jetpac/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

before codex auth refactor

Browse Source
This commit is contained in:
Petr Nyc
2026-06-04 08:31:01 +02:00
parent 7a88b84fd0
commit 8ed0c97799
3 changed files with 75 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.codex-sso/config.toml
View File

@@ -29,7 +29,9 @@ model_reasoning_effort = "xhigh"
notify = ["/Users/jetpac/.codex-sso/computer-use/Codex Computer Use.app/Contents/SharedSupport/SkyComputerUseClient.app/Contents/MacOS/SkyComputerUseClient", "turn-ended"] notify = ["/Users/jetpac/.codex-sso/computer-use/Codex Computer Use.app/Contents/SharedSupport/SkyComputerUseClient.app/Contents/MacOS/SkyComputerUseClient", "turn-ended"]
approvals_reviewer = "guardian_subagent" # approvals_reviewer = "guardian_subagent"
approvals_reviewer = "auto_review"
[features] [features]
multi_agent = true multi_agent = true
@@ -110,6 +112,9 @@ approval_mode = "approve"
[mcp_servers.playwright.tools.browser_select_option] [mcp_servers.playwright.tools.browser_select_option]
approval_mode = "approve" approval_mode = "approve"
[mcp_servers.playwright.tools.browser_evaluate]
approval_mode = "approve"
[mcp_servers.slack] [mcp_servers.slack]
command = "/Users/jetpac/.codex-sso/bin/slack-mcp-wrapper" command = "/Users/jetpac/.codex-sso/bin/slack-mcp-wrapper"
startup_timeout_sec = 60.0 startup_timeout_sec = 60.0
@@ -997,6 +1002,9 @@ trust_level = "trusted"
[projects."/Users/jetpac/Documents/org"] [projects."/Users/jetpac/Documents/org"]
trust_level = "trusted" trust_level = "trusted"
[projects."/Users/jetpac/Documents/akidr-ips"]
trust_level = "trusted"
[marketplaces.openai-bundled] [marketplaces.openai-bundled]
last_updated = "2026-05-28T10:46:49Z" last_updated = "2026-05-28T10:46:49Z"
source_type = "local" source_type = "local"

8
.codex/config.toml
View File

@@ -134,9 +134,10 @@ SLACK_MCP_ENABLE_WRITES = "true"
# Slack write allowlist: @pnyc self-DM (D7PT0SXMK), @pzahradn DM (D9CF41WHG), # Slack write allowlist: @pnyc self-DM (D7PT0SXMK), @pzahradn DM (D9CF41WHG),
# @jahorak DM (DFYAKGQFL), # @jahorak DM (DFYAKGQFL),
# Kavya Nair DM (D08G5NZAN2C), Jacob Paul DM (D090RLVUCUV), # Kavya Nair DM (D08G5NZAN2C), Jacob Paul DM (D090RLVUCUV),
# Owen Roberts DM (DEPU4A2QM), C0A71SCTQRM for Codex Slack MCP setup instructions, # Owen Roberts DM (DEPU4A2QM), Colin Kavanagh DM (D02CNJ53H8X),
# C0A71SCTQRM for Codex Slack MCP setup instructions,
# and C05RJJ18EAF for corparch-core-srv replies. # and C05RJJ18EAF for corparch-core-srv replies.
SLACK_MCP_WRITE_CHANNEL_ALLOWLIST = "D7PT0SXMK,D9CF41WHG,DFYAKGQFL,D08G5NZAN2C,D090RLVUCUV,DEPU4A2QM,C0A71SCTQRM,C05RJJ18EAF" SLACK_MCP_WRITE_CHANNEL_ALLOWLIST = "D7PT0SXMK,D9CF41WHG,DFYAKGQFL,D08G5NZAN2C,D090RLVUCUV,DEPU4A2QM,D02CNJ53H8X,C0A71SCTQRM,C05RJJ18EAF"
[mcp_servers.slack.tools.conversations_add_message] [mcp_servers.slack.tools.conversations_add_message]
approval_mode = "approve" approval_mode = "approve"
@@ -988,6 +989,9 @@ trust_level = "trusted"
[projects."/Users/jetpac/.codex-sso"] [projects."/Users/jetpac/.codex-sso"]
trust_level = "trusted" trust_level = "trusted"
[projects."/Users/jetpac/.codex-sso-test"]
trust_level = "trusted"
[marketplaces.openai-bundled] [marketplaces.openai-bundled]
last_updated = "2026-05-28T10:46:49Z" last_updated = "2026-05-28T10:46:49Z"
source_type = "local" source_type = "local"

62
bin/codex-wrapper.sh
View File

@@ -12,6 +12,7 @@ CODEX_WRAPPER_DEFAULT_CODEX_PROFILE="${CODEX_WRAPPER_DEFAULT_CODEX_PROFILE:-gpt-
CODEX_WRAPPER_AUTH_ENV_FILE="" CODEX_WRAPPER_AUTH_ENV_FILE=""
CODEX_WRAPPER_DEDICATED_AGENT_PID="" CODEX_WRAPPER_DEDICATED_AGENT_PID=""
CODEX_WRAPPER_DEDICATED_AGENT_SOCK="" CODEX_WRAPPER_DEDICATED_AGENT_SOCK=""
OCI_AUTH_CALLBACK_PORT="${OCI_AUTH_CALLBACK_PORT:-8181}"
log() { log() {
print -u2 -- "$@" print -u2 -- "$@"
@@ -142,13 +143,70 @@ should_refresh_confluence_cookies() {
confluence_selected confluence_selected
} }
terminate_stale_oci_auth_listener() {
local port="${1:-${OCI_AUTH_CALLBACK_PORT}}" pid cmd attempt
local -a terminated_pids=()
if ! command -v lsof >/dev/null 2>&1 || ! command -v ps >/dev/null 2>&1; then
return 1
fi
while IFS= read -r pid || [[ -n "${pid}" ]]; do
[[ -n "${pid}" ]] || continue
cmd="$(ps -p "${pid}" -o command= 2>/dev/null || true)"
if [[ "${cmd}" == *"oci session authenticate"* ]]; then
log "MCP Gateway auth preflight: terminating stale OCI session authenticate listener on port ${port} (pid ${pid})."
kill "${pid}" >/dev/null 2>&1 || true
terminated_pids+=("${pid}")
fi
done < <(lsof -nP -t -iTCP:"${port}" -sTCP:LISTEN 2>/dev/null || true)
if [[ ${#terminated_pids[@]} -eq 0 ]]; then
return 1
fi
for pid in "${terminated_pids[@]}"; do
for attempt in {1..10}; do
if ! kill -0 "${pid}" >/dev/null 2>&1; then
break
fi
sleep 0.2
done
if kill -0 "${pid}" >/dev/null 2>&1; then
log "MCP Gateway auth preflight: OCI auth listener pid ${pid} did not exit; sending SIGKILL."
kill -KILL "${pid}" >/dev/null 2>&1 || true
fi
done
return 0
}
run_mcpgw_required() { run_mcpgw_required() {
local mcpgw_bin="$1" local mcpgw_bin="$1"
shift shift
local output rc
log "MCP Gateway auth preflight: mcpgw $*" log "MCP Gateway auth preflight: mcpgw $*"
"${mcpgw_bin}" "$@" 2>&1 | sanitize_mcpgw_output
local rc="${pipestatus[1]}" set +e
output="$("${mcpgw_bin}" "$@" 2>&1)"
rc=$?
set -e
printf '%s\n' "${output}" | sanitize_mcpgw_output
if [[ ${rc} -ne 0 && "$*" == "refresh" && "${output}" == *"port ${OCI_AUTH_CALLBACK_PORT} is already in use"* ]]; then
if terminate_stale_oci_auth_listener "${OCI_AUTH_CALLBACK_PORT}"; then
log "MCP Gateway auth preflight: retrying mcpgw refresh after clearing stale OCI auth listener."
set +e
output="$("${mcpgw_bin}" "$@" 2>&1)"
rc=$?
set -e
printf '%s\n' "${output}" | sanitize_mcpgw_output
fi
fi
if [[ ${rc} -ne 0 ]]; then if [[ ${rc} -ne 0 ]]; then
log "MCP Gateway auth preflight failed: mcpgw $* exited with ${rc}." log "MCP Gateway auth preflight failed: mcpgw $* exited with ${rc}."