@promptbook/cli 0.103.0-54 → 0.103.0-56

package/apps/agents-server/src/utils/handleChatCompletion.ts

@@ -0,0 +1,355 @@
+import { $getTableName } from '@/src/database/$getTableName';
+import { $provideSupabaseForServer } from '@/src/database/$provideSupabaseForServer';
+import { $provideAgentCollectionForServer } from '@/src/tools/$provideAgentCollectionForServer';
+import { $provideOpenAiAssistantExecutionToolsForServer } from '@/src/tools/$provideOpenAiAssistantExecutionToolsForServer';
+import { Agent, computeAgentHash, PROMPTBOOK_ENGINE_VERSION } from '@promptbook-local/core';
+import { ChatMessage, ChatPromptResult, Prompt, string_book, TODO_any } from '@promptbook-local/types';
+import { computeHash } from '@promptbook-local/utils';
+import { NextRequest, NextResponse } from 'next/server';
+import { validateApiKey } from './validateApiKey';
+
+export async function handleChatCompletion(
+    request: NextRequest,
+    params: { agentName?: string },
+    title: string = 'API Chat Completion',
+) {
+    const { agentName: agentNameFromParams } = params;
+
+    // Validate API key explicitly (in addition to middleware)
+    const apiKeyValidation = await validateApiKey(request);
+    if (!apiKeyValidation.isValid) {
+        return NextResponse.json(
+            {
+                error: {
+                    message: apiKeyValidation.error || 'Invalid API key',
+                    type: 'authentication_error',
+                },
+            },
+            { status: 401 },
+        );
+    }
+    const apiKey = apiKeyValidation.token || null;
+
+    try {
+        const body = await request.json();
+        const { messages, stream, model } = body;
+
+        const agentName = agentNameFromParams || model;
+
+        if (!agentName) {
+            return NextResponse.json(
+                {
+                    error: {
+                        message: 'Agent name is required. Please provide it in the URL or as the "model" parameter.',
+                        type: 'invalid_request_error',
+                    },
+                },
+                { status: 400 },
+            );
+        }
+
+        if (!messages || !Array.isArray(messages) || messages.length === 0) {
+            return NextResponse.json(
+                {
+                    error: {
+                        message: 'Messages array is required and cannot be empty.',
+                        type: 'invalid_request_error',
+                    },
+                },
+                { status: 400 },
+            );
+        }
+
+        const collection = await $provideAgentCollectionForServer();
+        let agentSource: string_book;
+        try {
+            agentSource = await collection.getAgentSource(agentName);
+        } catch (error) {
+            return NextResponse.json(
+                { error: { message: `Agent '${agentName}' not found.`, type: 'invalid_request_error' } },
+                { status: 404 },
+            );
+        }
+
+        if (!agentSource) {
+            return NextResponse.json(
+                { error: { message: `Agent '${agentName}' not found.`, type: 'invalid_request_error' } },
+                { status: 404 },
+            );
+        }
+
+        // Note: Handle system messages as CONTEXT
+        const systemMessages = messages.filter((msg: TODO_any) => msg.role === 'system');
+        if (systemMessages.length > 0) {
+            const contextString = systemMessages.map((msg: TODO_any) => `CONTEXT ${msg.content}`).join('\n');
+            agentSource = `${agentSource}\n\n${contextString}` as string_book;
+        }
+
+        const threadMessages = messages.filter((msg: TODO_any) => msg.role !== 'system');
+
+        if (threadMessages.length === 0) {
+            return NextResponse.json(
+                {
+                    error: {
+                        message: 'Messages array must contain at least one non-system message.',
+                        type: 'invalid_request_error',
+                    },
+                },
+                { status: 400 },
+            );
+        }
+
+        const openAiAssistantExecutionTools = await $provideOpenAiAssistantExecutionToolsForServer();
+        const agent = new Agent({
+            agentSource,
+            executionTools: {
+                llm: openAiAssistantExecutionTools, // Note: Use the same OpenAI Assistant LLM tools as the chat route
+            },
+            isVerbose: true, // or false
+        });
+
+        const agentHash = computeAgentHash(agentSource);
+        const userAgent = request.headers.get('user-agent');
+        const ip =
+            request.headers.get('x-forwarded-for') ||
+            request.headers.get('x-real-ip') ||
+            request.headers.get('x-client-ip');
+
+        // Note: Capture language and platform information
+        const language = request.headers.get('accept-language');
+        // Simple platform extraction from userAgent parentheses content (e.g., Windows NT 10.0; Win64; x64)
+        const platform = userAgent ? userAgent.match(/\(([^)]+)\)/)?.[1] : undefined; // <- TODO: [🧠] Improve platform parsing
