ai-zero-token 2.0.6 → 2.0.8

package/dist/server/app.js

@@ -1,6 +1,7 @@
 #!/usr/bin/env node
 import { randomUUID } from "node:crypto";
 import fs from "node:fs/promises";
+import { networkInterfaces } from "node:os";
 import path from "node:path";
 import { Readable } from "node:stream";
 import { promisify } from "node:util";
@@ -15,13 +16,18 @@ import Fastify from "fastify";
 import cors from "@fastify/cors";
 import { z } from "zod";
 import { createGatewayContext } from "../core/context.js";
-import { requestText } from "../core/providers/http-client.js";
+import { isTransientHttpError, requestText } from "../core/providers/http-client.js";
 import { streamOpenAICodex } from "../core/providers/openai-codex/chat.js";
 import { generateChatGPTWebImage } from "../core/providers/openai-codex/chatgpt-web-image.js";
 const packageRoot = path.dirname(fileURLToPath(new URL("../../package.json", import.meta.url)));
 const adminUiDistDir = path.join(packageRoot, "admin-ui", "dist");
 const adminUiIndexPath = path.join(adminUiDistDir, "index.html");
+const BYTES_PER_MIB = 1024 * 1024;
 const MAX_GATEWAY_REQUEST_LOGS = 100;
+const MAX_CODEX_RESPONSE_PROFILE_BINDINGS = 5e3;
+const CODEX_STREAM_DRAIN_AFTER_CLIENT_CLOSE_MS = 3e4;
+const DEFAULT_ROUTE_BODY_LIMIT_BYTES = 128 * BYTES_PER_MIB;
+const CODEX_COMPACT_BODY_LIMIT_BYTES = 256 * BYTES_PER_MIB;
 const gunzipAsync = promisify(gunzip);
 const inflateAsync = promisify(inflate);
 const brotliDecompressAsync = promisify(brotliDecompress);
@@ -248,20 +254,47 @@ function isObjectRecord(value) {
 function tokenNumber(value) {
   return typeof value === "number" && Number.isFinite(value) && value >= 0 ? Math.trunc(value) : null;
 }
+function sumTokenNumbers(value, keys) {
+  if (!value) {
+    return null;
+  }
+  let total = 0;
+  let seen = false;
+  for (const key of keys) {
+    const item = tokenNumber(value[key]);
+    if (item !== null) {
+      total += item;
+      seen = true;
+    }
+  }
+  return seen ? total : null;
+}
 function normalizeTokenUsage(value) {
   if (!isObjectRecord(value)) {
     return null;
   }
   const inputTokens = tokenNumber(value.input_tokens ?? value.prompt_tokens);
   const outputTokens = tokenNumber(value.output_tokens ?? value.completion_tokens);
-  const totalTokens = tokenNumber(value.total_tokens) ?? (inputTokens !== null || outputTokens !== null ? (inputTokens ?? 0) + (outputTokens ?? 0) : null);
-  if (inputTokens === null && outputTokens === null && totalTokens === null) {
+  const inputDetails = isObjectRecord(value.input_tokens_details) ? value.input_tokens_details : null;
+  const promptDetails = isObjectRecord(value.prompt_tokens_details) ? value.prompt_tokens_details : null;
+  const cacheCreation = isObjectRecord(value.cache_creation) ? value.cache_creation : null;
+  const openAiCachedTokens = tokenNumber(inputDetails?.cached_tokens ?? promptDetails?.cached_tokens);
+  const cacheReadTokens = openAiCachedTokens ?? tokenNumber(value.cache_read_input_tokens ?? value.cached_tokens);
+  const cacheCreationTokens = tokenNumber(value.cache_creation_input_tokens ?? value.cache_creation_tokens) ?? tokenNumber(inputDetails?.cache_creation_tokens ?? promptDetails?.cache_creation_tokens) ?? sumTokenNumbers(cacheCreation, ["ephemeral_5m_input_tokens", "ephemeral_1h_input_tokens"]);
+  const inputIncludesCacheRead = openAiCachedTokens !== null;
+  const inferredTotalTokens = inputTokens !== null || outputTokens !== null || cacheReadTokens !== null || cacheCreationTokens !== null ? (inputTokens ?? 0) + (outputTokens ?? 0) + (inputIncludesCacheRead ? 0 : cacheReadTokens ?? 0) + (cacheCreationTokens ?? 0) : null;
+  const totalTokens = tokenNumber(value.total_tokens) ?? inferredTotalTokens;
+  const uncachedInputTokens = inputTokens !== null ? inputIncludesCacheRead ? Math.max(0, inputTokens - (cacheReadTokens ?? 0)) : inputTokens : null;
+  if (inputTokens === null && outputTokens === null && totalTokens === null && cacheReadTokens === null && cacheCreationTokens === null) {
     return null;
   }
   return {
     inputTokens,
+    uncachedInputTokens,
     outputTokens,
-    totalTokens
+    totalTokens,
+    cacheCreationTokens,
+    cacheReadTokens
   };
 }
 function extractTokenUsage(value, depth = 0) {
@@ -302,6 +335,40 @@ function imageUsageToTokenUsage(usage) {
     totalTokens: usage.total_tokens
   };
 }
+function buildResponsesUsagePayload(usage) {
+  if (!usage) {
+    return void 0;
+  }
+  const inputTokens = tokenNumber(usage.inputTokens) ?? 0;
+  const outputTokens = tokenNumber(usage.outputTokens) ?? 0;
+  const totalTokens = tokenNumber(usage.totalTokens) ?? inputTokens + outputTokens;
+  const cacheReadTokens = tokenNumber(usage.cacheReadTokens);
+  const cacheCreationTokens = tokenNumber(usage.cacheCreationTokens);
+  return {
+    input_tokens: inputTokens,
+    output_tokens: outputTokens,
+    total_tokens: totalTokens,
+    ...cacheReadTokens !== null ? { input_tokens_details: { cached_tokens: cacheReadTokens } } : {},
+    ...cacheCreationTokens !== null ? { cache_creation_input_tokens: cacheCreationTokens } : {}
+  };
+}
+function buildChatCompletionsUsagePayload(usage) {
+  if (!usage) {
+    return void 0;
+  }
+  const promptTokens = tokenNumber(usage.inputTokens) ?? 0;
+  const completionTokens = tokenNumber(usage.outputTokens) ?? 0;
+  const totalTokens = tokenNumber(usage.totalTokens) ?? promptTokens + completionTokens;
+  const cacheReadTokens = tokenNumber(usage.cacheReadTokens);
+  const cacheCreationTokens = tokenNumber(usage.cacheCreationTokens);
+  return {
+    prompt_tokens: promptTokens,
+    completion_tokens: completionTokens,
+    total_tokens: totalTokens,
+    ...cacheReadTokens !== null ? { prompt_tokens_details: { cached_tokens: cacheReadTokens } } : {},
+    ...cacheCreationTokens !== null ? { cache_creation_input_tokens: cacheCreationTokens } : {}
+  };
+}
 function extractUsageErrorType(details, statusCode) {
   const error = isObjectRecord(details?.error) ? details.error : null;
   const upstreamErrorCode = error?.upstreamErrorCode;
@@ -610,9 +677,23 @@ function summarizeResponsesRequest(data, endpoint = "/v1/responses") {
     toolNamesTruncated: toolNames.length > 50,
     toolChoice: typeof data.tool_choice === "undefined" ? "default" : typeof data.tool_choice,
     parallelToolCalls: data.parallel_tool_calls,
-    hasReasoning: Boolean(data.reasoning)
+    hasReasoning: Boolean(data.reasoning),
+    hasPreviousResponseId: Boolean(getPreviousResponseId(data))
   };
 }
+function getPreviousResponseId(data) {
+  const direct = data.previous_response_id;
+  if (typeof direct === "string" && direct.trim()) {
+    return direct.trim();
+  }
+  const experimental = data.experimental_codex?.body?.previous_response_id;
+  return typeof experimental === "string" && experimental.trim() ? experimental.trim() : void 0;
+}
+function removePreviousResponseId(body) {
+  const next = { ...body };
+  delete next.previous_response_id;
+  return next;
+}
 function createResponsesCodexBody(data) {
   const experimentalBody = data.experimental_codex?.body ?? {};
   const body = {
@@ -774,6 +855,7 @@ function summarizeCodexChatBody(body) {
     model: body.model ?? "default",
     stream: body.stream,
     store: body.store,
+    hasPromptCacheKey: typeof body.prompt_cache_key === "string" && body.prompt_cache_key.trim().length > 0,
     inputItems: Array.isArray(body.input) ? body.input.length : void 0,
     tools: Array.isArray(body.tools) ? body.tools.length : void 0,
     toolNames: toolNames.slice(0, 50),
@@ -914,10 +996,12 @@ function summarizeImageEditRequestForLog(body) {
   };
 }
 function buildResponseApiBody(result, includeRaw) {
+  const usage = buildResponsesUsagePayload(extractTokenUsage(result.raw));
   const responseBody = {
     object: "response",
     provider: result.provider,
     model: result.model,
+    ...usage ? { usage } : {},
     output_text: result.text,
     output: [
       {
@@ -942,11 +1026,13 @@ function buildResponseApiBody(result, includeRaw) {
 }
 function buildChatCompletionsBody(result) {
   const hasToolCalls = result.toolCalls.length > 0;
+  const usage = buildChatCompletionsUsagePayload(extractTokenUsage(result.raw));
   const body = {
     id: `chatcmpl_${randomUUID().replace(/-/g, "")}`,
     object: "chat.completion",
     created: Math.floor(Date.now() / 1e3),
     model: result.model,
+    ...usage ? { usage } : {},
     choices: [
       {
         index: 0,
@@ -984,7 +1070,7 @@ function buildChatCompletionChunk(params) {
     ]
   };
 }
-function sendChatCompletionsStream(reply, result) {
+function sendChatCompletionsStream(reply, result, includeUsage = false) {
   const id = `chatcmpl_${randomUUID().replace(/-/g, "")}`;
   const created = Math.floor(Date.now() / 1e3);
   reply.raw.writeHead(200, {
@@ -1034,6 +1120,17 @@ function sendChatCompletionsStream(reply, result) {
     delta: {},
     finishReason: result.toolCalls.length > 0 ? "tool_calls" : "stop"
   }));
+  const usage = includeUsage ? buildChatCompletionsUsagePayload(extractTokenUsage(result.raw)) : void 0;
+  if (usage) {
+    writeChatCompletionsSseEvent(reply, {
+      id,
+      object: "chat.completion.chunk",
+      created,
+      model: result.model,
+      choices: [],
+      usage
+    });
+  }
   reply.raw.write("data: [DONE]\n\n");
   reply.raw.end();
 }
@@ -1118,6 +1215,57 @@ function resolveOrigin(request) {
   }
   return "http://127.0.0.1:8787";
 }
+function isLoopbackHost(host) {
+  return host === "localhost" || host === "127.0.0.1" || host === "::1" || host === "[::1]";
+}
+function isPrivateIpv4(address) {
+  if (address.startsWith("10.")) {
+    return true;
+  }
+  if (address.startsWith("192.168.")) {
+    return true;
+  }
+  const match = address.match(/^172\.(\d+)\./);
+  if (!match) {
+    return false;
+  }
+  const second = Number.parseInt(match[1] ?? "", 10);
+  return second >= 16 && second <= 31;
+}
+function getLanIpv4Addresses() {
+  const seen = /* @__PURE__ */ new Set();
+  const addresses = [];
+  const interfaces = networkInterfaces();
+  for (const [name, details] of Object.entries(interfaces)) {
+    for (const detail of details ?? []) {
+      const family = String(detail.family);
+      const isIpv4 = family === "IPv4" || family === "4";
+      if (!isIpv4 || detail.internal || seen.has(detail.address)) {
+        continue;
+      }
+      if (detail.address === "0.0.0.0" || detail.address.startsWith("127.") || detail.address.startsWith("169.254.")) {
+        continue;
+      }
+      seen.add(detail.address);
+      addresses.push({
+        address: detail.address,
+        label: name,
+        private: isPrivateIpv4(detail.address)
+      });
+    }
+  }
+  return addresses.sort((left, right) => Number(right.private) - Number(left.private) || left.address.localeCompare(right.address, "en")).map(({ address, label }) => ({ address, label }));
+}
+function createShareAddress(protocol, host, port, label) {
+  const origin = `${protocol}://${host}:${port}`;
+  return {
+    host,
+    label,
+    adminUrl: `${origin}/`,
+    baseUrl: `${origin}/v1`,
+    codexBaseUrl: `${origin}/codex/v1`
+  };
+}
 function normalizeError(error) {
   return error instanceof Error ? error : new Error(String(error));
 }
@@ -1139,18 +1287,39 @@ function getErrorStatusCode(error) {
   }
   return 500;
 }
-function isQuotaLimitError(error) {
-  const normalized = normalizeError(error);
-  const marker = `${normalized.upstreamErrorCode ?? ""} ${normalized.upstreamErrorType ?? ""} ${normalized.message}`.toLowerCase();
-  return normalized.upstreamStatus === 429 || marker.includes("usage_limit_reached");
+function formatBytesAsMiB(bytes) {
+  if (typeof bytes !== "number" || !Number.isFinite(bytes) || bytes <= 0) {
+    return "\u672A\u77E5";
+  }
+  return `${Math.round(bytes / BYTES_PER_MIB * 10) / 10} MB`;
 }
 function createSseStreamStats() {
   return {
     buffer: "",
     bytes: 0,
-    completed: false
+    completed: false,
+    responseIds: /* @__PURE__ */ new Set(),
+    tokenUsage: null,
+    parseErrorCount: 0
   };
 }
+function extractSseResponseId(value) {
+  if (!isObjectRecord(value)) {
+    return void 0;
+  }
+  const directId = value.id;
+  if (typeof directId === "string" && directId.startsWith("resp_")) {
+    return directId;
+  }
+  const response = value.response;
+  if (isObjectRecord(response) && typeof response.id === "string" && response.id.startsWith("resp_")) {
+    return response.id;
+  }
+  return void 0;
+}
+function isSseTerminalUsageEvent(eventType) {
+  return eventType === "response.completed" || eventType === "response.done" || eventType === "response.failed" || eventType === "response.incomplete";
+}
 function trackSseChunk(stats, chunk) {
   const text = typeof chunk === "string" ? chunk : chunk instanceof Uint8Array ? Buffer.from(chunk).toString("utf8") : String(chunk);
   stats.bytes += Buffer.byteLength(text);
@@ -1168,10 +1337,19 @@ function trackSseChunk(stats, chunk) {
         if (typeof parsed.type === "string") {
           eventType = parsed.type;
         }
+        const responseId = extractSseResponseId(parsed);
+        if (responseId) {
+          stats.responseIds.add(responseId);
+        }
+        const tokenUsage = isSseTerminalUsageEvent(eventType) ? extractTokenUsage(parsed) : null;
+        if (tokenUsage) {
+          stats.tokenUsage = tokenUsage;
+        }
       } catch {
+        stats.parseErrorCount += 1;
       }
     }
-    if (eventType === "response.completed") {
+    if (eventType === "response.completed" || eventType === "response.done") {
       stats.completed = true;
       stats.terminalEvent = eventType;
     } else if (eventType === "response.failed" || eventType === "response.incomplete") {
@@ -1183,10 +1361,30 @@ function trackSseChunk(stats, chunk) {
     stats.buffer = stats.buffer.slice(-65536);
   }
 }
+function sseTokenUsageStatus(stats, statusCode) {
+  if (stats.tokenUsage) {
+    return "captured";
+  }
+  if (statusCode < 200 || statusCode >= 400) {
+    return "upstream_error";
+  }
+  if (stats.parseErrorCount > 0 && !stats.terminalEvent) {
+    return "parse_failed";
+  }
+  if (!stats.terminalEvent) {
+    return "missing_terminal";
+  }
+  if (isSseTerminalUsageEvent(stats.terminalEvent)) {
+    return "terminal_without_usage";
+  }
+  return "not_returned";
+}
 function createApp(params) {
+  const defaultBodyLimit = params?.bodyLimit ?? DEFAULT_ROUTE_BODY_LIMIT_BYTES;
+  const codexCompactBodyLimit = Math.max(defaultBodyLimit, CODEX_COMPACT_BODY_LIMIT_BYTES);
   const app = Fastify({
     logger: false,
-    bodyLimit: params?.bodyLimit
+    bodyLimit: defaultBodyLimit
   });
   app.removeContentTypeParser("application/json");
   app.addContentTypeParser(
@@ -1198,6 +1396,22 @@ function createApp(params) {
   );
   const ctx = createGatewayContext();
   const gatewayRequestLogs = [];
+  const codexResponseProfileBindings = /* @__PURE__ */ new Map();
+  function rememberCodexResponseProfile(responseId, profile) {
+    codexResponseProfileBindings.set(responseId, {
+      profileId: profile.profileId,
+      accountId: profile.accountId,
+      seenAt: Date.now()
+    });
+    if (codexResponseProfileBindings.size <= MAX_CODEX_RESPONSE_PROFILE_BINDINGS) {
+      return;
+    }
+    const overflow = codexResponseProfileBindings.size - MAX_CODEX_RESPONSE_PROFILE_BINDINGS;
+    const oldest = Array.from(codexResponseProfileBindings.entries()).sort((left, right) => left[1].seenAt - right[1].seenAt).slice(0, overflow);
+    for (const [key] of oldest) {
+      codexResponseProfileBindings.delete(key);
+    }
+  }
   function pushGatewayRequestLog(log) {
     const entry = {
       id: log.id ?? randomUUID(),
@@ -1231,6 +1445,7 @@ function createApp(params) {
       accountLabel: entry.account,
       planType: profile?.quota?.planType,
       tokenUsage: log.usage?.tokenUsage,
+      tokenUsageStatus: log.usage?.tokenUsageStatus,
       imageCount: log.usage?.imageCount,
       imageRoute: log.usage?.imageRoute ?? "none",
       errorType: log.usage?.errorType ?? extractUsageErrorType(log.details, entry.statusCode)
@@ -1246,18 +1461,22 @@ function createApp(params) {
   app.setErrorHandler((error, request, reply) => {
     const normalized = normalizeError(error);
     const statusCode = getErrorStatusCode(normalized);
+    const isBodyTooLarge = statusCode === 413;
