Add GeminiLanguageModel

[mattt]

Resolves #14

[andrewheard]

Hi @mattt, although this approach would be totally fine in server-side Swift environments, as well as BYOK scenarios, we (Firebase) are really trying to discourage developers from hardcoding Gemini API keys into their apps since they can be easily sniffed by malicious actors. Our recommended approach for client-side apps is to use the Firebase AI Logic SDK with Firebase App Check. On Apple platforms, Firebase App Check uses App Attest or DeviceCheck to attest that the requests originate from the developer's actual app.

Would you be open to a direct integration with Firebase AI Logic or offering a way to add additional headers before requests are sent out? Maybe something like request middleware? This would allow App Check headers to be added.

It's very much a WIP but I slapped together a quick prototype of a direct integration in andrewheard@eadba53 last week. The structured output with @AnyLanguageModel.Generable seems to work too.

[mattt]

@andrewheard Thanks for taking a look! I hear you about API credential management, and the perils of embedding them in-app.

The app I'm building from which I spun off AnyLanguageModel uses OAuth to fetch an access token and passes that to an OpenAI adapter pointing at an API-compatible endpoint. This follows my preferred shape for solving this problem — an authentication manager that provides credentials that I can pass to the tokenProvider closure. But I understand that Firebase and other solutions may take a different approach that precludes this pattern, and I want to accommodate that, too.

Would you be open to a direct integration with Firebase AI Logic or offering a way to add additional headers before requests are sent out? Maybe something like request middleware? This would allow App Check headers to be added.

GeminiLanguageModel and the other adapters to HTTP APIs take a URLSession parameter in their initializer. You can pass a configuration with httpAdditionalHeaders or configure a delegate to respond to authentication challenges.

I'm planning to merge this PR pretty much as-is, but telling a good story about auth is the next thing I'd like to work on for this project. By end of week, I'd like the README to have a clear explanation of the problem and a menu of available solutions.

[ronaldmannak]

@mattt, I have an open source reverse proxy written in server-side swift that validates StoreKit 2 receipts and has a very basic rate limiter. I haven't given it much love but did vibe code an upgrade to Hummingbird 2. Happy to transfer ownership if this is a direction you're interested in

https://github.com/PicoMLX/PicoAIProxy/tree/feature/HummingBird2