127 lines
3.4 KiB
Python
127 lines
3.4 KiB
Python
"""
|
|
AZA Runtime-Konfiguration fuer den OpenAI API Key.
|
|
Laedt den Key sicher aus Prozessumgebung oder lokaler Konfigurationsdatei.
|
|
Gibt niemals den Key-Wert in Logs oder Fehlermeldungen aus.
|
|
"""
|
|
|
|
import os
|
|
import sys
|
|
from pathlib import Path
|
|
|
|
_CONFIG_DIR_NAME = "config"
|
|
_CONFIG_FILE_NAME = "aza_runtime.env"
|
|
|
|
_TEMPLATE_CONTENT = """\
|
|
# AZA Runtime-Konfiguration
|
|
# Tragen Sie hier Ihren OpenAI API-Schluessel ein.
|
|
# Diese Datei wird bei Updates NICHT ueberschrieben.
|
|
#
|
|
# Beispiel:
|
|
# OPENAI_API_KEY=sk-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
|
#
|
|
OPENAI_API_KEY=
|
|
"""
|
|
|
|
|
|
def get_runtime_base_dir() -> str:
|
|
if getattr(sys, "frozen", False):
|
|
return str(Path(sys.executable).resolve().parent)
|
|
return str(Path(__file__).resolve().parent)
|
|
|
|
|
|
def get_runtime_config_dir() -> str:
|
|
return str(Path(get_runtime_base_dir()) / _CONFIG_DIR_NAME)
|
|
|
|
|
|
def get_runtime_env_file_path() -> str:
|
|
return str(Path(get_runtime_config_dir()) / _CONFIG_FILE_NAME)
|
|
|
|
|
|
def _parse_env_file(path: str) -> dict:
|
|
result = {}
|
|
try:
|
|
with open(path, "r", encoding="utf-8") as f:
|
|
for line in f:
|
|
line = line.strip()
|
|
if not line or line.startswith("#"):
|
|
continue
|
|
if "=" not in line:
|
|
continue
|
|
key, _, value = line.partition("=")
|
|
key = key.strip()
|
|
value = value.strip()
|
|
if len(value) >= 2 and value[0] == value[-1] and value[0] in ('"', "'"):
|
|
value = value[1:-1]
|
|
if key:
|
|
result[key] = value
|
|
except Exception:
|
|
pass
|
|
return result
|
|
|
|
|
|
def _migrate_to_vault(key: str):
|
|
"""Migriert einen Klartext-Key einmalig in den verschlüsselten Tresor."""
|
|
try:
|
|
from security_vault import store_api_key, has_vault_key
|
|
if not has_vault_key():
|
|
store_api_key(key)
|
|
except Exception:
|
|
pass
|
|
|
|
|
|
def get_openai_api_key():
|
|
"""Liefert den OpenAI API Key oder None. Prueft: Vault → Umgebung → lokale Config."""
|
|
try:
|
|
from security_vault import retrieve_api_key
|
|
vault_key = retrieve_api_key()
|
|
if vault_key:
|
|
return vault_key
|
|
except Exception:
|
|
pass
|
|
|
|
val = os.environ.get("OPENAI_API_KEY", "").strip()
|
|
if val:
|
|
_migrate_to_vault(val)
|
|
return val
|
|
env_path = get_runtime_env_file_path()
|
|
parsed = _parse_env_file(env_path)
|
|
val = parsed.get("OPENAI_API_KEY", "").strip()
|
|
if val:
|
|
_migrate_to_vault(val)
|
|
return val
|
|
return None
|
|
|
|
|
|
def has_openai_api_key() -> bool:
|
|
return get_openai_api_key() is not None
|
|
|
|
|
|
def is_openai_configured() -> bool:
|
|
return has_openai_api_key()
|
|
|
|
|
|
def ensure_runtime_config_template_exists() -> str:
|
|
"""Erstellt config-Ordner und Template-Datei, falls nicht vorhanden. Ueberschreibt nie."""
|
|
config_dir = Path(get_runtime_config_dir())
|
|
env_file = config_dir / _CONFIG_FILE_NAME
|
|
try:
|
|
config_dir.mkdir(parents=True, exist_ok=True)
|
|
except Exception:
|
|
pass
|
|
if not env_file.exists():
|
|
try:
|
|
env_file.write_text(_TEMPLATE_CONTENT, encoding="utf-8")
|
|
except Exception:
|
|
pass
|
|
return str(env_file)
|
|
|
|
|
|
def open_runtime_config_in_editor():
|
|
"""Oeffnet die Runtime-Config im Standard-Texteditor (nur Windows)."""
|
|
path = ensure_runtime_config_template_exists()
|
|
try:
|
|
if os.name == "nt":
|
|
os.startfile(path)
|
|
except Exception:
|
|
pass
|