Serialize MCP OAuth login and logout

[stevenlee-oai]

Codex Thread 019edd6d-6f14-74e2-853c-345d1803d4a6

Stack

Review and merge in order. Every layer is independently correct and documents its safe stopping point.

1. openai/codex#30292 — aggregate File/Secrets store locking
2. openai/codex#30293 — resolve and lifecycle-pin the exact OAuth store
3. openai/codex#30416 — serialized authoritative refresh transaction
4. openai/codex#30294 — Codex-owned transport refresh and one-shot 401 recovery
5. openai/codex#30295 — login/logout transaction serialization
6. openai/codex#30296 — diagnostic-only Auto store drift reporting

This PR is layer 5.

Why

Refresh serialization is incomplete if OAuth login can overwrite a freshly rotated token or logout can be followed by an in-flight refresh resurrecting credentials. All credential lifecycle mutations for one MCP identity must share the same transaction lock.

What this PR does

• Acquires the per-credential transaction lock in the real OAuth callback save path.
• Acquires the same lock in CLI logout before deleting credentials.
• Tests the actual callback and CLI paths rather than only private helpers.
• Covers both ordering guarantees: completed login becomes authoritative, and logout waits for an earlier refresh before deleting its result.

Explicit decisions

• Login, refresh, and logout serialize on compute_store_key(server_name, url).
• Operations use a bounded lock wait and surface failure rather than bypassing serialization.
• This layer adds no backend migration or durable token-store selector.

Safe stopping point

This completes the correctness stack: aggregate stores, exact-store pinning, refresh, every transport path, login, and logout now use the intended authority and serialization boundaries. Layer 6 is diagnostics only.

Validation

• just test -p codex-rmcp-client (114 passed; expected environment skips)
• just test -p codex-cli
• Real callback-save and logout-vs-refresh contention coverage