@poncho-ai/harness 0.29.0 → 0.31.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@poncho-ai/harness",
-  "version": "0.29.0",
+  "version": "0.31.0",
   "description": "Agent execution runtime - conversation loop, tool dispatch, streaming",
   "repository": {
     "type": "git",
@@ -34,7 +34,7 @@
     "redis": "^5.10.0",
     "yaml": "^2.4.0",
     "zod": "^3.22.0",
-    "@poncho-ai/sdk": "1.6.2"
+    "@poncho-ai/sdk": "1.7.0"
   },
   "devDependencies": {
     "@types/mustache": "^4.2.6",

package/src/agent-parser.ts

@@ -170,7 +170,7 @@ export const parseAgentMarkdown = (content: string): ParsedAgent => {
     throw new Error("Invalid AGENT.md: frontmatter requires a non-empty `name`.");
   }
 
-  const KNOWN_PROVIDERS = new Set(["anthropic", "openai"]);
+  const KNOWN_PROVIDERS = new Set(["anthropic", "openai", "openai-codex"]);
   const splitProviderPrefix = (raw: string): { provider?: string; name: string } => {
     const slashIdx = raw.indexOf("/");
     if (slashIdx > 0) {

package/src/config.ts

@@ -100,6 +100,13 @@ export interface PonchoConfig extends McpConfig {
   storage?: StorageConfig;
   providers?: {
     openai?: { apiKeyEnv?: string };
+    openaiCodex?: {
+      refreshTokenEnv?: string;
+      accessTokenEnv?: string;
+      accessTokenExpiresAtEnv?: string;
+      accountIdEnv?: string;
+      authFilePathEnv?: string;
+    };
     anthropic?: { apiKeyEnv?: string };
   };
   telemetry?: {

package/src/harness.ts

@@ -451,6 +451,8 @@ export default {
   providers: {
     anthropic: { apiKeyEnv: "ANTHROPIC_API_KEY" },
     openai: { apiKeyEnv: "OPENAI_API_KEY" },
+    // openai-codex provider reads OAuth tokens from env vars by default:
+    // openaiCodex: { refreshTokenEnv: "OPENAI_CODEX_REFRESH_TOKEN", accountIdEnv: "OPENAI_CODEX_ACCOUNT_ID" },
   },
   auth: {
     required: true,
@@ -1643,7 +1645,7 @@ ${boundedMainMemory.trim()}`
       if (lastMsg && lastMsg.role !== "user") {
         messages.push({
           role: "user",
-          content: "[System: Your previous turn was interrupted by a time limit. Continue from where you left off — do NOT repeat what you already said. Proceed directly with the next action or tool call.]",
+          content: "[System: Your previous turn was interrupted by a time limit. Your partial response above is already visible to the user. Continue EXACTLY from where you left off — do NOT restart, re-summarize, or repeat any content you already produced. If you were mid-sentence or mid-table, continue that sentence or table. Proceed directly with the next action or output.]",
           metadata: { timestamp: now(), id: randomUUID() },
         });
       }
@@ -2048,7 +2050,10 @@ ${boundedMainMemory.trim()}`
         let chunkCount = 0;
         const hasRunTimeout = timeoutMs > 0;
         const streamDeadline = hasRunTimeout ? start + timeoutMs : 0;
+        const hasSoftDeadline = softDeadlineMs > 0;
+        const INTER_CHUNK_TIMEOUT_MS = 60_000;
         const fullStreamIterator = result.fullStream[Symbol.asyncIterator]();
+        let softDeadlineFiredDuringStream = false;
         try {
           while (true) {
             if (isCancelled()) {
@@ -2072,25 +2077,36 @@ ${boundedMainMemory.trim()}`
                 return;
               }
             }
-            const remaining = hasRunTimeout ? streamDeadline - now() : Infinity;
+            if (hasSoftDeadline && chunkCount > 0 && now() - start >= softDeadlineMs) {
+              softDeadlineFiredDuringStream = true;
+              break;
+            }
+            const hardRemaining = hasRunTimeout ? streamDeadline - now() : Infinity;
+            const softRemaining = hasSoftDeadline ? Math.max(0, (start + softDeadlineMs) - now()) : Infinity;
+            const deadlineRemaining = Math.min(hardRemaining, softRemaining);
             const timeout = chunkCount === 0
-              ? Math.min(remaining, FIRST_CHUNK_TIMEOUT_MS)
-              : hasRunTimeout ? remaining : 0;
+              ? Math.min(deadlineRemaining, FIRST_CHUNK_TIMEOUT_MS)
+              : Math.min(deadlineRemaining, INTER_CHUNK_TIMEOUT_MS);
             let nextPart: IteratorResult<(typeof result.fullStream) extends AsyncIterable<infer T> ? T : never> | null;
-            if (timeout <= 0 && chunkCount > 0) {
+            if (timeout <= 0 && chunkCount > 0 && !hasSoftDeadline) {
               nextPart = await fullStreamIterator.next();
             } else {
+              const effectiveTimeout = Math.max(timeout, 1);
               let timer: ReturnType<typeof setTimeout> | undefined;
               nextPart = await Promise.race([
                 fullStreamIterator.next(),
                 new Promise<null>((resolve) => {
-                  timer = setTimeout(() => resolve(null), timeout);
+                  timer = setTimeout(() => resolve(null), effectiveTimeout);
                 }),
               ]);
               clearTimeout(timer);
             }
 
             if (nextPart === null) {
+              if (hasSoftDeadline && deadlineRemaining <= INTER_CHUNK_TIMEOUT_MS) {
+                softDeadlineFiredDuringStream = true;
+                break;
+              }
               const isFirstChunk = chunkCount === 0;
               console.error(
                 `[poncho][harness] Stream timeout waiting for ${isFirstChunk ? "first" : "next"} chunk: model="${modelName}", step=${step}, chunks=${chunkCount}, elapsed=${now() - start}ms`,
@@ -2125,6 +2141,31 @@ ${boundedMainMemory.trim()}`
           fullStreamIterator.return?.(undefined)?.catch?.(() => {});
         }
 
+        if (softDeadlineFiredDuringStream) {
+          if (fullText.length > 0) {
+            messages.push({
+              role: "assistant",
+              content: fullText,
+              metadata: { timestamp: now(), id: randomUUID(), step },
+            });
+          }
+          const result_: RunResult = {
+            status: "completed",
+            response: responseText + fullText,
+            steps: step,
+            tokens: { input: totalInputTokens, output: totalOutputTokens, cached: totalCachedTokens },
+            duration: now() - start,
+            continuation: true,
+            continuationMessages: [...messages],
+            maxSteps,
+            contextTokens: latestContextTokens + toolOutputEstimateSinceModel,
+            contextWindow,
+          };
+          console.info(`[poncho][harness] Soft deadline fired mid-stream at step ${step} (${(now() - start).toFixed(0)}ms). Checkpointing with ${fullText.length} chars of partial text.`);
+          yield pushEvent({ type: "run:completed", runId, result: result_ });
+          return;
+        }
+
         if (isCancelled()) {
           yield emitCancellation();
           return;
@@ -2133,6 +2174,13 @@ ${boundedMainMemory.trim()}`
       // Post-streaming soft deadline: if the model stream took long enough to
       // push past the soft deadline, checkpoint now before tool execution.
       if (softDeadlineMs > 0 && now() - start > softDeadlineMs) {
+        if (fullText.length > 0) {
+          messages.push({
+            role: "assistant",
+            content: fullText,
+            metadata: { timestamp: now(), id: randomUUID(), step },
+          });
+        }
         const result_: RunResult = {
           status: "completed",
           response: responseText + fullText,
@@ -2446,6 +2494,13 @@ ${boundedMainMemory.trim()}`
       }
 
       if ((batchResults as unknown) === TOOL_DEADLINE_SENTINEL) {
+        if (fullText.length > 0) {
+          messages.push({
+            role: "assistant",
+            content: fullText,
+            metadata: { timestamp: now(), id: randomUUID(), step },
+          });
+        }
         const result_: RunResult = {
           status: "completed",
           response: responseText + fullText,

