phoenix/litellm-mirror
0
0
Fork 1
mirror of https://github.com/BerriAI/litellm.git synced 2025-04-25 18:54:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Litellm dev 01 14 2025 p2 (#7772)

Browse source 
* feat(pass_through_endpoints.py): fix anthropic end user cost tracking

* fix(anthropic/chat/transformation.py): use returned provider model for anthropic

handles anthropic `-latest` tag in request body throwing cost calculation errors

ensures we can be accurate in our model cost tracking

* feat(model_prices_and_context_window.json): add gemini-2.0-flash-thinking-exp pricing

* test: update test to use assumption that user_api_key_dict can get anthropic user id

* test: fix test

* fix: fix test

* fix(anthropic_pass_through.py): uncomment previous anthropic end-user cost tracking code block

can't guarantee user api key dict always has end user id - too many code paths

* fix(user_api_key_auth.py): this allows end user id from request body to always be read and set in auth object

* fix(auth_check.py): fix linting error

* test: fix auth check

* fix(auth_utils.py): fix get end user id to handle metadata = None
This commit is contained in:
Krish Dholakia 2025-01-15 21:34:50 -08:00 committed by GitHub
parent 4081aeb15e
commit 80d6bbec29
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
16 changed files with 287 additions and 43 deletions
Download patch file Download diff file Expand all files Collapse all files

82
litellm/proxy/auth/user_api_key_auth.py
View file

@ -35,6 +35,7 @@ from litellm.proxy.auth.auth_checks import (
)
from litellm.proxy.auth.auth_utils import (
_get_request_ip_address,
get_end_user_id_from_request_body,
get_request_route,
is_pass_through_provider_route,
pre_db_read_auth_checks,
@ -213,17 +214,25 @@ async def user_api_key_auth_websocket(websocket: WebSocket):
raise HTTPException(status_code=403, detail=str(e))
async def user_api_key_auth( # noqa: PLR0915
request: Request,
api_key: str = fastapi.Security(api_key_header),
azure_api_key_header: str = fastapi.Security(azure_api_key_header),
anthropic_api_key_header: Optional[str] = fastapi.Security(
anthropic_api_key_header
),
google_ai_studio_api_key_header: Optional[str] = fastapi.Security(
google_ai_studio_api_key_header
),
def update_valid_token_with_end_user_params(
valid_token: UserAPIKeyAuth, end_user_params: dict
) -> UserAPIKeyAuth:
valid_token.end_user_id = end_user_params.get("end_user_id")
valid_token.end_user_tpm_limit = end_user_params.get("end_user_tpm_limit")
valid_token.end_user_rpm_limit = end_user_params.get("end_user_rpm_limit")
valid_token.allowed_model_region = end_user_params.get("allowed_model_region")
return valid_token
async def _user_api_key_auth_builder( # noqa: PLR0915
request: Request,
api_key: str,
azure_api_key_header: str,
anthropic_api_key_header: Optional[str],
google_ai_studio_api_key_header: Optional[str],
request_data: dict,
) -> UserAPIKeyAuth:
from litellm.proxy.proxy_server import (
general_settings,
jwt_handler,
@ -243,8 +252,9 @@ async def user_api_key_auth( # noqa: PLR0915
start_time = datetime.now()
route: str = get_request_route(request=request)
try:
# get the request body
request_data = await _read_request_body(request=request)
await pre_db_read_auth_checks(
request_data=request_data,
request=request,
@ -608,9 +618,10 @@ async def user_api_key_auth( # noqa: PLR0915
## Check END-USER OBJECT
_end_user_object = None
end_user_params = {}
if "user" in request_data:
end_user_id = get_end_user_id_from_request_body(request_data)
if end_user_id:
try:
end_user_id = request_data["user"]
end_user_params["end_user_id"] = end_user_id
# get end-user object
@ -671,11 +682,8 @@ async def user_api_key_auth( # noqa: PLR0915
and valid_token.user_role == LitellmUserRoles.PROXY_ADMIN
):
# update end-user params on valid token
valid_token.end_user_id = end_user_params.get("end_user_id")
valid_token.end_user_tpm_limit = end_user_params.get("end_user_tpm_limit")
valid_token.end_user_rpm_limit = end_user_params.get("end_user_rpm_limit")
valid_token.allowed_model_region = end_user_params.get(
"allowed_model_region"
valid_token = update_valid_token_with_end_user_params(
valid_token=valid_token, end_user_params=end_user_params
)
valid_token.parent_otel_span = parent_otel_span
@ -753,6 +761,10 @@ async def user_api_key_auth( # noqa: PLR0915
)
)
_user_api_key_obj = update_valid_token_with_end_user_params(
valid_token=_user_api_key_obj, end_user_params=end_user_params
)
return _user_api_key_obj
## IF it's not a master key
@ -1235,7 +1247,6 @@ async def user_api_key_auth( # noqa: PLR0915
parent_otel_span=parent_otel_span,
api_key=api_key,
)
request_data = await _read_request_body(request=request)
asyncio.create_task(
proxy_logging_obj.post_call_failure_hook(
request_data=request_data,
@ -1270,6 +1281,39 @@ async def user_api_key_auth( # noqa: PLR0915
)
async def user_api_key_auth(
request: Request,
api_key: str = fastapi.Security(api_key_header),
azure_api_key_header: str = fastapi.Security(azure_api_key_header),
anthropic_api_key_header: Optional[str] = fastapi.Security(
anthropic_api_key_header
),
google_ai_studio_api_key_header: Optional[str] = fastapi.Security(
google_ai_studio_api_key_header
),
) -> UserAPIKeyAuth:
"""
Parent function to authenticate user api key / jwt token.
"""
request_data = await _read_request_body(request=request)
user_api_key_auth_obj = await _user_api_key_auth_builder(
request=request,
api_key=api_key,
azure_api_key_header=azure_api_key_header,
anthropic_api_key_header=anthropic_api_key_header,
google_ai_studio_api_key_header=google_ai_studio_api_key_header,
request_data=request_data,
)
end_user_id = get_end_user_id_from_request_body(request_data)
if end_user_id is not None:
user_api_key_auth_obj.end_user_id = end_user_id
return user_api_key_auth_obj
async def _return_user_api_key_auth_obj(
user_obj: Optional[LiteLLM_UserTable],
api_key: str,