+    const message = isBodyTooLarge ? `\u8BF7\u6C42\u4F53\u8FC7\u5927\uFF0C\u5F53\u524D\u7F51\u5173\u9ED8\u8BA4\u4E0A\u9650 ${formatBytesAsMiB(defaultBodyLimit)}\uFF0CCodex compact \u4E0A\u9650 ${formatBytesAsMiB(codexCompactBodyLimit)}\u3002\u5982\u4ECD\u4E0D\u591F\uFF0C\u8BF7\u7528 AZT_BODY_LIMIT_MB \u8C03\u5927\u540E\u91CD\u542F\u7F51\u5173\u3002` : normalized.message;
     console.error("[gateway:error]", {
       method: request.method,
       url: request.url,
       statusCode,
-      message: normalized.message,
+      message,
+      code: normalized.code,
+      upstreamRequestId: normalized.requestId,
       stack: normalized.stack
     });
     reply.code(statusCode);
     return {
       error: {
         type: "gateway_error",
-        message: normalized.message
+        message
       }
     };
   });
@@ -1265,6 +1484,7 @@ function createApp(params) {
     data: gatewayRequestLogs
   }));
   app.get("/_gateway/admin/usage", async () => ctx.usageService.getSummary());
+  app.post("/_gateway/admin/usage/reset", async () => ctx.usageService.backupAndReset());
   async function buildAdminConfig(request) {
     const [status, models, modelCatalog, versionStatus, settings, profile, profiles, codexStatus, usage] = await Promise.all([
       ctx.authService.getStatus(),
@@ -1404,6 +1624,26 @@ function createApp(params) {
     };
   });
   app.get("/_gateway/admin/config", async (request) => buildAdminConfig(request));
+  app.get("/_gateway/admin/share", async (request) => {
+    const status = await ctx.authService.getStatus();
+    const protocol = request.protocol === "https" ? "https" : "http";
+    const port = request.raw.socket.localPort || status.serverPort;
+    const serverHost = status.serverHost || "0.0.0.0";
+    const lanReachable = serverHost === "0.0.0.0" || serverHost === "::" || !isLoopbackHost(serverHost);
+    const addresses = getLanIpv4Addresses().map((item) => createShareAddress(protocol, item.address, port, item.label));
+    const requestHost = request.headers.host?.replace(/:\d+$/u, "");
+    if (requestHost && !isLoopbackHost(requestHost) && !addresses.some((item) => item.host === requestHost)) {
+      addresses.unshift(createShareAddress(protocol, requestHost, port, "\u5F53\u524D\u8BBF\u95EE\u5730\u5740"));
+    }
+    return {
+      primary: lanReachable ? addresses[0] ?? null : null,
+      addresses,
+      local: createShareAddress(protocol, "127.0.0.1", port, "\u672C\u673A"),
+      serverHost,
+      serverPort: port,
+      lanReachable
+    };
+  });
   app.post("/_gateway/admin/login", async (request) => {
     await ctx.authService.login("openai-codex");
     await ctx.authService.syncActiveProfileQuota("openai-codex", {
@@ -1776,20 +2016,68 @@ function createApp(params) {
     const abortController = new AbortController();
     let streamFinished = false;
     let headersCommitted = false;
+    let clientDisconnected = false;
+    let clientDrainTimer = null;
     let profile = null;
     let retryCount = 0;
     let failureRecorded = false;
     let codexImageRoute = "none";
+    const originalPreviousResponseId = getPreviousResponseId(data);
+    let adventureFallbackUsed = false;
+    let adventureFallbackReason;
     reply.raw.on("close", () => {
       if (!streamFinished) {
-        abortController.abort();
+        clientDisconnected = true;
+        if (!headersCommitted) {
+          abortController.abort();
+          return;
+        }
+        clientDrainTimer = setTimeout(() => {
+          abortController.abort();
+        }, CODEX_STREAM_DRAIN_AFTER_CLIENT_CLOSE_MS);
+        clientDrainTimer.unref?.();
       }
     });
     try {
       const model = await ctx.modelService.resolveModel("openai-codex", data.model, {
         allowUnknown: data.experimental_codex?.allow_unknown_model
       });
-      const codexBody = createCodexPassthroughBody(data, model);
+      let codexBody = createCodexPassthroughBody(data, model);
+      let activePreviousResponseId = originalPreviousResponseId;
+      let keepProfileSticky = Boolean(activePreviousResponseId);
+      let stickyProfileId = activePreviousResponseId ? codexResponseProfileBindings.get(activePreviousResponseId)?.profileId : void 0;
