Refactoring Opportunity

Summary

• File: containers/api-proxy/providers/copilot.js
• Current size: 602 lines
• Responsibilities identified: 4 distinct concerns

Evidence

1. BYOK header/body field parsing and injection (lines 60–188, ~129 lines)

Three standalone functions that parse, validate, and inject Bring-Your-Own-Key customization fields. They operate purely on string data and have no dependency on the adapter or auth logic:

// line 60
function parseByokExtraHeaders(raw) { ... }       // parses AWF_BYOK_EXTRA_HEADERS env var
function parseByokExtraBodyFields(raw) { ... }    // parses AWF_BYOK_EXTRA_BODY_FIELDS env var
function injectByokExtraBodyFields(body, fields) { ... }  // mutates request body

2. Auth credential resolution (lines 189–250, ~62 lines)

Credential lookup helpers that are independently useful and tested:

function stripBearerPrefix(value) { ... }          // normalises Bearer tokens
function resolveApiKey(env) { ... }                // filters AWF sentinel from BYOK key
function resolveCopilotAuthToken(env) { ... }      // resolves BYOK key or GitHub token

3. API endpoint target and model-fallback derivation (lines 251–382, ~132 lines)

Functions that map environment variables to hostnames/paths, plus a policy function with its own business rules:

function deriveCopilotApiTarget(env) { ... }       // env → hostname
function deriveGitHubApiTarget(env) { ... }
function deriveGitHubApiBasePath(env) { ... }
function isGithubCopilotCatalogTarget(rawTarget) { ... }
function getCopilotModelFallbackPolicy(modelFallback, env) { ... }  // ~47 lines

4. Adapter factory (lines 383–602, 220 lines)

createCopilotAdapter is 220 lines. It wires all the above pieces together, but the implementation is large because it also inlines session-ID injection, OTEL span configuration, key-validation probe construction, reflection configuration, and GitHub API routing — all in a single function body.

Proposed Split

createCopilotAdapter itself may benefit from extracting session-ID injection and key-validation probe construction into named helpers once the surrounding context is smaller.

Affected Callers

grep -rn "require.*copilot\|from.*copilot" containers/api-proxy/ 2>/dev/null | grep -v test

Current external callers:

• containers/api-proxy/model-config.js — imports getCopilotModelFallbackPolicy
• containers/api-proxy/providers/index.js — imports createCopilotAdapter

Internal test access is through _testing export; the new modules can expose their own _testing exports.

Effort Estimate

Low — functions are already independently defined; no logic changes required.

Benefits

• BYOK parsing logic becomes independently testable and mockable without loading the full adapter
• Auth resolution is a security-sensitive path; isolating it makes audits easier
• createCopilotAdapter shrinks from 220 lines to ~80–100 lines once setup helpers are extracted
• Each new file has a single clear purpose matching the existing provider module pattern

Detected by Refactoring Scanner workflow. Run date: 2026-06-05

Generated by Refactoring Opportunity Scanner · sonnet46 3.2M · ◷

• expires on Aug 4, 2026, 4:02 PM UTC