fix: align sqlite fast paths after rebase

src/plugins/plugin-registry-contributions.ts

@@ -269,8 +269,6 @@ function canReuseCurrentManifestRegistry(params: LoadPluginRegistryManifestParam
     params.index === undefined &&
     params.preferPersisted !== false &&
     params.stateDir === undefined &&
-    params.filePath === undefined &&
-    params.pluginIndexFilePath === undefined &&
     params.installRecords === undefined &&
     params.candidates === undefined &&
     params.diagnostics === undefined

src/plugins/plugin-registry-snapshot.ts

@@ -77,8 +77,6 @@ function canReuseCurrentPluginMetadataSnapshot(params: LoadPluginRegistryParams)
   return (
     params.preferPersisted !== false &&
     params.stateDir === undefined &&
-    params.filePath === undefined &&
-    params.pluginIndexFilePath === undefined &&
     params.installRecords === undefined &&
     params.candidates === undefined &&
     params.diagnostics === undefined &&

src/secrets/runtime-fast-path.ts

@@ -6,16 +6,17 @@ import {
   resolveDefaultAgentDir,
 } from "../agents/agent-scope-config.js";
 import {
-  AUTH_PROFILE_FILENAME,
-  AUTH_STATE_FILENAME,
-  LEGACY_AUTH_FILENAME,
-} from "../agents/auth-profiles/path-constants.js";
+  resolveAuthStatePath,
+  resolveAuthStorePath,
+  resolveLegacyAuthStorePath,
+} from "../agents/auth-profiles/paths.js";
+import { hasPersistedAuthProfileSecretsStore } from "../agents/auth-profiles/persisted.js";
 import type { AuthProfileStore } from "../agents/auth-profiles/types.js";
-import { resolveOAuthPath } from "../config/paths.js";
+import { resolveOAuthDir } from "../config/paths.js";
 import type { OpenClawConfig } from "../config/types.openclaw.js";
 import { coerceSecretRef } from "../config/types.secrets.js";
 import type { PluginOrigin } from "../plugins/plugin-origin.types.js";
-import { uniqueStrings } from "../shared/string-normalization.js";
+import { resolveOpenClawStateSqlitePath } from "../state/openclaw-state-db.paths.js";
 import { resolveUserPath } from "../utils.js";
 import type {
   PreparedSecretsRuntimeSnapshot,
@@ -31,11 +32,14 @@ const RUNTIME_PATH_ENV_KEYS = [
   "OPENCLAW_HOME",
   "OPENCLAW_STATE_DIR",
   "OPENCLAW_CONFIG_PATH",
+  "OPENCLAW_OAUTH_DIR",
   "OPENCLAW_AGENT_DIR",
   "PI_CODING_AGENT_DIR",
   "OPENCLAW_TEST_FAST",
 ] as const;
 
+const LEGACY_OAUTH_FILENAME = "oauth.json";
+
 export function mergeSecretsRuntimeEnv(
   env: NodeJS.ProcessEnv | Record<string, string | undefined> | undefined,
 ): Record<string, string | undefined> {
@@ -85,25 +89,32 @@ function resolveCandidateAgentDirs(params: {
     : collectCandidateAgentDirs(params.config, params.env);
 }
 
-function hasCandidateAuthProfileStoreSource(agentDir: string): boolean {
+function hasCandidateAuthProfileStoreSource(agentDir: string, env: NodeJS.ProcessEnv): boolean {
   return (
-    existsSync(path.join(agentDir, AUTH_PROFILE_FILENAME)) ||
-    existsSync(path.join(agentDir, AUTH_STATE_FILENAME)) ||
-    existsSync(path.join(agentDir, LEGACY_AUTH_FILENAME))
+    existsSync(resolveAuthStorePath(agentDir, env)) ||
+    existsSync(resolveAuthStatePath(agentDir, env)) ||
+    existsSync(resolveLegacyAuthStorePath(agentDir, env)) ||
+    (existsSync(resolveOpenClawStateSqlitePath(env)) &&
+      hasPersistedAuthProfileSecretsStore(agentDir, { env }))
   );
 }
 
+function hasLegacyOAuthCredentials(env: NodeJS.ProcessEnv): boolean {
+  return existsSync(path.join(resolveOAuthDir(env), LEGACY_OAUTH_FILENAME));
+}
+
 export function hasCandidateAuthProfileStoreSources(params: {
   config: OpenClawConfig;
   env: NodeJS.ProcessEnv | Record<string, string | undefined>;
   agentDirs?: string[];
 }): boolean {
+  const env = params.env as NodeJS.ProcessEnv;
   const candidateDirs = resolveCandidateAgentDirs(params);
-  const mainAgentDir = resolveUserPath(resolveDefaultAgentDir({}, params.env), params.env);
+  const mainAgentDir = resolveUserPath(resolveDefaultAgentDir({}, env), env);
   return (
-    candidateDirs.some((agentDir) => hasCandidateAuthProfileStoreSource(agentDir)) ||
-    hasCandidateAuthProfileStoreSource(mainAgentDir) ||
-    existsSync(resolveOAuthPath(params.env as NodeJS.ProcessEnv))
+    candidateDirs.some((agentDir) => hasCandidateAuthProfileStoreSource(agentDir, env)) ||
+    hasCandidateAuthProfileStoreSource(mainAgentDir, env) ||
+    hasLegacyOAuthCredentials(env)
   );
 }
 

src/secrets/runtime.fast-path.test.ts

@@ -4,9 +4,9 @@ import path from "node:path";
 import { afterEach, describe, expect, it, vi } from "vitest";
 import { resolveDefaultAgentDir } from "../agents/agent-scope-config.js";
 import type { AuthProfileStore } from "../agents/auth-profiles.js";
-import { AUTH_PROFILE_FILENAME } from "../agents/auth-profiles/path-constants.js";
+import { resolveAuthStorePath } from "../agents/auth-profiles/paths.js";
 import { clearConfigCache, clearRuntimeConfigSnapshot } from "../config/config.js";
-import { resolveOAuthPath } from "../config/paths.js";
+import { resolveOAuthDir } from "../config/paths.js";
 import { createEmptyPluginRegistry } from "../plugins/registry.js";
 import { setActivePluginRegistry } from "../plugins/runtime.js";
 import { clearSecretsRuntimeSnapshot } from "./runtime.js";
@@ -57,7 +57,7 @@ function requireGatewayAuth(
 function writeAuthProfileStore(agentDir: string): void {
   mkdirSync(agentDir, { recursive: true });
   writeFileSync(
-    path.join(agentDir, AUTH_PROFILE_FILENAME),
+    resolveAuthStorePath(agentDir),
     `${JSON.stringify({
       version: 1,
       profiles: {
@@ -207,7 +207,7 @@ describe("secrets runtime fast path", () => {
     {
       name: "oauth credentials file",
       setup: (env: NodeJS.ProcessEnv, _mainAgentDir: string, _agentDir: string) => {
-        const credentialsPath = resolveOAuthPath(env);
+        const credentialsPath = path.join(resolveOAuthDir(env), "oauth.json");
         mkdirSync(path.dirname(credentialsPath), { recursive: true });
         writeFileSync(
           credentialsPath,