Open
Conversation
Contributor
Review Summary by QodoAdd TonCenter API key support to TON chain
WalkthroughsDescription• Add TonCenter API key support to TON chain class • Introduce setApiKey() method for configuring API authentication • Store API key in private field and apply to provider initialization • Recreate provider when API key is set to ensure proper configuration Diagramflowchart LR
A["TON Class"] -->|"setApiKey()"| B["Store API Key"]
B -->|"Recreate Provider"| C["TonClient with apiKey"]
D["setRpc()"] -->|"Apply API Key"| C
File Changes1. src/multichain/core/ton.ts
|
Contributor
Code Review by Qodo
1. Bad apiKey spread operand
|
Contributor
WalkthroughAdds API key management to the TON provider class with a private Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~8 minutes Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches
🧪 Generate unit tests (beta)
📝 Coding Plan
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
![qodo-code-review[bot]](https://avatars.githubusercontent.com/in/484649?s=60&v=4){kind=small}
Comment on lines
34
to
37
| this.provider = new TonClient({ | ||
| endpoint: this.rpc_url, | ||
| ...(this._apiKey && { apiKey: this._apiKey }), | ||
| }) |
Contributor
There was a problem hiding this comment.
1. Bad apikey spread operand 🐞 Bug ✓ Correctness
TON.setRpc conditionally spreads this._apiKey && { apiKey: this._apiKey }, but if setApiKey("")
is used (allowed by the current signature), the && expression evaluates to a string and is spread
into the options object, producing an invalid configuration and omitting apiKey. This makes
API-key configuration fail in a hard-to-debug way when the key is empty/missing (e.g., env var
defaulting to "").
Agent Prompt
### Issue description
`TON.setRpc()` uses `...(this._apiKey && { apiKey: this._apiKey })` inside an object literal. Because `setApiKey()` accepts any string (including `""`), the `&&` expression can evaluate to a non-object value and be spread into the TonClient options.
### Issue Context
- `setApiKey(apiKey: string)` stores the raw string.
- `setRpc()` reconstructs `TonClient` with an object spread based on `_apiKey`.
### Fix Focus Areas
- src/multichain/core/ton.ts[31-46]
ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools
Comment on lines
+40
to
+46
| setApiKey(apiKey: string): void { | ||
| this._apiKey = apiKey | ||
| // Recreate provider with the API key | ||
| if (this.rpc_url) { | ||
| this.setRpc(this.rpc_url) | ||
| } | ||
| } |
Contributor
There was a problem hiding this comment.
2. Setapikey doesn’t reconnect 🐞 Bug ⛯ Reliability
TON.setApiKey rebuilds the TonClient provider but never re-runs connect() or resets connected, so the instance can report an outdated connection state after changing auth configuration. This is especially problematic with DefaultChain.create() which immediately calls connect() after setRpc(), giving no opportunity to set the API key before the initial connection attempt.
Agent Prompt
### Issue description
`TON.setApiKey()` recreates the provider but does not reconnect or reset `connected`, leaving stale connection state after auth config changes. This also conflicts with `DefaultChain.create()` which immediately calls `connect()` after `setRpc()`.
### Issue Context
- `DefaultChain.create()` eagerly connects when `rpc_url` is passed.
- `TON.setApiKey()` currently only calls `setRpc()`.
### Fix Focus Areas
- src/multichain/core/ton.ts[40-57]
- src/multichain/core/types/defaultChain.ts[43-54]
ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@src/multichain/core/ton.ts`:
- Around line 40-46: Add a JSDoc block for the new public method setApiKey
describing its purpose, parameters, and side effects: document that
setApiKey(apiKey: string): void sets the internal _apiKey, and that if rpc_url
is present it will recreate the provider by calling setRpc(this.rpc_url);
include `@param` {string} apiKey and `@returns` {void} (or omit returns if style
prefers), and mention any thrown errors or behaviors if applicable; attach the
JSDoc immediately above the setApiKey method.
- Around line 40-46: In setApiKey, validate the incoming apiKey (reject
null/empty/whitespace by throwing a descriptive error) and then update
this._apiKey; before calling setRpc(this.rpc_url) ensure you invalidate any
existing connection state (set this.connected = false and clear any cached
client/socket state) so the old connected flag can't remain true after
recreating the provider; call setRpc only if rpc_url is present to recreate
provider with the new key.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: ccb043a8-0d08-447f-b657-8803b83e3a2f
📒 Files selected for processing (1)
src/multichain/core/ton.ts
Comment on lines
+40
to
+46
| setApiKey(apiKey: string): void { | ||
| this._apiKey = apiKey | ||
| // Recreate provider with the API key | ||
| if (this.rpc_url) { | ||
| this.setRpc(this.rpc_url) | ||
| } | ||
| } |
Contributor
There was a problem hiding this comment.
Add JSDoc for the new public setApiKey method.
The method introduced at Line 40 is public API and should include JSDoc in this repository.
Proposed fix
+ /**
+ * Set TonCenter API key and recreate the RPC provider when an endpoint is already configured.
+ * `@param` apiKey TonCenter API key.
+ */
setApiKey(apiKey: string): void {As per coding guidelines, "Use JSDoc format for all new methods and functions".
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| setApiKey(apiKey: string): void { | |
| this._apiKey = apiKey | |
| // Recreate provider with the API key | |
| if (this.rpc_url) { | |
| this.setRpc(this.rpc_url) | |
| } | |
| } | |
| /** | |
| * Set TonCenter API key and recreate the RPC provider when an endpoint is already configured. | |
| * `@param` apiKey TonCenter API key. | |
| */ | |
| setApiKey(apiKey: string): void { | |
| this._apiKey = apiKey | |
| // Recreate provider with the API key | |
| if (this.rpc_url) { | |
| this.setRpc(this.rpc_url) | |
| } | |
| } |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@src/multichain/core/ton.ts` around lines 40 - 46, Add a JSDoc block for the
new public method setApiKey describing its purpose, parameters, and side
effects: document that setApiKey(apiKey: string): void sets the internal
_apiKey, and that if rpc_url is present it will recreate the provider by calling
setRpc(this.rpc_url); include `@param` {string} apiKey and `@returns` {void} (or
omit returns if style prefers), and mention any thrown errors or behaviors if
applicable; attach the JSDoc immediately above the setApiKey method.
setApiKey should invalidate stale connection state and reject empty keys.
On Line 40-45, recreating the provider can leave this.connected stale (true from old client). Also, empty/whitespace API keys are silently accepted and degrade into unauthenticated calls.
Proposed fix
- setApiKey(apiKey: string): void {
- this._apiKey = apiKey
- // Recreate provider with the API key
- if (this.rpc_url) {
- this.setRpc(this.rpc_url)
- }
- }
+ setApiKey(apiKey: string): void {
+ const normalizedApiKey = apiKey.trim()
+ if (!normalizedApiKey) {
+ throw new Error("TON API key must be a non-empty string")
+ }
+
+ this._apiKey = normalizedApiKey
+
+ if (this.rpc_url) {
+ this.setRpc(this.rpc_url)
+ this.connected = false
+ }
+ }As per coding guidelines, "Provide clear, actionable error messages".
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@src/multichain/core/ton.ts` around lines 40 - 46, In setApiKey, validate the
incoming apiKey (reject null/empty/whitespace by throwing a descriptive error)
and then update this._apiKey; before calling setRpc(this.rpc_url) ensure you
invalidate any existing connection state (set this.connected = false and clear
any cached client/socket state) so the old connected flag can't remain true
after recreating the provider; call setRpc only if rpc_url is present to
recreate provider with the new key.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary by CodeRabbit