oh-my-claude-sisyphus 1.8.0-beta.2 → 1.9.0

package/README.md

@@ -12,7 +12,7 @@
 
 *Like Sisyphus, these agents persist until every task is complete.*
 
-[Install](#quick-install) • [Usage](#usage) • [Agents](#the-eleven-agents) • [Website](https://yeachan-heo.github.io/oh-my-claude-sisyphus-website)
+[Install](#quick-install) • [Usage](#usage) • [Agents](#the-eleven-agents) • [Architecture](docs/ARCHITECTURE.md) • [Website](https://yeachan-heo.github.io/oh-my-claude-sisyphus-website)
 
 </div>
 
@@ -34,19 +34,21 @@
 
 ## Quick Install
 
-### One-liner (recommended)
+### One-liner (macOS/Linux - recommended)
 
 ```bash
 curl -fsSL https://raw.githubusercontent.com/Yeachan-Heo/oh-my-claude-sisyphus/main/scripts/install.sh | bash
 ```
 
-### Via npm
+### Via npm (All platforms including Windows)
 
 ```bash
 npm install -g oh-my-claude-sisyphus
 ```
 
-### Manual Install
+> **Windows Users**: This is the only supported installation method. Requires Node.js 18+.
+
+### Manual Install (macOS/Linux)
 
 ```bash
 git clone https://github.com/Yeachan-Heo/oh-my-claude-sisyphus.git
@@ -230,6 +232,55 @@ Skills are automatically activated via slash commands or magic keywords.
 
 ---
 
+## Intelligent Skill Activation
+
+> **New in v1.8.0**: Skills are no longer mutually exclusive. Claude automatically combines skills based on task requirements.
+
+### Skill Layers
+
+Skills work in **three composable layers**:
+
+| Layer | Skills | Purpose |
+|-------|--------|---------|
+| **Execution** | sisyphus, orchestrator, prometheus | HOW you work (pick primary) |
+| **Enhancement** | ultrawork, git-master, frontend-ui-ux | ADD capabilities (stack multiple) |
+| **Guarantee** | ralph-loop | ENSURE completion |
+
+**Combination Formula:** `[Execution] + [0-N Enhancements] + [Optional Guarantee]`
+
+### Task Type → Skill Selection
+
+Claude uses judgment to detect task type and activate appropriate skill combinations:
+
+| Task Type | Skill Combination | When |
+|-----------|-------------------|------|
+| Multi-step implementation | `sisyphus` | Building features, refactoring |
+| + parallel subtasks | `sisyphus + ultrawork` | 3+ independent subtasks |
+| + multi-file changes | `sisyphus + git-master` | Changes span 3+ files |
+| + must complete | `sisyphus + ralph-loop` | User emphasizes completion |
+| UI/frontend work | `sisyphus + frontend-ui-ux` | Components, styling |
+| Complex debugging | `oracle` → `sisyphus` | Root cause → fix |
+| Strategic planning | `prometheus` | Need plan first |
+| Maximum performance | `ultrawork` (stacks) | Speed critical |
+
+### Examples
+
+```
+"Add dark mode with proper commits"
+→ sisyphus + frontend-ui-ux + git-master
+
+"ultrawork: refactor the entire API layer"
+→ ultrawork + sisyphus + git-master
+
+"Plan auth system, then implement it completely"
+→ prometheus (first) → sisyphus + ralph-loop (after plan)
+
+"Fix this bug, don't stop until it's done"
+→ sisyphus + ralph-loop
+```
+
+---
+
 ## The Eleven Agents
 
 Claude will automatically delegate to these specialized agents:
@@ -543,6 +594,18 @@ If you're coming from oh-my-opencode:
 
 - [Claude Code](https://docs.anthropic.com/claude-code) installed
 - Anthropic API key (`ANTHROPIC_API_KEY` environment variable)
+- **Windows**: Node.js 18+ (for npm installation)
+- **macOS/Linux**: Bash shell (default) or Node.js 18+ (optional)
+
+### Platform Support
+
+| Platform | Install Method | Hook Type |
+|----------|---------------|-----------|
+| **Windows** | `npm install -g` | Node.js (.mjs) |
+| **macOS** | curl or npm | Bash (.sh) |
+| **Linux** | curl or npm | Bash (.sh) |
+
+> **Advanced**: Set `SISYPHUS_USE_NODE_HOOKS=1` to use Node.js hooks on macOS/Linux.