package/src/index.ts

@@ -8,6 +8,7 @@ export * from "./latitude-capture.js";
 export * from "./memory.js";
 export * from "./mcp.js";
 export * from "./model-factory.js";
+export * from "./openai-codex-auth.js";
 export * from "./schema-converter.js";
 export * from "./search-tools.js";
 export * from "./skill-context.js";

package/src/model-factory.ts

@@ -1,6 +1,10 @@
 import { createOpenAI } from "@ai-sdk/openai";
 import { createAnthropic } from "@ai-sdk/anthropic";
 import type { LanguageModel } from "ai";
+import {
+  getOpenAICodexAccessToken,
+  type OpenAICodexAuthConfig,
+} from "./openai-codex-auth.js";
 
 export type ModelProviderFactory = (modelName: string) => LanguageModel;
 
@@ -30,6 +34,33 @@ const MODEL_CONTEXT_WINDOWS: Record<string, number> = {
 };
 
 const DEFAULT_CONTEXT_WINDOW = 200_000;
+const OPENAI_CODEX_DEFAULT_INSTRUCTIONS =
+  "You are Codex, based on GPT-5. You are running as a coding agent in Poncho.";
+
+const extractSystemInstructionFromInput = (input: unknown): string | undefined => {
+  if (!Array.isArray(input)) return undefined;
+  for (const message of input) {
+    if (!message || typeof message !== "object") continue;
+    const candidate = message as { role?: unknown; content?: unknown };
+    if (candidate.role !== "system") continue;
+    if (typeof candidate.content === "string" && candidate.content.trim().length > 0) {
+      return candidate.content;
+    }
+    if (Array.isArray(candidate.content)) {
+      const textParts = candidate.content
+        .map((part) => {
+          if (!part || typeof part !== "object") return "";
+          const p = part as { text?: unknown };
+          return typeof p.text === "string" ? p.text : "";
+        })
+        .filter((text) => text.trim().length > 0);
+      if (textParts.length > 0) {
+        return textParts.join("\n");
+      }
+    }
+  }
+  return undefined;
+};
 
 /**
  * Returns the context window size (in tokens) for a given model name.
@@ -51,6 +82,7 @@ export const getModelContextWindow = (modelName: string): number => {
 
 export interface ProviderConfig {
   openai?: { apiKeyEnv?: string };
+  openaiCodex?: OpenAICodexAuthConfig;
   anthropic?: { apiKeyEnv?: string };
 }
 
@@ -62,6 +94,61 @@ export interface ProviderConfig {
 export const createModelProvider = (provider?: string, config?: ProviderConfig): ModelProviderFactory => {
   const normalized = (provider ?? "anthropic").toLowerCase();
 
+  if (normalized === "openai-codex") {
+    const openai = createOpenAI({
+      apiKey: "oauth-placeholder",
+      fetch: async (input, init) => {
+        const { accessToken, accountId } = await getOpenAICodexAccessToken(config?.openaiCodex);
+        const headers = new Headers(init?.headers);
+        headers.set("Authorization", `Bearer ${accessToken}`);
+        headers.set("originator", "poncho");
+        headers.set("User-Agent", "poncho/1.0");
+        if (accountId) {
+          headers.set("ChatGPT-Account-Id", accountId);
+        }
+        const originalUrl =
+          input instanceof URL
+            ? input.toString()
+            : typeof input === "string"
+              ? input
+              : input.url;
+        const parsed = new URL(originalUrl);
+        const shouldRewrite =
+          parsed.pathname.includes("/v1/responses") ||
+          parsed.pathname.includes("/chat/completions");
+        const targetUrl = shouldRewrite
+          ? "https://chatgpt.com/backend-api/codex/responses"
+          : originalUrl;
+        let body = init?.body;
+        if (
+          shouldRewrite &&
+          typeof body === "string" &&
+          headers.get("Content-Type")?.includes("application/json")
+        ) {
+          try {
+            const payload = JSON.parse(body) as {
+              instructions?: unknown;
+              input?: unknown;
+              store?: unknown;
+            };
+            if (typeof payload.instructions !== "string" || payload.instructions.trim() === "") {
+              payload.instructions =
+                extractSystemInstructionFromInput(payload.input) ??
+                OPENAI_CODEX_DEFAULT_INSTRUCTIONS;
+            }
+            // Codex endpoint requires store=false explicitly.
+            payload.store = false;
+            body = JSON.stringify(payload);
+          } catch {
+            // Keep original body if parsing fails.
+          }
+        }
+        return fetch(targetUrl, { ...init, headers, body });
+      },
+    });
+    return (modelName: string) => openai(modelName);
+  }
+
   if (normalized === "openai") {
     const apiKeyEnv = config?.openai?.apiKeyEnv ?? "OPENAI_API_KEY";
     const openai = createOpenAI({

package/src/openai-codex-auth.ts

@@ -0,0 +1,362 @@
+import { homedir } from "node:os";
+import { dirname, resolve } from "node:path";
+import { mkdir, readFile, chmod, writeFile, rm } from "node:fs/promises";
+
+export const OPENAI_CODEX_CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann";
+const OPENAI_AUTH_ISSUER = "https://auth.openai.com";
+const REFRESH_TOKEN_GRACE_MS = 5 * 60 * 1000;
+const DEVICE_POLLING_SAFETY_MARGIN_MS = 3000;
+const DEVICE_FLOW_TIMEOUT_MS = 10 * 60 * 1000;
+const REQUIRED_SCOPES = [
+  "openid",
+  "profile",
+  "email",
+  "offline_access",
+  "api.responses.write",
+  "model.request",
+  "api.model.read",
+];
+
+export interface OpenAICodexAuthConfig {
+  refreshTokenEnv?: string;
+  accessTokenEnv?: string;
+  accessTokenExpiresAtEnv?: string;
+  accountIdEnv?: string;
+  authFilePathEnv?: string;
+}
+
+export interface OpenAICodexSession {
+  refreshToken: string;
+  accessToken?: string;
+  accessTokenExpiresAt?: number;
+  accountId?: string;
+}
+
+interface OpenAICodexStoredSession extends OpenAICodexSession {
+  updatedAt: string;
+}
+
+type SessionSource = "env" | "file";
+
+const defaultedConfig = (
+  config?: OpenAICodexAuthConfig,
+): Required<OpenAICodexAuthConfig> => ({
+  refreshTokenEnv: config?.refreshTokenEnv ?? "OPENAI_CODEX_REFRESH_TOKEN",
+  accessTokenEnv: config?.accessTokenEnv ?? "OPENAI_CODEX_ACCESS_TOKEN",
+  accessTokenExpiresAtEnv:
+    config?.accessTokenExpiresAtEnv ?? "OPENAI_CODEX_ACCESS_TOKEN_EXPIRES_AT",
+  accountIdEnv: config?.accountIdEnv ?? "OPENAI_CODEX_ACCOUNT_ID",
+  authFilePathEnv: config?.authFilePathEnv ?? "OPENAI_CODEX_AUTH_FILE",
+});
+
+const parseEpochMillis = (value: string | undefined): number | undefined => {
+  if (!value) return undefined;
+  const parsed = Number.parseInt(value, 10);
+  if (Number.isNaN(parsed) || parsed <= 0) return undefined;
+  return parsed;
+};
+
+export const getOpenAICodexAuthFilePath = (config?: OpenAICodexAuthConfig): string => {
+  const env = defaultedConfig(config);
+  const fromEnv = process.env[env.authFilePathEnv];
+  if (typeof fromEnv === "string" && fromEnv.trim().length > 0) {
+    return resolve(fromEnv);
+  }
+  return resolve(homedir(), ".poncho", "auth", "openai-codex.json");
+};
+
+export const readOpenAICodexSession = async (
+  config?: OpenAICodexAuthConfig,
+): Promise<OpenAICodexSession | undefined> => {
+  const filePath = getOpenAICodexAuthFilePath(config);
+  try {
+    const content = await readFile(filePath, "utf8");
+    const parsed = JSON.parse(content) as Partial<OpenAICodexStoredSession>;
+    if (typeof parsed.refreshToken !== "string" || parsed.refreshToken.length === 0) {
+      return undefined;
+    }
+    return {
+      refreshToken: parsed.refreshToken,
+      accessToken:
+        typeof parsed.accessToken === "string" && parsed.accessToken.length > 0
+          ? parsed.accessToken
+          : undefined,
+      accessTokenExpiresAt:
+        typeof parsed.accessTokenExpiresAt === "number" && parsed.accessTokenExpiresAt > 0
+          ? parsed.accessTokenExpiresAt
+          : undefined,
+      accountId:
+        typeof parsed.accountId === "string" && parsed.accountId.length > 0
+          ? parsed.accountId
+          : undefined,
+    };
+  } catch {
+    return undefined;
+  }
+};
+
+export const writeOpenAICodexSession = async (
+  session: OpenAICodexSession,
+  config?: OpenAICodexAuthConfig,
+): Promise<void> => {
+  const filePath = getOpenAICodexAuthFilePath(config);
+  await mkdir(dirname(filePath), { recursive: true });
+  const payload: OpenAICodexStoredSession = {
+    ...session,
+    updatedAt: new Date().toISOString(),
+  };
+  await writeFile(filePath, `${JSON.stringify(payload, null, 2)}\n`, "utf8");
+  await chmod(filePath, 0o600);
+};
+
+export const deleteOpenAICodexSession = async (
+  config?: OpenAICodexAuthConfig,
+): Promise<void> => {
+  const filePath = getOpenAICodexAuthFilePath(config);
+  await rm(filePath, { force: true });
+};
+
+interface TokenResponse {
+  access_token: string;
+  refresh_token?: string;
