opencode-multi-account-core 0.1.2 → 0.2.0

package/README.md

@@ -15,6 +15,7 @@ Shared core logic for multi-account OpenCode plugins. This package contains ~70%
 | ProactiveRefreshQueue | Background token refresh before expiry. Created via `createProactiveRefreshForProvider`. |
 | Config | Plugin configuration loading and validation with valibot. Created via `createConfigLoaderForProvider`. |
 | AuthMigration | One-time import of existing single-account OAuth creds from OpenCode's `auth.json`. |
+| Adapters | Provider-specific OAuth adapter definitions (endpoints, client IDs, plan labels). |
 | UI | Terminal UI primitives (ANSI formatting, confirm dialogs, select menus). |
 | Utils | Config directory resolution, formatting helpers. |
 
@@ -41,10 +42,8 @@ export const AccountManager = createAccountManagerForProvider({
 │          multi-account-core  ← you are here     │
 │  AccountStore . AccountManager . Executor        │
 │  Claims . Storage . RateLimit . ProactiveRefresh │
-│  AuthMigration . Config . Utils . UI             │
-├─────────────────────────────────────────────────┤
-│              oauth-adapters                     │
-│  (endpoints, client IDs, plan labels)           │
+│  AuthMigration . Config . Utils . UI . Adapters  │
+│  (endpoints, client IDs, plan labels)            │
 └─────────────────────────────────────────────────┘
 ```
 

package/dist/account-manager.d.ts

@@ -0,0 +1,47 @@
+import type { AccountStore } from "./account-store";
+import type { ManagedAccount, OAuthCredentials, PluginClient, TokenRefreshResult, UsageLimits } from "./types";
+export interface ProfileData {
+    email?: string;
+    planTier: string;
+}
+export interface RuntimeFactoryLike {
+    invalidate(uuid: string): void;
+}
+export interface AccountManagerDependencies {
+    providerAuthId: string;
+    isTokenExpired: (account: Pick<ManagedAccount, "accessToken" | "expiresAt">) => boolean;
+    refreshToken: (currentRefreshToken: string, accountId: string, client: PluginClient) => Promise<TokenRefreshResult>;
+}
+export interface AccountManagerInstance {
+    initialize(currentAuth: OAuthCredentials, client?: PluginClient): Promise<void>;
+    refresh(): Promise<void>;
+    getAccountCount(): number;
+    getAccounts(): ManagedAccount[];
+    getActiveAccount(): ManagedAccount | null;
+    setClient(client: PluginClient): void;
+    setRuntimeFactory(factory: RuntimeFactoryLike): void;
+    hasAnyUsableAccount(): boolean;
+    isRateLimited(account: ManagedAccount): boolean;
+    clearExpiredRateLimits(): void;
+    getMinWaitTime(): number;
+    selectAccount(): Promise<ManagedAccount | null>;
+    markRateLimited(uuid: string, backoffMs?: number): Promise<void>;
+    markRevoked(uuid: string): Promise<void>;
+    markSuccess(uuid: string): Promise<void>;
+    markAuthFailure(uuid: string, result: TokenRefreshResult): Promise<void>;
+    applyUsageCache(uuid: string, usage: UsageLimits): Promise<void>;
+    applyProfileCache(uuid: string, profile: ProfileData): Promise<void>;
+    ensureValidToken(uuid: string, client: PluginClient): Promise<TokenRefreshResult>;
+    validateNonActiveTokens(client: PluginClient): Promise<void>;
+    removeAccount(index: number): Promise<boolean>;
