opencode-qwencode-auth 1.2.1 → 1.3.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-qwencode-auth",
-  "version": "1.2.1",
+  "version": "1.3.0",
   "description": "Qwen OAuth authentication plugin for OpenCode - Access Qwen AI models (Coder, Vision) with your qwen.ai account",
   "module": "index.ts",
   "type": "module",
@@ -32,9 +32,6 @@
   "bugs": {
     "url": "https://github.com/gustavodiasdev/opencode-qwencode-auth/issues"
   },
-  "dependencies": {
-    "open": "^10.1.0"
-  },
   "devDependencies": {
     "@opencode-ai/plugin": "^1.1.48",
     "@types/node": "^22.0.0",

package/src/errors.ts

@@ -6,7 +6,7 @@
  */
 
 const REAUTH_HINT =
-  'Execute "npx opencode-qwencode-auth" ou "qwen-code auth login" para re-autenticar.';
+  'Execute "opencode auth login" e selecione "Qwen Code (qwen.ai OAuth)" para autenticar.';
 
 // ============================================
 // Erro de Autenticação

package/src/index.ts

@@ -1,34 +1,27 @@
 /**
  * OpenCode Qwen Auth Plugin
  *
- * Plugin de autenticação OAuth para Qwen, baseado no qwen-code.
- * Implementa Device Flow (RFC 8628) para autenticação.
+ * Plugin de autenticacao OAuth para Qwen, baseado no qwen-code.
+ * Implementa Device Flow (RFC 8628) para autenticacao.
  *
- * Provider único: qwen-code → portal.qwen.ai/v1
- * Modelos confirmados: qwen3-coder-plus, qwen3-coder-flash, coder-model, vision-model
+ * Provider: qwen-code -> portal.qwen.ai/v1
+ * Modelos: qwen3-coder-plus, qwen3-coder-flash, coder-model, vision-model
  */
 
-import { existsSync } from 'node:fs';
 import { spawn } from 'node:child_process';
 
 import { QWEN_PROVIDER_ID, QWEN_API_CONFIG, QWEN_MODELS } from './constants.js';
 import type { QwenCredentials } from './types.js';
-import {
-  loadCredentials,
-  saveCredentials,
-  getCredentialsPath,
-  isCredentialsExpired,
-} from './plugin/auth.js';
+import { saveCredentials } from './plugin/auth.js';
 import {
   generatePKCE,
   requestDeviceAuthorization,
   pollDeviceToken,
   tokenResponseToCredentials,
   refreshAccessToken,
+  SlowDownError,
 } from './qwen/oauth.js';
 import { logTechnicalDetail } from './errors.js';
-export { QwenAuthError, QwenApiError } from './errors.js';
-export type { AuthErrorKind } from './errors.js';
 
 // ============================================
 // Helpers
@@ -46,34 +39,20 @@ function openBrowser(url: string): void {
   }
 }
 
-/** Verifica se existem credenciais válidas em ~/.qwen/oauth_creds.json */
-export function checkExistingCredentials(): QwenCredentials | null {
-  const credPath = getCredentialsPath();
-  if (existsSync(credPath)) {
-    const creds = loadCredentials();
-    if (creds && !isCredentialsExpired(creds)) {
-      return creds;
-    }
-  }
-  return null;
-}
-
-/** Obtém um access token válido (com refresh se necessário) */
+/** Obtem um access token valido (com refresh se necessario) */
 async function getValidAccessToken(
   getAuth: () => Promise<{ type: string; access?: string; refresh?: string; expires?: number }>,
 ): Promise<string | null> {
   const auth = await getAuth();
 
-  // Se não é OAuth, tentar carregar credenciais locais do qwen-code
   if (!auth || auth.type !== 'oauth') {
-    const creds = checkExistingCredentials();
-    return creds?.accessToken ?? null;
+    return null;
   }
 
   let accessToken = auth.access;
 
-  // Refresh se expirado (com margem de 30s)
-  if (accessToken && auth.expires && Date.now() > auth.expires - 30000 && auth.refresh) {
+  // Refresh se expirado (com margem de 60s)
+  if (accessToken && auth.expires && Date.now() > auth.expires - 60_000 && auth.refresh) {
     try {
       const refreshed = await refreshAccessToken(auth.refresh);
       accessToken = refreshed.accessToken;
@@ -85,20 +64,6 @@ async function getValidAccessToken(
     }
   }
 
-  // Fallback para credenciais locais do qwen-code
-  if (!accessToken) {
-    const creds = checkExistingCredentials();
-    if (creds) {
-      accessToken = creds.accessToken;
-    } else {
-      console.warn(
-        '[Qwen] Token expirado e sem credenciais alternativas. ' +
-        'Execute "npx opencode-qwencode-auth" ou "qwen-code auth login" para re-autenticar.'
-      );
-      return null;
-    }
-  }
-
   return accessToken ?? null;
 }
 
@@ -146,7 +111,7 @@ export const QwenAuthPlugin = async (_input: unknown) => {
 
               return {
                 url: deviceAuth.verification_uri_complete,
-                instructions: `Código: ${deviceAuth.user_code}`,
+                instructions: `Codigo: ${deviceAuth.user_code}`,
                 method: 'auto' as const,
                 callback: async () => {
                   const startTime = Date.now();
@@ -154,7 +119,7 @@ export const QwenAuthPlugin = async (_input: unknown) => {
                   let interval = 5000;
 
                   while (Date.now() - startTime < timeoutMs) {
-                    await Bun.sleep(interval + POLLING_MARGIN_MS);
+                    await new Promise(resolve => setTimeout(resolve, interval + POLLING_MARGIN_MS));
 
                     try {
                       const tokenResponse = await pollDeviceToken(deviceAuth.device_code, verifier);
@@ -166,15 +131,14 @@ export const QwenAuthPlugin = async (_input: unknown) => {
                         return {
                           type: 'success' as const,
                           access: credentials.accessToken,
-                          refresh: credentials.refreshToken || '',
+                          refresh: credentials.refreshToken ?? '',
                           expires: credentials.expiryDate || Date.now() + 3600000,
                         };
                       }
                     } catch (e) {
-                      const msg = e instanceof Error ? e.message : '';
-                      if (msg.includes('slow_down')) {
+                      if (e instanceof SlowDownError) {
                         interval = Math.min(interval + 5000, 15000);
-                      } else if (!msg.includes('authorization_pending')) {
+                      } else if (!(e instanceof Error) || !e.message.includes('authorization_pending')) {
                         return { type: 'failed' as const };
                       }
                     }

package/src/plugin/auth.ts

@@ -1,69 +1,23 @@
 /**
  * Qwen Credentials Management
  *
- * Handles loading, saving, and validating credentials
+ * Handles saving credentials to ~/.qwen/oauth_creds.json
  */
 
 import { homedir } from 'node:os';
 import { join } from 'node:path';
-import { existsSync, readFileSync, writeFileSync, mkdirSync } from 'node:fs';
+import { existsSync, writeFileSync, mkdirSync } from 'node:fs';
 
 import type { QwenCredentials } from '../types.js';
-import { refreshAccessToken, isCredentialsExpired } from '../qwen/oauth.js';
-import { logTechnicalDetail } from '../errors.js';
 
 /**
  * Get the path to the credentials file
- * Uses the same location as qwen-code for compatibility
  */
 export function getCredentialsPath(): string {
   const homeDir = homedir();
   return join(homeDir, '.qwen', 'oauth_creds.json');
 }
 
-/**
- * Get the OpenCode auth store path
- */
-export function getOpenCodeAuthPath(): string {
-  const homeDir = homedir();
-  return join(homeDir, '.local', 'share', 'opencode', 'auth.json');
-}
-
-/**
- * Load existing Qwen credentials if available
- * Supports qwen-code format with expiry_date and resource_url
- */
-export function loadCredentials(): QwenCredentials | null {
-  const credPath = getCredentialsPath();
-
-  if (!existsSync(credPath)) {
-    return null;
-  }
-
-  try {
-    const data = readFileSync(credPath, 'utf-8');
-    const parsed = JSON.parse(data);
-
-    // Handle qwen-code format and variations
-    if (parsed.access_token || parsed.accessToken) {
-      return {
-        accessToken: parsed.access_token || parsed.accessToken,
-        tokenType: parsed.token_type || parsed.tokenType || 'Bearer',
-        refreshToken: parsed.refresh_token || parsed.refreshToken,
-        resourceUrl: parsed.resource_url || parsed.resourceUrl,
-        // qwen-code uses expiry_date, fallback to expires_at for compatibility
-        expiryDate: parsed.expiry_date || parsed.expiresAt || parsed.expires_at,
-        scope: parsed.scope,
-      };
-    }
-
-    return null;
-  } catch (error) {
-    logTechnicalDetail(`Erro ao carregar credenciais: ${error}`);
-    return null;
-  }
-}
-
 /**
  * Save credentials to file in qwen-code compatible format
  */
@@ -87,29 +41,3 @@ export function saveCredentials(credentials: QwenCredentials): void {
 
