fix(middleware): Skip OAuth endpoints in AI agent middleware

Exclude /oauth/ paths from the AI agent markdown response middleware
since these are legitimate machine-to-machine endpoints that should
work normally (device authorization, token exchange, etc.).

Fixes feedback from #106485

Author: dcramer

src/sentry/middleware/ai_agent.py

@@ -83,7 +83,7 @@ class AIAgentMiddleware:
     and returns helpful markdown guidance instead of HTML.
 
     Detection criteria:
-    1. Request path does NOT start with /api/ (frontend routes only)
+    1. Request path does NOT start with /api/ or /oauth/ (frontend routes only)
     2. Accept header contains text/markdown or text/x-markdown
     3. Request is anonymous (no authenticated user, no auth token)
     """
@@ -96,6 +96,10 @@ def __call__(self, request: HttpRequest) -> HttpResponse:
         if request.path.startswith("/api/"):
             return self.get_response(request)
 
+        # Skip OAuth routes - legitimate machine-to-machine endpoints
+        if request.path.startswith("/oauth/"):
+            return self.get_response(request)
+
         if not _accepts_markdown(request):
             return self.get_response(request)
 

tests/sentry/middleware/test_ai_agent.py

@@ -100,6 +100,11 @@ def test_api_path_passes_through(self):
 
         assert self.middleware(request).status_code == 401
 
+    def test_oauth_path_passes_through(self):
+        request = self.make_anonymous_request("/oauth/token/", HTTP_ACCEPT="text/markdown")
+
+        assert self.middleware(request).status_code == 401
+
     @patch("sentry.middleware.ai_agent.logger.info")
     def test_logs_request(self, mock_logger: MagicMock):
         request = self.make_anonymous_request(