feat: add comprehensive Codex API testing infrastructure

Add complete test coverage for OpenAI Codex integration including API endpoints,
authentication flows, and proxy service functionality.

**Test Infrastructure Added:**
- OpenAI Codex API mocking fixtures with httpx_mock for external HTTP calls
- Codex-specific test clients with credential mocking
- Response format validation helpers for Codex API compliance
- Test data structures for various Codex request scenarios

**API Endpoint Tests:**
- `/codex/responses` endpoint with success and error scenarios
- `/codex/{session_id}/responses` session-based endpoint testing
- Streaming response handling and SSE format compliance
- Request validation for missing/malformed input handling

**Authentication Tests:**
- OpenAI OAuth PKCE flow testing with token management
- Credential storage and retrieval file operations
- JWT token validation and expiration handling
- Error scenarios for authentication failures

**Proxy Service Tests:**
- Request transformation between Codex and OpenAI formats
- Streaming to non-streaming response conversion logic
- Session ID handling and forwarding
- Error propagation and HTTP status code mapping

**Coverage:** 1031 lines across 7 test files providing comprehensive coverage
of Codex functionality including edge cases, error conditions, and integration points.

Author: CaddyGlow

tests/conftest.py

@@ -45,6 +45,7 @@
     "tests.fixtures.claude_sdk.internal_mocks",
     "tests.fixtures.claude_sdk.client_mocks",
     "tests.fixtures.external_apis.anthropic_api",
+    "tests.fixtures.external_apis.openai_codex_api",
 ]
 
 
@@ -964,6 +965,106 @@ def client(app: FastAPI) -> TestClient:
     return TestClient(app)
 
 
+# Codex-specific fixtures following Claude patterns
+
+
+@pytest.fixture
+def mock_openai_credentials(isolated_environment: Path) -> dict[str, Any]:
+    """Mock OpenAI credentials for testing."""
+    import time
+    from datetime import UTC, datetime
+
+    # Set expiration to 1 hour from now (future)
+    future_timestamp = int(time.time()) + 3600
+
+    return {
+        "access_token": "test-openai-access-token-12345",
+        "refresh_token": "test-openai-refresh-token-67890",
+        "expires_at": datetime.fromtimestamp(future_timestamp, UTC),
+        "account_id": "test-account-id",
+    }
+
+
+@pytest.fixture
+def client_with_mock_codex(
+    test_settings: Settings,
+    mock_openai_credentials: dict[str, Any],
+    fastapi_app_factory: "FastAPIAppFactory",
+) -> Generator[TestClient, None, None]:
+    """Test client with mocked Codex service (no auth)."""
+    app = fastapi_app_factory.create_app(
+        settings=test_settings,
+        auth_enabled=False,
+    )
+
+    # Mock OpenAI credentials
+    from unittest.mock import patch
+
+    with patch("ccproxy.auth.openai.OpenAITokenManager.load_credentials") as mock_load:
+        from ccproxy.auth.openai import OpenAICredentials
+
+        mock_load.return_value = OpenAICredentials(**mock_openai_credentials)
+
+        yield TestClient(app)
+
+
+@pytest.fixture
+def client_with_mock_codex_streaming(
+    test_settings: Settings,
+    mock_openai_credentials: dict[str, Any],
+    fastapi_app_factory: "FastAPIAppFactory",
+) -> Generator[TestClient, None, None]:
+    """Test client with mocked Codex streaming service (no auth)."""
+    app = fastapi_app_factory.create_app(
+        settings=test_settings,
+        auth_enabled=False,
+    )
+
+    # Mock OpenAI credentials
+    from unittest.mock import patch
+
+    with patch("ccproxy.auth.openai.OpenAITokenManager.load_credentials") as mock_load:
+        from ccproxy.auth.openai import OpenAICredentials
+
+        mock_load.return_value = OpenAICredentials(**mock_openai_credentials)
+
+        yield TestClient(app)
+
+
+@pytest.fixture
+def codex_responses() -> dict[str, Any]:
+    """Load standard Codex API responses for testing.
+
+    Returns a dictionary of mock Codex API responses.
+    """
+    return {
+        "standard_completion": {
+            "id": "codex_01234567890",
+            "object": "codex.response",
+            "created": 1234567890,
+            "model": "gpt-5",
+            "choices": [
+                {
+                    "index": 0,
+                    "message": {
+                        "role": "assistant",
+                        "content": "Hello! How can I help you with coding today?",
+                    },
+                    "finish_reason": "stop",
+                }
+            ],
+            "usage": {"prompt_tokens": 10, "completion_tokens": 12, "total_tokens": 22},
+        },
+        "error_response": {
+            "error": {
+                "type": "invalid_request_error",
+                "message": "Invalid model specified",
+                "code": "invalid_model",
+            }
+        },
+    }
+
+
 # Test Utilities
 
 

tests/fixtures/external_apis/openai_codex_api.py

@@ -0,0 +1,153 @@
+"""External OpenAI Codex API mocks using httpx_mock.
+
+These fixtures intercept HTTP calls to chatgpt.com/backend-api/codex for testing ProxyService
+and other components that make direct HTTP requests to external APIs.
+"""
+
+from typing import Any
+
+import pytest
+from pytest_httpx import HTTPXMock
+
+
+@pytest.fixture
+def mock_external_openai_codex_api(
+    httpx_mock: HTTPXMock, codex_responses: dict[str, Any]
+) -> HTTPXMock:
+    """Mock OpenAI Codex API responses for standard completion requests.
+
+    This fixture intercepts HTTP calls to chatgpt.com/backend-api/codex and returns
+    mock responses for testing ProxyService and similar components.
+
+    Mocking Strategy: External HTTP interception via httpx_mock
+    Use Case: Testing HTTP calls to chatgpt.com/backend-api/codex
+    HTTP Calls: Intercepted and mocked
+
+    Args:
+        httpx_mock: HTTPXMock fixture for HTTP interception
+        codex_responses: Response data fixture
+
+    Returns:
+        HTTPXMock configured with Codex API responses
+    """
+    httpx_mock.add_response(
+        url="https://chatgpt.com/backend-api/codex/responses",
+        json=codex_responses["standard_completion"],
+        status_code=200,
+        headers={"content-type": "application/json"},
+    )
+    return httpx_mock
+
+
+@pytest.fixture
+def mock_external_openai_codex_api_streaming(httpx_mock: HTTPXMock) -> HTTPXMock:
+    """Mock OpenAI Codex API streaming responses using SSE format.
+
+    This fixture intercepts HTTP calls to chatgpt.com/backend-api/codex for streaming
+    responses and returns SSE-formatted mock data.
+
+    Mocking Strategy: External HTTP interception via httpx_mock
+    Use Case: Testing streaming HTTP calls to Codex API
+    HTTP Calls: Intercepted and mocked with SSE format
+
+    Args:
+        httpx_mock: HTTPXMock fixture for HTTP interception
+
+    Returns:
+        HTTPXMock configured with streaming Codex responses
+    """
+    streaming_response = """data: {"id":"codex_streaming_123","object":"codex.response.chunk","created":1234567890,"model":"gpt-5","choices":[{"index":0,"delta":{"role":"assistant","content":"Hello"},"finish_reason":null}],"usage":null}
+
+data: {"id":"codex_streaming_123","object":"codex.response.chunk","created":1234567890,"model":"gpt-5","choices":[{"index":0,"delta":{"content":" from"},"finish_reason":null}],"usage":null}
+
+data: {"id":"codex_streaming_123","object":"codex.response.chunk","created":1234567890,"model":"gpt-5","choices":[{"index":0,"delta":{"content":" Codex!"},"finish_reason":"stop"}],"usage":{"prompt_tokens":10,"completion_tokens":3,"total_tokens":13}}
+
+data: [DONE]
+
+"""
+
+    httpx_mock.add_response(
+        url="https://chatgpt.com/backend-api/codex/responses",
+        content=streaming_response.encode(),
+        status_code=200,
+        headers={
+            "content-type": "text/event-stream",
+            "cache-control": "no-cache",
+            "connection": "keep-alive",
+        },
+    )
+    return httpx_mock
+
+
+@pytest.fixture
+def mock_external_openai_codex_api_error(httpx_mock: HTTPXMock) -> HTTPXMock:
+    """Mock OpenAI Codex API error responses.
+
+    This fixture intercepts HTTP calls to chatgpt.com/backend-api/codex and returns
