tsugite-codex-cli 0.15.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,183 @@
1
+ # ---> Python
2
+ # Byte-compiled / optimized / DLL files
3
+ __pycache__/
4
+ *.py[cod]
5
+ *$py.class
6
+
7
+ # C extensions
8
+ *.so
9
+
10
+ # Distribution / packaging
11
+ .Python
12
+ build/
13
+ develop-eggs/
14
+ dist/
15
+ downloads/
16
+ eggs/
17
+ .eggs/
18
+ lib/
19
+ lib64/
20
+ parts/
21
+ sdist/
22
+ var/
23
+ wheels/
24
+ share/python-wheels/
25
+ *.egg-info/
26
+ .installed.cfg
27
+ *.egg
28
+ MANIFEST
29
+
30
+ # PyInstaller
31
+ # Usually these files are written by a python script from a template
32
+ # before PyInstaller builds the exe, so as to inject date/other infos into it.
33
+ *.manifest
34
+ *.spec
35
+
36
+ # Installer logs
37
+ pip-log.txt
38
+ pip-delete-this-directory.txt
39
+
40
+ # Unit test / coverage reports
41
+ htmlcov/
42
+ .tox/
43
+ .nox/
44
+ .coverage
45
+ .coverage.*
46
+ .cache
47
+ nosetests.xml
48
+ coverage.xml
49
+ *.cover
50
+ *.py,cover
51
+ .hypothesis/
52
+ .pytest_cache/
53
+ cover/
54
+
55
+ # Translations
56
+ *.mo
57
+ *.pot
58
+
59
+ # Django stuff:
60
+ *.log
61
+ local_settings.py
62
+ db.sqlite3
63
+ db.sqlite3-journal
64
+
65
+ # Flask stuff:
66
+ instance/
67
+ .webassets-cache
68
+
69
+ # Scrapy stuff:
70
+ .scrapy
71
+
72
+ # Sphinx documentation
73
+ docs/_build/
74
+
75
+ # PyBuilder
76
+ .pybuilder/
77
+ target/
78
+
79
+ # Jupyter Notebook
80
+ .ipynb_checkpoints
81
+
82
+ # IPython
83
+ profile_default/
84
+ ipython_config.py
85
+
86
+ # pyenv
87
+ # For a library or package, you might want to ignore these files since the code is
88
+ # intended to run in multiple environments; otherwise, check them in:
89
+ # .python-version
90
+
91
+ # pipenv
92
+ # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
93
+ # However, in case of collaboration, if having platform-specific dependencies or dependencies
94
+ # having no cross-platform support, pipenv may install dependencies that don't work, or not
95
+ # install all needed dependencies.
96
+ #Pipfile.lock
97
+
98
+ # poetry
99
+ # Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
100
+ # This is especially recommended for binary packages to ensure reproducibility, and is more
101
+ # commonly ignored for libraries.
102
+ # https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
103
+ #poetry.lock
104
+
105
+ # pdm
106
+ # Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
107
+ #pdm.lock
108
+ # pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
109
+ # in version control.
110
+ # https://pdm.fming.dev/latest/usage/project/#working-with-version-control
111
+ .pdm.toml
112
+ .pdm-python
113
+ .pdm-build/
114
+
115
+ # PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
116
+ __pypackages__/
117
+
118
+ # Celery stuff
119
+ celerybeat-schedule
120
+ celerybeat.pid
121
+
122
+ # SageMath parsed files
123
+ *.sage.py
124
+
125
+ # Environments
126
+ .env
127
+ .venv
128
+ env/
129
+ venv/
130
+ ENV/
131
+ env.bak/
132
+ venv.bak/
133
+
134
+ # Spyder project settings
135
+ .spyderproject
136
+ .spyproject
137
+
138
+ # Rope project settings
139
+ .ropeproject
140
+
141
+ # mkdocs documentation
142
+ /site
143
+
144
+ # mypy
145
+ .mypy_cache/
146
+ .dmypy.json
147
+ dmypy.json
148
+
149
+ # Pyre type checker
150
+ .pyre/
151
+
152
+ # pytype static type analyzer
153
+ .pytype/
154
+
155
+ # Cython debug symbols
156
+ cython_debug/
157
+
158
+ # PyCharm
159
+ # JetBrains specific template is maintained in a separate JetBrains.gitignore that can
160
+ # be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
161
+ # and can be added to the global gitignore or merged into this file. For a more nuclear
162
+ # option (not recommended) you can uncomment the following to ignore the entire idea folder.
163
+ #.idea/
164
+
165
+ .env
166
+ .env
167
+ benchmark_results/
168
+ test_output/
169
+ .claude/settings.local.json
170
+ std*.txt
171
+ secrets/*
172
+
173
+
174
+ # TODO: temp - I need to clean up the docs
175
+ docs-old/
176
+ examples/*
177
+ !examples/tsugite-example-plugin/
178
+ agents/
179
+ .claude/
180
+ .tsugite/
181
+ benchmarks/
182
+ docker-compose.test.yml
183
+ #### TODO ^^^
@@ -0,0 +1,6 @@
1
+ Metadata-Version: 2.4
2
+ Name: tsugite-codex-cli
3
+ Version: 0.15.0
4
+ Summary: Tsugite plugin: ChatGPT subscription auth via Codex CLI token store
5
+ Requires-Python: >=3.11
6
+ Requires-Dist: tsugite-cli==0.15.0
@@ -0,0 +1,27 @@
1
+ [project]
2
+ name = "tsugite-codex-cli"
3
+ version = "0.15.0"
4
+ description = "Tsugite plugin: ChatGPT subscription auth via Codex CLI token store"
5
+ requires-python = ">=3.11"
6
+ dependencies = [
7
+ "tsugite-cli==0.15.0",
8
+ ]
9
+
10
+ [project.entry-points."tsugite.providers"]
11
+ codex_cli = "tsugite_codex_cli:create_provider"
12
+
13
+ [build-system]
14
+ requires = ["hatchling"]
15
+ build-backend = "hatchling.build"
16
+
17
+ [tool.hatch.build.targets.wheel]
18
+ packages = ["tsugite_codex_cli"]
19
+
20
+ [tool.hatch.build.targets.sdist]
21
+ include = [
22
+ "/tsugite_codex_cli",
23
+ "/pyproject.toml",
24
+ ]
25
+
26
+ [tool.uv.sources]
27
+ tsugite-cli = { workspace = true }
@@ -0,0 +1,5 @@
1
+ """Tsugite plugin: ChatGPT subscription auth via Codex CLI token store."""
2
+
3
+ from tsugite_codex_cli.provider import CodexCliProvider, create_provider
4
+
5
+ __all__ = ["CodexCliProvider", "create_provider"]
@@ -0,0 +1,166 @@
1
+ """Codex CLI OAuth token store: read, refresh, atomic writeback of ~/.codex/auth.json."""
2
+
3
+ from __future__ import annotations
4
+
5
+ import asyncio
6
+ import base64
7
+ import json
8
+ import os
9
+ import time
10
+ from pathlib import Path
11
+
12
+ import httpx
13
+ import portalocker
14
+
15
+ # Hardcoded OAuth client id used by the upstream Codex CLI.
16
+ CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann"
17
+ TOKEN_ENDPOINT = "https://auth.openai.com/oauth/token"
18
+ REFRESH_SKEW_SECONDS = 30
19
+ REFRESH_TIMEOUT_SECONDS = 30
20
+
21
+ # Refresh-token failures that require the user to re-run `codex login`.
22
+ _RE_LOGIN_ERRORS = {
23
+ "invalid_grant",
24
+ "refresh_token_expired",
25
+ "refresh_token_reused",
26
+ "refresh_token_invalidated",
27
+ }
28
+
29
+
30
+ class CodexAuthError(Exception):
31
+ """Raised when the Codex auth store is missing, in apikey mode, or refresh fails."""
32
+
33
+
34
+ def _resolve_home(home: Path | None) -> Path:
35
+ if home is not None:
36
+ return home
37
+ env = os.environ.get("CODEX_HOME")
38
+ if env:
39
+ return Path(env)
40
+ return Path.home() / ".codex"
41
+
42
+
43
+ def _decode_jwt_exp(token: str) -> int | None:
44
+ """Return the `exp` claim from a JWT, or None if it can't be decoded."""
