oussamadouhou/oh-my-opencode-free-fork
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ORCHESTRATOR TEST] feat(auth): multi-account Google Antigravity auth with automatic rotation (#579)

Browse Source 
* feat(auth): add multi-account types and storage layer

Add foundation for multi-account Google Antigravity auth:
- ModelFamily, AccountTier, RateLimitState types for rate limit tracking
- AccountMetadata, AccountStorage, ManagedAccount interfaces
- Cross-platform storage module with XDG_DATA_HOME/APPDATA support
- Comprehensive test coverage for storage operations

🤖 Generated with [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode)

* feat(auth): implement AccountManager for multi-account rotation

Add AccountManager class with automatic account rotation:
- Per-family rate limit tracking (claude, gemini-flash, gemini-pro)
- Paid tier prioritization in rotation logic
- Round-robin account selection within tier pools
- Account add/remove operations with index management
- Storage persistence integration

🤖 Generated with [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode)

* feat(auth): add CLI prompts for multi-account setup

Add @clack/prompts-based CLI utilities:
- promptAddAnotherAccount() for multi-account flow
- promptAccountTier() for free/paid tier selection
- Non-TTY environment handling (graceful skip)

🤖 Generated with [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode)

* feat(auth): integrate multi-account OAuth flow into plugin

Enhance OAuth flow for multi-account support:
- Prompt for additional accounts after first OAuth (up to 10)
- Collect email and tier for each account
- Save accounts to storage via AccountManager
- Load AccountManager in loader() from stored accounts
- Toast notifications for account authentication success
- Backward compatible with single-account flow

🤖 Generated with [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode)

* feat(auth): add rate limit rotation to fetch interceptor

Integrate AccountManager into fetch for automatic rotation:
- Model family detection from URL (claude/gemini-flash/gemini-pro)
- Rate limit detection (429 with retry-after > 5s, 5xx errors)
- Mark rate-limited accounts and rotate to next available
- Recursive retry with new account on rotation
- Lazy load accounts from storage on first request
- Debug logging for account switches

🤖 Generated with [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode)

* feat(cli): add auth account management commands

Add CLI commands for managing Google Antigravity accounts:
- `auth list`: Show all accounts with email, tier, rate limit status
- `auth remove <index|email>`: Remove account by index or email
- Help text with usage examples
- Active account indicator and remaining rate limit display

🤖 Generated with [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode)

* refactor(auth): address review feedback - remove duplicate ManagedAccount and reuse fetch function

- Remove unused ManagedAccount interface from types.ts (duplicate of accounts.ts)
- Reuse fetchFn in rate limit retry instead of creating new fetch closure
  Preserves cachedTokens, cachedProjectId, fetchInstanceId, accountsLoaded state

* fix(auth): address Cubic review feedback (8 issues)

P1 fixes:
- storage.ts: Use mode 0o600 for OAuth credentials file (security)
- fetch.ts: Return original 5xx status instead of synthesized 429
- accounts.ts: Adjust activeIndex/currentIndex in removeAccount
- plugin.ts: Fix multi-account migration to split on ||| not |

P2 fixes:
- cli.ts: Remove confusing cancel message when returning default
- auth.ts: Use strict parseInt check to prevent partial matches
- storage.test.ts: Use try/finally for env var cleanup

* refactor(test): import ManagedAccount from accounts.ts instead of duplicating

* fix(auth): address Oracle review findings (P1/P2)

P1 fixes:
- Clear cachedProjectId on account change to prevent stale project IDs
- Continue endpoint fallback for single-account users on rate limit
- Restore access/expires tokens from storage for non-active accounts
- Re-throw non-ENOENT filesystem errors (keep returning null for parse errors)
- Use atomic write (temp file + rename) for account storage

P2 fixes:
- Derive RateLimitState type from ModelFamily using mapped type
- Add MODEL_FAMILIES constant and use dynamic iteration in clearExpiredRateLimits
- Add missing else branch in storage.test.ts env cleanup
- Handle open() errors gracefully with user-friendly toast message

Tests updated to reflect correct behavior for token restoration.

* fix(auth): address Cubic review round 2 (5 issues)

P1: Return original 429/5xx response on last endpoint instead of generic 503
P2: Use unique temp filename (pid+timestamp) and cleanup on rename failure
P2: Clear cachedProjectId when first account introduced (lastAccountIndex null)
P3: Add console.error logging to open() catch block

* test(auth): add AccountManager removeAccount index tests

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>

* test(auth): add storage layer security and atomicity tests

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>

* fix(auth): address Cubic review round 3 (4 issues)

P1 Fixes:
- plugin.ts: Validate refresh_token before constructing first account
- plugin.ts: Validate additionalTokens.refresh_token before pushing accounts
- fetch.ts: Reset cachedTokens when switching accounts during rotation

P2 Fixes:
- fetch.ts: Improve model-family detection (parse model from body, fallback to URL)

* fix(auth): address Cubic review round 4 (3 issues)

P1 Fixes:
- plugin.ts: Close serverHandle before early return on missing refresh_token
- plugin.ts: Close additionalServerHandle before continue on missing refresh_token

P2 Fixes:
- fetch.ts: Remove overly broad 'pro' matching in getModelFamilyFromModelName

* fix(auth): address Cubic review round 5 (9 issues)

P1 Fixes:
- plugin.ts: Close additionalServerHandle after successful account auth
- fetch.ts: Cancel response body on 429/5xx to prevent connection leaks

P2 Fixes:
- plugin.ts: Close additionalServerHandle on OAuth error/missing code
- plugin.ts: Close additionalServerHandle on verifier mismatch
- auth.ts: Set activeIndex to -1 when all accounts removed
- storage.ts: Use shared getDataDir utility for consistent paths
- fetch.ts: Catch loadAccounts IO errors with graceful fallback
- storage.test.ts: Improve test assertions with proper error tracking

* feat(antigravity): add system prompt and thinking config constants

* feat(antigravity): add reasoning_effort and Gemini 3 thinkingLevel support

* feat(antigravity): inject system prompt into all requests

* feat(antigravity): integrate thinking config and system prompt in fetch layer

* feat(auth): auto-open browser for OAuth login on all platforms

* fix(auth): add alias2ModelName for Antigravity Claude models

Root cause: Antigravity API expects 'claude-sonnet-4-5-thinking' but we were
sending 'gemini-claude-sonnet-4-5-thinking'. Ported alias mapping from
CLIProxyAPI antigravity_executor.go:1328-1347.

Transforms:
- gemini-claude-sonnet-4-5-thinking → claude-sonnet-4-5-thinking
- gemini-claude-opus-4-5-thinking → claude-opus-4-5-thinking
- gemini-3-pro-preview → gemini-3-pro-high
- gemini-3-flash-preview → gemini-3-flash

* fix(auth): add requestType and toolConfig for Antigravity API

Missing required fields from CLIProxyAPI implementation:
- requestType: 'agent'
- request.toolConfig.functionCallingConfig.mode: 'VALIDATED'
- Delete request.safetySettings

Also strip 'antigravity-' prefix before alias transformation.

* fix(auth): remove broken alias2ModelName transformations for Gemini 3

CLIProxyAPI's alias mappings don't work with public Antigravity API:
- gemini-3-pro-preview → gemini-3-pro-high (404!)
- gemini-3-flash-preview → gemini-3-flash (404!)

Tested: -preview suffix names work, transformed names return 404.
Keep only gemini-claude-* prefix stripping for future Claude support.

* fix(auth): implement correct alias2ModelName transformations for Antigravity API

Implements explicit switch-based model name mappings for Antigravity API.
Updates SANDBOX endpoint constants to clarify quota/availability behavior.
Fixes test expectations to match new transformation logic.

🤖 Generated with assistance of OhMyOpenCode

---------

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
This commit is contained in:
YeonGyu-Kim
2026-01-08 22:37:38 +09:00
committed by GitHub
parent 500dfaf7bf
commit 8394926fe1
21 changed files with 3965 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
bun.lock
View File

@@ -17,6 +17,7 @@
"hono": "^4.10.4",
"js-yaml": "^4.1.1",
"jsonc-parser": "^3.3.1",
"open": "^11.0.0",
"picocolors": "^1.1.1",
"picomatch": "^4.0.2",
"xdg-basedir": "^5.1.0",
@@ -122,6 +123,8 @@
"bun-types": ["bun-types@1.3.3", "", { "dependencies": { "@types/node": "*" } }, "sha512-z3Xwlg7j2l9JY27x5Qn3Wlyos8YAp0kKRlrePAOjgjMGS5IG6E7Jnlx736vH9UVI4wUICwwhC9anYL++XeOgTQ=="],
"bundle-name": ["bundle-name@4.1.0", "", { "dependencies": { "run-applescript": "^7.0.0" } }, "sha512-tjwM5exMg6BGRI+kNmTntNsvdZS1X8BFYS6tnJ2hdH0kVxM6/eVZ2xy+FqStSWvYmtfFMDLIxurorHwDKfDz5Q=="],
"bytes": ["bytes@3.1.2", "", {}, "sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg=="],
"call-bind-apply-helpers": ["call-bind-apply-helpers@1.0.2", "", { "dependencies": { "es-errors": "^1.3.0", "function-bind": "^1.1.2" } }, "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ=="],
@@ -144,6 +147,12 @@
"debug": ["debug@4.4.3", "", { "dependencies": { "ms": "^2.1.3" } }, "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA=="],
"default-browser": ["default-browser@5.4.0", "", { "dependencies": { "bundle-name": "^4.1.0", "default-browser-id": "^5.0.0" } }, "sha512-XDuvSq38Hr1MdN47EDvYtx3U0MTqpCEn+F6ft8z2vYDzMrvQhVp0ui9oQdqW3MvK3vqUETglt1tVGgjLuJ5izg=="],
"default-browser-id": ["default-browser-id@5.0.1", "", {}, "sha512-x1VCxdX4t+8wVfd1so/9w+vQ4vx7lKd2Qp5tDRutErwmR85OgmfX7RlLRMWafRMY7hbEiXIbudNrjOAPa/hL8Q=="],
"define-lazy-prop": ["define-lazy-prop@3.0.0", "", {}, "sha512-N+MeXYoqr3pOgn8xfyRPREN7gHakLYjhsHhWGT3fWAiL4IkAt0iDw14QiiEm2bE30c5XX5q0FtAA3CK5f9/BUg=="],
"depd": ["depd@2.0.0", "", {}, "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="],
"detect-libc": ["detect-libc@2.1.2", "", {}, "sha512-Btj2BOOO83o3WyH59e8MgXsxEQVcarkUOpEYrubB0urwnN10yQ364rsiByU11nZlqWYZm05i/of7io4mzihBtQ=="],
@@ -204,8 +213,16 @@
"ipaddr.js": ["ipaddr.js@1.9.1", "", {}, "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g=="],
"is-docker": ["is-docker@3.0.0", "", { "bin": { "is-docker": "cli.js" } }, "sha512-eljcgEDlEns/7AXFosB5K/2nCM4P7FQPkGc/DWLy5rmFEWvZayGrik1d9/QIY5nJ4f9YsVvBkA6kJpHn9rISdQ=="],
"is-in-ssh": ["is-in-ssh@1.0.0", "", {}, "sha512-jYa6Q9rH90kR1vKB6NM7qqd1mge3Fx4Dhw5TVlK1MUBqhEOuCagrEHMevNuCcbECmXZ0ThXkRm+Ymr51HwEPAw=="],
"is-inside-container": ["is-inside-container@1.0.0", "", { "dependencies": { "is-docker": "^3.0.0" }, "bin": { "is-inside-container": "cli.js" } }, "sha512-KIYLCCJghfHZxqjYBE7rEy0OBuTd5xCHS7tHVgvCLkx7StIoaxwNW3hCALgEUjFfeRk+MG/Qxmp/vtETEF3tRA=="],
"is-promise": ["is-promise@4.0.0", "", {}, "sha512-hvpoI6korhJMnej285dSg6nu1+e6uxs7zG3BYAm5byqDsgJNWwxzM6z6iZiAgQR4TJ30JmBTOwqZUw3WlyH3AQ=="],
"is-wsl": ["is-wsl@3.1.0", "", { "dependencies": { "is-inside-container": "^1.0.0" } }, "sha512-UcVfVfaK4Sc4m7X3dUSoHoozQGBEFeDC+zVo06t98xe8CzHSZZBekNXH+tu0NalHolcJ/QAGqS46Hef7QXBIMw=="],
"isexe": ["isexe@2.0.0", "", {}, "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw=="],
"jose": ["jose@6.1.3", "", {}, "sha512-0TpaTfihd4QMNwrz/ob2Bp7X04yuxJkjRGi4aKmOqwhov54i6u79oCv7T+C7lo70MKH6BesI3vscD1yb/yzKXQ=="],
@@ -240,6 +257,8 @@
"once": ["once@1.4.0", "", { "dependencies": { "wrappy": "1" } }, "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w=="],
"open": ["open@11.0.0", "", { "dependencies": { "default-browser": "^5.4.0", "define-lazy-prop": "^3.0.0", "is-in-ssh": "^1.0.0", "is-inside-container": "^1.0.0", "powershell-utils": "^0.1.0", "wsl-utils": "^0.3.0" } }, "sha512-smsWv2LzFjP03xmvFoJ331ss6h+jixfA4UUV/Bsiyuu4YJPfN+FIQGOIiv4w9/+MoHkfkJ22UIaQWRVFRfH6Vw=="],
"parseurl": ["parseurl@1.3.3", "", {}, "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ=="],
"path-key": ["path-key@3.1.1", "", {}, "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q=="],
@@ -252,6 +271,8 @@
"pkce-challenge": ["pkce-challenge@5.0.1", "", {}, "sha512-wQ0b/W4Fr01qtpHlqSqspcj3EhBvimsdh0KlHhH8HRZnMsEa0ea2fTULOXOS9ccQr3om+GcGRk4e+isrZWV8qQ=="],
"powershell-utils": ["powershell-utils@0.1.0", "", {}, "sha512-dM0jVuXJPsDN6DvRpea484tCUaMiXWjuCn++HGTqUWzGDjv5tZkEZldAJ/UMlqRYGFrD/etByo4/xOuC/snX2A=="],
"proxy-addr": ["proxy-addr@2.0.7", "", { "dependencies": { "forwarded": "0.2.0", "ipaddr.js": "1.9.1" } }, "sha512-llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg=="],
"qs": ["qs@6.14.1", "", { "dependencies": { "side-channel": "^1.1.0" } }, "sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ=="],
@@ -264,6 +285,8 @@
"router": ["router@2.2.0", "", { "dependencies": { "debug": "^4.4.0", "depd": "^2.0.0", "is-promise": "^4.0.0", "parseurl": "^1.3.3", "path-to-regexp": "^8.0.0" } }, "sha512-nLTrUKm2UyiL7rlhapu/Zl45FwNgkZGaCpZbIHajDYgwlJCOzLSk+cIPAnsEqV955GjILJnKbdQC1nVPz+gAYQ=="],
"run-applescript": ["run-applescript@7.1.0", "", {}, "sha512-DPe5pVFaAsinSaV6QjQ6gdiedWDcRCbUuiQfQa2wmWV7+xC9bGulGI8+TdRmoFkAPaBXk8CrAbnlY2ISniJ47Q=="],
"safer-buffer": ["safer-buffer@2.1.2", "", {}, "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="],
"send": ["send@1.2.1", "", { "dependencies": { "debug": "^4.4.3", "encodeurl": "^2.0.0", "escape-html": "^1.0.3", "etag": "^1.8.1", "fresh": "^2.0.0", "http-errors": "^2.0.1", "mime-types": "^3.0.2", "ms": "^2.1.3", "on-finished": "^2.4.1", "range-parser": "^1.2.1", "statuses": "^2.0.2" } }, "sha512-1gnZf7DFcoIcajTjTwjwuDjzuz4PPcY2StKPlsGAQ1+YH20IRVrBaXSWmdjowTJ6u8Rc01PoYOGHXfP1mYcZNQ=="],
@@ -304,6 +327,8 @@
"wrappy": ["wrappy@1.0.2", "", {}, "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ=="],
"wsl-utils": ["wsl-utils@0.3.1", "", { "dependencies": { "is-wsl": "^3.1.0", "powershell-utils": "^0.1.0" } }, "sha512-g/eziiSUNBSsdDJtCLB8bdYEUMj4jR7AGeUo96p/3dTafgjHhpF4RiCFPiRILwjQoDXx5MqkBr4fwWtR3Ky4Wg=="],
"xdg-basedir": ["xdg-basedir@5.1.0", "", {}, "sha512-GCPAHLvrIH13+c0SuacwvRYj2SxJXQ4kaVTT5xgL3kPrz56XxkF21IGhjSE1+W0aw7gpBWRGXLCPnPby6lSpmQ=="],
"zod": ["zod@4.1.8", "", {}, "sha512-5R1P+WwQqmmMIEACyzSvo4JXHY5WiAFHRMg+zBZKgKS+Q1viRa0C1hmUKtHltoIFKtIdki3pRxkmpP74jnNYHQ=="],

