Require permission handler on session creation (#554)

* Improve discoverability of permission handler being required

* Update TypeScript tests

* Formatting

* Test updates

* Formatting

* More doc updates

* Fix E2E tests: add permission handler to all session calls across Python, Go, C#

- Add on_permission_request/OnPermissionRequest to all Python and Go E2E test
  create_session/resume_session calls
- Fix pre-existing deny tests: restore 'denied-interactively-by-user' kind
  (was accidentally changed by blanket replace)
- Fix session-resume scenario builds for Go and C#

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Fix docs validation: add permission handler to getting-started.md examples

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Fix remaining E2E tests missing permission handler

- Go: client_test.go CreateSession calls need OnPermissionRequest
- Python: test_client.py create_session call needs config arg

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: SteveSandersonMS

docs/getting-started.md

@@ -1193,14 +1193,14 @@ Once the CLI is running in server mode, configure your SDK client to connect to
 <summary><strong>Node.js / TypeScript</strong></summary>
 
 ```typescript
-import { CopilotClient } from "@github/copilot-sdk";
+import { CopilotClient, approveAll } from "@github/copilot-sdk";
 
 const client = new CopilotClient({
     cliUrl: "localhost:4321"
 });
 
 // Use the client normally
-const session = await client.createSession();
+const session = await client.createSession({ onPermissionRequest: approveAll });
 // ...
 ```
 
@@ -1210,15 +1210,15 @@ const session = await client.createSession();
 <summary><strong>Python</strong></summary>
 
 ```python
-from copilot import CopilotClient
+from copilot import CopilotClient, PermissionHandler
 
 client = CopilotClient({
     "cli_url": "localhost:4321"
 })
 await client.start()
 
 # Use the client normally
-session = await client.create_session()
+session = await client.create_session({"on_permission_request": PermissionHandler.approve_all})
 # ...
 ```
 
@@ -1241,7 +1241,9 @@ if err := client.Start(ctx); err != nil {
 defer client.Stop()
 
 // Use the client normally
-session, err := client.CreateSession(ctx, nil)
+session, err := client.CreateSession(ctx, &copilot.SessionConfig{
+    OnPermissionRequest: copilot.PermissionHandler.ApproveAll,
+})
 // ...
 ```
 
@@ -1260,7 +1262,10 @@ using var client = new CopilotClient(new CopilotClientOptions
 });
 
 // Use the client normally
-await using var session = await client.CreateSessionAsync();
+await using var session = await client.CreateSessionAsync(new()
+{
+    OnPermissionRequest = PermissionHandler.ApproveAll
+});
 // ...
 ```
 

dotnet/src/Client.cs

@@ -38,7 +38,7 @@ namespace GitHub.Copilot.SDK;
 /// await using var client = new CopilotClient();
 ///
 /// // Create a session
-/// await using var session = await client.CreateSessionAsync(new SessionConfig { Model = "gpt-4" });
+/// await using var session = await client.CreateSessionAsync(new() { OnPermissionRequest = PermissionHandler.ApproveAll, Model = "gpt-4" });
 ///
 /// // Handle events
 /// using var subscription = session.On(evt =>
@@ -340,10 +340,9 @@ private async Task CleanupConnectionAsync(List<Exception>? errors)
     /// <summary>
     /// Creates a new Copilot session with the specified configuration.
     /// </summary>
-    /// <param name="config">Configuration for the session. If null, default settings are used.</param>
+    /// <param name="config">Configuration for the session, including the required <see cref="SessionConfig.OnPermissionRequest"/> handler.</param>
     /// <param name="cancellationToken">A <see cref="CancellationToken"/> that can be used to cancel the operation.</param>
     /// <returns>A task that resolves to provide the <see cref="CopilotSession"/>.</returns>
-    /// <exception cref="InvalidOperationException">Thrown when the client is not connected and AutoStart is disabled, or when a session with the same ID already exists.</exception>
     /// <remarks>
     /// Sessions maintain conversation state, handle events, and manage tool execution.
     /// If the client is not connected and <see cref="CopilotClientOptions.AutoStart"/> is enabled (default),
@@ -352,21 +351,29 @@ private async Task CleanupConnectionAsync(List<Exception>? errors)
     /// <example>
     /// <code>
     /// // Basic session
-    /// var session = await client.CreateSessionAsync();
+    /// var session = await client.CreateSessionAsync(new() { OnPermissionRequest = PermissionHandler.ApproveAll });
     ///
     /// // Session with model and tools
-    /// var session = await client.CreateSessionAsync(new SessionConfig
+    /// var session = await client.CreateSessionAsync(new()
     /// {
+    ///     OnPermissionRequest = PermissionHandler.ApproveAll,
     ///     Model = "gpt-4",
     ///     Tools = [AIFunctionFactory.Create(MyToolMethod)]
     /// });
     /// </code>
     /// </example>
-    public async Task<CopilotSession> CreateSessionAsync(SessionConfig? config = null, CancellationToken cancellationToken = default)
+    public async Task<CopilotSession> CreateSessionAsync(SessionConfig config, CancellationToken cancellationToken = default)
     {
+        if (config.OnPermissionRequest == null)
+        {
+            throw new ArgumentException(
+                "An OnPermissionRequest handler is required when creating a session. " +
+                "For example, to allow all permissions, use CreateSessionAsync(new() { OnPermissionRequest = PermissionHandler.ApproveAll });");
+        }
+
         var connection = await EnsureConnectedAsync(cancellationToken);
 
