@softactivate/adk 1.1.0

package/dist/esm/artifacts/in_memory_artifact_service.js

@@ -0,0 +1,152 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+function isInMemoryConnectionString(uri) {
+  return uri === "memory://";
+}
+class InMemoryArtifactService {
+  constructor() {
+    this.artifacts = {};
+  }
+  saveArtifact({
+    appName,
+    userId,
+    sessionId,
+    filename,
+    artifact,
+    customMetadata
+  }) {
+    if (!artifact.inlineData && !artifact.text) {
+      return Promise.reject(
+        new Error("Artifact must have either inlineData or text content.")
+      );
+    }
+    const path = artifactPath(appName, userId, sessionId, filename);
+    if (!this.artifacts[path]) {
+      this.artifacts[path] = [];
+    }
+    const version = this.artifacts[path].length;
+    const metadata = {
+      version,
+      customMetadata
+    };
+    this.artifacts[path].push({ part: artifact, metadata });
+    return Promise.resolve(version);
+  }
+  loadArtifact({
+    appName,
+    userId,
+    sessionId,
+    filename,
+    version
+  }) {
+    const path = artifactPath(appName, userId, sessionId, filename);
+    const versions = this.artifacts[path];
+    if (!versions) {
+      return Promise.resolve(void 0);
+    }
+    if (version === void 0) {
+      version = versions.length - 1;
+    }
+    return Promise.resolve(versions[version].part);
+  }
+  listArtifactKeys({
+    appName,
+    userId,
+    sessionId
+  }) {
+    const sessionPrefix = `${appName}/${userId}/${sessionId}/`;
+    const usernamespacePrefix = `${appName}/${userId}/user/`;
+    const filenames = [];
+    for (const path in this.artifacts) {
+      if (path.startsWith(sessionPrefix)) {
+        const filename = path.replace(sessionPrefix, "");
+        filenames.push(filename);
+      } else if (path.startsWith(usernamespacePrefix)) {
+        const filename = path.replace(usernamespacePrefix, "");
+        filenames.push(filename);
+      }
+    }
+    return Promise.resolve(filenames.sort());
+  }
+  deleteArtifact({
+    appName,
+    userId,
+    sessionId,
+    filename
+  }) {
+    const path = artifactPath(appName, userId, sessionId, filename);
+    if (!this.artifacts[path]) {
+      return Promise.resolve();
+    }
+    delete this.artifacts[path];
+    return Promise.resolve();
+  }
+  listVersions({
+    appName,
+    userId,
+    sessionId,
+    filename
+  }) {
+    const path = artifactPath(appName, userId, sessionId, filename);
+    const artifacts = this.artifacts[path];
+    if (!artifacts) {
+      return Promise.resolve([]);
+    }
+    const versions = [];
+    for (let i = 0; i < artifacts.length; i++) {
+      versions.push(i);
+    }
+    return Promise.resolve(versions);
+  }
+  listArtifactVersions({
+    appName,
+    userId,
+    sessionId,
+    filename
+  }) {
+    const path = artifactPath(appName, userId, sessionId, filename);
+    const artifacts = this.artifacts[path];
+    if (!artifacts) {
+      return Promise.resolve([]);
+    }
+    return Promise.resolve(artifacts.map((a) => a.metadata));
+  }
+  getArtifactVersion({
+    appName,
+    userId,
+    sessionId,
+    filename,
+    version
+  }) {
+    const path = artifactPath(appName, userId, sessionId, filename);
+    const versions = this.artifacts[path];
+    if (!versions) {
+      return Promise.resolve(void 0);
+    }
+    if (version === void 0) {
+      version = versions.length - 1;
+    }
+    if (versions[version]) {
+      return Promise.resolve(versions[version].metadata);
+    }
+    return Promise.resolve(void 0);
+  }
+}
+function artifactPath(appName, userId, sessionId, filename) {
+  if (fileHasUserNamespace(filename)) {
+    return `${appName}/${userId}/user/${filename}`;
+  }
+  return `${appName}/${userId}/${sessionId}/${filename}`;
+}
+function fileHasUserNamespace(filename) {
+  return filename.startsWith("user:");
+}
+export {
+  InMemoryArtifactService,
+  isInMemoryConnectionString
+};

package/dist/esm/artifacts/registry.js

@@ -0,0 +1,30 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2026 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { FileArtifactService } from "./file_artifact_service.js";
+import { GcsArtifactService } from "./gcs_artifact_service.js";
+import {
+  InMemoryArtifactService,
+  isInMemoryConnectionString
+} from "./in_memory_artifact_service.js";
+function getArtifactServiceFromUri(uri) {
+  if (isInMemoryConnectionString(uri)) {
+    return new InMemoryArtifactService();
+  }
+  if (uri.startsWith("gs://")) {
+    const bucket = uri.split("://")[1];
+    return new GcsArtifactService(bucket);
+  }
+  if (uri.startsWith("file://")) {
+    const rootDir = uri.split("://")[1];
+    return new FileArtifactService(rootDir);
+  }
+  throw new Error(`Unsupported artifact service URI: ${uri}`);
+}
+export {
+  getArtifactServiceFromUri
+};

package/dist/esm/auth/auth_credential.js

@@ -0,0 +1,18 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+var AuthCredentialTypes = /* @__PURE__ */ ((AuthCredentialTypes2) => {
+  AuthCredentialTypes2["API_KEY"] = "apiKey";
+  AuthCredentialTypes2["HTTP"] = "http";
+  AuthCredentialTypes2["OAUTH2"] = "oauth2";
+  AuthCredentialTypes2["OPEN_ID_CONNECT"] = "openIdConnect";
+  AuthCredentialTypes2["SERVICE_ACCOUNT"] = "serviceAccount";
+  return AuthCredentialTypes2;
+})(AuthCredentialTypes || {});
+export {
+  AuthCredentialTypes
+};

package/dist/esm/auth/auth_handler.js

@@ -0,0 +1,131 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { randomUUID } from "../utils/env_aware_utils.js";
+import { OAuth2CredentialExchanger } from "./oauth2/oauth2_credential_exchanger.js";
+class AuthHandler {
+  constructor(authConfig) {
+    this.authConfig = authConfig;
+  }
+  getAuthResponse(state) {
+    const credentialKey = "temp:" + this.authConfig.credentialKey;
+    return state.get(credentialKey);
+  }
+  async parseAndStoreAuthResponse(state) {
+    const credentialKey = "temp:" + this.authConfig.credentialKey;
+    const authSchemeType = this.authConfig.authScheme.type;
+    if (!["oauth2", "openIdConnect"].includes(authSchemeType)) {
+      state.set(credentialKey, this.authConfig.exchangedAuthCredential);
+      return;
+    }
+    if (this.authConfig.exchangedAuthCredential) {
+      const exchanger = new OAuth2CredentialExchanger();
+      const exchangedCredential = await exchanger.exchange({
+        authCredential: this.authConfig.exchangedAuthCredential,
+        authScheme: this.authConfig.authScheme
+      });
+      state.set(credentialKey, exchangedCredential.credential);
+    }
+  }
+  generateAuthRequest() {
+    var _a, _b;
+    const authSchemeType = this.authConfig.authScheme.type;
+    if (!["oauth2", "openIdConnect"].includes(authSchemeType)) {
+      return this.authConfig;
+    }
+    if ((_b = (_a = this.authConfig.exchangedAuthCredential) == null ? void 0 : _a.oauth2) == null ? void 0 : _b.authUri) {
+      return this.authConfig;
+    }
+    if (!this.authConfig.rawAuthCredential) {
+      throw new Error(`Auth Scheme ${authSchemeType} requires authCredential.`);
+    }
+    if (!this.authConfig.rawAuthCredential.oauth2) {
+      throw new Error(
+        `Auth Scheme ${authSchemeType} requires oauth2 in authCredential.`
+      );
+    }
+    if (this.authConfig.rawAuthCredential.oauth2.authUri) {
+      return {
+        credentialKey: this.authConfig.credentialKey,
+        authScheme: this.authConfig.authScheme,
+        rawAuthCredential: this.authConfig.rawAuthCredential,
+        exchangedAuthCredential: this.authConfig.rawAuthCredential
+      };
+    }
+    if (!this.authConfig.rawAuthCredential.oauth2.clientId || !this.authConfig.rawAuthCredential.oauth2.clientSecret) {
+      throw new Error(
+        `Auth Scheme ${authSchemeType} requires both clientId and clientSecret in authCredential.oauth2.`
+      );
+    }
+    return {
+      credentialKey: this.authConfig.credentialKey,
+      authScheme: this.authConfig.authScheme,
+      rawAuthCredential: this.authConfig.rawAuthCredential,
+      exchangedAuthCredential: this.generateAuthUri()
+    };
+  }
+  /**
+   * Generates an response containing the auth uri for user to sign in.
+   *
+   * @return An AuthCredential object containing the auth URI and state.
+   * @throws Error: If the authorization endpoint is not configured in the
+   *     auth scheme.
+   */
+  generateAuthUri() {
+    const authScheme = this.authConfig.authScheme;
+    const authCredential = this.authConfig.rawAuthCredential;
+    if (!authCredential || !authCredential.oauth2) {
+      return authCredential;
+    }
+    let authorizationEndpoint = "";
+    let scopes = [];
+    if ("authorizationEndpoint" in authScheme) {
+      authorizationEndpoint = authScheme.authorizationEndpoint;
+      scopes = authScheme.scopes || [];
+    } else if (authScheme.type === "oauth2" && authScheme.flows) {
+      const flows = authScheme.flows;
+      const flow = flows.implicit || flows.authorizationCode || flows.clientCredentials || flows.password;
+      if (flow) {
+        if ("authorizationUrl" in flow && flow.authorizationUrl) {
+          authorizationEndpoint = flow.authorizationUrl;
+        } else if ("tokenUrl" in flow && flow.tokenUrl) {
+          authorizationEndpoint = flow.tokenUrl;
+        }
+        if (flow.scopes) {
+          scopes = Object.keys(flow.scopes);
+        }
+      }
+    }
+    if (!authorizationEndpoint) {
+      throw new Error("Authorization endpoint not configured in auth scheme.");
+    }
+    const state = randomUUID();
+    const url = new URL(authorizationEndpoint);
+    url.searchParams.set("client_id", authCredential.oauth2.clientId || "");
+    url.searchParams.set(
+      "redirect_uri",
+      authCredential.oauth2.redirectUri || ""
+    );
+    url.searchParams.set("response_type", "code");
+    url.searchParams.set("scope", scopes.join(" "));
+    url.searchParams.set("state", state);
+    url.searchParams.set("access_type", "offline");
+    url.searchParams.set("prompt", "consent");
+    const exchangedAuthCredential = {
+      ...authCredential,
+      oauth2: {
+        ...authCredential.oauth2,
+        authUri: url.toString(),
+        state
+      }
+    };
+    return exchangedAuthCredential;
+  }
+}
+export {
+  AuthHandler
+};

package/dist/esm/auth/auth_preprocessor.js

@@ -0,0 +1,155 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2026 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import {
+  REQUEST_EUC_FUNCTION_CALL_NAME,
+  handleFunctionCallsAsync
+} from "../agents/functions.js";
+import { isLlmAgent } from "../agents/llm_agent.js";
+import { BaseLlmRequestProcessor } from "../agents/processors/base_llm_processor.js";
+import { ReadonlyContext } from "../agents/readonly_context.js";
+import {
+  getFunctionCalls,
+  getFunctionResponses
+} from "../events/event.js";
+import { State } from "../sessions/state.js";
+import { AuthHandler } from "./auth_handler.js";
+const TOOLSET_AUTH_CREDENTIAL_ID_PREFIX = "_adk_toolset_auth_";
+async function storeAuthAndCollectResumeTargets(events, authFcIds, authResponses, state) {
+  const requestedAuthConfigById = {};
+  for (const event of events) {
+    const eventFunctionCalls = getFunctionCalls(event);
+    for (const functionCall of eventFunctionCalls) {
+      if (functionCall.id && authFcIds.has(functionCall.id) && functionCall.name === REQUEST_EUC_FUNCTION_CALL_NAME) {
+        const args = functionCall.args;
+        if (args && args.authConfig) {
+          requestedAuthConfigById[functionCall.id] = args.authConfig;
+        }
+      }
+    }
+  }
+  for (const fcId of authFcIds) {
+    if (!(fcId in authResponses)) {
+      continue;
+    }
+    const authConfig = authResponses[fcId];
+    const requestedAuthConfig = requestedAuthConfigById[fcId];
+    if (requestedAuthConfig && requestedAuthConfig.credentialKey) {
+      authConfig.credentialKey = requestedAuthConfig.credentialKey;
+    }
+    await new AuthHandler(authConfig).parseAndStoreAuthResponse(state);
+  }
+  const toolsToResume = /* @__PURE__ */ new Set();
+  for (const fcId of authFcIds) {
+    const requestedAuthConfig = requestedAuthConfigById[fcId];
+    if (!requestedAuthConfig) {
+      continue;
+    }
+    for (const event of events) {
+      const eventFunctionCalls = getFunctionCalls(event);
+      for (const functionCall of eventFunctionCalls) {
+        if (functionCall.id === fcId && functionCall.name === REQUEST_EUC_FUNCTION_CALL_NAME) {
+          const args = functionCall.args;
+          if (args && args.functionCallId) {
+            if (args.functionCallId.startsWith(TOOLSET_AUTH_CREDENTIAL_ID_PREFIX)) {
+              continue;
+            }
+            toolsToResume.add(args.functionCallId);
+          }
+        }
+      }
+    }
+  }
+  return toolsToResume;
+}
+class AuthPreprocessor extends BaseLlmRequestProcessor {
+  async *runAsync(invocationContext) {
+    const agent = invocationContext.agent;
+    if (!isLlmAgent(agent)) {
+      return;
+    }
+    const events = invocationContext.session.events;
+    if (!events || events.length === 0) {
+      return;
+    }
+    let lastEventWithContent = null;
+    for (let i = events.length - 1; i >= 0; i--) {
+      const event = events[i];
+      if (event.content !== void 0) {
+        lastEventWithContent = event;
+        break;
+      }
+    }
+    if (!lastEventWithContent || lastEventWithContent.author !== "user") {
+      return;
+    }
+    const responses = getFunctionResponses(lastEventWithContent);
+    if (!responses || responses.length === 0) {
+      return;
+    }
+    const authFcIds = /* @__PURE__ */ new Set();
+    const authResponses = {};
+    for (const functionCallResponse of responses) {
+      if (functionCallResponse.name !== REQUEST_EUC_FUNCTION_CALL_NAME) {
+        continue;
+      }
+      if (functionCallResponse.id) {
+        authFcIds.add(functionCallResponse.id);
+        authResponses[functionCallResponse.id] = functionCallResponse.response;
+      }
+    }
+    if (authFcIds.size === 0) {
+      return;
+    }
+    const state = new State(invocationContext.session.state);
+    const toolsToResume = await storeAuthAndCollectResumeTargets(
+      events,
+      authFcIds,
+      authResponses,
+      state
+    );
+    if (toolsToResume.size === 0) {
+      return;
+    }
+    for (let i = events.length - 2; i >= 0; i--) {
+      const event = events[i];
+      const functionCalls = getFunctionCalls(event);
+      if (!functionCalls || functionCalls.length === 0) {
+        continue;
+      }
+      const hasMatchingCall = functionCalls.some(
+        (call) => call.id ? toolsToResume.has(call.id) : false
+      );
+      if (hasMatchingCall) {
+        const canonicalTools = await agent.canonicalTools(
+          new ReadonlyContext(invocationContext)
+        );
+        const toolsDict = {};
+        for (const tool of canonicalTools) {
+          toolsDict[tool.name] = tool;
+        }
+        const functionResponseEvent = await handleFunctionCallsAsync({
+          invocationContext,
+          functionCallEvent: event,
+          toolsDict,
+          beforeToolCallbacks: agent.canonicalBeforeToolCallbacks,
+          afterToolCallbacks: agent.canonicalAfterToolCallbacks,
+          filters: toolsToResume
+        });
+        if (functionResponseEvent) {
+          yield functionResponseEvent;
+        }
+        return;
+      }
+    }
+  }
+}
+const AUTH_PREPROCESSOR = new AuthPreprocessor();
+export {
+  AUTH_PREPROCESSOR,
+  AuthPreprocessor
+};

package/dist/esm/auth/auth_provider_registry.js

@@ -0,0 +1,33 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2026 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+class AuthProviderRegistry {
+  constructor() {
+    this.providers = /* @__PURE__ */ new Map();
+  }
+  /**
+   * Register a provider instance for an auth scheme type.
+   *
+   * @param authSchemeType The auth scheme type (e.g., 'oauth2', 'apiKey').
+   * @param providerInstance The provider instance to register.
+   */
+  register(authSchemeType, providerInstance) {
+    this.providers.set(authSchemeType, providerInstance);
+  }
+  /**
+   * Get the provider instance for an auth scheme.
+   *
+   * @param authScheme The auth scheme to get provider for.
+   * @returns The provider instance if registered, undefined otherwise.
+   */
+  getProvider(authScheme) {
+    return this.providers.get(authScheme.type);
+  }
+}
+export {
+  AuthProviderRegistry
+};

package/dist/esm/auth/auth_schemes.js

@@ -0,0 +1,33 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+var OAuthGrantType = /* @__PURE__ */ ((OAuthGrantType2) => {
+  OAuthGrantType2["CLIENT_CREDENTIALS"] = "client_credentials";
+  OAuthGrantType2["AUTHORIZATION_CODE"] = "authorization_code";
+  OAuthGrantType2["IMPLICIT"] = "implicit";
+  OAuthGrantType2["PASSWORD"] = "password";
+  return OAuthGrantType2;
+})(OAuthGrantType || {});
+function getOAuthGrantTypeFromFlow(flow) {
+  if (flow.clientCredentials) {
+    return "client_credentials" /* CLIENT_CREDENTIALS */;
+  }
+  if (flow.authorizationCode) {
+    return "authorization_code" /* AUTHORIZATION_CODE */;
+  }
+  if (flow.implicit) {
+    return "implicit" /* IMPLICIT */;
+  }
+  if (flow.password) {
+    return "password" /* PASSWORD */;
+  }
+  return void 0;
+}
+export {
+  OAuthGrantType,
+  getOAuthGrantTypeFromFlow
+};

package/dist/esm/auth/auth_tool.js

@@ -0,0 +1,7 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */

package/dist/esm/auth/base_auth_provider.js

@@ -0,0 +1,7 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2026 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */

package/dist/esm/auth/credential_service/base_credential_service.js

@@ -0,0 +1,7 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */

package/dist/esm/auth/credential_service/in_memory_credential_service.js

@@ -0,0 +1,35 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+class InMemoryCredentialService {
+  constructor() {
+    this.credentials = {};
+  }
+  loadCredential(authConfig, toolContext) {
+    const credentialBucket = this.getBucketForCurrentContext(toolContext);
+    return Promise.resolve(credentialBucket[authConfig.credentialKey]);
+  }
+  async saveCredential(authConfig, toolContext) {
+    const credentialBucket = this.getBucketForCurrentContext(toolContext);
+    if (authConfig.exchangedAuthCredential) {
+      credentialBucket[authConfig.credentialKey] = authConfig.exchangedAuthCredential;
+    }
+  }
+  getBucketForCurrentContext(toolContext) {
+    const { appName, userId } = toolContext.invocationContext.session;
+    if (!this.credentials[appName]) {
+      this.credentials[appName] = {};
+    }
+    if (!this.credentials[appName][userId]) {
+      this.credentials[appName][userId] = {};
+    }
+    return this.credentials[appName][userId];
+  }
+}
+export {
+  InMemoryCredentialService
+};

package/dist/esm/auth/credential_service/session_state_credential_service.js

@@ -0,0 +1,23 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2026 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+class SessionStateCredentialService {
+  loadCredential(authConfig, toolContext) {
+    return Promise.resolve(toolContext.state.get(authConfig.credentialKey));
+  }
+  async saveCredential(authConfig, toolContext) {
+    if (authConfig.exchangedAuthCredential) {
+      toolContext.state.set(
+        authConfig.credentialKey,
+        authConfig.exchangedAuthCredential
+      );
+    }
+  }
+}
+export {
+  SessionStateCredentialService
+};

package/dist/esm/auth/exchanger/base_credential_exchanger.js

@@ -0,0 +1,12 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+class CredentialExchangeError extends Error {
+}
+export {
+  CredentialExchangeError
+};

package/dist/esm/auth/exchanger/credential_exchanger_registry.js

@@ -0,0 +1,31 @@
+import {createRequire as topLevelCreateRequire} from 'module';
+const require = topLevelCreateRequire(import.meta.url);
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+class CredentialExchangerRegistry {
+  constructor() {
+    this.exchangers = {};
+  }
+  /**
+   * Register an exchanger instance for a credential type.
+   * @param credentialType - The credential type to register for.
+   * @param exchangerInstance - The exchanger instance to register.
+   */
+  register(credentialType, exchangerInstance) {
+    this.exchangers[credentialType] = exchangerInstance;
+  }
+  /**
+   * Get the exchanger instance for a credential type.
+   * @param credentialType - The credential type to get exchanger for.
+   * @returns The exchanger instance if registered, undefined otherwise.
+   */
+  getExchanger(credentialType) {
+    return this.exchangers[credentialType];
+  }
+}
+export {
+  CredentialExchangerRegistry
+};