d9cea627bf
* fix: detect and block Gemini CLI OAuth tokens used as API keys Users who install Google's standalone Gemini CLI may inadvertently set GEMINI_API_KEY to an OAuth access token (ya29.*) instead of an AI Studio API key (AIza*). These tokens fail at the Google API with a confusing error. This adds early detection at three entry points: - AuthStorage.set(): throws when storing ya29.* as api_key for "google" - AuthStorage.getApiKey(): blocks ya29.* from runtime overrides (--api-key) - AuthStorage.getApiKey(): blocks ya29.* from environment variables Each path provides a clear error message explaining the issue and directing users to either get an API key from aistudio.google.com or use /login google-gemini-cli for OAuth-based access. Fixes #2157 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * chore: retrigger CI --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: trek-e <trek-e@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| daemon | ||
| mcp-server | ||
| native | ||
| pi-agent-core | ||
| pi-ai | ||
| pi-coding-agent | ||
| pi-tui | ||
| rpc-client | ||