amfs-http-server 0.1.0__tar.gz

amfs_http_server-0.1.0/.gitignore

@@ -0,0 +1,16 @@
+__pycache__/
+*.pyc
+*.pyo
+.venv/
+*.egg-info/
+dist/
+build/
+.pytest_cache/
+.mypy_cache/
+.ruff_cache/
+node_modules/
+.next/
+!uv.lock
+!pnpm-lock.yaml
+.amfs/
+test.py

amfs_http_server-0.1.0/PKG-INFO

@@ -0,0 +1,14 @@
+Metadata-Version: 2.4
+Name: amfs-http-server
+Version: 0.1.0
+Summary: AMFS HTTP/REST API server with SSE support
+License-Expression: Apache-2.0
+Requires-Python: >=3.11
+Requires-Dist: amfs
+Requires-Dist: amfs-core
+Requires-Dist: fastapi>=0.115
+Requires-Dist: httpx>=0.27
+Requires-Dist: sse-starlette>=2.0
+Requires-Dist: uvicorn[standard]>=0.32
+Provides-Extra: pro
+Requires-Dist: amfs-patterns; extra == 'pro'

amfs_http_server-0.1.0/pyproject.toml

@@ -0,0 +1,27 @@
+[project]
+name = "amfs-http-server"
+version = "0.1.0"
+description = "AMFS HTTP/REST API server with SSE support"
+requires-python = ">=3.11"
+license = "Apache-2.0"
+dependencies = [
+    "amfs",
+    "amfs-core",
+    "fastapi>=0.115",
+    "uvicorn[standard]>=0.32",
+    "sse-starlette>=2.0",
+    "httpx>=0.27",
+]
+
+[project.optional-dependencies]
+pro = ["amfs-patterns"]
+
+[project.scripts]
+amfs-http = "amfs_http.server:main"
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/amfs_http"]

amfs_http_server-0.1.0/src/amfs_http/__init__.py

@@ -0,0 +1 @@
+"""AMFS HTTP/REST API server — universal access to Agent Memory over HTTP."""

amfs_http_server-0.1.0/src/amfs_http/auth.py

@@ -0,0 +1,84 @@
+"""API key authentication for the AMFS HTTP server."""
+from __future__ import annotations
+
+import hashlib
+import logging
+import os
+import secrets
+
+from fastapi import HTTPException, Security, status
+from fastapi.security import APIKeyHeader
+
+logger = logging.getLogger(__name__)
+
+API_KEY_HEADER = APIKeyHeader(name="X-AMFS-API-Key", auto_error=False)
+
+
+def get_api_keys() -> set[str]:
+    raw = os.environ.get("AMFS_API_KEYS", "")
+    if not raw:
+        return set()
+    return {k.strip() for k in raw.split(",") if k.strip()}
+
+
+def _check_db_key(api_key: str) -> bool:
+    """Check if an API key exists in amfs_api_keys table (active keys only).
+
+    Keys are stored as SHA-256 hex digests, so we hash the incoming raw key
+    before comparing.
+    """
+    try:
+        import psycopg
+        from psycopg.rows import dict_row
+
+        dsn = os.environ.get("AMFS_POSTGRES_DSN")
+        if not dsn:
+            return False
+
+        key_hash = hashlib.sha256(api_key.encode()).hexdigest()
+
+        with psycopg.connect(dsn, row_factory=dict_row) as conn:
+            row = conn.execute(
+                "SELECT id FROM amfs_api_keys "
+                "WHERE key_hash = %s AND active = TRUE "
+                "AND (expires_at IS NULL OR expires_at > NOW()) "
+                "LIMIT 1",
+                (key_hash,),
+            ).fetchone()
+            if row:
+                conn.execute(
+                    "UPDATE amfs_api_keys SET last_used = NOW() WHERE id = %s",
+                    (row["id"],),
+                )
+            return row is not None
+    except Exception:
+        logger.debug("DB API key check failed (table may not exist)", exc_info=True)
+        return False
+
+
+def generate_api_key() -> str:
+    return f"amfs_{secrets.token_urlsafe(32)}"
+
+
+async def verify_api_key(api_key: str | None = Security(API_KEY_HEADER)) -> str | None:
+    env_keys = get_api_keys()
+    if not env_keys:
+        if not os.environ.get("AMFS_POSTGRES_DSN"):
+            return None
+        if api_key and _check_db_key(api_key):
+            return api_key
+        return None
+
+    if api_key and api_key in env_keys:
+        return api_key
+
+    if api_key and _check_db_key(api_key):
+        return api_key
+
+    if api_key is None and not env_keys:
+        return None
+
+    raise HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Invalid or missing API key",
+    )

amfs_http_server-0.1.0/src/amfs_http/models.py

@@ -0,0 +1,107 @@
+"""Request and response models for the AMFS HTTP API."""
+from __future__ import annotations
+
+from datetime import datetime
+from typing import Any
+
+from pydantic import BaseModel, Field
+
+
+class WriteRequest(BaseModel):
+    entity_path: str
+    key: str
+    value: Any = None
+    confidence: float = 1.0
+    pattern_refs: list[str] = Field(default_factory=list)
+    memory_type: str = "fact"
+    shared: bool = True
+    branch: str = "main"
+
+
+class OutcomeRequest(BaseModel):
+    outcome_ref: str
+    outcome_type: str
+    causal_entry_keys: list[str] | None = None
+    causal_confidence: float = 1.0
+
+
+class SearchRequest(BaseModel):
+    query: str | None = None
+    entity_path: str | None = None
+    min_confidence: float = 0.0
+    max_confidence: float | None = None
+    agent_id: str | None = None
+    since: datetime | None = None
+    pattern_ref: str | None = None
+    limit: int = 100
+    sort_by: str = "confidence"
+    branch: str = "main"
+
+
+class ContextRequest(BaseModel):
+    label: str
+    summary: str
+    source: str | None = None
+
+
+class CreateAPIKeyRequest(BaseModel):
+    name: str
+    key_type: str = "agent"
+    scopes: list[dict[str, str]] = Field(default_factory=lambda: [{"pattern": "*", "permission": "read_write"}])
+    rate_limit_rpm: int = 120
+    expires_at: datetime | None = None
+
+
+# ──────────────────────────────────────────────────────────────────────
+# Teams (Pro)
+# ──────────────────────────────────────────────────────────────────────
+
+
+class CreateTeamRequest(BaseModel):
+    name: str
+    slug: str
+    description: str = ""
+
+
+class UpdateTeamRequest(BaseModel):
+    name: str | None = None
+    description: str | None = None
+
+
+class AddTeamMemberRequest(BaseModel):
+    email: str
+    display_name: str = ""
+    role: str = "developer"
+
+
+class UpdateTeamMemberRequest(BaseModel):
+    role: str | None = None
+    display_name: str | None = None
+
+
+# ──────────────────────────────────────────────────────────────────────
+# Patterns (Pro)
+# ──────────────────────────────────────────────────────────────────────
+
+
+class RunPatternDetectionRequest(BaseModel):
+    incident_threshold: int = 2
+    stale_days: int = 30
+    hot_entity_stddev: float = 2.0
+    drift_stddev: float = 2.0
+    entity_path: str | None = None
+
+
+# ──────────────────────────────────────────────────────────────────────
+# Events (Shared Pool Ingestion)
+# ──────────────────────────────────────────────────────────────────────
+
+
+class EventRequest(BaseModel):
+    """Direct shared-pool event ingestion without connector framework."""
+
+    source: str
+    entity_path: str
+    key: str
+    value: Any = None
+    event_type: str = "generic"

amfs_http_server-0.1.0/src/amfs_http/pro_proxy.py

@@ -0,0 +1,253 @@
+"""Pro SaaS proxy — forwards Pro feature requests to the hosted Pro API.
+
+When AMFS_PRO_URL and AMFS_PRO_API_KEY are configured, this module:
+1. Mounts proxy routes for hot-context and anticipation endpoints
+2. Provides an async event forwarder for the CortexWorker
+3. Falls back gracefully when the Pro API is unreachable
+
+Customer flow:
+  Dashboard → OSS HTTP Server (proxy) → Pro SaaS API
+  CortexWorker → Pro SaaS API (event forwarding)
+"""
+
+from __future__ import annotations
+
+import asyncio
+import json
+import logging
+import os
+import threading
+from typing import Any
+
+logger = logging.getLogger(__name__)
+
+PRO_URL = os.environ.get("AMFS_PRO_URL", "").rstrip("/")
+PRO_KEY = os.environ.get("AMFS_PRO_API_KEY", "")
+
+
+def is_pro_configured() -> bool:
+    return bool(PRO_URL and PRO_KEY)
+
+
+def _pro_headers() -> dict[str, str]:
+    return {
+        "Authorization": f"Bearer {PRO_KEY}",
+        "Content-Type": "application/json",
+    }
+
+
+# ─────────────────────────────────────────────────────────────────────
+# Route proxying — mount onto the FastAPI app
+# ─────────────────────────────────────────────────────────────────────
+
+
+def mount_pro_proxy(app) -> None:
+    """Mount proxy routes that forward Pro requests to the SaaS API."""
+    if not is_pro_configured():
+        return
+
+    import httpx
+    from fastapi import Depends, Query
+
+    _client = httpx.AsyncClient(timeout=10.0)
+
+    logger.info("Pro SaaS proxy enabled → %s", PRO_URL)
+
+    try:
+        from amfs_http.auth import verify_api_key
+    except ImportError:
+        async def verify_api_key():
+            return None
+
+    @app.get("/api/v1/cortex/hot-context")
+    async def proxy_hot_context(
+        agent_id: str | None = Query(None),
+        _auth: str | None = Depends(verify_api_key),
+    ) -> dict[str, Any]:
+        """Proxy hot-context request to Pro SaaS API."""
+        params = {}
+        if agent_id:
+            params["agent_id"] = agent_id
+        try:
+            resp = await _client.get(
+                f"{PRO_URL}/api/v1/pro/cortex/hot-context",
+                params=params,
+                headers=_pro_headers(),
+            )
+            return resp.json()
+        except Exception:
+            logger.debug("Pro API unreachable for hot-context", exc_info=True)
+            return {"agent_id": agent_id, "status": "unavailable", "focus_entities": [], "last_read_entities": []}
+
+    @app.get("/api/v1/cortex/anticipation")
+    async def proxy_anticipation(
+        entity_path: str | None = Query(None),
+        limit: int = Query(default=20, le=100),
+        _auth: str | None = Depends(verify_api_key),
+    ) -> dict[str, Any]:
+        """Fetch local digests, send to Pro SaaS for anticipation ranking."""
+        try:
+            from amfs_http.server import _cortex_worker
+            if _cortex_worker:
+                adapter = _cortex_worker._compiler._adapter
+                all_digests = adapter.list_digests()
+                digest_dicts = [d.model_dump(mode="json") for d in all_digests]
+            else:
+                digest_dicts = []
+
+            resp = await _client.post(
+                f"{PRO_URL}/api/v1/pro/cortex/rank",
+                headers=_pro_headers(),
+                json={
+                    "digests": digest_dicts,
+                    "entity_path": entity_path,
+                },
+            )
+            data = resp.json()
+            ranked = data.get("digests", [])[:limit]
+            return {"digests": ranked, "total": data.get("total", 0)}
+        except Exception:
+            logger.debug("Pro API unreachable for anticipation", exc_info=True)
+            return {"digests": [], "message": "Pro API unavailable"}
+
+    # --- Trace Pro actions (verify, replay, diff) ---
+
+    @app.post("/api/v1/pro/traces/{trace_id}/verify")
+    async def proxy_verify_trace(
+        trace_id: str,
+        _auth: str | None = Depends(verify_api_key),
+    ) -> dict[str, Any]:
+        """Proxy trace verification to Pro SaaS API."""
+        try:
+            resp = await _client.post(
+                f"{PRO_URL}/api/v1/pro/traces/{trace_id}/verify",
+                headers=_pro_headers(),
+            )
+            if resp.status_code == 404:
+                from fastapi import HTTPException
+                raise HTTPException(status_code=404, detail="Trace not found")
+            return resp.json()
+        except Exception as exc:
+            if hasattr(exc, "status_code"):
+                raise
+            logger.debug("Pro API unreachable for trace verify", exc_info=True)
+            return {"error": "Pro API unavailable"}
+
+    @app.post("/api/v1/pro/traces/{trace_id}/replay")
+    async def proxy_replay_trace(
+        trace_id: str,
+        _auth: str | None = Depends(verify_api_key),
+    ) -> dict[str, Any]:
+        """Proxy trace replay to Pro SaaS API."""
+        try:
+            resp = await _client.post(
+                f"{PRO_URL}/api/v1/pro/traces/{trace_id}/replay",
+                headers=_pro_headers(),
+            )
+            if resp.status_code == 404:
+                from fastapi import HTTPException
+                raise HTTPException(status_code=404, detail="Trace not found")
+            return resp.json()
+        except Exception as exc:
+            if hasattr(exc, "status_code"):
+                raise
+            logger.debug("Pro API unreachable for trace replay", exc_info=True)
+            return {"error": "Pro API unavailable"}
+
+    @app.post("/api/v1/pro/traces/{trace_id}/diff")
+    async def proxy_diff_trace(
+        trace_id: str,
+        _auth: str | None = Depends(verify_api_key),
+    ) -> dict[str, Any]:
+        """Proxy trace diff to Pro SaaS API."""
+        try:
+            resp = await _client.post(
+                f"{PRO_URL}/api/v1/pro/traces/{trace_id}/diff",
+                headers=_pro_headers(),
+            )
+            if resp.status_code == 404:
+                from fastapi import HTTPException
+                raise HTTPException(status_code=404, detail="Trace not found")
+            return resp.json()
+        except Exception as exc:
+            if hasattr(exc, "status_code"):
+                raise
+            logger.debug("Pro API unreachable for trace diff", exc_info=True)
+            return {"error": "Pro API unavailable"}
+
+    logger.info("Pro proxy routes mounted: hot-context, anticipation, trace-verify, trace-replay, trace-diff")
+
+
+# ─────────────────────────────────────────────────────────────────────
+# Event forwarding — used by CortexWorker to push events to Pro SaaS
+# ─────────────────────────────────────────────────────────────────────
+
+
+class ProEventForwarder:
+    """Async-safe event forwarder for the CortexWorker.
+
+    Buffers events and sends them in batches to the Pro SaaS API.
+    Runs a background thread with its own event loop so it works
+    from the synchronous CortexWorker.
+    """
+
+    def __init__(self, batch_size: int = 10, flush_interval: float = 2.0) -> None:
+        self._buffer: list[dict[str, Any]] = []
+        self._lock = threading.Lock()
+        self._batch_size = batch_size
+        self._flush_interval = flush_interval
+        self._stop = threading.Event()
+        self._thread: threading.Thread | None = None
+
+    def start(self) -> None:
+        self._thread = threading.Thread(target=self._run_loop, daemon=True, name="pro-event-forwarder")
+        self._thread.start()
+        logger.info("Pro event forwarder started → %s", PRO_URL)
+
+    def stop(self) -> None:
+        self._stop.set()
+
+    def enqueue(self, event: dict[str, Any]) -> None:
+        batch = None
+        with self._lock:
+            self._buffer.append(event)
+            if len(self._buffer) >= self._batch_size:
+                batch = self._buffer[:]
+                self._buffer.clear()
+        if batch:
+            self._send_batch(batch)
+
+    def _run_loop(self) -> None:
+        while not self._stop.is_set():
+            self._stop.wait(self._flush_interval)
+            with self._lock:
+                if not self._buffer:
+                    continue
+                batch = self._buffer[:]
+                self._buffer.clear()
+            self._send_batch(batch)
+
+    def _send_batch(self, batch: list[dict[str, Any]]) -> None:
+        if not batch:
+            return
+        try:
+            import urllib.request
+            req = urllib.request.Request(
+                f"{PRO_URL}/api/v1/pro/cortex/ingest",
+                data=json.dumps({"events": batch}).encode(),
+                headers=_pro_headers(),
+                method="POST",
+            )
+            with urllib.request.urlopen(req, timeout=5) as resp:
+                logger.debug("Forwarded %d events to Pro API (status=%d)", len(batch), resp.status)
+        except Exception:
+            logger.debug("Failed to forward %d events to Pro API", len(batch), exc_info=True)
+
+
+def create_forwarder() -> ProEventForwarder | None:
+    """Create and start a Pro event forwarder if Pro is configured."""
+    if not is_pro_configured():
+        return None
+    forwarder = ProEventForwarder()
+    forwarder.start()
+    return forwarder