+    clearAllAccounts(): Promise<void>;
+    addAccount(auth: OAuthCredentials): Promise<void>;
+    toggleEnabled(uuid: string): Promise<void>;
+    replaceAccountCredentials(uuid: string, auth: OAuthCredentials): Promise<void>;
+    retryAuth(uuid: string, client: PluginClient): Promise<TokenRefreshResult>;
+}
+export interface AccountManagerClass {
+    new (store: AccountStore): AccountManagerInstance;
+    create(store: AccountStore, currentAuth: OAuthCredentials, client?: PluginClient): Promise<AccountManagerInstance>;
+}
+export declare function createAccountManagerForProvider(dependencies: AccountManagerDependencies): AccountManagerClass;

package/dist/account-store.d.ts

@@ -0,0 +1,17 @@
+import type { AccountStorage, StoredAccount } from "./types";
+export interface DiskCredentials {
+    refreshToken: string;
+    accessToken?: string;
+    expiresAt?: number;
+    accountId?: string;
+}
+export declare class AccountStore {
+    load(): Promise<AccountStorage>;
+    readCredentials(uuid: string): Promise<DiskCredentials | null>;
+    mutateAccount(uuid: string, fn: (account: StoredAccount) => void): Promise<StoredAccount | null>;
+    mutateStorage(fn: (storage: AccountStorage) => void): Promise<void>;
+    addAccount(account: StoredAccount): Promise<void>;
+    removeAccount(uuid: string): Promise<boolean>;
+    setActiveUuid(uuid: string | undefined): Promise<void>;
+    clear(): Promise<void>;
+}

package/dist/adapters/anthropic.d.ts

@@ -0,0 +1,2 @@
+import type { OAuthAdapter } from "./types";
+export declare const anthropicOAuthAdapter: OAuthAdapter;

package/dist/adapters/index.d.ts

@@ -0,0 +1,3 @@
+export type { OAuthAdapter, OAuthAdapterTransformConfig, OAuthAdapterPlanLabels } from "./types";
+export { anthropicOAuthAdapter } from "./anthropic";
+export { openAIOAuthAdapter } from "./openai";

package/dist/adapters/openai.d.ts

@@ -0,0 +1,2 @@
+import type { OAuthAdapter } from "./types";
+export declare const openAIOAuthAdapter: OAuthAdapter;

package/dist/adapters/types.d.ts

@@ -0,0 +1,28 @@
+export interface OAuthAdapterTransformConfig {
+    rewriteOpenCodeBranding: boolean;
+    addToolPrefix: boolean;
+    stripToolPrefixInResponse: boolean;
+    enableMessagesBetaQuery: boolean;
+}
+export type OAuthAdapterPlanLabels = Record<string, string>;
+export interface OAuthAdapter {
+    id: string;
+    authProviderId: string;
+    modelDisplayName: string;
+    statusToolName: string;
+    authMethodLabel: string;
+    serviceLogName: string;
+    oauthClientId: string;
+    tokenEndpoint: string;
+    usageEndpoint: string;
+    profileEndpoint: string;
+    oauthBetaHeader: string;
+    requestBetaHeader: string;
+    cliUserAgent: string;
+    toolPrefix: string;
+    accountStorageFilename: string;
+    transform: OAuthAdapterTransformConfig;
+    planLabels: OAuthAdapterPlanLabels;
+    supported: boolean;
+    unsupportedReason?: string;
+}

package/dist/auth-migration.d.ts

@@ -0,0 +1,12 @@
+import type { AccountStore } from "./account-store";
+/**
+ * Imports an existing OAuth credential from OpenCode's auth.json
+ * into the multi-account storage on first use.
+ *
+ * Only runs when storage has zero accounts. Does not modify auth.json.
+ *
+ * @param providerKey - The key in auth.json ("anthropic" or "openai")
+ * @param store - The AccountStore instance to import into
+ * @returns true if a credential was imported, false otherwise
+ */
+export declare function migrateFromAuthJson(providerKey: string, store: AccountStore): Promise<boolean>;

package/dist/claims.d.ts

@@ -0,0 +1,8 @@
+export type ClaimsMap = Record<string, {
+    pid: number;
+    at: number;
+}>;
+export declare function readClaims(): Promise<ClaimsMap>;
+export declare function writeClaim(accountId: string): Promise<void>;
+export declare function releaseClaim(accountId: string): Promise<void>;
+export declare function isClaimedByOther(claims: ClaimsMap, accountId: string | undefined): boolean;

package/dist/config.d.ts

@@ -0,0 +1,8 @@
+import type { PluginConfig } from "./types";
+export type CoreConfig = Pick<PluginConfig, "quiet_mode" | "debug">;
+export declare function initCoreConfig(filename: string): void;
+export declare function loadConfig(): Promise<PluginConfig>;
+export declare function getConfig(): PluginConfig;
+export declare function resetConfigCache(): void;
+export declare function setConfigGetter(getter: () => PluginConfig): void;
+export declare function updateConfigField<K extends keyof PluginConfig>(key: K, value: PluginConfig[K]): Promise<void>;

package/dist/constants.d.ts

@@ -0,0 +1,2 @@
+export declare let ACCOUNTS_FILENAME: string;
+export declare function setAccountsFilename(filename: string): void;

package/dist/executor.d.ts

@@ -0,0 +1,27 @@
+import type { ManagedAccount, PluginClient, TokenRefreshResult } from "./types";
+export interface ExecutorAccountManager {
+    getAccountCount(): number;
+    refresh(): Promise<void>;
+    selectAccount(): Promise<ManagedAccount | null>;
+    markSuccess(uuid: string): Promise<void>;
+    markAuthFailure(uuid: string, result: TokenRefreshResult): Promise<void>;
+    markRevoked(uuid: string): Promise<void>;
+    hasAnyUsableAccount(): boolean;
+    getMinWaitTime(): number;
+}
+export interface ExecutorRuntimeFactory {
+    getRuntime(uuid: string): Promise<{
+        fetch: (input: RequestInfo | URL, init?: RequestInit) => Promise<Response>;
+    }>;
+    invalidate(uuid: string): void;
+}
+export interface ExecutorDependencies {
+    handleRateLimitResponse: (manager: unknown, client: PluginClient, account: ManagedAccount, response: Response) => Promise<void>;
+    formatWaitTime: (ms: number) => string;
+    sleep: (ms: number) => Promise<void>;
+    showToast: (client: PluginClient, message: string, variant: "info" | "warning" | "success" | "error") => Promise<void>;
+    getAccountLabel: (account: ManagedAccount) => string;
+}
+export declare function createExecutorForProvider(providerName: string, dependencies: ExecutorDependencies): {
+    executeWithAccountRotation: (manager: ExecutorAccountManager, runtimeFactory: ExecutorRuntimeFactory, client: PluginClient, input: RequestInfo | URL, init?: RequestInit) => Promise<Response>;
+};

package/dist/index.d.ts

@@ -0,0 +1,16 @@
+export * from "./account-manager";
+export * from "./account-store";
+export * from "./claims";
+export * from "./config";
+export * from "./constants";
+export * from "./executor";
+export * from "./proactive-refresh";
+export * from "./rate-limit";
+export * from "./storage";
+export * from "./types";
+export * from "./utils";
+export * from "./auth-migration";
+export * from "./ui/ansi";
+export * from "./ui/confirm";
+export * from "./ui/select";
+export * from "./adapters";

package/dist/index.js

@@ -1752,6 +1752,70 @@ async function confirm(message, defaultYes = false) {
   const result = await select(items, { message });
   return result ?? false;
