n8n-nodes-github-copilot 4.1.2 → 4.2.1

package/shared/utils/GitHubCopilotEndpoints.ts

@@ -0,0 +1,212 @@
+/**
+ * GitHub Copilot API Endpoints
+ * Centralized endpoint management for all nodes
+ */
+
+export const GITHUB_COPILOT_API = {
+  // Base URLs
+  BASE_URL: "https://api.githubcopilot.com",
+  GITHUB_BASE_URL: "https://api.github.com",
+    
+  // Endpoints
+  ENDPOINTS: {
+    // GitHub Copilot API
+    MODELS: "/models",
+    CHAT_COMPLETIONS: "/chat/completions",
+    EMBEDDINGS: "/embeddings",
+        
+    // GitHub API (for billing and organization info)
+    ORG_BILLING: (org: string) => `/orgs/${org}/copilot/billing`,
+    ORG_SEATS: (org: string) => `/orgs/${org}/copilot/billing/seats`,
+    USER_COPILOT: "/user/copilot_access",
+  },
+    
+  // Full URLs (convenience methods)
+  URLS: {
+    // GitHub Copilot API URLs
+    MODELS: "https://api.githubcopilot.com/models",
+    CHAT_COMPLETIONS: "https://api.githubcopilot.com/chat/completions",
+    EMBEDDINGS: "https://api.githubcopilot.com/embeddings",
+        
+    // GitHub API URLs
+    ORG_BILLING: (org: string) => `https://api.github.com/orgs/${org}/copilot/billing`,
+    ORG_SEATS: (org: string) => `https://api.github.com/orgs/${org}/copilot/billing/seats`,
+    USER_COPILOT: "https://api.github.com/user/copilot_access",
+  },
+    
+  // Headers
+  HEADERS: {
+    DEFAULT: {
+      "Accept": "application/json",
+      "Content-Type": "application/json",
+    },
+    WITH_AUTH: (token: string) => ({
+      "Authorization": `Bearer ${token}`,
+      "Accept": "application/json",
+      "Content-Type": "application/json",
+    }),
+    // VS Code specific headers (if needed)
+    VSCODE_CLIENT: {
+      "User-Agent": "VSCode-Copilot",
+      "X-GitHub-Api-Version": "2022-11-28",
+    },
+  },
+    
+  // Rate Limiting & Retry
+  RATE_LIMITS: {
+    TPM_RETRY_DELAY_BASE: 1000, // Base delay for TPM quota retry (ms)
+    TPM_RETRY_MAX_DELAY: 10000, // Maximum delay for TPM quota retry (ms)
+    DEFAULT_MAX_RETRIES: 3,
+    EXPONENTIAL_BACKOFF_FACTOR: 2,
+  },
+    
+  // HTTP Status Codes
+  STATUS_CODES: {
+    OK: 200,
+    UNAUTHORIZED: 401,
+    FORBIDDEN: 403,
+    NOT_FOUND: 404,
+    TOO_MANY_REQUESTS: 429,
+    INTERNAL_SERVER_ERROR: 500,
+  },
+    
+  // Common Error Messages
+  ERRORS: {
+    INVALID_TOKEN: "Invalid token format. GitHub Copilot API requires tokens starting with \"gho_\"",
+    CREDENTIALS_REQUIRED: "GitHub Copilot API credentials are required",
+    TPM_QUOTA_EXCEEDED: "TPM (Transactions Per Minute) quota exceeded",
+    API_ERROR: (status: number, message: string) => `API Error ${status}: ${message}`,
+  },
+} as const;
+
+// Type definitions for better TypeScript support
+export type GitHubCopilotEndpoint = keyof typeof GITHUB_COPILOT_API.ENDPOINTS;
+export type GitHubCopilotUrl = keyof typeof GITHUB_COPILOT_API.URLS;
+export type GitHubCopilotStatusCode = typeof GITHUB_COPILOT_API.STATUS_CODES[keyof typeof GITHUB_COPILOT_API.STATUS_CODES];
+
+// Helper functions
+export class GitHubCopilotEndpoints {
+  /**
+     * Get full URL for models endpoint
+     */
+  static getModelsUrl(): string {
+    return GITHUB_COPILOT_API.URLS.MODELS;
+  }
+    
+  /**
+     * Get full URL for chat completions endpoint
+     */
+  static getChatCompletionsUrl(): string {
+    return GITHUB_COPILOT_API.URLS.CHAT_COMPLETIONS;
+  }
+    
+  /**
