phoenix/litellm-mirror
0
0
Fork 1
mirror of https://github.com/BerriAI/litellm.git synced 2025-04-26 11:14:04 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(proxy_server.py): don't require scope for team-based jwt access

Browse source 
If team with the client_id exists then it should be allowed to make a request, if it doesn't then as we discussed it should return an error
This commit is contained in:
Krrish Dholakia 2024-04-01 18:52:00 -07:00
parent ceabf726b0
commit c52819d47c
2 changed files with 1 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/my-website/docs/proxy/token_auth.md
View file

@ -149,7 +149,7 @@ general_settings:
enable_jwt_auth: True enable_jwt_auth: True
litellm_jwtauth: litellm_jwtauth:
... ...
team_jwt_scope: "litellm-team" # 👈 Set JWT Scope string team_id_jwt_field: "litellm-team" # 👈 Set field in the JWT token that stores the team ID
team_allowed_routes: ["/v1/chat/completions"] # 👈 Set accepted routes team_allowed_routes: ["/v1/chat/completions"] # 👈 Set accepted routes
``` ```

6
litellm/proxy/proxy_server.py
View file

@ -385,12 +385,6 @@ async def user_api_key_auth(
raise Exception( raise Exception(
f"Admin not allowed to access this route. Route={route}, Allowed Routes={actual_routes}" f"Admin not allowed to access this route. Route={route}, Allowed Routes={actual_routes}"
) )
# check if team in scopes
is_team = jwt_handler.is_team(scopes=scopes)
if is_team == False:
raise Exception(
f"Missing both Admin and Team scopes from token. Either is required. Admin Scope={jwt_handler.litellm_jwtauth.admin_jwt_scope}, Team Scope={jwt_handler.litellm_jwtauth.team_jwt_scope}"
)
# get team id # get team id
team_id = jwt_handler.get_team_id(token=valid_token, default_value=None) team_id = jwt_handler.get_team_id(token=valid_token, default_value=None)