From 8394926fe1cd3c7a3f8fb59325169186cbb77122 Mon Sep 17 00:00:00 2001 From: YeonGyu-Kim Date: Thu, 8 Jan 2026 22:37:38 +0900 Subject: [PATCH] [ORCHESTRATOR TEST] feat(auth): multi-account Google Antigravity auth with automatic rotation (#579) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(auth): add multi-account types and storage layer Add foundation for multi-account Google Antigravity auth: - ModelFamily, AccountTier, RateLimitState types for rate limit tracking - AccountMetadata, AccountStorage, ManagedAccount interfaces - Cross-platform storage module with XDG_DATA_HOME/APPDATA support - Comprehensive test coverage for storage operations 🤖 Generated with [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode) * feat(auth): implement AccountManager for multi-account rotation Add AccountManager class with automatic account rotation: - Per-family rate limit tracking (claude, gemini-flash, gemini-pro) - Paid tier prioritization in rotation logic - Round-robin account selection within tier pools - Account add/remove operations with index management - Storage persistence integration 🤖 Generated with [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode) * feat(auth): add CLI prompts for multi-account setup Add @clack/prompts-based CLI utilities: - promptAddAnotherAccount() for multi-account flow - promptAccountTier() for free/paid tier selection - Non-TTY environment handling (graceful skip) 🤖 Generated with [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode) * feat(auth): integrate multi-account OAuth flow into plugin Enhance OAuth flow for multi-account support: - Prompt for additional accounts after first OAuth (up to 10) - Collect email and tier for each account - Save accounts to storage via AccountManager - Load AccountManager in loader() from stored accounts - Toast notifications for account authentication success - Backward compatible with single-account flow 🤖 Generated with [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode) * feat(auth): add rate limit rotation to fetch interceptor Integrate AccountManager into fetch for automatic rotation: - Model family detection from URL (claude/gemini-flash/gemini-pro) - Rate limit detection (429 with retry-after > 5s, 5xx errors) - Mark rate-limited accounts and rotate to next available - Recursive retry with new account on rotation - Lazy load accounts from storage on first request - Debug logging for account switches 🤖 Generated with [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode) * feat(cli): add auth account management commands Add CLI commands for managing Google Antigravity accounts: - `auth list`: Show all accounts with email, tier, rate limit status - `auth remove `: Remove account by index or email - Help text with usage examples - Active account indicator and remaining rate limit display 🤖 Generated with [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode) * refactor(auth): address review feedback - remove duplicate ManagedAccount and reuse fetch function - Remove unused ManagedAccount interface from types.ts (duplicate of accounts.ts) - Reuse fetchFn in rate limit retry instead of creating new fetch closure Preserves cachedTokens, cachedProjectId, fetchInstanceId, accountsLoaded state * fix(auth): address Cubic review feedback (8 issues) P1 fixes: - storage.ts: Use mode 0o600 for OAuth credentials file (security) - fetch.ts: Return original 5xx status instead of synthesized 429 - accounts.ts: Adjust activeIndex/currentIndex in removeAccount - plugin.ts: Fix multi-account migration to split on ||| not | P2 fixes: - cli.ts: Remove confusing cancel message when returning default - auth.ts: Use strict parseInt check to prevent partial matches - storage.test.ts: Use try/finally for env var cleanup * refactor(test): import ManagedAccount from accounts.ts instead of duplicating * fix(auth): address Oracle review findings (P1/P2) P1 fixes: - Clear cachedProjectId on account change to prevent stale project IDs - Continue endpoint fallback for single-account users on rate limit - Restore access/expires tokens from storage for non-active accounts - Re-throw non-ENOENT filesystem errors (keep returning null for parse errors) - Use atomic write (temp file + rename) for account storage P2 fixes: - Derive RateLimitState type from ModelFamily using mapped type - Add MODEL_FAMILIES constant and use dynamic iteration in clearExpiredRateLimits - Add missing else branch in storage.test.ts env cleanup - Handle open() errors gracefully with user-friendly toast message Tests updated to reflect correct behavior for token restoration. * fix(auth): address Cubic review round 2 (5 issues) P1: Return original 429/5xx response on last endpoint instead of generic 503 P2: Use unique temp filename (pid+timestamp) and cleanup on rename failure P2: Clear cachedProjectId when first account introduced (lastAccountIndex null) P3: Add console.error logging to open() catch block * test(auth): add AccountManager removeAccount index tests Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode) Co-authored-by: Sisyphus * test(auth): add storage layer security and atomicity tests Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode) Co-authored-by: Sisyphus * fix(auth): address Cubic review round 3 (4 issues) P1 Fixes: - plugin.ts: Validate refresh_token before constructing first account - plugin.ts: Validate additionalTokens.refresh_token before pushing accounts - fetch.ts: Reset cachedTokens when switching accounts during rotation P2 Fixes: - fetch.ts: Improve model-family detection (parse model from body, fallback to URL) * fix(auth): address Cubic review round 4 (3 issues) P1 Fixes: - plugin.ts: Close serverHandle before early return on missing refresh_token - plugin.ts: Close additionalServerHandle before continue on missing refresh_token P2 Fixes: - fetch.ts: Remove overly broad 'pro' matching in getModelFamilyFromModelName * fix(auth): address Cubic review round 5 (9 issues) P1 Fixes: - plugin.ts: Close additionalServerHandle after successful account auth - fetch.ts: Cancel response body on 429/5xx to prevent connection leaks P2 Fixes: - plugin.ts: Close additionalServerHandle on OAuth error/missing code - plugin.ts: Close additionalServerHandle on verifier mismatch - auth.ts: Set activeIndex to -1 when all accounts removed - storage.ts: Use shared getDataDir utility for consistent paths - fetch.ts: Catch loadAccounts IO errors with graceful fallback - storage.test.ts: Improve test assertions with proper error tracking * feat(antigravity): add system prompt and thinking config constants * feat(antigravity): add reasoning_effort and Gemini 3 thinkingLevel support * feat(antigravity): inject system prompt into all requests * feat(antigravity): integrate thinking config and system prompt in fetch layer * feat(auth): auto-open browser for OAuth login on all platforms * fix(auth): add alias2ModelName for Antigravity Claude models Root cause: Antigravity API expects 'claude-sonnet-4-5-thinking' but we were sending 'gemini-claude-sonnet-4-5-thinking'. Ported alias mapping from CLIProxyAPI antigravity_executor.go:1328-1347. Transforms: - gemini-claude-sonnet-4-5-thinking → claude-sonnet-4-5-thinking - gemini-claude-opus-4-5-thinking → claude-opus-4-5-thinking - gemini-3-pro-preview → gemini-3-pro-high - gemini-3-flash-preview → gemini-3-flash * fix(auth): add requestType and toolConfig for Antigravity API Missing required fields from CLIProxyAPI implementation: - requestType: 'agent' - request.toolConfig.functionCallingConfig.mode: 'VALIDATED' - Delete request.safetySettings Also strip 'antigravity-' prefix before alias transformation. * fix(auth): remove broken alias2ModelName transformations for Gemini 3 CLIProxyAPI's alias mappings don't work with public Antigravity API: - gemini-3-pro-preview → gemini-3-pro-high (404!) - gemini-3-flash-preview → gemini-3-flash (404!) Tested: -preview suffix names work, transformed names return 404. Keep only gemini-claude-* prefix stripping for future Claude support. * fix(auth): implement correct alias2ModelName transformations for Antigravity API Implements explicit switch-based model name mappings for Antigravity API. Updates SANDBOX endpoint constants to clarify quota/availability behavior. Fixes test expectations to match new transformation logic. 🤖 Generated with assistance of OhMyOpenCode --------- Co-authored-by: Sisyphus --- bun.lock | 25 + package.json | 1 + src/auth/antigravity/accounts.test.ts | 1044 ++++++++++++++++++++++ src/auth/antigravity/accounts.ts | 244 +++++ src/auth/antigravity/browser.test.ts | 37 + src/auth/antigravity/browser.ts | 51 ++ src/auth/antigravity/cli.test.ts | 156 ++++ src/auth/antigravity/cli.ts | 37 + src/auth/antigravity/constants.ts | 201 ++++- src/auth/antigravity/fetch.ts | 189 +++- src/auth/antigravity/integration.test.ts | 306 +++++++ src/auth/antigravity/plugin.ts | 285 +++++- src/auth/antigravity/request.test.ts | 224 +++++ src/auth/antigravity/request.ts | 91 +- src/auth/antigravity/storage.test.ts | 388 ++++++++ src/auth/antigravity/storage.ts | 74 ++ src/auth/antigravity/thinking.test.ts | 288 ++++++ src/auth/antigravity/thinking.ts | 186 +++- src/auth/antigravity/types.ts | 41 +- src/cli/commands/auth.ts | 93 ++ src/cli/index.ts | 40 + 21 files changed, 3965 insertions(+), 36 deletions(-) create mode 100644 src/auth/antigravity/accounts.test.ts create mode 100644 src/auth/antigravity/accounts.ts create mode 100644 src/auth/antigravity/browser.test.ts create mode 100644 src/auth/antigravity/browser.ts create mode 100644 src/auth/antigravity/cli.test.ts create mode 100644 src/auth/antigravity/cli.ts create mode 100644 src/auth/antigravity/integration.test.ts create mode 100644 src/auth/antigravity/request.test.ts create mode 100644 src/auth/antigravity/storage.test.ts create mode 100644 src/auth/antigravity/storage.ts create mode 100644 src/auth/antigravity/thinking.test.ts create mode 100644 src/cli/commands/auth.ts diff --git a/bun.lock b/bun.lock index 32d8e22..8d64099 100644 --- a/bun.lock +++ b/bun.lock @@ -17,6 +17,7 @@ "hono": "^4.10.4", "js-yaml": "^4.1.1", "jsonc-parser": "^3.3.1", + "open": "^11.0.0", "picocolors": "^1.1.1", "picomatch": "^4.0.2", "xdg-basedir": "^5.1.0", @@ -122,6 +123,8 @@ "bun-types": ["bun-types@1.3.3", "", { "dependencies": { "@types/node": "*" } }, "sha512-z3Xwlg7j2l9JY27x5Qn3Wlyos8YAp0kKRlrePAOjgjMGS5IG6E7Jnlx736vH9UVI4wUICwwhC9anYL++XeOgTQ=="], + "bundle-name": ["bundle-name@4.1.0", "", { "dependencies": { "run-applescript": "^7.0.0" } }, "sha512-tjwM5exMg6BGRI+kNmTntNsvdZS1X8BFYS6tnJ2hdH0kVxM6/eVZ2xy+FqStSWvYmtfFMDLIxurorHwDKfDz5Q=="], + "bytes": ["bytes@3.1.2", "", {}, "sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg=="], "call-bind-apply-helpers": ["call-bind-apply-helpers@1.0.2", "", { "dependencies": { "es-errors": "^1.3.0", "function-bind": "^1.1.2" } }, "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ=="], @@ -144,6 +147,12 @@ "debug": ["debug@4.4.3", "", { "dependencies": { "ms": "^2.1.3" } }, "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA=="], + "default-browser": ["default-browser@5.4.0", "", { "dependencies": { "bundle-name": "^4.1.0", "default-browser-id": "^5.0.0" } }, "sha512-XDuvSq38Hr1MdN47EDvYtx3U0MTqpCEn+F6ft8z2vYDzMrvQhVp0ui9oQdqW3MvK3vqUETglt1tVGgjLuJ5izg=="], + + "default-browser-id": ["default-browser-id@5.0.1", "", {}, "sha512-x1VCxdX4t+8wVfd1so/9w+vQ4vx7lKd2Qp5tDRutErwmR85OgmfX7RlLRMWafRMY7hbEiXIbudNrjOAPa/hL8Q=="], + + "define-lazy-prop": ["define-lazy-prop@3.0.0", "", {}, "sha512-N+MeXYoqr3pOgn8xfyRPREN7gHakLYjhsHhWGT3fWAiL4IkAt0iDw14QiiEm2bE30c5XX5q0FtAA3CK5f9/BUg=="], + "depd": ["depd@2.0.0", "", {}, "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="], "detect-libc": ["detect-libc@2.1.2", "", {}, "sha512-Btj2BOOO83o3WyH59e8MgXsxEQVcarkUOpEYrubB0urwnN10yQ364rsiByU11nZlqWYZm05i/of7io4mzihBtQ=="], @@ -204,8 +213,16 @@ "ipaddr.js": ["ipaddr.js@1.9.1", "", {}, "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g=="], + "is-docker": ["is-docker@3.0.0", "", { "bin": { "is-docker": "cli.js" } }, "sha512-eljcgEDlEns/7AXFosB5K/2nCM4P7FQPkGc/DWLy5rmFEWvZayGrik1d9/QIY5nJ4f9YsVvBkA6kJpHn9rISdQ=="], + + "is-in-ssh": ["is-in-ssh@1.0.0", "", {}, "sha512-jYa6Q9rH90kR1vKB6NM7qqd1mge3Fx4Dhw5TVlK1MUBqhEOuCagrEHMevNuCcbECmXZ0ThXkRm+Ymr51HwEPAw=="], + + "is-inside-container": ["is-inside-container@1.0.0", "", { "dependencies": { "is-docker": "^3.0.0" }, "bin": { "is-inside-container": "cli.js" } }, "sha512-KIYLCCJghfHZxqjYBE7rEy0OBuTd5xCHS7tHVgvCLkx7StIoaxwNW3hCALgEUjFfeRk+MG/Qxmp/vtETEF3tRA=="], + "is-promise": ["is-promise@4.0.0", "", {}, "sha512-hvpoI6korhJMnej285dSg6nu1+e6uxs7zG3BYAm5byqDsgJNWwxzM6z6iZiAgQR4TJ30JmBTOwqZUw3WlyH3AQ=="], + "is-wsl": ["is-wsl@3.1.0", "", { "dependencies": { "is-inside-container": "^1.0.0" } }, "sha512-UcVfVfaK4Sc4m7X3dUSoHoozQGBEFeDC+zVo06t98xe8CzHSZZBekNXH+tu0NalHolcJ/QAGqS46Hef7QXBIMw=="], + "isexe": ["isexe@2.0.0", "", {}, "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw=="], "jose": ["jose@6.1.3", "", {}, "sha512-0TpaTfihd4QMNwrz/ob2Bp7X04yuxJkjRGi4aKmOqwhov54i6u79oCv7T+C7lo70MKH6BesI3vscD1yb/yzKXQ=="], @@ -240,6 +257,8 @@ "once": ["once@1.4.0", "", { "dependencies": { "wrappy": "1" } }, "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w=="], + "open": ["open@11.0.0", "", { "dependencies": { "default-browser": "^5.4.0", "define-lazy-prop": "^3.0.0", "is-in-ssh": "^1.0.0", "is-inside-container": "^1.0.0", "powershell-utils": "^0.1.0", "wsl-utils": "^0.3.0" } }, "sha512-smsWv2LzFjP03xmvFoJ331ss6h+jixfA4UUV/Bsiyuu4YJPfN+FIQGOIiv4w9/+MoHkfkJ22UIaQWRVFRfH6Vw=="], + "parseurl": ["parseurl@1.3.3", "", {}, "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ=="], "path-key": ["path-key@3.1.1", "", {}, "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q=="], @@ -252,6 +271,8 @@ "pkce-challenge": ["pkce-challenge@5.0.1", "", {}, "sha512-wQ0b/W4Fr01qtpHlqSqspcj3EhBvimsdh0KlHhH8HRZnMsEa0ea2fTULOXOS9ccQr3om+GcGRk4e+isrZWV8qQ=="], + "powershell-utils": ["powershell-utils@0.1.0", "", {}, "sha512-dM0jVuXJPsDN6DvRpea484tCUaMiXWjuCn++HGTqUWzGDjv5tZkEZldAJ/UMlqRYGFrD/etByo4/xOuC/snX2A=="], + "proxy-addr": ["proxy-addr@2.0.7", "", { "dependencies": { "forwarded": "0.2.0", "ipaddr.js": "1.9.1" } }, "sha512-llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg=="], "qs": ["qs@6.14.1", "", { "dependencies": { "side-channel": "^1.1.0" } }, "sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ=="], @@ -264,6 +285,8 @@ "router": ["router@2.2.0", "", { "dependencies": { "debug": "^4.4.0", "depd": "^2.0.0", "is-promise": "^4.0.0", "parseurl": "^1.3.3", "path-to-regexp": "^8.0.0" } }, "sha512-nLTrUKm2UyiL7rlhapu/Zl45FwNgkZGaCpZbIHajDYgwlJCOzLSk+cIPAnsEqV955GjILJnKbdQC1nVPz+gAYQ=="], + "run-applescript": ["run-applescript@7.1.0", "", {}, "sha512-DPe5pVFaAsinSaV6QjQ6gdiedWDcRCbUuiQfQa2wmWV7+xC9bGulGI8+TdRmoFkAPaBXk8CrAbnlY2ISniJ47Q=="], + "safer-buffer": ["safer-buffer@2.1.2", "", {}, "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="], "send": ["send@1.2.1", "", { "dependencies": { "debug": "^4.4.3", "encodeurl": "^2.0.0", "escape-html": "^1.0.3", "etag": "^1.8.1", "fresh": "^2.0.0", "http-errors": "^2.0.1", "mime-types": "^3.0.2", "ms": "^2.1.3", "on-finished": "^2.4.1", "range-parser": "^1.2.1", "statuses": "^2.0.2" } }, "sha512-1gnZf7DFcoIcajTjTwjwuDjzuz4PPcY2StKPlsGAQ1+YH20IRVrBaXSWmdjowTJ6u8Rc01PoYOGHXfP1mYcZNQ=="], @@ -304,6 +327,8 @@ "wrappy": ["wrappy@1.0.2", "", {}, "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ=="], + "wsl-utils": ["wsl-utils@0.3.1", "", { "dependencies": { "is-wsl": "^3.1.0", "powershell-utils": "^0.1.0" } }, "sha512-g/eziiSUNBSsdDJtCLB8bdYEUMj4jR7AGeUo96p/3dTafgjHhpF4RiCFPiRILwjQoDXx5MqkBr4fwWtR3Ky4Wg=="], + "xdg-basedir": ["xdg-basedir@5.1.0", "", {}, "sha512-GCPAHLvrIH13+c0SuacwvRYj2SxJXQ4kaVTT5xgL3kPrz56XxkF21IGhjSE1+W0aw7gpBWRGXLCPnPby6lSpmQ=="], "zod": ["zod@4.1.8", "", {}, "sha512-5R1P+WwQqmmMIEACyzSvo4JXHY5WiAFHRMg+zBZKgKS+Q1viRa0C1hmUKtHltoIFKtIdki3pRxkmpP74jnNYHQ=="], diff --git a/package.json b/package.json index 2ef860a..49de803 100644 --- a/package.json +++ b/package.json @@ -62,6 +62,7 @@ "hono": "^4.10.4", "js-yaml": "^4.1.1", "jsonc-parser": "^3.3.1", + "open": "^11.0.0", "picocolors": "^1.1.1", "picomatch": "^4.0.2", "xdg-basedir": "^5.1.0", diff --git a/src/auth/antigravity/accounts.test.ts b/src/auth/antigravity/accounts.test.ts new file mode 100644 index 0000000..aa7e9c9 --- /dev/null +++ b/src/auth/antigravity/accounts.test.ts @@ -0,0 +1,1044 @@ +import { describe, it, expect, beforeEach, afterEach } from "bun:test" +import { tmpdir } from "node:os" +import { join } from "node:path" +import { promises as fs } from "node:fs" +import { AccountManager, type ManagedAccount } from "./accounts" +import type { + AccountStorage, + AccountMetadata, + ModelFamily, + AccountTier, + AntigravityRefreshParts, + RateLimitState, +} from "./types" + +// #region Test Fixtures + +interface MockAuthDetails { + refresh: string + access: string + expires: number +} + +function createMockAuthDetails(refresh = "refresh-token|project-id|managed-id"): MockAuthDetails { + return { + refresh, + access: "access-token", + expires: Date.now() + 3600000, + } +} + +function createMockAccountMetadata(overrides: Partial = {}): AccountMetadata { + return { + email: "test@example.com", + tier: "free" as AccountTier, + refreshToken: "refresh-token", + projectId: "project-id", + managedProjectId: "managed-id", + accessToken: "access-token", + expiresAt: Date.now() + 3600000, + rateLimits: {}, + ...overrides, + } +} + +function createMockAccountStorage(accounts: AccountMetadata[], activeIndex = 0): AccountStorage { + return { + version: 1, + accounts, + activeIndex, + } +} + +// #endregion + +describe("AccountManager", () => { + let testDir: string + + beforeEach(async () => { + testDir = join(tmpdir(), `accounts-test-${Date.now()}-${Math.random().toString(36).slice(2)}`) + await fs.mkdir(testDir, { recursive: true }) + }) + + afterEach(async () => { + try { + await fs.rm(testDir, { recursive: true, force: true }) + } catch { + // Ignore cleanup errors + } + }) + + describe("constructor", () => { + it("should initialize from stored accounts", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com", tier: "paid" }), + createMockAccountMetadata({ email: "user2@example.com", tier: "free" }), + ], + 1 + ) + const auth = createMockAuthDetails() + + // #when + const manager = new AccountManager(auth, storedAccounts) + + // #then + expect(manager.getAccountCount()).toBe(2) + const current = manager.getCurrentAccount() + expect(current).not.toBeNull() + expect(current?.email).toBe("user2@example.com") + }) + + it("should initialize from single auth token when no stored accounts", () => { + // #given + const auth = createMockAuthDetails("refresh-token|project-id|managed-id") + + // #when + const manager = new AccountManager(auth, null) + + // #then + expect(manager.getAccountCount()).toBe(1) + const current = manager.getCurrentAccount() + expect(current).not.toBeNull() + expect(current?.parts.refreshToken).toBe("refresh-token") + expect(current?.parts.projectId).toBe("project-id") + expect(current?.parts.managedProjectId).toBe("managed-id") + }) + + it("should handle empty stored accounts by falling back to auth token", () => { + // #given + const storedAccounts = createMockAccountStorage([], 0) + const auth = createMockAuthDetails("single-refresh|single-project") + + // #when + const manager = new AccountManager(auth, storedAccounts) + + // #then + expect(manager.getAccountCount()).toBe(1) + const current = manager.getCurrentAccount() + expect(current?.parts.refreshToken).toBe("single-refresh") + }) + + it("should use auth tokens for active account and restore stored tokens for others", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com", accessToken: "stored-token-1" }), + createMockAccountMetadata({ email: "user2@example.com", accessToken: "stored-token-2" }), + ], + 1 + ) + const auth = createMockAuthDetails() + + // #when + const manager = new AccountManager(auth, storedAccounts) + + // #then + const accounts = manager.getAccounts() + expect(accounts[0]?.access).toBe("stored-token-1") + expect(accounts[1]?.access).toBe("access-token") + }) + }) + + describe("getCurrentAccount", () => { + it("should return current active account", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + const current = manager.getCurrentAccount() + + // #then + expect(current).not.toBeNull() + expect(current?.email).toBe("user1@example.com") + }) + + it("should return null when no accounts exist", () => { + // #given + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, null) + while (manager.getAccountCount() > 0) { + manager.removeAccount(0) + } + + // #when + const current = manager.getCurrentAccount() + + // #then + expect(current).toBeNull() + }) + }) + + describe("getCurrentOrNextForFamily", () => { + it("should return current account if not rate limited", () => { + // #given + const storedAccounts = createMockAccountStorage( + [createMockAccountMetadata({ email: "user1@example.com", tier: "free" })], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + const account = manager.getCurrentOrNextForFamily("claude") + + // #then + expect(account).not.toBeNull() + expect(account?.email).toBe("user1@example.com") + }) + + it("should rotate to next account if current is rate limited", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com", tier: "free" }), + createMockAccountMetadata({ email: "user2@example.com", tier: "free" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + const current = manager.getCurrentAccount()! + manager.markRateLimited(current, 60000, "claude") + + // #when + const account = manager.getCurrentOrNextForFamily("claude") + + // #then + expect(account).not.toBeNull() + expect(account?.email).toBe("user2@example.com") + }) + + it("should prioritize paid tier over free tier", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "free@example.com", tier: "free" }), + createMockAccountMetadata({ email: "paid@example.com", tier: "paid" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + const account = manager.getCurrentOrNextForFamily("claude") + + // #then + expect(account).not.toBeNull() + expect(account?.email).toBe("paid@example.com") + expect(account?.tier).toBe("paid") + }) + + it("should stay with current paid account even if free accounts available", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "paid@example.com", tier: "paid" }), + createMockAccountMetadata({ email: "free@example.com", tier: "free" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + const account = manager.getCurrentOrNextForFamily("claude") + + // #then + expect(account?.email).toBe("paid@example.com") + }) + + it("should return null when all accounts are rate limited", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + const accounts = manager.getAccounts() + for (const acc of accounts) { + manager.markRateLimited(acc, 60000, "claude") + } + + // #when + const account = manager.getCurrentOrNextForFamily("claude") + + // #then + expect(account).toBeNull() + }) + + it("should update lastUsed timestamp when returning account", () => { + // #given + const storedAccounts = createMockAccountStorage( + [createMockAccountMetadata({ email: "user1@example.com" })], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + const before = Date.now() + + // #when + const account = manager.getCurrentOrNextForFamily("claude") + + // #then + expect(account?.lastUsed).toBeGreaterThanOrEqual(before) + }) + + it("should handle different model families independently", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + const current = manager.getCurrentAccount()! + manager.markRateLimited(current, 60000, "claude") + + // #when - get account for claude (should rotate) + const claudeAccount = manager.getCurrentOrNextForFamily("claude") + + // Reset to first account for gemini test + const manager2 = new AccountManager(auth, storedAccounts) + const current2 = manager2.getCurrentAccount()! + manager2.markRateLimited(current2, 60000, "claude") + const geminiAccount = manager2.getCurrentOrNextForFamily("gemini-flash") + + // #then + expect(claudeAccount?.email).toBe("user2@example.com") + expect(geminiAccount?.email).toBe("user1@example.com") + }) + }) + + describe("markRateLimited", () => { + it("should set rate limit reset time for specified family", () => { + // #given + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, null) + const account = manager.getCurrentAccount()! + const retryAfterMs = 60000 + + // #when + manager.markRateLimited(account, retryAfterMs, "claude") + + // #then + expect(account.rateLimits.claude).toBeGreaterThan(Date.now()) + expect(account.rateLimits.claude).toBeLessThanOrEqual(Date.now() + retryAfterMs + 100) + }) + + it("should set rate limits independently per family", () => { + // #given + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, null) + const account = manager.getCurrentAccount()! + + // #when + manager.markRateLimited(account, 30000, "claude") + manager.markRateLimited(account, 60000, "gemini-flash") + + // #then + expect(account.rateLimits.claude).toBeDefined() + expect(account.rateLimits["gemini-flash"]).toBeDefined() + expect(account.rateLimits["gemini-flash"]! - account.rateLimits.claude!).toBeGreaterThan(25000) + }) + }) + + describe("clearExpiredRateLimits", () => { + it("should clear expired rate limits", () => { + // #given + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, null) + const account = manager.getCurrentAccount()! + account.rateLimits.claude = Date.now() - 1000 + + // #when + manager.clearExpiredRateLimits(account) + + // #then + expect(account.rateLimits.claude).toBeUndefined() + }) + + it("should keep non-expired rate limits", () => { + // #given + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, null) + const account = manager.getCurrentAccount()! + const futureTime = Date.now() + 60000 + account.rateLimits.claude = futureTime + + // #when + manager.clearExpiredRateLimits(account) + + // #then + expect(account.rateLimits.claude).toBe(futureTime) + }) + + it("should clear multiple expired limits at once", () => { + // #given + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, null) + const account = manager.getCurrentAccount()! + account.rateLimits.claude = Date.now() - 1000 + account.rateLimits["gemini-flash"] = Date.now() - 500 + account.rateLimits["gemini-pro"] = Date.now() + 60000 + + // #when + manager.clearExpiredRateLimits(account) + + // #then + expect(account.rateLimits.claude).toBeUndefined() + expect(account.rateLimits["gemini-flash"]).toBeUndefined() + expect(account.rateLimits["gemini-pro"]).toBeDefined() + }) + }) + + describe("addAccount", () => { + it("should append new account to accounts array", () => { + // #given + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, null) + const initialCount = manager.getAccountCount() + const newParts: AntigravityRefreshParts = { + refreshToken: "new-refresh", + projectId: "new-project", + managedProjectId: "new-managed", + } + + // #when + manager.addAccount(newParts, "new-access", Date.now() + 3600000, "new@example.com", "paid") + + // #then + expect(manager.getAccountCount()).toBe(initialCount + 1) + const accounts = manager.getAccounts() + const newAccount = accounts[accounts.length - 1] + expect(newAccount?.email).toBe("new@example.com") + expect(newAccount?.tier).toBe("paid") + expect(newAccount?.parts.refreshToken).toBe("new-refresh") + }) + + it("should set correct index for new account", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + const newParts: AntigravityRefreshParts = { + refreshToken: "new-refresh", + projectId: "new-project", + } + + // #when + manager.addAccount(newParts, "access", Date.now(), "new@example.com", "free") + + // #then + const accounts = manager.getAccounts() + expect(accounts[2]?.index).toBe(2) + }) + + it("should initialize new account with empty rate limits", () => { + // #given + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, null) + const newParts: AntigravityRefreshParts = { + refreshToken: "new-refresh", + projectId: "new-project", + } + + // #when + manager.addAccount(newParts, "access", Date.now(), "new@example.com", "free") + + // #then + const accounts = manager.getAccounts() + const newAccount = accounts[accounts.length - 1] + expect(newAccount?.rateLimits).toEqual({}) + }) + }) + + describe("removeAccount", () => { + it("should remove account by index", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + createMockAccountMetadata({ email: "user3@example.com" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + const result = manager.removeAccount(1) + + // #then + expect(result).toBe(true) + expect(manager.getAccountCount()).toBe(2) + const accounts = manager.getAccounts() + expect(accounts.map((a) => a.email)).toEqual(["user1@example.com", "user3@example.com"]) + }) + + it("should re-index remaining accounts after removal", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + createMockAccountMetadata({ email: "user3@example.com" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + manager.removeAccount(0) + + // #then + const accounts = manager.getAccounts() + expect(accounts[0]?.index).toBe(0) + expect(accounts[1]?.index).toBe(1) + }) + + it("should return false for invalid index", () => { + // #given + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, null) + + // #when + const result = manager.removeAccount(999) + + // #then + expect(result).toBe(false) + }) + + it("should return false for negative index", () => { + // #given + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, null) + + // #when + const result = manager.removeAccount(-1) + + // #then + expect(result).toBe(false) + }) + }) + + describe("save", () => { + it("should persist accounts to storage", async () => { + // #given + const storagePath = join(testDir, "accounts.json") + const storedAccounts = createMockAccountStorage( + [createMockAccountMetadata({ email: "user1@example.com", tier: "paid" })], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + await manager.save(storagePath) + + // #then + const content = await fs.readFile(storagePath, "utf-8") + const saved = JSON.parse(content) as AccountStorage + expect(saved.version).toBe(1) + expect(saved.accounts).toHaveLength(1) + expect(saved.accounts[0]?.email).toBe("user1@example.com") + expect(saved.activeIndex).toBe(0) + }) + + it("should save current activeIndex", async () => { + // #given + const storagePath = join(testDir, "accounts.json") + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + ], + 1 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + await manager.save(storagePath) + + // #then + const content = await fs.readFile(storagePath, "utf-8") + const saved = JSON.parse(content) as AccountStorage + expect(saved.activeIndex).toBe(1) + }) + + it("should save rate limit state", async () => { + // #given + const storagePath = join(testDir, "accounts.json") + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, null) + const account = manager.getCurrentAccount()! + const resetTime = Date.now() + 60000 + account.rateLimits.claude = resetTime + + // #when + await manager.save(storagePath) + + // #then + const content = await fs.readFile(storagePath, "utf-8") + const saved = JSON.parse(content) as AccountStorage + expect(saved.accounts[0]?.rateLimits.claude).toBe(resetTime) + }) + }) + + describe("toAuthDetails", () => { + it("should convert current account to OAuth format", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ + email: "user1@example.com", + refreshToken: "refresh-1", + projectId: "project-1", + managedProjectId: "managed-1", + }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + const authDetails = manager.toAuthDetails() + + // #then + expect(authDetails.refresh).toContain("refresh-1") + expect(authDetails.refresh).toContain("project-1") + expect(authDetails.access).toBe("access-token") + }) + + it("should include all accounts in refresh token", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ refreshToken: "refresh-1", projectId: "project-1" }), + createMockAccountMetadata({ refreshToken: "refresh-2", projectId: "project-2" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + const authDetails = manager.toAuthDetails() + + // #then + expect(authDetails.refresh).toContain("refresh-1") + expect(authDetails.refresh).toContain("refresh-2") + }) + + it("should throw error when no accounts available", () => { + // #given + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, null) + while (manager.getAccountCount() > 0) { + manager.removeAccount(0) + } + + // #when / #then + expect(() => manager.toAuthDetails()).toThrow("No accounts available") + }) + }) + + describe("getAccounts", () => { + it("should return copy of accounts array", () => { + // #given + const storedAccounts = createMockAccountStorage( + [createMockAccountMetadata({ email: "user1@example.com" })], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + const accounts = manager.getAccounts() + accounts.push({} as ManagedAccount) + + // #then + expect(manager.getAccountCount()).toBe(1) + }) + }) + + describe("getAccountCount", () => { + it("should return correct count", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + createMockAccountMetadata({ email: "user3@example.com" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + const count = manager.getAccountCount() + + // #then + expect(count).toBe(3) + }) + }) + + describe("removeAccount activeIndex adjustment", () => { + it("should adjust activeIndex when removing account before active", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + createMockAccountMetadata({ email: "user3@example.com" }), + ], + 2 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + manager.removeAccount(0) + + // #then + const current = manager.getCurrentAccount() + expect(current?.email).toBe("user3@example.com") + }) + + it("should switch to next account when removing active account", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + createMockAccountMetadata({ email: "user3@example.com" }), + ], + 1 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + manager.removeAccount(1) + + // #then + const current = manager.getCurrentAccount() + expect(current?.email).toBe("user3@example.com") + }) + + it("should not adjust activeIndex when removing account after active", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + createMockAccountMetadata({ email: "user3@example.com" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + manager.removeAccount(2) + + // #then + const current = manager.getCurrentAccount() + expect(current?.email).toBe("user1@example.com") + }) + + it("should handle removing last remaining account", () => { + // #given + const storedAccounts = createMockAccountStorage( + [createMockAccountMetadata({ email: "user1@example.com" })], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when + manager.removeAccount(0) + + // #then + expect(manager.getAccountCount()).toBe(0) + expect(manager.getCurrentAccount()).toBeNull() + }) + }) + + describe("round-robin rotation", () => { + it("should rotate through accounts in round-robin fashion", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com", tier: "free" }), + createMockAccountMetadata({ email: "user2@example.com", tier: "free" }), + createMockAccountMetadata({ email: "user3@example.com", tier: "free" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when - mark first account as rate limited and get next multiple times + const first = manager.getCurrentAccount()! + manager.markRateLimited(first, 60000, "claude") + + const second = manager.getCurrentOrNextForFamily("claude") + manager.markRateLimited(second!, 60000, "claude") + + const third = manager.getCurrentOrNextForFamily("claude") + + // #then + expect(second?.email).toBe("user2@example.com") + expect(third?.email).toBe("user3@example.com") + }) + + it("should wrap around when reaching end of account list", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com", tier: "free" }), + createMockAccountMetadata({ email: "user2@example.com", tier: "free" }), + ], + 1 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when - rate limit current, then get next repeatedly + const current = manager.getCurrentAccount()! + manager.markRateLimited(current, 60000, "claude") + const next = manager.getCurrentOrNextForFamily("claude") + + // #then + expect(next?.email).toBe("user1@example.com") + }) + }) + + describe("rate limit expiry during rotation", () => { + it("should clear expired rate limits before selecting account", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com", tier: "paid" }), + createMockAccountMetadata({ email: "user2@example.com", tier: "free" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + const paidAccount = manager.getCurrentAccount()! + + // #when - set expired rate limit on paid account + paidAccount.rateLimits.claude = Date.now() - 1000 + + const selected = manager.getCurrentOrNextForFamily("claude") + + // #then - should use paid account since limit expired + expect(selected?.email).toBe("user1@example.com") + expect(selected?.rateLimits.claude).toBeUndefined() + }) + + it("should not use account with future rate limit", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com", tier: "paid" }), + createMockAccountMetadata({ email: "user2@example.com", tier: "free" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + const paidAccount = manager.getCurrentAccount()! + + // #when - set future rate limit on paid account + paidAccount.rateLimits.claude = Date.now() + 60000 + + const selected = manager.getCurrentOrNextForFamily("claude") + + // #then - should use free account since paid is still limited + expect(selected?.email).toBe("user2@example.com") + }) + }) + + describe("partial rate limiting across model families", () => { + it("should allow account for one family while limited for another", () => { + // #given + const storedAccounts = createMockAccountStorage( + [createMockAccountMetadata({ email: "user1@example.com" })], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + const account = manager.getCurrentAccount()! + + // #when - rate limit for claude only + manager.markRateLimited(account, 60000, "claude") + + const claudeAccount = manager.getCurrentOrNextForFamily("claude") + const geminiAccount = manager.getCurrentOrNextForFamily("gemini-flash") + + // #then + expect(claudeAccount).toBeNull() + expect(geminiAccount?.email).toBe("user1@example.com") + }) + + it("should handle mixed rate limits across multiple accounts", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + const accounts = manager.getAccounts() + + // #when - user1 limited for claude, user2 limited for gemini + manager.markRateLimited(accounts[0]!, 60000, "claude") + manager.markRateLimited(accounts[1]!, 60000, "gemini-flash") + + const claudeAccount = manager.getCurrentOrNextForFamily("claude") + const geminiAccount = manager.getCurrentOrNextForFamily("gemini-flash") + + // #then + expect(claudeAccount?.email).toBe("user2@example.com") + expect(geminiAccount?.email).toBe("user1@example.com") + }) + + it("should handle all families rate limited for an account", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "user1@example.com" }), + createMockAccountMetadata({ email: "user2@example.com" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + const account = manager.getCurrentAccount()! + + // #when - rate limit all families for first account + manager.markRateLimited(account, 60000, "claude") + manager.markRateLimited(account, 60000, "gemini-flash") + manager.markRateLimited(account, 60000, "gemini-pro") + + // #then - should rotate to second account for all families + expect(manager.getCurrentOrNextForFamily("claude")?.email).toBe("user2@example.com") + expect(manager.getCurrentOrNextForFamily("gemini-flash")?.email).toBe("user2@example.com") + expect(manager.getCurrentOrNextForFamily("gemini-pro")?.email).toBe("user2@example.com") + }) + }) + + describe("tier prioritization edge cases", () => { + it("should use free account when all paid accounts are rate limited", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "paid1@example.com", tier: "paid" }), + createMockAccountMetadata({ email: "paid2@example.com", tier: "paid" }), + createMockAccountMetadata({ email: "free1@example.com", tier: "free" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + const accounts = manager.getAccounts() + + // #when - rate limit all paid accounts + manager.markRateLimited(accounts[0]!, 60000, "claude") + manager.markRateLimited(accounts[1]!, 60000, "claude") + + const selected = manager.getCurrentOrNextForFamily("claude") + + // #then - should fall back to free account + expect(selected?.email).toBe("free1@example.com") + expect(selected?.tier).toBe("free") + }) + + it("should switch to paid account when current free and paid becomes available", () => { + // #given + const storedAccounts = createMockAccountStorage( + [ + createMockAccountMetadata({ email: "free@example.com", tier: "free" }), + createMockAccountMetadata({ email: "paid@example.com", tier: "paid" }), + ], + 0 + ) + const auth = createMockAuthDetails() + const manager = new AccountManager(auth, storedAccounts) + + // #when - current is free, paid is available + const selected = manager.getCurrentOrNextForFamily("claude") + + // #then - should prefer paid account + expect(selected?.email).toBe("paid@example.com") + }) + }) + + describe("constructor edge cases", () => { + it("should handle invalid activeIndex in stored accounts", () => { + // #given + const storedAccounts = createMockAccountStorage( + [createMockAccountMetadata({ email: "user1@example.com" })], + 999 + ) + const auth = createMockAuthDetails() + + // #when + const manager = new AccountManager(auth, storedAccounts) + + // #then - should fall back to 0 + const current = manager.getCurrentAccount() + expect(current?.email).toBe("user1@example.com") + }) + + it("should handle negative activeIndex", () => { + // #given + const storedAccounts = createMockAccountStorage( + [createMockAccountMetadata({ email: "user1@example.com" })], + -1 + ) + const auth = createMockAuthDetails() + + // #when + const manager = new AccountManager(auth, storedAccounts) + + // #then - should fall back to 0 + const current = manager.getCurrentAccount() + expect(current?.email).toBe("user1@example.com") + }) + }) +}) diff --git a/src/auth/antigravity/accounts.ts b/src/auth/antigravity/accounts.ts new file mode 100644 index 0000000..5e127f8 --- /dev/null +++ b/src/auth/antigravity/accounts.ts @@ -0,0 +1,244 @@ +import { saveAccounts } from "./storage" +import { parseStoredToken, formatTokenForStorage } from "./token" +import { + MODEL_FAMILIES, + type AccountStorage, + type AccountMetadata, + type AccountTier, + type AntigravityRefreshParts, + type ModelFamily, + type RateLimitState, +} from "./types" + +export interface ManagedAccount { + index: number + parts: AntigravityRefreshParts + access?: string + expires?: number + rateLimits: RateLimitState + lastUsed: number + email?: string + tier?: AccountTier +} + +interface AuthDetails { + refresh: string + access: string + expires: number +} + +interface OAuthAuthDetails { + type: "oauth" + refresh: string + access: string + expires: number +} + +function isRateLimitedForFamily(account: ManagedAccount, family: ModelFamily): boolean { + const resetTime = account.rateLimits[family] + return resetTime !== undefined && Date.now() < resetTime +} + +export class AccountManager { + private accounts: ManagedAccount[] = [] + private currentIndex = 0 + private activeIndex = 0 + + constructor(auth: AuthDetails, storedAccounts?: AccountStorage | null) { + if (storedAccounts && storedAccounts.accounts.length > 0) { + const validActiveIndex = + typeof storedAccounts.activeIndex === "number" && + storedAccounts.activeIndex >= 0 && + storedAccounts.activeIndex < storedAccounts.accounts.length + ? storedAccounts.activeIndex + : 0 + + this.activeIndex = validActiveIndex + this.currentIndex = validActiveIndex + + this.accounts = storedAccounts.accounts.map((acc, index) => ({ + index, + parts: { + refreshToken: acc.refreshToken, + projectId: acc.projectId, + managedProjectId: acc.managedProjectId, + }, + access: index === validActiveIndex ? auth.access : acc.accessToken, + expires: index === validActiveIndex ? auth.expires : acc.expiresAt, + rateLimits: acc.rateLimits ?? {}, + lastUsed: 0, + email: acc.email, + tier: acc.tier, + })) + } else { + this.activeIndex = 0 + this.currentIndex = 0 + + const parts = parseStoredToken(auth.refresh) + this.accounts.push({ + index: 0, + parts, + access: auth.access, + expires: auth.expires, + rateLimits: {}, + lastUsed: 0, + }) + } + } + + getAccountCount(): number { + return this.accounts.length + } + + getCurrentAccount(): ManagedAccount | null { + if (this.activeIndex >= 0 && this.activeIndex < this.accounts.length) { + return this.accounts[this.activeIndex] ?? null + } + return null + } + + getAccounts(): ManagedAccount[] { + return [...this.accounts] + } + + getCurrentOrNextForFamily(family: ModelFamily): ManagedAccount | null { + for (const account of this.accounts) { + this.clearExpiredRateLimits(account) + } + + const current = this.getCurrentAccount() + if (current) { + if (!isRateLimitedForFamily(current, family)) { + const betterTierAvailable = + current.tier !== "paid" && + this.accounts.some((a) => a.tier === "paid" && !isRateLimitedForFamily(a, family)) + + if (!betterTierAvailable) { + current.lastUsed = Date.now() + return current + } + } + } + + const next = this.getNextForFamily(family) + if (next) { + this.activeIndex = next.index + } + return next + } + + getNextForFamily(family: ModelFamily): ManagedAccount | null { + const available = this.accounts.filter((a) => !isRateLimitedForFamily(a, family)) + + if (available.length === 0) { + return null + } + + const paidAvailable = available.filter((a) => a.tier === "paid") + const pool = paidAvailable.length > 0 ? paidAvailable : available + + const account = pool[this.currentIndex % pool.length] + if (!account) { + return null + } + + this.currentIndex++ + account.lastUsed = Date.now() + return account + } + + markRateLimited(account: ManagedAccount, retryAfterMs: number, family: ModelFamily): void { + account.rateLimits[family] = Date.now() + retryAfterMs + } + + clearExpiredRateLimits(account: ManagedAccount): void { + const now = Date.now() + for (const family of MODEL_FAMILIES) { + if (account.rateLimits[family] !== undefined && now >= account.rateLimits[family]!) { + delete account.rateLimits[family] + } + } + } + + addAccount( + parts: AntigravityRefreshParts, + access?: string, + expires?: number, + email?: string, + tier?: AccountTier + ): void { + this.accounts.push({ + index: this.accounts.length, + parts, + access, + expires, + rateLimits: {}, + lastUsed: 0, + email, + tier, + }) + } + + removeAccount(index: number): boolean { + if (index < 0 || index >= this.accounts.length) { + return false + } + + this.accounts.splice(index, 1) + + if (index < this.activeIndex) { + this.activeIndex-- + } else if (index === this.activeIndex) { + this.activeIndex = Math.min(this.activeIndex, Math.max(0, this.accounts.length - 1)) + } + + if (index < this.currentIndex) { + this.currentIndex-- + } else if (index === this.currentIndex) { + this.currentIndex = Math.min(this.currentIndex, Math.max(0, this.accounts.length - 1)) + } + + for (let i = 0; i < this.accounts.length; i++) { + this.accounts[i]!.index = i + } + + return true + } + + async save(path?: string): Promise { + const storage: AccountStorage = { + version: 1, + accounts: this.accounts.map((acc) => ({ + email: acc.email ?? "", + tier: acc.tier ?? "free", + refreshToken: acc.parts.refreshToken, + projectId: acc.parts.projectId ?? "", + managedProjectId: acc.parts.managedProjectId, + accessToken: acc.access ?? "", + expiresAt: acc.expires ?? 0, + rateLimits: acc.rateLimits, + })), + activeIndex: Math.max(0, this.activeIndex), + } + + await saveAccounts(storage, path) + } + + toAuthDetails(): OAuthAuthDetails { + const current = this.getCurrentAccount() ?? this.accounts[0] + if (!current) { + throw new Error("No accounts available") + } + + const allRefreshTokens = this.accounts + .map((acc) => formatTokenForStorage(acc.parts.refreshToken, acc.parts.projectId ?? "", acc.parts.managedProjectId)) + .join("|||") + + return { + type: "oauth", + refresh: allRefreshTokens, + access: current.access ?? "", + expires: current.expires ?? 0, + } + } +} diff --git a/src/auth/antigravity/browser.test.ts b/src/auth/antigravity/browser.test.ts new file mode 100644 index 0000000..7d44f9a --- /dev/null +++ b/src/auth/antigravity/browser.test.ts @@ -0,0 +1,37 @@ +import { describe, it, expect, mock, spyOn } from "bun:test" +import { openBrowserURL } from "./browser" + +describe("openBrowserURL", () => { + it("returns true when browser opens successfully", async () => { + // #given + const url = "https://accounts.google.com/oauth" + + // #when + const result = await openBrowserURL(url) + + // #then + expect(typeof result).toBe("boolean") + }) + + it("returns false when open throws an error", async () => { + // #given + const invalidUrl = "" + + // #when + const result = await openBrowserURL(invalidUrl) + + // #then + expect(typeof result).toBe("boolean") + }) + + it("handles URL with special characters", async () => { + // #given + const urlWithParams = "https://accounts.google.com/oauth?state=abc123&redirect_uri=http://localhost:51121" + + // #when + const result = await openBrowserURL(urlWithParams) + + // #then + expect(typeof result).toBe("boolean") + }) +}) diff --git a/src/auth/antigravity/browser.ts b/src/auth/antigravity/browser.ts new file mode 100644 index 0000000..b0a4985 --- /dev/null +++ b/src/auth/antigravity/browser.ts @@ -0,0 +1,51 @@ +/** + * Cross-platform browser opening utility. + * Uses the "open" npm package for reliable cross-platform support. + * + * Supports: macOS, Windows, Linux (including WSL) + */ + +import open from "open" + +/** + * Debug logging helper. + * Only logs when ANTIGRAVITY_DEBUG=1 + */ +function debugLog(message: string): void { + if (process.env.ANTIGRAVITY_DEBUG === "1") { + console.log(`[antigravity-browser] ${message}`) + } +} + +/** + * Opens a URL in the user's default browser. + * + * Cross-platform support: + * - macOS: uses `open` command + * - Windows: uses `start` command + * - Linux: uses `xdg-open` command + * - WSL: uses Windows PowerShell + * + * @param url - The URL to open in the browser + * @returns Promise - true if browser opened successfully, false otherwise + * + * @example + * ```typescript + * const success = await openBrowserURL("https://accounts.google.com/oauth...") + * if (!success) { + * console.log("Please open this URL manually:", url) + * } + * ``` + */ +export async function openBrowserURL(url: string): Promise { + debugLog(`Opening browser: ${url}`) + + try { + await open(url) + debugLog("Browser opened successfully") + return true + } catch (error) { + debugLog(`Failed to open browser: ${error instanceof Error ? error.message : String(error)}`) + return false + } +} diff --git a/src/auth/antigravity/cli.test.ts b/src/auth/antigravity/cli.test.ts new file mode 100644 index 0000000..04f6362 --- /dev/null +++ b/src/auth/antigravity/cli.test.ts @@ -0,0 +1,156 @@ +import { describe, it, expect, beforeEach, afterEach, mock } from "bun:test" + +const CANCEL = Symbol("cancel") + +type ConfirmFn = (options: unknown) => Promise +type SelectFn = (options: unknown) => Promise<"free" | "paid" | typeof CANCEL> + +const confirmMock = mock(async () => false) +const selectMock = mock(async () => "free") +const cancelMock = mock<(message?: string) => void>(() => {}) + +mock.module("@clack/prompts", () => { + return { + confirm: confirmMock, + select: selectMock, + isCancel: (value: unknown) => value === CANCEL, + cancel: cancelMock, + } +}) + +function setIsTty(isTty: boolean): () => void { + const original = Object.getOwnPropertyDescriptor(process.stdout, "isTTY") + + Object.defineProperty(process.stdout, "isTTY", { + configurable: true, + value: isTty, + }) + + return () => { + if (original) { + Object.defineProperty(process.stdout, "isTTY", original) + } else { + // Best-effort restore: remove overridden property + // eslint-disable-next-line @typescript-eslint/no-dynamic-delete + delete (process.stdout as unknown as { isTTY?: unknown }).isTTY + } + } +} + +describe("src/auth/antigravity/cli", () => { + let restoreIsTty: (() => void) | null = null + + beforeEach(() => { + confirmMock.mockReset() + selectMock.mockReset() + cancelMock.mockReset() + restoreIsTty?.() + restoreIsTty = null + }) + + afterEach(() => { + restoreIsTty?.() + restoreIsTty = null + }) + + it("promptAddAnotherAccount returns confirm result in TTY", async () => { + // #given + restoreIsTty = setIsTty(true) + confirmMock.mockResolvedValueOnce(true) + + const { promptAddAnotherAccount } = await import("./cli") + + // #when + const result = await promptAddAnotherAccount(2) + + // #then + expect(result).toBe(true) + expect(confirmMock).toHaveBeenCalledTimes(1) + }) + + it("promptAddAnotherAccount returns false in TTY when confirm is false", async () => { + // #given + restoreIsTty = setIsTty(true) + confirmMock.mockResolvedValueOnce(false) + + const { promptAddAnotherAccount } = await import("./cli") + + // #when + const result = await promptAddAnotherAccount(2) + + // #then + expect(result).toBe(false) + expect(confirmMock).toHaveBeenCalledTimes(1) + }) + + it("promptAddAnotherAccount returns false in non-TTY", async () => { + // #given + restoreIsTty = setIsTty(false) + + const { promptAddAnotherAccount } = await import("./cli") + + // #when + const result = await promptAddAnotherAccount(3) + + // #then + expect(result).toBe(false) + expect(confirmMock).toHaveBeenCalledTimes(0) + }) + + it("promptAddAnotherAccount handles cancel", async () => { + // #given + restoreIsTty = setIsTty(true) + confirmMock.mockResolvedValueOnce(CANCEL) + + const { promptAddAnotherAccount } = await import("./cli") + + // #when + const result = await promptAddAnotherAccount(1) + + // #then + expect(result).toBe(false) + }) + + it("promptAccountTier returns selected tier in TTY", async () => { + // #given + restoreIsTty = setIsTty(true) + selectMock.mockResolvedValueOnce("paid") + + const { promptAccountTier } = await import("./cli") + + // #when + const result = await promptAccountTier() + + // #then + expect(result).toBe("paid") + expect(selectMock).toHaveBeenCalledTimes(1) + }) + + it("promptAccountTier returns free in non-TTY", async () => { + // #given + restoreIsTty = setIsTty(false) + + const { promptAccountTier } = await import("./cli") + + // #when + const result = await promptAccountTier() + + // #then + expect(result).toBe("free") + expect(selectMock).toHaveBeenCalledTimes(0) + }) + + it("promptAccountTier handles cancel", async () => { + // #given + restoreIsTty = setIsTty(true) + selectMock.mockResolvedValueOnce(CANCEL) + + const { promptAccountTier } = await import("./cli") + + // #when + const result = await promptAccountTier() + + // #then + expect(result).toBe("free") + }) +}) diff --git a/src/auth/antigravity/cli.ts b/src/auth/antigravity/cli.ts new file mode 100644 index 0000000..9e76d91 --- /dev/null +++ b/src/auth/antigravity/cli.ts @@ -0,0 +1,37 @@ +import { confirm, select, isCancel } from "@clack/prompts" + +export async function promptAddAnotherAccount(currentCount: number): Promise { + if (!process.stdout.isTTY) { + return false + } + + const result = await confirm({ + message: `Add another Google account?\nCurrently have ${currentCount} accounts (max 10)`, + }) + + if (isCancel(result)) { + return false + } + + return result +} + +export async function promptAccountTier(): Promise<"free" | "paid"> { + if (!process.stdout.isTTY) { + return "free" + } + + const tier = await select({ + message: "Select account tier", + options: [ + { value: "free" as const, label: "Free" }, + { value: "paid" as const, label: "Paid" }, + ], + }) + + if (isCancel(tier)) { + return "free" + } + + return tier +} diff --git a/src/auth/antigravity/constants.ts b/src/auth/antigravity/constants.ts index 0a71f49..a6df5f6 100644 --- a/src/auth/antigravity/constants.ts +++ b/src/auth/antigravity/constants.ts @@ -35,11 +35,12 @@ export const ANTIGRAVITY_SCOPES = [ "https://www.googleapis.com/auth/experimentsandconfigs", ] as const -// API Endpoint Fallbacks (order: daily → autopush → prod) +// API Endpoint Fallbacks - matches CLIProxyAPI antigravity_executor.go:1192-1201 +// Claude models only available on SANDBOX endpoints (429 quota vs 404 not found) export const ANTIGRAVITY_ENDPOINT_FALLBACKS = [ - "https://daily-cloudcode-pa.sandbox.googleapis.com", // dev - "https://autopush-cloudcode-pa.sandbox.googleapis.com", // staging - "https://cloudcode-pa.googleapis.com", // prod + "https://daily-cloudcode-pa.sandbox.googleapis.com", + "https://daily-cloudcode-pa.googleapis.com", + "https://cloudcode-pa.googleapis.com", ] as const // API Version @@ -72,3 +73,195 @@ export const ANTIGRAVITY_TOKEN_REFRESH_BUFFER_MS = 60_000 // Default thought signature to skip validation (CLIProxyAPI approach) export const SKIP_THOUGHT_SIGNATURE_VALIDATOR = "skip_thought_signature_validator" + +// ============================================================================ +// System Prompt - Sourced from CLIProxyAPI antigravity_executor.go:1049-1050 +// ============================================================================ + +export const ANTIGRAVITY_SYSTEM_PROMPT = ` +You are Antigravity, a powerful agentic AI coding assistant designed by the Google Deepmind team working on Advanced Agentic Coding. +You are pair programming with a USER to solve their coding task. The task may require creating a new codebase, modifying or debugging an existing codebase, or simply answering a question. +The USER will send you requests, which you must always prioritize addressing. Along with each USER request, we will attach additional metadata about their current state, such as what files they have open and where their cursor is. +This information may or may not be relevant to the coding task, it is up for you to decide. + + + +Call tools as you normally would. The following list provides additional guidance to help you avoid errors: + - **Absolute paths only**. When using tools that accept file path arguments, ALWAYS use the absolute file path. + + + +## Technology Stack +Your web applications should be built using the following technologies: +1. **Core**: Use HTML for structure and Javascript for logic. +2. **Styling (CSS)**: Use Vanilla CSS for maximum flexibility and control. Avoid using TailwindCSS unless the USER explicitly requests it; in this case, first confirm which TailwindCSS version to use. +3. **Web App**: If the USER specifies that they want a more complex web app, use a framework like Next.js or Vite. Only do this if the USER explicitly requests a web app. +4. **New Project Creation**: If you need to use a framework for a new app, use \`npx\` with the appropriate script, but there are some rules to follow: + - Use \`npx -y\` to automatically install the script and its dependencies + - You MUST run the command with \`--help\` flag to see all available options first + - Initialize the app in the current directory with \`./\` (example: \`npx -y create-vite-app@latest ./\`) + +` + +// ============================================================================ +// Thinking Configuration - Sourced from CLIProxyAPI internal/util/gemini_thinking.go:481-487 +// ============================================================================ + +/** + * Maps reasoning_effort UI values to thinking budget tokens. + * + * Key notes: + * - `none: 0` is a sentinel value meaning "delete thinkingConfig entirely" + * - `auto: -1` triggers dynamic budget calculation based on context + * - All other values represent actual thinking budget in tokens + */ +export const REASONING_EFFORT_BUDGET_MAP: Record = { + none: 0, // Special: DELETE thinkingConfig entirely + auto: -1, // Dynamic calculation + minimal: 512, + low: 1024, + medium: 8192, + high: 24576, + xhigh: 32768, +} + +/** + * Model-specific thinking configuration. + * + * thinkingType: + * - "numeric": Uses thinkingBudget (number) - Gemini 2.5, Claude via Antigravity + * - "levels": Uses thinkingLevel (string) - Gemini 3 + * + * zeroAllowed: + * - true: Budget can be 0 (thinking disabled) + * - false: Minimum budget enforced (cannot disable thinking) + */ +export interface AntigravityModelConfig { + thinkingType: "numeric" | "levels" + min: number + max: number + zeroAllowed: boolean + levels?: string[] // lowercase only: "low", "high" (NOT "LOW", "HIGH") +} + +/** + * Thinking configuration per model. + * Keys are normalized model IDs (no provider prefix, no variant suffix). + * + * Config lookup uses pattern matching fallback: + * - includes("gemini-3") → Gemini 3 (levels) + * - includes("gemini-2.5") → Gemini 2.5 (numeric) + * - includes("claude") → Claude via Antigravity (numeric) + */ +export const ANTIGRAVITY_MODEL_CONFIGS: Record = { + "gemini-2.5-flash": { + thinkingType: "numeric", + min: 0, + max: 24576, + zeroAllowed: true, + }, + "gemini-2.5-flash-lite": { + thinkingType: "numeric", + min: 0, + max: 24576, + zeroAllowed: true, + }, + "gemini-2.5-computer-use-preview-10-2025": { + thinkingType: "numeric", + min: 128, + max: 32768, + zeroAllowed: false, + }, + "gemini-3-pro-preview": { + thinkingType: "levels", + min: 128, + max: 32768, + zeroAllowed: false, + levels: ["low", "high"], + }, + "gemini-3-flash-preview": { + thinkingType: "levels", + min: 128, + max: 32768, + zeroAllowed: false, + levels: ["minimal", "low", "medium", "high"], + }, + "gemini-claude-sonnet-4-5-thinking": { + thinkingType: "numeric", + min: 1024, + max: 200000, + zeroAllowed: false, + }, + "gemini-claude-opus-4-5-thinking": { + thinkingType: "numeric", + min: 1024, + max: 200000, + zeroAllowed: false, + }, +} + +// ============================================================================ +// Model ID Normalization +// ============================================================================ + +/** + * Normalizes model ID for config lookup. + * + * Algorithm: + * 1. Strip provider prefix (e.g., "google/") + * 2. Strip "antigravity-" prefix + * 3. Strip UI variant suffixes (-high, -low, -thinking-*) + * + * Examples: + * - "google/antigravity-gemini-3-pro-high" → "gemini-3-pro" + * - "antigravity-gemini-3-flash-preview" → "gemini-3-flash-preview" + * - "gemini-2.5-flash" → "gemini-2.5-flash" + * - "gemini-claude-sonnet-4-5-thinking-high" → "gemini-claude-sonnet-4-5" + */ +export function normalizeModelId(model: string): string { + let normalized = model + + // 1. Strip provider prefix (e.g., "google/") + if (normalized.includes("/")) { + normalized = normalized.split("/").pop() || normalized + } + + // 2. Strip "antigravity-" prefix + if (normalized.startsWith("antigravity-")) { + normalized = normalized.substring("antigravity-".length) + } + + // 3. Strip UI variant suffixes (-high, -low, -thinking-*) + normalized = normalized.replace(/-thinking-(low|medium|high)$/, "") + normalized = normalized.replace(/-(high|low)$/, "") + + return normalized +} + +export const ANTIGRAVITY_SUPPORTED_MODELS = [ + "gemini-2.5-flash", + "gemini-2.5-flash-lite", + "gemini-2.5-computer-use-preview-10-2025", + "gemini-3-pro-preview", + "gemini-3-flash-preview", + "gemini-claude-sonnet-4-5-thinking", + "gemini-claude-opus-4-5-thinking", +] as const + +// ============================================================================ +// Model Alias Mapping (for Antigravity API) +// ============================================================================ + +/** + * Converts UI model names to Antigravity API model names. + * + * NOTE: Tested 2026-01-08 - Gemini 3 models work with -preview suffix directly. + * The CLIProxyAPI transformations (gemini-3-pro-high, gemini-3-flash) return 404. + * Claude models return 404 on all endpoints (may require special access/quota). + */ +export function alias2ModelName(modelName: string): string { + if (modelName.startsWith("gemini-claude-")) { + return modelName.substring("gemini-".length) + } + return modelName +} diff --git a/src/auth/antigravity/fetch.ts b/src/auth/antigravity/fetch.ts index b003b5b..49af707 100644 --- a/src/auth/antigravity/fetch.ts +++ b/src/auth/antigravity/fetch.ts @@ -20,6 +20,9 @@ import { ANTIGRAVITY_ENDPOINT_FALLBACKS } from "./constants" import { fetchProjectContext, clearProjectContextCache, invalidateProjectContextByRefreshToken } from "./project" import { isTokenExpired, refreshAccessToken, parseStoredToken, formatTokenForStorage, AntigravityTokenRefreshError } from "./token" +import { AccountManager, type ManagedAccount } from "./accounts" +import { loadAccounts } from "./storage" +import type { ModelFamily } from "./types" import { transformRequest } from "./request" import { convertRequestBody, hasOpenAIMessages } from "./message-converter" import { @@ -28,7 +31,7 @@ import { isStreamingResponse, } from "./response" import { normalizeToolsForGemini, type OpenAITool } from "./tools" -import { extractThinkingBlocks, shouldIncludeThinking, transformResponseThinking } from "./thinking" +import { extractThinkingBlocks, shouldIncludeThinking, transformResponseThinking, extractThinkingConfig, applyThinkingConfigToRequest } from "./thinking" import { getThoughtSignature, setThoughtSignature, @@ -69,6 +72,33 @@ function isRetryableError(status: number): boolean { return false } +function getModelFamilyFromModelName(modelName: string): ModelFamily | null { + const lower = modelName.toLowerCase() + if (lower.includes("claude") || lower.includes("anthropic")) return "claude" + if (lower.includes("flash")) return "gemini-flash" + if (lower.includes("gemini")) return "gemini-pro" + return null +} + +function getModelFamilyFromUrl(url: string): ModelFamily { + if (url.includes("claude")) return "claude" + if (url.includes("flash")) return "gemini-flash" + return "gemini-pro" +} + +function getModelFamily(url: string, init?: RequestInit): ModelFamily { + if (init?.body && typeof init.body === "string") { + try { + const body = JSON.parse(init.body) as Record + if (typeof body.model === "string") { + const fromModel = getModelFamilyFromModelName(body.model) + if (fromModel) return fromModel + } + } catch {} + } + return getModelFamilyFromUrl(url) +} + const GCP_PERMISSION_ERROR_PATTERNS = [ "PERMISSION_DENIED", "does not have permission", @@ -109,7 +139,13 @@ interface AttemptFetchOptions { thoughtSignature?: string } -type AttemptFetchResult = Response | null | "pass-through" | "needs-refresh" +interface RateLimitInfo { + type: "rate-limited" + retryAfterMs: number + status: number +} + +type AttemptFetchResult = Response | null | "pass-through" | "needs-refresh" | RateLimitInfo async function attemptFetch( options: AttemptFetchOptions @@ -169,6 +205,23 @@ async function attemptFetch( thoughtSignature, }) + // Apply thinking config from reasoning_effort (from think-mode hook) + const effectiveModel = modelName || transformed.body.model + const thinkingConfig = extractThinkingConfig( + parsedBody, + parsedBody.generationConfig as Record | undefined, + parsedBody, + ) + if (thinkingConfig) { + debugLog(`[THINKING] Applying thinking config for model: ${effectiveModel}`) + applyThinkingConfigToRequest( + transformed.body as unknown as Record, + effectiveModel, + thinkingConfig, + ) + debugLog(`[THINKING] Thinking config applied successfully`) + } + debugLog(`[REQ] streaming=${transformed.streaming}, url=${transformed.url}`) const maxPermissionRetries = 10 @@ -204,6 +257,31 @@ async function attemptFetch( } catch {} } + if (response.status === 429) { + const retryAfter = response.headers.get("retry-after") + let retryAfterMs = 60000 + if (retryAfter) { + const parsed = parseInt(retryAfter, 10) + if (!isNaN(parsed) && parsed > 0) { + retryAfterMs = parsed * 1000 + } else { + const httpDate = Date.parse(retryAfter) + if (!isNaN(httpDate)) { + retryAfterMs = Math.max(0, httpDate - Date.now()) + } + } + } + debugLog(`[429] Rate limited, retry-after: ${retryAfterMs}ms`) + await response.body?.cancel() + return { type: "rate-limited" as const, retryAfterMs, status: 429 } + } + + if (response.status >= 500 && response.status < 600) { + debugLog(`[5xx] Server error ${response.status}, marking for rotation`) + await response.body?.cancel() + return { type: "rate-limited" as const, retryAfterMs: 300000, status: response.status } + } + if (!response.ok && (await isRetryableResponse(response))) { debugLog(`Endpoint failed: ${endpoint} (status: ${response.status}), trying next`) return null @@ -350,13 +428,17 @@ export function createAntigravityFetch( client: AuthClient, providerId: string, clientId?: string, - clientSecret?: string + clientSecret?: string, + accountManager?: AccountManager | null ): (url: string, init?: RequestInit) => Promise { let cachedTokens: AntigravityTokens | null = null let cachedProjectId: string | null = null + let lastAccountIndex: number | null = null const fetchInstanceId = crypto.randomUUID() + let manager: AccountManager | null = accountManager || null + let accountsLoaded = false - return async (url: string, init: RequestInit = {}): Promise => { + const fetchFn = async (url: string, init: RequestInit = {}): Promise => { debugLog(`Intercepting request to: ${url}`) // Get current auth state @@ -366,7 +448,55 @@ export function createAntigravityFetch( } // Parse stored token format - const refreshParts = parseStoredToken(auth.refresh) + let refreshParts = parseStoredToken(auth.refresh) + + if (!accountsLoaded && !manager && auth.refresh) { + try { + const storedAccounts = await loadAccounts() + if (storedAccounts) { + manager = new AccountManager( + { refresh: auth.refresh, access: auth.access || "", expires: auth.expires || 0 }, + storedAccounts + ) + debugLog(`[ACCOUNTS] Loaded ${manager.getAccountCount()} accounts from storage`) + } + } catch (error) { + debugLog(`[ACCOUNTS] Failed to load accounts, falling back to single-account: ${error instanceof Error ? error.message : "Unknown"}`) + } + accountsLoaded = true + } + + let currentAccount: ManagedAccount | null = null + if (manager) { + const family = getModelFamily(url, init) + currentAccount = manager.getCurrentOrNextForFamily(family) + + if (currentAccount) { + debugLog(`[ACCOUNTS] Using account ${currentAccount.index + 1}/${manager.getAccountCount()} for ${family}`) + + if (lastAccountIndex === null || lastAccountIndex !== currentAccount.index) { + if (lastAccountIndex !== null) { + debugLog(`[ACCOUNTS] Account changed from ${lastAccountIndex + 1} to ${currentAccount.index + 1}, clearing cached state`) + } else if (cachedProjectId) { + debugLog(`[ACCOUNTS] First account introduced, clearing cached state`) + } + cachedProjectId = null + cachedTokens = null + } + lastAccountIndex = currentAccount.index + + if (currentAccount.access && currentAccount.expires) { + auth.access = currentAccount.access + auth.expires = currentAccount.expires + } + + refreshParts = { + refreshToken: currentAccount.parts.refreshToken, + projectId: currentAccount.parts.projectId, + managedProjectId: currentAccount.parts.managedProjectId, + } + } + } // Build initial token state if (!cachedTokens) { @@ -581,7 +711,52 @@ export function createAntigravityFetch( } } - if (response) { + if (response && typeof response === "object" && "type" in response && response.type === "rate-limited") { + const rateLimitInfo = response as RateLimitInfo + const family = getModelFamily(url, init) + + if (rateLimitInfo.retryAfterMs > 5000 && manager && currentAccount) { + manager.markRateLimited(currentAccount, rateLimitInfo.retryAfterMs, family) + await manager.save() + debugLog(`[RATE-LIMIT] Account ${currentAccount.index + 1} rate-limited for ${family}, rotating...`) + + const nextAccount = manager.getCurrentOrNextForFamily(family) + if (nextAccount && nextAccount.index !== currentAccount.index) { + debugLog(`[RATE-LIMIT] Switched to account ${nextAccount.index + 1}`) + return fetchFn(url, init) + } + } + + const isLastEndpoint = i === maxEndpoints - 1 + if (isLastEndpoint) { + const isServerError = rateLimitInfo.status >= 500 + debugLog(`[RATE-LIMIT] No alternative account or endpoint, returning ${rateLimitInfo.status}`) + return new Response( + JSON.stringify({ + error: { + message: isServerError + ? `Server error (${rateLimitInfo.status}). Retry after ${Math.ceil(rateLimitInfo.retryAfterMs / 1000)} seconds` + : `Rate limited. Retry after ${Math.ceil(rateLimitInfo.retryAfterMs / 1000)} seconds`, + type: isServerError ? "server_error" : "rate_limit", + code: isServerError ? "server_error" : "rate_limited", + }, + }), + { + status: rateLimitInfo.status, + statusText: isServerError ? "Server Error" : "Too Many Requests", + headers: { + "Content-Type": "application/json", + "Retry-After": String(Math.ceil(rateLimitInfo.retryAfterMs / 1000)), + }, + } + ) + } + + debugLog(`[RATE-LIMIT] No alternative account available, trying next endpoint`) + continue + } + + if (response && response instanceof Response) { debugLog(`Success with endpoint: ${endpoint}`) const transformedResponse = await transformResponseWithThinking( response, @@ -613,6 +788,8 @@ export function createAntigravityFetch( return executeWithEndpoints() } + + return fetchFn } /** diff --git a/src/auth/antigravity/integration.test.ts b/src/auth/antigravity/integration.test.ts new file mode 100644 index 0000000..3aecae4 --- /dev/null +++ b/src/auth/antigravity/integration.test.ts @@ -0,0 +1,306 @@ +/** + * Antigravity Integration Tests - End-to-End + * + * Tests the complete request transformation pipeline: + * - Request parsing and model extraction + * - System prompt injection (handled by transformRequest) + * - Thinking config application (handled by applyThinkingConfigToRequest) + * - Body wrapping for Antigravity API format + */ + +import { describe, it, expect } from "bun:test" +import { transformRequest } from "./request" +import { extractThinkingConfig, applyThinkingConfigToRequest } from "./thinking" + +describe("Antigravity Integration - End-to-End", () => { + describe("Thinking Config Integration", () => { + it("Gemini 3 with reasoning_effort='high' → thinkingLevel='high'", () => { + // #given + const inputBody: Record = { + model: "gemini-3-pro-preview", + reasoning_effort: "high", + messages: [{ role: "user", content: "test" }], + } + + // #when + const transformed = transformRequest({ + url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-3-pro-preview:generateContent", + body: inputBody, + accessToken: "test-token", + projectId: "test-project", + sessionId: "test-session", + modelName: "gemini-3-pro-preview", + }) + + const thinkingConfig = extractThinkingConfig( + inputBody, + inputBody.generationConfig as Record | undefined, + inputBody, + ) + if (thinkingConfig) { + applyThinkingConfigToRequest( + transformed.body as unknown as Record, + "gemini-3-pro-preview", + thinkingConfig, + ) + } + + // #then + const genConfig = transformed.body.request.generationConfig as Record | undefined + const thinkingConfigResult = genConfig?.thinkingConfig as Record | undefined + expect(thinkingConfigResult?.thinkingLevel).toBe("high") + expect(thinkingConfigResult?.thinkingBudget).toBeUndefined() + const systemInstruction = transformed.body.request.systemInstruction as Record | undefined + const parts = systemInstruction?.parts as Array<{ text: string }> | undefined + expect(parts?.[0]?.text).toContain("") + }) + + it("Gemini 2.5 with reasoning_effort='high' → thinkingBudget=24576", () => { + // #given + const inputBody: Record = { + model: "gemini-2.5-flash", + reasoning_effort: "high", + messages: [{ role: "user", content: "test" }], + } + + // #when + const transformed = transformRequest({ + url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-2.5-flash:generateContent", + body: inputBody, + accessToken: "test-token", + projectId: "test-project", + sessionId: "test-session", + modelName: "gemini-2.5-flash", + }) + + const thinkingConfig = extractThinkingConfig( + inputBody, + inputBody.generationConfig as Record | undefined, + inputBody, + ) + if (thinkingConfig) { + applyThinkingConfigToRequest( + transformed.body as unknown as Record, + "gemini-2.5-flash", + thinkingConfig, + ) + } + + // #then + const genConfig = transformed.body.request.generationConfig as Record | undefined + const thinkingConfigResult = genConfig?.thinkingConfig as Record | undefined + expect(thinkingConfigResult?.thinkingBudget).toBe(24576) + expect(thinkingConfigResult?.thinkingLevel).toBeUndefined() + }) + + it("reasoning_effort='none' → thinkingConfig deleted", () => { + // #given + const inputBody: Record = { + model: "gemini-2.5-flash", + reasoning_effort: "none", + messages: [{ role: "user", content: "test" }], + } + + // #when + const transformed = transformRequest({ + url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-2.5-flash:generateContent", + body: inputBody, + accessToken: "test-token", + projectId: "test-project", + sessionId: "test-session", + modelName: "gemini-2.5-flash", + }) + + const thinkingConfig = extractThinkingConfig( + inputBody, + inputBody.generationConfig as Record | undefined, + inputBody, + ) + if (thinkingConfig) { + applyThinkingConfigToRequest( + transformed.body as unknown as Record, + "gemini-2.5-flash", + thinkingConfig, + ) + } + + // #then + const genConfig = transformed.body.request.generationConfig as Record | undefined + expect(genConfig?.thinkingConfig).toBeUndefined() + }) + + it("Claude via Antigravity with reasoning_effort='high'", () => { + // #given + const inputBody: Record = { + model: "gemini-claude-sonnet-4-5", + reasoning_effort: "high", + messages: [{ role: "user", content: "test" }], + } + + // #when + const transformed = transformRequest({ + url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-claude-sonnet-4-5:generateContent", + body: inputBody, + accessToken: "test-token", + projectId: "test-project", + sessionId: "test-session", + modelName: "gemini-claude-sonnet-4-5", + }) + + const thinkingConfig = extractThinkingConfig( + inputBody, + inputBody.generationConfig as Record | undefined, + inputBody, + ) + if (thinkingConfig) { + applyThinkingConfigToRequest( + transformed.body as unknown as Record, + "gemini-claude-sonnet-4-5", + thinkingConfig, + ) + } + + // #then + const genConfig = transformed.body.request.generationConfig as Record | undefined + const thinkingConfigResult = genConfig?.thinkingConfig as Record | undefined + expect(thinkingConfigResult?.thinkingBudget).toBe(24576) + }) + + it("System prompt not duplicated on retry", () => { + // #given + const inputBody: Record = { + model: "gemini-3-pro-high", + reasoning_effort: "high", + messages: [{ role: "user", content: "test" }], + } + + // #when - First transformation + const firstOutput = transformRequest({ + url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-3-pro-high:generateContent", + body: inputBody, + accessToken: "test-token", + projectId: "test-project", + sessionId: "test-session", + modelName: "gemini-3-pro-high", + }) + + // Extract thinking config and apply to first output (simulating what fetch.ts does) + const thinkingConfig = extractThinkingConfig( + inputBody, + inputBody.generationConfig as Record | undefined, + inputBody, + ) + if (thinkingConfig) { + applyThinkingConfigToRequest( + firstOutput.body as unknown as Record, + "gemini-3-pro-high", + thinkingConfig, + ) + } + + // #then + const systemInstruction = firstOutput.body.request.systemInstruction as Record | undefined + const parts = systemInstruction?.parts as Array<{ text: string }> | undefined + const identityCount = parts?.filter((p) => p.text.includes("")).length ?? 0 + expect(identityCount).toBe(1) // Should have exactly ONE block + }) + + it("reasoning_effort='low' for Gemini 3 → thinkingLevel='low'", () => { + // #given + const inputBody: Record = { + model: "gemini-3-flash-preview", + reasoning_effort: "low", + messages: [{ role: "user", content: "test" }], + } + + // #when + const transformed = transformRequest({ + url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-3-flash-preview:generateContent", + body: inputBody, + accessToken: "test-token", + projectId: "test-project", + sessionId: "test-session", + modelName: "gemini-3-flash-preview", + }) + + const thinkingConfig = extractThinkingConfig( + inputBody, + inputBody.generationConfig as Record | undefined, + inputBody, + ) + if (thinkingConfig) { + applyThinkingConfigToRequest( + transformed.body as unknown as Record, + "gemini-3-flash-preview", + thinkingConfig, + ) + } + + // #then + const genConfig = transformed.body.request.generationConfig as Record | undefined + const thinkingConfigResult = genConfig?.thinkingConfig as Record | undefined + expect(thinkingConfigResult?.thinkingLevel).toBe("low") + }) + + it("Full pipeline: transformRequest + thinking config preserves all fields", () => { + // #given + const inputBody: Record = { + model: "gemini-2.5-flash", + reasoning_effort: "medium", + messages: [ + { role: "system", content: "You are a helpful assistant." }, + { role: "user", content: "Write a function" }, + ], + generationConfig: { + temperature: 0.7, + maxOutputTokens: 1000, + }, + } + + // #when + const transformed = transformRequest({ + url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-2.5-flash:generateContent", + body: inputBody, + accessToken: "test-token", + projectId: "test-project", + sessionId: "test-session", + modelName: "gemini-2.5-flash", + }) + + const thinkingConfig = extractThinkingConfig( + inputBody, + inputBody.generationConfig as Record | undefined, + inputBody, + ) + if (thinkingConfig) { + applyThinkingConfigToRequest( + transformed.body as unknown as Record, + "gemini-2.5-flash", + thinkingConfig, + ) + } + + // #then + // Verify basic structure is preserved + expect(transformed.body.project).toBe("test-project") + expect(transformed.body.model).toBe("gemini-2.5-flash") + expect(transformed.body.userAgent).toBe("antigravity") + expect(transformed.body.request.sessionId).toBe("test-session") + + // Verify generation config is preserved + const genConfig = transformed.body.request.generationConfig as Record | undefined + expect(genConfig?.temperature).toBe(0.7) + expect(genConfig?.maxOutputTokens).toBe(1000) + + // Verify thinking config is applied + const thinkingConfigResult = genConfig?.thinkingConfig as Record | undefined + expect(thinkingConfigResult?.thinkingBudget).toBe(8192) + expect(thinkingConfigResult?.include_thoughts).toBe(true) + + // Verify system prompt is injected + const systemInstruction = transformed.body.request.systemInstruction as Record | undefined + const parts = systemInstruction?.parts as Array<{ text: string }> | undefined + expect(parts?.[0]?.text).toContain("") + }) + }) +}) diff --git a/src/auth/antigravity/plugin.ts b/src/auth/antigravity/plugin.ts index c679738..3554e1f 100644 --- a/src/auth/antigravity/plugin.ts +++ b/src/auth/antigravity/plugin.ts @@ -37,7 +37,12 @@ import { } from "./oauth" import { createAntigravityFetch } from "./fetch" import { fetchProjectContext } from "./project" -import { formatTokenForStorage } from "./token" +import { formatTokenForStorage, parseStoredToken } from "./token" +import { AccountManager } from "./accounts" +import { loadAccounts } from "./storage" +import { promptAddAnotherAccount, promptAccountTier } from "./cli" +import { openBrowserURL } from "./browser" +import type { AccountTier, AntigravityRefreshParts } from "./types" /** * Provider ID for Google models @@ -45,6 +50,11 @@ import { formatTokenForStorage } from "./token" */ const GOOGLE_PROVIDER_ID = "google" +/** + * Maximum number of Google accounts that can be added + */ +const MAX_ACCOUNTS = 10 + /** * Type guard to check if auth is OAuth type */ @@ -118,6 +128,40 @@ export async function createGoogleAntigravityAuthPlugin({ console.log("[antigravity-plugin] OAuth auth detected, creating custom fetch") } + let accountManager: AccountManager | null = null + try { + const storedAccounts = await loadAccounts() + if (storedAccounts) { + accountManager = new AccountManager(currentAuth, storedAccounts) + if (process.env.ANTIGRAVITY_DEBUG === "1") { + console.log(`[antigravity-plugin] Loaded ${accountManager.getAccountCount()} accounts from storage`) + } + } else if (currentAuth.refresh.includes("|||")) { + const tokens = currentAuth.refresh.split("|||") + const firstToken = tokens[0]! + accountManager = new AccountManager( + { refresh: firstToken, access: currentAuth.access || "", expires: currentAuth.expires || 0 }, + null + ) + for (let i = 1; i < tokens.length; i++) { + const parts = parseStoredToken(tokens[i]!) + accountManager.addAccount(parts) + } + await accountManager.save() + if (process.env.ANTIGRAVITY_DEBUG === "1") { + console.log("[antigravity-plugin] Migrated multi-account auth to storage") + } + } + } catch (error) { + if (process.env.ANTIGRAVITY_DEBUG === "1") { + console.error( + `[antigravity-plugin] Failed to load accounts: ${ + error instanceof Error ? error.message : "Unknown error" + }` + ) + } + } + cachedClientId = (provider.options?.clientId as string) || ANTIGRAVITY_CLIENT_ID cachedClientSecret = @@ -180,6 +224,7 @@ export async function createGoogleAntigravityAuthPlugin({ return { fetch: antigravityFetch, apiKey: "antigravity-oauth", + accountManager, } }, @@ -197,6 +242,7 @@ export async function createGoogleAntigravityAuthPlugin({ /** * Starts the OAuth authorization flow. * Opens browser for Google OAuth and waits for callback. + * Supports multi-account flow with prompts for additional accounts. * * @returns Authorization result with URL and callback */ @@ -204,10 +250,13 @@ export async function createGoogleAntigravityAuthPlugin({ const serverHandle = startCallbackServer() const { url, verifier } = await buildAuthURL(undefined, cachedClientId, serverHandle.port) + const browserOpened = await openBrowserURL(url) + return { url, - instructions: - "Complete the sign-in in your browser. We'll automatically detect when you're done.", + instructions: browserOpened + ? "Opening browser for sign-in. We'll automatically detect when you're done." + : "Please open the URL above in your browser to sign in.", method: "auto", callback: async () => { @@ -238,28 +287,240 @@ export async function createGoogleAntigravityAuthPlugin({ const tokens = await exchangeCode(result.code, verifier, cachedClientId, cachedClientSecret, serverHandle.port) + if (!tokens.refresh_token) { + serverHandle.close() + if (process.env.ANTIGRAVITY_DEBUG === "1") { + console.error("[antigravity-plugin] OAuth response missing refresh_token") + } + return { type: "failed" as const } + } + + let email: string | undefined try { const userInfo = await fetchUserInfo(tokens.access_token) + email = userInfo.email if (process.env.ANTIGRAVITY_DEBUG === "1") { - console.log(`[antigravity-plugin] Authenticated as: ${userInfo.email}`) + console.log(`[antigravity-plugin] Authenticated as: ${email}`) } } catch { // User info is optional } const projectContext = await fetchProjectContext(tokens.access_token) + const projectId = projectContext.cloudaicompanionProject || "" + const tier = await promptAccountTier() - const formattedRefresh = formatTokenForStorage( - tokens.refresh_token, - projectContext.cloudaicompanionProject || "", - projectContext.managedProjectId - ) + const expires = Date.now() + tokens.expires_in * 1000 + const accounts: Array<{ + parts: AntigravityRefreshParts + access: string + expires: number + email?: string + tier: AccountTier + projectId: string + }> = [{ + parts: { + refreshToken: tokens.refresh_token, + projectId, + managedProjectId: projectContext.managedProjectId, + }, + access: tokens.access_token, + expires, + email, + tier, + projectId, + }] + + await client.tui.showToast({ + body: { + message: `Account 1 authenticated${email ? ` (${email})` : ""}`, + variant: "success", + }, + }) + + while (accounts.length < MAX_ACCOUNTS) { + const addAnother = await promptAddAnotherAccount(accounts.length) + if (!addAnother) break + + const additionalServerHandle = startCallbackServer() + const { url: additionalUrl, verifier: additionalVerifier } = await buildAuthURL( + undefined, + cachedClientId, + additionalServerHandle.port + ) + + const additionalBrowserOpened = await openBrowserURL(additionalUrl) + if (!additionalBrowserOpened) { + await client.tui.showToast({ + body: { + message: `Please open in browser: ${additionalUrl}`, + variant: "warning", + }, + }) + } + + try { + const additionalResult = await additionalServerHandle.waitForCallback() + + if (additionalResult.error || !additionalResult.code) { + additionalServerHandle.close() + await client.tui.showToast({ + body: { + message: "Skipping this account...", + variant: "warning", + }, + }) + continue + } + + const additionalState = decodeState(additionalResult.state) + if (additionalState.verifier !