Claude Code + Codex

基于开源的 Claude Code 源码还原项目，在原有 CLI 能力上加入了 OpenAI Codex 的登录、鉴权和模型调用支持。
Based on the open-source-restored Claude Code codebase, this project adds OpenAI Codex login, authentication, and model invocation support on top of the original CLI.

Warning

本仓库为研究与学习用途的非官方版本。原始 Claude Code 相关版权归 Anthropic 所有；新增的 Codex 集成仅用于展示如何把 OpenAI OAuth / 模型调用接入到现有 CLI 框架中。
This repository is an unofficial project for research and learning. Claude Code related original rights belong to Anthropic; the added Codex integration is only for demonstrating how OpenAI OAuth and model calls can be integrated into an existing CLI framework.

---

这个项目做了什么 / What this project does

• 保留 Claude Code 原有的交互式 CLI、工具调用和会话管理能力
  Keeps the original interactive CLI, tool-calling workflow, and session management from Claude Code.
• 新增 OpenAI Codex 登录流程
  Adds an OpenAI Codex login flow.
• 将 Codex 的 OAuth 凭证持久化到本地安全存储
  Persists Codex OAuth credentials into local secure storage.
• 在模型层增加 OpenAI provider 路径，让请求可以走 Codex 模型调用
  Adds an OpenAI provider path at the model layer so requests can go through the Codex model pipeline.
• 通过统一的 provider 选择逻辑，切换 Claude / OpenAI 体系
  Uses a unified provider selection mechanism to switch between Claude and OpenAI stacks.

---

快速开始 / Quick start

bun install
bun run dev

需要 Bun 和 Node.js 环境。具体版本以仓库现有脚本要求为准。
Bun and Node.js are required. Use the versions expected by the current project scripts.

---

Codex 功能是怎么接进来的 / How Codex is integrated

1. 登录与凭证保存 / Login and credential storage

Codex 登录入口在 src/services/openaiCodex/oauth.ts。
The Codex login entry point is src/services/openaiCodex/oauth.ts.

登录成功后，代码会把 OAuth 凭证保存到本地 secure storage，使用的 key 是：
After login succeeds, the code stores OAuth credentials in local secure storage under the key:

• openAiCodexOauth

保存、读取、删除都走同一个存储层，避免把登录信息写进源码或仓库文件。
Saving, reading, and deletion all go through the same storage layer, avoiding hardcoded credentials in source files or repository content.

2. 凭证存放在哪里 / Where credentials are stored

存储实现由 src/utils/secureStorage/index.ts 统一选择：
The storage backend is selected centrally in src/utils/secureStorage/index.ts:

• macOS：优先使用 Keychain
  macOS: prefers Keychain
• 其他平台：回退到本地文件存储 ~/.claude/.credentials.json
  Other platforms: falls back to local file storage at ~/.claude/.credentials.json

也就是说，Codex 的登录信息是保存在你本机环境里，而不是提交到仓库里。
In other words, Codex login data stays on your local machine rather than being stored in the repository.

3. 如何发起 Codex 模型调用 / How Codex model calls are made

Codex 的请求链路大致是：
The Codex request flow is roughly:

1. 先从 secure storage 里读取 OAuth 凭证
   Read OAuth credentials from secure storage.
2. 再通过 getOpenAICodexApiKey() 把 OAuth 凭证换成可用于请求的 API key
   Convert OAuth credentials into a usable API key through getOpenAICodexApiKey().
3. 请求层根据 provider 选择走 OpenAI 分支
   Route requests into the OpenAI branch based on the selected provider.
4. 最终调用 @mariozechner/pi-ai 的 complete(...) 发起模型请求
   Finally call complete(...) from @mariozechner/pi-ai to execute the model request.

关键代码在：
Key files involved:

• src/services/openaiCodex/oauth.ts
• src/services/api/openaiCodex.ts
• src/utils/model/providers.ts

4. provider 是怎么切换的 / How provider switching works

src/utils/model/providers.ts 里通过环境变量判断当前 provider：
src/utils/model/providers.ts determines the active provider through environment variables:

• CLAUDE_CODE_USE_OPENAI → openai
• CLAUDE_CODE_USE_BEDROCK → bedrock
• CLAUDE_CODE_USE_VERTEX → vertex
• CLAUDE_CODE_USE_FOUNDRY → foundry

当 provider 选择为 openai 时，请求会进入 Codex/OpenAI 的模型调用路径。
When the provider is openai, requests enter the Codex/OpenAI model call path.

5. 使用的模型 / Models used

Codex 侧默认模型定义在：
The default Codex-side model configuration is defined in:

• src/utils/model/openaiCodex.ts

当前默认值是 gpt-5.4，并支持按配置切换其他模型。
The current default is gpt-5.4, with support for switching to other models through configuration.

---

核心实现文件 / Core implementation files

• src/services/openaiCodex/oauth.ts：Codex OAuth、凭证持久化、API key 生成
  Codex OAuth, credential persistence, and API key generation
• src/services/api/openaiCodex.ts：Codex 请求构造与模型调用
  Codex request construction and model invocation
• src/utils/model/providers.ts：provider 选择逻辑
  Provider selection logic
• src/utils/model/openaiCodex.ts：Codex 模型定义
  Codex model definitions
• src/utils/secureStorage/：凭证安全存储实现
  Secure credential storage implementation
• src/cli/handlers/auth.ts：CLI 登录入口
  CLI login entry
• src/components/ConsoleOAuthFlow.tsx：界面侧登录流程
  UI-side login flow

---

安全说明 / Security notes

• 登录凭证保存在本地 Keychain 或本地文件，不会自动写入仓库
  Login credentials are stored in local Keychain or local files and are not automatically written into the repository.
• 如果你要开源这个项目，重点检查不要提交：
  If you plan to open-source this project, make sure not to commit:
  • ~/.claude/.credentials.json
  • Keychain 导出内容 / exported Keychain content
  • 日志里的 token / access key / tokens or access keys in logs
  • 任何本地缓存的密钥文件 / any locally cached secret files

---

免责声明 / Disclaimer

这是一个在 Claude Code 基础上做的 Codex 集成示例项目。它用于说明：
This is a Codex integration example built on top of Claude Code. It is meant to show:

• 如何把 OpenAI OAuth 接入现有 CLI
  How to integrate OpenAI OAuth into an existing CLI
• 如何把 Codex 作为一个独立 provider 挂到模型层
  How to attach Codex as an independent provider at the model layer
• 如何在请求层统一处理不同模型供应商
  How to handle multiple model providers through a unified request layer