shift-proxy 0.10.1

Native Rust HTTP proxy for SHIFT — intercepts AI API requests, optimizes image payloads, and forwards to upstream providers
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170

//! Forward requests to upstream provider APIs and stream responses back.
//!
//! Handles header forwarding (auth passthrough), hop-by-hop header stripping
//! (RFC 9110 §7.6.1), and transparent SSE/chunked response streaming.

use axum::body::Body;
use axum::http::{HeaderMap, HeaderValue, StatusCode};
use axum::response::{IntoResponse, Response};
use reqwest::Client;

/// Headers stripped from upstream responses before forwarding to the client.
///
/// - `content-encoding` / `content-length`: reqwest auto-decompresses response
///   bodies, so these are stale. Forwarding them causes double-decompression.
///   NOTE: The `gzip`, `brotli`, and `deflate` features MUST be enabled on reqwest
///   for this stripping to be correct. Without them, reqwest does NOT decompress,
///   and stripping content-encoding causes clients to receive raw compressed bytes.
/// - Hop-by-hop headers per RFC 9110 §7.6.1.
const STRIP_RESPONSE_HEADERS: &[&str] = &[
    "content-encoding",
    "content-length",
    "transfer-encoding",
    "connection",
    "keep-alive",
    "proxy-authenticate",
    "proxy-authorization",
    "te",
    "trailer",
    "upgrade",
];

/// Headers stripped from the forwarded request.
///
/// - `host` / `content-length`: stale for the upstream connection.
/// - `accept-encoding`: let reqwest negotiate compression based on its enabled
///   decompression features (`gzip`, `brotli`, `deflate`). Forwarding the client's
///   header could request encodings reqwest can't decompress (e.g., `zstd`), which
///   would result in raw compressed bytes reaching the client after we strip
///   `content-encoding`.
/// - `content-encoding`: the proxy already decompressed the request body (see
///   `body::extract_body`), so telling the upstream it's still compressed would
///   cause a decode error on their end.
const STRIP_REQUEST_HEADERS: &[&str] = &[
    "host",
    "content-length",
    "accept-encoding",
    "content-encoding",
];

/// Forward a request to an upstream URL, streaming the response back.
///
/// Auth headers (`authorization`, `x-api-key`, `anthropic-version`, `x-goog-api-key`)
/// pass through unchanged. The response body is streamed directly — SSE and
/// chunked responses are not buffered.
pub async fn forward_request(
    client: &Client,
    method: &str,
    target_url: &str,
    request_headers: &HeaderMap,
    body: Option<String>,
) -> Response {
    let forwarded_headers = forward_headers(request_headers);

    let mut req = match method.to_uppercase().as_str() {
        "POST" => client.post(target_url),
        "GET" => client.get(target_url),
        "PUT" => client.put(target_url),
        "DELETE" => client.delete(target_url),
        "PATCH" => client.patch(target_url),
        _ => client.post(target_url),
    };

    req = req.headers(forwarded_headers);

    if let Some(body) = body {
        req = req.body(body);
    }

    match req.send().await {
        Ok(upstream) => stream_response(upstream),
        Err(err) => {
            tracing::error!("upstream error: {}", err);
            (
                StatusCode::BAD_GATEWAY,
                axum::Json(serde_json::json!({
                    "error": "Bad Gateway",
                    "detail": "Upstream provider unreachable"
                })),
            )
                .into_response()
        }
    }
}

/// Convert a reqwest Response into an axum Response, streaming the body
/// and stripping hop-by-hop headers.
fn stream_response(upstream: reqwest::Response) -> Response {
    let status = StatusCode::from_u16(upstream.status().as_u16()).unwrap_or(StatusCode::OK);

    let mut response_headers = HeaderMap::new();
    for (name, value) in upstream.headers() {
        let name_str = name.as_str().to_lowercase();
        if STRIP_RESPONSE_HEADERS
            .iter()
            .any(|h| h == &name_str.as_str())
        {
            continue;
        }
        if let Ok(v) = HeaderValue::from_bytes(value.as_bytes()) {
            response_headers.insert(name.clone(), v);
        }
    }

    // Stream the response body directly without buffering.
    // This is critical for SSE (Anthropic/OpenAI streaming) to work correctly.
    let body = Body::from_stream(upstream.bytes_stream());

    let mut response = Response::new(body);
    *response.status_mut() = status;
    *response.headers_mut() = response_headers;
    response
}

/// Forward request headers, stripping host/content-length but passing auth through.
fn forward_headers(original: &HeaderMap) -> HeaderMap {
    let strip: std::collections::HashSet<&str> = STRIP_REQUEST_HEADERS.iter().copied().collect();

    let mut result = HeaderMap::new();
    for (name, value) in original {
        let name_lower = name.as_str().to_lowercase();
        if !strip.contains(name_lower.as_str()) {
            result.insert(name.clone(), value.clone());
        }
    }
    result
}

#[cfg(test)]
mod tests {
    use super::*;
    use axum::http::header;

    #[test]
    fn forward_headers_strips_host_content_length_and_accept_encoding() {
        let mut headers = HeaderMap::new();
        headers.insert(header::HOST, "example.com".parse().unwrap());
        headers.insert(header::CONTENT_LENGTH, "42".parse().unwrap());
        headers.insert(header::ACCEPT_ENCODING, "gzip, br".parse().unwrap());
        headers.insert(header::CONTENT_ENCODING, "gzip".parse().unwrap());
        headers.insert(header::AUTHORIZATION, "Bearer sk-test".parse().unwrap());
        headers.insert("x-api-key", "sk-ant-test".parse().unwrap());
        headers.insert("anthropic-version", "2023-06-01".parse().unwrap());

        let result = forward_headers(&headers);

        assert!(result.get(header::HOST).is_none());
        assert!(result.get(header::CONTENT_LENGTH).is_none());
        assert!(
            result.get(header::ACCEPT_ENCODING).is_none(),
            "accept-encoding should be stripped so reqwest negotiates its own"
        );
        assert!(
            result.get(header::CONTENT_ENCODING).is_none(),
            "content-encoding should be stripped — body was already decompressed"
        );
        assert_eq!(result.get(header::AUTHORIZATION).unwrap(), "Bearer sk-test");
        assert_eq!(result.get("x-api-key").unwrap(), "sk-ant-test");
        assert_eq!(result.get("anthropic-version").unwrap(), "2023-06-01");
    }
}