refactor: remove CLAUDE_CODE_OAUTH_TOKEN references and update authentication to use ANTHROPIC_API_KEY exclusively

apps/server/src/index.ts

@@ -50,30 +50,21 @@ const DATA_DIR = process.env.DATA_DIR || "./data";
 const ENABLE_REQUEST_LOGGING = process.env.ENABLE_REQUEST_LOGGING !== "false"; // Default to true
 
 // Check for required environment variables
-// Claude Agent SDK supports EITHER OAuth token (subscription) OR API key (pay-per-use)
 const hasAnthropicKey = !!process.env.ANTHROPIC_API_KEY;
-const hasOAuthToken = !!process.env.CLAUDE_CODE_OAUTH_TOKEN;
 
-if (!hasAnthropicKey && !hasOAuthToken) {
+if (!hasAnthropicKey) {
   console.warn(`
 ╔═══════════════════════════════════════════════════════════════════════╗
 ║  ⚠️  WARNING: No Claude authentication configured                      ║
 ║                                                                       ║
 ║  The Claude Agent SDK requires authentication to function.            ║
 ║                                                                       ║
-║  Option 1 - Subscription (OAuth Token):                               ║
-║    export CLAUDE_CODE_OAUTH_TOKEN="your-oauth-token"                  ║
-║                                                                       ║
-║  Option 2 - Pay-per-use (API Key):                                    ║
+║  Set your Anthropic API key:                                          ║
 ║    export ANTHROPIC_API_KEY="sk-ant-..."                              ║
 ║                                                                       ║
 ║  Or use the setup wizard in Settings to configure authentication.     ║
 ╚═══════════════════════════════════════════════════════════════════════╝
 `);
-} else if (hasOAuthToken) {
-  console.log(
-    "[Server] ✓ CLAUDE_CODE_OAUTH_TOKEN detected (subscription auth)"
-  );
 } else {
   console.log("[Server] ✓ ANTHROPIC_API_KEY detected (API key auth)");
 }

apps/server/src/providers/claude-provider.ts

@@ -112,9 +112,7 @@ export class ClaudeProvider extends BaseProvider {
    */
   async detectInstallation(): Promise<InstallationStatus> {
     // Claude SDK is always available since it's a dependency
-    const hasAnthropicKey = !!process.env.ANTHROPIC_API_KEY;
-    const hasOAuthToken = !!process.env.CLAUDE_CODE_OAUTH_TOKEN;
-    const hasApiKey = hasAnthropicKey || hasOAuthToken;
+    const hasApiKey = !!process.env.ANTHROPIC_API_KEY;
 
     const status: InstallationStatus = {
       installed: true,

apps/server/src/routes/app-spec/common.ts

@@ -35,19 +35,9 @@ export function setRunningState(
  * Helper to log authentication status
  */
 export function logAuthStatus(context: string): void {
-  const hasOAuthToken = !!process.env.CLAUDE_CODE_OAUTH_TOKEN;
   const hasApiKey = !!process.env.ANTHROPIC_API_KEY;
 
   logger.info(`${context} - Auth Status:`);
-  logger.info(
-    `  CLAUDE_CODE_OAUTH_TOKEN: ${
-      hasOAuthToken
-        ? "SET (" +
-          process.env.CLAUDE_CODE_OAUTH_TOKEN?.substring(0, 20) +
-          "...)"
-        : "NOT SET"
-    }`
-  );
   logger.info(
     `  ANTHROPIC_API_KEY: ${
       hasApiKey
@@ -56,7 +46,7 @@ export function logAuthStatus(context: string): void {
     }`
   );
 
-  if (!hasOAuthToken && !hasApiKey) {
+  if (!hasApiKey) {
     logger.warn("⚠️  WARNING: No authentication configured! SDK will fail.");
   }
 }

apps/server/src/routes/models/routes/providers.ts

@@ -15,9 +15,7 @@ export function createProvidersHandler() {
       const providers: Record<string, any> = {
         anthropic: {
           available: statuses.claude?.installed || false,
-          hasApiKey:
-            !!process.env.ANTHROPIC_API_KEY ||
-            !!process.env.CLAUDE_CODE_OAUTH_TOKEN,
+          hasApiKey: !!process.env.ANTHROPIC_API_KEY,
         },
         google: {
           available: !!process.env.GOOGLE_API_KEY,

apps/server/src/routes/setup/get-claude-status.ts

@@ -74,7 +74,6 @@ export async function getClaudeStatus() {
     hasStoredOAuthToken: !!getApiKey("anthropic_oauth_token"),
     hasStoredApiKey: !!getApiKey("anthropic"),
     hasEnvApiKey: !!process.env.ANTHROPIC_API_KEY,
-    hasEnvOAuthToken: !!process.env.CLAUDE_CODE_OAUTH_TOKEN,
     // Additional fields for detailed status
     oauthTokenValid: false,
     apiKeyValid: false,
@@ -148,11 +147,7 @@ export async function getClaudeStatus() {
   }
 
   // Environment variables override stored credentials (higher priority)
-  if (auth.hasEnvOAuthToken) {
-    auth.authenticated = true;
-    auth.oauthTokenValid = true;
-    auth.method = "oauth_token_env";
-  } else if (auth.hasEnvApiKey) {
+  if (auth.hasEnvApiKey) {
     auth.authenticated = true;
     auth.apiKeyValid = true;
     auth.method = "api_key_env"; // API key from ANTHROPIC_API_KEY env var

apps/server/src/routes/setup/routes/store-api-key.ts

@@ -31,16 +31,8 @@ export function createStoreApiKeyHandler() {
       setApiKey(provider, apiKey);
 
       // Also set as environment variable and persist to .env
-      // IMPORTANT: OAuth tokens and API keys must be stored separately
-      // - OAuth tokens (subscription auth) -> CLAUDE_CODE_OAUTH_TOKEN
-      // - API keys (pay-per-use) -> ANTHROPIC_API_KEY
-      if (provider === "anthropic_oauth_token") {
-        // OAuth token from claude setup-token (subscription-based auth)
-        process.env.CLAUDE_CODE_OAUTH_TOKEN = apiKey;
-        await persistApiKeyToEnv("CLAUDE_CODE_OAUTH_TOKEN", apiKey);
-        logger.info("[Setup] Stored OAuth token as CLAUDE_CODE_OAUTH_TOKEN");
-      } else if (provider === "anthropic") {
-        // Direct API key (pay-per-use)
+      if (provider === "anthropic" || provider === "anthropic_oauth_token") {
+        // Both API key and OAuth token use ANTHROPIC_API_KEY
         process.env.ANTHROPIC_API_KEY = apiKey;
         await persistApiKeyToEnv("ANTHROPIC_API_KEY", apiKey);
         logger.info("[Setup] Stored API key as ANTHROPIC_API_KEY");