2026-01-04 19:27:53 +08:00
// Package config provides configuration loading, defaults, and validation.
2025-12-18 13:50:39 +08:00
package config
import (
2026-01-02 17:40:57 +08:00
"crypto/rand"
"encoding/hex"
2025-12-18 13:50:39 +08:00
"fmt"
2026-01-02 17:40:57 +08:00
"log"
2026-01-09 12:05:25 +08:00
"net/url"
2026-01-06 09:43:56 +08:00
"os"
2025-12-18 13:50:39 +08:00
"strings"
2026-01-01 04:01:51 +08:00
"time"
2025-12-18 13:50:39 +08:00
"github.com/spf13/viper"
)
2025-12-29 03:17:25 +08:00
const (
RunModeStandard = "standard"
RunModeSimple = "simple"
)
2026-01-06 09:15:03 +08:00
const DefaultCSPPolicy = "default-src 'self'; script-src 'self' https://challenges.cloudflare.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' https:; frame-src https://challenges.cloudflare.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'"
2026-01-02 17:40:57 +08:00
2025-12-31 11:43:58 +08:00
// 连接池隔离策略常量
// 用于控制上游 HTTP 连接池的隔离粒度,影响连接复用和资源消耗
const (
// ConnectionPoolIsolationProxy: 按代理隔离
// 同一代理地址共享连接池,适合代理数量少、账户数量多的场景
ConnectionPoolIsolationProxy = "proxy"
// ConnectionPoolIsolationAccount: 按账户隔离
// 每个账户独立连接池,适合账户数量少、需要严格隔离的场景
ConnectionPoolIsolationAccount = "account"
// ConnectionPoolIsolationAccountProxy: 按账户+代理组合隔离(默认)
// 同一账户+代理组合共享连接池,提供最细粒度的隔离
ConnectionPoolIsolationAccountProxy = "account_proxy"
)
2025-12-18 13:50:39 +08:00
type Config struct {
2026-01-11 16:01:35 +08:00
Server ServerConfig ` mapstructure:"server" `
CORS CORSConfig ` mapstructure:"cors" `
Security SecurityConfig ` mapstructure:"security" `
Billing BillingConfig ` mapstructure:"billing" `
Turnstile TurnstileConfig ` mapstructure:"turnstile" `
Database DatabaseConfig ` mapstructure:"database" `
Redis RedisConfig ` mapstructure:"redis" `
JWT JWTConfig ` mapstructure:"jwt" `
LinuxDo LinuxDoConnectConfig ` mapstructure:"linuxdo_connect" `
Default DefaultConfig ` mapstructure:"default" `
RateLimit RateLimitConfig ` mapstructure:"rate_limit" `
Pricing PricingConfig ` mapstructure:"pricing" `
Gateway GatewayConfig ` mapstructure:"gateway" `
APIKeyAuth APIKeyAuthCacheConfig ` mapstructure:"api_key_auth_cache" `
Dashboard DashboardCacheConfig ` mapstructure:"dashboard_cache" `
DashboardAgg DashboardAggregationConfig ` mapstructure:"dashboard_aggregation" `
Concurrency ConcurrencyConfig ` mapstructure:"concurrency" `
TokenRefresh TokenRefreshConfig ` mapstructure:"token_refresh" `
RunMode string ` mapstructure:"run_mode" yaml:"run_mode" `
Timezone string ` mapstructure:"timezone" ` // e.g. "Asia/Shanghai", "UTC"
Gemini GeminiConfig ` mapstructure:"gemini" `
Update UpdateConfig ` mapstructure:"update" `
2026-01-06 15:55:36 +08:00
}
// UpdateConfig 在线更新相关配置
type UpdateConfig struct {
// ProxyURL 用于访问 GitHub 的代理地址
// 支持 http/https/socks5/socks5h 协议
// 例如: "http://127.0.0.1:7890", "socks5://127.0.0.1:1080"
ProxyURL string ` mapstructure:"proxy_url" `
2025-12-25 06:43:00 -08:00
}
type GeminiConfig struct {
OAuth GeminiOAuthConfig ` mapstructure:"oauth" `
2026-01-01 04:22:39 +08:00
Quota GeminiQuotaConfig ` mapstructure:"quota" `
2025-12-25 06:43:00 -08:00
}
type GeminiOAuthConfig struct {
ClientID string ` mapstructure:"client_id" `
ClientSecret string ` mapstructure:"client_secret" `
Scopes string ` mapstructure:"scopes" `
2025-12-20 13:01:58 +08:00
}
2026-01-01 04:22:39 +08:00
type GeminiQuotaConfig struct {
Tiers map [ string ] GeminiTierQuotaConfig ` mapstructure:"tiers" `
Policy string ` mapstructure:"policy" `
}
type GeminiTierQuotaConfig struct {
ProRPD * int64 ` mapstructure:"pro_rpd" json:"pro_rpd" `
FlashRPD * int64 ` mapstructure:"flash_rpd" json:"flash_rpd" `
CooldownMinutes * int ` mapstructure:"cooldown_minutes" json:"cooldown_minutes" `
}
2025-12-20 13:01:58 +08:00
// TokenRefreshConfig OAuth token自动刷新配置
type TokenRefreshConfig struct {
// 是否启用自动刷新
Enabled bool ` mapstructure:"enabled" `
// 检查间隔(分钟)
CheckIntervalMinutes int ` mapstructure:"check_interval_minutes" `
// 提前刷新时间( ) ,
RefreshBeforeExpiryHours float64 ` mapstructure:"refresh_before_expiry_hours" `
// 最大重试次数
MaxRetries int ` mapstructure:"max_retries" `
// 重试退避基础时间(秒)
RetryBackoffSeconds int ` mapstructure:"retry_backoff_seconds" `
2025-12-18 13:50:39 +08:00
}
type PricingConfig struct {
// 价格数据远程URL( )
RemoteURL string ` mapstructure:"remote_url" `
// 哈希校验文件URL
HashURL string ` mapstructure:"hash_url" `
// 本地数据目录
DataDir string ` mapstructure:"data_dir" `
// 回退文件路径
FallbackFile string ` mapstructure:"fallback_file" `
// 更新间隔(小时)
UpdateIntervalHours int ` mapstructure:"update_interval_hours" `
// 哈希校验间隔(分钟)
HashCheckIntervalMinutes int ` mapstructure:"hash_check_interval_minutes" `
}
type ServerConfig struct {
2026-01-02 17:40:57 +08:00
Host string ` mapstructure:"host" `
Port int ` mapstructure:"port" `
Mode string ` mapstructure:"mode" ` // debug/release
ReadHeaderTimeout int ` mapstructure:"read_header_timeout" ` // 读取请求头超时(秒)
IdleTimeout int ` mapstructure:"idle_timeout" ` // 空闲连接超时(秒)
TrustedProxies [ ] string ` mapstructure:"trusted_proxies" ` // 可信代理列表( )
}
type CORSConfig struct {
AllowedOrigins [ ] string ` mapstructure:"allowed_origins" `
AllowCredentials bool ` mapstructure:"allow_credentials" `
}
type SecurityConfig struct {
URLAllowlist URLAllowlistConfig ` mapstructure:"url_allowlist" `
ResponseHeaders ResponseHeaderConfig ` mapstructure:"response_headers" `
CSP CSPConfig ` mapstructure:"csp" `
ProxyProbe ProxyProbeConfig ` mapstructure:"proxy_probe" `
}
type URLAllowlistConfig struct {
2026-01-05 13:54:43 +08:00
Enabled bool ` mapstructure:"enabled" `
2026-01-02 17:40:57 +08:00
UpstreamHosts [ ] string ` mapstructure:"upstream_hosts" `
PricingHosts [ ] string ` mapstructure:"pricing_hosts" `
CRSHosts [ ] string ` mapstructure:"crs_hosts" `
AllowPrivateHosts bool ` mapstructure:"allow_private_hosts" `
2026-01-05 14:41:08 +08:00
// 关闭 URL 白名单校验时,是否允许 http URL( )
2026-01-05 17:24:37 +08:00
AllowInsecureHTTP bool ` mapstructure:"allow_insecure_http" `
2026-01-02 17:40:57 +08:00
}
type ResponseHeaderConfig struct {
2026-01-05 13:54:43 +08:00
Enabled bool ` mapstructure:"enabled" `
2026-01-02 17:40:57 +08:00
AdditionalAllowed [ ] string ` mapstructure:"additional_allowed" `
ForceRemove [ ] string ` mapstructure:"force_remove" `
}
type CSPConfig struct {
Enabled bool ` mapstructure:"enabled" `
Policy string ` mapstructure:"policy" `
}
type ProxyProbeConfig struct {
2026-01-06 11:36:38 +08:00
InsecureSkipVerify bool ` mapstructure:"insecure_skip_verify" ` // 已禁用:禁止跳过 TLS 证书验证
2026-01-02 17:40:57 +08:00
}
type BillingConfig struct {
CircuitBreaker CircuitBreakerConfig ` mapstructure:"circuit_breaker" `
}
type CircuitBreakerConfig struct {
Enabled bool ` mapstructure:"enabled" `
FailureThreshold int ` mapstructure:"failure_threshold" `
ResetTimeoutSeconds int ` mapstructure:"reset_timeout_seconds" `
HalfOpenRequests int ` mapstructure:"half_open_requests" `
2025-12-18 13:50:39 +08:00
}
2026-01-04 19:49:59 +08:00
type ConcurrencyConfig struct {
// PingInterval: 并发等待期间的 SSE ping 间隔(秒)
PingInterval int ` mapstructure:"ping_interval" `
}
2025-12-18 13:50:39 +08:00
// GatewayConfig API网关相关配置
type GatewayConfig struct {
// 等待上游响应头的超时时间( ) ,
// 注意:这不影响流式数据传输,只控制等待响应头的时间
ResponseHeaderTimeout int ` mapstructure:"response_header_timeout" `
2025-12-31 08:50:12 +08:00
// 请求体最大字节数,用于网关请求体大小限制
MaxBodySize int64 ` mapstructure:"max_body_size" `
2025-12-31 11:43:58 +08:00
// ConnectionPoolIsolation: 上游连接池隔离策略( )
ConnectionPoolIsolation string ` mapstructure:"connection_pool_isolation" `
2025-12-31 08:50:12 +08:00
// HTTP 上游连接池配置(性能优化:支持高并发场景调优)
// MaxIdleConns: 所有主机的最大空闲连接总数
MaxIdleConns int ` mapstructure:"max_idle_conns" `
// MaxIdleConnsPerHost: 每个主机的最大空闲连接数(关键参数,影响连接复用率)
MaxIdleConnsPerHost int ` mapstructure:"max_idle_conns_per_host" `
