alita-sdk 0.3.462__py3-none-any.whl → 0.3.627__py3-none-any.whl

alita_sdk/configurations/__init__.py

@@ -25,7 +25,6 @@ def _safe_import_configuration(
 _safe_import_configuration('github', 'github', 'GithubConfiguration')
 _safe_import_configuration('pgvector', 'pgvector', 'PgVectorConfiguration')
 _safe_import_configuration('ado', 'ado', 'AdoConfiguration')
-_safe_import_configuration('ado_repos', 'ado', 'AdoReposConfiguration')
 _safe_import_configuration('gitlab', 'gitlab', 'GitlabConfiguration')
 _safe_import_configuration('qtest', 'qtest', 'QtestConfiguration')
 _safe_import_configuration('bitbucket', 'bitbucket', 'BitbucketConfiguration')
@@ -53,6 +52,7 @@ _safe_import_configuration('sharepoint', 'sharepoint', 'SharepointConfiguration'
 _safe_import_configuration('carrier', 'carrier', 'CarrierConfiguration')
 _safe_import_configuration('report_portal', 'report_portal', 'ReportPortalConfiguration')
 _safe_import_configuration('testio', 'testio', 'TestIOConfiguration')
+_safe_import_configuration('openapi', 'openapi', 'OpenApiConfiguration')
 
 # Log import summary
 available_count = len(AVAILABLE_CONFIGURATIONS)

alita_sdk/configurations/ado.py

@@ -1,5 +1,8 @@
+import re
 from typing import Optional
+from urllib.parse import quote
 
+import requests
 from pydantic import BaseModel, ConfigDict, Field, SecretStr
 
 
@@ -19,25 +22,143 @@ class AdoConfiguration(BaseModel):
     project: str = Field(description="ADO project")
     token: Optional[SecretStr] = Field(description="ADO Token")
 
+    @staticmethod
+    def check_connection(settings: dict) -> str | None:
+        """
+        Test the connection to Azure DevOps API.
 
-class AdoReposConfiguration(BaseModel):
-    model_config = ConfigDict(
-        json_schema_extra={
-            "metadata": {
-                "label": "ADO repos",
-                "icon_url": "ado-repos-icon.svg",
-                "section": "credentials",
-                "type": "ado_repos",
-                "categories": ["code repositories"],
-            }
-        }
-    )
-    repository_id: str = Field(description="ADO repository ID")
+        Args:
+            settings: Dictionary containing 'organization_url', 'project', and optionally 'token'
 
