openai-codex OAuth login does not honor proxy env for oauth/token exchange and refresh

[leozhengliu-pixel]

Summary

openclaw models auth login --provider openai-codex can fail behind a proxy even when the same machine can successfully use both the official Codex CLI and Codex app through that proxy.

The failure happens during the final OAuth token exchange / refresh step. The browser authorization page works, the localhost callback works, but the https://auth.openai.com/oauth/token request does not consistently honor proxy environment variables.

Environment

• OpenClaw: 2026.3.8
• macOS: Apple Silicon
• Proxy setup:
  • HTTP_PROXY=http://127.0.0.1:9098
  • HTTPS_PROXY=http://127.0.0.1:9098
  • ALL_PROXY=socks5://127.0.0.1:9099
  • NO_PROXY=localhost,127.0.0.1,::1

Symptoms

Running:

openclaw models auth login --provider openai-codex

would open the browser auth page successfully, but fail after redirect/callback with:

[openai-codex] code->token failed: 403 {"error":{"code":"unsupported_country_region_territory",...}}
Error: Token exchange failed

On the same machine, with the same proxy setup:

• official codex CLI login works
• Codex desktop/app login works

So this is not a general connectivity issue on the host.

Root Cause

OpenClaw delegates this flow to:

@mariozechner/pi-ai/dist/utils/oauth/openai-codex.js

In that file, both of these functions used bare fetch(TOKEN_URL, ...):

• exchangeAuthorizationCode()
• refreshAccessToken()

They did not explicitly use undici's EnvHttpProxyAgent or equivalent proxy-aware dispatcher.

That means:

• browser authorization can go through the user's browser/system proxy
• localhost callback works
• but the OAuth token exchange / refresh request path in OpenClaw itself may not reliably go through the configured proxy

Minimal Fix

Patch the OAuth helper to explicitly honor proxy env by wiring EnvHttpProxyAgent into the token exchange and refresh fetch calls.

Example local fix that resolved the issue:

let _EnvHttpProxyAgent = null;

if (typeof process !== "undefined" && (process.versions?.node || process.versions?.bun)) {
  import("undici").then((m) => {
    _EnvHttpProxyAgent = m.EnvHttpProxyAgent;
  }).catch(() => {
    _EnvHttpProxyAgent = null;
  });
}

function getProxyAwareFetchOptions() {
  const proxy =
    process.env.HTTPS_PROXY ||
    process.env.HTTP_PROXY ||
    process.env.ALL_PROXY ||
    process.env.https_proxy ||
    process.env.http_proxy ||
    process.env.all_proxy;

  if (!proxy?.trim() || !_EnvHttpProxyAgent) return {};

  try {
    return { dispatcher: new _EnvHttpProxyAgent() };
  } catch {
    return {};
  }
}

Then use it in both token requests:

const response = await fetch(TOKEN_URL, {
  ...getProxyAwareFetchOptions(),
  method: "POST",
  ...
});

Verification

After applying the patch locally, the same login flow completed successfully:

OpenAI OAuth complete
Auth profile: openai-codex:default (openai-codex/oauth)

Why this looks like a bug

OpenClaw already has proxy-aware handling in other network paths, but this specific openai-codex OAuth token exchange / refresh path is inconsistent with that behavior.

Expected behavior:

• if proxy env is configured, openai-codex OAuth token exchange and refresh should honor it the same way other OpenClaw network requests do

[ohXiaoMing996]

It has been successfully resolved, thanks for the ide

[ls527423323]

I tested this on Windows PowerShell and still hit the same code->token failed: 403 unsupported_country_region_territory error even after applying the local patch from this issue.
But OpenClaw still fails only on the final /oauth/token step.
Could this mean there is still another issue beyond the missing proxy-aware dispatcher, possibly Windows-specific?

[LeeeeeeM]

the same

[LeeeeeeM]

And I forked someone else' repo and rebuild it. it works.

https://github.com/openclaw/openclaw/pull/42689/changes#diff-114f011f4e6260c097c9aa211ff2e66184c191514c999c661cd56a7740f7aba5

[xiaohuaxi]

Adding another data point on v2026.3.22 (WSL2 Ubuntu, gateway as systemd user service with HTTP_PROXY/HTTPS_PROXY env vars).

We confirmed the exact code path where this happens. In runEmbeddedPiAgent():

1. applyApiKeyInfo() is called (~run.ts:775), which resolves auth profiles and may trigger refreshOAuthTokenWithLock() → getOAuthApiKey() — HTTP request without proxy
2. runEmbeddedAttempt() is called later (~run.ts:927), which is where ensureGlobalUndiciEnvProxyDispatcher() finally runs (attempt.ts:1669) — proxy set up too late

The env vars are present in the process (injected via systemd), but undici's EnvHttpProxyAgent is never instantiated before the OAuth refresh fetch. Result: 403 unsupported_country_region_territory.

This also interacts with #53317 — gateway's in-memory auth snapshot can become stale after auth login, forcing an unnecessary refresh that then fails due to missing proxy.

Workaround: We use a NODE_OPTIONS=--require preload script (via systemd drop-in) that calls setGlobalDispatcher(new EnvHttpProxyAgent()) at process startup, before any OpenClaw code runs. This ensures all undici-based requests respect proxy env vars from the start.

A potential upstream fix: move ensureGlobalUndiciEnvProxyDispatcher() to gateway startup (e.g., in startGatewayServer()) rather than deferring it to runEmbeddedAttempt().

---

Reported by the CoClaw team.
This issue was discovered while developing @coclaw/openclaw-coclaw, a CoClaw channel plugin for OpenClaw.

[xiaohuaxi]

Workaround: --require preload to set undici proxy dispatcher at process startup

For anyone running the gateway as a systemd service behind a proxy, here's a workaround that ensures all HTTP requests (including early OAuth token refresh) go through the proxy.

How it works

A small CJS script is injected via NODE_OPTIONS=--require before any OpenClaw code runs. It resolves undici from OpenClaw's own node_modules (via createRequire(process.argv[1])) and calls setGlobalDispatcher(new EnvHttpProxyAgent()). This makes the proxy available from the very first fetch — no OpenClaw code changes needed.

Step 1: Create the preload script

Save as ~/.openclaw/scripts/gateway-proxy-preload.cjs:

"use strict";

const hasProxy =
    process.env.HTTPS_PROXY || process.env.HTTP_PROXY ||
    process.env.https_proxy || process.env.http_proxy;

if (!hasProxy) return;

try {
    const { createRequire } = require("module");
    const mainScript = process.argv[1];
    if (!mainScript) return;
    const openclawRequire = createRequire(mainScript);
    const { EnvHttpProxyAgent, setGlobalDispatcher } = openclawRequire("undici");
    setGlobalDispatcher(new EnvHttpProxyAgent());
    const proxy = process.env.HTTPS_PROXY || process.env.https_proxy ||
        process.env.HTTP_PROXY || process.env.http_proxy;
    console.log(`[proxy-preload] Global undici proxy dispatcher set (${proxy})`);
} catch (err) {
    console.error("[proxy-preload] Failed to set proxy dispatcher:", err.message);
}

Step 2: Create a systemd drop-in

mkdir -p ~/.config/systemd/user/openclaw-gateway.service.d

cat > ~/.config/systemd/user/openclaw-gateway.service.d/03-proxy-preload.conf << EOF
[Service]
Environment="NODE_OPTIONS=--require $HOME/.openclaw/scripts/gateway-proxy-preload.cjs"
EOF

systemctl --user daemon-reload
systemctl --user restart openclaw-gateway.service

(You still need a separate drop-in for HTTP_PROXY/HTTPS_PROXY/NO_PROXY env vars if you haven't already.)

Step 3: Verify

journalctl --user -u openclaw-gateway.service --since '1min ago' | head -20
# Should show: [proxy-preload] Global undici proxy dispatcher set (http://...)

Notes

• The preload script is independent of the OpenClaw install path — createRequire(process.argv[1]) resolves undici relative to whatever entry point systemd launches. No update needed after openclaw upgrades.
• It respects NO_PROXY / no_proxy (handled by EnvHttpProxyAgent).
• If no proxy env vars are set, the script is a no-op.
• This also mitigates Bug: Gateway overwrites fresh OAuth token with stale cached state on startup (v2026.3.22, openai-codex) #53317 — when a stale in-memory token triggers an unnecessary refresh, the refresh can at least reach the OAuth server through the proxy.

[xiaohuaxi]

Additional pitfall: ~/.codex/auth.json can silently overwrite fresh tokens

While investigating the proxy issue, we discovered another layer that can cause refresh_token_reused even after a successful login:

OpenClaw's syncExternalCliCredentials() reads ~/.codex/auth.json (the Codex CLI's own auth store) on every auth profile load and unconditionally overwrites the openai-codex:default profile if the tokens differ — regardless of which token is newer.

If you have a stale ~/.codex/auth.json from a previous Codex CLI login, it will replace your freshly issued OpenClaw token on gateway startup, causing immediate refresh failures.

Additional workaround step: Before restarting the gateway after login, ensure no stale ~/.codex/auth.json exists:

# Check if it exists and is stale
ls -la ~/.codex/auth.json

# Remove or rename if present
mv ~/.codex/auth.json ~/.codex/auth.json.bak

This is tracked separately in #54050.

[steipete]

Closing this as implemented after Codex review.

Current main already adds proxy bootstrap to the OpenAI Codex OAuth login path and to the OpenAI Codex token refresh/get-token runtime wrappers, so the reported oauth/token exchange and refresh path is implemented on main.

What I checked:

• Login flow bootstraps env proxy before OAuth: loginOpenAICodexOAuth() calls ensureGlobalUndiciEnvProxyDispatcher() before starting the PI OAuth login flow, covering the code->token exchange path. (src/plugins/provider-openai-codex-oauth.ts:130, 7ac35b4f6900)
• Codex runtime wrappers force proxy-aware dispatcher: The bundled OpenAI plugin wraps both getOAuthApiKey() and refreshOpenAICodexToken() and calls ensureGlobalUndiciEnvProxyDispatcher() immediately before delegating to @mariozechner/pi-ai/oauth. (extensions/openai/openai-codex-provider.runtime.ts:7, 7ac35b4f6900)
• OAuth refresh path prefers provider plugin hook: refreshOAuthCredential() first calls refreshProviderOAuthCredentialWithPlugin(...) and returns that result before falling back to generic PI OAuth handling. (src/agents/auth-profiles/oauth.ts:137, 7ac35b4f6900)
• OpenAI Codex provider wires refresh through proxy-aware runtime wrapper: The OpenAI Codex provider refresh hook imports refreshOpenAICodexToken() from openai-codex-provider.runtime.ts, and the provider exposes that via refreshOAuth, so refreshes go through the proxy-bootstrapped wrapper. (extensions/openai/openai-codex-provider.ts:285, 7ac35b4f6900)

So I’m closing this as already implemented rather than keeping a duplicate issue open.

Review notes: reviewed against 7ac35b4f6900; fix evidence: commit 7ac35b4f6900.