llm.rb 7.0.0 → 8.1.0

data/lib/llm/providers/bedrock/request_adapter/completion.rb

@@ -0,0 +1,153 @@
+# frozen_string_literal: true
+
+module LLM::Bedrock::RequestAdapter
+  ##
+  # Adapts a single message to Bedrock Converse content blocks.
+  #
+  # Bedrock Converse content blocks include:
+  #   - {text: "..."}
+  #   - {image: {format: "png", source: {bytes: "..."}}}
+  #   - {document: {format: "pdf", name: "...", source: {bytes: "..."}}}
+  #   - {toolUse: {toolUseId: "...", name: "...", input: {...}}}
+  #   - {toolResult: {toolUseId: "...", content: [{text: "..."}]}}
+  #
+  # @api private
+  class Completion
+    ##
+    # @param [LLM::Message, Hash] message
+    def initialize(message)
+      @message = message
+    end
+
+    ##
+    # Adapts the message for the Bedrock Converse API
+    # @return [Hash, nil]
+    def adapt
+      catch(:abort) do
+        if Hash === message
+          {role: message[:role], content: adapt_content(message[:content])}
+        else
+          adapt_message
+        end
+      end
+    end
+
+    private
+
+    def adapt_message
+      if message.tool_call?
+        blocks = [*adapt_tool_calls]
+        blocks.unshift(*adapt_content(content)) unless String === content && content.empty?
+        {role: "assistant", content: blocks}
+      else
+        {role: message.role, content: adapt_content(content)}
+      end
+    end
+
+    def adapt_tool_calls
+      message.extra[:tool_calls].filter_map do |tool|
+        next unless tool[:id] && tool[:name]
+        {
+          toolUse: {
+            toolUseId: tool[:id],
+            name: tool[:name],
+            input: parse_tool_input(tool[:arguments])
+          }
+        }
+      end
+    end
+
+    ##
+    # @param [String, Array, LLM::Object, LLM::Function::Return] content
+    # @return [Array<Hash>, nil]
+    def adapt_content(content)
+      case content
+      when Hash
+        content.empty? ? throw(:abort, nil) : [content]
+      when Array
+        content.empty? ? throw(:abort, nil) : content.flat_map { adapt_content(_1) }
+      when LLM::Object
+        adapt_object(content)
+      when String
+        [{text: content}]
+      when LLM::Response
+        adapt_remote_file(content)
+      when LLM::Message
+        adapt_content(content.content)
+      when LLM::Function::Return
+        [{toolResult: {toolUseId: content.id, content: [{text: LLM.json.dump(content.value)}]}}]
+      else
+        prompt_error!(content)
+      end
+    end
+
+    def adapt_object(object)
+      case object.kind
+      when :image_url
+        [{image: {format: detect_format(object.value.to_s),
+                  source: {url: object.value.to_s}}}]
+      when :local_file
+        adapt_local_file(object.value)
+      when :remote_file
+        adapt_remote_file(object.value)
+      else
+        prompt_error!(object)
+      end
+    end
+
+    def adapt_local_file(file)
+      if file.image?
+        [{image: {format: file.format,
+                  source: {bytes: file.to_b64}}}]
+      elsif file.pdf?
+        name = sanitize_name(file.basename)
+        [{document: {format: "pdf", name:,
+                     source: {bytes: file.to_b64}}}]
+      else
+        raise LLM::PromptError,
+              "The #{file.class} is not an image or PDF, " \
+              "and not supported by the Bedrock API"
+      end
+    end
+
+    def adapt_remote_file(file)
+      prompt_error!(file) unless file.file?
+      [{file.file_type => {source: {file_id: file.id}}}]
+    end
+
+    def detect_format(url)
+      case url
+      when /\.png/i then "png"
+      when /\.jpe?g/i then "jpeg"
+      when /\.gif/i then "gif"
+      when /\.webp/i then "webp"
+      else "png"
+      end
+    end
+
+    def sanitize_name(name)
+      name.to_s.gsub(/[^a-zA-Z0-9_-]/, "_")
+    end
+
+    def parse_tool_input(input)
+      case input
+      when Hash then input
+      when String
+        parsed = LLM.json.load(input)
+        Hash === parsed ? parsed : {}
+      when nil then {}
+      else input.respond_to?(:to_h) ? input.to_h : {}
+      end
+    rescue *LLM.json.parser_error
+      {}
+    end
+
+    def prompt_error!(content)
+      raise LLM::PromptError,
+            "#{content.class} is not supported by the Bedrock API"
+    end
+
+    def message = @message
+    def content = message.content
+  end
+end

data/lib/llm/providers/bedrock/request_adapter.rb

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+
+class LLM::Bedrock
+  ##
+  # Adapts llm.rb internal message format to Bedrock Converse API format.
+  #
+  # Bedrock Converse uses:
+  #   - system: [{text: "..."}]  (top-level, separate from messages)
+  #   - messages: [{role: "user"|"assistant", content: [{...}, ...]}]
+  #   - Content blocks: text, image, document, toolUse, toolResult
+  #   - toolConfig: {tools: [{toolSpec: {name:, description:, inputSchema: {json: ...}}}]}
+  #
+  # @api private
+  module RequestAdapter
+    ##
+    # @param [Array<LLM::Message>] messages
+    # @return [Hash]
+    def adapt(messages, mode: nil)
+      payload = {messages: [], system: []}
+      messages.each do |message|
+        adapted = Completion.new(message).adapt
+        next if adapted.nil?
+        if system?(message)
+          payload[:system].concat Array(adapted[:content])
+        else
+          payload[:messages] << adapted
+        end
+      end
+      payload.delete(:system) if payload[:system].empty?
+      payload
+    end
+
+    private
+
+    ##
+    # @param [Hash] params
+    # @return [Hash]
+    def adapt_schema(params)
+      return {} unless params&.key?(:schema)
+      schema = params.delete(:schema)
+      schema = schema.respond_to?(:object) ? schema.object : schema
+      cleaned = schema.respond_to?(:to_h) ? schema.to_h : schema
+      [:strict, "strict", :$schema, "$schema"].each { cleaned.delete(_1) }
+      {
+        outputConfig: {
+          textFormat: {
+            type: "json_schema",
+            structure: {
+              jsonSchema: {
+                name: "response",
+                schema: LLM.json.dump(cleaned)
+              }
+            }
+          }
+        }
+      }
+    end
+
+    ##
+    # @param [Array<LLM::Function>] tools
+    # @return [Hash]
+    def adapt_tools(tools)
+      return {} unless tools&.any?
+      {toolConfig: {tools: tools.map { |t| adapt_tool(t) }}}
+    end
+
+    ##
+    # @param [LLM::Function] tool
+    # @return [Hash]
+    def adapt_tool(tool)
+      function = tool.respond_to?(:function) ? tool.function : tool
+      {
+        toolSpec: {
+          name: function.name,
+          description: function.description,
+          inputSchema: {
+            json: function.params || default_input_schema
+          }
+        }
+      }
+    end
+
+    def default_input_schema
+      {"type" => "object", "properties" => {}, "required" => []}
+    end
+
+    def system?(message)
+      if message.respond_to?(:system?)
+        message.system?
+      else
+        Hash === message && message[:role].to_s == "system"
+      end
+    end
+  end
+end

