|
| 1 | +# SPDX-FileCopyrightText: Copyright (c) 2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved. |
| 2 | +# SPDX-License-Identifier: Apache-2.0 |
| 3 | +# |
| 4 | +# Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | +# you may not use this file except in compliance with the License. |
| 6 | +# You may obtain a copy of the License at |
| 7 | +# |
| 8 | +# http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | +# |
| 10 | +# Unless required by applicable law or agreed to in writing, software |
| 11 | +# distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | +# See the License for the specific language governing permissions and |
| 14 | +# limitations under the License. |
| 15 | + |
| 16 | +"""Tests for header forwarding and log redaction.""" |
| 17 | + |
| 18 | +from nemoguardrails.actions.llm.utils import get_extra_headers_from_request |
| 19 | +from nemoguardrails.context import api_request_headers_var |
| 20 | +from nemoguardrails.logging.callbacks import _redact_invocation_params |
| 21 | + |
| 22 | + |
| 23 | +def _set_headers(headers): |
| 24 | + api_request_headers_var.set(headers) |
| 25 | + |
| 26 | + |
| 27 | +def test_no_headers_returns_none(): |
| 28 | + api_request_headers_var.set(None) |
| 29 | + assert get_extra_headers_from_request() is None |
| 30 | + |
| 31 | + |
| 32 | +def test_mixed_headers_full_scenario(): |
| 33 | + """Core test: infra filtered, x-auth wins, non-x ignored, custom forwarded.""" |
| 34 | + _set_headers( |
| 35 | + { |
| 36 | + "authorization": "Bearer oauth-token", |
| 37 | + "x-authorization": "Bearer llm-key", |
| 38 | + "x-forwarded-for": "1.2.3.4", |
| 39 | + "x-remote-user": "admin", |
| 40 | + "x-real-ip": "5.6.7.8", |
| 41 | + "x-request-id": "abc", |
| 42 | + "x-maas-subscription": "sub-key", |
| 43 | + "content-type": "application/json", |
| 44 | + } |
| 45 | + ) |
| 46 | + result = get_extra_headers_from_request(forward_auth=True) |
| 47 | + assert result == { |
| 48 | + "Authorization": "Bearer llm-key", |
| 49 | + "x-maas-subscription": "sub-key", |
| 50 | + } |
| 51 | + |
| 52 | + |
| 53 | +def test_forward_auth_false_skips_auth(): |
| 54 | + _set_headers({"authorization": "Bearer key", "x-authorization": "Bearer key2"}) |
| 55 | + assert get_extra_headers_from_request(forward_auth=False) is None |
| 56 | + |
| 57 | + |
| 58 | +def test_authorization_never_forwarded_to_llm(): |
| 59 | + """Authorization header (K8s/proxy auth) must never reach the LLM.""" |
| 60 | + _set_headers({"authorization": "Bearer k8s-token"}) |
| 61 | + result = get_extra_headers_from_request(forward_auth=True) |
| 62 | + assert result is None |
| 63 | + |
| 64 | + |
| 65 | +def test_x_authorization_forwarded_without_authorization(): |
| 66 | + _set_headers({"x-authorization": "Bearer llm-key"}) |
| 67 | + result = get_extra_headers_from_request(forward_auth=True) |
| 68 | + assert result == {"Authorization": "Bearer llm-key"} |
| 69 | + |
| 70 | + |
| 71 | +def test_redact_hides_bearer_tokens(): |
| 72 | + params = { |
| 73 | + "model": "gpt-4", |
| 74 | + "extra_headers": { |
| 75 | + "Authorization": "Bearer sk-secret-123", |
| 76 | + "x-custom": "visible", |
| 77 | + }, |
| 78 | + } |
| 79 | + result = _redact_invocation_params(params) |
| 80 | + assert result["extra_headers"]["Authorization"] == "Bearer [REDACTED]" |
| 81 | + assert result["extra_headers"]["x-custom"] == "visible" |
| 82 | + # original unchanged |
| 83 | + assert params["extra_headers"]["Authorization"] == "Bearer sk-secret-123" |
| 84 | + |
| 85 | + |
| 86 | +def test_redact_no_extra_headers_passthrough(): |
| 87 | + params = {"model": "gpt-4"} |
| 88 | + assert _redact_invocation_params(params) is params |
0 commit comments