PyPI - agentstack-sdk - Versions diffs - 0.5.0rc5__py3-none-any.whl → 0.5.1rc3__py3-none-any.whl - Mend

agentstack-sdk 0.5.0rc5py3-none-any.whl → 0.5.1rc3py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

agentstack_sdk/a2a/extensions/__init__.py +1 -0
agentstack_sdk/a2a/extensions/auth/oauth/oauth.py +16 -9
agentstack_sdk/a2a/extensions/auth/secrets/secrets.py +12 -6
agentstack_sdk/a2a/extensions/base.py +20 -11
agentstack_sdk/a2a/extensions/interactions/__init__.py +4 -0
agentstack_sdk/a2a/extensions/interactions/approval.py +125 -0
agentstack_sdk/a2a/extensions/services/embedding.py +10 -3
agentstack_sdk/a2a/extensions/services/llm.py +6 -4
agentstack_sdk/a2a/extensions/services/mcp.py +8 -4
agentstack_sdk/a2a/extensions/services/platform.py +34 -16
agentstack_sdk/a2a/extensions/ui/__init__.py +1 -0
agentstack_sdk/a2a/extensions/ui/canvas.py +6 -3
agentstack_sdk/a2a/extensions/ui/error.py +5 -4
agentstack_sdk/a2a/extensions/ui/form_request.py +6 -3
agentstack_sdk/a2a/types.py +2 -11
agentstack_sdk/platform/client.py +10 -8
agentstack_sdk/platform/context.py +15 -1
agentstack_sdk/server/agent.py +19 -9
agentstack_sdk/server/app.py +7 -0
agentstack_sdk/server/dependencies.py +13 -8
agentstack_sdk/server/exceptions.py +3 -0
agentstack_sdk/server/middleware/__init__.py +3 -0
agentstack_sdk/server/middleware/platform_auth_backend.py +131 -0
agentstack_sdk/server/server.py +19 -5
agentstack_sdk/types.py +15 -0
{agentstack_sdk-0.5.0rc5.dist-info → agentstack_sdk-0.5.1rc3.dist-info}/METADATA +3 -1
{agentstack_sdk-0.5.0rc5.dist-info → agentstack_sdk-0.5.1rc3.dist-info}/RECORD +28 -22
{agentstack_sdk-0.5.0rc5.dist-info → agentstack_sdk-0.5.1rc3.dist-info}/WHEEL +0 -0

agentstack_sdk/a2a/types.py CHANGED Viewed

@@ -1,7 +1,7 @@
 # Copyright 2025 © BeeAI a Series of LF Projects, LLC
 # SPDX-License-Identifier: Apache-2.0
 import uuid
-from typing import TYPE_CHECKING, Literal, TypeAlias
+from typing import Literal, TypeAlias
 from a2a.types import (
     Artifact,
@@ -20,16 +20,7 @@ from a2a.types import (
 )
 from pydantic import Field, model_validator
-if TYPE_CHECKING:
-    JsonValue: TypeAlias = list["JsonValue"] | dict[str, "JsonValue"] | str | bool | int | float | None
-    JsonDict: TypeAlias = dict[str, JsonValue]
-else:
-    from typing import Union
-    from typing_extensions import TypeAliasType
-    JsonValue = TypeAliasType("JsonValue", "Union[dict[str, JsonValue], list[JsonValue], str, int, float, bool, None]")  # noqa: UP007
-    JsonDict = TypeAliasType("JsonDict", "dict[str, JsonValue]")
+from agentstack_sdk.types import JsonDict, JsonValue
 class Metadata(dict[str, JsonValue]): ...

agentstack_sdk/platform/client.py CHANGED Viewed

@@ -5,7 +5,7 @@ import contextlib
 import os
 import ssl
 import typing
-from collections.abc import AsyncIterator
+from collections.abc import AsyncIterator, Mapping
 from types import TracebackType
 import httpx
@@ -14,6 +14,7 @@ from httpx._client import EventHook
 from httpx._config import DEFAULT_LIMITS, DEFAULT_MAX_REDIRECTS, Limits
 from httpx._types import AuthTypes, CertTypes, CookieTypes, HeaderTypes, ProxyTypes, QueryParamTypes, TimeoutTypes
 from pydantic import Secret
+from typing_extensions import override
 from agentstack_sdk.util import resource_context
@@ -26,7 +27,7 @@ class PlatformClient(httpx.AsyncClient):
     def __init__(
         self,
         context_id: str | None = None,  # Enter context scope
-        auth_token: str | Secret | None = None,
+        auth_token: str | Secret[str] | None = None,
         *,
         auth: AuthTypes | None = None,
         params: QueryParamTypes | None = None,
@@ -37,12 +38,12 @@ class PlatformClient(httpx.AsyncClient):
         http1: bool = True,
         http2: bool = False,
         proxy: ProxyTypes | None = None,
-        mounts: None | (typing.Mapping[str, AsyncBaseTransport | None]) = None,
+        mounts: None | (Mapping[str, AsyncBaseTransport | None]) = None,
         timeout: TimeoutTypes = DEFAULT_SDK_TIMEOUT,
         follow_redirects: bool = False,
         limits: Limits = DEFAULT_LIMITS,
         max_redirects: int = DEFAULT_MAX_REDIRECTS,
-        event_hooks: None | (typing.Mapping[str, list[EventHook]]) = None,
+        event_hooks: None | (Mapping[str, list[EventHook]]) = None,
         base_url: URL | str = "",
         transport: AsyncBaseTransport | None = None,
         trust_env: bool = True,
@@ -74,16 +75,18 @@ class PlatformClient(httpx.AsyncClient):
         self.context_id = context_id
         if auth_token:
             self.headers["Authorization"] = f"Bearer {auth_token}"
-        self._ref_count = 0
-        self._context_manager_lock = asyncio.Lock()
+        self._ref_count: int = 0
+        self._context_manager_lock: asyncio.Lock = asyncio.Lock()
+    @override
     async def __aenter__(self) -> typing.Self:
         async with self._context_manager_lock:
             self._ref_count += 1
             if self._ref_count == 1:
-                await super().__aenter__()
+                _ = await super().__aenter__()
             return self
+    @override
     async def __aexit__(
         self,
         exc_type: type[BaseException] | None = None,
@@ -94,7 +97,6 @@ class PlatformClient(httpx.AsyncClient):
             self._ref_count -= 1
             if self._ref_count == 0:
                 await super().__aexit__(exc_type, exc_value, traceback)
-                self._resource = None
 get_platform_client, set_platform_client = resource_context(factory=PlatformClient, default_factory=PlatformClient)

agentstack_sdk/platform/context.py CHANGED Viewed

@@ -13,6 +13,7 @@ from pydantic import AwareDatetime, BaseModel, SerializeAsAny
 from agentstack_sdk.platform.client import PlatformClient, get_platform_client
 from agentstack_sdk.platform.common import PaginatedResult
+from agentstack_sdk.platform.provider import Provider
 from agentstack_sdk.platform.types import Metadata, MetadataPatch
 from agentstack_sdk.util.utils import filter_dict
@@ -40,7 +41,7 @@ class ContextPermissions(pydantic.BaseModel):
 class Permissions(ContextPermissions):
     llm: set[Literal["*"] | str] = set()
     embeddings: set[Literal["*"] | str] = set()
-    a2a_proxy: set[Literal["*"]] = set()
+    a2a_proxy: set[Literal["*"] | str] = set()
     model_providers: set[Literal["read", "write", "*"]] = set()
     variables: SerializeAsAny[set[Literal["read", "write", "*"]]] = set()
@@ -179,6 +180,7 @@ class Context(pydantic.BaseModel):
     async def generate_token(
         self: Context | str,
         *,
+        providers: list[str] | list[Provider] | None = None,
         client: PlatformClient | None = None,
         grant_global_permissions: Permissions | None = None,
         grant_context_permissions: ContextPermissions | None = None,
@@ -193,6 +195,18 @@ class Context(pydantic.BaseModel):
         context_id = self if isinstance(self, str) else self.id
         grant_global_permissions = grant_global_permissions or Permissions()
         grant_context_permissions = grant_context_permissions or Permissions()
+        if isinstance(self, Context) and self.metadata and (provider_id := self.metadata.get("provider_id", None)):
+            providers = providers or [provider_id]
+        if "*" not in grant_global_permissions.a2a_proxy and not grant_global_permissions.a2a_proxy:
+            if not providers:
+                raise ValueError(
+                    "Invalid audience: You must specify providers or use '*' in grant_global_permissions.a2a_proxy."
+                )
+            grant_global_permissions.a2a_proxy |= {p.id if isinstance(p, Provider) else p for p in providers}
         async with client or get_platform_client() as client:
             token_response = (
                 (

