feat: byok-observability for aibridge

evgeniy-scherbina · evgeniy-scherbina · commit c5dd566c8e0e · 2026-03-30T22:37:48.000Z
diff --git a/bridge.go b/bridge.go
@@ -221,6 +221,8 @@ func newInterceptionProcessor(p provider.Provider, cbs *circuitbreaker.ProviderC
 			Client:                string(client),
 			ClientSessionID:       sessionID,
 			CorrelatingToolCallID: interceptor.CorrelatingToolCallID(),
+			CredentialKind:        interceptor.CredentialKind(),
+			CredentialHint:        interceptor.CredentialHint(),
 		}); err != nil {
 			span.SetStatus(codes.Error, fmt.Sprintf("failed to record interception: %v", err))
 			logger.Warn(ctx, "failed to record interception", slog.Error(err))
diff --git a/intercept/chatcompletions/base.go b/intercept/chatcompletions/base.go
@@ -40,6 +40,8 @@ type interceptionBase struct {
 
 	recorder recorder.Recorder
 	mcpProxy mcp.ServerProxier
+
+	intercept.CredentialFields
 }
 
 func (i *interceptionBase) newCompletionsService() openai.ChatCompletionService {
diff --git a/intercept/credential.go b/intercept/credential.go
@@ -0,0 +1,39 @@
+package intercept
+
+// Credential kind constants for interception recording.
+const (
+	CredentialKindCentralized    = "centralized"
+	CredentialKindPersonalAPIKey = "personal_api_key"
+	CredentialKindSubscription   = "subscription"
+)
+
+// MaskCredential returns a masked version of a credential suitable for
+// audit logging. It preserves a short prefix and suffix separated by
+// an ellipsis. Returns an empty string for empty input.
+func MaskCredential(secret string) string {
+	if len(secret) <= 8 {
+		return "***"
+	}
+	return secret[:4] + "..." + secret[len(secret)-4:]
+}
+
+// CredentialFields is an embeddable helper that implements the
+// SetCredential, CredentialKind, and CredentialHint methods of the
+// Interceptor interface.
+type CredentialFields struct {
+	Kind string
+	Hint string
+}
+
+func (c *CredentialFields) SetCredential(kind, hint string) {
+	c.Kind = kind
+	c.Hint = hint
+}
+
+func (c *CredentialFields) CredentialKind() string {
+	return c.Kind
+}
+
+func (c *CredentialFields) CredentialHint() string {
+	return c.Hint
+}
diff --git a/intercept/interceptor.go b/intercept/interceptor.go
@@ -25,6 +25,15 @@ type Interceptor interface {
 	Streaming() bool
 	// TraceAttributes returns tracing attributes for this [Interceptor]
 	TraceAttributes(*http.Request) []attribute.KeyValue
+	// SetCredential sets the credential kind and hint for this
+	// interception. Called by the provider after construction.
+	SetCredential(kind, hint string)
+	// CredentialKind returns how the request was authenticated:
+	// centralized, personal_api_key, or subscription.
+	CredentialKind() string
+	// CredentialHint returns a masked credential identifier for audit
+	// purposes (e.g. sk-...abc1).
+	CredentialHint() string
 	// CorrelatingToolCallID returns the ID of a tool call result submitted
 	// in the request, if present. This is used to correlate the current
 	// interception back to the previous interception that issued those tool
diff --git a/intercept/messages/base.go b/intercept/messages/base.go
@@ -79,6 +79,8 @@ type interceptionBase struct {
 
 	recorder recorder.Recorder
 	mcpProxy mcp.ServerProxier
+
+	intercept.CredentialFields
 }
 
 func (i *interceptionBase) ID() uuid.UUID {
diff --git a/intercept/responses/base.go b/intercept/responses/base.go
@@ -49,6 +49,8 @@ type responsesInterceptionBase struct {
 
