fix(codex): classify known upstream failures

Normalize Codex context, thinking-signature, previous-response, and auth failures to explicit error codes: context_too_large, thinking_signature_invalid, previous_response_not_found, auth_unavailable. Refs #2596.
2026-04-24 17:13:23 +02:00
parent f1ba6151a9
commit 4056c2590b
2 changed files with 136 additions and 0 deletions
@@ -1,6 +1,7 @@
 package executor

 import (
+	"encoding/json"
 	"net/http"
 	"strconv"
 	"testing"
@@ -73,6 +74,94 @@ func TestNewCodexStatusErrTreatsCapacityAsRetryableRateLimit(t *testing.T) {
 	}
 }

+func TestNewCodexStatusErrClassifiesKnownCodexFailures(t *testing.T) {
+	tests := []struct {
+		name       string
+		statusCode int
+		body       []byte
+		wantStatus int
+		wantType   string
+		wantCode   string
+	}{
+		{
+			name:       "context length status",
+			statusCode: http.StatusRequestEntityTooLarge,
+			body:       []byte(`{"error":{"message":"context length exceeded","type":"invalid_request_error","code":"context_length_exceeded"}}`),
+			wantStatus: http.StatusRequestEntityTooLarge,
+			wantType:   "invalid_request_error",
+			wantCode:   "context_too_large",
+		},
+		{
+			name:       "thinking signature",
+			statusCode: http.StatusBadRequest,
+			body:       []byte(`{"error":{"message":"Invalid signature in thinking block","type":"invalid_request_error","code":"invalid_request_error"}}`),
+			wantStatus: http.StatusBadRequest,
+			wantType:   "invalid_request_error",
+			wantCode:   "thinking_signature_invalid",
+		},
+		{
+			name:       "previous response missing",
+			statusCode: http.StatusBadRequest,
+			body:       []byte(`{"error":{"message":"No response found for previous_response_id resp_123","type":"invalid_request_error","code":"previous_response_not_found"}}`),
+			wantStatus: http.StatusBadRequest,
+			wantType:   "invalid_request_error",
+			wantCode:   "previous_response_not_found",
+		},
+		{
+			name:       "auth unavailable",
+			statusCode: http.StatusUnauthorized,
+			body:       []byte(`{"error":{"message":"invalid or expired token","type":"authentication_error","code":"invalid_api_key"}}`),
+			wantStatus: http.StatusUnauthorized,
+			wantType:   "authentication_error",
+			wantCode:   "auth_unavailable",
+		},
+	}
+
+	for _, tc := range tests {
+		t.Run(tc.name, func(t *testing.T) {
+			err := newCodexStatusErr(tc.statusCode, tc.body)
+
+			if got := err.StatusCode(); got != tc.wantStatus {
+				t.Fatalf("status code = %d, want %d", got, tc.wantStatus)
+			}
+			assertCodexErrorCode(t, err.Error(), tc.wantType, tc.wantCode)
+		})
+	}
+}
+
+func TestNewCodexStatusErrPreservesUnclassifiedErrors(t *testing.T) {
+	body := []byte(`{"error":{"message":"documentation mentions too many tokens, but this is a billing configuration failure","type":"server_error","code":"billing_config_error"}}`)
+
+	err := newCodexStatusErr(http.StatusBadGateway, body)
+
+	if got := err.StatusCode(); got != http.StatusBadGateway {
+		t.Fatalf("status code = %d, want %d", got, http.StatusBadGateway)
+	}
+	if got := err.Error(); got != string(body) {
+		t.Fatalf("error body = %s, want original %s", got, string(body))
+	}
+}
+
+func assertCodexErrorCode(t *testing.T, raw string, wantType string, wantCode string) {
+	t.Helper()
+
+	var payload struct {
+		Error struct {
+			Type string `json:"type"`
+			Code string `json:"code"`
+		} `json:"error"`
+	}
+	if err := json.Unmarshal([]byte(raw), &payload); err != nil {
+		t.Fatalf("error body is not valid JSON: %v; body=%s", err, raw)
+	}
+	if payload.Error.Type != wantType {
+		t.Fatalf("error.type = %q, want %q; body=%s", payload.Error.Type, wantType, raw)
+	}
+	if payload.Error.Code != wantCode {
+		t.Fatalf("error.code = %q, want %q; body=%s", payload.Error.Code, wantCode, raw)
+	}
+}
+
 func itoa(v int64) string {
 	return strconv.FormatInt(v, 10)
 }