* Get the credential ID for a source * * Determines the correct credential type based on: * - Source type (mcp, api, local) * - Auth type (oauth, bearer, header, etc.)
(source: LoadedSource)
| 219 | * - Auth type (oauth, bearer, header, etc.) |
| 220 | */ |
| 221 | getCredentialId(source: LoadedSource): CredentialId { |
| 222 | const mcp = source.config.mcp; |
| 223 | const api = source.config.api; |
| 224 | |
| 225 | let type: CredentialId['type']; |
| 226 | |
| 227 | if (source.config.type === 'mcp') { |
| 228 | type = mcp?.authType === 'bearer' ? 'source_bearer' : 'source_oauth'; |
| 229 | } else if (source.config.type === 'api') { |
| 230 | // OAuth providers (Google/Slack/Microsoft) store credentials as source_oauth. |
| 231 | // This separates HOW we get credentials (OAuth flow) from HOW we send them (Bearer header). |
| 232 | if (isApiOAuthProvider(source.config.provider)) { |
| 233 | type = 'source_oauth'; |
| 234 | } else if (api?.authType === 'bearer') { |
| 235 | type = 'source_bearer'; |
| 236 | } else if (api?.authType === 'basic') { |
| 237 | type = 'source_basic'; |
| 238 | } else { |
| 239 | // header, query, or other → stored as apikey |
| 240 | type = 'source_apikey'; |
| 241 | } |
| 242 | } else { |
| 243 | type = 'source_oauth'; |
| 244 | } |
| 245 | |
| 246 | return { |
| 247 | type, |
| 248 | workspaceId: source.workspaceId, |
| 249 | sourceId: source.config.slug, |
| 250 | }; |
| 251 | } |
| 252 | |
| 253 | // ============================================================ |
| 254 | // Expiry Checking |