@hienlh/ppm 0.9.72 → 0.9.74

package/src/providers/claude-agent-sdk.ts

@@ -18,7 +18,7 @@ import { mcpConfigService } from "../services/mcp-config.service.ts";
 import { updateFromSdkEvent } from "../services/claude-usage.service.ts";
 import { getSessionMapping, getSessionProjectPath, setSessionMapping, getSessionTitles } from "../services/db.service.ts";
 import { accountSelector } from "../services/account-selector.service.ts";
-import { accountService } from "../services/account.service.ts";
+import { accountService, type AccountWithTokens } from "../services/account.service.ts";
 import { resolve } from "node:path";
 import { existsSync, readdirSync, unlinkSync } from "node:fs";
 import { homedir } from "node:os";
@@ -657,28 +657,65 @@ export class ClaudeAgentSdkProvider implements AIProvider {
       // Account-based auth injection (multi-account mode)
       // Fallback to existing env (ANTHROPIC_API_KEY) when no accounts configured.
       const accountsEnabled = accountSelector.isEnabled();
-      let account = accountsEnabled ? accountSelector.next() : null;
-      if (accountsEnabled && !account) {
-        // All accounts in DB but none usable
-        const reason = accountSelector.lastFailReason;
-        const hint = reason === "all_decrypt_failed"
-          ? "Account tokens were encrypted with a different machine key. Re-add your accounts in Settings, or copy ~/.ppm/account.key from the original machine."
-          : "All accounts are disabled or in cooldown. Check Settings → Accounts.";
-        console.error(`[sdk] session=${sessionId} account auth failed (${reason}): ${hint}`);
-        yield { type: "error" as const, message: `Authentication failed: ${hint}` };
-        yield { type: "done" as const, sessionId, resultSubtype: "error_auth" };
-        return;
-      }
-      // Pre-flight: ensure OAuth token is fresh before sending to SDK
-      if (account) {
-        const nowS = Math.floor(Date.now() / 1000);
-        const expiresIn = account.expiresAt ? account.expiresAt - nowS : null;
-        console.log(`[sdk] Using account ${account.id} (${account.email ?? "no-email"}) token_expires_in=${expiresIn}s`);
-        const fresh = await accountService.ensureFreshToken(account.id);
-        if (fresh) {
-          account = fresh;
+      let account: AccountWithTokens | null = null;
+
+      if (accountsEnabled) {
+        const excludeIds = new Set<string>();
+
+        // Pre-flight loop: select account → refresh token → retry with next if refresh fails
+        while (true) {
+          yield { type: "status_update" as const, phase: "routing" as const, message: "Selecting account..." };
+          account = accountSelector.next(excludeIds);
+
+          if (!account) {
+            const reason = accountSelector.lastFailReason;
+            let hint: string;
+            if (reason === "all_decrypt_failed") {
+              hint = "Account tokens were encrypted with a different machine key. Re-add your accounts in Settings, or copy ~/.ppm/account.key from the original machine.";
+            } else if (reason === "all_excluded") {
+              hint = "All accounts failed token refresh. Check Settings → Accounts.";
+            } else {
+              hint = "All accounts are disabled or in cooldown. Check Settings → Accounts.";
+            }
+            console.error(`[sdk] session=${sessionId} account auth failed (${reason}): ${hint}`);
+            yield { type: "error" as const, message: `Authentication failed: ${hint}` };
+            yield { type: "done" as const, sessionId, resultSubtype: "error_auth" };
+            return;
+          }
+
+          const accountLabel = account.label ?? account.email ?? "Unknown";
+          const nowS = Math.floor(Date.now() / 1000);
+          const expiresIn = account.expiresAt ? account.expiresAt - nowS : null;
+          console.log(`[sdk] Using account ${account.id} (${account.email ?? "no-email"}) token_expires_in=${expiresIn}s`);
+
+          // Check if token needs refresh
+          const isOAuth = account.accessToken.startsWith("sk-ant-oat");
+          const needsRefresh = isOAuth && account.expiresAt && (account.expiresAt - nowS <= 3600);
+
+          if (!needsRefresh) {
+            // Token fresh or API key — proceed
+            yield { type: "account_info" as const, accountId: account.id, accountLabel };
+            break;
+          }
+
+          // Token expiring — attempt refresh
+          yield { type: "status_update" as const, phase: "refreshing" as const, message: `Refreshing token for ${accountLabel}...`, accountLabel };
+          const fresh = await accountService.ensureFreshToken(account.id);
+
+          if (fresh) {
+            account = fresh;
+            const freshLabel = account.label ?? account.email ?? "Unknown";
+            yield { type: "account_info" as const, accountId: account.id, accountLabel: freshLabel };
+            break;
+          }
+
+          // Refresh failed — cooldown this account, try next
+          console.warn(`[sdk] session=${sessionId} pre-flight refresh failed for ${account.id} — trying next account`);
+          yield { type: "status_update" as const, phase: "switching" as const, message: `Token expired for ${accountLabel}, trying next account...`, accountLabel };
+          accountSelector.onPreflightFail(account.id);
+          excludeIds.add(account.id);
+          // continue loop → pick next account
         }
-        yield { type: "account_info" as const, accountId: account.id, accountLabel: account.label ?? account.email ?? "Unknown" };
       }
       const queryEnv = this.buildQueryEnv(meta.projectPath, account);
 

package/src/services/account-selector.service.ts

@@ -40,10 +40,10 @@ class AccountSelectorService {
   }
 
   /** Reason for the last null return from next() */
-  private _lastFailReason: "none" | "no_active" | "all_decrypt_failed" = "none";
+  private _lastFailReason: "none" | "no_active" | "all_decrypt_failed" | "all_excluded" = "none";
 
   /** Why the last next() call returned null */
-  get lastFailReason(): "none" | "no_active" | "all_decrypt_failed" {
+  get lastFailReason(): "none" | "no_active" | "all_decrypt_failed" | "all_excluded" {
     return this._lastFailReason;
   }
 
@@ -51,7 +51,7 @@ class AccountSelectorService {
    * Pick next available account (skips cooldown/disabled).
    * Returns null if no active accounts available.
    */
-  next(): AccountWithTokens | null {
+  next(excludeIds?: Set<string>): AccountWithTokens | null {
     this._lastFailReason = "none";
     const now = Math.floor(Date.now() / 1000);
     const allAccounts = accountService.list();
@@ -71,17 +71,19 @@ class AccountSelectorService {
     }
 
     const active = accountService.list().filter((a) => a.status === "active");
-    if (active.length === 0) {
-      this._lastFailReason = "no_active";
+    // Skip accounts excluded by caller (e.g., pre-flight loop)
+    const notExcluded = excludeIds?.size ? active.filter((a) => !excludeIds.has(a.id)) : active;
+    if (notExcluded.length === 0) {
+      this._lastFailReason = active.length > 0 ? "all_excluded" : "no_active";
       return null;
     }
 
     // Proactive: skip accounts whose 5-hour utilization >= 95%
-    const usable = active.filter((a) => {
+    const usable = notExcluded.filter((a) => {
       const snap = getLatestSnapshotForAccount(a.id);
       return !snap || (snap.five_hour_util ?? 0) < FIVE_HOUR_SKIP_THRESHOLD;
     });
-    const candidates = usable.length > 0 ? usable : active; // fallback to all if every account is near limit
+    const candidates = usable.length > 0 ? usable : notExcluded; // fallback to all if every account is near limit
 
     let pickedId: string;
     const strategy = this.getStrategy();
@@ -195,6 +197,22 @@ class AccountSelectorService {
     console.log(`[accounts] ${accountId} auth error — cooldown ${Math.round(backoffMs / 1000)}s (retry #${retries})`);
   }
 
+  private static readonly PREFLIGHT_BACKOFF_BASE_MS = 60_000; // 1 minute
+  private static readonly PREFLIGHT_BACKOFF_MAX_MS = 5 * 60_000; // 5 minutes
+
+  /** Called when pre-flight token refresh fails — short cooldown.
+   *  Shares retryCounts with onRateLimit/onAuthError (cumulative penalty by design). */
+  onPreflightFail(accountId: string): void {
+    const retries = (this.retryCounts.get(accountId) ?? 0) + 1;
+    this.retryCounts.set(accountId, retries);
+    const backoffMs = Math.min(
+      AccountSelectorService.PREFLIGHT_BACKOFF_BASE_MS * Math.pow(2, retries - 1),
+      AccountSelectorService.PREFLIGHT_BACKOFF_MAX_MS,
+    );
+    accountService.setCooldown(accountId, Date.now() + backoffMs);
+    console.log(`[accounts] ${accountId} preflight refresh failed — cooldown ${Math.round(backoffMs / 1000)}s (retry #${retries})`);
+  }
+
   /** Called on successful request — reset retry count + track usage */
   onSuccess(accountId: string): void {
     this.retryCounts.delete(accountId);

package/src/types/chat.ts

@@ -120,6 +120,7 @@ export type ChatEvent =
   | { type: "session_migrated"; oldSessionId: string; newSessionId: string }
   | { type: "account_info"; accountId: string; accountLabel: string }
   | { type: "account_retry"; reason: string; accountId?: string; accountLabel?: string }
+  | { type: "status_update"; phase: "routing" | "refreshing" | "switching"; message: string; accountLabel?: string }
   | { type: "system"; subtype: string }
   | { type: "team_detected"; teamName: string }
   | { type: "team_updated"; teamName: string; team: unknown }

package/src/web/components/chat/chat-tab.tsx

@@ -90,6 +90,7 @@ export function ChatTab({ metadata, tabId }: ChatTabProps) {
     pendingApproval,
     contextWindowPct,
     compactStatus,
+    statusMessage,
     sessionTitle,
     migratedSessionId,
     sendMessage,
@@ -342,6 +343,7 @@ export function ChatTab({ metadata, tabId }: ChatTabProps) {
         isStreaming={isStreaming}
         phase={phase}
         connectingElapsed={connectingElapsed}
+        statusMessage={statusMessage}
         projectName={projectName}
         onFork={!isStreaming ? handleFork : undefined}
         onSelectSession={handleSelectSession}

