@chrysb/alphaclaw 0.9.16 → 0.9.18

package/lib/server/login-throttle.js

@@ -1,77 +1,274 @@
-const { kLoginWindowMs, kLoginMaxAttempts, kLoginBaseLockMs, kLoginMaxLockMs, kLoginStateTtlMs } = require("./constants");
-
-const createLoginThrottle = () => {
-  const kLoginAttemptStates = new Map();
-
-  const getOrCreateLoginAttemptState = (clientKey, now) => {
-    const existing = kLoginAttemptStates.get(clientKey);
-    if (existing) {
-      existing.lastSeenAt = now;
-      return existing;
-    }
-    const next = {
-      attempts: 0,
-      windowStart: now,
-      lockUntil: 0,
-      failStreak: 0,
-      lastSeenAt: now,
-    };
-    kLoginAttemptStates.set(clientKey, next);
-    return next;
-  };
+const {
+  kLoginWindowMs,
+  kLoginMaxAttempts,
+  kLoginBaseLockMs,
+  kLoginMaxLockMs,
+  kLoginGlobalWindowMs,
+  kLoginGlobalMaxAttempts,
+  kLoginGlobalBaseLockMs,
+  kLoginGlobalMaxLockMs,
+  kLoginStateTtlMs,
+} = require("./constants");
 
-  const evaluateLoginThrottle = (state, now) => {
-    if (!state) return { blocked: false, retryAfterSec: 0 };
-    if (state.lockUntil > now) {
-      return {
-        blocked: true,
-        retryAfterSec: Math.max(1, Math.ceil((state.lockUntil - now) / 1000)),
-      };
-    }
-    if (now - state.windowStart >= kLoginWindowMs) {
-      state.attempts = 0;
-      state.windowStart = now;
-    }
-    return { blocked: false, retryAfterSec: 0 };
+const kGlobalStateKey = "global:login";
+const kLoginThrottleScope = "login";
+
+const createLoginAttemptState = (now) => ({
+  attempts: 0,
+  windowStart: now,
+  lockUntil: 0,
+  failStreak: 0,
+  lastSeenAt: now,
+});
+
+const normalizeState = (state, now) => ({
+  attempts: Number.parseInt(String(state?.attempts ?? 0), 10) || 0,
+  windowStart: Number.parseInt(String(state?.windowStart ?? now), 10) || now,
+  lockUntil: Number.parseInt(String(state?.lockUntil ?? 0), 10) || 0,
+  failStreak: Number.parseInt(String(state?.failStreak ?? 0), 10) || 0,
+  lastSeenAt: Number.parseInt(String(state?.lastSeenAt ?? now), 10) || now,
+});
+
+const createMemoryLoginThrottleStore = () => {
+  const states = new Map();
+
+  return {
+    get: (stateKey) => states.get(stateKey) || null,
+    set: (stateKey, state) => {
+      states.set(stateKey, { ...state });
+    },
+    delete: (stateKey) => {
+      states.delete(stateKey);
+    },
+    entries: () =>
+      Array.from(states.entries()).map(([stateKey, state]) => [
+        stateKey,
+        { ...state },
+      ]),
+    runExclusive: (callback) => callback(),
   };
+};
 
-  const recordLoginFailure = (state, now) => {
-    if (!state) return { lockMs: 0, locked: false };
-    if (now - state.windowStart >= kLoginWindowMs) {
-      state.attempts = 0;
-      state.windowStart = now;
-    }
-    state.attempts += 1;
+const getClientStateKey = (clientKey, scope = kLoginThrottleScope) => {
+  const normalizedClientKey = String(clientKey || "unknown");
+  return scope === kLoginThrottleScope
+    ? `client:${normalizedClientKey}`
+    : `client:${scope}:${normalizedClientKey}`;
+};
+
+const getGlobalStateKey = (scope = kLoginThrottleScope) =>
+  scope === kLoginThrottleScope ? kGlobalStateKey : `global:${scope}`;
+
+const getOrCreateState = (store, stateKey, now) => {
+  const existing = store.get(stateKey);
+  if (existing) {
+    const state = normalizeState(existing, now);
     state.lastSeenAt = now;
-    if (state.attempts < kLoginMaxAttempts) {
-      return { lockMs: 0, locked: false };
-    }
-    state.failStreak += 1;
+    store.set(stateKey, state);
+    return state;
+  }
+  const next = createLoginAttemptState(now);
+  store.set(stateKey, next);
+  return next;
+};
+
+const evaluateState = ({ store, stateKey, now, windowMs }) => {
+  const state = getOrCreateState(store, stateKey, now);
+  if (state.lockUntil > now) {
+    return {
+      state,
+      blocked: true,
+      retryAfterSec: Math.max(1, Math.ceil((state.lockUntil - now) / 1000)),
+    };
+  }
+  if (now - state.windowStart >= windowMs) {
+    state.attempts = 0;
+    state.windowStart = now;
+    store.set(stateKey, state);
+  }
+  return { state, blocked: false, retryAfterSec: 0 };
+};
+
+const recordStateFailure = ({
+  store,
+  stateKey,
+  now,
+  windowMs,
+  maxAttempts,
+  baseLockMs,
+  maxLockMs,
+}) => {
+  const state = getOrCreateState(store, stateKey, now);
+  if (state.lockUntil > now) {
+    return {
+      state,
+      lockMs: state.lockUntil - now,
+      locked: true,
+      retryAfterSec: Math.max(1, Math.ceil((state.lockUntil - now) / 1000)),
+    };
+  }
+  if (now - state.windowStart >= windowMs) {
     state.attempts = 0;
     state.windowStart = now;
-    const lockMultiplier = Math.max(1, 2 ** (state.failStreak - 1));
-    const lockMs = Math.min(kLoginBaseLockMs * lockMultiplier, kLoginMaxLockMs);
-    state.lockUntil = now + lockMs;
-    return { lockMs, locked: true };
+  }
+  state.attempts += 1;
+  state.lastSeenAt = now;
+  if (state.attempts < maxAttempts) {
+    store.set(stateKey, state);
+    return { state, lockMs: 0, locked: false, retryAfterSec: 0 };
+  }
+  state.failStreak += 1;
+  state.attempts = 0;
+  state.windowStart = now;
+  const lockMultiplier = Math.max(1, 2 ** (state.failStreak - 1));
+  const lockMs = Math.min(baseLockMs * lockMultiplier, maxLockMs);
+  state.lockUntil = now + lockMs;
+  store.set(stateKey, state);
+  return {
+    state,
+    lockMs,
+    locked: true,
+    retryAfterSec: Math.max(1, Math.ceil(lockMs / 1000)),
+  };
+};
+
+const chooseThrottleResult = (...results) => {
+  const blockedResults = results.filter((result) => result.blocked);
+  if (blockedResults.length === 0) {
+    return { blocked: false, retryAfterSec: 0 };
+  }
+  return {
+    blocked: true,
+    retryAfterSec: Math.max(
+      ...blockedResults.map((result) => result.retryAfterSec || 0),
+    ),
   };
+};
+
+const chooseFailureResult = (...results) => {
+  const lockedResults = results.filter((result) => result.locked);
+  if (lockedResults.length === 0) {
+    return { lockMs: 0, locked: false, retryAfterSec: 0 };
+  }
+  return {
+    lockMs: Math.max(...lockedResults.map((result) => result.lockMs || 0)),
+    locked: true,
+    retryAfterSec: Math.max(
+      ...lockedResults.map((result) => result.retryAfterSec || 0),
+    ),
+  };
+};
+
+const createLoginThrottle = ({
+  store = createMemoryLoginThrottleStore(),
+  scope = kLoginThrottleScope,
+  windowMs = kLoginWindowMs,
+  maxAttempts = kLoginMaxAttempts,
+  baseLockMs = kLoginBaseLockMs,
+  maxLockMs = kLoginMaxLockMs,
+  globalWindowMs = kLoginGlobalWindowMs,
+  globalMaxAttempts = kLoginGlobalMaxAttempts,
+  globalBaseLockMs = kLoginGlobalBaseLockMs,
+  globalMaxLockMs = kLoginGlobalMaxLockMs,
+  stateTtlMs = kLoginStateTtlMs,
+} = {}) => {
+  const runExclusive =
+    typeof store.runExclusive === "function"
+      ? (callback) => store.runExclusive(callback)
+      : (callback) => callback();
+
+  const getOrCreateLoginAttemptState = (clientKey, now) =>
+    runExclusive(() => {
+      const clientStateKey = getClientStateKey(clientKey, scope);
+      const globalStateKey = getGlobalStateKey(scope);
+      return {
+        clientKey,
+        clientStateKey,
+        globalStateKey,
+        client: getOrCreateState(store, clientStateKey, now),
+        global: getOrCreateState(store, globalStateKey, now),
+      };
+    });
+
+  const evaluateLoginThrottle = (stateBundle, now) =>
+    runExclusive(() => {
+      const clientStateKey =
+        stateBundle?.clientStateKey ||
+        getClientStateKey(stateBundle?.clientKey, scope);
+      const globalStateKey = stateBundle?.globalStateKey || getGlobalStateKey(scope);
+      const clientResult = evaluateState({
+        store,
+        stateKey: clientStateKey,
+        now,
+        windowMs,
+      });
+      const globalResult = evaluateState({
+        store,
+        stateKey: globalStateKey,
+        now,
+        windowMs: globalWindowMs,
+      });
+      if (stateBundle) {
+        stateBundle.client = clientResult.state;
+        stateBundle.global = globalResult.state;
+      }
+      return chooseThrottleResult(clientResult, globalResult);
+    });
+
+  const recordLoginFailure = (stateBundle, now) =>
+    runExclusive(() => {
+      const clientStateKey =
+        stateBundle?.clientStateKey ||
+        getClientStateKey(stateBundle?.clientKey, scope);
+      const globalStateKey = stateBundle?.globalStateKey || getGlobalStateKey(scope);
+      const clientResult = recordStateFailure({
+        store,
+        stateKey: clientStateKey,
+        now,
+        windowMs,
+        maxAttempts,
+        baseLockMs,
+        maxLockMs,
+      });
+      const globalResult = recordStateFailure({
+        store,
+        stateKey: globalStateKey,
+        now,
+        windowMs: globalWindowMs,
+        maxAttempts: globalMaxAttempts,
+        baseLockMs: globalBaseLockMs,
+        maxLockMs: globalMaxLockMs,
+      });
+      if (stateBundle) {
+        stateBundle.client = clientResult.state;
+        stateBundle.global = globalResult.state;
+      }
+      return chooseFailureResult(clientResult, globalResult);
+    });
 
