Fix blocking bugs: temporary-run 400 and Anthropic 401#1
Merged
eric007shine merged 2 commits intoJun 11, 2026
Merged
Conversation
The verifier UI's temporary flow posts only `claimed_model` and no `model` field, but live_report required `model` via require_text and raised "Missing required field: model". Every temporary verification against a real gateway therefore failed with HTTP 400 — only the hardcoded gateway.example.test demo path worked, because it substitutes claimed_model for model. Make `model` optional and default it to `claimed_model`, matching both the demo path and the frontend payload contract. Add a regression test that runs a respx-mocked live temporary verification with no `model`. Signed-off-by: Phillip <phillip.wu@infothinker.com> Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Anthropic-mode requests to /v1/messages only sent `Authorization: Bearer` plus `anthropic-version`, never the `x-api-key` header the native Anthropic Messages API requires. Verifying api.anthropic.com (or any native Anthropic endpoint) always failed with 401, all probes errored, and an honest Claude deployment was reported as unreachable/inconclusive. Add an `anthropic_auth_headers` helper that sends `x-api-key` while keeping `Authorization: Bearer` so Anthropic-compatible gateways that expect a bearer token keep working. Add a test asserting both headers. Signed-off-by: Phillip <phillip.wu@infothinker.com> Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Two independent, currently-blocking bugs in the core verification flows. Both fixes are small and isolated, each with a regression test.
1. Temporary verification against a real gateway always returns HTTP 400
The web UI's temporary flow posts only
claimed_model(nomodel), butlive_reportrequired amodelfield viarequire_textand raisedMissing required field: model. As a result every temporary verification against a real gateway failed — only the hardcodedgateway.example.testdemo path worked, because it substitutesclaimed_modelformodel.Fix: make
modeloptional, defaulting toclaimed_model(matching the demo path and the frontend payload contract).2. Anthropic-protocol verification always returns HTTP 401
Requests to
/v1/messagesonly sentAuthorization: Bearer+anthropic-version, never thex-api-keyheader the native Anthropic Messages API requires. Verifyingapi.anthropic.com(or any native Anthropic endpoint) always failed auth, all probes errored, and an honest Claude deployment was reported as unreachable/inconclusive.Fix: add an
anthropic_auth_headershelper that sendsx-api-keywhile keepingAuthorization: Bearer, so Anthropic-compatible gateways that expect a bearer token keep working.Testing
pytest -q— all 48 pass, including two new regression tests:test_temporary_live_run_defaults_model_to_claimed_modeltest_call_model_anthropic_sends_x_api_key_headerNotes
Signed-off-by.x-api-keyandAuthorization: Bearerto maximize gateway compatibility while fixing native Anthropic. If you'd rather send onlyx-api-keyin anthropic mode, happy to adjust.🤖 Generated with Claude Code