vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-12 07:20:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Gateway Auth: allowlist bootstrap password references

Browse Source
This commit is contained in:
Vincent Koc
2026-03-07 16:26:12 -08:00
parent 475b0cb49a
commit 889a60e122
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/gateway/auth.ts
View File

@@ -304,9 +304,12 @@ export function assertGatewayAuthConfigured(
);
}
if (auth.mode === "password" && !auth.password) {
if (rawAuthConfig?.password != null && typeof rawAuthConfig.password !== "string") {
if (
rawAuthConfig?.password != null && // pragma: allowlist secret
typeof rawAuthConfig.password !== "string" // pragma: allowlist secret
) {
throw new Error(
"gateway auth mode is password, but gateway.auth.password contains a provider reference object instead of a resolved string — bootstrap secrets (gateway.auth.password) must be plaintext strings or set via the OPENCLAW_GATEWAY_PASSWORD environment variable because the secrets provider system has not initialised yet at gateway startup",
"gateway auth mode is password, but gateway.auth.password contains a provider reference object instead of a resolved string — bootstrap secrets (gateway.auth.password) must be plaintext strings or set via the OPENCLAW_GATEWAY_PASSWORD environment variable because the secrets provider system has not initialised yet at gateway startup", // pragma: allowlist secret
);
}
throw new Error("gateway auth mode is password, but no password was configured");