Problem
A live Homeboy/WP Codebox/Codex smoke succeeded only after mapping OpenCode's local OpenAI OAuth auth into the environment variables expected by ai-provider-for-openai Codex support:
AI_PROVIDER_OPENAI_CODEX_ACCESS_TOKENAI_PROVIDER_OPENAI_CODEX_REFRESH_TOKENAI_PROVIDER_OPENAI_CODEX_EXPIRES_ATAI_PROVIDER_OPENAI_CODEX_ACCOUNT_IDAI_PROVIDER_OPENAI_CODEX_FEDRAMP
Today that mapping was done manually in the shell. It needs a managed integration path.
Ownership
wp-coding-agents should own runtime-specific auth/env guidance because it installs and knows OpenCode/Kimaki/Homeboy runtime integration details. Homeboy core should not know OpenCode auth file formats.
Goal
Provide a safe, documented way for Homeboy Codebox provider runs to inherit Codex OAuth env from local OpenCode auth when the user has authenticated OpenCode with OpenAI/Codex.
Requirements
- Do not print token values.
- Do not write tokens into recipe files, AGENTS.md, logs, or committed config.
- Validate presence before dispatch and report missing fields clearly.
- Prefer an integration helper or env-preparation hook over ad-hoc shell snippets.
- Document how the mapping works and how users can opt in/out.
Acceptance criteria
- A Homeboy Codebox Codex run can receive
AI_PROVIDER_OPENAI_CODEX_* from OpenCode auth without manual shell mapping.
- Tests prove redacted presence/absence handling.
- Docs explain the env names and secrecy boundary.
- The integration is runtime-specific and does not require Homeboy core to parse OpenCode auth files.
Evidence
Manual mapping succeeded in a live smoke: Codex responded inside WP Codebox with the Playground site title and active theme.
Related:
Problem
A live Homeboy/WP Codebox/Codex smoke succeeded only after mapping OpenCode's local OpenAI OAuth auth into the environment variables expected by
ai-provider-for-openaiCodex support:AI_PROVIDER_OPENAI_CODEX_ACCESS_TOKENAI_PROVIDER_OPENAI_CODEX_REFRESH_TOKENAI_PROVIDER_OPENAI_CODEX_EXPIRES_ATAI_PROVIDER_OPENAI_CODEX_ACCOUNT_IDAI_PROVIDER_OPENAI_CODEX_FEDRAMPToday that mapping was done manually in the shell. It needs a managed integration path.
Ownership
wp-coding-agents should own runtime-specific auth/env guidance because it installs and knows OpenCode/Kimaki/Homeboy runtime integration details. Homeboy core should not know OpenCode auth file formats.
Goal
Provide a safe, documented way for Homeboy Codebox provider runs to inherit Codex OAuth env from local OpenCode auth when the user has authenticated OpenCode with OpenAI/Codex.
Requirements
Acceptance criteria
AI_PROVIDER_OPENAI_CODEX_*from OpenCode auth without manual shell mapping.Evidence
Manual mapping succeeded in a live smoke: Codex responded inside WP Codebox with the Playground site title and active theme.
Related: