@lobehub/chat 1.99.5 → 1.100.0

package/apps/desktop/src/main/controllers/RemoteServerConfigCtr.ts

@@ -79,6 +79,12 @@ export default class RemoteServerConfigCtr extends ControllerModule {
   private encryptedAccessToken?: string;
   private encryptedRefreshToken?: string;
 
+  /**
+   * Token expiration time (timestamp in milliseconds)
+   * Used for automatic token refresh
+   */
+  private tokenExpiresAt?: number;
+
   /**
    * Promise representing the ongoing token refresh operation.
    * Used to prevent concurrent refreshes and allow callers to wait.
@@ -89,10 +95,19 @@ export default class RemoteServerConfigCtr extends ControllerModule {
    * Encrypt and store tokens
    * @param accessToken Access token
    * @param refreshToken Refresh token
+   * @param expiresIn Token expiration time in seconds (optional)
    */
-  async saveTokens(accessToken: string, refreshToken: string) {
+  async saveTokens(accessToken: string, refreshToken: string, expiresIn?: number) {
     logger.info('Saving encrypted tokens');
 
+    // Calculate expiration time if provided
+    if (expiresIn) {
+      this.tokenExpiresAt = Date.now() + expiresIn * 1000;
+      logger.debug(`Token expires at: ${new Date(this.tokenExpiresAt).toISOString()}`);
+    } else {
+      this.tokenExpiresAt = undefined;
+    }
+
     // If platform doesn't support secure storage, store raw tokens
     if (!safeStorage.isEncryptionAvailable()) {
       logger.warn('Safe storage not available, storing tokens unencrypted');
@@ -101,6 +116,7 @@ export default class RemoteServerConfigCtr extends ControllerModule {
       // Persist unencrypted tokens (consider security implications)
       this.app.storeManager.set(this.encryptedTokensKey, {
         accessToken: this.encryptedAccessToken,
+        expiresAt: this.tokenExpiresAt,
         refreshToken: this.encryptedRefreshToken,
       });
       return;
@@ -120,6 +136,7 @@ export default class RemoteServerConfigCtr extends ControllerModule {
     logger.debug(`Persisting encrypted tokens to store key: ${this.encryptedTokensKey}`);
     this.app.storeManager.set(this.encryptedTokensKey, {
       accessToken: this.encryptedAccessToken,
+      expiresAt: this.tokenExpiresAt,
       refreshToken: this.encryptedRefreshToken,
     });
   }
@@ -199,17 +216,40 @@ export default class RemoteServerConfigCtr extends ControllerModule {
     logger.info('Clearing access and refresh tokens');
     this.encryptedAccessToken = undefined;
     this.encryptedRefreshToken = undefined;
+    this.tokenExpiresAt = undefined;
     // Also clear from persistent storage
     logger.debug(`Deleting tokens from store key: ${this.encryptedTokensKey}`);
     this.app.storeManager.delete(this.encryptedTokensKey);
   }
 
+  /**
+   * Get token expiration time
+   */
+  getTokenExpiresAt(): number | undefined {
+    return this.tokenExpiresAt;
+  }
+
+  /**
+   * Check if token is expired or will expire soon
+   * @param bufferTimeMs Buffer time in milliseconds (default 5 minutes)
+   * @returns true if token is expired or will expire soon
+   */
+  isTokenExpiringSoon(bufferTimeMs: number = 5 * 60 * 1000): boolean {
+    if (!this.tokenExpiresAt) {
+      return false; // No expiration time available
+    }
+
+    const currentTime = Date.now();
+    const bufferTime = this.tokenExpiresAt - bufferTimeMs;
+
+    return currentTime >= bufferTime;
+  }
+
   /**
    * 刷新访问令牌
    * 使用存储的刷新令牌获取新的访问令牌
    * Handles concurrent requests by returning the existing refresh promise if one is in progress.
    */
-  @ipcClientEvent('refreshAccessToken')
   async refreshAccessToken(): Promise<{ error?: string; success: boolean }> {
     // If a refresh is already in progress, return the existing promise
     if (this.refreshPromise) {
@@ -290,7 +330,7 @@ export default class RemoteServerConfigCtr extends ControllerModule {
 