 
 ## License
 

package/dist/agents/model-lists.d.ts

@@ -0,0 +1,26 @@
+/**
+ * Default model lists for each agent
+ *
+ * Each agent has an ordered list of preferred models.
+ * The first authenticated model is used; falls back through the list.
+ */
+import type { ModelId } from '../providers/types.js';
+/**
+ * Model lists categorized by capability tier
+ */
+/** High-capability models (for complex analysis, planning, debugging) */
+export declare const OPUS_TIER_MODELS: ModelId[];
+/** Balanced models (for implementation, coordination) */
+export declare const SONNET_TIER_MODELS: ModelId[];
+/** Fast/cheap models (for search, simple tasks) */
+export declare const HAIKU_TIER_MODELS: ModelId[];
+/**
+ * Default model lists for each agent
+ * These can be overridden in user config
+ */
+export declare const DEFAULT_AGENT_MODELS: Record<string, ModelId[]>;
+/**
+ * Get default models for an agent
+ */
+export declare function getDefaultModelsForAgent(agentName: string): ModelId[];
+//# sourceMappingURL=model-lists.d.ts.map

package/dist/agents/model-lists.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"model-lists.d.ts","sourceRoot":"","sources":["../../src/agents/model-lists.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAErD;;GAEG;AAEH,yEAAyE;AACzE,eAAO,MAAM,gBAAgB,EAAE,OAAO,EAIrC,CAAC;AAEF,yDAAyD;AACzD,eAAO,MAAM,kBAAkB,EAAE,OAAO,EAIvC,CAAC;AAEF,mDAAmD;AACnD,eAAO,MAAM,iBAAiB,EAAE,OAAO,EAItC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,oBAAoB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,EAAE,CAyB1D,CAAC;AAEF;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,EAAE,CAErE"}

package/dist/agents/model-lists.js

@@ -0,0 +1,62 @@
+/**
+ * Default model lists for each agent
+ *
+ * Each agent has an ordered list of preferred models.
+ * The first authenticated model is used; falls back through the list.
+ */
+/**
+ * Model lists categorized by capability tier
+ */
+/** High-capability models (for complex analysis, planning, debugging) */
+export const OPUS_TIER_MODELS = [
+    'anthropic/claude-opus-4-5',
+    'openai/gpt-4o',
+    'google/gemini-2.0-flash',
+];
+/** Balanced models (for implementation, coordination) */
+export const SONNET_TIER_MODELS = [
+    'anthropic/claude-sonnet-4-5',
+    'openai/gpt-4o-mini',
+    'google/gemini-2.0-flash',
+];
+/** Fast/cheap models (for search, simple tasks) */
+export const HAIKU_TIER_MODELS = [
+    'anthropic/claude-haiku-4-5',
+    'google/gemini-2.0-flash-lite',
+    'openai/gpt-4o-mini',
+];
+/**
+ * Default model lists for each agent
+ * These can be overridden in user config
+ */
+export const DEFAULT_AGENT_MODELS = {
+    // Opus-tier agents (complex analysis, planning)
+    oracle: [
+        'openai/gpt-4o', // Prefer GPT-4o for complex reasoning
+        'anthropic/claude-opus-4-5',
+        'google/gemini-2.0-flash',
+    ],
+    momus: OPUS_TIER_MODELS, // Plan reviewer
+    metis: OPUS_TIER_MODELS, // Pre-planning analyst
+    prometheus: OPUS_TIER_MODELS, // Strategic planner
+    // Sonnet-tier agents (balanced implementation)
+    librarian: SONNET_TIER_MODELS,
+    'sisyphus-junior': SONNET_TIER_MODELS,
+    'frontend-engineer': SONNET_TIER_MODELS,
+    'orchestrator-sisyphus': SONNET_TIER_MODELS,
+    'multimodal-looker': SONNET_TIER_MODELS,
+    // Haiku-tier agents (fast, cheap)
+    explore: [
+        'google/gemini-2.0-flash-lite', // Prefer fast Gemini
+        'anthropic/claude-haiku-4-5',
+        'openai/gpt-4o-mini',
+    ],
+    'document-writer': HAIKU_TIER_MODELS,
+};
+/**
+ * Get default models for an agent
+ */
+export function getDefaultModelsForAgent(agentName) {
+    return DEFAULT_AGENT_MODELS[agentName] || SONNET_TIER_MODELS;
+}
+//# sourceMappingURL=model-lists.js.map

package/dist/agents/model-lists.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"model-lists.js","sourceRoot":"","sources":["../../src/agents/model-lists.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH;;GAEG;AAEH,yEAAyE;AACzE,MAAM,CAAC,MAAM,gBAAgB,GAAc;IACzC,2BAA2B;IAC3B,eAAe;IACf,yBAAyB;CAC1B,CAAC;AAEF,yDAAyD;AACzD,MAAM,CAAC,MAAM,kBAAkB,GAAc;IAC3C,6BAA6B;IAC7B,oBAAoB;IACpB,yBAAyB;CAC1B,CAAC;AAEF,mDAAmD;AACnD,MAAM,CAAC,MAAM,iBAAiB,GAAc;IAC1C,4BAA4B;IAC5B,8BAA8B;IAC9B,oBAAoB;CACrB,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAA8B;IAC7D,gDAAgD;IAChD,MAAM,EAAE;QACN,eAAe,EAAY,sCAAsC;QACjE,2BAA2B;QAC3B,yBAAyB;KAC1B;IACD,KAAK,EAAE,gBAAgB,EAAM,gBAAgB;IAC7C,KAAK,EAAE,gBAAgB,EAAM,uBAAuB;IACpD,UAAU,EAAE,gBAAgB,EAAE,oBAAoB;IAElD,+CAA+C;IAC/C,SAAS,EAAE,kBAAkB;IAC7B,iBAAiB,EAAE,kBAAkB;IACrC,mBAAmB,EAAE,kBAAkB;IACvC,uBAAuB,EAAE,kBAAkB;IAC3C,mBAAmB,EAAE,kBAAkB;IAEvC,kCAAkC;IAClC,OAAO,EAAE;QACP,8BAA8B,EAAE,qBAAqB;QACrD,4BAA4B;QAC5B,oBAAoB;KACrB;IACD,iBAAiB,EAAE,iBAAiB;CACrC,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,wBAAwB,CAAC,SAAiB;IACxD,OAAO,oBAAoB,CAAC,SAAS,CAAC,IAAI,kBAAkB,CAAC;AAC/D,CAAC"}

package/dist/auth/index.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Authentication module exports
+ */
+export type { StoredCredential, AuthStatus, ConnectOptions, OAuthResult, PKCEData, } from './types.js';
+export { CredentialStorage, getCredentialStorage } from './storage.js';
+export { generatePKCE, verifyState } from './pkce.js';
+export { OpenAIOAuth, createOpenAIOAuth, OPENAI_OAUTH_CONFIG } from './oauth-openai.js';
+export { GoogleOAuth, createGoogleOAuth, GOOGLE_OAUTH_CONFIG } from './oauth-google.js';
+export { AuthManager, getAuthManager } from './manager.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,YAAY,EACV,gBAAgB,EAChB,UAAU,EACV,cAAc,EACd,WAAW,EACX,QAAQ,GACT,MAAM,YAAY,CAAC;AAGpB,OAAO,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAGvE,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAGtD,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxF,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAGxF,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC"}

package/dist/auth/index.js

@@ -0,0 +1,13 @@
+/**
+ * Authentication module exports
+ */
+// Storage
+export { CredentialStorage, getCredentialStorage } from './storage.js';
+// PKCE
+export { generatePKCE, verifyState } from './pkce.js';
+// OAuth providers
+export { OpenAIOAuth, createOpenAIOAuth, OPENAI_OAUTH_CONFIG } from './oauth-openai.js';
+export { GoogleOAuth, createGoogleOAuth, GOOGLE_OAUTH_CONFIG } from './oauth-google.js';
+// Manager
+export { AuthManager, getAuthManager } from './manager.js';
+//# sourceMappingURL=index.js.map

package/dist/auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAWH,UAAU;AACV,OAAO,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAEvE,OAAO;AACP,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAEtD,kBAAkB;AAClB,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxF,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAExF,UAAU;AACV,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC"}

package/dist/auth/manager.d.ts

@@ -0,0 +1,54 @@
+/**
+ * Unified authentication manager for all providers
+ */
+import type { ProviderType } from '../providers/types.js';
+import type { AuthStatus, ConnectOptions } from './types.js';
+/**
+ * Authentication manager
+ */
+export declare class AuthManager {
+    private storage;
+    private openaiOAuth;
+    private googleOAuth;
+    constructor();
+    /**
+     * Connect to a provider
+     *
+     * For OAuth providers (openai, google): Opens browser for authentication
+     * For API key providers (anthropic, openrouter): Requires apiKey in options
+     */
+    connect(provider: ProviderType, options?: ConnectOptions): Promise<void>;
+    /**
+     * Disconnect from a provider
+     */
+    logout(provider: ProviderType): Promise<void>;
+    /**
+     * Get authentication status for all providers
+     */
+    getStatus(): Promise<AuthStatus[]>;
+    /**
+     * Get authentication status for a specific provider
+     */
+    getStatusForProvider(provider: ProviderType): Promise<AuthStatus>;
+    /**
+     * Check if a provider is authenticated
+     */
+    isAuthenticated(provider: ProviderType): Promise<boolean>;
+    /**
+     * Get access token for a provider (auto-refreshes if needed)
+     */
+    getAccessToken(provider: ProviderType): Promise<string | null>;
+    /**
+     * Get authorization headers for a provider
+     */
+    getHeaders(provider: ProviderType): Promise<Record<string, string>>;
+    /**
+     * Refresh OAuth tokens if they're close to expiring
+     */
+    private refreshIfNeeded;
+}
+/**
+ * Get the auth manager instance
+ */
+export declare function getAuthManager(): AuthManager;
+//# sourceMappingURL=manager.d.ts.map

package/dist/auth/manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"manager.d.ts","sourceRoot":"","sources":["../../src/auth/manager.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,KAAK,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAU7D;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,OAAO,CAAoB;IACnC,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,WAAW,CAAc;;IAQjC;;;;;OAKG;IACG,OAAO,CAAC,QAAQ,EAAE,YAAY,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;IA+C9E;;OAEG;IACG,MAAM,CAAC,QAAQ,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAKnD;;OAEG;IACG,SAAS,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;IAKxC;;OAEG;IACG,oBAAoB,CAAC,QAAQ,EAAE,YAAY,GAAG,OAAO,CAAC,UAAU,CAAC;IA4DvE;;OAEG;IACG,eAAe,CAAC,QAAQ,EAAE,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC;IAK/D;;OAEG;IACG,cAAc,CAAC,QAAQ,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAmBpE;;OAEG;IACG,UAAU,CAAC,QAAQ,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAuCzE;;OAEG;YACW,eAAe;CA+B9B;AAOD;;GAEG;AACH,wBAAgB,cAAc,IAAI,WAAW,CAK5C"}

package/dist/auth/manager.js

@@ -0,0 +1,248 @@
+/**
+ * Unified authentication manager for all providers
+ */
+import { getCredentialStorage } from './storage.js';
+import { createOpenAIOAuth } from './oauth-openai.js';
+import { createGoogleOAuth } from './oauth-google.js';
+/**
+ * Time before expiry to refresh tokens (5 minutes)
+ */
+const REFRESH_THRESHOLD_MS = 5 * 60 * 1000;
+/**
+ * Authentication manager
+ */
+export class AuthManager {
+    storage;
+    openaiOAuth;
+    googleOAuth;
+    constructor() {
+        this.storage = getCredentialStorage();
+        this.openaiOAuth = createOpenAIOAuth();
+        this.googleOAuth = createGoogleOAuth();
+    }
+    /**
+     * Connect to a provider
+     *
+     * For OAuth providers (openai, google): Opens browser for authentication
+     * For API key providers (anthropic, openrouter): Requires apiKey in options
+     */
+    async connect(provider, options) {
+        // Check if already connected and not forcing
+        if (!options?.force && await this.isAuthenticated(provider)) {
+            const status = await this.getStatusForProvider(provider);
+            console.log(`Already connected to ${provider}${status.email ? ` as ${status.email}` : ''}.`);
+            console.log('Use --force to re-authenticate.');
+            return;
+        }
+        switch (provider) {
+            case 'openai': {
+                const result = await this.openaiOAuth.authenticate();
+                if (result.success && result.tokens) {
+                    await this.storage.storeOAuthTokens('openai', result.tokens, result.email);
+                    console.log(`\nConnected to OpenAI${result.email ? ` as ${result.email}` : ''}.`);
+                }
+                else {
+                    throw new Error(result.error || 'OpenAI authentication failed');
+                }
+                break;
+            }
+            case 'google': {
+                const result = await this.googleOAuth.authenticate();
+                if (result.success && result.tokens) {
+                    await this.storage.storeOAuthTokens('google', result.tokens, result.email);
+                    console.log(`\nConnected to Google${result.email ? ` as ${result.email}` : ''}.`);
+                }
