Merge pull request #18 from semantic-developer/feature/sd-20

fix update for new api key args in codex cli

Author: johnabbott72

README.md

@@ -40,7 +40,7 @@ A cross‑platform desktop UI (Avalonia/.NET 8) for driving the Codex CLI app se
    - Verbose logging (show suppressed output)
    - Enable MCP support (loads MCP servers from your JSON config and passes them directly to Codex)
      - Config path: `~/.config/SemanticDeveloper/mcp_servers.json` (Linux/macOS) or `%AppData%/SemanticDeveloper/mcp_servers.json` (Windows)
- - Use API Key for Codex CLI (runs `codex login --api-key <key>` before sessions; does not rely on existing CLI auth)
+- Use API Key for Codex CLI (pipes the key to `codex login --with-api-key` before sessions; does not rely on existing CLI auth)
   - Allow network access for tools (sets sandbox_policy.network_access=true on turns so MCP tools can reach the network)
   - Without API key enabled, the app proactively authenticates with `codex auth login` (falling back to `codex login`) before sessions so your chat/GPT token is used.
 
@@ -213,7 +213,7 @@ Selection behavior:
 - Authentication:
   - If you are not using an API key and the Codex CLI is not logged in (no `~/.codex/auth.json`), the app-server stream returns 401. The app detects this and prompts to run `codex auth login` for you. Follow the browser flow; on success the app restarts the session automatically.
   - If your CLI version doesn’t support `auth login`, the app falls back to `codex login`.
-  - When “Use API Key” is enabled in CLI Settings, the app attempts a non‑interactive `codex login --api-key <key>` before sessions and on 401. If login succeeds, it restarts the session automatically.
+  - When “Use API Key” is enabled in CLI Settings, the app pipes your key into `codex login --with-api-key` before sessions and on 401. If login succeeds, it restarts the session automatically.
 
 ## Run App
 

SemanticDeveloper/SemanticDeveloper/MainWindow.axaml.cs

@@ -3370,7 +3370,7 @@ private async Task<int> RunCodexLoginWithApiKeyAsync(string apiKey)
             : Directory.GetCurrentDirectory();
         try
         {
-            var psi = await _cli.BuildProcessStartInfoAsync(cwd, new[] { "login", "--api-key", apiKey }, redirectStdIn: false);
+            var psi = await _cli.BuildProcessStartInfoAsync(cwd, new[] { "login", "--with-api-key" }, redirectStdIn: true);
 
             using (var p = new Process { StartInfo = psi, EnableRaisingEvents = true })
             {
@@ -3379,19 +3379,35 @@ private async Task<int> RunCodexLoginWithApiKeyAsync(string apiKey)
                 if (!p.Start()) return -1;
                 p.BeginOutputReadLine();
                 p.BeginErrorReadLine();
+                try
+                {
+                    p.StandardInput.NewLine = "\n";
+                    await p.StandardInput.WriteLineAsync(apiKey);
+                    await p.StandardInput.FlushAsync();
+                    p.StandardInput.Close();
+                }
+                catch { }
                 await p.WaitForExitAsync();
                 if (p.ExitCode == 0) return 0;
             }
 
-            // Fallback: codex auth login --api-key <key>
-            var psi2 = await _cli.BuildProcessStartInfoAsync(cwd, new[] { "auth", "login", "--api-key", apiKey }, redirectStdIn: false);
+            // Fallback: codex auth login --with-api-key
+            var psi2 = await _cli.BuildProcessStartInfoAsync(cwd, new[] { "auth", "login", "--with-api-key" }, redirectStdIn: true);
 
             using var p2 = new Process { StartInfo = psi2, EnableRaisingEvents = true };
             p2.OutputDataReceived += (_, ev) => { if (!string.IsNullOrWhiteSpace(ev.Data)) AppendCliLog(ev.Data!); };
             p2.ErrorDataReceived += (_, ev) => { if (!string.IsNullOrWhiteSpace(ev.Data)) AppendCliLog(ev.Data!); };
             if (!p2.Start()) return -1;
             p2.BeginOutputReadLine();
             p2.BeginErrorReadLine();
+            try
+            {
+                p2.StandardInput.NewLine = "\n";
+                await p2.StandardInput.WriteLineAsync(apiKey);
+                await p2.StandardInput.FlushAsync();
+                p2.StandardInput.Close();
+            }
+            catch { }
             await p2.WaitForExitAsync();
             return p2.ExitCode;
         }

SemanticDeveloper/SemanticDeveloper/Services/CodexCliService.cs

@@ -27,13 +27,13 @@ public async Task StartAsync(string workspacePath, CancellationToken cancellatio
         if (IsRunning)
             throw new InvalidOperationException("CLI already running.");
 
-        // Force proto subcommand per environment ("codex proto")
+        // Force app-server subcommand per environment ("codex app-server")
         var tokens = BuildArgumentTokens(AdditionalArgs);
         var effectiveWorkspace = string.IsNullOrWhiteSpace(workspacePath) ? Directory.GetCurrentDirectory() : workspacePath;
         var psi = await BuildProcessStartInfoAsync(effectiveWorkspace, tokens, redirectStdIn: true);
 
-        // Do not inject API key via environment. Authentication is handled via an explicit
-        // 'codex login --api-key' flow before starting the proto session.
+        // Do not inject API key via environment. Authentication is handled via the explicit
+        // 'codex login --with-api-key' flow before starting the app-server session.
 
         // Emit the exact command being launched to the debug console (not UI)
         try

SemanticDeveloper/SemanticDeveloper/Views/CliSettingsDialog.axaml

@@ -30,7 +30,7 @@
                 <TextBox Text="{Binding ApiKey, Mode=TwoWay}"
                          PasswordChar="•"
                          Watermark="Enter API key"
-                         ToolTip.Tip="When enabled, the app runs 'codex login --api-key &lt;key&gt;' before sessions"
+                         ToolTip.Tip="When enabled, the app pipes your key to 'codex login --with-api-key' before sessions"
                          MaxWidth="550"/>
                 <TextBlock Margin="0,6,0,0" Foreground="#888" FontSize="12" Text="Stored in settings.json. When enabled, the app authenticates with your key and does not rely on existing CLI login." MaxWidth="550" TextWrapping="Wrap"/>
             </StackPanel>