agenta 0.32.0a1__py3-none-any.whl → 0.33.0__py3-none-any.whl

agenta/sdk/middleware/auth.py

@@ -11,16 +11,16 @@ from fastapi.responses import JSONResponse
 from agenta.sdk.middleware.cache import TTLLRUCache, CACHE_CAPACITY, CACHE_TTL
 from agenta.sdk.utils.constants import TRUTHY
 from agenta.sdk.utils.exceptions import display_exception
+from agenta.sdk.utils.logging import log
 
 import agenta as ag
 
+AGENTA_RUNTIME_PREFIX = getenv("AGENTA_RUNTIME_PREFIX", "")
 
-_SHARED_SERVICE = getenv("AGENTA_SHARED_SERVICE", "false").lower() in TRUTHY
-_CACHE_ENABLED = getenv("AGENTA_MIDDLEWARE_CACHE_ENABLED", "true").lower() in TRUTHY
-_UNAUTHORIZED_ALLOWED = (
-    getenv("AGENTA_UNAUTHORIZED_EXECUTION_ALLOWED", "false").lower() in TRUTHY
-)
-_ALWAYS_ALLOW_LIST = ["/health"]
+
+_CACHE_ENABLED = getenv("AGENTA_MIDDLEWARE_CACHE_ENABLED", "false").lower() in TRUTHY
+
+_ALWAYS_ALLOW_LIST = [f"{AGENTA_RUNTIME_PREFIX}/health"]
 
 _cache = TTLLRUCache(capacity=CACHE_CAPACITY, ttl=CACHE_TTL)
 
@@ -54,15 +54,49 @@ class AuthMiddleware(BaseHTTPMiddleware):
         super().__init__(app)
 
         self.host = ag.DEFAULT_AGENTA_SINGLETON_INSTANCE.host
-        self.resource_id = (
-            ag.DEFAULT_AGENTA_SINGLETON_INSTANCE.service_id
-            if not _SHARED_SERVICE
-            else None
-        )
+        self.resource_id = ag.DEFAULT_AGENTA_SINGLETON_INSTANCE.service_id
 
     async def dispatch(self, request: Request, call_next: Callable):
+        # Extract request details
+        host = request.client.host if request.client else "unknown"
+        path = request.url.path
+        query = dict(request.query_params)
+        headers = dict(request.headers)
+
+        import logging
+        import json
+
+        # Log the request details
+        logging.error(
+            json.dumps(
+                {
+                    "host": host,
+                    "method": request.method,
+                    "path": path,
+                    "query_params": query,
+                    "headers": headers,
+                },
+                indent=2,
+                ensure_ascii=False,
+            )
+        )
+
+        print(
+            json.dumps(
+                {
+                    "host": host,
+                    "method": request.method,
+                    "path": path,
+                    "query_params": query,
+                    "headers": headers,
+                },
+                indent=2,
+                ensure_ascii=False,
+            )
+        )
+
         try:
-            if _UNAUTHORIZED_ALLOWED or request.url.path in _ALWAYS_ALLOW_LIST:
+            if request.url.path in _ALWAYS_ALLOW_LIST:
                 request.state.auth = {}
 
             else:
@@ -98,7 +132,10 @@ class AuthMiddleware(BaseHTTPMiddleware):
 
             cookies = {"sAccessToken": access_token} if access_token else None
 
-            baggage = request.state.otel.get("baggage") if request.state.otel else {}
+            if not headers and not cookies:
+                log.debug("No auth header nor auth cookie found in the request")
+
+            baggage = request.state.otel["baggage"]
 
             project_id = (
                 # CLEANEST
@@ -107,6 +144,9 @@ class AuthMiddleware(BaseHTTPMiddleware):
                 or request.query_params.get("project_id")
             )
 
+            if not project_id:
+                log.debug("No project ID found in request")
+
             params = {"action": "run_service", "resource_type": "service"}
 
             if self.resource_id:
@@ -128,53 +168,116 @@ class AuthMiddleware(BaseHTTPMiddleware):
                 credentials = _cache.get(_hash)
 
                 if credentials:
+                    log.debug("Using cached credentials")
                     return credentials
 
-            async with httpx.AsyncClient() as client:
-                response = await client.get(
-                    f"{self.host}/api/permissions/verify",
-                    headers=headers,
-                    cookies=cookies,
-                    params=params,
-                )
-
-                if response.status_code == 401:
-                    raise DenyException(
-                        status_code=401,
-                        content="Invalid credentials",
-                    )
-                elif response.status_code == 403:
-                    raise DenyException(
-                        status_code=403,
-                        content="Service execution not allowed.",
-                    )
-                elif response.status_code != 200:
-                    raise DenyException(
-                        status_code=400,
-                        content="Auth: Unexpected Error.",
-                    )
-
-                auth = response.json()
+            try:
+                async with httpx.AsyncClient() as client:
+                    try:
+                        response = await client.get(
+                            f"{self.host}/api/permissions/verify",
+                            headers=headers,
+                            cookies=cookies,
+                            params=params,
+                            timeout=30.0,
+                        )
+                    except httpx.TimeoutException as exc:
+                        log.debug(f"Timeout error while verify credentials: {exc}")
+                        raise DenyException(
+                            status_code=504,
+                            content="Could not verify credentials: connection to {self.host} timed out. Please check your network connection.",
+                        ) from exc
+                    except httpx.ConnectError as exc:
+                        log.debug(f"Connection error while verify credentials: {exc}")
+                        raise DenyException(
+                            status_code=503,
+                            content=f"Could not verify credentials: connection to {self.host} failed. Please check if agenta is available.",
+                        ) from exc
+                    except httpx.NetworkError as exc:
+                        log.debug(f"Network error while verify credentials: {exc}")
+                        raise DenyException(
+                            status_code=503,
+                            content="Could not verify credentials: connection to {self.host} failed. Please check your network connection.",
+                        ) from exc
+                    except httpx.HTTPError as exc:
+                        log.debug(f"HTTP error while verify credentials: {exc}")
+                        raise DenyException(
+                            status_code=502,
+                            content=f"Could not verify credentials: connection to {self.host} failed. Please check if agenta is available.",
+                        ) from exc
+
+                    if response.status_code == 401:
+                        log.debug("Agenta returned 401 - Invalid credentials")
+                        raise DenyException(
+                            status_code=401,
+                            content="Invalid credentials. Please check your credentials or login again.",
+                        )
+                    elif response.status_code == 403:
+                        log.debug("Agenta returned 403 - Permission denied")
+                        raise DenyException(
+                            status_code=403,
+                            content="Permission denied. Please check your permissions or contact your administrator.",
+                        )
+                    elif response.status_code != 200:
+                        log.debug(
+                            f"Agenta returned {response.status_code} - Unexpected status code"
+                        )
+                        raise DenyException(
+                            status_code=500,
+                            content=f"Could no verify credentials: {self.host} returned unexpected status code {response.status_code}. Please try again later or contact support if the issue persists.",
+                        )
+
+                    try:
+                        auth = response.json()
+                    except ValueError as exc:
+                        log.debug(f"Agenta returned invalid JSON response: {exc}")
+                        raise DenyException(
+                            status_code=500,
+                            content=f"Could no verify credentials: {self.host} returned unexpected invalid JSON response. Please try again later or contact support if the issue persists.",
+                        ) from exc
+
+                    if not isinstance(auth, dict):
+                        log.debug(
+                            f"Agenta returned invalid response format: {type(auth)}"
+                        )
+                        raise DenyException(
+                            status_code=500,
+                            content=f"Could no verify credentials: {self.host} returned unexpected invalid response format. Please try again later or contact support if the issue persists.",
+                        )
+
+                    effect = auth.get("effect")
+                    if effect != "allow":
+                        log.debug("Access denied by Agenta - effect: {effect}")
+                        raise DenyException(
+                            status_code=403,
+                            content="Permission denied. Please check your permissions or contact your administrator.",
+                        )
+
+                    credentials = auth.get("credentials")
+
+                    if not credentials:
+                        log.debug("No credentials found in the response")
+
+                    _cache.put(_hash, credentials)
 
-                if auth.get("effect") != "allow":
-                    raise DenyException(
-                        status_code=403,
-                        content="Service execution not allowed.",
-                    )
-
-                credentials = auth.get("credentials")
-
-                _cache.put(_hash, credentials)
+                    return credentials
 
-                return credentials
+            except DenyException as deny:
+                raise deny
+            except Exception as exc:  # pylint: disable=bare-except
+                log.debug(
+                    f"Unexpected error while verifying credentials (remote): {exc}"
+                )
+                raise DenyException(
+                    status_code=500,
+                    content=f"Could no verify credentials: unexpected error - {str(exc)}. Please try again later or contact support if the issue persists.",
+                ) from exc
 
         except DenyException as deny:
             raise deny
-
-        except Exception as exc:  # pylint: disable=bare-except
-            display_exception("Auth Middleware Exception (suppressed)")
-
+        except Exception as exc:
+            log.debug(f"Unexpected error while verifying credentials (local): {exc}")
             raise DenyException(
                 status_code=500,
-                content="Auth: Unexpected Error.",
+                content=f"Could no verify credentials: unexpected error - {str(exc)}. Please try again later or contact support if the issue persists.",
             ) from exc

agenta/sdk/middleware/config.py

@@ -17,7 +17,7 @@ from agenta.sdk.utils.exceptions import suppress
 import agenta as ag
 
 
-_CACHE_ENABLED = getenv("AGENTA_MIDDLEWARE_CACHE_ENABLED", "true").lower() in TRUTHY
+_CACHE_ENABLED = getenv("AGENTA_MIDDLEWARE_CACHE_ENABLED", "false").lower() in TRUTHY
 
 _cache = TTLLRUCache(capacity=CACHE_CAPACITY, ttl=CACHE_TTL)
 
@@ -92,7 +92,7 @@ class ConfigMiddleware(BaseHTTPMiddleware):
 
                 return parameters, references
 
-        config = None
+        config = {}
         async with httpx.AsyncClient() as client:
             response = await client.post(
                 f"{self.host}/api/variants/configs/fetch",
@@ -100,21 +100,25 @@ class ConfigMiddleware(BaseHTTPMiddleware):
                 json=refs,
             )
 
-            if response.status_code != 200:
-                return None, None
-
-            config = response.json()
+            if response.status_code == 200:
+                config = response.json()
 
         if not config:
-            _cache.put(_hash, {"parameters": None, "references": None})
+            config["application_ref"] = refs[
+                "application_ref"
+            ]  # by default, application_ref will always have an id
+            parameters = None
+        else:
+            parameters = config.get("params")
 
-            return None, None
+        references = {}
 
-        parameters = config.get("params")
+        ref_keys = ["application_ref"]
 
-        references = {}
+        if config:
+            ref_keys.extend(["variant_ref", "environment_ref"])
 
-        for ref_key in ["application_ref", "variant_ref", "environment_ref"]:
+        for ref_key in ref_keys:
             refs = config.get(ref_key)
             if refs:
                 ref_prefix = ref_key.split("_", maxsplit=1)[0]
@@ -123,7 +127,7 @@ class ConfigMiddleware(BaseHTTPMiddleware):
                     ref_part = refs.get(ref_part_key)
 
                     if ref_part:
-                        references[ref_prefix + "." + ref_part_key] = ref_part
+                        references[ref_prefix + "." + ref_part_key] = str(ref_part)
 
         _cache.put(_hash, {"parameters": parameters, "references": references})
 
@@ -133,7 +137,7 @@ class ConfigMiddleware(BaseHTTPMiddleware):
         self,
         request: Request,
     ) -> Optional[Reference]:
-        baggage = request.state.otel.get("baggage") if request.state.otel else {}
+        baggage = request.state.otel["baggage"]
 
         body = {}
         try:
@@ -160,19 +164,27 @@ class ConfigMiddleware(BaseHTTPMiddleware):
             or body.get("app")
         )
 
-        if not any([application_id, application_slug]):
+        application_version = (
+            # CLEANEST
+            baggage.get("application_version")
+            # ALTERNATIVE
+            or request.query_params.get("application_version")
+        )
+
+        if not any([application_id, application_slug, application_version]):
             return None
 
         return Reference(
             id=application_id,
             slug=application_slug,
+            version=application_version,
         )
 
     async def _parse_variant_ref(
         self,
         request: Request,
     ) -> Optional[Reference]:
-        baggage = request.state.otel.get("baggage") if request.state.otel else {}
+        baggage = request.state.otel["baggage"]
 
         body = {}
         try:
@@ -215,7 +227,7 @@ class ConfigMiddleware(BaseHTTPMiddleware):
         self,
         request: Request,
     ) -> Optional[Reference]:
-        baggage = request.state.otel.get("baggage") if request.state.otel else {}
+        baggage = request.state.otel["baggage"]
 
         body = {}
         try:

agenta/sdk/middleware/inline.py

@@ -21,7 +21,7 @@ class InlineMiddleware(BaseHTTPMiddleware):
         request.state.inline = False
 
         with suppress():
-            baggage = request.state.otel.get("baggage") if request.state.otel else {}
+            baggage = request.state.otel["baggage"]
 
             inline = (
                 str(

agenta/sdk/middleware/mock.py

@@ -19,7 +19,7 @@ class MockMiddleware(BaseHTTPMiddleware):
         request.state.mock = None
 
         with suppress():
-            baggage = request.state.otel.get("baggage") if request.state.otel else {}
+            baggage = request.state.otel["baggage"]
 
             mock = (
                 # CLEANEST

agenta/sdk/middleware/otel.py

@@ -13,7 +13,7 @@ class OTelMiddleware(BaseHTTPMiddleware):
         super().__init__(app)
 
     async def dispatch(self, request: Request, call_next: Callable):
-        request.state.otel = {}
+        request.state.otel = {"baggage": {}}
 
         with suppress():
             baggage = await self._get_baggage(request)

agenta/sdk/middleware/vault.py

@@ -24,7 +24,7 @@ for arg in ProviderKind.__args__:  # type: ignore
     if hasattr(arg, "__args__"):
         _PROVIDER_KINDS.extend(arg.__args__)
 
-_CACHE_ENABLED = getenv("AGENTA_MIDDLEWARE_CACHE_ENABLED", "true").lower() in TRUTHY
+_CACHE_ENABLED = getenv("AGENTA_MIDDLEWARE_CACHE_ENABLED", "false").lower() in TRUTHY
 
 _cache = TTLLRUCache(capacity=CACHE_CAPACITY, ttl=CACHE_TTL)
 

agenta/sdk/tracing/exporters.py

@@ -48,7 +48,6 @@ class InlineTraceExporter(SpanExporter):
         trace_id: int,
     ) -> bool:
         is_ready = trace_id in self._registry
-
         return is_ready
 
     def fetch(

agenta/sdk/tracing/inline.py

@@ -701,15 +701,6 @@ def _parse_from_semconv(
 def _parse_from_links(
     otel_span_dto: OTelSpanDTO,
 ) -> dict:
-    # TESTING
-    otel_span_dto.links = [
-        OTelLinkDTO(
-            context=otel_span_dto.context,
-            attributes={"ag.type.link": "testcase"},
-        )
-    ]
-    # -------
-
     # LINKS
     links = None
     otel_links = None
@@ -926,8 +917,9 @@ def parse_to_agenta_span_dto(
     if span_dto.refs:
         span_dto.refs = _unmarshal_attributes(span_dto.refs)
 
-    for link in span_dto.links:
-        link.tree_id = None
+    if isinstance(span_dto.links, list):
+        for link in span_dto.links:
+            link.tree_id = None
 
     if span_dto.nodes:
         for v in span_dto.nodes.values():
@@ -1030,6 +1022,24 @@ def _parse_readable_spans(
     otel_span_dtos = list()
 
     for span in spans:
+        otel_events = [
+            OTelEventDTO(
+                name=event.name,
+                timestamp=_timestamp_ns_to_datetime(event.timestamp),
+                attributes=event.attributes,
+            )
+            for event in span.events
+        ]
+        otel_links = [
+            OTelLinkDTO(
+                context=OTelContextDTO(
+                    trace_id=_int_to_hex(link.context.trace_id, 128),
+                    span_id=_int_to_hex(link.context.span_id, 64),
+                ),
+                attributes=link.attributes,
+            )
+            for link in span.links
+        ]
         otel_span_dto = OTelSpanDTO(
             context=OTelContextDTO(
                 trace_id=_int_to_hex(span.get_span_context().trace_id, 128),
@@ -1045,14 +1055,7 @@ def _parse_readable_spans(
             status_code=OTelStatusCode("STATUS_CODE_" + span.status.status_code.name),
             status_message=span.status.description,
             attributes=span.attributes,
-            events=[
-                OTelEventDTO(
-                    name=event.name,
-                    timestamp=_timestamp_ns_to_datetime(event.timestamp),
-                    attributes=event.attributes,
-                )
-                for event in span.events
-            ],
+            events=otel_events if len(otel_events) > 0 else None,
             parent=(
                 OTelContextDTO(
                     trace_id=_int_to_hex(span.parent.trace_id, 128),
@@ -1061,16 +1064,7 @@ def _parse_readable_spans(
                 if span.parent
                 else None
             ),
-            links=[
-                OTelLinkDTO(
-                    context=OTelContextDTO(
-                        trace_id=_int_to_hex(link.context.trace_id, 128),
-                        span_id=_int_to_hex(link.context.span_id, 64),
-                    ),
-                    attributes=link.attributes,
-                )
-                for link in span.links
-            ],
+            links=otel_links if len(otel_links) > 0 else None,
         )
 
         otel_span_dtos.append(otel_span_dto)
@@ -1121,7 +1115,9 @@ def calculate_costs(span_idx: Dict[str, SpanDTO]):
             and span.meta
             and span.metrics
         ):
-            model = span.meta.get("response.model")
+            model = span.meta.get("response.model") or span.meta.get(
+                "configuration.model"
+            )
             prompt_tokens = span.metrics.get("unit.tokens.prompt", 0.0)
             completion_tokens = span.metrics.get("unit.tokens.completion", 0.0)
 

agenta/sdk/types.py

@@ -7,7 +7,7 @@ from pydantic import ConfigDict, BaseModel, HttpUrl
 from agenta.client.backend.types.agenta_node_dto import AgentaNodeDto
 from agenta.client.backend.types.agenta_nodes_response import AgentaNodesResponse
 from typing import Annotated, List, Union, Optional, Dict, Literal, Any
-from pydantic import BaseModel, Field, root_validator
+from pydantic import BaseModel, Field, model_validator
 from agenta.sdk.assets import supported_llm_models
 
 
@@ -36,12 +36,14 @@ class LLMTokenUsage(BaseModel):
 
 
 class BaseResponse(BaseModel):
-    version: Optional[str] = "3.1"
+    version: Optional[str] = "3.0"
     data: Optional[Union[str, Dict[str, Any]]] = None
     content_type: Optional[str] = "string"
     tree: Optional[AgentaNodesResponse] = None
     tree_id: Optional[str] = None
 
+    model_config = ConfigDict(use_enum_values=True, exclude_none=True)
+
 
 class DictInput(dict):
     def __new__(cls, default_keys: Optional[List[str]] = None):
@@ -327,30 +329,31 @@ class ModelConfig(BaseModel):
     )
 
     temperature: Optional[float] = Field(
-        default=1,
+        default=None,
         ge=0.0,
         le=2.0,
         description="What sampling temperature to use, between 0 and 2. Higher values like 0.8 will make the output more random, while lower values like 0.2 will make it more focused and deterministic",
     )
     max_tokens: Optional[int] = Field(
-        default=-1,
+        default=None,
         ge=0,
+        le=4000,
         description="The maximum number of tokens that can be generated in the chat completion",
     )
     top_p: Optional[float] = Field(
-        default=0.5,
+        default=None,
         ge=0.0,
         le=1.0,
         description="An alternative to sampling with temperature, called nucleus sampling, where the model considers the results of the tokens with top_p probability mass",
     )
     frequency_penalty: Optional[float] = Field(
-        default=0,
+        default=None,
         ge=-2.0,
         le=2.0,
         description="Number between -2.0 and 2.0. Positive values penalize new tokens based on their existing frequency in the text so far",
     )
     presence_penalty: Optional[float] = Field(
-        default=0,
+        default=None,
         ge=-2.0,
         le=2.0,
         description="Number between -2.0 and 2.0. Positive values penalize new tokens based on whether they appear in the text so far",
@@ -405,7 +408,7 @@ class PromptTemplate(BaseModel):
     system_prompt: Optional[str] = None
     user_prompt: Optional[str] = None
     template_format: Literal["fstring", "jinja2", "curly"] = Field(
-        default="fstring",
+        default="curly",
         description="Format type for template variables: fstring {var}, jinja2 {{ var }}, or curly {{var}}",
     )
     input_keys: Optional[List[str]] = Field(
@@ -425,7 +428,7 @@ class PromptTemplate(BaseModel):
         }
     }
 
-    @root_validator(pre=True)
+    @model_validator(mode="before")
     def init_messages(cls, values):
         if "messages" not in values:
             messages = []