refactor(api): migrate callers to effective_backend_api_url

[Sathvik-1007]

Summary

• Rename effective_integrations_api_url → effective_backend_api_url (more general name for all backend-proxied calls)
• Migrate 38+ call sites across billing, team, credentials, channels, voice, webhooks, socket, jsonrpc, meet_agent from effective_api_url to effective_backend_api_url
• Inference callers (providers/openhuman_backend, embeddings/cloud) and diagnostic callers (doctor/core, config/ops) correctly remain on effective_api_url

Problem

• Users on local AI (Ollama, vLLM, LM Studio) who override OPENHUMAN_API_URL silently lose every backend feature outside Composio integrations — billing checks, team membership, referral, webhooks, credentials, channels, voice
• PR fix(integrations): fall back to default backend when api_url points at local AI (#51, #80, #7Z) #1630 only fixed the IntegrationClient slice; the underlying UX issue remains for ~9 other domains

Solution

• effective_backend_api_url always resolves to the hosted backend (falls back to OPENHUMAN_INTEGRATIONS_API_URL env → hardcoded prod URL), regardless of user's local-AI override
• All non-inference callers now use this function instead of effective_api_url
• effective_api_url is preserved only for OpenAI-compatible inference endpoints that legitimately honor the user's local-AI override
• Internal helpers renamed: normalize_integrations_api_base_url → normalize_backend_api_base_url, warn_integrations_url_fallback_once → warn_backend_url_fallback_once

Submission Checklist

• Tests added or updated (happy path + at least one failure / edge case) per Testing Strategy
• Diff coverage ≥ 80% — N/A: mechanical rename, no new branches introduced
• Coverage matrix updated — N/A: no new features, behaviour-only rename
• All affected feature IDs from the matrix are listed in the PR description under ## Related — N/A: no feature ID changes
• No new external network dependencies introduced (mock backend used per Testing Strategy)
• Manual smoke checklist updated if this touches release-cut surfaces (docs/RELEASE-MANUAL-SMOKE.md) — N/A: no release-cut surface changes
• Linked issue closed via Closes #NNN in the ## Related section

Impact

• Desktop/Mobile/Web: Local-AI users will now correctly reach hosted backend for billing, team, credentials, channels, voice, webhooks, socket, and meet_agent operations
• No breaking changes: effective_api_url still exists for inference callers; effective_backend_api_url is the renamed effective_integrations_api_url with same semantics

Related

• Closes Migrate all backend-API callers from effective_api_url to effective_backend_api_url (local-AI users) #1663
• Follow-up: Consider adding clippy lint or CI grep gate to prevent future regressions (step 4 from issue)

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR migrates backend API callers from effective_api_url to effective_backend_api_url across 16 files. It renames the local-AI-aware URL resolver in the API config, updates internal helpers, and systematically replaces call sites in credentials, channels, billing, voice, and other domains to prevent URL misrouting for local AI users.

Changes

Backend API URL Resolver Migration

Layer / File(s)	Summary
API configuration and URL resolver implementation src/api/config.rs	effective_integrations_api_url is renamed to effective_backend_api_url with updated documentation of local-AI endpoint detection and fallback behavior. Internal helpers (normalize_backend_api_base_url, warn_backend_url_fallback_once) are renamed and documented. Unit tests are updated to validate the new resolver's fallback-to-env and override-retention behavior.
API module re-export wrapping src/api/mod.rs	Re-export list reformatted across multiple lines to include the new effective_backend_api_url function, with no semantic change to exported items.
Core runtime paths: auth, root, socket src/core/jsonrpc.rs	Telegram auth callback token exchange, root endpoint's api_server field, and socket auto-connect bootstrap logic all switch to effective_backend_api_url for backend URL derivation.
Credential and OAuth handlers src/openhuman/credentials/ops.rs	Nine OAuth and session RPC handlers (store_session, auth_get_me, consume_login_token, auth_create_channel_link_token, oauth_connect, oauth_list_integrations, oauth_fetch_integration_tokens, oauth_fetch_client_key, oauth_revoke_integration) update import and derive api_url via effective_backend_api_url.
Channel operations: Telegram, Discord, messaging src/openhuman/channels/controllers/ops.rs, src/openhuman/channels/bus.rs	Telegram/Discord link flows, channel messaging, reactions, and thread management functions update imports and compute API URLs using effective_backend_api_url.
User and app state: auth/me, user cache src/openhuman/app_state/ops.rs	resolve_base for /auth/me requests and fetch_current_user_cached for cache keying update to use effective_backend_api_url.
Billing, team, and referral services src/openhuman/billing/ops.rs, src/openhuman/team/ops.rs, src/openhuman/referral/ops.rs	Authenticated request helpers and RPC endpoints (get_authed_value, get_stats, claim_referral) update imports and derive API URLs via effective_backend_api_url.
Integrations client and local-AI detection src/openhuman/integrations/client.rs	build_client's documentation and implementation switch from effective_integrations_api_url to effective_backend_api_url with clarified comments on endpoint detection.
Voice features: transcription and synthesis src/openhuman/voice/cloud_transcribe.rs, src/openhuman/voice/reply_speech.rs	transcribe_cloud and synthesize_reply update imports and backend URL resolution to use effective_backend_api_url.
Miscellaneous domains: GIF search, LLM meeting, webhooks, socket src/openhuman/local_ai/gif_decision.rs, src/openhuman/meet_agent/brain.rs, src/openhuman/webhooks/ops.rs, src/openhuman/socket/schemas.rs	GIF search proxy, LLM meeting, webhook operations, and socket connection handler update imports and API URL derivation to use effective_backend_api_url.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• tinyhumansai/openhuman#1715: Both PRs modify URL-base resolver logic in src/api/config.rs with local-AI fallback and one-shot warning behavior, but targeting different resolver entrypoints.
• tinyhumansai/openhuman#1630: This PR is the direct follow-up; it repurposes the local-AI heuristic resolver originally created in #1630 for use across all backend-proxied domains instead of integrations only.

Suggested reviewers

• senamakel

Poem

🐰 A rabbit hops through backend URLs so bright,
Swapping one resolver for the API fight—
Local AI users now won't lose their way,
Billing, channels, voice all work today! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title clearly and concisely summarizes the primary change: migrating callers to use the new effective_backend_api_url function.
Linked Issues check	✅ Passed	All coding requirements from issue #1663 are met: function renamed [#1663], 38+ call sites migrated to effective_backend_api_url [#1663], effective_api_url preserved for inference clients [#1663], internal helpers renamed [#1663].
Out of Scope Changes check	✅ Passed	All changes are directly within scope: renaming and migrating API URL resolvers across specified modules, updating imports and helper functions, with no extraneous modifications.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

src/api/config.rs (1)

203-212: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Redact user-provided URL before emitting fallback warning.

local_url is logged verbatim. If config.api_url includes credentials or query tokens, this can leak secrets into logs. Please sanitize or omit the raw URL before logging.

Suggested patch

 fn warn_backend_url_fallback_once(local_url: &str) {
     use std::sync::Once;
     static WARNED: Once = Once::new();
 
     WARNED.call_once(|| {
+        let redacted_local_url = url::Url::parse(local_url)
+            .map(|mut u| {
+                let _ = u.set_username("");
+                let _ = u.set_password(None);
+                u.set_query(None);
+                u.set_fragment(None);
+                u.to_string()
+            })
+            .unwrap_or_else(|_| "<invalid-url>".to_string());
+
         tracing::warn!(
-            local_url = %local_url,
+            local_url = %redacted_local_url,
             "[api/config] config.api_url looks like a local-AI endpoint; \
-             integrations base will fall back to env/default backend so \
+             backend base will fall back to env/default backend so \
              /agent-integrations/* requests don't 404 against your local LLM"
         );
     });
 }

As per coding guidelines, "Never log secrets, raw JWTs, API keys, credentials, or full PII in debug logs; redact or omit sensitive fields".

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/api/config.rs` around lines 203 - 212, The warn_backend_url_fallback_once
function currently logs the user-provided local_url verbatim; update this to
redact sensitive parts before logging by parsing local_url (using the URL parser
available in the codebase or std libraries), remove or mask userinfo
(username:password) and query string/token parameters, and then log a sanitized
form (e.g., scheme://host[:port]/path with query and userinfo removed or
replaced with "<redacted>"). Ensure the change is applied where local_url is
passed into tracing::warn! so the logged value no longer contains credentials or
raw tokens.

🧹 Nitpick comments (1)

src/openhuman/integrations/client.rs (1)

278-286: ⚡ Quick win

Update inline comment to reflect generalized backend resolver.

The inline comment on line 278 still refers to the "integrations-specific resolver", but per the PR description, effective_backend_api_url is now the generalized resolver for all backend-proxied calls (billing, team, webhooks, referral, credentials, channels, voice, etc.), not just integrations. The function-level doc comment (lines 262-269) correctly describes it as the "backend resolver" — the inline comment should match.

📝 Suggested doc update

-    // Use the integrations-specific resolver: when `config.api_url` is set
+    // Use the backend resolver: when `config.api_url` is set
     // to a local-AI endpoint (Ollama, vLLM, …), it would still be perfect
     // for `/v1/chat/completions`, but reusing it as the base for backend
     // integration paths produces URLs like

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/openhuman/integrations/client.rs` around lines 278 - 286, Update the
inline comment above the call to effective_backend_api_url(&config.api_url) to
describe it as the generalized "backend resolver" for all backend-proxied calls
(billing, team, webhooks, referral, credentials, channels, voice, integrations,
etc.) rather than an "integrations-specific resolver"; reference the function
name effective_backend_api_url and keep the note about avoiding local-LLM base
URLs producing 404s so the behavior explanation remains accurate.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@src/api/config.rs`:
- Around line 203-212: The warn_backend_url_fallback_once function currently
logs the user-provided local_url verbatim; update this to redact sensitive parts
before logging by parsing local_url (using the URL parser available in the
codebase or std libraries), remove or mask userinfo (username:password) and
query string/token parameters, and then log a sanitized form (e.g.,
scheme://host[:port]/path with query and userinfo removed or replaced with
"<redacted>"). Ensure the change is applied where local_url is passed into
tracing::warn! so the logged value no longer contains credentials or raw tokens.

---

Nitpick comments:
In `@src/openhuman/integrations/client.rs`:
- Around line 278-286: Update the inline comment above the call to
effective_backend_api_url(&config.api_url) to describe it as the generalized
"backend resolver" for all backend-proxied calls (billing, team, webhooks,
referral, credentials, channels, voice, integrations, etc.) rather than an
"integrations-specific resolver"; reference the function name
effective_backend_api_url and keep the note about avoiding local-LLM base URLs
producing 404s so the behavior explanation remains accurate.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f71dbbaa-8b21-4ed3-a87c-e445774ae7ed

📥 Commits

Reviewing files that changed from the base of the PR and between 7d8826f and 9f4454d.

📒 Files selected for processing (17)

• src/api/config.rs
• src/api/mod.rs
• src/core/jsonrpc.rs
• src/openhuman/app_state/ops.rs
• src/openhuman/billing/ops.rs
• src/openhuman/channels/bus.rs
• src/openhuman/channels/controllers/ops.rs
• src/openhuman/credentials/ops.rs
• src/openhuman/integrations/client.rs
• src/openhuman/local_ai/gif_decision.rs
• src/openhuman/meet_agent/brain.rs
• src/openhuman/referral/ops.rs
• src/openhuman/socket/schemas.rs
• src/openhuman/team/ops.rs
• src/openhuman/voice/cloud_transcribe.rs
• src/openhuman/voice/reply_speech.rs
• src/openhuman/webhooks/ops.rs