feat: add GitHub Copilot as LLM provider with device flow OAuth

[maros7]

Summary

• Problem: ByteRover CLI has no GitHub Copilot provider—users with Copilot subscriptions cannot use Claude, GPT, Gemini, or other models through the Copilot API.
• Why it matters: GitHub Copilot bundles access to multiple frontier models under a single subscription. Supporting it removes the need for separate API keys per provider.
• What changed: Added a full github-copilot provider: OAuth device flow authentication, automatic Copilot token refresh, dynamic model listing from the Copilot API, and OpenAI-compatible chat completions for all models (including Claude, Gemini). CLI and TUI connect flows display the device code for the user to enter at github.com/login/device.
• What did NOT change (scope boundary): No existing providers were modified. No changes to the agent core, tool system, REPL, or transport layer beyond the new device callback mode in shared types/events.

Type of change

• Bug fix
• New feature
• Refactor (no behavior change)
• Documentation
• Test
• Chore (build, dependencies, CI)

Scope (select all touched areas)

• TUI / REPL
• Agent / Tools
• LLM Providers
• Server / Daemon
• Shared (constants, types, transport events)
• CLI Commands (oclif)
• Hub / Connectors
• Cloud Sync
• CI/CD / Infra

Linked issues

• Closes [FEATURE] Add GitHub Copilot as an LLM Provider (OAuth Device Flow + OpenAI-Compatible API) #322

Root cause (bug fixes only, otherwise write N/A)

N/A

Test plan

• Coverage added:
  • Unit test
  • Integration test
  • Manual verification only
• Test file(s):
  • test/unit/infra/provider-oauth/device-flow.test.ts — 14 tests (device code request, polling, token exchange, error handling)
  • test/unit/infra/llm/providers/github-copilot.test.ts — 18 tests (provider creation, model routing, header injection, error handling)
  • test/unit/infra/http/copilot-model-fetcher.test.ts — 12 tests (model listing, token auth, error handling, empty responses)
  • test/unit/infra/provider-oauth/token-refresh-manager.test.ts — 8 new tests (Copilot token refresh, expiry detection, error wrapping)
  • test/unit/infra/transport/handlers/provider-handler.test.ts — new device flow handler tests
  • test/unit/infra/provider/provider-config-resolver.test.ts — Copilot config resolution tests
  • test/unit/core/domain/entities/provider-registry.test.ts — registry entry tests
  • test/commands/providers/connect.test.ts — CLI connect command device flow tests
• Key scenario(s) covered:
  • Device flow lifecycle: request code → poll → exchange for Copilot token
  • Polling edge cases: authorization_pending, slow_down (interval backoff), expired_token, access_denied
  • Token refresh: auto-refresh when within 5min of expiry, error wrapping in ProviderTokenExchangeError
  • Model fetcher: dynamic model listing with auth, graceful fallback on errors
  • Provider: OpenAI-compatible format for all models, required Copilot headers (Copilot-Integration-Id, Editor-Version, etc.)
  • Config resolver: Copilot-specific headers and base URL injection

User-visible changes

• New provider github-copilot available in /providers connect
• Device flow: CLI/TUI displays a user code and URL (github.com/login/device) instead of opening a browser callback
• Default model: claude-sonnet-4.6
• Models listed dynamically from Copilot API (Claude, GPT, Gemini, o-series, etc.)
• Automatic Copilot token refresh (tokens expire ~30min; refreshed transparently before each request)

Evidence

• npm run lint: 0 errors (69 pre-existing warnings, none from new code)
• npm run typecheck: clean
• npm run build: clean
• npm test: 4766 passing, 6 pending, 0 failing
• Coverage: github-copilot.ts 100% lines, device-flow.ts 95% lines, token-refresh-manager.ts 100% lines, copilot.ts 100% lines, CopilotModelFetcher 100% lines — all well above 50% minimum
• Manual verification: authenticated via device flow, listed models, ran /curate with claude-sonnet-4.6 through Copilot API successfully

Checklist

• Tests added or updated and passing (npm test)
• Lint passes (npm run lint)
• Type check passes (npm run typecheck)
• Build succeeds (npm run build)
• Commits follow Conventional Commits format
• Documentation updated (if applicable)
• No breaking changes (or clearly documented above)
• Branch is up to date with main

Risks and mitigations

• Risk: GitHub changes the Copilot API endpoints, required headers, or token format.
  • Mitigation: All Copilot-specific constants (client ID, URLs, headers, API version) are centralized in src/shared/constants/copilot.ts — a single file to update. Token exchange errors are wrapped in ProviderTokenExchangeError with descriptive messages.
• Risk: OAuth client ID Iv1.b507a08c87ecfe98 is a well-known public ID (used by VS Code, Goose, gpt4free, etc.) but not officially documented for third-party use.
  • Mitigation: This is the same ID used by dozens of open-source Copilot integrations. If GitHub rotates it, updating the single constant suffices. The device flow itself is a standard OAuth 2.0 grant.

[leehpham]

Hey @maros7 - first off, thank you for the effort here. The code quality is genuinely strong: the device flow implementation is RFC 8628 compliant, the token refresh integration is clean, the refactoring of awaitCallbackFlow/handleRefreshError is well-structured, and the test coverage is thorough. This is clearly not a quick hack.

That said, I can't merge this as-is due to a fundamental issue with how it authenticates against GitHub's Copilot API.

Why this is blocked

The implementation uses GitHub's internal VS Code Copilot OAuth client ID (Iv1.b507a08c87ecfe98) and impersonates VS Code by sending headers like Editor-Version: vscode/1.99.0, Copilot-Integration-Id: vscode-chat, and User-Agent: GitHubCopilotChat/0.26.7. It also calls the undocumented api.github.com/copilot_internal/v2/token endpoint.

This creates two problems we can't ship:

1. GitHub ToS violation. GitHub community moderators have explicitly stated that Copilot is "intended solely for use through GitHub Copilot's officially supported clients" (community discussion #178117). The impersonation headers also violate GitHub's Impersonation Policy.

2. Risk to our users. GitHub is actively suspending accounts for "use of unsupported clients" - documented cases from recent months in #190535, #160013, and #186400. We can't ship a feature that puts users' GitHub accounts at risk.

This isn't something that can be fixed with code changes - the core issue is using an unofficial API with a client ID that belongs to VS Code.

I'll be closing this PR, but thanks again for the contribution - the quality of the work is clear and we appreciate the time you put into it.