 }
+
+// src/adapters/anthropic.ts
+var anthropicOAuthAdapter = {
+  id: "anthropic",
+  authProviderId: "anthropic",
+  modelDisplayName: "Claude",
+  statusToolName: "claude_multiauth_status",
+  authMethodLabel: "Claude Pro/Max (Multi-Auth)",
+  serviceLogName: "claude-multiauth",
+  oauthClientId: "9d1c250a-e61b-44d9-88ed-5944d1962f5e",
+  tokenEndpoint: "https://console.anthropic.com/v1/oauth/token",
+  usageEndpoint: "https://api.anthropic.com/api/oauth/usage",
+  profileEndpoint: "https://api.anthropic.com/api/oauth/profile",
+  oauthBetaHeader: "oauth-2025-04-20",
+  requestBetaHeader: "oauth-2025-04-20,interleaved-thinking-2025-05-14",
+  cliUserAgent: "claude-cli/2.1.2 (external, cli)",
+  toolPrefix: "mcp_",
+  accountStorageFilename: "anthropic-multi-account-accounts.json",
+  transform: {
+    rewriteOpenCodeBranding: true,
+    addToolPrefix: true,
+    stripToolPrefixInResponse: true,
+    enableMessagesBetaQuery: true
+  },
+  planLabels: {
+    max: "Claude Max",
+    pro: "Claude Pro",
+    free: "Free"
+  },
+  supported: true
+};
+
+// src/adapters/openai.ts
+var ISSUER = "https://auth.openai.com";
+var openAIOAuthAdapter = {
+  id: "openai",
+  authProviderId: "openai",
+  modelDisplayName: "ChatGPT",
+  statusToolName: "chatgpt_multiauth_status",
+  authMethodLabel: "ChatGPT Plus/Pro (Multi-Auth)",
+  serviceLogName: "chatgpt-multiauth",
+  oauthClientId: "app_EMoamEEZ73f0CkXaXp7hrann",
+  tokenEndpoint: `${ISSUER}/oauth/token`,
+  usageEndpoint: "",
+  profileEndpoint: "",
+  oauthBetaHeader: "",
+  requestBetaHeader: "",
+  cliUserAgent: "opencode/1.1.53",
+  toolPrefix: "mcp_",
+  accountStorageFilename: "openai-multi-account-accounts.json",
+  transform: {
+    rewriteOpenCodeBranding: false,
+    addToolPrefix: false,
+    stripToolPrefixInResponse: false,
+    enableMessagesBetaQuery: false
+  },
+  planLabels: {
+    pro: "ChatGPT Pro",
+    plus: "ChatGPT Plus",
+    go: "ChatGPT Go",
+    free: "Free"
+  },
+  supported: true
+};
 export {
   ACCOUNTS_FILENAME,
   ANSI,
@@ -1764,6 +1828,7 @@ export {
   StoredAccountSchema,
   UsageLimitEntrySchema,
   UsageLimitsSchema,
+  anthropicOAuthAdapter,
   confirm,
   createAccountManagerForProvider,
   createExecutorForProvider,
@@ -1783,6 +1848,7 @@ export {
   loadAccounts,
   loadConfig,
   migrateFromAuthJson,
+  openAIOAuthAdapter,
   parseKey,
   readClaims,
   readStorageFromDisk,

package/dist/proactive-refresh.d.ts

@@ -0,0 +1,16 @@
+import { AccountStore } from "./account-store";
+import type { PluginClient, PluginConfig, StoredAccount, TokenRefreshResult } from "./types";
+export interface ProactiveRefreshDependencies {
+    getConfig: () => PluginConfig;
+    refreshToken: (currentRefreshToken: string, accountId: string, client: PluginClient) => Promise<TokenRefreshResult>;
+    isTokenExpired: (account: Pick<StoredAccount, "accessToken" | "expiresAt">) => boolean;
+    debugLog: (client: PluginClient, message: string, extra?: Record<string, unknown>) => void;
+}
+export interface ProactiveRefreshQueueInstance {
+    start(): void;
+    stop(): Promise<void>;
+}
+export interface ProactiveRefreshQueueClass {
+    new (client: PluginClient, store: AccountStore, onInvalidate?: (uuid: string) => void): ProactiveRefreshQueueInstance;
+}
+export declare function createProactiveRefreshQueueForProvider(dependencies: ProactiveRefreshDependencies): ProactiveRefreshQueueClass;

package/dist/rate-limit.d.ts

@@ -0,0 +1,25 @@
+import type { ManagedAccount, PluginClient, PluginConfig, UsageLimits } from "./types";
+export interface RateLimitDependencies {
+    fetchUsage: (accessToken: string, accountId?: string) => Promise<{
+        ok: true;
+        data: UsageLimits;
+    } | {
+        ok: false;
+        reason: string;
+    }>;
+    getConfig: () => Pick<PluginConfig, "default_retry_after_ms">;
+    formatWaitTime: (ms: number) => string;
+    getAccountLabel: (account: ManagedAccount) => string;
+    showToast: (client: PluginClient, message: string, variant: "info" | "warning" | "success" | "error") => Promise<void>;
+}
+export interface RateLimitAccountManager {
+    markRateLimited(uuid: string, backoffMs?: number): Promise<void>;
+    applyUsageCache(uuid: string, usage: UsageLimits): Promise<void>;
+    getAccountCount(): number;
+}
+export declare function createRateLimitHandlers(dependencies: RateLimitDependencies): {
+    retryAfterMsFromResponse: (response: Response) => number;
+    getResetMsFromUsage: (account: ManagedAccount) => number | null;
+    fetchUsageLimits: (accessToken: string, accountId?: string) => Promise<UsageLimits | null>;
+    handleRateLimitResponse: (manager: RateLimitAccountManager, client: PluginClient, account: ManagedAccount, response: Response) => Promise<void>;
+};

package/dist/storage.d.ts

@@ -0,0 +1,4 @@
+import type { AccountStorage, StoredAccount } from "./types";
+export declare function readStorageFromDisk(targetPath: string, backupOnCorrupt: boolean): Promise<AccountStorage | null>;
+export declare function deduplicateAccounts(accounts: StoredAccount[]): StoredAccount[];
+export declare function loadAccounts(): Promise<AccountStorage | null>;

package/dist/types.d.ts

@@ -0,0 +1,187 @@
+import * as v from "valibot";
+export declare const OAuthCredentialsSchema: v.ObjectSchema<{
+    readonly type: v.LiteralSchema<"oauth", undefined>;
+    readonly refresh: v.StringSchema<undefined>;
+    readonly access: v.StringSchema<undefined>;
+    readonly expires: v.NumberSchema<undefined>;
+}, undefined>;
+export declare const UsageLimitEntrySchema: v.ObjectSchema<{
+    readonly utilization: v.NumberSchema<undefined>;
+    readonly resets_at: v.NullableSchema<v.StringSchema<undefined>, undefined>;
+}, undefined>;
+export declare const UsageLimitsSchema: v.ObjectSchema<{
+    readonly five_hour: v.OptionalSchema<v.NullableSchema<v.ObjectSchema<{
+        readonly utilization: v.NumberSchema<undefined>;
+        readonly resets_at: v.NullableSchema<v.StringSchema<undefined>, undefined>;
+    }, undefined>, undefined>, null>;
+    readonly seven_day: v.OptionalSchema<v.NullableSchema<v.ObjectSchema<{
+        readonly utilization: v.NumberSchema<undefined>;
+        readonly resets_at: v.NullableSchema<v.StringSchema<undefined>, undefined>;
+    }, undefined>, undefined>, null>;
+    readonly seven_day_sonnet: v.OptionalSchema<v.NullableSchema<v.ObjectSchema<{
+        readonly utilization: v.NumberSchema<undefined>;
+        readonly resets_at: v.NullableSchema<v.StringSchema<undefined>, undefined>;
+    }, undefined>, undefined>, null>;
+}, undefined>;
+export declare const CredentialRefreshPatchSchema: v.ObjectSchema<{
+    readonly accessToken: v.StringSchema<undefined>;
+    readonly expiresAt: v.NumberSchema<undefined>;
+    readonly refreshToken: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly uuid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly accountId: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly email: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+}, undefined>;
+export declare const StoredAccountSchema: v.ObjectSchema<{
+    readonly uuid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly accountId: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly label: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly email: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly planTier: v.OptionalSchema<v.StringSchema<undefined>, "">;
+    readonly refreshToken: v.StringSchema<undefined>;
+    readonly accessToken: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly expiresAt: v.OptionalSchema<v.NumberSchema<undefined>, undefined>;
+    readonly addedAt: v.NumberSchema<undefined>;
+    readonly lastUsed: v.NumberSchema<undefined>;
+    readonly enabled: v.OptionalSchema<v.BooleanSchema<undefined>, true>;
+    readonly rateLimitResetAt: v.OptionalSchema<v.NumberSchema<undefined>, undefined>;
+    readonly cachedUsage: v.OptionalSchema<v.ObjectSchema<{
+        readonly five_hour: v.OptionalSchema<v.NullableSchema<v.ObjectSchema<{
+            readonly utilization: v.NumberSchema<undefined>;
+            readonly resets_at: v.NullableSchema<v.StringSchema<undefined>, undefined>;
+        }, undefined>, undefined>, null>;
+        readonly seven_day: v.OptionalSchema<v.NullableSchema<v.ObjectSchema<{
+            readonly utilization: v.NumberSchema<undefined>;
+            readonly resets_at: v.NullableSchema<v.StringSchema<undefined>, undefined>;
+        }, undefined>, undefined>, null>;
+        readonly seven_day_sonnet: v.OptionalSchema<v.NullableSchema<v.ObjectSchema<{
+            readonly utilization: v.NumberSchema<undefined>;
+            readonly resets_at: v.NullableSchema<v.StringSchema<undefined>, undefined>;
+        }, undefined>, undefined>, null>;
+    }, undefined>, undefined>;
+    readonly cachedUsageAt: v.OptionalSchema<v.NumberSchema<undefined>, undefined>;
+    readonly consecutiveAuthFailures: v.OptionalSchema<v.NumberSchema<undefined>, 0>;
+    readonly isAuthDisabled: v.OptionalSchema<v.BooleanSchema<undefined>, false>;
+    readonly authDisabledReason: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+}, undefined>;
+export declare const AccountStorageSchema: v.ObjectSchema<{
+    readonly version: v.LiteralSchema<1, undefined>;
+    readonly accounts: v.OptionalSchema<v.ArraySchema<v.ObjectSchema<{
+        readonly uuid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly accountId: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly label: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly email: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly planTier: v.OptionalSchema<v.StringSchema<undefined>, "">;
+        readonly refreshToken: v.StringSchema<undefined>;
+        readonly accessToken: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly expiresAt: v.OptionalSchema<v.NumberSchema<undefined>, undefined>;
+        readonly addedAt: v.NumberSchema<undefined>;
+        readonly lastUsed: v.NumberSchema<undefined>;
+        readonly enabled: v.OptionalSchema<v.BooleanSchema<undefined>, true>;
+        readonly rateLimitResetAt: v.OptionalSchema<v.NumberSchema<undefined>, undefined>;
+        readonly cachedUsage: v.OptionalSchema<v.ObjectSchema<{
+            readonly five_hour: v.OptionalSchema<v.NullableSchema<v.ObjectSchema<{
+                readonly utilization: v.NumberSchema<undefined>;
+                readonly resets_at: v.NullableSchema<v.StringSchema<undefined>, undefined>;
+            }, undefined>, undefined>, null>;
+            readonly seven_day: v.OptionalSchema<v.NullableSchema<v.ObjectSchema<{
+                readonly utilization: v.NumberSchema<undefined>;
+                readonly resets_at: v.NullableSchema<v.StringSchema<undefined>, undefined>;
+            }, undefined>, undefined>, null>;
+            readonly seven_day_sonnet: v.OptionalSchema<v.NullableSchema<v.ObjectSchema<{
+                readonly utilization: v.NumberSchema<undefined>;
+                readonly resets_at: v.NullableSchema<v.StringSchema<undefined>, undefined>;
+            }, undefined>, undefined>, null>;
