add missing Kiro config synthesis

[StriveMario]

PR: Fix missing Kiro configuration synthesis in v6.6.29-0

Summary

Fix regression bug where Kiro (AWS CodeWhisperer) configuration from config.yaml was not being processed, preventing kiro-claude-xxx models from being registered via access-token and refresh-token configuration.

Problem

After the refactoring in v6.6.29-0 that introduced the synthesizer pattern for auth generation, the Kiro configuration handling was accidentally omitted during the migration.

Affected versions: v6.6.29-0
Working versions: v6.6.20-0 and earlier

Symptoms

• Kiro models configured via kiro_key in config.yaml are not loaded
• access_token, refresh_token, profile_arn configuration is ignored
• No kiro-claude-xxx models available despite valid configuration

Root Cause Analysis

In v6.6.20-0, SnapshotCoreAuths() in internal/watcher/watcher.go (lines 1167-1248) directly processed cfg.KiroKey to generate Kiro auth entries.

In v6.6.29-0, the code was refactored to use synthesizer.ConfigSynthesizer.Synthesize(), but the Kiro handling was not migrated:

// v6.6.29-0 ConfigSynthesizer.Synthesize() - BEFORE FIX
func (s *ConfigSynthesizer) Synthesize(ctx *SynthesisContext) ([]*coreauth.Auth, error) {
    out = append(out, s.synthesizeGeminiKeys(ctx)...)   // ✓
    out = append(out, s.synthesizeClaudeKeys(ctx)...)   // ✓
    out = append(out, s.synthesizeCodexKeys(ctx)...)    // ✓
    out = append(out, s.synthesizeOpenAICompat(ctx)...) // ✓
    out = append(out, s.synthesizeVertexCompat(ctx)...) // ✓
    // ❌ Missing: synthesizeKiroKeys()
    return out, nil
}

Changes

Modified File

internal/watcher/synthesizer/config.go

Changes Made

1. Added imports (lines 7, 10):

   kiroauth "github.com/router-for-me/CLIProxyAPI/v6/internal/auth/kiro"
   log "github.com/sirupsen/logrus"

2. Added Kiro synthesis call in Synthesize() (lines 35-36):

   // Kiro (AWS CodeWhisperer)
   out = append(out, s.synthesizeKiroKeys(ctx)...)

3. Implemented synthesizeKiroKeys() method (lines 300-391):

   • Iterates over cfg.KiroKey configuration entries
   • Supports loading tokens from TokenFile
   • Supports direct access_token, refresh_token, profile_arn configuration
   • Supports region, agent_task_type, preferred_endpoint per-key settings
   • Applies global KiroPreferredEndpoint as default
   • Stores refresh_token in both Attributes and Metadata for token refresh

Feature Parity

Feature	v6.6.20-0	v6.6.29-0 (Before)	v6.6.29-0 (After)
access_token config	✅	❌	✅
refresh_token config	✅	❌	✅
profile_arn config	✅	❌	✅
TokenFile loading	✅	❌	✅
region config	✅	❌	✅
agent_task_type config	✅	❌	✅
preferred_endpoint config	✅	❌	✅
Global KiroPreferredEndpoint	✅	❌	✅
IDE token file watching	✅	✅	✅

Testing

• Build verification: go1.24.0 build ./... - PASSED
• Executable generation: CLIProxyAPI.exe - GENERATED (45MB)
• Integration test: Verify Kiro models load from config
• Token refresh test: Verify refresh_token works correctly

Diff Summary

 import (
     "fmt"
     "strings"

+    kiroauth "github.com/router-for-me/CLIProxyAPI/v6/internal/auth/kiro"
     "github.com/router-for-me/CLIProxyAPI/v6/internal/watcher/diff"
     coreauth "github.com/router-for-me/CLIProxyAPI/v6/sdk/cliproxy/auth"
+    log "github.com/sirupsen/logrus"
 )

 func (s *ConfigSynthesizer) Synthesize(ctx *SynthesisContext) ([]*coreauth.Auth, error) {
     // Gemini API Keys
     out = append(out, s.synthesizeGeminiKeys(ctx)...)
     // Claude API Keys
     out = append(out, s.synthesizeClaudeKeys(ctx)...)
     // Codex API Keys
     out = append(out, s.synthesizeCodexKeys(ctx)...)
+    // Kiro (AWS CodeWhisperer)
+    out = append(out, s.synthesizeKiroKeys(ctx)...)
     // OpenAI-compat
     out = append(out, s.synthesizeOpenAICompat(ctx)...)
     // Vertex-compat
     out = append(out, s.synthesizeVertexCompat(ctx)...)
     return out, nil
 }

+// synthesizeKiroKeys creates Auth entries for Kiro (AWS CodeWhisperer) tokens.
+func (s *ConfigSynthesizer) synthesizeKiroKeys(ctx *SynthesisContext) []*coreauth.Auth {
+    // ... 90 lines of implementation
+}

Related Issues

• Regression introduced in v6.6.29-0 refactoring
• Affects all users configuring Kiro via config.yaml

Checklist

• Code compiles without errors
• Implementation matches v6.6.20-0 behavior
• All Kiro configuration options supported
• Unit tests added
• Integration tests passed

[gemini-code-assist]

Summary of Changes

Hello @StriveMario, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request resolves a critical regression that prevented the proper loading and synthesis of Kiro (AWS CodeWhisperer) configurations from config.yaml. By re-introducing the dedicated Kiro synthesis logic into the ConfigSynthesizer, it ensures that all previously supported Kiro authentication methods and settings are correctly processed, allowing kiro-claude-xxx models to be registered as expected.

Highlights

• Regression Fix for Kiro Configuration: Addresses a regression introduced in v6.6.29-0 where Kiro (AWS CodeWhisperer) configuration from config.yaml was not being processed, preventing kiro-claude-xxx models from being registered.
• Re-integration of Kiro Synthesis: The Kiro configuration handling, which was accidentally omitted during the migration to the synthesizer pattern, has been re-integrated into the ConfigSynthesizer.Synthesize() method.
• Full Feature Parity Restored: Restores full functionality for Kiro configuration, including support for access_token, refresh_token, profile_arn, TokenFile loading, region, agent task type, preferred endpoint settings, and global KiroPreferredEndpoint.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request effectively fixes a regression by re-introducing the Kiro configuration synthesis. The implementation in synthesizeKiroKeys is well-structured and correctly handles loading tokens from both files and direct configuration. I've identified a couple of minor areas for improvement to enhance code clarity and adhere to the intended design of the Auth struct. Specifically, I've suggested removing a redundant nil check and ensuring the refreshToken is stored only in Metadata as it represents mutable state. Overall, these changes are a solid contribution to restoring the Kiro integration.

[gemini-code-assist]

The kAuth != nil check is redundant. The kiroauth.NewKiroAuth() function always returns a non-nil pointer to a KiroAuth struct, so this check will always pass. Removing it simplifies the code.

Suggested change

	if kk.TokenFile != "" && kAuth != nil {
	if kk.TokenFile != "" {

[gemini-code-assist]

The refreshToken is being stored in the Attributes map. According to the coreauth.Auth struct's documentation, Attributes are for immutable configuration, while Metadata is for mutable runtime state. Since a refresh token can be updated during the application's lifecycle, it should only be stored in Metadata. Storing it in Attributes could lead to confusion or bugs if other parts of the code rely on Attributes being static. The token is already correctly stored in Metadata later in this function.