refactor: keep authorization headers in provider

efrazer-oai · efrazer-oai · commit ec8584047080 · 2026-04-21T17:40:27.000-07:00
diff --git a/codex-rs/backend-client/src/client.rs b/codex-rs/backend-client/src/client.rs
@@ -819,6 +819,7 @@ mod tests {
             base_url: "https://example.test".to_string(),
             http: reqwest::Client::new(),
             bearer_token: None,
+            auth_headers: HeaderMap::new(),
             user_agent: None,
             chatgpt_account_id: None,
             chatgpt_account_is_fedramp: false,
@@ -833,6 +834,7 @@ mod tests {
             base_url: "https://chatgpt.com/backend-api".to_string(),
             http: reqwest::Client::new(),
             bearer_token: None,
+            auth_headers: HeaderMap::new(),
             user_agent: None,
             chatgpt_account_id: None,
             chatgpt_account_is_fedramp: false,
diff --git a/codex-rs/chatgpt/src/chatgpt_client.rs b/codex-rs/chatgpt/src/chatgpt_client.rs
@@ -30,6 +30,9 @@ pub(crate) async fn chatgpt_get_request_with_timeout<T: DeserializeOwned>(
         auth.uses_codex_backend(),
         "ChatGPT backend requests require Codex backend auth"
     );
+    let _account_id = auth.get_account_id().ok_or_else(|| {
+        anyhow::anyhow!("ChatGPT account ID not available, please re-run `codex login`")
+    })?;
 
     // Make direct HTTP request to ChatGPT backend API with the token
     let client = create_client();
diff --git a/codex-rs/core/src/session/turn_context.rs b/codex-rs/core/src/session/turn_context.rs
@@ -3,10 +3,7 @@ use codex_model_provider::SharedModelProvider;
 use codex_model_provider::create_model_provider;
 
 pub(super) fn image_generation_tool_auth_allowed(auth_manager: Option<&AuthManager>) -> bool {
-    auth_manager
-        .and_then(AuthManager::auth_cached)
-        .as_ref()
-        .is_some_and(CodexAuth::uses_codex_backend)
+    auth_manager.is_some_and(AuthManager::current_auth_uses_codex_backend)
 }
 
 #[derive(Clone, Debug)]
@@ -86,9 +83,7 @@ impl TurnContext {
         let uses_codex_backend = self
             .auth_manager
             .as_deref()
-            .and_then(AuthManager::auth_cached)
-            .as_ref()
-            .is_some_and(CodexAuth::uses_codex_backend);
+            .is_some_and(AuthManager::current_auth_uses_codex_backend);
         self.features.apps_enabled_for_auth(uses_codex_backend)
     }
 
diff --git a/codex-rs/login/src/auth/manager.rs b/codex-rs/login/src/auth/manager.rs
@@ -1723,6 +1723,13 @@ impl AuthManager {
         self.auth_cached().as_ref().map(CodexAuth::auth_mode)
     }
 
+    pub fn current_auth_uses_codex_backend(&self) -> bool {
+        matches!(
+            self.auth_mode(),
+            Some(AuthMode::Chatgpt | AuthMode::ChatgptAuthTokens | AuthMode::AgentIdentity)
+        )
+    }
+
     fn is_stale_for_proactive_refresh(auth: &CodexAuth) -> bool {
         let chatgpt_auth = match auth {
             CodexAuth::Chatgpt(chatgpt_auth) => chatgpt_auth,
diff --git a/codex-rs/models-manager/src/manager.rs b/codex-rs/models-manager/src/manager.rs
@@ -540,8 +540,8 @@ impl ModelsManager {
         let uses_codex_backend = self
             .provider
             .auth_manager()
-            .and_then(|auth_manager| auth_manager.auth_cached())
-            .is_some_and(|auth| auth.uses_codex_backend());
+            .as_deref()
+            .is_some_and(AuthManager::current_auth_uses_codex_backend);
         presets = ModelPreset::filter_by_auth(presets, uses_codex_backend);
 
         ModelPreset::mark_default_by_picker_visibility(&mut presets);
