opencode-gemini-auth 1.3.9 → 1.3.11

package/src/plugin/retry/helpers.ts

@@ -0,0 +1,175 @@
+import { parseRetryDelayFromBody } from "./quota";
+
+export const DEFAULT_MAX_ATTEMPTS = 3;
+const DEFAULT_INITIAL_DELAY_MS = 5000;
+const DEFAULT_MAX_DELAY_MS = 30000;
+
+const RETRYABLE_NETWORK_CODES = new Set([
+  "ECONNRESET",
+  "ETIMEDOUT",
+  "EPIPE",
+  "ENOTFOUND",
+  "EAI_AGAIN",
+  "ECONNREFUSED",
+  "ERR_SSL_SSLV3_ALERT_BAD_RECORD_MAC",
+  "ERR_SSL_WRONG_VERSION_NUMBER",
+  "ERR_SSL_DECRYPTION_FAILED_OR_BAD_RECORD_MAC",
+  "ERR_SSL_BAD_RECORD_MAC",
+  "EPROTO",
+]);
+
+/**
+ * Ensures request bodies are replayable before we attempt retries.
+ */
+export function canRetryRequest(init: RequestInit | undefined): boolean {
+  if (!init?.body) {
+    return true;
+  }
+
+  const body = init.body;
+  if (typeof body === "string") {
+    return true;
+  }
+  if (typeof URLSearchParams !== "undefined" && body instanceof URLSearchParams) {
+    return true;
+  }
+  if (typeof ArrayBuffer !== "undefined" && body instanceof ArrayBuffer) {
+    return true;
+  }
+  if (typeof ArrayBuffer !== "undefined" && ArrayBuffer.isView(body)) {
+    return true;
+  }
+  if (typeof Blob !== "undefined" && body instanceof Blob) {
+    return true;
+  }
+
+  return false;
+}
+
+/**
+ * Status-based retry policy aligned to Gemini CLI.
+ */
+export function isRetryableStatus(status: number): boolean {
+  return status === 429 || (status >= 500 && status < 600);
+}
+
+/**
+ * Handles transient network failures (including nested `cause.code` errors).
+ */
+export function isRetryableNetworkError(error: unknown): boolean {
+  const code = getNetworkErrorCode(error);
+  if (code && RETRYABLE_NETWORK_CODES.has(code)) {
+    return true;
+  }
+
+  return error instanceof Error && error.message.toLowerCase().includes("fetch failed");
+}
+
+/**
+ * Resolves retry delay using header hints, parsed payload retry info, and backoff fallback.
+ */
+export async function resolveRetryDelayMs(
+  response: Response,
+  attempt: number,
+  quotaDelayMs?: number,
+): Promise<number> {
+  const retryAfterMsHeader = parseRetryAfterMs(response.headers.get("retry-after-ms"));
+  if (retryAfterMsHeader !== null) {
+    return clampDelay(retryAfterMsHeader);
+  }
+
+  const retryAfterHeader = parseRetryAfter(response.headers.get("retry-after"));
+  if (retryAfterHeader !== null) {
+    return clampDelay(retryAfterHeader);
+  }
+
+  if (quotaDelayMs !== undefined) {
+    return clampDelay(quotaDelayMs);
+  }
+
+  const bodyDelay = await parseRetryDelayFromBody(response);
+  if (bodyDelay !== null) {
+    return clampDelay(bodyDelay);
+  }
+
+  return getExponentialDelayWithJitter(attempt);
+}
+
+export function getExponentialDelayWithJitter(attempt: number): number {
+  const base = Math.min(DEFAULT_MAX_DELAY_MS, DEFAULT_INITIAL_DELAY_MS * Math.pow(2, attempt - 1));
+  const jitter = base * 0.3 * (Math.random() * 2 - 1);
+  return clampDelay(base + jitter);
+}
+
+export function wait(ms: number): Promise<void> {
+  return new Promise((resolve) => {
+    setTimeout(resolve, ms);
+  });
+}
+
+function getNetworkErrorCode(error: unknown): string | undefined {
+  const readCode = (value: unknown): string | undefined => {
+    if (!value || typeof value !== "object") {
+      return undefined;
+    }
+    if ("code" in value && typeof (value as { code?: unknown }).code === "string") {
+      return (value as { code: string }).code;
+    }
+    return undefined;
+  };
+
+  const direct = readCode(error);
+  if (direct) {
+    return direct;
+  }
+
+  let cursor: unknown = error;
+  for (let depth = 0; depth < 5; depth += 1) {
+    if (!cursor || typeof cursor !== "object" || !("cause" in cursor)) {
+      break;
+    }
+    cursor = (cursor as { cause?: unknown }).cause;
+    const code = readCode(cursor);
+    if (code) {
+      return code;
+    }
+  }
+  return undefined;
+}
+
+function parseRetryAfterMs(value: string | null): number | null {
+  if (!value) {
+    return null;
+  }
+  const parsed = Number(value.trim());
+  if (!Number.isFinite(parsed) || parsed <= 0) {
+    return null;
+  }
+  return Math.round(parsed);
+}
+
+function parseRetryAfter(value: string | null): number | null {
+  if (!value) {
+    return null;
+  }
+  const trimmed = value.trim();
+  if (!trimmed) {
+    return null;
+  }
+  const seconds = Number(trimmed);
+  if (Number.isFinite(seconds)) {
+    return Math.max(0, Math.round(seconds * 1000));
+  }
+  const parsedDate = Date.parse(trimmed);
+  if (!Number.isNaN(parsedDate)) {
+    return Math.max(0, parsedDate - Date.now());
+  }
+  return null;
+}
+
+function clampDelay(delayMs: number): number {
+  if (!Number.isFinite(delayMs)) {
+    return DEFAULT_MAX_DELAY_MS;
+  }
+  return Math.min(Math.max(0, Math.round(delayMs)), DEFAULT_MAX_DELAY_MS);
+}

