Add OpenCode Anthropic OAuth Plugin Integration

[marcusquinn]

Summary

Adds support for the opencode-anthropic-auth plugin, enabling OAuth authentication for Claude Pro/Max accounts in OpenCode.

Changes

Documentation Created

• .agent/tools/opencode/opencode-anthropic-auth.md - Comprehensive guide covering:
  • Three authentication methods (Claude Pro/Max OAuth, API Key creation via OAuth, Manual API Key)
  • Detailed setup instructions and OAuth flow explanation
  • Troubleshooting guide and security considerations
  • Comparison with other auth methods (Antigravity, manual keys)
  • Integration notes for aidevops users

Documentation Updated

• .agent/tools/opencode/opencode.md
  • Added "Anthropic OAuth Plugin" section
  • Updated Quick Reference with authentication commands
  • Added comparison table of authentication methods
  • Cross-referenced detailed documentation

Code Changes

• setup.sh

  • Refactored setup_opencode_plugins() to support multiple plugins
  • Created add_opencode_plugin() helper function (DRY principle)
  • Added setup for opencode-anthropic-auth@latest plugin
  • Enhanced user messaging with clear instructions for both plugins

• .agent/AGENTS.md

  • Updated tools/opencode/ description to mention the new plugin

Features

The Anthropic OAuth plugin provides:

• Zero-cost API usage for Claude Pro/Max subscribers (subscription covers API costs)
• OAuth 2.0 with PKCE for secure authentication
• Automatic token refresh - no manual re-authentication needed
• Beta features auto-enabled - Extended thinking, Claude Code, etc.
• Three authentication methods for flexibility

Testing

✅ All tests passed:

1. Setup Script - Ran ./setup.sh successfully without errors
2. Plugin Installation - Verified opencode-anthropic-auth@latest added to ~/.config/opencode/opencode.json
3. Documentation Deployment - All files deployed to ~/.aidevops/agents/tools/opencode/
4. Multi-Plugin Support - Confirmed both Antigravity and Anthropic plugins work together
5. User Instructions - Clear authentication steps displayed during setup

Usage

After running ./setup.sh, users can authenticate with:

opencode auth login

Then choose:

• Anthropic → Claude Pro/Max (for zero-cost subscriber access)
• Anthropic → Create an API Key (OAuth-based key creation)
• Anthropic → Manually enter API Key (traditional method)

Benefits for Users

• No API key costs for Claude Pro/Max subscribers
• Seamless authentication experience
• Enhanced security with OAuth 2.0
• Access to latest beta features
• Works alongside existing Antigravity plugin for Google OAuth

References

• Plugin Repository: https://github.com/anomalyco/opencode-anthropic-auth
• Related Task: t048

Files Changed

 .agent/AGENTS.md                                 |   2 +-
 .agent/tools/opencode/opencode.md                |  34 +++++++++
 .agent/tools/opencode/opencode-anthropic-auth.md | [NEW 529 lines]
 setup.sh                                         |  77 +++++++++++-------
 4 files changed, 529 insertions(+), 30 deletions(-)

Summary by CodeRabbit

Release Notes

• New Features

  • Introduced Anthropic OAuth authentication support for Claude Pro/Max users with automatic token refresh and multiple authentication methods.

• Documentation

  • Added comprehensive OpenCode Anthropic authentication plugin documentation with setup instructions, configuration guides, security best practices, and troubleshooting.
  • Updated OpenCode plugin registry to reflect expanded authentication options.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Documentation and configuration updates introducing Anthropic OAuth authentication support for the OpenCode plugin ecosystem. Includes comprehensive plugin documentation, authentication flow guidance, and refactored shell script helper function for centralized plugin configuration management.

Changes

Cohort / File(s)	Summary
OpenCode Plugin Registry .agent/AGENTS.md	Updated tools/opencode entry to reflect expanded plugin set: opencode, opencode-anthropic-auth, oh-my-opencode
OpenCode Authentication Documentation .agent/tools/opencode/opencode-anthropic-auth.md, .agent/tools/opencode/opencode.md	Added comprehensive plugin documentation covering OAuth 2.0 PKCE flow, token management, installation methods, usage workflows, troubleshooting, and integration with aidevops
Setup Automation Refactoring setup.sh	Extracted plugin configuration logic into reusable add_opencode_plugin() helper function; refactored setup_opencode_plugins() to support multiple plugins via centralized updater pattern

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

Poem

🔌 OAuth flows now clearly laid bare,
Plugins stacked with DevOps care,
From Anthropic's auth to helpers refined,
Configuration code, elegantly designed,
Zero debt maintained—a pristine affair! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 66.67% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: adding OpenCode Anthropic OAuth plugin integration. It directly reflects the primary purpose of the PR across documentation, setup scripts, and configuration updates.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @marcusquinn, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances OpenCode's integration with Anthropic by introducing a dedicated OAuth authentication plugin. This allows users with Claude Pro/Max subscriptions to leverage their existing plans for zero-cost API access, benefiting from secure OAuth 2.0, automatic token refreshing, and immediate access to beta features. The underlying setup process has also been streamlined to support future plugin expansions.

Highlights

• Anthropic OAuth Plugin Integration: Introduces the opencode-anthropic-auth plugin to enable OAuth authentication for Claude Pro/Max accounts within OpenCode.
• Zero-Cost API Usage for Subscribers: Claude Pro/Max subscribers can now utilize Anthropic models through OpenCode without incurring additional API costs, leveraging their existing subscriptions.
• Enhanced Authentication Features: The new plugin provides secure OAuth 2.0 with PKCE, automatic token refresh, and automatically enables beta features such as extended thinking for Anthropic models.
• Refactored Plugin Setup Script: The setup.sh script has been updated with a new helper function (add_opencode_plugin) to streamline the installation and configuration of multiple OpenCode plugins, improving modularity.
• Comprehensive Documentation: New and updated documentation files (.agent/tools/opencode/opencode-anthropic-auth.md and .agent/tools/opencode/opencode.md) provide detailed guides for the setup, usage, and troubleshooting of the Anthropic OAuth plugin.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 225 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Fri Jan 9 10:32:35 UTC 2026: Code review monitoring started
Fri Jan 9 10:32:35 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 225
Fri Jan 9 10:32:35 UTC 2026: Qlty - 0 issues found, auto-formatting applied
Fri Jan 9 10:32:37 UTC 2026: Codacy analysis completed with auto-fixes

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 225
• VULNERABILITIES: 0

Generated on: Fri Jan 9 10:33:13 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[gemini-code-assist]

Code Review

This pull request introduces support for the opencode-anthropic-auth plugin, which is a valuable addition for Claude Pro/Max users. The changes are well-structured, including comprehensive documentation and a thoughtful refactoring of the setup.sh script to accommodate multiple plugins. My review includes one suggestion to further improve the new helper function in setup.sh for better maintainability and robustness. Overall, this is a high-quality contribution.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

setup.sh (1)

1601-1638: Good DRY refactor with the helper function.

The add_opencode_plugin() helper nicely encapsulates the plugin addition logic, following the local var="$1" pattern per coding guidelines. However, an explicit return is missing at the end of the function.

♻️ Add explicit return for consistency

         print_success "Created plugin array with $plugin_name"
     fi
+    
+    return 0
 }

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 527da3e and d2c2bd6.

📒 Files selected for processing (4)

• .agent/AGENTS.md
• .agent/tools/opencode/opencode-anthropic-auth.md
• .agent/tools/opencode/opencode.md
• setup.sh

🧰 Additional context used

📓 Path-based instructions (2)

**/setup.sh

📄 CodeRabbit inference engine (AGENTS.md)

Deploy agents locally using ./setup.sh script

Files:

• setup.sh

**/*.sh

📄 CodeRabbit inference engine (AGENTS.md)

**/*.sh: Use local var="$1" pattern for shell variable assignments
Use explicit returns in shell scripts
Run ShellCheck on all scripts with zero violations required

Files:

• setup.sh

🧠 Learnings (6)

📚 Learning: 2026-01-06T15:57:56.008Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-01-06T15:57:56.008Z
Learning: Applies to **/AGENTS.md : Use progressive disclosure in AGENTS.md with pointers to subagents rather than inline content

Applied to files:

• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:34:42.033Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENT.md:0-0
Timestamp: 2025-11-29T04:34:42.033Z
Learning: Reference AGENTS.md (authoritative) instead of AGENT.md for AI assistant guidance

Applied to files:

• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:34:27.158Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-29T04:34:27.158Z
Learning: All instructions, documentation, and operational guidance should be maintained in AGENTS.md as the single source of truth

Applied to files:

• .agent/AGENTS.md

📚 Learning: 2025-12-22T01:24:53.937Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: templates/home/AGENTS.md:0-0
Timestamp: 2025-12-22T01:24:53.937Z
Learning: Follow all security protocols and working directory specifications defined in ~/Git/aidevops/AGENTS.md

Applied to files:

• .agent/tools/opencode/opencode.md

📚 Learning: 2025-11-29T04:34:30.742Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: GEMINI.md:0-0
Timestamp: 2025-11-29T04:34:30.742Z
Learning: Reference AGENTS.md for authoritative AI assistant guidance instead of GEMINI.md

Applied to files:

• .agent/tools/opencode/opencode.md

📚 Learning: 2026-01-06T15:57:56.007Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-01-06T15:57:56.007Z
Learning: Applies to **/setup.sh : Deploy agents locally using ./setup.sh script

