anti
245975a6dd
Auth/session (V2.1.7, V4.1.5, V4.1.6, V2.1.4/V2.1.5): - env secret validation no longer bypassed by attacker-injectable PYTEST* env; gated on explicit DECNET_TESTING=1 (set only in conftest). - must_change_password now enforced on the SSE header-JWT path, not just ticket mint. - GET /system/deployment-mode requires viewer auth (was leaking role + topology size). - CreateUser/ResetUser passwords min_length=12; passwords >72 bytes rejected explicitly instead of bcrypt silently truncating. Swarm ingestion (V9.1.3, BUG-16): - Log listener hard-rejects peers with unparseable/empty cert CN (fail closed, ingests nothing) instead of tagging 'unknown'. - Shutdown handlers no longer swallow real errors (narrowed to CancelledError). Info leakage (V7.1.2, V14.1.2): - Exception text sanitized on swarm-update, health, tarpit, realism, file-drop, blank-topology endpoints (raw tc/docker stderr, DB/Docker errors logged server-side, generic detail returned). pyproject license corrected to AGPL-3.0. Correctness (BUG-12..16): - BUG-12 atomic credential upsert (UNIQUE constraint + IntegrityError retry, consistent principal_key canonicalization). - BUG-13 rule-tail watermark uses >= with seen-id dedup (no same-second drop). - BUG-14 worker wake cleared before wait (no lost wake during tick). - BUG-15 intel gather tolerates an unexpected provider raise. - BUG-16 see above. Already-closed (verified, no change): V2.1.6, V5.1.3, V9.1.2. Accept-risk + documented: V2.1.8 cache window, V3.1.3 idle timeout. Tests added for every fix; unanimous adversarial review after two refute-fix rounds.
178 lines
5.8 KiB
Python
178 lines
5.8 KiB
Python
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
"""GET/PUT ``/api/v1/realism/llm`` — LLM provider configuration.
|
|
|
|
Reads accept viewer; writes are admin (same trust level as the existing
|
|
``/realism/config`` surface — LLM provider config controls all AI-generated
|
|
honeypot content).
|
|
|
|
GET returns the current config **without** the encrypted API key — only
|
|
``api_key_set: bool`` is surfaced so the operator can see whether one is
|
|
stored without ever exfiltrating it.
|
|
|
|
PUT body fields (all optional — unset fields keep their current value):
|
|
|
|
* ``provider``: ``"ollama"`` (only supported provider today)
|
|
* ``base_url``: Ollama daemon URL, or ``""``/``null`` to clear
|
|
* ``model``: Ollama model tag
|
|
* ``timeout``: Generation timeout in seconds (float, > 0)
|
|
* ``api_key``: Plaintext; ``null`` / absent = leave unchanged, ``""`` = clear
|
|
"""
|
|
from __future__ import annotations
|
|
|
|
import asyncio
|
|
import json
|
|
from typing import Any
|
|
|
|
from fastapi import APIRouter, Depends, HTTPException
|
|
|
|
from decnet.logging import get_logger
|
|
from decnet.realism.llm import config as llm_config
|
|
from decnet.realism.llm.config import LLMConfig, _CONFIG_KEY
|
|
from decnet.telemetry import traced as _traced
|
|
from decnet.web.dependencies import repo, require_admin, require_viewer
|
|
|
|
router = APIRouter()
|
|
log = get_logger("api.realism.llm")
|
|
|
|
_hydrated = False
|
|
_hydrate_lock = asyncio.Lock()
|
|
|
|
_SENTINEL = object()
|
|
|
|
|
|
def _cfg_to_response(cfg: LLMConfig, api_key_set: bool) -> dict[str, Any]:
|
|
return {
|
|
"provider": cfg.provider,
|
|
"base_url": cfg.base_url,
|
|
"model": cfg.model,
|
|
"timeout": cfg.timeout,
|
|
"api_key_set": api_key_set,
|
|
}
|
|
|
|
|
|
async def _load_and_apply_from_db() -> LLMConfig:
|
|
"""Load DB row into process cache; return current effective config."""
|
|
cfg = await llm_config.load_from_db(repo)
|
|
if cfg is not None:
|
|
try:
|
|
llm_config.apply(cfg)
|
|
except Exception as exc: # noqa: BLE001
|
|
log.warning("api.realism.llm: apply on hydrate failed: %s", exc)
|
|
return cfg or LLMConfig()
|
|
|
|
|
|
@router.get(
|
|
"/realism/llm",
|
|
tags=["Realism"],
|
|
responses={
|
|
401: {"description": "Could not validate credentials"},
|
|
403: {"description": "Insufficient permissions"},
|
|
},
|
|
)
|
|
@_traced("api.realism.get_llm")
|
|
async def get_llm_config(
|
|
user: dict = Depends(require_viewer),
|
|
) -> dict[str, Any]:
|
|
"""Return the live LLM provider config (API key masked as ``api_key_set``)."""