package/src/plugin/retry/index.ts

@@ -0,0 +1,81 @@
+import {
+  canRetryRequest,
+  DEFAULT_MAX_ATTEMPTS,
+  getExponentialDelayWithJitter,
+  isRetryableNetworkError,
+  isRetryableStatus,
+  resolveRetryDelayMs,
+  wait,
+} from "./helpers";
+import { classifyQuotaResponse, retryInternals } from "./quota";
+
+/**
+ * Sends requests with retry/backoff semantics aligned to Gemini CLI:
+ * - Retries on 429/5xx and transient network failures
+ * - Honors Retry-After and google.rpc.RetryInfo
+ * - Never rewrites requested model
+ */
+export async function fetchWithRetry(
+  input: RequestInfo,
+  init: RequestInit | undefined,
+): Promise<Response> {
+  if (!canRetryRequest(init)) {
+    return fetch(input, init);
+  }
+
+  const retryInit = cloneRetryableInit(init);
+  let attempt = 1;
+
+  while (attempt <= DEFAULT_MAX_ATTEMPTS) {
+    let response: Response;
+    try {
+      response = await fetch(input, retryInit);
+    } catch (error) {
+      if (attempt >= DEFAULT_MAX_ATTEMPTS || !isRetryableNetworkError(error)) {
+        throw error;
+      }
+      if (retryInit.signal?.aborted) {
+        throw error;
+      }
+
+      await wait(getExponentialDelayWithJitter(attempt));
+      attempt += 1;
+      continue;
+    }
+
+    if (!isRetryableStatus(response.status)) {
+      return response;
+    }
+
+    const quotaContext = response.status === 429 ? await classifyQuotaResponse(response) : null;
+    if (response.status === 429 && quotaContext?.terminal) {
+      return response;
+    }
+
+    if (attempt >= DEFAULT_MAX_ATTEMPTS || retryInit.signal?.aborted) {
+      return response;
+    }
+
+    const delayMs = await resolveRetryDelayMs(response, attempt, quotaContext?.retryDelayMs);
+    if (delayMs <= 0) {
+      return response;
+    }
+
+    await wait(delayMs);
+    attempt += 1;
+  }
+
+  return fetch(input, retryInit);
+}
+
+function cloneRetryableInit(init: RequestInit | undefined): RequestInit {
+  if (!init) {
+    return {};
+  }
+  return {
+    ...init,
+    headers: new Headers(init.headers ?? {}),
+  };
+}
+
+export { retryInternals };

