openclaw
diff --git a/‎CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎extensions/chutes/index.ts‎
Lines changed: 184 additions & 0 deletions b/‎extensions/chutes/index.ts‎
Lines changed: 184 additions & 0 deletions
diff --git a/‎extensions/chutes/onboard.ts‎
Lines changed: 67 additions & 0 deletions b/‎extensions/chutes/onboard.ts‎
Lines changed: 67 additions & 0 deletions
diff --git a/‎extensions/chutes/openclaw.plugin.json‎
Lines changed: 39 additions & 0 deletions b/‎extensions/chutes/openclaw.plugin.json‎
Lines changed: 39 additions & 0 deletions
diff --git a/‎extensions/chutes/package.json‎
Lines changed: 12 additions & 0 deletions b/‎extensions/chutes/package.json‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎extensions/chutes/provider-catalog.ts‎
Lines changed: 21 additions & 0 deletions b/‎extensions/chutes/provider-catalog.ts‎
Lines changed: 21 additions & 0 deletions
@@ -35,6 +35,7 @@ Docs: https://docs.openclaw.ai
 - Plugins/bundles: make enabled bundle MCP servers expose runnable tools in embedded Pi, and default relative bundle MCP launches to the bundle root so marketplace bundles like Context7 work through Pi instead of stopping at config import.
 - Scope message SecretRef resolution and harden doctor/status paths. (#48728) Thanks @joshavant.
 - Plugins/testing: add a public `openclaw/plugin-sdk/testing` seam for plugin-author test helpers, and move bundled-extension-only test bridges out of `extensions/` into private repo test helpers.
+- Plugins/Chutes: add a bundled Chutes provider with plugin-owned OAuth/API-key auth, dynamic model discovery, and default-on extension wiring. (#41416) Thanks @Veightor.
 
 ### Breaking
 
 
@@ -0,0 +1,184 @@
+import { definePluginEntry } from "openclaw/plugin-sdk/core";
+import {
+  buildOauthProviderAuthResult,
+  createProviderApiKeyAuthMethod,
+  loginChutes,
+  resolveOAuthApiKeyMarker,
+  type ProviderAuthContext,
+  type ProviderAuthResult,
+} from "openclaw/plugin-sdk/provider-auth";
+import {
+  CHUTES_DEFAULT_MODEL_REF,
+  applyChutesApiKeyConfig,
+  applyChutesProviderConfig,
+} from "./onboard.js";
+import { buildChutesProvider } from "./provider-catalog.js";
+
+const PROVIDER_ID = "chutes";
+
+async function runChutesOAuth(ctx: ProviderAuthContext): Promise<ProviderAuthResult> {
+  const isRemote = ctx.isRemote;
+  const redirectUri =
+    process.env.CHUTES_OAUTH_REDIRECT_URI?.trim() || "http://127.0.0.1:1456/oauth-callback";
+  const scopes = process.env.CHUTES_OAUTH_SCOPES?.trim() || "openid profile chutes:invoke";
+  const clientId =
+    process.env.CHUTES_CLIENT_ID?.trim() ||
+    String(
+      await ctx.prompter.text({
+        message: "Enter Chutes OAuth client id",
+        placeholder: "cid_xxx",
+        validate: (value: string) => (value?.trim() ? undefined : "Required"),
+      }),
+    ).trim();
+  const clientSecret = process.env.CHUTES_CLIENT_SECRET?.trim() || undefined;
+
+  await ctx.prompter.note(
+    isRemote
+      ? [
+          "You are running in a remote/VPS environment.",
+          "A URL will be shown for you to open in your LOCAL browser.",
+          "After signing in, paste the redirect URL back here.",
+          "",
+          `Redirect URI: ${redirectUri}`,
+        ].join("\n")
+      : [
+          "Browser will open for Chutes authentication.",
+          "If the callback doesn't auto-complete, paste the redirect URL.",
+          "",
+          `Redirect URI: ${redirectUri}`,
+        ].join("\n"),
+    "Chutes OAuth",
+  );
+
+  const progress = ctx.prompter.progress("Starting Chutes OAuth…");
+  try {
+    const { onAuth, onPrompt } = ctx.oauth.createVpsAwareHandlers({
+      isRemote,
+      prompter: ctx.prompter,
+      runtime: ctx.runtime,
+      spin: progress,
+      openUrl: ctx.openUrl,
+      localBrowserMessage: "Complete sign-in in browser…",
+    });
+
+    const creds = await loginChutes({
+      app: {
+        clientId,
+        clientSecret,
+        redirectUri,
+        scopes: scopes.split(/\s+/).filter(Boolean),
+      },
+      manual: isRemote,
+      onAuth,
+      onPrompt,
+      onProgress: (message) => progress.update(message),
