Add first-class ChatGPT subscription provider support

[Spherrrical]

Adds support for routing LLM traffic through a ChatGPT Plus/Pro subscription using OpenAI's device-code OAuth flow (same as the Codex CLI). Users authenticate once via planoai chatgpt login and tokens are auto-refreshed from ~/.plano/chatgpt/auth.json. The chatgpt provider is wired end-to-end: CLI commands, config auto-injection, schema updates, Rust ProviderId/LlmProviderType variants, request normalization for the Codex backend, and custom header forwarding in the WASM gateway. A self-contained demo with config.yaml, chat.py, and a curl test script is included under demos/llm_routing/chatgpt_subscription/.

[Stoff81]

Testing out now

[Stoff81]

Can confirm this is working for me! Lovely stuff

[adilhafeez]

the refresh token flow is not automatic - so the way it works right now is that it 1. loads token from disk, 2. refresh token if needed and then 3. inject the token. Issue is if token expired while plano is running there is no way to refersh it and we'll have to restart the service to refresh the token. This doesn't seem right.

[adilhafeez]

why are hard-coding system prompt? and what if user has set stream=false?

[Spherrrical]

the system will not work without this prompt, and the stream=false does not work for this provider

[adilhafeez]

Why harcode user agent and orignator? This will overwrite user's user_agent if it was set.

[Spherrrical]

the provider will not work without these headers

[Stoff81]

I have found an issue with using OpenClaw and this branch, when posting with tools as OpenClaw does:

curl -sS http://localhost:12000/v1/responses \ -H "Content-Type: application/json" \ -d '{ "model": "gpt-5.3-codex", "input": [ { "type": "message", "role": "user", "content": [ { "type": "input_text", "text": "What is the capital of France?" } ] } ], "stream": false, "tools": [ { "type": "function", "name": "get_time", "description": "Get the current time", "parameters": { "type": "object", "properties": {}, "additionalProperties": false } } ], "tool_choice": "auto" }'

I am getting Failed to parse request: missing field name at line 1 column 330%

I have created a PR to address this here: #884

[Stoff81]

I found an issue with using OpenClaw and this branch, when posting:

{ "model": "gpt-5.3-codex", "input": [ { "role": "user", "content": [ { "type": "input_text", "text": "what model are you on" } ] } ], "include": [ "reasoning.encrypted_content" ], "store": false, "instructions": "You are Codex, based on GPT-5. You are running as a coding agent in the Codex CLI on a user's computer.", "stream": true, "max_output_tokens": 8192 }

We were getting Unsupported Field: max_output_tokens

I have created a PR to address this here: #884

[Stoff81]

I found an issue with using OpenClaw and this branch, when posting:

{ "model": "gpt-5.3-codex", "input": [ { "role": "user", "content": [ { "type": "input_text", "text": "what model are you on" } ] } ], "include": [ "reasoning.encrypted_content" ], "store": false, "instructions": "You are Codex, based on GPT-5. You are running as a coding agent in the Codex CLI on a user's computer.", "stream": true, "max_output_tokens": 8192 }

We were getting

{ "error": { "message": "Invalid value: 'input_text'. Supported values are: 'output_text' and 'refusal'.", "type": "invalid_request_error", "param": "input[12].content[0]", "code": "invalid_value" } }%

I have created a PR to address this here: #884