opencode-codebuddy-external-auth 1.0.24 → 1.0.25

package/README.md

@@ -18,12 +18,8 @@ npm install opencode-codebuddy-external-auth
   "plugin": ["opencode-codebuddy-external-auth"],
   "provider": {
     "codebuddy-external": {
-      "npm": "@ai-sdk/openai-compatible",
+      "npm": "@ai-sdk/anthropic",
       "name": "CodeBuddy External (IOA)",
-      "options": {
-        "compatibility": "compatible",
-        "baseURL": "https://copilot.tencent.com"
-      },
       "models": {
         "claude-4.5": { "name": "Claude Sonnet 4.5 (x2.20)", "contextLength": 176000 },
         "claude-opus-4.5": { "name": "Claude Opus 4.5 (x3.33)", "contextLength": 176000 },
@@ -45,7 +41,7 @@ npm install opencode-codebuddy-external-auth
       }
     }
   },
-  "model": "codebuddy-external/glm-4.7-ioa"
+  "model": "codebuddy-external/claude-4.5"
 }
 ```
 
@@ -57,9 +53,6 @@ npm install opencode-codebuddy-external-auth
 4. 在浏览器中完成 IOA 登录
 5. 返回终端开始使用
 
-> 日志会输出实际发送的模型：`[codebuddy-external] 使用模型: <model>`
-> 如模型不在可用列表，直接报错并提示更换（不再自动回退）
-
 ## 支持的模型
 
 根据 CodeBuddy IOA 版本配置（2026-01-24）：
@@ -103,13 +96,10 @@ npm install opencode-codebuddy-external-auth
 
 ## 认证流程
 
-1. 插件请求 `/v2/plugin/auth/state` 获取认证状态和 URL
+1. 插件请求 `/plugin/auth/state` 获取认证状态和 URL
 2. 用户在浏览器中打开 URL 完成 IOA 登录
-3. 插件轮询 `/v2/plugin/auth/token` 获取访问令牌
-4. Token 到期前自动通过 `/v2/plugin/auth/token/refresh` 刷新
-
-> 插件会自动解析 access token 获取 tenant/user/enterprise；
-> enterprise 缺失时会请求 `/console/enterprises/{tenantId}/config/models` 兜底
+3. 插件轮询 `/plugin/auth/token` 获取访问令牌
+4. Token 到期前自动通过 `/plugin/auth/token/refresh` 刷新
 
 ## License
 

package/dist/plugin.js

@@ -8,8 +8,8 @@ const PROVIDER_ID = "codebuddy-external";
 const CONFIG = {
     // IOA 版本使用 copilot.tencent.com 进行认证
     serverUrl: "https://copilot.tencent.com",
-    // 真实对话 API 路径（优先尝试 /v2/chat/completions）
-    chatCompletionsPaths: ["/v2/chat/completions", "/v2/plugin/chat/completions"],
+    // 真实对话 API 路径
+    chatCompletionsPath: "/v2/chat/completions",
     // 平台标识
     platform: "CLI",
     appVersion: "2.37.20",
@@ -39,35 +39,6 @@ function generateUuid() {
     }
     return `${Date.now()}-${Math.random().toString(16).slice(2)}`;
 }
-function generateHexId(length) {
-    const bytes = Math.ceil(length / 2);
-    const buffer = new Uint8Array(bytes);
-    if (globalThis.crypto?.getRandomValues) {
-        globalThis.crypto.getRandomValues(buffer);
-    }
-    else {
-        for (let i = 0; i < buffer.length; i += 1) {
-            buffer[i] = Math.floor(Math.random() * 256);
-        }
-    }
-    return Array.from(buffer)
-        .map((b) => b.toString(16).padStart(2, "0"))
-        .join("")
-        .slice(0, length);
-}
-function buildTraceHeaders() {
-    const traceId = generateHexId(32);
-    const spanId = generateHexId(16);
-    const parentSpanId = generateHexId(16);
-    const sampled = "1";
-    return {
-        "X-B3-TraceId": traceId,
-        "X-B3-ParentSpanId": parentSpanId,
-        "X-B3-SpanId": spanId,
-        "X-B3-Sampled": sampled,
-        b3: `${traceId}-${spanId}-${sampled}-${parentSpanId}`,
-    };
-}
 function decodeJwtPayload(token) {
     try {
         const parts = token.split(".");
@@ -88,16 +59,6 @@ function extractTenantIdFromIss(iss) {
     const match = iss.match(/realms\/sso-([^/]+)$/);
     return match?.[1] || "";
 }
-function extractTenantIdFromRoles(roles) {
-    if (!roles || roles.length === 0)
-        return "";
-    for (const role of roles) {
-        const match = role.match(/ent-(?:member|plugin-enabled|group):([A-Za-z0-9_-]+)/);
-        if (match?.[1])
-            return match[1];
-    }
-    return "";
-}
 let warnedTenantId = false;
 let warnedEnterpriseId = false;
 let warnedUserId = false;
@@ -105,32 +66,18 @@ function resolveTenantId(accessToken) {
     if (CONFIG.tenantId)
         return CONFIG.tenantId;
     const payload = decodeJwtPayload(accessToken);
-    const roles = payload?.realm_access?.roles || payload?.resource_access?.account?.roles;
     return (payload?.tenant_id ||
         payload?.tenantId ||
-        extractTenantIdFromRoles(roles) ||
         extractTenantIdFromIss(payload?.iss));
 }
-function extractEnterpriseIdFromRoles(roles) {
-    if (!roles || roles.length === 0)
-        return "";
-    for (const role of roles) {
-        const match = role.match(/group-admin:([A-Za-z0-9-]+)/);
-        if (match?.[1])
-            return match[1];
-    }
-    return "";
-}
 function resolveEnterpriseId(accessToken) {
     if (CONFIG.enterpriseId)
         return CONFIG.enterpriseId;
     const payload = decodeJwtPayload(accessToken);
-    const roles = payload?.realm_access?.roles || payload?.resource_access?.account?.roles;
     return (payload?.enterprise_id ||
         payload?.enterpriseId ||
         payload?.ent_id ||
         payload?.entId ||
-        extractEnterpriseIdFromRoles(roles) ||
         "");
 }
 function resolveUserId(accessToken) {
@@ -144,137 +91,10 @@ function resolveModel(inputModel) {
         return CONFIG.defaultModel;
     return inputModel || "";
 }
-let cachedTenantId = "";
-let cachedEnterpriseId = "";
-let cachedUserId = "";
-let cachedModelIds = [];
-let warnedModelFallback = false;
-let warnedIdSummary = false;
-function extractModelIds(payload) {
-    const results = [];
-    const collect = (list) => {
-        if (!Array.isArray(list))
-            return;
-        for (const item of list) {
-            if (!item)
-                continue;
-            if (typeof item === "string") {
-                results.push(item);
-                continue;
-            }
-            if (typeof item === "object") {
-                const id = item.id ||
-                    item.model ||
-                    item.modelId ||
-                    item.model_id ||
-                    item.code ||
-                    item.name;
-                if (typeof id === "string")
-                    results.push(id);
-                if (Array.isArray(item.models))
-                    collect(item.models);
-            }
-        }
-    };
-    const candidates = [
-        payload?.data?.models,
-        payload?.data?.modelList,
-        payload?.data?.availableModels,
-        payload?.models,
-        payload?.modelList,
-        payload?.availableModels,
-        payload?.data?.modelGroups,
-        payload?.modelGroups,
-    ];
-    for (const list of candidates) {
-        collect(list);
-    }
-    return Array.from(new Set(results)).filter(Boolean);
-}
-async function fetchConfigModels(accessToken, tenantId) {
-    if (!tenantId)
-        return { enterpriseId: "", models: [] };
-    try {
-        const url = `${CONFIG.serverUrl}/console/enterprises/${tenantId}/config/models`;
-        const response = await fetch(url, {
-            method: "GET",
-            headers: {
-                "Accept": "application/json, text/plain, */*",
-                "X-Requested-With": "XMLHttpRequest",
-                "Authorization": `Bearer ${accessToken}`,
-            },
-        });
-        if (!response.ok) {
-            return { enterpriseId: "", models: [] };
-        }
-        const data = await response.json();
-        const enterpriseId = data?.data?.enterpriseId || data?.enterpriseId || "";
-        const models = extractModelIds(data);
-        return { enterpriseId, models };
-    }
-    catch {
-        return { enterpriseId: "", models: [] };
-    }
-}
-async function getSupportedModels(accessToken, tenantId) {
-    if (cachedModelIds.length > 0)
-        return cachedModelIds;
-    const config = await fetchConfigModels(accessToken, tenantId);
-    if (config.enterpriseId && !cachedEnterpriseId) {
-        cachedEnterpriseId = config.enterpriseId;
-    }
-    if (config.models.length) {
-        cachedModelIds = config.models;
-    }
-    return cachedModelIds;
-}
-function pickFallbackModel(models) {
-    if (models.includes("glm-4.7-ioa"))
-        return "glm-4.7-ioa";
-    return models[0] || "";
-}
-function buildEnterpriseHeaders(accessToken) {
-    const tenantId = cachedTenantId || resolveTenantId(accessToken);
-    const enterpriseId = cachedEnterpriseId || resolveEnterpriseId(accessToken);
-    const resolvedTenantId = tenantId || enterpriseId;
-    if (tenantId)
-        cachedTenantId = tenantId;
-    if (enterpriseId)
-        cachedEnterpriseId = enterpriseId;
-    const headers = {};
-    if (resolvedTenantId)
-        headers["X-Tenant-Id"] = resolvedTenantId;
-    if (enterpriseId)
-        headers["X-Enterprise-Id"] = enterpriseId;
-    return headers;
-}
-async function buildAuthHeaders(accessToken) {
-    const payload = decodeJwtPayload(accessToken);
-    const roles = payload?.realm_access?.roles || payload?.resource_access?.account?.roles;
-    let tenantId = cachedTenantId || resolveTenantId(accessToken);
-    let enterpriseId = cachedEnterpriseId || resolveEnterpriseId(accessToken);
-    const userId = cachedUserId || resolveUserId(accessToken);
-    if (!enterpriseId) {
-        const config = await fetchConfigModels(accessToken, tenantId);
-        enterpriseId = config.enterpriseId || enterpriseId;
-        if (config.models.length) {
-            cachedModelIds = config.models;
-        }
-    }
-    if (!tenantId && enterpriseId) {
-        tenantId = enterpriseId;
-    }
-    if (tenantId)
-        cachedTenantId = tenantId;
-    if (enterpriseId)
-        cachedEnterpriseId = enterpriseId;
-    if (userId)
-        cachedUserId = userId;
-    if (!warnedIdSummary) {
-        warnedIdSummary = true;
-        console.log(`[codebuddy-external] IDs: tenant=${tenantId ? "ok" : "empty"}, enterprise=${enterpriseId ? "ok" : "empty"}, user=${userId ? "ok" : "empty"}`);
-        console.log(`[codebuddy-external] Token payload: iss=${payload?.iss ? "ok" : "empty"}, sub=${payload?.sub ? "ok" : "empty"}, roles=${Array.isArray(roles) ? roles.length : 0}`);
-    }
+function buildAuthHeaders(accessToken) {
+    const tenantId = resolveTenantId(accessToken);
+    const enterpriseId = resolveEnterpriseId(accessToken);
+    const userId = resolveUserId(accessToken);
     if (!tenantId && !warnedTenantId) {
         warnedTenantId = true;
         console.warn("[codebuddy-external] 未获取到 X-Tenant-Id，请设置 CODEBUDDY_TENANT_ID");
@@ -290,8 +110,6 @@ async function buildAuthHeaders(accessToken) {
     const conversationId = generateUuid();
     const messageId = generateUuid();
     const requestId = messageId;
-    const traceHeaders = buildTraceHeaders();
-    const encodedUserId = userId ? encodeURIComponent(userId) : "";
     const headers = {
         "Accept": "application/json",
         "Content-Type": "application/json",
@@ -308,14 +126,13 @@ async function buildAuthHeaders(accessToken) {
         "X-Domain": CONFIG.domain,
         "X-Product": CONFIG.product,
         "User-Agent": `CLI/${CONFIG.appVersion} CodeBuddy/${CONFIG.appVersion}`,
-        ...traceHeaders,
     };
     if (tenantId)
         headers["X-Tenant-Id"] = tenantId;
     if (enterpriseId)
         headers["X-Enterprise-Id"] = enterpriseId;
-    if (encodedUserId)
-        headers["X-User-Id"] = encodedUserId;
+    if (userId)
+        headers["X-User-Id"] = userId;
     return headers;
 }
 /**
@@ -526,48 +343,30 @@ async function executeViaAuthApi(openaiRequest, auth) {
         throw new Error("缺少 access token，无法调用 CodeBuddy API");
     }
     let accessToken = auth.access;
-    const tenantId = resolveTenantId(accessToken);
     const resolvedModel = resolveModel(openaiRequest.model);
-    const supportedModels = await getSupportedModels(accessToken, tenantId);
     if (!resolvedModel) {
-        throw new Error("未设置模型，请在 OpenCode 选择模型");
+        throw new Error("未设置模型，请设置 CODEBUDDY_DEFAULT_MODEL 或在 OpenCode 选择模型");
     }
-    if (supportedModels.length && !supportedModels.includes(resolvedModel)) {
-        throw new Error(`[codebuddy-external] 模型 ${resolvedModel} 不在可用列表，请更换模型`);
-    }
-    console.log(`[codebuddy-external] 使用模型: ${resolvedModel}`);
     const requestBody = {
         ...openaiRequest,
         model: resolvedModel,
         response_format: openaiRequest.response_format || { type: "text" },
