feat: remove redundent API key header appending, enhance error handling about http error in request forwarding

2026-04-30 17:24:26 +08:00 · 2026-04-30 17:24:26 +08:00 · f101d8bd3e
parent 7e2be324ff
commit f101d8bd3e
5 changed files with 11 additions and 27 deletions
--- a/backend/app/gateway/routers/third_party.py
+++ b/backend/app/gateway/routers/third_party.py
@ -161,6 +161,14 @@ async def _handle_submit(
        await _finalize_zero(frozen_id, record.proxy_call_id, "error exception")
        raise HTTPException(status_code=502, detail=f"Provider unreachable: {exc}") from exc

+    # HTTP-level failure
+    if status_code >= 400:
+        reason = f"error_http_{status_code}"
+        await _finalize_zero(frozen_id, record.proxy_call_id, reason)
+        if resp_json is not None:
+            ledger.update_response(record.proxy_call_id, resp_json)
+        return Response(content=resp_body, status_code=status_code, headers=resp_headers, media_type="application/json")
+    
    resp_json = _try_parse_json(resp_body)

    if resp_json is None:
@ -189,14 +197,6 @@ async def _handle_submit(
        media_type = resp_headers.get("content-type")
        return Response(content=resp_body, status_code=status_code, headers=resp_headers, media_type=media_type)

-    # HTTP-level failure
-    if status_code >= 400:
-        reason = f"error_http_{status_code}"
-        await _finalize_zero(frozen_id, record.proxy_call_id, reason)
-        if resp_json is not None:
-            ledger.update_response(record.proxy_call_id, resp_json)
-        return Response(content=resp_body, status_code=status_code, headers=resp_headers, media_type="application/json")
-
    # Extract task_id from response; no task_id means provider rejected at business level
    provider_task_id: str | None = None
    if resp_json is not None:
--- a/backend/app/gateway/third_party_proxy/proxy.py
+++ b/backend/app/gateway/third_party_proxy/proxy.py
@ -215,15 +215,14 @@ async def forward_request(
 ) -> tuple[int, dict[str, str], bytes]:
    """Forward *method* *path* to the provider and return (status_code, headers, body).

-    The provider's API key (read from the environment variable named in
-    ``provider_config.api_key_env``) is injected automatically, replacing
-    any Authorization header the caller might have sent.
+    If configured, the provider API key from ``provider_config.api_key_env``
+    is used to replace API key marker placeholders in forwarded headers/body.
    """
    target_url = provider_config.base_url.rstrip("/") + "/" + path.lstrip("/")
    if query_params:
        target_url += "?" + query_params

-    # Build forwarded headers: drop internal/hop-by-hop, then inject API key
+    # Build forwarded headers: drop internal/hop-by-hop, then replace API key markers.
    forward_headers = {
        k: v for k, v in headers.items() if k.lower() not in _STRIP_REQUEST_HEADERS
    }
@ -233,7 +232,6 @@ async def forward_request(
            # Dependency-injection style: replace marker placeholders first.
            forward_headers = _replace_api_key_marker_in_headers(forward_headers, api_key)
            body = _replace_api_key_marker_in_body(forward_headers, body, api_key)
-            forward_headers[provider_config.api_key_header] = provider_config.api_key_prefix + api_key
        else:
            logger.warning(
                "[ThirdPartyProxy] api_key_env '%s' is not set for provider",
--- a/backend/packages/harness/deerflow/config/third_party_proxy_config.py
+++ b/backend/packages/harness/deerflow/config/third_party_proxy_config.py
@ -79,14 +79,6 @@ class ThirdPartyProviderConfig(BaseModel):
        default=None,
        description="Name of the environment variable holding the API key",
    )
-    api_key_header: str = Field(
-        default="Authorization",
-        description="Request header name for the API key",
-    )
-    api_key_prefix: str = Field(
-        default="Bearer ",
-        description="String prepended to the API key value in the header",
-    )
    timeout_seconds: float = Field(
        default=30.0,
        gt=0,
--- a/config.example.yaml
+++ b/config.example.yaml
@ -61,8 +61,6 @@ third_party_proxy:
    runninghub:
      base_url: https://www.runninghub.cn
      api_key_env: RUNNINGHUB_API_KEY
-      api_key_header: Authorization
-      api_key_prefix: "Bearer "
      timeout_seconds: 30.0
      frozen_amount: 10.0
      frozen_type: 2
@ -102,8 +100,6 @@ third_party_proxy:
    dashscope:
      base_url: https://dashscope.aliyuncs.com
      api_key_env: DASHSCOPE_API_KEY
-      api_key_header: Authorization
-      api_key_prefix: "Bearer "
      timeout_seconds: 60.0
      frozen_token: 32768
      submit_routes:
--- a/docs/SKILL_PROXY_MIGRATION_GUIDE.md
+++ b/docs/SKILL_PROXY_MIGRATION_GUIDE.md
@ -122,8 +122,6 @@ third_party_proxy:
    runninghub:
      base_url: https://www.runninghub.cn
      api_key_env: RUNNINGHUB_API_KEY
-      api_key_header: Authorization
-      api_key_prefix: "Bearer "
      timeout_seconds: 30.0
      frozen_amount: 10.0
      frozen_type: 2