PyPI - codex-api-proxy - Versions diffs - 0.1.3__tar.gz → 0.1.5__tar.gz - Mend

codex-api-proxy 0.1.3tar.gz → 0.1.5tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

{codex_api_proxy-0.1.3 → codex_api_proxy-0.1.5}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: codex-api-proxy
-Version: 0.1.3
+Version: 0.1.5
 Summary: Local OpenAI-compatible HTTP proxy backed by Codex/OpenAI credentials
 Author: codex-api-proxy contributors
 License-Expression: MIT
@@ -34,8 +34,9 @@ This package is intentionally narrow:
 - expose OpenAI-compatible local endpoints for clients such as OpenClaw;
 - reuse the user's existing Codex/OpenAI login credentials;
-- support `/v1/chat/completions`, `/v1/responses`, and `/v1/models`;
+- support `/v1/chat/completions`, `/v1/responses`, `/v1/messages`, and `/v1/models`;
 - convert Chat Completions to Responses API when using ChatGPT Codex credentials;
+- convert Anthropic-style Messages API text requests to Responses API for local Anthropic-compatible clients;
 - otherwise transparently forward OpenAI API-key requests to OpenAI's native `/chat/completions`.
 Out of scope:
@@ -102,6 +103,20 @@ You can also set the upstream proxy explicitly at startup:
 codex-api-proxy start --proxy=http://127.0.0.1:8118
 ```
+If the upstream connection passes through a corporate TLS proxy or another endpoint
+using a private/self-signed certificate chain, point the proxy at a CA bundle that
+trusts that chain:
+- `CODEX_API_PROXY_CA_BUNDLE`
+- `REQUESTS_CA_BUNDLE`
+- `SSL_CERT_FILE`
+For example:
+```bash
+CODEX_API_PROXY_CA_BUNDLE=/path/to/internal-ca-bundle.pem codex-api-proxy start
+```
 ## Run
 Start in the background:
@@ -164,6 +179,7 @@ Environment variables for the local server:
 - `CODEX_PROXY_PORT`
 - `CODEX_PROXY_API_KEY`
 - `CODEX_API_PROXY_HTTPS_PROXY`
+- `CODEX_API_PROXY_CA_BUNDLE`
 - `CODEX_PROXY_LOG_LEVEL`
 Token refresh compatibility variables:
@@ -235,6 +251,46 @@ curl -sS http://127.0.0.1:8765/v1/chat/completions \
 When using ChatGPT Codex credentials, Chat Completions image parts are converted to Responses API `input_image` parts. `/v1/responses` requests are passed through unchanged.
+Anthropic-style Messages API:
+```bash
+curl -sS http://127.0.0.1:8765/v1/messages \
+  -H 'Content-Type: application/json' \
+  -H 'anthropic-version: 2023-06-01' \
+  -d '{
+    "model": "gpt-5.5",
+    "max_tokens": 128,
+    "system": "Be brief.",
+    "messages": [{"role":"user","content":"Reply with exactly: pong"}]
+  }'
+```
+Streaming Anthropic-style Messages API:
+```bash
+curl -N http://127.0.0.1:8765/v1/messages \
+  -H 'Content-Type: application/json' \
+  -H 'anthropic-version: 2023-06-01' \
+  -d '{
+    "model": "gpt-5.5",
+    "max_tokens": 128,
+    "stream": true,
+    "messages": [{"role":"user","content":[{"type":"text","text":"Reply with exactly: pong"}]}]
+  }'
+```
+For Anthropic-compatible clients such as Claude Code, point the Anthropic base URL at this proxy and use the local API key configured with `--api-key`, if any:
+```bash
+ANTHROPIC_BASE_URL=http://127.0.0.1:8765 \
+ANTHROPIC_AUTH_TOKEN=local-secret \
+claude
+```
+When local `--api-key` auth is enabled, `/v1/messages` accepts either `Authorization: Bearer <key>` or `x-api-key: <key>` because Anthropic-compatible clients vary in which header they send.
+The Anthropic compatibility layer currently covers text messages, system prompts, streaming text deltas, and image content blocks. Full Anthropic `tool_use` / `tool_result` round-tripping is not yet implemented.
 When `--api-key` is configured:
 ```bash

{codex_api_proxy-0.1.3 → codex_api_proxy-0.1.5}/README.md RENAMED Viewed

@@ -10,8 +10,9 @@ This package is intentionally narrow:
 - expose OpenAI-compatible local endpoints for clients such as OpenClaw;
 - reuse the user's existing Codex/OpenAI login credentials;
-- support `/v1/chat/completions`, `/v1/responses`, and `/v1/models`;
+- support `/v1/chat/completions`, `/v1/responses`, `/v1/messages`, and `/v1/models`;
 - convert Chat Completions to Responses API when using ChatGPT Codex credentials;
+- convert Anthropic-style Messages API text requests to Responses API for local Anthropic-compatible clients;
 - otherwise transparently forward OpenAI API-key requests to OpenAI's native `/chat/completions`.
 Out of scope:
@@ -78,6 +79,20 @@ You can also set the upstream proxy explicitly at startup:
 codex-api-proxy start --proxy=http://127.0.0.1:8118
 ```
+If the upstream connection passes through a corporate TLS proxy or another endpoint
+using a private/self-signed certificate chain, point the proxy at a CA bundle that
+trusts that chain:
+- `CODEX_API_PROXY_CA_BUNDLE`
+- `REQUESTS_CA_BUNDLE`
+- `SSL_CERT_FILE`
+For example:
+```bash
+CODEX_API_PROXY_CA_BUNDLE=/path/to/internal-ca-bundle.pem codex-api-proxy start
+```
 ## Run
 Start in the background:
@@ -140,6 +155,7 @@ Environment variables for the local server:
 - `CODEX_PROXY_PORT`
 - `CODEX_PROXY_API_KEY`
 - `CODEX_API_PROXY_HTTPS_PROXY`
+- `CODEX_API_PROXY_CA_BUNDLE`
 - `CODEX_PROXY_LOG_LEVEL`
 Token refresh compatibility variables:
@@ -211,6 +227,46 @@ curl -sS http://127.0.0.1:8765/v1/chat/completions \
 When using ChatGPT Codex credentials, Chat Completions image parts are converted to Responses API `input_image` parts. `/v1/responses` requests are passed through unchanged.
+Anthropic-style Messages API:
+```bash
+curl -sS http://127.0.0.1:8765/v1/messages \
+  -H 'Content-Type: application/json' \
+  -H 'anthropic-version: 2023-06-01' \
+  -d '{
+    "model": "gpt-5.5",
+    "max_tokens": 128,
+    "system": "Be brief.",
+    "messages": [{"role":"user","content":"Reply with exactly: pong"}]
+  }'
+```
+Streaming Anthropic-style Messages API:
+```bash
+curl -N http://127.0.0.1:8765/v1/messages \
+  -H 'Content-Type: application/json' \
+  -H 'anthropic-version: 2023-06-01' \
+  -d '{
+    "model": "gpt-5.5",
+    "max_tokens": 128,
+    "stream": true,
+    "messages": [{"role":"user","content":[{"type":"text","text":"Reply with exactly: pong"}]}]
+  }'
+```
+For Anthropic-compatible clients such as Claude Code, point the Anthropic base URL at this proxy and use the local API key configured with `--api-key`, if any:
+```bash
+ANTHROPIC_BASE_URL=http://127.0.0.1:8765 \
+ANTHROPIC_AUTH_TOKEN=local-secret \
+claude
+```
+When local `--api-key` auth is enabled, `/v1/messages` accepts either `Authorization: Bearer <key>` or `x-api-key: <key>` because Anthropic-compatible clients vary in which header they send.
+The Anthropic compatibility layer currently covers text messages, system prompts, streaming text deltas, and image content blocks. Full Anthropic `tool_use` / `tool_result` round-tripping is not yet implemented.
 When `--api-key` is configured:
 ```bash

{codex_api_proxy-0.1.3 → codex_api_proxy-0.1.5}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "codex-api-proxy"
-version = "0.1.3"
+version = "0.1.5"
 description = "Local OpenAI-compatible HTTP proxy backed by Codex/OpenAI credentials"
 readme = "README.md"
 requires-python = ">=3.11"

{codex_api_proxy-0.1.3 → codex_api_proxy-0.1.5}/src/codex_api_proxy/__init__.py RENAMED Viewed

@@ -1,3 +1,3 @@
 """OpenAI-compatible HTTP proxy backed by Codex/OpenAI credentials."""
-__version__ = "0.1.3"
+__version__ = "0.1.5"

codex_api_proxy-0.1.5/src/codex_api_proxy/anthropic_messages.py ADDED Viewed

@@ -0,0 +1,257 @@
+from __future__ import annotations
+import json
+import uuid
+from typing import AsyncIterator
+from codex_api_proxy.chat_completions import DEFAULT_INSTRUCTIONS
+from codex_api_proxy.chat_completions import apply_response_controls
+from codex_api_proxy.chat_completions import extract_output_text_from_events
+from codex_api_proxy.sse_utils import parse_sse_chunk
+from codex_api_proxy.sse_utils import parse_sse_events
+class AnthropicMessageError(ValueError):
+    """Raised when an Anthropic Messages request cannot be converted."""
+def anthropic_to_responses_request(
+    message: dict,
+    *,
+    default_reasoning_effort: str | None = None,
+    default_verbosity: str | None = None,
+    default_service_tier: str | None = None,
+) -> dict:
+    model = message.get("model")
+    if not isinstance(model, str) or not model.strip():
+        raise AnthropicMessageError("model is required")
+    messages = message.get("messages")
+    if not isinstance(messages, list) or not messages:
+        raise AnthropicMessageError("messages is required")
+    input_items: list[dict] = []
+    for item in messages:
+        if not isinstance(item, dict):
+            continue
+        role = item.get("role")
+        if role == "user":
+            input_items.append(
+                {
+                    "type": "message",
+                    "role": "user",
+                    "content": anthropic_content_to_response_content(item.get("content", ""), user=True),
+                }
+            )
+            continue
+        if role == "assistant":
+            input_items.append(
+                {
+                    "type": "message",
+                    "role": "assistant",
+                    "content": anthropic_content_to_response_content(item.get("content", ""), user=False),
+                }
+            )
+    if not input_items:
+        raise AnthropicMessageError("at least one user or assistant message is required")
+    payload = {
+        "model": model.strip(),
+        "instructions": anthropic_system_to_text(message.get("system")) or DEFAULT_INSTRUCTIONS,
+        "input": input_items,
+        "stream": True,
+        "store": False,
+    }
+    apply_response_controls(
+        payload,
+        message,
+        default_reasoning_effort=default_reasoning_effort,
+        default_verbosity=default_verbosity,
+        default_service_tier=default_service_tier,
+    )
+    return payload
+def anthropic_system_to_text(system: object) -> str:
+    if isinstance(system, str):
+        return system
+    return anthropic_content_to_text(system)
+def anthropic_content_to_text(content: object) -> str:
+    if isinstance(content, str):
+        return content
+    if not isinstance(content, list):
+        return ""
+    parts: list[str] = []
+    for item in content:
+        if isinstance(item, str):
+            parts.append(item)
+            continue
+        if not isinstance(item, dict):
+            continue
+        if item.get("type") == "text" and isinstance(item.get("text"), str):
+            parts.append(item["text"])
+            continue
+        if item.get("type") == "tool_result":
+            parts.append(anthropic_content_to_text(item.get("content", "")))
+    return "".join(parts)
+def anthropic_content_to_response_content(content: object, *, user: bool) -> list[dict[str, str]]:
+    text_type = "input_text" if user else "output_text"
+    if isinstance(content, str):
+        return [{"type": text_type, "text": content}]
+    if not isinstance(content, list):
+        return [{"type": text_type, "text": ""}]
+    parts: list[dict[str, str]] = []
+    for item in content:
+        if isinstance(item, str):
+            parts.append({"type": text_type, "text": item})
+            continue
+        if not isinstance(item, dict):
+            continue
+        part_type = item.get("type")
+        if part_type == "text" and isinstance(item.get("text"), str):
+            parts.append({"type": text_type, "text": item["text"]})
+            continue
+        if user and part_type == "image":
+            image_part = _anthropic_image_to_response_part(item)
+            if image_part:
+                parts.append(image_part)
+            continue
+        if user and part_type == "tool_result":
+            tool_text = anthropic_content_to_text(item.get("content", ""))
+            if tool_text:
+                parts.append({"type": "input_text", "text": tool_text})
+    return parts or [{"type": text_type, "text": ""}]
+def _anthropic_image_to_response_part(item: dict) -> dict[str, str] | None:
+    source = item.get("source")
+    if not isinstance(source, dict):
+        return None
+    if source.get("type") == "base64":
+        media_type = source.get("media_type")
+        data = source.get("data")
+        if isinstance(media_type, str) and isinstance(data, str):
+            return {"type": "input_image", "image_url": f"data:{media_type};base64,{data}"}
+    if source.get("type") == "url" and isinstance(source.get("url"), str):
+        return {"type": "input_image", "image_url": source["url"]}
+    return None
+def build_anthropic_message(
+    *,
+    message_id: str,
+    model: str,
+    content: str,
+    stop_reason: str = "end_turn",
+) -> dict[str, object]:
+    return {
+        "id": message_id,
+        "type": "message",
+        "role": "assistant",
+        "model": model,
+        "content": [{"type": "text", "text": content}],
+        "stop_reason": stop_reason,
+        "stop_sequence": None,
+        "usage": {"input_tokens": 0, "output_tokens": 0},
+    }
+def responses_events_to_anthropic_message(events: list[dict], *, model: str) -> dict[str, object]:
+    return build_anthropic_message(
+        message_id=_message_id_from_events(events),
+        model=model,
+        content=extract_output_text_from_events(events),
+    )
+async def stream_anthropic_message_events(upstream_bytes: AsyncIterator[bytes], *, model: str) -> AsyncIterator[bytes]:
+    message_id = f"msg_{uuid.uuid4().hex[:24]}"
+    yield encode_anthropic_sse(
+        "message_start",
+        {
+            "type": "message_start",
+            "message": build_anthropic_message(message_id=message_id, model=model, content="", stop_reason=None),
+        },
+    )
+    yield encode_anthropic_sse(
+        "content_block_start",
+        {"type": "content_block_start", "index": 0, "content_block": {"type": "text", "text": ""}},
+    )
+    buffer = bytearray()
+    async for chunk in upstream_bytes:
+        events, buffer = parse_sse_chunk(chunk, buffer)
+        for event in events:
+            event_type = event.get("type")
+            if event_type == "response.output_text.delta":
+                delta = event.get("delta")
+                if isinstance(delta, str) and delta:
+                    yield encode_anthropic_sse(
+                        "content_block_delta",
+                        {
+                            "type": "content_block_delta",
+                            "index": 0,
+                            "delta": {"type": "text_delta", "text": delta},
+                        },
+                    )
+            elif event_type == "response.completed":
+                for stop_event in _anthropic_stream_stop_events():
+                    yield stop_event
+                return
+            elif event_type == "error":
+                message = "upstream responses stream failed"
+                error = event.get("error")
+                if isinstance(error, dict) and isinstance(error.get("message"), str):
+                    message = error["message"]
+                raise AnthropicMessageError(message)
+    if buffer:
+        events = parse_sse_events(buffer.decode("utf-8", errors="replace"))
+        if any(event.get("type") == "response.completed" for event in events):
+            for stop_event in _anthropic_stream_stop_events():
+                yield stop_event
+            return
+    for stop_event in _anthropic_stream_stop_events():
+        yield stop_event
+def encode_anthropic_sse(event: str, payload: dict[str, object]) -> bytes:
+    return f"event: {event}\ndata: {json.dumps(payload, ensure_ascii=False)}\n\n".encode("utf-8")
+def _anthropic_stream_stop_events() -> list[bytes]:
+    return [
+        encode_anthropic_sse("content_block_stop", {"type": "content_block_stop", "index": 0}),
+        encode_anthropic_sse(
+            "message_delta",
+            {
+                "type": "message_delta",
+                "delta": {"stop_reason": "end_turn", "stop_sequence": None},
+                "usage": {"output_tokens": 0},
+            },
+        ),
+        encode_anthropic_sse("message_stop", {"type": "message_stop"}),
+    ]
+def _message_id_from_events(events: list[dict]) -> str:
+    for event in events:
+        if event.get("type") != "response.completed":
+            continue
+        response = event.get("response")
+        if isinstance(response, dict) and isinstance(response.get("id"), str):
+            return response["id"].replace("resp_", "msg_", 1)
+    return f"msg_{uuid.uuid4().hex[:24]}"

{codex_api_proxy-0.1.3 → codex_api_proxy-0.1.5}/src/codex_api_proxy/config.py RENAMED Viewed

@@ -76,6 +76,14 @@ def upstream_https_proxy(explicit_proxy: str | None = None) -> str | None:
     return DEFAULT_HTTPS_PROXY
+def upstream_ssl_verify() -> bool | str:
+    for key in ("CODEX_API_PROXY_CA_BUNDLE", "REQUESTS_CA_BUNDLE", "SSL_CERT_FILE"):
+        value = os.environ.get(key, "").strip()
+        if value:
+            return value
+    return True
 def upstream_originator() -> str:
     override = os.environ.get("CODEX_INTERNAL_ORIGINATOR_OVERRIDE", "").strip()
     return override or DEFAULT_ORIGINATOR
@@ -95,6 +103,7 @@ def upstream_client(explicit_proxy: str | None = None) -> httpx.AsyncClient:
     return httpx.AsyncClient(
         timeout=DEFAULT_TIMEOUT,
         proxy=upstream_https_proxy(explicit_proxy),
+        verify=upstream_ssl_verify(),
         trust_env=False,
     )

{codex_api_proxy-0.1.3 → codex_api_proxy-0.1.5}/src/codex_api_proxy/main.py RENAMED Viewed

@@ -14,6 +14,10 @@ from fastapi.responses import JSONResponse
 from fastapi.responses import StreamingResponse
 from codex_api_proxy import __version__
+from codex_api_proxy.anthropic_messages import AnthropicMessageError
+from codex_api_proxy.anthropic_messages import anthropic_to_responses_request
+from codex_api_proxy.anthropic_messages import responses_events_to_anthropic_message
+from codex_api_proxy.anthropic_messages import stream_anthropic_message_events
 from codex_api_proxy.auth import AuthError
 from codex_api_proxy.auth import ProxyAuth
 from codex_api_proxy.auth import load_proxy_auth_auto_refresh
@@ -246,6 +250,91 @@ def create_app(settings: Settings | None = None) -> FastAPI:
             upstream_client_instance=client,
         )
+    @app.post("/v1/messages")
+    @app.post("/messages")
+    async def proxy_anthropic_messages(request: Request) -> Response:
+        if not _authorized_anthropic(request, settings):
+            return _unauthorized()
+        request_id = uuid.uuid4().hex
+        app.state.requests_total += 1
+        started_at = time.perf_counter()
+        body = await request.body()
+        try:
+            message_body = json.loads(body)
+        except json.JSONDecodeError:
+            return _counted_error(app, 400, {"error": {"type": "invalid_request_error", "message": "invalid JSON body"}})
+        if not isinstance(message_body, dict):
+            return _counted_error(
+                app,
+                400,
+                {"error": {"type": "invalid_request_error", "message": "request body must be a JSON object"}},
+            )
+        model = message_body.get("model")
+        stream = bool(message_body.get("stream"))
+        client = _shared_upstream_client(app, settings)
+        try:
+            auth = await load_proxy_auth_auto_refresh(
+                upstream_proxy=settings.proxy,
+                upstream_client_instance=client,
+            )
+        except AuthError as exc:
+            return _counted_error(app, 503, {"error": {"type": "api_error", "message": str(exc)}})
+        try:
+            try:
+                responses_payload = anthropic_to_responses_request(
+                    message_body,
+                    default_reasoning_effort=settings.effective_reasoning_effort,
+                    default_verbosity=settings.effective_verbosity,
+                    default_service_tier=settings.effective_service_tier,
+                )
+            except AnthropicMessageError as exc:
+                return _counted_error(app, 400, {"error": {"type": "invalid_request_error", "message": str(exc)}})
+            responses_bytes = json.dumps(responses_payload).encode("utf-8")
+            if stream:
+                response = await _forward_anthropic_messages_stream(
+                    request,
+                    responses_bytes,
+                    auth,
+                    str(model),
+                    retry_on_unauthorized=True,
+                    upstream_proxy=settings.proxy,
+                    upstream_client_instance=client,
+                )
+            else:
+                response = await _forward_anthropic_messages_unary(
+                    request,
+                    responses_bytes,
+                    auth,
+                    str(model),
+                    retry_on_unauthorized=True,
+                    upstream_proxy=settings.proxy,
+                    upstream_client_instance=client,
+                )
+        except AnthropicMessageError as exc:
+            return _counted_error(app, 502, {"error": {"type": "api_error", "message": str(exc)}})
+        if 200 <= response.status_code < 400:
+            app.state.requests_ok += 1
+        else:
+            _record_error(app, response.status_code)
+        _log_latency_event(
+            {
+                "event": "anthropic_message_latency",
+                "request_id": request_id,
+                "status": "ok" if 200 <= response.status_code < 400 else "error",
+                "stream": stream,
+                "model": model,
+                "upstream_mode": auth.mode,
+                "total_ms": round((time.perf_counter() - started_at) * 1000, 2),
+            }
+        )
+        return response
     return app
@@ -263,6 +352,12 @@ def _authorized(request: Request, settings: Settings) -> bool:
     return request.headers.get("authorization") == f"Bearer {settings.api_key}"
+def _authorized_anthropic(request: Request, settings: Settings) -> bool:
+    if _authorized(request, settings):
+        return True
+    return bool(settings.api_key and request.headers.get("x-api-key") == settings.api_key)
 def _unauthorized() -> JSONResponse:
     return JSONResponse(status_code=401, content={"error": "unauthorized"})
@@ -629,6 +724,129 @@ async def _forward_chat_completions_unary(
             await client.aclose()
+async def _forward_anthropic_messages_stream(
+    request: Request,
+    responses_body: bytes,
+    auth: ProxyAuth,
+    model: str,
+    *,
+    retry_on_unauthorized: bool,
+    upstream_proxy: str | None,
+    upstream_client_instance: httpx.AsyncClient | None = None,
+) -> Response:
+    headers = _build_forward_headers(request, auth)
+    headers["Accept"] = "text/event-stream"
+    owns_client = upstream_client_instance is None
+    client = upstream_client_instance or upstream_client(upstream_proxy)
+    try:
+        upstream = await client.send(
+            client.build_request("POST", auth.responses_url(), content=responses_body, headers=headers),
+            stream=True,
+        )
+        if upstream.status_code == 401 and retry_on_unauthorized:
+            await upstream.aclose()
+            if owns_client:
+                await client.aclose()
+            try:
+                refreshed_auth = await refresh_proxy_auth(
+                    auth,
+                    upstream_proxy=upstream_proxy,
+                    upstream_client_instance=upstream_client_instance,
+                )
+            except AuthError as exc:
+                return JSONResponse(status_code=503, content={"error": {"type": "api_error", "message": str(exc)}})
+            return await _forward_anthropic_messages_stream(
+                request,
+                responses_body,
+                refreshed_auth,
+                model,
+                retry_on_unauthorized=False,
+                upstream_proxy=upstream_proxy,
+                upstream_client_instance=upstream_client_instance,
+            )
+        if upstream.status_code >= 400:
+            content = await upstream.aread()
+            await _close_upstream(upstream, client, owns_client)
+            return Response(
+                content=content,
+                status_code=upstream.status_code,
+                headers=_filter_response_headers(upstream.headers),
+            )
+        async def generate():
+            try:
+                async for chunk in stream_anthropic_message_events(upstream.aiter_bytes(), model=model):
+                    yield chunk
+            finally:
+                await upstream.aclose()
+                if owns_client:
+                    await client.aclose()
+        return StreamingResponse(generate(), status_code=200, media_type="text/event-stream")
+    except Exception:
+        if owns_client:
+            await client.aclose()
+        raise
+async def _forward_anthropic_messages_unary(
+    request: Request,
+    responses_body: bytes,
+    auth: ProxyAuth,
+    model: str,
+    *,
+    retry_on_unauthorized: bool,
+    upstream_proxy: str | None,
+    upstream_client_instance: httpx.AsyncClient | None = None,
+) -> Response:
+    headers = _build_forward_headers(request, auth)
+    headers["Accept"] = "text/event-stream"
+    owns_client = upstream_client_instance is None
+    client = upstream_client_instance or upstream_client(upstream_proxy)
+    try:
+        upstream = await client.send(
+            client.build_request("POST", auth.responses_url(), content=responses_body, headers=headers),
+            stream=True,
+        )
+        if upstream.status_code == 401 and retry_on_unauthorized:
+            await upstream.aclose()
+            if owns_client:
+                await client.aclose()
+            try:
+                refreshed_auth = await refresh_proxy_auth(
+                    auth,
+                    upstream_proxy=upstream_proxy,
+                    upstream_client_instance=upstream_client_instance,
+                )
+            except AuthError as exc:
+                return JSONResponse(status_code=503, content={"error": {"type": "api_error", "message": str(exc)}})
+            return await _forward_anthropic_messages_unary(
+                request,
+                responses_body,
+                refreshed_auth,
+                model,
+                retry_on_unauthorized=False,
+                upstream_proxy=upstream_proxy,
+                upstream_client_instance=upstream_client_instance,
+            )
+        if upstream.status_code >= 400:
+            content = await upstream.aread()
+            await _close_upstream(upstream, client, owns_client)
+            return Response(
+                content=content,
+                status_code=upstream.status_code,
+                headers=_filter_response_headers(upstream.headers),
+            )
+        body = await upstream.aread()
+        await upstream.aclose()
+        events = parse_sse_events(body.decode("utf-8", errors="replace"))
+        return JSONResponse(content=responses_events_to_anthropic_message(events, model=model))
+    finally:
+        if owns_client:
+            await client.aclose()
 def _should_stream(upstream: httpx.Response, request: Request) -> bool:
     content_type = upstream.headers.get("content-type", "")
     if "text/event-stream" in content_type:

{codex_api_proxy-0.1.3 → codex_api_proxy-0.1.5}/src/codex_api_proxy.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: codex-api-proxy
-Version: 0.1.3
+Version: 0.1.5
 Summary: Local OpenAI-compatible HTTP proxy backed by Codex/OpenAI credentials
 Author: codex-api-proxy contributors
 License-Expression: MIT
@@ -34,8 +34,9 @@ This package is intentionally narrow:
 - expose OpenAI-compatible local endpoints for clients such as OpenClaw;
 - reuse the user's existing Codex/OpenAI login credentials;
-- support `/v1/chat/completions`, `/v1/responses`, and `/v1/models`;
+- support `/v1/chat/completions`, `/v1/responses`, `/v1/messages`, and `/v1/models`;
 - convert Chat Completions to Responses API when using ChatGPT Codex credentials;
+- convert Anthropic-style Messages API text requests to Responses API for local Anthropic-compatible clients;
 - otherwise transparently forward OpenAI API-key requests to OpenAI's native `/chat/completions`.
 Out of scope:
@@ -102,6 +103,20 @@ You can also set the upstream proxy explicitly at startup:
 codex-api-proxy start --proxy=http://127.0.0.1:8118
 ```
+If the upstream connection passes through a corporate TLS proxy or another endpoint
+using a private/self-signed certificate chain, point the proxy at a CA bundle that
+trusts that chain:
+- `CODEX_API_PROXY_CA_BUNDLE`
+- `REQUESTS_CA_BUNDLE`
+- `SSL_CERT_FILE`
+For example:
+```bash
+CODEX_API_PROXY_CA_BUNDLE=/path/to/internal-ca-bundle.pem codex-api-proxy start
+```
 ## Run
 Start in the background:
@@ -164,6 +179,7 @@ Environment variables for the local server:
 - `CODEX_PROXY_PORT`
 - `CODEX_PROXY_API_KEY`
 - `CODEX_API_PROXY_HTTPS_PROXY`
+- `CODEX_API_PROXY_CA_BUNDLE`
 - `CODEX_PROXY_LOG_LEVEL`
 Token refresh compatibility variables:
@@ -235,6 +251,46 @@ curl -sS http://127.0.0.1:8765/v1/chat/completions \
 When using ChatGPT Codex credentials, Chat Completions image parts are converted to Responses API `input_image` parts. `/v1/responses` requests are passed through unchanged.
+Anthropic-style Messages API:
+```bash
+curl -sS http://127.0.0.1:8765/v1/messages \
+  -H 'Content-Type: application/json' \
+  -H 'anthropic-version: 2023-06-01' \
+  -d '{
+    "model": "gpt-5.5",
+    "max_tokens": 128,
+    "system": "Be brief.",
+    "messages": [{"role":"user","content":"Reply with exactly: pong"}]
+  }'
+```
+Streaming Anthropic-style Messages API:
+```bash
+curl -N http://127.0.0.1:8765/v1/messages \
+  -H 'Content-Type: application/json' \
+  -H 'anthropic-version: 2023-06-01' \
+  -d '{
+    "model": "gpt-5.5",
+    "max_tokens": 128,
+    "stream": true,
+    "messages": [{"role":"user","content":[{"type":"text","text":"Reply with exactly: pong"}]}]
+  }'
+```
+For Anthropic-compatible clients such as Claude Code, point the Anthropic base URL at this proxy and use the local API key configured with `--api-key`, if any:
+```bash
+ANTHROPIC_BASE_URL=http://127.0.0.1:8765 \
+ANTHROPIC_AUTH_TOKEN=local-secret \
+claude
+```
+When local `--api-key` auth is enabled, `/v1/messages` accepts either `Authorization: Bearer <key>` or `x-api-key: <key>` because Anthropic-compatible clients vary in which header they send.
+The Anthropic compatibility layer currently covers text messages, system prompts, streaming text deltas, and image content blocks. Full Anthropic `tool_use` / `tool_result` round-tripping is not yet implemented.
 When `--api-key` is configured:
 ```bash

