alita-sdk 0.3.379__py3-none-any.whl → 0.3.627__py3-none-any.whl

alita_sdk/configurations/__init__.py

@@ -25,7 +25,6 @@ def _safe_import_configuration(
 _safe_import_configuration('github', 'github', 'GithubConfiguration')
 _safe_import_configuration('pgvector', 'pgvector', 'PgVectorConfiguration')
 _safe_import_configuration('ado', 'ado', 'AdoConfiguration')
-_safe_import_configuration('ado_repos', 'ado', 'AdoReposConfiguration')
 _safe_import_configuration('gitlab', 'gitlab', 'GitlabConfiguration')
 _safe_import_configuration('qtest', 'qtest', 'QtestConfiguration')
 _safe_import_configuration('bitbucket', 'bitbucket', 'BitbucketConfiguration')
@@ -53,6 +52,7 @@ _safe_import_configuration('sharepoint', 'sharepoint', 'SharepointConfiguration'
 _safe_import_configuration('carrier', 'carrier', 'CarrierConfiguration')
 _safe_import_configuration('report_portal', 'report_portal', 'ReportPortalConfiguration')
 _safe_import_configuration('testio', 'testio', 'TestIOConfiguration')
+_safe_import_configuration('openapi', 'openapi', 'OpenApiConfiguration')
 
 # Log import summary
 available_count = len(AVAILABLE_CONFIGURATIONS)

alita_sdk/configurations/ado.py

@@ -1,5 +1,8 @@
+import re
 from typing import Optional
+from urllib.parse import quote
 
+import requests
 from pydantic import BaseModel, ConfigDict, Field, SecretStr
 
 
@@ -19,25 +22,143 @@ class AdoConfiguration(BaseModel):
     project: str = Field(description="ADO project")
     token: Optional[SecretStr] = Field(description="ADO Token")
 
+    @staticmethod
+    def check_connection(settings: dict) -> str | None:
+        """
+        Test the connection to Azure DevOps API.
 
-class AdoReposConfiguration(BaseModel):
-    model_config = ConfigDict(
-        json_schema_extra={
-            "metadata": {
-                "label": "ADO repos",
-                "icon_url": "ado-repos-icon.svg",
-                "section": "credentials",
-                "type": "ado_repos",
-                "categories": ["code repositories"],
-            }
-        }
-    )
-    repository_id: str = Field(description="ADO repository ID")
+        Args:
+            settings: Dictionary containing 'organization_url', 'project', and optionally 'token'
 
-    ado_configuration: AdoConfiguration = Field(
-        default_factory=AdoConfiguration,
-        description="ADO configuration",
-        json_schema_extra={
-            'configuration_types': ['ado']
-        }
-    )
+        Returns:
+            None if connection is successful, error message string otherwise
+        """
+        organization_url = settings.get("organization_url")
+        if organization_url is None or organization_url == "":
+            if organization_url == "":
+                return "Organization URL cannot be empty"
+            return "Organization URL is required"
+
+        # Validate organization URL format
+        if not isinstance(organization_url, str):
+            return "Organization URL must be a string"
+
+        organization_url = organization_url.strip()
+        if not organization_url:
+            return "Organization URL cannot be empty"
+
+        if not organization_url.startswith(("http://", "https://")):
+            return "Organization URL must start with http:// or https://"
+
+        # Remove trailing slash for consistency
+        organization_url = organization_url.rstrip("/")
+
+        project = settings.get("project")
+        if project is None or project == "":
+            if project == "":
+                return "Project cannot be empty"
+            return "Project is required"
+
+        # Validate project format
+        if not isinstance(project, str):
+            return "Project must be a string"
+
+        project = project.strip()
+        if not project:
+            return "Project cannot be empty"
+
+        token = settings.get("token")
+
+        # Extract secret value if it's a SecretStr
+        if token is not None and hasattr(token, "get_secret_value"):
+            token = token.get_secret_value()
+
+        # Validate token if provided
+        if token is not None and (not token or not token.strip()):
+            return "Token cannot be empty if provided"
+
+        # NOTE on verification strategy:
+        # - Project endpoints can work anonymously for public projects.
+        #   That makes them a weak signal for detecting a bad/expired token.
+        # - If a token is provided, first validate it against a profile endpoint
+        #   that requires authentication, then check project access.
+
+        # Strictly require a canonical organization URL so we can build reliable API URLs.
+        # Supported formats:
+        # - https://dev.azure.com/<org>
+        # - https://<org>.visualstudio.com
+        org_name: str | None = None
+        org_url_kind: str | None = None  # 'dev.azure.com' | '*.visualstudio.com'
+        m = re.match(r"^https?://dev\.azure\.com/(?P<org>[^/]+)$", organization_url, flags=re.IGNORECASE)
+        if m:
+            org_name = m.group('org')
+            org_url_kind = 'dev.azure.com'
+        else:
+            m = re.match(r"^https?://(?P<org>[^/.]+)\.visualstudio\.com$", organization_url, flags=re.IGNORECASE)
+            if m:
+                org_name = m.group('org')
+                org_url_kind = '*.visualstudio.com'
+
+        if org_name is None:
+            return (
+                "Organization URL format is invalid. Use 'https://dev.azure.com/<org>' "
+                "(recommended) or 'https://<org>.visualstudio.com'."
+            )
+
+        project_encoded = quote(project, safe="")
+        project_url = f"{organization_url}/_apis/projects/{project_encoded}?api-version=7.0"
+        # Auth-required endpoint to validate PAT (works regardless of project visibility)
+        if org_url_kind == 'dev.azure.com':
+            profile_url = f"https://vssps.dev.azure.com/{org_name}/_apis/profile/profiles/me?api-version=7.1-preview.3"
+        else:
+            # For legacy org URLs, use the matching vssps host
+            profile_url = f"https://{org_name}.vssps.visualstudio.com/_apis/profile/profiles/me?api-version=7.1-preview.3"
+
+        try:
+            headers = {}
+            if token:
+                # Use Basic Auth with PAT token (username can be empty)
+                from requests.auth import HTTPBasicAuth
+                auth = HTTPBasicAuth("", token)
+
+                # 1) Validate token first (strong signal)
+                profile_resp = requests.get(profile_url, auth=auth, timeout=10)
+                if profile_resp.status_code == 200:
+                    pass
+                elif profile_resp.status_code == 401:
+                    return "Invalid or expired token (PAT). Please generate a new token and try again."
+                elif profile_resp.status_code == 403:
+                    return "Token is valid but lacks permission to access profile. Check PAT scopes/permissions."
+                elif profile_resp.status_code == 404:
+                    return "Organization not found. Verify the Organization URL."
+                else:
+                    return f"Token validation failed (HTTP {profile_resp.status_code})."
+
+                # 2) Validate project access
+                response = requests.get(project_url, auth=auth, timeout=10)
+            else:
+                # Try without authentication (works for public projects)
+                response = requests.get(project_url, headers=headers, timeout=10)
+
+            if response.status_code == 200:
+                return None  # Connection successful
+            elif response.status_code == 401:
+                if token:
+                    return "Not authorized. Token may be invalid for this organization or expired."
+                else:
+                    return "Authentication required - project may be private"
+            elif response.status_code == 403:
+                return "Access forbidden - token may lack required permissions for this project"
+            elif response.status_code == 404:
+                return f"Project '{project}' not found or not accessible. Check project name and organization URL."
+            else:
+                return f"Connection failed (HTTP {response.status_code})."
+
+        except requests.exceptions.Timeout:
+            return "Connection timeout - Azure DevOps did not respond within 10 seconds"
+        except requests.exceptions.ConnectionError:
+            return "Connection error - unable to reach Azure DevOps. Check the Organization URL and your network."
+        except requests.exceptions.RequestException as e:
+            return f"Request failed: {str(e)}"
+        except Exception:
+            return "Unexpected error during Azure DevOps connection check"

alita_sdk/configurations/bitbucket.py

@@ -1,5 +1,3 @@
-from typing import Optional
-
 from pydantic import BaseModel, ConfigDict, Field, SecretStr
 
 
@@ -30,3 +28,97 @@ class BitbucketConfiguration(BaseModel):
     url: str = Field(description="Bitbucket URL")
     username: str = Field(description="Bitbucket Username")
     password: SecretStr = Field(description="Bitbucket Password/App Password")
+
+    @staticmethod
+    def check_connection(settings: dict) -> str | None:
+        """
+        Check the connection to Bitbucket.
+        
+        Args:
+            settings: Dictionary containing Bitbucket configuration
+                - url: Bitbucket instance URL (required)
+                - username: Bitbucket username (required)
+                - password: Password or App Password (required)
+        
+        Returns:
+            None if connection successful, error message string if failed
+        """
+        import requests
+        from requests.auth import HTTPBasicAuth
+        
+        # Validate url
+        url = settings.get("url", "").strip()
+        if not url:
+            return "Bitbucket URL is required"
+        
+        # Normalize URL - remove trailing slashes
+        url = url.rstrip("/")
+        
+        # Basic URL validation
+        if not url.startswith(("http://", "https://")):
+            return "Bitbucket URL must start with http:// or https://"
+        
+        # Validate username
+        username = settings.get("username", "").strip()
+        if not username:
+            return "Bitbucket username is required"
+        
+        # Validate password
+        password = settings.get("password")
+        if not password:
+            return "Bitbucket password is required"
+        
+        # Extract password value if it's a SecretStr
+        password_value = password.get_secret_value() if hasattr(password, 'get_secret_value') else password
+        
+        if not password_value or not str(password_value).strip():
+            return "Bitbucket password cannot be empty"
+        
+        # Detect if this is Bitbucket Cloud or Server/Data Center
+        is_cloud = "bitbucket.org" in url.lower() or "api.bitbucket.org" in url.lower()
+        is_correct_bitbucket_domain = "bitbucket" in url.lower()
+        
+        if is_cloud:
+            # Bitbucket Cloud: Use API v2.0
+            # Endpoint: /2.0/user - returns current authenticated user
+            test_url = f"{url}/2.0/user"
+        else:
+            # Bitbucket Server/Data Center: Use API v1.0
+            # Endpoint: /rest/api/1.0/users/{username}
+            test_url = f"{url}/rest/api/1.0/users/{username}"
+        
+        try:
+            response = requests.get(
+                test_url,
+                auth=HTTPBasicAuth(username, str(password_value).strip()),
+                timeout=10
+            )
+            
+            # Check response status
+            if response.status_code == 200:
+                # Successfully connected and authenticated
+                return None
+            elif response.status_code == 401:
+                return "Authentication failed: invalid username or password"
+            elif response.status_code == 403:
+                return "Access forbidden: check user permissions"
+            elif response.status_code == 404:
+                if not is_correct_bitbucket_domain:
+                    return f"Url you provided is incorrect. Please provide correct server or cloud bitbucket url."
+                if is_cloud:
+                    return "Bitbucket API endpoint not found: please provide the correct bitbucket cloud URL"
+                else:
+                    return "Bitbucket API endpoint not found: please provide the correct bitbucket server URL"
+            else:
+                return f"Bitbucket API returned status code {response.status_code}"
+
+        except requests.exceptions.SSLError as e:
+            return f"SSL certificate verification failed: {str(e)}"
+        except requests.exceptions.ConnectionError:
+            return f"Cannot connect to Bitbucket at {url if not is_cloud else 'api.bitbucket.org'}: connection refused"
+        except requests.exceptions.Timeout:
+            return f"Connection to Bitbucket at {url if not is_cloud else 'api.bitbucket.org'} timed out"
+        except requests.exceptions.RequestException as e:
+            return f"Error connecting to Bitbucket: {str(e)}"
+        except Exception as e:
+            return f"Unexpected error: {str(e)}"

alita_sdk/configurations/confluence.py

@@ -1,5 +1,7 @@
 from typing import Optional
+from urllib.parse import urlparse, urlunparse
 
+from atlassian import Confluence
 from pydantic import BaseModel, ConfigDict, Field, SecretStr
 
 
@@ -34,4 +36,131 @@ class ConfluenceConfiguration(BaseModel):
     base_url: str = Field(description="Confluence URL")
     username: Optional[str] = Field(description="Confluence Username", default=None)
     api_key: Optional[SecretStr] = Field(description="Confluence API Key", default=None)
-    token: Optional[SecretStr] = Field(description="Confluence Token", default=None)
+    token: Optional[SecretStr] = Field(description="Confluence Token", default=None)
+
+    @staticmethod
+    def check_connection(settings: dict) -> str | None:
+        """
+        Check the connection to Confluence.
+        
+        Args:
+            settings: Dictionary containing Confluence configuration
+                - base_url: Confluence instance URL (required)
+                - username: Username for Basic Auth (optional)
+                - api_key: API key/password for Basic Auth (optional)
+                - token: Bearer token for authentication (optional)
+        
+        Returns:
+            None if connection successful, error message string if failed
+        """
+        import requests
+        from requests.auth import HTTPBasicAuth
+        
+        # Validate base_url
+        base_url_input = settings.get("base_url", "")
+        base_url = base_url_input.strip() if isinstance(base_url_input, str) else ""
+        if not base_url:
+            return "Confluence URL is required"
+        
+        # Basic URL validation
+        if not base_url.startswith(("http://", "https://")):
+            return "Confluence URL must start with http:// or https://"
+
+        # Normalize URL - remove trailing slashes
+        base_url = base_url.rstrip("/")
+
+        # Build candidate base URLs.
+        # Confluence Cloud REST API is typically under /wiki. Users often paste
+        # https://<site>.atlassian.net and shouldn't be forced to know about /wiki.
+        parsed = urlparse(base_url)
+        host = (parsed.hostname or "").lower()
+        path = parsed.path or ""
+
+        def with_wiki_path(url: str) -> str:
+            p = urlparse(url)
+            # Keep existing path if it already starts with /wiki
+            if (p.path or "").startswith("/wiki"):
+                return url
+            # Append /wiki, preserving any existing path (rare but safe)
+            new_path = (p.path or "") + "/wiki"
+            return urlunparse(p._replace(path=new_path.rstrip("/")))
+
+        candidate_base_urls: list[str] = []
+        if host.endswith(".atlassian.net"):
+            # For Atlassian Cloud, prefer the /wiki variant first
+            candidate_base_urls.append(with_wiki_path(base_url))
+        candidate_base_urls.append(base_url)
+        # De-duplicate while preserving order
+        candidate_base_urls = list(dict.fromkeys(candidate_base_urls))
+        
+        # Check authentication credentials
+        username = settings.get("username")
+        api_key = settings.get("api_key")
+        token = settings.get("token")
+
+        api_key_value = api_key.get_secret_value() if hasattr(api_key, 'get_secret_value') else api_key
+        token_value = token.get_secret_value() if hasattr(token, 'get_secret_value') else token
+
+        # Validate authentication - at least one method must be provided
+        has_basic_auth = bool(username and api_key_value and str(api_key_value).strip())
+        has_token = bool(token_value and str(token_value).strip())
+        
+        # Determine authentication method
+        auth_headers = {}
+        auth = None
+        
+        if has_token:
+            # Bearer token authentication
+            auth_headers["Authorization"] = f"Bearer {token_value}"
+        elif has_basic_auth:
+            # Basic authentication
+            auth = HTTPBasicAuth(username, api_key_value)
+        else:
+            return "Authentication required: provide either token or both username and api_key"
+        
+        try:
+            # Test connection using /rest/api/user/current endpoint
+            # This endpoint returns current user info and validates authentication
+            last_status = None
+            for candidate_base in candidate_base_urls:
+                test_url = f"{candidate_base}/rest/api/user/current"
+                response = requests.get(
+                    test_url,
+                    auth=auth,
+                    headers=auth_headers,
+                    timeout=10
+                )
+                last_status = response.status_code
+
+                if response.status_code == 200:
+                    return None
+
+                # If we get 404 on the first candidate, try the next one
+                if response.status_code == 404:
+                    continue
+
+                if response.status_code == 401:
+                    return "Invalid credentials (401) - check token or username/api_key"
+                if response.status_code == 403:
+                    return "Access forbidden (403) - credentials lack Confluence permissions"
+                if response.status_code == 429:
+                    return "Rate limited (429) - please try again later"
+                if 500 <= response.status_code <= 599:
+                    return f"Confluence service error (HTTP {response.status_code})"
+                return f"Confluence request failed (HTTP {response.status_code})"
+
+            # All candidates returned 404
+            return "Confluence API endpoint not found (404) - verify the Confluence URL"
+
+        except requests.exceptions.SSLError as e:
+            if 'Hostname mismatch' in str(e):
+                return "SSL error - hostname mismatch. Verify the Confluence URL"
+            return "SSL error - certificate verification failed"
+        except requests.exceptions.ConnectionError:
+            return "Connection error - unable to reach Confluence. Check URL and network."
+        except requests.exceptions.Timeout:
+            return "Connection timeout - Confluence did not respond within 10 seconds. Check URL and network."
+        except requests.exceptions.RequestException as e:
+            return f"Request failed: {str(e)}"
+        except Exception:
+            return "Unexpected error during Confluence connection check"

alita_sdk/configurations/figma.py

@@ -1,8 +1,30 @@
+from json import JSONDecodeError
 from typing import Optional
 
+import requests
 from pydantic import BaseModel, ConfigDict, Field, SecretStr
 
 
+def _parse_error_response(response: requests.Response) -> Optional[str]:
+    """
+    Parse error response from Figma API to extract detailed error message.
+
+    Args:
+        response: Response object from requests
+
+    Returns:
+        Detailed error message if found, None otherwise
+    """
+    try:
+        json_response = response.json()
+        error = json_response.get("err") or json_response.get("error")
+        if error and 'Invalid token' in str(error):
+            return "Invalid token. Please verify the Figma token and try again."
+    except (JSONDecodeError, KeyError, AttributeError):
+        pass
+    return None
+
+
 class FigmaConfiguration(BaseModel):
     model_config = ConfigDict(
         json_schema_extra={
@@ -28,3 +50,57 @@ class FigmaConfiguration(BaseModel):
         }
     )
     token: Optional[SecretStr] = Field(description="Figma Token", json_schema_extra={"secret": True}, default=None)
+
+    @staticmethod
+    def check_connection(settings: dict) -> str | None:
+        """
+        Test the connection to Figma API.
+
+        Args:
+            settings: Dictionary containing 'token' (required)
+
+        Returns:
+            None if connection is successful, error message string otherwise
+        """
+        token = settings.get("token")
+        if token is None:
+            return "Token is required"
+
+        # Extract secret value if it's a SecretStr
+        if hasattr(token, "get_secret_value"):
+            token = token.get_secret_value()
+
+        # Validate token is not empty
+        if not token or not token.strip():
+            return "Token cannot be empty"
+
+        # Figma API endpoint
+        base_url = "https://api.figma.com"
+        endpoint = f"{base_url}/v1/me"
+
+        try:
+            response = requests.get(
+                endpoint,
+                headers={"X-Figma-Token": token},
+                timeout=10,
+            )
+
+            if response.status_code == 200:
+                return None  # Connection successful
+            elif response.status_code == 401:
+                detailed_error = _parse_error_response(response)
+                return detailed_error if detailed_error else "Invalid token"
+            elif response.status_code == 403:
+                detailed_error = _parse_error_response(response)
+                return detailed_error if detailed_error else "Access forbidden - token may lack required permissions"
+            else:
+                return f"Connection failed with status {response.status_code}"
+
+        except requests.exceptions.Timeout:
+            return "Connection timeout - Figma API is not responding"
+        except requests.exceptions.ConnectionError:
+            return "Connection error - unable to reach Figma API"
+        except requests.exceptions.RequestException as e:
+            return f"Request failed: {str(e)}"
+        except Exception as e:
+            return f"Unexpected error: {str(e)}"

