wanwu/sub2api
1
0
Fork 0
mirror of https://gitee.com/wanwujie/sub2api synced 2026-05-05 13:40:44 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(vertex): audit fixes for Vertex Service Account feature (#1977)

Browse Source 
- Security: force token_uri to Google default, preventing SSRF via crafted service account JSON
- Dedup: extract shared getVertexServiceAccountAccessToken() to eliminate ~35 lines of duplication between ClaudeTokenProvider and GeminiTokenProvider
- Fix: apply model mapping + Vertex model ID normalization in forward_as_responses and forward_as_chat_completions paths
- Fix: exclude service_account from AI Studio endpoint selection (Vertex cannot serve generativelanguage.googleapis.com)
- Feature: add model restriction/mapping UI for service_account in EditAccountModal
- Dedup: extract VERTEX_LOCATION_OPTIONS to shared constants
- i18n: replace all hardcoded Chinese strings in Vertex UI with translation keys
This commit is contained in:
shaw
2026-04-29 16:53:09 +08:00
parent 63ef23108c
commit 93d91e20b9
11 changed files with 378 additions and 191 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
frontend/src/i18n/locales/zh.ts
View File

@@ -2963,6 +2963,26 @@ export default {
claudeConsole: 'Claude Console',
bedrockLabel: 'AWS Bedrock',
bedrockDesc: 'SigV4 / API Key',
vertexLabel: 'Vertex',
vertexDesc: 'Service Account',
vertexAnthropicHint: '使用 Google Cloud Service Account JSON 通过 Vertex AI 调用 Anthropic Claude。建议配置模型映射将客户端 Claude 模型名映射到 Vertex 模型 ID。',
vertexGeminiHint: '使用 Google Cloud Service Account JSON 访问 Vertex AI Gemini。建议将 Vertex 账号放入独立分组,避免和 AI Studio/Gemini OAuth 同模型混调。',
vertexSaJsonLabel: 'Service Account JSON',
vertexSaJsonLoaded: '已读取 Service Account JSON',
vertexSaJsonDrop: '拖入 Service Account JSON',
vertexSaJsonKeyHidden: '密钥内容不会在表单中显示。',
vertexSaJsonDropHint: '把 .json 文件拖到这里,或点击按钮选择文件。',
vertexSaJsonSelectBtn: '选择 JSON',
vertexSaJsonUploadHint: '上传或拖入 JSON 后会自动读取 project_id密钥内容仅用于创建账号提交。',
vertexSaJsonEditHint: 'Service Account JSON 不在编辑页显示;需要更换 JSON 时请删除账号后重新创建。',
vertexProjectIdPlaceholder: '从 JSON 自动读取',
vertexLocationHint: '不同 Vertex 模型可用 location 可能不同,这里选择账号默认 endpoint location。',
vertexLocationRequired: '请填写 Vertex location',
vertexSaJsonMissingFields: 'Service Account JSON 缺少 project_id、client_email 或 private_key',
vertexSaJsonMissingProjectId: 'Service Account JSON 缺少 project_id',
vertexSaJsonMissingClientEmail: 'Service Account JSON 缺少 client_email',
vertexSaJsonInvalid: 'Service Account JSON 格式无效',
vertexSaJsonRequired: '请上传 Service Account JSON',
oauthSetupToken: 'OAuth / Setup Token',
addMethod: '添加方式',
setupTokenLongLived: 'Setup Token长期有效',