openwebui-claude-code/anthropic-proxy
Thomas Friedel 4158af9ebe feat(sandbox): route Anthropic traffic through credential-injecting proxy
Adds a Caddy-based reverse proxy (`anthropic-proxy/`) that forwards
/v1/* to api.anthropic.com with the real credential injected at the
proxy, not in the sandbox. The sandbox now only sees
ANTHROPIC_BASE_URL=http://anthropic-proxy:8081 and a placeholder
ANTHROPIC_AUTH_TOKEN, so `env` / `cat /proc/self/environ` yield nothing.

Proxy auth mode:
- CLAUDE_CODE_OAUTH_TOKEN → `Authorization: Bearer` + appends
  `oauth-2025-04-20` to anthropic-beta (required for subscription OAuth
  on /v1/messages).
- ANTHROPIC_API_KEY → `x-api-key`.

Pipe changes:
- Drop ANTHROPIC_API_KEY / CLAUDE_CODE_OAUTH_TOKEN valves.
- Add ANTHROPIC_BASE_URL valve (defaults to the compose service DNS).
- Replace credential env injection with ANTHROPIC_AUTH_TOKEN=proxied.

Closes acceptance criteria for issue #6.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-18 21:59:59 +02:00
..
Dockerfile feat(sandbox): route Anthropic traffic through credential-injecting proxy 2026-04-18 21:59:59 +02:00
entrypoint.sh feat(sandbox): route Anthropic traffic through credential-injecting proxy 2026-04-18 21:59:59 +02:00