Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(tools): rename ai.proxy auth.allow_auth_override to auth.allow_… #13500

Merged
merged 2 commits into from
Aug 15, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
message: |
**AI-proxy-plugin**: Add `allow_auth_override` option to allow overriding the upstream model auth parameter or header from the caller's request.
**AI-proxy-plugin**: Add `allow_override` option to allow overriding the upstream model auth parameter or header from the caller's request.
scope: Plugin
type: feature
2 changes: 1 addition & 1 deletion kong/clustering/compat/removed_fields.lua
Original file line number Diff line number Diff line change
Expand Up @@ -175,7 +175,7 @@ return {
"model.options.bedrock",
"auth.aws_access_key_id",
"auth.aws_secret_access_key",
"auth.allow_auth_override",
"auth.allow_override",
"model_name_header",
},
ai_prompt_decorator = {
Expand Down
4 changes: 2 additions & 2 deletions kong/llm/drivers/anthropic.lua
Original file line number Diff line number Diff line change
Expand Up @@ -473,14 +473,14 @@ function _M.configure_request(conf)

if auth_header_name and auth_header_value then
local exist_value = kong.request.get_header(auth_header_name)
if exist_value == nil or not conf.auth.allow_auth_override then
if exist_value == nil or not conf.auth.allow_override then
kong.service.request.set_header(auth_header_name, auth_header_value)
end
end

if auth_param_name and auth_param_value and auth_param_location == "query" then
local query_table = kong.request.get_query()
if query_table[auth_param_name] == nil or not conf.auth.allow_auth_override then
if query_table[auth_param_name] == nil or not conf.auth.allow_override then
query_table[auth_param_name] = auth_param_value
kong.service.request.set_query(query_table)
end
Expand Down
4 changes: 2 additions & 2 deletions kong/llm/drivers/azure.lua
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,7 @@ function _M.configure_request(conf)

if auth_header_name and auth_header_value then
local exist_value = kong.request.get_header(auth_header_name)
if exist_value == nil or not conf.auth.allow_auth_override then
if exist_value == nil or not conf.auth.allow_override then
kong.service.request.set_header(auth_header_name, auth_header_value)
end
end
Expand All @@ -145,7 +145,7 @@ function _M.configure_request(conf)
or (conf.model.options and conf.model.options.azure_api_version)

if auth_param_name and auth_param_value and auth_param_location == "query" then
if query_table[auth_param_name] == nil or not conf.auth.allow_auth_override then
if query_table[auth_param_name] == nil or not conf.auth.allow_override then
query_table[auth_param_name] = auth_param_value
end
end
Expand Down
4 changes: 2 additions & 2 deletions kong/llm/drivers/cohere.lua
Original file line number Diff line number Diff line change
Expand Up @@ -481,14 +481,14 @@ function _M.configure_request(conf)

if auth_header_name and auth_header_value then
local exist_value = kong.request.get_header(auth_header_name)
if exist_value == nil or not conf.auth.allow_auth_override then
if exist_value == nil or not conf.auth.allow_override then
kong.service.request.set_header(auth_header_name, auth_header_value)
end
end

if auth_param_name and auth_param_value and auth_param_location == "query" then
local query_table = kong.request.get_query()
if query_table[auth_param_name] == nil or not conf.auth.allow_auth_override then
if query_table[auth_param_name] == nil or not conf.auth.allow_override then
query_table[auth_param_name] = auth_param_value
kong.service.request.set_query(query_table)
end
Expand Down
4 changes: 2 additions & 2 deletions kong/llm/drivers/llama2.lua
Original file line number Diff line number Diff line change
Expand Up @@ -278,14 +278,14 @@ function _M.configure_request(conf)

if auth_header_name and auth_header_value then
local exist_value = kong.request.get_header(auth_header_name)
if exist_value == nil or not conf.auth.allow_auth_override then
if exist_value == nil or not conf.auth.allow_override then
kong.service.request.set_header(auth_header_name, auth_header_value)
end
end