// MaxConnsPerHost: 每个主机的最大连接数(包括活跃+空闲) ,
MaxConnsPerHost int ` mapstructure:"max_conns_per_host" `
// IdleConnTimeoutSeconds: 空闲连接超时时间(秒)
IdleConnTimeoutSeconds int ` mapstructure:"idle_conn_timeout_seconds" `
2025-12-31 11:43:58 +08:00
// MaxUpstreamClients: 上游连接池客户端最大缓存数量
// 当使用连接池隔离策略时,系统会为不同的账户/代理组合创建独立的 HTTP 客户端
// 此参数限制缓存的客户端数量,超出后会淘汰最久未使用的客户端
// 建议值:预估的活跃账户数 * 1.2(留有余量)
MaxUpstreamClients int ` mapstructure:"max_upstream_clients" `
// ClientIdleTTLSeconds: 上游连接池客户端空闲回收阈值(秒)
// 超过此时间未使用的客户端会被标记为可回收
// 建议值:根据用户访问频率设置,一般 10-30 分钟
ClientIdleTTLSeconds int ` mapstructure:"client_idle_ttl_seconds" `
2025-12-31 08:50:12 +08:00
// ConcurrencySlotTTLMinutes: 并发槽位过期时间(分钟)
// 应大于最长 LLM 请求时间,防止请求完成前槽位过期
ConcurrencySlotTTLMinutes int ` mapstructure:"concurrency_slot_ttl_minutes" `
fix: 修复 /v1/messages 间歇性 400 错误 (#18)
* fix(upstream): 修复上游格式兼容性问题
- 跳过Claude模型无signature的thinking block
- 支持custom类型工具(MCP)格式转换
- 添加ClaudeCustomToolSpec结构体支持MCP工具
- 添加Custom字段验证,跳过无效custom工具
- 在convertClaudeToolsToGeminiTools中添加schema清理
- 完整的单元测试覆盖,包含边界情况
修复: Issue 0.1 signature缺失, Issue 0.2 custom工具格式
改进: Codex审查发现的2个重要问题
测试:
- TestBuildParts_ThinkingBlockWithoutSignature: 验证thinking block处理
- TestBuildTools_CustomTypeTools: 验证custom工具转换和边界情况
- TestConvertClaudeToolsToGeminiTools_CustomType: 验证service层转换
* feat(gemini): 添加Gemini限额与TierID支持
实现PR1:Gemini限额与TierID功能
后端修改:
- GeminiTokenInfo结构体添加TierID字段
- fetchProjectID函数返回(projectID, tierID, error)
- 从LoadCodeAssist响应中提取tierID(优先IsDefault,回退到第一个非空tier)
- ExchangeCode、RefreshAccountToken、GetAccessToken函数更新以处理tierID
- BuildAccountCredentials函数保存tier_id到credentials
前端修改:
- AccountStatusIndicator组件添加tier显示
- 支持LEGACY/PRO/ULTRA等tier类型的友好显示
- 使用蓝色badge展示tier信息
技术细节:
- tierID提取逻辑:优先选择IsDefault的tier,否则选择第一个非空tier
- 所有fetchProjectID调用点已更新以处理新的返回签名
- 前端gracefully处理missing/unknown tier_id
* refactor(gemini): 优化TierID实现并添加安全验证
根据并发代码审查(code-reviewer, security-auditor, gemini, codex)的反馈进行改进:
安全改进:
- 添加validateTierID函数验证tier_id格式和长度(最大64字符)
- 限制tier_id字符集为字母数字、下划线、连字符和斜杠
- 在BuildAccountCredentials中验证tier_id后再存储
- 静默跳过无效tier_id,不阻塞账户创建
代码质量改进:
- 提取extractTierIDFromAllowedTiers辅助函数消除重复代码
- 重构fetchProjectID函数,tierID提取逻辑只执行一次
- 改进代码可读性和可维护性
审查工具:
- code-reviewer agent (a09848e)
- security-auditor agent (a9a149c)
- gemini CLI (bcc7c81)
- codex (b5d8919)
修复问题:
- HIGH: 未验证的tier_id输入
- MEDIUM: 代码重复(tierID提取逻辑重复2次)
* fix(format): 修复 gofmt 格式问题
- 修复 claude_types.go 中的字段对齐问题
- 修复 gemini_messages_compat_service.go 中的缩进问题
* fix(upstream): 修复上游格式兼容性问题 (#14)
* fix(upstream): 修复上游格式兼容性问题
- 跳过Claude模型无signature的thinking block
- 支持custom类型工具(MCP)格式转换
- 添加ClaudeCustomToolSpec结构体支持MCP工具
- 添加Custom字段验证,跳过无效custom工具
- 在convertClaudeToolsToGeminiTools中添加schema清理
- 完整的单元测试覆盖,包含边界情况
修复: Issue 0.1 signature缺失, Issue 0.2 custom工具格式
改进: Codex审查发现的2个重要问题
测试:
- TestBuildParts_ThinkingBlockWithoutSignature: 验证thinking block处理
- TestBuildTools_CustomTypeTools: 验证custom工具转换和边界情况
- TestConvertClaudeToolsToGeminiTools_CustomType: 验证service层转换
* fix(format): 修复 gofmt 格式问题
- 修复 claude_types.go 中的字段对齐问题
- 修复 gemini_messages_compat_service.go 中的缩进问题
* fix(format): 修复 claude_types.go 的 gofmt 格式问题
* feat(antigravity): 优化 thinking block 和 schema 处理
- 为 dummy thinking block 添加 ThoughtSignature
- 重构 thinking block 处理逻辑,在每个条件分支内创建 part
- 优化 excludedSchemaKeys,移除 Gemini 实际支持的字段
(minItems, maxItems, minimum, maximum, additionalProperties, format)
- 添加详细注释说明 Gemini API 支持的 schema 字段
* fix(antigravity): 增强 schema 清理的安全性
基于 Codex review 建议:
- 添加 format 字段白名单过滤,只保留 Gemini 支持的 date-time/date/time
- 补充更多不支持的 schema 关键字到黑名单:
* 组合 schema: oneOf, anyOf, allOf, not, if/then/else
* 对象验证: minProperties, maxProperties, patternProperties 等
* 定义引用: $defs, definitions
- 避免不支持的 schema 字段导致 Gemini API 校验失败
* fix(lint): 修复 gemini_messages_compat_service 空分支警告
- 在 cleanToolSchema 的 if 语句中添加 continue
- 移除重复的注释
* fix(antigravity): 移除 minItems/maxItems 以兼容 Claude API
- 将 minItems 和 maxItems 添加到 schema 黑名单
- Claude API (Vertex AI) 不支持这些数组验证字段
- 添加调试日志记录工具 schema 转换过程
- 修复 tools.14.custom.input_schema 验证错误
* fix(antigravity): 修复 additionalProperties schema 对象问题
- 将 additionalProperties 的 schema 对象转换为布尔值 true
- Claude API 只支持 additionalProperties: false,不支持 schema 对象
- 修复 tools.14.custom.input_schema 验证错误
- 参考 Claude 官方文档的 JSON Schema 限制
* fix(antigravity): 修复 Claude 模型 thinking 块兼容性问题
- 完全跳过 Claude 模型的 thinking 块以避免 signature 验证失败
- 只在 Gemini 模型中使用 dummy thought signature
- 修改 additionalProperties 默认值为 false(更安全)
- 添加调试日志以便排查问题
* fix(upstream): 修复跨模型切换时的 dummy signature 问题
基于 Codex review 和用户场景分析的修复:
1. 问题场景
- Gemini (thinking) → Claude (thinking) 切换时
- Gemini 返回的 thinking 块使用 dummy signature
- Claude API 会拒绝 dummy signature,导致 400 错误
2. 修复内容
- request_transformer.go:262: 跳过 dummy signature
- 只保留真实的 Claude signature
- 支持频繁的跨模型切换
3. 其他修复(基于 Codex review)
- gateway_service.go:691: 修复 io.ReadAll 错误处理
- gateway_service.go:687: 条件日志(尊重 LogUpstreamErrorBody 配置)
- gateway_service.go:915: 收紧 400 failover 启发式
- request_transformer.go:188: 移除签名成功日志
4. 新增功能(默认关闭)
- 阶段 1: 上游错误日志(GATEWAY_LOG_UPSTREAM_ERROR_BODY)
- 阶段 2: Antigravity thinking 修复
- 阶段 3: API-key beta 注入(GATEWAY_INJECT_BETA_FOR_APIKEY)
- 阶段 3: 智能 400 failover(GATEWAY_FAILOVER_ON_400)
测试:所有测试通过
* fix(lint): 修复 golangci-lint 问题
- 应用 De Morgan 定律简化条件判断
- 修复 gofmt 格式问题
- 移除未使用的 min 函数
2026-01-01 04:21:18 +08:00
2026-01-04 19:49:59 +08:00
// StreamDataIntervalTimeout: 流数据间隔超时( ) ,
StreamDataIntervalTimeout int ` mapstructure:"stream_data_interval_timeout" `
// StreamKeepaliveInterval: 流式 keepalive 间隔( ) ,
StreamKeepaliveInterval int ` mapstructure:"stream_keepalive_interval" `
// MaxLineSize: 上游 SSE 单行最大字节数( )
MaxLineSize int ` mapstructure:"max_line_size" `
fix: 修复 /v1/messages 间歇性 400 错误 (#18)
* fix(upstream): 修复上游格式兼容性问题
- 跳过Claude模型无signature的thinking block
- 支持custom类型工具(MCP)格式转换
- 添加ClaudeCustomToolSpec结构体支持MCP工具
- 添加Custom字段验证,跳过无效custom工具
- 在convertClaudeToolsToGeminiTools中添加schema清理
- 完整的单元测试覆盖,包含边界情况
修复: Issue 0.1 signature缺失, Issue 0.2 custom工具格式
改进: Codex审查发现的2个重要问题
测试:
- TestBuildParts_ThinkingBlockWithoutSignature: 验证thinking block处理
- TestBuildTools_CustomTypeTools: 验证custom工具转换和边界情况
- TestConvertClaudeToolsToGeminiTools_CustomType: 验证service层转换
* feat(gemini): 添加Gemini限额与TierID支持
实现PR1:Gemini限额与TierID功能
后端修改:
- GeminiTokenInfo结构体添加TierID字段
- fetchProjectID函数返回(projectID, tierID, error)
- 从LoadCodeAssist响应中提取tierID(优先IsDefault,回退到第一个非空tier)
- ExchangeCode、RefreshAccountToken、GetAccessToken函数更新以处理tierID
- BuildAccountCredentials函数保存tier_id到credentials
前端修改:
- AccountStatusIndicator组件添加tier显示
- 支持LEGACY/PRO/ULTRA等tier类型的友好显示
- 使用蓝色badge展示tier信息
技术细节:
- tierID提取逻辑:优先选择IsDefault的tier,否则选择第一个非空tier
- 所有fetchProjectID调用点已更新以处理新的返回签名
- 前端gracefully处理missing/unknown tier_id
* refactor(gemini): 优化TierID实现并添加安全验证
根据并发代码审查(code-reviewer, security-auditor, gemini, codex)的反馈进行改进:
安全改进:
- 添加validateTierID函数验证tier_id格式和长度(最大64字符)
- 限制tier_id字符集为字母数字、下划线、连字符和斜杠
- 在BuildAccountCredentials中验证tier_id后再存储
- 静默跳过无效tier_id,不阻塞账户创建
代码质量改进:
- 提取extractTierIDFromAllowedTiers辅助函数消除重复代码
- 重构fetchProjectID函数,tierID提取逻辑只执行一次
- 改进代码可读性和可维护性
审查工具:
- code-reviewer agent (a09848e)
- security-auditor agent (a9a149c)
- gemini CLI (bcc7c81)
- codex (b5d8919)
修复问题:
- HIGH: 未验证的tier_id输入
- MEDIUM: 代码重复(tierID提取逻辑重复2次)
* fix(format): 修复 gofmt 格式问题
- 修复 claude_types.go 中的字段对齐问题
- 修复 gemini_messages_compat_service.go 中的缩进问题
* fix(upstream): 修复上游格式兼容性问题 (#14)
* fix(upstream): 修复上游格式兼容性问题
- 跳过Claude模型无signature的thinking block
- 支持custom类型工具(MCP)格式转换
- 添加ClaudeCustomToolSpec结构体支持MCP工具
- 添加Custom字段验证,跳过无效custom工具
- 在convertClaudeToolsToGeminiTools中添加schema清理
- 完整的单元测试覆盖,包含边界情况
修复: Issue 0.1 signature缺失, Issue 0.2 custom工具格式
改进: Codex审查发现的2个重要问题
