mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-06-24 10:52:21 +00:00
f22dd8a75a
When the active provider returns a 401/403 that survives its per-provider
credential-refresh attempt (revoked OAuth, blocked/expired key, or an
account pinned to a dead/staging inference endpoint), the conversation
loop now escalates to the configured fallback chain instead of dead-ending.
Before: the generic failover dispatch fired only for {rate_limit, billing};
auth/auth_permanent fell through to 'switch providers manually' advice and
never called _try_activate_fallback(). A user whose primary credential was
broken kept thrashing on the same dead credential every turn — the main
agent appeared 'stuck in fallback mode' while never actually failing over.
This also affected auxiliary tasks (compression, vision, title-gen), since
auto-resolved aux follows the main provider.
After: a persistent auth failure with a configured fallback chain switches
to the next provider (mirroring the rate-limit/billing failover path),
guarded one-shot per attempt by TurnRetryState.auth_failover_attempted.
When no fallback is configured the behavior is unchanged — it falls through
to the existing terminal handling and provider-specific troubleshooting
guidance.
Tests: test_auth_provider_failover.py — 401/403 classify as auth, the
gating condition fires only with a chain present + guard unset, the guard
blocks repeats, and non-auth (500) errors do not trigger auth failover.
65 lines
2.2 KiB
Python
65 lines
2.2 KiB
Python
"""Unit tests for TurnRetryState (god-file Phase 1b).
|
|
|
|
The dataclass holds the inner-retry-loop's one-shot recovery guards + restart
|
|
signals. These tests pin its shape and default semantics — the behavioral
|
|
guarantee for the loop itself is the existing recovery-branch tests in
|
|
tests/run_agent/ which now exercise these fields via `_retry.<flag>`.
|
|
"""
|
|
|
|
from __future__ import annotations
|
|
|
|
from dataclasses import fields
|
|
|
|
from agent.turn_retry_state import TurnRetryState
|
|
|
|
|
|
EXPECTED_FIELDS = {
|
|
"codex_auth_retry_attempted",
|
|
"anthropic_auth_retry_attempted",
|
|
"nous_auth_retry_attempted",
|
|
"nous_paid_entitlement_refresh_attempted",
|
|
"copilot_auth_retry_attempted",
|
|
"thinking_sig_retry_attempted",
|
|
"invalid_encrypted_content_retry_attempted",
|
|
"image_shrink_retry_attempted",
|
|
"multimodal_tool_content_retry_attempted",
|
|
"oauth_1m_beta_retry_attempted",
|
|
"llama_cpp_grammar_retry_attempted",
|
|
"primary_recovery_attempted",
|
|
"has_retried_429",
|
|
"auth_failover_attempted",
|
|
"restart_with_compressed_messages",
|
|
"restart_with_length_continuation",
|
|
}
|
|
|
|
|
|
def test_all_guards_default_false():
|
|
s = TurnRetryState()
|
|
for name, value in s:
|
|
assert value is False, f"{name} should default to False"
|
|
|
|
|
|
def test_field_set_matches_contract():
|
|
names = {f.name for f in fields(TurnRetryState)}
|
|
assert names == EXPECTED_FIELDS, (
|
|
f"unexpected drift: missing={EXPECTED_FIELDS - names} extra={names - EXPECTED_FIELDS}"
|
|
)
|
|
|
|
|
|
def test_loop_control_vars_are_not_on_state():
|
|
# retry_count / max_retries / max_compression_attempts stay as loop locals,
|
|
# NOT on the state object (they are while-mechanics, not recovery bookkeeping).
|
|
names = {f.name for f in fields(TurnRetryState)}
|
|
for loop_local in ("retry_count", "max_retries", "max_compression_attempts"):
|
|
assert loop_local not in names
|
|
|
|
|
|
def test_guards_are_independently_mutable():
|
|
s = TurnRetryState()
|
|
s.codex_auth_retry_attempted = True
|
|
s.restart_with_compressed_messages = True
|
|
assert s.codex_auth_retry_attempted is True
|
|
assert s.restart_with_compressed_messages is True
|
|
# untouched guards stay False
|
|
assert s.has_retried_429 is False
|
|
assert s.anthropic_auth_retry_attempted is False
|