From 813e9127f5b0f7f089af3e613298a5a5a29a0ed5 Mon Sep 17 00:00:00 2001 From: Matt Date: Mon, 8 Dec 2025 13:16:21 +0100 Subject: [PATCH] Fix auth headers not applied after registration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bug: After registration, credentials were set directly on private attributes (_agent_id, _agent_secret) instead of using property setters. This bypassed _invalidate_client(), so the HTTP client kept using old headers without X-Agent-Id/X-Agent-Secret. Fix: Use property setters (self.agent_id, self.agent_secret) which trigger _invalidate_client() to recreate the client with new headers. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- app/clients/orchestrator_client.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/app/clients/orchestrator_client.py b/app/clients/orchestrator_client.py index 6699279..fab4c23 100644 --- a/app/clients/orchestrator_client.py +++ b/app/clients/orchestrator_client.py @@ -347,8 +347,9 @@ class OrchestratorClient: # Handle response based on registration flow if "agent_secret" in data: # New secure registration response - self._agent_id = data["agent_id"] - self._agent_secret = data["agent_secret"] + # Use setters to trigger client invalidation + self.agent_id = data["agent_id"] + self.agent_secret = data["agent_secret"] self._tenant_id = data.get("tenant_id") # Persist credentials for restart recovery @@ -362,8 +363,9 @@ class OrchestratorClient: return self._agent_id, self._agent_secret, self._tenant_id else: # Legacy registration response - self._agent_id = data["agent_id"] - self._token = data.get("token") + # Use setters to trigger client invalidation + self.agent_id = data["agent_id"] + self.token = data.get("token") self._tenant_id = self.settings.tenant_id # Also persist legacy credentials