[Auth] Add keyring support for Codex CLI #5591
Conversation
celia-oai
force-pushed
the
dev/cc/auth-keyring-support
branch
6 times, most recently
from
02000ee to
1294543
Compare
celia-oai
force-pushed
the
dev/cc/auth-new-abstraction
branch
from
9561e19 to
36935e7
Compare
celia-oai
force-pushed
the
dev/cc/auth-keyring-support
branch
7 times, most recently
from
60fe5bf to
36bc480
Compare
celia-oai
requested review from
gpeal,
owenlin0,
pakrym-oai and
pkomlev
and removed request for
pkomlev
celia-oai
changed the title
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
https://github.com/openai/codex/blob/36bc4807cb14bbfddd71f4e23077f1e999b1cd5d/codex-rs/core/src/auth.rs#L475-L477
The new AuthCredentialsStoreMode adds Keyring/Auto backends, but the top‑level helpers still instantiate storage with AuthCredentialsStoreMode::File (see logout, and similarly save_auth/load_auth_dot_json). As a result the CLI never reads or writes via the keyring and logout cannot remove keyring entries, so the feature introduced in this commit is effectively dead code. This should default to the keyring‑backed mode (or accept a user preference) so credentials are stored and deleted consistently.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
thanks codex, this will be a followup. added to the pr description. |
celia-oai
force-pushed
the
dev/cc/auth-keyring-support
branch
from
36bc480 to
739c021
Compare
celia-oai
force-pushed
the
dev/cc/auth-keyring-support
branch
3 times, most recently
from
d4def96 to
1af9588
Compare
celia-oai
force-pushed
the
dev/cc/auth-new-abstraction
branch
7 times, most recently
from
3a3c1d3 to
068a3b7
Compare
celia-oai
force-pushed
the
dev/cc/auth-keyring-support
branch
6 times, most recently
from
0c5716f to
afd91c9
Compare
celia-oai
force-pushed
the
dev/cc/auth-new-abstraction
branch
from
07d197a to
8b9e633
Compare
celia-oai
force-pushed
the
dev/cc/auth-keyring-support
branch
2 times, most recently
from
adc6753 to
becb331
Compare
celia-oai
force-pushed
the
dev/cc/auth-keyring-support
branch
2 times, most recently
from
09513fc to
2b06a08
Compare
celia-oai
force-pushed
the
dev/cc/auth-keyring-support
branch
from
2b06a08 to
72ccf34
Compare
celia-oai
force-pushed
the
dev/cc/auth-keyring-support
branch
from
dd5ecac to
ac0c0ec
Compare
Follow-up PR to #5569. Add Keyring Support for Auth Storage in Codex CLI as well as a hybrid mode (default to persisting in keychain but fall back to file when unavailable.)
It also refactors out the keyringstore implementation from rmcp-client here to a new keyring-store crate.
There will be a follow-up that picks the right credential mode depending on the config, instead of hardcoding
AuthCredentialsStoreMode::File.