/** * @license * Copyright 2025 Steven Roussey * SPDX-License-Identifier: Apache-2.0 */ /** * Shared cloud-provider client utilities: API-key resolution and browser-env * detection. Used by each provider's `*_Client.ts` so the same fallback chain * (provider_config → env var) lives in one place. */ export interface CloudCredentialConfig { readonly credential_key?: string; readonly api_key?: string; } export interface ResolveApiKeyArgs { readonly config: CloudCredentialConfig | undefined; /** Single env var name, or list of alternatives tried in order. */ readonly envVar: string | readonly string[]; /** Human-friendly provider label used in the error message. */ readonly providerLabel: string; } /** * Resolve the API key for a cloud provider. * * Looks at `config.credential_key`, then `config.api_key`, then each entry in * `envVar` (in order). Throws a uniform error if nothing is found. */ export declare function resolveApiKey(args: ResolveApiKeyArgs): string; /** * True when running inside a browser-like environment (window/worker globals * present). Cloud SDKs use this to set their `dangerouslyAllowBrowser` flag. */ export declare function isBrowserLike(): boolean; export interface ValidateProviderBaseUrlArgs { /** Discriminator used only for error messages. */ readonly vendor: "openai" | "anthropic"; /** * Allow-list of acceptable hostnames or hostname suffixes. Matching is * label-boundary: a hostname matches if it equals the entry, or if it ends * with `"." + entry`. Entries may include a leading dot (e.g. * `".openai.azure.com"`) to make the subdomain intent explicit — the dot * is stripped before the boundary check, so any subdomain of * `openai.azure.com` matches but `notopenai.azure.com` does not. */ readonly allowHosts: readonly string[]; /** * When `true`, the caller has explicitly opted out of host validation * (e.g. an enterprise gateway with a custom domain). The URL still has * to parse and use a safe scheme. */ readonly trustedBaseUrl?: boolean; /** Human-friendly provider label used in error messages. */ readonly providerLabel: string; } /** * Validate a provider `base_url` before handing it to the SDK. * * Cloud SDKs send the API key in `Authorization: Bearer` to whatever * `baseURL` they are constructed with. In multi-tenant scenarios * (marketplace model definitions, workflow imports) an attacker can * exfiltrate the key by pointing `base_url` at their own server. This * helper enforces two defenses before construction: * * - The URL must parse and use HTTPS (HTTP is allowed only for the * loopback hostnames `localhost` / `127.0.0.1` / `[::1]`, where the * request never leaves the machine and is presumed to be a local * gateway such as Ollama / LM Studio / vLLM). * - The hostname must match an entry in {@link ValidateProviderBaseUrlArgs.allowHosts} * by exact equality or by suffix (so subdomains of e.g. `openai.azure.com` * are permitted), unless the host is a loopback address (auto-allowed: * the user can't exfiltrate their own key to their own machine) or * the model is explicitly flagged as `trustedBaseUrl`. * * Returns the normalized string form. Returns `undefined` for an empty / * undefined input so the SDK falls back to its default base URL. * * @throws when the URL fails to parse, uses an unsafe scheme, or points * at a non-allow-listed host without `trustedBaseUrl`. */ export declare function validateProviderBaseUrl(baseUrl: string | undefined, opts: ValidateProviderBaseUrlArgs): string | undefined; //# sourceMappingURL=CloudProviderClient.d.ts.map