[Bug]: Feishu embedded agent returns HTTP 401 "Invalid token" to user instead of retrying with refreshed token

[lokamir]

Bug type

Behavior bug (incorrect output/state without crash)

Beta release blocker

No

Summary

Feishu embedded agent returns raw HTTP 401 "Invalid token" error to user instead of retrying with refreshed token

Steps to reproduce

1.Configure Feishu as a messaging channel with model routing through AutoGLM proxy (zai provider)
2.Wait for the model API's JWT token to expire (or start a new session when the token is near expiry)
3.Send any message from the Feishu client
4.The bot replies with "HTTP 401: Invalid token"

Expected behavior

The embedded agent should detect the 401, trigger a token refresh, and retry the request. At minimum, it should not surface the raw HTTP error message to the end user.

Actual behavior

The 401 error is passed directly as the reply text to the Feishu user. Logs show the token refresh (config reload) occurs after the error has already been returned. The webchat session recovers after refresh, but the Feishu embedded agent continues to fail intermittently on subsequent requests.

[feishu] received message from ou_cb34... (p2p)
[feishu] dispatching to agent (session=agent:main:feishu:direct:ou_cb34...)
[pi-ai] request POST .../chat/completions status=401
[agent/embedded] embedded run agent end: isError=true error=HTTP 401: "Invalid token"
[feishu] dispatch complete (queuedFinal=true, replies=1)
[reload] config change detected; evaluating reload (models.providers.zai.models)
[reload] config change applied

OpenClaw version

2026.2.25

Operating system

Windows 10 (x64)

Install method

No response

Model

pony-alpha-2 (GLM-5-Turbo)

Provider / routing chain

zai → autoglm-api.zhipuai.cn/autoclaw-proxy/proxy/autoclaw

Additional provider/model setup details

No response

Logs, screenshots, and evidence

Impact and severity

No response

Additional information

No response

[openclaw-barnacle]

This issue has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve. Reviewed May 24, 2026, 1:54 PM ET / 17:54 UTC.

Summary
Keep open: current main still routes the reported plain HTTP 401 invalid-token shape through raw HTTP formatting, and the active linked PR for the narrow user-facing copy fix is still open. The broader retry-after-refresh behavior remains a provider-runtime-auth design question because Z.AI registers API-key auth and usage hooks but no runtime-auth preparation hook.

Reproducibility: yes. for the narrow source path: current main routes plain status-prefixed HTTP 401 invalid-token text through raw HTTP formatting. No live Feishu/Z.AI expired-token session was reproduced in this read-only pass.

Next step
Do not queue a new repair lane while the linked PR owns the narrow masking fix and the full refresh/retry behavior needs maintainer provider-boundary judgment.

Review details

Best possible solution:

Land or revise the linked scoped formatter fix for the raw user-visible 401, then handle automatic Z.AI/AutoGLM refresh-and-retry as a separate provider-owned runtime-auth design if maintainers want it.

Do we have a high-confidence way to reproduce the issue?

Yes for the narrow source path: current main routes plain status-prefixed HTTP 401 invalid-token text through raw HTTP formatting. No live Feishu/Z.AI expired-token session was reproduced in this read-only pass.

Is this the best way to solve the issue?

Unclear for the full retry request because it crosses provider runtime-auth ownership; the linked PR is the narrow maintainable fix for the already-defined raw-error leak.

Remaining risk / open question:

• The narrow raw-error masking fix is still in an open, merge-conflicting PR and is not on current main or the latest shipped release.
• The full retry-after-refresh behavior depends on whether Z.AI/AutoGLM should get provider-owned runtime-auth token exchange rather than a generic core retry path.
• No live Feishu plus expired Z.AI/AutoGLM token session was reproduced in this read-only review; the current failure proof is source-level.

Codex review notes: model gpt-5.5, reasoning high; reviewed against ad71a998ff94.

Label changes

Label justifications:

• P2: This is a bounded user-visible auth/provider error-handling bug with an active small fix path and limited blast radius.
• impact:auth-provider: The reported failure is caused by provider token expiry or invalid-token handling in model routing.

Evidence reviewed

Acceptance criteria:

• node scripts/run-vitest.mjs src/agents/pi-embedded-helpers.formatassistanterrortext.test.ts
• Focused source review of src/agents/pi-embedded-runner/run/auth-controller.ts and extensions/zai/index.ts before any retry behavior change

What I checked:

• Current main lacks a plain invalid-token runtime failure kind: ProviderRuntimeFailureKind includes auth scope, refresh, HTML auth, replay, schema, timeout, and related kinds, but no plain HTTP 401 invalid-token kind on current main. (src/agents/pi-embedded-helpers/errors.ts:256, ad71a998ff94)
• Current classifier drops generic auth-classified 401s back to unclassified: classifyProviderRuntimeFailureKind reuses classifyFailoverSignal, but only maps rate-limit and timeout/overloaded reasons from that result; a generic auth-classified 401 has no safe-copy branch here. (src/agents/pi-embedded-helpers/errors.ts:982, ad71a998ff94)
• Current formatter preserves likely HTTP error text: After existing friendly branches, likely HTTP errors are sent to formatRawAssistantErrorForUi, whose status-prefix handling returns HTTP <code>: <rest> for non-JSON text. (src/agents/pi-embedded-helpers/errors.ts:1194, ad71a998ff94)
• Runtime auth refresh exists only when a provider prepared runtime auth: The embedded auth controller retries auth failures only when runtime auth state exists, and that state is populated from prepareProviderRuntimeAuth; Z.AI's provider registration has API-key auth and usage hooks but no prepareRuntimeAuth hook. (src/agents/pi-embedded-runner/run/auth-controller.ts:546, ad71a998ff94)
• Provider contract points token exchange to provider-owned hooks: The plugin contract documents prepareRuntimeAuth as the hook for exchanging a configured credential into a runtime token/key just before inference. (src/plugins/types.ts:1504, ad71a998ff94)
• Linked implementation PR is still open: Live PR metadata shows fix(agents): sanitize raw HTTP 401 provider errors in user-visible replies (#56197) #77394 is open, non-draft, currently CONFLICTING, and scoped to adding auth_invalid_token, safe copy, tests, and changelog. (1a5dffdd5953)

Likely related people:

• jeffrey701: Authored the open linked PR that adds auth_invalid_token, safe user-facing copy, regression tests, and changelog text for this issue. (role: active linked fix author; confidence: high; commits: 45f46749a451, 1a5dffdd5953; files: src/agents/pi-embedded-helpers/errors.ts, src/agents/pi-embedded-helpers.formatassistanterrortext.test.ts, CHANGELOG.md)
• vincentkoc: Recent and historical commits split the assistant error-formatting seam, extracted the user-facing sanitizer, and touched adjacent auth-refresh classifier behavior. (role: shared formatter area contributor; confidence: high; commits: 397b0d85f571, 35664d5447a4, 3485a907d13f; files: src/agents/pi-embedded-helpers/errors.ts, src/shared/assistant-error-format.ts, src/agents/pi-embedded-helpers/sanitize-user-facing-text.ts)
• stainlu: Added nearby HTML provider error-page classification and formatter tests in the same runtime-failure classification area. (role: adjacent provider-error classifier contributor; confidence: high; commits: e588e904a744; files: src/agents/pi-embedded-helpers/errors.ts, src/agents/pi-embedded-helpers.formatassistanterrortext.test.ts, src/agents/pi-embedded-helpers/provider-error-patterns.test.ts)
• dallylee: Added replay-invalid 401 classification and tests whose precedence any invalid-token branch must preserve. (role: adjacent 401 classifier contributor; confidence: medium; commits: bd7418d4e91f; files: src/agents/pi-embedded-helpers/errors.ts, src/agents/pi-embedded-helpers.formatassistanterrortext.test.ts, src/agents/pi-embedded-helpers.isbillingerrormessage.test.ts)
• steipete: Split the embedded-run auth controller and has recent work in adjacent failover/auth classification surfaces relevant to retry-after-refresh design. (role: runtime auth boundary contributor; confidence: medium; commits: 18dc98b00e43, 936c02e22c98, 0e586bb48a31; files: src/agents/pi-embedded-runner/run/auth-controller.ts, src/agents/pi-embedded-helpers/errors.ts, src/agents/pi-embedded-helpers.isbillingerrormessage.test.ts)

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.