agentstack_sdk/server/agent.py CHANGED Viewed

@@ -46,7 +46,7 @@ from agentstack_sdk.a2a.extensions.ui.error import (
 from agentstack_sdk.a2a.types import ArtifactChunk, Metadata, RunYield, RunYieldResume
 from agentstack_sdk.server.constants import _IMPLICIT_DEPENDENCY_PREFIX
 from agentstack_sdk.server.context import RunContext
-from agentstack_sdk.server.dependencies import Depends, extract_dependencies
+from agentstack_sdk.server.dependencies import Dependency, Depends, extract_dependencies
 from agentstack_sdk.server.store.context_store import ContextStore
 from agentstack_sdk.server.utils import cancel_task
 from agentstack_sdk.util.logging import logger
@@ -234,6 +234,7 @@ class AgentRun:
         self.last_invocation: datetime = datetime.now()
         self.resume_queue: asyncio.Queue[RunYieldResume] = asyncio.Queue()
         self._run_context: RunContext | None = None
+        self._request_context: RequestContext | None = None
         self._task_updater: TaskUpdater | None = None
         self._context_store: ContextStore = context_store
         self._lock: asyncio.Lock = asyncio.Lock()
@@ -246,6 +247,12 @@ class AgentRun:
             raise RuntimeError("Accessing run context for run that has not been started")
         return self._run_context
+    @property
+    def request_context(self) -> RequestContext:
+        if not self._request_context:
+            raise RuntimeError("Accessing request context for run that has not been started")
+        return self._request_context
     @property
     def task_updater(self) -> TaskUpdater:
         if not self._task_updater:
@@ -261,7 +268,6 @@ class AgentRun:
             self._on_finish()
     async def start(self, request_context: RequestContext, event_queue: EventQueue):
-        # These are incorrectly typed in a2a
         async with self._lock:
             if self._working or self.done:
                 raise RuntimeError("Attempting to start a run that is already executing or done")
@@ -274,6 +280,7 @@ class AgentRun:
                 current_task=request_context.current_task,
                 related_tasks=request_context.related_tasks,
             )
+            self._request_context = request_context
             self._task_updater = TaskUpdater(event_queue, task_id, context_id)
             if not request_context.current_task:
                 await self._task_updater.submit()
@@ -288,11 +295,12 @@ class AgentRun:
                 raise RuntimeError("Attempting to resume a run that is already executing or done")
             task_id, context_id, message = request_context.task_id, request_context.context_id, request_context.message
             assert task_id and context_id and message
+            self._request_context = request_context
             self._task_updater = TaskUpdater(event_queue, task_id, context_id)
             for dependency in self._agent.dependencies.values():
                 if dependency.extension:
-                    dependency.extension.handle_incoming_message(message, self.run_context)
+                    dependency.extension.handle_incoming_message(message, self.run_context, request_context)
             self._working = True
             await self.resume_queue.put(message)
@@ -311,15 +319,15 @@ class AgentRun:
                 await cancel_task(self._task)
     @asynccontextmanager
-    async def _dependencies_lifespan(self, message: Message) -> AsyncIterator[dict[str, Depends]]:
+    async def _dependencies_lifespan(self, message: Message) -> AsyncIterator[dict[str, Dependency]]:
         async with AsyncExitStack() as stack:
-            dependency_args: dict[str, Depends] = {}
+            dependency_args: dict[str, Dependency] = {}
             initialize_deps_exceptions: list[Exception] = []
             for pname, depends in self._agent.dependencies.items():
                 # call dependencies with the first message and initialize their lifespan
                 try:
                     dependency_args[pname] = await stack.enter_async_context(
-                        depends(message, self.run_context, dependency_args)
+                        depends(message, self.run_context, self.request_context, dependency_args)
                     )
                 except Exception as e:
                     initialize_deps_exceptions.append(e)
@@ -524,6 +532,8 @@ class Executor(AgentExecutor):
                 match await tapped_queue.dequeue_event():
                     case TaskStatusUpdateEvent(final=True):
                         break
+                    case _:
+                        pass
         except CancelledError:
             if agent_run:
@@ -571,14 +581,14 @@ class Executor(AgentExecutor):
                         event = await queue.dequeue_event(no_wait=True)
                         if not isinstance(event, TaskStatusUpdateEvent) or event.status.state != TaskState.canceled:
                             raise RuntimeError(f"Something strange occured during scheduled cancel, event: {event}")
-                        _ = await manager.save_task_event(event)
+                        await manager.save_task_event(event)
                         break
                     await asyncio.sleep(2)
             except Exception as ex:
                 logger.error("Error when cleaning up task", exc_info=ex)
             finally:
-                _ = self._running_tasks.pop(task_id, None)
-                _ = self._scheduled_cleanups.pop(task_id, None)
+                self._running_tasks.pop(task_id, None)
+                self._scheduled_cleanups.pop(task_id, None)
         self._scheduled_cleanups[task_id] = asyncio.create_task(cleanup_fn())
         self._scheduled_cleanups[task_id].add_done_callback(lambda _: ...)

agentstack_sdk/server/app.py CHANGED Viewed

@@ -18,6 +18,8 @@ from a2a.server.tasks import (
 from a2a.types import AgentInterface, TransportProtocol
 from fastapi import APIRouter, Depends, FastAPI
 from fastapi.applications import AppType
+from starlette.authentication import AuthenticationBackend
+from starlette.middleware.authentication import AuthenticationMiddleware
 from starlette.types import Lifespan
 from agentstack_sdk.server.agent import Agent, Executor
@@ -37,6 +39,7 @@ def create_app(
     dependencies: list[Depends] | None = None,  # pyright: ignore [reportGeneralTypeIssues]
     override_interfaces: bool = True,
     task_timeout: timedelta = timedelta(minutes=10),
+    auth_backend: AuthenticationBackend | None = None,
     **kwargs,
 ) -> FastAPI:
     queue_manager = queue_manager or InMemoryQueueManager()
@@ -75,6 +78,10 @@ def create_app(
         **kwargs,
     )
+    if auth_backend:
+        rest_app.add_middleware(AuthenticationMiddleware, backend=auth_backend)
+        jsonrpc_app.add_middleware(AuthenticationMiddleware, backend=auth_backend)
     rest_app.mount("/jsonrpc", jsonrpc_app)
     rest_app.include_router(APIRouter(lifespan=lifespan))
     return rest_app