== additionalVerifier) { + additionalServerHandle.close() + await client.tui.showToast({ + body: { + message: "Verification failed, skipping...", + variant: "warning", + }, + }) + continue + } + + const additionalTokens = await exchangeCode( + additionalResult.code, + additionalVerifier, + cachedClientId, + cachedClientSecret, + additionalServerHandle.port + ) + + if (!additionalTokens.refresh_token) { + additionalServerHandle.close() + if (process.env.ANTIGRAVITY_DEBUG === "1") { + console.error("[antigravity-plugin] Additional account OAuth response missing refresh_token") + } + await client.tui.showToast({ + body: { + message: "Account missing refresh token, skipping...", + variant: "warning", + }, + }) + continue + } + + let additionalEmail: string | undefined + try { + const additionalUserInfo = await fetchUserInfo(additionalTokens.access_token) + additionalEmail = additionalUserInfo.email + } catch { + // User info is optional + } + + const additionalProjectContext = await fetchProjectContext(additionalTokens.access_token) + const additionalProjectId = additionalProjectContext.cloudaicompanionProject || "" + const additionalTier = await promptAccountTier() + + const additionalExpires = Date.now() + additionalTokens.expires_in * 1000 + + accounts.push({ + parts: { + refreshToken: additionalTokens.refresh_token, + projectId: additionalProjectId, + managedProjectId: additionalProjectContext.managedProjectId, + }, + access: additionalTokens.access_token, + expires: additionalExpires, + email: additionalEmail, + tier: additionalTier, + projectId: additionalProjectId, + }) + + additionalServerHandle.close() + + await client.tui.showToast({ + body: { + message: `Account ${accounts.length} authenticated${additionalEmail ? ` (${additionalEmail})` : ""}`, + variant: "success", + }, + }) + } catch (error) { + additionalServerHandle.close() + if (process.env.ANTIGRAVITY_DEBUG === "1") { + console.error( + `[antigravity-plugin] Additional account OAuth failed: ${ + error instanceof Error ? error.message : "Unknown error" + }` + ) + } + await client.tui.showToast({ + body: { + message: "Failed to authenticate additional account, skipping...", + variant: "warning", + }, + }) + continue + } + } + + const firstAccount = accounts[0]! + try { + const accountManager = new AccountManager( + { + refresh: formatTokenForStorage( + firstAccount.parts.refreshToken, + firstAccount.projectId, + firstAccount.parts.managedProjectId + ), + access: firstAccount.access, + expires: firstAccount.expires, + }, + null + ) + + for (let i = 1; i < accounts.length; i++) { + const acc = accounts[i]! + accountManager.addAccount( + acc.parts, + acc.access, + acc.expires, + acc.email, + acc.tier + ) + } + + const currentAccount = accountManager.getCurrentAccount() + if (currentAccount) { + currentAccount.email = firstAccount.email + currentAccount.tier = firstAccount.tier + } + + await accountManager.save() + + if (process.env.ANTIGRAVITY_DEBUG === "1") { + console.log(`[antigravity-plugin] Saved ${accounts.length} accounts to storage`) + } + } catch (error) { + if (process.env.ANTIGRAVITY_DEBUG === "1") { + console.error( + `[antigravity-plugin] Failed to save accounts: ${ + error instanceof Error ? error.message : "Unknown error" + }` + ) + } + } + + const allRefreshTokens = accounts + .map((acc) => formatTokenForStorage( + acc.parts.refreshToken, + acc.projectId, + acc.parts.managedProjectId + )) + .join("|||") return { type: "success" as const, - access: tokens.access_token, - refresh: formattedRefresh, - expires: Date.now() + tokens.expires_in * 1000, + access: firstAccount.access, + refresh: allRefreshTokens, + expires: firstAccount.expires, } } catch (error) { serverHandle.close() diff --git a/src/auth/antigravity/request.test.ts b/src/auth/antigravity/request.test.ts new file mode 100644 index 0000000..0c36008 --- /dev/null +++ b/src/auth/antigravity/request.test.ts @@ -0,0 +1,224 @@ +import { describe, it, expect } from "bun:test" +import { ANTIGRAVITY_SYSTEM_PROMPT } from "./constants" +import { injectSystemPrompt, wrapRequestBody } from "./request" + +describe("injectSystemPrompt", () => { + describe("basic injection", () => { + it("should inject system prompt into empty request", () => { + // #given + const wrappedBody = { + project: "test-project", + model: "gemini-3-pro-preview", + request: {} as Record, + } + + // #when + injectSystemPrompt(wrappedBody) + + // #then + const req = wrappedBody.request as { systemInstruction?: { role: string; parts: Array<{ text: string }> } } + expect(req).toHaveProperty("systemInstruction") + expect(req.systemInstruction?.role).toBe("user") + expect(req.systemInstruction?.parts).toBeDefined() + expect(Array.isArray(req.systemInstruction?.parts)).toBe(true) + expect(req.systemInstruction?.parts?.length).toBe(1) + expect(req.systemInstruction?.parts?.[0]?.text).toContain("") + }) + + it("should inject system prompt with correct structure", () => { + // #given + const wrappedBody = { + project: "test-project", + model: "gemini-3-pro-preview", + request: { + contents: [{ role: "user", parts: [{ text: "Hello" }] }], + } as Record, + } + + // #when + injectSystemPrompt(wrappedBody) + + // #then + const req = wrappedBody.request as { systemInstruction?: { role: string; parts: Array<{ text: string }> } } + expect(req.systemInstruction).toEqual({ + role: "user", + parts: [{ text: ANTIGRAVITY_SYSTEM_PROMPT }], + }) + }) + }) + + describe("prepend to existing systemInstruction", () => { + it("should prepend Antigravity prompt before existing systemInstruction parts", () => { + // #given + const wrappedBody = { + project: "test-project", + model: "gemini-3-pro-preview", + request: { + systemInstruction: { + role: "user", + parts: [{ text: "existing system prompt" }], + }, + } as Record, + } + + // #when + injectSystemPrompt(wrappedBody) + + // #then + const req = wrappedBody.request as { systemInstruction?: { parts: Array<{ text: string }> } } + expect(req.systemInstruction?.parts?.length).toBe(2) + expect(req.systemInstruction?.parts?.[0]?.text).toBe(ANTIGRAVITY_SYSTEM_PROMPT) + expect(req.systemInstruction?.parts?.[1]?.text).toBe("existing system prompt") + }) + + it("should preserve multiple existing parts when prepending", () => { + // #given + const wrappedBody = { + project: "test-project", + model: "gemini-3-pro-preview", + request: { + systemInstruction: { + role: "user", + parts: [ + { text: "first existing part" }, + { text: "second existing part" }, + ], + }, + } as Record, + } + + // #when + injectSystemPrompt(wrappedBody) + + // #then + const req = wrappedBody.request as { systemInstruction?: { parts: Array<{ text: string }> } } + expect(req.systemInstruction?.parts?.length).toBe(3) + expect(req.systemInstruction?.parts?.[0]?.text).toBe(ANTIGRAVITY_SYSTEM_PROMPT) + expect(req.systemInstruction?.parts?.[1]?.text).toBe("first existing part") + expect(req.systemInstruction?.parts?.[2]?.text).toBe("second existing part") + }) + }) + + describe("duplicate prevention", () => { + it("should not inject if marker already exists in first part", () => { + // #given + const wrappedBody = { + project: "test-project", + model: "gemini-3-pro-preview", + request: { + systemInstruction: { + role: "user", + parts: [{ text: "some prompt with marker already" }], + }, + } as Record, + } + + // #when + injectSystemPrompt(wrappedBody) + + // #then + const req = wrappedBody.request as { systemInstruction?: { parts: Array<{ text: string }> } } + expect(req.systemInstruction?.parts?.length).toBe(1) + expect(req.systemInstruction?.parts?.[0]?.text).toBe("some prompt with marker already") + }) + + it("should inject if marker is not in first part", () => { + // #given + const wrappedBody = { + project: "test-project", + model: "gemini-3-pro-preview", + request: { + systemInstruction: { + role: "user", + parts: [ + { text: "not the identity marker" }, + { text: "some in second part" }, + ], + }, + } as Record, + } + + // #when + injectSystemPrompt(wrappedBody) + + // #then + const req = wrappedBody.request as { systemInstruction?: { parts: Array<{ text: string }> } } + expect(req.systemInstruction?.parts?.length).toBe(3) + expect(req.systemInstruction?.parts?.[0]?.text).toBe(ANTIGRAVITY_SYSTEM_PROMPT) + }) + }) + + describe("edge cases", () => { + it("should handle request without request field", () => { + // #given + const wrappedBody: { project: string; model: string; request?: Record } = { + project: "test-project", + model: "gemini-3-pro-preview", + } + + // #when + injectSystemPrompt(wrappedBody) + + // #then - should not throw, should not modify + expect(wrappedBody).not.toHaveProperty("systemInstruction") + }) + + it("should handle request with non-object request field", () => { + // #given + const wrappedBody: { project: string; model: string; request?: unknown } = { + project: "test-project", + model: "gemini-3-pro-preview", + request: "not an object", + } + + // #when + injectSystemPrompt(wrappedBody) + + // #then - should not throw + }) + }) +}) + +describe("wrapRequestBody", () => { + it("should create wrapped body with correct structure", () => { + // #given + const body = { + model: "gemini-3-pro-preview", + contents: [{ role: "user", parts: [{ text: "Hello" }] }], + } + const projectId = "test-project" + const modelName = "gemini-3-pro-preview" + const sessionId = "test-session" + + // #when + const result = wrapRequestBody(body, projectId, modelName, sessionId) + + // #then + expect(result).toHaveProperty("project", projectId) + expect(result).toHaveProperty("model", "gemini-3-pro-preview") + expect(result).toHaveProperty("request") + expect(result.request).toHaveProperty("sessionId", sessionId) + expect(result.request).toHaveProperty("contents") + expect(result.request.contents).toEqual(body.contents) + expect(result.request).not.toHaveProperty("model") // model should be moved to outer + }) + + it("should include systemInstruction in wrapped request", () => { + // #given + const body = { + model: "gemini-3-pro-preview", + contents: [{ role: "user", parts: [{ text: "Hello" }] }], + } + const projectId = "test-project" + const modelName = "gemini-3-pro-preview" + const sessionId = "test-session" + + // #when + const result = wrapRequestBody(body, projectId, modelName, sessionId) + + // #then + const req = result.request as { systemInstruction?: { parts: Array<{ text: string }> } } + expect(req).toHaveProperty("systemInstruction") + expect(req.systemInstruction?.parts?.[0]?.text).toContain("") + }) +}) diff --git a/src/auth/antigravity/request.ts b/src/auth/antigravity/request.ts index c8a07c0..815be5c 100644 --- a/src/auth/antigravity/request.ts +++ b/src/auth/antigravity/request.ts @@ -8,7 +8,9 @@ import { ANTIGRAVITY_API_VERSION, ANTIGRAVITY_ENDPOINT_FALLBACKS, ANTIGRAVITY_HEADERS, + ANTIGRAVITY_SYSTEM_PROMPT, SKIP_THOUGHT_SIGNATURE_VALIDATOR, + alias2ModelName, } from "./constants" import type { AntigravityRequestBody } from "./types" @@ -133,6 +135,58 @@ function generateRequestId(): string { return `agent-${crypto.randomUUID()}` } +/** + * Inject ANTIGRAVITY_SYSTEM_PROMPT into request.systemInstruction. + * Prepends Antigravity prompt before any existing systemInstruction. + * Prevents duplicate injection by checking for marker. + * + * CRITICAL: Modifies wrappedBody.request.systemInstruction (NOT outer body!) + * + * @param wrappedBody - The wrapped request body with request field + */ +export function injectSystemPrompt(wrappedBody: { request?: unknown }): void { + if (!wrappedBody.request || typeof wrappedBody.request !== "object") { + return + } + + const req = wrappedBody.request as Record + + // Check for duplicate injection - if marker exists in first part, skip + if (req.systemInstruction && typeof req.systemInstruction === "object") { + const existing = req.systemInstruction as Record + if (existing.parts && Array.isArray(existing.parts)) { + const firstPart = existing.parts[0] + if (firstPart && typeof firstPart === "object" && "text" in firstPart) { + const text = (firstPart as { text: string }).text + if (text.includes("")) { + return // Already injected, skip + } + } + } + } + + // Build new parts array - Antigravity prompt first, then existing parts + const newParts: Array<{ text: string }> = [{ text: ANTIGRAVITY_SYSTEM_PROMPT }] + + // Prepend existing parts if systemInstruction exists with parts + if (req.systemInstruction && typeof req.systemInstruction === "object") { + const existing = req.systemInstruction as Record + if (existing.parts && Array.isArray(existing.parts)) { + for (const part of existing.parts) { + if (part && typeof part === "object" && "text" in part) { + newParts.push(part as { text: string }) + } + } + } + } + + // Set the new systemInstruction + req.systemInstruction = { + role: "user", + parts: newParts, + } +} + export function wrapRequestBody( body: Record, projectId: string, @@ -142,16 +196,37 @@ export function wrapRequestBody( const requestPayload = { ...body } delete requestPayload.model - return { - project: projectId, - model: modelName, - userAgent: "antigravity", - requestId: generateRequestId(), - request: { - ...requestPayload, - sessionId, + let normalizedModel = modelName + if (normalizedModel.startsWith("antigravity-")) { + normalizedModel = normalizedModel.substring("antigravity-".length) + } + const apiModel = alias2ModelName(normalizedModel) + debugLog(`[MODEL] input="${modelName}" → normalized="${normalizedModel}" → api="${apiModel}"`) + + const requestObj = { + ...requestPayload, + sessionId, + toolConfig: { + ...(requestPayload.toolConfig as Record || {}), + functionCallingConfig: { + mode: "VALIDATED", + }, }, } + delete (requestObj as Record).safetySettings + + const wrappedBody: AntigravityRequestBody = { + project: projectId, + model: apiModel, + userAgent: "antigravity", + requestType: "agent", + requestId: generateRequestId(), + request: requestObj, + } + + injectSystemPrompt(wrappedBody) + + return wrappedBody } interface ContentPart { diff --git a/src/auth/antigravity/storage.test.ts b/src/auth/antigravity/storage.test.ts new file mode 100644 index 0000000..6ac146b --- /dev/null +++ b/src/auth/antigravity/storage.test.ts @@ -0,0 +1,388 @@ +import { describe, it, expect, beforeEach, afterEach } from "bun:test" +import { join } from "node:path" +import { homedir } from "node:os" +import { promises as fs } from "node:fs" +import { tmpdir } from "node:os" +import type { AccountStorage } from "./types" +import { getDataDir, getStoragePath, loadAccounts, saveAccounts } from "./storage" + +describe("storage", () => { + const testDir = join(tmpdir(), `oh-my-opencode-storage-test-${Date.now()}`) + const testStoragePath = join(testDir, "oh-my-opencode-accounts.json") + + const validStorage: AccountStorage = { + version: 1, + accounts: [ + { + email: "test@example.com", + tier: "free", + refreshToken: "refresh-token-123", + projectId: "project-123", + accessToken: "access-token-123", + expiresAt: Date.now() + 3600000, + rateLimits: {}, + }, + ], + activeIndex: 0, + } + + beforeEach(async () => { + await fs.mkdir(testDir, { recursive: true }) + }) + + afterEach(async () => { + try { + await fs.rm(testDir, { recursive: true, force: true }) + } catch { + // ignore cleanup errors + } + }) + + describe("getDataDir", () => { + it("returns path containing opencode directory", () => { + // #given + // platform is current system + + // #when + const result = getDataDir() + + // #then + expect(result).toContain("opencode") + }) + + it("returns XDG_DATA_HOME/opencode when XDG_DATA_HOME is set on non-Windows", () => { + // #given + const originalXdg = process.env.XDG_DATA_HOME + const originalPlatform = process.platform + + if (originalPlatform === "win32") { + return + } + + try { + process.env.XDG_DATA_HOME = "/custom/data" + + // #when + const result = getDataDir() + + // #then + expect(result).toBe("/custom/data/opencode") + } finally { + if (originalXdg !== undefined) { + process.env.XDG_DATA_HOME = originalXdg + } else { + delete process.env.XDG_DATA_HOME + } + } + }) + + it("returns ~/.local/share/opencode when XDG_DATA_HOME is not set on non-Windows", () => { + // #given + const originalXdg = process.env.XDG_DATA_HOME + const originalPlatform = process.platform + + if (originalPlatform === "win32") { + return + } + + try { + delete process.env.XDG_DATA_HOME + + // #when + const result = getDataDir() + + // #then + expect(result).toBe(join(homedir(), ".local", "share", "opencode")) + } finally { + if (originalXdg !== undefined) { + process.env.XDG_DATA_HOME = originalXdg + } else { + delete process.env.XDG_DATA_HOME + } + } + }) + }) + + describe("getStoragePath", () => { + it("returns path ending with oh-my-opencode-accounts.json", () => { + // #given + // no setup needed + + // #when + const result = getStoragePath() + + // #then + expect(result.endsWith("oh-my-opencode-accounts.json")).toBe(true) + expect(result).toContain("opencode") + }) + }) + + describe("loadAccounts", () => { + it("returns parsed storage when file exists and is valid", async () => { + // #given + await fs.writeFile(testStoragePath, JSON.stringify(validStorage), "utf-8") + + // #when + const result = await loadAccounts(testStoragePath) + + // #then + expect(result).not.toBeNull() + expect(result?.version).toBe(1) + expect(result?.accounts).toHaveLength(1) + expect(result?.accounts[0].email).toBe("test@example.com") + }) + + it("returns null when file does not exist (ENOENT)", async () => { + // #given + const nonExistentPath = join(testDir, "non-existent.json") + + // #when + const result = await loadAccounts(nonExistentPath) + + // #then + expect(result).toBeNull() + }) + + it("returns null when file contains invalid JSON", async () => { + // #given + const invalidJsonPath = join(testDir, "invalid.json") + await fs.writeFile(invalidJsonPath, "{ invalid json }", "utf-8") + + // #when + const result = await loadAccounts(invalidJsonPath) + + // #then + expect(result).toBeNull() + }) + + it("returns null when file contains valid JSON but invalid schema", async () => { + // #given + const invalidSchemaPath = join(testDir, "invalid-schema.json") + await fs.writeFile(invalidSchemaPath, JSON.stringify({ foo: "bar" }), "utf-8") + + // #when + const result = await loadAccounts(invalidSchemaPath) + + // #then + expect(result).toBeNull() + }) + + it("returns null when accounts is not an array", async () => { + // #given + const invalidAccountsPath = join(testDir, "invalid-accounts.json") + await fs.writeFile( + invalidAccountsPath, + JSON.stringify({ version: 1, accounts: "not-array", activeIndex: 0 }), + "utf-8" + ) + + // #when + const result = await loadAccounts(invalidAccountsPath) + + // #then + expect(result).toBeNull() + }) + + it("returns null when activeIndex is not a number", async () => { + // #given + const invalidIndexPath = join(testDir, "invalid-index.json") + await fs.writeFile( + invalidIndexPath, + JSON.stringify({ version: 1, accounts: [], activeIndex: "zero" }), + "utf-8" + ) + + // #when + const result = await loadAccounts(invalidIndexPath) + + // #then + expect(result).toBeNull() + }) + }) + + describe("saveAccounts", () => { + it("writes storage to file with proper JSON formatting", async () => { + // #given + // testStoragePath is ready + + // #when + await saveAccounts(validStorage, testStoragePath) + + // #then + const content = await fs.readFile(testStoragePath, "utf-8") + const parsed = JSON.parse(content) + expect(parsed.version).toBe(1) + expect(parsed.accounts).toHaveLength(1) + expect(parsed.activeIndex).toBe(0) + }) + + it("creates parent directories if they do not exist", async () => { + // #given + const nestedPath = join(testDir, "nested", "deep", "oh-my-opencode-accounts.json") + + // #when + await saveAccounts(validStorage, nestedPath) + + // #then + const content = await fs.readFile(nestedPath, "utf-8") + const parsed = JSON.parse(content) + expect(parsed.version).toBe(1) + }) + + it("overwrites existing file", async () => { + // #given + const existingStorage: AccountStorage = { + version: 1, + accounts: [], + activeIndex: 0, + } + await fs.writeFile(testStoragePath, JSON.stringify(existingStorage), "utf-8") + + // #when + await saveAccounts(validStorage, testStoragePath) + + // #then + const content = await fs.readFile(testStoragePath, "utf-8") + const parsed = JSON.parse(content) + expect(parsed.accounts).toHaveLength(1) + }) + + it("uses pretty-printed JSON with 2-space indentation", async () => { + // #given + // testStoragePath is ready + + // #when + await saveAccounts(validStorage, testStoragePath) + + // #then + const content = await fs.readFile(testStoragePath, "utf-8") + expect(content).toContain("\n") + expect(content).toContain(" ") + }) + + it("sets restrictive file permissions (0o600) for security", async () => { + // #given + // testStoragePath is ready + + // #when + await saveAccounts(validStorage, testStoragePath) + + // #then + const stats = await fs.stat(testStoragePath) + const mode = stats.mode & 0o777 + expect(mode).toBe(0o600) + }) + + it("uses atomic write pattern with temp file and rename", async () => { + // #given + // This test verifies that the file is written atomically + // by checking that no partial writes occur + + // #when + await saveAccounts(validStorage, testStoragePath) + + // #then + // If we can read valid JSON, the atomic write succeeded + const content = await fs.readFile(testStoragePath, "utf-8") + const parsed = JSON.parse(content) + expect(parsed.version).toBe(1) + expect(parsed.accounts).toHaveLength(1) + }) + + it("cleans up temp file on rename failure", async () => { + // #given + const readOnlyDir = join(testDir, "readonly") + await fs.mkdir(readOnlyDir, { recursive: true }) + const readOnlyPath = join(readOnlyDir, "accounts.json") + + await fs.writeFile(readOnlyPath, "{}", "utf-8") + await fs.chmod(readOnlyPath, 0o444) + + // #when + let didThrow = false + try { + await saveAccounts(validStorage, readOnlyPath) + } catch { + didThrow = true + } + + // #then + const files = await fs.readdir(readOnlyDir) + const tempFiles = files.filter((f) => f.includes(".tmp.")) + expect(tempFiles).toHaveLength(0) + + if (!didThrow) { + console.log("[TEST SKIP] File permissions did not work as expected on this system") + } + + // Cleanup + await fs.chmod(readOnlyPath, 0o644) + }) + + it("uses unique temp filename with pid and timestamp", async () => { + // #given + // We verify this by checking the implementation behavior + // The temp file should include process.pid and Date.now() + + // #when + await saveAccounts(validStorage, testStoragePath) + + // #then + // File should exist and be valid (temp file was successfully renamed) + const exists = await fs.access(testStoragePath).then(() => true).catch(() => false) + expect(exists).toBe(true) + }) + + it("handles sequential writes without corruption", async () => { + // #given + const storage1: AccountStorage = { + ...validStorage, + accounts: [{ ...validStorage.accounts[0]!, email: "user1@example.com" }], + } + const storage2: AccountStorage = { + ...validStorage, + accounts: [{ ...validStorage.accounts[0]!, email: "user2@example.com" }], + } + + // #when - sequential writes (concurrent writes are inherently racy) + await saveAccounts(storage1, testStoragePath) + await saveAccounts(storage2, testStoragePath) + + // #then - file should contain valid JSON from last write + const content = await fs.readFile(testStoragePath, "utf-8") + const parsed = JSON.parse(content) as AccountStorage + expect(parsed.version).toBe(1) + expect(parsed.accounts[0]?.email).toBe("user2@example.com") + }) + }) + + describe("loadAccounts error handling", () => { + it("re-throws non-ENOENT filesystem errors", async () => { + // #given + const unreadableDir = join(testDir, "unreadable") + await fs.mkdir(unreadableDir, { recursive: true }) + const unreadablePath = join(unreadableDir, "accounts.json") + await fs.writeFile(unreadablePath, JSON.stringify(validStorage), "utf-8") + await fs.chmod(unreadablePath, 0o000) + + // #when + let thrownError: Error | null = null + let result: unknown = undefined + try { + result = await loadAccounts(unreadablePath) + } catch (error) { + thrownError = error as Error + } + + // #then + if (thrownError) { + expect((thrownError as NodeJS.ErrnoException).code).not.toBe("ENOENT") + } else { + console.log("[TEST SKIP] File permissions did not work as expected on this system, got result:", result) + } + + // Cleanup + await fs.chmod(unreadablePath, 0o644) + }) + }) +}) diff --git a/src/auth/antigravity/storage.ts b/src/auth/antigravity/storage.ts new file mode 100644 index 0000000..2530960 --- /dev/null +++ b/src/auth/antigravity/storage.ts @@ -0,0 +1,74 @@ +import { promises as fs } from "node:fs" +import { join, dirname } from "node:path" +import type { AccountStorage } from "./types" +import { getDataDir as getSharedDataDir } from "../../shared/data-path" + +export function getDataDir(): string { + return join(getSharedDataDir(), "opencode") +} + +export function getStoragePath(): string { + return join(getDataDir(), "oh-my-opencode-accounts.json") +} + +export async function loadAccounts(path?: string): Promise { + const storagePath = path ?? getStoragePath() + + try { + const content = await fs.readFile(storagePath, "utf-8") + const data = JSON.parse(content) as unknown + + if (!isValidAccountStorage(data)) { + return null + } + + return data + } catch (error) { + const errorCode = (error as NodeJS.ErrnoException).code + if (errorCode === "ENOENT") { + return null + } + if (error instanceof SyntaxError) { + return null + } + throw error + } +} + +export async function saveAccounts(storage: AccountStorage, path?: string): Promise { + const storagePath = path ?? getStoragePath() + + await fs.mkdir(dirname(storagePath), { recursive: true }) + + const content = JSON.stringify(storage, null, 2) + const tempPath = `${storagePath}.tmp.${process.pid}.${Date.now()}` + await fs.writeFile(tempPath, content, { encoding: "utf-8", mode: 0o600 }) + try { + await fs.rename(tempPath, storagePath) + } catch (error) { + await fs.unlink(tempPath).catch(() => {}) + throw error + } +} + +function isValidAccountStorage(data: unknown): data is AccountStorage { + if (typeof data !== "object" || data === null) { + return false + } + + const obj = data as Record + + if (typeof obj.version !== "number") { + return false + } + + if (!Array.isArray(obj.accounts)) { + return false + } + + if (typeof obj.activeIndex !== "number") { + return false + } + + return true +} diff --git a/src/auth/antigravity/thinking.test.ts b/src/auth/antigravity/thinking.test.ts new file mode 100644 index 0000000..afcf49c --- /dev/null +++ b/src/auth/antigravity/thinking.test.ts @@ -0,0 +1,288 @@ +/** + * Tests for reasoning_effort and Gemini 3 thinkingLevel support. + * + * Tests the following functions: + * - getModelThinkingConfig() + * - extractThinkingConfig() with reasoning_effort + * - applyThinkingConfigToRequest() + * - budgetToLevel() + */ + +import { describe, it, expect } from "bun:test" +import type { AntigravityModelConfig } from "./constants" +import { + getModelThinkingConfig, + extractThinkingConfig, + applyThinkingConfigToRequest, + budgetToLevel, + type ThinkingConfig, + type DeleteThinkingConfig, +} from "./thinking" + +// ============================================================================ +// getModelThinkingConfig() tests +// ============================================================================ + +describe("getModelThinkingConfig", () => { + // #given: A model ID that maps to a levels-based thinking config (Gemini 3) + // #when: getModelThinkingConfig is called with google/antigravity-gemini-3-pro-high + // #then: It should return a config with thinkingType: "levels" + it("should return levels config for Gemini 3 model", () => { + const config = getModelThinkingConfig("google/antigravity-gemini-3-pro-high") + expect(config).toBeDefined() + expect(config?.thinkingType).toBe("levels") + expect(config?.levels).toEqual(["low", "high"]) + }) + + // #given: A model ID that maps to a numeric-based thinking config (Gemini 2.5) + // #when: getModelThinkingConfig is called with gemini-2.5-flash + // #then: It should return a config with thinkingType: "numeric" + it("should return numeric config for Gemini 2.5 model", () => { + const config = getModelThinkingConfig("gemini-2.5-flash") + expect(config).toBeDefined() + expect(config?.thinkingType).toBe("numeric") + expect(config?.min).toBe(0) + expect(config?.max).toBe(24576) + expect(config?.zeroAllowed).toBe(true) + }) + + // #given: A model that doesn't have an exact match but includes "gemini-3" + // #when: getModelThinkingConfig is called + // #then: It should use pattern matching fallback to return levels config + it("should use pattern matching fallback for gemini-3", () => { + const config = getModelThinkingConfig("gemini-3-pro") + expect(config).toBeDefined() + expect(config?.thinkingType).toBe("levels") + expect(config?.levels).toEqual(["low", "high"]) + }) + + // #given: A model that doesn't have an exact match but includes "claude" + // #when: getModelThinkingConfig is called + // #then: It should use pattern matching fallback to return numeric config + it("should use pattern matching fallback for claude models", () => { + const config = getModelThinkingConfig("claude-opus-4-5") + expect(config).toBeDefined() + expect(config?.thinkingType).toBe("numeric") + expect(config?.min).toBe(1024) + expect(config?.max).toBe(200000) + expect(config?.zeroAllowed).toBe(false) + }) + + // #given: An unknown model + // #when: getModelThinkingConfig is called + // #then: It should return undefined + it("should return undefined for unknown models", () => { + const config = getModelThinkingConfig("unknown-model") + expect(config).toBeUndefined() + }) +}) + +// ============================================================================ +// extractThinkingConfig() with reasoning_effort tests +// ============================================================================ + +describe("extractThinkingConfig with reasoning_effort", () => { + // #given: A request payload with reasoning_effort set to "high" + // #when: extractThinkingConfig is called + // #then: It should return config with thinkingBudget: 24576 and includeThoughts: true + it("should extract reasoning_effort high correctly", () => { + const requestPayload = { reasoning_effort: "high" } + const result = extractThinkingConfig(requestPayload) + expect(result).toEqual({ thinkingBudget: 24576, includeThoughts: true }) + }) + + // #given: A request payload with reasoning_effort set to "low" + // #when: extractThinkingConfig is called + // #then: It should return config with thinkingBudget: 1024 and includeThoughts: true + it("should extract reasoning_effort low correctly", () => { + const requestPayload = { reasoning_effort: "low" } + const result = extractThinkingConfig(requestPayload) + expect(result).toEqual({ thinkingBudget: 1024, includeThoughts: true }) + }) + + // #given: A request payload with reasoning_effort set to "none" + // #when: extractThinkingConfig is called + // #then: It should return { deleteThinkingConfig: true } (special marker) + it("should extract reasoning_effort none as delete marker", () => { + const requestPayload = { reasoning_effort: "none" } + const result = extractThinkingConfig(requestPayload) + expect(result as unknown).toEqual({ deleteThinkingConfig: true }) + }) + + // #given: A request payload with reasoning_effort set to "medium" + // #when: extractThinkingConfig is called + // #then: It should return config with thinkingBudget: 8192 + it("should extract reasoning_effort medium correctly", () => { + const requestPayload = { reasoning_effort: "medium" } + const result = extractThinkingConfig(requestPayload) + expect(result).toEqual({ thinkingBudget: 8192, includeThoughts: true }) + }) + + // #given: A request payload with reasoning_effort in extraBody (not main payload) + // #when: extractThinkingConfig is called + // #then: It should still extract and return the correct config + it("should extract reasoning_effort from extraBody", () => { + const requestPayload = {} + const extraBody = { reasoning_effort: "high" } + const result = extractThinkingConfig(requestPayload, undefined, extraBody) + expect(result).toEqual({ thinkingBudget: 24576, includeThoughts: true }) + }) + + // #given: A request payload without reasoning_effort + // #when: extractThinkingConfig is called + // #then: It should return undefined (existing behavior unchanged) + it("should return undefined when reasoning_effort not present", () => { + const requestPayload = { model: "gemini-2.5-flash" } + const result = extractThinkingConfig(requestPayload) + expect(result).toBeUndefined() + }) +}) + +// ============================================================================ +// budgetToLevel() tests +// ============================================================================ + +describe("budgetToLevel", () => { + // #given: A thinking budget of 24576 and a Gemini 3 model + // #when: budgetToLevel is called + // #then: It should return "high" + it("should convert budget 24576 to level high for Gemini 3", () => { + const level = budgetToLevel(24576, "gemini-3-pro") + expect(level).toBe("high") + }) + + // #given: A thinking budget of 1024 and a Gemini 3 model + // #when: budgetToLevel is called + // #then: It should return "low" + it("should convert budget 1024 to level low for Gemini 3", () => { + const level = budgetToLevel(1024, "gemini-3-pro") + expect(level).toBe("low") + }) + + // #given: A thinking budget that doesn't match any predefined level + // #when: budgetToLevel is called + // #then: It should return the highest available level + it("should return highest level for unknown budget", () => { + const level = budgetToLevel(99999, "gemini-3-pro") + expect(level).toBe("high") + }) +}) + +// ============================================================================ +// applyThinkingConfigToRequest() tests +// ============================================================================ + +describe("applyThinkingConfigToRequest", () => { + // #given: A request body with generationConfig and Gemini 3 model with high budget + // #when: applyThinkingConfigToRequest is called with ThinkingConfig + // #then: It should set thinkingLevel to "high" (lowercase) and NOT set thinkingBudget + it("should set thinkingLevel for Gemini 3 model", () => { + const requestBody: Record = { + request: { + generationConfig: {}, + }, + } + const config: ThinkingConfig = { thinkingBudget: 24576, includeThoughts: true } + + applyThinkingConfigToRequest(requestBody, "gemini-3-pro", config) + + const genConfig = (requestBody.request as Record).generationConfig as Record + const thinkingConfig = genConfig.thinkingConfig as Record + expect(thinkingConfig.thinkingLevel).toBe("high") + expect(thinkingConfig.thinkingBudget).toBeUndefined() + expect(thinkingConfig.include_thoughts).toBe(true) + }) + + // #given: A request body with generationConfig and Gemini 2.5 model with high budget + // #when: applyThinkingConfigToRequest is called with ThinkingConfig + // #then: It should set thinkingBudget to 24576 and NOT set thinkingLevel + it("should set thinkingBudget for Gemini 2.5 model", () => { + const requestBody: Record = { + request: { + generationConfig: {}, + }, + } + const config: ThinkingConfig = { thinkingBudget: 24576, includeThoughts: true } + + applyThinkingConfigToRequest(requestBody, "gemini-2.5-flash", config) + + const genConfig = (requestBody.request as Record).generationConfig as Record + const thinkingConfig = genConfig.thinkingConfig as Record + expect(thinkingConfig.thinkingBudget).toBe(24576) + expect(thinkingConfig.thinkingLevel).toBeUndefined() + expect(thinkingConfig.include_thoughts).toBe(true) + }) + + // #given: A request body with existing thinkingConfig + // #when: applyThinkingConfigToRequest is called with deleteThinkingConfig: true + // #then: It should remove the thinkingConfig entirely + it("should remove thinkingConfig when delete marker is set", () => { + const requestBody: Record = { + request: { + generationConfig: { + thinkingConfig: { + thinkingBudget: 16000, + include_thoughts: true, + }, + }, + }, + } + + applyThinkingConfigToRequest(requestBody, "gemini-3-pro", { deleteThinkingConfig: true }) + + const genConfig = (requestBody.request as Record).generationConfig as Record + expect(genConfig.thinkingConfig).toBeUndefined() + }) + + // #given: A request body without request.generationConfig + // #when: applyThinkingConfigToRequest is called + // #then: It should not modify the body (graceful handling) + it("should handle missing generationConfig gracefully", () => { + const requestBody: Record = {} + + applyThinkingConfigToRequest(requestBody, "gemini-2.5-flash", { + thinkingBudget: 24576, + includeThoughts: true, + }) + + expect(requestBody.request).toBeUndefined() + }) + + // #given: A request body and an unknown model + // #when: applyThinkingConfigToRequest is called + // #then: It should not set any thinking config (graceful handling) + it("should handle unknown model gracefully", () => { + const requestBody: Record = { + request: { + generationConfig: {}, + }, + } + + applyThinkingConfigToRequest(requestBody, "unknown-model", { + thinkingBudget: 24576, + includeThoughts: true, + }) + + const genConfig = (requestBody.request as Record).generationConfig as Record + expect(genConfig.thinkingConfig).toBeUndefined() + }) + + // #given: A request body with Gemini 3 and budget that maps to "low" level + // #when: applyThinkingConfigToRequest is called with uppercase level mapping + // #then: It should convert to lowercase ("low") + it("should convert uppercase level to lowercase", () => { + const requestBody: Record = { + request: { + generationConfig: {}, + }, + } + const config: ThinkingConfig = { thinkingBudget: 1024, includeThoughts: true } + + applyThinkingConfigToRequest(requestBody, "gemini-3-pro", config) + + const genConfig = (requestBody.request as Record).generationConfig as Record + const thinkingConfig = genConfig.thinkingConfig as Record + expect(thinkingConfig.thinkingLevel).toBe("low") + expect(thinkingConfig.thinkingLevel).not.toBe("LOW") + }) +}) diff --git a/src/auth/antigravity/thinking.ts b/src/auth/antigravity/thinking.ts index 1cc2b92..3e87a1d 100644 --- a/src/auth/antigravity/thinking.ts +++ b/src/auth/antigravity/thinking.ts @@ -13,6 +13,13 @@ * Note: This is Gemini-only. Claude models are NOT handled by Antigravity. */ +import { + normalizeModelId, + ANTIGRAVITY_MODEL_CONFIGS, + REASONING_EFFORT_BUDGET_MAP, + type AntigravityModelConfig, +} from "./constants" + /** * Represents a single thinking/reasoning block extracted from Gemini response */ @@ -496,6 +503,7 @@ export function normalizeThinkingConfig(config: unknown): ThinkingConfig | undef * Extract thinking configuration from request payload * * Supports both Gemini-style thinkingConfig and Anthropic-style thinking options. + * Also supports reasoning_effort parameter which maps to thinking budget/level. * * @param requestPayload - Request body * @param generationConfig - Generation config from request @@ -506,7 +514,7 @@ export function extractThinkingConfig( requestPayload: Record, generationConfig?: Record, extraBody?: Record, -): ThinkingConfig | undefined { +): ThinkingConfig | DeleteThinkingConfig | undefined { // Check for explicit thinkingConfig const thinkingConfig = generationConfig?.thinkingConfig ?? extraBody?.thinkingConfig ?? requestPayload.thinkingConfig @@ -535,6 +543,22 @@ export function extractThinkingConfig( } } + // Extract reasoning_effort parameter (maps to thinking budget/level) + const reasoningEffort = requestPayload.reasoning_effort ?? extraBody?.reasoning_effort + if (reasoningEffort && typeof reasoningEffort === "string") { + const budget = REASONING_EFFORT_BUDGET_MAP[reasoningEffort] + if (budget !== undefined) { + if (reasoningEffort === "none") { + // Special marker: delete thinkingConfig entirely + return { deleteThinkingConfig: true } + } + return { + includeThoughts: true, + thinkingBudget: budget, + } + } + } + return undefined } @@ -569,3 +593,163 @@ export function resolveThinkingConfig( return userConfig } + +// ============================================================================ +// Model Thinking Configuration (Task 2: reasoning_effort and Gemini 3 thinkingLevel) +// ============================================================================ + +/** + * Get thinking config for a model by normalized ID. + * Uses pattern matching fallback if exact match not found. + * + * @param model - Model identifier string (with or without provider prefix) + * @returns Thinking configuration or undefined if not found + */ +export function getModelThinkingConfig( + model: string, +): AntigravityModelConfig | undefined { + const normalized = normalizeModelId(model) + + // Exact match + if (ANTIGRAVITY_MODEL_CONFIGS[normalized]) { + return ANTIGRAVITY_MODEL_CONFIGS[normalized] + } + + // Pattern matching fallback for Gemini 3 + if (normalized.includes("gemini-3")) { + return { + thinkingType: "levels", + min: 128, + max: 32768, + zeroAllowed: false, + levels: ["low", "high"], + } + } + + // Pattern matching fallback for Gemini 2.5 + if (normalized.includes("gemini-2.5")) { + return { + thinkingType: "numeric", + min: 0, + max: 24576, + zeroAllowed: true, + } + } + + // Pattern matching fallback for Claude via Antigravity + if (normalized.includes("claude")) { + return { + thinkingType: "numeric", + min: 1024, + max: 200000, + zeroAllowed: false, + } + } + + return undefined +} + +/** + * Type for the delete thinking config marker. + * Used when reasoning_effort is "none" to signal complete removal. + */ +export interface DeleteThinkingConfig { + deleteThinkingConfig: true +} + +/** + * Union type for thinking configuration input. + */ +export type ThinkingConfigInput = ThinkingConfig | DeleteThinkingConfig + +/** + * Convert thinking budget to closest level string for Gemini 3 models. + * + * @param budget - Thinking budget in tokens + * @param model - Model identifier + * @returns Level string ("low", "high", etc.) or "medium" fallback + */ +export function budgetToLevel(budget: number, model: string): string { + const config = getModelThinkingConfig(model) + + // Default fallback + if (!config?.levels) { + return "medium" + } + + // Map budgets to levels + const budgetMap: Record = { + 512: "minimal", + 1024: "low", + 8192: "medium", + 24576: "high", + } + + // Return matching level or highest available + if (budgetMap[budget]) { + return budgetMap[budget] + } + + return config.levels[config.levels.length - 1] || "high" +} + +/** + * Apply thinking config to request body. + * + * CRITICAL: Sets request.generationConfig.thinkingConfig (NOT outer body!) + * + * Handles: + * - Gemini 3: Sets thinkingLevel (string) + * - Gemini 2.5: Sets thinkingBudget (number) + * - Delete marker: Removes thinkingConfig entirely + * + * @param requestBody - Request body to modify (mutates in place) + * @param model - Model identifier + * @param config - Thinking configuration or delete marker + */ +export function applyThinkingConfigToRequest( + requestBody: Record, + model: string, + config: ThinkingConfigInput, +): void { + // Handle delete marker + if ("deleteThinkingConfig" in config && config.deleteThinkingConfig) { + if (requestBody.request && typeof requestBody.request === "object") { + const req = requestBody.request as Record + if (req.generationConfig && typeof req.generationConfig === "object") { + const genConfig = req.generationConfig as Record + delete genConfig.thinkingConfig + } + } + return + } + + const modelConfig = getModelThinkingConfig(model) + if (!modelConfig) { + return + } + + // Ensure request.generationConfig.thinkingConfig exists + if (!requestBody.request || typeof requestBody.request !== "object") { + return + } + const req = requestBody.request as Record + if (!req.generationConfig || typeof req.generationConfig !== "object") { + req.generationConfig = {} + } + const genConfig = req.generationConfig as Record + genConfig.thinkingConfig = {} + const thinkingConfig = genConfig.thinkingConfig as Record + + thinkingConfig.include_thoughts = true + + if (modelConfig.thinkingType === "numeric") { + thinkingConfig.thinkingBudget = (config as ThinkingConfig).thinkingBudget + } else if (modelConfig.thinkingType === "levels") { + const budget = (config as ThinkingConfig).thinkingBudget ?? DEFAULT_THINKING_BUDGET + let level = budgetToLevel(budget, model) + // Convert uppercase to lowercase (think-mode hook sends "HIGH") + level = level.toLowerCase() + thinkingConfig.thinkingLevel = level + } +} diff --git a/src/auth/antigravity/types.ts b/src/auth/antigravity/types.ts index c53e768..c035c6f 100644 --- a/src/auth/antigravity/types.ts +++ b/src/auth/antigravity/types.ts @@ -80,15 +80,11 @@ export interface AntigravityOnboardUserPayload { * Wraps the actual request with project and model context */ export interface AntigravityRequestBody { - /** GCP project ID */ project: string - /** Model identifier (e.g., "gemini-3-pro-preview") */ model: string - /** User agent identifier */ userAgent: string - /** Unique request ID */ + requestType: string requestId: string - /** The actual request payload */ request: Record } @@ -211,3 +207,38 @@ export interface ParsedOAuthError { code?: string description?: string } + +/** + * Multi-account support types + */ + +/** All model families for rate limit tracking */ +export const MODEL_FAMILIES = ["claude", "gemini-flash", "gemini-pro"] as const + +/** Model family for rate limit tracking */ +export type ModelFamily = (typeof MODEL_FAMILIES)[number] + +/** Account tier for prioritization */ +export type AccountTier = "free" | "paid" + +/** Rate limit state per model family (Unix timestamps in ms) */ +export type RateLimitState = Partial> + +/** Account metadata for storage */ +export interface AccountMetadata { + email: string + tier: AccountTier + refreshToken: string + projectId: string + managedProjectId?: string + accessToken: string + expiresAt: number + rateLimits: RateLimitState +} + +/** Storage schema for persisting multiple accounts */ +export interface AccountStorage { + version: number + accounts: AccountMetadata[] + activeIndex: number +} diff --git a/src/cli/commands/auth.ts b/src/cli/commands/auth.ts new file mode 100644 index 0000000..883188f --- /dev/null +++ b/src/cli/commands/auth.ts @@ -0,0 +1,93 @@ +import { loadAccounts, saveAccounts } from "../../auth/antigravity/storage" +import type { AccountStorage } from "../../auth/antigravity/types" + +export async function listAccounts(): Promise { + const accounts = await loadAccounts() + + if (!accounts || accounts.accounts.length === 0) { + console.log("No accounts found.") + console.log("Run 'opencode auth login' and select Google (Antigravity) to add accounts.") + return 0 + } + + console.log(`\nGoogle Antigravity Accounts (${accounts.accounts.length}/10):\n`) + + for (let i = 0; i < accounts.accounts.length; i++) { + const acc = accounts.accounts[i] + const isActive = i === accounts.activeIndex + const activeMarker = isActive ? "* " : " " + + console.log(`${activeMarker}[${i}] ${acc.email || "Unknown"}`) + console.log(` Tier: ${acc.tier || "free"}`) + + const rateLimits = acc.rateLimits || {} + const now = Date.now() + const limited: string[] = [] + + if (rateLimits.claude && rateLimits.claude > now) { + const mins = Math.ceil((rateLimits.claude - now) / 60000) + limited.push(`claude (${mins}m)`) + } + if (rateLimits["gemini-flash"] && rateLimits["gemini-flash"] > now) { + const mins = Math.ceil((rateLimits["gemini-flash"] - now) / 60000) + limited.push(`gemini-flash (${mins}m)`) + } + if (rateLimits["gemini-pro"] && rateLimits["gemini-pro"] > now) { + const mins = Math.ceil((rateLimits["gemini-pro"] - now) / 60000) + limited.push(`gemini-pro (${mins}m)`) + } + + if (limited.length > 0) { + console.log(` Rate limited: ${limited.join(", ")}`) + } + + console.log() + } + + return 0 +} + +export async function removeAccount(indexOrEmail: string): Promise { + const accounts = await loadAccounts() + + if (!accounts || accounts.accounts.length === 0) { + console.error("No accounts found.") + return 1 + } + + let index: number + + const parsedIndex = Number(indexOrEmail) + if (Number.isInteger(parsedIndex) && String(parsedIndex) === indexOrEmail) { + index = parsedIndex + } else { + index = accounts.accounts.findIndex((acc) => acc.email === indexOrEmail) + if (index === -1) { + console.error(`Account not found: ${indexOrEmail}`) + return 1 + } + } + + if (index < 0 || index >= accounts.accounts.length) { + console.error(`Invalid index: ${index}. Valid range: 0-${accounts.accounts.length - 1}`) + return 1 + } + + const removed = accounts.accounts[index] + accounts.accounts.splice(index, 1) + + if (accounts.accounts.length === 0) { + accounts.activeIndex = -1 + } else if (accounts.activeIndex >= accounts.accounts.length) { + accounts.activeIndex = accounts.accounts.length - 1 + } else if (accounts.activeIndex > index) { + accounts.activeIndex-- + } + + await saveAccounts(accounts) + + console.log(`Removed account: ${removed.email || "Unknown"} (index ${index})`) + console.log(`Remaining accounts: ${accounts.accounts.length}`) + + return 0 +} diff --git a/src/cli/index.ts b/src/cli/index.ts index cad0e8c..b3670e1 100644 --- a/src/cli/index.ts +++ b/src/cli/index.ts @@ -4,6 +4,7 @@ import { install } from "./install" import { run } from "./run" import { getLocalVersion } from "./get-local-version" import { doctor } from "./doctor" +import { listAccounts, removeAccount } from "./commands/auth" import type { InstallArgs } from "./types" import type { RunOptions } from "./run" import type { GetLocalVersionOptions } from "./get-local-version/types" @@ -134,6 +135,45 @@ Categories: process.exit(exitCode) }) +const authCommand = program + .command("auth") + .description("Manage Google Antigravity accounts") + +authCommand + .command("list") + .description("List all Google Antigravity accounts") + .addHelpText("after", ` +Examples: + $ bunx oh-my-opencode auth list + +Shows: + - Account index and email + - Account tier (free/paid) + - Active account (marked with *) + - Rate limit status per model family +`) + .action(async () => { + const exitCode = await listAccounts() + process.exit(exitCode) + }) + +authCommand + .command("remove ") + .description("Remove an account by index or email") + .addHelpText("after", ` +Examples: + $ bunx oh-my-opencode auth remove 0 + $ bunx oh-my-opencode auth remove user@example.com + +Note: + - Use 'auth list' to see account indices + - Removing the active account will switch to the next available account +`) + .action(async (indexOrEmail: string) => { + const exitCode = await removeAccount(indexOrEmail) + process.exit(exitCode) + }) + program .command("version") .description("Show version information")