         stream: openaiRequest.stream ?? true,
     };
-    const doRequest = async (token, path) => {
-        const headers = await buildAuthHeaders(token);
-        const response = await fetch(`${CONFIG.serverUrl}${path}`, {
+    const doRequest = async (token) => {
+        const response = await fetch(`${CONFIG.serverUrl}${CONFIG.chatCompletionsPath}`, {
             method: "POST",
-            headers,
+            headers: buildAuthHeaders(token),
             body: JSON.stringify(requestBody),
         });
         return response;
     };
-    const requestWithFallback = async (token) => {
-        let lastResponse = null;
-        for (const path of CONFIG.chatCompletionsPaths) {
-            const response = await doRequest(token, path);
-            if (response.status !== 404) {
-                return response;
-            }
-            lastResponse = response;
-        }
-        return lastResponse || doRequest(token, CONFIG.chatCompletionsPaths[0]);
-    };
-    let response = await requestWithFallback(accessToken);
+    let response = await doRequest(accessToken);
     if ((response.status === 401 || response.status === 403) && auth.refresh) {
-        const refreshed = await refreshAccessToken(auth.refresh, accessToken);
+        const refreshed = await refreshAccessToken(auth.refresh);
         if (refreshed?.accessToken) {
             accessToken = refreshed.accessToken;
-            response = await requestWithFallback(accessToken);
+            response = await doRequest(accessToken);
         }
     }
     if (!response.ok) {
@@ -777,22 +576,15 @@ async function pollForToken(state, expiresAt, signal) {
 /**
  * Refresh the access token
  */
-async function refreshAccessToken(refreshToken, accessToken) {
+async function refreshAccessToken(refreshToken) {
     try {
-        const traceHeaders = buildTraceHeaders();
-        const headers = {
-            "Content-Type": "application/json",
-            "Accept": "application/json",
-            "X-Refresh-Token": refreshToken,
-            ...traceHeaders,
-        };
-        if (accessToken) {
-            headers["Authorization"] = `Bearer ${accessToken}`;
-            Object.assign(headers, buildEnterpriseHeaders(accessToken));
-        }
         const response = await fetch(`${CONFIG.serverUrl}/v2/plugin/auth/token/refresh`, {
             method: "POST",
-            headers,
+            headers: {
+                "Content-Type": "application/json",
+                "Accept": "application/json",
+                "Authorization": `Bearer ${refreshToken}`,
+            },
         });
         if (!response.ok) {
             console.warn(`[codebuddy-external] Token refresh failed: ${response.status}`);
@@ -834,7 +626,7 @@ const CodeBuddyExternalAuthPlugin = async (_input) => {
                 if (auth.type !== "oauth" || !auth.refresh) {
                     return null;
                 }
-                const tokenData = await refreshAccessToken(auth.refresh, auth.access);
+                const tokenData = await refreshAccessToken(auth.refresh);
                 if (!tokenData) {
                     return null;
                 }
@@ -864,9 +656,6 @@ const CodeBuddyExternalAuthPlugin = async (_input) => {
                                 if (!tokenData) {
                                     return { type: "failed" };
                                 }
-                                if (tokenData.userId && !cachedUserId) {
-                                    cachedUserId = tokenData.userId;
-                                }
                                 return {
                                     type: "success",
                                     access: tokenData.accessToken,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-codebuddy-external-auth",
-  "version": "1.0.24",
+  "version": "1.0.25",
   "description": "OpenCode plugin for CodeBuddy External (IOA) authentication",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",