backend/internal/service/antigravity_token_provider.go

package service

import (
	"context"
	"errors"
	"log/slog"
	"strconv"
	"strings"
	"sync"
	"time"

	"github.com/Wei-Shaw/sub2api/internal/pkg/antigravity"
)

const (
	antigravityTokenRefreshSkew = 3 * time.Minute
	antigravityTokenCacheSkew   = 5 * time.Minute

	// projectIDFillCooldown 同一账号 project_id 补齐失败后的冷却时间
	projectIDFillCooldown = 60 * time.Second

	// fallbackProjectID 所有获取方式都失败时的兜底值（与 Antigravity-Manager 一致）
	fallbackProjectID = "bamboo-precept-lgxtn"
)

// AntigravityTokenCache Token 缓存接口（复用 GeminiTokenCache 接口定义）
type AntigravityTokenCache = GeminiTokenCache

// AntigravityTokenProvider 管理 Antigravity 账户的 access_token
type AntigravityTokenProvider struct {
	accountRepo             AccountRepository
	tokenCache              AntigravityTokenCache
	antigravityOAuthService *AntigravityOAuthService

	// projectIDFillAttempts 记录每个账号最近一次 project_id 补齐尝试时间，用于冷却去重
	projectIDFillAttempts sync.Map // map[int64]time.Time
}

func NewAntigravityTokenProvider(
	accountRepo AccountRepository,
	tokenCache AntigravityTokenCache,
	antigravityOAuthService *AntigravityOAuthService,
) *AntigravityTokenProvider {
	return &AntigravityTokenProvider{
		accountRepo:             accountRepo,
		tokenCache:              tokenCache,
		antigravityOAuthService: antigravityOAuthService,
	}
}

// GetAccessToken 获取有效的 access_token
func (p *AntigravityTokenProvider) GetAccessToken(ctx context.Context, account *Account) (string, error) {
	if account == nil {
		return "", errors.New("account is nil")
	}
	if account.Platform != PlatformAntigravity {
		return "", errors.New("not an antigravity account")
	}
	// upstream 类型：直接从 credentials 读取 api_key，不走 OAuth 刷新流程
	if account.Type == AccountTypeUpstream {
		apiKey := account.GetCredential("api_key")
		if apiKey == "" {
			return "", errors.New("upstream account missing api_key in credentials")
		}
		return apiKey, nil
	}
	if account.Type != AccountTypeOAuth {
		return "", errors.New("not an antigravity oauth account")
	}

	cacheKey := AntigravityTokenCacheKey(account)

	// 1. 先尝试缓存
	if p.tokenCache != nil {
		if token, err := p.tokenCache.GetAccessToken(ctx, cacheKey); err == nil && strings.TrimSpace(token) != "" {
			return token, nil
		}
	}

	// 2. 如果即将过期则刷新
	expiresAt := account.GetCredentialAsTime("expires_at")
	needsRefresh := expiresAt == nil || time.Until(*expiresAt) <= antigravityTokenRefreshSkew
	if needsRefresh && p.tokenCache != nil {
		locked, err := p.tokenCache.AcquireRefreshLock(ctx, cacheKey, 30*time.Second)
		if err == nil && locked {
			defer func() { _ = p.tokenCache.ReleaseRefreshLock(ctx, cacheKey) }()

			// 拿到锁后再次检查缓存（另一个 worker 可能已刷新）
			if token, err := p.tokenCache.GetAccessToken(ctx, cacheKey); err == nil && strings.TrimSpace(token) != "" {
				return token, nil
			}

			// 从数据库获取最新账户信息
			fresh, err := p.accountRepo.GetByID(ctx, account.ID)
			if err == nil && fresh != nil {
				account = fresh
			}
			expiresAt = account.GetCredentialAsTime("expires_at")
			if expiresAt == nil || time.Until(*expiresAt) <= antigravityTokenRefreshSkew {
				if p.antigravityOAuthService == nil {
					return "", errors.New("antigravity oauth service not configured")
				}
				tokenInfo, err := p.antigravityOAuthService.RefreshAccountToken(ctx, account)
				if err != nil {
					return "", err
				}
				newCredentials := p.antigravityOAuthService.BuildAccountCredentials(tokenInfo)
				mergeCredentials(newCredentials, account.Credentials)
				account.Credentials = newCredentials
				if updateErr := p.accountRepo.Update(ctx, account); updateErr != nil {
					slog.Error("failed to update account credentials after token refresh", "account_id", account.ID, "error", updateErr)
				}
				expiresAt = account.GetCredentialAsTime("expires_at")
			}
		}
	}

	accessToken := account.GetCredential("access_token")
	if strings.TrimSpace(accessToken) == "" {
		return "", errors.New("access_token not found in credentials")
	}

	// 3. 如果缺少 project_id，轻量补齐（不刷新 token）
	if strings.TrimSpace(account.GetCredential("project_id")) == "" {
		p.tryFillProjectID(ctx, account, accessToken)
	}

	// 4. 存入缓存（验证版本后再写入，避免异步刷新任务与请求线程的竞态条件）
	if p.tokenCache != nil {
		latestAccount, isStale := CheckTokenVersion(ctx, account, p.accountRepo)
		if isStale && latestAccount != nil {
			// 版本过时，使用 DB 中的最新 token
			slog.Debug("antigravity_token_version_stale_use_latest", "account_id", account.ID)
			accessToken = latestAccount.GetCredential("access_token")
			if strings.TrimSpace(accessToken) == "" {
				return "", errors.New("access_token not found after version check")
			}
			// 不写入缓存，让下次请求重新处理
		} else {
			ttl := 30 * time.Minute
			if expiresAt != nil {
				until := time.Until(*expiresAt)
				switch {
				case until > antigravityTokenCacheSkew:
					ttl = until - antigravityTokenCacheSkew
				case until > 0:
					ttl = until
				default:
					ttl = time.Minute
				}
			}
			_ = p.tokenCache.SetAccessToken(ctx, cacheKey, accessToken, ttl)
		}
	}

	return accessToken, nil
}

// tryFillProjectID 轻量级 project_id 补齐（与 Antigravity-Manager 保持一致）
// 只调用 loadCodeAssist + onboardUser，不刷新 token。
// 带冷却去重：同一账号 60s 内不重复尝试。
func (p *AntigravityTokenProvider) tryFillProjectID(ctx context.Context, account *Account, accessToken string) {
	// 冷却检查：60s 内不重复尝试
	if lastAttempt, ok := p.projectIDFillAttempts.Load(account.ID); ok {
		if t, ok := lastAttempt.(time.Time); ok && time.Since(t) < projectIDFillCooldown {
			return
		}
	}
	p.projectIDFillAttempts.Store(account.ID, time.Now())

	proxyURL := ""
	if account.ProxyID != nil && account.Proxy != nil {
		proxyURL = account.Proxy.URL()
	}

	client := antigravity.NewClient(proxyURL)

	// Step 1: loadCodeAssist（单次调用，不重试）
	loadResp, loadRaw, err := client.LoadCodeAssist(ctx, accessToken)
	if err == nil && loadResp != nil && loadResp.CloudAICompanionProject != "" {
		p.persistProjectID(ctx, account, loadResp.CloudAICompanionProject)
		p.projectIDFillAttempts.Delete(account.ID) // 成功后清除冷却
		return
	}

	// Step 2: onboardUser（loadCodeAssist 成功但未返回 project_id 时）
	if err == nil {
		if projectID, onboardErr := tryOnboardProjectID(ctx, client, accessToken, loadRaw); onboardErr == nil && projectID != "" {
			p.persistProjectID(ctx, account, projectID)
			p.projectIDFillAttempts.Delete(account.ID)
			return
		}
	}

	// Step 3: 兜底值（与 Antigravity-Manager 一致）
	slog.Warn("project_id fill failed, using fallback",
		"account_id", account.ID,
		"fallback", fallbackProjectID,
	)
	p.persistProjectID(ctx, account, fallbackProjectID)
}

// persistProjectID 将 project_id 写入账号凭证并持久化
func (p *AntigravityTokenProvider) persistProjectID(ctx context.Context, account *Account, projectID string) {
	account.Credentials["project_id"] = projectID
	if p.accountRepo == nil {
		return
	}
	if updateErr := p.accountRepo.Update(ctx, account); updateErr != nil {
		slog.Error("failed to persist project_id", "account_id", account.ID, "error", updateErr)
	}
}

// mergeCredentials 将 old 中不存在于 new 的字段合并到 new
func mergeCredentials(newCreds, oldCreds map[string]any) {
	for k, v := range oldCreds {
		if _, exists := newCreds[k]; !exists {
			newCreds[k] = v
		}
	}
}

func AntigravityTokenCacheKey(account *Account) string {
	projectID := strings.TrimSpace(account.GetCredential("project_id"))
	if projectID != "" {
		return "ag:" + projectID
	}
	return "ag:account:" + strconv.FormatInt(account.ID, 10)
}
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+								package service
 								import (
 									"context"
 									"errors"
-												fix(token-cache): 版本过时时使用最新token而非旧token

上次修复(2665230)只阻止了写入缓存，但仍返回旧token导致403。
现在版本过时时直接使用DB中的最新token返回。

- 重构 IsTokenVersionStale 为 CheckTokenVersion，返回最新account
- 消除重复DB查询，复用版本检查时已获取的account

											
										
										
											2026-01-23 10:29:52 +08:00
+									"log/slog"
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+									"strconv"
 									"strings"
-												refactor: optimize project_id fill to lightweight approach

- Replace heavy RefreshAccountToken with lightweight tryFillProjectID
  (loadCodeAssist → onboardUser → fallback), consistent with
  Antigravity-Manager's behavior
- Add sync.Map cooldown/dedup (60s) to prevent repeated fill attempts
- Add fallback project_id "bamboo-precept-lgxtn" matching AM
- Extract mergeCredentials helper to eliminate duplication
- Use slog structured logging instead of log.Printf
- Fix time.Sleep in OnboardUser to context-aware select
- Fix strings.NewReader(string(bodyBytes)) → bytes.NewReader(bodyBytes)
- Remove redundant tc := tc in test (Go 1.22+)
- Add nil guard in persistProjectID for test safety

											
										
										
											2026-02-11 13:00:31 +08:00
+									"sync"
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+									"time"
-												refactor: optimize project_id fill to lightweight approach

- Replace heavy RefreshAccountToken with lightweight tryFillProjectID
  (loadCodeAssist → onboardUser → fallback), consistent with
  Antigravity-Manager's behavior
- Add sync.Map cooldown/dedup (60s) to prevent repeated fill attempts
- Add fallback project_id "bamboo-precept-lgxtn" matching AM
- Extract mergeCredentials helper to eliminate duplication
- Use slog structured logging instead of log.Printf
- Fix time.Sleep in OnboardUser to context-aware select
- Fix strings.NewReader(string(bodyBytes)) → bytes.NewReader(bodyBytes)
- Remove redundant tc := tc in test (Go 1.22+)
- Add nil guard in persistProjectID for test safety

											
										
										
											2026-02-11 13:00:31 +08:00
 									"github.com/Wei-Shaw/sub2api/internal/pkg/antigravity"
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+								)
 								const (
 									antigravityTokenRefreshSkew = 3 * time.Minute
 									antigravityTokenCacheSkew   = 5 * time.Minute
-												refactor: optimize project_id fill to lightweight approach

- Replace heavy RefreshAccountToken with lightweight tryFillProjectID
  (loadCodeAssist → onboardUser → fallback), consistent with
  Antigravity-Manager's behavior
- Add sync.Map cooldown/dedup (60s) to prevent repeated fill attempts
- Add fallback project_id "bamboo-precept-lgxtn" matching AM
- Extract mergeCredentials helper to eliminate duplication
- Use slog structured logging instead of log.Printf
- Fix time.Sleep in OnboardUser to context-aware select
- Fix strings.NewReader(string(bodyBytes)) → bytes.NewReader(bodyBytes)
- Remove redundant tc := tc in test (Go 1.22+)
- Add nil guard in persistProjectID for test safety

											
										
										
											2026-02-11 13:00:31 +08:00
 									// projectIDFillCooldown 同一账号 project_id 补齐失败后的冷却时间
 									projectIDFillCooldown = 60 * time.Second
 									// fallbackProjectID 所有获取方式都失败时的兜底值（与 Antigravity-Manager 一致）
 									fallbackProjectID = "bamboo-precept-lgxtn"
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+								)
 								// AntigravityTokenCache Token 缓存接口（复用 GeminiTokenCache 接口定义）
 								type AntigravityTokenCache = GeminiTokenCache
 								// AntigravityTokenProvider 管理 Antigravity 账户的 access_token
 								type AntigravityTokenProvider struct {
-												fix: gofmt

											
										
										
											2025-12-29 18:15:13 +08:00
+									accountRepo             AccountRepository
 									tokenCache              AntigravityTokenCache
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+									antigravityOAuthService *AntigravityOAuthService
-												refactor: optimize project_id fill to lightweight approach

- Replace heavy RefreshAccountToken with lightweight tryFillProjectID
  (loadCodeAssist → onboardUser → fallback), consistent with
  Antigravity-Manager's behavior
- Add sync.Map cooldown/dedup (60s) to prevent repeated fill attempts
- Add fallback project_id "bamboo-precept-lgxtn" matching AM
- Extract mergeCredentials helper to eliminate duplication
- Use slog structured logging instead of log.Printf
- Fix time.Sleep in OnboardUser to context-aware select
- Fix strings.NewReader(string(bodyBytes)) → bytes.NewReader(bodyBytes)
- Remove redundant tc := tc in test (Go 1.22+)
- Add nil guard in persistProjectID for test safety

											
										
										
											2026-02-11 13:00:31 +08:00
 									// projectIDFillAttempts 记录每个账号最近一次 project_id 补齐尝试时间，用于冷却去重
 									projectIDFillAttempts sync.Map // map[int64]time.Time
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+								}
 								func NewAntigravityTokenProvider(
 									accountRepo AccountRepository,
 									tokenCache AntigravityTokenCache,
 									antigravityOAuthService *AntigravityOAuthService,
 								) *AntigravityTokenProvider {
 									return &AntigravityTokenProvider{
-												fix: gofmt

											
										
										
											2025-12-29 18:15:13 +08:00
+										accountRepo:             accountRepo,
 										tokenCache:              tokenCache,
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+										antigravityOAuthService: antigravityOAuthService,
 									}
 								}
 								// GetAccessToken 获取有效的 access_token
 								func (p *AntigravityTokenProvider) GetAccessToken(ctx context.Context, account *Account) (string, error) {
 									if account == nil {
 										return "", errors.New("account is nil")
 									}
-												fix(antigravity): support upstream accounts and custom model_mapping in scheduling

- GetAccessToken: add upstream branch to read api_key from credentials
- shouldTriggerAntigravitySmartRetry: relax check from IsOAuth to Platform-based
- isModelSupportedByAccount/WithContext: replace IsAntigravityModelSupported
  whitelist with mapAntigravityModel for unified scheduling/forwarding logic
- mapAntigravityModel: fix edge case where wildcard target equals request model
- Update tests for new behavior and add custom model_mapping test cases

											
										
										
											2026-02-07 14:32:08 +08:00
+									if account.Platform != PlatformAntigravity {
 										return "", errors.New("not an antigravity account")
 									}
 									// upstream 类型：直接从 credentials 读取 api_key，不走 OAuth 刷新流程
 									if account.Type == AccountTypeUpstream {
 										apiKey := account.GetCredential("api_key")
 										if apiKey == "" {
 											return "", errors.New("upstream account missing api_key in credentials")
 										}
 										return apiKey, nil
 									}
 									if account.Type != AccountTypeOAuth {
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+										return "", errors.New("not an antigravity oauth account")
 									}
-												fix(认证): 修复 OAuth token 缓存失效与 401 处理

新增 token 缓存失效接口并在刷新后清理
401 限流支持自定义规则与可配置冷却时间
补齐缓存失效与 401 处理测试
测试: make test

											
										
										
											2026-01-14 15:55:44 +08:00
+									cacheKey := AntigravityTokenCacheKey(account)
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
 									// 1. 先尝试缓存
 									if p.tokenCache != nil {
 										if token, err := p.tokenCache.GetAccessToken(ctx, cacheKey); err == nil && strings.TrimSpace(token) != "" {
 											return token, nil
 										}
 									}
 									// 2. 如果即将过期则刷新
-												refactor(service): 统一时间戳解析，支持多种格式

新增 Account.GetCredentialAsTime 方法，统一处理凭证中的时间戳字段，
兼容 RFC3339 字符串、Unix 时间戳字符串和数字类型。

- 重构 Claude/Gemini/Antigravity TokenRefresher.NeedsRefresh
- 移除重复的 parseExpiresAt/parseAntigravityExpiresAt 函数
- 简化 GetOpenAITokenExpiresAt 实现
- 新增 RFC3339 格式单元测试用例

											
										
										
											2025-12-31 16:25:45 +08:00
+									expiresAt := account.GetCredentialAsTime("expires_at")
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+									needsRefresh := expiresAt == nil || time.Until(*expiresAt) <= antigravityTokenRefreshSkew
 									if needsRefresh && p.tokenCache != nil {
 										locked, err := p.tokenCache.AcquireRefreshLock(ctx, cacheKey, 30*time.Second)
 										if err == nil && locked {
 											defer func() { _ = p.tokenCache.ReleaseRefreshLock(ctx, cacheKey) }()
 											// 拿到锁后再次检查缓存（另一个 worker 可能已刷新）
 											if token, err := p.tokenCache.GetAccessToken(ctx, cacheKey); err == nil && strings.TrimSpace(token) != "" {
 												return token, nil
 											}
 											// 从数据库获取最新账户信息
 											fresh, err := p.accountRepo.GetByID(ctx, account.ID)
 											if err == nil && fresh != nil {
 												account = fresh
 											}
-												refactor(service): 统一时间戳解析，支持多种格式

新增 Account.GetCredentialAsTime 方法，统一处理凭证中的时间戳字段，
兼容 RFC3339 字符串、Unix 时间戳字符串和数字类型。

- 重构 Claude/Gemini/Antigravity TokenRefresher.NeedsRefresh
- 移除重复的 parseExpiresAt/parseAntigravityExpiresAt 函数
- 简化 GetOpenAITokenExpiresAt 实现
- 新增 RFC3339 格式单元测试用例

											
										
										
											2025-12-31 16:25:45 +08:00
+											expiresAt = account.GetCredentialAsTime("expires_at")
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+											if expiresAt == nil || time.Until(*expiresAt) <= antigravityTokenRefreshSkew {
 												if p.antigravityOAuthService == nil {
 													return "", errors.New("antigravity oauth service not configured")
 												}
 												tokenInfo, err := p.antigravityOAuthService.RefreshAccountToken(ctx, account)
 												if err != nil {
 													return "", err
 												}
 												newCredentials := p.antigravityOAuthService.BuildAccountCredentials(tokenInfo)
-												refactor: optimize project_id fill to lightweight approach

- Replace heavy RefreshAccountToken with lightweight tryFillProjectID
  (loadCodeAssist → onboardUser → fallback), consistent with
  Antigravity-Manager's behavior
- Add sync.Map cooldown/dedup (60s) to prevent repeated fill attempts
- Add fallback project_id "bamboo-precept-lgxtn" matching AM
- Extract mergeCredentials helper to eliminate duplication
- Use slog structured logging instead of log.Printf
- Fix time.Sleep in OnboardUser to context-aware select
- Fix strings.NewReader(string(bodyBytes)) → bytes.NewReader(bodyBytes)
- Remove redundant tc := tc in test (Go 1.22+)
- Add nil guard in persistProjectID for test safety

											
										
										
											2026-02-11 13:00:31 +08:00
+												mergeCredentials(newCredentials, account.Credentials)
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+												account.Credentials = newCredentials
 												if updateErr := p.accountRepo.Update(ctx, account); updateErr != nil {
-												refactor: optimize project_id fill to lightweight approach

- Replace heavy RefreshAccountToken with lightweight tryFillProjectID
  (loadCodeAssist → onboardUser → fallback), consistent with
  Antigravity-Manager's behavior
- Add sync.Map cooldown/dedup (60s) to prevent repeated fill attempts
- Add fallback project_id "bamboo-precept-lgxtn" matching AM
- Extract mergeCredentials helper to eliminate duplication
- Use slog structured logging instead of log.Printf
- Fix time.Sleep in OnboardUser to context-aware select
- Fix strings.NewReader(string(bodyBytes)) → bytes.NewReader(bodyBytes)
- Remove redundant tc := tc in test (Go 1.22+)
- Add nil guard in persistProjectID for test safety

											
										
										
											2026-02-11 13:00:31 +08:00
+													slog.Error("failed to update account credentials after token refresh", "account_id", account.ID, "error", updateErr)
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+												}
-												refactor(service): 统一时间戳解析，支持多种格式

新增 Account.GetCredentialAsTime 方法，统一处理凭证中的时间戳字段，
兼容 RFC3339 字符串、Unix 时间戳字符串和数字类型。

- 重构 Claude/Gemini/Antigravity TokenRefresher.NeedsRefresh
- 移除重复的 parseExpiresAt/parseAntigravityExpiresAt 函数
- 简化 GetOpenAITokenExpiresAt 实现
- 新增 RFC3339 格式单元测试用例

											
										
										
											2025-12-31 16:25:45 +08:00
+												expiresAt = account.GetCredentialAsTime("expires_at")
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+											}
 										}
 									}
 									accessToken := account.GetCredential("access_token")
 									if strings.TrimSpace(accessToken) == "" {
 										return "", errors.New("access_token not found in credentials")
 									}
-												refactor: optimize project_id fill to lightweight approach

- Replace heavy RefreshAccountToken with lightweight tryFillProjectID
  (loadCodeAssist → onboardUser → fallback), consistent with
  Antigravity-Manager's behavior
- Add sync.Map cooldown/dedup (60s) to prevent repeated fill attempts
- Add fallback project_id "bamboo-precept-lgxtn" matching AM
- Extract mergeCredentials helper to eliminate duplication
- Use slog structured logging instead of log.Printf
- Fix time.Sleep in OnboardUser to context-aware select
- Fix strings.NewReader(string(bodyBytes)) → bytes.NewReader(bodyBytes)
- Remove redundant tc := tc in test (Go 1.22+)
- Add nil guard in persistProjectID for test safety

											
										
										
											2026-02-11 13:00:31 +08:00
+									// 3. 如果缺少 project_id，轻量补齐（不刷新 token）
 									if strings.TrimSpace(account.GetCredential("project_id")) == "" {
 										p.tryFillProjectID(ctx, account, accessToken)
-												fix: 补齐 Antigravity OAuth 账号 project_id 获取逻辑

部分账号 loadCodeAssist 不会立即返回 cloudaicompanionProject，
导致转发时 project 字段为空，上游返回 400 "Invalid project resource name projects/"。

- 新增 OnboardUser API：当 loadCodeAssist 未返回 project_id 时，
  通过 onboardUser 完成账号初始化并获取 project_id
- token 刷新时增加 onboard 兜底逻辑
- GetAccessToken 按需补齐：转发时发现 project_id 为空立即触发刷新
- 新增 resolveDefaultTierID 单元测试

											
										
										
											2026-02-11 12:25:04 +08:00
+									}
-												refactor: optimize project_id fill to lightweight approach