if auth_param_name and auth_param_value and auth_param_location == "query" then
local query_table = kong.request.get_query()
if query_table[auth_param_name] == nil or not conf.auth.allow_auth_override then
if query_table[auth_param_name] == nil or not conf.auth.allow_override then
query_table[auth_param_name] = auth_param_value
kong.service.request.set_query(query_table)
end
Expand Down
4 changes: 2 additions & 2 deletions kong/llm/drivers/mistral.lua
Original file line number Diff line number Diff line change
Expand Up @@ -173,14 +173,14 @@ function _M.configure_request(conf)

if auth_header_name and auth_header_value then
local exist_value = kong.request.get_header(auth_header_name)
if exist_value == nil or not conf.auth.allow_auth_override then
if exist_value == nil or not conf.auth.allow_override then
kong.service.request.set_header(auth_header_name, auth_header_value)
end
end

if auth_param_name and auth_param_value and auth_param_location == "query" then
local query_table = kong.request.get_query()
if query_table[auth_param_name] == nil or not conf.auth.allow_auth_override then
if query_table[auth_param_name] == nil or not conf.auth.allow_override then
query_table[auth_param_name] = auth_param_value
kong.service.request.set_query(query_table)
end
Expand Down
4 changes: 2 additions & 2 deletions kong/llm/drivers/openai.lua
Original file line number Diff line number Diff line change
Expand Up @@ -214,14 +214,14 @@ function _M.configure_request(conf)

if auth_header_name and auth_header_value then
local exist_value = kong.request.get_header(auth_header_name)
if exist_value == nil or not conf.auth.allow_auth_override then
if exist_value == nil or not conf.auth.allow_override then
kong.service.request.set_header(auth_header_name, auth_header_value)
end
end

if auth_param_name and auth_param_value and auth_param_location == "query" then
local query_table = kong.request.get_query()
if query_table[auth_param_name] == nil or not conf.auth.allow_auth_override then
if query_table[auth_param_name] == nil or not conf.auth.allow_override then
query_table[auth_param_name] = auth_param_value
kong.service.request.set_query(query_table)
end
Expand Down
2 changes: 1 addition & 1 deletion kong/llm/drivers/shared.lua
Original file line number Diff line number Diff line change
Expand Up @@ -528,7 +528,7 @@ function _M.pre_request(conf, request_table)
local auth_param_location = conf.auth and conf.auth.param_location

if auth_param_name and auth_param_value and auth_param_location == "body" and request_table then
if request_table[auth_param_name] == nil or not conf.auth.allow_auth_override then
if request_table[auth_param_name] == nil or not conf.auth.allow_override then
request_table[auth_param_name] = auth_param_value
end
end
Expand Down
6 changes: 3 additions & 3 deletions kong/llm/schemas/init.lua
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ local auth_schema = {
required = false,
encrypted = true,
referenceable = true }},
{ allow_auth_override = {
{ allow_override = {
type = "boolean",
description = "If enabled, the authorization header or parameter can be overridden in the request by the value configured in the plugin.",
required = false,
Expand Down Expand Up @@ -244,9 +244,9 @@ return {
entity_checks = {
{ conditional = { if_field = "model.provider",
if_match = { one_of = { "bedrock", "gemini" } },
then_field = "auth.allow_auth_override",
then_field = "auth.allow_override",
then_match = { eq = false },
then_err = "bedrock and gemini only support auth.allow_auth_override = false" }},
then_err = "bedrock and gemini only support auth.allow_override = false" }},
{ mutually_required = { "auth.header_name", "auth.header_value" }, },
{ mutually_required = { "auth.param_name", "auth.param_value", "auth.param_location" }, },

Expand Down
10 changes: 5 additions & 5 deletions spec/02-integration/09-hybrid_mode/09-config-compat_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -495,7 +495,7 @@ describe("CP/DP config compat transformations #" .. strategy, function()
header_value = "value",
gcp_service_account_json = '{"service": "account"}',
gcp_use_service_account = true,
allow_auth_override = false,
allow_override = false,
},
model = {
name = "any-model-name",
Expand Down Expand Up @@ -527,7 +527,7 @@ describe("CP/DP config compat transformations #" .. strategy, function()
-- gemini fields
expected.config.auth.gcp_service_account_json = nil
expected.config.auth.gcp_use_service_account = nil
expected.config.auth.allow_auth_override = nil
expected.config.auth.allow_override = nil
expected.config.model.options.gemini = nil

