Hugging Face's logo

Spaces:
hequ
/
cc
Paused

App Files Community
cc / src /services /droidAccountService.js
hequ's picture
hequ
Upload 224 files
6c6056a verified
raw
history blame contribute delete
53 kB
const { v4: uuidv4 } = require('uuid')
const crypto = require('crypto')
const axios = require('axios')
const redis = require('../models/redis')
const config = require('../../config/config')
const logger = require('../utils/logger')
const { maskToken } = require('../utils/tokenMask')
const ProxyHelper = require('../utils/proxyHelper')
const LRUCache = require('../utils/lruCache')
/**
 * Droid 账户管理服务
 *
 * 支持 WorkOS OAuth 集成,管理 Droid (Factory.ai) 账户
 * 提供账户创建、token 刷新、代理配置等功能
 */
class DroidAccountService {
 constructor() {
 // WorkOS OAuth 配置
 this.oauthTokenUrl = 'https://api.workos.com/user_management/authenticate'
 this.factoryApiBaseUrl = 'https://app.factory.ai/api/llm'
this.workosClientId = 'client_01HNM792M5G5G1A2THWPXKFMXB'
// Token 刷新策略
 this.refreshIntervalHours = 6 // 每6小时刷新一次
 this.tokenValidHours = 8 // Token 有效期8小时
// 加密相关常量
 this.ENCRYPTION_ALGORITHM = 'aes-256-cbc'
 this.ENCRYPTION_SALT = 'droid-account-salt'
// 🚀 性能优化:缓存派生的加密密钥
 this._encryptionKeyCache = null
// 🔄 解密结果缓存
 this._decryptCache = new LRUCache(500)
// 🧹 定期清理缓存(每10分钟)
 setInterval(
 () => {
 this._decryptCache.cleanup()
 logger.info('🧹 Droid decrypt cache cleanup completed', this._decryptCache.getStats())
 },
 10 * 60 * 1000
 )
this.supportedEndpointTypes = new Set(['anthropic', 'openai'])
 }
_sanitizeEndpointType(endpointType) {
 if (!endpointType) {
 return 'anthropic'
 }
const normalized = String(endpointType).toLowerCase()
 if (normalized === 'openai' || normalized === 'common') {
 return 'openai'
 }
if (this.supportedEndpointTypes.has(normalized)) {
 return normalized
 }
return 'anthropic'
 }
_isTruthy(value) {
 if (value === undefined || value === null) {
 return false
 }
 if (typeof value === 'boolean') {
 return value
 }
 if (typeof value === 'string') {
 const normalized = value.trim().toLowerCase()
 if (normalized === 'true') {
 return true
 }
 if (normalized === 'false') {
 return false
 }
 return normalized.length > 0 && normalized !== '0' && normalized !== 'no'
 }
 return Boolean(value)
 }
/**
 * 生成加密密钥(缓存优化)
 */
 _generateEncryptionKey() {
 if (!this._encryptionKeyCache) {
 this._encryptionKeyCache = crypto.scryptSync(
 config.security.encryptionKey,
 this.ENCRYPTION_SALT,
 32
 )
 logger.info('🔑 Droid encryption key derived and cached for performance optimization')
 }
 return this._encryptionKeyCache
 }
/**
 * 加密敏感数据
 */
 _encryptSensitiveData(text) {
 if (!text) {
 return ''
 }
const key = this._generateEncryptionKey()
 const iv = crypto.randomBytes(16)
 const cipher = crypto.createCipheriv(this.ENCRYPTION_ALGORITHM, key, iv)
let encrypted = cipher.update(text, 'utf8', 'hex')
 encrypted += cipher.final('hex')
return `${iv.toString('hex')}:${encrypted}`
 }
/**
 * 解密敏感数据(带缓存)
 */
 _decryptSensitiveData(encryptedText) {
 if (!encryptedText) {
 return ''
 }
// 🎯 检查缓存
 const cacheKey = crypto.createHash('sha256').update(encryptedText).digest('hex')
 const cached = this._decryptCache.get(cacheKey)
 if (cached !== undefined) {
 return cached
 }
try {
 const key = this._generateEncryptionKey()
 const parts = encryptedText.split(':')
 const iv = Buffer.from(parts[0], 'hex')
 const encrypted = parts[1]
const decipher = crypto.createDecipheriv(this.ENCRYPTION_ALGORITHM, key, iv)
 let decrypted = decipher.update(encrypted, 'hex', 'utf8')
 decrypted += decipher.final('utf8')
// 💾 存入缓存(5分钟过期)
 this._decryptCache.set(cacheKey, decrypted, 5 * 60 * 1000)
return decrypted
 } catch (error) {
 logger.error('❌ Failed to decrypt Droid data:', error)
 return ''
 }
 }
_parseApiKeyEntries(rawEntries) {
 if (!rawEntries) {
 return []
 }
if (Array.isArray(rawEntries)) {
 return rawEntries
 }
if (typeof rawEntries === 'string') {
 try {
 const parsed = JSON.parse(rawEntries)
 return Array.isArray(parsed) ? parsed : []
 } catch (error) {
 logger.warn('⚠️ Failed to parse Droid API Key entries:', error.message)
 return []
 }
 }
return []
 }
_buildApiKeyEntries(apiKeys, existingEntries = [], clearExisting = false) {
 const now = new Date().toISOString()
 const normalizedExisting = Array.isArray(existingEntries) ? existingEntries : []
const entries = clearExisting
 ? []
 : normalizedExisting
 .filter((entry) => entry && entry.id && entry.encryptedKey)
 .map((entry) => ({
 ...entry,
 status: entry.status || 'active' // 确保有默认状态
 }))
const hashSet = new Set(entries.map((entry) => entry.hash).filter(Boolean))
if (!Array.isArray(apiKeys) || apiKeys.length === 0) {
 return entries
 }
for (const rawKey of apiKeys) {
 if (typeof rawKey !== 'string') {
 continue
 }
const trimmed = rawKey.trim()
 if (!trimmed) {
 continue
 }
const hash = crypto.createHash('sha256').update(trimmed).digest('hex')
 if (hashSet.has(hash)) {
 continue
 }
hashSet.add(hash)
entries.push({
 id: uuidv4(),
 hash,
 encryptedKey: this._encryptSensitiveData(trimmed),
 createdAt: now,
 lastUsedAt: '',
 usageCount: '0',
 status: 'active', // 新增状态字段
 errorMessage: '' // 新增错误信息字段
 })
 }
return entries
 }
_maskApiKeyEntries(entries) {
 if (!Array.isArray(entries)) {
 return []
 }
return entries.map((entry) => ({
 id: entry.id,
 createdAt: entry.createdAt || '',
 lastUsedAt: entry.lastUsedAt || '',
 usageCount: entry.usageCount || '0',
 status: entry.status || 'active', // 新增状态字段
 errorMessage: entry.errorMessage || '' // 新增错误信息字段
