fix: Align Anthropic OAuth requests with Claude Code

[deveworld]

Summary

• Normalize Anthropic OAuth requests to match Claude Code's headers, betas, metadata, tool casing, and model IDs.
• Remove tool_choice and inject metadata.user_id from ~/.claude.json to satisfy OAuth validation.
• Rewrite streaming SSE responses so models/tools appear in OpenCode's expected format (UI renders correctly).

Why

Anthropic now validates Claude Code–specific request shape for OAuth tokens. Matching only tool prefixes is insufficient; headers, betas, metadata, tool casing, and model IDs must also align to avoid 400s and missing UI output.

Test Plan

• Clone and wire the plugin locally:
  • git clone https://github.com/deveworld/opencode-anthropic-auth
  • Add to ~/.config/opencode/opencode.json: "plugin": ["file:///path/to/opencode-anthropic-auth/index.mjs"]
  • Run: OPENCODE_DISABLE_DEFAULT_PLUGINS=true opencode
• In OpenCode, call /v1/messages and verify streaming renders in the UI.
• Confirm OAuth requests no longer return 400 errors.

[Copilot]

Pull request overview

This PR aligns Anthropic OAuth requests with Claude Code's expected format to satisfy OAuth validation requirements. The changes normalize headers, beta flags, metadata, tool naming conventions, and model IDs to match what Anthropic's OAuth validation expects.

Key changes:

• Add global fetch patching to intercept and transform all Anthropic API requests
• Normalize tool names between OpenCode's snake_case and Claude Code's PascalCase formats
• Inject Claude Code-specific headers (x-stainless-*, x-app, user-agent) and metadata.user_id
• Transform streaming responses to reverse tool/model name changes for UI compatibility

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

There's a race condition in how cachedMetadataUserIdPromise is used. If resolveMetadataUserId() is called multiple times before the file read completes, the first call creates the promise, but if the file read fails (caught in the try-catch), subsequent calls will return the same cached promise that resolved to undefined. This means a transient error (like temporary permission issues) will permanently cache undefined for the lifetime of the process. Consider resetting cachedMetadataUserIdPromise to null in the catch block if the read fails, allowing retry on subsequent calls.

[Copilot]

The function unconditionally injects metadata.user_id on line 362 even if metadataUserId is undefined or falsy. The check if (metadataUserId) on line 357 guards the creation of the metadata object, but if parsed.metadata already exists, line 362 will set user_id to undefined when metadataUserId is falsy. This differs from the similar code at lines 785-787 which correctly checks if (metadataUserId && !parsed.metadata.user_id). The guard should be moved to wrap line 362 as well.

Suggested change

	if (metadataUserId) {
	if (!parsed.metadata || typeof parsed.metadata !== "object") {
	parsed.metadata = {};
	}
	if (!parsed.metadata.user_id) {
	parsed.metadata.user_id = metadataUserId;
	}
	if (metadataUserId && (!parsed.metadata || !parsed.metadata.user_id)) {
	if (!parsed.metadata || typeof parsed.metadata !== "object") {
	parsed.metadata = {};
	}
	parsed.metadata.user_id = metadataUserId;

[Copilot]

The chat.params hook modifies the outgoing request but doesn't transform the incoming streaming responses to reverse the tool name and model ID transformations. This means responses from the chat.params path will have Claude Code format names (PascalCase) but the UI expects OpenCode format (snake_case). The other code paths (installAnthropicFetchPatch and loader.fetch) handle this via replaceToolNamesInText, but this hook has no equivalent response transformation. Either streaming responses need to be handled elsewhere for this path, or response transformation should be added here.

Suggested change

	}
	}
	// Ensure streamed responses have tool names/model IDs converted back
	// from Claude Code format to the OpenCode format expected by the UI.
	if (output) {
	if (typeof output.transformStream === "function") {
	const originalTransformStream = output.transformStream;
	output.transformStream = async function* (stream) {
	for await (let chunk of originalTransformStream.call(this, stream)) {
	if (typeof chunk === "string") {
	chunk = replaceToolNamesInText(chunk);
	}
	yield chunk;
	}
	};
	} else if (typeof output.transform === "function") {
	const originalTransform = output.transform;
	output.transform = async function* (stream) {
	for await (let chunk of originalTransform.call(this, stream)) {
	if (typeof chunk === "string") {
	chunk = replaceToolNamesInText(chunk);
	}
	yield chunk;
	}
	};
	}
	}

[Copilot]

The replaceToolNamesInText function performs string replacement on streaming data using multiple regex patterns (lines 85-104). Each chunk of the stream is processed independently, which means if a JSON object boundary falls across chunk boundaries, the replacements may miss patterns or produce invalid JSON. For example, if one chunk ends with "name": "Ba and the next starts with sh", the pattern won't match. Consider buffering incomplete JSON structures or using a proper streaming JSON parser instead of regex-based text replacement.

[Copilot]

The installAnthropicFetchPatch function mutates the global globalThis.fetch (line 433), which affects all code in the same JavaScript runtime, not just OpenCode's Anthropic requests. If any other code in the process makes fetch requests to api.anthropic.com (for example, a monitoring service or another library), those requests will be unexpectedly modified by this patch. This could lead to hard-to-debug issues. Consider using a more localized approach or documenting this global side effect clearly.

[Copilot]

The installAnthropicFetchPatch function duplicates significant logic that already exists in the loader.fetch override (lines 571-843). Both functions perform identical operations: header manipulation, beta header construction, tool name normalization, model ID normalization, metadata injection, and streaming response transformation. This creates a maintenance burden where bug fixes or changes must be applied to both locations. Consider extracting the shared logic into reusable helper functions or consolidating into a single implementation.

[Copilot]

In the streaming response transformation, the decoder is called with { stream: true } on line 416, but the controller never calls decoder.decode('', { stream: false }) after the stream ends. This can cause incomplete character sequences at the end of the stream to be lost. When the final chunk is read and done is true (line 411), the controller closes immediately without flushing any remaining bytes in the decoder's internal buffer. Consider decoding any remaining bytes before closing the controller.

[Copilot]

The chat.params hook duplicates significant logic from both installAnthropicFetchPatch and the loader.fetch override: header construction (lines 917-1010), metadata injection (lines 1012-1020), model ID normalization (lines 1022-1025), tool name normalization (lines 1027-1048), and tool_choice deletion (lines 1049-1051). This is the third location where this logic appears, creating a severe maintenance burden. Any changes to the request normalization logic must now be replicated across three separate functions.

[Copilot]

The tool name cache (TOOL_NAME_CACHE) grows unbounded. Every time a tool name is normalized via normalizeToolNameForClaude, the mapping is stored in the cache (lines 39-41), but the cache is never cleared. In a long-running process that handles many different tools, this could lead to excessive memory usage. Consider implementing a cache size limit or using a WeakMap if the tool names are object-based, or periodically clearing the cache.

[Copilot]

When parsing the request body, if JSON parsing fails (line 369), the error is silently caught and ignored. However, if the body was intended to be JSON but is malformed, this could result in requests being sent with incorrect data. At minimum, consider logging parse errors in development mode or adding a comment explaining why it's safe to ignore these errors (e.g., if non-JSON bodies are expected).

Suggested change

	} catch {
	// ignore parse errors
	} catch (error) {
	// Some requests legitimately have non-JSON string bodies; in those cases JSON.parse will
	// fail and we intentionally leave the body unchanged. Log in development to aid debugging
	// when malformed JSON was intended.
	if (
	typeof process !== "undefined" &&
	process?.env?.NODE_ENV !== "production"
	) {
	// eslint-disable-next-line no-console
	console.warn(
	"Failed to parse request body as JSON; sending original body unmodified.",
	error,
	);
	}

[stranger2904]

any particular reason why this would only allow to access some sonnet model even when opus is requested ?

[deveworld]

That's likely a subscription tier limit,
The code maps model IDs correctly:

• claude-opus-4-5 → claude-opus-4-5-20251101
• claude-haiku-4-5 → claude-haiku-4-5-20251001

What's your plan tier? Some tiers have Opus rate limits.

[stranger2904]

That's likely a subscription tier limit, The code maps model IDs correctly:

• claude-opus-4-5 → claude-opus-4-5-20251101
• claude-haiku-4-5 → claude-haiku-4-5-20251001

What's your plan tier? Some tiers have Opus rate limits.

Max20, claude code is ok, plenty of quotas left

[deveworld]

Can you share more details?

1. What model do you have selected in OpenCode settings?
2. What's the exact error or behavior? (Does Opus request return error, or does it work but response says it's Sonnet?)

Sonnet is missing from MODEL_ID_OVERRIDES, I'll add it if that's the issue.

[deveworld]

Just added Sonnet mapping. Can you pull the latest and test? @stranger2904

• claude-sonnet-4-5 → claude-sonnet-4-5-20250929

[stranger2904]

Integrated latest, still the same:
% opencode run --model anthropic/claude-opus-4-5 "What's your model name, OPUS or sonnet, reply one word only"

Sonnet

% opencode run --model anthropic/claude-opus-4-5-20251101 "What's your model name, OPUS or sonnet, reply one word only"

Sonnet
% claude --model claude-opus-4-5 --print "What's your model name, OPUS or sonnet, reply one word only"

Opus

[deveworld]

Investigated this, and confirmed it's not a PR #15 issue.

Claude Code injects model info into system prompt:

"You are powered by the model named Opus 4.5. The exact model ID is claude-opus-4-5-20251101."

OpenCode doesn't do this. Claude can't see the API request's model parameter directly, so without this injection it doesn't know what model it is.

This is an OpenCode core issue, not the auth plugin.

[stranger2904]

So this one is actually something I was investigating as well at some point a few weeks ago for other project.
Yes, this question might be not the best one (though it’s the easiest to evaluate)

But you can also do: “What’s your knowledge cutoff date” “when was opus 4.5 released”

my understanding that it might be something with TLS fingerprints/ or pre-API request which Claude code is sending even before first prompt being sent out.
My working theory is that either something is still not quite right with the way this plugin operates or that Anthropic detect that it’s not a claude code instance and silently pushes request to some older sonnet 3.5/4 model

[stranger2904]

I can say that prior to yesterday- replies from both open code / Claude code were matching

[deveworld]

So this one is actually something I was investigating as well at some point a few weeks ago for other project. Yes, this question might be not the best one (though it’s the easiest to evaluate)

But you can also do: “What’s your knowledge cutoff date” “when was opus 4.5 released”

my understanding that it might be something with TLS fingerprints/ or pre-API request which Claude code is sending even before first prompt being sent out. My working theory is that either something is still not quite right with the way this plugin operates or that Anthropic detect that it’s not a claude code instance and silently pushes request to some older sonnet 3.5/4 model

Interesting theory, but I compared the actual traffic via mitm:

Claude Code system prompt:

"You are powered by the model named Opus 4.5. The exact model ID is claude-opus-4-5-20251101."

OpenCode system prompt:

(no model info)

The API request body shows model: claude-opus-4-5-20251101 correctly in both cases. The difference is purely in the system prompt injection.

Claude can't introspect the API request's model parameter, it only knows what's in its context. So when asked "what model are you", it's guessing based on its training, not actual runtime info.

If Anthropic were silently routing to Sonnet, the response quality/speed would be noticeably different, and the API response headers would likely differ too.

This is fixable in OpenCode core by injecting model info into the system prompt like Claude Code does.

[stranger2904]

Ok, I have mitm setup as well, let me try to test this

[aw338WoWmUI]

Is it possible to use anthropic agent sdk to power opencode just for anthropic's model? I think this will be a perma and risky free solution.

[deveworld]

@aw338WoWmUI No, Claude Agent SDK explicitly doesn't support OAuth/subscription auth:

From docs:

"Unless previously approved, we do not allow third party developers to offer Claude.ai login or rate limits for their products, including agents built on the Claude Agent SDK."

Only API key auth is supported. Same policy, different wrapper.

[seaweeduk]

Isn't this missing the "AskUserQuestion" tool in CLAUDE_CODE_TOOL_NAMES? opencode has an equivalent tool called question in the latest versions

[deveworld]

Isn't this missing the "AskUserQuestion" tool in CLAUDE_CODE_TOOL_NAMES? opencode has an equivalent tool called question in the latest versions

I added it just now. Thanks

[coleleavitt]

This isn't the right way of doing this this is more of a hack than anything

[androolloyd]

my solution was just to proxy the request to the claude binary, so technically claude is just responding directly to the opencode plugin to intercept back to the runtime tloop

[guthabbr0]

(Just in case anyone doubt about this patch and re-routing or else, than maybe change the model under-the-hood) One way to fast check and know (for sure) if you are into sonnet-4.5 or 'anything else'. Set temperature and top_p, sonnet-4.5 fails (Sonnet 4.5 doesn't allow both parameters)

[aryasaatvik]

claude code now adds user:sessions:claude_code scope

[deveworld]

Just pushed a fix addressing several issues found during code review:

Token Refresh Issues (by Copilot review)

1. Race condition: Multiple concurrent requests could trigger duplicate token refreshes. Added Promise caching pattern to ensure single refresh.
2. auth.expires not updated: After refresh, only auth.access was updated but auth.expires wasn't, causing repeated unnecessary refreshes.

OAuth Scope (by @aryasaatvik review)
3. Added user:sessions:claude_code to match Claude Code CLI's actual OAuth request (verified via URL inspection).

Response Transform
4. Added AskUserQuestion to response regex for proper tool name reverse mapping.

Streaming
5. Added TextDecoder flush on stream end to handle incomplete multi-byte UTF-8 sequences at chunk boundaries.

Feel free to report any error!