rasa-pro 3.12.0.dev1__py3-none-any.whl → 3.12.0.dev2__py3-none-any.whl

rasa/shared/providers/_configs/azure_entra_id_client_creds.py

@@ -0,0 +1,40 @@
+from __future__ import annotations
+
+from dataclasses import dataclass, field
+from typing import Any, Dict, List
+
+from azure.identity import ClientSecretCredential
+
+from rasa.shared.providers._configs.oauth_config import OAuth
+
+
+@dataclass
+class AzureEntraIDClientCreds(OAuth):
+    client_id: str
+    client_secret: str
+    tenant_id: str
+    scopes: List[str] = field(default_factory=list)
+
+    @classmethod
+    def from_config(cls, config: Dict[str, Any]) -> AzureEntraIDClientCreds:
+        scopes = config.get("scopes")
+        if isinstance(scopes, str):
+            scopes = [scopes]
+
+        return cls(
+            client_id=config.get("client_id"),
+            client_secret=config.get("client_secret"),
+            tenant_id=config.get("tenant_id"),
+            scopes=scopes,
+        )
+
+    def get_bearer_token(self) -> str:
+        return (
+            ClientSecretCredential(
+                client_id=self.client_id,
+                client_secret=self.client_secret,
+                tenant_id=self.tenant_id,
+            )
+            .get_token(*self.scopes)
+            .token
+        )

