[Enhancement]: Support Anthropic Monthly Plans (Claude Pro/Max) via OAuth

[spachava753]

[Enhancement]: Support Anthropic Monthly Plans (Claude Pro/Max) via OAuth

Enhancement Category

New AI model support

Problem or Use Case

Users with Anthropic Claude Pro or Claude Max subscriptions cannot currently use their subscription credits with CPE. Instead, they must use a separate API key with pay-as-you-go billing, even though they've already paid for a monthly plan with included usage.

OpenCode (sst/opencode) supports this via an OAuth flow where users can authenticate with their Anthropic account and use their subscription's included credits. This is valuable because:

1. Cost efficiency: Users can leverage their existing subscription instead of double-paying via API credits
2. Unified billing: Keep all Claude usage under a single subscription rather than split billing
3. Lower barrier to entry: Pro/Max subscribers can use CPE without needing to set up separate API billing

Proposed Solution

Implement OAuth-based authentication for Anthropic Claude Pro/Max subscriptions, similar to opencode's approach:

1. Add a new authentication flow that:

   • Opens the user's browser to Anthropic's OAuth authorization endpoint
   • Handles the OAuth callback to receive authorization code
   • Exchanges the code for access/refresh tokens
   • Stores tokens securely (e.g., in ~/.local/share/cpe/auth.json or similar)
   • Automatically refreshes tokens when they expire

2. Update the Anthropic provider to:

   • Support both API key and OAuth token authentication
   • Prefer OAuth credentials when available (or configurable preference)
   • Seamlessly switch between auth methods based on configuration

3. Add CLI commands for authentication management:

   • cpe auth login anthropic - Start OAuth flow for Anthropic
   • cpe auth logout anthropic - Remove stored credentials
   • cpe auth list - Show configured authentication methods

Example usage:

# Authenticate with Anthropic subscription
cpe auth login anthropic
# Browser opens for OAuth authorization

# Use CPE normally - automatically uses subscription
cpe -m claude-sonnet-4-20250514 "Your prompt"

Alternatives Considered

• Proxy services: Some users work around this by using proxy services that bridge subscription access, but this adds complexity and potential security concerns
• Manual token extraction: Users could potentially extract session tokens manually, but this is fragile and not user-friendly
• API keys only: The current approach works but requires separate billing

Impact Scope

Users of specific AI providers

Additional Context

Reference implementation in opencode:

• OAuth flow: https://github.com/sst/opencode/blob/dev/packages/opencode/src/provider/auth.ts
• Auth storage: https://github.com/sst/opencode/blob/dev/packages/opencode/src/auth/index.ts
• Provider docs showing the flow: https://opencode.ai/docs/providers (Anthropic section shows "Claude Pro/Max" as first auth option)

The Anthropic SDK for Go (github.com/anthropics/anthropic-sdk-go) may need to be extended or the authentication may need to be handled at the HTTP client level to inject the OAuth bearer token instead of the API key.