Initial commit

backup 24.2.26 - Kopie (61)/openai_runtime_config.py

@@ -0,0 +1,126 @@
+"""
+AZA Runtime-Konfiguration fuer den OpenAI API Key.
+Laedt den Key sicher aus Prozessumgebung oder lokaler Konfigurationsdatei.
+Gibt niemals den Key-Wert in Logs oder Fehlermeldungen aus.
+"""
+
+import os
+import sys
+from pathlib import Path
+
+_CONFIG_DIR_NAME = "config"
+_CONFIG_FILE_NAME = "aza_runtime.env"
+
+_TEMPLATE_CONTENT = """\
+# AZA Runtime-Konfiguration
+# Tragen Sie hier Ihren OpenAI API-Schluessel ein.
+# Diese Datei wird bei Updates NICHT ueberschrieben.
+#
+# Beispiel:
+# OPENAI_API_KEY=sk-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+#
+OPENAI_API_KEY=
+"""
+
+
+def get_runtime_base_dir() -> str:
+    if getattr(sys, "frozen", False):
+        return str(Path(sys.executable).resolve().parent)
+    return str(Path(__file__).resolve().parent)
+
+
+def get_runtime_config_dir() -> str:
+    return str(Path(get_runtime_base_dir()) / _CONFIG_DIR_NAME)
+
+
+def get_runtime_env_file_path() -> str:
+    return str(Path(get_runtime_config_dir()) / _CONFIG_FILE_NAME)
+
+
+def _parse_env_file(path: str) -> dict:
+    result = {}
+    try:
+        with open(path, "r", encoding="utf-8") as f:
+            for line in f:
+                line = line.strip()
+                if not line or line.startswith("#"):
+                    continue
+                if "=" not in line:
+                    continue
+                key, _, value = line.partition("=")
+                key = key.strip()
+                value = value.strip()
+                if len(value) >= 2 and value[0] == value[-1] and value[0] in ('"', "'"):
+                    value = value[1:-1]
+                if key:
+                    result[key] = value
+    except Exception:
+        pass
+    return result
+
+
+def _migrate_to_vault(key: str):
+    """Migriert einen Klartext-Key einmalig in den verschlüsselten Tresor."""
+    try:
+        from security_vault import store_api_key, has_vault_key
+        if not has_vault_key():
+            store_api_key(key)
+    except Exception:
+        pass
+
+
+def get_openai_api_key():
+    """Liefert den OpenAI API Key oder None. Prueft: Vault → Umgebung → lokale Config."""
+    try:
+        from security_vault import retrieve_api_key
+        vault_key = retrieve_api_key()
+        if vault_key:
+            return vault_key
+    except Exception:
+        pass
+
+    val = os.environ.get("OPENAI_API_KEY", "").strip()
+    if val:
+        _migrate_to_vault(val)
+        return val
+    env_path = get_runtime_env_file_path()
+    parsed = _parse_env_file(env_path)
+    val = parsed.get("OPENAI_API_KEY", "").strip()
+    if val:
+        _migrate_to_vault(val)
+        return val
+    return None
+
+
+def has_openai_api_key() -> bool:
+    return get_openai_api_key() is not None
+
+
+def is_openai_configured() -> bool:
+    return has_openai_api_key()
+
+
+def ensure_runtime_config_template_exists() -> str:
+    """Erstellt config-Ordner und Template-Datei, falls nicht vorhanden. Ueberschreibt nie."""
+    config_dir = Path(get_runtime_config_dir())
+    env_file = config_dir / _CONFIG_FILE_NAME
+    try:
+        config_dir.mkdir(parents=True, exist_ok=True)
+    except Exception:
+        pass
+    if not env_file.exists():
+        try:
+            env_file.write_text(_TEMPLATE_CONTENT, encoding="utf-8")
+        except Exception:
+            pass
+    return str(env_file)
+
+
+def open_runtime_config_in_editor():
+    """Oeffnet die Runtime-Config im Standard-Texteditor (nur Windows)."""
+    path = ensure_runtime_config_template_exists()
+    try:
+        if os.name == "nt":
+            os.startfile(path)
+    except Exception:
+        pass