👤 feat: User Placeholder Variables for Custom Endpoint Headers (#7993)

* 🔧 refactor: move `processMCPEnv` from `librechat-data-provider` and move to `@librechat/api` * 🔧 refactor: Update resolveHeaders import paths * 🔧 refactor: Enhance resolveHeaders to support user and custom variables - Updated resolveHeaders function to accept user and custom user variables for placeholder replacement. - Modified header resolution in multiple client and controller files to utilize the enhanced resolveHeaders functionality. - Added comprehensive tests for resolveHeaders to ensure correct processing of user and custom variables. * 🔧 fix: Update user ID placeholder processing in env.ts * 🔧 fix: Remove arguments passing this.user rather than req.user - Updated multiple client and controller files to call resolveHeaders without the user parameter * 🔧 refactor: Enhance processUserPlaceholders to be more readable / less nested * 🔧 refactor: Update processUserPlaceholders to pass all tests in mpc.spec.ts and env.spec.ts * chore: remove legacy ChatGPTClient * chore: remove LLM initialization code * chore: initial deprecation removal of `gptPlugins` * chore: remove cohere-ai dependency from package.json and package-lock.json * chore: update brace-expansion to version 2.0.2 and add license information * chore: remove PluginsClient test file * chore: remove legacy * ci: remove deprecated sendMessage/getCompletion/chatCompletion tests --------- Co-authored-by: Dustin Healy <54083382+dustinhealy@users.noreply.github.com>
2025-12-22 11:20:15 +01:00 · 2025-06-23 12:39:27 -04:00 · 2025-06-23 12:39:27 -04:00 · a058963a9f
commit a058963a9f
parent 01e9b196bc
30 changed files with 542 additions and 2844 deletions
--- a/packages/api/src/utils/env.spec.ts
+++ b/packages/api/src/utils/env.spec.ts
@ -0,0 +1,317 @@
+import { resolveHeaders } from './env';
+import type { TUser } from 'librechat-data-provider';
+
+// Helper function to create test user objects
+function createTestUser(overrides: Partial<TUser> = {}): TUser {
+  return {
+    id: 'test-user-id',
+    username: 'testuser',
+    email: 'test@example.com',
+    name: 'Test User',
+    avatar: 'https://example.com/avatar.png',
+    provider: 'email',
+    role: 'user',
+    createdAt: new Date('2021-01-01').toISOString(),
+    updatedAt: new Date('2021-01-01').toISOString(),
+    ...overrides,
+  };
+}
+
+describe('resolveHeaders', () => {
+  beforeEach(() => {
+    // Set up test environment variables
+    process.env.TEST_API_KEY = 'test-api-key-value';
+    process.env.ANOTHER_SECRET = 'another-secret-value';
+  });
+
+  afterEach(() => {
+    // Clean up environment variables
+    delete process.env.TEST_API_KEY;
+    delete process.env.ANOTHER_SECRET;
+  });
+
+  it('should return empty object when headers is undefined', () => {
+    const result = resolveHeaders(undefined);
+    expect(result).toEqual({});
+  });
+
+  it('should return empty object when headers is null', () => {
+    const result = resolveHeaders(null as unknown as Record<string, string> | undefined);
+    expect(result).toEqual({});
+  });
+
+  it('should return empty object when headers is empty', () => {
+    const result = resolveHeaders({});
+    expect(result).toEqual({});
+  });
+
+  it('should process environment variables in headers', () => {
+    const headers = {
+      Authorization: '${TEST_API_KEY}',
+      'X-Secret': '${ANOTHER_SECRET}',
+      'Content-Type': 'application/json',
+    };
+
+    const result = resolveHeaders(headers);
+
+    expect(result).toEqual({
+      Authorization: 'test-api-key-value',
+      'X-Secret': 'another-secret-value',
+      'Content-Type': 'application/json',
+    });
+  });
+
+  it('should process user ID placeholder when user has id', () => {
