huangzhenpc/kirogo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: improve logging, tool compatibility, and endpoint configuration

Browse Source
This commit is contained in:
Quorinex
2026-05-13 13:59:52 +08:00
parent 1732b17ff9
commit 0f8035d90e
9 changed files with 506 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
auth/oidc.go
View File

@@ -11,7 +11,8 @@ import (
)
// RefreshToken 刷新 access token
func RefreshToken(account *config.Account) (string, string, int64, error) {
// Returns: accessToken, refreshToken, expiresAt, profileArn, error
func RefreshToken(account *config.Account) (string, string, int64, string, error) {
if account.AuthMethod == "social" {
return refreshSocialToken(account.RefreshToken)
}
@@ -19,9 +20,9 @@ func RefreshToken(account *config.Account) (string, string, int64, error) {
}
// refreshOIDCToken IdC/Builder ID token 刷新
func refreshOIDCToken(refreshToken, clientID, clientSecret, region string) (string, string, int64, error) {
func refreshOIDCToken(refreshToken, clientID, clientSecret, region string) (string, string, int64, string, error) {
if clientID == "" || clientSecret == "" {
return "", "", 0, fmt.Errorf("OIDC refresh requires clientId and clientSecret")
return "", "", 0, "", fmt.Errorf("OIDC refresh requires clientId and clientSecret")
}
if region == "" {
region = "us-east-1"
@@ -42,31 +43,32 @@ func refreshOIDCToken(refreshToken, clientID, clientSecret, region string) (stri
resp, err := httpClient().Do(req)
if err != nil {
return "", "", 0, err
return "", "", 0, "", err
}
defer resp.Body.Close()
if resp.StatusCode != 200 {
respBody, _ := io.ReadAll(resp.Body)
return "", "", 0, fmt.Errorf("refresh failed: %d %s", resp.StatusCode, string(respBody))
return "", "", 0, "", fmt.Errorf("refresh failed: %d %s", resp.StatusCode, string(respBody))
}
var result struct {
AccessToken string `json:"accessToken"`
RefreshToken string `json:"refreshToken"`
ExpiresIn int `json:"expiresIn"`
ProfileArn string `json:"profileArn"`
}
if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
return "", "", 0, err
return "", "", 0, "", err
}
expiresAt := time.Now().Unix() + int64(result.ExpiresIn)
return result.AccessToken, result.RefreshToken, expiresAt, nil
return result.AccessToken, result.RefreshToken, expiresAt, result.ProfileArn, nil
}
// refreshSocialToken Social (GitHub/Google) token 刷新
func refreshSocialToken(refreshToken string) (string, string, int64, error) {
func refreshSocialToken(refreshToken string) (string, string, int64, string, error) {
url := "https://prod.us-east-1.auth.desktop.kiro.dev/refreshToken"
payload := map[string]string{
@@ -79,25 +81,26 @@ func refreshSocialToken(refreshToken string) (string, string, int64, error) {
resp, err := httpClient().Do(req)
if err != nil {
return "", "", 0, err
return "", "", 0, "", err
}
defer resp.Body.Close()
if resp.StatusCode != 200 {
respBody, _ := io.ReadAll(resp.Body)
return "", "", 0, fmt.Errorf("refresh failed: %d %s", resp.StatusCode, string(respBody))
return "", "", 0, "", fmt.Errorf("refresh failed: %d %s", resp.StatusCode, string(respBody))
}
var result struct {
AccessToken string `json:"accessToken"`
RefreshToken string `json:"refreshToken"`
ExpiresIn int `json:"expiresIn"`
ProfileArn string `json:"profileArn"`
}
if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
return "", "", 0, err
return "", "", 0, "", err
}
expiresAt := time.Now().Unix() + int64(result.ExpiresIn)
return result.AccessToken, result.RefreshToken, expiresAt, nil
return result.AccessToken, result.RefreshToken, expiresAt, result.ProfileArn, nil
}