fix(openapi): send a default User-Agent on upstream tool calls (#1071)

GitHub and some other upstreams reject requests that lack a User-Agent
header with HTTP 403 ("Request forbidden by administrative rules"). The
invoke path sent none, so these calls failed and were surfaced as
credential rejections, sending users to re-check tokens that were fine.

Send a default "executor" User-Agent. It is applied before operation
header params and resolved auth headers, so a spec- or connection-provided
User-Agent still wins.

Author: RhysSullivan

packages/plugins/openapi/src/sdk/invoke.ts

@@ -126,6 +126,13 @@ const resolvePath = Effect.fn("OpenApi.resolvePath")(function* (
   return resolved;
 });
 
+// GitHub (and some other upstreams) reject requests that lack a User-Agent
+// header with a 403 ("Request forbidden by administrative rules"), which is
+// indistinguishable from a credential rejection downstream. Send a default so
+// those calls succeed. It is applied before operation header params and
+// resolved auth headers, so a spec- or connection-provided User-Agent wins.
+const DEFAULT_USER_AGENT = "executor";
+
 const applyHeaders = (
   request: HttpClientRequest.HttpClientRequest,
   headers: Record<string, string>,
@@ -631,6 +638,10 @@ export const invoke = Effect.fn("OpenApi.invoke")(function* (
 
   let request = HttpClientRequest.make(operation.method.toUpperCase() as "GET")(path);
 
+  // Default first so operation header params and resolved auth headers below
+  // can override it; the upstream still gets a User-Agent if nothing else sets one.
+  request = HttpClientRequest.setHeader(request, "User-Agent", DEFAULT_USER_AGENT);
+
   for (const [name, value] of Object.entries(sourceQueryParams)) {
     request = HttpClientRequest.setUrlParam(request, name, value);
   }

packages/plugins/openapi/src/sdk/request-user-agent.test.ts

@@ -0,0 +1,105 @@
+import { expect, it } from "@effect/vitest";
+import { Effect, Option } from "effect";
+import { FetchHttpClient } from "effect/unstable/http";
+import { createServer, type IncomingHttpHeaders, type Server } from "node:http";
+
+import { invokeWithLayer } from "./invoke";
+import { OperationBinding, OperationParameter } from "./types";
+
+// Captures the headers of the real outbound request the invoke path sends.
+const withServer = <A>(
+  f: (input: { readonly baseUrl: string; readonly headers: IncomingHttpHeaders[] }) => Promise<A>,
+) =>
+  new Promise<A>((resolve, reject) => {
+    const headers: IncomingHttpHeaders[] = [];
+    const server: Server = createServer((request, response) => {
+      headers.push(request.headers);
+      response.statusCode = 200;
+      response.setHeader("content-type", "application/json");
+      response.end(JSON.stringify({ ok: true }));
+    });
+
+    server.listen(0, "127.0.0.1", () => {
+      const address = server.address();
+      if (!address || typeof address === "string") {
+        server.close();
+        // oxlint-disable-next-line executor/no-promise-reject, executor/no-error-constructor -- boundary: Node listen callback is adapted into the test Promise failure path
+        reject(new Error("Server did not bind to a TCP port"));
+        return;
+      }
+      f({ baseUrl: `http://127.0.0.1:${address.port}`, headers })
+        .then(resolve, reject)
+        .finally(() => server.close());
+    });
+  });
+
+const pathParam = (name: string) =>
+  OperationParameter.make({
+    name,
+    location: "path",
+    required: true,
+    schema: Option.some({ type: "string" }),
+    style: Option.none(),
+    explode: Option.none(),
+    allowReserved: Option.none(),
+    description: Option.none(),
+  });
+
+// GitHub 403s any request without a User-Agent header, which downstream looks
+// identical to a credential rejection. The invoke path must always send one.
+it.effect("sends a default User-Agent so upstreams like GitHub don't 403", () =>
+  Effect.promise(() =>
+    withServer(async ({ baseUrl, headers }) => {
+      const operation = OperationBinding.make({
+        method: "get",
+        servers: [],
+        pathTemplate: "/repos/{owner}/{repo}/pulls",
+        requestBody: Option.none(),
+        responseBody: Option.none(),
+        parameters: [pathParam("owner"), pathParam("repo")],
+      });
+
+      await Effect.runPromise(
+        invokeWithLayer(
+          operation,
+          { owner: "risedle", repo: "aime" },
+          baseUrl,
+          {},
+          {},
+          FetchHttpClient.layer,
+        ),
+      );
+
+      expect(headers[0]?.["user-agent"]).toBe("executor");
+    }),
+  ),
+);
+
+// A connection- or spec-provided User-Agent must still win over the default.
+it.effect("lets a resolved User-Agent override the default", () =>
+  Effect.promise(() =>
+    withServer(async ({ baseUrl, headers }) => {
+      const operation = OperationBinding.make({
+        method: "get",
+        servers: [],
+        pathTemplate: "/ping",
+        requestBody: Option.none(),
+        responseBody: Option.none(),
+        parameters: [],
+      });
+
+      await Effect.runPromise(
+        invokeWithLayer(
+          operation,
+          {},
+          baseUrl,
+          { "User-Agent": "acme-app/2.0" },
+          {},
+          FetchHttpClient.layer,
+        ),
+      );
+
+      expect(headers[0]?.["user-agent"]).toBe("acme-app/2.0");
+    }),
+  ),
+);