+    const user = { id: 'test-user-123' };
+    const headers = {
+      'User-Id': '{{LIBRECHAT_USER_ID}}',
+      'Content-Type': 'application/json',
+    };
+
+    const result = resolveHeaders(headers, user);
+
+    expect(result).toEqual({
+      'User-Id': 'test-user-123',
+      'Content-Type': 'application/json',
+    });
+  });
+
+  it('should not process user ID placeholder when user is undefined', () => {
+    const headers = {
+      'User-Id': '{{LIBRECHAT_USER_ID}}',
+      'Content-Type': 'application/json',
+    };
+
+    const result = resolveHeaders(headers);
+
+    expect(result).toEqual({
+      'User-Id': '{{LIBRECHAT_USER_ID}}',
+      'Content-Type': 'application/json',
+    });
+  });
+
+  it('should not process user ID placeholder when user has no id', () => {
+    const user = { id: '' };
+    const headers = {
+      'User-Id': '{{LIBRECHAT_USER_ID}}',
+      'Content-Type': 'application/json',
+    };
+
+    const result = resolveHeaders(headers, user);
+
+    expect(result).toEqual({
+      'User-Id': '{{LIBRECHAT_USER_ID}}',
+      'Content-Type': 'application/json',
+    });
+  });
+
+  it('should process full user object placeholders', () => {
+    const user = createTestUser({
+      id: 'user-123',
+      email: 'test@example.com',
+      username: 'testuser',
+      name: 'Test User',
+      role: 'admin',
+    });
+
+    const headers = {
+      'User-Email': '{{LIBRECHAT_USER_EMAIL}}',
+      'User-Name': '{{LIBRECHAT_USER_NAME}}',
+      'User-Username': '{{LIBRECHAT_USER_USERNAME}}',
+      'User-Role': '{{LIBRECHAT_USER_ROLE}}',
+      'User-Id': '{{LIBRECHAT_USER_ID}}',
+      'Content-Type': 'application/json',
+    };
+
+    const result = resolveHeaders(headers, user);
+
+    expect(result).toEqual({
+      'User-Email': 'test@example.com',
+      'User-Name': 'Test User',
+      'User-Username': 'testuser',
+      'User-Role': 'admin',
+      'User-Id': 'user-123',
+      'Content-Type': 'application/json',
+    });
+  });
+
+  it('should handle missing user fields gracefully', () => {
+    const user = createTestUser({
+      id: 'user-123',
+      email: 'test@example.com',
+      username: undefined, // explicitly set to undefined
+    });
+
+    const headers = {
+      'User-Email': '{{LIBRECHAT_USER_EMAIL}}',
+      'User-Username': '{{LIBRECHAT_USER_USERNAME}}',
+      'Non-Existent': '{{LIBRECHAT_USER_NONEXISTENT}}',
+    };
+
+    const result = resolveHeaders(headers, user);
+
+    expect(result).toEqual({
+      'User-Email': 'test@example.com',
+      'User-Username': '', // Empty string for missing field
+      'Non-Existent': '{{LIBRECHAT_USER_NONEXISTENT}}', // Unchanged for non-existent field
+    });
+  });
+
+  it('should process custom user variables', () => {
+    const user = { id: 'user-123' };
+    const customUserVars = {
+      CUSTOM_TOKEN: 'user-specific-token',
+      REGION: 'us-west-1',
+    };
+
+    const headers = {
+      Authorization: 'Bearer {{CUSTOM_TOKEN}}',
+      'X-Region': '{{REGION}}',
+      'X-System-Key': '${TEST_API_KEY}',
+      'X-User-Id': '{{LIBRECHAT_USER_ID}}',
+    };
+
+    const result = resolveHeaders(headers, user, customUserVars);
+
+    expect(result).toEqual({
+      Authorization: 'Bearer user-specific-token',
+      'X-Region': 'us-west-1',
+      'X-System-Key': 'test-api-key-value',
+      'X-User-Id': 'user-123',
+    });
+  });
+
+  it('should prioritize custom user variables over user fields', () => {
+    const user = createTestUser({
+      id: 'user-123',
+      email: 'user-email@example.com',
+    });
+    const customUserVars = {
+      LIBRECHAT_USER_EMAIL: 'custom-email@example.com',
+    };
+
+    const headers = {
+      'Test-Email': '{{LIBRECHAT_USER_EMAIL}}',
+    };
+
+    const result = resolveHeaders(headers, user, customUserVars);
+
+    expect(result).toEqual({
+      'Test-Email': 'custom-email@example.com',
+    });
+  });
+
+  it('should handle boolean user fields', () => {
+    const user = createTestUser({
+      id: 'user-123',
+      // Note: TUser doesn't have these boolean fields, so we'll test with string fields
+      role: 'admin',
+    });
+
+    const headers = {
+      'User-Role': '{{LIBRECHAT_USER_ROLE}}',
+      'User-Id': '{{LIBRECHAT_USER_ID}}',
+    };
+
+    const result = resolveHeaders(headers, user);
+
+    expect(result).toEqual({
+      'User-Role': 'admin',
+      'User-Id': 'user-123',
+    });
+  });
+
+  it('should handle multiple occurrences of the same placeholder', () => {
+    const user = createTestUser({
+      id: 'user-123',
+      email: 'test@example.com',
+    });
+
+    const headers = {
+      'Primary-Email': '{{LIBRECHAT_USER_EMAIL}}',
+      'Secondary-Email': '{{LIBRECHAT_USER_EMAIL}}',
+      'Backup-Email': '{{LIBRECHAT_USER_EMAIL}}',
+    };
+
+    const result = resolveHeaders(headers, user);
+
+    expect(result).toEqual({
+      'Primary-Email': 'test@example.com',
+      'Secondary-Email': 'test@example.com',
+      'Backup-Email': 'test@example.com',
+    });
+  });
+
+  it('should handle mixed variable types in the same headers object', () => {
+    const user = createTestUser({
+      id: 'user-123',
+      email: 'test@example.com',
+    });
+    const customUserVars = {
+      CUSTOM_TOKEN: 'secret-token',
+    };
+
+    const headers = {
+      Authorization: 'Bearer {{CUSTOM_TOKEN}}',
+      'X-User-Id': '{{LIBRECHAT_USER_ID}}',
+      'X-System-Key': '${TEST_API_KEY}',
+      'X-User-Email': '{{LIBRECHAT_USER_EMAIL}}',
+      'Content-Type': 'application/json',
+    };
+
+    const result = resolveHeaders(headers, user, customUserVars);
+
+    expect(result).toEqual({
+      Authorization: 'Bearer secret-token',
+      'X-User-Id': 'user-123',
+      'X-System-Key': 'test-api-key-value',
+      'X-User-Email': 'test@example.com',
+      'Content-Type': 'application/json',
+    });
+  });
+
+  it('should not modify the original headers object', () => {
+    const originalHeaders = {
+      Authorization: '${TEST_API_KEY}',
+      'User-Id': '{{LIBRECHAT_USER_ID}}',
+    };
+    const user = { id: 'user-123' };
+
+    const result = resolveHeaders(originalHeaders, user);
+
+    // Verify the result is processed
+    expect(result).toEqual({
+      Authorization: 'test-api-key-value',
+      'User-Id': 'user-123',
+    });
+
+    // Verify the original object is unchanged
+    expect(originalHeaders).toEqual({
+      Authorization: '${TEST_API_KEY}',
+      'User-Id': '{{LIBRECHAT_USER_ID}}',
+    });
+  });
+
+  it('should handle special characters in custom variable names', () => {
+    const user = { id: 'user-123' };
+    const customUserVars = {
+      'CUSTOM-VAR': 'dash-value',
+      CUSTOM_VAR: 'underscore-value',
+      'CUSTOM.VAR': 'dot-value',
+    };
+
+    const headers = {
+      'Dash-Header': '{{CUSTOM-VAR}}',
+      'Underscore-Header': '{{CUSTOM_VAR}}',
+      'Dot-Header': '{{CUSTOM.VAR}}',
+    };
+
+    const result = resolveHeaders(headers, user, customUserVars);
+
+    expect(result).toEqual({
+      'Dash-Header': 'dash-value',
+      'Underscore-Header': 'underscore-value',
+      'Dot-Header': 'dot-value',
+    });
+  });
+});
--- a/packages/api/src/utils/env.ts
+++ b/packages/api/src/utils/env.ts
@ -0,0 +1,170 @@
+import { extractEnvVariable } from 'librechat-data-provider';
+import type { TUser, MCPOptions } from 'librechat-data-provider';
+
+/**
+ * List of allowed user fields that can be used in MCP environment variables.
+ * These are non-sensitive string/boolean fields from the IUser interface.
+ */
+const ALLOWED_USER_FIELDS = [
+  'id',
+  'name',
+  'username',
+  'email',
+  'provider',
+  'role',
+  'googleId',
+  'facebookId',
+  'openidId',
+  'samlId',
+  'ldapId',
+  'githubId',
+  'discordId',
+  'appleId',
+  'emailVerified',
+  'twoFactorEnabled',
+  'termsAccepted',
+] as const;
+
+/**
+ * Processes a string value to replace user field placeholders
+ * @param value - The string value to process
+ * @param user - The user object
+ * @returns The processed string with placeholders replaced
+ */
+function processUserPlaceholders(value: string, user?: TUser): string {
+  if (!user || typeof value !== 'string') {
+    return value;
+  }
+
+  for (const field of ALLOWED_USER_FIELDS) {
+    const placeholder = `{{LIBRECHAT_USER_${field.toUpperCase()}}}`;
+    if (!value.includes(placeholder)) {
+      continue;
+    }
+
+    const fieldValue = user[field as keyof TUser];
+
+    // Skip replacement if field doesn't exist in user object
+    if (!(field in user)) {
+      continue;
+    }
+
+    // Special case for 'id' field: skip if undefined or empty
+    if (field === 'id' && (fieldValue === undefined || fieldValue === '')) {
+      continue;
+    }
+
+    const replacementValue = fieldValue == null ? '' : String(fieldValue);
+    value = value.replace(new RegExp(placeholder, 'g'), replacementValue);
+  }
+
+  return value;
+}
+
+/**
+ * Processes a single string value by replacing various types of placeholders
+ * @param originalValue - The original string value to process
+ * @param customUserVars - Optional custom user variables to replace placeholders
+ * @param user - Optional user object for replacing user field placeholders
+ * @returns The processed string with all placeholders replaced
+ */
+function processSingleValue({
+  originalValue,
+  customUserVars,
+  user,
+}: {
+  originalValue: string;
+  customUserVars?: Record<string, string>;
+  user?: TUser;
+}): string {
+  let value = originalValue;
+
+  // 1. Replace custom user variables
+  if (customUserVars) {
+    for (const [varName, varVal] of Object.entries(customUserVars)) {
+      /** Escaped varName for use in regex to avoid issues with special characters */
+      const escapedVarName = varName.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+      const placeholderRegex = new RegExp(`\\{\\{${escapedVarName}\\}\\}`, 'g');
+      value = value.replace(placeholderRegex, varVal);
+    }
+  }
+
+  // 2. Replace user field placeholders (e.g., {{LIBRECHAT_USER_EMAIL}}, {{LIBRECHAT_USER_ID}})
+  value = processUserPlaceholders(value, user);
+
+  // 3. Replace system environment variables
+  value = extractEnvVariable(value);
+
+  return value;
+}
+
+/**
+ * Recursively processes an object to replace environment variables in string values
+ * @param obj - The object to process
+ * @param user - The user object containing all user fields
+ * @param customUserVars - vars that user set in settings
+ * @returns - The processed object with environment variables replaced
+ */
+export function processMCPEnv(
+  obj: Readonly<MCPOptions>,
+  user?: TUser,
+  customUserVars?: Record<string, string>,
+): MCPOptions {
+  if (obj === null || obj === undefined) {
+    return obj;
+  }
+
+  const newObj: MCPOptions = structuredClone(obj);
+
+  if ('env' in newObj && newObj.env) {
+    const processedEnv: Record<string, string> = {};
+    for (const [key, originalValue] of Object.entries(newObj.env)) {
+      processedEnv[key] = processSingleValue({ originalValue, customUserVars, user });
+    }
+    newObj.env = processedEnv;
+  }
+
+  // Process headers if they exist (for WebSocket, SSE, StreamableHTTP types)
+  // Note: `env` and `headers` are on different branches of the MCPOptions union type.
+  if ('headers' in newObj && newObj.headers) {
+    const processedHeaders: Record<string, string> = {};
+    for (const [key, originalValue] of Object.entries(newObj.headers)) {
+      processedHeaders[key] = processSingleValue({ originalValue, customUserVars, user });
+    }
+    newObj.headers = processedHeaders;
+  }
+
+  // Process URL if it exists (for WebSocket, SSE, StreamableHTTP types)
+  if ('url' in newObj && newObj.url) {
+    newObj.url = processSingleValue({ originalValue: newObj.url, customUserVars, user });
+  }
+
+  return newObj;
+}
+
+/**
+ * Resolves header values by replacing user placeholders, custom variables, and environment variables
+ * @param headers - The headers object to process
+ * @param user - Optional user object for replacing user field placeholders (can be partial with just id)
+ * @param customUserVars - Optional custom user variables to replace placeholders
+ * @returns - The processed headers with all placeholders replaced
+ */
+export function resolveHeaders(
+  headers: Record<string, string> | undefined,
+  user?: Partial<TUser> | { id: string },
+  customUserVars?: Record<string, string>,
+) {
+  const resolvedHeaders = { ...(headers ?? {}) };
+
+  if (headers && typeof headers === 'object' && !Array.isArray(headers)) {
+    Object.keys(headers).forEach((key) => {
+      resolvedHeaders[key] = processSingleValue({
+        originalValue: headers[key],
+        customUserVars,
+        user: user as TUser,
+      });
+    });
+  }
+
+  return resolvedHeaders;
+}
--- a/packages/api/src/utils/index.ts
+++ b/packages/api/src/utils/index.ts
@ -1,6 +1,7 @@
 export * from './axios';
 export * from './azure';
 export * from './common';
+export * from './env';
 export * from './events';
 export * from './files';
 export * from './generators';