about summary refs log tree commit diff
path: root/.venv/lib/python3.12/site-packages/litellm/proxy/auth/service_account_checks.py
diff options
context:
space:
mode:
Diffstat (limited to '.venv/lib/python3.12/site-packages/litellm/proxy/auth/service_account_checks.py')
-rw-r--r--.venv/lib/python3.12/site-packages/litellm/proxy/auth/service_account_checks.py53
1 files changed, 53 insertions, 0 deletions
diff --git a/.venv/lib/python3.12/site-packages/litellm/proxy/auth/service_account_checks.py b/.venv/lib/python3.12/site-packages/litellm/proxy/auth/service_account_checks.py
new file mode 100644
index 00000000..87d7d668
--- /dev/null
+++ b/.venv/lib/python3.12/site-packages/litellm/proxy/auth/service_account_checks.py
@@ -0,0 +1,53 @@
+"""
+Checks for LiteLLM service account keys
+
+"""
+
+from litellm.proxy._types import ProxyErrorTypes, ProxyException, UserAPIKeyAuth
+
+
+def check_if_token_is_service_account(valid_token: UserAPIKeyAuth) -> bool:
+    """
+    Checks if the token is a service account
+
+    Returns:
+        bool: True if token is a service account
+
+    """
+    if valid_token.metadata:
+        if "service_account_id" in valid_token.metadata:
+            return True
+    return False
+
+
+async def service_account_checks(
+    valid_token: UserAPIKeyAuth, request_data: dict
+) -> bool:
+    """
+    If a virtual key is a service account, checks it's a valid service account
+
+    A token is a service account if it has a service_account_id in its metadata
+
+    Service Account Specific Checks:
+        - Check if required_params is set
+    """
+
+    if check_if_token_is_service_account(valid_token) is not True:
+        return True
+
+    from litellm.proxy.proxy_server import general_settings
+
+    if "service_account_settings" in general_settings:
+        service_account_settings = general_settings["service_account_settings"]
+        if "enforced_params" in service_account_settings:
+            _enforced_params = service_account_settings["enforced_params"]
+            for param in _enforced_params:
+                if param not in request_data:
+                    raise ProxyException(
+                        type=ProxyErrorTypes.bad_request_error.value,
+                        code=400,
+                        param=param,
+                        message=f"BadRequest please pass param={param} in request body. This is a required param for service account",
+                    )
+
+    return True
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-12-04 12:03:09 +0000