2025-09-10 17:03:35 -07:00
|
|
|
use std::time::Duration;
|
|
|
|
|
|
|
|
|
|
use anyhow::Context;
|
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471)
This is a very large PR with some non-backwards-compatible changes.
Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish
server that had two overlapping responsibilities:
- Running an MCP server, providing some basic tool calls.
- Running the app server used to power experiences such as the VS Code
extension.
This PR aims to separate these into distinct concepts:
- `codex mcp-server` for the MCP server
- `codex app-server` for the "application server"
Note `codex mcp` still exists because it already has its own subcommands
for MCP management (`list`, `add`, etc.)
The MCP logic continues to live in `codex-rs/mcp-server` whereas the
refactored app server logic is in the new `codex-rs/app-server` folder.
Note that most of the existing integration tests in
`codex-rs/mcp-server/tests/suite` were actually for the app server, so
all the tests have been moved with the exception of
`codex-rs/mcp-server/tests/suite/mod.rs`.
Because this is already a large diff, I tried not to change more than I
had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses
the name `McpProcess` for now, but I will do some mechanical renamings
to things like `AppServer` in subsequent PRs.
While `mcp-server` and `app-server` share some overlapping functionality
(like reading streams of JSONL and dispatching based on message types)
and some differences (completely different message types), I ended up
doing a bit of copypasta between the two crates, as both have somewhat
similar `message_processor.rs` and `outgoing_message.rs` files for now,
though I expect them to diverge more in the near future.
One material change is that of the initialize handshake for `codex
app-server`, as we no longer use the MCP types for that handshake.
Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an
`Initialize` variant to `ClientRequest`, which takes the `ClientInfo`
object we need to update the `USER_AGENT_SUFFIX` in
`codex-rs/app-server/src/message_processor.rs`.
One other material change is in
`codex-rs/app-server/src/codex_message_processor.rs` where I eliminated
a use of the `send_event_as_notification()` method I am generally trying
to deprecate (because it blindly maps an `EventMsg` into a
`JSONNotification`) in favor of `send_server_notification()`, which
takes a `ServerNotification`, as that is intended to be a custom enum of
all notification types supported by the app server. So to make this
update, I had to introduce a new variant of `ServerNotification`,
`SessionConfigured`, which is a non-backwards compatible change with the
old `codex mcp`, and clients will have to be updated after the next
release that contains this PR. Note that
`codex-rs/app-server/tests/suite/list_resume.rs` also had to be update
to reflect this change.
I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility
crate to avoid some of the copying between `mcp-server` and
`app-server`.
2025-09-30 00:06:18 -07:00
|
|
|
use app_test_support::McpProcess;
|
|
|
|
|
use app_test_support::to_response;
|
2025-09-10 17:03:35 -07:00
|
|
|
use base64::Engine;
|
|
|
|
|
use base64::engine::general_purpose::URL_SAFE_NO_PAD;
|
fix: remove mcp-types from app server protocol (#4537)
We continue the separation between `codex app-server` and `codex
mcp-server`.
In particular, we introduce a new crate, `codex-app-server-protocol`,
and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it
`codex-rs/app-server-protocol/src/protocol.rs`.
Because `ConversationId` was defined in `mcp_protocol.rs`, we move it
into its own file, `codex-rs/protocol/src/conversation_id.rs`, and
because it is referenced in a ton of places, we have to touch a lot of
files as part of this PR.
We also decide to get away from proper JSON-RPC 2.0 semantics, so we
also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which
is basically the same `JSONRPCMessage` type defined in `mcp-types`
except with all of the `"jsonrpc": "2.0"` removed.
