fix: auto-switch Claude accounts after usage exhaustion

[cosmosjeon]

Summary

• fix the multi-account workflow where OpenCode keeps using an exhausted Claude account even after Claude Code has been re-authenticated with another account
• detect conservative usage-exhaustion 429 responses, refresh the discovered local Claude accounts, switch to the next available account, and retry the request once
• keep fallback auth state in sync during failover, cover replacement-account 401 recovery and sync-failure tolerance, and document the new behavior

Problem

When the active Claude account runs out of usage, re-authenticating Claude Code with another account does not help an already-running OpenCode session. The plugin keeps using the previously selected account, so the user still gets stuck on the exhausted account until they explicitly switch accounts or restart.

Root cause

• the active account source is persisted and reused across requests
• normal request flow does not refresh the discovered Claude account list
• retry behavior stayed on the same account instead of attempting another locally authenticated account

Scope

This change only affects environments where more than one Claude account is available locally. In practice that mainly means macOS multi-account Keychain setups. Single-account users keep the existing behavior because there is no alternative account to fail over to.

Solution

• treat only conservative usage-exhaustion 429 responses as failover candidates
• reject generic rate-limit responses by requiring no retry-after header and excluding long-context errors
• refresh the locally available Claude accounts and select a different source when one exists
• persist the replacement account and retry the request once
• keep auth.json sync best-effort so fallback-state writes do not block the request path
• recover once more if the replacement account initially returns 401 and a refreshed token is available

Safety / non-goals

• no failover on generic 429s, 401s, or 529s
• no multi-hop account cycling across every available account
• no polling-based account discovery on every request
• if the replacement account also fails, return that response instead of continuing to rotate across accounts

Relation to other account-handling work

This is separate from #99. That PR focuses on stale credential refresh behavior and suffixed keychain refresh handling. This PR focuses on a different path: when the active account is usage-exhausted but another already-authenticated local Claude account is available, the request should fail over to that account.

Covered cases

• switch to another account after a confirmed usage-exhaustion response
• do not switch on a generic 429 rate limit
• retry once more if the replacement account initially returns 401 and a refreshed token is available
• keep the replacement account persisted even if the retried request still fails
• continue the failover path even if auth.json sync throws

Testing

• pnpm run build
• pnpm test
• node --test --test-name-pattern="auth fetch — account failover" --experimental-strip-types src/index.test.ts

[jmvbambico]

Possibley related: can we add support for detecting oauth json files made from this npm library?

https://github.com/manikandan-22/claude-code-accounts