feat(gemini-cli): add Google One login and improve auto-discovery

Add Google One personal account login to Gemini CLI OAuth flow: - CLI --login shows mode menu (Code Assist vs Google One) - Web management API accepts project_id=GOOGLE_ONE sentinel - Auto-discover project via onboardUser without cloudaicompanionProject when project is unresolved Improve robustness of auto-discovery and token handling: - Add context-aware auto-discovery polling (30s timeout, 2s interval) - Distinguish network errors from project-selection-required errors - Refresh expired access tokens in readAuthFile before project lookup - Extend project_id auto-fill to gemini auth type (was antigravity-only) Unify credential file naming to geminicli- prefix for both CLI and web. Add extractAccessToken unit tests (9 cases).
2026-02-18 20:30:51 +08:00 · 2026-02-11 16:53:38 +08:00
parent 1510bfcb6f
commit f3ccd85ba1
5 changed files with 327 additions and 46 deletions
--- a/internal/auth/gemini/gemini_token.go
+++ b/internal/auth/gemini/gemini_token.go
@@ -71,17 +71,17 @@ func (ts *GeminiTokenStorage) SaveTokenToFile(authFilePath string) error {

 // CredentialFileName returns the filename used to persist Gemini CLI credentials.
 // When projectID represents multiple projects (comma-separated or literal ALL),
-// the suffix is normalized to "all" and a "gemini-" prefix is enforced to keep
+// the suffix is normalized to "all" and a "geminicli-" prefix is enforced to keep
 // web and CLI generated files consistent.
 func CredentialFileName(email, projectID string, includeProviderPrefix bool) string {
 	email = strings.TrimSpace(email)
 	project := strings.TrimSpace(projectID)
 	if strings.EqualFold(project, "all") || strings.Contains(project, ",") {
-		return fmt.Sprintf("gemini-%s-all.json", email)
+		return fmt.Sprintf("geminicli-%s-all.json", email)
 	}
 	prefix := ""
 	if includeProviderPrefix {
-		prefix = "gemini-"
+		prefix = "geminicli-"
 	}
 	return fmt.Sprintf("%s%s-%s.json", prefix, email, project)
 }