opencode-kilocode-auth 1.0.0

package/src/kilocode/auth.ts

@@ -0,0 +1,281 @@
+import { spawn } from "node:child_process";
+import {
+  KILOCODE_API_BASE_URL,
+  DEFAULT_HEADERS,
+  DEVICE_AUTH_POLL_INTERVAL_MS,
+  DEFAULT_MODEL_ID,
+} from "../constants";
+import type {
+  DeviceAuthInitiateResponse,
+  DeviceAuthPollResponse,
+  KilocodeProfileData,
+  KilocodeTokenExchangeResult,
+  ModelInfo,
+} from "../plugin/types";
+
+/**
+ * Get API URL based on token environment (dev vs prod)
+ */
+export function getApiUrl(path: string, token?: string): string {
+  if (token) {
+    try {
+      const payloadString = token.split(".")[1];
+      if (payloadString) {
+        const payloadJson = Buffer.from(payloadString, "base64").toString();
+        const payload = JSON.parse(payloadJson);
+        if (payload.env === "development") {
+          const customBackend = process.env.KILOCODE_BACKEND_BASE_URL;
+          if (customBackend) {
+            return new URL(path, customBackend).toString();
+          }
+          return `http://localhost:3000${path}`;
+        }
+      }
+    } catch {
+      // Ignore parsing errors
+    }
+  }
+  return `${KILOCODE_API_BASE_URL}${path}`;
+}
+
+/**
+ * Initiate device authorization flow
+ */
+export async function initiateDeviceAuth(): Promise<DeviceAuthInitiateResponse> {
+  const response = await fetch(getApiUrl("/api/device-auth/codes"), {
+    method: "POST",
+    headers: DEFAULT_HEADERS,
+  });
+
+  if (!response.ok) {
+    if (response.status === 429) {
+      throw new Error("Too many pending authorization requests. Please try again later.");
+    }
+    throw new Error(`Failed to initiate device authorization: ${response.status}`);
+  }
+
+  return (await response.json()) as DeviceAuthInitiateResponse;
+}
+
+/**
+ * Poll for device authorization status
+ */
+export async function pollDeviceAuth(code: string): Promise<DeviceAuthPollResponse> {
+  const response = await fetch(getApiUrl(`/api/device-auth/codes/${code}`));
+
+  if (response.status === 202) {
+    return { status: "pending" };
+  }
+
+  if (response.status === 403) {
+    return { status: "denied" };
+  }
+
+  if (response.status === 410) {
+    return { status: "expired" };
+  }
+
+  if (!response.ok) {
+    throw new Error(`Failed to poll device authorization: ${response.status}`);
+  }
+
+  return (await response.json()) as DeviceAuthPollResponse;
+}
+
+/**
+ * Fetch user profile from Kilo Code API
+ */
+export async function getKilocodeProfile(token: string): Promise<KilocodeProfileData> {
+  const response = await fetch(getApiUrl("/api/profile", token), {
+    headers: {
+      ...DEFAULT_HEADERS,
+      Authorization: `Bearer ${token}`,
+    },
+  });
+
+  if (!response.ok) {
+    if (response.status === 401 || response.status === 403) {
+      throw new Error("INVALID_TOKEN");
+    }
+    throw new Error(`Failed to fetch profile: ${response.status}`);
+  }
+
+  return (await response.json()) as KilocodeProfileData;
+}
+
+/**
+ * Fetch default model from Kilo Code API
+ */
+export async function getKilocodeDefaultModel(
+  token: string,
+  organizationId?: string
+): Promise<string> {
+  try {
+    const path = organizationId
+      ? `/api/organizations/${organizationId}/defaults`
+      : `/api/defaults`;
+
+    const response = await fetch(getApiUrl(path, token), {
+      headers: {
+        ...DEFAULT_HEADERS,
+        Authorization: `Bearer ${token}`,
+      },
+    });
+
+    if (!response.ok) {
+      throw new Error(`Failed to fetch default model: ${response.status}`);
+    }
+
+    const data = await response.json();
+    return data.defaultModel || DEFAULT_MODEL_ID;
+  } catch (error) {
+    console.error("Failed to get default model:", error);
+    return DEFAULT_MODEL_ID;
+  }
+}
+
+/**
+ * Fetch available models from Kilo Code API
+ */
+export async function getKilocodeModels(
+  token: string,
+  organizationId?: string
+): Promise<Record<string, ModelInfo>> {
+  try {
+    const baseUrl = getApiUrl("/api/openrouter/models", token);
+    const headers: Record<string, string> = {
+      ...DEFAULT_HEADERS,
+      Authorization: `Bearer ${token}`,
+    };
+
+    if (organizationId) {
+      headers["X-KILOCODE-ORGANIZATIONID"] = organizationId;
+    }
+
+    const response = await fetch(baseUrl, { headers });
+
+    if (!response.ok) {
+      throw new Error(`Failed to fetch models: ${response.status}`);
+    }
+
+    const data = await response.json();
+    const models: Record<string, ModelInfo> = {};
+
+    if (data.data && Array.isArray(data.data)) {
+      for (const model of data.data) {
+        models[model.id] = {
+          id: model.id,
+          name: model.name,
+          displayName: model.name,
+          contextWindow: model.context_length || 128000,
+          maxTokens: model.max_completion_tokens || model.top_provider?.max_completion_tokens,
+          supportsImages: model.architecture?.input_modalities?.includes("image"),
+          inputPrice: model.pricing?.prompt ? parseFloat(model.pricing.prompt) : undefined,
+          outputPrice: model.pricing?.completion ? parseFloat(model.pricing.completion) : undefined,
+          description: model.description,
+          preferredIndex: model.preferredIndex,
+        };
+      }
+    }
+
+    return models;
+  } catch (error) {
+    console.error("Failed to fetch models:", error);
+    return {};
+  }
+}
+
+/**
+ * Open browser URL (cross-platform)
+ */
+export function openBrowserUrl(url: string): boolean {
+  try {
+    const platform = process.platform;
+    const command =
+      platform === "darwin"
+        ? "open"
+        : platform === "win32"
+          ? "rundll32"
+          : "xdg-open";
+    const args =
+      platform === "win32" ? ["url.dll,FileProtocolHandler", url] : [url];
+
+    const child = spawn(command, args, {
+      stdio: "ignore",
+      detached: true,
+    });
+    child.unref?.();
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Execute the full device authorization flow
+ */
+export async function authenticateWithDeviceAuth(): Promise<KilocodeTokenExchangeResult> {
+  try {
+    // Step 1: Initiate device auth
+    const authData = await initiateDeviceAuth();
+    const { code, verificationUrl, expiresIn } = authData;
+
+    console.log(`\nVisit: ${verificationUrl}`);
+    console.log(`Verification code: ${code}`);
+
+    // Open browser
+    openBrowserUrl(verificationUrl);
+
+    // Step 2: Poll for authorization
+    const maxAttempts = Math.ceil((expiresIn * 1000) / DEVICE_AUTH_POLL_INTERVAL_MS);
+    let attempt = 0;
+
+    while (attempt < maxAttempts) {
+      await new Promise((resolve) => setTimeout(resolve, DEVICE_AUTH_POLL_INTERVAL_MS));
+
+      const pollResult = await pollDeviceAuth(code);
+
+      if (pollResult.status === "approved" && pollResult.token) {
+        // Get profile for organizations
+        let organizationId: string | undefined;
+        try {
+          const profile = await getKilocodeProfile(pollResult.token);
+          if (profile.organizations && profile.organizations.length > 0) {
+            // Use first organization by default
+            organizationId = profile.organizations[0].id;
+          }
+        } catch {
+          // Continue without organization
+        }
+
+        // Get default model
+        const model = await getKilocodeDefaultModel(pollResult.token, organizationId);
+
+        return {
+          type: "success",
+          token: pollResult.token,
+          userEmail: pollResult.userEmail,
+          organizationId,
+          model,
+        };
+      }
+
+      if (pollResult.status === "denied") {
+        return { type: "failed", error: "Authorization denied by user" };
+      }
+
+      if (pollResult.status === "expired") {
+        return { type: "failed", error: "Authorization code expired" };
+      }
+
+      attempt++;
+    }
+
+    return { type: "failed", error: "Authorization timed out" };
+  } catch (error) {
+    return {
+      type: "failed",
+      error: error instanceof Error ? error.message : "Unknown error",
+    };
+  }
+}

package/src/kilocode/models.ts

@@ -0,0 +1,242 @@
+/**
+ * Model utilities for Kilo Code
+ *
+ * This module provides utilities for working with Kilo Code models,
+ * including fetching available models, selecting models, and getting model info.
+ */
+
+import { getApiUrl } from "./auth";
+import { DEFAULT_HEADERS, DEFAULT_MODEL_ID } from "../constants";
+import type { ModelInfo } from "../plugin/types";
+
+/**
+ * Giga Potato model details
+ * A stealth model optimized for agentic programming with vision capability
+ */
+export const GIGA_POTATO_MODEL = {
+  id: "giga-potato",
+  name: "Giga Potato (free)",
+  description: "A stealth model deeply optimized for agentic programming, with visual understanding capability. Free for a limited time.",
+  contextWindow: 256000,
+  maxTokens: 32000,
+  supportsImages: true,
+  supportsTools: true,
+  supportsReasoning: true,
+  inputPrice: 0,
+  outputPrice: 0,
+  preferredIndex: 2,
+} as const;
+
+/**
+ * Popular/Featured models available through Kilo Code
+ * These are commonly used models that users might want quick access to
+ */
+export const FEATURED_MODELS = [
+  // FREE Models (Top Priority)
+  "giga-potato", // Stealth model optimized for agentic programming - FREE!
+  "x-ai/grok-code-fast-1", // xAI Grok Code Fast - FREE
+  "mistralai/devstral-2512:free", // Mistral Devstral - FREE
+  "mistralai/devstral-small-2512:free", // Mistral Devstral Small - FREE
+  "corethink:free", // CoreThink - FREE
+
+  // Anthropic Claude models
+  "anthropic/claude-opus-4.5",
+  "anthropic/claude-sonnet-4.5",
+  "anthropic/claude-haiku-4.5",
+  "anthropic/claude-sonnet-4",
+  "anthropic/claude-opus-4",
+  "anthropic/claude-haiku-4",
+  "anthropic/claude-3.7-sonnet",
+  "anthropic/claude-3.7-sonnet:thinking",
+
+  // OpenAI models
+  "openai/gpt-5.2",
+  "openai/gpt-5.2-codex",
+  "openai/gpt-4.1",
+  "openai/gpt-4.1-mini",
+  "openai/gpt-4o",
+  "openai/o1",
+  "openai/o1-mini",
+  "openai/o3-mini",
+
+  // Google Gemini models
+  "google/gemini-3-pro-preview",
+  "google/gemini-3-flash-preview",
+  "google/gemini-2.5-pro",
+  "google/gemini-2.5-flash",
+
+  // DeepSeek models
+  "deepseek/deepseek-r1",
+  "deepseek/deepseek-chat",
+  "deepseek/deepseek-coder",
+
+  // Meta Llama models
+  "meta-llama/llama-3.3-70b-instruct",
+  "meta-llama/llama-3.1-405b-instruct",
+
+  // Mistral models
+  "mistralai/mistral-large-2411",
+  "mistralai/codestral-2508",
+
+  // xAI Grok models
+  "x-ai/grok-3",
+  "x-ai/grok-3-mini",
+] as const;
+
+/**
+ * Model categories for organization
+ */
+export const MODEL_CATEGORIES = {
+  anthropic: ["anthropic/claude-sonnet-4", "anthropic/claude-opus-4", "anthropic/claude-haiku-4"],
+  openai: ["openai/gpt-4.1", "openai/gpt-4o", "openai/o1", "openai/o3-mini"],
+  google: ["google/gemini-2.5-pro", "google/gemini-2.5-flash"],
+  deepseek: ["deepseek/deepseek-r1", "deepseek/deepseek-chat"],
+  meta: ["meta-llama/llama-3.3-70b-instruct"],
+  mistral: ["mistralai/mistral-large-2411", "mistralai/codestral-2508"],
+  xai: ["x-ai/grok-3", "x-ai/grok-3-mini"],
+} as const;
+
+/**
+ * Fetch all available models from Kilo Code API
+ */
+export async function fetchAllModels(
+  token: string,
+  organizationId?: string
+): Promise<ModelInfo[]> {
+  try {
+    const baseUrl = getApiUrl("/api/openrouter/models", token);
+    const headers: Record<string, string> = {
+      ...DEFAULT_HEADERS,
+      Authorization: `Bearer ${token}`,
+    };
+
+    if (organizationId) {
+      headers["X-KILOCODE-ORGANIZATIONID"] = organizationId;
+    }
+
+    const response = await fetch(baseUrl, { headers });
+
+    if (!response.ok) {
+      throw new Error(`Failed to fetch models: ${response.status}`);
+    }
+
+    const data = await response.json();
+    const models: ModelInfo[] = [];
+
+    if (data.data && Array.isArray(data.data)) {
+      for (const model of data.data) {
+        models.push({
+          id: model.id,
+          name: model.name,
+          displayName: model.name,
+          contextWindow: model.context_length || 128000,
+          maxTokens: model.max_completion_tokens || model.top_provider?.max_completion_tokens,
+          supportsImages: model.architecture?.input_modalities?.includes("image"),
+          inputPrice: model.pricing?.prompt ? parseFloat(model.pricing.prompt) : undefined,
+          outputPrice: model.pricing?.completion ? parseFloat(model.pricing.completion) : undefined,
+          description: model.description,
+          preferredIndex: model.preferredIndex,
+        });
+      }
+    }
+
+    // Sort by preferred index if available, otherwise alphabetically
+    models.sort((a, b) => {
+      if (a.preferredIndex !== undefined && b.preferredIndex !== undefined) {
+        return a.preferredIndex - b.preferredIndex;
+      }
+      if (a.preferredIndex !== undefined) return -1;
+      if (b.preferredIndex !== undefined) return 1;
+      return a.id.localeCompare(b.id);
+    });
+
+    return models;
+  } catch (error) {
+    console.error("Failed to fetch models:", error);
+    return [];
+  }
+}
+
+/**
+ * Search models by name or ID
+ */
+export function searchModels(models: ModelInfo[], query: string): ModelInfo[] {
+  const lowerQuery = query.toLowerCase();
+  return models.filter(
+    (model) =>
+      model.id.toLowerCase().includes(lowerQuery) ||
+      model.name.toLowerCase().includes(lowerQuery) ||
+      model.description?.toLowerCase().includes(lowerQuery)
+  );
+}
+
+/**
+ * Get models by category/provider
+ */
+export function getModelsByCategory(
+  models: ModelInfo[],
+  category: keyof typeof MODEL_CATEGORIES
+): ModelInfo[] {
+  const categoryIds = MODEL_CATEGORIES[category];
+  return models.filter((model) =>
+    categoryIds.some((id) => model.id.startsWith(id.split("/")[0]))
+  );
+}
+
+/**
+ * Get featured models from the full model list
+ */
+export function getFeaturedModels(models: ModelInfo[]): ModelInfo[] {
+  const featured: ModelInfo[] = [];
+
+  for (const featuredId of FEATURED_MODELS) {
+    const model = models.find((m) => m.id === featuredId);
+    if (model) {
+      featured.push(model);
+    }
+  }
+
+  return featured;
+}
+
+/**
+ * Format model for display
+ */
+export function formatModelDisplay(model: ModelInfo): string {
+  let display = `${model.displayName || model.name} (${model.id})`;
+
+  if (model.contextWindow) {
+    const contextK = Math.round(model.contextWindow / 1000);
+    display += ` - ${contextK}K context`;
+  }
+
+  if (model.supportsImages) {
+    display += " [Vision]";
+  }
+
+  return display;
+}
+
+/**
+ * Get model info by ID
+ */
+export function getModelById(
+  models: ModelInfo[],
+  modelId: string
+): ModelInfo | undefined {
+  return models.find((m) => m.id === modelId);
+}
+
+/**
+ * Check if a model supports images/vision
+ */
+export function modelSupportsVision(model: ModelInfo): boolean {
+  return model.supportsImages === true;
+}
+
+/**
+ * Get default model ID
+ */
+export function getDefaultModelId(): string {
+  return DEFAULT_MODEL_ID;
+}

package/src/plugin/request.ts

@@ -0,0 +1,165 @@
+import {
+  KILOCODE_API_BASE_URL,
+  DEFAULT_HEADERS,
+  X_KILOCODE_ORGANIZATIONID,
+  X_KILOCODE_EDITORNAME,
+  OPENROUTER_PATH,
+} from "../constants";
+import { getApiUrl } from "../kilocode/auth";
+import type { KilocodeAuthDetails } from "./types";
+
+/**
+ * Check if the request is targeting an OpenAI-compatible API that should be intercepted
+ */
+export function isKilocodeRequest(input: RequestInfo): boolean {
+  const url = toUrlString(input);
+
+  // Intercept requests to common OpenAI-compatible endpoints
+  const interceptPatterns = [
+    "/v1/chat/completions",
+    "/v1/completions",
+    "/v1/models",
+    "/chat/completions",
+    "/completions",
+  ];
+
+  return interceptPatterns.some((pattern) => url.includes(pattern));
+}
+
+/**
+ * Convert RequestInfo to URL string
+ */
+function toUrlString(value: RequestInfo): string {
+  if (typeof value === "string") {
+    return value;
+  }
+  return (value as Request).url || value.toString();
+}
+
+/**
+ * Prepare the Kilo Code API request by rewriting URL and adding auth headers
+ */
+export function prepareKilocodeRequest(
+  input: RequestInfo,
+  init: RequestInit | undefined,
+  auth: KilocodeAuthDetails
+): {
+  request: string;
+  init: RequestInit;
+  streaming: boolean;
+} {
+  const originalUrl = toUrlString(input);
+
+  // Determine the endpoint path
+  let targetPath = OPENROUTER_PATH + "v1/chat/completions";
+
+  if (originalUrl.includes("/v1/models") || originalUrl.includes("/models")) {
+    targetPath = OPENROUTER_PATH + "models";
+  } else if (originalUrl.includes("/completions") && !originalUrl.includes("/chat/")) {
+    targetPath = OPENROUTER_PATH + "v1/completions";
+  }
+
+  // Build the new URL
+  const newUrl = getApiUrl(targetPath, auth.token);
+
+  // Build headers
+  const existingHeaders = init?.headers || {};
+  const headerEntries = existingHeaders instanceof Headers
+    ? Array.from(existingHeaders.entries())
+    : Object.entries(existingHeaders as Record<string, string>);
+
+  const headers: Record<string, string> = {
+    ...DEFAULT_HEADERS,
+    ...Object.fromEntries(headerEntries),
+    Authorization: `Bearer ${auth.token}`,
+    [X_KILOCODE_EDITORNAME]: "opencode",
+  };
+
+  // Add organization header if present
+  if (auth.organizationId) {
+    headers[X_KILOCODE_ORGANIZATIONID] = auth.organizationId;
+  }
+
+  // Process request body to inject model if needed
+  let body = init?.body;
+  let streaming = false;
+
+  if (body && typeof body === "string") {
+    try {
+      const parsed = JSON.parse(body);
+
+      // Override model if specified in auth
+      if (auth.model && !parsed.model) {
+        parsed.model = auth.model;
+      }
+
+      // Check if streaming
+      streaming = parsed.stream === true;
+
+      body = JSON.stringify(parsed);
+    } catch {
+      // Keep original body if not JSON
+    }
+  }
+
+  return {
+    request: newUrl,
+    init: {
+      ...init,
+      headers,
+      body,
+    },
+    streaming,
+  };
+}
+
+/**
+ * Transform Kilo Code response back to standard format
+ */
+export async function transformKilocodeResponse(
+  response: Response,
+  streaming: boolean
+): Promise<Response> {
+  // For non-streaming responses, just pass through
+  if (!streaming) {
+    return response;
+  }
+
+  // For streaming, we might need to normalize the SSE format
+  // Kilo Code uses OpenRouter which is OpenAI-compatible, so mostly pass-through
+  return response;
+}
+
+/**
+ * Fetch with retry logic for rate limiting
+ */
+export async function fetchWithRetry(
+  input: RequestInfo,
+  init: RequestInit | undefined,
+  maxRetries = 2
+): Promise<Response> {
+  const retryableStatuses = new Set([429, 503]);
+  let attempt = 0;
+
+  while (true) {
+    const response = await fetch(input, init);
+
+    if (!retryableStatuses.has(response.status) || attempt >= maxRetries) {
+      return response;
+    }
+
+    // Get retry delay from headers or use exponential backoff
+    const retryAfter = response.headers.get("retry-after");
+    let delayMs = 800 * Math.pow(2, attempt);
+
+    if (retryAfter) {
+      const parsed = parseInt(retryAfter, 10);
+      if (!isNaN(parsed)) {
+        delayMs = parsed * 1000;
+      }
+    }
+
+    await new Promise((resolve) => setTimeout(resolve, Math.min(delayMs, 8000)));
+    attempt++;
+  }
+}