feat(antigravity): configurable signature cache with bypass-mode validation

Antigravity 的 Claude thinking signature 处理新增 cache/bypass 双模式,
并为 bypass 模式实现按 SIGNATURE-CHANNEL-SPEC.md 的签名校验。

新增 antigravity-signature-cache-enabled 配置项(默认 true):
- cache mode(true):使用服务端缓存的签名,行为与原有逻辑完全一致
- bypass mode(false):直接使用客户端提供的签名,经过校验和归一化

支持配置热重载,运行时可切换模式。

校验流程:
1. 剥离历史 cache-mode 的 'modelGroup#' 前缀(如 claude#Exxxx → Exxxx)
2. 首字符必须为 'E'(单层编码)或 'R'(双层编码),否则拒绝
3. R 开头:base64 解码 → 内层必须以 'E' 开头 → 继续单层校验
4. E 开头:base64 解码 → 首字节必须为 0x12(Claude protobuf 标识)
5. 所有合法签名归一化为 R 形式(双层 base64)发往 Antigravity 后端

非法签名处理策略:
- 非严格模式(默认):translator 静默丢弃无签名的 thinking block
- 严格模式(antigravity-signature-bypass-strict: true):
  executor 层在请求发往上游前直接返回 HTTP 400

按 SIGNATURE-CHANNEL-SPEC.md 解析 Claude 签名的完整 protobuf 结构:
- Top-level Field 2(容器)→ Field 1(渠道块)
- 渠道块提取:channel_id (Field 1)、infrastructure (Field 2)、
  model_text (Field 6)、field7 (Field 7)
- 计算 routing_class、infrastructure_class、schema_features
- 使用 google.golang.org/protobuf/encoding/protowire 解析

- resolveThinkingSignature 拆分为 resolveCacheModeSignature / resolveBypassModeSignature
- hasResolvedThinkingSignature:mode-aware 签名有效性判断
  (cache: len>=50 via HasValidSignature,bypass: non-empty)
- validateAntigravityRequestSignatures:executor 预检,
  仅在 bypass + strict 模式下拦截非法签名返回 400
- 响应侧签名缓存逻辑与 cache mode 集成
- Cache mode 行为完全保留:无 '#' 前缀的原生签名静默丢弃
This commit is contained in:
sususu98
2026-03-31 14:15:06 +08:00
parent 1dba2d0f81
commit cf249586a9
11 changed files with 1494 additions and 62 deletions
@@ -1,6 +1,7 @@
package claude
import (
"bytes"
"context"
"strings"
"testing"
@@ -244,3 +245,105 @@ func TestConvertAntigravityResponseToClaude_MultipleThinkingBlocks(t *testing.T)
t.Error("Second thinking block signature should be cached")
}
}
func TestConvertAntigravityResponseToClaude_TextAndSignatureInSameChunk(t *testing.T) {
cache.ClearSignatureCache("")
requestJSON := []byte(`{
"model": "claude-sonnet-4-5-thinking",
"messages": [{"role": "user", "content": [{"type": "text", "text": "Test"}]}]
}`)
validSignature := "RtestSig1234567890123456789012345678901234567890123456789"
// Chunk 1: thinking text only (no signature)
chunk1 := []byte(`{
"response": {
"candidates": [{
"content": {
"parts": [{"text": "First part.", "thought": true}]
}
}]
}
}`)
// Chunk 2: thinking text AND signature in the same part
chunk2 := []byte(`{
"response": {
"candidates": [{
"content": {
"parts": [{"text": " Second part.", "thought": true, "thoughtSignature": "` + validSignature + `"}]
}
}]
}
}`)
var param any
ctx := context.Background()
result1 := ConvertAntigravityResponseToClaude(ctx, "claude-sonnet-4-5-thinking", requestJSON, requestJSON, chunk1, &param)
result2 := ConvertAntigravityResponseToClaude(ctx, "claude-sonnet-4-5-thinking", requestJSON, requestJSON, chunk2, &param)
allOutput := string(bytes.Join(result1, nil)) + string(bytes.Join(result2, nil))
// The text " Second part." must appear as a thinking_delta, not be silently dropped
if !strings.Contains(allOutput, "Second part.") {
t.Error("Text co-located with signature must be emitted as thinking_delta before the signature")
}
// The signature must also be emitted
if !strings.Contains(allOutput, "signature_delta") {
t.Error("Signature delta must still be emitted")
}
// Verify the cached signature covers the FULL text (both parts)
fullText := "First part. Second part."
cachedSig := cache.GetCachedSignature("claude-sonnet-4-5-thinking", fullText)
if cachedSig != validSignature {
t.Errorf("Cached signature should cover full text %q, got sig=%q", fullText, cachedSig)
}
}
func TestConvertAntigravityResponseToClaude_SignatureOnlyChunk(t *testing.T) {
cache.ClearSignatureCache("")
requestJSON := []byte(`{
"model": "claude-sonnet-4-5-thinking",
"messages": [{"role": "user", "content": [{"type": "text", "text": "Test"}]}]
}`)
validSignature := "RtestSig1234567890123456789012345678901234567890123456789"
// Chunk 1: thinking text
chunk1 := []byte(`{
"response": {
"candidates": [{
"content": {
"parts": [{"text": "Full thinking text.", "thought": true}]
}
}]
}
}`)
// Chunk 2: signature only (empty text) — the normal case
chunk2 := []byte(`{
"response": {
"candidates": [{
"content": {
"parts": [{"text": "", "thought": true, "thoughtSignature": "` + validSignature + `"}]
}
}]
}
}`)
var param any
ctx := context.Background()
ConvertAntigravityResponseToClaude(ctx, "claude-sonnet-4-5-thinking", requestJSON, requestJSON, chunk1, &param)
ConvertAntigravityResponseToClaude(ctx, "claude-sonnet-4-5-thinking", requestJSON, requestJSON, chunk2, &param)
cachedSig := cache.GetCachedSignature("claude-sonnet-4-5-thinking", "Full thinking text.")
if cachedSig != validSignature {
t.Errorf("Signature-only chunk should still cache correctly, got %q", cachedSig)
}
}