fix(app-server): surface more helpful errors for json-rpc (#11638)

Propagate client JSON-RPC errors for app-server request callbacks. Previously a number of possible errors were collapsed to `channel closed`. Now we should be able to see the underlying client error. ### Summary This change stops masking client JSON-RPC error responses as generic callback cancellation in app-server server->client request flows. Previously, when the client responded with a JSON-RPC error, we removed the callback entry but did not send anything to the waiting oneshot receiver. Waiters then observed channel closure (for example, auth refresh request canceled: channel closed), which hid the actual client error. Now, client JSON-RPC errors are forwarded through the callback channel and handled explicitly by request consumers. ### User-visible behavior - External auth refresh now surfaces real client JSON-RPC errors when provided. - True transport/callback-drop cases still report canceled/channel-closed semantics. ### Example: client JSON-RPC error is now propagated (not masked as "canceled") When app-server asks the client to refresh ChatGPT auth tokens, it sends a server->client JSON-RPC request like: ```json { "id": 42, "method": "account/chatgptAuthTokens/refresh", "params": { "reason": "unauthorized", "previousAccountId": "org-abc" } } ``` If the client cannot refresh and responds with a JSON-RPC error: ``` { "id": 42, "error": { "code": -32000, "message": "refresh failed", "data": null } } ``` app-server now forwards that error through the callback path and surfaces: `auth refresh request failed: code=-32000 message=refresh failed` Previously, this same case could be reported as: `auth refresh request canceled: channel closed`
2026-05-02 20:32:04 +03:00 · 2026-02-12 16:14:55 -08:00
parent 2825ac85a8
commit 8d97b5c246
4 changed files with 137 additions and 22 deletions
--- a/codex-rs/app-server/src/message_processor.rs
+++ b/codex-rs/app-server/src/message_processor.rs
@@ -86,9 +86,20 @@ impl ExternalAuthRefresher for ExternalAuthRefreshBridge {
            .await;

        let result = match timeout(EXTERNAL_AUTH_REFRESH_TIMEOUT, rx).await {
-            Ok(result) => result.map_err(|err| {
-                std::io::Error::other(format!("auth refresh request canceled: {err}"))
-            })?,
+            Ok(result) => {
+                // Two failure scenarios:
+                // 1) `oneshot::Receiver` failed (sender dropped) => request canceled/channel closed.
+                // 2) client answered with JSON-RPC error payload => propagate code/message.
+                let result = result.map_err(|err| {
+                    std::io::Error::other(format!("auth refresh request canceled: {err}"))
+                })?;
+                result.map_err(|err| {
+                    std::io::Error::other(format!(
+                        "auth refresh request failed: code={} message={}",
+                        err.code, err.message
+                    ))
+                })?
+            }
            Err(_) => {
                let _canceled = self.outgoing.cancel_request(&request_id).await;
                return Err(std::io::Error::other(format!(