fix(anthropic): restore OAuth guard in service-tier stream wrappers#60356
Merged
Conversation
Contributor
Greptile SummaryThis PR restores the
Confidence Score: 5/5Safe to merge — minimal, targeted bug fix restoring a previously-present guard with no behavioral side effects outside OAuth token users. The production change is two identical one-line additions using an already-tested, already-imported helper. The fix is a strict restoration of documented prior behavior (v2026.3.24 line 365), the guard is safe for non-OAuth callers (the isAnthropicOAuthApiKey check returns false for all non-OAuth keys, leaving existing behavior unchanged), and 6 new tests verify the new paths. The only gap is minor test coverage asymmetry in createAnthropicServiceTierWrapper. No files require special attention; both changed files are straightforward. Prompt To Fix All With AIThis is a comment left during a code review.
Path: extensions/anthropic/stream-wrappers.test.ts
Line: 109-148
Comment:
**Missing test coverage for `createAnthropicServiceTierWrapper`**
The `createAnthropicFastModeWrapper` suite has 4 test cases (OAuth skip, regular key injects `auto`, regular key injects `standard_only` when disabled, and non-Anthropic provider skip). The `createAnthropicServiceTierWrapper` suite only has 2 (OAuth skip and regular key injects `auto`), leaving two analogous cases unverified:
1. `serviceTier: "standard_only"` with a regular API key — confirms the explicit `standard_only` value passes through.
2. Non-Anthropic provider — mirrors the `createAnthropicFastModeWrapper` coverage and is cheap to add.
Not a blocking issue, but the asymmetry means a future regression in those two code paths would go undetected by these tests.
How can I resolve this? If you propose a fix, please make it concise.Reviews (1): Last reviewed commit: "fix(anthropic): restore OAuth guard in s..." | Re-trigger Greptile |
06a7c82 to
e305e25
Compare
|
Affected user here running OpenClaw 2026.4.1 as a Discord gateway (24/7 headless). This regression breaks both OAuth tokens AND standard API keys (
I have $200+ in Anthropic extra usage credits that are completely unusable until this merges. Currently forced to route through OpenRouter as a workaround (which adds a 5.5% fee and an extra trust boundary). The fix in this PR looks correct — restoring the |
e305e25 to
577befe
Compare
Member
Author
|
Just force-pushed a rebased fix onto the latest main — the original patch no longer applied cleanly after the recent refactor. |
3dfb5c2 to
a9e6a78
Compare
a9e6a78 to
7d58bef
Compare
Contributor
|
Merged via squash.
Thanks @openperf! |
justuseapen
added a commit
to justuseapen/else-core
that referenced
this pull request
Apr 6, 2026
* refactor: dedupe discord native command auth * docs: add discord native command changelog note * fix(video): queue fal provider jobs * feat(agents): track video generation tasks * fix(discord): short-circuit bound thread self-loop drops * refactor: harden plugin metadata and bundled channel entry seams * test: fold xai extra params coverage into hot lane * fix: ignore unsupported image generation overrides * docs: document channel persisted auth metadata * test(live): prefer google models over big-pickle * Lobster: run workflows in process (openclaw#61523) * Lobster: run workflows in process * docs: note in-process lobster runtime * docs: add lobster changelog attribution * Lobster: add managed TaskFlow mode (openclaw#61555) * test: split inline provider model coverage * docs: update Lobster in-process mode and REM preview tooling * test: speed up nodes camera coverage * fix: defer plugin sync after git switch * test: optimize macos release-to-dev smoke lane * fix(openai): avoid em dashes in gpt-5 overlay (openclaw#61560) * feat(agents): detach video generation completion * feat(video): add runway provider * docs(video): document runway support * fix: clarify dirty dev update error * fix: ignore unsupported video generation overrides * refactor: add metadata-first channel configured-state probes * fix(video): guard active async generation tasks * docs(providers): surface new video provider pages * feat(qa): add live suite runner and harness * feat(qa): improve qa lab debugger ui * fix: restore pnpm check type safety * test: trim slow agent web and