agentstack_sdk/server/dependencies.py CHANGED Viewed

@@ -1,6 +1,8 @@
 # Copyright 2025 © BeeAI a Series of LF Projects, LLC
 # SPDX-License-Identifier: Apache-2.0
+from __future__ import annotations
 import inspect
 from collections import Counter
 from collections.abc import AsyncIterator, Callable
@@ -8,6 +10,7 @@ from contextlib import AbstractAsyncContextManager, asynccontextmanager
 from inspect import isclass
 from typing import Annotated, Any, TypeAlias, Unpack, get_args, get_origin
+from a2a.server.agent_execution.context import RequestContext
 from a2a.types import Message
 from typing_extensions import Doc
@@ -15,7 +18,9 @@ from agentstack_sdk.a2a.extensions import BaseExtensionSpec
 from agentstack_sdk.a2a.extensions.base import BaseExtensionServer
 from agentstack_sdk.server.context import RunContext
-Dependency: TypeAlias = Callable[[Message, RunContext, dict[str, "Dependency"]], Any] | BaseExtensionServer[Any, Any]
+Dependency: TypeAlias = (
+    Callable[[Message, RunContext, RequestContext, dict[str, "Dependency"]], Any] | BaseExtensionServer[Any, Any]
+)
 # Inspired by fastapi.Depends
@@ -34,17 +39,17 @@ class Depends:
             ),
         ],
     ):
-        self._dependency_callable = dependency
+        self._dependency_callable: Dependency = dependency
         if isinstance(dependency, BaseExtensionServer):
             self.extension = dependency
     def __call__(
-        self, message: Message, context: RunContext, dependencies: dict[str, Any]
-    ) -> AbstractAsyncContextManager[Any]:
-        instance = self._dependency_callable(message, context, dependencies)
+        self, message: Message, context: RunContext, request_context: RequestContext, dependencies: dict[str, Any]
+    ) -> AbstractAsyncContextManager[Dependency]:
+        instance = self._dependency_callable(message, context, request_context, dependencies)
         @asynccontextmanager
-        async def lifespan() -> AsyncIterator[Any]:
+        async def lifespan() -> AsyncIterator[Dependency]:
             if self.extension or hasattr(instance, "lifespan"):
                 async with instance.lifespan():
                     yield instance
@@ -80,10 +85,10 @@ def extract_dependencies(sign: inspect.Signature) -> dict[str, Depends]:
         elif inspect.isclass(param.annotation):
             # message: Message
             if param.annotation == Message:
-                dependencies[name] = Depends(lambda message, _context, _dependencies: message)
+                dependencies[name] = Depends(lambda message, _run_context, _request_context, _dependencies: message)
             # context: Context
             elif param.annotation == RunContext:
-                dependencies[name] = Depends(lambda _message, context, _dependencies: context)
+                dependencies[name] = Depends(lambda _message, run_context, _request_context, _dependencies: run_context)
             # extension: BaseExtensionServer = BaseExtensionSpec()
             # TODO: this does not get past linters, should we enable it or somehow fix the typing?
             # elif issubclass(param.annotation, BaseExtensionServer) and isinstance(param.default, BaseExtensionSpec):

agentstack_sdk/server/exceptions.py ADDED Viewed

@@ -0,0 +1,3 @@
+# Copyright 2025 © BeeAI a Series of LF Projects, LLC
+# SPDX-License-Identifier: Apache-2.0

agentstack_sdk/server/middleware/__init__.py ADDED Viewed

@@ -0,0 +1,3 @@
+# Copyright 2026 © BeeAI a Series of LF Projects, LLC
+# SPDX-License-Identifier: Apache-2.0

agentstack_sdk/server/middleware/platform_auth_backend.py ADDED Viewed

@@ -0,0 +1,131 @@
+# Copyright 2025 © BeeAI a Series of LF Projects, LLC
+# SPDX-License-Identifier: Apache-2.0
+import logging
+import os
+from datetime import timedelta
+from urllib.parse import urljoin
+from a2a.auth.user import User
+from async_lru import alru_cache
+from authlib.jose import JsonWebKey, JWTClaims, KeySet, jwt
+from authlib.jose.errors import JoseError
+from fastapi import Request
+from fastapi.security import HTTPBearer
+from pydantic import Secret
+from starlette.authentication import (
+    AuthCredentials,
+    AuthenticationBackend,
+    AuthenticationError,
+    BaseUser,
+)
+from starlette.requests import HTTPConnection
+from typing_extensions import override
+from agentstack_sdk.platform import use_platform_client
+from agentstack_sdk.types import JsonValue
+logger = logging.getLogger(__name__)
+class PlatformAuthenticatedUser(User, BaseUser):
+    def __init__(self, claims: dict[str, JsonValue], auth_token: str):
+        self.claims: dict[str, JsonValue] = claims
+        self.auth_token: Secret[str] = Secret(auth_token)
+    @property
+    @override
+    def is_authenticated(self) -> bool:
+        return True
+    @property
+    @override
+    def user_name(self) -> str:
+        sub = self.claims.get("sub", None)
+        assert sub and isinstance(sub, str)
+        return sub
+    @property
+    @override
+    def display_name(self) -> str:
+        name = self.claims.get("name", None)
+        assert name and isinstance(name, str)
+        return name
+    @property
+    @override
+    def identity(self) -> str:
+        return self.user_name
+@alru_cache(ttl=timedelta(minutes=15).seconds)
+async def discover_jwks() -> KeySet:
+    try:
+        async with use_platform_client() as client:
+            response = await client.get("/.well-known/jwks")
+            return JsonWebKey.import_key_set(response.raise_for_status().json())  # pyright: ignore[reportAny]
+    except Exception as e:
+        url = "{platform_url}/.well-known/jwks"
+        logger.warning(f"JWKS discovery failed for url {url}: {e}")
+        raise RuntimeError(f"JWKS discovery failed for url {url}") from e
+class PlatformAuthBackend(AuthenticationBackend):
+    def __init__(self, public_url: str | None = None, skip_audience_validation: bool | None = None) -> None:
+        self.skip_audience_validation: bool = (
+            skip_audience_validation
+            if skip_audience_validation is not None
+            else os.getenv("PLATFORM_AUTH__SKIP_AUDIENCE_VALIDATION", "false").lower() in ("true", "1")
+        )
+        self._audience: str | None = public_url or os.getenv("PLATFORM_AUTH__PUBLIC_URL", None)
+        if not self.skip_audience_validation and not self._audience:
+            logger.warning(
+                "Public URL is not provided and audience validation is enabled. Proceeding to check audience from the request target URL. "
+                + "This may not work when requests to agents are proxied. (hint: set PLATFORM_AUTH__PUBLIC_URL env variable)"
+            )
+        self.security: HTTPBearer = HTTPBearer(auto_error=False)
+    @override
+    async def authenticate(self, conn: HTTPConnection) -> tuple[AuthCredentials, BaseUser] | None:
+        # We construct a Request object from the scope for compatibility with HTTPBearer and logging
+        request = Request(scope=conn.scope)
+        if request.url.path in ["/healthcheck", "/.well-known/agent-card.json"]:
+            return None
+        if not (auth := await self.security(request)):
+            raise AuthenticationError("Missing Authorization header")
+        audiences: list[str] = []
+        if not self.skip_audience_validation:
+            if self._audience:
+                audiences = [urljoin(self._audience, path) for path in ["/", "/jsonrpc"]]
+            else:
+                audiences = [str(request.url.replace(path=path)) for path in ["/", "/jsonrpc"]]
+        try:
+            # check only hostname urljoin("http://host:port/a/b", "/") -> "http://host:port/"
+            jwks = await discover_jwks()
+            # Verify signature
+            claims: JWTClaims = jwt.decode(
+                auth.credentials,
+                jwks,
+                claims_options={
+                    "sub": {"essential": True},
+                    "exp": {"essential": True},
+                    # "iss": {"essential": True}, # Issuer validation might be tricky if internal/external URLs differ
+                }
+                | ({"aud": {"essential": True, "values": audiences}} if not self.skip_audience_validation else {}),
+            )
+            claims.validate()
+            return AuthCredentials(["authenticated"]), PlatformAuthenticatedUser(claims, auth.credentials)
+        except (ValueError, JoseError) as e:
+            logger.warning(f"Authentication failed: {e}")
+            raise AuthenticationError("Invalid token") from e
+        except Exception as e:
+            logger.error(f"Authentication error: {e}")
+            raise AuthenticationError(f"Authentication failed: {e}") from e

