Spaces:

tao-shen
/

HuggingClaw-God

Paused

tao-shen Claude Opus 4.6 (1M context) commited on 28 days ago

Commit

b41db96

1 Parent(s): 2064383

fix: pre-create device with operator scopes for A2A dispatch

The A2A gateway dispatch requires operator.write scope but inboundAuth=none
doesn't grant any scopes. Pre-creating a device file with the gateway token
and operator.read/write scopes may allow authenticated A2A requests to dispatch.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Files changed (1) hide show

scripts/sync_hf.py +14 -8

scripts/sync_hf.py CHANGED Viewed

@@ -537,10 +537,7 @@ class OpenClawFullSync:
                     },
                     "server": {"host": "0.0.0.0", "port": 18800},
                     "security": {"inboundAuth": "none"},
-                    "routing": {
-                        "defaultAgentId": "main",
-                        "grantScopes": ["operator.read", "operator.write"]
-                    },
                     "peers": peers
                 }
             }
@@ -579,13 +576,22 @@ class OpenClawFullSync:
                         target.write_text(text)
                         print(f"[SYNC] Deployed workspace template: {tmpl.name}")
-            # Fix paired devices scopes (OpenClaw 2026.2.19+ requires operator.write/read)
-            # Delete old paired devices to force fresh auto-pair with correct scopes
             devices_dir = Path(OPENCLAW_HOME) / "devices"
             if devices_dir.exists():
-                import shutil
                 shutil.rmtree(devices_dir, ignore_errors=True)
-                print("[SYNC] Deleted devices/ dir to force fresh auto-pair with operator.write/read scopes")
             # Verify write
             with open(config_path, "r") as f:

                     },
                     "server": {"host": "0.0.0.0", "port": 18800},
                     "security": {"inboundAuth": "none"},
+                    "routing": {"defaultAgentId": "main"},
                     "peers": peers
                 }
             }
                         target.write_text(text)
                         print(f"[SYNC] Deployed workspace template: {tmpl.name}")
+            # Pre-create a paired device with operator.write/read scopes.
+            # This is needed for A2A gateway dispatch to have sufficient permissions.
             devices_dir = Path(OPENCLAW_HOME) / "devices"
             if devices_dir.exists():
                 shutil.rmtree(devices_dir, ignore_errors=True)
+            devices_dir.mkdir(parents=True, exist_ok=True)
+            device_file = devices_dir / "a2a-bridge.json"
+            device_file.write_text(json.dumps({
+                "id": "a2a-bridge",
+                "name": "A2A Bridge",
+                "token": GATEWAY_TOKEN,
+                "scopes": ["operator.read", "operator.write"],
+                "createdAt": datetime.now().isoformat(),
+                "approved": True
+            }, indent=2))
+            print("[SYNC] Created A2A bridge device with operator scopes")
             # Verify write
             with open(config_path, "r") as f: