goose icon indicating copy to clipboard operation
goose copied to clipboard
Published 1 month ago verified publisher icon block

feat: Add openai-like provider

Open mhickman opened this issue 1 year ago • 3 comments

Closes #1198

This could technically be accomplished already by overriding OPENAI_URL. The intent is to just make this easier for people to setup when configuring their provider via the cli.

Additionally I added a crude attempt to prevent folks from accidentally sending their credentials on the internet over non-https.

mhickman avatar Feb 13 '25 20:02 mhickman

I've just been playing around with the codebase, feel free to not accept / edit as needed!

mhickman avatar Feb 13 '25 20:02 mhickman

Can you help explain where openai URL could be overridden in the desktop app?

kyle-veniceai avatar Feb 13 '25 23:02 kyle-veniceai

Can you help explain where openai URL could be overridden in the desktop app?

I just meant overriding the env config OPENAI_URL, there isn't from what I can tell a way to do that from the desktop app nor the cli.

mhickman avatar Feb 13 '25 23:02 mhickman

Thanks for the contribution! Can you explain more on "prevent folks from accidentally sending their credentials on the internet over non-https"? Thanks

Sure, if folks are manually entering their configuration there's a common failure mode where folks might forget the s in https

If they enter, say, http://someopenailikeservice.com/ the client will send a POST unencrypted (http is just plaintext.) This is bad when you have a the api key in the authorization header, since that's plaintext and supposed to be secret.

However, folks have a common use case as well to use non-https, which is when they're running something like bedrock-access-gateway locally and they're posting only to http://localhost.

This PR attempts to discern between the two to prevent folks from leaking their API keys accidentally.

mhickman avatar Feb 18 '25 17:02 mhickman