Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat:Add Amazon Bedrock to support the leading large language models such as Amazon Nova, Claude, Llama, Mistral, and others. #5746

Open
wants to merge 93 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
93 commits
Select commit Hold shift + click to select a range
ff356f0
修改: app/api/[provider]/[...path]/route.ts
glayyiyi Oct 29, 2024
722c288
Merge branch 'ChatGPTNextWeb:main' into main
glayyiyi Oct 31, 2024
dca4a0e
修改: app/api/bedrock.ts
glayyiyi Oct 31, 2024
fc39116
修改: app/api/bedrock.ts
glayyiyi Nov 4, 2024
0f276f5
修改: app/client/platforms/bedrock.ts
glayyiyi Nov 5, 2024
afbf5eb
修改: .env.template
glayyiyi Nov 5, 2024
58837f6
修改: app/api/bedrock.ts
glayyiyi Nov 5, 2024
f532731
修改: app/client/platforms/bedrock.ts
glayyiyi Nov 5, 2024
e3c18bb
修改: app/api/bedrock.ts
glayyiyi Nov 5, 2024
d55c752
修改: app/api/bedrock.ts
glayyiyi Nov 5, 2024
1164e1b
Merge feature/update-bedrock-api into main
glayyiyi Nov 5, 2024
1998cf5
Merge feature/update-bedrock-api into main
glayyiyi Nov 5, 2024
045adc3
修改: app/api/bedrock.ts
glayyiyi Nov 5, 2024
1f66d37
修改: app/api/bedrock.ts
glayyiyi Nov 5, 2024
cae20af
修改: app/api/bedrock.ts
glayyiyi Nov 5, 2024
ca17e90
修改: app/utils/encryption.ts
glayyiyi Nov 5, 2024
c55cea5
修改: app/store/access.ts
glayyiyi Nov 6, 2024
952d883
修改: app/components/settings.tsx
glayyiyi Nov 6, 2024
3bf55d3
Merge branch 'main' into main
glayyiyi Nov 6, 2024
f0c23cc
修改: app/store/access.ts
glayyiyi Nov 6, 2024
5d5456c
修改: app/api/bedrock.ts
glayyiyi Nov 6, 2024
4204890
Merge branch 'ChatGPTNextWeb:main' into main
glayyiyi Nov 6, 2024
9e04198
Merge branch 'main' into main
glayyiyi Nov 6, 2024
82a368a
修改: .env.template
glayyiyi Nov 7, 2024
0e09697
Merge branch 'ChatGPTNextWeb:main' into main
glayyiyi Nov 8, 2024
09e4f95
Merge branch 'main' into main
glayyiyi Nov 11, 2024
f120584
Merge branch 'main' into main
glayyiyi Nov 12, 2024
afb0752
Merge branch 'ChatGPTNextWeb:main' into main
glayyiyi Nov 12, 2024
bfa4339
Add AWS access key validation.
glayyiyi Nov 12, 2024
70f066c
Add AWS region validation and improve code style.
glayyiyi Nov 13, 2024
1b5a81c
Add AWS secret key validation.
glayyiyi Nov 13, 2024
24261d2
Consider adding more Bedrock-specific configurations
glayyiyi Nov 13, 2024
6bc1612
修改: app/locales/cn.ts
glayyiyi Nov 13, 2024
225ad30
修改: app/api/bedrock.ts
glayyiyi Nov 13, 2024
b2d5e0e
Merge branch 'ChatGPTNextWeb:main' into main
glayyiyi Nov 13, 2024
dfeb9e7
Merge branch 'ChatGPTNextWeb:main' into main
glayyiyi Nov 17, 2024
9d3f1d2
remove document function,only keep the bedrock service provider
glayyiyi Nov 18, 2024
f60c237
去掉sdk的引入,客户端也能直连
glayyiyi Nov 20, 2024
bd68df1
修改: app/api/bedrock.ts
glayyiyi Nov 21, 2024
b0c1ccd
优化和重构代码,增加前端可以设置加密配置数据的密钥
glayyiyi Nov 22, 2024
a85db21
优化代码,修改方法命名错误
glayyiyi Nov 23, 2024
ff88421
修改密钥加密逻辑
glayyiyi Nov 23, 2024
a6337e9
完善总结功能的代码逻辑
glayyiyi Nov 23, 2024
238eb70
完善mistral模型的推理结果
glayyiyi Nov 23, 2024
513cf1b
完善llama和mistral模型的推理功能
glayyiyi Nov 23, 2024
a19ba69
Merge branch 'ChatGPTNextWeb:main' into main
glayyiyi Nov 24, 2024
2ccdd17
优化前后端代码,将公共方法抽取到util类,修改客户端加密方式
glayyiyi Nov 24, 2024
6f7a635
完善llama和mistral模型的推理功能
glayyiyi Nov 24, 2024
5bd7e28
去掉Debug日志打印
glayyiyi Nov 25, 2024
0abfd27
完善bedrock中文翻译
glayyiyi Nov 25, 2024
2fe848e
去掉Debug日志打印
glayyiyi Nov 25, 2024
9a47304
去掉Debug日志打印
glayyiyi Nov 25, 2024
15d0600
Merge branch 'ChatGPTNextWeb:main' into main
glayyiyi Nov 25, 2024
e663375
完善mistral tool use功能 和llama3消息格式问题
glayyiyi Nov 25, 2024
448babd
完善mistral tool use功能
glayyiyi Nov 26, 2024
b39b3f7
Remove detailed error logging in decryption function.
glayyiyi Nov 26, 2024
9c648e5
Remove detailed error error message.
glayyiyi Nov 26, 2024
8ce2cf5
Remove detailed error error message.
glayyiyi Nov 26, 2024
471b178
modify the BEDROCK_BASE_URL to use the region from the access stor
glayyiyi Nov 26, 2024
d9d2a27
modify the BEDROCK_BASE_URL to use the region from the access store
glayyiyi Nov 26, 2024
a75b9f7
Merge branch 'ChatGPTNextWeb:main' into main
glayyiyi Dec 4, 2024
0c55850
优化bedrock流式消息处理的缓冲机制,简化app和后台api调用逻辑判断和处理
glayyiyi Dec 7, 2024
4254fd3
增加bedrock最新nova模型,包括image解析的支持
glayyiyi Dec 7, 2024
57dc44a
增加bedrock最新nova模型,优化后台代码
glayyiyi Dec 7, 2024
ad49cd0
优化bedrock工具类,以更安全的处理流式消息的边界值
glayyiyi Dec 7, 2024
5ac651a
Enhance encryption security
glayyiyi Dec 7, 2024
603415f
Enhance log security
glayyiyi Dec 8, 2024
26b9fa9
优化代码
glayyiyi Dec 8, 2024
f5ae086
Enhance encryption security with additional safeguards.
glayyiyi Dec 8, 2024
fb3437c
Update app/client/platforms/bedrock.ts
glayyiyi Dec 8, 2024
7830b37
Enhance encryption security with additional safeguards.
glayyiyi Dec 8, 2024
4b2f447
Enhance encryption security with additional safeguards.
glayyiyi Dec 8, 2024
93337b2
Update app/client/platforms/bedrock.ts
glayyiyi Dec 8, 2024
a088687
Enhance encryption security with additional safeguards.
glayyiyi Dec 8, 2024
44a1cf6
Update app/client/platforms/bedrock.ts
glayyiyi Dec 9, 2024
50a241b
Update app/utils/aws.ts
glayyiyi Dec 9, 2024
372a327
Update app/utils/aws.ts
glayyiyi Dec 9, 2024
2a9f7d7
Update app/client/platforms/bedrock.ts
glayyiyi Dec 9, 2024
12d38aa
Update app/utils/aws.ts
glayyiyi Dec 9, 2024
19437c7
Enhance encryption security with additional safeguards.
glayyiyi Dec 10, 2024
e455840
Update app/utils/aws.ts
glayyiyi Dec 10, 2024
cb0422b
Enhance processChunks by attempting to recover by processing the next…
glayyiyi Dec 10, 2024
0ec1ae6
Enhance encryption security with additional safeguards.
glayyiyi Dec 10, 2024
e839940
feat:add amazon.nova model tool use support.
glayyiyi Dec 14, 2024
9643adc
Merge branch 'main' into main
glayyiyi Dec 21, 2024
92615da
Merge branch 'main' into main
glayyiyi Dec 22, 2024
26f79aa
feat:add nova VISION_MODEL_REGEXES
glayyiyi Dec 22, 2024
89b1774
Merge branch 'ChatGPTNextWeb:main' into main
glayyiyi Dec 25, 2024
29b9a20
feat:add meta.llama3-3-70b-instruct model
glayyiyi Dec 25, 2024
b0f78e9
Merge branch 'main' into main
glayyiyi Dec 30, 2024
6d72a04
Merge branch 'ChatGPTNextWeb:main' into main
glayyiyi Jan 1, 2025
e94566d
Merge branch 'ChatGPTNextWeb:main' into main
glayyiyi Jan 14, 2025
40c0037
Merge branch 'main' into main
glayyiyi Jan 22, 2025
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions app/api/[provider]/[...path]/route.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import { ApiPath } from "@/app/constant";
import { NextRequest } from "next/server";
import { handle as openaiHandler } from "../../openai";
import { handle as bedrockHandler } from "../../bedrock";
import { handle as azureHandler } from "../../azure";
import { handle as googleHandler } from "../../google";
import { handle as anthropicHandler } from "../../anthropic";
Expand All @@ -20,12 +21,15 @@ async function handle(
const apiPath = `/api/${params.provider}`;
console.log(`[${params.provider} Route] params `, params);
switch (apiPath) {
case ApiPath.Bedrock:
return bedrockHandler(req, { params });
case ApiPath.Azure:
return azureHandler(req, { params });
case ApiPath.Google:
return googleHandler(req, { params });
case ApiPath.Anthropic:
return anthropicHandler(req, { params });

