feat: transcribe and tts model discovery (#8)

Author: akichannnnn

docs/providers.md

@@ -96,6 +96,8 @@ model := provider.ChatModel("gpt-4o-mini")
 | Option | Default | Description |
 |--------|---------|-------------|
 | `WithAPIKey(key)` | `""` | API key sent as `Authorization: Bearer <key>` |
+| `WithBedrockRegion(region)` | disabled | Use AWS SigV4 with the default AWS credential chain for Bedrock's OpenAI-compatible endpoint |
+| `WithBedrockCredentials(region, accessKeyID, secretAccessKey, sessionToken)` | disabled | Use AWS SigV4 with static AWS credentials for Bedrock |
 | `WithBaseURL(url)` | `https://api.openai.com/v1` | Base URL for API requests |
 | `WithHTTPClient(client)` | `&http.Client{}` | Custom HTTP client (for proxies, timeouts, etc.) |
 
@@ -130,6 +132,12 @@ provider := completions.New(
     completions.WithBaseURL("https://your-resource.openai.azure.com/openai/deployments/gpt-4o"),
 )
 
+// Amazon Bedrock OpenAI-compatible endpoint (AWS credentials)
+provider := completions.New(
+    completions.WithBedrockRegion("us-east-1"),
+    completions.WithBaseURL("https://bedrock-mantle.us-east-1.api.aws/v1"),
+)
+
 // Local (Ollama, vLLM, etc.)
 provider := completions.New(
     completions.WithBaseURL("http://localhost:11434/v1"),
@@ -198,6 +206,8 @@ model := provider.ChatModel("gpt-4o-mini")
 | Option | Default | Description |
 |--------|---------|-------------|
 | `WithAPIKey(key)` | `""` | API key sent as `Authorization: Bearer <key>` |
+| `WithBedrockRegion(region)` | disabled | Use AWS SigV4 with the default AWS credential chain for Bedrock's OpenAI-compatible endpoint |
+| `WithBedrockCredentials(region, accessKeyID, secretAccessKey, sessionToken)` | disabled | Use AWS SigV4 with static AWS credentials for Bedrock |
 | `WithBaseURL(url)` | `https://api.openai.com/v1` | Base URL for API requests |
 | `WithHTTPClient(client)` | `&http.Client{}` | Custom HTTP client |
 
@@ -218,6 +228,8 @@ provider := responses.New(
     responses.WithAPIKey("sk-or-v1-..."),
     responses.WithBaseURL("https://openrouter.ai/api/v1"),
 )
+
+Amazon Bedrock's OpenAI-compatible Responses endpoint also works with the same provider when you configure a Bedrock Mantle base URL and either `WithBedrockRegion(...)` or `WithBedrockCredentials(...)`.
 model := provider.ChatModel("openai/o4-mini")
 ```
 
@@ -777,6 +789,8 @@ vec, err := sdk.Embed(ctx, "Hello world",
 | Option | Default | Description |
 |--------|---------|-------------|
 | `WithAPIKey(key)` | `""` | API key sent as `Authorization: Bearer <key>` |
+| `WithBedrockRegion(region)` | disabled | Use AWS SigV4 with the default AWS credential chain for Bedrock's OpenAI-compatible endpoint |
+| `WithBedrockCredentials(region, accessKeyID, secretAccessKey, sessionToken)` | disabled | Use AWS SigV4 with static AWS credentials for Bedrock |
 | `WithBaseURL(url)` | `https://api.openai.com/v1` | Base URL for API requests |
 | `WithHTTPClient(client)` | `&http.Client{}` | Custom HTTP client |
 

go.mod

@@ -3,13 +3,27 @@ module github.com/memohai/twilight-ai
 go 1.25.7
 
 require (
+	github.com/aws/aws-sdk-go-v2 v1.41.5
+	github.com/aws/aws-sdk-go-v2/config v1.32.14
+	github.com/aws/aws-sdk-go-v2/credentials v1.19.14
 	github.com/google/jsonschema-go v0.4.2
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/websocket v1.5.3
 	github.com/modelcontextprotocol/go-sdk v1.5.0
 )
 
 require (
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.21 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.21 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.21 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.6 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.21 // indirect
+	github.com/aws/aws-sdk-go-v2/service/signin v1.0.9 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.30.15 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.19 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.41.10 // indirect
+	github.com/aws/smithy-go v1.24.2 // indirect
 	github.com/segmentio/asm v1.2.1 // indirect
 	github.com/segmentio/encoding v0.5.4 // indirect
 	github.com/yosida95/uritemplate/v3 v3.0.2 // indirect

go.sum

@@ -1,3 +1,31 @@
+github.com/aws/aws-sdk-go-v2 v1.41.5 h1:dj5kopbwUsVUVFgO4Fi5BIT3t4WyqIDjGKCangnV/yY=
+github.com/aws/aws-sdk-go-v2 v1.41.5/go.mod h1:mwsPRE8ceUUpiTgF7QmQIJ7lgsKUPQOUl3o72QBrE1o=
+github.com/aws/aws-sdk-go-v2/config v1.32.14 h1:opVIRo/ZbbI8OIqSOKmpFaY7IwfFUOCCXBsUpJOwDdI=
+github.com/aws/aws-sdk-go-v2/config v1.32.14/go.mod h1:U4/V0uKxh0Tl5sxmCBZ3AecYny4UNlVmObYjKuuaiOo=
+github.com/aws/aws-sdk-go-v2/credentials v1.19.14 h1:n+UcGWAIZHkXzYt87uMFBv/l8THYELoX6gVcUvgl6fI=
+github.com/aws/aws-sdk-go-v2/credentials v1.19.14/go.mod h1:cJKuyWB59Mqi0jM3nFYQRmnHVQIcgoxjEMAbLkpr62w=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.21 h1:NUS3K4BTDArQqNu2ih7yeDLaS3bmHD0YndtA6UP884g=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.21/go.mod h1:YWNWJQNjKigKY1RHVJCuupeWDrrHjRqHm0N9rdrWzYI=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.21 h1:Rgg6wvjjtX8bNHcvi9OnXWwcE0a2vGpbwmtICOsvcf4=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.21/go.mod h1:A/kJFst/nm//cyqonihbdpQZwiUhhzpqTsdbhDdRF9c=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.21 h1:PEgGVtPoB6NTpPrBgqSE5hE/o47Ij9qk/SEZFbUOe9A=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.21/go.mod h1:p+hz+PRAYlY3zcpJhPwXlLC4C+kqn70WIHwnzAfs6ps=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.6 h1:qYQ4pzQ2Oz6WpQ8T3HvGHnZydA72MnLuFK9tJwmrbHw=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.6/go.mod h1:O3h0IK87yXci+kg6flUKzJnWeziQUKciKrLjcatSNcY=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.7 h1:5EniKhLZe4xzL7a+fU3C2tfUN4nWIqlLesfrjkuPFTY=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.7/go.mod h1:x0nZssQ3qZSnIcePWLvcoFisRXJzcTVvYpAAdYX8+GI=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.21 h1:c31//R3xgIJMSC8S6hEVq+38DcvUlgFY0FM6mSI5oto=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.21/go.mod h1:r6+pf23ouCB718FUxaqzZdbpYFyDtehyZcmP5KL9FkA=
+github.com/aws/aws-sdk-go-v2/service/signin v1.0.9 h1:QKZH0S178gCmFEgst8hN0mCX1KxLgHBKKY/CLqwP8lg=
+github.com/aws/aws-sdk-go-v2/service/signin v1.0.9/go.mod h1:7yuQJoT+OoH8aqIxw9vwF+8KpvLZ8AWmvmUWHsGQZvI=
+github.com/aws/aws-sdk-go-v2/service/sso v1.30.15 h1:lFd1+ZSEYJZYvv9d6kXzhkZu07si3f+GQ1AaYwa2LUM=
+github.com/aws/aws-sdk-go-v2/service/sso v1.30.15/go.mod h1:WSvS1NLr7JaPunCXqpJnWk1Bjo7IxzZXrZi1QQCkuqM=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.19 h1:dzztQ1YmfPrxdrOiuZRMF6fuOwWlWpD2StNLTceKpys=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.19/go.mod h1:YO8TrYtFdl5w/4vmjL8zaBSsiNp3w0L1FfKVKenZT7w=
+github.com/aws/aws-sdk-go-v2/service/sts v1.41.10 h1:p8ogvvLugcR/zLBXTXrTkj0RYBUdErbMnAFFp12Lm/U=
+github.com/aws/aws-sdk-go-v2/service/sts v1.41.10/go.mod h1:60dv0eZJfeVXfbT1tFJinbHrDfSJ2GZl4Q//OSSNAVw=
+github.com/aws/smithy-go v1.24.2 h1:FzA3bu/nt/vDvmnkg+R8Xl46gmzEDam6mZ1hzmwXFng=
+github.com/aws/smithy-go v1.24.2/go.mod h1:YE2RhdIuDbA5E5bTdciG9KrW3+TiEONeUWCqxX9i1Fc=
 github.com/golang-jwt/jwt/v5 v5.3.1 h1:kYf81DTWFe7t+1VvL7eS+jKFVWaUnK9cB1qbwn63YCY=
 github.com/golang-jwt/jwt/v5 v5.3.1/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
 github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=

internal/utils/aws.go

@@ -0,0 +1,118 @@
+package utils
+
+import (
+	"bytes"
+	"context"
+	"crypto/sha256"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"net/http"
+	"sync"
+	"time"
+
+	"github.com/aws/aws-sdk-go-v2/aws"
+	v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4"
+	"github.com/aws/aws-sdk-go-v2/config"
+	"github.com/aws/aws-sdk-go-v2/credentials"
+)
+
+const (
+	emptySHA256 = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+
+	bedrockService = "bedrock"
+)
+
+type lazyCredentialsProvider struct {
+	region string
+
+	once sync.Once
+	cp   aws.CredentialsProvider
+	err  error
+}
+
+func NewBedrockDefaultCredentialsPreparer(region string) func(*http.Request) error {
+	return NewSigV4Preparer(bedrockService, region, &lazyCredentialsProvider{region: region})
+}
+
+func NewBedrockStaticCredentialsPreparer(region, accessKeyID, secretAccessKey, sessionToken string) func(*http.Request) error {
+	cp := aws.NewCredentialsCache(credentials.NewStaticCredentialsProvider(accessKeyID, secretAccessKey, sessionToken))
+	return NewSigV4Preparer(bedrockService, region, cp)
+}
+
+func NewSigV4Preparer(service, region string, cp aws.CredentialsProvider) func(*http.Request) error {
+	signer := v4.NewSigner()
+
+	return func(req *http.Request) error {
+		payloadHash, err := requestPayloadHash(req)
+		if err != nil {
+			return err
+		}
+
+		creds, err := cp.Retrieve(req.Context())
+		if err != nil {
+			return fmt.Errorf("retrieve AWS credentials: %w", err)
+		}
+
+		if err := signer.SignHTTP(req.Context(), creds, req, payloadHash, service, region, time.Now().UTC()); err != nil {
+			return fmt.Errorf("sign AWS request: %w", err)
+		}
+
+		return nil
+	}
+}
+
+func (p *lazyCredentialsProvider) Retrieve(ctx context.Context) (aws.Credentials, error) {
+	p.once.Do(func() {
+		cfg, err := config.LoadDefaultConfig(ctx, config.WithRegion(p.region))
+		if err != nil {
+			p.err = err
+			return
