mirror of
https://github.com/openai/codex.git
synced 2026-05-16 01:02:48 +00:00
d8ddeb6869
## Why Some MCP OAuth providers require a pre-registered public client ID and cannot rely on dynamic client registration. Codex already supports MCP OAuth, but it had no way to supply that client ID from config into the PKCE flow. ## What changed - add `oauth.client_id` under `[mcp_servers.<server>]` config, including config editing and schema generation - thread the configured client ID through CLI, app-server, plugin login, and MCP skill dependency OAuth entrypoints - configure RMCP authorization with the explicit client when present, while preserving the existing dynamic-registration path when it is absent - add focused coverage for config parsing/serialization and OAuth URL generation ## Verification - `cargo test -p codex-config -p codex-rmcp-client -p codex-mcp -p codex-core-plugins` - `cargo test -p codex-core blocking_replace_mcp_servers_round_trips --lib` - `cargo test -p codex-core replace_mcp_servers_streamable_http_serializes_oauth_resource --lib` - `cargo test -p codex-core config_schema_matches_fixture --lib` ## Notes Broader local package runs still hit unrelated pre-existing stack overflows in: - `codex-app-server::in_process_start_clamps_zero_channel_capacity` - `codex-core::resume_agent_from_rollout_uses_edge_data_when_descendant_metadata_source_is_stale`
137 lines
5.5 KiB
Rust
137 lines
5.5 KiB
Rust
mod cloud_requirements;
|
|
mod config_requirements;
|
|
pub mod config_toml;
|
|
mod constraint;
|
|
mod diagnostics;
|
|
mod fingerprint;
|
|
mod hook_config;
|
|
mod host_name;
|
|
mod key_aliases;
|
|
pub mod loader;
|
|
mod marketplace_edit;
|
|
mod mcp_edit;
|
|
mod mcp_types;
|
|
mod merge;
|
|
mod overrides;
|
|
pub mod permissions_toml;
|
|
mod plugin_edit;
|
|
pub mod profile_toml;
|
|
mod project_root_markers;
|
|
mod requirements_exec_policy;
|
|
pub mod schema;
|
|
mod skills_config;
|
|
mod state;
|
|
mod strict_config;
|
|
mod thread_config;
|
|
mod tui_keymap;
|
|
pub mod types;
|
|
|
|
pub const CONFIG_TOML_FILE: &str = "config.toml";
|
|
|
|
pub use cloud_requirements::CloudRequirementsLoadError;
|
|
pub use cloud_requirements::CloudRequirementsLoadErrorCode;
|
|
pub use cloud_requirements::CloudRequirementsLoader;
|
|
pub use codex_app_server_protocol::ConfigLayerSource;
|
|
pub use codex_protocol::config_types::ProfileV2Name;
|
|
pub use codex_protocol::config_types::ProfileV2NameParseError;
|
|
pub use codex_utils_absolute_path::AbsolutePathBuf;
|
|
pub use config_requirements::AppRequirementToml;
|
|
pub use config_requirements::AppToolRequirementToml;
|
|
pub use config_requirements::AppToolsRequirementsToml;
|
|
pub use config_requirements::AppsRequirementsToml;
|
|
pub use config_requirements::ConfigRequirements;
|
|
pub use config_requirements::ConfigRequirementsToml;
|
|
pub use config_requirements::ConfigRequirementsWithSources;
|
|
pub use config_requirements::ConstrainedWithSource;
|
|
pub use config_requirements::FeatureRequirementsToml;
|
|
pub use config_requirements::FilesystemConstraints;
|
|
pub use config_requirements::FilesystemDenyReadPattern;
|
|
pub use config_requirements::McpServerIdentity;
|
|
pub use config_requirements::McpServerRequirement;
|
|
pub use config_requirements::NetworkConstraints;
|
|
pub use config_requirements::NetworkDomainPermissionToml;
|
|
pub use config_requirements::NetworkDomainPermissionsToml;
|
|
pub use config_requirements::NetworkRequirementsToml;
|
|
pub use config_requirements::NetworkUnixSocketPermissionToml;
|
|
pub use config_requirements::NetworkUnixSocketPermissionsToml;
|
|
pub use config_requirements::PluginRequirementsToml;
|
|
pub use config_requirements::RemoteSandboxConfigToml;
|
|
pub use config_requirements::RequirementSource;
|
|