+      const useAdventureFallback = async (error, quota) => {
+        if (!keepProfileSticky || abortController.signal.aborted) {
+          return false;
+        }
+        const failedProfileId = profile?.profileId ?? stickyProfileId;
+        if (failedProfileId) {
+          await ctx.authService.recordProfileRequestFailure(failedProfileId, error, quota, "openai-codex", {
+            skipAutoSwitch: true
+          });
+        }
+        codexBody = removePreviousResponseId(codexBody);
+        activePreviousResponseId = void 0;
+        keepProfileSticky = false;
+        stickyProfileId = void 0;
+        adventureFallbackUsed = true;
+        adventureFallbackReason = error instanceof Error ? error.message : String(error);
+        retryCount += 1;
+        profile = null;
+        failureRecorded = false;
+        console.warn("[gateway:codex:stream] sticky continuation failed; dropping previous_response_id and retrying as new session", {
+          requestId: request.id,
+          model,
+          retryCount,
+          previousResponseId: "[present]",
+          failedAccount: failedProfileId,
+          errorCode: error.code,
+          upstreamStatus: error.upstreamStatus,
+          upstreamRequestId: error.requestId,
+          message: adventureFallbackReason
+        });
+        return true;
+      };
       const imageRequest = upstreamEndpoint === "responses" ? extractCodexImageGenerationRequest(codexBody) : null;
       if (imageRequest) {
         codexImageRoute = "codex-tool";
@@ -1867,9 +2155,13 @@ function createApp(params) {
       }
       let upstream = null;
       const maxProfileAttempts = 5;
+      const maxTransientStreamRetries = 1;
+      let transientStreamRetryCount = 0;
       for (let attempt = 0; attempt < maxProfileAttempts; attempt += 1) {
-        profile = await ctx.authService.requireUsableProfile("openai-codex");
         try {
+          profile = stickyProfileId ? await ctx.authService.requireUsableProfileById(stickyProfileId, "openai-codex") : await ctx.authService.requireUsableProfile("openai-codex", {
+            skipAutoSwitch: keepProfileSticky
+          });
           upstream = await streamOpenAICodex({
             profile,
             model,
@@ -1881,9 +2173,31 @@ function createApp(params) {
           break;
         } catch (error) {
           const quota = error.quota;
-          const switchedProfile = await ctx.authService.recordProfileRequestFailure(profile.profileId, error, quota, "openai-codex");
+          if (keepProfileSticky && attempt < maxProfileAttempts - 1 && await useAdventureFallback(error, quota)) {
+            continue;
+          }
+          if (!keepProfileSticky && isTransientHttpError(error) && transientStreamRetryCount < maxTransientStreamRetries && attempt < maxProfileAttempts - 1 && !abortController.signal.aborted) {
+            transientStreamRetryCount += 1;
+            retryCount += 1;
+            console.warn("[gateway:codex:stream] transient curl stream failure before headers; retrying request", {
+              requestId: request.id,
+              account: profileLogLabel(profile),
+              model,
+              retryCount,
+              errorCode: error.code,
+              upstreamRequestId: error.requestId,
+              message: error instanceof Error ? error.message : String(error)
+            });
+            continue;
+          }
+          if (!profile) {
+            throw error;
+          }
+          const switchedProfile = await ctx.authService.recordProfileRequestFailure(profile.profileId, error, quota, "openai-codex", {
+            skipAutoSwitch: keepProfileSticky
+          });
           failureRecorded = true;
-          if (attempt < maxProfileAttempts - 1 && isQuotaLimitError(error) && switchedProfile && switchedProfile.profileId !== profile.profileId && !abortController.signal.aborted) {
+          if (!keepProfileSticky && attempt < maxProfileAttempts - 1 && ctx.authService.isRotationTrigger(error, quota) && switchedProfile && switchedProfile.profileId !== profile.profileId && !abortController.signal.aborted) {
