Skip to main content

Module auth

Module auth 

Source
Expand description

Auth storage — read/write ~/.rab/agent/auth.json.

Pi-compatible credential store with file locking and OAuth auto-refresh.

Format (pi-compatible):

{ "opencode-go": { "type": "api_key", "key": "sk-..." } }

Structs§

AuthStorage
Auth storage loaded from ~/.rab/auth.json.

Enums§

AuthCredential
Credential for a provider (mirrors pi’s auth.json schema).

Functions§

list_logged_in
List all providers that have credentials stored.
login
Login a provider by storing its API key in auth.json.
login_oauth
Login a provider by storing its OAuth credentials in auth.json.
logout
Logout a provider by removing its credential from auth.json. If provider is None, clears all credentials. Returns true if something was actually removed.
modify_credential
Atomically modify a single provider’s credential (pi-compatible CredentialStore.modify()). f receives the current credential (None if missing), returns the new credential, or None to delete the entry.
read_credential
Read a credential from auth.json. Returns None if the provider has no stored credential.
refresh_oauth_token
Refresh an expired OAuth token using the registered OAuth provider. Returns the new access token string, or None if refresh fails. Matching pi’s AuthStorage.refreshOAuthTokenWithLock() pattern.