2025-06-09 15:14:06 -07:00
|
|
|
/**
|
|
|
|
|
* @license
|
|
|
|
|
* Copyright 2025 Google LLC
|
|
|
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
|
|
|
*/
|
|
|
|
|
|
2025-08-26 00:04:53 +02:00
|
|
|
import type {
|
2025-06-26 08:27:20 -07:00
|
|
|
ClientMetadata,
|
|
|
|
|
GeminiUserTier,
|
2026-02-02 20:27:55 -08:00
|
|
|
IneligibleTier,
|
2025-06-26 08:27:20 -07:00
|
|
|
LoadCodeAssistResponse,
|
|
|
|
|
OnboardUserRequest,
|
|
|
|
|
} from './types.js';
|
2026-01-26 06:31:19 -08:00
|
|
|
import { UserTierId, IneligibleTierReasonCode } from './types.js';
|
2025-06-12 18:00:17 -07:00
|
|
|
import { CodeAssistServer } from './server.js';
|
2025-10-27 16:05:11 -04:00
|
|
|
import type { AuthClient } from 'google-auth-library';
|
2026-01-26 06:31:19 -08:00
|
|
|
import type { ValidationHandler } from '../fallback/types.js';
|
|
|
|
|
import { ChangeAuthRequestedError } from '../utils/errors.js';
|
|
|
|
|
import { ValidationRequiredError } from '../utils/googleQuotaErrors.js';
|
2025-06-09 15:14:06 -07:00
|
|
|
|
2025-06-26 08:27:20 -07:00
|
|
|
export class ProjectIdRequiredError extends Error {
|
|
|
|
|
constructor() {
|
|
|
|
|
super(
|
2025-10-09 16:12:54 +05:30
|
|
|
'This account requires setting the GOOGLE_CLOUD_PROJECT or GOOGLE_CLOUD_PROJECT_ID env var. See https://goo.gle/gemini-cli-auth-docs#workspace-gca',
|
2025-06-26 08:27:20 -07:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-26 06:31:19 -08:00
|
|
|
/**
|
|
|
|
|
* Error thrown when user cancels the validation process.
|
|
|
|
|
* This is a non-recoverable error that should result in auth failure.
|
|
|
|
|
*/
|
|
|
|
|
export class ValidationCancelledError extends Error {
|
|
|
|
|
constructor() {
|
|
|
|
|
super('User cancelled account validation');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-02 20:27:55 -08:00
|
|
|
export class IneligibleTierError extends Error {
|
|
|
|
|
readonly ineligibleTiers: IneligibleTier[];
|
|
|
|
|
|
|
|
|
|
constructor(ineligibleTiers: IneligibleTier[]) {
|
|
|
|
|
const reasons = ineligibleTiers.map((t) => t.reasonMessage).join(', ');
|
|
|
|
|
super(reasons);
|
|
|
|
|
this.ineligibleTiers = ineligibleTiers;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2025-07-21 13:44:43 -07:00
|
|
|
export interface UserData {
|
|
|
|
|
projectId: string;
|
|
|
|
|
userTier: UserTierId;
|
2026-01-23 16:03:53 -05:00
|
|
|
userTierName?: string;
|
2025-07-21 13:44:43 -07:00
|
|
|
}
|
|
|
|
|
|
2025-06-10 16:00:13 -07:00
|
|
|
/**
|
2026-01-26 19:45:39 -08:00
|
|
|
* Sets up the user by loading their Code Assist configuration and onboarding if needed.
|
2025-06-10 16:00:13 -07:00
|
|
|
*
|
2026-01-26 19:45:39 -08:00
|
|
|
* Tier eligibility:
|
|
|
|
|
* - FREE tier: Eligibility is determined by the Code Assist server response.
|
|
|
|
|
* - STANDARD tier: User is always eligible if they have a valid project ID.
|
|
|
|
|
*
|
|
|
|
|
* If no valid project ID is available (from env var or server response):
|
|
|
|
|
* - Surfaces ineligibility reasons for the FREE tier from the server.
|
|
|
|
|
* - Throws ProjectIdRequiredError if no ineligibility reasons are available.
|
|
|
|
|
*
|
|
|
|
|
* Handles VALIDATION_REQUIRED via the optional validation handler, allowing
|
|
|
|
|
* retry, auth change, or cancellation.
|
|
|
|
|
*
|
|
|
|
|
* @param client - The authenticated client to use for API calls
|
|
|
|
|
* @param validationHandler - Optional handler for account validation flow
|
|
|
|
|
* @returns The user's project ID, tier ID, and tier name
|
|
|
|
|
* @throws {ValidationRequiredError} If account validation is required
|
|
|
|
|
* @throws {ProjectIdRequiredError} If no project ID is available and required
|
|
|
|
|
* @throws {ValidationCancelledError} If user cancels validation
|
|
|
|
|
* @throws {ChangeAuthRequestedError} If user requests to change auth method
|
2025-06-10 16:00:13 -07:00
|
|
|
*/
|
2026-01-26 06:31:19 -08:00
|
|
|
export async function setupUser(
|
|
|
|
|
client: AuthClient,
|
|
|
|
|
validationHandler?: ValidationHandler,
|
|
|
|
|
): Promise<UserData> {
|
2025-10-09 16:12:54 +05:30
|
|
|
const projectId =
|
|
|
|
|
process.env['GOOGLE_CLOUD_PROJECT'] ||
|
|
|
|
|
process.env['GOOGLE_CLOUD_PROJECT_ID'] ||
|
|
|
|
|
undefined;
|
2026-01-23 16:03:53 -05:00
|
|
|
const caServer = new CodeAssistServer(
|
|
|
|
|
client,
|
|
|
|
|
projectId,
|
|
|
|
|
{},
|
|
|
|
|
'',
|
|
|
|
|
undefined,
|
|
|
|
|
undefined,
|
|
|
|
|
);
|
2025-08-13 14:04:58 -07:00
|
|
|
const coreClientMetadata: ClientMetadata = {
|
2025-06-09 15:14:06 -07:00
|
|
|
ideType: 'IDE_UNSPECIFIED',
|
|
|
|
|
platform: 'PLATFORM_UNSPECIFIED',
|
|
|
|
|
pluginType: 'GEMINI',
|
|
|
|
|
};
|
|
|
|
|
|
2026-01-26 06:31:19 -08:00
|
|
|
let loadRes: LoadCodeAssistResponse;
|
|
|
|
|
while (true) {
|
|
|
|
|
loadRes = await caServer.loadCodeAssist({
|
|
|
|
|
cloudaicompanionProject: projectId,
|
|
|
|
|
metadata: {
|
|
|
|
|
...coreClientMetadata,
|
|
|
|
|
duetProject: projectId,
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
validateLoadCodeAssistResponse(loadRes);
|
|
|
|
|
break;
|
|
|
|
|
} catch (e) {
|
|
|
|
|
if (e instanceof ValidationRequiredError && validationHandler) {
|
|
|
|
|
const intent = await validationHandler(
|
|
|
|
|
e.validationLink,
|
|
|
|
|
e.validationDescription,
|
|
|
|
|
);
|
|
|
|
|
if (intent === 'verify') {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (intent === 'change_auth') {
|
|
|
|
|
throw new ChangeAuthRequestedError();
|
|
|
|
|
}
|
|
|
|
|
throw new ValidationCancelledError();
|
|
|
|
|
}
|
|
|
|
|
throw e;
|
|
|
|
|
}
|
|
|
|
|
}
|
2025-06-09 15:14:06 -07:00
|
|
|
|
2025-08-13 14:04:58 -07:00
|
|
|
if (loadRes.currentTier) {
|
|
|
|
|
if (!loadRes.cloudaicompanionProject) {
|
|
|
|
|
if (projectId) {
|
|
|
|
|
return {
|
|
|
|
|
projectId,
|
|
|
|
|
userTier: loadRes.currentTier.id,
|
2026-01-23 16:03:53 -05:00
|
|
|
userTierName: loadRes.currentTier.name,
|
2025-08-13 14:04:58 -07:00
|
|
|
};
|
|
|
|
|
}
|
2026-01-26 19:45:39 -08:00
|
|
|
|
|
|
|
|
// If user is not setup for standard tier, inform them about all other tiers they are ineligible for.
|
2026-02-02 20:27:55 -08:00
|
|
|
throwIneligibleOrProjectIdError(loadRes);
|
2025-08-13 14:04:58 -07:00
|
|
|
}
|
|
|
|
|
return {
|
|
|
|
|
projectId: loadRes.cloudaicompanionProject,
|
|
|
|
|
userTier: loadRes.currentTier.id,
|
2026-01-23 16:03:53 -05:00
|
|
|
userTierName: loadRes.currentTier.name,
|
2025-08-13 14:04:58 -07:00
|
|
|
};
|
2025-06-26 08:27:20 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const tier = getOnboardTier(loadRes);
|
2025-06-12 19:32:13 -07:00
|
|
|
|
2025-08-13 14:04:58 -07:00
|
|
|
let onboardReq: OnboardUserRequest;
|
2025-08-25 16:16:30 -07:00
|
|
|
if (tier.id === UserTierId.FREE) {
|
2025-08-13 14:04:58 -07:00
|
|
|
// The free tier uses a managed google cloud project. Setting a project in the `onboardUser` request causes a `Precondition Failed` error.
|
|
|
|
|
onboardReq = {
|
|
|
|
|
tierId: tier.id,
|
|
|
|
|
cloudaicompanionProject: undefined,
|
|
|
|
|
metadata: coreClientMetadata,
|
|
|
|
|
};
|
|
|
|
|
} else {
|
|
|
|
|
onboardReq = {
|
|
|
|
|
tierId: tier.id,
|
|
|
|
|
cloudaicompanionProject: projectId,
|
|
|
|
|
metadata: {
|
|
|
|
|
...coreClientMetadata,
|
|
|
|
|
duetProject: projectId,
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
}
|
2025-06-26 08:27:20 -07:00
|
|
|
|
|
|
|
|
let lroRes = await caServer.onboardUser(onboardReq);
|
2026-01-07 00:38:59 +05:30
|
|
|
if (!lroRes.done && lroRes.name) {
|
|
|
|
|
const operationName = lroRes.name;
|
|
|
|
|
while (!lroRes.done) {
|
|
|
|
|
await new Promise((f) => setTimeout(f, 5000));
|
|
|
|
|
lroRes = await caServer.getOperation(operationName);
|
|
|
|
|
}
|
2025-06-26 08:27:20 -07:00
|
|
|
}
|
2025-08-11 11:04:44 -07:00
|
|
|
|
2025-08-13 14:04:58 -07:00
|
|
|
if (!lroRes.response?.cloudaicompanionProject?.id) {
|
|
|
|
|
if (projectId) {
|
|
|
|
|
return {
|
|
|
|
|
projectId,
|
|
|
|
|
userTier: tier.id,
|
2026-01-23 16:03:53 -05:00
|
|
|
userTierName: tier.name,
|
2025-08-13 14:04:58 -07:00
|
|
|
};
|
|
|
|
|
}
|
2026-02-02 20:27:55 -08:00
|
|
|
|
|
|
|
|
throwIneligibleOrProjectIdError(loadRes);
|
2025-08-11 11:04:44 -07:00
|
|
|
}
|
|
|
|
|
|
2025-08-25 16:16:30 -07:00
|
|
|
return {
|
2025-08-13 14:04:58 -07:00
|
|
|
projectId: lroRes.response.cloudaicompanionProject.id,
|
2025-07-21 13:44:43 -07:00
|
|
|
userTier: tier.id,
|
2026-01-23 16:03:53 -05:00
|
|
|
userTierName: tier.name,
|
2025-07-21 13:44:43 -07:00
|
|
|
};
|
2025-06-26 08:27:20 -07:00
|
|
|
}
|
|
|
|
|
|
2026-02-02 20:27:55 -08:00
|
|
|
function throwIneligibleOrProjectIdError(res: LoadCodeAssistResponse): never {
|
|
|
|
|
if (res.ineligibleTiers && res.ineligibleTiers.length > 0) {
|
|
|
|
|
throw new IneligibleTierError(res.ineligibleTiers);
|
|
|
|
|
}
|
|
|
|
|
throw new ProjectIdRequiredError();
|
|
|
|
|
}
|
|
|
|
|
|
2025-06-26 08:27:20 -07:00
|
|
|
function getOnboardTier(res: LoadCodeAssistResponse): GeminiUserTier {
|
|
|
|
|
for (const tier of res.allowedTiers || []) {
|
|
|
|
|
if (tier.isDefault) {
|
|
|
|
|
return tier;
|
2025-06-11 13:26:41 -07:00
|
|
|
}
|
2025-06-09 15:14:06 -07:00
|
|
|
}
|
2025-06-26 08:27:20 -07:00
|
|
|
return {
|
|
|
|
|
name: '',
|
|
|
|
|
description: '',
|
|
|
|
|
id: UserTierId.LEGACY,
|
|
|
|
|
userDefinedCloudaicompanionProject: true,
|
|
|
|
|
};
|
2025-06-09 15:14:06 -07:00
|
|
|
}
|
2026-01-26 06:31:19 -08:00
|
|
|
|
|
|
|
|
function validateLoadCodeAssistResponse(res: LoadCodeAssistResponse): void {
|
|
|
|
|
if (!res) {
|
|
|
|
|
throw new Error('LoadCodeAssist returned empty response');
|
|
|
|
|
}
|
|
|
|
|
if (
|
|
|
|
|
!res.currentTier &&
|
|
|
|
|
res.ineligibleTiers &&
|
|
|
|
|
res.ineligibleTiers.length > 0
|
|
|
|
|
) {
|
|
|
|
|
const validationTier = res.ineligibleTiers.find(
|
|
|
|
|
(t) =>
|
|
|
|
|
t.validationUrl &&
|
|
|
|
|
t.reasonCode === IneligibleTierReasonCode.VALIDATION_REQUIRED,
|
|
|
|
|
);
|
|
|
|
|
const validationUrl = validationTier?.validationUrl;
|
|
|
|
|
if (validationTier && validationUrl) {
|
|
|
|
|
throw new ValidationRequiredError(
|
|
|
|
|
`Account validation required: ${validationTier.reasonMessage}`,
|
|
|
|
|
undefined,
|
|
|
|
|
validationUrl,
|
|
|
|
|
validationTier.reasonMessage,
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
