mirror of
https://github.com/danny-avila/LibreChat.git
synced 2026-07-03 04:42:11 +00:00
* Remote Agent Auth middleware * consider migration and update user * fix eslint errors * add scope validation * fix codex review errors * add filter for use: sig * add jwks-rsa deps * Fix remote agent OIDC auth review findings * Polish remote agent OIDC timeout coverage * Reject remote OIDC tokens without subject * Use tenant context for remote agent auth config * Harden remote agent OIDC scope handling * Polish remote agent OIDC cache and scope tests * Resolve remote agent auth review comments * Reuse OpenID email claim resolver for remote auth * Skip empty OpenID email fallback claims * Use pre-auth tenant context for remote auth config * Downgrade expected OIDC fallback logging * Require secure remote OIDC endpoints * Polish remote agent auth edge cases * Enforce unique balance records * Bind remote OpenID users to issuer * Fix issuer-scoped OpenID indexes * Avoid unique balance index requirement * Fix remote OpenID issuer normalization boundaries * Require issuer-bound OpenID lookups * Enforce tenant API key policy after auth * Fix remote auth tenant policy types * Normalize remote OIDC discovery issuer * Allow normalized remote OIDC issuer validation * Enforce resolved tenant OIDC policy * Polish OpenID issuer and scope validation --------- Co-authored-by: Danny Avila <danny@librechat.ai>
91 lines
2.4 KiB
JavaScript
91 lines
2.4 KiB
JavaScript
/**
|
|
* OpenAI-compatible API routes for LibreChat agents.
|
|
*
|
|
* Provides a /v1/chat/completions compatible interface for
|
|
* interacting with LibreChat agents remotely via API.
|
|
*
|
|
* Usage:
|
|
* POST /v1/chat/completions - Chat with an agent
|
|
* GET /v1/models - List available agents
|
|
* GET /v1/models/:model - Get agent details
|
|
*
|
|
* Request format:
|
|
* {
|
|
* "model": "agent_id_here",
|
|
* "messages": [{"role": "user", "content": "Hello!"}],
|
|
* "stream": true
|
|
* }
|
|
*/
|
|
const express = require('express');
|
|
const {
|
|
OpenAIChatCompletionController,
|
|
ListModelsController,
|
|
GetModelController,
|
|
} = require('~/server/controllers/agents/openai');
|
|
const { configMiddleware } = require('~/server/middleware');
|
|
const {
|
|
checkAgentPermission,
|
|
preAuthTenantMiddleware,
|
|
requireRemoteAgentAuth,
|
|
checkRemoteAgentsFeature,
|
|
} = require('./middleware');
|
|
|
|
const router = express.Router();
|
|
|
|
router.use(preAuthTenantMiddleware);
|
|
router.use(requireRemoteAgentAuth);
|
|
router.use(configMiddleware);
|
|
router.use(checkRemoteAgentsFeature);
|
|
|
|
/**
|
|
* @route POST /v1/chat/completions
|
|
* @desc OpenAI-compatible chat completions with agents
|
|
* @access Private (API key auth required)
|
|
*
|
|
* Request body:
|
|
* {
|
|
* "model": "agent_id", // Required: The agent ID to use
|
|
* "messages": [...], // Required: Array of chat messages
|
|
* "stream": true, // Optional: Whether to stream (default: false)
|
|
* "conversation_id": "...", // Optional: Conversation ID for context
|
|
* "parent_message_id": "..." // Optional: Parent message for threading
|
|
* }
|
|
*
|
|
* Response (streaming):
|
|
* - SSE stream with OpenAI chat.completion.chunk format
|
|
* - Includes delta.reasoning for thinking/reasoning content
|
|
*
|
|
* Response (non-streaming):
|
|
* - Standard OpenAI chat.completion format
|
|
*/
|
|
router.post('/chat/completions', checkAgentPermission, OpenAIChatCompletionController);
|
|
|
|
/**
|
|
* @route GET /v1/models
|
|
* @desc List available agents as models
|
|
* @access Private (API key auth required)
|
|
*
|
|
* Response:
|
|
* {
|
|
* "object": "list",
|
|
* "data": [
|
|
* {
|
|
* "id": "agent_id",
|
|
* "object": "model",
|
|
* "name": "Agent Name",
|
|
* "provider": "openai",
|
|
* ...
|
|
* }
|
|
* ]
|
|
* }
|
|
*/
|
|
router.get('/models', ListModelsController);
|
|
|
|
/**
|
|
* @route GET /v1/models/:model
|
|
* @desc Get details for a specific agent/model
|
|
* @access Private (API key auth required)
|
|
*/
|
|
router.get('/models/:model', GetModelController);
|
|
|
|
module.exports = router;
|