[Amber] Fix: Refresh token MCP tool silently swallows auth failures and reports success (#1049)

github-actions[bot] · Amber Agent · claude · web-flow · commit 52bcd7e06329 · 2026-03-26T16:44:36.000-04:00
## Automated Fix by Amber Agent This PR addresses issue #1043 using the Amber background agent. ### Changes Summary - **Action Type:** auto-fix - **Commit:** 4427e7b - **Triggered by:** Issue label/command ### Pre-merge Checklist - [ ] All linters pass - [ ] All tests pass - [ ] Changes follow project conventions (CLAUDE.md) - [ ] No scope creep beyond issue description ### Reviewer Notes This PR was automatically generated. Please review: 1. Code quality and adherence to standards 2. Test coverage for changes 3. No unintended side effects --- 🤖 Generated with [Amber Background Agent](https://github.com/ambient-code/platform/blob/main/docs/amber-automation.md) Closes #1043 Co-authored-by: Amber Agent <amber@ambient-code.ai> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
diff --git a/components/runners/ambient-runner/ambient_runner/bridges/claude/tools.py b/components/runners/ambient-runner/ambient_runner/bridges/claude/tools.py
@@ -81,13 +81,13 @@ async def refresh_credentials_tool(args: dict) -> dict:
                     }
                 ]
             }
-        except Exception:
+        except Exception as exc:
             logger.error("Credential refresh failed", exc_info=True)
             return {
                 "content": [
                     {
                         "type": "text",
-                        "text": "Credential refresh failed. Check runner logs for details.",
+                        "text": f"Credential refresh failed: {exc}",
                     }
                 ],
                 "isError": True,
diff --git a/components/runners/ambient-runner/ambient_runner/platform/auth.py b/components/runners/ambient-runner/ambient_runner/platform/auth.py
@@ -166,7 +166,17 @@ def _do_req():
                     logger.warning(
                         f"{credential_type} BOT_TOKEN fallback also failed: {fallback_err}"
                     )
-                    return ""
+                    raise PermissionError(
+                        f"{credential_type} authentication failed: caller token expired "
+                        f"and BOT_TOKEN fallback also failed"
+                    ) from fallback_err
+            if e.code in (401, 403):
+                logger.warning(
+                    f"{credential_type} credential fetch failed with HTTP {e.code}: {e}"
+                )
+                raise PermissionError(
+                    f"{credential_type} authentication failed with HTTP {e.code}"
+                ) from e
             logger.warning(f"{credential_type} credential fetch failed: {e}")
             return ""
         except Exception as e:
@@ -299,10 +309,13 @@ async def populate_runtime_credentials(context: RunnerContext) -> None:
     # Track git identity from provider credentials
     git_user_name = ""
     git_user_email = ""
+    auth_failures: list[str] = []
 
     # Google credentials
     if isinstance(google_creds, Exception):
         logger.warning(f"Failed to refresh Google credentials: {google_creds}")
+        if isinstance(google_creds, PermissionError):
+            auth_failures.append(str(google_creds))
     elif google_creds.get("accessToken"):
         try:
             creds_dir = _GOOGLE_WORKSPACE_CREDS_FILE.parent
@@ -335,6 +348,8 @@ async def populate_runtime_credentials(context: RunnerContext) -> None:
     # Jira credentials
     if isinstance(jira_creds, Exception):
         logger.warning(f"Failed to refresh Jira credentials: {jira_creds}")
+        if isinstance(jira_creds, PermissionError):
+            auth_failures.append(str(jira_creds))
     elif jira_creds.get("apiToken"):
         os.environ["JIRA_URL"] = jira_creds.get("url", "")
         os.environ["JIRA_API_TOKEN"] = jira_creds.get("apiToken", "")
@@ -344,6 +359,8 @@ async def populate_runtime_credentials(context: RunnerContext) -> None:
     # GitLab credentials (with user identity)
     if isinstance(gitlab_creds, Exception):
         logger.warning(f"Failed to refresh GitLab credentials: {gitlab_creds}")
+        if isinstance(gitlab_creds, PermissionError):
+            auth_failures.append(str(gitlab_creds))
     elif gitlab_creds.get("token"):
         os.environ["GITLAB_TOKEN"] = gitlab_creds["token"]
         logger.info("Updated GitLab token in environment")
@@ -355,6 +372,8 @@ async def populate_runtime_credentials(context: RunnerContext) -> None:
     # GitHub credentials (with user identity — takes precedence)
     if isinstance(github_creds, Exception):
         logger.warning(f"Failed to refresh GitHub credentials: {github_creds}")
+        if isinstance(github_creds, PermissionError):
+            auth_failures.append(str(github_creds))
     elif github_creds.get("token"):
         os.environ["GITHUB_TOKEN"] = github_creds["token"]
         logger.info("Updated GitHub token in environment")
@@ -367,6 +386,12 @@ async def populate_runtime_credentials(context: RunnerContext) -> None:
     await configure_git_identity(git_user_name, git_user_email)
     install_git_credential_helper()
 
+    if auth_failures:
+        raise PermissionError(
+            "Credential refresh failed due to authentication errors: "
+            + "; ".join(auth_failures)
+        )
+
     logger.info("Runtime credentials populated successfully")
 
 
diff --git a/components/runners/ambient-runner/tests/test_shared_session_credentials.py b/components/runners/ambient-runner/tests/test_shared_session_credentials.py
@@ -3,8 +3,10 @@
 import json
 import os
 from http.server import BaseHTTPRequestHandler, HTTPServer
+from io import BytesIO
 from threading import Thread
-from unittest.mock import patch
+from unittest.mock import AsyncMock, MagicMock, patch
+from urllib.error import HTTPError
 
 import pytest
 
@@ -314,3 +316,199 @@ def log_message(self, format, *args):
             # Cleanup any leaked env vars
             for key in ["GITHUB_TOKEN", "GITLAB_TOKEN", "JIRA_API_TOKEN", "JIRA_URL", "JIRA_EMAIL", "GIT_USER_NAME", "GIT_USER_EMAIL"]:
                 os.environ.pop(key, None)
+
+
+# ---------------------------------------------------------------------------
+# _fetch_credential — auth failure propagation (issue #1043)
+# ---------------------------------------------------------------------------
+
+
+class TestFetchCredentialAuthFailures:
+    @pytest.mark.asyncio
+    async def test_raises_permission_error_on_401_without_caller_token(self, monkeypatch):
+        """_fetch_credential raises PermissionError when backend returns 401 with BOT_TOKEN."""
+        monkeypatch.setenv("BACKEND_API_URL", "http://backend.svc.cluster.local/api")
+        monkeypatch.setenv("PROJECT_NAME", "test-project")
+        monkeypatch.setenv("BOT_TOKEN", "bot-token")
+
+        ctx = _make_context(session_id="sess-1")
+        # No caller token — uses BOT_TOKEN directly
+
+        err = HTTPError("http://backend.svc.cluster.local/api/...", 401, "Unauthorized", {}, BytesIO(b""))
+        with patch("urllib.request.urlopen", side_effect=err):
+            with pytest.raises(PermissionError, match="authentication failed with HTTP 401"):
+                await _fetch_credential(ctx, "github")
+
+    @pytest.mark.asyncio
+    async def test_raises_permission_error_on_403_without_caller_token(self, monkeypatch):
+        """_fetch_credential raises PermissionError when backend returns 403 with BOT_TOKEN."""
+        monkeypatch.setenv("BACKEND_API_URL", "http://backend.svc.cluster.local/api")
+        monkeypatch.setenv("PROJECT_NAME", "test-project")
+        monkeypatch.setenv("BOT_TOKEN", "bot-token")
+
+        ctx = _make_context(session_id="sess-1")
+
+        err = HTTPError("http://backend.svc.cluster.local/api/...", 403, "Forbidden", {}, BytesIO(b""))
+        with patch("urllib.request.urlopen", side_effect=err):
+            with pytest.raises(PermissionError, match="authentication failed with HTTP 403"):
+                await _fetch_credential(ctx, "google")
+
+    @pytest.mark.asyncio
+    async def test_raises_permission_error_when_caller_and_bot_both_fail(self, monkeypatch):
+        """_fetch_credential raises PermissionError when caller token 401s and BOT_TOKEN also fails."""
+        monkeypatch.setenv("BACKEND_API_URL", "http://backend.svc.cluster.local/api")
+        monkeypatch.setenv("PROJECT_NAME", "test-project")
+        monkeypatch.setenv("BOT_TOKEN", "bot-token")
+
+        ctx = _make_context(session_id="sess-1", current_user_id="user@example.com")
+        ctx.caller_token = "Bearer expired-caller-token"
+
+        caller_err = HTTPError("http://...", 401, "Unauthorized", {}, BytesIO(b""))
+        fallback_err = HTTPError("http://...", 403, "Forbidden", {}, BytesIO(b""))
+
+        with patch("urllib.request.urlopen", side_effect=[caller_err, fallback_err]):
