popeye-cli 1.0.1 → 1.2.0

package/dist/auth/grok.js

@@ -0,0 +1,211 @@
+/**
+ * xAI Grok API authentication module
+ * Handles API key validation and storage
+ */
+import * as readline from 'node:readline';
+import OpenAI from 'openai';
+import { getCredential, setCredential, deleteCredential, maskCredential, } from './keychain.js';
+import { ENV_VARS } from '../config/defaults.js';
+/**
+ * Grok API URL (OpenAI-compatible)
+ */
+export const GROK_API_URL = 'https://api.x.ai/v1';
+/**
+ * Keychain account for Grok
+ */
+const GROK_ACCOUNT = 'grok-api';
+/**
+ * Validate a Grok API key by making a test API call
+ *
+ * @param apiKey - The API key to validate
+ * @returns True if the key is valid
+ */
+export async function validateGrokToken(apiKey) {
+    try {
+        const client = new OpenAI({
+            apiKey,
+            baseURL: GROK_API_URL,
+        });
+        // Test the key by making a simple request
+        await client.chat.completions.create({
+            model: 'grok-3',
+            messages: [{ role: 'user', content: 'Say "OK"' }],
+            max_tokens: 5,
+        });
+        return true;
+    }
+    catch (error) {
+        // Check for authentication errors
+        const errorMessage = error instanceof Error ? error.message : '';
+        if (errorMessage.includes('401') ||
+            errorMessage.includes('Invalid API') ||
+            errorMessage.includes('Unauthorized')) {
+            return false;
+        }
+        // For other errors (e.g., rate limits), assume the key might be valid
+        console.warn('Could not fully validate Grok key:', error);
+        return true;
+    }
+}
+/**
+ * Get the Grok API credential
+ */
+export async function getGrokCredential() {
+    // First check file storage
+    const stored = await getCredential(GROK_ACCOUNT);
+    if (stored)
+        return stored;
+    // Fallback to environment variable
+    return process.env[ENV_VARS.GROK_KEY] || null;
+}
+/**
+ * Set the Grok API credential
+ */
+export async function setGrokCredential(apiKey) {
+    return setCredential(GROK_ACCOUNT, apiKey);
+}
+/**
+ * Delete the Grok API credential
+ */
+export async function deleteGrokCredential() {
+    return deleteCredential(GROK_ACCOUNT);
+}
+/**
+ * Check if Grok is already authenticated
+ */
+export async function checkGrokAuth() {
+    try {
+        const apiKey = await getGrokCredential();
+        if (!apiKey) {
+            return { authenticated: false };
+        }
+        // Validate the key
+        const isValid = await validateGrokToken(apiKey);
+        if (!isValid) {
+            return {
+                authenticated: false,
+                error: 'Stored API key is invalid',
+            };
+        }
+        return {
+            authenticated: true,
+            keyLastFour: maskCredential(apiKey),
+        };
+    }
+    catch (error) {
+        return {
+            authenticated: false,
+            error: error instanceof Error ? error.message : 'Unknown error',
+        };
+    }
+}
+/**
+ * Prompt for API key in the terminal
+ *
+ * @returns The entered API key or null if cancelled
+ */
+export async function promptForGrokAPIKey() {
+    return new Promise((resolve) => {
+        const rl = readline.createInterface({
+            input: process.stdin,
+            output: process.stdout,
+        });
+        console.log('\nGet your API key from: https://console.x.ai/\n');
+        rl.question('Enter your Grok API key: ', (answer) => {
+            rl.close();
+            const key = answer.trim();
+            if (key) {
+                resolve(key);
+            }
+            else {
+                resolve(null);
+            }
+        });
+    });
+}
+/**
+ * Authenticate with Grok API
+ *
+ * @returns True if authentication was successful
+ */
+export async function authenticateGrok() {
+    // Check if already authenticated
+    const existingAuth = await checkGrokAuth();
+    if (existingAuth.authenticated) {
+        console.log('Already authenticated with Grok API');
+        return true;
+    }
+    console.log('Grok API key required for AI reviews.');
+    try {
+        // Prompt for the API key
+        const apiKey = await promptForGrokAPIKey();
+        if (!apiKey) {
+            console.error('\nNo API key provided');
+            return false;
+        }
+        // Validate the token
+        console.log('\nValidating API key...');
+        const isValid = await validateGrokToken(apiKey);
+        if (!isValid) {
+            console.error('Invalid Grok API key');
+            return false;
+        }
+        // Store the token
+        await setGrokCredential(apiKey);
+        console.log('Grok API authenticated successfully!\n');
+        return true;
+    }
+    catch (error) {
+        console.error(`Authentication error: ${error instanceof Error ? error.message : error}`);
+        return false;
+    }
+}
+/**
+ * Authenticate with a provided API key (for CLI --api-key option)
+ *
+ * @param apiKey - The API key to use
+ * @returns True if authentication was successful
+ */
+export async function authenticateGrokWithKey(apiKey) {
+    // Validate the token
+    const isValid = await validateGrokToken(apiKey);
+    if (!isValid) {
+        console.error('Invalid Grok API key');
+        return false;
+    }
+    // Store the token
+    await setGrokCredential(apiKey);
+    console.log('Grok API authenticated successfully!\n');
+    return true;
+}
+/**
+ * Logout from Grok API
+ * Removes stored credentials
+ */
+export async function logoutGrok() {
+    const deleted = await deleteGrokCredential();
+    if (deleted) {
+        console.log('Grok API credentials removed.');
+    }
+    else {
+        console.log('No Grok API credentials found.');
+    }
+}
+/**
+ * Get the Grok API key for API calls
+ */
+export async function getGrokToken() {
+    return getGrokCredential();
+}
+/**
+ * Ensure Grok is authenticated
+ * Prompts for authentication if not already authenticated
+ */
+export async function ensureGrokAuth() {
+    const status = await checkGrokAuth();
+    if (status.authenticated) {
+        return true;
+    }
+    return authenticateGrok();
+}
+//# sourceMappingURL=grok.js.map

package/dist/auth/grok.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"grok.js","sourceRoot":"","sources":["../../src/auth/grok.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,QAAQ,MAAM,eAAe,CAAC;AAC1C,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EACL,aAAa,EACb,aAAa,EACb,gBAAgB,EAChB,cAAc,GACf,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AAEjD;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,qBAAqB,CAAC;AAElD;;GAEG;AACH,MAAM,YAAY,GAAG,UAAU,CAAC;AAWhC;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAAc;IACpD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC;YACxB,MAAM;YACN,OAAO,EAAE,YAAY;SACtB,CAAC,CAAC;QAEH,0CAA0C;QAC1C,MAAM,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;YACnC,KAAK,EAAE,QAAQ;YACf,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;YACjD,UAAU,EAAE,CAAC;SACd,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,kCAAkC;QAClC,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QACjE,IACE,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC;YAC5B,YAAY,CAAC,QAAQ,CAAC,aAAa,CAAC;YACpC,YAAY,CAAC,QAAQ,CAAC,cAAc,CAAC,EACrC,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,sEAAsE;QACtE,OAAO,CAAC,IAAI,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;QAC1D,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB;IACrC,2BAA2B;IAC3B,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,YAAY,CAAC,CAAC;IACjD,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,mCAAmC;IACnC,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC;AAChD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAAc;IACpD,OAAO,aAAa,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;AAC7C,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB;IACxC,OAAO,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,iBAAiB,EAAE,CAAC;QAEzC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;QAClC,CAAC;QAED,mBAAmB;QACnB,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAEhD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO;gBACL,aAAa,EAAE,KAAK;gBACpB,KAAK,EAAE,2BAA2B;aACnC,CAAC;QACJ,CAAC;QAED,OAAO;YACL,aAAa,EAAE,IAAI;YACnB,WAAW,EAAE,cAAc,CAAC,MAAM,CAAC;SACpC,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,aAAa,EAAE,KAAK;YACpB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;SAChE,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB;IACvC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM,EAAE,GAAG,QAAQ,CAAC,eAAe,CAAC;YAClC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,MAAM,EAAE,OAAO,CAAC,MAAM;SACvB,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;QAEhE,EAAE,CAAC,QAAQ,CAAC,2BAA2B,EAAE,CAAC,MAAM,EAAE,EAAE;YAClD,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;YAC1B,IAAI,GAAG,EAAE,CAAC;gBACR,OAAO,CAAC,GAAG,CAAC,CAAC;YACf,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,iCAAiC;IACjC,MAAM,YAAY,GAAG,MAAM,aAAa,EAAE,CAAC;IAC3C,IAAI,YAAY,CAAC,aAAa,EAAE,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;IAErD,IAAI,CAAC;QACH,yBAAyB;QACzB,MAAM,MAAM,GAAG,MAAM,mBAAmB,EAAE,CAAC;QAE3C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;YACvC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,qBAAqB;QACrB,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAEhD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;YACtC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,kBAAkB;QAClB,MAAM,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAChC,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,CAAC;QAEtD,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,yBAAyB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QACzF,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,MAAc;IAC1D,qBAAqB;IACrB,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAEhD,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;QACtC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,kBAAkB;IAClB,MAAM,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAChC,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,CAAC;IAEtD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU;IAC9B,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC7C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;IAC/C,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;IAChD,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY;IAChC,OAAO,iBAAiB,EAAE,CAAC;AAC7B,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;IAErC,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,gBAAgB,EAAE,CAAC;AAC5B,CAAC"}

package/dist/auth/index.d.ts

@@ -1,12 +1,16 @@
 /**
  * Authentication orchestration module
- * Coordinates authentication for both Claude CLI and OpenAI API
+ * Coordinates authentication for Claude CLI, OpenAI API, Gemini API, and Grok API
  */
 import { type ClaudeAuthStatus } from './claude.js';
 import { type OpenAIAuthStatus } from './openai.js';
+import { type GeminiAuthStatus } from './gemini.js';
+import { type GrokAuthStatus } from './grok.js';
 import type { AuthStatus } from '../types/index.js';
 export * from './claude.js';
 export * from './openai.js';
+export * from './gemini.js';
+export * from './grok.js';
 export * from './keychain.js';
 export * from './server.js';
 /**
@@ -15,10 +19,13 @@ export * from './server.js';
 export interface CombinedAuthStatus {
     claude: ClaudeAuthStatus;
     openai: OpenAIAuthStatus;
+    gemini: GeminiAuthStatus;
+    grok: GrokAuthStatus;
     fullyAuthenticated: boolean;
+    hasArbitrator: boolean;
 }
 /**
- * Get the authentication status for both services
+ * Get the authentication status for all services
  */
 export declare function getAuthStatus(): Promise<CombinedAuthStatus>;
 /**
@@ -35,23 +42,23 @@ export declare function ensureAuthenticated(): Promise<boolean>;
 /**
  * Authenticate a specific service
  *
- * @param service - The service to authenticate ('claude', 'openai', or 'all')
+ * @param service - The service to authenticate ('claude', 'openai', 'gemini', 'grok', or 'all')
  * @returns True if authentication was successful
  */
-export declare function authenticateService(service: 'claude' | 'openai' | 'all'): Promise<boolean>;
+export declare function authenticateService(service: 'claude' | 'openai' | 'gemini' | 'grok' | 'all'): Promise<boolean>;
 /**
  * Logout from a specific service or all services
  *
- * @param service - The service to logout from ('claude', 'openai', or 'all')
+ * @param service - The service to logout from ('claude', 'openai', 'gemini', 'grok', or 'all')
  */
-export declare function logout(service: 'claude' | 'openai' | 'all'): Promise<void>;
+export declare function logout(service: 'claude' | 'openai' | 'gemini' | 'grok' | 'all'): Promise<void>;
 /**
  * Check if a specific service is authenticated
  *
  * @param service - The service to check
  * @returns True if the service is authenticated
  */
-export declare function isAuthenticated(service: 'claude' | 'openai' | 'both'): Promise<boolean>;
+export declare function isAuthenticated(service: 'claude' | 'openai' | 'gemini' | 'grok' | 'both' | 'all'): Promise<boolean>;
 /**
  * Require authentication, throwing an error if not authenticated
  *