case ApiPath.Baidu:
return baiduHandler(req, { params });
case ApiPath.ByteDance:
Expand Down
22 changes: 22 additions & 0 deletions app/api/auth.ts
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,28 @@ export function auth(req: NextRequest, modelProvider: ModelProvider) {
msg: "you are not allowed to access with your own api key",
};
}
// Special handling for Bedrock
if (modelProvider === ModelProvider.Bedrock) {
const region = req.headers.get("X-Region");
const accessKeyId = req.headers.get("X-Access-Key");
const secretKey = req.headers.get("X-Secret-Key");

console.log("[Auth] Bedrock credentials:", {
region,
accessKeyId: accessKeyId ? "***" : undefined,
secretKey: secretKey ? "***" : undefined,
});

// Check if AWS credentials are provided
if (!region || !accessKeyId || !secretKey) {
return {
error: true,
msg: "Missing AWS credentials. Please configure Region, Access Key ID, and Secret Access Key in settings.",
};
}
glayyiyi marked this conversation as resolved.
Show resolved Hide resolved

return { error: false };
}

// if user does not provide an api key, inject system api key
if (!apiKey) {
Expand Down
261 changes: 261 additions & 0 deletions app/api/bedrock.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,261 @@
import { ModelProvider } from "../constant";
import { prettyObject } from "../utils/format";
import { NextRequest, NextResponse } from "next/server";
import { auth } from "./auth";
import {
BedrockRuntimeClient,
ConverseStreamOutput,
ValidationException,
ModelStreamErrorException,
ThrottlingException,
ServiceUnavailableException,
InternalServerException,
} from "@aws-sdk/client-bedrock-runtime";
import { validateModelId } from "./bedrock/utils";
import { ConverseRequest, createConverseStreamCommand } from "./bedrock/models";

const ALLOWED_PATH = new Set(["converse"]);

export async function handle(
req: NextRequest,
{ params }: { params: { path: string[] } },
) {
console.log("[Bedrock Route] params ", params);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Avoid logging sensitive information

Logging request parameters (params) may expose sensitive information. Consider removing or sanitizing this log statement to prevent potential data leakage.

Apply this diff to remove the sensitive log:

-   console.log("[Bedrock Route] params ", params);
+   console.log("[Bedrock Route] Received a request");
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
console.log("[Bedrock Route] params ", params);
console.log("[Bedrock Route] Received a request");


if (req.method === "OPTIONS") {
return NextResponse.json({ body: "OK" }, { status: 200 });
}

const subpath = params.path.join("/");

if (!ALLOWED_PATH.has(subpath)) {
console.log("[Bedrock Route] forbidden path ", subpath);
return NextResponse.json(
{
error: true,
msg: "you are not allowed to request " + subpath,
},
{
status: 403,
},
);
}

const authResult = auth(req, ModelProvider.Bedrock);
if (authResult.error) {
return NextResponse.json(authResult, {
status: 401,
});
}

try {
const response = await handleConverseRequest(req);
return response;
} catch (e) {
console.error("[Bedrock] ", e);
return NextResponse.json(
{
error: true,
message: e instanceof Error ? e.message : "Unknown error",
details: prettyObject(e),
},
{ status: 500 },
);
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Do not expose internal error details to clients

Returning detailed error information (details: prettyObject(e)) to the client can reveal internal implementation details and pose security risks. Consider logging the error server-side and returning a generic message to the client.

Apply this diff to remove sensitive error details from the response:

         error: true,
         message: e instanceof Error ? e.message : "Unknown error",
-        details: prettyObject(e),
+        // details: prettyObject(e),
       },
       { status: 500 },

Committable suggestion was skipped due to low confidence.

}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add validation for unsupported model IDs

The function should explicitly reject unsupported model IDs.

   } else if (modelId.startsWith("amazon.titan")) {
     if (!bodyContent.inputText) throw new Error("Titan requires inputText");
+  } else {
+    throw new Error(`Unsupported model ID: ${modelId}`);
   }

Committable suggestion skipped: line range outside the PR's diff.


async function handleConverseRequest(req: NextRequest) {
const region = req.headers.get("X-Region") || "us-west-2";
const accessKeyId = req.headers.get("X-Access-Key") || "";
const secretAccessKey = req.headers.get("X-Secret-Key") || "";
const sessionToken = req.headers.get("X-Session-Token");

if (!accessKeyId || !secretAccessKey) {
return NextResponse.json(
{
error: true,
message: "Missing AWS credentials",
},
{
status: 401,
},
);
}
glayyiyi marked this conversation as resolved.
Show resolved Hide resolved

const client = new BedrockRuntimeClient({
region,
credentials: {
accessKeyId,
secretAccessKey,
sessionToken: sessionToken || undefined,
},
});

try {
const body = (await req.json()) as ConverseRequest;
const { modelId } = body;

const validationError = validateModelId(modelId);
if (validationError) {
throw new Error(validationError);
}

console.log("[Bedrock] Invoking model:", modelId);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Avoid logging model identifiers

Logging the modelId could expose sensitive information. It's advisable to remove or anonymize this log statement.

Apply this diff to prevent logging sensitive modelId:

-     console.log("[Bedrock] Invoking model:", modelId);
+     console.log("[Bedrock] Invoking model");
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
console.log("[Bedrock] Invoking model:", modelId);
console.log("[Bedrock] Invoking model");


const command = createConverseStreamCommand(body);
const response = await client.send(command);

if (!response.stream) {
throw new Error("No stream in response");
}

// Create a ReadableStream for the response
const stream = new ReadableStream({
async start(controller) {
try {
const responseStream = response.stream;
if (!responseStream) {
throw new Error("No stream in response");
}

for await (const event of responseStream) {
const output = event as ConverseStreamOutput;

if ("messageStart" in output && output.messageStart?.role) {
controller.enqueue(
`data: ${JSON.stringify({
type: "messageStart",
role: output.messageStart.role,
})}\n\n`,
);
} else if (
"contentBlockStart" in output &&
output.contentBlockStart
) {
controller.enqueue(
`data: ${JSON.stringify({
type: "contentBlockStart",
index: output.contentBlockStart.contentBlockIndex,
start: output.contentBlockStart.start,
})}\n\n`,
);
} else if (
"contentBlockDelta" in output &&
output.contentBlockDelta?.delta
) {
if ("text" in output.contentBlockDelta.delta) {
controller.enqueue(
`data: ${JSON.stringify({
type: "text",
content: output.contentBlockDelta.delta.text,
})}\n\n`,
);
} else if ("toolUse" in output.contentBlockDelta.delta) {
controller.enqueue(
`data: ${JSON.stringify({
type: "toolUse",
input: output.contentBlockDelta.delta.toolUse?.input,
})}\n\n`,
);
}
} else if (
"contentBlockStop" in output &&
output.contentBlockStop
) {
controller.enqueue(
`data: ${JSON.stringify({
type: "contentBlockStop",
index: output.contentBlockStop.contentBlockIndex,
})}\n\n`,
);
} else if ("messageStop" in output && output.messageStop) {
controller.enqueue(
`data: ${JSON.stringify({
type: "messageStop",
stopReason: output.messageStop.stopReason,
additionalModelResponseFields:
output.messageStop.additionalModelResponseFields,
})}\n\n`,
);
} else if ("metadata" in output && output.metadata) {
controller.enqueue(
`data: ${JSON.stringify({
type: "metadata",
usage: output.metadata.usage,
metrics: output.metadata.metrics,
trace: output.metadata.trace,
})}\n\n`,
);
}
}
controller.close();
} catch (error) {
if (error instanceof ValidationException) {
controller.enqueue(
`data: ${JSON.stringify({
type: "error",
error: "ValidationException",
message: error.message,
})}\n\n`,
);
} else if (error instanceof ModelStreamErrorException) {
controller.enqueue(
`data: ${JSON.stringify({
type: "error",
error: "ModelStreamErrorException",
message: error.message,
originalStatusCode: error.originalStatusCode,
originalMessage: error.originalMessage,
})}\n\n`,
);
} else if (error instanceof ThrottlingException) {
controller.enqueue(
`data: ${JSON.stringify({
type: "error",
error: "ThrottlingException",
message: error.message,
})}\n\n`,
);
} else if (error instanceof ServiceUnavailableException) {
controller.enqueue(
`data: ${JSON.stringify({
type: "error",
error: "ServiceUnavailableException",
message: error.message,
})}\n\n`,
);
} else if (error instanceof InternalServerException) {
controller.enqueue(
`data: ${JSON.stringify({
type: "error",
error: "InternalServerException",
message: error.message,
})}\n\n`,
);
} else {
controller.enqueue(
`data: ${JSON.stringify({
type: "error",
error: "UnknownError",
message:
error instanceof Error ? error.message : "Unknown error",
})}\n\n`,
);
}
controller.close();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Refactor error handling to reduce code duplication

The error handling within the ReadableStream has repetitive blocks for each exception type. Consider refactoring to improve maintainability and readability.

Here's a refactored version using a helper function:

+function enqueueError(controller, errorType, message, additionalFields = {}) {
+  controller.enqueue(
+    `data: ${JSON.stringify({
+      type: "error",
+      error: errorType,
+      message: message,
+      ...additionalFields,
+    })}\n\n`,
+  );
+}

 // Inside the catch block
 } catch (error) {
   if (error instanceof ValidationException) {
-    controller.enqueue(
-      `data: ${JSON.stringify({
-        type: "error",
-        error: "ValidationException",
-        message: error.message,
-      })}\n\n`,
-    );
+    enqueueError(controller, "ValidationException", error.message);
   } else if (error instanceof ModelStreamErrorException) {
-    controller.enqueue(
-      `data: ${JSON.stringify({
-        type: "error",
-        error: "ModelStreamErrorException",
-        message: error.message,
-        originalStatusCode: error.originalStatusCode,
-        originalMessage: error.originalMessage,
-      })}\n\n`,
-    );
+    enqueueError(controller, "ModelStreamErrorException", error.message, {
+      originalStatusCode: error.originalStatusCode,
+      originalMessage: error.originalMessage,
+    });
   } else if (error instanceof ThrottlingException) {
     // Similar changes for other exceptions...
   } else {
-    controller.enqueue(
-      `data: ${JSON.stringify({
-        type: "error",
-        error: "UnknownError",
-        message:
-          error instanceof Error ? error.message : "Unknown error",
-      })}\n\n`,
-    );
+    enqueueError(
+      controller,
+      "UnknownError",
+      error instanceof Error ? error.message : "Unknown error",
+    );
   }
   controller.close();
 }

Committable suggestion was skipped due to low confidence.

}
},
});

return new Response(stream, {
headers: {
"Content-Type": "text/event-stream",
"Cache-Control": "no-cache",
Connection: "keep-alive",
},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Include security headers in the response

Adding security-related headers can enhance the application's security posture. Consider including headers like X-Content-Type-Options, X-Frame-Options, and Strict-Transport-Security.

Apply this diff to add security headers:

       headers: {
         "Content-Type": "text/event-stream",
         "Cache-Control": "no-cache",
         Connection: "keep-alive",
+        "X-Content-Type-Options": "nosniff",
+        "X-Frame-Options": "DENY",
+        "Strict-Transport-Security": "max-age=31536000; includeSubDomains",
       },
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
"Content-Type": "text/event-stream",
"Cache-Control": "no-cache",
Connection: "keep-alive",
},
"Content-Type": "text/event-stream",
"Cache-Control": "no-cache",
Connection: "keep-alive",
"X-Content-Type-Options": "nosniff",
"X-Frame-Options": "DENY",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains",
},

});
} catch (error) {
console.error("[Bedrock] Request error:", error);
throw error;
}
}
Loading
Loading