feat: openai codex support (#292)

* feat(web): add provider oauth management ui * feat: add OAuth callback support on port 1455 * feat: enhance reasoning effort options and support for OpenAI Codex OAuth * feat: update twilight-ai dependency to v0.3.4 * refactor: promote openai-codex to first-class client_type, remove auth_type Replace the previous openai-responses + metadata auth_type=openai-codex-oauth combo with a dedicated openai-codex client_type. OAuth requirement is now determined solely by client_type, eliminating the auth_type concept from the LLM provider domain entirely. - Add openai-codex to DB CHECK constraint (migration 0047) with data migration - Add ClientTypeOpenAICodex constant and dedicated SDK/probe branches - Remove AuthType from SDKModelConfig, ModelCredentials, TriggerConfig, etc. - Simplify supportsOAuth to check client_type == openai-codex - Add conf/providers/codex.yaml preset with Codex catalog models - Frontend: replace auth_type selector with client_type-driven OAuth UI --------- Co-authored-by: Acbox <acbox0328@gmail.com>
2026-04-27 07:16:19 +09:00 · 2026-03-27 19:30:45 +08:00
parent 44c92f198b
commit 64378d29ed
44 changed files with 1663 additions and 160 deletions
@@ -0,0 +1,52 @@
+-- name: UpsertLlmProviderOAuthToken :one
+INSERT INTO llm_provider_oauth_tokens (
+  llm_provider_id,
+  access_token,
+  refresh_token,
+  expires_at,
+  scope,
+  token_type,
+  state,
+  pkce_code_verifier
+)
+VALUES (
+  sqlc.arg(llm_provider_id),
+  sqlc.arg(access_token),
+  sqlc.arg(refresh_token),
+  sqlc.arg(expires_at),
+  sqlc.arg(scope),
+  sqlc.arg(token_type),
+  sqlc.arg(state),
+  sqlc.arg(pkce_code_verifier)
+)
+ON CONFLICT (llm_provider_id) DO UPDATE SET
+  access_token = EXCLUDED.access_token,
+  refresh_token = EXCLUDED.refresh_token,
+  expires_at = EXCLUDED.expires_at,
+  scope = EXCLUDED.scope,
+  token_type = EXCLUDED.token_type,
+  state = EXCLUDED.state,
+  pkce_code_verifier = EXCLUDED.pkce_code_verifier,
+  updated_at = now()
+RETURNING *;
+
+-- name: GetLlmProviderOAuthTokenByProvider :one
+SELECT * FROM llm_provider_oauth_tokens WHERE llm_provider_id = sqlc.arg(llm_provider_id);
+
+-- name: GetLlmProviderOAuthTokenByState :one
+SELECT * FROM llm_provider_oauth_tokens WHERE state = sqlc.arg(state) AND state != '';
+
+-- name: UpdateLlmProviderOAuthState :exec
+INSERT INTO llm_provider_oauth_tokens (llm_provider_id, state, pkce_code_verifier)
+VALUES (
+  sqlc.arg(llm_provider_id),
+  sqlc.arg(state),
+  sqlc.arg(pkce_code_verifier)
+)
+ON CONFLICT (llm_provider_id) DO UPDATE SET
+  state = EXCLUDED.state,
+  pkce_code_verifier = EXCLUDED.pkce_code_verifier,
+  updated_at = now();
+
+-- name: DeleteLlmProviderOAuthToken :exec
+DELETE FROM llm_provider_oauth_tokens WHERE llm_provider_id = sqlc.arg(llm_provider_id);