opencode-openai-account-switcher 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (56) hide show
  1. package/LICENSE +151 -0
  2. package/README.md +43 -0
  3. package/dist/auth-store.d.ts +13 -0
  4. package/dist/auth-store.js +43 -0
  5. package/dist/codex-auth-source.d.ts +16 -0
  6. package/dist/codex-auth-source.js +63 -0
  7. package/dist/codex-invalid-account.d.ts +32 -0
  8. package/dist/codex-invalid-account.js +106 -0
  9. package/dist/codex-network-retry.d.ts +2 -0
  10. package/dist/codex-network-retry.js +9 -0
  11. package/dist/codex-status-command.d.ts +56 -0
  12. package/dist/codex-status-command.js +341 -0
  13. package/dist/codex-status-fetcher.d.ts +71 -0
  14. package/dist/codex-status-fetcher.js +300 -0
  15. package/dist/codex-store.d.ts +49 -0
  16. package/dist/codex-store.js +267 -0
  17. package/dist/common-settings-actions.d.ts +15 -0
  18. package/dist/common-settings-actions.js +22 -0
  19. package/dist/common-settings-store.d.ts +17 -0
  20. package/dist/common-settings-store.js +72 -0
  21. package/dist/index.d.ts +1 -0
  22. package/dist/index.js +1 -0
  23. package/dist/menu-runtime.d.ts +81 -0
  24. package/dist/menu-runtime.js +141 -0
  25. package/dist/network-retry-engine.d.ts +33 -0
  26. package/dist/network-retry-engine.js +62 -0
  27. package/dist/plugin-hooks.d.ts +49 -0
  28. package/dist/plugin-hooks.js +123 -0
  29. package/dist/plugin.d.ts +2 -0
  30. package/dist/plugin.js +127 -0
  31. package/dist/providers/codex-menu-adapter.d.ts +58 -0
  32. package/dist/providers/codex-menu-adapter.js +429 -0
  33. package/dist/providers/descriptor.d.ts +24 -0
  34. package/dist/providers/descriptor.js +16 -0
  35. package/dist/providers/registry.d.ts +15 -0
  36. package/dist/providers/registry.js +49 -0
  37. package/dist/retry/codex-policy.d.ts +5 -0
  38. package/dist/retry/codex-policy.js +75 -0
  39. package/dist/retry/common-policy.d.ts +37 -0
  40. package/dist/retry/common-policy.js +68 -0
  41. package/dist/store-paths.d.ts +4 -0
  42. package/dist/store-paths.js +22 -0
  43. package/dist/ui/ansi.d.ts +18 -0
  44. package/dist/ui/ansi.js +32 -0
  45. package/dist/ui/confirm.d.ts +1 -0
  46. package/dist/ui/confirm.js +14 -0
  47. package/dist/ui/menu.d.ts +168 -0
  48. package/dist/ui/menu.js +305 -0
  49. package/dist/ui/select.d.ts +36 -0
  50. package/dist/ui/select.js +350 -0
  51. package/dist/upstream/codex-loader-adapter.d.ts +99 -0
  52. package/dist/upstream/codex-loader-adapter.js +80 -0
  53. package/dist/upstream/codex-plugin.snapshot.d.ts +32 -0
  54. package/dist/upstream/codex-plugin.snapshot.js +638 -0
  55. package/package.json +40 -0
  56. package/scripts/sync-codex-upstream.mjs +348 -0
package/dist/upstream/codex-plugin.snapshot.js ADDED
@@ -0,0 +1,638 @@
1
+ // @ts-nocheck
2
+ import { AsyncLocalStorage } from "node:async_hooks";
3
+ import { createServer } from "node:http";
4
+ import os from "node:os";
5
+ const officialCodexExportBridgeStorage = new AsyncLocalStorage();
6
+ const officialCodexExportBridge = {
7
+ version: "snapshot",
8
+ fetchImpl(request, init) {
9
+ return globalThis.fetch(request, init);
10
+ },
11
+ async run(options = {}, fn) {
12
+ return officialCodexExportBridgeStorage.run({
13
+ fetchImpl: options.fetchImpl ?? this.fetchImpl,
14
+ version: options.version ?? this.version,
15
+ }, fn);
16
+ },
17
+ };
18
+ const Installation = {
19
+ get VERSION() {
20
+ return officialCodexExportBridgeStorage.getStore()?.version ?? officialCodexExportBridge.version;
21
+ },
22
+ set VERSION(value) {
23
+ officialCodexExportBridge.version = value;
24
+ },
25
+ };
26
+ const OAUTH_DUMMY_KEY = "official-codex-oauth";
27
+ function fetch(request, init) {
28
+ return (officialCodexExportBridgeStorage.getStore()?.fetchImpl ?? officialCodexExportBridge.fetchImpl)(request, init);
29
+ }
30
+ function sleep(ms) {
31
+ return Bun.sleep(ms);
32
+ }
33
+ const Bun = {
34
+ serve(options) {
35
+ let closed = false;
36
+ let listening = false;
37
+ let closePromise;
38
+ let resolveReady;
39
+ let rejectReady;
40
+ const ready = new Promise((resolve, reject) => {
41
+ resolveReady = resolve;
42
+ rejectReady = reject;
43
+ });
44
+ const server = createServer((req, res) => {
45
+ const chunks = [];
46
+ req.on("data", (chunk) => {
47
+ chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk));
48
+ });
49
+ req.on("error", (error) => {
50
+ res.statusCode = 500;
51
+ res.end(String(error));
52
+ });
53
+ req.on("end", () => {
54
+ const body = chunks.length > 0 ? Buffer.concat(chunks) : undefined;
55
+ const request = new Request("http://127.0.0.1:" + options.port + (req.url ?? "/"), {
56
+ method: req.method,
57
+ headers: req.headers,
58
+ body,
59
+ duplex: "half",
60
+ });
61
+ Promise.resolve(options.fetch(request))
62
+ .then(async (response) => {
63
+ res.statusCode = response.status;
64
+ response.headers.forEach((value, key) => {
65
+ res.setHeader(key, value);
66
+ });
67
+ const payload = Buffer.from(await response.arrayBuffer());
68
+ res.end(payload);
69
+ })
70
+ .catch((error) => {
71
+ res.statusCode = 500;
72
+ res.end(String(error));
73
+ });
74
+ });
75
+ });
76
+ server.once("listening", () => {
77
+ listening = true;
78
+ resolveReady?.();
79
+ resolveReady = undefined;
80
+ rejectReady = undefined;
81
+ });
82
+ server.once("error", (error) => {
83
+ if (!listening) {
84
+ rejectReady?.(error);
85
+ resolveReady = undefined;
86
+ rejectReady = undefined;
87
+ }
88
+ });
89
+ server.listen(options.port);
90
+ return {
91
+ ready,
92
+ stop() {
93
+ if (closePromise)
94
+ return closePromise;
95
+ closePromise = new Promise((resolve, reject) => {
96
+ if (closed) {
97
+ resolve();
98
+ return;
99
+ }
100
+ server.close((error) => {
101
+ if (error) {
102
+ reject(error);
103
+ return;
104
+ }
105
+ closed = true;
106
+ resolve();
107
+ });
108
+ });
109
+ return closePromise;
110
+ },
111
+ };
112
+ },
113
+ sleep(ms) {
114
+ return new Promise((resolve) => setTimeout(resolve, ms));
115
+ },
116
+ };
117
+ const Log = {
118
+ create() {
119
+ return {
120
+ info() { },
121
+ warn() { },
122
+ error() { },
123
+ };
124
+ },
125
+ };
126
+ /* LOCAL_SHIMS_END */
127
+ const log = Log.create({ service: "plugin.codex" });
128
+ const CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann";
129
+ const ISSUER = "https://auth.openai.com";
130
+ const CODEX_API_ENDPOINT = "https://chatgpt.com/backend-api/codex/responses";
131
+ const OAUTH_PORT = 1455;
132
+ const OAUTH_POLLING_SAFETY_MARGIN_MS = 3000;
133
+ async function generatePKCE() {
134
+ const verifier = generateRandomString(43);
135
+ const encoder = new TextEncoder();
136
+ const data = encoder.encode(verifier);
137
+ const hash = await crypto.subtle.digest("SHA-256", data);
138
+ const challenge = base64UrlEncode(hash);
139
+ return { verifier, challenge };
140
+ }
141
+ function generateRandomString(length) {
142
+ const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
143
+ const bytes = crypto.getRandomValues(new Uint8Array(length));
144
+ return Array.from(bytes)
145
+ .map((b) => chars[b % chars.length])
146
+ .join("");
147
+ }
148
+ function base64UrlEncode(buffer) {
149
+ const bytes = new Uint8Array(buffer);
150
+ const binary = String.fromCharCode(...bytes);
151
+ return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
152
+ }
153
+ function generateState() {
154
+ return base64UrlEncode(crypto.getRandomValues(new Uint8Array(32)).buffer);
155
+ }
156
+ export function parseJwtClaims(token) {
157
+ const parts = token.split(".");
158
+ if (parts.length !== 3)
159
+ return undefined;
160
+ try {
161
+ return JSON.parse(Buffer.from(parts[1], "base64url").toString());
162
+ }
163
+ catch {
164
+ return undefined;
165
+ }
166
+ }
167
+ export function extractAccountIdFromClaims(claims) {
168
+ return (claims.chatgpt_account_id ||
169
+ claims["https://api.openai.com/auth"]?.chatgpt_account_id ||
170
+ claims.organizations?.[0]?.id);
171
+ }
172
+ export function extractAccountId(tokens) {
173
+ if (tokens.id_token) {
174
+ const claims = parseJwtClaims(tokens.id_token);
175
+ const accountId = claims && extractAccountIdFromClaims(claims);
176
+ if (accountId)
177
+ return accountId;
178
+ }
179
+ if (tokens.access_token) {
180
+ const claims = parseJwtClaims(tokens.access_token);
181
+ return claims ? extractAccountIdFromClaims(claims) : undefined;
182
+ }
183
+ return undefined;
184
+ }
185
+ function buildAuthorizeUrl(redirectUri, pkce, state) {
186
+ const params = new URLSearchParams({
187
+ response_type: "code",
188
+ client_id: CLIENT_ID,
189
+ redirect_uri: redirectUri,
190
+ scope: "openid profile email offline_access",
191
+ code_challenge: pkce.challenge,
192
+ code_challenge_method: "S256",
193
+ id_token_add_organizations: "true",
194
+ codex_cli_simplified_flow: "true",
195
+ state,
196
+ originator: "opencode",
197
+ });
198
+ return `${ISSUER}/oauth/authorize?${params.toString()}`;
199
+ }
200
+ async function exchangeCodeForTokens(code, redirectUri, pkce) {
201
+ const response = await fetch(`${ISSUER}/oauth/token`, {
202
+ method: "POST",
203
+ headers: { "Content-Type": "application/x-www-form-urlencoded" },
204
+ body: new URLSearchParams({
205
+ grant_type: "authorization_code",
206
+ code,
207
+ redirect_uri: redirectUri,
208
+ client_id: CLIENT_ID,
209
+ code_verifier: pkce.verifier,
210
+ }).toString(),
211
+ });
212
+ if (!response.ok) {
213
+ throw new Error(`Token exchange failed: ${response.status}`);
214
+ }
215
+ return response.json();
216
+ }
217
+ async function refreshAccessToken(refreshToken) {
218
+ const response = await fetch(`${ISSUER}/oauth/token`, {
219
+ method: "POST",
220
+ headers: { "Content-Type": "application/x-www-form-urlencoded" },
221
+ body: new URLSearchParams({
222
+ grant_type: "refresh_token",
223
+ refresh_token: refreshToken,
224
+ client_id: CLIENT_ID,
225
+ }).toString(),
226
+ });
227
+ if (!response.ok) {
228
+ throw new Error(`Token refresh failed: ${response.status}`);
229
+ }
230
+ return response.json();
231
+ }
232
+ const HTML_SUCCESS = `<!doctype html>
233
+ <html>
234
+ <head>
235
+ <title>OpenCode - Codex Authorization Successful</title>
236
+ <style>
237
+ body {
238
+ font-family:
239