pub use config_requirements::ResidencyRequirement;
|
|
pub use config_requirements::SandboxModeRequirement;
|
|
pub use config_requirements::Sourced;
|
|
pub use config_requirements::WebSearchModeRequirement;
|
|
pub use config_requirements::sandbox_mode_requirement_for_permission_profile;
|
|
pub use constraint::Constrained;
|
|
pub use constraint::ConstraintError;
|
|
pub use constraint::ConstraintResult;
|
|
pub use diagnostics::ConfigError;
|
|
pub use diagnostics::ConfigLoadError;
|
|
pub use diagnostics::TextPosition;
|
|
pub use diagnostics::TextRange;
|
|
pub use diagnostics::config_error_from_toml;
|
|
pub use diagnostics::config_error_from_typed_toml;
|
|
pub use diagnostics::first_layer_config_error;
|
|
pub use diagnostics::first_layer_config_error_from_entries;
|
|
pub use diagnostics::format_config_error;
|
|
pub use diagnostics::format_config_error_with_source;
|
|
pub use diagnostics::io_error_from_config_error;
|
|
pub use fingerprint::version_for_toml;
|
|
pub use hook_config::HookEventsToml;
|
|
pub use hook_config::HookHandlerConfig;
|
|
pub use hook_config::HookStateToml;
|
|
pub use hook_config::HooksFile;
|
|
pub use hook_config::HooksToml;
|
|
pub use hook_config::ManagedHooksRequirementsToml;
|
|
pub use hook_config::MatcherGroup;
|
|
pub use host_name::host_name;
|
|
pub use marketplace_edit::MarketplaceConfigUpdate;
|
|
pub use marketplace_edit::RemoveMarketplaceConfigOutcome;
|
|
pub use marketplace_edit::record_user_marketplace;
|
|
pub use marketplace_edit::remove_user_marketplace;
|
|
pub use marketplace_edit::remove_user_marketplace_config;
|
|
pub use mcp_edit::ConfigEditsBuilder;
|
|
pub use mcp_edit::load_global_mcp_servers;
|
|
pub use mcp_types::AppToolApproval;
|
|
pub use mcp_types::McpServerConfig;
|
|
pub use mcp_types::McpServerDisabledReason;
|
|
pub use mcp_types::McpServerEnvVar;
|
|
pub use mcp_types::McpServerOAuthConfig;
|
|
pub use mcp_types::McpServerToolConfig;
|
|
pub use mcp_types::McpServerTransportConfig;
|
|
pub use mcp_types::RawMcpServerConfig;
|
|
pub use merge::merge_toml_values;
|
|
pub use overrides::build_cli_overrides_layer;
|
|
pub use plugin_edit::PluginConfigEdit;
|
|
pub use plugin_edit::apply_user_plugin_config_edits;
|
|
pub use plugin_edit::clear_user_plugin;
|
|
pub use plugin_edit::set_user_plugin_enabled;
|
|
pub use project_root_markers::default_project_root_markers;
|
|
pub use project_root_markers::project_root_markers_from_config;
|
|
pub use requirements_exec_policy::RequirementsExecPolicy;
|
|
pub use requirements_exec_policy::RequirementsExecPolicyDecisionToml;
|
|
pub use requirements_exec_policy::RequirementsExecPolicyParseError;
|
|
pub use requirements_exec_policy::RequirementsExecPolicyPatternTokenToml;
|
|
pub use requirements_exec_policy::RequirementsExecPolicyPrefixRuleToml;
|
|
pub use requirements_exec_policy::RequirementsExecPolicyToml;
|
|
pub use skills_config::BundledSkillsConfig;
|
|
pub use skills_config::SkillConfig;
|
|
pub use skills_config::SkillsConfig;
|
|
pub use state::ConfigLayerEntry;
|
|
pub use state::ConfigLayerStack;
|
|
pub use state::ConfigLayerStackOrdering;
|
|
pub use state::ConfigLoadOptions;
|
|
pub use state::LoaderOverrides;
|
|
pub use strict_config::config_error_from_ignored_toml_fields;
|
|
pub use thread_config::NoopThreadConfigLoader;
|
|
pub use thread_config::RemoteThreadConfigLoader;
|
|
pub use thread_config::SessionThreadConfig;
|
|
pub use thread_config::StaticThreadConfigLoader;
|
|
pub use thread_config::ThreadConfigContext;
|
|
pub use thread_config::ThreadConfigLoadError;
|
|
pub use thread_config::ThreadConfigLoadErrorCode;
|
|
pub use thread_config::ThreadConfigLoader;
|
|
pub use thread_config::ThreadConfigSource;
|
|
pub use thread_config::UserThreadConfig;
|
|
pub use toml::Value as TomlValue;
|