backend/internal/service/openai_gateway_service.go

package service

import (
	"bufio"
	"bytes"
	"context"
	"crypto/sha256"
	"encoding/hex"
	"encoding/json"
	"errors"
	"fmt"
	"io"
	"log"
	"net/http"
	"regexp"
	"sort"
	"strconv"
	"strings"
	"sync/atomic"
	"time"

	"github.com/Wei-Shaw/sub2api/internal/config"
	"github.com/Wei-Shaw/sub2api/internal/pkg/openai"
	"github.com/Wei-Shaw/sub2api/internal/util/responseheaders"
	"github.com/Wei-Shaw/sub2api/internal/util/urlvalidator"
	"github.com/gin-gonic/gin"
)

const (
	// ChatGPT internal API for OAuth accounts
	chatgptCodexURL = "https://chatgpt.com/backend-api/codex/responses"
	// OpenAI Platform API for API Key accounts (fallback)
	openaiPlatformAPIURL   = "https://api.openai.com/v1/responses"
	openaiStickySessionTTL = time.Hour // 粘性会话TTL
)

// openaiSSEDataRe matches SSE data lines with optional whitespace after colon.
// Some upstream APIs return non-standard "data:" without space (should be "data: ").
var openaiSSEDataRe = regexp.MustCompile(`^data:\s*`)

// OpenAI allowed headers whitelist (for non-OAuth accounts)
var openaiAllowedHeaders = map[string]bool{
	"accept-language": true,
	"content-type":    true,
	"conversation_id": true,
	"user-agent":      true,
	"originator":      true,
	"session_id":      true,
}

// OpenAICodexUsageSnapshot represents Codex API usage limits from response headers
type OpenAICodexUsageSnapshot struct {
	PrimaryUsedPercent          *float64 `json:"primary_used_percent,omitempty"`
	PrimaryResetAfterSeconds    *int     `json:"primary_reset_after_seconds,omitempty"`
	PrimaryWindowMinutes        *int     `json:"primary_window_minutes,omitempty"`
	SecondaryUsedPercent        *float64 `json:"secondary_used_percent,omitempty"`
	SecondaryResetAfterSeconds  *int     `json:"secondary_reset_after_seconds,omitempty"`
	SecondaryWindowMinutes      *int     `json:"secondary_window_minutes,omitempty"`
	PrimaryOverSecondaryPercent *float64 `json:"primary_over_secondary_percent,omitempty"`
	UpdatedAt                   string   `json:"updated_at,omitempty"`
}

// OpenAIUsage represents OpenAI API response usage
type OpenAIUsage struct {
	InputTokens              int `json:"input_tokens"`
	OutputTokens             int `json:"output_tokens"`
	CacheCreationInputTokens int `json:"cache_creation_input_tokens,omitempty"`
	CacheReadInputTokens     int `json:"cache_read_input_tokens,omitempty"`
}

// OpenAIForwardResult represents the result of forwarding
type OpenAIForwardResult struct {
	RequestID    string
	Usage        OpenAIUsage
	Model        string
	Stream       bool
	Duration     time.Duration
	FirstTokenMs *int
}

// OpenAIGatewayService handles OpenAI API gateway operations
type OpenAIGatewayService struct {
	accountRepo         AccountRepository
	usageLogRepo        UsageLogRepository
	userRepo            UserRepository
	userSubRepo         UserSubscriptionRepository
	cache               GatewayCache
	cfg                 *config.Config
	schedulerSnapshot   *SchedulerSnapshotService
	concurrencyService  *ConcurrencyService
	billingService      *BillingService
	rateLimitService    *RateLimitService
	billingCacheService *BillingCacheService
	httpUpstream        HTTPUpstream
	deferredService     *DeferredService
	openAITokenProvider *OpenAITokenProvider
	toolCorrector       *CodexToolCorrector
}

// NewOpenAIGatewayService creates a new OpenAIGatewayService
func NewOpenAIGatewayService(
	accountRepo AccountRepository,
	usageLogRepo UsageLogRepository,
	userRepo UserRepository,
	userSubRepo UserSubscriptionRepository,
	cache GatewayCache,
	cfg *config.Config,
	schedulerSnapshot *SchedulerSnapshotService,
	concurrencyService *ConcurrencyService,
	billingService *BillingService,
	rateLimitService *RateLimitService,
	billingCacheService *BillingCacheService,
	httpUpstream HTTPUpstream,
	deferredService *DeferredService,
	openAITokenProvider *OpenAITokenProvider,
) *OpenAIGatewayService {
	return &OpenAIGatewayService{
		accountRepo:         accountRepo,
		usageLogRepo:        usageLogRepo,
		userRepo:            userRepo,
		userSubRepo:         userSubRepo,
		cache:               cache,
		cfg:                 cfg,
		schedulerSnapshot:   schedulerSnapshot,
		concurrencyService:  concurrencyService,
		billingService:      billingService,
		rateLimitService:    rateLimitService,
		billingCacheService: billingCacheService,
		httpUpstream:        httpUpstream,
		deferredService:     deferredService,
		openAITokenProvider: openAITokenProvider,
		toolCorrector:       NewCodexToolCorrector(),
	}
}

// GenerateSessionHash generates session hash from header (OpenAI uses session_id header)
func (s *OpenAIGatewayService) GenerateSessionHash(c *gin.Context) string {
	sessionID := c.GetHeader("session_id")
	if sessionID == "" {
		return ""
	}
	hash := sha256.Sum256([]byte(sessionID))
	return hex.EncodeToString(hash[:])
}

// BindStickySession sets session -> account binding with standard TTL.
func (s *OpenAIGatewayService) BindStickySession(ctx context.Context, groupID *int64, sessionHash string, accountID int64) error {
	if sessionHash == "" || accountID <= 0 {
		return nil
	}
	return s.cache.SetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash, accountID, openaiStickySessionTTL)
}

// SelectAccount selects an OpenAI account with sticky session support
func (s *OpenAIGatewayService) SelectAccount(ctx context.Context, groupID *int64, sessionHash string) (*Account, error) {
	return s.SelectAccountForModel(ctx, groupID, sessionHash, "")
}

// SelectAccountForModel selects an account supporting the requested model
func (s *OpenAIGatewayService) SelectAccountForModel(ctx context.Context, groupID *int64, sessionHash string, requestedModel string) (*Account, error) {
	return s.SelectAccountForModelWithExclusions(ctx, groupID, sessionHash, requestedModel, nil)
}

// SelectAccountForModelWithExclusions selects an account supporting the requested model while excluding specified accounts.
func (s *OpenAIGatewayService) SelectAccountForModelWithExclusions(ctx context.Context, groupID *int64, sessionHash string, requestedModel string, excludedIDs map[int64]struct{}) (*Account, error) {
	// 1. Check sticky session
	if sessionHash != "" {
		accountID, err := s.cache.GetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash)
		if err == nil && accountID > 0 {
			if _, excluded := excludedIDs[accountID]; !excluded {
				account, err := s.getSchedulableAccount(ctx, accountID)
				if err == nil && account.IsSchedulable() && account.IsOpenAI() && (requestedModel == "" || account.IsModelSupported(requestedModel)) {
					// Refresh sticky session TTL
					_ = s.cache.RefreshSessionTTL(ctx, derefGroupID(groupID), "openai:"+sessionHash, openaiStickySessionTTL)
					return account, nil
				}
			}
		}
	}

	// 2. Get schedulable OpenAI accounts
	accounts, err := s.listSchedulableAccounts(ctx, groupID)
	if err != nil {
		return nil, fmt.Errorf("query accounts failed: %w", err)
	}

	// 3. Select by priority + LRU
	var selected *Account
	for i := range accounts {
		acc := &accounts[i]
		if _, excluded := excludedIDs[acc.ID]; excluded {
			continue
		}
		// Scheduler snapshots can be temporarily stale; re-check schedulability here to
		// avoid selecting accounts that were recently rate-limited/overloaded.
		if !acc.IsSchedulable() {
			continue
		}
		// Check model support
		if requestedModel != "" && !acc.IsModelSupported(requestedModel) {
			continue
		}
		if selected == nil {
			selected = acc
			continue
		}
		// Lower priority value means higher priority
		if acc.Priority < selected.Priority {
			selected = acc
		} else if acc.Priority == selected.Priority {
			switch {
			case acc.LastUsedAt == nil && selected.LastUsedAt != nil:
				selected = acc
			case acc.LastUsedAt != nil && selected.LastUsedAt == nil:
				// keep selected (never used is preferred)
			case acc.LastUsedAt == nil && selected.LastUsedAt == nil:
				// keep selected (both never used)
			default:
				// Same priority, select least recently used
				if acc.LastUsedAt.Before(*selected.LastUsedAt) {
					selected = acc
				}
			}
		}
	}

	if selected == nil {
		if requestedModel != "" {
			return nil, fmt.Errorf("no available OpenAI accounts supporting model: %s", requestedModel)
		}
		return nil, errors.New("no available OpenAI accounts")
	}

	// 4. Set sticky session
	if sessionHash != "" {
		_ = s.cache.SetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash, selected.ID, openaiStickySessionTTL)
	}

	return selected, nil
}

// SelectAccountWithLoadAwareness selects an account with load-awareness and wait plan.
func (s *OpenAIGatewayService) SelectAccountWithLoadAwareness(ctx context.Context, groupID *int64, sessionHash string, requestedModel string, excludedIDs map[int64]struct{}) (*AccountSelectionResult, error) {
	cfg := s.schedulingConfig()
	var stickyAccountID int64
	if sessionHash != "" && s.cache != nil {
		if accountID, err := s.cache.GetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash); err == nil {
			stickyAccountID = accountID
		}
	}
	if s.concurrencyService == nil || !cfg.LoadBatchEnabled {
		account, err := s.SelectAccountForModelWithExclusions(ctx, groupID, sessionHash, requestedModel, excludedIDs)
		if err != nil {
			return nil, err
		}
		result, err := s.tryAcquireAccountSlot(ctx, account.ID, account.Concurrency)
		if err == nil && result.Acquired {
			return &AccountSelectionResult{
				Account:     account,
				Acquired:    true,
				ReleaseFunc: result.ReleaseFunc,
			}, nil
		}
		if stickyAccountID > 0 && stickyAccountID == account.ID && s.concurrencyService != nil {
			waitingCount, _ := s.concurrencyService.GetAccountWaitingCount(ctx, account.ID)
			if waitingCount < cfg.StickySessionMaxWaiting {
				return &AccountSelectionResult{
					Account: account,
					WaitPlan: &AccountWaitPlan{
						AccountID:      account.ID,
						MaxConcurrency: account.Concurrency,
						Timeout:        cfg.StickySessionWaitTimeout,
						MaxWaiting:     cfg.StickySessionMaxWaiting,
					},
				}, nil
			}
		}
		return &AccountSelectionResult{
			Account: account,
			WaitPlan: &AccountWaitPlan{
				AccountID:      account.ID,
				MaxConcurrency: account.Concurrency,
				Timeout:        cfg.FallbackWaitTimeout,
				MaxWaiting:     cfg.FallbackMaxWaiting,
			},
		}, nil
	}

	accounts, err := s.listSchedulableAccounts(ctx, groupID)
	if err != nil {
		return nil, err
	}
	if len(accounts) == 0 {
		return nil, errors.New("no available accounts")
	}

	isExcluded := func(accountID int64) bool {
		if excludedIDs == nil {
			return false
		}
		_, excluded := excludedIDs[accountID]
		return excluded
	}

	// ============ Layer 1: Sticky session ============
	if sessionHash != "" {
		accountID, err := s.cache.GetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash)
		if err == nil && accountID > 0 && !isExcluded(accountID) {
			account, err := s.getSchedulableAccount(ctx, accountID)
			if err == nil && account.IsSchedulable() && account.IsOpenAI() &&
				(requestedModel == "" || account.IsModelSupported(requestedModel)) {
				result, err := s.tryAcquireAccountSlot(ctx, accountID, account.Concurrency)
				if err == nil && result.Acquired {
					_ = s.cache.RefreshSessionTTL(ctx, derefGroupID(groupID), "openai:"+sessionHash, openaiStickySessionTTL)
					return &AccountSelectionResult{
						Account:     account,
						Acquired:    true,
						ReleaseFunc: result.ReleaseFunc,
					}, nil
				}

				waitingCount, _ := s.concurrencyService.GetAccountWaitingCount(ctx, accountID)
				if waitingCount < cfg.StickySessionMaxWaiting {
					return &AccountSelectionResult{
						Account: account,
						WaitPlan: &AccountWaitPlan{
							AccountID:      accountID,
							MaxConcurrency: account.Concurrency,
							Timeout:        cfg.StickySessionWaitTimeout,
							MaxWaiting:     cfg.StickySessionMaxWaiting,
						},
					}, nil
				}
			}
		}
	}

	// ============ Layer 2: Load-aware selection ============
	candidates := make([]*Account, 0, len(accounts))
	for i := range accounts {
		acc := &accounts[i]
		if isExcluded(acc.ID) {
			continue
		}
		// Scheduler snapshots can be temporarily stale (bucket rebuild is throttled);
		// re-check schedulability here so recently rate-limited/overloaded accounts
		// are not selected again before the bucket is rebuilt.
		if !acc.IsSchedulable() {
			continue
		}
		if requestedModel != "" && !acc.IsModelSupported(requestedModel) {
			continue
		}
		candidates = append(candidates, acc)
	}

	if len(candidates) == 0 {
		return nil, errors.New("no available accounts")
	}

	accountLoads := make([]AccountWithConcurrency, 0, len(candidates))
	for _, acc := range candidates {
		accountLoads = append(accountLoads, AccountWithConcurrency{
			ID:             acc.ID,
			MaxConcurrency: acc.Concurrency,
		})
	}

	loadMap, err := s.concurrencyService.GetAccountsLoadBatch(ctx, accountLoads)
	if err != nil {
		ordered := append([]*Account(nil), candidates...)
		sortAccountsByPriorityAndLastUsed(ordered, false)
		for _, acc := range ordered {
			result, err := s.tryAcquireAccountSlot(ctx, acc.ID, acc.Concurrency)
			if err == nil && result.Acquired {
				if sessionHash != "" {
					_ = s.cache.SetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash, acc.ID, openaiStickySessionTTL)
				}
				return &AccountSelectionResult{
					Account:     acc,
					Acquired:    true,
					ReleaseFunc: result.ReleaseFunc,
				}, nil
			}
		}
	} else {
		type accountWithLoad struct {
			account  *Account
			loadInfo *AccountLoadInfo
		}
		var available []accountWithLoad
		for _, acc := range candidates {
			loadInfo := loadMap[acc.ID]
			if loadInfo == nil {
				loadInfo = &AccountLoadInfo{AccountID: acc.ID}
			}
			if loadInfo.LoadRate < 100 {
				available = append(available, accountWithLoad{
					account:  acc,
					loadInfo: loadInfo,
				})
			}
		}

		if len(available) > 0 {
			sort.SliceStable(available, func(i, j int) bool {
				a, b := available[i], available[j]
				if a.account.Priority != b.account.Priority {
					return a.account.Priority < b.account.Priority
				}
				if a.loadInfo.LoadRate != b.loadInfo.LoadRate {
					return a.loadInfo.LoadRate < b.loadInfo.LoadRate
				}
				switch {
				case a.account.LastUsedAt == nil && b.account.LastUsedAt != nil:
					return true
				case a.account.LastUsedAt != nil && b.account.LastUsedAt == nil:
					return false
				case a.account.LastUsedAt == nil && b.account.LastUsedAt == nil:
					return false
				default:
					return a.account.LastUsedAt.Before(*b.account.LastUsedAt)
				}
			})

			for _, item := range available {
				result, err := s.tryAcquireAccountSlot(ctx, item.account.ID, item.account.Concurrency)
				if err == nil && result.Acquired {
					if sessionHash != "" {
						_ = s.cache.SetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash, item.account.ID, openaiStickySessionTTL)
					}
					return &AccountSelectionResult{
						Account:     item.account,
						Acquired:    true,
						ReleaseFunc: result.ReleaseFunc,
					}, nil
				}
			}
		}
	}

	// ============ Layer 3: Fallback wait ============
	sortAccountsByPriorityAndLastUsed(candidates, false)
	for _, acc := range candidates {
		return &AccountSelectionResult{
			Account: acc,
			WaitPlan: &AccountWaitPlan{
				AccountID:      acc.ID,
				MaxConcurrency: acc.Concurrency,
				Timeout:        cfg.FallbackWaitTimeout,
				MaxWaiting:     cfg.FallbackMaxWaiting,
			},
		}, nil
	}

	return nil, errors.New("no available accounts")
}

func (s *OpenAIGatewayService) listSchedulableAccounts(ctx context.Context, groupID *int64) ([]Account, error) {
	if s.schedulerSnapshot != nil {
		accounts, _, err := s.schedulerSnapshot.ListSchedulableAccounts(ctx, groupID, PlatformOpenAI, false)
		return accounts, err
	}
	var accounts []Account
	var err error
	if s.cfg != nil && s.cfg.RunMode == config.RunModeSimple {
		accounts, err = s.accountRepo.ListSchedulableByPlatform(ctx, PlatformOpenAI)
	} else if groupID != nil {
		accounts, err = s.accountRepo.ListSchedulableByGroupIDAndPlatform(ctx, *groupID, PlatformOpenAI)
	} else {
		accounts, err = s.accountRepo.ListSchedulableByPlatform(ctx, PlatformOpenAI)
	}
	if err != nil {
		return nil, fmt.Errorf("query accounts failed: %w", err)
	}
	return accounts, nil
}

func (s *OpenAIGatewayService) tryAcquireAccountSlot(ctx context.Context, accountID int64, maxConcurrency int) (*AcquireResult, error) {
	if s.concurrencyService == nil {
		return &AcquireResult{Acquired: true, ReleaseFunc: func() {}}, nil
	}
	return s.concurrencyService.AcquireAccountSlot(ctx, accountID, maxConcurrency)
}

func (s *OpenAIGatewayService) getSchedulableAccount(ctx context.Context, accountID int64) (*Account, error) {
	if s.schedulerSnapshot != nil {
		return s.schedulerSnapshot.GetAccount(ctx, accountID)
	}
	return s.accountRepo.GetByID(ctx, accountID)
}

func (s *OpenAIGatewayService) schedulingConfig() config.GatewaySchedulingConfig {
	if s.cfg != nil {
		return s.cfg.Gateway.Scheduling
	}
	return config.GatewaySchedulingConfig{
		StickySessionMaxWaiting:  3,
		StickySessionWaitTimeout: 45 * time.Second,
		FallbackWaitTimeout:      30 * time.Second,
		FallbackMaxWaiting:       100,
		LoadBatchEnabled:         true,
		SlotCleanupInterval:      30 * time.Second,
	}
}

// GetAccessToken gets the access token for an OpenAI account
func (s *OpenAIGatewayService) GetAccessToken(ctx context.Context, account *Account) (string, string, error) {
	switch account.Type {
	case AccountTypeOAuth:
		// 使用 TokenProvider 获取缓存的 token
		if s.openAITokenProvider != nil {
			accessToken, err := s.openAITokenProvider.GetAccessToken(ctx, account)
			if err != nil {
				return "", "", err
			}
			return accessToken, "oauth", nil
		}
		// 降级：TokenProvider 未配置时直接从账号读取
		accessToken := account.GetOpenAIAccessToken()
		if accessToken == "" {
			return "", "", errors.New("access_token not found in credentials")
		}
		return accessToken, "oauth", nil
	case AccountTypeAPIKey:
		apiKey := account.GetOpenAIApiKey()
		if apiKey == "" {
			return "", "", errors.New("api_key not found in credentials")
		}
		return apiKey, "apikey", nil
	default:
		return "", "", fmt.Errorf("unsupported account type: %s", account.Type)
	}
}

func (s *OpenAIGatewayService) shouldFailoverUpstreamError(statusCode int) bool {
	switch statusCode {
	case 401, 402, 403, 429, 529:
		return true
	default:
		return statusCode >= 500
	}
}

func (s *OpenAIGatewayService) handleFailoverSideEffects(ctx context.Context, resp *http.Response, account *Account) {
	body, _ := io.ReadAll(io.LimitReader(resp.Body, 2<<20))
	s.rateLimitService.HandleUpstreamError(ctx, account, resp.StatusCode, resp.Header, body)
}

// Forward forwards request to OpenAI API
func (s *OpenAIGatewayService) Forward(ctx context.Context, c *gin.Context, account *Account, body []byte) (*OpenAIForwardResult, error) {
	startTime := time.Now()

	// Parse request body once (avoid multiple parse/serialize cycles)
	var reqBody map[string]any
	if err := json.Unmarshal(body, &reqBody); err != nil {
		return nil, fmt.Errorf("parse request: %w", err)
	}

	// Extract model and stream from parsed body
	reqModel, _ := reqBody["model"].(string)
	reqStream, _ := reqBody["stream"].(bool)
	promptCacheKey := ""
	if v, ok := reqBody["prompt_cache_key"].(string); ok {
		promptCacheKey = strings.TrimSpace(v)
	}

	// Track if body needs re-serialization
	bodyModified := false
	originalModel := reqModel

	isCodexCLI := openai.IsCodexCLIRequest(c.GetHeader("User-Agent"))

	// 对所有请求执行模型映射（包含 Codex CLI）。
	mappedModel := account.GetMappedModel(reqModel)
	if mappedModel != reqModel {
		log.Printf("[OpenAI] Model mapping applied: %s -> %s (account: %s, isCodexCLI: %v)", reqModel, mappedModel, account.Name, isCodexCLI)
		reqBody["model"] = mappedModel
		bodyModified = true
	}

	// 针对所有 OpenAI 账号执行 Codex 模型名规范化，确保上游识别一致。
	if model, ok := reqBody["model"].(string); ok {
		normalizedModel := normalizeCodexModel(model)
		if normalizedModel != "" && normalizedModel != model {
			log.Printf("[OpenAI] Codex model normalization: %s -> %s (account: %s, type: %s, isCodexCLI: %v)",
				model, normalizedModel, account.Name, account.Type, isCodexCLI)
			reqBody["model"] = normalizedModel
			mappedModel = normalizedModel
			bodyModified = true
		}
	}

	// 规范化 reasoning.effort 参数（minimal -> none），与上游允许值对齐。
	if reasoning, ok := reqBody["reasoning"].(map[string]any); ok {
		if effort, ok := reasoning["effort"].(string); ok && effort == "minimal" {
			reasoning["effort"] = "none"
			bodyModified = true
			log.Printf("[OpenAI] Normalized reasoning.effort: minimal -> none (account: %s)", account.Name)
		}
	}

	if account.Type == AccountTypeOAuth && !isCodexCLI {
		codexResult := applyCodexOAuthTransform(reqBody)
		if codexResult.Modified {
			bodyModified = true
		}
		if codexResult.NormalizedModel != "" {
			mappedModel = codexResult.NormalizedModel
		}
		if codexResult.PromptCacheKey != "" {
			promptCacheKey = codexResult.PromptCacheKey
		}
	}

	// Handle max_output_tokens based on platform and account type
	if !isCodexCLI {
		if maxOutputTokens, hasMaxOutputTokens := reqBody["max_output_tokens"]; hasMaxOutputTokens {
			switch account.Platform {
			case PlatformOpenAI:
				// For OpenAI API Key, remove max_output_tokens (not supported)
				// For OpenAI OAuth (Responses API), keep it (supported)
				if account.Type == AccountTypeAPIKey {
					delete(reqBody, "max_output_tokens")
					bodyModified = true
				}
			case PlatformAnthropic:
				// For Anthropic (Claude), convert to max_tokens
				delete(reqBody, "max_output_tokens")
				if _, hasMaxTokens := reqBody["max_tokens"]; !hasMaxTokens {
					reqBody["max_tokens"] = maxOutputTokens
				}
				bodyModified = true
			case PlatformGemini:
				// For Gemini, remove (will be handled by Gemini-specific transform)
				delete(reqBody, "max_output_tokens")
				bodyModified = true
			default:
				// For unknown platforms, remove to be safe
				delete(reqBody, "max_output_tokens")
				bodyModified = true
			}
		}

		// Also handle max_completion_tokens (similar logic)
		if _, hasMaxCompletionTokens := reqBody["max_completion_tokens"]; hasMaxCompletionTokens {
			if account.Type == AccountTypeAPIKey || account.Platform != PlatformOpenAI {
				delete(reqBody, "max_completion_tokens")
				bodyModified = true
			}
		}
	}

	// Re-serialize body only if modified
	if bodyModified {
		var err error
		body, err = json.Marshal(reqBody)
		if err != nil {
			return nil, fmt.Errorf("serialize request body: %w", err)
		}
	}

	// Get access token
	token, _, err := s.GetAccessToken(ctx, account)
	if err != nil {
		return nil, err
	}

	// Build upstream request
	upstreamReq, err := s.buildUpstreamRequest(ctx, c, account, body, token, reqStream, promptCacheKey, isCodexCLI)
	if err != nil {
		return nil, err
	}

	// Get proxy URL
	proxyURL := ""
	if account.ProxyID != nil && account.Proxy != nil {
		proxyURL = account.Proxy.URL()
	}

	// Capture upstream request body for ops retry of this attempt.
	if c != nil {
		c.Set(OpsUpstreamRequestBodyKey, string(body))
	}

	// Send request
	resp, err := s.httpUpstream.Do(upstreamReq, proxyURL, account.ID, account.Concurrency)
	if err != nil {
		// Ensure the client receives an error response (handlers assume Forward writes on non-failover errors).
		safeErr := sanitizeUpstreamErrorMessage(err.Error())
		setOpsUpstreamError(c, 0, safeErr, "")
		appendOpsUpstreamError(c, OpsUpstreamErrorEvent{
			Platform:           account.Platform,
			AccountID:          account.ID,
			AccountName:        account.Name,
			UpstreamStatusCode: 0,
			Kind:               "request_error",
			Message:            safeErr,
		})
		c.JSON(http.StatusBadGateway, gin.H{
			"error": gin.H{
				"type":    "upstream_error",
				"message": "Upstream request failed",
			},
		})
		return nil, fmt.Errorf("upstream request failed: %s", safeErr)
	}
	defer func() { _ = resp.Body.Close() }()

