1.9 KiB
OAuth tab cleanup before recovery (2026-05-10)
Problem
During repeated OpenAI phone-verification failures, the runner recovered by calling Chrome DevTools /json/new?<oauth_url> for each new Codex2API OAuth session. Failed auth.openai.com/add-phone and auth.openai.com/phone-verification tabs were not closed first.
Observed effect:
- Chrome accumulated many stale OpenAI auth tabs.
- CDP target selection became ambiguous.
- The visible browser became cluttered and harder for BOSS to inspect.
On inspection, 20 stale OAuth/OpenAI tabs were closed from CDP port 9223.
Fix
Before generating/opening a fresh OAuth recovery tab, close stale tabs matching:
auth.openai.com
chatgpt.com/auth
localhost
127.0.0.1
Do this only when the current page is not already a usable https://auth.openai.com/add-phone page. If the current page is already usable, do not close it.
Runner implementation
Patched runners:
/tmp/phone_verify_eu4_roundrobin10_latest.py
/tmp/phone_verify_strict_gate_10.py
/tmp/phone_verify_eu4_total10_latest.py
Helper:
def close_stale_oauth_tabs(reason='recover'):
tabs = json.loads(urllib.request.urlopen('http://127.0.0.1:9223/json/list', timeout=5).read().decode())
patterns = ('auth.openai.com', 'chatgpt.com/auth', 'localhost', '127.0.0.1')
for t in tabs:
url = t.get('url', '')
tid = t.get('id')
if tid and any(x in url for x in patterns):
urllib.request.urlopen('http://127.0.0.1:9223/json/close/' + urllib.parse.quote(tid, safe=''), timeout=3).read()
Call site:
if current page is not add-phone:
close_stale_oauth_tabs('before_oauth_recover')
open fresh Codex2API OAuth URL via /json/new
Workflow rule
Any recovery path that opens a fresh OAuth/OpenAI auth tab must first close stale OAuth/OpenAI tabs, unless it is deliberately keeping the current active add-phone tab. This avoids tab pile-up and CDP target ambiguity.