antigravity-claude-proxy 2.7.1 → 2.7.2

package/src/errors.js

@@ -166,6 +166,37 @@ export class CapacityExhaustedError extends AntigravityError {
     }
 }
 
+/**
+ * Account forbidden error (403 VALIDATION_REQUIRED / PERMISSION_DENIED)
+ * These are account-level errors where the account needs validation or has been
+ * disabled. Trying different endpoints won't help - need to rotate to another account.
+ */
+export class AccountForbiddenError extends AntigravityError {
+    /**
+     * @param {string} message - Error message
+     * @param {string} accountEmail - Email of the forbidden account
+     */
+    constructor(message, accountEmail = null) {
+        super(message, 'ACCOUNT_FORBIDDEN', false, { accountEmail });
+        this.name = 'AccountForbiddenError';
+        this.accountEmail = accountEmail;
+    }
+}
+
+/**
+ * Check if an error is an account forbidden error (403 VALIDATION_REQUIRED / PERMISSION_DENIED)
+ * These errors indicate the account itself is blocked and need account rotation, not endpoint rotation.
+ * @param {Error} error - Error to check
+ * @returns {boolean}
+ */
+export function isAccountForbiddenError(error) {
+    if (error instanceof AccountForbiddenError) return true;
+    // Fallback string check only for errors that couldn't use the typed class
+    // (e.g., errors crossing module boundaries). Only match our own prefixed format.
+    const msg = (error.message || '');
+    return msg.startsWith('ACCOUNT_FORBIDDEN:');
+}
+
 /**
  * Check if an error is a rate limit error
  * Works with both custom error classes and legacy string-based errors
@@ -225,6 +256,7 @@ export default {
     AntigravityError,
     RateLimitError,
     AuthError,
+    AccountForbiddenError,
     NoAccountsError,
     MaxRetriesError,
     ApiError,
@@ -233,6 +265,7 @@ export default {
     CapacityExhaustedError,
     isRateLimitError,
     isAuthError,
+    isAccountForbiddenError,
     isEmptyResponseError,
     isCapacityExhaustedError
 };

package/src/utils/helpers.js

@@ -1,6 +1,7 @@
 import { readFileSync } from 'fs';
 import { fileURLToPath } from 'url';
 import path from 'path';
+import { config } from '../config.js';
 
 /**
  * Shared Utility Functions
@@ -71,6 +72,23 @@ export function isNetworkError(error) {
     );
 }
 
+/**
+ * Throttled fetch that applies a configurable delay before each request
+ * Only applies delay when requestThrottlingEnabled is true
+ * @param {string|URL} url - The URL to fetch
+ * @param {RequestInit} [options] - Fetch options
+ * @returns {Promise<Response>} Fetch response
+ */
+export async function throttledFetch(url, options) {
+    if (config.requestThrottlingEnabled) {
+        const delayMs = config.requestDelayMs || 200;
+        if (delayMs > 0) {
+            await sleep(delayMs);
+        }
+    }
+    return fetch(url, options);
+}
+
 /**
  * Generate random jitter for backoff timing (Thundering Herd Prevention)
  * Prevents all clients from retrying at the exact same moment after errors.

package/src/webui/index.js

@@ -292,6 +292,15 @@ export function mountWebUI(app, dirname, accountManager) {
             const { email } = req.params;
             accountManager.clearTokenCache(email);
             accountManager.clearProjectCache(email);
+
+            // For verification errors (403 VALIDATION_REQUIRED), clear isInvalid on refresh.
+            // The user has completed verification on Google's site and clicks Refresh to re-enable.
+            // Auth errors (no verifyUrl) still require OAuth re-auth via FIX button.
+            const account = accountManager.getAllAccounts().find(a => a.email === email);
+            if (account && account.isInvalid && account.verifyUrl) {
+                accountManager.clearInvalid(email);
+            }
+
             res.json({
                 status: 'ok',
                 message: `Token cache cleared for ${email}`
@@ -644,7 +653,7 @@ export function mountWebUI(app, dirname, accountManager) {
      */
     app.post('/api/config', async (req, res) => {
         try {
-            const { debug, devMode, logLevel, persistTokenCache } = req.body;
+            const { debug, devMode, logLevel, persistTokenCache, requestThrottlingEnabled, requestDelayMs } = req.body;
 
             // Validate tunable config fields via shared helper
             const updates = validateConfigFields(req.body);
@@ -665,6 +674,12 @@ export function mountWebUI(app, dirname, accountManager) {
             if (typeof persistTokenCache === 'boolean') {
                 updates.persistTokenCache = persistTokenCache;
             }
+            if (typeof requestThrottlingEnabled === 'boolean') {
+                updates.requestThrottlingEnabled = requestThrottlingEnabled;
+            }
+            if (typeof requestDelayMs === 'number' && requestDelayMs >= 100 && requestDelayMs <= 5000) {
+                updates.requestDelayMs = requestDelayMs;
+            }
 
             if (Object.keys(updates).length === 0) {
                 return res.status(400).json({