)}
+`);
+            }
+          } catch (streamErr) {
+            const sErr = streamErr;
+            const errorEvent = {
+              error: {
+                message: sErr.message || "An error occurred during streaming",
+                type: "server_error",
+                code: "stream_error",
+                param: null
+              }
+            };
+            await stream.write(`data: ${JSON.stringify(errorEvent)}
+`);
+          } finally {
+            release();
+          }
+          await stream.write("data: [DONE]\n\n");
+        });
+      }
+      release();
+      const completion = translateToCompletion(response.rawSseText, model, completionId);
+      return c.json(completion);
+    } catch (err) {
+      release();
+      const error = err;
+      const statusCode = error.statusCode ?? 500;
+      if (statusCode === 401 && deps.reauthLock) {
+        try {
+          const freshCreds = await deps.reauthLock.acquire(async () => {
+            const captured = await captureCredentials(_config.cdpUrl);
+            return {
+              bearerToken: captured.bearerToken,
+              cookie: captured.cookie,
+              userAgent: captured.userAgent
+            };
+          });
+          deps.setCredentials?.(freshCreds);
+          const retry = await pool.acquire();
+          try {
+            const retryResponse = await retry.queue.enqueue(
+              () => sendChatRequest(retry.page, freshCreds, {
+                model,
+                prompt: built.prompt
+              })
+            );
+            if (shouldStream) {
+              const chunks = translateToStream(retryResponse.rawSseText, model, completionId);
+              return honoStream(c, async (stream) => {
+                c.header("Content-Type", "text/event-stream");
+                c.header("Cache-Control", "no-cache");
+                c.header("Connection", "keep-alive");
+                try {
+                  for (const chunk of chunks) {
+                    await stream.write(`data: ${JSON.stringify(chunk)}
+`);
+                  }
+                } catch (streamErr) {
+                  const sErr = streamErr;
+                  const errorEvent = {
+                    error: {
+                      message: sErr.message || "An error occurred during streaming",
+                      type: "server_error",
+                      code: "stream_error",
+                      param: null
+                    }
+                  };
+                  await stream.write(`data: ${JSON.stringify(errorEvent)}
+`);
+                } finally {
+                  retry.release();
+                }
+                await stream.write("data: [DONE]\n\n");
+              });
+            }
+            retry.release();
+            const completion = translateToCompletion(retryResponse.rawSseText, model, completionId);
+            return c.json(completion);
+          } catch {
+            retry.release();
+          }
+        } catch {
+        }
+        const reauthErrorBody = {
+          error: {
+            message: "Authentication failed after automatic re-capture attempt.",
+            type: "authentication_error",
+            code: "upstream_error",
+            param: null
+          }
+        };
+        if (shouldStream) {
+          return honoStream(c, async (stream) => {
+            c.header("Content-Type", "text/event-stream");
+            c.header("Cache-Control", "no-cache");
+            c.header("Connection", "keep-alive");
+            await stream.write(`data: ${JSON.stringify(reauthErrorBody)}
+`);
+            await stream.write("data: [DONE]\n\n");
+          });
+        }
+        return c.json(reauthErrorBody, 401);
+      }
+      const typeMap = {
+        400: "invalid_request_error",
+        401: "authentication_error",
+        403: "permission_error",
+        429: "rate_limit_error",
+        503: "service_unavailable"
+      };
+      const errorBody = {
+        error: {
+          message: error.message || "Internal server error",
+          type: typeMap[statusCode] ?? "server_error",
+          code: statusCode === 429 ? "queue_overflow" : "upstream_error",
+          param: null
+        }
+      };
+      if (shouldStream) {
+        return honoStream(c, async (stream) => {
+          c.header("Content-Type", "text/event-stream");
+          c.header("Cache-Control", "no-cache");
+          c.header("Connection", "keep-alive");
+          await stream.write(`data: ${JSON.stringify(errorBody)}
+`);
+          await stream.write("data: [DONE]\n\n");
+        });
+      }
+      return c.json(
+        errorBody,
+        statusCode
+      );
+    }
+  });
+  return app;
+}
+// src/infra/logger.ts
+import { appendFile, readFile as readFile2, readdir, mkdir as mkdir2 } from "fs/promises";
+import { homedir as homedir2 } from "os";
+import { join as join2 } from "path";
+var DEFAULT_LOG_DIR = join2(homedir2(), ".jh-gateway", "logs");
+function dateStamp(d = /* @__PURE__ */ new Date()) {
+  return d.toISOString().slice(0, 10);
+}
+var Logger = class {
+  logDir;
+  dirCreated = false;
+  constructor(logDir) {
+    this.logDir = logDir ?? DEFAULT_LOG_DIR;
+  }
+  /** Ensure the log directory exists (lazy, once per instance). */
+  async ensureDir() {
+    if (this.dirCreated) {
+      return;
+    }
+    await mkdir2(this.logDir, { recursive: true });
+    this.dirCreated = true;
+  }
+  /** Append a log entry to today's JSONL file. */
+  async log(entry) {
+    await this.ensureDir();
+    const file = join2(this.logDir, `${dateStamp()}.jsonl`);
+    await appendFile(file, JSON.stringify(entry) + "\n", "utf8");
+  }
+  /** Query log entries. Reads from a specific date or the most recent file. */
+  async query(options = {}) {
+    await this.ensureDir();
+    const limit = options.limit ?? 100;
+    if (options.date) {
+      return this.readLogFile(join2(this.logDir, `${options.date}.jsonl`), limit);
+    }
+    let names;
+    try {
+      names = await readdir(this.logDir);
+    } catch {
+      return [];
+    }
+    const jsonlFiles = names.filter((n) => n.endsWith(".jsonl")).toSorted().toReversed();
+    const entries = [];
+    for (const name of jsonlFiles) {
+      if (entries.length >= limit) {
+        break;
+      }
+      const batch = await this.readLogFile(join2(this.logDir, name), limit - entries.length);
+      entries.push(...batch);
+    }
+    return entries.slice(0, limit);
+  }
+  async readLogFile(filePath, limit) {
+    let raw;
+    try {
+      raw = await readFile2(filePath, "utf8");
+    } catch {
+      return [];
+    }
+    const entries = [];
+    const lines = raw.split("\n");
+    for (let i = lines.length - 1; i >= 0 && entries.length < limit; i--) {
+      const line = lines[i].trim();
+      if (!line) {
+        continue;
+      }
+      try {
+        entries.push(JSON.parse(line));
+      } catch {
+      }
+    }
+    return entries;
+  }
+};
+// src/server.ts
+function createServer(config, deps) {
+  const app = new Hono4();
+  const startTime = Date.now();
+  const logger = new Logger();
+  app.use("/v1/*", authMiddleware(config));
+  app.use("*", async (c, next) => {
+    const start = Date.now();
+    await next();
+    const latencyMs = Date.now() - start;
+    let model = null;
+    if (c.req.method === "POST" && c.req.path.includes("chat/completions")) {
+      try {
+        const bodyText = await c.req.raw.clone().text();
+        const parsed = JSON.parse(bodyText);
+        model = typeof parsed?.model === "string" ? parsed.model : null;
+      } catch {
+      }
+    }
+    const resBody = c.res?.headers?.get("content-length");
+    const resSize = resBody ? parseInt(resBody, 10) : 0;
+    const entry = {
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      method: c.req.method,
+      path: c.req.path,
+      model,
+      statusCode: c.res.status,
+      latencyMs,
+      estimatedTokens: {
+        prompt: 0,
+        completion: Math.max(0, Math.ceil(resSize / 4))
+      }
+    };
+    logger.log(entry).catch(() => {
+    });
+  });
+  app.route("/v1/models", modelsRouter(config));
+  app.route("/health", healthRouter(config, startTime));
+  if (deps) {
+    app.route(
+      "/v1/chat/completions",
+      chatCompletionsRouter(config, {
+        getPool: deps.getPool,
+        getCredentials: deps.getCredentials,
+        reauthLock: deps.reauthLock,
+        setCredentials: deps.setCredentials
+      })
+    );
+  }
+  app.onError((err, c) => {
+    return c.json(
+      {
+        error: {
+          message: err.message || "Internal server error",
+          type: "server_error",
+          code: "internal_error",
+          param: null
+        }
+      },
+      500
+    );
+  });
+  app.notFound((c) => {
+    return c.json(
+      {
+        error: {
+          message: `Route ${c.req.method} ${c.req.path} not found`,
+          type: "invalid_request_error",
+          code: "route_not_found",
+          param: null
+        }
+      },
+      404
+    );
+  });
+  return app;
+}
+async function startServer(config, deps) {
+  const hostname = "127.0.0.1";
+  const app = createServer(config, deps);
+  const port = config.port;
+  const server = serve({
+    fetch: app.fetch,
+    port,
+    hostname
+  });
+  console.log(`JH Web Gateway listening on http://${hostname}:${port}`);
