opencode-qwen 1.0.1 → 1.0.2

package/index.ts

@@ -165,12 +165,11 @@ export async function fetchQwenModels(apiKey: string, baseURL: string = QWEN_BAS
  * Create Qwen provider instance
  */
 export function createQwenProvider(config: QwenConfig): Provider {
-  const validatedConfig = QwenConfigSchema.parse(config)
   
   return createOpenAI({
     name: 'Qwen',
-    baseURL: validatedConfig.baseURL,
-    apiKey: validatedConfig.apiKey,
+    baseURL: config.baseURL || QWEN_BASE_URL,
+    apiKey: config.apiKey,
     headers: {
       'User-Agent': 'OpenCode-Qwen-Provider/1.0.0'
     },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-qwen",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Qwen provider for OpenCode with npm package support",
   "main": "index.ts",
   "exports": {

package/qwen-auth.ts

@@ -68,12 +68,28 @@ export const QwenAuthPlugin: Plugin = async ({ project, client, $, directory, wo
    */
   const loadAuthState = async (): Promise<QwenAuthState> => {
     try {
-      const config = QwenAuthConfigSchema.parse({
-        apiKey: process.env.QWEN_API_KEY,
-        refreshToken: process.env.QWEN_REFRESH_TOKEN,
-        autoRefresh: process.env.QWEN_AUTO_REFRESH !== 'false',
-        validateOnStartup: process.env.QWEN_VALIDATE_ON_STARTUP !== 'false'
-      })
+      // Handle missing environment variables gracefully
+      const apiKey = process.env.QWEN_API_KEY
+      const refreshToken = process.env.QWEN_REFRESH_TOKEN
+      const autoRefresh = process.env.QWEN_AUTO_REFRESH !== "false"
+      const validateOnStartup = process.env.QWEN_VALIDATE_ON_STARTUP !== "false"
+
+      // Only validate if we have required fields
+      if (!apiKey) {
+        await client.app.log({
+          service: "qwen-auth",
+          level: "info",
+          message: "No Qwen API key found in environment"
+        })
+        return { isValid: false }
+      }
+
+      const config = {
+        apiKey,
+        refreshToken,
+        autoRefresh,
+        validateOnStartup
+      }
 
       authState = {
         accessToken: config.apiKey,

package/qwen-auth.ts.backup

@@ -0,0 +1,337 @@
+/**
+ * Qwen Provider Authentication Plugin for OpenCode
+ * 
+ * This plugin handles authentication for the Qwen API provider,
+ * including token validation, refresh, and secure credential management.
+ */
+
+import type { Plugin, tool } from "@opencode-ai/plugin"
+import { z } from "zod"
+
+// Qwen API base URL
+const QWEN_API_BASE = "https://qwen.aikit.club/v1"
+
+// TypeScript types for Qwen authentication
+export interface QwenAuthState {
+  accessToken?: string
+  refreshToken?: string
+  expiresAt?: number
+  isValid: boolean
+  lastValidated?: number
+}
+
+export interface QwenTokenResponse {
+  access_token: string
+  refresh_token?: string
+  expires_in: number
+  token_type: string
+}
+
+export interface QwenModel {
+  id: string
+  object: string
+  created: number
+  owned_by: string
+}
+
+export interface QwenModelsResponse {
+  object: string
+  data: QwenModel[]
+}
+
+// Zod schemas for validation
+const QwenAuthConfigSchema = z.object({
+  apiKey: z.string().min(1, "API key is required"),
+  refreshToken: z.string().optional(),
+  autoRefresh: z.boolean().default(true),
+  validateOnStartup: z.boolean().default(true)
+})
+
+const ValidateTokenSchema = z.object({
+  token: z.string().optional()
+})
+
+const RefreshTokenSchema = z.object({
+  refreshToken: z.string().optional()
+})
+
+/**
+ * Qwen Authentication Plugin
+ */
+export const QwenAuthPlugin: Plugin = async ({ project, client, $, directory, worktree }) => {
+  let authState: QwenAuthState = {
+    isValid: false
+  }
+
+  /**
+   * Load authentication state from environment or secure storage
+   */
+  const loadAuthState = async (): Promise<QwenAuthState> => {
+    try {
+      const config = QwenAuthConfigSchema.parse({
+        apiKey: process.env.QWEN_API_KEY,
+        refreshToken: process.env.QWEN_REFRESH_TOKEN,
+        autoRefresh: process.env.QWEN_AUTO_REFRESH !== 'false',
+        validateOnStartup: process.env.QWEN_VALIDATE_ON_STARTUP !== 'false'
+      })
+
+      authState = {
+        accessToken: config.apiKey,
+        refreshToken: config.refreshToken,
+        isValid: !!config.apiKey,
+        lastValidated: Date.now()
+      }
+
+      await client.app.log({
+        service: "qwen-auth",
+        level: "info",
+        message: "Auth state loaded",
+        extra: { hasToken: !!config.apiKey, hasRefreshToken: !!config.refreshToken }
+      })
+
+      return authState
+    } catch (error) {
+      await client.app.log({
+        service: "qwen-auth",
+        level: "error",
+        message: "Failed to load auth state",
+        extra: { error: error instanceof Error ? error.message : String(error) }
+      })
+      return { isValid: false }
+    }
+  }
+
+  /**
+   * Validate current access token
+   */
+  const validateToken = async (token?: string): Promise<boolean> => {
+    try {
+      const tokenToValidate = token || authState.accessToken
+      if (!tokenToValidate) {
+        return false
+      }
+
+      const response = await fetch(`${QWEN_API_BASE}/validate`, {
+        method: "GET",
+        headers: {
+          "Authorization": `Bearer ${tokenToValidate}`,
+          "Content-Type": "application/json"
+        }
+      })
+
+      const isValid = response.ok
+      authState.isValid = isValid
+      authState.lastValidated = Date.now()
+
+      await client.app.log({
+        service: "qwen-auth",
+        level: isValid ? "info" : "warn",
+        message: `Token validation ${isValid ? 'successful' : 'failed'}`,
+        extra: { status: response.status }
+      })
+
+      return isValid
+    } catch (error) {
+      authState.isValid = false
+      await client.app.log({
+        service: "qwen-auth",
+        level: "error",
+        message: "Token validation error",
+        extra: { error: error instanceof Error ? error.message : String(error) }
+      })
+      return false
+    }
+  }
+
+  /**
+   * Refresh access token using refresh token
+   */
+  const refreshToken = async (refreshTokenValue?: string): Promise<boolean> => {
+    try {
+      const tokenToUse = refreshTokenValue || authState.refreshToken
+      if (!tokenToUse) {
+        await client.app.log({
+          service: "qwen-auth",
+          level: "warn",
+          message: "No refresh token available"
+        })
+        return false
+      }
+
+      const response = await fetch(`${QWEN_API_BASE}/refresh`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json"
+        },
+        body: JSON.stringify({
+          refresh_token: tokenToUse
+        })
+      })
+
+      if (!response.ok) {
+        throw new Error(`Refresh failed: ${response.status}`)
+      }
+
+      const tokenData: QwenTokenResponse = await response.json()
+      
+      authState.accessToken = tokenData.access_token
+      if (tokenData.refresh_token) {
+        authState.refreshToken = tokenData.refresh_token
+      }
+      authState.expiresAt = Date.now() + (tokenData.expires_in * 1000)
+      authState.isValid = true
+      authState.lastValidated = Date.now()
+
+      await client.app.log({
+        service: "qwen-auth",
+        level: "info",
+        message: "Token refreshed successfully",
+        extra: { expiresIn: tokenData.expires_in }
+      })
+
+      return true
+    } catch (error) {
+      await client.app.log({
+        service: "qwen-auth",
+        level: "error",
+        message: "Token refresh failed",
+        extra: { error: error instanceof Error ? error.message : String(error) }
+      })
+      return false
+    }
+  }
+
+  /**
+   * Auto-refresh token if needed
+   */
+  const ensureValidToken = async (): Promise<boolean> => {
+    if (!authState.accessToken) {
+      await loadAuthState()
+    }
+
+    if (authState.isValid && authState.lastValidated && 
+        Date.now() - authState.lastValidated < 5 * 60 * 1000) {
+      return true // Valid within last 5 minutes
+    }
+
+    const isValid = await validateToken()
+    if (isValid) {
+      return true
+    }
+
+    if (authState.refreshToken) {
+      return await refreshToken()
+    }
+
+    return false
+  }
+
+  // Initialize plugin
+  await loadAuthState()
+
+  return {
+    // Custom tools for Qwen authentication
+    tool: {
+      "qwen.validate-token": tool({
+        description: "Validate Qwen API access token",
+        args: ValidateTokenSchema,
+        async execute(args, context) {
+          const isValid = await validateToken(args.token)
+          return {
+            valid: isValid,
+            timestamp: new Date().toISOString(),
+            state: authState
+          }
+        }
+      }),
+
+      "qwen.refresh-token": tool({
+        description: "Refresh Qwen API access token",
+        args: RefreshTokenSchema,
+        async execute(args, context) {
+          const success = await refreshToken(args.refreshToken)
+          return {
+            success,
+            timestamp: new Date().toISOString(),
+            state: authState
+          }
+        }
+      }),
+
+      "qwen.list-models": tool({
+        description: "List available Qwen models (requires valid authentication)",
+        args: z.object({}),
+        async execute(args, context) {
+          await ensureValidToken()
+          
+          if (!authState.accessToken || !authState.isValid) {
+            throw new Error("No valid Qwen authentication token available")
+          }
+
+          try {
+            const response = await fetch(`${QWEN_API_BASE}/models`, {
+              headers: {
+                "Authorization": `Bearer ${authState.accessToken}`,
+                "Content-Type": "application/json"
+              }
+            })
+
+            if (!response.ok) {
+              throw new Error(`Failed to fetch models: ${response.status}`)
+            }
+
+            const models: QwenModelsResponse = await response.json()
+            
+            await client.app.log({
+              service: "qwen-auth",
+              level: "info",
+              message: `Successfully retrieved ${models.data.length} models`
+            })
+
+            return models
+          } catch (error) {
+            await client.app.log({
+              service: "qwen-auth",
+              level: "error",
+              message: "Failed to fetch models",
+              extra: { error: error instanceof Error ? error.message : String(error) }
+            })
+            throw error
+          }
+        }
+      })
+    },
+
+    // Hooks for automatic token management
+    "tool.execute.before": async (input, output) => {
+      // Intercept Qwen API calls and ensure valid authentication
+      if (input.tool === "bash" && output.args.command?.includes("qwen.aikit.club")) {
+        await ensureValidToken()
+        if (authState.accessToken) {
+          // Inject token into command if needed
+          output.args.command = output.args.command.replace(
+            /qwen\.aikit\.club\/v1\//,
+            `qwen.aikit.club/v1/?api_key=${authState.accessToken}&`
+          )
+        }
+      }
+    },
+
+    "session.created": async () => {
+      // Validate token on session creation if enabled
+      if (process.env.QWEN_VALIDATE_ON_STARTUP !== 'false') {
+        await ensureValidToken()
+      }
+    },
+
+    "session.idle": async () => {
+      // Periodic validation when session is idle
+      if (authState.isValid && authState.lastValidated) {
+        const timeSinceValidation = Date.now() - authState.lastValidated
+        if (timeSinceValidation > 30 * 60 * 1000) { // 30 minutes
+          await validateToken()
+        }
+      }
+    }
+  }
+}

package/test_fix.md

@@ -0,0 +1,69 @@
+# Qwen Plugin Fix Summary
+
+## Issues Fixed
+
+### 1. Import Error (RESOLVED)
+- **Problem**: `createOpenAI` imported from non-existent `@ai-sdk/openai-compatible`
+- **Solution**: Changed import to `@ai-sdk/openai` package
+- **Files Modified**: `index.ts`, `package.json`
+
+### 2. API Key Validation Error (RESOLVED)
+- **Problem**: Zod schema validation on startup with undefined apiKey
+- **Root Cause**: Plugin tried to validate config before user connects
+- **Solution**: Removed immediate validation, added graceful handling
+
+## Changes Made
+
+### index.ts
+```typescript
+// BEFORE (caused startup error)
+export function createQwenProvider(config: QwenConfig): Provider {
+  const validatedConfig = QwenConfigSchema.parse(config)  // ← This line failed
+  return createOpenAI({
+    baseURL: validatedConfig.baseURL,
+    apiKey: validatedConfig.apiKey,
+    // ...
+  })
+}
+
+// AFTER (graceful handling)
+export function createQwenProvider(config: QwenConfig): Provider {
+  return createOpenAI({
+    baseURL: config.baseURL || QWEN_BASE_URL,  // ← Fallback added
+    apiKey: config.apiKey,                     // ← Direct access
+    // ...
+  })
+}
+```
+
+### qwen-auth.ts
+```typescript
+// BEFORE (caused startup error)
+const config = QwenAuthConfigSchema.parse({
+  apiKey: process.env.QWEN_API_KEY,  // ← Failed if undefined
+  // ...
+})
+
+// AFTER (graceful handling)
+const apiKey = process.env.QWEN_API_KEY
+if (!apiKey) {
+  await client.app.log({
+    service: "qwen-auth",
+    level: "info", 
+    message: "No Qwen API key found in environment"
+  })
+  return { isValid: false }
+}
+const config = { apiKey, refreshToken, autoRefresh, validateOnStartup }
+```
+
+## Expected Behavior
+- Plugin loads without errors on OpenCode startup
+- API key validation only happens when user actually connects
+- Graceful fallback when no credentials are available
+- Proper error handling and logging throughout
+
+## Next Steps
+1. Test plugin load (should be error-free now)
+2. Test user connection flow with valid API key
+3. Verify model loading and functionality