Fix API key error handling: propagate authentication failures as errors instead of warnings

Copilot · oleander · Copilot · commit 4343fb7460dc · 2025-10-05T21:36:40.000Z
Co-authored-by: oleander &lt;220827+oleander@users.noreply.github.com&gt;
diff --git a/src/commit.rs b/src/commit.rs
@@ -121,7 +121,9 @@ pub async fn generate(patch: String, remaining_tokens: usize, model: Model, sett
               Ok(message) => return Ok(openai::Response { response: message }),
               Err(e) => {
                 // Check if it's an API key error
-                if e.to_string().contains("invalid_api_key") || e.to_string().contains("Incorrect API key") {
+                if e.to_string().contains("invalid_api_key") || 
+                   e.to_string().contains("Incorrect API key") ||
+                   e.to_string().contains("OpenAI API authentication failed") {
                   bail!("Invalid OpenAI API key. Please check your API key configuration.");
                 }
                 log::warn!("Multi-step generation with custom settings failed: {e}");
@@ -149,7 +151,9 @@ pub async fn generate(patch: String, remaining_tokens: usize, model: Model, sett
           Ok(message) => return Ok(openai::Response { response: message }),
           Err(e) => {
             // Check if it's an API key error
-            if e.to_string().contains("invalid_api_key") || e.to_string().contains("Incorrect API key") {
+            if e.to_string().contains("invalid_api_key") || 
+               e.to_string().contains("Incorrect API key") ||
+               e.to_string().contains("OpenAI API authentication failed") {
               bail!("Invalid OpenAI API key. Please check your API key configuration.");
             }
             log::warn!("Multi-step generation failed: {e}");
diff --git a/src/multi_step_integration.rs b/src/multi_step_integration.rs
@@ -89,10 +89,16 @@ pub async fn generate_commit_message_multi_step(
         file_analyses.push((file, analysis));
       }
       Err(e) => {
-        // Check if it's an API key error - if so, propagate it immediately
+        // Check if it's an API key or authentication error - if so, propagate it immediately
         let error_str = e.to_string();
-        if error_str.contains("invalid_api_key") || error_str.contains("Incorrect API key") || error_str.contains("Invalid API key") {
-          return Err(e);
+        if error_str.contains("invalid_api_key") || 
+           error_str.contains("Incorrect API key") || 
+           error_str.contains("Invalid API key") ||
+           error_str.contains("authentication") ||
+           error_str.contains("unauthorized") ||
+           // Detect HTTP errors that typically indicate auth issues when calling OpenAI
+           (error_str.contains("http error") && error_str.contains("error sending request")) {
+          return Err(anyhow::anyhow!("OpenAI API authentication failed: {}. Please check your API key configuration.", e));
         }
         log::warn!("Failed to analyze file {}: {}", file.path, e);
         // Continue with other files even if one fails
diff --git a/src/openai.rs b/src/openai.rs
@@ -209,7 +209,9 @@ pub async fn call_with_config(request: Request, config: OpenAIConfig) -> Result<
     Ok(message) => return Ok(Response { response: message }),
     Err(e) => {
       // Check if it's an API key error and propagate it
-      if e.to_string().contains("invalid_api_key") || e.to_string().contains("Incorrect API key") {
+      if e.to_string().contains("invalid_api_key") || 
+         e.to_string().contains("Incorrect API key") ||
+         e.to_string().contains("OpenAI API authentication failed") {
         return Err(e);
       }
       log::warn!("Multi-step approach failed, falling back to single-step: {e}");
diff --git a/tests/api_key_error_test.rs b/tests/api_key_error_test.rs
@@ -0,0 +1,39 @@
+use async_openai::Client;
+use async_openai::config::OpenAIConfig;
+use ai::multi_step_integration::generate_commit_message_multi_step;
+
+#[tokio::test]
+async fn test_invalid_api_key_propagates_error() {
+    // Initialize logging to capture warnings
+    let _ = env_logger::builder().is_test(true).try_init();
+
+    // Create a client with an invalid API key that matches the issue
+    let config = OpenAIConfig::new().with_api_key("dl://BA7invalid_key_here");
+    let client = Client::with_config(config);
+
+    let example_diff = r#"diff --git a/test.txt b/test.txt
+new file mode 100644
+index 0000000..0000000
+--- /dev/null
++++ b/test.txt
+@@ -0,0 +1 @@
++Hello World
+"#;
+
+    // This should fail with an API key error, not log a warning and continue
+    let result = generate_commit_message_multi_step(&client, "gpt-4o-mini", example_diff, Some(72)).await;
+
+    // Verify the behavior - it should return an error, not continue with other files
+    assert!(result.is_err(), "Expected API key error to be propagated as error, not warning");
+    
+    let error_message = result.unwrap_err().to_string();
+    println!("Actual error message: '{}'", error_message);
+    
+    // Now it should properly detect authentication failures
+    assert!(
+        error_message.contains("OpenAI API authentication failed") || 
+        error_message.contains("API key"),
+        "Expected error message to indicate authentication failure, got: {}",
+        error_message
+    );
+}
