fix(composio): avoid nested auth retry

[honor2030]

Summary

• Route the standalone Composio auth-retry helper through the client’s single post-OAuth retry path instead of stacking retry wrappers.
• Keep execute_tool_with_post_oauth_retry test-visible and preserve gateway error matching for wrapped/case-varied Connection error, try to authenticate payloads.
• Move the retryable-error matcher coverage next to the consolidated client retry implementation.

Test Plan

• RUSTC=$(rustup which --toolchain 1.93.0 rustc) $(rustup which --toolchain 1.93.0 cargo) fmt --all
• RUSTC=$(rustup which --toolchain 1.93.0 rustc) $(rustup which --toolchain 1.93.0 cargo) test --manifest-path Cargo.toml -p openhuman openhuman::composio::auth_retry -- --nocapture
• RUSTC=$(rustup which --toolchain 1.93.0 rustc) $(rustup which --toolchain 1.93.0 cargo) test --manifest-path Cargo.toml -p openhuman openhuman::composio::client -- --nocapture
• RUSTC=$(rustup which --toolchain 1.93.0 rustc) $(rustup which --toolchain 1.93.0 cargo) test --manifest-path Cargo.toml -p openhuman openhuman::composio -- --nocapture

Summary by CodeRabbit

• Bug Fixes

  • Enhanced OAuth authentication error detection with improved matching to more reliably handle temporary authentication gaps during tool execution.

• Tests

  • Added comprehensive end-to-end integration tests validating OAuth authentication retry behavior across multiple failure scenarios and edge cases.

[coderabbitai]

📝 Walkthrough

Walkthrough

Post-OAuth retry logic is centralized into ComposioClient::execute_tool_with_post_oauth_retry. The retry predicate is broadened to substring matching, the helper visibility is exposed, the call site delegates instead of retrying locally, and async integration tests replace unit tests to validate the entire flow with a mock backend.

Changes

Composio post-OAuth retry refactoring

Layer / File(s)	Summary
Retry matcher refinement and helper visibility src/openhuman/composio/client.rs	Error matcher broadened from exact equality to case-insensitive substring containment. Documentation updated to clarify gateway error fragments and matching strategy. Helper visibility changed from private to pub(super) to enable delegation from auth_retry module.
Retry matcher unit tests src/openhuman/composio/client_tests.rs	New unit tests validate is_post_oauth_auth_readiness_error. Positive cases confirm known "connection error / authenticate" variants are retryable. Negative cases confirm non-matching errors and successful: true responses return false.
Delegate retry to helper from auth_retry src/openhuman/composio/auth_retry.rs	Local retry control flow and RETRYABLE_AUTH_ERRORS constant removed. execute_with_auth_retry_inner now validates slug, defaults args to empty JSON, constructs payload, logs debug event, and delegates execution to client.execute_tool_with_post_oauth_retry.
Integration tests with mock Composio backend src/openhuman/composio/auth_retry_tests.rs	Replaces unit tests with async Tokio integration tests using local Axum backend mimicking /agent-integrations/composio/execute. Tests validate: post-OAuth auth-error triggers exactly one retry; unrelated auth errors do not retry; successful first attempt skips retry; bounded retry on second failure (no third attempt).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• tinyhumansai/openhuman#1707: Both PRs modify Composio post-OAuth auth-readiness retry logic with case-insensitive substring matching and extended test coverage in client_tests.rs.
• tinyhumansai/openhuman#1708: Both PRs address the same post-OAuth "Connection error, try to authenticate" single-retry behavior, with this PR refactoring retry logic from auth_retry.rs into ComposioClient::execute_tool_with_post_oauth_retry.

Suggested reviewers

• senamakel

Poem

🐰 A retry refined, from local to shared,
Auth errors now substring-aware,
The mock backend dances, request by request,
One chance more, then peace and rest.
Through Axum's gate, the tests march on! 🚀

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: consolidating nested auth retry logic into a single retry path to avoid redundant retry stacking.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

src/openhuman/composio/auth_retry.rs (1)

57-60: ⚡ Quick win

Log the empty-slug rejection path.

This new validation branch bails without a grep-friendly diagnostic, so whitespace-only slugs will be harder to trace than the rest of the flow. Add a [composio][auth_retry] debug/trace event before returning.

Proposed fix

     let tool = slug.trim();
     if tool.is_empty() {
+        tracing::debug!(
+            target: "composio",
+            raw_slug_len = slug.len(),
+            "[composio][auth_retry] rejecting empty tool slug"
+        );
         anyhow::bail!("composio.execute_tool: tool slug must not be empty");
     }

As per coding guidelines, src/**/*.rs: "use log / tracing at debug or trace level for development-oriented diagnostics on new/changed flows, including logs at entry/exit points, branch decisions, external calls, retries/timeouts, state transitions, and error handling paths".

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/openhuman/composio/auth_retry.rs` around lines 57 - 60, The branch that
trims and rejects an empty tool slug currently bails silently; add a tracing
call before the bail so the rejection is grep-able and follows logging
guidelines: in the auth_retry.rs code where slug is trimmed into let tool =
slug.trim(); and before anyhow::bail!("composio.execute_tool: tool slug must not
be empty"); emit a trace or debug event (e.g., tracing::debug! or
tracing::trace!) with a clear tag like "[composio][auth_retry]" and include the
original slug (or its whitespace-only indication) to aid debugging, then proceed
to bail as before.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@src/openhuman/composio/auth_retry.rs`:
- Around line 57-60: The branch that trims and rejects an empty tool slug
currently bails silently; add a tracing call before the bail so the rejection is
grep-able and follows logging guidelines: in the auth_retry.rs code where slug
is trimmed into let tool = slug.trim(); and before
anyhow::bail!("composio.execute_tool: tool slug must not be empty"); emit a
trace or debug event (e.g., tracing::debug! or tracing::trace!) with a clear tag
like "[composio][auth_retry]" and include the original slug (or its
whitespace-only indication) to aid debugging, then proceed to bail as before.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 54bb7193-305a-4e5d-a508-207b047a655c

📥 Commits

Reviewing files that changed from the base of the PR and between a6def97 and f325a37.

📒 Files selected for processing (4)

• src/openhuman/composio/auth_retry.rs
• src/openhuman/composio/auth_retry_tests.rs
• src/openhuman/composio/client.rs
• src/openhuman/composio/client_tests.rs

💤 Files with no reviewable changes (1)

• src/openhuman/composio/auth_retry_tests.rs