 	logger slog.Logger
 	tracer trace.Tracer
+
+	intercept.CredentialFields
 }
 
 func (i *responsesInterceptionBase) newResponsesService() responses.ResponseService {
diff --git a/provider/anthropic.go b/provider/anthropic.go
@@ -130,14 +130,17 @@ func (p *Anthropic) CreateInterceptor(w http.ResponseWriter, r *http.Request, tr
 		// set BYOKBearerToken and clear the centralized key.
 		// When both are present, X-Api-Key takes priority to match
 		// claude-code behavior.
+		credKind := intercept.CredentialKindCentralized
 		authHeaderName := p.AuthHeader()
 		if apiKey := r.Header.Get("X-Api-Key"); apiKey != "" {
 			cfg.Key = apiKey
 			authHeaderName = "X-Api-Key"
+			credKind = intercept.CredentialKindPersonalAPIKey
 		} else if token := utils.ExtractBearerToken(r.Header.Get("Authorization")); token != "" {
 			cfg.BYOKBearerToken = token
 			cfg.Key = ""
 			authHeaderName = "Authorization"
+			credKind = intercept.CredentialKindPersonalAPIKey
 		}
 
 		var interceptor intercept.Interceptor
@@ -146,6 +149,12 @@ func (p *Anthropic) CreateInterceptor(w http.ResponseWriter, r *http.Request, tr
 		} else {
 			interceptor = messages.NewBlockingInterceptor(id, reqPayload, p.Name(), cfg, p.bedrockCfg, r.Header, authHeaderName, tracer)
 		}
+		// Determine the credential hint from the key actually used.
+		credHint := intercept.MaskCredential(cfg.Key)
+		if cfg.BYOKBearerToken != "" {
+			credHint = intercept.MaskCredential(cfg.BYOKBearerToken)
+		}
+		interceptor.SetCredential(credKind, credHint)
 		span.SetAttributes(interceptor.TraceAttributes(r)...)
 		return interceptor, nil
 	}
diff --git a/provider/copilot.go b/provider/copilot.go
@@ -182,6 +182,7 @@ func (p *Copilot) CreateInterceptor(_ http.ResponseWriter, r *http.Request, trac
 		return nil, UnknownRoute
 	}
 
+	interceptor.SetCredential(intercept.CredentialKindSubscription, intercept.MaskCredential(key))
 	span.SetAttributes(interceptor.TraceAttributes(r)...)
 	return interceptor, nil
 }
diff --git a/provider/openai.go b/provider/openai.go
@@ -113,8 +113,10 @@ func (p *OpenAI) CreateInterceptor(w http.ResponseWriter, r *http.Request, trace
 	//
 	// In BYOK mode the user's credential is in Authorization. Replace
 	// the centralized key with it so it is forwarded upstream.
+	credKind := intercept.CredentialKindCentralized
 	if token := utils.ExtractBearerToken(r.Header.Get("Authorization")); token != "" {
 		cfg.Key = token
+		credKind = intercept.CredentialKindPersonalAPIKey
 	}
 
 	path := strings.TrimPrefix(r.URL.Path, p.RoutePrefix())
@@ -150,6 +152,7 @@ func (p *OpenAI) CreateInterceptor(w http.ResponseWriter, r *http.Request, trace
 		span.SetStatus(codes.Error, "unknown route: "+r.URL.Path)
 		return nil, UnknownRoute
 	}
+	interceptor.SetCredential(credKind, intercept.MaskCredential(cfg.Key))
 	span.SetAttributes(interceptor.TraceAttributes(r)...)
 	return interceptor, nil
 }
diff --git a/recorder/types.go b/recorder/types.go
@@ -39,6 +39,8 @@ type InterceptionRecord struct {
 	Client                string
 	UserAgent             string
 	CorrelatingToolCallID *string
+	CredentialKind        string
+	CredentialHint        string
 }
 
 type InterceptionRecordEnded struct {

Original file line number	Diff line number	Diff line change
`@@ -40,6 +40,8 @@ type interceptionBase struct {`
`40`	`40`
`41`	`41`	`recorder recorder.Recorder`
`42`	`42`	`mcpProxy mcp.ServerProxier`
	`43`	`+`
	`44`	`+ intercept.CredentialFields`
`43`	`45`	`}`
`44`	`46`
`45`	`47`	`func (i *interceptionBase) newCompletionsService() openai.ChatCompletionService {`
Original file line number	Diff line number	Diff line change
`@@ -79,6 +79,8 @@ type interceptionBase struct {`
`79`	`79`
`80`	`80`	`recorder recorder.Recorder`
`81`	`81`	`mcpProxy mcp.ServerProxier`
	`82`	`+`
	`83`	`+ intercept.CredentialFields`
`82`	`84`	`}`
`83`	`85`
`84`	`86`	`func (i *interceptionBase) ID() uuid.UUID {`
Original file line number	Diff line number	Diff line change
`@@ -49,6 +49,8 @@ type responsesInterceptionBase struct {`
`49`	`49`
`50`	`50`	`logger slog.Logger`
`51`	`51`	`tracer trace.Tracer`
	`52`	`+`
	`53`	`+ intercept.CredentialFields`
`52`	`54`	`}`
`53`	`55`
`54`	`56`	`func (i *responsesInterceptionBase) newResponsesService() responses.ResponseService {`
Original file line number	Diff line number	Diff line change
`@@ -182,6 +182,7 @@ func (p Copilot) CreateInterceptor(_ http.ResponseWriter, r http.Request, trac`
`182`	`182`	`return nil, UnknownRoute`
`183`	`183`	`}`
`184`	`184`
	`185`	`+ interceptor.SetCredential(intercept.CredentialKindSubscription, intercept.MaskCredential(key))`
`185`	`186`	`span.SetAttributes(interceptor.TraceAttributes(r)...)`
`186`	`187`	`return interceptor, nil`
`187`	`188`	`}`
Original file line number	Diff line number	Diff line change
`@@ -113,8 +113,10 @@ func (p OpenAI) CreateInterceptor(w http.ResponseWriter, r http.Request, trace`
`113`	`113`	`//`
`114`	`114`	`// In BYOK mode the user's credential is in Authorization. Replace`
`115`	`115`	`// the centralized key with it so it is forwarded upstream.`
	`116`	`+ credKind := intercept.CredentialKindCentralized`
`116`	`117`	`if token := utils.ExtractBearerToken(r.Header.Get("Authorization")); token != "" {`
`117`	`118`	`cfg.Key = token`
	`119`	`+ credKind = intercept.CredentialKindPersonalAPIKey`
`118`	`120`	`}`
`119`	`121`
`120`	`122`	`path := strings.TrimPrefix(r.URL.Path, p.RoutePrefix())`
`@@ -150,6 +152,7 @@ func (p OpenAI) CreateInterceptor(w http.ResponseWriter, r http.Request, trace`
`150`	`152`	`span.SetStatus(codes.Error, "unknown route: "+r.URL.Path)`
`151`	`153`	`return nil, UnknownRoute`
`152`	`154`	`}`
	`155`	`+ interceptor.SetCredential(credKind, intercept.MaskCredential(cfg.Key))`
`153`	`156`	`span.SetAttributes(interceptor.TraceAttributes(r)...)`
`154`	`157`	`return interceptor, nil`
`155`	`158`	`}`
Original file line number	Diff line number	Diff line change
`@@ -39,6 +39,8 @@ type InterceptionRecord struct {`
`39`	`39`	`Client string`
`40`	`40`	`UserAgent string`
`41`	`41`	`CorrelatingToolCallID *string`
	`42`	`+ CredentialKind string`
	`43`	`+ CredentialHint string`
`42`	`44`	`}`
`43`	`45`
`44`	`46`	`type InterceptionRecordEnded struct {`