-
Notifications
You must be signed in to change notification settings - Fork 1.7k
feat: implement AWS Bedrock integration and update authentication han… #548
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from 1 commit
c538b5a
0715c8c
d5cd3d4
74d43fb
4c1fa8b
050f7dc
ff3af01
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -6,6 +6,15 @@ import os from 'os'; | |
|
|
||
| const router = express.Router(); | ||
|
|
||
| function isTruthyValue(value) { | ||
| if (typeof value !== 'string') { | ||
| return false; | ||
| } | ||
|
|
||
| const normalized = value.trim().toLowerCase(); | ||
| return normalized === '1' || normalized === 'true' || normalized === 'yes' || normalized === 'on'; | ||
| } | ||
|
|
||
| router.get('/claude/status', async (req, res) => { | ||
| try { | ||
| const credentialsResult = await checkClaudeCredentials(); | ||
|
|
@@ -14,14 +23,16 @@ router.get('/claude/status', async (req, res) => { | |
| return res.json({ | ||
| authenticated: true, | ||
| email: credentialsResult.email || 'Authenticated', | ||
| method: credentialsResult.method // 'api_key' or 'credentials_file' | ||
| method: credentialsResult.method, // 'api_key', 'credentials_file', or 'bedrock' | ||
| isBedrock: Boolean(credentialsResult.isBedrock) | ||
| }); | ||
| } | ||
|
|
||
| return res.json({ | ||
| authenticated: false, | ||
| email: null, | ||
| method: null, | ||
| isBedrock: false, | ||
| error: credentialsResult.error || 'Not authenticated' | ||
| }); | ||
|
|
||
|
|
@@ -31,6 +42,7 @@ router.get('/claude/status', async (req, res) => { | |
| authenticated: false, | ||
| email: null, | ||
| method: null, | ||
| isBedrock: false, | ||
| error: error.message | ||
| }); | ||
| } | ||
|
|
@@ -134,6 +146,20 @@ async function loadClaudeSettingsEnv() { | |
| * - method: 'api_key' for env var, 'credentials_file' for OAuth tokens | ||
| */ | ||
| async function checkClaudeCredentials() { | ||
| const settingsEnv = await loadClaudeSettingsEnv(); | ||
|
|
||
| // Priority 0: Bedrock mode bypasses Claude OAuth checks. | ||
| const bedrockEnabled = isTruthyValue(process.env.CLAUDE_CODE_USE_BEDROCK) | ||
| || isTruthyValue(settingsEnv.CLAUDE_CODE_USE_BEDROCK); | ||
| if (bedrockEnabled) { | ||
|
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Bedrock enablement logic is duplicated and can diverge from SDK behavior. This inline check can drift from the resolver used in Proposed fix-import { isTruthyValue, loadClaudeSettingsEnv } from '../utils/env-helpers.js';
+import { isBedrockEnabled, loadClaudeSettingsEnv } from '../utils/env-helpers.js';
@@
- const bedrockEnabled = isTruthyValue(process.env.CLAUDE_CODE_USE_BEDROCK)
- || isTruthyValue(settingsEnv.CLAUDE_CODE_USE_BEDROCK);
+ const bedrockEnabled = isBedrockEnabled(settingsEnv);// server/utils/env-helpers.js
export function isBedrockEnabled(settingsEnv = {}) {
return isTruthyValue(process.env.CLAUDE_CODE_USE_BEDROCK)
|| isTruthyValue(settingsEnv.CLAUDE_CODE_USE_BEDROCK);
}🤖 Prompt for AI Agents |
||
| return { | ||
| authenticated: true, | ||
| email: 'AWS Bedrock', | ||
| method: 'bedrock', | ||
| isBedrock: true | ||
| }; | ||
| } | ||
|
|
||
| // Priority 1: Check for ANTHROPIC_API_KEY environment variable | ||
| // The SDK checks this first and uses it if present, even if OAuth tokens exist. | ||
| // When set, API calls are charged via pay-as-you-go rates instead of subscription. | ||
|
|
@@ -148,21 +174,21 @@ async function checkClaudeCredentials() { | |
| // Priority 1b: Check ~/.claude/settings.json env values. | ||
| // Claude Code can read proxy/auth values from settings.json even when the | ||
| // CloudCLI server process itself was not started with those env vars exported. | ||
| const settingsEnv = await loadClaudeSettingsEnv(); | ||
|
|
||
| if (typeof settingsEnv.ANTHROPIC_API_KEY === 'string' && settingsEnv.ANTHROPIC_API_KEY.trim()) { | ||
| return { | ||
| authenticated: true, | ||
| email: 'API Key Auth', | ||
| method: 'api_key' | ||
| method: 'api_key', | ||
| isBedrock: false | ||
| }; | ||
| } | ||
|
|
||
| if (typeof settingsEnv.ANTHROPIC_AUTH_TOKEN === 'string' && settingsEnv.ANTHROPIC_AUTH_TOKEN.trim()) { | ||
| return { | ||
| authenticated: true, | ||
| email: 'Configured via settings.json', | ||
| method: 'api_key' | ||
| method: 'api_key', | ||
| isBedrock: false | ||
| }; | ||
| } | ||
|
|
||
|
|
@@ -182,21 +208,24 @@ async function checkClaudeCredentials() { | |
| return { | ||
| authenticated: true, | ||
| email: creds.email || creds.user || null, | ||
| method: 'credentials_file' | ||
| method: 'credentials_file', | ||
| isBedrock: false | ||
| }; | ||
| } | ||
| } | ||
|
|
||
| return { | ||
| authenticated: false, | ||
| email: null, | ||
| method: null | ||
| method: null, | ||
| isBedrock: false | ||
| }; | ||
| } catch (error) { | ||
| return { | ||
| authenticated: false, | ||
| email: null, | ||
| method: null | ||
| method: null, | ||
| isBedrock: false | ||
| }; | ||
| } | ||
| } | ||
|
|
||
Uh oh!
There was an error while loading. Please reload this page.