Introduce a separate backend service for LLM calls (#15831)

This PR introduces a separate backend service for making LLM calls. It exposes an HTTP interface that can be called by Zed clients. To call these endpoints, the client must provide a `Bearer` token. These tokens are issued/refreshed by the collab service over RPC. We're adding this in a backwards-compatible way. Right now the access tokens can only be minted for Zed staff, and calling this separate LLM service is behind the `llm-service` feature flag (which is not automatically enabled for Zed staff). Release Notes: - N/A --------- Co-authored-by: Marshall <marshall@zed.dev> Co-authored-by: Marshall Bowers <elliott.codes@gmail.com>
2024-08-05 17:26:21 -07:00 · 2024-08-05 17:26:21 -07:00 · 8e9c2b1125
commit 8e9c2b1125
parent 4ed43e6e6f
20 changed files with 478 additions and 102 deletions
--- a/crates/collab/src/api.rs
+++ b/crates/collab/src/api.rs
@ -81,14 +81,14 @@ pub async fn validate_api_token<B>(req: Request<B>, next: Next<B>) -> impl IntoR
        .get(http::header::AUTHORIZATION)
        .and_then(|header| header.to_str().ok())
        .ok_or_else(|| {
-            Error::Http(
+            Error::http(
                StatusCode::BAD_REQUEST,
                "missing authorization header".to_string(),
            )
        })?
        .strip_prefix("token ")
        .ok_or_else(|| {
-            Error::Http(
+            Error::http(
                StatusCode::BAD_REQUEST,
                "invalid authorization header".to_string(),
            )
@ -97,7 +97,7 @@ pub async fn validate_api_token<B>(req: Request<B>, next: Next<B>) -> impl IntoR
    let state = req.extensions().get::<Arc<AppState>>().unwrap();

    if token != state.config.api_token {
-        Err(Error::Http(
+        Err(Error::http(
            StatusCode::UNAUTHORIZED,
            "invalid authorization token".to_string(),
        ))?
@ -185,13 +185,13 @@ async fn create_access_token(
            if let Some(impersonated_user) = app.db.get_user_by_github_login(&impersonate).await? {
                impersonated_user_id = Some(impersonated_user.id);
            } else {
-                return Err(Error::Http(
+                return Err(Error::http(
                    StatusCode::UNPROCESSABLE_ENTITY,
                    format!("user {impersonate} does not exist"),
                ));
            }
        } else {
-            return Err(Error::Http(
+            return Err(Error::http(
                StatusCode::UNAUTHORIZED,
                "you do not have permission to impersonate other users".to_string(),
            ));