Skip to content

fix: restore Claude subscription auth parity for Claude Code 2.1.112#207

Open
kunal70006 wants to merge 4 commits intogriffinmartin:mainfrom
kunal70006:fix/claude-subscription-parity-206
Open

fix: restore Claude subscription auth parity for Claude Code 2.1.112#207
kunal70006 wants to merge 4 commits intogriffinmartin:mainfrom
kunal70006:fix/claude-subscription-parity-206

Conversation

@kunal70006
Copy link
Copy Markdown

@kunal70006 kunal70006 commented Apr 17, 2026

Summary

  • align the Anthropic request fingerprint with the observed Claude Code 2.1.112 request shape by updating the CLI version, sdk-cli identity, required beta flag, and missing request headers
  • send ?beta=true on /v1/messages requests so the plugin matches the live Claude Code request path used during subscription-authenticated calls
  • fix the Claude CLI intercept script so it captures the real POST /v1/messages request and billing marker instead of the initial HEAD / probe

Related issue

Closes #206.

Testing

  • corepack pnpm run lint
  • corepack pnpm run build
  • npx -y tsx --test src/index.test.ts src/signing.test.ts
  • bun scripts/intercept-claude.ts
  • opencode run \"say hi\" -m anthropic/claude-sonnet-4-6 --print-logs with CLAUDE_AUTH_DEBUG enabled to verify the local fork loaded and returned 200 responses

Checklist

  • PR title follows Conventional Commits (feat:, fix:, docs:, chore:, etc.)
  • make all passes locally (runs lint, build, and test)
  • Tests added or updated where applicable
  • README or docs updated where applicable

kunal70006 and others added 4 commits April 17, 2026 23:38
@kunal70006 @sisyphus-dev-ai
fix: align Anthropic request fingerprint with Claude Code 2.1.112
84a3a3b 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
@kunal70006 @sisyphus-dev-ai
fix: update billing entrypoint to sdk-cli
86c12c7 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
@kunal70006 @sisyphus-dev-ai
fix: capture Claude CLI POST requests in intercept script
dec3712 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
@kunal70006 @sisyphus-dev-ai
chore(lint): fix
c2e3c6e 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
@kunal70006 kunal70006 mentioned this pull request Apr 17, 2026
Open
Lemenxzy pushed a commit to Lemenxzy/opencode-claude-auth that referenced this pull request Apr 20, 2026
feat: align request fingerprint with Claude CLI 2.1.98 (PR griffinmar…
b7ec560 
…tin#207)

- User-Agent changed to sdk-cli entrypoint
- Added x-stainless-* headers for Anthropic fingerprint validation
- Request URL now includes ?beta=true for /v1/messages
- Added advisor-tool-2026-03-01 to baseBetas
- ccVersion updated to 2.1.98 (matches local Claude CLI)
- cc_entrypoint default changed from cli to sdk-cli
- Added anthropic-dangerous-direct-browser-access header
- intercept-claude.ts: dedupe betas to prevent duplicate entries on update
- intercept-claude.ts: only capture POST /v1/messages, extract billing from system array
- Tests updated to assert new headers, version, and entrypoint
kristianvast added a commit to kristianvast/hermes-claude-auth that referenced this pull request Apr 22, 2026
@kristianvast
feat(v1.1.0): PascalCase mcp_ tools + Claude Code 2.1.112 fingerprint
b430a8a 
Anthropic tightened OAuth validation between 2026-04-14 and 2026-04-22.
Requests are now classified as third-party and routed to extra-usage
credits (or rejected with 'Third-party apps now draw from your extra
usage, not your plan limits') unless the fingerprint matches real
Claude Code. Ports the two upstream opencode-claude-auth fixes that
address this:

- PR #191 (merged, v1.4.10): PascalCase `mcp_` tool names. Hermes
  prefixes tools with lowercase `mcp_bash`; the validator now flags
  that as non-Claude-Code. Real CC uses `mcp_Bash` / `mcp_Read` /
  `mcp_Background_output`. Adds a request-side rewrite hook plus a
  response-side unhook that lowercases the first char after hermes
  strips the prefix, so the tool dispatcher continues to receive the
  original lowercase names.

- PR #207 (open, attempted fix for Claude Code 2.1.112): updates the
  billing fingerprint. Changes the `cc_entrypoint` in the signed
  billing header from `cli` to `sdk-cli`, adds the
  `advisor-tool-2026-03-01` beta flag, injects the Stainless SDK
  headers that real CC sends (`x-stainless-*`) plus
  `anthropic-dangerous-direct-browser-access: true`, and appends
  `?beta=true` to the /v1/messages query string. All non-body signals
  ride the Anthropic Python SDK's per-request `extra_headers` and
  `extra_query` kwargs so we don't need to rewrap the HTTP client.

Other changes:
- Bump __version__ to 1.1.0 and document the rationale above in the
  module docstring.
- Extend `_EXTRA_OAUTH_BETAS` so both prompt-caching and advisor-tool
  betas are appended to hermes's `_OAUTH_ONLY_BETAS` list.
- 10 new unit tests covering PascalCase rewrite (request + response),
  sdk-cli entrypoint, Stainless headers, extra_query=beta:true, and
  preservation of pre-existing extra_headers.

Smoke-tested on Linux with hermes-agent v0.10.0 against claude-sonnet-4-6,
claude-opus-4-6, and claude-opus-4-7 \u2014 all return 200 and complete
responses with the new patch loaded. Billing-tier routing (plan vs
extra-usage) cannot be verified from the client side; this tracks the
best-known upstream bypass as of 2026-04-22 but Anthropic may tighten
validation again at any time.

Refs: #6
Upstream: griffinmartin/opencode-claude-auth#191
Upstream: griffinmartin/opencode-claude-auth#207
@kristianvast kristianvast mentioned this pull request Apr 22, 2026
Open
@mustafa89
Copy link
Copy Markdown

mustafa89 commented Apr 23, 2026

is this working for you ?

@alexandervazquez98
Copy link
Copy Markdown

alexandervazquez98 commented Apr 23, 2026

Windows experience with this PR / plugin

Environment:

What happened

  • Followed the build and install steps (clone, checkout PR, install deps, build, copy to plugins).
  • On plugin load, OpenCode throws:
    TypeError: undefined is not an object (evaluating 'f.auth')
  • The error appears to be caused by the plugin not exporting the expected entrypoint, or by incompatibility with manual plugin loading on Windows.
  • Tried adjusting index.js, package.json, and plugin config paths, but the error persists.
  • No official Windows support is mentioned in the docs, and most fixes/discussions seem focused on Linux/macOS.

Lessons learned

  • Manual plugin integration on Windows is fragile and may require extra steps (absolute paths, packaging, etc.).
  • The plugin may depend on internal OpenCode loading logic that behaves differently on Windows.
  • Waiting for an official release after the PR is merged is safest for Windows users.
  • More documentation or guidance for Windows would help the community.

If other Windows users have solved this, please share your steps! Otherwise, hope this helps maintainers and others understand the current state on Windows.

Thanks for the fix and all the work!

@bvironn bvironn mentioned this pull request Apr 25, 2026
Open
bvironn
bvironn reviewed Apr 25, 2026
View reviewed changes
Copy link
Copy Markdown

@bvironn bvironn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested locally — 214/214 tests pass.

Fingerprint update is well-scoped and matches the documented CC 2.1.112 wire format. The scripts/intercept-claude.ts fix (gating finish(captured) on POST /v1/messages rather than any response) is independently valuable — it would have masked the new fingerprint earlier.

One drift concern: x-stainless-package-version: "0.81.0" is hardcoded in getStainlessHeaders(). When Claude Code bumps the bundled @anthropic-ai/sdk, this will silently go stale. Two options:

  • Promote it to model-config.ts next to ccVersion so version drift is visible in one diff
  • Read via process.env.ANTHROPIC_SDK_VERSION with current value as fallback

Not blocking — flagging because ccVersion followed the same pattern and got out of sync, which is exactly what triggered #206.

Resolves #206.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@bvironn bvironn bvironn left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Consuming extra-usage instead of subscription after upgrading Claude Code to v2.1.111 (plugin v1.5.0)

4 participants

@kunal70006 @mustafa89 @alexandervazquez98 @bvironn