feat: Introduce a new Go-based DeepSeek API proxy with adapters for Claude and OpenAI, including SSE parsing and updated build configurations.

2026-05-16 06:05:07 +08:00 · 2026-02-15 19:50:26 +08:00
parent 35b99cdf4c
commit a50e2ef5cd
31 changed files with 4019 additions and 64 deletions
--- a/internal/deepseek/client.go
+++ b/internal/deepseek/client.go
@@ -0,0 +1,342 @@
+package deepseek
+
+import (
+	"bufio"
+	"bytes"
+	"compress/gzip"
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"strings"
+	"time"
+
+	"ds2api/internal/auth"
+	"ds2api/internal/config"
+	trans "ds2api/internal/deepseek/transport"
+
+	"github.com/andybalholm/brotli"
+)
+
+type Client struct {
+	Store      *config.Store
+	Auth       *auth.Resolver
+	regular    trans.Doer
+	stream     trans.Doer
+	fallback   *http.Client
+	fallbackS  *http.Client
+	powSolver  *PowSolver
+	maxRetries int
+}
+
+func NewClient(store *config.Store, resolver *auth.Resolver) *Client {
+	return &Client{
+		Store:      store,
+		Auth:       resolver,
+		regular:    trans.New(60 * time.Second),
+		stream:     trans.New(0),
+		fallback:   &http.Client{Timeout: 60 * time.Second},
+		fallbackS:  &http.Client{Timeout: 0},
+		powSolver:  NewPowSolver(config.WASMPath()),
+		maxRetries: 3,
+	}
+}
+
+func (c *Client) Login(ctx context.Context, acc config.Account) (string, error) {
+	payload := map[string]any{
+		"password":  strings.TrimSpace(acc.Password),
+		"device_id": "deepseek_to_api",
+		"os":        "android",
+	}
+	if email := strings.TrimSpace(acc.Email); email != "" {
+		payload["email"] = email
+	} else if mobile := strings.TrimSpace(acc.Mobile); mobile != "" {
+		payload["mobile"] = mobile
+		payload["area_code"] = nil
+	} else {
+		return "", errors.New("missing email/mobile")
+	}
+	resp, err := c.postJSON(ctx, c.regular, DeepSeekLoginURL, BaseHeaders, payload)
+	if err != nil {
+		return "", err
+	}
+	code := intFrom(resp["code"])
+	if code != 0 {
+		return "", fmt.Errorf("login failed: %v", resp["msg"])
+	}
+	data, _ := resp["data"].(map[string]any)
+	if intFrom(data["biz_code"]) != 0 {
+		return "", fmt.Errorf("login failed: %v", data["biz_msg"])
+	}
+	bizData, _ := data["biz_data"].(map[string]any)
+	user, _ := bizData["user"].(map[string]any)
+	token, _ := user["token"].(string)
+	if strings.TrimSpace(token) == "" {
+		return "", errors.New("missing login token")
+	}
+	return token, nil
+}
+
+func (c *Client) CreateSession(ctx context.Context, a *auth.RequestAuth, maxAttempts int) (string, error) {
+	if maxAttempts <= 0 {
+		maxAttempts = c.maxRetries
+	}
+	attempts := 0
+	refreshed := false
+	for attempts < maxAttempts {
+		headers := c.authHeaders(a.DeepSeekToken)
+		resp, status, err := c.postJSONWithStatus(ctx, c.regular, DeepSeekCreateSessionURL, headers, map[string]any{"agent": "chat"})
+		if err != nil {
+			config.Logger.Warn("[create_session] request error", "error", err, "account", a.AccountID)
+			attempts++
+			continue
+		}
+		code := intFrom(resp["code"])
+		if status == http.StatusOK && code == 0 {
+			data, _ := resp["data"].(map[string]any)
+			bizData, _ := data["biz_data"].(map[string]any)
+			sessionID, _ := bizData["id"].(string)
+			if sessionID != "" {
+				return sessionID, nil
+			}
+		}
+		msg, _ := resp["msg"].(string)
+		config.Logger.Warn("[create_session] failed", "status", status, "code", code, "msg", msg, "use_config_token", a.UseConfigToken, "account", a.AccountID)
+		if a.UseConfigToken {
+			if isTokenInvalid(status, code, msg) && !refreshed {