+        }, undefined>, undefined>;
+        readonly cachedUsageAt: v.OptionalSchema<v.NumberSchema<undefined>, undefined>;
+        readonly consecutiveAuthFailures: v.OptionalSchema<v.NumberSchema<undefined>, 0>;
+        readonly isAuthDisabled: v.OptionalSchema<v.BooleanSchema<undefined>, false>;
+        readonly authDisabledReason: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    }, undefined>, undefined>, readonly []>;
+    readonly activeAccountUuid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+}, undefined>;
+export declare const AccountSelectionStrategySchema: v.PicklistSchema<["sticky", "round-robin", "hybrid"], undefined>;
+export declare const PluginConfigSchema: v.ObjectSchema<{
+    readonly account_selection_strategy: v.OptionalSchema<v.PicklistSchema<["sticky", "round-robin", "hybrid"], undefined>, "sticky">;
+    readonly cross_process_claims: v.OptionalSchema<v.BooleanSchema<undefined>, true>;
+    readonly soft_quota_threshold_percent: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>, v.MaxValueAction<number, 100, undefined>]>, 100>;
+    readonly rate_limit_min_backoff_ms: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>]>, 30000>;
+    readonly default_retry_after_ms: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>]>, 60000>;
+    readonly max_consecutive_auth_failures: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 1, undefined>]>, 3>;
+    readonly token_failure_backoff_ms: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>]>, 30000>;
+    readonly proactive_refresh: v.OptionalSchema<v.BooleanSchema<undefined>, true>;
+    readonly proactive_refresh_buffer_seconds: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 60, undefined>]>, 1800>;
+    readonly proactive_refresh_interval_seconds: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 30, undefined>]>, 300>;
+    readonly quiet_mode: v.OptionalSchema<v.BooleanSchema<undefined>, false>;
+    readonly debug: v.OptionalSchema<v.BooleanSchema<undefined>, false>;
+}, undefined>;
+export type OAuthCredentials = v.InferOutput<typeof OAuthCredentialsSchema>;
+export type UsageLimitEntry = v.InferOutput<typeof UsageLimitEntrySchema>;
+export type UsageLimits = v.InferOutput<typeof UsageLimitsSchema>;
+export type CredentialRefreshPatch = v.InferOutput<typeof CredentialRefreshPatchSchema>;
+export type StoredAccount = v.InferOutput<typeof StoredAccountSchema>;
+export type AccountStorage = v.InferOutput<typeof AccountStorageSchema>;
+export type AccountSelectionStrategy = v.InferOutput<typeof AccountSelectionStrategySchema>;
+export type PluginConfig = v.InferOutput<typeof PluginConfigSchema>;
+export type TokenRefreshResult = {
+    ok: true;
+    patch: CredentialRefreshPatch;
+} | {
+    ok: false;
+    permanent: boolean;
+    status?: number;
+};
+export interface ManagedAccount {
+    index: number;
+    uuid?: string;
+    accountId?: string;
+    label?: string;
+    email?: string;
+    planTier?: string;
+    refreshToken: string;
+    accessToken?: string;
+    expiresAt?: number;
+    addedAt: number;
+    lastUsed: number;
+    enabled: boolean;
+    rateLimitResetAt?: number;
+    last429At?: number;
+    cachedUsage?: UsageLimits;
+    cachedUsageAt?: number;
+    consecutiveAuthFailures: number;
+    isAuthDisabled: boolean;
+    authDisabledReason?: string;
+}
+export interface PluginClient {
+    auth: {
+        set: (params: {
+            path: {
+                id: string;
+            };
+            body: {
+                type: string;
+                refresh: string;
+                access: string;
+                expires: number;
+            };
+        }) => Promise<void>;
+    };
+    tui: {
