Skip to content

feat(embeddings): add token refresh to CodexOAuthEmbeddings; extract CodexAuthManager#1712

Open
DK09876 wants to merge 3 commits into
mainfrom
fix/codex-oauth-embeddings-refresh
Open

feat(embeddings): add token refresh to CodexOAuthEmbeddings; extract CodexAuthManager#1712
DK09876 wants to merge 3 commits into
mainfrom
fix/codex-oauth-embeddings-refresh

Conversation

@DK09876
Copy link
Copy Markdown
Contributor

@DK09876 DK09876 commented May 22, 2026

Summary

Builds on #1704 (Codex OAuth embeddings) with three improvements:

  • Token refresh for CodexOAuthEmbeddings: the original implementation read the OAuth token once at construction time and never refreshed it. Long-running processes would silently keep using an expired token until the process was restarted. This adds the same proactive (JWT expiry detection) and reactive (401 retry) refresh logic that CodexLLM already has.

  • CodexAuthManager extraction: rather than duplicating the refresh logic, the shared auth management (token loading, JWT decode, staleness check, atomic file persistence, single-flight refresh) is extracted into a new codex_auth.py. Both CodexLLM and CodexOAuthEmbeddings delegate to it. CodexLLM wraps the sync manager via asyncio.to_thread; CodexOAuthEmbeddings calls it directly from encode().

  • openrouter branch missing dimensions: the new HINDSIGHT_API_EMBEDDINGS_OPENAI_DIMENSIONS env var was wired into the openai provider branch but not openrouter, so it was silently ignored. One-line fix.

Test plan

  • 36 unit tests pass (test_codex_oauth_refresh.py, test_embeddings_openai_batch_size.py) including 2 new tests for proactive and reactive refresh in CodexOAuthEmbeddings
  • End-to-end smoke test confirmed against live OpenAI embeddings API: real vectors returned, proactive refresh fires on stale JWT, reactive refresh fires on 401 and retries successfully
  • openrouter dimensions fix covered by updated test_openrouter_provider_uses_configured_batch_size

🤖 Generated with Claude Code

Irgendwer and others added 3 commits May 21, 2026 19:32
feat: support Codex OAuth embeddings
ccf7953 
Add openai-codex embeddings provider using the existing Codex OAuth token, support OpenAI output dimension overrides, and document the 384-dimension configuration path. Also redacts the example Telegram bot token in docs.\n\nTests:\n- uv run pytest tests/test_embeddings_openai_batch_size.py -q\n- uv run pytest tests/test_embeddings_openai_batch_size.py tests/test_custom_embedding_dimension.py tests/test_gemini_embeddings.py tests/test_litellm_sdk_embeddings.py -q\n- HINDSIGHT_API_LLM_PROVIDER=mock HINDSIGHT_API_EMBEDDINGS_PROVIDER=openai-codex HINDSIGHT_API_EMBEDDINGS_OPENAI_MODEL=text-embedding-3-small HINDSIGHT_API_EMBEDDINGS_OPENAI_DIMENSIONS=384 HINDSIGHT_API_EMBEDDINGS_OPENAI_BATCH_SIZE=2 uv run python - <<'PY' ... create_embeddings_from_env/encode smoke
@claude
feat(embeddings): add CodexAuthManager and token refresh to CodexOAut…
0e6b9cb 
…hEmbeddings

Extract Codex OAuth auth management into a shared CodexAuthManager class
(codex_auth.py) used by both CodexLLM and CodexOAuthEmbeddings. This gives
CodexOAuthEmbeddings the same token-refresh capability that CodexLLM already
has: proactive refresh (JWT expiry detection before each encode call) and
reactive refresh (401 retry with rotated token).

Also fix the openrouter branch in create_embeddings_from_env() which was
silently ignoring HINDSIGHT_API_EMBEDDINGS_OPENAI_DIMENSIONS.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude
style: ruff format openai_compatible_llm.py
5ccd020 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@DK09876