load models from disk and set a ttl and etag (#7722)

# External (non-OpenAI) Pull Request Requirements Before opening this Pull Request, please read the dedicated "Contributing" markdown file or your PR may be closed: https://github.com/openai/codex/blob/main/docs/contributing.md If your PR conforms to our contribution guidelines, replace this text with a detailed and high quality description of your changes. Include a link to a bug report or enhancement request.
2026-05-04 05:11:37 +03:00 · 2025-12-08 13:43:04 -08:00
parent 4a3e9ed88d
commit 222a491570
13 changed files with 414 additions and 70 deletions
--- a/codex-rs/core/src/auth.rs
+++ b/codex-rs/core/src/auth.rs
@@ -32,7 +32,9 @@ use crate::token_data::TokenData;
 use crate::token_data::parse_id_token;
 use crate::util::try_parse_error_message;
 use codex_protocol::account::PlanType as AccountPlanType;
+use once_cell::sync::Lazy;
 use serde_json::Value;
+use tempfile::TempDir;
 use thiserror::Error;

 #[derive(Debug, Clone)]
@@ -62,6 +64,8 @@ const REFRESH_TOKEN_UNKNOWN_MESSAGE: &str =
 const REFRESH_TOKEN_URL: &str = "https://auth.openai.com/oauth/token";
 pub const REFRESH_TOKEN_URL_OVERRIDE_ENV_VAR: &str = "CODEX_REFRESH_TOKEN_URL_OVERRIDE";

+static TEST_AUTH_TEMP_DIRS: Lazy<Mutex<Vec<TempDir>>> = Lazy::new(|| Mutex::new(Vec::new()));
+
 #[derive(Debug, Error)]
 pub enum RefreshTokenError {
    #[error("{0}")]
@@ -1088,11 +1092,19 @@ impl AuthManager {
        }
    }

+    #[cfg(any(test, feature = "test-support"))]
+    #[expect(clippy::expect_used)]
    /// Create an AuthManager with a specific CodexAuth, for testing only.
    pub fn from_auth_for_testing(auth: CodexAuth) -> Arc<Self> {
        let cached = CachedAuth { auth: Some(auth) };
+        let temp_dir = tempfile::tempdir().expect("temp codex home");
+        let codex_home = temp_dir.path().to_path_buf();
+        TEST_AUTH_TEMP_DIRS
+            .lock()
+            .expect("lock test codex homes")
+            .push(temp_dir);
        Arc::new(Self {
-            codex_home: PathBuf::new(),
+            codex_home,
            inner: RwLock::new(cached),
            enable_codex_api_key_env: false,
            auth_credentials_store_mode: AuthCredentialsStoreMode::File,
@@ -1104,6 +1116,10 @@ impl AuthManager {
        self.inner.read().ok().and_then(|c| c.auth.clone())
    }

+    pub fn codex_home(&self) -> &Path {
+        &self.codex_home
+    }
+
    /// Force a reload of the auth information from auth.json. Returns
    /// whether the auth value changed.
    pub fn reload(&self) -> bool {