From 31cde11b0da1b0daac13352a9b6d237f0d7fd793 Mon Sep 17 00:00:00 2001 From: didericis Date: Tue, 23 Jun 2026 17:53:18 -0400 Subject: [PATCH] docs: correct stale role field and claude provider auth example MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The egress route fields table described `role` as a functional field that wires built-in auth flows. PRD 0029 removed the `claude_code_oauth` role; the manifest parser now rejects any `role` value as reserved-for-future-use. Provider auth routes are injected from `agent_provider.auth_token`. - README: fix the `role` row to state it is reserved and any value is rejected at load. - examples/bottles/claude.md: the manual `api.anthropic.com` route used the rejected `role` key and, even without it, would be silently dropped (provider-injected routes win for a provisioned host) — so its auth never took effect and the dlp comments described a route that never exists in the plan. Replace it with the canonical `agent_provider.auth_token` shape. Co-Authored-By: Claude Opus 4.8 Claude-Session: https://claude.ai/code/session_01YcU7nerbg8cVj9R4EkpfLJ --- README.md | 2 +- examples/bottles/claude.md | 21 ++++++++------------- 2 files changed, 9 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 415b915..f2ad087 100644 --- a/README.md +++ b/README.md @@ -138,7 +138,7 @@ You help maintain Gitea-hosted projects. | Field | Required | Description | |---|---|---| | `host` | yes | Hostname to allowlist. One entry per host. | -| `role` | no | Provider-specific role string (e.g. `claude_code_oauth`). Wires built-in auth flows; set by provider templates, not manually. | +| `role` | no | Reserved for future use. The key is recognised but any value is currently rejected at load. Provider auth routes (e.g. Claude's `api.anthropic.com`) are injected automatically from `agent_provider.auth_token`, not via `role`. | | `auth.scheme` | when `auth` present | `Bearer` or `token`. Injected by the proxy; the agent never sees the value. | | `auth.token_ref` | when `auth` present | Env-var name holding the secret on the host. | | `matches` | no | Array of `{paths, methods, headers}` filters. A request must match at least one entry (if any are given) to be forwarded. | diff --git a/examples/bottles/claude.md b/examples/bottles/claude.md index 219d0db..9f9670b 100644 --- a/examples/bottles/claude.md +++ b/examples/bottles/claude.md @@ -1,19 +1,14 @@ --- agent_provider: template: claude - -egress: - routes: - - host: api.anthropic.com - role: claude_code_oauth # wires Claude Code OAuth; do not change - auth: - scheme: Bearer - token_ref: BOT_BOTTLE_CLAUDE_OAUTH_TOKEN - # dlp is omitted → all detectors on by default (token_patterns, - # known_secrets outbound; naive_injection_detection inbound). - # To disable inbound scanning for this route: - # dlp: - # inbound_detectors: false + # auth_token names the host env var holding the Claude OAuth token. The + # provider injects a provider-owned api.anthropic.com egress route that + # re-injects this token as the Bearer header; the agent only ever sees a + # placeholder CLAUDE_CODE_OAUTH_TOKEN. DLP defaults (token_patterns, + # known_secrets outbound; naive_injection_detection inbound) apply to + # that route. To scan additional hosts, declare them under egress.routes + # with per-route matches/dlp (see README "Egress route fields"). + auth_token: BOT_BOTTLE_CLAUDE_OAUTH_TOKEN --- Common Claude provider boundary. Drop this file into