opencode-multi-account-core 0.2.2 → 0.2.4

package/dist/account-manager.d.ts

@@ -35,7 +35,7 @@ export interface AccountManagerInstance {
     validateNonActiveTokens(client: PluginClient): Promise<void>;
     removeAccount(index: number): Promise<boolean>;
     clearAllAccounts(): Promise<void>;
-    addAccount(auth: OAuthCredentials): Promise<void>;
+    addAccount(auth: OAuthCredentials, email?: string): Promise<void>;
     toggleEnabled(uuid: string): Promise<void>;
     replaceAccountCredentials(uuid: string, auth: OAuthCredentials): Promise<void>;
     retryAuth(uuid: string, client: PluginClient): Promise<TokenRefreshResult>;

package/dist/adapters/types.d.ts

@@ -19,6 +19,8 @@ export interface OAuthAdapter {
     oauthBetaHeader: string;
     requestBetaHeader: string;
     cliUserAgent: string;
+    cliVersion: string;
+    billingSalt: string;
     toolPrefix: string;
     accountStorageFilename: string;
     transform: OAuthAdapterTransformConfig;

package/dist/cascade-state.d.ts

@@ -0,0 +1,11 @@
+import type { CascadeState } from "./pool-types";
+export declare class CascadeStateManager {
+    suppressNextStartTurn: boolean;
+    private cascadeState;
+    startTurn(prompt: string, currentAccountUuid?: string): CascadeState;
+    ensureCascadeState(prompt: string, currentAccountUuid?: string): CascadeState;
+    markAttempted(accountUuid: string): void;
+    markVisitedChainIndex(index: number): void;
+    clearCascadeState(): void;
+    getSnapshot(): CascadeState | null;
+}

package/dist/executor.d.ts

@@ -1,4 +1,4 @@
-import type { ManagedAccount, PluginClient, TokenRefreshResult } from "./types";
+import { type ManagedAccount, type PluginClient, type TokenRefreshResult } from "./types";
 export interface ExecutorAccountManager {
     getAccountCount(): number;
     refresh(): Promise<void>;

package/dist/index.d.ts

@@ -14,3 +14,7 @@ export * from "./ui/ansi";
 export * from "./ui/confirm";
 export * from "./ui/select";
 export * from "./adapters";
+export * from "./pool-types";
+export * from "./pool-config-store";
+export * from "./pool-manager";
+export * from "./cascade-state";

package/dist/index.js

@@ -81,6 +81,23 @@ var PluginConfigSchema = v.object({
   quiet_mode: v.optional(v.boolean(), false),
   debug: v.optional(v.boolean(), false)
 });
+var TokenRefreshError = class _TokenRefreshError extends Error {
+  status;
+  permanent;
+  constructor(permanent, status) {
+    super(status === void 0 ? "Token refresh failed" : `Token refresh failed: ${status}`);
+    this.name = "TokenRefreshError";
+    this.status = status;
+    this.permanent = permanent;
+    Object.setPrototypeOf(this, _TokenRefreshError.prototype);
+  }
+};
+function isTokenRefreshError(error) {
+  if (error instanceof TokenRefreshError) return true;
+  if (!(error instanceof Error)) return false;
+  const candidate = error;
+  return candidate.name === "TokenRefreshError" && typeof candidate.permanent === "boolean" && (candidate.status === void 0 || typeof candidate.status === "number");
+}
 
 // src/config.ts
 var DEFAULT_CONFIG_FILENAME = "multiauth-config.json";
@@ -224,6 +241,14 @@ function createMinimalClient() {
     }
   };
 }
+function getClearedOAuthBody() {
+  return {
+    type: "oauth",
+    refresh: "",
+    access: "",
+    expires: 0
+  };
+}
 
 // src/claims.ts
 var CLAIMS_FILENAME = "multiauth-claims.json";
@@ -661,13 +686,7 @@ function createAccountManagerForProvider(dependencies) {
       });
     }
     async markRevoked(uuid) {
-      await this.store.mutateAccount(uuid, (account) => {
-        account.isAuthDisabled = true;
-        account.authDisabledReason = "OAuth token revoked (403)";
-        account.accessToken = void 0;
-        account.expiresAt = void 0;
-      });
-      this.runtimeFactory?.invalidate(uuid);
+      await this.removeAccountByUuid(uuid);
     }
     async markSuccess(uuid) {
       this.last429Map.delete(uuid);
@@ -690,15 +709,32 @@ function createAccountManagerForProvider(dependencies) {
       }).catch(() => {
       });
     }
+    async clearOpenCodeAuthIfNoAccountsRemain() {
+      if (!this.client) return;
+      const storage = await this.store.load();
+      if (storage.accounts.length > 0) return;
+      await this.client.auth.set({
+        path: { id: providerAuthId },
+        body: getClearedOAuthBody()
+      }).catch(() => {
+      });
+    }
+    async removeAccountByUuid(uuid) {
+      const removed = await this.store.removeAccount(uuid);
+      if (!removed) return;
+      this.last429Map.delete(uuid);
+      this.runtimeFactory?.invalidate(uuid);
+      await this.refresh();
+      await this.clearOpenCodeAuthIfNoAccountsRemain();
+    }
     async markAuthFailure(uuid, result) {
+      if (!result.ok && result.permanent) {
+        await this.removeAccountByUuid(uuid);
+        return;
+      }
       await this.store.mutateStorage((storage) => {
         const account = storage.accounts.find((entry) => entry.uuid === uuid);
         if (!account) return;
-        if (!result.ok && result.permanent) {
-          account.isAuthDisabled = true;
-          account.authDisabledReason = "Token permanently rejected (400/401/403)";
-          return;
-        }
         account.consecutiveAuthFailures = (account.consecutiveAuthFailures ?? 0) + 1;
         const maxFailures = getConfig().max_consecutive_auth_failures;
         const usableCount = storage.accounts.filter(
@@ -795,11 +831,21 @@ function createAccountManagerForProvider(dependencies) {
       this.cached = [];
       this.activeAccountUuid = void 0;
     }
-    async addAccount(auth) {
+    async addAccount(auth, email) {
       if (!auth.refresh) return;
-      const existing = this.cached.find((account) => account.refreshToken === auth.refresh);
-      if (existing) return;
+      const existingByToken = this.cached.find((account) => account.refreshToken === auth.refresh);
+      if (existingByToken) return;
+      if (email) {
+        const existingByEmail = this.cached.find(
+          (account) => account.email && account.email === email
+        );
+        if (existingByEmail?.uuid) {
+          await this.replaceAccountCredentials(existingByEmail.uuid, auth);
+          return;
+        }
+      }
       const newAccount = this.createNewAccount(auth, Date.now());
+      if (email) newAccount.email = email;
       await this.store.addAccount(newAccount);
       this.activeAccountUuid = newAccount.uuid;
       await this.store.setActiveUuid(newAccount.uuid);
@@ -1125,7 +1171,9 @@ var MAX_SERVER_RETRIES_PER_ATTEMPT = 2;
 var MAX_RESOLVE_ATTEMPTS = 10;
 var SERVER_RETRY_BASE_MS = 1e3;
 var SERVER_RETRY_MAX_MS = 4e3;
-var PERMANENT_AUTH_FAILURE_STATUSES = /* @__PURE__ */ new Set([400, 401, 403]);
+function isAbortError(error) {
+  return error instanceof Error && error.name === "AbortError";
+}
 function createExecutorForProvider(providerName, dependencies) {
   const {
     handleRateLimitResponse,
@@ -1136,77 +1184,49 @@ function createExecutorForProvider(providerName, dependencies) {
   } = dependencies;
   async function executeWithAccountRotation(manager, runtimeFactory, client, input, init) {
     const maxRetries = Math.max(MIN_MAX_RETRIES, manager.getAccountCount() * RETRIES_PER_ACCOUNT);
-    let retries = 0;
     let previousAccountUuid;
-    while (true) {
-      if (++retries > maxRetries) {
-        throw new Error(
-          `Exhausted ${maxRetries} retries across all accounts. All attempts failed due to auth errors, rate limits, or token issues.`
-        );
-      }
-      await manager.refresh();
-      const account = await resolveAccount(manager, client);
-      const accountUuid = account.uuid;
-      if (!accountUuid) continue;
-      if (previousAccountUuid && accountUuid !== previousAccountUuid && manager.getAccountCount() > 1) {
-        void showToast2(client, `Switched to ${getAccountLabel2(account)}`, "info");
-      }
-      previousAccountUuid = accountUuid;
-      let runtime;
-      let response;
-      try {
-        runtime = await runtimeFactory.getRuntime(accountUuid);
-        response = await runtime.fetch(input, init);
-      } catch (error) {
-        if (await handleRuntimeFetchFailure(manager, runtimeFactory, client, account, error)) {
-          continue;
+    async function retryServerErrors(account, runtime) {
+      for (let attempt = 0; attempt < MAX_SERVER_RETRIES_PER_ATTEMPT; attempt++) {
+        const backoff = Math.min(SERVER_RETRY_BASE_MS * 2 ** attempt, SERVER_RETRY_MAX_MS);
+        const jitteredBackoff = backoff * (0.5 + Math.random() * 0.5);
+        await sleep2(jitteredBackoff);
+        let retryResponse;
+        try {
+          retryResponse = await runtime.fetch(input, init);
+        } catch (error) {
+          if (isAbortError(error)) throw error;
+          if (await handleRuntimeFetchFailure(manager, runtimeFactory, client, account, error)) {
+            return null;
+          }
+          void showToast2(client, `${getAccountLabel2(account)} network error \u2014 switching`, "warning");
+          return null;
         }
-        void showToast2(client, `${getAccountLabel2(account)} network error \u2014 switching`, "warning");
-        continue;
+        if (retryResponse.status < 500) return retryResponse;
       }
+      return null;
+    }
+    const dispatchResponseStatus = async (account, accountUuid, runtime, response, allow401Retry, from401RefreshRetry) => {
       if (response.status >= 500) {
-        let serverResponse = response;
-        let networkErrorDuringServerRetry = false;
-        let authFailureDuringServerRetry = false;
-        for (let attempt = 0; attempt < MAX_SERVER_RETRIES_PER_ATTEMPT; attempt++) {
-          const backoff = Math.min(SERVER_RETRY_BASE_MS * 2 ** attempt, SERVER_RETRY_MAX_MS);
-          const jitteredBackoff = backoff * (0.5 + Math.random() * 0.5);
-          await sleep2(jitteredBackoff);
+        const recovered = await retryServerErrors(account, runtime);
+        if (recovered === null) {
+          return { type: "retryOuter" };
+        }
+        response = recovered;
+      }
+      if (response.status === 401) {
+        if (allow401Retry) {
+          runtimeFactory.invalidate(accountUuid);
           try {
-            serverResponse = await runtime.fetch(input, init);
+            const retryRuntime = await runtimeFactory.getRuntime(accountUuid);
+            const retryResponse = await retryRuntime.fetch(input, init);
+            return dispatchResponseStatus(account, accountUuid, retryRuntime, retryResponse, false, true);
           } catch (error) {
+            if (isAbortError(error)) throw error;
             if (await handleRuntimeFetchFailure(manager, runtimeFactory, client, account, error)) {
-              authFailureDuringServerRetry = true;
-              break;
+              return { type: "retryOuter" };
             }
-            networkErrorDuringServerRetry = true;
-            void showToast2(client, `${getAccountLabel2(account)} network error \u2014 switching`, "warning");
-            break;
+            return { type: "retryOuter" };
           }
-          if (serverResponse.status < 500) break;
-        }
-        if (authFailureDuringServerRetry) {
-          continue;
-        }
-        if (networkErrorDuringServerRetry || serverResponse.status >= 500) {
-          continue;
-        }
-        response = serverResponse;
-      }
-      if (response.status === 401) {
-        runtimeFactory.invalidate(accountUuid);
-        try {
-          const retryRuntime = await runtimeFactory.getRuntime(accountUuid);
-          const retryResponse = await retryRuntime.fetch(input, init);
-          if (retryResponse.status !== 401) {
-            await manager.markSuccess(accountUuid);
-            return retryResponse;
-          }
-        } catch (error) {
-          if (await handleRuntimeFetchFailure(manager, runtimeFactory, client, account, error)) {
-            continue;
-          }
-          continue;
         }
         await manager.markAuthFailure(accountUuid, { ok: false, permanent: false });
         await manager.refresh();
@@ -1217,7 +1237,7 @@ function createExecutorForProvider(providerName, dependencies) {
           );
         }
         void showToast2(client, `${getAccountLabel2(account)} auth failed \u2014 switching to next account.`, "warning");
-        continue;
+        return { type: "retryOuter" };
       }
       if (response.status === 403) {
         const revoked = await isRevokedTokenResponse(response);
@@ -1234,26 +1254,62 @@ function createExecutorForProvider(providerName, dependencies) {
               `All ${providerName} accounts have been revoked or disabled. Re-authenticate with \`opencode auth login\`.`
             );
           }
-          continue;
+          return { type: "retryOuter" };
+        }
+        if (from401RefreshRetry) {
+          return { type: "handled", response };
         }
       }
       if (response.status === 429) {
         await handleRateLimitResponse(manager, client, account, response);
+        return { type: "handled" };
+      }
+      return { type: "success", response };
+    };
+    for (let retries = 1; retries <= maxRetries; retries++) {
+      await manager.refresh();
+      const account = await resolveAccount(manager, client);
+      const accountUuid = account.uuid;
+      if (!accountUuid) continue;
+      if (previousAccountUuid && accountUuid !== previousAccountUuid && manager.getAccountCount() > 1) {
+        void showToast2(client, `Switched to ${getAccountLabel2(account)}`, "info");
+      }
+      previousAccountUuid = accountUuid;
+      let runtime;
+      let response;
+      try {
+        runtime = await runtimeFactory.getRuntime(accountUuid);
+        response = await runtime.fetch(input, init);
+      } catch (error) {
+        if (isAbortError(error)) throw error;
+        if (await handleRuntimeFetchFailure(manager, runtimeFactory, client, account, error)) {
+          continue;
+        }
+        void showToast2(client, `${getAccountLabel2(account)} network error \u2014 switching`, "warning");
+        continue;
+      }
+      const transition = await dispatchResponseStatus(account, accountUuid, runtime, response, true, false);
+      if (transition.type === "retryOuter" || transition.type === "handled") {
+        if (transition.type === "handled" && transition.response) {
+          return transition.response;
+        }
         continue;
       }
       await manager.markSuccess(accountUuid);
-      return response;
+      return transition.response;
     }
+    throw new Error(
+      `Exhausted ${maxRetries} retries across all accounts. All attempts failed due to auth errors, rate limits, or token issues.`
+    );
   }
   async function handleRuntimeFetchFailure(manager, runtimeFactory, client, account, error) {
-    const refreshFailureStatus = getRefreshFailureStatus(error);
-    if (refreshFailureStatus === void 0) return false;
+    if (!isTokenRefreshError(error)) return false;
     if (!account.uuid) return false;
     const accountUuid = account.uuid;
     runtimeFactory.invalidate(accountUuid);
     await manager.markAuthFailure(accountUuid, {
       ok: false,
-      permanent: PERMANENT_AUTH_FAILURE_STATUSES.has(refreshFailureStatus)
+      permanent: error.permanent
     });
     await manager.refresh();
     if (!manager.hasAnyUsableAccount()) {
@@ -1298,13 +1354,6 @@ function createExecutorForProvider(providerName, dependencies) {
     executeWithAccountRotation
   };
 }
-function getRefreshFailureStatus(error) {
-  if (!(error instanceof Error)) return void 0;
-  const matched = error.message.match(/Token refresh failed:\s*(\d{3})/);
-  if (!matched) return void 0;
-  const status = Number(matched[1]);
-  return Number.isFinite(status) ? status : void 0;
-}
 async function isRevokedTokenResponse(response) {
   try {
     const cloned = response.clone();
@@ -1319,6 +1368,7 @@ async function isRevokedTokenResponse(response) {
 var INITIAL_DELAY_MS = 5e3;
 function createProactiveRefreshQueueForProvider(dependencies) {
   const {
+    providerAuthId,
     getConfig: getConfig2,
     refreshToken,
     isTokenExpired,
@@ -1337,6 +1387,10 @@ function createProactiveRefreshQueueForProvider(dependencies) {
       const config = getConfig2();
       if (!config.proactive_refresh) return;
       this.runToken++;
+      if (this.timeoutHandle) {
+        clearTimeout(this.timeoutHandle);
+        this.timeoutHandle = null;
+      }
       this.scheduleNext(this.runToken, INITIAL_DELAY_MS);
       debugLog2(this.client, "Proactive refresh started", {
         intervalSeconds: config.proactive_refresh_interval_seconds,
@@ -1411,23 +1465,41 @@ function createProactiveRefreshQueueForProvider(dependencies) {
     }
     async persistFailure(account, permanent) {
       try {
-        await this.store.mutateAccount(account.uuid, (target) => {
-          if (permanent) {
+        const accountUuid = account.uuid;
+        if (!accountUuid) return;
+        if (permanent) {
+          const removed = await this.store.removeAccount(accountUuid);
+          if (!removed) return;
+          this.onInvalidate?.(accountUuid);
+          await this.clearOpenCodeAuthIfNoAccountsRemain();
+          return;
+        }
+        await this.store.mutateStorage((storage) => {
+          const target = storage.accounts.find((entry) => entry.uuid === accountUuid);
+          if (!target) return;
+          target.consecutiveAuthFailures = (target.consecutiveAuthFailures ?? 0) + 1;
+          const maxFailures = getConfig2().max_consecutive_auth_failures;
+          const usableCount = storage.accounts.filter(
+            (entry) => entry.enabled && !entry.isAuthDisabled && entry.uuid !== accountUuid
+          ).length;
+          if (target.consecutiveAuthFailures >= maxFailures && usableCount > 0) {
             target.isAuthDisabled = true;
-            target.authDisabledReason = "Token permanently rejected (proactive refresh)";
-          } else {
-            target.consecutiveAuthFailures = (target.consecutiveAuthFailures ?? 0) + 1;
-            const maxFailures = getConfig2().max_consecutive_auth_failures;
-            if (target.consecutiveAuthFailures >= maxFailures) {
-              target.isAuthDisabled = true;
-              target.authDisabledReason = `${maxFailures} consecutive auth failures (proactive refresh)`;
-            }
+            target.authDisabledReason = `${maxFailures} consecutive auth failures (proactive refresh)`;
           }
         });
       } catch {
         debugLog2(this.client, `Failed to persist auth failure for ${account.uuid}`);
       }
     }
+    async clearOpenCodeAuthIfNoAccountsRemain() {
+      const storage = await this.store.load();
+      if (storage.accounts.length > 0) return;
+      await this.client.auth.set({
+        path: { id: providerAuthId },
+        body: getClearedOAuthBody()
+      }).catch(() => {
+      });
+    }
   };
 }
 
@@ -1776,6 +1848,8 @@ var anthropicOAuthAdapter = {
   oauthBetaHeader: "oauth-2025-04-20",
   requestBetaHeader: "oauth-2025-04-20,interleaved-thinking-2025-05-14",
   cliUserAgent: "claude-cli/2.1.2 (external, cli)",
+  cliVersion: "2.1.80",
+  billingSalt: "59cf53e54c78",
   toolPrefix: "mcp_",
   accountStorageFilename: "anthropic-multi-account-accounts.json",
   transform: {
@@ -1808,6 +1882,8 @@ var openAIOAuthAdapter = {
   oauthBetaHeader: "",
   requestBetaHeader: "",
   cliUserAgent: "opencode/1.1.53",
+  cliVersion: "",
+  billingSalt: "",
   toolPrefix: "mcp_",
   accountStorageFilename: "openai-multi-account-accounts.json",
   transform: {
@@ -1824,16 +1900,414 @@ var openAIOAuthAdapter = {
   },
   supported: true
 };
+
+// src/pool-types.ts
+import * as v5 from "valibot";
+var PoolConfigSchema = v5.object({
+  name: v5.string(),
+  baseProvider: v5.string(),
+  members: v5.array(v5.string()),
+  enabled: v5.boolean()
+});
+var ChainEntryConfigSchema = v5.object({
+  pool: v5.string(),
+  model: v5.optional(v5.string()),
+  enabled: v5.boolean()
+});
+var ChainConfigSchema = v5.object({
+  name: v5.string(),
+  entries: v5.array(ChainEntryConfigSchema),
+  enabled: v5.boolean()
+});
+var PoolChainConfigSchema = v5.object({
+  pools: v5.optional(v5.array(PoolConfigSchema), []),
+  chains: v5.optional(v5.array(ChainConfigSchema), [])
+});
+
+// src/pool-config-store.ts
+import { promises as fs6 } from "node:fs";
+import { randomBytes as randomBytes4 } from "node:crypto";
+import { dirname as dirname5, join as join7 } from "node:path";
+import lockfile2 from "proper-lockfile";
+import * as v6 from "valibot";
+var POOL_CONFIG_FILENAME = "multiauth-pools.json";
+var FILE_MODE2 = 384;
+var LOCK_OPTIONS2 = {
+  stale: 1e4,
+  retries: { retries: 10, minTimeout: 50, maxTimeout: 2e3, factor: 2 }
+};
+function createEmptyConfig() {
+  return { pools: [], chains: [] };
+}
+function getGlobalConfigPath() {
+  return join7(getConfigDir2(), POOL_CONFIG_FILENAME);
+}
+function buildTempPath2(targetPath) {
+  return `${targetPath}.${randomBytes4(8).toString("hex")}.tmp`;
+}
+async function resolveConfigPath() {
+  const projectPath = join7(process.cwd(), ".opencode", POOL_CONFIG_FILENAME);
+  try {
+    await fs6.access(projectPath);
+    return projectPath;
+  } catch {
+  }
+  return getGlobalConfigPath();
+}
+async function ensureConfigFileExists(targetPath) {
+  await fs6.mkdir(dirname5(targetPath), { recursive: true });
+  const emptyContent = `${JSON.stringify(createEmptyConfig(), null, 2)}
+`;
+  try {
+    await fs6.writeFile(targetPath, emptyContent, { flag: "wx", mode: FILE_MODE2 });
+  } catch (error) {
+    if (getErrorCode(error) !== "EEXIST") throw error;
+  }
+}
+async function writeAtomicText2(targetPath, content) {
+  await fs6.mkdir(dirname5(targetPath), { recursive: true });
+  const tempPath = buildTempPath2(targetPath);
+  try {
+    await fs6.writeFile(tempPath, content, { encoding: "utf-8", mode: FILE_MODE2 });
+    await fs6.chmod(tempPath, FILE_MODE2);
+    await fs6.rename(tempPath, targetPath);
+    await fs6.chmod(targetPath, FILE_MODE2);
+  } catch (error) {
+    try {
+      await fs6.unlink(tempPath);
+    } catch {
+    }
+    throw error;
+  }
+}
+async function withConfigLock(fn) {
+  const configPath = await resolveConfigPath();
+  await ensureConfigFileExists(configPath);
+  let release = null;
+  try {
+    release = await lockfile2.lock(configPath, LOCK_OPTIONS2);
+    return await fn(configPath);
+  } finally {
+    if (release) {
+      try {
+        await release();
+      } catch {
+      }
+    }
+  }
+}
+function parsePoolChainConfig(content) {
+  let parsed;
+  try {
+    parsed = JSON.parse(content);
+  } catch {
+    return null;
+  }
+  const validation = v6.safeParse(PoolChainConfigSchema, parsed);
+  return validation.success ? validation.output : null;
+}
+async function loadPoolChainConfig() {
+  const path = await resolveConfigPath();
+  try {
+    const content = await fs6.readFile(path, "utf-8");
+    return parsePoolChainConfig(content) ?? createEmptyConfig();
+  } catch {
+    return createEmptyConfig();
+  }
+}
+async function savePoolChainConfig(config) {
+  await withConfigLock(async (configPath) => {
+    const validation = v6.safeParse(PoolChainConfigSchema, config);
+    if (!validation.success) {
+      throw new Error("Invalid pool/chain config payload");
+    }
+    await writeAtomicText2(configPath, `${JSON.stringify(validation.output, null, 2)}
+`);
+  });
+}
+
+// src/pool-manager.ts
+var DEFAULT_EXHAUSTED_COOLDOWN_MS = 5 * 60 * 1e3;
+var PoolManager = class {
+  poolsByName = /* @__PURE__ */ new Map();
+  exhaustedUntilByAccount = /* @__PURE__ */ new Map();
+  exhaustedCooldownMs;
+  constructor(options) {
+    this.exhaustedCooldownMs = options?.exhaustedCooldownMs ?? DEFAULT_EXHAUSTED_COOLDOWN_MS;
+  }
+  loadPools(configs) {
+    this.poolsByName.clear();
+    for (const pool of configs) {
+      this.poolsByName.set(pool.name, pool);
+    }
+  }
+  getPoolForAccount(accountUuid) {
+    for (const pool of this.poolsByName.values()) {
+      if (!pool.enabled) continue;
+      if (pool.members.includes(accountUuid)) return pool;
+    }
+    return null;
+  }
+  getAvailableMembers(pool, accountManager) {
+    if (!pool.enabled) return [];
+    this.clearExpiredExhausted();
+    const accountsByUuid = /* @__PURE__ */ new Map();
+    for (const account of accountManager.getAccounts()) {
+      if (!account.uuid) continue;
+      accountsByUuid.set(account.uuid, account);
+    }
+    return pool.members.filter((accountUuid) => {
+      const account = accountsByUuid.get(accountUuid);
+      if (!account) return false;
+      if (!account.enabled || account.isAuthDisabled) return false;
+      if (this.isExhausted(accountUuid)) return false;
+      if (accountManager.isRateLimited(account)) return false;
+      return true;
+    });
+  }
+  markExhausted(accountUuid) {
+    this.exhaustedUntilByAccount.set(accountUuid, Date.now() + this.exhaustedCooldownMs);
+  }
+  async getNextMember(pool, currentUuid, accountManager) {
+    const availableMembers = this.getAvailableMembers(pool, accountManager);
+    if (availableMembers.length === 0) return null;
+    const excluded = /* @__PURE__ */ new Set();
+    if (currentUuid) excluded.add(currentUuid);
+    const preferred = await this.selectPreferredMember(availableMembers, excluded, accountManager);
+    if (preferred) return preferred;
+    for (const candidate of availableMembers) {
+      if (candidate !== currentUuid) return candidate;
+    }
+    return null;
+  }
+  async buildFailoverPlan(currentAccount, config, accountManager, options) {
+    this.loadPools(config.pools ?? []);
+    if ((config.pools?.length ?? 0) === 0 && (config.chains?.length ?? 0) === 0) {
+      return { candidates: [], skips: [] };
+    }
+    const attemptedAccounts = options?.attemptedAccounts ?? /* @__PURE__ */ new Set();
+    const visitedChainIndexes = options?.visitedChainIndexes ?? /* @__PURE__ */ new Set();
+    const currentUuid = currentAccount?.uuid;
+    const candidates = [];
+    const skips = [];
+    const addedCandidateUuids = /* @__PURE__ */ new Set();
+    const appendPoolCandidates = async (poolName, source, chainIndex) => {
+      const pool = this.poolsByName.get(poolName);
+      if (!pool || !pool.enabled) {
+        skips.push({
+          type: "chain_disabled",
+          poolName,
+          reason: "Pool is missing or disabled"
+        });
+        return;
+      }
+      const available = this.getAvailableMembers(pool, accountManager);
+      if (available.length === 0) {
+        skips.push({
+          type: "pool_exhausted",
+          poolName,
+          reason: "No available members"
+        });
+        return;
+      }
+      const poolExclusions = /* @__PURE__ */ new Set();
+      if (currentUuid) poolExclusions.add(currentUuid);
+      while (poolExclusions.size < available.length + (currentUuid ? 1 : 0)) {
+        const nextMember = await this.selectPreferredMember(available, poolExclusions, accountManager);
+        if (!nextMember) break;
+        poolExclusions.add(nextMember);
+        if (attemptedAccounts.has(nextMember)) {
+          skips.push({
+            type: "account_attempted",
+            poolName,
+            reason: "Already attempted in this cascade",
+            detail: nextMember
+          });
+          continue;
+        }
+        if (addedCandidateUuids.has(nextMember)) continue;
+        candidates.push({
+          poolName,
+          accountUuid: nextMember,
+          source,
+          chainIndex
+        });
+        addedCandidateUuids.add(nextMember);
+      }
+      for (const memberUuid of available) {
+        if (poolExclusions.has(memberUuid)) continue;
+        if (attemptedAccounts.has(memberUuid)) {
+          skips.push({
+            type: "account_attempted",
+            poolName,
+            reason: "Already attempted in this cascade",
+            detail: memberUuid
+          });
+          continue;
+        }
+        if (addedCandidateUuids.has(memberUuid)) continue;
+        candidates.push({
+          poolName,
+          accountUuid: memberUuid,
+          source,
+          chainIndex
+        });
+        addedCandidateUuids.add(memberUuid);
+      }
+    };
+    if (currentUuid) {
+      const currentPool = this.getPoolForAccount(currentUuid);
+      if (currentPool) {
+        await appendPoolCandidates(currentPool.name, "pool");
+      }
+    }
+    let flattenedChainIndex = 0;
+    for (const chain of config.chains ?? []) {
+      if (!chain.enabled) {
+        for (let i = 0; i < chain.entries.length; i++) {
+          skips.push({
+            type: "chain_disabled",
+            poolName: chain.entries[i]?.pool ?? chain.name,
+            reason: `Chain '${chain.name}' is disabled`
+          });
+          flattenedChainIndex += 1;
+        }
+        continue;
+      }
+      for (const entry of chain.entries) {
+        if (visitedChainIndexes.has(flattenedChainIndex)) {
+          skips.push({
+            type: "chain_disabled",
+            poolName: entry.pool,
+            reason: "Chain entry already visited in this cascade",
+            detail: `${flattenedChainIndex}`
+          });
+          flattenedChainIndex += 1;
+          continue;
+        }
+        if (!entry.enabled) {
+          skips.push({
+            type: "chain_disabled",
+            poolName: entry.pool,
+            reason: "Chain entry is disabled",
+            detail: `${flattenedChainIndex}`
+          });
+          flattenedChainIndex += 1;
+          continue;
+        }
+        await appendPoolCandidates(entry.pool, "chain", flattenedChainIndex);
+        flattenedChainIndex += 1;
+      }
+    }
+    return { candidates, skips };
+  }
+  isExhausted(accountUuid) {
+    const exhaustedUntil = this.exhaustedUntilByAccount.get(accountUuid);
+    if (!exhaustedUntil) return false;
+    if (Date.now() >= exhaustedUntil) {
+      this.exhaustedUntilByAccount.delete(accountUuid);
+      return false;
+    }
+    return true;
+  }
+  clearExpiredExhausted() {
+    const now = Date.now();
+    for (const [accountUuid, exhaustedUntil] of this.exhaustedUntilByAccount.entries()) {
+      if (now >= exhaustedUntil) this.exhaustedUntilByAccount.delete(accountUuid);
+    }
+  }
+  async selectPreferredMember(availableMembers, excludedMembers, accountManager) {
+    const availableSet = new Set(availableMembers);
+    const maxAttempts = Math.max(availableMembers.length * 2, 6);
+    for (let attempt = 0; attempt < maxAttempts; attempt++) {
+      const selected = await accountManager.selectAccount();
+      if (!selected?.uuid) continue;
+      if (!availableSet.has(selected.uuid)) continue;
+      if (excludedMembers.has(selected.uuid)) continue;
+      return selected.uuid;
+    }
+    for (const memberUuid of availableMembers) {
+      if (!excludedMembers.has(memberUuid)) return memberUuid;
+    }
+    return null;
+  }
+};
+
+// src/cascade-state.ts
+function createCascadeState(prompt, currentAccountUuid) {
+  const attemptedAccounts = /* @__PURE__ */ new Set();
+  if (currentAccountUuid) {
+    attemptedAccounts.add(currentAccountUuid);
+  }
+  return {
+    prompt,
+    attemptedAccounts,
+    visitedChainIndexes: /* @__PURE__ */ new Set()
+  };
+}
+var CascadeStateManager = class {
+  suppressNextStartTurn = false;
+  cascadeState = null;
+  startTurn(prompt, currentAccountUuid) {
+    if (this.suppressNextStartTurn) {
+      this.suppressNextStartTurn = false;
+      return this.ensureCascadeState(prompt, currentAccountUuid);
+    }
+    const shouldReset = !this.cascadeState || this.cascadeState.prompt !== prompt;
+    if (shouldReset) {
+      this.cascadeState = createCascadeState(prompt, currentAccountUuid);
+      return this.cascadeState;
+    }
+    return this.ensureCascadeState(prompt, currentAccountUuid);
+  }
+  ensureCascadeState(prompt, currentAccountUuid) {
+    if (!this.cascadeState || this.cascadeState.prompt !== prompt) {
+      this.cascadeState = createCascadeState(prompt, currentAccountUuid);
+      return this.cascadeState;
+    }
+    if (currentAccountUuid) {
+      this.cascadeState.attemptedAccounts.add(currentAccountUuid);
+    }
+    return this.cascadeState;
+  }
+  markAttempted(accountUuid) {
+    if (!this.cascadeState) return;
+    this.cascadeState.attemptedAccounts.add(accountUuid);
+  }
+  markVisitedChainIndex(index) {
+    if (!this.cascadeState) return;
+    this.cascadeState.visitedChainIndexes.add(index);
+  }
+  clearCascadeState() {
+    this.cascadeState = null;
+    this.suppressNextStartTurn = false;
+  }
+  getSnapshot() {
+    if (!this.cascadeState) return null;
+    return {
+      prompt: this.cascadeState.prompt,
+      attemptedAccounts: new Set(this.cascadeState.attemptedAccounts),
+      visitedChainIndexes: new Set(this.cascadeState.visitedChainIndexes)
+    };
+  }
+};
 export {
   ACCOUNTS_FILENAME,
   ANSI,
   AccountSelectionStrategySchema,
   AccountStorageSchema,
   AccountStore,
+  CascadeStateManager,
+  ChainConfigSchema,
+  ChainEntryConfigSchema,
   CredentialRefreshPatchSchema,
   OAuthCredentialsSchema,
   PluginConfigSchema,
+  PoolChainConfigSchema,
+  PoolConfigSchema,
+  PoolManager,
   StoredAccountSchema,
+  TokenRefreshError,
   UsageLimitEntrySchema,
   UsageLimitsSchema,
   anthropicOAuthAdapter,
@@ -1847,14 +2321,17 @@ export {
   deduplicateAccounts,
   formatWaitTime,
   getAccountLabel,
+  getClearedOAuthBody,
   getConfig,
   getConfigDir2 as getConfigDir,
   getErrorCode,
   initCoreConfig,
   isClaimedByOther,
   isTTY,
+  isTokenRefreshError,
   loadAccounts,
   loadConfig,
+  loadPoolChainConfig,
   migrateFromAuthJson,
   openAIOAuthAdapter,
   parseKey,
@@ -1862,6 +2339,7 @@ export {
   readStorageFromDisk,
   releaseClaim,
   resetConfigCache,
+  savePoolChainConfig,
   select,
   setAccountsFilename,
   setConfigGetter,

package/dist/pool-config-store.d.ts

@@ -0,0 +1,3 @@
+import type { PoolChainConfig } from "./pool-types";
+export declare function loadPoolChainConfig(): Promise<PoolChainConfig>;
+export declare function savePoolChainConfig(config: PoolChainConfig): Promise<void>;

package/dist/pool-manager.d.ts

@@ -0,0 +1,33 @@
+import type { ManagedAccount } from "./types";
+import type { FailoverCandidate, FailoverSkip, PoolChainConfig, PoolConfig } from "./pool-types";
+interface PoolAwareAccountManager {
+    getAccounts(): ManagedAccount[];
+    isRateLimited(account: ManagedAccount): boolean;
+    selectAccount(): Promise<ManagedAccount | null>;
+}
+export interface BuildFailoverPlanOptions {
+    attemptedAccounts?: Set<string>;
+    visitedChainIndexes?: Set<number>;
+}
+export interface FailoverPlan {
+    candidates: FailoverCandidate[];
+    skips: FailoverSkip[];
+}
+export declare class PoolManager {
+    private poolsByName;
+    private exhaustedUntilByAccount;
+    private exhaustedCooldownMs;
+    constructor(options?: {
+        exhaustedCooldownMs?: number;
+    });
+    loadPools(configs: PoolConfig[]): void;
+    getPoolForAccount(accountUuid: string): PoolConfig | null;
+    getAvailableMembers(pool: PoolConfig, accountManager: PoolAwareAccountManager): string[];
+    markExhausted(accountUuid: string): void;
+    getNextMember(pool: PoolConfig, currentUuid: string | undefined, accountManager: PoolAwareAccountManager): Promise<string | null>;
+    buildFailoverPlan(currentAccount: Pick<ManagedAccount, "uuid" | "accountId"> | null, config: PoolChainConfig, accountManager: PoolAwareAccountManager, options?: BuildFailoverPlanOptions): Promise<FailoverPlan>;
+    private isExhausted;
+    private clearExpiredExhausted;
+    private selectPreferredMember;
+}
+export {};