+     * Get full URL for embeddings endpoint
+     */
+  static getEmbeddingsUrl(): string {
+    return GITHUB_COPILOT_API.URLS.EMBEDDINGS;
+  }
+    
+  /**
+     * Get GitHub API URL for organization billing
+     */
+  static getOrgBillingUrl(org: string): string {
+    return GITHUB_COPILOT_API.URLS.ORG_BILLING(org);
+  }
+    
+  /**
+     * Get GitHub API URL for organization seats
+     */
+  static getOrgSeatsUrl(org: string): string {
+    return GITHUB_COPILOT_API.URLS.ORG_SEATS(org);
+  }
+    
+  /**
+     * Get GitHub API URL for user copilot access
+     */
+  static getUserCopilotUrl(): string {
+    return GITHUB_COPILOT_API.URLS.USER_COPILOT;
+  }
+    
+  /**
+     * Get headers with authentication
+     * CRITICAL: Includes required headers for premium models (Claude, Gemini, GPT-5, etc.)
+     * Source: microsoft/vscode-copilot-chat networking.ts
+     */
+  static getAuthHeaders(token: string, includeVSCodeHeaders = false): Record<string, string> {
+    const headers: Record<string, string> = {
+      ...GITHUB_COPILOT_API.HEADERS.WITH_AUTH(token),
+      // CRITICAL: These headers are required for premium models
+      "User-Agent": "GitHubCopilotChat/0.35.0",
+      "Editor-Version": "vscode/1.96.0",
+      "Editor-Plugin-Version": "copilot-chat/0.35.0",
+      "X-GitHub-Api-Version": "2025-05-01",
+      "X-Interaction-Type": "copilot-chat",
+      "OpenAI-Intent": "conversation-panel",
+      "Copilot-Integration-Id": "vscode-chat",
+    };
+        
+    if (includeVSCodeHeaders) {
+      return {
+        ...headers,
+        ...GITHUB_COPILOT_API.HEADERS.VSCODE_CLIENT,
+      };
+    }
+        
+    return headers;
+  }
+    
+  /**
+     * Get headers for embeddings endpoint (requires additional headers)
+     */
+  static getEmbeddingsHeaders(token: string): Record<string, string> {
+    // Generate unique session ID (UUID + timestamp)
+    const sessionId = `${this.generateUUID()}-${Date.now()}`;
+        
+    return {
+      "Authorization": `Bearer ${token}`,
+      "Content-Type": "application/json",
+      "Accept": "application/json",
+      "Editor-Version": "vscode/1.95.0",
+      "Editor-Plugin-Version": "copilot/1.0.0",
+      "User-Agent": "GitHub-Copilot/1.0 (n8n-node)",
+      "Vscode-Sessionid": sessionId,
+      "X-GitHub-Api-Version": "2025-08-20",
+    };
+  }
+    
+  /**
+     * Generate a simple UUID v4
+     */
+  private static generateUUID(): string {
+    return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, (c) => {
+      const r = (Math.random() * 16) | 0;
+      const v = c === "x" ? r : (r & 0x3) | 0x8;
+      return v.toString(16);
+    });
+  }
+    
+  /**
+     * Calculate retry delay with exponential backoff
+     */
+  static getRetryDelay(attempt: number): number {
+    const delay = GITHUB_COPILOT_API.RATE_LIMITS.TPM_RETRY_DELAY_BASE * 
+                     Math.pow(GITHUB_COPILOT_API.RATE_LIMITS.EXPONENTIAL_BACKOFF_FACTOR, attempt - 1);
+        
+    return Math.min(delay, GITHUB_COPILOT_API.RATE_LIMITS.TPM_RETRY_MAX_DELAY);
+  }
+    
+  /**
+     * Check if status code indicates TPM quota exceeded
+     */
+  static isTpmQuotaError(statusCode: number): boolean {
+    return statusCode === GITHUB_COPILOT_API.STATUS_CODES.FORBIDDEN;
+  }
+    
+  /**
+     * Validate token format
+     */
+  static validateToken(token: string): boolean {
+    return typeof token === "string" && token.startsWith("gho_");
+  }
+}

package/shared/utils/GitHubDeviceFlowHandler.ts

@@ -0,0 +1,276 @@
+/**
+ * GitHub OAuth Device Flow Handler
+ * Implements the complete OAuth Device Code Flow for n8n credentials
+ * 
+ * This handler is called when the user clicks "Iniciar Device Flow" button
+ * in the GitHubCopilotDeviceFlow credentials interface
+ */
+
+interface DeviceCodeResponse {
+  device_code: string;
+  user_code: string;
+  verification_uri: string;
+  verification_uri_complete?: string;
+  expires_in: number;
+  interval: number;
+}
+
+interface AccessTokenResponse {
+  access_token?: string;
+  token_type?: string;
+  scope?: string;
+  error?: string;
+  error_description?: string;
+}
+
+interface CopilotTokenResponse {
+  token: string;
+  expires_at: number;
+  refresh_in: number;
+  sku?: string;
+  chat_enabled?: boolean;
+}
+
+/**
+ * Step 1: Request Device Code from GitHub
+ */
+export async function requestDeviceCode(
+  clientId: string,
+  scopes: string,
+  deviceCodeUrl: string
+): Promise<DeviceCodeResponse> {
+  const response = await fetch(deviceCodeUrl, {
+    method: "POST",
+    headers: {
+      "Accept": "application/json",
+      "Content-Type": "application/x-www-form-urlencoded",
+    },
+    body: new URLSearchParams({
+      client_id: clientId,
+      scope: scopes,
+    }),
+  });
+
+  if (!response.ok) {
+    throw new Error(`Failed to request device code: ${response.status} ${response.statusText}`);
+  }
+
+  return (await response.json()) as DeviceCodeResponse;
+}
+
+/**
+ * Step 2: Poll for Access Token
+ * Implements exponential backoff and handles all error cases
+ */
+export async function pollForAccessToken(
+  clientId: string,
+  deviceCode: string,
+  accessTokenUrl: string,
+  interval: number = 5,
+  maxAttempts: number = 180 // 15 minutes with 5s interval
+): Promise<string> {
+  let currentInterval = interval * 1000; // Convert to milliseconds
+  
+  for (let attempt = 1; attempt <= maxAttempts; attempt++) {
+    await sleep(currentInterval);
+
+    const response = await fetch(accessTokenUrl, {
+      method: "POST",
+      headers: {
+        "Accept": "application/json",
+        "Content-Type": "application/x-www-form-urlencoded",
+      },
+      body: new URLSearchParams({
+        client_id: clientId,
+        device_code: deviceCode,
+        grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+      }),
+    });
+
+    const data = (await response.json()) as AccessTokenResponse;
+
+    // Success case
+    if (data.access_token) {
+      return data.access_token;
+    }
+
+    // Error handling based on GitHub OAuth Device Flow specification
+    if (data.error === "authorization_pending") {
+      // User hasn't authorized yet, continue polling
+      console.log(`[Device Flow] Attempt ${attempt}/${maxAttempts}: Waiting for authorization...`);
+      continue;
+    }
+
+    if (data.error === "slow_down") {
+      // Rate limit hit, increase interval by 5 seconds
+      currentInterval += 5000;
+      console.log(`[Device Flow] Rate limited, increasing interval to ${currentInterval / 1000}s`);
+      continue;
+    }
+
+    if (data.error === "expired_token") {
+      throw new Error("Device code expired. Please start the Device Flow again.");
+    }
+
+    if (data.error === "access_denied") {
+      throw new Error("User denied authorization.");
+    }
+
