extract models manager and related ownership from core (#16508)

## Summary
- split `models-manager` out of `core` and add `ModelsManagerConfig`
plus `Config::to_models_manager_config()` so model metadata paths stop
depending on `core::Config`
- move login-owned/auth-owned code out of `core` into `codex-login`,
move model provider config into `codex-model-provider-info`, move API
bridge mapping into `codex-api`, move protocol-owned types/impls into
`codex-protocol`, and move response debug helpers into a dedicated
`response-debug-context` crate
- move feedback tag emission into `codex-feedback`, relocate tests to
the crates that now own the code, and keep broad temporary re-exports so
this PR avoids a giant import-only rewrite

## Major moves and decisions
- created `codex-models-manager` as the owner for model
cache/catalog/config/model info logic, including the new
`ModelsManagerConfig` struct
- created `codex-model-provider-info` as the owner for provider config
parsing/defaults and kept temporary `codex-login`/`codex-core`
re-exports for old import paths
- moved `api_bridge` error mapping + `CoreAuthProvider` into
`codex-api`, while `codex-login::api_bridge` temporarily re-exports
those symbols and keeps the `auth_provider_from_auth` wrapper
- moved `auth_env_telemetry` and `provider_auth` ownership to
`codex-login`
- moved `CodexErr` ownership to `codex-protocol::error`, plus
`StreamOutput`, `bytes_to_string_smart`, and network policy helpers to
protocol-owned modules
- created `codex-response-debug-context` for
`extract_response_debug_context`, `telemetry_transport_error_message`,
and related response-debug plumbing instead of leaving that behavior in
`core`
- moved `FeedbackRequestTags`, `emit_feedback_request_tags`, and
`emit_feedback_request_tags_with_auth_env` to `codex-feedback`
- deferred removal of temporary re-exports and the mechanical import
rewrites to a stacked follow-up PR so this PR stays reviewable

## Test moves
- moved auth refresh coverage from `core/tests/suite/auth_refresh.rs` to
`login/tests/suite/auth_refresh.rs`
- moved text encoding coverage from
`core/tests/suite/text_encoding_fix.rs` to
`protocol/src/exec_output_tests.rs`
- moved model info override coverage from
`core/tests/suite/model_info_overrides.rs` to
`models-manager/src/model_info_overrides_tests.rs`

---------

Co-authored-by: Codex <noreply@openai.com>

codex-rs/codex-api/src/api_bridge.rs

@@ -0,0 +1,210 @@
+use crate::AuthProvider as ApiAuthProvider;
+use crate::TransportError;
+use crate::error::ApiError;
+use crate::rate_limits::parse_promo_message;
+use crate::rate_limits::parse_rate_limit_for_limit;
+use base64::Engine;
+use chrono::DateTime;
+use chrono::Utc;
+use codex_protocol::auth::PlanType;
+use codex_protocol::error::CodexErr;
+use codex_protocol::error::RetryLimitReachedError;
+use codex_protocol::error::UnexpectedResponseError;
+use codex_protocol::error::UsageLimitReachedError;
+use http::HeaderMap;
+use serde::Deserialize;
+use serde_json::Value;
+
+pub fn map_api_error(err: ApiError) -> CodexErr {
+    match err {
+        ApiError::ContextWindowExceeded => CodexErr::ContextWindowExceeded,
+        ApiError::QuotaExceeded => CodexErr::QuotaExceeded,
+        ApiError::UsageNotIncluded => CodexErr::UsageNotIncluded,
+        ApiError::Retryable { message, delay } => CodexErr::Stream(message, delay),
+        ApiError::Stream(msg) => CodexErr::Stream(msg, None),
+        ApiError::ServerOverloaded => CodexErr::ServerOverloaded,
+        ApiError::Api { status, message } => CodexErr::UnexpectedStatus(UnexpectedResponseError {
+            status,
+            body: message,
+            url: None,
+            cf_ray: None,
+            request_id: None,
+            identity_authorization_error: None,
+            identity_error_code: None,
+        }),
+        ApiError::InvalidRequest { message } => CodexErr::InvalidRequest(message),
+        ApiError::Transport(transport) => match transport {
+            TransportError::Http {
+                status,
+                url,
+                headers,
+                body,
+            } => {
+                let body_text = body.unwrap_or_default();
+
+                if status == http::StatusCode::SERVICE_UNAVAILABLE
+                    && let Ok(value) = serde_json::from_str::<serde_json::Value>(&body_text)
+                    && matches!(
+                        value
+                            .get("error")
+                            .and_then(|error| error.get("code"))
+                            .and_then(serde_json::Value::as_str),
+                        Some("server_is_overloaded" | "slow_down")
+                    )
+                {
+                    return CodexErr::ServerOverloaded;
+                }
+
+                if status == http::StatusCode::BAD_REQUEST {
+                    if body_text
+                        .contains("The image data you provided does not represent a valid image")
+                    {
+                        CodexErr::InvalidImageRequest()
+                    } else {
+                        CodexErr::InvalidRequest(body_text)
+                    }
+                } else if status == http::StatusCode::INTERNAL_SERVER_ERROR {
+                    CodexErr::InternalServerError
+                } else if status == http::StatusCode::TOO_MANY_REQUESTS {
+                    if let Ok(err) = serde_json::from_str::<UsageErrorResponse>(&body_text) {
+                        if err.error.error_type.as_deref() == Some("usage_limit_reached") {
+                            let limit_id = extract_header(headers.as_ref(), ACTIVE_LIMIT_HEADER);
+                            let rate_limits = headers.as_ref().and_then(|map| {
+                                parse_rate_limit_for_limit(map, limit_id.as_deref())
+                            });
+                            let promo_message = headers.as_ref().and_then(parse_promo_message);
+                            let resets_at = err
+                                .error
+                                .resets_at
+                                .and_then(|seconds| DateTime::<Utc>::from_timestamp(seconds, 0));
+                            return CodexErr::UsageLimitReached(UsageLimitReachedError {
+                                plan_type: err.error.plan_type,
+                                resets_at,
+                                rate_limits: rate_limits.map(Box::new),
+                                promo_message,
+                            });
+                        } else if err.error.error_type.as_deref() == Some("usage_not_included") {