Getting rid of `"jsonrpc": "2.0"` makes our serialization logic
considerably simpler, as we can lean heavier on serde to serialize
directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
|
|
|
use codex_app_server_protocol::JSONRPCResponse;
|
|
|
|
|
use codex_app_server_protocol::RequestId;
|
|
|
|
|
use codex_app_server_protocol::UserInfoResponse;
|
2025-09-10 17:03:35 -07:00
|
|
|
use codex_core::auth::AuthDotJson;
|
|
|
|
|
use codex_core::auth::get_auth_file;
|
|
|
|
|
use codex_core::auth::write_auth_json;
|
|
|
|
|
use codex_core::token_data::IdTokenInfo;
|
|
|
|
|
use codex_core::token_data::TokenData;
|
|
|
|
|
use pretty_assertions::assert_eq;
|
|
|
|
|
use serde_json::json;
|
|
|
|
|
use tempfile::TempDir;
|
|
|
|
|
use tokio::time::timeout;
|
|
|
|
|
|
|
|
|
|
const DEFAULT_READ_TIMEOUT: Duration = Duration::from_secs(10);
|
|
|
|
|
|
|
|
|
|
#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
|
|
|
|
|
async fn user_info_returns_email_from_auth_json() {
|
|
|
|
|
let codex_home = TempDir::new().expect("create tempdir");
|
|
|
|
|
|
|
|
|
|
let auth_path = get_auth_file(codex_home.path());
|
|
|
|
|
let mut id_token = IdTokenInfo::default();
|
|
|
|
|
id_token.email = Some("user@example.com".to_string());
|
|
|
|
|
id_token.raw_jwt = encode_id_token_with_email("user@example.com").expect("encode id token");
|
|
|
|
|
|
|
|
|
|
let auth = AuthDotJson {
|
|
|
|
|
openai_api_key: None,
|
|
|
|
|
tokens: Some(TokenData {
|
|
|
|
|
id_token,
|
|
|
|
|
access_token: "access".to_string(),
|
|
|
|
|
refresh_token: "refresh".to_string(),
|
|
|
|
|
account_id: None,
|
|
|
|
|
}),
|
|
|
|
|
last_refresh: None,
|
|
|
|
|
};
|
|
|
|
|
write_auth_json(&auth_path, &auth).expect("write auth.json");
|
|
|
|
|
|
|
|
|
|
let mut mcp = McpProcess::new(codex_home.path())
|
|
|
|
|
.await
|
|
|
|
|
.expect("spawn mcp process");
|
|
|
|
|
timeout(DEFAULT_READ_TIMEOUT, mcp.initialize())
|
|
|
|
|
.await
|
|
|
|
|
.expect("initialize timeout")
|
|
|
|
|
.expect("initialize request");
|
|
|
|
|
|
|
|
|
|
let request_id = mcp.send_user_info_request().await.expect("send userInfo");
|
|
|
|
|
let response: JSONRPCResponse = timeout(
|
|
|
|
|
DEFAULT_READ_TIMEOUT,
|
|
|
|
|
mcp.read_stream_until_response_message(RequestId::Integer(request_id)),
|
|
|
|
|
)
|
|
|
|
|
.await
|
|
|
|
|
.expect("userInfo timeout")
|
|
|
|
|
.expect("userInfo response");
|
|
|
|
|
|
|
|
|
|
let received: UserInfoResponse = to_response(response).expect("deserialize userInfo response");
|
|
|
|
|
let expected = UserInfoResponse {
|
|
|
|
|
alleged_user_email: Some("user@example.com".to_string()),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
assert_eq!(received, expected);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn encode_id_token_with_email(email: &str) -> anyhow::Result<String> {
|
|
|
|
|
let header_b64 = URL_SAFE_NO_PAD.encode(
|
|
|
|
|
serde_json::to_vec(&json!({ "alg": "none", "typ": "JWT" }))
|
|
|
|
|
.context("serialize jwt header")?,
|
|
|
|
|
);
|
|
|
|
|
let payload =
|
|
|
|
|
serde_json::to_vec(&json!({ "email": email })).context("serialize jwt payload")?;
|
|
|
|
|
let payload_b64 = URL_SAFE_NO_PAD.encode(payload);
|
|
|
|
|
Ok(format!("{header_b64}.{payload_b64}.signature"))
|
|
|
|
|
}
|