	// Handle error response
	if resp.StatusCode >= 400 {
		if s.shouldFailoverUpstreamError(resp.StatusCode) {
			respBody, _ := io.ReadAll(io.LimitReader(resp.Body, 2<<20))
			_ = resp.Body.Close()
			resp.Body = io.NopCloser(bytes.NewReader(respBody))

			upstreamMsg := strings.TrimSpace(extractUpstreamErrorMessage(respBody))
			upstreamMsg = sanitizeUpstreamErrorMessage(upstreamMsg)
			upstreamDetail := ""
			if s.cfg != nil && s.cfg.Gateway.LogUpstreamErrorBody {
				maxBytes := s.cfg.Gateway.LogUpstreamErrorBodyMaxBytes
				if maxBytes <= 0 {
					maxBytes = 2048
				}
				upstreamDetail = truncateString(string(respBody), maxBytes)
			}
			appendOpsUpstreamError(c, OpsUpstreamErrorEvent{
				Platform:           account.Platform,
				AccountID:          account.ID,
				AccountName:        account.Name,
				UpstreamStatusCode: resp.StatusCode,
				UpstreamRequestID:  resp.Header.Get("x-request-id"),
				Kind:               "failover",
				Message:            upstreamMsg,
				Detail:             upstreamDetail,
			})

			s.handleFailoverSideEffects(ctx, resp, account)
			return nil, &UpstreamFailoverError{StatusCode: resp.StatusCode}
		}
		return s.handleErrorResponse(ctx, resp, c, account)
	}

	// Handle normal response
	var usage *OpenAIUsage
	var firstTokenMs *int
	if reqStream {
		streamResult, err := s.handleStreamingResponse(ctx, resp, c, account, startTime, originalModel, mappedModel)
		if err != nil {
			return nil, err
		}
		usage = streamResult.usage
		firstTokenMs = streamResult.firstTokenMs
	} else {
		usage, err = s.handleNonStreamingResponse(ctx, resp, c, account, originalModel, mappedModel)
		if err != nil {
			return nil, err
		}
	}

	// Extract and save Codex usage snapshot from response headers (for OAuth accounts)
	if account.Type == AccountTypeOAuth {
		if snapshot := extractCodexUsageHeaders(resp.Header); snapshot != nil {
			s.updateCodexUsageSnapshot(ctx, account.ID, snapshot)
		}
	}

	return &OpenAIForwardResult{
		RequestID:    resp.Header.Get("x-request-id"),
		Usage:        *usage,
		Model:        originalModel,
		Stream:       reqStream,
		Duration:     time.Since(startTime),
		FirstTokenMs: firstTokenMs,
	}, nil
}

func (s *OpenAIGatewayService) buildUpstreamRequest(ctx context.Context, c *gin.Context, account *Account, body []byte, token string, isStream bool, promptCacheKey string, isCodexCLI bool) (*http.Request, error) {
	// Determine target URL based on account type
	var targetURL string
	switch account.Type {
	case AccountTypeOAuth:
		// OAuth accounts use ChatGPT internal API
		targetURL = chatgptCodexURL
	case AccountTypeAPIKey:
		// API Key accounts use Platform API or custom base URL
		baseURL := account.GetOpenAIBaseURL()
		if baseURL == "" {
			targetURL = openaiPlatformAPIURL
		} else {
			validatedURL, err := s.validateUpstreamBaseURL(baseURL)
			if err != nil {
				return nil, err
			}
			targetURL = validatedURL + "/responses"
		}
	default:
		targetURL = openaiPlatformAPIURL
	}

	req, err := http.NewRequestWithContext(ctx, "POST", targetURL, bytes.NewReader(body))
	if err != nil {
		return nil, err
	}

	// Set authentication header
	req.Header.Set("authorization", "Bearer "+token)

	// Set headers specific to OAuth accounts (ChatGPT internal API)
	if account.Type == AccountTypeOAuth {
		// Required: set Host for ChatGPT API (must use req.Host, not Header.Set)
		req.Host = "chatgpt.com"
		// Required: set chatgpt-account-id header
		chatgptAccountID := account.GetChatGPTAccountID()
		if chatgptAccountID != "" {
			req.Header.Set("chatgpt-account-id", chatgptAccountID)
		}
	}

	// Whitelist passthrough headers
	for key, values := range c.Request.Header {
		lowerKey := strings.ToLower(key)
		if openaiAllowedHeaders[lowerKey] {
			for _, v := range values {
				req.Header.Add(key, v)
			}
		}
	}
	if account.Type == AccountTypeOAuth {
		req.Header.Set("OpenAI-Beta", "responses=experimental")
		if isCodexCLI {
			req.Header.Set("originator", "codex_cli_rs")
		} else {
			req.Header.Set("originator", "opencode")
		}
		req.Header.Set("accept", "text/event-stream")
		if promptCacheKey != "" {
			req.Header.Set("conversation_id", promptCacheKey)
			req.Header.Set("session_id", promptCacheKey)
		}
	}

	// Apply custom User-Agent if configured
	customUA := account.GetOpenAIUserAgent()
	if customUA != "" {
		req.Header.Set("user-agent", customUA)
	}

	// Ensure required headers exist
	if req.Header.Get("content-type") == "" {
		req.Header.Set("content-type", "application/json")
	}

	return req, nil
}

func (s *OpenAIGatewayService) handleErrorResponse(ctx context.Context, resp *http.Response, c *gin.Context, account *Account) (*OpenAIForwardResult, error) {
	body, _ := io.ReadAll(io.LimitReader(resp.Body, 2<<20))

	upstreamMsg := strings.TrimSpace(extractUpstreamErrorMessage(body))
	upstreamMsg = sanitizeUpstreamErrorMessage(upstreamMsg)
	upstreamDetail := ""
	if s.cfg != nil && s.cfg.Gateway.LogUpstreamErrorBody {
		maxBytes := s.cfg.Gateway.LogUpstreamErrorBodyMaxBytes
		if maxBytes <= 0 {
			maxBytes = 2048
		}
		upstreamDetail = truncateString(string(body), maxBytes)
	}
	setOpsUpstreamError(c, resp.StatusCode, upstreamMsg, upstreamDetail)

	if s.cfg != nil && s.cfg.Gateway.LogUpstreamErrorBody {
		log.Printf(
			"OpenAI upstream error %d (account=%d platform=%s type=%s): %s",
			resp.StatusCode,
			account.ID,
			account.Platform,
			account.Type,
			truncateForLog(body, s.cfg.Gateway.LogUpstreamErrorBodyMaxBytes),
		)
	}

	// Check custom error codes
	if !account.ShouldHandleErrorCode(resp.StatusCode) {
		appendOpsUpstreamError(c, OpsUpstreamErrorEvent{
			Platform:           account.Platform,
			AccountID:          account.ID,
			AccountName:        account.Name,
			UpstreamStatusCode: resp.StatusCode,
			UpstreamRequestID:  resp.Header.Get("x-request-id"),
			Kind:               "http_error",
			Message:            upstreamMsg,
			Detail:             upstreamDetail,
		})
		c.JSON(http.StatusInternalServerError, gin.H{
			"error": gin.H{
				"type":    "upstream_error",
				"message": "Upstream gateway error",
			},
		})
		if upstreamMsg == "" {
			return nil, fmt.Errorf("upstream error: %d (not in custom error codes)", resp.StatusCode)
		}
		return nil, fmt.Errorf("upstream error: %d (not in custom error codes) message=%s", resp.StatusCode, upstreamMsg)
	}

	// Handle upstream error (mark account status)
	shouldDisable := false
	if s.rateLimitService != nil {
		shouldDisable = s.rateLimitService.HandleUpstreamError(ctx, account, resp.StatusCode, resp.Header, body)
	}
	kind := "http_error"
	if shouldDisable {
		kind = "failover"
	}
	appendOpsUpstreamError(c, OpsUpstreamErrorEvent{
		Platform:           account.Platform,
		AccountID:          account.ID,
		AccountName:        account.Name,
		UpstreamStatusCode: resp.StatusCode,
		UpstreamRequestID:  resp.Header.Get("x-request-id"),
		Kind:               kind,
		Message:            upstreamMsg,
		Detail:             upstreamDetail,
	})
	if shouldDisable {
		return nil, &UpstreamFailoverError{StatusCode: resp.StatusCode}
	}

	// Return appropriate error response
	var errType, errMsg string
	var statusCode int

	switch resp.StatusCode {
	case 401:
		statusCode = http.StatusBadGateway
		errType = "upstream_error"
		errMsg = "Upstream authentication failed, please contact administrator"
	case 402:
		statusCode = http.StatusBadGateway
		errType = "upstream_error"
		errMsg = "Upstream payment required: insufficient balance or billing issue"
	case 403:
		statusCode = http.StatusBadGateway
		errType = "upstream_error"
		errMsg = "Upstream access forbidden, please contact administrator"
	case 429:
		statusCode = http.StatusTooManyRequests
		errType = "rate_limit_error"
		errMsg = "Upstream rate limit exceeded, please retry later"
	default:
		statusCode = http.StatusBadGateway
		errType = "upstream_error"
		errMsg = "Upstream request failed"
	}

	c.JSON(statusCode, gin.H{
		"error": gin.H{
			"type":    errType,
			"message": errMsg,
		},
	})

	if upstreamMsg == "" {
		return nil, fmt.Errorf("upstream error: %d", resp.StatusCode)
	}
	return nil, fmt.Errorf("upstream error: %d message=%s", resp.StatusCode, upstreamMsg)
}

// openaiStreamingResult streaming response result
type openaiStreamingResult struct {
	usage        *OpenAIUsage
	firstTokenMs *int
}

func (s *OpenAIGatewayService) handleStreamingResponse(ctx context.Context, resp *http.Response, c *gin.Context, account *Account, startTime time.Time, originalModel, mappedModel string) (*openaiStreamingResult, error) {
	if s.cfg != nil {
		responseheaders.WriteFilteredHeaders(c.Writer.Header(), resp.Header, s.cfg.Security.ResponseHeaders)
	}

	// Set SSE response headers
	c.Header("Content-Type", "text/event-stream")
	c.Header("Cache-Control", "no-cache")
	c.Header("Connection", "keep-alive")
	c.Header("X-Accel-Buffering", "no")

	// Pass through other headers
	if v := resp.Header.Get("x-request-id"); v != "" {
		c.Header("x-request-id", v)
	}

	w := c.Writer
	flusher, ok := w.(http.Flusher)
	if !ok {
		return nil, errors.New("streaming not supported")
	}

	usage := &OpenAIUsage{}
	var firstTokenMs *int
	scanner := bufio.NewScanner(resp.Body)
	maxLineSize := defaultMaxLineSize
	if s.cfg != nil && s.cfg.Gateway.MaxLineSize > 0 {
		maxLineSize = s.cfg.Gateway.MaxLineSize
	}
	scanner.Buffer(make([]byte, 64*1024), maxLineSize)

	type scanEvent struct {
		line string
		err  error
	}
	// 独立 goroutine 读取上游，避免读取阻塞影响 keepalive/超时处理
	events := make(chan scanEvent, 16)
	done := make(chan struct{})
	sendEvent := func(ev scanEvent) bool {
		select {
		case events <- ev:
			return true
		case <-done:
			return false
		}
	}
	var lastReadAt int64
	atomic.StoreInt64(&lastReadAt, time.Now().UnixNano())
	go func() {
		defer close(events)
		for scanner.Scan() {
			atomic.StoreInt64(&lastReadAt, time.Now().UnixNano())
			if !sendEvent(scanEvent{line: scanner.Text()}) {
				return
			}
		}
		if err := scanner.Err(); err != nil {
			_ = sendEvent(scanEvent{err: err})
		}
	}()
	defer close(done)

	streamInterval := time.Duration(0)
	if s.cfg != nil && s.cfg.Gateway.StreamDataIntervalTimeout > 0 {
		streamInterval = time.Duration(s.cfg.Gateway.StreamDataIntervalTimeout) * time.Second
	}
	// 仅监控上游数据间隔超时，不被下游写入阻塞影响
	var intervalTicker *time.Ticker
	if streamInterval > 0 {
		intervalTicker = time.NewTicker(streamInterval)
		defer intervalTicker.Stop()
	}
	var intervalCh <-chan time.Time
	if intervalTicker != nil {
		intervalCh = intervalTicker.C
	}

	keepaliveInterval := time.Duration(0)
	if s.cfg != nil && s.cfg.Gateway.StreamKeepaliveInterval > 0 {
		keepaliveInterval = time.Duration(s.cfg.Gateway.StreamKeepaliveInterval) * time.Second
	}
	// 下游 keepalive 仅用于防止代理空闲断开
	var keepaliveTicker *time.Ticker
	if keepaliveInterval > 0 {
		keepaliveTicker = time.NewTicker(keepaliveInterval)
		defer keepaliveTicker.Stop()
	}
	var keepaliveCh <-chan time.Time
	if keepaliveTicker != nil {
		keepaliveCh = keepaliveTicker.C
	}
	// 记录上次收到上游数据的时间，用于控制 keepalive 发送频率
	lastDataAt := time.Now()

	// 仅发送一次错误事件，避免多次写入导致协议混乱（写失败时尽力通知客户端）
	errorEventSent := false
	sendErrorEvent := func(reason string) {
		if errorEventSent {
			return
		}
		errorEventSent = true
		_, _ = fmt.Fprintf(w, "event: error\ndata: {\"error\":\"%s\"}\n\n", reason)
		flusher.Flush()
	}

	needModelReplace := originalModel != mappedModel

	for {
		select {
		case ev, ok := <-events:
			if !ok {
				return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, nil
			}
			if ev.err != nil {
				if errors.Is(ev.err, bufio.ErrTooLong) {
					log.Printf("SSE line too long: account=%d max_size=%d error=%v", account.ID, maxLineSize, ev.err)
					sendErrorEvent("response_too_large")
					return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, ev.err
				}
				sendErrorEvent("stream_read_error")
				return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, fmt.Errorf("stream read error: %w", ev.err)
			}

			line := ev.line
			lastDataAt = time.Now()

			// Extract data from SSE line (supports both "data: " and "data:" formats)
			if openaiSSEDataRe.MatchString(line) {
				data := openaiSSEDataRe.ReplaceAllString(line, "")

				// Replace model in response if needed
				if needModelReplace {
					line = s.replaceModelInSSELine(line, mappedModel, originalModel)
				}

				// Correct Codex tool calls if needed (apply_patch -> edit, etc.)
				if correctedData, corrected := s.toolCorrector.CorrectToolCallsInSSEData(data); corrected {
					line = "data: " + correctedData
				}

				// Forward line
				if _, err := fmt.Fprintf(w, "%s\n", line); err != nil {
					sendErrorEvent("write_failed")
					return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, err
				}
				flusher.Flush()

				// Record first token time
				if firstTokenMs == nil && data != "" && data != "[DONE]" {
					ms := int(time.Since(startTime).Milliseconds())
					firstTokenMs = &ms
				}
				s.parseSSEUsage(data, usage)
			} else {
				// Forward non-data lines as-is
				if _, err := fmt.Fprintf(w, "%s\n", line); err != nil {
					sendErrorEvent("write_failed")
					return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, err
				}
				flusher.Flush()
			}

		case <-intervalCh:
			lastRead := time.Unix(0, atomic.LoadInt64(&lastReadAt))
			if time.Since(lastRead) < streamInterval {
				continue
			}
			log.Printf("Stream data interval timeout: account=%d model=%s interval=%s", account.ID, originalModel, streamInterval)
			// 处理流超时，可能标记账户为临时不可调度或错误状态
			if s.rateLimitService != nil {
				s.rateLimitService.HandleStreamTimeout(ctx, account, originalModel)
			}
			sendErrorEvent("stream_timeout")
			return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, fmt.Errorf("stream data interval timeout")

		case <-keepaliveCh:
			if time.Since(lastDataAt) < keepaliveInterval {
				continue
			}
			if _, err := fmt.Fprint(w, ":\n\n"); err != nil {
				return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, err
			}
			flusher.Flush()
		}
	}

}

func (s *OpenAIGatewayService) replaceModelInSSELine(line, fromModel, toModel string) string {
	if !openaiSSEDataRe.MatchString(line) {
		return line
	}
	data := openaiSSEDataRe.ReplaceAllString(line, "")
	if data == "" || data == "[DONE]" {
		return line
	}

	var event map[string]any
	if err := json.Unmarshal([]byte(data), &event); err != nil {
		return line
	}

	// Replace model in response
	if m, ok := event["model"].(string); ok && m == fromModel {
		event["model"] = toModel
		newData, err := json.Marshal(event)
		if err != nil {
			return line
		}
		return "data: " + string(newData)
	}

	// Check nested response
	if response, ok := event["response"].(map[string]any); ok {
		if m, ok := response["model"].(string); ok && m == fromModel {
			response["model"] = toModel
			newData, err := json.Marshal(event)
			if err != nil {
				return line
			}
			return "data: " + string(newData)
		}
	}

	return line
}

// correctToolCallsInResponseBody 修正响应体中的工具调用
func (s *OpenAIGatewayService) correctToolCallsInResponseBody(body []byte) []byte {
	if len(body) == 0 {
		return body
	}

	bodyStr := string(body)
	corrected, changed := s.toolCorrector.CorrectToolCallsInSSEData(bodyStr)
	if changed {
		return []byte(corrected)
	}
	return body
}

func (s *OpenAIGatewayService) parseSSEUsage(data string, usage *OpenAIUsage) {
	// Parse response.completed event for usage (OpenAI Responses format)
	var event struct {
		Type     string `json:"type"`
		Response struct {
			Usage struct {
				InputTokens       int `json:"input_tokens"`
				OutputTokens      int `json:"output_tokens"`
				InputTokenDetails struct {
					CachedTokens int `json:"cached_tokens"`
				} `json:"input_tokens_details"`
			} `json:"usage"`
		} `json:"response"`
	}

	if json.Unmarshal([]byte(data), &event) == nil && event.Type == "response.completed" {
		usage.InputTokens = event.Response.Usage.InputTokens
		usage.OutputTokens = event.Response.Usage.OutputTokens
		usage.CacheReadInputTokens = event.Response.Usage.InputTokenDetails.CachedTokens
	}
}

func (s *OpenAIGatewayService) handleNonStreamingResponse(ctx context.Context, resp *http.Response, c *gin.Context, account *Account, originalModel, mappedModel string) (*OpenAIUsage, error) {
	body, err := io.ReadAll(resp.Body)
	if err != nil {
		return nil, err
	}

	if account.Type == AccountTypeOAuth {
		bodyLooksLikeSSE := bytes.Contains(body, []byte("data:")) || bytes.Contains(body, []byte("event:"))
		if isEventStreamResponse(resp.Header) || bodyLooksLikeSSE {
			return s.handleOAuthSSEToJSON(resp, c, body, originalModel, mappedModel)
		}
	}

	// Parse usage
	var response struct {
		Usage struct {
			InputTokens       int `json:"input_tokens"`
			OutputTokens      int `json:"output_tokens"`
			InputTokenDetails struct {
				CachedTokens int `json:"cached_tokens"`
			} `json:"input_tokens_details"`
		} `json:"usage"`
	}
	if err := json.Unmarshal(body, &response); err != nil {
		return nil, fmt.Errorf("parse response: %w", err)
	}

	usage := &OpenAIUsage{
		InputTokens:          response.Usage.InputTokens,
		OutputTokens:         response.Usage.OutputTokens,
		CacheReadInputTokens: response.Usage.InputTokenDetails.CachedTokens,
	}

	// Replace model in response if needed
	if originalModel != mappedModel {
		body = s.replaceModelInResponseBody(body, mappedModel, originalModel)
	}

	responseheaders.WriteFilteredHeaders(c.Writer.Header(), resp.Header, s.cfg.Security.ResponseHeaders)

	contentType := "application/json"
	if s.cfg != nil && !s.cfg.Security.ResponseHeaders.Enabled {
		if upstreamType := resp.Header.Get("Content-Type"); upstreamType != "" {
			contentType = upstreamType
		}
	}

	c.Data(resp.StatusCode, contentType, body)

	return usage, nil
}

func isEventStreamResponse(header http.Header) bool {
	contentType := strings.ToLower(header.Get("Content-Type"))
	return strings.Contains(contentType, "text/event-stream")
}

func (s *OpenAIGatewayService) handleOAuthSSEToJSON(resp *http.Response, c *gin.Context, body []byte, originalModel, mappedModel string) (*OpenAIUsage, error) {
	bodyText := string(body)
	finalResponse, ok := extractCodexFinalResponse(bodyText)

	usage := &OpenAIUsage{}
	if ok {
		var response struct {
			Usage struct {
				InputTokens       int `json:"input_tokens"`
				OutputTokens      int `json:"output_tokens"`
				InputTokenDetails struct {
					CachedTokens int `json:"cached_tokens"`
				} `json:"input_tokens_details"`
			} `json:"usage"`
		}
		if err := json.Unmarshal(finalResponse, &response); err == nil {
			usage.InputTokens = response.Usage.InputTokens
			usage.OutputTokens = response.Usage.OutputTokens
			usage.CacheReadInputTokens = response.Usage.InputTokenDetails.CachedTokens
		}
		body = finalResponse
		if originalModel != mappedModel {
			body = s.replaceModelInResponseBody(body, mappedModel, originalModel)
		}
		// Correct tool calls in final response
		body = s.correctToolCallsInResponseBody(body)
	} else {
		usage = s.parseSSEUsageFromBody(bodyText)
		if originalModel != mappedModel {
			bodyText = s.replaceModelInSSEBody(bodyText, mappedModel, originalModel)
		}
		body = []byte(bodyText)
	}

	responseheaders.WriteFilteredHeaders(c.Writer.Header(), resp.Header, s.cfg.Security.ResponseHeaders)

	contentType := "application/json; charset=utf-8"
	if !ok {
		contentType = resp.Header.Get("Content-Type")
		if contentType == "" {
			contentType = "text/event-stream"
		}
	}
	c.Data(resp.StatusCode, contentType, body)

	return usage, nil
}

func extractCodexFinalResponse(body string) ([]byte, bool) {
	lines := strings.Split(body, "\n")
	for _, line := range lines {
		if !openaiSSEDataRe.MatchString(line) {
			continue
		}
		data := openaiSSEDataRe.ReplaceAllString(line, "")
		if data == "" || data == "[DONE]" {
			continue
		}
		var event struct {
			Type     string          `json:"type"`
			Response json.RawMessage `json:"response"`
		}
		if json.Unmarshal([]byte(data), &event) != nil {
			continue
		}
		if event.Type == "response.done" || event.Type == "response.completed" {
			if len(event.Response) > 0 {
				return event.Response, true
			}
		}
	}
	return nil, false
}

func (s *OpenAIGatewayService) parseSSEUsageFromBody(body string) *OpenAIUsage {
	usage := &OpenAIUsage{}
	lines := strings.Split(body, "\n")
	for _, line := range lines {
		if !openaiSSEDataRe.MatchString(line) {
			continue
		}
		data := openaiSSEDataRe.ReplaceAllString(line, "")
		if data == "" || data == "[DONE]" {
			continue
		}
		s.parseSSEUsage(data, usage)
	}
	return usage
}

func (s *OpenAIGatewayService) replaceModelInSSEBody(body, fromModel, toModel string) string {
	lines := strings.Split(body, "\n")
	for i, line := range lines {
		if !openaiSSEDataRe.MatchString(line) {
			continue
		}
		lines[i] = s.replaceModelInSSELine(line, fromModel, toModel)
	}
	return strings.Join(lines, "\n")
}

func (s *OpenAIGatewayService) validateUpstreamBaseURL(raw string) (string, error) {
	if s.cfg != nil && !s.cfg.Security.URLAllowlist.Enabled {
		normalized, err := urlvalidator.ValidateURLFormat(raw, s.cfg.Security.URLAllowlist.AllowInsecureHTTP)
		if err != nil {
			return "", fmt.Errorf("invalid base_url: %w", err)
		}
		return normalized, nil
	}
	normalized, err := urlvalidator.ValidateHTTPSURL(raw, urlvalidator.ValidationOptions{
		AllowedHosts:     s.cfg.Security.URLAllowlist.UpstreamHosts,
		RequireAllowlist: true,
		AllowPrivate:     s.cfg.Security.URLAllowlist.AllowPrivateHosts,
	})
	if err != nil {
		return "", fmt.Errorf("invalid base_url: %w", err)
	}
	return normalized, nil
}

func (s *OpenAIGatewayService) replaceModelInResponseBody(body []byte, fromModel, toModel string) []byte {
	var resp map[string]any
	if err := json.Unmarshal(body, &resp); err != nil {
		return body
	}

	model, ok := resp["model"].(string)
	if !ok || model != fromModel {
		return body
	}

	resp["model"] = toModel
	newBody, err := json.Marshal(resp)
	if err != nil {
		return body
	}

	return newBody
}

// OpenAIRecordUsageInput input for recording usage
type OpenAIRecordUsageInput struct {
	Result       *OpenAIForwardResult
	APIKey       *APIKey
	User         *User
	Account      *Account
	Subscription *UserSubscription
	UserAgent    string // 请求的 User-Agent
	IPAddress    string // 请求的客户端 IP 地址
}

// RecordUsage records usage and deducts balance
func (s *OpenAIGatewayService) RecordUsage(ctx context.Context, input *OpenAIRecordUsageInput) error {
	result := input.Result
	apiKey := input.APIKey
	user := input.User
	account := input.Account
	subscription := input.Subscription

	// 计算实际的新输入token（减去缓存读取的token）
	// 因为 input_tokens 包含了 cache_read_tokens，而缓存读取的token不应按输入价格计费
	actualInputTokens := result.Usage.InputTokens - result.Usage.CacheReadInputTokens
	if actualInputTokens < 0 {
		actualInputTokens = 0
	}

	// Calculate cost
	tokens := UsageTokens{
		InputTokens:         actualInputTokens,
		OutputTokens:        result.Usage.OutputTokens,
		CacheCreationTokens: result.Usage.CacheCreationInputTokens,
		CacheReadTokens:     result.Usage.CacheReadInputTokens,
	}

	// Get rate multiplier
	multiplier := s.cfg.Default.RateMultiplier
	if apiKey.GroupID != nil && apiKey.Group != nil {
		multiplier = apiKey.Group.RateMultiplier
	}

	cost, err := s.billingService.CalculateCost(result.Model, tokens, multiplier)
	if err != nil {
		cost = &CostBreakdown{ActualCost: 0}
	}

	// Determine billing type
	isSubscriptionBilling := subscription != nil && apiKey.Group != nil && apiKey.Group.IsSubscriptionType()
	billingType := BillingTypeBalance
	if isSubscriptionBilling {
		billingType = BillingTypeSubscription
	}

	// Create usage log
	durationMs := int(result.Duration.Milliseconds())
	accountRateMultiplier := account.BillingRateMultiplier()
	usageLog := &UsageLog{
		UserID:                user.ID,
		APIKeyID:              apiKey.ID,
		AccountID:             account.ID,
		RequestID:             result.RequestID,
		Model:                 result.Model,
		InputTokens:           actualInputTokens,
		OutputTokens:          result.Usage.OutputTokens,
		CacheCreationTokens:   result.Usage.CacheCreationInputTokens,
		CacheReadTokens:       result.Usage.CacheReadInputTokens,
		InputCost:             cost.InputCost,
		OutputCost:            cost.OutputCost,
		CacheCreationCost:     cost.CacheCreationCost,
		CacheReadCost:         cost.CacheReadCost,
		TotalCost:             cost.TotalCost,
		ActualCost:            cost.ActualCost,
		RateMultiplier:        multiplier,
		AccountRateMultiplier: &accountRateMultiplier,
		BillingType:           billingType,
		Stream:                result.Stream,
		DurationMs:            &durationMs,
		FirstTokenMs:          result.FirstTokenMs,
		CreatedAt:             time.Now(),
	}

	// 添加 UserAgent
	if input.UserAgent != "" {
		usageLog.UserAgent = &input.UserAgent
	}

	// 添加 IPAddress
	if input.IPAddress != "" {
		usageLog.IPAddress = &input.IPAddress
	}

	if apiKey.GroupID != nil {
		usageLog.GroupID = apiKey.GroupID
	}
	if subscription != nil {
		usageLog.SubscriptionID = &subscription.ID
	}

	inserted, err := s.usageLogRepo.Create(ctx, usageLog)
	if s.cfg != nil && s.cfg.RunMode == config.RunModeSimple {
		log.Printf("[SIMPLE MODE] Usage recorded (not billed): user=%d, tokens=%d", usageLog.UserID, usageLog.TotalTokens())
		s.deferredService.ScheduleLastUsedUpdate(account.ID)
		return nil
	}

	shouldBill := inserted || err != nil

	// Deduct based on billing type
	if isSubscriptionBilling {
		if shouldBill && cost.TotalCost > 0 {
			_ = s.userSubRepo.IncrementUsage(ctx, subscription.ID, cost.TotalCost)
			s.billingCacheService.QueueUpdateSubscriptionUsage(user.ID, *apiKey.GroupID, cost.TotalCost)
		}
	} else {
		if shouldBill && cost.ActualCost > 0 {
			_ = s.userRepo.DeductBalance(ctx, user.ID, cost.ActualCost)
			s.billingCacheService.QueueDeductBalance(user.ID, cost.ActualCost)
		}
	}

	// Schedule batch update for account last_used_at
	s.deferredService.ScheduleLastUsedUpdate(account.ID)

	return nil
}

// extractCodexUsageHeaders extracts Codex usage limits from response headers
func extractCodexUsageHeaders(headers http.Header) *OpenAICodexUsageSnapshot {
	snapshot := &OpenAICodexUsageSnapshot{}
	hasData := false

	// Helper to parse float64 from header
	parseFloat := func(key string) *float64 {
		if v := headers.Get(key); v != "" {
			if f, err := strconv.ParseFloat(v, 64); err == nil {
				return &f
			}
		}
		return nil
	}

	// Helper to parse int from header
	parseInt := func(key string) *int {
		if v := headers.Get(key); v != "" {
			if i, err := strconv.Atoi(v); err == nil {
				return &i
			}
		}
		return nil
	}

	// Primary (weekly) limits
	if v := parseFloat("x-codex-primary-used-percent"); v != nil {
		snapshot.PrimaryUsedPercent = v
		hasData = true
	}
	if v := parseInt("x-codex-primary-reset-after-seconds"); v != nil {
		snapshot.PrimaryResetAfterSeconds = v
		hasData = true
	}
	if v := parseInt("x-codex-primary-window-minutes"); v != nil {
		snapshot.PrimaryWindowMinutes = v
		hasData = true
	}

	// Secondary (5h) limits
	if v := parseFloat("x-codex-secondary-used-percent"); v != nil {
		snapshot.SecondaryUsedPercent = v
		hasData = true
	}
	if v := parseInt("x-codex-secondary-reset-after-seconds"); v != nil {
		snapshot.SecondaryResetAfterSeconds = v
		hasData = true
	}
	if v := parseInt("x-codex-secondary-window-minutes"); v != nil {
		snapshot.SecondaryWindowMinutes = v
		hasData = true
	}

	// Overflow ratio
	if v := parseFloat("x-codex-primary-over-secondary-limit-percent"); v != nil {
		snapshot.PrimaryOverSecondaryPercent = v
		hasData = true
	}

	if !hasData {
		return nil
	}

	snapshot.UpdatedAt = time.Now().Format(time.RFC3339)
	return snapshot
}

// updateCodexUsageSnapshot saves the Codex usage snapshot to account's Extra field
func (s *OpenAIGatewayService) updateCodexUsageSnapshot(ctx context.Context, accountID int64, snapshot *OpenAICodexUsageSnapshot) {
	if snapshot == nil {
		return
	}

	// Convert snapshot to map for merging into Extra
	updates := make(map[string]any)
	if snapshot.PrimaryUsedPercent != nil {
		updates["codex_primary_used_percent"] = *snapshot.PrimaryUsedPercent
	}
	if snapshot.PrimaryResetAfterSeconds != nil {
		updates["codex_primary_reset_after_seconds"] = *snapshot.PrimaryResetAfterSeconds
	}
	if snapshot.PrimaryWindowMinutes != nil {
		updates["codex_primary_window_minutes"] = *snapshot.PrimaryWindowMinutes
	}
	if snapshot.SecondaryUsedPercent != nil {
		updates["codex_secondary_used_percent"] = *snapshot.SecondaryUsedPercent
	}
	if snapshot.SecondaryResetAfterSeconds != nil {
		updates["codex_secondary_reset_after_seconds"] = *snapshot.SecondaryResetAfterSeconds
	}
	if snapshot.SecondaryWindowMinutes != nil {
		updates["codex_secondary_window_minutes"] = *snapshot.SecondaryWindowMinutes
	}
	if snapshot.PrimaryOverSecondaryPercent != nil {
		updates["codex_primary_over_secondary_percent"] = *snapshot.PrimaryOverSecondaryPercent
	}
	updates["codex_usage_updated_at"] = snapshot.UpdatedAt

	// Normalize to canonical 5h/7d fields based on window_minutes
	// This fixes the issue where OpenAI's primary/secondary naming is reversed
	// Strategy: Compare the two windows and assign the smaller one to 5h, larger one to 7d

	// IMPORTANT: We can only reliably determine window type from window_minutes field
	// The reset_after_seconds is remaining time, not window size, so it cannot be used for comparison

	var primaryWindowMins, secondaryWindowMins int
	var hasPrimaryWindow, hasSecondaryWindow bool

	// Only use window_minutes for reliable window size comparison
	if snapshot.PrimaryWindowMinutes != nil {
		primaryWindowMins = *snapshot.PrimaryWindowMinutes
		hasPrimaryWindow = true
	}

	if snapshot.SecondaryWindowMinutes != nil {
		secondaryWindowMins = *snapshot.SecondaryWindowMinutes
		hasSecondaryWindow = true
	}

	// Determine which is 5h and which is 7d
	var use5hFromPrimary, use7dFromPrimary bool
	var use5hFromSecondary, use7dFromSecondary bool

	if hasPrimaryWindow && hasSecondaryWindow {
		// Both window sizes known: compare and assign smaller to 5h, larger to 7d
		if primaryWindowMins < secondaryWindowMins {
			use5hFromPrimary = true
			use7dFromSecondary = true
		} else {
			use5hFromSecondary = true
			use7dFromPrimary = true
		}
	} else if hasPrimaryWindow {
		// Only primary window size known: classify by absolute threshold
		if primaryWindowMins <= 360 {
			use5hFromPrimary = true
		} else {
			use7dFromPrimary = true
		}
	} else if hasSecondaryWindow {
		// Only secondary window size known: classify by absolute threshold
		if secondaryWindowMins <= 360 {
			use5hFromSecondary = true
		} else {
			use7dFromSecondary = true
		}
	} else {
		// No window_minutes available: cannot reliably determine window types
		// Fall back to legacy assumption (may be incorrect)
		// Assume primary=7d, secondary=5h based on historical observation
		if snapshot.SecondaryUsedPercent != nil || snapshot.SecondaryResetAfterSeconds != nil || snapshot.SecondaryWindowMinutes != nil {
			use5hFromSecondary = true
		}
		if snapshot.PrimaryUsedPercent != nil || snapshot.PrimaryResetAfterSeconds != nil || snapshot.PrimaryWindowMinutes != nil {
			use7dFromPrimary = true
		}
	}

	// Write canonical 5h fields
	if use5hFromPrimary {
		if snapshot.PrimaryUsedPercent != nil {
			updates["codex_5h_used_percent"] = *snapshot.PrimaryUsedPercent
		}
		if snapshot.PrimaryResetAfterSeconds != nil {
			updates["codex_5h_reset_after_seconds"] = *snapshot.PrimaryResetAfterSeconds
		}
		if snapshot.PrimaryWindowMinutes != nil {
			updates["codex_5h_window_minutes"] = *snapshot.PrimaryWindowMinutes
		}
	} else if use5hFromSecondary {
		if snapshot.SecondaryUsedPercent != nil {
			updates["codex_5h_used_percent"] = *snapshot.SecondaryUsedPercent
		}
		if snapshot.SecondaryResetAfterSeconds != nil {
			updates["codex_5h_reset_after_seconds"] = *snapshot.SecondaryResetAfterSeconds
		}
		if snapshot.SecondaryWindowMinutes != nil {
			updates["codex_5h_window_minutes"] = *snapshot.SecondaryWindowMinutes
		}
	}

	// Write canonical 7d fields
	if use7dFromPrimary {
		if snapshot.PrimaryUsedPercent != nil {
			updates["codex_7d_used_percent"] = *snapshot.PrimaryUsedPercent
		}
		if snapshot.PrimaryResetAfterSeconds != nil {
			updates["codex_7d_reset_after_seconds"] = *snapshot.PrimaryResetAfterSeconds
		}
		if snapshot.PrimaryWindowMinutes != nil {
			updates["codex_7d_window_minutes"] = *snapshot.PrimaryWindowMinutes
		}
	} else if use7dFromSecondary {
		if snapshot.SecondaryUsedPercent != nil {
			updates["codex_7d_used_percent"] = *snapshot.SecondaryUsedPercent
		}
		if snapshot.SecondaryResetAfterSeconds != nil {
			updates["codex_7d_reset_after_seconds"] = *snapshot.SecondaryResetAfterSeconds
		}
		if snapshot.SecondaryWindowMinutes != nil {
			updates["codex_7d_window_minutes"] = *snapshot.SecondaryWindowMinutes
		}
	}

	// Update account's Extra field asynchronously
	go func() {
		updateCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
		defer cancel()
		_ = s.accountRepo.UpdateExtra(updateCtx, accountID, updates)
	}()
}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+								package service
 								import (
 									"bufio"
 									"bytes"
 									"context"
 									"crypto/sha256"
 									"encoding/hex"
 									"encoding/json"
 									"errors"
 									"fmt"
 									"io"
-												feat(全栈): 实现简易模式核心功能

**功能概述**：
实现简易模式(Simple Mode)，为个人用户和小团队提供简化的使用体验，隐藏复杂的分组、订阅、配额等概念。

**后端改动**：
1. 配置系统
   - 新增 run_mode 配置项（standard/simple）
   - 支持环境变量 RUN_MODE
   - 默认值为 standard

2. 数据库初始化
   - 自动创建3个默认分组：anthropic-default、openai-default、gemini-default
   - 默认分组配置：无并发限制、active状态、非独占
   - 幂等性保证：重复启动不会重复创建

3. 账号管理
   - 创建账号时自动绑定对应平台的默认分组
   - 如果未指定分组，自动查找并绑定默认分组

**前端改动**：
1. 状态管理
   - authStore 新增 isSimpleMode 计算属性
   - 从后端API获取并同步运行模式

2. UI隐藏
   - 侧边栏：隐藏分组管理、订阅管理、兑换码菜单
   - 账号管理页面：隐藏分组列
   - 创建/编辑账号对话框：隐藏分组选择器

3. 路由守卫
   - 限制访问分组、订阅、兑换码相关页面
   - 访问受限页面时自动重定向到仪表板

**配置示例**：
```yaml
run_mode: simple

run_mode: standard
```

**影响范围**：
- 后端：配置、数据库迁移、账号服务
- 前端：认证状态、路由、UI组件
- 部署：配置文件示例

**兼容性**：
- 简易模式和标准模式可无缝切换
- 不需要数据迁移
- 现有数据不受影响

											
										
										
											2025-12-29 03:17:25 +08:00
+									"log"
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									"net/http"
-												fix(sse): 修复非标准 SSE 格式解析问题

部分上游 API 返回的 SSE 格式不符合标准规范：
- 标准格式: `data: {...}`（冒号后有空格）
- 非标准格式: `data:{...}`（冒号后无空格）

使用预编译正则 `^data:\s*` 统一处理两种格式。

											
										
										
											2025-12-26 03:49:55 -08:00
+									"regexp"
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+									"sort"
-												feat: OpenAI OAuth账号显示Codex使用量

从响应头提取x-codex-*使用量信息并保存到账号Extra字段，
前端账号列表展示5h/7d窗口的使用进度条。

											
										
										
											2025-12-23 16:26:07 +08:00
+									"strconv"
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									"strings"
-												fix(流式): 以上游读取判定超时并调大事件缓冲

- 以读取时间戳判定流式间隔超时，避免下游阻塞误判
- antigravity 流式读取使用 MaxLineSize 配置
- 事件通道缓冲提升到 16

测试: go test ./...

											
										
										
											2026-01-04 20:19:07 +08:00
+									"sync/atomic"
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									"time"
-												refactor: 重命名 go module

											
										
										
											2025-12-24 21:07:21 +08:00
+									"github.com/Wei-Shaw/sub2api/internal/config"
-												Make Codex CLI passthrough

											
										
										
											2026-01-10 03:12:56 +08:00
+									"github.com/Wei-Shaw/sub2api/internal/pkg/openai"
-												feat(安全): 强化安全策略与配置校验

- 增加 CORS/CSP/安全响应头与代理信任配置

- 引入 URL 白名单与私网开关，校验上游与价格源

- 改善 API Key 处理与网关错误返回

- 管理端设置隐藏敏感字段并优化前端提示

- 增加计费熔断与相关配置示例

测试: go test ./...

											
										
										
											2026-01-02 17:40:57 +08:00
+									"github.com/Wei-Shaw/sub2api/internal/util/responseheaders"
 									"github.com/Wei-Shaw/sub2api/internal/util/urlvalidator"
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									"github.com/gin-gonic/gin"
 								)
 								const (
 									// ChatGPT internal API for OAuth accounts
 									chatgptCodexURL = "https://chatgpt.com/backend-api/codex/responses"
 									// OpenAI Platform API for API Key accounts (fallback)
 									openaiPlatformAPIURL   = "https://api.openai.com/v1/responses"
 									openaiStickySessionTTL = time.Hour // 粘性会话TTL
 								)
-												fix(sse): 修复非标准 SSE 格式解析问题

部分上游 API 返回的 SSE 格式不符合标准规范：
- 标准格式: `data: {...}`（冒号后有空格）
- 非标准格式: `data:{...}`（冒号后无空格）

使用预编译正则 `^data:\s*` 统一处理两种格式。

											
										
										
											2025-12-26 03:49:55 -08:00
+								// openaiSSEDataRe matches SSE data lines with optional whitespace after colon.
 								// Some upstream APIs return non-standard "data:" without space (should be "data: ").
 								var openaiSSEDataRe = regexp.MustCompile(`^data:\s*`)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+								// OpenAI allowed headers whitelist (for non-OAuth accounts)
 								var openaiAllowedHeaders = map[string]bool{
 									"accept-language": true,
 									"content-type":    true,
-												fix(openai): 增强 OpenCode 兼容性和模型规范化

## 主要改动

1. **模型规范化扩展到所有账号**
   - 将 Codex 模型规范化（如 gpt-5-nano → gpt-5.1）应用到所有 OpenAI 账号类型
   - 不再仅限于 OAuth 非 CLI 请求
   - 解决 Codex CLI 使用 ChatGPT 账号时的模型兼容性问题

2. **reasoning.effort 参数规范化**
   - 自动将 `minimal` 转换为 `none`
   - 解决 gpt-5.1 模型不支持 `minimal` 值的问题

3. **Session/Conversation ID fallback 机制**
   - 从请求体多个字段提取 session_id/conversation_id
   - 优先级：prompt_cache_key → session_id → conversation_id → previous_response_id
   - 支持 Codex CLI 的会话保持

4. **Tool Call ID fallback**
   - 当 call_id 为空时使用 id 字段作为 fallback
   - 确保 tool call 输出能正确匹配
   - 保留 item_reference 类型的 items

5. **Header 优化**
   - 添加 conversation_id 到允许的 headers
   - 移除删除 session headers 的逻辑

## 相关 Issue
- 参考 OpenCode issue #3118 关于 item_reference 的讨论

											
										
										
											2026-01-12 20:18:53 -08:00
+									"conversation_id": true,
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									"user-agent":      true,
 									"originator":      true,
 									"session_id":      true,
 								}
-												feat: OpenAI OAuth账号显示Codex使用量

从响应头提取x-codex-*使用量信息并保存到账号Extra字段，
前端账号列表展示5h/7d窗口的使用进度条。

											
										
										
											2025-12-23 16:26:07 +08:00
+								// OpenAICodexUsageSnapshot represents Codex API usage limits from response headers
 								type OpenAICodexUsageSnapshot struct {
 									PrimaryUsedPercent          *float64 `json:"primary_used_percent,omitempty"`
 									PrimaryResetAfterSeconds    *int     `json:"primary_reset_after_seconds,omitempty"`
 									PrimaryWindowMinutes        *int     `json:"primary_window_minutes,omitempty"`
 									SecondaryUsedPercent        *float64 `json:"secondary_used_percent,omitempty"`
 									SecondaryResetAfterSeconds  *int     `json:"secondary_reset_after_seconds,omitempty"`
 									SecondaryWindowMinutes      *int     `json:"secondary_window_minutes,omitempty"`
 									PrimaryOverSecondaryPercent *float64 `json:"primary_over_secondary_percent,omitempty"`
 									UpdatedAt                   string   `json:"updated_at,omitempty"`
 								}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+								// OpenAIUsage represents OpenAI API response usage
 								type OpenAIUsage struct {
 									InputTokens              int `json:"input_tokens"`
 									OutputTokens             int `json:"output_tokens"`
 									CacheCreationInputTokens int `json:"cache_creation_input_tokens,omitempty"`
 									CacheReadInputTokens     int `json:"cache_read_input_tokens,omitempty"`
 								}
 								// OpenAIForwardResult represents the result of forwarding
 								type OpenAIForwardResult struct {
 									RequestID    string
 									Usage        OpenAIUsage
 									Model        string
 									Stream       bool
 									Duration     time.Duration
 									FirstTokenMs *int
 								}
 								// OpenAIGatewayService handles OpenAI API gateway operations
 								type OpenAIGatewayService struct {
-												style: 修复 gofmt 格式化问题

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

											
										
										
											2026-01-15 19:42:18 +08:00
+									accountRepo         AccountRepository
 									usageLogRepo        UsageLogRepository
 									userRepo            UserRepository
 									userSubRepo         UserSubscriptionRepository
 									cache               GatewayCache
 									cfg                 *config.Config
 									schedulerSnapshot   *SchedulerSnapshotService
 									concurrencyService  *ConcurrencyService
 									billingService      *BillingService
 									rateLimitService    *RateLimitService
 									billingCacheService *BillingCacheService
 									httpUpstream        HTTPUpstream
 									deferredService     *DeferredService
 									openAITokenProvider *OpenAITokenProvider
-												feat(openai): 添加Codex工具调用自动修正功能

实现了完整的Codex工具调用拦截和自动修正系统，解决OpenCode使用Codex模型时的工具调用兼容性问题。

**核心功能:**

1. **工具名称自动映射**
   - apply_patch/applyPatch → edit
   - update_plan/updatePlan → todowrite
   - read_plan/readPlan → todoread
   - search_files/searchFiles → grep
   - list_files/listFiles → glob
   - read_file/readFile → read
   - write_file/writeFile → write
   - execute_bash/executeBash/exec_bash/execBash → bash

2. **工具参数自动修正**
   - bash: 自动移除不支持的 workdir/work_dir 参数
   - edit: 自动将 path 参数重命名为 file_path
   - 支持 JSON 字符串和对象两种参数格式

3. **流式响应集成**
   - 在 SSE 数据流中实时修正工具调用
   - 支持多种 JSON 结构（tool_calls, function_call, delta, choices等）
   - 不影响响应性能和用户体验

4. **统计和监控**
   - 记录每次工具修正的详细信息
   - 提供修正统计数据查询
   - 便于问题排查和性能优化

**实现文件:**
- `openai_tool_corrector.go`: 工具修正核心逻辑（250行）
- `openai_tool_corrector_test.go`: 完整的单元测试（380+行）
- `openai_gateway_service.go`: 流式响应集成
- `openai_gateway_service_tool_correction_test.go`: 集成测试

**测试覆盖:**
- 工具名称映射测试（18个映射规则）
- 参数修正测试（bash workdir、edit path等）
- SSE数据修正测试（多种JSON结构）
- 统计功能测试
- 所有测试通过 ✅

**解决的问题:**
修复了 OpenCode 使用 sub2api 中转 Codex 时，因工具名称和参数不兼容导致的工具调用失败问题。
Codex 模型有时会忽略指令文件中的工具映射说明，导致调用不存在的工具（如 apply_patch）。
现在通过流式响应拦截，自动将错误的工具调用修正为 OpenCode 兼容的格式。

**参考文档:**
- OpenCode 工具规范: https://opencode.ai/docs/
- Codex Bridge 指令: backend/internal/service/prompts/codex_opencode_bridge.txt

											
										
										
											2026-01-15 23:52:50 +08:00
+									toolCorrector       *CodexToolCorrector
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+								}
 								// NewOpenAIGatewayService creates a new OpenAIGatewayService
 								func NewOpenAIGatewayService(
-												refactor: 删除 ports 目录

											
										
										
											2025-12-25 17:15:01 +08:00
+									accountRepo AccountRepository,
 									usageLogRepo UsageLogRepository,
 									userRepo UserRepository,
 									userSubRepo UserSubscriptionRepository,
 									cache GatewayCache,
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									cfg *config.Config,
-												feat(scheduler): 引入调度快照缓存与 outbox 回放

- 调度热路径优先读 Redis 快照，保留分组排序语义
- outbox 回放 + 全量重建纠偏，失败重试不推进水位
- 自动 Atlas 基线对齐并同步调度配置示例

											
										
										
											2026-01-12 14:19:06 +08:00
+									schedulerSnapshot *SchedulerSnapshotService,
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+									concurrencyService *ConcurrencyService,
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									billingService *BillingService,
 									rateLimitService *RateLimitService,
 									billingCacheService *BillingCacheService,
-												refactor: 删除 ports 目录

											
										
										
											2025-12-25 17:15:01 +08:00
+									httpUpstream HTTPUpstream,
-												feat: Schedule batch update for account last_used_at

Implement deferred batch update mechanism to reduce database load:

- Add DeferredService for batching account last_used_at updates
- Add TimingWheelService for efficient recurring task scheduling
- Integrate with GatewayService and OpenAIGatewayService
- Implement BatchUpdateLastUsed repository method using CASE...WHEN SQL
- Fix golangci-lint error: Replace interface{} with any

Benefits:
- Reduces database writes by batching updates (10-second intervals)
- Improves request throughput by deferring non-critical updates
- Maintains accurate account usage tracking for scheduling

											
										
										
											2025-12-28 08:07:15 +08:00
+									deferredService *DeferredService,
-												feat(网关): 引入 OpenAI/Claude OAuth token 缓存

新增 OpenAI/Claude TokenProvider 与缓存键生成
扩展 OAuth 缓存失效覆盖更多平台
统一 OAuth 缓存前缀与依赖注入

											
										
										
											2026-01-15 18:27:06 +08:00
+									openAITokenProvider *OpenAITokenProvider,
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+								) *OpenAIGatewayService {
 									return &OpenAIGatewayService{
-												style: 修复 gofmt 格式化问题

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

											
										
										
											2026-01-15 19:42:18 +08:00
+										accountRepo:         accountRepo,
 										usageLogRepo:        usageLogRepo,
 										userRepo:            userRepo,
 										userSubRepo:         userSubRepo,
 										cache:               cache,
 										cfg:                 cfg,
 										schedulerSnapshot:   schedulerSnapshot,
 										concurrencyService:  concurrencyService,
 										billingService:      billingService,
 										rateLimitService:    rateLimitService,
 										billingCacheService: billingCacheService,
 										httpUpstream:        httpUpstream,
 										deferredService:     deferredService,
 										openAITokenProvider: openAITokenProvider,
-												feat(openai): 添加Codex工具调用自动修正功能

实现了完整的Codex工具调用拦截和自动修正系统，解决OpenCode使用Codex模型时的工具调用兼容性问题。

**核心功能:**

1. **工具名称自动映射**
   - apply_patch/applyPatch → edit
   - update_plan/updatePlan → todowrite
   - read_plan/readPlan → todoread
   - search_files/searchFiles → grep
   - list_files/listFiles → glob
   - read_file/readFile → read
   - write_file/writeFile → write
   - execute_bash/executeBash/exec_bash/execBash → bash

2. **工具参数自动修正**
   - bash: 自动移除不支持的 workdir/work_dir 参数
   - edit: 自动将 path 参数重命名为 file_path
   - 支持 JSON 字符串和对象两种参数格式

3. **流式响应集成**
   - 在 SSE 数据流中实时修正工具调用
   - 支持多种 JSON 结构（tool_calls, function_call, delta, choices等）
   - 不影响响应性能和用户体验

4. **统计和监控**
   - 记录每次工具修正的详细信息
   - 提供修正统计数据查询
   - 便于问题排查和性能优化

**实现文件:**
- `openai_tool_corrector.go`: 工具修正核心逻辑（250行）
- `openai_tool_corrector_test.go`: 完整的单元测试（380+行）
- `openai_gateway_service.go`: 流式响应集成
- `openai_gateway_service_tool_correction_test.go`: 集成测试

**测试覆盖:**
- 工具名称映射测试（18个映射规则）
- 参数修正测试（bash workdir、edit path等）
- SSE数据修正测试（多种JSON结构）
- 统计功能测试
- 所有测试通过 ✅

**解决的问题:**
修复了 OpenCode 使用 sub2api 中转 Codex 时，因工具名称和参数不兼容导致的工具调用失败问题。
Codex 模型有时会忽略指令文件中的工具映射说明，导致调用不存在的工具（如 apply_patch）。
现在通过流式响应拦截，自动将错误的工具调用修正为 OpenCode 兼容的格式。

