Why
PR #1599 (#1592) added 401-handling in _refresh_token (src/gaia/connectors/tokens.py, ~lines 214–216) that parses the OAuth error payload with a broad swallow:
try:
err_payload = response.json()
except Exception:
err_payload = {}This violates CLAUDE.md's "No Silent Fallbacks" rule (a handler that discards the error and returns a placeholder). If response.json() raises something unexpected (e.g. an AttributeError on a mock, or a non-JSON body throwing something other than a decode error), the payload silently collapses to {} and the user-facing message at tokens.py:231 always reports invalid_client — hiding the real cause.
Flagged in the PR #1599 review (github-actions bot) but the PR merged before it was addressed, so the violation is now in main.
Fix
Narrow the handler — httpx's .json() only raises json.JSONDecodeError (a ValueError subclass) on a malformed body, so this is sufficient and lets any genuine programming error surface:
try:
err_payload = response.json()
except (ValueError, json.JSONDecodeError):
err_payload = {}(Confirm json is imported in tokens.py.)
Related
Why
PR #1599 (#1592) added 401-handling in
_refresh_token(src/gaia/connectors/tokens.py, ~lines 214–216) that parses the OAuth error payload with a broad swallow:This violates CLAUDE.md's "No Silent Fallbacks" rule (a handler that discards the error and returns a placeholder). If
response.json()raises something unexpected (e.g. anAttributeErroron a mock, or a non-JSON body throwing something other than a decode error), the payload silently collapses to{}and the user-facing message attokens.py:231always reportsinvalid_client— hiding the real cause.Flagged in the PR #1599 review (github-actions bot) but the PR merged before it was addressed, so the violation is now in
main.Fix
Narrow the handler —
httpx's.json()only raisesjson.JSONDecodeError(aValueErrorsubclass) on a malformed body, so this is sufficient and lets any genuine programming error surface:(Confirm
jsonis imported intokens.py.)Related