diff --git a/src/vs/workbench/contrib/void/browser/sidebarActions.ts b/src/vs/workbench/contrib/void/browser/sidebarActions.ts
index ed2b97c9..d4f45a28 100644
--- a/src/vs/workbench/contrib/void/browser/sidebarActions.ts
+++ b/src/vs/workbench/contrib/void/browser/sidebarActions.ts
@@ -64,7 +64,7 @@ export const roundRangeToLines = (range: IRange | null | undefined, options: { e
const VOID_OPEN_SIDEBAR_ACTION_ID = 'void.sidebar.open'
registerAction2(class extends Action2 {
constructor() {
- super({ id: VOID_OPEN_SIDEBAR_ACTION_ID, title: localize2('voidOpenSidebar', 'Void: Open Sidebar'), f1: true });
+ super({ id: VOID_OPEN_SIDEBAR_ACTION_ID, title: localize2('voidOpenSidebar', 'Orcide: Open Sidebar'), f1: true });
}
async run(accessor: ServicesAccessor): Promise
{
const viewsService = accessor.get(IViewsService)
@@ -81,7 +81,7 @@ registerAction2(class extends Action2 {
super({
id: VOID_CTRL_L_ACTION_ID,
f1: true,
- title: localize2('voidCmdL', 'Void: Add Selection to Chat'),
+ title: localize2('voidCmdL', 'Orcide: Add Selection to Chat'),
keybinding: {
primary: KeyMod.CtrlCmd | KeyCode.KeyL,
weight: KeybindingWeight.VoidExtension
@@ -240,7 +240,7 @@ registerAction2(class extends Action2 {
constructor() {
super({
id: 'void.settingsAction',
- title: `Void's Settings`,
+ title: `Orcide Settings`,
icon: { id: 'settings-gear' },
menu: [{ id: MenuId.ViewTitle, group: 'navigation', when: ContextKeyExpr.equals('view', VOID_VIEW_ID), }]
});
diff --git a/src/vs/workbench/contrib/void/browser/sidebarPane.ts b/src/vs/workbench/contrib/void/browser/sidebarPane.ts
index 803b2b8b..877f7265 100644
--- a/src/vs/workbench/contrib/void/browser/sidebarPane.ts
+++ b/src/vs/workbench/contrib/void/browser/sidebarPane.ts
@@ -154,7 +154,7 @@ registerAction2(class extends Action2 {
constructor() {
super({
id: VOID_OPEN_SIDEBAR_ACTION_ID,
- title: 'Open Void Sidebar',
+ title: 'Open Orcide Sidebar',
})
}
run(accessor: ServicesAccessor): void {
diff --git a/src/vs/workbench/contrib/void/browser/void.contribution.ts b/src/vs/workbench/contrib/void/browser/void.contribution.ts
index 35c89184..c3e7a951 100644
--- a/src/vs/workbench/contrib/void/browser/void.contribution.ts
+++ b/src/vs/workbench/contrib/void/browser/void.contribution.ts
@@ -1,6 +1,6 @@
/*--------------------------------------------------------------------------------------
- * Copyright 2025 Glass Devtools, Inc. All rights reserved.
- * Licensed under the Apache License, Version 2.0. See LICENSE.txt for more information.
+ * Copyright 2025 Orcest AI. All rights reserved.
+ * Licensed under the MIT License. See LICENSE.txt for more information.
*--------------------------------------------------------------------------------------*/
@@ -64,12 +64,17 @@ import './fileService.js'
// register source control management
import './voidSCMService.js'
-// ---------- common (unclear if these actually need to be imported, because they're already imported wherever they're used) ----------
+// ---------- Orcide SSO & Profile services ----------
+
+// SSO authentication service (browser-side)
+import './orcideSSOBrowserService.js'
+
+// ---------- common ----------
// llmMessage
import '../common/sendLLMMessageService.js'
-// voidSettings
+// orcideSettings (previously voidSettings)
import '../common/voidSettingsService.js'
// refreshModel
@@ -83,3 +88,12 @@ import '../common/voidUpdateService.js'
// model service
import '../common/voidModelService.js'
+
+// Orcide SSO service
+import '../common/orcideSSOService.js'
+
+// Orcide user profile service
+import '../common/orcideUserProfileService.js'
+
+// Orcide collaboration service
+import '../common/orcideCollaborationService.js'
diff --git a/src/vs/workbench/contrib/void/browser/voidSettingsPane.ts b/src/vs/workbench/contrib/void/browser/voidSettingsPane.ts
index b70aef91..a87c9972 100644
--- a/src/vs/workbench/contrib/void/browser/voidSettingsPane.ts
+++ b/src/vs/workbench/contrib/void/browser/voidSettingsPane.ts
@@ -49,7 +49,7 @@ class VoidSettingsInput extends EditorInput {
}
override getName(): string {
- return nls.localize('voidSettingsInputsName', 'Void\'s Settings');
+ return nls.localize('voidSettingsInputsName', 'Orcide Settings');
}
override getIcon() {
@@ -112,7 +112,7 @@ class VoidSettingsPane extends EditorPane {
// register Settings pane
Registry.as(EditorExtensions.EditorPane).registerEditorPane(
- EditorPaneDescriptor.create(VoidSettingsPane, VoidSettingsPane.ID, nls.localize('VoidSettingsPane', "Void\'s Settings Pane")),
+ EditorPaneDescriptor.create(VoidSettingsPane, VoidSettingsPane.ID, nls.localize('VoidSettingsPane', "Orcide Settings Pane")),
[new SyncDescriptor(VoidSettingsInput)]
);
@@ -123,7 +123,7 @@ registerAction2(class extends Action2 {
constructor() {
super({
id: VOID_TOGGLE_SETTINGS_ACTION_ID,
- title: nls.localize2('voidSettings', "Void: Toggle Settings"),
+ title: nls.localize2('voidSettings', "Orcide: Toggle Settings"),
icon: Codicon.settingsGear,
menu: [
{
@@ -172,7 +172,7 @@ registerAction2(class extends Action2 {
constructor() {
super({
id: VOID_OPEN_SETTINGS_ACTION_ID,
- title: nls.localize2('voidSettingsAction2', "Void: Open Settings"),
+ title: nls.localize2('voidSettingsAction2', "Orcide: Open Settings"),
f1: true,
icon: Codicon.settingsGear,
});
@@ -202,7 +202,7 @@ MenuRegistry.appendMenuItem(MenuId.GlobalActivity, {
group: '0_command',
command: {
id: VOID_TOGGLE_SETTINGS_ACTION_ID,
- title: nls.localize('voidSettingsActionGear', "Void\'s Settings")
+ title: nls.localize('voidSettingsActionGear', "Orcide Settings")
},
order: 1
});
diff --git a/src/vs/workbench/contrib/void/browser/voidUpdateActions.ts b/src/vs/workbench/contrib/void/browser/voidUpdateActions.ts
index 2d66e43e..232a33ff 100644
--- a/src/vs/workbench/contrib/void/browser/voidUpdateActions.ts
+++ b/src/vs/workbench/contrib/void/browser/voidUpdateActions.ts
@@ -21,7 +21,7 @@ import { IAction } from '../../../../base/common/actions.js';
const notifyUpdate = (res: VoidCheckUpdateRespose & { message: string }, notifService: INotificationService, updateService: IUpdateService): INotificationHandle => {
- const message = res?.message || 'This is a very old version of Void, please download the latest version! [Void Editor](https://orcest.ai/download-beta)!'
+ const message = res?.message || 'This is a very old version of Orcide. Please download the latest version! [Orcide](https://orcest.ai/download-beta)!'
let actions: INotificationActions | undefined
@@ -85,7 +85,7 @@ const notifyUpdate = (res: VoidCheckUpdateRespose & { message: string }, notifSe
primary.push({
id: 'void.updater.site',
enabled: true,
- label: `Void Site`,
+ label: `Orcide Site`,
tooltip: '',
class: undefined,
run: () => {
@@ -127,7 +127,7 @@ const notifyUpdate = (res: VoidCheckUpdateRespose & { message: string }, notifSe
// })
}
const notifyErrChecking = (notifService: INotificationService): INotificationHandle => {
- const message = `Void Error: There was an error checking for updates. If this persists, please get in touch or reinstall Void [here](https://orcest.ai/download-beta)!`
+ const message = `Orcide Error: There was an error checking for updates. If this persists, please get in touch or reinstall Orcide [here](https://orcest.ai/download-beta)!`
const notifController = notifService.notify({
severity: Severity.Info,
message: message,
@@ -147,21 +147,21 @@ const performVoidCheck = async (
const metricsTag = explicit ? 'Manual' : 'Auto'
- metricsService.capture(`Void Update ${metricsTag}: Checking...`, {})
+ metricsService.capture(`Orcide Update ${metricsTag}: Checking...`, {})
const res = await voidUpdateService.check(explicit)
if (!res) {
const notifController = notifyErrChecking(notifService);
- metricsService.capture(`Void Update ${metricsTag}: Error`, { res })
+ metricsService.capture(`Orcide Update ${metricsTag}: Error`, { res })
return notifController
}
else {
if (res.message) {
const notifController = notifyUpdate(res, notifService, updateService)
- metricsService.capture(`Void Update ${metricsTag}: Yes`, { res })
+ metricsService.capture(`Orcide Update ${metricsTag}: Yes`, { res })
return notifController
}
else {
- metricsService.capture(`Void Update ${metricsTag}: No`, { res })
+ metricsService.capture(`Orcide Update ${metricsTag}: No`, { res })
return null
}
}
@@ -177,7 +177,7 @@ registerAction2(class extends Action2 {
super({
f1: true,
id: 'void.voidCheckUpdate',
- title: localize2('voidCheckUpdate', 'Void: Check for Updates'),
+ title: localize2('voidCheckUpdate', 'Orcide: Check for Updates'),
});
}
async run(accessor: ServicesAccessor): Promise {
diff --git a/src/vs/workbench/contrib/void/common/metricsService.ts b/src/vs/workbench/contrib/void/common/metricsService.ts
index 21ae1c3d..642e953a 100644
--- a/src/vs/workbench/contrib/void/common/metricsService.ts
+++ b/src/vs/workbench/contrib/void/common/metricsService.ts
@@ -70,7 +70,7 @@ registerAction2(class extends Action2 {
super({
id: 'voidDebugInfo',
f1: true,
- title: localize2('voidMetricsDebug', 'Void: Log Debug Info'),
+ title: localize2('voidMetricsDebug', 'Orcide: Log Debug Info'),
});
}
async run(accessor: ServicesAccessor): Promise {
@@ -79,6 +79,6 @@ registerAction2(class extends Action2 {
const debugProperties = await metricsService.getDebuggingProperties()
console.log('Metrics:', debugProperties)
- notifService.info(`Void Debug info:\n${JSON.stringify(debugProperties, null, 2)}`)
+ notifService.info(`Orcide Debug info:\n${JSON.stringify(debugProperties, null, 2)}`)
}
})
diff --git a/src/vs/workbench/contrib/void/common/modelCapabilities.ts b/src/vs/workbench/contrib/void/common/modelCapabilities.ts
index d784ab93..aee4544d 100644
--- a/src/vs/workbench/contrib/void/common/modelCapabilities.ts
+++ b/src/vs/workbench/contrib/void/common/modelCapabilities.ts
@@ -65,6 +65,10 @@ export const defaultProviderSettings = {
region: 'us-east-1', // add region setting
endpoint: '', // optionally allow overriding default
},
+ orcestAI: {
+ endpoint: 'https://rm.orcest.ai/v1',
+ apiKey: '', // Will be populated from environment/SSO
+ },
} as const
@@ -144,6 +148,17 @@ export const defaultModelsOfProvider = {
microsoftAzure: [],
awsBedrock: [],
liteLLM: [],
+ orcestAI: [
+ 'rainymodel-pro',
+ 'rainymodel-standard',
+ 'rainymodel-lite',
+ 'gpt-4o',
+ 'gpt-4o-mini',
+ 'claude-3.5-sonnet',
+ 'gemini-1.5-pro',
+ 'llama-3.1-70b',
+ 'mixtral-8x7b',
+ ],
} as const satisfies Record
@@ -1440,6 +1455,52 @@ const openRouterSettings: VoidStaticProviderInfo = {
+// ---------------- ORCEST AI (RainyModel) ----------------
+const orcestAIModelOptions = {
+ 'rainymodel-pro': {
+ contextWindow: 128_000,
+ reservedOutputTokenSpace: 8_192,
+ cost: { input: 0, output: 0 },
+ downloadable: false,
+ supportsFIM: false,
+ supportsSystemMessage: 'system-role',
+ specialToolFormat: 'openai-style',
+ reasoningCapabilities: false,
+ },
+ 'rainymodel-standard': {
+ contextWindow: 128_000,
+ reservedOutputTokenSpace: 8_192,
+ cost: { input: 0, output: 0 },
+ downloadable: false,
+ supportsFIM: false,
+ supportsSystemMessage: 'system-role',
+ specialToolFormat: 'openai-style',
+ reasoningCapabilities: false,
+ },
+ 'rainymodel-lite': {
+ contextWindow: 64_000,
+ reservedOutputTokenSpace: 4_096,
+ cost: { input: 0, output: 0 },
+ downloadable: false,
+ supportsFIM: false,
+ supportsSystemMessage: 'system-role',
+ specialToolFormat: 'openai-style',
+ reasoningCapabilities: false,
+ },
+} as const satisfies { [s: string]: VoidStaticModelInfo }
+
+const orcestAISettings: VoidStaticProviderInfo = {
+ modelOptions: orcestAIModelOptions,
+ modelOptionsFallback: (modelName) => {
+ // For non-RainyModel models served through the aggregator, use the extensive fallback
+ return extensiveModelOptionsFallback(modelName)
+ },
+ providerReasoningIOSettings: {
+ input: { includeInPayload: openAICompatIncludeInPayloadReasoning },
+ },
+}
+
+
// ---------------- model settings of everything above ----------------
const modelSettingsOfProvider: { [providerName in ProviderName]: VoidStaticProviderInfo } = {
@@ -1465,6 +1526,7 @@ const modelSettingsOfProvider: { [providerName in ProviderName]: VoidStaticProvi
googleVertex: googleVertexSettings,
microsoftAzure: microsoftAzureSettings,
awsBedrock: awsBedrockSettings,
+ orcestAI: orcestAISettings,
} as const
diff --git a/src/vs/workbench/contrib/void/common/orcideCollaborationService.ts b/src/vs/workbench/contrib/void/common/orcideCollaborationService.ts
new file mode 100644
index 00000000..919c85e3
--- /dev/null
+++ b/src/vs/workbench/contrib/void/common/orcideCollaborationService.ts
@@ -0,0 +1,391 @@
+/*--------------------------------------------------------------------------------------
+ * Copyright 2025 Orcest AI. All rights reserved.
+ * Licensed under the MIT License. See LICENSE.txt for more information.
+ *--------------------------------------------------------------------------------------*/
+
+import { Emitter, Event } from '../../../../base/common/event.js';
+import { Disposable } from '../../../../base/common/lifecycle.js';
+import { createDecorator } from '../../../../platform/instantiation/common/instantiation.js';
+import { registerSingleton, InstantiationType } from '../../../../platform/instantiation/common/extensions.js';
+import { IStorageService, StorageScope, StorageTarget } from '../../../../platform/storage/common/storage.js';
+import { generateUuid } from '../../../../base/common/uuid.js';
+
+const ORCIDE_SHARES_KEY = 'orcide.sharedResources'
+const ORCIDE_TEAM_KEY = 'orcide.teamMembers'
+const ORCIDE_INVITATIONS_KEY = 'orcide.invitations'
+
+export type SharePermission = 'view' | 'edit' | 'admin';
+
+export type SharedResource = {
+ id: string;
+ type: 'project' | 'repository' | 'workspace' | 'file' | 'snippet' | 'chat-thread' | 'model-config' | 'mcp-server';
+ name: string;
+ description?: string;
+ ownerId: string;
+ ownerEmail: string;
+ sharedWith: SharedUser[];
+ createdAt: number;
+ updatedAt: number;
+ resourceUri?: string;
+ metadata?: Record;
+}
+
+export type SharedUser = {
+ userId: string;
+ email: string;
+ name: string;
+ permission: SharePermission;
+ addedAt: number;
+ addedBy: string;
+}
+
+export type TeamMember = {
+ userId: string;
+ email: string;
+ name: string;
+ role: 'owner' | 'admin' | 'member' | 'viewer';
+ joinedAt: number;
+ lastActive: number;
+ status: 'active' | 'invited' | 'suspended';
+}
+
+export type Invitation = {
+ id: string;
+ email: string;
+ role: 'admin' | 'member' | 'viewer';
+ invitedBy: string;
+ invitedByEmail: string;
+ createdAt: number;
+ expiresAt: number;
+ status: 'pending' | 'accepted' | 'declined' | 'expired';
+ resourceId?: string;
+ permission?: SharePermission;
+}
+
+export type CollaborationState = {
+ sharedResources: SharedResource[];
+ teamMembers: TeamMember[];
+ pendingInvitations: Invitation[];
+ isTeamOwner: boolean;
+}
+
+export interface IOrcideCollaborationService {
+ readonly _serviceBrand: undefined;
+ readonly state: CollaborationState;
+ onDidChangeState: Event;
+ onDidShareResource: Event;
+ onDidReceiveInvitation: Event;
+
+ // Resource sharing
+ shareResource(resource: Omit): Promise;
+ unshareResource(resourceId: string): Promise;
+ updateResourcePermission(resourceId: string, userId: string, permission: SharePermission): Promise;
+ removeUserFromResource(resourceId: string, userId: string): Promise;
+ getSharedResources(): SharedResource[];
+ getResourcesSharedWithMe(myUserId: string): SharedResource[];
+ getResourcesSharedByMe(myUserId: string): SharedResource[];
+
+ // Team management
+ inviteTeamMember(email: string, role: TeamMember['role']): Promise;
+ removeTeamMember(userId: string): Promise;
+ updateTeamMemberRole(userId: string, role: TeamMember['role']): Promise;
+ getTeamMembers(): TeamMember[];
+
+ // Invitations
+ acceptInvitation(invitationId: string): Promise;
+ declineInvitation(invitationId: string): Promise;
+ getPendingInvitations(): Invitation[];
+ revokeInvitation(invitationId: string): Promise;
+
+ // Workspace sharing
+ shareWorkspace(workspaceName: string, userIds: string[], permission: SharePermission): Promise;
+ shareChatThread(threadId: string, threadName: string, userIds: string[]): Promise;
+ shareModelConfig(configName: string, providerSettings: Record, userIds: string[]): Promise;
+}
+
+export const IOrcideCollaborationService = createDecorator('orcideCollaborationService');
+
+
+class OrcideCollaborationService extends Disposable implements IOrcideCollaborationService {
+ readonly _serviceBrand: undefined;
+
+ private _state: CollaborationState;
+
+ private readonly _onDidChangeState = this._register(new Emitter());
+ readonly onDidChangeState: Event = this._onDidChangeState.event;
+
+ private readonly _onDidShareResource = this._register(new Emitter());
+ readonly onDidShareResource: Event = this._onDidShareResource.event;
+
+ private readonly _onDidReceiveInvitation = this._register(new Emitter());
+ readonly onDidReceiveInvitation: Event = this._onDidReceiveInvitation.event;
+
+ get state(): CollaborationState {
+ return this._state;
+ }
+
+ constructor(
+ @IStorageService private readonly storageService: IStorageService,
+ ) {
+ super();
+ this._state = {
+ sharedResources: [],
+ teamMembers: [],
+ pendingInvitations: [],
+ isTeamOwner: false,
+ };
+ this._loadFromStorage();
+ }
+
+ private _loadFromStorage(): void {
+ const sharesStr = this.storageService.get(ORCIDE_SHARES_KEY, StorageScope.APPLICATION);
+ if (sharesStr) {
+ try { this._state.sharedResources = JSON.parse(sharesStr); } catch { /* ignore */ }
+ }
+
+ const teamStr = this.storageService.get(ORCIDE_TEAM_KEY, StorageScope.APPLICATION);
+ if (teamStr) {
+ try { this._state.teamMembers = JSON.parse(teamStr); } catch { /* ignore */ }
+ }
+
+ const invitesStr = this.storageService.get(ORCIDE_INVITATIONS_KEY, StorageScope.APPLICATION);
+ if (invitesStr) {
+ try { this._state.pendingInvitations = JSON.parse(invitesStr); } catch { /* ignore */ }
+ }
+
+ this._onDidChangeState.fire();
+ }
+
+ private _saveSharedResources(): void {
+ this.storageService.store(ORCIDE_SHARES_KEY, JSON.stringify(this._state.sharedResources), StorageScope.APPLICATION, StorageTarget.USER);
+ }
+
+ private _saveTeamMembers(): void {
+ this.storageService.store(ORCIDE_TEAM_KEY, JSON.stringify(this._state.teamMembers), StorageScope.APPLICATION, StorageTarget.USER);
+ }
+
+ private _saveInvitations(): void {
+ this.storageService.store(ORCIDE_INVITATIONS_KEY, JSON.stringify(this._state.pendingInvitations), StorageScope.APPLICATION, StorageTarget.USER);
+ }
+
+ // Resource Sharing
+
+ async shareResource(resource: Omit): Promise {
+ const now = Date.now();
+ const newResource: SharedResource = {
+ ...resource,
+ id: generateUuid(),
+ createdAt: now,
+ updatedAt: now,
+ };
+ this._state = {
+ ...this._state,
+ sharedResources: [...this._state.sharedResources, newResource],
+ };
+ this._saveSharedResources();
+ this._onDidShareResource.fire(newResource);
+ this._onDidChangeState.fire();
+ return newResource;
+ }
+
+ async unshareResource(resourceId: string): Promise {
+ this._state = {
+ ...this._state,
+ sharedResources: this._state.sharedResources.filter(r => r.id !== resourceId),
+ };
+ this._saveSharedResources();
+ this._onDidChangeState.fire();
+ }
+
+ async updateResourcePermission(resourceId: string, userId: string, permission: SharePermission): Promise {
+ const resources = this._state.sharedResources.map(r => {
+ if (r.id !== resourceId) return r;
+ return {
+ ...r,
+ updatedAt: Date.now(),
+ sharedWith: r.sharedWith.map(u =>
+ u.userId === userId ? { ...u, permission } : u
+ ),
+ };
+ });
+ this._state = { ...this._state, sharedResources: resources };
+ this._saveSharedResources();
+ this._onDidChangeState.fire();
+ }
+
+ async removeUserFromResource(resourceId: string, userId: string): Promise {
+ const resources = this._state.sharedResources.map(r => {
+ if (r.id !== resourceId) return r;
+ return {
+ ...r,
+ updatedAt: Date.now(),
+ sharedWith: r.sharedWith.filter(u => u.userId !== userId),
+ };
+ });
+ this._state = { ...this._state, sharedResources: resources };
+ this._saveSharedResources();
+ this._onDidChangeState.fire();
+ }
+
+ getSharedResources(): SharedResource[] {
+ return this._state.sharedResources;
+ }
+
+ getResourcesSharedWithMe(myUserId: string): SharedResource[] {
+ return this._state.sharedResources.filter(r =>
+ r.ownerId !== myUserId && r.sharedWith.some(u => u.userId === myUserId)
+ );
+ }
+
+ getResourcesSharedByMe(myUserId: string): SharedResource[] {
+ return this._state.sharedResources.filter(r =>
+ r.ownerId === myUserId && r.sharedWith.length > 0
+ );
+ }
+
+ // Team Management
+
+ async inviteTeamMember(email: string, role: TeamMember['role']): Promise {
+ const now = Date.now();
+ const invitation: Invitation = {
+ id: generateUuid(),
+ email,
+ role: role === 'owner' ? 'admin' : role as 'admin' | 'member' | 'viewer',
+ invitedBy: '', // populated by caller
+ invitedByEmail: '',
+ createdAt: now,
+ expiresAt: now + (7 * 24 * 60 * 60 * 1000), // 7 days
+ status: 'pending',
+ };
+ this._state = {
+ ...this._state,
+ pendingInvitations: [...this._state.pendingInvitations, invitation],
+ };
+ this._saveInvitations();
+ this._onDidReceiveInvitation.fire(invitation);
+ this._onDidChangeState.fire();
+ return invitation;
+ }
+
+ async removeTeamMember(userId: string): Promise {
+ this._state = {
+ ...this._state,
+ teamMembers: this._state.teamMembers.filter(m => m.userId !== userId),
+ };
+ this._saveTeamMembers();
+ this._onDidChangeState.fire();
+ }
+
+ async updateTeamMemberRole(userId: string, role: TeamMember['role']): Promise {
+ const members = this._state.teamMembers.map(m =>
+ m.userId === userId ? { ...m, role } : m
+ );
+ this._state = { ...this._state, teamMembers: members };
+ this._saveTeamMembers();
+ this._onDidChangeState.fire();
+ }
+
+ getTeamMembers(): TeamMember[] {
+ return this._state.teamMembers;
+ }
+
+ // Invitations
+
+ async acceptInvitation(invitationId: string): Promise {
+ this._state = {
+ ...this._state,
+ pendingInvitations: this._state.pendingInvitations.map(inv =>
+ inv.id === invitationId ? { ...inv, status: 'accepted' as const } : inv
+ ),
+ };
+ this._saveInvitations();
+ this._onDidChangeState.fire();
+ }
+
+ async declineInvitation(invitationId: string): Promise {
+ this._state = {
+ ...this._state,
+ pendingInvitations: this._state.pendingInvitations.map(inv =>
+ inv.id === invitationId ? { ...inv, status: 'declined' as const } : inv
+ ),
+ };
+ this._saveInvitations();
+ this._onDidChangeState.fire();
+ }
+
+ getPendingInvitations(): Invitation[] {
+ const now = Date.now();
+ return this._state.pendingInvitations.filter(inv =>
+ inv.status === 'pending' && inv.expiresAt > now
+ );
+ }
+
+ async revokeInvitation(invitationId: string): Promise {
+ this._state = {
+ ...this._state,
+ pendingInvitations: this._state.pendingInvitations.filter(inv => inv.id !== invitationId),
+ };
+ this._saveInvitations();
+ this._onDidChangeState.fire();
+ }
+
+ // Convenience methods for sharing specific resource types
+
+ async shareWorkspace(workspaceName: string, userIds: string[], permission: SharePermission): Promise {
+ const sharedUsers: SharedUser[] = userIds.map(userId => ({
+ userId,
+ email: '',
+ name: '',
+ permission,
+ addedAt: Date.now(),
+ addedBy: '',
+ }));
+ return this.shareResource({
+ type: 'workspace',
+ name: workspaceName,
+ ownerId: '',
+ ownerEmail: '',
+ sharedWith: sharedUsers,
+ });
+ }
+
+ async shareChatThread(threadId: string, threadName: string, userIds: string[]): Promise {
+ const sharedUsers: SharedUser[] = userIds.map(userId => ({
+ userId,
+ email: '',
+ name: '',
+ permission: 'view' as SharePermission,
+ addedAt: Date.now(),
+ addedBy: '',
+ }));
+ return this.shareResource({
+ type: 'chat-thread',
+ name: threadName,
+ ownerId: '',
+ ownerEmail: '',
+ sharedWith: sharedUsers,
+ resourceUri: threadId,
+ });
+ }
+
+ async shareModelConfig(configName: string, providerSettings: Record, userIds: string[]): Promise {
+ const sharedUsers: SharedUser[] = userIds.map(userId => ({
+ userId,
+ email: '',
+ name: '',
+ permission: 'view' as SharePermission,
+ addedAt: Date.now(),
+ addedBy: '',
+ }));
+ return this.shareResource({
+ type: 'model-config',
+ name: configName,
+ ownerId: '',
+ ownerEmail: '',
+ sharedWith: sharedUsers,
+ metadata: providerSettings,
+ });
+ }
+}
+
+registerSingleton(IOrcideCollaborationService, OrcideCollaborationService, InstantiationType.Eager);
diff --git a/src/vs/workbench/contrib/void/common/orcideSSOService.ts b/src/vs/workbench/contrib/void/common/orcideSSOService.ts
new file mode 100644
index 00000000..2d56aeab
--- /dev/null
+++ b/src/vs/workbench/contrib/void/common/orcideSSOService.ts
@@ -0,0 +1,698 @@
+/*--------------------------------------------------------------------------------------
+ * Copyright 2025 Orcest. All rights reserved.
+ * Licensed under the Apache License, Version 2.0. See LICENSE.txt for more information.
+ *--------------------------------------------------------------------------------------*/
+
+import { Emitter, Event } from '../../../../base/common/event.js';
+import { Disposable } from '../../../../base/common/lifecycle.js';
+import { IEncryptionService } from '../../../../platform/encryption/common/encryptionService.js';
+import { registerSingleton, InstantiationType } from '../../../../platform/instantiation/common/extensions.js';
+import { createDecorator } from '../../../../platform/instantiation/common/instantiation.js';
+import { IStorageService, StorageScope, StorageTarget } from '../../../../platform/storage/common/storage.js';
+
+
+// ─── SSO Configuration ──────────────────────────────────────────────────────────
+
+export const ORCIDE_SSO_CONFIG = {
+ issuer: 'https://login.orcest.ai',
+ clientId: 'orcide',
+ authorizationEndpoint: 'https://login.orcest.ai/oauth2/authorize',
+ tokenEndpoint: 'https://login.orcest.ai/oauth2/token',
+ userInfoEndpoint: 'https://login.orcest.ai/oauth2/userinfo',
+ jwksUri: 'https://login.orcest.ai/oauth2/jwks',
+ redirectUri: 'https://ide.orcest.ai/auth/callback',
+ scopes: 'openid profile email',
+ logoutEndpoint: 'https://login.orcest.ai/oauth2/logout',
+ endSessionEndpoint: 'https://login.orcest.ai/oauth2/logout',
+} as const;
+
+export const ORCIDE_SSO_STORAGE_KEY = 'orcide.ssoSessionState';
+export const ORCIDE_SSO_PKCE_STORAGE_KEY = 'orcide.ssoPKCEState';
+
+// Refresh tokens 5 minutes before they expire
+const TOKEN_REFRESH_BUFFER_MS = 5 * 60 * 1000;
+
+// Minimum interval between refresh attempts to avoid hammering the server
+const MIN_REFRESH_INTERVAL_MS = 30 * 1000;
+
+// Maximum number of consecutive refresh failures before forcing logout
+const MAX_REFRESH_FAILURES = 3;
+
+
+// ─── Types ──────────────────────────────────────────────────────────────────────
+
+export type SSOUserProfile = {
+ id: string;
+ email: string;
+ name: string;
+ role: string;
+ avatar?: string;
+};
+
+export type SSOState = {
+ isAuthenticated: boolean;
+ user: SSOUserProfile | null;
+ accessToken: string | null;
+ refreshToken: string | null;
+ idToken: string | null;
+ expiresAt: number | null;
+};
+
+export type SSOTokenResponse = {
+ access_token: string;
+ refresh_token?: string;
+ expires_in: number;
+ token_type: string;
+ id_token?: string;
+ scope?: string;
+};
+
+export type SSOUserInfoResponse = {
+ sub: string;
+ email?: string;
+ email_verified?: boolean;
+ name?: string;
+ preferred_username?: string;
+ given_name?: string;
+ family_name?: string;
+ picture?: string;
+ role?: string;
+ roles?: string[];
+ groups?: string[];
+};
+
+export type PKCEState = {
+ codeVerifier: string;
+ state: string;
+ nonce: string;
+ createdAt: number;
+};
+
+
+// ─── Service Interface ──────────────────────────────────────────────────────────
+
+export interface IOrcideSSOService {
+ readonly _serviceBrand: undefined;
+ readonly state: SSOState;
+ readonly waitForInitState: Promise;
+
+ onDidChangeState: Event;
+
+ login(): Promise;
+ logout(): Promise;
+ getAccessToken(): Promise;
+ getUserProfile(): SSOUserProfile | null;
+ isAuthenticated(): boolean;
+ refreshToken(): Promise;
+
+ /**
+ * Called by the browser-side service when the authorization callback is received.
+ * Exchanges the authorization code for tokens and updates the session.
+ */
+ handleAuthorizationCallback(code: string, returnedState: string): Promise;
+
+ /**
+ * Retrieves the stored PKCE state for the current login flow.
+ * Used by the browser-side service to validate callbacks.
+ */
+ getPendingPKCEState(): PKCEState | null;
+}
+
+
+// ─── Helpers ────────────────────────────────────────────────────────────────────
+
+/**
+ * Generates a cryptographically random string for use as PKCE code verifier,
+ * state parameter, or nonce.
+ */
+function generateRandomString(length: number): string {
+ const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~';
+ const array = new Uint8Array(length);
+ crypto.getRandomValues(array);
+ let result = '';
+ for (let i = 0; i < length; i++) {
+ result += chars[array[i] % chars.length];
+ }
+ return result;
+}
+
+/**
+ * Creates a SHA-256 hash of the input string and returns it as a base64url-encoded string.
+ * Used for PKCE code_challenge.
+ */
+async function sha256Base64Url(input: string): Promise {
+ const encoder = new TextEncoder();
+ const data = encoder.encode(input);
+ const hashBuffer = await crypto.subtle.digest('SHA-256', data);
+ const hashArray = new Uint8Array(hashBuffer);
+ let binary = '';
+ for (let i = 0; i < hashArray.length; i++) {
+ binary += String.fromCharCode(hashArray[i]);
+ }
+ return btoa(binary)
+ .replace(/\+/g, '-')
+ .replace(/\//g, '_')
+ .replace(/=+$/, '');
+}
+
+/**
+ * Parses a JWT token and returns the payload. Does NOT verify the signature;
+ * signature verification should be done server-side or using the JWKS endpoint.
+ */
+function parseJwtPayload(token: string): Record | null {
+ try {
+ const parts = token.split('.');
+ if (parts.length !== 3) {
+ return null;
+ }
+ const payload = parts[1];
+ const padded = payload + '='.repeat((4 - payload.length % 4) % 4);
+ const decoded = atob(padded.replace(/-/g, '+').replace(/_/g, '/'));
+ return JSON.parse(decoded);
+ } catch {
+ return null;
+ }
+}
+
+
+// ─── Default State ──────────────────────────────────────────────────────────────
+
+const defaultSSOState = (): SSOState => ({
+ isAuthenticated: false,
+ user: null,
+ accessToken: null,
+ refreshToken: null,
+ idToken: null,
+ expiresAt: null,
+});
+
+
+// ─── Service Decorator ──────────────────────────────────────────────────────────
+
+export const IOrcideSSOService = createDecorator('OrcideSSOService');
+
+
+// ─── Service Implementation ─────────────────────────────────────────────────────
+
+class OrcideSSOService extends Disposable implements IOrcideSSOService {
+ _serviceBrand: undefined;
+
+ private readonly _onDidChangeState = new Emitter();
+ readonly onDidChangeState: Event = this._onDidChangeState.event;
+
+ state: SSOState;
+
+ private readonly _resolver: () => void;
+ waitForInitState: Promise;
+
+ private _refreshTimer: ReturnType | null = null;
+ private _lastRefreshAttempt: number = 0;
+ private _consecutiveRefreshFailures: number = 0;
+
+ // PKCE state stored transiently during login flow
+ private _pendingPKCEState: PKCEState | null = null;
+
+ constructor(
+ @IStorageService private readonly _storageService: IStorageService,
+ @IEncryptionService private readonly _encryptionService: IEncryptionService,
+ ) {
+ super();
+
+ this.state = defaultSSOState();
+ let resolver: () => void = () => { };
+ this.waitForInitState = new Promise((res) => resolver = res);
+ this._resolver = resolver;
+
+ this._readAndInitializeState();
+ }
+
+
+ // ── Initialization ─────────────────────────────────────────────────────────
+
+ private async _readAndInitializeState(): Promise {
+ try {
+ const stored = await this._readState();
+ if (stored && stored.accessToken) {
+ this.state = stored;
+
+ // Ensure idToken field exists for sessions stored before this field was added
+ if (this.state.idToken === undefined) {
+ this.state = { ...this.state, idToken: null };
+ }
+
+ // If the token is expired or about to expire, attempt a refresh
+ if (this._isTokenExpiredOrExpiring()) {
+ const refreshed = await this.refreshToken();
+ if (!refreshed) {
+ // Token refresh failed, clear the session
+ this.state = defaultSSOState();
+ }
+ } else {
+ this._scheduleTokenRefresh();
+ }
+ }
+ } catch (e) {
+ console.error('[OrcideSSOService] Failed to read stored state:', e);
+ this.state = defaultSSOState();
+ }
+
+ // Also try to restore any pending PKCE state (e.g., if the user was in the
+ // middle of a login flow when the window was refreshed)
+ try {
+ const pkceStr = this._storageService.get(ORCIDE_SSO_PKCE_STORAGE_KEY, StorageScope.APPLICATION);
+ if (pkceStr) {
+ const pkce = JSON.parse(pkceStr) as PKCEState;
+ // Only restore if PKCE state is less than 10 minutes old
+ const PKCE_MAX_AGE_MS = 10 * 60 * 1000;
+ if (Date.now() - pkce.createdAt < PKCE_MAX_AGE_MS) {
+ this._pendingPKCEState = pkce;
+ } else {
+ // Stale PKCE state; clean it up
+ this._storageService.remove(ORCIDE_SSO_PKCE_STORAGE_KEY, StorageScope.APPLICATION);
+ }
+ }
+ } catch (e) {
+ console.warn('[OrcideSSOService] Failed to restore PKCE state:', e);
+ }
+
+ this._resolver();
+ this._onDidChangeState.fire();
+ }
+
+ private async _readState(): Promise {
+ const encryptedState = this._storageService.get(ORCIDE_SSO_STORAGE_KEY, StorageScope.APPLICATION);
+ if (!encryptedState) {
+ return null;
+ }
+
+ try {
+ const stateStr = await this._encryptionService.decrypt(encryptedState);
+ return JSON.parse(stateStr) as SSOState;
+ } catch (e) {
+ console.error('[OrcideSSOService] Failed to decrypt stored state:', e);
+ return null;
+ }
+ }
+
+ private async _storeState(): Promise {
+ try {
+ const encryptedState = await this._encryptionService.encrypt(JSON.stringify(this.state));
+ this._storageService.store(ORCIDE_SSO_STORAGE_KEY, encryptedState, StorageScope.APPLICATION, StorageTarget.USER);
+ } catch (e) {
+ console.error('[OrcideSSOService] Failed to store state:', e);
+ }
+ }
+
+ private async _clearStoredState(): Promise {
+ this._storageService.remove(ORCIDE_SSO_STORAGE_KEY, StorageScope.APPLICATION);
+ this._storageService.remove(ORCIDE_SSO_PKCE_STORAGE_KEY, StorageScope.APPLICATION);
+ }
+
+ private _storePKCEState(pkce: PKCEState): void {
+ this._storageService.store(
+ ORCIDE_SSO_PKCE_STORAGE_KEY,
+ JSON.stringify(pkce),
+ StorageScope.APPLICATION,
+ StorageTarget.USER
+ );
+ }
+
+ private _clearPKCEState(): void {
+ this._pendingPKCEState = null;
+ this._storageService.remove(ORCIDE_SSO_PKCE_STORAGE_KEY, StorageScope.APPLICATION);
+ }
+
+
+ // ── Login Flow ─────────────────────────────────────────────────────────────
+
+ async login(): Promise {
+ // Generate PKCE parameters
+ const codeVerifier = generateRandomString(64);
+ const codeChallenge = await sha256Base64Url(codeVerifier);
+ const stateParam = generateRandomString(32);
+ const nonce = generateRandomString(32);
+
+ // Store PKCE state for the callback (both in-memory and persisted for
+ // surviving page reloads during the redirect-based login flow)
+ const pkceState: PKCEState = {
+ codeVerifier,
+ state: stateParam,
+ nonce,
+ createdAt: Date.now(),
+ };
+ this._pendingPKCEState = pkceState;
+ this._storePKCEState(pkceState);
+
+ // Build the authorization URL
+ const params = new URLSearchParams({
+ response_type: 'code',
+ client_id: ORCIDE_SSO_CONFIG.clientId,
+ redirect_uri: ORCIDE_SSO_CONFIG.redirectUri,
+ scope: ORCIDE_SSO_CONFIG.scopes,
+ state: stateParam,
+ nonce: nonce,
+ code_challenge: codeChallenge,
+ code_challenge_method: 'S256',
+ });
+
+ const authUrl = `${ORCIDE_SSO_CONFIG.authorizationEndpoint}?${params.toString()}`;
+
+ // Open the authorization URL; browser-side service handles the actual window/redirect
+ this._openAuthorizationUrl(authUrl);
+ }
+
+ /**
+ * Opens the authorization URL. In the common layer this is a no-op;
+ * the browser-side service overrides this to open a popup or redirect.
+ */
+ protected _openAuthorizationUrl(_url: string): void {
+ // No-op in common; overridden in browser service
+ }
+
+ /**
+ * Returns the pending PKCE state for the browser-side service to use
+ * when handling the authorization callback.
+ */
+ getPendingPKCEState(): PKCEState | null {
+ return this._pendingPKCEState;
+ }
+
+ /**
+ * Called by the browser-side service when the authorization callback is received.
+ * Exchanges the authorization code for tokens.
+ */
+ async handleAuthorizationCallback(code: string, returnedState: string): Promise {
+ // Validate the state parameter
+ if (!this._pendingPKCEState || returnedState !== this._pendingPKCEState.state) {
+ console.error('[OrcideSSOService] State mismatch in authorization callback');
+ this._clearPKCEState();
+ throw new Error('Invalid state parameter. Possible CSRF attack.');
+ }
+
+ const codeVerifier = this._pendingPKCEState.codeVerifier;
+ const nonce = this._pendingPKCEState.nonce;
+ this._clearPKCEState();
+
+ // Exchange the authorization code for tokens
+ const tokenResponse = await this._exchangeCodeForTokens(code, codeVerifier);
+
+ // Validate the id_token nonce if present
+ if (tokenResponse.id_token) {
+ const idPayload = parseJwtPayload(tokenResponse.id_token);
+ if (idPayload && idPayload['nonce'] !== nonce) {
+ throw new Error('ID token nonce mismatch. Possible replay attack.');
+ }
+ }
+
+ // Fetch user profile from the UserInfo endpoint
+ const userProfile = await this._fetchUserProfile(tokenResponse.access_token);
+
+ // Update state
+ this.state = {
+ isAuthenticated: true,
+ user: userProfile,
+ accessToken: tokenResponse.access_token,
+ refreshToken: tokenResponse.refresh_token ?? null,
+ idToken: tokenResponse.id_token ?? null,
+ expiresAt: Date.now() + (tokenResponse.expires_in * 1000),
+ };
+
+ this._consecutiveRefreshFailures = 0;
+ await this._storeState();
+ this._scheduleTokenRefresh();
+ this._onDidChangeState.fire();
+ }
+
+ private async _exchangeCodeForTokens(code: string, codeVerifier: string): Promise {
+ const body = new URLSearchParams({
+ grant_type: 'authorization_code',
+ client_id: ORCIDE_SSO_CONFIG.clientId,
+ code: code,
+ redirect_uri: ORCIDE_SSO_CONFIG.redirectUri,
+ code_verifier: codeVerifier,
+ });
+
+ const response = await fetch(ORCIDE_SSO_CONFIG.tokenEndpoint, {
+ method: 'POST',
+ headers: {
+ 'Content-Type': 'application/x-www-form-urlencoded',
+ },
+ body: body.toString(),
+ });
+
+ if (!response.ok) {
+ const errorText = await response.text();
+ throw new Error(`Token exchange failed (${response.status}): ${errorText}`);
+ }
+
+ return response.json() as Promise;
+ }
+
+ private async _fetchUserProfile(accessToken: string): Promise {
+ const response = await fetch(ORCIDE_SSO_CONFIG.userInfoEndpoint, {
+ method: 'GET',
+ headers: {
+ 'Authorization': `Bearer ${accessToken}`,
+ 'Accept': 'application/json',
+ },
+ });
+
+ if (!response.ok) {
+ const errorText = await response.text();
+ throw new Error(`UserInfo request failed (${response.status}): ${errorText}`);
+ }
+
+ const data = await response.json() as SSOUserInfoResponse;
+
+ // Build a display name from available fields
+ let displayName = data.name ?? '';
+ if (!displayName && (data.given_name || data.family_name)) {
+ displayName = [data.given_name, data.family_name].filter(Boolean).join(' ');
+ }
+ if (!displayName) {
+ displayName = data.preferred_username ?? data.email ?? data.sub;
+ }
+
+ // Determine the user's primary role from the various possible fields
+ let role = 'user';
+ if (data.role) {
+ role = data.role;
+ } else if (data.roles && data.roles.length > 0) {
+ role = data.roles[0];
+ } else if (data.groups && data.groups.length > 0) {
+ // Some OIDC providers use groups instead of roles
+ const adminGroups = ['admin', 'admins', 'administrator'];
+ if (data.groups.some(g => adminGroups.includes(g.toLowerCase()))) {
+ role = 'admin';
+ }
+ }
+
+ return {
+ id: data.sub,
+ email: data.email ?? '',
+ name: displayName,
+ role: role,
+ avatar: data.picture,
+ };
+ }
+
+
+ // ── Logout ─────────────────────────────────────────────────────────────────
+
+ async logout(): Promise {
+ this._cancelRefreshTimer();
+ this._consecutiveRefreshFailures = 0;
+
+ const idToken = this.state.idToken;
+ const accessToken = this.state.accessToken;
+
+ // Clear local state first so the UI updates immediately
+ this.state = defaultSSOState();
+ await this._clearStoredState();
+ this._onDidChangeState.fire();
+
+ // Then notify the OIDC provider about the logout (best-effort)
+ if (accessToken || idToken) {
+ try {
+ const params = new URLSearchParams({
+ client_id: ORCIDE_SSO_CONFIG.clientId,
+ });
+ if (idToken) {
+ params.set('id_token_hint', idToken);
+ }
+ if (accessToken) {
+ params.set('token', accessToken);
+ }
+ await fetch(`${ORCIDE_SSO_CONFIG.logoutEndpoint}?${params.toString()}`, {
+ method: 'GET',
+ mode: 'no-cors',
+ });
+ } catch (e) {
+ // Best-effort logout notification; do not block on failure
+ console.warn('[OrcideSSOService] Failed to notify OIDC provider about logout:', e);
+ }
+ }
+ }
+
+
+ // ── Token Management ───────────────────────────────────────────────────────
+
+ async getAccessToken(): Promise {
+ if (!this.state.isAuthenticated || !this.state.accessToken) {
+ return null;
+ }
+
+ // If token is expired or about to expire, refresh it first
+ if (this._isTokenExpiredOrExpiring()) {
+ const refreshed = await this.refreshToken();
+ if (!refreshed) {
+ return null;
+ }
+ }
+
+ return this.state.accessToken;
+ }
+
+ async refreshToken(): Promise {
+ if (!this.state.refreshToken) {
+ return false;
+ }
+
+ // Throttle refresh attempts
+ const now = Date.now();
+ if (now - this._lastRefreshAttempt < MIN_REFRESH_INTERVAL_MS) {
+ return this.state.isAuthenticated;
+ }
+ this._lastRefreshAttempt = now;
+
+ try {
+ const body = new URLSearchParams({
+ grant_type: 'refresh_token',
+ client_id: ORCIDE_SSO_CONFIG.clientId,
+ refresh_token: this.state.refreshToken,
+ });
+
+ const response = await fetch(ORCIDE_SSO_CONFIG.tokenEndpoint, {
+ method: 'POST',
+ headers: {
+ 'Content-Type': 'application/x-www-form-urlencoded',
+ },
+ body: body.toString(),
+ });
+
+ if (!response.ok) {
+ this._consecutiveRefreshFailures++;
+ console.error(`[OrcideSSOService] Token refresh failed (${response.status}), attempt ${this._consecutiveRefreshFailures}/${MAX_REFRESH_FAILURES}`);
+
+ // If refresh fails with 401/403, or we've exceeded max retries, session is invalid
+ if (response.status === 401 || response.status === 403 || this._consecutiveRefreshFailures >= MAX_REFRESH_FAILURES) {
+ console.error('[OrcideSSOService] Session invalidated after refresh failure');
+ await this.logout();
+ }
+ return false;
+ }
+
+ const tokenResponse = await response.json() as SSOTokenResponse;
+
+ // Re-fetch user profile in case it changed (roles, name, etc.)
+ let userProfile = this.state.user;
+ try {
+ userProfile = await this._fetchUserProfile(tokenResponse.access_token);
+ } catch (e) {
+ // Keep existing user profile if re-fetch fails
+ console.warn('[OrcideSSOService] Failed to refresh user profile:', e);
+ }
+
+ this.state = {
+ isAuthenticated: true,
+ user: userProfile,
+ accessToken: tokenResponse.access_token,
+ refreshToken: tokenResponse.refresh_token ?? this.state.refreshToken,
+ idToken: tokenResponse.id_token ?? this.state.idToken,
+ expiresAt: Date.now() + (tokenResponse.expires_in * 1000),
+ };
+
+ this._consecutiveRefreshFailures = 0;
+ await this._storeState();
+ this._scheduleTokenRefresh();
+ this._onDidChangeState.fire();
+
+ return true;
+ } catch (e) {
+ this._consecutiveRefreshFailures++;
+ console.error(`[OrcideSSOService] Token refresh error (attempt ${this._consecutiveRefreshFailures}/${MAX_REFRESH_FAILURES}):`, e);
+
+ if (this._consecutiveRefreshFailures >= MAX_REFRESH_FAILURES) {
+ console.error('[OrcideSSOService] Max refresh retries exceeded, logging out');
+ await this.logout();
+ }
+ return false;
+ }
+ }
+
+ getUserProfile(): SSOUserProfile | null {
+ return this.state.user;
+ }
+
+ isAuthenticated(): boolean {
+ if (!this.state.isAuthenticated || !this.state.accessToken) {
+ return false;
+ }
+
+ // Check if the token has fully expired (past the refresh buffer)
+ if (this.state.expiresAt !== null && Date.now() > this.state.expiresAt) {
+ return false;
+ }
+
+ return true;
+ }
+
+
+ // ── Auto-Refresh Scheduling ────────────────────────────────────────────────
+
+ private _isTokenExpiredOrExpiring(): boolean {
+ if (this.state.expiresAt === null) {
+ return false;
+ }
+ return Date.now() >= (this.state.expiresAt - TOKEN_REFRESH_BUFFER_MS);
+ }
+
+ private _scheduleTokenRefresh(): void {
+ this._cancelRefreshTimer();
+
+ if (!this.state.expiresAt || !this.state.refreshToken) {
+ return;
+ }
+
+ const timeUntilRefresh = this.state.expiresAt - Date.now() - TOKEN_REFRESH_BUFFER_MS;
+ const delay = Math.max(timeUntilRefresh, MIN_REFRESH_INTERVAL_MS);
+
+ this._refreshTimer = setTimeout(async () => {
+ const success = await this.refreshToken();
+ if (!success) {
+ console.warn('[OrcideSSOService] Scheduled token refresh failed');
+ }
+ }, delay);
+ }
+
+ private _cancelRefreshTimer(): void {
+ if (this._refreshTimer !== null) {
+ clearTimeout(this._refreshTimer);
+ this._refreshTimer = null;
+ }
+ }
+
+
+ // ── Cleanup ────────────────────────────────────────────────────────────────
+
+ override dispose(): void {
+ this._cancelRefreshTimer();
+ this._onDidChangeState.dispose();
+ super.dispose();
+ }
+}
+
+
+// ─── Registration ───────────────────────────────────────────────────────────────
+
+registerSingleton(IOrcideSSOService, OrcideSSOService, InstantiationType.Eager);
diff --git a/src/vs/workbench/contrib/void/common/orcideUserProfileService.ts b/src/vs/workbench/contrib/void/common/orcideUserProfileService.ts
new file mode 100644
index 00000000..d49cf568
--- /dev/null
+++ b/src/vs/workbench/contrib/void/common/orcideUserProfileService.ts
@@ -0,0 +1,296 @@
+/*--------------------------------------------------------------------------------------
+ * Copyright 2025 Orcest AI. All rights reserved.
+ * Licensed under the MIT License. See LICENSE.txt for more information.
+ *--------------------------------------------------------------------------------------*/
+
+import { Emitter, Event } from '../../../../base/common/event.js';
+import { Disposable } from '../../../../base/common/lifecycle.js';
+import { createDecorator } from '../../../../platform/instantiation/common/instantiation.js';
+import { registerSingleton, InstantiationType } from '../../../../platform/instantiation/common/extensions.js';
+import { IStorageService, StorageScope, StorageTarget } from '../../../../platform/storage/common/storage.js';
+import { isWeb } from '../../../../base/common/platform.js';
+
+const ORCIDE_USER_PROFILE_KEY = 'orcide.userProfile'
+const ORCIDE_USER_PREFERENCES_KEY = 'orcide.userPreferences'
+const ORCIDE_USER_REPOS_KEY = 'orcide.userRepositories'
+
+export type OrcideUserProfile = {
+ id: string;
+ email: string;
+ name: string;
+ role: 'admin' | 'developer' | 'researcher' | 'viewer';
+ avatar?: string;
+ organization?: string;
+ lastLogin: number;
+ createdAt: number;
+}
+
+export type OrcideUserPreferences = {
+ theme: string;
+ language: string;
+ fontSize: number;
+ defaultModel: string | null;
+ autoSave: boolean;
+ showWelcome: boolean;
+ sidebarPosition: 'left' | 'right';
+ terminalFont: string;
+ enableTelemetry: boolean;
+ collaborationEnabled: boolean;
+}
+
+export type OrcideRepository = {
+ id: string;
+ name: string;
+ url: string;
+ isPrivate: boolean;
+ createdAt: number;
+ lastAccessed: number;
+ sharedWith: string[]; // user IDs
+ owner: string; // user ID
+}
+
+export type OrcideUserSession = {
+ sessionId: string;
+ userId: string;
+ startedAt: number;
+ lastActivity: number;
+ deviceInfo: string;
+ ipAddress?: string;
+}
+
+export type UserProfileState = {
+ profile: OrcideUserProfile | null;
+ preferences: OrcideUserPreferences;
+ repositories: OrcideRepository[];
+ activeSessions: OrcideUserSession[];
+ isLoaded: boolean;
+}
+
+const defaultPreferences: OrcideUserPreferences = {
+ theme: 'dark',
+ language: 'en',
+ fontSize: 14,
+ defaultModel: 'rainymodel-pro',
+ autoSave: true,
+ showWelcome: true,
+ sidebarPosition: 'right',
+ terminalFont: 'monospace',
+ enableTelemetry: true,
+ collaborationEnabled: true,
+}
+
+export interface IOrcideUserProfileService {
+ readonly _serviceBrand: undefined;
+ readonly state: UserProfileState;
+ onDidChangeState: Event;
+ onDidChangeProfile: Event;
+
+ setProfile(profile: OrcideUserProfile): Promise;
+ clearProfile(): Promise;
+ getProfile(): OrcideUserProfile | null;
+
+ setPreference(key: K, value: OrcideUserPreferences[K]): Promise;
+ getPreferences(): OrcideUserPreferences;
+ resetPreferences(): Promise;
+
+ addRepository(repo: OrcideRepository): Promise;
+ removeRepository(repoId: string): Promise;
+ getRepositories(): OrcideRepository[];
+ shareRepository(repoId: string, userId: string): Promise;
+ unshareRepository(repoId: string, userId: string): Promise;
+
+ addSession(session: OrcideUserSession): void;
+ removeSession(sessionId: string): void;
+ getActiveSessions(): OrcideUserSession[];
+}
+
+export const IOrcideUserProfileService = createDecorator('orcideUserProfileService');
+
+
+class OrcideUserProfileService extends Disposable implements IOrcideUserProfileService {
+ readonly _serviceBrand: undefined;
+
+ private _state: UserProfileState;
+
+ private readonly _onDidChangeState = this._register(new Emitter());
+ readonly onDidChangeState: Event = this._onDidChangeState.event;
+
+ private readonly _onDidChangeProfile = this._register(new Emitter());
+ readonly onDidChangeProfile: Event = this._onDidChangeProfile.event;
+
+ get state(): UserProfileState {
+ return this._state;
+ }
+
+ constructor(
+ @IStorageService private readonly storageService: IStorageService,
+ ) {
+ super();
+ this._state = {
+ profile: null,
+ preferences: { ...defaultPreferences },
+ repositories: [],
+ activeSessions: [],
+ isLoaded: false,
+ };
+ this._loadFromStorage();
+ }
+
+ private _loadFromStorage(): void {
+ // Load profile
+ const profileStr = this.storageService.get(ORCIDE_USER_PROFILE_KEY, StorageScope.APPLICATION);
+ if (profileStr) {
+ try {