-        var hasHooks = config?.Hooks != null && (
+        var hasHooks = config.Hooks != null && (
             config.Hooks.OnPreToolUse != null ||
             config.Hooks.OnPostToolUse != null ||
             config.Hooks.OnUserPromptSubmitted != null ||
@@ -375,42 +382,39 @@ public async Task<CopilotSession> CreateSessionAsync(SessionConfig? config = nul
             config.Hooks.OnErrorOccurred != null);
 
         var request = new CreateSessionRequest(
-            config?.Model,
-            config?.SessionId,
-            config?.ClientName,
-            config?.ReasoningEffort,
-            config?.Tools?.Select(ToolDefinition.FromAIFunction).ToList(),
-            config?.SystemMessage,
-            config?.AvailableTools,
-            config?.ExcludedTools,
-            config?.Provider,
+            config.Model,
+            config.SessionId,
+            config.ClientName,
+            config.ReasoningEffort,
+            config.Tools?.Select(ToolDefinition.FromAIFunction).ToList(),
+            config.SystemMessage,
+            config.AvailableTools,
+            config.ExcludedTools,
+            config.Provider,
             (bool?)true,
-            config?.OnUserInputRequest != null ? true : null,
+            config.OnUserInputRequest != null ? true : null,
             hasHooks ? true : null,
-            config?.WorkingDirectory,
-            config?.Streaming == true ? true : null,
-            config?.McpServers,
+            config.WorkingDirectory,
+            config.Streaming is true ? true : null,
+            config.McpServers,
             "direct",
-            config?.CustomAgents,
-            config?.ConfigDir,
-            config?.SkillDirectories,
-            config?.DisabledSkills,
-            config?.InfiniteSessions);
+            config.CustomAgents,
+            config.ConfigDir,
+            config.SkillDirectories,
+            config.DisabledSkills,
+            config.InfiniteSessions);
 
         var response = await InvokeRpcAsync<CreateSessionResponse>(
             connection.Rpc, "session.create", [request], cancellationToken);
 
         var session = new CopilotSession(response.SessionId, connection.Rpc, response.WorkspacePath);
-        session.RegisterTools(config?.Tools ?? []);
-        if (config?.OnPermissionRequest != null)
-        {
-            session.RegisterPermissionHandler(config.OnPermissionRequest);
-        }
-        if (config?.OnUserInputRequest != null)
+        session.RegisterTools(config.Tools ?? []);
+        session.RegisterPermissionHandler(config.OnPermissionRequest);
+        if (config.OnUserInputRequest != null)
         {
             session.RegisterUserInputHandler(config.OnUserInputRequest);
         }
-        if (config?.Hooks != null)
+        if (config.Hooks != null)
         {
             session.RegisterHooks(config.Hooks);
         }
@@ -427,9 +431,10 @@ public async Task<CopilotSession> CreateSessionAsync(SessionConfig? config = nul
     /// Resumes an existing Copilot session with the specified configuration.
     /// </summary>
     /// <param name="sessionId">The ID of the session to resume.</param>
-    /// <param name="config">Configuration for the resumed session. If null, default settings are used.</param>
+    /// <param name="config">Configuration for the resumed session, including the required <see cref="ResumeSessionConfig.OnPermissionRequest"/> handler.</param>
     /// <param name="cancellationToken">A <see cref="CancellationToken"/> that can be used to cancel the operation.</param>
     /// <returns>A task that resolves to provide the <see cref="CopilotSession"/>.</returns>
+    /// <exception cref="ArgumentException">Thrown when <see cref="ResumeSessionConfig.OnPermissionRequest"/> is not set.</exception>
     /// <exception cref="InvalidOperationException">Thrown when the session does not exist or the client is not connected.</exception>
     /// <remarks>
     /// This allows you to continue a previous conversation, maintaining all conversation history.
@@ -438,20 +443,28 @@ public async Task<CopilotSession> CreateSessionAsync(SessionConfig? config = nul
     /// <example>
     /// <code>
     /// // Resume a previous session
-    /// var session = await client.ResumeSessionAsync("session-123");
+    /// var session = await client.ResumeSessionAsync("session-123", new() { OnPermissionRequest = PermissionHandler.ApproveAll });
     ///
     /// // Resume with new tools
-    /// var session = await client.ResumeSessionAsync("session-123", new ResumeSessionConfig
+    /// var session = await client.ResumeSessionAsync("session-123", new()
     /// {
+    ///     OnPermissionRequest = PermissionHandler.ApproveAll,
     ///     Tools = [AIFunctionFactory.Create(MyNewToolMethod)]
     /// });
     /// </code>
     /// </example>
-    public async Task<CopilotSession> ResumeSessionAsync(string sessionId, ResumeSessionConfig? config = null, CancellationToken cancellationToken = default)
+    public async Task<CopilotSession> ResumeSessionAsync(string sessionId, ResumeSessionConfig config, CancellationToken cancellationToken = default)
     {
+        if (config.OnPermissionRequest == null)
+        {
+            throw new ArgumentException(
+                "An OnPermissionRequest handler is required when resuming a session. " +
+                "For example, to allow all permissions, use new() { OnPermissionRequest = PermissionHandler.ApproveAll }.");
+        }
+
         var connection = await EnsureConnectedAsync(cancellationToken);
 
-        var hasHooks = config?.Hooks != null && (
+        var hasHooks = config.Hooks != null && (
             config.Hooks.OnPreToolUse != null ||
             config.Hooks.OnPostToolUse != null ||
             config.Hooks.OnUserPromptSubmitted != null ||
@@ -461,42 +474,39 @@ public async Task<CopilotSession> ResumeSessionAsync(string sessionId, ResumeSes
 
         var request = new ResumeSessionRequest(
             sessionId,
-            config?.ClientName,
-            config?.Model,
-            config?.ReasoningEffort,
-            config?.Tools?.Select(ToolDefinition.FromAIFunction).ToList(),
-            config?.SystemMessage,
-            config?.AvailableTools,
-            config?.ExcludedTools,
-            config?.Provider,
+            config.ClientName,
+            config.Model,
+            config.ReasoningEffort,
+            config.Tools?.Select(ToolDefinition.FromAIFunction).ToList(),
+            config.SystemMessage,
+            config.AvailableTools,
+            config.ExcludedTools,
+            config.Provider,
             (bool?)true,
-            config?.OnUserInputRequest != null ? true : null,
+            config.OnUserInputRequest != null ? true : null,
             hasHooks ? true : null,
-            config?.WorkingDirectory,
-            config?.ConfigDir,
-            config?.DisableResume == true ? true : null,
-            config?.Streaming == true ? true : null,
-            config?.McpServers,
+            config.WorkingDirectory,
+            config.ConfigDir,
+            config.DisableResume is true ? true : null,
+            config.Streaming is true ? true : null,
+            config.McpServers,
             "direct",
-            config?.CustomAgents,
-            config?.SkillDirectories,
-            config?.DisabledSkills,
-            config?.InfiniteSessions);
+            config.CustomAgents,
+            config.SkillDirectories,
+            config.DisabledSkills,
+            config.InfiniteSessions);
 
