@vacbo/opencode-anthropic-fix 0.1.7 → 0.1.9

package/src/accounts/persistence.ts

@@ -0,0 +1,432 @@
+import { findByIdentity, resolveIdentity } from "../account-identity.js";
+import type { ManagedAccount, StatsDelta } from "../accounts.js";
+import type { AccountMetadata, AccountStats, AccountStorage } from "../storage.js";
+import {
+    createManagedAccount,
+    findMatchingManagedAccount,
+    resolveManagedAccountIdentity,
+    updateManagedAccountFromStorage,
+} from "./matching.js";
+
+export type AuthFallback = {
+    refresh: string;
+    access?: string;
+    expires?: number;
+};
+
+type DiskLookup = {
+    accounts: AccountMetadata[];
+    byId: Map<string, AccountMetadata>;
+    byAddedAt: Map<number, AccountMetadata[]>;
+    byRefreshToken: Map<string, AccountMetadata>;
+};
+
+type PersistedAccountState = {
+    refreshToken: string;
+    access?: string;
+    expires?: number;
+    tokenUpdatedAt: number;
+    stats: AccountStats;
+};
+
+export type PreparedStorageSave = {
+    storage: AccountStorage;
+    persistedStateById: Map<string, PersistedAccountState>;
+    droppedIds: ReadonlySet<string>;
+};
+
+export type ReconciledAccounts = {
+    accounts: ManagedAccount[];
+    currentIndex: number;
+    cursor: number;
+    shouldRebuildTrackers: boolean;
+    resetHealthTrackerIndex: number | null;
+    staleDeltaIds: string[];
+};
+
+export function loadManagedAccountsFromStorage(stored: AccountStorage): {
+    accounts: ManagedAccount[];
+    currentIndex: number;
+} {
+    const accounts = stored.accounts.map((account, index) =>
+        createManagedAccount({
+            id: account.id || `${account.addedAt}:${account.refreshToken.slice(0, 12)}`,
+            index,
+            email: account.email,
+            identity: account.identity,
+            label: account.label,
+            refreshToken: account.refreshToken,
+            access: account.access,
+            expires: account.expires,
+            tokenUpdatedAt: account.token_updated_at,
+            addedAt: account.addedAt,
+            lastUsed: account.lastUsed,
+            enabled: account.enabled,
+            rateLimitResetTimes: account.rateLimitResetTimes,
+            consecutiveFailures: account.consecutiveFailures,
+            lastFailureTime: account.lastFailureTime,
+            lastSwitchReason: account.lastSwitchReason,
+            stats: account.stats,
+            source: account.source || "oauth",
+        }),
+    );
+
+    return {
+        accounts,
+        currentIndex: accounts.length > 0 ? Math.min(stored.activeIndex, accounts.length - 1) : -1,
+    };
+}
+
+export function mergeAuthFallbackIntoAccounts(accounts: ManagedAccount[], authFallback: AuthFallback): void {
+    if (accounts.length === 0) {
+        return;
+    }
+
+    const fallbackIdentity = resolveManagedAccountIdentity({
+        refreshToken: authFallback.refresh,
+        source: "oauth",
+    });
+    const match = findMatchingManagedAccount(accounts, {
+        identity: fallbackIdentity,
+        refreshToken: authFallback.refresh,
+    });
+
+    if (!match) {
+        return;
+    }
+
+    const fallbackHasAccess = typeof authFallback.access === "string" && authFallback.access.length > 0;
+    const fallbackExpires = typeof authFallback.expires === "number" ? authFallback.expires : 0;
+    const matchExpires = typeof match.expires === "number" ? match.expires : 0;
+    const fallbackLooksFresh = fallbackHasAccess && fallbackExpires > Date.now();
+    const shouldAdoptFallback =
+        fallbackLooksFresh && (!match.access || !match.expires || fallbackExpires > matchExpires);
+
+    if (!shouldAdoptFallback) {
+        return;
+    }
+
+    match.access = authFallback.access;
+    match.expires = authFallback.expires;
+    match.tokenUpdatedAt = Math.max(match.tokenUpdatedAt || 0, fallbackExpires);
+}
+
+export function createBootstrapAccountFromFallback(authFallback: AuthFallback, now = Date.now()): ManagedAccount {
+    return createManagedAccount({
+        id: `${now}:${authFallback.refresh.slice(0, 12)}`,
+        index: 0,
+        refreshToken: authFallback.refresh,
+        access: authFallback.access,
+        expires: authFallback.expires,
+        tokenUpdatedAt: now,
+        addedAt: now,
+        lastSwitchReason: "initial",
+        source: "oauth",
+    });
+}
+
