feat: OAuth auto-refresh, Codex session resume, MCP injection, and secret sanitization
- Add token-refresh module that auto-renews Claude OAuth tokens 30min before expiry - Fix Codex session loss on service restart by resuming previous sessions - Inject nanoclaw MCP server into Codex config.toml for send_message/schedule_task - Sanitize ANTHROPIC_API_KEY and CLAUDE_CODE_OAUTH_TOKEN from Codex subprocess env
This commit is contained in:
@@ -235,10 +235,16 @@ async function main(): Promise<void> {
|
||||
}
|
||||
|
||||
// Query loop: run codex exec → wait for IPC message → repeat
|
||||
// First exec is a fresh session; subsequent execs resume the last session.
|
||||
let isFirstExec = true;
|
||||
// If we have a previous sessionId, resume instead of starting fresh.
|
||||
// CODEX_HOME is per-group persistent, so `resume --last` picks up the right session.
|
||||
const hasPreviousSession = !!containerInput.sessionId;
|
||||
let isFirstExec = !hasPreviousSession;
|
||||
let turnCount = 0;
|
||||
|
||||
if (hasPreviousSession) {
|
||||
log(`Resuming previous session (sessionId: ${containerInput.sessionId})`);
|
||||
}
|
||||
|
||||
try {
|
||||
while (true) {
|
||||
turnCount++;
|
||||
@@ -252,17 +258,23 @@ async function main(): Promise<void> {
|
||||
const { result, error } = await runCodexExec(prompt, !isFirstExec);
|
||||
isFirstExec = false;
|
||||
|
||||
// Generate a session marker so nanoclaw tracks this codex session.
|
||||
// On next spawn, containerInput.sessionId will be set → resume --last.
|
||||
const sessionId = containerInput.sessionId || `codex-${containerInput.groupFolder}-${Date.now()}`;
|
||||
|
||||
if (error) {
|
||||
log(`Codex error: ${error}`);
|
||||
writeOutput({
|
||||
status: 'error',
|
||||
result: result || null,
|
||||
newSessionId: sessionId,
|
||||
error,
|
||||
});
|
||||
} else {
|
||||
writeOutput({
|
||||
status: 'success',
|
||||
result: result || null,
|
||||
newSessionId: sessionId,
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user