+
+        // Prepare thread and content
+        const lastMessage = threadMessages[threadMessages.length - 1];
+        const previousMessages = threadMessages.slice(0, -1);
+
+        const thread: ChatMessage[] = previousMessages.map((msg: TODO_any, index: number) => ({
+            id: `msg-${index}`, // Placeholder ID
+            from: msg.role === 'assistant' ? 'agent' : 'user', // Mapping standard OpenAI roles
+            content: msg.content,
+            isComplete: true,
+            date: new Date(), // We don't have the real date, using current
+        }));
+
+        // Note: Identify the user message
+        const userMessageContent = {
+            role: 'USER',
+            content: lastMessage.content,
+        };
+
+        const supabase = $provideSupabaseForServer();
+        await supabase.from(await $getTableName('ChatHistory')).insert({
+            createdAt: new Date().toISOString(),
+            messageHash: computeHash(userMessageContent),
+            previousMessageHash: null,
+            agentName,
+            agentHash,
+            message: userMessageContent,
+            promptbookEngineVersion: PROMPTBOOK_ENGINE_VERSION,
+            url: request.url,
+            ip,
+            userAgent,
+            language,
+            platform,
+            source: 'OPENAI_API_COMPATIBILITY',
+            apiKey,
+        });
+
+        const prompt: Prompt = {
+            title,
+            content: lastMessage.content,
+            modelRequirements: {
+                modelVariant: 'CHAT',
+                // We could pass 'model' from body if we wanted to enforce it, but Agent usually has its own config
+            },
+            parameters: {},
+            thread,
+        } as Prompt;
+        // Note: Casting as Prompt because the type definition might require properties we don't strictly use or that are optional but TS complains
+
+        if (stream) {
+            const encoder = new TextEncoder();
+            const readableStream = new ReadableStream({
+                async start(controller) {
+                    const runId = `chatcmpl-${Math.random().toString(36).substring(2, 15)}`;
+                    const created = Math.floor(Date.now() / 1000);
+
+                    // Note: Send the initial chunk with role
+                    const initialChunkData = {
+                        id: runId,
+                        object: 'chat.completion.chunk',
+                        created,
+                        model: model || 'promptbook-agent',
+                        choices: [
+                            {
+                                index: 0,
+                                delta: {
+                                    role: 'assistant',
+                                    content: '',
+                                },
+                                finish_reason: null,
+                            },
+                        ],
+                    };
+                    controller.enqueue(encoder.encode(`data: ${JSON.stringify(initialChunkData)}\n\n`));
+
+                    let previousContent = '';
+
+                    try {
+                        const result = await agent.callChatModelStream(prompt, (chunk: ChatPromptResult) => {
+                            const fullContent = chunk.content;
+                            const deltaContent = fullContent.substring(previousContent.length);
+                            previousContent = fullContent;
+
+                            if (deltaContent) {
+                                const chunkData = {
+                                    id: runId,
+                                    object: 'chat.completion.chunk',
+                                    created,
+                                    model: model || 'promptbook-agent',
+                                    choices: [
+                                        {
+                                            index: 0,
+                                            delta: {
+                                                content: deltaContent,
+                                            },
+                                            finish_reason: null,
+                                        },
+                                    ],
+                                };
+                                controller.enqueue(encoder.encode(`data: ${JSON.stringify(chunkData)}\n\n`));
+                            }
+                        });
+
+                        // Note: Identify the agent message
+                        const agentMessageContent = {
+                            role: 'MODEL',
+                            content: result.content,
+                        };
+
+                        // Record the agent message
+                        await supabase.from(await $getTableName('ChatHistory')).insert({
+                            createdAt: new Date().toISOString(),
+                            messageHash: computeHash(agentMessageContent),
+                            previousMessageHash: computeHash(userMessageContent),
+                            agentName,
+                            agentHash,
+                            message: agentMessageContent,
+                            promptbookEngineVersion: PROMPTBOOK_ENGINE_VERSION,
+                            url: request.url,
+                            ip,
+                            userAgent,
+                            language,
+                            platform,
+                            source: 'OPENAI_API_COMPATIBILITY',
+                            apiKey,
+                        });
+
+                        // Note: [🐱‍🚀] Save the learned data
+                        const newAgentSource = agent.agentSource.value;
+                        if (newAgentSource !== agentSource) {
+                            await collection.updateAgentSource(agentName, newAgentSource);
+                        }
+
+                        const doneChunkData = {
+                            id: runId,
+                            object: 'chat.completion.chunk',
+                            created,
+                            model: model || 'promptbook-agent',
+                            choices: [
+                                {
+                                    index: 0,
+                                    delta: {},
+                                    finish_reason: 'stop',
+                                },
+                            ],
+                        };
+                        controller.enqueue(encoder.encode(`data: ${JSON.stringify(doneChunkData)}\n\n`));
+                        controller.enqueue(encoder.encode('[DONE]'));
+                    } catch (error) {
+                        console.error('Error during streaming:', error);
+                        // OpenAI stream doesn't usually send error JSON in stream, just closes or sends error text?
+                        // But we should try to close gracefully or error.
+                        controller.error(error);
+                    }
+                    controller.close();
+                },
+            });
+
+            return new Response(readableStream, {
+                headers: {
+                    'Content-Type': 'text/event-stream',
+                    'Cache-Control': 'no-cache',
+                    Connection: 'keep-alive',
+                },
+            });
+        } else {
+            const result = await agent.callChatModel(prompt);
+
+            // Note: Identify the agent message
+            const agentMessageContent = {
+                role: 'MODEL',
+                content: result.content,
+            };
+
+            // Record the agent message
+            await supabase.from(await $getTableName('ChatHistory')).insert({
+                createdAt: new Date().toISOString(),
+                messageHash: computeHash(agentMessageContent),
+                previousMessageHash: computeHash(userMessageContent),
+                agentName,
+                agentHash,
+                message: agentMessageContent,
+                promptbookEngineVersion: PROMPTBOOK_ENGINE_VERSION,
+                url: request.url,
+                ip,
+                userAgent,
+                language,
+                platform,
+                source: 'OPENAI_API_COMPATIBILITY',
+                apiKey,
+            });
+
+            // Note: [🐱‍🚀] Save the learned data
+            const newAgentSource = agent.agentSource.value;
+            if (newAgentSource !== agentSource) {
+                await collection.updateAgentSource(agentName, newAgentSource);
+            }
+
+            return NextResponse.json({
+                id: `chatcmpl-${Math.random().toString(36).substring(2, 15)}`,
+                object: 'chat.completion',
+                created: Math.floor(Date.now() / 1000),
+                model: model || 'promptbook-agent',
+                choices: [
+                    {
+                        index: 0,
+                        message: {
+                            role: 'assistant',
+                            content: result.content,
+                        },
+                        finish_reason: 'stop',
+                    },
+                ],
+                usage: {
+                    prompt_tokens: result.usage?.input?.tokensCount?.value || 0,
+                    completion_tokens: result.usage?.output?.tokensCount?.value || 0,
+                    total_tokens:
+                        (result.usage?.input?.tokensCount?.value || 0) +
+                        (result.usage?.output?.tokensCount?.value || 0),
+                },
+            });
+        }
+    } catch (error) {
+        console.error(`Error in ${title} handler:`, error);
+        return NextResponse.json(
+            { error: { message: (error as Error).message || 'Internal Server Error', type: 'server_error' } },
+            { status: 500 },
+        );
+    }
+}
+
+/**
+ * TODO: [🈹] Maybe move chat thread handling here
+ */

package/apps/agents-server/src/utils/resolveInheritedAgentSource.ts

@@ -0,0 +1,100 @@
+import { createAgentModelRequirements } from '@promptbook-local/core';
+import type { AgentCollection } from '@promptbook-local/types';
+type string_book = string & { readonly __type: 'book' };
+
+/**
+ * Resolves agent source with inheritance (FROM commitment)
+ *
+ * It recursively fetches the parent agent source and merges it with the current source.
+ *
+ * @param agentSource The initial agent source
+ * @param collection Optional agent collection to resolve local agents efficiently
+ * @returns The resolved agent source with inheritance applied
+ */
+export async function resolveInheritedAgentSource(
+    agentSource: string_book,
+    collection?: AgentCollection,
+): Promise<string_book> {
+    // Check if the source has FROM commitment
+    // We use createAgentModelRequirements to parse commitments
+    // Note: We don't provide tools/models here as we only care about parsing commitments
+    const requirements = await createAgentModelRequirements(agentSource);
+
+    if (!requirements.parentAgentUrl) {
+        return agentSource;
+    }
+
+    const parentUrl = requirements.parentAgentUrl;
+    let parentSource: string_book;
+
+    try {
+        // 1. Try to resolve locally using collection if possible
+        // This is an optimization for internal agents
+        // We assume the URL might be relative or contain the agent name, or we just check if it's a full URL
+        // If it's a full URL, we need to check if it matches our server, but without knowing our server URL it's hard.
+        // So we might need to parse the URL to extract agent name if it matches expected pattern.
+        // For now, let's rely on fetch for external and check collection if it looks like a local reference (though FROM expects URL)
+
+    // If the URL is valid, we try to fetch it
+    // TODO: Handle authentication/tokens for private agents if needed
+
+    // TODO: [🧠] Do this logic more robustly
+    let fetchUrl = parentUrl;
+    if (!fetchUrl.endsWith('/api/book') && !fetchUrl.endsWith('.book') && !fetchUrl.endsWith('.md')) {
+        fetchUrl = `${fetchUrl.replace(/\/$/, '')}/api/book`;
+    }
+
+    const response = await fetch(fetchUrl);
+
+    if (!response.ok) {
+        throw new Error(`Failed to fetch parent agent from ${fetchUrl}: ${response.status} ${response.statusText}`);
+    }
+
+        // We assume the response is the agent source text
+        // TODO: Handle content negotiation or JSON responses if the server returns JSON
+        const contentType = response.headers.get('content-type');
+        if (contentType && contentType.includes('application/json')) {
+             const data = await response.json();
+             // Assume some structure or that the API returns source in a property
+             // For Agents Server API modelRequirements/route.ts returns AgentModelRequirements, not source.
+             // If we point to a raw source endpoint, it returns text.
+             // If we point to the agent page, it returns HTML.
+             // We need a standard way to get source.
+                 // For now, let's assume the URL points to the source or an API returning source.
+             if (typeof data === 'string') {
+                 parentSource = data as string_book;
+             } else if (data.source) {
+                 parentSource = data.source as string_book;
+             } else {
+                 // Fallback or error
+                 console.warn(`Received JSON from ${parentUrl} but couldn't determine source property. Using text.`);
+                 // Re-fetch as text? Or assume body text was read? response.json() consumes body.
+                 // So we might have failed here.
+                 throw new Error(`Received JSON from ${parentUrl} but structure is unknown.`);
+             }
+        } else {
+            parentSource = (await response.text()) as string_book;
+        }
+
+    } catch (error) {
+        console.warn(`Failed to resolve parent agent ${parentUrl}`, error);
+        // If we fail to resolve parent, we return the original source (maybe with a warning or error commitment?)
+        // Or we could throw to fail the build.
+        // For robustness, let's append a warning comment
+        return `${agentSource}\n\n# Warning: Failed to inherit from ${parentUrl}: ${error}` as string_book;
+    }
+
+    // Recursively resolve the parent source
+    const effectiveParentSource = await resolveInheritedAgentSource(parentSource, collection);
+
+    // Strip the FROM commitment from the child source to avoid infinite recursion or re-processing
+    // We can filter lines starting with FROM
+    const childSourceLines = agentSource.split('\n');
+    const filteredChildSource = childSourceLines
+        .filter((line: string) => !line.trim().startsWith('FROM ')) // Simple string check, ideally should use parser location
+        .join('\n');
+
+    // Append child source to parent source
+    // "appends the RULE commitment to its source" -> Parent + Child
+    return `${effectiveParentSource}\n\n${filteredChildSource}` as string_book;
+}

package/apps/agents-server/src/utils/validateApiKey.ts

@@ -0,0 +1,128 @@
+import { createClient } from '@supabase/supabase-js';
+import { NextRequest } from 'next/server';
+import { SERVERS, SUPABASE_TABLE_PREFIX } from '../../config';
+
+// Note: Re-implementing normalizeTo_PascalCase to avoid importing from @promptbook-local/utils which might have Node.js dependencies
+function normalizeTo_PascalCase(text: string): string {
+    return text
+        .replace(/(?:^\w|[A-Z]|\b\w)/g, (word) => {
+            return word.toUpperCase();
+        })
+        .replace(/\s+/g, '');
+}
+
+export type ApiKeyValidationResult = {
+    isValid: boolean;
+    token?: string;
+    error?: string;
+};
+
+/**
+ * Validates an API key from the Authorization header.
+ * Returns validation result with status and optional error message.
+ *
+ * Note: This function provides explicit API key validation in addition to middleware.
+ * Use this when you need to verify API key validity and return specific error messages.
+ */
+export async function validateApiKey(request: NextRequest): Promise<ApiKeyValidationResult> {
+    const authHeader = request.headers.get('authorization');
+
+    // If no auth header, check if user has a session cookie (logged in via web)
+    if (!authHeader) {
+        const hasSession = request.cookies.has('sessionToken');
+        if (hasSession) {
+            return { isValid: true };
+        }
+        return {
+            isValid: false,
+            error: 'Missing Authorization header. Provide a valid API key using "Authorization: Bearer ptbk_..."',
+        };
+    }
+
+    if (!authHeader.startsWith('Bearer ')) {
+        return {
+            isValid: false,
+            error: 'Invalid Authorization header format. Expected "Bearer <token>"',
+        };
+    }
+
+    const token = authHeader.split(' ')[1];
+
+    if (!token) {
+        return {
+            isValid: false,
+            error: 'No token provided in Authorization header',
+        };
+    }
+
+    if (!token.startsWith('ptbk_')) {
+        return {
+            isValid: false,
+            error: 'Invalid API key format. API keys must start with "ptbk_"',
+        };
+    }
+
+    // Determine the table prefix based on the host
+    const host = request.headers.get('host');
+    let tablePrefix = SUPABASE_TABLE_PREFIX;
+
+    if (host && SERVERS && SERVERS.length > 0) {
+        if (SERVERS.some((server) => server === host)) {
+            let serverName = host;
+            serverName = serverName.replace(/\.ptbk\.io$/, '');
+            serverName = normalizeTo_PascalCase(serverName);
+            tablePrefix = `server_${serverName}_`;
+        }
+    }
+
+    const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL;
+    const supabaseKey = process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY;
+
+    if (!supabaseUrl || !supabaseKey) {
+        console.error('Supabase configuration missing for API key validation');
+        return {
+            isValid: false,
+            error: 'Server configuration error',
+        };
+    }
+
+    try {
+        const supabase = createClient(supabaseUrl, supabaseKey, {
+            auth: {
+                persistSession: false,
+                autoRefreshToken: false,
+            },
+        });
+
+        const { data, error } = await supabase
+            .from(`${tablePrefix}ApiTokens`)
+            .select('id, isRevoked')
+            .eq('token', token)
+            .single();
+
+        if (error || !data) {
+            return {
+                isValid: false,
+                error: 'Invalid API key',
+            };
+        }
+
+        if (data.isRevoked) {
+            return {
+                isValid: false,
+                error: 'API key has been revoked',
+            };
+        }
+
+        return {
+            isValid: true,
+            token,
+        };
+    } catch (error) {
+        console.error('Error validating API key:', error);
+        return {
+            isValid: false,
+            error: 'Error validating API key',
+        };
+    }
+}

package/apps/agents-server/tailwind.config.ts

@@ -20,7 +20,7 @@ const config: Config = {
             },
         },
     },
-    plugins: [],
+    plugins: [require('@tailwindcss/typography')],
 };
 
 export default config;