vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 05:40:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: avoid external auth discovery during reply prep

Browse Source
This commit is contained in:
Shakker
2026-05-02 04:18:37 +01:00
parent 22e8d7b469
commit 15db5ff7ce
5 changed files with 37 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/agents/model-auth.ts
View File

@@ -23,6 +23,7 @@ import {
type AuthProfileStore,
externalCliDiscoveryForProviderAuth,
ensureAuthProfileStore,
ensureAuthProfileStoreWithoutExternalProfiles,
listProfilesForProvider,
resolveApiKeyForProfile,
resolveAuthProfileOrder,
@@ -43,7 +44,11 @@ import {
} from "./model-auth-runtime-shared.js";
import { normalizeProviderId } from "./model-selection.js";
export { ensureAuthProfileStore, resolveAuthProfileOrder } from "./auth-profiles.js";
export {
ensureAuthProfileStore,
ensureAuthProfileStoreWithoutExternalProfiles,
resolveAuthProfileOrder,
} from "./auth-profiles.js";
export { requireApiKey, resolveAwsSdkEnvVarName } from "./model-auth-runtime-shared.js";
export type { ResolvedProviderAuth } from "./model-auth-runtime-shared.js";
export type ProviderCredentialPrecedence = "profile-first" | "env-first";

1
src/agents/pi-embedded-runner/compact.hooks.harness.ts
View File

@@ -313,6 +313,7 @@ export async function loadCompactHooksHarness(): Promise<{
vi.doMock("../model-auth.js", () => ({
applyAuthHeaderOverride: vi.fn((model: unknown) => model),
applyLocalNoAuthHeaderOverride: vi.fn((model: unknown) => model),
ensureAuthProfileStoreWithoutExternalProfiles: vi.fn(() => ({})),
getApiKeyForModel: vi.fn(async () => ({ apiKey: "test", mode: "env" })),
resolveModelAuthMode: vi.fn(() => "env"),
}));

10
src/agents/pi-embedded-runner/run.overflow-compaction.harness.ts
View File

@@ -218,6 +218,8 @@ export const mockedGetApiKeyForModel = vi.fn(
mode: "api-key" as const,
}),
);
export const mockedEnsureAuthProfileStore = vi.fn(() => ({}));
export const mockedEnsureAuthProfileStoreWithoutExternalProfiles = vi.fn(() => ({}));
export const mockedResolveAuthProfileOrder = vi.fn(() => [] as string[]);
export const mockedShouldPreferExplicitConfigApiKeyAuth = vi.fn(() => false);
@@ -386,6 +388,10 @@ export function resetRunOverflowCompactionHarnessMocks(): void {
mode: "api-key",
}),
);
mockedEnsureAuthProfileStore.mockReset();
mockedEnsureAuthProfileStore.mockReturnValue({});
mockedEnsureAuthProfileStoreWithoutExternalProfiles.mockReset();
mockedEnsureAuthProfileStoreWithoutExternalProfiles.mockReturnValue({});
mockedResolveAuthProfileOrder.mockReset();
mockedResolveAuthProfileOrder.mockReturnValue([]);
mockedShouldPreferExplicitConfigApiKeyAuth.mockReset();
@@ -500,7 +506,9 @@ export async function loadRunOverflowCompactionHarness(): Promise<{
vi.doMock("../model-auth.js", () => ({
applyAuthHeaderOverride: vi.fn((model: unknown) => model),
applyLocalNoAuthHeaderOverride: vi.fn((model: unknown) => model),
ensureAuthProfileStore: vi.fn(() => ({})),
ensureAuthProfileStore: mockedEnsureAuthProfileStore,
ensureAuthProfileStoreWithoutExternalProfiles:
mockedEnsureAuthProfileStoreWithoutExternalProfiles,
getApiKeyForModel: mockedGetApiKeyForModel,
resolveAuthProfileOrder: mockedResolveAuthProfileOrder,
shouldPreferExplicitConfigApiKeyAuth: mockedShouldPreferExplicitConfigApiKeyAuth,

17
src/agents/pi-embedded-runner/run.overflow-compaction.test.ts
View File

@@ -18,6 +18,8 @@ import {
mockedContextEngine,
mockedDescribeFailoverError,
mockedEvaluateContextWindowGuard,
mockedEnsureAuthProfileStore,
mockedEnsureAuthProfileStoreWithoutExternalProfiles,
mockedGlobalHookRunner,
mockedGetApiKeyForModel,
mockedPickFallbackThinkingLevel,
@@ -193,6 +195,21 @@ describe("runEmbeddedPiAgent overflow compaction trigger routing", () => {
);
});
it("uses the lightweight auth profile store during reply startup", async () => {
mockedRunEmbeddedAttempt.mockResolvedValueOnce(makeAttemptResult({ promptError: null }));
await runEmbeddedPiAgent({
...overflowBaseRunParams,
runId: "run-lightweight-auth-store",
});
expect(mockedEnsureAuthProfileStore).not.toHaveBeenCalled();
expect(mockedEnsureAuthProfileStoreWithoutExternalProfiles).toHaveBeenCalledWith(
"/tmp/agent-dir",
{ allowKeychainPrompt: false },
);
});
it("forwards optional attempt params and the runtime plan into one attempt call", async () => {
const internalEvents: AgentInternalEvent[] = [];
const forwardingCase = makeForwardingCase(internalEvents);

13
src/agents/pi-embedded-runner/run.ts
View File

@@ -33,7 +33,6 @@ import {
markAuthProfileGood,
markAuthProfileUsed,
} from "../auth-profiles.js";
import { externalCliDiscoveryForProviderAuth } from "../auth-profiles/external-cli-discovery.js";
import {
resolveSessionKeyForRequest,
resolveStoredSessionKeyForSessionId,
@@ -52,7 +51,7 @@ import { shouldSwitchToLiveModel, clearLiveModelSwitchPending } from "../live-mo
import {
applyAuthHeaderOverride,
applyLocalNoAuthHeaderOverride,
ensureAuthProfileStore,
ensureAuthProfileStoreWithoutExternalProfiles,
type ResolvedProviderAuth,
resolveAuthProfileOrder,
shouldPreferExplicitConfigApiKeyAuth,
@@ -514,12 +513,8 @@ export async function runEmbeddedPiAgent(
const authStore = pluginHarnessOwnsTransport
? createEmptyAuthProfileStore()
: ensureAuthProfileStore(agentDir, {
externalCli: externalCliDiscoveryForProviderAuth({
cfg: params.config,
provider,
preferredProfile: params.authProfileId,
}),
: ensureAuthProfileStoreWithoutExternalProfiles(agentDir, {
allowKeychainPrompt: false,
});
const requestedProfileId = params.authProfileId?.trim();
const resolvePluginHarnessPreferredProfileId = (): string | undefined => {
@@ -541,7 +536,7 @@ export async function runEmbeddedPiAgent(
if (!harnessAuthProvider) {
return undefined;
}
const harnessAuthStore = ensureAuthProfileStore(agentDir, {
const harnessAuthStore = ensureAuthProfileStoreWithoutExternalProfiles(agentDir, {
allowKeychainPrompt: false,
});
return resolveAuthProfileOrder({