Documentation
¶
Index ¶
- Variables
- func IsHTTPError(statusCode int) bool
- type APIKeyAuth
- type AWSAuth
- type AuthType
- type AzureAuth
- type AzureCredentialMode
- type BackendError
- type EmbeddingConfig
- type HealthChecks
- type LLMTarget
- type ListFilter
- type MCPAuth
- type MCPAuthMode
- type MCPClientRegistration
- type MCPExchangePattern
- type MCPTarget
- type MCPTransport
- type Registries
- type Registry
- type RehydrateParams
- type Repository
- type TargetAuth
- type TargetOAuthConfig
- type Type
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrNotFound = fmt.Errorf("registry: %w", commonerrors.ErrNotFound) ErrAlreadyExists = fmt.Errorf("registry: %w", commonerrors.ErrAlreadyExists) ErrHasDependents = fmt.Errorf("registry: %w", commonerrors.ErrHasDependents) ErrInvalidGatewayID = fmt.Errorf("registry: invalid gateway_id: %w", commonerrors.ErrValidation) ErrInvalidRegistryID = fmt.Errorf("registry: invalid registry_id: %w", commonerrors.ErrValidation) ErrInvalidEmbeddingConfig = fmt.Errorf("registry: invalid embedding config: %w", commonerrors.ErrValidation) ErrInvalidRegistry = fmt.Errorf("registry: invalid backend: %w", commonerrors.ErrValidation) ErrInvalidHealthChecks = fmt.Errorf("registry: invalid health checks: %w", commonerrors.ErrValidation) ErrInvalidMCPTarget = fmt.Errorf("registry: invalid mcp target: %w", commonerrors.ErrValidation) )
View Source
var ErrCredentialAcquisition = errors.New("provider credential acquisition failed")
Functions ¶
func IsHTTPError ¶
Types ¶
type APIKeyAuth ¶
type APIKeyAuth struct {
APIKey string `json:"api_key,omitempty"` // #nosec G117 -- upstream credential
HeaderName string `json:"header_name,omitempty"`
HeaderValue string `json:"header_value,omitempty"`
ParamName string `json:"param_name,omitempty"`
ParamValue string `json:"param_value,omitempty"`
ParamLocation string `json:"param_location,omitempty"`
}
type AWSAuth ¶
type AWSAuth struct {
AccessKeyID string `json:"access_key_id,omitempty"`
SecretAccessKey string `json:"secret_access_key,omitempty"` // #nosec G117 -- AWS secret
Region string `json:"region,omitempty"`
SessionToken string `json:"session_token,omitempty"` // #nosec G117 -- AWS session token
Role string `json:"role,omitempty"`
UseRole bool `json:"use_role,omitempty"`
}
type AzureAuth ¶
type AzureAuth struct {
UseManagedIdentity bool `json:"use_managed_identity,omitempty"`
Endpoint string `json:"endpoint,omitempty"`
Version string `json:"version,omitempty"`
APIKey string `json:"api_key,omitempty"` // #nosec G117 -- Azure OpenAI api-key credential
ClientID string `json:"client_id,omitempty"`
ClientSecret string `json:"client_secret,omitempty"` // #nosec G117 -- Azure client secret
TenantID string `json:"tenant_id,omitempty"`
}
func (*AzureAuth) CredentialMode ¶
func (a *AzureAuth) CredentialMode() (AzureCredentialMode, error)
func (*AzureAuth) ResolveSecretsFrom ¶
type AzureCredentialMode ¶
type AzureCredentialMode string
const ( AzureCredentialModeAPIKey AzureCredentialMode = "api_key" AzureCredentialModeServicePrincipal AzureCredentialMode = "service_principal" AzureCredentialModeDefaultAzureCredential AzureCredentialMode = "default_azure_credential" // #nosec G101 -- auth mode identifier, not a credential value )
type BackendError ¶
BackendError represents a non-2xx response received from a backend target (the upstream LLM provider). It carries the status code and raw body so the proxy can relay the backend's error to the client verbatim.
func IsBackendError ¶
func IsBackendError(err error) (*BackendError, bool)
func NewBackendError ¶
func NewBackendError(statusCode int, body []byte) *BackendError
func NewBackendHTTPError ¶
func NewBackendHTTPError(statusCode int, body []byte, headers http.Header) *BackendError
func (*BackendError) Error ¶
func (e *BackendError) Error() string
func (*BackendError) PassthroughHeaders ¶
func (e *BackendError) PassthroughHeaders() map[string][]string
type EmbeddingConfig ¶
type EmbeddingConfig struct {
Provider string `json:"provider"`
Model string `json:"model"`
Auth *APIKeyAuth `json:"auth,omitempty"`
}
func (*EmbeddingConfig) ResolveSecretsFrom ¶
func (e *EmbeddingConfig) ResolveSecretsFrom(prev *EmbeddingConfig)
func (*EmbeddingConfig) Scan ¶
func (e *EmbeddingConfig) Scan(value interface{}) error
func (*EmbeddingConfig) Validate ¶
func (e *EmbeddingConfig) Validate() error
type HealthChecks ¶
type HealthChecks struct {
Passive bool `json:"passive"`
Path string `json:"path,omitempty"`
Headers map[string]string `json:"headers,omitempty"`
Threshold int `json:"threshold"`
Interval int `json:"interval"`
}
func (*HealthChecks) Scan ¶
func (h *HealthChecks) Scan(value interface{}) error
func (*HealthChecks) Validate ¶
func (h *HealthChecks) Validate() error
type LLMTarget ¶
type LLMTarget struct {
Provider string `json:"provider"`
ProviderOptions map[string]any `json:"provider_options,omitempty"`
Auth *TargetAuth `json:"auth,omitempty"`
HealthChecks *HealthChecks `json:"health_checks,omitempty"`
}
func (*LLMTarget) ResolveSecretsFrom ¶
type ListFilter ¶
type MCPAuth ¶
type MCPAuth struct {
Mode MCPAuthMode `json:"mode"`
Header string `json:"header,omitempty"`
Value string `json:"value,omitempty"` // #nosec G117 -- upstream credential
ExpectedAudience string `json:"expected_audience,omitempty"`
Pattern MCPExchangePattern `json:"pattern,omitempty"`
Audience string `json:"audience,omitempty"`
Scope string `json:"scope,omitempty"`
Actor string `json:"actor,omitempty"`
Provider string `json:"provider,omitempty"`
Registration MCPClientRegistration `json:"registration,omitempty"`
ClientID string `json:"client_id,omitempty"`
ClientSecret string `json:"client_secret,omitempty"`
AuthorizeURL string `json:"authorize_url,omitempty"`
TokenURL string `json:"token_url,omitempty"`
Scopes []string `json:"scopes,omitempty"`
Resource string `json:"resource,omitempty"`
}
type MCPAuthMode ¶
type MCPAuthMode string
const ( MCPAuthModeNone MCPAuthMode = "none" MCPAuthModeStatic MCPAuthMode = "static" MCPAuthModePassthrough MCPAuthMode = "passthrough" MCPAuthModeExchange MCPAuthMode = "exchange" MCPAuthModeForwarded MCPAuthMode = "forwarded" )
type MCPClientRegistration ¶
type MCPClientRegistration string
const ( RegistrationManual MCPClientRegistration = "manual" RegistrationAuto MCPClientRegistration = "auto" )
type MCPExchangePattern ¶
type MCPExchangePattern string
const ( ExchangeImpersonation MCPExchangePattern = "impersonation" ExchangeDelegation MCPExchangePattern = "delegation" ExchangeOBO MCPExchangePattern = "obo" ExchangeTokenExchange MCPExchangePattern = "token_exchange" )
type MCPTarget ¶
type MCPTarget struct {
// Code is the catalog entry this connection was created from (the MCP
// catalog's stable server code, e.g. "com.asana/mcp"). It is the canonical
// join key the UI uses to tell whether a catalog server is already
// connected, mirroring how an LLM registry stores its provider code. Empty
// for custom servers added by raw URL.