rasa/shared/providers/_configs/azure_entra_id_config.py

@@ -0,0 +1,533 @@
+from __future__ import annotations
+
+import abc
+import logging
+from dataclasses import dataclass
+from enum import Enum
+from functools import lru_cache
+from typing import Any, Callable, Dict, List, Optional, Set, Type, TypeVar
+
+import structlog
+from azure.core.credentials import TokenProvider
+from azure.identity import (
+    CertificateCredential,
+    ClientSecretCredential,
+    DefaultAzureCredential,
+)
+
+from rasa.shared.providers._configs.oauth_config import OAUTH_TYPE_FIELD, OAuth
+
+AZURE_CLIENT_ID_FIELD = "client_id"
+AZURE_CLIENT_SECRET_FIELD = "client_secret"
+AZURE_TENANT_ID_FIELD = "tenant_id"
+AZURE_CERTIFICATE_PATH_FIELD = "certificate_path"
+AZURE_CERTIFICATE_PASSWORD_FIELD = "certificate_password"
+AZURE_SEND_CERTIFICATE_CHAIN_FIELD = "send_certificate_chain"
+AZURE_SCOPES_FIELD = "scopes"
+AZURE_AUTHORITY_FIELD = "authority_host"
+AZURE_DISABLE_INSTANCE_DISCOVERY_FIELD = "disable_instance_discovery"
+
+
+azure_logger = logging.getLogger("azure")
+azure_logger.setLevel(logging.DEBUG)
+
+structlogger = structlog.get_logger()
+
+
+class AzureEntraIDOAuthType(str, Enum):
+    """Azure Entra ID OAuth types."""
+
+    AZURE_ENTRA_ID_DEFAULT = "azure_entra_id_default"
+    AZURE_ENTRA_ID_CLIENT_SECRET = "azure_entra_id_client_secret"
+    AZURE_ENTRA_ID_CLIENT_CERTIFICATE = "azure_entra_id_client_certificate"
+
+    # Invalid type is used to indicate that the type
+    # configuration is invalid EntraID or not set.
+    INVALID = "invalid"
+
+    @staticmethod
+    def from_string(value: Optional[str]) -> AzureEntraIDOAuthType:
+        """Converts a string to an AzureOAuthType."""
+        if value is None or value not in AzureEntraIDOAuthType.valid_string_values():
+            return AzureEntraIDOAuthType.INVALID
+
+        return AzureEntraIDOAuthType(value)
+
+    @staticmethod
+    def valid_string_values() -> Set[str]:
+        """Returns the valid string values for the AzureOAuthType."""
+        return {e.value for e in AzureEntraIDOAuthType.valid_values()}
+
+    @staticmethod
+    def valid_values() -> Set[AzureEntraIDOAuthType]:
+        """Returns the valid values for the AzureOAuthType."""
+        return {
+            AzureEntraIDOAuthType.AZURE_ENTRA_ID_DEFAULT,
+            AzureEntraIDOAuthType.AZURE_ENTRA_ID_CLIENT_SECRET,
+            AzureEntraIDOAuthType.AZURE_ENTRA_ID_CLIENT_CERTIFICATE,
+        }
+
+
+# BearerTokenProvider is a callable that returns a bearer token.
+BearerTokenProvider = Callable[[], str]
+
+AzureEntraIDTokenProviderConfigType = TypeVar(
+    "AzureEntraIDTokenProviderConfigType", bound="AzureEntraIDTokenProviderConfig"
+)
+
+
+class AzureEntraIDTokenProviderConfig(abc.ABC):
+    """Interface for Azure Entra ID OAuth credential configuration."""
+
+    @abc.abstractmethod
+    def create_azure_token_provider(self) -> TokenProvider:
+        """Create an Azure Entra ID token provider."""
+        ...
+
+    @classmethod
+    def from_config(
+        cls: AzureEntraIDTokenProviderConfigType, config: Dict[str, Any]
+    ) -> AzureEntraIDTokenProviderConfigType:
+        """Initializes a dataclass from the passed config.
+
+        Args:
+            config: (dict) The config from which to initialize.
+
+        Returns:
+            AzureEntraIDCredential
+        """
+        ...
+
+
+@dataclass
+class AzureEntraIDClientCredentialsConfig(AzureEntraIDTokenProviderConfig):
+    """Azure Entra ID OAuth client credentials configuration.
+
+    Attributes:
+        client_id: The client ID.
+        client_secret: The client secret.
+        tenant_id: The tenant ID.
+        authority_host: The authority host.
+        disable_instance_discovery: Whether to disable instance discovery. This is used
+            to disable fetching metadata from the Azure Instance Metadata Service.
+    """
+
+    client_id: str
+    client_secret: str
+    tenant_id: str
+    authority_host: Optional[str] = None
+    disable_instance_discovery: bool = False
+
+    @staticmethod
+    def required_fields() -> Set[str]:
+        """Returns the required fields for the configuration."""
+        return {AZURE_CLIENT_ID_FIELD, AZURE_TENANT_ID_FIELD, AZURE_CLIENT_SECRET_FIELD}
+
+    @staticmethod
+    def config_has_required_fields(config: Dict[str, Any]) -> bool:
+        """Check if the configuration has all the required fields."""
+        return AzureEntraIDClientCredentialsConfig.required_fields().issubset(
+            set(config.keys())
+        )
+
+    @classmethod
+    def from_config(cls, config: Dict[str, Any]) -> AzureEntraIDClientCredentialsConfig:
+        """Initializes a dataclass from the passed config.
+
+        Args:
+            config: (dict) The config from which to initialize.
+
+        Returns:
+            AzureClientCredentialsConfig
+        """
+        if not cls.config_has_required_fields(config):
+            message = (
+                f"A configuration for Azure client credentials "
+                f"must contain the following keys: {cls.required_fields()}"
+            )
+            structlogger.error(
+                "azure_client_credentials_config.missing_required_keys",
+                message=message,
+                config=config,
+            )
+            raise ValueError(message)
+
+        return cls(
+            client_id=config.pop(AZURE_CLIENT_ID_FIELD),
+            client_secret=config.pop(AZURE_CLIENT_SECRET_FIELD),
+            tenant_id=config.pop(AZURE_TENANT_ID_FIELD),
+            authority_host=config.pop(AZURE_AUTHORITY_FIELD, None),
+            disable_instance_discovery=config.pop(
+                AZURE_DISABLE_INSTANCE_DISCOVERY_FIELD, False
+            ),
+        )
+
+    def create_azure_token_provider(self) -> TokenProvider:
+        """Create a ClientSecretCredential for Azure Entra ID."""
+        return create_azure_entra_id_client_credentials(
+            client_id=self.client_id,
+            client_secret=self.client_secret,
+            tenant_id=self.tenant_id,
+            authority_host=self.authority_host,
+            disable_instance_discovery=self.disable_instance_discovery,
+        )
+
+
+@lru_cache
+def create_azure_entra_id_client_credentials(
+    client_id: str,
+    client_secret: str,
+    tenant_id: str,
+    authority_host: Optional[str] = None,
+    disable_instance_discovery: bool = False,
+) -> ClientSecretCredential:
+    """Creates a ClientSecretCredential for Azure Entra ID.
+
+    We cache the result of this function to avoid creating multiple instances
+    of the same credential. This makes it possible to utilise the token caching
+    and token refreshing functionality of the azure-identity library.
+
+    Args:
+        client_id: The client ID.
+        client_secret: The client secret.
+        tenant_id: The tenant ID.
+        authority_host: The authority host.
+        disable_instance_discovery: Whether to disable instance discovery. This is used
+            to disable fetching metadata from the Azure Instance Metadata Service.
+
+    Returns:
+        ClientSecretCredential
+    """
+    return ClientSecretCredential(
+        client_id=client_id,
+        client_secret=client_secret,
+        tenant_id=tenant_id,
+        authority=authority_host,
+        disable_instance_discovery=disable_instance_discovery,
+    )
+
+
+@dataclass
+class AzureEntraIDClientCertificateConfig(AzureEntraIDTokenProviderConfig):
+    """Azure Entra ID OAuth client certificate configuration.
+
+    Attributes:
+        client_id: The client ID.
+        tenant_id: The tenant ID.
+        certificate_path: The path to the certificate file.
+        certificate_password: The certificate password.
+        send_certificate_chain: Whether to send the certificate chain.
+        authority_host: The authority host.
+        disable_instance_discovery: Whether to disable instance discovery. This is used
+            to disable fetching metadata from the Azure Instance Metadata Service.
+    """
+
+    client_id: str
+    tenant_id: str
+    certificate_path: str
+    certificate_password: Optional[str] = None
+    send_certificate_chain: bool = False
+    authority_host: Optional[str] = None
+    disable_instance_discovery: bool = False
+
+    @staticmethod
+    def required_fields() -> Set[str]:
+        """Returns the required fields for the configuration."""
+        return {
+            AZURE_CLIENT_ID_FIELD,
+            AZURE_TENANT_ID_FIELD,
+            AZURE_CERTIFICATE_PATH_FIELD,
+            AZURE_CERTIFICATE_PASSWORD_FIELD,
+        }
+
+    @staticmethod
+    def config_has_required_fields(config: Dict[str, Any]) -> bool:
+        """Check if the configuration has all the required fields."""
+        return AzureEntraIDClientCertificateConfig.required_fields().issubset(
+            set(config.keys())
+        )
+
+    @classmethod
+    def from_config(
+        cls, config: Dict[str, Any]
+    ) -> Optional[AzureEntraIDClientCertificateConfig]:
+        """Initializes a dataclass from the passed config.
+
+        Args:
+            config: (dict) The config from which to initialize.
+
+        Returns:
+            AzureClientCertificateConfig
+        """
+        if not cls.config_has_required_fields(config):
+            message = (
+                f"A configuration for Azure client certificate "
+                f"must contain "
+                f"the following keys: {cls.required_fields()}"
+            )
+            structlogger.error(
+                "azure_client_certificate_config.validation_error",
+                message=message,
+                config=config,
+            )
+            raise ValueError(message)
+
+        return cls(
+            client_id=config[AZURE_CLIENT_ID_FIELD],
+            tenant_id=config[AZURE_TENANT_ID_FIELD],
+            certificate_path=config[AZURE_CERTIFICATE_PATH_FIELD],
+            certificate_password=config.get(AZURE_CERTIFICATE_PASSWORD_FIELD, None),
+            authority_host=config.get(AZURE_AUTHORITY_FIELD, None),
+            send_certificate_chain=config.get(
+                AZURE_SEND_CERTIFICATE_CHAIN_FIELD, False
+            ),
+            disable_instance_discovery=config.get(
+                AZURE_DISABLE_INSTANCE_DISCOVERY_FIELD, False
+            ),
+        )
+
+    def create_azure_token_provider(self) -> TokenProvider:
+        """Creates a CertificateCredential for Azure Entra ID."""
+        return create_azure_entra_id_certificate_credentials(
+            client_id=self.client_id,
+            tenant_id=self.tenant_id,
+            certificate_path=self.certificate_path,
+            password=self.certificate_password,
+            send_certificate_chain=self.send_certificate_chain,
+            authority_host=self.authority_host,
+            disable_instance_discovery=self.disable_instance_discovery,
+        )
+
+
+@lru_cache
+def create_azure_entra_id_certificate_credentials(
+    tenant_id: str,
+    client_id: str,
+    certificate_path: Optional[str] = None,
+    password: Optional[str] = None,
+    send_certificate_chain: bool = False,
+    authority_host: Optional[str] = None,
+    disable_instance_discovery: bool = False,
+) -> CertificateCredential:
+    """Creates a CertificateCredential for Azure Entra ID.
+
+    We cache the result of this function to avoid creating multiple instances
+    of the same credential. This makes it possible to utilise the token caching
+    and token refreshing functionality of the azure-identity library.
+
+    Args:
+        tenant_id: The tenant ID.
+        client_id: The client ID.
+        certificate_path: The path to the certificate file.
+        password: The certificate password.
+        send_certificate_chain: Whether to send the certificate chain.
+        authority_host: The authority host.
+        disable_instance_discovery: Whether to disable instance discovery. This is used
+
+    Returns:
+        CertificateCredential
+    """
+
+    return CertificateCredential(
+        client_id=client_id,
+        tenant_id=tenant_id,
+        certificate_path=certificate_path,
+        password=password.encode("utf-8") if password else None,
+        send_certificate_chain=send_certificate_chain,
+        authority=authority_host,
+        disable_instance_discovery=disable_instance_discovery,
+    )
+
+
+@dataclass
+class AzureEntraIDDefaultCredentialsConfig(AzureEntraIDTokenProviderConfig):
+    """Azure Entra ID OAuth default credentials configuration.
+
+    Attributes:
+        authority_host: The authority host.
+    """
+
+    authority_host: Optional[str] = None
+
+    @classmethod
+    def from_config(
+        cls, config: Dict[str, Any]
+    ) -> AzureEntraIDDefaultCredentialsConfig:
+        """Initializes a dataclass from the passed config.
+
+        Args:
+            config: (dict) The config from which to initialize.
+
+        Returns:
+            AzureOAuthDefaultCredentialsConfig
+        """
+        return cls(authority_host=config.pop(AZURE_AUTHORITY_FIELD, None))
+
+    def create_azure_token_provider(self) -> TokenProvider:
+        """Creates a DefaultAzureCredential."""
+        return create_azure_entra_id_default_credentials(
+            authority_host=self.authority_host
+        )
+
+
+@lru_cache
+def create_azure_entra_id_default_credentials(
+    authority_host: Optional[str] = None,
+) -> DefaultAzureCredential:
+    """Creates a DefaultAzureCredential.
+
+    We cache the result of this function to avoid creating multiple instances
+    of the same credential. This makes it possible to utilise the token caching
+    functionality of the azure-identity library.
+
+    Args:
+        authority_host: The authority host.
+
+    Returns:
+        DefaultAzureCredential
+    """
+    return DefaultAzureCredential(authority=authority_host)
+
+
+@dataclass
+class AzureEntraIDOAuthConfig(OAuth):
+    """Azure Entra ID OAuth configuration.
+
+    It consists of the scopes and the Azure Entra ID OAuth credentials.
+    """
+
+    scopes: List[str]
+    azure_entra_id_token_provider_config: Optional[AzureEntraIDTokenProviderConfig] = (
+        None
+    )
+
+    @staticmethod
+    def _supported_azure_oauth() -> (
+        Dict[AzureEntraIDOAuthType, Type[AzureEntraIDTokenProviderConfig]]
+    ):
+        """Returns a mapping of supported Azure Entra ID OAuth types to their"""
+        return {
+            AzureEntraIDOAuthType.AZURE_ENTRA_ID_DEFAULT: AzureEntraIDDefaultCredentialsConfig,
+            AzureEntraIDOAuthType.AZURE_ENTRA_ID_CLIENT_SECRET: AzureEntraIDClientCredentialsConfig,
+            AzureEntraIDOAuthType.AZURE_ENTRA_ID_CLIENT_CERTIFICATE: AzureEntraIDClientCertificateConfig,
+        }
+
+    @staticmethod
+    def _get_azure_oauth_by_type(
+        oauth_type: AzureEntraIDOAuthType,
+    ) -> Type[AzureEntraIDTokenProviderConfig]:
+        """Returns the Azure Entra ID OAuth class based on the type.
+
+        Args:
+            oauth_type: (AzureOAuthType) The type of the Azure Entra ID OAuth.
+
+        Returns:
+            The Azure Entra ID OAuth class
+
+        Raises:
+            ValueError: If the passed oauth_type is not supported or invalid.
+        """
+        azure_oauth_types = AzureEntraIDOAuthConfig._supported_azure_oauth()
+        azure_oauth_class = azure_oauth_types.get(oauth_type)
+
+        if azure_oauth_class is None:
+            message = (
+                f"Unsupported Azure Entra ID oauth type: {oauth_type}. "
+                f"Supported types are: {AzureEntraIDOAuthType.valid_string_values()}"
+            )
+            structlogger.error(
+                "azure_oauth_config.unsupported_azure_oauth_type",
+                message=message,
+            )
+            raise ValueError(message)
+
+        return azure_oauth_class
+
+    @classmethod
+    def from_config(cls, oauth_config: Dict[str, Any]) -> AzureEntraIDOAuthConfig:
+        """Initializes a dataclass from the passed config.
+
+        Args:
+            oauth_config: (dict) The config from which to initialize.
+
+        Returns:
+            AzureOAuthConfig
+        """
+        scopes = AzureEntraIDOAuthConfig._read_scopes_from_config(oauth_config)
+        azure_credentials = (
+            AzureEntraIDOAuthConfig._create_azure_entra_id_client_from_config(
+                oauth_config
+            )
+        )
+        return cls(
+            azure_entra_id_token_provider_config=azure_credentials, scopes=scopes
+        )
+
+    @staticmethod
+    def _read_scopes_from_config(oauth_config: Dict[str, Any]) -> List[str]:
+        """Reads scopes from the configuration.
+
+        The original scopes are removed from the configuration.
+
+        Args:
+            oauth_config: (dict) The configuration from which to read the scopes.
+
+        Returns:
+            List[str]: The list of scopes.
+        """
+        scopes = oauth_config.pop(AZURE_SCOPES_FIELD, "")
+
+        if not scopes:
+            message = "Azure Entra ID scopes cannot be empty."
+            structlogger.error(
+                "azure_oauth_config.scopes_empty",
+                message=message,
+            )
+            raise ValueError(message)
+
+        if isinstance(scopes, str):
+            scopes = [scopes]
+
+        return scopes
+
+    @staticmethod
+    def _create_azure_entra_id_client_from_config(
+        oauth_config: Dict[str, Any],
+    ) -> AzureEntraIDTokenProviderConfig:
+        """Creates an Azure Entra ID client from the configuration.
+
+        Args:
+            oauth_config: (dict) The configuration from which to create the credential.
+
+        Returns:
+            AzureEntraIDTokenProviderConfig: The Azure OAuth credential.
+        """
+
+        oauth_type = AzureEntraIDOAuthType.from_string(
+            oauth_config.pop(OAUTH_TYPE_FIELD, None)
+        )
+
+        if oauth_type == AzureEntraIDOAuthType.INVALID:
+            message = (
+                "Azure Entra ID oauth configuration must contain "
+                f"'{OAUTH_TYPE_FIELD}' field and it must be set to one of the "
+                f"following values: {AzureEntraIDOAuthType.valid_string_values()}, "
+            )
+            structlogger.error(
+                "azure_oauth_config.missing_azure_oauth_type",
+                message=message,
+            )
+            raise ValueError(message)
+
+        azure_oauth_class = AzureEntraIDOAuthConfig._get_azure_oauth_by_type(oauth_type)
+        return azure_oauth_class.from_config(oauth_config)
+
+    def _create_azure_credential(
+        self,
+    ) -> TokenProvider:
+        """Create an Azure Entra ID client which can be used to get a bearer token."""
+        return self.azure_entra_id_token_provider_config.create_azure_token_provider()
+
+    def get_bearer_token(self) -> str:
+        """Returns a bearer token."""
+        return self._create_azure_credential().get_token(*self.scopes).token

rasa/shared/providers/_configs/azure_openai_client_config.py

@@ -1,20 +1,15 @@
 from __future__ import annotations
 
-import logging
-from abc import abstractmethod
+from copy import deepcopy
 from dataclasses import asdict, dataclass, field
-from enum import Enum
-from functools import lru_cache
-from typing import Any, Callable, Coroutine, Dict, List, Optional, Protocol, Set
+from typing import (
+    Any,
+    Dict,
+    Optional,
+    Set,
+)
 
 import structlog
-from azure.core.credentials import TokenProvider
-from azure.identity import (
-    CertificateCredential,
-    ClientSecretCredential,
-    DefaultAzureCredential,
-    get_bearer_token_provider,
-)
 
 from rasa.shared.constants import (
     API_BASE_CONFIG_KEY,
@@ -39,12 +34,22 @@ from rasa.shared.constants import (
     STREAM_CONFIG_KEY,
     TIMEOUT_CONFIG_KEY,
 )
+from rasa.shared.providers._configs.azure_entra_id_config import (
+    AzureEntraIDOAuthConfig,
+    AzureEntraIDOAuthType,
+)
+from rasa.shared.providers._configs.oauth_config import (
+    OAUTH_KEY,
+    OAUTH_TYPE_FIELD,
+    OAuth,
+)
 from rasa.shared.providers._configs.utils import (
     raise_deprecation_warnings,
     resolve_aliases,
     validate_forbidden_keys,
     validate_required_keys,
 )
+from rasa.shared.utils.common import class_from_module_path
 
 structlogger = structlog.get_logger()
 
@@ -75,387 +80,33 @@ FORBIDDEN_KEYS = [
 ]
 
 
-AZURE_CLIENT_ID_FIELD = "client_id"
-AZURE_CLIENT_SECRET_FIELD = "client_secret"
-AZURE_TENANT_ID_FIELD = "tenant_id"
-AZURE_CERTIFICATE_PATH_FIELD = "certificate_path"
-AZURE_CERTIFICATE_PASSWORD_FIELD = "certificate_password"
-AZURE_SEND_CERTIFICATE_CHAIN_FIELD = "send_certificate_chain"
-AZURE_SCOPES_FIELD = "scopes"
-AZURE_AUTHORITY_FIELD = "authority_host"
-AZURE_DISABLE_INSTANCE_DISCOVERY_FIELD = "disable_instance_discovery"
-OAUTH_TYPE_FIELD = "type"
-AZURE_OAUTH_KEY = "oauth"
-
-
-azure_logger = logging.getLogger("azure")
-azure_logger.setLevel(logging.DEBUG)
-
-
-class AzureOAuthType(str, Enum):
-    AZURE_DEFAULT = "default"
-    AZURE_CLIENT_SECRET = "client_secret"
-    AZURE_CLIENT_CERTIFICATE = "client_certificate"
-    # Invalid type is used to indicate that the type
-    # configuration is invalid or not set.
-    INVALID = "invalid"
-
-    @staticmethod
-    def from_string(value: Optional[str]) -> AzureOAuthType:
-        if value is None or value not in AzureOAuthType.valid_string_values():
-            return AzureOAuthType.INVALID
-
-        return AzureOAuthType(value)
-
-    @staticmethod
-    def valid_string_values() -> Set[str]:
-        return {e.value for e in AzureOAuthType.valid_values()}
-
-    @staticmethod
-    def valid_values() -> Set[AzureOAuthType]:
-        return {
-            AzureOAuthType.AZURE_DEFAULT,
-            AzureOAuthType.AZURE_CLIENT_SECRET,
-            AzureOAuthType.AZURE_CLIENT_CERTIFICATE,
-        }
-
-
-class AzureAuthType(str, Enum):
-    API_KEY = "api_key"
-    OAUTH = "oauth"
-
-    @staticmethod
-    def from_string(value: str) -> AzureAuthType:
-        try:
-            return AzureAuthType(value)
-        except ValueError:
-            raise ValueError(f"Invalid AzureAuthType value: {value}")
-
-    def __str__(self) -> str:
-        return self.value
-
-
-DEFAULT_AUTH_TYPE = AzureAuthType.API_KEY
-
-
-BearerTokenProvider = Callable[[], Coroutine[Any, Any, str]]
-
-
-class AzureEntraIDCredential(Protocol):
-    @abstractmethod
-    def create_azure_credential(self) -> TokenProvider: ...
-    @abstractmethod
-    def to_dict(self) -> dict: ...
-
-
 @dataclass
-class AzureClientCredentialsConfig:
-    """Azure OAuth client credentials configuration.
-
-    Attributes:
-        client_id: The client ID.
-        client_secret: The client secret.
-        tenant_id: The tenant ID.
-        authority_host: The authority host.
-        disable_instance_discovery: Whether to disable instance discovery. This is used
-            to disable fetching metadata from the Azure Instance Metadata Service.
-    """
-
-    client_id: str
-    client_secret: str
-    tenant_id: str
-    authority_host: Optional[str] = None
-    disable_instance_discovery: bool = False
-
-    @staticmethod
-    def required_fields() -> Set[str]:
-        """Returns the required fields for the configuration."""
-        return {AZURE_CLIENT_ID_FIELD, AZURE_TENANT_ID_FIELD, AZURE_CLIENT_SECRET_FIELD}
-
-    @staticmethod
-    def config_has_required_fields(config: Dict[str, Any]) -> bool:
-        """Check if the configuration has all the required fields."""
-        return AzureClientCredentialsConfig.required_fields().issubset(
-            set(config.keys())
-        )
+class OAuthConfigWrapper(OAuth):
+    """Wrapper for OAuth configuration.
 
-    @classmethod
-    def from_config(cls, config: Dict[str, Any]) -> AzureClientCredentialsConfig:
-        """Initializes a dataclass from the passed config.
+    It's main purpose is to provide to_dict method which is used to serialize
+    the oauth configuration to the original format.
 
-        Args:
-            config: (dict) The config from which to initialize.
-
-        Returns:
-            AzureClientCredentialsConfig
-        """
-        if not cls.config_has_required_fields(config):
-            message = (
-                f"A configuration for Azure client credentials "
-                f"must contain the following keys: {cls.required_fields()}"
-            )
-            structlogger.error(
-                "azure_client_credentials_config.missing_required_keys",
-                message=message,
-                config=config,
-            )
-            raise ValueError(message)
-
-        return cls(
-            client_id=config.pop(AZURE_CLIENT_ID_FIELD),
-            client_secret=config.pop(AZURE_CLIENT_SECRET_FIELD),
-            tenant_id=config.pop(AZURE_TENANT_ID_FIELD),
-            authority_host=config.pop(AZURE_AUTHORITY_FIELD, None),
-            disable_instance_discovery=config.pop(
-                AZURE_DISABLE_INSTANCE_DISCOVERY_FIELD, False
-            ),
-        )
-
-    def to_dict(self) -> dict:
-        """Converts the config instance into a dictionary."""
-        result = asdict(self)
-        result[OAUTH_TYPE_FIELD] = AzureOAuthType.AZURE_CLIENT_SECRET.value
-        return result
-
-    def create_azure_credential(self) -> TokenProvider:
-        return create_client_credentials(
-            client_id=self.client_id,
-            client_secret=self.client_secret,
-            tenant_id=self.tenant_id,
-            authority_host=self.authority_host,
-            disable_instance_discovery=self.disable_instance_discovery,
-        )
-
-
-@lru_cache
-def create_client_credentials(
-    client_id: str,
-    client_secret: str,
-    tenant_id: str,
-    authority_host: Optional[str] = None,
-    disable_instance_discovery: bool = False,
-) -> ClientSecretCredential:
-    """Create a ClientSecretCredential.
-
-    We cache the result of this function to avoid creating multiple instances
-    of the same credential. This makes it possible to utilise the token caching
-    functionality of the azure-identity library.
-
-    Args:
-        client_id: The client ID.
-        client_secret: The client secret.
-        tenant_id: The tenant ID.
-        authority_host: The authority host.
-        disable_instance_discovery: Whether to disable instance discovery. This is used
-            to disable fetching metadata from the Azure Instance Metadata Service.
-
-    Returns:
-        ClientSecretCredential
     """
-    return ClientSecretCredential(
-        client_id=client_id,
-        client_secret=client_secret,
-        tenant_id=tenant_id,
-        authority=authority_host,
-        disable_instance_discovery=disable_instance_discovery,
-    )
 
+    oauth: OAuth
+    original_config: Dict[str, Any]
 
-@dataclass
-class AzureClientCertificateConfig:
-    """Azure OAuth client certificate configuration.
-
-    Attributes:
-        client_id: The client ID.
-        tenant_id: The tenant ID.
-        certificate_path: The path to the certificate file.
-        certificate_password: The certificate password.
-        send_certificate_chain: Whether to send the certificate chain.
-        authority_host: The authority host.
-        disable_instance_discovery: Whether to disable instance discovery. This is used
-            to disable fetching metadata from the Azure Instance Metadata Service.
-    """
-
-    client_id: str
-    tenant_id: str
-    certificate_path: str
-    certificate_password: Optional[str] = None
-    send_certificate_chain: bool = False
-    authority_host: Optional[str] = None
-    disable_instance_discovery: bool = False
+    def get_bearer_token(self) -> str:
+        """Returns a bearer token."""
+        return self.oauth.get_bearer_token()
 
-    @staticmethod
-    def required_fields() -> Set[str]:
-        """Returns the required fields for the configuration."""
-        return {
-            AZURE_CLIENT_ID_FIELD,
-            AZURE_TENANT_ID_FIELD,
-            AZURE_CERTIFICATE_PATH_FIELD,
-            AZURE_CERTIFICATE_PASSWORD_FIELD,
-        }
+    def to_dict(self) -> Dict[str, Any]:
+        """Converts the OAuth configuration to the original format."""
+        return self.original_config
 
     @staticmethod
-    def config_has_required_fields(config: Dict[str, Any]) -> bool:
-        """Check if the configuration has all the required fields."""
-        return AzureClientCertificateConfig.required_fields().issubset(
-            set(config.keys())
-        )
+    def _valid_type_values() -> Set[str]:
+        """Returns the valid built-in values for the `type` field in the `oauth`."""
+        return AzureEntraIDOAuthType.valid_string_values()
 
     @classmethod
-    def from_config(
-        cls, config: Dict[str, Any]
-    ) -> Optional[AzureClientCertificateConfig]:
-        """Initializes a dataclass from the passed config.
-
-        Args:
-            config: (dict) The config from which to initialize.
-
-        Returns:
-            AzureClientCertificateConfig
-        """
-        if not cls.config_has_required_fields(config):
-            message = (
-                f"A configuration for Azure client certificate "
-                f"must contain "
-                f"the following keys: {cls.required_fields()}"
-            )
-            structlogger.error(
-                "azure_client_certificate_config.validation_error",
-                message=message,
-                config=config,
-            )
-            raise ValueError(message)
-
-        return cls(
-            client_id=config[AZURE_CLIENT_ID_FIELD],
-            tenant_id=config[AZURE_TENANT_ID_FIELD],
-            certificate_path=config[AZURE_CERTIFICATE_PATH_FIELD],
-            certificate_password=config.get(AZURE_CERTIFICATE_PASSWORD_FIELD, None),
-            authority_host=config.get(AZURE_AUTHORITY_FIELD, None),
-            send_certificate_chain=config.get(
-                AZURE_SEND_CERTIFICATE_CHAIN_FIELD, False
-            ),
-            disable_instance_discovery=config.get(
-                AZURE_DISABLE_INSTANCE_DISCOVERY_FIELD, False
-            ),
-        )
-
-    def to_dict(self) -> dict:
-        """Converts the config instance into a dictionary."""
-        result = asdict(self)
-        result[OAUTH_TYPE_FIELD] = AzureOAuthType.AZURE_CLIENT_CERTIFICATE.value
-        return result
-
-    def create_azure_credential(self) -> TokenProvider:
-        return create_certificate_credentials(
-            client_id=self.client_id,
-            tenant_id=self.tenant_id,
-            certificate_path=self.certificate_path,
-            password=self.certificate_password,
-            send_certificate_chain=self.send_certificate_chain,
-            authority_host=self.authority_host,
-            disable_instance_discovery=self.disable_instance_discovery,
-        )
-
-
-@lru_cache
-def create_certificate_credentials(
-    tenant_id: str,
-    client_id: str,
-    certificate_path: Optional[str] = None,
-    password: Optional[str] = None,
-    send_certificate_chain: bool = False,
-    authority_host: Optional[str] = None,
-    disable_instance_discovery: bool = False,
-) -> CertificateCredential:
-    """Create a CertificateCredential.
-
-    We cache the result of this function to avoid creating multiple instances
-    of the same credential. This makes it possible to utilise the token caching
-    functionality of the azure-identity library.
-
-    Args:
-        tenant_id: The tenant ID.
-        client_id: The client ID.
-        certificate_path: The path to the certificate file.
-        password: The certificate password.
-        send_certificate_chain: Whether to send the certificate chain.
-        authority_host: The authority host.
-        disable_instance_discovery: Whether to disable instance discovery. This is used
-
-    Returns:
-        CertificateCredential
-    """
-
-    return CertificateCredential(
-        client_id=client_id,
-        tenant_id=tenant_id,
-        certificate_path=certificate_path,
-        password=password.encode("utf-8") if password else None,
-        send_certificate_chain=send_certificate_chain,
-        authority=authority_host,
-        disable_instance_discovery=disable_instance_discovery,
-    )
-
-
-@dataclass
-class AzureOAuthDefaultCredentialsConfig:
-    """Azure OAuth default credentials configuration.
-
-    Attributes:
-        authority_host: The authority host.
-    """
-
-    authority_host: Optional[str] = None
-
-    @classmethod
-    def from_config(cls, config: Dict[str, Any]) -> AzureOAuthDefaultCredentialsConfig:
-        """Initializes a dataclass from the passed config.
-
-        Args:
-            config: (dict) The config from which to initialize.
-
-        Returns:
-            AzureOAuthDefaultCredentialsConfig
-        """
-        return cls(authority_host=config.pop(AZURE_AUTHORITY_FIELD, None))
-
-    def to_dict(self) -> dict:
-        """Converts the config instance into a dictionary."""
-        result = asdict(self)
-        result[OAUTH_TYPE_FIELD] = AzureOAuthType.AZURE_DEFAULT.value
-        return result
-
-    def create_azure_credential(self) -> TokenProvider:
-        return create_default_credentials(authority_host=self.authority_host)
-
-
-@lru_cache
-def create_default_credentials(
-    authority_host: Optional[str] = None,
-) -> DefaultAzureCredential:
-    """Create a DefaultAzureCredential.
-
-    We cache the result of this function to avoid creating multiple instances
-    of the same credential. This makes it possible to utilise the token caching
-    functionality of the azure-identity library.
-
-    Args:
-        authority_host: The authority host.
-
-    Returns:
-        DefaultAzureCredential
-    """
-    return DefaultAzureCredential(authority=authority_host)
-
-
-@dataclass
-class AzureOAuthConfig:
-    scopes: List[str]
-    azure_credentials: Optional[AzureEntraIDCredential] = None
-
-    @classmethod
-    def from_config(cls, oauth_config: Dict[str, Any]) -> AzureOAuthConfig:
+    def from_config(cls, oauth_config: Dict[str, Any]) -> OAuth:
         """Initializes a dataclass from the passed config.
 
         Args:
@@ -464,15 +115,16 @@ class AzureOAuthConfig:
         Returns:
             AzureOAuthConfig
         """
-        oauth_type = AzureOAuthType.from_string(
-            oauth_config.pop(OAUTH_TYPE_FIELD, None)
-        )
+        original_config = deepcopy(oauth_config)
+
+        oauth_type: Optional[str] = oauth_config.get(OAUTH_TYPE_FIELD, None)
 
-        if oauth_type == AzureOAuthType.INVALID:
+        if oauth_type is None:
             message = (
-                "Azure Entra ID oauth configuration must contain "
+                "Oauth configuration must contain "
                 f"'{OAUTH_TYPE_FIELD}' field and it must be set to one of the "
-                f"following values: {AzureOAuthType.valid_string_values()}, "
+                f"following values: {OAuthConfigWrapper._valid_type_values()}, "
+                f"or to the path of module which is implementing {OAuth.__name__} protocol."
             )
             structlogger.error(
                 "azure_oauth_config.missing_oauth_type",
@@ -480,52 +132,22 @@ class AzureOAuthConfig:
             )
             raise ValueError(message)
 
