79 lines
4.9 KiB
Markdown
79 lines
4.9 KiB
Markdown
# OpenAI phone success after long 5sim run, then OAuth workspace/session failures (2026-05-11)
|
||
|
||
Context: CPA/Codex OAuth onboarding for `chickliu.efxudmrg@claw.163.com` using visible Chrome/CDP `9226`, proxy `socks5://192.168.2.8:1083`, ClawEmail submailbox external receive already enabled.
|
||
|
||
## Phone verification outcome
|
||
|
||
- Starting count before this continuation: 57 real 5sim activations.
|
||
- Continuation runner bought 278 additional real activations before SMS success.
|
||
- Final successful phone-verification number was total real activation **335**.
|
||
- Successful country: `indonesia` (`ID`, `+62`).
|
||
- Successful activation id: `1007069622`.
|
||
- 5sim status after handling: `FINISHED`.
|
||
- OpenAI moved from `phone-verification` to `about-you` after submitting the correct SMS code.
|
||
|
||
## Important SMS parsing pitfall
|
||
|
||
The first generic parser used `(?<!\d)(\d{4,8})(?!\d)` over the whole 5sim SMS object and selected a 4-digit candidate, while the OpenAI page explicitly required a 6-character code. The false candidate likely came from another numeric field in the SMS object/phone text.
|
||
|
||
Fix for OpenAI login/phone codes:
|
||
|
||
1. Prefer exactly six digits: `(?<!\d)(\d{6})(?!\d)`.
|
||
2. Only fall back to 4–8 digits if the page does not state a fixed 6-character requirement.
|
||
3. If multiple 6-digit candidates are present, choose the candidate from the SMS message text field when available, not from serialized metadata; otherwise use the last 6-digit candidate.
|
||
4. Never mark the 5sim activation `finish` until the page is verified to have left `phone-verification`; if `finish` was called prematurely, still try the correct code if the page remains on `phone-verification` and the SMS is available.
|
||
|
||
Observed recovery: after the wrong 4-digit code left the page on `phone-verification`, re-checking the finished 5sim activation still exposed the SMS; extracting a 6-digit candidate and submitting it moved OpenAI to `about-you`.
|
||
|
||
## About-you form pitfall
|
||
|
||
OpenAI `about-you` form had:
|
||
|
||
```text
|
||
input[name=name] type=text required
|
||
input[name=age] type=number required
|
||
input[name=birthday] type=hidden
|
||
input[name=isExplicitConsentRequired] type=hidden value=false
|
||
```
|
||
|
||
Filling all inputs with a generic text value caused validation errors. Working approach:
|
||
|
||
- Set `input[name=name]` to a normal name, e.g. `Boss`.
|
||
- Set `input[name=age]` to a valid numeric age, e.g. `35`.
|
||
- Set hidden `birthday` consistently, e.g. `1991-01-01`, using the native input value setter and dispatching `input`/`change`.
|
||
- Then click `完成帐户创建` / `Finish account creation`.
|
||
|
||
This moved to `https://auth.openai.com/sign-in-with-chatgpt/codex/consent`.
|
||
|
||
## OAuth/session failures after phone success
|
||
|
||
After phone success and about-you completion, CPA OAuth did not import successfully in this run. Observed failures:
|
||
|
||
- Consent page initially showed `hydra_api_accept_login_request_error`.
|
||
- Retrying/fresh CPA URLs later showed `Workspaces not found in client auth session` on the Codex consent page.
|
||
- Opening `chatgpt.com` in the same profile showed the user was not logged in / no ChatGPT workspace initialized.
|
||
- Password login for the new account returned `Incorrect email address or password`; the password used during signup may not have persisted or the auth state was stale.
|
||
- Clicking `使用一次性验证码登录` from the stale password page produced `invalid_state`; polling ClawEmail did find a 6-digit code, but submitting it on the error page could not recover the stale state.
|
||
- Generating fresh CPA OAuth URL and opening it in a new tab after many failed auth states produced OpenAI `/error` with `unknown_error`; the OAuth URL shape itself looked normal (`client_id`, `code_challenge`, `redirect_uri=http://localhost:1455/auth/callback`, `scope=openid email profile`, `prompt=login`, `state`).
|
||
|
||
## Recommended next attempt
|
||
|
||
Do not buy more phone numbers for this account; phone verification is already done. For OAuth recovery:
|
||
|
||
1. Start from a clean browser state/profile if possible, or at least close all `auth.openai.com`, `chatgpt.com`, `localhost:1455` tabs and restart the automation Chrome.
|
||
2. Generate exactly one fresh CPA OAuth URL.
|
||
3. Avoid stale password-page OTP links; if login is required, prefer a fresh URL and a fresh auth page before requesting one-time email code.
|
||
4. If `Workspaces not found in client auth session` appears, first establish a valid ChatGPT web session/workspace for the account, then generate a new CPA OAuth URL; do not keep pressing retry on the same consent error.
|
||
5. If fresh CPA URL immediately returns OpenAI `unknown_error`, inspect whether CPA is rate-limiting/state-colliding from repeated URL generation; pause or restart CPA session before retrying.
|
||
|
||
## Accounting
|
||
|
||
For final reports, distinguish:
|
||
|
||
```text
|
||
phone verification success: yes, total real activations = 335
|
||
oauth/cpa import success: no, blocked by OpenAI auth/workspace/session errors
|
||
```
|
||
|
||
Do not conflate OAuth failure with phone-verification failure.
|