测试:
- TestBuildParts_ThinkingBlockWithoutSignature: 验证thinking block处理
- TestBuildTools_CustomTypeTools: 验证custom工具转换和边界情况
- TestConvertClaudeToolsToGeminiTools_CustomType: 验证service层转换
* fix(format): 修复 gofmt 格式问题
- 修复 claude_types.go 中的字段对齐问题
- 修复 gemini_messages_compat_service.go 中的缩进问题
* fix(format): 修复 claude_types.go 的 gofmt 格式问题
* feat(antigravity): 优化 thinking block 和 schema 处理
- 为 dummy thinking block 添加 ThoughtSignature
- 重构 thinking block 处理逻辑,在每个条件分支内创建 part
- 优化 excludedSchemaKeys,移除 Gemini 实际支持的字段
(minItems, maxItems, minimum, maximum, additionalProperties, format)
- 添加详细注释说明 Gemini API 支持的 schema 字段
* fix(antigravity): 增强 schema 清理的安全性
基于 Codex review 建议:
- 添加 format 字段白名单过滤,只保留 Gemini 支持的 date-time/date/time
- 补充更多不支持的 schema 关键字到黑名单:
* 组合 schema: oneOf, anyOf, allOf, not, if/then/else
* 对象验证: minProperties, maxProperties, patternProperties 等
* 定义引用: $defs, definitions
- 避免不支持的 schema 字段导致 Gemini API 校验失败
* fix(lint): 修复 gemini_messages_compat_service 空分支警告
- 在 cleanToolSchema 的 if 语句中添加 continue
- 移除重复的注释
* fix(antigravity): 移除 minItems/maxItems 以兼容 Claude API
- 将 minItems 和 maxItems 添加到 schema 黑名单
- Claude API (Vertex AI) 不支持这些数组验证字段
- 添加调试日志记录工具 schema 转换过程
- 修复 tools.14.custom.input_schema 验证错误
* fix(antigravity): 修复 additionalProperties schema 对象问题
- 将 additionalProperties 的 schema 对象转换为布尔值 true
- Claude API 只支持 additionalProperties: false,不支持 schema 对象
- 修复 tools.14.custom.input_schema 验证错误
- 参考 Claude 官方文档的 JSON Schema 限制
* fix(antigravity): 修复 Claude 模型 thinking 块兼容性问题
- 完全跳过 Claude 模型的 thinking 块以避免 signature 验证失败
- 只在 Gemini 模型中使用 dummy thought signature
- 修改 additionalProperties 默认值为 false(更安全)
- 添加调试日志以便排查问题
* fix(upstream): 修复跨模型切换时的 dummy signature 问题
基于 Codex review 和用户场景分析的修复:
1. 问题场景
- Gemini (thinking) → Claude (thinking) 切换时
- Gemini 返回的 thinking 块使用 dummy signature
- Claude API 会拒绝 dummy signature,导致 400 错误
2. 修复内容
- request_transformer.go:262: 跳过 dummy signature
- 只保留真实的 Claude signature
- 支持频繁的跨模型切换
3. 其他修复(基于 Codex review)
- gateway_service.go:691: 修复 io.ReadAll 错误处理
- gateway_service.go:687: 条件日志(尊重 LogUpstreamErrorBody 配置)
- gateway_service.go:915: 收紧 400 failover 启发式
- request_transformer.go:188: 移除签名成功日志
4. 新增功能(默认关闭)
- 阶段 1: 上游错误日志(GATEWAY_LOG_UPSTREAM_ERROR_BODY)
- 阶段 2: Antigravity thinking 修复
- 阶段 3: API-key beta 注入(GATEWAY_INJECT_BETA_FOR_APIKEY)
- 阶段 3: 智能 400 failover(GATEWAY_FAILOVER_ON_400)
测试:所有测试通过
* fix(lint): 修复 golangci-lint 问题
- 应用 De Morgan 定律简化条件判断
- 修复 gofmt 格式问题
- 移除未使用的 min 函数
2026-01-01 04:21:18 +08:00
// 是否记录上游错误响应体摘要(避免输出请求内容)
LogUpstreamErrorBody bool ` mapstructure:"log_upstream_error_body" `
// 上游错误响应体记录最大字节数(超过会截断)
LogUpstreamErrorBodyMaxBytes int ` mapstructure:"log_upstream_error_body_max_bytes" `
// API-key 账号在客户端未提供 anthropic-beta 时,是否按需自动补齐(默认关闭以保持兼容)
2026-01-04 19:27:53 +08:00
InjectBetaForAPIKey bool ` mapstructure:"inject_beta_for_apikey" `
fix: 修复 /v1/messages 间歇性 400 错误 (#18)
* fix(upstream): 修复上游格式兼容性问题
- 跳过Claude模型无signature的thinking block
- 支持custom类型工具(MCP)格式转换
- 添加ClaudeCustomToolSpec结构体支持MCP工具
- 添加Custom字段验证,跳过无效custom工具
- 在convertClaudeToolsToGeminiTools中添加schema清理
- 完整的单元测试覆盖,包含边界情况
修复: Issue 0.1 signature缺失, Issue 0.2 custom工具格式
改进: Codex审查发现的2个重要问题
测试:
- TestBuildParts_ThinkingBlockWithoutSignature: 验证thinking block处理
- TestBuildTools_CustomTypeTools: 验证custom工具转换和边界情况
- TestConvertClaudeToolsToGeminiTools_CustomType: 验证service层转换
* feat(gemini): 添加Gemini限额与TierID支持
实现PR1:Gemini限额与TierID功能
后端修改:
- GeminiTokenInfo结构体添加TierID字段
- fetchProjectID函数返回(projectID, tierID, error)
- 从LoadCodeAssist响应中提取tierID(优先IsDefault,回退到第一个非空tier)
- ExchangeCode、RefreshAccountToken、GetAccessToken函数更新以处理tierID
- BuildAccountCredentials函数保存tier_id到credentials
前端修改:
- AccountStatusIndicator组件添加tier显示
- 支持LEGACY/PRO/ULTRA等tier类型的友好显示
- 使用蓝色badge展示tier信息
技术细节:
- tierID提取逻辑:优先选择IsDefault的tier,否则选择第一个非空tier
- 所有fetchProjectID调用点已更新以处理新的返回签名
- 前端gracefully处理missing/unknown tier_id
* refactor(gemini): 优化TierID实现并添加安全验证
根据并发代码审查(code-reviewer, security-auditor, gemini, codex)的反馈进行改进:
安全改进:
- 添加validateTierID函数验证tier_id格式和长度(最大64字符)
- 限制tier_id字符集为字母数字、下划线、连字符和斜杠
- 在BuildAccountCredentials中验证tier_id后再存储
- 静默跳过无效tier_id,不阻塞账户创建
代码质量改进:
- 提取extractTierIDFromAllowedTiers辅助函数消除重复代码
- 重构fetchProjectID函数,tierID提取逻辑只执行一次
- 改进代码可读性和可维护性
审查工具:
- code-reviewer agent (a09848e)
- security-auditor agent (a9a149c)
- gemini CLI (bcc7c81)
- codex (b5d8919)
修复问题:
- HIGH: 未验证的tier_id输入
- MEDIUM: 代码重复(tierID提取逻辑重复2次)
* fix(format): 修复 gofmt 格式问题
- 修复 claude_types.go 中的字段对齐问题
- 修复 gemini_messages_compat_service.go 中的缩进问题
* fix(upstream): 修复上游格式兼容性问题 (#14)
* fix(upstream): 修复上游格式兼容性问题
- 跳过Claude模型无signature的thinking block
- 支持custom类型工具(MCP)格式转换
- 添加ClaudeCustomToolSpec结构体支持MCP工具
- 添加Custom字段验证,跳过无效custom工具
- 在convertClaudeToolsToGeminiTools中添加schema清理
- 完整的单元测试覆盖,包含边界情况
修复: Issue 0.1 signature缺失, Issue 0.2 custom工具格式
改进: Codex审查发现的2个重要问题
测试:
- TestBuildParts_ThinkingBlockWithoutSignature: 验证thinking block处理
- TestBuildTools_CustomTypeTools: 验证custom工具转换和边界情况
- TestConvertClaudeToolsToGeminiTools_CustomType: 验证service层转换
* fix(format): 修复 gofmt 格式问题
- 修复 claude_types.go 中的字段对齐问题
- 修复 gemini_messages_compat_service.go 中的缩进问题
* fix(format): 修复 claude_types.go 的 gofmt 格式问题
* feat(antigravity): 优化 thinking block 和 schema 处理
- 为 dummy thinking block 添加 ThoughtSignature
- 重构 thinking block 处理逻辑,在每个条件分支内创建 part
- 优化 excludedSchemaKeys,移除 Gemini 实际支持的字段
(minItems, maxItems, minimum, maximum, additionalProperties, format)
- 添加详细注释说明 Gemini API 支持的 schema 字段
* fix(antigravity): 增强 schema 清理的安全性
基于 Codex review 建议:
- 添加 format 字段白名单过滤,只保留 Gemini 支持的 date-time/date/time
- 补充更多不支持的 schema 关键字到黑名单:
* 组合 schema: oneOf, anyOf, allOf, not, if/then/else
* 对象验证: minProperties, maxProperties, patternProperties 等
* 定义引用: $defs, definitions
- 避免不支持的 schema 字段导致 Gemini API 校验失败
* fix(lint): 修复 gemini_messages_compat_service 空分支警告
- 在 cleanToolSchema 的 if 语句中添加 continue
- 移除重复的注释
* fix(antigravity): 移除 minItems/maxItems 以兼容 Claude API
- 将 minItems 和 maxItems 添加到 schema 黑名单
- Claude API (Vertex AI) 不支持这些数组验证字段
- 添加调试日志记录工具 schema 转换过程
- 修复 tools.14.custom.input_schema 验证错误
* fix(antigravity): 修复 additionalProperties schema 对象问题
- 将 additionalProperties 的 schema 对象转换为布尔值 true
- Claude API 只支持 additionalProperties: false,不支持 schema 对象
- 修复 tools.14.custom.input_schema 验证错误
- 参考 Claude 官方文档的 JSON Schema 限制
* fix(antigravity): 修复 Claude 模型 thinking 块兼容性问题
- 完全跳过 Claude 模型的 thinking 块以避免 signature 验证失败
- 只在 Gemini 模型中使用 dummy thought signature
- 修改 additionalProperties 默认值为 false(更安全)
- 添加调试日志以便排查问题
* fix(upstream): 修复跨模型切换时的 dummy signature 问题
基于 Codex review 和用户场景分析的修复:
1. 问题场景
- Gemini (thinking) → Claude (thinking) 切换时
- Gemini 返回的 thinking 块使用 dummy signature
- Claude API 会拒绝 dummy signature,导致 400 错误
2. 修复内容
- request_transformer.go:262: 跳过 dummy signature
- 只保留真实的 Claude signature
- 支持频繁的跨模型切换
3. 其他修复(基于 Codex review)
- gateway_service.go:691: 修复 io.ReadAll 错误处理
- gateway_service.go:687: 条件日志(尊重 LogUpstreamErrorBody 配置)
- gateway_service.go:915: 收紧 400 failover 启发式
- request_transformer.go:188: 移除签名成功日志
4. 新增功能(默认关闭)
- 阶段 1: 上游错误日志(GATEWAY_LOG_UPSTREAM_ERROR_BODY)
- 阶段 2: Antigravity thinking 修复
- 阶段 3: API-key beta 注入(GATEWAY_INJECT_BETA_FOR_APIKEY)
- 阶段 3: 智能 400 failover(GATEWAY_FAILOVER_ON_400)
测试:所有测试通过
* fix(lint): 修复 golangci-lint 问题
- 应用 De Morgan 定律简化条件判断
- 修复 gofmt 格式问题
- 移除未使用的 min 函数
2026-01-01 04:21:18 +08:00
// 是否允许对部分 400 错误触发 failover( )
FailoverOn400 bool ` mapstructure:"failover_on_400" `
2026-01-01 04:33:12 +08:00
2026-01-01 04:01:51 +08:00
// Scheduling: 账号调度相关配置
Scheduling GatewaySchedulingConfig ` mapstructure:"scheduling" `
}
// GatewaySchedulingConfig accounts scheduling configuration.
type GatewaySchedulingConfig struct {
// 粘性会话排队配置
StickySessionMaxWaiting int ` mapstructure:"sticky_session_max_waiting" `
StickySessionWaitTimeout time . Duration ` mapstructure:"sticky_session_wait_timeout" `
// 兜底排队配置
FallbackWaitTimeout time . Duration ` mapstructure:"fallback_wait_timeout" `
FallbackMaxWaiting int ` mapstructure:"fallback_max_waiting" `
// 负载计算
LoadBatchEnabled bool ` mapstructure:"load_batch_enabled" `
// 过期槽位清理周期(
SlotCleanupInterval time . Duration ` mapstructure:"slot_cleanup_interval" `
2025-12-18 13:50:39 +08:00
}
func ( s * ServerConfig ) Address ( ) string {
return fmt . Sprintf ( "%s:%d" , s . Host , s . Port )
}
2025-12-31 08:50:12 +08:00
// DatabaseConfig 数据库连接配置
// 性能优化:新增连接池参数,避免频繁创建/销毁连接
2025-12-18 13:50:39 +08:00
type DatabaseConfig struct {
Host string ` mapstructure:"host" `
Port int ` mapstructure:"port" `
User string ` mapstructure:"user" `
Password string ` mapstructure:"password" `
DBName string ` mapstructure:"dbname" `
SSLMode string ` mapstructure:"sslmode" `
2025-12-31 08:50:12 +08:00
// 连接池配置(性能优化:可配置化连接池参数)
// MaxOpenConns: 最大打开连接数,控制数据库连接上限,防止资源耗尽
MaxOpenConns int ` mapstructure:"max_open_conns" `
// MaxIdleConns: 最大空闲连接数,保持热连接减少建连延迟
MaxIdleConns int ` mapstructure:"max_idle_conns" `
// ConnMaxLifetimeMinutes: 连接最大存活时间,防止长连接导致的资源泄漏
ConnMaxLifetimeMinutes int ` mapstructure:"conn_max_lifetime_minutes" `
// ConnMaxIdleTimeMinutes: 空闲连接最大存活时间,及时释放不活跃连接
ConnMaxIdleTimeMinutes int ` mapstructure:"conn_max_idle_time_minutes" `
2025-12-18 13:50:39 +08:00
}
func ( d * DatabaseConfig ) DSN ( ) string {
return fmt . Sprintf (
"host=%s port=%d user=%s password=%s dbname=%s sslmode=%s" ,
d . Host , d . Port , d . User , d . Password , d . DBName , d . SSLMode ,
)
}
// DSNWithTimezone returns DSN with timezone setting
func ( d * DatabaseConfig ) DSNWithTimezone ( tz string ) string {
if tz == "" {
tz = "Asia/Shanghai"
}
return fmt . Sprintf (
"host=%s port=%d user=%s password=%s dbname=%s sslmode=%s TimeZone=%s" ,
d . Host , d . Port , d . User , d . Password , d . DBName , d . SSLMode , tz ,
)
}
2025-12-31 08:50:12 +08:00
// RedisConfig Redis 连接配置
// 性能优化:新增连接池和超时参数,提升高并发场景下的吞吐量
2025-12-18 13:50:39 +08:00
type RedisConfig struct {
Host string ` mapstructure:"host" `
Port int ` mapstructure:"port" `
Password string ` mapstructure:"password" `
DB int ` mapstructure:"db" `
2025-12-31 08:50:12 +08:00
// 连接池与超时配置(性能优化:可配置化连接池参数)
// DialTimeoutSeconds: 建立连接超时,防止慢连接阻塞
DialTimeoutSeconds int ` mapstructure:"dial_timeout_seconds" `
// ReadTimeoutSeconds: 读取超时,避免慢查询阻塞连接池
ReadTimeoutSeconds int ` mapstructure:"read_timeout_seconds" `
// WriteTimeoutSeconds: 写入超时,避免慢写入阻塞连接池
WriteTimeoutSeconds int ` mapstructure:"write_timeout_seconds" `
// PoolSize: 连接池大小,控制最大并发连接数
PoolSize int ` mapstructure:"pool_size" `
// MinIdleConns: 最小空闲连接数,保持热连接减少冷启动延迟
MinIdleConns int ` mapstructure:"min_idle_conns" `
2025-12-18 13:50:39 +08:00
}
func ( r * RedisConfig ) Address ( ) string {
return fmt . Sprintf ( "%s:%d" , r . Host , r . Port )
}
type JWTConfig struct {
Secret string ` mapstructure:"secret" `
ExpireHour int ` mapstructure:"expire_hour" `
}
2026-01-02 17:40:57 +08:00
type TurnstileConfig struct {
Required bool ` mapstructure:"required" `
}
2026-01-09 19:32:06 +08:00
// LinuxDoConnectConfig 用于 LinuxDo Connect OAuth 登录(终端用户 SSO)
2026-01-09 12:05:25 +08:00
//
2026-01-09 19:32:06 +08:00
// 注意:这与上游账号的 OAuth(
// 这里是用于登录 Sub2API 本身的用户体系。
2026-01-09 12:05:25 +08:00
type LinuxDoConnectConfig struct {
Enabled bool ` mapstructure:"enabled" `
ClientID string ` mapstructure:"client_id" `
ClientSecret string ` mapstructure:"client_secret" `
AuthorizeURL string ` mapstructure:"authorize_url" `
TokenURL string ` mapstructure:"token_url" `
UserInfoURL string ` mapstructure:"userinfo_url" `
Scopes string ` mapstructure:"scopes" `
2026-01-09 19:32:06 +08:00
RedirectURL string ` mapstructure:"redirect_url" ` // 后端回调地址(需在提供方后台登记)
FrontendRedirectURL string ` mapstructure:"frontend_redirect_url" ` // 前端接收 token 的路由(默认:/auth/linuxdo/callback)
2026-01-09 12:05:25 +08:00
TokenAuthMethod string ` mapstructure:"token_auth_method" ` // client_secret_post / client_secret_basic / none
UsePKCE bool ` mapstructure:"use_pkce" `
2026-01-09 19:32:06 +08:00
// 可选:用于从 userinfo JSON 中提取字段的 gjson 路径。
// 为空时,服务端会尝试一组常见字段名。
2026-01-09 12:05:25 +08:00
UserInfoEmailPath string ` mapstructure:"userinfo_email_path" `
UserInfoIDPath string ` mapstructure:"userinfo_id_path" `
UserInfoUsernamePath string ` mapstructure:"userinfo_username_path" `
}
2025-12-18 13:50:39 +08:00
type DefaultConfig struct {
AdminEmail string ` mapstructure:"admin_email" `
AdminPassword string ` mapstructure:"admin_password" `
UserConcurrency int ` mapstructure:"user_concurrency" `
UserBalance float64 ` mapstructure:"user_balance" `
2026-01-04 19:27:53 +08:00
APIKeyPrefix string ` mapstructure:"api_key_prefix" `
2025-12-18 13:50:39 +08:00
RateMultiplier float64 ` mapstructure:"rate_multiplier" `
}
type RateLimitConfig struct {
OverloadCooldownMinutes int ` mapstructure:"overload_cooldown_minutes" ` // 529过载冷却时间(分钟)
}
2026-01-10 22:23:51 +08:00
// APIKeyAuthCacheConfig API Key 认证缓存配置
type APIKeyAuthCacheConfig struct {
L1Size int ` mapstructure:"l1_size" `
L1TTLSeconds int ` mapstructure:"l1_ttl_seconds" `
L2TTLSeconds int ` mapstructure:"l2_ttl_seconds" `
NegativeTTLSeconds int ` mapstructure:"negative_ttl_seconds" `
JitterPercent int ` mapstructure:"jitter_percent" `
Singleflight bool ` mapstructure:"singleflight" `
}
2026-01-11 10:07:03 +08:00
// DashboardCacheConfig 仪表盘统计缓存配置
type DashboardCacheConfig struct {
// Enabled: 是否启用仪表盘缓存
Enabled bool ` mapstructure:"enabled" `
// KeyPrefix: Redis key 前缀,用于多环境隔离
KeyPrefix string ` mapstructure:"key_prefix" `
// StatsFreshTTLSeconds: 缓存命中认为“新鲜”的时间窗口(秒)
StatsFreshTTLSeconds int ` mapstructure:"stats_fresh_ttl_seconds" `
// StatsTTLSeconds: Redis 缓存总 TTL( )
StatsTTLSeconds int ` mapstructure:"stats_ttl_seconds" `
// StatsRefreshTimeoutSeconds: 异步刷新超时(秒)
StatsRefreshTimeoutSeconds int ` mapstructure:"stats_refresh_timeout_seconds" `
}
2026-01-11 16:01:35 +08:00
// DashboardAggregationConfig 仪表盘预聚合配置
type DashboardAggregationConfig struct {
// Enabled: 是否启用预聚合作业
Enabled bool ` mapstructure:"enabled" `
// IntervalSeconds: 聚合刷新间隔(秒)
IntervalSeconds int ` mapstructure:"interval_seconds" `
// LookbackSeconds: 回看窗口(秒)
LookbackSeconds int ` mapstructure:"lookback_seconds" `
// BackfillEnabled: 是否允许全量回填
BackfillEnabled bool ` mapstructure:"backfill_enabled" `
// Retention: 各表保留窗口(天)
Retention DashboardAggregationRetentionConfig ` mapstructure:"retention" `
// RecomputeDays: 启动时重算最近 N 天
RecomputeDays int ` mapstructure:"recompute_days" `
}
// DashboardAggregationRetentionConfig 预聚合保留窗口
type DashboardAggregationRetentionConfig struct {
UsageLogsDays int ` mapstructure:"usage_logs_days" `
HourlyDays int ` mapstructure:"hourly_days" `
DailyDays int ` mapstructure:"daily_days" `
}
2025-12-29 03:17:25 +08:00
func NormalizeRunMode ( value string ) string {
normalized := strings . ToLower ( strings . TrimSpace ( value ) )
switch normalized {
case RunModeStandard , RunModeSimple :
return normalized
default :
return RunModeStandard
}
}
2025-12-18 13:50:39 +08:00
func Load ( ) ( * Config , error ) {
viper . SetConfigName ( "config" )
viper . SetConfigType ( "yaml" )
2026-01-06 09:43:56 +08:00
// Add config paths in priority order
// 1. DATA_DIR environment variable (highest priority)
if dataDir := os . Getenv ( "DATA_DIR" ) ; dataDir != "" {
viper . AddConfigPath ( dataDir )
}
// 2. Docker data directory
viper . AddConfigPath ( "/app/data" )
// 3. Current directory
2025-12-18 13:50:39 +08:00
viper . AddConfigPath ( "." )
2026-01-06 09:43:56 +08:00
// 4. Config subdirectory
2025-12-18 13:50:39 +08:00
viper . AddConfigPath ( "./config" )
2026-01-06 09:43:56 +08:00
// 5. System config directory
2025-12-18 13:50:39 +08:00
viper . AddConfigPath ( "/etc/sub2api" )
// 环境变量支持
viper . AutomaticEnv ( )
viper . SetEnvKeyReplacer ( strings . NewReplacer ( "." , "_" ) )
// 默认值
setDefaults ( )
if err := viper . ReadInConfig ( ) ; err != nil {
if _ , ok := err . ( viper . ConfigFileNotFoundError ) ; ! ok {
return nil , fmt . Errorf ( "read config error: %w" , err )
}
// 配置文件不存在时使用默认值
}
var cfg Config
if err := viper . Unmarshal ( & cfg ) ; err != nil {
return nil , fmt . Errorf ( "unmarshal config error: %w" , err )
}
2025-12-29 03:17:25 +08:00
cfg . RunMode = NormalizeRunMode ( cfg . RunMode )
2026-01-02 17:40:57 +08:00
cfg . Server . Mode = strings . ToLower ( strings . TrimSpace ( cfg . Server . Mode ) )
if cfg . Server . Mode == "" {
cfg . Server . Mode = "debug"
}
cfg . JWT . Secret = strings . TrimSpace ( cfg . JWT . Secret )
2026-01-09 12:05:25 +08:00
cfg . LinuxDo . ClientID = strings . TrimSpace ( cfg . LinuxDo . ClientID )
cfg . LinuxDo . ClientSecret = strings . TrimSpace ( cfg . LinuxDo . ClientSecret )
cfg . LinuxDo . AuthorizeURL = strings . TrimSpace ( cfg . LinuxDo . AuthorizeURL )
cfg . LinuxDo . TokenURL = strings . TrimSpace ( cfg . LinuxDo . TokenURL )
cfg . LinuxDo . UserInfoURL = strings . TrimSpace ( cfg . LinuxDo . UserInfoURL )
cfg . LinuxDo . Scopes = strings . TrimSpace ( cfg . LinuxDo . Scopes )
cfg . LinuxDo . RedirectURL = strings . TrimSpace ( cfg . LinuxDo . RedirectURL )
cfg . LinuxDo . FrontendRedirectURL = strings . TrimSpace ( cfg . LinuxDo . FrontendRedirectURL )
cfg . LinuxDo . TokenAuthMethod = strings . ToLower ( strings . TrimSpace ( cfg . LinuxDo . TokenAuthMethod ) )
cfg . LinuxDo . UserInfoEmailPath = strings . TrimSpace ( cfg . LinuxDo . UserInfoEmailPath )
cfg . LinuxDo . UserInfoIDPath = strings . TrimSpace ( cfg . LinuxDo . UserInfoIDPath )
cfg . LinuxDo . UserInfoUsernamePath = strings . TrimSpace ( cfg . LinuxDo . UserInfoUsernamePath )
2026-01-11 10:07:03 +08:00
cfg . Dashboard . KeyPrefix = strings . TrimSpace ( cfg . Dashboard . KeyPrefix )
2026-01-02 17:40:57 +08:00
cfg . CORS . AllowedOrigins = normalizeStringSlice ( cfg . CORS . AllowedOrigins )
cfg . Security . ResponseHeaders . AdditionalAllowed = normalizeStringSlice ( cfg . Security . ResponseHeaders . AdditionalAllowed )
cfg . Security . ResponseHeaders . ForceRemove = normalizeStringSlice ( cfg . Security . ResponseHeaders . ForceRemove )
cfg . Security . CSP . Policy = strings . TrimSpace ( cfg . Security . CSP . Policy )
2026-01-06 09:43:56 +08:00
if cfg . JWT . Secret == "" {
2026-01-02 17:40:57 +08:00
secret , err := generateJWTSecret ( 64 )
if err != nil {
return nil , fmt . Errorf ( "generate jwt secret error: %w" , err )
}
cfg . JWT . Secret = secret
2026-01-06 09:43:56 +08:00
log . Println ( "Warning: JWT secret auto-generated. Consider setting a fixed secret for production." )
2026-01-02 17:40:57 +08:00
}
2025-12-29 03:17:25 +08:00
2025-12-18 13:50:39 +08:00
if err := cfg . Validate ( ) ; err != nil {
return nil , fmt . Errorf ( "validate config error: %w" , err )
}
2026-01-05 13:54:43 +08:00
if ! cfg . Security . URLAllowlist . Enabled {
2026-01-05 14:41:08 +08:00
log . Println ( "Warning: security.url_allowlist.enabled=false; allowlist/SSRF checks disabled (minimal format validation only)." )
2026-01-05 13:54:43 +08:00
}
if ! cfg . Security . ResponseHeaders . Enabled {
2026-01-05 14:41:08 +08:00
log . Println ( "Warning: security.response_headers.enabled=false; configurable header filtering disabled (default allowlist only)." )
2026-01-05 13:54:43 +08:00
}
2026-01-06 09:43:56 +08:00
if cfg . JWT . Secret != "" && isWeakJWTSecret ( cfg . JWT . Secret ) {
2026-01-02 17:40:57 +08:00
log . Println ( "Warning: JWT secret appears weak; use a 32+ character random secret in production." )
}
if len ( cfg . Security . ResponseHeaders . AdditionalAllowed ) > 0 || len ( cfg . Security . ResponseHeaders . ForceRemove ) > 0 {
log . Printf ( "AUDIT: response header policy configured additional_allowed=%v force_remove=%v" ,
cfg . Security . ResponseHeaders . AdditionalAllowed ,
cfg . Security . ResponseHeaders . ForceRemove ,
)
}
2025-12-18 13:50:39 +08:00
return & cfg , nil
}
2026-01-09 19:32:06 +08:00
// ValidateAbsoluteHTTPURL 校验一个绝对 http(s) URL( )
func ValidateAbsoluteHTTPURL ( raw string ) error {
2026-01-09 12:05:25 +08:00
raw = strings . TrimSpace ( raw )
if raw == "" {
return fmt . Errorf ( "empty url" )
}
u , err := url . Parse ( raw )
if err != nil {
return err
}
if ! u . IsAbs ( ) {
return fmt . Errorf ( "must be absolute" )
}
if ! isHTTPScheme ( u . Scheme ) {
return fmt . Errorf ( "unsupported scheme: %s" , u . Scheme )
}
if strings . TrimSpace ( u . Host ) == "" {
return fmt . Errorf ( "missing host" )
}
if u . Fragment != "" {
return fmt . Errorf ( "must not include fragment" )
}
return nil
}
2026-01-09 19:32:06 +08:00
// ValidateFrontendRedirectURL 校验前端回调地址:
// - 允许同源相对路径(以 / 开头)
// - 或绝对 http(s) URL( )
func ValidateFrontendRedirectURL ( raw string ) error {
2026-01-09 12:05:25 +08:00
raw = strings . TrimSpace ( raw )
if raw == "" {
return fmt . Errorf ( "empty url" )
}
if strings . ContainsAny ( raw , "\r\n" ) {
return fmt . Errorf ( "contains invalid characters" )
}
if strings . HasPrefix ( raw , "/" ) {
if strings . HasPrefix ( raw , "//" ) {
return fmt . Errorf ( "must not start with //" )
}
return nil
}
u , err := url . Parse ( raw )
if err != nil {
return err
}
if ! u . IsAbs ( ) {
return fmt . Errorf ( "must be absolute http(s) url or relative path" )
}
if ! isHTTPScheme ( u . Scheme ) {
return fmt . Errorf ( "unsupported scheme: %s" , u . Scheme )
}
if strings . TrimSpace ( u . Host ) == "" {
return fmt . Errorf ( "missing host" )
}
if u . Fragment != "" {
return fmt . Errorf ( "must not include fragment" )
}
return nil
}
func isHTTPScheme ( scheme string ) bool {
return strings . EqualFold ( scheme , "http" ) || strings . EqualFold ( scheme , "https" )
}
func warnIfInsecureURL ( field , raw string ) {
u , err := url . Parse ( strings . TrimSpace ( raw ) )
if err != nil {
return
}
if strings . EqualFold ( u . Scheme , "http" ) {
log . Printf ( "Warning: %s uses http scheme; use https in production to avoid token leakage." , field )
}
}
2025-12-18 13:50:39 +08:00
func setDefaults ( ) {
2025-12-29 03:17:25 +08:00
viper . SetDefault ( "run_mode" , RunModeStandard )
2025-12-18 13:50:39 +08:00
// Server
viper . SetDefault ( "server.host" , "0.0.0.0" )
viper . SetDefault ( "server.port" , 8080 )
viper . SetDefault ( "server.mode" , "debug" )
viper . SetDefault ( "server.read_header_timeout" , 30 ) // 30秒读取请求头
2025-12-20 15:29:52 +08:00
viper . SetDefault ( "server.idle_timeout" , 120 ) // 120秒空闲超时
2026-01-02 17:40:57 +08:00
viper . SetDefault ( "server.trusted_proxies" , [ ] string { } )
// CORS
viper . SetDefault ( "cors.allowed_origins" , [ ] string { } )
viper . SetDefault ( "cors.allow_credentials" , true )
// Security
2026-01-05 13:54:43 +08:00
viper . SetDefault ( "security.url_allowlist.enabled" , false )
2026-01-02 17:40:57 +08:00
viper . SetDefault ( "security.url_allowlist.upstream_hosts" , [ ] string {
"api.openai.com" ,
"api.anthropic.com" ,
2026-01-05 09:18:17 +08:00
"api.kimi.com" ,
"open.bigmodel.cn" ,
"api.minimaxi.com" ,
2026-01-02 17:40:57 +08:00
"generativelanguage.googleapis.com" ,
"cloudcode-pa.googleapis.com" ,
"*.openai.azure.com" ,
} )
viper . SetDefault ( "security.url_allowlist.pricing_hosts" , [ ] string {
"raw.githubusercontent.com" ,
} )
viper . SetDefault ( "security.url_allowlist.crs_hosts" , [ ] string { } )
2026-01-06 12:56:29 +08:00
viper . SetDefault ( "security.url_allowlist.allow_private_hosts" , true )
viper . SetDefault ( "security.url_allowlist.allow_insecure_http" , true )
2026-01-05 13:54:43 +08:00
viper . SetDefault ( "security.response_headers.enabled" , false )
2026-01-02 17:40:57 +08:00
viper . SetDefault ( "security.response_headers.additional_allowed" , [ ] string { } )
viper . SetDefault ( "security.response_headers.force_remove" , [ ] string { } )
viper . SetDefault ( "security.csp.enabled" , true )
viper . SetDefault ( "security.csp.policy" , DefaultCSPPolicy )
viper . SetDefault ( "security.proxy_probe.insecure_skip_verify" , false )
// Billing
viper . SetDefault ( "billing.circuit_breaker.enabled" , true )
viper . SetDefault ( "billing.circuit_breaker.failure_threshold" , 5 )
viper . SetDefault ( "billing.circuit_breaker.reset_timeout_seconds" , 30 )
viper . SetDefault ( "billing.circuit_breaker.half_open_requests" , 3 )
// Turnstile
viper . SetDefault ( "turnstile.required" , false )
2025-12-18 13:50:39 +08:00
2026-01-09 19:32:06 +08:00
// LinuxDo Connect OAuth 登录(终端用户 SSO)
2026-01-09 12:05:25 +08:00
viper . SetDefault ( "linuxdo_connect.enabled" , false )
viper . SetDefault ( "linuxdo_connect.client_id" , "" )
viper . SetDefault ( "linuxdo_connect.client_secret" , "" )
viper . SetDefault ( "linuxdo_connect.authorize_url" , "https://connect.linux.do/oauth2/authorize" )
viper . SetDefault ( "linuxdo_connect.token_url" , "https://connect.linux.do/oauth2/token" )
viper . SetDefault ( "linuxdo_connect.userinfo_url" , "https://connect.linux.do/api/user" )
viper . SetDefault ( "linuxdo_connect.scopes" , "user" )
viper . SetDefault ( "linuxdo_connect.redirect_url" , "" )
viper . SetDefault ( "linuxdo_connect.frontend_redirect_url" , "/auth/linuxdo/callback" )
viper . SetDefault ( "linuxdo_connect.token_auth_method" , "client_secret_post" )
viper . SetDefault ( "linuxdo_connect.use_pkce" , false )
viper . SetDefault ( "linuxdo_connect.userinfo_email_path" , "" )
viper . SetDefault ( "linuxdo_connect.userinfo_id_path" , "" )
viper . SetDefault ( "linuxdo_connect.userinfo_username_path" , "" )
2025-12-18 13:50:39 +08:00
// Database
viper . SetDefault ( "database.host" , "localhost" )
viper . SetDefault ( "database.port" , 5432 )
viper . SetDefault ( "database.user" , "postgres" )
viper . SetDefault ( "database.password" , "postgres" )
viper . SetDefault ( "database.dbname" , "sub2api" )
viper . SetDefault ( "database.sslmode" , "disable" )
2025-12-31 08:50:12 +08:00
viper . SetDefault ( "database.max_open_conns" , 50 )
viper . SetDefault ( "database.max_idle_conns" , 10 )
viper . SetDefault ( "database.conn_max_lifetime_minutes" , 30 )
viper . SetDefault ( "database.conn_max_idle_time_minutes" , 5 )
2025-12-18 13:50:39 +08:00
// Redis
viper . SetDefault ( "redis.host" , "localhost" )
viper . SetDefault ( "redis.port" , 6379 )
viper . SetDefault ( "redis.password" , "" )
viper . SetDefault ( "redis.db" , 0 )
2025-12-31 08:50:12 +08:00
viper . SetDefault ( "redis.dial_timeout_seconds" , 5 )
viper . SetDefault ( "redis.read_timeout_seconds" , 3 )
viper . SetDefault ( "redis.write_timeout_seconds" , 3 )
viper . SetDefault ( "redis.pool_size" , 128 )
viper . SetDefault ( "redis.min_idle_conns" , 10 )
2025-12-18 13:50:39 +08:00
// JWT
2026-01-02 17:40:57 +08:00
viper . SetDefault ( "jwt.secret" , "" )
2025-12-18 13:50:39 +08:00
viper . SetDefault ( "jwt.expire_hour" , 24 )
// Default
2025-12-29 10:03:27 +08:00
// Admin credentials are created via the setup flow (web wizard / CLI / AUTO_SETUP).
// Do not ship fixed defaults here to avoid insecure "known credentials" in production.
viper . SetDefault ( "default.admin_email" , "" )
viper . SetDefault ( "default.admin_password" , "" )
2025-12-18 13:50:39 +08:00
viper . SetDefault ( "default.user_concurrency" , 5 )
viper . SetDefault ( "default.user_balance" , 0 )
viper . SetDefault ( "default.api_key_prefix" , "sk-" )
viper . SetDefault ( "default.rate_multiplier" , 1.0 )
// RateLimit
viper . SetDefault ( "rate_limit.overload_cooldown_minutes" , 10 )
// Pricing - 从 price-mirror 分支同步,该分支维护了 sha256 哈希文件用于增量更新检查
viper . SetDefault ( "pricing.remote_url" , "https://raw.githubusercontent.com/Wei-Shaw/claude-relay-service/price-mirror/model_prices_and_context_window.json" )
viper . SetDefault ( "pricing.hash_url" , "https://raw.githubusercontent.com/Wei-Shaw/claude-relay-service/price-mirror/model_prices_and_context_window.sha256" )
viper . SetDefault ( "pricing.data_dir" , "./data" )
viper . SetDefault ( "pricing.fallback_file" , "./resources/model-pricing/model_prices_and_context_window.json" )
viper . SetDefault ( "pricing.update_interval_hours" , 24 )
viper . SetDefault ( "pricing.hash_check_interval_minutes" , 10 )
// Timezone (default to Asia/Shanghai for Chinese users)
viper . SetDefault ( "timezone" , "Asia/Shanghai" )
2026-01-10 22:23:51 +08:00
// API Key auth cache
viper . SetDefault ( "api_key_auth_cache.l1_size" , 65535 )
viper . SetDefault ( "api_key_auth_cache.l1_ttl_seconds" , 15 )
viper . SetDefault ( "api_key_auth_cache.l2_ttl_seconds" , 300 )
viper . SetDefault ( "api_key_auth_cache.negative_ttl_seconds" , 30 )
viper . SetDefault ( "api_key_auth_cache.jitter_percent" , 10 )
viper . SetDefault ( "api_key_auth_cache.singleflight" , true )
2026-01-11 10:07:03 +08:00
// Dashboard cache
viper . SetDefault ( "dashboard_cache.enabled" , true )
viper . SetDefault ( "dashboard_cache.key_prefix" , "sub2api:" )
viper . SetDefault ( "dashboard_cache.stats_fresh_ttl_seconds" , 15 )
viper . SetDefault ( "dashboard_cache.stats_ttl_seconds" , 30 )
viper . SetDefault ( "dashboard_cache.stats_refresh_timeout_seconds" , 30 )
2026-01-11 16:01:35 +08:00
// Dashboard aggregation
viper . SetDefault ( "dashboard_aggregation.enabled" , true )
viper . SetDefault ( "dashboard_aggregation.interval_seconds" , 60 )
viper . SetDefault ( "dashboard_aggregation.lookback_seconds" , 120 )
viper . SetDefault ( "dashboard_aggregation.backfill_enabled" , false )
viper . SetDefault ( "dashboard_aggregation.retention.usage_logs_days" , 90 )
viper . SetDefault ( "dashboard_aggregation.retention.hourly_days" , 180 )
viper . SetDefault ( "dashboard_aggregation.retention.daily_days" , 730 )
viper . SetDefault ( "dashboard_aggregation.recompute_days" , 2 )
2025-12-18 13:50:39 +08:00
// Gateway
2026-01-04 19:49:59 +08:00
viper . SetDefault ( "gateway.response_header_timeout" , 600 ) // 600秒(10分钟)等待上游响应头,
fix: 修复 /v1/messages 间歇性 400 错误 (#18)
* fix(upstream): 修复上游格式兼容性问题
- 跳过Claude模型无signature的thinking block
- 支持custom类型工具(MCP)格式转换
- 添加ClaudeCustomToolSpec结构体支持MCP工具
- 添加Custom字段验证,跳过无效custom工具
- 在convertClaudeToolsToGeminiTools中添加schema清理
- 完整的单元测试覆盖,包含边界情况
修复: Issue 0.1 signature缺失, Issue 0.2 custom工具格式
改进: Codex审查发现的2个重要问题
测试:
- TestBuildParts_ThinkingBlockWithoutSignature: 验证thinking block处理
- TestBuildTools_CustomTypeTools: 验证custom工具转换和边界情况
- TestConvertClaudeToolsToGeminiTools_CustomType: 验证service层转换
* feat(gemini): 添加Gemini限额与TierID支持
实现PR1:Gemini限额与TierID功能
后端修改:
- GeminiTokenInfo结构体添加TierID字段
- fetchProjectID函数返回(projectID, tierID, error)
- 从LoadCodeAssist响应中提取tierID(优先IsDefault,回退到第一个非空tier)
- ExchangeCode、RefreshAccountToken、GetAccessToken函数更新以处理tierID
- BuildAccountCredentials函数保存tier_id到credentials
前端修改:
- AccountStatusIndicator组件添加tier显示
- 支持LEGACY/PRO/ULTRA等tier类型的友好显示
- 使用蓝色badge展示tier信息
技术细节:
- tierID提取逻辑:优先选择IsDefault的tier,否则选择第一个非空tier
- 所有fetchProjectID调用点已更新以处理新的返回签名
- 前端gracefully处理missing/unknown tier_id
* refactor(gemini): 优化TierID实现并添加安全验证
根据并发代码审查(code-reviewer, security-auditor, gemini, codex)的反馈进行改进:
安全改进:
- 添加validateTierID函数验证tier_id格式和长度(最大64字符)
- 限制tier_id字符集为字母数字、下划线、连字符和斜杠
- 在BuildAccountCredentials中验证tier_id后再存储
- 静默跳过无效tier_id,不阻塞账户创建
代码质量改进:
- 提取extractTierIDFromAllowedTiers辅助函数消除重复代码
- 重构fetchProjectID函数,tierID提取逻辑只执行一次
- 改进代码可读性和可维护性
审查工具:
- code-reviewer agent (a09848e)
- security-auditor agent (a9a149c)
- gemini CLI (bcc7c81)
- codex (b5d8919)
修复问题:
- HIGH: 未验证的tier_id输入
- MEDIUM: 代码重复(tierID提取逻辑重复2次)
* fix(format): 修复 gofmt 格式问题
- 修复 claude_types.go 中的字段对齐问题
- 修复 gemini_messages_compat_service.go 中的缩进问题
* fix(upstream): 修复上游格式兼容性问题 (#14)
* fix(upstream): 修复上游格式兼容性问题
- 跳过Claude模型无signature的thinking block
- 支持custom类型工具(MCP)格式转换
- 添加ClaudeCustomToolSpec结构体支持MCP工具
- 添加Custom字段验证,跳过无效custom工具
- 在convertClaudeToolsToGeminiTools中添加schema清理
- 完整的单元测试覆盖,包含边界情况
修复: Issue 0.1 signature缺失, Issue 0.2 custom工具格式
改进: Codex审查发现的2个重要问题
测试:
- TestBuildParts_ThinkingBlockWithoutSignature: 验证thinking block处理
- TestBuildTools_CustomTypeTools: 验证custom工具转换和边界情况
- TestConvertClaudeToolsToGeminiTools_CustomType: 验证service层转换
* fix(format): 修复 gofmt 格式问题
- 修复 claude_types.go 中的字段对齐问题
- 修复 gemini_messages_compat_service.go 中的缩进问题
* fix(format): 修复 claude_types.go 的 gofmt 格式问题
* feat(antigravity): 优化 thinking block 和 schema 处理
- 为 dummy thinking block 添加 ThoughtSignature
- 重构 thinking block 处理逻辑,在每个条件分支内创建 part
- 优化 excludedSchemaKeys,移除 Gemini 实际支持的字段
(minItems, maxItems, minimum, maximum, additionalProperties, format)
- 添加详细注释说明 Gemini API 支持的 schema 字段
* fix(antigravity): 增强 schema 清理的安全性
基于 Codex review 建议:
- 添加 format 字段白名单过滤,只保留 Gemini 支持的 date-time/date/time
- 补充更多不支持的 schema 关键字到黑名单:
* 组合 schema: oneOf, anyOf, allOf, not, if/then/else
* 对象验证: minProperties, maxProperties, patternProperties 等
* 定义引用: $defs, definitions
- 避免不支持的 schema 字段导致 Gemini API 校验失败
* fix(lint): 修复 gemini_messages_compat_service 空分支警告
- 在 cleanToolSchema 的 if 语句中添加 continue
- 移除重复的注释
* fix(antigravity): 移除 minItems/maxItems 以兼容 Claude API
- 将 minItems 和 maxItems 添加到 schema 黑名单
- Claude API (Vertex AI) 不支持这些数组验证字段
- 添加调试日志记录工具 schema 转换过程
- 修复 tools.14.custom.input_schema 验证错误
* fix(antigravity): 修复 additionalProperties schema 对象问题
- 将 additionalProperties 的 schema 对象转换为布尔值 true
- Claude API 只支持 additionalProperties: false,不支持 schema 对象
- 修复 tools.14.custom.input_schema 验证错误
- 参考 Claude 官方文档的 JSON Schema 限制
* fix(antigravity): 修复 Claude 模型 thinking 块兼容性问题
- 完全跳过 Claude 模型的 thinking 块以避免 signature 验证失败
- 只在 Gemini 模型中使用 dummy thought signature
- 修改 additionalProperties 默认值为 false(更安全)
- 添加调试日志以便排查问题
* fix(upstream): 修复跨模型切换时的 dummy signature 问题
基于 Codex review 和用户场景分析的修复:
1. 问题场景
- Gemini (thinking) → Claude (thinking) 切换时
- Gemini 返回的 thinking 块使用 dummy signature
- Claude API 会拒绝 dummy signature,导致 400 错误
2. 修复内容
- request_transformer.go:262: 跳过 dummy signature
- 只保留真实的 Claude signature
- 支持频繁的跨模型切换
3. 其他修复(基于 Codex review)
- gateway_service.go:691: 修复 io.ReadAll 错误处理
- gateway_service.go:687: 条件日志(尊重 LogUpstreamErrorBody 配置)
- gateway_service.go:915: 收紧 400 failover 启发式
- request_transformer.go:188: 移除签名成功日志
4. 新增功能(默认关闭)
- 阶段 1: 上游错误日志(GATEWAY_LOG_UPSTREAM_ERROR_BODY)
- 阶段 2: Antigravity thinking 修复
- 阶段 3: API-key beta 注入(GATEWAY_INJECT_BETA_FOR_APIKEY)
- 阶段 3: 智能 400 failover(GATEWAY_FAILOVER_ON_400)
测试:所有测试通过
* fix(lint): 修复 golangci-lint 问题
- 应用 De Morgan 定律简化条件判断
- 修复 gofmt 格式问题
- 移除未使用的 min 函数
2026-01-01 04:21:18 +08:00
viper . SetDefault ( "gateway.log_upstream_error_body" , false )
viper . SetDefault ( "gateway.log_upstream_error_body_max_bytes" , 2048 )
viper . SetDefault ( "gateway.inject_beta_for_apikey" , false )
viper . SetDefault ( "gateway.failover_on_400" , false )
2025-12-31 08:50:12 +08:00
viper . SetDefault ( "gateway.max_body_size" , int64 ( 100 * 1024 * 1024 ) )
2025-12-31 11:43:58 +08:00
viper . SetDefault ( "gateway.connection_pool_isolation" , ConnectionPoolIsolationAccountProxy )
2025-12-31 08:50:12 +08:00
// HTTP 上游连接池配置(针对 5000+ 并发用户优化)
2026-01-04 22:10:32 +08:00
viper . SetDefault ( "gateway.max_idle_conns" , 240 ) // 最大空闲连接总数(
viper . SetDefault ( "gateway.max_idle_conns_per_host" , 120 ) // 每主机最大空闲连接(
viper . SetDefault ( "gateway.max_conns_per_host" , 240 ) // 每主机最大连接数( ,
2026-01-04 19:49:59 +08:00
viper . SetDefault ( "gateway.idle_conn_timeout_seconds" , 90 ) // 空闲连接超时(秒)
2025-12-31 11:43:58 +08:00
viper . SetDefault ( "gateway.max_upstream_clients" , 5000 )
viper . SetDefault ( "gateway.client_idle_ttl_seconds" , 900 )
2026-01-04 19:49:59 +08:00
viper . SetDefault ( "gateway.concurrency_slot_ttl_minutes" , 30 ) // 并发槽位过期时间(支持超长请求)
viper . SetDefault ( "gateway.stream_data_interval_timeout" , 180 )
viper . SetDefault ( "gateway.stream_keepalive_interval" , 10 )
2026-01-09 22:00:14 +08:00
viper . SetDefault ( "gateway.max_line_size" , 40 * 1024 * 1024 )
2026-01-01 04:01:51 +08:00
viper . SetDefault ( "gateway.scheduling.sticky_session_max_waiting" , 3 )
viper . SetDefault ( "gateway.scheduling.sticky_session_wait_timeout" , 45 * time . Second )
viper . SetDefault ( "gateway.scheduling.fallback_wait_timeout" , 30 * time . Second )
viper . SetDefault ( "gateway.scheduling.fallback_max_waiting" , 100 )
viper . SetDefault ( "gateway.scheduling.load_batch_enabled" , true )
viper . SetDefault ( "gateway.scheduling.slot_cleanup_interval" , 30 * time . Second )
2026-01-04 19:49:59 +08:00
viper . SetDefault ( "concurrency.ping_interval" , 10 )
2025-12-20 13:01:58 +08:00
// TokenRefresh
viper . SetDefault ( "token_refresh.enabled" , true )
2025-12-25 21:35:30 -08:00
viper . SetDefault ( "token_refresh.check_interval_minutes" , 5 ) // 每5分钟检查一次
2025-12-25 21:24:53 -08:00
viper . SetDefault ( "token_refresh.refresh_before_expiry_hours" , 0.5 ) // 提前30分钟刷新( )
2025-12-25 21:35:30 -08:00
viper . SetDefault ( "token_refresh.max_retries" , 3 ) // 最多重试3次
viper . SetDefault ( "token_refresh.retry_backoff_seconds" , 2 ) // 重试退避基础2秒
2025-12-25 21:24:53 -08:00
// Gemini OAuth - configure via environment variables or config file
// GEMINI_OAUTH_CLIENT_ID and GEMINI_OAUTH_CLIENT_SECRET
// Default: uses Gemini CLI public credentials (set via environment)
2025-12-25 06:43:00 -08:00
viper . SetDefault ( "gemini.oauth.client_id" , "" )
viper . SetDefault ( "gemini.oauth.client_secret" , "" )
viper . SetDefault ( "gemini.oauth.scopes" , "" )
2026-01-01 04:22:39 +08:00
viper . SetDefault ( "gemini.quota.policy" , "" )
2026-01-06 15:55:36 +08:00
// Update - 在线更新配置
// 代理地址为空表示直连 GitHub( )
viper . SetDefault ( "update.proxy_url" , "" )
2025-12-18 13:50:39 +08:00
}
func ( c * Config ) Validate ( ) error {
2026-01-02 17:40:57 +08:00
if c . JWT . ExpireHour <= 0 {
return fmt . Errorf ( "jwt.expire_hour must be positive" )
}
if c . JWT . ExpireHour > 168 {
return fmt . Errorf ( "jwt.expire_hour must be <= 168 (7 days)" )
2025-12-18 13:50:39 +08:00
}
2026-01-02 17:40:57 +08:00
if c . JWT . ExpireHour > 24 {
log . Printf ( "Warning: jwt.expire_hour is %d hours (> 24). Consider shorter expiration for security." , c . JWT . ExpireHour )
}
if c . Security . CSP . Enabled && strings . TrimSpace ( c . Security . CSP . Policy ) == "" {
return fmt . Errorf ( "security.csp.policy is required when CSP is enabled" )
}
2026-01-09 12:05:25 +08:00
if c . LinuxDo . Enabled {
if strings . TrimSpace ( c . LinuxDo . ClientID ) == "" {
return fmt . Errorf ( "linuxdo_connect.client_id is required when linuxdo_connect.enabled=true" )
}
if strings . TrimSpace ( c . LinuxDo . AuthorizeURL ) == "" {
return fmt . Errorf ( "linuxdo_connect.authorize_url is required when linuxdo_connect.enabled=true" )
}
if strings . TrimSpace ( c . LinuxDo . TokenURL ) == "" {
return fmt . Errorf ( "linuxdo_connect.token_url is required when linuxdo_connect.enabled=true" )
}
if strings . TrimSpace ( c . LinuxDo . UserInfoURL ) == "" {
return fmt . Errorf ( "linuxdo_connect.userinfo_url is required when linuxdo_connect.enabled=true" )
}
if strings . TrimSpace ( c . LinuxDo . RedirectURL ) == "" {
return fmt . Errorf ( "linuxdo_connect.redirect_url is required when linuxdo_connect.enabled=true" )
}
method := strings . ToLower ( strings . TrimSpace ( c . LinuxDo . TokenAuthMethod ) )
switch method {
case "" , "client_secret_post" , "client_secret_basic" , "none" :
default :
return fmt . Errorf ( "linuxdo_connect.token_auth_method must be one of: client_secret_post/client_secret_basic/none" )
}
if method == "none" && ! c . LinuxDo . UsePKCE {
return fmt . Errorf ( "linuxdo_connect.use_pkce must be true when linuxdo_connect.token_auth_method=none" )
}
if ( method == "" || method == "client_secret_post" || method == "client_secret_basic" ) && strings . TrimSpace ( c . LinuxDo . ClientSecret ) == "" {
return fmt . Errorf ( "linuxdo_connect.client_secret is required when linuxdo_connect.enabled=true and token_auth_method is client_secret_post/client_secret_basic" )
}
if strings . TrimSpace ( c . LinuxDo . FrontendRedirectURL ) == "" {
return fmt . Errorf ( "linuxdo_connect.frontend_redirect_url is required when linuxdo_connect.enabled=true" )
}
2026-01-09 19:32:06 +08:00
if err := ValidateAbsoluteHTTPURL ( c . LinuxDo . AuthorizeURL ) ; err != nil {
2026-01-09 12:05:25 +08:00
return fmt . Errorf ( "linuxdo_connect.authorize_url invalid: %w" , err )
}
2026-01-09 19:32:06 +08:00
if err := ValidateAbsoluteHTTPURL ( c . LinuxDo . TokenURL ) ; err != nil {
2026-01-09 12:05:25 +08:00
return fmt . Errorf ( "linuxdo_connect.token_url invalid: %w" , err )
}
2026-01-09 19:32:06 +08:00
if err := ValidateAbsoluteHTTPURL ( c . LinuxDo . UserInfoURL ) ; err != nil {
2026-01-09 12:05:25 +08:00
return fmt . Errorf ( "linuxdo_connect.userinfo_url invalid: %w" , err )
}
2026-01-09 19:32:06 +08:00
if err := ValidateAbsoluteHTTPURL ( c . LinuxDo . RedirectURL ) ; err != nil {
2026-01-09 12:05:25 +08:00
return fmt . Errorf ( "linuxdo_connect.redirect_url invalid: %w" , err )
}
2026-01-09 19:32:06 +08:00
if err := ValidateFrontendRedirectURL ( c . LinuxDo . FrontendRedirectURL ) ; err != nil {
2026-01-09 12:05:25 +08:00
return fmt . Errorf ( "linuxdo_connect.frontend_redirect_url invalid: %w" , err )
}
warnIfInsecureURL ( "linuxdo_connect.authorize_url" , c . LinuxDo . AuthorizeURL )
warnIfInsecureURL ( "linuxdo_connect.token_url" , c . LinuxDo . TokenURL )
warnIfInsecureURL ( "linuxdo_connect.userinfo_url" , c . LinuxDo . UserInfoURL )
warnIfInsecureURL ( "linuxdo_connect.redirect_url" , c . LinuxDo . RedirectURL )
warnIfInsecureURL ( "linuxdo_connect.frontend_redirect_url" , c . LinuxDo . FrontendRedirectURL )
}
2026-01-02 17:40:57 +08:00
if c . Billing . CircuitBreaker . Enabled {
if c . Billing . CircuitBreaker . FailureThreshold <= 0 {
return fmt . Errorf ( "billing.circuit_breaker.failure_threshold must be positive" )
}
if c . Billing . CircuitBreaker . ResetTimeoutSeconds <= 0 {
return fmt . Errorf ( "billing.circuit_breaker.reset_timeout_seconds must be positive" )
}
if c . Billing . CircuitBreaker . HalfOpenRequests <= 0 {
return fmt . Errorf ( "billing.circuit_breaker.half_open_requests must be positive" )
}
2025-12-18 13:50:39 +08:00
}
2025-12-31 08:50:12 +08:00
if c . Database . MaxOpenConns <= 0 {
return fmt . Errorf ( "database.max_open_conns must be positive" )
}
if c . Database . MaxIdleConns < 0 {
return fmt . Errorf ( "database.max_idle_conns must be non-negative" )
}
if c . Database . MaxIdleConns > c . Database . MaxOpenConns {
return fmt . Errorf ( "database.max_idle_conns cannot exceed database.max_open_conns" )
}
if c . Database . ConnMaxLifetimeMinutes < 0 {
return fmt . Errorf ( "database.conn_max_lifetime_minutes must be non-negative" )
}
if c . Database . ConnMaxIdleTimeMinutes < 0 {
return fmt . Errorf ( "database.conn_max_idle_time_minutes must be non-negative" )
}
if c . Redis . DialTimeoutSeconds <= 0 {
return fmt . Errorf ( "redis.dial_timeout_seconds must be positive" )
}
if c . Redis . ReadTimeoutSeconds <= 0 {
return fmt . Errorf ( "redis.read_timeout_seconds must be positive" )
}
if c . Redis . WriteTimeoutSeconds <= 0 {
return fmt . Errorf ( "redis.write_timeout_seconds must be positive" )
}
if c . Redis . PoolSize <= 0 {
return fmt . Errorf ( "redis.pool_size must be positive" )
}
if c . Redis . MinIdleConns < 0 {
return fmt . Errorf ( "redis.min_idle_conns must be non-negative" )
}
if c . Redis . MinIdleConns > c . Redis . PoolSize {
return fmt . Errorf ( "redis.min_idle_conns cannot exceed redis.pool_size" )
}
2026-01-11 10:07:03 +08:00
if c . Dashboard . Enabled {
if c . Dashboard . StatsFreshTTLSeconds <= 0 {
return fmt . Errorf ( "dashboard_cache.stats_fresh_ttl_seconds must be positive" )
}
if c . Dashboard . StatsTTLSeconds <= 0 {
return fmt . Errorf ( "dashboard_cache.stats_ttl_seconds must be positive" )
}
if c . Dashboard . StatsRefreshTimeoutSeconds <= 0 {
return fmt . Errorf ( "dashboard_cache.stats_refresh_timeout_seconds must be positive" )
}
if c . Dashboard . StatsFreshTTLSeconds > c . Dashboard . StatsTTLSeconds {
return fmt . Errorf ( "dashboard_cache.stats_fresh_ttl_seconds must be <= dashboard_cache.stats_ttl_seconds" )
}
} else {
if c . Dashboard . StatsFreshTTLSeconds < 0 {
return fmt . Errorf ( "dashboard_cache.stats_fresh_ttl_seconds must be non-negative" )
}
if c . Dashboard . StatsTTLSeconds < 0 {
return fmt . Errorf ( "dashboard_cache.stats_ttl_seconds must be non-negative" )
}
if c . Dashboard . StatsRefreshTimeoutSeconds < 0 {
return fmt . Errorf ( "dashboard_cache.stats_refresh_timeout_seconds must be non-negative" )
}
}
2026-01-11 16:01:35 +08:00
if c . DashboardAgg . Enabled {
if c . DashboardAgg . IntervalSeconds <= 0 {
return fmt . Errorf ( "dashboard_aggregation.interval_seconds must be positive" )
}
if c . DashboardAgg . LookbackSeconds < 0 {
return fmt . Errorf ( "dashboard_aggregation.lookback_seconds must be non-negative" )
}
if c . DashboardAgg . Retention . UsageLogsDays <= 0 {
return fmt . Errorf ( "dashboard_aggregation.retention.usage_logs_days must be positive" )
}
if c . DashboardAgg . Retention . HourlyDays <= 0 {
return fmt . Errorf ( "dashboard_aggregation.retention.hourly_days must be positive" )
}
if c . DashboardAgg . Retention . DailyDays <= 0 {
return fmt . Errorf ( "dashboard_aggregation.retention.daily_days must be positive" )
}
if c . DashboardAgg . RecomputeDays < 0 {
return fmt . Errorf ( "dashboard_aggregation.recompute_days must be non-negative" )
}
} else {
if c . DashboardAgg . IntervalSeconds < 0 {
return fmt . Errorf ( "dashboard_aggregation.interval_seconds must be non-negative" )
}
if c . DashboardAgg . LookbackSeconds < 0 {
return fmt . Errorf ( "dashboard_aggregation.lookback_seconds must be non-negative" )
}
if c . DashboardAgg . Retention . UsageLogsDays < 0 {
return fmt . Errorf ( "dashboard_aggregation.retention.usage_logs_days must be non-negative" )
}
if c . DashboardAgg . Retention . HourlyDays < 0 {
return fmt . Errorf ( "dashboard_aggregation.retention.hourly_days must be non-negative" )
}
if c . DashboardAgg . Retention . DailyDays < 0 {
return fmt . Errorf ( "dashboard_aggregation.retention.daily_days must be non-negative" )
}
if c . DashboardAgg . RecomputeDays < 0 {
return fmt . Errorf ( "dashboard_aggregation.recompute_days must be non-negative" )
}
}
2025-12-31 08:50:12 +08:00
if c . Gateway . MaxBodySize <= 0 {
return fmt . Errorf ( "gateway.max_body_size must be positive" )
}
2025-12-31 11:43:58 +08:00
if strings . TrimSpace ( c . Gateway . ConnectionPoolIsolation ) != "" {
switch c . Gateway . ConnectionPoolIsolation {
case ConnectionPoolIsolationProxy , ConnectionPoolIsolationAccount , ConnectionPoolIsolationAccountProxy :
default :
return fmt . Errorf ( "gateway.connection_pool_isolation must be one of: %s/%s/%s" ,
ConnectionPoolIsolationProxy , ConnectionPoolIsolationAccount , ConnectionPoolIsolationAccountProxy )
}
}
2025-12-31 08:50:12 +08:00
if c . Gateway . MaxIdleConns <= 0 {
return fmt . Errorf ( "gateway.max_idle_conns must be positive" )
}
if c . Gateway . MaxIdleConnsPerHost <= 0 {
return fmt . Errorf ( "gateway.max_idle_conns_per_host must be positive" )
}
if c . Gateway . MaxConnsPerHost < 0 {
return fmt . Errorf ( "gateway.max_conns_per_host must be non-negative" )
}
if c . Gateway . IdleConnTimeoutSeconds <= 0 {
return fmt . Errorf ( "gateway.idle_conn_timeout_seconds must be positive" )
2025-12-31 11:43:58 +08:00
}
2026-01-04 19:49:59 +08:00
if c . Gateway . IdleConnTimeoutSeconds > 180 {
log . Printf ( "Warning: gateway.idle_conn_timeout_seconds is %d (> 180). Consider 60-120 seconds for better connection reuse." , c . Gateway . IdleConnTimeoutSeconds )
}
2025-12-31 11:43:58 +08:00
if c . Gateway . MaxUpstreamClients <= 0 {
return fmt . Errorf ( "gateway.max_upstream_clients must be positive" )
}
if c . Gateway . ClientIdleTTLSeconds <= 0 {
return fmt . Errorf ( "gateway.client_idle_ttl_seconds must be positive" )
2025-12-31 08:50:12 +08:00
}
if c . Gateway . ConcurrencySlotTTLMinutes <= 0 {
return fmt . Errorf ( "gateway.concurrency_slot_ttl_minutes must be positive" )
}
2026-01-04 19:49:59 +08:00
if c . Gateway . StreamDataIntervalTimeout < 0 {
return fmt . Errorf ( "gateway.stream_data_interval_timeout must be non-negative" )
}
if c . Gateway . StreamDataIntervalTimeout != 0 &&
( c . Gateway . StreamDataIntervalTimeout < 30 || c . Gateway . StreamDataIntervalTimeout > 300 ) {
return fmt . Errorf ( "gateway.stream_data_interval_timeout must be 0 or between 30-300 seconds" )
}
if c . Gateway . StreamKeepaliveInterval < 0 {
return fmt . Errorf ( "gateway.stream_keepalive_interval must be non-negative" )
}
if c . Gateway . StreamKeepaliveInterval != 0 &&
( c . Gateway . StreamKeepaliveInterval < 5 || c . Gateway . StreamKeepaliveInterval > 30 ) {
return fmt . Errorf ( "gateway.stream_keepalive_interval must be 0 or between 5-30 seconds" )
}
if c . Gateway . MaxLineSize < 0 {
return fmt . Errorf ( "gateway.max_line_size must be non-negative" )
}
if c . Gateway . MaxLineSize != 0 && c . Gateway . MaxLineSize < 1024 * 1024 {
return fmt . Errorf ( "gateway.max_line_size must be at least 1MB" )
}
2026-01-01 04:01:51 +08:00
if c . Gateway . Scheduling . StickySessionMaxWaiting <= 0 {
return fmt . Errorf ( "gateway.scheduling.sticky_session_max_waiting must be positive" )
}
if c . Gateway . Scheduling . StickySessionWaitTimeout <= 0 {
return fmt . Errorf ( "gateway.scheduling.sticky_session_wait_timeout must be positive" )
}
if c . Gateway . Scheduling . FallbackWaitTimeout <= 0 {
return fmt . Errorf ( "gateway.scheduling.fallback_wait_timeout must be positive" )
}
if c . Gateway . Scheduling . FallbackMaxWaiting <= 0 {
return fmt . Errorf ( "gateway.scheduling.fallback_max_waiting must be positive" )
}
if c . Gateway . Scheduling . SlotCleanupInterval < 0 {
return fmt . Errorf ( "gateway.scheduling.slot_cleanup_interval must be non-negative" )
}
2026-01-04 19:49:59 +08:00
if c . Concurrency . PingInterval < 5 || c . Concurrency . PingInterval > 30 {
return fmt . Errorf ( "concurrency.ping_interval must be between 5-30 seconds" )
}
2025-12-18 13:50:39 +08:00
return nil
}
2025-12-19 11:21:58 +08:00
2026-01-02 17:40:57 +08:00
func normalizeStringSlice ( values [ ] string ) [ ] string {
if len ( values ) == 0 {
return values
}
normalized := make ( [ ] string , 0 , len ( values ) )
for _ , v := range values {
trimmed := strings . TrimSpace ( v )
if trimmed == "" {
continue
}
normalized = append ( normalized , trimmed )
}
return normalized
}
func isWeakJWTSecret ( secret string ) bool {
lower := strings . ToLower ( strings . TrimSpace ( secret ) )
if lower == "" {
return true
}
weak := map [ string ] struct { } {
"change-me-in-production" : { } ,
"changeme" : { } ,
"secret" : { } ,
"password" : { } ,
"123456" : { } ,
"12345678" : { } ,
"admin" : { } ,
"jwt-secret" : { } ,
}
_ , exists := weak [ lower ]
return exists
}
func generateJWTSecret ( byteLength int ) ( string , error ) {
if byteLength <= 0 {
byteLength = 32
}
buf := make ( [ ] byte , byteLength )
if _ , err := rand . Read ( buf ) ; err != nil {
return "" , err
}
return hex . EncodeToString ( buf ) , nil
}
2025-12-19 11:21:58 +08:00
// GetServerAddress returns the server address (host:port) from config file or environment variable.
// This is a lightweight function that can be used before full config validation,
// such as during setup wizard startup.
// Priority: config.yaml > environment variables > defaults
func GetServerAddress ( ) string {
v := viper . New ( )
v . SetConfigName ( "config" )
v . SetConfigType ( "yaml" )
v . AddConfigPath ( "." )
v . AddConfigPath ( "./config" )
v . AddConfigPath ( "/etc/sub2api" )
// Support SERVER_HOST and SERVER_PORT environment variables
v . AutomaticEnv ( )
v . SetEnvKeyReplacer ( strings . NewReplacer ( "." , "_" ) )
v . SetDefault ( "server.host" , "0.0.0.0" )
v . SetDefault ( "server.port" , 8080 )
// Try to read config file (ignore errors if not found)
_ = v . ReadInConfig ( )
host := v . GetString ( "server.host" )
port := v . GetInt ( "server.port" )
return fmt . Sprintf ( "%s:%d" , host , port )
}
