Skip to content

fix: Impersonating JWT (obo) header not propagated correctly for OpenAI requests. #109

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 16 commits into from
Dec 3, 2025
Merged

fix: Impersonating JWT (obo) header not propagated correctly for OpenAI requests. #109

merged 16 commits into from
Dec 3, 2025

Conversation

@mgiannakopoulos
Copy link
Contributor

@mgiannakopoulos mgiannakopoulos commented Dec 2, 2025
edited
Loading

WIth this change we:

  • Revert the ability for OpenAI clients to dynamically pass api_token and obo_token values (we can achieve this by providing a custom http_client in the factory methods and ensuring that we provide the bearer auth token as another header compared to the default Authorization header [change will happen in a subsequent PR and once Unified Model Gateway accounts for this fact as well]).
  • http_client parameter won't be in a deprecated state anymore. We will continue using it as expected.
  • Removal of timeout parameter, we get the values for timeouts from the http_client parameter.
  • Initialization for OpenAI clients follows the old pattern not breaking the Impersonating JWT (OBO token). The current implementation is not working because OpenAI re-writes all the header values when we try to modify the Authorization header as well.

@mgiannakopoulos mgiannakopoulos self-assigned this Dec 2, 2025
@mgiannakopoulos
Remove 'timeout', go to the previous way of initializing the OpenAI c…
1e74c18 
…lients; 'http_client' should be configured outside of the factory method.
@mgiannakopoulos mgiannakopoulos changed the title fix: Headers not propagated correctly for OpenAI requests. fix: Impersonating JWT (obo) header not propagated correctly for OpenAI requests. Dec 3, 2025
@nunogoncalves03
Copy link
Member

nunogoncalves03 commented Dec 3, 2025

Does this PR affect chat factory initialization time for analyst servers?

@mgiannakopoulos
Copy link
Contributor Author

mgiannakopoulos commented Dec 3, 2025
edited
Loading

Does this PR affect chat factory initialization time for analyst servers?

No, it doesn't. The existing gains should be present and intact with those changes.

@kesmit13 kesmit13 merged commit e496d96 into main Dec 3, 2025
11 checks passed
@kesmit13 kesmit13 deleted the MCDB-86327-fixes branch December 3, 2025 19:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kesmit13 kesmit13 kesmit13 approved these changes

@Prudhvi0717 Prudhvi0717 Prudhvi0717 approved these changes

@srinathnarayanan srinathnarayanan Awaiting requested review from srinathnarayanan

@ricardoasmarques ricardoasmarques Awaiting requested review from ricardoasmarques

@nunogoncalves03 nunogoncalves03 Awaiting requested review from nunogoncalves03

@hbindu-ss hbindu-ss Awaiting requested review from hbindu-ss

Assignees

@mgiannakopoulos mgiannakopoulos

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@mgiannakopoulos @nunogoncalves03 @kesmit13 @Prudhvi0717