langchain-trigger-server 0.2.7__tar.gz → 0.2.9__tar.gz

langchain_trigger_server-0.2.9/.github/workflows/release.yml

@@ -0,0 +1,124 @@
+name: Build and publish to PyPI
+
+on:
+  push:
+    branches: [ main ]
+  release:
+    types: [published]
+  workflow_dispatch:
+
+env:
+  PYTHON_VERSION: "3.11"
+  UV_FROZEN: "true"
+  UV_NO_SYNC: "true"
+
+jobs:
+  # First, run lint and test to ensure quality
+  lint-and-test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.11", "3.12"]
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python + uv
+        uses: "./.github/actions/uv_setup"
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install dependencies
+        run: uv sync --group dev
+
+      - name: Run lint
+        run: uv run ruff check .
+
+      - name: Run tests
+        run: uv run pytest tests/
+
+  # Check version and publish package
+  build-and-publish:
+    needs: lint-and-test
+    name: Build and publish Python distribution to PyPI
+    runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/p/langchain-trigger-server
+    permissions:
+      id-token: write  # IMPORTANT: this permission is mandatory for trusted publishing
+      contents: read   # Required for private repository access
+
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Set up Python + uv
+      uses: "./.github/actions/uv_setup"
+      with:
+        python-version: ${{ env.PYTHON_VERSION }}
+
+    - name: Get current version from pyproject.toml
+      id: get-version
+      run: |
+        VERSION=$(python -c "import tomllib; print(tomllib.load(open('pyproject.toml', 'rb'))['project']['version'])")
+        echo "current_version=$VERSION" >> $GITHUB_OUTPUT
+        echo "Current version: $VERSION"
+
+    - name: Get latest PyPI version
+      id: get-pypi-version
+      run: |
+        PYPI_VERSION=$(python -c "
+        import json, urllib.request, urllib.error
+        try:
+            with urllib.request.urlopen('https://pypi.org/pypi/langchain-trigger-server/json') as response:
+                data = json.loads(response.read())
+                print(data['info']['version'])
+        except urllib.error.HTTPError as e:
+            if e.code == 404:
+                print('0.0.0')  # Package doesn't exist yet
+            else:
+                raise
+        ")
+        echo "pypi_version=$PYPI_VERSION" >> $GITHUB_OUTPUT
+        echo "PyPI version: $PYPI_VERSION"
+
+    - name: Compare versions
+      id: compare-versions
+      run: |
+        python -c "
+        from distutils.version import LooseVersion
+        current = LooseVersion('${{ steps.get-version.outputs.current_version }}')
+        pypi = LooseVersion('${{ steps.get-pypi-version.outputs.pypi_version }}')
+        should_publish = current > pypi
+        print(f'Current: {current}, PyPI: {pypi}, Should publish: {should_publish}')
+        " > version_comparison.txt
+        cat version_comparison.txt
+
+        SHOULD_PUBLISH=$(python -c "
+        from distutils.version import LooseVersion
+        current = LooseVersion('${{ steps.get-version.outputs.current_version }}')
+        pypi = LooseVersion('${{ steps.get-pypi-version.outputs.pypi_version }}')
+        print('true' if current > pypi else 'false')
+        ")
+        echo "should_publish=$SHOULD_PUBLISH" >> $GITHUB_OUTPUT
+
+    - name: Build package
+      if: steps.compare-versions.outputs.should_publish == 'true'
+      run: uv build
+
+    - name: Publish package distributions to PyPI
+      if: steps.compare-versions.outputs.should_publish == 'true'
+      uses: pypa/gh-action-pypi-publish@release/v1
+      with:
+        verbose: true
+        print-hash: true
+        attestations: false
+
+    - name: Create summary
+      run: |
+        if [ "${{ steps.compare-versions.outputs.should_publish }}" = "true" ]; then
+          echo "✅ Published langchain-trigger-server v${{ steps.get-version.outputs.current_version }} to PyPI" >> $GITHUB_STEP_SUMMARY
+        else
+          echo "⏭️ Skipped langchain-trigger-server: v${{ steps.get-version.outputs.current_version }} not newer than PyPI v${{ steps.get-pypi-version.outputs.pypi_version }}" >> $GITHUB_STEP_SUMMARY
+        fi

{langchain_trigger_server-0.2.7 → langchain_trigger_server-0.2.9}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: langchain-trigger-server
-Version: 0.2.7
+Version: 0.2.9
 Summary: Generic event-driven triggers framework
 Project-URL: Homepage, https://github.com/langchain-ai/open-agent-platform
 Project-URL: Repository, https://github.com/langchain-ai/open-agent-platform

{langchain_trigger_server-0.2.7 → langchain_trigger_server-0.2.9}/langchain_triggers/app.py

@@ -5,8 +5,10 @@ from __future__ import annotations
 import logging
 import os
 from collections.abc import Callable
+from datetime import UTC, datetime, timedelta
 from typing import Any
 
+import jwt
 from fastapi import Depends, FastAPI, HTTPException, Request
 from langchain_auth.client import Client
 from langgraph_sdk import get_client
@@ -27,6 +29,28 @@ from .triggers.cron_trigger import CRON_TRIGGER_ID
 logger = logging.getLogger(__name__)
 
 
+def get_x_service_jwt_token(
+    payload: dict[str, Any] | None = None, expiration_seconds: int = 60 * 60
+) -> str:
+    exp_datetime = datetime.now(tz=UTC) + timedelta(seconds=expiration_seconds)
+    exp = int(exp_datetime.timestamp())
+
+    payload = payload or {}
+    payload = {
+        "sub": "unspecified",
+        "exp": exp,
+        **payload,
+    }
+
+    secret = os.environ["X_SERVICE_AUTH_JWT_SECRET"]
+
+    return jwt.encode(
+        payload,
+        secret,
+        algorithm="HS256",
+    )
+
+
 class AuthenticationMiddleware(BaseHTTPMiddleware):
     """Middleware to handle authentication for API endpoints."""
 
@@ -106,7 +130,6 @@ class TriggerServer:
 
         # LangGraph configuration
         self.langgraph_api_url = os.getenv("LANGGRAPH_API_URL")
-        self.langsmith_api_key = os.getenv("LANGCHAIN_API_KEY")
         self.trigger_server_auth_api_url = os.getenv("TRIGGER_SERVER_HOST_API_URL")
 
         if not self.langgraph_api_url:
@@ -115,16 +138,10 @@ class TriggerServer:
         self.langgraph_api_url = self.langgraph_api_url.rstrip("/")
 
         # Initialize LangGraph SDK client
-        self.langgraph_client = get_client(
-            url=self.langgraph_api_url, api_key=self.langsmith_api_key
-        )
+        self.langgraph_client = get_client(url=self.langgraph_api_url, api_key=None)
         logger.info(
             f"✓ LangGraph client initialized with URL: {self.langgraph_api_url}"
         )
-        if self.langsmith_api_key:
-            logger.info("✓ LangGraph client initialized with API key.")
-        else:
-            logger.warning("⚠ LangGraph client initialized without API key")
 
         # Initialize LangChain auth client
         langchain_api_key = os.getenv("LANGCHAIN_API_KEY")
@@ -323,6 +340,7 @@ class TriggerServer:
                     raise HTTPException(
                         status_code=400, detail=f"Unknown trigger type: {trigger_id}"
                     )
+                client_metadata = payload.pop("metadata", None)
 
                 # Parse payload into registration model first
                 try:
@@ -368,11 +386,16 @@ class TriggerServer:
 
                 resource_dict = registration_instance.model_dump()
 
+                merged_metadata = {}
+                if client_metadata:
+                    merged_metadata["client_metadata"] = client_metadata
+                merged_metadata.update(result.metadata)
+
                 registration = await self.database.create_trigger_registration(
                     user_id=user_id,
                     template_id=trigger.id,
                     resource=resource_dict,
-                    metadata=result.metadata,
+                    metadata=merged_metadata,
                 )
 
                 if not registration:
@@ -579,6 +602,7 @@ class TriggerServer:
                     body_bytes = await request.body()
                     body_str = body_bytes.decode("utf-8")
 
+                    # TODO(sam/palash): We should not have API specific things in this framework repo. We should clean this up.
                     if self._is_slack_trigger(trigger):
                         await self._verify_slack_webhook_auth_with_body(
                             request, body_str
@@ -623,6 +647,11 @@ class TriggerServer:
                     # Ensure agent_id and user_id are strings for JSON serialization
                     agent_id_str = str(agent_id)
                     user_id_str = str(result.registration["user_id"])
+                    tenant_id_str = str(
+                        result.registration.get("metadata", {})
+                        .get("client_metadata", {})
+                        .get("tenant_id")
+                    )
 
                     agent_input = {"messages": [{"role": "human", "content": message}]}
 
@@ -630,6 +659,7 @@ class TriggerServer:
                         success = await self._invoke_agent(
                             agent_id=agent_id_str,
                             user_id=user_id_str,
+                            tenant_id=tenant_id_str,
                             input_data=agent_input,
                         )
                         if success:
@@ -656,6 +686,7 @@ class TriggerServer:
         self,
         agent_id: str,
         user_id: str,
+        tenant_id: str,
         input_data: dict[str, Any],
     ) -> bool:
         """Invoke LangGraph agent using the SDK."""
@@ -665,20 +696,23 @@ class TriggerServer:
 
         try:
             headers = {
-                "x-auth-scheme": "agent-builder-trigger",
+                "x-api-key": "",
+                "x-auth-scheme": "langsmith-agent",
                 "x-user-id": user_id_str,
+                "x-tenant-id": tenant_id,
+                "x-service-key": get_x_service_jwt_token(
+                    payload={
+                        "tenant_id": tenant_id,
+                        "user_id": user_id_str,
+                    }
+                ),
             }
 