**参考文档:**
- OpenCode 工具规范: https://opencode.ai/docs/
- Codex Bridge 指令: backend/internal/service/prompts/codex_opencode_bridge.txt

											
										
										
											2026-01-15 23:52:50 +08:00
+										toolCorrector:       NewCodexToolCorrector(),
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									}
 								}
 								// GenerateSessionHash generates session hash from header (OpenAI uses session_id header)
 								func (s *OpenAIGatewayService) GenerateSessionHash(c *gin.Context) string {
 									sessionID := c.GetHeader("session_id")
 									if sessionID == "" {
 										return ""
 									}
 									hash := sha256.Sum256([]byte(sessionID))
 									return hex.EncodeToString(hash[:])
 								}
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+								// BindStickySession sets session -> account binding with standard TTL.
-												feat(groups): add Claude Code client restriction and session isolation

- Add claude_code_only field to restrict groups to Claude Code clients only
- Add fallback_group_id for non-Claude Code requests to use alternate group
- Implement ClaudeCodeValidator for User-Agent detection
- Add group-level session binding isolation (groupID in Redis key)
- Prevent cross-group sticky session pollution
- Update frontend with Claude Code restriction controls

											
										
										
											2026-01-08 23:07:00 +08:00
+								func (s *OpenAIGatewayService) BindStickySession(ctx context.Context, groupID *int64, sessionHash string, accountID int64) error {
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+									if sessionHash == "" || accountID <= 0 {
 										return nil
 									}
-												feat(groups): add Claude Code client restriction and session isolation

- Add claude_code_only field to restrict groups to Claude Code clients only
- Add fallback_group_id for non-Claude Code requests to use alternate group
- Implement ClaudeCodeValidator for User-Agent detection
- Add group-level session binding isolation (groupID in Redis key)
- Prevent cross-group sticky session pollution
- Update frontend with Claude Code restriction controls

											
										
										
											2026-01-08 23:07:00 +08:00
+									return s.cache.SetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash, accountID, openaiStickySessionTTL)
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+								}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+								// SelectAccount selects an OpenAI account with sticky session support
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+								func (s *OpenAIGatewayService) SelectAccount(ctx context.Context, groupID *int64, sessionHash string) (*Account, error) {
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									return s.SelectAccountForModel(ctx, groupID, sessionHash, "")
 								}
 								// SelectAccountForModel selects an account supporting the requested model
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+								func (s *OpenAIGatewayService) SelectAccountForModel(ctx context.Context, groupID *int64, sessionHash string, requestedModel string) (*Account, error) {
-												feat: cc/codex support account retry

											
										
										
											2025-12-27 11:44:00 +08:00
+									return s.SelectAccountForModelWithExclusions(ctx, groupID, sessionHash, requestedModel, nil)
 								}
 								// SelectAccountForModelWithExclusions selects an account supporting the requested model while excluding specified accounts.
 								func (s *OpenAIGatewayService) SelectAccountForModelWithExclusions(ctx context.Context, groupID *int64, sessionHash string, requestedModel string, excludedIDs map[int64]struct{}) (*Account, error) {
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									// 1. Check sticky session
 									if sessionHash != "" {
-												feat(groups): add Claude Code client restriction and session isolation

- Add claude_code_only field to restrict groups to Claude Code clients only
- Add fallback_group_id for non-Claude Code requests to use alternate group
- Implement ClaudeCodeValidator for User-Agent detection
- Add group-level session binding isolation (groupID in Redis key)
- Prevent cross-group sticky session pollution
- Update frontend with Claude Code restriction controls

											
										
										
											2026-01-08 23:07:00 +08:00
+										accountID, err := s.cache.GetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										if err == nil && accountID > 0 {
-												feat: cc/codex support account retry

											
										
										
											2025-12-27 11:44:00 +08:00
+											if _, excluded := excludedIDs[accountID]; !excluded {
-												feat(scheduler): 引入调度快照缓存与 outbox 回放

- 调度热路径优先读 Redis 快照，保留分组排序语义
- outbox 回放 + 全量重建纠偏，失败重试不推进水位
- 自动 Atlas 基线对齐并同步调度配置示例

											
										
										
											2026-01-12 14:19:06 +08:00
+												account, err := s.getSchedulableAccount(ctx, accountID)
-												feat: cc/codex support account retry

											
										
										
											2025-12-27 11:44:00 +08:00
+												if err == nil && account.IsSchedulable() && account.IsOpenAI() && (requestedModel == "" || account.IsModelSupported(requestedModel)) {
 													// Refresh sticky session TTL
-												feat(groups): add Claude Code client restriction and session isolation

- Add claude_code_only field to restrict groups to Claude Code clients only
- Add fallback_group_id for non-Claude Code requests to use alternate group
- Implement ClaudeCodeValidator for User-Agent detection
- Add group-level session binding isolation (groupID in Redis key)
- Prevent cross-group sticky session pollution
- Update frontend with Claude Code restriction controls

											
										
										
											2026-01-08 23:07:00 +08:00
+													_ = s.cache.RefreshSessionTTL(ctx, derefGroupID(groupID), "openai:"+sessionHash, openaiStickySessionTTL)
-												feat: cc/codex support account retry

											
										
										
											2025-12-27 11:44:00 +08:00
+													return account, nil
 												}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+											}
 										}
 									}
 									// 2. Get schedulable OpenAI accounts
-												feat(scheduler): 引入调度快照缓存与 outbox 回放

- 调度热路径优先读 Redis 快照，保留分组排序语义
- outbox 回放 + 全量重建纠偏，失败重试不推进水位
- 自动 Atlas 基线对齐并同步调度配置示例

											
										
										
											2026-01-12 14:19:06 +08:00
+									accounts, err := s.listSchedulableAccounts(ctx, groupID)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									if err != nil {
 										return nil, fmt.Errorf("query accounts failed: %w", err)
 									}
 									// 3. Select by priority + LRU
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+									var selected *Account
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									for i := range accounts {
 										acc := &accounts[i]
-												feat: cc/codex support account retry

											
										
										
											2025-12-27 11:44:00 +08:00
+										if _, excluded := excludedIDs[acc.ID]; excluded {
 											continue
 										}
-												fix(网关): 修复账号选择中的调度器快照延迟问题

## 问题描述
调度器快照更新存在0.5-1秒的延迟（Outbox轮询间隔），导致在账号被限流或过载后的短时间窗口内，
可能仍会被选中，造成请求失败。

## 根本原因
账号选择逻辑依赖调度器快照（listSchedulableAccounts），但快照更新有延迟：
- Outbox轮询: 每1秒检查一次变更事件
- 全量重建: 每300秒重建一次
- 时间窗口: 账号状态变更后0.5-1秒内，快照可能未更新

## 解决方案
在账号选择循环中添加IsSchedulable()实时检查，作为第二道防线：
1. 第一道防线: 调度器快照过滤（可能有延迟）
2. 第二道防线: IsSchedulable()实时检查（本次修复）

IsSchedulable()会检查：
- RateLimitResetAt: 限流重置时间
- OverloadUntil: 过载持续时间
- TempUnschedulableUntil: 临时不可调度时间
- Status: 账号状态
- Schedulable: 可调度标志

## 修改范围
### OpenAI Gateway Service
- SelectAccountForModelWithExclusions: 添加IsSchedulable()检查
- SelectAccountWithLoadAwareness: 添加IsSchedulable()检查

### Gateway Service (Claude/Gemini/Antigravity)
- 负载感知选择候选账号筛选: 添加IsSchedulable()检查
- selectAccountForModelWithPlatform: 添加IsSchedulable()检查
- selectAccountWithMixedScheduling: 添加IsSchedulable()检查

### 测试用例
- OpenAI: 添加2个测试用例验证限流账号过滤
- Gateway: 添加2个测试用例验证限流和过载账号过滤

### 其他修复
- ops_repo_preagg.go: 修复platform为NULL时的聚合问题

## 测试结果
所有单元测试通过 ✅

											
										
										
											2026-01-13 22:49:26 -08:00
+										// Scheduler snapshots can be temporarily stale; re-check schedulability here to
 										// avoid selecting accounts that were recently rate-limited/overloaded.
 										if !acc.IsSchedulable() {
 											continue
 										}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										// Check model support
 										if requestedModel != "" && !acc.IsModelSupported(requestedModel) {
 											continue
 										}
 										if selected == nil {
 											selected = acc
 											continue
 										}
 										// Lower priority value means higher priority
 										if acc.Priority < selected.Priority {
 											selected = acc
 										} else if acc.Priority == selected.Priority {
-												feat(backend): 实现 Gemini AI Studio OAuth 和消息兼容服务

- gemini_oauth_service.go: 新增 AI Studio OAuth 类型支持
- gemini_token_provider.go: Token 提供器增强
- gemini_messages_compat_service.go: 支持 AI Studio 端点
- account_test_service.go: Gemini 账户可用性检测
- gateway_service.go: 网关服务适配
- openai_gateway_service.go: OpenAI 兼容层调整

											
										
										
											2025-12-25 21:24:44 -08:00
+											switch {
 											case acc.LastUsedAt == nil && selected.LastUsedAt != nil:
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+												selected = acc
-												feat(backend): 实现 Gemini AI Studio OAuth 和消息兼容服务

- gemini_oauth_service.go: 新增 AI Studio OAuth 类型支持
- gemini_token_provider.go: Token 提供器增强
- gemini_messages_compat_service.go: 支持 AI Studio 端点
- account_test_service.go: Gemini 账户可用性检测
- gateway_service.go: 网关服务适配
- openai_gateway_service.go: OpenAI 兼容层调整

											
										
										
											2025-12-25 21:24:44 -08:00
+											case acc.LastUsedAt != nil && selected.LastUsedAt == nil:
 												// keep selected (never used is preferred)
 											case acc.LastUsedAt == nil && selected.LastUsedAt == nil:
 												// keep selected (both never used)
 											default:
 												// Same priority, select least recently used
 												if acc.LastUsedAt.Before(*selected.LastUsedAt) {
 													selected = acc
 												}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+											}
 										}
 									}
 									if selected == nil {
 										if requestedModel != "" {
 											return nil, fmt.Errorf("no available OpenAI accounts supporting model: %s", requestedModel)
 										}
 										return nil, errors.New("no available OpenAI accounts")
 									}
 									// 4. Set sticky session
 									if sessionHash != "" {
-												feat(groups): add Claude Code client restriction and session isolation

- Add claude_code_only field to restrict groups to Claude Code clients only
- Add fallback_group_id for non-Claude Code requests to use alternate group
- Implement ClaudeCodeValidator for User-Agent detection
- Add group-level session binding isolation (groupID in Redis key)
- Prevent cross-group sticky session pollution
- Update frontend with Claude Code restriction controls

											
										
										
											2026-01-08 23:07:00 +08:00
+										_ = s.cache.SetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash, selected.ID, openaiStickySessionTTL)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									}
 									return selected, nil
 								}
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+								// SelectAccountWithLoadAwareness selects an account with load-awareness and wait plan.
 								func (s *OpenAIGatewayService) SelectAccountWithLoadAwareness(ctx context.Context, groupID *int64, sessionHash string, requestedModel string, excludedIDs map[int64]struct{}) (*AccountSelectionResult, error) {
 									cfg := s.schedulingConfig()
 									var stickyAccountID int64
 									if sessionHash != "" && s.cache != nil {
-												feat(groups): add Claude Code client restriction and session isolation

- Add claude_code_only field to restrict groups to Claude Code clients only
- Add fallback_group_id for non-Claude Code requests to use alternate group
- Implement ClaudeCodeValidator for User-Agent detection
- Add group-level session binding isolation (groupID in Redis key)
- Prevent cross-group sticky session pollution
- Update frontend with Claude Code restriction controls

											
										
										
											2026-01-08 23:07:00 +08:00
+										if accountID, err := s.cache.GetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash); err == nil {
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+											stickyAccountID = accountID
 										}
 									}
 									if s.concurrencyService == nil || !cfg.LoadBatchEnabled {
 										account, err := s.SelectAccountForModelWithExclusions(ctx, groupID, sessionHash, requestedModel, excludedIDs)
 										if err != nil {
 											return nil, err
 										}
 										result, err := s.tryAcquireAccountSlot(ctx, account.ID, account.Concurrency)
 										if err == nil && result.Acquired {
 											return &AccountSelectionResult{
 												Account:     account,
 												Acquired:    true,
 												ReleaseFunc: result.ReleaseFunc,
 											}, nil
 										}
 										if stickyAccountID > 0 && stickyAccountID == account.ID && s.concurrencyService != nil {
 											waitingCount, _ := s.concurrencyService.GetAccountWaitingCount(ctx, account.ID)
 											if waitingCount < cfg.StickySessionMaxWaiting {
 												return &AccountSelectionResult{
 													Account: account,
 													WaitPlan: &AccountWaitPlan{
 														AccountID:      account.ID,
 														MaxConcurrency: account.Concurrency,
 														Timeout:        cfg.StickySessionWaitTimeout,
 														MaxWaiting:     cfg.StickySessionMaxWaiting,
 													},
 												}, nil
 											}
 										}
 										return &AccountSelectionResult{
 											Account: account,
 											WaitPlan: &AccountWaitPlan{
 												AccountID:      account.ID,
 												MaxConcurrency: account.Concurrency,
 												Timeout:        cfg.FallbackWaitTimeout,
 												MaxWaiting:     cfg.FallbackMaxWaiting,
 											},
 										}, nil
 									}
 									accounts, err := s.listSchedulableAccounts(ctx, groupID)
 									if err != nil {
 										return nil, err
 									}
 									if len(accounts) == 0 {
 										return nil, errors.New("no available accounts")
 									}
 									isExcluded := func(accountID int64) bool {
 										if excludedIDs == nil {
 											return false
 										}
 										_, excluded := excludedIDs[accountID]
 										return excluded
 									}
 									// ============ Layer 1: Sticky session ============
 									if sessionHash != "" {
-												feat(groups): add Claude Code client restriction and session isolation

- Add claude_code_only field to restrict groups to Claude Code clients only
- Add fallback_group_id for non-Claude Code requests to use alternate group
- Implement ClaudeCodeValidator for User-Agent detection
- Add group-level session binding isolation (groupID in Redis key)
- Prevent cross-group sticky session pollution
- Update frontend with Claude Code restriction controls

											
										
										
											2026-01-08 23:07:00 +08:00
+										accountID, err := s.cache.GetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash)
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+										if err == nil && accountID > 0 && !isExcluded(accountID) {
-												feat(scheduler): 引入调度快照缓存与 outbox 回放

- 调度热路径优先读 Redis 快照，保留分组排序语义
- outbox 回放 + 全量重建纠偏，失败重试不推进水位
- 自动 Atlas 基线对齐并同步调度配置示例

											
										
										
											2026-01-12 14:19:06 +08:00
+											account, err := s.getSchedulableAccount(ctx, accountID)
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+											if err == nil && account.IsSchedulable() && account.IsOpenAI() &&
 												(requestedModel == "" || account.IsModelSupported(requestedModel)) {
 												result, err := s.tryAcquireAccountSlot(ctx, accountID, account.Concurrency)
 												if err == nil && result.Acquired {
-												feat(groups): add Claude Code client restriction and session isolation

- Add claude_code_only field to restrict groups to Claude Code clients only
- Add fallback_group_id for non-Claude Code requests to use alternate group
- Implement ClaudeCodeValidator for User-Agent detection
- Add group-level session binding isolation (groupID in Redis key)
- Prevent cross-group sticky session pollution
- Update frontend with Claude Code restriction controls

											
										
										
											2026-01-08 23:07:00 +08:00
+													_ = s.cache.RefreshSessionTTL(ctx, derefGroupID(groupID), "openai:"+sessionHash, openaiStickySessionTTL)
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+													return &AccountSelectionResult{
 														Account:     account,
 														Acquired:    true,
 														ReleaseFunc: result.ReleaseFunc,
 													}, nil
 												}
 												waitingCount, _ := s.concurrencyService.GetAccountWaitingCount(ctx, accountID)
 												if waitingCount < cfg.StickySessionMaxWaiting {
 													return &AccountSelectionResult{
 														Account: account,
 														WaitPlan: &AccountWaitPlan{
 															AccountID:      accountID,
 															MaxConcurrency: account.Concurrency,
 															Timeout:        cfg.StickySessionWaitTimeout,
 															MaxWaiting:     cfg.StickySessionMaxWaiting,
 														},
 													}, nil
 												}
 											}
 										}
 									}
 									// ============ Layer 2: Load-aware selection ============
 									candidates := make([]*Account, 0, len(accounts))
 									for i := range accounts {
 										acc := &accounts[i]
 										if isExcluded(acc.ID) {
 											continue
 										}
-												fix(网关): 修复账号选择中的调度器快照延迟问题

## 问题描述
调度器快照更新存在0.5-1秒的延迟（Outbox轮询间隔），导致在账号被限流或过载后的短时间窗口内，
可能仍会被选中，造成请求失败。

## 根本原因
账号选择逻辑依赖调度器快照（listSchedulableAccounts），但快照更新有延迟：
- Outbox轮询: 每1秒检查一次变更事件
- 全量重建: 每300秒重建一次
- 时间窗口: 账号状态变更后0.5-1秒内，快照可能未更新

## 解决方案
在账号选择循环中添加IsSchedulable()实时检查，作为第二道防线：
1. 第一道防线: 调度器快照过滤（可能有延迟）
2. 第二道防线: IsSchedulable()实时检查（本次修复）

IsSchedulable()会检查：
- RateLimitResetAt: 限流重置时间
- OverloadUntil: 过载持续时间
- TempUnschedulableUntil: 临时不可调度时间
- Status: 账号状态
- Schedulable: 可调度标志

## 修改范围
### OpenAI Gateway Service
- SelectAccountForModelWithExclusions: 添加IsSchedulable()检查
- SelectAccountWithLoadAwareness: 添加IsSchedulable()检查

### Gateway Service (Claude/Gemini/Antigravity)
- 负载感知选择候选账号筛选: 添加IsSchedulable()检查
- selectAccountForModelWithPlatform: 添加IsSchedulable()检查
- selectAccountWithMixedScheduling: 添加IsSchedulable()检查

### 测试用例
- OpenAI: 添加2个测试用例验证限流账号过滤
- Gateway: 添加2个测试用例验证限流和过载账号过滤

### 其他修复
- ops_repo_preagg.go: 修复platform为NULL时的聚合问题

## 测试结果
所有单元测试通过 ✅

											
										
										
											2026-01-13 22:49:26 -08:00
+										// Scheduler snapshots can be temporarily stale (bucket rebuild is throttled);
 										// re-check schedulability here so recently rate-limited/overloaded accounts
 										// are not selected again before the bucket is rebuilt.
 										if !acc.IsSchedulable() {
 											continue
 										}
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+										if requestedModel != "" && !acc.IsModelSupported(requestedModel) {
 											continue
 										}
 										candidates = append(candidates, acc)
 									}
 									if len(candidates) == 0 {
 										return nil, errors.New("no available accounts")
 									}
 									accountLoads := make([]AccountWithConcurrency, 0, len(candidates))
 									for _, acc := range candidates {
 										accountLoads = append(accountLoads, AccountWithConcurrency{
 											ID:             acc.ID,
 											MaxConcurrency: acc.Concurrency,
 										})
 									}
 									loadMap, err := s.concurrencyService.GetAccountsLoadBatch(ctx, accountLoads)
 									if err != nil {
 										ordered := append([]*Account(nil), candidates...)
 										sortAccountsByPriorityAndLastUsed(ordered, false)
 										for _, acc := range ordered {
 											result, err := s.tryAcquireAccountSlot(ctx, acc.ID, acc.Concurrency)
 											if err == nil && result.Acquired {
 												if sessionHash != "" {
-												feat(groups): add Claude Code client restriction and session isolation

- Add claude_code_only field to restrict groups to Claude Code clients only
- Add fallback_group_id for non-Claude Code requests to use alternate group
- Implement ClaudeCodeValidator for User-Agent detection
- Add group-level session binding isolation (groupID in Redis key)
- Prevent cross-group sticky session pollution
- Update frontend with Claude Code restriction controls

											
										
										
											2026-01-08 23:07:00 +08:00
+													_ = s.cache.SetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash, acc.ID, openaiStickySessionTTL)
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+												}
 												return &AccountSelectionResult{
 													Account:     acc,
 													Acquired:    true,
 													ReleaseFunc: result.ReleaseFunc,
 												}, nil
 											}
 										}
 									} else {
 										type accountWithLoad struct {
 											account  *Account
 											loadInfo *AccountLoadInfo
 										}
 										var available []accountWithLoad
 										for _, acc := range candidates {
 											loadInfo := loadMap[acc.ID]
 											if loadInfo == nil {
 												loadInfo = &AccountLoadInfo{AccountID: acc.ID}
 											}
 											if loadInfo.LoadRate < 100 {
 												available = append(available, accountWithLoad{
 													account:  acc,
 													loadInfo: loadInfo,
 												})
 											}
 										}
 										if len(available) > 0 {
 											sort.SliceStable(available, func(i, j int) bool {
 												a, b := available[i], available[j]
 												if a.account.Priority != b.account.Priority {
 													return a.account.Priority < b.account.Priority
 												}
 												if a.loadInfo.LoadRate != b.loadInfo.LoadRate {
 													return a.loadInfo.LoadRate < b.loadInfo.LoadRate
 												}
 												switch {
 												case a.account.LastUsedAt == nil && b.account.LastUsedAt != nil:
 													return true
 												case a.account.LastUsedAt != nil && b.account.LastUsedAt == nil:
 													return false
 												case a.account.LastUsedAt == nil && b.account.LastUsedAt == nil:
 													return false
 												default:
 													return a.account.LastUsedAt.Before(*b.account.LastUsedAt)
 												}
 											})
 											for _, item := range available {
 												result, err := s.tryAcquireAccountSlot(ctx, item.account.ID, item.account.Concurrency)
 												if err == nil && result.Acquired {
 													if sessionHash != "" {
-												feat(groups): add Claude Code client restriction and session isolation

- Add claude_code_only field to restrict groups to Claude Code clients only
- Add fallback_group_id for non-Claude Code requests to use alternate group
- Implement ClaudeCodeValidator for User-Agent detection
- Add group-level session binding isolation (groupID in Redis key)
- Prevent cross-group sticky session pollution
- Update frontend with Claude Code restriction controls

											
										
										
											2026-01-08 23:07:00 +08:00
+														_ = s.cache.SetSessionAccountID(ctx, derefGroupID(groupID), "openai:"+sessionHash, item.account.ID, openaiStickySessionTTL)
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+													}
 													return &AccountSelectionResult{
 														Account:     item.account,
 														Acquired:    true,
 														ReleaseFunc: result.ReleaseFunc,
 													}, nil
 												}
 											}
 										}
 									}
 									// ============ Layer 3: Fallback wait ============
 									sortAccountsByPriorityAndLastUsed(candidates, false)
 									for _, acc := range candidates {
 										return &AccountSelectionResult{
 											Account: acc,
 											WaitPlan: &AccountWaitPlan{
 												AccountID:      acc.ID,
 												MaxConcurrency: acc.Concurrency,
 												Timeout:        cfg.FallbackWaitTimeout,
 												MaxWaiting:     cfg.FallbackMaxWaiting,
 											},
 										}, nil
 									}
 									return nil, errors.New("no available accounts")
 								}
 								func (s *OpenAIGatewayService) listSchedulableAccounts(ctx context.Context, groupID *int64) ([]Account, error) {
-												feat(scheduler): 引入调度快照缓存与 outbox 回放

- 调度热路径优先读 Redis 快照，保留分组排序语义
- outbox 回放 + 全量重建纠偏，失败重试不推进水位
- 自动 Atlas 基线对齐并同步调度配置示例

											
										
										
											2026-01-12 14:19:06 +08:00
+									if s.schedulerSnapshot != nil {
 										accounts, _, err := s.schedulerSnapshot.ListSchedulableAccounts(ctx, groupID, PlatformOpenAI, false)
 										return accounts, err
 									}
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+									var accounts []Account
 									var err error
 									if s.cfg != nil && s.cfg.RunMode == config.RunModeSimple {
 										accounts, err = s.accountRepo.ListSchedulableByPlatform(ctx, PlatformOpenAI)
 									} else if groupID != nil {
 										accounts, err = s.accountRepo.ListSchedulableByGroupIDAndPlatform(ctx, *groupID, PlatformOpenAI)
 									} else {
 										accounts, err = s.accountRepo.ListSchedulableByPlatform(ctx, PlatformOpenAI)
 									}
 									if err != nil {
 										return nil, fmt.Errorf("query accounts failed: %w", err)
 									}
 									return accounts, nil
 								}
 								func (s *OpenAIGatewayService) tryAcquireAccountSlot(ctx context.Context, accountID int64, maxConcurrency int) (*AcquireResult, error) {
 									if s.concurrencyService == nil {
 										return &AcquireResult{Acquired: true, ReleaseFunc: func() {}}, nil
 									}
 									return s.concurrencyService.AcquireAccountSlot(ctx, accountID, maxConcurrency)
 								}
-												feat(scheduler): 引入调度快照缓存与 outbox 回放

- 调度热路径优先读 Redis 快照，保留分组排序语义
- outbox 回放 + 全量重建纠偏，失败重试不推进水位
- 自动 Atlas 基线对齐并同步调度配置示例

											
										
										
											2026-01-12 14:19:06 +08:00
+								func (s *OpenAIGatewayService) getSchedulableAccount(ctx context.Context, accountID int64) (*Account, error) {
 									if s.schedulerSnapshot != nil {
 										return s.schedulerSnapshot.GetAccount(ctx, accountID)
 									}
 									return s.accountRepo.GetByID(ctx, accountID)
 								}
-												feat(gateway): 实现负载感知的账号调度优化

- 新增调度配置：粘性会话排队、兜底排队、负载计算、槽位清理
- 实现账号级等待队列和批量负载查询（Redis Lua 脚本）
- 三层选择策略：粘性会话优先 → 负载感知选择 → 兜底排队
- 后台定期清理过期槽位，防止资源泄漏
- 集成到所有网关处理器（Claude/Gemini/OpenAI）

											
										
										
											2026-01-01 04:01:51 +08:00
+								func (s *OpenAIGatewayService) schedulingConfig() config.GatewaySchedulingConfig {
 									if s.cfg != nil {
 										return s.cfg.Gateway.Scheduling
 									}
 									return config.GatewaySchedulingConfig{
 										StickySessionMaxWaiting:  3,
 										StickySessionWaitTimeout: 45 * time.Second,
 										FallbackWaitTimeout:      30 * time.Second,
 										FallbackMaxWaiting:       100,
 										LoadBatchEnabled:         true,
 										SlotCleanupInterval:      30 * time.Second,
 									}
 								}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+								// GetAccessToken gets the access token for an OpenAI account
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+								func (s *OpenAIGatewayService) GetAccessToken(ctx context.Context, account *Account) (string, string, error) {
-												fix: 修复golangci-lint检查问题

- 移除OpenAIGatewayHandler中未使用的userService字段
- 将账号类型判断的if-else链改为switch语句

											
										
										
											2025-12-23 10:25:32 +08:00
+									switch account.Type {
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+									case AccountTypeOAuth:
-												feat(网关): 引入 OpenAI/Claude OAuth token 缓存

新增 OpenAI/Claude TokenProvider 与缓存键生成
扩展 OAuth 缓存失效覆盖更多平台
统一 OAuth 缓存前缀与依赖注入

											
										
										
											2026-01-15 18:27:06 +08:00
+										// 使用 TokenProvider 获取缓存的 token
 										if s.openAITokenProvider != nil {
 											accessToken, err := s.openAITokenProvider.GetAccessToken(ctx, account)
 											if err != nil {
 												return "", "", err
 											}
 											return accessToken, "oauth", nil
 										}
 										// 降级：TokenProvider 未配置时直接从账号读取
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										accessToken := account.GetOpenAIAccessToken()
 										if accessToken == "" {
 											return "", "", errors.New("access_token not found in credentials")
 										}
 										return accessToken, "oauth", nil
-												fix(lint): 修复所有 Go 命名规范问题

- 全局替换 ApiKey → APIKey（类型、字段、方法、变量）
- 修复所有 initialism 命名（API, SMTP, HTML, URL 等）
- 添加所有缺失的包注释
- 修复导出符号的注释格式

主要修改：
- ApiKey → APIKey（所有出现的地方）
- ApiKeyID → APIKeyID
- ApiKeyIDs → APIKeyIDs
- TestSmtpConnection → TestSMTPConnection
- HtmlURL → HTMLURL
- 添加 20+ 个包注释
- 修复 10+ 个导出符号注释格式

验证结果：
- ✓ golangci-lint: 0 issues
- ✓ 单元测试: 通过
- ✓ 集成测试: 通过

											
										
										
											2026-01-04 19:27:53 +08:00
+									case AccountTypeAPIKey:
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										apiKey := account.GetOpenAIApiKey()
 										if apiKey == "" {
 											return "", "", errors.New("api_key not found in credentials")
 										}
 										return apiKey, "apikey", nil
-												fix: 修复golangci-lint检查问题

- 移除OpenAIGatewayHandler中未使用的userService字段
- 将账号类型判断的if-else链改为switch语句

											
										
										
											2025-12-23 10:25:32 +08:00
+									default:
 										return "", "", fmt.Errorf("unsupported account type: %s", account.Type)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									}
 								}
-												feat: cc/codex support account retry

											
										
										
											2025-12-27 11:44:00 +08:00
+								func (s *OpenAIGatewayService) shouldFailoverUpstreamError(statusCode int) bool {
 									switch statusCode {
-												feat: 修复 OpenAI 402 报错自动切换问题

											
										
										
											2025-12-31 11:46:53 +08:00
+									case 401, 402, 403, 429, 529:
-												feat: cc/codex support account retry

											
										
										
											2025-12-27 11:44:00 +08:00
+										return true
 									default:
 										return statusCode >= 500
 									}
 								}
 								func (s *OpenAIGatewayService) handleFailoverSideEffects(ctx context.Context, resp *http.Response, account *Account) {
-												feat(ops): 实现上游错误事件记录与查询功能

**新增功能**:
- 新建ops_upstream_error_events表存储上游服务错误详情
- 支持记录上游429/529/5xx错误的详细上下文信息
- 提供按时间范围查询上游错误事件的API

**后端改动**:
1. 模型层（ops_models.go, ops_port.go）:
   - 新增UpstreamErrorEvent结构体
   - 扩展Repository接口支持上游错误事件CRUD

2. 仓储层（ops_repo.go）:
   - 实现InsertUpstreamErrorEvent写入上游错误
   - 实现GetUpstreamErrorEvents按时间范围查询

3. 服务层（ops_service.go, ops_upstream_context.go）:
   - ops_service: 新增GetUpstreamErrorEvents查询方法
   - ops_upstream_context: 封装上游错误上下文构建逻辑

4. Handler层（ops_error_logger.go）:
   - 新增GetUpstreamErrorsHandler处理上游错误查询请求

5. Gateway层集成:
   - antigravity_gateway_service.go: 429/529错误时记录上游事件
   - gateway_service.go: OpenAI 429/5xx错误时记录
   - gemini_messages_compat_service.go: Gemini 429/5xx错误时记录
   - openai_gateway_service.go: OpenAI 429/5xx错误时记录
   - ratelimit_service.go: 429限流错误时记录

**数据记录字段**:
- request_id: 关联ops_logs主记录
- platform/model: 上游服务标识
- status_code/error_message: 错误详情
- request_headers/response_body: 调试信息（可选）
- created_at: 错误发生时间

											
										
										
											2026-01-11 15:30:27 +08:00
+									body, _ := io.ReadAll(io.LimitReader(resp.Body, 2<<20))
-												feat: cc/codex support account retry

											
										
										
											2025-12-27 11:44:00 +08:00
+									s.rateLimitService.HandleUpstreamError(ctx, account, resp.StatusCode, resp.Header, body)
 								}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+								// Forward forwards request to OpenAI API
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+								func (s *OpenAIGatewayService) Forward(ctx context.Context, c *gin.Context, account *Account, body []byte) (*OpenAIForwardResult, error) {
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									startTime := time.Now()
 									// Parse request body once (avoid multiple parse/serialize cycles)
 									var reqBody map[string]any
 									if err := json.Unmarshal(body, &reqBody); err != nil {
 										return nil, fmt.Errorf("parse request: %w", err)
 									}
 									// Extract model and stream from parsed body
 									reqModel, _ := reqBody["model"].(string)
 									reqStream, _ := reqBody["stream"].(bool)
-												Fix Codex OAuth tool mapping

											
										
										
											2026-01-09 18:35:58 +08:00
+									promptCacheKey := ""
-												Make Codex CLI passthrough

											
										
										
											2026-01-10 03:12:56 +08:00
+									if v, ok := reqBody["prompt_cache_key"].(string); ok {
 										promptCacheKey = strings.TrimSpace(v)
 									}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
 									// Track if body needs re-serialization
 									bodyModified := false
 									originalModel := reqModel
-												Make Codex CLI passthrough

											
										
										
											2026-01-10 03:12:56 +08:00
+									isCodexCLI := openai.IsCodexCLIRequest(c.GetHeader("User-Agent"))
-												fix(网关): 补齐Codex指令回退与输入过滤

											
										
										
											2026-01-13 17:01:21 +08:00
+									// 对所有请求执行模型映射（包含 Codex CLI）。
-												feat(gateway): 对所有请求（包括 Codex CLI）应用模型映射

- 移除 Codex CLI 的模型映射跳过逻辑
- 添加详细的模型映射日志，包含账号名称和请求类型
- 确保所有 OpenAI 请求都能正确应用账号配置的模型映射

											
										
										
											2026-01-12 13:23:05 -08:00
+									mappedModel := account.GetMappedModel(reqModel)
 									if mappedModel != reqModel {
 										log.Printf("[OpenAI] Model mapping applied: %s -> %s (account: %s, isCodexCLI: %v)", reqModel, mappedModel, account.Name, isCodexCLI)
 										reqBody["model"] = mappedModel
 										bodyModified = true
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									}
-												fix(网关): 补齐Codex指令回退与输入过滤

											
										
										
											2026-01-13 17:01:21 +08:00
+									// 针对所有 OpenAI 账号执行 Codex 模型名规范化，确保上游识别一致。
-												fix(openai): 增强 OpenCode 兼容性和模型规范化

## 主要改动

1. **模型规范化扩展到所有账号**
   - 将 Codex 模型规范化（如 gpt-5-nano → gpt-5.1）应用到所有 OpenAI 账号类型
   - 不再仅限于 OAuth 非 CLI 请求
   - 解决 Codex CLI 使用 ChatGPT 账号时的模型兼容性问题

2. **reasoning.effort 参数规范化**
   - 自动将 `minimal` 转换为 `none`
   - 解决 gpt-5.1 模型不支持 `minimal` 值的问题

3. **Session/Conversation ID fallback 机制**
   - 从请求体多个字段提取 session_id/conversation_id
   - 优先级：prompt_cache_key → session_id → conversation_id → previous_response_id
   - 支持 Codex CLI 的会话保持

4. **Tool Call ID fallback**
   - 当 call_id 为空时使用 id 字段作为 fallback
   - 确保 tool call 输出能正确匹配
   - 保留 item_reference 类型的 items

5. **Header 优化**
   - 添加 conversation_id 到允许的 headers
   - 移除删除 session headers 的逻辑

## 相关 Issue
- 参考 OpenCode issue #3118 关于 item_reference 的讨论

											
										
										
											2026-01-12 20:18:53 -08:00
+									if model, ok := reqBody["model"].(string); ok {
 										normalizedModel := normalizeCodexModel(model)
 										if normalizedModel != "" && normalizedModel != model {
 											log.Printf("[OpenAI] Codex model normalization: %s -> %s (account: %s, type: %s, isCodexCLI: %v)",
 												model, normalizedModel, account.Name, account.Type, isCodexCLI)
 											reqBody["model"] = normalizedModel
 											mappedModel = normalizedModel
 											bodyModified = true
 										}
 									}
-												fix(网关): 补齐Codex指令回退与输入过滤

											
										
										
											2026-01-13 17:01:21 +08:00
+									// 规范化 reasoning.effort 参数（minimal -> none），与上游允许值对齐。
-												fix(openai): 增强 OpenCode 兼容性和模型规范化

## 主要改动

1. **模型规范化扩展到所有账号**
   - 将 Codex 模型规范化（如 gpt-5-nano → gpt-5.1）应用到所有 OpenAI 账号类型
   - 不再仅限于 OAuth 非 CLI 请求
   - 解决 Codex CLI 使用 ChatGPT 账号时的模型兼容性问题

2. **reasoning.effort 参数规范化**
   - 自动将 `minimal` 转换为 `none`
   - 解决 gpt-5.1 模型不支持 `minimal` 值的问题

3. **Session/Conversation ID fallback 机制**
   - 从请求体多个字段提取 session_id/conversation_id
   - 优先级：prompt_cache_key → session_id → conversation_id → previous_response_id
   - 支持 Codex CLI 的会话保持

4. **Tool Call ID fallback**
   - 当 call_id 为空时使用 id 字段作为 fallback
   - 确保 tool call 输出能正确匹配
   - 保留 item_reference 类型的 items

5. **Header 优化**
   - 添加 conversation_id 到允许的 headers
   - 移除删除 session headers 的逻辑

## 相关 Issue
- 参考 OpenCode issue #3118 关于 item_reference 的讨论

											
										
										
											2026-01-12 20:18:53 -08:00
+									if reasoning, ok := reqBody["reasoning"].(map[string]any); ok {
 										if effort, ok := reasoning["effort"].(string); ok && effort == "minimal" {
 											reasoning["effort"] = "none"
 											bodyModified = true
 											log.Printf("[OpenAI] Normalized reasoning.effort: minimal -> none (account: %s)", account.Name)
 										}
 									}
-												Make Codex CLI passthrough

											
										
										
											2026-01-10 03:12:56 +08:00
+									if account.Type == AccountTypeOAuth && !isCodexCLI {
 										codexResult := applyCodexOAuthTransform(reqBody)
-												Fix Codex OAuth tool mapping

											
										
										
											2026-01-09 18:35:58 +08:00
+										if codexResult.Modified {
-												feat(openai): add AI SDK content format compatibility for OAuth accounts

- Add normalizeInputForCodexAPI function to convert AI SDK multi-part
  content format to simplified format expected by ChatGPT Codex API
- AI SDK sends: {"content": [{"type": "input_text", "text": "..."}]}
- Codex API expects: {"content": "..."}
- Only applies to OAuth accounts (ChatGPT internal API)
- API Key accounts remain unchanged (OpenAI Platform API supports both)

											
										
										
											2026-01-09 00:34:49 +08:00
+											bodyModified = true
 										}
-												Fix Codex OAuth tool mapping

											
										
										
											2026-01-09 18:35:58 +08:00
+										if codexResult.NormalizedModel != "" {
 											mappedModel = codexResult.NormalizedModel
 										}
 										if codexResult.PromptCacheKey != "" {
 											promptCacheKey = codexResult.PromptCacheKey
 										}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									}
-												fix(gateway): 完善 max_output_tokens 参数处理逻辑

根据不同平台和账号类型处理 max_output_tokens 参数：
- OpenAI OAuth (Responses API): 保留 max_output_tokens（支持）
- OpenAI API Key: 删除 max_output_tokens（不支持）
- Anthropic (Claude): 转换 max_output_tokens 为 max_tokens
- Gemini: 删除 max_output_tokens（由 Gemini 专用转换处理）
- 其他平台: 删除（安全起见）

同时处理 max_completion_tokens 参数，仅在 OpenAI OAuth 时保留。

修复客户端（如 OpenCode）发送不支持参数导致上游返回 400 错误的问题。

Related-to: #231

											
										
										
											2026-01-12 11:08:28 -08:00
+									// Handle max_output_tokens based on platform and account type
 									if !isCodexCLI {
 										if maxOutputTokens, hasMaxOutputTokens := reqBody["max_output_tokens"]; hasMaxOutputTokens {
 											switch account.Platform {
 											case PlatformOpenAI:
 												// For OpenAI API Key, remove max_output_tokens (not supported)
 												// For OpenAI OAuth (Responses API), keep it (supported)
 												if account.Type == AccountTypeAPIKey {
 													delete(reqBody, "max_output_tokens")
 													bodyModified = true
 												}
 											case PlatformAnthropic:
 												// For Anthropic (Claude), convert to max_tokens
 												delete(reqBody, "max_output_tokens")
 												if _, hasMaxTokens := reqBody["max_tokens"]; !hasMaxTokens {
 													reqBody["max_tokens"] = maxOutputTokens
 												}
 												bodyModified = true
 											case PlatformGemini:
 												// For Gemini, remove (will be handled by Gemini-specific transform)
 												delete(reqBody, "max_output_tokens")
 												bodyModified = true
 											default:
 												// For unknown platforms, remove to be safe
 												delete(reqBody, "max_output_tokens")
 												bodyModified = true
 											}
 										}
 										// Also handle max_completion_tokens (similar logic)
 										if _, hasMaxCompletionTokens := reqBody["max_completion_tokens"]; hasMaxCompletionTokens {
 											if account.Type == AccountTypeAPIKey || account.Platform != PlatformOpenAI {
 												delete(reqBody, "max_completion_tokens")
 												bodyModified = true
 											}
 										}
 									}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									// Re-serialize body only if modified
 									if bodyModified {
 										var err error
 										body, err = json.Marshal(reqBody)
 										if err != nil {
 											return nil, fmt.Errorf("serialize request body: %w", err)
 										}
 									}
 									// Get access token
 									token, _, err := s.GetAccessToken(ctx, account)
 									if err != nil {
 										return nil, err
 									}
 									// Build upstream request
-												Align OAuth transform with OpenCode instructions

											
										
										
											2026-01-10 20:53:16 +08:00
+									upstreamReq, err := s.buildUpstreamRequest(ctx, c, account, body, token, reqStream, promptCacheKey, isCodexCLI)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									if err != nil {
 										return nil, err
 									}
 									// Get proxy URL
 									proxyURL := ""
 									if account.ProxyID != nil && account.Proxy != nil {
 										proxyURL = account.Proxy.URL()
 									}
-												feat: merge dev

											
										
										
											2026-01-15 15:14:44 +08:00
+									// Capture upstream request body for ops retry of this attempt.
 									if c != nil {
 										c.Set(OpsUpstreamRequestBodyKey, string(body))
 									}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									// Send request
-												perf(网关): 实现上游账号连接池隔离

新增隔离策略与连接池缓存回收

连接池大小跟随账号并发并处理代理切换

同步配置默认值与示例并补充测试

											
										
										
											2025-12-31 11:43:58 +08:00
+									resp, err := s.httpUpstream.Do(upstreamReq, proxyURL, account.ID, account.Concurrency)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									if err != nil {
-												feat(ops): 添加QPS脉搏线图并优化指标布局

- 添加实时QPS/TPS历史数据追踪（最近60个数据点）
- 在平均QPS/TPS上方添加SVG脉搏线图（sparkline）
- 将延迟和TTFT卡片的指标布局从2列改为3列
- 恢复Max指标显示（P95/P90/P50/Avg/Max）

											
										
										
											2026-01-11 11:49:34 +08:00
+										// Ensure the client receives an error response (handlers assume Forward writes on non-failover errors).
 										safeErr := sanitizeUpstreamErrorMessage(err.Error())
 										setOpsUpstreamError(c, 0, safeErr, "")
-												feat(ops): 实现上游错误事件记录与查询功能

**新增功能**:
- 新建ops_upstream_error_events表存储上游服务错误详情
- 支持记录上游429/529/5xx错误的详细上下文信息
- 提供按时间范围查询上游错误事件的API

**后端改动**:
1. 模型层（ops_models.go, ops_port.go）:
   - 新增UpstreamErrorEvent结构体
   - 扩展Repository接口支持上游错误事件CRUD

2. 仓储层（ops_repo.go）:
   - 实现InsertUpstreamErrorEvent写入上游错误
   - 实现GetUpstreamErrorEvents按时间范围查询

3. 服务层（ops_service.go, ops_upstream_context.go）:
   - ops_service: 新增GetUpstreamErrorEvents查询方法
   - ops_upstream_context: 封装上游错误上下文构建逻辑

4. Handler层（ops_error_logger.go）:
   - 新增GetUpstreamErrorsHandler处理上游错误查询请求

5. Gateway层集成:
   - antigravity_gateway_service.go: 429/529错误时记录上游事件
   - gateway_service.go: OpenAI 429/5xx错误时记录
   - gemini_messages_compat_service.go: Gemini 429/5xx错误时记录
   - openai_gateway_service.go: OpenAI 429/5xx错误时记录
   - ratelimit_service.go: 429限流错误时记录

**数据记录字段**:
- request_id: 关联ops_logs主记录
- platform/model: 上游服务标识
- status_code/error_message: 错误详情
- request_headers/response_body: 调试信息（可选）
- created_at: 错误发生时间

											
										
										
											2026-01-11 15:30:27 +08:00
+										appendOpsUpstreamError(c, OpsUpstreamErrorEvent{
 											Platform:           account.Platform,
 											AccountID:          account.ID,
-												feat: merge dev

											
										
										
											2026-01-15 15:14:44 +08:00
+											AccountName:        account.Name,
-												feat(ops): 实现上游错误事件记录与查询功能

**新增功能**:
- 新建ops_upstream_error_events表存储上游服务错误详情
- 支持记录上游429/529/5xx错误的详细上下文信息
- 提供按时间范围查询上游错误事件的API

**后端改动**:
1. 模型层（ops_models.go, ops_port.go）:
   - 新增UpstreamErrorEvent结构体
   - 扩展Repository接口支持上游错误事件CRUD

2. 仓储层（ops_repo.go）:
   - 实现InsertUpstreamErrorEvent写入上游错误
   - 实现GetUpstreamErrorEvents按时间范围查询

3. 服务层（ops_service.go, ops_upstream_context.go）:
   - ops_service: 新增GetUpstreamErrorEvents查询方法
   - ops_upstream_context: 封装上游错误上下文构建逻辑

4. Handler层（ops_error_logger.go）:
   - 新增GetUpstreamErrorsHandler处理上游错误查询请求

5. Gateway层集成:
   - antigravity_gateway_service.go: 429/529错误时记录上游事件
   - gateway_service.go: OpenAI 429/5xx错误时记录
   - gemini_messages_compat_service.go: Gemini 429/5xx错误时记录
   - openai_gateway_service.go: OpenAI 429/5xx错误时记录
   - ratelimit_service.go: 429限流错误时记录

**数据记录字段**:
- request_id: 关联ops_logs主记录
- platform/model: 上游服务标识
- status_code/error_message: 错误详情
- request_headers/response_body: 调试信息（可选）
- created_at: 错误发生时间

											
										
										
											2026-01-11 15:30:27 +08:00
+											UpstreamStatusCode: 0,
 											Kind:               "request_error",
 											Message:            safeErr,
 										})
-												feat(ops): 添加QPS脉搏线图并优化指标布局

- 添加实时QPS/TPS历史数据追踪（最近60个数据点）
- 在平均QPS/TPS上方添加SVG脉搏线图（sparkline）
- 将延迟和TTFT卡片的指标布局从2列改为3列
- 恢复Max指标显示（P95/P90/P50/Avg/Max）

											
										
										
											2026-01-11 11:49:34 +08:00
+										c.JSON(http.StatusBadGateway, gin.H{
 											"error": gin.H{
 												"type":    "upstream_error",
 												"message": "Upstream request failed",
 											},
 										})
 										return nil, fmt.Errorf("upstream request failed: %s", safeErr)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									}
 									defer func() { _ = resp.Body.Close() }()
 									// Handle error response
 									if resp.StatusCode >= 400 {
-												feat: cc/codex support account retry

											
										
										
											2025-12-27 11:44:00 +08:00
+										if s.shouldFailoverUpstreamError(resp.StatusCode) {
-												feat(ops): 实现上游错误事件记录与查询功能

**新增功能**:
- 新建ops_upstream_error_events表存储上游服务错误详情
- 支持记录上游429/529/5xx错误的详细上下文信息
- 提供按时间范围查询上游错误事件的API

**后端改动**:
1. 模型层（ops_models.go, ops_port.go）:
   - 新增UpstreamErrorEvent结构体
   - 扩展Repository接口支持上游错误事件CRUD

2. 仓储层（ops_repo.go）:
   - 实现InsertUpstreamErrorEvent写入上游错误
   - 实现GetUpstreamErrorEvents按时间范围查询

3. 服务层（ops_service.go, ops_upstream_context.go）:
   - ops_service: 新增GetUpstreamErrorEvents查询方法
   - ops_upstream_context: 封装上游错误上下文构建逻辑

4. Handler层（ops_error_logger.go）:
   - 新增GetUpstreamErrorsHandler处理上游错误查询请求

5. Gateway层集成:
   - antigravity_gateway_service.go: 429/529错误时记录上游事件
   - gateway_service.go: OpenAI 429/5xx错误时记录
   - gemini_messages_compat_service.go: Gemini 429/5xx错误时记录
   - openai_gateway_service.go: OpenAI 429/5xx错误时记录
   - ratelimit_service.go: 429限流错误时记录

**数据记录字段**:
- request_id: 关联ops_logs主记录
- platform/model: 上游服务标识
- status_code/error_message: 错误详情
- request_headers/response_body: 调试信息（可选）
- created_at: 错误发生时间

											
										
										
											2026-01-11 15:30:27 +08:00
+											respBody, _ := io.ReadAll(io.LimitReader(resp.Body, 2<<20))
 											_ = resp.Body.Close()
 											resp.Body = io.NopCloser(bytes.NewReader(respBody))
 											upstreamMsg := strings.TrimSpace(extractUpstreamErrorMessage(respBody))
 											upstreamMsg = sanitizeUpstreamErrorMessage(upstreamMsg)
 											upstreamDetail := ""
 											if s.cfg != nil && s.cfg.Gateway.LogUpstreamErrorBody {
 												maxBytes := s.cfg.Gateway.LogUpstreamErrorBodyMaxBytes
 												if maxBytes <= 0 {
 													maxBytes = 2048
 												}
 												upstreamDetail = truncateString(string(respBody), maxBytes)
 											}
 											appendOpsUpstreamError(c, OpsUpstreamErrorEvent{
 												Platform:           account.Platform,
 												AccountID:          account.ID,
-												feat: merge dev

											
										
										
											2026-01-15 15:14:44 +08:00
+												AccountName:        account.Name,
-												feat(ops): 实现上游错误事件记录与查询功能

**新增功能**:
- 新建ops_upstream_error_events表存储上游服务错误详情
- 支持记录上游429/529/5xx错误的详细上下文信息
- 提供按时间范围查询上游错误事件的API

**后端改动**:
1. 模型层（ops_models.go, ops_port.go）:
   - 新增UpstreamErrorEvent结构体
   - 扩展Repository接口支持上游错误事件CRUD

2. 仓储层（ops_repo.go）:
   - 实现InsertUpstreamErrorEvent写入上游错误
   - 实现GetUpstreamErrorEvents按时间范围查询

3. 服务层（ops_service.go, ops_upstream_context.go）:
   - ops_service: 新增GetUpstreamErrorEvents查询方法
   - ops_upstream_context: 封装上游错误上下文构建逻辑

4. Handler层（ops_error_logger.go）:
   - 新增GetUpstreamErrorsHandler处理上游错误查询请求

5. Gateway层集成:
   - antigravity_gateway_service.go: 429/529错误时记录上游事件
   - gateway_service.go: OpenAI 429/5xx错误时记录
   - gemini_messages_compat_service.go: Gemini 429/5xx错误时记录
   - openai_gateway_service.go: OpenAI 429/5xx错误时记录
   - ratelimit_service.go: 429限流错误时记录

**数据记录字段**:
- request_id: 关联ops_logs主记录
- platform/model: 上游服务标识
- status_code/error_message: 错误详情
- request_headers/response_body: 调试信息（可选）
- created_at: 错误发生时间

											
										
										
											2026-01-11 15:30:27 +08:00
+												UpstreamStatusCode: resp.StatusCode,
 												UpstreamRequestID:  resp.Header.Get("x-request-id"),
 												Kind:               "failover",
 												Message:            upstreamMsg,
 												Detail:             upstreamDetail,
 											})
-												feat: cc/codex support account retry

											
										
										
											2025-12-27 11:44:00 +08:00
+											s.handleFailoverSideEffects(ctx, resp, account)
 											return nil, &UpstreamFailoverError{StatusCode: resp.StatusCode}
 										}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										return s.handleErrorResponse(ctx, resp, c, account)
 									}
 									// Handle normal response
 									var usage *OpenAIUsage
 									var firstTokenMs *int
 									if reqStream {
 										streamResult, err := s.handleStreamingResponse(ctx, resp, c, account, startTime, originalModel, mappedModel)
 										if err != nil {
 											return nil, err
 										}
 										usage = streamResult.usage
 										firstTokenMs = streamResult.firstTokenMs
 									} else {
 										usage, err = s.handleNonStreamingResponse(ctx, resp, c, account, originalModel, mappedModel)
 										if err != nil {
 											return nil, err
 										}
 									}
-												feat: OpenAI OAuth账号显示Codex使用量

从响应头提取x-codex-*使用量信息并保存到账号Extra字段，
前端账号列表展示5h/7d窗口的使用进度条。

											
										
										
											2025-12-23 16:26:07 +08:00
+									// Extract and save Codex usage snapshot from response headers (for OAuth accounts)
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+									if account.Type == AccountTypeOAuth {
-												feat: OpenAI OAuth账号显示Codex使用量

从响应头提取x-codex-*使用量信息并保存到账号Extra字段，
前端账号列表展示5h/7d窗口的使用进度条。

											
										
										
											2025-12-23 16:26:07 +08:00
+										if snapshot := extractCodexUsageHeaders(resp.Header); snapshot != nil {
 											s.updateCodexUsageSnapshot(ctx, account.ID, snapshot)
 										}
 									}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									return &OpenAIForwardResult{
 										RequestID:    resp.Header.Get("x-request-id"),
 										Usage:        *usage,
 										Model:        originalModel,
 										Stream:       reqStream,
 										Duration:     time.Since(startTime),
 										FirstTokenMs: firstTokenMs,
 									}, nil
 								}
-												Align OAuth transform with OpenCode instructions

											
										
										
											2026-01-10 20:53:16 +08:00
+								func (s *OpenAIGatewayService) buildUpstreamRequest(ctx context.Context, c *gin.Context, account *Account, body []byte, token string, isStream bool, promptCacheKey string, isCodexCLI bool) (*http.Request, error) {
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									// Determine target URL based on account type
 									var targetURL string
-												fix: 修复golangci-lint检查问题

- 移除OpenAIGatewayHandler中未使用的userService字段
- 将账号类型判断的if-else链改为switch语句

											
										
										
											2025-12-23 10:25:32 +08:00
+									switch account.Type {
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+									case AccountTypeOAuth:
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										// OAuth accounts use ChatGPT internal API
 										targetURL = chatgptCodexURL
-												fix(lint): 修复所有 Go 命名规范问题

- 全局替换 ApiKey → APIKey（类型、字段、方法、变量）
- 修复所有 initialism 命名（API, SMTP, HTML, URL 等）
- 添加所有缺失的包注释
- 修复导出符号的注释格式

主要修改：
- ApiKey → APIKey（所有出现的地方）
- ApiKeyID → APIKeyID
- ApiKeyIDs → APIKeyIDs
- TestSmtpConnection → TestSMTPConnection
- HtmlURL → HTMLURL
- 添加 20+ 个包注释
- 修复 10+ 个导出符号注释格式

验证结果：
- ✓ golangci-lint: 0 issues
- ✓ 单元测试: 通过
- ✓ 集成测试: 通过

											
										
										
											2026-01-04 19:27:53 +08:00
+									case AccountTypeAPIKey:
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										// API Key accounts use Platform API or custom base URL
 										baseURL := account.GetOpenAIBaseURL()
-												feat(安全): 强化安全策略与配置校验

- 增加 CORS/CSP/安全响应头与代理信任配置

- 引入 URL 白名单与私网开关，校验上游与价格源

- 改善 API Key 处理与网关错误返回

- 管理端设置隐藏敏感字段并优化前端提示

- 增加计费熔断与相关配置示例

测试: go test ./...

											
										
										
											2026-01-02 17:40:57 +08:00
+										if baseURL == "" {
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+											targetURL = openaiPlatformAPIURL
-												feat(安全): 强化安全策略与配置校验

- 增加 CORS/CSP/安全响应头与代理信任配置

- 引入 URL 白名单与私网开关，校验上游与价格源

- 改善 API Key 处理与网关错误返回

- 管理端设置隐藏敏感字段并优化前端提示

- 增加计费熔断与相关配置示例

测试: go test ./...

											
										
										
											2026-01-02 17:40:57 +08:00
+										} else {
 											validatedURL, err := s.validateUpstreamBaseURL(baseURL)
 											if err != nil {
 												return nil, err
 											}
 											targetURL = validatedURL + "/responses"
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										}
-												fix: 修复golangci-lint检查问题

- 移除OpenAIGatewayHandler中未使用的userService字段
- 将账号类型判断的if-else链改为switch语句

											
										
										
											2025-12-23 10:25:32 +08:00
+									default:
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										targetURL = openaiPlatformAPIURL
 									}
 									req, err := http.NewRequestWithContext(ctx, "POST", targetURL, bytes.NewReader(body))
 									if err != nil {
 										return nil, err
 									}
 									// Set authentication header
 									req.Header.Set("authorization", "Bearer "+token)
 									// Set headers specific to OAuth accounts (ChatGPT internal API)
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+									if account.Type == AccountTypeOAuth {
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										// Required: set Host for ChatGPT API (must use req.Host, not Header.Set)
 										req.Host = "chatgpt.com"
 										// Required: set chatgpt-account-id header
 										chatgptAccountID := account.GetChatGPTAccountID()
 										if chatgptAccountID != "" {
 											req.Header.Set("chatgpt-account-id", chatgptAccountID)
 										}
 									}
 									// Whitelist passthrough headers
 									for key, values := range c.Request.Header {
 										lowerKey := strings.ToLower(key)
 										if openaiAllowedHeaders[lowerKey] {
 											for _, v := range values {
 												req.Header.Add(key, v)
 											}
 										}
 									}
-												Fix Codex OAuth tool mapping

											
										
										
											2026-01-09 18:35:58 +08:00
+									if account.Type == AccountTypeOAuth {
 										req.Header.Set("OpenAI-Beta", "responses=experimental")
-												Align OAuth transform with OpenCode instructions

											
										
										
											2026-01-10 20:53:16 +08:00
+										if isCodexCLI {
 											req.Header.Set("originator", "codex_cli_rs")
 										} else {
 											req.Header.Set("originator", "opencode")
 										}
-												Fix Codex OAuth tool mapping

											
										
										
											2026-01-09 18:35:58 +08:00
+										req.Header.Set("accept", "text/event-stream")
 										if promptCacheKey != "" {
 											req.Header.Set("conversation_id", promptCacheKey)
 											req.Header.Set("session_id", promptCacheKey)
 										}
 									}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
 									// Apply custom User-Agent if configured
 									customUA := account.GetOpenAIUserAgent()
 									if customUA != "" {
 										req.Header.Set("user-agent", customUA)
 									}
 									// Ensure required headers exist
 									if req.Header.Get("content-type") == "" {
 										req.Header.Set("content-type", "application/json")
 									}
 									return req, nil
 								}
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+								func (s *OpenAIGatewayService) handleErrorResponse(ctx context.Context, resp *http.Response, c *gin.Context, account *Account) (*OpenAIForwardResult, error) {
-												feat(ops): 添加QPS脉搏线图并优化指标布局

- 添加实时QPS/TPS历史数据追踪（最近60个数据点）
- 在平均QPS/TPS上方添加SVG脉搏线图（sparkline）
- 将延迟和TTFT卡片的指标布局从2列改为3列
- 恢复Max指标显示（P95/P90/P50/Avg/Max）

											
										
										
											2026-01-11 11:49:34 +08:00
+									body, _ := io.ReadAll(io.LimitReader(resp.Body, 2<<20))
 									upstreamMsg := strings.TrimSpace(extractUpstreamErrorMessage(body))
 									upstreamMsg = sanitizeUpstreamErrorMessage(upstreamMsg)
 									upstreamDetail := ""
 									if s.cfg != nil && s.cfg.Gateway.LogUpstreamErrorBody {
 										maxBytes := s.cfg.Gateway.LogUpstreamErrorBodyMaxBytes
 										if maxBytes <= 0 {
 											maxBytes = 2048
 										}
 										upstreamDetail = truncateString(string(body), maxBytes)
 									}
 									setOpsUpstreamError(c, resp.StatusCode, upstreamMsg, upstreamDetail)
 									if s.cfg != nil && s.cfg.Gateway.LogUpstreamErrorBody {
 										log.Printf(
 											"OpenAI upstream error %d (account=%d platform=%s type=%s): %s",
 											resp.StatusCode,
 											account.ID,
 											account.Platform,
 											account.Type,
 											truncateForLog(body, s.cfg.Gateway.LogUpstreamErrorBodyMaxBytes),
 										)
 									}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
 									// Check custom error codes
 									if !account.ShouldHandleErrorCode(resp.StatusCode) {
-												feat(ops): 实现上游错误事件记录与查询功能

**新增功能**:
- 新建ops_upstream_error_events表存储上游服务错误详情
- 支持记录上游429/529/5xx错误的详细上下文信息
- 提供按时间范围查询上游错误事件的API

**后端改动**:
1. 模型层（ops_models.go, ops_port.go）:
   - 新增UpstreamErrorEvent结构体
   - 扩展Repository接口支持上游错误事件CRUD

2. 仓储层（ops_repo.go）:
   - 实现InsertUpstreamErrorEvent写入上游错误
   - 实现GetUpstreamErrorEvents按时间范围查询

3. 服务层（ops_service.go, ops_upstream_context.go）:
   - ops_service: 新增GetUpstreamErrorEvents查询方法
   - ops_upstream_context: 封装上游错误上下文构建逻辑

4. Handler层（ops_error_logger.go）:
   - 新增GetUpstreamErrorsHandler处理上游错误查询请求

5. Gateway层集成:
   - antigravity_gateway_service.go: 429/529错误时记录上游事件
   - gateway_service.go: OpenAI 429/5xx错误时记录
   - gemini_messages_compat_service.go: Gemini 429/5xx错误时记录
   - openai_gateway_service.go: OpenAI 429/5xx错误时记录
   - ratelimit_service.go: 429限流错误时记录

**数据记录字段**:
- request_id: 关联ops_logs主记录
- platform/model: 上游服务标识
- status_code/error_message: 错误详情
- request_headers/response_body: 调试信息（可选）
- created_at: 错误发生时间

											
										
										
											2026-01-11 15:30:27 +08:00
+										appendOpsUpstreamError(c, OpsUpstreamErrorEvent{
 											Platform:           account.Platform,
 											AccountID:          account.ID,
-												feat: merge dev

											
										
										
											2026-01-15 15:14:44 +08:00
+											AccountName:        account.Name,
-												feat(ops): 实现上游错误事件记录与查询功能

**新增功能**:
- 新建ops_upstream_error_events表存储上游服务错误详情
- 支持记录上游429/529/5xx错误的详细上下文信息
- 提供按时间范围查询上游错误事件的API

**后端改动**:
1. 模型层（ops_models.go, ops_port.go）:
   - 新增UpstreamErrorEvent结构体
   - 扩展Repository接口支持上游错误事件CRUD

2. 仓储层（ops_repo.go）:
   - 实现InsertUpstreamErrorEvent写入上游错误
   - 实现GetUpstreamErrorEvents按时间范围查询

3. 服务层（ops_service.go, ops_upstream_context.go）:
   - ops_service: 新增GetUpstreamErrorEvents查询方法
   - ops_upstream_context: 封装上游错误上下文构建逻辑

4. Handler层（ops_error_logger.go）:
   - 新增GetUpstreamErrorsHandler处理上游错误查询请求

5. Gateway层集成:
   - antigravity_gateway_service.go: 429/529错误时记录上游事件
   - gateway_service.go: OpenAI 429/5xx错误时记录
   - gemini_messages_compat_service.go: Gemini 429/5xx错误时记录
   - openai_gateway_service.go: OpenAI 429/5xx错误时记录
   - ratelimit_service.go: 429限流错误时记录

**数据记录字段**:
- request_id: 关联ops_logs主记录
- platform/model: 上游服务标识
- status_code/error_message: 错误详情
- request_headers/response_body: 调试信息（可选）
- created_at: 错误发生时间

											
										
										
											2026-01-11 15:30:27 +08:00
+											UpstreamStatusCode: resp.StatusCode,
 											UpstreamRequestID:  resp.Header.Get("x-request-id"),
 											Kind:               "http_error",
 											Message:            upstreamMsg,
 											Detail:             upstreamDetail,
 										})
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										c.JSON(http.StatusInternalServerError, gin.H{
 											"error": gin.H{
 												"type":    "upstream_error",
 												"message": "Upstream gateway error",
 											},
 										})
-												feat(ops): 添加QPS脉搏线图并优化指标布局

- 添加实时QPS/TPS历史数据追踪（最近60个数据点）
- 在平均QPS/TPS上方添加SVG脉搏线图（sparkline）
- 将延迟和TTFT卡片的指标布局从2列改为3列
- 恢复Max指标显示（P95/P90/P50/Avg/Max）

											
										
										
											2026-01-11 11:49:34 +08:00
+										if upstreamMsg == "" {
 											return nil, fmt.Errorf("upstream error: %d (not in custom error codes)", resp.StatusCode)
 										}
 										return nil, fmt.Errorf("upstream error: %d (not in custom error codes) message=%s", resp.StatusCode, upstreamMsg)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									}
 									// Handle upstream error (mark account status)
-												chore: 更新依赖、配置和代码生成

主要更新：
- 更新 go.mod/go.sum 依赖
- 重新生成 Ent ORM 代码
- 更新 Wire 依赖注入配置
- 添加 docker-compose.override.yml 到 .gitignore
- 更新 README 文档（Simple Mode 说明和已知问题）
- 清理调试日志
- 其他代码优化和格式修复

											
										
										
											2026-01-03 06:37:08 -08:00
+									shouldDisable := false
 									if s.rateLimitService != nil {
 										shouldDisable = s.rateLimitService.HandleUpstreamError(ctx, account, resp.StatusCode, resp.Header, body)
 									}
-												feat(ops): 实现上游错误事件记录与查询功能

**新增功能**:
- 新建ops_upstream_error_events表存储上游服务错误详情
- 支持记录上游429/529/5xx错误的详细上下文信息
- 提供按时间范围查询上游错误事件的API

**后端改动**:
1. 模型层（ops_models.go, ops_port.go）:
   - 新增UpstreamErrorEvent结构体
   - 扩展Repository接口支持上游错误事件CRUD

2. 仓储层（ops_repo.go）:
   - 实现InsertUpstreamErrorEvent写入上游错误
   - 实现GetUpstreamErrorEvents按时间范围查询

3. 服务层（ops_service.go, ops_upstream_context.go）:
   - ops_service: 新增GetUpstreamErrorEvents查询方法
   - ops_upstream_context: 封装上游错误上下文构建逻辑

4. Handler层（ops_error_logger.go）:
   - 新增GetUpstreamErrorsHandler处理上游错误查询请求

5. Gateway层集成:
   - antigravity_gateway_service.go: 429/529错误时记录上游事件
   - gateway_service.go: OpenAI 429/5xx错误时记录
   - gemini_messages_compat_service.go: Gemini 429/5xx错误时记录
   - openai_gateway_service.go: OpenAI 429/5xx错误时记录
   - ratelimit_service.go: 429限流错误时记录

**数据记录字段**:
- request_id: 关联ops_logs主记录
- platform/model: 上游服务标识
- status_code/error_message: 错误详情
- request_headers/response_body: 调试信息（可选）
- created_at: 错误发生时间

											
										
										
											2026-01-11 15:30:27 +08:00
+									kind := "http_error"
 									if shouldDisable {
 										kind = "failover"
 									}
 									appendOpsUpstreamError(c, OpsUpstreamErrorEvent{
 										Platform:           account.Platform,
 										AccountID:          account.ID,
-												feat: merge dev

											
										
										
											2026-01-15 15:14:44 +08:00
+										AccountName:        account.Name,
-												feat(ops): 实现上游错误事件记录与查询功能

**新增功能**:
- 新建ops_upstream_error_events表存储上游服务错误详情
- 支持记录上游429/529/5xx错误的详细上下文信息
- 提供按时间范围查询上游错误事件的API

**后端改动**:
1. 模型层（ops_models.go, ops_port.go）:
   - 新增UpstreamErrorEvent结构体
   - 扩展Repository接口支持上游错误事件CRUD

2. 仓储层（ops_repo.go）:
   - 实现InsertUpstreamErrorEvent写入上游错误
   - 实现GetUpstreamErrorEvents按时间范围查询

3. 服务层（ops_service.go, ops_upstream_context.go）:
   - ops_service: 新增GetUpstreamErrorEvents查询方法
   - ops_upstream_context: 封装上游错误上下文构建逻辑

4. Handler层（ops_error_logger.go）:
   - 新增GetUpstreamErrorsHandler处理上游错误查询请求

5. Gateway层集成:
   - antigravity_gateway_service.go: 429/529错误时记录上游事件
   - gateway_service.go: OpenAI 429/5xx错误时记录
   - gemini_messages_compat_service.go: Gemini 429/5xx错误时记录
   - openai_gateway_service.go: OpenAI 429/5xx错误时记录
   - ratelimit_service.go: 429限流错误时记录

**数据记录字段**:
- request_id: 关联ops_logs主记录
- platform/model: 上游服务标识
- status_code/error_message: 错误详情
- request_headers/response_body: 调试信息（可选）
- created_at: 错误发生时间

											
										
										
											2026-01-11 15:30:27 +08:00
+										UpstreamStatusCode: resp.StatusCode,
 										UpstreamRequestID:  resp.Header.Get("x-request-id"),
 										Kind:               kind,
 										Message:            upstreamMsg,
 										Detail:             upstreamDetail,
 									})
-												chore: 更新依赖、配置和代码生成

主要更新：
- 更新 go.mod/go.sum 依赖
- 重新生成 Ent ORM 代码
- 更新 Wire 依赖注入配置
- 添加 docker-compose.override.yml 到 .gitignore
- 更新 README 文档（Simple Mode 说明和已知问题）
- 清理调试日志
- 其他代码优化和格式修复

											
										
										
											2026-01-03 06:37:08 -08:00
+									if shouldDisable {
 										return nil, &UpstreamFailoverError{StatusCode: resp.StatusCode}
 									}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
 									// Return appropriate error response
 									var errType, errMsg string
 									var statusCode int
 									switch resp.StatusCode {
 									case 401:
 										statusCode = http.StatusBadGateway
 										errType = "upstream_error"
 										errMsg = "Upstream authentication failed, please contact administrator"
-												feat: 修复 OpenAI 402 报错自动切换问题

											
										
										
											2025-12-31 11:46:53 +08:00
+									case 402:
 										statusCode = http.StatusBadGateway
 										errType = "upstream_error"
 										errMsg = "Upstream payment required: insufficient balance or billing issue"
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									case 403:
 										statusCode = http.StatusBadGateway
 										errType = "upstream_error"
 										errMsg = "Upstream access forbidden, please contact administrator"
 									case 429:
 										statusCode = http.StatusTooManyRequests
 										errType = "rate_limit_error"
 										errMsg = "Upstream rate limit exceeded, please retry later"
 									default:
 										statusCode = http.StatusBadGateway
 										errType = "upstream_error"
 										errMsg = "Upstream request failed"
 									}
 									c.JSON(statusCode, gin.H{
 										"error": gin.H{
 											"type":    errType,
 											"message": errMsg,
 										},
 									})
-												feat(ops): 添加QPS脉搏线图并优化指标布局

- 添加实时QPS/TPS历史数据追踪（最近60个数据点）
- 在平均QPS/TPS上方添加SVG脉搏线图（sparkline）
- 将延迟和TTFT卡片的指标布局从2列改为3列
- 恢复Max指标显示（P95/P90/P50/Avg/Max）

											
										
										
											2026-01-11 11:49:34 +08:00
+									if upstreamMsg == "" {
 										return nil, fmt.Errorf("upstream error: %d", resp.StatusCode)
 									}
 									return nil, fmt.Errorf("upstream error: %d message=%s", resp.StatusCode, upstreamMsg)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+								}
 								// openaiStreamingResult streaming response result
 								type openaiStreamingResult struct {
 									usage        *OpenAIUsage
 									firstTokenMs *int
 								}
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+								func (s *OpenAIGatewayService) handleStreamingResponse(ctx context.Context, resp *http.Response, c *gin.Context, account *Account, startTime time.Time, originalModel, mappedModel string) (*openaiStreamingResult, error) {
-												feat(安全): 添加安全开关并完善测试流程

实现安全开关默认关闭与响应头透传逻辑
- URL 校验与响应头过滤支持开关并覆盖流式路径
- 非流式 Content-Type 透传/默认值按配置生效
- 接入 go test、golangci-lint 与前端 lint/typecheck
- 补充相关测试与配置/文档说明

											
										
										
											2026-01-05 13:54:43 +08:00
+									if s.cfg != nil {
 										responseheaders.WriteFilteredHeaders(c.Writer.Header(), resp.Header, s.cfg.Security.ResponseHeaders)
 									}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									// Set SSE response headers
 									c.Header("Content-Type", "text/event-stream")
 									c.Header("Cache-Control", "no-cache")
 									c.Header("Connection", "keep-alive")
 									c.Header("X-Accel-Buffering", "no")
 									// Pass through other headers
 									if v := resp.Header.Get("x-request-id"); v != "" {
 										c.Header("x-request-id", v)
 									}
 									w := c.Writer
 									flusher, ok := w.(http.Flusher)
 									if !ok {
 										return nil, errors.New("streaming not supported")
 									}
 									usage := &OpenAIUsage{}
 									var firstTokenMs *int
 									scanner := bufio.NewScanner(resp.Body)
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+									maxLineSize := defaultMaxLineSize
 									if s.cfg != nil && s.cfg.Gateway.MaxLineSize > 0 {
 										maxLineSize = s.cfg.Gateway.MaxLineSize
 									}
 									scanner.Buffer(make([]byte, 64*1024), maxLineSize)
 									type scanEvent struct {
 										line string
 										err  error
 									}
 									// 独立 goroutine 读取上游，避免读取阻塞影响 keepalive/超时处理
-												fix(流式): 以上游读取判定超时并调大事件缓冲

- 以读取时间戳判定流式间隔超时，避免下游阻塞误判
- antigravity 流式读取使用 MaxLineSize 配置
- 事件通道缓冲提升到 16

测试: go test ./...

											
										
										
											2026-01-04 20:19:07 +08:00
+									events := make(chan scanEvent, 16)
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+									done := make(chan struct{})
 									sendEvent := func(ev scanEvent) bool {
 										select {
 										case events <- ev:
 											return true
 										case <-done:
 											return false
 										}
 									}
-												fix(流式): 以上游读取判定超时并调大事件缓冲

- 以读取时间戳判定流式间隔超时，避免下游阻塞误判
- antigravity 流式读取使用 MaxLineSize 配置
- 事件通道缓冲提升到 16

测试: go test ./...

											
										
										
											2026-01-04 20:19:07 +08:00
+									var lastReadAt int64
 									atomic.StoreInt64(&lastReadAt, time.Now().UnixNano())
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+									go func() {
 										defer close(events)
 										for scanner.Scan() {
-												fix(流式): 以上游读取判定超时并调大事件缓冲

- 以读取时间戳判定流式间隔超时，避免下游阻塞误判
- antigravity 流式读取使用 MaxLineSize 配置
- 事件通道缓冲提升到 16

测试: go test ./...

											
										
										
											2026-01-04 20:19:07 +08:00
+											atomic.StoreInt64(&lastReadAt, time.Now().UnixNano())
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+											if !sendEvent(scanEvent{line: scanner.Text()}) {
 												return
 											}
 										}
 										if err := scanner.Err(); err != nil {
 											_ = sendEvent(scanEvent{err: err})
 										}
 									}()
 									defer close(done)
 									streamInterval := time.Duration(0)
 									if s.cfg != nil && s.cfg.Gateway.StreamDataIntervalTimeout > 0 {
 										streamInterval = time.Duration(s.cfg.Gateway.StreamDataIntervalTimeout) * time.Second
 									}
-												fix(流式): 以上游读取判定超时并调大事件缓冲

- 以读取时间戳判定流式间隔超时，避免下游阻塞误判
- antigravity 流式读取使用 MaxLineSize 配置
- 事件通道缓冲提升到 16

测试: go test ./...

											
										
										
											2026-01-04 20:19:07 +08:00
+									// 仅监控上游数据间隔超时，不被下游写入阻塞影响
 									var intervalTicker *time.Ticker
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+									if streamInterval > 0 {
-												fix(流式): 以上游读取判定超时并调大事件缓冲

- 以读取时间戳判定流式间隔超时，避免下游阻塞误判
- antigravity 流式读取使用 MaxLineSize 配置
- 事件通道缓冲提升到 16

测试: go test ./...

											
										
										
											2026-01-04 20:19:07 +08:00
+										intervalTicker = time.NewTicker(streamInterval)
 										defer intervalTicker.Stop()
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+									}
 									var intervalCh <-chan time.Time
-												fix(流式): 以上游读取判定超时并调大事件缓冲

- 以读取时间戳判定流式间隔超时，避免下游阻塞误判
- antigravity 流式读取使用 MaxLineSize 配置
- 事件通道缓冲提升到 16

测试: go test ./...

											
										
										
											2026-01-04 20:19:07 +08:00
+									if intervalTicker != nil {
 										intervalCh = intervalTicker.C
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+									}
 									keepaliveInterval := time.Duration(0)
 									if s.cfg != nil && s.cfg.Gateway.StreamKeepaliveInterval > 0 {
 										keepaliveInterval = time.Duration(s.cfg.Gateway.StreamKeepaliveInterval) * time.Second
 									}
 									// 下游 keepalive 仅用于防止代理空闲断开
 									var keepaliveTicker *time.Ticker
 									if keepaliveInterval > 0 {
 										keepaliveTicker = time.NewTicker(keepaliveInterval)
 										defer keepaliveTicker.Stop()
 									}
 									var keepaliveCh <-chan time.Time
 									if keepaliveTicker != nil {
 										keepaliveCh = keepaliveTicker.C
 									}
 									// 记录上次收到上游数据的时间，用于控制 keepalive 发送频率
 									lastDataAt := time.Now()
 									// 仅发送一次错误事件，避免多次写入导致协议混乱（写失败时尽力通知客户端）
 									errorEventSent := false
 									sendErrorEvent := func(reason string) {
 										if errorEventSent {
 											return
 										}
 										errorEventSent = true
 										_, _ = fmt.Fprintf(w, "event: error\ndata: {\"error\":\"%s\"}\n\n", reason)
 										flusher.Flush()
 									}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
 									needModelReplace := originalModel != mappedModel
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+									for {
 										select {
 										case ev, ok := <-events:
 											if !ok {
 												return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, nil
 											}
 											if ev.err != nil {
 												if errors.Is(ev.err, bufio.ErrTooLong) {
 													log.Printf("SSE line too long: account=%d max_size=%d error=%v", account.ID, maxLineSize, ev.err)
 													sendErrorEvent("response_too_large")
 													return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, ev.err
 												}
 												sendErrorEvent("stream_read_error")
 												return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, fmt.Errorf("stream read error: %w", ev.err)
 											}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+											line := ev.line
 											lastDataAt = time.Now()
-												fix(sse): 修复非标准 SSE 格式解析问题

部分上游 API 返回的 SSE 格式不符合标准规范：
- 标准格式: `data: {...}`（冒号后有空格）
- 非标准格式: `data:{...}`（冒号后无空格）

使用预编译正则 `^data:\s*` 统一处理两种格式。

											
										
										
											2025-12-26 03:49:55 -08:00
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+											// Extract data from SSE line (supports both "data: " and "data:" formats)
 											if openaiSSEDataRe.MatchString(line) {
 												data := openaiSSEDataRe.ReplaceAllString(line, "")
 												// Replace model in response if needed
 												if needModelReplace {
 													line = s.replaceModelInSSELine(line, mappedModel, originalModel)
 												}
-												feat(openai): 添加Codex工具调用自动修正功能

实现了完整的Codex工具调用拦截和自动修正系统，解决OpenCode使用Codex模型时的工具调用兼容性问题。

**核心功能:**

1. **工具名称自动映射**
   - apply_patch/applyPatch → edit
   - update_plan/updatePlan → todowrite
   - read_plan/readPlan → todoread
   - search_files/searchFiles → grep
   - list_files/listFiles → glob
   - read_file/readFile → read
   - write_file/writeFile → write
   - execute_bash/executeBash/exec_bash/execBash → bash

2. **工具参数自动修正**
   - bash: 自动移除不支持的 workdir/work_dir 参数
   - edit: 自动将 path 参数重命名为 file_path
   - 支持 JSON 字符串和对象两种参数格式

3. **流式响应集成**
   - 在 SSE 数据流中实时修正工具调用
   - 支持多种 JSON 结构（tool_calls, function_call, delta, choices等）
   - 不影响响应性能和用户体验

4. **统计和监控**
   - 记录每次工具修正的详细信息
   - 提供修正统计数据查询
   - 便于问题排查和性能优化

**实现文件:**
- `openai_tool_corrector.go`: 工具修正核心逻辑（250行）
- `openai_tool_corrector_test.go`: 完整的单元测试（380+行）
- `openai_gateway_service.go`: 流式响应集成
- `openai_gateway_service_tool_correction_test.go`: 集成测试

**测试覆盖:**
- 工具名称映射测试（18个映射规则）
- 参数修正测试（bash workdir、edit path等）
- SSE数据修正测试（多种JSON结构）
- 统计功能测试
- 所有测试通过 ✅

**解决的问题:**
修复了 OpenCode 使用 sub2api 中转 Codex 时，因工具名称和参数不兼容导致的工具调用失败问题。
Codex 模型有时会忽略指令文件中的工具映射说明，导致调用不存在的工具（如 apply_patch）。
现在通过流式响应拦截，自动将错误的工具调用修正为 OpenCode 兼容的格式。

**参考文档:**
- OpenCode 工具规范: https://opencode.ai/docs/
- Codex Bridge 指令: backend/internal/service/prompts/codex_opencode_bridge.txt

											
										
										
											2026-01-15 23:52:50 +08:00
+												// Correct Codex tool calls if needed (apply_patch -> edit, etc.)
 												if correctedData, corrected := s.toolCorrector.CorrectToolCallsInSSEData(data); corrected {
 													line = "data: " + correctedData
 												}
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+												// Forward line
 												if _, err := fmt.Fprintf(w, "%s\n", line); err != nil {
 													sendErrorEvent("write_failed")
 													return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, err
 												}
 												flusher.Flush()
 												// Record first token time
 												if firstTokenMs == nil && data != "" && data != "[DONE]" {
 													ms := int(time.Since(startTime).Milliseconds())
 													firstTokenMs = &ms
 												}
 												s.parseSSEUsage(data, usage)
 											} else {
 												// Forward non-data lines as-is
 												if _, err := fmt.Fprintf(w, "%s\n", line); err != nil {
 													sendErrorEvent("write_failed")
 													return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, err
 												}
 												flusher.Flush()
-												fix(sse): 修复非标准 SSE 格式解析问题

部分上游 API 返回的 SSE 格式不符合标准规范：
- 标准格式: `data: {...}`（冒号后有空格）
- 非标准格式: `data:{...}`（冒号后无空格）

使用预编译正则 `^data:\s*` 统一处理两种格式。

											
										
										
											2025-12-26 03:49:55 -08:00
+											}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+										case <-intervalCh:
-												fix(流式): 以上游读取判定超时并调大事件缓冲

- 以读取时间戳判定流式间隔超时，避免下游阻塞误判
- antigravity 流式读取使用 MaxLineSize 配置
- 事件通道缓冲提升到 16

测试: go test ./...

											
										
										
											2026-01-04 20:19:07 +08:00
+											lastRead := time.Unix(0, atomic.LoadInt64(&lastReadAt))
 											if time.Since(lastRead) < streamInterval {
 												continue
 											}
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+											log.Printf("Stream data interval timeout: account=%d model=%s interval=%s", account.ID, originalModel, streamInterval)
-												feat(gateway): 添加流超时处理机制

- 添加 StreamTimeoutSettings 配置结构体和系统设置
- 实现 TimeoutCounterCache Redis 计数器用于累计超时次数
- 在 RateLimitService 添加 HandleStreamTimeout 方法
- 在 gateway_service、openai_gateway_service、antigravity_gateway_service 中调用超时处理
- 添加后端 API 端点 GET/PUT /admin/settings/stream-timeout
- 添加前端配置界面到系统设置页面
- 支持配置：启用开关、超时阈值、处理方式、暂停时长、触发阈值、阈值窗口

默认配置：
- 启用：true
- 超时阈值：60秒
- 处理方式：临时不可调度
- 暂停时长：5分钟
- 触发阈值：3次
- 阈值窗口：10分钟

											
										
										
											2026-01-11 21:54:52 -08:00
+											// 处理流超时，可能标记账户为临时不可调度或错误状态
 											if s.rateLimitService != nil {
 												s.rateLimitService.HandleStreamTimeout(ctx, account, originalModel)
 											}
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+											sendErrorEvent("stream_timeout")
 											return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, fmt.Errorf("stream data interval timeout")
 										case <-keepaliveCh:
 											if time.Since(lastDataAt) < keepaliveInterval {
 												continue
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+											}
-												fix(流式): 提升SSE稳定性并统一超时配置

- 扩展SSE行长与间隔超时处理，补充keepalive

- 写入失败与超长行时发送错误事件，修复并发释放

- 同步默认配置与示例配置，更新Caddy超时/压缩规则

- 新增OpenAI流式超时与超长行测试

测试: go test ./...

											
										
										
											2026-01-04 19:49:59 +08:00
+											if _, err := fmt.Fprint(w, ":\n\n"); err != nil {
-												fix(sse): 修复非标准 SSE 格式解析问题

部分上游 API 返回的 SSE 格式不符合标准规范：
- 标准格式: `data: {...}`（冒号后有空格）
- 非标准格式: `data:{...}`（冒号后无空格）

使用预编译正则 `^data:\s*` 统一处理两种格式。

											
										
										
											2025-12-26 03:49:55 -08:00
+												return &openaiStreamingResult{usage: usage, firstTokenMs: firstTokenMs}, err
 											}
 											flusher.Flush()
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										}
 									}
 								}
 								func (s *OpenAIGatewayService) replaceModelInSSELine(line, fromModel, toModel string) string {
-												fix(sse): 修复非标准 SSE 格式解析问题

部分上游 API 返回的 SSE 格式不符合标准规范：
- 标准格式: `data: {...}`（冒号后有空格）
- 非标准格式: `data:{...}`（冒号后无空格）

使用预编译正则 `^data:\s*` 统一处理两种格式。

											
										
										
											2025-12-26 03:49:55 -08:00
+									if !openaiSSEDataRe.MatchString(line) {
 										return line
 									}
 									data := openaiSSEDataRe.ReplaceAllString(line, "")
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									if data == "" || data == "[DONE]" {
 										return line
 									}
 									var event map[string]any
 									if err := json.Unmarshal([]byte(data), &event); err != nil {
 										return line
 									}
 									// Replace model in response
 									if m, ok := event["model"].(string); ok && m == fromModel {
 										event["model"] = toModel
 										newData, err := json.Marshal(event)
 										if err != nil {
 											return line
 										}
 										return "data: " + string(newData)
 									}
 									// Check nested response
 									if response, ok := event["response"].(map[string]any); ok {
 										if m, ok := response["model"].(string); ok && m == fromModel {
 											response["model"] = toModel
 											newData, err := json.Marshal(event)
 											if err != nil {
 												return line
 											}
 											return "data: " + string(newData)
 										}
 									}
 									return line
 								}
-												feat(openai): 添加Codex工具调用自动修正功能

实现了完整的Codex工具调用拦截和自动修正系统，解决OpenCode使用Codex模型时的工具调用兼容性问题。

**核心功能:**

1. **工具名称自动映射**
   - apply_patch/applyPatch → edit
   - update_plan/updatePlan → todowrite
   - read_plan/readPlan → todoread
   - search_files/searchFiles → grep
   - list_files/listFiles → glob
   - read_file/readFile → read
   - write_file/writeFile → write
   - execute_bash/executeBash/exec_bash/execBash → bash

2. **工具参数自动修正**
   - bash: 自动移除不支持的 workdir/work_dir 参数
   - edit: 自动将 path 参数重命名为 file_path
   - 支持 JSON 字符串和对象两种参数格式

3. **流式响应集成**
   - 在 SSE 数据流中实时修正工具调用
   - 支持多种 JSON 结构（tool_calls, function_call, delta, choices等）
   - 不影响响应性能和用户体验

4. **统计和监控**
   - 记录每次工具修正的详细信息
   - 提供修正统计数据查询
   - 便于问题排查和性能优化

**实现文件:**
- `openai_tool_corrector.go`: 工具修正核心逻辑（250行）
- `openai_tool_corrector_test.go`: 完整的单元测试（380+行）
- `openai_gateway_service.go`: 流式响应集成
- `openai_gateway_service_tool_correction_test.go`: 集成测试

**测试覆盖:**
- 工具名称映射测试（18个映射规则）
- 参数修正测试（bash workdir、edit path等）
- SSE数据修正测试（多种JSON结构）
- 统计功能测试
- 所有测试通过 ✅

**解决的问题:**
修复了 OpenCode 使用 sub2api 中转 Codex 时，因工具名称和参数不兼容导致的工具调用失败问题。
Codex 模型有时会忽略指令文件中的工具映射说明，导致调用不存在的工具（如 apply_patch）。
现在通过流式响应拦截，自动将错误的工具调用修正为 OpenCode 兼容的格式。

**参考文档:**
- OpenCode 工具规范: https://opencode.ai/docs/
- Codex Bridge 指令: backend/internal/service/prompts/codex_opencode_bridge.txt

											
										
										
											2026-01-15 23:52:50 +08:00
+								// correctToolCallsInResponseBody 修正响应体中的工具调用
 								func (s *OpenAIGatewayService) correctToolCallsInResponseBody(body []byte) []byte {
 									if len(body) == 0 {
 										return body
 									}
 									bodyStr := string(body)
 									corrected, changed := s.toolCorrector.CorrectToolCallsInSSEData(bodyStr)
 									if changed {
 										return []byte(corrected)
 									}
 									return body
 								}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+								func (s *OpenAIGatewayService) parseSSEUsage(data string, usage *OpenAIUsage) {
 									// Parse response.completed event for usage (OpenAI Responses format)
 									var event struct {
 										Type     string `json:"type"`
 										Response struct {
 											Usage struct {
 												InputTokens       int `json:"input_tokens"`
 												OutputTokens      int `json:"output_tokens"`
 												InputTokenDetails struct {
 													CachedTokens int `json:"cached_tokens"`
 												} `json:"input_tokens_details"`
 											} `json:"usage"`
 										} `json:"response"`
 									}
 									if json.Unmarshal([]byte(data), &event) == nil && event.Type == "response.completed" {
 										usage.InputTokens = event.Response.Usage.InputTokens
 										usage.OutputTokens = event.Response.Usage.OutputTokens
 										usage.CacheReadInputTokens = event.Response.Usage.InputTokenDetails.CachedTokens
 									}
 								}
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+								func (s *OpenAIGatewayService) handleNonStreamingResponse(ctx context.Context, resp *http.Response, c *gin.Context, account *Account, originalModel, mappedModel string) (*OpenAIUsage, error) {
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									body, err := io.ReadAll(resp.Body)
 									if err != nil {
 										return nil, err
 									}
-												Fix Codex OAuth tool mapping

											
										
										
											2026-01-09 18:35:58 +08:00
+									if account.Type == AccountTypeOAuth {
 										bodyLooksLikeSSE := bytes.Contains(body, []byte("data:")) || bytes.Contains(body, []byte("event:"))
 										if isEventStreamResponse(resp.Header) || bodyLooksLikeSSE {
 											return s.handleOAuthSSEToJSON(resp, c, body, originalModel, mappedModel)
 										}
 									}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									// Parse usage
 									var response struct {
 										Usage struct {
 											InputTokens       int `json:"input_tokens"`
 											OutputTokens      int `json:"output_tokens"`
 											InputTokenDetails struct {
 												CachedTokens int `json:"cached_tokens"`
 											} `json:"input_tokens_details"`
 										} `json:"usage"`
 									}
 									if err := json.Unmarshal(body, &response); err != nil {
 										return nil, fmt.Errorf("parse response: %w", err)
 									}
 									usage := &OpenAIUsage{
 										InputTokens:          response.Usage.InputTokens,
 										OutputTokens:         response.Usage.OutputTokens,
 										CacheReadInputTokens: response.Usage.InputTokenDetails.CachedTokens,
 									}
 									// Replace model in response if needed
 									if originalModel != mappedModel {
 										body = s.replaceModelInResponseBody(body, mappedModel, originalModel)
 									}
-												feat(安全): 强化安全策略与配置校验

- 增加 CORS/CSP/安全响应头与代理信任配置

- 引入 URL 白名单与私网开关，校验上游与价格源

- 改善 API Key 处理与网关错误返回

- 管理端设置隐藏敏感字段并优化前端提示

- 增加计费熔断与相关配置示例

测试: go test ./...

											
										
										
											2026-01-02 17:40:57 +08:00
+									responseheaders.WriteFilteredHeaders(c.Writer.Header(), resp.Header, s.cfg.Security.ResponseHeaders)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
-												feat(安全): 添加安全开关并完善测试流程

实现安全开关默认关闭与响应头透传逻辑
- URL 校验与响应头过滤支持开关并覆盖流式路径
- 非流式 Content-Type 透传/默认值按配置生效
- 接入 go test、golangci-lint 与前端 lint/typecheck
- 补充相关测试与配置/文档说明

											
										
										
											2026-01-05 13:54:43 +08:00
+									contentType := "application/json"
 									if s.cfg != nil && !s.cfg.Security.ResponseHeaders.Enabled {
 										if upstreamType := resp.Header.Get("Content-Type"); upstreamType != "" {
 											contentType = upstreamType
 										}
 									}
 									c.Data(resp.StatusCode, contentType, body)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
 									return usage, nil
 								}
-												Fix Codex OAuth tool mapping

											
										
										
											2026-01-09 18:35:58 +08:00
+								func isEventStreamResponse(header http.Header) bool {
 									contentType := strings.ToLower(header.Get("Content-Type"))
 									return strings.Contains(contentType, "text/event-stream")
 								}
 								func (s *OpenAIGatewayService) handleOAuthSSEToJSON(resp *http.Response, c *gin.Context, body []byte, originalModel, mappedModel string) (*OpenAIUsage, error) {
 									bodyText := string(body)
 									finalResponse, ok := extractCodexFinalResponse(bodyText)
 									usage := &OpenAIUsage{}
 									if ok {
 										var response struct {
 											Usage struct {
 												InputTokens       int `json:"input_tokens"`
 												OutputTokens      int `json:"output_tokens"`
 												InputTokenDetails struct {
 													CachedTokens int `json:"cached_tokens"`
 												} `json:"input_tokens_details"`
 											} `json:"usage"`
 										}
 										if err := json.Unmarshal(finalResponse, &response); err == nil {
 											usage.InputTokens = response.Usage.InputTokens
 											usage.OutputTokens = response.Usage.OutputTokens
 											usage.CacheReadInputTokens = response.Usage.InputTokenDetails.CachedTokens
 										}
 										body = finalResponse
 										if originalModel != mappedModel {
 											body = s.replaceModelInResponseBody(body, mappedModel, originalModel)
 										}
-												feat(openai): 添加Codex工具调用自动修正功能

实现了完整的Codex工具调用拦截和自动修正系统，解决OpenCode使用Codex模型时的工具调用兼容性问题。

**核心功能:**

1. **工具名称自动映射**
   - apply_patch/applyPatch → edit
   - update_plan/updatePlan → todowrite
   - read_plan/readPlan → todoread
   - search_files/searchFiles → grep
   - list_files/listFiles → glob
   - read_file/readFile → read
   - write_file/writeFile → write
   - execute_bash/executeBash/exec_bash/execBash → bash

2. **工具参数自动修正**
   - bash: 自动移除不支持的 workdir/work_dir 参数
   - edit: 自动将 path 参数重命名为 file_path
   - 支持 JSON 字符串和对象两种参数格式

3. **流式响应集成**
   - 在 SSE 数据流中实时修正工具调用
   - 支持多种 JSON 结构（tool_calls, function_call, delta, choices等）
   - 不影响响应性能和用户体验

4. **统计和监控**
   - 记录每次工具修正的详细信息
   - 提供修正统计数据查询
   - 便于问题排查和性能优化

**实现文件:**
- `openai_tool_corrector.go`: 工具修正核心逻辑（250行）
- `openai_tool_corrector_test.go`: 完整的单元测试（380+行）
- `openai_gateway_service.go`: 流式响应集成
- `openai_gateway_service_tool_correction_test.go`: 集成测试

**测试覆盖:**
- 工具名称映射测试（18个映射规则）
- 参数修正测试（bash workdir、edit path等）
- SSE数据修正测试（多种JSON结构）
- 统计功能测试
- 所有测试通过 ✅

**解决的问题:**
修复了 OpenCode 使用 sub2api 中转 Codex 时，因工具名称和参数不兼容导致的工具调用失败问题。
Codex 模型有时会忽略指令文件中的工具映射说明，导致调用不存在的工具（如 apply_patch）。
现在通过流式响应拦截，自动将错误的工具调用修正为 OpenCode 兼容的格式。

**参考文档:**
- OpenCode 工具规范: https://opencode.ai/docs/
- Codex Bridge 指令: backend/internal/service/prompts/codex_opencode_bridge.txt

											
										
										
											2026-01-15 23:52:50 +08:00
+										// Correct tool calls in final response
 										body = s.correctToolCallsInResponseBody(body)
-												Fix Codex OAuth tool mapping

											
										
										
											2026-01-09 18:35:58 +08:00
+									} else {
 										usage = s.parseSSEUsageFromBody(bodyText)
 										if originalModel != mappedModel {
 											bodyText = s.replaceModelInSSEBody(bodyText, mappedModel, originalModel)
 										}
 										body = []byte(bodyText)
 									}
 									responseheaders.WriteFilteredHeaders(c.Writer.Header(), resp.Header, s.cfg.Security.ResponseHeaders)
 									contentType := "application/json; charset=utf-8"
 									if !ok {
 										contentType = resp.Header.Get("Content-Type")
 										if contentType == "" {
 											contentType = "text/event-stream"
 										}
 									}
 									c.Data(resp.StatusCode, contentType, body)
 									return usage, nil
 								}
 								func extractCodexFinalResponse(body string) ([]byte, bool) {
 									lines := strings.Split(body, "\n")
 									for _, line := range lines {
 										if !openaiSSEDataRe.MatchString(line) {
 											continue
 										}
 										data := openaiSSEDataRe.ReplaceAllString(line, "")
 										if data == "" || data == "[DONE]" {
 											continue
 										}
 										var event struct {
 											Type     string          `json:"type"`
 											Response json.RawMessage `json:"response"`
 										}
 										if json.Unmarshal([]byte(data), &event) != nil {
 											continue
 										}
 										if event.Type == "response.done" || event.Type == "response.completed" {
 											if len(event.Response) > 0 {
 												return event.Response, true
 											}
 										}
 									}
 									return nil, false
 								}
 								func (s *OpenAIGatewayService) parseSSEUsageFromBody(body string) *OpenAIUsage {
 									usage := &OpenAIUsage{}
 									lines := strings.Split(body, "\n")
 									for _, line := range lines {
 										if !openaiSSEDataRe.MatchString(line) {
 											continue
 										}
 										data := openaiSSEDataRe.ReplaceAllString(line, "")
 										if data == "" || data == "[DONE]" {
 											continue
 										}
 										s.parseSSEUsage(data, usage)
 									}
 									return usage
 								}
 								func (s *OpenAIGatewayService) replaceModelInSSEBody(body, fromModel, toModel string) string {
 									lines := strings.Split(body, "\n")
 									for i, line := range lines {
 										if !openaiSSEDataRe.MatchString(line) {
 											continue
 										}
 										lines[i] = s.replaceModelInSSELine(line, fromModel, toModel)
 									}
 									return strings.Join(lines, "\n")
 								}
-												feat(安全): 强化安全策略与配置校验

- 增加 CORS/CSP/安全响应头与代理信任配置

- 引入 URL 白名单与私网开关，校验上游与价格源

- 改善 API Key 处理与网关错误返回

- 管理端设置隐藏敏感字段并优化前端提示

- 增加计费熔断与相关配置示例

测试: go test ./...

											
										
										
											2026-01-02 17:40:57 +08:00
+								func (s *OpenAIGatewayService) validateUpstreamBaseURL(raw string) (string, error) {
-												feat(安全): 添加安全开关并完善测试流程

实现安全开关默认关闭与响应头透传逻辑
- URL 校验与响应头过滤支持开关并覆盖流式路径
- 非流式 Content-Type 透传/默认值按配置生效
- 接入 go test、golangci-lint 与前端 lint/typecheck
- 补充相关测试与配置/文档说明

											
										
										
											2026-01-05 13:54:43 +08:00
+									if s.cfg != nil && !s.cfg.Security.URLAllowlist.Enabled {
-												fix(安全): 关闭白名单时保留最小校验与默认白名单

实现 allow_insecure_http 并在关闭校验时执行最小格式验证
- 关闭 allowlist 时要求 URL 可解析且 scheme 合规
- 响应头过滤关闭时使用默认白名单策略
- 更新相关文档、示例与测试覆盖

											
										
										
											2026-01-05 14:41:08 +08:00
+										normalized, err := urlvalidator.ValidateURLFormat(raw, s.cfg.Security.URLAllowlist.AllowInsecureHTTP)
 										if err != nil {
 											return "", fmt.Errorf("invalid base_url: %w", err)
 										}
 										return normalized, nil
-												feat(安全): 添加安全开关并完善测试流程

实现安全开关默认关闭与响应头透传逻辑
- URL 校验与响应头过滤支持开关并覆盖流式路径
- 非流式 Content-Type 透传/默认值按配置生效
- 接入 go test、golangci-lint 与前端 lint/typecheck
- 补充相关测试与配置/文档说明

											
										
										
											2026-01-05 13:54:43 +08:00
+									}
-												feat(安全): 强化安全策略与配置校验

- 增加 CORS/CSP/安全响应头与代理信任配置

- 引入 URL 白名单与私网开关，校验上游与价格源

- 改善 API Key 处理与网关错误返回

- 管理端设置隐藏敏感字段并优化前端提示

- 增加计费熔断与相关配置示例

测试: go test ./...

											
										
										
											2026-01-02 17:40:57 +08:00
+									normalized, err := urlvalidator.ValidateHTTPSURL(raw, urlvalidator.ValidationOptions{
 										AllowedHosts:     s.cfg.Security.URLAllowlist.UpstreamHosts,
 										RequireAllowlist: true,
 										AllowPrivate:     s.cfg.Security.URLAllowlist.AllowPrivateHosts,
 									})
 									if err != nil {
 										return "", fmt.Errorf("invalid base_url: %w", err)
 									}
 									return normalized, nil
 								}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+								func (s *OpenAIGatewayService) replaceModelInResponseBody(body []byte, fromModel, toModel string) []byte {
 									var resp map[string]any
 									if err := json.Unmarshal(body, &resp); err != nil {
 										return body
 									}
 									model, ok := resp["model"].(string)
 									if !ok || model != fromModel {
 										return body
 									}
 									resp["model"] = toModel
 									newBody, err := json.Marshal(resp)
 									if err != nil {
 										return body
 									}
 									return newBody
 								}
 								// OpenAIRecordUsageInput input for recording usage
 								type OpenAIRecordUsageInput struct {
 									Result       *OpenAIForwardResult
-												fix(lint): 修复所有 Go 命名规范问题

- 全局替换 ApiKey → APIKey（类型、字段、方法、变量）
- 修复所有 initialism 命名（API, SMTP, HTML, URL 等）
- 添加所有缺失的包注释
- 修复导出符号的注释格式

主要修改：
- ApiKey → APIKey（所有出现的地方）
- ApiKeyID → APIKeyID
- ApiKeyIDs → APIKeyIDs
- TestSmtpConnection → TestSMTPConnection
- HtmlURL → HTMLURL
- 添加 20+ 个包注释
- 修复 10+ 个导出符号注释格式

验证结果：
- ✓ golangci-lint: 0 issues
- ✓ 单元测试: 通过
- ✓ 集成测试: 通过

											
										
										
											2026-01-04 19:27:53 +08:00
+									APIKey       *APIKey
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+									User         *User
 									Account      *Account
 									Subscription *UserSubscription
-												feat(usage-log): 增加请求 User-Agent 记录

在使用记录中添加 user_agent 字段，用于记录 API 请求的 User-Agent 头信息，
便于分析客户端类型和调试。

变更内容：
- 新增数据库迁移 028_add_usage_logs_user_agent.sql
- 更新 UsageLog 模型和 Ent Schema 添加 user_agent 字段
- 更新 Repository 层的 Create 和 scanUsageLog 方法
- 更新 RecordUsageInput 结构体支持传入 UserAgent
- 更新 Claude/OpenAI/Gemini 三个网关 Handler 传递 UserAgent

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

											
										
										
											2026-01-06 16:23:56 +08:00
+									UserAgent    string // 请求的 User-Agent
-												feat(api-key): 添加 IP 白名单/黑名单限制功能 (#221)

* feat(api-key): add IP whitelist/blacklist restriction and usage log IP tracking

- Add IP restriction feature for API keys (whitelist/blacklist with CIDR support)
- Add IP address logging to usage logs (admin-only visibility)
- Remove billing_type column from usage logs UI (redundant)
- Use generic "Access denied" error message for security

Backend:
- New ip package with IP/CIDR validation and matching utilities
- Database migrations for ip_whitelist, ip_blacklist (api_keys) and ip_address (usage_logs)
- Middleware IP restriction check after API key validation
- Input validation for IP/CIDR patterns on create/update

Frontend:
- API key form with enable toggle for IP restriction
- Shield icon indicator in table for keys with IP restriction
- Removed billing_type filter and column from usage views

* fix: update API contract tests for ip_whitelist/ip_blacklist fields

Add ip_whitelist and ip_blacklist fields to expected JSON responses
in API contract tests to match the new API key schema.
											
										
										
											2026-01-09 21:59:32 +08:00
+									IPAddress    string // 请求的客户端 IP 地址
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+								}
 								// RecordUsage records usage and deducts balance
 								func (s *OpenAIGatewayService) RecordUsage(ctx context.Context, input *OpenAIRecordUsageInput) error {
 									result := input.Result
-												fix(lint): 修复所有 Go 命名规范问题

- 全局替换 ApiKey → APIKey（类型、字段、方法、变量）
- 修复所有 initialism 命名（API, SMTP, HTML, URL 等）
- 添加所有缺失的包注释
- 修复导出符号的注释格式

主要修改：
- ApiKey → APIKey（所有出现的地方）
- ApiKeyID → APIKeyID
- ApiKeyIDs → APIKeyIDs
- TestSmtpConnection → TestSMTPConnection
- HtmlURL → HTMLURL
- 添加 20+ 个包注释
- 修复 10+ 个导出符号注释格式

验证结果：
- ✓ golangci-lint: 0 issues
- ✓ 单元测试: 通过
- ✓ 集成测试: 通过

											
										
										
											2026-01-04 19:27:53 +08:00
+									apiKey := input.APIKey
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									user := input.User
 									account := input.Account
 									subscription := input.Subscription
-												feat: 平台图标与计费修复

- fix(billing): 修复 OpenAI 兼容 API 缓存 token 重复计费问题
- fix(auth): 隐藏数据库错误详情，返回通用服务不可用错误
- feat(ui): 新增 PlatformIcon 组件，GroupBadge 支持平台颜色区分
- feat(ui): 账号管理新增重置状态按钮，重授权后自动清除错误
- feat(ui): 分组管理新增计费类型列，显示订阅限额信息
- ui: 首页 GPT 状态改为已支持

											
										
										
											2025-12-23 10:01:58 +08:00
+									// 计算实际的新输入token（减去缓存读取的token）
 									// 因为 input_tokens 包含了 cache_read_tokens，而缓存读取的token不应按输入价格计费
 									actualInputTokens := result.Usage.InputTokens - result.Usage.CacheReadInputTokens
 									if actualInputTokens < 0 {
 										actualInputTokens = 0
 									}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									// Calculate cost
 									tokens := UsageTokens{
-												feat: 平台图标与计费修复

- fix(billing): 修复 OpenAI 兼容 API 缓存 token 重复计费问题
- fix(auth): 隐藏数据库错误详情，返回通用服务不可用错误
- feat(ui): 新增 PlatformIcon 组件，GroupBadge 支持平台颜色区分
- feat(ui): 账号管理新增重置状态按钮，重授权后自动清除错误
- feat(ui): 分组管理新增计费类型列，显示订阅限额信息
- ui: 首页 GPT 状态改为已支持

											
										
										
											2025-12-23 10:01:58 +08:00
+										InputTokens:         actualInputTokens,
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										OutputTokens:        result.Usage.OutputTokens,
 										CacheCreationTokens: result.Usage.CacheCreationInputTokens,
 										CacheReadTokens:     result.Usage.CacheReadInputTokens,
 									}
 									// Get rate multiplier
 									multiplier := s.cfg.Default.RateMultiplier
 									if apiKey.GroupID != nil && apiKey.Group != nil {
 										multiplier = apiKey.Group.RateMultiplier
 									}
 									cost, err := s.billingService.CalculateCost(result.Model, tokens, multiplier)
 									if err != nil {
 										cost = &CostBreakdown{ActualCost: 0}
 									}
 									// Determine billing type
 									isSubscriptionBilling := subscription != nil && apiKey.Group != nil && apiKey.Group.IsSubscriptionType()
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+									billingType := BillingTypeBalance
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									if isSubscriptionBilling {
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+										billingType = BillingTypeSubscription
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									}
 									// Create usage log
 									durationMs := int(result.Duration.Milliseconds())
-												feat: merge dev

											
										
										
											2026-01-15 15:14:44 +08:00
+									accountRateMultiplier := account.BillingRateMultiplier()
-												refactor: 调整项目结构为单向依赖

											
										
										
											2025-12-26 15:40:24 +08:00
+									usageLog := &UsageLog{
-												feat: merge dev

											
										
										
											2026-01-15 15:14:44 +08:00
+										UserID:                user.ID,
 										APIKeyID:              apiKey.ID,
 										AccountID:             account.ID,
 										RequestID:             result.RequestID,
 										Model:                 result.Model,
 										InputTokens:           actualInputTokens,
 										OutputTokens:          result.Usage.OutputTokens,
 										CacheCreationTokens:   result.Usage.CacheCreationInputTokens,
 										CacheReadTokens:       result.Usage.CacheReadInputTokens,
 										InputCost:             cost.InputCost,
 										OutputCost:            cost.OutputCost,
 										CacheCreationCost:     cost.CacheCreationCost,
 										CacheReadCost:         cost.CacheReadCost,
 										TotalCost:             cost.TotalCost,
 										ActualCost:            cost.ActualCost,
 										RateMultiplier:        multiplier,
 										AccountRateMultiplier: &accountRateMultiplier,
 										BillingType:           billingType,
 										Stream:                result.Stream,
 										DurationMs:            &durationMs,
 										FirstTokenMs:          result.FirstTokenMs,
 										CreatedAt:             time.Now(),
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									}
-												feat(usage-log): 增加请求 User-Agent 记录

在使用记录中添加 user_agent 字段，用于记录 API 请求的 User-Agent 头信息，
便于分析客户端类型和调试。

变更内容：
- 新增数据库迁移 028_add_usage_logs_user_agent.sql
- 更新 UsageLog 模型和 Ent Schema 添加 user_agent 字段
- 更新 Repository 层的 Create 和 scanUsageLog 方法
- 更新 RecordUsageInput 结构体支持传入 UserAgent
- 更新 Claude/OpenAI/Gemini 三个网关 Handler 传递 UserAgent

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

											
										
										
											2026-01-06 16:23:56 +08:00
+									// 添加 UserAgent
 									if input.UserAgent != "" {
 										usageLog.UserAgent = &input.UserAgent
 									}
-												feat(api-key): 添加 IP 白名单/黑名单限制功能 (#221)

* feat(api-key): add IP whitelist/blacklist restriction and usage log IP tracking

- Add IP restriction feature for API keys (whitelist/blacklist with CIDR support)
- Add IP address logging to usage logs (admin-only visibility)
- Remove billing_type column from usage logs UI (redundant)
- Use generic "Access denied" error message for security

Backend:
- New ip package with IP/CIDR validation and matching utilities
- Database migrations for ip_whitelist, ip_blacklist (api_keys) and ip_address (usage_logs)
- Middleware IP restriction check after API key validation
- Input validation for IP/CIDR patterns on create/update

Frontend:
- API key form with enable toggle for IP restriction
- Shield icon indicator in table for keys with IP restriction
- Removed billing_type filter and column from usage views

* fix: update API contract tests for ip_whitelist/ip_blacklist fields

Add ip_whitelist and ip_blacklist fields to expected JSON responses
in API contract tests to match the new API key schema.
											
										
										
											2026-01-09 21:59:32 +08:00
+									// 添加 IPAddress
 									if input.IPAddress != "" {
 										usageLog.IPAddress = &input.IPAddress
 									}
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									if apiKey.GroupID != nil {
 										usageLog.GroupID = apiKey.GroupID
 									}
 									if subscription != nil {
 										usageLog.SubscriptionID = &subscription.ID
 									}
-												fix(usage): 使用日志事务和幂等性修复

- UsageLogRepository.Create 返回 inserted 标志
- UsageService 使用事务保证原子性
- 避免重复扣费（幂等重试场景）
- 更新依赖注入和测试

											
										
										
											2026-01-03 17:10:32 -08:00
+									inserted, err := s.usageLogRepo.Create(ctx, usageLog)
-												feat(全栈): 实现简易模式核心功能

**功能概述**：
实现简易模式(Simple Mode)，为个人用户和小团队提供简化的使用体验，隐藏复杂的分组、订阅、配额等概念。

**后端改动**：
1. 配置系统
   - 新增 run_mode 配置项（standard/simple）
   - 支持环境变量 RUN_MODE
   - 默认值为 standard

2. 数据库初始化
   - 自动创建3个默认分组：anthropic-default、openai-default、gemini-default
   - 默认分组配置：无并发限制、active状态、非独占
   - 幂等性保证：重复启动不会重复创建

3. 账号管理
   - 创建账号时自动绑定对应平台的默认分组
   - 如果未指定分组，自动查找并绑定默认分组

**前端改动**：
1. 状态管理
   - authStore 新增 isSimpleMode 计算属性
   - 从后端API获取并同步运行模式

2. UI隐藏
   - 侧边栏：隐藏分组管理、订阅管理、兑换码菜单
   - 账号管理页面：隐藏分组列
   - 创建/编辑账号对话框：隐藏分组选择器

3. 路由守卫
   - 限制访问分组、订阅、兑换码相关页面
   - 访问受限页面时自动重定向到仪表板

**配置示例**：
```yaml
run_mode: simple

run_mode: standard
```

**影响范围**：
- 后端：配置、数据库迁移、账号服务
- 前端：认证状态、路由、UI组件
- 部署：配置文件示例

**兼容性**：
- 简易模式和标准模式可无缝切换
- 不需要数据迁移
- 现有数据不受影响

											
										
										
											2025-12-29 03:17:25 +08:00
+									if s.cfg != nil && s.cfg.RunMode == config.RunModeSimple {
 										log.Printf("[SIMPLE MODE] Usage recorded (not billed): user=%d, tokens=%d", usageLog.UserID, usageLog.TotalTokens())
 										s.deferredService.ScheduleLastUsedUpdate(account.ID)
 										return nil
 									}
-												fix(usage): 使用日志事务和幂等性修复

- UsageLogRepository.Create 返回 inserted 标志
- UsageService 使用事务保证原子性
- 避免重复扣费（幂等重试场景）
- 更新依赖注入和测试

											
										
										
											2026-01-03 17:10:32 -08:00
+									shouldBill := inserted || err != nil
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+									// Deduct based on billing type
 									if isSubscriptionBilling {
-												fix(usage): 使用日志事务和幂等性修复

- UsageLogRepository.Create 返回 inserted 标志
- UsageService 使用事务保证原子性
- 避免重复扣费（幂等重试场景）
- 更新依赖注入和测试

											
										
										
											2026-01-03 17:10:32 -08:00
+										if shouldBill && cost.TotalCost > 0 {
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+											_ = s.userSubRepo.IncrementUsage(ctx, subscription.ID, cost.TotalCost)
-												perf(后端): 完成性能优化与连接池配置

新增 DB/Redis 连接池配置与校验，并补充单测

网关请求体大小限制与 413 处理

HTTP/req 客户端池化并调整上游连接池默认值

并发槽位改为 ZSET+Lua 与指数退避

用量统计改 SQL 聚合并新增索引迁移

计费缓存写入改工作池并补测试/基准

测试: 在 backend/ 下运行 go test ./...

											
										
										
											2025-12-31 08:50:12 +08:00
+											s.billingCacheService.QueueUpdateSubscriptionUsage(user.ID, *apiKey.GroupID, cost.TotalCost)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										}
 									} else {
-												fix(usage): 使用日志事务和幂等性修复

- UsageLogRepository.Create 返回 inserted 标志
- UsageService 使用事务保证原子性
- 避免重复扣费（幂等重试场景）
- 更新依赖注入和测试

											
										
										
											2026-01-03 17:10:32 -08:00
+										if shouldBill && cost.ActualCost > 0 {
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+											_ = s.userRepo.DeductBalance(ctx, user.ID, cost.ActualCost)
-												perf(后端): 完成性能优化与连接池配置

新增 DB/Redis 连接池配置与校验，并补充单测

网关请求体大小限制与 413 处理

HTTP/req 客户端池化并调整上游连接池默认值

并发槽位改为 ZSET+Lua 与指数退避

用量统计改 SQL 聚合并新增索引迁移

计费缓存写入改工作池并补测试/基准

测试: 在 backend/ 下运行 go test ./...

											
										
										
											2025-12-31 08:50:12 +08:00
+											s.billingCacheService.QueueDeductBalance(user.ID, cost.ActualCost)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
+										}
 									}
-												feat: Schedule batch update for account last_used_at

Implement deferred batch update mechanism to reduce database load:

- Add DeferredService for batching account last_used_at updates
- Add TimingWheelService for efficient recurring task scheduling
- Integrate with GatewayService and OpenAIGatewayService
- Implement BatchUpdateLastUsed repository method using CASE...WHEN SQL
- Fix golangci-lint error: Replace interface{} with any

Benefits:
- Reduces database writes by batching updates (10-second intervals)
- Improves request throughput by deferring non-critical updates
- Maintains accurate account usage tracking for scheduling

											
										
										
											2025-12-28 08:07:15 +08:00
+									// Schedule batch update for account last_used_at
 									s.deferredService.ScheduleLastUsedUpdate(account.ID)
-												feat: 新增支持codex转发

											
										
										
											2025-12-22 22:58:31 +08:00
 									return nil
 								}
-												feat: OpenAI OAuth账号显示Codex使用量

从响应头提取x-codex-*使用量信息并保存到账号Extra字段，
前端账号列表展示5h/7d窗口的使用进度条。

											
										
										
											2025-12-23 16:26:07 +08:00
 								// extractCodexUsageHeaders extracts Codex usage limits from response headers
 								func extractCodexUsageHeaders(headers http.Header) *OpenAICodexUsageSnapshot {
 									snapshot := &OpenAICodexUsageSnapshot{}
 									hasData := false
 									// Helper to parse float64 from header
 									parseFloat := func(key string) *float64 {
 										if v := headers.Get(key); v != "" {
 											if f, err := strconv.ParseFloat(v, 64); err == nil {
 												return &f
 											}
 										}
 										return nil
 									}
 									// Helper to parse int from header
 									parseInt := func(key string) *int {
 										if v := headers.Get(key); v != "" {
 											if i, err := strconv.Atoi(v); err == nil {
 												return &i
 											}
 										}
 										return nil
 									}
 									// Primary (weekly) limits
 									if v := parseFloat("x-codex-primary-used-percent"); v != nil {
 										snapshot.PrimaryUsedPercent = v
 										hasData = true
 									}
 									if v := parseInt("x-codex-primary-reset-after-seconds"); v != nil {
 										snapshot.PrimaryResetAfterSeconds = v
 										hasData = true
 									}
 									if v := parseInt("x-codex-primary-window-minutes"); v != nil {
 										snapshot.PrimaryWindowMinutes = v
 										hasData = true
 									}
 									// Secondary (5h) limits
 									if v := parseFloat("x-codex-secondary-used-percent"); v != nil {
 										snapshot.SecondaryUsedPercent = v
 										hasData = true
 									}
 									if v := parseInt("x-codex-secondary-reset-after-seconds"); v != nil {
 										snapshot.SecondaryResetAfterSeconds = v
 										hasData = true
 									}
 									if v := parseInt("x-codex-secondary-window-minutes"); v != nil {
 										snapshot.SecondaryWindowMinutes = v
 										hasData = true
 									}
 									// Overflow ratio
 									if v := parseFloat("x-codex-primary-over-secondary-limit-percent"); v != nil {
 										snapshot.PrimaryOverSecondaryPercent = v
 										hasData = true
 									}
 									if !hasData {
 										return nil
 									}
 									snapshot.UpdatedAt = time.Now().Format(time.RFC3339)
 									return snapshot
 								}
 								// updateCodexUsageSnapshot saves the Codex usage snapshot to account's Extra field
 								func (s *OpenAIGatewayService) updateCodexUsageSnapshot(ctx context.Context, accountID int64, snapshot *OpenAICodexUsageSnapshot) {
 									if snapshot == nil {
 										return
 									}
 									// Convert snapshot to map for merging into Extra
 									updates := make(map[string]any)
 									if snapshot.PrimaryUsedPercent != nil {
 										updates["codex_primary_used_percent"] = *snapshot.PrimaryUsedPercent
 									}
 									if snapshot.PrimaryResetAfterSeconds != nil {
 										updates["codex_primary_reset_after_seconds"] = *snapshot.PrimaryResetAfterSeconds
 									}
 									if snapshot.PrimaryWindowMinutes != nil {
 										updates["codex_primary_window_minutes"] = *snapshot.PrimaryWindowMinutes
 									}
 									if snapshot.SecondaryUsedPercent != nil {
 										updates["codex_secondary_used_percent"] = *snapshot.SecondaryUsedPercent
 									}
 									if snapshot.SecondaryResetAfterSeconds != nil {
 										updates["codex_secondary_reset_after_seconds"] = *snapshot.SecondaryResetAfterSeconds
 									}
 									if snapshot.SecondaryWindowMinutes != nil {
 										updates["codex_secondary_window_minutes"] = *snapshot.SecondaryWindowMinutes
 									}
 									if snapshot.PrimaryOverSecondaryPercent != nil {
 										updates["codex_primary_over_secondary_percent"] = *snapshot.PrimaryOverSecondaryPercent
 									}
 									updates["codex_usage_updated_at"] = snapshot.UpdatedAt
-												fix: 修复 OpenAI 账号 5h/7d 使用限制显示错误的问题 (#30)

* fix: 修复 OpenAI 账号 5h/7d 使用限制显示错误的问题

问题描述:
- 账号管理页面中,OpenAI OAuth 账号的 5h 列显示 7 天的剩余时间
- 7d 列却显示几小时的剩余时间
- 根本原因: OpenAI 响应头中 primary/secondary 的实际含义与代码假设相反

修复方案:
1. 后端归一化 (openai_gateway_service.go):
   - 根据 window_minutes 动态判断哪个是 5h/7d 限制
   - 新增规范字段 codex_5h_* 和 codex_7d_*
   - 保留旧字段以兼容性

2. 前端适配 (AccountUsageCell.vue):
   - 优先使用新的规范字段
   - Fallback 到旧字段时基于 window_minutes 动态判断
   - 更新 computed 属性命名

3. 类型定义更新 (types/index.ts):
   - 添加新的规范字段定义
   - 更新注释说明实际语义由 window_minutes 决定

🤖 Generated with Claude Code and Codex collaboration

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-Authored-By: OpenAI Codex <noreply@openai.com>

* fix: 改进窗口判断逻辑，修复两个窗口都小于阈值时的bug

问题：
当两个窗口都小于360分钟时（如 primary=180分钟，secondary=300分钟），
之前的逻辑会导致：
- primary5h = true, secondary5h = true
- 5h 字段会使用 primary（错误）
- 7d 字段没有数据（bug）

修复方案：
改用比较策略：
1. 当两个窗口都存在时：较小的分配给5h，较大的分配给7d
2. 当只有一个窗口时：根据大小（<=360分钟）判断是5h还是7d
3. 确保数据不会丢失，逻辑更健壮

示例：
- Primary: 180分钟, Secondary: 300分钟
  → 5h 使用 Primary(180分钟), 7d 使用 Secondary(300分钟) ✓

🤖 Generated with Claude Code

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* fix: 修正窗口大小判断逻辑 - 不能用剩余时间判断窗口类型

**严重bug修复：**
之前的 fallback 逻辑错误地使用 reset_after_seconds 来判断窗口大小。

问题示例：
- 周限制（7d）剩余 2h → reset_after_seconds = 7200秒
- 5h限制 剩余 4h → reset_after_seconds = 14400秒
- 错误逻辑：7200/60 < 14400/60，把周限制当成5h ❌

根本问题：
- window_minutes = 窗口的总大小（300 or 10080）
- reset_after_seconds = 距离重置的剩余时间（变化的）
- 不能用剩余时间来判断窗口类型！

修复方案：
1. **只使用 window_minutes** 来判断窗口大小
2. 移除错误的 reset_after_seconds fallback
3. 如果 window_minutes 都不存在，使用传统假设
4. 添加详细注释说明这个陷阱

🤖 Generated with Claude Code

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* fix: 修复 lint 问题 - 改进 fallback 逻辑的变量赋值

问题：
第882-883行的简单布尔赋值可能触发 ineffassign 或 staticcheck 警告：
  use5hFromSecondary = snapshot.SecondaryUsedPercent != nil
  use7dFromPrimary = snapshot.PrimaryUsedPercent != nil

修复：
改用明确的 if 语句检查任意字段是否存在，更符合代码意图：
- 如果 secondary 的任意字段存在，将其视为 5h
- 如果 primary 的任意字段存在，将其视为 7d

这样逻辑更清晰，也避免了 lint 警告。

---------

Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-authored-by: OpenAI Codex <noreply@openai.com>
											
										
										
											2025-12-25 17:00:02 +08:00
+									// Normalize to canonical 5h/7d fields based on window_minutes
 									// This fixes the issue where OpenAI's primary/secondary naming is reversed
 									// Strategy: Compare the two windows and assign the smaller one to 5h, larger one to 7d
 									// IMPORTANT: We can only reliably determine window type from window_minutes field
 									// The reset_after_seconds is remaining time, not window size, so it cannot be used for comparison
 									var primaryWindowMins, secondaryWindowMins int
 									var hasPrimaryWindow, hasSecondaryWindow bool
 									// Only use window_minutes for reliable window size comparison
 									if snapshot.PrimaryWindowMinutes != nil {
 										primaryWindowMins = *snapshot.PrimaryWindowMinutes
 										hasPrimaryWindow = true
 									}
 									if snapshot.SecondaryWindowMinutes != nil {
 										secondaryWindowMins = *snapshot.SecondaryWindowMinutes
 										hasSecondaryWindow = true
 									}
 									// Determine which is 5h and which is 7d
 									var use5hFromPrimary, use7dFromPrimary bool
 									var use5hFromSecondary, use7dFromSecondary bool
 									if hasPrimaryWindow && hasSecondaryWindow {
 										// Both window sizes known: compare and assign smaller to 5h, larger to 7d
 										if primaryWindowMins < secondaryWindowMins {
 											use5hFromPrimary = true
 											use7dFromSecondary = true
 										} else {
 											use5hFromSecondary = true
 											use7dFromPrimary = true
 										}
 									} else if hasPrimaryWindow {
 										// Only primary window size known: classify by absolute threshold
 										if primaryWindowMins <= 360 {
 											use5hFromPrimary = true
 										} else {
 											use7dFromPrimary = true
 										}
 									} else if hasSecondaryWindow {
 										// Only secondary window size known: classify by absolute threshold
 										if secondaryWindowMins <= 360 {
 											use5hFromSecondary = true
 										} else {
 											use7dFromSecondary = true
 										}
 									} else {
 										// No window_minutes available: cannot reliably determine window types
 										// Fall back to legacy assumption (may be incorrect)
 										// Assume primary=7d, secondary=5h based on historical observation
 										if snapshot.SecondaryUsedPercent != nil || snapshot.SecondaryResetAfterSeconds != nil || snapshot.SecondaryWindowMinutes != nil {
 											use5hFromSecondary = true
 										}
 										if snapshot.PrimaryUsedPercent != nil || snapshot.PrimaryResetAfterSeconds != nil || snapshot.PrimaryWindowMinutes != nil {
 											use7dFromPrimary = true
 										}
 									}
 									// Write canonical 5h fields
 									if use5hFromPrimary {
 										if snapshot.PrimaryUsedPercent != nil {
 											updates["codex_5h_used_percent"] = *snapshot.PrimaryUsedPercent
 										}
 										if snapshot.PrimaryResetAfterSeconds != nil {
 											updates["codex_5h_reset_after_seconds"] = *snapshot.PrimaryResetAfterSeconds
 										}
 										if snapshot.PrimaryWindowMinutes != nil {
 											updates["codex_5h_window_minutes"] = *snapshot.PrimaryWindowMinutes
 										}
 									} else if use5hFromSecondary {
 										if snapshot.SecondaryUsedPercent != nil {
 											updates["codex_5h_used_percent"] = *snapshot.SecondaryUsedPercent
 										}
 										if snapshot.SecondaryResetAfterSeconds != nil {
 											updates["codex_5h_reset_after_seconds"] = *snapshot.SecondaryResetAfterSeconds
 										}
 										if snapshot.SecondaryWindowMinutes != nil {
 											updates["codex_5h_window_minutes"] = *snapshot.SecondaryWindowMinutes
 										}
 									}
 									// Write canonical 7d fields
 									if use7dFromPrimary {
 										if snapshot.PrimaryUsedPercent != nil {
 											updates["codex_7d_used_percent"] = *snapshot.PrimaryUsedPercent
 										}
 										if snapshot.PrimaryResetAfterSeconds != nil {
 											updates["codex_7d_reset_after_seconds"] = *snapshot.PrimaryResetAfterSeconds
 										}
 										if snapshot.PrimaryWindowMinutes != nil {
 											updates["codex_7d_window_minutes"] = *snapshot.PrimaryWindowMinutes
 										}
 									} else if use7dFromSecondary {
 										if snapshot.SecondaryUsedPercent != nil {
 											updates["codex_7d_used_percent"] = *snapshot.SecondaryUsedPercent
 										}
 										if snapshot.SecondaryResetAfterSeconds != nil {
 											updates["codex_7d_reset_after_seconds"] = *snapshot.SecondaryResetAfterSeconds
 										}
 										if snapshot.SecondaryWindowMinutes != nil {
 											updates["codex_7d_window_minutes"] = *snapshot.SecondaryWindowMinutes
 										}
 									}
-												feat: OpenAI OAuth账号显示Codex使用量

从响应头提取x-codex-*使用量信息并保存到账号Extra字段，
前端账号列表展示5h/7d窗口的使用进度条。

											
										
										
											2025-12-23 16:26:07 +08:00
+									// Update account's Extra field asynchronously
 									go func() {
 										updateCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
 										defer cancel()
 										_ = s.accountRepo.UpdateExtra(updateCtx, accountID, updates)
 									}()
 								}