+				if c.Auth.RefreshToken(ctx, a) {
+					refreshed = true
+					continue
+				}
+			}
+			if c.Auth.SwitchAccount(ctx, a) {
+				refreshed = false
+				attempts++
+				continue
+			}
+		}
+		attempts++
+	}
+	return "", errors.New("create session failed")
+}
+
+func (c *Client) GetPow(ctx context.Context, a *auth.RequestAuth, maxAttempts int) (string, error) {
+	if maxAttempts <= 0 {
+		maxAttempts = c.maxRetries
+	}
+	attempts := 0
+	for attempts < maxAttempts {
+		headers := c.authHeaders(a.DeepSeekToken)
+		resp, status, err := c.postJSONWithStatus(ctx, c.regular, DeepSeekCreatePowURL, headers, map[string]any{"target_path": "/api/v0/chat/completion"})
+		if err != nil {
+			config.Logger.Warn("[get_pow] request error", "error", err, "account", a.AccountID)
+			attempts++
+			continue
+		}
+		code := intFrom(resp["code"])
+		if status == http.StatusOK && code == 0 {
+			data, _ := resp["data"].(map[string]any)
+			bizData, _ := data["biz_data"].(map[string]any)
+			challenge, _ := bizData["challenge"].(map[string]any)
+			answer, err := c.powSolver.Compute(ctx, challenge)
+			if err != nil {
+				attempts++
+				continue
+			}
+			return BuildPowHeader(challenge, answer)
+		}
+		msg, _ := resp["msg"].(string)
+		config.Logger.Warn("[get_pow] failed", "status", status, "code", code, "msg", msg, "use_config_token", a.UseConfigToken, "account", a.AccountID)
+		if a.UseConfigToken {
+			if isTokenInvalid(status, code, msg) {
+				if c.Auth.RefreshToken(ctx, a) {
+					continue
+				}
+			}
+			if c.Auth.SwitchAccount(ctx, a) {
+				attempts++
+				continue
+			}
+		}
+		attempts++
+	}
+	return "", errors.New("get pow failed")
+}
+
+func (c *Client) CallCompletion(ctx context.Context, a *auth.RequestAuth, payload map[string]any, powResp string, maxAttempts int) (*http.Response, error) {
+	if maxAttempts <= 0 {
+		maxAttempts = c.maxRetries
+	}
+	headers := c.authHeaders(a.DeepSeekToken)
+	headers["x-ds-pow-response"] = powResp
+	attempts := 0
+	for attempts < maxAttempts {
+		resp, err := c.streamPost(ctx, DeepSeekCompletionURL, headers, payload)
+		if err != nil {
+			attempts++
+			time.Sleep(time.Second)
+			continue
+		}
+		if resp.StatusCode == http.StatusOK {
+			return resp, nil
+		}
+		_ = resp.Body.Close()
+		attempts++
+		time.Sleep(time.Second)
+	}
+	return nil, errors.New("completion failed")
+}
+
+func (c *Client) postJSON(ctx context.Context, doer trans.Doer, url string, headers map[string]string, payload any) (map[string]any, error) {
+	body, status, err := c.postJSONWithStatus(ctx, doer, url, headers, payload)
+	if err != nil {
+		return nil, err
+	}
+	if status == 0 {
+		return nil, errors.New("request failed")
+	}
+	return body, nil
+}
+
+func (c *Client) postJSONWithStatus(ctx context.Context, doer trans.Doer, url string, headers map[string]string, payload any) (map[string]any, int, error) {
+	b, err := json.Marshal(payload)
+	if err != nil {
+		return nil, 0, err
+	}
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, bytes.NewReader(b))
+	if err != nil {
+		return nil, 0, err
+	}
+	for k, v := range headers {
+		req.Header.Set(k, v)
+	}
+	resp, err := doer.Do(req)
+	if err != nil {
+		config.Logger.Warn("[deepseek] fingerprint request failed, fallback to std transport", "url", url, "error", err)
+		req2, reqErr := http.NewRequestWithContext(ctx, http.MethodPost, url, bytes.NewReader(b))
+		if reqErr != nil {
+			return nil, 0, err
+		}
+		for k, v := range headers {