-    ado_configuration: AdoConfiguration = Field(
-        default_factory=AdoConfiguration,
-        description="ADO configuration",
-        json_schema_extra={
-            'configuration_types': ['ado']
-        }
-    )
+        Returns:
+            None if connection is successful, error message string otherwise
+        """
+        organization_url = settings.get("organization_url")
+        if organization_url is None or organization_url == "":
+            if organization_url == "":
+                return "Organization URL cannot be empty"
+            return "Organization URL is required"
+
+        # Validate organization URL format
+        if not isinstance(organization_url, str):
+            return "Organization URL must be a string"
+
+        organization_url = organization_url.strip()
+        if not organization_url:
+            return "Organization URL cannot be empty"
+
+        if not organization_url.startswith(("http://", "https://")):
+            return "Organization URL must start with http:// or https://"
+
+        # Remove trailing slash for consistency
+        organization_url = organization_url.rstrip("/")
+
+        project = settings.get("project")
+        if project is None or project == "":
+            if project == "":
+                return "Project cannot be empty"
+            return "Project is required"
+
+        # Validate project format
+        if not isinstance(project, str):
+            return "Project must be a string"
+
+        project = project.strip()
+        if not project:
+            return "Project cannot be empty"
+
+        token = settings.get("token")
+
+        # Extract secret value if it's a SecretStr
+        if token is not None and hasattr(token, "get_secret_value"):
+            token = token.get_secret_value()
+
+        # Validate token if provided
+        if token is not None and (not token or not token.strip()):
+            return "Token cannot be empty if provided"
+
+        # NOTE on verification strategy:
+        # - Project endpoints can work anonymously for public projects.
+        #   That makes them a weak signal for detecting a bad/expired token.
+        # - If a token is provided, first validate it against a profile endpoint
+        #   that requires authentication, then check project access.
+
+        # Strictly require a canonical organization URL so we can build reliable API URLs.
+        # Supported formats:
+        # - https://dev.azure.com/<org>
+        # - https://<org>.visualstudio.com
+        org_name: str | None = None
+        org_url_kind: str | None = None  # 'dev.azure.com' | '*.visualstudio.com'
+        m = re.match(r"^https?://dev\.azure\.com/(?P<org>[^/]+)$", organization_url, flags=re.IGNORECASE)
+        if m:
+            org_name = m.group('org')
+            org_url_kind = 'dev.azure.com'
+        else:
+            m = re.match(r"^https?://(?P<org>[^/.]+)\.visualstudio\.com$", organization_url, flags=re.IGNORECASE)
+            if m:
+                org_name = m.group('org')
+                org_url_kind = '*.visualstudio.com'
+
+        if org_name is None:
+            return (
+                "Organization URL format is invalid. Use 'https://dev.azure.com/<org>' "
+                "(recommended) or 'https://<org>.visualstudio.com'."
+            )
+
+        project_encoded = quote(project, safe="")
+        project_url = f"{organization_url}/_apis/projects/{project_encoded}?api-version=7.0"
+        # Auth-required endpoint to validate PAT (works regardless of project visibility)
+        if org_url_kind == 'dev.azure.com':
+            profile_url = f"https://vssps.dev.azure.com/{org_name}/_apis/profile/profiles/me?api-version=7.1-preview.3"
+        else:
+            # For legacy org URLs, use the matching vssps host
+            profile_url = f"https://{org_name}.vssps.visualstudio.com/_apis/profile/profiles/me?api-version=7.1-preview.3"
+
+        try:
+            headers = {}
+            if token:
+                # Use Basic Auth with PAT token (username can be empty)
+                from requests.auth import HTTPBasicAuth
+                auth = HTTPBasicAuth("", token)
+
+                # 1) Validate token first (strong signal)
+                profile_resp = requests.get(profile_url, auth=auth, timeout=10)
+                if profile_resp.status_code == 200:
+                    pass
+                elif profile_resp.status_code == 401:
+                    return "Invalid or expired token (PAT). Please generate a new token and try again."
+                elif profile_resp.status_code == 403:
+                    return "Token is valid but lacks permission to access profile. Check PAT scopes/permissions."
+                elif profile_resp.status_code == 404:
+                    return "Organization not found. Verify the Organization URL."
+                else:
+                    return f"Token validation failed (HTTP {profile_resp.status_code})."
+
+                # 2) Validate project access
+                response = requests.get(project_url, auth=auth, timeout=10)
+            else:
+                # Try without authentication (works for public projects)
+                response = requests.get(project_url, headers=headers, timeout=10)
+
+            if response.status_code == 200:
+                return None  # Connection successful
+            elif response.status_code == 401:
+                if token:
+                    return "Not authorized. Token may be invalid for this organization or expired."
+                else:
+                    return "Authentication required - project may be private"
+            elif response.status_code == 403:
+                return "Access forbidden - token may lack required permissions for this project"
+            elif response.status_code == 404:
+                return f"Project '{project}' not found or not accessible. Check project name and organization URL."
+            else:
+                return f"Connection failed (HTTP {response.status_code})."
+
+        except requests.exceptions.Timeout:
+            return "Connection timeout - Azure DevOps did not respond within 10 seconds"
+        except requests.exceptions.ConnectionError:
+            return "Connection error - unable to reach Azure DevOps. Check the Organization URL and your network."
+        except requests.exceptions.RequestException as e:
+            return f"Request failed: {str(e)}"
+        except Exception:
+            return "Unexpected error during Azure DevOps connection check"

alita_sdk/configurations/bitbucket.py

@@ -1,6 +1,3 @@
-from typing import Optional
-
-from atlassian import Bitbucket
 from pydantic import BaseModel, ConfigDict, Field, SecretStr
 
 

alita_sdk/configurations/confluence.py

@@ -1,5 +1,7 @@
 from typing import Optional
+from urllib.parse import urlparse, urlunparse
 
+from atlassian import Confluence
 from pydantic import BaseModel, ConfigDict, Field, SecretStr
 
 
@@ -55,25 +57,53 @@ class ConfluenceConfiguration(BaseModel):
         from requests.auth import HTTPBasicAuth
         
         # Validate base_url
-        base_url = settings.get("base_url", "").strip()
+        base_url_input = settings.get("base_url", "")
+        base_url = base_url_input.strip() if isinstance(base_url_input, str) else ""
         if not base_url:
             return "Confluence URL is required"
         
-        # Normalize URL - remove trailing slashes
-        base_url = base_url.rstrip("/")
-        
         # Basic URL validation
         if not base_url.startswith(("http://", "https://")):
             return "Confluence URL must start with http:// or https://"
+
+        # Normalize URL - remove trailing slashes
+        base_url = base_url.rstrip("/")
+
+        # Build candidate base URLs.
+        # Confluence Cloud REST API is typically under /wiki. Users often paste
+        # https://<site>.atlassian.net and shouldn't be forced to know about /wiki.
+        parsed = urlparse(base_url)
+        host = (parsed.hostname or "").lower()
+        path = parsed.path or ""
+
+        def with_wiki_path(url: str) -> str:
+            p = urlparse(url)
+            # Keep existing path if it already starts with /wiki
+            if (p.path or "").startswith("/wiki"):
+                return url
+            # Append /wiki, preserving any existing path (rare but safe)
+            new_path = (p.path or "") + "/wiki"
+            return urlunparse(p._replace(path=new_path.rstrip("/")))
+
+        candidate_base_urls: list[str] = []
+        if host.endswith(".atlassian.net"):
+            # For Atlassian Cloud, prefer the /wiki variant first
+            candidate_base_urls.append(with_wiki_path(base_url))
+        candidate_base_urls.append(base_url)
+        # De-duplicate while preserving order
+        candidate_base_urls = list(dict.fromkeys(candidate_base_urls))
         