   const recordLoginSuccess = (clientKey) => {
     if (!clientKey) return;
-    kLoginAttemptStates.delete(clientKey);
+    runExclusive(() => {
+      store.delete(getClientStateKey(clientKey, scope));
+      store.delete(getGlobalStateKey(scope));
+    });
   };
 
   const cleanupLoginAttemptStates = () => {
     const now = Date.now();
-    for (const [key, state] of kLoginAttemptStates.entries()) {
-      if (!state) {
-        kLoginAttemptStates.delete(key);
-        continue;
+    runExclusive(() => {
+      for (const [stateKey, rawState] of store.entries()) {
+        if (!rawState) {
+          store.delete(stateKey);
+          continue;
+        }
+        const state = normalizeState(rawState, now);
+        if (state.lockUntil > now) continue;
+        if (now - state.lastSeenAt > stateTtlMs) {
+          store.delete(stateKey);
+        }
       }
-      if (state.lockUntil > now) continue;
-      if (now - state.lastSeenAt > kLoginStateTtlMs) {
-        kLoginAttemptStates.delete(key);
-      }
-    }
+    });
   };
 
   return {
@@ -83,4 +280,8 @@ const createLoginThrottle = () => {
   };
 };
 
-module.exports = { createLoginThrottle };
+module.exports = {
+  createLoginThrottle,
+  createMemoryLoginThrottleStore,
+  kGlobalStateKey,
+};

package/lib/server/model-catalog-bootstrap.json

@@ -554,6 +554,11 @@
       "provider": "anthropic",
       "label": "Claude Opus 4.6"
     },
+    {
+      "key": "anthropic/claude-opus-4-8",
+      "provider": "anthropic",
+      "label": "Claude Opus 4.8"
+    },
     {
       "key": "anthropic/claude-opus-4-7",
       "provider": "anthropic",

package/lib/server/onboarding/index.js

@@ -327,7 +327,7 @@ const createOnboardingService = ({
   authProfiles,
   ensureGatewayProxyConfig,
   getBaseUrl,
-  startGateway,
+  runOnboardedBootSequence,
 }) => {
   const { OPENCLAW_DIR, WORKSPACE_DIR, kOnboardingMarkerPath } = constants;
 
@@ -567,7 +567,7 @@ const createOnboardingService = ({
       console.error("[onboard] Git push error:", e.message);
     }
 
-    startGateway();
+    runOnboardedBootSequence();
     return { status: 200, body: { ok: true } };
   };
 

package/lib/server/onboarding/openclaw.js

@@ -4,6 +4,7 @@ const {
   ensurePluginAllowed,
   ensureUsageTrackerPluginEntry,
 } = require("../usage-tracker-config");
+const { isOpenAiCompatApiEnabled } = require("../alphaclaw-config");
 
 const kDefaultToolsProfile = "full";
 const kBootstrapExtraFiles = [
@@ -133,16 +134,29 @@ const buildOnboardArgs = ({
   return onboardArgs;
 };
 
-const ensureManagedConfigShell = (cfg) => {
+const ensureManagedConfigShell = (cfg, { openAiCompatApiEnabled = false } = {}) => {
   if (!cfg.channels) cfg.channels = {};
   ensurePluginsShell(cfg);
   if (!cfg.commands) cfg.commands = {};
   if (!cfg.tools) cfg.tools = {};
+  if (!cfg.gateway) cfg.gateway = {};
   if (!cfg.hooks) cfg.hooks = {};
   if (!cfg.hooks.internal) cfg.hooks.internal = {};
   if (!cfg.hooks.internal.entries) cfg.hooks.internal.entries = {};
   cfg.commands.restart = true;
   cfg.tools.profile = kDefaultToolsProfile;
+  if (openAiCompatApiEnabled) {
+    if (!cfg.gateway.http) cfg.gateway.http = {};
+    if (!cfg.gateway.http.endpoints) cfg.gateway.http.endpoints = {};
+    cfg.gateway.http.endpoints.chatCompletions = {
+      ...(cfg.gateway.http.endpoints.chatCompletions || {}),
+      enabled: true,
+    };
+    cfg.gateway.http.endpoints.responses = {
+      ...(cfg.gateway.http.endpoints.responses || {}),
+      enabled: true,
+    };
+  }
   cfg.hooks.internal.enabled = true;
   cfg.hooks.internal.entries["bootstrap-extra-files"] = {
     ...(cfg.hooks.internal.entries["bootstrap-extra-files"] || {}),
@@ -224,7 +238,12 @@ const writeSanitizedOpenclawConfig = ({
 }) => {
   const configPath = `${openclawDir}/openclaw.json`;
   const cfg = JSON.parse(fs.readFileSync(configPath, "utf8"));
-  ensureManagedConfigShell(cfg);
+  ensureManagedConfigShell(cfg, {
+    openAiCompatApiEnabled: isOpenAiCompatApiEnabled({
+      fsModule: fs,
+      openclawDir,
+    }),
+  });
   applyFreshOnboardingChannels({
     cfg,
     varMap,
@@ -256,7 +275,12 @@ const writeManagedImportOpenclawConfig = ({
 }) => {
   const configPath = `${openclawDir}/openclaw.json`;
   const cfg = JSON.parse(fs.readFileSync(configPath, "utf8"));
-  ensureManagedConfigShell(cfg);
+  ensureManagedConfigShell(cfg, {
+    openAiCompatApiEnabled: isOpenAiCompatApiEnabled({
+      fsModule: fs,
+      openclawDir,
+    }),
+  });
 
   ensureUsageTrackerPluginEntry(cfg);
 

package/lib/server/openclaw-thinking.js

@@ -0,0 +1,103 @@
+const fs = require("fs");
+const path = require("path");
+const { pathToFileURL } = require("url");
+
+const kThinkingModuleSentinel = "listThinkingLevelOptions";
+
+let thinkingModulePromise = null;
+
+const resolveOpenclawDistDir = () => path.dirname(require.resolve("openclaw"));
+
+const resolveThinkingModulePath = (distDir = resolveOpenclawDistDir()) => {
+  for (const name of fs.readdirSync(distDir)) {
+    if (!/^thinking-.*\.js$/.test(name)) continue;
+    if (name.includes("api") || name.includes("policy")) continue;
+    const fullPath = path.join(distDir, name);
+    const source = fs.readFileSync(fullPath, "utf8");
+    if (source.includes(kThinkingModuleSentinel)) return fullPath;
+  }
+  throw new Error("OpenClaw thinking module not found");
+};
+
+const loadThinkingModule = async () => {
+  if (!thinkingModulePromise) {
+    const modulePath = resolveThinkingModulePath();
+    thinkingModulePromise = import(pathToFileURL(modulePath).href);
+  }
+  return thinkingModulePromise;
+};
+
+const splitModelKey = (modelKey = "") => {
+  const normalized = String(modelKey || "").trim();
+  const slashIndex = normalized.indexOf("/");
+  if (slashIndex <= 0) return { provider: "", model: normalized };
+  return {
+    provider: normalized.slice(0, slashIndex),
+    model: normalized.slice(slashIndex + 1),
+  };
+};
+
+const buildCatalogEntry = ({ provider, model, reasoning, compat } = {}) => {
+  const normalizedProvider = String(provider || "").trim();
+  const normalizedModel = String(model || "").trim();
+  if (!normalizedProvider || !normalizedModel) return null;
+  const entry = {
+    provider: normalizedProvider,
+    id: normalizedModel,
+  };
+  if (typeof reasoning === "boolean") entry.reasoning = reasoning;
+  if (compat && typeof compat === "object") entry.compat = compat;
+  return entry;
+};
+
+const resolveThinkingApi = async () => {
+  const mod = await loadThinkingModule();
+  return {
+    listThinkingLevelOptions: mod.listThinkingLevelOptions || mod.i,
+    resolveThinkingDefaultForModel: mod.resolveThinkingDefaultForModel || mod.s,
+    normalizeThinkLevel: mod.normalizeThinkLevel || mod.p,
+  };
+};
+
+const resolveThinkingOptionsForModel = async ({
+  modelKey = "",
+  catalog = [],
+} = {}) => {
+  const { provider, model } = splitModelKey(modelKey);
+  if (!provider || !model) {
+    return {
+      levels: [],
+      modelDefault: "off",
+    };
+  }
+  const api = await resolveThinkingApi();
+  const levels = api.listThinkingLevelOptions(provider, model, catalog) || [];
+  const modelDefault =
+    api.resolveThinkingDefaultForModel({
+      provider,
+      model,
+      catalog,
+    }) || "off";
+  return {
+    levels: levels.map((entry) => ({
+      id: String(entry?.id || "").trim(),
+      label: String(entry?.label || entry?.id || "").trim(),
+    })),
+    modelDefault: String(modelDefault || "off").trim() || "off",
+  };
+};
+
+const normalizeThinkingDefaultValue = async (raw) => {
+  if (raw === null || raw === undefined || raw === "") return null;
+  const api = await resolveThinkingApi();
+  const normalized = api.normalizeThinkLevel(String(raw || "").trim());
+  return normalized || null;
+};
+
+module.exports = {
+  buildCatalogEntry,
+  loadThinkingModule,
+  normalizeThinkingDefaultValue,
+  resolveThinkingOptionsForModel,
+  splitModelKey,
+};

