@smythos/sre 1.5.43 → 1.5.45
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG +90 -90
- package/LICENSE +18 -18
- package/README.md +135 -135
- package/dist/index.js +13 -13
- package/dist/index.js.map +1 -1
- package/dist/types/Components/GenAILLM.class.d.ts +6 -0
- package/dist/types/helpers/AWSLambdaCode.helper.d.ts +8 -5
- package/dist/types/index.d.ts +1 -0
- package/dist/types/subsystems/LLMManager/LLM.service/connectors/Groq.class.d.ts +5 -0
- package/dist/types/subsystems/LLMManager/LLM.service/connectors/openai/OpenAIConnector.class.d.ts +13 -1
- package/dist/types/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/ChatCompletionsApiInterface.d.ts +0 -4
- package/dist/types/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/ResponsesApiInterface.d.ts +44 -29
- package/dist/types/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/constants.d.ts +4 -2
- package/dist/types/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/utils.d.ts +6 -0
- package/dist/types/subsystems/LLMManager/LLM.service/connectors/openai/types.d.ts +0 -4
- package/dist/types/subsystems/LLMManager/ModelsProvider.service/connectors/SmythModelsProvider.class.d.ts +39 -0
- package/dist/types/types/LLM.types.d.ts +4 -1
- package/package.json +5 -2
- package/src/Components/APICall/APICall.class.ts +156 -156
- package/src/Components/APICall/AccessTokenManager.ts +130 -130
- package/src/Components/APICall/ArrayBufferResponse.helper.ts +58 -58
- package/src/Components/APICall/OAuth.helper.ts +294 -294
- package/src/Components/APICall/mimeTypeCategories.ts +46 -46
- package/src/Components/APICall/parseData.ts +167 -167
- package/src/Components/APICall/parseHeaders.ts +41 -41
- package/src/Components/APICall/parseProxy.ts +68 -68
- package/src/Components/APICall/parseUrl.ts +91 -91
- package/src/Components/APIEndpoint.class.ts +234 -234
- package/src/Components/APIOutput.class.ts +58 -58
- package/src/Components/AgentPlugin.class.ts +102 -102
- package/src/Components/Async.class.ts +155 -155
- package/src/Components/Await.class.ts +90 -90
- package/src/Components/Classifier.class.ts +158 -158
- package/src/Components/Component.class.ts +132 -132
- package/src/Components/ComponentHost.class.ts +38 -38
- package/src/Components/DataSourceCleaner.class.ts +92 -92
- package/src/Components/DataSourceIndexer.class.ts +181 -181
- package/src/Components/DataSourceLookup.class.ts +161 -161
- package/src/Components/ECMASandbox.class.ts +71 -71
- package/src/Components/FEncDec.class.ts +29 -29
- package/src/Components/FHash.class.ts +33 -33
- package/src/Components/FSign.class.ts +80 -80
- package/src/Components/FSleep.class.ts +25 -25
- package/src/Components/FTimestamp.class.ts +25 -25
- package/src/Components/FileStore.class.ts +78 -78
- package/src/Components/ForEach.class.ts +97 -97
- package/src/Components/GPTPlugin.class.ts +70 -70
- package/src/Components/GenAILLM.class.ts +586 -579
- package/src/Components/HuggingFace.class.ts +314 -314
- package/src/Components/Image/imageSettings.config.ts +70 -70
- package/src/Components/ImageGenerator.class.ts +502 -502
- package/src/Components/JSONFilter.class.ts +54 -54
- package/src/Components/LLMAssistant.class.ts +213 -213
- package/src/Components/LogicAND.class.ts +28 -28
- package/src/Components/LogicAtLeast.class.ts +85 -85
- package/src/Components/LogicAtMost.class.ts +86 -86
- package/src/Components/LogicOR.class.ts +29 -29
- package/src/Components/LogicXOR.class.ts +34 -34
- package/src/Components/MCPClient.class.ts +112 -112
- package/src/Components/MemoryDeleteKeyVal.class.ts +70 -70
- package/src/Components/MemoryReadKeyVal.class.ts +66 -66
- package/src/Components/MemoryWriteKeyVal.class.ts +62 -62
- package/src/Components/MemoryWriteObject.class.ts +97 -97
- package/src/Components/MultimodalLLM.class.ts +128 -128
- package/src/Components/OpenAPI.class.ts +72 -72
- package/src/Components/PromptGenerator.class.ts +122 -122
- package/src/Components/ScrapflyWebScrape.class.ts +159 -159
- package/src/Components/ServerlessCode.class.ts +123 -123
- package/src/Components/TavilyWebSearch.class.ts +98 -98
- package/src/Components/VisionLLM.class.ts +104 -104
- package/src/Components/ZapierAction.class.ts +127 -127
- package/src/Components/index.ts +97 -97
- package/src/Core/AgentProcess.helper.ts +240 -240
- package/src/Core/Connector.class.ts +123 -123
- package/src/Core/ConnectorsService.ts +197 -197
- package/src/Core/DummyConnector.ts +49 -49
- package/src/Core/HookService.ts +105 -105
- package/src/Core/SmythRuntime.class.ts +235 -235
- package/src/Core/SystemEvents.ts +16 -16
- package/src/Core/boot.ts +56 -56
- package/src/config.ts +15 -15
- package/src/constants.ts +126 -126
- package/src/data/hugging-face.params.json +579 -579
- package/src/helpers/AWSLambdaCode.helper.ts +588 -528
- package/src/helpers/BinaryInput.helper.ts +331 -331
- package/src/helpers/Conversation.helper.ts +1119 -1119
- package/src/helpers/ECMASandbox.helper.ts +54 -54
- package/src/helpers/JsonContent.helper.ts +97 -97
- package/src/helpers/LocalCache.helper.ts +97 -97
- package/src/helpers/Log.helper.ts +274 -274
- package/src/helpers/OpenApiParser.helper.ts +150 -150
- package/src/helpers/S3Cache.helper.ts +147 -147
- package/src/helpers/SmythURI.helper.ts +5 -5
- package/src/helpers/Sysconfig.helper.ts +77 -77
- package/src/helpers/TemplateString.helper.ts +243 -243
- package/src/helpers/TypeChecker.helper.ts +329 -329
- package/src/index.ts +4 -3
- package/src/index.ts.bak +4 -3
- package/src/subsystems/AgentManager/Agent.class.ts +1114 -1114
- package/src/subsystems/AgentManager/Agent.helper.ts +3 -3
- package/src/subsystems/AgentManager/AgentData.service/AgentDataConnector.ts +230 -230
- package/src/subsystems/AgentManager/AgentData.service/connectors/CLIAgentDataConnector.class.ts +66 -66
- package/src/subsystems/AgentManager/AgentData.service/connectors/LocalAgentDataConnector.class.ts +142 -142
- package/src/subsystems/AgentManager/AgentData.service/connectors/NullAgentData.class.ts +39 -39
- package/src/subsystems/AgentManager/AgentData.service/index.ts +18 -18
- package/src/subsystems/AgentManager/AgentLogger.class.ts +297 -297
- package/src/subsystems/AgentManager/AgentRequest.class.ts +51 -51
- package/src/subsystems/AgentManager/AgentRuntime.class.ts +559 -559
- package/src/subsystems/AgentManager/AgentSSE.class.ts +101 -101
- package/src/subsystems/AgentManager/AgentSettings.class.ts +52 -52
- package/src/subsystems/AgentManager/Component.service/ComponentConnector.ts +32 -32
- package/src/subsystems/AgentManager/Component.service/connectors/LocalComponentConnector.class.ts +60 -60
- package/src/subsystems/AgentManager/Component.service/index.ts +11 -11
- package/src/subsystems/AgentManager/EmbodimentSettings.class.ts +47 -47
- package/src/subsystems/AgentManager/ForkedAgent.class.ts +154 -154
- package/src/subsystems/AgentManager/OSResourceMonitor.ts +77 -77
- package/src/subsystems/ComputeManager/Code.service/CodeConnector.ts +98 -98
- package/src/subsystems/ComputeManager/Code.service/connectors/AWSLambdaCode.class.ts +172 -170
- package/src/subsystems/ComputeManager/Code.service/connectors/ECMASandbox.class.ts +131 -131
- package/src/subsystems/ComputeManager/Code.service/index.ts +13 -13
- package/src/subsystems/IO/CLI.service/CLIConnector.ts +47 -47
- package/src/subsystems/IO/CLI.service/index.ts +9 -9
- package/src/subsystems/IO/Log.service/LogConnector.ts +32 -32
- package/src/subsystems/IO/Log.service/connectors/ConsoleLog.class.ts +28 -28
- package/src/subsystems/IO/Log.service/index.ts +13 -13
- package/src/subsystems/IO/NKV.service/NKVConnector.ts +43 -43
- package/src/subsystems/IO/NKV.service/connectors/NKVLocalStorage.class.ts +234 -234
- package/src/subsystems/IO/NKV.service/connectors/NKVRAM.class.ts +204 -204
- package/src/subsystems/IO/NKV.service/connectors/NKVRedis.class.ts +182 -182
- package/src/subsystems/IO/NKV.service/index.ts +14 -14
- package/src/subsystems/IO/Router.service/RouterConnector.ts +21 -21
- package/src/subsystems/IO/Router.service/connectors/ExpressRouter.class.ts +48 -48
- package/src/subsystems/IO/Router.service/connectors/NullRouter.class.ts +40 -40
- package/src/subsystems/IO/Router.service/index.ts +11 -11
- package/src/subsystems/IO/Storage.service/SmythFS.class.ts +489 -489
- package/src/subsystems/IO/Storage.service/StorageConnector.ts +66 -66
- package/src/subsystems/IO/Storage.service/connectors/LocalStorage.class.ts +327 -327
- package/src/subsystems/IO/Storage.service/connectors/S3Storage.class.ts +482 -482
- package/src/subsystems/IO/Storage.service/index.ts +13 -13
- package/src/subsystems/IO/VectorDB.service/VectorDBConnector.ts +108 -108
- package/src/subsystems/IO/VectorDB.service/connectors/MilvusVectorDB.class.ts +454 -454
- package/src/subsystems/IO/VectorDB.service/connectors/PineconeVectorDB.class.ts +384 -384
- package/src/subsystems/IO/VectorDB.service/connectors/RAMVecrtorDB.class.ts +421 -421
- package/src/subsystems/IO/VectorDB.service/embed/BaseEmbedding.ts +107 -107
- package/src/subsystems/IO/VectorDB.service/embed/OpenAIEmbedding.ts +109 -109
- package/src/subsystems/IO/VectorDB.service/embed/index.ts +21 -21
- package/src/subsystems/IO/VectorDB.service/index.ts +14 -14
- package/src/subsystems/LLMManager/LLM.helper.ts +251 -251
- package/src/subsystems/LLMManager/LLM.inference.ts +339 -339
- package/src/subsystems/LLMManager/LLM.service/LLMConnector.ts +489 -489
- package/src/subsystems/LLMManager/LLM.service/LLMCredentials.helper.ts +171 -171
- package/src/subsystems/LLMManager/LLM.service/connectors/Anthropic.class.ts +659 -659
- package/src/subsystems/LLMManager/LLM.service/connectors/Bedrock.class.ts +400 -400
- package/src/subsystems/LLMManager/LLM.service/connectors/Echo.class.ts +77 -77
- package/src/subsystems/LLMManager/LLM.service/connectors/GoogleAI.class.ts +757 -757
- package/src/subsystems/LLMManager/LLM.service/connectors/Groq.class.ts +304 -291
- package/src/subsystems/LLMManager/LLM.service/connectors/Perplexity.class.ts +250 -250
- package/src/subsystems/LLMManager/LLM.service/connectors/VertexAI.class.ts +423 -423
- package/src/subsystems/LLMManager/LLM.service/connectors/openai/OpenAIConnector.class.ts +488 -455
- package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/ChatCompletionsApiInterface.ts +528 -528
- package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/OpenAIApiInterface.ts +100 -100
- package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/OpenAIApiInterfaceFactory.ts +81 -81
- package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/ResponsesApiInterface.ts +1168 -853
- package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/constants.ts +13 -37
- package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/index.ts +4 -4
- package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/utils.ts +11 -0
- package/src/subsystems/LLMManager/LLM.service/connectors/openai/types.ts +32 -37
- package/src/subsystems/LLMManager/LLM.service/connectors/xAI.class.ts +471 -471
- package/src/subsystems/LLMManager/LLM.service/index.ts +44 -44
- package/src/subsystems/LLMManager/ModelsProvider.service/ModelsProviderConnector.ts +300 -300
- package/src/subsystems/LLMManager/ModelsProvider.service/connectors/JSONModelsProvider.class.ts +252 -252
- package/src/subsystems/LLMManager/ModelsProvider.service/index.ts +11 -11
- package/src/subsystems/LLMManager/custom-models.ts +854 -854
- package/src/subsystems/LLMManager/models.ts +2540 -2540
- package/src/subsystems/LLMManager/paramMappings.ts +69 -69
- package/src/subsystems/MemoryManager/Cache.service/CacheConnector.ts +86 -86
- package/src/subsystems/MemoryManager/Cache.service/connectors/LocalStorageCache.class.ts +297 -297
- package/src/subsystems/MemoryManager/Cache.service/connectors/RAMCache.class.ts +201 -201
- package/src/subsystems/MemoryManager/Cache.service/connectors/RedisCache.class.ts +252 -252
- package/src/subsystems/MemoryManager/Cache.service/connectors/S3Cache.class.ts +373 -373
- package/src/subsystems/MemoryManager/Cache.service/index.ts +15 -15
- package/src/subsystems/MemoryManager/LLMCache.ts +72 -72
- package/src/subsystems/MemoryManager/LLMContext.ts +124 -124
- package/src/subsystems/MemoryManager/LLMMemory.service/LLMMemoryConnector.ts +26 -26
- package/src/subsystems/MemoryManager/RuntimeContext.ts +266 -266
- package/src/subsystems/Security/AccessControl/ACL.class.ts +208 -208
- package/src/subsystems/Security/AccessControl/AccessCandidate.class.ts +82 -82
- package/src/subsystems/Security/AccessControl/AccessRequest.class.ts +52 -52
- package/src/subsystems/Security/Account.service/AccountConnector.ts +44 -44
- package/src/subsystems/Security/Account.service/connectors/AWSAccount.class.ts +76 -76
- package/src/subsystems/Security/Account.service/connectors/DummyAccount.class.ts +130 -130
- package/src/subsystems/Security/Account.service/connectors/JSONFileAccount.class.ts +159 -159
- package/src/subsystems/Security/Account.service/index.ts +14 -14
- package/src/subsystems/Security/Credentials.helper.ts +62 -62
- package/src/subsystems/Security/ManagedVault.service/ManagedVaultConnector.ts +38 -38
- package/src/subsystems/Security/ManagedVault.service/connectors/NullManagedVault.class.ts +53 -53
- package/src/subsystems/Security/ManagedVault.service/connectors/SecretManagerManagedVault.ts +154 -154
- package/src/subsystems/Security/ManagedVault.service/index.ts +12 -12
- package/src/subsystems/Security/SecureConnector.class.ts +110 -110
- package/src/subsystems/Security/Vault.service/Vault.helper.ts +30 -30
- package/src/subsystems/Security/Vault.service/VaultConnector.ts +29 -29
- package/src/subsystems/Security/Vault.service/connectors/HashicorpVault.class.ts +46 -46
- package/src/subsystems/Security/Vault.service/connectors/JSONFileVault.class.ts +221 -221
- package/src/subsystems/Security/Vault.service/connectors/NullVault.class.ts +54 -54
- package/src/subsystems/Security/Vault.service/connectors/SecretsManager.class.ts +140 -140
- package/src/subsystems/Security/Vault.service/index.ts +12 -12
- package/src/types/ACL.types.ts +104 -104
- package/src/types/AWS.types.ts +10 -10
- package/src/types/Agent.types.ts +61 -61
- package/src/types/AgentLogger.types.ts +17 -17
- package/src/types/Cache.types.ts +1 -1
- package/src/types/Common.types.ts +2 -2
- package/src/types/LLM.types.ts +496 -491
- package/src/types/Redis.types.ts +8 -8
- package/src/types/SRE.types.ts +64 -64
- package/src/types/Security.types.ts +14 -14
- package/src/types/Storage.types.ts +5 -5
- package/src/types/VectorDB.types.ts +86 -86
- package/src/utils/base64.utils.ts +275 -275
- package/src/utils/cli.utils.ts +68 -68
- package/src/utils/data.utils.ts +322 -322
- package/src/utils/date-time.utils.ts +22 -22
- package/src/utils/general.utils.ts +238 -238
- package/src/utils/index.ts +12 -12
- package/src/utils/lazy-client.ts +261 -261
- package/src/utils/numbers.utils.ts +13 -13
- package/src/utils/oauth.utils.ts +35 -35
- package/src/utils/string.utils.ts +414 -414
- package/src/utils/url.utils.ts +19 -19
- package/src/utils/validation.utils.ts +74 -74
- package/dist/bundle-analysis-lazy.html +0 -4949
- package/dist/bundle-analysis.html +0 -4949
- package/dist/types/utils/package-manager.utils.d.ts +0 -26
|
@@ -1,171 +1,171 @@
|
|
|
1
|
-
import { ConnectorService } from '@sre/Core/ConnectorsService';
|
|
2
|
-
import { AccessCandidate } from '@sre/Security/AccessControl/AccessCandidate.class';
|
|
3
|
-
import { TBedrockSettings, TCustomLLMModel, TLLMCredentials, TLLMModel, TVertexAISettings } from '@sre/types/LLM.types';
|
|
4
|
-
|
|
5
|
-
export async function getLLMCredentials(candidate: AccessCandidate, modelInfo: TLLMModel | TCustomLLMModel) {
|
|
6
|
-
//create a credentials list that we can iterate over
|
|
7
|
-
//if the credentials are not provided, we will use None as a default in order to return empty credentials
|
|
8
|
-
const credentialsList: any[] = !Array.isArray(modelInfo.credentials)
|
|
9
|
-
? [modelInfo.credentials || TLLMCredentials.Internal]
|
|
10
|
-
: modelInfo.credentials || [TLLMCredentials.Internal];
|
|
11
|
-
|
|
12
|
-
for (let credentialsMode of credentialsList) {
|
|
13
|
-
if (typeof credentialsMode === 'object') {
|
|
14
|
-
//credentials passed directly
|
|
15
|
-
return credentialsMode;
|
|
16
|
-
}
|
|
17
|
-
|
|
18
|
-
switch (credentialsMode) {
|
|
19
|
-
case TLLMCredentials.None: {
|
|
20
|
-
return { apiKey: '' };
|
|
21
|
-
}
|
|
22
|
-
case TLLMCredentials.Internal: {
|
|
23
|
-
const credentials = await getEnvCredentials(candidate, modelInfo as TLLMModel);
|
|
24
|
-
if (credentials) return credentials;
|
|
25
|
-
break;
|
|
26
|
-
}
|
|
27
|
-
case TLLMCredentials.Vault: {
|
|
28
|
-
const credentials = await getStandardLLMCredentials(candidate, modelInfo as TLLMModel);
|
|
29
|
-
if (credentials) return credentials;
|
|
30
|
-
break;
|
|
31
|
-
}
|
|
32
|
-
case TLLMCredentials.BedrockVault: {
|
|
33
|
-
const credentials = await getBedrockCredentials(candidate, modelInfo as TCustomLLMModel);
|
|
34
|
-
if (credentials) return credentials;
|
|
35
|
-
break;
|
|
36
|
-
}
|
|
37
|
-
case TLLMCredentials.VertexAIVault: {
|
|
38
|
-
const credentials = await getVertexAICredentials(candidate, modelInfo as TCustomLLMModel);
|
|
39
|
-
if (credentials) return credentials;
|
|
40
|
-
break;
|
|
41
|
-
}
|
|
42
|
-
}
|
|
43
|
-
}
|
|
44
|
-
|
|
45
|
-
return {};
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
/**
|
|
49
|
-
* Legacy API keys
|
|
50
|
-
* TODO : move this to a special vault entry
|
|
51
|
-
*/
|
|
52
|
-
const SMYTHOS_API_KEYS = {
|
|
53
|
-
echo: '',
|
|
54
|
-
openai: process.env.OPENAI_API_KEY,
|
|
55
|
-
anthropic: process.env.ANTHROPIC_API_KEY,
|
|
56
|
-
googleai: process.env.GOOGLE_AI_API_KEY,
|
|
57
|
-
togetherai: process.env.TOGETHER_AI_API_KEY,
|
|
58
|
-
groq: process.env.GROQ_API_KEY,
|
|
59
|
-
xai: process.env.XAI_API_KEY,
|
|
60
|
-
perplexity: process.env.PERPLEXITY_API_KEY,
|
|
61
|
-
};
|
|
62
|
-
async function getEnvCredentials(candidate: AccessCandidate, modelInfo: TLLMModel): Promise<{ apiKey: string }> {
|
|
63
|
-
const provider = (modelInfo.provider || modelInfo.llm)?.toLowerCase();
|
|
64
|
-
const apiKey = SMYTHOS_API_KEYS?.[provider] || '';
|
|
65
|
-
if (!apiKey) return null;
|
|
66
|
-
return { apiKey };
|
|
67
|
-
}
|
|
68
|
-
|
|
69
|
-
/**
|
|
70
|
-
* Retrieves API key credentials for standard LLM providers from the vault
|
|
71
|
-
* @param candidate - The access candidate requesting the credentials
|
|
72
|
-
* @param provider - The LLM provider name (e.g., 'openai', 'anthropic')
|
|
73
|
-
* @returns Promise resolving to an object containing the provider's API key
|
|
74
|
-
* @throws {Error} If vault connector is unavailable (handled in parent method)
|
|
75
|
-
* @remarks Returns an empty string as API key if vault access fails
|
|
76
|
-
* @private
|
|
77
|
-
*/
|
|
78
|
-
async function getStandardLLMCredentials(candidate: AccessCandidate, modelInfo: TLLMModel): Promise<{ apiKey: string; isUserKey: boolean }> {
|
|
79
|
-
const provider = (modelInfo.provider || modelInfo.llm)?.toLowerCase();
|
|
80
|
-
const vaultConnector = ConnectorService.getVaultConnector();
|
|
81
|
-
|
|
82
|
-
const apiKey = await vaultConnector
|
|
83
|
-
.requester(candidate)
|
|
84
|
-
.get(provider)
|
|
85
|
-
.catch(() => '');
|
|
86
|
-
|
|
87
|
-
if (!apiKey) return null;
|
|
88
|
-
return { apiKey, isUserKey: true };
|
|
89
|
-
}
|
|
90
|
-
|
|
91
|
-
/**
|
|
92
|
-
* Retrieves AWS Bedrock credentials from the vault for authentication
|
|
93
|
-
* @param candidate - The access candidate requesting the credentials
|
|
94
|
-
* @param modelInfo - The Bedrock model information containing credential key names in settings
|
|
95
|
-
* @returns Promise resolving to AWS credentials object
|
|
96
|
-
* @returns {Promise<Object>} credentials
|
|
97
|
-
* @returns {string} credentials.accessKeyId - AWS access key ID
|
|
98
|
-
* @returns {string} credentials.secretAccessKey - AWS secret access key
|
|
99
|
-
* @returns {string} [credentials.sessionToken] - Optional AWS session token
|
|
100
|
-
* @throws {Error} If vault connector is unavailable (handled in parent method)
|
|
101
|
-
* @private
|
|
102
|
-
*/
|
|
103
|
-
async function getBedrockCredentials(
|
|
104
|
-
candidate: AccessCandidate,
|
|
105
|
-
modelInfo: TCustomLLMModel
|
|
106
|
-
): Promise<{ accessKeyId: string; secretAccessKey: string; sessionToken?: string; isUserKey: boolean }> {
|
|
107
|
-
const keyIdName = (modelInfo.settings as TBedrockSettings)?.keyIDName;
|
|
108
|
-
const secretKeyName = (modelInfo.settings as TBedrockSettings)?.secretKeyName;
|
|
109
|
-
const sessionKeyName = (modelInfo.settings as TBedrockSettings)?.sessionKeyName;
|
|
110
|
-
|
|
111
|
-
const vaultConnector = ConnectorService.getVaultConnector();
|
|
112
|
-
|
|
113
|
-
const [accessKeyId, secretAccessKey, sessionToken] = await Promise.all([
|
|
114
|
-
vaultConnector
|
|
115
|
-
.requester(candidate)
|
|
116
|
-
.get(keyIdName)
|
|
117
|
-
.catch(() => ''),
|
|
118
|
-
vaultConnector
|
|
119
|
-
.requester(candidate)
|
|
120
|
-
.get(secretKeyName)
|
|
121
|
-
.catch(() => ''),
|
|
122
|
-
vaultConnector
|
|
123
|
-
.requester(candidate)
|
|
124
|
-
.get(sessionKeyName)
|
|
125
|
-
.catch(() => ''),
|
|
126
|
-
]);
|
|
127
|
-
|
|
128
|
-
let credentials: {
|
|
129
|
-
accessKeyId: string;
|
|
130
|
-
secretAccessKey: string;
|
|
131
|
-
sessionToken?: string;
|
|
132
|
-
isUserKey: boolean;
|
|
133
|
-
} = {
|
|
134
|
-
accessKeyId,
|
|
135
|
-
secretAccessKey,
|
|
136
|
-
isUserKey: true,
|
|
137
|
-
};
|
|
138
|
-
|
|
139
|
-
if (sessionToken) {
|
|
140
|
-
credentials.sessionToken = sessionToken;
|
|
141
|
-
}
|
|
142
|
-
|
|
143
|
-
if (!accessKeyId || !secretAccessKey) return null;
|
|
144
|
-
return credentials;
|
|
145
|
-
}
|
|
146
|
-
|
|
147
|
-
/**
|
|
148
|
-
* Retrieves the credentials required for VertexAI authentication from the vault
|
|
149
|
-
* @param candidate - The access candidate requesting the credentials
|
|
150
|
-
* @param modelInfo - The VertexAI model information containing settings
|
|
151
|
-
* @returns Promise resolving to the parsed JSON credentials for VertexAI
|
|
152
|
-
* @throws {Error} If vault connector is unavailable (handled in parent method)
|
|
153
|
-
* @throws {Error} If JSON parsing fails or credentials are malformed
|
|
154
|
-
* @remarks Returns empty credentials if vault access fails
|
|
155
|
-
* @private
|
|
156
|
-
*/
|
|
157
|
-
async function getVertexAICredentials(candidate: AccessCandidate, modelInfo: TCustomLLMModel): Promise<any> {
|
|
158
|
-
const jsonCredentialsName = (modelInfo.settings as TVertexAISettings)?.jsonCredentialsName;
|
|
159
|
-
|
|
160
|
-
const vaultConnector = ConnectorService.getVaultConnector();
|
|
161
|
-
|
|
162
|
-
let jsonCredentials = await vaultConnector
|
|
163
|
-
.requester(candidate)
|
|
164
|
-
.get(jsonCredentialsName)
|
|
165
|
-
.catch(() => '');
|
|
166
|
-
|
|
167
|
-
const credentials = JSON.parse(jsonCredentials);
|
|
168
|
-
|
|
169
|
-
if (!credentials) return null;
|
|
170
|
-
return { ...credentials, isUserKey: true };
|
|
171
|
-
}
|
|
1
|
+
import { ConnectorService } from '@sre/Core/ConnectorsService';
|
|
2
|
+
import { AccessCandidate } from '@sre/Security/AccessControl/AccessCandidate.class';
|
|
3
|
+
import { TBedrockSettings, TCustomLLMModel, TLLMCredentials, TLLMModel, TVertexAISettings } from '@sre/types/LLM.types';
|
|
4
|
+
|
|
5
|
+
export async function getLLMCredentials(candidate: AccessCandidate, modelInfo: TLLMModel | TCustomLLMModel) {
|
|
6
|
+
//create a credentials list that we can iterate over
|
|
7
|
+
//if the credentials are not provided, we will use None as a default in order to return empty credentials
|
|
8
|
+
const credentialsList: any[] = !Array.isArray(modelInfo.credentials)
|
|
9
|
+
? [modelInfo.credentials || TLLMCredentials.Internal]
|
|
10
|
+
: modelInfo.credentials || [TLLMCredentials.Internal];
|
|
11
|
+
|
|
12
|
+
for (let credentialsMode of credentialsList) {
|
|
13
|
+
if (typeof credentialsMode === 'object') {
|
|
14
|
+
//credentials passed directly
|
|
15
|
+
return credentialsMode;
|
|
16
|
+
}
|
|
17
|
+
|
|
18
|
+
switch (credentialsMode) {
|
|
19
|
+
case TLLMCredentials.None: {
|
|
20
|
+
return { apiKey: '' };
|
|
21
|
+
}
|
|
22
|
+
case TLLMCredentials.Internal: {
|
|
23
|
+
const credentials = await getEnvCredentials(candidate, modelInfo as TLLMModel);
|
|
24
|
+
if (credentials) return credentials;
|
|
25
|
+
break;
|
|
26
|
+
}
|
|
27
|
+
case TLLMCredentials.Vault: {
|
|
28
|
+
const credentials = await getStandardLLMCredentials(candidate, modelInfo as TLLMModel);
|
|
29
|
+
if (credentials) return credentials;
|
|
30
|
+
break;
|
|
31
|
+
}
|
|
32
|
+
case TLLMCredentials.BedrockVault: {
|
|
33
|
+
const credentials = await getBedrockCredentials(candidate, modelInfo as TCustomLLMModel);
|
|
34
|
+
if (credentials) return credentials;
|
|
35
|
+
break;
|
|
36
|
+
}
|
|
37
|
+
case TLLMCredentials.VertexAIVault: {
|
|
38
|
+
const credentials = await getVertexAICredentials(candidate, modelInfo as TCustomLLMModel);
|
|
39
|
+
if (credentials) return credentials;
|
|
40
|
+
break;
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
return {};
|
|
46
|
+
}
|
|
47
|
+
|
|
48
|
+
/**
|
|
49
|
+
* Legacy API keys
|
|
50
|
+
* TODO : move this to a special vault entry
|
|
51
|
+
*/
|
|
52
|
+
const SMYTHOS_API_KEYS = {
|
|
53
|
+
echo: '',
|
|
54
|
+
openai: process.env.OPENAI_API_KEY,
|
|
55
|
+
anthropic: process.env.ANTHROPIC_API_KEY,
|
|
56
|
+
googleai: process.env.GOOGLE_AI_API_KEY,
|
|
57
|
+
togetherai: process.env.TOGETHER_AI_API_KEY,
|
|
58
|
+
groq: process.env.GROQ_API_KEY,
|
|
59
|
+
xai: process.env.XAI_API_KEY,
|
|
60
|
+
perplexity: process.env.PERPLEXITY_API_KEY,
|
|
61
|
+
};
|
|
62
|
+
async function getEnvCredentials(candidate: AccessCandidate, modelInfo: TLLMModel): Promise<{ apiKey: string }> {
|
|
63
|
+
const provider = (modelInfo.provider || modelInfo.llm)?.toLowerCase();
|
|
64
|
+
const apiKey = SMYTHOS_API_KEYS?.[provider] || '';
|
|
65
|
+
if (!apiKey) return null;
|
|
66
|
+
return { apiKey };
|
|
67
|
+
}
|
|
68
|
+
|
|
69
|
+
/**
|
|
70
|
+
* Retrieves API key credentials for standard LLM providers from the vault
|
|
71
|
+
* @param candidate - The access candidate requesting the credentials
|
|
72
|
+
* @param provider - The LLM provider name (e.g., 'openai', 'anthropic')
|
|
73
|
+
* @returns Promise resolving to an object containing the provider's API key
|
|
74
|
+
* @throws {Error} If vault connector is unavailable (handled in parent method)
|
|
75
|
+
* @remarks Returns an empty string as API key if vault access fails
|
|
76
|
+
* @private
|
|
77
|
+
*/
|
|
78
|
+
async function getStandardLLMCredentials(candidate: AccessCandidate, modelInfo: TLLMModel): Promise<{ apiKey: string; isUserKey: boolean }> {
|
|
79
|
+
const provider = (modelInfo.provider || modelInfo.llm)?.toLowerCase();
|
|
80
|
+
const vaultConnector = ConnectorService.getVaultConnector();
|
|
81
|
+
|
|
82
|
+
const apiKey = await vaultConnector
|
|
83
|
+
.requester(candidate)