 }))
 }
_decryptApiKeyEntry(entry) {
 if (!entry || !entry.encryptedKey) {
 return null
 }
const apiKey = this._decryptSensitiveData(entry.encryptedKey)
 if (!apiKey) {
 return null
 }
const usageCountNumber = Number(entry.usageCount)
return {
 id: entry.id,
 key: apiKey,
 hash: entry.hash || '',
 createdAt: entry.createdAt || '',
 lastUsedAt: entry.lastUsedAt || '',
 usageCount: Number.isFinite(usageCountNumber) && usageCountNumber >= 0 ? usageCountNumber : 0,
 status: entry.status || 'active', // 新增状态字段
 errorMessage: entry.errorMessage || '' // 新增错误信息字段
 }
 }
async getDecryptedApiKeyEntries(accountId) {
 if (!accountId) {
 return []
 }
const accountData = await redis.getDroidAccount(accountId)
 if (!accountData) {
 return []
 }
const entries = this._parseApiKeyEntries(accountData.apiKeys)
 return entries
 .map((entry) => this._decryptApiKeyEntry(entry))
 .filter((entry) => entry && entry.key)
 }
async touchApiKeyUsage(accountId, keyId) {
 if (!accountId || !keyId) {
 return
 }
try {
 const accountData = await redis.getDroidAccount(accountId)
 if (!accountData) {
 return
 }
const entries = this._parseApiKeyEntries(accountData.apiKeys)
 const index = entries.findIndex((entry) => entry.id === keyId)
if (index === -1) {
 return
 }
const updatedEntry = { ...entries[index] }
 updatedEntry.lastUsedAt = new Date().toISOString()
 const usageCount = Number(updatedEntry.usageCount)
 updatedEntry.usageCount = String(
 Number.isFinite(usageCount) && usageCount >= 0 ? usageCount + 1 : 1
 )
entries[index] = updatedEntry
accountData.apiKeys = JSON.stringify(entries)
 accountData.apiKeyCount = String(entries.length)
await redis.setDroidAccount(accountId, accountData)
 } catch (error) {
 logger.warn(`⚠️ Failed to update API key usage for Droid account ${accountId}:`, error)
 }
 }
/**
 * 删除指定的 Droid API Key 条目
 */
 async removeApiKeyEntry(accountId, keyId) {
 if (!accountId || !keyId) {
 return { removed: false, remainingCount: 0 }
 }
try {
 const accountData = await redis.getDroidAccount(accountId)
 if (!accountData) {
 return { removed: false, remainingCount: 0 }
 }
const entries = this._parseApiKeyEntries(accountData.apiKeys)
 if (!entries || entries.length === 0) {
 return { removed: false, remainingCount: 0 }
 }
const filtered = entries.filter((entry) => entry && entry.id !== keyId)
 if (filtered.length === entries.length) {
 return { removed: false, remainingCount: entries.length }
 }
accountData.apiKeys = filtered.length ? JSON.stringify(filtered) : ''
 accountData.apiKeyCount = String(filtered.length)
await redis.setDroidAccount(accountId, accountData)
logger.warn(
 `🚫 已删除 Droid API Key ${keyId}(Account: ${accountId}),剩余 ${filtered.length}`
 )
return { removed: true, remainingCount: filtered.length }
 } catch (error) {
 logger.error(`❌ 删除 Droid API Key 失败:${keyId}(Account: ${accountId})`, error)
 return { removed: false, remainingCount: 0, error }
 }
 }
/**
 * 标记指定的 Droid API Key 条目为异常状态
 */
 async markApiKeyAsError(accountId, keyId, errorMessage = '') {
 if (!accountId || !keyId) {
 return { marked: false, error: '参数无效' }
 }
try {
 const accountData = await redis.getDroidAccount(accountId)
 if (!accountData) {
 return { marked: false, error: '账户不存在' }
 }
const entries = this._parseApiKeyEntries(accountData.apiKeys)
 if (!entries || entries.length === 0) {
 return { marked: false, error: '无API Key条目' }
 }
let marked = false
 const updatedEntries = entries.map((entry) => {
 if (entry && entry.id === keyId) {
 marked = true
 return {
 ...entry,
 status: 'error',
 errorMessage: errorMessage || 'API Key异常'
 }
 }
 return entry
 })
if (!marked) {
 return { marked: false, error: '未找到指定的API Key' }
 }
accountData.apiKeys = JSON.stringify(updatedEntries)
 await redis.setDroidAccount(accountId, accountData)
logger.warn(
 `⚠️ 已标记 Droid API Key ${keyId} 为异常状态(Account: ${accountId}):${errorMessage}`
 )
return { marked: true }
 } catch (error) {
 logger.error(`❌ 标记 Droid API Key 异常状态失败:${keyId}(Account: ${accountId})`, error)
 return { marked: false, error: error.message }
 }
 }
/**
 * 使用 WorkOS Refresh Token 刷新并验证凭证
 */
 async _refreshTokensWithWorkOS(refreshToken, proxyConfig = null, organizationId = null) {
 if (!refreshToken || typeof refreshToken !== 'string') {
 throw new Error('Refresh Token 无效')
 }
const formData = new URLSearchParams()
 formData.append('grant_type', 'refresh_token')
 formData.append('refresh_token', refreshToken)
 formData.append('client_id', this.workosClientId)
 if (organizationId) {
 formData.append('organization_id', organizationId)
 }
const requestOptions = {
 method: 'POST',
 url: this.oauthTokenUrl,
 headers: {
 'Content-Type': 'application/x-www-form-urlencoded'
 },
 data: formData.toString(),
 timeout: 30000
 }
if (proxyConfig) {
 const proxyAgent = ProxyHelper.createProxyAgent(proxyConfig)
 if (proxyAgent) {
 requestOptions.httpAgent = proxyAgent
 requestOptions.httpsAgent = proxyAgent
 requestOptions.proxy = false
 logger.info(
 `🌐 使用代理验证 Droid Refresh Token: ${ProxyHelper.getProxyDescription(proxyConfig)}`
 )
 }
 }
const response = await axios(requestOptions)
 if (!response.data || !response.data.access_token) {
 throw new Error('WorkOS OAuth 返回数据无效')
 }
const {
 access_token,
 refresh_token,
 user,
 organization_id,
 expires_in,
 token_type,
 authentication_method
 } = response.data
let expiresAt = response.data.expires_at || ''
 if (!expiresAt) {
 const expiresInSeconds =
 typeof expires_in === 'number' && Number.isFinite(expires_in)
 ? expires_in
 : this.tokenValidHours * 3600
 expiresAt = new Date(Date.now() + expiresInSeconds * 1000).toISOString()
 }
return {
 accessToken: access_token,
 refreshToken: refresh_token || refreshToken,
 expiresAt,
 expiresIn: typeof expires_in === 'number' && Number.isFinite(expires_in) ? expires_in : null,
 user: user || null,
 organizationId: organization_id || '',
 tokenType: token_type || 'Bearer',
 authenticationMethod: authentication_method || ''
 }
 }
/**
 * 使用 Factory CLI 接口获取组织 ID 列表
 */
 async _fetchFactoryOrgIds(accessToken, proxyConfig = null) {
 if (!accessToken) {
 return []
 }
const requestOptions = {
 method: 'GET',
 url: 'https://app.factory.ai/api/cli/org',
 headers: {
 Authorization: `Bearer ${accessToken}`,
 'Content-Type': 'application/json',
 Accept: 'application/json',
 'x-factory-client': 'cli',
 'User-Agent': this.userAgent
 },
 timeout: 15000
 }
if (proxyConfig) {
 const proxyAgent = ProxyHelper.createProxyAgent(proxyConfig)
 if (proxyAgent) {
 requestOptions.httpAgent = proxyAgent
 requestOptions.httpsAgent = proxyAgent
 requestOptions.proxy = false
 }
 }
try {
 const response = await axios(requestOptions)
 const data = response.data || {}
 if (Array.isArray(data.workosOrgIds) && data.workosOrgIds.length > 0) {
 return data.workosOrgIds
 }
 logger.warn('⚠️ 未从 Factory CLI 接口获取到 workosOrgIds')
 return []
 } catch (error) {
 logger.warn('⚠️ 获取 Factory 组织信息失败:', error.message)
 return []
 }
 }
/**
 * 创建 Droid 账户
 *
 * @param {Object} options - 账户配置选项
 * @returns {Promise<Object>} 创建的账户信息
 */
 async createAccount(options = {}) {
 const {
 name = 'Unnamed Droid Account',
 description = '',
 refreshToken = '', // WorkOS refresh token
 accessToken = '', // WorkOS access token (可选)
 expiresAt = '', // Token 过期时间
 proxy = null, // { type: 'socks5', host: 'localhost', port: 1080, username: '', password: '' }
 isActive = true,
 accountType = 'shared', // 'dedicated' or 'shared'
 platform = 'droid',
 priority = 50, // 调度优先级 (1-100)
 schedulable = true, // 是否可被调度
 endpointType = 'anthropic', // 默认端点类型: 'anthropic' 或 'openai'
 organizationId = '',
 ownerEmail = '',
 ownerName = '',
 userId = '',
 tokenType = 'Bearer',
 authenticationMethod = '',
 expiresIn = null,
 apiKeys = []
 } = options
const accountId = uuidv4()
const normalizedEndpointType = this._sanitizeEndpointType(endpointType)
let normalizedRefreshToken = refreshToken
 let normalizedAccessToken = accessToken
 let normalizedExpiresAt = expiresAt || ''
 let normalizedExpiresIn = expiresIn
 let normalizedOrganizationId = organizationId || ''
 let normalizedOwnerEmail = ownerEmail || ''
 let normalizedOwnerName = ownerName || ''
 let normalizedOwnerDisplayName = ownerName || ownerEmail || ''
 let normalizedUserId = userId || ''
 let normalizedTokenType = tokenType || 'Bearer'
 let normalizedAuthenticationMethod = authenticationMethod || ''
 let lastRefreshAt = accessToken ? new Date().toISOString() : ''
 let status = accessToken ? 'active' : 'created'
const apiKeyEntries = this._buildApiKeyEntries(apiKeys)
 const hasApiKeys = apiKeyEntries.length > 0
if (hasApiKeys) {
 normalizedAuthenticationMethod = 'api_key'
 normalizedAccessToken = ''
 normalizedRefreshToken = ''
 normalizedExpiresAt = ''
 normalizedExpiresIn = null
 lastRefreshAt = ''
 status = 'active'
 }
const normalizedAuthMethod =
 typeof normalizedAuthenticationMethod === 'string'
 ? normalizedAuthenticationMethod.toLowerCase().trim()
 : ''
const isApiKeyProvision = normalizedAuthMethod === 'api_key'
 const isManualProvision = normalizedAuthMethod === 'manual'
const provisioningMode = isApiKeyProvision ? 'api_key' : isManualProvision ? 'manual' : 'oauth'
if (isApiKeyProvision) {
 logger.info(
 `🔍 [Droid api_key] 初始密钥 - AccountName: ${name}, KeyCount: ${apiKeyEntries.length}`
 )
 } else {
 logger.info(
 `🔍 [Droid ${provisioningMode}] 初始令牌 - AccountName: ${name}, AccessToken: ${
 normalizedAccessToken || '[empty]'
 }, RefreshToken: ${normalizedRefreshToken || '[empty]'}`
 )
 }
let proxyConfig = null
 if (proxy && typeof proxy === 'object') {
 proxyConfig = proxy
 } else if (typeof proxy === 'string' && proxy.trim()) {
 try {
 proxyConfig = JSON.parse(proxy)
 } catch (error) {
 logger.warn('⚠️ Droid 代理配置解析失败,已忽略:', error.message)
 proxyConfig = null
 }
 }
if (!isApiKeyProvision && normalizedRefreshToken && isManualProvision) {
 try {
 const refreshed = await this._refreshTokensWithWorkOS(normalizedRefreshToken, proxyConfig)
logger.info(
 `🔍 [Droid manual] 刷新后令牌 - AccountName: ${name}, AccessToken: ${refreshed.accessToken || '[empty]'}, RefreshToken: ${refreshed.refreshToken || '[empty]'}, ExpiresAt: ${refreshed.expiresAt || '[empty]'}, ExpiresIn: ${
 refreshed.expiresIn !== null && refreshed.expiresIn !== undefined
 ? refreshed.expiresIn
 : '[empty]'
 }`
 )
normalizedAccessToken = refreshed.accessToken
 normalizedRefreshToken = refreshed.refreshToken
 normalizedExpiresAt = refreshed.expiresAt || normalizedExpiresAt
 normalizedTokenType = refreshed.tokenType || normalizedTokenType
 normalizedAuthenticationMethod =
 refreshed.authenticationMethod || normalizedAuthenticationMethod
 if (refreshed.expiresIn !== null) {
 normalizedExpiresIn = refreshed.expiresIn
 }
 if (refreshed.organizationId) {
 normalizedOrganizationId = refreshed.organizationId
 }
if (refreshed.user) {
 const userInfo = refreshed.user
 if (typeof userInfo.email === 'string' && userInfo.email.trim()) {
 normalizedOwnerEmail = userInfo.email.trim()
 }
 const nameParts = []
 if (typeof userInfo.first_name === 'string' && userInfo.first_name.trim()) {
 nameParts.push(userInfo.first_name.trim())
 }
 if (typeof userInfo.last_name === 'string' && userInfo.last_name.trim()) {
 nameParts.push(userInfo.last_name.trim())
 }
 const derivedName =
 nameParts.join(' ').trim() ||
 (typeof userInfo.name === 'string' ? userInfo.name.trim() : '') ||
 (typeof userInfo.display_name === 'string' ? userInfo.display_name.trim() : '')
if (derivedName) {
 normalizedOwnerName = derivedName
 normalizedOwnerDisplayName = derivedName
 } else if (normalizedOwnerEmail) {
 normalizedOwnerName = normalizedOwnerName || normalizedOwnerEmail
 normalizedOwnerDisplayName =
 normalizedOwnerDisplayName || normalizedOwnerEmail || normalizedOwnerName
 }
if (typeof userInfo.id === 'string' && userInfo.id.trim()) {
 normalizedUserId = userInfo.id.trim()
 }
 }
lastRefreshAt = new Date().toISOString()
 status = 'active'
 logger.success(`✅ 使用 Refresh Token 成功验证并刷新 Droid 账户: ${name} (${accountId})`)
 } catch (error) {
 logger.error('❌ 使用 Refresh Token 验证 Droid 账户失败:', error)
 throw new Error(`Refresh Token 验证失败:${error.message}`)
 }
 } else if (!isApiKeyProvision && normalizedRefreshToken && !isManualProvision) {
 try {
 const orgIds = await this._fetchFactoryOrgIds(normalizedAccessToken, proxyConfig)
 const selectedOrgId =
 normalizedOrganizationId ||
 (Array.isArray(orgIds)
 ? orgIds.find((id) => typeof id === 'string' && id.trim())
 : null) ||
 ''
if (!selectedOrgId) {
 logger.warn(`⚠️ [Droid oauth] 未获取到组织ID,跳过 WorkOS 刷新: ${name} (${accountId})`)
 } else {
 const refreshed = await this._refreshTokensWithWorkOS(
 normalizedRefreshToken,
 proxyConfig,
 selectedOrgId
 )
logger.info(
 `🔍 [Droid oauth] 组织刷新后令牌 - AccountName: ${name}, AccessToken: ${refreshed.accessToken || '[empty]'}, RefreshToken: ${refreshed.refreshToken || '[empty]'}, OrganizationId: ${
 refreshed.organizationId || selectedOrgId
 }, ExpiresAt: ${refreshed.expiresAt || '[empty]'}`
 )
normalizedAccessToken = refreshed.accessToken
 normalizedRefreshToken = refreshed.refreshToken
 normalizedExpiresAt = refreshed.expiresAt || normalizedExpiresAt
 normalizedTokenType = refreshed.tokenType || normalizedTokenType
 normalizedAuthenticationMethod =
 refreshed.authenticationMethod || normalizedAuthenticationMethod
 if (refreshed.expiresIn !== null && refreshed.expiresIn !== undefined) {
 normalizedExpiresIn = refreshed.expiresIn
 }
 if (refreshed.organizationId) {
 normalizedOrganizationId = refreshed.organizationId
 } else {
 normalizedOrganizationId = selectedOrgId
 }
if (refreshed.user) {
 const userInfo = refreshed.user
 if (typeof userInfo.email === 'string' && userInfo.email.trim()) {
 normalizedOwnerEmail = userInfo.email.trim()
 }
 const nameParts = []
 if (typeof userInfo.first_name === 'string' && userInfo.first_name.trim()) {
 nameParts.push(userInfo.first_name.trim())
 }
 if (typeof userInfo.last_name === 'string' && userInfo.last_name.trim()) {
 nameParts.push(userInfo.last_name.trim())
 }
 const derivedName =
 nameParts.join(' ').trim() ||
 (typeof userInfo.name === 'string' ? userInfo.name.trim() : '') ||
 (typeof userInfo.display_name === 'string' ? userInfo.display_name.trim() : '')
if (derivedName) {
 normalizedOwnerName = derivedName
 normalizedOwnerDisplayName = derivedName
 } else if (normalizedOwnerEmail) {
 normalizedOwnerName = normalizedOwnerName || normalizedOwnerEmail
 normalizedOwnerDisplayName =
 normalizedOwnerDisplayName || normalizedOwnerEmail || normalizedOwnerName
 }
if (typeof userInfo.id === 'string' && userInfo.id.trim()) {
 normalizedUserId = userInfo.id.trim()
 }
 }
lastRefreshAt = new Date().toISOString()
 status = 'active'
 }
 } catch (error) {
 logger.warn(`⚠️ [Droid oauth] 初始化刷新失败: ${name} (${accountId}) - ${error.message}`)
 }
 }
if (!isApiKeyProvision && !normalizedExpiresAt) {
 let expiresInSeconds = null
 if (typeof normalizedExpiresIn === 'number' && Number.isFinite(normalizedExpiresIn)) {
 expiresInSeconds = normalizedExpiresIn
 } else if (
 typeof normalizedExpiresIn === 'string' &&
 normalizedExpiresIn.trim() &&
 !Number.isNaN(Number(normalizedExpiresIn))
 ) {
 expiresInSeconds = Number(normalizedExpiresIn)
 }
if (!Number.isFinite(expiresInSeconds) || expiresInSeconds <= 0) {
 expiresInSeconds = this.tokenValidHours * 3600
 }
normalizedExpiresAt = new Date(Date.now() + expiresInSeconds * 1000).toISOString()
 normalizedExpiresIn = expiresInSeconds
 }
logger.info(
 `🔍 [Droid ${provisioningMode}] 写入前令牌快照 - AccountName: ${name}, AccessToken: ${normalizedAccessToken || '[empty]'}, RefreshToken: ${normalizedRefreshToken || '[empty]'}, ExpiresAt: ${normalizedExpiresAt || '[empty]'}, ExpiresIn: ${
 normalizedExpiresIn !== null && normalizedExpiresIn !== undefined
 ? normalizedExpiresIn
 : '[empty]'
 }`
 )
const accountData = {
 id: accountId,
 name,
 description,
 refreshToken: this._encryptSensitiveData(normalizedRefreshToken),
 accessToken: this._encryptSensitiveData(normalizedAccessToken),
 expiresAt: normalizedExpiresAt || '', // OAuth Token 过期时间(技术字段,自动刷新)
// ✅ 新增:账户订阅到期时间(业务字段,手动管理)
 subscriptionExpiresAt: options.subscriptionExpiresAt || null,
proxy: proxy ? JSON.stringify(proxy) : '',
 isActive: isActive.toString(),
 accountType,
 platform,
 priority: priority.toString(),
 createdAt: new Date().toISOString(),
 lastUsedAt: '',
 lastRefreshAt,
 status, // created, active, expired, error
 errorMessage: '',
 schedulable: schedulable.toString(),
 endpointType: normalizedEndpointType, // anthropic 或 openai
 organizationId: normalizedOrganizationId || '',
 owner: normalizedOwnerName || normalizedOwnerEmail || '',
 ownerEmail: normalizedOwnerEmail || '',
 ownerName: normalizedOwnerName || '',
 ownerDisplayName:
 normalizedOwnerDisplayName || normalizedOwnerName || normalizedOwnerEmail || '',
 userId: normalizedUserId || '',
 tokenType: normalizedTokenType || 'Bearer',
 authenticationMethod: normalizedAuthenticationMethod || '',
 expiresIn:
 normalizedExpiresIn !== null && normalizedExpiresIn !== undefined
 ? String(normalizedExpiresIn)
 : '',
 apiKeys: hasApiKeys ? JSON.stringify(apiKeyEntries) : '',
 apiKeyCount: hasApiKeys ? String(apiKeyEntries.length) : '0',
 apiKeyStrategy: hasApiKeys ? 'random_sticky' : ''
 }
await redis.setDroidAccount(accountId, accountData)
logger.success(
 `🏢 Created Droid account: ${name} (${accountId}) - Endpoint: ${normalizedEndpointType}`
 )
try {
 const verifyAccount = await this.getAccount(accountId)
 logger.info(
 `🔍 [Droid ${provisioningMode}] Redis 写入后验证 - AccountName: ${name}, AccessToken: ${verifyAccount?.accessToken || '[empty]'}, RefreshToken: ${verifyAccount?.refreshToken || '[empty]'}, ExpiresAt: ${verifyAccount?.expiresAt || '[empty]'}`
 )
 } catch (verifyError) {
 logger.warn(
 `⚠️ [Droid ${provisioningMode}] 写入后验证失败: ${name} (${accountId}) - ${verifyError.message}`
 )
 }
 return { id: accountId, ...accountData }
 }
/**
 * 获取 Droid 账户信息
 */
 async getAccount(accountId) {
 const account = await redis.getDroidAccount(accountId)
 if (!account || Object.keys(account).length === 0) {
 return null
 }
// 解密敏感数据
 const apiKeyEntries = this._parseApiKeyEntries(account.apiKeys)
return {
 ...account,
 id: accountId,
 endpointType: this._sanitizeEndpointType(account.endpointType),
 refreshToken: this._decryptSensitiveData(account.refreshToken),
 accessToken: this._decryptSensitiveData(account.accessToken),
 apiKeys: this._maskApiKeyEntries(apiKeyEntries),
 apiKeyCount: apiKeyEntries.length
 }
 }
/**
 * 获取所有 Droid 账户
 */
 async getAllAccounts() {
 const accounts = await redis.getAllDroidAccounts()
 return accounts.map((account) => ({
 ...account,
 endpointType: this._sanitizeEndpointType(account.endpointType),
 // 不解密完整 token,只返回掩码
 refreshToken: account.refreshToken ? '***ENCRYPTED***' : '',
 accessToken: account.accessToken
 ? maskToken(this._decryptSensitiveData(account.accessToken))
 : '',
// ✅ 前端显示订阅过期时间(业务字段)
 expiresAt: account.subscriptionExpiresAt || null,
 platform: account.platform || 'droid',
apiKeyCount: (() => {
 const parsedCount = this._parseApiKeyEntries(account.apiKeys).length
 if (account.apiKeyCount === undefined || account.apiKeyCount === null) {
 return parsedCount
 }
 const numeric = Number(account.apiKeyCount)
 return Number.isFinite(numeric) && numeric >= 0 ? numeric : parsedCount
 })()
 }))
 }
/**
 * 更新 Droid 账户
 */
 async updateAccount(accountId, updates) {
 const account = await this.getAccount(accountId)
 if (!account) {
 throw new Error(`Droid account not found: ${accountId}`)
 }
const storedAccount = await redis.getDroidAccount(accountId)
 const hasStoredAccount =
 storedAccount && typeof storedAccount === 'object' && Object.keys(storedAccount).length > 0
 const sanitizedUpdates = { ...updates }
if (typeof sanitizedUpdates.accessToken === 'string') {
 sanitizedUpdates.accessToken = sanitizedUpdates.accessToken.trim()
 }
 if (typeof sanitizedUpdates.refreshToken === 'string') {
 sanitizedUpdates.refreshToken = sanitizedUpdates.refreshToken.trim()
 }
if (sanitizedUpdates.endpointType) {
 sanitizedUpdates.endpointType = this._sanitizeEndpointType(sanitizedUpdates.endpointType)
 }
const parseProxyConfig = (value) => {
 if (!value) {
 return null
 }
 if (typeof value === 'object') {
 return value
 }
 if (typeof value === 'string' && value.trim()) {
 try {
 return JSON.parse(value)
 } catch (error) {
 logger.warn('⚠️ Failed to parse stored Droid proxy config:', error.message)
 }
 }
 return null
 }
let proxyConfig = null
 if (updates.proxy !== undefined) {
 if (updates.proxy && typeof updates.proxy === 'object') {
 proxyConfig = updates.proxy
 sanitizedUpdates.proxy = JSON.stringify(updates.proxy)
 } else if (typeof updates.proxy === 'string' && updates.proxy.trim()) {
 proxyConfig = parseProxyConfig(updates.proxy)
 sanitizedUpdates.proxy = updates.proxy
 } else {
 sanitizedUpdates.proxy = ''
 }
 } else if (account.proxy) {
 proxyConfig = parseProxyConfig(account.proxy)
 }
const hasNewRefreshToken =
 typeof sanitizedUpdates.refreshToken === 'string' && sanitizedUpdates.refreshToken
if (hasNewRefreshToken) {
 try {
 const refreshed = await this._refreshTokensWithWorkOS(
 sanitizedUpdates.refreshToken,
 proxyConfig
 )
sanitizedUpdates.accessToken = refreshed.accessToken
 sanitizedUpdates.refreshToken = refreshed.refreshToken || sanitizedUpdates.refreshToken
 sanitizedUpdates.expiresAt =
 refreshed.expiresAt || sanitizedUpdates.expiresAt || account.expiresAt || ''
if (refreshed.expiresIn !== null && refreshed.expiresIn !== undefined) {
 sanitizedUpdates.expiresIn = String(refreshed.expiresIn)
 }
sanitizedUpdates.tokenType = refreshed.tokenType || account.tokenType || 'Bearer'
 sanitizedUpdates.authenticationMethod =
 refreshed.authenticationMethod || account.authenticationMethod || ''
 sanitizedUpdates.organizationId =
 sanitizedUpdates.organizationId ||
 refreshed.organizationId ||
 account.organizationId ||
 ''
 sanitizedUpdates.lastRefreshAt = new Date().toISOString()
 sanitizedUpdates.status = 'active'
 sanitizedUpdates.errorMessage = ''
if (refreshed.user) {
 const userInfo = refreshed.user
 const email = typeof userInfo.email === 'string' ? userInfo.email.trim() : ''
 if (email) {
 sanitizedUpdates.ownerEmail = email
 }
const nameParts = []
 if (typeof userInfo.first_name === 'string' && userInfo.first_name.trim()) {
 nameParts.push(userInfo.first_name.trim())
 }
 if (typeof userInfo.last_name === 'string' && userInfo.last_name.trim()) {
 nameParts.push(userInfo.last_name.trim())
 }
const derivedName =
 nameParts.join(' ').trim() ||
 (typeof userInfo.name === 'string' ? userInfo.name.trim() : '') ||
 (typeof userInfo.display_name === 'string' ? userInfo.display_name.trim() : '')
if (derivedName) {
 sanitizedUpdates.ownerName = derivedName
 sanitizedUpdates.ownerDisplayName = derivedName
 sanitizedUpdates.owner = derivedName
 } else if (sanitizedUpdates.ownerEmail) {
 sanitizedUpdates.ownerName = sanitizedUpdates.ownerName || sanitizedUpdates.ownerEmail
 sanitizedUpdates.ownerDisplayName =
 sanitizedUpdates.ownerDisplayName || sanitizedUpdates.ownerEmail
 sanitizedUpdates.owner = sanitizedUpdates.owner || sanitizedUpdates.ownerEmail
 }
if (typeof userInfo.id === 'string' && userInfo.id.trim()) {
 sanitizedUpdates.userId = userInfo.id.trim()
 }
 }
 } catch (error) {
 logger.error('❌ 使用新的 Refresh Token 更新 Droid 账户失败:', error)
 throw new Error(`Refresh Token 验证失败:${error.message || '未知错误'}`)
 }
 }
// ✅ 如果通过路由映射更新了 subscriptionExpiresAt,直接保存
 // subscriptionExpiresAt 是业务字段,与 token 刷新独立
 if (sanitizedUpdates.subscriptionExpiresAt !== undefined) {
 // 直接保存,不做任何调整
 }
if (sanitizedUpdates.proxy === undefined) {
 sanitizedUpdates.proxy = account.proxy || ''
 }
// 使用 Redis 中的原始数据获取加密的 API Key 条目
 const existingApiKeyEntries = this._parseApiKeyEntries(
 hasStoredAccount && Object.prototype.hasOwnProperty.call(storedAccount, 'apiKeys')
 ? storedAccount.apiKeys
 : ''
 )
 const newApiKeysInput = Array.isArray(updates.apiKeys) ? updates.apiKeys : []
 const removeApiKeysInput = Array.isArray(updates.removeApiKeys) ? updates.removeApiKeys : []
 const wantsClearApiKeys = Boolean(updates.clearApiKeys)
 const rawApiKeyMode =
 typeof updates.apiKeyUpdateMode === 'string'
 ? updates.apiKeyUpdateMode.trim().toLowerCase()
 : ''
let apiKeyUpdateMode = ['append', 'replace', 'delete', 'update'].includes(rawApiKeyMode)
 ? rawApiKeyMode
 : ''
if (!apiKeyUpdateMode) {
 if (wantsClearApiKeys) {
 apiKeyUpdateMode = 'replace'
 } else if (removeApiKeysInput.length > 0) {
 apiKeyUpdateMode = 'delete'
 } else {
 apiKeyUpdateMode = 'append'
 }
 }
if (sanitizedUpdates.apiKeys !== undefined) {
 delete sanitizedUpdates.apiKeys
 }
 if (sanitizedUpdates.clearApiKeys !== undefined) {
 delete sanitizedUpdates.clearApiKeys
 }
 if (sanitizedUpdates.apiKeyUpdateMode !== undefined) {
 delete sanitizedUpdates.apiKeyUpdateMode
 }
 if (sanitizedUpdates.removeApiKeys !== undefined) {
 delete sanitizedUpdates.removeApiKeys
 }
let mergedApiKeys = existingApiKeyEntries
 let apiKeysUpdated = false
 let addedCount = 0
 let removedCount = 0
if (apiKeyUpdateMode === 'delete') {
 const removalHashes = new Set()
for (const candidate of removeApiKeysInput) {
 if (typeof candidate !== 'string') {
 continue
 }
 const trimmed = candidate.trim()
 if (!trimmed) {
 continue
 }
 const hash = crypto.createHash('sha256').update(trimmed).digest('hex')
 removalHashes.add(hash)
 }
if (removalHashes.size > 0) {
 mergedApiKeys = existingApiKeyEntries.filter(
 (entry) => entry && entry.hash && !removalHashes.has(entry.hash)
 )
 removedCount = existingApiKeyEntries.length - mergedApiKeys.length
 apiKeysUpdated = removedCount > 0
if (!apiKeysUpdated) {
 logger.warn(
 `⚠️ 删除模式未匹配任何 Droid API Key: ${accountId} (提供 ${removalHashes.size} 条)`
 )
 }
 } else if (removeApiKeysInput.length > 0) {
 logger.warn(`⚠️ 删除模式未收到有效的 Droid API Key: ${accountId}`)
 }
 } else if (apiKeyUpdateMode === 'update') {
 // 更新模式:根据提供的 key 匹配现有条目并更新状态
 mergedApiKeys = [...existingApiKeyEntries]
 const updatedHashes = new Set()
for (const updateItem of newApiKeysInput) {
 if (!updateItem || typeof updateItem !== 'object') {
 continue
 }
const key = updateItem.key || updateItem.apiKey || ''
 if (!key || typeof key !== 'string') {
 continue
 }
const trimmed = key.trim()
 if (!trimmed) {
 continue
 }
const hash = crypto.createHash('sha256').update(trimmed).digest('hex')
 updatedHashes.add(hash)
// 查找现有条目
 const existingIndex = mergedApiKeys.findIndex((entry) => entry && entry.hash === hash)
if (existingIndex !== -1) {
 // 更新现有条目的状态信息
 const existingEntry = mergedApiKeys[existingIndex]
 mergedApiKeys[existingIndex] = {
 ...existingEntry,
 status: updateItem.status || existingEntry.status || 'active',
 errorMessage:
 updateItem.errorMessage !== undefined
 ? updateItem.errorMessage
 : existingEntry.errorMessage || '',
 lastUsedAt:
 updateItem.lastUsedAt !== undefined
 ? updateItem.lastUsedAt
 : existingEntry.lastUsedAt || '',
 usageCount:
 updateItem.usageCount !== undefined
 ? String(updateItem.usageCount)
 : existingEntry.usageCount || '0'
 }
 apiKeysUpdated = true
 }
 }
if (!apiKeysUpdated) {
 logger.warn(
 `⚠️ 更新模式未匹配任何 Droid API Key: ${accountId} (提供 ${updatedHashes.size} 个哈希)`
 )
 }
 } else {
 const clearExisting = apiKeyUpdateMode === 'replace' || wantsClearApiKeys
 const baselineCount = clearExisting ? 0 : existingApiKeyEntries.length