+                            return CodexErr::UsageNotIncluded;
+                        }
+                    }
+
+                    CodexErr::RetryLimit(RetryLimitReachedError {
+                        status,
+                        request_id: extract_request_tracking_id(headers.as_ref()),
+                    })
+                } else {
+                    CodexErr::UnexpectedStatus(UnexpectedResponseError {
+                        status,
+                        body: body_text,
+                        url,
+                        cf_ray: extract_header(headers.as_ref(), CF_RAY_HEADER),
+                        request_id: extract_request_id(headers.as_ref()),
+                        identity_authorization_error: extract_header(
+                            headers.as_ref(),
+                            X_OPENAI_AUTHORIZATION_ERROR_HEADER,
+                        ),
+                        identity_error_code: extract_x_error_json_code(headers.as_ref()),
+                    })
+                }
+            }
+            TransportError::RetryLimit => CodexErr::RetryLimit(RetryLimitReachedError {
+                status: http::StatusCode::INTERNAL_SERVER_ERROR,
+                request_id: None,
+            }),
+            TransportError::Timeout => CodexErr::Timeout,
+            TransportError::Network(msg) | TransportError::Build(msg) => {
+                CodexErr::Stream(msg, None)
+            }
+        },
+        ApiError::RateLimit(msg) => CodexErr::Stream(msg, None),
+    }
+}
+
+const ACTIVE_LIMIT_HEADER: &str = "x-codex-active-limit";
+const REQUEST_ID_HEADER: &str = "x-request-id";
+const OAI_REQUEST_ID_HEADER: &str = "x-oai-request-id";
+const CF_RAY_HEADER: &str = "cf-ray";
+const X_OPENAI_AUTHORIZATION_ERROR_HEADER: &str = "x-openai-authorization-error";
+const X_ERROR_JSON_HEADER: &str = "x-error-json";
+
+#[cfg(test)]
+#[path = "api_bridge_tests.rs"]
+mod tests;
+
+fn extract_request_tracking_id(headers: Option<&HeaderMap>) -> Option<String> {
+    extract_request_id(headers).or_else(|| extract_header(headers, CF_RAY_HEADER))
+}
+
+fn extract_request_id(headers: Option<&HeaderMap>) -> Option<String> {
+    extract_header(headers, REQUEST_ID_HEADER)
+        .or_else(|| extract_header(headers, OAI_REQUEST_ID_HEADER))
+}
+
+fn extract_header(headers: Option<&HeaderMap>, name: &str) -> Option<String> {
+    headers.and_then(|map| {
+        map.get(name)
+            .and_then(|value| value.to_str().ok())
+            .map(str::to_string)
+    })
+}
+
+fn extract_x_error_json_code(headers: Option<&HeaderMap>) -> Option<String> {
+    let encoded = extract_header(headers, X_ERROR_JSON_HEADER)?;
+    let decoded = base64::engine::general_purpose::STANDARD
+        .decode(encoded)
+        .ok()?;
+    let parsed = serde_json::from_slice::<Value>(&decoded).ok()?;
+    parsed
+        .get("error")
+        .and_then(|error| error.get("code"))
+        .and_then(Value::as_str)
+        .map(str::to_string)
+}
+
+#[derive(Debug, Deserialize)]
+struct UsageErrorResponse {
+    error: UsageErrorBody,
+}
+
+#[derive(Debug, Deserialize)]
+struct UsageErrorBody {
+    #[serde(rename = "type")]
+    error_type: Option<String>,
+    plan_type: Option<PlanType>,
+    resets_at: Option<i64>,
+}
+
+#[derive(Clone, Default)]
+pub struct CoreAuthProvider {
+    pub token: Option<String>,
+    pub account_id: Option<String>,
+}
+
+impl CoreAuthProvider {
+    pub fn auth_header_attached(&self) -> bool {
+        self.token
+            .as_ref()
+            .is_some_and(|token| http::HeaderValue::from_str(&format!("Bearer {token}")).is_ok())
+    }
+
+    pub fn auth_header_name(&self) -> Option<&'static str> {
+        self.auth_header_attached().then_some("authorization")
+    }
+
+    pub fn for_test(token: Option<&str>, account_id: Option<&str>) -> Self {
+        Self {
+            token: token.map(str::to_string),
+            account_id: account_id.map(str::to_string),
+        }
+    }
+}
+
+impl ApiAuthProvider for CoreAuthProvider {
+    fn bearer_token(&self) -> Option<String> {
+        self.token.clone()
+    }
+
+    fn account_id(&self) -> Option<String> {
+        self.account_id.clone()
+    }
+}

