fix: clear stale device-auth token on token mismatch

When the gateway connection fails due to device token mismatch (e.g., after re-pairing the device), clear the stored device-auth token so that subsequent connection attempts can obtain a fresh token. This fixes the cron tool failing with 'device token mismatch' error after running 'openclaw configure' to re-pair the device. Fixes #18175
2026-03-12 15:30:39 +00:00 · 2026-02-16 15:49:13 +00:00
parent 0ee3480690
commit b2d622cfa3
1 changed files with 15 additions and 1 deletions
--- a/src/gateway/client.ts
+++ b/src/gateway/client.ts
@@ -1,7 +1,11 @@
 import { randomUUID } from "node:crypto";
 import { WebSocket, type ClientOptions, type CertMeta } from "ws";
 import type { DeviceIdentity } from "../infra/device-identity.js";
-import { loadDeviceAuthToken, storeDeviceAuthToken } from "../infra/device-auth-store.js";
+import {
+  clearDeviceAuthToken,
+  loadDeviceAuthToken,
+  storeDeviceAuthToken,
+} from "../infra/device-auth-store.js";
 import {
  loadOrCreateDeviceIdentity,
  publicKeyRawBase64UrlFromPem,
@@ -150,6 +154,16 @@ export class GatewayClient {
    this.ws.on("close", (code, reason) => {
      const reasonText = rawDataToString(reason);
      this.ws = null;
+      // If closed due to device token mismatch, clear the stored token so next attempt can get a fresh one
+      if (
+        code === 1008 &&
+        reasonText.includes("device token mismatch") &&
+        this.opts.deviceIdentity
+      ) {
+        const role = this.opts.role ?? "operator";
+        clearDeviceAuthToken({ deviceId: this.opts.deviceIdentity.deviceId, role });
+        logDebug(`cleared stale device-auth token for device ${this.opts.deviceIdentity.deviceId}`);
+      }
      this.flushPendingErrors(new Error(`gateway closed (${code}): ${reasonText}`));
      this.scheduleReconnect();
      this.opts.onClose?.(code, reasonText);