mergedApiKeys = this._buildApiKeyEntries(
 newApiKeysInput,
 existingApiKeyEntries,
 clearExisting
 )
addedCount = Math.max(mergedApiKeys.length - baselineCount, 0)
 apiKeysUpdated = clearExisting || addedCount > 0
 }
if (apiKeysUpdated) {
 sanitizedUpdates.apiKeys = mergedApiKeys.length ? JSON.stringify(mergedApiKeys) : ''
 sanitizedUpdates.apiKeyCount = String(mergedApiKeys.length)
if (apiKeyUpdateMode === 'delete') {
 logger.info(
 `🔑 删除模式更新 Droid API keys for ${accountId}: 已移除 ${removedCount} 条,剩余 ${mergedApiKeys.length}`
 )
 } else if (apiKeyUpdateMode === 'update') {
 logger.info(
 `🔑 更新模式更新 Droid API keys for ${accountId}: 更新了 ${newApiKeysInput.length} 个 API Key 的状态信息`
 )
 } else if (apiKeyUpdateMode === 'replace' || wantsClearApiKeys) {
 logger.info(
 `🔑 覆盖模式更新 Droid API keys for ${accountId}: 当前总数 ${mergedApiKeys.length},新增 ${addedCount}`
 )
 } else {
 logger.info(
 `🔑 追加模式更新 Droid API keys for ${accountId}: 当前总数 ${mergedApiKeys.length},新增 ${addedCount}`
 )
 }
if (mergedApiKeys.length > 0) {
 sanitizedUpdates.authenticationMethod = 'api_key'
 sanitizedUpdates.status = sanitizedUpdates.status || 'active'
 } else if (!sanitizedUpdates.accessToken && !account.accessToken) {
 const shouldPreserveApiKeyMode =
 account.authenticationMethod &&
 account.authenticationMethod.toLowerCase().trim() === 'api_key' &&
 (apiKeyUpdateMode === 'replace' || apiKeyUpdateMode === 'delete')
sanitizedUpdates.authenticationMethod = shouldPreserveApiKeyMode
 ? 'api_key'
 : account.authenticationMethod === 'api_key'
 ? ''
 : account.authenticationMethod
 }
 }
const encryptedUpdates = { ...sanitizedUpdates }
if (sanitizedUpdates.refreshToken !== undefined) {
 encryptedUpdates.refreshToken = this._encryptSensitiveData(sanitizedUpdates.refreshToken)
 }
 if (sanitizedUpdates.accessToken !== undefined) {
 encryptedUpdates.accessToken = this._encryptSensitiveData(sanitizedUpdates.accessToken)
 }
const baseAccountData = hasStoredAccount ? { ...storedAccount } : { id: accountId }
const updatedData = {
 ...baseAccountData,
 ...encryptedUpdates
 }
if (!Object.prototype.hasOwnProperty.call(updatedData, 'refreshToken')) {
 updatedData.refreshToken =
 hasStoredAccount && Object.prototype.hasOwnProperty.call(storedAccount, 'refreshToken')
 ? storedAccount.refreshToken
 : this._encryptSensitiveData(account.refreshToken)
 }
if (!Object.prototype.hasOwnProperty.call(updatedData, 'accessToken')) {
 updatedData.accessToken =
 hasStoredAccount && Object.prototype.hasOwnProperty.call(storedAccount, 'accessToken')
 ? storedAccount.accessToken
 : this._encryptSensitiveData(account.accessToken)
 }
if (!Object.prototype.hasOwnProperty.call(updatedData, 'proxy')) {
 updatedData.proxy = hasStoredAccount ? storedAccount.proxy || '' : account.proxy || ''
 }
await redis.setDroidAccount(accountId, updatedData)
 logger.info(`✅ Updated Droid account: ${accountId}`)
return this.getAccount(accountId)
 }
/**
 * 删除 Droid 账户
 */
 async deleteAccount(accountId) {
 await redis.deleteDroidAccount(accountId)
 logger.success(`🗑️ Deleted Droid account: ${accountId}`)
 }
/**
 * 刷新 Droid 账户的 access token
 *
 * 使用 WorkOS OAuth refresh token 刷新 access token
 */
 async refreshAccessToken(accountId, proxyConfig = null) {
 const account = await this.getAccount(accountId)
 if (!account) {
 throw new Error(`Droid account not found: ${accountId}`)
 }
if (!account.refreshToken) {
 throw new Error(`Droid account ${accountId} has no refresh token`)
 }
logger.info(`🔄 Refreshing Droid account token: ${account.name} (${accountId})`)
try {
 const proxy = proxyConfig || (account.proxy ? JSON.parse(account.proxy) : null)
 const refreshed = await this._refreshTokensWithWorkOS(
 account.refreshToken,
 proxy,
 account.organizationId || null
 )
// 更新账户信息
 await this.updateAccount(accountId, {
 accessToken: refreshed.accessToken,
 refreshToken: refreshed.refreshToken || account.refreshToken,
 expiresAt: refreshed.expiresAt,
 expiresIn:
 refreshed.expiresIn !== null && refreshed.expiresIn !== undefined
 ? String(refreshed.expiresIn)
 : account.expiresIn,
 tokenType: refreshed.tokenType || account.tokenType || 'Bearer',
 authenticationMethod: refreshed.authenticationMethod || account.authenticationMethod || '',
 organizationId: refreshed.organizationId || account.organizationId,
 lastRefreshAt: new Date().toISOString(),
 status: 'active',
 errorMessage: ''
 })
// 记录用户信息
 if (refreshed.user) {
 const { user } = refreshed
 const updates = {}
 logger.info(
 `✅ Droid token refreshed for: ${user.email} (${user.first_name} ${user.last_name})`
 )
 logger.info(` Organization ID: ${refreshed.organizationId || 'N/A'}`)
if (typeof user.email === 'string' && user.email.trim()) {
 updates.ownerEmail = user.email.trim()
 }
 const nameParts = []
 if (typeof user.first_name === 'string' && user.first_name.trim()) {
 nameParts.push(user.first_name.trim())
 }
 if (typeof user.last_name === 'string' && user.last_name.trim()) {
 nameParts.push(user.last_name.trim())
 }
 const derivedName =
 nameParts.join(' ').trim() ||
 (typeof user.name === 'string' ? user.name.trim() : '') ||
 (typeof user.display_name === 'string' ? user.display_name.trim() : '')
if (derivedName) {
 updates.ownerName = derivedName
 updates.ownerDisplayName = derivedName
 updates.owner = derivedName
 } else if (updates.ownerEmail) {
 updates.owner = updates.ownerEmail
 updates.ownerName = updates.ownerEmail
 updates.ownerDisplayName = updates.ownerEmail
 }
if (typeof user.id === 'string' && user.id.trim()) {
 updates.userId = user.id.trim()
 }
if (Object.keys(updates).length > 0) {
 await this.updateAccount(accountId, updates)
 }
 }
logger.success(`✅ Droid account token refreshed successfully: ${accountId}`)
return {
 accessToken: refreshed.accessToken,
 refreshToken: refreshed.refreshToken || account.refreshToken,
 expiresAt: refreshed.expiresAt
 }
 } catch (error) {
 logger.error(`❌ Failed to refresh Droid account token: ${accountId}`, error)
// 更新账户状态为错误
 await this.updateAccount(accountId, {
 status: 'error',
 errorMessage: error.message || 'Token refresh failed'
 })
throw error
 }
 }
/**
 * 检查 token 是否需要刷新
 */
 shouldRefreshToken(account) {
 if (!account.lastRefreshAt) {
 return true // 从未刷新过
 }
const lastRefreshTime = new Date(account.lastRefreshAt).getTime()
 const hoursSinceRefresh = (Date.now() - lastRefreshTime) / (1000 * 60 * 60)
return hoursSinceRefresh >= this.refreshIntervalHours
 }
/**
 * 检查账户订阅是否过期
 * @param {Object} account - 账户对象
 * @returns {boolean} - true: 已过期, false: 未过期
 */
 isSubscriptionExpired(account) {
 if (!account.subscriptionExpiresAt) {
 return false // 未设置视为永不过期
 }
 const expiryDate = new Date(account.subscriptionExpiresAt)
 return expiryDate <= new Date()
 }
/**
 * 获取有效的 access token(自动刷新)
 */
 async getValidAccessToken(accountId) {
 let account = await this.getAccount(accountId)
 if (!account) {
 throw new Error(`Droid account not found: ${accountId}`)
 }
if (
 typeof account.authenticationMethod === 'string' &&
 account.authenticationMethod.toLowerCase().trim() === 'api_key'
 ) {
 throw new Error(`Droid account ${accountId} 已配置为 API Key 模式,不能获取 Access Token`)
 }
// 检查是否需要刷新
 if (this.shouldRefreshToken(account)) {
 logger.info(`🔄 Droid account token needs refresh: ${accountId}`)
 const proxyConfig = account.proxy ? JSON.parse(account.proxy) : null
 await this.refreshAccessToken(accountId, proxyConfig)
 account = await this.getAccount(accountId)
 }
if (!account.accessToken) {
 throw new Error(`Droid account ${accountId} has no valid access token`)
 }
return account.accessToken
 }
/**
 * 获取可调度的 Droid 账户列表
 */
 async getSchedulableAccounts(endpointType = null) {
 const allAccounts = await redis.getAllDroidAccounts()
const normalizedFilter = endpointType ? this._sanitizeEndpointType(endpointType) : null
return allAccounts
 .filter((account) => {
 const isActive = this._isTruthy(account.isActive)
 const isSchedulable = this._isTruthy(account.schedulable)
 const status = typeof account.status === 'string' ? account.status.toLowerCase() : ''
// ✅ 检查账户订阅是否过期
 if (this.isSubscriptionExpired(account)) {
 logger.debug(
 `⏰ Skipping expired Droid account: ${account.name}, expired at ${account.subscriptionExpiresAt}`
 )
 return false
 }
if (!isActive || !isSchedulable || status !== 'active') {
 return false
 }
if (!normalizedFilter) {
 return true
 }
const accountEndpoint = this._sanitizeEndpointType(account.endpointType)
if (normalizedFilter === 'openai') {
 return accountEndpoint === 'openai' || accountEndpoint === 'anthropic'
 }
if (normalizedFilter === 'anthropic') {
 return accountEndpoint === 'anthropic' || accountEndpoint === 'openai'
 }
return accountEndpoint === normalizedFilter
 })
 .map((account) => ({
 ...account,
 endpointType: this._sanitizeEndpointType(account.endpointType),
 priority: parseInt(account.priority, 10) || 50,
 // 解密 accessToken 用于使用
 accessToken: this._decryptSensitiveData(account.accessToken)
 }))
 .sort((a, b) => a.priority - b.priority) // 按优先级排序
 }
/**
 * 选择一个可用的 Droid 账户(简单轮询)
 */
 async selectAccount(endpointType = null) {
 let accounts = await this.getSchedulableAccounts(endpointType)
if (accounts.length === 0 && endpointType) {
 logger.warn(
 `No Droid accounts found for endpoint ${endpointType}, falling back to any available account`
 )
 accounts = await this.getSchedulableAccounts(null)
 }
if (accounts.length === 0) {
 throw new Error(
 `No schedulable Droid accounts available${endpointType ? ` for endpoint type: ${endpointType}` : ''}`
 )
 }
// 简单轮询:选择最高优先级且最久未使用的账户
 let selectedAccount = accounts[0]
 for (const account of accounts) {
 if (account.priority < selectedAccount.priority) {
 selectedAccount = account
 } else if (account.priority === selectedAccount.priority) {
 // 相同优先级,选择最久未使用的
 const selectedLastUsed = new Date(selectedAccount.lastUsedAt || 0).getTime()
 const accountLastUsed = new Date(account.lastUsedAt || 0).getTime()
 if (accountLastUsed < selectedLastUsed) {
 selectedAccount = account
 }
 }
 }
// 更新最后使用时间
 await this.updateAccount(selectedAccount.id, {
 lastUsedAt: new Date().toISOString()
 })
logger.info(
 `✅ Selected Droid account: ${selectedAccount.name} (${selectedAccount.id}) - Endpoint: ${this._sanitizeEndpointType(selectedAccount.endpointType)}`
 )
return selectedAccount
 }
/**
 * 获取 Factory.ai API 的完整 URL
 */
 getFactoryApiUrl(endpointType, endpoint) {
 const normalizedType = this._sanitizeEndpointType(endpointType)
 const baseUrls = {
 anthropic: `${this.factoryApiBaseUrl}/a${endpoint}`,
 openai: `${this.factoryApiBaseUrl}/o${endpoint}`
 }
return baseUrls[normalizedType] || baseUrls.openai
 }
async touchLastUsedAt(accountId) {
 if (!accountId) {
 return
 }
try {
 const client = redis.getClientSafe()
 await client.hset(`droid:account:${accountId}`, 'lastUsedAt', new Date().toISOString())
 } catch (error) {
 logger.warn(`⚠️ Failed to update lastUsedAt for Droid account ${accountId}:`, error)
 }
 }
}
// 导出单例
module.exports = new DroidAccountService()