@@ -2,6 +2,10 @@
|
|||||||
|
|
||||||
## [Unreleased]
|
## [Unreleased]
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
|
||||||
|
- Fixed GitHub Copilot OAuth model availability to use the authenticated account's model picker catalog ([#5897](https://github.com/earendil-works/pi/issues/5897)).
|
||||||
|
|
||||||
## [0.79.8] - 2026-06-19
|
## [0.79.8] - 2026-06-19
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|||||||
@@ -9,6 +9,7 @@ import type { OAuthCredentials, OAuthDeviceCodeInfo, OAuthLoginCallbacks, OAuthP
|
|||||||
|
|
||||||
type CopilotCredentials = OAuthCredentials & {
|
type CopilotCredentials = OAuthCredentials & {
|
||||||
enterpriseUrl?: string;
|
enterpriseUrl?: string;
|
||||||
|
availableModelIds: string[];
|
||||||
};
|
};
|
||||||
|
|
||||||
const decode = (s: string) => atob(s);
|
const decode = (s: string) => atob(s);
|
||||||
@@ -20,6 +21,7 @@ const COPILOT_HEADERS = {
|
|||||||
"Editor-Plugin-Version": "copilot-chat/0.35.0",
|
"Editor-Plugin-Version": "copilot-chat/0.35.0",
|
||||||
"Copilot-Integration-Id": "vscode-chat",
|
"Copilot-Integration-Id": "vscode-chat",
|
||||||
} as const;
|
} as const;
|
||||||
|
const COPILOT_API_VERSION = "2026-06-01";
|
||||||
|
|
||||||
type DeviceCodeResponse = {
|
type DeviceCodeResponse = {
|
||||||
device_code: string;
|
device_code: string;
|
||||||
@@ -88,6 +90,48 @@ export function getGitHubCopilotBaseUrl(token?: string, enterpriseDomain?: strin
|
|||||||
return "https://api.individual.githubcopilot.com";
|
return "https://api.individual.githubcopilot.com";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function asRecord(value: unknown): Record<string, unknown> | undefined {
|
||||||
|
return value && typeof value === "object" ? (value as Record<string, unknown>) : undefined;
|
||||||
|
}
|
||||||
|
|
||||||
|
function isSelectableCopilotModel(item: Record<string, unknown>): boolean {
|
||||||
|
const policy = asRecord(item.policy);
|
||||||
|
const capabilities = asRecord(item.capabilities);
|
||||||
|
const supports = asRecord(capabilities?.supports);
|
||||||
|
return item.model_picker_enabled === true && policy?.state !== "disabled" && supports?.tool_calls !== false;
|
||||||
|
}
|
||||||
|
|
||||||
|
function parseAvailableCopilotModelIds(raw: unknown): string[] {
|
||||||
|
const data = asRecord(raw)?.data;
|
||||||
|
if (!Array.isArray(data)) {
|
||||||
|
throw new Error("Invalid Copilot models response");
|
||||||
|
}
|
||||||
|
|
||||||
|
const ids: string[] = [];
|
||||||
|
for (const rawItem of data) {
|
||||||
|
const item = asRecord(rawItem);
|
||||||
|
const id = item?.id;
|
||||||
|
if (typeof id === "string" && item && isSelectableCopilotModel(item)) {
|
||||||
|
ids.push(id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return ids;
|
||||||
|
}
|
||||||
|
|
||||||
|
async function fetchAvailableGitHubCopilotModelIds(copilotToken: string, enterpriseDomain?: string): Promise<string[]> {
|
||||||
|
const baseUrl = getGitHubCopilotBaseUrl(copilotToken, enterpriseDomain);
|
||||||
|
const raw = await fetchJson(`${baseUrl}/models`, {
|
||||||
|
headers: {
|
||||||
|
Accept: "application/json",
|
||||||
|
Authorization: `Bearer ${copilotToken}`,
|
||||||
|
...COPILOT_HEADERS,
|
||||||
|
"X-GitHub-Api-Version": COPILOT_API_VERSION,
|
||||||
|
},
|
||||||
|
signal: AbortSignal.timeout(5000),
|
||||||
|
});
|
||||||
|
return parseAvailableCopilotModelIds(raw);
|
||||||
|
}
|
||||||
|
|
||||||
async function fetchJson(url: string, init: RequestInit): Promise<unknown> {
|
async function fetchJson(url: string, init: RequestInit): Promise<unknown> {
|
||||||
const response = await fetch(url, init);
|
const response = await fetch(url, init);
|
||||||
if (!response.ok) {
|
if (!response.ok) {
|
||||||
@@ -201,10 +245,7 @@ async function pollForGitHubAccessToken(
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
async function refreshGitHubCopilotAccessToken(
|
||||||
* Refresh GitHub Copilot token
|
|
||||||
*/
|
|
||||||
export async function refreshGitHubCopilotToken(
|
|
||||||
refreshToken: string,
|
refreshToken: string,
|
||||||
enterpriseDomain?: string,
|
enterpriseDomain?: string,
|
||||||
): Promise<OAuthCredentials> {
|
): Promise<OAuthCredentials> {
|
||||||
@@ -238,6 +279,20 @@ export async function refreshGitHubCopilotToken(
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Refresh GitHub Copilot token
|
||||||
|
*/
|
||||||
|
export async function refreshGitHubCopilotToken(
|
||||||
|
refreshToken: string,
|
||||||
|
enterpriseDomain?: string,
|
||||||
|
): Promise<OAuthCredentials> {
|
||||||
|
const credentials = await refreshGitHubCopilotAccessToken(refreshToken, enterpriseDomain);
|
||||||
|
return {
|
||||||
|
...credentials,
|
||||||
|
availableModelIds: await fetchAvailableGitHubCopilotModelIds(credentials.access, enterpriseDomain),
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Enable a model for the user's GitHub Copilot account.
|
* Enable a model for the user's GitHub Copilot account.
|
||||||
* This is required for some models (like Claude, Grok) before they can be used.
|
* This is required for some models (like Claude, Grok) before they can be used.
|
||||||
@@ -322,12 +377,18 @@ export async function loginGitHubCopilot(options: {
|
|||||||
});
|
});
|
||||||
|
|
||||||
const githubAccessToken = await pollForGitHubAccessToken(domain, device, options.signal);
|
const githubAccessToken = await pollForGitHubAccessToken(domain, device, options.signal);
|
||||||
const credentials = await refreshGitHubCopilotToken(githubAccessToken, enterpriseDomain ?? undefined);
|
const credentials = await refreshGitHubCopilotAccessToken(githubAccessToken, enterpriseDomain ?? undefined);
|
||||||
|
|
||||||
// Enable all models after successful login
|
// Enable all models after successful login
|
||||||
options.onProgress?.("Enabling models...");
|
options.onProgress?.("Enabling models...");
|
||||||
await enableAllGitHubCopilotModels(credentials.access, enterpriseDomain ?? undefined);
|
await enableAllGitHubCopilotModels(credentials.access, enterpriseDomain ?? undefined);
|
||||||
return credentials;
|
|
||||||
|
// Fetch availability after policy enable so newly enabled models are included,
|
||||||
|
// while unavailable models are still filtered out.
|
||||||
|
return {
|
||||||
|
...credentials,
|
||||||
|
availableModelIds: await fetchAvailableGitHubCopilotModelIds(credentials.access, enterpriseDomain ?? undefined),
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
export const githubCopilotOAuthProvider: OAuthProviderInterface = {
|
export const githubCopilotOAuthProvider: OAuthProviderInterface = {
|
||||||
@@ -356,6 +417,14 @@ export const githubCopilotOAuthProvider: OAuthProviderInterface = {
|
|||||||
const creds = credentials as CopilotCredentials;
|
const creds = credentials as CopilotCredentials;
|
||||||
const domain = creds.enterpriseUrl ? (normalizeDomain(creds.enterpriseUrl) ?? undefined) : undefined;
|
const domain = creds.enterpriseUrl ? (normalizeDomain(creds.enterpriseUrl) ?? undefined) : undefined;
|
||||||
const baseUrl = getGitHubCopilotBaseUrl(creds.access, domain);
|
const baseUrl = getGitHubCopilotBaseUrl(creds.access, domain);
|
||||||
return models.map((m) => (m.provider === "github-copilot" ? { ...m, baseUrl } : m));
|
// Older stored Pi auth entries do not have account-specific model IDs yet;
|
||||||
|
// keep their existing generated-catalog behavior until the next refresh/login.
|
||||||
|
const availableModelIds = "availableModelIds" in creds ? new Set(creds.availableModelIds) : undefined;
|
||||||
|
|
||||||
|
return models.flatMap((m) => {
|
||||||
|
if (m.provider !== "github-copilot") return [m];
|
||||||
|
if (availableModelIds && !availableModelIds.has(m.id)) return [];
|
||||||
|
return [{ ...m, baseUrl }];
|
||||||
|
});
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -1,5 +1,10 @@
|
|||||||
import { afterEach, describe, expect, it, vi } from "vitest";
|
import { afterEach, describe, expect, it, vi } from "vitest";
|
||||||
import { loginGitHubCopilot } from "../src/utils/oauth/github-copilot.ts";
|
import { getModels } from "../src/models.ts";
|
||||||
|
import {
|
||||||
|
githubCopilotOAuthProvider,
|
||||||
|
loginGitHubCopilot,
|
||||||
|
refreshGitHubCopilotToken,
|
||||||
|
} from "../src/utils/oauth/github-copilot.ts";
|
||||||
|
|
||||||
function jsonResponse(body: unknown, status: number = 200): Response {
|
function jsonResponse(body: unknown, status: number = 200): Response {
|
||||||
return new Response(JSON.stringify(body), {
|
return new Response(JSON.stringify(body), {
|
||||||
@@ -29,6 +34,57 @@ describe("GitHub Copilot OAuth device flow", () => {
|
|||||||
vi.useRealTimers();
|
vi.useRealTimers();
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it("filters models to the authenticated account picker catalog", async () => {
|
||||||
|
const fetchMock = vi.fn(async (input: unknown, init?: RequestInit): Promise<Response> => {
|
||||||
|
const url = getUrl(input);
|
||||||
|
|
||||||
|
if (url.includes("/copilot_internal/v2/token")) {
|
||||||
|
return jsonResponse({
|
||||||
|
token: "tid=test;exp=9999999999;proxy-ep=proxy.individual.githubcopilot.com;",
|
||||||
|
expires_at: 9999999999,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
if (url === "https://api.individual.githubcopilot.com/models") {
|
||||||
|
expect(init?.headers).toMatchObject({
|
||||||
|
Authorization: "Bearer tid=test;exp=9999999999;proxy-ep=proxy.individual.githubcopilot.com;",
|
||||||
|
});
|
||||||
|
return jsonResponse({
|
||||||
|
data: [
|
||||||
|
{
|
||||||
|
id: "gpt-4.1",
|
||||||
|
model_picker_enabled: true,
|
||||||
|
capabilities: { supports: { tool_calls: true } },
|
||||||
|
},
|
||||||
|
{
|
||||||
|
id: "claude-opus-4.7",
|
||||||
|
model_picker_enabled: true,
|
||||||
|
policy: { state: "disabled" },
|
||||||
|
capabilities: { supports: { tool_calls: true } },
|
||||||
|
},
|
||||||
|
{
|
||||||
|
id: "gpt-5.4-nano",
|
||||||
|
model_picker_enabled: false,
|
||||||
|
capabilities: { supports: { tool_calls: true } },
|
||||||
|
},
|
||||||
|
],
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
throw new Error(`Unexpected fetch URL: ${url}`);
|
||||||
|
});
|
||||||
|
|
||||||
|
vi.stubGlobal("fetch", fetchMock);
|
||||||
|
|
||||||
|
const credentials = await refreshGitHubCopilotToken("ghu_refresh_token");
|
||||||
|
expect(credentials.availableModelIds).toEqual(["gpt-4.1"]);
|
||||||
|
|
||||||
|
const modifiedModels = githubCopilotOAuthProvider.modifyModels?.(getModels("github-copilot"), credentials) ?? [];
|
||||||
|
expect(modifiedModels.filter((model) => model.provider === "github-copilot").map((model) => model.id)).toEqual([
|
||||||
|
"gpt-4.1",
|
||||||
|
]);
|
||||||
|
});
|
||||||
|
|
||||||
it("reports device-code details through onDeviceCode", async () => {
|
it("reports device-code details through onDeviceCode", async () => {
|
||||||
vi.useFakeTimers();
|
vi.useFakeTimers();
|
||||||
vi.setSystemTime(new Date("2026-03-09T00:00:00Z"));
|
vi.setSystemTime(new Date("2026-03-09T00:00:00Z"));
|
||||||
@@ -57,6 +113,10 @@ describe("GitHub Copilot OAuth device flow", () => {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (url.endsWith("/models")) {
|
||||||
|
return jsonResponse({ data: [] });
|
||||||
|
}
|
||||||
|
|
||||||
if (url.includes("/models/") && url.endsWith("/policy")) {
|
if (url.includes("/models/") && url.endsWith("/policy")) {
|
||||||
return new Response("", { status: 200 });
|
return new Response("", { status: 200 });
|
||||||
}
|
}
|
||||||
@@ -146,6 +206,10 @@ describe("GitHub Copilot OAuth device flow", () => {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (url.endsWith("/models")) {
|
||||||
|
return jsonResponse({ data: [] });
|
||||||
|
}
|
||||||
|
|
||||||
if (url.includes("/models/") && url.endsWith("/policy")) {
|
if (url.includes("/models/") && url.endsWith("/policy")) {
|
||||||
return new Response("", { status: 200 });
|
return new Response("", { status: 200 });
|
||||||
}
|
}
|
||||||
@@ -231,6 +295,10 @@ describe("GitHub Copilot OAuth device flow", () => {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (url.endsWith("/models")) {
|
||||||
|
return jsonResponse({ data: [] });
|
||||||
|
}
|
||||||
|
|
||||||
if (url.includes("/models/") && url.endsWith("/policy")) {
|
if (url.includes("/models/") && url.endsWith("/policy")) {
|
||||||
return new Response("", { status: 200 });
|
return new Response("", { status: 200 });
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -4,6 +4,7 @@
|
|||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
|
- Fixed `/model` to hide GitHub Copilot models that are unavailable to the authenticated account ([#5897](https://github.com/earendil-works/pi/issues/5897)).
|
||||||
- Fixed `/model` selector search to rank exact provider-prefixed matches before proxy-provider model ID matches ([#5892](https://github.com/earendil-works/pi/issues/5892)).
|
- Fixed `/model` selector search to rank exact provider-prefixed matches before proxy-provider model ID matches ([#5892](https://github.com/earendil-works/pi/issues/5892)).
|
||||||
|
|
||||||
## [0.79.8] - 2026-06-19
|
## [0.79.8] - 2026-06-19
|
||||||
|
|||||||
@@ -1669,6 +1669,25 @@ describe("ModelRegistry", () => {
|
|||||||
expect(count).toBe(0);
|
expect(count).toBe(0);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
test("getAvailable filters GitHub Copilot OAuth models to account picker availability", () => {
|
||||||
|
authStorage.set("github-copilot", {
|
||||||
|
type: "oauth",
|
||||||
|
refresh: "github-access-token",
|
||||||
|
access: "tid=test;exp=9999999999;proxy-ep=proxy.individual.githubcopilot.com;",
|
||||||
|
expires: Date.now() + 60_000,
|
||||||
|
availableModelIds: ["gpt-4.1"],
|
||||||
|
});
|
||||||
|
|
||||||
|
const registry = ModelRegistry.create(authStorage, modelsJsonPath);
|
||||||
|
|
||||||
|
expect(
|
||||||
|
registry
|
||||||
|
.getAvailable()
|
||||||
|
.filter((m) => m.provider === "github-copilot")
|
||||||
|
.map((m) => m.id),
|
||||||
|
).toEqual(["gpt-4.1"]);
|
||||||
|
});
|
||||||
|
|
||||||
test("getApiKeyAndHeaders resolves authHeader on every request", async () => {
|
test("getApiKeyAndHeaders resolves authHeader on every request", async () => {
|
||||||
const tokenFile = join(tempDir, "token");
|
const tokenFile = join(tempDir, "token");
|
||||||
writeFileSync(tokenFile, "token-1");
|
writeFileSync(tokenFile, "token-1");
|
||||||
|
|||||||
Reference in New Issue
Block a user