fix(sandbox): codex-login injects OAuth only (never the API key) + leaves config untouched#110
Open
dinghengda-creator wants to merge 1 commit into
Conversation
auth.json can also hold a long-lived OPENAI_API_KEY next to the oauth tokens. The previous code injected the whole file, so that key could end up in the sandbox. Now only the oauth tokens are injected (OPENAI_API_KEY set to null) and api-key-only auth is rejected. Also removed the config.toml rewrite and the --keep-model-config flag; the config is left as the platform wrote it. Use `codex exec -c model_provider=openai` to select the subscription.
001077f to
7a6837e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Follow-up to #100.
auth.json can hold a long-lived OPENAI_API_KEY next to the chatgpt oauth tokens. The current codex-login injects the file as-is, so that key ends up in the sandbox. This strips it before injecting: only the oauth tokens go in, OPENAI_API_KEY is set to null, and an api-key-only file is rejected.
Also removes the config.toml rewrite and the --keep-model-config flag. The config is left as the platform wrote it; select the subscription with
codex exec -c model_provider=openai.Tested with a crafted auth.json containing a fake key: the sandbox copy has OPENAI_API_KEY null and the key is absent. Unit tests + ruff/mypy pass.