Skip to content

Third Party Library AI Proxy
Compare
Choose a tag to compare
@jamesrochabrun jamesrochabrun released this 29 Mar 16:57
· 81 commits to main since this release
v2.1
7278ddb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

AIProxy

The AI Proxy team made this contribution independently. SwiftOpenAI's owner is not involved in its development but accepts it in the spirit of open-source collaboration. It is added for convenience, and its use is at the discretion of the developer.

video.mp4

Protect your OpenAI key without a backend.

What is it?

AIProxy is a backend for AI apps that proxies requests from your app to OpenAI. You can use this service to avoid exposing your OpenAI key in your app. We offer AIProxy support so that developers can build and distribute apps using SwiftOpenAI.

How does my SwiftOpenAI code change?
SwiftOpenAI supports proxying requests through AIProxy with a small change to your integration code.

Instead of initializing service with:

let apiKey = "your_openai_api_key_here"
let service = OpenAIServiceFactory.service(apiKey: apiKey)

Use:

#if DEBUG && targetEnvironment(simulator)
let service = OpenAIServiceFactory.service(
    aiproxyPartialKey: "hardcode_partial_key_here",
    aiproxyDeviceCheckBypass: "hardcode_device_check_bypass_here"
)
#else
let service = OpenAIServiceFactory.service(
    aiproxyPartialKey: "hardcode_partial_key_here"
)
#endif

The aiproxyPartialKey and aiproxyDeviceCheckBypass values are provided to you on the AIProxy developer dashboard.

⚠️ It is important that you do not let the aiproxyDeviceCheckBypass token leak into a distribution build of your app (including TestFlight distributions). Please retain the conditional compilation checks that are present in the sample code above.

What is the aiproxyDeviceCheckBypass constant?
AIProxy uses Apple's DeviceCheck to ensure that requests received by the backend originated from your app on a legitimate Apple device. However, the iOS simulator cannot produce DeviceCheck tokens. Rather than requiring you to constantly build and run on device during development, AIProxy provides a way to skip the DeviceCheck integrity check. The token is intended for use by developers only. If an attacker gets the token, they can make requests to your AIProxy project without including a DeviceCheck token, and thus remove one level of protection.

What is the aiproxyPartialKey constant?
This constant is intended to be included in the distributed version of your app. As the name implies, it is a partial representation of your OpenAI key. Specifically, it is one half of an encrypted version of your key. The other half resides on AIProxy's backend. As your app makes requests to AIProxy, the two encrypted parts are paired, decrypted, and used to fulfill the request to OpenAI.

How to setup my project on AIProxy?
Please see the AIProxy integration guide

⚠️ Disclaimer
Contributors of SwiftOpenAI shall not be liable for any damages or losses caused by third parties. Contributors of this library provide third party integrations as a convenience. Any use of a third party's services are assumed at your own risk.

Assets 2
Loading