+  expires_in?: number;
+  id_token?: string;
+}
+
+interface DeviceStartResponse {
+  device_auth_id: string;
+  user_code: string;
+  interval?: string | number;
+}
+
+interface DeviceTokenResponse {
+  authorization_code: string;
+  code_verifier: string;
+}
+
+const parseAccountIdFromJwt = (token: string | undefined): string | undefined => {
+  if (!token) return undefined;
+  const parts = token.split(".");
+  if (parts.length !== 3) return undefined;
+  try {
+    const claims = JSON.parse(Buffer.from(parts[1] ?? "", "base64url").toString("utf8")) as {
+      chatgpt_account_id?: string;
+      "https://api.openai.com/auth"?: {
+        chatgpt_account_id?: string;
+      };
+      organizations?: Array<{ id?: string }>;
+    };
+    return (
+      claims.chatgpt_account_id ??
+      claims["https://api.openai.com/auth"]?.chatgpt_account_id ??
+      claims.organizations?.[0]?.id
+    );
+  } catch {
+    return undefined;
+  }
+};
+
+const exchangeRefreshToken = async (refreshToken: string): Promise<TokenResponse> => {
+  const response = await fetch(`${OPENAI_AUTH_ISSUER}/oauth/token`, {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body: new URLSearchParams({
+      grant_type: "refresh_token",
+      refresh_token: refreshToken,
+      client_id: OPENAI_CODEX_CLIENT_ID,
+    }).toString(),
+  });
+
+  if (!response.ok) {
+    const body = await response.text();
+    throw new Error(
+      `OpenAI Codex token refresh failed (${response.status}). Re-run \`poncho auth login --provider openai-codex --device\`, export the new token, and update deployment secrets. Details: ${body.slice(0, 240)}`,
+    );
+  }
+
+  return (await response.json()) as TokenResponse;
+};
+
+const exchangeAuthorizationCode = async (
+  code: string,
+  codeVerifier: string,
+): Promise<TokenResponse> => {
+  const response = await fetch(`${OPENAI_AUTH_ISSUER}/oauth/token`, {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body: new URLSearchParams({
+      grant_type: "authorization_code",
+      code,
+      redirect_uri: `${OPENAI_AUTH_ISSUER}/deviceauth/callback`,
+      client_id: OPENAI_CODEX_CLIENT_ID,
+      code_verifier: codeVerifier,
+    }).toString(),
+  });
+  if (!response.ok) {
+    const body = await response.text();
+    throw new Error(
+      `OpenAI Codex device token exchange failed (${response.status}): ${body.slice(0, 240)}`,
+    );
+  }
+  return (await response.json()) as TokenResponse;
+};
+
+const readSessionFromEnv = (config?: OpenAICodexAuthConfig): OpenAICodexSession | undefined => {
+  const env = defaultedConfig(config);
+  const refreshToken = process.env[env.refreshTokenEnv];
+  if (!refreshToken || refreshToken.trim().length === 0) return undefined;
+  return {
+    refreshToken: refreshToken.trim(),
+    accessToken: process.env[env.accessTokenEnv]?.trim() || undefined,
+    accessTokenExpiresAt: parseEpochMillis(process.env[env.accessTokenExpiresAtEnv]),
+    accountId: process.env[env.accountIdEnv]?.trim() || undefined,
+  };
+};
+
+const shouldRefresh = (expiresAt: number | undefined): boolean =>
+  !expiresAt || Date.now() + REFRESH_TOKEN_GRACE_MS >= expiresAt;
+
+let runtimeCachedSession: OpenAICodexSession | undefined;
+
+const readSession = async (
+  config?: OpenAICodexAuthConfig,
+): Promise<{ session: OpenAICodexSession; source: SessionSource }> => {
+  const envSession = readSessionFromEnv(config);
+  if (envSession) return { session: envSession, source: "env" };
+
+  if (runtimeCachedSession) {
+    return { session: runtimeCachedSession, source: "file" };
+  }
+
+  const fileSession = await readOpenAICodexSession(config);
+  if (!fileSession) {
+    throw new Error(
+      "OpenAI Codex credentials not found. Run `poncho auth login --provider openai-codex --device` locally, or set OPENAI_CODEX_REFRESH_TOKEN in your environment.",
+    );
+  }
+  runtimeCachedSession = fileSession;
+  return { session: fileSession, source: "file" };
+};
+
+export const getOpenAICodexAccessToken = async (
+  config?: OpenAICodexAuthConfig,
+): Promise<{ accessToken: string; accountId?: string }> => {
+  const { session, source } = await readSession(config);
+  if (session.accessToken && !shouldRefresh(session.accessTokenExpiresAt)) {
+    return { accessToken: session.accessToken, accountId: session.accountId };
+  }
+
+  const refreshed = await exchangeRefreshToken(session.refreshToken);
+  const nextSession: OpenAICodexSession = {
+    refreshToken: refreshed.refresh_token ?? session.refreshToken,
+    accessToken: refreshed.access_token,
+    accessTokenExpiresAt: Date.now() + (refreshed.expires_in ?? 3600) * 1000,
+    accountId:
+      session.accountId ??
+      parseAccountIdFromJwt(refreshed.id_token) ??
+      parseAccountIdFromJwt(refreshed.access_token),
+  };
+
+  runtimeCachedSession = nextSession;
+  if (source === "file") {
+    await writeOpenAICodexSession(nextSession, config);
+  }
+
+  return {
+    accessToken: nextSession.accessToken!,
+    accountId: nextSession.accountId,
+  };
+};
+
+export interface OpenAICodexDeviceAuthRequest {
+  deviceAuthId: string;
+  userCode: string;
+  verificationUrl: string;
+  intervalMs: number;
+}
+
+export const getOpenAICodexRequiredScopes = (): string[] => [...REQUIRED_SCOPES];
+
+export const startOpenAICodexDeviceAuth = async (): Promise<OpenAICodexDeviceAuthRequest> => {
+  const response = await fetch(`${OPENAI_AUTH_ISSUER}/api/accounts/deviceauth/usercode`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      "User-Agent": "poncho/1.0",
+    },
+    body: JSON.stringify({
+      client_id: OPENAI_CODEX_CLIENT_ID,
+      scope: REQUIRED_SCOPES.join(" "),
+    }),
+  });
+  if (!response.ok) {
+    const body = await response.text();
+    throw new Error(
+      `OpenAI Codex device authorization start failed (${response.status}): ${body.slice(0, 240)}`,
+    );
+  }
+  const data = (await response.json()) as DeviceStartResponse;
+  const intervalRaw =
+    typeof data.interval === "number"
+      ? data.interval
+      : Number.parseInt(String(data.interval ?? "5"), 10);
+  const intervalMs = Math.max(Number.isNaN(intervalRaw) ? 5 : intervalRaw, 1) * 1000;
+  return {
+    deviceAuthId: data.device_auth_id,
+    userCode: data.user_code,
+    verificationUrl: `${OPENAI_AUTH_ISSUER}/codex/device`,
+    intervalMs,
+  };
+};
+
+export const completeOpenAICodexDeviceAuth = async (
+  request: OpenAICodexDeviceAuthRequest,
+): Promise<OpenAICodexSession> => {
+  const startedAt = Date.now();
+  while (Date.now() - startedAt < DEVICE_FLOW_TIMEOUT_MS) {
+    const response = await fetch(`${OPENAI_AUTH_ISSUER}/api/accounts/deviceauth/token`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "User-Agent": "poncho/1.0",
+      },
+      body: JSON.stringify({
+        device_auth_id: request.deviceAuthId,
+        user_code: request.userCode,
+      }),
+    });
+    if (response.ok) {
+      const data = (await response.json()) as DeviceTokenResponse;
+      const tokens = await exchangeAuthorizationCode(
+        data.authorization_code,
+        data.code_verifier,
+      );
+      if (!tokens.refresh_token || tokens.refresh_token.length === 0) {
+        throw new Error("OpenAI Codex device auth succeeded but no refresh token was returned.");
+      }
+      return {
+        refreshToken: tokens.refresh_token,
+        accessToken: tokens.access_token,
+        accessTokenExpiresAt: Date.now() + (tokens.expires_in ?? 3600) * 1000,
+        accountId:
+          parseAccountIdFromJwt(tokens.id_token) ??
+          parseAccountIdFromJwt(tokens.access_token),
+      };
+    }
+
+    if (response.status !== 403 && response.status !== 404) {
+      const body = await response.text();
+      throw new Error(
+        `OpenAI Codex device authorization polling failed (${response.status}): ${body.slice(0, 240)}`,
+      );
+    }
+
+    await new Promise((resolveWait) => {
+      setTimeout(resolveWait, request.intervalMs + DEVICE_POLLING_SAFETY_MARGIN_MS);
+    });
+  }
+
+  throw new Error(
+    "OpenAI Codex device authorization timed out. Re-run `poncho auth login --provider openai-codex --device`.",
+  );
+};

