6.2 KiB
6.2 KiB
summary, read_when
| summary | read_when | |||
|---|---|---|---|---|
| Factory (Droid) provider data sources: API key, browser cookies, WorkOS tokens, and Factory APIs. |
|
Factory (Droid) provider
Factory (displayed as "Droid") supports API-key and web-based auth. Source mode can be auto, api, or web.
Data sources + fallback order
API (api)
- Resolve a Factory API key from, in order:
~/.codexbar/config.jsonproviders[].apiKeyforfactory(also via Settings orcodexbar config set-api-key --provider factory)FACTORY_API_KEY- optional
~/.factory/.env(FACTORY_API_KEY=…orexport FACTORY_API_KEY=…)
- Call Factory APIs with
Authorization: Bearer <apiKey>(same billing-limits / bearer path as session tokens).
Web (web)
Fetch attempts run in this exact order:
- Cached cookie header (Keychain cache
com.steipete.codexbar.cache, accountcookie.factory). - Stored session (
~/Library/Application Support/CodexBar/factory-session.json). - Stored bearer token (same session file).
- Stored WorkOS refresh token (same session file).
- Local storage WorkOS tokens (Safari + Chrome/Chromium/Arc leveldb).
- Browser cookies (Safari only) for Factory domains.
- WorkOS cookies (Safari) to mint tokens.
- Browser cookies (Chrome, Firefox) for Factory domains.
- WorkOS cookies (Chrome, Firefox) to mint tokens.
If a step succeeds, we cache cookies/tokens back into the session store.
Manual option:
- Preferences → Providers → Droid → Cookie source → Manual.
- Paste the
Cookie:header from app.factory.ai.
Auto (auto)
- Try API first when a key is resolvable.
- Fall back to web strategies on missing/unauthorized keys and other recoverable API failures (timeouts, DNS/network errors, 5xx, parse failures). Cancellation does not fall back.
- Explicit
apimode stays strict and does not fall back to web. - When both an API key and a browser/WorkOS session are available, Auto may surface the API-key
account rather than the browser session. Use explicit
web(orapi) to pin account precedence.
Settings
- Preferences → Providers → Droid:
- Usage source:
Auto,API key,Browser cookies - API key: optional override for
FACTORY_API_KEY/~/.factory/.env - Cookie source: Automatic / Manual (web path)
- Usage source:
CLI
printf '%s' "$FACTORY_API_KEY" | codexbar config set-api-key --provider factory --stdin
codexbar usage --provider factory --source api
codexbar usage --provider factory --source web
Cookie import
- Cookie domains:
factory.ai,app.factory.ai,auth.factory.ai. - Cookie names considered a session:
wos-session__Secure-next-auth.session-tokennext-auth.session-token__Secure-authjs.session-token__Host-authjs.csrf-tokenauthjs.session-tokensessionaccess-token
- Stale-token retry filters:
access-token,__recent_auth.
Base URL selection
- Candidates are tried in order (deduped):
https://auth.factory.aihttps://api.factory.aihttps://app.factory.aibaseURL(defaulthttps://app.factory.ai)
- Cookie domains influence candidate ordering (auth domain first if present).
Factory API endpoints
All requests set:
Accept: application/jsonContent-Type: application/jsonOrigin: https://app.factory.aiReferer: https://app.factory.ai/x-factory-client: web-appAuthorization: Bearer <token>when a bearer token / API key is available.Cookie: <session cookies>when cookies are available.
Endpoints:
GET https://api.factory.ai/api/billing/limits- Preferred when the account uses token-rate-limits billing (5h / weekly / monthly windows).
GET <baseURL>/api/app/auth/me- Returns org + subscription metadata + feature flags.
GET <baseURL>/api/organization/subscription/usage- Query:
useCache=trueand optionaluserId - Returns Standard + Premium token usage and billing window.
- Query:
WorkOS token minting
- Endpoint:
POST https://api.workos.com/user_management/authenticate
- Body:
client_id: one ofclient_01HXRMBQ9BJ3E7QSTQ9X2PHVB7client_01HNM792M5G5G1A2THWPXKFMXB
grant_type:refresh_tokenrefresh_token: from local storage or session store- Optional:
organization_id - When using cookies:
useCookie: true+Cookie: <workos.com cookies>
Local storage WorkOS token extraction
- Safari:
- Root:
~/Library/Containers/com.apple.Safari/Data/Library/WebKit/WebsiteData/Default - Finds
originfiles containingapp.factory.aiorauth.factory.ai, then readsLocalStorage/localstorage.sqlite3.
- Root:
- Chrome/Chromium/Arc/Helium:
- Roots under
~/Library/Application Support/<Browser>/User Data/<Profile>/Local Storage/leveldb. - Helium uses
~/Library/Application Support/net.imput.helium/<Profile>/Local Storage/leveldb(noUser Data). - Scans LevelDB files for
workos:refresh-tokenandworkos:access-token.
- Roots under
- Parsed tokens:
workos:refresh-token(required)workos:access-token(optional)- Organization ID parsed from JWT when available.
Session storage
- File:
~/Library/Application Support/CodexBar/factory-session.json - Stores cookies + bearer token + WorkOS refresh token.
Snapshot mapping
- Token-rate-limits accounts: primary 5h, secondary weekly, tertiary monthly (+ optional Core windows).
- Legacy Standard/Premium accounts: primary Standard, secondary Premium; reset at billing period end.
- Plan/tier + org name from auth response.
Troubleshooting
- Missing API key: set
FACTORY_API_KEY, Settings → Droid → API key, orcodexbar config set-api-key --provider factory. - Unauthorized API key (401/403): regenerate at app.factory.ai/settings/api-keys.
- Missing session: log in to app.factory.ai in a supported browser, or paste a Cookie header in Manual mode.
Key files
Sources/CodexBarCore/Providers/Factory/FactoryProviderDescriptor.swiftSources/CodexBarCore/Providers/Factory/FactorySettingsReader.swiftSources/CodexBarCore/Providers/Factory/FactoryStatusProbe.swiftSources/CodexBarCore/Providers/Factory/FactoryLocalStorageImporter.swift