← 返回 Skills 市场

Codex Auth Session Refresh

Name: Codex Auth Session Refresh
Author: zcz-user

作者 zcz-user · GitHub ↗ · v1.0.3 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install codex-auth-session

功能描述

🧩 Codex Skill — Refresh your Codex CLI auth.json from a local ChatGPT web session. Essential for Codex users behind firewalls, in WSL/containers, or on remo...

使用说明 (SKILL.md)

🧩 Codex Skill: Codex Auth Session Refresh

This is an OpenClaw skill for Codex CLI. It provides Windows tooling to refresh Codex's auth.json with a fresh ChatGPT session token.

適用於 Codex · For Codex CLI users

🎯 Who Is This For?

Codex CLI users who are stuck with any of these:

😤 Pain	💥 Why it sucks
Codex OAuth won't complete	Proxies, WSL, containers — browser never opens
OpenAI 2FA every time	Token expires every few hours
Forced to use API proxies	Can't get official auth working, settle for third-party
Token dies mid-session	Lose context, workflow destroyed

What This Does

Extracts a fresh access_token from your existing ChatGPT browser session and writes it directly to Codex's ~/.codex/auth.json. No reverse engineering. No MITM. No API abuse.

适用于 Codex CLI！Codex 走不了 OAuth 时的救星。

Quick Install (on Windows)

git clone https://github.com/zcz-user/codex-auth-session-refresh.git
cd codex-auth-session-refresh
npm install
.\login-profile.ps1        # Login ChatGPT → press Enter
.\status.ps1               # Check Codex auth state

Then Codex will see the fresh token in ~/.codex/auth.json.

Installation via ClawHub

clawhub install codex-auth-session

Commands (for Codex auth management)

Command	What it does
`login-profile.ps1`	First login / re-login into ChatGPT (for Codex)
`run-refresh.ps1`	Refresh Codex's access token now
`status.ps1`	Check Codex auth.json status
`install-scheduled-task.ps1`	Auto-refresh Codex auth every N hours
`create-desktop-toolbox.ps1`	Desktop shortcuts for Codex auth management

How It Works

You (browser login to ChatGPT)
        │
        ▼
Playwright → chatgpt.com/api/auth/session → accessToken
                                                  │
                                                  ▼
                                        ~/.codex/auth.json
                                        (backup created before update)
                                                  │
                                                  ▼
                                  Windows Scheduled Task
                                  (auto-refresh, so Codex never loses auth)

Security

Token values are never logged — delete safe.token before write
auth.json backed up with timestamp before every update
All sensitive paths excluded via .gitignore

Requirements

OS: Windows 10/11
Runtime: Node.js 18+
Browser: Chrome or Microsoft Edge
Target: Codex CLI by OpenAI

安全使用建议

Install only if you deliberately want Codex authentication refreshed from an existing ChatGPT browser session. Treat the browser profile and ~/.codex/auth.json as sensitive credentials, use a dedicated trusted machine or profile, avoid shared systems and backups that copy these files, review any scheduled-task setup before enabling it, and know how to revoke the session if the files are exposed.

能力标签

cryptorequires-oauth-tokenrequires-sensitive-credentials

能力评估

⚠ Purpose & Capability

The core capability is extracting a ChatGPT browser-session access token and writing it into Codex auth storage. That is purpose-aligned for an auth-refresh helper, but it is sensitive bearer-token handling with account-access implications.

⚠ Instruction Scope

The artifacts describe token extraction, auth.json writes, and optional scheduled refresh, but the supplied evidence shows limited explicit warning, confirmation, or tight scoping before credential capture and persistence.

ℹ Install Mechanism

The documented commands and scripts are visible and include management utilities such as login, refresh, status, desktop shortcuts, and scheduled-task setup; no hidden installer or obfuscation is evidenced.

⚠ Credentials

Using a reusable browser profile/session and copying token material into ~/.codex/auth.json broadens credential exposure on the local machine. That may be acceptable for the stated workflow only on a trusted, single-user system with protected files.

⚠ Persistence & Privilege

The skill can persist sensitive auth material and optionally install an automatic refresh task. Backups help reversibility, but scheduled refresh keeps credentials continuously available on disk.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install codex-auth-session
安装完成后，直接呼叫该 Skill 的名称或使用 /codex-auth-session 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.3

Add phone verification pain point — key for Chinese users without overseas phone numbers

v1.0.2

Rewrite SKILL.md with pain-point-driven messaging for Codex users

v1.0.1

Mark as Codex Skill — add 適用於Codex markers, emphasize Codex CLI usage scenario

v1.0.0

Initial release: Playwright-based session extraction, Windows Scheduled Task auto-refresh, desktop toolbox, token-masked logging

元数据

Slug codex-auth-session

版本 1.0.3

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 4

常见问题