fix(oauth-connect): guard against poll daemon errors and malformed start response#29593
Merged
credence-the-bot[bot] merged 1 commit intoMay 5, 2026
Conversation
credence-the-bot
Bot
merged commit 653f474
into
credence-the-bot/oauth-connect-daemon-flow
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
| } | ||
| } | ||
| if (!r.ok && r.statusCode !== undefined) { | ||
| return { status: "error", service: "?", error: r.error ?? "Daemon error during OAuth status poll" }; |
Contributor
There was a problem hiding this comment.
🔴 User-facing error message uses "Daemon" instead of "assistant"
The fallback error string "Daemon error during OAuth status poll" at line 99 is user-facing — it flows through pollOAuthConnectStatus → final.error → writeError(final.error ?? ...) at assistant/src/cli/commands/oauth/connect.ts:472. AGENTS.md explicitly mandates: "In all user-facing text — CLI output, error messages, help strings… use 'assistant' instead of 'daemon'."
Suggested change
| return { status: "error", service: "?", error: r.error ?? "Daemon error during OAuth status poll" }; | |
| return { status: "error", service: "?", error: r.error ?? "Assistant error during OAuth status poll" }; |
Was this helpful? React with 👍 or 👎 to provide feedback.
| // than falling back to in-process (which would re-introduce the heap-split bug for | ||
| // gateway transport). | ||
| if (startResult.ok && !startResult.result?.auth_url) { | ||
| writeError("Daemon returned unexpected response for OAuth connect start"); |
Contributor
There was a problem hiding this comment.
🔴 User-facing error message uses "Daemon" instead of "assistant"
The error string "Daemon returned unexpected response for OAuth connect start" is passed directly to writeError(), making it user-facing CLI output. AGENTS.md mandates: "In all user-facing text — CLI output, error messages… use 'assistant' instead of 'daemon'." The corresponding test assertion at assistant/src/cli/commands/oauth/__tests__/connect.test.ts:1016 would also need updating.
Suggested change
| writeError("Daemon returned unexpected response for OAuth connect start"); | |
| writeError("Assistant returned unexpected response for OAuth connect start"); |
Was this helpful? React with 👍 or 👎 to provide feedback.
noanflaherty
pushed a commit
that referenced
this pull request
May 5, 2026
…ay` through daemon IPC (#29596) * fix(oauth): route `assistant oauth connect --callback-transport=gateway` through daemon IPC (#29570) * fix(oauth): route assistant oauth connect --callback-transport=gateway through daemon IPC * fix(oauth-connect): pass lint, type-check, and openapi-check - Sort imports per simple-import-sort/imports rule (autofix) - Add eslint-disable for the intentionally-let resolvedState binding - Narrow OAuthConnectResult union before reading .error (split into two if branches) - Narrow OAuthConnectStatusResponse before reading .error in CLI poll loop - Regenerate openapi.yaml to include the 2 new internal routes * fix: use operationId and structured params for cliIpcCall (Devin/Codex P1 review) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: thread grantedScopes through IPC path to avoid empty-scopes inconsistency (Devin review) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(oauth): align IPC poll timeout with 5-min loopback OAuth window (Codex review) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: credence-the-bot <credence@vellum.ai> Co-authored-by: credence-the-bot[bot] <183148327+credence-the-bot[bot]@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: surface daemon errors instead of silent fallback; add gateway transport test and policy tests (#29590) Co-authored-by: credence-the-bot <credence@vellum.ai> * fix: add defensive guards for poll daemon errors and ok:true missing auth_url (#29593) Co-authored-by: credence-the-bot <credence@vellum.ai> * test: add missing test coverage for oauth-connect daemon flow (round-3) (#29595) Co-authored-by: credence-the-bot <credence@vellum.ai> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: suppress browser-wait log in JSON mode; sweep expired OAuth state on insertion (#29597) * fix: suppress browser-wait log in JSON mode; sweep expired state on insert * test: make JSON-mode log suppression test exercise the actual if (!jsonMode) guard Configure the logger mock to write to process.stdout in the specific test so the test would fail if the guard were removed from connect.ts. Also reset mockLogInfo to no-op in beforeEach for test isolation. --------- Co-authored-by: credence-the-bot <credence@vellum.ai> * fix(oauth): replace 'Daemon' with 'assistant' in user-facing error strings (#29603) * fix(oauth): replace 'Daemon' with 'assistant' in user-facing error strings * test: update assertion to match new 'assistant' string from devin nit fix The previous commit replaced 'Daemon' with 'assistant' in user-facing error strings (per Devin review), but missed updating the test that asserts on the old 'Daemon returned unexpected response' wording. --------- Co-authored-by: credence-the-bot <credence@vellum.ai> Co-authored-by: credence-the-bot[bot] <credence-the-bot[bot]@users.noreply.github.com> * fix(security): add IPC policy entries for daemon OAuth connect routes (#29612) Closes Codex P1 on #29596 by adding IPC policy entries for the new daemon OAuth connect routes (`internal_oauth_connect_start`, `internal_oauth_connect_status`). Mirrors the pattern from #29571 for the MCP OAuth routes. 4-line additive change, 6/6 tests pass. Both Codex and Devin re-reviewed clean. --------- Co-authored-by: credence-the-bot[bot] <277301654+credence-the-bot[bot]@users.noreply.github.com> Co-authored-by: credence-the-bot <credence@vellum.ai> Co-authored-by: credence-the-bot[bot] <183148327+credence-the-bot[bot]@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: credence-the-bot[bot] <credence-the-bot[bot]@users.noreply.github.com> Co-authored-by: credence-the-bot[bot] <credence-the-bot@vellum.ai>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes gaps found during plan self-review round 2 for oauth-connect-daemon-flow.md