fal 0.12.1__py3-none-any.whl → 0.12.3__py3-none-any.whl

fal/auth/auth0.py

@@ -1,14 +1,12 @@
 from __future__ import annotations
 
+import functools
 import time
 import warnings
 
 import click
-import requests
-from auth0.authentication.token_verifier import (
-    AsymmetricSignatureVerifier,
-    TokenVerifier,
-)
+import httpx
+
 from fal.console import console
 from fal.console.icons import CHECK_ICON
 from fal.console.ux import get_browser
@@ -53,7 +51,7 @@ def login() -> dict:
         "client_id": AUTH0_CLIENT_ID,
         "scope": AUTH0_SCOPE,
     }
-    device_code_response = requests.post(
+    device_code_response = httpx.post(
         f"https://{AUTH0_DOMAIN}/oauth/device/code", data=device_code_payload
     )
 
@@ -80,7 +78,7 @@ def login() -> dict:
 
     with console.status("Waiting for confirmation...") as status:
         while True:
-            token_response = requests.post(
+            token_response = httpx.post(
                 f"https://{AUTH0_DOMAIN}/oauth/token", data=token_payload
             )
 
@@ -108,14 +106,12 @@ def refresh(token: str) -> dict:
         "refresh_token": token,
     }
 
-    token_response = requests.post(
+    token_response = httpx.post(
         f"https://{AUTH0_DOMAIN}/oauth/token", data=token_payload
     )
 
     token_data = token_response.json()
     if token_response.status_code == 200:
-        # DEBUG: print("Authenticated!")
-
         validate_id_token(token_data["id_token"])
 
         return token_data
@@ -129,7 +125,7 @@ def revoke(token: str):
         "token": token,
     }
 
-    token_response = requests.post(
+    token_response = httpx.post(
         f"https://{AUTH0_DOMAIN}/oauth/revoke", data=token_payload
     )
 
@@ -141,7 +137,7 @@ def revoke(token: str):
 
 
 def get_user_info(bearer_token: str) -> dict:
-    userinfo_response = requests.post(
+    userinfo_response = httpx.post(
         f"https://{AUTH0_DOMAIN}/userinfo",
         headers={"Authorization": bearer_token},
     )
@@ -152,24 +148,38 @@ def get_user_info(bearer_token: str) -> dict:
     return userinfo_response.json()
 
 
+@functools.lru_cache
+def build_jwk_client():
+    from jwt import PyJWKClient
+
+    return PyJWKClient(AUTH0_JWKS_URL, cache_keys=True)
+
+
 def validate_id_token(token: str):
     """
-    Verify the token and its precedence.
-    `id_token`s are intended for the client (this sdk) only.
-    Never send one to another service.
-
-    :param id_token:
+    id_token is intended for the client (this sdk) only. Never send one to another service.
     """
-    sv = AsymmetricSignatureVerifier(AUTH0_JWKS_URL)
-    tv = TokenVerifier(
-        signature_verifier=sv,
+    from jwt import decode
+
+    jwk_client = build_jwk_client()
+
+    decode(
+        token,
+        key=jwk_client.get_signing_key_from_jwt(token).key,
+        algorithms=AUTH0_ALGORITHMS,
         issuer=AUTH0_ISSUER,
         audience=AUTH0_CLIENT_ID,
+        options={
+            "verify_signature": True,
+            "verify_exp": True,
+            "verify_iat": True,
+            "verify_aud": True,
+            "verify_iss": True,
+        },
     )
-    tv.verify(token)
 
 
-def validate_access_token(token: str):
+def verify_access_token_expiration(token: str):
     from datetime import timedelta
 
     from jwt import decode

fal/cli.py

@@ -1,28 +1,24 @@
 from __future__ import annotations
 
 import json
-from datetime import datetime
 from http import HTTPStatus
 from sys import argv
 from typing import Literal
 from uuid import uuid4
 
 import click
-import fal.auth as auth
+import openapi_fal_rest.api.billing.get_user_details as get_user_details
+from rich.table import Table
+
 import fal
-from fal import api, sdk
+import fal.auth as auth
+from fal import _serialization, api, sdk
 from fal.console import console
 from fal.exceptions import ApplicationExceptionHandler
 from fal.logging import get_logger, set_debug_logging
-from fal.logging.isolate import IsolateLogPrinter
 from fal.logging.trace import get_tracer
 from fal.rest_client import REST_CLIENT
 from fal.sdk import AliasInfo, KeyScope
-from isolate.logs import Log, LogLevel, LogSource
-from rich.table import Table
-
-import openapi_fal_rest.api.billing.get_user_details as get_user_details
-import openapi_fal_rest.api.logs.list_since as list_logs
 
 DEFAULT_HOST = "api.alpha.fal.ai"
 HOST_ENVVAR = "FAL_HOST"
@@ -33,7 +29,7 @@ PORT_ENVVAR = "FAL_PORT"
 DEBUG_ENABLED = False
 
 
-log = get_logger(__name__)
+logger = get_logger(__name__)
 
 
 class ExecutionInfo:
@@ -67,13 +63,13 @@ class MainGroup(click.Group):
             qualified_name, attributes={"invocation_id": invocation_id}
         ):
             try:
-                log.debug(
+                logger.debug(
                     f"Executing command: {qualified_name}",
                     command=qualified_name,
                 )
                 return super().invoke(ctx)
             except Exception as exception:
-                log.error(exception)
+                logger.error(exception)
                 if execution_info.debug:
                     # Here we supress detailed errors on click lines because
                     # they're mostly decorator calls, irrelevant to the dev's error tracing
@@ -192,7 +188,7 @@ def key_generate(client: sdk.FalServerlessClient, scope: str, alias: str | None)
             "This is the only time the secret will be visible.\n"
             "You will need to generate a new key pair if you lose access to this secret."
         )
-        print(f"FAL_KEY_ID='{result[1]}'\nFAL_KEY_SECRET='{result[0]}'")
+        print(f"FAL_KEY='{result[1]}:{result[0]}'")
 
 
 @key_cli.command(name="list")
@@ -246,6 +242,10 @@ def load_function_from(
     if function_name not in module:
         raise api.FalServerlessError(f"Function '{function_name}' not found in module")
 
+    # The module for the function is set to <run_path> when runpy is used, in which
+    # case we want to manually include the packages it is defined in.
+    _serialization.include_packages_from_path(file_path)
+
     target = module[function_name]
     if isinstance(target, type) and issubclass(target, fal.App):
         target = fal.wrap_app(target, host=host)
@@ -300,18 +300,19 @@ def register_application(
     )
 
     if id:
-        # TODO: should we centralize this URL format?
-        gateway_host = host.url.replace("api.", "gateway.")
-        gateway_host = remove_http_and_port_from_url(gateway_host)
+        gateway_host = remove_http_and_port_from_url(host.url)
+        gateway_host = (
+            gateway_host.replace("api.", "").replace("alpha.", "").replace("ai", "run")
+        )
 
         if alias:
             console.print(
                 f"Registered a new revision for function '{alias}' (revision='{id}')."
             )
-            console.print(f"URL: https://{user_id}-{alias}.{gateway_host}")
+            console.print(f"URL: https://{gateway_host}/{user_id}/{alias}")
         else:
             console.print(f"Registered anonymous function '{id}'.")
-            console.print(f"URL: https://{user_id}-{id}.{gateway_host}")
+            console.print(f"URL: https://{gateway_host}/{user_id}/{id}")
 
 
 @function_cli.command("run")
@@ -330,25 +331,9 @@ def run(host: api.FalServerlessHost, file_path: str, function_name: str):
 def get_logs(
     host: api.FalServerlessHost, lines: int | None = 100, url: str | None = None
 ):
-    log_printer = IsolateLogPrinter(debug=True)
-    logs_response = list_logs.sync_detailed(
-        client=REST_CLIENT, limit=lines, url_query=url
+    console.print(
+        "logs command is deprecated. To see logs, got to fal web page: https://www.fal.ai/dashboard/logs"
     )
-    if not logs_response.status_code == 200 or type(logs_response.parsed) != list:
-        raise api.FalServerlessError(str(logs_response.parsed))
-    if len(logs_response.parsed) == 0:
-        console.print("No logs found")
-    for log in logs_response.parsed:
-        app = log.app or "fal"
-
-        log_printer.print(
-            Log(
-                message=f"{app}: {log.message}",
-                source=LogSource.USER,
-                level=LogLevel[log.level],
-                timestamp=datetime.fromisoformat(log.timestamp),
-            )
-        )
 
 
 ##### Alias group #####
@@ -448,7 +433,12 @@ def alias_update(
     min_concurrency: int | None,
 ):
     with client.connect() as connection:
-        if keep_alive is None and max_multiplexing is None and max_concurrency is None:
+        if (
+            keep_alive is None
+            and max_multiplexing is None
+            and max_concurrency is None
+            and min_concurrency is None
+        ):
             console.log("No parameters for update were provided, ignoring.")
             return
 
@@ -478,31 +468,23 @@ def alias_list_runners(
     table.add_column("Runner ID")
     table.add_column("In Flight Requests")
     table.add_column("Expires in")
+    table.add_column("Uptime")
 
     for runner in runners:
         table.add_row(
             runner.runner_id,
             str(runner.in_flight_requests),
-            "N/A (active)"
-            if not runner.expiration_countdown
-            else f"{runner.expiration_countdown}s",
+            (
+                "N/A (active)"
+                if not runner.expiration_countdown
+                else f"{runner.expiration_countdown}s"
+            ),
+            f"{runner.uptime} ({runner.uptime.total_seconds()}s)",
         )
 
     console.print(table)
 
 
-@alias_cli.command("scale")
-@click.argument("alias", required=True)
-@click.argument("max_concurrency", required=True, type=int)
-def alias_scale(alias: str, max_concurrency: int):
-    alias_update.callback(
-        alias=alias,
-        keep_alive=None,
-        max_multiplexing=None,
-        max_concurrency=max_concurrency,
-    )  # type: ignore
-
-
 ##### Secrets group #####
 @click.group
 @click.option("--host", default=DEFAULT_HOST, envvar=HOST_ENVVAR)

fal/env.py

@@ -1,7 +1,3 @@
 from __future__ import annotations
 
 CLI_ENV = "prod"
-
-DATADOG_API_KEY = "pub4cd6a1c4763c93ad5af2740b2d931145"
-DATADOG_APP_KEY = "4981bae640864a409dcfaddd69c2a157523b1585"
-

fal/exceptions/handlers.py

@@ -2,11 +2,12 @@ from __future__ import annotations
 
 from typing import Generic, TypeVar
 
-from fal.console import console
-from fal.console.icons import CROSS_ICON
 from grpc import Call as RpcCall
 from rich.markdown import Markdown
 
+from fal.console import console
+from fal.console.icons import CROSS_ICON
+
 from ._base import FalServerlessException
 
 ExceptionType = TypeVar("ExceptionType")

fal/flags.py

@@ -24,4 +24,9 @@ REST_HOST = GRPC_HOST.replace("api", "rest", 1)
 REST_SCHEME = "http" if TEST_MODE or AUTH_DISABLED else "https"
 REST_URL = f"{REST_SCHEME}://{REST_HOST}"
 
+# fal.run / env.fal.run
+FAL_RUN_HOST = (
+    GRPC_HOST.replace("api.", "", 1).replace("alpha.", "", 1).replace(".ai", ".run", 1)
+)
+
 FORCE_SETUP = bool_envvar("FAL_FORCE_SETUP")

fal/logging/__init__.py

@@ -5,7 +5,6 @@ from typing import Any
 import structlog
 from structlog.typing import EventDict, WrappedLogger
 
-from .datadog import submit_to_datadog
 from .style import LEVEL_STYLES
 from .user import add_user_id
 
@@ -45,7 +44,6 @@ structlog.configure(
         structlog.processors.TimeStamper(fmt="%Y-%m-%d %H:%M:%S"),
         structlog.processors.StackInfoRenderer(),
         add_user_id,
-        submit_to_datadog,
         _console_log_output,
     ],
     wrapper_class=structlog.stdlib.BoundLogger,

fal/logging/trace.py

@@ -7,6 +7,10 @@ from grpc_interceptor import ClientCallDetails, ClientInterceptor
 from opentelemetry import trace
 from opentelemetry.sdk.trace import TracerProvider
 
+from fal.logging import get_logger
+
+logger = get_logger(__name__)
+
 provider = TracerProvider()
 # The line below can be used in dev to inspect opentelemetry result
 # It must be imported from opentelemetry.sdk.trace.export
@@ -41,6 +45,7 @@ class TraceContextInterceptor(ClientInterceptor):
         call_details: ClientCallDetails,
     ):
         current_span = get_current_span_context()
+
         if current_span is not None:
             new_details = call_details._replace(
                 metadata=(
@@ -50,5 +55,7 @@ class TraceContextInterceptor(ClientInterceptor):
                     ("x-fal-invocation-id", current_span.invocation_id),
                 )
             )
-            return method(request_or_iterator, new_details)
+            call_details = new_details
+
+        logger.debug("Calling %s", call_details)
         return method(request_or_iterator, call_details)

fal/logging/user.py

@@ -1,8 +1,9 @@
 from __future__ import annotations
 
-from fal.auth import USER
 from structlog.typing import EventDict, WrappedLogger
 
+from fal.auth import USER
+
 
 def add_user_id(
     logger: WrappedLogger, method_name: str, event_dict: EventDict

fal/rest_client.py

@@ -1,10 +1,10 @@
 from __future__ import annotations
 
+from openapi_fal_rest.client import Client
+
 import fal.flags as flags
 from fal.sdk import get_default_credentials
 
-from openapi_fal_rest.client import Client
-
 
 class CredentialsClient(Client):
     def get_headers(self) -> dict[str, str]:

fal/sdk.py

@@ -1,7 +1,6 @@
 from __future__ import annotations
 
 import enum
-import os
 from contextlib import ExitStack
 from dataclasses import dataclass, field
 from datetime import datetime, timedelta
@@ -9,15 +8,16 @@ from enum import Enum
 from typing import Any, Callable, Generic, Iterator, Literal, TypeVar
 
 import grpc
+from isolate.connections.common import is_agent
+from isolate.logs import Log
+from isolate.server.interface import from_grpc, to_serialized_object, to_struct
+
 import isolate_proto
 from fal import flags
 from fal._serialization import patch_dill
-from fal.auth import USER
+from fal.auth import USER, key_credentials
 from fal.logging import get_logger
 from fal.logging.trace import TraceContextInterceptor
-from isolate.connections.common import is_agent
-from isolate.logs import Log
-from isolate.server.interface import from_grpc, to_serialized_object, to_struct
 from isolate_proto.configuration import GRPC_OPTIONS
 
 ResultT = TypeVar("ResultT")
@@ -29,7 +29,7 @@ FAL_SERVERLESS_DEFAULT_KEEP_ALIVE = 10
 FAL_SERVERLESS_DEFAULT_MAX_MULTIPLEXING = 1
 FAL_SERVERLESS_DEFAULT_MIN_CONCURRENCY = 0
 
-log = get_logger(__name__)
+logger = get_logger(__name__)
 
 patch_dill()
 
@@ -39,8 +39,29 @@ class ServerCredentials:
         raise NotImplementedError
 
     @property
-    def extra_options(self) -> list[tuple[str, str]]:
-        return GRPC_OPTIONS
+    def base_options(self) -> dict[str, str | int]:
+        import json
+
+        grpc_ops: dict[str, str | int] = dict(GRPC_OPTIONS)
+        grpc_ops["grpc.enable_retries"] = 1
+        grpc_ops["grpc.service_config"] = json.dumps(
+            {
+                "methodConfig": [
+                    {
+                        "name": [{}],
+                        "retryPolicy": {
+                            "maxAttempts": 5,
+                            "initialBackoff": "0.1s",
+                            "maxBackoff": "5s",
+                            "backoffMultiplier": 2,
+                            "retryableStatusCodes": ["UNAVAILABLE"],
+                        },
+                    }
+                ]
+            }
+        )
+
+        return grpc_ops
 
 
 class LocalCredentials(ServerCredentials):
@@ -123,27 +144,13 @@ class ServerlessSecret:
     created_at: datetime
 
 
-def key_credentials() -> FalServerlessKeyCredentials | None:
-    # Ignore key credentials when the user forces auth by user.
-    if os.environ.get("FAL_FORCE_AUTH_BY_USER") == "1":
-        return None
-
-    if "FAL_KEY_ID" in os.environ and "FAL_KEY_SECRET" in os.environ:
-        return FalServerlessKeyCredentials(
-            os.environ["FAL_KEY_ID"],
-            os.environ["FAL_KEY_SECRET"],
-        )
-    else:
-        return None
-
-
-def _get_agent_credentials(original_credentials: Credentials) -> Credentials:
+def get_agent_credentials(original_credentials: Credentials) -> Credentials:
     """If running inside a fal Serverless box, use the preconfigured credentials
     instead of the user provided ones."""
 
