fix: normalize proxy relay status codes to prevent upstream leaks

jpr5 · jpr5 · commit 1f7cdd487382 · 2026-05-09T08:21:45.000-07:00
Raw upstream HTTP status codes (429, 503, 401, etc.) were leaking
through to aimock clients in 5 recorder proxy relay paths, exposing
provider implementation details.

Normalize to 200 for success, 502 for errors — aimock is the gateway.
Fixture recording preserves the original upstream status for fidelity.

Paths fixed:
- recorder.ts non-SSE relay (writeHead with raw upstreamStatus)
- recorder.ts SSE streaming relay (res.statusCode passthrough)
- agui-recorder.ts success relay (exact 201/204 leak)
- agui-recorder.ts error relay (raw 401/429/503 passthrough)
- agui-recorder.ts timeout handler (implicit 200 instead of 502)

Add 5 new status normalization tests with fixture preservation
assertions, update 2 existing tests, fix test cleanup with awaited
server.close in try/finally.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,16 @@
 # @copilotkit/aimock
 
+## [Unreleased]
+
+### Fixed
+
+- **Drift tests passed vacuously with zero assertions** — the `shouldFail` guard silently skipped all `expect` calls when no critical diffs were found, so broken extraction logic or warning-level drift went completely undetected. Replaced every guarded assertion across all 21 drift test files (89 instances) with unconditional `expect(diffs.filter(...)).toEqual([])`
+- **Proxy relay leaked raw upstream HTTP status codes** — 5 recorder relay paths in `recorder.ts` and `agui-recorder.ts` forwarded raw upstream codes (429, 503, 401, 201, etc.) to aimock clients, exposing provider implementation details. Normalized to 200 for success and 502 for errors; fixture recording preserves the original status for fidelity
+
+### Added
+
+- **Status code normalization tests** — 5 tests verifying proxy relay normalization (201→200, 429→502, 503→502, 401→502, SSE 429→502) with fixture preservation assertions; 2 existing tests updated to expect normalized 502
+
 ## [1.19.5] - 2026-05-09
 
 ### Fixed
diff --git a/src/__tests__/recorder.test.ts b/src/__tests__/recorder.test.ts
@@ -1199,9 +1199,10 @@ describe("recorder edge cases", () => {
       messages: [{ role: "user", content: "trigger error" }],
     });
 
-    expect(resp.status).toBe(500);
+    // Proxy relay normalizes upstream errors to 502 (Bad Gateway)
+    expect(resp.status).toBe(502);
 
-    // Fixture file created with error response
+    // Fixture file created with error response — preserves real upstream status
     const files = fs.readdirSync(tmpDir);
     const fixtureFiles = files.filter((f) => f.endsWith(".json"));
     expect(fixtureFiles).toHaveLength(1);
@@ -1217,6 +1218,7 @@ describe("recorder edge cases", () => {
     expect(savedResponse.status).toBe(500);
 
     // Replay: second identical request matches the recorded error fixture
+    // (served by aimock's fixture serving logic, which uses the fixture's status field)
     const resp2 = await post(`${recorder.url}/v1/chat/completions`, {
       model: "gpt-4",
       messages: [{ role: "user", content: "trigger error" }],
@@ -2258,6 +2260,183 @@ describe("recorder upstream connection failure", () => {
   });
 });
 