+            with pytest.raises(PermissionError, match="caller token expired and BOT_TOKEN fallback also failed"):
+                await _fetch_credential(ctx, "github")
+
+    @pytest.mark.asyncio
+    async def test_does_not_raise_on_non_auth_http_errors(self, monkeypatch):
+        """_fetch_credential returns {} for non-auth HTTP errors (404, 500, etc.)."""
+        monkeypatch.setenv("BACKEND_API_URL", "http://backend.svc.cluster.local/api")
+        monkeypatch.setenv("PROJECT_NAME", "test-project")
+
+        ctx = _make_context(session_id="sess-1")
+
+        err = HTTPError("http://...", 404, "Not Found", {}, BytesIO(b""))
+        with patch("urllib.request.urlopen", side_effect=err):
+            result = await _fetch_credential(ctx, "github")
+
+        assert result == {}
+
+    @pytest.mark.asyncio
+    async def test_caller_token_fallback_succeeds_when_bot_token_works(self, monkeypatch):
+        """_fetch_credential returns data when caller token 401s but BOT_TOKEN fallback succeeds."""
+        monkeypatch.setenv("BACKEND_API_URL", "http://backend.svc.cluster.local/api")
+        monkeypatch.setenv("PROJECT_NAME", "test-project")
+        monkeypatch.setenv("BOT_TOKEN", "valid-bot-token")
+
+        ctx = _make_context(session_id="sess-1", current_user_id="user@example.com")
+        ctx.caller_token = "Bearer expired-caller-token"
+
+        caller_err = HTTPError("http://...", 401, "Unauthorized", {}, BytesIO(b""))
+
+        mock_response = MagicMock()
+        mock_response.read.return_value = json.dumps({"token": "gh-tok-via-bot"}).encode()
+        mock_response.__enter__ = lambda s: s
+        mock_response.__exit__ = MagicMock(return_value=False)
+
+        with patch("urllib.request.urlopen", side_effect=[caller_err, mock_response]):
+            result = await _fetch_credential(ctx, "github")
+
+        assert result.get("token") == "gh-tok-via-bot"
+
+
+# ---------------------------------------------------------------------------
+# populate_runtime_credentials — raises on auth failure (issue #1043)
+# ---------------------------------------------------------------------------
+
+
+class TestPopulateRuntimeCredentialsAuthFailures:
+    @pytest.mark.asyncio
+    async def test_raises_when_github_auth_fails(self, monkeypatch):
+        """populate_runtime_credentials raises PermissionError when GitHub auth fails."""
+        monkeypatch.setenv("BACKEND_API_URL", "http://backend.svc.cluster.local/api")
+        monkeypatch.setenv("PROJECT_NAME", "test-project")
+
+        ctx = _make_context(session_id="sess-1")
+
+        async def _fail_github(context, cred_type):
+            if cred_type == "github":
+                raise PermissionError("github authentication failed with HTTP 401")
+            return {}
+
+        with patch("ambient_runner.platform.auth._fetch_credential", side_effect=_fail_github):
+            with pytest.raises(PermissionError, match="Credential refresh failed due to authentication errors"):
+                await populate_runtime_credentials(ctx)
+
+    @pytest.mark.asyncio
+    async def test_raises_when_multiple_providers_fail(self, monkeypatch):
+        """populate_runtime_credentials raises PermissionError listing all auth failures."""
+        monkeypatch.setenv("BACKEND_API_URL", "http://backend.svc.cluster.local/api")
+        monkeypatch.setenv("PROJECT_NAME", "test-project")
+
+        ctx = _make_context(session_id="sess-1")
+
+        async def _fail_all(context, cred_type):
+            raise PermissionError(f"{cred_type} authentication failed with HTTP 401")
+
+        with patch("ambient_runner.platform.auth._fetch_credential", side_effect=_fail_all):