   writeFileSync(credPath, JSON.stringify(data, null, 2));
 }
-
-/**
- * Get valid credentials, refreshing if necessary
- */
-export async function getValidCredentials(): Promise<QwenCredentials | null> {
-  let credentials = loadCredentials();
-
-  if (!credentials) {
-    return null;
-  }
-
-  if (isCredentialsExpired(credentials) && credentials.refreshToken) {
-    try {
-      credentials = await refreshAccessToken(credentials.refreshToken);
-      saveCredentials(credentials);
-    } catch (error) {
-      logTechnicalDetail(`Falha no refresh: ${error}`);
-      return null;
-    }
-  }
-
-  return credentials;
-}
-
-// Re-export isCredentialsExpired for convenience
-export { isCredentialsExpired } from '../qwen/oauth.js';

package/src/qwen/oauth.ts

@@ -11,6 +11,17 @@ import { QWEN_OAUTH_CONFIG } from '../constants.js';
 import type { QwenCredentials } from '../types.js';
 import { QwenAuthError, logTechnicalDetail } from '../errors.js';
 
+/**
+ * Erro lançado quando o servidor pede slow_down (RFC 8628)
+ * O caller deve aumentar o intervalo de polling
+ */
+export class SlowDownError extends Error {
+  constructor() {
+    super('slow_down: server requested increased polling interval');
+    this.name = 'SlowDownError';
+  }
+}
+
 /**
  * Device authorization response from Qwen OAuth
  */
@@ -46,13 +57,6 @@ export function generatePKCE(): { verifier: string; challenge: string } {
   return { verifier, challenge };
 }
 
-/**
- * Generate random state for OAuth
- */
-export function generateState(): string {
-  return randomBytes(16).toString('hex');
-}
-
 /**
  * Convert object to URL-encoded form data
  */
@@ -139,7 +143,7 @@ export async function pollDeviceToken(
 
       // RFC 8628: slow_down means we should increase poll interval
       if (response.status === 429 && errorData.error === 'slow_down') {
-        return null; // Still pending, but should slow down
+        throw new SlowDownError();
       }
 
       throw new Error(
@@ -255,7 +259,7 @@ export async function performDeviceAuthFlow(
       }
     } catch (error) {
       // Check if we should slow down
-      if (error instanceof Error && error.message.includes('slow_down')) {
+      if (error instanceof SlowDownError) {
         interval = Math.min(interval * 1.5, 10000); // Increase interval, max 10s
       } else {
         throw error;

package/src/types.ts

@@ -2,12 +2,6 @@
  * Type Definitions for Qwen Auth Plugin
  */
 
-import type { QWEN_MODELS } from './constants.js';
-
-// ============================================
-// Credentials Types
-// ============================================
-
 export interface QwenCredentials {
   accessToken: string;
   tokenType?: string;      // "Bearer"
@@ -16,90 +10,3 @@ export interface QwenCredentials {
   expiryDate?: number;     // timestamp em ms (formato qwen-code)
   scope?: string;          // "openid profile email"
 }
-
-export interface QwenOAuthState {
-  codeVerifier: string;
-  state: string;
-}
-
-// ============================================
-// API Types
-// ============================================
-
-export type QwenModelId = keyof typeof QWEN_MODELS;
-
-export interface ChatMessage {
-  role: 'system' | 'user' | 'assistant' | 'tool';
-  content: string | Array<{ type: string; text?: string; image_url?: { url: string } }>;
-  name?: string;
-  tool_calls?: Array<{
-    id: string;
-    type: 'function';
-    function: { name: string; arguments: string };
-  }>;
-  tool_call_id?: string;
-}
-
-export interface ChatCompletionRequest {
-  model: string;
-  messages: ChatMessage[];
-  temperature?: number;
-  top_p?: number;
-  max_tokens?: number;
-  stream?: boolean;
-  tools?: Array<{
-    type: 'function';
-    function: {
-      name: string;
-      description: string;
-      parameters: Record<string, unknown>;
-    };
-  }>;
-  tool_choice?: 'auto' | 'none' | { type: 'function'; function: { name: string } };
-}
-
-export interface ChatCompletionResponse {
-  id: string;
-  object: 'chat.completion';
-  created: number;
-  model: string;
-  choices: Array<{
-    index: number;
-    message: {
-      role: 'assistant';
-      content: string | null;
-      tool_calls?: Array<{
-        id: string;
-        type: 'function';
-        function: { name: string; arguments: string };
-      }>;
-    };
-    finish_reason: 'stop' | 'length' | 'tool_calls' | null;
-  }>;
-  usage?: {
-    prompt_tokens: number;
-    completion_tokens: number;
-    total_tokens: number;
-  };
-}
-
-export interface StreamChunk {
-  id: string;
-  object: 'chat.completion.chunk';
-  created: number;
-  model: string;
-  choices: Array<{
-    index: number;
-    delta: {
-      role?: 'assistant';
-      content?: string;
-      tool_calls?: Array<{
-        index: number;
-        id?: string;
-        type?: 'function';
-        function?: { name?: string; arguments?: string };
-      }>;
-    };
-    finish_reason: 'stop' | 'length' | 'tool_calls' | null;
-  }>;
-}

