Revert "Exclude litellm_credential_name from sensitive masker (#16950)" (#16956)

This reverts commit 5cfacb96e6.
This commit is contained in:
yuneng-jiang
2025-11-21 18:09:54 -08:00
committed by GitHub
parent 58a56babd9
commit eb48d5cc42
4 changed files with 6 additions and 97 deletions
@@ -2,7 +2,7 @@
Contains utils used by OpenAI compatible endpoints
"""
from typing import Optional, Set
from typing import Optional
from fastapi import Request
@@ -12,16 +12,12 @@ from litellm.proxy.common_utils.http_parsing_utils import _read_request_body
SENSITIVE_DATA_MASKER = SensitiveDataMasker()
def remove_sensitive_info_from_deployment(
deployment_dict: dict,
excluded_keys: Optional[Set[str]] = None,
) -> dict:
def remove_sensitive_info_from_deployment(deployment_dict: dict) -> dict:
"""
Removes sensitive information from a deployment dictionary.
Args:
deployment_dict (dict): The deployment dictionary to remove sensitive information from.
excluded_keys (Optional[Set[str]]): Set of keys that should not be masked (exact match).
Returns:
dict: The modified deployment dictionary with sensitive information removed.
@@ -32,9 +28,7 @@ def remove_sensitive_info_from_deployment(
deployment_dict["litellm_params"].pop("aws_access_key_id", None)
deployment_dict["litellm_params"].pop("aws_secret_access_key", None)
deployment_dict["litellm_params"] = SENSITIVE_DATA_MASKER.mask_dict(
deployment_dict["litellm_params"], excluded_keys=excluded_keys
)
deployment_dict["litellm_params"] = SENSITIVE_DATA_MASKER.mask_dict(deployment_dict["litellm_params"])
return deployment_dict
+3 -8
View File
@@ -7069,9 +7069,7 @@ async def model_info_v2(
_model["model_info"] = model_info
# don't return the api key / vertex credentials
# don't return the llm credentials
_model = remove_sensitive_info_from_deployment(
_model, excluded_keys={"litellm_credential_name"}
)
_model = remove_sensitive_info_from_deployment(_model)
verbose_proxy_logger.debug("all_models: %s", all_models)
return {"data": all_models}
@@ -7538,9 +7536,7 @@ def _get_proxy_model_info(model: dict) -> dict:
model_info[k] = v
model["model_info"] = model_info
# don't return the llm credentials
model = remove_sensitive_info_from_deployment(
deployment_dict=model, excluded_keys={"litellm_credential_name"}
)
model = remove_sensitive_info_from_deployment(deployment_dict=model)
return model
@@ -7608,8 +7604,7 @@ async def model_info_v1( # noqa: PLR0915
)
_deployment_info_dict = _deployment_info.model_dump()
_deployment_info_dict = remove_sensitive_info_from_deployment(
deployment_dict=_deployment_info_dict,
excluded_keys={"litellm_credential_name"},
deployment_dict=_deployment_info_dict
)
return {"data": _deployment_info_dict}
@@ -29,49 +29,3 @@ def test_lists_are_preserved_not_converted_to_strings():
# Must be a list, not a string
assert isinstance(masked["tags"], list)
assert masked["tags"] == ["East US 2", "production", "test"]
def test_excluded_keys_exact_match():
"""
Test that excluded_keys prevents masking of specific keys (exact match).
"""
masker = SensitiveDataMasker()
data = {
"api_key": "sk-1234567890abcdef",
"litellm_credentials_name": "my-credential-name",
"access_token": "token-12345",
"port": 6379,
}
# Without excluded_keys, sensitive keys should be masked
masked = masker.mask_dict(data)
assert masked["api_key"] != "sk-1234567890abcdef"
assert "*" in masked["api_key"]
assert masked["access_token"] != "token-12345"
assert "*" in masked["access_token"]
# With excluded_keys, litellm_credentials_name should NOT be masked (exact match)
# This ensures that even if pattern matching logic changes, excluded keys won't be masked
masked = masker.mask_dict(data, excluded_keys={"litellm_credentials_name"})
assert masked["litellm_credentials_name"] == "my-credential-name"
# Other sensitive keys should still be masked
assert masked["api_key"] != "sk-1234567890abcdef"
assert "*" in masked["api_key"]
assert masked["access_token"] != "token-12345"
assert "*" in masked["access_token"]
# Non-sensitive keys should remain unchanged
assert masked["port"] == 6379
# Test case sensitivity - excluded_keys should be exact match
masked = masker.mask_dict(data, excluded_keys={"LITELLM_CREDENTIALS_NAME"})
# Should still be masked because case doesn't match (exact match required)
assert masked["litellm_credentials_name"] == "my-credential-name" # Not masked because it doesn't match patterns anyway
# Test with api_key in excluded_keys to verify it works for keys that would be masked
masked = masker.mask_dict(data, excluded_keys={"api_key"})
assert masked["api_key"] == "sk-1234567890abcdef" # Should NOT be masked
assert masked["access_token"] != "token-12345" # Should still be masked
assert "*" in masked["access_token"]
@@ -85,37 +85,3 @@ from litellm.proxy.common_utils.openai_endpoint_utils import remove_sensitive_in
def test_remove_sensitive_info_from_deployment(model_config: dict, expected_config: dict):
sanitized_config = remove_sensitive_info_from_deployment(model_config)
assert sanitized_config == expected_config
def test_remove_sensitive_info_from_deployment_with_excluded_keys():
"""
Test that excluded_keys prevents masking of specific keys (exact match).
"""
model_config = {
"model_name": "test-model",
"litellm_params": {
"model": "openai/gpt-4",
"api_key": "sk-sensitive-key-123",
"litellm_credentials_name": "my-credential-name",
"access_token": "token-12345",
"temperature": 0.7
}
}
# Without excluded_keys, access_token should be masked (contains "token")
sanitized_config = remove_sensitive_info_from_deployment(model_config)
assert sanitized_config["litellm_params"]["access_token"] != "token-12345"
assert "*" in sanitized_config["litellm_params"]["access_token"]
# With excluded_keys, litellm_credentials_name should NOT be masked (even if it would match patterns)
sanitized_config = remove_sensitive_info_from_deployment(
model_config, excluded_keys={"litellm_credentials_name"}
)
assert sanitized_config["litellm_params"]["litellm_credentials_name"] == "my-credential-name"
# access_token should still be masked (not in excluded_keys)
assert sanitized_config["litellm_params"]["access_token"] != "token-12345"
assert "*" in sanitized_config["litellm_params"]["access_token"]
# api_key should still be removed (popped) regardless of excluded_keys
assert "api_key" not in sanitized_config["litellm_params"]