feat(agents): directly indicate auth required state

[adamfweidman]

Summary

This PR updates the A2AResultReassembler to explicitly handle the auth-required state by appending a standard instruction message (AUTH_REQUIRED_MSG) to the output. This ensures that users are clearly notified when an agent requires authorization, even if the agent's message itself is sparse.

Details

• Added AUTH_REQUIRED_MSG constant to a2aUtils.ts.
• Implemented appendStateInstructions in A2AResultReassembler to append the auth message when the task state is auth-required.
• Added deduplication logic to prevent the auth message from appearing multiple times if multiple chunks report the same state.
• Added comprehensive unit tests in a2aUtils.test.ts.

Related Issues

Fixes: #17606

How to Validate

Run the unit tests:

npm test -w @google/gemini-cli-core -- src/agents/a2aUtils.test.ts

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run

[gemini-cli]

Hi there! Thank you for your contribution to Gemini CLI.

To improve our contribution process and better track changes, we now require all pull requests to be associated with an existing issue, as announced in our recent discussion and as detailed in our CONTRIBUTING.md.

This pull request is being closed because it is not currently linked to an issue. Once you have updated the description of this PR to link an issue (e.g., by adding Fixes #123 or Related to #123), it will be automatically reopened.

How to link an issue:
Add a keyword followed by the issue number (e.g., Fixes #123) in the description of your pull request. For more details on supported keywords and how linking works, please refer to the GitHub Documentation on linking pull requests to issues.

Thank you for your understanding and for being a part of our community!

[gemini-cli]

Hi @adamfweidman, thank you so much for your contribution to Gemini CLI! We really appreciate the time and effort you've put into this.

We're making some updates to our contribution process to improve how we track and review changes. Please take a moment to review our recent discussion post: Improving Our Contribution Process & Introducing New Guidelines.

Key Update: Starting January 26, 2026, the Gemini CLI project will require all pull requests to be associated with an existing issue. Any pull requests not linked to an issue by that date will be automatically closed.

Thank you for your understanding and for being a part of our community!

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request enhances the user experience by providing clear and consistent feedback when an agent requires authorization. It introduces a standardized message that is automatically appended to the agent's output, ensuring that users are always aware of the authorization status, regardless of the agent's specific response. This change improves clarity and reduces potential confusion during agent interactions.

Highlights

• Explicit Authorization Notification: The A2AResultReassembler now explicitly appends a standard message (AUTH_REQUIRED_MSG) to the output when an agent's task state is auth-required, ensuring users are clearly informed.
• Deduplication Logic: Implemented logic to prevent the AUTH_REQUIRED_MSG from being duplicated in the output, even if multiple auth-required status updates are received.
• New Constant and Method: A new constant, AUTH_REQUIRED_MSG, was added, along with a private method appendStateInstructions in A2AResultReassembler to manage the appending of state-specific instructions.
• Comprehensive Unit Tests: Added new unit tests to cover various scenarios for the auth-required state, including cases with and without an accompanying message, and to verify the deduplication behavior.

Changelog

• packages/core/src/agents/a2aUtils.test.ts
  • Imported AUTH_REQUIRED_MSG constant.
  • Added a test case to verify auth-required state handling with an agent message.
  • Included a test case to confirm auth-required state handling without relying on additional metadata.
  • Implemented a test to ensure the AUTH_REQUIRED_MSG is not duplicated when multiple auth-required chunks are processed.
• packages/core/src/agents/a2aUtils.ts
  • Defined AUTH_REQUIRED_MSG constant for authorization required messages.
  • Modified A2AResultReassembler to call appendStateInstructions for status-update chunks.
  • Modified A2AResultReassembler to call appendStateInstructions for task chunks.
  • Added a private method appendStateInstructions to A2AResultReassembler to append the AUTH_REQUIRED_MSG when the state is auth-required, with deduplication.

Activity

• The author added new unit tests to cover the changes.
• The author validated the changes on MacOS using npm run.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request effectively ensures that users are notified when an agent requires authorization by adding a standard message. The implementation is clean and includes good test coverage. However, I've identified a race condition that could lead to duplicate messages under certain circumstances. By reordering two method calls, this issue can be easily resolved, making the new feature more robust. My review includes specific suggestions to address this.

[github-actions]

Size Change: +536 B (0%)

Total Size: 25.8 MB

ℹ️ View Unchanged

Filename	Size	Change
./bundle/gemini.js	25.3 MB	+536 B (0%)
./bundle/node_modules/@google/gemini-cli-devtools/dist/client/main.js	221 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/_client-assets.js	227 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/index.js	11.5 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/types.js	132 B	0 B
./bundle/sandbox-macos-permissive-open.sb	890 B	0 B
./bundle/sandbox-macos-permissive-proxied.sb	1.31 kB	0 B
./bundle/sandbox-macos-restrictive-open.sb	3.36 kB	0 B
./bundle/sandbox-macos-restrictive-proxied.sb	3.56 kB	0 B
./bundle/sandbox-macos-strict-open.sb	4.82 kB	0 B
./bundle/sandbox-macos-strict-proxied.sb	5.02 kB	0 B

_{compressed-size-action}

[abhipatel12]

LGTM, one non-blocking nit