fast-agent-mcp 0.3.4__py3-none-any.whl → 0.3.6__py3-none-any.whl

fast_agent/agents/llm_agent.py

@@ -137,10 +137,24 @@ class LlmAgent(LlmDecorator):
         display_name = name if name is not None else self.name
         display_model = model if model is not None else (self.llm.model_name if self._llm else None)
 
+        # Convert highlight_items to highlight_index
+        highlight_index = None
+        if highlight_items and bottom_items:
+            if isinstance(highlight_items, str):
+                try:
+                    highlight_index = bottom_items.index(highlight_items)
+                except ValueError:
+                    pass
+            elif isinstance(highlight_items, list) and len(highlight_items) > 0:
+                try:
+                    highlight_index = bottom_items.index(highlight_items[0])
+                except ValueError:
+                    pass
+
         await self.display.show_assistant_message(
             message_text,
             bottom_items=bottom_items,
-            highlight_items=highlight_items,
+            highlight_index=highlight_index,
             max_item_length=max_item_length,
             name=display_name,
             model=display_model,

fast_agent/agents/mcp_agent.py

@@ -156,6 +156,9 @@ class McpAgent(ABC, ToolAgent):
         """
         await self.__aenter__()
 
+        # Apply template substitution to the instruction with server instructions
+        await self._apply_instruction_templates()
+
     async def shutdown(self) -> None:
         """
         Shutdown the agent and close all MCP server connections.
@@ -174,6 +177,67 @@ class McpAgent(ABC, ToolAgent):
         self._initialized = value
         self._aggregator.initialized = value
 
+    async def _apply_instruction_templates(self) -> None:
+        """
+        Apply template substitution to the instruction, including server instructions.
+        This is called during initialization after servers are connected.
+        """
+        if not self.instruction:
+            return
+
+        # Gather server instructions if the template includes {{serverInstructions}}
+        if "{{serverInstructions}}" in self.instruction:
+            try:
+                instructions_data = await self._aggregator.get_server_instructions()
+                server_instructions = self._format_server_instructions(instructions_data)
+            except Exception as e:
+                self.logger.warning(f"Failed to get server instructions: {e}")
+                server_instructions = ""
+
+            # Replace the template variable
+            self.instruction = self.instruction.replace("{{serverInstructions}}", server_instructions)
+
+
+        # Update default request params to match
+        if self._default_request_params:
+            self._default_request_params.systemPrompt = self.instruction
+
+        self.logger.debug(f"Applied instruction templates for agent {self._name}")
+
+    def _format_server_instructions(self, instructions_data: Dict[str, tuple[str | None, List[str]]]) -> str:
+        """
+        Format server instructions with XML tags and tool lists.
+
+        Args:
+            instructions_data: Dict mapping server name to (instructions, tool_names)
+
+        Returns:
+            Formatted string with server instructions
+        """
+        if not instructions_data:
+            return ""
+
+        formatted_parts = []
+        for server_name, (instructions, tool_names) in instructions_data.items():
+            # Skip servers with no instructions
+            if instructions is None:
+                continue
+
+            # Format tool names with server prefix
+            prefixed_tools = [f"{server_name}-{tool}" for tool in tool_names]
+            tools_list = ", ".join(prefixed_tools) if prefixed_tools else "No tools available"
+
+            formatted_parts.append(
+                f"<mcp-server name=\"{server_name}\">\n"
+                f"<tools>{tools_list}</tools>\n"
+                f"<instructions>\n{instructions}\n</instructions>\n"
+                f"</mcp-server>"
+            )
+
+        if formatted_parts:
+            return "\n\n".join(formatted_parts)
+        return ""
+
     async def __call__(
         self,
         message: Union[
@@ -549,12 +613,20 @@ class McpAgent(ABC, ToolAgent):
             namespaced_tool = self._aggregator._namespaced_tool_map.get(tool_name)
             display_tool_name = namespaced_tool.tool.name if namespaced_tool else tool_name
 
+            # Find the index of the current tool in available_tools for highlighting
+            highlight_index = None
+            try:
+                highlight_index = available_tools.index(display_tool_name)
+            except ValueError:
+                # Tool not found in list, no highlighting
+                pass
+
             self.display.show_tool_call(
                 name=self._name,
                 tool_args=tool_args,
                 bottom_items=available_tools,
                 tool_name=display_tool_name,
-                highlight_items=tool_name,
+                highlight_index=highlight_index,
                 max_item_length=12,
             )
 

fast_agent/agents/tool_agent.py

@@ -128,11 +128,21 @@ class ToolAgent(LlmAgent):
         for correlation_id, tool_request in request.tool_calls.items():
             tool_name = tool_request.params.name
             tool_args = tool_request.params.arguments or {}
+
+            # Find the index of the current tool in available_tools for highlighting
+            highlight_index = None
+            try:
+                highlight_index = available_tools.index(tool_name)
+            except ValueError:
+                # Tool not found in list, no highlighting
+                pass
+
             self.display.show_tool_call(
                 name=self.name,
                 tool_args=tool_args,
                 bottom_items=available_tools,
                 tool_name=tool_name,
+                highlight_index=highlight_index,
                 max_item_length=12,
             )
 

fast_agent/agents/workflow/router_agent.py

@@ -300,10 +300,18 @@ class RouterAgent(LlmAgent):
             if response.reasoning:
                 routing_message += f" ({response.reasoning})"
 
+            # Convert highlight_items to highlight_index
+            agent_keys = list(self.agent_map.keys())
+            highlight_index = None
+            try:
+                highlight_index = agent_keys.index(response.agent)
+            except ValueError:
+                pass
+
             await self.display.show_assistant_message(
                 routing_message,
-                bottom_items=list(self.agent_map.keys()),
-                highlight_items=[response.agent],
+                bottom_items=agent_keys,
+                highlight_index=highlight_index,
                 name=self.name,
             )
 

fast_agent/cli/__main__.py

@@ -13,14 +13,17 @@ def main():
         # Check if first arg is not already a subcommand
         first_arg = sys.argv[1]
 
-        if first_arg not in KNOWN_SUBCOMMANDS and any(
-            arg in sys.argv or any(arg.startswith(opt + "=") for opt in GO_SPECIFIC_OPTIONS)
-            for arg in sys.argv
-        ):
+        # Only auto-route if any known go-specific options are present
+        has_go_options = any(
+            (arg in GO_SPECIFIC_OPTIONS) or any(arg.startswith(opt + "=") for opt in GO_SPECIFIC_OPTIONS)
+            for arg in sys.argv[1:]
+        )
+
+        if first_arg not in KNOWN_SUBCOMMANDS and has_go_options:
             # Find where to insert 'go' - before the first go-specific option
             insert_pos = 1
             for i, arg in enumerate(sys.argv[1:], 1):
-                if arg in GO_SPECIFIC_OPTIONS or any(
+                if (arg in GO_SPECIFIC_OPTIONS) or any(
                     arg.startswith(opt + "=") for opt in GO_SPECIFIC_OPTIONS
                 ):
                     insert_pos = i

fast_agent/cli/commands/auth.py

@@ -0,0 +1,393 @@
+"""Authentication management commands for fast-agent.
+
+Shows keyring backend, per-server OAuth token status, and provides a way to clear tokens.
+"""
+
+from __future__ import annotations
+
+from typing import Dict, List, Optional
+
+import typer
+from rich.table import Table
+
+from fast_agent.config import Settings, get_settings
+from fast_agent.mcp.oauth_client import (
+    _derive_base_server_url,
+    clear_keyring_token,
+    compute_server_identity,
+    list_keyring_tokens,
+)
+from fast_agent.ui.console import console
+
+app = typer.Typer(help="Manage OAuth authentication state for MCP servers")
+
+
+def _get_keyring_status() -> tuple[str, bool]:
+    """Return (backend_name, usable) where usable=False for the fail backend or missing keyring."""
+    try:
+        import keyring
+
+        kr = keyring.get_keyring()
+        name = getattr(kr, "name", kr.__class__.__name__)
+        try:
+            from keyring.backends.fail import Keyring as FailKeyring  # type: ignore
+
+            return name, not isinstance(kr, FailKeyring)
+        except Exception:
+            # If fail backend marker cannot be imported, assume usable
+            return name, True
+    except Exception:
+        return "unavailable", False
+
+
+def _get_keyring_backend_name() -> str:
+    # Backwards-compat helper; prefer _get_keyring_status in new code
+    name, _ = _get_keyring_status()
+    return name
+
+
+def _keyring_get_password(service: str, username: str) -> str | None:
+    try:
+        import keyring
+
+        return keyring.get_password(service, username)
+    except Exception:
+        return None
+
+
+def _keyring_delete_password(service: str, username: str) -> bool:
+    try:
+        import keyring
+
+        keyring.delete_password(service, username)
+        return True
+    except Exception:
+        return False
+
+
+def _server_rows_from_settings(settings: Settings):
+    rows = []
+    mcp = getattr(settings, "mcp", None)
+    servers = getattr(mcp, "servers", {}) if mcp else {}
+    for name, cfg in servers.items():
+        transport = getattr(cfg, "transport", "")
+        if transport == "stdio":
+            # STDIO servers do not use OAuth; skip in auth views
+            continue
+        url = getattr(cfg, "url", None)
+        auth = getattr(cfg, "auth", None)
+        oauth_enabled = getattr(auth, "oauth", True) if auth is not None else True
+        persist = getattr(auth, "persist", "keyring") if auth is not None else "keyring"
+        identity = compute_server_identity(cfg)
+        # token presence only meaningful if persist is keyring and transport is http/sse
+        has_token = False
+        if persist == "keyring" and transport in ("http", "sse") and oauth_enabled:
+            has_token = (
+                _keyring_get_password("fast-agent-mcp", f"oauth:tokens:{identity}") is not None
+            )
+        rows.append(
+            {
+                "name": name,
+                "transport": transport,
+                "url": url or "",
+                "persist": persist,
+                "oauth": oauth_enabled and transport in ("http", "sse"),
+                "has_token": has_token,
+                "identity": identity,
+            }
+        )
+    return rows
+
+
+def _servers_by_identity(settings: Settings) -> Dict[str, List[str]]:
+    """Group configured server names by derived identity (base URL)."""
+    mapping: Dict[str, List[str]] = {}
+    mcp = getattr(settings, "mcp", None)
+    servers = getattr(mcp, "servers", {}) if mcp else {}
+    for name, cfg in servers.items():
+        try:
+            identity = compute_server_identity(cfg)
+        except Exception:
+            identity = name
+        mapping.setdefault(identity, []).append(name)
+    return mapping
+
+
+@app.command()
+def status(
+    target: Optional[str] = typer.Argument(None, help="Identity (base URL) or server name"),
+    config_path: Optional[str] = typer.Option(None, "--config-path", "-c"),
+) -> None:
+    """Show keyring backend and token status for configured MCP servers."""
+    settings = get_settings(config_path)
+    backend, backend_usable = _get_keyring_status()
+
+    # Single-target view if target provided
+    if target:
+        settings = get_settings(config_path)
+        identity = _derive_base_server_url(target) if "://" in target else None
+        if not identity:
+            servers = getattr(getattr(settings, "mcp", None), "servers", {}) or {}
+            cfg = servers.get(target)
+            if not cfg:
+                typer.echo(f"Server '{target}' not found in config; treating as identity")
+                identity = target
+            else:
+                identity = compute_server_identity(cfg)
+
+        # Direct presence check
+        present = False
+        if backend_usable:
+            try:
+                import keyring
+
+                present = (
+                    keyring.get_password("fast-agent-mcp", f"oauth:tokens:{identity}") is not None
+                )
+            except Exception:
+                present = False
+
+        table = Table(show_header=True, box=None)
+        table.add_column("Identity", header_style="bold")
+        table.add_column("Token", header_style="bold")
+        table.add_column("Servers", header_style="bold")
+        by_id = _servers_by_identity(settings)
+        servers_for_id = ", ".join(by_id.get(identity, [])) or "[dim]None[/dim]"
+        token_disp = "[bold green]✓[/bold green]" if present else "[dim]✗[/dim]"
+        table.add_row(identity, token_disp, servers_for_id)
+
+        if backend_usable and backend != "unavailable":
+            console.print(f"Keyring backend: [green]{backend}[/green]")
+        else:
+            console.print("Keyring backend: [red]not available[/red]")
+        console.print(table)
+        console.print(
+            "\n[dim]Run 'fast-agent auth clear --identity "
+            f"{identity}[/dim][dim]' to remove this token, or 'fast-agent auth clear --all' to remove all.[/dim]"
+        )
+        return
+
+    # Full status view
+    if backend_usable and backend != "unavailable":
+        console.print(f"Keyring backend: [green]{backend}[/green]")
+    else:
+        console.print("Keyring backend: [red]not available[/red]")
+
+    tokens = list_keyring_tokens()
+    token_table = Table(show_header=True, box=None)
+    token_table.add_column("Stored Tokens (Identity)", header_style="bold")
+    token_table.add_column("Present", header_style="bold")
+    if tokens:
+        for ident in tokens:
+            token_table.add_row(ident, "[bold green]✓[/bold green]")
+    else:
+        token_table.add_row("[dim]None[/dim]", "[dim]✗[/dim]")
+
+    console.print(token_table)
+
+    rows = _server_rows_from_settings(settings)
+    if rows:
+        map_table = Table(show_header=True, box=None)
+        map_table.add_column("Server", header_style="bold")
+        map_table.add_column("Transport", header_style="bold")
+        map_table.add_column("OAuth", header_style="bold")
+        map_table.add_column("Persist", header_style="bold")
+        map_table.add_column("Token", header_style="bold")
+        map_table.add_column("Identity", header_style="bold")
+        for row in rows:
+            oauth_status = "[green]on[/green]" if row["oauth"] else "[dim]off[/dim]"
+            persist = row["persist"]
+            persist_disp = (
+                f"[green]{persist}[/green]"
+                if persist == "keyring"
+                else f"[yellow]{persist}[/yellow]"
+            )
+            # Direct presence check for each identity so status works even without index
+            has_token = False
+            token_disp = "[dim]✗[/dim]"
+            if persist == "keyring" and row["oauth"]:
+                if backend_usable:
+                    try:
+                        import keyring
+
+                        has_token = (
+                            keyring.get_password(
+                                "fast-agent-mcp", f"oauth:tokens:{row['identity']}"
+                            )
+                            is not None
+                        )
+                    except Exception:
+                        has_token = False
+                    token_disp = "[bold green]✓[/bold green]" if has_token else "[dim]✗[/dim]"
+                else:
+                    token_disp = "[red]not available[/red]"
+            elif persist == "memory" and row["oauth"]:
+                token_disp = "[yellow]memory[/yellow]"
+            map_table.add_row(
+                row["name"],
+                row["transport"].upper(),
+                oauth_status,
+                persist_disp,
+                token_disp,
+                row["identity"],
+            )
+        console.print(map_table)
+
+    console.print(
+        "\n[dim]Run 'fast-agent auth clear --identity <identity>' to remove a token, or 'fast-agent auth clear --all' to remove all.[/dim]"
+    )
+
+
+@app.command()
+def clear(
+    server: Optional[str] = typer.Argument(None, help="Server name to clear (from config)"),
+    identity: Optional[str] = typer.Option(
+        None, "--identity", help="Token identity (base URL) to clear"
+    ),
+    all: bool = typer.Option(False, "--all", help="Clear tokens for all identities in keyring"),
+    config_path: Optional[str] = typer.Option(None, "--config-path", "-c"),
+) -> None:
+    """Clear stored OAuth tokens from the keyring."""
+    targets_identities: list[str] = []
+    if all:
+        targets_identities = list_keyring_tokens()
+    elif identity:
+        targets_identities = [identity]
+    elif server:
+        settings = get_settings(config_path)
+        rows = _server_rows_from_settings(settings)
+        match = next((r for r in rows if r["name"] == server), None)
+        if not match:
+            typer.echo(f"Server '{server}' not found in config")
+            raise typer.Exit(1)
+        targets_identities = [match["identity"]]
+    else:
+        typer.echo("Provide --identity, a server name, or use --all")
+        raise typer.Exit(1)
+
+    # Confirm destructive action
+    if not typer.confirm("Remove tokens for the selected server(s) from keyring?", default=False):
+        raise typer.Exit()
+
+    removed_any = False
+    for ident in targets_identities:
+        if clear_keyring_token(ident):
+            removed_any = True
+    if removed_any:
+        typer.echo("Tokens removed.")
+    else:
+        typer.echo("No tokens found or nothing removed.")
+
+
+@app.callback(invoke_without_command=True)
+def main(
+    ctx: typer.Context, config_path: Optional[str] = typer.Option(None, "--config-path", "-c")
+) -> None:
+    """Default to showing status if no subcommand is provided."""
+    if ctx.invoked_subcommand is None:
+        try:
+            status(target=None, config_path=config_path)
+        except Exception as e:
+            typer.echo(f"Error showing auth status: {e}")
+
+
+@app.command()
+def login(
+    target: str = typer.Argument(..., help="Server name (from config) or identity (base URL)"),
+    transport: Optional[str] = typer.Option(
+        None, "--transport", help="Transport for identity mode: http or sse"
+    ),
+    config_path: Optional[str] = typer.Option(None, "--config-path", "-c"),
+) -> None:
+    """Start OAuth flow and store tokens for a server.
+
+    Accepts either a configured server name or an identity (base URL).
+    For identity mode, default transport is 'http' (uses <identity>/mcp).
+    """
+    # Resolve to a minimal MCPServerSettings
+    from fast_agent.config import MCPServerAuthSettings, MCPServerSettings
+    from fast_agent.mcp.oauth_client import build_oauth_provider
+
+    cfg = None
+    resolved_transport = None
+
+    if "://" in target:
+        # Identity mode
+        base = _derive_base_server_url(target)
+        if not base:
+            typer.echo("Invalid identity URL")
+            raise typer.Exit(1)
+        resolved_transport = (transport or "http").lower()
+        if resolved_transport not in ("http", "sse"):
+            typer.echo("--transport must be 'http' or 'sse'")
+            raise typer.Exit(1)
+        endpoint = base + ("/mcp" if resolved_transport == "http" else "/sse")
+        cfg = MCPServerSettings(
+            name=base,
+            transport=resolved_transport,
+            url=endpoint,
+            auth=MCPServerAuthSettings(),
+        )
+    else:
+        # Server name mode
+        settings = get_settings(config_path)
+        servers = getattr(getattr(settings, "mcp", None), "servers", {}) or {}
+        cfg = servers.get(target)
+        if not cfg:
+            typer.echo(f"Server '{target}' not found in config")
+            raise typer.Exit(1)
+        resolved_transport = getattr(cfg, "transport", "")
+        if resolved_transport == "stdio":
+            typer.echo("STDIO servers do not support OAuth")
+            raise typer.Exit(1)
+
+    # Build OAuth provider
+    provider = build_oauth_provider(cfg)
+    if provider is None:
+        typer.echo("OAuth is disabled or misconfigured for this server/identity")
+        raise typer.Exit(1)
+
+    async def _run_login():
+        try:
+            # Use appropriate transport; connect and initialize a minimal session
+            if resolved_transport == "http":
+                from mcp.client.session import ClientSession
+                from mcp.client.streamable_http import streamablehttp_client
+
+                async with streamablehttp_client(
+                    cfg.url or "",
+                    getattr(cfg, "headers", None),
+                    auth=provider,
+                ) as (read_stream, write_stream, _get_session_id):
+                    async with ClientSession(read_stream, write_stream) as session:
+                        await session.initialize()
+                        return True
+            elif resolved_transport == "sse":
+                from mcp.client.session import ClientSession
+                from mcp.client.sse import sse_client
+
+                async with sse_client(
+                    cfg.url or "",
+                    getattr(cfg, "headers", None),
+                    auth=provider,
+                ) as (read_stream, write_stream):
+                    async with ClientSession(read_stream, write_stream) as session:
+                        await session.initialize()
+                        return True
+            else:
+                return False
+        except Exception as e:
+            # Surface concise error; detailed logging is in the library
+            typer.echo(f"Login failed: {e}")
+            return False
+
+    import asyncio
+
+    ok = asyncio.run(_run_login())
+    if ok:
+        from fast_agent.mcp.oauth_client import compute_server_identity
+
+        ident = compute_server_identity(cfg)
+        typer.echo(f"Authenticated. Tokens stored for identity: {ident}")
+    else:
+        raise typer.Exit(1)