Add missing security configs to llms

Author: RakhithaRR

platform-api/src/internal/dto/llm.go

@@ -160,6 +160,7 @@ type LLMProvider struct {
 	AccessControl  LLMAccessControl       `json:"accessControl" yaml:"accessControl" binding:"required"`
 	RateLimiting   *LLMRateLimitingConfig `json:"rateLimiting,omitempty" yaml:"rateLimiting,omitempty"`
 	Policies       []LLMPolicy            `json:"policies,omitempty" yaml:"policies,omitempty"`
+	Security       *SecurityConfig        `json:"security,omitempty" yaml:"security,omitempty"`
 	CreatedAt      time.Time              `json:"createdAt,omitempty" yaml:"createdAt,omitempty"`
 	UpdatedAt      time.Time              `json:"updatedAt,omitempty" yaml:"updatedAt,omitempty"`
 }
@@ -193,8 +194,9 @@ type LLMProxy struct {
 	VHost       string          `json:"vhost,omitempty" yaml:"vhost,omitempty"`
 	Provider    string          `json:"provider" yaml:"provider" binding:"required"`
 	OpenAPI     string          `json:"openapi,omitempty" yaml:"openapi,omitempty"`
-	Policies    []LLMPolicy `json:"policies,omitempty" yaml:"policies,omitempty"`
-	CreatedAt   time.Time   `json:"createdAt,omitempty" yaml:"createdAt,omitempty"`
+	Policies    []LLMPolicy     `json:"policies,omitempty" yaml:"policies,omitempty"`
+	Security    *SecurityConfig `json:"security,omitempty" yaml:"security,omitempty"`
+	CreatedAt   time.Time       `json:"createdAt,omitempty" yaml:"createdAt,omitempty"`
 	UpdatedAt   time.Time       `json:"updatedAt,omitempty" yaml:"updatedAt,omitempty"`
 }
 
@@ -216,3 +218,14 @@ type LLMProxyListResponse struct {
 	List       []LLMProxyListItem `json:"list" yaml:"list"`
 	Pagination Pagination         `json:"pagination" yaml:"pagination"`
 }
+
+type SecurityConfig struct {
+	Enabled *bool           `json:"enabled,omitempty" yaml:"enabled,omitempty"`
+	APIKey  *APIKeySecurity `json:"apiKey,omitempty" yaml:"apiKey,omitempty"`
+}
+
+type APIKeySecurity struct {
+	Enabled *bool  `json:"enabled,omitempty" yaml:"enabled,omitempty"`
+	Key     string `json:"key,omitempty" yaml:"key,omitempty"`
+	In      string `json:"in,omitempty" yaml:"in,omitempty"`
+}

platform-api/src/internal/model/llm.go

@@ -154,6 +154,7 @@ type LLMProviderConfig struct {
 	AccessControl *LLMAccessControl      `json:"accessControl,omitempty" db:"-"`
 	RateLimiting  *LLMRateLimitingConfig `json:"rateLimiting,omitempty" db:"-"`
 	Policies      []LLMPolicy            `json:"policies,omitempty" db:"-"`
+	Security      *SecurityConfig        `json:"security,omitempty" db:"-"`
 }
 
 // LLMProxy represents an LLM proxy entity
@@ -175,10 +176,22 @@ type LLMProxy struct {
 }
 
 type LLMProxyConfig struct {
-	Name     string      `json:"name,omitempty" db:"-"`
-	Version  string      `json:"version,omitempty" db:"-"`
-	Context  *string     `json:"context,omitempty" db:"-"`
-	Vhost    *string     `json:"vhost,omitempty" db:"-"`
-	Provider string      `json:"provider,omitempty" db:"-"`
-	Policies []LLMPolicy `json:"policies,omitempty" db:"-"`
+	Name     string          `json:"name,omitempty" db:"-"`
+	Version  string          `json:"version,omitempty" db:"-"`
+	Context  *string         `json:"context,omitempty" db:"-"`
+	Vhost    *string         `json:"vhost,omitempty" db:"-"`
+	Provider string          `json:"provider,omitempty" db:"-"`
+	Policies []LLMPolicy     `json:"policies,omitempty" db:"-"`
+	Security *SecurityConfig `json:"security,omitempty" db:"-"`
+}
+
+type SecurityConfig struct {
+	Enabled *bool           `json:"enabled,omitempty" yaml:"enabled,omitempty"`
+	APIKey  *APIKeySecurity `json:"apiKey,omitempty" yaml:"apiKey,omitempty"`
+}
+
+type APIKeySecurity struct {
+	Enabled *bool  `json:"enabled,omitempty" yaml:"enabled,omitempty"`
+	Key     string `json:"key,omitempty" yaml:"key,omitempty"`
+	In      string `json:"in,omitempty" yaml:"in,omitempty"`
 }

platform-api/src/internal/service/llm.go

@@ -277,6 +277,7 @@ func (s *LLMProviderService) Create(orgUUID, createdBy string, req *dto.LLMProvi
 			AccessControl: mapAccessControl(&req.AccessControl),
 			RateLimiting:  mapRateLimiting(req.RateLimiting),
 			Policies:      mapPolicies(req.Policies),
+			Security:      mapSecurityDTOToModel(req.Security),
 		},
 	}
 
@@ -414,6 +415,7 @@ func (s *LLMProviderService) Update(orgUUID, handle string, req *dto.LLMProvider
 			AccessControl: mapAccessControl(&req.AccessControl),
 			RateLimiting:  mapRateLimiting(req.RateLimiting),
 			Policies:      mapPolicies(req.Policies),
+			Security:      mapSecurityDTOToModel(req.Security),
 		},
 	}
 
@@ -498,6 +500,7 @@ func (s *LLMProxyService) Create(orgUUID, createdBy string, req *dto.LLMProxy) (
 			Vhost:    &req.VHost,
 			Provider: req.Provider,
 			Policies: mapPolicies(req.Policies),
+			Security: mapSecurityDTOToModel(req.Security),
 		},
 	}
 
@@ -672,6 +675,7 @@ func (s *LLMProxyService) Update(orgUUID, handle string, req *dto.LLMProxy) (*dt
 			Vhost:    &req.VHost,
 			Provider: req.Provider,
 			Policies: mapPolicies(req.Policies),
+			Security: mapSecurityDTOToModel(req.Security),
 		},
 	}
 	if err := s.repo.Update(m); err != nil {
@@ -981,6 +985,7 @@ func mapProviderModelToDTO(m *model.LLMProvider, templateHandle string) *dto.LLM
 		RateLimiting:   mapRateLimitingDTO(m.Configuration.RateLimiting),
 		Upstream:       mapUpstreamConfigToDTO(m.Configuration.Upstream),
 		AccessControl:  dto.LLMAccessControl{Mode: "deny_all"},
+		Security:       mapSecurityModelToDTO(m.Configuration.Security),
 		CreatedAt:      m.CreatedAt,
 		UpdatedAt:      m.UpdatedAt,
 	}
@@ -1278,6 +1283,7 @@ func mapProxyModelToDTO(m *model.LLMProxy) *dto.LLMProxy {
 		VHost:       vhostValue,
 		Provider:    m.Configuration.Provider,
 		OpenAPI:     m.OpenAPISpec,
+		Security:    mapSecurityModelToDTO(m.Configuration.Security),
 		CreatedAt:   m.CreatedAt,
 		UpdatedAt:   m.UpdatedAt,
 	}
@@ -1293,3 +1299,25 @@ func mapProxyModelToDTO(m *model.LLMProxy) *dto.LLMProxy {
 	}
 	return out
 }
+
+func mapSecurityDTOToModel(in *dto.SecurityConfig) *model.SecurityConfig {
+	if in == nil {
+		return nil
+	}
+	out := &model.SecurityConfig{Enabled: in.Enabled}
+	if in.APIKey != nil {
+		out.APIKey = &model.APIKeySecurity{Enabled: in.APIKey.Enabled, Key: in.APIKey.Key, In: in.APIKey.In}
+	}
+	return out
+}
+
+func mapSecurityModelToDTO(in *model.SecurityConfig) *dto.SecurityConfig {
+	if in == nil {
+		return nil
+	}
+	out := &dto.SecurityConfig{Enabled: in.Enabled}
+	if in.APIKey != nil {
+		out.APIKey = &dto.APIKeySecurity{Enabled: in.APIKey.Enabled, Key: in.APIKey.Key, In: in.APIKey.In}
+	}
+	return out
+}

platform-api/src/resources/openapi.yaml

@@ -2466,6 +2466,40 @@ components:
           description: List of channels exposed by this API
           items:
             $ref: '#/components/schemas/Channel'
+  
+    SecurityConfig:
+      title: Security Configuration
+      description: Defines security mechanisms (API key, OAuth2) applicable to the API
+      type: object
+      properties:
+        enabled:
+          type: boolean
+          description: Whether security is enabled
+          example: true
+        apiKey:
+          $ref: '#/components/schemas/APIKeySecurity'
+
+    APIKeySecurity:
+      title: API Key Security
+      description: Configuration for API key based authentication
+      type: object
+      properties:
+        enabled:
+          type: boolean
+          description: Whether API key authentication is enabled
+          example: true
+        key:
+          type: string
+          description: Name of the header or query parameter to be used for the API key
+          example: "X-API-Key"
+        in:
+          type: string
+          description: Location of the API key (header or query)
+          enum:
+            - header
+            - query
+          example: "header"
+        
     Operation:
       title: API Operation
       type: object
@@ -4413,6 +4447,8 @@ components:
           description: List of policies applied only to this operation (overrides or adds to API-level policies)
           items:
             $ref: "#/components/schemas/LLMPolicy"
+        security:
+          $ref: '#/components/schemas/SecurityConfig'
         createdAt:
           type: string
           format: date-time
@@ -4592,6 +4628,8 @@ components:
           description: List of policies applied only to this operation (overrides or adds to API-level policies)
           items:
             $ref: "#/components/schemas/LLMPolicy"
+        security:
+          $ref: '#/components/schemas/SecurityConfig'
         createdAt:
           type: string
           format: date-time