simstudioai
fix(oauth): add User-Agent header to Reddit token refresh
Summary
- Add User-Agent header to Reddit OAuth token refresh requests
- Reddit API requires User-Agent header for all requests, including token refresh
- Without this header, requests fail with 403 error after initial token expires
Test plan
- [x] Added test to verify User-Agent header is included in Reddit OAuth requests
- [x] All existing OAuth tests pass (23 tests)
Fixes #1822
@majiayu000 is attempting to deploy a commit to the Sim Team on Vercel.
A member of the Team first needs to authorize it.
![vercel[bot] avatar](https://avatars.githubusercontent.com/in/8329?v=4 "Published by a pub.dev verified publisher"){kind=small}
Greptile Summary
This PR fixes Reddit OAuth token refresh failures by adding the required User-Agent header to Reddit API requests. Reddit's API blocks requests without a User-Agent header with a 403 error, which was causing token refresh failures after the initial token expired.
Key Changes:
- Added
User-Agent: sim-studio/1.0 (https://github.com/simstudioai/sim)header to Reddit OAuth configuration - Added test coverage to verify the User-Agent header is included in Reddit OAuth requests
- Added Helm chart flexibility for custom network egress rules (unrelated infrastructure enhancement)
The implementation correctly leverages the existing additionalHeaders mechanism that's already used for GitHub's Accept header, ensuring consistency with the codebase patterns.
Confidence Score: 5/5
- This PR is safe to merge with no risk - it's a minimal, well-tested bug fix
- The fix directly addresses a documented Reddit API requirement, uses existing patterns (additionalHeaders), includes proper test coverage, and makes no breaking changes. The networkpolicy.yaml change is a safe infrastructure enhancement.
- No files require special attention
Important Files Changed
| Filename | Overview |
|---|---|
| apps/sim/lib/oauth/oauth.ts | Added User-Agent header to Reddit OAuth configuration to fix 403 errors during token refresh |
| apps/sim/lib/oauth/oauth.test.ts | Added test to verify User-Agent header is included in Reddit OAuth requests |
| helm/sim/templates/networkpolicy.yaml | Added support for custom egress rules configuration through Helm values |
Sequence Diagram
sequenceDiagram
participant Client
participant OAuthLib
participant Reddit API
Client->>OAuthLib: refreshOAuthToken('reddit', refreshToken)
OAuthLib->>OAuthLib: getProviderAuthConfig('reddit')
Note over OAuthLib: Creates config with<br/>User-Agent header
OAuthLib->>OAuthLib: buildAuthRequest(config, refreshToken)
Note over OAuthLib: Adds headers:<br/>- Content-Type<br/>- User-Agent (NEW)<br/>- Authorization (Basic Auth)
OAuthLib->>Reddit API: POST /api/v1/access_token<br/>with User-Agent header
alt Success
Reddit API-->>OAuthLib: {access_token, expires_in}
OAuthLib-->>Client: {accessToken, expiresInSeconds}
else Failure (403 without User-Agent)
Reddit API-->>OAuthLib: 403 Forbidden
OAuthLib-->>Client: null
end
![greptile-apps[bot] avatar](https://avatars.githubusercontent.com/in/867647?v=4 "Published by a pub.dev verified publisher"){kind=small}
Greptile found no issues!
From now on, if a review finishes and we haven't found any issues, we will not post anything, but you can confirm that we reviewed your changes in the status check section.
This feature can be toggled off in your Code Review Settings by deselecting "Create a status check for each PR".
The latest updates on your projects. Learn more about Vercel for GitHub.
| Project | Deployment | Review | Updated (UTC) |
|---|---|---|---|
| docs |  Ready |
Preview, Comment | Dec 22, 2025 5:52pm |
