@@ -67,6 +67,11 @@ def __init__(self, region: str = "cn-beijing", timeout: int = 50) -> None:
6767 self .appid = getenv ("TOOL_LLM_SHIELD_APP_ID" )
6868 self .region = region
6969 self .timeout = timeout
70+ self .url = getenv (
71+ "TOOL_LLM_SHIELD_URL" ,
72+ f"https://{ self .region } ,
73+ )
74+ self .api_key = getenv ("TOOL_LLM_SHIELD_API_KEY" , allow_false_values = True )
7075
7176 self .category_map = {
7277 101 : "Model Misuse" ,
@@ -96,18 +101,6 @@ def _request_llm_shield(self, message: str, role: str) -> Optional[str]:
96101 logger .error ("LLM Shield app ID not configured" )
97102 return None
98103
99- ak = os .getenv ("VOLCENGINE_ACCESS_KEY" )
100- sk = os .getenv ("VOLCENGINE_SECRET_KEY" )
101- session_token = ""
102- if not (ak and sk ):
103- logger .debug ("Get AK/SK from environment variables failed." )
104- credential = get_credential_from_vefaas_iam ()
105- ak = credential .access_key_id
106- sk = credential .secret_access_key
107- session_token = credential .session_token
108- else :
109- logger .debug ("Successfully get AK/SK from environment variables." )
110-
111104 body = {
112105 "Message" : {
113106 "Role" : role ,
@@ -119,27 +112,50 @@ def _request_llm_shield(self, message: str, role: str) -> Optional[str]:
119112
120113 body_json = json .dumps (body ).encode ("utf-8" )
121114
122- header = {"X-Security-Token" : session_token }
123- url = f"https://{ self .region }
124115 path = "/v2/moderate"
125116 action = "Moderate"
126117 version = "2025-08-31"
127118
128- signed_header = request_sign (
129- header , ak , sk , self .region , url , path , action , body_json
130- )
131-
132- signed_header . update (
133- {
119+ # Check if using API key authentication
120+ logger . debug ( f"API key value: { self .api_key } , type: { type ( self . api_key ) } " )
121+ if self . api_key and self . api_key != "" :
122+ logger . debug ( "Using API key authentication (no AK/SK signature)" )
123+ # Use API key authentication only - match curl command headers exactly
124+ signed_header = {
134125 "Content-Type" : "application/json" ,
135- "X-Top-Service" : "llmshield" ,
136- "X-Top-Region" : self .region ,
126+ "x-api-key" : self .api_key ,
137127 }
138- )
128+ else :
129+ logger .debug ("Using AK/SK signature authentication" )
130+ # Use AK/SK signature authentication
131+ ak = os .getenv ("VOLCENGINE_ACCESS_KEY" )
132+ sk = os .getenv ("VOLCENGINE_SECRET_KEY" )
133+ session_token = ""
134+ if not (ak and sk ):
135+ logger .debug ("Get AK/SK from environment variables failed." )
136+ credential = get_credential_from_vefaas_iam ()
137+ ak = credential .access_key_id
138+ sk = credential .secret_access_key
139+ session_token = credential .session_token
140+ else :
141+ logger .debug ("Successfully get AK/SK from environment variables." )
142+
143+ header = {"X-Security-Token" : session_token }
144+ signed_header = request_sign (
145+ header , ak , sk , self .region , self .url , path , action , body_json
146+ )
147+
148+ signed_header .update (
149+ {
150+ "Content-Type" : "application/json" ,
151+ "X-Top-Service" : "llmshield" ,
152+ "X-Top-Region" : self .region ,
153+ }
154+ )
139155
140156 try :
141157 response = requests .post (
142- url + path ,
158+ self . url + path ,
143159 headers = signed_header ,
144160 data = body_json ,
145161 params = {"Action" : action , "Version" : version },
@@ -151,7 +167,6 @@ def _request_llm_shield(self, message: str, role: str) -> Optional[str]:
151167 f"LLM Shield HTTP error: { response .status_code } { response .text }
152168 )
153169 return None
154-
155170 response = response .json ()
156171 except requests .exceptions .Timeout :
157172 logger .error ("LLM Shield request timeout" )
0 commit comments