From bd13c842a8c96a96e05fa089427a911afcb4daf7 Mon Sep 17 00:00:00 2001
From: wdh-home <243823965@qq.com>
Date: Wed, 13 May 2026 17:33:08 +0800
Subject: [PATCH] fix: reuse saved credential for connection test

---
 internal/service/service.go      | 13 ++++++++++++-
 internal/service/service_test.go | 26 ++++++++++++++++++++++++--
 2 files changed, 36 insertions(+), 3 deletions(-)

diff --git a/internal/service/service.go b/internal/service/service.go
index a6dfc31..b6ec2e8 100644
--- a/internal/service/service.go
+++ b/internal/service/service.go
@@ -158,7 +158,11 @@ func (s *Service) TestConnection(ctx context.Context, req domain.SaveConfigReque
 	if err := config.Validate(cfg); err != nil {
 		return domain.TestConnectionResult{}, err
 	}
-	client, err := s.remoteMaker(ctx, cfg, requestSecret(req))
+	secret, err := s.resolveSecret(req)
+	if err != nil {
+		return domain.TestConnectionResult{}, err
+	}
+	client, err := s.remoteMaker(ctx, cfg, secret)
 	if err != nil {
 		return domain.TestConnectionResult{}, err
 	}
@@ -471,6 +475,13 @@ func requestSecret(req domain.SaveConfigRequest) string {
 	return req.Password
 }
 
+func (s *Service) resolveSecret(req domain.SaveConfigRequest) (string, error) {
+	if secret := requestSecret(req); secret != "" {
+		return secret, nil
+	}
+	return s.secrets.Get(req.Config.Gitea.CredentialKey, credentialUser(req.Config))
+}
+
 func credentialUser(cfg domain.Config) string {
 	if cfg.Gitea.AuthType == config.AuthToken {
 		return "token"
diff --git a/internal/service/service_test.go b/internal/service/service_test.go
index 8858c2d..fbc6691 100644
--- a/internal/service/service_test.go
+++ b/internal/service/service_test.go
@@ -73,6 +73,24 @@ func TestListRemoteSkillsMergesDownloadedStatus(t *testing.T) {
 	}
 }
 
+func TestTestConnectionFallsBackToSavedSecret(t *testing.T) {
+	svc, _, _, remote, _, _ := newTestService(t)
+	saveValidConfig(t, svc)
+	cfg, err := svc.LoadConfig()
+	if err != nil {
+		t.Fatalf("LoadConfig returned error: %v", err)
+	}
+
+	_, err = svc.TestConnection(context.Background(), domain.SaveConfigRequest{Config: cfg})
+	if err != nil {
+		t.Fatalf("TestConnection returned error: %v", err)
+	}
+
+	if remote.lastSecret != "secret" {
+		t.Fatalf("remote maker got secret %q, want saved secret", remote.lastSecret)
+	}
+}
+
 func TestInstallSkillUpdatesStateAfterTargetInstall(t *testing.T) {
 	svc, _, _, _, _, target := newTestService(t)
 	saveValidConfig(t, svc)
@@ -230,7 +248,10 @@ func newTestService(t *testing.T) (*Service, Paths, *fakeSecretStore, *fakeRemot
 		Secrets:     secrets,
 		Git:         git,
 		Targets:     target,
-		RemoteMaker: func(context.Context, domain.Config, string) (RemoteClient, error) { return remote, nil },
+		RemoteMaker: func(_ context.Context, _ domain.Config, secret string) (RemoteClient, error) {
+			remote.lastSecret = secret
+			return remote, nil
+		},
 		Opener:      fakeOpener{},
 	})
 	return svc, paths, secrets, remote, git, target
@@ -279,7 +300,8 @@ func (f *fakeSecretStore) Delete(service, user string) error {
 }
 
 type fakeRemoteClient struct {
-	skills []domain.RemoteSkill
+	skills     []domain.RemoteSkill
+	lastSecret string
 }
 
 func (f *fakeRemoteClient) ListOrgSkills(context.Context, string) ([]domain.RemoteSkill, error) {