         # Check authentication credentials
         username = settings.get("username")
         api_key = settings.get("api_key")
         token = settings.get("token")
 
+        api_key_value = api_key.get_secret_value() if hasattr(api_key, 'get_secret_value') else api_key
+        token_value = token.get_secret_value() if hasattr(token, 'get_secret_value') else token
+
         # Validate authentication - at least one method must be provided
-        has_basic_auth = bool(username and api_key)
-        has_token = bool(token and str(token).strip())
+        has_basic_auth = bool(username and api_key_value and str(api_key_value).strip())
+        has_token = bool(token_value and str(token_value).strip())
         
         # Determine authentication method
         auth_headers = {}
@@ -81,52 +111,56 @@ class ConfluenceConfiguration(BaseModel):
         
         if has_token:
             # Bearer token authentication
-            token_value = token.get_secret_value() if hasattr(token, 'get_secret_value') else token
             auth_headers["Authorization"] = f"Bearer {token_value}"
         elif has_basic_auth:
             # Basic authentication
-            api_key_value = api_key.get_secret_value() if hasattr(api_key, 'get_secret_value') else api_key
             auth = HTTPBasicAuth(username, api_key_value)
         else:
             return "Authentication required: provide either token or both username and api_key"
         
-        # Test connection using /rest/api/user/current endpoint
-        # This endpoint returns current user info and validates authentication
-        test_url = f"{base_url}/rest/api/user/current"
-        
         try:
-            response = requests.get(
-                test_url,
-                auth=auth,
-                headers=auth_headers,
-                timeout=10
-            )
-            
-            # Check response status
-            if response.status_code == 200:
-                # Successfully connected and authenticated
-                return None
-            elif response.status_code == 401:
-                # Authentication failed
-                if has_token:
-                    return "Authentication failed: Invalid token"
-                else:
-                    return "Authentication failed: Invalid username or API key"
-            elif response.status_code == 403:
-                return """Access forbidden: check permissions and verify the credentials you provided.
-Most probably you provided incorrect credentials (user name and api key or token)"""
-            elif response.status_code == 404:
-                return "Confluence API endpoint not found: verify the Confluence URL"
-            else:
-                return f"Confluence API returned status code {response.status_code}"
+            # Test connection using /rest/api/user/current endpoint
+            # This endpoint returns current user info and validates authentication
+            last_status = None
+            for candidate_base in candidate_base_urls:
+                test_url = f"{candidate_base}/rest/api/user/current"
+                response = requests.get(
+                    test_url,
+                    auth=auth,
+                    headers=auth_headers,
+                    timeout=10
+                )
+                last_status = response.status_code
+
+                if response.status_code == 200:
+                    return None
+
+                # If we get 404 on the first candidate, try the next one
+                if response.status_code == 404:
+                    continue
+
+                if response.status_code == 401:
+                    return "Invalid credentials (401) - check token or username/api_key"
+                if response.status_code == 403:
+                    return "Access forbidden (403) - credentials lack Confluence permissions"
+                if response.status_code == 429:
+                    return "Rate limited (429) - please try again later"
+                if 500 <= response.status_code <= 599:
+                    return f"Confluence service error (HTTP {response.status_code})"
+                return f"Confluence request failed (HTTP {response.status_code})"
+
+            # All candidates returned 404
+            return "Confluence API endpoint not found (404) - verify the Confluence URL"
 
         except requests.exceptions.SSLError as e:
-            return f"SSL certificate verification failed: {str(e)}"
+            if 'Hostname mismatch' in str(e):
+                return "SSL error - hostname mismatch. Verify the Confluence URL"
+            return "SSL error - certificate verification failed"
         except requests.exceptions.ConnectionError:
-            return f"Cannot connect to Confluence at {base_url}: connection refused"
+            return "Connection error - unable to reach Confluence. Check URL and network."
         except requests.exceptions.Timeout:
-            return f"Connection to Confluence at {base_url} timed out"
+            return "Connection timeout - Confluence did not respond within 10 seconds. Check URL and network."
         except requests.exceptions.RequestException as e:
-            return f"Error connecting to Confluence: {str(e)}"
-        except Exception as e:
-            return f"Unexpected error: {str(e)}"
+            return f"Request failed: {str(e)}"
+        except Exception:
+            return "Unexpected error during Confluence connection check"