+		}
+		p.cp = cfg.Credentials
+	})
+	if p.err != nil {
+		return aws.Credentials{}, p.err
+	}
+	return p.cp.Retrieve(ctx)
+}
+
+func requestPayloadHash(req *http.Request) (string, error) {
+	if req.Body == nil {
+		return emptySHA256, nil
+	}
+
+	if req.GetBody != nil {
+		body, err := req.GetBody()
+		if err != nil {
+			return "", fmt.Errorf("clone request body: %w", err)
+		}
+		defer body.Close()
+		return hashReader(body)
+	}
+
+	data, err := io.ReadAll(req.Body)
+	if err != nil {
+		return "", fmt.Errorf("read request body: %w", err)
+	}
+
+	req.Body = io.NopCloser(bytes.NewReader(data))
+	req.GetBody = func() (io.ReadCloser, error) {
+		return io.NopCloser(bytes.NewReader(data)), nil
+	}
+
+	return hashBytes(data), nil
+}
+
+func hashReader(r io.Reader) (string, error) {
+	h := sha256.New()
+	if _, err := io.Copy(h, r); err != nil {
+		return "", fmt.Errorf("hash request body: %w", err)
+	}
+	return hex.EncodeToString(h.Sum(nil)), nil
+}
+
+func hashBytes(data []byte) string {
+	sum := sha256.Sum256(data)
+	return hex.EncodeToString(sum[:])
+}

internal/utils/fetch.go

@@ -17,6 +17,7 @@ type RequestOptions struct {
 	Headers map[string]string
 	Query   map[string]string
 	Body    any
+	Prepare func(*http.Request) error
 }
 
 type APIError struct {
@@ -86,6 +87,12 @@ func BuildRequest(ctx context.Context, opts *RequestOptions) (*http.Request, err
 		req.Header.Set(k, v)
 	}
 
+	if opts.Prepare != nil {
+		if err := opts.Prepare(req); err != nil {
+			return nil, fmt.Errorf("prepare request: %w", err)
+		}
+	}
+
 	return req, nil
 }
 

provider/alibabacloud/speech/speech.go

@@ -5,13 +5,14 @@ package speech
 
 import (
 	"context"
+	"fmt"
 	"strings"
 
 	sdk "github.com/memohai/twilight-ai/sdk"
 )
 
 const (
-	defaultModelID    = "cosyvoice-tts"
+	defaultModelID    = "cosyvoice-v1"
 	defaultBaseURL    = "wss://dashscope.aliyuncs.com/api-ws/v1/inference/"
 	defaultModel      = "cosyvoice-v1"
 	defaultFormat     = "mp3"
@@ -51,14 +52,22 @@ func New(opts ...Option) *Provider {
 // SpeechModel creates a SpeechModel bound to this provider.
 func (p *Provider) SpeechModel(id string) *sdk.SpeechModel {
 	if id == "" {
-		id = defaultModelID
+		id = defaultModel
 	}
 	return &sdk.SpeechModel{ID: id, Provider: p}
 }
 
+// ListModels returns the speech models exposed by this provider.
+func (p *Provider) ListModels(context.Context) ([]*sdk.SpeechModel, error) {
+	return nil, fmt.Errorf("alibabacloud speech: provider does not expose a remote models discovery API")
+}
+
 // DoSynthesize synthesizes speech and returns the complete audio bytes.
 func (p *Provider) DoSynthesize(ctx context.Context, params sdk.SpeechParams) (*sdk.SpeechResult, error) {
 	cfg := parseConfig(params.Config)
+	if params.Model != nil && params.Model.ID != "" {
+		cfg.Model = params.Model.ID
+	}
 
 	audio, err := p.client.synthesize(ctx, params.Text, &cfg)
 	if err != nil {
@@ -73,6 +82,9 @@ func (p *Provider) DoSynthesize(ctx context.Context, params sdk.SpeechParams) (*
 // DoStream synthesizes speech and returns a streaming result.