       // 保存新令牌
       logger.info('Token refresh successful, saving new tokens.');
-      await this.saveTokens(data.access_token, data.refresh_token);
+      await this.saveTokens(data.access_token, data.refresh_token, data.expires_in);
 
       return { success: true };
     } catch (error) {
@@ -316,6 +356,13 @@ export default class RemoteServerConfigCtr extends ControllerModule {
       logger.info('Successfully loaded tokens from store into memory.');
       this.encryptedAccessToken = storedTokens.accessToken;
       this.encryptedRefreshToken = storedTokens.refreshToken;
+      this.tokenExpiresAt = storedTokens.expiresAt;
+
+      if (this.tokenExpiresAt) {
+        logger.debug(
+          `Loaded token expiration time: ${new Date(this.tokenExpiresAt).toISOString()}`,
+        );
+      }
     } else {
       logger.debug('No valid tokens found in store.');
     }

package/apps/desktop/src/main/controllers/RemoteServerSyncCtr.ts

@@ -1,12 +1,17 @@
 import {
   ProxyTRPCRequestParams,
   ProxyTRPCRequestResult,
-} from '@lobechat/electron-client-ipc/src/types/proxyTRPCRequest';
+  ProxyTRPCStreamRequestParams,
+} from '@lobechat/electron-client-ipc';
+import { IpcMainEvent, WebContents, ipcMain } from 'electron';
+import { HttpProxyAgent } from 'http-proxy-agent';
+import { HttpsProxyAgent } from 'https-proxy-agent';
 import { Buffer } from 'node:buffer';
 import http, { IncomingMessage, OutgoingHttpHeaders } from 'node:http';
 import https from 'node:https';
 import { URL } from 'node:url';
 
+import { defaultProxySettings } from '@/const/store';
 import { createLogger } from '@/utils/logger';
 
