Skip to content

Commit a412603

Browse files
pashpashpashsteipete
pashpashpash
authored and
steipete
committed
fix(codex): honor effective stdio env for fallback auth
1 parent 401ae38 commit a412603

4 files changed

Lines changed: 87 additions & 10 deletions

File tree

extensions/codex/src/app-server/auth-bridge.test.ts

Lines changed: 29 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -389,13 +389,15 @@ describe("bridgeCodexAppServerStartOptions", () => {
389389
await applyCodexAppServerAuthProfile({
390390
client: { request } as never,
391391
agentDir,
392-
startOptions: createStartOptions(),
392+
startOptions: createStartOptions({
393+
env: { CODEX_API_KEY: "configured-codex-api-key" },
394+
}),
393395
});
394396

395397
expect(request).toHaveBeenNthCalledWith(1, "account/read", { refreshToken: false });
396398
expect(request).toHaveBeenNthCalledWith(2, "account/login/start", {
397399
type: "apiKey",
398-
apiKey: "codex-env-api-key",
400+
apiKey: "configured-codex-api-key",
399401
});
400402
} finally {
401403
await fs.rm(agentDir, { recursive: true, force: true });
@@ -478,6 +480,31 @@ describe("bridgeCodexAppServerStartOptions", () => {
478480
}
479481
});
480482

483+
it("honors clearEnv before env API-key fallback", async () => {
484+
const agentDir = await fs.mkdtemp(path.join(os.tmpdir(), "openclaw-codex-app-server-"));
485+
const request = vi.fn(async (method: string) => {
486+
if (method === "account/read") {
487+
return { account: null, requiresOpenaiAuth: true };
488+
}
489+
return { type: "apiKey" };
490+
});
491+
vi.stubEnv("CODEX_API_KEY", "codex-env-api-key");
492+
vi.stubEnv("OPENAI_API_KEY", "openai-env-api-key");
493+
try {
494+
await applyCodexAppServerAuthProfile({
495+
client: { request } as never,
496+
agentDir,
497+
startOptions: createStartOptions({
498+
clearEnv: ["CODEX_API_KEY", "OPENAI_API_KEY"],
499+
}),
500+
});
501+
502+
expect(request).not.toHaveBeenCalled();
503+
} finally {
504+
await fs.rm(agentDir, { recursive: true, force: true });
505+
}
506+
});
507+
481508
it("does not send env API-key fallback to websocket app-server connections", async () => {
482509
const agentDir = await fs.mkdtemp(path.join(os.tmpdir(), "openclaw-codex-app-server-"));
483510
const request = vi.fn(async (method: string) => {

extensions/codex/src/app-server/auth-bridge.ts

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ import type { CodexAppServerStartOptions } from "./config.js";
1212
import type { ChatgptAuthTokensRefreshResponse } from "./protocol-generated/typescript/v2/ChatgptAuthTokensRefreshResponse.js";
1313
import type { GetAccountResponse } from "./protocol-generated/typescript/v2/GetAccountResponse.js";
1414
import type { LoginAccountParams } from "./protocol-generated/typescript/v2/LoginAccountParams.js";
15+
import { resolveCodexAppServerSpawnEnv } from "./transport-stdio.js";
1516

1617
const CODEX_APP_SERVER_AUTH_PROVIDER = "openai-codex";
1718
const OPENAI_CODEX_DEFAULT_PROFILE_ID = "openai-codex:default";
@@ -51,9 +52,10 @@ export async function applyCodexAppServerAuthProfile(params: {
5152
if (params.startOptions?.transport !== "stdio") {
5253
return;
5354
}
55+
const env = resolveCodexAppServerSpawnEnv(params.startOptions, process.env);
5456
const fallbackLoginParams = await resolveCodexAppServerEnvApiKeyLoginParams({
5557
client: params.client,
56-
env: process.env,
58+
env,
5759
});
5860
if (fallbackLoginParams) {
5961
await params.client.request("account/login/start", fallbackLoginParams);

extensions/codex/src/app-server/transport-stdio.test.ts

Lines changed: 38 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -92,8 +92,8 @@ describe("resolveCodexAppServerSpawnInvocation", () => {
9292

