fix: only suggest re-authentication for auth-related HTTP errors

When an HttpError occurs in Google Tasks tools, the error handler now checks the HTTP status code before suggesting re-authentication. Re-auth messages are only shown for 401 (Unauthorized) and 403 (Forbidden) errors. This prevents misleading re-authentication suggestions for non-auth errors like 400 (Bad Request) with malformed arguments, allowing the LLM to focus on the actual root cause instead of being misdirected by incorrect auth guidance. The fix applies to both CLI mode (stdio legacy oauth) and MCP mode (OAuth 2.1). Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-04 09:30:59 -05:00
parent 89e1974984
commit 9de1fcb6ea
1 changed files with 21 additions and 15 deletions
--- a/gtasks/tasks_tools.py
+++ b/gtasks/tasks_tools.py
@@ -25,24 +25,30 @@ LIST_TASKS_MAX_POSITION = "99999999999999999999"


 def _format_reauth_message(error: Exception, user_google_email: str) -> str:
-    base = f"API error: {error}. You might need to re-authenticate."
-    if is_oauth21_enabled():
-        if is_external_oauth21_provider():
-            hint = (
-                "LLM: Ask the user to provide a valid OAuth 2.1 bearer token in the "
-                "Authorization header and retry."
-            )
+    base = f"API error: {error}"
+
+    # Only suggest re-authentication for auth-related errors (401, 403)
+    if isinstance(error, HttpError) and error.resp.status in (401, 403):
+        base += ". You might need to re-authenticate."
+        if is_oauth21_enabled():
+            if is_external_oauth21_provider():
+                hint = (
+                    "LLM: Ask the user to provide a valid OAuth 2.1 bearer token in the "
+                    "Authorization header and retry."
+                )
+            else:
+                hint = (
+                    "LLM: Ask the user to authenticate via their MCP client's OAuth 2.1 "
+                    "flow and retry."
+                )
        else:
            hint = (
-                "LLM: Ask the user to authenticate via their MCP client's OAuth 2.1 "
-                "flow and retry."
+                "LLM: Try 'start_google_auth' with the user's email "
+                f"({user_google_email}) and service_name='Google Tasks'."
            )
-    else:
-        hint = (
-            "LLM: Try 'start_google_auth' with the user's email "
-            f"({user_google_email}) and service_name='Google Tasks'."
-        )
-    return f"{base} {hint}"
+        return f"{base} {hint}"
+
+    return base


 class StructuredTask: