Fix hooks and permission dispatch for sub-agent sessions

When the CLI sends hooks.invoke or permission.request with a session ID
that is not registered (e.g. for CLI-created sub-agent sessions), fall
back to a registered session that has the appropriate handler. If no
session with a handler exists, hooks returns null output (no-op) and
permissions returns denied.

Agent-Logs-Url: https://github.com/github/copilot-sdk-java/sessions/7e1546a6-1f1c-4d86-b564-5d98d7586407

Co-authored-by: edburns <75821+edburns@users.noreply.github.com>

Author: Copilot

src/main/java/com/github/copilot/sdk/CopilotSession.java

@@ -1219,6 +1219,15 @@ void registerPermissionHandler(PermissionHandler handler) {
         permissionHandler.set(handler);
     }
 
+    /**
+     * Returns whether this session has a permission handler registered.
+     *
+     * @return {@code true} if a permission handler is registered
+     */
+    boolean hasPermissionHandler() {
+        return permissionHandler.get() != null;
+    }
+
     /**
      * Handles a permission request from the Copilot CLI.
      * <p>
@@ -1350,6 +1359,15 @@ void registerHooks(SessionHooks hooks) {
         hooksHandler.set(hooks);
     }
 
+    /**
+     * Returns whether this session has hooks registered.
+     *
+     * @return {@code true} if a {@link SessionHooks} instance is registered
+     */
+    boolean hasHooksHandler() {
+        return hooksHandler.get() != null;
+    }
+
     /**
      * Registers transform callbacks for system message sections.
      * <p>

src/main/java/com/github/copilot/sdk/RpcHandlerDispatcher.java

@@ -190,6 +190,9 @@ private void handlePermissionRequest(JsonRpcClient rpc, String requestId, JsonNo
                 JsonNode permissionRequest = params.get("permissionRequest");
 
                 CopilotSession session = sessions.get(sessionId);
+                if (session == null) {
+                    session = findSessionWithPermissionHandler();
+                }
                 if (session == null) {
                     var result = new PermissionRequestResult()
                             .setKind(PermissionRequestResultKind.DENIED_COULD_NOT_REQUEST_FROM_USER);
@@ -292,7 +295,11 @@ private void handleHooksInvoke(JsonRpcClient rpc, String requestId, JsonNode par
 
                 CopilotSession session = sessions.get(sessionId);
                 if (session == null) {
-                    rpc.sendErrorResponse(Long.parseLong(requestId), -32602, "Unknown session " + sessionId);
+                    session = findSessionWithHooks();
+                }
+                if (session == null) {
+                    // No registered session has hooks — return null output (no-op).
+                    rpc.sendResponse(Long.parseLong(requestId), Collections.singletonMap("output", null));
                     return;
                 }
 
@@ -366,6 +373,42 @@ private void handleSystemMessageTransform(JsonRpcClient rpc, String requestId, J
         });
     }
 
+    /**
+     * Finds a registered session that has hooks handlers.
+     * <p>
+     * Used as a fallback when the CLI sends a {@code hooks.invoke} call with a
+     * session ID that is not in the registry (e.g. for CLI-created sub-agent
+     * sessions).
+     *
+     * @return a session with hooks registered, or {@code null} if none exists
+     */
+    private CopilotSession findSessionWithHooks() {
+        for (CopilotSession s : sessions.values()) {
+            if (s.hasHooksHandler()) {
+                return s;
+            }
+        }
+        return null;
+    }
+
+    /**
+     * Finds a registered session that has a permission handler.
+     * <p>
+     * Used as a fallback when the CLI sends a {@code permission.request} call with
+     * a session ID that is not in the registry (e.g. for CLI-created sub-agent
+     * sessions).
+     *
+     * @return a session with a permission handler, or {@code null} if none exists
+     */
+    private CopilotSession findSessionWithPermissionHandler() {
+        for (CopilotSession s : sessions.values()) {
+            if (s.hasPermissionHandler()) {
+                return s;
+            }
+        }
+        return null;
+    }
+
     private void runAsync(Runnable task) {
         try {
             if (executor != null) {

src/test/java/com/github/copilot/sdk/RpcHandlerDispatcherTest.java

@@ -295,7 +295,8 @@ void toolCallHandlerFails() throws Exception {
     // ===== permission.request tests =====
 
     @Test
-    void permissionRequestWithUnknownSession() throws Exception {
+    void permissionRequestWithUnknownSessionNoFallback() throws Exception {
+        // No sessions registered at all — returns denied
         ObjectNode params = MAPPER.createObjectNode();
         params.put("sessionId", "nonexistent");
         params.putObject("permissionRequest");
@@ -307,6 +308,25 @@ void permissionRequestWithUnknownSession() throws Exception {
         assertEquals("denied-no-approval-rule-and-could-not-request-from-user", result.get("kind").asText());
     }
 
+    @Test
+    void permissionRequestFallsBackToSessionWithHandler() throws Exception {
+        // Register a session with a permission handler under a different ID
+        CopilotSession session = createSession("parent-session");
+        session.registerPermissionHandler((request, invocation) -> CompletableFuture
+                .completedFuture(new PermissionRequestResult().setKind("allow")));
+
+        // Send permission.request with an unknown sub-agent session ID
+        ObjectNode params = MAPPER.createObjectNode();
+        params.put("sessionId", "sub-agent-session");
+        params.putObject("permissionRequest");
+
+        invokeHandler("permission.request", "14", params);
+
+        JsonNode response = readResponse();
+        JsonNode result = response.get("result").get("result");
+        assertEquals("allow", result.get("kind").asText());
+    }
+
     @Test
     void permissionRequestWithHandler() throws Exception {
         CopilotSession session = createSession("s1");
@@ -453,7 +473,8 @@ void userInputRequestHandlerFails() throws Exception {
     // ===== hooks.invoke tests =====
 
     @Test
-    void hooksInvokeWithUnknownSession() throws Exception {
+    void hooksInvokeWithUnknownSessionNoFallback() throws Exception {
+        // No sessions registered at all — returns null output (no-op)
         ObjectNode params = MAPPER.createObjectNode();
         params.put("sessionId", "nonexistent");
         params.put("hookType", "preToolUse");
@@ -462,8 +483,31 @@ void hooksInvokeWithUnknownSession() throws Exception {
         invokeHandler("hooks.invoke", "30", params);
 
         JsonNode response = readResponse();
-        assertNotNull(response.get("error"));
-        assertEquals(-32602, response.get("error").get("code").asInt());
+        JsonNode output = response.get("result").get("output");
+        assertTrue(output == null || output.isNull(), "Output should be null when no session has hooks");
+    }
+
+    @Test
+    void hooksInvokeFallsBackToSessionWithHooks() throws Exception {
+        // Register a session with hooks under a different ID
+        CopilotSession session = createSession("parent-session");
+        session.registerHooks(new SessionHooks().setOnPreToolUse(
+                (input, invocation) -> CompletableFuture.completedFuture(PreToolUseHookOutput.allow())));
+
+        // Send hooks.invoke with an unknown sub-agent session ID
+        ObjectNode params = MAPPER.createObjectNode();
+        params.put("sessionId", "sub-agent-session");
+        params.put("hookType", "preToolUse");
+        ObjectNode input = params.putObject("input");
+        input.put("toolName", "glob");
+        input.put("toolCallId", "tc-sub");
+
+        invokeHandler("hooks.invoke", "35", params);
+
+        JsonNode response = readResponse();
+        JsonNode output = response.get("result").get("output");
+        assertNotNull(output, "Should fall back to the registered session's hooks");
+        assertEquals("allow", output.get("permissionDecision").asText());
     }
 
     @Test