+// ---------------------------------------------------------------------------
+// Status code normalization — proxy relay normalizes upstream codes
+// ---------------------------------------------------------------------------
+
+describe("recorder status code normalization", () => {
+  it("normalizes upstream 201 to 200 for non-SSE responses", async () => {
+    // Create a raw upstream that returns 201 (e.g. Anthropic messages API)
+    const rawServer = http.createServer((_req, res) => {
+      res.writeHead(201, { "Content-Type": "application/json" });
+      res.end(
+        JSON.stringify({
+          content: [{ type: "text", text: "created response" }],
+          model: "claude-3",
+          role: "assistant",
+        }),
+      );
+    });
+    await new Promise<void>((resolve) => rawServer.listen(0, "127.0.0.1", resolve));
+    const rawAddr = rawServer.address() as { port: number };
+    const rawUrl = `http://127.0.0.1:${rawAddr.port}`;
+
+    try {
+      tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "aimock-record-"));
+      recorder = await createServer([], {
+        port: 0,
+        record: { providers: { anthropic: rawUrl }, fixturePath: tmpDir },
+      });
+
+      const resp = await post(`${recorder.url}/v1/messages`, {
+        model: "claude-3",
+        messages: [{ role: "user", content: "hello 201" }],
+        max_tokens: 100,
+      });
+
+      // Client sees 200, not 201
+      expect(resp.status).toBe(200);
+    } finally {
+      await new Promise<void>((r) => rawServer.close(() => r()));
+    }
+  });
+
+  it("normalizes upstream 429 to 502 for non-SSE responses", async () => {
+    const rawServer = http.createServer((_req, res) => {
+      res.writeHead(429, { "Content-Type": "application/json" });
+      res.end(
+        JSON.stringify({
+          error: { message: "Rate limited", type: "rate_limit_error" },
+        }),
+      );
+    });
+    await new Promise<void>((resolve) => rawServer.listen(0, "127.0.0.1", resolve));
+    const rawAddr = rawServer.address() as { port: number };
+    const rawUrl = `http://127.0.0.1:${rawAddr.port}`;
+
+    try {
+      tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "aimock-record-"));
+      recorder = await createServer([], {
+        port: 0,
+        record: { providers: { openai: rawUrl }, fixturePath: tmpDir },
+      });
+
+      const resp = await post(`${recorder.url}/v1/chat/completions`, {
+        model: "gpt-4",
+        messages: [{ role: "user", content: "rate limit me" }],
+      });
+
+      // Client sees 502, not 429
+      expect(resp.status).toBe(502);
+
+      // Fixture preserves the real upstream 429 status
+      const files = fs.readdirSync(tmpDir);
+      const fixtureFiles = files.filter((f) => f.endsWith(".json"));
+      expect(fixtureFiles).toHaveLength(1);
+      const fixtureContent = JSON.parse(
+        fs.readFileSync(path.join(tmpDir, fixtureFiles[0]), "utf-8"),
+      );
+      expect(fixtureContent.fixtures[0].response.status).toBe(429);
+    } finally {
+      await new Promise<void>((r) => rawServer.close(() => r()));
+    }
+  });
+
+  it("normalizes upstream 503 to 502 for non-SSE responses", async () => {
+    const rawServer = http.createServer((_req, res) => {
+      res.writeHead(503, { "Content-Type": "application/json" });
+      res.end(
+        JSON.stringify({
+          error: { message: "Service unavailable", type: "server_error" },
+        }),
+      );
+    });
+    await new Promise<void>((resolve) => rawServer.listen(0, "127.0.0.1", resolve));
+    const rawAddr = rawServer.address() as { port: number };
+    const rawUrl = `http://127.0.0.1:${rawAddr.port}`;
+
+    try {
+      tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "aimock-record-"));
+      recorder = await createServer([], {
+        port: 0,
+        record: { providers: { openai: rawUrl }, fixturePath: tmpDir },
+      });
+
+      const resp = await post(`${recorder.url}/v1/chat/completions`, {
+        model: "gpt-4",
+        messages: [{ role: "user", content: "service unavailable" }],
+      });
+
+      // Client sees 502, not 503
+      expect(resp.status).toBe(502);
+    } finally {
+      await new Promise<void>((r) => rawServer.close(() => r()));
+    }
+  });
+
+  it("normalizes upstream 401 to 502 for non-SSE responses", async () => {
+    const rawServer = http.createServer((_req, res) => {
+      res.writeHead(401, { "Content-Type": "application/json" });
+      res.end(
+        JSON.stringify({
+          error: { message: "Invalid API key", type: "authentication_error" },
+        }),
+      );
+    });
+    await new Promise<void>((resolve) => rawServer.listen(0, "127.0.0.1", resolve));
+    const rawAddr = rawServer.address() as { port: number };
+    const rawUrl = `http://127.0.0.1:${rawAddr.port}`;
+
+    try {
+      tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "aimock-record-"));
+      recorder = await createServer([], {
+        port: 0,
+        record: { providers: { openai: rawUrl }, fixturePath: tmpDir },
+      });
+
+      const resp = await post(`${recorder.url}/v1/chat/completions`, {
+        model: "gpt-4",
+        messages: [{ role: "user", content: "bad auth" }],
+      });
+
+      // Client sees 502, not 401
+      expect(resp.status).toBe(502);
+    } finally {
+      await new Promise<void>((r) => rawServer.close(() => r()));
+    }
+  });
+
+  it("normalizes SSE streaming upstream errors to 502", async () => {
+    // Upstream returns 429 with SSE content-type
+    const rawServer = http.createServer((_req, res) => {
+      res.writeHead(429, { "Content-Type": "text/event-stream" });
+      res.end("data: rate limited\n\n");
+    });
+    await new Promise<void>((resolve) => rawServer.listen(0, "127.0.0.1", resolve));
+    const rawAddr = rawServer.address() as { port: number };
+    const rawUrl = `http://127.0.0.1:${rawAddr.port}`;
+
+    try {
+      tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "aimock-record-"));
+      recorder = await createServer([], {
+        port: 0,
+        record: { providers: { openai: rawUrl }, fixturePath: tmpDir },
+      });
+
+      const resp = await post(`${recorder.url}/v1/chat/completions`, {
+        model: "gpt-4",
+        messages: [{ role: "user", content: "sse rate limit" }],
+        stream: true,
+      });
+
+      // Client sees 502, not 429 — even for SSE content-type
+      expect(resp.status).toBe(502);
+    } finally {
+      await new Promise<void>((r) => rawServer.close(() => r()));
+    }
+  });
+});
+
 // ---------------------------------------------------------------------------
 // Filesystem write failure — response still relayed
 // ---------------------------------------------------------------------------
@@ -3204,12 +3383,14 @@ describe("buildFixtureResponse format detection", () => {
       messages: [{ role: "user", content: "rate limit test" }],
     });
 
-    expect(resp.status).toBe(429);
+    // Proxy relay normalizes upstream errors to 502 (Bad Gateway)
+    expect(resp.status).toBe(502);
 
     const files = fs.readdirSync(tmpDir);
     const fixtureFiles = files.filter((f) => f.endsWith(".json"));
     expect(fixtureFiles).toHaveLength(1);
 
+    // Fixture preserves real upstream status for fidelity
     const fixtureContent = JSON.parse(
       fs.readFileSync(path.join(tmpDir, fixtureFiles[0]), "utf-8"),
     ) as {
diff --git a/src/agui-recorder.ts b/src/agui-recorder.ts
@@ -115,17 +115,22 @@ function teeUpstreamStream(
       (upstreamRes) => {
         const upstreamStatus = upstreamRes.statusCode ?? 200;
 
-        // Set appropriate headers on the client response
+        // Normalize status codes: aimock acts as a gateway, so upstream
+        // provider details (429, 503, etc.) should not leak.
+        // Successes → 200, errors → 502 (Bad Gateway).
+        const clientStatus = upstreamStatus >= 200 && upstreamStatus < 300 ? 200 : 502;
+
+        // Set appropriate headers on the client response.
         if (!clientRes.headersSent) {
-          if (upstreamStatus >= 200 && upstreamStatus < 300) {
-            clientRes.writeHead(upstreamStatus, {
+          if (clientStatus === 200) {
+            clientRes.writeHead(200, {
               "Content-Type": "text/event-stream",
               "Cache-Control": "no-cache",
               Connection: "keep-alive",
             });
           } else {
             const ct = upstreamRes.headers["content-type"] || "application/json";
-            clientRes.writeHead(upstreamStatus, { "Content-Type": ct });
+            clientRes.writeHead(502, { "Content-Type": ct });
           }
         }
 
@@ -218,13 +223,12 @@ function teeUpstreamStream(
             logger.info("Proxied AG-UI request (proxy-only mode)");
           }
 
-          resolve(upstreamStatus);
+          resolve(clientStatus);
         });
       },
     );
 
     upstreamReq.on("timeout", () => {
-      if (!clientRes.writableEnded) clientRes.end();
       upstreamReq.destroy(
         new Error(`Upstream AG-UI request timed out after ${UPSTREAM_TIMEOUT_MS / 1000}s`),
       );
diff --git a/src/recorder.ts b/src/recorder.ts
@@ -455,7 +455,11 @@ export async function proxyAndRecord(
     if (ctString) {
       relayHeaders["Content-Type"] = ctString;
     }
-    res.writeHead(upstreamStatus, relayHeaders);
+    // Normalize status codes for the client: aimock acts as a gateway, so
+    // upstream provider details (429 rate-limits, 503 outages, etc.) should
+    // not leak. Successes → 200, errors → 502 (Bad Gateway).
+    const clientStatus = upstreamStatus >= 200 && upstreamStatus < 300 ? 200 : 502;
+    res.writeHead(clientStatus, relayHeaders);
     const isAudioRelay = ctString.toLowerCase().startsWith("audio/");
     res.end(isBinaryStream || isAudioRelay ? rawBuffer : upstreamBody);
   }
@@ -511,7 +515,12 @@ function makeUpstreamRequest(
         if (isSSE && clientRes && !clientRes.headersSent) {
           const relayHeaders: Record<string, string> = {};
           if (ctStr) relayHeaders["Content-Type"] = ctStr;
-          clientRes.writeHead(res.statusCode ?? 200, relayHeaders);
+          // Normalize status codes for the client: aimock acts as a gateway,
+          // so upstream provider details should not leak.
+          // Successes → 200, errors → 502 (Bad Gateway).
+          const rawStatus = res.statusCode ?? 200;
+          const clientStatus = rawStatus >= 200 && rawStatus < 300 ? 200 : 502;
+          clientRes.writeHead(clientStatus, relayHeaders);
           // Flush headers immediately so the client starts parsing frames
           // before the first data chunk arrives.
           if (typeof clientRes.flushHeaders === "function") clientRes.flushHeaders();
