phoenix-oss/llama-stack-mirror
0
0
Fork 1
mirror of https://github.com/meta-llama/llama-stack.git synced 2025-12-24 10:10:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Address PR review comments

Browse source 
- Fix error message: Change 'Missing or invalid' to 'Invalid' for Authorization header format
- Update documentation: Add breaking change notice for v0.2.13 auth config structure
- Update all auth config examples to use new provider_config structure
- Add GitHub token provider documentation
- Align GitHub default claims mapping with OAuth2 (use 'roles' instead of 'username')
- Add clarification comment that GitHub provider validates GitHub-issued tokens
This commit is contained in:
ehhuang 2025-07-03 10:26:51 -07:00 committed by Eric Huang
parent c2d16c713e
commit bdf2b50097
4 changed files with 28 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

3
llama_stack/distribution/datatypes.py
View file

@ -244,8 +244,7 @@ class GitHubTokenAuthConfig(BaseModel):
)
claims_mapping: dict[str, str] = Field(
default_factory=lambda: {
"login": "username",
"id": "user_id",
"login": "roles",
"organizations": "teams",
},
description="Mapping from GitHub user fields to access attributes",

2
llama_stack/distribution/server/auth.py
View file

@ -92,7 +92,7 @@ class AuthenticationMiddleware:
return await self._send_auth_error(send, error_msg)
if not auth_header.startswith("Bearer "):
return await self._send_auth_error(send, "Missing or invalid Authorization header")
return await self._send_auth_error(send, "Invalid Authorization header format")
token = auth_header.split("Bearer ", 1)[1]

5
llama_stack/distribution/server/auth_providers.py
View file

@ -322,7 +322,10 @@ class GitHubTokenAuthProvider(AuthProvider):
self.config = config
async def validate_token(self, token: str, scope: dict | None = None) -> User:
"""Validate a GitHub token by calling the GitHub API."""
"""Validate a GitHub token by calling the GitHub API.
This validates tokens issued by GitHub (personal access tokens or OAuth tokens).
"""
try:
user_info = await self._get_github_user_info(token)