fix(providers): replace dead 'netclaw provider fix' references in Copilot

Aaronontheweb · Aaronontheweb · commit 988e4c2da36e · 2026-05-20T02:13:09.000Z
The 'provider fix' subcommand was referenced in three Copilot error
messages and the OpenSpec but was never implemented in ProviderCommand.cs.
Users hitting an expired OAuth token would have been directed to a
command that doesn't exist.

Rewrite all sites to the working 'provider remove' + 'provider add'
workflow that's already implemented. Updates the matching unit test
assertion.

Out of scope: the same dead reference exists in OpenAI Codex paths
(OpenAiProviderPlugin, OpenAiDescriptor). Tracking separately.
diff --git a/openspec/changes/add-github-copilot-provider/specs/netclaw-model-providers/spec.md b/openspec/changes/add-github-copilot-provider/specs/netclaw-model-providers/spec.md
@@ -105,7 +105,8 @@ credential on the operator's behalf.
 - **AND** the endpoint returns `401 Unauthorized`
 - **THEN** the system SHALL raise an authentication-expired error
   identifying the provider entry by name
-- **AND** the remediation message SHALL direct the operator to run
-  `netclaw provider fix <name>` (or equivalent) to re-run the device flow
+- **AND** the remediation message SHALL direct the operator to remove
+  the entry (`netclaw provider remove <name>`) and re-run the device
+  flow (`netclaw provider add <name> github-copilot --auth oauth-device`)
 - **AND** the stored OAuth token SHALL remain in the secrets store
   unchanged so the operator retains visibility into the failing credential
diff --git a/src/Netclaw.Daemon.Tests/Providers/GitHubCopilot/GitHubCopilotDescriptorTests.cs b/src/Netclaw.Daemon.Tests/Providers/GitHubCopilot/GitHubCopilotDescriptorTests.cs
@@ -142,7 +142,8 @@ public async Task Probe_AuthExpired_ReturnsFailWithReauthGuidance()
 
         Assert.False(result.Success);
         Assert.Contains("expired", result.ErrorMessage, StringComparison.OrdinalIgnoreCase);
-        Assert.Contains("provider fix", result.ErrorMessage);
+        Assert.Contains("provider remove", result.ErrorMessage);
+        Assert.Contains("provider add", result.ErrorMessage);
         Assert.Empty(result.Models);
     }
 
diff --git a/src/Netclaw.Providers/GitHubCopilot/CopilotAuthExpiredException.cs b/src/Netclaw.Providers/GitHubCopilot/CopilotAuthExpiredException.cs
@@ -9,12 +9,15 @@ namespace Netclaw.Providers.GitHubCopilot;
 /// Thrown when the GitHub OAuth token presented to
 /// <c>/copilot_internal/v2/token</c> is rejected with HTTP 401.
 /// The stored OAuth token is left intact — the operator must explicitly
-/// re-run the device flow via <c>netclaw provider fix &lt;name&gt;</c>.
+/// re-run the device flow by removing and re-adding the provider entry
+/// (<c>netclaw provider remove &lt;name&gt;</c> followed by
+/// <c>netclaw provider add &lt;name&gt; github-copilot --auth oauth-device</c>).
 /// </summary>
 public sealed class CopilotAuthExpiredException : Exception
 {
     public CopilotAuthExpiredException()
-        : base("GitHub Copilot authorization expired. Run 'netclaw provider fix <name>' to re-authenticate.")
+        : base("GitHub Copilot authorization expired. Run 'netclaw provider remove <name>' "
+            + "then 'netclaw provider add <name> github-copilot --auth oauth-device' to re-authenticate.")
     {
     }
 }
diff --git a/src/Netclaw.Providers/GitHubCopilot/CopilotTokenExchanger.cs b/src/Netclaw.Providers/GitHubCopilot/CopilotTokenExchanger.cs
@@ -51,7 +51,7 @@ public async Task<string> GetTokenAsync(
         ProviderEntry entry, CancellationToken ct = default)
     {
         var oauthToken = entry.OAuthAccessToken.RequireValid(
-            "GitHub OAuth access token (run 'netclaw provider fix <name>')");
+            "GitHub OAuth access token (re-run 'netclaw provider add <name> github-copilot --auth oauth-device')");
 
         var cacheKey = HashKey(oauthToken.Value);
         var now = time.GetUtcNow();
diff --git a/src/Netclaw.Providers/GitHubCopilot/GitHubCopilotDescriptor.cs b/src/Netclaw.Providers/GitHubCopilot/GitHubCopilotDescriptor.cs
@@ -55,7 +55,7 @@ public async Task<ProviderProbeResult> ProbeAsync(
         {
             return new ProviderProbeResult(false,
                 "GitHub OAuth token is required. Run "
-                + "'netclaw provider add <name> --type github-copilot' to authenticate.",
+                + "'netclaw provider add <name> github-copilot --auth oauth-device' to authenticate.",
                 []);
         }
 