 func (p *Provider) DoStream(ctx context.Context, params sdk.SpeechParams) (*sdk.SpeechStreamResult, error) {
 	cfg := parseConfig(params.Config)
+	if params.Model != nil && params.Model.ID != "" {
+		cfg.Model = params.Model.ID
+	}
 
 	ch, errCh := p.client.stream(ctx, params.Text, &cfg)
 	return sdk.NewSpeechStreamResult(ch, contentTypeForFormat(cfg.Format), errCh), nil

provider/alibabacloud/speech/speech_test.go

@@ -163,6 +163,19 @@ func TestProvider_SpeechModel(t *testing.T) {
 	}
 }
 
+func TestProvider_ListModels(t *testing.T) {
+	t.Parallel()
+	p := New()
+
+	models, err := p.ListModels(context.Background())
+	if err == nil {
+		t.Fatal("expected unsupported error")
+	}
+	if len(models) != 0 {
+		t.Fatalf("len(models) = %d, want 0", len(models))
+	}
+}
+
 func TestParseConfig(t *testing.T) {
 	t.Parallel()
 	cfg := parseConfig(map[string]any{

provider/anthropic/messages/messages.go

@@ -763,7 +763,9 @@ type streamingBlock struct {
 
 func generateID() string {
 	b := make([]byte, 12)
-	rand.Read(b)
+	if _, err := rand.Read(b); err != nil {
+		panic("anthropic: generateID entropy failure: " + err.Error())
+	}
 	return fmt.Sprintf("toolu_%x", b)
 }
 

provider/deepgram/speech/speech.go

@@ -66,14 +66,22 @@ func New(opts ...Option) *Provider {
 // SpeechModel creates a SpeechModel bound to this provider.
 func (p *Provider) SpeechModel(id string) *sdk.SpeechModel {
 	if id == "" {
-		id = defaultModelID
+		id = defaultVoiceModel
 	}
 	return &sdk.SpeechModel{ID: id, Provider: p}
 }
 
+// ListModels returns the speech models exposed by this provider.
+func (p *Provider) ListModels(context.Context) ([]*sdk.SpeechModel, error) {
+	return nil, fmt.Errorf("deepgram speech: provider does not expose a remote models discovery API in this SDK")
+}
+
 // DoSynthesize synthesizes speech and returns the complete audio bytes.
 func (p *Provider) DoSynthesize(ctx context.Context, params sdk.SpeechParams) (*sdk.SpeechResult, error) {
 	cfg := parseConfig(params.Config)
+	if params.Model != nil && params.Model.ID != "" {
+		cfg.Model = params.Model.ID
+	}
 
 	body, err := p.doRequest(ctx, params.Text, cfg)
 	if err != nil {
@@ -94,6 +102,9 @@ func (p *Provider) DoSynthesize(ctx context.Context, params sdk.SpeechParams) (*
 // DoStream synthesizes speech and returns a streaming result backed by chunked HTTP body.
 func (p *Provider) DoStream(ctx context.Context, params sdk.SpeechParams) (*sdk.SpeechStreamResult, error) {
 	cfg := parseConfig(params.Config)
+	if params.Model != nil && params.Model.ID != "" {
+		cfg.Model = params.Model.ID
+	}
 
 	body, err := p.doRequest(ctx, params.Text, cfg)
 	if err != nil {

provider/deepgram/speech/speech_test.go

@@ -108,13 +108,26 @@ func TestProvider_DoSynthesize_ConnectionFailure(t *testing.T) {
 func TestProvider_SpeechModel(t *testing.T) {
 	t.Parallel()
 	p := New()
-	m := p.SpeechModel("deepgram-tts")
-	if m.ID != "deepgram-tts" {
+	m := p.SpeechModel("aura-2-orpheus-en")
+	if m.ID != "aura-2-orpheus-en" {
 		t.Errorf("ID = %q", m.ID)
 	}
 	m2 := p.SpeechModel("")
-	if m2.ID != defaultModelID {
-		t.Errorf("default ID = %q, want %q", m2.ID, defaultModelID)
+	if m2.ID != defaultVoiceModel {
+		t.Errorf("default ID = %q, want %q", m2.ID, defaultVoiceModel)
+	}
+}
+
+func TestProvider_ListModels(t *testing.T) {
+	t.Parallel()
+	p := New()
+
+	models, err := p.ListModels(context.Background())
+	if err == nil {
+		t.Fatal("expected unsupported error")
+	}
+	if len(models) != 0 {
+		t.Fatalf("len(models) = %d, want 0", len(models))
 	}
 }