Code string `json:"code,omitempty"`
URL string `json:"url"`
Transport MCPTransport `json:"transport,omitempty"`
Headers map[string]string `json:"headers,omitempty"`
Auth *MCPAuth `json:"auth,omitempty"`
}
func (*MCPTarget) ResolveSecretsFrom ¶
type MCPTransport ¶
type MCPTransport string
const MCPTransportStreamableHTTP MCPTransport = "streamable-http"
type Registries ¶
type Registries []ids.RegistryID
func (Registries) Attach ¶
func (b Registries) Attach(id ids.RegistryID) (Registries, bool)
func (Registries) Contains ¶
func (b Registries) Contains(id ids.RegistryID) bool
func (Registries) Detach ¶
func (b Registries) Detach(id ids.RegistryID) (Registries, bool)
func (Registries) Validate ¶
func (b Registries) Validate() error
type Registry ¶
type Registry struct {
ID ids.RegistryID `json:"id"`
GatewayID ids.GatewayID `json:"gateway_id"`
Name string `json:"name"`
Type Type `json:"type"`
Enabled bool `json:"enabled"`
Description string `json:"description,omitempty"`
LLMTarget *LLMTarget `json:"llm_target,omitempty"`
MCPTarget *MCPTarget `json:"mcp_target,omitempty"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
func NewLLMRegistry ¶
func NewMCPRegistry ¶
func Rehydrate ¶
func Rehydrate(params RehydrateParams) *Registry
func (*Registry) Auth ¶
func (b *Registry) Auth() *TargetAuth
func (*Registry) HealthChecks ¶
func (b *Registry) HealthChecks() *HealthChecks
func (*Registry) ProviderOptions ¶
type RehydrateParams ¶
type Repository ¶
type Repository interface {
Save(ctx context.Context, b *Registry) error
Update(ctx context.Context, b *Registry) error
Delete(ctx context.Context, gatewayID ids.GatewayID, id ids.RegistryID) error
FindByID(ctx context.Context, id ids.RegistryID) (*Registry, error)
FindByIDs(ctx context.Context, gatewayID ids.GatewayID, registryIDs []ids.RegistryID) ([]*Registry, error)
List(ctx context.Context, filter ListFilter) (items []*Registry, total int, err error)
}
type TargetAuth ¶
type TargetAuth struct {
Type AuthType `json:"type"`
APIKey *APIKeyAuth `json:"api_key,omitempty"`
Azure *AzureAuth `json:"azure,omitempty"`
AWS *AWSAuth `json:"aws,omitempty"`
OAuth *TargetOAuthConfig `json:"oauth,omitempty"`
GCPServiceAccount *string `json:"gcp_service_account,omitempty"`
}
func NewAPIKeyAuth ¶
func NewAPIKeyAuth(apiKey string) *TargetAuth
func NewGCPServiceAccountAuth ¶
func NewGCPServiceAccountAuth(encryptedSA string) *TargetAuth
func NewOAuth2Auth ¶
func NewOAuth2Auth(config *TargetOAuthConfig) *TargetAuth
func (*TargetAuth) ProviderCredentials ¶
func (a *TargetAuth) ProviderCredentials() providers.Credentials
func (*TargetAuth) ResolveSecretsFrom ¶
func (a *TargetAuth) ResolveSecretsFrom(prev *TargetAuth)
func (*TargetAuth) Validate ¶
func (a *TargetAuth) Validate() error
type TargetOAuthConfig ¶
type TargetOAuthConfig struct {
TokenURL string `json:"token_url"`
GrantType string `json:"grant_type"`
ClientID string `json:"client_id,omitempty"`
ClientSecret string `json:"client_secret,omitempty"` // #nosec G117 -- OAuth client credentials flow
UseBasicAuth bool `json:"use_basic_auth,omitempty"`
Scopes []string `json:"scopes,omitempty"`
Audience string `json:"audience,omitempty"`
Code string `json:"code,omitempty"`
RedirectURI string `json:"redirect_uri,omitempty"`
CodeVerifier string `json:"code_verifier,omitempty"`
RefreshToken string `json:"refresh_token,omitempty"` // #nosec G117 -- OAuth refresh token flow
Username string `json:"username,omitempty"`
Password string `json:"password,omitempty"` // #nosec G117 -- OAuth password grant
Extra map[string]string `json:"extra,omitempty"`
}
Source Files
¶
Click to show internal directories.
Click to hide internal directories.