Applied to files:

• .agent/tools/opencode/opencode.md

🧬 Code graph analysis (1)

setup.sh (4)

.agent/scripts/version-manager.sh (2)

• print_info (17-17)
• print_warning (19-19)

aidevops.sh (2)

• print_info (25-25)
• print_warning (27-27)

.agent/scripts/verify-mirrors.sh (2)

• print_info (23-23)
• print_warning (25-25)

templates/deploy-templates.sh (2)

• print_info (16-16)
• print_warning (18-18)

🪛 Gitleaks (8.30.0)

.agent/tools/opencode/opencode-anthropic-auth.md

[high] 373-374: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Codacy Static Code Analysis

🔇 Additional comments (9)

.agent/AGENTS.md (1)

255-255: LGTM!

Clean documentation update that properly expands the plugins context to reflect the new Anthropic OAuth plugin. The ordering maintains consistency with the plugin names.

.agent/tools/opencode/opencode.md (2)

44-48: LGTM!

Good addition to the Quick Reference section - the authentication commands with clear comments for each OAuth provider make it easy for users to understand their options at a glance.

---

80-108: Well-structured documentation for the new Anthropic OAuth Plugin section.

The documentation follows the established pattern with:

• Clear setup instructions
• Comparison table for authentication methods with cost implications
• Concise benefits list
• Cross-reference to detailed documentation

This aligns well with the progressive disclosure approach.

setup.sh (1)

1640-1687: Clean refactor of setup_opencode_plugins() to support multiple plugins.

The function now:

• Uses the new add_opencode_plugin helper for both Antigravity and Anthropic plugins
• Provides clear post-setup instructions for both OAuth options
• Maintains explicit return 0

This is a solid pattern for adding future OpenCode plugins.

.agent/tools/opencode/opencode-anthropic-auth.md (5)

370-377: Static analysis false positive - this is documentation, not credentials.

Gitleaks flagged this as a "Generic API Key" but these are Anthropic beta feature flag identifiers (like oauth-2025-04-20, interleaved-thinking-2025-05-14), not actual API keys or secrets. The example shows how to customize beta flags in a fork scenario.

---

1-42: Comprehensive Quick Reference section with clear authentication options.

The documentation provides an excellent at-a-glance summary with:

• Purpose and repository link
• Authentication method comparison table with use cases
• Quick setup commands

This follows the progressive disclosure pattern established in other aidevops docs.

---

152-198: Clear OAuth flow documentation.

The PKCE flow explanation is well-documented with the four-step process (Authorization Request → Token Exchange → API Usage → Token Refresh). The details about beta feature injection and tool name prefixing provide good insight into the plugin's behavior.

---

331-352: Strong security considerations section.

Good coverage of:

• OAuth security (PKCE, local token storage, automatic rotation)
• API key security best practices
• Clear guidance on when to use OAuth vs manual keys (CI/CD)

This maintains the zero-technical-debt quality standard.

---

396-427: Integration notes align well with aidevops ecosystem.

The documentation correctly explains:

• Automatic setup via setup.sh
• Recommended configuration for different agent types
• Credential storage locations

This ties the plugin cleanly into the existing framework.

[augmentcode]

🤖 Augment PR Summary

Summary: Adds support for the opencode-anthropic-auth plugin so OpenCode users can authenticate to Anthropic via OAuth (including Claude Pro/Max subscriber flows).

Changes:

• Added a new detailed guide: .agent/tools/opencode/opencode-anthropic-auth.md (auth methods, setup flow, troubleshooting, security notes)
• Updated OpenCode integration docs (.agent/tools/opencode/opencode.md) with an Anthropic OAuth section and quick auth commands
• Refactored setup.sh OpenCode plugin configuration to support multiple plugins via a reusable add_opencode_plugin() helper
• Extended setup to add opencode-anthropic-auth@latest alongside the existing Antigravity plugin entry
• Updated .agent/AGENTS.md tool catalog text to reflect the new OpenCode plugin coverage

Technical Notes: Plugin entries are maintained idempotently in ~/.config/opencode/opencode.json using jq; users authenticate post-setup via opencode auth login.

_{🤖 Was this summary useful? React with 👍 or 👎}

[augmentcode]

Review completed. 1 suggestions posted.

Comment augment review to trigger a new review at any time.

[augmentcode]

OpenCode installs npm plugins listed in ~/.config/opencode/opencode.json automatically at startup (via Bun), so requiring npm install -g opencode-anthropic-auth / calling it “globally installed” may be misleading for users. Consider documenting it as “added to the plugin array; OpenCode will auto-install on next run” (also applies to the other npm-install mentions below).

_{🤖 Was this useful? React with 👍 or 👎}