connectonion 0.5.5__tar.gz → 0.5.7__tar.gz

{connectonion-0.5.5 → connectonion-0.5.7}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: connectonion
-Version: 0.5.5
+Version: 0.5.7
 Summary: A simple Python framework for creating AI agents with behavior tracking
 Project-URL: Homepage, https://github.com/openonion/connectonion
 Project-URL: Documentation, https://docs.connectonion.com

{connectonion-0.5.5 → connectonion-0.5.7}/connectonion/__init__.py

@@ -1,6 +1,6 @@
 """ConnectOnion - A simple agent framework with behavior tracking."""
 
-__version__ = "0.5.5"
+__version__ = "0.5.7"
 
 # Auto-load .env files for the entire framework
 from dotenv import load_dotenv

{connectonion-0.5.5 → connectonion-0.5.7}/connectonion/asgi.py

@@ -6,7 +6,9 @@ requests. Separated from host.py for better testing and smaller file size.
 Design decision: Raw ASGI instead of Starlette/FastAPI for full protocol control.
 See: docs/design-decisions/022-raw-asgi-implementation.md
 """
+import hmac
 import json
+import os
 from pathlib import Path
 
 from pydantic import BaseModel
@@ -34,11 +36,20 @@ async def read_body(receive) -> bytes:
     return body
 
 
+# CORS headers for cross-origin requests (e.g., frontend at o.openonion.ai
+# calling deployed agents at *.agents.openonion.ai)
+CORS_HEADERS = [
+    [b"access-control-allow-origin", b"*"],
+    [b"access-control-allow-methods", b"GET, POST, OPTIONS"],
+    [b"access-control-allow-headers", b"authorization, content-type"],
+]
+
+
 async def send_json(send, data: dict, status: int = 200):
     """Send JSON response via ASGI send."""
     body = json.dumps(data, default=_json_default).encode()
-    await send({"type": "http.response.start", "status": status,
-               "headers": [[b"content-type", b"application/json"]]})
+    headers = [[b"content-type", b"application/json"]] + CORS_HEADERS
+    await send({"type": "http.response.start", "status": status, "headers": headers})
     await send({"type": "http.response.body", "body": body})
 
 
@@ -52,6 +63,13 @@ async def send_html(send, html: bytes, status: int = 200):
     await send({"type": "http.response.body", "body": html})
 
 
+async def send_text(send, text: str, status: int = 200):
+    """Send plain text response via ASGI send."""
+    headers = [[b"content-type", b"text/plain; charset=utf-8"]] + CORS_HEADERS
+    await send({"type": "http.response.start", "status": status, "headers": headers})
+    await send({"type": "http.response.body", "body": text.encode()})
+
+
 async def handle_http(
     scope,
     receive,
@@ -81,6 +99,37 @@ async def handle_http(
     """
     method, path = scope["method"], scope["path"]
 
+    # Handle CORS preflight requests
+    if method == "OPTIONS":
+        headers = CORS_HEADERS + [[b"content-length", b"0"]]
+        await send({"type": "http.response.start", "status": 204, "headers": headers})
+        await send({"type": "http.response.body", "body": b""})
+        return
+
+    # Admin endpoints require API key auth
+    if path.startswith("/admin"):
+        headers = dict(scope.get("headers", []))
+        auth = headers.get(b"authorization", b"").decode()
+        expected = os.environ.get("OPENONION_API_KEY", "")
+        if not expected or not auth.startswith("Bearer ") or not hmac.compare_digest(auth[7:], expected):
+            await send_json(send, {"error": "unauthorized"}, 401)
+            return
+
+        if method == "GET" and path == "/admin/logs":
+            result = handlers["admin_logs"]()
+            if "error" in result:
+                await send_json(send, result, 404)
+            else:
+                await send_text(send, result["content"])
+            return
+
+        if method == "GET" and path == "/admin/sessions":
+            await send_json(send, handlers["admin_sessions"]())
+            return
+
+        await send_json(send, {"error": "not found"}, 404)
+        return
+
     if method == "POST" and path == "/input":
         body = await read_body(receive)
         try:

{connectonion-0.5.5 → connectonion-0.5.7}/connectonion/cli/commands/deploy_commands.py

@@ -5,11 +5,13 @@ LLM-Note:
   Data flow: handle_deploy() → validates git repo and .co/config.toml → _get_api_key() loads OPENONION_API_KEY → reads config.toml for project name and secrets path → dotenv_values() loads secrets from .env → git archive creates tarball of HEAD → POST to /api/v1/deploy with tarball + project_name + secrets → polls /api/v1/deploy/{id}/status until running/error → displays agent URL
   State/Effects: creates temporary tarball file in tempdir | reads .co/config.toml, .env files | makes network POST request | prints progress to stdout via rich.Console | does not modify project files
   Integration: exposes handle_deploy() for CLI | expects git repo with .co/config.toml containing project.name, project.secrets, deploy.entrypoint | uses Bearer token auth | returns void (prints results)
-  Performance: git archive is fast | network timeout 60s for upload, 10s for status checks | polls every 3s up to 100 times (~5 min)
+  Performance: git archive is fast | network timeout 600s for upload+build, 10s for status checks | polls every 3s up to 100 times (~5 min)
   Errors: fails if not git repo | fails if not ConnectOnion project (.co/config.toml missing) | fails if no API key | prints backend error messages
 """
 
+import json
 import os
+import re
 import subprocess
 import tempfile
 import time
@@ -24,6 +26,30 @@ console = Console()
 API_BASE = "https://oo.openonion.ai"
 
 
+def _check_host_export(entrypoint: str) -> bool:
+    """Check if entrypoint file exports an ASGI app via host().
+
+    Looks for patterns like:
+    - host(agent)
+    - host(my_agent)
+    - from connectonion import host
+    """
+    entrypoint_path = Path(entrypoint)
+    if not entrypoint_path.exists():
+        return False
+
+    content = entrypoint_path.read_text()
+
+    # Check for host() call pattern
+    # Matches: host(agent), host(my_agent), host( agent ), etc.
+    host_call_pattern = r'\bhost\s*\([^)]+\)'
+
+    if re.search(host_call_pattern, content):
+        return True
+
+    return False
+
+
 def _get_api_key() -> str:
     """Get OPENONION_API_KEY from env or .env files."""
     if api_key := os.getenv("OPENONION_API_KEY"):
@@ -65,6 +91,26 @@ def handle_deploy():
     secrets_path = config.get("project", {}).get("secrets", ".env")
     entrypoint = config.get("deploy", {}).get("entrypoint", "agent.py")
 
+    # Validate entrypoint exists
+    if not Path(entrypoint).exists():
+        console.print(f"[red]Entrypoint not found: {entrypoint}[/red]")
+        console.print("[dim]Set entrypoint in .co/config.toml under [deploy][/dim]")
+        return
+
+    # Validate entrypoint exports ASGI app via host()
+    if not _check_host_export(entrypoint):
+        console.print(f"[red]Entrypoint '{entrypoint}' does not export an ASGI app.[/red]")
+        console.print()
+        console.print("[yellow]To deploy, your agent must call host():[/yellow]")
+        console.print()
+        console.print("  [cyan]from connectonion import Agent, host[/cyan]")
+        console.print()
+        console.print("  [cyan]agent = Agent('my-agent', ...)[/cyan]")
+        console.print("  [cyan]host(agent)  # Starts HTTP server[/cyan]")
+        console.print()
+        console.print("[dim]See: https://docs.connectonion.com/deploy[/dim]")
+        return
+
     # Load secrets from .env
     secrets = dotenv_values(secrets_path) if Path(secrets_path).exists() else {}
 
@@ -76,7 +122,17 @@ def handle_deploy():
         check=True,
     )
 
+    # Show package size
+    tarball_size = tarball_path.stat().st_size
+    if tarball_size < 1024:
+        size_str = f"{tarball_size} B"
+    elif tarball_size < 1024 * 1024:
+        size_str = f"{tarball_size / 1024:.1f} KB"
+    else:
+        size_str = f"{tarball_size / (1024 * 1024):.2f} MB"
+
     console.print(f"  Project: {project_name}")
+    console.print(f"  Package: {size_str}")
     console.print(f"  Secrets: {len(secrets)} keys")
     console.print()
 
@@ -88,39 +144,77 @@ def handle_deploy():
             files={"package": ("agent.tar.gz", f, "application/gzip")},
             data={
                 "project_name": project_name,
-                "secrets": str(secrets),
+                "secrets": json.dumps(secrets),
                 "entrypoint": entrypoint,
             },
             headers={"Authorization": f"Bearer {api_key}"},
-            timeout=60,
+            timeout=600,  # 10 minutes for docker build
         )
 
     if response.status_code != 200:
         console.print(f"[red]Deploy failed: {response.text}[/red]")
         return
 
-    deployment_id = response.json().get("id")
+    result = response.json()
+
+    # Check for error response (backend returns 200 with error dict)
+    if "error" in result:
+        console.print(f"[red]Deploy failed: {result['error']}[/red]")
+        return
+
+    deployment_id = result.get("id")
+    url = result.get("url", "")
 
     # Wait for deployment
     console.print("Building...")
+    deploy_success = False
+    final_status = "unknown"
+    timeout_count = 0
+
     for _ in range(100):
-        status_resp = requests.get(
-            f"{API_BASE}/api/v1/deploy/{deployment_id}/status",
-            headers={"Authorization": f"Bearer {api_key}"},
-            timeout=10,
-        )
+        try:
+            status_resp = requests.get(
+                f"{API_BASE}/api/v1/deploy/{deployment_id}/status",
+                headers={"Authorization": f"Bearer {api_key}"},
+                timeout=30,  # Increased timeout for slow SSH
+            )
+        except requests.exceptions.Timeout:
+            timeout_count += 1
+            if timeout_count >= 3:
+                console.print("[yellow]Status checks timing out, but deploy may still succeed.[/yellow]")
+                break
+            time.sleep(3)
+            continue
+        except requests.exceptions.RequestException as e:
+            console.print(f"[yellow]Network error: {e}[/yellow]")
+            time.sleep(3)
+            continue
+
         if status_resp.status_code != 200:
+            console.print(f"[red]Status check failed: {status_resp.status_code}[/red]")
             break
-        status = status_resp.json().get("status")
-        if status == "running":
+
+        result = status_resp.json()
+        final_status = result.get("status", "unknown")
+
+        if final_status == "running":
+            deploy_success = True
+            # Update URL from status response (may be more up-to-date)
+            url = result.get("url") or url
             break
-        if status == "error":
-            console.print(f"[red]{status_resp.json().get('error_message')}[/red]")
+        if final_status in ("error", "failed"):
+            console.print(f"[red]Deploy failed: {result.get('error_message', 'Unknown error')}[/red]")
             return
         time.sleep(3)
 
-    url = response.json().get("url", "")
     console.print()
-    console.print("[bold green]Deployed![/bold green]")
-    console.print(f"Agent URL: {url}")
+    if deploy_success:
+        console.print("[bold green]Deployed![/bold green]")
+    else:
+        console.print(f"[yellow]Deploy status: {final_status}[/yellow]")
+        console.print("[yellow]Check status with 'co deployments' or try again.[/yellow]")
+
+    # Always show URL if we have one
+    if url:
+        console.print(f"Agent URL: {url}")
     console.print()

{connectonion-0.5.5 → connectonion-0.5.7}/connectonion/host.py

@@ -221,79 +221,55 @@ def verify_signature(payload: dict, signature: str, public_key: str) -> bool:
 def extract_and_authenticate(data: dict, trust, *, blacklist=None, whitelist=None, agent_address=None):
     """Extract prompt and authenticate request.
 
-    Supports two request formats:
+    ALL requests must be signed - this is a protocol requirement.
 
-    Simple (unsigned):
-        {"prompt": "...", "from": "0x..."}
-
-    Signed (Ed25519):
+    Required format (Ed25519 signed):
         {
-            "payload": {"prompt": "...", "to": "0x...", "timestamp": 123},
-            "from": "0xClientPublicKey",
-            "signature": "0x..."
+            "payload": {"prompt": "...", "to": "0xAgentAddress", "timestamp": 123},
+            "from": "0xCallerPublicKey",
+            "signature": "0xEd25519Signature..."
         }
 
-    Trust can be:
-        - Level: "open", "careful", "strict" (code-based checks)
-        - Policy: Natural language string (LLM evaluation)
-        - Agent: Custom Agent instance (LLM evaluation)
+    Trust levels control additional policies AFTER signature verification:
+        - "open": Any valid signer allowed
+        - "careful": Warnings for unknown signers (default)
+        - "strict": Whitelist only
+        - Custom policy/Agent: LLM evaluation
 
     Returns: (prompt, identity, sig_valid, error)
     """
-    # Determine trust level for basic auth
-    if isinstance(trust, str) and trust not in TRUST_LEVELS:
-        logging.warning(f"Unknown trust level '{trust}', defaulting to 'careful'. Valid: {TRUST_LEVELS}")
-    trust_level = trust if isinstance(trust, str) and trust in TRUST_LEVELS else "careful"
-
-    # Check for signed request format
-    if "payload" in data and "signature" in data:
-        prompt, identity, sig_valid, error = _authenticate_signed(
-            data, trust_level, blacklist=blacklist, whitelist=whitelist, agent_address=agent_address
-        )
-    else:
-        prompt, identity, sig_valid, error = _authenticate_simple(
-            data, trust_level, blacklist=blacklist, whitelist=whitelist
-        )
-
-    # If basic auth failed, return error
+    # Protocol requirement: ALL requests must be signed
+    if "payload" not in data or "signature" not in data:
+        return None, None, False, "unauthorized: signed request required"
+
+    # Verify signature (protocol level - always required)
+    prompt, identity, error = _authenticate_signed(
+        data, blacklist=blacklist, whitelist=whitelist, agent_address=agent_address
+    )
     if error:
-        return prompt, identity, sig_valid, error
+        return prompt, identity, False, error
 
-    # If trust is a policy or custom agent, evaluate with LLM
-    # Use original trust for custom check (Agent or policy string), but skip if it was a typo'd level
-    if is_custom_trust(trust) and not (isinstance(trust, str) and trust not in TRUST_LEVELS and trust_level in TRUST_LEVELS):
+    # Trust level: additional policies AFTER signature verification
+    if trust == "strict" and whitelist and identity not in whitelist:
+        return None, identity, True, "forbidden: not in whitelist"
+
+    # Custom trust policy/agent evaluation
+    if is_custom_trust(trust):
         trust_agent = create_trust_agent(trust)
-        accepted, reason = evaluate_with_trust_agent(trust_agent, prompt, identity, sig_valid)
+        accepted, reason = evaluate_with_trust_agent(trust_agent, prompt, identity, True)
         if not accepted:
-            return None, identity, sig_valid, f"rejected: {reason}"
-
-    return prompt, identity, sig_valid, None
-
+            return None, identity, True, f"rejected: {reason}"
 
-def _authenticate_simple(data: dict, trust: str, *, blacklist=None, whitelist=None):
-    """Authenticate simple unsigned request."""
-    prompt = data.get("prompt", "")
-    identity = data.get("from")
-
-    # Check blacklist
-    if blacklist and identity in blacklist:
-        return None, identity, False, "forbidden: blacklisted"
-
-    # Check whitelist (bypass other checks)
-    if whitelist and identity in whitelist:
-        return prompt, identity, True, None
+    return prompt, identity, True, None
 
-    # Trust level enforcement
-    if trust == "strict" and not identity:
-        return None, None, False, "unauthorized: identity required"
 
-    # For careful/strict without signature, mark sig_valid=False
-    sig_valid = trust == "open"
-    return prompt, identity, sig_valid, None
+def _authenticate_signed(data: dict, *, blacklist=None, whitelist=None, agent_address=None):
+    """Authenticate signed request with Ed25519 - ALWAYS REQUIRED.
 
+    Protocol-level signature verification. All requests must be signed.
 
-def _authenticate_signed(data: dict, trust: str, *, blacklist=None, whitelist=None, agent_address=None):
-    """Authenticate signed request with Ed25519."""
+    Returns: (prompt, identity, error) - error is None on success
+    """
     payload = data.get("payload", {})
     identity = data.get("from")
     signature = data.get("signature")
@@ -304,34 +280,34 @@ def _authenticate_signed(data: dict, trust: str, *, blacklist=None, whitelist=No
 
     # Check blacklist first
     if blacklist and identity in blacklist:
-        return None, identity, False, "forbidden: blacklisted"
+        return None, identity, "forbidden: blacklisted"
 
-    # Check whitelist (bypass signature check)
+    # Check whitelist (bypass signature check - trusted caller)
     if whitelist and identity in whitelist:
-        return prompt, identity, True, None
+        return prompt, identity, None
 
-    # Validate required fields for signed request
+    # Validate required fields
     if not identity:
-        return None, None, False, "unauthorized: 'from' field required for signed request"
+        return None, None, "unauthorized: 'from' field required"
     if not signature:
-        return None, identity, False, "unauthorized: signature required"
+        return None, identity, "unauthorized: signature required"
     if not timestamp:
-        return None, identity, False, "unauthorized: timestamp required in payload"
+        return None, identity, "unauthorized: timestamp required in payload"
 
     # Check timestamp expiry (5 minute window)
     now = time.time()
     if abs(now - timestamp) > SIGNATURE_EXPIRY_SECONDS:
-        return None, identity, False, "unauthorized: signature expired"
+        return None, identity, "unauthorized: signature expired"
 
     # Optionally verify 'to' matches agent address
     if agent_address and to_address and to_address != agent_address:
-        return None, identity, False, "unauthorized: wrong recipient"
+        return None, identity, "unauthorized: wrong recipient"
 
     # Verify signature
     if not verify_signature(payload, signature, identity):
-        return None, identity, False, "unauthorized: invalid signature"
+        return None, identity, "unauthorized: invalid signature"
 
-    return prompt, identity, True, None
+    return prompt, identity, None
 
 
 def get_agent_address(agent) -> str:
@@ -381,6 +357,35 @@ def is_custom_trust(trust) -> bool:
     return trust not in TRUST_LEVELS  # It's a policy string
 
 
+# === Admin Handlers ===
+
+def admin_logs_handler(agent_name: str) -> dict:
+    """GET /admin/logs - return plain text activity log file."""
+    log_path = Path(f".co/logs/{agent_name}.log")
+    if log_path.exists():
+        return {"content": log_path.read_text()}
+    return {"error": "No logs found"}
+
+
+def admin_sessions_handler() -> dict:
+    """GET /admin/sessions - return all activity sessions as JSON array."""
+    import yaml
+    sessions_dir = Path(".co/sessions")
+    if not sessions_dir.exists():
+        return {"sessions": []}
+
+    sessions = []
+    for session_file in sessions_dir.glob("*.yaml"):
+        with open(session_file) as f:
+            session_data = yaml.safe_load(f)
+            if session_data:
+                sessions.append(session_data)
+
+    # Sort by created date descending (newest first)
+    sessions.sort(key=lambda s: s.get("created", ""), reverse=True)
+    return {"sessions": sessions}
+
+
 # === Entry Point ===
 
 def _create_handlers(agent, result_ttl: int):
@@ -393,6 +398,9 @@ def _create_handlers(agent, result_ttl: int):
         "info": lambda trust: info_handler(agent, trust),
         "auth": extract_and_authenticate,
         "ws_input": agent.input,
+        # Admin endpoints (auth required via OPENONION_API_KEY)
+        "admin_logs": lambda: admin_logs_handler(agent.name),
+        "admin_sessions": admin_sessions_handler,
     }
 
 
@@ -428,7 +436,7 @@ def _start_relay_background(agent, relay_url: str, addr_data: dict):
 
 def host(
     agent,
-    port: int = 8000,
+    port: int = None,
     trust: Union[str, "Agent"] = "careful",
     result_ttl: int = 86400,
     workers: int = 1,
@@ -443,7 +451,7 @@ def host(
 
     Args:
         agent: Agent to host
-        port: HTTP port (default 8000)
+        port: HTTP port (default: PORT env var or 8000)
         trust: Trust level, policy, or Agent:
             - Level: "open", "careful", "strict"
             - Policy: Natural language or file path
@@ -463,10 +471,16 @@ def host(
         GET  /health        - Health check
         GET  /info          - Agent info
         WS   /ws            - WebSocket
+        GET  /logs          - Activity log (requires OPENONION_API_KEY)
+        GET  /logs/sessions - Activity sessions (requires OPENONION_API_KEY)
     """
     import uvicorn
     from . import address
 
+    # Use PORT env var if port not specified (for container deployments)
+    if port is None:
+        port = int(os.environ.get("PORT", 8000))
+
     # Load or generate agent identity
     co_dir = Path.cwd() / '.co'
     addr_data = address.load(co_dir)

{connectonion-0.5.5 → connectonion-0.5.7}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "connectonion"
-version = "0.5.5"
+version = "0.5.7"
 description = "A simple Python framework for creating AI agents with behavior tracking"
 readme = "README.md"
 license = {text = "MIT"}