9393
describe("resolveCodexAppServerSpawnEnv", () => {
9494
it("applies configured env overrides before clearing denied env vars", () => {
95-
expect(
96-
resolveCodexAppServerSpawnEnv(
95+
expect({
96+
...resolveCodexAppServerSpawnEnv(
9797
{
9898
env: {
9999
OPENAI_API_KEY: "configured-openai-key",
@@ -107,8 +107,43 @@ describe("resolveCodexAppServerSpawnEnv", () => {
107107
KEEP: "parent",
108108
},
109109
),
110-
).toEqual({
110+
}).toEqual({
111111
KEEP: "override",
112112
});
113113
});
114+
115+
it("uses a null-prototype env map and ignores prototype-polluting keys", () => {
116+
const overrides = Object.create(null) as Record<string, string | undefined>;
117+
Object.defineProperty(overrides, "__proto__", {
118+
value: "polluted",
119+
enumerable: true,
120+
});
121+
Object.defineProperty(overrides, "constructor", {
122+
value: "polluted",
123+
enumerable: true,
124+
});
125+
Object.defineProperty(overrides, "prototype", {
126+
value: "polluted",
127+
enumerable: true,
128+
});
129+
overrides.SAFE = "1";
130+
131+
const env = resolveCodexAppServerSpawnEnv(
132+
{
133+
env: overrides as Record<string, string>,
134+
},
135+
{
136+
BASE: "1",
137+
},
138+
);
139+
140+
expect(Object.getPrototypeOf(env)).toBeNull();
141+
expect({ ...env }).toEqual({
142+
BASE: "1",
143+
SAFE: "1",
144+
});
145+
expect(Object.hasOwn(env, "__proto__")).toBe(false);
146+
expect(Object.hasOwn(env, "constructor")).toBe(false);
147+
expect(Object.hasOwn(env, "prototype")).toBe(false);
148+
});
114149
});

extensions/codex/src/app-server/transport-stdio.ts

Lines changed: 17 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,8 @@ import {
66
import type { CodexAppServerStartOptions } from "./config.js";
77
import type { CodexAppServerTransport } from "./transport.js";
88

9+
const UNSAFE_ENVIRONMENT_KEYS = new Set(["__proto__", "constructor", "prototype"]);
10+
911
type CodexAppServerSpawnRuntime = {
1012
platform: NodeJS.Platform;
1113
env: NodeJS.ProcessEnv;
@@ -45,16 +47,27 @@ export function resolveCodexAppServerSpawnEnv(
4547
options: Pick<CodexAppServerStartOptions, "env" | "clearEnv">,
4648
baseEnv: NodeJS.ProcessEnv = process.env,
4749
): NodeJS.ProcessEnv {
48-
const env = {
49-
...baseEnv,
50-
...options.env,
51-
};
50+
const env = Object.create(null) as NodeJS.ProcessEnv;
51+
copySafeEnvironmentEntries(env, baseEnv);
52+
copySafeEnvironmentEntries(env, options.env ?? {});
5253
for (const key of options.clearEnv ?? []) {
5354
delete env[key];
5455
}
5556
return env;
5657
}
5758

59+
function copySafeEnvironmentEntries(
60+
target: NodeJS.ProcessEnv,
61+
source: NodeJS.ProcessEnv | Record<string, string | undefined>,
62+
): void {
63+
for (const [key, value] of Object.entries(source)) {
64+
if (UNSAFE_ENVIRONMENT_KEYS.has(key)) {
65+
continue;
66+
}
67+
target[key] = value;
68+
}
69+
}
70+
5871
export function createStdioTransport(options: CodexAppServerStartOptions): CodexAppServerTransport {
5972
const env = resolveCodexAppServerSpawnEnv(options);
6073
const invocation = resolveCodexAppServerSpawnInvocation(options, {

0 commit comments

Comments
 (0)