agentstack_sdk/server/server.py CHANGED Viewed

@@ -21,16 +21,15 @@ from a2a.server.tasks import PushNotificationConfigStore, PushNotificationSender
 from a2a.types import AgentExtension
 from fastapi import FastAPI
 from fastapi.applications import AppType
+from fastapi.responses import PlainTextResponse
 from httpx import HTTPError, HTTPStatusError
 from pydantic import AnyUrl
+from starlette.authentication import AuthenticationBackend, AuthenticationError
+from starlette.middleware.authentication import AuthenticationMiddleware
+from starlette.requests import HTTPConnection
 from starlette.types import Lifespan
 from tenacity import AsyncRetrying, retry_if_exception_type, stop_after_attempt, wait_exponential
-from agentstack_sdk.a2a.extensions import AgentDetail, AgentDetailExtensionSpec
-from agentstack_sdk.a2a.extensions.services.platform import (
-    _PlatformSelfRegistrationExtensionParams,
-    _PlatformSelfRegistrationExtensionSpec,
-)
 from agentstack_sdk.platform import get_platform_client
 from agentstack_sdk.platform.client import PlatformClient
 from agentstack_sdk.platform.provider import Provider
@@ -132,6 +131,7 @@ class Server:
         factory: bool = False,
         h11_max_incomplete_event_size: int | None = None,
         self_registration_client_factory: Callable[[], PlatformClient] | None = None,
+        auth_backend: AuthenticationBackend | None = None,
     ) -> None:
         if self.server:
             raise RuntimeError("The server is already running")
@@ -179,6 +179,11 @@ class Server:
             self._agent.card.url = f"http://{host}:{port}"
         if self_registration:
+            from agentstack_sdk.a2a.extensions.services.platform import (
+                _PlatformSelfRegistrationExtensionParams,
+                _PlatformSelfRegistrationExtensionSpec,
+            )
             self._agent.card.capabilities.extensions = [
                 *(self._agent.card.capabilities.extensions or []),
                 *_PlatformSelfRegistrationExtensionSpec(
@@ -198,6 +203,13 @@ class Server:
             request_context_builder=request_context_builder,
         )
+        if auth_backend:
+            def on_error(connection: HTTPConnection, error: AuthenticationError) -> PlainTextResponse:
+                return PlainTextResponse("Unauthorized", status_code=401)
+            app.add_middleware(AuthenticationMiddleware, backend=auth_backend, on_error=on_error)
         if configure_logger:
             configure_logger_func(log_level)
@@ -286,6 +298,8 @@ class Server:
             await self._load_variables()
     async def _load_variables(self, first_run: bool = False) -> None:
+        from agentstack_sdk.a2a.extensions import AgentDetail, AgentDetailExtensionSpec
         assert self.server and self._agent
         if not self._provider_id:
             return

agentstack_sdk/types.py ADDED Viewed

@@ -0,0 +1,15 @@
+# Copyright 2025 © BeeAI a Series of LF Projects, LLC
+# SPDX-License-Identifier: Apache-2.0
+from typing import TYPE_CHECKING, TypeAlias
+if TYPE_CHECKING:
+    JsonValue: TypeAlias = list["JsonValue"] | dict[str, "JsonValue"] | str | bool | int | float | None
+    JsonDict: TypeAlias = dict[str, JsonValue]
+else:
+    from typing import Union
+    from typing_extensions import TypeAliasType
+    JsonValue = TypeAliasType("JsonValue", "Union[dict[str, JsonValue], list[JsonValue], str, int, float, bool, None]")  # noqa: UP007
+    JsonDict = TypeAliasType("JsonDict", "dict[str, JsonValue]")

{agentstack_sdk-0.5.0rc5.dist-info → agentstack_sdk-0.5.1rc3.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: agentstack-sdk
-Version: 0.5.0rc5
+Version: 0.5.1rc3
 Summary: Agent Stack SDK
 Author: IBM Corp.
 Requires-Dist: a2a-sdk==0.3.21
@@ -19,6 +19,8 @@ Requires-Dist: janus>=2.0.0
 Requires-Dist: httpx
 Requires-Dist: mcp>=1.12.3
 Requires-Dist: fastapi>=0.116.1
+Requires-Dist: authlib>=1.3.0
+Requires-Dist: async-lru>=2.0.4
 Requires-Python: >=3.11, <3.14
 Description-Content-Type: text/markdown

agentstack-sdk 0.5.0rc5__py3-none-any.whl → 0.5.1rc3__py3-none-any.whl

agentstack-sdk 0.5.0rc5py3-none-any.whl → 0.5.1rc3py3-none-any.whl