chore: vendor sglang v0.5.10 snapshot
This commit is contained in:
10
third_party/sglang/sgl-model-gateway/examples/wasm/wasm-guest-auth/Cargo.toml
vendored
Normal file
10
third_party/sglang/sgl-model-gateway/examples/wasm/wasm-guest-auth/Cargo.toml
vendored
Normal file
@@ -0,0 +1,10 @@
|
||||
[package]
|
||||
name = "wasm-guest-auth"
|
||||
version = "0.1.0"
|
||||
edition = "2021"
|
||||
|
||||
[lib]
|
||||
crate-type = ["cdylib"]
|
||||
|
||||
[dependencies]
|
||||
wit-bindgen = { version = "0.21", features = ["macros"] }
|
||||
62
third_party/sglang/sgl-model-gateway/examples/wasm/wasm-guest-auth/README.md
vendored
Normal file
62
third_party/sglang/sgl-model-gateway/examples/wasm/wasm-guest-auth/README.md
vendored
Normal file
@@ -0,0 +1,62 @@
|
||||
# WASM Auth Example for sgl-model-gateway
|
||||
|
||||
This example demonstrates API key authentication middleware for sgl-model-gateway using the WebAssembly Component Model.
|
||||
|
||||
## Overview
|
||||
|
||||
This middleware validates API keys for requests to `/api` and `/v1` paths:
|
||||
|
||||
- Supports `Authorization: Bearer <key>` header
|
||||
- Supports `Authorization: ApiKey <key>` header
|
||||
- Supports `x-api-key` header
|
||||
- Returns `401 Unauthorized` for missing or invalid keys
|
||||
|
||||
**Default API Key**: `secret-api-key-12345`
|
||||
|
||||
## Quick Start
|
||||
|
||||
### Build and Deploy
|
||||
|
||||
```bash
|
||||
# Build
|
||||
cd examples/wasm-guest-auth
|
||||
./build.sh
|
||||
|
||||
# Deploy (replace file_path with actual path)
|
||||
curl -X POST http://localhost:3000/wasm \
|
||||
-H "Content-Type: application/json" \
|
||||
-d '{
|
||||
"modules": [{
|
||||
"name": "auth-middleware",
|
||||
"file_path": "/absolute/path/to/wasm_guest_auth.component.wasm",
|
||||
"module_type": "Middleware",
|
||||
"attach_points": [{"Middleware": "OnRequest"}]
|
||||
}]
|
||||
}'
|
||||
```
|
||||
|
||||
### Customization
|
||||
|
||||
Modify `EXPECTED_API_KEY` in `src/lib.rs`:
|
||||
|
||||
```rust
|
||||
const EXPECTED_API_KEY: &str = "your-secret-key";
|
||||
```
|
||||
|
||||
## Testing
|
||||
|
||||
```bash
|
||||
# Test unauthorized (returns 401)
|
||||
curl -v http://localhost:3000/api/test
|
||||
|
||||
# Test authorized (passes)
|
||||
curl -v http://localhost:3000/api/test \
|
||||
-H "Authorization: Bearer secret-api-key-12345"
|
||||
```
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
- Verify API key matches `EXPECTED_API_KEY` in code
|
||||
- Check request header format and path (`/api` or `/v1`)
|
||||
- Verify module is attached to `OnRequest` phase
|
||||
- Check router logs for errors
|
||||
77
third_party/sglang/sgl-model-gateway/examples/wasm/wasm-guest-auth/build.sh
vendored
Executable file
77
third_party/sglang/sgl-model-gateway/examples/wasm/wasm-guest-auth/build.sh
vendored
Executable file
@@ -0,0 +1,77 @@
|
||||
#!/bin/bash
|
||||
# Build script for WASM guest auth example
|
||||
# This script simplifies the build process for the WASM middleware component
|
||||
|
||||
set -e
|
||||
|
||||
echo "Building WASM guest auth example..."
|
||||
|
||||
# Check if we're in the right directory
|
||||
if [ ! -f "Cargo.toml" ]; then
|
||||
echo "Error: Cargo.toml not found. Please run this script from the wasm-guest-auth directory."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check for required tools
|
||||
command -v cargo >/dev/null 2>&1 || { echo "Error: cargo is required but not installed. Aborting." >&2; exit 1; }
|
||||
|
||||
# Check and install wasm32-wasip2 target
|
||||
echo "Checking for wasm32-wasip2 target..."
|
||||
if ! rustup target list --installed | grep -q "wasm32-wasip2"; then
|
||||
echo "wasm32-wasip2 target not found. Installing..."
|
||||
rustup target add wasm32-wasip2
|
||||
echo "✓ wasm32-wasip2 target installed"
|
||||
else
|
||||
echo "✓ wasm32-wasip2 target already installed"
|
||||
fi
|
||||
|
||||
# Check for wasm-tools
|
||||
if ! command -v wasm-tools >/dev/null 2>&1; then
|
||||
echo "Error: wasm-tools is required but not installed."
|
||||
echo "Install it with: cargo install wasm-tools"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Build with cargo (wit-bindgen uses cargo, not wasm-pack)
|
||||
echo "Running cargo build..."
|
||||
cargo build --target wasm32-wasip2 --release
|
||||
|
||||
# Output locations
|
||||
WASM_MODULE="target/wasm32-wasip2/release/wasm_guest_auth.wasm"
|
||||
WASM_COMPONENT="target/wasm32-wasip2/release/wasm_guest_auth.component.wasm"
|
||||
|
||||
if [ ! -f "$WASM_MODULE" ]; then
|
||||
echo "Error: Build failed - WASM module not found"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if the file is already a component
|
||||
echo "Checking WASM file format..."
|
||||
if wasm-tools print "$WASM_MODULE" 2>/dev/null | grep -q "^(\s*component"; then
|
||||
echo "✓ WASM file is already in component format"
|
||||
# Copy to component path for consistency
|
||||
cp "$WASM_MODULE" "$WASM_COMPONENT"
|
||||
else
|
||||
# Wrap the WASM module into a component format
|
||||
echo "Wrapping WASM module into component format..."
|
||||
wasm-tools component new "$WASM_MODULE" -o "$WASM_COMPONENT"
|
||||
if [ ! -f "$WASM_COMPONENT" ]; then
|
||||
echo "Error: Failed to create component file"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -f "$WASM_COMPONENT" ]; then
|
||||
echo ""
|
||||
echo "✓ Build successful!"
|
||||
echo " WASM module: $WASM_MODULE"
|
||||
echo " WASM component: $WASM_COMPONENT"
|
||||
echo ""
|
||||
echo "Next steps:"
|
||||
echo "1. Use the component file ($WASM_COMPONENT) when adding the module"
|
||||
echo "2. Prepare the module configuration (see README.md for JSON format)"
|
||||
echo "3. Use the API endpoint to add the module (see README.md for details)"
|
||||
else
|
||||
echo "Error: Component file not found"
|
||||
exit 1
|
||||
fi
|
||||
70
third_party/sglang/sgl-model-gateway/examples/wasm/wasm-guest-auth/src/lib.rs
vendored
Normal file
70
third_party/sglang/sgl-model-gateway/examples/wasm/wasm-guest-auth/src/lib.rs
vendored
Normal file
@@ -0,0 +1,70 @@
|
||||
//! WASM Guest Auth Example for sgl-model-gateway
|
||||
//!
|
||||
//! This example demonstrates API key authentication middleware
|
||||
//! for sgl-model-gateway using the WebAssembly Component Model.
|
||||
//!
|
||||
//! Features:
|
||||
//! - API Key authentication
|
||||
|
||||
wit_bindgen::generate!({
|
||||
path: "../../../src/wasm/interface",
|
||||
world: "sgl-model-gateway",
|
||||
});
|
||||
|
||||
use exports::sgl::model_gateway::{
|
||||
middleware_on_request::Guest as OnRequestGuest,
|
||||
middleware_on_response::Guest as OnResponseGuest,
|
||||
};
|
||||
use sgl::model_gateway::middleware_types::{Action, Request, Response};
|
||||
|
||||
/// Expected API Key (in production, this should be passed as configuration)
|
||||
const EXPECTED_API_KEY: &str = "secret-api-key-12345";
|
||||
|
||||
/// Main middleware implementation
|
||||
struct Middleware;
|
||||
|
||||
// Helper function to find header value
|
||||
fn find_header_value(
|
||||
headers: &[sgl::model_gateway::middleware_types::Header],
|
||||
name: &str,
|
||||
) -> Option<String> {
|
||||
headers
|
||||
.iter()
|
||||
.find(|h| h.name.eq_ignore_ascii_case(name))
|
||||
.map(|h| h.value.clone())
|
||||
}
|
||||
|
||||
// Implement on-request interface
|
||||
impl OnRequestGuest for Middleware {
|
||||
fn on_request(req: Request) -> Action {
|
||||
// API Key Authentication
|
||||
// Check for API key in Authorization header for /api routes
|
||||
if req.path.starts_with("/api") || req.path.starts_with("/v1") {
|
||||
let api_key = find_header_value(&req.headers, "authorization")
|
||||
.and_then(|h| {
|
||||
h.strip_prefix("Bearer ")
|
||||
.or_else(|| h.strip_prefix("ApiKey "))
|
||||
.map(|s| s.to_string())
|
||||
})
|
||||
.or_else(|| find_header_value(&req.headers, "x-api-key"));
|
||||
|
||||
// Reject if API key is missing or invalid
|
||||
if api_key.as_deref() != Some(EXPECTED_API_KEY) {
|
||||
return Action::Reject(401);
|
||||
}
|
||||
}
|
||||
|
||||
// Authentication passed, continue processing
|
||||
Action::Continue
|
||||
}
|
||||
}
|
||||
|
||||
// Implement on-response interface (empty - not used for auth)
|
||||
impl OnResponseGuest for Middleware {
|
||||
fn on_response(_resp: Response) -> Action {
|
||||
Action::Continue
|
||||
}
|
||||
}
|
||||
|
||||
// Export the component
|
||||
export!(Middleware);
|
||||
Reference in New Issue
Block a user