npm - opencode-gemini-oauth - Versions diffs - 1.0.0 → 1.1.1 - Mend

opencode-gemini-oauth 1.0.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +154 -271
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -1,7 +1,7 @@
-// src/oauth.ts
+// src/index.ts
 import { createServer } from "http";
 import { randomBytes, createHash } from "crypto";
-import { URL as URL2, URLSearchParams as URLSearchParams2 } from "url";
+import { URL, URLSearchParams } from "url";
 // src/constants.ts
 var OAUTH_CONFIG = {
@@ -27,64 +27,21 @@ var CODE_ASSIST_HEADERS = {
   "User-Agent": "antigravity/1.11.5",
   "X-Goog-Api-Client": "google-cloud-sdk vscode_cloudshelleditor/0.1"
 };
-var STORAGE_FILE = "gemini-oauth-accounts.json";
 var TOKEN_REFRESH_BUFFER_MS = 60 * 1e3;
-// src/storage.ts
-import { existsSync, readFileSync, writeFileSync, mkdirSync } from "fs";
-import { join } from "path";
-import { homedir } from "os";
-function getStoragePath() {
-  const configDir = process.env.APPDATA || (process.platform === "darwin" ? join(homedir(), "Library", "Application Support") : join(homedir(), ".config"));
-  const opencodeDir = join(configDir, "opencode");
-  if (!existsSync(opencodeDir)) {
-    mkdirSync(opencodeDir, { recursive: true });
-  }
-  return join(opencodeDir, STORAGE_FILE);
-}
-function loadStorage() {
-  const path = getStoragePath();
-  if (!existsSync(path)) {
-    return { version: 1, accounts: [], activeIndex: 0 };
-  }
-  try {
-    const data = JSON.parse(readFileSync(path, "utf-8"));
-    return {
-      version: 1,
-      accounts: data.accounts || [],
-      activeIndex: data.activeIndex || 0
-    };
-  } catch {
-    return { version: 1, accounts: [], activeIndex: 0 };
-  }
-}
-function saveStorage(data) {
-  const path = getStoragePath();
-  writeFileSync(path, JSON.stringify(data, null, 2), "utf-8");
-}
-function getActiveAccount() {
-  const storage = loadStorage();
-  if (storage.accounts.length === 0) {
-    return null;
-  }
-  return storage.accounts[storage.activeIndex] || storage.accounts[0] || null;
-}
-function addOrUpdateAccount(account) {
-  const storage = loadStorage();
-  const existingIndex = storage.accounts.findIndex(
-    (a) => a.email === account.email
-  );
-  if (existingIndex >= 0) {
-    storage.accounts[existingIndex] = account;
-    storage.activeIndex = existingIndex;
-  } else {
-    storage.accounts.push(account);
-    storage.activeIndex = storage.accounts.length - 1;
-  }
-  saveStorage(storage);
-}
-// src/oauth.ts
+// src/index.ts
+var MODEL_ALIASES = {
+  "gemini-3-pro-preview": "gemini-3-pro-high",
+  "gemini-3-flash-preview": "gemini-3-flash",
+  "gemini-2.5-pro": "gemini-2.5-pro-exp-03-25",
+  "gemini-2.5-flash": "gemini-2.5-flash",
+  "gemini-2.5-flash-lite": "gemini-2.5-flash-lite-001",
+  // Claude models via Antigravity
+  "gemini-claude-sonnet-4-5": "claude-sonnet-4-5",
+  "gemini-claude-sonnet-4-5-thinking": "claude-sonnet-4-5-thinking",
+  "gemini-claude-opus-4-5": "claude-opus-4-5",
+  "gemini-claude-opus-4-5-thinking": "claude-opus-4-5-thinking"
+};
 function generatePKCE() {
   const verifier = randomBytes(32).toString("base64url").replace(/[^a-zA-Z0-9]/g, "").substring(0, 43);
   const challenge = createHash("sha256").update(verifier).digest("base64url").replace(/[^a-zA-Z0-9\-_]/g, "");
@@ -94,7 +51,7 @@ function generateState() {
   return randomBytes(16).toString("hex");
 }
 function buildAuthUrl(state, codeChallenge) {
-  const params = new URLSearchParams2({
+  const params = new URLSearchParams({
     client_id: OAUTH_CONFIG.clientId,
     redirect_uri: OAUTH_CONFIG.redirectUri,
     response_type: "code",
@@ -113,7 +70,7 @@ async function exchangeCodeForTokens(code, codeVerifier) {
     headers: {
       "Content-Type": "application/x-www-form-urlencoded"
     },
-    body: new URLSearchParams2({
+    body: new URLSearchParams({
       client_id: OAUTH_CONFIG.clientId,
       client_secret: OAUTH_CONFIG.clientSecret,
       code,
@@ -133,158 +90,7 @@ async function exchangeCodeForTokens(code, codeVerifier) {
     expiresIn: data.expires_in
   };
 }
-async function getUserInfo(accessToken) {
-  const response = await fetch(
-    "https://www.googleapis.com/oauth2/v2/userinfo",
-    {
-      headers: {
-        Authorization: `Bearer ${accessToken}`
-      }
-    }
-  );
-  if (!response.ok) {
-    throw new Error("Failed to get user info");
-  }
-  const data = await response.json();
-  return { email: data.email, name: data.name };
-}
-async function getProjectId(accessToken) {
-  try {
-    const response = await fetch(
-      "https://cloudcode-pa.googleapis.com/v1/userWorkspace",
-      {
-        headers: {
-          Authorization: `Bearer ${accessToken}`,
-          "X-Goog-Api-Client": "google-cloud-sdk vscode_cloudshelleditor/0.1"
-        }
-      }
-    );
-    if (response.ok) {
-      const data = await response.json();
-      return data.managedProjectId;
-    }
-  } catch {
-  }
-  return void 0;
-}
-async function startOAuthFlow() {
-  const { verifier, challenge } = generatePKCE();
-  const state = generateState();
-  const authUrl = buildAuthUrl(state, challenge);
-  return new Promise((resolveSetup, rejectSetup) => {
-    let callbackResolve;
-    let callbackReject;
-    const callbackPromise = new Promise((resolve, reject) => {
-      callbackResolve = resolve;
-      callbackReject = reject;
-    });
-    const server = createServer(async (req, res) => {
-      try {
-        const url = new URL2(req.url || "/", `http://localhost:${OAUTH_CONFIG.port}`);
-        if (url.pathname === "/oauth-callback") {
-          const code = url.searchParams.get("code");
-          const returnedState = url.searchParams.get("state");
-          const error = url.searchParams.get("error");
-          if (error) {
-            res.writeHead(400, { "Content-Type": "text/html" });
-            res.end(`
-              <html>
-                <body style="font-family: system-ui; padding: 40px; text-align: center;">
-                  <h1 style="color: #dc2626;">Authentication Failed</h1>
-                  <p>Error: ${error}</p>
-                  <p>You can close this window.</p>
-                </body>
-              </html>
-            `);
-            callbackReject(new Error(`OAuth error: ${error}`));
-            return;
-          }
-          if (!code || returnedState !== state) {
-            res.writeHead(400, { "Content-Type": "text/html" });
-            res.end(`
-              <html>
-                <body style="font-family: system-ui; padding: 40px; text-align: center;">
-                  <h1 style="color: #dc2626;">Invalid Response</h1>
-                  <p>Missing code or invalid state.</p>
-                  <p>You can close this window.</p>
-                </body>
-              </html>
-            `);
-            callbackReject(new Error("Invalid OAuth response"));
-            return;
-          }
-          const tokens = await exchangeCodeForTokens(code, verifier);
-          const userInfo = await getUserInfo(tokens.accessToken);
-          const projectId = await getProjectId(tokens.accessToken);
-          const account = {
-            email: userInfo.email,
-            refreshToken: tokens.refreshToken,
-            accessToken: tokens.accessToken,
-            expiresAt: Date.now() + tokens.expiresIn * 1e3,
-            projectId,
-            managedProjectId: projectId
-          };
-          addOrUpdateAccount(account);
-          res.writeHead(200, { "Content-Type": "text/html" });
-          res.end(`
-            <html>
-              <body style="font-family: system-ui; padding: 40px; text-align: center;">
-                <h1 style="color: #16a34a;">Authentication Successful!</h1>
-                <p>Logged in as: <strong>${userInfo.email}</strong></p>
