Pin agent identities to ChatGPT users

adrian-openai · adrian-openai · commit 616d25cb0b9e · 2026-04-13T21:53:58.000-07:00
diff --git a/codex-rs/core/src/agent_identity.rs b/codex-rs/core/src/agent_identity.rs
@@ -331,7 +331,7 @@ impl StoredAgentIdentity {
         Ok(Self {
             binding_id: binding.binding_id.clone(),
             chatgpt_account_id: binding.chatgpt_account_id.clone(),
-            chatgpt_user_id: binding.chatgpt_user_id.clone(),
+            chatgpt_user_id: record.chatgpt_user_id,
             agent_runtime_id: record.agent_runtime_id,
             private_key_pkcs8_base64: record.agent_private_key,
             public_key_ssh: encode_ssh_ed25519_public_key(&signing_key.verifying_key()),
@@ -343,6 +343,7 @@ impl StoredAgentIdentity {
     fn to_auth_record(&self) -> AgentIdentityAuthRecord {
         AgentIdentityAuthRecord {
             workspace_id: self.chatgpt_account_id.clone(),
+            chatgpt_user_id: self.chatgpt_user_id.clone(),
             agent_runtime_id: self.agent_runtime_id.clone(),
             agent_private_key: self.private_key_pkcs8_base64.clone(),
             registered_at: self.registered_at.clone(),
@@ -589,6 +590,7 @@ mod tests {
             AgentIdentityBinding::from_auth(&auth, /*forced_workspace_id*/ None).expect("binding");
         auth.set_agent_identity(AgentIdentityAuthRecord {
             workspace_id: "account-123".to_string(),
+            chatgpt_user_id: Some("user-123".to_string()),
             agent_runtime_id: "agent_invalid".to_string(),
             agent_private_key: "not-valid-base64".to_string(),
             registered_at: "2026-01-01T00:00:00Z".to_string(),
@@ -608,6 +610,55 @@ mod tests {
         assert_eq!(persisted.agent_runtime_id, "agent_456");
     }
 
+    #[tokio::test]
+    async fn ensure_registered_identity_deletes_different_user_identity_and_reregisters() {
+        let server = MockServer::start().await;
+        let chatgpt_base_url = server.uri();
+        mount_human_biscuit(&server, &chatgpt_base_url).await;
+        Mock::given(method("POST"))
+            .and(path("/v1/agent/register"))
+            .and(header("x-openai-authorization", "human-biscuit"))
+            .respond_with(ResponseTemplate::new(200).set_body_json(serde_json::json!({
+                "agent_runtime_id": "agent_new",
+            })))
+            .expect(1)
+            .mount(&server)
+            .await;
+
+        let auth = make_chatgpt_auth("account-123", Some("user-new"));
+        let stale_key = generate_agent_key_material().expect("key material");
+        auth.set_agent_identity(AgentIdentityAuthRecord {
+            workspace_id: "account-123".to_string(),
+            chatgpt_user_id: Some("user-old".to_string()),
+            agent_runtime_id: "agent_old".to_string(),
+            agent_private_key: stale_key.private_key_pkcs8_base64,
+            registered_at: "2026-01-01T00:00:00Z".to_string(),
+        })
+        .expect("seed stale identity");
+
+        let auth_manager = AuthManager::from_auth_for_testing(auth.clone());
+        let manager = AgentIdentityManager::new_for_tests(
+            auth_manager,
+            /*feature_enabled*/ true,
+            chatgpt_base_url,
+            SessionSource::Cli,
+        );
+
+        let stored = manager
+            .ensure_registered_identity()
+            .await
+            .unwrap()
+            .expect("identity should be registered");
+
+        assert_eq!(stored.agent_runtime_id, "agent_new");
+        assert_eq!(stored.chatgpt_user_id.as_deref(), Some("user-new"));
+        let persisted = auth
+            .get_agent_identity("account-123")
+            .expect("stored identity");
+        assert_eq!(persisted.agent_runtime_id, "agent_new");
+        assert_eq!(persisted.chatgpt_user_id.as_deref(), Some("user-new"));
+    }
+
     #[tokio::test]
     async fn ensure_registered_identity_uses_chatgpt_base_url() {
         let server = MockServer::start().await;
diff --git a/codex-rs/login/src/auth/auth_tests.rs b/codex-rs/login/src/auth/auth_tests.rs
@@ -206,6 +206,7 @@ fn chatgpt_auth_persists_agent_identity_for_workspace() {
     .expect("auth available");
     let record = AgentIdentityAuthRecord {
         workspace_id: "account-123".to_string(),
+        chatgpt_user_id: Some("user-123".to_string()),
         agent_runtime_id: "agent_123".to_string(),
         agent_private_key: "pkcs8-base64".to_string(),
         registered_at: "2026-04-13T12:00:00Z".to_string(),
diff --git a/codex-rs/login/src/auth/storage.rs b/codex-rs/login/src/auth/storage.rs
@@ -47,6 +47,8 @@ pub struct AuthDotJson {
 #[derive(Deserialize, Serialize, Clone, Debug, PartialEq, Eq)]
 pub struct AgentIdentityAuthRecord {
     pub workspace_id: String,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub chatgpt_user_id: Option<String>,
     pub agent_runtime_id: String,
     pub agent_private_key: String,
     pub registered_at: String,
diff --git a/codex-rs/login/src/auth/storage_tests.rs b/codex-rs/login/src/auth/storage_tests.rs
@@ -65,6 +65,7 @@ async fn file_storage_persists_agent_identity() -> anyhow::Result<()> {
         last_refresh: Some(Utc::now()),
         agent_identity: Some(AgentIdentityAuthRecord {
             workspace_id: "account-123".to_string(),
+            chatgpt_user_id: Some("user-123".to_string()),
             agent_runtime_id: "agent_123".to_string(),
             agent_private_key: "pkcs8-base64".to_string(),
             registered_at: "2026-04-13T12:00:00Z".to_string(),
