haive.core.common.mixins.secure_config¶

Secure configuration mixin for API credentials.

This module provides a mixin for secure handling of API credentials with environment variable fallbacks and validation logic. It enables automatic resolution of API keys from environment variables based on the provider type, with proper secure storage using Pydantic’s SecretStr.

Usage:

from pydantic import BaseModel, Field from typing import Optional from haive.core.common.mixins import SecureConfigMixin

class APIConfig(SecureConfigMixin, BaseModel):

provider: str = Field(default=”openai”) api_key: Optional[SecretStr] = Field(default=None)

def make_api_call(self):

# Securely retrieve the API key key = self.get_api_key() if not key:

raise ValueError(“No API key available”)

# Use key for API call # …

# Will try to use OPENAI_API_KEY from environment config = APIConfig(provider=”openai”)

# Will use the explicitly provided key config = APIConfig(provider=”anthropic”, api_key=”sk-ant-…”)

Classes¶

SecureConfigMixin

A mixin to provide secure and flexible configuration for API keys.

Module Contents¶

class haive.core.common.mixins.secure_config.SecureConfigMixin[source]¶

A mixin to provide secure and flexible configuration for API keys.

This mixin enables: 1. Dynamic API key resolution from multiple sources 2. Secure storage using SecretStr 3. Environment variable fallbacks based on provider type 4. Validation and error reporting

The mixin implements a field validator for the ‘api_key’ field that attempts to resolve the key from environment variables if not explicitly provided, based on the ‘provider’ field. It also provides a safe method to retrieve the key value with appropriate error handling.

api_key¶: A SecretStr containing the API key.

provider¶: The API provider name (used to determine environment variable).

get_api_key()[source]¶

Safely retrieve the API key with improved error handling.

This method attempts to retrieve the API key value from the SecretStr field, with comprehensive error handling and helpful log messages for troubleshooting. In development environments, it can return fake test keys for testing purposes.

Returns:: The API key as a string, or None if not available or invalid.
Return type:: str | None