package/src/plugin/client.ts

@@ -1,217 +0,0 @@
-/**
- * Qwen API Client
- *
- * OpenAI-compatible client for making API calls to Qwen
- */
-
-import { QWEN_API_CONFIG, QWEN_MODELS } from '../constants.js';
-import type {
-  QwenCredentials,
-  ChatCompletionRequest,
-  ChatCompletionResponse,
-  StreamChunk
-} from '../types.js';
-import { getValidCredentials, loadCredentials, isCredentialsExpired } from './auth.js';
-import { QwenAuthError, QwenApiError } from '../errors.js';
-
-/**
- * QwenClient - Makes authenticated API calls to Qwen
- */
-export class QwenClient {
-  private credentials: QwenCredentials | null = null;
-  private debug: boolean;
-
-  constructor(options: { debug?: boolean } = {}) {
-    this.debug = options.debug || process.env.OPENCODE_QWEN_DEBUG === '1';
-  }
-
-  /**
-   * Get the API base URL from credentials or fallback to default
-   */
-  private getBaseUrl(): string {
-    if (this.credentials?.resourceUrl) {
-      const resourceUrl = this.credentials.resourceUrl;
-      if (resourceUrl.startsWith('http')) {
-        return resourceUrl.endsWith('/v1') ? resourceUrl : `${resourceUrl}/v1`;
-      }
-      return `https://${resourceUrl}/v1`;
-    }
-    return QWEN_API_CONFIG.baseUrl;
-  }
-
-  /**
-   * Get the chat completions endpoint
-   */
-  private getChatEndpoint(): string {
-    return `${this.getBaseUrl()}/chat/completions`;
-  }
-
-  /**
-   * Initialize the client with credentials
-   */
-  async initialize(): Promise<boolean> {
-    this.credentials = await getValidCredentials();
-    return this.credentials !== null;
-  }
-
-  /**
-   * Set credentials directly
-   */
-  setCredentials(credentials: QwenCredentials): void {
-    this.credentials = credentials;
-  }
-
-  /**
-   * Get the authorization header
-   */
-  private getAuthHeader(): string {
-    if (!this.credentials) {
-      throw new QwenAuthError('auth_required');
-    }
-    return `Bearer ${this.credentials.accessToken}`;
-  }
-
-  /**
-   * Log debug information
-   */
-  private log(...args: unknown[]): void {
-    if (this.debug) {
-      console.log('[Qwen Client]', ...args);
-    }
-  }
-
-  /**
-   * Make a chat completion request
-   */
-  async chatCompletion(request: ChatCompletionRequest): Promise<ChatCompletionResponse> {
-    if (!this.credentials) {
-      const initialized = await this.initialize();
-      if (!initialized) {
-        throw new QwenAuthError('auth_required');
-      }
-    }
-
-    this.log('Chat completion request:', JSON.stringify(request, null, 2));
-
-    const response = await fetch(this.getChatEndpoint(), {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-        'Authorization': this.getAuthHeader(),
-        'Accept': 'application/json',
-      },
-      body: JSON.stringify(request),
-    });
-
-    if (!response.ok) {
-      const errorText = await response.text();
-      this.log('API Error:', response.status, errorText);
-      throw new QwenApiError(response.status, errorText);
-    }
-
-    const data = await response.json();
-    this.log('Chat completion response:', JSON.stringify(data, null, 2));
-
-    return data as ChatCompletionResponse;
-  }
-
-  /**
-   * Make a streaming chat completion request
-   */
-  async *chatCompletionStream(request: ChatCompletionRequest): AsyncGenerator<StreamChunk> {
-    if (!this.credentials) {
-      const initialized = await this.initialize();
-      if (!initialized) {
-        throw new QwenAuthError('auth_required');
-      }
-    }
-
-    const streamRequest = { ...request, stream: true };
-    this.log('Streaming chat completion request:', JSON.stringify(streamRequest, null, 2));
-
-    const response = await fetch(this.getChatEndpoint(), {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-        'Authorization': this.getAuthHeader(),
-        'Accept': 'text/event-stream',
-      },
-      body: JSON.stringify(streamRequest),
-    });
-
-    if (!response.ok) {
-      const errorText = await response.text();
-      this.log('API Error:', response.status, errorText);
-      throw new QwenApiError(response.status, errorText);
-    }
-
-    const reader = response.body?.getReader();
-    if (!reader) {
-      throw new Error('No response body');
-    }
-
-    const decoder = new TextDecoder();
-    let buffer = '';
-
-    while (true) {
-      const { done, value } = await reader.read();
-      if (done) break;
-
-      buffer += decoder.decode(value, { stream: true });
-      const lines = buffer.split('\n');
-      buffer = lines.pop() || '';
-
-      for (const line of lines) {
-        const trimmed = line.trim();
-        if (!trimmed || trimmed === 'data: [DONE]') continue;
-        if (!trimmed.startsWith('data: ')) continue;
-
-        try {
-          const json = trimmed.slice(6);
-          const chunk = JSON.parse(json) as StreamChunk;
-          this.log('Stream chunk:', JSON.stringify(chunk, null, 2));
-          yield chunk;
-        } catch (e) {
-          this.log('Failed to parse chunk:', trimmed, e);
-        }
-      }
-    }
-  }
-
-  /**
-   * List available models
-   */
-  async listModels(): Promise<Array<{ id: string; object: string; created: number }>> {
-    return Object.values(QWEN_MODELS).map(model => ({
-      id: model.id,
-      object: 'model',
-      created: Date.now(),
-    }));
-  }
-
-  /**
-   * Check if authenticated
-   */
-  isAuthenticated(): boolean {
-    const creds = loadCredentials();
-    return creds !== null && !isCredentialsExpired(creds);
-  }
-
-  /**
-   * Get current credentials info
-   */
-  getCredentialsInfo(): { authenticated: boolean; expiryDate?: number; resourceUrl?: string } {
-    const creds = loadCredentials();
-    if (!creds) {
-      return { authenticated: false };
-    }
-    return {
-      authenticated: !isCredentialsExpired(creds),
-      expiryDate: creds.expiryDate,
-      resourceUrl: creds.resourceUrl,
-    };
-  }
-}
-
-// Export singleton instance
-export const qwenClient = new QwenClient();

package/src/plugin/utils.ts

@@ -1,17 +0,0 @@
-/**
- * Plugin Utilities
- */
-
-/**
- * Open URL in browser
- */
-export async function openBrowser(url: string): Promise<void> {
-  try {
-    // Dynamic import for ESM compatibility
-    const open = await import('open');
-    await open.default(url);
-  } catch (error) {
-    // Fallback to console instruction
-    console.log(`\nPlease open this URL in your browser:\n${url}\n`);
-  }
-}