{codex_api_proxy-0.1.3 → codex_api_proxy-0.1.5}/src/codex_api_proxy.egg-info/SOURCES.txt RENAMED Viewed

@@ -1,6 +1,7 @@
 README.md
 pyproject.toml
 src/codex_api_proxy/__init__.py
+src/codex_api_proxy/anthropic_messages.py
 src/codex_api_proxy/auth.py
 src/codex_api_proxy/chat_completions.py
 src/codex_api_proxy/cli.py
@@ -14,6 +15,7 @@ src/codex_api_proxy.egg-info/dependency_links.txt
 src/codex_api_proxy.egg-info/entry_points.txt
 src/codex_api_proxy.egg-info/requires.txt
 src/codex_api_proxy.egg-info/top_level.txt
+tests/test_anthropic_messages.py
 tests/test_api.py
 tests/test_auth.py
 tests/test_chat_completions.py

codex_api_proxy-0.1.5/tests/test_anthropic_messages.py ADDED Viewed

@@ -0,0 +1,167 @@
+import json
+from pathlib import Path
+import httpx
+from fastapi.testclient import TestClient
+import codex_api_proxy.main as main_module
+from codex_api_proxy.auth import ProxyAuth
+from codex_api_proxy.config import Settings
+from codex_api_proxy.main import create_app
+def chatgpt_auth(tmp_path: Path) -> ProxyAuth:
+    return ProxyAuth(
+        mode="chatgpt",
+        upstream_base="https://chatgpt.com/backend-api/codex",
+        headers={"Authorization": "Bearer codex-token", "ChatGPT-Account-ID": "acct-123"},
+        auth_path=tmp_path / "auth.json",
+    )
+def mock_auto_auth(monkeypatch, auth: ProxyAuth) -> None:
+    async def load_auto_auth(*args, **kwargs):
+        return auth
+    monkeypatch.setattr(main_module, "load_proxy_auth_auto_refresh", load_auto_auth)
+def mock_upstream(monkeypatch, handler):
+    monkeypatch.setattr(
+        main_module,
+        "upstream_client",
+        lambda explicit_proxy=None: httpx.AsyncClient(transport=httpx.MockTransport(handler), trust_env=False),
+    )
+def anthropic_sse_events(body: str) -> list[dict[str, object]]:
+    events = []
+    for line in body.splitlines():
+        if not line.startswith("data: "):
+            continue
+        events.append(json.loads(line.removeprefix("data: ")))
+    return events
+def test_chatgpt_mode_converts_anthropic_message_to_responses(tmp_path: Path, monkeypatch) -> None:
+    seen = {}
+    def handler(request: httpx.Request) -> httpx.Response:
+        seen["url"] = str(request.url)
+        seen["authorization"] = request.headers["authorization"]
+        seen["accept"] = request.headers["accept"]
+        seen["body"] = json.loads(request.content)
+        body = "\n\n".join(
+            [
+                'data: {"type":"response.output_text.delta","delta":"pong"}',
+                (
+                    'data: {"type":"response.completed","response":{"id":"resp_123","output":['
+                    '{"content":[{"type":"output_text","text":"pong"}]}]}}'
+                ),
+                "",
+            ]
+        )
+        return httpx.Response(200, content=body, headers={"content-type": "text/event-stream"})
+    mock_auto_auth(monkeypatch, chatgpt_auth(tmp_path))
+    mock_upstream(monkeypatch, handler)
+    app = create_app(Settings())
+    client = TestClient(app)
+    response = client.post(
+        "/v1/messages",
+        headers={"anthropic-version": "2023-06-01", "x-api-key": "local-unused"},
+        json={
+            "model": "gpt-5.5",
+            "max_tokens": 128,
+            "system": "Be brief.",
+            "messages": [{"role": "user", "content": "ping"}],
+        },
+    )
+    assert response.status_code == 200
+    assert response.json()["type"] == "message"
+    assert response.json()["role"] == "assistant"
+    assert response.json()["model"] == "gpt-5.5"
+    assert response.json()["content"] == [{"type": "text", "text": "pong"}]
+    assert response.json()["stop_reason"] == "end_turn"
+    assert seen["url"] == "https://chatgpt.com/backend-api/codex/responses"
+    assert seen["authorization"] == "Bearer codex-token"
+    assert seen["accept"] == "text/event-stream"
+    assert seen["body"]["model"] == "gpt-5.5"
+    assert seen["body"]["instructions"] == "Be brief."
+    assert seen["body"]["input"][0]["role"] == "user"
+    assert seen["body"]["input"][0]["content"] == [{"type": "input_text", "text": "ping"}]
+    assert seen["body"]["stream"] is True
+    assert seen["body"]["store"] is False
+    assert "max_output_tokens" not in seen["body"]
+def test_chatgpt_mode_streams_anthropic_message_events(tmp_path: Path, monkeypatch) -> None:
+    def handler(request: httpx.Request) -> httpx.Response:
+        body = "\n\n".join(
+            [
+                'data: {"type":"response.output_text.delta","delta":"po"}',
+                'data: {"type":"response.output_text.delta","delta":"ng"}',
+                'data: {"type":"response.completed","response":{"id":"resp_123","output":[]}}',
+                "",
+            ]
+        )
+        return httpx.Response(200, content=body, headers={"content-type": "text/event-stream"})
+    mock_auto_auth(monkeypatch, chatgpt_auth(tmp_path))
+    mock_upstream(monkeypatch, handler)
+    app = create_app(Settings())
+    client = TestClient(app)
+    with client.stream(
+        "POST",
+        "/v1/messages",
+        json={
+            "model": "gpt-5.5",
+            "max_tokens": 128,
+            "stream": True,
+            "messages": [{"role": "user", "content": [{"type": "text", "text": "ping"}]}],
+        },
+    ) as response:
+        body = response.read().decode("utf-8")
+    assert response.status_code == 200
+    assert response.headers["content-type"].startswith("text/event-stream")
+    events = anthropic_sse_events(body)
+    assert [event["type"] for event in events] == [
+        "message_start",
+        "content_block_start",
+        "content_block_delta",
+        "content_block_delta",
+        "content_block_stop",
+        "message_delta",
+        "message_stop",
+    ]
+    assert events[0]["message"]["type"] == "message"
+    assert events[0]["message"]["model"] == "gpt-5.5"
+    assert events[2]["delta"] == {"type": "text_delta", "text": "po"}
+    assert events[3]["delta"] == {"type": "text_delta", "text": "ng"}
+    assert events[-2]["delta"] == {"stop_reason": "end_turn", "stop_sequence": None}
+def test_anthropic_message_accepts_x_api_key_when_local_auth_is_enabled(tmp_path: Path, monkeypatch) -> None:
+    def handler(request: httpx.Request) -> httpx.Response:
+        return httpx.Response(
+            200,
+            content='data: {"type":"response.completed","response":{"output":[]}}\n\n',
+            headers={"content-type": "text/event-stream"},
+        )
+    mock_auto_auth(monkeypatch, chatgpt_auth(tmp_path))
+    mock_upstream(monkeypatch, handler)
+    app = create_app(Settings(api_key="local-secret"))
+    client = TestClient(app)
+    response = client.post(
+        "/v1/messages",
+        headers={"x-api-key": "local-secret"},
+        json={"model": "gpt-5.5", "max_tokens": 128, "messages": [{"role": "user", "content": "ping"}]},
+    )
+    assert response.status_code == 200

{codex_api_proxy-0.1.3 → codex_api_proxy-0.1.5}/tests/test_config.py RENAMED Viewed

@@ -1,5 +1,6 @@
 from codex_api_proxy.config import DEFAULT_HTTPS_PROXY
 from codex_api_proxy.config import Settings
+from codex_api_proxy.config import upstream_client
 from codex_api_proxy.config import upstream_https_proxy
@@ -64,3 +65,52 @@ def test_upstream_https_proxy_defaults_to_privoxy(monkeypatch) -> None:
 def test_upstream_https_proxy_env_override(monkeypatch) -> None:
     monkeypatch.setenv("CODEX_API_PROXY_HTTPS_PROXY", "http://127.0.0.1:9999")
     assert upstream_https_proxy() == "http://127.0.0.1:9999"
+def test_upstream_client_defaults_to_system_tls_trust(monkeypatch) -> None:
+    for key in ("CODEX_API_PROXY_CA_BUNDLE", "SSL_CERT_FILE", "REQUESTS_CA_BUNDLE"):
+        monkeypatch.delenv(key, raising=False)
+    captured = {}
+    def fake_async_client(**kwargs):
+        captured.update(kwargs)
+        return object()
+    monkeypatch.setattr("codex_api_proxy.config.httpx.AsyncClient", fake_async_client)
+    upstream_client()
+    assert captured["verify"] is True
+def test_upstream_client_uses_proxy_ca_bundle(monkeypatch) -> None:
+    monkeypatch.setenv("CODEX_API_PROXY_CA_BUNDLE", "/etc/ssl/certs/internal-ca.pem")
+    monkeypatch.setenv("SSL_CERT_FILE", "/etc/ssl/certs/ignored.pem")
+    captured = {}
+    def fake_async_client(**kwargs):
+        captured.update(kwargs)
+        return object()
+    monkeypatch.setattr("codex_api_proxy.config.httpx.AsyncClient", fake_async_client)
+    upstream_client()
+    assert captured["verify"] == "/etc/ssl/certs/internal-ca.pem"
+def test_upstream_client_uses_common_ca_bundle_env(monkeypatch) -> None:
+    monkeypatch.delenv("CODEX_API_PROXY_CA_BUNDLE", raising=False)
+    monkeypatch.setenv("REQUESTS_CA_BUNDLE", "/etc/ssl/certs/requests-ca.pem")
+    monkeypatch.setenv("SSL_CERT_FILE", "/etc/ssl/certs/ssl-ca.pem")
+    captured = {}
+    def fake_async_client(**kwargs):
+        captured.update(kwargs)
+        return object()
+    monkeypatch.setattr("codex_api_proxy.config.httpx.AsyncClient", fake_async_client)
+    upstream_client()
+    assert captured["verify"] == "/etc/ssl/certs/requests-ca.pem"