+  let shuttingDown = false;
+  const DRAIN_TIMEOUT_MS = 1e4;
+  const shutdown = async () => {
+    if (shuttingDown) {
+      return;
+    }
+    shuttingDown = true;
+    console.log("\nShutting down gracefully...");
+    await new Promise((resolve) => {
+      const timer = setTimeout(() => {
+        console.log("Drain timeout reached, forcing close.");
+        resolve();
+      }, DRAIN_TIMEOUT_MS);
+      server.close(() => {
+        clearTimeout(timer);
+        resolve();
+      });
+    });
+    if (deps.browser) {
+      try {
+        await deps.browser.close();
+      } catch {
+      }
+    }
+    console.log("Shutdown complete.");
+  };
+  process.on("SIGINT", async () => {
+    await shutdown();
+    process.exit(0);
+  });
+  process.on("SIGTERM", async () => {
+    await shutdown();
+    process.exit(0);
+  });
+  return { close: shutdown };
+}
+// src/core/request-queue.ts
+var RequestQueue = class {
+  queue = [];
+  running = false;
+  maxWaitMs;
+  constructor(maxWaitMs = 12e4) {
+    this.maxWaitMs = maxWaitMs;
+  }
+  /** Current number of tasks waiting in the queue (not including the active one). */
+  get pending() {
+    return this.queue.length;
+  }
+  /** Enqueue a task. Resolves when the task completes. Rejects on timeout or task error. */
+  async enqueue(task) {
+    await this.waitForTurn();
+    try {
+      return await task();
+    } finally {
+      if (this.queue.length > 0) {
+        await new Promise((r) => setTimeout(r, 300));
+      }
+      this.release();
+    }
+  }
+  waitForTurn() {
+    if (!this.running) {
+      this.running = true;
+      return Promise.resolve();
+    }
+    return new Promise((resolve, reject) => {
+      const timer = setTimeout(() => {
+        const idx = this.queue.indexOf(release);
+        if (idx !== -1) this.queue.splice(idx, 1);
+        reject(
+          Object.assign(
+            new Error(
+              `Request queue wait exceeded ${this.maxWaitMs}ms \u2014 server is overloaded`
+            ),
+            { statusCode: 429 }
+          )
+        );
+      }, this.maxWaitMs);
+      const release = () => {
+        clearTimeout(timer);
+        resolve();
+      };
+      this.queue.push(release);
+    });
+  }
+  release() {
+    const next = this.queue.shift();
+    if (next) {
+      next();
+    } else {
+      this.running = false;
+    }
+  }
+};
+// src/core/page-pool.ts
+var PagePool = class {
+  pages = [];
+  browser = null;
+  targetUrl;
+  maxPages;
+  maxWaitMs;
+  initPromise = null;
+  constructor(options = {}) {
+    this.targetUrl = options.targetUrl ?? "https://chat.ai.jh.edu";
+    this.maxPages = options.maxPages ?? 3;
+    this.maxWaitMs = options.maxWaitMs ?? 12e4;
+  }
+  /** Initialize the pool with an existing browser connection and seed page */
+  async init(browser, seedPage) {
+    if (this.initPromise) return this.initPromise;
+    this.initPromise = this._doInit(browser, seedPage);
+    return this.initPromise;
+  }
+  async _doInit(browser, seedPage) {
+    this.browser = browser;
+    this.pages.push({
+      page: seedPage,
+      queue: new RequestQueue(this.maxWaitMs),
+      inUse: false
+    });
+    console.log(`[PagePool] Initialized with 1 page, will scale up to ${this.maxPages}`);
+  }
+  /** Get pool statistics */
+  get stats() {
+    const busy = this.pages.filter((p3) => p3.inUse).length;
+    return {
+      total: this.pages.length,
+      busy,
+      available: this.pages.length - busy
+    };
+  }
+  /**
+   * Acquire a page for use. Creates new pages on-demand up to maxPages.
+   * Note: We intentionally don't lock here — allowing multiple requests to
+   * grab the same page and queue on it is actually faster than creating new pages.
+   */
+  async acquire() {
+    let pooled = this.pages.find((p4) => !p4.inUse);
+    if (!pooled && this.pages.length < this.maxPages && this.browser) {
+      pooled = await this.createPage();
+    }
+    if (!pooled) {
+      pooled = this.pages.reduce(
+        (a, b) => a.queue.pending <= b.queue.pending ? a : b
+      );
+    }
+    pooled.inUse = true;
+    const p3 = pooled;
+    return {
+      page: p3.page,
+      queue: p3.queue,
+      release: () => {
+        p3.inUse = false;
+      }
+    };
+  }
+  async createPage() {
+    if (!this.browser) {
+      throw new Error("PagePool not initialized");
+    }
+    console.log(`[PagePool] Creating new page (${this.pages.length + 1}/${this.maxPages})...`);
+    const context = this.browser.contexts()[0];
+    if (!context) {
+      throw new Error("No browser context available");
+    }
+    const page = await context.newPage();
+    await page.goto(this.targetUrl, { waitUntil: "networkidle", timeout: 3e4 });