package/dist/pool-types.d.ts

@@ -0,0 +1,59 @@
+import * as v from "valibot";
+export declare const PoolConfigSchema: v.ObjectSchema<{
+    readonly name: v.StringSchema<undefined>;
+    readonly baseProvider: v.StringSchema<undefined>;
+    readonly members: v.ArraySchema<v.StringSchema<undefined>, undefined>;
+    readonly enabled: v.BooleanSchema<undefined>;
+}, undefined>;
+export declare const ChainEntryConfigSchema: v.ObjectSchema<{
+    readonly pool: v.StringSchema<undefined>;
+    readonly model: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly enabled: v.BooleanSchema<undefined>;
+}, undefined>;
+export declare const ChainConfigSchema: v.ObjectSchema<{
+    readonly name: v.StringSchema<undefined>;
+    readonly entries: v.ArraySchema<v.ObjectSchema<{
+        readonly pool: v.StringSchema<undefined>;
+        readonly model: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly enabled: v.BooleanSchema<undefined>;
+    }, undefined>, undefined>;
+    readonly enabled: v.BooleanSchema<undefined>;
+}, undefined>;
+export declare const PoolChainConfigSchema: v.ObjectSchema<{
+    readonly pools: v.OptionalSchema<v.ArraySchema<v.ObjectSchema<{
+        readonly name: v.StringSchema<undefined>;
+        readonly baseProvider: v.StringSchema<undefined>;
+        readonly members: v.ArraySchema<v.StringSchema<undefined>, undefined>;
+        readonly enabled: v.BooleanSchema<undefined>;
+    }, undefined>, undefined>, readonly []>;
+    readonly chains: v.OptionalSchema<v.ArraySchema<v.ObjectSchema<{
+        readonly name: v.StringSchema<undefined>;
+        readonly entries: v.ArraySchema<v.ObjectSchema<{
+            readonly pool: v.StringSchema<undefined>;
+            readonly model: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly enabled: v.BooleanSchema<undefined>;
+        }, undefined>, undefined>;
+        readonly enabled: v.BooleanSchema<undefined>;
+    }, undefined>, undefined>, readonly []>;
+}, undefined>;
+export type PoolConfig = v.InferOutput<typeof PoolConfigSchema>;
+export type ChainEntryConfig = v.InferOutput<typeof ChainEntryConfigSchema>;
+export type ChainConfig = v.InferOutput<typeof ChainConfigSchema>;
+export type PoolChainConfig = v.InferOutput<typeof PoolChainConfigSchema>;
+export interface CascadeState {
+    prompt: string;
+    attemptedAccounts: Set<string>;
+    visitedChainIndexes: Set<number>;
+}
+export interface FailoverCandidate {
+    poolName: string;
+    accountUuid: string;
+    source: "pool" | "chain";
+    chainIndex?: number;
+}
+export interface FailoverSkip {
+    type: "pool_exhausted" | "chain_disabled" | "account_attempted" | "account_unavailable";
+    poolName: string;
+    reason: string;
+    detail?: string;
+}

package/dist/proactive-refresh.d.ts

@@ -1,6 +1,7 @@
 import { AccountStore } from "./account-store";
 import type { PluginClient, PluginConfig, StoredAccount, TokenRefreshResult } from "./types";
 export interface ProactiveRefreshDependencies {
+    providerAuthId: string;
     getConfig: () => PluginConfig;
     refreshToken: (currentRefreshToken: string, accountId: string, client: PluginClient) => Promise<TokenRefreshResult>;
     isTokenExpired: (account: Pick<StoredAccount, "accessToken" | "expiresAt">) => boolean;

package/dist/types.d.ts

@@ -130,6 +130,12 @@ export type TokenRefreshResult = {
     permanent: boolean;
     status?: number;
 };
+export declare class TokenRefreshError extends Error {
+    readonly status?: number;
+    readonly permanent: boolean;
+    constructor(permanent: boolean, status?: number);
+}
+export declare function isTokenRefreshError(error: unknown): error is TokenRefreshError;
 export interface ManagedAccount {
     index: number;
     uuid?: string;

package/dist/utils.d.ts

@@ -7,3 +7,9 @@ export declare function sleep(ms: number): Promise<void>;
 export declare function showToast(client: PluginClient, message: string, variant: "info" | "warning" | "success" | "error"): Promise<void>;
 export declare function debugLog(client: PluginClient, message: string, extra?: Record<string, unknown>): void;
 export declare function createMinimalClient(): PluginClient;
+export declare function getClearedOAuthBody(): {
+    type: "oauth";
+    refresh: string;
+    access: string;
+    expires: number;
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-multi-account-core",
-  "version": "0.2.2",
+  "version": "0.2.4",
   "description": "Shared core for multi-account OpenCode plugins",
   "type": "module",
   "main": "./dist/index.js",