     key_creds = key_credentials()
     if is_agent() and key_creds:
-        return key_creds
+        return FalServerlessKeyCredentials(key_creds[0], key_creds[1])
     else:
         return original_credentials
 
@@ -154,8 +161,8 @@ def get_default_credentials() -> Credentials:
 
     key_creds = key_credentials()
     if key_creds:
-        log.debug("Using key credentials")
-        return key_creds
+        logger.debug("Using key credentials")
+        return FalServerlessKeyCredentials(key_creds[0], key_creds[1])
     else:
         return AuthenticatedCredentials()
 
@@ -197,6 +204,7 @@ class RunnerInfo:
     runner_id: str
     in_flight_requests: int
     expiration_countdown: int
+    uptime: timedelta
 
 
 @dataclass
@@ -284,6 +292,7 @@ def _from_grpc_runner_info(message: isolate_proto.RunnerInfo) -> RunnerInfo:
         runner_id=message.runner_id,
         in_flight_requests=message.in_flight_requests,
         expiration_countdown=message.expiration_countdown,
+        uptime=timedelta(seconds=message.uptime),
     )
 
 
@@ -293,9 +302,11 @@ def _from_grpc_register_application_result(
 ) -> RegisterApplicationResult:
     return RegisterApplicationResult(
         logs=[from_grpc(log) for log in message.logs],
-        result=None
-        if not message.HasField("result")
-        else RegisterApplicationResultType(message.result.application_id),
+        result=(
+            None
+            if not message.HasField("result")
+            else RegisterApplicationResultType(message.result.application_id)
+        ),
     )
 
 
@@ -358,10 +369,14 @@ class FalServerlessConnection:
         if self._stub:
             return self._stub
 
-        options = self.credentials.server_credentials.extra_options
+        options = self.credentials.server_credentials.base_options
         channel_creds = self.credentials.to_grpc()
         channel = self._stack.enter_context(
-            grpc.secure_channel(self.hostname, channel_creds, options)
+            grpc.secure_channel(
+                target=self.hostname,
+                credentials=channel_creds,
+                options=list(options.items()),
+            )
         )
         channel = grpc.intercept_channel(channel, TraceContextInterceptor())
         self._stub = isolate_proto.IsolateControllerStub(channel)

fal/sync.py

@@ -5,14 +5,14 @@ import os
 import zipfile
 from pathlib import Path
 
-from fal.rest_client import REST_CLIENT
-from pathspec import PathSpec
-
 import openapi_fal_rest.api.files.check_dir_hash as check_dir_hash_api
 import openapi_fal_rest.api.files.upload_local_file as upload_local_file_api
 import openapi_fal_rest.models.body_upload_local_file as upload_file_model
 import openapi_fal_rest.models.hash_check as hash_check_model
 import openapi_fal_rest.types as rest_types
+from pathspec import PathSpec
+
+from fal.rest_client import REST_CLIENT
 
 
 def _check_hash(target_path: str, hash_string: str) -> bool:

fal/toolkit/__init__.py

@@ -1,8 +1,9 @@
 from __future__ import annotations
 
-from fal.toolkit.file.file import File
+from fal.toolkit.file import CompressedFile, File
 from fal.toolkit.image.image import Image, ImageSizeInput, get_image_size
 from fal.toolkit.mainify import mainify
+from fal.toolkit.optimize import optimize
 from fal.toolkit.utils import (
     FAL_MODEL_WEIGHTS_DIR,
     FAL_PERSISTENT_DIR,
@@ -11,3 +12,19 @@ from fal.toolkit.utils import (
     download_file,
     download_model_weights,
 )
+
+__all__ = [
+    "CompressedFile",
+    "File",
+    "Image",
+    "ImageSizeInput",
+    "get_image_size",
+    "mainify",
+    "optimize",
+    "FAL_MODEL_WEIGHTS_DIR",
+    "FAL_PERSISTENT_DIR",
+    "FAL_REPOSITORY_DIR",
+    "clone_repository",
+    "download_file",
+    "download_model_weights",
+]