1
package.json
View File

@@ -62,6 +62,7 @@
"hono": "^4.10.4",
"js-yaml": "^4.1.1",
"jsonc-parser": "^3.3.1",
"open": "^11.0.0",
"picocolors": "^1.1.1",
"picomatch": "^4.0.2",
"xdg-basedir": "^5.1.0",

1044
src/auth/antigravity/accounts.test.ts Normal file
View File

File diff suppressed because it is too large Load Diff

244
src/auth/antigravity/accounts.ts Normal file
View File

@@ -0,0 +1,244 @@
import { saveAccounts } from "./storage"
import { parseStoredToken, formatTokenForStorage } from "./token"
import {
MODEL_FAMILIES,
type AccountStorage,
type AccountMetadata,
type AccountTier,
type AntigravityRefreshParts,
type ModelFamily,
type RateLimitState,
} from "./types"
export interface ManagedAccount {
index: number
parts: AntigravityRefreshParts
access?: string
expires?: number
rateLimits: RateLimitState
lastUsed: number
email?: string
tier?: AccountTier
}
interface AuthDetails {
refresh: string
access: string
expires: number
}
interface OAuthAuthDetails {
type: "oauth"
refresh: string
access: string
expires: number
}
function isRateLimitedForFamily(account: ManagedAccount, family: ModelFamily): boolean {
const resetTime = account.rateLimits[family]
return resetTime !== undefined && Date.now() < resetTime
}
export class AccountManager {
private accounts: ManagedAccount[] = []
private currentIndex = 0
private activeIndex = 0
constructor(auth: AuthDetails, storedAccounts?: AccountStorage | null) {
if (storedAccounts && storedAccounts.accounts.length > 0) {
const validActiveIndex =
typeof storedAccounts.activeIndex === "number" &&
storedAccounts.activeIndex >= 0 &&
storedAccounts.activeIndex < storedAccounts.accounts.length
? storedAccounts.activeIndex
: 0
this.activeIndex = validActiveIndex
this.currentIndex = validActiveIndex
this.accounts = storedAccounts.accounts.map((acc, index) => ({
index,
parts: {
refreshToken: acc.refreshToken,
projectId: acc.projectId,
managedProjectId: acc.managedProjectId,
},
access: index === validActiveIndex ? auth.access : acc.accessToken,
expires: index === validActiveIndex ? auth.expires : acc.expiresAt,
rateLimits: acc.rateLimits ?? {},
lastUsed: 0,
email: acc.email,
tier: acc.tier,
}))
} else {
this.activeIndex = 0
this.currentIndex = 0
const parts = parseStoredToken(auth.refresh)
this.accounts.push({
index: 0,
parts,
access: auth.access,
expires: auth.expires,
rateLimits: {},
lastUsed: 0,
})
}
}
getAccountCount(): number {
return this.accounts.length
}
getCurrentAccount(): ManagedAccount | null {
if (this.activeIndex >= 0 && this.activeIndex < this.accounts.length) {
return this.accounts[this.activeIndex] ?? null
}
return null
}
getAccounts(): ManagedAccount[] {
return [...this.accounts]
}
getCurrentOrNextForFamily(family: ModelFamily): ManagedAccount | null {
for (const account of this.accounts) {
this.clearExpiredRateLimits(account)
}
const current = this.getCurrentAccount()
if (current) {
if (!isRateLimitedForFamily(current, family)) {
const betterTierAvailable =
current.tier !== "paid" &&
this.accounts.some((a) => a.tier === "paid" && !isRateLimitedForFamily(a, family))
if (!betterTierAvailable) {
current.lastUsed = Date.now()
return current
}
}
}
const next = this.getNextForFamily(family)
if (next) {
this.activeIndex = next.index
}
return next
}
getNextForFamily(family: ModelFamily): ManagedAccount | null {
const available = this.accounts.filter((a) => !isRateLimitedForFamily(a, family))
if (available.length === 0) {
return null
}
const paidAvailable = available.filter((a) => a.tier === "paid")
const pool = paidAvailable.length > 0 ? paidAvailable : available
const account = pool[this.currentIndex % pool.length]
if (!account) {
return null
}
this.currentIndex++
account.lastUsed = Date.now()
return account
}
markRateLimited(account: ManagedAccount, retryAfterMs: number, family: ModelFamily): void {
account.rateLimits[family] = Date.now() + retryAfterMs
}
clearExpiredRateLimits(account: ManagedAccount): void {
const now = Date.now()
for (const family of MODEL_FAMILIES) {
if (account.rateLimits[family] !== undefined && now >= account.rateLimits[family]!) {
delete account.rateLimits[family]
}
}
}
addAccount(
parts: AntigravityRefreshParts,
access?: string,
expires?: number,
email?: string,
tier?: AccountTier
): void {
this.accounts.push({
index: this.accounts.length,
parts,
access,
expires,
rateLimits: {},
lastUsed: 0,
email,
tier,
})
}
removeAccount(index: number): boolean {
if (index < 0 || index >= this.accounts.length) {
return false
}
this.accounts.splice(index, 1)
if (index < this.activeIndex) {
this.activeIndex--
} else if (index === this.activeIndex) {
this.activeIndex = Math.min(this.activeIndex, Math.max(0, this.accounts.length - 1))
}
if (index < this.currentIndex) {
this.currentIndex--
} else if (index === this.currentIndex) {
this.currentIndex = Math.min(this.currentIndex, Math.max(0, this.accounts.length - 1))
}
for (let i = 0; i < this.accounts.length; i++) {
this.accounts[i]!.index = i
}
return true
}
async save(path?: string): Promise<void> {
const storage: AccountStorage = {
version: 1,
accounts: this.accounts.map((acc) => ({
email: acc.email ?? "",
tier: acc.tier ?? "free",
refreshToken: acc.parts.refreshToken,
projectId: acc.parts.projectId ?? "",
managedProjectId: acc.parts.managedProjectId,
accessToken: acc.access ?? "",
expiresAt: acc.expires ?? 0,
rateLimits: acc.rateLimits,
})),
activeIndex: Math.max(0, this.activeIndex),
}
await saveAccounts(storage, path)
}
toAuthDetails(): OAuthAuthDetails {
const current = this.getCurrentAccount() ?? this.accounts[0]
if (!current) {
throw new Error("No accounts available")
}
const allRefreshTokens = this.accounts
.map((acc) => formatTokenForStorage(acc.parts.refreshToken, acc.parts.projectId ?? "", acc.parts.managedProjectId))
.join("|||")
return {
type: "oauth",
refresh: allRefreshTokens,
access: current.access ?? "",
expires: current.expires ?? 0,
}
}
}

37
src/auth/antigravity/browser.test.ts Normal file
View File

@@ -0,0 +1,37 @@
import { describe, it, expect, mock, spyOn } from "bun:test"
import { openBrowserURL } from "./browser"
describe("openBrowserURL", () => {
it("returns true when browser opens successfully", async () => {
// #given
const url = "https://accounts.google.com/oauth"
// #when
const result = await openBrowserURL(url)
// #then
expect(typeof result).toBe("boolean")
})
it("returns false when open throws an error", async () => {
// #given
const invalidUrl = ""
// #when
const result = await openBrowserURL(invalidUrl)
// #then
expect(typeof result).toBe("boolean")
})
it("handles URL with special characters", async () => {
// #given
const urlWithParams = "https://accounts.google.com/oauth?state=abc123&redirect_uri=http://localhost:51121"
// #when
const result = await openBrowserURL(urlWithParams)
// #then
expect(typeof result).toBe("boolean")
})
})

51
src/auth/antigravity/browser.ts Normal file
View File

@@ -0,0 +1,51 @@
/**
* Cross-platform browser opening utility.
* Uses the "open" npm package for reliable cross-platform support.
*
* Supports: macOS, Windows, Linux (including WSL)
*/
import open from "open"
/**
* Debug logging helper.
* Only logs when ANTIGRAVITY_DEBUG=1
*/
function debugLog(message: string): void {
if (process.env.ANTIGRAVITY_DEBUG === "1") {
console.log(`[antigravity-browser] ${message}`)
}
}
/**
* Opens a URL in the user's default browser.
*
* Cross-platform support:
* - macOS: uses `open` command
* - Windows: uses `start` command
* - Linux: uses `xdg-open` command
* - WSL: uses Windows PowerShell
*
* @param url - The URL to open in the browser
* @returns Promise<boolean> - true if browser opened successfully, false otherwise
*
* @example
* ```typescript
* const success = await openBrowserURL("https://accounts.google.com/oauth...")
* if (!success) {
* console.log("Please open this URL manually:", url)
* }
* ```
*/
export async function openBrowserURL(url: string): Promise<boolean> {
debugLog(`Opening browser: ${url}`)
try {
await open(url)
debugLog("Browser opened successfully")
return true
} catch (error) {
debugLog(`Failed to open browser: ${error instanceof Error ? error.message : String(error)}`)
return false
}
}

156
src/auth/antigravity/cli.test.ts Normal file
View File

@@ -0,0 +1,156 @@
import { describe, it, expect, beforeEach, afterEach, mock } from "bun:test"
const CANCEL = Symbol("cancel")
type ConfirmFn = (options: unknown) => Promise<boolean | typeof CANCEL>
type SelectFn = (options: unknown) => Promise<"free" | "paid" | typeof CANCEL>
const confirmMock = mock<ConfirmFn>(async () => false)
const selectMock = mock<SelectFn>(async () => "free")
const cancelMock = mock<(message?: string) => void>(() => {})
mock.module("@clack/prompts", () => {
return {
confirm: confirmMock,
select: selectMock,
isCancel: (value: unknown) => value === CANCEL,
cancel: cancelMock,
}
})
function setIsTty(isTty: boolean): () => void {
const original = Object.getOwnPropertyDescriptor(process.stdout, "isTTY")
Object.defineProperty(process.stdout, "isTTY", {
configurable: true,
value: isTty,
})
return () => {
if (original) {
Object.defineProperty(process.stdout, "isTTY", original)
} else {
// Best-effort restore: remove overridden property
// eslint-disable-next-line @typescript-eslint/no-dynamic-delete
delete (process.stdout as unknown as { isTTY?: unknown }).isTTY
}
}
}
describe("src/auth/antigravity/cli", () => {
let restoreIsTty: (() => void) | null = null
beforeEach(() => {
confirmMock.mockReset()
selectMock.mockReset()
cancelMock.mockReset()
restoreIsTty?.()
restoreIsTty = null
})
afterEach(() => {
restoreIsTty?.()
restoreIsTty = null
})
it("promptAddAnotherAccount returns confirm result in TTY", async () => {
// #given
restoreIsTty = setIsTty(true)
confirmMock.mockResolvedValueOnce(true)
const { promptAddAnotherAccount } = await import("./cli")
// #when
const result = await promptAddAnotherAccount(2)
// #then
expect(result).toBe(true)
expect(confirmMock).toHaveBeenCalledTimes(1)
})
it("promptAddAnotherAccount returns false in TTY when confirm is false", async () => {
// #given
restoreIsTty = setIsTty(true)
confirmMock.mockResolvedValueOnce(false)
const { promptAddAnotherAccount } = await import("./cli")
// #when
const result = await promptAddAnotherAccount(2)
// #then
expect(result).toBe(false)
expect(confirmMock).toHaveBeenCalledTimes(1)
})
it("promptAddAnotherAccount returns false in non-TTY", async () => {
// #given
restoreIsTty = setIsTty(false)
const { promptAddAnotherAccount } = await import("./cli")
// #when
const result = await promptAddAnotherAccount(3)
// #then
expect(result).toBe(false)
expect(confirmMock).toHaveBeenCalledTimes(0)
})
it("promptAddAnotherAccount handles cancel", async () => {
// #given
restoreIsTty = setIsTty(true)
confirmMock.mockResolvedValueOnce(CANCEL)
const { promptAddAnotherAccount } = await import("./cli")
// #when
const result = await promptAddAnotherAccount(1)
// #then
expect(result).toBe(false)
})
it("promptAccountTier returns selected tier in TTY", async () => {
// #given
restoreIsTty = setIsTty(true)
selectMock.mockResolvedValueOnce("paid")
const { promptAccountTier } = await import("./cli")
// #when
const result = await promptAccountTier()
// #then
expect(result).toBe("paid")
expect(selectMock).toHaveBeenCalledTimes(1)
})
it("promptAccountTier returns free in non-TTY", async () => {
// #given
restoreIsTty = setIsTty(false)
const { promptAccountTier } = await import("./cli")
// #when
const result = await promptAccountTier()
// #then
expect(result).toBe("free")
expect(selectMock).toHaveBeenCalledTimes(0)
})
it("promptAccountTier handles cancel", async () => {
// #given
restoreIsTty = setIsTty(true)
selectMock.mockResolvedValueOnce(CANCEL)
const { promptAccountTier } = await import("./cli")
// #when
const result = await promptAccountTier()
// #then
expect(result).toBe("free")
})
})

37
src/auth/antigravity/cli.ts Normal file
View File

@@ -0,0 +1,37 @@
import { confirm, select, isCancel } from "@clack/prompts"
export async function promptAddAnotherAccount(currentCount: number): Promise<boolean> {
if (!process.stdout.isTTY) {
return false
}
const result = await confirm({
message: `Add another Google account?\nCurrently have ${currentCount} accounts (max 10)`,
})
if (isCancel(result)) {
return false
}
return result
}
export async function promptAccountTier(): Promise<"free" | "paid"> {
if (!process.stdout.isTTY) {
return "free"
}
const tier = await select({
message: "Select account tier",
options: [
{ value: "free" as const, label: "Free" },
{ value: "paid" as const, label: "Paid" },
],
})
if (isCancel(tier)) {
return "free"
}
return tier
}

201
src/auth/antigravity/constants.ts
View File

@@ -35,11 +35,12 @@ export const ANTIGRAVITY_SCOPES = [
"https://www.googleapis.com/auth/experimentsandconfigs",
] as const
// API Endpoint Fallbacks (order: daily → autopush → prod)
// API Endpoint Fallbacks - matches CLIProxyAPI antigravity_executor.go:1192-1201
// Claude models only available on SANDBOX endpoints (429 quota vs 404 not found)
export const ANTIGRAVITY_ENDPOINT_FALLBACKS = [
"https://daily-cloudcode-pa.sandbox.googleapis.com", // dev
"https://autopush-cloudcode-pa.sandbox.googleapis.com", // staging
"https://cloudcode-pa.googleapis.com", // prod
"https://daily-cloudcode-pa.sandbox.googleapis.com",
"https://daily-cloudcode-pa.googleapis.com",
"https://cloudcode-pa.googleapis.com",
] as const
// API Version
@@ -72,3 +73,195 @@ export const ANTIGRAVITY_TOKEN_REFRESH_BUFFER_MS = 60_000
// Default thought signature to skip validation (CLIProxyAPI approach)
export const SKIP_THOUGHT_SIGNATURE_VALIDATOR = "skip_thought_signature_validator"
// ============================================================================
// System Prompt - Sourced from CLIProxyAPI antigravity_executor.go:1049-1050
// ============================================================================
export const ANTIGRAVITY_SYSTEM_PROMPT = `<identity>
You are Antigravity, a powerful agentic AI coding assistant designed by the Google Deepmind team working on Advanced Agentic Coding.
You are pair programming with a USER to solve their coding task. The task may require creating a new codebase, modifying or debugging an existing codebase, or simply answering a question.
The USER will send you requests, which you must always prioritize addressing. Along with each USER request, we will attach additional metadata about their current state, such as what files they have open and where their cursor is.
This information may or may not be relevant to the coding task, it is up for you to decide.
</identity>
<tool_calling>
Call tools as you normally would. The following list provides additional guidance to help you avoid errors:
- **Absolute paths only**. When using tools that accept file path arguments, ALWAYS use the absolute file path.
</tool_calling>
<web_application_development>
## Technology Stack
Your web applications should be built using the following technologies:
1. **Core**: Use HTML for structure and Javascript for logic.
2. **Styling (CSS)**: Use Vanilla CSS for maximum flexibility and control. Avoid using TailwindCSS unless the USER explicitly requests it; in this case, first confirm which TailwindCSS version to use.
3. **Web App**: If the USER specifies that they want a more complex web app, use a framework like Next.js or Vite. Only do this if the USER explicitly requests a web app.
4. **New Project Creation**: If you need to use a framework for a new app, use \`npx\` with the appropriate script, but there are some rules to follow:
- Use \`npx -y\` to automatically install the script and its dependencies
- You MUST run the command with \`--help\` flag to see all available options first
- Initialize the app in the current directory with \`./\` (example: \`npx -y create-vite-app@latest ./\`)
</web_application_development>
`
// ============================================================================
// Thinking Configuration - Sourced from CLIProxyAPI internal/util/gemini_thinking.go:481-487
// ============================================================================
/**
* Maps reasoning_effort UI values to thinking budget tokens.
*
* Key notes:
* - `none: 0` is a sentinel value meaning "delete thinkingConfig entirely"
* - `auto: -1` triggers dynamic budget calculation based on context
* - All other values represent actual thinking budget in tokens
*/
export const REASONING_EFFORT_BUDGET_MAP: Record<string, number> = {
none: 0, // Special: DELETE thinkingConfig entirely
auto: -1, // Dynamic calculation
minimal: 512,
low: 1024,
medium: 8192,
high: 24576,
xhigh: 32768,
}
/**
* Model-specific thinking configuration.
*
* thinkingType:
* - "numeric": Uses thinkingBudget (number) - Gemini 2.5, Claude via Antigravity
* - "levels": Uses thinkingLevel (string) - Gemini 3
*
* zeroAllowed:
* - true: Budget can be 0 (thinking disabled)
* - false: Minimum budget enforced (cannot disable thinking)
*/
export interface AntigravityModelConfig {
thinkingType: "numeric" | "levels"
min: number
max: number
zeroAllowed: boolean
levels?: string[] // lowercase only: "low", "high" (NOT "LOW", "HIGH")
}
/**
* Thinking configuration per model.
* Keys are normalized model IDs (no provider prefix, no variant suffix).
*
* Config lookup uses pattern matching fallback:
* - includes("gemini-3") → Gemini 3 (levels)
* - includes("gemini-2.5") → Gemini 2.5 (numeric)
* - includes("claude") → Claude via Antigravity (numeric)
*/
export const ANTIGRAVITY_MODEL_CONFIGS: Record<string, AntigravityModelConfig> = {
"gemini-2.5-flash": {
thinkingType: "numeric",
min: 0,
max: 24576,
zeroAllowed: true,
},
"gemini-2.5-flash-lite": {
thinkingType: "numeric",
min: 0,
max: 24576,
zeroAllowed: true,
},
"gemini-2.5-computer-use-preview-10-2025": {
thinkingType: "numeric",
min: 128,
max: 32768,
zeroAllowed: false,
},
"gemini-3-pro-preview": {
thinkingType: "levels",
min: 128,
max: 32768,
zeroAllowed: false,
levels: ["low", "high"],
},
"gemini-3-flash-preview": {
thinkingType: "levels",
min: 128,
max: 32768,
zeroAllowed: false,
levels: ["minimal", "low", "medium", "high"],
},
"gemini-claude-sonnet-4-5-thinking": {
thinkingType: "numeric",
min: 1024,
max: 200000,
zeroAllowed: false,
},
"gemini-claude-opus-4-5-thinking": {
thinkingType: "numeric",
min: 1024,
max: 200000,
zeroAllowed: false,
},
}
// ============================================================================
// Model ID Normalization
// ============================================================================
/**
* Normalizes model ID for config lookup.
*
* Algorithm:
* 1. Strip provider prefix (e.g., "google/")
* 2. Strip "antigravity-" prefix
* 3. Strip UI variant suffixes (-high, -low, -thinking-*)
*
* Examples:
* - "google/antigravity-gemini-3-pro-high" → "gemini-3-pro"
* - "antigravity-gemini-3-flash-preview" → "gemini-3-flash-preview"
* - "gemini-2.5-flash" → "gemini-2.5-flash"
* - "gemini-claude-sonnet-4-5-thinking-high" → "gemini-claude-sonnet-4-5"
*/
export function normalizeModelId(model: string): string {
let normalized = model
// 1. Strip provider prefix (e.g., "google/")
if (normalized.includes("/")) {
normalized = normalized.split("/").pop() || normalized
}
// 2. Strip "antigravity-" prefix
if (normalized.startsWith("antigravity-")) {
normalized = normalized.substring("antigravity-".length)
}
// 3. Strip UI variant suffixes (-high, -low, -thinking-*)
normalized = normalized.replace(/-thinking-(low|medium|high)$/, "")
normalized = normalized.replace(/-(high|low)$/, "")
return normalized
}
export const ANTIGRAVITY_SUPPORTED_MODELS = [
"gemini-2.5-flash",
"gemini-2.5-flash-lite",
"gemini-2.5-computer-use-preview-10-2025",
"gemini-3-pro-preview",
"gemini-3-flash-preview",
"gemini-claude-sonnet-4-5-thinking",
"gemini-claude-opus-4-5-thinking",
] as const
// ============================================================================
// Model Alias Mapping (for Antigravity API)
// ============================================================================
/**
* Converts UI model names to Antigravity API model names.
*
* NOTE: Tested 2026-01-08 - Gemini 3 models work with -preview suffix directly.
* The CLIProxyAPI transformations (gemini-3-pro-high, gemini-3-flash) return 404.
* Claude models return 404 on all endpoints (may require special access/quota).
*/
export function alias2ModelName(modelName: string): string {
if (modelName.startsWith("gemini-claude-")) {
return modelName.substring("gemini-".length)
}
return modelName
}

189
src/auth/antigravity/fetch.ts
View File

@@ -20,6 +20,9 @@
import { ANTIGRAVITY_ENDPOINT_FALLBACKS } from "./constants"
import { fetchProjectContext, clearProjectContextCache, invalidateProjectContextByRefreshToken } from "./project"
import { isTokenExpired, refreshAccessToken, parseStoredToken, formatTokenForStorage, AntigravityTokenRefreshError } from "./token"
import { AccountManager, type ManagedAccount } from "./accounts"
import { loadAccounts } from "./storage"
import type { ModelFamily } from "./types"
import { transformRequest } from "./request"
import { convertRequestBody, hasOpenAIMessages } from "./message-converter"
import {
@@ -28,7 +31,7 @@ import {
isStreamingResponse,
} from "./response"
import { normalizeToolsForGemini, type OpenAITool } from "./tools"
import { extractThinkingBlocks, shouldIncludeThinking, transformResponseThinking } from "./thinking"
import { extractThinkingBlocks, shouldIncludeThinking, transformResponseThinking, extractThinkingConfig, applyThinkingConfigToRequest } from "./thinking"
import {
getThoughtSignature,
setThoughtSignature,
@@ -69,6 +72,33 @@ function isRetryableError(status: number): boolean {
return false
}
function getModelFamilyFromModelName(modelName: string): ModelFamily | null {
const lower = modelName.toLowerCase()
if (lower.includes("claude") || lower.includes("anthropic")) return "claude"
if (lower.includes("flash")) return "gemini-flash"
if (lower.includes("gemini")) return "gemini-pro"
return null
}
function getModelFamilyFromUrl(url: string): ModelFamily {
if (url.includes("claude")) return "claude"
if (url.includes("flash")) return "gemini-flash"
return "gemini-pro"
}
function getModelFamily(url: string, init?: RequestInit): ModelFamily {
if (init?.body && typeof init.body === "string") {
try {
const body = JSON.parse(init.body) as Record<string, unknown>
if (typeof body.model === "string") {
const fromModel = getModelFamilyFromModelName(body.model)
if (fromModel) return fromModel
}
} catch {}
}
return getModelFamilyFromUrl(url)
}
const GCP_PERMISSION_ERROR_PATTERNS = [
"PERMISSION_DENIED",
"does not have permission",
@@ -109,7 +139,13 @@ interface AttemptFetchOptions {
thoughtSignature?: string
}
type AttemptFetchResult = Response | null | "pass-through" | "needs-refresh"
interface RateLimitInfo {
type: "rate-limited"
retryAfterMs: number
status: number
}
type AttemptFetchResult = Response | null | "pass-through" | "needs-refresh" | RateLimitInfo
async function attemptFetch(
options: AttemptFetchOptions
@@ -169,6 +205,23 @@ async function attemptFetch(
thoughtSignature,
})
// Apply thinking config from reasoning_effort (from think-mode hook)
const effectiveModel = modelName || transformed.body.model
const thinkingConfig = extractThinkingConfig(
parsedBody,
parsedBody.generationConfig as Record<string, unknown> | undefined,
parsedBody,
)
if (thinkingConfig) {
debugLog(`[THINKING] Applying thinking config for model: ${effectiveModel}`)
applyThinkingConfigToRequest(
transformed.body as unknown as Record<string, unknown>,
effectiveModel,
thinkingConfig,
)
debugLog(`[THINKING] Thinking config applied successfully`)
}
debugLog(`[REQ] streaming=${transformed.streaming}, url=${transformed.url}`)
const maxPermissionRetries = 10
@@ -204,6 +257,31 @@ async function attemptFetch(
} catch {}
}
if (response.status === 429) {
const retryAfter = response.headers.get("retry-after")
let retryAfterMs = 60000
if (retryAfter) {
const parsed = parseInt(retryAfter, 10)
if (!isNaN(parsed) && parsed > 0) {
retryAfterMs = parsed * 1000
} else {
const httpDate = Date.parse(retryAfter)
if (!isNaN(httpDate)) {
retryAfterMs = Math.max(0, httpDate - Date.now())
}
}
}
debugLog(`[429] Rate limited, retry-after: ${retryAfterMs}ms`)
await response.body?.cancel()
return { type: "rate-limited" as const, retryAfterMs, status: 429 }
}
if (response.status >= 500 && response.status < 600) {
debugLog(`[5xx] Server error ${response.status}, marking for rotation`)
await response.body?.cancel()
return { type: "rate-limited" as const, retryAfterMs: 300000, status: response.status }
}
if (!response.ok && (await isRetryableResponse(response))) {
debugLog(`Endpoint failed: ${endpoint} (status: ${response.status}), trying next`)
return null
@@ -350,13 +428,17 @@ export function createAntigravityFetch(
client: AuthClient,
providerId: string,
clientId?: string,
clientSecret?: string
clientSecret?: string,
accountManager?: AccountManager | null
): (url: string, init?: RequestInit) => Promise<Response> {
let cachedTokens: AntigravityTokens | null = null
let cachedProjectId: string | null = null
let lastAccountIndex: number | null = null
const fetchInstanceId = crypto.randomUUID()
let manager: AccountManager | null = accountManager || null
let accountsLoaded = false
return async (url: string, init: RequestInit = {}): Promise<Response> => {
const fetchFn = async (url: string, init: RequestInit = {}): Promise<Response> => {
debugLog(`Intercepting request to: ${url}`)
// Get current auth state
@@ -366,7 +448,55 @@ export function createAntigravityFetch(
}
// Parse stored token format
const refreshParts = parseStoredToken(auth.refresh)
let refreshParts = parseStoredToken(auth.refresh)
if (!accountsLoaded && !manager && auth.refresh) {
try {
const storedAccounts = await loadAccounts()
if (storedAccounts) {
manager = new AccountManager(
{ refresh: auth.refresh, access: auth.access || "", expires: auth.expires || 0 },
storedAccounts
)
debugLog(`[ACCOUNTS] Loaded ${manager.getAccountCount()} accounts from storage`)
}
} catch (error) {
debugLog(`[ACCOUNTS] Failed to load accounts, falling back to single-account: ${error instanceof Error ? error.message : "Unknown"}`)
}
accountsLoaded = true
}
let currentAccount: ManagedAccount | null = null
if (manager) {
const family = getModelFamily(url, init)
currentAccount = manager.getCurrentOrNextForFamily(family)
if (currentAccount) {
debugLog(`[ACCOUNTS] Using account ${currentAccount.index + 1}/${manager.getAccountCount()} for ${family}`)
if (lastAccountIndex === null || lastAccountIndex !== currentAccount.index) {
if (lastAccountIndex !== null) {
debugLog(`[ACCOUNTS] Account changed from ${lastAccountIndex + 1} to ${currentAccount.index + 1}, clearing cached state`)
} else if (cachedProjectId) {
debugLog(`[ACCOUNTS] First account introduced, clearing cached state`)
}
cachedProjectId = null
cachedTokens = null
}
lastAccountIndex = currentAccount.index
if (currentAccount.access && currentAccount.expires) {
auth.access = currentAccount.access
auth.expires = currentAccount.expires
}
refreshParts = {
refreshToken: currentAccount.parts.refreshToken,
projectId: currentAccount.parts.projectId,
managedProjectId: currentAccount.parts.managedProjectId,
}
}
}
// Build initial token state
if (!cachedTokens) {
@@ -581,7 +711,52 @@ export function createAntigravityFetch(
}
}
if (response) {
if (response && typeof response === "object" && "type" in response && response.type === "rate-limited") {
const rateLimitInfo = response as RateLimitInfo
const family = getModelFamily(url, init)
if (rateLimitInfo.retryAfterMs > 5000 && manager && currentAccount) {
manager.markRateLimited(currentAccount, rateLimitInfo.retryAfterMs, family)
await manager.save()
debugLog(`[RATE-LIMIT] Account ${currentAccount.index + 1} rate-limited for ${family}, rotating...`)
const nextAccount = manager.getCurrentOrNextForFamily(family)
if (nextAccount && nextAccount.index !== currentAccount.index) {
debugLog(`[RATE-LIMIT] Switched to account ${nextAccount.index + 1}`)
return fetchFn(url, init)
}
}
const isLastEndpoint = i === maxEndpoints - 1
if (isLastEndpoint) {
const isServerError = rateLimitInfo.status >= 500
debugLog(`[RATE-LIMIT] No alternative account or endpoint, returning ${rateLimitInfo.status}`)
return new Response(
JSON.stringify({
error: {
message: isServerError
? `Server error (${rateLimitInfo.status}). Retry after ${Math.ceil(rateLimitInfo.retryAfterMs / 1000)} seconds`
: `Rate limited. Retry after ${Math.ceil(rateLimitInfo.retryAfterMs / 1000)} seconds`,
type: isServerError ? "server_error" : "rate_limit",
code: isServerError ? "server_error" : "rate_limited",
},
}),
{
status: rateLimitInfo.status,
statusText: isServerError ? "Server Error" : "Too Many Requests",
headers: {
"Content-Type": "application/json",
"Retry-After": String(Math.ceil(rateLimitInfo.retryAfterMs / 1000)),
},
}
)
}
debugLog(`[RATE-LIMIT] No alternative account available, trying next endpoint`)
continue
}
if (response && response instanceof Response) {
debugLog(`Success with endpoint: ${endpoint}`)
const transformedResponse = await transformResponseWithThinking(
response,
@@ -613,6 +788,8 @@ export function createAntigravityFetch(
return executeWithEndpoints()
}
return fetchFn
}
/**

306
src/auth/antigravity/integration.test.ts Normal file
View File

@@ -0,0 +1,306 @@
/**
* Antigravity Integration Tests - End-to-End
*
* Tests the complete request transformation pipeline:
* - Request parsing and model extraction
* - System prompt injection (handled by transformRequest)
* - Thinking config application (handled by applyThinkingConfigToRequest)
* - Body wrapping for Antigravity API format
*/
import { describe, it, expect } from "bun:test"
import { transformRequest } from "./request"
import { extractThinkingConfig, applyThinkingConfigToRequest } from "./thinking"
describe("Antigravity Integration - End-to-End", () => {
describe("Thinking Config Integration", () => {
it("Gemini 3 with reasoning_effort='high' → thinkingLevel='high'", () => {
// #given
const inputBody: Record<string, unknown> = {
model: "gemini-3-pro-preview",
reasoning_effort: "high",
messages: [{ role: "user", content: "test" }],
}
// #when
const transformed = transformRequest({
url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-3-pro-preview:generateContent",
body: inputBody,
accessToken: "test-token",
projectId: "test-project",
sessionId: "test-session",
modelName: "gemini-3-pro-preview",
})
const thinkingConfig = extractThinkingConfig(
inputBody,
inputBody.generationConfig as Record<string, unknown> | undefined,
inputBody,
)
if (thinkingConfig) {
applyThinkingConfigToRequest(
transformed.body as unknown as Record<string, unknown>,
"gemini-3-pro-preview",
thinkingConfig,
)
}
// #then
const genConfig = transformed.body.request.generationConfig as Record<string, unknown> | undefined
const thinkingConfigResult = genConfig?.thinkingConfig as Record<string, unknown> | undefined
expect(thinkingConfigResult?.thinkingLevel).toBe("high")
expect(thinkingConfigResult?.thinkingBudget).toBeUndefined()
const systemInstruction = transformed.body.request.systemInstruction as Record<string, unknown> | undefined
const parts = systemInstruction?.parts as Array<{ text: string }> | undefined
expect(parts?.[0]?.text).toContain("<identity>")
})
it("Gemini 2.5 with reasoning_effort='high' → thinkingBudget=24576", () => {
// #given
const inputBody: Record<string, unknown> = {
model: "gemini-2.5-flash",
reasoning_effort: "high",
messages: [{ role: "user", content: "test" }],
}
// #when
const transformed = transformRequest({
url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-2.5-flash:generateContent",
body: inputBody,
accessToken: "test-token",
projectId: "test-project",
sessionId: "test-session",
modelName: "gemini-2.5-flash",
})
const thinkingConfig = extractThinkingConfig(
inputBody,
inputBody.generationConfig as Record<string, unknown> | undefined,
inputBody,
)
if (thinkingConfig) {
applyThinkingConfigToRequest(
transformed.body as unknown as Record<string, unknown>,
"gemini-2.5-flash",
thinkingConfig,
)
}
// #then
const genConfig = transformed.body.request.generationConfig as Record<string, unknown> | undefined
const thinkingConfigResult = genConfig?.thinkingConfig as Record<string, unknown> | undefined
expect(thinkingConfigResult?.thinkingBudget).toBe(24576)
expect(thinkingConfigResult?.thinkingLevel).toBeUndefined()
})
it("reasoning_effort='none' → thinkingConfig deleted", () => {
// #given
const inputBody: Record<string, unknown> = {
model: "gemini-2.5-flash",
reasoning_effort: "none",
messages: [{ role: "user", content: "test" }],
}
// #when
const transformed = transformRequest({
url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-2.5-flash:generateContent",
body: inputBody,
accessToken: "test-token",
projectId: "test-project",
sessionId: "test-session",
modelName: "gemini-2.5-flash",
})
const thinkingConfig = extractThinkingConfig(
inputBody,
inputBody.generationConfig as Record<string, unknown> | undefined,
inputBody,
)
if (thinkingConfig) {
applyThinkingConfigToRequest(
transformed.body as unknown as Record<string, unknown>,
"gemini-2.5-flash",
thinkingConfig,
)
}
// #then
const genConfig = transformed.body.request.generationConfig as Record<string, unknown> | undefined
expect(genConfig?.thinkingConfig).toBeUndefined()
})
it("Claude via Antigravity with reasoning_effort='high'", () => {
// #given
const inputBody: Record<string, unknown> = {
model: "gemini-claude-sonnet-4-5",
reasoning_effort: "high",
messages: [{ role: "user", content: "test" }],
}
// #when
const transformed = transformRequest({
url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-claude-sonnet-4-5:generateContent",
body: inputBody,
accessToken: "test-token",
projectId: "test-project",
sessionId: "test-session",
modelName: "gemini-claude-sonnet-4-5",
})
const thinkingConfig = extractThinkingConfig(
inputBody,
inputBody.generationConfig as Record<string, unknown> | undefined,
inputBody,
)
if (thinkingConfig) {
applyThinkingConfigToRequest(
transformed.body as unknown as Record<string, unknown>,
"gemini-claude-sonnet-4-5",
thinkingConfig,
)
}
// #then
const genConfig = transformed.body.request.generationConfig as Record<string, unknown> | undefined
const thinkingConfigResult = genConfig?.thinkingConfig as Record<string, unknown> | undefined
expect(thinkingConfigResult?.thinkingBudget).toBe(24576)
})
it("System prompt not duplicated on retry", () => {
// #given
const inputBody: Record<string, unknown> = {
model: "gemini-3-pro-high",
reasoning_effort: "high",
messages: [{ role: "user", content: "test" }],
}
// #when - First transformation
const firstOutput = transformRequest({
url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-3-pro-high:generateContent",
body: inputBody,
accessToken: "test-token",
projectId: "test-project",
sessionId: "test-session",
modelName: "gemini-3-pro-high",
})
// Extract thinking config and apply to first output (simulating what fetch.ts does)
const thinkingConfig = extractThinkingConfig(
inputBody,
inputBody.generationConfig as Record<string, unknown> | undefined,
inputBody,
)
if (thinkingConfig) {
applyThinkingConfigToRequest(
firstOutput.body as unknown as Record<string, unknown>,
"gemini-3-pro-high",
thinkingConfig,
)
}
// #then
const systemInstruction = firstOutput.body.request.systemInstruction as Record<string, unknown> | undefined
const parts = systemInstruction?.parts as Array<{ text: string }> | undefined
const identityCount = parts?.filter((p) => p.text.includes("<identity>")).length ?? 0
expect(identityCount).toBe(1) // Should have exactly ONE <identity> block
})
it("reasoning_effort='low' for Gemini 3 → thinkingLevel='low'", () => {
// #given
const inputBody: Record<string, unknown> = {
model: "gemini-3-flash-preview",
reasoning_effort: "low",
messages: [{ role: "user", content: "test" }],
}
// #when
const transformed = transformRequest({
url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-3-flash-preview:generateContent",
body: inputBody,
accessToken: "test-token",
projectId: "test-project",
sessionId: "test-session",
modelName: "gemini-3-flash-preview",
})
const thinkingConfig = extractThinkingConfig(
inputBody,
inputBody.generationConfig as Record<string, unknown> | undefined,
inputBody,
)
if (thinkingConfig) {
applyThinkingConfigToRequest(
transformed.body as unknown as Record<string, unknown>,
"gemini-3-flash-preview",
thinkingConfig,
)
}
// #then
const genConfig = transformed.body.request.generationConfig as Record<string, unknown> | undefined
const thinkingConfigResult = genConfig?.thinkingConfig as Record<string, unknown> | undefined
expect(thinkingConfigResult?.thinkingLevel).toBe("low")
})
it("Full pipeline: transformRequest + thinking config preserves all fields", () => {
// #given
const inputBody: Record<string, unknown> = {
model: "gemini-2.5-flash",
reasoning_effort: "medium",
messages: [
{ role: "system", content: "You are a helpful assistant." },
{ role: "user", content: "Write a function" },
],
generationConfig: {
temperature: 0.7,
maxOutputTokens: 1000,
},
}
// #when
const transformed = transformRequest({
url: "https://generativelanguage.googleapis.com/v1internal/models/gemini-2.5-flash:generateContent",
body: inputBody,
accessToken: "test-token",
projectId: "test-project",
sessionId: "test-session",
modelName: "gemini-2.5-flash",
})
const thinkingConfig = extractThinkingConfig(
inputBody,
inputBody.generationConfig as Record<string, unknown> | undefined,
inputBody,
)
if (thinkingConfig) {
applyThinkingConfigToRequest(
transformed.body as unknown as Record<string, unknown>,
"gemini-2.5-flash",
thinkingConfig,
)
}
// #then
// Verify basic structure is preserved
expect(transformed.body.project).toBe("test-project")
expect(transformed.body.model).toBe("gemini-2.5-flash")
expect(transformed.body.userAgent).toBe("antigravity")
expect(transformed.body.request.sessionId).toBe("test-session")
// Verify generation config is preserved
const genConfig = transformed.body.request.generationConfig as Record<string, unknown> | undefined
expect(genConfig?.temperature).toBe(0.7)
expect(genConfig?.maxOutputTokens).toBe(1000)
// Verify thinking config is applied
const thinkingConfigResult = genConfig?.thinkingConfig as Record<string, unknown> | undefined
expect(thinkingConfigResult?.thinkingBudget).toBe(8192)
expect(thinkingConfigResult?.include_thoughts).toBe(true)
// Verify system prompt is injected
const systemInstruction = transformed.body.request.systemInstruction as Record<string, unknown> | undefined
const parts = systemInstruction?.parts as Array<{ text: string }> | undefined
expect(parts?.[0]?.text).toContain("<identity>")
})
})
})

283
src/auth/antigravity/plugin.ts
View File

@@ -37,7 +37,12 @@ import {
} from "./oauth"
import { createAntigravityFetch } from "./fetch"
import { fetchProjectContext } from "./project"
import { formatTokenForStorage } from "./token"
import { formatTokenForStorage, parseStoredToken } from "./token"
import { AccountManager } from "./accounts"
import { loadAccounts } from "./storage"
import { promptAddAnotherAccount, promptAccountTier } from "./cli"
import { openBrowserURL } from "./browser"
import type { AccountTier, AntigravityRefreshParts } from "./types"
/**
* Provider ID for Google models
@@ -45,6 +50,11 @@ import { formatTokenForStorage } from "./token"
*/
const GOOGLE_PROVIDER_ID = "google"
/**
* Maximum number of Google accounts that can be added
*/
const MAX_ACCOUNTS = 10
/**
* Type guard to check if auth is OAuth type
*/
@@ -118,6 +128,40 @@ export async function createGoogleAntigravityAuthPlugin({
console.log("[antigravity-plugin] OAuth auth detected, creating custom fetch")
}
let accountManager: AccountManager | null = null
try {
const storedAccounts = await loadAccounts()
if (storedAccounts) {
accountManager = new AccountManager(currentAuth, storedAccounts)
if (process.env.ANTIGRAVITY_DEBUG === "1") {
console.log(`[antigravity-plugin] Loaded ${accountManager.getAccountCount()} accounts from storage`)
}
} else if (currentAuth.refresh.includes("|||")) {
const tokens = currentAuth.refresh.split("|||")
const firstToken = tokens[0]!
accountManager = new AccountManager(
{ refresh: firstToken, access: currentAuth.access || "", expires: currentAuth.expires || 0 },
null
)
for (let i = 1; i < tokens.length; i++) {
const parts = parseStoredToken(tokens[i]!)
accountManager.addAccount(parts)
}
await accountManager.save()
if (process.env.ANTIGRAVITY_DEBUG === "1") {
console.log("[antigravity-plugin] Migrated multi-account auth to storage")
}
}
} catch (error) {
if (process.env.ANTIGRAVITY_DEBUG === "1") {
console.error(
`[antigravity-plugin] Failed to load accounts: ${
error instanceof Error ? error.message : "Unknown error"
}`
)
}
}
cachedClientId =
(provider.options?.clientId as string) || ANTIGRAVITY_CLIENT_ID
cachedClientSecret =
@@ -180,6 +224,7 @@ export async function createGoogleAntigravityAuthPlugin({
return {
fetch: antigravityFetch,
apiKey: "antigravity-oauth",
accountManager,
}
},
@@ -197,6 +242,7 @@ export async function createGoogleAntigravityAuthPlugin({
/**
* Starts the OAuth authorization flow.
* Opens browser for Google OAuth and waits for callback.
* Supports multi-account flow with prompts for additional accounts.
*
* @returns Authorization result with URL and callback
*/
@@ -204,10 +250,13 @@ export async function createGoogleAntigravityAuthPlugin({
const serverHandle = startCallbackServer()
const { url, verifier } = await buildAuthURL(undefined, cachedClientId, serverHandle.port)
const browserOpened = await openBrowserURL(url)
return {
url,
instructions:
"Complete the sign-in in your browser. We'll automatically detect when you're done.",
instructions: browserOpened
? "Opening browser for sign-in. We'll automatically detect when you're done."
: "Please open the URL above in your browser to sign in.",
method: "auto",
callback: async () => {
@@ -238,28 +287,240 @@ export async function createGoogleAntigravityAuthPlugin({
const tokens = await exchangeCode(result.code, verifier, cachedClientId, cachedClientSecret, serverHandle.port)
if (!tokens.refresh_token) {
serverHandle.close()
if (process.env.ANTIGRAVITY_DEBUG === "1") {
console.error("[antigravity-plugin] OAuth response missing refresh_token")
}
return { type: "failed" as const }
}
let email: string | undefined
try {
const userInfo = await fetchUserInfo(tokens.access_token)
email = userInfo.email
if (process.env.ANTIGRAVITY_DEBUG === "1") {
console.log(`[antigravity-plugin] Authenticated as: ${userInfo.email}`)
console.log(`[antigravity-plugin] Authenticated as: ${email}`)
}
} catch {
// User info is optional
}
const projectContext = await fetchProjectContext(tokens.access_token)
const projectId = projectContext.cloudaicompanionProject || ""
const tier = await promptAccountTier()
const formattedRefresh = formatTokenForStorage(
tokens.refresh_token,
projectContext.cloudaicompanionProject || "",
projectContext.managedProjectId
const expires = Date.now() + tokens.expires_in * 1000
const accounts: Array<{
parts: AntigravityRefreshParts
access: string
expires: number
email?: string
tier: AccountTier
projectId: string
}> = [{
parts: {
refreshToken: tokens.refresh_token,
projectId,
managedProjectId: projectContext.managedProjectId,
},
access: tokens.access_token,
expires,
email,
tier,
projectId,
}]
await client.tui.showToast({
body: {
message: `Account 1 authenticated${email ? ` (${email})` : ""}`,
variant: "success",
},
})
while (accounts.length < MAX_ACCOUNTS) {
const addAnother = await promptAddAnotherAccount(accounts.length)
if (!addAnother) break
const additionalServerHandle = startCallbackServer()
const { url: additionalUrl, verifier: additionalVerifier } = await buildAuthURL(
undefined,
cachedClientId,
additionalServerHandle.port
)
const additionalBrowserOpened = await openBrowserURL(additionalUrl)
if (!additionalBrowserOpened) {
await client.tui.showToast({
body: {
message: `Please open in browser: ${additionalUrl}`,
variant: "warning",
},
})
}
try {
const additionalResult = await additionalServerHandle.waitForCallback()
if (additionalResult.error || !additionalResult.code) {
additionalServerHandle.close()
await client.tui.showToast({
body: {
message: "Skipping this account...",
variant: "warning",
},
})
continue
}
const additionalState = decodeState(additionalResult.state)
if (additionalState.verifier !== additionalVerifier) {
additionalServerHandle.close()
await client.tui.showToast({
body: {
message: "Verification failed, skipping...",
variant: "warning",
},
})
continue
}
const additionalTokens = await exchangeCode(
additionalResult.code,
additionalVerifier,
cachedClientId,
cachedClientSecret,
additionalServerHandle.port
)
if (!additionalTokens.refresh_token) {
additionalServerHandle.close()
if (process.env.ANTIGRAVITY_DEBUG === "1") {
console.error("[antigravity-plugin] Additional account OAuth response missing refresh_token")
}
await client.tui.showToast({
body: {
message: "Account missing refresh token, skipping...",
variant: "warning",
},
})
continue
}
let additionalEmail: string | undefined
try {
const additionalUserInfo = await fetchUserInfo(additionalTokens.access_token)
additionalEmail = additionalUserInfo.email
} catch {
// User info is optional
}
const additionalProjectContext = await fetchProjectContext(additionalTokens.access_token)
const additionalProjectId = additionalProjectContext.cloudaicompanionProject || ""
const additionalTier = await promptAccountTier()
const additionalExpires = Date.now() + additionalTokens.expires_in * 1000
accounts.push({
parts: {
refreshToken: additionalTokens.refresh_token,
projectId: additionalProjectId,
managedProjectId: additionalProjectContext.managedProjectId,
},
access: additionalTokens.access_token,
expires: additionalExpires,
email: additionalEmail,
tier: additionalTier,
projectId: additionalProjectId,
})
additionalServerHandle.close()
await client.tui.showToast({
body: {
message: `Account ${accounts.length} authenticated${additionalEmail ? ` (${additionalEmail})` : ""}`,
variant: "success",
},
})
} catch (error) {
additionalServerHandle.close()
if (process.env.ANTIGRAVITY_DEBUG === "1") {
console.error(
`[antigravity-plugin] Additional account OAuth failed: ${
error instanceof Error ? error.message : "Unknown error"
}`
)
}
await client.tui.showToast({
body: {
message: "Failed to authenticate additional account, skipping...",
variant: "warning",
},
})
continue
}
}
const firstAccount = accounts[0]!
try {
const accountManager = new AccountManager(
{
refresh: formatTokenForStorage(
firstAccount.parts.refreshToken,
firstAccount.projectId,
firstAccount.parts.managedProjectId
),
access: firstAccount.access,
expires: firstAccount.expires,
},
null
)
for (let i = 1; i < accounts.length; i++) {
const acc = accounts[i]!
accountManager.addAccount(
acc.parts,
acc.access,
acc.expires,
acc.email,
acc.tier
)
}
const currentAccount = accountManager.getCurrentAccount()
if (currentAccount) {
currentAccount.email = firstAccount.email
currentAccount.tier = firstAccount.tier
}
await accountManager.save()
if (process.env.ANTIGRAVITY_DEBUG === "1") {
console.log(`[antigravity-plugin] Saved ${accounts.length} accounts to storage`)
}
} catch (error) {
if (process.env.ANTIGRAVITY_DEBUG === "1") {
console.error(
`[antigravity-plugin] Failed to save accounts: ${
error instanceof Error ? error.message : "Unknown error"
}`
)
}
}
const allRefreshTokens = accounts
.map((acc) => formatTokenForStorage(
acc.parts.refreshToken,
acc.projectId,
acc.parts.managedProjectId
))
.join("|||")
return {
type: "success" as const,
access: tokens.access_token,
refresh: formattedRefresh,
expires: Date.now() + tokens.expires_in * 1000,
access: firstAccount.access,
refresh: allRefreshTokens,
expires: firstAccount.expires,
}
} catch (error) {
serverHandle.close()

224
src/auth/antigravity/request.test.ts Normal file
View File

@@ -0,0 +1,224 @@
import { describe, it, expect } from "bun:test"
import { ANTIGRAVITY_SYSTEM_PROMPT } from "./constants"
import { injectSystemPrompt, wrapRequestBody } from "./request"
describe("injectSystemPrompt", () => {
describe("basic injection", () => {
it("should inject system prompt into empty request", () => {
// #given
const wrappedBody = {
project: "test-project",
model: "gemini-3-pro-preview",
request: {} as Record<string, unknown>,
}
// #when
injectSystemPrompt(wrappedBody)
// #then
const req = wrappedBody.request as { systemInstruction?: { role: string; parts: Array<{ text: string }> } }
expect(req).toHaveProperty("systemInstruction")
expect(req.systemInstruction?.role).toBe("user")
expect(req.systemInstruction?.parts).toBeDefined()
expect(Array.isArray(req.systemInstruction?.parts)).toBe(true)
expect(req.systemInstruction?.parts?.length).toBe(1)
expect(req.systemInstruction?.parts?.[0]?.text).toContain("<identity>")
})
it("should inject system prompt with correct structure", () => {
// #given
const wrappedBody = {
project: "test-project",
model: "gemini-3-pro-preview",
request: {
contents: [{ role: "user", parts: [{ text: "Hello" }] }],
} as Record<string, unknown>,
}
// #when
injectSystemPrompt(wrappedBody)
// #then
const req = wrappedBody.request as { systemInstruction?: { role: string; parts: Array<{ text: string }> } }
expect(req.systemInstruction).toEqual({
role: "user",
parts: [{ text: ANTIGRAVITY_SYSTEM_PROMPT }],
})
})
})
describe("prepend to existing systemInstruction", () => {
it("should prepend Antigravity prompt before existing systemInstruction parts", () => {
// #given
const wrappedBody = {
project: "test-project",
model: "gemini-3-pro-preview",
request: {
systemInstruction: {
role: "user",
parts: [{ text: "existing system prompt" }],
},
} as Record<string, unknown>,
}
// #when
injectSystemPrompt(wrappedBody)
// #then
const req = wrappedBody.request as { systemInstruction?: { parts: Array<{ text: string }> } }
expect(req.systemInstruction?.parts?.length).toBe(2)
expect(req.systemInstruction?.parts?.[0]?.text).toBe(ANTIGRAVITY_SYSTEM_PROMPT)
expect(req.systemInstruction?.parts?.[1]?.text).toBe("existing system prompt")
})
it("should preserve multiple existing parts when prepending", () => {
// #given
const wrappedBody = {
project: "test-project",
model: "gemini-3-pro-preview",
request: {
systemInstruction: {
role: "user",
parts: [
{ text: "first existing part" },
{ text: "second existing part" },
],
},
} as Record<string, unknown>,
}
// #when
injectSystemPrompt(wrappedBody)
// #then
const req = wrappedBody.request as { systemInstruction?: { parts: Array<{ text: string }> } }
expect(req.systemInstruction?.parts?.length).toBe(3)
expect(req.systemInstruction?.parts?.[0]?.text).toBe(ANTIGRAVITY_SYSTEM_PROMPT)
expect(req.systemInstruction?.parts?.[1]?.text).toBe("first existing part")
expect(req.systemInstruction?.parts?.[2]?.text).toBe("second existing part")
})
})
describe("duplicate prevention", () => {
it("should not inject if <identity> marker already exists in first part", () => {
// #given
const wrappedBody = {
project: "test-project",
model: "gemini-3-pro-preview",
request: {
systemInstruction: {
role: "user",
parts: [{ text: "some prompt with <identity> marker already" }],
},
} as Record<string, unknown>,
}
// #when
injectSystemPrompt(wrappedBody)
// #then
const req = wrappedBody.request as { systemInstruction?: { parts: Array<{ text: string }> } }
expect(req.systemInstruction?.parts?.length).toBe(1)
expect(req.systemInstruction?.parts?.[0]?.text).toBe("some prompt with <identity> marker already")
})
it("should inject if <identity> marker is not in first part", () => {
// #given
const wrappedBody = {
project: "test-project",
model: "gemini-3-pro-preview",
request: {
systemInstruction: {
role: "user",
parts: [
{ text: "not the identity marker" },
{ text: "some <identity> in second part" },
],
},
} as Record<string, unknown>,
}
// #when
injectSystemPrompt(wrappedBody)
// #then
const req = wrappedBody.request as { systemInstruction?: { parts: Array<{ text: string }> } }
expect(req.systemInstruction?.parts?.length).toBe(3)
expect(req.systemInstruction?.parts?.[0]?.text).toBe(ANTIGRAVITY_SYSTEM_PROMPT)
})
})
describe("edge cases", () => {
it("should handle request without request field", () => {
// #given
const wrappedBody: { project: string; model: string; request?: Record<string, unknown> } = {
project: "test-project",
model: "gemini-3-pro-preview",
}
// #when
injectSystemPrompt(wrappedBody)
// #then - should not throw, should not modify
expect(wrappedBody).not.toHaveProperty("systemInstruction")
})
it("should handle request with non-object request field", () => {
// #given
const wrappedBody: { project: string; model: string; request?: unknown } = {
project: "test-project",
model: "gemini-3-pro-preview",
request: "not an object",
}
// #when
injectSystemPrompt(wrappedBody)
// #then - should not throw
})
})
})
describe("wrapRequestBody", () => {
it("should create wrapped body with correct structure", () => {
// #given
const body = {
model: "gemini-3-pro-preview",
contents: [{ role: "user", parts: [{ text: "Hello" }] }],
}
const projectId = "test-project"
const modelName = "gemini-3-pro-preview"
const sessionId = "test-session"
// #when
const result = wrapRequestBody(body, projectId, modelName, sessionId)
// #then
expect(result).toHaveProperty("project", projectId)
expect(result).toHaveProperty("model", "gemini-3-pro-preview")
expect(result).toHaveProperty("request")
expect(result.request).toHaveProperty("sessionId", sessionId)
expect(result.request).toHaveProperty("contents")
expect(result.request.contents).toEqual(body.contents)
expect(result.request).not.toHaveProperty("model") // model should be moved to outer
})
it("should include systemInstruction in wrapped request", () => {
// #given
const body = {
model: "gemini-3-pro-preview",
contents: [{ role: "user", parts: [{ text: "Hello" }] }],
}
const projectId = "test-project"
const modelName = "gemini-3-pro-preview"
const sessionId = "test-session"
// #when
const result = wrapRequestBody(body, projectId, modelName, sessionId)
// #then
const req = result.request as { systemInstruction?: { parts: Array<{ text: string }> } }
expect(req).toHaveProperty("systemInstruction")
expect(req.systemInstruction?.parts?.[0]?.text).toContain("<identity>")
})
})

87
src/auth/antigravity/request.ts
View File

@@ -8,7 +8,9 @@ import {
ANTIGRAVITY_API_VERSION,
ANTIGRAVITY_ENDPOINT_FALLBACKS,
ANTIGRAVITY_HEADERS,
ANTIGRAVITY_SYSTEM_PROMPT,
SKIP_THOUGHT_SIGNATURE_VALIDATOR,
alias2ModelName,
} from "./constants"
import type { AntigravityRequestBody } from "./types"
@@ -133,6 +135,58 @@ function generateRequestId(): string {
return `agent-${crypto.randomUUID()}`
}
/**
* Inject ANTIGRAVITY_SYSTEM_PROMPT into request.systemInstruction.
* Prepends Antigravity prompt before any existing systemInstruction.
* Prevents duplicate injection by checking for <identity> marker.
*
* CRITICAL: Modifies wrappedBody.request.systemInstruction (NOT outer body!)
*
* @param wrappedBody - The wrapped request body with request field
*/
export function injectSystemPrompt(wrappedBody: { request?: unknown }): void {
if (!wrappedBody.request || typeof wrappedBody.request !== "object") {
return
}
const req = wrappedBody.request as Record<string, unknown>
// Check for duplicate injection - if <identity> marker exists in first part, skip
if (req.systemInstruction && typeof req.systemInstruction === "object") {
const existing = req.systemInstruction as Record<string, unknown>
if (existing.parts && Array.isArray(existing.parts)) {
const firstPart = existing.parts[0]
if (firstPart && typeof firstPart === "object" && "text" in firstPart) {
const text = (firstPart as { text: string }).text
if (text.includes("<identity>")) {
return // Already injected, skip
}
}
}
}
// Build new parts array - Antigravity prompt first, then existing parts
const newParts: Array<{ text: string }> = [{ text: ANTIGRAVITY_SYSTEM_PROMPT }]
// Prepend existing parts if systemInstruction exists with parts
if (req.systemInstruction && typeof req.systemInstruction === "object") {
const existing = req.systemInstruction as Record<string, unknown>
if (existing.parts && Array.isArray(existing.parts)) {
for (const part of existing.parts) {
if (part && typeof part === "object" && "text" in part) {
newParts.push(part as { text: string })
}
}
}
}
// Set the new systemInstruction
req.systemInstruction = {
role: "user",
parts: newParts,
}
}
export function wrapRequestBody(
body: Record<string, unknown>,
projectId: string,
@@ -142,16 +196,37 @@ export function wrapRequestBody(
const requestPayload = { ...body }
delete requestPayload.model
return {
project: projectId,
model: modelName,
userAgent: "antigravity",
requestId: generateRequestId(),
request: {
let normalizedModel = modelName
if (normalizedModel.startsWith("antigravity-")) {
normalizedModel = normalizedModel.substring("antigravity-".length)
}
const apiModel = alias2ModelName(normalizedModel)
debugLog(`[MODEL] input="${modelName}" → normalized="${normalizedModel}" → api="${apiModel}"`)
const requestObj = {
...requestPayload,
sessionId,
toolConfig: {
...(requestPayload.toolConfig as Record<string, unknown> || {}),
functionCallingConfig: {
mode: "VALIDATED",
},
},
}
delete (requestObj as Record<string, unknown>).safetySettings
const wrappedBody: AntigravityRequestBody = {
project: projectId,
model: apiModel,
userAgent: "antigravity",
requestType: "agent",
requestId: generateRequestId(),
request: requestObj,
}
injectSystemPrompt(wrappedBody)
return wrappedBody
}
interface ContentPart {

388
src/auth/antigravity/storage.test.ts Normal file
View File

@@ -0,0 +1,388 @@
import { describe, it, expect, beforeEach, afterEach } from "bun:test"
import { join } from "node:path"
import { homedir } from "node:os"
import { promises as fs } from "node:fs"
import { tmpdir } from "node:os"
import type { AccountStorage } from "./types"
import { getDataDir, getStoragePath, loadAccounts, saveAccounts } from "./storage"
describe("storage", () => {
const testDir = join(tmpdir(), `oh-my-opencode-storage-test-${Date.now()}`)
const testStoragePath = join(testDir, "oh-my-opencode-accounts.json")
const validStorage: AccountStorage = {
version: 1,
accounts: [
{
email: "test@example.com",
tier: "free",
refreshToken: "refresh-token-123",
projectId: "project-123",
accessToken: "access-token-123",
expiresAt: Date.now() + 3600000,
rateLimits: {},
},
],
activeIndex: 0,
}
beforeEach(async () => {
await fs.mkdir(testDir, { recursive: true })
})
afterEach(async () => {
try {
await fs.rm(testDir, { recursive: true, force: true })
} catch {
// ignore cleanup errors
}
})
describe("getDataDir", () => {
it("returns path containing opencode directory", () => {
// #given
// platform is current system
// #when
const result = getDataDir()
// #then
expect(result).toContain("opencode")
})
it("returns XDG_DATA_HOME/opencode when XDG_DATA_HOME is set on non-Windows", () => {
// #given
const originalXdg = process.env.XDG_DATA_HOME
const originalPlatform = process.platform
if (originalPlatform === "win32") {
return
}
try {
process.env.XDG_DATA_HOME = "/custom/data"
// #when
const result = getDataDir()
// #then
expect(result).toBe("/custom/data/opencode")
} finally {
if (originalXdg !== undefined) {
process.env.XDG_DATA_HOME = originalXdg
} else {
delete process.env.XDG_DATA_HOME
}
}
})
it("returns ~/.local/share/opencode when XDG_DATA_HOME is not set on non-Windows", () => {
// #given
const originalXdg = process.env.XDG_DATA_HOME
const originalPlatform = process.platform
if (originalPlatform === "win32") {
return
}
try {
delete process.env.XDG_DATA_HOME
// #when
const result = getDataDir()
// #then
expect(result).toBe(join(homedir(), ".local", "share", "opencode"))
} finally {
if (originalXdg !== undefined) {
process.env.XDG_DATA_HOME = originalXdg
} else {
delete process.env.XDG_DATA_HOME
}
}
})
})
describe("getStoragePath", () => {
it("returns path ending with oh-my-opencode-accounts.json", () => {
// #given
// no setup needed
// #when
const result = getStoragePath()
// #then
expect(result.endsWith("oh-my-opencode-accounts.json")).toBe(true)
expect(result).toContain("opencode")
})
})
describe("loadAccounts", () => {
it("returns parsed storage when file exists and is valid", async () => {
// #given
await fs.writeFile(testStoragePath, JSON.stringify(validStorage), "utf-8")
// #when
const result = await loadAccounts(testStoragePath)
// #then
expect(result).not.toBeNull()
expect(result?.version).toBe(1)
expect(result?.accounts).toHaveLength(1)
expect(result?.accounts[0].email).toBe("test@example.com")
})
it("returns null when file does not exist (ENOENT)", async () => {
// #given
const nonExistentPath = join(testDir, "non-existent.json")
// #when
const result = await loadAccounts(nonExistentPath)
// #then
expect(result).toBeNull()
})
it("returns null when file contains invalid JSON", async () => {
// #given
const invalidJsonPath = join(testDir, "invalid.json")
await fs.writeFile(invalidJsonPath, "{ invalid json }", "utf-8")
// #when
const result = await loadAccounts(invalidJsonPath)
// #then
expect(result).toBeNull()
})
it("returns null when file contains valid JSON but invalid schema", async () => {
// #given
const invalidSchemaPath = join(testDir, "invalid-schema.json")
await fs.writeFile(invalidSchemaPath, JSON.stringify({ foo: "bar" }), "utf-8")
// #when
const result = await loadAccounts(invalidSchemaPath)
// #then
expect(result).toBeNull()
})
it("returns null when accounts is not an array", async () => {
// #given
const invalidAccountsPath = join(testDir, "invalid-accounts.json")
await fs.writeFile(
invalidAccountsPath,
JSON.stringify({ version: 1, accounts: "not-array", activeIndex: 0 }),
"utf-8"
)
// #when
const result = await loadAccounts(invalidAccountsPath)
// #then
expect(result).toBeNull()
})
it("returns null when activeIndex is not a number", async () => {
// #given
const invalidIndexPath = join(testDir, "invalid-index.json")
await fs.writeFile(
invalidIndexPath,
JSON.stringify({ version: 1, accounts: [], activeIndex: "zero" }),
"utf-8"
)
// #when
const result = await loadAccounts(invalidIndexPath)
// #then
expect(result).toBeNull()
})
})
describe("saveAccounts", () => {
it("writes storage to file with proper JSON formatting", async () => {
// #given
// testStoragePath is ready
// #when
await saveAccounts(validStorage, testStoragePath)
// #then
const content = await fs.readFile(testStoragePath, "utf-8")
const parsed = JSON.parse(content)
expect(parsed.version).toBe(1)
expect(parsed.accounts).toHaveLength(1)
expect(parsed.activeIndex).toBe(0)
})
it("creates parent directories if they do not exist", async () => {
// #given
const nestedPath = join(testDir, "nested", "deep", "oh-my-opencode-accounts.json")
// #when
await saveAccounts(validStorage, nestedPath)
// #then
const content = await fs.readFile(nestedPath, "utf-8")
const parsed = JSON.parse(content)
expect(parsed.version).toBe(1)
})
it("overwrites existing file", async () => {
// #given
const existingStorage: AccountStorage = {
version: 1,
accounts: [],
activeIndex: 0,
}
await fs.writeFile(testStoragePath, JSON.stringify(existingStorage), "utf-8")
// #when
await saveAccounts(validStorage, testStoragePath)
// #then
const content = await fs.readFile(testStoragePath, "utf-8")
const parsed = JSON.parse(content)
expect(parsed.accounts).toHaveLength(1)
})
it("uses pretty-printed JSON with 2-space indentation", async () => {
// #given
// testStoragePath is ready
// #when
await saveAccounts(validStorage, testStoragePath)
// #then
const content = await fs.readFile(testStoragePath, "utf-8")
expect(content).toContain("\n")
expect(content).toContain(" ")
})
it("sets restrictive file permissions (0o600) for security", async () => {
// #given
// testStoragePath is ready
// #when
await saveAccounts(validStorage, testStoragePath)
// #then
const stats = await fs.stat(testStoragePath)
const mode = stats.mode & 0o777
expect(mode).toBe(0o600)
})
it("uses atomic write pattern with temp file and rename", async () => {
// #given
// This test verifies that the file is written atomically
// by checking that no partial writes occur
// #when
await saveAccounts(validStorage, testStoragePath)
// #then
// If we can read valid JSON, the atomic write succeeded
const content = await fs.readFile(testStoragePath, "utf-8")
const parsed = JSON.parse(content)
expect(parsed.version).toBe(1)
expect(parsed.accounts).toHaveLength(1)
})
it("cleans up temp file on rename failure", async () => {
// #given
const readOnlyDir = join(testDir, "readonly")
await fs.mkdir(readOnlyDir, { recursive: true })
const readOnlyPath = join(readOnlyDir, "accounts.json")
await fs.writeFile(readOnlyPath, "{}", "utf-8")
await fs.chmod(readOnlyPath, 0o444)
// #when
let didThrow = false
try {
await saveAccounts(validStorage, readOnlyPath)
} catch {
didThrow = true
}
// #then
const files = await fs.readdir(readOnlyDir)
const tempFiles = files.filter((f) => f.includes(".tmp."))
expect(tempFiles).toHaveLength(0)
if (!didThrow) {
console.log("[TEST SKIP] File permissions did not work as expected on this system")
}
// Cleanup
await fs.chmod(readOnlyPath, 0o644)
})
it("uses unique temp filename with pid and timestamp", async () => {
// #given
// We verify this by checking the implementation behavior
// The temp file should include process.pid and Date.now()
// #when
await saveAccounts(validStorage, testStoragePath)
// #then
// File should exist and be valid (temp file was successfully renamed)
const exists = await fs.access(testStoragePath).then(() => true).catch(() => false)
expect(exists).toBe(true)
})
it("handles sequential writes without corruption", async () => {
// #given
const storage1: AccountStorage = {
...validStorage,
accounts: [{ ...validStorage.accounts[0]!, email: "user1@example.com" }],
}
const storage2: AccountStorage = {
...validStorage,
accounts: [{ ...validStorage.accounts[0]!, email: "user2@example.com" }],
}
// #when - sequential writes (concurrent writes are inherently racy)
await saveAccounts(storage1, testStoragePath)
await saveAccounts(storage2, testStoragePath)
// #then - file should contain valid JSON from last write
const content = await fs.readFile(testStoragePath, "utf-8")
const parsed = JSON.parse(content) as AccountStorage
expect(parsed.version).toBe(1)
expect(parsed.accounts[0]?.email).toBe("user2@example.com")
})
})
describe("loadAccounts error handling", () => {
it("re-throws non-ENOENT filesystem errors", async () => {
// #given
const unreadableDir = join(testDir, "unreadable")
await fs.mkdir(unreadableDir, { recursive: true })
const unreadablePath = join(unreadableDir, "accounts.json")
await fs.writeFile(unreadablePath, JSON.stringify(validStorage), "utf-8")
await fs.chmod(unreadablePath, 0o000)
// #when
let thrownError: Error | null = null
let result: unknown = undefined
try {
result = await loadAccounts(unreadablePath)
} catch (error) {
thrownError = error as Error
}
// #then
if (thrownError) {
expect((thrownError as NodeJS.ErrnoException).code).not.toBe("ENOENT")
} else {
console.log("[TEST SKIP] File permissions did not work as expected on this system, got result:", result)
}
// Cleanup
await fs.chmod(unreadablePath, 0o644)
})
})
})

74
src/auth/antigravity/storage.ts Normal file
View File

@@ -0,0 +1,74 @@
import { promises as fs } from "node:fs"
import { join, dirname } from "node:path"
import type { AccountStorage } from "./types"
import { getDataDir as getSharedDataDir } from "../../shared/data-path"
export function getDataDir(): string {
return join(getSharedDataDir(), "opencode")
}
export function getStoragePath(): string {
return join(getDataDir(), "oh-my-opencode-accounts.json")
}
export async function loadAccounts(path?: string): Promise<AccountStorage | null> {
const storagePath = path ?? getStoragePath()
try {
const content = await fs.readFile(storagePath, "utf-8")
const data = JSON.parse(content) as unknown
if (!isValidAccountStorage(data)) {
return null
}
return data
} catch (error) {
const errorCode = (error as NodeJS.ErrnoException).code
if (errorCode === "ENOENT") {
return null
}
if (error instanceof SyntaxError) {
return null
}
throw error
}
}
export async function saveAccounts(storage: AccountStorage, path?: string): Promise<void> {
const storagePath = path ?? getStoragePath()
await fs.mkdir(dirname(storagePath), { recursive: true })
const content = JSON.stringify(storage, null, 2)
const tempPath = `${storagePath}.tmp.${process.pid}.${Date.now()}`
await fs.writeFile(tempPath, content, { encoding: "utf-8", mode: 0o600 })
try {
await fs.rename(tempPath, storagePath)
} catch (error) {
await fs.unlink(tempPath).catch(() => {})
throw error
}
}
function isValidAccountStorage(data: unknown): data is AccountStorage {
if (typeof data !== "object" || data === null) {
return false
}
const obj = data as Record<string, unknown>
if (typeof obj.version !== "number") {
return false
}
if (!Array.isArray(obj.accounts)) {
return false
}
if (typeof obj.activeIndex !== "number") {
return false
}
return true
}

288
src/auth/antigravity/thinking.test.ts Normal file
View File

@@ -0,0 +1,288 @@
/**
* Tests for reasoning_effort and Gemini 3 thinkingLevel support.
*
* Tests the following functions:
* - getModelThinkingConfig()
* - extractThinkingConfig() with reasoning_effort
* - applyThinkingConfigToRequest()
* - budgetToLevel()
*/
import { describe, it, expect } from "bun:test"
import type { AntigravityModelConfig } from "./constants"
import {
getModelThinkingConfig,
extractThinkingConfig,
applyThinkingConfigToRequest,
budgetToLevel,
type ThinkingConfig,
type DeleteThinkingConfig,
} from "./thinking"
// ============================================================================
// getModelThinkingConfig() tests
// ============================================================================
describe("getModelThinkingConfig", () => {
// #given: A model ID that maps to a levels-based thinking config (Gemini 3)
// #when: getModelThinkingConfig is called with google/antigravity-gemini-3-pro-high
// #then: It should return a config with thinkingType: "levels"
it("should return levels config for Gemini 3 model", () => {
const config = getModelThinkingConfig("google/antigravity-gemini-3-pro-high")
expect(config).toBeDefined()
expect(config?.thinkingType).toBe("levels")
expect(config?.levels).toEqual(["low", "high"])
})
// #given: A model ID that maps to a numeric-based thinking config (Gemini 2.5)
// #when: getModelThinkingConfig is called with gemini-2.5-flash
// #then: It should return a config with thinkingType: "numeric"
it("should return numeric config for Gemini 2.5 model", () => {
const config = getModelThinkingConfig("gemini-2.5-flash")
expect(config).toBeDefined()
expect(config?.thinkingType).toBe("numeric")
expect(config?.min).toBe(0)
expect(config?.max).toBe(24576)
expect(config?.zeroAllowed).toBe(true)
})
// #given: A model that doesn't have an exact match but includes "gemini-3"
// #when: getModelThinkingConfig is called
// #then: It should use pattern matching fallback to return levels config
it("should use pattern matching fallback for gemini-3", () => {
const config = getModelThinkingConfig("gemini-3-pro")
expect(config).toBeDefined()
expect(config?.thinkingType).toBe("levels")
expect(config?.levels).toEqual(["low", "high"])
})
// #given: A model that doesn't have an exact match but includes "claude"
// #when: getModelThinkingConfig is called
// #then: It should use pattern matching fallback to return numeric config
it("should use pattern matching fallback for claude models", () => {
const config = getModelThinkingConfig("claude-opus-4-5")
expect(config).toBeDefined()
expect(config?.thinkingType).toBe("numeric")
expect(config?.min).toBe(1024)
expect(config?.max).toBe(200000)
expect(config?.zeroAllowed).toBe(false)
})
// #given: An unknown model
// #when: getModelThinkingConfig is called
// #then: It should return undefined
it("should return undefined for unknown models", () => {
const config = getModelThinkingConfig("unknown-model")
expect(config).toBeUndefined()
})
})
// ============================================================================
// extractThinkingConfig() with reasoning_effort tests
// ============================================================================
describe("extractThinkingConfig with reasoning_effort", () => {
// #given: A request payload with reasoning_effort set to "high"
// #when: extractThinkingConfig is called
// #then: It should return config with thinkingBudget: 24576 and includeThoughts: true
it("should extract reasoning_effort high correctly", () => {
const requestPayload = { reasoning_effort: "high" }
const result = extractThinkingConfig(requestPayload)
expect(result).toEqual({ thinkingBudget: 24576, includeThoughts: true })
})
// #given: A request payload with reasoning_effort set to "low"
// #when: extractThinkingConfig is called
// #then: It should return config with thinkingBudget: 1024 and includeThoughts: true
it("should extract reasoning_effort low correctly", () => {
const requestPayload = { reasoning_effort: "low" }
const result = extractThinkingConfig(requestPayload)
expect(result).toEqual({ thinkingBudget: 1024, includeThoughts: true })
})
// #given: A request payload with reasoning_effort set to "none"
// #when: extractThinkingConfig is called
// #then: It should return { deleteThinkingConfig: true } (special marker)
it("should extract reasoning_effort none as delete marker", () => {
const requestPayload = { reasoning_effort: "none" }
const result = extractThinkingConfig(requestPayload)
expect(result as unknown).toEqual({ deleteThinkingConfig: true })
})
// #given: A request payload with reasoning_effort set to "medium"
// #when: extractThinkingConfig is called
// #then: It should return config with thinkingBudget: 8192
it("should extract reasoning_effort medium correctly", () => {
const requestPayload = { reasoning_effort: "medium" }
const result = extractThinkingConfig(requestPayload)
expect(result).toEqual({ thinkingBudget: 8192, includeThoughts: true })
})
// #given: A request payload with reasoning_effort in extraBody (not main payload)
// #when: extractThinkingConfig is called
// #then: It should still extract and return the correct config
it("should extract reasoning_effort from extraBody", () => {
const requestPayload = {}
const extraBody = { reasoning_effort: "high" }
const result = extractThinkingConfig(requestPayload, undefined, extraBody)
expect(result).toEqual({ thinkingBudget: 24576, includeThoughts: true })
})
// #given: A request payload without reasoning_effort
// #when: extractThinkingConfig is called
// #then: It should return undefined (existing behavior unchanged)
it("should return undefined when reasoning_effort not present", () => {
const requestPayload = { model: "gemini-2.5-flash" }
const result = extractThinkingConfig(requestPayload)
expect(result).toBeUndefined()
})
})
// ============================================================================
// budgetToLevel() tests
// ============================================================================
describe("budgetToLevel", () => {
// #given: A thinking budget of 24576 and a Gemini 3 model
// #when: budgetToLevel is called
// #then: It should return "high"
it("should convert budget 24576 to level high for Gemini 3", () => {
const level = budgetToLevel(24576, "gemini-3-pro")
expect(level).toBe("high")
})
// #given: A thinking budget of 1024 and a Gemini 3 model
// #when: budgetToLevel is called
// #then: It should return "low"
it("should convert budget 1024 to level low for Gemini 3", () => {
const level = budgetToLevel(1024, "gemini-3-pro")
expect(level).toBe("low")
})
// #given: A thinking budget that doesn't match any predefined level
// #when: budgetToLevel is called
// #then: It should return the highest available level
it("should return highest level for unknown budget", () => {
const level = budgetToLevel(99999, "gemini-3-pro")
expect(level).toBe("high")
})
})
// ============================================================================
// applyThinkingConfigToRequest() tests
// ============================================================================
describe("applyThinkingConfigToRequest", () => {
// #given: A request body with generationConfig and Gemini 3 model with high budget
// #when: applyThinkingConfigToRequest is called with ThinkingConfig
// #then: It should set thinkingLevel to "high" (lowercase) and NOT set thinkingBudget
it("should set thinkingLevel for Gemini 3 model", () => {
const requestBody: Record<string, unknown> = {
request: {
generationConfig: {},
},
}
const config: ThinkingConfig = { thinkingBudget: 24576, includeThoughts: true }
applyThinkingConfigToRequest(requestBody, "gemini-3-pro", config)
const genConfig = (requestBody.request as Record<string, unknown>).generationConfig as Record<string, unknown>
const thinkingConfig = genConfig.thinkingConfig as Record<string, unknown>
expect(thinkingConfig.thinkingLevel).toBe("high")
expect(thinkingConfig.thinkingBudget).toBeUndefined()
expect(thinkingConfig.include_thoughts).toBe(true)
})
// #given: A request body with generationConfig and Gemini 2.5 model with high budget
// #when: applyThinkingConfigToRequest is called with ThinkingConfig
// #then: It should set thinkingBudget to 24576 and NOT set thinkingLevel
it("should set thinkingBudget for Gemini 2.5 model", () => {
const requestBody: Record<string, unknown> = {
request: {
generationConfig: {},
},
}
const config: ThinkingConfig = { thinkingBudget: 24576, includeThoughts: true }
applyThinkingConfigToRequest(requestBody, "gemini-2.5-flash", config)
const genConfig = (requestBody.request as Record<string, unknown>).generationConfig as Record<string, unknown>
const thinkingConfig = genConfig.thinkingConfig as Record<string, unknown>
expect(thinkingConfig.thinkingBudget).toBe(24576)
expect(thinkingConfig.thinkingLevel).toBeUndefined()
expect(thinkingConfig.include_thoughts).toBe(true)
})
// #given: A request body with existing thinkingConfig
// #when: applyThinkingConfigToRequest is called with deleteThinkingConfig: true
// #then: It should remove the thinkingConfig entirely
it("should remove thinkingConfig when delete marker is set", () => {
const requestBody: Record<string, unknown> = {
request: {
generationConfig: {
thinkingConfig: {
thinkingBudget: 16000,
include_thoughts: true,
},
},
},
}
applyThinkingConfigToRequest(requestBody, "gemini-3-pro", { deleteThinkingConfig: true })
const genConfig = (requestBody.request as Record<string, unknown>).generationConfig as Record<string, unknown>
expect(genConfig.thinkingConfig).toBeUndefined()
})
// #given: A request body without request.generationConfig
// #when: applyThinkingConfigToRequest is called
// #then: It should not modify the body (graceful handling)
it("should handle missing generationConfig gracefully", () => {
const requestBody: Record<string, unknown> = {}
applyThinkingConfigToRequest(requestBody, "gemini-2.5-flash", {
thinkingBudget: 24576,
includeThoughts: true,
})
expect(requestBody.request).toBeUndefined()
})
// #given: A request body and an unknown model
// #when: applyThinkingConfigToRequest is called
// #then: It should not set any thinking config (graceful handling)
it("should handle unknown model gracefully", () => {
const requestBody: Record<string, unknown> = {
request: {
generationConfig: {},
},
}
applyThinkingConfigToRequest(requestBody, "unknown-model", {
thinkingBudget: 24576,
includeThoughts: true,
})
const genConfig = (requestBody.request as Record<string, unknown>).generationConfig as Record<string, unknown>
expect(genConfig.thinkingConfig).toBeUndefined()
})
// #given: A request body with Gemini 3 and budget that maps to "low" level
// #when: applyThinkingConfigToRequest is called with uppercase level mapping
// #then: It should convert to lowercase ("low")
it("should convert uppercase level to lowercase", () => {
const requestBody: Record<string, unknown> = {
request: {
generationConfig: {},
},
}
const config: ThinkingConfig = { thinkingBudget: 1024, includeThoughts: true }
applyThinkingConfigToRequest(requestBody, "gemini-3-pro", config)
const genConfig = (requestBody.request as Record<string, unknown>).generationConfig as Record<string, unknown>
const thinkingConfig = genConfig.thinkingConfig as Record<string, unknown>
expect(thinkingConfig.thinkingLevel).toBe("low")
expect(thinkingConfig.thinkingLevel).not.toBe("LOW")
})
})

186
src/auth/antigravity/thinking.ts
View File

@@ -13,6 +13,13 @@
* Note: This is Gemini-only. Claude models are NOT handled by Antigravity.
*/
import {
normalizeModelId,
ANTIGRAVITY_MODEL_CONFIGS,
REASONING_EFFORT_BUDGET_MAP,
type AntigravityModelConfig,
} from "./constants"
/**
* Represents a single thinking/reasoning block extracted from Gemini response
*/
@@ -496,6 +503,7 @@ export function normalizeThinkingConfig(config: unknown): ThinkingConfig | undef
* Extract thinking configuration from request payload
*
* Supports both Gemini-style thinkingConfig and Anthropic-style thinking options.
* Also supports reasoning_effort parameter which maps to thinking budget/level.
*
* @param requestPayload - Request body
* @param generationConfig - Generation config from request
@@ -506,7 +514,7 @@ export function extractThinkingConfig(
requestPayload: Record<string, unknown>,
generationConfig?: Record<string, unknown>,
extraBody?: Record<string, unknown>,
): ThinkingConfig | undefined {
): ThinkingConfig | DeleteThinkingConfig | undefined {
// Check for explicit thinkingConfig
const thinkingConfig =
generationConfig?.thinkingConfig ?? extraBody?.thinkingConfig ?? requestPayload.thinkingConfig
@@ -535,6 +543,22 @@ export function extractThinkingConfig(
}
}
// Extract reasoning_effort parameter (maps to thinking budget/level)
const reasoningEffort = requestPayload.reasoning_effort ?? extraBody?.reasoning_effort
if (reasoningEffort && typeof reasoningEffort === "string") {
const budget = REASONING_EFFORT_BUDGET_MAP[reasoningEffort]
if (budget !== undefined) {
if (reasoningEffort === "none") {
// Special marker: delete thinkingConfig entirely
return { deleteThinkingConfig: true }
}
return {
includeThoughts: true,
thinkingBudget: budget,
}
}
}
return undefined
}
@@ -569,3 +593,163 @@ export function resolveThinkingConfig(
return userConfig
}
// ============================================================================
// Model Thinking Configuration (Task 2: reasoning_effort and Gemini 3 thinkingLevel)
// ============================================================================
/**
* Get thinking config for a model by normalized ID.
* Uses pattern matching fallback if exact match not found.
*
* @param model - Model identifier string (with or without provider prefix)
* @returns Thinking configuration or undefined if not found
*/
export function getModelThinkingConfig(
model: string,
): AntigravityModelConfig | undefined {
const normalized = normalizeModelId(model)
// Exact match
if (ANTIGRAVITY_MODEL_CONFIGS[normalized]) {
return ANTIGRAVITY_MODEL_CONFIGS[normalized]
}
// Pattern matching fallback for Gemini 3
if (normalized.includes("gemini-3")) {
return {
thinkingType: "levels",
min: 128,
max: 32768,
zeroAllowed: false,
levels: ["low", "high"],
}
}
// Pattern matching fallback for Gemini 2.5
if (normalized.includes("gemini-2.5")) {
return {
thinkingType: "numeric",
min: 0,
max: 24576,
zeroAllowed: true,
}
}
// Pattern matching fallback for Claude via Antigravity
if (normalized.includes("claude")) {
return {
thinkingType: "numeric",
min: 1024,
max: 200000,
zeroAllowed: false,
}
}
return undefined
}
/**
* Type for the delete thinking config marker.
* Used when reasoning_effort is "none" to signal complete removal.
*/
export interface DeleteThinkingConfig {
deleteThinkingConfig: true
}
/**
* Union type for thinking configuration input.
*/
export type ThinkingConfigInput = ThinkingConfig | DeleteThinkingConfig
/**
* Convert thinking budget to closest level string for Gemini 3 models.
*
* @param budget - Thinking budget in tokens
* @param model - Model identifier
* @returns Level string ("low", "high", etc.) or "medium" fallback
*/
export function budgetToLevel(budget: number, model: string): string {
const config = getModelThinkingConfig(model)
// Default fallback
if (!config?.levels) {
return "medium"
}
// Map budgets to levels
const budgetMap: Record<number, string> = {
512: "minimal",
1024: "low",
8192: "medium",
24576: "high",
}
// Return matching level or highest available
if (budgetMap[budget]) {
return budgetMap[budget]
}
return config.levels[config.levels.length - 1] || "high"
}
/**
* Apply thinking config to request body.
*
* CRITICAL: Sets request.generationConfig.thinkingConfig (NOT outer body!)
*
* Handles:
* - Gemini 3: Sets thinkingLevel (string)
* - Gemini 2.5: Sets thinkingBudget (number)
* - Delete marker: Removes thinkingConfig entirely
*
* @param requestBody - Request body to modify (mutates in place)
* @param model - Model identifier
* @param config - Thinking configuration or delete marker
*/
export function applyThinkingConfigToRequest(
requestBody: Record<string, unknown>,
model: string,
config: ThinkingConfigInput,
): void {
// Handle delete marker
if ("deleteThinkingConfig" in config && config.deleteThinkingConfig) {
if (requestBody.request && typeof requestBody.request === "object") {
const req = requestBody.request as Record<string, unknown>
if (req.generationConfig && typeof req.generationConfig === "object") {
const genConfig = req.generationConfig as Record<string, unknown>
delete genConfig.thinkingConfig
}
}
return
}
const modelConfig = getModelThinkingConfig(model)
if (!modelConfig) {
return
}
// Ensure request.generationConfig.thinkingConfig exists
if (!requestBody.request || typeof requestBody.request !== "object") {
return
}
const req = requestBody.request as Record<string, unknown>
if (!req.generationConfig || typeof req.generationConfig !== "object") {
req.generationConfig = {}
}
const genConfig = req.generationConfig as Record<string, unknown>
genConfig.thinkingConfig = {}
const thinkingConfig = genConfig.thinkingConfig as Record<string, unknown>
thinkingConfig.include_thoughts = true
if (modelConfig.thinkingType === "numeric") {
thinkingConfig.thinkingBudget = (config as ThinkingConfig).thinkingBudget
} else if (modelConfig.thinkingType === "levels") {
const budget = (config as ThinkingConfig).thinkingBudget ?? DEFAULT_THINKING_BUDGET
let level = budgetToLevel(budget, model)
// Convert uppercase to lowercase (think-mode hook sends "HIGH")
level = level.toLowerCase()
thinkingConfig.thinkingLevel = level
}
}

41
src/auth/antigravity/types.ts
View File

@@ -80,15 +80,11 @@ export interface AntigravityOnboardUserPayload {
* Wraps the actual request with project and model context
*/
export interface AntigravityRequestBody {
/** GCP project ID */
project: string
/** Model identifier (e.g., "gemini-3-pro-preview") */
model: string
/** User agent identifier */
userAgent: string
/** Unique request ID */
requestType: string
requestId: string
/** The actual request payload */
request: Record<string, unknown>
}
@@ -211,3 +207,38 @@ export interface ParsedOAuthError {
code?: string
description?: string
}
/**
* Multi-account support types
*/
/** All model families for rate limit tracking */
export const MODEL_FAMILIES = ["claude", "gemini-flash", "gemini-pro"] as const
/** Model family for rate limit tracking */
export type ModelFamily = (typeof MODEL_FAMILIES)[number]
/** Account tier for prioritization */
export type AccountTier = "free" | "paid"
/** Rate limit state per model family (Unix timestamps in ms) */
export type RateLimitState = Partial<Record<ModelFamily, number>>
/** Account metadata for storage */
export interface AccountMetadata {
email: string
tier: AccountTier
refreshToken: string
projectId: string
managedProjectId?: string
accessToken: string
expiresAt: number
rateLimits: RateLimitState
}
/** Storage schema for persisting multiple accounts */
export interface AccountStorage {
version: number
accounts: AccountMetadata[]
activeIndex: number
}

93
src/cli/commands/auth.ts Normal file
View File

@@ -0,0 +1,93 @@
import { loadAccounts, saveAccounts } from "../../auth/antigravity/storage"
import type { AccountStorage } from "../../auth/antigravity/types"
export async function listAccounts(): Promise<number> {
const accounts = await loadAccounts()
if (!accounts || accounts.accounts.length === 0) {
console.log("No accounts found.")
console.log("Run 'opencode auth login' and select Google (Antigravity) to add accounts.")
return 0
}
console.log(`\nGoogle Antigravity Accounts (${accounts.accounts.length}/10):\n`)
for (let i = 0; i < accounts.accounts.length; i++) {
const acc = accounts.accounts[i]
const isActive = i === accounts.activeIndex
const activeMarker = isActive ? "* " : " "
console.log(`${activeMarker}[${i}] ${acc.email || "Unknown"}`)
console.log(` Tier: ${acc.tier || "free"}`)
const rateLimits = acc.rateLimits || {}
const now = Date.now()
const limited: string[] = []
if (rateLimits.claude && rateLimits.claude > now) {
const mins = Math.ceil((rateLimits.claude - now) / 60000)
limited.push(`claude (${mins}m)`)
}
if (rateLimits["gemini-flash"] && rateLimits["gemini-flash"] > now) {
const mins = Math.ceil((rateLimits["gemini-flash"] - now) / 60000)
limited.push(`gemini-flash (${mins}m)`)
}
if (rateLimits["gemini-pro"] && rateLimits["gemini-pro"] > now) {
const mins = Math.ceil((rateLimits["gemini-pro"] - now) / 60000)
limited.push(`gemini-pro (${mins}m)`)
}
if (limited.length > 0) {
console.log(` Rate limited: ${limited.join(", ")}`)
}
console.log()
}
return 0
}
export async function removeAccount(indexOrEmail: string): Promise<number> {
const accounts = await loadAccounts()
if (!accounts || accounts.accounts.length === 0) {
console.error("No accounts found.")
return 1
}
let index: number
const parsedIndex = Number(indexOrEmail)
if (Number.isInteger(parsedIndex) && String(parsedIndex) === indexOrEmail) {
index = parsedIndex
} else {
index = accounts.accounts.findIndex((acc) => acc.email === indexOrEmail)
if (index === -1) {
console.error(`Account not found: ${indexOrEmail}`)
return 1
}
}
if (index < 0 || index >= accounts.accounts.length) {
console.error(`Invalid index: ${index}. Valid range: 0-${accounts.accounts.length - 1}`)
return 1
}
const removed = accounts.accounts[index]
accounts.accounts.splice(index, 1)
if (accounts.accounts.length === 0) {
accounts.activeIndex = -1
} else if (accounts.activeIndex >= accounts.accounts.length) {
accounts.activeIndex = accounts.accounts.length - 1
} else if (accounts.activeIndex > index) {
accounts.activeIndex--
}
await saveAccounts(accounts)
console.log(`Removed account: ${removed.email || "Unknown"} (index ${index})`)
console.log(`Remaining accounts: ${accounts.accounts.length}`)
return 0
}

40
src/cli/index.ts
View File

@@ -4,6 +4,7 @@ import { install } from "./install"
import { run } from "./run"
import { getLocalVersion } from "./get-local-version"
import { doctor } from "./doctor"
import { listAccounts, removeAccount } from "./commands/auth"
import type { InstallArgs } from "./types"
import type { RunOptions } from "./run"
import type { GetLocalVersionOptions } from "./get-local-version/types"
@@ -134,6 +135,45 @@ Categories:
process.exit(exitCode)
})
const authCommand = program
.command("auth")
.description("Manage Google Antigravity accounts")
authCommand
.command("list")
.description("List all Google Antigravity accounts")
.addHelpText("after", `
Examples:
$ bunx oh-my-opencode auth list
Shows:
- Account index and email
- Account tier (free/paid)
- Active account (marked with *)
- Rate limit status per model family
`)
.action(async () => {
const exitCode = await listAccounts()
process.exit(exitCode)
})
authCommand
.command("remove <index-or-email>")
.description("Remove an account by index or email")
.addHelpText("after", `
Examples:
$ bunx oh-my-opencode auth remove 0
$ bunx oh-my-opencode auth remove user@example.com
Note:
- Use 'auth list' to see account indices
- Removing the active account will switch to the next available account
`)
.action(async (indexOrEmail: string) => {
const exitCode = await removeAccount(indexOrEmail)
process.exit(exitCode)
})
program
.command("version")
.description("Show version information")