lifecycle coverage * fix: restore green checks * fix(qa): stop embedded control ui reload loop * test: reset guest git root before dev update * test: speed up openai tool id preservation replay coverage * fix: restore qa lab config typing * matrix: align bundled channel metadata * docs: note Matrix persisted auth detection * docs: add changelog note for qa lab config fix * refactor(video): share async task status helpers * memory-core: checkpoint mode-first dreaming refactor * Dreaming: simplify sweep flow and add diary surface * docs: rewrite video generation docs for readability * docs(faq): add gpt-5.4 fast mode entry * feat(memory): add Bedrock embedding provider for memory search (openclaw#61547) * feat(memory): add Bedrock embedding provider for memory search Add Amazon Bedrock as a native embedding provider for memory search. Supports Titan Embed Text v1/v2 and Cohere Embed models via AWS SDK. - New embeddings-bedrock.ts: BedrockRuntimeClient + InvokeModel - Auth via AWS default credential chain (same as Bedrock inference) - Auto-selected in 'auto' mode when AWS credentials are detected - Titan V2: configurable dimensions (256/512/1024), normalization - Cohere: native batch support with search_query/search_document types - 16 new tests covering all model types, auth detection, edge cases Closes openclaw#26289 * fix(memory): harden bedrock embedding selection --------- Co-authored-by: Vincent Koc <vincentkoc@ieee.org> * docs(openai): clarify gpt-5.4 fast mode * test: speed up models config env provider coverage * test: speed up sanitize session history policy smoke * build: refresh lockfile for control ui deps * refactor: narrow bundled channel entry surfaces * test: speed up sanitize session history coverage * fix: skip old-process config writes after git switch * fix(update): bootstrap pnpm for dev preflight * fix(memory-qmd): restore qmd compatibility defaults * test: speed up image tool auth-heavy coverage * test: seed channel setup contract registry in helper tests * Dreaming: update multiphase stats and UI polish * test: add irc runtime api smoke coverage * feat(bedrock-mantle): add IAM credential auth via @aws/bedrock-token-… (openclaw#61563) * feat(bedrock-mantle): add IAM credential auth via @aws/bedrock-token-generator Mantle previously required a manually-created API key (AWS_BEARER_TOKEN_BEDROCK). This adds automatic bearer token generation from IAM credentials using the official @aws/bedrock-token-generator package. Auth priority: 1. Explicit AWS_BEARER_TOKEN_BEDROCK env var (manual API key from Console) 2. IAM credentials via getTokenProvider() → Bearer token (instance roles, SSO profiles, access keys, EKS IRSA, ECS task roles) Token is cached in memory (1hr TTL, generated with 2hr validity) and in process.env.AWS_BEARER_TOKEN_BEDROCK for downstream sync reads. Falls back gracefully when package is not installed or credentials are unavailable — Mantle provider simply not registered. Closes openclaw#45152 * fix(bedrock-mantle): harden IAM auth --------- Co-authored-by: Vincent Koc <vincentkoc@ieee.org> * refactor(update): extract package manager bootstrap logic * feat: add comfy workflow media support * fix: stabilize line and feishu ci shards * feat: add music generation tooling * chore: remove stray finder metadata * docs: document music generation async flow * fix(memory-qmd): streamline compatibility coverage * test: speed up dispatch-from-config thread fallback coverage * docs: improve music generation docs * docs: reorder changelog highlights * fix: skip stale post-switch update follow-ups * test: harden macos release-to-dev smoke verification * fix: route comfy music through shared tool * refactor: remove comfy music tool shim * Gateway: bound websocket shutdown close (openclaw#61565) Merged via squash. Prepared head SHA: 9040dd5 Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky * Docs: clarify Matrix quiet push rules * memory: chunk daily dreaming ingestion (openclaw#61583) Merged via squash. Prepared head SHA: 88816a0 Co-authored-by: mbelinky <17249097+mbelinky@users.noreply.github.com> Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky * fix: stop old cli after package-to-git switch * fix(gateway): accept music generation internal events * docs: update unreleased provider notes * fix(agents): keep large read tool results visible * feat: add vydra media provider * fix(agents): ignore unsupported music generation hints * fix(agents): preserve latest read output during compaction * docs: update changelog for read visibility fixes * test: fix current-main prep blockers (openclaw#61582) Merged via squash. Prepared head SHA: 49f7b12 Reviewed-by: @mbelinky * test: use explicit node entrypoint in macos update smoke * fix: exit after package-to-git handoff * fix: prune staged feishu sdk types from npm pack * fix(qa): harden new scenario suite * fix(agents): prefer overflow compaction for fresh reads * perf(auto-reply): lazy-load TTS helpers on demand * test(plugin-sdk): tighten ACP command dispatch guards * docs(web): clarify control ui language picker * test(auto-reply): split ACP and reply-dispatch regressions * memory: trim generic daily chunk headings (openclaw#61597) * memory: trim generic daily chunk headings * docs: tag dreaming heading cleanup changelog * docs: attribute dreaming heading cleanup changelog * fix(cli): narrow post-update root * fix(ui): localize control ui strings * Lobster: harden embedded runtime integration (openclaw#61566) Merged via squash. Prepared head SHA: a6f4830 Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky * fix(matrix): reuse raw default account key during onboarding promotion * fix: unblock comfy live plugin loading * fix(agents): extend subagent announce timeout * fix(agents): carry async media wake attachments structurally * fix(tasks): hide internal completion wake rows * test(auto-reply): isolate reply abort dispatch seams * test: fix reply dispatch mock contract * fix(ui): localize more control ui strings * fix: deliver async media generation results directly * perf(test): trim send-policy and abort hot paths * perf(agents): isolate subagent announce origin helper * fix(discord): raise default media cap * Matrix: recover from pinned dispatcher runtime failures (openclaw#61595) Merged via squash. Prepared head SHA: f9a2d9b Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com> Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com> Reviewed-by: @gumadeiras * fix: harden async media completion delivery * fix: gate async media direct delivery behind config * docs: add changelog note for async media delivery flag * perf(test): trim announce and sessions tool imports * fix: resolve global bundled plugin facade fallback (openclaw#61297) (thanks @openperf) * fix(gateway): resolve globally-installed bundled plugins in facade-runtime * fix: resolve global bundled plugin facade fallback (openclaw#61297) (thanks @openperf) --------- Co-authored-by: Ayaan Zaidi <hi@obviy.us> * chore: prepare 2026.4.6-beta.1 release * style: trim facade fallback comment noise * test: stabilize browser and provider ci shards * fix: restore latest-main ci gates * (chore): delete dream-diary-preview file * perf(test): trim runReplyAgent misc mock imports * fix(ci): harden control ui locale refresh rebases * Matrix: clear undici test override after transport test * chore(ui): refresh zh-CN control ui locale * chore(ui): refresh pt-BR control ui locale * chore(ui): refresh zh-TW control ui locale * chore(ui): refresh de control ui locale * fix: support corepack cmd shim on windows * test: add windows dev-update smoke lanes * chore(ui): refresh es control ui locale * chore(ui): refresh ja-JP control ui locale * chore(ui): refresh ko control ui locale * chore(ui): refresh fr control ui locale * test: capture windows npm debug tails in smoke logs * chore(ui): refresh tr control ui locale * chore(ui): refresh uk control ui locale * chore(ui): refresh id control ui locale * chore(ui): refresh pl control ui locale * fix: restore plugin boundary and ui locale ci gates * fix(ci): stabilize control ui locale checks * chore: release 2026.4.5 * perf(test): split subagent command coverage * fix(ci): patch main regression surfaces * fix: install bun in npm release preflight * test: fix subagent command result assertions * perf(test): split allowlist and models command coverage * fix(openai): allow qa image generation mock routing * feat(qa): execute ten new repo-backed scenarios * fix(matrix): harden startup auth bootstrap (openclaw#61383) Merged via squash. Prepared head SHA: d8011a9 Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com> Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com> Reviewed-by: @gumadeiras * Docs: clarify Matrix autoJoin invite scope * fix(discord): narrow binding runtime imports * fix: stabilize contract loader seams * test: tighten allowlist fixture typing * fix(qa): support image understanding inputs * feat(qa): add attachment understanding scenario * docs(matrix): clarify historyLimit default * feat(memory-wiki): restore llm wiki stack * chore: update appcast for 2026.4.5 * perf(test): split reply command coverage * perf(reply): lazy load compact runtime * refactor(reply): extract subagent text helper * style(reply): normalize subagent import order * fix: restore protocol and extension ci * chore: bump version to 2026.4.6 * fix(config): normalize channel streaming config shape (openclaw#61381) * feat(config): add canonical streaming config helpers * refactor(runtime): prefer canonical streaming accessors * feat(config): normalize preview channel streaming shape * test(config): lock streaming normalization followups * fix(config): polish streaming migration edges * chore(config): refresh streaming baseline hash * docs(memory): add promote-explain and rem-harness CLI reference * build: refresh pnpm lockfile * fix: stop emitting post-background exec updates (openclaw#61627) (thanks @openperf) * fix(exec ): stop emitting tool updates after session is backgrounded When an exec session is backgrounded (background: true), the owning agent run resolves its tool-call promise and may finish. The stdout handler's emitUpdate() closure, however, kept invoking opts.onUpdate(), delivering tool_execution_update events to a listener whose active run had already ended. This surfaced as an unhandled rejection and crashed the gateway process. Guard emitUpdate() with a session.backgrounded || session.exited check so that post-background output is still captured via appendOutput() but no longer forwarded to the (now-stale) agent-loop callback. Fixes openclaw#61592 * style: trim exec backgrounding comments * fix: stop emitting post-background exec updates (openclaw#61627) (thanks @openperf) * fix: place exec changelog entry at end of fixes (openclaw#61627) (thanks @openperf) --------- Co-authored-by: Ayaan Zaidi <hi@obviy.us> * test(memory-core): align dreaming expectations * test(memory-wiki): share plugin test helpers * test(memory-core): share workspace test helper * test(memory-core): reuse narrative workspace helper * test(plugin-sdk): share temp dir test helper * test(plugin-sdk): reuse temp dir helpers in facade tests * test(memory-core): reuse workspace helper in dreaming tests * perf(agents): add continuation-skip context injection (openclaw#61268) * test(agents): cover continuation bootstrap reuse * perf(agents): add continuation-skip context injection * docs(changelog): note context injection reuse * perf(agents): bound continuation bootstrap scan * fix(agents): require full bootstrap proof for continuation skip * fix(agents): decide continuation skip under lock * fix(commands): re-export subagent chat message type * fix(agents): clean continuation rebase leftovers * test(memory-core): reuse workspace helper in temp dir tests * docs: add contextInjection config key to reference * test(scripts): share temp dir helpers * test(scripts): reuse temp dir helpers in runtime tests * test(scripts): reuse temp dir helpers in repo fixtures * test(scripts): add async temp dir helper * fix: restore main ci type checks * test(root): reuse temp repo helper in clawhub release tests * test(root): clean up pre-commit temp repos * fix(matrix): pass deviceId through health probe to prevent storage-meta overwrite (openclaw#61317) (openclaw#61581) Merged via squash. Prepared head SHA: b0495dc Co-authored-by: MoerAI <26067127+MoerAI@users.noreply.github.com> Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com> Reviewed-by: @gumadeiras * test(root): share temp dir helper across root tests * test(root): reuse temp dir helper in scoped vitest config * test(root): reuse temp dir helper in launcher e2e * test(tooling): reuse temp dir helpers in script tests * test(unit): reuse temp dir helper in install-sh version tests * test: reset telegram dispatch mocks between cases * test(plugins): reuse tracked temp helpers in runtime staging tests * test(plugins): reuse tracked temp helpers in path resolution tests * test(plugins): reuse tracked temp helpers in fixture tests * test(plugins): share async temp helpers in marketplace tests * test(plugins): reuse tracked temp helpers in loader fixture tests * test(plugins): share suite temp root helper in install path tests * test(plugins): reuse suite temp root helper in install fixture tests * test(plugins): reuse tracked temp helpers in package contract tests * test(plugins): reuse suite temp helper in bundle contract test * test(infra): reuse shared temp dir helpers in small file tests * test(infra): reuse temp dir helper in utility file tests * test(infra): reuse temp dir helper in run-node tests * test(infra): reuse temp dir helpers in install source tests * test(infra): reuse temp dir helper in install path safety tests * perf(test): split reply command coverage * perf(test): trim subagent command imports * test: remove legacy commands monolith * test(infra): reuse temp dir helper in node path tests * test(infra): reuse temp dir helper in state and watch tests * test(infra): reuse temp dir helper in sentinel and provider tests * test(infra): share temp dir cleanup in git metadata tests * test(infra): share tracked temp dirs in apns tests * test(infra): reuse temp dir helper in fs safety tests * test(infra): reuse temp dir helper in update status tests * test(infra): share sync temp dir helper in approval tests * test(infra): share suite temp root tracker in infra tests * test(infra): reuse suite temp root tracker in update tests * test(infra): reuse suite temp root tracker in provider auth tests * test(infra): reuse suite temp root tracker in install tests * test(infra): reuse suite temp root tracker in startup checks * test(infra): reuse temp dir helper in global update tests * test(infra): reuse temp dir helper in clawhub tests * test(core): reuse shared temp dir helpers in utils tests * test(infra): reuse temp dir helper in node pairing tests * test(infra): reuse suite temp root tracker in device pairing tests * test(core): reuse shared temp dir helper in logger tests * test(e2e): reuse suite temp root tracker in docker setup tests * test(infra): reuse suite temp root tracker in session cost tests * test(config): reuse temp dir helper in config surface tests * test(config): reuse temp dir helper in disk budget tests * test(config): share session test fixture helper * test(config): reuse suite temp root tracker in session key normalization tests * test(config): reuse suite temp root tracker in store pruning integration tests * test(config): reuse shared temp dir helpers in sessions tests * test(config): reuse shared temp dir helper in store read tests * perf(test): split subagent command coverage * perf(test): trim secrets runtime coverage * perf(test): split extra params resolver coverage * fix(anthropic): restore OAuth guard in service-tier stream wrappers (openclaw#60356) Merged via squash. Prepared head SHA: 7d58bef Co-authored-by: openperf <80630709+openperf@users.noreply.github.com> Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com> Reviewed-by: @jalehman * perf(test): split extra params wrapper coverage * perf(secrets): trim runtime import walls * perf(test): split security audit coverage * refactor: dedupe plugin and outbound helpers * refactor: share gateway auth and approval helpers * refactor: share command config resolution * refactor: consolidate status reporting helpers * fix: resolve upstream sync conflicts (branding, firecrawl, lockfile) Resolve 7 merge conflicts from sync/upstream-2026-04-06 (v2026.4.5): - pnpm-lock.yaml: keep our platform-channel + upstream's qa-channel/qa-lab - app-render.ts: add upstream session-key imports, deduplicate agentLogoUrl - control-ui-bootstrap.ts: keep our branding (resolveUiBrand, title, agentId) - control-ui-bootstrap.test.ts: keep our test expectations + upstream null checks - schema.base.generated.ts: keep our Firecrawl + profile config entries - schema.labels.ts: keep our Firecrawl + profile labels Includes CVE-2026-33579 fix (callerScopes in /pair approve handler). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Peter Steinberger <steipete@gmail.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> Co-authored-by: Mariano <132747814+mbelinky@users.noreply.github.com> Co-authored-by: Vincent Koc <vincentkoc@ieee.org> Co-authored-by: Vignesh Natarajan <vignesh.natarajan92@gmail.com> Co-authored-by: wirjo <daniel@wirjo.com> Co-authored-by: Mariano <mbelinky@gmail.com> Co-authored-by: mbelinky <17249097+mbelinky@users.noreply.github.com> Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com> Co-authored-by: Chunyue Wang <80630709+openperf@users.noreply.github.com> Co-authored-by: Ayaan Zaidi <hi@obviy.us> Co-authored-by: Vignesh <mailvgnsh@gmail.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: ToToKr <friendnt@g.skku.edu> Co-authored-by: MoerAI <26067127+MoerAI@users.noreply.github.com> Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
1 task
lovewanwan
pushed a commit
to lovewanwan/openclaw
that referenced
this pull request
Apr 28, 2026
…penclaw#60356) Merged via squash. Prepared head SHA: 7d58bef Co-authored-by: openperf <80630709+openperf@users.noreply.github.com> Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com> Reviewed-by: @jalehman
ogt-redknie
pushed a commit
to ogt-redknie/OPENX
that referenced
this pull request
May 2, 2026
…penclaw#60356) Merged via squash. Prepared head SHA: 7d58bef Co-authored-by: openperf <80630709+openperf@users.noreply.github.com> Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com> Reviewed-by: @jalehman
github-actions Bot
pushed a commit
to Desicool/openclaw
that referenced
this pull request
May 9, 2026
…penclaw#60356) Merged via squash. Prepared head SHA: 7d58bef Co-authored-by: openperf <80630709+openperf@users.noreply.github.com> Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com> Reviewed-by: @jalehman
github-actions Bot
pushed a commit
to Desicool/openclaw
that referenced
this pull request
May 24, 2026
…penclaw#60356) Merged via squash. Prepared head SHA: 7d58bef Co-authored-by: openperf <80630709+openperf@users.noreply.github.com> Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com> Reviewed-by: @jalehman
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
sk-ant-oat*) receive HTTP 401 "OAuth authentication is currently not supported" on OpenClaw v2026.3.28+. The error occurs whenservice_tieris injected into the request payload for OAuth-authenticated requests.59c23de("refactor(anthropic): move stream wrappers into plugin") migrated the stream wrappers but dropped theisAnthropicOAuthApiKey(options?.apiKey)guard. The subsequent refactor inbe526d6("refactor: split provider stream sdk seams") introduced the newresolveAnthropicPayloadPolicyandstreamWithPayloadPatcharchitecture, but still did not restore the OAuth check. As a result,service_tieris injected via the payload patch for OAuth requests, and Anthropic's API rejects the combination with HTTP 401.isAnthropicOAuthApiKey(options?.apiKey)guard at the beginning of the return closures in bothcreateAnthropicFastModeWrapperandcreateAnthropicServiceTierWrapper. When the guard matches, the wrapper returns the underlying stream directly, bypassing theresolveAnthropicPayloadPolicyevaluation and payload patching. This is the exact behavior present in v2026.3.24 (cff6dc9).extensions/anthropic/stream-wrappers.ts: Added early-returnif (isAnthropicOAuthApiKey(options?.apiKey))blocks to bothcreateAnthropicFastModeWrapperandcreateAnthropicServiceTierWrapper.extensions/anthropic/stream-wrappers.test.ts: Added comprehensive test suites for both wrappers, including 6 new test cases covering OAuth token skip, regular API key injection,standard_onlybehavior, and non-Anthropic provider skip. Also added a test for the composed stream chain.createAnthropicBetaHeadersWrapper— already has its own OAuth guard, untouched.resolveAnthropicPayloadPolicy— correctly resolves model-level capabilities, untouched.Reproduction
sk-ant-oat01-...) inauth-profiles.jsonanthropic/claude-*Risk / Mitigation
cff6dc9, line 365) and adapts it to the new payload policy architecture. The guard only affects OAuth token users by skippingservice_tierinjection.service_tierinjection, (b) regular API keys still receiveservice_tierinjection, and (c) non-Anthropic providers are unaffected. The existingcreateAnthropicBetaHeadersWrappertests remain unchanged and passing.Change Type (select all)
Scope (select all touched areas)
Linked Issue/PR
Fixes #60279