+                else {
+                    throw new Error(result.error || 'Google authentication failed');
+                }
+                break;
+            }
+            case 'anthropic':
+            case 'openrouter': {
+                if (!options?.apiKey) {
+                    throw new Error(`API key required for ${provider}. Use /connect ${provider} <api-key>`);
+                }
+                await this.storage.storeApiKey(provider, options.apiKey);
+                console.log(`Connected to ${provider}.`);
+                break;
+            }
+            default:
+                throw new Error(`Unknown provider: ${provider}`);
+        }
+    }
+    /**
+     * Disconnect from a provider
+     */
+    async logout(provider) {
+        await this.storage.delete(provider);
+        console.log(`Disconnected from ${provider}.`);
+    }
+    /**
+     * Get authentication status for all providers
+     */
+    async getStatus() {
+        const providers = ['anthropic', 'openai', 'google', 'openrouter'];
+        return Promise.all(providers.map(p => this.getStatusForProvider(p)));
+    }
+    /**
+     * Get authentication status for a specific provider
+     */
+    async getStatusForProvider(provider) {
+        // Check environment variables for API key providers
+        if (provider === 'anthropic' && process.env.ANTHROPIC_API_KEY) {
+            return {
+                provider,
+                authenticated: true,
+                authType: 'api_key',
+            };
+        }
+        if (provider === 'openrouter' && process.env.OPENROUTER_API_KEY) {
+            return {
+                provider,
+                authenticated: true,
+                authType: 'api_key',
+            };
+        }
+        const credential = await this.storage.getCredential(provider);
+        if (!credential) {
+            return {
+                provider,
+                authenticated: false,
+            };
+        }
+        // Check if OAuth token is expired
+        if (credential.type === 'oauth' && credential.expiresAt) {
+            if (Date.now() > credential.expiresAt) {
+                // Try to refresh
+                try {
+                    await this.refreshIfNeeded(provider);
+                    const refreshed = await this.storage.getCredential(provider);
+                    return {
+                        provider,
+                        authenticated: true,
+                        authType: 'oauth',
+                        expiresAt: refreshed?.expiresAt,
+                        email: refreshed?.email,
+                    };
+                }
+                catch {
+                    return {
+                        provider,
+                        authenticated: false,
+                        error: 'Token expired and refresh failed',
+                    };
+                }
+            }
+        }
+        return {
+            provider,
+            authenticated: true,
+            authType: credential.type,
+            expiresAt: credential.expiresAt,
+            email: credential.email,
+        };
+    }
+    /**
+     * Check if a provider is authenticated
+     */
+    async isAuthenticated(provider) {
+        const status = await this.getStatusForProvider(provider);
+        return status.authenticated;
+    }
+    /**
+     * Get access token for a provider (auto-refreshes if needed)
+     */
+    async getAccessToken(provider) {
+        // Check environment variables first
+        if (provider === 'anthropic' && process.env.ANTHROPIC_API_KEY) {
+            return process.env.ANTHROPIC_API_KEY;
+        }
+        if (provider === 'openrouter' && process.env.OPENROUTER_API_KEY) {
+            return process.env.OPENROUTER_API_KEY;
+        }
+        // Auto-refresh OAuth tokens if needed
+        if (provider === 'openai' || provider === 'google') {
+            await this.refreshIfNeeded(provider);
+        }
+        const credential = await this.storage.getCredential(provider);
+        return credential?.accessToken || null;
+    }
+    /**
+     * Get authorization headers for a provider
+     */
+    async getHeaders(provider) {
+        const token = await this.getAccessToken(provider);
+        if (!token) {
+            throw new Error(`Not authenticated with ${provider}. Run /connect ${provider}`);
+        }
+        switch (provider) {
+            case 'anthropic':
+                return {
+                    'x-api-key': token,
+                    'anthropic-version': '2023-06-01',
+                    'content-type': 'application/json',
+                };
+            case 'openai':
+                return {
+                    Authorization: `Bearer ${token}`,
+                    'Content-Type': 'application/json',
+                };
+            case 'google':
+                return {
+                    Authorization: `Bearer ${token}`,
+                    'Content-Type': 'application/json',
+                };
+            case 'openrouter':
+                return {
+                    Authorization: `Bearer ${token}`,
+                    'Content-Type': 'application/json',
+                    'HTTP-Referer': 'https://github.com/your-repo', // Required by OpenRouter
+                };
+            default:
+                throw new Error(`Unknown provider: ${provider}`);
+        }
+    }
+    /**
+     * Refresh OAuth tokens if they're close to expiring
+     */
+    async refreshIfNeeded(provider) {
+        const credential = await this.storage.getOAuthTokens(provider);
+        if (!credential) {
+            return;
+        }
+        // Check if refresh is needed (5 minutes before expiry)
+        if (credential.expiresAt && Date.now() > credential.expiresAt - REFRESH_THRESHOLD_MS) {
+            if (!credential.refreshToken) {
+                throw new Error(`No refresh token available for ${provider}. Please re-authenticate.`);
+            }
+            console.log(`Refreshing ${provider} token...`);
+            try {
+                let newTokens;
+                if (provider === 'openai') {
+                    newTokens = await this.openaiOAuth.refreshTokens(credential.refreshToken);
+                }
+                else {
+                    newTokens = await this.googleOAuth.refreshTokens(credential.refreshToken);
+                }
+                await this.storage.storeOAuthTokens(provider, newTokens, credential.email);
+            }
+            catch (err) {
+                throw new Error(`Failed to refresh ${provider} token: ${err instanceof Error ? err.message : 'Unknown error'}`);
+            }
+        }
+    }
+}
+/**
+ * Singleton auth manager instance
+ */
+let authManagerInstance = null;
+/**
+ * Get the auth manager instance
+ */
+export function getAuthManager() {
+    if (!authManagerInstance) {
+        authManagerInstance = new AuthManager();
+    }
+    return authManagerInstance;
+}
+//# sourceMappingURL=manager.js.map

package/dist/auth/manager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"manager.js","sourceRoot":"","sources":["../../src/auth/manager.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,EAAE,oBAAoB,EAAqB,MAAM,cAAc,CAAC;AACvE,OAAO,EAAE,iBAAiB,EAAe,MAAM,mBAAmB,CAAC;AACnE,OAAO,EAAE,iBAAiB,EAAe,MAAM,mBAAmB,CAAC;AAEnE;;GAEG;AACH,MAAM,oBAAoB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAE3C;;GAEG;AACH,MAAM,OAAO,WAAW;IACd,OAAO,CAAoB;IAC3B,WAAW,CAAc;IACzB,WAAW,CAAc;IAEjC;QACE,IAAI,CAAC,OAAO,GAAG,oBAAoB,EAAE,CAAC;QACtC,IAAI,CAAC,WAAW,GAAG,iBAAiB,EAAE,CAAC;QACvC,IAAI,CAAC,WAAW,GAAG,iBAAiB,EAAE,CAAC;IACzC,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CAAC,QAAsB,EAAE,OAAwB;QAC5D,6CAA6C;QAC7C,IAAI,CAAC,OAAO,EAAE,KAAK,IAAI,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YACzD,OAAO,CAAC,GAAG,CAAC,wBAAwB,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAC7F,OAAO,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC;YAC/C,OAAO;QACT,CAAC;QAED,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,CAAC;gBACrD,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;oBACpC,MAAM,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;oBAC3E,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;gBACpF,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,IAAI,8BAA8B,CAAC,CAAC;gBAClE,CAAC;gBACD,MAAM;YACR,CAAC;YAED,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,CAAC;gBACrD,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;oBACpC,MAAM,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;oBAC3E,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;gBACpF,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,IAAI,8BAA8B,CAAC,CAAC;gBAClE,CAAC;gBACD,MAAM;YACR,CAAC;YAED,KAAK,WAAW,CAAC;YACjB,KAAK,YAAY,CAAC,CAAC,CAAC;gBAClB,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC;oBACrB,MAAM,IAAI,KAAK,CAAC,wBAAwB,QAAQ,kBAAkB,QAAQ,YAAY,CAAC,CAAC;gBAC1F,CAAC;gBACD,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;gBACzD,OAAO,CAAC,GAAG,CAAC,gBAAgB,QAAQ,GAAG,CAAC,CAAC;gBACzC,MAAM;YACR,CAAC;YAED;gBACE,MAAM,IAAI,KAAK,CAAC,qBAAqB,QAAQ,EAAE,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,QAAsB;QACjC,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,qBAAqB,QAAQ,GAAG,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS;QACb,MAAM,SAAS,GAAmB,CAAC,WAAW,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QAClF,OAAO,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,oBAAoB,CAAC,QAAsB;QAC/C,oDAAoD;QACpD,IAAI,QAAQ,KAAK,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;YAC9D,OAAO;gBACL,QAAQ;gBACR,aAAa,EAAE,IAAI;gBACnB,QAAQ,EAAE,SAAS;aACpB,CAAC;QACJ,CAAC;QAED,IAAI,QAAQ,KAAK,YAAY,IAAI,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC;YAChE,OAAO;gBACL,QAAQ;gBACR,aAAa,EAAE,IAAI;gBACnB,QAAQ,EAAE,SAAS;aACpB,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;QAE9D,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO;gBACL,QAAQ;gBACR,aAAa,EAAE,KAAK;aACrB,CAAC;QACJ,CAAC;QAED,kCAAkC;QAClC,IAAI,UAAU,CAAC,IAAI,KAAK,OAAO,IAAI,UAAU,CAAC,SAAS,EAAE,CAAC;YACxD,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,SAAS,EAAE,CAAC;gBACtC,iBAAiB;gBACjB,IAAI,CAAC;oBACH,MAAM,IAAI,CAAC,eAAe,CAAC,QAA+B,CAAC,CAAC;oBAC5D,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;oBAC7D,OAAO;wBACL,QAAQ;wBACR,aAAa,EAAE,IAAI;wBACnB,QAAQ,EAAE,OAAO;wBACjB,SAAS,EAAE,SAAS,EAAE,SAAS;wBAC/B,KAAK,EAAE,SAAS,EAAE,KAAK;qBACxB,CAAC;gBACJ,CAAC;gBAAC,MAAM,CAAC;oBACP,OAAO;wBACL,QAAQ;wBACR,aAAa,EAAE,KAAK;wBACpB,KAAK,EAAE,kCAAkC;qBAC1C,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO;YACL,QAAQ;YACR,aAAa,EAAE,IAAI;YACnB,QAAQ,EAAE,UAAU,CAAC,IAAI;YACzB,SAAS,EAAE,UAAU,CAAC,SAAS;YAC/B,KAAK,EAAE,UAAU,CAAC,KAAK;SACxB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe,CAAC,QAAsB;QAC1C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QACzD,OAAO,MAAM,CAAC,aAAa,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAAC,QAAsB;QACzC,oCAAoC;QACpC,IAAI,QAAQ,KAAK,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;YAC9D,OAAO,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;QACvC,CAAC;QAED,IAAI,QAAQ,KAAK,YAAY,IAAI,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC;YAChE,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;QACxC,CAAC;QAED,sCAAsC;QACtC,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACnD,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC;QAED,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;QAC9D,OAAO,UAAU,EAAE,WAAW,IAAI,IAAI,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,QAAsB;QACrC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QAElD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,0BAA0B,QAAQ,kBAAkB,QAAQ,EAAE,CAAC,CAAC;QAClF,CAAC;QAED,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,WAAW;gBACd,OAAO;oBACL,WAAW,EAAE,KAAK;oBAClB,mBAAmB,EAAE,YAAY;oBACjC,cAAc,EAAE,kBAAkB;iBACnC,CAAC;YAEJ,KAAK,QAAQ;gBACX,OAAO;oBACL,aAAa,EAAE,UAAU,KAAK,EAAE;oBAChC,cAAc,EAAE,kBAAkB;iBACnC,CAAC;YAEJ,KAAK,QAAQ;gBACX,OAAO;oBACL,aAAa,EAAE,UAAU,KAAK,EAAE;oBAChC,cAAc,EAAE,kBAAkB;iBACnC,CAAC;YAEJ,KAAK,YAAY;gBACf,OAAO;oBACL,aAAa,EAAE,UAAU,KAAK,EAAE;oBAChC,cAAc,EAAE,kBAAkB;oBAClC,cAAc,EAAE,8BAA8B,EAAE,yBAAyB;iBAC1E,CAAC;YAEJ;gBACE,MAAM,IAAI,KAAK,CAAC,qBAAqB,QAAQ,EAAE,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,eAAe,CAAC,QAA6B;QACzD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QAE/D,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO;QACT,CAAC;QAED,uDAAuD;QACvD,IAAI,UAAU,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,SAAS,GAAG,oBAAoB,EAAE,CAAC;YACrF,IAAI,CAAC,UAAU,CAAC,YAAY,EAAE,CAAC;gBAC7B,MAAM,IAAI,KAAK,CAAC,kCAAkC,QAAQ,2BAA2B,CAAC,CAAC;YACzF,CAAC;YAED,OAAO,CAAC,GAAG,CAAC,cAAc,QAAQ,WAAW,CAAC,CAAC;YAE/C,IAAI,CAAC;gBACH,IAAI,SAAS,CAAC;gBACd,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBAC1B,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;gBAC5E,CAAC;qBAAM,CAAC;oBACN,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;gBAC5E,CAAC;gBAED,MAAM,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,QAAQ,EAAE,SAAS,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC;YAC7E,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CACb,qBAAqB,QAAQ,WAAW,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAC/F,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAED;;GAEG;AACH,IAAI,mBAAmB,GAAuB,IAAI,CAAC;AAEnD;;GAEG;AACH,MAAM,UAAU,cAAc;IAC5B,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,mBAAmB,GAAG,IAAI,WAAW,EAAE,CAAC;IAC1C,CAAC;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC"}

package/dist/auth/oauth-google.d.ts

@@ -0,0 +1,47 @@
+/**
+ * Google OAuth 2.0 implementation for consumer Google accounts
+ *
+ * Uses the same OAuth flow as Gemini CLI
+ */
+import type { OAuthTokens, OAuthConfig } from '../providers/types.js';
+import type { OAuthResult, PKCEData } from './types.js';
+/**
+ * Google OAuth configuration
+ * These are the same credentials used by Gemini CLI
+ */
+export declare const GOOGLE_OAUTH_CONFIG: OAuthConfig;
+/**
+ * Google OAuth handler
+ */
+export declare class GoogleOAuth {
+    private config;
+    constructor(config?: OAuthConfig);
+    /**
+     * Generate the authorization URL for the OAuth flow
+     */
+    getAuthorizationUrl(pkce: PKCEData, redirectUri: string): string;
+    /**
+     * Exchange authorization code for tokens
+     */
+    exchangeCodeForTokens(code: string, codeVerifier: string, redirectUri: string): Promise<OAuthTokens>;
+    /**
+     * Refresh tokens using refresh token
+     */
+    refreshTokens(refreshToken: string): Promise<OAuthTokens>;
+    /**
+     * Get user info from Google
+     */
+    getUserInfo(accessToken: string): Promise<{
+        email?: string;
+    }>;
+    /**
+     * Run the full OAuth authentication flow
+     * Opens a browser and waits for callback
+     */
+    authenticate(): Promise<OAuthResult>;
+}
+/**
+ * Create Google OAuth handler instance
+ */
+export declare function createGoogleOAuth(): GoogleOAuth;
+//# sourceMappingURL=oauth-google.d.ts.map

package/dist/auth/oauth-google.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-google.d.ts","sourceRoot":"","sources":["../../src/auth/oauth-google.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAMH,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACtE,OAAO,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AA2BxD;;;GAGG;AACH,eAAO,MAAM,mBAAmB,EAAE,WAOjC,CAAC;AAwBF;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAc;gBAEhB,MAAM,GAAE,WAAiC;IAIrD;;OAEG;IACH,mBAAmB,CAAC,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,GAAG,MAAM;IAgBhE;;OAEG;IACG,qBAAqB,CACzB,IAAI,EAAE,MAAM,EACZ,YAAY,EAAE,MAAM,EACpB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,WAAW,CAAC;IAsCvB;;OAEG;IACG,aAAa,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAoC/D;;OAEG;IACG,WAAW,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAkBnE;;;OAGG;IACG,YAAY,IAAI,OAAO,CAAC,WAAW,CAAC;CA8G3C;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,WAAW,CAE/C"}