wyxrouter 0.4.71

package/open-sse/handlers/embeddingProviders/gemini.js

@@ -0,0 +1,54 @@
+// Google Gemini embeddings — embedContent / batchEmbedContents
+const BASE = "https://generativelanguage.googleapis.com/v1beta";
+
+function modelPath(model) {
+  return model.startsWith("models/") ? model : `models/${model}`;
+}
+
+export default {
+  buildUrl: (model, creds, { input } = {}) => {
+    const apiKey = creds.apiKey || creds.accessToken;
+    const path = modelPath(model);
+    const op = Array.isArray(input) ? "batchEmbedContents" : "embedContent";
+    return `${BASE}/${path}:${op}?key=${encodeURIComponent(apiKey)}`;
+  },
+  buildHeaders: () => ({ "Content-Type": "application/json" }),
+  buildBody: (model, { input, dimensions }) => {
+    const m = modelPath(model);
+    const outputDimensionality = Number(dimensions);
+    const hasOutputDimensionality = Number.isFinite(outputDimensionality) && outputDimensionality > 0;
+    if (Array.isArray(input)) {
+      return {
+        requests: input.map((text) => ({
+          model: m,
+          content: { parts: [{ text: String(text) }] },
+          ...(hasOutputDimensionality ? { outputDimensionality } : {}),
+        })),
+      };
+    }
+    return {
+      model: m,
+      content: { parts: [{ text: String(input) }] },
+      ...(hasOutputDimensionality ? { outputDimensionality } : {}),
+    };
+  },
+  normalize: (responseBody, model) => {
+    if (responseBody.object === "list" && Array.isArray(responseBody.data)) return responseBody;
+    let items = [];
+    if (Array.isArray(responseBody.embeddings)) {
+      items = responseBody.embeddings.map((emb, idx) => ({
+        object: "embedding",
+        index: idx,
+        embedding: emb.values || [],
+      }));
+    } else if (responseBody.embedding?.values) {
+      items = [{ object: "embedding", index: 0, embedding: responseBody.embedding.values }];
+    }
+    return {
+      object: "list",
+      data: items,
+      model,
+      usage: { prompt_tokens: 0, total_tokens: 0 },
+    };
+  },
+};

package/open-sse/handlers/embeddingProviders/index.js

@@ -0,0 +1,23 @@
+// Embeddings provider adapter registry
+import createOpenAIEmbeddingAdapter from "./openai.js";
+import gemini from "./gemini.js";
+import openaiCompatNode from "./openaiCompatNode.js";
+
+const OPENAI_COMPAT_PROVIDERS = [
+  "openai", "openrouter", "mistral", "voyage-ai", "fireworks",
+  "together", "nebius", "github", "nvidia", "jina-ai",
+];
+
+const ADAPTERS = {
+  ...Object.fromEntries(OPENAI_COMPAT_PROVIDERS.map((id) => [id, createOpenAIEmbeddingAdapter(id)])),
+  gemini,
+  google_ai_studio: gemini,
+};
+
+export function getEmbeddingAdapter(provider) {
+  if (ADAPTERS[provider]) return ADAPTERS[provider];
+  if (provider?.startsWith?.("openai-compatible-") || provider?.startsWith?.("custom-embedding-")) {
+    return openaiCompatNode;
+  }
+  return null;
+}

package/open-sse/handlers/embeddingProviders/openai.js

@@ -0,0 +1,39 @@
+// OpenAI-compatible embeddings adapter (most providers)
+import { bearerAuth } from "./_base.js";
+
+const ENDPOINTS = {
+  openai: "https://api.openai.com/v1/embeddings",
+  openrouter: "https://openrouter.ai/api/v1/embeddings",
+  mistral: "https://api.mistral.ai/v1/embeddings",
+  "voyage-ai": "https://api.voyageai.com/v1/embeddings",
+  fireworks: "https://api.fireworks.ai/inference/v1/embeddings",
+  together: "https://api.together.xyz/v1/embeddings",
+  nebius: "https://api.tokenfactory.nebius.com/v1/embeddings",
+  github: "https://models.github.ai/inference/embeddings",
+  nvidia: "https://integrate.api.nvidia.com/v1/embeddings",
+  "jina-ai": "https://api.jina.ai/v1/embeddings",
+};
+
+export default function createOpenAIEmbeddingAdapter(providerId) {
+  return {
+    buildUrl: () => ENDPOINTS[providerId],
+    buildHeaders: (creds) => {
+      const headers = { "Content-Type": "application/json", ...bearerAuth(creds) };
+      if (providerId === "openrouter") {
+        headers["HTTP-Referer"] = "https://endpoint-proxy.local";
+        headers["X-Title"] = "Endpoint Proxy";
+      }
+      return headers;
+    },
+    buildBody: (model, { input, encoding_format, dimensions }) => {
+      const body = { model, input };
+      if (encoding_format) body.encoding_format = encoding_format;
+      if (dimensions != null && dimensions !== "") {
+        const dim = Number(dimensions);
+        if (Number.isFinite(dim) && dim > 0) body.dimensions = dim;
+      }
+      return body;
+    },
+    normalize: (responseBody) => responseBody,
+  };
+}

package/open-sse/handlers/embeddingProviders/openaiCompatNode.js

@@ -0,0 +1,13 @@
+// Custom node providers (openai-compatible-* / custom-embedding-*) — baseUrl from credentials
+import createOpenAIEmbeddingAdapter from "./openai.js";
+
+const baseAdapter = createOpenAIEmbeddingAdapter("openai");
+
+export default {
+  ...baseAdapter,
+  buildUrl: (_model, creds) => {
+    const rawBaseUrl = creds?.providerSpecificData?.baseUrl || "https://api.openai.com/v1";
+    const baseUrl = rawBaseUrl.replace(/\/$/, "").replace(/\/embeddings$/, "");
+    return `${baseUrl}/embeddings`;
+  },
+};

package/open-sse/handlers/embeddingsCore.js

@@ -0,0 +1,126 @@
+import { createErrorResult, parseUpstreamError, formatProviderError } from "../utils/error.js";
+import { HTTP_STATUS } from "../config/runtimeConfig.js";
+import { getExecutor } from "../executors/index.js";
+import { refreshWithRetry } from "../services/tokenRefresh.js";
+import { getEmbeddingAdapter } from "./embeddingProviders/index.js";
+
+/**
+ * Core embeddings handler — orchestrator only. Provider-specific URL/headers/body/normalize
+ * live in `./embeddingProviders/{id}.js`.
+ *
+ * @returns {Promise<{ success: boolean, response: Response, status?: number, error?: string }>}
+ */
+export async function handleEmbeddingsCore({
+  body,
+  modelInfo,
+  credentials,
+  log,
+  onCredentialsRefreshed,
+  onRequestSuccess,
+}) {
+  const { provider, model } = modelInfo;
+
+  // Validate input
+  const input = body.input;
+  if (!input) {
+    return createErrorResult(HTTP_STATUS.BAD_REQUEST, "Missing required field: input");
+  }
+  if (typeof input !== "string" && !Array.isArray(input)) {
+    return createErrorResult(HTTP_STATUS.BAD_REQUEST, "input must be a string or array of strings");
+  }
+
+  const adapter = getEmbeddingAdapter(provider);
+  if (!adapter) {
+    return createErrorResult(
+      HTTP_STATUS.BAD_REQUEST,
+      `Provider '${provider}' does not support embeddings.`
+    );
+  }
+
+  const ctx = { input };
+  const url = adapter.buildUrl(model, credentials, ctx);
+  const headers = adapter.buildHeaders(credentials, ctx);
+  const requestBody = adapter.buildBody(model, {
+    input,
+    encoding_format: body.encoding_format || "float",
+    dimensions: body.dimensions,
+  });
+
+  log?.debug?.("EMBEDDINGS", `${provider.toUpperCase()} | ${model} | input_type=${Array.isArray(input) ? `array[${input.length}]` : "string"}`);
+
+  let providerResponse;
+  try {
+    providerResponse = await fetch(url, {
+      method: "POST",
+      headers,
+      body: JSON.stringify(requestBody),
+    });
+  } catch (error) {
+    const errMsg = formatProviderError(error, provider, model, HTTP_STATUS.BAD_GATEWAY);
+    log?.debug?.("EMBEDDINGS", `Fetch error: ${errMsg}`);
+    return createErrorResult(HTTP_STATUS.BAD_GATEWAY, errMsg);
+  }
+
+  // Handle 401/403 — try token refresh (skip for noAuth providers)
+  const executor = getExecutor(provider);
+  if (
+    !executor?.noAuth &&
+    (providerResponse.status === HTTP_STATUS.UNAUTHORIZED ||
+      providerResponse.status === HTTP_STATUS.FORBIDDEN)
+  ) {
+    const newCredentials = await refreshWithRetry(
+      () => executor.refreshCredentials(credentials, log),
+      3,
+      log
+    );
+
+    if (newCredentials?.accessToken || newCredentials?.apiKey) {
+      log?.info?.("TOKEN", `${provider.toUpperCase()} | refreshed for embeddings`);
+      Object.assign(credentials, newCredentials);
+      if (onCredentialsRefreshed) await onCredentialsRefreshed(newCredentials);
+
+      try {
+        const retryHeaders = adapter.buildHeaders(credentials, ctx);
+        const retryUrl = adapter.buildUrl(model, credentials, ctx);
+        providerResponse = await fetch(retryUrl, {
+          method: "POST",
+          headers: retryHeaders,
+          body: JSON.stringify(requestBody),
+        });
+      } catch {
+        log?.warn?.("TOKEN", `${provider.toUpperCase()} | retry after refresh failed`);
+      }
+    } else {
+      log?.warn?.("TOKEN", `${provider.toUpperCase()} | refresh failed`);
+    }
+  }
+
+  if (!providerResponse.ok) {
+    const { statusCode, message } = await parseUpstreamError(providerResponse);
+    const errMsg = formatProviderError(new Error(message), provider, model, statusCode);
+    log?.debug?.("EMBEDDINGS", `Provider error: ${errMsg}`);
+    return createErrorResult(statusCode, errMsg);
+  }
+
+  let responseBody;
+  try {
+    responseBody = await providerResponse.json();
+  } catch {
+    return createErrorResult(HTTP_STATUS.BAD_GATEWAY, `Invalid JSON response from ${provider}`);
+  }
+
+  if (onRequestSuccess) await onRequestSuccess();
+
+  const normalized = adapter.normalize(responseBody, model);
+  log?.debug?.("EMBEDDINGS", `Success | usage=${JSON.stringify(normalized.usage || {})}`);
+
+  return {
+    success: true,
+    response: new Response(JSON.stringify(normalized), {
+      headers: {
+        "Content-Type": "application/json",
+        "Access-Control-Allow-Origin": "*",
+      },
+    }),
+  };
+}

package/open-sse/handlers/fetch/index.js

@@ -0,0 +1,237 @@
+// Web Fetch handler — dispatches to firecrawl, jina-reader, tavily, exa
+// Returns normalized shape across all providers
+
+const DEFAULT_TIMEOUT_MS = 15000;
+const DEFAULT_FORMAT = "markdown";
+
+/**
+ * @typedef {Object} FetchResult
+ * @property {boolean} success
+ * @property {number} [status]
+ * @property {string} [error]
+ * @property {Object} [data]
+ */
+
+/**
+ * Fetch with timeout abort.
+ * @param {string} url
+ * @param {RequestInit} init
+ * @param {number} timeoutMs
+ */
+// Strip non-ASCII chars from header values (HTTP headers must be ByteString).
+function sanitizeHeaders(headers) {
+  if (!headers) return headers;
+  const out = {};
+  for (const [k, v] of Object.entries(headers)) {
+    out[k] = typeof v === "string" ? v.replace(/[^\x00-\xFF]/g, "").trim() : v;
+  }
+  return out;
+}
+
+async function tryFetch(url, init, timeoutMs) {
+  const ctrl = new AbortController();
+  const timer = setTimeout(() => ctrl.abort(), timeoutMs);
+  try {
+    const res = await fetch(url, { ...init, headers: sanitizeHeaders(init.headers), signal: ctrl.signal });
+    return { ok: true, res };
+  } catch (err) {
+    const isAbort = err?.name === "AbortError";
+    return { ok: false, timeout: isAbort, error: err?.message || String(err) };
+  } finally {
+    clearTimeout(timer);
+  }
+}
+
+function truncate(text, max) {
+  if (!text || typeof text !== "string") return text || "";
+  if (!max || max <= 0) return text;
+  return text.length > max ? text.slice(0, max) : text;
+}
+
+function parseJinaTitle(text) {
+  const m = String(text || "").match(/^\s*#\s+(.+)$/m);
+  return m ? m[1].trim() : null;
+}
+
+function buildData({ provider, url, title, format, text, costUsd, responseMs, upstreamMs }) {
+  return {
+    provider,
+    url,
+    title: title || null,
+    content: { format, text: text || "", length: (text || "").length },
+    metadata: { author: null, published_at: null, language: null },
+    usage: { fetch_cost_usd: costUsd ?? null },
+    metrics: { response_time_ms: responseMs, upstream_latency_ms: upstreamMs }
+  };
+}
+
+async function readJsonOrText(res) {
+  const ct = res.headers.get("content-type") || "";
+  if (ct.includes("application/json")) {
+    try { return { json: await res.json() }; } catch { return { text: "" }; }
+  }
+  return { text: await res.text() };
+}
+
+/**
+ * Main handler.
+ * @param {Object} params
+ * @param {string} params.url
+ * @param {string} [params.format]
+ * @param {number} [params.maxCharacters]
+ * @param {string} params.provider
+ * @param {Object} [params.providerConfig]
+ * @param {Object} [params.credentials]
+ * @param {Function} [params.log]
+ * @returns {Promise<FetchResult>}
+ */
+export async function handleFetchCore({ url, format, maxCharacters, provider, providerConfig, credentials, log }) {
+  if (!url || typeof url !== "string") {
+    return { success: false, status: 400, error: "url is required" };
+  }
+  if (!provider) {
+    return { success: false, status: 400, error: "provider is required" };
+  }
+
+  const fmt = format || DEFAULT_FORMAT;
+  const timeoutMs = providerConfig?.timeoutMs || DEFAULT_TIMEOUT_MS;
+  const apiKey = credentials?.apiKey || credentials?.key || credentials?.token || "";
+  const costPerQuery = providerConfig?.costPerQuery ?? null;
+  const startedAt = Date.now();
+
+  try {
+    if (provider === "firecrawl") {
+      return await runFirecrawl({ url, fmt, timeoutMs, apiKey, maxCharacters, costPerQuery, startedAt });
+    }
+    if (provider === "jina-reader") {
+      return await runJina({ url, fmt, timeoutMs, apiKey, maxCharacters, costPerQuery, startedAt });
+    }
+    if (provider === "tavily") {
+      return await runTavily({ url, fmt, timeoutMs, apiKey, maxCharacters, costPerQuery, startedAt });
+    }
+    if (provider === "exa") {
+      return await runExa({ url, fmt, timeoutMs, apiKey, maxCharacters, costPerQuery, startedAt });
+    }
+    return { success: false, status: 400, error: `Unsupported provider: ${provider}` };
+  } catch (err) {
+    log?.("fetch handler error:", err?.message || err);
+    return { success: false, status: 502, error: err?.message || "Internal fetch error" };
+  }
+}
+