 import RemoteServerConfigCtr from './RemoteServerConfigCtr';
@@ -41,6 +46,137 @@ export default class RemoteServerSyncCtr extends ControllerModule {
   afterAppReady() {
     logger.info('RemoteServerSyncCtr initialized (IPC based)');
     // No need to register protocol handler anymore
+    ipcMain.on('stream:start', this.handleStreamRequest);
+  }
+
+  /**
+   * 处理流式请求的 IPC 调用
+   */
+  private handleStreamRequest = async (event: IpcMainEvent, args: ProxyTRPCStreamRequestParams) => {
+    const { requestId } = args;
+    const logPrefix = `[StreamProxy ${args.method} ${args.urlPath}][${requestId}]`;
+    logger.debug(`${logPrefix} Received stream:start IPC call`);
+
+    try {
+      const config = await this.remoteServerConfigCtr.getRemoteServerConfig();
+      if (!config.active || (config.storageMode === 'selfHost' && !config.remoteServerUrl)) {
+        logger.warn(`${logPrefix} Remote server sync not active or configured.`);
+        event.sender.send(
+          `stream:error:${requestId}`,
+          new Error('Remote server sync not active or configured'),
+        );
+        return;
+      }
+
+      const remoteServerUrl = await this.remoteServerConfigCtr.getRemoteServerUrl();
+      const token = await this.remoteServerConfigCtr.getAccessToken();
+
+      if (!token) {
+        // 401 Unauthorized
+        event.sender.send(`stream:response:${requestId}`, {
+          headers: {},
+          status: 401,
+          statusText: 'Authentication required, missing token',
+        });
+        event.sender.send(`stream:end:${requestId}`);
+        return;
+      }
+
+      // 调用新的流式转发方法
+      await this.forwardStreamRequest(event.sender, {
+        ...args,
+        accessToken: token,
+        remoteServerUrl,
+      });
+    } catch (error) {
+      logger.error(`${logPrefix} Unhandled error processing stream request:`, error);
+      event.sender.send(
+        `stream:error:${requestId}`,
+        error instanceof Error ? error : new Error('Unknown error'),
+      );
+    }
+  };
+
+  /**
+   * 执行实际的流式请求转发
+   */
+  private async forwardStreamRequest(
+    sender: WebContents,
+    args: ProxyTRPCStreamRequestParams & { accessToken: string; remoteServerUrl: string },
+  ) {
+    const {
+      urlPath,
+      method,
+      headers: originalHeaders,
+      body: requestBody,
+      accessToken,
+      remoteServerUrl,
+      requestId,
+    } = args;
+    const targetUrl = new URL(urlPath, remoteServerUrl);
+    const logPrefix = `[ForwardStream ${method} ${targetUrl.pathname}][${requestId}]`;
+
+    const { requestOptions, requester } = this.createRequester({
+      accessToken,
+      headers: originalHeaders,
+      method,
+      url: targetUrl,
+    });
+
+    const clientReq = requester.request(requestOptions, (clientRes: IncomingMessage) => {
+      logger.debug(`${logPrefix} Received response with status ${clientRes.statusCode}`);
+
+      // 添加调试信息
+      logger.debug(`${logPrefix} Response details:`, {
+        headers: clientRes.headers,
+        statusCode: clientRes.statusCode,
+        statusMessage: clientRes.statusMessage,
+      });
+
+      // 1. 立刻发送响应头和状态码
+      const responseData = {
+        headers: clientRes.headers || {},
+        status: clientRes.statusCode || 500,
+        statusText: clientRes.statusMessage || 'Unknown Status',
+      };
+
+      logger.debug(`${logPrefix} Sending response data:`, responseData);
+      sender.send(`stream:response:${requestId}`, responseData);
+
+      // 2. 监听数据块并转发
+      clientRes.on('data', (chunk: Buffer) => {
+        if (sender.isDestroyed()) return;
+        logger.debug(`${logPrefix} Received data chunk, size: ${chunk.length}. Forwarding...`);
+        sender.send(`stream:data:${requestId}`, chunk);
+      });
+
+      // 3. 监听结束信号并转发
+      clientRes.on('end', () => {
+        logger.debug(`${logPrefix} Stream ended. Forwarding end signal...`);
+        if (sender.isDestroyed()) return;
+        sender.send(`stream:end:${requestId}`);
+      });
+
+      // 4. 监听响应流错误并转发
+      clientRes.on('error', (error) => {
+        logger.error(`${logPrefix} Error reading response stream:`, error);
+        if (sender.isDestroyed()) return;
+        sender.send(`stream:error:${requestId}`, error);
+      });
+    });
+
+    // 5. 监听请求本身的错误（如 DNS 解析失败）
+    clientReq.on('error', (error) => {
+      logger.error(`${logPrefix} Error forwarding request:`, error);
+      if (sender.isDestroyed()) return;
+      sender.send(`stream:error:${requestId}`, error);
+    });
+
+    if (requestBody) {
+      clientReq.write(Buffer.from(requestBody));
+    }
+
+    clientReq.end();
   }
 
   /**
@@ -85,28 +221,12 @@ export default class RemoteServerSyncCtr extends ControllerModule {
 
     // 1. Determine target URL and prepare request options
     const targetUrl = new URL(urlPath, remoteServerUrl); // Combine base URL and path
-
-    // Prepare headers, cloning and adding Authorization
-    const requestHeaders: OutgoingHttpHeaders = { ...originalHeaders }; // Use OutgoingHttpHeaders
-    requestHeaders['Authorization'] = `Bearer ${accessToken}`;
-
-    // Let node handle Host, Content-Length etc. Remove potentially problematic headers
-    delete requestHeaders['host'];
-    delete requestHeaders['connection']; // Often causes issues
-    // delete requestHeaders['content-length']; // Let node handle it based on body
-
-    const requestOptions: https.RequestOptions | http.RequestOptions = {
-      // Use union type
-      headers: requestHeaders,
-      hostname: targetUrl.hostname,
-      method: method,
-      path: targetUrl.pathname + targetUrl.search,
-      port: targetUrl.port || (targetUrl.protocol === 'https:' ? 443 : 80),
-      protocol: targetUrl.protocol,
-      // agent: false, // Consider for keep-alive issues if they arise
-    };
-
-    const requester = targetUrl.protocol === 'https:' ? https : http;
+    const { requestOptions, requester } = this.createRequester({
+      accessToken,
+      headers: originalHeaders,
+      method,
+      url: targetUrl,
+    });
 
     // 2. Make the request and capture response
     return new Promise((resolve) => {
@@ -176,6 +296,51 @@ export default class RemoteServerSyncCtr extends ControllerModule {
     });
   }
 
+  private createRequester({
+    headers,
+    accessToken,
+    method,
+    url,
+  }: {
+    accessToken: string;
+    headers: Record<string, string>;
+    method: string;
+    url: URL;
+  }) {
+    // Prepare headers, cloning and adding Oidc-Auth
+    const requestHeaders: OutgoingHttpHeaders = { ...headers }; // Use OutgoingHttpHeaders
+    requestHeaders['Oidc-Auth'] = accessToken;
+
+    // Let node handle Host, Content-Length etc. Remove potentially problematic headers
+    delete requestHeaders['host'];
+    delete requestHeaders['connection']; // Often causes issues
+    // delete requestHeaders['content-length']; // Let node handle it based on body
+
+    // 读取代理配置
+    const proxyConfig = this.app.storeManager.get('networkProxy', defaultProxySettings);
+
+    let agent;
+    if (proxyConfig?.enableProxy && proxyConfig.proxyServer) {
+      const proxyUrl = `${proxyConfig.proxyType}://${proxyConfig.proxyServer}${proxyConfig.proxyPort ? `:${proxyConfig.proxyPort}` : ''}`;
+      agent =
+        url.protocol === 'https:' ? new HttpsProxyAgent(proxyUrl) : new HttpProxyAgent(proxyUrl);
+    }
+
+    const requestOptions: https.RequestOptions | http.RequestOptions = {
+      agent,
+      // Use union type
+      headers: requestHeaders,
+      hostname: url.hostname,
+      method: method,
+      path: url.pathname + url.search,
+      port: url.port || (url.protocol === 'https:' ? 443 : 80),
+      protocol: url.protocol,
+    };
+
+    const requester = url.protocol === 'https:' ? https : http;
+    return { requestOptions, requester };
+  }
+
   /**
    * Handles the 'proxy-trpc-request' IPC call from the renderer process.
    * This method should be invoked by the ipcMain.handle setup in your main process entry point.

package/apps/desktop/src/main/controllers/__tests__/NetworkProxyCtr.test.ts

@@ -15,11 +15,12 @@ vi.mock('@/utils/logger', () => ({
   }),
 }));
 
-// 模拟 undici
+// 模拟 undici - 使用 vi.fn() 直接在 Mock 中创建
 vi.mock('undici', () => ({
   fetch: vi.fn(),
   getGlobalDispatcher: vi.fn(),
   setGlobalDispatcher: vi.fn(),
+  Agent: vi.fn(),
   ProxyAgent: vi.fn(),
 }));
 
@@ -35,9 +36,6 @@ vi.mock('@/const/store', () => ({
   },
 }));
 
-// 模拟 fetch
-global.fetch = vi.fn();
-
 // 模拟 App 及其依赖项
 const mockStoreManager = {
   get: vi.fn(),
@@ -51,12 +49,31 @@ const mockApp = {
 describe('NetworkProxyCtr', () => {
   let networkProxyCtr: NetworkProxyCtr;
 
-  beforeEach(() => {
+  // 动态导入 undici 的 Mock
+  let mockUndici: any;
+
+  beforeEach(async () => {
     vi.clearAllMocks();
+
+    // 动态导入 undici Mock
+    mockUndici = await import('undici');
+
     networkProxyCtr = new NetworkProxyCtr(mockApp);
 
-    // 重置全局 fetch mock
-    (global.fetch as any).mockReset();
+    // 设置 undici mocks 的默认返回值
+    vi.mocked(mockUndici.Agent).mockReturnValue({});
+    vi.mocked(mockUndici.ProxyAgent).mockReturnValue({});
+    vi.mocked(mockUndici.getGlobalDispatcher).mockReturnValue({
+      destroy: vi.fn().mockResolvedValue(undefined),
+    });
+    vi.mocked(mockUndici.setGlobalDispatcher).mockReturnValue(undefined);
+
+    // 设置 fetch mock 的默认返回值
+    vi.mocked(mockUndici.fetch).mockResolvedValue({
+      ok: true,
+      status: 200,
+      statusText: 'OK',
+    });
   });
 
   describe('ProxyConfigValidator', () => {
@@ -213,12 +230,12 @@ describe('NetworkProxyCtr', () => {
         statusText: 'OK',
       };
 
-      (global.fetch as any).mockResolvedValueOnce(mockResponse);
+      vi.mocked(mockUndici.fetch).mockResolvedValueOnce(mockResponse);
 
       const result = await networkProxyCtr.testProxyConnection('https://www.google.com');
 
       expect(result).toEqual({ success: true });
-      expect(global.fetch).toHaveBeenCalledWith('https://www.google.com', expect.any(Object));
+      expect(mockUndici.fetch).toHaveBeenCalledWith('https://www.google.com', expect.any(Object));
     });
 
     it('should throw error for failed connection', async () => {
@@ -228,13 +245,13 @@ describe('NetworkProxyCtr', () => {
         statusText: 'Not Found',
       };
 
-      (global.fetch as any).mockResolvedValueOnce(mockResponse);
+      vi.mocked(mockUndici.fetch).mockResolvedValueOnce(mockResponse);
 
       await expect(networkProxyCtr.testProxyConnection('https://www.google.com')).rejects.toThrow();
     });
 
     it('should throw error for network error', async () => {
-      (global.fetch as any).mockRejectedValueOnce(new Error('Network error'));
+      vi.mocked(mockUndici.fetch).mockRejectedValueOnce(new Error('Network error'));
 
       await expect(networkProxyCtr.testProxyConnection('https://www.google.com')).rejects.toThrow();
     });
@@ -257,7 +274,7 @@ describe('NetworkProxyCtr', () => {
         statusText: 'OK',
       };
 
-      (global.fetch as any).mockResolvedValueOnce(mockResponse);
+      vi.mocked(mockUndici.fetch).mockResolvedValueOnce(mockResponse);
 
       const result = await networkProxyCtr.testProxyConfig({ config: validConfig });
 
@@ -289,7 +306,7 @@ describe('NetworkProxyCtr', () => {
         statusText: 'OK',
       };
 
-      (global.fetch as any).mockResolvedValueOnce(mockResponse);
+      vi.mocked(mockUndici.fetch).mockResolvedValueOnce(mockResponse);
 
       const result = await networkProxyCtr.testProxyConfig({ config: disabledConfig });
 
@@ -297,7 +314,7 @@ describe('NetworkProxyCtr', () => {
     });
 
     it('should return failure for connection error', async () => {
-      (global.fetch as any).mockRejectedValueOnce(new Error('Connection failed'));
+      vi.mocked(mockUndici.fetch).mockRejectedValueOnce(new Error('Connection failed'));
 
       const result = await networkProxyCtr.testProxyConfig({ config: validConfig });
 
@@ -306,7 +323,7 @@ describe('NetworkProxyCtr', () => {
     });
   });
 
-  describe('afterAppReady', () => {
+  describe('beforeAppReady', () => {
     it('should apply stored proxy settings on app ready', async () => {
       const storedConfig: NetworkProxySettings = {
         enableProxy: true,
@@ -319,7 +336,7 @@ describe('NetworkProxyCtr', () => {
 
       mockStoreManager.get.mockReturnValue(storedConfig);
 
-      await networkProxyCtr.afterAppReady();
+      await networkProxyCtr.beforeAppReady();
 
       expect(mockStoreManager.get).toHaveBeenCalledWith('networkProxy', expect.any(Object));
     });
@@ -336,7 +353,7 @@ describe('NetworkProxyCtr', () => {
 
       mockStoreManager.get.mockReturnValue(invalidConfig);
 
-      await networkProxyCtr.afterAppReady();
+      await networkProxyCtr.beforeAppReady();
 
       expect(mockStoreManager.get).toHaveBeenCalledWith('networkProxy', expect.any(Object));
     });
@@ -347,7 +364,9 @@ describe('NetworkProxyCtr', () => {
       });
 
       // 不应该抛出错误
-      await expect(networkProxyCtr.afterAppReady()).resolves.not.toThrow();
+      await expect(networkProxyCtr.beforeAppReady()).resolves.not.toThrow();
+
+      mockStoreManager.get.mockReset();
     });
   });
 

package/apps/desktop/src/main/types/store.ts

@@ -4,6 +4,7 @@ export interface ElectronMainStore {
   dataSyncConfig: DataSyncConfig;
   encryptedTokens: {
     accessToken?: string;
+    expiresAt?: number;
     refreshToken?: string;
   };
   locale: string;

package/apps/desktop/src/preload/electronApi.ts

@@ -2,6 +2,7 @@ import { electronAPI } from '@electron-toolkit/preload';
 import { contextBridge } from 'electron';
 
 import { invoke } from './invoke';
+import { onStreamInvoke } from './streamer';
 
 export const setupElectronApi = () => {
   // Use `contextBridge` APIs to expose Electron APIs to
@@ -14,5 +15,5 @@ export const setupElectronApi = () => {
     console.error(error);
   }
 
-  contextBridge.exposeInMainWorld('electronAPI', { invoke });
+  contextBridge.exposeInMainWorld('electronAPI', { invoke, onStreamInvoke });
 };

package/apps/desktop/src/preload/streamer.ts

@@ -0,0 +1,58 @@
+import type { ProxyTRPCRequestParams } from '@lobechat/electron-client-ipc';
+import { ipcRenderer } from 'electron';
+import { v4 as uuid } from 'uuid';
+
+interface StreamResponse {
+  headers: Record<string, string>;
+  status: number;
+  statusText: string;
+}
+
+export interface StreamerCallbacks {
+  onData: (chunk: Uint8Array) => void;
+  onEnd: () => void;
+  onError: (error: Error) => void;
+  onResponse: (response: StreamResponse) => void;
+}
+
+/**
+ * Calls the main process method and handles the stream response via callbacks.
+ * @param params The request parameters.
+ * @param callbacks The callbacks to handle stream events.
+ */
+export const onStreamInvoke = (
+  params: ProxyTRPCRequestParams,
+  callbacks: StreamerCallbacks,
+): (() => void) => {
+  const requestId = uuid();
+
+  const cleanup = () => {
+    ipcRenderer.removeAllListeners(`stream:data:${requestId}`);
+    ipcRenderer.removeAllListeners(`stream:end:${requestId}`);
+    ipcRenderer.removeAllListeners(`stream:error:${requestId}`);
+    ipcRenderer.removeAllListeners(`stream:response:${requestId}`);
+  };
+
+  ipcRenderer.on(`stream:data:${requestId}`, (_, chunk: Buffer) => {
+    callbacks.onData(new Uint8Array(chunk));
+  });
+
+  ipcRenderer.once(`stream:end:${requestId}`, () => {
+    callbacks.onEnd();
+    cleanup();
+  });
+
+  ipcRenderer.once(`stream:error:${requestId}`, (_, error: Error) => {
+    callbacks.onError(error);
+    cleanup();
+  });
+
+  ipcRenderer.once(`stream:response:${requestId}`, (_, response: StreamResponse) => {
+    callbacks.onResponse(response);
+  });
+
+  ipcRenderer.send('stream:start', { ...params, requestId });
+
+  // Return a cleanup function to be called on cancellation
+  return cleanup;
+};