-                <p>You can close this window and return to OpenCode.</p>
-                <script>setTimeout(() => window.close(), 2000);</script>
-              </body>
-            </html>
-          `);
-          callbackResolve(account);
-        } else {
-          res.writeHead(404);
-          res.end("Not found");
-        }
-      } catch (err) {
-        res.writeHead(500, { "Content-Type": "text/html" });
-        res.end(`
-          <html>
-            <body style="font-family: system-ui; padding: 40px; text-align: center;">
-              <h1 style="color: #dc2626;">Error</h1>
-              <p>${err instanceof Error ? err.message : "Unknown error"}</p>
-              <p>You can close this window.</p>
-            </body>
-          </html>
-        `);
-        callbackReject(err instanceof Error ? err : new Error("Unknown error"));
-      }
-    });
-    server.listen(OAUTH_CONFIG.port, async () => {
-      try {
-        const open = (await import("open")).default;
-        await open(authUrl);
-      } catch {
-      }
-      resolveSetup({
-        authUrl,
-        server,
-        waitForCallback: () => callbackPromise
-      });
-    });
-    server.on("error", (err) => {
-      rejectSetup(new Error(`Failed to start OAuth server: ${err.message}`));
-    });
-    setTimeout(() => {
-      server.close();
-      callbackReject(new Error("OAuth flow timed out"));
-    }, 5 * 60 * 1e3);
-  });
-}
-// src/token.ts
-function isTokenExpired(account) {
-  if (!account.accessToken || !account.accessTokenExpiry) {
-    return true;
-  }
-  return Date.now() >= account.accessTokenExpiry - TOKEN_REFRESH_BUFFER_MS;
-}
-async function refreshAccessToken(account) {
+async function refreshAccessToken(refreshToken) {
   const response = await fetch(OAUTH_CONFIG.tokenUrl, {
     method: "POST",
     headers: {
@@ -293,7 +99,7 @@ async function refreshAccessToken(account) {
     body: new URLSearchParams({
       client_id: OAUTH_CONFIG.clientId,
       client_secret: OAUTH_CONFIG.clientSecret,
-      refresh_token: account.refreshToken,
+      refresh_token: refreshToken,
       grant_type: "refresh_token"
     }).toString()
   });
@@ -302,43 +108,14 @@ async function refreshAccessToken(account) {
     throw new Error(`Token refresh failed: ${error}`);
   }
   const data = await response.json();
-  const expiresAt = Date.now() + data.expires_in * 1e3;
-  const updatedAccount = {
-    ...account,
-    accessToken: data.access_token,
-    accessTokenExpiry: expiresAt
-  };
-  addOrUpdateAccount(updatedAccount);
   return {
     accessToken: data.access_token,
-    expiresAt
+    expiresIn: data.expires_in
   };
 }
-async function getValidAccessToken() {
-  const account = getActiveAccount();
-  if (!account) {
-    throw new Error("No authenticated account. Please run OAuth login first.");
-  }
-  if (isTokenExpired(account)) {
-    const { accessToken } = await refreshAccessToken(account);
-    return accessToken;
-  }
-  return account.accessToken;
+function isTokenExpired(expires) {
+  return Date.now() >= expires - TOKEN_REFRESH_BUFFER_MS;
 }
-// src/fetch-wrapper.ts
-var MODEL_ALIASES = {
-  "gemini-3-pro-preview": "gemini-3-pro-high",
-  "gemini-3-flash-preview": "gemini-3-flash",
-  "gemini-2.5-pro": "gemini-2.5-pro-exp-03-25",
-  "gemini-2.5-flash": "gemini-2.5-flash",
-  "gemini-2.5-flash-lite": "gemini-2.5-flash-lite-001",
-  // Claude models via Antigravity
-  "gemini-claude-sonnet-4-5": "claude-sonnet-4-5",
-  "gemini-claude-sonnet-4-5-thinking": "claude-sonnet-4-5-thinking",
-  "gemini-claude-opus-4-5": "claude-opus-4-5",
-  "gemini-claude-opus-4-5-thinking": "claude-opus-4-5-thinking"
-};
 function extractAction(url) {
   const match = url.match(/:(\w+)(?:\?|$)/);
   return match ? match[1] : null;
@@ -355,7 +132,7 @@ function transformRequestBody(body) {
     return body;
   }
 }
-function createAntigravityFetch() {
+function createAntigravityFetch(getAuth, client) {
   let currentEndpointIndex = 0;
   const antigravityFetch = async (input, init) => {
     const url = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
@@ -366,13 +143,29 @@ function createAntigravityFetch() {
     if (!action) {
       return fetch(input, init);
     }
-    let accessToken;
-    try {
-      accessToken = await getValidAccessToken();
-    } catch (error) {
-      throw new Error(
-        `Failed to get access token: ${error instanceof Error ? error.message : "Unknown error"}`
-      );
+    const auth = await getAuth();
+    if (!auth || auth.type !== "oauth") {
+      throw new Error("No OAuth authentication. Please run: opencode auth login");
+    }
+    let accessToken = auth.access;
+    if (isTokenExpired(auth.expires)) {
+      try {
+        const refreshed = await refreshAccessToken(auth.refresh);
+        accessToken = refreshed.accessToken;
+        await client.auth.set({
+          path: { id: "google" },
+          body: {
+            type: "oauth",
+            access: refreshed.accessToken,
+            expires: Date.now() + refreshed.expiresIn * 1e3,
+            refresh: auth.refresh
+          }
+        });
+      } catch (error) {
+        throw new Error(
+          `Token refresh failed: ${error instanceof Error ? error.message : "Unknown error"}`
+        );
+      }
     }
     let body = init?.body;
     if (typeof body === "string") {
@@ -413,21 +206,18 @@ function createAntigravityFetch() {
   };
   return antigravityFetch;
 }
-// src/index.ts
-var GeminiOAuthPlugin = async (_input) => {
+var GeminiOAuthPlugin = async (input) => {
+  const { client } = input;
   const authHook = {
     provider: "google",
-    loader: async (_auth, _provider) => {
-      const account = getActiveAccount();
-      if (!account) {
-        return {
-          apiKey: ""
-        };
+    loader: async (getAuth) => {
+      const auth = await getAuth();
+      if (!auth || auth.type !== "oauth") {
+        return {};
       }
       return {
         apiKey: "",
-        fetch: createAntigravityFetch()
+        fetch: createAntigravityFetch(getAuth, client)
       };
     },
     methods: [
@@ -435,20 +225,113 @@ var GeminiOAuthPlugin = async (_input) => {
         type: "oauth",
         label: "OAuth with Google (Gemini Pro)",
         authorize: async () => {
-          const { authUrl, waitForCallback, server } = await startOAuthFlow();
+          const { verifier, challenge } = generatePKCE();
+          const state = generateState();
+          const authUrl = buildAuthUrl(state, challenge);
+          let server;
+          let callbackResolve;
+          let callbackReject;
+          const callbackPromise = new Promise((resolve, reject) => {
+            callbackResolve = resolve;
+            callbackReject = reject;
+          });
+          server = createServer(async (req, res) => {
+            try {
+              const url = new URL(
+                req.url || "/",
+                `http://localhost:${OAUTH_CONFIG.port}`
+              );
+              if (url.pathname === "/oauth-callback") {
+                const code = url.searchParams.get("code");
+                const returnedState = url.searchParams.get("state");
+                const error = url.searchParams.get("error");
+                if (error) {
+                  res.writeHead(400, { "Content-Type": "text/html" });
+                  res.end(`
+                    <html>
+                      <body style="font-family: system-ui; padding: 40px; text-align: center;">
+                        <h1 style="color: #dc2626;">Authentication Failed</h1>
+                        <p>Error: ${error}</p>
+                        <p>You can close this window.</p>
+                      </body>
+                    </html>
+                  `);
+                  callbackReject(new Error(`OAuth error: ${error}`));
+                  return;
