mirror of
https://github.com/openclaw/openclaw.git
synced 2026-07-10 00:11:19 +00:00
feat(secrets): egress-time credential injection with process-local sentinels (#102009)
* feat(secrets): resolve SecretRef model credentials at egress via process-local sentinels SecretRef-managed model-provider credentials now travel as opaque oc-sent-v1 sentinels through auth storage, stream options, and SDK config; the guarded model fetch injects real values into headers and URLs immediately before the SSRF-guarded send and fails closed on unknown sentinels. packages/ai adapters converge on the host guarded fetch where the SDK supports custom fetch and unwrap at construction where it does not. Resolved values (and their percent-encoded forms) register for exact-value log redaction. Kill switch: OPENCLAW_SECRET_SENTINELS=off. Also fixes a pre-existing unhandled rejection race in capNonOkResponseBodyLazily (pipeThrough writer leak). * test(plugin-sdk): update public surface budget
This commit is contained in:
parent
83ebbcb3ac
commit
4bf70be01a
67 changed files with 2959 additions and 234 deletions
|
|
@ -3710,6 +3710,7 @@ Do not edit it by hand; run `pnpm docs:map:gen`.
|
|||
- Route: /gateway/secrets
|
||||
- Headings:
|
||||
- H2: Runtime model
|
||||
- H2: Egress-time injection (sentinels)
|
||||
- H2: Agent-access boundary
|
||||
- H2: Active-surface filtering
|
||||
- H2: Gateway auth surface diagnostics
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue