From 5eefdd9c0234b39e246a782aeb4c968f5b51b6d5 Mon Sep 17 00:00:00 2001 From: xinpengdr Date: Fri, 10 Apr 2026 11:14:02 -0700 Subject: [PATCH] fix: skip non-API-key auth providers in env-var credential detection In list_authenticated_providers(), providers like qwen-oauth that use OAuth authentication were incorrectly flagged as authenticated because the env-var check fell back to models.dev provider env vars (e.g. DASHSCOPE_API_KEY for alibaba). Any user with an alibaba API key would see a ghost qwen-oauth entry in /model picker with 0 models listed. Fix: skip providers whose auth_type is not api_key in the env-var detection section (step 1). OAuth/external-process providers are properly handled in step 2 (HERMES_OVERLAYS) which checks the auth store. --- hermes_cli/model_switch.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hermes_cli/model_switch.py b/hermes_cli/model_switch.py index 63712060ef..c3af1eacf5 100644 --- a/hermes_cli/model_switch.py +++ b/hermes_cli/model_switch.py @@ -847,6 +847,10 @@ def list_authenticated_providers( # source of truth. models.dev can have wrong mappings (e.g. # minimax-cn → MINIMAX_API_KEY instead of MINIMAX_CN_API_KEY). pconfig = PROVIDER_REGISTRY.get(hermes_id) + # Skip non-API-key auth providers here — they are handled in + # section 2 (HERMES_OVERLAYS) with proper auth store checking. + if pconfig and pconfig.auth_type != "api_key": + continue if pconfig and pconfig.api_key_env_vars: env_vars = list(pconfig.api_key_env_vars) else: