GitLab

Cherry-picked from release/custom-0.1.106: a9117600

feat(redeem): support negative values for refund/deduction

feat(openai): OpenAI OAuth 账号管理增强：订阅状态、隐私设置、Token 刷新修复

fix(antigravity): 修复批量刷新令牌不设置隐私模式的问题

Allow redeem codes with negative values to enable refund scenarios:
- Balance: negative value deducts balance (clamped to 0, never negative)
- Concurrency: negative value reduces concurrency (clamped to 0)
- Subscription: negative validity_days reduces remaining days; if
  remaining days <= 0, the subscription is canceled (set to expired)

All deductions generate standard redeem code records for audit trail.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

从 /backend-api/accounts/check 的 entitlement.expires_at 提取订阅
到期日期，每次 token 刷新时更新并存入 credentials，前端账号列表
的订阅类型和隐私下方以灰色小字显示（仅非 Free 账号）。
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

1. CreateAccount 补齐 OpenAI OAuth 隐私入口（与 BatchCreate 对齐）
2. disableOpenAITraining 请求头修正：覆盖 ImpersonateChrome() 的
   浏览器导航默认头（accept: text/html, sec-fetch-mode: navigate），
   改为 API 请求语义（Accept: application/json, sec-fetch-mode: cors），
   避免 Cloudflare 将 PATCH API 请求误判为异常导航流量而拦截
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Prevents token silent expiry during 7-day rate limit periods.

Made-with: Cursor

- ratelimit_service: detect non-standard OpenAI 401 format and permanently disable account
- account_test_service: mark account error on 401 during connection test

Made-with: Cursor

账号订阅类型可能每月变化，id_token 中的 plan_type 是签发时的快照，
不一定反映当前状态。移除 plan_type == "" 前置条件，确保每次刷新都
调用 ChatGPT backend-api 获取实时订阅类型并覆盖旧值。
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

- refreshSingleAccount ProjectIDMissing 提前返回前补上 EnsureAntigravityPrivacy 调用
- EnsureAntigravityPrivacy 跳过条件从"有任何值"改为"仅 privacy_set 成功时跳过"，
  privacy_set_failed 允许重试，对齐 OpenAI shouldSkipOpenAIPrivacyEnsure 的行为
- 后台 TokenRefreshService.ensureAntigravityPrivacy 同步修改
- ExchangeCode/ValidateRefreshToken 获得令牌后立即调用 setAntigravityPrivacy，
  不依赖后续账号创建流程

Made-with: Cursor

fix(openai): preserve bare gpt-5.3-codex-spark across forwarding paths

Fix Gemini CLI 404s for gemini-3.1-pro-preview-customtools

feat(gateway): Cache-Driven RPM Buffer

feat(group-filter): 分组账号过滤控制 — require_oauth_only + require_privacy_set

feat(antigravity): 令牌刷新失败及创建账号时也设置隐私

- buffer 公式从 baseRPM/5 改为 concurrency + maxSessions
  保留 baseRPM/5 作为 floor 向后兼容
- 粘性路径 fallback 新增 [StickyCacheMiss] 结构化日志
  reason: rpm_red / gate_check / session_limit / wait_queue_full / account_cleared
- session_limit 路径跳过 wait queue 重试（RegisterSession 拒绝无副作用）
- 典型配置 buffer 从 3 提升至 13，大幅减少高峰期 Prompt Cache Miss
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

为 OpenAI/Antigravity/Anthropic/Gemini 分组新增两个布尔控制字段：
- require_oauth_only: 创建/更新账号绑定分组时拒绝 apikey 类型加入
- require_privacy_set: 调度选号时跳过 privacy 未成功设置的账号并标记 error

后端：Ent schema 新增字段 + 迁移、Group CRUD 全链路透传、
      gateway_service 与 openai_account_scheduler 两套调度路径过滤
前端：创建/编辑表单 toggle 开关（OpenAI/Antigravity/Anthropic/Gemini 平台可见）
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

- token_refresh: 不可重试错误和重试耗尽两条路径添加 ensureAntigravityPrivacy
- admin_service: CreateAccount 为 Antigravity OAuth 账号异步设置隐私
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Anthropic compat requests normalize reasoning suffixes before forwarding, but the account mapping step was still using the raw request model. Resolve billing and upstream models from the normalized compat model so explicit account mappings win over fallback defaults.

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent

)
Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>

# Conflicts:
#	backend/internal/service/openai_gateway_messages.go

Add a purple dashed line showing cache hit rate percentage
(cache_read / (cache_read + cache_creation)) on a secondary
right Y-axis (0-100%). Applies to both user and admin dashboards.

feat(antigravity): progressive penalty for consecutive INTERNAL 500 errors

fix(billing): 计费始终使用用户请求的原始模型，而非映射后的上游模型

fix(api-key):软删除apikey后key没有被释放后续无法再自定义相同的key

fix(admin): fix Safari system log select height

fix(i18n): 修复 Sora 存储配置页面表格列头「存储桶」翻译缺失

fix(gateway): normalize gpt-5.4-xhigh for /v1/messages

Feat/add file upload oauth scope