1import fs from 'node:fs';
2import path from 'node:path';
3import process from 'node:process';
4 
5import { Endpoint, Headers } from '../constants.js';
6import { AuthError } from '../exceptions.js';
7import { cookie_header, extract_set_cookie_value, fetch_with_timeout } from './http.js';
8import { logger } from './logger.js';
9import { read_cookie_file, write_cookie_file } from './cookie-file.js';
10import { resolveGeminiWebDataDir, resolveGeminiWebCookiePath } from './paths.js';
11import { load_browser_cookies } from './load-browser-cookies.js';
12 
13async function send_request(cookies: Record<string, string>, verbose: boolean): Promise<[string, Record<string, string>]> {
14  const res = await fetch_with_timeout(Endpoint.INIT, {
15    method: 'GET',
16    headers: { ...Headers.GEMINI, Cookie: cookie_header(cookies) },
17    redirect: 'follow',
18    timeout_ms: 30_000,
19  });
20 
21  if (!res.ok) throw new Error(`Init failed: ${res.status} ${res.statusText}`);
22  const text = await res.text();
23  const m = text.match(/\"SNlM0e\":\"(.*?)\"/);
24  if (!m) throw new Error('Missing SNlM0e in response');
25  if (verbose) logger.debug('Init succeeded. Initializing client...');
26  return [m[1]!, cookies];
27}
28 
29function merge_cookie_maps(...maps: Array<Record<string, string> | null | undefined>): Record<string, string> {
30  const out: Record<string, string> = {};
31  for (const m of maps) {
32    if (!m) continue;
33    for (const [k, v] of Object.entries(m)) {
34      if (typeof v === 'string' && v.length > 0) out[k] = v;
35    }
36  }
37  return out;
38}
39 
40function read_cached_1psidts_file(dir: string, sid: string): string | null {
41  try {
42    const p = path.join(dir, `.cached_1psidts_${sid}.txt`);
43    if (!fs.existsSync(p) || !fs.statSync(p).isFile()) return null;
44    const v = fs.readFileSync(p, 'utf8').trim();
45    return v || null;
46  } catch {
47    return null;
48  }
49}
50 
51function list_cached_1psidts(dir: string): Array<{ sid: string; sidts: string }> {
52  const out: Array<{ sid: string; sidts: string }> = [];
53  try {
54    if (!fs.existsSync(dir) || !fs.statSync(dir).isDirectory()) return out;
55    for (const f of fs.readdirSync(dir)) {
56      if (!f.startsWith('.cached_1psidts_') || !f.endsWith('.txt')) continue;
57      const sid = f.slice('.cached_1psidts_'.length, -'.txt'.length);
58      if (!sid) continue;
59      const sidts = read_cached_1psidts_file(dir, sid);
60      if (sidts) out.push({ sid, sidts });
61    }
62  } catch {}
63  return out;
64}
65 
66async function fetch_google_extra_cookies(proxy: string | null, verbose: boolean): Promise<Record<string, string>> {
67  void proxy;
68  try {
69    const res = await fetch_with_timeout(Endpoint.GOOGLE, { timeout_ms: 15_000 });
70    const setCookie = res.headers.get('set-cookie');
71    const nid = extract_set_cookie_value(setCookie, 'NID');
72    if (nid) return { NID: nid };
73  } catch (e) {
74    if (verbose) logger.debug(`Skipping google.com preflight: ${e instanceof Error ? e.message : String(e)}`);
75  }
76  return {};
77}
78 
79export async function get_access_token(
80  base_cookies: Record<string, string>,
81  proxy: string | null = null,
82  verbose: boolean = false,
83): Promise<[string, Record<string, string>]> {
84  const extra = await fetch_google_extra_cookies(proxy, verbose);
85 
86  const cacheDir = resolveGeminiWebDataDir();
87  const candidates: Record<string, string>[] = [];
88 
89  const cookieFilePath = resolveGeminiWebCookiePath();
90  const cachedFile = await read_cookie_file(cookieFilePath);
91  const forceLogin = !!(process.env.GEMINI_WEB_LOGIN?.trim() || process.env.GEMINI_WEB_FORCE_LOGIN?.trim());
92  const shouldUseChromeFirst = forceLogin || (!cachedFile && !base_cookies['__Secure-1PSID'] && !base_cookies['__Secure-1PSIDTS']);
93 
94  if (shouldUseChromeFirst) {
95    try {
96      const browser = await load_browser_cookies('google.com', verbose);
97      for (const cookies of Object.values(browser)) {
98        candidates.push(merge_cookie_maps(extra, cookies));
99      }
100    } catch (e) {
101      if (verbose) logger.warning(`Failed to load cookies via Chrome CDP: ${e instanceof Error ? e.message : String(e)}`);
102    }
103  }
104 
105  if (base_cookies['__Secure-1PSID'] && base_cookies['__Secure-1PSIDTS']) {
106    candidates.push(merge_cookie_maps(extra, base_cookies));
107  } else if (verbose) {
108    logger.debug('Skipping loading base cookies. Either __Secure-1PSID or __Secure-1PSIDTS is not provided.');
109  }
110 
111  if (cachedFile) {
112    candidates.push(merge_cookie_maps(extra, cachedFile));
113  }
114 
115  if (base_cookies['__Secure-1PSID'] && !base_cookies['__Secure-1PSIDTS']) {
116    const sid = base_cookies['__Secure-1PSID'];
117    const sidts = read_cached_1psidts_file(cacheDir, sid);
118    if (sidts) {
119      candidates.push(merge_cookie_maps(extra, base_cookies, { '__Secure-1PSIDTS': sidts }));
120    } else if (verbose) {
121      logger.debug('Skipping loading cached cookies. Cache file not found or empty.');
122    }
123  } else if (!base_cookies['__Secure-1PSID']) {
124    const caches = list_cached_1psidts(cacheDir);
125    for (const c of caches) {
126      candidates.push(merge_cookie_maps(extra, { '__Secure-1PSID': c.sid, '__Secure-1PSIDTS': c.sidts }));
127    }
128    if (caches.length === 0 && verbose) {
129      logger.debug('Skipping loading cached cookies. Cookies will be cached after successful initialization.');
130    }
131  }
132 
133  const unique: Record<string, string>[] = [];
134  const seen = new Set<string>();
135  for (const c of candidates) {
136    const key = `${c['__Secure-1PSID'] ?? ''}:${c['__Secure-1PSIDTS'] ?? ''}:${c.NID ?? ''}`;
137    if (seen.has(key)) continue;
138    seen.add(key);
139    unique.push(c);
140  }
141 
142  const try_candidates = async (): Promise<[string, Record<string, string>]> => {
143    if (unique.length === 0) throw new Error('no candidates');
144    const attempts = unique.map(async (c, i) => {
145      try {
146        if (verbose) logger.debug(`Init attempt (${i + 1}/${unique.length})...`);
147        return await send_request(c, verbose);
148      } catch (e) {
149        if (verbose) logger.debug(`Init attempt (${i + 1}/${unique.length}) failed: ${e instanceof Error ? e.message : String(e)}`);
150        throw e;
151      }
152    });
153    return (await Promise.any(attempts)) as [string, Record<string, string>];
154  };
155 
156  try {
157    const [token, cookies] = await try_candidates();
158    await write_cookie_file(cookies, resolveGeminiWebCookiePath(), 'init').catch(() => {});
159    return [token, cookies];
160  } catch {
161    if (verbose) logger.debug('Cookie attempts failed. Falling back to Chrome CDP cookie load...');
162  }
163 
164  const browser = await load_browser_cookies('google.com', verbose);
165  let valid = 0;
166  for (const cookies of Object.values(browser)) {
167    if (cookies['__Secure-1PSID']) valid++;
168    if (base_cookies['__Secure-1PSID'] && cookies['__Secure-1PSID'] && cookies['__Secure-1PSID'] !== base_cookies['__Secure-1PSID']) {
169      if (verbose) logger.debug('Skipping loaded browser cookies: __Secure-1PSID does not match the one provided.');
170      continue;
171    }
172    unique.push(merge_cookie_maps(extra, cookies));
173  }
174 
175  if (valid === 0) {
176    throw new AuthError(
177      'No valid cookies available for initialization. Please pass __Secure-1PSID and __Secure-1PSIDTS manually.',
178    );
179  }
180 
181  try {
182    const [token, cookies] = await try_candidates();
183    await write_cookie_file(cookies, resolveGeminiWebCookiePath(), 'init').catch(() => {});
184    return [token, cookies];
185  } catch {
186    throw new AuthError(
187      `Failed to initialize client. SECURE_1PSIDTS could get expired frequently, please make sure cookie values are up to date. (Failed initialization attempts: ${unique.length})`,
188    );
189  }
190}
191 
192export const getAccessToken = get_access_token;
193