@almightygpt/core 0.10.0 → 0.11.0

package/src/auth/__tests__/resolver.test.ts

@@ -0,0 +1,255 @@
+/**
+ * Resolver tests — proves the priority chain.
+ *
+ * Codex's v0.8 security review (P1 #3) called out that without these
+ * tests, the resolver could silently regress and ship — because
+ * `npm run test` would pass vacuously.
+ *
+ * Each test isolates the keychain via vi.mock so we control its
+ * behavior per case. Env vars are reset in beforeEach so test order
+ * doesn't matter.
+ */
+
+import { describe, it, expect, beforeEach, afterEach, vi } from "vitest";
+import { resolveApiKey, requireApiKey } from "../resolver.js";
+import { AuthMissingError } from "../types.js";
+
+// Mock the keychain module before any test runs. Each test then
+// overrides the mock's return for getKeychain().
+vi.mock("../keychain.js", () => ({
+  getKeychain: vi.fn(),
+}));
+import { getKeychain } from "../keychain.js";
+
+const PROVIDER_ENV_VAR = {
+  openai: "OPENAI_API_KEY",
+  anthropic: "ANTHROPIC_API_KEY",
+  google: "GOOGLE_API_KEY",
+  openrouter: "OPENROUTER_API_KEY", // added v0.12.0
+  // ollama has no env var (local, no auth)
+} as const;
+
+function makeKeychainStub(behavior: {
+  available: boolean;
+  get?: () => Promise<
+    | { kind: "found"; key: string }
+    | { kind: "absent" }
+    | { kind: "error"; message: string }
+  >;
+}) {
+  return {
+    available: behavior.available,
+    describeBackend: () => "test-backend",
+    get: behavior.get ?? (async () => ({ kind: "absent" as const })),
+    set: async () => {},
+    remove: async () => true,
+  };
+}
+
+describe("resolveApiKey — priority order", () => {
+  const savedEnv: Record<string, string | undefined> = {};
+
+  beforeEach(() => {
+    // Snapshot + clear all provider env vars so test inputs are
+    // deterministic.
+    for (const v of Object.values(PROVIDER_ENV_VAR)) {
+      savedEnv[v] = process.env[v];
+      delete process.env[v];
+    }
+    delete process.env.GEMINI_API_KEY;
+    vi.clearAllMocks();
+  });
+
+  afterEach(() => {
+    // Restore original env so we don't pollute the runner / sibling tests.
+    for (const [k, v] of Object.entries(savedEnv)) {
+      if (v === undefined) delete process.env[k];
+      else process.env[k] = v;
+    }
+  });
+
+  it("explicit param wins over env (which would otherwise win over keychain)", async () => {
+    process.env.OPENAI_API_KEY = "from-env";
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({
+        available: true,
+        get: async () => ({ kind: "found", key: "from-keychain" }),
+      }),
+    );
+    const r = await resolveApiKey("openai", { explicit: "from-explicit" });
+    expect(r.source).toBe("explicit");
+    expect(r.key).toBe("from-explicit");
+  });
+
+  it("env wins over keychain — prevents stale-keychain-key bug Codex flagged", async () => {
+    process.env.OPENAI_API_KEY = "from-env";
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({
+        available: true,
+        get: async () => ({ kind: "found", key: "from-keychain" }),
+      }),
+    );
+    const r = await resolveApiKey("openai");
+    expect(r.source).toBe("env");
+    expect(r.key).toBe("from-env");
+    expect(r.envVar).toBe("OPENAI_API_KEY");
+  });
+
+  it("keychain wins over missing", async () => {
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({
+        available: true,
+        get: async () => ({ kind: "found", key: "from-keychain" }),
+      }),
+    );
+    const r = await resolveApiKey("openai");
+    expect(r.source).toBe("keychain");
+    expect(r.key).toBe("from-keychain");
+  });
+
+  it("returns missing when no source has the key", async () => {
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({ available: true }),
+    );
+    const r = await resolveApiKey("openai");
+    expect(r.source).toBe("missing");
+    expect(r.key).toBeUndefined();
+  });
+
+  it("returns keychain_error (not missing) when keychain read fails", async () => {
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({
+        available: true,
+        get: async () => ({ kind: "error", message: "denied by OS" }),
+      }),
+    );
+    const r = await resolveApiKey("openai");
+    expect(r.source).toBe("keychain_error");
+    expect(r.keychainError).toBe("denied by OS");
+  });
+
+  it("keychain unavailability degrades to missing (not error) — backward compat", async () => {
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({ available: false }),
+    );
+    const r = await resolveApiKey("openai");
+    expect(r.source).toBe("missing");
+  });
+
+  it("skipKeychain option bypasses keychain entirely", async () => {
+    process.env.OPENAI_API_KEY = "from-env";
+    // Keychain mock would throw if called — proves skipKeychain takes effect.
+    vi.mocked(getKeychain).mockImplementation(() => {
+      throw new Error("getKeychain should not be called when skipKeychain is true");
+    });
+    const r = await resolveApiKey("openai", { skipKeychain: true });
+    expect(r.source).toBe("env");
+  });
+
+  it("Google provider checks BOTH GOOGLE_API_KEY and GEMINI_API_KEY", async () => {
+    delete process.env.GOOGLE_API_KEY;
+    process.env.GEMINI_API_KEY = "from-gemini-env";
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({ available: false }),
+    );
+    const r = await resolveApiKey("google");
+    expect(r.source).toBe("env");
+    expect(r.key).toBe("from-gemini-env");
+    expect(r.envVar).toBe("GEMINI_API_KEY");
+  });
+
+  it("Google prefers GOOGLE_API_KEY over GEMINI_API_KEY when both set", async () => {
+    process.env.GOOGLE_API_KEY = "primary";
+    process.env.GEMINI_API_KEY = "secondary";
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({ available: false }),
+    );
+    const r = await resolveApiKey("google");
+    expect(r.source).toBe("env");
+    expect(r.envVar).toBe("GOOGLE_API_KEY");
+    expect(r.key).toBe("primary");
+  });
+
+  it("OpenRouter provider reads OPENROUTER_API_KEY (v0.12.0+)", async () => {
+    process.env.OPENROUTER_API_KEY = "from-or";
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({ available: false }),
+    );
+    const r = await resolveApiKey("openrouter");
+    expect(r.source).toBe("env");
+    expect(r.key).toBe("from-or");
+    expect(r.envVar).toBe("OPENROUTER_API_KEY");
+  });
+
+  it("Ollama has no env vars and falls straight to keychain → missing", async () => {
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({ available: true }),
+    );
+    // Ollama has no API key — PROVIDER_ENV_VARS["ollama"] is empty.
+    // The resolver should skip the env loop entirely and check
+    // keychain → return "missing" since the keychain stub is empty.
+    const r = await resolveApiKey("ollama");
+    expect(r.source).toBe("missing");
+  });
+
+  it("empty env var is treated as not set (falls through to keychain)", async () => {
+    process.env.OPENAI_API_KEY = "";
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({
+        available: true,
+        get: async () => ({ kind: "found", key: "from-keychain" }),
+      }),
+    );
+    const r = await resolveApiKey("openai");
+    expect(r.source).toBe("keychain");
+  });
+});
+
+describe("requireApiKey — throws AuthMissingError on missing / keychain_error", () => {
+  const savedEnv: Record<string, string | undefined> = {};
+
+  beforeEach(() => {
+    for (const v of Object.values(PROVIDER_ENV_VAR)) {
+      savedEnv[v] = process.env[v];
+      delete process.env[v];
+    }
+    delete process.env.GEMINI_API_KEY;
+    vi.clearAllMocks();
+  });
+
+  afterEach(() => {
+    for (const [k, v] of Object.entries(savedEnv)) {
+      if (v === undefined) delete process.env[k];
+      else process.env[k] = v;
+    }
+  });
+
+  it("returns the key when found", async () => {
+    process.env.ANTHROPIC_API_KEY = "the-key";
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({ available: false }),
+    );
+    const key = await requireApiKey("anthropic");
+    expect(key).toBe("the-key");
+  });
+
+  it("throws AuthMissingError with provider + env var when missing", async () => {
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({ available: true }),
+    );
+    await expect(requireApiKey("anthropic")).rejects.toThrow(AuthMissingError);
+    await expect(requireApiKey("anthropic")).rejects.toThrow(/anthropic/);
+    await expect(requireApiKey("anthropic")).rejects.toThrow(/ANTHROPIC_API_KEY/);
+  });
+
+  it("throws AuthMissingError with a DIFFERENT message for keychain_error", async () => {
+    vi.mocked(getKeychain).mockResolvedValue(
+      makeKeychainStub({
+        available: true,
+        get: async () => ({ kind: "error", message: "keyring locked" }),
+      }),
+    );
+    await expect(requireApiKey("anthropic")).rejects.toThrow(/keyring locked/);
+    await expect(requireApiKey("anthropic")).rejects.toThrow(/Keychain read failed/);
+  });
+});

