feat(finance): replace API key auth with auth headers

Route all financial data requests through api-dev.copilothub.ai/api/v1/financial proxy and authenticate via sid/device-id/os-type headers instead of X-API-KEY. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-13 18:52:46 +08:00 · 2026-02-13 18:52:46 +08:00 · 77953a611d
commit 77953a611d
parent 92a137414d
1 changed files with 14 additions and 23 deletions
--- a/packages/core/src/agent/tools/data/finance/api.ts
+++ b/packages/core/src/agent/tools/data/finance/api.ts
@ -1,32 +1,16 @@
 /**
 * Financial Datasets API client.
 *
- * Base URL: https://api.financialdatasets.ai
- * Auth: X-API-KEY header
+ * Proxied through api-dev.copilothub.ai with auth headers (sid / device-id / os-type).
 * All endpoints use GET with query parameters.
 */

-import { credentialManager } from "../../../credentials.js";
+import { getLocalAuth } from "../../../../hub/auth-store.js";

-const BASE_URL = "https://api.financialdatasets.ai";
+const BASE_URL = "https://api-dev.copilothub.ai";
+const PATH_PREFIX = "/api/v1/financial";
 const TIMEOUT_MS = 30_000;

-function getApiKey(): string {
-  // 1. credentials.json5 → tools.data.apiKey (preferred)
-  const toolConfig = credentialManager.getToolConfig("data");
-  if (toolConfig?.apiKey) return toolConfig.apiKey;
-
-  // 2. Fallback: env var (skills.env.json5 or process.env)
-  const envKey = credentialManager.getEnv("FINANCIAL_DATASETS_API_KEY");
-  if (envKey) return envKey;
-
-  throw new Error(
-    "Financial Datasets API key not configured. " +
-      'Set it in ~/.super-multica/credentials.json5 under tools.data.apiKey, ' +
-      "or set FINANCIAL_DATASETS_API_KEY in ~/.super-multica/skills.env.json5.",
-  );
-}
-
 /**
 * Fetch data from the Financial Datasets API.
 *
@ -39,9 +23,14 @@ export async function financeFetch<T = Record<string, unknown>>(
  params: Record<string, string | string[] | number | boolean | undefined>,
  signal?: AbortSignal,
 ): Promise<{ data: T; url: string }> {
-  const apiKey = getApiKey();
+  const auth = getLocalAuth();
+  if (!auth) {
+    throw new Error(
+      "Not logged in. Please sign in via the Desktop app to use financial data tools.",
+    );
+  }

-  const url = new URL(path, BASE_URL);
+  const url = new URL(PATH_PREFIX + path, BASE_URL);
  for (const [key, value] of Object.entries(params)) {
    if (value === undefined || value === null) continue;
    if (Array.isArray(value)) {
@ -61,8 +50,10 @@ export async function financeFetch<T = Record<string, unknown>>(
  const res = await fetch(url.toString(), {
    method: "GET",
    headers: {
-      "X-API-KEY": apiKey,
      Accept: "application/json",
+      sid: auth.sid,
+      "device-id": auth.deviceId,
+      "os-type": "3",
    },
    signal: combinedSignal,
  });