SamProject/sam-manage
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat:AI 설정 페이지에 GCS 스토리지 설정 통합

Browse Source 
- AI 설정과 스토리지 설정을 탭으로 구분
- GCS 버킷 이름, 서비스 계정 (JSON 직접입력/파일경로) 설정 가능
- GCS 연결 테스트 기능 추가
- GoogleCloudStorageService가 DB 설정 우선 사용 (fallback: 레거시 파일)
- AiConfig 모델에 gcs provider 및 관련 메서드 추가

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
pro
2026-01-29 09:22:12 +09:00
parent dd86d70503
commit 50becbdd28
5 changed files with 634 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

195
app/Http/Controllers/System/AiConfigController.php
View File

@@ -20,12 +20,25 @@ public function index(Request $request): View|Response
return response('', 200)->header('HX-Redirect', route('system.ai-config.index'));
}
$configs = AiConfig::orderBy('provider')
// AI 설정 (gemini, claude, openai)
$aiConfigs = AiConfig::whereIn('provider', AiConfig::AI_PROVIDERS)
->orderBy('provider')
->orderByDesc('is_active')
->orderBy('name')
->get();
return view('system.ai-config.index', compact('configs'));
// 스토리지 설정 (gcs)
$storageConfigs = AiConfig::whereIn('provider', AiConfig::STORAGE_PROVIDERS)
->orderBy('provider')
->orderByDesc('is_active')
->orderBy('name')
->get();
return view('system.ai-config.index', [
'configs' => $aiConfigs,
'aiConfigs' => $aiConfigs,
'storageConfigs' => $storageConfigs,
]);
}
/**
@@ -35,26 +48,40 @@ public function store(Request $request): JsonResponse
{
$validated = $request->validate([
'name' => 'required|string|max:50',
'provider' => 'required|string|in:gemini,claude,openai',
'provider' => 'required|string|in:gemini,claude,openai,gcs',
'api_key' => 'nullable|string|max:255',
'model' => 'required|string|max:100',
'model' => 'nullable|string|max:100',
'base_url' => 'nullable|string|max:255',
'description' => 'nullable|string',
'is_active' => 'boolean',
'options' => 'nullable|array',
'options.auth_type' => 'nullable|string|in:api_key,vertex_ai',
'options.auth_type' => 'nullable|string|in:api_key,vertex_ai,service_account',
'options.project_id' => 'nullable|string|max:100',
'options.region' => 'nullable|string|max:50',
'options.service_account_path' => 'nullable|string|max:500',
'options.bucket_name' => 'nullable|string|max:200',
'options.service_account_json' => 'nullable|array',
]);
// Vertex AI가 아닌 경우 API 키 필수
$authType = $validated['options']['auth_type'] ?? 'api_key';
if ($authType !== 'vertex_ai' && empty($validated['api_key'])) {
return response()->json([
'ok' => false,
'message' => 'API 키를 입력해주세요.',
], 422);
// GCS의 경우 별도 검증
if ($validated['provider'] === 'gcs') {
if (empty($validated['options']['bucket_name'])) {
return response()->json([
'ok' => false,
'message' => '버킷 이름을 입력해주세요.',
], 422);
}
$validated['model'] = '-'; // GCS는 모델 불필요
$validated['api_key'] = 'gcs_service_account'; // DB NOT NULL 제약
} else {
// AI 설정: Vertex AI가 아닌 경우 API 키 필수
$authType = $validated['options']['auth_type'] ?? 'api_key';
if ($authType !== 'vertex_ai' && empty($validated['api_key'])) {
return response()->json([
'ok' => false,
'message' => 'API 키를 입력해주세요.',
], 422);
}
}
// 활성화 시 동일 provider의 다른 설정 비활성화
@@ -81,26 +108,40 @@ public function update(Request $request, int $id): JsonResponse
$validated = $request->validate([
'name' => 'required|string|max:50',
'provider' => 'required|string|in:gemini,claude,openai',
'provider' => 'required|string|in:gemini,claude,openai,gcs',
'api_key' => 'nullable|string|max:255',
'model' => 'required|string|max:100',
'model' => 'nullable|string|max:100',
'base_url' => 'nullable|string|max:255',
'description' => 'nullable|string',
'is_active' => 'boolean',
'options' => 'nullable|array',
'options.auth_type' => 'nullable|string|in:api_key,vertex_ai',
'options.auth_type' => 'nullable|string|in:api_key,vertex_ai,service_account',
'options.project_id' => 'nullable|string|max:100',
'options.region' => 'nullable|string|max:50',
'options.service_account_path' => 'nullable|string|max:500',
'options.bucket_name' => 'nullable|string|max:200',
'options.service_account_json' => 'nullable|array',
]);
// Vertex AI가 아닌 경우 API 키 필수
$authType = $validated['options']['auth_type'] ?? 'api_key';
if ($authType !== 'vertex_ai' && empty($validated['api_key'])) {
return response()->json([
'ok' => false,
'message' => 'API 키를 입력해주세요.',
], 422);
// GCS의 경우 별도 검증
if ($validated['provider'] === 'gcs') {
if (empty($validated['options']['bucket_name'])) {
return response()->json([
'ok' => false,
'message' => '버킷 이름을 입력해주세요.',
], 422);
}
$validated['model'] = '-';
$validated['api_key'] = 'gcs_service_account';
} else {
// AI 설정: Vertex AI가 아닌 경우 API 키 필수
$authType = $validated['options']['auth_type'] ?? 'api_key';
if ($authType !== 'vertex_ai' && empty($validated['api_key'])) {
return response()->json([
'ok' => false,
'message' => 'API 키를 입력해주세요.',
], 422);
}
}
// 활성화 시 동일 provider의 다른 설정 비활성화
@@ -225,4 +266,114 @@ private function testGemini(string $baseUrl, string $model, string $apiKey): arr
'error' => 'API 응답 오류: ' . $response->status(),
];
}
/**
* GCS 연결 테스트
*/
public function testGcs(Request $request): JsonResponse
{
$validated = $request->validate([
'bucket_name' => 'required|string',
'service_account_path' => 'nullable|string',
'service_account_json' => 'nullable|array',
]);
try {
$bucketName = $validated['bucket_name'];
$serviceAccount = null;
// 서비스 계정 로드 (JSON 직접 입력 또는 파일 경로)
if (!empty($validated['service_account_json'])) {
$serviceAccount = $validated['service_account_json'];
} elseif (!empty($validated['service_account_path']) && file_exists($validated['service_account_path'])) {
$serviceAccount = json_decode(file_get_contents($validated['service_account_path']), true);
}
if (!$serviceAccount) {
return response()->json([
'ok' => false,
'error' => '서비스 계정 정보를 찾을 수 없습니다.',
]);
}
// OAuth 토큰 획득
$accessToken = $this->getGcsAccessToken($serviceAccount);
if (!$accessToken) {
return response()->json([
'ok' => false,
'error' => 'OAuth 토큰 획득 실패',
]);
}
// 버킷 존재 확인
$response = \Illuminate\Support\Facades\Http::timeout(10)
->withHeaders(['Authorization' => 'Bearer ' . $accessToken])
->get("https://storage.googleapis.com/storage/v1/b/{$bucketName}");
if ($response->successful()) {
return response()->json([
'ok' => true,
'message' => "GCS 연결 성공! 버킷: {$bucketName}",
]);
}
return response()->json([
'ok' => false,
'error' => '버킷 접근 실패: ' . $response->status(),
]);
} catch (\Exception $e) {
return response()->json([
'ok' => false,
'error' => $e->getMessage(),
]);
}
}
/**
* GCS OAuth 토큰 획득
*/
private function getGcsAccessToken(array $serviceAccount): ?string
{
$now = time();
$jwtHeader = $this->base64UrlEncode(json_encode(['alg' => 'RS256', 'typ' => 'JWT']));
$jwtClaim = $this->base64UrlEncode(json_encode([
'iss' => $serviceAccount['client_email'],
'scope' => 'https://www.googleapis.com/auth/devstorage.full_control',
'aud' => 'https://oauth2.googleapis.com/token',
'exp' => $now + 3600,
'iat' => $now
]));
$privateKey = openssl_pkey_get_private($serviceAccount['private_key']);
if (!$privateKey) {
return null;
}
openssl_sign($jwtHeader . '.' . $jwtClaim, $signature, $privateKey, OPENSSL_ALGO_SHA256);
if (PHP_VERSION_ID < 80000) {
openssl_free_key($privateKey);
}
$jwt = $jwtHeader . '.' . $jwtClaim . '.' . $this->base64UrlEncode($signature);
$response = \Illuminate\Support\Facades\Http::asForm()->post('https://oauth2.googleapis.com/token', [
'grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer',
'assertion' => $jwt
]);
if ($response->successful()) {
return $response->json('access_token');
}
return null;
}
/**
* Base64 URL 인코딩
*/
private function base64UrlEncode(string $data): string
{
return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
}
}