GithubProxy/ChatGPT-Next-Web
1
0
Fork 1
mirror of https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web.git synced 2025-05-24 14:40:22 +09:00
Code Issues Packages Projects Releases Wiki Activity

去掉sdk的引入,客户端也能直连

Browse Source
This commit is contained in:
glay 2024-11-20 15:25:36 +08:00
parent 9d3f1d2529
commit f60c237b16
9 changed files with 643 additions and 601 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

441
app/api/bedrock.ts
View File

@ -1,131 +1,186 @@
import { getServerSideConfig } from "../config/server";
import { prettyObject } from "../utils/format";
import { NextRequest, NextResponse } from "next/server"; import { NextRequest, NextResponse } from "next/server";
import { decrypt } from "../utils/encryption"; import { sign, decrypt } from "../utils/aws";
import {
BedrockRuntimeClient,
ConverseStreamCommand,
ConverseStreamCommandInput,
Message,
ContentBlock,
ConverseStreamOutput,
} from "@aws-sdk/client-bedrock-runtime";
const ALLOWED_PATH = new Set(["converse"]); const ALLOWED_PATH = new Set(["chat", "models"]);
// AWS Credential Validation Function function parseEventData(chunk: Uint8Array): any {
function validateAwsCredentials( const decoder = new TextDecoder();
region: string, const text = decoder.decode(chunk);
accessKeyId: string, try {
secretAccessKey: string, return JSON.parse(text);
): boolean { } catch (e) {
const regionRegex = /^[a-z]{2}-[a-z]+-\d+$/; try {
const accessKeyRegex = /^(AKIA|A3T|ASIA)[A-Z0-9]{16}$/; const base64Match = text.match(/:"([A-Za-z0-9+/=]+)"/);
if (base64Match) {
return ( const decoded = Buffer.from(base64Match[1], "base64").toString("utf-8");
regionRegex.test(region) && return JSON.parse(decoded);
accessKeyRegex.test(accessKeyId) && }
secretAccessKey.length === 40 const eventMatch = text.match(/:event-type[^\{]+({.*})/);
); if (eventMatch) {
return JSON.parse(eventMatch[1]);
}
} catch (innerError) {}
}
return null;
} }
export interface ConverseRequest { async function* transformBedrockStream(stream: ReadableStream) {
modelId: string; const reader = stream.getReader();
messages: { try {
role: "user" | "assistant" | "system"; while (true) {
content: string | any[]; const { done, value } = await reader.read();
}[]; if (done) break;
inferenceConfig?: {
maxTokens?: number; const parsed = parseEventData(value);
temperature?: number; if (parsed) {
topP?: number; if (parsed.type === "content_block_delta") {
stopSequences?: string[]; if (parsed.delta?.type === "text_delta") {
}; yield `data: ${JSON.stringify({
tools?: { delta: { text: parsed.delta.text },
name: string; })}\n\n`;
description?: string; } else if (parsed.delta?.type === "input_json_delta") {
input_schema: any; yield `data: ${JSON.stringify(parsed)}\n\n`;
}[]; }
stream?: boolean; } else if (
parsed.type === "message_delta" &&
parsed.delta?.stop_reason
) {
yield `data: ${JSON.stringify({
delta: { stop_reason: parsed.delta.stop_reason },
})}\n\n`;
} else if (
parsed.type === "content_block_start" &&
parsed.content_block?.type === "tool_use"
) {
yield `data: ${JSON.stringify(parsed)}\n\n`;
} else if (parsed.type === "content_block_stop") {
yield `data: ${JSON.stringify(parsed)}\n\n`;
}
}
}
} finally {
reader.releaseLock();
}
} }
function supportsToolUse(modelId: string): boolean { function validateRequest(body: any, modelId: string): void {
return modelId.toLowerCase().includes("claude-3"); if (!modelId) throw new Error("Model ID is required");
if (modelId.startsWith("anthropic.claude")) {
if (
!body.anthropic_version ||
body.anthropic_version !== "bedrock-2023-05-31"
) {
throw new Error("anthropic_version must be 'bedrock-2023-05-31'");
}
if (typeof body.max_tokens !== "number" || body.max_tokens < 0) {
throw new Error("max_tokens must be a positive number");
}
if (modelId.startsWith("anthropic.claude-3")) {
if (!Array.isArray(body.messages))
throw new Error("messages array is required for Claude 3");
} else if (typeof body.prompt !== "string") {
throw new Error("prompt is required for Claude 2 and earlier");
}
} else if (modelId.startsWith("meta.llama")) {
if (!body.prompt) throw new Error("Llama requires a prompt");
} else if (modelId.startsWith("mistral.mistral")) {
if (!Array.isArray(body.messages))
throw new Error("Mistral requires a messages array");
} else if (modelId.startsWith("amazon.titan")) {
if (!body.inputText) throw new Error("Titan requires inputText");
}
} }
function formatRequestBody( async function requestBedrock(req: NextRequest) {
request: ConverseRequest, const controller = new AbortController();
): ConverseStreamCommandInput { const awsRegion = req.headers.get("X-Region") ?? "";
const messages: Message[] = request.messages.map((msg) => ({ const awsAccessKey = req.headers.get("X-Access-Key") ?? "";
role: msg.role === "system" ? "user" : msg.role, const awsSecretKey = req.headers.get("X-Secret-Key") ?? "";
content: Array.isArray(msg.content) const awsSessionToken = req.headers.get("X-Session-Token");
? msg.content.map((item) => { const modelId = req.headers.get("X-Model-Id") ?? "";
if (item.type === "tool_use") {
return { if (!awsRegion || !awsAccessKey || !awsSecretKey || !modelId) {
toolUse: { throw new Error("Missing required AWS credentials or model ID");
toolUseId: item.id, }
name: item.name,
input: item.input || "{}", const decryptedAccessKey = decrypt(awsAccessKey);
const decryptedSecretKey = decrypt(awsSecretKey);
const decryptedSessionToken = awsSessionToken
? decrypt(awsSessionToken)
: undefined;
if (!decryptedAccessKey || !decryptedSecretKey) {
throw new Error("Failed to decrypt AWS credentials");
}
const endpoint = `https://bedrock-runtime.${awsRegion}.amazonaws.com/model/${modelId}/invoke-with-response-stream`;
const timeoutId = setTimeout(() => controller.abort(), 10 * 60 * 1000);
try {
const bodyText = await req.clone().text();
const bodyJson = JSON.parse(bodyText);
validateRequest(bodyJson, modelId);
const canonicalBody = JSON.stringify(bodyJson);
const headers = await sign({
method: "POST",
url: endpoint,
region: awsRegion,
accessKeyId: decryptedAccessKey,
secretAccessKey: decryptedSecretKey,
sessionToken: decryptedSessionToken,
body: canonicalBody,
service: "bedrock",
});
const res = await fetch(endpoint, {
method: "POST",
headers,
body: canonicalBody,
redirect: "manual",
// @ts-ignore
duplex: "half",
signal: controller.signal,
});
if (!res.ok) {
const error = await res.text();
try {
const errorJson = JSON.parse(error);
throw new Error(errorJson.message || error);
} catch {
throw new Error(error);
}
}
const transformedStream = transformBedrockStream(res.body!);
const stream = new ReadableStream({
async start(controller) {
try {
for await (const chunk of transformedStream) {
controller.enqueue(new TextEncoder().encode(chunk));
}
controller.close();
} catch (err) {
controller.error(err);
}
}, },
} as ContentBlock; });
}
if (item.type === "tool_result") {
return {
toolResult: {
toolUseId: item.tool_use_id,
content: [{ text: item.content || ";" }],
status: "success",
},
} as ContentBlock;
}
if (item.type === "text") {
return { text: item.text || ";" } as ContentBlock;
}
if (item.type === "image") {
return {
image: {
format: item.source.media_type.split("/")[1] as
| "png"
| "jpeg"
| "gif"
| "webp",
source: {
bytes: Uint8Array.from(
Buffer.from(item.source.data, "base64"),
),
},
},
} as ContentBlock;
}
return { text: ";" } as ContentBlock;
})
: [{ text: msg.content || ";" } as ContentBlock],
}));
const input: ConverseStreamCommandInput = { return new Response(stream, {
modelId: request.modelId, headers: {
messages, "Content-Type": "text/event-stream",
...(request.inferenceConfig && { "Cache-Control": "no-cache",
inferenceConfig: request.inferenceConfig, Connection: "keep-alive",
}), "X-Accel-Buffering": "no",
};
if (request.tools?.length && supportsToolUse(request.modelId)) {
input.toolConfig = {
tools: request.tools.map((tool) => ({
toolSpec: {
name: tool.name,
description: tool.description,
inputSchema: {
json: tool.input_schema,
}, },
}, });
})), } catch (e) {
toolChoice: { auto: {} }, throw e;
}; } finally {
clearTimeout(timeoutId);
} }
return input;
} }
export async function handle( export async function handle(
@ -139,166 +194,16 @@ export async function handle(
const subpath = params.path.join("/"); const subpath = params.path.join("/");
if (!ALLOWED_PATH.has(subpath)) { if (!ALLOWED_PATH.has(subpath)) {
return NextResponse.json( return NextResponse.json(
{ error: true, msg: "Path not allowed: " + subpath }, { error: true, msg: "you are not allowed to request " + subpath },
{ status: 403 }, { status: 403 },
); );
} }
const serverConfig = getServerSideConfig();
let region = serverConfig.awsRegion;
let accessKeyId = serverConfig.awsAccessKey;
let secretAccessKey = serverConfig.awsSecretKey;
let sessionToken = undefined;
// Attempt to get credentials from headers if not in server config
if (!region || !accessKeyId || !secretAccessKey) {
region = decrypt(req.headers.get("X-Region") ?? "");
accessKeyId = decrypt(req.headers.get("X-Access-Key") ?? "");
secretAccessKey = decrypt(req.headers.get("X-Secret-Key") ?? "");
sessionToken = req.headers.get("X-Session-Token")
? decrypt(req.headers.get("X-Session-Token") ?? "")
: undefined;
}
// Validate AWS credentials
if (!validateAwsCredentials(region, accessKeyId, secretAccessKey)) {
return NextResponse.json(
{
error: true,
msg: "Invalid AWS credentials. Please check your region, access key, and secret key.",
},
{ status: 401 },
);
}
try { try {
const client = new BedrockRuntimeClient({ return await requestBedrock(req);
region,
credentials: {
accessKeyId,
secretAccessKey,
sessionToken,
},
});
const body = (await req.json()) as ConverseRequest;
const command = new ConverseStreamCommand(formatRequestBody(body));
const response = await client.send(command);
if (!response.stream) {
throw new Error("No stream in response");
}
// If stream is false, accumulate the response and return as JSON
if (body.stream === false) {
let fullResponse = {
content: "",
};
const responseStream =
response.stream as AsyncIterable<ConverseStreamOutput>;
for await (const event of responseStream) {
if (
"contentBlockDelta" in event &&
event.contentBlockDelta?.delta &&
"text" in event.contentBlockDelta.delta &&
event.contentBlockDelta.delta.text
) {
fullResponse.content += event.contentBlockDelta.delta.text;
}
}
return NextResponse.json(fullResponse);
}
// Otherwise, return streaming response
const stream = new ReadableStream({
async start(controller) {
try {
const responseStream =
response.stream as AsyncIterable<ConverseStreamOutput>;
for await (const event of responseStream) {
if (
"contentBlockStart" in event &&
event.contentBlockStart?.start?.toolUse &&
event.contentBlockStart.contentBlockIndex !== undefined
) {
controller.enqueue(
`data: ${JSON.stringify({
type: "content_block",
content_block: {
type: "tool_use",
id: event.contentBlockStart.start.toolUse.toolUseId,
name: event.contentBlockStart.start.toolUse.name,
},
index: event.contentBlockStart.contentBlockIndex,
})}\n\n`,
);
} else if (
"contentBlockDelta" in event &&
event.contentBlockDelta?.delta &&
event.contentBlockDelta.contentBlockIndex !== undefined
) {
const delta = event.contentBlockDelta.delta;
if ("text" in delta && delta.text) {
controller.enqueue(
`data: ${JSON.stringify({
type: "content_block_delta",
delta: {
type: "text_delta",
text: delta.text,
},
index: event.contentBlockDelta.contentBlockIndex,
})}\n\n`,
);
} else if ("toolUse" in delta && delta.toolUse?.input) {
controller.enqueue(
`data: ${JSON.stringify({
type: "content_block_delta",
delta: {
type: "input_json_delta",
partial_json: delta.toolUse.input,
},
index: event.contentBlockDelta.contentBlockIndex,
})}\n\n`,
);
}
} else if (
"contentBlockStop" in event &&
event.contentBlockStop?.contentBlockIndex !== undefined
) {
controller.enqueue(
`data: ${JSON.stringify({
type: "content_block_stop",
index: event.contentBlockStop.contentBlockIndex,
})}\n\n`,
);
}
}
controller.close();
} catch (error) {
console.error("[Bedrock] Stream error:", error);
controller.error(error);
}
},
});
return new Response(stream, {
headers: {
"Content-Type": "text/event-stream",
"Cache-Control": "no-cache",
Connection: "keep-alive",
},
});
} catch (e) { } catch (e) {
console.error("[Bedrock] Error:", e);
return NextResponse.json( return NextResponse.json(
{ { error: true, msg: e instanceof Error ? e.message : "Unknown error" },
error: true,
message: e instanceof Error ? e.message : "Unknown error",
details: prettyObject(e),
},
{ status: 500 }, { status: 500 },
); );
} }

