mirror of
https://github.com/openai/codex.git
synced 2026-04-25 07:05:38 +00:00
fix(app-server): for external auth, replace id_token with chatgpt_acc… (#11240)
…ount_id and chatgpt_plan_type ### Summary Following up on external auth mode which was introduced here: https://github.com/openai/codex/pull/10012 Turns out some clients have a differently shaped ID token and don't have a chosen workspace (aka chatgpt_account_id) encoded in their ID token. So, let's replace `id_token` param with `chatgpt_account_id` and `chatgpt_plan_type` (optional) when initializing the external ChatGPT auth mode (`account/login/start` with `chatgptAuthTokens`). The client was able to test end-to-end with a Codex build from this branch and verified it worked!
This commit is contained in:
@@ -338,7 +338,7 @@
|
||||
"$schema": "http://json-schema.org/draft-07/schema#",
|
||||
"properties": {
|
||||
"previousAccountId": {
|
||||
"description": "Workspace/account identifier that Codex was previously using.\n\nClients that manage multiple accounts/workspaces can use this as a hint to refresh the token for the correct workspace.\n\nThis may be `null` when the prior ID token did not include a workspace identifier (`chatgpt_account_id`) or when the token could not be parsed.",
|
||||
"description": "Workspace/account identifier that Codex was previously using.\n\nClients that manage multiple accounts/workspaces can use this as a hint to refresh the token for the correct workspace.\n\nThis may be `null` when the prior auth state did not include a workspace identifier (`chatgpt_account_id`).",
|
||||
"type": [
|
||||
"string",
|
||||
"null"
|
||||
@@ -371,13 +371,19 @@
|
||||
"accessToken": {
|
||||
"type": "string"
|
||||
},
|
||||
"idToken": {
|
||||
"chatgptAccountId": {
|
||||
"type": "string"
|
||||
},
|
||||
"chatgptPlanType": {
|
||||
"type": [
|
||||
"string",
|
||||
"null"
|
||||
]
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"accessToken",
|
||||
"idToken"
|
||||
"chatgptAccountId"
|
||||
],
|
||||
"title": "ChatgptAuthTokensRefreshResponse",
|
||||
"type": "object"
|
||||
@@ -12071,13 +12077,20 @@
|
||||
"description": "[UNSTABLE] FOR OPENAI INTERNAL USE ONLY - DO NOT USE. The access token must contain the same scopes that Codex-managed ChatGPT auth tokens have.",
|
||||
"properties": {
|
||||
"accessToken": {
|
||||
"description": "Access token (JWT) supplied by the client. This token is used for backend API requests.",
|
||||
"description": "Access token (JWT) supplied by the client. This token is used for backend API requests and email extraction.",
|
||||
"type": "string"
|
||||
},
|
||||
"idToken": {
|
||||
"description": "ID token (JWT) supplied by the client.\n\nThis token is used for identity and account metadata (email, plan type, workspace id).",
|
||||
"chatgptAccountId": {
|
||||
"description": "Workspace/account identifier supplied by the client.",
|
||||
"type": "string"
|
||||
},
|
||||
"chatgptPlanType": {
|
||||
"description": "Optional plan type supplied by the client.\n\nWhen `null`, Codex attempts to derive the plan type from access-token claims. If unavailable, the plan defaults to `unknown`.",
|
||||
"type": [
|
||||
"string",
|
||||
"null"
|
||||
]
|
||||
},
|
||||
"type": {
|
||||
"enum": [
|
||||
"chatgptAuthTokens"
|
||||
@@ -12088,7 +12101,7 @@
|
||||
},
|
||||
"required": [
|
||||
"accessToken",
|
||||
"idToken",
|
||||
"chatgptAccountId",
|
||||
"type"
|
||||
],
|
||||
"title": "ChatgptAuthTokensv2::LoginAccountParams",
|
||||
|
||||
Reference in New Issue
Block a user