fix(iflow): add signed headers for chat requests#120
Conversation
This prevents 'NoneType' object has no attribute 'get' errors for new accounts.
|
I'm starting my review of the iFlow signed headers implementation. I'll be checking the signature logic and the new header construction to ensure it aligns with the protocol requirements. |
There was a problem hiding this comment.
Overall Assessment
This PR successfully implements the signed header protocol for iFlow requests, bringing it in line with the CLIProxyAPI requirements. The addition of session tracking and HMAC signatures improves the robustness of the authentication layer. The code is well-structured, with header construction centralized and error handling improved for edge cases like empty response bodies.
Architectural Feedback
The centralization of header logic into _build_iflow_headers is a good architectural choice, making the chat_completion logic cleaner and easier to maintain.
Key Suggestions
- Signature Robustness: Consider adding explicit validation for the
api_keybefore generating signatures to provide clearer error messages if authentication details are missing. - Session ID Format: Verify if the
session-prefix is strictly required by the upstream iFlow API.
Questions for the Author
- Can you confirm if the
session-prefix in thesession-idheader is standard for all iFlow integrations or specific to this one?
This review was generated by an AI assistant.
|
|
||
| return payload | ||
|
|
||
| def _create_iflow_signature( |
There was a problem hiding this comment.
The _create_iflow_signature method returns an empty string if api_key is missing. While this prevents a crash, sending an empty signature to the upstream API will likely result in a 401/403 anyway. Consider adding a check or logging a warning if this occurs during a request.
|
|
||
| def _build_iflow_headers(self, api_key: str, stream: bool) -> Dict[str, str]: | ||
| """Build iFlow request headers, including signed auth headers.""" | ||
| session_id = f"session-{uuid.uuid4()}" |
There was a problem hiding this comment.
Is the session- prefix in f"session-{uuid.uuid4()}" a requirement of the iFlow protocol? Just want to ensure the upstream expects this specific format rather than a raw UUID.
There was a problem hiding this comment.
I dont know I basically just copied what https://github.com/router-for-me/CLIProxyAPI does which is written in go which worked and this fixed the issue
| raise ValueError("iFlow user info request not successful") | ||
|
|
||
| data = result.get("data", {}) | ||
| data = result.get("data") or {} |
There was a problem hiding this comment.
Using .get("data") or {} is a solid improvement over .get("data", {}). This pattern correctly handles cases where the API returns an explicit null (None in Python), which would otherwise cause downstream errors when trying to access keys on a None object.
555d025 to
2265aa5
Compare
…h-none-data fix(iflow): add signed headers for chat requests
Summary
session-id,x-iflow-timestamp,x-iflow-signature) to match CLIProxyAPI request protocol.Important
Add iFlow signed headers for chat requests and improve error handling in
iflow_provider.py.session-id,x-iflow-timestamp,x-iflow-signature) iniflow_provider.pyto match CLIProxyAPI protocol._create_iflow_signature()and_build_iflow_headers()to generate and include these headers.stream_handler()iniflow_provider.pyby logging content-type.result.get("data", {})toresult.get("data") or {}iniflow_auth_base.pyto handle None values.This description was created by
for 2265aa5. You can customize this summary. It will automatically update as commits are pushed.