RouteKitAI 0.1.0__py3-none-any.whl

routekitai/providers/openai.py

@@ -0,0 +1,321 @@
+"""OpenAI-compatible model provider."""
+
+import json
+from collections.abc import AsyncIterator
+from typing import Any
+
+import httpx
+
+from routekitai.core.errors import ModelError
+from routekitai.core.message import Message, MessageRole
+from routekitai.core.model import Model, ModelResponse, StreamEvent, ToolCall, Usage
+from routekitai.core.tool import Tool
+
+
+class OpenAIChatModel(Model):
+    """OpenAI-compatible HTTP model provider.
+
+    Supports OpenAI API and compatible endpoints (e.g., local LLM servers).
+    """
+
+    def __init__(
+        self,
+        name: str = "gpt-4",
+        provider: str = "openai",
+        api_key: str | None = None,
+        base_url: str = "https://api.openai.com/v1",
+        **kwargs: Any,
+    ) -> None:
+        """Initialize OpenAI model.
+
+        Args:
+            name: Model name
+            provider: Provider name
+            api_key: API key (defaults to OPENAI_API_KEY env var)
+            base_url: API base URL
+            **kwargs: Additional configuration
+        """
+        super().__init__()
+        self._name = name
+        self._provider = provider
+        self.api_key = api_key
+        self.base_url = base_url.rstrip("/")
+        self._client: httpx.AsyncClient | None = None
+
+    @property
+    def name(self) -> str:
+        """Return the model name."""
+        return self._name
+
+    @property
+    def provider(self) -> str:
+        """Return the provider name."""
+        return self._provider
+
+    def _get_client(self) -> "httpx.AsyncClient":
+        """Get or create HTTP client."""
+        try:
+            import httpx
+        except ImportError as e:
+            raise ModelError(
+                "httpx is required for OpenAI provider. Install with: pip install httpx"
+            ) from e
+
+        if self._client is None:
+            headers = {"Content-Type": "application/json"}
+            if self.api_key:
+                headers["Authorization"] = f"Bearer {self.api_key}"
+            self._client = httpx.AsyncClient(
+                base_url=self.base_url,
+                headers=headers,
+                timeout=60.0,
+            )
+        return self._client
+
+    def _message_to_openai(self, message: Message) -> dict[str, Any]:
+        """Convert routkitai Message to OpenAI format."""
+        role_map = {
+            MessageRole.SYSTEM: "system",
+            MessageRole.USER: "user",
+            MessageRole.ASSISTANT: "assistant",
+            MessageRole.TOOL: "tool",
+        }
+        msg_dict: dict[str, Any] = {
+            "role": role_map.get(message.role, "user"),
+            "content": message.content,
+        }
+        if message.tool_calls:
+            msg_dict["tool_calls"] = [
+                {
+                    "id": tc.get("id", ""),
+                    "type": "function",
+                    "function": {
+                        "name": tc.get("name", ""),
+                        "arguments": json.dumps(tc.get("arguments", {})),
+                    },
+                }
+                for tc in message.tool_calls
+            ]
+        if message.tool_result:
+            msg_dict["tool_call_id"] = message.tool_result.get("tool_call_id", "")
+        return msg_dict
+
+    def _tools_to_openai(self, tools: list[Tool]) -> list[dict[str, Any]]:
+        """Convert routkitai Tools to OpenAI function format."""
+        return [
+            {
+                "type": "function",
+                "function": {
+                    "name": tool.name,
+                    "description": tool.description,
+                    "parameters": tool.parameters,
+                },
+            }
+            for tool in tools
+        ]
+
+    def _openai_to_tool_calls(self, tool_calls: list[dict[str, Any]]) -> list[ToolCall]:
+        """Convert OpenAI tool calls to routkitai format."""
+        result = []
+        for tc in tool_calls:
+            if tc.get("type") == "function":
+                func = tc.get("function", {})
+                try:
+                    arguments = json.loads(func.get("arguments", "{}"))
+                except (json.JSONDecodeError, TypeError):
+                    arguments = func.get("arguments", {})
+                result.append(
+                    ToolCall(
+                        id=tc.get("id", ""),
+                        name=func.get("name", ""),
+                        arguments=arguments,
+                    )
+                )
+        return result
+
+    async def chat(
+        self,
+        messages: list[Message],
+        tools: list[Tool] | None = None,
+        stream: bool = False,
+        **kwargs: Any,
+    ) -> ModelResponse | AsyncIterator[StreamEvent]:
+        """Chat with OpenAI-compatible model.
+
+        Args:
+            messages: Conversation messages
+            tools: Optional tools
+            stream: Whether to stream (not yet implemented)
+            **kwargs: Additional parameters (temperature, max_tokens, etc.)
+
+        Returns:
+            ModelResponse or stream of events
+
+        Raises:
+            ModelError: If API call fails
+        """
+        client = self._get_client()
+
+        # Convert messages
+        openai_messages = [self._message_to_openai(msg) for msg in messages]
+
+        # Prepare request
+        request_data: dict[str, Any] = {
+            "model": self.name,
+            "messages": openai_messages,
+            "stream": stream,
+            **kwargs,  # Allow temperature, max_tokens, etc.
+        }
+
+        # Add tools if provided
+        if tools:
+            request_data["tools"] = self._tools_to_openai(tools)
+
+        try:
+            if stream:
+                # Streaming mode
+                async def stream_generator() -> AsyncIterator[StreamEvent]:
+                    async with client.stream(
+                        "POST", "/chat/completions", json=request_data
+                    ) as response:
+                        response.raise_for_status()
+                        content_buffer = ""
+                        tool_calls_buffer: dict[str, dict[str, Any]] = {}
+
+                        async for line in response.aiter_lines():
+                            if not line.strip() or line.startswith("data: [DONE]"):
+                                continue
+
+                            if line.startswith("data: "):
+                                line = line[6:]  # Remove "data: " prefix
+
+                            try:
+                                chunk_data = json.loads(line)
+                                delta = chunk_data.get("choices", [{}])[0].get("delta", {})
+
+                                # Handle content delta
+                                if "content" in delta:
+                                    content_chunk = delta["content"]
+                                    content_buffer += content_chunk
+                                    yield StreamEvent(
+                                        type="content",
+                                        content=content_chunk,
+                                        metadata={"chunk": chunk_data},
+                                    )
+
+                                # Handle tool calls delta
+                                if "tool_calls" in delta:
+                                    for tool_call_delta in delta["tool_calls"]:
+                                        index = tool_call_delta.get("index", 0)
+                                        if index not in tool_calls_buffer:
+                                            tool_calls_buffer[index] = {
+                                                "id": "",
+                                                "name": "",
+                                                "arguments": "",
+                                            }
+
+                                        if "id" in tool_call_delta:
+                                            tool_calls_buffer[index]["id"] = tool_call_delta["id"]
+                                        if "function" in tool_call_delta:
+                                            func = tool_call_delta["function"]
+                                            if "name" in func:
+                                                tool_calls_buffer[index]["name"] = func["name"]
+                                            if "arguments" in func:
+                                                tool_calls_buffer[index]["arguments"] += func[
+                                                    "arguments"
+                                                ]
+
+                                # Handle usage (usually in last chunk)
+                                if "usage" in chunk_data:
+                                    usage_data = chunk_data["usage"]
+                                    yield StreamEvent(
+                                        type="usage",
+                                        usage=Usage(
+                                            prompt_tokens=usage_data.get("prompt_tokens", 0),
+                                            completion_tokens=usage_data.get(
+                                                "completion_tokens", 0
+                                            ),
+                                            total_tokens=usage_data.get("total_tokens", 0),
+                                        ),
+                                        metadata={"chunk": chunk_data},
+                                    )
+
+                            except json.JSONDecodeError:
+                                continue
+
+                        # Final event with complete content and tool calls
+                        tool_calls = None
+                        if tool_calls_buffer:
+                            tool_calls = []
+                            for idx in sorted(tool_calls_buffer.keys()):
+                                tc_data = tool_calls_buffer[idx]
+                                try:
+                                    arguments = json.loads(tc_data["arguments"])
+                                except json.JSONDecodeError:
+                                    arguments = {}
+                                tool_calls.append(
+                                    ToolCall(
+                                        id=tc_data["id"],
+                                        name=tc_data["name"],
+                                        arguments=arguments,
+                                    )
+                                )
+
+                        yield StreamEvent(
+                            type="done",
+                            content=content_buffer if content_buffer else None,
+                            tool_calls=tool_calls,
+                        )
+
+                return stream_generator()
+            else:
+                # Non-streaming mode
+                response = await client.post("/chat/completions", json=request_data)
+                response.raise_for_status()
+                data = response.json()
+
+                # Parse response
+                choice = data.get("choices", [{}])[0]
+                message = choice.get("message", {})
+                # Handle None content (can happen when there are tool calls)
+                content = message.get("content") or ""
+                tool_calls_data = message.get("tool_calls", [])
+
+                # Convert tool calls
+                tool_calls = None
+                if tool_calls_data:
+                    tool_calls = self._openai_to_tool_calls(tool_calls_data)
+
+                # Parse usage
+                usage_data = data.get("usage", {})
+                usage = Usage(
+                    prompt_tokens=usage_data.get("prompt_tokens", 0),
+                    completion_tokens=usage_data.get("completion_tokens", 0),
+                    total_tokens=usage_data.get("total_tokens", 0),
+                )
+
+                return ModelResponse(
+                    content=content,
+                    tool_calls=tool_calls,
+                    usage=usage,
+                    metadata={"raw_response": data},
+                )
+
+        except httpx.HTTPStatusError as e:
+            raise ModelError(
+                f"OpenAI API error: {e.response.status_code} - {e.response.text}"
+            ) from e
+        except Exception as e:
+            raise ModelError(f"Failed to call OpenAI API: {e}") from e
+
+    async def __aenter__(self) -> "OpenAIChatModel":
+        """Async context manager entry."""
+        return self
+
+    async def __aexit__(
+        self, exc_type: type[BaseException] | None, exc_val: BaseException | None, exc_tb: Any
+    ) -> None:
+        """Async context manager exit."""
+        if self._client:
+            await self._client.aclose()
+            self._client = None

routekitai/sandbox/__init__.py

@@ -0,0 +1,12 @@
+"""Sandbox and security for RouteKit."""
+
+# TODO: Implement sandbox and security features
+from routekitai.sandbox.filesystem import FilesystemSandbox
+from routekitai.sandbox.network import NetworkSandbox
+from routekitai.sandbox.permissions import PermissionManager
+
+__all__ = [
+    "PermissionManager",
+    "NetworkSandbox",
+    "FilesystemSandbox",
+]

routekitai/sandbox/filesystem.py

@@ -0,0 +1,131 @@
+"""Filesystem sandbox for tool execution."""
+
+import shutil
+from pathlib import Path
+from typing import Any
+
+from pydantic import BaseModel, Field
+
+from routekitai.core.errors import RuntimeError as RouteKitRuntimeError
+
+
+class FilesystemSandboxError(RouteKitRuntimeError):
+    """Error raised by filesystem sandbox operations."""
+
+    pass
+
+
+class FilesystemSandbox(BaseModel):
+    """Filesystem sandbox for controlling tool file access.
+
+    Provides path restrictions, read-only mounts, and basic isolation.
+    """
+
+    allowed_paths: list[Path] = Field(default_factory=list, description="Allowed paths")
+    read_only_paths: list[Path] = Field(default_factory=list, description="Read-only paths")
+    sandbox_root: Path | None = Field(default=None, description="Sandbox root directory")
+
+    def check_path(self, path: Path, operation: str = "read") -> bool:
+        """Check if path operation is allowed.
+
+        Args:
+            path: File path
+            operation: Operation type (read, write, delete)
+
+        Returns:
+            True if allowed, False otherwise
+        """
+        # Resolve path to absolute
+        try:
+            resolved_path = path.resolve()
+        except (OSError, RuntimeError):
+            return False
+
+        # If sandbox_root is set, ensure path is within it
+        if self.sandbox_root:
+            try:
+                sandbox_resolved = self.sandbox_root.resolve()
+                # Check if path is within sandbox
+                if not str(resolved_path).startswith(str(sandbox_resolved)):
+                    return False
+            except (OSError, RuntimeError):
+                return False
+
+        # Check if path is in allowed paths
+        if self.allowed_paths:
+            is_allowed = False
+            for allowed in self.allowed_paths:
+                try:
+                    allowed_resolved = allowed.resolve()
+                    if str(resolved_path).startswith(str(allowed_resolved)):
+                        is_allowed = True
+                        break
+                except (OSError, RuntimeError):
+                    continue
+            if not is_allowed:
+                return False
+
+        # Check if path is read-only for write/delete operations
+        if operation in ("write", "delete"):
+            for read_only in self.read_only_paths:
+                try:
+                    read_only_resolved = read_only.resolve()
+                    if str(resolved_path).startswith(str(read_only_resolved)):
+                        return False
+                except (OSError, RuntimeError):
+                    continue
+
+        return True
+
+    async def execute_operation(self, path: Path, operation: str, **kwargs: Any) -> Any:
+        """Execute filesystem operation through sandbox.
+
+        Args:
+            path: File path
+            operation: Operation type (read, write, delete, list)
+            **kwargs: Operation parameters (content for write, etc.)
+
+        Returns:
+            Operation result
+
+        Raises:
+            FilesystemSandboxError: If operation is not allowed or fails
+        """
+        if not self.check_path(path, operation):
+            raise FilesystemSandboxError(
+                f"Operation '{operation}' not allowed on path: {path}",
+                context={"path": str(path), "operation": operation},
+            )
+
+        try:
+            if operation == "read":
+                return path.read_text(encoding="utf-8")
+            elif operation == "write":
+                content = kwargs.get("content", "")
+                path.parent.mkdir(parents=True, exist_ok=True)
+                path.write_text(content, encoding="utf-8")
+                return {"success": True, "path": str(path)}
+            elif operation == "delete":
+                if path.is_file():
+                    path.unlink()
+                elif path.is_dir():
+                    shutil.rmtree(path)
+                return {"success": True, "path": str(path)}
+            elif operation == "list":
+                if path.is_dir():
+                    return [str(p) for p in path.iterdir()]
+                return []
+            elif operation == "exists":
+                return path.exists()
+            elif operation == "mkdir":
+                path.mkdir(parents=True, exist_ok=True)
+                return {"success": True, "path": str(path)}
+            else:
+                raise FilesystemSandboxError(
+                    f"Unknown operation: {operation}", context={"operation": operation}
+                )
+        except Exception as e:
+            raise FilesystemSandboxError(
+                f"Filesystem operation failed: {e}",
+                context={"path": str(path), "operation": operation},
+            ) from e

routekitai/sandbox/network.py

@@ -0,0 +1,142 @@
+"""Network sandbox for tool execution."""
+
+import time
+from collections import defaultdict
+from typing import Any
+from urllib.parse import urlparse
+
+from pydantic import BaseModel, Field
+
+from routekitai.core.errors import RuntimeError as RouteKitRuntimeError
+
+
+class NetworkSandboxError(RouteKitRuntimeError):
+    """Error raised by network sandbox operations."""
+
+    pass
+
+
+class NetworkSandbox(BaseModel):
+    """Network sandbox for controlling tool network access.
+
+    Provides allowlists, blocklists, and basic rate limiting.
+    """
+
+    allowed_hosts: list[str] = Field(default_factory=list, description="Allowed hostnames")
+    blocked_hosts: list[str] = Field(default_factory=list, description="Blocked hostnames")
+    rate_limit: dict[str, Any] = Field(default_factory=dict, description="Rate limit config")
+
+    def __init__(self, **data: Any) -> None:
+        """Initialize network sandbox."""
+        super().__init__(**data)
+        self._request_history: dict[str, list[float]] = defaultdict(list)
+
+    def _extract_host(self, url: str) -> str:
+        """Extract hostname from URL.
+
+        Args:
+            url: URL string
+
+        Returns:
+            Hostname
+        """
+        try:
+            parsed = urlparse(url)
+            return parsed.hostname or ""
+        except Exception:
+            return ""
+
+    async def check_request(self, url: str, method: str = "GET") -> bool:
+        """Check if network request is allowed.
+
+        Args:
+            url: Request URL
+            method: HTTP method
+
+        Returns:
+            True if allowed, False otherwise
+        """
+        host = self._extract_host(url)
+        if not host:
+            return False
+
+        # Check blocked hosts first
+        if self.blocked_hosts:
+            for blocked in self.blocked_hosts:
+                if blocked in host or host in blocked:
+                    return False
+
+        # Check allowed hosts (if specified, must be in list)
+        if self.allowed_hosts:
+            is_allowed = False
+            for allowed in self.allowed_hosts:
+                if allowed in host or host in allowed:
+                    is_allowed = True
+                    break
+            if not is_allowed:
+                return False
+
+        # Check rate limiting
+        if self.rate_limit:
+            requests_per_minute = self.rate_limit.get("requests_per_minute")
+            if requests_per_minute:
+                now = time.time()
+                # Clean old requests (older than 1 minute)
+                self._request_history[host] = [
+                    timestamp for timestamp in self._request_history[host] if now - timestamp < 60
+                ]
+                # Check if limit exceeded
+                if len(self._request_history[host]) >= requests_per_minute:
+                    return False
+
+        return True
+
+    async def execute_request(self, url: str, method: str = "GET", **kwargs: Any) -> Any:
+        """Execute network request through sandbox.
+
+        Args:
+            url: Request URL
+            method: HTTP method
+            **kwargs: Request parameters
+
+        Returns:
+            Response data
+
+        Raises:
+            NetworkSandboxError: If request is not allowed or fails
+        """
+        if not await self.check_request(url, method):
+            raise NetworkSandboxError(
+                f"Network request not allowed: {method} {url}",
+                context={"url": url, "method": method},
+            )
+
+        # Record request for rate limiting
+        host = self._extract_host(url)
+        if host:
+            self._request_history[host].append(time.time())
+
+        # Execute request using httpx
+        try:
+            import httpx
+
+            async with httpx.AsyncClient() as client:
+                response = await client.request(method, url, **kwargs)
+                response.raise_for_status()
+                return {
+                    "status_code": response.status_code,
+                    "headers": dict(response.headers),
+                    "content": response.text,
+                    "json": response.json()
+                    if response.headers.get("content-type", "").startswith("application/json")
+                    else None,
+                }
+        except ImportError:
+            raise NetworkSandboxError(
+                "httpx is required for network requests. Install with: pip install httpx",
+                context={"url": url, "method": method},
+            ) from None
+        except Exception as e:
+            raise NetworkSandboxError(
+                f"Network request failed: {e}", context={"url": url, "method": method}
+            ) from e

routekitai/sandbox/permissions.py

@@ -0,0 +1,70 @@
+"""Permission management for tool execution."""
+
+from enum import Enum
+
+from pydantic import BaseModel, Field
+
+from routekitai.core.tool import ToolPermission
+
+
+class PermissionLevel(str, Enum):
+    """Permission levels for sandbox execution."""
+
+    NONE = "none"
+    READ_ONLY = "read_only"
+    READ_WRITE = "read_write"
+    FULL = "full"
+
+
+class PermissionManager(BaseModel):
+    """Manages permissions for tool execution.
+
+    Guards tool execution by checking permissions before allowing tool calls.
+    """
+
+    permissions: dict[str, PermissionLevel] = Field(
+        default_factory=dict, description="Permission mappings (tool_name -> level)"
+    )
+    default_level: PermissionLevel = Field(
+        default=PermissionLevel.NONE, description="Default permission level"
+    )
+
+    def check_permission(self, permission: ToolPermission, resource: str) -> bool:
+        """Check if permission is granted.
+
+        Args:
+            permission: Tool permission type
+            resource: Resource identifier (typically tool name)
+
+        Returns:
+            True if permission granted, False otherwise
+        """
+        # Check explicit permission
+        if resource in self.permissions:
+            level = self.permissions[resource]
+            if level == PermissionLevel.NONE:
+                return False
+            # For now, any non-NONE level grants permission
+            # Can be refined based on permission type
+            return True
+
+        # Check default level
+        return self.default_level != PermissionLevel.NONE
+
+    def grant_permission(self, resource: str, level: PermissionLevel) -> None:
+        """Grant permission to resource.
+
+        Args:
+            resource: Resource identifier (typically tool name)
+            level: Permission level
+        """
+        self.permissions[resource] = level
+
+    def revoke_permission(self, resource: str) -> None:
+        """Revoke permission from resource.
+
+        Args:
+            resource: Resource identifier
+        """
+        if resource in self.permissions:
+            del self.permissions[resource]