2
app/client/api.ts
View File

@ -23,7 +23,7 @@ import { SparkApi } from "./platforms/iflytek";
import { XAIApi } from "./platforms/xai"; import { XAIApi } from "./platforms/xai";
import { ChatGLMApi } from "./platforms/glm"; import { ChatGLMApi } from "./platforms/glm";
import { BedrockApi } from "./platforms/bedrock"; import { BedrockApi } from "./platforms/bedrock";
import { encrypt } from "../utils/encryption"; import { encrypt } from "../utils/aws";
export const ROLES = ["system", "user", "assistant"] as const; export const ROLES = ["system", "user", "assistant"] as const;
export type MessageRole = (typeof ROLES)[number]; export type MessageRole = (typeof ROLES)[number];

292
app/client/platforms/bedrock.ts
View File

@ -1,30 +1,13 @@
import { ApiPath } from "../../constant"; import { ChatOptions, LLMApi, SpeechOptions } from "../api";
import { ChatOptions, getHeaders, LLMApi, SpeechOptions } from "../api";
import { import {
useAppConfig, useAppConfig,
usePluginStore, usePluginStore,
useChatStore, useChatStore,
useAccessStore,
ChatMessageTool, ChatMessageTool,
} from "../../store"; } from "../../store";
import { getMessageTextContent, isVisionModel } from "../../utils";
import { fetch } from "../../utils/stream";
import { preProcessImageContent, stream } from "../../utils/chat"; import { preProcessImageContent, stream } from "../../utils/chat";
import { RequestPayload } from "./openai"; import { getMessageTextContent, isVisionModel } from "../../utils";
export type MultiBlockContent = {
type: "image" | "text";
source?: {
type: string;
media_type: string;
data: string;
};
text?: string;
};
export type AnthropicMessage = {
role: (typeof ClaudeMapper)[keyof typeof ClaudeMapper];
content: string | MultiBlockContent[];
};
const ClaudeMapper = { const ClaudeMapper = {
assistant: "assistant", assistant: "assistant",
@ -32,62 +15,52 @@ const ClaudeMapper = {
system: "user", system: "user",
} as const; } as const;
interface ToolDefinition {
function?: {
name: string;
description?: string;
parameters?: any;
};
}
export class BedrockApi implements LLMApi { export class BedrockApi implements LLMApi {
speech(options: SpeechOptions): Promise<ArrayBuffer> { speech(options: SpeechOptions): Promise<ArrayBuffer> {
throw new Error("Speech not implemented for Bedrock."); throw new Error("Speech not implemented for Bedrock.");
} }
extractMessage(res: any) { extractMessage(res: any) {
console.log("[Response] Bedrock not stream response: ", res); if (res?.content?.[0]?.text) return res.content[0].text;
if (res.error) { if (res?.messages?.[0]?.content?.[0]?.text)
return "```\n" + JSON.stringify(res, null, 4) + "\n```"; return res.messages[0].content[0].text;
} if (res?.delta?.text) return res.delta.text;
return res?.content ?? res; return "";
} }
async chat(options: ChatOptions): Promise<void> { async chat(options: ChatOptions) {
const visionModel = isVisionModel(options.config.model); const visionModel = isVisionModel(options.config.model);
const shouldStream = !!options.config.stream; const isClaude3 = options.config.model.startsWith("anthropic.claude-3");
const modelConfig = { const modelConfig = {
...useAppConfig.getState().modelConfig, ...useAppConfig.getState().modelConfig,
...useChatStore.getState().currentSession().mask.modelConfig, ...useChatStore.getState().currentSession().mask.modelConfig,
...{
model: options.config.model, model: options.config.model,
},
}; };
// try get base64image from local cache image_url let systemMessage = "";
const messages: ChatOptions["messages"] = []; const messages = [];
for (const v of options.messages) { for (const msg of options.messages) {
const content = await preProcessImageContent(v.content); const content = await preProcessImageContent(msg.content);
messages.push({ role: v.role, content }); if (msg.role === "system") {
} systemMessage = getMessageTextContent(msg);
} else {
const keys = ["system", "user"]; messages.push({ role: msg.role, content });
// roles must alternate between "user" and "assistant" in claude, so add a fake assistant message between two user messages
for (let i = 0; i < messages.length - 1; i++) {
const message = messages[i];
const nextMessage = messages[i + 1];
if (keys.includes(message.role) && keys.includes(nextMessage.role)) {
messages[i] = [
message,
{
role: "assistant",
content: ";",
},
] as any;
} }
} }
const prompt = messages const formattedMessages = messages
.flat() .filter(
.filter((v) => { (v) => v.content && (typeof v.content !== "string" || v.content.trim()),
if (!v.content) return false; )
if (typeof v.content === "string" && !v.content.trim()) return false;
return true;
})
.map((v) => { .map((v) => {
const { role, content } = v; const { role, content } = v;
const insideRole = ClaudeMapper[role] ?? "user"; const insideRole = ClaudeMapper[role] ?? "user";
@ -95,144 +68,154 @@ export class BedrockApi implements LLMApi {
if (!visionModel || typeof content === "string") { if (!visionModel || typeof content === "string") {
return { return {
role: insideRole, role: insideRole,
content: getMessageTextContent(v), content: [{ type: "text", text: getMessageTextContent(v) }],
}; };
} }
return { return {
role: insideRole, role: insideRole,
content: content content: content
.filter((v) => v.image_url || v.text) .filter((v) => v.image_url || v.text)
.map(({ type, text, image_url }) => { .map(({ type, text, image_url }) => {
if (type === "text") { if (type === "text") return { type, text: text! };
return {
type,
text: text!,
};
}
const { url = "" } = image_url || {}; const { url = "" } = image_url || {};
const colonIndex = url.indexOf(":"); const colonIndex = url.indexOf(":");
const semicolonIndex = url.indexOf(";"); const semicolonIndex = url.indexOf(";");
const comma = url.indexOf(","); const comma = url.indexOf(",");
const mimeType = url.slice(colonIndex + 1, semicolonIndex);
const encodeType = url.slice(semicolonIndex + 1, comma);
const data = url.slice(comma + 1);
return { return {
type: "image" as const, type: "image",
source: { source: {
type: encodeType, type: url.slice(semicolonIndex + 1, comma),
media_type: mimeType, media_type: url.slice(colonIndex + 1, semicolonIndex),
data, data: url.slice(comma + 1),
}, },
}; };
}), }),
}; };
}); });
if (prompt[0]?.role === "assistant") {
prompt.unshift({
role: "user",
content: ";",
});
}
const requestBody = { const requestBody = {
modelId: options.config.model, anthropic_version: "bedrock-2023-05-31",
messages: prompt, max_tokens: modelConfig.max_tokens,
inferenceConfig: { messages: formattedMessages,
maxTokens: modelConfig.max_tokens, ...(systemMessage && { system: systemMessage }),
...(modelConfig.temperature !== undefined && {
temperature: modelConfig.temperature, temperature: modelConfig.temperature,
topP: modelConfig.top_p, }),
stopSequences: [], ...(modelConfig.top_p !== undefined && { top_p: modelConfig.top_p }),
}, ...(isClaude3 && { top_k: 5 }),
stream: shouldStream,
}; };
const conversePath = `${ApiPath.Bedrock}/converse`;
const controller = new AbortController(); const controller = new AbortController();
options.onController?.(controller); options.onController?.(controller);
if (shouldStream) { const accessStore = useAccessStore.getState();
let currentToolUse: ChatMessageTool | null = null; if (!accessStore.isValidBedrock()) {
throw new Error(
"Invalid AWS credentials. Please check your configuration.",
);
}
try {
const apiEndpoint = "/api/bedrock/chat";
const headers = {
"Content-Type": "application/json",
"X-Region": accessStore.awsRegion,
"X-Access-Key": accessStore.awsAccessKey,
"X-Secret-Key": accessStore.awsSecretKey,
"X-Model-Id": modelConfig.model,
...(accessStore.awsSessionToken && {
"X-Session-Token": accessStore.awsSessionToken,
}),
};
if (options.config.stream) {
let index = -1; let index = -1;
let currentToolArgs = "";
const [tools, funcs] = usePluginStore const [tools, funcs] = usePluginStore
.getState() .getState()
.getAsTools( .getAsTools(
useChatStore.getState().currentSession().mask?.plugin || [], useChatStore.getState().currentSession().mask?.plugin || [],
); );
return stream( return stream(
conversePath, apiEndpoint,
requestBody, requestBody,
getHeaders(), headers,
// @ts-ignore (tools as ToolDefinition[]).map((tool) => ({
tools.map((tool) => ({
name: tool?.function?.name, name: tool?.function?.name,
description: tool?.function?.description, description: tool?.function?.description,
input_schema: tool?.function?.parameters, input_schema: tool?.function?.parameters,
})), })),
funcs, funcs,
controller, controller,
// parseSSE
(text: string, runTools: ChatMessageTool[]) => { (text: string, runTools: ChatMessageTool[]) => {
// console.log("parseSSE", text, runTools); try {
let chunkJson: const chunkJson = JSON.parse(text);
| undefined if (chunkJson?.content_block?.type === "tool_use") {
| {
type: "content_block_delta" | "content_block_stop";
content_block?: {
type: "tool_use";
id: string;
name: string;
};
delta?: {
type: "text_delta" | "input_json_delta";
text?: string;
partial_json?: string;
};
index: number;
};
chunkJson = JSON.parse(text);
if (chunkJson?.content_block?.type == "tool_use") {
index += 1; index += 1;
const id = chunkJson?.content_block.id; currentToolArgs = "";
const name = chunkJson?.content_block.name; const id = chunkJson.content_block?.id;
const name = chunkJson.content_block?.name;
if (id && name) {
runTools.push({ runTools.push({
id, id,
type: "function", type: "function",
function: { function: { name, arguments: "" },
name,
arguments: "",
},
}); });
} }
if ( } else if (
chunkJson?.delta?.type == "input_json_delta" && chunkJson?.delta?.type === "input_json_delta" &&
chunkJson?.delta?.partial_json chunkJson.delta?.partial_json
) { ) {
// @ts-ignore currentToolArgs += chunkJson.delta.partial_json;
runTools[index]["function"]["arguments"] += try {
chunkJson?.delta?.partial_json; JSON.parse(currentToolArgs);
if (index >= 0 && index < runTools.length) {
runTools[index].function!.arguments = currentToolArgs;
}
} catch (e) {}
} else if (
chunkJson?.type === "content_block_stop" &&
currentToolArgs &&
index >= 0 &&
index < runTools.length
) {
try {
if (currentToolArgs.trim().endsWith(",")) {
currentToolArgs = currentToolArgs.slice(0, -1) + "}";
} else if (!currentToolArgs.endsWith("}")) {
currentToolArgs += "}";
}
JSON.parse(currentToolArgs);
runTools[index].function!.arguments = currentToolArgs;
} catch (e) {}
}
return this.extractMessage(chunkJson);
} catch (e) {
return "";
} }
return chunkJson?.delta?.text;
}, },
// processToolMessage, include tool_calls message and tool call results
( (
requestPayload: RequestPayload, requestPayload: any,
toolCallMessage: any, toolCallMessage: any,
toolCallResult: any[], toolCallResult: any[],
) => { ) => {
// reset index value
index = -1; index = -1;
// @ts-ignore currentToolArgs = "";
requestPayload?.messages?.splice( if (requestPayload?.messages) {
// @ts-ignore requestPayload.messages.splice(
requestPayload?.messages?.length, requestPayload.messages.length,
0, 0,
{ {
role: "assistant", role: "assistant",
content: toolCallMessage.tool_calls.map( content: [
{
type: "text",
text: JSON.stringify(
toolCallMessage.tool_calls.map(
(tool: ChatMessageTool) => ({ (tool: ChatMessageTool) => ({
type: "tool_use", type: "tool_use",
id: tool.id, id: tool.id,
@ -242,53 +225,44 @@ export class BedrockApi implements LLMApi {
: {}, : {},
}), }),
), ),
),
},
],
}, },
// @ts-ignore
...toolCallResult.map((result) => ({ ...toolCallResult.map((result) => ({
role: "user", role: "user",
content: [ content: [
{ {
type: "tool_result", type: "text",
tool_use_id: result.tool_call_id, text: `Tool '${result.tool_call_id}' returned: ${result.content}`,
content: result.content,
}, },
], ],
})), })),
); );
}
}, },
options, options,
); );
} else { } else {
const payload = { const res = await fetch(apiEndpoint, {
method: "POST", method: "POST",
headers,
body: JSON.stringify(requestBody), body: JSON.stringify(requestBody),
signal: controller.signal, });
headers: {
...getHeaders(), // get common headers
},
};
try {
controller.signal.onabort = () =>
options.onFinish("", new Response(null, { status: 400 }));
const res = await fetch(conversePath, payload);
const resJson = await res.json(); const resJson = await res.json();
const message = this.extractMessage(resJson); const message = this.extractMessage(resJson);
options.onFinish(message, res); options.onFinish(message, res);
}
} catch (e) { } catch (e) {
console.error("failed to chat", e);
options.onError?.(e as Error); options.onError?.(e as Error);
} }
} }
}
async usage() { async usage() {
return { return { used: 0, total: 0 };
used: 0,
total: 0,
};
} }
async models() { async models() {
return []; return [];
} }

2
app/components/ui-lib.tsx
View File

@ -11,7 +11,7 @@ import MaxIcon from "../icons/max.svg";
import MinIcon from "../icons/min.svg"; import MinIcon from "../icons/min.svg";
import Locale from "../locales"; import Locale from "../locales";
import { maskSensitiveValue } from "../utils/encryption"; import { maskSensitiveValue } from "../utils/aws";
import { createRoot } from "react-dom/client"; import { createRoot } from "react-dom/client";
import React, { import React, {

35
app/constant.ts
View File

@ -241,9 +241,10 @@ export const ChatGLM = {
}; };
export const Bedrock = { export const Bedrock = {
ChatPath: "converse", ChatPath: "model", // Simplified path since we'll append the full path in bedrock.ts
ApiVersion: "2023-11-01", ApiVersion: "2023-11-01",
getEndpoint: (region: string = "us-west-2") =>`https://bedrock-runtime.${region}.amazonaws.com`, getEndpoint: (region: string = "us-west-2") =>
`https://bedrock-runtime.${region}.amazonaws.com`,
}; };
export const DEFAULT_INPUT_TEMPLATE = `{{input}}`; // input / time / model / lang export const DEFAULT_INPUT_TEMPLATE = `{{input}}`; // input / time / model / lang
@ -326,19 +327,43 @@ const openaiModels = [
]; ];
const bedrockModels = [ const bedrockModels = [
// Amazon Titan Models
"amazon.titan-text-express-v1",
"amazon.titan-text-lite-v1",
"amazon.titan-text-agile-v1",
// Cohere Models
"cohere.command-light-text-v14",
"cohere.command-r-plus-v1:0",
"cohere.command-r-v1:0",
"cohere.command-text-v14",
// Claude Models // Claude Models
"anthropic.claude-3-haiku-20240307-v1:0", "anthropic.claude-3-haiku-20240307-v1:0",
"anthropic.claude-3-5-haiku-20241022-v1:0", "anthropic.claude-3-5-haiku-20241022-v1:0",
"anthropic.claude-3-sonnet-20240229-v1:0", "anthropic.claude-3-sonnet-20240229-v1:0",
"anthropic.claude-3-5-sonnet-20241022-v2:0", "anthropic.claude-3-5-sonnet-20241022-v2:0",
"anthropic.claude-3-opus-20240229-v1:0", "anthropic.claude-3-opus-20240229-v1:0",
"anthropic.claude-2.1",
"anthropic.claude-v2",
"anthropic.claude-v1",
"anthropic.claude-instant-v1",
// Meta Llama Models // Meta Llama Models
"us.meta.llama3-2-11b-instruct-v1:0", "meta.llama2-13b-chat-v1",
"us.meta.llama3-2-90b-instruct-v1:0", "meta.llama2-70b-chat-v1",
//Mistral "meta.llama3-8b-instruct-v1:0",
"meta.llama3-2-11b-instruct-v1:0",
"meta.llama3-2-90b-instruct-v1:0",
// Mistral Models
"mistral.mistral-7b-instruct-v0:2",
"mistral.mistral-large-2402-v1:0", "mistral.mistral-large-2402-v1:0",
"mistral.mistral-large-2407-v1:0", "mistral.mistral-large-2407-v1:0",
// AI21 Models
"ai21.j2-mid-v1",
"ai21.j2-ultra-v1",
]; ];
const googleModels = [ const googleModels = [

88
app/store/access.ts
View File

@ -4,7 +4,6 @@ import {
StoreKey, StoreKey,
ApiPath, ApiPath,
OPENAI_BASE_URL, OPENAI_BASE_URL,
BEDROCK_BASE_URL,
ANTHROPIC_BASE_URL, ANTHROPIC_BASE_URL,
GEMINI_BASE_URL, GEMINI_BASE_URL,
BAIDU_BASE_URL, BAIDU_BASE_URL,
@ -23,14 +22,12 @@ import { createPersistStore } from "../utils/store";
import { ensure } from "../utils/clone"; import { ensure } from "../utils/clone";
import { DEFAULT_CONFIG } from "./config"; import { DEFAULT_CONFIG } from "./config";
import { getModelProvider } from "../utils/model"; import { getModelProvider } from "../utils/model";
import { encrypt, decrypt } from "../utils/encryption";
let fetchState = 0; // 0 not fetch, 1 fetching, 2 done let fetchState = 0; // 0 not fetch, 1 fetching, 2 done
const isApp = getClientConfig()?.buildMode === "export"; const isApp = getClientConfig()?.buildMode === "export";
const DEFAULT_OPENAI_URL = isApp ? OPENAI_BASE_URL : ApiPath.OpenAI; const DEFAULT_OPENAI_URL = isApp ? OPENAI_BASE_URL : ApiPath.OpenAI;
const DEFAULT_BEDROCK_URL = isApp ? BEDROCK_BASE_URL : ApiPath.Bedrock;
const DEFAULT_GOOGLE_URL = isApp ? GEMINI_BASE_URL : ApiPath.Google; const DEFAULT_GOOGLE_URL = isApp ? GEMINI_BASE_URL : ApiPath.Google;
@ -64,13 +61,6 @@ const DEFAULT_ACCESS_STATE = {
openaiUrl: DEFAULT_OPENAI_URL, openaiUrl: DEFAULT_OPENAI_URL,
openaiApiKey: "", openaiApiKey: "",
// bedrock
awsRegion: "",
awsAccessKey: "",
awsSecretKey: "",
awsSessionToken: "",
awsCognitoUser: false,
// azure // azure
azureUrl: "", azureUrl: "",
azureApiKey: "", azureApiKey: "",
@ -126,6 +116,12 @@ const DEFAULT_ACCESS_STATE = {
chatglmUrl: DEFAULT_CHATGLM_URL, chatglmUrl: DEFAULT_CHATGLM_URL,
chatglmApiKey: "", chatglmApiKey: "",
// aws bedrock
awsRegion: "",
awsAccessKey: "",
awsSecretKey: "",
awsSessionToken: "",
// server config // server config
needCode: true, needCode: true,
hideUserApiKey: false, hideUserApiKey: false,
@ -139,9 +135,6 @@ const DEFAULT_ACCESS_STATE = {
edgeTTSVoiceName: "zh-CN-YunxiNeural", edgeTTSVoiceName: "zh-CN-YunxiNeural",
}; };
type AccessState = typeof DEFAULT_ACCESS_STATE;
type BedrockCredentialKey = "awsAccessKey" | "awsSecretKey" | "awsSessionToken";
export const useAccessStore = createPersistStore( export const useAccessStore = createPersistStore(
{ ...DEFAULT_ACCESS_STATE }, { ...DEFAULT_ACCESS_STATE },
@ -162,46 +155,6 @@ export const useAccessStore = createPersistStore(
return ensure(get(), ["openaiApiKey"]); return ensure(get(), ["openaiApiKey"]);
}, },
isValidBedrock() {
const state = get();
return (
ensure(state, ["awsAccessKey", "awsSecretKey", "awsRegion"]) &&
this.validateAwsCredentials(
this.getDecryptedAwsCredential("awsAccessKey"),
this.getDecryptedAwsCredential("awsSecretKey"),
state.awsRegion,
)
);
},
validateAwsCredentials(
accessKey: string,
secretKey: string,
region: string,
) {
// Comprehensive AWS credential validation
const accessKeyRegex = /^(AKIA|A3T|ASIA)[A-Z0-9]{16}$/;
const regionRegex = /^[a-z]{2}-[a-z]+-\d+$/;
return (
accessKeyRegex.test(accessKey) && // Validate access key format
secretKey.length === 40 && // Validate secret key length
regionRegex.test(region) && // Validate region format
accessKey !== "" &&
secretKey !== "" &&
region !== ""
);
},
setEncryptedAwsCredential(key: BedrockCredentialKey, value: string) {
set({ [key]: encrypt(value) });
},
getDecryptedAwsCredential(key: BedrockCredentialKey): string {
const encryptedValue = get()[key];
return encryptedValue ? decrypt(encryptedValue) : "";
},
isValidAzure() { isValidAzure() {
return ensure(get(), ["azureUrl", "azureApiKey", "azureApiVersion"]); return ensure(get(), ["azureUrl", "azureApiKey", "azureApiVersion"]);
}, },
@ -233,6 +186,7 @@ export const useAccessStore = createPersistStore(
isValidMoonshot() { isValidMoonshot() {
return ensure(get(), ["moonshotApiKey"]); return ensure(get(), ["moonshotApiKey"]);
}, },
isValidIflytek() { isValidIflytek() {
return ensure(get(), ["iflytekApiKey"]); return ensure(get(), ["iflytekApiKey"]);
}, },
@ -245,13 +199,16 @@ export const useAccessStore = createPersistStore(
return ensure(get(), ["chatglmApiKey"]); return ensure(get(), ["chatglmApiKey"]);
}, },
isValidBedrock() {
return ensure(get(), ["awsRegion", "awsAccessKey", "awsSecretKey"]);
},
isAuthorized() { isAuthorized() {
this.fetch(); this.fetch();
// has token or has code or disabled access control // has token or has code or disabled access control
return ( return (
this.isValidOpenAI() || this.isValidOpenAI() ||
this.isValidBedrock() ||
this.isValidAzure() || this.isValidAzure() ||
this.isValidGoogle() || this.isValidGoogle() ||
this.isValidAnthropic() || this.isValidAnthropic() ||
@ -263,6 +220,7 @@ export const useAccessStore = createPersistStore(
this.isValidIflytek() || this.isValidIflytek() ||
this.isValidXAI() || this.isValidXAI() ||
this.isValidChatGLM() || this.isValidChatGLM() ||
this.isValidBedrock() ||
!this.enabledAccessControl() || !this.enabledAccessControl() ||
(this.enabledAccessControl() && ensure(get(), ["accessCode"])) (this.enabledAccessControl() && ensure(get(), ["accessCode"]))
); );
@ -290,28 +248,8 @@ export const useAccessStore = createPersistStore(
return res; return res;
}) })
.then((res: DangerConfig) => { .then((res: DangerConfig) => {
console.log("[Config] received DangerConfig server configuration"); console.log("[Config] got config from server", res);
set(() => ({ ...res })); set(() => ({ ...res }));
return res;
})
.then((res: Partial<AccessState>) => {
console.log("[Config] received AccessState server configuration");
// Encrypt Bedrock-related sensitive data before storing
const encryptedRes = { ...res };
const keysToEncrypt: BedrockCredentialKey[] = [
"awsAccessKey",
"awsSecretKey",
"awsSessionToken",
];
keysToEncrypt.forEach((key) => {
const value = encryptedRes[key];
if (value) {
(encryptedRes[key] as string) = encrypt(value as string);
}
});
set(() => ({ ...encryptedRes }));
}) })
.catch(() => { .catch(() => {
console.error("[Config] failed to fetch config"); console.error("[Config] failed to fetch config");

236
app/utils/aws.ts Normal file
View File

@ -0,0 +1,236 @@
import SHA256 from "crypto-js/sha256";
import HmacSHA256 from "crypto-js/hmac-sha256";
import Hex from "crypto-js/enc-hex";
import Utf8 from "crypto-js/enc-utf8";
import { AES, enc } from "crypto-js";
const SECRET_KEY =
process.env.ENCRYPTION_KEY ||
"your-secret-key-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
if (!SECRET_KEY || SECRET_KEY.length < 32) {
throw new Error(
"ENCRYPTION_KEY environment variable must be set with at least 32 characters",
);
}
export function encrypt(data: string): string {
if (!data) return "";
try {
return AES.encrypt(data, SECRET_KEY).toString();
} catch (error) {
console.error("Encryption failed:", error);
return data;
}
}
export function decrypt(encryptedData: string): string {
if (!encryptedData) return "";
try {
// Try to decrypt
const bytes = AES.decrypt(encryptedData, SECRET_KEY);
const decrypted = bytes.toString(enc.Utf8);
// If decryption results in empty string but input wasn't empty,
// the input might already be decrypted
if (!decrypted && encryptedData) {
return encryptedData;
}
return decrypted;
} catch (error) {
// If decryption fails, the input might already be decrypted
return encryptedData;
}
}
export function maskSensitiveValue(value: string): string {
if (!value) return "";
if (value.length <= 4) return value;
return "*".repeat(value.length - 4) + value.slice(-4);
}
export interface SignParams {
method: string;
url: string;
region: string;
accessKeyId: string;
secretAccessKey: string;
sessionToken?: string;
body: string;
service: string;
}
function hmac(
key: string | CryptoJS.lib.WordArray,
data: string,
): CryptoJS.lib.WordArray {
if (typeof key === "string") {
key = Utf8.parse(key);
}
return HmacSHA256(data, key);
}
function getSigningKey(
secretKey: string,
dateStamp: string,
region: string,
service: string,
): CryptoJS.lib.WordArray {
const kDate = hmac("AWS4" + secretKey, dateStamp);
const kRegion = hmac(kDate, region);
const kService = hmac(kRegion, service);
const kSigning = hmac(kService, "aws4_request");
return kSigning;
}
function normalizeHeaderValue(value: string): string {
return value.replace(/\s+/g, " ").trim();
}
function encodeURIComponent_RFC3986(str: string): string {
return encodeURIComponent(str)
.replace(
/[!'()*]/g,
(c) => "%" + c.charCodeAt(0).toString(16).toUpperCase(),
)
.replace(/[-_.~]/g, (c) => c); // RFC 3986 unreserved characters
}
function encodeURI_RFC3986(uri: string): string {
// Handle empty or root path
if (!uri || uri === "/") return "";
// Split the path into segments, preserving empty segments for double slashes
const segments = uri.split("/");
return segments
.map((segment) => {
if (!segment) return "";
// Special handling for Bedrock model paths
if (segment.includes("model/")) {
const parts = segment.split(/(model\/)/);
return parts
.map((part) => {
if (part === "model/") return part;
// Handle the model identifier part
if (part.includes(".") || part.includes(":")) {
return part
.split(/([.:])/g)
.map((subpart, i) => {
if (i % 2 === 1) return subpart; // Don't encode separators
return encodeURIComponent_RFC3986(subpart);
})
.join("");
}
return encodeURIComponent_RFC3986(part);
})
.join("");
}
// Handle invoke-with-response-stream without encoding
if (segment === "invoke-with-response-stream") {
return segment;
}
return encodeURIComponent_RFC3986(segment);
})
.join("/");
}
export async function sign({
method,
url,
region,
accessKeyId,
secretAccessKey,
sessionToken,
body,
service,
}: SignParams): Promise<Record<string, string>> {
const endpoint = new URL(url);
const canonicalUri = "/" + encodeURI_RFC3986(endpoint.pathname.slice(1));
const canonicalQueryString = endpoint.search.slice(1); // Remove leading '?'
// Create a date stamp and time stamp in ISO8601 format
