Files
codex-oauth-plus-onboarding…/skill/codex-oauth-plus-onboarding/references/openai-phone-success-335-oauth-workspace-failures-2026-05-11.md

79 lines
4.9 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# OpenAI phone success after long 5sim run, then OAuth workspace/session failures (2026-05-11)
Context: CPA/Codex OAuth onboarding for `chickliu.efxudmrg@claw.163.com` using visible Chrome/CDP `9226`, proxy `socks5://192.168.2.8:1083`, ClawEmail submailbox external receive already enabled.
## Phone verification outcome
- Starting count before this continuation: 57 real 5sim activations.
- Continuation runner bought 278 additional real activations before SMS success.
- Final successful phone-verification number was total real activation **335**.
- Successful country: `indonesia` (`ID`, `+62`).
- Successful activation id: `1007069622`.
- 5sim status after handling: `FINISHED`.
- OpenAI moved from `phone-verification` to `about-you` after submitting the correct SMS code.
## Important SMS parsing pitfall
The first generic parser used `(?<!\d)(\d{4,8})(?!\d)` over the whole 5sim SMS object and selected a 4-digit candidate, while the OpenAI page explicitly required a 6-character code. The false candidate likely came from another numeric field in the SMS object/phone text.
Fix for OpenAI login/phone codes:
1. Prefer exactly six digits: `(?<!\d)(\d{6})(?!\d)`.
2. Only fall back to 48 digits if the page does not state a fixed 6-character requirement.
3. If multiple 6-digit candidates are present, choose the candidate from the SMS message text field when available, not from serialized metadata; otherwise use the last 6-digit candidate.
4. Never mark the 5sim activation `finish` until the page is verified to have left `phone-verification`; if `finish` was called prematurely, still try the correct code if the page remains on `phone-verification` and the SMS is available.
Observed recovery: after the wrong 4-digit code left the page on `phone-verification`, re-checking the finished 5sim activation still exposed the SMS; extracting a 6-digit candidate and submitting it moved OpenAI to `about-you`.
## About-you form pitfall
OpenAI `about-you` form had:
```text
input[name=name] type=text required
input[name=age] type=number required
input[name=birthday] type=hidden
input[name=isExplicitConsentRequired] type=hidden value=false
```
Filling all inputs with a generic text value caused validation errors. Working approach:
- Set `input[name=name]` to a normal name, e.g. `Boss`.
- Set `input[name=age]` to a valid numeric age, e.g. `35`.
- Set hidden `birthday` consistently, e.g. `1991-01-01`, using the native input value setter and dispatching `input`/`change`.
- Then click `完成帐户创建` / `Finish account creation`.
This moved to `https://auth.openai.com/sign-in-with-chatgpt/codex/consent`.
## OAuth/session failures after phone success
After phone success and about-you completion, CPA OAuth did not import successfully in this run. Observed failures:
- Consent page initially showed `hydra_api_accept_login_request_error`.
- Retrying/fresh CPA URLs later showed `Workspaces not found in client auth session` on the Codex consent page.
- Opening `chatgpt.com` in the same profile showed the user was not logged in / no ChatGPT workspace initialized.
- Password login for the new account returned `Incorrect email address or password`; the password used during signup may not have persisted or the auth state was stale.
- Clicking `使用一次性验证码登录` from the stale password page produced `invalid_state`; polling ClawEmail did find a 6-digit code, but submitting it on the error page could not recover the stale state.
- Generating fresh CPA OAuth URL and opening it in a new tab after many failed auth states produced OpenAI `/error` with `unknown_error`; the OAuth URL shape itself looked normal (`client_id`, `code_challenge`, `redirect_uri=http://localhost:1455/auth/callback`, `scope=openid email profile`, `prompt=login`, `state`).
## Recommended next attempt
Do not buy more phone numbers for this account; phone verification is already done. For OAuth recovery:
1. Start from a clean browser state/profile if possible, or at least close all `auth.openai.com`, `chatgpt.com`, `localhost:1455` tabs and restart the automation Chrome.
2. Generate exactly one fresh CPA OAuth URL.
3. Avoid stale password-page OTP links; if login is required, prefer a fresh URL and a fresh auth page before requesting one-time email code.
4. If `Workspaces not found in client auth session` appears, first establish a valid ChatGPT web session/workspace for the account, then generate a new CPA OAuth URL; do not keep pressing retry on the same consent error.
5. If fresh CPA URL immediately returns OpenAI `unknown_error`, inspect whether CPA is rate-limiting/state-colliding from repeated URL generation; pause or restart CPA session before retrying.
## Accounting
For final reports, distinguish:
```text
phone verification success: yes, total real activations = 335
oauth/cpa import success: no, blocked by OpenAI auth/workspace/session errors
```
Do not conflate OAuth failure with phone-verification failure.