oc-chatgpt-multi-auth 5.3.2 → 5.3.4

package/dist/lib/storage.js

@@ -1,4 +1,5 @@
 import { promises as fs, existsSync } from "node:fs";
+import { randomBytes } from "node:crypto";
 import { dirname, join } from "node:path";
 import { ACCOUNT_LIMITS } from "./constants.js";
 import { createLogger } from "./logger.js";
@@ -59,6 +60,73 @@ function withStorageLock(fn) {
     });
     return previousMutex.then(fn).finally(() => releaseLock());
 }
+const WINDOWS_RENAME_RETRY_ATTEMPTS = 5;
+const WINDOWS_RENAME_RETRY_BASE_DELAY_MS = 10;
+const PRE_IMPORT_BACKUP_WRITE_TIMEOUT_MS = 3_000;
+function isWindowsLockError(error) {
+    const code = error?.code;
+    return code === "EPERM" || code === "EBUSY";
+}
+async function renameWithWindowsRetry(sourcePath, destinationPath) {
+    let lastError = null;
+    for (let attempt = 0; attempt < WINDOWS_RENAME_RETRY_ATTEMPTS; attempt += 1) {
+        try {
+            await fs.rename(sourcePath, destinationPath);
+            return;
+        }
+        catch (error) {
+            if (isWindowsLockError(error)) {
+                lastError = error;
+                await new Promise((resolve) => setTimeout(resolve, WINDOWS_RENAME_RETRY_BASE_DELAY_MS * 2 ** attempt));
+                continue;
+            }
+            throw error;
+        }
+    }
+    if (lastError) {
+        throw lastError;
+    }
+}
+async function writeFileWithTimeout(filePath, content, timeoutMs) {
+    const controller = new AbortController();
+    const timeoutHandle = setTimeout(() => controller.abort(), timeoutMs);
+    try {
+        await fs.writeFile(filePath, content, {
+            encoding: "utf-8",
+            mode: 0o600,
+            signal: controller.signal,
+        });
+    }
+    catch (error) {
+        if (error instanceof Error && error.name === "AbortError") {
+            const timeoutError = Object.assign(new Error(`Timed out writing file after ${timeoutMs}ms`), { code: "ETIMEDOUT" });
+            throw timeoutError;
+        }
+        throw error;
+    }
+    finally {
+        clearTimeout(timeoutHandle);
+    }
+}
+async function writePreImportBackupFile(backupPath, snapshot) {
+    const uniqueSuffix = `${Date.now()}.${Math.random().toString(36).slice(2, 8)}`;
+    const tempPath = `${backupPath}.${uniqueSuffix}.tmp`;
+    try {
+        await fs.mkdir(dirname(backupPath), { recursive: true });
+        const backupContent = JSON.stringify(snapshot, null, 2);
+        await writeFileWithTimeout(tempPath, backupContent, PRE_IMPORT_BACKUP_WRITE_TIMEOUT_MS);
+        await renameWithWindowsRetry(tempPath, backupPath);
+    }
+    catch (error) {
+        try {
+            await fs.unlink(tempPath);
+        }
+        catch {
+            // Best effort temp-file cleanup.
+        }
+        throw error;
+    }
+}
 async function ensureGitignore(storagePath) {
     if (!currentStoragePath)
         return;
@@ -219,6 +287,109 @@ function deduplicateAccountsByKey(accounts) {
     }
     return result;
 }
+function pickNewestAccountIndex(accounts, existingIndex, candidateIndex) {
+    const existing = accounts[existingIndex];
+    const candidate = accounts[candidateIndex];
+    if (!existing)
+        return candidateIndex;
+    if (!candidate)
+        return existingIndex;
+    const newest = selectNewestAccount(existing, candidate);
+    return newest === candidate ? candidateIndex : existingIndex;
+}
+function mergeAccountRecords(target, source) {
+    const newest = selectNewestAccount(target, source);
+    const older = newest === target ? source : target;
+    return {
+        ...older,
+        ...newest,
+        organizationId: target.organizationId ?? source.organizationId,
+        accountId: target.accountId ?? source.accountId,
+        accountIdSource: target.accountIdSource ?? source.accountIdSource,
+        accountLabel: target.accountLabel ?? source.accountLabel,
+        email: target.email ?? source.email,
+    };
+}
+function deduplicateAccountsByRefreshToken(accounts) {
+    const working = [...accounts];
+    const indicesToRemove = new Set();
+    const refreshMap = new Map();
+    for (let i = 0; i < working.length; i += 1) {
+        const account = working[i];
+        if (!account)
+            continue;
+        const refreshToken = account.refreshToken?.trim();
+        if (!refreshToken)
+            continue;
+        const orgKey = account.organizationId?.trim() ?? "";
+        let entry = refreshMap.get(refreshToken);
+        if (!entry) {
+            entry = { byOrg: new Map(), fallbackIndex: undefined };
+            refreshMap.set(refreshToken, entry);
+        }
+        if (orgKey) {
+            const existingIndex = entry.byOrg.get(orgKey);
+            if (existingIndex !== undefined) {
+                const newestIndex = pickNewestAccountIndex(working, existingIndex, i);
+                const obsoleteIndex = newestIndex === existingIndex ? i : existingIndex;
+                const target = working[newestIndex];
+                const source = working[obsoleteIndex];
+                if (target && source) {
+                    working[newestIndex] = mergeAccountRecords(target, source);
+                }
+                indicesToRemove.add(obsoleteIndex);
+                entry.byOrg.set(orgKey, newestIndex);
+                continue;
+            }
+            entry.byOrg.set(orgKey, i);
+            continue;
+        }
+        const existingFallback = entry.fallbackIndex;
+        if (typeof existingFallback === "number") {
+            const newestIndex = pickNewestAccountIndex(working, existingFallback, i);
+            const obsoleteIndex = newestIndex === existingFallback ? i : existingFallback;
+            const target = working[newestIndex];
+            const source = working[obsoleteIndex];
+            if (target && source) {
+                working[newestIndex] = mergeAccountRecords(target, source);
+            }
+            indicesToRemove.add(obsoleteIndex);
+            entry.fallbackIndex = newestIndex;
+            continue;
+        }
+        entry.fallbackIndex = i;
+    }
+    for (const entry of refreshMap.values()) {
+        const fallbackIndex = entry.fallbackIndex;
+        if (typeof fallbackIndex !== "number")
+            continue;
+        const orgIndices = Array.from(entry.byOrg.values());
+        if (orgIndices.length === 0)
+            continue;
+        const [firstOrgIndex, ...otherOrgIndices] = orgIndices;
+        if (typeof firstOrgIndex !== "number")
+            continue;
+        let preferredOrgIndex = firstOrgIndex;
+        for (const orgIndex of otherOrgIndices) {
+            preferredOrgIndex = pickNewestAccountIndex(working, preferredOrgIndex, orgIndex);
+        }
+        const preferredOrg = working[preferredOrgIndex];
+        const fallback = working[fallbackIndex];
+        if (preferredOrg && fallback) {
+            working[preferredOrgIndex] = mergeAccountRecords(preferredOrg, fallback);
+        }
+        indicesToRemove.add(fallbackIndex);
+    }
+    const result = [];
+    for (let i = 0; i < working.length; i += 1) {
+        if (indicesToRemove.has(i))
+            continue;
+        const account = working[i];
+        if (account)
+            result.push(account);
+    }
+    return result;
+}
 /**
  * Removes duplicate accounts, keeping the most recently used entry for each unique key.
  * Deduplication identity hierarchy: organizationId -> accountId -> refreshToken.
@@ -234,7 +405,7 @@ export function deduplicateAccounts(accounts) {
  * 2) Then apply legacy email dedupe only for entries that still do not have organizationId/accountId.
  */
 function deduplicateAccountsForStorage(accounts) {
-    return deduplicateAccountsByEmail(deduplicateAccountsByKey(accounts));
+    return deduplicateAccountsByRefreshToken(deduplicateAccountsByEmail(deduplicateAccountsByKey(accounts)));
 }
 /**
  * Removes duplicate legacy accounts by email, keeping the most recently used entry.
@@ -307,35 +478,46 @@ function clampIndex(index, length) {
         return 0;
     return Math.max(0, Math.min(index, length - 1));
 }
-function toAccountKey(account) {
-    const key = toAccountIdentityKey(account);
-    return key || "";
-}
-function toAccountIdentityKey(account) {
+function toAccountIdentityKeys(account) {
+    const keys = [];
     const organizationId = typeof account.organizationId === "string" ? account.organizationId.trim() : "";
     if (organizationId) {
-        return `organizationId:${organizationId}`;
+        keys.push(`organizationId:${organizationId}`);
     }
     const accountId = typeof account.accountId === "string" ? account.accountId.trim() : "";
     if (accountId) {
-        return `accountId:${accountId}`;
+        keys.push(`accountId:${accountId}`);
     }
     const refreshToken = typeof account.refreshToken === "string" ? account.refreshToken.trim() : "";
     if (refreshToken) {
-        return `refreshToken:${refreshToken}`;
+        keys.push(`refreshToken:${refreshToken}`);
     }
-    return undefined;
+    return keys;
+}
+function toAccountIdentityKey(account) {
+    return toAccountIdentityKeys(account)[0];
 }
-function extractActiveKey(accounts, activeIndex) {
+function extractActiveKeys(accounts, activeIndex) {
     const candidate = accounts[activeIndex];
     if (!isRecord(candidate))
-        return undefined;
-    return toAccountIdentityKey({
+        return [];
+    return toAccountIdentityKeys({
         organizationId: typeof candidate.organizationId === "string" ? candidate.organizationId : undefined,
         accountId: typeof candidate.accountId === "string" ? candidate.accountId : undefined,
         refreshToken: typeof candidate.refreshToken === "string" ? candidate.refreshToken : "",
     });
 }
+function findAccountIndexByIdentityKeys(accounts, identityKeys) {
+    if (identityKeys.length === 0)
+        return -1;
+    for (const identityKey of identityKeys) {
+        const idx = accounts.findIndex((account) => toAccountIdentityKeys(account).includes(identityKey));
+        if (idx >= 0) {
+            return idx;
+        }
+    }
+    return -1;
+}
 /**
  * Normalizes and validates account storage data, migrating from v1 to v3 if needed.
  * Handles deduplication, index clamping, and per-family active index mapping.
@@ -362,7 +544,7 @@ export function normalizeAccountStorage(data) {
         ? data.activeIndex
         : 0;
     const rawActiveIndex = clampIndex(activeIndexValue, rawAccounts.length);
-    const activeKey = extractActiveKey(rawAccounts, rawActiveIndex);
+    const activeKeys = extractActiveKeys(rawAccounts, rawActiveIndex);
     const fromVersion = data.version;
     const baseStorage = fromVersion === 1
         ? migrateV1ToV3(data)
@@ -372,8 +554,8 @@ export function normalizeAccountStorage(data) {
     const activeIndex = (() => {
         if (deduplicatedAccounts.length === 0)
             return 0;
-        if (activeKey) {
-            const mappedIndex = deduplicatedAccounts.findIndex((account) => toAccountKey(account) === activeKey);
+        if (activeKeys.length > 0) {
+            const mappedIndex = findAccountIndexByIdentityKeys(deduplicatedAccounts, activeKeys);
             if (mappedIndex >= 0)
                 return mappedIndex;
         }
@@ -389,10 +571,10 @@ export function normalizeAccountStorage(data) {
             ? rawIndexValue
             : rawActiveIndex;
         const clampedRawIndex = clampIndex(rawIndex, rawAccounts.length);
-        const familyKey = extractActiveKey(rawAccounts, clampedRawIndex);
+        const familyKeys = extractActiveKeys(rawAccounts, clampedRawIndex);
         let mappedIndex = clampIndex(rawIndex, deduplicatedAccounts.length);
-        if (familyKey && deduplicatedAccounts.length > 0) {
-            const idx = deduplicatedAccounts.findIndex((account) => toAccountKey(account) === familyKey);
+        if (familyKeys.length > 0 && deduplicatedAccounts.length > 0) {
+            const idx = findAccountIndexByIdentityKeys(deduplicatedAccounts, familyKeys);
             if (idx >= 0) {
                 mappedIndex = idx;
             }
@@ -459,32 +641,17 @@ async function saveAccountsUnlocked(storage) {
     try {
         await fs.mkdir(dirname(path), { recursive: true });
         await ensureGitignore(path);
-        const content = JSON.stringify(storage, null, 2);
+        // Normalize before persisting so every write path enforces dedup semantics
+        // (organizationId/accountId identity plus refresh-token collision collapse).
+        const normalizedStorage = normalizeAccountStorage(storage) ?? storage;
+        const content = JSON.stringify(normalizedStorage, null, 2);
         await fs.writeFile(tempPath, content, { encoding: "utf-8", mode: 0o600 });
         const stats = await fs.stat(tempPath);
         if (stats.size === 0) {
             const emptyError = Object.assign(new Error("File written but size is 0"), { code: "EEMPTY" });
             throw emptyError;
         }
-        // Retry rename with exponential backoff for Windows EPERM/EBUSY
-        let lastError = null;
-        for (let attempt = 0; attempt < 5; attempt++) {
-            try {
-                await fs.rename(tempPath, path);
-                return;
-            }
-            catch (renameError) {
-                const code = renameError.code;
-                if (code === "EPERM" || code === "EBUSY") {
-                    lastError = renameError;
-                    await new Promise(r => setTimeout(r, 10 * Math.pow(2, attempt)));
-                    continue;
-                }
-                throw renameError;
-            }
-        }
-        if (lastError)
-            throw lastError;
+        await renameWithWindowsRetry(tempPath, path);
     }
     catch (error) {
         try {
@@ -556,6 +723,15 @@ function normalizeFlaggedStorage(data) {
         const isAccountIdSource = (value) => value === "token" || value === "id_token" || value === "org" || value === "manual";
         const isSwitchReason = (value) => value === "rate-limit" || value === "initial" || value === "rotation";
         const isCooldownReason = (value) => value === "auth-failure" || value === "network-error";
+        const normalizeTags = (value) => {
+            if (!Array.isArray(value))
+                return undefined;
+            const normalized = value
+                .filter((entry) => typeof entry === "string")
+                .map((entry) => entry.trim().toLowerCase())
+                .filter((entry) => entry.length > 0);
+            return normalized.length > 0 ? Array.from(new Set(normalized)) : undefined;
+        };
         let rateLimitResetTimes;
         if (isRecord(rawAccount.rateLimitResetTimes)) {
             const normalizedRateLimits = {};
@@ -577,6 +753,10 @@ function normalizeFlaggedStorage(data) {
         const cooldownReason = isCooldownReason(rawAccount.cooldownReason)
             ? rawAccount.cooldownReason
             : undefined;
+        const accountTags = normalizeTags(rawAccount.accountTags);
+        const accountNote = typeof rawAccount.accountNote === "string" && rawAccount.accountNote.trim()
+            ? rawAccount.accountNote.trim()
+            : undefined;
         const normalized = {
             refreshToken,
             addedAt: typeof rawAccount.addedAt === "number" ? rawAccount.addedAt : flaggedAt,
@@ -585,6 +765,8 @@ function normalizeFlaggedStorage(data) {
             accountId: typeof rawAccount.accountId === "string" ? rawAccount.accountId : undefined,
             accountIdSource,
             accountLabel: typeof rawAccount.accountLabel === "string" ? rawAccount.accountLabel : undefined,
+            accountTags,
+            accountNote,
             email: typeof rawAccount.email === "string" ? rawAccount.email : undefined,
             enabled: typeof rawAccount.enabled === "boolean" ? rawAccount.enabled : undefined,
             lastSwitchReason,
@@ -659,7 +841,7 @@ export async function saveFlaggedAccounts(storage) {
             await fs.mkdir(dirname(path), { recursive: true });
             const content = JSON.stringify(normalizeFlaggedStorage(storage), null, 2);
             await fs.writeFile(tempPath, content, { encoding: "utf-8", mode: 0o600 });
-            await fs.rename(tempPath, path);
+            await renameWithWindowsRetry(tempPath, path);
         }
         catch (error) {
             try {
@@ -686,6 +868,71 @@ export async function clearFlaggedAccounts() {
         }
     });
 }
+function formatBackupTimestamp(date = new Date()) {
+    const yyyy = String(date.getFullYear());
+    const mm = String(date.getMonth() + 1).padStart(2, "0");
+    const dd = String(date.getDate()).padStart(2, "0");
+    const hh = String(date.getHours()).padStart(2, "0");
+    const min = String(date.getMinutes()).padStart(2, "0");
+    const ss = String(date.getSeconds()).padStart(2, "0");
+    const mmm = String(date.getMilliseconds()).padStart(3, "0");
+    return `${yyyy}${mm}${dd}-${hh}${min}${ss}${mmm}`;
+}
+function sanitizeBackupPrefix(prefix) {
+    const trimmed = prefix.trim();
+    const safe = trimmed
+        .replace(/[^a-zA-Z0-9_-]+/g, "-")
+        .replace(/-+/g, "-")
+        .replace(/^-+|-+$/g, "");
+    return safe.length > 0 ? safe : "codex-backup";
+}
+export function createTimestampedBackupPath(prefix = "codex-backup") {
+    const storagePath = getStoragePath();
+    const backupDir = join(dirname(storagePath), "backups");
+    const safePrefix = sanitizeBackupPrefix(prefix);
+    const nonce = randomBytes(3).toString("hex");
+    return join(backupDir, `${safePrefix}-${formatBackupTimestamp()}-${nonce}.json`);
+}
+async function readAndNormalizeImportFile(filePath) {
+    const resolvedPath = resolvePath(filePath);
+    if (!existsSync(resolvedPath)) {
+        throw new Error(`Import file not found: ${resolvedPath}`);
+    }
+    const content = await fs.readFile(resolvedPath, "utf-8");
+    let imported;
+    try {
+        imported = JSON.parse(content);
+    }
+    catch {
+        throw new Error(`Invalid JSON in import file: ${resolvedPath}`);
+    }
+    const normalized = normalizeAccountStorage(imported);
+    if (!normalized) {
+        throw new Error("Invalid account storage format");
+    }
+    return { resolvedPath, normalized };
+}
+export async function previewImportAccounts(filePath) {
+    const { normalized } = await readAndNormalizeImportFile(filePath);
+    return withAccountStorageTransaction((existing) => {
+        const existingAccounts = existing?.accounts ?? [];
+        const merged = [...existingAccounts, ...normalized.accounts];
+        if (merged.length > ACCOUNT_LIMITS.MAX_ACCOUNTS) {
+            const deduped = deduplicateAccountsForStorage(merged);
+            if (deduped.length > ACCOUNT_LIMITS.MAX_ACCOUNTS) {
+                throw new Error(`Import would exceed maximum of ${ACCOUNT_LIMITS.MAX_ACCOUNTS} accounts (would have ${deduped.length})`);
+            }
+        }
+        const deduplicatedAccounts = deduplicateAccountsForStorage(merged);
+        const imported = deduplicatedAccounts.length - existingAccounts.length;
+        const skipped = normalized.accounts.length - imported;
+        return Promise.resolve({
+            imported,
+            total: deduplicatedAccounts.length,
+            skipped,
+        });
+    });
+}
 /**
  * Exports current accounts to a JSON file for backup/migration.
  * @param filePath - Destination file path
@@ -713,30 +960,44 @@ export async function exportAccounts(filePath, force = true) {
  * @param filePath - Source file path
  * @throws Error if file is invalid or would exceed MAX_ACCOUNTS
  */
-export async function importAccounts(filePath) {
-    const resolvedPath = resolvePath(filePath);
-    // Check file exists with friendly error
-    if (!existsSync(resolvedPath)) {
-        throw new Error(`Import file not found: ${resolvedPath}`);
-    }
-    const content = await fs.readFile(resolvedPath, "utf-8");
-    let imported;
-    try {
-        imported = JSON.parse(content);
-    }
-    catch {
-        throw new Error(`Invalid JSON in import file: ${resolvedPath}`);
-    }
-    const normalized = normalizeAccountStorage(imported);
-    if (!normalized) {
-        throw new Error("Invalid account storage format");
-    }
-    const { imported: importedCount, total, skipped: skippedCount } = await withAccountStorageTransaction(async (existing, persist) => {
-        const existingAccounts = existing?.accounts ?? [];
-        const existingActiveIndex = existing?.activeIndex ?? 0;
+export async function importAccounts(filePath, options = {}) {
+    const { resolvedPath, normalized } = await readAndNormalizeImportFile(filePath);
+    const backupMode = options.backupMode ?? "none";
+    const backupPrefix = options.preImportBackupPrefix ?? "codex-pre-import-backup";
+    const { imported: importedCount, total, skipped: skippedCount, backupStatus, backupPath, backupError, } = await withAccountStorageTransaction(async (existing, persist) => {
+        const existingStorage = existing ??
