feat: add opt-in provider runtime abstraction (#17713)

## Summary - Add `codex-model-provider` as the runtime home for model-provider behavior that does not belong in `codex-core`, `codex-login`, or `codex-api`. - The new crate wraps configured `ModelProviderInfo` in a `ModelProvider` trait object that can resolve the API provider config, provider-scoped auth manager, and request auth provider for each call. - This centralizes provider auth behavior in one place today, and gives us an extension point for future provider-specific auth, model listing, request setup, and related runtime behavior. ## Tests Ran tests manually to make sure that provider auth under different configs still work as expected. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2026-05-04 05:11:37 +03:00 · 2026-04-16 19:27:45 -07:00
parent 91e8eebd03
commit a803790a10
45 changed files with 577 additions and 369 deletions
--- a/codex-rs/codex-api/src/api_bridge_tests.rs
+++ b/codex-rs/codex-api/src/api_bridge_tests.rs
@@ -130,55 +130,3 @@ fn map_api_error_extracts_identity_auth_details_from_headers() {
    );
    assert_eq!(err.identity_error_code.as_deref(), Some("token_expired"));
 }
-
-#[test]
-fn core_auth_provider_reports_when_auth_header_will_attach() {
-    let auth = CoreAuthProvider {
-        token: Some("access-token".to_string()),
-        account_id: None,
-        is_fedramp_account: false,
-    };
-
-    assert!(auth.auth_header_attached());
-    assert_eq!(auth.auth_header_name(), Some("authorization"));
-}
-
-#[test]
-fn core_auth_provider_adds_auth_headers() {
-    let auth = CoreAuthProvider::for_test(Some("access-token"), Some("workspace-123"));
-    let mut headers = HeaderMap::new();
-
-    crate::AuthProvider::add_auth_headers(&auth, &mut headers);
-
-    assert_eq!(
-        headers
-            .get(http::header::AUTHORIZATION)
-            .and_then(|value| value.to_str().ok()),
-        Some("Bearer access-token")
-    );
-    assert_eq!(
-        headers
-            .get("ChatGPT-Account-ID")
-            .and_then(|value| value.to_str().ok()),
-        Some("workspace-123")
-    );
-}
-
-#[test]
-fn core_auth_provider_adds_fedramp_routing_header_for_fedramp_accounts() {
-    let auth = CoreAuthProvider {
-        token: Some("access-token".to_string()),
-        account_id: Some("workspace-123".to_string()),
-        is_fedramp_account: true,
-    };
-    let mut headers = HeaderMap::new();
-
-    crate::AuthProvider::add_auth_headers(&auth, &mut headers);
-
-    assert_eq!(
-        headers
-            .get("X-OpenAI-Fedramp")
-            .and_then(|value| value.to_str().ok()),
-        Some("true")
-    );
-}