-- bedrock fields
Expand Down Expand Up @@ -564,7 +564,7 @@ describe("CP/DP config compat transformations #" .. strategy, function()
header_value = "value",
gcp_service_account_json = '{"service": "account"}',
gcp_use_service_account = true,
allow_auth_override = false,
allow_override = false,
},
model = {
name = "any-model-name",
Expand Down Expand Up @@ -628,7 +628,7 @@ describe("CP/DP config compat transformations #" .. strategy, function()
header_value = "value",
gcp_service_account_json = '{"service": "account"}',
gcp_use_service_account = true,
allow_auth_override = false,
allow_override = false,
},
model = {
name = "any-model-name",
Expand Down Expand Up @@ -724,7 +724,7 @@ describe("CP/DP config compat transformations #" .. strategy, function()
-- bedrock fields
expected.config.auth.aws_access_key_id = nil
expected.config.auth.aws_secret_access_key = nil
expected.config.auth.allow_auth_override = nil
expected.config.auth.allow_override = nil
expected.config.model.options.bedrock = nil

do_assert(uuid(), "3.7.0", expected)
Expand Down
4 changes: 2 additions & 2 deletions spec/03-plugins/38-ai-proxy/00-config_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -298,7 +298,7 @@ describe(PLUGIN_NAME .. ": (schema)", function()
param_location = "query",
header_name = "Authorization",
header_value = "Bearer token",
allow_auth_override = true,
allow_override = true,
},
model = {
name = "bedrock",
Expand Down Expand Up @@ -326,7 +326,7 @@ describe(PLUGIN_NAME .. ": (schema)", function()
param_location = "query",
header_name = "Authorization",
header_value = "Bearer token",
allow_auth_override = true,
allow_override = true,
},
model = {
name = "gemini",
Expand Down
14 changes: 7 additions & 7 deletions spec/03-plugins/38-ai-proxy/02-openai_integration_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -288,7 +288,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
auth = {
header_name = "Authorization",
header_value = "Bearer openai-key",
allow_auth_override = false,
allow_override = false,
},
model = {
name = "gpt-3.5-turbo",
Expand Down Expand Up @@ -488,7 +488,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
param_name = "apikey",
param_value = "openai-key",
param_location = "query",
allow_auth_override = false,
allow_override = false,
},
model = {
name = "gpt-3.5-turbo-instruct",
Expand Down Expand Up @@ -617,7 +617,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
param_name = "apikey",
param_value = "openai-key",
param_location = "body",
allow_auth_override = false,
allow_override = false,
},
model = {
name = "gpt-3.5-turbo-instruct",
Expand Down Expand Up @@ -967,7 +967,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
assert.res_status(200 , r)
end)

it("authorized request with client right header auth with no allow_auth_override", function()
it("authorized request with client right header auth with no allow_override", function()
local r = client:get("/openai/llm/v1/chat/good-no-allow-override", {
headers = {
["content-type"] = "application/json",
Expand All @@ -980,7 +980,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
assert.res_status(200 , r)
end)

it("authorized request with wrong client header auth with no allow_auth_override", function()
it("authorized request with wrong client header auth with no allow_override", function()
local r = client:get("/openai/llm/v1/chat/good-no-allow-override", {
headers = {
["content-type"] = "application/json",
Expand Down Expand Up @@ -1340,7 +1340,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
assert.equals(json.error.code, "invalid_api_key")
end)

it("works with post body auth with client right auth body and no allow_auth_override", function()
it("works with post body auth with client right auth body and no allow_override", function()
local good_body = pl_file.read("spec/fixtures/ai-proxy/openai/llm-v1-completions/requests/good.json")
local body = cjson.decode(good_body)
body.apikey = "openai-key"
Expand All @@ -1365,7 +1365,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
assert.same("\n\nI am a language model AI created by OpenAI. I can answer questions", json.choices[1].text)
end)

it("works with post body auth with client wrong auth body and no allow_auth_override", function()
it("works with post body auth with client wrong auth body and no allow_override", function()
local good_body = pl_file.read("spec/fixtures/ai-proxy/openai/llm-v1-completions/requests/good.json")
local body = cjson.decode(good_body)
body.apikey = "wrong"
Expand Down
6 changes: 3 additions & 3 deletions spec/03-plugins/38-ai-proxy/03-anthropic_integration_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -233,7 +233,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
auth = {
header_name = "x-api-key",
header_value = "anthropic-key",
allow_auth_override = false,
allow_override = false,
},
model = {
name = "claude-2.1",
Expand Down Expand Up @@ -625,7 +625,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
assert.equals(json.error.type, "authentication_error")
end)

it("good request with client right header auth and no allow_auth_override", function()
it("good request with client right header auth and no allow_override", function()
local r = client:get("/anthropic/llm/v1/chat/good-no-allow-override", {
headers = {
["content-type"] = "application/json",
Expand All @@ -652,7 +652,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
}, json.choices[1].message)
end)

it("good request with client wrong header auth and no allow_auth_override", function()
it("good request with client wrong header auth and no allow_override", function()
local r = client:get("/anthropic/llm/v1/chat/good-no-allow-override", {
headers = {
["content-type"] = "application/json",
Expand Down
6 changes: 3 additions & 3 deletions spec/03-plugins/38-ai-proxy/04-cohere_integration_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -180,7 +180,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
auth = {
header_name = "Authorization",
header_value = "Bearer cohere-key",
allow_auth_override = false,
allow_override = false,
},
model = {
name = "command",
Expand Down Expand Up @@ -497,7 +497,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
assert.equals(json.message, "invalid api token")
end)

it("good request with right client auth and no allow_auth_override", function()
it("good request with right client auth and no allow_override", function()
local r = client:get("/cohere/llm/v1/chat/good-no-allow-override", {
headers = {
["content-type"] = "application/json",
Expand All @@ -523,7 +523,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
}, json.choices[1].message)
end)

it("good request with wrong client auth and no allow_auth_override", function()
it("good request with wrong client auth and no allow_override", function()
local r = client:get("/cohere/llm/v1/chat/good-no-allow-override", {
headers = {
["content-type"] = "application/json",
Expand Down
6 changes: 3 additions & 3 deletions spec/03-plugins/38-ai-proxy/05-azure_integration_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
auth = {
header_name = "api-key",
header_value = "azure-key",
allow_auth_override = false,
allow_override = false,
},
model = {
name = "gpt-3.5-turbo",
Expand Down Expand Up @@ -517,7 +517,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
assert.equals(json.error.code, "invalid_api_key")
end)

it("good request with client right auth and no allow_auth_override", function()
it("good request with client right auth and no allow_override", function()
local r = client:get("/azure/llm/v1/chat/good-no-allow-override", {
headers = {
["content-type"] = "application/json",
Expand All @@ -544,7 +544,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
}, json.choices[1].message)
end)

it("good request with client wrong auth and no allow_auth_override", function()
it("good request with client wrong auth and no allow_override", function()
local r = client:get("/azure/llm/v1/chat/good-no-allow-override", {
headers = {
["content-type"] = "application/json",
Expand Down
6 changes: 3 additions & 3 deletions spec/03-plugins/38-ai-proxy/06-mistral_integration_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
auth = {
header_name = "Authorization",
header_value = "Bearer mistral-key",
allow_auth_override = false,
allow_override = false,
},
model = {
name = "mistralai/Mistral-7B-Instruct-v0.1-instruct",
Expand Down Expand Up @@ -426,7 +426,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
assert.equals(json.error.code, "invalid_api_key")
end)

it("good request with client right auth and no allow_auth_override", function()
it("good request with client right auth and no allow_override", function()
local r = client:get("/mistral/llm/v1/chat/good-no-allow-override", {
headers = {
["content-type"] = "application/json",
Expand Down Expand Up @@ -455,7 +455,7 @@ for _, strategy in helpers.all_strategies() do if strategy ~= "cassandra" then
}, json.choices[1].message)
end)

it("good request with client wrong auth and no allow_auth_override", function()
it("good request with client wrong auth and no allow_override", function()
local r = client:get("/mistral/llm/v1/chat/good-no-allow-override", {
headers = {
["content-type"] = "application/json",
Expand Down
Loading
Loading