const now = new Date();
const amzDate = now.toISOString().replace(/[:-]|\.\d{3}/g, "");
const dateStamp = amzDate.slice(0, 8);
// Calculate the hash of the payload
const payloadHash = SHA256(body).toString(Hex);
// Define headers with normalized values
const headers: Record<string, string> = {
accept: "application/vnd.amazon.eventstream",
"content-type": "application/json",
host: endpoint.host,
"x-amz-content-sha256": payloadHash,
"x-amz-date": amzDate,
"x-amzn-bedrock-accept": "*/*",
};
// Add session token if present
if (sessionToken) {
headers["x-amz-security-token"] = sessionToken;
}
// Get sorted header keys (case-insensitive)
const sortedHeaderKeys = Object.keys(headers).sort((a, b) =>
a.toLowerCase().localeCompare(b.toLowerCase()),
);
// Create canonical headers string with normalized values
const canonicalHeaders = sortedHeaderKeys
.map(
(key) => `${key.toLowerCase()}:${normalizeHeaderValue(headers[key])}\n`,
)
.join("");
// Create signed headers string
const signedHeaders = sortedHeaderKeys
.map((key) => key.toLowerCase())
.join(";");
// Create canonical request
const canonicalRequest = [
method.toUpperCase(),
canonicalUri,
canonicalQueryString,
canonicalHeaders,
signedHeaders,
payloadHash,
].join("\n");
// Create the string to sign
const algorithm = "AWS4-HMAC-SHA256";
const credentialScope = `${dateStamp}/${region}/${service}/aws4_request`;
const stringToSign = [
algorithm,
amzDate,
credentialScope,
SHA256(canonicalRequest).toString(Hex),
].join("\n");
// Calculate the signature
const signingKey = getSigningKey(secretAccessKey, dateStamp, region, service);
const signature = hmac(signingKey, stringToSign).toString(Hex);
// Create the authorization header
const authorization = [
`${algorithm} Credential=${accessKeyId}/${credentialScope}`,
`SignedHeaders=${signedHeaders}`,
`Signature=${signature}`,
].join(", ");
// Return headers with proper casing for the request
return {
Accept: headers.accept,
"Content-Type": headers["content-type"],
Host: headers.host,
"X-Amz-Content-Sha256": headers["x-amz-content-sha256"],
"X-Amz-Date": headers["x-amz-date"],
"X-Amzn-Bedrock-Accept": headers["x-amzn-bedrock-accept"],
...(sessionToken && { "X-Amz-Security-Token": sessionToken }),
Authorization: authorization,
};
}

35
app/utils/encryption.ts
View File

@ -1,35 +0,0 @@
import { AES, enc } from "crypto-js";
const SECRET_KEY =
process.env.ENCRYPTION_KEY ||
"your-secret-key-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; // Replace this with a secure, randomly generated key
if (!SECRET_KEY || SECRET_KEY.length < 32) {
throw new Error(
"ENCRYPTION_KEY environment variable must be set with at least 32 characters",
);
}
export function encrypt(data: string): string {
try {
return AES.encrypt(data, SECRET_KEY).toString();
} catch (error) {
console.error("Encryption failed:", error);
return data; // Fallback to unencrypted data if encryption fails
}
}
export function decrypt(encryptedData: string): string {
try {
const bytes = AES.decrypt(encryptedData, SECRET_KEY);
return bytes.toString(enc.Utf8);
} catch (error) {
console.error("Decryption failed:", error);
return encryptedData; // Fallback to the original data if decryption fails
}
}
export function maskSensitiveValue(value: string): string {
if (!value) return "";
if (value.length <= 4) return value;
return "*".repeat(value.length - 4) + value.slice(-4);
}

1
package.json
View File

@ -20,7 +20,6 @@
"test:ci": "jest --ci" "test:ci": "jest --ci"
}, },
"dependencies": { "dependencies": {
"@aws-sdk/client-bedrock-runtime": "^3.679.0",
"@fortaine/fetch-event-source": "^3.0.6", "@fortaine/fetch-event-source": "^3.0.6",
"@hello-pangea/dnd": "^16.5.0", "@hello-pangea/dnd": "^16.5.0",
"@next/third-parties": "^14.1.0", "@next/third-parties": "^14.1.0",