feat: API timeout config, Retry-After header support, and configurable retry

- Add TimeoutConfig to HTTP client builder with connect_timeout (30s) and request_timeout (5min) defaults, configurable via CLAW_API_CONNECT_TIMEOUT and CLAW_API_REQUEST_TIMEOUT env vars - Add with_timeout() builder to both AnthropicClient and OpenAiCompatClient for per-client timeout configuration - Parse Retry-After header on 429 responses and use it to override exponential backoff delay when present - Add ApiTimeoutConfig to runtime config with apiTimeout settings in ~/.claw/settings.json (connectTimeout, requestTimeout, maxRetries) - Add retry_after field to ApiError::Api for propagating rate limit backoff hints through the retry pipeline
2026-06-06 22:47:10 +08:00 · 2026-04-27 11:38:31 -05:00
parent 4d3dc5b873
commit d8c57ed317
8 changed files with 266 additions and 80 deletions
--- a/rust/crates/api/src/providers/anthropic.rs
+++ b/rust/crates/api/src/providers/anthropic.rs
@@ -211,6 +211,19 @@ impl AnthropicClient {
        self
    }

+    /// Replace the internal HTTP client with one that respects the given
+    /// timeout configuration. This controls connect and request-level
+    /// timeouts for all outbound API calls.
+    #[must_use]
+    pub fn with_timeout(mut self, timeout: &crate::http_client::TimeoutConfig) -> Self {
+        self.http = crate::http_client::build_http_client_with_opts(
+            &crate::http_client::ProxyConfig::from_env(),
+            timeout,
+        )
+        .unwrap_or_else(|_| reqwest::Client::new());
+        self
+    }
+
    #[must_use]
    pub fn with_session_tracer(mut self, session_tracer: SessionTracer) -> Self {
        self.session_tracer = Some(session_tracer);
@@ -454,7 +467,12 @@ impl AnthropicClient {
                break;
            }

-            tokio::time::sleep(self.jittered_backoff_for_attempt(attempts)?).await;
+            let delay = if let Some(retry_after) = last_error.as_ref().and_then(|e| e.retry_after()) {
+                retry_after
+            } else {
+                self.jittered_backoff_for_attempt(attempts)?
+            };
+            tokio::time::sleep(delay).await;
        }

        Err(ApiError::RetriesExhausted {
@@ -868,10 +886,12 @@ async fn expect_success(response: reqwest::Response) -> Result<reqwest::Response
        return Ok(response);
    }

-    let request_id = request_id_from_headers(response.headers());
+    let headers = response.headers().clone();
+    let request_id = request_id_from_headers(&headers);
    let body = response.text().await.unwrap_or_else(|_| String::new());
    let parsed_error = serde_json::from_str::<AnthropicErrorEnvelope>(&body).ok();
    let retryable = is_retryable_status(status);
+    let retry_after = parse_retry_after(&headers, status);

    Err(ApiError::Api {
        status,
@@ -885,9 +905,21 @@ async fn expect_success(response: reqwest::Response) -> Result<reqwest::Response
        body,
        retryable,
        suggested_action: None,
+        retry_after,
    })
 }

+fn parse_retry_after(headers: &reqwest::header::HeaderMap, status: reqwest::StatusCode) -> Option<std::time::Duration> {
+    if status != reqwest::StatusCode::TOO_MANY_REQUESTS {
+        return None;
+    }
+    headers
+        .get("retry-after")
+        .and_then(|v| v.to_str().ok())
+        .and_then(|v| v.parse::<u64>().ok())
+        .map(std::time::Duration::from_secs)
+}
+
 const fn is_retryable_status(status: reqwest::StatusCode) -> bool {
    matches!(status.as_u16(), 408 | 409 | 429 | 500 | 502 | 503 | 504)
 }
@@ -910,6 +942,8 @@ fn enrich_bearer_auth_error(error: ApiError, auth: &AuthSource) -> ApiError {
        body,
        retryable,
        suggested_action,
+        retry_after,
+        ..
    } = error
    else {
        return error;
@@ -923,6 +957,7 @@ fn enrich_bearer_auth_error(error: ApiError, auth: &AuthSource) -> ApiError {
            body,
            retryable,
            suggested_action,
+            retry_after,
        };
    }
    let Some(bearer_token) = auth.bearer_token() else {
@@ -934,6 +969,7 @@ fn enrich_bearer_auth_error(error: ApiError, auth: &AuthSource) -> ApiError {
            body,
            retryable,
            suggested_action,
+            retry_after,
        };
    };
    if !bearer_token.starts_with("sk-ant-") {
@@ -945,6 +981,7 @@ fn enrich_bearer_auth_error(error: ApiError, auth: &AuthSource) -> ApiError {
            body,
            retryable,
            suggested_action,
+            retry_after,
        };
    }
    // Only append the hint when the AuthSource is pure BearerToken. If both
@@ -960,6 +997,7 @@ fn enrich_bearer_auth_error(error: ApiError, auth: &AuthSource) -> ApiError {
            body,
            retryable,
            suggested_action,
+            retry_after,
        };
    }
    let enriched_message = match message {
@@ -974,6 +1012,7 @@ fn enrich_bearer_auth_error(error: ApiError, auth: &AuthSource) -> ApiError {
        body,
        retryable,
        suggested_action,
+        retry_after,
    }
 }

@@ -1562,6 +1601,7 @@ mod tests {
            body: String::new(),
            retryable: false,
            suggested_action: None,
+            retry_after: None,
        };

        // when
@@ -1603,6 +1643,7 @@ mod tests {
            body: String::new(),
            retryable: true,
            suggested_action: None,
+            retry_after: None,
        };

        // when
@@ -1632,6 +1673,7 @@ mod tests {
            body: String::new(),
            retryable: false,
            suggested_action: None,
+            retry_after: None,
        };

        // when
@@ -1660,6 +1702,7 @@ mod tests {
            body: String::new(),
            retryable: false,
            suggested_action: None,
+            retry_after: None,
        };

        // when
@@ -1685,6 +1728,7 @@ mod tests {
            body: String::new(),
            retryable: false,
            suggested_action: None,
+            retry_after: None,
        };

        // when