Liking cljdoc? Tell your friends :D

com.blockether.vis.ext.provider-openai-codex

OpenAI Codex (ChatGPT OAuth) provider.

This mirrors Codex CLI / ChatGPT OAuth:

  1. Generate PKCE verifier + S256 challenge.
  2. Open auth.openai.com with Codex's public client id.
  3. Let the browser redirect to the registered localhost callback, then paste the final redirect URL/code back into Vis.
  4. Exchange the code for ChatGPT access/refresh tokens.
  5. Refresh the access token before expiry and expose it to Vis as the provider token.

Tokens are persisted at ~/.vis/openai-codex-auth.json. The access token is a JWT; Codex requests require the embedded ChatGPT account id, so this namespace validates/extracts it during login/refresh.

OpenAI Codex (ChatGPT OAuth) provider.

This mirrors Codex CLI / ChatGPT OAuth:
1. Generate PKCE verifier + S256 challenge.
2. Open auth.openai.com with Codex's public client id.
3. Let the browser redirect to the registered localhost callback,
   then paste the final redirect URL/code back into Vis.
4. Exchange the code for ChatGPT access/refresh tokens.
5. Refresh the access token before expiry and expose it to Vis as
   the provider token.

Tokens are persisted at `~/.vis/openai-codex-auth.json`. The access
token is a JWT; Codex requests require the embedded ChatGPT account
id, so this namespace validates/extracts it during login/refresh.
raw docstring

account-idclj

(account-id access-token)

Extract the ChatGPT account id from a Codex access-token JWT.

Extract the ChatGPT account id from a Codex access-token JWT.
sourceraw docstring

authenticated?clj

(authenticated?)
source

create-authorization-flowclj

(create-authorization-flow)
(create-authorization-flow originator)

Create PKCE verifier, CSRF state, and OpenAI authorization URL.

Create PKCE verifier, CSRF state, and OpenAI authorization URL.
sourceraw docstring

detect-credentialsclj

(detect-credentials)

Detect persisted OpenAI Codex credentials. Returns a status-friendly map or nil; does not validate with the network.

Detect persisted OpenAI Codex credentials. Returns a status-friendly
map or nil; does not validate with the network.
sourceraw docstring

force-refresh-token!clj

(force-refresh-token!)
(force-refresh-token! rejected-token)

Force an OAuth refresh-token exchange, persist the rotated credentials, and return the provider-token map.

get-openai-codex-token! only refreshes when the stored token is locally expired, so a token that is locally-valid but invalidated server-side (refresh-token rotation by another client/process) would otherwise never be replaced. The runtime's 401 recovery path calls this. Routes through the single-flight refresh-and-persist!, so a STORM of 401s collapses into one exchange instead of racing the rotating refresh token into HTTP 400.

rejected-token (optional) is the access token the server just 401'd: the single-flight reuse step will NOT hand it back, forcing a real exchange when the on-file token is still the dead one. Throws when there is no refresh token on file.

Force an OAuth refresh-token exchange, persist the rotated credentials,
and return the provider-token map.

`get-openai-codex-token!` only refreshes when the stored token is locally
expired, so a token that is locally-valid but invalidated server-side
(refresh-token rotation by another client/process) would otherwise never
be replaced. The runtime's 401 recovery path calls this. Routes through
the single-flight `refresh-and-persist!`, so a STORM of 401s collapses
into one exchange instead of racing the rotating refresh token into
HTTP 400.

`rejected-token` (optional) is the access token the server just 401'd:
the single-flight reuse step will NOT hand it back, forcing a real
exchange when the on-file token is still the dead one. Throws when there
is no refresh token on file.
sourceraw docstring

get-openai-codex-token!clj

(get-openai-codex-token!)

Return a fresh Codex access token in the provider-token shape used by Vis: {:token access-token :api-url CODEX_BASE_URL :llm-headers {...}}.

Return a fresh Codex access token in the provider-token shape used by
Vis: `{:token access-token :api-url CODEX_BASE_URL :llm-headers {...}}`.
sourceraw docstring

limitsclj

(limits)

Normalized limits envelope for the OpenAI Codex provider.

Static RPM/TPM metadata comes from svar's provider catalog; this fn reports authentication state and live ChatGPT/Codex quota windows when credentials are available.

Normalized limits envelope for the OpenAI Codex provider.

Static RPM/TPM metadata comes from svar's provider catalog; this fn
reports authentication state and live ChatGPT/Codex quota windows
when credentials are available.
sourceraw docstring

login!clj

(login! printer-fn)
(login! printer-fn
        {:keys [originator open-browser-fn manual-code-fn force?]
         :or {originator "vis"
              open-browser-fn open-browser!
              manual-code-fn prompt-for-code!}})

Run the Codex OAuth flow and persist fresh credentials.

Options:

  • :originator value forwarded to OpenAI's OAuth request.
  • :open-browser-fn (fn [url] boolean) override for tests or alternate frontends.
  • :manual-code-fn (fn [printer-fn] string|nil) collector for the final redirect URL or bare authorization code. CLI uses read-line; the TUI injects a dialog-backed collector. Pass nil to disable manual entry entirely.
  • :force? when true, starts a fresh OAuth flow even if persisted credentials already exist.
Run the Codex OAuth flow and persist fresh credentials.

Options:
- `:originator`      value forwarded to OpenAI's OAuth request.
- `:open-browser-fn` `(fn [url] boolean)` override for tests or
  alternate frontends.
- `:manual-code-fn`  `(fn [printer-fn] string|nil)` collector for the
  final redirect URL or bare authorization code. CLI uses `read-line`;
  the TUI injects a dialog-backed collector. Pass nil to disable manual
  entry entirely.
- `:force?`          when true, starts a fresh OAuth flow even if
  persisted credentials already exist.
sourceraw docstring

logout!clj

(logout!)
source

parse-authorization-inputclj

(parse-authorization-input input)

Parse a pasted OAuth callback URL, raw query string, code#state, or bare code. Returns {:code string? :state string?}.

Parse a pasted OAuth callback URL, raw query string, `code#state`,
or bare code. Returns `{:code string? :state string?}`.
sourceraw docstring

statusclj

(status)
source

cljdoc builds & hosts documentation for Clojure/Script libraries

Keyboard shortcuts
Ctrl+kJump to recent docs
Move to previous article
Move to next article
Ctrl+/Jump to the search field
× close