Feat: Added Validation for Open AI API key

[Daniyal-Qureshi]

This PR aims to enhance the reliability and accuracy of the OpenAI key by validating the provided API Key.

Checklist

• PR contains only changes related; no stray files, etc.
• README updated (where applicable)
• Tests written (where applicable)
• References provided in PR (where applicable)

[rubiin]

Not sure if we want to add a platform specific validator. We try to keep all the validator as generic as possible.
Lets hear from other maintainers in the mean time

[WikiRik]

I'm against merging this in the current form. A possibility would be to have 'isAPIKey(string, provider)` where OpenAI would be one of the providers.
But even with that I think it would be better to use RegEx directly or a call towards OpenAI to validate the key. OpenAI could change the format of keys on a regular basis and we cannot give any guarantees with validator updates to accompany that.

[Daniyal-Qureshi]

@WikiRik Thank you for the feedback, I have not come across any method that open AI provides to validate the API key, I think we need to use the regex here. Also, we can make the method flexible by passing the provider, such as OpenAI, Gemini, Claude etc.

[rubiin]

I'm against merging this in the current form. A possibility would be to have 'isAPIKey(string, provider)` where OpenAI would be one of the providers. But even with that I think it would be better to use RegEx directly or a call towards OpenAI to validate the key. OpenAI could change the format of keys on a regular basis and we cannot give any guarantees with validator updates to accompany that.

isAPIKey would be a better option . But keeping up with a vendor specific key sure looks like a hassle

[profnandaa]

I agree, no need for a platform specific validator. I wouldn't be comfortable too with something like isAPIKey as we have often leaned towards validators against standards. I doubt there's a standard out there for an API Key?

[rubiin]

I agree, no need for a platform specific validator. I wouldn't be comfortable too with something like isAPIKey as we have often leaned towards validators against standards. I doubt there's a standard out there for an API Key?

not really. everything that exists out there are vendor determined which are likely to change frequently or not at all

[profnandaa]

Thanks for your suggestion @Daniyal-Qureshi ; please feel free to pick any of our other issues including cleaning up some old PRs that just needed minor updates. See #2410 Welcome to the project!