Skip to content

feat(providers): xAI Coding Plan OAuth provider#26445

Closed
avirweb wants to merge 2 commits into
NousResearch:mainfrom
avirweb:feat/xai-coding-plan-provider
Closed

feat(providers): xAI Coding Plan OAuth provider#26445
avirweb wants to merge 2 commits into
NousResearch:mainfrom
avirweb:feat/xai-coding-plan-provider

Conversation

@avirweb

@avirweb avirweb commented May 15, 2026
edited
Loading

Copy link
Copy Markdown

Problem

The existing xai provider only supports direct API-key auth (XAI_API_KEY). Users who have an xAI Coding Plan subscription (which uses OAuth via the official Grok CLI) have no way to use their credentials in Hermes — hermes setup and /model offer no OAuth path, and the model picker dumps the full xAI catalog instead of the 5 Coding Plan-eligible models.

Solution

Adds a distinct xai-coding-plan provider that delegates login to the installed Grok CLI, imports its OAuth token from ~/.grok/auth.json, and presents only the curated Coding Plan model list.

What this PR adds

Provider profile (commit 1):

  • xai-coding-plan in _PROVIDER_MODELS with curated list: grok-build, grok-4-1-fast, grok-code-fast-1, grok-4.3, grok-4.3-latest
  • Full resolution chain: providers.py ALIASES + HERMES_OVERLAYS, auth.py PROVIDER_REGISTRY, plugin discovery, models.dev mapping
  • Legacy xai-oauth plugin alias for backward compatibility with any prior configs

Auth flow (commit 2):

  • _login_xai_coding_plan() — delegates to grok login --device-auth
  • _import_grok_cli_into_hermes() — reads ~/.grok/auth.json, imports OAuth token, handles expiry/refresh
  • resolve_xai_oauth_runtime_credentials() — runtime credential resolution with relogin-required errors on expired tokens
  • Atomic config write (provider + base_url + selected model in one shot)
  • Credential pool seeding for same-provider fallback

Model picker fix:

  • _model_flow_xai_oauth uses the curated list directly instead of live API fetch (xAI API returns all models, burying the 5 Coding Plan models)

Why this needs merging

None of this exists on main. The codebase currently has:

  • No xAI OAuth provider at all
  • No Coding Plan profile or curated model list
  • No Grok CLI token import flow
  • The /model "Unknown provider" bug for xai-coding-plan aliases (caused by missing providers.py ALIASES entry)

Credits

Original xAI Coding Plan attempt by @ams432 — that PR had broken elements (incomplete resolution chain, stale alias mappings, live API fetch instead of curated list) which were fixed in this rebuild. The concept of Grok CLI OAuth delegation and terminal/web auth flows originates from ams432's work.

This replaces the earlier attempt at #25941 (Mind-Dragon fork, closed) and is a clean, atomic rebuild with the full resolution chain fix.

Test plan

# Verify resolution chain
python -c "
from hermes_cli.providers import resolve_provider_full
from hermes_cli.auth import PROVIDER_REGISTRY
from hermes_cli.models import _PROVIDER_MODELS
assert 'xai-coding-plan' in PROVIDER_REGISTRY
assert resolve_provider_full('xai-coding-plan') is not None
assert resolve_provider_full('xai-oauth') is not None
assert len(_PROVIDER_MODELS['xai-coding-plan']) == 5
"

# Run tests
python -m pytest tests/hermes_cli/test_model_provider_persistence.py tests/providers/test_plugin_discovery.py -v

Files changed

hermes_cli/auth.py                            | 499 ++++
hermes_cli/main.py                            | 175 +--
hermes_cli/models.py                          |  15 +
hermes_cli/providers.py                       |   9 +
plugins/model-providers/xai-oauth/__init__.py |  50 +++
plugins/model-providers/xai/__init__.py       |  34 +-
tests/providers/test_plugin_discovery.py      |   6 +-
7 files changed, 724 insertions(+), 64 deletions(-)

@HeimdallStrategy
feat(providers): add xAI Coding Plan provider profile
b72163d 
- xai-coding-plan profile with Grok CLI OAuth delegation
- Curated model list: grok-build, grok-4-1-fast, grok-code-fast-1, grok-4.3, grok-4.3-latest
- providers.py ALIASES + HERMES_OVERLAYS for resolution chain
- Legacy xai-oauth alias registration for backward compatibility
- models.dev mapping and test plugin count bump
@HeimdallStrategy
feat(auth): add xAI Coding Plan OAuth login via Grok CLI
3a503f0 
- Import Grok CLI OAuth tokens from ~/.grok/auth.json
- resolve_xai_coding_plan_credentials with expiry/refresh handling
- _login_xai_coding_plan flow with grok login --device-auth
- ProviderConfig entry for xai-coding-plan in PROVIDER_REGISTRY
- Config persistence with force_default_model for atomic provider/base_url/model
- credential_pool seeding for same-provider fallback
- Tests for token expiry, credential resolution, and config persistence
@alt-glitch alt-glitch added type/feature New feature or request P3 Low — cosmetic, nice to have comp/cli CLI entry point, hermes_cli/, setup wizard comp/plugins Plugin system and bundled plugins provider/xai xAI (Grok) area/auth Authentication, OAuth, credential pools labels May 15, 2026
@alt-glitch

alt-glitch commented May 15, 2026

Copy link
Copy Markdown
Collaborator

Duplicate of #25941 — same xAI Coding Plan OAuth provider feature. Also competes with #25968. Please consolidate into one of those existing PRs.

@alt-glitch alt-glitch mentioned this pull request May 15, 2026
Closed
19 tasks
@avirweb

avirweb commented May 15, 2026 via email

Copy link
Copy Markdown
Author

@teknium1 teknium1 closed this May 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area/auth Authentication, OAuth, credential pools comp/cli CLI entry point, hermes_cli/, setup wizard comp/plugins Plugin system and bundled plugins P3 Low — cosmetic, nice to have provider/xai xAI (Grok) type/feature New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@avirweb @alt-glitch @teknium1 @HeimdallStrategy