@@ -12,6 +12,7 @@ import (
1212
1313 iflowauth "github.com/router-for-me/CLIProxyAPI/v6/internal/auth/iflow"
1414 "github.com/router-for-me/CLIProxyAPI/v6/internal/config"
15+ "github.com/router-for-me/CLIProxyAPI/v6/internal/util"
1516 cliproxyauth "github.com/router-for-me/CLIProxyAPI/v6/sdk/cliproxy/auth"
1617 cliproxyexecutor "github.com/router-for-me/CLIProxyAPI/v6/sdk/cliproxy/executor"
1718 sdktranslator "github.com/router-for-me/CLIProxyAPI/v6/sdk/translator"
@@ -214,18 +215,28 @@ func (e *IFlowExecutor) Refresh(ctx context.Context, auth *cliproxyauth.Auth) (*
214215 }
215216
216217 refreshToken := ""
218+ oldAccessToken := ""
217219 if auth .Metadata != nil {
218220 if v , ok := auth .Metadata ["refresh_token" ].(string ); ok {
219221 refreshToken = strings .TrimSpace (v )
220222 }
223+ if v , ok := auth .Metadata ["access_token" ].(string ); ok {
224+ oldAccessToken = strings .TrimSpace (v )
225+ }
221226 }
222227 if refreshToken == "" {
223228 return auth , nil
224229 }
225230
231+ // Log the old access token (masked) before refresh
232+ if oldAccessToken != "" {
233+ log .Debugf ("iflow executor: refreshing access token, old: %s" , util .HideAPIKey (oldAccessToken ))
234+ }
235+
226236 svc := iflowauth .NewIFlowAuth (e .cfg )
227237 tokenData , err := svc .RefreshTokens (ctx , refreshToken )
228238 if err != nil {
239+ log .Errorf ("iflow executor: token refresh failed: %v" , err )
229240 return nil , err
230241 }
231242
@@ -243,6 +254,9 @@ func (e *IFlowExecutor) Refresh(ctx context.Context, auth *cliproxyauth.Auth) (*
243254 auth .Metadata ["type" ] = "iflow"
244255 auth .Metadata ["last_refresh" ] = time .Now ().Format (time .RFC3339 )
245256
257+ // Log the new access token (masked) after successful refresh
258+ log .Debugf ("iflow executor: token refresh successful, new: %s" , util .HideAPIKey (tokenData .AccessToken ))
259+
246260 if auth .Attributes == nil {
247261 auth .Attributes = make (map [string ]string )
248262 }
0 commit comments