fix: finish OpenAI cleanup follow-through

steipete · steipete · commit ea4251e562f1 · 2026-05-31T00:13:20.000+01:00
diff --git a/src/agents/tools/pdf-tool.test.ts b/src/agents/tools/pdf-tool.test.ts
@@ -557,7 +557,11 @@ describe("createPdfTool", () => {
 
   it("uses extraction fallback for non-native models", async () => {
     await withTempPdfAgentDir(async (agentDir) => {
-      await stubPdfToolInfra(agentDir, { provider: "openai", input: ["text"] });
+      await stubPdfToolInfra(agentDir, {
+        provider: "openai",
+        api: "openai-responses",
+        input: ["text"],
+      });
       const extractSpy = vi.spyOn(pdfExtractModule, "extractPdfContent").mockResolvedValue({
         text: "Extracted content",
         images: [],
diff --git a/src/commands/auth-choice.model-check.test.ts b/src/commands/auth-choice.model-check.test.ts
@@ -46,8 +46,7 @@ describe("warnIfModelConfigLooksOff", () => {
 
     expect(loadModelCatalog).not.toHaveBeenCalled();
     expect(ensureAuthProfileStore).toHaveBeenCalledOnce();
-    expect(listProfilesForProvider).toHaveBeenCalledTimes(2);
-    expect(listProfilesForProvider).toHaveBeenCalledWith({ version: 1, profiles: {} }, "openai");
+    expect(listProfilesForProvider).toHaveBeenCalledOnce();
     expect(listProfilesForProvider).toHaveBeenCalledWith({ version: 1, profiles: {} }, "openai");
     expect(note).toHaveBeenCalledWith(
       'No auth configured for provider "openai". The agent may fail until credentials are added. Run `openclaw models auth login --provider openai`, `openclaw configure`, or set an API key env var.',
@@ -88,14 +87,26 @@ describe("warnIfModelConfigLooksOff", () => {
 
     expect(note).not.toHaveBeenCalled();
     expect(listProfilesForProvider).toHaveBeenCalledWith(store, "openai");
-    expect(listProfilesForProvider).toHaveBeenCalledWith(store, "openai");
     expect(resolveEnvApiKey).not.toHaveBeenCalled();
     expect(hasUsableCustomProviderApiKey).not.toHaveBeenCalled();
   });
 
   it("keeps custom OpenAI-compatible provider auth separate from Codex OAuth profiles", async () => {
     const note = vi.fn(async () => {});
     const prompter = makePrompter({ note });
+    const store = {
+      version: 1,
+      profiles: {
+        "openai:default": {
+          type: "oauth",
+          provider: "openai",
+          access: "access-token",
+          refresh: "refresh-token",
+          expires: Date.now() + 60_000,
+        },
+      },
+    } satisfies AuthProfileStore;
+    ensureAuthProfileStore.mockReturnValue(store);
     listProfilesForProvider.mockImplementation((_store, provider) =>
       provider === "openai" ? ["openai:default"] : [],
     );
@@ -119,7 +130,7 @@ describe("warnIfModelConfigLooksOff", () => {
 
     await warnIfModelConfigLooksOff(config, prompter, { validateCatalog: false });
 
-    expect(listProfilesForProvider.mock.calls.map(([, provider]) => provider)).toEqual(["openai"]);
+    expect(listProfilesForProvider).toHaveBeenCalledWith(store, "openai");
     expect(note).toHaveBeenCalledWith(
       'No auth configured for provider "openai". The agent may fail until credentials are added. Run `openclaw models auth login --provider openai`, `openclaw configure`, or set an API key env var.',
       "Model check",
diff --git a/src/commands/auth-choice.model-check.ts b/src/commands/auth-choice.model-check.ts
@@ -1,9 +1,13 @@
 import { ensureAuthProfileStore, listProfilesForProvider } from "../agents/auth-profiles.js";
+import type { AuthProfileCredential } from "../agents/auth-profiles/types.js";
 import { resolveAgentHarnessPolicy } from "../agents/harness/policy.js";
 import { hasUsableCustomProviderApiKey, resolveEnvApiKey } from "../agents/model-auth.js";
 import { loadModelCatalog } from "../agents/model-catalog.js";
 import { resolveDefaultModelForAgent } from "../agents/model-selection.js";
-import { listOpenAIAuthProfileProvidersForAgentRuntime } from "../agents/openai-routing.js";
+import {
+  listOpenAIAuthProfileProvidersForAgentRuntime,
+  openAIProviderUsesCodexRuntimeByDefault,
+} from "../agents/openai-routing.js";
 import type { OpenClawConfig } from "../config/types.openclaw.js";
 import type { WizardPrompter } from "../wizard/prompts.js";
 import { buildProviderAuthRecoveryHint } from "./provider-auth-guidance.js";
@@ -32,6 +36,37 @@ function resolveAuthProviderCandidates(params: {
   ];
 }
 
+function resolveAcceptedAuthProfileTypes(params: {
+  config: OpenClawConfig;
+  provider: string;
+}): readonly AuthProfileCredential["type"][] | undefined {
+  if (
+    openAIProviderUsesCodexRuntimeByDefault({
+      provider: params.provider,
+      config: params.config,
+    })
+  ) {
+    return undefined;
+  }
+  return params.provider === "openai" ? ["api_key"] : undefined;
+}
+
+function hasProfileForProvider(params: {
+  store: ReturnType<typeof ensureAuthProfileStore>;
+  provider: string;
+  acceptedTypes?: readonly AuthProfileCredential["type"][];
+}): boolean {
+  const profileIds = listProfilesForProvider(params.store, params.provider);
+  if (!params.acceptedTypes) {
+    return profileIds.length > 0;
+  }
+  const acceptedTypes = new Set(params.acceptedTypes);
+  return profileIds.some((profileId) => {
+    const profile = params.store.profiles[profileId];
+    return profile ? acceptedTypes.has(profile.type) : false;
+  });
+}
+
 export async function warnIfModelConfigLooksOff(
   config: OpenClawConfig,
   prompter: WizardPrompter,
@@ -66,8 +101,12 @@ export async function warnIfModelConfigLooksOff(
     modelId: ref.model,
     agentId: options?.agentId,
   });
+  const acceptedTypes = resolveAcceptedAuthProfileTypes({
+    config,
+    provider: ref.provider,
+  });
   const hasAuth =
-    authProviders.some((provider) => listProfilesForProvider(store, provider).length > 0) ||
+    authProviders.some((provider) => hasProfileForProvider({ store, provider, acceptedTypes })) ||
     authProviders.some((provider) => resolveEnvApiKey(provider)) ||
     authProviders.some((provider) => hasUsableCustomProviderApiKey(config, provider));
   if (!hasAuth) {
diff --git a/src/commands/doctor-memory-search.ts b/src/commands/doctor-memory-search.ts
@@ -667,6 +667,9 @@ async function hasApiKeyForProvider(
 }
 
 function resolvePrimaryMemoryProviderEnvVar(provider: string): string {
+  if (provider === "openai") {
+    return "OPENAI_API_KEY";
+  }
   const metadata = resolveMemoryEmbeddingProviderDoctorMetadata(provider);
   return metadata?.envVars[0] ?? `${provider.toUpperCase()}_API_KEY`;
 }
diff --git a/src/commands/doctor/shared/codex-route-warnings.test.ts b/src/commands/doctor/shared/codex-route-warnings.test.ts
@@ -3474,7 +3474,7 @@ describe("collectCodexRouteWarnings", () => {
         agentId: "worker",
         config: cfg,
       }).runtime,
-    ).toBe("codex");
+    ).toBe("auto");
 
     const result = maybeRepairCodexRoutes({
       cfg,
diff --git a/src/commands/model-picker.test.ts b/src/commands/model-picker.test.ts
@@ -349,18 +349,13 @@ afterEach(() => {
 });
 
 describe("promptDefaultModel", () => {
-  it("adds runtime-route hints for canonical and legacy OpenAI Codex models", async () => {
+  it("adds runtime-route hints for canonical OpenAI models", async () => {
     loadModelCatalog.mockResolvedValue([
       {
         provider: "openai",
         id: "gpt-5.5",
         name: "GPT-5.5",
       },
-      {
-        provider: "openai",
-        id: "gpt-5.5",
-        name: "GPT-5.5",
-      },
     ]);
 
     const select = vi.fn(async (params) => params.initialValue as never);
@@ -377,8 +372,6 @@ describe("promptDefaultModel", () => {
     const options = pickerOptions(select as MockCallSource);
     const canonical = requireOption(options, "openai/gpt-5.5");
     expect(canonical.hint).toContain("Codex runtime route");
-    const legacy = requireOption(options, "openai/gpt-5.5");
-    expect(legacy.hint).toContain("legacy Codex OAuth route");
   });
 
   it("hides unauthenticated catalog entries from default model choices", async () => {
@@ -453,7 +446,6 @@ describe("promptDefaultModel", () => {
       "openai/gpt-5.5",
       "anthropic/claude-sonnet-4-6",
       "google/gemini-3.1-pro-preview",
-      "openai/gpt-5.5",
     ]);
   });
 
diff --git a/src/commands/models/list.table.test.ts b/src/commands/models/list.table.test.ts
@@ -23,7 +23,7 @@ describe("printModelTable", () => {
 
     expect(runtime.log.mock.calls).toEqual([
       ["Model                                      Input      Ctx         Local Auth  Tags"],
-      ["openai/gpt-5.5                       text+image 266k/391k   no    yes   "],
+      ["openai/gpt-5.5                             text+image 266k/391k   no    yes   "],
     ]);
   });
 });
diff --git a/src/commands/onboard-non-interactive/local/auth-choice.test.ts b/src/commands/onboard-non-interactive/local/auth-choice.test.ts
@@ -81,37 +81,6 @@ describe("applyNonInteractiveAuthChoice", () => {
     expect(applyNonInteractivePluginProviderChoice).toHaveBeenCalledOnce();
   });
 
-  it("normalizes legacy OpenAI Codex setup choice before provider auth", async () => {
-    const runtime = createRuntime();
-    const nextConfig = { agents: { defaults: {} } } as OpenClawConfig;
-    const resolvedConfig = { auth: { profiles: { "openai:default": { mode: "oauth" } } } };
-    resolveManifestDeprecatedProviderAuthChoice.mockImplementation(((choiceId: string) =>
-      choiceId === "openai"
-        ? {
-            choiceId: "openai",
-            choiceLabel: "ChatGPT Login",
-          }
-        : undefined) as never);
-    applyNonInteractivePluginProviderChoice.mockResolvedValueOnce(resolvedConfig as never);
-
-    const result = await applyNonInteractiveAuthChoice({
-      nextConfig,
-      authChoice: "openai",
-      opts: {} as never,
-      runtime: runtime as never,
-      baseConfig: nextConfig,
-    });
-
-    expect(result).toBe(resolvedConfig);
-    expect(runtime.log).toHaveBeenCalledWith(
-      'Auth choice "openai" is deprecated; using ChatGPT Login setup instead.',
-    );
-    expect(runtime.error).not.toHaveBeenCalled();
-    expect(applyNonInteractivePluginProviderChoice).toHaveBeenCalledWith(
-      expect.objectContaining({ authChoice: "openai" }),
-    );
-  });
-
   it("escapes deprecated auth choice guidance for terminal output", async () => {
     const runtime = createRuntime();
     const nextConfig = { agents: { defaults: {} } } as OpenClawConfig;

Original file line number	Diff line number	Diff line change
`@@ -667,6 +667,9 @@ async function hasApiKeyForProvider(`
`667`	`667`	`}`
`668`	`668`
`669`	`669`	`function resolvePrimaryMemoryProviderEnvVar(provider: string): string {`
	`670`	`+ if (provider === "openai") {`
	`671`	`+ return "OPENAI_API_KEY";`
	`672`	`+ }`
`670`	`673`	`const metadata = resolveMemoryEmbeddingProviderDoctorMetadata(provider);`
`671`	`674`	return metadata?.envVars[0] ?? `${provider.toUpperCase()}_API_KEY`;
`672`	`675`	`}`