package/dist/auth/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAwD,KAAK,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC1G,OAAO,EAAqD,KAAK,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEvG,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAGpD,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAC5B,cAAc,eAAe,CAAC;AAC9B,cAAc,aAAa,CAAC;AAE5B;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,gBAAgB,CAAC;IACzB,MAAM,EAAE,gBAAgB,CAAC;IACzB,kBAAkB,EAAE,OAAO,CAAC;CAC7B;AAED;;GAEG;AACH,wBAAsB,aAAa,IAAI,OAAO,CAAC,kBAAkB,CAAC,CAWjE;AAED;;GAEG;AACH,wBAAsB,uBAAuB,IAAI,OAAO,CAAC,UAAU,CAAC,CAenE;AAED;;;;;GAKG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,OAAO,CAAC,CA4B5D;AAED;;;;;GAKG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,QAAQ,GAAG,QAAQ,GAAG,KAAK,GACnC,OAAO,CAAC,OAAO,CAAC,CASlB;AAED;;;;GAIG;AACH,wBAAsB,MAAM,CAAC,OAAO,EAAE,QAAQ,GAAG,QAAQ,GAAG,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAahF;AAED;;;;;GAKG;AACH,wBAAsB,eAAe,CAAC,OAAO,EAAE,QAAQ,GAAG,QAAQ,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAW7F;AAED;;;;GAIG;AACH,wBAAsB,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC,CAUjD"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAwD,KAAK,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC1G,OAAO,EAAqD,KAAK,gBAAgB,EAAE,MAAM,aAAa,CAAC;AACvG,OAAO,EAAqD,KAAK,gBAAgB,EAAE,MAAM,aAAa,CAAC;AACvG,OAAO,EAA+C,KAAK,cAAc,EAAE,MAAM,WAAW,CAAC;AAE7F,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAGpD,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAC5B,cAAc,WAAW,CAAC;AAC1B,cAAc,eAAe,CAAC;AAC9B,cAAc,aAAa,CAAC;AAE5B;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,gBAAgB,CAAC;IACzB,MAAM,EAAE,gBAAgB,CAAC;IACzB,MAAM,EAAE,gBAAgB,CAAC;IACzB,IAAI,EAAE,cAAc,CAAC;IACrB,kBAAkB,EAAE,OAAO,CAAC;IAC5B,aAAa,EAAE,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,wBAAsB,aAAa,IAAI,OAAO,CAAC,kBAAkB,CAAC,CAgBjE;AAED;;GAEG;AACH,wBAAsB,uBAAuB,IAAI,OAAO,CAAC,UAAU,CAAC,CAuBnE;AAED;;;;;GAKG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,OAAO,CAAC,CA4B5D;AAED;;;;;GAKG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,QAAQ,GAAG,QAAQ,GAAG,QAAQ,GAAG,MAAM,GAAG,KAAK,GACvD,OAAO,CAAC,OAAO,CAAC,CAalB;AAED;;;;GAIG;AACH,wBAAsB,MAAM,CAAC,OAAO,EAAE,QAAQ,GAAG,QAAQ,GAAG,QAAQ,GAAG,MAAM,GAAG,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAqBpG;AAED;;;;;GAKG;AACH,wBAAsB,eAAe,CAAC,OAAO,EAAE,QAAQ,GAAG,QAAQ,GAAG,QAAQ,GAAG,MAAM,GAAG,MAAM,GAAG,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,CAiBzH;AAED;;;;GAIG;AACH,wBAAsB,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC,CAUjD"}

package/dist/auth/index.js

@@ -1,27 +1,36 @@
 /**
  * Authentication orchestration module
- * Coordinates authentication for both Claude CLI and OpenAI API
+ * Coordinates authentication for Claude CLI, OpenAI API, Gemini API, and Grok API
  */
 import { checkClaudeCLIAuth, authenticateClaude, logoutClaude } from './claude.js';
 import { checkOpenAIAuth, authenticateOpenAI, logoutOpenAI } from './openai.js';
-import { clearAllCredentials } from './keychain.js';
+import { checkGeminiAuth, authenticateGemini, logoutGemini } from './gemini.js';
+import { checkGrokAuth, authenticateGrok, logoutGrok } from './grok.js';
+import { clearAllCredentials, deleteCredential } from './keychain.js';
 // Re-export individual auth modules
 export * from './claude.js';
 export * from './openai.js';
+export * from './gemini.js';
+export * from './grok.js';
 export * from './keychain.js';
 export * from './server.js';
 /**
- * Get the authentication status for both services
+ * Get the authentication status for all services
  */
 export async function getAuthStatus() {
-    const [claudeStatus, openaiStatus] = await Promise.all([
+    const [claudeStatus, openaiStatus, geminiStatus, grokStatus] = await Promise.all([
         checkClaudeCLIAuth(),
         checkOpenAIAuth(),
+        checkGeminiAuth(),
+        checkGrokAuth(),
     ]);
     return {
         claude: claudeStatus,
         openai: openaiStatus,
+        gemini: geminiStatus,
+        grok: grokStatus,
         fullyAuthenticated: claudeStatus.authenticated && openaiStatus.authenticated,
+        hasArbitrator: geminiStatus.authenticated || openaiStatus.authenticated || grokStatus.authenticated,
     };
 }
 /**
@@ -40,6 +49,14 @@ export async function getAuthStatusForDisplay() {
             keyLastFour: status.openai.keyLastFour,
             modelAccess: status.openai.modelAccess,
         },
+        gemini: {
+            authenticated: status.gemini.authenticated,
+            keyLastFour: status.gemini.keyLastFour,
+        },
+        grok: {
+            authenticated: status.grok.authenticated,
+            keyLastFour: status.grok.keyLastFour,
+        },
     };
 }
 /**
@@ -75,7 +92,7 @@ export async function ensureAuthenticated() {
 /**
  * Authenticate a specific service
  *
- * @param service - The service to authenticate ('claude', 'openai', or 'all')
+ * @param service - The service to authenticate ('claude', 'openai', 'gemini', 'grok', or 'all')
  * @returns True if authentication was successful
  */
 export async function authenticateService(service) {
@@ -84,6 +101,10 @@ export async function authenticateService(service) {
             return authenticateClaude();
         case 'openai':
             return authenticateOpenAI();
+        case 'gemini':
+            return authenticateGemini();
+        case 'grok':
+            return authenticateGrok();
         case 'all':
             return ensureAuthenticated();
     }
@@ -91,7 +112,7 @@ export async function authenticateService(service) {
 /**
  * Logout from a specific service or all services
  *
- * @param service - The service to logout from ('claude', 'openai', or 'all')
+ * @param service - The service to logout from ('claude', 'openai', 'gemini', 'grok', or 'all')
  */
 export async function logout(service) {
     switch (service) {
@@ -101,8 +122,16 @@ export async function logout(service) {
         case 'openai':
             await logoutOpenAI();
             break;
+        case 'gemini':
+            await logoutGemini();
+            break;
+        case 'grok':
+            await logoutGrok();
+            break;
         case 'all':
             await clearAllCredentials();
+            // Also clear grok credential
+            await deleteCredential('grok-api');
             console.log('All credentials removed.');
             break;
     }
@@ -120,8 +149,14 @@ export async function isAuthenticated(service) {
             return status.claude.authenticated;
         case 'openai':
             return status.openai.authenticated;
+        case 'gemini':
+            return status.gemini.authenticated;
+        case 'grok':
+            return status.grok.authenticated;
         case 'both':
             return status.fullyAuthenticated;
+        case 'all':
+            return status.fullyAuthenticated && status.gemini.authenticated;
     }
 }
 /**

package/dist/auth/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,YAAY,EAAyB,MAAM,aAAa,CAAC;AAC1G,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,YAAY,EAAyB,MAAM,aAAa,CAAC;AACvG,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAGpD,oCAAoC;AACpC,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAC5B,cAAc,eAAe,CAAC;AAC9B,cAAc,aAAa,CAAC;AAW5B;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,MAAM,CAAC,YAAY,EAAE,YAAY,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QACrD,kBAAkB,EAAE;QACpB,eAAe,EAAE;KAClB,CAAC,CAAC;IAEH,OAAO;QACL,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,YAAY;QACpB,kBAAkB,EAAE,YAAY,CAAC,aAAa,IAAI,YAAY,CAAC,aAAa;KAC7E,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB;IAC3C,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;IAErC,OAAO;QACL,MAAM,EAAE;YACN,aAAa,EAAE,MAAM,CAAC,MAAM,CAAC,aAAa;YAC1C,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI;YACxB,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO;SAC/B;QACD,MAAM,EAAE;YACN,aAAa,EAAE,MAAM,CAAC,MAAM,CAAC,aAAa;YAC1C,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,WAAW;YACtC,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,WAAW;SACvC;KACF,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB;IACvC,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;IAErC,IAAI,MAAM,CAAC,kBAAkB,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,OAAO,GAAG,IAAI,CAAC;IAEnB,gCAAgC;IAChC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;QACrD,MAAM,aAAa,GAAG,MAAM,kBAAkB,EAAE,CAAC;QACjD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,GAAG,KAAK,CAAC;QAClB,CAAC;IACH,CAAC;IAED,gCAAgC;IAChC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;QACrD,MAAM,aAAa,GAAG,MAAM,kBAAkB,EAAE,CAAC;QACjD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,GAAG,KAAK,CAAC;QAClB,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAoC;IAEpC,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,QAAQ;YACX,OAAO,kBAAkB,EAAE,CAAC;QAC9B,KAAK,QAAQ;YACX,OAAO,kBAAkB,EAAE,CAAC;QAC9B,KAAK,KAAK;YACR,OAAO,mBAAmB,EAAE,CAAC;IACjC,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,OAAoC;IAC/D,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,QAAQ;YACX,MAAM,YAAY,EAAE,CAAC;YACrB,MAAM;QACR,KAAK,QAAQ;YACX,MAAM,YAAY,EAAE,CAAC;YACrB,MAAM;QACR,KAAK,KAAK;YACR,MAAM,mBAAmB,EAAE,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;YACxC,MAAM;IACV,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,OAAqC;IACzE,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;IAErC,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,QAAQ;YACX,OAAO,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;QACrC,KAAK,QAAQ;YACX,OAAO,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;QACrC,KAAK,MAAM;YACT,OAAO,MAAM,CAAC,kBAAkB,CAAC;IACrC,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;IAErC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;IACrF,CAAC;IAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;IACrF,CAAC;AACH,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,YAAY,EAAyB,MAAM,aAAa,CAAC;AAC1G,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,YAAY,EAAyB,MAAM,aAAa,CAAC;AACvG,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,YAAY,EAAyB,MAAM,aAAa,CAAC;AACvG,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,UAAU,EAAuB,MAAM,WAAW,CAAC;AAC7F,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAGtE,oCAAoC;AACpC,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAC5B,cAAc,WAAW,CAAC;AAC1B,cAAc,eAAe,CAAC;AAC9B,cAAc,aAAa,CAAC;AAc5B;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,MAAM,CAAC,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,UAAU,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAC/E,kBAAkB,EAAE;QACpB,eAAe,EAAE;QACjB,eAAe,EAAE;QACjB,aAAa,EAAE;KAChB,CAAC,CAAC;IAEH,OAAO;QACL,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,YAAY;QACpB,IAAI,EAAE,UAAU;QAChB,kBAAkB,EAAE,YAAY,CAAC,aAAa,IAAI,YAAY,CAAC,aAAa;QAC5E,aAAa,EAAE,YAAY,CAAC,aAAa,IAAI,YAAY,CAAC,aAAa,IAAI,UAAU,CAAC,aAAa;KACpG,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB;IAC3C,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;IAErC,OAAO;QACL,MAAM,EAAE;YACN,aAAa,EAAE,MAAM,CAAC,MAAM,CAAC,aAAa;YAC1C,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI;YACxB,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO;SAC/B;QACD,MAAM,EAAE;YACN,aAAa,EAAE,MAAM,CAAC,MAAM,CAAC,aAAa;YAC1C,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,WAAW;YACtC,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,WAAW;SACvC;QACD,MAAM,EAAE;YACN,aAAa,EAAE,MAAM,CAAC,MAAM,CAAC,aAAa;YAC1C,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,WAAW;SACvC;QACD,IAAI,EAAE;YACJ,aAAa,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa;YACxC,WAAW,EAAE,MAAM,CAAC,IAAI,CAAC,WAAW;SACrC;KACF,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB;IACvC,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;IAErC,IAAI,MAAM,CAAC,kBAAkB,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,OAAO,GAAG,IAAI,CAAC;IAEnB,gCAAgC;IAChC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;QACrD,MAAM,aAAa,GAAG,MAAM,kBAAkB,EAAE,CAAC;QACjD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,GAAG,KAAK,CAAC;QAClB,CAAC;IACH,CAAC;IAED,gCAAgC;IAChC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;QACrD,MAAM,aAAa,GAAG,MAAM,kBAAkB,EAAE,CAAC;QACjD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,GAAG,KAAK,CAAC;QAClB,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAwD;IAExD,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,QAAQ;YACX,OAAO,kBAAkB,EAAE,CAAC;QAC9B,KAAK,QAAQ;YACX,OAAO,kBAAkB,EAAE,CAAC;QAC9B,KAAK,QAAQ;YACX,OAAO,kBAAkB,EAAE,CAAC;QAC9B,KAAK,MAAM;YACT,OAAO,gBAAgB,EAAE,CAAC;QAC5B,KAAK,KAAK;YACR,OAAO,mBAAmB,EAAE,CAAC;IACjC,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,OAAwD;IACnF,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,QAAQ;YACX,MAAM,YAAY,EAAE,CAAC;YACrB,MAAM;QACR,KAAK,QAAQ;YACX,MAAM,YAAY,EAAE,CAAC;YACrB,MAAM;QACR,KAAK,QAAQ;YACX,MAAM,YAAY,EAAE,CAAC;YACrB,MAAM;QACR,KAAK,MAAM;YACT,MAAM,UAAU,EAAE,CAAC;YACnB,MAAM;QACR,KAAK,KAAK;YACR,MAAM,mBAAmB,EAAE,CAAC;YAC5B,6BAA6B;YAC7B,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;YACxC,MAAM;IACV,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,OAAiE;IACrG,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;IAErC,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,QAAQ;YACX,OAAO,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;QACrC,KAAK,QAAQ;YACX,OAAO,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;QACrC,KAAK,QAAQ;YACX,OAAO,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;QACrC,KAAK,MAAM;YACT,OAAO,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC;QACnC,KAAK,MAAM;YACT,OAAO,MAAM,CAAC,kBAAkB,CAAC;QACnC,KAAK,KAAK;YACR,OAAO,MAAM,CAAC,kBAAkB,IAAI,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;IACpE,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;IAErC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;IACrF,CAAC;IAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;IACrF,CAAC;AACH,CAAC"}

package/dist/auth/keychain.d.ts

@@ -1,31 +1,32 @@
 /**
- * Keychain wrapper for secure credential storage
- * Uses keytar for cross-platform keychain access (macOS Keychain, Windows Credential Vault, Linux Secret Service)
+ * Credential storage module
+ * Uses file-based storage in ~/.popeye/ directory
+ * Falls back to environment variables
  */
 /**
- * Get a credential from the system keychain
- * Falls back to environment variable if keychain is unavailable
+ * Get a credential from storage
+ * Falls back to environment variable if not found
  *
  * @param account - The account name (e.g., 'claude-cli', 'openai-api')
  * @returns The stored credential or null if not found
  */
 export declare function getCredential(account: string): Promise<string | null>;
 /**
- * Store a credential in the system keychain
+ * Store a credential
  *
  * @param account - The account name
  * @param password - The credential to store
  */
 export declare function setCredential(account: string, password: string): Promise<void>;
 /**
- * Delete a credential from the system keychain
+ * Delete a credential from storage
  *
  * @param account - The account name
  * @returns True if the credential was deleted, false if it didn't exist
  */
 export declare function deleteCredential(account: string): Promise<boolean>;
 /**
- * Check if a credential exists in the keychain
+ * Check if a credential exists
  *
  * @param account - The account name
  * @returns True if the credential exists
@@ -55,6 +56,18 @@ export declare function setOpenAICredential(apiKey: string): Promise<void>;
  * Delete the OpenAI API credential
  */
 export declare function deleteOpenAICredential(): Promise<boolean>;
+/**
+ * Get the Gemini API credential
+ */
+export declare function getGeminiCredential(): Promise<string | null>;
+/**
+ * Set the Gemini API credential
+ */
+export declare function setGeminiCredential(apiKey: string): Promise<void>;
+/**
+ * Delete the Gemini API credential
+ */
+export declare function deleteGeminiCredential(): Promise<boolean>;
 /**
  * Clear all stored credentials
  */

package/dist/auth/keychain.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"keychain.d.ts","sourceRoot":"","sources":["../../src/auth/keychain.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH;;;;;;GAMG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAoB3E;AAED;;;;;GAKG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAQpF;AAED;;;;;GAKG;AACH,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAOxE;AAED;;;;;GAKG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAGrE;AAED;;GAEG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAElE;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAEtE;AAED;;GAEG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,OAAO,CAAC,CAE/D;AAED;;GAEG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAElE;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAEvE;AAED;;GAEG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,OAAO,CAAC,CAE/D;AAED;;GAEG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC,CAGzD;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAKzD"}
+{"version":3,"file":"keychain.d.ts","sourceRoot":"","sources":["../../src/auth/keychain.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AA+CH;;;;;;GAMG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAqB3E;AAED;;;;;GAKG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAKpF;AAED;;;;;GAKG;AACH,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAWxE;AAED;;;;;GAKG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAGrE;AAED;;GAEG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAElE;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAEtE;AAED;;GAEG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,OAAO,CAAC,CAE/D;AAED;;GAEG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAElE;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAEvE;AAED;;GAEG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,OAAO,CAAC,CAE/D;AAED;;GAEG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAElE;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAEvE;AAED;;GAEG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,OAAO,CAAC,CAE/D;AAED;;GAEG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC,CAIzD;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAKzD"}

package/dist/auth/keychain.js

@@ -1,26 +1,61 @@
 /**
- * Keychain wrapper for secure credential storage
- * Uses keytar for cross-platform keychain access (macOS Keychain, Windows Credential Vault, Linux Secret Service)
+ * Credential storage module
+ * Uses file-based storage in ~/.popeye/ directory
+ * Falls back to environment variables
  */
-import * as keytar from 'keytar';
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import * as os from 'node:os';
 import { SERVICE_NAME, KEYCHAIN_ACCOUNTS, ENV_VARS } from '../config/defaults.js';
 /**
- * Get a credential from the system keychain
- * Falls back to environment variable if keychain is unavailable
- *
- * @param account - The account name (e.g., 'claude-cli', 'openai-api')
- * @returns The stored credential or null if not found