data/lib/llm/providers/bedrock/response_adapter/completion.rb

@@ -0,0 +1,143 @@
+# frozen_string_literal: true
+
+module LLM::Bedrock::ResponseAdapter
+  ##
+  # Adapts Bedrock Converse API completion responses.
+  #
+  # The Bedrock Converse response body looks like:
+  #   {
+  #     "output" => {"message" => {
+  #       "role" => "assistant",
+  #       "content" => [{"text" => "..."}, {"toolUse" => {...}}]
+  #     }},
+  #     "usage" => {"inputTokens" => N, "outputTokens" => N},
+  #     "modelId" => "anthropic.claude-sonnet-4-20250514-v1:0",
+  #     "stopReason" => "end_turn"
+  #   }
+  module Completion
+    ##
+    # (see LLM::Contract::Completion#messages)
+    def messages
+      source = texts.empty? && tools.any? ? [{"text" => ""}] : texts
+      source.map.with_index do |choice, index|
+        extra = {
+          index:, response: self,
+          reasoning_content:,
+          tool_calls: adapt_tool_calls(tools),
+          original_tool_calls: tools
+        }
+        LLM::Message.new(role, choice["text"], extra)
+      end
+    end
+    alias_method :choices, :messages
+
+    ##
+    # Returns the Bedrock request id when present.
+    # @return [String, nil]
+    def id
+      res["x-amzn-requestid"] || res["x-amzn-request-id"]
+    end
+
+    ##
+    # (see LLM::Contract::Completion#input_tokens)
+    def input_tokens
+      body.usage&.inputTokens || 0
+    end
+
+    ##
+    # (see LLM::Contract::Completion#output_tokens)
+    def output_tokens
+      body.usage&.outputTokens || 0
+    end
+
+    ##
+    # (see LLM::Contract::Completion#reasoning_tokens)
+    def reasoning_tokens
+      0
+    end
+
+    ##
+    # (see LLM::Contract::Completion#total_tokens)
+    def total_tokens
+      input_tokens + output_tokens
+    end
+
+    ##
+    # (see LLM::Contract::Completion#usage)
+    def usage
+      super
+    end
+
+    ##
+    # (see LLM::Contract::Completion#model)
+    def model
+      body.modelId
+    end
+
+    ##
+    # (see LLM::Contract::Completion#content)
+    def content
+      super
+    end
+
+    ##
+    # (see LLM::Contract::Completion#reasoning_content)
+    def reasoning_content
+      @reasoning_content ||= begin
+        text = parts.filter_map { _1.dig("reasoningContent", "text") }.join
+        text.empty? ? nil : text
+      end
+    end
+
+    ##
+    # (see LLM::Contract::Completion#content!)
+    def content!
+      super
+    end
+
+    private
+
+    def adapt_tool_calls(tools)
+      (tools || []).filter_map do |tool|
+        next unless tool["toolUse"]
+        {
+          id: tool["toolUse"]["toolUseId"],
+          name: tool["toolUse"]["name"],
+          arguments: parse_tool_input(tool["toolUse"]["input"])
+        }
+      end
+    end
+
+    def parse_tool_input(input)
+      case input
+      when Hash then input
+      when String
+        parsed = LLM.json.load(input)
+        Hash === parsed ? parsed : {}
+      when nil then {}
+      else input.respond_to?(:to_h) ? input.to_h : {}
+      end
+    rescue *LLM.json.parser_error
+      {}
+    end
+
+    def parts
+      raw = body.output&.message&.content || []
+      raw.is_a?(Array) ? raw : [raw].compact
+    end
+
+    def texts
+      @texts ||= parts.select { |b| b["text"] }
+    end
+
+    def tools
+      @tools ||= parts.select { |b| b["toolUse"] }
+    end
+
+    def role
+      body.output&.message&.role || "assistant"
+    end
+
+    include LLM::Contract::Completion
+  end
+end

