fix(codex): include required instructions and improve account-id extraction

2026-02-14 12:48:16 +08:00
parent 7304ab7d33
commit da804a0748
4 changed files with 41 additions and 0 deletions
--- a/pkg/auth/oauth_test.go
+++ b/pkg/auth/oauth_test.go
@@ -1,6 +1,7 @@
 package auth

 import (
+	"encoding/base64"
 	"encoding/json"
 	"net/http"
 	"net/http/httptest"
@@ -91,6 +92,32 @@ func TestParseTokenResponseNoAccessToken(t *testing.T) {
 	}
 }

+func TestParseTokenResponseAccountIDFromIDToken(t *testing.T) {
+	idToken := makeJWTWithAccountID("acc-from-id")
+	resp := map[string]interface{}{
+		"access_token":  "not-a-jwt",
+		"refresh_token": "test-refresh-token",
+		"expires_in":    3600,
+		"id_token":      idToken,
+	}
+	body, _ := json.Marshal(resp)
+
+	cred, err := parseTokenResponse(body, "openai")
+	if err != nil {
+		t.Fatalf("parseTokenResponse() error: %v", err)
+	}
+
+	if cred.AccountID != "acc-from-id" {
+		t.Errorf("AccountID = %q, want %q", cred.AccountID, "acc-from-id")
+	}
+}
+
+func makeJWTWithAccountID(accountID string) string {
+	header := base64.RawURLEncoding.EncodeToString([]byte(`{"alg":"none","typ":"JWT"}`))
+	payload := base64.RawURLEncoding.EncodeToString([]byte(`{"https://api.openai.com/auth":{"chatgpt_account_id":"` + accountID + `"}}`))
+	return header + "." + payload + ".sig"
+}
+
 func TestExchangeCodeForTokens(t *testing.T) {
 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.URL.Path != "/oauth/token" {