newMessagesService builds the SDK service used for upstream calls. BYOK auth is set here. Centralized auth is set per-attempt by the failover loop.
(ctx context.Context, opts ...option.RequestOption)
| 209 | // calls. BYOK auth is set here. Centralized auth is set |
| 210 | // per-attempt by the failover loop. |
| 211 | func (i *interceptionBase) newMessagesService(ctx context.Context, opts ...option.RequestOption) (anthropic.MessageService, error) { |
| 212 | // TODO(ssncferreira): validate auth is configured per |
| 213 | // https://github.com/coder/aibridge/issues/266. |
| 214 | |
| 215 | // BYOK auth. |
| 216 | if i.cfg.KeyPool == nil { |
| 217 | if i.cfg.BYOKBearerToken != "" { |
| 218 | // BYOK Bearer: Authorization header. |
| 219 | i.logger.Debug(ctx, "using byok access token auth", |
| 220 | slog.F("bearer_hint", utils.MaskSecret(i.cfg.BYOKBearerToken)), |
| 221 | ) |
| 222 | opts = append(opts, option.WithAuthToken(i.cfg.BYOKBearerToken)) |
| 223 | } else { |
| 224 | // BYOK X-Api-Key. |
| 225 | i.logger.Debug(ctx, "using api key auth", |
| 226 | slog.F("api_key_hint", utils.MaskSecret(i.cfg.Key)), |
| 227 | ) |
| 228 | opts = append(opts, option.WithAPIKey(i.cfg.Key)) |
| 229 | } |
| 230 | } |
| 231 | opts = append(opts, option.WithBaseURL(i.cfg.BaseURL)) |
| 232 | |
| 233 | // Add extra headers if configured. |
| 234 | // Some providers require additional headers that are not added by the SDK. |
| 235 | // TODO(ssncferreira): remove as part of https://github.com/coder/aibridge/issues/192 |
| 236 | for key, value := range i.cfg.ExtraHeaders { |
| 237 | opts = append(opts, option.WithHeader(key, value)) |
| 238 | } |
| 239 | |
| 240 | // Forward client headers to upstream. This middleware runs after the SDK |
| 241 | // has built the request, and replaces the outgoing headers with the sanitized |
| 242 | // client headers plus provider auth. |
| 243 | if i.clientHeaders != nil { |
| 244 | opts = append(opts, option.WithMiddleware(func(req *http.Request, next option.MiddlewareNext) (*http.Response, error) { |
| 245 | req.Header = intercept.BuildUpstreamHeaders(req.Header, i.clientHeaders, i.authHeaderName) |
| 246 | return next(req) |
| 247 | })) |
| 248 | } |
| 249 | |
| 250 | // Add API dump middleware if configured |
| 251 | if mw := apidump.NewBridgeMiddleware(i.cfg.APIDumpDir, i.providerName, i.Model(), i.id, i.logger, quartz.NewReal()); mw != nil { |
| 252 | opts = append(opts, option.WithMiddleware(mw)) |
| 253 | } |
| 254 | |
| 255 | if i.bedrockCfg != nil { |
| 256 | ctx, cancel := context.WithTimeout(ctx, time.Second*30) |
| 257 | defer cancel() |
| 258 | bedrockOpts, err := i.withAWSBedrockOptions(ctx, i.bedrockCfg) |
| 259 | if err != nil { |
| 260 | return anthropic.MessageService{}, err |
| 261 | } |
| 262 | opts = append(opts, bedrockOpts...) |
| 263 | i.augmentRequestForBedrock() |
| 264 | } |
| 265 | |
| 266 | return anthropic.NewMessageService(opts...), nil |
| 267 | } |
| 268 |
no test coverage detected