data/lib/llm/providers/bedrock/response_adapter/models.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module LLM::Bedrock::ResponseAdapter
+  ##
+  # Adapts Bedrock ListFoundationModels API responses to llm.rb's
+  # normalized model collection format.
+  #
+  # The Bedrock ListFoundationModels response looks like:
+  #   {
+  #     "modelSummaries": [{
+  #       "modelId": "anthropic.claude-sonnet-4-20250514-v1:0",
+  #       "modelName": "Claude Sonnet 4",
+  #       "providerName": "Anthropic",
+  #       "inputModalities": ["TEXT", "IMAGE"],
+  #       "outputModalities": ["TEXT"],
+  #       ...
+  #     }]
+  #   }
+  module Models
+    include LLM::Model::Collection
+
+    private
+
+    def raw_models
+      (body.modelSummaries || []).map do |summary|
+        LLM::Object.from({
+          id: summary.modelId,
+          name: summary.modelName,
+          provider_name: summary.providerName
+        })
+      end
+    end
+  end
+end

data/lib/llm/providers/bedrock/response_adapter.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+class LLM::Bedrock
+  ##
+  # Adapts Bedrock Converse API responses to llm.rb's Response format.
+  #
+  # Bedrock Converse returns:
+  #   {
+  #     output: {message: {role: "assistant", content: [{...}, ...]}},
+  #     usage: {inputTokens: N, outputTokens: N},
+  #     modelId: "anthropic.claude-...",
+  #     stopReason: "end_turn" | "tool_use" | "max_tokens" | ...
+  #   }
+  #
+  # @api private
+  module ResponseAdapter
+    module_function
+
+    ##
+    # @param [LLM::Response, Net::HTTPResponse] res
+    # @param [Symbol] type
+    # @return [LLM::Response]
+    def adapt(res, type:)
+      response = (LLM::Response === res) ? res : LLM::Response.new(res)
+      response.extend(select(type))
+    end
+
+    ##
+    # @api private
+    def select(type)
+      case type
+      when :completion then LLM::Bedrock::ResponseAdapter::Completion
+      when :models then LLM::Bedrock::ResponseAdapter::Models
+      else
+        raise ArgumentError,
+              "Unknown response adapter type: #{type.inspect}"
+      end
+    end
+  end
+end

data/lib/llm/providers/bedrock/signature.rb

@@ -0,0 +1,166 @@
+# frozen_string_literal: true
+
+require "digest"
+require "openssl"
+
+class LLM::Bedrock
+  ##
+  # Signs HTTP requests and headers with AWS Signature V4.
+  #
+  # Returns the signed headers as a Hash through #to_h, ready to merge
+  # into a Net::HTTPRequest or other HTTP client. Everything else is
+  # private.
+  #
+  # Uses only Ruby's stdlib (openssl, digest) with no external deps.
+  #
+  # @example
+  #   signature = LLM::Bedrock::Signature.new(
+  #     credentials: LLM::Object.from(
+  #       access_key_id: ENV["AWS_ACCESS_KEY_ID"],
+  #       secret_access_key: ENV["AWS_SECRET_ACCESS_KEY"],
+  #       aws_region: "us-east-1",
+  #       host: "bedrock-runtime.us-east-1.amazonaws.com",
+  #       session_token: nil
+  #     ),
+  #     method: "POST",
+  #     path: "/model/anthropic.claude-3/converse",
+  #     body: '{"messages":[...]}'
+  #   )
+  #   signature.sign!(req)
+  #
+  # @api private
+  class Signature
+    SERVICE = "bedrock"
+
+    ##
+    # @param [LLM::Object] credentials AWS signing credentials and host
+    # @param [String] method HTTP method ("POST", "GET", etc.)
+    # @param [String] path Request path (e.g. "/model/.../converse")
+    # @param [String] body Raw request body
+    # @param [String, nil] query Canonical query string
+    def initialize(credentials:, method:, path:, body:, query: nil)
+      @credentials = credentials
+      @method = method
+      @path = path
+      @query = query
+      @body = body
+    end
+
+    ##
+    # Returns the signed headers as a plain Hash.
+    #
+    # Call this once per request and merge the result into your
+    # HTTP headers. Each call recomputes the signature with the
+    # current time, so call it immediately before sending.
+    #
+    # @return [Hash{String => String}]
+    def to_h
+      now = Time.now.utc
+      amz_date = now.strftime("%Y%m%dT%H%M%SZ")
+      date_stamp = now.strftime("%Y%m%d")
+      payload_hash = Digest::SHA256.hexdigest(@body)
+      headers = {
+        "X-Amz-Date" => amz_date,
+        "X-Amz-Content-Sha256" => payload_hash,
+        "Content-Type" => "application/json",
+        "Host" => @credentials.host
+      }
+      headers["X-Amz-Security-Token"] = @credentials.session_token if @credentials.session_token
+      signed_headers = build_signed_headers
+      canonical_headers = build_canonical_headers(headers, signed_headers)
+      canonical_uri = build_canonical_uri
+      canonical_query = build_canonical_query
+      canonical_request = build_canonical_request(
+        canonical_uri, canonical_query, canonical_headers, signed_headers, payload_hash
+      )
+      credential_scope = "#{date_stamp}/#{@credentials.aws_region}/#{SERVICE}/aws4_request"
+      string_to_sign = build_string_to_sign(
+        amz_date, credential_scope, canonical_request
+      )
+      signing_key = derive_signing_key(date_stamp)
+      signature = OpenSSL::HMAC.hexdigest(
+        "sha256", signing_key, string_to_sign
+      )
+      headers["Authorization"] =
+        "AWS4-HMAC-SHA256 " \
+        "Credential=#{@credentials.access_key_id}/#{credential_scope}, " \
+        "SignedHeaders=#{signed_headers}, Signature=#{signature}"
+      headers
+    end
+
+    ##
+    # @param [Net::HTTPRequest] req
+    # @return [Net::HTTPRequest]
+    def sign!(req)
+      to_h.each { |k, v| req[k] = v }
+      req
+    end
+
+    private
+
+    def build_signed_headers
+      %w[host x-amz-date x-amz-content-sha256].tap do |h|
+        h << "x-amz-security-token" if @credentials.session_token
+        h << "content-type"
+      end.sort.join(";")
+    end
+
+    def build_canonical_headers(headers, signed_headers)
+      headers = headers.transform_keys(&:downcase)
+      signed_headers.split(";").map do |key|
+        "#{key}:#{headers[key].to_s.strip}\n"
+      end.join
+    end
+
+    def build_canonical_uri
+      path = @path
+      return "/" if path.nil? || path.empty?
+      segments = path.split("/", -1).map { |s| uri_encode(s) }
+      canonical = segments.join("/")
+      canonical.start_with?("/") ? canonical : "/#{canonical}"
+    end
+
+    def build_canonical_query
+      return "" if @query.to_s.empty?
+      URI.decode_www_form(@query).sort.map do |key, value|
+        "#{uri_encode(key)}=#{uri_encode(value)}"
+      end.join("&")
+    end
+
+    def build_canonical_request(uri, query, canonical_headers,
+                                signed_headers, payload_hash)
+      [
+        @method,
+        uri,
+        query,
+        canonical_headers,
+        signed_headers,
+        payload_hash
+      ].join("\n")
+    end
+
+    def build_string_to_sign(amz_date, credential_scope, canonical_request)
+      [
+        "AWS4-HMAC-SHA256",
+        amz_date,
+        credential_scope,
+        Digest::SHA256.hexdigest(canonical_request)
+      ].join("\n")
+    end
+
+    def derive_signing_key(date_stamp)
+      k_date = OpenSSL::HMAC.digest(
+        "sha256", "AWS4#{@credentials.secret_access_key}", date_stamp
+      )
+      k_region = OpenSSL::HMAC.digest("sha256", k_date, @credentials.aws_region)
+      k_service = OpenSSL::HMAC.digest("sha256", k_region, SERVICE)
+      OpenSSL::HMAC.digest("sha256", k_service, "aws4_request")
+    end
+
+    def uri_encode(str)
+      URI.encode_www_form_component(str.to_s)
+        .gsub("+", "%20")
+        .gsub("%7E", "~")
+    end
+  end
+end