+    });
+
+    progress.stop("Chutes OAuth complete");
+
+    return buildOauthProviderAuthResult({
+      providerId: PROVIDER_ID,
+      defaultModel: CHUTES_DEFAULT_MODEL_REF,
+      access: creds.access,
+      refresh: creds.refresh,
+      expires: creds.expires,
+      email: typeof creds.email === "string" ? creds.email : undefined,
+      credentialExtra: {
+        clientId,
+        ...("accountId" in creds && typeof creds.accountId === "string"
+          ? { accountId: creds.accountId }
+          : {}),
+      },
+      configPatch: applyChutesProviderConfig({}),
+      notes: [
+        "Chutes OAuth tokens auto-refresh. Re-run login if refresh fails or access is revoked.",
+        `Redirect URI: ${redirectUri}`,
+      ],
+    });
+  } catch (err) {
+    progress.stop("Chutes OAuth failed");
+    await ctx.prompter.note(
+      [
+        "Trouble with OAuth?",
+        "Verify CHUTES_CLIENT_ID (and CHUTES_CLIENT_SECRET if required).",
+        `Verify the OAuth app redirect URI includes: ${redirectUri}`,
+        "Chutes docs: https://chutes.ai/docs/sign-in-with-chutes/overview",
+      ].join("\n"),
+      "OAuth help",
+    );
+    throw err;
+  }
+}
+
+export default definePluginEntry({
+  id: PROVIDER_ID,
+  name: "Chutes Provider",
+  description: "Bundled Chutes.ai provider plugin",
+  register(api) {
+    api.registerProvider({
+      id: PROVIDER_ID,
+      label: "Chutes",
+      docsPath: "/providers/chutes",
+      envVars: ["CHUTES_API_KEY", "CHUTES_OAUTH_TOKEN"],
+      auth: [
+        {
+          id: "oauth",
+          label: "Chutes OAuth",
+          hint: "Browser sign-in",
+          kind: "oauth",
+          wizard: {
+            choiceId: "chutes",
+            choiceLabel: "Chutes (OAuth)",
+            choiceHint: "Browser sign-in",
+            groupId: "chutes",
+            groupLabel: "Chutes",
+            groupHint: "OAuth + API key",
+          },
+          run: async (ctx) => await runChutesOAuth(ctx),
+        },
+        createProviderApiKeyAuthMethod({
+          providerId: PROVIDER_ID,
+          methodId: "api-key",
+          label: "Chutes API key",
+          hint: "Open-source models including Llama, DeepSeek, and more",
+          optionKey: "chutesApiKey",
+          flagName: "--chutes-api-key",
+          envVar: "CHUTES_API_KEY",
+          promptMessage: "Enter Chutes API key",
+          noteTitle: "Chutes",
+          noteMessage: [
+            "Chutes provides access to leading open-source models including Llama, DeepSeek, and more.",
+            "Get your API key at: https://chutes.ai/settings/api-keys",
+          ].join("\n"),
+          defaultModel: CHUTES_DEFAULT_MODEL_REF,
+          expectedProviders: ["chutes"],
+          applyConfig: (cfg) => applyChutesApiKeyConfig(cfg),
+          wizard: {
+            choiceId: "chutes-api-key",
+            choiceLabel: "Chutes API key",
+            groupId: "chutes",
+            groupLabel: "Chutes",
+            groupHint: "OAuth + API key",
+          },
+        }),
+      ],
+      catalog: {
+        order: "profile",
+        run: async (ctx) => {
+          const { apiKey, discoveryApiKey } = ctx.resolveProviderAuth(PROVIDER_ID, {
+            oauthMarker: resolveOAuthApiKeyMarker(PROVIDER_ID),
+          });
+          if (!apiKey) {
+            return null;
+          }
+          return {
+            provider: {
+              ...(await buildChutesProvider(discoveryApiKey)),
+              apiKey,
+            },
+          };
+        },
+      },
+    });
+  },
+});
@@ -0,0 +1,67 @@
+import {
+  CHUTES_BASE_URL,
+  CHUTES_DEFAULT_MODEL_REF,
+  CHUTES_MODEL_CATALOG,
+  buildChutesModelDefinition,
+} from "openclaw/plugin-sdk/provider-models";
+import {
+  applyAgentDefaultModelPrimary,
+  applyProviderConfigWithModelCatalog,
+  type OpenClawConfig,
+} from "openclaw/plugin-sdk/provider-onboard";
+
+export { CHUTES_DEFAULT_MODEL_REF };
+
+/**
+ * Apply Chutes provider configuration without changing the default model.
+ * Registers all catalog models and sets provider aliases (chutes-fast, etc.).
+ */
+export function applyChutesProviderConfig(cfg: OpenClawConfig): OpenClawConfig {
+  const models = { ...cfg.agents?.defaults?.models };
+  for (const m of CHUTES_MODEL_CATALOG) {
+    models[`chutes/${m.id}`] = {
+      ...models[`chutes/${m.id}`],
+    };
+  }
+
+  models["chutes-fast"] = { alias: "chutes/zai-org/GLM-4.7-FP8" };
+  models["chutes-vision"] = { alias: "chutes/chutesai/Mistral-Small-3.2-24B-Instruct-2506" };
+  models["chutes-pro"] = { alias: "chutes/deepseek-ai/DeepSeek-V3.2-TEE" };
+
+  const chutesModels = CHUTES_MODEL_CATALOG.map(buildChutesModelDefinition);
+  return applyProviderConfigWithModelCatalog(cfg, {
+    agentModels: models,
+    providerId: "chutes",
+    api: "openai-completions",
+    baseUrl: CHUTES_BASE_URL,
+    catalogModels: chutesModels,
+  });
+}
+
+/**
+ * Apply Chutes provider configuration AND set Chutes as the default model.
+ */
+export function applyChutesConfig(cfg: OpenClawConfig): OpenClawConfig {
+  const next = applyChutesProviderConfig(cfg);
+  return {
+    ...next,
+    agents: {
+      ...next.agents,
+      defaults: {
+        ...next.agents?.defaults,
+        model: {
+          primary: CHUTES_DEFAULT_MODEL_REF,
+          fallbacks: ["chutes/deepseek-ai/DeepSeek-V3.2-TEE", "chutes/Qwen/Qwen3-32B"],
+        },
+        imageModel: {
+          primary: "chutes/chutesai/Mistral-Small-3.2-24B-Instruct-2506",
+          fallbacks: ["chutes/chutesai/Mistral-Small-3.1-24B-Instruct-2503"],
+        },
+      },
+    },
+  };
+}
+
+export function applyChutesApiKeyConfig(cfg: OpenClawConfig): OpenClawConfig {
+  return applyAgentDefaultModelPrimary(applyChutesProviderConfig(cfg), CHUTES_DEFAULT_MODEL_REF);
+}
@@ -0,0 +1,39 @@
+{
+  "id": "chutes",
+  "enabledByDefault": true,
+  "providers": ["chutes"],
+  "providerAuthEnvVars": {
+    "chutes": ["CHUTES_API_KEY", "CHUTES_OAUTH_TOKEN"]
+  },
+  "providerAuthChoices": [
+    {
+      "provider": "chutes",
+      "method": "oauth",
+      "choiceId": "chutes",
+      "choiceLabel": "Chutes (OAuth)",
+      "choiceHint": "Browser sign-in",
+      "groupId": "chutes",
+      "groupLabel": "Chutes",
+      "groupHint": "OAuth + API key"
+    },
+    {
+      "provider": "chutes",
+      "method": "api-key",
+      "choiceId": "chutes-api-key",
+      "choiceLabel": "Chutes API key",
+      "choiceHint": "Open-source models including Llama, DeepSeek, and more",
+      "groupId": "chutes",
+      "groupLabel": "Chutes",
+      "groupHint": "OAuth + API key",
+      "optionKey": "chutesApiKey",
+      "cliFlag": "--chutes-api-key",
+      "cliOption": "--chutes-api-key <key>",
+      "cliDescription": "Chutes API key"
+    }
+  ],
+  "configSchema": {
+    "type": "object",
+    "additionalProperties": false,
+    "properties": {}
+  }
+}
@@ -0,0 +1,12 @@
+{
+  "name": "@openclaw/chutes-provider",
+  "version": "2026.3.17",
+  "private": true,
+  "description": "OpenClaw Chutes.ai provider plugin",
+  "type": "module",
+  "openclaw": {
+    "extensions": [
+      "./index.ts"
+    ]
+  }
+}
@@ -0,0 +1,21 @@
+import {
+  CHUTES_BASE_URL,
+  CHUTES_MODEL_CATALOG,
+  buildChutesModelDefinition,
+  discoverChutesModels,
+  type ModelProviderConfig,
+} from "openclaw/plugin-sdk/provider-models";
+
+/**
+ * Build the Chutes provider with dynamic model discovery.
+ * Falls back to the static catalog on failure.
+ * Accepts an optional access token (API key or OAuth access token) for authenticated discovery.
+ */
+export async function buildChutesProvider(accessToken?: string): Promise<ModelProviderConfig> {
+  const models = await discoverChutesModels(accessToken);
+  return {
+    baseUrl: CHUTES_BASE_URL,
+    api: "openai-completions",
+    models: models.length > 0 ? models : CHUTES_MODEL_CATALOG.map(buildChutesModelDefinition),
+  };
+}