|
|
84
|
+
.get(provider)
|
|
85
|
+
.catch(() => '');
|
|
86
|
+
|
|
87
|
+
if (!apiKey) return null;
|
|
88
|
+
return { apiKey, isUserKey: true };
|
|
89
|
+
}
|
|
90
|
+
|
|
91
|
+
/**
|
|
92
|
+
* Retrieves AWS Bedrock credentials from the vault for authentication
|
|
93
|
+
* @param candidate - The access candidate requesting the credentials
|
|
94
|
+
* @param modelInfo - The Bedrock model information containing credential key names in settings
|
|
95
|
+
* @returns Promise resolving to AWS credentials object
|
|
96
|
+
* @returns {Promise<Object>} credentials
|
|
97
|
+
* @returns {string} credentials.accessKeyId - AWS access key ID
|
|
98
|
+
* @returns {string} credentials.secretAccessKey - AWS secret access key
|
|
99
|
+
* @returns {string} [credentials.sessionToken] - Optional AWS session token
|
|
100
|
+
* @throws {Error} If vault connector is unavailable (handled in parent method)
|
|
101
|
+
* @private
|
|
102
|
+
*/
|
|
103
|
+
async function getBedrockCredentials(
|
|
104
|
+
candidate: AccessCandidate,
|
|
105
|
+
modelInfo: TCustomLLMModel
|
|
106
|
+
): Promise<{ accessKeyId: string; secretAccessKey: string; sessionToken?: string; isUserKey: boolean }> {
|
|
107
|
+
const keyIdName = (modelInfo.settings as TBedrockSettings)?.keyIDName;
|
|
108
|
+
const secretKeyName = (modelInfo.settings as TBedrockSettings)?.secretKeyName;
|
|
109
|
+
const sessionKeyName = (modelInfo.settings as TBedrockSettings)?.sessionKeyName;
|
|
110
|
+
|
|
111
|
+
const vaultConnector = ConnectorService.getVaultConnector();
|
|
112
|
+
|
|
113
|
+
const [accessKeyId, secretAccessKey, sessionToken] = await Promise.all([
|
|
114
|
+
vaultConnector
|
|
115
|
+
.requester(candidate)
|
|
116
|
+
.get(keyIdName)
|
|
117
|
+
.catch(() => ''),
|
|
118
|
+
vaultConnector
|
|
119
|
+
.requester(candidate)
|
|
120
|
+
.get(secretKeyName)
|
|
121
|
+
.catch(() => ''),
|
|
122
|
+
vaultConnector
|
|
123
|
+
.requester(candidate)
|
|
124
|
+
.get(sessionKeyName)
|
|
125
|
+
.catch(() => ''),
|
|
126
|
+
]);
|
|
127
|
+
|
|
128
|
+
let credentials: {
|
|
129
|
+
accessKeyId: string;
|
|
130
|
+
secretAccessKey: string;
|
|
131
|
+
sessionToken?: string;
|
|
132
|
+
isUserKey: boolean;
|
|
133
|
+
} = {
|
|
134
|
+
accessKeyId,
|
|
135
|
+
secretAccessKey,
|
|
136
|
+
isUserKey: true,
|
|
137
|
+
};
|
|
138
|
+
|
|
139
|
+
if (sessionToken) {
|
|
140
|
+
credentials.sessionToken = sessionToken;
|
|
141
|
+
}
|
|
142
|
+
|
|
143
|
+
if (!accessKeyId || !secretAccessKey) return null;
|
|
144
|
+
return credentials;
|
|
145
|
+
}
|
|
146
|
+
|
|
147
|
+
/**
|
|
148
|
+
* Retrieves the credentials required for VertexAI authentication from the vault
|
|
149
|
+
* @param candidate - The access candidate requesting the credentials
|
|
150
|
+
* @param modelInfo - The VertexAI model information containing settings
|
|
151
|
+
* @returns Promise resolving to the parsed JSON credentials for VertexAI
|
|
152
|
+
* @throws {Error} If vault connector is unavailable (handled in parent method)
|
|
153
|
+
* @throws {Error} If JSON parsing fails or credentials are malformed
|
|
154
|
+
* @remarks Returns empty credentials if vault access fails
|
|
155
|
+
* @private
|
|
156
|
+
*/
|
|
157
|
+
async function getVertexAICredentials(candidate: AccessCandidate, modelInfo: TCustomLLMModel): Promise<any> {
|
|
158
|
+
const jsonCredentialsName = (modelInfo.settings as TVertexAISettings)?.jsonCredentialsName;
|
|
159
|
+
|
|
160
|
+
const vaultConnector = ConnectorService.getVaultConnector();
|
|
161
|
+
|
|
162
|
+
let jsonCredentials = await vaultConnector
|
|
163
|
+
.requester(candidate)
|
|
164
|
+
.get(jsonCredentialsName)
|
|
165
|
+
.catch(() => '');
|
|
166
|
+
|
|
167
|
+
const credentials = JSON.parse(jsonCredentials);
|
|
168
|
+
|
|
169
|
+
if (!credentials) return null;
|
|
170
|
+
return { ...credentials, isUserKey: true };
|
|
171
|
+
}
|