feat(ui): add key creation deep-links with SSO return URL support#21065
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
edbb39f to
592e227
Compare
Greptile OverviewGreptile SummaryAdds deep-linking to the key creation modal via URL query parameters (e.g.,
Confidence Score: 4/5
|
| Filename | Overview |
|---|---|
| ui/litellm-dashboard/src/utils/returnUrlUtils.ts | New utility for managing return URLs during auth flows using cookies. Includes URL validation against open redirects, dev vs production environment handling, and cookie-based storage. Well-structured with proper validation. |
| ui/litellm-dashboard/src/app/page.tsx | Core page component updated with deep-link parsing, return URL redirect logic, and prefill data threading. Contains an indentation regression in the SidebarProvider JSX section that hurts readability. |
| ui/litellm-dashboard/src/app/login/LoginPage.tsx | Login page updated to handle return URLs after authentication. Auto-SSO redirect and password login both respect return URLs, but the manual "Login with SSO" button does not forward the return URL. |
| ui/litellm-dashboard/src/components/organisms/create_key_button.tsx | Added deep-link support with auto-open modal, prefill form fields, deferred model selection, and role-based access control. Proper validation of team membership and role-based owned_by restrictions. |
| ui/litellm-dashboard/src/app/(dashboard)/hooks/useAuthorized.ts | Auth hook updated to store return URL and build login URL with redirect parameter before redirecting to login. Clean refactor using shared formatUserRole and new return URL utilities. |
Sequence Diagram
sequenceDiagram
participant User
participant Browser
participant PageTSX as page.tsx
participant LoginPage as LoginPage.tsx
participant SSO as SSO Provider
participant CreateKey as create_key_button.tsx
User->>Browser: Visit /ui?create=true&team_id=abc&models=gpt-4
Browser->>PageTSX: Load with URL params
PageTSX->>PageTSX: Parse prefillData from URL params
alt No valid token
PageTSX->>PageTSX: storeReturnUrl() (cookie)
PageTSX->>Browser: Redirect to /ui/login?redirect_to=...
Browser->>LoginPage: Load login page
alt Auto SSO redirect
LoginPage->>SSO: Redirect with redirect_to param
SSO->>Browser: Redirect back with token
Browser->>PageTSX: Load with token
else Password login
LoginPage->>LoginPage: consumeReturnUrl()
LoginPage->>Browser: Redirect to return URL
Browser->>PageTSX: Load with token + original params
end
end
PageTSX->>PageTSX: consumeReturnUrl() on auth success
PageTSX->>CreateKey: Pass autoOpenCreate + prefillData
CreateKey->>CreateKey: Check rolesWithWriteAccess
CreateKey->>CreateKey: Open modal, apply prefill
CreateKey->>CreateKey: Defer model prefill until models loaded
Last reviewed commit: 592e227
| <div className="mt-2"> | ||
| <SidebarProvider setPage={updatePage} defaultSelectedKey={page} sidebarCollapsed={sidebarCollapsed} /> | ||
| </div> | ||
|
|
||
| <SidebarProvider setPage={updatePage} defaultSelectedKey={page} sidebarCollapsed={sidebarCollapsed} /> | ||
| </div> |
There was a problem hiding this comment.
Indentation regression — SidebarProvider and its wrapping </div> lost one level of indent compared to the original. Not a runtime bug (JSX doesn't care about whitespace), but it makes the nesting structure harder to follow. The SidebarProvider should be indented 20 spaces (child of mt-2 div) and </div> should be at 18 spaces.
Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!
Additional Comments (1)
Consider applying the same logic used in the auto-redirect branch: |
592e227 to
0f90f85
Compare
0f90f85 to
4476305
Compare
Enables deep-linking directly to the key creation modal with prefilled form data via URL parameters, including support for preserving these deep-links through SSO authentication flows. Key Creation Deep-links: - Auto-open key creation modal via ?create=true parameter - Prefill form fields from URL parameters (team_id, key_alias, models, etc.) - Role-based access control for auto-open (requires write access) - Race condition protection for redirect handling Example: /ui?create=true&team_id=abc&key_alias=my-key&models=gpt-4,claude-3 SSO Return URL Preservation: - Cookie-based return URL storage (works across ports for SSO flows) - URL validation to prevent open redirect attacks - Support for both dev and production environments Co-Authored-By: Claude Opus 4.5 <[email protected]>
4476305 to
518cd3e
Compare
[Infra] Resolve Merge Conflicts for #21065
…shed [Infra] Resolve Merge Conflicts for BerriAI#21065
Summary
Enables deep-linking directly to the key creation modal with prefilled form data via URL parameters, including support for preserving these deep-links through SSO authentication flows.
**Walk through Video**
deep-link-video-trim.mov
Key Creation Deep-links:
Example: /ui?create=true&team_id=abc&key_alias=my-key&models=gpt-4,claude-3
SSO Return URL Preservation:
Relevant issues
Pre-Submission checklist
Please complete all items before asking a LiteLLM maintainer to review your PR
tests/litellm/directory, Adding at least 1 test is a hard requirement - see detailsmake test-unit@greptileaiand received a Confidence Score of at least 4/5 before requesting a maintainer reviewCI (LiteLLM team)
Branch creation CI run
Link:
CI run for the last commit
Link:
Merge / cherry-pick CI run
Links:
Type
🆕 New Feature
🧹 Refactoring
✅ Test
Changes