2025-07-22 10:52:40 -04:00
/ * *
* @license
* Copyright 2025 Google LLC
* SPDX - License - Identifier : Apache - 2.0
* /
2025-08-26 00:04:53 +02:00
import type { Config } from '@google/gemini-cli-core' ;
2025-11-26 08:13:21 +05:30
import {
AuthType ,
debugLogger ,
OutputFormat ,
ExitCodes ,
} from '@google/gemini-cli-core' ;
2025-07-22 10:52:40 -04:00
import { USER_SETTINGS_PATH } from './config/settings.js' ;
import { validateAuthMethod } from './config/auth.js' ;
2025-09-03 15:33:37 -07:00
import { type LoadedSettings } from './config/settings.js' ;
2025-09-13 08:18:40 +09:00
import { handleError } from './utils/errors.js' ;
2025-11-20 10:44:02 -08:00
import { runExitCleanup } from './utils/cleanup.js' ;
2025-07-22 10:52:40 -04:00
2025-07-25 10:19:38 -07:00
function getAuthTypeFromEnv ( ) : AuthType | undefined {
2025-08-17 12:43:21 -04:00
if ( process . env [ 'GOOGLE_GENAI_USE_GCA' ] === 'true' ) {
2025-07-25 10:19:38 -07:00
return AuthType . LOGIN_WITH_GOOGLE ;
}
2025-08-17 12:43:21 -04:00
if ( process . env [ 'GOOGLE_GENAI_USE_VERTEXAI' ] === 'true' ) {
2025-07-25 10:19:38 -07:00
return AuthType . USE_VERTEX_AI ;
}
2025-08-17 12:43:21 -04:00
if ( process . env [ 'GEMINI_API_KEY' ] ) {
2025-07-25 10:19:38 -07:00
return AuthType . USE_GEMINI ;
}
return undefined ;
}
2025-07-22 10:52:40 -04:00
export async function validateNonInteractiveAuth (
configuredAuthType : AuthType | undefined ,
2025-08-01 11:49:03 -07:00
useExternalAuth : boolean | undefined ,
2025-07-22 10:52:40 -04:00
nonInteractiveConfig : Config ,
2025-09-03 15:33:37 -07:00
settings : LoadedSettings ,
2025-07-22 10:52:40 -04:00
) {
2025-09-13 08:18:40 +09:00
try {
2025-10-10 16:50:54 -07:00
const effectiveAuthType = configuredAuthType || getAuthTypeFromEnv ( ) ;
2025-09-13 08:18:40 +09:00
const enforcedType = settings . merged . security ? . auth ? . enforcedType ;
2025-10-10 16:50:54 -07:00
if ( enforcedType && effectiveAuthType !== enforcedType ) {
const message = effectiveAuthType
? ` The enforced authentication type is ' ${ enforcedType } ', but the current type is ' ${ effectiveAuthType } '. Please re-authenticate with the correct type. `
: ` The auth type ' ${ enforcedType } ' is enforced, but no authentication is configured. ` ;
throw new Error ( message ) ;
2025-09-03 15:33:37 -07:00
}
2025-09-13 08:18:40 +09:00
if ( ! effectiveAuthType ) {
const message = ` Please set an Auth method in your ${ USER_SETTINGS_PATH } or specify one of the following environment variables before running: GEMINI_API_KEY, GOOGLE_GENAI_USE_VERTEXAI, GOOGLE_GENAI_USE_GCA ` ;
throw new Error ( message ) ;
}
2025-07-22 10:52:40 -04:00
2025-12-12 17:43:43 -08:00
const authType : AuthType = effectiveAuthType ;
2025-09-13 08:18:40 +09:00
if ( ! useExternalAuth ) {
const err = validateAuthMethod ( String ( authType ) ) ;
if ( err != null ) {
throw new Error ( err ) ;
}
}
2025-12-30 11:09:00 -05:00
return authType ;
2025-09-13 08:18:40 +09:00
} catch ( error ) {
if ( nonInteractiveConfig . getOutputFormat ( ) === OutputFormat . JSON ) {
handleError (
error instanceof Error ? error : new Error ( String ( error ) ) ,
nonInteractiveConfig ,
2025-11-26 08:13:21 +05:30
ExitCodes . FATAL_AUTHENTICATION_ERROR ,
2025-09-13 08:18:40 +09:00
) ;
} else {
2025-10-20 18:16:47 -04:00
debugLogger . error ( error instanceof Error ? error.message : String ( error ) ) ;
2025-11-20 10:44:02 -08:00
await runExitCleanup ( ) ;
2025-11-26 08:13:21 +05:30
process . exit ( ExitCodes . FATAL_AUTHENTICATION_ERROR ) ;
2025-08-01 11:49:03 -07:00
}
2025-07-22 10:52:40 -04:00
}
}
