Refactor OpenAI BYOK base URL parsing to reuse shared proxy URL normalization (#4949)

* Initial plan

* Refactor OpenAI BYOK URL parsing to reuse proxy-utils

* fix: update JSDoc for normalizeApiTarget and rename test for clarity

- JSDoc now documents that falsy values (including '') are returned as-is
- Test name clarifies it covers path + query string, not just path

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Landon Cox <landon.cox@microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: 3 people

containers/api-proxy/oidc-token-provider.test.js

@@ -282,6 +282,20 @@ describe('OpenAI adapter with OIDC', () => {
     expect(adapter.getReflectionInfo().auth_type).toBe('static-key');
   });
 
+  it('should not warn when COPILOT_PROVIDER_BASE_URL includes a path and query string', () => {
+    const warnSpy = jest.spyOn(console, 'warn').mockImplementation(() => {});
+    try {
+      createOpenAIAdapter({
+        COPILOT_PROVIDER_TYPE: 'azure',
+        COPILOT_PROVIDER_BASE_URL: 'https://my-resource.openai.azure.com/openai/deployments/gpt-5?api-version=2024-02-01',
+        COPILOT_PROVIDER_API_KEY: 'azure-byok-key',
+      });
+      expect(warnSpy).not.toHaveBeenCalled();
+    } finally {
+      warnSpy.mockRestore();
+    }
+  });
+
   it('should prefer explicit OPENAI_* config over Copilot Azure BYOK env vars', () => {
     const adapter = createOpenAIAdapter({
       OPENAI_API_KEY: 'sk-openai',

containers/api-proxy/providers/openai.js

@@ -10,29 +10,10 @@
  * Base path: OPENAI_API_BASE_PATH  (default: /v1 for the public endpoint)
  */
 
-const { normalizeBasePath, validateAuthHeaderEnv } = require('../proxy-utils');
+const { parseApiTargetAndBasePath, validateAuthHeaderEnv } = require('../proxy-utils');
 const { createBaseAdapterConfig, createAdapterMethods } = require('../adapter-factory');
 const { resolveCloudOidcProviders } = require('./cloud-oidc-init');
 
-function parseByokBaseUrl(baseUrl) {
-  if (!baseUrl) return { target: undefined, basePath: '' };
-  const trimmed = baseUrl.trim();
-  if (!trimmed) return { target: undefined, basePath: '' };
-
-  const candidate = /^[a-zA-Z][a-zA-Z\d+\-.]*:\/\//.test(trimmed)
-    ? trimmed
-    : `https://${trimmed}`;
-  try {
-    const parsed = new URL(candidate);
-    return {
-      target: parsed.hostname || undefined,
-      basePath: normalizeBasePath(parsed.pathname),
-    };
-  } catch {
-    return { target: undefined, basePath: '' };
-  }
-}
-
 /**
  * Create the OpenAI provider adapter.
  *
@@ -58,7 +39,7 @@ function createOpenAIAdapter(env, deps = {}) {
     return '';
   })();
   const copilotByokApiKey = (env.COPILOT_PROVIDER_API_KEY || '').trim() || undefined;
-  const { target: copilotByokTarget, basePath: copilotByokBasePath } = parseByokBaseUrl(env.COPILOT_PROVIDER_BASE_URL);
+  const { target: copilotByokTarget, basePath: copilotByokBasePath } = parseApiTargetAndBasePath(env.COPILOT_PROVIDER_BASE_URL);
 
   const apiKey = openaiApiKey || (copilotAzureByokEnabled ? copilotByokApiKey : undefined);
   const explicitOpenAITarget = env.OPENAI_API_TARGET ? openaiTarget : undefined;

containers/api-proxy/proxy-utils.js

@@ -18,34 +18,75 @@ const { URL } = require('url');
  * *_API_BASE_PATH environment variables.
  *
  * @param {string|undefined} value - Raw env var value
- * @returns {string|undefined} Bare hostname, or undefined if input is falsy
+ * @returns {string|undefined} Bare hostname, the original falsy value if input is falsy (e.g. '' stays ''), or undefined if parsing fails
  */
 function normalizeApiTarget(value) {
   if (!value) return value;
 
-  const trimmed = value.trim();
-  if (!trimmed) return undefined;
-
-  const candidate = /^[a-zA-Z][a-zA-Z\d+\-.]*:\/\//.test(trimmed)
-    ? trimmed
-    : `https://${trimmed}`;
-
-  try {
-    const parsed = new URL(candidate);
+  const parsed = parseApiTargetUrl(value);
+  if (parsed.kind === 'empty') return undefined;
+  if (parsed.kind === 'invalid') {
+    console.warn(`Invalid API target ${parsed.safe}; expected a hostname (e.g. 'api.example.com') or URL`);
+    return undefined;
+  }
 
+  if (parsed.kind === 'ok') {
     if (parsed.pathname !== '/' || parsed.search || parsed.hash || parsed.username || parsed.password || parsed.port) {
-      const safe = trimmed.replace(/[\x00-\x1f\x7f]/g, '?');
       console.warn(
-        `Ignoring unsupported API target URL components in ${safe}; ` +
+        `Ignoring unsupported API target URL components in ${parsed.safe}; ` +
         'configure path prefixes via the corresponding *_API_BASE_PATH environment variable.'
       );
     }
 
     return parsed.hostname || undefined;
-  } catch (err) {
-    const safe = trimmed.replace(/[\x00-\x1f\x7f]/g, '?');
-    console.warn(`Invalid API target ${safe}; expected a hostname (e.g. 'api.example.com') or URL`);
-    return undefined;
+  }
+
+  return undefined;
+}
+
+/**
+ * Parse a target URL/hostname into hostname + normalized pathname.
+ * Intended for BYOK-style base URLs where path components are expected and valid.
+ *
+ * @param {string|undefined} value - Raw env var value
+ * @returns {{ target: string|undefined, basePath: string }} Parsed hostname and normalized base path
+ */
+function parseApiTargetAndBasePath(value) {
+  if (!value) return { target: undefined, basePath: '' };
+
+  const parsed = parseApiTargetUrl(value);
+  if (parsed.kind !== 'ok') return { target: undefined, basePath: '' };
+
+  return {
+    target: parsed.hostname || undefined,
+    basePath: normalizeBasePath(parsed.pathname),
+  };
+}
+
+function parseApiTargetUrl(value) {
+  const trimmed = value.trim();
+  if (!trimmed) return { kind: 'empty' };
+
+  const candidate = /^[a-zA-Z][a-zA-Z\d+\-.]*:\/\//.test(trimmed)
+    ? trimmed
+    : `https://${trimmed}`;
+  const safe = trimmed.replace(/[\x00-\x1f\x7f]/g, '?');
+
+  try {
+    const parsed = new URL(candidate);
+    return {
+      kind: 'ok',
+      safe,
+      hostname: parsed.hostname,
+      pathname: parsed.pathname,
+      search: parsed.search,
+      hash: parsed.hash,
+      username: parsed.username,
+      password: parsed.password,
+      port: parsed.port,
+    };
+  } catch {
+    return { kind: 'invalid', safe };
   }
 }
 
@@ -262,6 +303,7 @@ function validateAuthHeaderEnv(envVarName, rawValue, defaultHeader) {
 
 module.exports = {
   normalizeApiTarget,
+  parseApiTargetAndBasePath,
   normalizeBasePath,
   buildUpstreamPath,
   stripGeminiKeyParam,

containers/api-proxy/server.routing.test.js

@@ -6,6 +6,7 @@
 
 const {
   normalizeApiTarget,
+  parseApiTargetAndBasePath,
   normalizeBasePath,
   buildUpstreamPath,
   makeProviderNotConfiguredResponse,
@@ -52,6 +53,22 @@ describe('normalizeApiTarget', () => {
   });
 });
 
+describe('parseApiTargetAndBasePath', () => {
+  it('extracts hostname and normalized path from full URL', () => {
+    expect(parseApiTargetAndBasePath('https://my-gateway.example.com/openai/deployments/gpt-5'))
+      .toEqual({ target: 'my-gateway.example.com', basePath: '/openai/deployments/gpt-5' });
+  });
+
+  it('extracts hostname and path from schemeless URL-like value', () => {
+    expect(parseApiTargetAndBasePath('my-gateway.example.com/openai/deployments/gpt-5'))
+      .toEqual({ target: 'my-gateway.example.com', basePath: '/openai/deployments/gpt-5' });
+  });
+
+  it('returns empty values for invalid input', () => {
+    expect(parseApiTargetAndBasePath('://invalid')).toEqual({ target: undefined, basePath: '' });
+  });
+});
+
 describe('createAdapterMethods', () => {
   it('builds default validation, model-fetch, and reflection methods', () => {
     const methods = createAdapterMethods({