fix: handle account errors and gpt55 response limit

Author: james-6-23

admin/batch_test_test.go

@@ -18,6 +18,12 @@ func TestShouldMarkBatchTestAccountError(t *testing.T) {
 			body:       []byte(`{"error":{"code":"unsupported_country_region_territory"}}`),
 			want:       true,
 		},
+		{
+			name:       "payment required deactivated workspace is account scoped",
+			statusCode: http.StatusPaymentRequired,
+			body:       []byte(`{"detail":{"code":"deactivated_workspace"}}`),
+			want:       true,
+		},
 		{
 			name:       "invalid grant bad request is account scoped",
 			statusCode: http.StatusBadRequest,

admin/handler.go

@@ -287,6 +287,7 @@ type accountResponse struct {
 	Email                    string                     `json:"email"`
 	PlanType                 string                     `json:"plan_type"`
 	Status                   string                     `json:"status"`
+	ErrorMessage             string                     `json:"error_message,omitempty"`
 	ATOnly                   bool                       `json:"at_only"`
 	HealthTier               string                     `json:"health_tier"`
 	SchedulerScore           float64                    `json:"scheduler_score"`
@@ -388,6 +389,7 @@ func (h *Handler) ListAccounts(c *gin.Context) {
 			Email:                    row.GetCredential("email"),
 			PlanType:                 row.GetCredential("plan_type"),
 			Status:                   row.Status,
+			ErrorMessage:             row.ErrorMessage,
 			ATOnly:                   row.GetCredential("refresh_token") == "" && row.GetCredential("access_token") != "",
 			ProxyURL:                 row.ProxyURL,
 			Enabled:                  row.Enabled,
@@ -468,6 +470,9 @@ func (h *Handler) ListAccounts(c *gin.Context) {
 			}
 			// 使用运行时状态（优先于 DB 状态）
 			resp.Status = acc.RuntimeStatus()
+			acc.Mu().RLock()
+			resp.ErrorMessage = acc.ErrorMsg
+			acc.Mu().RUnlock()
 		} else if row.CooldownUntil.Valid && row.CooldownUntil.Time.After(time.Now()) {
 			resp.CooldownReason = row.CooldownReason
 			resp.CooldownUntil = row.CooldownUntil.Time.Format(time.RFC3339)

admin/test_connection.go

@@ -467,6 +467,9 @@ func (h *Handler) BatchTest(c *gin.Context) {
 
 func shouldMarkBatchTestAccountError(statusCode int, body []byte) bool {
 	msg := strings.ToLower(string(body))
+	if statusCode == http.StatusPaymentRequired && proxy.IsDeactivatedWorkspaceError(body) {
+		return true
+	}
 	if statusCode == http.StatusForbidden {
 		return true
 	}

api/openapi.yaml

@@ -339,7 +339,8 @@ components:
         max_output_tokens:
           type: integer
           minimum: 1
-          maximum: 65536
+          maximum: 128000
+          description: Maximum output tokens. gpt-5.5 supports up to 128000; other models may be capped lower.
         temperature:
           type: number
           minimum: 0

api/validation.go

@@ -14,6 +14,11 @@ import (
 	"github.com/tidwall/gjson"
 )
 
+const (
+	defaultResponsesMaxOutputTokens = 65536
+	gpt55ResponsesMaxOutputTokens   = 128000
+)
+
 // ValidationRule represents a validation rule function
 type ValidationRule func(value gjson.Result, path string) *ValidationError
 
@@ -419,13 +424,30 @@ func ChatCompletionValidationRules() map[string][]ValidationRule {
 	}
 }
 
+// ResponsesMaxOutputTokensForModel returns the downstream validation cap for
+// max_output_tokens. Most Codex models still use the legacy 64k output cap,
+// while gpt-5.5 clients may legitimately request up to 128k.
+func ResponsesMaxOutputTokensForModel(model string) int {
+	switch strings.ToLower(strings.TrimSpace(model)) {
+	case "gpt-5.5":
+		return gpt55ResponsesMaxOutputTokens
+	default:
+		return defaultResponsesMaxOutputTokens
+	}
+}
+
 // ResponsesAPIValidationRules returns validation rules for responses API request
 // Note: input can be either a string or an array of items (validated separately)
 func ResponsesAPIValidationRules() map[string][]ValidationRule {
+	return ResponsesAPIValidationRulesForModel("")
+}
+
+func ResponsesAPIValidationRulesForModel(model string) map[string][]ValidationRule {
+	maxOutputTokens := ResponsesMaxOutputTokensForModel(model)
 	return map[string][]ValidationRule{
 		"model": {Required(), TypeString(), MaxLength(64)},
 		// input validation is handled separately to support both string and array formats
-		"max_output_tokens": {TypeNumber(), MinValue(1), MaxValue(65536)},
+		"max_output_tokens": {TypeNumber(), MinValue(1), MaxValue(float64(maxOutputTokens))},
 		"temperature":       {TypeNumber(), Range(0, 2)},
 		"top_p":             {TypeNumber(), Range(0, 1)},
 		"stream":            {TypeBoolean()},
@@ -451,7 +473,7 @@ func ValidateChatCompletionsRequest(body []byte, supportedModels []string) *Vali
 
 // ValidateResponsesAPIRequest validates a responses API request with model validation
 func ValidateResponsesAPIRequest(body []byte, supportedModels []string) *ValidationResult {
-	rules := ResponsesAPIValidationRules()
+	rules := ResponsesAPIValidationRulesForModel(gjson.GetBytes(body, "model").String())
 	rules["model"] = append(rules["model"], ModelValidator(supportedModels))
 	validator := NewValidator(body)
 	return validator.ValidateRequest(rules)

api/validation_test.go

@@ -75,6 +75,39 @@ func TestValidateResponsesAPIRequestAllowsCompactionInputType(t *testing.T) {
 	}
 }
 
+func TestValidateResponsesAPIRequestUsesModelAwareMaxOutputTokens(t *testing.T) {
+	tests := []struct {
+		name  string
+		body  []byte
+		valid bool
+	}{
+		{
+			name:  "gpt-5.5 allows 128k output tokens",
+			body:  []byte(`{"model":"gpt-5.5","input":"hello","max_output_tokens":128000}`),
+			valid: true,
+		},
+		{
+			name:  "gpt-5.5 rejects above 128k output tokens",
+			body:  []byte(`{"model":"gpt-5.5","input":"hello","max_output_tokens":128001}`),
+			valid: false,
+		},
+		{
+			name:  "other models keep 64k output cap",
+			body:  []byte(`{"model":"gpt-5.4","input":"hello","max_output_tokens":65537}`),
+			valid: false,
+		},
+	}
+
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			result := ValidateResponsesAPIRequest(test.body, []string{"gpt-5.5", "gpt-5.4"})
+			if result.Valid != test.valid {
+				t.Fatalf("Valid = %v, want %v; errors=%#v", result.Valid, test.valid, result.Errors)
+			}
+		})
+	}
+}
+
 func TestValidateResponsesAPIRequestRejectsUnknownInputType(t *testing.T) {
 	result := ValidateResponsesAPIRequest(
 		[]byte(`{"model":"gpt-5.4","input":[{"type":"unknown_call","call_id":"call_1"}]}`),

auth/fast_scheduler_test.go

@@ -57,6 +57,25 @@ func TestFastSchedulerSkipsDispatchPausedAccount(t *testing.T) {
 	}
 }
 
+func TestFastSchedulerSkipsErrorAccount(t *testing.T) {
+	errored := newFastSchedulerTestAccount(1, HealthTierHealthy, 120, 2)
+	errored.Status = StatusError
+	fallback := newFastSchedulerTestAccount(2, HealthTierHealthy, 80, 2)
+
+	scheduler := NewFastScheduler(2)
+	scheduler.Rebuild([]*Account{errored, fallback})
+
+	got := scheduler.Acquire()
+	if got == nil {
+		t.Fatal("Acquire() returned nil")
+	}
+	defer scheduler.Release(got)
+
+	if got.DBID != fallback.DBID {
+		t.Fatalf("Acquire() picked dbID=%d, want %d", got.DBID, fallback.DBID)
+	}
+}
+
 func TestFastSchedulerRespectsConcurrencyLimit(t *testing.T) {
 	acc := newFastSchedulerTestAccount(1, HealthTierHealthy, 100, 1)
 

auth/session_affinity_test.go

@@ -93,6 +93,31 @@ func TestNextForSessionWithFilterFallsBackWhenBoundAccountRejected(t *testing.T)
 	}
 }
 
+func TestNextForSessionFallsBackWhenBoundAccountIsError(t *testing.T) {
+	store := &Store{
+		accounts: []*Account{
+			{DBID: 1, AccessToken: "tok-1"},
+			{DBID: 2, AccessToken: "tok-2", Status: StatusError, ErrorMsg: "deactivated_workspace"},
+		},
+		maxConcurrency: 2,
+	}
+	store.bindSessionAffinity("session-1", store.accounts[1], "http://proxy-2")
+
+	acc, proxyURL := store.NextForSession("session-1", 0, nil)
+	if acc == nil {
+		t.Fatal("expected fallback account")
+	}
+	if acc.DBID != 1 {
+		t.Fatalf("account DBID = %d, want %d", acc.DBID, 1)
+	}
+	if proxyURL != "" {
+		t.Fatalf("proxyURL = %q, want empty fallback proxy", proxyURL)
+	}
+	if store.accounts[1].IsAvailable() {
+		t.Fatal("error account should not be available for scheduling")
+	}
+}
+
 func TestWaitForSessionAvailableReturnsBoundAccount(t *testing.T) {
 	store := &Store{
 		accounts: []*Account{

frontend/src/pages/Accounts.tsx

@@ -1271,6 +1271,11 @@ export default function Accounts() {
                             {account.cooldown_until && (account.status === 'rate_limited' || account.status === 'error') && (
                               <CooldownTimer until={account.cooldown_until} />
                             )}
+                            {account.status === 'error' && account.error_message && (
+                              <div className="max-w-[180px] truncate text-[11px] leading-tight text-red-500" title={account.error_message}>
+                                {account.error_message}
+                              </div>
+                            )}
                             {(account.model_cooldowns?.length ?? 0) > 0 && (
                               <div className="text-[11px] leading-tight text-amber-600">
                                 model {account.model_cooldowns?.[0]?.model}

frontend/src/types.ts

@@ -28,6 +28,7 @@ export interface AccountRow {
   email: string
   plan_type: string
   status: AccountStatus
+  error_message?: string
   at_only?: boolean
   health_tier?: string
   scheduler_score?: number