Add provider credential store abstractions#385
Add provider credential store abstractions#385Specter242 wants to merge 1 commit intosteipete:mainfrom
Conversation
Introduce composable credential-store interfaces in CodexBarCore so Linux and future hosts can resolve provider API keys from environment and optional secure files without coupling to app-specific storage. Co-authored-by: Cursor <cursoragent@cursor.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1684130b70
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| public func apiKey(for key: ProviderCredentialKey) -> String? { | ||
| let names = Self.environmentNames(for: key.provider) | ||
| for name in names { | ||
| if let value = self.env[name]?.trimmingCharacters(in: .whitespacesAndNewlines), !value.isEmpty { |
There was a problem hiding this comment.
Normalize quoted env credentials before returning
This branch only trims whitespace and returns the raw environment value, so credentials like "sk-..." remain quoted and will be sent with quote characters in auth headers when this store is used. Existing provider readers (for example ZaiSettingsReader.cleaned, MiniMaxAPISettingsReader.cleaned, and SyntheticSettingsReader.cleaned) explicitly strip surrounding quotes, so this abstraction introduces behavior drift that can break API authentication in environments where secret injectors or config tooling preserve quotes.
Useful? React with 👍 / 👎.
Summary
CodexBarCoreWhy
This adds a platform-neutral interface for API key resolution that Linux and other non-AppKit hosts can share without depending on app-specific storage mechanisms.
Test plan
swift build -c debugswift testMade with Cursor