- Replace heavy RefreshAccountToken with lightweight tryFillProjectID
  (loadCodeAssist → onboardUser → fallback), consistent with
  Antigravity-Manager's behavior
- Add sync.Map cooldown/dedup (60s) to prevent repeated fill attempts
- Add fallback project_id "bamboo-precept-lgxtn" matching AM
- Extract mergeCredentials helper to eliminate duplication
- Use slog structured logging instead of log.Printf
- Fix time.Sleep in OnboardUser to context-aware select
- Fix strings.NewReader(string(bodyBytes)) → bytes.NewReader(bodyBytes)
- Remove redundant tc := tc in test (Go 1.22+)
- Add nil guard in persistProjectID for test safety

											
										
										
											2026-02-11 13:00:31 +08:00
+									// 4. 存入缓存（验证版本后再写入，避免异步刷新任务与请求线程的竞态条件）
-												fix(token-cache): 版本过时时使用最新token而非旧token

上次修复(2665230)只阻止了写入缓存，但仍返回旧token导致403。
现在版本过时时直接使用DB中的最新token返回。

- 重构 IsTokenVersionStale 为 CheckTokenVersion，返回最新account
- 消除重复DB查询，复用版本检查时已获取的account

											
										
										
											2026-01-23 10:29:52 +08:00
+									if p.tokenCache != nil {
 										latestAccount, isStale := CheckTokenVersion(ctx, account, p.accountRepo)
 										if isStale && latestAccount != nil {
 											// 版本过时，使用 DB 中的最新 token
 											slog.Debug("antigravity_token_version_stale_use_latest", "account_id", account.ID)
 											accessToken = latestAccount.GetCredential("access_token")
 											if strings.TrimSpace(accessToken) == "" {
 												return "", errors.New("access_token not found after version check")
 											}
 											// 不写入缓存，让下次请求重新处理
 										} else {
 											ttl := 30 * time.Minute
 											if expiresAt != nil {
 												until := time.Until(*expiresAt)
 												switch {
 												case until > antigravityTokenCacheSkew:
 													ttl = until - antigravityTokenCacheSkew
 												case until > 0:
 													ttl = until
 												default:
 													ttl = time.Minute
 												}
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+											}
-												fix(token-cache): 版本过时时使用最新token而非旧token

上次修复(2665230)只阻止了写入缓存，但仍返回旧token导致403。
现在版本过时时直接使用DB中的最新token返回。

- 重构 IsTokenVersionStale 为 CheckTokenVersion，返回最新account
- 消除重复DB查询，复用版本检查时已获取的account

											
										
										
											2026-01-23 10:29:52 +08:00
+											_ = p.tokenCache.SetAccessToken(ctx, cacheKey, accessToken, ttl)
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+										}
 									}
 									return accessToken, nil
 								}
-												refactor: optimize project_id fill to lightweight approach

- Replace heavy RefreshAccountToken with lightweight tryFillProjectID
  (loadCodeAssist → onboardUser → fallback), consistent with
  Antigravity-Manager's behavior
- Add sync.Map cooldown/dedup (60s) to prevent repeated fill attempts
- Add fallback project_id "bamboo-precept-lgxtn" matching AM
- Extract mergeCredentials helper to eliminate duplication
- Use slog structured logging instead of log.Printf
- Fix time.Sleep in OnboardUser to context-aware select
- Fix strings.NewReader(string(bodyBytes)) → bytes.NewReader(bodyBytes)
- Remove redundant tc := tc in test (Go 1.22+)
- Add nil guard in persistProjectID for test safety

											
										
										
											2026-02-11 13:00:31 +08:00
+								// tryFillProjectID 轻量级 project_id 补齐（与 Antigravity-Manager 保持一致）
 								// 只调用 loadCodeAssist + onboardUser，不刷新 token。
 								// 带冷却去重：同一账号 60s 内不重复尝试。
 								func (p *AntigravityTokenProvider) tryFillProjectID(ctx context.Context, account *Account, accessToken string) {
 									// 冷却检查：60s 内不重复尝试
 									if lastAttempt, ok := p.projectIDFillAttempts.Load(account.ID); ok {
-												fix: use safe type assertion for errcheck lint compliance

											
										
										
											2026-02-11 13:06:41 +08:00
+										if t, ok := lastAttempt.(time.Time); ok && time.Since(t) < projectIDFillCooldown {
-												refactor: optimize project_id fill to lightweight approach

- Replace heavy RefreshAccountToken with lightweight tryFillProjectID
  (loadCodeAssist → onboardUser → fallback), consistent with
  Antigravity-Manager's behavior
- Add sync.Map cooldown/dedup (60s) to prevent repeated fill attempts
- Add fallback project_id "bamboo-precept-lgxtn" matching AM
- Extract mergeCredentials helper to eliminate duplication
- Use slog structured logging instead of log.Printf
- Fix time.Sleep in OnboardUser to context-aware select
- Fix strings.NewReader(string(bodyBytes)) → bytes.NewReader(bodyBytes)
- Remove redundant tc := tc in test (Go 1.22+)
- Add nil guard in persistProjectID for test safety

											
										
										
											2026-02-11 13:00:31 +08:00
+											return
 										}
 									}
 									p.projectIDFillAttempts.Store(account.ID, time.Now())
 									proxyURL := ""
 									if account.ProxyID != nil && account.Proxy != nil {
 										proxyURL = account.Proxy.URL()
 									}
 									client := antigravity.NewClient(proxyURL)
 									// Step 1: loadCodeAssist（单次调用，不重试）
 									loadResp, loadRaw, err := client.LoadCodeAssist(ctx, accessToken)
 									if err == nil && loadResp != nil && loadResp.CloudAICompanionProject != "" {
 										p.persistProjectID(ctx, account, loadResp.CloudAICompanionProject)
 										p.projectIDFillAttempts.Delete(account.ID) // 成功后清除冷却
 										return
 									}
 									// Step 2: onboardUser（loadCodeAssist 成功但未返回 project_id 时）
 									if err == nil {
 										if projectID, onboardErr := tryOnboardProjectID(ctx, client, accessToken, loadRaw); onboardErr == nil && projectID != "" {
 											p.persistProjectID(ctx, account, projectID)
 											p.projectIDFillAttempts.Delete(account.ID)
 											return
 										}
 									}
 									// Step 3: 兜底值（与 Antigravity-Manager 一致）
 									slog.Warn("project_id fill failed, using fallback",
 										"account_id", account.ID,
 										"fallback", fallbackProjectID,
 									)
 									p.persistProjectID(ctx, account, fallbackProjectID)
 								}
 								// persistProjectID 将 project_id 写入账号凭证并持久化
 								func (p *AntigravityTokenProvider) persistProjectID(ctx context.Context, account *Account, projectID string) {
 									account.Credentials["project_id"] = projectID
 									if p.accountRepo == nil {
 										return
 									}
 									if updateErr := p.accountRepo.Update(ctx, account); updateErr != nil {
 										slog.Error("failed to persist project_id", "account_id", account.ID, "error", updateErr)
 									}
 								}
 								// mergeCredentials 将 old 中不存在于 new 的字段合并到 new
 								func mergeCredentials(newCreds, oldCreds map[string]any) {
 									for k, v := range oldCreds {
 										if _, exists := newCreds[k]; !exists {
 											newCreds[k] = v
 										}
 									}
 								}
-												fix(认证): 修复 OAuth token 缓存失效与 401 处理

新增 token 缓存失效接口并在刷新后清理
401 限流支持自定义规则与可配置冷却时间
补齐缓存失效与 401 处理测试
测试: make test

											
										
										
											2026-01-14 15:55:44 +08:00
+								func AntigravityTokenCacheKey(account *Account) string {
-												feat: 完善 Antigravity 多平台网关支持，修复 Gemini handler 分流逻辑

											
										
										
											2025-12-28 17:48:52 +08:00
+									projectID := strings.TrimSpace(account.GetCredential("project_id"))
 									if projectID != "" {
 										return "ag:" + projectID
 									}
 									return "ag:account:" + strconv.FormatInt(account.ID, 10)
 								}