             retryCount += 1;
             failureRecorded = false;
             continue;
@@ -1894,13 +2208,18 @@ function createApp(params) {
       if (!upstream || !profile) {
         throw new Error("Codex stream \u672A\u80FD\u5EFA\u7ACB\u3002");
       }
-      await ctx.authService.recordProfileRequestSuccess(profile.profileId, upstream.quota, "openai-codex");
+      await ctx.authService.recordProfileRequestSuccess(profile.profileId, upstream.quota, "openai-codex", {
+        skipAutoSwitch: keepProfileSticky
+      });
       const headers = {
         "Content-Type": upstream.headers["content-type"] ?? "text/event-stream; charset=utf-8",
         "Cache-Control": "no-cache, no-transform",
         Connection: "keep-alive",
         "X-Accel-Buffering": "no"
       };
+      if (adventureFallbackUsed) {
+        headers["X-AZT-Codex-Continuation-Mode"] = "adventure-fallback";
+      }
       for (const [key, value] of Object.entries(upstream.headers)) {
         if (key.startsWith("x-codex-") || key === "x-request-id") {
           headers[key] = value;
@@ -1910,14 +2229,42 @@ function createApp(params) {
       headersCommitted = true;
       reply.raw.flushHeaders?.();
       const streamStats = createSseStreamStats();
+      const writeChunkToClient = async (chunk) => {
+        if (clientDisconnected || reply.raw.destroyed || reply.raw.writableEnded) {
+          clientDisconnected = true;
+          return;
+        }
+        try {
+          if (!reply.raw.write(chunk)) {
+            await new Promise((resolve) => {
+              const cleanup = () => {
+                reply.raw.off("drain", cleanup);
+                reply.raw.off("close", cleanup);
+                resolve();
+              };
+              reply.raw.once("drain", cleanup);
+              reply.raw.once("close", cleanup);
+            });
+          }
+        } catch {
+          clientDisconnected = true;
+        }
+      };
       for await (const chunk of Readable.fromWeb(upstream.body)) {
         trackSseChunk(streamStats, chunk);
-        if (!reply.raw.write(chunk)) {
-          await new Promise((resolve) => reply.raw.once("drain", resolve));
-        }
+        await writeChunkToClient(chunk);
       }
       streamFinished = true;
-      reply.raw.end();
+      if (clientDrainTimer) {
+        clearTimeout(clientDrainTimer);
+        clientDrainTimer = null;
+      }
+      if (!clientDisconnected && !reply.raw.destroyed && !reply.raw.writableEnded) {
+        reply.raw.end();
+      }
+      for (const responseId of streamStats.responseIds) {
+        rememberCodexResponseProfile(responseId, profile);
+      }
       if (!streamStats.completed) {
         console.warn("[gateway:codex:stream] upstream stream ended without response.completed", {
           requestId: request.id,
@@ -1947,21 +2294,39 @@ function createApp(params) {
             passthrough: true,
             upstreamEndpoint,
             retryCount,
+            profileSticky: keepProfileSticky,
+            previousResponseId: originalPreviousResponseId ? "[present]" : void 0,
+            previousResponseDropped: adventureFallbackUsed,
+            adventureFallbackReason: adventureFallbackUsed ? truncateForLog(adventureFallbackReason ?? "") : void 0,
+            stickyProfileResolved: Boolean(stickyProfileId),
+            responseIdsTracked: streamStats.responseIds.size,
             completed: streamStats.completed,
             terminalEvent: streamStats.terminalEvent,
-            bytes: streamStats.bytes
+            bytes: streamStats.bytes,
+            usageCaptured: Boolean(streamStats.tokenUsage),
+            tokenUsageStatus: sseTokenUsageStatus(streamStats, upstream.status),
+            parseErrorCount: streamStats.parseErrorCount,
+            clientDisconnected
           }
         },
         usage: {
           profile,
+          tokenUsage: streamStats.tokenUsage,
+          tokenUsageStatus: sseTokenUsageStatus(streamStats, upstream.status),
           imageRoute: codexImageRoute
