Update cleanup_tokens.sh

cleanup_tokens.sh

@@ -3,9 +3,9 @@
 # cleanup_tokens.sh - Remove invalid/unavailable auth tokens via CLIProxyAPI Management API
 #
 # Environment variables:
-#   MANAGEMENT_PASSWORD  - CLIProxyAPI management API password (required)
-#   FEISHU_WEBHOOK_URL   - Feishu bot webhook URL for notifications (optional)
-#                          If not set, no notifications are sent.
+#   MANAGEMENT_PASSWORD     CLIProxyAPI management API password (required)
+#   FEISHU_WEBHOOK_URL      Feishu bot webhook URL for notifications (optional)
+#   CLEANUP_CONCURRENCY     Max parallel DELETE requests (default: 20)
 #
 
 API_BASE="http://localhost:7860/v0/management"
@@ -13,50 +13,55 @@ TIMESTAMP="$(date '+%Y-%m-%d %H:%M:%S')"
 LOG_PREFIX="[cleanup_tokens] ${TIMESTAMP}"
 TMP_FILE="/tmp/auth_files_$$.json"
 TMP_NAMES="/tmp/auth_names_$$.txt"
+TMP_DIR="/tmp/cleanup_$$"
+
+CONCURRENCY="${CLEANUP_CONCURRENCY:-20}"
 
 cleanup_tmp() {
     rm -f "$TMP_FILE" "$TMP_NAMES"
+    rm -rf "$TMP_DIR"
 }
 trap cleanup_tmp EXIT
 
 # ---------------------------------------------------------------------------
-# notify_feishu TITLE BODY_TEXT
-#   Sends a rich-text "post" message to the Feishu webhook.
-#   Uses the same structured layout as the reference AnyRouter check-in style.
+# notify_feishu TITLE BODY
 # ---------------------------------------------------------------------------
 notify_feishu() {
     [ -z "$FEISHU_WEBHOOK_URL" ] && return 0
-
-    TITLE="$1"
-    BODY="$2"
-
-    # Build content as a single text paragraph (preserves newlines via \n in JSON)
-    # jq handles all escaping automatically
-    PAYLOAD=$(jq -n \
-        --arg title "$TITLE" \
-        --arg body  "$BODY" \
-        '{
-            msg_type: "post",
-            content: {
-                post: {
-                    zh_cn: {
-                        title: $title,
-                        content: [
-                            [{"tag": "text", "text": $body}]
-                        ]
-                    }
-                }
-            }
-        }')
-
-    curl -sf -X POST \
-        -H "Content-Type: application/json" \
-        -d "$PAYLOAD" \
-        "$FEISHU_WEBHOOK_URL" > /dev/null 2>&1 \
+    PAYLOAD=$(jq -n --arg title "$1" --arg body "$2" '{
+        msg_type: "post",
+        content: { post: { zh_cn: {
+            title: $title,
+            content: [[{"tag": "text", "text": $body}]]
+        }}}
+    }')
+    curl -sf -X POST -H "Content-Type: application/json" \
+        -d "$PAYLOAD" "$FEISHU_WEBHOOK_URL" > /dev/null 2>&1 \
     && echo "${LOG_PREFIX} Feishu notification sent." \
     || echo "${LOG_PREFIX} WARNING: Failed to send Feishu notification."
 }
 
+# ---------------------------------------------------------------------------
+# delete_one NAME  — writes result to $TMP_DIR/<name>.result
+# Format: "OK <name>" or "ERR <name> <http_status>"
+# ---------------------------------------------------------------------------
+delete_one() {
+    NAME="$1"
+    ENCODED=$(printf '%s' "$NAME" | sed 's/@/%40/g; s/ /%20/g')
+    RESULT_FILE="${TMP_DIR}/$(printf '%s' "$NAME" | md5sum | cut -d' ' -f1).result"
+
+    HTTP_ST=$(curl -s -o /dev/null -w "%{http_code}" \
+        -X DELETE \
+        -H "Authorization: Bearer ${MANAGEMENT_PASSWORD}" \
+        "${API_BASE}/auth-files?name=${ENCODED}" 2>/dev/null)
+
+    if [ "$HTTP_ST" = "200" ]; then
+        printf 'OK %s\n' "$NAME" > "$RESULT_FILE"
+    else
+        printf 'ERR %s %s\n' "$NAME" "$HTTP_ST" > "$RESULT_FILE"
+    fi
+}
+
 # ---------------------------------------------------------------------------
 # Main
 # ---------------------------------------------------------------------------
@@ -66,7 +71,7 @@ if [ -z "$MANAGEMENT_PASSWORD" ]; then
     exit 1
 fi
 