+            with pytest.raises(PermissionError) as exc_info:
+                await populate_runtime_credentials(ctx)
+
+        msg = str(exc_info.value)
+        assert "authentication errors" in msg
+
+    @pytest.mark.asyncio
+    async def test_succeeds_when_all_credentials_empty_no_auth_error(self, monkeypatch):
+        """populate_runtime_credentials does not raise when credentials are simply missing (not auth failures)."""
+        monkeypatch.setenv("BACKEND_API_URL", "http://backend.svc.cluster.local/api")
+        monkeypatch.setenv("PROJECT_NAME", "test-project")
+
+        ctx = _make_context(session_id="sess-1")
+
+        with patch("ambient_runner.platform.auth._fetch_credential", return_value={}):
+            # Should not raise — empty credentials just means no integrations configured
+            await populate_runtime_credentials(ctx)
+
+
+# ---------------------------------------------------------------------------
+# refresh_credentials_tool — reports isError on auth failure (issue #1043)
+# ---------------------------------------------------------------------------
+
+
+class TestRefreshCredentialsTool:
+    def _make_tool_decorator(self):
+        """Create a mock sdk_tool decorator that preserves the function."""
+        def mock_tool(name, description, schema):
+            def decorator(func):
+                return func
+            return decorator
+        return mock_tool
+
+    @pytest.mark.asyncio
+    async def test_returns_is_error_on_auth_failure(self):
+        """refresh_credentials_tool returns isError=True when populate_runtime_credentials raises PermissionError."""
+        from ambient_runner.bridges.claude.tools import create_refresh_credentials_tool
+
+        mock_context = MagicMock()
+        tool_fn = create_refresh_credentials_tool(mock_context, self._make_tool_decorator())
+
+        with patch(
+            "ambient_runner.platform.auth.populate_runtime_credentials",
+            new_callable=AsyncMock,
+            side_effect=PermissionError("github authentication failed with HTTP 401"),
+        ):
+            result = await tool_fn({})
+
+        assert result.get("isError") is True
+        assert "github authentication failed" in result["content"][0]["text"]
+
+    @pytest.mark.asyncio
+    async def test_returns_success_on_successful_refresh(self):
+        """refresh_credentials_tool returns success message when credentials refresh succeeds."""
+        from ambient_runner.bridges.claude.tools import create_refresh_credentials_tool
+
+        mock_context = MagicMock()
+        tool_fn = create_refresh_credentials_tool(mock_context, self._make_tool_decorator())
+
+        with patch(
+            "ambient_runner.platform.auth.populate_runtime_credentials",
+            new_callable=AsyncMock,
+        ), patch(
+            "ambient_runner.platform.utils.get_active_integrations",
+            return_value=["github", "jira"],
+        ):
+            result = await tool_fn({})
+
+        assert result.get("isError") is None or result.get("isError") is False
+        assert "successfully" in result["content"][0]["text"].lower()

Original file line number	Diff line number	Diff line change
`@@ -81,13 +81,13 @@ async def refresh_credentials_tool(args: dict) -> dict:`
`81`	`81`	`}`
`82`	`82`	`]`
`83`	`83`	`}`
`84`		`- except Exception:`
	`84`	`+ except Exception as exc:`
`85`	`85`	`logger.error("Credential refresh failed", exc_info=True)`
`86`	`86`	`return {`
`87`	`87`	`"content": [`
`88`	`88`	`{`
`89`	`89`	`"type": "text",`
`90`		`- "text": "Credential refresh failed. Check runner logs for details.",`
	`90`	`+ "text": f"Credential refresh failed: {exc}",`
`91`	`91`	`}`
`92`	`92`	`],`
`93`	`93`	`"isError": True,`