Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,21 @@ describe('codex account auth warning', () => {
).toContain('access token could not be refreshed')
})

it('does not warn an API-key-only account when rate limits need chatgpt auth', () => {
// Why: the app-server rejects account/rateLimits/read with this message for
// an account signed in via OPENAI_API_KEY only. That account is validly
// authenticated and must not surface a destructive re-auth banner (#8765).
expect(
getCodexAccountAuthWarning({
limits: codexLimits('chatgpt authentication required to read rate limits'),
target: { runtime: 'host', wslDistro: null },
runtime: { runtime: 'host' },
activeAccountId: 'account-1',
accountId: 'account-1'
})
).toBeNull()
})

it('does not warn for inactive accounts or a different runtime', () => {
const limits = codexLimits(
'Your access token could not be refreshed. Please log out and sign in again.'
Expand Down
11 changes: 11 additions & 0 deletions src/renderer/src/components/settings/codex-account-auth-warning.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,14 @@ import type {
} from '../../../../shared/rate-limit-types'
import { isCodexAuthError } from '../../../../shared/codex-auth-errors'

// Why: an API-key-only Codex account is validly signed in. The app-server
// rejects account/rateLimits/read with "chatgpt authentication required to read
// rate limits" for such accounts, which isCodexAuthError classifies as an auth
// error so the rate-limit fetcher skips its PTY fallback. That classification is
// correct for the fetcher but not for this re-auth banner: the account does not
// need re-authentication, so showing a destructive warning would be wrong.
const CHATGPT_RATE_LIMIT_AUTH_REQUIRED_RE = /chatgpt authentication required/i

type AccountRuntime = {
runtime: 'host' | 'wsl'
wslDistro?: string | null
Expand Down Expand Up @@ -38,5 +46,8 @@ export function getCodexAccountAuthWarning(args: {
if (args.limits?.status !== 'error' || !isCodexAuthError(args.limits.error)) {
return null
}
if (args.limits.error && CHATGPT_RATE_LIMIT_AUTH_REQUIRED_RE.test(args.limits.error)) {
return null
}
return args.limits.error?.trim() || 'Codex reported that this sign-in needs re-authentication.'
}
Loading