openusage 0.1.0

package/plugins/codex/icon.svg

@@ -0,0 +1,3 @@
+<svg width="100" height="100" viewBox="0 0 100 100" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M83.7733 42.8087C84.6678 40.1149 84.9771 37.2613 84.6807 34.4385C84.3843 31.6156 83.489 28.8885 82.0544 26.4394C77.6908 18.8436 68.9203 14.9365 60.3548 16.7725C57.9831 14.1344 54.9591 12.1668 51.5864 11.0673C48.2137 9.96772 44.611 9.77498 41.1402 10.5084C37.6694 11.2418 34.4527 12.8755 31.8132 15.2455C29.1736 17.6155 27.204 20.6383 26.1024 24.0103C23.3212 24.5806 20.6938 25.738 18.3958 27.405C16.0977 29.0721 14.1819 31.2104 12.7765 33.6772C8.36538 41.2609 9.3669 50.8267 15.2527 57.3327C14.3549 60.0251 14.0424 62.8782 14.3361 65.7012C14.6298 68.5241 15.523 71.2518 16.9558 73.7017C21.325 81.3002 30.1011 85.207 38.6712 83.3686C40.5554 85.4904 42.8707 87.1858 45.4623 88.3416C48.0539 89.4975 50.8622 90.0871 53.6999 90.0713C62.4793 90.079 70.2575 84.4114 72.9393 76.0515C75.7201 75.4802 78.347 74.3225 80.6449 72.6555C82.9427 70.9886 84.8587 68.8507 86.2649 66.3846C90.6227 58.8145 89.6172 49.3005 83.7733 42.8087ZM53.6999 84.8356C50.1955 84.8411 46.801 83.6129 44.1116 81.3661L44.5848 81.098L60.5123 71.9043C60.9087 71.6718 61.2379 71.3402 61.4674 70.942C61.6969 70.5439 61.8189 70.0929 61.8215 69.6333V47.1769L68.5553 51.072C68.6225 51.1063 68.6694 51.1707 68.6814 51.2456V69.854C68.6641 78.1208 61.9667 84.8183 53.6999 84.8356ZM21.4977 71.0843C19.7402 68.0497 19.1092 64.4925 19.7156 61.0386L20.1885 61.3225L36.1321 70.5165C36.5266 70.748 36.9757 70.87 37.4331 70.87C37.8905 70.87 38.3396 70.748 38.7341 70.5165L58.21 59.2883V67.0628C58.2081 67.1031 58.1973 67.1424 58.1782 67.1779C58.1591 67.2134 58.1322 67.2441 58.0996 67.2678L41.9671 76.5722C34.798 80.7022 25.6388 78.2463 21.4977 71.0843ZM17.3026 36.3898C19.0723 33.3357 21.8655 31.0062 25.1878 29.8138V48.7376C25.1818 49.1949 25.2986 49.6453 25.5261 50.042C25.7535 50.4387 26.0833 50.7671 26.4809 50.9928L45.8622 62.1739L39.1283 66.069C39.0919 66.0883 39.0513 66.0984 39.0101 66.0984C38.9689 66.0984 38.9283 66.0883 38.8919 66.069L22.7908 56.7809C15.6359 52.6337 13.1822 43.4816 17.3026 36.3112V36.3898ZM72.624 49.2426L53.1792 37.9512L59.8976 34.0718C59.9341 34.0524 59.9747 34.0423 60.016 34.0423C60.0573 34.0423 60.0979 34.0524 60.1344 34.0718L76.2355 43.3761C78.6973 44.7966 80.7043 46.8882 82.0221 49.4065C83.3398 51.9249 83.914 54.7661 83.6775 57.5985C83.4411 60.431 82.4038 63.1377 80.6867 65.4027C78.9696 67.6677 76.6436 69.3975 73.9803 70.3901V51.466C73.9663 51.0096 73.834 50.5647 73.5962 50.1749C73.3584 49.7851 73.0234 49.4638 72.624 49.2426ZM79.3261 39.1657L78.8529 38.8815L62.9411 29.6089C62.5442 29.376 62.0924 29.2532 61.6322 29.2532C61.172 29.2532 60.7202 29.376 60.3233 29.6089L40.8629 40.8374V33.0628C40.8587 33.0233 40.8654 32.9834 40.882 32.9473C40.8987 32.9113 40.9248 32.8803 40.9575 32.8579L57.0586 23.5692C59.5263 22.1476 62.3478 21.458 65.193 21.5811C68.0382 21.7042 70.7896 22.6348 73.1253 24.2642C75.461 25.8936 77.2845 28.1543 78.3825 30.782C79.4806 33.4097 79.8077 36.2957 79.3257 39.1025V39.1657H79.3261ZM37.1888 52.9484L30.455 49.069C30.4213 49.0487 30.3925 49.0212 30.3707 48.9884C30.3488 48.9557 30.3345 48.9186 30.3286 48.8797V30.3188C30.3323 27.4714 31.1466 24.6839 32.6761 22.2822C34.2057 19.8805 36.3874 17.9639 38.9661 16.7564C41.5448 15.549 44.4139 15.1005 47.2381 15.4636C50.0622 15.8267 52.7247 16.9862 54.9141 18.8067L54.4409 19.0748L38.5134 28.2686C38.117 28.5011 37.7879 28.8327 37.5584 29.2308C37.329 29.629 37.207 30.0799 37.2045 30.5395L37.1888 52.9487V52.9484ZM40.8472 45.0632L49.5209 40.0643L58.21 45.0635V55.0615L49.5523 60.0608L40.8632 55.0615L40.8472 45.0632Z" fill="currentColor"/>
+</svg>

package/plugins/codex/plugin.js

@@ -0,0 +1,673 @@
+(function () {
+  const AUTH_FILE = "auth.json"
+  const CONFIG_AUTH_PATHS = ["~/.config/codex", "~/.codex"]
+  const KEYCHAIN_SERVICE = "Codex Auth"
+  const CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann"
+  const REFRESH_URL = "https://auth.openai.com/oauth/token"
+  const USAGE_URL = "https://chatgpt.com/backend-api/wham/usage"
+  const REFRESH_AGE_MS = 8 * 24 * 60 * 60 * 1000
+
+  function joinPath(base, leaf) {
+    return base.replace(/[\\/]+$/, "") + "/" + leaf
+  }
+
+  function readCodexHome(ctx) {
+    if (!ctx.host.env || typeof ctx.host.env.get !== "function") {
+      return null
+    }
+
+    try {
+      const value = ctx.host.env.get("CODEX_HOME")
+      if (typeof value !== "string") return null
+      const trimmed = value.trim()
+      return trimmed || null
+    } catch (e) {
+      ctx.host.log.warn("CODEX_HOME read failed: " + String(e))
+      return null
+    }
+  }
+
+  function decodeHexUtf8(hex) {
+    try {
+      const bytes = []
+      for (let i = 0; i < hex.length; i += 2) {
+        bytes.push(parseInt(hex.slice(i, i + 2), 16))
+      }
+
+      if (typeof TextDecoder !== "undefined") {
+        try {
+          return new TextDecoder("utf-8", { fatal: false }).decode(new Uint8Array(bytes))
+        } catch {}
+      }
+
+      let escaped = ""
+      for (const b of bytes) {
+        const h = b.toString(16)
+        escaped += "%" + (h.length === 1 ? "0" + h : h)
+      }
+      return decodeURIComponent(escaped)
+    } catch {
+      return null
+    }
+  }
+
+  function tryParseAuthJson(ctx, text) {
+    if (!text) return null
+    const parsed = ctx.util.tryParseJson(text)
+    if (parsed) return parsed
+
+    // Some keychain payloads can be returned as hex-encoded UTF-8 bytes.
+    let hex = String(text).trim()
+    if (hex.startsWith("0x") || hex.startsWith("0X")) hex = hex.slice(2)
+    if (!hex || hex.length % 2 !== 0) return null
+    if (!/^[0-9a-fA-F]+$/.test(hex)) return null
+
+    const decoded = decodeHexUtf8(hex)
+    if (!decoded) return null
+    return ctx.util.tryParseJson(decoded)
+  }
+
+  function resolveAuthPaths(ctx) {
+    const codexHome = readCodexHome(ctx)
+
+    // If CODEX_HOME is set, use it
+    if (codexHome) {
+      return [joinPath(codexHome, AUTH_FILE)]
+    }
+
+    return CONFIG_AUTH_PATHS.map((basePath) => joinPath(basePath, AUTH_FILE))
+  }
+
+  function hasTokenLikeAuth(auth) {
+    if (!auth || typeof auth !== "object") return false
+    if (auth.tokens && auth.tokens.access_token) return true
+    if (auth.OPENAI_API_KEY) return true
+    return false
+  }
+
+  function loadAuthFromKeychain(ctx) {
+    if (!ctx.host.keychain || typeof ctx.host.keychain.readGenericPassword !== "function") {
+      return null
+    }
+
+    try {
+      const value = ctx.host.keychain.readGenericPassword(KEYCHAIN_SERVICE)
+      if (!value) return null
+      const auth = tryParseAuthJson(ctx, value)
+      if (!hasTokenLikeAuth(auth)) {
+        ctx.host.log.warn("keychain has data but no codex auth payload")
+        return null
+      }
+      ctx.host.log.info("auth loaded from keychain: " + KEYCHAIN_SERVICE)
+      return { auth, authPath: null, source: "keychain" }
+    } catch (e) {
+      ctx.host.log.info("keychain read failed (may not exist): " + String(e))
+      return null
+    }
+  }
+
+  function saveAuth(ctx, authState) {
+    const auth = authState && authState.auth ? authState.auth : null
+    if (!auth) return false
+
+    if (authState.source === "file" && authState.authPath) {
+      ctx.host.fs.writeText(authState.authPath, JSON.stringify(auth, null, 2))
+      return true
+    }
+
+    if (authState.source === "keychain") {
+      if (!ctx.host.keychain || typeof ctx.host.keychain.writeGenericPassword !== "function") {
+        ctx.host.log.warn("keychain write unsupported in this host")
+        return false
+      }
+      // Use compact JSON to avoid newline-induced keychain encoding issues.
+      ctx.host.keychain.writeGenericPassword(KEYCHAIN_SERVICE, JSON.stringify(auth))
+      return true
+    }
+
+    return false
+  }
+
+  function loadAuth(ctx) {
+    const authPaths = resolveAuthPaths(ctx)
+    for (const authPath of authPaths) {
+      if (!ctx.host.fs.exists(authPath)) continue
+      try {
+        const text = ctx.host.fs.readText(authPath)
+        const auth = tryParseAuthJson(ctx, text)
+        if (!hasTokenLikeAuth(auth)) {
+          ctx.host.log.warn("auth file exists but no valid codex auth payload: " + authPath)
+          continue
+        }
+        ctx.host.log.info("auth loaded from file: " + authPath)
+        return { auth, authPath, source: "file" }
+      } catch (e) {
+        ctx.host.log.warn("auth file read failed: " + String(e))
+      }
+    }
+
+    const keychainAuth = loadAuthFromKeychain(ctx)
+    if (keychainAuth) return keychainAuth
+
+    if (authPaths.length > 0) {
+      for (const authPath of authPaths) {
+        if (!ctx.host.fs.exists(authPath)) {
+          ctx.host.log.warn("auth file not found: " + authPath)
+        }
+      }
+    }
+
+    return null
+  }
+
+  function needsRefresh(ctx, auth, nowMs) {
+    if (!auth.last_refresh) return true
+    const lastMs = ctx.util.parseDateMs(auth.last_refresh)
+    if (lastMs === null) return true
+    return nowMs - lastMs > REFRESH_AGE_MS
+  }
+
+  function refreshToken(ctx, authState) {
+    const auth = authState.auth
+    if (!auth.tokens || !auth.tokens.refresh_token) {
+      ctx.host.log.warn("refresh skipped: no refresh token")
+      return null
+    }
+
+    ctx.host.log.info("attempting token refresh")
+    try {
+      const resp = ctx.util.request({
+        method: "POST",
+        url: REFRESH_URL,
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        bodyText:
+          "grant_type=refresh_token" +
+          "&client_id=" + encodeURIComponent(CLIENT_ID) +
+          "&refresh_token=" + encodeURIComponent(auth.tokens.refresh_token),
+        timeoutMs: 15000,
+      })
+
+      if (resp.status === 400 || resp.status === 401) {
+        let code = null
+        const body = ctx.util.tryParseJson(resp.bodyText)
+        if (body) {
+          code = body.error?.code || body.error || body.code
+        }
+        ctx.host.log.error("refresh failed: status=" + resp.status + " code=" + String(code))
+        if (code === "refresh_token_expired") {
+          throw "Session expired. Run `codex` to log in again."
+        }
+        if (code === "refresh_token_reused") {
+          throw "Token conflict. Run `codex` to log in again."
+        }
+        if (code === "refresh_token_invalidated") {
+          throw "Token revoked. Run `codex` to log in again."
+        }
+        throw "Token expired. Run `codex` to log in again."
+      }
+      if (resp.status < 200 || resp.status >= 300) {
+        ctx.host.log.warn("refresh returned unexpected status: " + resp.status)
+        return null
+      }
+
+      const body = ctx.util.tryParseJson(resp.bodyText)
+      if (!body) {
+        ctx.host.log.warn("refresh response not valid JSON")
+        return null
+      }
+      const newAccessToken = body.access_token
+      if (!newAccessToken) {
+        ctx.host.log.warn("refresh response missing access_token")
+        return null
+      }
+
+      auth.tokens.access_token = newAccessToken
+      if (body.refresh_token) auth.tokens.refresh_token = body.refresh_token
+      if (body.id_token) auth.tokens.id_token = body.id_token
+      auth.last_refresh = new Date().toISOString()
+
+      try {
+        const saved = saveAuth(ctx, authState)
+        if (saved) {
+          ctx.host.log.info("refresh succeeded, auth persisted to " + authState.source)
+        } else {
+          ctx.host.log.warn("refresh succeeded but auth persistence was not possible")
+        }
+      } catch (e) {
+        ctx.host.log.warn("refresh succeeded but failed to save auth: " + String(e))
+      }
+
+      return newAccessToken
+    } catch (e) {
+      if (typeof e === "string") throw e
+      ctx.host.log.error("refresh exception: " + String(e))
+      return null
+    }
+  }
+
+  function fetchUsage(ctx, accessToken, accountId) {
+    const headers = {
+      Authorization: "Bearer " + accessToken,
+      Accept: "application/json",
+      "User-Agent": "OpenUsage",
+    }
+    if (accountId) {
+      headers["ChatGPT-Account-Id"] = accountId
+    }
+    return ctx.util.request({
+      method: "GET",
+      url: USAGE_URL,
+      headers,
+      timeoutMs: 10000,
+    })
+  }
+
+  function readPercent(value) {
+    const n = Number(value)
+    return Number.isFinite(n) ? n : null
+  }
+
+  function readNumber(value) {
+    const n = Number(value)
+    return Number.isFinite(n) ? n : null
+  }
+
+  function getResetsAtIso(ctx, nowSec, window) {
+    if (!window) return null
+    if (typeof window.reset_at === "number") {
+      return ctx.util.toIso(window.reset_at)
+    }
+    if (typeof window.reset_after_seconds === "number") {
+      return ctx.util.toIso(nowSec + window.reset_after_seconds)
+    }
+    return null
+  }
+
+  // Period durations in milliseconds
+  var PERIOD_SESSION_MS = 5 * 60 * 60 * 1000    // 5 hours
+  var PERIOD_WEEKLY_MS = 7 * 24 * 60 * 60 * 1000 // 7 days
+
+  function queryTokenUsage(ctx) {
+    if (!ctx.host.ccusage || typeof ctx.host.ccusage.query !== "function") {
+      return { status: "no_runner", data: null }
+    }
+
+    const since = new Date()
+    // Inclusive range: today + previous 30 days = 31 calendar days.
+    since.setDate(since.getDate() - 30)
+    const y = since.getFullYear()
+    const m = since.getMonth() + 1
+    const d = since.getDate()
+    const sinceStr = "" + y + (m < 10 ? "0" : "") + m + (d < 10 ? "0" : "") + d
+    const queryOpts = { provider: "codex", since: sinceStr }
+    const codexHome = readCodexHome(ctx)
+    if (codexHome) {
+      queryOpts.homePath = codexHome
+    }
+
+    const result = ctx.host.ccusage.query(queryOpts)
+    if (!result || typeof result !== "object" || typeof result.status !== "string") {
+      return { status: "runner_failed", data: null }
+    }
+    if (result.status !== "ok") {
+      return { status: result.status, data: null }
+    }
+    if (!result.data || !Array.isArray(result.data.daily)) {
+      return { status: "runner_failed", data: null }
+    }
+    return { status: "ok", data: result.data }
+  }
+
+  function fmtTokens(n) {
+    const abs = Math.abs(n)
+    const sign = n < 0 ? "-" : ""
+    const units = [
+      { threshold: 1e9, divisor: 1e9, suffix: "B" },
+      { threshold: 1e6, divisor: 1e6, suffix: "M" },
+      { threshold: 1e3, divisor: 1e3, suffix: "K" },
+    ]
+    for (let i = 0; i < units.length; i++) {
+      const unit = units[i]
+      if (abs >= unit.threshold) {
+        const scaled = abs / unit.divisor
+        const formatted = scaled >= 10
+          ? Math.round(scaled).toString()
+          : scaled.toFixed(1).replace(/\.0$/, "")
+        return sign + formatted + unit.suffix
+      }
+    }
+    return sign + Math.round(abs).toString()
+  }
+
+  function dayKeyFromDate(date) {
+    const year = date.getFullYear()
+    const month = date.getMonth() + 1
+    const day = date.getDate()
+    return year + "-" + (month < 10 ? "0" : "") + month + "-" + (day < 10 ? "0" : "") + day
+  }
+
+  function dayKeyFromUsageDate(rawDate) {
+    if (typeof rawDate !== "string") return null
+    const value = rawDate.trim()
+    if (!value) return null
+
+    const isoMatch = value.match(/^(\d{4})-(\d{2})-(\d{2})$/)
+    if (isoMatch) {
+      return isoMatch[1] + "-" + isoMatch[2] + "-" + isoMatch[3]
+    }
+
+    const compactMatch = value.match(/^(\d{4})(\d{2})(\d{2})$/)
+    if (compactMatch) {
+      return compactMatch[1] + "-" + compactMatch[2] + "-" + compactMatch[3]
+    }
+
+    const ms = Date.parse(value)
+    if (!Number.isFinite(ms)) return null
+    return dayKeyFromDate(new Date(ms))
+  }
+
+  function usageCostUsd(day) {
+    if (!day || typeof day !== "object") return null
+
+    if (day.totalCost != null) {
+      const totalCost = Number(day.totalCost)
+      if (Number.isFinite(totalCost)) return totalCost
+    }
+
+    if (day.costUSD != null) {
+      const costUSD = Number(day.costUSD)
+      if (Number.isFinite(costUSD)) return costUSD
+    }
+
+    return null
+  }
+
+  function costAndTokensLabel(data, opts) {
+    const includeZeroTokens = !!(opts && opts.includeZeroTokens)
+    const parts = []
+    if (data.costUSD != null) parts.push("$" + data.costUSD.toFixed(2))
+    if (data.tokens > 0 || (includeZeroTokens && data.tokens === 0)) {
+      parts.push(fmtTokens(data.tokens) + " tokens")
+    }
+    return parts.join(" · ")
+  }
+
+  function pushDayUsageLine(lines, ctx, label, dayEntry) {
+    const tokens = Number(dayEntry && dayEntry.totalTokens) || 0
+    const cost = usageCostUsd(dayEntry)
+    if (tokens > 0) {
+      lines.push(ctx.line.text({
+        label: label,
+        value: costAndTokensLabel({ tokens: tokens, costUSD: cost })
+      }))
+      return
+    }
+
+    lines.push(ctx.line.text({
+      label: label,
+      value: costAndTokensLabel({ tokens: 0, costUSD: 0 }, { includeZeroTokens: true })
+    }))
+  }
+
+  function probe(ctx) {
+    const authState = loadAuth(ctx)
+    if (!authState || !authState.auth) {
+      ctx.host.log.error("probe failed: not logged in")
+      throw "Not logged in. Run `codex` to authenticate."
+    }
+    const auth = authState.auth
+
+    if (auth.tokens && auth.tokens.access_token) {
+      const nowMs = Date.now()
+      let accessToken = auth.tokens.access_token
+      const accountId = auth.tokens.account_id
+
+      if (needsRefresh(ctx, auth, nowMs)) {
+        ctx.host.log.info("token needs refresh (age > " + (REFRESH_AGE_MS / 1000 / 60 / 60 / 24) + " days)")
+        const refreshed = refreshToken(ctx, authState)
+        if (refreshed) {
+          accessToken = refreshed
+        } else {
+          ctx.host.log.warn("proactive refresh failed, trying with existing token")
+        }
+      }
+
+      let resp
+      let didRefresh = false
+      try {
+        resp = ctx.util.retryOnceOnAuth({
+          request: (token) => {
+            try {
+              return fetchUsage(ctx, token || accessToken, accountId)
+            } catch (e) {
+              ctx.host.log.error("usage request exception: " + String(e))
+              if (didRefresh) {
+                throw "Usage request failed after refresh. Try again."
+              }
+              throw "Usage request failed. Check your connection."
+            }
+          },
+          refresh: () => {
+            ctx.host.log.info("usage returned 401, attempting refresh")
+            didRefresh = true
+            return refreshToken(ctx, authState)
+          },
+        })
+      } catch (e) {
+        if (typeof e === "string") throw e
+        ctx.host.log.error("usage request failed: " + String(e))
+        throw "Usage request failed. Check your connection."
+      }
+
+      if (ctx.util.isAuthStatus(resp.status)) {
+        ctx.host.log.error("usage returned auth error after all retries: status=" + resp.status)
+        throw "Token expired. Run `codex` to log in again."
+      }
+
+      if (resp.status < 200 || resp.status >= 300) {
+        ctx.host.log.error("usage returned error: status=" + resp.status)
+        throw "Usage request failed (HTTP " + String(resp.status) + "). Try again later."
+      }
+
+      ctx.host.log.info("usage fetch succeeded")
+
+      const data = ctx.util.tryParseJson(resp.bodyText)
+      if (data === null) {
+        throw "Usage response invalid. Try again later."
+      }
+
+      const lines = []
+      const nowSec = Math.floor(Date.now() / 1000)
+      const rateLimit = data.rate_limit || null
+      const primaryWindow = rateLimit && rateLimit.primary_window ? rateLimit.primary_window : null
+      const secondaryWindow = rateLimit && rateLimit.secondary_window ? rateLimit.secondary_window : null
+      const reviewWindow =
+        data.code_review_rate_limit && data.code_review_rate_limit.primary_window
+          ? data.code_review_rate_limit.primary_window
+          : null
+
+      const headerPrimary = readPercent(resp.headers["x-codex-primary-used-percent"])
+      const headerSecondary = readPercent(resp.headers["x-codex-secondary-used-percent"])
+
+      if (headerPrimary !== null) {
+        lines.push(ctx.line.progress({
+          label: "Session",
+          used: headerPrimary,
+          limit: 100,
+          format: { kind: "percent" },
+          resetsAt: getResetsAtIso(ctx, nowSec, primaryWindow),
+          periodDurationMs: PERIOD_SESSION_MS
+        }))
+      }
+      if (headerSecondary !== null) {
+        lines.push(ctx.line.progress({
+          label: "Weekly",
+          used: headerSecondary,
+          limit: 100,
+          format: { kind: "percent" },
+          resetsAt: getResetsAtIso(ctx, nowSec, secondaryWindow),
+          periodDurationMs: PERIOD_WEEKLY_MS
+        }))
+      }
+
+      if (lines.length === 0 && data.rate_limit) {
+        if (data.rate_limit.primary_window && typeof data.rate_limit.primary_window.used_percent === "number") {
+          lines.push(ctx.line.progress({
+            label: "Session",
+            used: data.rate_limit.primary_window.used_percent,
+            limit: 100,
+            format: { kind: "percent" },
+            resetsAt: getResetsAtIso(ctx, nowSec, primaryWindow),
+            periodDurationMs: PERIOD_SESSION_MS
+          }))
+        }
+        if (data.rate_limit.secondary_window && typeof data.rate_limit.secondary_window.used_percent === "number") {
+          lines.push(ctx.line.progress({
+            label: "Weekly",
+            used: data.rate_limit.secondary_window.used_percent,
+            limit: 100,
+            format: { kind: "percent" },
+            resetsAt: getResetsAtIso(ctx, nowSec, secondaryWindow),
+            periodDurationMs: PERIOD_WEEKLY_MS
+          }))
+        }
+      }
+
+      if (Array.isArray(data.additional_rate_limits)) {
+        for (const entry of data.additional_rate_limits) {
+          if (!entry || !entry.rate_limit) continue
+          const name = typeof entry.limit_name === "string" ? entry.limit_name : ""
+          let shortName = name.replace(/^GPT-[\d.]+-Codex-/, "")
+          if (!shortName) shortName = name || "Model"
+          const rl = entry.rate_limit
+          if (rl.primary_window && typeof rl.primary_window.used_percent === "number") {
+            lines.push(ctx.line.progress({
+              label: shortName,
+              used: rl.primary_window.used_percent,
+              limit: 100,
+              format: { kind: "percent" },
+              resetsAt: getResetsAtIso(ctx, nowSec, rl.primary_window),
+              periodDurationMs: typeof rl.primary_window.limit_window_seconds === "number"
+                ? rl.primary_window.limit_window_seconds * 1000
+                : PERIOD_SESSION_MS
+            }))
+          }
+          if (rl.secondary_window && typeof rl.secondary_window.used_percent === "number") {
+            lines.push(ctx.line.progress({
+              label: shortName + " Weekly",
+              used: rl.secondary_window.used_percent,
+              limit: 100,
+              format: { kind: "percent" },
+              resetsAt: getResetsAtIso(ctx, nowSec, rl.secondary_window),
+              periodDurationMs: typeof rl.secondary_window.limit_window_seconds === "number"
+                ? rl.secondary_window.limit_window_seconds * 1000
+                : PERIOD_WEEKLY_MS
+            }))
+          }
+        }
+      }
+
+      if (reviewWindow) {
+        const used = reviewWindow.used_percent
+        if (typeof used === "number") {
+          lines.push(ctx.line.progress({
+            label: "Reviews",
+            used: used,
+            limit: 100,
+            format: { kind: "percent" },
+            resetsAt: getResetsAtIso(ctx, nowSec, reviewWindow),
+            periodDurationMs: PERIOD_WEEKLY_MS // code_review_rate_limit is a 7-day window
+          }))
+        }
+      }
+
+      const creditsBalance = resp.headers["x-codex-credits-balance"]
+      const creditsHeader = readNumber(creditsBalance)
+      const creditsData = data.credits ? readNumber(data.credits.balance) : null
+      const creditsRemaining = creditsHeader ?? creditsData
+      if (creditsRemaining !== null) {
+        const remaining = creditsRemaining
+        const limit = 1000
+        const used = Math.max(0, Math.min(limit, limit - remaining))
+        lines.push(ctx.line.progress({
+          label: "Credits",
+          used: used,
+          limit: limit,
+          format: { kind: "count", suffix: "credits" },
+        }))
+      }
+
+      let plan = null
+      if (data.plan_type) {
+        const planLabel = ctx.fmt.planLabel(data.plan_type)
+        if (planLabel) {
+          plan = planLabel
+        }
+      }
+
+      const tokenUsageResult = queryTokenUsage(ctx)
+      if (tokenUsageResult.status === "ok") {
+        const tokenUsage = tokenUsageResult.data
+        const now = new Date()
+        const todayKey = dayKeyFromDate(now)
+        const yesterday = new Date(now.getTime())
+        yesterday.setDate(yesterday.getDate() - 1)
+        const yesterdayKey = dayKeyFromDate(yesterday)
+
+        let todayEntry = null
+        let yesterdayEntry = null
+        for (let i = 0; i < tokenUsage.daily.length; i++) {
+          const usageDayKey = dayKeyFromUsageDate(tokenUsage.daily[i].date)
+          if (usageDayKey === todayKey) {
+            todayEntry = tokenUsage.daily[i]
+            continue
+          }
+          if (usageDayKey === yesterdayKey) {
+            yesterdayEntry = tokenUsage.daily[i]
+          }
+        }
+
+        pushDayUsageLine(lines, ctx, "Today", todayEntry)
+        pushDayUsageLine(lines, ctx, "Yesterday", yesterdayEntry)
+
+        let totalTokens = 0
+        let totalCostNanos = 0
+        let hasCost = false
+        for (let i = 0; i < tokenUsage.daily.length; i++) {
+          const day = tokenUsage.daily[i]
+          const dayTokens = Number(day.totalTokens)
+          if (Number.isFinite(dayTokens)) {
+            totalTokens += dayTokens
+          }
+
+          const dayCost = usageCostUsd(day)
+          if (dayCost != null) {
+            totalCostNanos += Math.round(dayCost * 1e9)
+            hasCost = true
+          }
+        }
+
+        if (totalTokens > 0) {
+          lines.push(ctx.line.text({
+            label: "Last 30 Days",
+            value: costAndTokensLabel({ tokens: totalTokens, costUSD: hasCost ? totalCostNanos / 1e9 : null })
+          }))
+        }
+      }
+
+      if (lines.length === 0) {
+        lines.push(ctx.line.badge({ label: "Status", text: "No usage data", color: "#a3a3a3" }))
+      }
+
+      return { plan: plan, lines: lines }
+    }
+
+    if (auth.OPENAI_API_KEY) {
+      throw "Usage not available for API key."
+    }
+
+    throw "Not logged in. Run `codex` to authenticate."
+  }
+
+  globalThis.__openusage_plugin = { id: "codex", probe }
+})()