fix(ai-proxy): clean client Authorization header for api-key providers (#3956)

Signed-off-by: DENG <33118163+XinhhD@users.noreply.github.com> Co-authored-by: woody <yaodiwu618@gmail.com>
2026-06-26 02:35:02 +08:00 · 2026-06-16 16:19:37 +08:00
parent d1f95f6e54
commit 7abf27a2a3
4 changed files with 15 additions and 3 deletions
--- a/plugins/wasm-go/extensions/ai-proxy/test/azure.go
+++ b/plugins/wasm-go/extensions/ai-proxy/test/azure.go
@@ -490,6 +490,7 @@ func RunAzureOnHttpRequestHeadersTests(t *testing.T) {
 				{":path", "/v1/chat/completions"},
 				{":method", "POST"},
 				{"Content-Type", "application/json"},
+				{"Authorization", "Bearer gateway-token"},
 			})

 			// 应该返回HeaderStopIteration，因为需要处理请求体
@@ -509,6 +510,12 @@ func RunAzureOnHttpRequestHeadersTests(t *testing.T) {
 			require.True(t, hasApiKey, "api-key header should exist")
 			require.Equal(t, "sk-azure-test123456789", apiKeyValue, "api-key should contain Azure API token")

+			// 验证Authorization是否被删除
+			_, hasAuthLower := test.GetHeaderValue(requestHeaders, "authorization")
+			require.False(t, hasAuthLower, "Authorization header should be deleted")
+			_, hasAuthUpper := test.GetHeaderValue(requestHeaders, "Authorization")
+			require.False(t, hasAuthUpper, "Authorization header should be deleted")
+
 			// 验证Path是否被正确处理
 			pathValue, hasPath := test.GetHeaderValue(requestHeaders, ":path")
 			require.True(t, hasPath, "Path header should exist")