|
|
global _hydrated
|
|
if not _hydrated:
|
|
async with _hydrate_lock:
|
|
if not _hydrated:
|
|
await _load_and_apply_from_db()
|
|
_hydrated = True
|
|
|
|
row = await repo.get_realism_config(_CONFIG_KEY)
|
|
if row is not None:
|
|
try:
|
|
stored: dict[str, Any] = json.loads(row.get("value") or "{}")
|
|
except json.JSONDecodeError:
|
|
stored = {}
|
|
else:
|
|
stored = {}
|
|
|
|
cfg = LLMConfig(**stored) if stored else LLMConfig()
|
|
api_key_set = bool(stored.get("api_key_ciphertext"))
|
|
return _cfg_to_response(cfg, api_key_set)
|
|
|
|
|
|
@router.put(
|
|
"/realism/llm",
|
|
tags=["Realism"],
|
|
responses={
|
|
400: {"description": "Invalid config payload"},
|
|
401: {"description": "Could not validate credentials"},
|
|
403: {"description": "Insufficient permissions"},
|
|
},
|
|
)
|
|
@_traced("api.realism.put_llm")
|
|
async def put_llm_config(
|
|
body: dict[str, Any],
|
|
user: dict = Depends(require_admin),
|
|
) -> dict[str, Any]:
|
|
"""Replace LLM provider config. Persists and hot-reloads the backend.
|
|
|
|
``api_key`` handling:
|
|
|
|
* absent or not in body → leave existing encrypted key unchanged
|
|
* ``null`` or ``""`` → clear the stored key
|
|
* non-empty string → encrypt and store
|
|
"""
|
|
global _hydrated
|
|
|
|
if not isinstance(body, dict):
|
|
raise HTTPException(status_code=400, detail="body must be an object")
|
|
|
|
# Load the current persisted config so we can merge partial updates.
|
|
row = await repo.get_realism_config(_CONFIG_KEY)
|
|
current: dict[str, Any] = {}
|
|
if row is not None:
|
|
try:
|
|
current = json.loads(row.get("value") or "{}") or {}
|
|
except json.JSONDecodeError:
|
|
current = {}
|
|
|
|
api_key_raw: Any = body.pop("api_key", _SENTINEL)
|
|
|
|
# Merge incoming fields over the current persisted state.
|
|
merged = {**current, **body}
|
|
|
|
# Handle api_key: absent=keep, null/empty=clear, string=encrypt.
|
|
if api_key_raw is _SENTINEL:
|
|
pass # leave current api_key_ciphertext in merged unchanged
|
|
elif not api_key_raw:
|
|
merged.pop("api_key_ciphertext", None)
|
|
else:
|
|
try:
|
|
from decnet.web.db.secrets import encrypt_secret
|
|
merged["api_key_ciphertext"] = encrypt_secret(str(api_key_raw))
|
|
except RuntimeError:
|
|
log.exception("api.realism.put_llm: secret encryption unavailable")
|
|
raise HTTPException(
|
|
status_code=500,
|
|
detail="Secret encryption unavailable; check server configuration.",
|
|
) from None
|
|
|
|
try:
|
|
cfg = LLMConfig(**merged)
|
|
except Exception as exc:
|
|
log.warning("api.realism.put_llm: LLMConfig validation failed: %s", exc)
|
|
raise HTTPException(status_code=400, detail="Invalid LLM configuration payload.") from exc
|
|
|
|
try:
|
|
llm_config.apply(cfg)
|
|
except Exception:
|
|
log.exception("api.realism.put_llm: backend init failed")
|
|
raise HTTPException(
|
|
status_code=400, detail="Backend init failed; check provider/model settings."
|
|
) from None
|
|
|
|
await repo.set_realism_config(_CONFIG_KEY, json.dumps(merged))
|
|
_hydrated = True
|
|
|
|
log.info(
|
|
"api.realism.put_llm user=%s provider=%s model=%s base_url=%s",
|
|
user.get("username", user.get("uuid")),
|
|
cfg.provider, cfg.model, cfg.base_url,
|
|
)
|
|
return _cfg_to_response(cfg, bool(merged.get("api_key_ciphertext")))
|