Fix bug

2026-03-31 15:41:52 +07:00 · 2026-03-31 15:41:52 +07:00 · 9708541f6d
commit 9708541f6d
parent 8640503b36
13 changed files with 471 additions and 13 deletions
--- a/src/lib/oauth/constants/oauth.js
+++ b/src/lib/oauth/constants/oauth.js
@ -63,6 +63,17 @@ export const QWEN_CONFIG = {
  codeChallengeMethod: "S256",
 };

+// Qoder OAuth Configuration (Device Token Flow)
+export const QODER_CONFIG = {
+  apiBaseUrl: "https://api2.qoder.sh",
+  deviceTokenUrl: "https://api2.qoder.sh/api/v1/deviceToken/poll",
+  deviceRefreshUrl: "https://api2.qoder.sh/api/v1/deviceToken/refresh",
+  refreshUrl: "https://api2.qoder.sh/api/v3/user/refresh_token",
+  userInfoUrl: "https://api2.qoder.sh/api/v1/userinfo",
+  statusUrl: "https://api2.qoder.sh/api/v3/user/status",
+  loginUrl: "https://qoder.com/login",
+};
+
 // iFlow OAuth Configuration (Authorization Code)
 export const IFLOW_CONFIG = {
  clientId: "10009311001",
@ -250,6 +261,7 @@ export const PROVIDERS = {
  CODEX: "codex",
  GEMINI: "gemini-cli",
  QWEN: "qwen",
+  QODER: "qoder",
  IFLOW: "iflow",
  ANTIGRAVITY: "antigravity",
  OPENAI: "openai",
--- a/src/lib/oauth/providers.js
+++ b/src/lib/oauth/providers.js
@ -12,6 +12,7 @@ import {
  CODEX_CONFIG,
  GEMINI_CONFIG,
  QWEN_CONFIG,
+  QODER_CONFIG,
  IFLOW_CONFIG,
  ANTIGRAVITY_CONFIG,
  GITHUB_CONFIG,
@ -424,6 +425,84 @@ const PROVIDERS = {
    }),
  },

+  qoder: {
+    config: QODER_CONFIG,
+    flowType: "authorization_code",
+    buildAuthUrl: (config, redirectUri, state) => {
+      const params = new URLSearchParams({
+        client_id: config.clientId,
+        response_type: "code",
+        redirect_uri: redirectUri,
+        state: state,
+      });
+      return `${config.authorizeUrl}?${params.toString()}`;
+    },
+    exchangeToken: async (config, code, redirectUri) => {
+      const basicAuth = Buffer.from(`${config.clientId}:${config.clientSecret}`).toString("base64");
+
+      const response = await fetch(config.tokenUrl, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/x-www-form-urlencoded",
+          Accept: "application/json",
+          Authorization: `Basic ${basicAuth}`,
+        },
+        body: new URLSearchParams({
+          grant_type: "authorization_code",
+          code: code,
+          redirect_uri: redirectUri,
+          client_id: config.clientId,
+          client_secret: config.clientSecret,
+        }),
+      });
+
+      if (!response.ok) {
+        const error = await response.text();
+        throw new Error(`Token exchange failed: ${error}`);
+      }
+
+      return await response.json();
+    },
+    postExchange: async (tokens) => {
+      // Fetch user info (MUST succeed to get API key)
+      const userInfoRes = await fetch(
+        `${QODER_CONFIG.userInfoUrl}?accessToken=${encodeURIComponent(tokens.access_token)}`,
+        { headers: { Accept: "application/json" } }
+      );
+
+      if (!userInfoRes.ok) {
+        const errorText = await userInfoRes.text();
+        throw new Error(`Failed to fetch user info: ${errorText}`);
+      }
+
+      const result = await userInfoRes.json();
+      if (!result.success) {
+        throw new Error(`User info request failed: ${result.message || "Unknown error"}`);
+      }
+
+      const userInfo = result.data || {};
+
+      if (!userInfo.apiKey || userInfo.apiKey.trim() === "") {
+        throw new Error("Empty API key returned from Qoder");
+      }
+
+      const email = userInfo.email?.trim() || userInfo.phone?.trim();
+      if (!email) {
+        throw new Error("Missing account email/phone in user info");
+      }
+
+      return { userInfo };
+    },
+    mapTokens: (tokens, extra) => ({
+      accessToken: tokens.access_token,
+      refreshToken: tokens.refresh_token,
+      expiresIn: tokens.expires_in,
+      apiKey: extra?.userInfo?.apiKey,
+      email: extra?.userInfo?.email || extra?.userInfo?.phone,
+      displayName: extra?.userInfo?.nickname || extra?.userInfo?.name,
+    }),
+  },
+
  qwen: {
    config: QWEN_CONFIG,
    flowType: "device_code",
--- a/src/lib/oauth/services/index.js
+++ b/src/lib/oauth/services/index.js
@ -8,6 +8,7 @@ export { CodexService } from "./codex.js";
 export { GeminiCLIService } from "./gemini.js";
 export { QwenService } from "./qwen.js";
 export { IFlowService } from "./iflow.js";
+export { QoderService } from "./qoder.js";
 export { AntigravityService } from "./antigravity.js";
 export { OpenAIService } from "./openai.js";
 export { GitHubService } from "./github.js";
--- a/src/lib/oauth/services/qoder.js
+++ b/src/lib/oauth/services/qoder.js
@ -0,0 +1,232 @@
+import crypto from "crypto";
+import open from "open";
+import { QODER_CONFIG } from "../constants/oauth.js";
+import { getServerCredentials } from "../config/index.js";
+import { startLocalServer } from "../utils/server.js";
+import { spinner as createSpinner } from "../utils/ui.js";
+
+/**
+ * Qoder OAuth Service
+ * Uses Authorization Code flow with Basic Auth
+ */
+export class QoderService {
+  constructor() {
+    this.config = QODER_CONFIG;
+  }
+
+  /**
+   * Build Qoder authorization URL
+   */
+  buildAuthUrl(redirectUri, state) {
+    const params = new URLSearchParams({
+      client_id: this.config.clientId,
+      response_type: "code",
+      redirect_uri: redirectUri,
+      state: state,
+    });
+
+    return `${this.config.authorizeUrl}?${params.toString()}`;
+  }
+
+  /**
+   * Exchange authorization code for tokens
+   */
+  async exchangeCode(code, redirectUri) {
+    const basicAuth = Buffer.from(
+      `${this.config.clientId}:${this.config.clientSecret}`
+    ).toString("base64");
+
+    const response = await fetch(this.config.tokenUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        Accept: "application/json",
+        Authorization: `Basic ${basicAuth}`,
+      },
+      body: new URLSearchParams({
+        grant_type: "authorization_code",
+        code: code,
+        redirect_uri: redirectUri,
+        client_id: this.config.clientId,
+        client_secret: this.config.clientSecret,
+      }),
+    });
+
+    if (!response.ok) {
+      const error = await response.text();
+      throw new Error(`Token exchange failed: ${error}`);
+    }
+
+    return await response.json();
+  }
+
+  /**
+   * Refresh access token using refresh token
+   */
+  async refreshToken(refreshToken) {
+    const basicAuth = Buffer.from(
+      `${this.config.clientId}:${this.config.clientSecret}`
+    ).toString("base64");
+
+    const response = await fetch(this.config.tokenUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        Accept: "application/json",
+        Authorization: `Basic ${basicAuth}`,
+      },
+      body: new URLSearchParams({
+        grant_type: "refresh_token",
+        refresh_token: refreshToken,
+        client_id: this.config.clientId,
+        client_secret: this.config.clientSecret,
+      }),
+    });
+
+    if (!response.ok) {
+      const error = await response.text();
+      throw new Error(`Token refresh failed: ${error}`);
+    }
+
+    return await response.json();
+  }
+
+  /**
+   * Get user info from Qoder
+   */
+  async getUserInfo(accessToken) {
+    const response = await fetch(
+      `${this.config.userInfoUrl}?accessToken=${encodeURIComponent(accessToken)}`,
+      { headers: { Accept: "application/json" } }
+    );
+
+    if (!response.ok) {
+      const error = await response.text();
+      throw new Error(`Failed to get user info: ${error}`);
+    }
+
+    const result = await response.json();
+
+    if (!result.success) {
+      throw new Error("Failed to get user info");
+    }
+
+    return result.data;
+  }
+
+  /**
+   * Save Qoder tokens to server
+   */
+  async saveTokens(tokens, userInfo) {
+    const { server, token, userId } = getServerCredentials();
+
+    const response = await fetch(`${server}/api/cli/providers/qoder`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${token}`,
+        "X-User-Id": userId,
+      },
+      body: JSON.stringify({
+        accessToken: tokens.access_token,
+        refreshToken: tokens.refresh_token,
+        expiresIn: tokens.expires_in,
+        apiKey: userInfo.apiKey,
+        email: userInfo.email || userInfo.phone,
+      }),
+    });
+
+    if (!response.ok) {
+      const error = await response.json();
+      throw new Error(error.error || "Failed to save tokens");
+    }
+
+    return await response.json();
+  }
+
+  /**
+   * Refresh and update tokens on server
+   */
+  async refreshAndSave(existingRefreshToken) {
+    const spinner = createSpinner("Refreshing Qoder token...").start();
+
+    try {
+      const tokens = await this.refreshToken(existingRefreshToken);
+      const userInfo = await this.getUserInfo(tokens.access_token);
+      await this.saveTokens(tokens, userInfo);
+      spinner.succeed("Qoder token refreshed successfully");
+      return tokens;
+    } catch (error) {
+      spinner.fail(`Token refresh failed: ${error.message}`);
+      throw error;
+    }
+  }
+
+  /**
+   * Complete Qoder OAuth flow
+   */
+  async connect() {
+    const spinner = createSpinner("Starting Qoder OAuth...").start();
+
+    try {
+      spinner.text = "Starting local server...";
+
+      let callbackParams = null;
+      const { port, close } = await startLocalServer((params) => {
+        callbackParams = params;
+      });
+
+      const redirectUri = `http://localhost:${port}/callback`;
+      spinner.succeed(`Local server started on port ${port}`);
+
+      const state = crypto.randomBytes(32).toString("base64url");
+      const authUrl = this.buildAuthUrl(redirectUri, state);
+
+      console.log("\nOpening browser for Qoder authentication...");
+      console.log(`If browser doesn't open, visit:\n${authUrl}\n`);
+
+      await open(authUrl);
+
+      spinner.start("Waiting for Qoder authorization...");
+
+      await new Promise((resolve, reject) => {
+        const timeout = setTimeout(() => {
+          reject(new Error("Authentication timeout (5 minutes)"));
+        }, 300000);
+
+        const checkInterval = setInterval(() => {
+          if (callbackParams) {
+            clearInterval(checkInterval);
+            clearTimeout(timeout);
+            resolve();
+          }
+        }, 100);
+      });
+
+      close();
+
+      if (callbackParams.error) {
+        throw new Error(callbackParams.error_description || callbackParams.error);
+      }
+
+      if (!callbackParams.code) {
+        throw new Error("No authorization code received");
+      }
+
+      spinner.start("Exchanging code for tokens...");
+      const tokens = await this.exchangeCode(callbackParams.code, redirectUri);
+
+      spinner.text = "Fetching user info...";
+      const userInfo = await this.getUserInfo(tokens.access_token);
+
+      spinner.text = "Saving tokens to server...";
+      await this.saveTokens(tokens, userInfo);
+
+      spinner.succeed(`Qoder connected successfully! (${userInfo.email || userInfo.phone})`);
+      return true;
+    } catch (error) {
+      spinner.fail(`Failed: ${error.message}`);
+      throw error;
+    }
+  }
+}