github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 00:38:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: bypass Anthropic OAuth token blocking for tool names

Browse Source 
Anthropic blocks specific lowercase tool names (bash, read, write, edit)
when using OAuth tokens. This fix:

1. Renames blocked tools to capitalized versions (Bash, Read, Write, Edit)
   in pi-tools.ts via renameBlockedToolsForOAuth()

2. Passes all tools as customTools in splitSdkTools() to bypass
   pi-coding-agent's built-in tool filtering, which expects lowercase names

The capitalized names work with both OAuth tokens and regular API keys.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Claude
2026-01-08 23:36:33 -05:00
committed by Peter Steinberger
parent a69a863090
commit 333832c2e1
4 changed files with 81 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/agents/pi-tools.test.ts
View File

@@ -110,7 +110,8 @@ describe("createClawdbotCodingTools", () => {
it("includes bash and process tools", () => {
const tools = createClawdbotCodingTools();
expect(tools.some((tool) => tool.name === "bash")).toBe(true);
// NOTE: bash/read/write/edit are capitalized to bypass Anthropic OAuth blocking
expect(tools.some((tool) => tool.name === "Bash")).toBe(true);
expect(tools.some((tool) => tool.name === "process")).toBe(true);
});
@@ -175,8 +176,9 @@ describe("createClawdbotCodingTools", () => {
expect(names.has("sessions_send")).toBe(false);
expect(names.has("sessions_spawn")).toBe(false);
expect(names.has("read")).toBe(true);
expect(names.has("bash")).toBe(true);
// NOTE: bash/read/write/edit are capitalized to bypass Anthropic OAuth blocking
expect(names.has("Read")).toBe(true);
expect(names.has("Bash")).toBe(true);
expect(names.has("process")).toBe(true);
});
@@ -188,18 +190,21 @@ describe("createClawdbotCodingTools", () => {
agent: {
subagents: {
tools: {
// Policy matching is case-insensitive
allow: ["read"],
},
},
},
},
});
expect(tools.map((tool) => tool.name)).toEqual(["read"]);
// Tool names are capitalized for OAuth compatibility
expect(tools.map((tool) => tool.name)).toEqual(["Read"]);
});
it("keeps read tool image metadata intact", async () => {
const tools = createClawdbotCodingTools();
const readTool = tools.find((tool) => tool.name === "read");
// NOTE: read is capitalized to bypass Anthropic OAuth blocking
const readTool = tools.find((tool) => tool.name === "Read");
expect(readTool).toBeDefined();
const tmpDir = await fs.mkdtemp(path.join(os.tmpdir(), "clawdbot-read-"));
@@ -239,7 +244,8 @@ describe("createClawdbotCodingTools", () => {
it("returns text content without image blocks for text files", async () => {
const tools = createClawdbotCodingTools();
const readTool = tools.find((tool) => tool.name === "read");
// NOTE: read is capitalized to bypass Anthropic OAuth blocking
const readTool = tools.find((tool) => tool.name === "Read");
expect(readTool).toBeDefined();
const tmpDir = await fs.mkdtemp(path.join(os.tmpdir(), "clawdbot-read-"));
@@ -294,8 +300,10 @@ describe("createClawdbotCodingTools", () => {
},
};
const tools = createClawdbotCodingTools({ sandbox });
expect(tools.some((tool) => tool.name === "bash")).toBe(true);
expect(tools.some((tool) => tool.name === "read")).toBe(false);
// NOTE: bash/read are capitalized to bypass Anthropic OAuth blocking
// Policy matching is case-insensitive, so allow: ["bash"] matches tool named "Bash"
expect(tools.some((tool) => tool.name === "Bash")).toBe(true);
expect(tools.some((tool) => tool.name === "Read")).toBe(false);
expect(tools.some((tool) => tool.name === "browser")).toBe(false);
});
@@ -325,16 +333,18 @@ describe("createClawdbotCodingTools", () => {
},
};
const tools = createClawdbotCodingTools({ sandbox });
expect(tools.some((tool) => tool.name === "read")).toBe(true);
expect(tools.some((tool) => tool.name === "write")).toBe(false);
expect(tools.some((tool) => tool.name === "edit")).toBe(false);
// NOTE: read/write/edit are capitalized to bypass Anthropic OAuth blocking
expect(tools.some((tool) => tool.name === "Read")).toBe(true);
expect(tools.some((tool) => tool.name === "Write")).toBe(false);
expect(tools.some((tool) => tool.name === "Edit")).toBe(false);
});
it("filters tools by agent tool policy even without sandbox", () => {
const tools = createClawdbotCodingTools({
config: { agent: { tools: { deny: ["browser"] } } },
});
expect(tools.some((tool) => tool.name === "bash")).toBe(true);
// NOTE: bash is capitalized to bypass Anthropic OAuth blocking
expect(tools.some((tool) => tool.name === "Bash")).toBe(true);
expect(tools.some((tool) => tool.name === "browser")).toBe(false);
});
});