+            {
+                version: 3,
+                accounts: [],
+                activeIndex: 0,
+                activeIndexByFamily: {},
+            };
+        const existingAccounts = existingStorage.accounts;
+        const existingActiveIndex = existingStorage.activeIndex;
         const clampedExistingActiveIndex = clampIndex(existingActiveIndex, existingAccounts.length);
-        const existingActiveKey = extractActiveKey(existingAccounts, clampedExistingActiveIndex);
-        const existingActiveIndexByFamily = existing?.activeIndexByFamily ?? {};
+        const existingActiveKeys = extractActiveKeys(existingAccounts, clampedExistingActiveIndex);
+        const existingActiveIndexByFamily = existingStorage.activeIndexByFamily ?? {};
+        let backupStatus = "skipped";
+        let backupPath;
+        let backupError;
+        if (backupMode !== "none" && existingAccounts.length > 0) {
+            backupPath = createTimestampedBackupPath(backupPrefix);
+            try {
+                await writePreImportBackupFile(backupPath, existingStorage);
+                backupStatus = "created";
+            }
+            catch (error) {
+                backupStatus = "failed";
+                backupError = error instanceof Error ? error.message : String(error);
+                if (backupMode === "required") {
+                    throw new Error(`Pre-import backup failed: ${backupError}`);
+                }
+                log.warn("Pre-import backup failed; continuing import apply", {
+                    path: backupPath,
+                    error: backupError,
+                });
+            }
+        }
         const merged = [...existingAccounts, ...normalized.accounts];
         if (merged.length > ACCOUNT_LIMITS.MAX_ACCOUNTS) {
             const deduped = deduplicateAccountsForStorage(merged);
@@ -748,8 +1009,8 @@ export async function importAccounts(filePath) {
         const mappedActiveIndex = (() => {
             if (deduplicatedAccounts.length === 0)
                 return 0;
-            if (existingActiveKey) {
-                const idx = deduplicatedAccounts.findIndex((account) => toAccountKey(account) === existingActiveKey);
+            if (existingActiveKeys.length > 0) {
+                const idx = findAccountIndexByIdentityKeys(deduplicatedAccounts, existingActiveKeys);
                 if (idx >= 0)
                     return idx;
             }
@@ -761,9 +1022,9 @@ export async function importAccounts(filePath) {
             const familyIndex = typeof rawFamilyIndex === "number" && Number.isFinite(rawFamilyIndex)
                 ? rawFamilyIndex
                 : clampedExistingActiveIndex;
-            const familyKey = extractActiveKey(existingAccounts, clampIndex(familyIndex, existingAccounts.length));
-            if (familyKey) {
-                const idx = deduplicatedAccounts.findIndex((account) => toAccountKey(account) === familyKey);
+            const familyKeys = extractActiveKeys(existingAccounts, clampIndex(familyIndex, existingAccounts.length));
+            if (familyKeys.length > 0) {
+                const idx = findAccountIndexByIdentityKeys(deduplicatedAccounts, familyKeys);
                 activeIndexByFamily[family] = idx >= 0 ? idx : mappedActiveIndex;
                 continue;
             }
@@ -778,9 +1039,31 @@ export async function importAccounts(filePath) {
         await persist(newStorage);
         const imported = deduplicatedAccounts.length - existingAccounts.length;
         const skipped = normalized.accounts.length - imported;
-        return { imported, total: deduplicatedAccounts.length, skipped };
+        return {
+            imported,
+            total: deduplicatedAccounts.length,
+            skipped,
+            backupStatus,
+            backupPath,
+            backupError,
+        };
+    });
+    log.info("Imported accounts", {
+        path: resolvedPath,
+        imported: importedCount,
+        skipped: skippedCount,
+        total,
+        backupStatus,
+        backupPath,
+        backupError,
     });
-    log.info("Imported accounts", { path: resolvedPath, imported: importedCount, skipped: skippedCount, total });
-    return { imported: importedCount, total, skipped: skippedCount };
+    return {
+        imported: importedCount,
+        total,
+        skipped: skippedCount,
+        backupStatus,
+        backupPath,
+        backupError,
+    };
 }
 //# sourceMappingURL=storage.js.map