package/src/web/components/chat/message-list.tsx

@@ -42,6 +42,7 @@ interface MessageListProps {
   isStreaming: boolean;
   phase?: SessionPhase;
   connectingElapsed?: number;
+  statusMessage?: string | null;
   projectName?: string;
   /** Called when user clicks Fork/Rewind — opens new forked chat tab */
   onFork?: (userMessage: string, messageId?: string) => void;
@@ -58,6 +59,7 @@ export function MessageList({
   phase,
   onSelectSession,
   connectingElapsed,
+  statusMessage,
   projectName,
   onFork,
 }: MessageListProps) {
@@ -114,7 +116,7 @@ export function MessageList({
             : <ApprovalCard approval={pendingApproval} onRespond={onApprovalResponse} />
         )}
 
-        {isStreaming && <ThinkingIndicator lastMessage={messages[messages.length - 1]} phase={phase} elapsed={connectingElapsed} />}
+        {isStreaming && <ThinkingIndicator lastMessage={messages[messages.length - 1]} phase={phase} elapsed={connectingElapsed} statusMessage={statusMessage} />}
       </StickToBottom.Content>
       <ScrollToBottomButton />
     </StickToBottom>
@@ -766,10 +768,11 @@ function StreamingText({ content, animate: isStreaming, projectName }: { content
  * - After tool: "Processing..."
  * - Text streaming: hidden
  */
-function ThinkingIndicator({ lastMessage, phase, elapsed }: { lastMessage?: ChatMessage; phase?: SessionPhase; elapsed?: number }) {
+function ThinkingIndicator({ lastMessage, phase, elapsed, statusMessage }: { lastMessage?: ChatMessage; phase?: SessionPhase; elapsed?: number; statusMessage?: string | null }) {
   // Show indicator when:
   // 1. No assistant message yet (waiting for first response)
   // 2. Last event is tool_result (Claude thinking after tool execution)
+  // 3. statusMessage is active (account routing/refreshing)
   // Hide when text is actively streaming (text itself is the indicator)
 
   const isWaiting = !lastMessage || lastMessage.role !== "assistant";
@@ -779,9 +782,11 @@ function ThinkingIndicator({ lastMessage, phase, elapsed }: { lastMessage?: Chat
     return last.type === "tool_result";
   })();
 
-  if (!isWaiting && !isAfterTool) return null;
+  if (!statusMessage && !isWaiting && !isAfterTool) return null;
 
-  const label = phase === "initializing" ? "Initializing"
+  const label = statusMessage
+    ? statusMessage
+    : phase === "initializing" ? "Initializing"
     : phase === "connecting" ? "Connecting"
     : phase === "thinking" ? "Thinking"
     : "Processing";

package/src/web/hooks/use-chat.ts

@@ -42,6 +42,7 @@ interface UseChatReturn {
   pendingApproval: ApprovalRequest | null;
   contextWindowPct: number | null;
   compactStatus: "compacting" | null;
+  statusMessage: string | null;
   sessionTitle: string | null;
   /** When CLI provider assigns a different session ID, this holds the new ID */
   migratedSessionId: string | null;
@@ -78,6 +79,7 @@ export function useChat(sessionId: string | null, providerId = "claude", project
   const [pendingApproval, setPendingApproval] = useState<ApprovalRequest | null>(null);
   const [contextWindowPct, setContextWindowPct] = useState<number | null>(null);
   const [compactStatus, setCompactStatus] = useState<"compacting" | null>(null);
+  const [statusMessage, setStatusMessage] = useState<string | null>(null);
   const [sessionTitle, setSessionTitle] = useState<string | null>(null);
   const [isConnected, setIsConnected] = useState(false);
   const [migratedSessionId, setMigratedSessionId] = useState<string | null>(null);
@@ -171,6 +173,7 @@ export function useChat(sessionId: string | null, providerId = "claude", project
     switch (evType) {
       case "account_info": {
         streamingAccountRef.current = { accountId: ev.accountId, accountLabel: ev.accountLabel };
+        setStatusMessage(null);
         break;
       }
 
@@ -185,6 +188,12 @@ export function useChat(sessionId: string | null, providerId = "claude", project
         break;
       }
 
+      case "status_update": {
+        const label = ev.accountLabel ? ` (${ev.accountLabel})` : "";
+        setStatusMessage(`${ev.message}${label}`);
+        break;
+      }
+
       case "text": {
         const pid = ev.parentToolUseId as string | undefined;
         if (pid && routeToParent(ev as ChatEvent, pid)) {
@@ -329,6 +338,7 @@ export function useChat(sessionId: string | null, providerId = "claude", project
         streamingContentRef.current = "";
         streamingEventsRef.current = [];
         streamingAccountRef.current = null;
+        setStatusMessage(null);
         // Phase transition to idle comes from BE via phase_changed
         break;
       }
@@ -659,6 +669,7 @@ export function useChat(sessionId: string | null, providerId = "claude", project
     pendingApproval,
     contextWindowPct,
     compactStatus,
+    statusMessage,
     sessionTitle,
     migratedSessionId,
     teamActivity,