PyPI - proxyagent - Versions diffs - 0.8.0__tar.gz → 0.9.0__tar.gz - Mend

proxyagent 0.8.0tar.gz → 0.9.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

{proxyagent-0.8.0 → proxyagent-0.9.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: proxyagent
-Version: 0.8.0
+Version: 0.9.0
 Summary: Run any agent (Claude, Codex, custom) on any machine — with no API key on the machine. A secure, self-hosted proxy for models and tools.
 Project-URL: Homepage, https://github.com/teddyoweh/proxyagent
 Author-email: Spawn Labs <teddy@spawnlabs.ai>
@@ -179,9 +179,9 @@ is to centralise *all* of them so the machine running the harness holds only a `
 | **Gemini CLI** | Google | API key · OAuth · Vertex |
 Connect each mode in the dashboard's **Harnesses** tab (or `proxyagent provider add … --kind`).
-**API key, OAuth, AWS Bedrock, and Azure are wired today** — for Bedrock the proxy holds the AWS
-credentials and **SigV4-signs** the Claude-on-Bedrock request itself, so the machine needs no
-AWS at all. (Vertex lands next.) The model providers below are the *backends* for model-agnostic
+**Every auth mode is wired**: API key, OAuth, AWS Bedrock (the proxy SigV4-signs the Claude-on-Bedrock
+request itself), Azure, and Google Vertex (service-account JSON → access token → Claude-on-Vertex).
+For Bedrock/Vertex the proxy holds the AWS/GCP credentials and signs upstream, so the machine needs no cloud creds at all. The model providers below are the *backends* for model-agnostic
 harnesses (aider, Cline…).
 ```bash
@@ -189,6 +189,7 @@ harnesses (aider, Cline…).
 proxyagent provider add anthropic --kind bedrock --key <AWS_SECRET>   # + meta: access_key, region
 proxyagent provider add openai    --kind azure   --key <AZURE_KEY>    # + meta: endpoint
 proxyagent provider add anthropic --kind oauth    --key <OAUTH_TOKEN>
+proxyagent provider add anthropic --kind vertex  --key "$(cat sa.json)"   # + meta: region
 ```
 ## Credential pools & failover

{proxyagent-0.8.0 → proxyagent-0.9.0}/README.md RENAMED Viewed

@@ -147,9 +147,9 @@ is to centralise *all* of them so the machine running the harness holds only a `
 | **Gemini CLI** | Google | API key · OAuth · Vertex |
 Connect each mode in the dashboard's **Harnesses** tab (or `proxyagent provider add … --kind`).
-**API key, OAuth, AWS Bedrock, and Azure are wired today** — for Bedrock the proxy holds the AWS
-credentials and **SigV4-signs** the Claude-on-Bedrock request itself, so the machine needs no
-AWS at all. (Vertex lands next.) The model providers below are the *backends* for model-agnostic
+**Every auth mode is wired**: API key, OAuth, AWS Bedrock (the proxy SigV4-signs the Claude-on-Bedrock
+request itself), Azure, and Google Vertex (service-account JSON → access token → Claude-on-Vertex).
+For Bedrock/Vertex the proxy holds the AWS/GCP credentials and signs upstream, so the machine needs no cloud creds at all. The model providers below are the *backends* for model-agnostic
 harnesses (aider, Cline…).
 ```bash
@@ -157,6 +157,7 @@ harnesses (aider, Cline…).
 proxyagent provider add anthropic --kind bedrock --key <AWS_SECRET>   # + meta: access_key, region
 proxyagent provider add openai    --kind azure   --key <AZURE_KEY>    # + meta: endpoint
 proxyagent provider add anthropic --kind oauth    --key <OAUTH_TOKEN>
+proxyagent provider add anthropic --kind vertex  --key "$(cat sa.json)"   # + meta: region
 ```
 ## Credential pools & failover

{proxyagent-0.8.0 → proxyagent-0.9.0}/proxyagent/__init__.py RENAMED Viewed

@@ -16,7 +16,7 @@ from typing import Optional
 from .harness import run  # noqa: F401  (the headline SDK call)
-__version__ = "0.8.0"
+__version__ = "0.9.0"
 __all__ = ["run", "serve", "create_app", "Config", "Admin", "__version__"]

{proxyagent-0.8.0 → proxyagent-0.9.0}/proxyagent/config.py RENAMED Viewed

@@ -101,7 +101,7 @@ AUTH_LABELS = {"api_key": "API key", "oauth": "OAuth", "bedrock": "AWS Bedrock",
                "vertex": "Google Vertex", "azure": "Azure"}
 # Auth modes that are fully wired today (just a key swap). Others are surfaced in the
 # UI as "available" and built out (Bedrock SigV4 / Vertex token / OAuth refresh).
-AUTH_READY = {"api_key", "oauth", "bedrock", "azure"}
+AUTH_READY = {"api_key", "oauth", "bedrock", "azure", "vertex"}
 @dataclass

{proxyagent-0.8.0 → proxyagent-0.9.0}/proxyagent/providers.py RENAMED Viewed

@@ -70,6 +70,11 @@ def build_plans(provider, store: Store | None, body: dict) -> list[tuple]:
                     plans.append(signers.bedrock_plan(c, body))
                 except Exception:  # noqa: BLE001 — skip a malformed bedrock cred
                     pass
+            elif kind == "vertex":
+                try:
+                    plans.append(signers.vertex_plan(c, body))
+                except Exception:  # noqa: BLE001 — skip if SA invalid / token fetch fails
+                    pass
     if provider.key:
         plans.append((provider.endpoint, {**JSON, **provider.auth_headers()}, raw))
     return plans

{proxyagent-0.8.0 → proxyagent-0.9.0}/proxyagent/signers.py RENAMED Viewed

@@ -9,10 +9,12 @@ Vertex (GCP service-account → access token) lands next.
 from __future__ import annotations
+import base64
 import datetime
 import hashlib
 import hmac
 import json
+import time
 from urllib.parse import quote
@@ -86,3 +88,67 @@ def bedrock_plan(cred: dict, body: dict):
         access_key=meta.get("access_key", ""), secret_key=cred.get("secret", ""),
         body=raw, session_token=meta.get("session_token"))
     return f"https://{host}{path}", headers, raw
+# ------------------------------------------------------------------ #
+# Google Vertex AI — service account → OAuth2 access token → Claude-on-Vertex.
+# The proxy holds the service-account key; the machine holds none.
+# ------------------------------------------------------------------ #
+def _b64url(b: bytes) -> str:
+    return base64.urlsafe_b64encode(b).rstrip(b"=").decode("ascii")
+_VERTEX_TOKEN_CACHE: dict[str, tuple[str, int]] = {}   # client_email -> (token, expiry_ms)
+def vertex_signed_assertion(sa: dict, *, now: int | None = None) -> str:
+    """A signed RS256 JWT bearer assertion for the service account (no network)."""
+    from cryptography.hazmat.primitives import hashes, serialization
+    from cryptography.hazmat.primitives.asymmetric import padding
+    iat = int(now if now is not None else time.time())
+    token_uri = sa.get("token_uri", "https://oauth2.googleapis.com/token")
+    header = {"alg": "RS256", "typ": "JWT"}
+    claims = {"iss": sa["client_email"], "scope": "https://www.googleapis.com/auth/cloud-platform",
+              "aud": token_uri, "iat": iat, "exp": iat + 3600}
+    signing_input = f"{_b64url(json.dumps(header).encode())}.{_b64url(json.dumps(claims).encode())}"
+    key = serialization.load_pem_private_key(sa["private_key"].encode(), password=None)
+    sig = key.sign(signing_input.encode(), padding.PKCS1v15(), hashes.SHA256())
+    return f"{signing_input}.{_b64url(sig)}"
+def vertex_access_token(sa: dict) -> str:
+    """Exchange the SA assertion for a short-lived access token (cached ~1h)."""
+    import httpx
+    email = sa["client_email"]
+    nowms = int(time.time() * 1000)
+    cached = _VERTEX_TOKEN_CACHE.get(email)
+    if cached and cached[1] - 60_000 > nowms:
+        return cached[0]
+    token_uri = sa.get("token_uri", "https://oauth2.googleapis.com/token")
+    r = httpx.post(token_uri, data={
+        "grant_type": "urn:ietf:params:oauth:grant-type:jwt-bearer",
+        "assertion": vertex_signed_assertion(sa)}, timeout=20)
+    r.raise_for_status()
+    body = r.json()
+    tok, ttl = body["access_token"], body.get("expires_in", 3600)
+    _VERTEX_TOKEN_CACHE[email] = (tok, nowms + ttl * 1000)
+    return tok
+def vertex_url(project: str, region: str, model: str) -> str:
+    return (f"https://{region}-aiplatform.googleapis.com/v1/projects/{project}"
+            f"/locations/{region}/publishers/anthropic/models/{quote(model, safe='')}:rawPredict")
+def vertex_plan(cred: dict, body: dict):
+    """(url, headers, body_bytes) for a Claude-on-Vertex rawPredict call."""
+    sa = json.loads(cred["secret"])                      # the full service-account JSON
+    meta = cred.get("meta") or {}
+    region = meta.get("region") or sa.get("region") or "us-east5"
+    project = meta.get("project_id") or sa.get("project_id")
+    payload = {k: v for k, v in body.items() if k != "model"}
+    payload["anthropic_version"] = "vertex-2023-10-16"
+    raw = json.dumps(payload).encode("utf-8")
+    headers = {"content-type": "application/json", "Authorization": f"Bearer {vertex_access_token(sa)}"}
+    return vertex_url(project, region, body.get("model", "")), headers, raw

{proxyagent-0.8.0 → proxyagent-0.9.0}/proxyagent/ui/index.html RENAMED Viewed

@@ -144,7 +144,7 @@ function logo(name,color){color=color||"#888";
 function fieldsFor(uid,kind){
   if(kind==="bedrock")return `<div class="row"><input id="f1_${uid}" placeholder="AWS access key id" style="flex:1"/><input id="f3_${uid}" placeholder="region (us-east-1)" style="width:150px"/></div><input id="f2_${uid}" type="password" placeholder="AWS secret access key" style="width:100%;margin-top:8px"/>`;
   if(kind==="azure")return `<input id="f1_${uid}" placeholder="Azure endpoint URL (…/chat/completions?api-version=…)" style="width:100%"/><input id="f2_${uid}" type="password" placeholder="api-key" style="width:100%;margin-top:8px"/>`;
-  if(kind==="vertex")return `<span class="muted" style="font-size:12px">Vertex (service-account JSON) — coming next.</span>`;
+  if(kind==="vertex")return `<textarea id="f1_${uid}" placeholder="Paste the GCP service-account JSON" style="width:100%;min-height:92px;font:12px ui-monospace,monospace;border:none;border-radius:11px;background:var(--panel2);color:var(--txt);padding:10px 12px;outline:none"></textarea><input id="f3_${uid}" placeholder="region (default us-east5)" style="width:100%;margin-top:8px"/>`;
   return `<input id="f1_${uid}" type="password" placeholder="${kind==='oauth'?'OAuth access token':'API key'}" style="width:100%"/>`;
 }
 function onKind(uid){document.getElementById("ff_"+uid).innerHTML=fieldsFor(uid,document.getElementById("kind_"+uid).value)}
@@ -153,7 +153,7 @@ async function submitCred(uid,provider){
   let secret,meta={};
   if(kind==="bedrock"){secret=g("f2_"+uid);meta={access_key:g("f1_"+uid),region:g("f3_"+uid)||"us-east-1"}}
   else if(kind==="azure"){secret=g("f2_"+uid);meta={endpoint:g("f1_"+uid)}}
-  else if(kind==="vertex"){return}
+  else if(kind==="vertex"){secret=g("f1_"+uid);meta={region:g("f3_"+uid)||"us-east5"}}
   else{secret=g("f1_"+uid)}
   if(!secret)return;
   await api("/admin/providers",{method:"POST",body:JSON.stringify({provider,secret,kind,meta})});refreshKeys();

{proxyagent-0.8.0 → proxyagent-0.9.0}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 [project]
 name = "proxyagent"
-version = "0.8.0"
+version = "0.9.0"
 description = "Run any agent (Claude, Codex, custom) on any machine — with no API key on the machine. A secure, self-hosted proxy for models and tools."
 readme = "README.md"
 requires-python = ">=3.10"

{proxyagent-0.8.0 → proxyagent-0.9.0}/tests/test_proxy.py RENAMED Viewed

@@ -236,3 +236,28 @@ def test_bedrock_plan_and_build_plans():
     s.add_credential("anthropic", "awssecret", kind="bedrock", meta={"access_key": "AKID", "region": "us-east-1"})
     plans = build_plans(PROVIDERS["anthropic"], s, {"model": "claude-sonnet-4-5", "messages": []})
     assert len(plans) == 2 and plans[0][0].endswith("/v1/messages") and "bedrock-runtime" in plans[1][0]
+def test_vertex_assertion_and_url():
+    import base64, json
+    from cryptography.hazmat.primitives import hashes, serialization
+    from cryptography.hazmat.primitives.asymmetric import padding, rsa
+    from proxyagent.signers import vertex_signed_assertion, vertex_url
+    key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
+    pem = key.private_bytes(serialization.Encoding.PEM, serialization.PrivateFormat.PKCS8,
+                            serialization.NoEncryption()).decode()
+    sa = {"client_email": "svc@proj.iam.gserviceaccount.com", "private_key": pem,
+          "token_uri": "https://oauth2.googleapis.com/token"}
+    jwt = vertex_signed_assertion(sa, now=1700000000)
+    parts = jwt.split(".")
+    assert len(parts) == 3
+    b64d = lambda s: base64.urlsafe_b64decode(s + "=" * (-len(s) % 4))
+    header, claims = json.loads(b64d(parts[0])), json.loads(b64d(parts[1]))
+    assert header["alg"] == "RS256" and claims["iss"] == sa["client_email"]
+    assert claims["scope"].endswith("cloud-platform")
+    # signature must verify against the public key (raises on tamper)
+    key.public_key().verify(b64d(parts[2]), (parts[0] + "." + parts[1]).encode(),
+                            padding.PKCS1v15(), hashes.SHA256())
+    assert vertex_url("myproj", "us-east5", "claude-sonnet-4-5") == (
+        "https://us-east5-aiplatform.googleapis.com/v1/projects/myproj/locations/us-east5"
+        "/publishers/anthropic/models/claude-sonnet-4-5:rawPredict")