Merge branch 'feat/tool-plugin-oauth' into deploy/dev

# Conflicts: # api/core/plugin/backwards_invocation/encrypt.py # api/core/tools/tool_manager.py # api/core/tools/utils/encryption.py # api/services/plugin/plugin_parameter_service.py # api/services/tools/api_tools_manage_service.py # api/services/tools/builtin_tools_manage_service.py # api/services/tools/tools_transform_service.py
2026-05-06 10:28:10 +08:00 · 2025-07-04 17:37:26 +08:00
parent 9d17bb10b4 0dc5bfb2c7
commit 5298e06763
8 changed files with 66 additions and 66 deletions
--- a/api/core/tools/tool_manager.py
+++ b/api/core/tools/tool_manager.py
@ -4,6 +4,7 @@ import mimetypes
 from collections.abc import Generator
 from os import listdir, path
 from threading import Lock
+from typing import TYPE_CHECKING, Any, Optional, Union, cast
 from typing import TYPE_CHECKING, Any, Literal, Optional, Union, cast

 from yarl import URL
@ -51,7 +52,7 @@ from core.tools.tool_label_manager import ToolLabelManager
 from core.tools.utils.configuration import (
    ToolParameterConfigurationManager,
 )
-from core.tools.utils.encryption import create_encrypter, create_generic_encrypter
+from core.tools.utils.encryption import create_provider_encrypter, create_tool_provider_encrypter
 from core.tools.workflow_as_tool.tool import WorkflowTool
 from extensions.ext_database import db
 from models.tools import ApiToolProvider, BuiltinToolProvider, MCPToolProvider, WorkflowToolProvider
@ -226,7 +227,7 @@ class ToolManager:
                if builtin_provider is None:
                    raise ToolProviderNotFoundError(f"builtin provider {provider_id} not found")

-            encrypter, _ = create_encrypter(
+            encrypter, _ = create_provider_encrypter(
                tenant_id=tenant_id,
                config=[
                    x.to_basic_provider_config()
@ -252,11 +253,9 @@ class ToolManager:

        elif provider_type == ToolProviderType.API:
            api_provider, credentials = cls.get_api_provider_controller(tenant_id, provider_id)
-            encrypter, _ = create_generic_encrypter(
+            encrypter, _ = create_tool_provider_encrypter(
                tenant_id=tenant_id,
-                config=[x.to_basic_provider_config() for x in api_provider.get_credentials_schema()],
-                provider_type=api_provider.provider_type.value,
-                provider_identity=api_provider.entity.identity.name,
+                controller=api_provider,
            )
            return cast(
                ApiTool,
@ -760,12 +759,9 @@ class ToolManager:
            ApiProviderAuthType.API_KEY if credentials["auth_type"] == "api_key" else ApiProviderAuthType.NONE,
        )
        # init tool configuration
-        encrypter, _ = create_encrypter(
+        encrypter, _ = create_tool_provider_encrypter(
            tenant_id=tenant_id,
-            config=[x.to_basic_provider_config() for x in controller.get_credentials_schema()],
-            cache=ToolProviderCredentialsCache(
-                tenant_id=tenant_id, provider=provider, credential_id=provider_obj.id
-            ),
+            controller=controller,
        )

        masked_credentials = encrypter.mask_tool_credentials(encrypter.decrypt(credentials))
--- a/api/core/tools/utils/encryption.py
+++ b/api/core/tools/utils/encryption.py
@ -3,7 +3,8 @@ from typing import Any, Optional, Protocol

 from core.entities.provider_entities import BasicProviderConfig
 from core.helper import encrypter
-from core.helper.provider_cache import GenericProviderCredentialsCache
+from core.helper.provider_cache import SingletonProviderCredentialsCache
+from core.tools.__base.tool_provider import ToolProviderController


 class ProviderConfigCache(Protocol):
@ -118,17 +119,23 @@ class ProviderConfigEncrypter:
                        data[field_name] = encrypter.decrypt_token(self.tenant_id, data[field_name])
                    except Exception:
                        pass
+
        self.provider_config_cache.set(data)
        return data


-def create_encrypter(tenant_id: str, config: list[BasicProviderConfig], cache: ProviderConfigCache):
+def create_provider_encrypter(tenant_id: str, config: list[BasicProviderConfig], cache: ProviderConfigCache):
    return ProviderConfigEncrypter(tenant_id=tenant_id, config=config, provider_config_cache=cache), cache

-
-def create_generic_encrypter(
-    tenant_id: str, config: list[BasicProviderConfig], provider_type: str, provider_identity: str
-):
-    cache = GenericProviderCredentialsCache(tenant_id=tenant_id, identity_id=f"{provider_type}.{provider_identity}")
-    encrypt = ProviderConfigEncrypter(tenant_id=tenant_id, config=config, provider_config_cache=cache)
+def create_tool_provider_encrypter(tenant_id: str, controller: ToolProviderController):
+    cache = SingletonProviderCredentialsCache(
+        tenant_id=tenant_id,
+        provider_type=controller.provider_type.value,
+        provider_identity=controller.entity.identity.name,
+    )
+    encrypt = ProviderConfigEncrypter(
+        tenant_id=tenant_id,
+        config=[x.to_basic_provider_config() for x in controller.get_credentials_schema()],
+        provider_config_cache=cache,
+    )
    return encrypt, cache