+ system-ui,
240
+ -apple-system,
241
+ sans-serif;
242
+ display: flex;
243
+ justify-content: center;
244
+ align-items: center;
245
+ height: 100vh;
246
+ margin: 0;
247
+ background: #131010;
248
+ color: #f1ecec;
249
+ }
250
+ .container {
251
+ text-align: center;
252
+ padding: 2rem;
253
+ }
254
+ h1 {
255
+ color: #f1ecec;
256
+ margin-bottom: 1rem;
257
+ }
258
+ p {
259
+ color: #b7b1b1;
260
+ }
261
+ </style>
262
+ </head>
263
+ <body>
264
+ <div class="container">
265
+ <h1>Authorization Successful</h1>
266
+ <p>You can close this window and return to OpenCode.</p>
267
+ </div>
268
+ <script>
269
+ setTimeout(() => window.close(), 2000)
270
+ </script>
271
+ </body>
272
+ </html>`;
273
+ const HTML_ERROR = (error) => `<!doctype html>
274
+ <html>
275
+ <head>
276
+ <title>OpenCode - Codex Authorization Failed</title>
277
+ <style>
278
+ body {
279
+ font-family:
280
+ system-ui,
281
+ -apple-system,
282
+ sans-serif;
283
+ display: flex;
284
+ justify-content: center;
285
+ align-items: center;
286
+ height: 100vh;
287
+ margin: 0;
288
+ background: #131010;
289
+ color: #f1ecec;
290
+ }
291
+ .container {
292
+ text-align: center;
293
+ padding: 2rem;
294
+ }
295
+ h1 {
296
+ color: #fc533a;
297
+ margin-bottom: 1rem;
298
+ }
299
+ p {
300
+ color: #b7b1b1;
301
+ }
302
+ .error {
303
+ color: #ff917b;
304
+ font-family: monospace;
305
+ margin-top: 1rem;
306
+ padding: 1rem;
307
+ background: #3c140d;
308
+ border-radius: 0.5rem;
309
+ }
310
+ </style>
311
+ </head>
312
+ <body>
313
+ <div class="container">
314
+ <h1>Authorization Failed</h1>
315
+ <p>An error occurred during authorization.</p>
316
+ <div class="error">${error}</div>
317
+ </div>
318
+ </body>
319
+ </html>`;
320
+ let oauthServer;
321
+ let pendingOAuth;
322
+ async function startOAuthServer() {
323
+ if (oauthServer) {
324
+ return { port: OAUTH_PORT, redirectUri: `http://localhost:${OAUTH_PORT}/auth/callback` };
325
+ }
326
+ oauthServer = Bun.serve({
327
+ port: OAUTH_PORT,
328
+ fetch(req) {
329
+ const url = new URL(req.url);
330
+ if (url.pathname === "/auth/callback") {
331
+ const code = url.searchParams.get("code");
332
+ const state = url.searchParams.get("state");
333
+ const error = url.searchParams.get("error");
334
+ const errorDescription = url.searchParams.get("error_description");
335
+ if (error) {
336
+ const errorMsg = errorDescription || error;
337
+ pendingOAuth?.reject(new Error(errorMsg));
338
+ pendingOAuth = undefined;
339
+ return new Response(HTML_ERROR(errorMsg), {
340
+ headers: { "Content-Type": "text/html" },
341
+ });
342
+ }
343
+ if (!code) {
344
+ const errorMsg = "Missing authorization code";
345
+ pendingOAuth?.reject(new Error(errorMsg));
346
+ pendingOAuth = undefined;
347
+ return new Response(HTML_ERROR(errorMsg), {
348
+ status: 400,
349
+ headers: { "Content-Type": "text/html" },
350
+ });
351
+ }
352
+ if (!pendingOAuth || state !== pendingOAuth.state) {
353
+ const errorMsg = "Invalid state - potential CSRF attack";
354
+ pendingOAuth?.reject(new Error(errorMsg));
355
+ pendingOAuth = undefined;
356
+ return new Response(HTML_ERROR(errorMsg), {
357
+ status: 400,
358
+ headers: { "Content-Type": "text/html" },
359
+ });
360
+ }
361
+ const current = pendingOAuth;
362
+ pendingOAuth = undefined;
363
+ exchangeCodeForTokens(code, `http://localhost:${OAUTH_PORT}/auth/callback`, current.pkce)
364