+        showToast: (params: {
+            body: {
+                title?: string;
+                message: string;
+                variant: "info" | "warning" | "success" | "error";
+            };
+        }) => Promise<void>;
+    };
+    app: {
+        log: (params: {
+            body: {
+                service: string;
+                level: "debug" | "info" | "warn" | "error";
+                message: string;
+                extra?: Record<string, unknown>;
+            };
+        }) => Promise<void>;
+    };
+}

package/dist/ui/ansi.d.ts

@@ -0,0 +1,17 @@
+export declare const ANSI: {
+    readonly hide: "\u001B[?25l";
+    readonly show: "\u001B[?25h";
+    readonly up: (n?: number) => string;
+    readonly down: (n?: number) => string;
+    readonly clearLine: "\u001B[2K";
+    readonly cyan: "\u001B[36m";
+    readonly green: "\u001B[32m";
+    readonly red: "\u001B[31m";
+    readonly yellow: "\u001B[33m";
+    readonly dim: "\u001B[2m";
+    readonly bold: "\u001B[1m";
+    readonly reset: "\u001B[0m";
+};
+export type KeyAction = "up" | "down" | "enter" | "escape" | "escape-start" | null;
+export declare function parseKey(data: Buffer): KeyAction;
+export declare function isTTY(): boolean;

package/dist/ui/confirm.d.ts

@@ -0,0 +1 @@
+export declare function confirm(message: string, defaultYes?: boolean): Promise<boolean>;

package/dist/ui/select.d.ts

@@ -0,0 +1,13 @@
+export interface MenuItem<T = string> {
+    label: string;
+    value: T;
+    hint?: string;
+    disabled?: boolean;
+    separator?: boolean;
+    color?: "red" | "green" | "yellow" | "cyan";
+}
+export interface SelectOptions {
+    message: string;
+    subtitle?: string;
+}
+export declare function select<T>(items: MenuItem<T>[], options: SelectOptions): Promise<T | null>;

package/dist/utils.d.ts

@@ -0,0 +1,9 @@
+import type { ManagedAccount, PluginClient } from "./types";
+export declare function getConfigDir(): string;
+export declare function getErrorCode(error: unknown): string | undefined;
+export declare function formatWaitTime(ms: number): string;
+export declare function getAccountLabel(account: ManagedAccount): string;
+export declare function sleep(ms: number): Promise<void>;
+export declare function showToast(client: PluginClient, message: string, variant: "info" | "warning" | "success" | "error"): Promise<void>;
+export declare function debugLog(client: PluginClient, message: string, extra?: Record<string, unknown>): void;
+export declare function createMinimalClient(): PluginClient;

package/package.json

@@ -1,19 +1,22 @@
 {
   "name": "opencode-multi-account-core",
-  "version": "0.1.2",
+  "version": "0.2.0",
   "description": "Shared core for multi-account OpenCode plugins",
-  "main": "./src/index.ts",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
   "exports": {
     ".": {
       "source": "./src/index.ts",
+      "types": "./dist/index.d.ts",
       "import": "./dist/index.js",
       "default": "./dist/index.js"
     }
   },
   "scripts": {
-    "build": "esbuild src/index.ts --bundle --outdir=dist --platform=node --format=esm --packages=external",
+    "build": "esbuild src/index.ts --bundle --outdir=dist --platform=node --format=esm --packages=external && tsc -p tsconfig.build.json --emitDeclarationOnly",
     "typecheck": "tsc --noEmit",
-    "test": "vitest run",
+    "test": "for f in tests/*.test.ts; do bun test \"$f\" || exit 1; done",
     "prepack": "bun run build",
     "dev": "bun run build --watch"
   },
@@ -30,7 +33,6 @@
     "directory": "packages/multi-account-core"
   },
   "dependencies": {
-    "opencode-oauth-adapters": "^0.1.2",
     "proper-lockfile": "^4.1.2",
     "valibot": "^1.2.0"
   },