+function createDiskLookup(diskData: AccountStorage | null): DiskLookup {
+    const accounts = diskData?.accounts ?? [];
+    const byAddedAt = new Map<number, AccountMetadata[]>();
+
+    for (const account of accounts) {
+        const bucket = byAddedAt.get(account.addedAt) ?? [];
+        bucket.push(account);
+        byAddedAt.set(account.addedAt, bucket);
+    }
+
+    return {
+        accounts,
+        byId: new Map(accounts.map((account) => [account.id, account])),
+        byAddedAt,
+        byRefreshToken: new Map(accounts.map((account) => [account.refreshToken, account])),
+    };
+}
+
+function findMatchingDiskAccount(account: ManagedAccount, diskLookup: DiskLookup): AccountMetadata | null {
+    const byId = diskLookup.byId.get(account.id);
+    if (byId) return byId;
+
+    const byIdentity = findByIdentity(diskLookup.accounts, resolveIdentity(account));
+    if (byIdentity) return byIdentity;
+
+    const byAddedAt = diskLookup.byAddedAt.get(account.addedAt);
+    if (byAddedAt?.length === 1) return byAddedAt[0]!;
+
+    const byRefreshToken = diskLookup.byRefreshToken.get(account.refreshToken);
+    if (byRefreshToken) return byRefreshToken;
+
+    return byAddedAt?.[0] ?? null;
+}
+
+function mergePersistedStats(
+    account: ManagedAccount,
+    diskAccount: AccountMetadata | null,
+    delta: StatsDelta | undefined,
+): AccountStats {
+    if (!delta) {
+        return account.stats;
+    }
+
+    if (delta.isReset) {
+        return {
+            requests: delta.requests,
+            inputTokens: delta.inputTokens,
+            outputTokens: delta.outputTokens,
+            cacheReadTokens: delta.cacheReadTokens,
+            cacheWriteTokens: delta.cacheWriteTokens,
+            lastReset: delta.resetTimestamp ?? account.stats.lastReset,
+        };
+    }
+
+    if (!diskAccount?.stats) {
+        return account.stats;
+    }
+
+    return {
+        requests: diskAccount.stats.requests + delta.requests,
+        inputTokens: diskAccount.stats.inputTokens + delta.inputTokens,
+        outputTokens: diskAccount.stats.outputTokens + delta.outputTokens,
+        cacheReadTokens: diskAccount.stats.cacheReadTokens + delta.cacheReadTokens,
+        cacheWriteTokens: diskAccount.stats.cacheWriteTokens + delta.cacheWriteTokens,
+        lastReset: diskAccount.stats.lastReset,
+    };
+}
+
+function applyFreshestAuth(account: ManagedAccount, diskAccount: AccountMetadata | null): PersistedAccountState {
+    const memoryTokenUpdatedAt = account.tokenUpdatedAt || 0;
+    const diskTokenUpdatedAt = diskAccount?.token_updated_at || 0;
+    const freshestAuth =
+        diskAccount && diskTokenUpdatedAt > memoryTokenUpdatedAt
+            ? {
+                  refreshToken: diskAccount.refreshToken,
+                  access: diskAccount.access,
+                  expires: diskAccount.expires,
+                  tokenUpdatedAt: diskTokenUpdatedAt,
+              }
+            : {
+                  refreshToken: account.refreshToken,
+                  access: account.access,
+                  expires: account.expires,
+                  tokenUpdatedAt: memoryTokenUpdatedAt,
+              };
+
+    account.refreshToken = freshestAuth.refreshToken;
+    account.access = freshestAuth.access;
+    account.expires = freshestAuth.expires;
+    account.tokenUpdatedAt = freshestAuth.tokenUpdatedAt;
+
+    return {
+        ...freshestAuth,
+        stats: account.stats,
+    };
+}
+
+export function prepareStorageForSave(params: {
+    accounts: ManagedAccount[];
+    currentIndex: number;
+    statsDeltas: Map<string, StatsDelta>;
+    diskData: AccountStorage | null;
+    droppedIds?: ReadonlySet<string>;
+}): PreparedStorageSave {
+    const diskLookup = createDiskLookup(params.diskData);
+    const matchedDiskAccounts = new Set<AccountMetadata>();
+    const activeAccountId = params.accounts[params.currentIndex]?.id ?? null;
+    const persistedStateById = new Map<string, PersistedAccountState>();
+    const accountsToPersist = params.accounts.filter(
+        (account) => account.enabled || !!findMatchingDiskAccount(account, diskLookup),
+    );
+
+    const persistedAccounts = accountsToPersist.map((account) => {
+        const delta = params.statsDeltas.get(account.id);
+        const diskAccount = findMatchingDiskAccount(account, diskLookup);
+
+        if (diskAccount) {
+            matchedDiskAccounts.add(diskAccount);
+        }
+
+        const mergedStats = mergePersistedStats(account, diskAccount, delta);
+        account.stats = mergedStats;
+        const freshestAuth = applyFreshestAuth(account, diskAccount);
+        freshestAuth.stats = mergedStats;
+        persistedStateById.set(account.id, freshestAuth);
+
+        return {
+            id: account.id,
+            email: account.email,
+            identity: account.identity,
+            label: account.label,
+            refreshToken: freshestAuth.refreshToken,
+            access: freshestAuth.access,
+            expires: freshestAuth.expires,
+            token_updated_at: freshestAuth.tokenUpdatedAt,
+            addedAt: account.addedAt,
+            lastUsed: account.lastUsed,
+            enabled: account.enabled,
+            rateLimitResetTimes: Object.keys(account.rateLimitResetTimes).length > 0 ? account.rateLimitResetTimes : {},
+            consecutiveFailures: account.consecutiveFailures,
+            lastFailureTime: account.lastFailureTime,
+            lastSwitchReason: account.lastSwitchReason,
+            stats: mergedStats,
+            source: account.source,
+        } satisfies AccountMetadata;
+    });
+
+    const droppedIds = params.droppedIds;
+    const diskOnlyAccounts = diskLookup.accounts.filter(
+        (account) => !matchedDiskAccounts.has(account) && !(droppedIds && droppedIds.has(account.id)),
+    );
+    const allAccounts = accountsToPersist.length > 0 ? [...persistedAccounts, ...diskOnlyAccounts] : persistedAccounts;
+    const resolvedActiveIndex = activeAccountId
+        ? allAccounts.findIndex((account) => account.id === activeAccountId)
+        : -1;
+
+    return {
+        storage: {
+            version: 1,
+            accounts: allAccounts,
+            activeIndex:
+                resolvedActiveIndex >= 0
+                    ? resolvedActiveIndex
+                    : allAccounts.length > 0
+                      ? Math.max(0, Math.min(params.currentIndex, allAccounts.length - 1))
+                      : 0,
+        },
+        persistedStateById,
+        droppedIds: droppedIds ?? new Set<string>(),
+    };
+}
+
+export function reconcileManagedAccountsWithStorage(params: {
+    accounts: ManagedAccount[];
+    stored: AccountStorage;
+    currentIndex: number;
+    statsDeltaIds: Iterable<string>;
+}): ReconciledAccounts {
+    const matchedAccounts = new Set<ManagedAccount>();
+    const reconciledAccounts: ManagedAccount[] = [];
+    let structuralChange = false;
+
+    for (const [index, storedAccount] of params.stored.accounts.entries()) {
+        const existing = findMatchingManagedAccount(params.accounts, {
+            id: storedAccount.id,
+            identity: resolveIdentity(storedAccount),
+            refreshToken: storedAccount.refreshToken,
+        });
+
+        if (existing) {
+            updateManagedAccountFromStorage(existing, storedAccount, index);
+            matchedAccounts.add(existing);
+            reconciledAccounts.push(existing);
+            continue;
+        }
+
+        const addedAccount = createManagedAccount({
+            id: storedAccount.id,
+            index,
+            email: storedAccount.email,
+            identity: storedAccount.identity,
+            label: storedAccount.label,
+            refreshToken: storedAccount.refreshToken,
+            access: storedAccount.access,
+            expires: storedAccount.expires,
+            tokenUpdatedAt: storedAccount.token_updated_at,
+            addedAt: storedAccount.addedAt,
+            lastUsed: storedAccount.lastUsed,
+            enabled: storedAccount.enabled,
+            rateLimitResetTimes: storedAccount.rateLimitResetTimes,
+            consecutiveFailures: storedAccount.consecutiveFailures,
+            lastFailureTime: storedAccount.lastFailureTime,
+            lastSwitchReason: storedAccount.lastSwitchReason,
+            stats: storedAccount.stats,
+            source: storedAccount.source || "oauth",
+        });
+        matchedAccounts.add(addedAccount);
+        reconciledAccounts.push(addedAccount);
+        structuralChange = true;
+    }
+
+    for (const account of params.accounts) {
+        if (matchedAccounts.has(account)) {
+            continue;
+        }
+
+        if (account.enabled) {
+            account.enabled = false;
+            structuralChange = true;
+        }
+
+        reconciledAccounts.push(account);
+    }
+
+    const orderChanged =
+        reconciledAccounts.length !== params.accounts.length ||
+        reconciledAccounts.some((account, index) => params.accounts[index] !== account);
+
+    const currentIds = new Set(reconciledAccounts.map((account) => account.id));
+    const staleDeltaIds = Array.from(params.statsDeltaIds).filter((id) => !currentIds.has(id));
+    const enabledAccounts = reconciledAccounts.filter((account) => account.enabled);
+
+    if (enabledAccounts.length === 0) {
+        return {
+            accounts: reconciledAccounts,
+            currentIndex: -1,
+            cursor: 0,
+            shouldRebuildTrackers: orderChanged || structuralChange,
+            resetHealthTrackerIndex: null,
+            staleDeltaIds,
+        };
+    }
+
+    const diskIndex = Math.min(params.stored.activeIndex, params.stored.accounts.length - 1);
+    const diskAccount = diskIndex >= 0 ? params.stored.accounts[diskIndex] : undefined;
+
+    if (!diskAccount || !diskAccount.enabled) {
+        if (!reconciledAccounts[params.currentIndex]?.enabled) {
+            const fallback = enabledAccounts[0]!;
+            return {
+                accounts: reconciledAccounts,
+                currentIndex: fallback.index,
+                cursor: fallback.index,
+                shouldRebuildTrackers: orderChanged || structuralChange,
+                resetHealthTrackerIndex: null,
+                staleDeltaIds,
+            };
+        }
+
+        return {
+            accounts: reconciledAccounts,
+            currentIndex: params.currentIndex,
+            cursor: params.currentIndex >= 0 ? params.currentIndex : enabledAccounts[0]!.index,
+            shouldRebuildTrackers: orderChanged || structuralChange,
+            resetHealthTrackerIndex: null,
+            staleDeltaIds,
+        };
+    }
+
+    const activeAccount = findMatchingManagedAccount(reconciledAccounts, {
+        id: diskAccount.id,
+        identity: resolveIdentity(diskAccount),
+        refreshToken: diskAccount.refreshToken,
+    });
+
+    if (activeAccount && activeAccount.enabled && activeAccount.index !== params.currentIndex) {
+        return {
+            accounts: reconciledAccounts,
+            currentIndex: activeAccount.index,
+            cursor: activeAccount.index,
+            shouldRebuildTrackers: orderChanged || structuralChange,
+            resetHealthTrackerIndex: activeAccount.index,
+            staleDeltaIds,
+        };
+    }
+
+    return {
+        accounts: reconciledAccounts,
+        currentIndex: params.currentIndex,
+        cursor: params.currentIndex >= 0 ? params.currentIndex : enabledAccounts[0]!.index,
+        shouldRebuildTrackers: orderChanged || structuralChange,
+        resetHealthTrackerIndex: null,
+        staleDeltaIds,
+    };
+}

package/src/accounts/repair.test.ts

@@ -0,0 +1,276 @@
+import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
+import { DEFAULT_CONFIG } from "../config.js";
+import type { AccountStorage } from "../storage.js";
+import { createInMemoryStorage, makeAccountsData, makeStoredAccount } from "../__tests__/helpers/in-memory-storage.js";
+import type * as StorageModule from "../storage.js";
+
+type CCCredential = {
+    accessToken: string;
+    refreshToken: string;
+    expiresAt: number;
+    source: "cc-keychain" | "cc-file";
+    label: string;
+    subscriptionType?: string;
+};
+
+type LoadManagerOptions = {
+    ccCredentials?: CCCredential[];
+    config?: typeof DEFAULT_CONFIG;
+    initialStorage?: AccountStorage;
+};
+
+async function loadManager(options: LoadManagerOptions = {}) {
+    vi.resetModules();
+
+    const storage = createInMemoryStorage(options.initialStorage);
+    const createDefaultStats = vi.fn((now?: number) => ({
+        requests: 0,
+        inputTokens: 0,
+        outputTokens: 0,
+        cacheReadTokens: 0,
+        cacheWriteTokens: 0,
+        lastReset: now ?? Date.now(),
+    }));
+
+    vi.doMock("../storage.js", async (importOriginal) => {
+        const actual = await importOriginal<typeof StorageModule>();
+        return {
+            ...actual,
+            createDefaultStats,
+            loadAccounts: storage.loadAccountsMock,
