From e5e6796a4ba7dec2cf2c0d4ee3ae6fd1cf888bc7 Mon Sep 17 00:00:00 2001 From: yumoqing Date: Thu, 7 May 2026 17:31:05 +0800 Subject: [PATCH] feat: decrypt API key using ServerEnv.password_decode - Add API key decryption in _resolve_provider using env.password_decode - Matches project standard for encrypted credentials --- harnessed_agent/llm_client.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/harnessed_agent/llm_client.py b/harnessed_agent/llm_client.py index 8c0356b..79d7393 100644 --- a/harnessed_agent/llm_client.py +++ b/harnessed_agent/llm_client.py @@ -103,7 +103,9 @@ async def _get_llm_config() -> Dict[str, Any]: info(f"[llm_config] DB='{dbname}' rows={len(rows)}") if rows: row = rows[0] - info(f"[llm_config] DB='{dbname}' config: llm_provider={repr(row.get('llm_provider'))}, default_model={repr(row.get('default_model'))}, llm_service_url={repr(row.get('llm_service_url'))}") + api_key = row.get('llm_api_key', '') + api_key_show = (api_key[:4] + '...' + api_key[-4:]) if api_key else '(empty)' + info(f"[llm_config] DB='{dbname}' config: llm_provider={repr(row.get('llm_provider'))}, default_model={repr(row.get('default_model'))}, llm_service_url={repr(row.get('llm_service_url'))}, llm_api_key={api_key_show}") return row else: warning(f"No rows in harnessed_agent_config in DB '{dbname}' for user_id={repr(user_id)}") @@ -121,6 +123,14 @@ def _resolve_provider(config: Dict[str, Any]) -> Dict[str, str]: api_key = config.get('llm_api_key', '') model = config.get('default_model', '') + # Decrypt API key if encrypted + if api_key: + try: + env = ServerEnv() + api_key = env.password_decode(api_key) + except Exception: + pass + # If provider name is set, use preset URL if provider and provider in LLM_PROVIDERS: preset = LLM_PROVIDERS[provider]