fix(oauth-connect): surface daemon errors, add gateway transport CLI test, add route-policy tests#29590
Merged
credence-the-bot[bot] merged 1 commit intoMay 5, 2026
Conversation
…ansport test and policy tests
credence-the-bot
Bot
merged commit 7502e10
into
credence-the-bot/oauth-connect-daemon-flow
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
| // falling back to in-process (which would re-introduce the heap-split bug for | ||
| // gateway transport). | ||
| if (!startResult.ok && startResult.statusCode !== undefined) { | ||
| writeError(startResult.error ?? "OAuth connect failed (daemon error)"); |
Contributor
There was a problem hiding this comment.
🟡 User-facing error message uses "daemon" instead of "assistant" (AGENTS.md rule violation)
The fallback error string "OAuth connect failed (daemon error)" at assistant/src/cli/commands/oauth/connect.ts:500 is user-facing CLI output (passed to writeError → writeOutput). The AGENTS.md rule under "User-Facing Terminology: 'daemon' vs 'assistant'" states: "In all user-facing text — CLI output, error messages, help strings… — use 'assistant' instead of 'daemon'." Comments and internal code are fine, but this string is rendered to users.
Suggested change
| writeError(startResult.error ?? "OAuth connect failed (daemon error)"); | |
| writeError(startResult.error ?? "OAuth connect failed (assistant error)"); |
Was this helpful? React with 👍 or 👎 to provide feedback.
noanflaherty
pushed a commit
that referenced
this pull request
May 5, 2026
…ay` through daemon IPC (#29596) * fix(oauth): route `assistant oauth connect --callback-transport=gateway` through daemon IPC (#29570) * fix(oauth): route assistant oauth connect --callback-transport=gateway through daemon IPC * fix(oauth-connect): pass lint, type-check, and openapi-check - Sort imports per simple-import-sort/imports rule (autofix) - Add eslint-disable for the intentionally-let resolvedState binding - Narrow OAuthConnectResult union before reading .error (split into two if branches) - Narrow OAuthConnectStatusResponse before reading .error in CLI poll loop - Regenerate openapi.yaml to include the 2 new internal routes * fix: use operationId and structured params for cliIpcCall (Devin/Codex P1 review) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: thread grantedScopes through IPC path to avoid empty-scopes inconsistency (Devin review) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(oauth): align IPC poll timeout with 5-min loopback OAuth window (Codex review) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: credence-the-bot <credence@vellum.ai> Co-authored-by: credence-the-bot[bot] <183148327+credence-the-bot[bot]@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: surface daemon errors instead of silent fallback; add gateway transport test and policy tests (#29590) Co-authored-by: credence-the-bot <credence@vellum.ai> * fix: add defensive guards for poll daemon errors and ok:true missing auth_url (#29593) Co-authored-by: credence-the-bot <credence@vellum.ai> * test: add missing test coverage for oauth-connect daemon flow (round-3) (#29595) Co-authored-by: credence-the-bot <credence@vellum.ai> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: suppress browser-wait log in JSON mode; sweep expired OAuth state on insertion (#29597) * fix: suppress browser-wait log in JSON mode; sweep expired state on insert * test: make JSON-mode log suppression test exercise the actual if (!jsonMode) guard Configure the logger mock to write to process.stdout in the specific test so the test would fail if the guard were removed from connect.ts. Also reset mockLogInfo to no-op in beforeEach for test isolation. --------- Co-authored-by: credence-the-bot <credence@vellum.ai> * fix(oauth): replace 'Daemon' with 'assistant' in user-facing error strings (#29603) * fix(oauth): replace 'Daemon' with 'assistant' in user-facing error strings * test: update assertion to match new 'assistant' string from devin nit fix The previous commit replaced 'Daemon' with 'assistant' in user-facing error strings (per Devin review), but missed updating the test that asserts on the old 'Daemon returned unexpected response' wording. --------- Co-authored-by: credence-the-bot <credence@vellum.ai> Co-authored-by: credence-the-bot[bot] <credence-the-bot[bot]@users.noreply.github.com> * fix(security): add IPC policy entries for daemon OAuth connect routes (#29612) Closes Codex P1 on #29596 by adding IPC policy entries for the new daemon OAuth connect routes (`internal_oauth_connect_start`, `internal_oauth_connect_status`). Mirrors the pattern from #29571 for the MCP OAuth routes. 4-line additive change, 6/6 tests pass. Both Codex and Devin re-reviewed clean. --------- Co-authored-by: credence-the-bot[bot] <277301654+credence-the-bot[bot]@users.noreply.github.com> Co-authored-by: credence-the-bot <credence@vellum.ai> Co-authored-by: credence-the-bot[bot] <183148327+credence-the-bot[bot]@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: credence-the-bot[bot] <credence-the-bot[bot]@users.noreply.github.com> Co-authored-by: credence-the-bot[bot] <credence-the-bot@vellum.ai>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes gaps found during plan self-review for oauth-connect-daemon-flow.md