coze_lab 0.1.23 → 0.1.24

package/README.md

@@ -70,11 +70,10 @@ created after a new Codex turn, Codex did not load or execute the hook.
 
 OAuth tokens are stored in `~/.cozeloop/credentials.json` (mode 600).
 
-In cloud mode, trace verification and hook uploads require
-`COZELOOP_API_TOKEN`. `COZE_API_TOKEN` is kept only as a legacy compatibility
-signal for hook injection; it is not treated as a CozeLoop SDK trace ingest
-token. If cloud only provides `COZE_API_TOKEN`, onboard still writes the hook
-configuration but reports `verify=fail` with `token_source=COZE_API_TOKEN`.
+In cloud mode, trace verification and hook uploads prefer
+`COZELOOP_API_TOKEN` and fall back to `COZE_API_TOKEN`. The selfcheck result is
+authoritative: if the token does not have trace ingest permission, onboard still
+writes the hook configuration but reports `verify=fail` with `token_source`.
 
 **At hook execution time** (Claude Code / Codex), the Python hook script automatically:
 1. Reads `~/.cozeloop/credentials.json`

package/index.js

@@ -51,7 +51,7 @@ function getCloudTokenInfo() {
   }
   const cozeToken = readEnv('COZE_API_TOKEN');
   if (cozeToken) {
-    return { token: cozeToken, source: 'COZE_API_TOKEN', traceUsable: false };
+    return { token: cozeToken, source: 'COZE_API_TOKEN', traceUsable: true };
   }
   return { token: '', source: '', traceUsable: false };
 }
@@ -5420,32 +5420,28 @@ async function main() {
 
   // Step 1: Authorize.
   //   云端（--cloud）：token 取自 sandbox 注入的环境变量，跳过 OAuth / credentials.json。
-  //     trace 上报需要 COZELOOP_API_TOKEN；COZE_API_TOKEN 只保留为历史兼容来源，
-  //     onboard 会写入 hook，但自检会明确标记它不是 CozeLoop ingest token。
+  //     优先使用 COZELOOP_API_TOKEN；兼容使用 COZE_API_TOKEN，并以真实 selfcheck 为准。
   //   本地：load cached → refresh → device code。
   //   注意：workspace_id 始终用写死的 WORKSPACE_ID（团队固定上报 workspace），不读环境。
   let token;
   let tokenSource = '';
-  let cloudTraceUsableToken = true;
   if (args.cloud) {
     info('Step 1/5: 云端模式，从环境变量读取 trace token...');
     const tokenInfo = getCloudTokenInfo();
     token = tokenInfo.token;
     tokenSource = tokenInfo.source;
-    cloudTraceUsableToken = tokenInfo.traceUsable;
     if (!token) {
       errorBox([
-        'ERROR: --cloud 模式要求环境变量 COZELOOP_API_TOKEN',
+        'ERROR: --cloud 模式要求环境变量 COZELOOP_API_TOKEN 或 COZE_API_TOKEN',
         '',
-        '云端 sandbox 应在进程环境中注入 COZELOOP_API_TOKEN。',
+        '云端 sandbox 应在进程环境中注入可用于 trace ingest 的 token。',
         '未检测到该变量，无法配置 trace 上报。',
       ]);
     }
     cloudResult.token_source = tokenSource;
-    if (cloudTraceUsableToken) {
-      ok(`已从环境变量读取 ${tokenSource}`);
-    } else {
-      warn('仅检测到 COZE_API_TOKEN；它不是 CozeLoop SDK trace ingest token，自检预计会失败。');
+    ok(`已从环境变量读取 ${tokenSource}`);
+    if (tokenSource === 'COZE_API_TOKEN') {
+      info('将兼容使用 COZE_API_TOKEN 作为 trace token，并通过 selfcheck 验证实际可用性。');
     }
   } else {
     info('Step 1/5: 检查授权状态...');
@@ -5534,24 +5530,9 @@ async function main() {
 
   // Step 5: Verify trace reporting end-to-end
   info('Step 5/5: 验证 trace 上报链路...');
-  let verifyResult;
-  if (args.cloud && !cloudTraceUsableToken) {
-    verifyResult = {
-      success: false,
-      status: 0,
-      body: '云端仅提供 COZE_API_TOKEN。Coze API token 不能作为 CozeLoop Python SDK 的 COZELOOP_API_TOKEN 上报 trace；请注入具备 CozeLoop trace ingest 权限的 COZELOOP_API_TOKEN。',
-      traceId: '',
-      pairCode: args.pairCode || '',
-      tokenSource,
-      apiBaseUrl: getCozeloopApiBaseUrl(true),
-    };
-    warn('trace 上报跳过：缺少 COZELOOP_API_TOKEN。');
-    console.log(verifyResult.body);
-  } else {
-    verifyResult = args.cloud
-      ? await verifyTraceReportViaSdk(token, WORKSPACE_ID, args.pairCode, pythonCmd || 'python3', tokenSource)
-      : await verifyTraceReport(token, WORKSPACE_ID, args.pairCode, getOtelTracesUrl(false));
-  }
+  const verifyResult = args.cloud
+    ? await verifyTraceReportViaSdk(token, WORKSPACE_ID, args.pairCode, pythonCmd || 'python3', tokenSource)
+    : await verifyTraceReport(token, WORKSPACE_ID, args.pairCode, getOtelTracesUrl(false));
   if (verifyResult.success) {
     cloudResult.verify = 'ok';
   } else if (CLOUD_MODE) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "coze_lab",
-  "version": "0.1.23",
+  "version": "0.1.24",
   "description": "Configure local AI agents (Claude Code, Codex, OpenClaw) to report traces to CozeLoop",
   "keywords": [
     "cozeloop",

package/scripts/claude-code/cozeloop_hook.py

@@ -273,6 +273,8 @@ def get_fresh_token() -> Optional[str]:
     env_coze_token = os.environ.get("COZE_API_TOKEN")
     if env_token:
         return env_token
+    if env_coze_token:
+        return env_coze_token
     creds = _load_credentials()
     if creds:
         expires_at_sec = creds.get("expires_at", 0) / 1000
@@ -286,8 +288,6 @@ def get_fresh_token() -> Optional[str]:
             if new_token:
                 return new_token
             debug_log("Refresh failed, falling back to env var.")
-    if env_coze_token:
-        debug_log("COZE_API_TOKEN present but ignored; CozeLoop trace upload requires COZELOOP_API_TOKEN")
     return None
 
 # -------------------------------------------------------------------------

package/scripts/codex/cozeloop_hook.py

@@ -234,6 +234,8 @@ def get_fresh_token():
     env_coze_token = os.environ.get("COZE_API_TOKEN")
     if env_token:
         return env_token
+    if env_coze_token:
+        return env_coze_token
     creds = _load_credentials()
     if creds:
         remaining = creds.get("expires_at", 0) / 1000 - time.time()
@@ -243,8 +245,6 @@ def get_fresh_token():
             new_token = _refresh_token(creds["refresh_token"])
             if new_token:
                 return new_token
-    if env_coze_token:
-        hook_log("COZE_API_TOKEN present but ignored; CozeLoop trace upload requires COZELOOP_API_TOKEN")
     return None
 # -------------------------------------------------------------------------