airbyte-agent-shopify 0.1.1__py3-none-any.whl → 0.1.13__py3-none-any.whl

airbyte_agent_shopify/_vendored/connector_sdk/auth_strategies.py

@@ -152,6 +152,11 @@ class OAuth2AuthConfig(TypedDict, total=False):
             Note: Any config key can be used as a template variable in refresh_url.
             Common patterns: subdomain (Zendesk), shop (Shopify), region (AWS-style APIs).
 
+        additional_headers: Extra headers to inject alongside the OAuth2 Bearer token.
+            Useful for APIs that require both OAuth and an API key/client ID header.
+            Values support Jinja2 {{ variable }} template syntax to reference secrets.
+            Example: {"Amazon-Advertising-API-ClientId": "{{ client_id }}"}
+
     Examples:
         GitHub (simple):
             {"header": "Authorization", "prefix": "Bearer"}
@@ -169,6 +174,14 @@ class OAuth2AuthConfig(TypedDict, total=False):
                 "auth_style": "basic",
                 "body_format": "json"
             }
+
+        Amazon Ads (OAuth + additional client ID header):
+            {
+                "refresh_url": "https://api.amazon.com/auth/o2/token",
+                "additional_headers": {
+                    "Amazon-Advertising-API-ClientId": "{{ client_id }}"
+                }
+            }
     """
 
     header: str
@@ -177,6 +190,7 @@ class OAuth2AuthConfig(TypedDict, total=False):
     auth_style: AuthStyle
     body_format: BodyFormat
     subdomain: str
+    additional_headers: dict[str, str]
 
 
 class OAuth2AuthSecrets(TypedDict):
@@ -552,9 +566,10 @@ class OAuth2AuthStrategy(AuthStrategy):
         config: OAuth2AuthConfig,
         secrets: OAuth2AuthSecrets,
     ) -> dict[str, str]:
-        """Inject OAuth2 access token into headers.
+        """Inject OAuth2 access token and additional headers.
 
-        Creates a copy of the headers dict with the OAuth2 token added.
+        Creates a copy of the headers dict with the OAuth2 token added,
+        plus any additional headers configured via additional_headers.
         The original headers dict is not modified.
 
         Args:
@@ -563,7 +578,7 @@ class OAuth2AuthStrategy(AuthStrategy):
             secrets: OAuth2 credentials including access_token
 
         Returns:
-            New headers dict with OAuth2 token authentication injected
+            New headers dict with OAuth2 token and additional headers injected
 
         Raises:
             AuthenticationError: If access_token is missing
@@ -589,8 +604,44 @@ class OAuth2AuthStrategy(AuthStrategy):
         # Extract secret value (handle both SecretStr and plain str)
         token_value = extract_secret_value(access_token)
 
-        # Inject into headers
+        # Inject OAuth2 Bearer token
         headers[header_name] = f"{prefix} {token_value}"
+
+        # Inject additional headers if configured
+        additional_headers = config.get("additional_headers")
+        if additional_headers:
+            headers = self._inject_additional_headers(headers, additional_headers, secrets)
+
+        return headers
+
+    def _inject_additional_headers(
+        self,
+        headers: dict[str, str],
+        additional_headers: dict[str, str],
+        secrets: dict[str, Any],
+    ) -> dict[str, str]:
+        """Inject additional headers with Jinja2 template variable substitution.
+
+        Processes additional_headers config, substituting {{ variable }} patterns
+        with values from secrets using Jinja2 templating.
+
+        Args:
+            headers: Headers dict to add to (modified in place)
+            additional_headers: Header name -> value template mapping
+            secrets: Secrets dict for variable substitution
+
+        Returns:
+            Headers dict with additional headers added
+        """
+        # Build template context with extracted secret values
+        template_context = {key: extract_secret_value(value) for key, value in secrets.items()}
+
+        for header_name, value_template in additional_headers.items():
+            # Use Jinja2 templating for variable substitution
+            template = Template(value_template)
+            header_value = template.render(**template_context)
+            headers[header_name] = header_value
+
         return headers
 
     def validate_credentials(self, secrets: OAuth2AuthSecrets) -> None:  # type: ignore[override]

airbyte_agent_shopify/_vendored/connector_sdk/connector_model_loader.py

@@ -62,6 +62,53 @@ class TokenExtractValidationError(ConnectorModelLoaderError):
     pass
 
 
+# Expected auth_mapping keys for each auth type.
+# These are the auth parameters that each security scheme expects, NOT the user's credential field names.
+EXPECTED_AUTH_MAPPING_KEYS: dict[AuthType, set[str]] = {
+    AuthType.BEARER: {"token"},
+    AuthType.BASIC: {"username", "password"},
+    AuthType.API_KEY: {"api_key"},
+    AuthType.OAUTH2: {"access_token", "refresh_token", "client_id", "client_secret"},
+}
+
+
+def _validate_auth_mapping_keys(
+    auth_type: AuthType,
+    auth_config: AirbyteAuthConfig | None,
+    scheme_name: str = "default",
+) -> None:
+    """Validate that auth_mapping keys match expected parameters for the auth type.
+
+    The auth_mapping keys must be the parameters expected by the security scheme
+    (e.g., "token" for bearer), not the user's credential field names.
+
+    Args:
+        auth_type: The authentication type
+        auth_config: The x-airbyte-auth-config containing auth_mapping
+        scheme_name: Name of the security scheme for error messages
+
+    Raises:
+        InvalidOpenAPIError: If auth_mapping keys don't match expected parameters
+    """
+    if auth_config is None or auth_config.auth_mapping is None:
+        return  # No explicit auth_mapping, will use defaults
+
+    expected_keys = EXPECTED_AUTH_MAPPING_KEYS.get(auth_type)
+    if expected_keys is None:
+        return  # Unknown auth type, skip validation
+
+    actual_keys = set(auth_config.auth_mapping.keys())
+    invalid_keys = actual_keys - expected_keys
+
+    if invalid_keys:
+        raise InvalidOpenAPIError(
+            f"Invalid auth_mapping keys for {auth_type.value} auth in scheme '{scheme_name}': {invalid_keys}. "
+            f"Expected keys for {auth_type.value}: {sorted(expected_keys)}. "
+            f"Note: auth_mapping keys must be the auth parameters (e.g., 'token' for bearer), "
+            f'not your credential field names. Use template syntax to map: token: "${{your_field}}"'
+        )
+
+
 def extract_path_params(path: str) -> list[str]:
     """Extract parameter names from path template.
 
@@ -145,6 +192,87 @@ def _deproxy_schema(obj: Any) -> Any:
         return obj
 
 
+def _type_includes(type_value: Any, target: str) -> bool:
+    if isinstance(type_value, list):
+        return target in type_value
+    return type_value == target
+
+
+def _flatten_cache_properties(properties: dict[str, Any], prefix: str) -> list[str]:
+    entries: list[str] = []
+    for prop_name, prop in properties.items():
+        path = f"{prefix}{prop_name}" if prefix else prop_name
+        entries.append(path)
+
+        prop_type = getattr(prop, "type", None) if not isinstance(prop, dict) else prop.get("type")
+        prop_properties = getattr(prop, "properties", None) if not isinstance(prop, dict) else prop.get("properties")
+
+        if _type_includes(prop_type, "array"):
+            array_path = f"{path}[]"
+            entries.append(array_path)
+            if isinstance(prop_properties, dict):
+                entries.extend(_flatten_cache_properties(prop_properties, prefix=f"{array_path}."))
+        elif isinstance(prop_properties, dict):
+            entries.extend(_flatten_cache_properties(prop_properties, prefix=f"{path}."))
+
+    return entries
+
+
+def _flatten_cache_field_paths(field: Any) -> list[str]:
+    field_name = getattr(field, "name", None) if not isinstance(field, dict) else field.get("name")
+    if not isinstance(field_name, str) or not field_name:
+        return []
+
+    field_type = getattr(field, "type", None) if not isinstance(field, dict) else field.get("type")
+    field_properties = getattr(field, "properties", None) if not isinstance(field, dict) else field.get("properties")
+
+    entries = [field_name]
+    if _type_includes(field_type, "array"):
+        array_path = f"{field_name}[]"
+        entries.append(array_path)
+        if isinstance(field_properties, dict):
+            entries.extend(_flatten_cache_properties(field_properties, prefix=f"{array_path}."))
+    elif isinstance(field_properties, dict):
+        entries.extend(_flatten_cache_properties(field_properties, prefix=f"{field_name}."))
+
+    return entries
+
+
+def _dedupe_strings(values: list[str]) -> list[str]:
+    seen: set[str] = set()
+    ordered: list[str] = []
+    for value in values:
+        if value not in seen:
+            seen.add(value)
+            ordered.append(value)
+    return ordered
+
+
+def _extract_search_field_paths(spec: OpenAPIConnector) -> dict[str, list[str]]:
+    cache_config = getattr(spec.info, "x_airbyte_cache", None)
+    entities = getattr(cache_config, "entities", None)
+    if not isinstance(entities, list):
+        return {}
+
+    search_fields: dict[str, list[str]] = {}
+    for entity in entities:
+        entity_name = getattr(entity, "entity", None) if not isinstance(entity, dict) else entity.get("entity")
+        if not isinstance(entity_name, str) or not entity_name:
+            continue
+
+        fields = getattr(entity, "fields", None) if not isinstance(entity, dict) else entity.get("fields")
+        if not isinstance(fields, list):
+            continue
+
+        field_paths: list[str] = []
+        for field in fields:
+            field_paths.extend(_flatten_cache_field_paths(field))
+
+        search_fields[entity_name] = _dedupe_strings(field_paths)
+
+    return search_fields
+
+
 def parse_openapi_spec(raw_config: dict) -> OpenAPIConnector:
     """Parse OpenAPI specification from YAML.
 
@@ -188,7 +316,7 @@ def parse_openapi_spec(raw_config: dict) -> OpenAPIConnector:
 
 def _extract_request_body_config(
     request_body: RequestBody | None, spec_dict: dict[str, Any]
-) -> tuple[list[str], dict[str, Any] | None, dict[str, Any] | None]:
+) -> tuple[list[str], dict[str, Any] | None, dict[str, Any] | None, dict[str, Any]]:
     """Extract request body configuration (GraphQL or standard).
 
     Args:
@@ -196,17 +324,19 @@ def _extract_request_body_config(
         spec_dict: Full OpenAPI spec dict for $ref resolution
 
     Returns:
-        Tuple of (body_fields, request_schema, graphql_body)
+        Tuple of (body_fields, request_schema, graphql_body, request_body_defaults)
         - body_fields: List of field names for standard JSON/form bodies
         - request_schema: Resolved request schema dict (for standard bodies)
         - graphql_body: GraphQL body configuration dict (for GraphQL bodies)
+        - request_body_defaults: Default values for request body fields
     """
     body_fields: list[str] = []
     request_schema: dict[str, Any] | None = None
     graphql_body: dict[str, Any] | None = None
+    request_body_defaults: dict[str, Any] = {}
 
     if not request_body:
-        return body_fields, request_schema, graphql_body
+        return body_fields, request_schema, graphql_body, request_body_defaults
 
     # Check for GraphQL extension and extract GraphQL body configuration
     if request_body.x_airbyte_body_type:
@@ -216,7 +346,7 @@ def _extract_request_body_config(
         if isinstance(body_type_config, GraphQLBodyConfig):
             # Convert Pydantic model to dict, excluding None values
             graphql_body = body_type_config.model_dump(exclude_none=True, by_alias=False)
-            return body_fields, request_schema, graphql_body
+            return body_fields, request_schema, graphql_body, request_body_defaults
 
     # Parse standard request body
     for content_type_key, media_type in request_body.content.items():
@@ -226,11 +356,15 @@ def _extract_request_body_config(
         # Resolve all $refs in the schema using jsonref
         request_schema = resolve_schema_refs(schema, spec_dict)
 
-        # Extract body field names from resolved schema
+        # Extract body field names and defaults from resolved schema
         if isinstance(request_schema, dict) and "properties" in request_schema:
             body_fields = list(request_schema["properties"].keys())
+            # Extract default values for each property
+            for field_name, field_schema in request_schema["properties"].items():
+                if isinstance(field_schema, dict) and "default" in field_schema:
+                    request_body_defaults[field_name] = field_schema["default"]
 
-    return body_fields, request_schema, graphql_body
+    return body_fields, request_schema, graphql_body, request_body_defaults
 
 
 def convert_openapi_to_connector_model(spec: OpenAPIConnector) -> ConnectorModel:
@@ -315,6 +449,8 @@ def convert_openapi_to_connector_model(spec: OpenAPIConnector) -> ConnectorModel
             query_params: list[str] = []
             query_params_schema: dict[str, dict[str, Any]] = {}
             deep_object_params: list[str] = []
+            header_params: list[str] = []
+            header_params_schema: dict[str, dict[str, Any]] = {}
 
             if operation.parameters:
                 for param in operation.parameters:
@@ -336,9 +472,12 @@ def convert_openapi_to_connector_model(spec: OpenAPIConnector) -> ConnectorModel
                         # Check if this is a deepObject style parameter
                         if hasattr(param, "style") and param.style == "deepObject":
                             deep_object_params.append(param.name)
+                    elif param.in_ == "header":
+                        header_params.append(param.name)
+                        header_params_schema[param.name] = schema_info
 
-            # Extract body fields from request schema
-            body_fields, request_schema, graphql_body = _extract_request_body_config(operation.request_body, spec_dict)
+            # Extract body fields and defaults from request schema
+            body_fields, request_schema, graphql_body, request_body_defaults = _extract_request_body_config(operation.request_body, spec_dict)
 
             # Extract response schema
             response_schema = None
@@ -372,6 +511,9 @@ def convert_openapi_to_connector_model(spec: OpenAPIConnector) -> ConnectorModel
                 deep_object_params=deep_object_params,
                 path_params=path_params,
                 path_params_schema=path_params_schema,
+                header_params=header_params,
+                header_params_schema=header_params_schema,
+                request_body_defaults=request_body_defaults,
                 content_type=content_type,
                 request_schema=request_schema,
                 response_schema=response_schema,
@@ -420,6 +562,8 @@ def convert_openapi_to_connector_model(spec: OpenAPIConnector) -> ConnectorModel
     if not connector_id:
         raise InvalidOpenAPIError("Missing required x-airbyte-connector-id field")
 
+    search_field_paths = _extract_search_field_paths(spec)
+
     # Create ConnectorModel
     model = ConnectorModel(
         id=connector_id,
@@ -430,6 +574,7 @@ def convert_openapi_to_connector_model(spec: OpenAPIConnector) -> ConnectorModel
         entities=entities,
         openapi_spec=spec,
         retry_config=retry_config,
+        search_field_paths=search_field_paths,
     )
 
     return model
@@ -535,6 +680,13 @@ def _parse_oauth2_config(scheme: Any) -> dict[str, str]:
     if x_token_extract:
         config["token_extract"] = x_token_extract
 
+    # Extract additional_headers from x-airbyte-auth-config extension
+    x_auth_config = getattr(scheme, "x_airbyte_auth_config", None)
+    if x_auth_config:
+        additional_headers = getattr(x_auth_config, "additional_headers", None)
+        if additional_headers:
+            config["additional_headers"] = additional_headers
+
     return config
 
 
@@ -606,7 +758,6 @@ def _generate_default_auth_config(auth_type: AuthType) -> AirbyteAuthConfig:
                     description="Authentication bearer token",
                     format=None,
                     pattern=None,
-                    airbyte_secret=False,
                     default=None,
                 )
             },
@@ -626,7 +777,6 @@ def _generate_default_auth_config(auth_type: AuthType) -> AirbyteAuthConfig:
                     description="Authentication username",
                     format=None,
                     pattern=None,
-                    airbyte_secret=False,
                     default=None,
                 ),
                 "password": AuthConfigFieldSpec(
@@ -635,7 +785,6 @@ def _generate_default_auth_config(auth_type: AuthType) -> AirbyteAuthConfig:
                     description="Authentication password",
                     format=None,
                     pattern=None,
-                    airbyte_secret=False,
                     default=None,
                 ),
             },
@@ -655,7 +804,6 @@ def _generate_default_auth_config(auth_type: AuthType) -> AirbyteAuthConfig:
                     description="API authentication key",
                     format=None,
                     pattern=None,
-                    airbyte_secret=False,
                     default=None,
                 )
             },
@@ -680,7 +828,6 @@ def _generate_default_auth_config(auth_type: AuthType) -> AirbyteAuthConfig:
                     description="OAuth2 access token",
                     format=None,
                     pattern=None,
-                    airbyte_secret=False,
                     default=None,
                 ),
                 "refresh_token": AuthConfigFieldSpec(
@@ -689,7 +836,6 @@ def _generate_default_auth_config(auth_type: AuthType) -> AirbyteAuthConfig:
                     description="OAuth2 refresh token (optional)",
                     format=None,
                     pattern=None,
-                    airbyte_secret=False,
                     default=None,
                 ),
                 "client_id": AuthConfigFieldSpec(
@@ -698,7 +844,6 @@ def _generate_default_auth_config(auth_type: AuthType) -> AirbyteAuthConfig:
                     description="OAuth2 client ID (optional)",
                     format=None,
                     pattern=None,
-                    airbyte_secret=False,
                     default=None,
                 ),
                 "client_secret": AuthConfigFieldSpec(
@@ -707,7 +852,6 @@ def _generate_default_auth_config(auth_type: AuthType) -> AirbyteAuthConfig:
                     description="OAuth2 client secret (optional)",
                     format=None,
                     pattern=None,
-                    airbyte_secret=False,
                     default=None,
                 ),
             },
@@ -819,6 +963,9 @@ def _parse_single_security_scheme(scheme: Any) -> AuthConfig:
         oauth2_config = _parse_oauth2_config(scheme)
         # Use explicit x-airbyte-auth-config if present, otherwise generate default
         auth_config_obj = scheme.x_airbyte_auth_config or _generate_default_auth_config(AuthType.OAUTH2)
+        # Validate auth_mapping keys if explicitly provided
+        if scheme.x_airbyte_auth_config:
+            _validate_auth_mapping_keys(AuthType.OAUTH2, scheme.x_airbyte_auth_config)
         return AuthConfig(
             type=AuthType.OAUTH2,
             config=oauth2_config,
@@ -829,6 +976,10 @@ def _parse_single_security_scheme(scheme: Any) -> AuthConfig:
     # Use explicit x-airbyte-auth-config if present, otherwise generate default
     auth_config_obj = scheme.x_airbyte_auth_config or _generate_default_auth_config(auth_type)
 
+    # Validate auth_mapping keys if explicitly provided
+    if scheme.x_airbyte_auth_config:
+        _validate_auth_mapping_keys(auth_type, scheme.x_airbyte_auth_config)
+
     return AuthConfig(
         type=auth_type,
         config=auth_config,

airbyte_agent_shopify/_vendored/connector_sdk/executor/local_executor.py

@@ -64,6 +64,7 @@ class _OperationContext:
         self.build_path = executor._build_path
         self.extract_query_params = executor._extract_query_params
         self.extract_body = executor._extract_body
+        self.extract_header_params = executor._extract_header_params
         self.build_request_body = executor._build_request_body
         self.determine_request_format = executor._determine_request_format
         self.validate_required_body_fields = executor._validate_required_body_fields
@@ -693,6 +694,40 @@ class LocalExecutor:
         """
         return {key: value for key, value in params.items() if key in allowed_fields and value is not None}
 
