o ưib@srddlZddlmZmZddlmZmZmZddlm Z ddl m Z m Z m Z mZmZddlmZGdd d ZdS) N)ListOptional) HTTPExceptionRequeststatus)verbose_proxy_logger)CommonProxyErrorsLiteLLM_UserTable LiteLLMRoutesLitellmUserRolesUserAPIKeyAuth)_user_is_org_adminc @seZdZededefddZedededefddZededefd d Z ed e e dedd fd dZ ed e e de e dedededef ddZedefddZededefddZededefddZededefddZededefddZedededefdd Zededefd!d"Zedededefd#d$Zeded%edefd&d'Zeded(eedefd)d*Zeded+edefd,d-Zededefd.d/Zededefd0d1Zededededd fd2d3Zd S)4 RouteChecksroute valid_tokenc Cs\zddlm}|j|dWnty}z|d}~wty$Ynwtj||ddS)zK Check if management route is disabled and raise exception r)EnterpriseRouteChecksrN)rrT)Z*litellm_enterprise.proxy.auth.route_checksrshould_call_router Exceptionr$is_virtual_key_allowed_to_call_route)rrrerV/home/app/Keep/.python/lib/python3.10/site-packages/litellm/proxy/auth/route_checks.pyrs  zRouteChecks.should_call_routereturncCs|jdurdSt|jtsdSt|jdkrdS|jD] }tj||dr'dSqtdd|jDr^|jD](}|tjvr]tj |tj |j drJdS|dkr]dd l m }|j|d r]dSq5|jD] }tj||d rmdSqattjd |jd |d)zR Raises Exception if Virtual Key is not allowed to call the route NTrr allowed_routecss|]}|tjvVqdS)N)r _member_names_.0rrrr ?s  zCRouteChecks.is_virtual_key_allowed_to_call_route..rallowed_routesZllm_api_routes)InitPassThroughEndpointHelpersrrpatternzLVirtual key is not allowed to call this route. Only allowed to call routes: z. Tried to call route:  status_codedetail)r" isinstancelistlenr_route_matches_allowed_routeanyr rcheck_route_access _member_map_valueZ;litellm.proxy.pass_through_endpoints.pass_through_endpointsr#Z is_registered_pass_through_route_route_matches_wildcard_patternrrHTTP_403_FORBIDDEN)rrrr#rrrr'sN        z0RouteChecks.is_virtual_key_allowed_to_call_routeuser_idcCs8ddlm}|rt|dkrdS|dddd}||S) z Mask user_id to prevent leaking sensitive information in error messages Args: user_id (str): The user_id to mask Returns: str: Masked user_id showing only first 2 and last 2 characters r)SensitiveDataMaskerz****)Zvisible_prefixZvisible_suffixZ mask_char)Z0litellm.litellm_core_utils.sensitive_data_maskerr4r+Z _mask_value)r3r4Zmaskerrrr _mask_user_idds  zRouteChecks._mask_user_iduser_objNcCsHd}d}|dur|jp d}|jpd}t|}td|d|d|)a' Raise exception for routes that require proxy admin access Args: user_obj (Optional[LiteLLM_UserTable]): The user object route (str): The route being accessed Raises: Exception: With user role and masked user_id information unknownNz^Only proxy admin can be used to generate, delete, update info for new keys/users/teams. Route=z . Your role=z. Your user_id=) user_roler3rr9r)r:rr<r3Zmasked_user_idrrr!_raise_admin_only_route_exceptionys   z-RouteChecks._raise_admin_only_route_exception _user_rolerequest request_datac Cstj|dtj|drd Stj|drX|dkrd S|dkrI|j}|d}td|d|j|rE||jkrGt t j d ||jdd Sd S|d krOd S|d krV d Sd S|t jjvrpt|d d d urpd t|d gvrpd S|tjjkrtj|||dd S|tjjkrtj|t jjdrd St||drtj|t jjdrd S|tjjkrtj|t jjdrd Stj|t jjdrd S|ds|drd Stj||drd S|jd urd}|jD]} tj|| drd}n tj || drd}nq|stj!||dd Sd Stj!||dd S)zO Checks if Non Proxy Admin User is allowed to access the route rz /key/infoz /user/infor3z user_id: z & valid_token.user_id: zHkey not allowed to access this user's info. user_id={}, key's user_id={}r&z /model/infoz /team/infoZ permissionsNZget_spend_routes)rr>r@r!)r@Z user_objectz/v1/mcp/z /mcp-rest/)ruser_api_key_dictFrTr$)r:r)"rcustom_admin_only_route_checkis_llm_api_route is_info_route query_paramsgetrdebugr3rrr2formatr global_spend_tracking_routesr0getattrr ZPROXY_ADMIN_VIEW_ONLY _check_proxy_admin_viewer_accessZ INTERNAL_USERr.Zinternal_user_routesrZorg_admin_allowed_routesZINTERNAL_USER_VIEW_ONLYZinternal_user_view_only_routesZself_managed_routes startswithcheck_passthrough_route_accessr"r,r1r=) r:r>rr?rr@rEr3Z route_allowedrrrr$non_proxy_admin_allowed_routes_checks           z0RouteChecks.non_proxy_admin_allowed_routes_checkcCs^ddlm}m}d|vr-|durtdtjjdS||dvr-tt j d|dddS) Nr)general_settings premium_userZadmin_only_routesTzFTrying to use 'admin_only_routes' this is an Enterprise only feature. z-user not allowed to access this route. Route=z is an admin only router&) Zlitellm.proxy.proxy_serverrOrPrerrorrZnot_premium_userr0rrr2)rrOrPrrrrBs   z)RouteChecks.custom_admin_only_route_checkcCsHt|tsdS|tjjvrdS|tjjvrdS|tjjvrdStj|tj jdr*dStj|tj jdr5dS|tj jvr=dStjjD] }d|vrQtj ||drQdStj |dratj||dradSqAtjjD]}d|vrvtj ||drvdSqftjjD]}d|vrtj ||drdSq{tj|drdStjjD] }||vrdSqdS)z Helper to checks if provided route is an OpenAI route Returns: - True: if route is an OpenAI route - False: if route is not an OpenAI route FTr!{r$r%r)r)strr Z openai_routesr0Zanthropic_routesZ google_routesrr.Z mcp_routesZ agent_routesZlitellm_native_routes_route_matches_pattern_is_wildcard_patternr1_is_azure_openai_routeZmapped_pass_through_routes)rZ openai_routeZ google_routeZanthropic_routeZ_llm_passthrough_routerrrrCsf           zRouteChecks.is_llm_api_routecC |tjjvS)z6 Check if route is a management route )r management_routesr0rrrris_management_routea zRouteChecks.is_management_routecCrX)z1 Check if route is an info route )r Z info_routesr0rrrrrDhr[zRouteChecks.is_info_routecCs6t|tsdSd}d}t||st||rdSdS)z Check if route is a route from AzureOpenAI SDK client eg. route='/openai/deployments/vertex_ai/gemini-1.5-flash/chat/completions' Fz2^/openai/deployments/[^/]+/[^/]+/chat/completions$z!^/engines/[^/]+/chat/completions$T)r)rTrematch)rZdeployment_patternZengine_patternrrrrWos z"RouteChecks._is_azure_openai_router%cCsPt|tsdSdtjdtfdd}td||}d|d}t||r&d SdS) a Check if route matches the pattern placed in proxy/_types.py Example: - pattern: "/threads/{thread_id}" - route: "/threads/thread_49EIN5QF32s4mH20M7GFKdlZ" - returns: True - pattern: "/key/{token_id}/regenerate" - route: "/key/regenerate/82akk800000000jjsk" - returns: False, pattern is "/key/{token_id}/regenerate" Fr]rcSs"|dd}|drdSdS)Nrz{}z:pathz[^:]+z[^/]+)groupstripendswith)r] placeholderrrr_placeholder_to_regexs zARouteChecks._route_matches_pattern.._placeholder_to_regexz \{[^}]+\}^$T)r)rTr\Matchsubr])rr%rbrrrrUs   z"RouteChecks._route_matches_patterncCs |dS)z8 Check if pattern is a wildcard pattern r8)r`rSrrrrVs z RouteChecks._is_wildcard_patterncCs(|dr|dd}||S||kS)aY Check if route matches the wildcard pattern eg. pattern: "/scim/v2/*" route: "/scim/v2/Users" - returns: True pattern: "/scim/v2/*" route: "/chat/completions" - returns: False pattern: "/scim/v2/*" route: "/scim/v2/Users/123" - returns: True r8N)r`rL)rr%prefixrrrr1s   z+RouteChecks._route_matches_wildcard_patternrcCs"||krdS||drdSdS)a Check if route matches the allowed_route pattern. Supports both exact match and prefix match. Examples: - allowed_route="/fake-openai-proxy-6", route="/fake-openai-proxy-6" -> True (exact match) - allowed_route="/fake-openai-proxy-6", route="/fake-openai-proxy-6/v1/chat/completions" -> True (prefix match) - allowed_route="/fake-openai-proxy-6", route="/fake-openai-proxy-600" -> False (not a valid prefix) Args: route: The actual route being accessed allowed_route: The allowed route pattern Returns: bool: True if route matches (exact or prefix), False otherwise T/F)rLrrrrr,s z(RouteChecks._route_matches_allowed_router"csV|vrdSdd|D}|D] }tj|drdSqtfdd|Dr)dSdS)a% Check if a route has access by checking both exact matches and patterns Args: route (str): The route to check allowed_routes (list): List of allowed routes/patterns Returns: bool: True if route is allowed, False otherwise TcSsg|] }tj|dr|qS)rS)rrV)rrrrr s  z2RouteChecks.check_route_access..r$c3s|] }tj|dVqdS)r$N)rrUrrrrr s  z1RouteChecks.check_route_access..F)rr1r-)rr"Zwildcard_allowed_routesrrrrr.s  zRouteChecks.check_route_accessrAcCs|j}|jpi}|dur|durdSd|vrd|vrdS|ddur,|ddur,dS|dp7|dp7g}|D] }tj||drFdSq:dS)zl Check if route is a passthrough route. Supports both exact match and prefix match. NFallowed_passthrough_routesrT)metadata team_metadatarFrr,)rrArlrmrkrrrrrMs,  z*RouteChecks.check_passthrough_route_accesscCs d|jjvs d|jjvrdSdS)z Returns True if `thread` or `assistant` is in the request path Args: request (Request): The request object Returns: bool: True if `thread` or `assistant` is in the request path, False otherwise threadZ assistantTF)urlpath)r?rrr_is_assistants_api_request6s z&RouteChecks._is_assistants_api_requestcCsd|vrdSd|vr dSdS)z Returns True if this is a google generateContent or streamGenerateContent route These routes from google allow passing key=api_key in the query params ZgenerateContentTZstreamGenerateContentFrrrrris_generate_content_routeEs z%RouteChecks.is_generate_content_routec Cs tj|drttjd|dtj|tjjdrc|dkrF|durDt |t rD| }|D]}|dvrCttjd|d |d |d dq,dS|d vsT| d ra| drattjd|d |ddStj|tjjdrndStj|tjjdrydSttjd|d |d)z= Check access for PROXY_ADMIN_VIEW_ONLY role rz5user not allowed to access this OpenAI routes, role= r&r!z /user/updateN)Z user_emailpasswordz-user not allowed to access this route, role= z. Trying to access: z and updating invalid param: z-. only user_email and password can be updated)z /user/newz /user/deletez /team/newz /team/updatez /team/deletez /model/newz /model/updatez /model/deletez /key/generatez /key/deletez /key/updatez/key/regeneratez/key/service-account/generatez /key/blockz /key/unblockz/key/z /regenerate)rrCrrr2r.r rYr0r)dictkeysrLr`Zadmin_viewer_routesrI)rr>r@Z_params_updatedparamrrrrKRsV !z,RouteChecks._check_proxy_admin_viewer_access) __name__ __module__ __qualname__ staticmethodrTr rboolrr9rr r=r rrtrNrBrCrZrDrWrUrVr1r,rr.rMrqrrrKrrrrrs <  oL . % r)r\typingrrZfastapirrrZlitellm._loggingrZlitellm.proxy._typesrr r r r Zauth_checks_organizationrrrrrrs