ai-zero-token 2.0.4 → 2.0.5

package/dist/server/app.js

@@ -2,12 +2,14 @@
 import { randomUUID } from "node:crypto";
 import fs from "node:fs/promises";
 import path from "node:path";
+import { Readable } from "node:stream";
 import { fileURLToPath } from "node:url";
 import Fastify from "fastify";
 import cors from "@fastify/cors";
 import { z } from "zod";
 import { createGatewayContext } from "../core/context.js";
 import { requestText } from "../core/providers/http-client.js";
+import { streamOpenAICodex } from "../core/providers/openai-codex/chat.js";
 const packageRoot = path.dirname(fileURLToPath(new URL("../../package.json", import.meta.url)));
 const adminUiDistDir = path.join(packageRoot, "admin-ui", "dist");
 const adminUiIndexPath = path.join(adminUiDistDir, "index.html");
@@ -45,17 +47,9 @@ async function readAdminUiAsset(assetPath) {
     return null;
   }
 }
-const inputPartSchema = z.object({
-  type: z.string().optional(),
-  text: z.string().optional()
-}).passthrough();
-const inputMessageSchema = z.object({
-  role: z.string().optional(),
-  content: z.array(inputPartSchema).optional()
-}).passthrough();
 const responsesBodySchema = z.object({
   model: z.string().optional(),
-  input: z.union([z.string(), z.array(inputMessageSchema)]).optional(),
+  input: z.unknown().optional(),
   instructions: z.string().optional(),
   stream: z.boolean().optional(),
   tools: z.array(z.unknown()).optional(),
@@ -69,7 +63,7 @@ const responsesBodySchema = z.object({
     allow_unknown_model: z.boolean().optional(),
     include_raw: z.boolean().optional()
   }).passthrough().optional()
-});
+}).passthrough();
 const chatCompletionContentPartSchema = z.object({
   type: z.string().optional(),
   text: z.string().optional(),
@@ -114,7 +108,8 @@ const settingsUpdateSchema = z.object({
     noProxy: z.string().optional()
   }).optional(),
   autoSwitch: z.object({
-    enabled: z.boolean()
+    enabled: z.boolean().optional(),
+    excludedProfileIds: z.array(z.string()).optional()
   }).optional(),
   runtime: z.object({
     quotaSyncConcurrency: z.number().int().min(1).max(32).optional()
@@ -150,6 +145,10 @@ const profileExportSchema = z.object({
 const codexApplySchema = z.object({
   profileId: z.string().min(1)
 });
+const codexProviderConfigSchema = z.object({
+  baseUrl: z.string().min(1).optional(),
+  providerId: z.string().min(1).optional()
+});
 const githubImageBedConfigSchema = z.object({
   token: z.string().min(1)
 });
@@ -199,6 +198,21 @@ const imageEditsBodySchema = z.object({
   response_format: z.enum(["b64_json", "url"]).optional(),
   user: z.string().optional()
 }).passthrough();
+function extractTextFromInputContent(content) {
+  if (typeof content === "string" && content.trim()) {
+    return [content.trim()];
+  }
+  if (!Array.isArray(content)) {
+    return [];
+  }
+  return content.flatMap((part) => {
+    if (!part || typeof part !== "object") {
+      return [];
+    }
+    const record = part;
+    return typeof record.text === "string" && record.text.trim() ? [record.text.trim()] : [];
+  });
+}
 function extractTextInput(input) {
   if (typeof input === "undefined") {
     return "";
@@ -207,12 +221,14 @@ function extractTextInput(input) {
     return input;
   }
   const chunks = [];
+  if (!Array.isArray(input)) {
+    return "";
+  }
   for (const item of input) {
-    for (const part of item.content ?? []) {
-      if (typeof part.text === "string" && part.text.trim()) {
-        chunks.push(part.text.trim());
-      }
+    if (!item || typeof item !== "object") {
+      continue;
     }
+    chunks.push(...extractTextFromInputContent(item.content));
   }
   return chunks.join("\n").trim();
 }
@@ -415,6 +431,46 @@ function summarizeToolNames(tools) {
     return typeof fn?.name === "string" ? fn.name : typeof record.name === "string" ? record.name : "";
   }).filter(Boolean);
 }
+function summarizeResponsesRequest(data) {
+  const input = data.input;
+  const toolNames = summarizeToolNames(Array.isArray(data.tools) ? data.tools : void 0);
+  return {
+    endpoint: "/v1/responses",
+    model: data.model ?? "default",
+    stream: data.stream ?? false,
+    inputKind: typeof input === "string" ? "string" : Array.isArray(input) ? "array" : "override",
+    inputItems: Array.isArray(input) ? input.length : void 0,
+    inputTextPreview: typeof input === "string" ? truncateForLog(input) : "",
+    instructionsLength: typeof data.instructions === "string" ? data.instructions.length : void 0,
+    toolCount: Array.isArray(data.tools) ? data.tools.length : 0,
+    toolNames: toolNames.slice(0, 50),
+    toolNamesTruncated: toolNames.length > 50,
+    toolChoice: typeof data.tool_choice === "undefined" ? "default" : typeof data.tool_choice,
+    parallelToolCalls: data.parallel_tool_calls,
+    hasReasoning: Boolean(data.reasoning)
+  };
+}
+function createResponsesCodexBody(data) {
+  const experimentalBody = data.experimental_codex?.body ?? {};
+  const body = {
+    ...experimentalBody,
+    ...data
+  };
+  delete body.experimental_codex;
+  const normalizedInput = normalizeResponseInput(data.input);
+  if (typeof normalizedInput !== "undefined") {
+    body.input = normalizedInput;
+  }
+  return body;
+}
+function createCodexPassthroughBody(data, model) {
+  const body = {
+    ...data,
+    model
+  };
+  delete body.experimental_codex;
+  return body;
+}
 function summarizeChatCompletionsRequest(data) {
   const lastUserMessage = [...data.messages].reverse().find((message) => (message.role ?? "user") === "user");
   const toolNames = summarizeToolNames(data.tools);
@@ -455,7 +511,17 @@ function profileLogLabel(profile) {
   return profile?.email || profile?.accountId || profile?.profileId || "-";
 }
 function requestSourceFromUserAgent(userAgent) {
-  return typeof userAgent === "string" && userAgent.toLowerCase().includes("openclaw") ? "OpenClaw" : "API";
+  if (typeof userAgent !== "string") {
+    return "API";
+  }
+  const normalized = userAgent.toLowerCase();
+  if (normalized.includes("codex")) {
+    return "Codex";
+  }
+  if (normalized.includes("openclaw")) {
+    return "OpenClaw";
+  }
+  return "API";
 }
 function createChatCompletionsCodexBody(data) {
   const body = {
@@ -749,7 +815,7 @@ function getErrorStatusCode(error) {
     return normalized.statusCode;
   }
   const upstreamStatus = normalized.upstreamStatus;
-  if (upstreamStatus === 401 || upstreamStatus === 403) {
+  if (typeof upstreamStatus === "number" && upstreamStatus >= 400 && upstreamStatus < 600) {
     return upstreamStatus;
   }
   const message = normalized.message;
@@ -761,6 +827,50 @@ function getErrorStatusCode(error) {
   }
   return 500;
 }
+function isQuotaLimitError(error) {
+  const normalized = normalizeError(error);
+  const marker = `${normalized.upstreamErrorCode ?? ""} ${normalized.upstreamErrorType ?? ""} ${normalized.message}`.toLowerCase();
+  return normalized.upstreamStatus === 429 || marker.includes("usage_limit_reached");
+}
+function createSseStreamStats() {
+  return {
+    buffer: "",
+    bytes: 0,
+    completed: false
+  };
+}
+function trackSseChunk(stats, chunk) {
+  const text = typeof chunk === "string" ? chunk : chunk instanceof Uint8Array ? Buffer.from(chunk).toString("utf8") : String(chunk);
+  stats.bytes += Buffer.byteLength(text);
+  stats.buffer += text.replace(/\r\n/g, "\n");
+  let separatorIndex = stats.buffer.indexOf("\n\n");
+  while (separatorIndex !== -1) {
+    const block = stats.buffer.slice(0, separatorIndex);
+    stats.buffer = stats.buffer.slice(separatorIndex + 2);
+    const eventName = block.split("\n").find((line) => line.startsWith("event:"))?.slice("event:".length).trim();
+    const data = block.split("\n").filter((line) => line.startsWith("data:")).map((line) => line.slice("data:".length).trim()).join("\n");
+    let eventType = eventName;
+    if (data && data !== "[DONE]") {
+      try {
+        const parsed = JSON.parse(data);
+        if (typeof parsed.type === "string") {
+          eventType = parsed.type;
+        }
+      } catch {
+      }
+    }
+    if (eventType === "response.completed") {
+      stats.completed = true;
+      stats.terminalEvent = eventType;
+    } else if (eventType === "response.failed" || eventType === "response.incomplete") {
+      stats.terminalEvent = eventType;
+    }
+    separatorIndex = stats.buffer.indexOf("\n\n");
+  }
+  if (stats.buffer.length > 65536) {
+    stats.buffer = stats.buffer.slice(-65536);
+  }
+}
 function createApp(params) {
   const app = Fastify({
     logger: false,
@@ -833,6 +943,7 @@ function createApp(params) {
       codex: codexStatus,
       adminUrl: `${origin}/`,
       baseUrl: `${origin}/v1`,
+      codexBaseUrl: `${origin}/codex/v1`,
       restartSupported: Boolean(params?.onRestart),
       codexRestartSupported: Boolean(params?.onRestartCodex),
       supportedEndpoints: [
@@ -846,6 +957,11 @@ function createApp(params) {
           path: "/v1/responses",
           description: "OpenAI responses \u517C\u5BB9\u63A5\u53E3\u3002"
         },
+        {
+          method: "POST",
+          path: "/codex/v1/responses",
+          description: "Codex custom provider \u4E13\u7528 Responses SSE \u900F\u4F20\u63A5\u53E3\u3002"
+        },
         {
           method: "POST",
           path: "/v1/chat/completions",
@@ -1092,6 +1208,45 @@ function createApp(params) {
       config: await buildAdminConfig(request)
     };
   });
+  app.post("/_gateway/admin/codex/configure-provider", async (request, reply) => {
+    const parsed = codexProviderConfigSchema.safeParse(request.body ?? {});
+    if (!parsed.success) {
+      reply.code(400);
+      return {
+        error: {
+          type: "validation_error",
+          message: parsed.error.issues[0]?.message ?? "\u8BF7\u6C42\u4F53\u683C\u5F0F\u9519\u8BEF"
+        }
+      };
+    }
+    const origin = resolveOrigin(request);
+    const baseUrl = parsed.data.baseUrl ?? `${origin}/codex/v1`;
+    return {
+      codexProvider: await ctx.authService.applyGatewayToCodexProvider({
+        baseUrl,
+        providerId: parsed.data.providerId
+      }),
+      config: await buildAdminConfig(request)
+    };
+  });
+  app.post("/_gateway/admin/codex/remove-provider", async (request, reply) => {
+    const parsed = codexProviderConfigSchema.safeParse(request.body ?? {});
+    if (!parsed.success) {
+      reply.code(400);
+      return {
+        error: {
+          type: "validation_error",
+          message: parsed.error.issues[0]?.message ?? "\u8BF7\u6C42\u4F53\u683C\u5F0F\u9519\u8BEF"
+        }
+      };
+    }
+    return {
+      codexProvider: await ctx.authService.removeGatewayFromCodexProvider({
+        providerId: parsed.data.providerId
+      }),
+      config: await buildAdminConfig(request)
+    };
+  });
   app.put("/_gateway/admin/settings", async (request, reply) => {
     const parsed = settingsUpdateSchema.safeParse(request.body);
     if (!parsed.success) {
@@ -1262,9 +1417,171 @@ function createApp(params) {
       owned_by: model.provider
     }))
   }));
-  app.post("/v1/responses", async (request, reply) => {
+  async function handleCodexResponsesPassthrough(request, reply, data, startedAt) {
+    const abortController = new AbortController();
+    let streamFinished = false;
+    let headersCommitted = false;
+    let profile = null;
+    let retryCount = 0;
+    let failureRecorded = false;
+    reply.raw.on("close", () => {
+      if (!streamFinished) {
+        abortController.abort();
+      }
+    });
+    try {
+      const model = await ctx.modelService.resolveModel("openai-codex", data.model, {
+        allowUnknown: data.experimental_codex?.allow_unknown_model
+      });
+      const codexBody = createCodexPassthroughBody(data, model);
+      let upstream = null;
+      const maxProfileAttempts = 5;
+      for (let attempt = 0; attempt < maxProfileAttempts; attempt += 1) {
+        profile = await ctx.authService.requireUsableProfile("openai-codex");
+        try {
+          upstream = await streamOpenAICodex({
+            profile,
+            model,
+            bodyOverride: codexBody,
+            passthroughBody: true,
+            signal: abortController.signal
+          });
+          break;
+        } catch (error) {
+          const quota = error.quota;
+          const switchedProfile = await ctx.authService.recordProfileRequestFailure(profile.profileId, error, quota, "openai-codex");
+          failureRecorded = true;
+          if (attempt < maxProfileAttempts - 1 && isQuotaLimitError(error) && switchedProfile && switchedProfile.profileId !== profile.profileId && !abortController.signal.aborted) {
+            retryCount += 1;
+            failureRecorded = false;
+            continue;
+          }
+          throw error;
+        }
+      }
+      if (!upstream || !profile) {
+        throw new Error("Codex stream \u672A\u80FD\u5EFA\u7ACB\u3002");
+      }
+      await ctx.authService.recordProfileRequestSuccess(profile.profileId, upstream.quota, "openai-codex");
+      const headers = {
+        "Content-Type": upstream.headers["content-type"] ?? "text/event-stream; charset=utf-8",
+        "Cache-Control": "no-cache, no-transform",
+        Connection: "keep-alive",
+        "X-Accel-Buffering": "no"
+      };
+      for (const [key, value] of Object.entries(upstream.headers)) {
+        if (key.startsWith("x-codex-") || key === "x-request-id") {
+          headers[key] = value;
+        }
+      }
+      reply.raw.writeHead(upstream.status, headers);
