@lobehub/chat

Version:

Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.

github.com/lobehub/lobe-chat

lobehub/lobe-chat

159 lines (132 loc) • 4.58 kB

text/typescript

import { LOBE_CHAT_AUTH_HEADER, isDeprecatedEdition } from '@lobechat/const'; import { AWSBedrockKeyVault, AzureOpenAIKeyVault, ClientSecretPayload, CloudflareKeyVault, ComfyUIKeyVault, OpenAICompatibleKeyVault, VertexAIKeyVault, } from '@lobechat/types'; import { clientApiKeyManager } from '@lobechat/utils/client'; import { ModelProvider } from 'model-bank'; import { aiProviderSelectors, useAiInfraStore } from '@/store/aiInfra'; import { useUserStore } from '@/store/user'; import { keyVaultsConfigSelectors, userProfileSelectors } from '@/store/user/selectors'; import { obfuscatePayloadWithXOR } from '@/utils/client/xor-obfuscation'; import { resolveRuntimeProvider } from './chat/helper'; export const getProviderAuthPayload = ( provider: string, keyVaults: OpenAICompatibleKeyVault & AzureOpenAIKeyVault & AWSBedrockKeyVault & CloudflareKeyVault & ComfyUIKeyVault & VertexAIKeyVault, ) => { switch (provider) { case ModelProvider.Bedrock: { const { accessKeyId, region, secretAccessKey, sessionToken } = keyVaults; const awsSecretAccessKey = secretAccessKey; const awsAccessKeyId = accessKeyId; const apiKey = (awsSecretAccessKey || '') + (awsAccessKeyId || ''); return { accessKeyId, accessKeySecret: awsSecretAccessKey, apiKey, /** @deprecated */ awsAccessKeyId, /** @deprecated */ awsRegion: region, /** @deprecated */ awsSecretAccessKey, /** @deprecated */ awsSessionToken: sessionToken, region, sessionToken, }; } case ModelProvider.Azure: { return { apiKey: clientApiKeyManager.pick(keyVaults.apiKey), apiVersion: keyVaults.apiVersion, /** @deprecated */ azureApiVersion: keyVaults.apiVersion, baseURL: keyVaults.baseURL || keyVaults.endpoint, }; } case ModelProvider.Ollama: { return { baseURL: keyVaults?.baseURL }; } case ModelProvider.Cloudflare: { return { apiKey: clientApiKeyManager.pick(keyVaults?.apiKey), baseURLOrAccountID: keyVaults?.baseURLOrAccountID, /** @deprecated */ cloudflareBaseURLOrAccountID: keyVaults?.baseURLOrAccountID, }; } case ModelProvider.ComfyUI: { return { apiKey: keyVaults?.apiKey, authType: keyVaults?.authType, baseURL: keyVaults?.baseURL, customHeaders: keyVaults?.customHeaders, password: keyVaults?.password, username: keyVaults?.username, }; } case ModelProvider.VertexAI: { // Vertex AI uses JSON credentials, should not split by comma return { apiKey: keyVaults?.apiKey, baseURL: keyVaults?.baseURL, vertexAIRegion: keyVaults?.region, }; } default: { return { apiKey: clientApiKeyManager.pick(keyVaults?.apiKey), baseURL: keyVaults?.baseURL }; } } }; const createAuthTokenWithPayload = (payload = {}) => { const accessCode = keyVaultsConfigSelectors.password(useUserStore.getState()); const userId = userProfileSelectors.userId(useUserStore.getState()); return obfuscatePayloadWithXOR<ClientSecretPayload>({ accessCode, userId, ...payload }); }; interface AuthParams { // eslint-disable-next-line no-undef headers?: HeadersInit; payload?: Record<string, any>; provider?: string; } export const createPayloadWithKeyVaults = (provider: string) => { let keyVaults = {}; // TODO: remove this condition in V2.0 if (isDeprecatedEdition) { keyVaults = keyVaultsConfigSelectors.getVaultByProvider(provider as any)( useUserStore.getState(), ); } else { keyVaults = aiProviderSelectors.providerKeyVaults(provider)(useAiInfraStore.getState()) || {}; } const runtimeProvider = resolveRuntimeProvider(provider); return { ...getProviderAuthPayload(runtimeProvider, keyVaults as any), runtimeProvider, }; }; export const createXorKeyVaultsPayload = (provider: string) => { const payload = createPayloadWithKeyVaults(provider); return obfuscatePayloadWithXOR(payload); }; // eslint-disable-next-line no-undef export const createHeaderWithAuth = async (params?: AuthParams): Promise<HeadersInit> => { let payload = params?.payload || {}; if (params?.provider) { payload = { ...payload, ...createPayloadWithKeyVaults(params?.provider) }; } const token = createAuthTokenWithPayload(payload); // eslint-disable-next-line no-undef return { ...params?.headers, [LOBE_CHAT_AUTH_HEADER]: token }; };