fix(auth): avoid leaking or over-persisting affinity keys

Stop using one-shot idempotency keys as long-lived auth-affinity identifiers and remove raw affinity-key values from debug logs so sticky routing keeps its continuity benefits without creating avoidable memory growth or credential exposure risks.
2026-03-30 01:06:39 +00:00 · 2026-03-27 18:34:51 +02:00
parent 26eca8b6ba
commit 4c4cbd44da
2 changed files with 1 additions and 3 deletions
--- a/sdk/api/handlers/handlers.go
+++ b/sdk/api/handlers/handlers.go
@@ -211,8 +211,6 @@ func requestExecutionMetadata(ctx context.Context) map[string]any {
 	if executionSessionID := executionSessionIDFromContext(ctx); executionSessionID != "" {
 		meta[coreexecutor.ExecutionSessionMetadataKey] = executionSessionID
 		meta[authAffinityMetadataKey] = executionSessionID
-	} else if explicitIdempotencyKey != "" {
-		meta[authAffinityMetadataKey] = explicitIdempotencyKey
 	} else if ctx != nil {
 		if ginCtx, ok := ctx.Value("gin").(*gin.Context); ok && ginCtx != nil {
 			if apiKey, exists := ginCtx.Get("apiKey"); exists && apiKey != nil {
--- a/sdk/cliproxy/auth/conductor.go
+++ b/sdk/cliproxy/auth/conductor.go
@@ -2277,7 +2277,7 @@ func (m *Manager) persistAuthAffinity(entry *log.Entry, opts cliproxyexecutor.Op
 	if affinityKey := authAffinityKeyFromMetadata(opts.Metadata); affinityKey != "" {
 		m.SetAuthAffinity(affinityKey, authID)
 		if entry != nil && log.IsLevelEnabled(log.DebugLevel) {
-			entry.Debugf("auth affinity pinned key=%s auth_id=%s provider=%s model=%s", affinityKey, authID, provider, model)
+			entry.Debugf("auth affinity pinned auth_id=%s provider=%s model=%s", authID, provider, model)
 		}
 	}
 }