alita_sdk/configurations/gitlab.py

@@ -29,3 +29,94 @@ class GitlabConfiguration(BaseModel):
     )
     url: str = Field(description="GitLab URL")
     private_token: SecretStr = Field(description="GitLab private token")
+
+    @staticmethod
+    def check_connection(settings: dict) -> str | None:
+        """
+        Check the connection to GitLab.
+        
+        Args:
+            settings: Dictionary containing GitLab configuration
+                - url: GitLab instance URL (required)
+                - private_token: GitLab private token for authentication (required)
+        
+        Returns:
+            None if connection successful, error message string if failed
+        """
+        import requests
+        from urllib.parse import urlparse
+        
+        # Validate url
+        url = settings.get("url", "").strip()
+        if not url:
+            return "GitLab URL is required"
+        
+        parsed_url = urlparse(url)
+        if parsed_url.scheme not in {"http", "https"}:
+            return "GitLab URL must start with http:// or https://"
+
+        if not parsed_url.netloc:
+            return "GitLab URL is invalid"
+
+        # Reject non-base URLs (project/file links), and require a clean base URL.
+        # Expected format: <http/https>://<domain>[/]
+        if parsed_url.query or parsed_url.fragment or (parsed_url.path not in {"", "/"}):
+            base_suggestion = f"{parsed_url.scheme}://{parsed_url.netloc}/"
+            return f"GitLab URL must be a base URL like {base_suggestion}"
+
+        # Normalize URL - ensure no trailing slash
+        url = f"{parsed_url.scheme}://{parsed_url.netloc}"
+        
+        # Validate private_token
+        private_token = settings.get("private_token")
+        if not private_token:
+            return "GitLab private token is required"
+        
+        # Extract token value if it's a SecretStr
+        token_value = private_token.get_secret_value() if hasattr(private_token, 'get_secret_value') else private_token
+        
+        if not token_value or not str(token_value).strip():
+            return "GitLab private token cannot be empty"
+        
+        # Test connection using /api/v4/user endpoint
+        # This endpoint returns current authenticated user info
+        test_url = f"{url}/api/v4/user"
+        
+        # GitLab supports both PRIVATE-TOKEN header and Authorization Bearer
+        # Using PRIVATE-TOKEN is GitLab-specific and more explicit
+        headers = {
+            "PRIVATE-TOKEN": str(token_value).strip()
+        }
+        
+        try:
+            response = requests.get(
+                test_url,
+                headers=headers,
+                timeout=10
+            )
+            
+            # Check response status
+            if response.status_code == 200:
+                # Successfully connected and authenticated
+                return None
+            elif response.status_code == 401:
+                return "Authentication failed: invalid private token"
+            elif response.status_code == 403:
+                return "Access forbidden: token lacks required permissions"
+            elif response.status_code == 404:
+                return "GitLab API endpoint not found: verify the GitLab URL"
+            else:
+                return f"GitLab API returned status code {response.status_code}"
+
+        except requests.exceptions.SSLError as e:
+            if 'Hostname mismatch' in str(e):
+                return "GitLab API endpoint not found: verify the GitLab URL"
+            return f"SSL certificate verification failed: {str(e)}"
+        except requests.exceptions.ConnectionError:
+            return f"Cannot connect to GitLab at {url}: connection refused"
+        except requests.exceptions.Timeout:
+            return f"Connection to GitLab at {url} timed out"
+        except requests.exceptions.RequestException as e:
+            return f"Error connecting to GitLab: {str(e)}"
+        except Exception as e:
+            return f"Unexpected error: {str(e)}"