callAIAPI calls the configured AI API to get an explanation.
(explainContext string)
| 145 | |
| 146 | // callAIAPI calls the configured AI API to get an explanation. |
| 147 | func (e *Enforcer) callAIAPI(explainContext string) (string, error) { |
| 148 | // Prepare the request |
| 149 | messages := []aiMessage{ |
| 150 | { |
| 151 | Role: "system", |
| 152 | Content: "You are an expert in access control and authorization systems. " + |
| 153 | "Explain why an authorization request was allowed or denied based on the " + |
| 154 | "provided access control model, policies, and enforcement result. " + |
| 155 | "Be clear, concise, and educational.", |
| 156 | }, |
| 157 | { |
| 158 | Role: "user", |
| 159 | Content: fmt.Sprintf("Please explain the following authorization decision:\n\n%s", explainContext), |
| 160 | }, |
| 161 | } |
| 162 | |
| 163 | reqBody := aiChatRequest{ |
| 164 | Model: e.aiConfig.Model, |
| 165 | Messages: messages, |
| 166 | } |
| 167 | |
| 168 | jsonData, err := json.Marshal(reqBody) |
| 169 | if err != nil { |
| 170 | return "", fmt.Errorf("failed to marshal request: %w", err) |
| 171 | } |
| 172 | |
| 173 | // Create HTTP request with context |
| 174 | reqCtx, cancel := context.WithTimeout(context.Background(), e.aiConfig.Timeout) |
| 175 | defer cancel() |
| 176 | |
| 177 | req, err := http.NewRequestWithContext(reqCtx, http.MethodPost, e.aiConfig.Endpoint, bytes.NewBuffer(jsonData)) |
| 178 | if err != nil { |
| 179 | return "", fmt.Errorf("failed to create request: %w", err) |
| 180 | } |
| 181 | |
| 182 | req.Header.Set("Content-Type", "application/json") |
| 183 | req.Header.Set("Authorization", "Bearer "+e.aiConfig.APIKey) |
| 184 | |
| 185 | // Execute request |
| 186 | client := &http.Client{} |
| 187 | |
| 188 | resp, err := client.Do(req) |
| 189 | if err != nil { |
| 190 | return "", fmt.Errorf("failed to execute request: %w", err) |
| 191 | } |
| 192 | defer resp.Body.Close() |
| 193 | |
| 194 | // Read response |
| 195 | body, err := io.ReadAll(resp.Body) |
| 196 | if err != nil { |
| 197 | return "", fmt.Errorf("failed to read response: %w", err) |
| 198 | } |
| 199 | |
| 200 | // Parse response |
| 201 | var chatResp aiChatResponse |
| 202 | if err := json.Unmarshal(body, &chatResp); err != nil { |
| 203 | return "", fmt.Errorf("failed to parse response: %w", err) |
| 204 | } |