45
+ try:
46
+ payload_b64 = token.split(".")[1]
47
+ padding = "=" * (-len(payload_b64) % 4)
48
+ payload = json.loads(base64.urlsafe_b64decode(payload_b64 + padding))
49
+ exp = payload.get("exp")
50
+ return int(exp) if exp is not None else None
51
+ except (IndexError, ValueError, json.JSONDecodeError):
52
+ return None
53
+
54
+
55
+ class CodexAuthStore:
56
+ """Token store backed by ~/.codex/auth.json (override via $CODEX_HOME)."""
57
+
58
+ def __init__(self, home: Path | None = None):
59
+ self._home = _resolve_home(home)
60
+ self._auth_path = self._home / "auth.json"
61
+ self._lock_path = self._home / "auth.json.lock"
62
+ self._async_lock = asyncio.Lock()
63
+
64
+ async def get_access_token(self) -> tuple[str, str]:
65
+ """Return (access_token, account_id), refreshing if near expiry."""
66
+ async with self._async_lock:
67
+ return await asyncio.to_thread(self._sync_get_or_refresh)
68
+
69
+ def _sync_get_or_refresh(self) -> tuple[str, str]:
70
+ if not self._auth_path.exists():
71
+ raise CodexAuthError(f"No Codex auth file at {self._auth_path}. Run `codex login` first.")
72
+
73
+ # Lock the sidecar, not auth.json itself: os.replace unlinks the inode and
74
+ # any waiter blocked on the original file descriptor would never wake.
75
+ self._home.mkdir(parents=True, exist_ok=True)
76
+ with open(self._lock_path, "a+") as lock_fh:
77
+ portalocker.lock(lock_fh, portalocker.LOCK_EX)
78
+ try:
79
+ os.chmod(self._lock_path, 0o600)
80
+ except OSError:
81
+ pass
82
+ try:
83
+ return self._read_check_refresh()
84
+ finally:
85
+ portalocker.unlock(lock_fh)
86
+
87
+ def _read_check_refresh(self) -> tuple[str, str]:
88
+ data = self._load_json()
89
+ auth_mode = data.get("auth_mode")
90
+ if auth_mode != "chatgpt":
91
+ raise CodexAuthError(
92
+ f"Codex auth mode is {auth_mode!r}; this provider requires ChatGPT subscription auth. "
93
+ "Run `codex login` and choose the ChatGPT sign-in."
94
+ )
95
+
96
+ tokens = data.get("tokens") or {}
97
+ access_token = tokens.get("access_token")
98
+ refresh_token = tokens.get("refresh_token")
99
+ account_id = tokens.get("account_id")
100
+ if not access_token or not refresh_token or not account_id:
101
+ raise CodexAuthError(f"Codex auth file at {self._auth_path} is missing tokens. Run `codex login`.")
102
+
103
+ exp = _decode_jwt_exp(access_token)
104
+ now = int(time.time())
105
+ if exp is None or exp - now <= REFRESH_SKEW_SECONDS:
106
+ new_tokens = self._refresh(refresh_token)
107
+ # Merge so we keep account_id and any unknown sibling fields.
108
+ data["tokens"] = {**tokens, **new_tokens}
109
+ data["last_refresh"] = time.strftime("%Y-%m-%dT%H:%M:%S+00:00", time.gmtime())
110
+ self._write_atomic(data)
111
+ access_token = new_tokens.get("access_token", access_token)
112
+
113
+ return access_token, account_id
114
+
115
+ def _load_json(self) -> dict:
116
+ try:
117
+ return json.loads(self._auth_path.read_text())
118
+ except (OSError, json.JSONDecodeError) as exc:
119
+ raise CodexAuthError(f"Could not read {self._auth_path}: {exc}. Run `codex login`.") from exc
120
+
121
+ def _refresh(self, refresh_token: str) -> dict:
122
+ try:
123
+ resp = httpx.post(
124
+ TOKEN_ENDPOINT,
125
+ data={
126
+ "client_id": CLIENT_ID,
127
+ "grant_type": "refresh_token",
128
+ "refresh_token": refresh_token,
129
+ },
130
+ timeout=REFRESH_TIMEOUT_SECONDS,
131
+ )
132
+ except httpx.HTTPError as exc:
133
+ raise CodexAuthError(f"OAuth refresh request failed: {exc}") from exc
134
+
135
+ if resp.status_code >= 400:
136
+ body: dict = {}
137
+ try:
138
+ body = resp.json() if resp.text else {}
139
+ except ValueError:
140
+ pass
141
+ err = body.get("error", "")
142
+ if err in _RE_LOGIN_ERRORS:
143
+ raise CodexAuthError(f"Codex refresh token rejected ({err}). Run `codex login` to sign in again.")
144
+ raise CodexAuthError(f"OAuth refresh returned HTTP {resp.status_code}: {body or resp.text}")
145
+
146
+ try:
147
+ body = resp.json()
148
+ except ValueError as exc:
149
+ raise CodexAuthError(f"OAuth refresh returned non-JSON body: {resp.text}") from exc
150
+
151
+ new_tokens: dict = {}
152
+ for key in ("access_token", "refresh_token", "id_token"):
153
+ if body.get(key):
154
+ new_tokens[key] = body[key]
155
+ if "access_token" not in new_tokens:
156
+ raise CodexAuthError(f"OAuth refresh response missing access_token: {body}")
157
+ return new_tokens
158
+
159
+ def _write_atomic(self, data: dict) -> None:
160
+ tmp_path = self._auth_path.with_suffix(self._auth_path.suffix + ".tmp")
161
+ tmp_path.write_text(json.dumps(data, indent=2))
162
+ try:
163
+ os.chmod(tmp_path, 0o600)
164
+ except OSError:
165
+ pass
166
+ os.replace(tmp_path, self._auth_path)
@@ -0,0 +1,332 @@
1
+ """Codex CLI provider: ChatGPT subscription auth via OpenAI Responses API."""
2
+
3
+ from __future__ import annotations
4
+
5
+ import asyncio
6
+ import json
7
+ import logging
8
+ from typing import Any, AsyncIterator
9
+
10
+ import httpx
11
+
12
+ from tsugite.providers.base import CompletionResponse, ModelInfo, StreamChunk, Usage, default_count_tokens
13
+ from tsugite.providers.model_registry import get_model_info as _get_model_info
14
+ from tsugite.providers.model_registry import register_models
15
+ from tsugite.user_agent import set_user_agent_header
16
+ from tsugite_codex_cli.auth import CodexAuthError, CodexAuthStore
17
+
18
+ logger = logging.getLogger(__name__)
19
+
20
+ API_BASE = "https://chatgpt.com/backend-api/codex"
21
+ _REASONING_LEVELS = ["low", "medium", "high"]
22
+ # gpt-5.5 added xhigh; older codex models don't accept it.
23
+ _REASONING_LEVELS_V5_5 = ["low", "medium", "high", "xhigh"]
24
+
25
+
26
+ def _codex_model_info(max_input_tokens: int, effort_levels: list[str] = _REASONING_LEVELS) -> ModelInfo:
27
+ # Subscription billing means per-token cost is not surfaced here.
28
+ return ModelInfo(
29
+ max_input_tokens=max_input_tokens,
30
+ max_output_tokens=128_000,
31
+ input_cost_per_million=0.0,
32
+ output_cost_per_million=0.0,
33
+ supports_vision=True,
34
+ supports_reasoning=True,
35
+ supported_effort_levels=effort_levels,
36
+ )
37
+
38
+
39
+ _CODEX_CLI_MODELS: dict[str, ModelInfo] = {
40
+ "codex_cli/gpt-5.5": _codex_model_info(1_050_000, effort_levels=_REASONING_LEVELS_V5_5),
41
+ "codex_cli/gpt-5.4": _codex_model_info(1_050_000),
42
+ "codex_cli/gpt-5.4-mini": _codex_model_info(272_000),
43
+ "codex_cli/gpt-5.4-nano": _codex_model_info(272_000),
44
+ }
45
+
46
+ # Used when /models is unreachable; kept in sync with the registry above.
47
+ _FALLBACK_MODELS = [k.split("/", 1)[1] for k in _CODEX_CLI_MODELS]
48
+
49
+
50
+ class CodexResponsesError(Exception):
51
+ """Raised when chatgpt.com/backend-api/codex/responses returns a 4xx/5xx error."""
52
+
53
+ def __init__(self, message: str, status_code: int):
54
+ super().__init__(message)
55
+ self.status_code = status_code
56
+
57
+
58
+ def _translate_content_block(block: Any) -> Any:
59
+ """Chat-Completions-shape block → Responses input_* shape (request side only)."""
60
+ if not isinstance(block, dict):
61
+ return block
62
+ btype = block.get("type")
63
+ if btype == "text":
64
+ return {"type": "input_text", "text": block.get("text", "")}
65
+ if btype == "image_url":
66
+ image_url = block.get("image_url")
67
+ if isinstance(image_url, dict):
68
+ image_url = image_url.get("url", "")
69
+ return {"type": "input_image", "image_url": image_url}
70
+ if btype == "file":
71
+ file_field = block.get("file") or {}
72
+ return {"type": "input_file", **file_field}
73
+ return block
74
+
75
+
76
+ def _translate_message_content(content: Any) -> Any:
77
+ if isinstance(content, list):
78
+ return [_translate_content_block(b) for b in content]
79
+ return content
80
+
81
+
82
+ def _normalise_kwargs(kwargs: dict) -> dict:
83
+ """Map Chat-Completions-style kwargs onto Responses request fields."""
84
+ body: dict[str, Any] = {}
85
+ for key, value in kwargs.items():
86
+ if value is None or key.startswith("_"):
87
+ continue
88
+ if key == "max_tokens":
89
+ body["max_output_tokens"] = value
90
+ elif key == "reasoning_effort":
91
+ body["reasoning"] = {"effort": value}
92
+ elif key == "response_format":
93
+ body["text"] = {"format": value}
94
+ elif key in {"temperature", "top_p", "stop", "presence_penalty", "frequency_penalty"}:
95
+ body[key] = value
96
+ else:
97
+ logger.debug("codex_cli: dropping unknown kwarg %s for /responses", key)
98
+ return body
99
+
100
+
101
+ def _build_usage(usage_in: dict | None) -> Usage:
102
+ if not usage_in:
103
+ return Usage()
104
+ input_tokens = int(usage_in.get("input_tokens") or 0)
105
+ output_tokens = int(usage_in.get("output_tokens") or 0)
106
+ total = usage_in.get("total_tokens")
107
+ total_tokens = int(total) if total is not None else input_tokens + output_tokens
108
+ details = usage_in.get("output_tokens_details") or {}
109
+ reasoning_tokens = details.get("reasoning_tokens")
110
+ return Usage(
111
+ prompt_tokens=input_tokens,
112
+ completion_tokens=output_tokens,
113
+ total_tokens=total_tokens,
114
+ reasoning_tokens=int(reasoning_tokens) if reasoning_tokens is not None else None,
115
+ )
116
+
117
+
118
+ class CodexCliProvider:
119
+ """ChatGPT subscription provider routing through the Codex Responses API."""
120
+
121
+ # Stateless across calls (auth refresh is internal), so the registry can cache one instance.
122
+ cacheable = True
123
+
124
+ def __init__(self, name: str = "codex_cli"):
125
+ self.name = name
126
+ self._auth = CodexAuthStore()
127
+ self._client: httpx.AsyncClient | None = None
128
+ self._client_loop: asyncio.AbstractEventLoop | None = None
129
+ register_models(_CODEX_CLI_MODELS)
130
+
131
+ def _get_client(self) -> httpx.AsyncClient:
132
+ try:
133
+ current_loop = asyncio.get_running_loop()
134
+ except RuntimeError:
135
+ current_loop = None
136
+ if self._client is None or self._client.is_closed or self._client_loop is not current_loop:
137
+ self._client = httpx.AsyncClient(timeout=300)
138
+ self._client_loop = current_loop
139
+ return self._client
140
+
141
+ def _build_headers(self, access_token: str, account_id: str) -> dict[str, str]:
142
+ headers: dict[str, str] = {
143
+ "Content-Type": "application/json",
144
+ "Authorization": f"Bearer {access_token}",
145
+ "ChatGPT-Account-ID": account_id,
146
+ }
147
+ set_user_agent_header(headers)
148
+ return headers
149
+
150
+ def _build_request_body(self, messages: list[dict], model: str, stream: bool, **kwargs: Any) -> dict:
151
+ instructions_parts: list[str] = []
152
+ input_messages: list[dict] = []
153
+ for msg in messages:
154
+ role = msg.get("role")
155
+ content = msg.get("content", "")
156
+ if role == "system":
157
+ if isinstance(content, list):
158
+ for block in content:
159
+ if isinstance(block, dict) and block.get("type") == "text":
160
+ instructions_parts.append(block.get("text", ""))
161
+ elif isinstance(block, str):
162
+ instructions_parts.append(block)
163
+ elif isinstance(content, str):
164
+ instructions_parts.append(content)
165
+ continue
166
+ translated = {"role": role, "content": _translate_message_content(content)}
167
+ input_messages.append(translated)
168
+
169
+ # store=false and instructions are both mandatory on the Codex backend
170
+ # (omitting either 400s with `{"detail":"Store must be set to false"}`
171
+ # or `{"detail":"Instructions are required"}`).
172
+ body: dict[str, Any] = {
173
+ "model": model,
174
+ "input": input_messages,
175
+ "store": False,
176
+ "instructions": "\n".join(instructions_parts),
177
+ }
178
+ if stream:
179
+ body["stream"] = True
180
+ body.update(_normalise_kwargs(kwargs))
181
+ return body
182
+
183
+ @staticmethod
184
+ def _error_from_response(resp: httpx.Response) -> CodexResponsesError:
185
+ # Caller must `await resp.aread()` first when resp came from client.stream(),
186
+ # otherwise resp.json()/resp.text raise httpx.ResponseNotRead.
187
+ message: str | None = None
188
+ try:
189
+ payload = resp.json()
190
+ except (ValueError, json.JSONDecodeError):
191
+ payload = None
192
+ if isinstance(payload, dict):
193
+ err = payload.get("error")
194
+ if isinstance(err, dict):
195
+ message = err.get("message")
196
+ elif isinstance(err, str):
197
+ message = err
198
+ if not message:
199
+ try:
200
+ text = (resp.text or "").strip()
201
+ except httpx.ResponseNotRead:
202
+ text = ""
203
+ message = text or f"HTTP {resp.status_code}"
204
+ return CodexResponsesError(message, status_code=resp.status_code)
205
+
206
+ @staticmethod
207
+ def _error_from_event(event: dict) -> CodexResponsesError:
208
+ """Translate a `response.failed` / `error` SSE event into a typed exception."""
209
+ message = None
210
+ response_obj = event.get("response") or {}
211
+ err = response_obj.get("error") or event.get("error") or {}
212
+ if isinstance(err, dict):
213
+ message = err.get("message")
214
+ elif isinstance(err, str):
215
+ message = err
216
+ if not message:
217
+ message = event.get("message") or "Codex stream reported an error"
218
+ return CodexResponsesError(message, status_code=200)
219
+
220
+ async def acompletion(
221
+ self,
222
+ messages: list[dict],
223
+ model: str,
224
+ stream: bool = False,
225
+ **kwargs: Any,
226
+ ) -> CompletionResponse | AsyncIterator[StreamChunk]:
227
+ access_token, account_id = await self._auth.get_access_token()
228
+ # Codex backend mandates stream=true; non-stream callers get the chunks
229
+ # collected into a CompletionResponse below.
230
+ body = self._build_request_body(messages, model, stream=True, **kwargs)
231
+ headers = self._build_headers(access_token, account_id)
232
+ url = f"{API_BASE}/responses"
233
+
234
+ if stream:
235
+ return self._stream(url, headers, body)
236
+ return await self._collect_stream(url, headers, body)
237
+
238
+ async def _collect_stream(self, url: str, headers: dict, body: dict) -> CompletionResponse:
239
+ parts: list[str] = []
240
+ reasoning_parts: list[str] = []
241
+ usage = Usage()
242
+ async for chunk in self._stream(url, headers, body):
243
+ if chunk.content:
244
+ parts.append(chunk.content)
245
+ if chunk.reasoning_content:
246
+ reasoning_parts.append(chunk.reasoning_content)
247
+ if chunk.done and chunk.usage is not None:
248
+ usage = chunk.usage
249
+ return CompletionResponse(
250
+ content="".join(parts),
251
+ reasoning_content="".join(reasoning_parts) or None,
252
+ usage=usage,
253
+ cost=0.0,
254
+ )
255
+
256
+ async def _stream(self, url: str, headers: dict, body: dict) -> AsyncIterator[StreamChunk]:
257
+ client = self._get_client()
258
+ usage: Usage = Usage()
259
+ async with client.stream("POST", url, json=body, headers=headers) as resp:
260
+ if resp.status_code >= 400:
261
+ await resp.aread()
262
+ raise self._error_from_response(resp)
263
+ async for line in resp.aiter_lines():
264
+ if not line or not line.startswith("data:"):
265
+ continue
266
+ payload = line[5:].strip()
267
+ if not payload or payload == "[DONE]":
268
+ continue
269
+ try:
270
+ event = json.loads(payload)
271
+ except json.JSONDecodeError:
272
+ continue
273
+ etype = event.get("type")
274
+ if etype == "response.output_text.delta":
275
+ delta = event.get("delta") or ""
276
+ if delta:
277
+ yield StreamChunk(content=delta)
278
+ elif etype in ("response.reasoning_summary_text.delta", "response.reasoning.delta"):
279
+ delta = event.get("delta") or ""
280
+ if delta:
281
+ yield StreamChunk(reasoning_content=delta)
282
+ elif etype == "response.completed":
283
+ response_obj = event.get("response") or {}
284
+ usage = _build_usage(response_obj.get("usage"))
285
+ elif etype in ("response.failed", "response.incomplete", "error"):
286
+ raise self._error_from_event(event)
287
+ yield StreamChunk(content="", done=True, usage=usage, cost=0.0)
288
+
289
+ def count_tokens(self, text: str, model: str) -> int:
290
+ # All current Codex models share the GPT-4o/o-series o200k_base BPE; base's
291
+ # default_count_tokens only matches gpt-4o/o1/o3/o4 prefixes so it would
292
+ # silently fall back to cl100k for gpt-5.x.
293
+ try:
294
+ import tiktoken
295
+
296
+ return len(tiktoken.get_encoding("o200k_base").encode(text))
297
+ except Exception:
298
+ return default_count_tokens(text, model)
299
+
300
+ def get_model_info(self, model: str) -> ModelInfo | None:
301
+ return _get_model_info(self.name, model)
302
+
303
+ def set_context(self, **kwargs: Any) -> None:
304
+ pass
305
+
306
+ def get_state(self) -> dict | None:
307
+ return None
308
+
309
+ async def stop(self) -> None:
310
+ # No-op: the provider is cached and the httpx client is shared across
311
+ # concurrent agent runs. Closing it here would break in-flight streams
312
+ # on parallel sessions. The client is released when the process exits.
313
+ pass
314
+
315
+ async def list_models(self) -> list[str]:
316
+ # Auth lookup is inside the try: model-picker UIs should always get a
317
+ # usable list even before `codex login` has been run.
318
+ try:
319
+ access_token, account_id = await self._auth.get_access_token()
320
+ client = self._get_client()
321
+ resp = await client.get(
322
+ f"{API_BASE}/models?client_version=1.0.0",
323
+ headers=self._build_headers(access_token, account_id),
324
+ )
325
+ resp.raise_for_status()
326
+ return [m["id"] for m in resp.json().get("data", [])]
327
+ except (httpx.HTTPError, KeyError, ValueError, CodexAuthError):
328
+ return list(_FALLBACK_MODELS)
329
+
330
+
331
+ def create_provider(name: str = "codex_cli", **kwargs: Any) -> CodexCliProvider:
332
+ return CodexCliProvider(name=name)