refactor: update authentication handling and model configuration

- Enhanced authentication method validation in `auth.ts` and `auth.test.ts`.
- Introduced new model provider configuration logic
- Updated environment variable handling for various auth types.
- Removed deprecated utility functions and tests related to fallback mechanisms.

packages/cli/src/ui/models/availableModels.ts

@@ -4,7 +4,12 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import { AuthType, DEFAULT_QWEN_MODEL } from '@qwen-code/qwen-code-core';
+import {
+  AuthType,
+  DEFAULT_QWEN_MODEL,
+  type Config,
+  type AvailableModel as CoreAvailableModel,
+} from '@qwen-code/qwen-code-core';
 import { t } from '../../i18n/index.js';
 
 export type AvailableModel = {
@@ -57,20 +62,78 @@ export function getFilteredQwenModels(
  */
 export function getOpenAIAvailableModelFromEnv(): AvailableModel | null {
   const id = process.env['OPENAI_MODEL']?.trim();
-  return id ? { id, label: id } : null;
+  return id
+    ? {
+        id,
+        label: id,
+        get description() {
+          return t('Configured via OPENAI_MODEL environment variable');
+        },
+      }
+    : null;
 }
 
 export function getAnthropicAvailableModelFromEnv(): AvailableModel | null {
   const id = process.env['ANTHROPIC_MODEL']?.trim();
-  return id ? { id, label: id } : null;
+  return id
+    ? {
+        id,
+        label: id,
+        get description() {
+          return t('Configured via ANTHROPIC_MODEL environment variable');
+        },
+      }
+    : null;
 }
 
+/**
+ * Convert core AvailableModel to CLI AvailableModel format
+ */
+function convertCoreModelToCliModel(
+  coreModel: CoreAvailableModel,
+): AvailableModel {
+  return {
+    id: coreModel.id,
+    label: coreModel.label,
+    description: coreModel.description,
+    isVision: coreModel.isVision ?? coreModel.capabilities?.vision ?? false,
+  };
+}
+
+/**
+ * Get available models for the given authType.
+ *
+ * If a Config object is provided, uses config.getAvailableModelsForAuthType().
+ * For qwen-oauth, always returns the hard-coded models.
+ * Falls back to environment variables only when no config is provided.
+ */
 export function getAvailableModelsForAuthType(
   authType: AuthType,
+  config?: Config,
 ): AvailableModel[] {
+  // For qwen-oauth, always use hard-coded models, this aligns with the API gateway.
+  if (authType === AuthType.QWEN_OAUTH) {
+    return AVAILABLE_MODELS_QWEN;
+  }
+
+  // Use config's model registry when available
+  if (config) {
+    try {
+      const models = config.getAvailableModelsForAuthType(authType);
+      if (models.length > 0) {
+        return models.map(convertCoreModelToCliModel);
+      }
+    } catch {
+      // If config throws (e.g., not initialized), return empty array
+    }
+    // When a Config object is provided, we intentionally do NOT fall back to env-based
+    // "raw" models. These may reflect the currently effective config but should not be
+    // presented as selectable options in /model.
+    return [];
+  }
+
+  // Fall back to environment variables for specific auth types (no config provided)
   switch (authType) {
-    case AuthType.QWEN_OAUTH:
-      return AVAILABLE_MODELS_QWEN;
     case AuthType.USE_OPENAI: {
       const openAIModel = getOpenAIAvailableModelFromEnv();
       return openAIModel ? [openAIModel] : [];
@@ -80,13 +143,10 @@ export function getAvailableModelsForAuthType(
       return anthropicModel ? [anthropicModel] : [];
     }
     default:
-      // For other auth types, return empty array for now
-      // This can be expanded later according to the design doc
       return [];
   }
 }
 
-/**
 /**
  * Hard code the default vision model as a string literal,
  * until our coding model supports multimodal.