package/src/state.ts

@@ -71,6 +71,10 @@ export interface Conversation {
   /** Harness-internal message chain preserved across continuation runs.
    *  Cleared when a run completes without continuation. */
   _continuationMessages?: Message[];
+  /** Number of continuation pickups for the current multi-step run.
+   *  Reset when a run completes without continuation. Used to enforce
+   *  a maximum continuation count across all entry points. */
+  _continuationCount?: number;
   /** Full structured message chain from the last harness run, including
    *  tool-call and tool-result messages the model needs for context.
    *  Unlike `_continuationMessages`, this is always set after a run

package/test/agent-parser.test.ts

@@ -20,6 +20,18 @@ Working dir: {{runtime.workingDir}}
     expect(parsed.body).toContain("# Hello");
   });
 
+  it("parses provider prefix from model name for openai-codex", () => {
+    const parsed = parseAgentMarkdown(`---
+name: codex-agent
+model: openai-codex/gpt-5.3-codex
+---
+
+# Agent
+`);
+    expect(parsed.frontmatter.model?.provider).toBe("openai-codex");
+    expect(parsed.frontmatter.model?.name).toBe("gpt-5.3-codex");
+  });
+
   it("renders mustache runtime and parameter context", () => {
     const parsed = parseAgentMarkdown(`---
 name: test-agent