+                }
+                if (!code || returnedState !== state) {
+                  res.writeHead(400, { "Content-Type": "text/html" });
+                  res.end(`
+                    <html>
+                      <body style="font-family: system-ui; padding: 40px; text-align: center;">
+                        <h1 style="color: #dc2626;">Invalid Response</h1>
+                        <p>Missing code or invalid state.</p>
+                        <p>You can close this window.</p>
+                      </body>
+                    </html>
+                  `);
+                  callbackReject(new Error("Invalid OAuth response"));
+                  return;
+                }
+                const tokens = await exchangeCodeForTokens(code, verifier);
+                res.writeHead(200, { "Content-Type": "text/html" });
+                res.end(`
+                  <html>
+                    <body style="font-family: system-ui; padding: 40px; text-align: center;">
+                      <h1 style="color: #16a34a;">Authentication Successful!</h1>
+                      <p>You can close this window and return to OpenCode.</p>
+                      <script>setTimeout(() => window.close(), 2000);</script>
+                    </body>
+                  </html>
+                `);
+                callbackResolve({
+                  type: "success",
+                  refresh: tokens.refreshToken,
+                  access: tokens.accessToken,
+                  expires: Date.now() + tokens.expiresIn * 1e3
+                });
+              } else {
+                res.writeHead(404);
+                res.end("Not found");
+              }
+            } catch (err) {
+              res.writeHead(500, { "Content-Type": "text/html" });
+              res.end(`
+                <html>
+                  <body style="font-family: system-ui; padding: 40px; text-align: center;">
+                    <h1 style="color: #dc2626;">Error</h1>
+                    <p>${err instanceof Error ? err.message : "Unknown error"}</p>
+                    <p>You can close this window.</p>
+                  </body>
+                </html>
+              `);
+              callbackReject(
+                err instanceof Error ? err : new Error("Unknown error")
+              );
+            }
+          });
+          await new Promise((resolve, reject) => {
+            server.listen(OAUTH_CONFIG.port, () => resolve());
+            server.on("error", reject);
+          });
+          try {
+            const open = (await import("open")).default;
+            await open(authUrl);
+          } catch {
+          }
+          const timeout = setTimeout(() => {
+            server.close();
+            callbackReject(new Error("OAuth flow timed out"));
+          }, 5 * 60 * 1e3);
           return {
             url: authUrl,
             instructions: "Opening browser for Google authentication. Please sign in with your Google AI Pro account.",
             method: "auto",
             callback: async () => {
               try {
-                const account = await waitForCallback();
-                return {
-                  type: "success",
-                  refresh: account.refreshToken,
-                  access: account.accessToken || "",
-                  expires: account.expiresAt || Date.now() + 3600 * 1e3
-                };
+                const result = await callbackPromise;
+                clearTimeout(timeout);
+                return result;
               } catch (error) {
                 console.error("OAuth failed:", error);
                 return { type: "failed" };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "opencode-gemini-oauth",
-  "version": "1.0.0",
+  "version": "1.1.1",
   "description": "OpenCode plugin for Google Gemini OAuth authentication (Antigravity)",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",