         }
       });
       return reply;
     } catch (error) {
+      if (clientDrainTimer) {
+        clearTimeout(clientDrainTimer);
+        clientDrainTimer = null;
+      }
       const quota = error.quota;
       if (profile && !failureRecorded) {
-        await ctx.authService.recordProfileRequestFailure(profile.profileId, error, quota, "openai-codex");
+        await ctx.authService.recordProfileRequestFailure(profile.profileId, error, quota, "openai-codex", {
+          skipAutoSwitch: Boolean(originalPreviousResponseId) && !adventureFallbackUsed
+        });
       }
       const normalized = normalizeError(error);
       const statusCode = getErrorStatusCode(normalized);
@@ -1980,10 +2345,17 @@ function createApp(params) {
           request: summarizeResponsesRequest(data, request.url),
           response: {
             upstreamEndpoint,
-            retryCount
+            retryCount,
+            profileSticky: Boolean(originalPreviousResponseId) && !adventureFallbackUsed,
+            previousResponseId: originalPreviousResponseId ? "[present]" : void 0,
+            previousResponseDropped: adventureFallbackUsed,
+            adventureFallbackReason: adventureFallbackUsed ? truncateForLog(adventureFallbackReason ?? "") : void 0,
+            stickyProfileResolved: Boolean(originalPreviousResponseId && codexResponseProfileBindings.has(originalPreviousResponseId))
           },
           error: {
             message: normalized.message,
+            code: normalized.code,
+            upstreamRequestId: normalized.requestId,
             upstreamStatus: normalized.upstreamStatus,
             upstreamErrorCode: normalized.upstreamErrorCode,
             upstreamErrorMessage: normalized.upstreamErrorMessage
@@ -2034,7 +2406,7 @@ function createApp(params) {
     }
     return handleCodexResponsesPassthrough(request, reply, parsed.data, startedAt);
   });
-  app.post("/codex/v1/responses/compact", async (request, reply) => {
+  app.post("/codex/v1/responses/compact", { bodyLimit: codexCompactBodyLimit }, async (request, reply) => {
     const startedAt = performance.now();
     const parsed = responsesBodySchema.safeParse(request.body);
     if (!parsed.success) {
@@ -2198,7 +2570,7 @@ function createApp(params) {
       });
       throw error;
     }
-    const activeProfile = await ctx.authService.getActiveProfile();
+    const activeProfile = result.profile ?? await ctx.authService.getActiveProfile();
     pushGatewayRequestLog({
       method: request.method,
       endpoint: request.url,
@@ -2216,7 +2588,8 @@ function createApp(params) {
         response: {
           textPreview: truncateForLog(result.text),
           textLength: result.text.length,
-          artifactCount: result.artifacts.length
+          artifactCount: result.artifacts.length,
+          retryCount: result.retryCount ?? 0
         }
       },
       usage: {
@@ -2333,7 +2706,7 @@ function createApp(params) {
       });
       throw error;
     }
-    const activeProfile = await ctx.authService.getActiveProfile();
+    const activeProfile = result.profile ?? await ctx.authService.getActiveProfile();
     pushGatewayRequestLog({
       method: request.method,
       endpoint: request.url,
@@ -2358,7 +2731,8 @@ function createApp(params) {
             argumentsPreview: truncateForLog(toolCall.function.arguments)
           })),
           artifactCount: result.artifacts.length,
-          stream: parsed.data.stream ?? false
+          stream: parsed.data.stream ?? false,
+          retryCount: result.retryCount ?? 0
         }
       },
       usage: {
@@ -2376,7 +2750,9 @@ function createApp(params) {
       artifactCount: result.artifacts.length
     });
     if (parsed.data.stream) {
-      sendChatCompletionsStream(reply, result);
+      const rawStreamOptions = parsed.data.stream_options;
+      const streamOptions = isObjectRecord(rawStreamOptions) ? rawStreamOptions : null;
+      sendChatCompletionsStream(reply, result, streamOptions?.include_usage === true);
       return reply;
     }
     return buildChatCompletionsBody(result);