fix: recover Codex rotation auth failures

- mark Codex bearer/refresh failures as terminal auth-expired states

- sync refreshed session auth back to rotation slots and revive refreshed dead_auth slots

- stop paired arbiter retry loops when Codex accounts are unavailable

- add regression coverage for rotation leases, follow-up suppression, and arbiter closure
This commit is contained in:
ejclaw
2026-06-02 00:21:16 +09:00
parent 1ff6b3434f
commit 03d4c81192
21 changed files with 1082 additions and 52 deletions

View File

@@ -249,6 +249,8 @@ export function classifyAgentError(
lower.includes('429') ||
lower.includes('rate limit') ||
lower.includes('usage limit') ||
lower.includes('out of credits') ||
lower.includes('workspace out of credits') ||
lower.includes('hit your limit') ||
lower.includes('too many requests') ||
lower.includes('rate_limit')
@@ -335,11 +337,17 @@ export function classifyCodexAuthError(
const lower = error.toLowerCase();
if (
lower.includes('auth-expired') ||
lower.includes('auth expired') ||
lower.includes('401') ||
lower.includes('authentication_error') ||
lower.includes('failed to authenticate') ||
lower.includes('access token could not be refreshed') ||
lower.includes('oauth token has expired') ||
lower.includes('refresh token was already used') ||
lower.includes('refresh your existing token') ||
lower.includes('log out and sign in again') ||
lower.includes('app_session_terminated') ||
lower.includes('unauthorized')
) {
return { category: 'auth-expired', reason: 'auth-expired' };