+            saveAccounts: storage.saveAccountsMock,
+        };
+    });
+
+    vi.doMock("../cc-credentials.js", () => ({
+        readCCCredentials: () => options.ccCredentials ?? [],
+    }));
+
+    const { AccountManager } = await import("../accounts.js");
+    const manager = await AccountManager.load(options.config ?? DEFAULT_CONFIG, null);
+    return { manager, storage };
+}
+
+describe("repairCorruptedCCAccounts (load-time heal)", () => {
+    beforeEach(() => {
+        vi.useFakeTimers();
+        vi.setSystemTime(new Date("2026-04-13T12:00:00Z"));
+    });
+
+    afterEach(() => {
+        vi.useRealTimers();
+        vi.clearAllMocks();
+        vi.resetModules();
+    });
+
+    it("full heal: cc-born id + matching live credential restores source/label/identity", async () => {
+        const corruptedRefresh = "sk-ant-ort01-corrupted-refresh-token-value";
+        const initialStorage = makeAccountsData([
+            makeStoredAccount({
+                id: "cc-cc-keychain-1775606505008:sk-ant-ort01",
+                refreshToken: corruptedRefresh,
+                access: "sk-ant-corrupted-access",
+                source: "oauth",
+                identity: { kind: "legacy", refreshToken: corruptedRefresh },
+                label: undefined,
+                email: undefined,
+            }),
+        ]);
+
+        const { manager } = await loadManager({
+            initialStorage,
+            ccCredentials: [
+                {
+                    refreshToken: corruptedRefresh,
+                    accessToken: "sk-ant-corrupted-access",
+                    expiresAt: Date.now() + 3_600_000,
+                    source: "cc-keychain",
+                    label: "Claude Code-credentials",
+                    subscriptionType: "max",
+                },
+            ],
+        });
+
+        const snapshot = manager.getAccountsSnapshot();
+        expect(snapshot).toHaveLength(1);
+        expect(snapshot[0]).toMatchObject({
+            id: "cc-cc-keychain-1775606505008:sk-ant-ort01",
+            source: "cc-keychain",
+            label: "Claude Code-credentials",
+            identity: {
+                kind: "cc",
+                source: "cc-keychain",
+                label: "Claude Code-credentials",
+            },
+        });
+    });
+
+    it("partial heal: cc-born id with no live credential restores source from id and clears legacy identity", async () => {
+        const refresh = "sk-ant-ort01-stale-token";
+        const initialStorage = makeAccountsData([
+            makeStoredAccount({
+                id: "cc-cc-keychain-1775606505008:sk-ant-ort01",
+                refreshToken: refresh,
+                source: "oauth",
+                identity: { kind: "legacy", refreshToken: refresh },
+                label: undefined,
+            }),
+        ]);
+
+        const { manager } = await loadManager({
+            initialStorage,
+            ccCredentials: [],
+        });
+
+        const snapshot = manager.getAccountsSnapshot();
+        expect(snapshot).toHaveLength(1);
+        expect(snapshot[0]?.source).toBe("cc-keychain");
+        expect(snapshot[0]?.identity).toBeUndefined();
+    });
+
+    it("collapses corrupted cc-born duplicate into healthy cc row on load", async () => {
+        const corruptedRefresh = "sk-ant-ort01-old-rotated-token";
+        const freshRefresh = "sk-ant-ort01-new-rotated-token";
+        const initialStorage = makeAccountsData([
+            makeStoredAccount({
+                id: "cc-cc-keychain-1775606505008:sk-ant-ort01",
+                refreshToken: corruptedRefresh,
+                access: "sk-ant-old-access",
+                source: "oauth",
+                identity: { kind: "legacy", refreshToken: corruptedRefresh },
+                label: undefined,
+                addedAt: 1775606505008,
+                token_updated_at: 1775606505008,
+            }),
+            makeStoredAccount({
+                id: "cc-cc-keychain-1775767359131:sk-ant-ort01",
+                refreshToken: freshRefresh,
+                access: "sk-ant-new-access",
+                source: "cc-keychain",
+                label: "Claude Code-credentials",
+                identity: {
+                    kind: "cc",
+                    source: "cc-keychain",
+                    label: "Claude Code-credentials",
+                },
+                addedAt: 1775767359131,
+                token_updated_at: 1775767359131,
+            }),
+        ]);
+
+        const { manager } = await loadManager({
+            initialStorage,
+            ccCredentials: [
+                {
+                    refreshToken: freshRefresh,
+                    accessToken: "sk-ant-new-access",
+                    expiresAt: Date.now() + 3_600_000,
+                    source: "cc-keychain",
+                    label: "Claude Code-credentials",
+                    subscriptionType: "max",
+                },
+            ],
+        });
+
+        const snapshot = manager.getAccountsSnapshot();
+        expect(snapshot).toHaveLength(1);
+        expect(snapshot[0]).toMatchObject({
+            source: "cc-keychain",
+            label: "Claude Code-credentials",
+            refreshToken: freshRefresh,
+            identity: {
+                kind: "cc",
+                source: "cc-keychain",
+                label: "Claude Code-credentials",
+            },
+        });
+    });
+
+    it("addAccount() refuses to downgrade a CC row to oauth when called without CC options", async () => {
+        const initialStorage = makeAccountsData([
+            makeStoredAccount({
+                id: "cc-cc-keychain-1775606505008:sk-ant-ort01",
+                refreshToken: "cc-refresh-original",
+                access: "cc-access-original",
+                source: "cc-keychain",
+                label: "Claude Code-credentials",
+                identity: {
+                    kind: "cc",
+                    source: "cc-keychain",
+                    label: "Claude Code-credentials",
+                },
+            }),
+        ]);
+
+        const { manager } = await loadManager({ initialStorage });
+
+        const result = manager.addAccount(
+            "cc-refresh-original",
+            "sk-ant-fresh-access",
+            Date.now() + 7_200_000,
+            undefined,
+        );
+
+        expect(result).not.toBeNull();
+        const snapshot = manager.getAccountsSnapshot();
+        expect(snapshot).toHaveLength(1);
+        expect(snapshot[0]).toMatchObject({
+            source: "cc-keychain",
+            label: "Claude Code-credentials",
+            access: "sk-ant-fresh-access",
+            identity: {
+                kind: "cc",
+                source: "cc-keychain",
+                label: "Claude Code-credentials",
+            },
+        });
+    });
+
+    it("addAccount() with explicit oauth source does NOT downgrade a healthy CC row", async () => {
+        const initialStorage = makeAccountsData([
+            makeStoredAccount({
+                id: "cc-cc-keychain-1775606505008:sk-ant-ort01",
+                refreshToken: "cc-refresh",
+                source: "cc-keychain",
+                label: "Claude Code-credentials",
+                identity: {
+                    kind: "cc",
+                    source: "cc-keychain",
+                    label: "Claude Code-credentials",
+                },
+            }),
+        ]);
+
+        const { manager } = await loadManager({ initialStorage });
+
+        manager.addAccount("cc-refresh", "fresh-access", Date.now() + 7_200_000, "alice@example.com", {
+            source: "oauth",
+        });
+
+        const snapshot = manager.getAccountsSnapshot();
+        expect(snapshot[0]?.source).toBe("cc-keychain");
+        expect(snapshot[0]?.identity).toMatchObject({ kind: "cc" });
+    });
+
+    it("does NOT touch healthy non-CC rows", async () => {
+        const initialStorage = makeAccountsData([
+            makeStoredAccount({
+                id: "1234567890:sk-ant-oauth1",
+                refreshToken: "oauth-refresh",
+                email: "alice@example.com",
+                source: "oauth",
+                identity: { kind: "oauth", email: "alice@example.com" },
+            }),
+        ]);
+
+        const { manager } = await loadManager({ initialStorage });
+
+        const snapshot = manager.getAccountsSnapshot();
+        expect(snapshot).toHaveLength(1);
+        expect(snapshot[0]).toMatchObject({
+            source: "oauth",
+            email: "alice@example.com",
+            identity: { kind: "oauth", email: "alice@example.com" },
+        });
+    });
+});