Verify Ollama API keys on an authenticated endpoint#1940
Conversation
|
Codex review: needs maintainer review before merge. Reviewed July 9, 2026, 11:32 AM ET / 15:32 UTC. Summary Reproducibility: yes. for the source-level bug boundary: current main treats the public Review metrics: 2 noteworthy metrics.
Merge readiness Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch. Rank-up moves:
Risk before merge
Maintainer options:
Next step before merge
Maintainer decision needed
Security Review detailsBest possible solution: Land this after maintainers explicitly accept the Do we have a high-confidence way to reproduce the issue? Yes for the source-level bug boundary: current main treats the public Is this the best way to solve the issue? Unclear: validating before reading the public catalog is the right shape, but the current empty-query AGENTS.md: found and applied where relevant. Codex review notes: model internal, reasoning high; reviewed against c2d0cd1a1ff7. Label changesLabel changes:
Label justifications:
Evidence reviewedWhat I checked:
Likely related people:
What the crustacean ranks mean
Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics. How this review workflow works
Review history (12 earlier review cycles; latest 8 shown)
|
|
@clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
23a493a to
8373dd3
Compare
|
@clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
|
After-fix CLI proof from the rewritten branch (2026-07-06): This executes the real |
|
@clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
|
@clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
|
@clawsweeper re-review |
|
@clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
f1a54dd to
1ad231d
Compare
|
@clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
1ad231d to
a626d24
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: a626d2460d
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| switch response.statusCode { | ||
| case 200, 400: | ||
| return |
There was a problem hiding this comment.
Do not accept malformed validation responses as success
When /api/web_search returns 400 for this deliberately empty query, this branch treats that malformed-request response as proof the bearer token was accepted. Since the endpoint contract requires a non-empty query and 400 is a generic bad-request status, any deployment that validates the payload before auth (or reports malformed auth as 400) will still proceed to the public /api/tags catalog and show revoked/invalid keys as verified, which is the false-positive this change is meant to prevent.
Useful? React with 👍 / 👎.
The committed proof image was a 1x1 placeholder, not real evidence. Executable test output in the PR description replaces it.
Co-authored-by: JoeVenner <ylafrimi@gmail.com>
Co-authored-by: JoeVenner <ylafrimi@gmail.com>
Co-authored-by: JoeVenner <ylafrimi@gmail.com>
a626d24 to
16defab
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 16defab547
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| default: | ||
| throw OllamaUsageError.networkError("HTTP \(response.statusCode)") |
There was a problem hiding this comment.
Handle web-search rate limits during validation
When a valid Ollama key has exhausted or hit the rate limit for /api/web_search, this switch treats the validation response (for example HTTP 429) as fatal and never reaches the public /api/tags catalog, so API-key mode reports Ollama as failed even though the bearer token is still valid for the account. Since this probe is only meant to prove the key before reading the catalog, handle post-auth quota/rate-limit responses separately or validate against an endpoint whose quota matches the feature being checked.
Useful? React with 👍 / 👎.
|
Exact-head proof for
|
Summary
/api/tagscatalog as API-key verification/api/web_searchwithout performing a search, accepting only the observed authenticated success/query-validation responsesMaintainer hardening
200and the live authenticated empty-query400response prove validation; the originally proposed422allowance was removed because it was not observedProof
Exact head:
16defab547d5551518e7a31a09bc43ab26ee10a9OllamaUsageFetcherRetryMappingTests: 17 passed.make check: passed with zero formatting or lint violations.make test: all 50 shards passed.CodexGitCommit=16defab5; deep/strict signature valid; Gatekeeper accepted. App binary SHA-256c98b81e440361e4283ca400e8ca0d8e81fff8286e1bd2ec363b95b5843909ad1; bundled CLI SHA-25622c7062b3c9fe0640aee76a61bf2e4ab92a63210608f1cb4feaf220c98114ecc.Risk
Low and isolated to Ollama API-key validation. The validation request uses an empty query and performs no search. The accepted status set is deliberately narrow and fails closed if provider behavior changes.