package/src/plugin/retry/quota.ts

@@ -0,0 +1,210 @@
+interface GoogleRpcErrorInfo {
+  "@type"?: string;
+  reason?: string;
+  domain?: string;
+  metadata?: Record<string, string>;
+}
+
+interface GoogleRpcQuotaViolation {
+  quotaId?: string;
+  description?: string;
+}
+
+interface GoogleRpcQuotaFailure {
+  "@type"?: string;
+  violations?: GoogleRpcQuotaViolation[];
+}
+
+interface GoogleRpcRetryInfo {
+  "@type"?: string;
+  retryDelay?: string | { seconds?: number; nanos?: number };
+}
+
+export interface QuotaContext {
+  terminal: boolean;
+  retryDelayMs?: number;
+}
+
+const CLOUDCODE_DOMAINS = new Set([
+  "cloudcode-pa.googleapis.com",
+  "staging-cloudcode-pa.googleapis.com",
+  "autopush-cloudcode-pa.googleapis.com",
+]);
+
+/**
+ * Parses Code Assist 429 payload details to determine terminal vs retryable quota states.
+ *
+ * This mirrors Gemini CLI behavior so we:
+ * - fail fast on hard quota exhaustion (`QUOTA_EXHAUSTED`, daily limits)
+ * - keep retrying on short-window limits (`RATE_LIMIT_EXCEEDED`, per-minute limits)
+ */
+export async function classifyQuotaResponse(response: Response): Promise<QuotaContext | null> {
+  const payload = await parseErrorBody(response);
+  if (!payload) {
+    return null;
+  }
+
+  const details = Array.isArray(payload.details) ? payload.details : [];
+  const retryInfo = details.find(
+    (detail): detail is GoogleRpcRetryInfo =>
+      isObject(detail) &&
+      detail["@type"] === "type.googleapis.com/google.rpc.RetryInfo",
+  );
+  const retryDelayMs =
+    (retryInfo?.retryDelay ? parseRetryDelayValue(retryInfo.retryDelay) : null) ??
+    parseRetryDelayFromMessage(payload.message ?? "") ??
+    undefined;
+
+  const errorInfo = details.find(
+    (detail): detail is GoogleRpcErrorInfo =>
+      isObject(detail) &&
+      detail["@type"] === "type.googleapis.com/google.rpc.ErrorInfo",
+  );
+
+  if (errorInfo?.domain && !CLOUDCODE_DOMAINS.has(errorInfo.domain)) {
+    return null;
+  }
+  if (errorInfo?.reason === "QUOTA_EXHAUSTED") {
+    return { terminal: true, retryDelayMs };
+  }
+  if (errorInfo?.reason === "RATE_LIMIT_EXCEEDED") {
+    return { terminal: false, retryDelayMs: retryDelayMs ?? 10_000 };
+  }
+
+  const quotaFailure = details.find(
+    (detail): detail is GoogleRpcQuotaFailure =>
+      isObject(detail) &&
+      detail["@type"] === "type.googleapis.com/google.rpc.QuotaFailure",
+  );
+  if (quotaFailure?.violations?.length) {
+    const allTexts = quotaFailure.violations
+      .flatMap((violation) => [violation.quotaId ?? "", violation.description ?? ""])
+      .join(" ")
+      .toLowerCase();
+
+    if (allTexts.includes("perday") || allTexts.includes("daily") || allTexts.includes("per day")) {
+      return { terminal: true, retryDelayMs };
+    }
+    if (allTexts.includes("perminute") || allTexts.includes("per minute")) {
+      return { terminal: false, retryDelayMs: retryDelayMs ?? 60_000 };
+    }
+    return { terminal: false, retryDelayMs };
+  }
+
+  const quotaLimit = errorInfo?.metadata?.quota_limit?.toLowerCase() ?? "";
+  if (quotaLimit.includes("perminute") || quotaLimit.includes("per minute")) {
+    return { terminal: false, retryDelayMs: retryDelayMs ?? 60_000 };
+  }
+
+  return { terminal: false, retryDelayMs };
+}
+
+/**
+ * Extracts RetryInfo delay hints directly from error payloads.
+ *
+ * We keep this as a shared utility for retry scheduling so request-level behavior
+ * and quota-classified behavior derive from the same delay parser.
+ */
+export async function parseRetryDelayFromBody(response: Response): Promise<number | null> {
+  const payload = await parseErrorBody(response);
+  if (!payload) {
+    return null;
+  }
+
+  const details = Array.isArray(payload.details) ? payload.details : [];
+  const retryInfo = details.find(
+    (detail): detail is GoogleRpcRetryInfo =>
+      isObject(detail) &&
+      detail["@type"] === "type.googleapis.com/google.rpc.RetryInfo",
+  );
+  if (retryInfo?.retryDelay) {
+    const delayMs = parseRetryDelayValue(retryInfo.retryDelay);
+    if (delayMs !== null) {
+      return delayMs;
+    }
+  }
+
+  if (typeof payload.message === "string") {
+    return parseRetryDelayFromMessage(payload.message);
+  }
+  return null;
+}
+
+function parseRetryDelayValue(value: string | { seconds?: number; nanos?: number }): number | null {
+  if (typeof value === "string") {
+    const trimmed = value.trim();
+    if (!trimmed) {
+      return null;
+    }
+    if (trimmed.endsWith("ms")) {
+      const milliseconds = Number(trimmed.slice(0, -2));
+      return Number.isFinite(milliseconds) && milliseconds > 0 ? Math.round(milliseconds) : null;
+    }
+    const match = trimmed.match(/^([\d.]+)s$/);
+    if (!match?.[1]) {
+      return null;
+    }
+    const seconds = Number(match[1]);
+    return Number.isFinite(seconds) && seconds > 0 ? Math.round(seconds * 1000) : null;
+  }
+
+  const seconds = typeof value.seconds === "number" ? value.seconds : 0;
+  const nanos = typeof value.nanos === "number" ? value.nanos : 0;
+  if (!Number.isFinite(seconds) || !Number.isFinite(nanos)) {
+    return null;
+  }
+  const totalMs = Math.round(seconds * 1000 + nanos / 1e6);
+  return totalMs > 0 ? totalMs : null;
+}
+
+function parseRetryDelayFromMessage(message: string): number | null {
+  const retryMatch = message.match(/Please retry in ([0-9.]+(?:ms|s))/i);
+  if (retryMatch?.[1]) {
+    return parseRetryDelayValue(retryMatch[1]);
+  }
+
+  const afterMatch = message.match(/after\s+([0-9.]+(?:ms|s))/i);
+  if (afterMatch?.[1]) {
+    return parseRetryDelayValue(afterMatch[1]);
+  }
+
+  return null;
+}
+
+async function parseErrorBody(
+  response: Response,
+): Promise<{ message?: string; details?: unknown[] } | null> {
+  let text = "";
+  try {
+    text = await response.clone().text();
+  } catch {
+    return null;
+  }
+  if (!text) {
+    return null;
+  }
+
+  let parsed: unknown;
+  try {
+    parsed = JSON.parse(text);
+  } catch {
+    return null;
+  }
+
+  if (!isObject(parsed) || !isObject(parsed.error)) {
+    return null;
+  }
+  return {
+    message: typeof parsed.error.message === "string" ? parsed.error.message : undefined,
+    details: Array.isArray(parsed.error.details) ? parsed.error.details : undefined,
+  };
+}
+
+function isObject(value: unknown): value is Record<string, any> {
+  return !!value && typeof value === "object";
+}
+
+export const retryInternals = {
+  parseRetryDelayValue,
+  parseRetryDelayFromMessage,
+};

package/src/plugin/retry.test.ts

@@ -0,0 +1,106 @@
+import { afterEach, beforeEach, describe, expect, it, mock } from "bun:test";
+
+import { fetchWithRetry, retryInternals } from "./retry";
+
+const originalSetTimeout = globalThis.setTimeout;
+
+function makeQuota429(reason: "RATE_LIMIT_EXCEEDED" | "QUOTA_EXHAUSTED", retryDelay?: string): Response {
+  const details: Record<string, unknown>[] = [
+    {
+      "@type": "type.googleapis.com/google.rpc.ErrorInfo",
+      reason,
+      domain: "cloudcode-pa.googleapis.com",
+    },
+  ];
+  if (retryDelay) {
+    details.push({
+      "@type": "type.googleapis.com/google.rpc.RetryInfo",
+      retryDelay,
+    });
+  }
+  return new Response(
+    JSON.stringify({
+      error: {
+        message: "rate limited",
+        details,
+      },
+    }),
+    {
+      status: 429,
+      headers: { "content-type": "application/json" },
+    },
+  );
+}
+
+describe("fetchWithRetry", () => {
+  beforeEach(() => {
+    mock.restore();
+    (globalThis as { setTimeout: typeof setTimeout }).setTimeout = ((fn: (...args: any[]) => void) => {
+      fn();
+      return 0 as unknown as ReturnType<typeof setTimeout>;
+    }) as typeof setTimeout;
+  });
+
+  afterEach(() => {
+    (globalThis as { setTimeout: typeof setTimeout }).setTimeout = originalSetTimeout;
+  });
+
+  it("retries transient network errors", async () => {
+    const fetchMock = mock(async () => {
+      if (fetchMock.mock.calls.length === 1) {
+        const err = new Error("socket reset") as Error & { code?: string };
+        err.code = "ECONNRESET";
+        throw err;
+      }
+      return new Response("ok", { status: 200 });
+    });
+    (globalThis as { fetch: typeof fetch }).fetch = fetchMock as unknown as typeof fetch;
+
+    const response = await fetchWithRetry("https://example.com", {
+      method: "POST",
+      body: JSON.stringify({ hello: "world" }),
+    });
+
+    expect(response.status).toBe(200);
+    expect(fetchMock.mock.calls.length).toBe(2);
+  });
+
+  it("retries rate-limit responses with retry hints", async () => {
+    const fetchMock = mock(async () => {
+      if (fetchMock.mock.calls.length === 1) {
+        return makeQuota429("RATE_LIMIT_EXCEEDED", "1500ms");
+      }
+      return new Response("ok", { status: 200 });
+    });
+    (globalThis as { fetch: typeof fetch }).fetch = fetchMock as unknown as typeof fetch;
+
+    const response = await fetchWithRetry("https://example.com", {
+      method: "POST",
+      body: JSON.stringify({ hello: "world" }),
+    });
+
+    expect(response.status).toBe(200);
+    expect(fetchMock.mock.calls.length).toBe(2);
+  });
+
+  it("does not retry terminal quota exhaustion", async () => {
+    const fetchMock = mock(async () => makeQuota429("QUOTA_EXHAUSTED"));
+    (globalThis as { fetch: typeof fetch }).fetch = fetchMock as unknown as typeof fetch;
+
+    const response = await fetchWithRetry("https://example.com", {
+      method: "POST",
+      body: JSON.stringify({ hello: "world" }),
+    });
+
+    expect(response.status).toBe(429);
+    expect(fetchMock.mock.calls.length).toBe(1);
+  });
+});
+
+describe("retryInternals", () => {
+  it("parses retry delays from both ms and s notation", () => {
+    expect(retryInternals.parseRetryDelayValue("1200ms")).toBe(1200);
+    expect(retryInternals.parseRetryDelayValue("1.5s")).toBe(1500);
+    expect(retryInternals.parseRetryDelayFromMessage("Please retry in 2s")).toBe(2000);
+  });
+});

package/src/plugin/token.test.ts

@@ -71,4 +71,35 @@ describe("refreshAccessToken", () => {
       }),
     });
   });
+
+  it("deduplicates concurrent refresh calls for the same refresh token", async () => {
+    const client = createClient();
+    let releaseFetch!: () => void;
+    const gate = new Promise<void>((resolve) => {
+      releaseFetch = resolve;
+    });
+
+    const fetchMock = mock(async () => {
+      await gate;
+      return new Response(
+        JSON.stringify({
+          access_token: "deduped-access",
+          expires_in: 3600,
+        }),
+        { status: 200 },
+      );
+    });
+    (globalThis as { fetch: typeof fetch }).fetch = fetchMock as unknown as typeof fetch;
+
+    const first = refreshAccessToken(baseAuth, client);
+    const second = refreshAccessToken(baseAuth, client);
+    await Promise.resolve();
+
+    expect(fetchMock.mock.calls.length).toBe(1);
+    releaseFetch();
+
+    const [firstResult, secondResult] = await Promise.all([first, second]);
+    expect(firstResult?.access).toBe("deduped-access");
+    expect(secondResult?.access).toBe("deduped-access");
+  });
 });

package/src/plugin/token.ts

@@ -24,6 +24,8 @@ interface OAuthErrorPayload {
   error_description?: string;
 }
 
+const refreshInFlight = new Map<string, Promise<OAuthAuthDetails | undefined>>();
+
 /**
  * Parses OAuth error payloads returned by Google token endpoints, tolerating varied shapes.
  */
@@ -75,6 +77,26 @@ export async function refreshAccessToken(
     return undefined;
   }
 
+  const pending = refreshInFlight.get(parts.refreshToken);
+  if (pending) {
+    return pending;
+  }
+
+  const refreshPromise = refreshAccessTokenInternal(auth, client, parts);
+  refreshInFlight.set(parts.refreshToken, refreshPromise);
+
+  try {
+    return await refreshPromise;
+  } finally {
+    refreshInFlight.delete(parts.refreshToken);
+  }
+}
+
+async function refreshAccessTokenInternal(
+  auth: OAuthAuthDetails,
+  client: PluginClient,
+  parts: RefreshParts,
+): Promise<OAuthAuthDetails | undefined> {
   try {
     if (isGeminiDebugEnabled()) {
       logGeminiDebugMessage("OAuth refresh: POST https://oauth2.googleapis.com/token");
@@ -118,6 +140,7 @@ export async function refreshAccessToken(
         console.warn(
           "[Gemini OAuth] Google revoked the stored refresh token. Run `opencode auth login` and reauthenticate the Google provider.",
         );
+        clearCachedAuth(auth.refresh);
         invalidateProjectContextCache(auth.refresh);
         try {
           const clearedAuth: OAuthAuthDetails = {
@@ -165,6 +188,7 @@ export async function refreshAccessToken(
       refresh: formatRefreshParts(refreshedParts),
     };
 
+    clearCachedAuth(auth.refresh);
     storeCachedAuth(updatedAuth);
     invalidateProjectContextCache(auth.refresh);