theclawbay 0.3.49 → 0.3.51

package/dist/commands/setup.js

@@ -970,6 +970,23 @@ function summarizeModelFetchFailure(detail) {
         return normalized;
     return `${normalized.slice(0, 137).trimEnd()}...`;
 }
+function isCredentialRejectedFailure(detail) {
+    if (!detail)
+        return false;
+    const normalized = detail.toLowerCase();
+    return (normalized.includes("http 401") ||
+        normalized.includes("invalid api key") ||
+        normalized.includes("missing bearer token") ||
+        normalized.includes("device session not found") ||
+        normalized.includes("billing access required"));
+}
+function describeCredentialRejection(authType, failure) {
+    const detail = failure?.trim() || "credential rejected by backend";
+    if (authType === "device-session") {
+        return `The saved device-session credential was rejected by the backend (${detail}). Re-link this machine in the browser or run \`theclawbay logout\` before rerunning setup.`;
+    }
+    return `The provided API key was rejected by the backend (${detail}). Update the key and rerun setup.`;
+}
 async function fetchBackendModelIds(backendUrl, apiKey) {
     const url = `${openAiCompatibleProxyUrl(backendUrl)}/models`;
     try {
@@ -1194,6 +1211,7 @@ async function resolveModels(backendUrl, apiKey) {
     const available = new Set(ids ?? []);
     let selected = DEFAULT_CODEX_MODEL;
     let note;
+    const authRejected = isCredentialRejectedFailure(failure);
     for (const preferred of PREFERRED_MODELS) {
         if (available.has(preferred)) {
             selected = preferred;
@@ -1224,20 +1242,27 @@ async function resolveModels(backendUrl, apiKey) {
         model: selected,
         models: unique.map((modelId) => ({ id: modelId, name: modelDisplayName(modelId) })),
         note,
+        failure,
+        authRejected,
     };
 }
 async function resolveClaudeAccess(backendUrl, apiKey) {
     const { ids, failure } = await fetchClaudeModelIds(backendUrl, apiKey);
+    const authRejected = isCredentialRejectedFailure(failure);
     if (!ids?.length) {
         return {
             enabled: false,
             models: [],
             note: failure ? `Claude Code auto-setup skipped (${failure}).` : undefined,
+            failure,
+            authRejected,
         };
     }
     return {
         enabled: true,
         models: ids,
+        failure,
+        authRejected,
     };
 }
 async function writeCodexConfig(params) {
@@ -1429,7 +1454,15 @@ async function persistApiKeyEnv(params) {
     await promises_1.default.writeFile(ENV_FILE, envContents, "utf8");
     await promises_1.default.chmod(ENV_FILE, 0o600);
     const sourceLine = `[ -f "$HOME/.config/theclawbay/env" ] && . "$HOME/.config/theclawbay/env"`;
-    const shellRcPaths = [".bashrc", ".zshrc", ".profile"].map((name) => node_path_1.default.join(node_os_1.default.homedir(), name));
+    const shellRcPaths = [
+        ".bashrc",
+        ".bash_profile",
+        ".bash_login",
+        ".zshrc",
+        ".zprofile",
+        ".zlogin",
+        ".profile",
+    ].map((name) => node_path_1.default.join(node_os_1.default.homedir(), name));
     const updated = [];
     for (const rcPath of shellRcPaths) {
         let existing = "";
@@ -1457,6 +1490,19 @@ async function persistApiKeyEnv(params) {
     }
     return updated;
 }
+async function persistFishEnv(params) {
+    const fishConfPath = node_path_1.default.join(node_os_1.default.homedir(), ".config", "fish", "conf.d", "theclawbay.fish");
+    await promises_1.default.mkdir(node_path_1.default.dirname(fishConfPath), { recursive: true });
+    const lines = [
+        "# Generated by theclawbay setup",
+        `set -gx ${ENV_KEY_NAME} ${shellQuote(params.apiKey)}`,
+    ];
+    if (params.claudeEnabled) {
+        lines.push("", "# Official Claude Code CLI", `set -gx ${CLAUDE_ENV_API_KEY_NAME} ${shellQuote(params.apiKey)}`, `set -gx ${CLAUDE_ENV_BASE_URL_NAME} ${shellQuote(anthropicCompatibleProxyUrl(params.backendUrl))}`);
+    }
+    await promises_1.default.writeFile(fishConfPath, `${lines.join("\n")}\n`, "utf8");
+    return [fishConfPath];
+}
 function powerShellProfilePaths() {
     if (node_os_1.default.platform() !== "win32")
         return [];
@@ -2091,7 +2137,7 @@ class SetupCommand extends base_command_1.BaseCommand {
             if (flags["migrate-conversations"] !== undefined && !selectedSetupClients.has("codex")) {
                 throw new Error("--migrate-conversations requires Codex to be selected for setup.");
             }
-            if (!authCredential) {
+            const linkFreshDeviceSession = async () => {
                 deviceLabel = await resolveDeviceLabel({
                     flagValue: flags["device-name"],
                     managedValue: managed?.deviceLabel,
@@ -2107,11 +2153,22 @@ class SetupCommand extends base_command_1.BaseCommand {
                 authCredential = browserAuth.credential;
                 deviceSessionId = browserAuth.deviceSessionId;
                 deviceLabel = browserAuth.deviceLabel;
+            };
+            if (!authCredential) {
+                await linkFreshDeviceSession();
+            }
+            else if (!explicitApiKey && managedAuthType === "device-session") {
+                const managedProbe = await fetchBackendModelIds(backendUrl, authCredential);
+                if (isCredentialRejectedFailure(managedProbe.failure)) {
+                    this.log(`Saved device-session credential was rejected by the backend (${managedProbe.failure}). Re-linking this machine now.`);
+                    await linkFreshDeviceSession();
+                }
             }
             const progress = this.createProgressHandle(!debugOutput);
             let resolved = null;
             let claudeAccess = null;
             let updatedShellFiles = [];
+            let updatedFishFiles = [];
             let updatedPowerShellProfiles = [];
             let codexConfigPath = null;
             let updatedVsCodeEnvFiles = [];
@@ -2134,9 +2191,15 @@ class SetupCommand extends base_command_1.BaseCommand {
                 if (selectedSetupClients.size > 0) {
                     progress.update("Resolving supported models");
                     resolved = await resolveModels(backendUrl, authCredential);
+                    if (resolved.authRejected) {
+                        throw new Error(describeCredentialRejection(authType, resolved.failure));
+                    }
                 }
                 progress.update("Checking Claude access");
                 claudeAccess = await resolveClaudeAccess(backendUrl, authCredential);
+                if (!resolved?.authRejected && claudeAccess.authRejected) {
+                    throw new Error(describeCredentialRejection(authType, claudeAccess.failure));
+                }
                 progress.update("Saving shared machine config");
                 await (0, config_1.writeManagedConfig)({
                     backendUrl,
@@ -2150,11 +2213,19 @@ class SetupCommand extends base_command_1.BaseCommand {
                     backendUrl,
                     claudeEnabled: claudeAccess.enabled,
                 });
+                updatedFishFiles = await persistFishEnv({
+                    apiKey: authCredential,
+                    backendUrl,
+                    claudeEnabled: claudeAccess.enabled,
+                });
                 updatedPowerShellProfiles = await persistPowerShellEnv({
                     apiKey: authCredential,
                     backendUrl,
                     claudeEnabled: claudeAccess.enabled,
                 });
+                if (selectedSetupClients.has("codex") || selectedSetupClients.has("claude")) {
+                    updatedVsCodeEnvFiles = await persistVsCodeServerEnvSource();
+                }
                 if (selectedSetupClients.has("codex")) {
                     progress.update("Configuring Codex");
                     codexConfigPath = await writeCodexConfig({
@@ -2162,7 +2233,6 @@ class SetupCommand extends base_command_1.BaseCommand {
                         model: resolved?.model ?? DEFAULT_CODEX_MODEL,
                         apiKey: authCredential,
                     });
-                    updatedVsCodeEnvFiles = await persistVsCodeServerEnvSource();
                     if (migrateCodexConversations) {
                         sessionMigration = await (0, codex_history_migration_1.migrateSessionProviders)({
                             codexHome: paths_1.codexDir,
@@ -2345,6 +2415,9 @@ class SetupCommand extends base_command_1.BaseCommand {
             }
             this.log(`- Local credential env: ${ENV_FILE}`);
             this.log(`- Shell profiles updated: ${updatedShellFiles.join(", ")}`);
+            if (updatedFishFiles.length > 0) {
+                this.log(`- Fish profiles updated: ${updatedFishFiles.join(", ")}`);
+            }
             if (updatedPowerShellProfiles.length > 0) {
                 this.log(`- PowerShell profiles updated: ${updatedPowerShellProfiles.join(", ")}`);
             }
@@ -2438,6 +2511,7 @@ class SetupCommand extends base_command_1.BaseCommand {
             const openCodeDetected = setupClients.find((client) => client.id === "opencode")?.detected ?? false;
             if (selectedSetupClients.has("opencode")) {
                 this.log(`- OpenCode: configured (${openCodeConfigPaths.join(", ")})`);
+                this.log("- OpenCode note: plain OpenAI-compatible config is preferred. If you add a quota/auth plugin manually, use /api/codex-auth/v1/quota?format=legacy_codex for legacy Codex-style quota responses.");
                 const openCodeProjectConfig = findOpenCodeProjectConfigFile();
                 const openCodeConfigEnv = process.env.OPENCODE_CONFIG?.trim() || "";
                 if (openCodeConfigEnv) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "theclawbay",
-  "version": "0.3.49",
+  "version": "0.3.51",
   "description": "CLI for connecting Codex, Continue, Cline, OpenClaw, OpenCode, Kilo, Roo Code, Aider, experimental Trae, and experimental Zo to The Claw Bay.",
   "license": "MIT",
   "bin": {