@@ -18,6 +18,19 @@ type LimitsCacheEntry = {
|
18 | 18 | }; |
19 | 19 | const limitsCache = new Map<string, LimitsCacheEntry>(); |
20 | 20 | |
| 21 | +// Map a per-turn auth signal — which may be the auth *mechanism* (e.g. |
| 22 | +// "auth-profile"), not a credential *type* — to the usage-credential vocabulary |
| 23 | +// resolveUsageProviderId expects. api-key/aws-sdk resolve NO usage provider, so an |
| 24 | +// api-key turn never resolves "openai" and cannot borrow cached oauth windows; |
| 25 | +// oauth/token/auth-profile and a missing signal are usage-eligible, and the actual |
| 26 | +// credential is re-checked at fetch time before any usage request is made. |
| 27 | +function toUsageCredentialType(raw: string | null | undefined): string { |
| 28 | +if (raw === "api-key" || raw === "aws-sdk") { |
| 29 | +return raw; |
| 30 | +} |
| 31 | +return raw === "token" ? "token" : "oauth"; |
| 32 | +} |
| 33 | + |
21 | 34 | // Resolve the active provider to a usage-capable id and load its windows. Returns |
22 | 35 | // undefined when the provider has no core-known usage (e.g. api-key-only or an |
23 | 36 | // unmapped provider). Cached per usage-provider for 60s so a per-reply snapshot |
@@ -26,12 +39,8 @@ export async function getProviderUsageLimits(
|
26 | 39 | provider: string | undefined | null, |
27 | 40 | options?: { credentialType?: string | null; timeoutMs?: number; now?: number }, |
28 | 41 | ): Promise<ReplyUsageLimits | undefined> { |
29 | | -// Pass the turn's real credential type through unchanged. Do NOT default to |
30 | | -// "oauth": resolveUsageProviderId only returns the OpenAI usage provider for |
31 | | -// oauth/token, so defaulting would attach OAuth/ChatGPT windows to an API-key |
32 | | -// turn. A missing credential type ⇒ no OpenAI limits (correct, not OAuth). |
33 | 42 | const usageId = resolveUsageProviderId(provider, { |
34 | | -credentialType: options?.credentialType ?? null, |
| 43 | +credentialType: toUsageCredentialType(options?.credentialType), |
35 | 44 | }); |
36 | 45 | if (!usageId) { |
37 | 46 | return undefined; |
@@ -107,12 +116,8 @@ export function getProviderUsageLimitsCached(
|
107 | 116 | provider: string | undefined | null, |
108 | 117 | options?: { credentialType?: string | null; timeoutMs?: number }, |
109 | 118 | ): ReplyUsageLimits | undefined { |
110 | | -// Pass the turn's real credential type through unchanged. Do NOT default to |
111 | | -// "oauth": resolveUsageProviderId only returns the OpenAI usage provider for |
112 | | -// oauth/token, so defaulting would attach OAuth/ChatGPT windows to an API-key |
113 | | -// turn. A missing credential type ⇒ no OpenAI limits (correct, not OAuth). |
114 | 119 | const usageId = resolveUsageProviderId(provider, { |
115 | | -credentialType: options?.credentialType ?? null, |
| 120 | +credentialType: toUsageCredentialType(options?.credentialType), |
116 | 121 | }); |
117 | 122 | if (!usageId) { |
118 | 123 | return undefined; |
|