alita_sdk/configurations/figma.py

@@ -1,8 +1,30 @@
+from json import JSONDecodeError
 from typing import Optional
 
+import requests
 from pydantic import BaseModel, ConfigDict, Field, SecretStr
 
 
+def _parse_error_response(response: requests.Response) -> Optional[str]:
+    """
+    Parse error response from Figma API to extract detailed error message.
+
+    Args:
+        response: Response object from requests
+
+    Returns:
+        Detailed error message if found, None otherwise
+    """
+    try:
+        json_response = response.json()
+        error = json_response.get("err") or json_response.get("error")
+        if error and 'Invalid token' in str(error):
+            return "Invalid token. Please verify the Figma token and try again."
+    except (JSONDecodeError, KeyError, AttributeError):
+        pass
+    return None
+
+
 class FigmaConfiguration(BaseModel):
     model_config = ConfigDict(
         json_schema_extra={
@@ -28,3 +50,57 @@ class FigmaConfiguration(BaseModel):
         }
     )
     token: Optional[SecretStr] = Field(description="Figma Token", json_schema_extra={"secret": True}, default=None)
+
+    @staticmethod
+    def check_connection(settings: dict) -> str | None:
+        """
+        Test the connection to Figma API.
+
+        Args:
+            settings: Dictionary containing 'token' (required)
+
+        Returns:
+            None if connection is successful, error message string otherwise
+        """
+        token = settings.get("token")
+        if token is None:
+            return "Token is required"
+
+        # Extract secret value if it's a SecretStr
+        if hasattr(token, "get_secret_value"):
+            token = token.get_secret_value()
+
+        # Validate token is not empty
+        if not token or not token.strip():
+            return "Token cannot be empty"
+
+        # Figma API endpoint
+        base_url = "https://api.figma.com"
+        endpoint = f"{base_url}/v1/me"
+
+        try:
+            response = requests.get(
+                endpoint,
+                headers={"X-Figma-Token": token},
+                timeout=10,
+            )
+
+            if response.status_code == 200:
+                return None  # Connection successful
+            elif response.status_code == 401:
+                detailed_error = _parse_error_response(response)
+                return detailed_error if detailed_error else "Invalid token"
+            elif response.status_code == 403:
+                detailed_error = _parse_error_response(response)
+                return detailed_error if detailed_error else "Access forbidden - token may lack required permissions"
+            else:
+                return f"Connection failed with status {response.status_code}"
+
+        except requests.exceptions.Timeout:
+            return "Connection timeout - Figma API is not responding"
+        except requests.exceptions.ConnectionError:
+            return "Connection error - unable to reach Figma API"
+        except requests.exceptions.RequestException as e:
+            return f"Request failed: {str(e)}"
+        except Exception as e:
+            return f"Unexpected error: {str(e)}"

alita_sdk/configurations/gitlab.py

@@ -44,18 +44,28 @@ class GitlabConfiguration(BaseModel):
             None if connection successful, error message string if failed
         """
         import requests
+        from urllib.parse import urlparse
         
         # Validate url
         url = settings.get("url", "").strip()
         if not url:
             return "GitLab URL is required"
         
-        # Normalize URL - remove trailing slashes
-        url = url.rstrip("/")
-        
-        # Basic URL validation
-        if not url.startswith(("http://", "https://")):
+        parsed_url = urlparse(url)
+        if parsed_url.scheme not in {"http", "https"}:
             return "GitLab URL must start with http:// or https://"
+
+        if not parsed_url.netloc:
+            return "GitLab URL is invalid"
+
+        # Reject non-base URLs (project/file links), and require a clean base URL.
+        # Expected format: <http/https>://<domain>[/]
+        if parsed_url.query or parsed_url.fragment or (parsed_url.path not in {"", "/"}):
+            base_suggestion = f"{parsed_url.scheme}://{parsed_url.netloc}/"
+            return f"GitLab URL must be a base URL like {base_suggestion}"
+
+        # Normalize URL - ensure no trailing slash
+        url = f"{parsed_url.scheme}://{parsed_url.netloc}"
         
         # Validate private_token
         private_token = settings.get("private_token")
@@ -99,6 +109,8 @@ class GitlabConfiguration(BaseModel):
                 return f"GitLab API returned status code {response.status_code}"
 
         except requests.exceptions.SSLError as e:
+            if 'Hostname mismatch' in str(e):
+                return "GitLab API endpoint not found: verify the GitLab URL"
             return f"SSL certificate verification failed: {str(e)}"
         except requests.exceptions.ConnectionError:
             return f"Cannot connect to GitLab at {url}: connection refused"