+    error responses for testing error handling.
+
+    Mocking Strategy: External HTTP interception via httpx_mock
+    Use Case: Testing error scenarios for Codex API calls
+    HTTP Calls: Intercepted and mocked with error responses
+
+    Args:
+        httpx_mock: HTTPXMock fixture for HTTP interception
+
+    Returns:
+        HTTPXMock configured with Codex error responses
+    """
+    httpx_mock.add_response(
+        url="https://chatgpt.com/backend-api/codex/responses",
+        json={
+            "error": {
+                "type": "invalid_request_error",
+                "message": "Invalid model specified",
+                "code": "invalid_model",
+            }
+        },
+        status_code=400,
+        headers={"content-type": "application/json"},
+    )
+    return httpx_mock
+
+
+@pytest.fixture
+def mock_external_openai_oauth_api(httpx_mock: HTTPXMock) -> HTTPXMock:
+    """Mock OpenAI OAuth API responses for authentication.
+
+    This fixture intercepts HTTP calls to OpenAI's OAuth endpoints for
+    testing authentication flows.
+
+    Mocking Strategy: External HTTP interception via httpx_mock
+    Use Case: Testing OAuth authentication flows
+    HTTP Calls: Intercepted and mocked
+
+    Args:
+        httpx_mock: HTTPXMock fixture for HTTP interception
+
+    Returns:
+        HTTPXMock configured with OAuth responses
+    """
+    # Mock token endpoint
+    httpx_mock.add_response(
+        url="https://auth0.openai.com/oauth/token",
+        json={
+            "access_token": "test-oauth-access-token-12345",
+            "refresh_token": "test-oauth-refresh-token-67890",
+            "token_type": "Bearer",
+            "expires_in": 3600,
+            "scope": "model.request model.read organization.read",
+        },
+        status_code=200,
+        headers={"content-type": "application/json"},
+    )
+
+    # Mock userinfo endpoint
+    httpx_mock.add_response(
+        url="https://auth0.openai.com/userinfo",
+        json={"sub": "test-user-123", "email": "[email protected]", "name": "Test User"},
+        status_code=200,
+        headers={"content-type": "application/json"},
+    )
+
+    return httpx_mock

tests/helpers/assertions.py

@@ -100,6 +100,33 @@ def assert_sse_format_compliance(chunks: list[str]) -> None:
         )
 
 
+def assert_codex_response_format(data: dict[str, Any]) -> None:
+    """Assert that response follows OpenAI Codex API format."""
+    required_fields = ["id", "object", "created", "model", "choices", "usage"]
+    for field in required_fields:
+        assert field in data, f"Missing required field: {field}"
+
+    # Verify types
+    assert isinstance(data["id"], str)
+    assert isinstance(data["object"], str)
+    assert isinstance(data["created"], int)
+    assert isinstance(data["model"], str)
+    assert isinstance(data["choices"], list)
+    assert isinstance(data["usage"], dict)
+
+    # Verify choice structure
+    if data["choices"]:
+        choice = data["choices"][0]
+        assert "index" in choice
+        assert "message" in choice
+        assert "finish_reason" in choice
+
+        # Verify message structure
+        message = choice["message"]
+        assert message["role"] == "assistant"
+        assert "content" in message
+
+
 def assert_health_response_format(
     data: dict[str, Any], status_values: list[str]
 ) -> None: