* Fix ApiConnection authorization header thread safety
SetAuthenticator(HttpRequestMessage) was writing the Authorization
header to the shared HttpClient.DefaultRequestHeaders on every request.
HttpHeaders is not thread safe: under concurrent requests one thread
mutates the collection while another enumerates it during request
serialization, causing NullReferenceException failures, and requests
could also be serialized with a mismatched Authorization/Timestamp
pair causing intermittent authentication failures.
Set the Authorization header on the request message itself instead.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
* Include stack trace when logging unexpected api request exceptions
Network failures are already described by their HttpRequestError and
SocketErrorCode details and are frequent during outages, so they stay
on a single line. Any other exception type is unexpected, include its
stack trace so the source can be located directly from the logs.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
* Harden ApiConnection.TryRequestAsync request path
Guard against a null RequestUri, which is valid when the client has a
BaseAddress set, and handle response deserialization failures with the
http status code and raw response content instead of surfacing a parse
exception, for example an html error page returned by a proxy.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Fable 5 <noreply@anthropic.com>