+ .then((tokens) => current.resolve(tokens))
365
+ .catch((err) => current.reject(err));
366
+ return new Response(HTML_SUCCESS, {
367
+ headers: { "Content-Type": "text/html" },
368
+ });
369
+ }
370
+ if (url.pathname === "/cancel") {
371
+ pendingOAuth?.reject(new Error("Login cancelled"));
372
+ pendingOAuth = undefined;
373
+ return new Response("Login cancelled", { status: 200 });
374
+ }
375
+ return new Response("Not found", { status: 404 });
376
+ },
377
+ });
378
+ log.info("codex oauth server started", { port: OAUTH_PORT });
379
+ return { port: OAUTH_PORT, redirectUri: `http://localhost:${OAUTH_PORT}/auth/callback` };
380
+ }
381
+ function stopOAuthServer() {
382
+ if (oauthServer) {
383
+ oauthServer.stop();
384
+ oauthServer = undefined;
385
+ log.info("codex oauth server stopped");
386
+ }
387
+ }
388
+ function waitForOAuthCallback(pkce, state) {
389
+ return new Promise((resolve, reject) => {
390
+ const timeout = setTimeout(() => {
391
+ if (pendingOAuth) {
392
+ pendingOAuth = undefined;
393
+ reject(new Error("OAuth callback timeout - authorization took too long"));
394
+ }
395
+ }, 5 * 60 * 1000); // 5 minute timeout
396
+ pendingOAuth = {
397
+ pkce,
398
+ state,
399
+ resolve: (tokens) => {
400
+ clearTimeout(timeout);
401
+ resolve(tokens);
402
+ },
403
+ reject: (error) => {
404
+ clearTimeout(timeout);
405
+ reject(error);
406
+ },
407
+ };
408
+ });
409
+ }
410
+ export async function CodexAuthPlugin(input) {
411
+ return {
412
+ auth: {
413
+ provider: "openai",
414
+ async loader(getAuth, provider) {
415
+ const auth = await getAuth();
416
+ if (auth.type !== "oauth")
417
+ return {};
418
+ // Filter models to only allowed Codex models for OAuth
419
+ const allowedModels = new Set([
420
+ "gpt-5.1-codex",
421
+ "gpt-5.1-codex-max",
422
+ "gpt-5.1-codex-mini",
423
+ "gpt-5.2",
424
+ "gpt-5.2-codex",
425
+ "gpt-5.3-codex",
426
+ "gpt-5.4",
427
+ "gpt-5.4-mini",
428
+ ]);
429
+ for (const modelId of Object.keys(provider.models)) {
430
+ if (modelId.includes("codex"))
431
+ continue;
432
+ if (allowedModels.has(modelId))
433
+ continue;
434
+ delete provider.models[modelId];
435
+ }
436
+ // Zero out costs for Codex (included with ChatGPT subscription)
437
+ for (const model of Object.values(provider.models)) {
438
+ model.cost = {
439
+ input: 0,
440
+ output: 0,
441
+ cache: { read: 0, write: 0 },
442
+ };
443
+ }
444
+ return {
445
+ apiKey: OAUTH_DUMMY_KEY,
446
+ async fetch(requestInput, init) {
447
+ // Remove dummy API key authorization header
448
+ if (init?.headers) {
449
+ if (init.headers instanceof Headers) {
450
+ init.headers.delete("authorization");
451
+ init.headers.delete("Authorization");
452
+ }
453
+ else if (Array.isArray(init.headers)) {
454
+ init.headers = init.headers.filter(([key]) => key.toLowerCase() !== "authorization");
455
+ }
456
+ else {
457
+ delete init.headers["authorization"];
458
+ delete init.headers["Authorization"];
459
+ }
460
+ }
461
+ const currentAuth = await getAuth();
462
+ if (currentAuth.type !== "oauth")
463
+ return fetch(requestInput, init);
464
+ // Cast to include accountId field
465
+ const authWithAccount = currentAuth;
466
+ // Check if token needs refresh
467
+ if (!currentAuth.access || currentAuth.expires < Date.now()) {
468
+ log.info("refreshing codex access token");
469
+ const tokens = await refreshAccessToken(currentAuth.refresh);
470
+ const newAccountId = extractAccountId(tokens) || authWithAccount.accountId;
471
+ await input.client.auth.set({
472
+ path: { id: "openai" },
473
+ body: {
474
+ type: "oauth",
475
+ refresh: tokens.refresh_token,
476
+ access: tokens.access_token,
477
+ expires: Date.now() + (tokens.expires_in ?? 3600) * 1000,
478
+ ...(newAccountId && { accountId: newAccountId }),
479
+ },
480
+ });
481
+ currentAuth.access = tokens.access_token;
482
+ authWithAccount.accountId = newAccountId;
483
+ }
484
+ // Build headers
485
+ const headers = new Headers();
486
+ if (init?.headers) {
487
+ if (init.headers instanceof Headers) {
488
+ init.headers.forEach((value, key) => {
489
+ headers.set(key, value);
490
+ });
491
+ }
492
+ else if (Array.isArray(init.headers)) {
493
+ for (const [key, value] of init.headers) {
494
+ if (value !== undefined)
495
+ headers.set(key, String(value));
496
+ }
497
+ }
498
+ else {
499
+ for (const [key, value] of Object.entries(init.headers)) {
500
+ if (value !== undefined)
501
+ headers.set(key, String(value));
502
+ }
503
+ }
504
+ }
505
+ // Set authorization header with access token
506
+ headers.set("authorization", `Bearer ${currentAuth.access}`);
507
+ // Set ChatGPT-Account-Id header for organization subscriptions
508
+ if (authWithAccount.accountId) {
509
+ headers.set("ChatGPT-Account-Id", authWithAccount.accountId);
510
+ }
511
+ // Rewrite URL to Codex endpoint
512
+ const parsed = requestInput instanceof URL
513
+ ? requestInput
514
+ : new URL(typeof requestInput === "string" ? requestInput : requestInput.url);
515
+ const url = parsed.pathname.includes("/v1/responses") || parsed.pathname.includes("/chat/completions")
516
+ ? new URL(CODEX_API_ENDPOINT)
517
+ : parsed;
518
+ return fetch(url, {
519
+ ...init,
520
+ headers,
521
+ });
522
+ },
523
+ };
524
+ },
525
+ methods: [
526
+ {
527
+ label: "ChatGPT Pro/Plus (browser)",
528
+ type: "oauth",
529
+ authorize: async () => {
530
+ const { redirectUri } = await startOAuthServer();
531
+ const pkce = await generatePKCE();
532
+ const state = generateState();
533
+ const authUrl = buildAuthorizeUrl(redirectUri, pkce, state);
534
+ const callbackPromise = waitForOAuthCallback(pkce, state);
535
+ return {
536
+ url: authUrl,
537
+ instructions: "Complete authorization in your browser. This window will close automatically.",
538
+ method: "auto",
539
+ callback: async () => {
540
+ const tokens = await callbackPromise;
541
+ stopOAuthServer();
542
+ const accountId = extractAccountId(tokens);
543
+ return {
544
+ type: "success",
545
+ refresh: tokens.refresh_token,
546
+ access: tokens.access_token,
547
+ expires: Date.now() + (tokens.expires_in ?? 3600) * 1000,
548
+ accountId,
549
+ };
550
+ },
551
+ };
552
+ },
553
+ },
554
+ {
555
+ label: "ChatGPT Pro/Plus (headless)",
556
+ type: "oauth",
557
+ authorize: async () => {
558
+ const deviceResponse = await fetch(`${ISSUER}/api/accounts/deviceauth/usercode`, {
559
+ method: "POST",
560
+ headers: {
561
+ "Content-Type": "application/json",
562
+ "User-Agent": `opencode/${Installation.VERSION}`,
563
+ },
564
+ body: JSON.stringify({ client_id: CLIENT_ID }),
565
+ });
566
+ if (!deviceResponse.ok)
567
+ throw new Error("Failed to initiate device authorization");
568
+ const deviceData = (await deviceResponse.json());
569
+ const interval = Math.max(parseInt(deviceData.interval) || 5, 1) * 1000;
570
+ return {
571
+ url: `${ISSUER}/codex/device`,
572
+ instructions: `Enter code: ${deviceData.user_code}`,
573
+ method: "auto",
574
+ async callback() {
575
+ while (true) {
576
+ const response = await fetch(`${ISSUER}/api/accounts/deviceauth/token`, {
577
+ method: "POST",
578
+ headers: {
579
+ "Content-Type": "application/json",
580
+ "User-Agent": `opencode/${Installation.VERSION}`,
581
+ },
582
+ body: JSON.stringify({
583
+ device_auth_id: deviceData.device_auth_id,
584
+ user_code: deviceData.user_code,
585
+ }),
586
+ });
587
+ if (response.ok) {
588
+ const data = (await response.json());
589
+ const tokenResponse = await fetch(`${ISSUER}/oauth/token`, {
590
+ method: "POST",
591
+ headers: { "Content-Type": "application/x-www-form-urlencoded" },
592
+ body: new URLSearchParams({
593
+ grant_type: "authorization_code",
594
+ code: data.authorization_code,
595
+ redirect_uri: `${ISSUER}/deviceauth/callback`,
596
+ client_id: CLIENT_ID,
597
+ code_verifier: data.code_verifier,
598
+ }).toString(),
599
+ });
600
+ if (!tokenResponse.ok) {
601
+ throw new Error(`Token exchange failed: ${tokenResponse.status}`);
602
+ }
603
+ const tokens = await tokenResponse.json();
604
+ return {
605
+ type: "success",
606
+ refresh: tokens.refresh_token,
607
+ access: tokens.access_token,
608
+ expires: Date.now() + (tokens.expires_in ?? 3600) * 1000,
609
+ accountId: extractAccountId(tokens),
610
+ };
611
+ }
612
+ if (response.status !== 403 && response.status !== 404) {
613
+ return { type: "failed" };
614
+ }
615
+ await sleep(interval + OAUTH_POLLING_SAFETY_MARGIN_MS);
616
+ }
617
+ },
618
+ };
619
+ },
620
+ },
621
+ {
622
+ label: "Manually enter API Key",
623
+ type: "api",
624
+ },
625
+ ],
626
+ },
627
+ "chat.headers": async (input, output) => {
628
+ if (input.model.providerID !== "openai")
629
+ return;
630
+ output.headers.originator = "opencode";
631
+ output.headers["User-Agent"] = `opencode/${Installation.VERSION} (${os.platform()} ${os.release()}; ${os.arch()})`;
632
+ output.headers.session_id = input.sessionID;
633
+ },
634
+ };
635
+ }
636
+ /* GENERATED_EXPORT_BRIDGE_START */
637
+ export { officialCodexExportBridge };
638
+ /* GENERATED_EXPORT_BRIDGE_END */
package/package.json ADDED
@@ -0,0 +1,40 @@
1
+ {
2
+ "name": "opencode-openai-account-switcher",
3
+ "version": "0.1.0",
4
+ "description": "OpenAI Codex account switcher plugin for OpenCode",
5
+ "type": "module",
6
+ "main": "./dist/index.js",
7
+ "types": "./dist/index.d.ts",
8
+ "exports": {
9
+ ".": {
10
+ "types": "./dist/index.d.ts",
11
+ "default": "./dist/index.js"
12
+ }
13
+ },
14
+ "files": [
15
+ "dist/",
16
+ "scripts/sync-codex-upstream.mjs",
17
+ "README.md",
18
+ "LICENSE"
19
+ ],
20
+ "scripts": {
21
+ "prebuild": "node scripts/clean-dist.mjs",
22
+ "build": "tsc -p tsconfig.build.json",
23
+ "sync:codex-snapshot": "node scripts/sync-codex-upstream.mjs --output src/upstream/codex-plugin.snapshot.ts",
24
+ "check:codex-sync": "node scripts/sync-codex-upstream.mjs --output src/upstream/codex-plugin.snapshot.ts --check",
25
+ "test": "npm run build && node --test test/*.test.js",
26
+ "typecheck": "tsc --noEmit",
27
+ "prepublishOnly": "npm run build"
28
+ },
29
+ "engines": {
30
+ "node": ">=24.0.0"
31
+ },
32
+ "dependencies": {
33
+ "@opencode-ai/plugin": "1.14.41",
34
+ "xdg-basedir": "^5.1.0"
35
+ },
36
+ "devDependencies": {
37
+ "@types/node": "^24.10.1",
38
+ "typescript": "^5.0.0"
39
+ }
40
+ }