package/lib/server/openclaw-version.js

@@ -237,7 +237,7 @@ const createOpenclawVersionService = ({
       });
       let restarted = false;
       if (isOnboarded()) {
-        restartGateway();
+        await restartGateway();
         restarted = true;
       }
       return {

package/lib/server/routes/agents.js

@@ -178,7 +178,11 @@ const registerAgentRoutes = ({
 
   app.get("/api/agents", (_req, res) => {
     try {
-      res.json({ ok: true, agents: agentsService.listAgents() });
+      res.json({
+        ok: true,
+        agents: agentsService.listAgents(),
+        defaults: agentsService.getAgentDefaults?.() || {},
+      });
     } catch (error) {
       res.status(500).json({ ok: false, error: error.message });
     }
@@ -237,9 +241,12 @@ const registerAgentRoutes = ({
     }
   });
 
-  app.put("/api/agents/:id", (req, res) => {
+  app.put("/api/agents/:id", async (req, res) => {
     try {
-      const agent = agentsService.updateAgent(req.params.id, req.body || {});
+      const agent = await agentsService.updateAgent(
+        req.params.id,
+        req.body || {},
+      );
       return res.json({ ok: true, agent });
     } catch (error) {
       const status = String(error.message || "").includes("not found")

package/lib/server/routes/models.js

@@ -1,5 +1,7 @@
-const { kFallbackOnboardingModels } = require("../constants");
+const { kFallbackOnboardingModels, OPENCLAW_DIR } = require("../constants");
 const { createModelCatalogCache } = require("../model-catalog-cache");
+const { resolveThinkingOptionsForModel } = require("../openclaw-thinking");
+const { readOpenclawConfig } = require("../openclaw-config");
 const { getCommandOutputCandidates } = require("../utils/command-output");
 
 const runModelsGitSync = async (shellCmd) => {
@@ -182,6 +184,38 @@ const registerModelRoutes = ({
     return res.json(response);
   });
 
+  app.get("/api/models/thinking-options", async (req, res) => {
+    const modelKey = String(req.query?.modelKey || "").trim();
+    if (!modelKey.includes("/")) {
+      return res
+        .status(400)
+        .json({ ok: false, error: "modelKey is required (provider/model)" });
+    }
+    try {
+      const cfg = readOpenclawConfig({ openclawDir: OPENCLAW_DIR });
+      const globalThinkingDefault =
+        typeof cfg.agents?.defaults?.thinkingDefault === "string"
+          ? cfg.agents.defaults.thinkingDefault.trim()
+          : null;
+      const { levels, modelDefault } = await resolveThinkingOptionsForModel({
+        modelKey,
+      });
+      const inheritedDefault = globalThinkingDefault || modelDefault || "off";
+      return res.json({
+        ok: true,
+        modelKey,
+        levels,
+        modelDefault,
+        inheritedDefault,
+      });
+    } catch (err) {
+      return res.status(500).json({
+        ok: false,
+        error: err.message || "Failed to resolve thinking options",
+      });
+    }
+  });
+
   app.get("/api/models/status", async (req, res) => {
     try {
       const output = await shellCmd("openclaw models status --json", {

package/lib/server/routes/onboarding.js

@@ -93,7 +93,7 @@ const registerOnboardingRoutes = ({
   authProfiles,
   ensureGatewayProxyConfig,
   getBaseUrl,
-  startGateway,
+  runOnboardedBootSequence,
 }) => {
   // Keep mutating onboarding routes marker-gated so in-progress imports
   // can promote files before the final completion marker is written.
@@ -114,7 +114,7 @@ const registerOnboardingRoutes = ({
     authProfiles,
     ensureGatewayProxyConfig,
     getBaseUrl,
-    startGateway,
+    runOnboardedBootSequence,
   });
 
   const kEnvVarNamePattern = /^[A-Z_][A-Z0-9_]*$/;