+ * Get the credentials file path
  */
-export async function getCredential(account) {
+function getCredentialsPath() {
+    const popeyeDir = path.join(os.homedir(), '.popeye');
+    // Ensure directory exists
+    if (!fs.existsSync(popeyeDir)) {
+        fs.mkdirSync(popeyeDir, { mode: 0o700, recursive: true });
+    }
+    return path.join(popeyeDir, 'credentials.json');
+}
+/**
+ * Load credentials from file
+ */
+function loadCredentials() {
     try {
-        const password = await keytar.getPassword(SERVICE_NAME, account);
-        if (password) {
-            return password;
+        const filePath = getCredentialsPath();
+        if (fs.existsSync(filePath)) {
+            const data = fs.readFileSync(filePath, 'utf-8');
+            return JSON.parse(data);
         }
     }
     catch {
-        // Keychain unavailable, fall back to environment variables
-        console.warn(`Keychain unavailable for ${account}, checking environment variables`);
+        // Ignore errors, return empty
+    }
+    return {};
+}
+/**
+ * Save credentials to file
+ */
+function saveCredentials(credentials) {
+    const filePath = getCredentialsPath();
+    fs.writeFileSync(filePath, JSON.stringify(credentials, null, 2), {
+        mode: 0o600, // Owner read/write only
+    });
+}
+/**
+ * Get a credential from storage
+ * Falls back to environment variable if not found
+ *
+ * @param account - The account name (e.g., 'claude-cli', 'openai-api')
+ * @returns The stored credential or null if not found
+ */
+export async function getCredential(account) {
+    // First check file storage
+    const credentials = loadCredentials();
+    const key = `${SERVICE_NAME}:${account}`;
+    if (credentials[key]) {
+        return credentials[key];
     }
     // Fallback to environment variables
     if (account === KEYCHAIN_ACCOUNTS.OPENAI) {
@@ -29,39 +64,41 @@ export async function getCredential(account) {
     if (account === KEYCHAIN_ACCOUNTS.CLAUDE) {
         return process.env[ENV_VARS.ANTHROPIC_KEY] || null;
     }
+    if (account === KEYCHAIN_ACCOUNTS.GEMINI) {
+        return process.env[ENV_VARS.GEMINI_KEY] || null;
+    }
     return null;
 }
 /**
- * Store a credential in the system keychain
+ * Store a credential
  *
  * @param account - The account name
  * @param password - The credential to store
  */
 export async function setCredential(account, password) {
-    try {
-        await keytar.setPassword(SERVICE_NAME, account, password);
-    }
-    catch (error) {
-        throw new Error(`Failed to store credential in keychain: ${error instanceof Error ? error.message : 'Unknown error'}`);
-    }
+    const credentials = loadCredentials();
+    const key = `${SERVICE_NAME}:${account}`;
+    credentials[key] = password;
+    saveCredentials(credentials);
 }
 /**
- * Delete a credential from the system keychain
+ * Delete a credential from storage
  *
  * @param account - The account name
  * @returns True if the credential was deleted, false if it didn't exist
  */
 export async function deleteCredential(account) {
-    try {
-        return await keytar.deletePassword(SERVICE_NAME, account);
-    }
-    catch (error) {
-        console.warn(`Failed to delete credential from keychain: ${error}`);
-        return false;
+    const credentials = loadCredentials();
+    const key = `${SERVICE_NAME}:${account}`;
+    if (credentials[key]) {
+        delete credentials[key];
+        saveCredentials(credentials);
+        return true;
     }
+    return false;
 }
 /**
- * Check if a credential exists in the keychain
+ * Check if a credential exists
  *
  * @param account - The account name
  * @returns True if the credential exists
@@ -106,12 +143,31 @@ export async function setOpenAICredential(apiKey) {
 export async function deleteOpenAICredential() {
     return deleteCredential(KEYCHAIN_ACCOUNTS.OPENAI);
 }
+/**
+ * Get the Gemini API credential
+ */
+export async function getGeminiCredential() {
+    return getCredential(KEYCHAIN_ACCOUNTS.GEMINI);
+}
+/**
+ * Set the Gemini API credential
+ */
+export async function setGeminiCredential(apiKey) {
+    return setCredential(KEYCHAIN_ACCOUNTS.GEMINI, apiKey);
+}
+/**
+ * Delete the Gemini API credential
+ */
+export async function deleteGeminiCredential() {
+    return deleteCredential(KEYCHAIN_ACCOUNTS.GEMINI);
+}
 /**
  * Clear all stored credentials
  */
 export async function clearAllCredentials() {
     await deleteClaudeCredential();
     await deleteOpenAICredential();
+    await deleteGeminiCredential();
 }
 /**
  * Get the last 4 characters of a credential for display purposes