+      headersCommitted = true;
+      reply.raw.flushHeaders?.();
+      const streamStats = createSseStreamStats();
+      for await (const chunk of Readable.fromWeb(upstream.body)) {
+        trackSseChunk(streamStats, chunk);
+        if (!reply.raw.write(chunk)) {
+          await new Promise((resolve) => reply.raw.once("drain", resolve));
+        }
+      }
+      streamFinished = true;
+      reply.raw.end();
+      if (!streamStats.completed) {
+        console.warn("[gateway:codex:stream] upstream stream ended without response.completed", {
+          requestId: request.id,
+          upstreamRequestId: upstream.requestId,
+          account: profileLogLabel(profile),
+          model,
+          bytes: streamStats.bytes,
+          terminalEvent: streamStats.terminalEvent
+        });
+      }
+      pushGatewayRequestLog({
+        method: request.method,
+        endpoint: request.url,
+        account: profileLogLabel(profile),
+        model,
+        statusCode: upstream.status,
+        durationMs: performance.now() - startedAt,
+        source: "Codex",
+        details: {
+          requestId: request.id,
+          upstreamRequestId: upstream.requestId,
+          remoteAddress: request.ip,
+          userAgent: request.headers["user-agent"],
+          request: summarizeResponsesRequest(data),
+          response: {
+            stream: true,
+            passthrough: true,
+            retryCount,
+            completed: streamStats.completed,
+            terminalEvent: streamStats.terminalEvent,
+            bytes: streamStats.bytes
+          }
+        }
+      });
+      return reply;
+    } catch (error) {
+      const quota = error.quota;
+      if (profile && !failureRecorded) {
+        await ctx.authService.recordProfileRequestFailure(profile.profileId, error, quota, "openai-codex");
+      }
+      const normalized = normalizeError(error);
+      const statusCode = getErrorStatusCode(normalized);
+      pushGatewayRequestLog({
+        method: request.method,
+        endpoint: request.url,
+        account: profileLogLabel(profile),
+        model: data.model ?? "default",
+        statusCode,
+        durationMs: performance.now() - startedAt,
+        source: "Codex",
+        details: {
+          requestId: request.id,
+          remoteAddress: request.ip,
+          userAgent: request.headers["user-agent"],
+          request: summarizeResponsesRequest(data),
+          response: {
+            retryCount
+          },
+          error: {
+            message: normalized.message,
+            upstreamStatus: normalized.upstreamStatus,
+            upstreamErrorCode: normalized.upstreamErrorCode,
+            upstreamErrorMessage: normalized.upstreamErrorMessage
+          }
+        }
+      });
+      if (headersCommitted) {
+        streamFinished = true;
+        reply.raw.end();
+        return reply;
+      }
+      throw error;
+    }
+  }
+  app.post("/codex/v1/responses", async (request, reply) => {
+    const startedAt = performance.now();
     const parsed = responsesBodySchema.safeParse(request.body);
     if (!parsed.success) {
+      pushGatewayRequestLog({
+        method: request.method,
+        endpoint: request.url,
+        account: "-",
+        model: "-",
+        statusCode: 400,
+        durationMs: performance.now() - startedAt,
+        source: "Codex",
+        details: {
+          requestId: request.id,
+          remoteAddress: request.ip,
+          userAgent: request.headers["user-agent"],
+          error: {
+            type: "validation_error",
+            message: parsed.error.issues[0]?.message ?? "\u8BF7\u6C42\u4F53\u683C\u5F0F\u9519\u8BEF"
+          }
+        }
+      });
       reply.code(400);
       return {
         error: {
@@ -1273,18 +1590,61 @@ function createApp(params) {
         }
       };
     }
-    if (parsed.data.stream) {
-      reply.code(501);
+    return handleCodexResponsesPassthrough(request, reply, parsed.data, startedAt);
+  });
+  app.post("/v1/responses", async (request, reply) => {
+    const startedAt = performance.now();
+    const parsed = responsesBodySchema.safeParse(request.body);
+    if (!parsed.success) {
+      pushGatewayRequestLog({
+        method: request.method,
+        endpoint: request.url,
+        account: "-",
+        model: "-",
+        statusCode: 400,
+        durationMs: performance.now() - startedAt,
+        source: requestSourceFromUserAgent(request.headers["user-agent"]),
+        details: {
+          requestId: request.id,
+          remoteAddress: request.ip,
+          userAgent: request.headers["user-agent"],
+          error: {
+            type: "validation_error",
+            message: parsed.error.issues[0]?.message ?? "\u8BF7\u6C42\u4F53\u683C\u5F0F\u9519\u8BEF"
+          }
+        }
+      });
+      reply.code(400);
       return {
         error: {
-          type: "not_supported",
-          message: "\u5F53\u524D\u7F51\u5173\u6682\u4E0D\u652F\u6301 stream=true"
+          type: "validation_error",
+          message: parsed.error.issues[0]?.message ?? "\u8BF7\u6C42\u4F53\u683C\u5F0F\u9519\u8BEF"
         }
       };
     }
+    const wantsEventStream = typeof request.headers.accept === "string" && request.headers.accept.toLowerCase().includes("text/event-stream");
     const input = extractTextInput(parsed.data.input);
     const hasInput = typeof parsed.data.input !== "undefined" || typeof parsed.data.experimental_codex?.body?.input !== "undefined";
     if (!hasInput) {
+      pushGatewayRequestLog({
+        method: request.method,
+        endpoint: request.url,
+        account: "-",
+        model: parsed.data.model ?? "default",
+        statusCode: 400,
+        durationMs: performance.now() - startedAt,
+        source: requestSourceFromUserAgent(request.headers["user-agent"]),
+        details: {
+          requestId: request.id,
+          remoteAddress: request.ip,
+          userAgent: request.headers["user-agent"],
+          request: summarizeResponsesRequest(parsed.data),
+          error: {
+            type: "validation_error",
+            message: "\u6CA1\u6709\u63D0\u4F9B input\uFF0C\u4E5F\u6CA1\u6709\u5728 experimental_codex.body \u91CC\u900F\u4F20 input"
+          }
+        }
+      });
       reply.code(400);
       return {
         error: {
@@ -1293,34 +1653,35 @@ function createApp(params) {
         }
       };
     }
-    const codexBody = {
-      ...parsed.data.experimental_codex?.body ?? {}
-    };
-    const normalizedInput = normalizeResponseInput(parsed.data.input);
-    if (typeof normalizedInput !== "undefined") {
-      codexBody.input = normalizedInput;
-    }
-    if (typeof parsed.data.instructions === "string") {
-      codexBody.instructions = parsed.data.instructions;
-    }
-    if (parsed.data.tools) {
-      codexBody.tools = parsed.data.tools;
-    }
-    if (typeof parsed.data.tool_choice !== "undefined") {
-      codexBody.tool_choice = parsed.data.tool_choice;
-    }
-    if (parsed.data.include) {
-      codexBody.include = parsed.data.include;
-    }
-    if (parsed.data.text) {
-      codexBody.text = parsed.data.text;
-    }
-    if (typeof parsed.data.store === "boolean") {
-      codexBody.store = parsed.data.store;
-    }
-    if (typeof parsed.data.parallel_tool_calls === "boolean") {
-      codexBody.parallel_tool_calls = parsed.data.parallel_tool_calls;
+    if (parsed.data.stream || wantsEventStream) {
+      pushGatewayRequestLog({
+        method: request.method,
+        endpoint: request.url,
+        account: "-",
+        model: parsed.data.model ?? "default",
+        statusCode: 501,
+        durationMs: performance.now() - startedAt,
+        source: requestSourceFromUserAgent(request.headers["user-agent"]),
+        details: {
+          requestId: request.id,
+          remoteAddress: request.ip,
+          userAgent: request.headers["user-agent"],
+          request: summarizeResponsesRequest(parsed.data),
+          error: {
+            type: "not_supported",
+            message: "\u666E\u901A Responses stream \u5C1A\u672A\u5B9E\u73B0\uFF1BCodex custom provider \u8BF7\u6C42\u4F1A\u8D70\u4E13\u7528\u900F\u4F20\u8DEF\u5F84\u3002"
+          }
+        }
+      });
+      reply.code(501);
+      return {
+        error: {
+          type: "not_supported",
+          message: "\u666E\u901A Responses stream \u5C1A\u672A\u5B9E\u73B0\uFF1BCodex custom provider \u8BF7\u6C42\u4F1A\u8D70\u4E13\u7528\u900F\u4F20\u8DEF\u5F84\u3002"
+        }
+      };
     }
+    const codexBody = createResponsesCodexBody(parsed.data);
     const result = await ctx.chatService.chat({
       model: parsed.data.model,
       input: input || void 0,

package/docs/API_USAGE.md

@@ -59,6 +59,23 @@ The gateway accepts OpenClaw-style `chat.completions` requests with `tools`, `to
 
 OpenClaw requests are visible in the management console request log when the client sends an OpenClaw user agent. The log keeps safe summaries only; it does not store full access tokens.
 
+## Codex Custom Provider
+
+Codex CLI/Desktop can route model traffic through AI Zero Token by using a custom Responses provider in `~/.codex/config.toml`. The management console Settings page can write this automatically with "接管 Codex 请求" and remove it with "解除接管":
+
+```toml
+model = "gpt-5.4"
+model_provider = "ai-zero-token"
+
+[model_providers.ai-zero-token]
+name = "AI Zero Token"
+base_url = "http://127.0.0.1:8787/codex/v1"
+wire_api = "responses"
+supports_websockets = false
+```
+
+Codex sends `POST /codex/v1/responses` with `Accept: text/event-stream`; the gateway forwards that request to the active Codex OAuth account and streams upstream Responses SSE events back to Codex. The regular `/v1/*` routes remain OpenAI-compatible API routes for non-Codex clients.
+
 ## Models
 
 ```bash
@@ -196,7 +213,7 @@ console.log(response.choices[0]?.message?.content);
 
 - Login first through the management page or `azt login`.
 - A model appearing in `/v1/models` means the local Codex cache lists it. Final availability still depends on the active account.
-- `stream=true` is supported for `/v1/chat/completions` through OpenAI-style SSE chunks. `/v1/responses` streaming is still not implemented.
+- `stream=true` is supported for `/v1/chat/completions` through OpenAI-style SSE chunks. Codex passthrough streaming is isolated under `/codex/v1/responses`.
 - `n > 1` is not supported for `/v1/chat/completions`.
 - Tool/function calling is supported for common OpenAI-compatible clients, including OpenClaw, but exact upstream behavior still depends on the active Codex model and account.
 - The default listener is `0.0.0.0:8787`, so local-network clients can call the gateway by using the machine IP.

package/docs/DESKTOP_RELEASE.md

@@ -2,6 +2,17 @@
 
 This project ships the desktop app with Electron. The desktop main process starts the existing local Fastify gateway and loads the React management UI served by that gateway.
 
+## 2.0.5 Release Notes
+
+Version `2.0.5` adds Codex custom provider routing and finer account rotation controls:
+
+- Settings-page Codex provider setup for writing or removing the AI Zero Token managed `~/.codex/config.toml` provider.
+- Local and remote Codex gateway URL modes, including automatic normalization to `/codex/v1`.
+- Dedicated `POST /codex/v1/responses` passthrough route for Codex CLI/Desktop Responses SSE traffic.
+- Provider status reporting in the management console, including active provider, base URL, and config path.
+- Auto-switch exclusion list for accounts that should not participate in automatic quota rotation.
+- Safer settings persistence through normalized loads, deduplicated profile IDs, queued saves, and atomic writes.
+
 ## 2.0.4 Release Notes
 
 Version `2.0.4` adds the macOS menu-bar account panel and OpenClaw compatibility work:
@@ -103,7 +114,7 @@ AI Zero Token Setup {version}.exe
 AI Zero Token-{version}-win.zip
 ```
 
-For `2.0.4`, replace `{version}` with `2.0.4`.
+For `2.0.5`, replace `{version}` with `2.0.5`.
 
 Artifact purpose:
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ai-zero-token",
-  "version": "2.0.4",
+  "version": "2.0.5",
   "description": "Local-first OpenAI-compatible AI CLI and gateway with Codex OAuth, multi-account management, and gpt-image-2 image generation/editing.",
   "license": "MIT",
   "author": "AI Zero Token Contributors",

package/admin-ui/dist/assets/settings-0eXUAvcm.js

@@ -1 +0,0 @@
-import{a as e,n as t,r as n,t as r}from"./jsx-runtime-DqpGtLhh.js";import{t as i}from"./refresh-cw-CAAH2rqe.js";import{w as a}from"./profiles-DMOjJORP.js";import{_ as o,p as s,r as c}from"./index-rgcJgVAu.js";var l=t(`settings-2`,[[`path`,{d:`M14 17H5`,key:`gfn3mx`}],[`path`,{d:`M19 7h-9`,key:`6i9tg`}],[`circle`,{cx:`17`,cy:`17`,r:`3`,key:`18b49y`}],[`circle`,{cx:`7`,cy:`7`,r:`3`,key:`dfmy0x`}]]),u=e(n(),1),d=r();function f(e){return{defaultModel:e.settings.defaultModel,proxyEnabled:e.settings.networkProxy.enabled,proxyUrl:e.settings.networkProxy.url,proxyNoProxy:e.settings.networkProxy.noProxy||`localhost,127.0.0.1,::1`,autoSwitchEnabled:e.settings.autoSwitch.enabled,quotaSyncConcurrency:String(e.settings.runtime?.quotaSyncConcurrency||16),serverPort:String(e.settings.server.port||8787)}}function p(e){let[t,n]=(0,u.useState)({defaultModel:``,proxyEnabled:!1,proxyUrl:``,proxyNoProxy:`localhost,127.0.0.1,::1`,autoSwitchEnabled:!1,quotaSyncConcurrency:`16`,serverPort:`8787`}),[r,p]=(0,u.useState)(!1);(0,u.useEffect)(()=>{!e.config||r||n(f(e.config))},[e.config,r]);function m(e){n(t=>({...t,...e})),p(!0)}async function h(n){let r=Number.parseInt(t.serverPort,10);if(!Number.isInteger(r)||r<1||r>65535){e.setStatus(`端口必须是 1 到 65535 之间的整数。`);return}let i=Number.parseInt(t.quotaSyncConcurrency,10);if(!Number.isInteger(i)||i<1||i>32){e.setStatus(`全局额度刷新并发数必须是 1 到 32 之间的整数。`);return}let o=n?.restart?`restart`:`settings`;e.setBusy(o);try{let o=await s(`/_gateway/admin/settings`,{method:`PUT`,headers:{"Content-Type":`application/json`},body:a({defaultModel:t.defaultModel,networkProxy:{enabled:t.proxyEnabled,url:t.proxyUrl,noProxy:t.proxyNoProxy},autoSwitch:{enabled:t.autoSwitchEnabled},runtime:{quotaSyncConcurrency:i},server:{port:r}})});e.setConfig(o),p(!1),n?.restart?(e.setStatus(`设置已保存，正在重启本地网关...`),await s(`/_gateway/admin/restart`,{method:`POST`}),e.setStatus(`本地网关正在重启，页面会自动恢复。`)):e.setStatus(`设置已保存。`)}catch(t){e.setStatus(c(t))}finally{e.setBusy(null)}}async function g(){e.setBusy(`proxy`);try{let n=await s(`/_gateway/admin/settings/proxy-test`,{method:`POST`,headers:{"Content-Type":`application/json`},body:a({networkProxy:{enabled:t.proxyEnabled,url:t.proxyUrl,noProxy:t.proxyNoProxy}})});e.setStatus(`代理测试通过: HTTP ${n.status}，耗时 ${n.elapsedMs} ms。`)}catch(t){e.setStatus(`代理测试失败: ${c(t)}`)}finally{e.setBusy(null)}}async function _(){e.setBusy(`models`);try{await s(`/_gateway/models/refresh`,{method:`POST`}),await e.refreshConfig({silent:!0}),e.setStatus(`Codex 模型列表已同步。`)}catch(t){e.setStatus(c(t))}finally{e.setBusy(null)}}return(0,d.jsxs)(`section`,{className:`settings-page`,children:[(0,d.jsxs)(`div`,{className:`settings-page-head`,children:[(0,d.jsxs)(`div`,{children:[(0,d.jsxs)(`div`,{className:`settings-page-kicker`,children:[(0,d.jsx)(l,{size:14}),`系统设置`]}),(0,d.jsx)(`h2`,{children:`本地网关和运行策略`}),(0,d.jsx)(`p`,{children:`设置会保存到本地状态目录，CLI、桌面端和本地服务共享。`})]}),(0,d.jsx)(`div`,{className:`settings-page-actions`,children:(0,d.jsxs)(`button`,{className:`btn-secondary`,type:`button`,onClick:_,disabled:e.busy===`models`,children:[e.busy===`models`?(0,d.jsx)(o,{className:`spin`,size:16}):(0,d.jsx)(i,{size:16}),`同步 Codex 模型`]})})]}),(0,d.jsxs)(`div`,{className:`settings-grid`,children:[(0,d.jsxs)(`section`,{className:`settings-section`,children:[(0,d.jsx)(`h4`,{children:`模型`}),(0,d.jsxs)(`label`,{className:`field`,children:[(0,d.jsx)(`span`,{children:`默认文本模型`}),(0,d.jsx)(`select`,{className:`control`,value:t.defaultModel,onChange:e=>m({defaultModel:e.target.value}),children:(e.config?.models||[]).map(e=>(0,d.jsx)(`option`,{value:e.id,children:e.id},e.id))})]}),(0,d.jsxs)(`p`,{className:`hint`,children:[`模型列表来源：`,e.config?.modelCatalog.source||`-`,`，共 `,e.config?.modelCatalog.modelCount||0,` 个。`]})]}),(0,d.jsxs)(`section`,{className:`settings-section`,children:[(0,d.jsx)(`h4`,{children:`上游代理`}),(0,d.jsxs)(`label`,{className:`switch-line`,children:[(0,d.jsx)(`input`,{type:`checkbox`,checked:t.proxyEnabled,onChange:e=>m({proxyEnabled:e.target.checked})}),(0,d.jsx)(`span`,{children:`启用 OAuth、模型刷新和接口转发代理`})]}),(0,d.jsxs)(`label`,{className:`field`,children:[(0,d.jsx)(`span`,{children:`代理地址`}),(0,d.jsx)(`input`,{className:`input`,value:t.proxyUrl,onChange:e=>m({proxyUrl:e.target.value}),placeholder:`http://127.0.0.1:7890`})]}),(0,d.jsxs)(`label`,{className:`field`,children:[(0,d.jsx)(`span`,{children:`No Proxy`}),(0,d.jsx)(`input`,{className:`input`,value:t.proxyNoProxy,onChange:e=>m({proxyNoProxy:e.target.value})})]}),(0,d.jsx)(`button`,{className:`btn-secondary`,type:`button`,onClick:g,disabled:e.busy===`proxy`,children:`测试代理`})]}),(0,d.jsxs)(`section`,{className:`settings-section`,children:[(0,d.jsx)(`h4`,{children:`端口`}),(0,d.jsxs)(`label`,{className:`field`,children:[(0,d.jsx)(`span`,{children:`网关端口`}),(0,d.jsx)(`input`,{className:`input`,inputMode:`numeric`,type:`number`,min:1,max:65535,value:t.serverPort,onChange:e=>m({serverPort:e.target.value})})]}),(0,d.jsx)(`p`,{className:`hint`,children:`修改后重启本地网关生效，桌面窗口不会退出。若端口被占用，启动时会自动顺延到下一个可用端口。`})]}),(0,d.jsxs)(`section`,{className:`settings-section`,children:[(0,d.jsx)(`h4`,{children:`账号运行策略`}),(0,d.jsxs)(`label`,{className:`switch-line`,children:[(0,d.jsx)(`input`,{type:`checkbox`,checked:t.autoSwitchEnabled,onChange:e=>m({autoSwitchEnabled:e.target.checked})}),(0,d.jsx)(`span`,{children:`当前 API 账号额度耗尽后自动切换到下一个仍有额度的账号`})]}),(0,d.jsxs)(`label`,{className:`field`,children:[(0,d.jsx)(`span`,{children:`全局额度刷新并发数`}),(0,d.jsx)(`input`,{className:`input`,inputMode:`numeric`,max:32,min:1,type:`number`,value:t.quotaSyncConcurrency,onChange:e=>m({quotaSyncConcurrency:e.target.value})})]}),(0,d.jsx)(`p`,{className:`hint`,children:`手动刷新全部账号额度时使用，默认 16。账号很多可以调高，遇到限流或失败增多时调低。`}),(0,d.jsx)(`p`,{className:`hint`,children:e.status})]}),(0,d.jsxs)(`section`,{className:`settings-section`,children:[(0,d.jsx)(`h4`,{children:`显示`}),(0,d.jsxs)(`label`,{className:`switch-line`,children:[(0,d.jsx)(`input`,{type:`checkbox`,checked:e.showEmails,onChange:t=>e.setShowEmails(t.target.checked)}),(0,d.jsx)(`span`,{children:`脱敏模式`})]}),(0,d.jsx)(`p`,{className:`hint`,children:`开启后账号邮箱将以脱敏形式展示。`})]})]}),(0,d.jsxs)(`div`,{className:`settings-page-actions settings-page-footer-actions`,children:[(0,d.jsx)(`button`,{className:`btn-secondary`,type:`button`,onClick:()=>void h(),disabled:e.busy===`settings`||e.busy===`restart`||!r,children:`保存设置`}),(0,d.jsx)(`button`,{className:`btn-primary`,type:`button`,onClick:()=>void h({restart:!0}),disabled:e.busy===`settings`||e.busy===`restart`||!r||!e.config?.restartSupported,children:`保存并重启网关`})]})]})}export{p as SettingsPage};