Files
openclaw/src/llm/utils
ZOOWH 6b90610cdb fix(copilot): redact OAuth error response body in fetchJson error messages (#102953)
* fix(copilot): redact OAuth error response body in fetchJson error messages

Replace raw response body text with bounded, redacted structured error detail
extracted via extractProviderErrorDetail so OAuth error responses containing
tokens, device codes, or other sensitive fields are not leaked into Error
messages and downstream logs.

* test(copilot): add device-code and non-JSON error body redaction cases

Add regression tests covering the device code flow and non-JSON error
bodies alongside the existing token refresh coverage. Also include live
proof output showing real Response object redaction via
extractProviderErrorDetail.

Ref: #102953

* fix(copilot): normalize OAuth HTTP failures

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 03:15:29 +01:00
..