+ this._state.profile = JSON.parse(profileStr);
+ } catch { /* ignore parse errors */ }
+ }
+
+ // Load preferences
+ const prefsStr = this.storageService.get(ORCIDE_USER_PREFERENCES_KEY, StorageScope.APPLICATION);
+ if (prefsStr) {
+ try {
+ const stored = JSON.parse(prefsStr);
+ this._state.preferences = { ...defaultPreferences, ...stored };
+ } catch { /* ignore parse errors */ }
+ }
+
+ // Load repositories
+ const reposStr = this.storageService.get(ORCIDE_USER_REPOS_KEY, StorageScope.APPLICATION);
+ if (reposStr) {
+ try {
+ this._state.repositories = JSON.parse(reposStr);
+ } catch { /* ignore parse errors */ }
+ }
+
+ this._state.isLoaded = true;
+ this._onDidChangeState.fire();
+ }
+
+ private _saveProfile(): void {
+ if (this._state.profile) {
+ this.storageService.store(ORCIDE_USER_PROFILE_KEY, JSON.stringify(this._state.profile), StorageScope.APPLICATION, StorageTarget.USER);
+ } else {
+ this.storageService.remove(ORCIDE_USER_PROFILE_KEY, StorageScope.APPLICATION);
+ }
+ }
+
+ private _savePreferences(): void {
+ this.storageService.store(ORCIDE_USER_PREFERENCES_KEY, JSON.stringify(this._state.preferences), StorageScope.APPLICATION, StorageTarget.USER);
+ }
+
+ private _saveRepositories(): void {
+ this.storageService.store(ORCIDE_USER_REPOS_KEY, JSON.stringify(this._state.repositories), StorageScope.APPLICATION, StorageTarget.USER);
+ }
+
+ async setProfile(profile: OrcideUserProfile): Promise {
+ this._state = { ...this._state, profile };
+ this._saveProfile();
+ this._onDidChangeProfile.fire(profile);
+ this._onDidChangeState.fire();
+ }
+
+ async clearProfile(): Promise {
+ this._state = {
+ ...this._state,
+ profile: null,
+ repositories: [],
+ activeSessions: [],
+ };
+ this._saveProfile();
+ this._saveRepositories();
+ this._onDidChangeState.fire();
+ }
+
+ getProfile(): OrcideUserProfile | null {
+ return this._state.profile;
+ }
+
+ async setPreference(key: K, value: OrcideUserPreferences[K]): Promise {
+ this._state = {
+ ...this._state,
+ preferences: { ...this._state.preferences, [key]: value },
+ };
+ this._savePreferences();
+ this._onDidChangeState.fire();
+ }
+
+ getPreferences(): OrcideUserPreferences {
+ return this._state.preferences;
+ }
+
+ async resetPreferences(): Promise {
+ this._state = {
+ ...this._state,
+ preferences: { ...defaultPreferences },
+ };
+ this._savePreferences();
+ this._onDidChangeState.fire();
+ }
+
+ async addRepository(repo: OrcideRepository): Promise {
+ const existingIdx = this._state.repositories.findIndex(r => r.id === repo.id);
+ const newRepos = [...this._state.repositories];
+ if (existingIdx >= 0) {
+ newRepos[existingIdx] = repo;
+ } else {
+ newRepos.push(repo);
+ }
+ this._state = { ...this._state, repositories: newRepos };
+ this._saveRepositories();
+ this._onDidChangeState.fire();
+ }
+
+ async removeRepository(repoId: string): Promise {
+ this._state = {
+ ...this._state,
+ repositories: this._state.repositories.filter(r => r.id !== repoId),
+ };
+ this._saveRepositories();
+ this._onDidChangeState.fire();
+ }
+
+ getRepositories(): OrcideRepository[] {
+ return this._state.repositories;
+ }
+
+ async shareRepository(repoId: string, userId: string): Promise {
+ const repo = this._state.repositories.find(r => r.id === repoId);
+ if (!repo) return;
+ if (repo.sharedWith.includes(userId)) return;
+ const updatedRepo: OrcideRepository = {
+ ...repo,
+ sharedWith: [...repo.sharedWith, userId],
+ };
+ await this.addRepository(updatedRepo);
+ }
+
+ async unshareRepository(repoId: string, userId: string): Promise {
+ const repo = this._state.repositories.find(r => r.id === repoId);
+ if (!repo) return;
+ const updatedRepo: OrcideRepository = {
+ ...repo,
+ sharedWith: repo.sharedWith.filter(id => id !== userId),
+ };
+ await this.addRepository(updatedRepo);
+ }
+
+ addSession(session: OrcideUserSession): void {
+ const newSessions = [...this._state.activeSessions, session];
+ this._state = { ...this._state, activeSessions: newSessions };
+ this._onDidChangeState.fire();
+ }
+
+ removeSession(sessionId: string): void {
+ this._state = {
+ ...this._state,
+ activeSessions: this._state.activeSessions.filter(s => s.sessionId !== sessionId),
+ };
+ this._onDidChangeState.fire();
+ }
+
+ getActiveSessions(): OrcideUserSession[] {
+ return this._state.activeSessions;
+ }
+}
+
+registerSingleton(IOrcideUserProfileService, OrcideUserProfileService, InstantiationType.Eager);
diff --git a/src/vs/workbench/contrib/void/common/sendLLMMessageService.ts b/src/vs/workbench/contrib/void/common/sendLLMMessageService.ts
index fd13cac2..3132934a 100644
--- a/src/vs/workbench/contrib/void/common/sendLLMMessageService.ts
+++ b/src/vs/workbench/contrib/void/common/sendLLMMessageService.ts
@@ -206,6 +206,7 @@ if (!isWeb) {
groq: 'https://api.groq.com/openai/v1',
xAI: 'https://api.x.ai/v1',
mistral: 'https://api.mistral.ai/v1',
+ orcestAI: 'https://rm.orcest.ai/v1',
};
class LLMMessageServiceWeb extends Disposable implements ILLMMessageService {
diff --git a/src/vs/workbench/contrib/void/common/storageKeys.ts b/src/vs/workbench/contrib/void/common/storageKeys.ts
index b23d7ffb..17871623 100644
--- a/src/vs/workbench/contrib/void/common/storageKeys.ts
+++ b/src/vs/workbench/contrib/void/common/storageKeys.ts
@@ -1,23 +1,25 @@
/*--------------------------------------------------------------------------------------
- * Copyright 2025 Glass Devtools, Inc. All rights reserved.
- * Licensed under the Apache License, Version 2.0. See LICENSE.txt for more information.
+ * Copyright 2025 Orcest AI. All rights reserved.
+ * Licensed under the MIT License. See LICENSE.txt for more information.
*--------------------------------------------------------------------------------------*/
// past values:
// 'void.settingsServiceStorage'
// 'void.settingsServiceStorageI' // 1.0.2
+// 'void.settingsServiceStorageII' // 1.0.3
-// 1.0.3
-export const VOID_SETTINGS_STORAGE_KEY = 'void.settingsServiceStorageII'
+// 2.0.0 - Orcide rebrand
+export const VOID_SETTINGS_STORAGE_KEY = 'orcide.settingsServiceStorage'
// past values:
// 'void.chatThreadStorage'
// 'void.chatThreadStorageI' // 1.0.2
+// 'void.chatThreadStorageII' // 1.0.3
-// 1.0.3
-export const THREAD_STORAGE_KEY = 'void.chatThreadStorageII'
+// 2.0.0 - Orcide rebrand
+export const THREAD_STORAGE_KEY = 'orcide.chatThreadStorage'
-export const OPT_OUT_KEY = 'void.app.optOutAll'
+export const OPT_OUT_KEY = 'orcide.app.optOutAll'
diff --git a/src/vs/workbench/contrib/void/common/voidSettingsTypes.ts b/src/vs/workbench/contrib/void/common/voidSettingsTypes.ts
index 38497c60..a093517a 100644
--- a/src/vs/workbench/contrib/void/common/voidSettingsTypes.ts
+++ b/src/vs/workbench/contrib/void/common/voidSettingsTypes.ts
@@ -106,6 +106,9 @@ export const displayInfoOfProviderName = (providerName: ProviderName): DisplayIn
else if (providerName === 'awsBedrock') {
return { title: 'AWS Bedrock', }
}
+ else if (providerName === 'orcestAI') {
+ return { title: 'Orcest AI (RainyModel)', }
+ }
throw new Error(`descOfProviderName: Unknown provider name: "${providerName}"`)
}
@@ -120,14 +123,15 @@ export const subTextMdOfProviderName = (providerName: ProviderName): string => {
if (providerName === 'groq') return 'Get your [API Key here](https://console.groq.com/keys).'
if (providerName === 'xAI') return 'Get your [API Key here](https://console.x.ai).'
if (providerName === 'mistral') return 'Get your [API Key here](https://console.mistral.ai/api-keys).'
- if (providerName === 'openAICompatible') return `Use any provider that's OpenAI-compatible (use this for llama.cpp and more).`
- if (providerName === 'googleVertex') return 'You must authenticate before using Vertex with Void. Read more about endpoints [here](https://cloud.google.com/vertex-ai/generative-ai/docs/multimodal/call-vertex-using-openai-library), and regions [here](https://cloud.google.com/vertex-ai/docs/general/locations#available-regions).'
+ if (providerName === 'openAICompatible') return `OpenAI-compatible provider. Orcide supports llama.cpp and more.`
+ if (providerName === 'googleVertex') return 'You must authenticate before using Vertex with Orcide. Read more about endpoints [here](https://cloud.google.com/vertex-ai/generative-ai/docs/multimodal/call-vertex-using-openai-library), and regions [here](https://cloud.google.com/vertex-ai/docs/general/locations#available-regions).'
if (providerName === 'microsoftAzure') return 'Read more about endpoints [here](https://learn.microsoft.com/en-us/rest/api/aifoundry/model-inference/get-chat-completions/get-chat-completions?view=rest-aifoundry-model-inference-2024-05-01-preview&tabs=HTTP), and get your API key [here](https://learn.microsoft.com/en-us/azure/search/search-security-api-keys?tabs=rest-use%2Cportal-find%2Cportal-query#find-existing-keys).'
if (providerName === 'awsBedrock') return 'Connect via a LiteLLM proxy or the AWS [Bedrock-Access-Gateway](https://github.com/aws-samples/bedrock-access-gateway). LiteLLM Bedrock setup docs are [here](https://docs.litellm.ai/docs/providers/bedrock).'
if (providerName === 'ollama') return 'Read more about custom [Endpoints here](https://github.com/ollama/ollama/blob/main/docs/faq.md#how-can-i-expose-ollama-on-my-network).'
if (providerName === 'vLLM') return 'Read more about custom [Endpoints here](https://docs.vllm.ai/en/latest/getting_started/quickstart.html#openai-compatible-server).'
if (providerName === 'lmStudio') return 'Read more about custom [Endpoints here](https://lmstudio.ai/docs/app/api/endpoints/openai).'
if (providerName === 'liteLLM') return 'Read more about endpoints [here](https://docs.litellm.ai/docs/providers/openai_compatible).'
+ if (providerName === 'orcestAI') return 'Orcest AI integrated API. Models are available automatically through your SSO login. Powered by [RainyModel](https://rm.orcest.ai).'
throw new Error(`subTextMdOfProviderName: Unknown provider name: "${providerName}"`)
}
@@ -156,7 +160,8 @@ export const displayInfoOfSettingName = (providerName: ProviderName, settingName
providerName === 'googleVertex' ? 'AIzaSy...' :
providerName === 'microsoftAzure' ? 'key-...' :
providerName === 'awsBedrock' ? 'key-...' :
- '',
+ providerName === 'orcestAI' ? 'sk-orcest-key...' :
+ '',
isPasswordField: true,
}
@@ -171,7 +176,8 @@ export const displayInfoOfSettingName = (providerName: ProviderName, settingName
providerName === 'microsoftAzure' ? 'baseURL' :
providerName === 'liteLLM' ? 'baseURL' :
providerName === 'awsBedrock' ? 'Endpoint' :
- '(never)',
+ providerName === 'orcestAI' ? 'Endpoint' :
+ '(never)',
placeholder: providerName === 'ollama' ? defaultProviderSettings.ollama.endpoint
: providerName === 'vLLM' ? defaultProviderSettings.vLLM.endpoint
@@ -179,7 +185,8 @@ export const displayInfoOfSettingName = (providerName: ProviderName, settingName
: providerName === 'lmStudio' ? defaultProviderSettings.lmStudio.endpoint
: providerName === 'liteLLM' ? 'http://localhost:4000'
: providerName === 'awsBedrock' ? 'http://localhost:4000/v1'
- : '(never)',
+ : providerName === 'orcestAI' ? defaultProviderSettings.orcestAI.endpoint
+ : '(never)',
}
@@ -352,6 +359,12 @@ export const defaultSettingsOfProvider: SettingsOfProvider = {
...modelInfoOfDefaultModelNames(defaultModelsOfProvider.awsBedrock),
_didFillInProviderSettings: undefined,
},
+ orcestAI: {
+ ...defaultCustomSettings,
+ ...defaultProviderSettings.orcestAI,
+ ...modelInfoOfDefaultModelNames(defaultModelsOfProvider.orcestAI),
+ _didFillInProviderSettings: undefined,
+ },
}
diff --git a/src/vs/workbench/contrib/void/electron-main/llmMessage/sendLLMMessage.impl.ts b/src/vs/workbench/contrib/void/electron-main/llmMessage/sendLLMMessage.impl.ts
index 1b8c8617..f3ae0b99 100644
--- a/src/vs/workbench/contrib/void/electron-main/llmMessage/sendLLMMessage.impl.ts
+++ b/src/vs/workbench/contrib/void/electron-main/llmMessage/sendLLMMessage.impl.ts
@@ -167,6 +167,10 @@ const newOpenAICompatibleSDK = async ({ settingsOfProvider, providerName, includ
const thisConfig = settingsOfProvider[providerName]
return new OpenAI({ baseURL: 'https://api.mistral.ai/v1', apiKey: thisConfig.apiKey, ...commonPayloadOpts })
}
+ else if (providerName === 'orcestAI') {
+ const thisConfig = settingsOfProvider[providerName]
+ return new OpenAI({ baseURL: thisConfig.endpoint, apiKey: thisConfig.apiKey || 'noop', ...commonPayloadOpts })
+ }
else throw new Error(`Void providerName was invalid: ${providerName}.`)
}
@@ -937,6 +941,11 @@ export const sendLLMMessageToProviderImplementation = {
sendFIM: null,
list: null,
},
+ orcestAI: {
+ sendChat: (params) => _sendOpenAICompatibleChat(params),
+ sendFIM: null,
+ list: null,
+ },
} satisfies CallFnOfProvider
diff --git a/src/vs/workbench/contrib/void/electron-main/metricsMainService.ts b/src/vs/workbench/contrib/void/electron-main/metricsMainService.ts
index b6553c47..efcc903f 100644
--- a/src/vs/workbench/contrib/void/electron-main/metricsMainService.ts
+++ b/src/vs/workbench/contrib/void/electron-main/metricsMainService.ts
@@ -135,7 +135,7 @@ export class MetricsMainService extends Disposable implements IMetricsService {
}
- console.log('Void posthog metrics info:', JSON.stringify(identifyMessage, null, 2))
+ console.log('Orcide posthog metrics info:', JSON.stringify(identifyMessage, null, 2))
}
diff --git a/src/vs/workbench/contrib/void/electron-main/voidUpdateMainService.ts b/src/vs/workbench/contrib/void/electron-main/voidUpdateMainService.ts
index 35bca7d1..bf39e972 100644
--- a/src/vs/workbench/contrib/void/electron-main/voidUpdateMainService.ts
+++ b/src/vs/workbench/contrib/void/electron-main/voidUpdateMainService.ts
@@ -79,7 +79,7 @@ export class VoidMainUpdateService extends Disposable implements IVoidUpdateServ
if (this._updateService.state.type === StateType.Ready) {
// Update is ready
- return { message: 'Restart Void to update!', action: 'restart' } as const
+ return { message: 'Restart Orcide to update!', action: 'restart' } as const
}
if (this._updateService.state.type === StateType.Disabled) {
@@ -112,11 +112,11 @@ export class VoidMainUpdateService extends Disposable implements IVoidUpdateServ
if (explicit) {
if (response.ok) {
if (!isUpToDate) {
- message = 'A new version of Void is available! Please reinstall (auto-updates are disabled on this OS) - it only takes a second!'
+ message = 'A new version of Orcide is available! Please reinstall (auto-updates are disabled on this OS) - it only takes a second!'
action = 'reinstall'
}
else {
- message = 'Void is up-to-date!'
+ message = 'Orcide is up-to-date!'
}
}
else {
@@ -127,7 +127,7 @@ export class VoidMainUpdateService extends Disposable implements IVoidUpdateServ
// not explicit
else {
if (response.ok && !isUpToDate) {
- message = 'A new version of Void is available! Please reinstall (auto-updates are disabled on this OS) - it only takes a second!'
+ message = 'A new version of Orcide is available! Please reinstall (auto-updates are disabled on this OS) - it only takes a second!'
action = 'reinstall'
}
else {