codex-rs/codex-api/src/api_bridge_tests.rs

@@ -0,0 +1,143 @@
+use super::*;
+use base64::Engine;
+use pretty_assertions::assert_eq;
+
+#[test]
+fn map_api_error_maps_server_overloaded() {
+    let err = map_api_error(ApiError::ServerOverloaded);
+    assert!(matches!(err, CodexErr::ServerOverloaded));
+}
+
+#[test]
+fn map_api_error_maps_server_overloaded_from_503_body() {
+    let body = serde_json::json!({
+        "error": {
+            "code": "server_is_overloaded"
+        }
+    })
+    .to_string();
+    let err = map_api_error(ApiError::Transport(TransportError::Http {
+        status: http::StatusCode::SERVICE_UNAVAILABLE,
+        url: Some("http://example.com/v1/responses".to_string()),
+        headers: None,
+        body: Some(body),
+    }));
+
+    assert!(matches!(err, CodexErr::ServerOverloaded));
+}
+
+#[test]
+fn map_api_error_maps_usage_limit_limit_name_header() {
+    let mut headers = HeaderMap::new();
+    headers.insert(
+        ACTIVE_LIMIT_HEADER,
+        http::HeaderValue::from_static("codex_other"),
+    );
+    headers.insert(
+        "x-codex-other-limit-name",
+        http::HeaderValue::from_static("codex_other"),
+    );
+    let body = serde_json::json!({
+        "error": {
+            "type": "usage_limit_reached",
+            "plan_type": "pro",
+        }
+    })
+    .to_string();
+    let err = map_api_error(ApiError::Transport(TransportError::Http {
+        status: http::StatusCode::TOO_MANY_REQUESTS,
+        url: Some("http://example.com/v1/responses".to_string()),
+        headers: Some(headers),
+        body: Some(body),
+    }));
+
+    let CodexErr::UsageLimitReached(usage_limit) = err else {
+        panic!("expected CodexErr::UsageLimitReached, got {err:?}");
+    };
+    assert_eq!(
+        usage_limit
+            .rate_limits
+            .as_ref()
+            .and_then(|snapshot| snapshot.limit_name.as_deref()),
+        Some("codex_other")
+    );
+}
+
+#[test]
+fn map_api_error_does_not_fallback_limit_name_to_limit_id() {
+    let mut headers = HeaderMap::new();
+    headers.insert(
+        ACTIVE_LIMIT_HEADER,
+        http::HeaderValue::from_static("codex_other"),
+    );
+    let body = serde_json::json!({
+        "error": {
+            "type": "usage_limit_reached",
+            "plan_type": "pro",
+        }
+    })
+    .to_string();
+    let err = map_api_error(ApiError::Transport(TransportError::Http {
+        status: http::StatusCode::TOO_MANY_REQUESTS,
+        url: Some("http://example.com/v1/responses".to_string()),
+        headers: Some(headers),
+        body: Some(body),
+    }));
+
+    let CodexErr::UsageLimitReached(usage_limit) = err else {
+        panic!("expected CodexErr::UsageLimitReached, got {err:?}");
+    };
+    assert_eq!(
+        usage_limit
+            .rate_limits
+            .as_ref()
+            .and_then(|snapshot| snapshot.limit_name.as_deref()),
+        None
+    );
+}
+
+#[test]
+fn map_api_error_extracts_identity_auth_details_from_headers() {
+    let mut headers = HeaderMap::new();
+    headers.insert(REQUEST_ID_HEADER, http::HeaderValue::from_static("req-401"));
+    headers.insert(CF_RAY_HEADER, http::HeaderValue::from_static("ray-401"));
+    headers.insert(
+        X_OPENAI_AUTHORIZATION_ERROR_HEADER,
+        http::HeaderValue::from_static("missing_authorization_header"),
+    );
+    let x_error_json =
+        base64::engine::general_purpose::STANDARD.encode(r#"{"error":{"code":"token_expired"}}"#);
+    headers.insert(
+        X_ERROR_JSON_HEADER,
+        http::HeaderValue::from_str(&x_error_json).expect("valid x-error-json header"),
+    );
+
+    let err = map_api_error(ApiError::Transport(TransportError::Http {
+        status: http::StatusCode::UNAUTHORIZED,
+        url: Some("https://chatgpt.com/backend-api/codex/models".to_string()),
+        headers: Some(headers),
+        body: Some(r#"{"detail":"Unauthorized"}"#.to_string()),
+    }));
+
+    let CodexErr::UnexpectedStatus(err) = err else {
+        panic!("expected CodexErr::UnexpectedStatus, got {err:?}");
+    };
+    assert_eq!(err.request_id.as_deref(), Some("req-401"));
+    assert_eq!(err.cf_ray.as_deref(), Some("ray-401"));
+    assert_eq!(
+        err.identity_authorization_error.as_deref(),
+        Some("missing_authorization_header")
+    );
+    assert_eq!(err.identity_error_code.as_deref(), Some("token_expired"));
+}
+
+#[test]
+fn core_auth_provider_reports_when_auth_header_will_attach() {
+    let auth = CoreAuthProvider {
+        token: Some("access-token".to_string()),
+        account_id: None,
+    };
+
+    assert!(auth.auth_header_attached());
+    assert_eq!(auth.auth_header_name(), Some("authorization"));
+}

codex-rs/codex-api/src/lib.rs

@@ -1,3 +1,4 @@
+pub mod api_bridge;
 pub mod auth;
 pub mod common;
 pub mod endpoint;