-            # Note: API key is already set in client initialization, no need to add to headers
-            if not self.langsmith_api_key:
-                logger.warning(
-                    "No LANGSMITH_API_KEY available - authentication may fail"
-                )
-
             thread = await self.langgraph_client.threads.create(
                 metadata={
                     "triggered_by": "langchain-triggers",
                     "user_id": user_id_str,
+                    "tenant_id": tenant_id,
                 },
                 headers=headers,
             )
@@ -691,6 +725,7 @@ class TriggerServer:
                 metadata={
                     "triggered_by": "langchain-triggers",
                     "user_id": user_id_str,
+                    "tenant_id": tenant_id,
                 },
                 headers=headers,
             )

{langchain_trigger_server-0.2.7 → langchain_trigger_server-0.2.9}/langchain_triggers/core.py

@@ -88,6 +88,13 @@ class TriggerRegistrationResult(BaseModel):
         """Validate that required fields are provided based on create_registration."""
         if self.create_registration and not self.metadata:
             self.metadata = {}  # Allow empty metadata for create_registration=True
+
+        if "client_metadata" in self.metadata:
+            raise ValueError(
+                "The 'client_metadata' key is reserved for client-provided metadata. "
+                "Registration handlers must not use this key in their metadata."
+            )
+
         if not self.create_registration and (
             not self.response_body or not self.status_code
         ):

{langchain_trigger_server-0.2.7 → langchain_trigger_server-0.2.9}/langchain_triggers/cron_manager.py

@@ -202,6 +202,9 @@ class CronTriggerManager:
         """Execute a cron job - invoke agents. Can be called manually or by scheduler."""
         registration_id = registration["id"]
         user_id = registration["user_id"]
+        tenant_id = (
+            registration.get("metadata", {}).get("client_metadata", {}).get("tenant_id")
+        )
 
         # Get agent links
         agent_links = await self.trigger_server.database.get_agents_for_trigger(
@@ -222,6 +225,7 @@ class CronTriggerManager:
             # Ensure agent_id and user_id are strings for JSON serialization
             agent_id_str = str(agent_id)
             user_id_str = str(user_id)
+            tenant_id_str = str(tenant_id)
 
             current_time = datetime.utcnow()
             current_time_str = current_time.strftime("%A, %B %d, %Y at %H:%M UTC")
@@ -239,6 +243,7 @@ class CronTriggerManager:
                 success = await self.trigger_server._invoke_agent(
                     agent_id=agent_id_str,
                     user_id=user_id_str,
+                    tenant_id=tenant_id_str,
                     input_data=agent_input,
                 )
                 if success:

{langchain_trigger_server-0.2.7 → langchain_trigger_server-0.2.9}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "langchain-trigger-server"
-version = "0.2.7"
+version = "0.2.9"
 description = "Generic event-driven triggers framework"
 readme = "README.md"
 requires-python = ">=3.11"

{langchain_trigger_server-0.2.7 → langchain_trigger_server-0.2.9}/tests/unit/test_trigger_server_api.py

@@ -6,11 +6,11 @@ from unittest.mock import AsyncMock, patch
 import pytest
 import pytest_asyncio
 from httpx import ASGITransport, AsyncClient
+from pydantic import BaseModel
 
 from langchain_triggers import TriggerServer
 
 
-# Mock auth handler that returns a valid user
 async def mock_auth_handler(request_body, headers):
     """Mock authentication handler for testing."""
     auth_header = headers.get("authorization", "")
@@ -21,6 +21,17 @@ async def mock_auth_handler(request_body, headers):
     return {"identity": f"test_user_{token}"}
 
 
+class TestRegistration(BaseModel):
+    """Simple registration model for testing."""
+
+    name: str
+
+
+async def dummy_trigger_handler(payload, query_params, database, auth_client):
+    """Dummy trigger handler for test triggers."""
+    return None
+
+
 # Mock database class
 class MockDatabase:
     """Mock database for testing."""
@@ -354,3 +365,86 @@ async def test_user_isolation(trigger_server):
         data = response.json()
         assert len(data["data"]) == 1
         assert data["data"][0]["user_id"] == "test_user_token2"
+
+
+@pytest.mark.asyncio
+async def test_client_metadata_storage(trigger_server):
+    """Test that client-provided metadata is stored as client_metadata."""
+    from langchain_triggers import TriggerRegistrationResult, TriggerTemplate
+
+    async def test_registration_handler(user_id, auth_client, registration):
+        return TriggerRegistrationResult(metadata={"handler_data": "from_handler"})
+
+    test_trigger = TriggerTemplate(
+        id="test_metadata_trigger",
+        provider="test",
+        name="Test Metadata",
+        description="Tests metadata storage",
+        registration_model=TestRegistration,
+        registration_handler=test_registration_handler,
+        trigger_handler=dummy_trigger_handler,
+    )
+    trigger_server.add_trigger(test_trigger)
+
+    transport = ASGITransport(app=trigger_server.app, raise_app_exceptions=True)
+    async with AsyncClient(base_url="http://localhost", transport=transport) as client:
+        response = await client.post(
+            "/v1/triggers/registrations",
+            headers={"Authorization": "Bearer token1"},
+            json={
+                "type": "test_metadata_trigger",
+                "name": "test",
+                "metadata": {"tenant_id": "org-123"},
+            },
+        )
+
+        assert response.status_code == 200
+        data = response.json()
+        assert data["success"] is True
+
+        # Verify metadata in API response
+        registration_id = data["data"]["id"]
+        metadata = data["data"]["metadata"]
+        assert metadata["client_metadata"]["tenant_id"] == "org-123"
+        assert metadata["handler_data"] == "from_handler"
+
+        # Verify metadata persisted in database
+        db_registration = await trigger_server.database.get_trigger_registration(
+            registration_id, user_id="test_user_token1"
+        )
+        assert db_registration is not None
+        db_metadata = db_registration["metadata"]
+        assert db_metadata["client_metadata"]["tenant_id"] == "org-123"
+        assert db_metadata["handler_data"] == "from_handler"
+
+
+@pytest.mark.asyncio
+async def test_handler_cannot_use_client_metadata_key(trigger_server):
+    """Test that handlers cannot use the reserved client_metadata key."""
+    from langchain_triggers import TriggerRegistrationResult, TriggerTemplate
+
+    async def bad_handler(user_id, auth_client, registration):
+        # Handler tries to use reserved key
+        return TriggerRegistrationResult(metadata={"client_metadata": "not allowed"})
+
+    test_trigger = TriggerTemplate(
+        id="test_bad_handler",
+        provider="test",
+        name="Test Bad Handler",
+        description="Tests validation",
+        registration_model=TestRegistration,
+        registration_handler=bad_handler,
+        trigger_handler=dummy_trigger_handler,
+    )
+    trigger_server.add_trigger(test_trigger)
+
+    transport = ASGITransport(app=trigger_server.app, raise_app_exceptions=True)
+    async with AsyncClient(base_url="http://localhost", transport=transport) as client:
+        response = await client.post(
+            "/v1/triggers/registrations",
+            headers={"Authorization": "Bearer token1"},
+            json={"type": "test_bad_handler", "name": "test"},
+        )
+
+        assert response.status_code == 500
+        assert "client_metadata" in response.json()["detail"]

{langchain_trigger_server-0.2.7 → langchain_trigger_server-0.2.9}/uv.lock

@@ -393,7 +393,7 @@ wheels = [
 
 [[package]]
 name = "langchain-trigger-server"
-version = "0.2.6rc8"
+version = "0.2.9"
 source = { editable = "." }
 dependencies = [
     { name = "apscheduler" },

langchain_trigger_server-0.2.9/version_comparison.txt

@@ -0,0 +1 @@
+Current: 0.2.9, PyPI: 0.2.8, Should publish: True

langchain_trigger_server-0.2.7/.github/workflows/release.yml

@@ -1,38 +0,0 @@
-name: Build and publish to PyPI
-
-on:
-  release:
-    types: [published]
-  workflow_dispatch:
-
-jobs:
-  build-and-publish:
-    name: Build and publish Python distribution to PyPI
-    runs-on: ubuntu-latest
-    environment:
-      name: pypi
-      url: https://pypi.org/p/langchain-trigger-server
-    permissions:
-      id-token: write  # IMPORTANT: this permission is mandatory for trusted publishing
-      contents: read   # Required for private repository access
-      
-    steps:
-    - uses: actions/checkout@v4
-      with:
-        token: ${{ secrets.GITHUB_TOKEN }}
-      
-    - name: Set up Python
-      uses: actions/setup-python@v4
-      with:
-        python-version: "3.11"
-        
-    - name: Install build dependencies
-      run: |
-        python -m pip install --upgrade pip
-        python -m pip install build
-        
-    - name: Build package
-      run: python -m build
-      
-    - name: Publish package distributions to PyPI
-      uses: pypa/gh-action-pypi-publish@release/v1