-echo "${LOG_PREFIX} Starting invalid token cleanup..."
+echo "${LOG_PREFIX} Starting invalid token cleanup... (concurrency=${CONCURRENCY})"
 
 # --- Fetch auth file list ---------------------------------------------------
 HTTP_STATUS=$(curl -s -o "$TMP_FILE" -w "%{http_code}" \
@@ -76,8 +81,7 @@ HTTP_STATUS=$(curl -s -o "$TMP_FILE" -w "%{http_code}" \
 if [ "$HTTP_STATUS" != "200" ]; then
     MSG="API 返回 HTTP ${HTTP_STATUS}，服务可能尚未就绪。"
     echo "${LOG_PREFIX} ERROR: ${MSG}"
-    notify_feishu "❌  Token 清理失败" \
-"[TIME]  ${TIMESTAMP}
+    notify_feishu "❌  Token 清理失败" "[TIME]  ${TIMESTAMP}
 
 [ERROR]  ${MSG}"
     exit 1
@@ -85,8 +89,7 @@ fi
 
 if ! jq empty "$TMP_FILE" 2>/dev/null; then
     echo "${LOG_PREFIX} ERROR: Invalid JSON response"
-    notify_feishu "❌  Token 清理失败" \
-"[TIME]  ${TIMESTAMP}
+    notify_feishu "❌  Token 清理失败" "[TIME]  ${TIMESTAMP}
 
 [ERROR]  API 返回了无效的 JSON 响应"
     exit 1
@@ -95,15 +98,9 @@ fi
 TOTAL=$(jq '.files | length' "$TMP_FILE")
 echo "${LOG_PREFIX} Total auth files: ${TOTAL}"
 
-if [ "$TOTAL" -eq 0 ]; then
-    echo "${LOG_PREFIX} No auth files found."
-    exit 0
-fi
+[ "$TOTAL" -eq 0 ] && { echo "${LOG_PREFIX} No auth files found."; exit 0; }
 
 # --- Identify tokens to delete ---------------------------------------------
-# Criteria (file-based tokens only, runtime_only are skipped):
-#   unavailable == true
-#   OR status in: error | expired | invalid | failed | unauthorized | quota_exceeded
 jq -r '
   .files[] |
   select(.runtime_only != true) |
@@ -118,13 +115,12 @@ jq -r '
   .name
 ' "$TMP_FILE" > "$TMP_NAMES"
 
-TO_DELETE=$(wc -l < "$TMP_NAMES" | tr -d ' ')
+TO_DELETE=$(grep -c '' "$TMP_NAMES" 2>/dev/null || echo 0)
 echo "${LOG_PREFIX} Tokens to delete: ${TO_DELETE}"
 
 if [ "$TO_DELETE" -eq 0 ]; then
     echo "${LOG_PREFIX} All tokens healthy, nothing to clean up."
-    notify_feishu "✅  Token 状态检查" \
-"[TIME]  ${TIMESTAMP}
+    notify_feishu "✅  Token 状态检查" "[TIME]  ${TIMESTAMP}
 
 [STATS]  共 ${TOTAL} 个 token，全部健康
 
@@ -132,49 +128,75 @@ if [ "$TO_DELETE" -eq 0 ]; then
     exit 0
 fi
 
-# --- Print deletion plan ---------------------------------------------------
-DETAIL_LINES=""
+# Log the plan
 while IFS= read -r NAME; do
-    STATUS=$(jq -r --arg n "$NAME" \
-        '.files[] | select(.name == $n) | .status // "unknown"' "$TMP_FILE")
-    DETAIL_LINES="${DETAIL_LINES}  •  ${NAME}  [${STATUS}]
-"
+    STATUS=$(jq -r --arg n "$NAME" '.files[] | select(.name==$n) | .status // "unknown"' "$TMP_FILE")
     echo "${LOG_PREFIX}   - ${NAME} (${STATUS})"
 done < "$TMP_NAMES"
 
-# --- Delete invalid tokens -------------------------------------------------
-DELETED=0
-ERRORS=0
-ERROR_LINES=""
+# --- Parallel DELETE with concurrency control ------------------------------
+mkdir -p "$TMP_DIR"
 
+ACTIVE=0
 while IFS= read -r NAME; do
     [ -z "$NAME" ] && continue
-    ENCODED=$(printf '%s' "$NAME" | sed 's/@/%40/g; s/ /%20/g')
 
-    DEL_STATUS=$(curl -s -o /tmp/del_resp_$$.json -w "%{http_code}" \
-        -X DELETE \
-        -H "Authorization: Bearer ${MANAGEMENT_PASSWORD}" \
-        "${API_BASE}/auth-files?name=${ENCODED}" 2>/dev/null)
+    # Launch delete in background
+    delete_one "$NAME" &
+    ACTIVE=$((ACTIVE + 1))
 
-    if [ "$DEL_STATUS" = "200" ]; then
-        echo "${LOG_PREFIX} DELETED: ${NAME}"
-        DELETED=$((DELETED + 1))
-    else
-        ERR=$(cat /tmp/del_resp_$$.json 2>/dev/null)
-        echo "${LOG_PREFIX} ERROR deleting ${NAME} (HTTP ${DEL_STATUS}): ${ERR}"
-        ERRORS=$((ERRORS + 1))
-        ERROR_LINES="${ERROR_LINES}  •  ${NAME}  (HTTP ${DEL_STATUS})
-"
+    # When we hit the concurrency limit, wait for all current batch to finish
+    if [ "$ACTIVE" -ge "$CONCURRENCY" ]; then
+        wait
+        ACTIVE=0
     fi
-    rm -f /tmp/del_resp_$$.json
+done < "$TMP_NAMES"
+
+# Wait for any remaining background jobs
+wait
+
+# --- Collect results -------------------------------------------------------
+DELETED=0
+ERRORS=0
+DETAIL_LINES=""
+ERROR_LINES=""
+
+# Re-read the names file to preserve status info for the notification
+while IFS= read -r NAME; do
+    [ -z "$NAME" ] && continue
+    RESULT_FILE="${TMP_DIR}/$(printf '%s' "$NAME" | md5sum | cut -d' ' -f1).result"
+    RESULT=$(cat "$RESULT_FILE" 2>/dev/null)
+
+    case "$RESULT" in
+        OK*)
+            STATUS=$(jq -r --arg n "$NAME" '.files[] | select(.name==$n) | .status // "unknown"' "$TMP_FILE")
+            echo "${LOG_PREFIX} DELETED: ${NAME}"
+            DELETED=$((DELETED + 1))
+            DETAIL_LINES="${DETAIL_LINES}  •  ${NAME}  [${STATUS}]\n"
+            ;;
+        ERR*)
+            HTTP_ST=$(echo "$RESULT" | awk '{print $3}')
+            echo "${LOG_PREFIX} ERROR deleting ${NAME} (HTTP ${HTTP_ST})"
+            ERRORS=$((ERRORS + 1))
+            ERROR_LINES="${ERROR_LINES}  •  ${NAME}  (HTTP ${HTTP_ST})\n"
+            ;;
+        *)
+            echo "${LOG_PREFIX} WARNING: No result for ${NAME}"
+            ERRORS=$((ERRORS + 1))
+            ERROR_LINES="${ERROR_LINES}  •  ${NAME}  (no result)\n"
+            ;;
+    esac
 done < "$TMP_NAMES"
 
 echo "${LOG_PREFIX} Done. Deleted: ${DELETED}, Errors: ${ERRORS}"
 
 # --- Feishu notification ---------------------------------------------------
+# printf to interpret \n in the accumulated lines
+DETAIL_LINES=$(printf '%b' "$DETAIL_LINES")
+ERROR_LINES=$(printf '%b' "$ERROR_LINES")
+
 if [ "$ERRORS" -gt 0 ]; then
-    notify_feishu "⚠️  Token 清理完成（有错误）" \
-"[TIME]  ${TIMESTAMP}
+    notify_feishu "⚠️  Token 清理完成（有错误）" "[TIME]  ${TIMESTAMP}
 
 [STATS]  共 ${TOTAL} 个 token，发现 ${TO_DELETE} 个失效
 
@@ -184,8 +206,7 @@ ${DETAIL_LINES}
 [FAIL]  删除失败 ${ERRORS} 个：
 ${ERROR_LINES}────────────────────"
 else
-    notify_feishu "🧹  Token 清理完成" \
-"[TIME]  ${TIMESTAMP}
+    notify_feishu "🧹  Token 清理完成" "[TIME]  ${TIMESTAMP}
 
 [STATS]  共 ${TOTAL} 个 token，清理 ${DELETED} 个失效