Removed direct references to 'vertexai_project_id' from openai.js and related files, ensuring it is now managed through backend secrets for enhanced security.

2025-06-05 21:59:27 +02:00 · 2025-05-27 21:25:53 +08:00
parent a9d4988fc0
commit 1e2bec1751
6 changed files with 27 additions and 18 deletions
--- a/public/scripts/extensions/shared.js
+++ b/public/scripts/extensions/shared.js
@@ -59,7 +59,6 @@ export async function getMultimodalCaption(base64Img, prompt) {
    // Add Vertex AI specific parameters if using Vertex AI
    if (extension_settings.caption.multimodal_api === 'vertexai') {
        requestBody.vertexai_auth_mode = oai_settings.vertexai_auth_mode;
-        requestBody.vertexai_project_id = oai_settings.vertexai_project_id;
        requestBody.vertexai_region = oai_settings.vertexai_region;
    }

@@ -185,7 +184,7 @@ function throwIfInvalidModel(useReverseProxy) {
            if (!secret_state[SECRET_KEYS.VERTEXAI_SERVICE_ACCOUNT]) {
                throw new Error('Service Account JSON is required for Vertex AI Full mode. Please validate and save your Service Account JSON.');
            }
-            if (!oai_settings.vertexai_project_id) {
+            if (!secret_state[SECRET_KEYS.VERTEXAI_PROJECT_ID]) {
                throw new Error('Project ID is required for Vertex AI Full mode.');
            }
            if (!oai_settings.vertexai_region) {
--- a/public/scripts/openai.js
+++ b/public/scripts/openai.js
@@ -235,7 +235,6 @@ const sensitiveFields = [
    'custom_include_body',
    'custom_exclude_body',
    'custom_include_headers',
-    'vertexai_project_id',
    'vertexai_region',
 ];

@@ -309,7 +308,6 @@ export const settingsToUpdate = {
    claude_use_sysprompt: ['#claude_use_sysprompt', 'claude_use_sysprompt', true, false],
    use_makersuite_sysprompt: ['#use_makersuite_sysprompt', 'use_makersuite_sysprompt', true, false],
    vertexai_auth_mode: ['#vertexai_auth_mode', 'vertexai_auth_mode', false, true],
-    vertexai_project_id: ['#vertexai_project_id', 'vertexai_project_id', false, true],
    vertexai_region: ['#vertexai_region', 'vertexai_region', false, true],
    use_alt_scale: ['#use_alt_scale', 'use_alt_scale', true, true],
    squash_system_messages: ['#squash_system_messages', 'squash_system_messages', true, false],
@@ -393,7 +391,6 @@ const default_settings = {
    claude_use_sysprompt: false,
    use_makersuite_sysprompt: true,
    vertexai_auth_mode: 'express',
-    vertexai_project_id: '',
    vertexai_region: 'us-central1',
    use_alt_scale: false,
    squash_system_messages: false,
@@ -480,7 +477,6 @@ const oai_settings = {
    claude_use_sysprompt: false,
    use_makersuite_sysprompt: true,
    vertexai_auth_mode: 'express',
-    vertexai_project_id: '',
    vertexai_region: 'us-central1',
    use_alt_scale: false,
    squash_system_messages: false,
@@ -2201,7 +2197,6 @@ async function sendOpenAIRequest(type, messages, signal) {
        generate_data['use_makersuite_sysprompt'] = oai_settings.use_makersuite_sysprompt;
        if (isVertexAI) {
            generate_data['vertexai_auth_mode'] = oai_settings.vertexai_auth_mode;
-            generate_data['vertexai_project_id'] = oai_settings.vertexai_project_id;
            generate_data['vertexai_region'] = oai_settings.vertexai_region;
        }
    }
@@ -3444,7 +3439,6 @@ function loadOpenAISettings(data, settings) {
    if (settings.claude_use_sysprompt !== undefined) oai_settings.claude_use_sysprompt = !!settings.claude_use_sysprompt;
    if (settings.use_makersuite_sysprompt !== undefined) oai_settings.use_makersuite_sysprompt = !!settings.use_makersuite_sysprompt;
    if (settings.vertexai_auth_mode !== undefined) oai_settings.vertexai_auth_mode = settings.vertexai_auth_mode;
-    if (settings.vertexai_project_id !== undefined) oai_settings.vertexai_project_id = settings.vertexai_project_id;
    if (settings.vertexai_region !== undefined) oai_settings.vertexai_region = settings.vertexai_region;
    if (settings.use_alt_scale !== undefined) { oai_settings.use_alt_scale = !!settings.use_alt_scale; updateScaleForm(); }
    $('#stream_toggle').prop('checked', oai_settings.stream_openai);
@@ -3502,7 +3496,8 @@ function loadOpenAISettings(data, settings) {
    $('#claude_use_sysprompt').prop('checked', oai_settings.claude_use_sysprompt);
    $('#use_makersuite_sysprompt').prop('checked', oai_settings.use_makersuite_sysprompt);
    $('#vertexai_auth_mode').val(oai_settings.vertexai_auth_mode);
-    $('#vertexai_project_id').val(oai_settings.vertexai_project_id);
+    // Don't display Project ID in input - it's stored in backend secrets
+    $('#vertexai_project_id').val('');
    $('#vertexai_region').val(oai_settings.vertexai_region);
    // Don't display Service Account JSON in textarea - it's stored in backend secrets
    $('#vertexai_service_account_json').val('');
@@ -3830,7 +3825,6 @@ async function saveOpenAIPreset(name, settings, triggerUi = true) {
        claude_use_sysprompt: settings.claude_use_sysprompt,
        use_makersuite_sysprompt: settings.use_makersuite_sysprompt,
        vertexai_auth_mode: settings.vertexai_auth_mode,
-        vertexai_project_id: settings.vertexai_project_id,
        vertexai_region: settings.vertexai_region,
        use_alt_scale: settings.use_alt_scale,
        squash_system_messages: settings.squash_system_messages,
@@ -5021,11 +5015,20 @@ async function onConnectButtonClick(e) {
            }
        } else {
            // Full version - use service account
-            if (!oai_settings.vertexai_project_id.trim()) {
-                toastr.error('Project ID is required for Vertex AI full version');
+            // Check if we have a saved project ID, otherwise use the input value
+            const savedProjectId = secret_state[SECRET_KEYS.VERTEXAI_PROJECT_ID];
+            const inputProjectId = String($('#vertexai_project_id').val()).trim();
+
+            if (!savedProjectId && !inputProjectId) {
+                toastr.error(t`Project ID is required for Vertex AI full version`);
                return;
            }

+            // Save project ID to secrets if we have an input value
+            if (inputProjectId.length) {
+                await writeSecret(SECRET_KEYS.VERTEXAI_PROJECT_ID, inputProjectId);
+            }
+
            // Check if service account JSON is saved in backend
            if (!secret_state[SECRET_KEYS.VERTEXAI_SERVICE_ACCOUNT]) {
                toastr.error('Service Account JSON is required for Vertex AI full version. Please validate and save your Service Account JSON.');
@@ -6128,10 +6131,6 @@ export function initOpenAI() {
    $('#model_google_select').on('change', onModelChange);
    $('#model_vertexai_select').on('change', onModelChange);
    $('#vertexai_auth_mode').on('change', onVertexAIAuthModeChange);
-    $('#vertexai_project_id').on('input', function () {
-        oai_settings.vertexai_project_id = String($(this).val());
-        saveSettingsDebounced();
-    });
    $('#vertexai_region').on('input', function () {
        oai_settings.vertexai_region = String($(this).val());
        saveSettingsDebounced();
--- a/public/scripts/secrets.js
+++ b/public/scripts/secrets.js
@@ -44,6 +44,7 @@ export const SECRET_KEYS = {
    SERPER: 'api_key_serper',
    FALAI: 'api_key_falai',
    XAI: 'api_key_xai',
+    VERTEXAI_PROJECT_ID: 'vertexai_project_id',
    VERTEXAI_SERVICE_ACCOUNT: 'vertexai_service_account_json',
 };

--- a/src/endpoints/backends/chat-completions.js
+++ b/src/endpoints/backends/chat-completions.js
@@ -527,7 +527,12 @@ async function sendMakerSuiteRequest(request, response) {
                url = `${apiUrl.toString().replace(/\/$/, '')}/v1/publishers/google/models/${model}:${responseType}?key=${keyParam}${stream ? '&alt=sse' : ''}`;
            } else if (authType === 'full') {
                // For Full mode (service account authentication), use project-specific URL
-                const projectId = request.body.vertexai_project_id || 'your-project-id';
+                // Only use project ID from secrets
+                const projectId = readSecret(request.user.directories, SECRET_KEYS.VERTEXAI_PROJECT_ID);
+                if (!projectId) {
+                    console.warn('Vertex AI project ID is missing.');
+                    return response.status(400).send({ error: true });
+                }
                const region = request.body.vertexai_region || 'us-central1';
                // Handle global region differently - no region prefix in hostname
                if (region === 'global') {
--- a/src/endpoints/google.js
+++ b/src/endpoints/google.js
@@ -133,7 +133,11 @@ router.post('/caption-image', async (request, response) => {
                url = `${apiUrl.origin}/v1/publishers/google/models/${model}:generateContent?key=${keyParam}`;
            } else if (authType === 'full') {
                // Full mode: use project-specific URL with Authorization header
-                const projectId = request.body.vertexai_project_id || 'your-project-id';
+                const projectId = readSecret(request.user.directories, SECRET_KEYS.VERTEXAI_PROJECT_ID);
+                if (!projectId) {
+                    console.warn('Vertex AI project ID is missing.');
+                    return response.status(400).send({ error: true });
+                }
                const region = request.body.vertexai_region || 'us-central1';
                // Handle global region differently - no region prefix in hostname
                if (region === 'global') {
--- a/src/endpoints/secrets.js
+++ b/src/endpoints/secrets.js
@@ -54,6 +54,7 @@ export const SECRET_KEYS = {
    DEEPSEEK: 'api_key_deepseek',
    SERPER: 'api_key_serper',
    XAI: 'api_key_xai',
+    VERTEXAI_PROJECT_ID: 'vertexai_project_id',
    VERTEXAI_SERVICE_ACCOUNT: 'vertexai_service_account_json',
 };