Alexander
909c8b1894
Sanitizer renames tool names and replaces system prompt patterns that Anthropic fingerprints to detect non-Claude-Code clients. Lowercase tool names (bash, read, glob, etc.) combined together trigger rejection — renaming to PascalCase bypasses this. Configurable via YAML sanitize rules for tools, system, and body. Background OAuth token refresh every 30s with 5-minute pre-expiry lead. Uses Chrome TLS fingerprint for refresh endpoint too. Adds /messages route (without /v1 prefix) for OpenCode compat.
48 lines
1.1 KiB
Go
48 lines
1.1 KiB
Go
package auth
|
|
|
|
import (
|
|
"sync"
|
|
"time"
|
|
)
|
|
|
|
// Credential represents an Anthropic API credential loaded from a JSON file.
|
|
type Credential struct {
|
|
ID string
|
|
Email string
|
|
AccessToken string
|
|
RefreshToken string
|
|
ExpiresAt time.Time
|
|
FilePath string
|
|
CooldownUntil time.Time
|
|
nextRefreshAfter time.Time
|
|
mu sync.Mutex
|
|
}
|
|
|
|
// IsExpired returns true if the credential's access token has expired.
|
|
func (c *Credential) IsExpired() bool {
|
|
c.mu.Lock()
|
|
defer c.mu.Unlock()
|
|
return time.Now().After(c.ExpiresAt)
|
|
}
|
|
|
|
// IsOnCooldown returns true if the credential is currently on cooldown.
|
|
func (c *Credential) IsOnCooldown() bool {
|
|
c.mu.Lock()
|
|
defer c.mu.Unlock()
|
|
return time.Now().Before(c.CooldownUntil)
|
|
}
|
|
|
|
// SetCooldown puts the credential on cooldown for the given duration.
|
|
func (c *Credential) SetCooldown(duration time.Duration) {
|
|
c.mu.Lock()
|
|
defer c.mu.Unlock()
|
|
c.CooldownUntil = time.Now().Add(duration)
|
|
}
|
|
|
|
// Token returns the current access token.
|
|
func (c *Credential) Token() string {
|
|
c.mu.Lock()
|
|
defer c.mu.Unlock()
|
|
return c.AccessToken
|
|
}
|