+			req2.Header.Set(k, v)
+		}
+		resp, err = c.fallback.Do(req2)
+		if err != nil {
+			return nil, 0, err
+		}
+	}
+	defer resp.Body.Close()
+	payloadBytes, err := readResponseBody(resp)
+	if err != nil {
+		return nil, resp.StatusCode, err
+	}
+	out := map[string]any{}
+	if len(payloadBytes) > 0 {
+		if err := json.Unmarshal(payloadBytes, &out); err != nil {
+			config.Logger.Warn("[deepseek] json parse failed", "url", url, "status", resp.StatusCode, "content_encoding", resp.Header.Get("Content-Encoding"), "preview", preview(payloadBytes))
+		}
+	}
+	return out, resp.StatusCode, nil
+}
+
+func (c *Client) streamPost(ctx context.Context, url string, headers map[string]string, payload any) (*http.Response, error) {
+	b, err := json.Marshal(payload)
+	if err != nil {
+		return nil, err
+	}
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, bytes.NewReader(b))
+	if err != nil {
+		return nil, err
+	}
+	for k, v := range headers {
+		req.Header.Set(k, v)
+	}
+	resp, err := c.stream.Do(req)
+	if err != nil {
+		config.Logger.Warn("[deepseek] fingerprint stream request failed, fallback to std transport", "url", url, "error", err)
+		req2, reqErr := http.NewRequestWithContext(ctx, http.MethodPost, url, bytes.NewReader(b))
+		if reqErr != nil {
+			return nil, err
+		}
+		for k, v := range headers {
+			req2.Header.Set(k, v)
+		}
+		return c.fallbackS.Do(req2)
+	}
+	return resp, nil
+}
+
+func (c *Client) authHeaders(token string) map[string]string {
+	headers := make(map[string]string, len(BaseHeaders)+1)
+	for k, v := range BaseHeaders {
+		headers[k] = v
+	}
+	headers["authorization"] = "Bearer " + token
+	return headers
+}
+
+func isTokenInvalid(status int, code int, msg string) bool {
+	msg = strings.ToLower(msg)
+	if status == http.StatusUnauthorized || status == http.StatusForbidden {
+		return true
+	}
+	if code == 40001 || code == 40002 || code == 40003 {
+		return true
+	}
+	return strings.Contains(msg, "token") || strings.Contains(msg, "unauthorized")
+}
+
+func intFrom(v any) int {
+	switch n := v.(type) {
+	case float64:
+		return int(n)
+	case int:
+		return n
+	case int64:
+		return int(n)
+	default:
+		return 0
+	}
+}
+
+func readResponseBody(resp *http.Response) ([]byte, error) {
+	encoding := strings.ToLower(strings.TrimSpace(resp.Header.Get("Content-Encoding")))
+	var reader io.Reader = resp.Body
+	switch encoding {
+	case "gzip":
+		gz, err := gzip.NewReader(resp.Body)
+		if err != nil {
+			return nil, err
+		}
+		defer gz.Close()
+		reader = gz
+	case "br":
+		reader = brotli.NewReader(resp.Body)
+	}
+	return io.ReadAll(reader)
+}
+
+func preview(b []byte) string {
+	s := strings.TrimSpace(string(b))
+	if len(s) > 160 {
+		return s[:160]
+	}
+	return s
+}
+
+func ScanSSELines(resp *http.Response, onLine func([]byte) bool) error {
+	scanner := bufio.NewScanner(resp.Body)
+	buf := make([]byte, 0, 64*1024)
+	scanner.Buffer(buf, 2*1024*1024)
+	for scanner.Scan() {
+		if !onLine(scanner.Bytes()) {
+			break
+		}
+	}
+	if err := scanner.Err(); err != nil {
+		return err
+	}
+	return nil
+}
--- a/internal/deepseek/constants.go
+++ b/internal/deepseek/constants.go
@@ -0,0 +1,26 @@
+package deepseek
+
+const (
+	DeepSeekHost             = "chat.deepseek.com"
+	DeepSeekLoginURL         = "https://chat.deepseek.com/api/v0/users/login"
+	DeepSeekCreateSessionURL = "https://chat.deepseek.com/api/v0/chat_session/create"
+	DeepSeekCreatePowURL     = "https://chat.deepseek.com/api/v0/chat/create_pow_challenge"
+	DeepSeekCompletionURL    = "https://chat.deepseek.com/api/v0/chat/completion"
+)
+
+var BaseHeaders = map[string]string{
+	"Host":              "chat.deepseek.com",
+	"User-Agent":        "DeepSeek/1.6.11 Android/35",
+	"Accept":            "application/json",
+	"Content-Type":      "application/json",
+	"x-client-platform": "android",
+	"x-client-version":  "1.6.11",
+	"x-client-locale":   "zh_CN",
+	"accept-charset":    "UTF-8",
+}
+
+const (
+	KeepAliveTimeout  = 5
+	StreamIdleTimeout = 30
+	MaxKeepaliveCount = 10
+)
--- a/internal/deepseek/pow.go
+++ b/internal/deepseek/pow.go
@@ -0,0 +1,189 @@
+package deepseek
+
+import (
+	"context"
+	"encoding/base64"
+	"encoding/binary"
+	"encoding/json"
+	"errors"
+	"math"
+	"os"
+	"sync"
+
+	"ds2api/internal/config"
+
+	"github.com/tetratelabs/wazero"
+	"github.com/tetratelabs/wazero/api"
+)
+
+type PowSolver struct {
+	wasmPath string
+	once     sync.Once
+	err      error
+
+	runtime  wazero.Runtime
+	compiled wazero.CompiledModule
+}
+
+func NewPowSolver(wasmPath string) *PowSolver {
+	return &PowSolver{wasmPath: wasmPath}
+}
+
+func (p *PowSolver) init(ctx context.Context) error {
+	p.once.Do(func() {
+		wasmBytes, err := os.ReadFile(p.wasmPath)
+		if err != nil {
+			p.err = err
+			return
+		}
+		p.runtime = wazero.NewRuntime(ctx)
+		p.compiled, p.err = p.runtime.CompileModule(ctx, wasmBytes)
+	})
+	return p.err
+}
+
+func (p *PowSolver) Compute(ctx context.Context, challenge map[string]any) (int64, error) {
+	if err := p.init(ctx); err != nil {
+		return 0, err
+	}
+	algo, _ := challenge["algorithm"].(string)
+	if algo != "DeepSeekHashV1" {
+		return 0, errors.New("unsupported algorithm")
+	}
+	challengeStr, _ := challenge["challenge"].(string)
+	salt, _ := challenge["salt"].(string)
+	signature, _ := challenge["signature"].(string)
+	targetPath, _ := challenge["target_path"].(string)
+	_ = signature
+	_ = targetPath
+
+	difficulty := toFloat64(challenge["difficulty"], 144000)
+	expireAt := toInt64(challenge["expire_at"], 1680000000)
+	prefix := salt + "_" + itoa(expireAt) + "_"
+
+	mod, err := p.runtime.InstantiateModule(ctx, p.compiled, wazero.NewModuleConfig())
+	if err != nil {
+		return 0, err
+	}
+	defer mod.Close(ctx)
+
+	mem := mod.Memory()
+	if mem == nil {
+		return 0, errors.New("wasm memory missing")
+	}
+	stackFn := mod.ExportedFunction("__wbindgen_add_to_stack_pointer")
+	allocFn := mod.ExportedFunction("__wbindgen_export_0")
+	solveFn := mod.ExportedFunction("wasm_solve")
+	if stackFn == nil || allocFn == nil || solveFn == nil {
+		return 0, errors.New("required wasm exports missing")
+	}
+
+	retPtrs, err := stackFn.Call(ctx, uint64(uint32(^uint32(15)))) // -16 i32
+	if err != nil || len(retPtrs) == 0 {
+		return 0, errors.New("stack alloc failed")
+	}
+	retptr := uint32(retPtrs[0])
+	defer stackFn.Call(ctx, 16)
+
+	chPtr, chLen, err := writeUTF8(ctx, allocFn, mem, challengeStr)
+	if err != nil {
+		return 0, err
+	}
+	prefixPtr, prefixLen, err := writeUTF8(ctx, allocFn, mem, prefix)
+	if err != nil {
+		return 0, err
+	}
+
+	if _, err := solveFn.Call(ctx,
+		uint64(retptr),
+		uint64(chPtr), uint64(chLen),
+		uint64(prefixPtr), uint64(prefixLen),
+		math.Float64bits(difficulty),
+	); err != nil {
+		return 0, err
+	}
+
+	statusBytes, ok := mem.Read(retptr, 4)
+	if !ok {
+		return 0, errors.New("read status failed")
+	}
+	status := int32(binary.LittleEndian.Uint32(statusBytes))
+	valueBytes, ok := mem.Read(retptr+8, 8)
+	if !ok {
+		return 0, errors.New("read value failed")
+	}
+	value := math.Float64frombits(binary.LittleEndian.Uint64(valueBytes))
+	if status == 0 {
+		return 0, errors.New("pow solve failed")
+	}
+	return int64(value), nil
+}
+
+func writeUTF8(ctx context.Context, allocFn api.Function, mem api.Memory, text string) (uint32, uint32, error) {
+	data := []byte(text)
+	res, err := allocFn.Call(ctx, uint64(len(data)), 1)
+	if err != nil || len(res) == 0 {
+		return 0, 0, errors.New("alloc failed")
+	}
+	ptr := uint32(res[0])
+	if !mem.Write(ptr, data) {
+		return 0, 0, errors.New("mem write failed")
+	}
+	return ptr, uint32(len(data)), nil
+}
+
+func BuildPowHeader(challenge map[string]any, answer int64) (string, error) {
+	payload := map[string]any{
+		"algorithm":   challenge["algorithm"],
+		"challenge":   challenge["challenge"],
+		"salt":        challenge["salt"],
+		"answer":      answer,
+		"signature":   challenge["signature"],
+		"target_path": challenge["target_path"],
+	}
+	b, err := json.Marshal(payload)
+	if err != nil {
+		return "", err
+	}
+	return base64.StdEncoding.EncodeToString(b), nil
+}
+
+func toFloat64(v any, d float64) float64 {
+	switch n := v.(type) {
+	case float64:
+		return n
+	case int:
+		return float64(n)
+	case int64:
+		return float64(n)
+	default:
+		return d
+	}
+}
+
+func toInt64(v any, d int64) int64 {
+	switch n := v.(type) {
+	case float64:
+		return int64(n)
+	case int:
+		return int64(n)
+	case int64:
+		return n
+	default:
+		return d
+	}
+}
+
+func itoa(n int64) string {
+	b, _ := json.Marshal(n)
+	return string(b)
+}
+
+func PreloadWASM(wasmPath string) {
+	solver := NewPowSolver(wasmPath)
+	if err := solver.init(context.Background()); err != nil {
+		config.Logger.Warn("[WASM] preload failed", "error", err)
+		return
+	}
+	config.Logger.Info("[WASM] module preloaded", "path", wasmPath)
+}
--- a/internal/deepseek/transport/transport.go
+++ b/internal/deepseek/transport/transport.go
@@ -0,0 +1,59 @@
+package transport
+
+import (
+	"context"
+	"crypto/tls"
+	"net"
+	"net/http"
+	"time"
+
+	utls "github.com/refraction-networking/utls"
+)
+
+type Doer interface {
+	Do(req *http.Request) (*http.Response, error)
+}
+
+type Client struct {
+	http *http.Client
+}
+
+func New(timeout time.Duration) *Client {
+	base := &http.Transport{
+		Proxy:               http.ProxyFromEnvironment,
+		ForceAttemptHTTP2:   false,
+		MaxIdleConns:        200,
+		MaxIdleConnsPerHost: 100,
+		IdleConnTimeout:     90 * time.Second,
+		DialContext:         (&net.Dialer{Timeout: 15 * time.Second, KeepAlive: 30 * time.Second}).DialContext,
+		DialTLSContext:      safariTLSDialer(),
+		TLSClientConfig:     &tls.Config{MinVersion: tls.VersionTLS12},
+	}
+	return &Client{http: &http.Client{Timeout: timeout, Transport: base}}
+}
+
+func (c *Client) Do(req *http.Request) (*http.Response, error) {
+	return c.http.Do(req)
+}
+
+func safariTLSDialer() func(ctx context.Context, network, addr string) (net.Conn, error) {
+	var dialer net.Dialer
+	return func(ctx context.Context, network, addr string) (net.Conn, error) {
+		plainConn, err := dialer.DialContext(ctx, network, addr)
+		if err != nil {
+			return nil, err
+		}
+		host, _, _ := net.SplitHostPort(addr)
+		uCfg := &utls.Config{
+			ServerName: host,
+			NextProtos: []string{"http/1.1"},
+		}
+		uConn := utls.UClient(plainConn, uCfg, utls.HelloSafari_Auto)
+		err = uConn.HandshakeContext(ctx)
+		if err != nil {
+			_ = plainConn.Close()
+			return nil, err
+		}
+		return uConn, nil
+	}
+}