         var response = await InvokeRpcAsync<ResumeSessionResponse>(
             connection.Rpc, "session.resume", [request], cancellationToken);
 
         var session = new CopilotSession(response.SessionId, connection.Rpc, response.WorkspacePath);
-        session.RegisterTools(config?.Tools ?? []);
-        if (config?.OnPermissionRequest != null)
-        {
-            session.RegisterPermissionHandler(config.OnPermissionRequest);
-        }
-        if (config?.OnUserInputRequest != null)
+        session.RegisterTools(config.Tools ?? []);
+        session.RegisterPermissionHandler(config.OnPermissionRequest);
+        if (config.OnUserInputRequest != null)
         {
             session.RegisterUserInputHandler(config.OnUserInputRequest);
         }
-        if (config?.Hooks != null)
+        if (config.Hooks != null)
         {
             session.RegisterHooks(config.Hooks);
         }
@@ -516,7 +526,7 @@ public async Task<CopilotSession> ResumeSessionAsync(string sessionId, ResumeSes
     /// <code>
     /// if (client.State == ConnectionState.Connected)
     /// {
-    ///     var session = await client.CreateSessionAsync();
+    ///     var session = await client.CreateSessionAsync(new() { OnPermissionRequest = PermissionHandler.ApproveAll });
     /// }
     /// </code>
     /// </example>
@@ -630,7 +640,7 @@ public async Task<List<ModelInfo>> ListModelsAsync(CancellationToken cancellatio
     /// var lastId = await client.GetLastSessionIdAsync();
     /// if (lastId != null)
     /// {
-    ///     var session = await client.ResumeSessionAsync(lastId);
+    ///     var session = await client.ResumeSessionAsync(lastId, new() { OnPermissionRequest = PermissionHandler.ApproveAll });
     /// }
     /// </code>
     /// </example>

dotnet/src/Session.cs

@@ -27,7 +27,7 @@ namespace GitHub.Copilot.SDK;
 /// </remarks>
 /// <example>
 /// <code>
-/// await using var session = await client.CreateSessionAsync(new SessionConfig { Model = "gpt-4" });
+/// await using var session = await client.CreateSessionAsync(new() { OnPermissionRequest = PermissionHandler.ApproveAll, Model = "gpt-4" });
 ///
 /// // Subscribe to events
 /// using var subscription = session.On(evt =>
@@ -557,10 +557,10 @@ await InvokeRpcAsync<object>(
     /// <example>
     /// <code>
     /// // Using 'await using' for automatic disposal
-    /// await using var session = await client.CreateSessionAsync();
+    /// await using var session = await client.CreateSessionAsync(new() { OnPermissionRequest = PermissionHandler.ApproveAll });
     ///
     /// // Or manually dispose
-    /// var session2 = await client.CreateSessionAsync();
+    /// var session2 = await client.CreateSessionAsync(new() { OnPermissionRequest = PermissionHandler.ApproveAll });
     /// // ... use the session ...
     /// await session2.DisposeAsync();
     /// </code>

dotnet/test/AskUserTests.cs

@@ -15,7 +15,7 @@ public async Task Should_Invoke_User_Input_Handler_When_Model_Uses_Ask_User_Tool
     {
         var userInputRequests = new List<UserInputRequest>();
         CopilotSession? session = null;
-        session = await Client.CreateSessionAsync(new SessionConfig
+        session = await CreateSessionAsync(new SessionConfig
         {
             OnUserInputRequest = (request, invocation) =>
             {
@@ -49,7 +49,7 @@ public async Task Should_Receive_Choices_In_User_Input_Request()
     {
         var userInputRequests = new List<UserInputRequest>();
 
-        var session = await Client.CreateSessionAsync(new SessionConfig
+        var session = await CreateSessionAsync(new SessionConfig
         {
             OnUserInputRequest = (request, invocation) =>
             {
@@ -82,7 +82,7 @@ public async Task Should_Handle_Freeform_User_Input_Response()
         var userInputRequests = new List<UserInputRequest>();
         var freeformAnswer = "This is my custom freeform answer that was not in the choices";
 
-        var session = await Client.CreateSessionAsync(new SessionConfig
+        var session = await CreateSessionAsync(new SessionConfig
         {
             OnUserInputRequest = (request, invocation) =>
             {