+async function runFirecrawl({ url, fmt, timeoutMs, apiKey, maxCharacters, costPerQuery, startedAt }) {
+  const upstreamStart = Date.now();
+  const r = await tryFetch("https://api.firecrawl.dev/v1/scrape", {
+    method: "POST",
+    headers: {
+      "content-type": "application/json",
+      ...(apiKey ? { authorization: `Bearer ${apiKey}` } : {})
+    },
+    body: JSON.stringify({ url, formats: [fmt] })
+  }, timeoutMs);
+
+  if (!r.ok) {
+    return { success: false, status: r.timeout ? 504 : 502, error: r.error };
+  }
+  const upstreamMs = Date.now() - upstreamStart;
+  const { json } = await readJsonOrText(r.res);
+  if (!r.res.ok) {
+    return { success: false, status: r.res.status, error: json?.error || `Firecrawl error: ${r.res.status}` };
+  }
+  const d = json?.data || {};
+  const text = truncate(d.markdown || d.html || d.text || "", maxCharacters);
+  const title = d.metadata?.title || null;
+  return {
+    success: true,
+    data: buildData({
+      provider: "firecrawl", url, title, format: fmt, text,
+      costUsd: costPerQuery, responseMs: Date.now() - startedAt, upstreamMs
+    })
+  };
+}
+
+async function runJina({ url, fmt, timeoutMs, apiKey, maxCharacters, costPerQuery, startedAt }) {
+  const target = `https://r.jina.ai/${encodeURIComponent(url)}`;
+  const upstreamStart = Date.now();
+  const r = await tryFetch(target, {
+    method: "GET",
+    headers: apiKey ? { authorization: `Bearer ${apiKey}` } : {}
+  }, timeoutMs);
+
+  if (!r.ok) {
+    return { success: false, status: r.timeout ? 504 : 502, error: r.error };
+  }
+  const upstreamMs = Date.now() - upstreamStart;
+  const body = await r.res.text();
+  if (!r.res.ok) {
+    return { success: false, status: r.res.status, error: body?.slice(0, 500) || `Jina error: ${r.res.status}` };
+  }
+  const text = truncate(body, maxCharacters);
+  return {
+    success: true,
+    data: buildData({
+      provider: "jina-reader", url, title: parseJinaTitle(body), format: fmt, text,
+      costUsd: costPerQuery, responseMs: Date.now() - startedAt, upstreamMs
+    })
+  };
+}
+
+async function runTavily({ url, fmt, timeoutMs, apiKey, maxCharacters, costPerQuery, startedAt }) {
+  const upstreamStart = Date.now();
+  const r = await tryFetch("https://api.tavily.com/extract", {
+    method: "POST",
+    headers: {
+      "content-type": "application/json",
+      ...(apiKey ? { authorization: `Bearer ${apiKey}` } : {})
+    },
+    body: JSON.stringify({ urls: [url], extract_depth: "basic" })
+  }, timeoutMs);
+
+  if (!r.ok) {
+    return { success: false, status: r.timeout ? 504 : 502, error: r.error };
+  }
+  const upstreamMs = Date.now() - upstreamStart;
+  const { json } = await readJsonOrText(r.res);
+  if (!r.res.ok) {
+    return { success: false, status: r.res.status, error: json?.error || `Tavily error: ${r.res.status}` };
+  }
+  const first = json?.results?.[0] || {};
+  const text = truncate(first.raw_content || "", maxCharacters);
+  return {
+    success: true,
+    data: buildData({
+      provider: "tavily", url, title: null, format: fmt, text,
+      costUsd: costPerQuery, responseMs: Date.now() - startedAt, upstreamMs
+    })
+  };
+}
+
+async function runExa({ url, fmt, timeoutMs, apiKey, maxCharacters, costPerQuery, startedAt }) {
+  const upstreamStart = Date.now();
+  const r = await tryFetch("https://api.exa.ai/contents", {
+    method: "POST",
+    headers: {
+      "content-type": "application/json",
+      ...(apiKey ? { "x-api-key": apiKey } : {})
+    },
+    body: JSON.stringify({ ids: [url], text: true })
+  }, timeoutMs);
+
+  if (!r.ok) {
+    return { success: false, status: r.timeout ? 504 : 502, error: r.error };
+  }
+  const upstreamMs = Date.now() - upstreamStart;
+  const { json } = await readJsonOrText(r.res);
+  if (!r.res.ok) {
+    return { success: false, status: r.res.status, error: json?.error || `Exa error: ${r.res.status}` };
+  }
+  const first = json?.results?.[0] || {};
+  const text = truncate(first.text || "", maxCharacters);
+  return {
+    success: true,
+    data: buildData({
+      provider: "exa", url, title: first.title || null, format: fmt, text,
+      costUsd: costPerQuery, responseMs: Date.now() - startedAt, upstreamMs
+    })
+  };
+}

package/open-sse/handlers/imageGenerationCore.js

@@ -0,0 +1,189 @@
+import { createErrorResult, parseUpstreamError, formatProviderError } from "../utils/error.js";
+import { HTTP_STATUS } from "../config/runtimeConfig.js";
+import { refreshWithRetry } from "../services/tokenRefresh.js";
+import { getExecutor } from "../executors/index.js";
+import { getImageAdapter } from "./imageProviders/index.js";
+import { urlToBase64 } from "./imageProviders/_base.js";
+
+function serializeRequestBody(requestBody) {
+  if (typeof FormData !== "undefined" && requestBody instanceof FormData) return requestBody;
+  if (typeof requestBody === "string") return requestBody;
+  return JSON.stringify(requestBody);
+}
+
+/**
+ * Core image generation handler — orchestrator only.
+ * Provider-specific URL/headers/body/parse/normalize live in `./imageProviders/{id}.js`.
+ *
+ * @param {object} options
+ * @param {object} options.body - Request body { model, prompt, n, size, ... }
+ * @param {object} options.modelInfo - { provider, model }
+ * @param {object} options.credentials - Provider credentials
+ * @param {object} [options.log] - Logger
+ * @param {boolean} [options.streamToClient] - Pipe SSE to client (codex)
+ * @param {boolean} [options.binaryOutput] - Return raw image bytes
+ * @param {function} [options.onCredentialsRefreshed]
+ * @param {function} [options.onRequestSuccess]
+ * @returns {Promise<{ success: boolean, response: Response, status?: number, error?: string }>}
+ */
+export async function handleImageGenerationCore({
+  body,
+  modelInfo,
+  credentials,
+  log,
+  streamToClient = false,
+  binaryOutput = false,
+  onCredentialsRefreshed,
+  onRequestSuccess,
+}) {
+  const { provider, model } = modelInfo;
+
+  if (!body.prompt) {
+    return createErrorResult(HTTP_STATUS.BAD_REQUEST, "Missing required field: prompt");
+  }
+
+  const adapter = getImageAdapter(provider);
+  if (!adapter) {
+    return createErrorResult(
+      HTTP_STATUS.BAD_REQUEST,
+      `Provider '${provider}' does not support image generation`
+    );
+  }
+
+  let url;
+  let headers;
+  let requestBody;
+
+  try {
+    url = adapter.buildUrl(model, credentials);
+    requestBody = await adapter.buildBody(model, body);
+    headers = adapter.buildHeaders(credentials, requestBody, model, body);
+  } catch (error) {
+    return createErrorResult(HTTP_STATUS.BAD_REQUEST, error.message || `Invalid ${provider} image request`);
+  }
+
+  log?.debug?.("IMAGE", `${provider.toUpperCase()} | ${model} | prompt="${body.prompt.slice(0, 50)}..."`);
+
+  let providerResponse;
+  try {
+    providerResponse = await fetch(url, {
+      method: "POST",
+      headers,
+      body: serializeRequestBody(requestBody),
+    });
+  } catch (error) {
+    const errMsg = formatProviderError(error, provider, model, HTTP_STATUS.BAD_GATEWAY);
+    log?.debug?.("IMAGE", `Fetch error: ${errMsg}`);
+    return createErrorResult(HTTP_STATUS.BAD_GATEWAY, errMsg);
+  }
+
+  // Handle 401/403 — try token refresh (skipped for noAuth providers)
+  const executor = getExecutor(provider);
+  if (
+    !executor?.noAuth &&
+    !adapter.noAuth &&
+    (providerResponse.status === HTTP_STATUS.UNAUTHORIZED ||
+      providerResponse.status === HTTP_STATUS.FORBIDDEN)
+  ) {
+    const newCredentials = await refreshWithRetry(
+      () => executor.refreshCredentials(credentials, log),
+      3,
+      log
+    );
+
+    if (newCredentials?.accessToken || newCredentials?.apiKey) {
+      log?.info?.("TOKEN", `${provider.toUpperCase()} | refreshed for image generation`);
+      Object.assign(credentials, newCredentials);
+      if (onCredentialsRefreshed) await onCredentialsRefreshed(newCredentials);
+
+      try {
+        const retryBody = await adapter.buildBody(model, body);
+        const retryHeaders = adapter.buildHeaders(credentials, retryBody, model, body);
+        const retryUrl = adapter.buildUrl(model, credentials);
+        providerResponse = await fetch(retryUrl, {
+          method: "POST",
+          headers: retryHeaders,
+          body: serializeRequestBody(retryBody),
+        });
+      } catch {
+        log?.warn?.("TOKEN", `${provider.toUpperCase()} | retry after refresh failed`);
+      }
+    } else {
+      log?.warn?.("TOKEN", `${provider.toUpperCase()} | refresh failed`);
+    }
+  }
+
+  if (!providerResponse.ok) {
+    const { statusCode, message } = await parseUpstreamError(providerResponse);
+    const errMsg = formatProviderError(new Error(message), provider, model, statusCode);
+    log?.debug?.("IMAGE", `Provider error: ${errMsg}`);
+    return createErrorResult(statusCode, errMsg);
+  }
+
+  // Parse provider response — adapter may override (codex SSE / async polling / binary)
+  let parsed;
+  try {
+    if (adapter.parseResponse) {
+      parsed = await adapter.parseResponse(providerResponse, {
+        headers,
+        log,
+        streamToClient,
+        onRequestSuccess,
+        url,
+        requestBody,
+        model,
+        body,
+      });
+      // Codex streaming case: returns an SSE Response directly
+      if (parsed?.sseResponse) {
+        return { success: true, response: parsed.sseResponse };
+      }
+    } else {
+      parsed = await providerResponse.json();
+    }
+  } catch (parseError) {
+    return createErrorResult(HTTP_STATUS.BAD_GATEWAY, parseError.message || `Invalid response from ${provider}`);
+  }
+
+  if (onRequestSuccess) await onRequestSuccess();
+
+  // Normalize → OpenAI-compatible shape
+  const normalized = adapter.normalize(parsed, body.prompt);
+
+  // Already in OpenAI shape? skip re-normalize
+  const finalBody = (normalized.created && Array.isArray(normalized.data)) ? normalized : parsed;
+
+  // Binary output: decode first b64_json (or fetch url) into raw bytes
+  if (binaryOutput) {
+    const first = finalBody.data?.[0];
+    let b64 = first?.b64_json;
+    if (!b64 && first?.url) {
+      try { b64 = await urlToBase64(first.url); } catch {}
+    }
+    if (b64) {
+      const buf = Buffer.from(b64, "base64");
+      const fmt = (body.output_format || "png").toLowerCase();
+      const mime = fmt === "jpeg" || fmt === "jpg" ? "image/jpeg" : fmt === "webp" ? "image/webp" : "image/png";
+      return {
+        success: true,
+        response: new Response(buf, {
+          headers: {
+            "Content-Type": mime,
+            "Content-Disposition": `inline; filename="image.${fmt === "jpeg" ? "jpg" : fmt}"`,
+            "Access-Control-Allow-Origin": "*",
+          },
+        }),
+      };
+    }
+  }
+
+  return {
+    success: true,
+    response: new Response(JSON.stringify(finalBody), {
+      headers: {
+        "Content-Type": "application/json",
+        "Access-Control-Allow-Origin": "*",
+      },
+    }),
+  };
+}