Open dluc opened 1 week ago
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @jpalvarezl @ralph-msft @trrwilson.
FYI, I'm using this handler as a workaround:
public class AuthFixHandler : DelegatingHandler
{
protected override Task<HttpResponseMessage> SendAsync(
HttpRequestMessage request, CancellationToken cancellationToken)
{
if (request.Headers.TryGetValues("Authorization", out var headers) && headers.Count() > 1)
{
request.Headers.Authorization = new AuthenticationHeaderValue(
request.Headers.Authorization.Scheme,
request.Headers.Authorization.Parameter);
}
return base.SendAsync(request, cancellationToken);
}
}
A PipelinePolicy
based workaround for anyone that may be interested.
public class AuthorizationHeaderWorkaroundPolicy : PipelinePolicy
{
private const string AuthorizationHeaderName = "Authorization";
public override void Process(PipelineMessage message, IReadOnlyList<PipelinePolicy> pipeline, int currentIndex)
{
RemoveDuplicateHeaderValues(message.Request.Headers);
ProcessNext(message, pipeline, currentIndex);
}
public override async ValueTask ProcessAsync(PipelineMessage message, IReadOnlyList<PipelinePolicy> pipeline, int currentIndex)
{
RemoveDuplicateHeaderValues(message.Request.Headers);
await ProcessNextAsync(message, pipeline, currentIndex).ConfigureAwait(false);
}
private static void RemoveDuplicateHeaderValues(PipelineRequestHeaders headers)
{
if (headers.TryGetValues(AuthorizationHeaderName, out var headerValues)
&& headerValues is not null
&& headerValues.TryGetNonEnumeratedCount(out var count)
&& count > 1)
{
headers.Set(AuthorizationHeaderName, headerValues.First());
}
}
}
This can be added to the policies on the AzureOpenAIClientOptions
with the PipelinePosition.PerTry
position.
options.AddPolicy(new AuthorizationHeaderWorkaroundPolicy(), PipelinePosition.PerTry);
Library name and version
Azure.AI.OpenAI 2.0.0-beta.5
Describe the bug
When using
AzureOpenAIClient
and sending too many requests, the Azure service throttling leads to a "401 Unauthorized" error instead of "429 Too Many Requests". Looking at the internal requests, looks like the code is retrying on 429 as expected, sending a malformed request containing theAuthorization
header twice (with the same token).Expected behavior
The client should keep retrying on 429 and/or fail with a HTTP exception status code 429
Actual behavior
The client fails with a HTTP exception status code 401
Reproduction Steps
Output:
Environment