Skip to content

[codex] Omit resource from CLI authorize URL#6

Merged
tiankaima merged 1 commit into
mainfrom
codex/omit-authorize-resource
Jul 1, 2026
Merged

[codex] Omit resource from CLI authorize URL#6
tiankaima merged 1 commit into
mainfrom
codex/omit-authorize-resource

Conversation

@tiankaima

Copy link
Copy Markdown
Member

Summary

  • Stop sending the OAuth resource parameter on the browser authorization redirect.
  • Keep sending resource during token exchange and refresh, where the server supports audience-bound JWT issuance.

Root Cause

The authorization endpoint does not advertise or preserve resource on the consent-page round trip. Keeping the browser URL to standard authorization parameters makes CLI login more tolerant while preserving resource-bound token requests at the token endpoint.

Validation

  • go test ./...
  • Rebuilt ./life-ustc and confirmed the authorization URL no longer includes resource.

@tiankaima
tiankaima marked this pull request as ready for review July 1, 2026 06:53
@tiankaima
tiankaima merged commit 854b7d0 into main Jul 1, 2026
2 checks passed
@tiankaima
tiankaima deleted the codex/omit-authorize-resource branch July 1, 2026 06:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant