didericis/bot-bottle
1
0
Fork 0
Code Issues 7 Pull Requests 15 Actions Packages Projects Releases Wiki Activity

fix(codex): harden auth redaction

Browse Source
This commit is contained in:
didericis (codex)
2026-06-02 08:10:01 +00:00
parent 2247d730cd
commit 0a8bba58c7
3 changed files with 141 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/prds/0036-codex-auth-redaction-policy.md
+16 -12
View File
@@ -69,17 +69,23 @@ file, not as a redacted copy of the host file. The implementation may continue
to start from the host object for convenience, but preserved fields should be
controlled by explicit allowlists at known schema locations.
At the top level, preserve only fields required to keep Codex in the same auth
branch. In token blocks, replace access, ID, and refresh-like token values with
dummy values. In JWT payloads, preserve only claims that are known to be
non-secret and required for Codex behavior; unknown scalar claims should become
placeholders, unknown lists should become empty lists, and unknown objects
should recurse or become empty objects according to the local policy.
At the top level, preserve only `auth_mode`, replace `OPENAI_API_KEY` /
`openai_api_key` with `null`, and synthesize the `tokens` block. Unknown scalar
top-level fields become placeholders, unknown lists become empty lists, and
unknown dictionaries become empty objects.
In token blocks, replace `access_token` and `id_token` with dummy JWTs, preserve
the selected non-secret `account_id`, and redact every other token-block field
with the same placeholder / empty container policy. Refresh, session, and future
token values are never copied to the guest.
In JWT payloads, preserve only claims that are known to be non-secret and
required for Codex behavior. Unknown scalar claims become placeholders, unknown
lists become empty lists, and unknown objects become empty objects.
For the OpenAI auth claim, preserve only currently necessary non-secret values
such as plan type and selected account id. Everything else should be
placeholder, empty object, empty list, or omitted according to the policy. The
policy should be easy to audit from constants or named helper functions.
such as plan type, selected account id, and boolean localhost state. Everything
else is placeholder, empty object, or empty list according to the policy.
Tests should use fixture auth objects that include both current expected fields
and intentionally hostile future-looking fields such as `session_context`,
@@ -102,6 +108,4 @@ Run:
## Open Questions
- Which Codex auth fields are strictly required for the guest CLI to stay in
the device-auth branch? If a field is not demonstrably required, the default
should be to redact or omit it.
None.