package/changelog/v1.json

@@ -1,4 +1,22 @@
 [
+  {
+    "children": {
+      "features": [
+        "Refactor desktop oauth and use JWTs token to support remote chat."
+      ]
+    },
+    "date": "2025-07-17",
+    "version": "1.100.0"
+  },
+  {
+    "children": {
+      "fixes": [
+        "Desktop local db can't upload image."
+      ]
+    },
+    "date": "2025-07-16",
+    "version": "1.99.6"
+  },
   {
     "children": {
       "fixes": [

package/docs/development/database-schema.dbml

@@ -431,6 +431,15 @@ table nextauth_verificationtokens {
   }
 }
 
+table oauth_handoffs {
+  id text [pk, not null]
+  client varchar(50) [not null]
+  payload jsonb [not null]
+  accessed_at "timestamp with time zone" [not null, default: `now()`]
+  created_at "timestamp with time zone" [not null, default: `now()`]
+  updated_at "timestamp with time zone" [not null, default: `now()`]
+}
+
 table oidc_access_tokens {
   id varchar(255) [pk, not null]
   data jsonb [not null]

package/locales/ar/electron.json

@@ -101,7 +101,10 @@
   "waitingOAuth": {
     "cancel": "إلغاء",
     "description": "تم فتح صفحة التفويض في المتصفح، يرجى إكمال التفويض في المتصفح",
+    "error": "فشل التفويض: {{error}}",
+    "errorTitle": "فشل في الاتصال بالتفويض",
     "helpText": "إذا لم يفتح المتصفح تلقائيًا، يرجى النقر على إلغاء ثم المحاولة مرة أخرى",
+    "retry": "أعد المحاولة",
     "title": "انتظار الاتصال بالتفويض"
   }
 }

package/locales/ar/oauth.json

@@ -28,10 +28,14 @@
     },
     "title": "تفويض {{clientName}}"
   },
-  "failed": {
+  "error": {
     "backToHome": "العودة إلى الصفحة الرئيسية",
-    "subTitle": "لقد رفضت منح التطبيق الوصول إلى حسابك في LobeChat",
-    "title": "تم رفض التفويض"
+    "desc": "فشل تفويض OAuth، سبب الفشل: {{reason}}",
+    "reason": {
+      "internal_error": "خطأ في الخادم",
+      "invalid_request": "معلمات طلب غير صالحة"
+    },
+    "title": "فشل التفويض"
   },
   "handoff": {
     "desc": {
@@ -50,7 +54,7 @@
     "userWelcome": "مرحبًا بعودتك،"
   },
   "success": {
-    "subTitle": "لقد منحت التطبيق الوصول إلى حسابك في LobeChat بنجاح، يمكنك إغلاق هذه الصفحة الآن",
+    "subTitle": "لقد قمت بتفويض التطبيق للوصول إلى حسابك بنجاح، يمكنك الآن إغلاق هذه الصفحة",
     "title": "تم التفويض بنجاح"
   }
 }

package/locales/bg-BG/electron.json

@@ -101,7 +101,10 @@
   "waitingOAuth": {
     "cancel": "Отмени",
     "description": "Браузърът е отворил страницата за авторизация, моля, завършете авторизацията в браузъра",
+    "error": "Неуспешно упълномощаване: {{error}}",
+    "errorTitle": "Неуспешно свързване за упълномощаване",
     "helpText": "Ако браузърът не се е отворил автоматично, моля, кликнете върху отмяна и опитайте отново",
+    "retry": "Опитай отново",
     "title": "Изчакване на авторизационна връзка"
   }
 }