@@ -67,8 +67,9 @@ public async Task<ProviderProbeResult> ProbeAsync(
         catch (CopilotAuthExpiredException)
         {
             return new ProviderProbeResult(false,
-                "GitHub Copilot authorization expired. Re-authenticate with "
-                + "'netclaw provider fix <name>'.",
+                "GitHub Copilot authorization expired. Re-authenticate by running "
+                + "'netclaw provider remove <name>' then "
+                + "'netclaw provider add <name> github-copilot --auth oauth-device'.",
                 []);
         }
         catch (HttpRequestException ex)

Original file line number	Diff line number	Diff line change
`@@ -142,7 +142,8 @@ public async Task Probe_AuthExpired_ReturnsFailWithReauthGuidance()`
`142`	`142`
`143`	`143`	`Assert.False(result.Success);`
`144`	`144`	`Assert.Contains("expired", result.ErrorMessage, StringComparison.OrdinalIgnoreCase);`
`145`		`- Assert.Contains("provider fix", result.ErrorMessage);`
	`145`	`+ Assert.Contains("provider remove", result.ErrorMessage);`
	`146`	`+ Assert.Contains("provider add", result.ErrorMessage);`
`146`	`147`	`Assert.Empty(result.Models);`
`147`	`148`	`}`
`148`	`149`
Original file line number	Diff line number	Diff line change
`@@ -9,12 +9,15 @@ namespace Netclaw.Providers.GitHubCopilot;`
`9`	`9`	`/// Thrown when the GitHub OAuth token presented to`
`10`	`10`	`/// <c>/copilot_internal/v2/token</c> is rejected with HTTP 401.`
`11`	`11`	`/// The stored OAuth token is left intact — the operator must explicitly`
`12`		`-/// re-run the device flow via <c>netclaw provider fix <name></c>.`
	`12`	`+/// re-run the device flow by removing and re-adding the provider entry`
	`13`	`+/// (<c>netclaw provider remove <name></c> followed by`
	`14`	`+/// <c>netclaw provider add <name> github-copilot --auth oauth-device</c>).`
`13`	`15`	`/// </summary>`
`14`	`16`	`public sealed class CopilotAuthExpiredException : Exception`
`15`	`17`	`{`
`16`	`18`	`public CopilotAuthExpiredException()`
`17`		`- : base("GitHub Copilot authorization expired. Run 'netclaw provider fix <name>' to re-authenticate.")`
	`19`	`+ : base("GitHub Copilot authorization expired. Run 'netclaw provider remove <name>' "`
	`20`	`+ + "then 'netclaw provider add <name> github-copilot --auth oauth-device' to re-authenticate.")`
`18`	`21`	`{`
`19`	`22`	`}`
`20`	`23`	`}`
Original file line number	Diff line number	Diff line change
`@@ -51,7 +51,7 @@ public async Task<string> GetTokenAsync(`
`51`	`51`	`ProviderEntry entry, CancellationToken ct = default)`
`52`	`52`	`{`
`53`	`53`	`var oauthToken = entry.OAuthAccessToken.RequireValid(`
`54`		`- "GitHub OAuth access token (run 'netclaw provider fix <name>')");`
	`54`	`+ "GitHub OAuth access token (re-run 'netclaw provider add <name> github-copilot --auth oauth-device')");`
`55`	`55`
`56`	`56`	`var cacheKey = HashKey(oauthToken.Value);`
`57`	`57`	`var now = time.GetUtcNow();`
Original file line number	Diff line number	Diff line change
`@@ -55,7 +55,7 @@ public async Task<ProviderProbeResult> ProbeAsync(`
`55`	`55`	`{`
`56`	`56`	`return new ProviderProbeResult(false,`
`57`	`57`	`"GitHub OAuth token is required. Run "`
`58`		`- + "'netclaw provider add <name> --type github-copilot' to authenticate.",`
	`58`	`+ + "'netclaw provider add <name> github-copilot --auth oauth-device' to authenticate.",`
`59`	`59`	`[]);`
`60`	`60`	`}`
`61`	`61`
`@@ -67,8 +67,9 @@ public async Task<ProviderProbeResult> ProbeAsync(`
`67`	`67`	`catch (CopilotAuthExpiredException)`
`68`	`68`	`{`
`69`	`69`	`return new ProviderProbeResult(false,`
`70`		`- "GitHub Copilot authorization expired. Re-authenticate with "`
`71`		`- + "'netclaw provider fix <name>'.",`
	`70`	`+ "GitHub Copilot authorization expired. Re-authenticate by running "`
	`71`	`+ + "'netclaw provider remove <name>' then "`
	`72`	`+ + "'netclaw provider add <name> github-copilot --auth oauth-device'.",`
`72`	`73`	`[]);`
`73`	`74`	`}`
`74`	`75`	`catch (HttpRequestException ex)`