feat: OAuth auto-refresh, Codex session resume, MCP injection, and secret sanitization

- Add token-refresh module that auto-renews Claude OAuth tokens 30min before expiry
- Fix Codex session loss on service restart by resuming previous sessions
- Inject nanoclaw MCP server into Codex config.toml for send_message/schedule_task
- Sanitize ANTHROPIC_API_KEY and CLAUDE_CODE_OAUTH_TOKEN from Codex subprocess env
This commit is contained in:
Eyejoker
2026-03-12 02:47:24 +09:00
parent 3fd9ce18b5
commit 0515edc93d
4 changed files with 268 additions and 2 deletions

View File

@@ -52,6 +52,7 @@ import {
isSessionCommandAllowed,
} from './session-commands.js';
import { startSchedulerLoop } from './task-scheduler.js';
import { startTokenRefreshLoop, stopTokenRefreshLoop } from './token-refresh.js';
import { Channel, NewMessage, RegisteredGroup } from './types.js';
import { logger } from './logger.js';
@@ -554,6 +555,7 @@ async function main(): Promise<void> {
// Graceful shutdown handlers
const shutdown = async (signal: string) => {
logger.info({ signal }, 'Shutdown signal received');
stopTokenRefreshLoop();
await queue.shutdown(10000);
for (const ch of channels) await ch.disconnect();
process.exit(0);
@@ -613,6 +615,9 @@ async function main(): Promise<void> {
process.exit(1);
}
// Start OAuth token auto-refresh (before subsystems that spawn agents)
startTokenRefreshLoop();
// Start subsystems (independently of connection handler)
startSchedulerLoop({
registeredGroups: () => registeredGroups,