+    console.log(`[PagePool] New page ready: ${page.url()}`);
+    const pooled = {
+      page,
+      queue: new RequestQueue(this.maxWaitMs),
+      inUse: false
+    };
+    this.pages.push(pooled);
+    return pooled;
+  }
+  /** Close all pages except the seed page */
+  async drain() {
+    const toClose = this.pages.slice(1);
+    this.pages = this.pages.slice(0, 1);
+    for (const p3 of toClose) {
+      try {
+        await p3.page.close();
+      } catch {
+      }
+    }
+    console.log(`[PagePool] Drained ${toClose.length} pages`);
+  }
+};
+// src/cli/serve.ts
+async function runServe(options) {
+  const config = await loadConfig();
+  if (options.port !== void 0) {
+    await updateConfig({ port: options.port });
+    config.port = options.port;
+  }
+  const maxPages = options.pages ?? 3;
+  let pool = null;
+  let browser;
+  try {
+    const conn = await connectToChrome(config.cdpUrl);
+    const seedPage = await findOrOpenJhPage(conn.browser);
+    browser = conn.browser;
+    console.log(`Connected to Chrome at ${config.cdpUrl}`);
+    const currentUrl = seedPage.url();
+    if (!currentUrl.includes("chat.ai.jh.edu")) {
+      console.log("Navigating to chat.ai.jh.edu...");
+      await seedPage.goto("https://chat.ai.jh.edu", { waitUntil: "networkidle" });
+    }
+    console.log(`Browser page: ${seedPage.url()}`);
+    pool = new PagePool({
+      maxPages,
+      maxWaitMs: config.maxQueueWaitMs
+    });
+    await pool.init(conn.browser, seedPage);
+    console.log(`Page pool initialized (max ${maxPages} concurrent pages)`);
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    console.warn(`Warning: Could not connect to Chrome: ${msg}`);
+    console.warn("Chat completions will fail until Chrome is available.");
+  }
+  await startServer(config, {
+    getPool: () => pool,
+    getCredentials: () => config.credentials,
+    browser
+  });
+}
+// src/cli/auth.ts
+function formatExpiry2(exp) {
+  if (exp === 0) {
+    return "unknown";
+  }
+  return new Date(exp * 1e3).toLocaleString();
+}
+async function runAuth() {
+  const config = await loadConfig();
+  console.log(`Connecting to Chrome at ${config.cdpUrl}\u2026`);
+  console.log(
+    "Opening chat.ai.jh.edu. Send any message to trigger auth capture (timeout: 120s)\u2026"
+  );
+  const creds = await captureCredentials(config.cdpUrl, 12e4);
+  const expiry = getTokenExpiry(creds.bearerToken);
+  console.log("Credentials captured successfully.");
+  console.log(`Token expires: ${formatExpiry2(expiry)}`);
+}
+// src/cli/config.ts
+function redactConfig(config) {
+  return {
+    cdpUrl: config.cdpUrl,
+    port: config.port,
+    defaultModel: config.defaultModel,
+    defaultEndpoint: config.defaultEndpoint,
+    credentials: config.credentials !== null ? {
+      bearerToken: "[REDACTED]",
+      cookie: "[REDACTED]",
+      userAgent: config.credentials.userAgent
+    } : null,
+    auth: {
+      mode: config.auth.mode,
+      token: config.auth.token !== null ? "[REDACTED]" : null
+    },
+    maxQueueWaitMs: config.maxQueueWaitMs
+  };
+}
+async function runConfig() {
+  const config = await loadConfig();
+  const redacted = redactConfig(config);
+  console.log(JSON.stringify(redacted, null, 2));
+}
+// src/cli/status.ts
+function formatExpiry3(exp) {
+  if (exp === 0) {
+    return "unknown";
+  }
+  return new Date(exp * 1e3).toLocaleString();
+}
+async function runStatus() {
+  const config = await loadConfig();
+  let chromeStatus;
+  try {
+    await getChromeWebSocketUrl(config.cdpUrl, 3e3);
+    chromeStatus = `connected (${config.cdpUrl})`;
+  } catch {
+    chromeStatus = `disconnected (${config.cdpUrl})`;
+  }
+  let tokenStatus;
+  if (!config.credentials) {
+    tokenStatus = "no credentials stored";
+  } else {
+    const exp = getTokenExpiry(config.credentials.bearerToken);
+    const expired = isTokenExpired(config.credentials.bearerToken);
+    tokenStatus = expired ? `expired at ${formatExpiry3(exp)}` : `valid until ${formatExpiry3(exp)}`;
+  }
+  let gatewayStatus;
+  try {
+    const res = await fetch(`http://127.0.0.1:${config.port}/health`, {
+      signal: AbortSignal.timeout(1e3)
+    });
+    if (res.ok) {
+      gatewayStatus = `running on port ${config.port}`;
+    } else {
+      gatewayStatus = `port ${config.port} responded with ${res.status}`;
+    }
+  } catch {
+    gatewayStatus = `not running (port ${config.port})`;
+  }
+  console.log(`Chrome:  ${chromeStatus}`);
+  console.log(`Token:   ${tokenStatus}`);
+  console.log(`Gateway: ${gatewayStatus}`);
+}
+// src/cli/logs.ts
+import { readFile as readFile3, readdir as readdir2 } from "fs/promises";
+import { homedir as homedir3 } from "os";
+import { join as join3 } from "path";
+var LOG_DIR = join3(homedir3(), ".jh-gateway", "logs");
+async function readLogFile(filePath) {
+  const raw = await readFile3(filePath, "utf8");
+  const entries = [];
+  for (const line of raw.split("\n")) {
+    const trimmed = line.trim();
+    if (!trimmed) {
+      continue;
+    }
+    try {
+      entries.push(JSON.parse(trimmed));
+    } catch {
+    }
+  }
+  return entries;
+}
+async function runLogs(options) {
+  const limit = options.limit ?? 50;
+  let files;
+  try {
+    const names = await readdir2(LOG_DIR);
+    files = names.filter((n) => n.endsWith(".jsonl")).toSorted().toReversed().map((n) => join3(LOG_DIR, n));
+  } catch {
+    console.log("No log files found. Logs are written once the server handles requests.");
+    return;
+  }
+  const entries = [];
+  for (const file of files) {
+    if (entries.length >= limit) {
+      break;
+    }
+    try {
+      const fileEntries = await readLogFile(file);
+      entries.push(...fileEntries);
+    } catch {
+    }
+  }
+  const recent = entries.slice(-limit).toReversed();
+  if (recent.length === 0) {
+    console.log("No log entries found.");
+    return;
+  }
+  for (const entry of recent) {
+    const tokens = `${entry.estimatedTokens.prompt}p/${entry.estimatedTokens.completion}c`;
+    console.log(
+      `${entry.timestamp}  ${entry.method.padEnd(4)} ${entry.path.padEnd(30)} ${String(entry.statusCode).padEnd(4)} ${String(entry.latencyMs).padStart(6)}ms  ${(entry.model ?? "-").padEnd(20)} tokens:${tokens}`
+    );
+  }
+}
+// src/cli/start.ts
+import * as p2 from "@clack/prompts";
+// src/infra/chrome-manager.ts
+import { existsSync } from "fs";
+import { execSync, spawn } from "child_process";
+import { homedir as homedir4 } from "os";
+import { join as join4 } from "path";
+import { chromium as chromium2 } from "playwright-core";
+var MACOS_CHROME_PATH = "/Applications/Google Chrome.app/Contents/MacOS/Google Chrome";
+var WINDOWS_CHROME_PATHS = [
+  "C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe",
+  "C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe"
+];
+var LINUX_CHROME_CANDIDATES = [
+  "google-chrome",
+  "google-chrome-stable",
+  "chromium-browser",
+  "chromium"
+];
+var ChromeManager = class _ChromeManager {
+  cdpPort;
+  headless;
+  userDataDir;
+  constructor(options) {
+    this.cdpPort = options?.cdpPort ?? 9222;
+    this.headless = options?.headless ?? false;
+    this.userDataDir = options?.userDataDir ?? join4(homedir4(), ".jh-gateway", "chrome-profile");
+  }
+  /**
+   * Try connecting to an existing Chrome instance at the configured CDP port.
+   * If no instance is running, launch a new Chrome process and connect to it.
+   */
+  async connect() {
+    const cdpUrl = `http://127.0.0.1:${this.cdpPort}`;
+    try {
+      const wsUrl2 = await getChromeWebSocketUrl(cdpUrl);
+      const browser2 = await chromium2.connectOverCDP(wsUrl2);
+      return { browser: browser2, selfLaunched: false };
+    } catch {
+    }
+    const chromePath = _ChromeManager.findChromePath();
+    if (!chromePath) {
+      throw new Error(
+        `Chrome executable not found. Please install Google Chrome or Chromium.
+Expected locations for ${process.platform}:
+` + (process.platform === "darwin" ? `  - ${MACOS_CHROME_PATH}
+` : process.platform === "linux" ? LINUX_CHROME_CANDIDATES.map((c) => `  - ${c} (via PATH)`).join("\n") + "\n" : WINDOWS_CHROME_PATHS.map((p3) => `  - ${p3}`).join("\n") + "\n")
+      );
+    }
+    const args2 = [
+      `--remote-debugging-port=${this.cdpPort}`,
+      `--user-data-dir=${this.userDataDir}`,
+      "--no-first-run",
+      "--no-default-browser-check"
+    ];
+    if (this.headless) {
+      args2.push("--headless=new");
+    }
+    const child = spawn(chromePath, args2, {
+      detached: false,
+      stdio: "ignore"
+    });
+    await this.waitForCdp(cdpUrl);
+    const wsUrl = await getChromeWebSocketUrl(cdpUrl);
+    const browser = await chromium2.connectOverCDP(wsUrl);
+    return { browser, selfLaunched: true, process: child };
+  }
+  /**
+   * Poll the CDP /json/version endpoint until it responds, or timeout.
+   */
+  async waitForCdp(cdpUrl, timeoutMs = 15e3, intervalMs = 250) {
+    const deadline = Date.now() + timeoutMs;
+    while (Date.now() < deadline) {
+      try {
+        const res = await fetch(`${cdpUrl}/json/version`);
+        if (res.ok) return;
+      } catch {
+      }
+      await new Promise((r) => setTimeout(r, intervalMs));
+    }
+    throw new Error(
+      `Chrome did not become available at ${cdpUrl} within ${timeoutMs / 1e3}s`
+    );
+  }
+  /**
+   * Terminate managed Chrome (only if selfLaunched).
+   * Tries to close the browser connection gracefully first, then kills the process.
+   */
+  async shutdown(state) {
+    if (!state.selfLaunched || !state.process) {
+      return;
+    }
+    try {
+      await state.browser.close();
+    } catch {
+    }
+    try {
+      state.process.kill("SIGTERM");
+    } catch {
+    }
+  }
+  /**
+   * Attempt to relaunch and reconnect to Chrome within 30s.
+   * Returns a fresh ChromeManagerState.
+   */
+  async reconnect() {
+    const RECONNECT_TIMEOUT_MS = 3e4;
+    const deadline = Date.now() + RECONNECT_TIMEOUT_MS;
+    while (Date.now() < deadline) {
+      try {
+        return await this.connect();
+      } catch {
+        await new Promise((r) => setTimeout(r, 1e3));
+      }
+    }
+    throw new Error(
+      `Failed to reconnect to Chrome within ${RECONNECT_TIMEOUT_MS / 1e3}s`
+    );
+  }
+  /**
+   * Minimize the Chrome window via CDP Browser.setWindowBounds.
+   * This is best-effort — errors are silently caught.
+   */
+  async minimizeWindow(state) {
+    try {
+      const page = state.browser.contexts()[0]?.pages()[0];
+      if (!page) return;
+      const cdpSession = await page.context().newCDPSession(page);
+      const { windowId } = await cdpSession.send(
+        "Browser.getWindowForTarget"
+      );
+      await cdpSession.send("Browser.setWindowBounds", {
+        windowId,
+        bounds: { windowState: "minimized" }
+      });
+    } catch {
+    }
+  }
+  /**
+   * Detect the Chrome/Chromium executable path for the current OS.
+   * Returns the absolute path string, or `null` if no installation is found.
+   */
+  static findChromePath() {
+    const platform = process.platform;
+    if (platform === "darwin") {
+      return existsSync(MACOS_CHROME_PATH) ? MACOS_CHROME_PATH : null;
+    }
+    if (platform === "linux") {
+      for (const candidate of LINUX_CHROME_CANDIDATES) {
+        try {
+          const resolved = execSync(`which ${candidate}`, {
+            encoding: "utf8",
+            stdio: ["pipe", "pipe", "pipe"]
+          }).trim();
+          if (resolved) {
+            return resolved;
+          }
+        } catch {
+        }
+      }
+      return null;
+    }
+    if (platform === "win32") {
+      for (const winPath of WINDOWS_CHROME_PATHS) {
+        if (existsSync(winPath)) {
+          return winPath;
+        }
+      }
+      return null;
+    }
+    return null;
+  }
+};
+// src/core/token-refresher.ts
+var CredentialHolder = class {
+  creds = null;
+  /** Returns the current credentials, or `null` if none have been set yet. */
+  get() {
+    return this.creds;
+  }
+  /** Atomically replaces the stored credentials. */
+  set(creds) {
+    this.creds = creds;
+  }
+};
+function shouldRefresh(nowMs, expiresAt, thresholdMs) {
+  return expiresAt * 1e3 - nowMs < thresholdMs;
+}
+var BACKOFF_DELAYS = [5e3, 15e3, 3e4];
+var TokenRefresher = class {
+  credentialHolder;
+  cdpUrl;
+  checkIntervalMs;
+  refreshBeforeExpiryMs;
+  maxRetries;
+  intervalId = null;
+  constructor(credentialHolder, cdpUrl, options) {
+    this.credentialHolder = credentialHolder;
+    this.cdpUrl = cdpUrl;
+    this.checkIntervalMs = options?.checkIntervalMs ?? 6e4;
+    this.refreshBeforeExpiryMs = options?.refreshBeforeExpiryMs ?? 3e5;
+    this.maxRetries = options?.maxRetries ?? 3;
+  }
+  /** Start the background check interval. */
+  start() {
+    if (this.intervalId !== null) return;
+    this.intervalId = setInterval(() => {
+      void this.checkAndRefresh();
+    }, this.checkIntervalMs);
+  }
+  /** Stop the background check interval. */
+  stop() {
+    if (this.intervalId !== null) {
+      clearInterval(this.intervalId);
+      this.intervalId = null;
+    }
+  }
+  /** Check if a refresh is needed and perform it. Returns true if refreshed. */
+  async checkAndRefresh() {
+    const creds = this.credentialHolder.get();
+    if (!creds || !creds.expiresAt) {
+      return false;
+    }
+    if (!shouldRefresh(Date.now(), creds.expiresAt, this.refreshBeforeExpiryMs)) {
+      return false;
+    }
+    for (let attempt = 0; attempt < this.maxRetries; attempt++) {
+      try {
+        const newCreds = await captureCredentials(this.cdpUrl);
+        const gatewayCreds = {
+          bearerToken: newCreds.bearerToken,
+          cookie: newCreds.cookie,
+          userAgent: newCreds.userAgent,
+          expiresAt: newCreds.expiresAt
+        };
+        this.credentialHolder.set(gatewayCreds);
+        await updateConfig({ credentials: gatewayCreds });
+        const expiryDate = new Date(newCreds.expiresAt * 1e3).toISOString();
+        console.log(`[TokenRefresher] Credentials refreshed successfully. New expiry: ${expiryDate}`);
+        return true;
+      } catch (err) {
+        const delay = BACKOFF_DELAYS[attempt] ?? BACKOFF_DELAYS[BACKOFF_DELAYS.length - 1];
+        if (attempt < this.maxRetries - 1) {
+          console.warn(
+            `[TokenRefresher] Refresh attempt ${attempt + 1}/${this.maxRetries} failed, retrying in ${delay / 1e3}s...`
+          );
+          await this.sleep(delay);
+        } else {
+          const msg = err instanceof Error ? err.message : String(err);
+          console.warn(
+            `
+\u26A0\uFE0F  [TokenRefresher] All ${this.maxRetries} refresh attempts failed. ${msg}
+   Continuing with current credentials. If requests start failing with 401,
+   restart with \`jh-gateway start\` (without --headless) to re-login.
+`
+          );
+        }
+      }
+    }
+    return false;
+  }
+  sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+  }
+};
+// src/core/reauth-lock.ts
+var ReauthLock = class {
+  inflight = null;
+  async acquire(recaptureFn) {
+    if (this.inflight) {
+      return this.inflight;
+    }
+    this.inflight = recaptureFn().finally(() => {
+      this.inflight = null;
+    });
+    return this.inflight;
+  }
+};
+// src/cli/start.ts
+async function runStart(options) {
+  const config = await loadConfig();
+  if (options.port !== void 0) {
+    await updateConfig({ port: options.port });
+    config.port = options.port;
+  }
+  const maxPages = options.pages ?? 3;
+  const cdpPort = parseInt(new URL(config.cdpUrl).port, 10) || 9222;
+  const chromeManager = new ChromeManager({
+    cdpPort,
+    headless: options.headless
+  });
+  const s = p2.spinner();
+  s.start("Connecting to Chrome...");
+  let state;
+  try {
+    state = await chromeManager.connect();
+    s.stop(
+      state.selfLaunched ? "Chrome launched and connected." : "Connected to existing Chrome instance."
+    );
+  } catch (err) {
+    s.stop("Failed to connect to Chrome.");
+    throw err;
+  }
+  const needsAuth = !config.credentials || !config.credentials.expiresAt || shouldRefresh(Date.now(), config.credentials.expiresAt, 0);
+  if (needsAuth && options.headless) {
+    await chromeManager.shutdown(state);
+    throw new Error(
+      "Cannot authenticate in headless mode \u2014 no browser window to log in.\nRun `jh-gateway start` (without --headless) first to log in, then use --headless on subsequent runs."
+    );
+  }
+  if (needsAuth) {
+    s.start("Waiting for login (timeout: 300s)...");
+    try {
+      await findOrOpenJhPage(state.browser);
+      const creds = await captureCredentials(config.cdpUrl, 3e5);
+      config.credentials = {
+        bearerToken: creds.bearerToken,
+        cookie: creds.cookie,
+        userAgent: creds.userAgent,
+        expiresAt: creds.expiresAt
+      };
+      await chromeManager.minimizeWindow(state);
+      const expiryStr = creds.expiresAt ? new Date(creds.expiresAt * 1e3).toLocaleString() : "unknown";
+      s.stop(`Credentials captured. Token expires: ${expiryStr}`);
+    } catch (err) {
+      s.stop("Authentication failed.");
+      await chromeManager.shutdown(state);
+      throw err;
+    }
+  } else {
+    p2.log.info("Valid credentials found, skipping login.");
+  }
+  s.start(`Starting server on port ${config.port}...`);
+  const seedPage = await findOrOpenJhPage(state.browser);
+  const pool = new PagePool({
+    maxPages,
+    maxWaitMs: config.maxQueueWaitMs
+  });
+  await pool.init(state.browser, seedPage);
+  const credentialHolder = new CredentialHolder();
+  if (config.credentials) {
+    credentialHolder.set(config.credentials);
+  }
+  const _reauthLock = new ReauthLock();
+  const serverHandle = await startServer(config, {
+    getPool: () => pool,
+    getCredentials: () => credentialHolder.get(),
+    browser: state.browser
+  });
+  s.stop(`Server running on port ${config.port}.`);
+  const tokenRefresher = new TokenRefresher(credentialHolder, config.cdpUrl);
+  tokenRefresher.start();
+  const baseUrl = `http://127.0.0.1:${config.port}`;
+  const apiKey = config.auth.token ?? "(no auth required)";
+  p2.log.success(`Gateway ready!`);
+  p2.log.info(`Base URL:  ${baseUrl}`);
+  p2.log.info(`API Key:   ${apiKey}`);
+  p2.log.info("Press Ctrl+C to stop.");
+  const shutdown = async () => {
+    tokenRefresher.stop();
+    await serverHandle.close();
+    await chromeManager.shutdown(state);
+  };
+  process.on("SIGINT", async () => {
+    await shutdown();
+    process.exit(0);
+  });
+  process.on("SIGTERM", async () => {
+    await shutdown();
+    process.exit(0);
+  });
+}
+// src/cli.ts
+var args = process.argv.slice(2);
+var command = args[0];
+function parseFlags(argv) {
+  const flags = {};
+  for (let i = 0; i < argv.length; i++) {
+    const arg = argv[i];
+    if (arg.startsWith("--")) {
+      const key = arg.slice(2);
+      const next = argv[i + 1];
+      if (next !== void 0 && !next.startsWith("--")) {
+        flags[key] = next;
+        i++;
+      } else {
+        flags[key] = true;
+      }
+    }
+  }
+  return flags;
+}
+function printHelp() {
+  console.log(`
+jh-gateway \u2014 JH Web Gateway CLI
+Usage:
+  jh-gateway <command> [options]
+Commands:
+  start              Launch Chrome, authenticate, and start the gateway server
+  setup              Interactive setup wizard (Chrome detection, auth, port)
+  serve              Start the HTTP server
+  auth               Re-capture JH credentials
+  config             Print current configuration (credentials redacted)
+  status             Show Chrome connection, token expiry, and gateway state
+  logs               Display recent request logs
+Options:
+  start --headless   Launch Chrome in headless mode
+  start --port <n>   Override the configured port
+  start --pages <n>  Max concurrent browser pages (default: 3)
+  serve --port <n>   Override the configured port
+  serve --pages <n>  Max concurrent browser pages (default: 3)
+  logs  --limit <n>  Number of log entries to show (default: 50)
+  --help             Show this help message
+`);
+}
+async function main() {
+  if (!command || command === "--help" || command === "-h") {
+    printHelp();
+    process.exit(0);
+  }
+  const flags = parseFlags(args.slice(1));
+  try {
+    switch (command) {
+      case "start": {
+        const headless = flags["headless"] === true;
+        const startPortFlag = flags["port"];
+        const startPort = startPortFlag !== void 0 && startPortFlag !== true ? Number(startPortFlag) : void 0;
+        if (startPort !== void 0 && (isNaN(startPort) || startPort < 1 || startPort > 65535)) {
+          console.error("Error: --port must be a valid port number (1\u201365535)");
+          process.exit(1);
+        }
+        const startPagesFlag = flags["pages"];
+        const startPages = startPagesFlag !== void 0 && startPagesFlag !== true ? Number(startPagesFlag) : void 0;
+        if (startPages !== void 0 && (isNaN(startPages) || startPages < 1 || startPages > 10)) {
+          console.error("Error: --pages must be between 1 and 10");
+          process.exit(1);
+        }
+        await runStart({ headless, port: startPort, pages: startPages });
+        break;
+      }
+      case "setup":
+        await runSetup();
+        break;
+      case "serve": {
+        const portFlag = flags["port"];
+        const port = portFlag !== void 0 && portFlag !== true ? Number(portFlag) : void 0;
+        if (port !== void 0 && (isNaN(port) || port < 1 || port > 65535)) {
+          console.error("Error: --port must be a valid port number (1\u201365535)");
+          process.exit(1);
+        }
+        const pagesFlag = flags["pages"];
+        const pages = pagesFlag !== void 0 && pagesFlag !== true ? Number(pagesFlag) : void 0;
+        if (pages !== void 0 && (isNaN(pages) || pages < 1 || pages > 10)) {
+          console.error("Error: --pages must be between 1 and 10");
+          process.exit(1);
+        }
+        await runServe({ port, pages });
+        break;
+      }
+      case "auth":
+        await runAuth();
+        break;
+      case "config":
+        await runConfig();
+        break;
+      case "status":
+        await runStatus();
+        break;
+      case "logs": {
+        const limitFlag = flags["limit"];
+        const limit = limitFlag !== void 0 && limitFlag !== true ? Number(limitFlag) : void 0;
+        if (limit !== void 0 && (isNaN(limit) || limit < 1)) {
+          console.error("Error: --limit must be a positive number");
+          process.exit(1);
+        }
+        await runLogs({ limit });
+        break;
+      }
+      default:
+        console.error(`Unknown command: ${command}`);
+        printHelp();
+        process.exit(1);
+    }
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    console.error(`Error: ${msg}`);
+    process.exit(1);
+  }
+}
+main();
+//# sourceMappingURL=cli.js.map