package/src/auth/__tests__/validator.test.ts

@@ -0,0 +1,241 @@
+/**
+ * Validator tests with mocked fetch.
+ *
+ * Covers Codex's v0.8 security review demand:
+ *   "Add a regression test that failed validation never logs or returns
+ *    a URL containing the key."
+ *
+ * Plus the broader contract:
+ *   - happy path → ok: true with model
+ *   - timeout → ok: false with friendly message
+ *   - non-OK response → normalized error with statusCode, never raw body
+ *   - submitted key NEVER appears in error / model field for ANY provider
+ */
+
+import { describe, it, expect, beforeEach, vi } from "vitest";
+import { validateKey } from "../validator.js";
+
+const fetchMock = vi.fn();
+vi.stubGlobal("fetch", fetchMock);
+
+// Keys with recognizable patterns so we can grep for them in any output.
+const KEYS = {
+  openai: "sk-test-openai-CANARY-VALUE-12345",
+  anthropic: "sk-ant-test-anthropic-CANARY-VALUE-67890",
+  google: "AIza-test-google-CANARY-VALUE-abcde",
+} as const;
+
+function jsonResponse(status: number, body: object | string): Response {
+  return new Response(typeof body === "string" ? body : JSON.stringify(body), {
+    status,
+    headers: { "content-type": "application/json" },
+  });
+}
+
+beforeEach(() => {
+  fetchMock.mockReset();
+});
+
+describe("validator — OpenAI", () => {
+  it("happy path returns ok with model name from response", async () => {
+    fetchMock.mockResolvedValueOnce(
+      jsonResponse(200, { model: "gpt-4o-2024-08-06", choices: [] }),
+    );
+    const r = await validateKey("openai", KEYS.openai);
+    expect(r.ok).toBe(true);
+    expect(r.model).toBe("gpt-4o-2024-08-06");
+    expect(r.latencyMs).toBeGreaterThanOrEqual(0);
+  });
+
+  it("posts to /v1/chat/completions with the key as Bearer header (NOT in URL)", async () => {
+    fetchMock.mockResolvedValueOnce(
+      jsonResponse(200, { model: "gpt-4o" }),
+    );
+    await validateKey("openai", KEYS.openai);
+    const [url, init] = fetchMock.mock.calls[0]!;
+    expect(String(url)).toBe("https://api.openai.com/v1/chat/completions");
+    expect(String(url)).not.toContain(KEYS.openai);
+    expect((init as RequestInit).headers).toMatchObject({
+      authorization: `Bearer ${KEYS.openai}`,
+    });
+  });
+
+  it("non-OK response returns normalized error with statusCode and no raw body in error", async () => {
+    fetchMock.mockResolvedValueOnce(
+      jsonResponse(401, {
+        error: {
+          message: "Incorrect API key provided",
+          type: "invalid_request_error",
+          code: "invalid_api_key",
+        },
+      }),
+    );
+    const r = await validateKey("openai", KEYS.openai);
+    expect(r.ok).toBe(false);
+    expect(r.statusCode).toBe(401);
+    expect(r.error).toContain("Incorrect API key provided");
+    // The error string should be short — not the raw JSON body.
+    expect(r.error!.length).toBeLessThan(200);
+    // rawBody is preserved separately for explicit debug use.
+    expect(r.rawBody).toBeDefined();
+  });
+});
+
+describe("validator — Anthropic", () => {
+  it("happy path returns ok with model from response", async () => {
+    fetchMock.mockResolvedValueOnce(
+      jsonResponse(200, { model: "claude-sonnet-4-6", content: [] }),
+    );
+    const r = await validateKey("anthropic", KEYS.anthropic);
+    expect(r.ok).toBe(true);
+    expect(r.model).toBe("claude-sonnet-4-6");
+  });
+
+  it("posts to /v1/messages with x-api-key header (NOT in URL)", async () => {
+    fetchMock.mockResolvedValueOnce(
+      jsonResponse(200, { model: "claude-sonnet-4-6" }),
+    );
+    await validateKey("anthropic", KEYS.anthropic);
+    const [url, init] = fetchMock.mock.calls[0]!;
+    expect(String(url)).toBe("https://api.anthropic.com/v1/messages");
+    expect(String(url)).not.toContain(KEYS.anthropic);
+    expect((init as RequestInit).headers).toMatchObject({
+      "x-api-key": KEYS.anthropic,
+    });
+  });
+
+  it("non-OK response returns normalized error with parsed message", async () => {
+    fetchMock.mockResolvedValueOnce(
+      jsonResponse(400, {
+        type: "error",
+        error: {
+          type: "authentication_error",
+          message: "invalid x-api-key",
+        },
+      }),
+    );
+    const r = await validateKey("anthropic", KEYS.anthropic);
+    expect(r.ok).toBe(false);
+    expect(r.statusCode).toBe(400);
+    expect(r.error).toContain("invalid x-api-key");
+  });
+});
+
+describe("validator — Google", () => {
+  it("happy path returns ok with the configured model name", async () => {
+    fetchMock.mockResolvedValueOnce(
+      jsonResponse(200, { candidates: [{ content: { parts: [] } }] }),
+    );
+    const r = await validateKey("google", KEYS.google);
+    expect(r.ok).toBe(true);
+    expect(r.model).toBe("gemini-2.5-flash");
+  });
+
+  it("CODEX V0.8 P1: uses x-goog-api-key header — NEVER puts the key in the URL", async () => {
+    fetchMock.mockResolvedValueOnce(
+      jsonResponse(200, { candidates: [] }),
+    );
+    await validateKey("google", KEYS.google);
+    const [url, init] = fetchMock.mock.calls[0]!;
+    // This is the regression-test Codex specifically requested.
+    expect(String(url)).not.toContain(KEYS.google);
+    expect(String(url)).not.toContain("?key=");
+    // And the key MUST be in the header instead.
+    expect((init as RequestInit).headers).toMatchObject({
+      "x-goog-api-key": KEYS.google,
+    });
+  });
+
+  it("non-OK response returns normalized error with statusCode", async () => {
+    fetchMock.mockResolvedValueOnce(
+      jsonResponse(403, {
+        error: {
+          code: 403,
+          message: "API key not valid",
+          status: "PERMISSION_DENIED",
+        },
+      }),
+    );
+    const r = await validateKey("google", KEYS.google);
+    expect(r.ok).toBe(false);
+    expect(r.statusCode).toBe(403);
+    expect(r.error).toContain("API key not valid");
+  });
+});
+
+describe("validator — KEY-LEAK REGRESSION (Codex v0.8 P2 #6)", () => {
+  /**
+   * The submitted key must never appear in `error` or `model` for
+   * ANY provider, in ANY failure path. Tests every provider × every
+   * failure mode we care about.
+   */
+  const failureModes: Array<{ status: number; body: object | string }> = [
+    { status: 400, body: { error: { message: "bad request" } } },
+    { status: 401, body: { error: { message: "unauthorized" } } },
+    { status: 403, body: { error: { message: "forbidden" } } },
+    { status: 429, body: { error: { message: "rate limited" } } },
+    { status: 500, body: "Internal Server Error (plain text body)" },
+    {
+      status: 200,
+      body: "malformed-not-json{{{",
+    },
+  ];
+
+  for (const provider of ["openai", "anthropic", "google"] as const) {
+    for (const mode of failureModes) {
+      it(`${provider} ${mode.status}: error message never contains the submitted key verbatim`, async () => {
+        fetchMock.mockResolvedValueOnce(
+          jsonResponse(mode.status, mode.body),
+        );
+        const key = KEYS[provider];
+        const r = await validateKey(provider, key);
+        // Check every string-shaped field we expose to users.
+        for (const field of [r.error, r.model] as Array<string | undefined>) {
+          if (field) {
+            expect(field).not.toContain(key);
+          }
+        }
+      });
+    }
+  }
+
+  it("if a provider echoes the key in its error body, the normalized error MUST NOT include the key", async () => {
+    // Worst-case: provider literally echoes the key in the response.
+    // Could happen with poorly-written upstream tooling.
+    fetchMock.mockResolvedValueOnce(
+      jsonResponse(400, {
+        error: {
+          message: `key ${KEYS.openai} is malformed`,
+        },
+      }),
+    );
+    const r = await validateKey("openai", KEYS.openai);
+    expect(r.ok).toBe(false);
+    // The normalized error MUST redact the key.
+    expect(r.error).not.toContain(KEYS.openai);
+    expect(r.error).toContain("<redacted-key>");
+  });
+});
+
+describe("validator — network failure handling", () => {
+  it("network throw returns ok:false with friendly message (not stack trace)", async () => {
+    fetchMock.mockRejectedValueOnce(
+      new TypeError("fetch failed: ECONNREFUSED"),
+    );
+    const r = await validateKey("openai", KEYS.openai);
+    expect(r.ok).toBe(false);
+    expect(r.error).toBeDefined();
+    expect(r.error).not.toContain(KEYS.openai);
+    // friendlyNetworkError should produce a short message
+    expect(r.error!.length).toBeLessThan(150);
+  });
+
+  it("abort (timeout) returns ok:false with friendly message", async () => {
+    fetchMock.mockRejectedValueOnce(
+      Object.assign(new Error("aborted"), { name: "AbortError" }),
+    );
+    const r = await validateKey("openai", KEYS.openai);
+    expect(r.ok).toBe(false);
+    expect(r.error).toMatch(/timed out|abort/i);
+  });
+});

package/src/auth/types.ts

@@ -17,7 +17,13 @@
  * a stale keychain copy. See docs/claude/v0.8-auth-plan.md.
  */
 
-export type ProviderId = "openai" | "anthropic" | "google";
+export type ProviderId =
+  | "openai"
+  | "anthropic"
+  | "google"
+  // v0.12.0+ meta-providers
+  | "openrouter"
+  | "ollama";
 
 /**
  * Where a resolved API key came from.
@@ -74,6 +80,11 @@ export const PROVIDER_ENV_VARS: Record<ProviderId, readonly string[]> = {
   anthropic: ["ANTHROPIC_API_KEY"],
   // Google's SDK historically accepted both names; honor both.
   google: ["GOOGLE_API_KEY", "GEMINI_API_KEY"],
+  openrouter: ["OPENROUTER_API_KEY"],
+  // Ollama is local — no key. The empty list signals "no auth"
+  // to the resolver (it just falls through to keychain → missing,
+  // and the Ollama adapter bypasses the resolver entirely).
+  ollama: [],
 };
 
 /**
@@ -84,4 +95,7 @@ export const PROVIDER_KEY_URLS: Record<ProviderId, string> = {
   openai: "https://platform.openai.com/api-keys",
   anthropic: "https://console.anthropic.com/settings/keys",
   google: "https://aistudio.google.com/apikey",
+  openrouter: "https://openrouter.ai/keys",
+  // Ollama is local — no keys page. Linked instead to install docs.
+  ollama: "https://ollama.ai/download",
 };