+    // Unknown error
+    throw new Error(`OAuth error: ${data.error} - ${data.error_description || "Unknown error"}`);
+  }
+
+  throw new Error("Device Flow timeout. Authorization took too long.");
+}
+
+/**
+ * Step 3: Convert GitHub OAuth Token to GitHub Copilot Token (Optional)
+ * The GitHub OAuth token (gho_*) already works with Copilot API,
+ * but this conversion provides additional metadata
+ */
+export async function convertToCopilotToken(
+  githubToken: string,
+  copilotTokenUrl: string
+): Promise<CopilotTokenResponse> {
+  const response = await fetch(copilotTokenUrl, {
+    method: "GET",
+    headers: {
+      "Authorization": `token ${githubToken}`,
+      "Accept": "application/vnd.github+json",
+      "X-GitHub-Api-Version": "2025-04-01",
+      "User-Agent": "GitHub-Copilot-Chat/1.0.0 VSCode/1.85.0",
+      "Editor-Version": "vscode/1.85.0",
+      "Editor-Plugin-Version": "copilot-chat/0.12.0",
+    },
+  });
+
+  if (!response.ok) {
+    // If conversion fails, return the GitHub token as-is
+    // It still works with Copilot API
+    console.warn(`[Device Flow] Failed to convert to Copilot token: ${response.status}`);
+    return {
+      token: githubToken,
+      expires_at: Date.now() + (8 * 60 * 60 * 1000), // 8 hours
+      refresh_in: 8 * 60 * 60, // 8 hours in seconds
+    };
+  }
+
+  const data = (await response.json()) as CopilotTokenResponse;
+  return data;
+}
+
+/**
+ * Complete Device Flow Process
+ * Orchestrates all steps and returns the final token
+ */
+export async function executeDeviceFlow(
+  clientId: string,
+  scopes: string,
+  deviceCodeUrl: string,
+  accessTokenUrl: string,
+  copilotTokenUrl: string,
+  onProgress?: (status: DeviceFlowStatus) => void
+): Promise<DeviceFlowResult> {
+  try {
+    // Step 1: Request device code
+    onProgress?.({
+      step: 1,
+      status: "requesting_device_code",
+      message: "Solicitando device code do GitHub...",
+    });
+
+    const deviceData = await requestDeviceCode(clientId, scopes, deviceCodeUrl);
+
+    onProgress?.({
+      step: 2,
+      status: "awaiting_authorization",
+      message: "Aguardando sua autorização no GitHub...",
+      deviceData: {
+        userCode: deviceData.user_code,
+        verificationUri: deviceData.verification_uri,
+        verificationUriComplete: deviceData.verification_uri_complete,
+        expiresIn: deviceData.expires_in,
+      },
+    });
+
+    // Step 2: Poll for access token
+    const accessToken = await pollForAccessToken(
+      clientId,
+      deviceData.device_code,
+      accessTokenUrl,
+      deviceData.interval
+    );
+
+    onProgress?.({
+      step: 3,
+      status: "token_obtained",
+      message: "Token GitHub OAuth obtido! Convertendo para token Copilot...",
+    });
+
+    // Step 3: Convert to Copilot token (optional, but provides metadata)
+    const copilotData = await convertToCopilotToken(accessToken, copilotTokenUrl);
+
+    onProgress?.({
+      step: 4,
+      status: "complete",
+      message: "✅ Autenticação completa! Token salvo com sucesso.",
+    });
+
+    return {
+      success: true,
+      accessToken: copilotData.token || accessToken,
+      expiresAt: new Date(copilotData.expires_at),
+      metadata: {
+        sku: copilotData.sku,
+        chatEnabled: copilotData.chat_enabled,
+        refreshIn: copilotData.refresh_in,
+      },
+    };
+  } catch (error) {
+    onProgress?.({
+      step: -1,
+      status: "error",
+      message: `❌ Erro: ${error instanceof Error ? error.message : String(error)}`,
+    });
+
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : String(error),
+    };
+  }
+}
+
+/**
+ * Utility: Sleep function for polling
+ */
+function sleep(ms: number): Promise<void> {
+  return new Promise(resolve => setTimeout(resolve, ms));
+}
+
+/**
+ * Type Definitions
+ */
+
+export interface DeviceFlowStatus {
+  step: number;
+  status: "requesting_device_code" | "awaiting_authorization" | "token_obtained" | "complete" | "error";
+  message: string;
+  deviceData?: {
+    userCode: string;
+    verificationUri: string;
+    verificationUriComplete?: string;
+    expiresIn: number;
+  };
+}
+
+export interface DeviceFlowResult {
+  success: boolean;
+  accessToken?: string;
+  expiresAt?: Date;
+  metadata?: {
+    sku?: string;
+    chatEnabled?: boolean;
+    refreshIn?: number;
+  };
+  error?: string;
+}

package/shared/utils/OAuthTokenManager.ts

@@ -0,0 +1,196 @@
+/**
+ * OAuth Token Manager for GitHub Copilot
+ * 
+ * Automatically generates and caches OAuth tokens from GitHub tokens (gho_*)
+ * Tokens are cached in memory and auto-renewed before expiration
+ */
+
+import crypto from 'crypto';
+import https from 'https';
+
+interface OAuthTokenCache {
+	token: string;
+	expiresAt: number;
+	generatedAt: number;
+	refreshIn: number;
+}
+
+interface OAuthResponse {
+	token: string;
+	expires_at: number;
+	refresh_in: number;
+	chat_enabled: boolean;
+	sku: string;
+	endpoints: {
+		api: string;
+		proxy: string;
+		telemetry: string;
+	};
+}
+
+export class OAuthTokenManager {
+	private static tokenCache: Map<string, OAuthTokenCache> = new Map();
+	private static machineIdCache: Map<string, string> = new Map();
+
+	/**
+	 * Get valid OAuth token (generates new if expired or near expiration)
+	 * @param githubToken - GitHub CLI token (gho_*)
+	 * @returns Valid OAuth token
+	 */
+	static async getValidOAuthToken(githubToken: string): Promise<string> {
+		if (!githubToken || !githubToken.startsWith('gho_')) {
+			throw new Error('Invalid GitHub token. Must start with gho_');
+		}
+
+		const cacheKey = this.getCacheKey(githubToken);
+		const cached = this.tokenCache.get(cacheKey);
+
+		// Check if we have a valid cached token (with 2 minute buffer before expiration)
+		if (cached && cached.expiresAt > Date.now() + 120000) {
+			const remainingMinutes = Math.round((cached.expiresAt - Date.now()) / 1000 / 60);
+			console.log(`✅ Using cached OAuth token (${remainingMinutes} minutes remaining)`);
+			return cached.token;
+		}
+
+		// Generate new token
+		console.log('🔄 Generating new OAuth token...');
+		const newToken = await this.generateOAuthToken(githubToken);
+		return newToken;
+	}
+
+	/**
+	 * Generate new OAuth token from GitHub token
+	 */
+	private static async generateOAuthToken(githubToken: string): Promise<string> {
+		const machineId = this.getMachineId(githubToken);
+		const sessionId = this.generateSessionId();
+
+		return new Promise((resolve, reject) => {
+			const options = {
+				hostname: 'api.github.com',
+				path: '/copilot_internal/v2/token',
+				method: 'GET',
+				headers: {
+					'Authorization': `token ${githubToken}`,
+					'Vscode-Machineid': machineId,
+					'Vscode-Sessionid': sessionId,
+					'Editor-Version': 'vscode/1.105.1',
+					'Editor-Plugin-Version': 'copilot-chat/0.32.3',
+					'X-GitHub-Api-Version': '2025-08-20',
+					'Accept': 'application/json',
+					'User-Agent': 'n8n-nodes-copilot/1.0.0',
+				},
+			};
+
+			const req = https.request(options, (res) => {
+				let data = '';
+				res.on('data', (chunk) => (data += chunk));
+				res.on('end', () => {
+					if (res.statusCode === 200) {
+						try {
+							const response: OAuthResponse = JSON.parse(data);
+							const oauthToken = response.token;
+							const expiresAt = response.expires_at * 1000; // Convert to ms
+							const refreshIn = response.refresh_in;
+
+							// Cache the token
+							const cacheKey = this.getCacheKey(githubToken);
+							this.tokenCache.set(cacheKey, {
+								token: oauthToken,
+								expiresAt: expiresAt,
+								generatedAt: Date.now(),
+								refreshIn: refreshIn,
+							});
+
+							const expiresInMinutes = Math.round((expiresAt - Date.now()) / 1000 / 60);
+							console.log(
+								`✅ OAuth token generated successfully (expires in ${expiresInMinutes} minutes)`,
+							);
+							resolve(oauthToken);
+						} catch (error) {
+							reject(new Error(`Failed to parse OAuth token response: ${error}`));
+						}
+					} else {
+						reject(
+							new Error(
+								`Failed to generate OAuth token: ${res.statusCode} ${res.statusMessage}`,
+							),
+						);
+					}
+				});
+			});
+
+			req.on('error', (error) => {
+				reject(new Error(`Network error generating OAuth token: ${error.message}`));
+			});
+
+			req.setTimeout(10000, () => {
+				req.destroy();
+				reject(new Error('OAuth token generation timeout'));
+			});
+
+			req.end();
+		});
+	}
+
+	/**
+	 * Get or generate persistent machine ID for a GitHub token
+	 */
+	private static getMachineId(githubToken: string): string {
+		const cacheKey = this.getCacheKey(githubToken);
+
+		if (!this.machineIdCache.has(cacheKey)) {
+			const uuid = crypto.randomUUID();
+			const machineId = crypto.createHash('sha256').update(uuid).digest('hex');
+			this.machineIdCache.set(cacheKey, machineId);
+			console.log('🆔 Generated new machine ID');
+		}
+
+		return this.machineIdCache.get(cacheKey)!;
+	}
+
+	/**
+	 * Generate session ID (unique for each token generation)
+	 */
+	private static generateSessionId(): string {
+		return `${crypto.randomUUID()}${Date.now()}`;
+	}
+
+	/**
+	 * Get cache key from GitHub token (first 20 chars)
+	 */
+	private static getCacheKey(githubToken: string): string {
+		return githubToken.substring(0, 20);
+	}
+
+	/**
+	 * Clear cache for specific GitHub token
+	 */
+	static clearCache(githubToken: string): void {
+		const cacheKey = this.getCacheKey(githubToken);
+		this.tokenCache.delete(cacheKey);
+		this.machineIdCache.delete(cacheKey);
+		console.log('🗑️ OAuth token cache cleared');
+	}
+
+	/**
+	 * Get cache info for debugging
+	 */
+	static getCacheInfo(githubToken: string): OAuthTokenCache | null {
+		const cacheKey = this.getCacheKey(githubToken);
+		return this.tokenCache.get(cacheKey) || null;
+	}
+
+	/**
+	 * Check if token needs refresh
+	 */
+	static needsRefresh(githubToken: string, bufferMinutes: number = 2): boolean {
+		const cacheKey = this.getCacheKey(githubToken);
+		const cached = this.tokenCache.get(cacheKey);
+
+		if (!cached) return true;
+
+		const bufferMs = bufferMinutes * 60 * 1000;
+		return cached.expiresAt <= Date.now() + bufferMs;
+	}
+}