+    def _extract_header_params(self, endpoint: EndpointDefinition, params: dict[str, Any], body: dict[str, Any] | None = None) -> dict[str, str]:
+        """Extract header parameters from params and schema defaults.
+
+        Also adds Content-Type header when there's a request body (unless already specified
+        as a header parameter in the OpenAPI spec).
+
+        Args:
+            endpoint: Endpoint definition with header_params and header_params_schema
+            params: All parameters
+            body: Request body (if any) - used to determine if Content-Type should be added
+
+        Returns:
+            Dictionary of header name -> value
+        """
+        headers: dict[str, str] = {}
+
+        for header_name in endpoint.header_params:
+            # Check if value is provided in params
+            if header_name in params and params[header_name] is not None:
+                headers[header_name] = str(params[header_name])
+            # Otherwise, use default from schema if available
+            elif header_name in endpoint.header_params_schema:
+                default_value = endpoint.header_params_schema[header_name].get("default")
+                if default_value is not None:
+                    headers[header_name] = str(default_value)
+
+        # Add Content-Type header when there's a request body, but only if not already
+        # specified as a header parameter (which allows custom content types like
+        # application/vnd.spCampaign.v3+json)
+        if body is not None and endpoint.content_type and "Content-Type" not in headers:
+            headers["Content-Type"] = endpoint.content_type.value
+
+        return headers
+
     def _serialize_deep_object_params(self, params: dict[str, Any], deep_object_param_names: list[str]) -> dict[str, Any]:
         """Serialize deepObject parameters to bracket notation format.
 
@@ -848,7 +883,15 @@ class LocalExecutor:
             param_defaults = {name: schema.get("default") for name, schema in endpoint.query_params_schema.items() if "default" in schema}
             return self._build_graphql_body(endpoint.graphql_body, params, param_defaults)
         elif endpoint.body_fields:
-            return self._extract_body(endpoint.body_fields, params)
+            # Start with defaults from request body schema
+            body = dict(endpoint.request_body_defaults)
+            # Override with user-provided params (filtering out None values)
+            user_body = self._extract_body(endpoint.body_fields, params)
+            body.update(user_body)
+            return body if body else None
+        elif endpoint.request_body_defaults:
+            # If no body_fields but we have defaults, return the defaults
+            return dict(endpoint.request_body_defaults)
         return None
 
     def _flatten_form_data(self, data: dict[str, Any], parent_key: str = "") -> dict[str, Any]:
@@ -989,7 +1032,9 @@ class LocalExecutor:
         if "variables" in graphql_config and graphql_config["variables"]:
             variables = self._interpolate_variables(graphql_config["variables"], params, param_defaults)
             # Filter out None values (optional fields not provided) - matches REST _extract_body() behavior
-            body["variables"] = {k: v for k, v in variables.items() if v is not None}
+            # But preserve None for variables explicitly marked as nullable (e.g., to unassign a user)
+            nullable_vars = set(graphql_config.get("x-airbyte-nullable-variables") or [])
+            body["variables"] = {k: v for k, v in variables.items() if v is not None or k in nullable_vars}
 
         # Add operation name if specified
         if "operationName" in graphql_config:
@@ -1484,6 +1529,9 @@ class _StandardOperationHandler:
                 # Determine request format (json/data parameters)
                 request_kwargs = self.ctx.determine_request_format(endpoint, body)
 
+                # Extract header parameters from OpenAPI operation (pass body to add Content-Type)
+                header_params = self.ctx.extract_header_params(endpoint, params, body)
+
                 # Execute async HTTP request
                 response_data, response_headers = await self.ctx.http_client.request(
                     method=endpoint.method,
@@ -1491,6 +1539,7 @@ class _StandardOperationHandler:
                     params=query_params if query_params else None,
                     json=request_kwargs.get("json"),
                     data=request_kwargs.get("data"),
+                    headers=header_params if header_params else None,
                 )
 
                 # Extract metadata from original response (before record extraction)