fix: skip non-API-key auth providers in env-var credential detection

In list_authenticated_providers(), providers like qwen-oauth that use OAuth authentication were incorrectly flagged as authenticated because the env-var check fell back to models.dev provider env vars (e.g. DASHSCOPE_API_KEY for alibaba). Any user with an alibaba API key would see a ghost qwen-oauth entry in /model picker with 0 models listed. Fix: skip providers whose auth_type is not api_key in the env-var detection section (step 1). OAuth/external-process providers are properly handled in step 2 (HERMES_OVERLAYS) which checks the auth store.
2026-05-04 02:21:47 +00:00 · 2026-04-10 11:14:02 -07:00 · 2026-04-10 11:14:02 -07:00 · 5eefdd9c02
commit 5eefdd9c02
parent 268a4aa1c1
1 changed files with 4 additions and 0 deletions
--- a/hermes_cli/model_switch.py
+++ b/hermes_cli/model_switch.py
@ -847,6 +847,10 @@ def list_authenticated_providers(
        # source of truth.  models.dev can have wrong mappings (e.g.
        # minimax-cn → MINIMAX_API_KEY instead of MINIMAX_CN_API_KEY).
        pconfig = PROVIDER_REGISTRY.get(hermes_id)
+        # Skip non-API-key auth providers here — they are handled in
+        # section 2 (HERMES_OVERLAYS) with proper auth store checking.
+        if pconfig and pconfig.auth_type != "api_key":
+            continue
        if pconfig and pconfig.api_key_env_vars:
            env_vars = list(pconfig.api_key_env_vars)
        else: