@victor-software-house/pi-multicodex 2.0.10 → 2.0.12

package/account-manager.ts

@@ -4,7 +4,10 @@ import {
 } from "@mariozechner/pi-ai/oauth";
 import { AuthStorage } from "@mariozechner/pi-coding-agent";
 import { normalizeUnknownError } from "pi-provider-utils/streams";
-import { loadImportedOpenAICodexAuth } from "./auth";
+import {
+	loadImportedOpenAICodexAuth,
+	writeActiveTokenToAuthJson,
+} from "./auth";
 import { isAccountAvailable, pickBestAccount } from "./selection";
 import {
 	type Account,
@@ -44,6 +47,23 @@ export class AccountManager {
 		}
 	}
 
+	/**
+	 * Write the active account's tokens to auth.json so pi's background features
+	 * (rename, compaction) can resolve a valid API key via AuthStorage.
+	 */
+	private syncActiveTokenToAuthJson(account: Account): void {
+		try {
+			writeActiveTokenToAuthJson({
+				access: account.accessToken,
+				refresh: account.refreshToken,
+				expires: account.expiresAt,
+				accountId: account.accountId,
+			});
+		} catch {
+			// Best-effort sync — do not block token resolution.
+		}
+	}
+
 	onStateChange(handler: StateChangeHandler): () => void {
 		this.stateChangeHandlers.add(handler);
 		return () => {
@@ -363,6 +383,7 @@ export class AccountManager {
 		}
 
 		if (Date.now() < account.expiresAt - 5 * 60 * 1000) {
+			this.syncActiveTokenToAuthJson(account);
 			return account.accessToken;
 		}
 
@@ -390,6 +411,7 @@ export class AccountManager {
 				}
 				this.save();
 				this.notifyStateChanged();
+				this.syncActiveTokenToAuthJson(account);
 				return account.accessToken;
 			} catch (error) {
 				this.markNeedsReauth(account);

package/auth.ts

@@ -1,4 +1,9 @@
-import { promises as fs } from "node:fs";
+import {
+	existsSync,
+	promises as fs,
+	readFileSync,
+	writeFileSync,
+} from "node:fs";
 import type { OAuthCredentials } from "@mariozechner/pi-ai/oauth";
 import { getAgentAuthPath } from "pi-provider-utils/agent-paths";
 
@@ -85,6 +90,47 @@ export function parseImportedOpenAICodexAuth(
 	};
 }
 
+/**
+ * Write the active account's tokens to auth.json so pi's background features
+ * (rename, compaction, inline suggestions) can resolve a valid API key through
+ * the normal AuthStorage path.
+ */
+/**
+ * Synchronously write the active account's tokens to auth.json so pi's
+ * background features (rename, compaction) can resolve a valid API key.
+ *
+ * Uses synchronous I/O to avoid interleaved writes with pi's own code.
+ */
+export function writeActiveTokenToAuthJson(creds: {
+	access: string;
+	refresh: string;
+	expires: number;
+	accountId?: string;
+}): void {
+	let auth: Record<string, unknown> = {};
+	try {
+		if (existsSync(AUTH_FILE)) {
+			const raw = readFileSync(AUTH_FILE, "utf8");
+			const parsed = JSON.parse(raw) as unknown;
+			if (parsed && typeof parsed === "object" && !Array.isArray(parsed)) {
+				auth = parsed as Record<string, unknown>;
+			}
+		}
+	} catch {
+		// File missing or corrupt — start fresh.
+	}
+
+	auth["openai-codex"] = {
+		type: "oauth",
+		access: creds.access,
+		refresh: creds.refresh,
+		expires: creds.expires,
+		accountId: creds.accountId,
+	};
+
+	writeFileSync(AUTH_FILE, JSON.stringify(auth, null, 2));
+}
+
 export async function loadImportedOpenAICodexAuth(): Promise<
 	ImportedOpenAICodexAuth | undefined
 > {
@@ -95,11 +141,8 @@ export async function loadImportedOpenAICodexAuth(): Promise<
 			return undefined;
 		}
 		return parseImportedOpenAICodexAuth(parsed as Record<string, unknown>);
-	} catch (error) {
-		const withCode = error as Error & { code?: string };
-		if (withCode.code === "ENOENT") {
-			return undefined;
-		}
-		throw error;
+	} catch {
+		// File missing, corrupt, or unreadable — treat as no imported auth.
+		return undefined;
 	}
 }

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@victor-software-house/pi-multicodex",
-	"version": "2.0.10",
+	"version": "2.0.12",
 	"description": "Codex account rotation extension for pi",
 	"license": "MIT",
 	"type": "module",