-        azure_credentials = None
-        if oauth_type == AzureOAuthType.AZURE_CLIENT_SECRET:
-            azure_credentials = AzureClientCredentialsConfig.from_config(oauth_config)
-        elif oauth_type == AzureOAuthType.AZURE_CLIENT_CERTIFICATE:
-            azure_credentials = AzureClientCertificateConfig.from_config(oauth_config)
-        elif oauth_type == AzureOAuthType.AZURE_DEFAULT:
-            azure_credentials = AzureOAuthDefaultCredentialsConfig.from_config(
-                oauth_config
-            )
-
-        scopes = oauth_config.pop(AZURE_SCOPES_FIELD, "")
-
-        if not scopes:
-            message = "Azure Entra ID scopes cannot be empty."
-            structlogger.error(
-                "azure_oauth_config.scopes_empty",
-                message=message,
-            )
-            raise ValueError(message)
-
-        if isinstance(scopes, str):
-            scopes = [scopes]
-
-        return cls(azure_credentials=azure_credentials, scopes=scopes)
-
-    def create_azure_credential(
-        self,
-    ) -> TokenProvider:
-        return self.azure_credentials.create_azure_credential()
+        if oauth_type in AzureEntraIDOAuthType.valid_string_values():
+            oauth = AzureEntraIDOAuthConfig.from_config(oauth_config)
+        else:
+            module = class_from_module_path(oauth_type)
 
-    def to_dict(self) -> dict:
-        """Converts the config instance into a dictionary."""
-        credentials_dict = (
-            self.azure_credentials.to_dict() if self.azure_credentials else {}
-        )
-        result = asdict(self)
-        result.update(credentials_dict)
-        result.pop("azure_credentials", None)
-        return result
+            if not issubclass(module, OAuth):
+                message = f"Module {oauth_type} does not implement {OAuth.__name__} interface."
+                structlogger.error(
+                    "azure_oauth_config.invalid_oauth_module",
+                    message=message,
+                )
+                raise ValueError(message)
 
-    def get_bearer_token_provider(self) -> BearerTokenProvider:
-        return get_bearer_token_provider(self.create_azure_credential(), *self.scopes)
+            oauth = module.from_config(oauth_config)
 
-    def get_bearer_token(self) -> str:
-        token = self.create_azure_credential().get_token(*self.scopes).token
-        return token
+        return cls(oauth=oauth, original_config=original_config)
 
 
 @dataclass
@@ -552,7 +174,7 @@ class AzureOpenAIClientConfig:
     provider: str = AZURE_OPENAI_PROVIDER
 
     # OAuth related parameters
-    oauth: Optional[AzureOAuthConfig] = None
+    oauth: Optional[OAuthConfigWrapper] = None
 
     extra_parameters: dict = field(default_factory=dict)
 
@@ -600,13 +222,13 @@ class AzureOpenAIClientConfig:
         # Init client config
 
         has_api_key = config.get(API_KEY, None) is not None
-        has_oauth_key = config.get(AZURE_OAUTH_KEY, None) is not None
+        has_oauth_key = config.get(OAUTH_KEY, None) is not None
 
         if has_api_key and has_oauth_key:
             message = (
                 "Azure OpenAI client configuration cannot contain "
-                "both 'api_key' and 'oauth' fields. Please provide either "
-                "'api_key' or 'oauth' fields."
+                f"both '{API_KEY}' and '{OAUTH_KEY}' fields. Please provide either "
+                f"'{API_KEY}' or '{OAUTH_KEY}' fields."
             )
             structlogger.error(
                 "azure_openai_client_config.multiple_auth_types_specified",
@@ -616,7 +238,7 @@ class AzureOpenAIClientConfig:
 
         oauth = None
         if has_oauth_key:
-            oauth = AzureOAuthConfig.from_config(config.pop(AZURE_OAUTH_KEY))
+            oauth = OAuthConfigWrapper.from_config(config.pop(OAUTH_KEY))
 
         this = AzureOpenAIClientConfig(
             # Required parameters

rasa/shared/providers/_configs/oauth_config.py

@@ -0,0 +1,33 @@
+import abc
+from typing import Any, Dict, TypeVar
+
+OAUTH_TYPE_FIELD = "type"
+OAUTH_KEY = "oauth"
+
+OAuthType = TypeVar("OAuthType", bound="OAuth")
+
+
+class OAuth(abc.ABC):
+    """Interface for OAuth configuration."""
+
+    @classmethod
+    @abc.abstractmethod
+    def from_config(cls: OAuthType, config: Dict[str, Any]) -> OAuthType:
+        """Initializes a dataclass from the passed config.
+
+        Args:
+            config: (dict) The config from which to initialize.
+
+        Returns:
+            OAuth
+        """
+        ...
+
+    @abc.abstractmethod
+    def get_bearer_token(self) -> str:
+        """Returns a bearer token.
+
+        Bear token is used to authenticate requests to the Azure Oopen AI instance's API protected
+        by the Gateway.
+        """
+        ...

rasa/shared/providers/constants.py

@@ -3,5 +3,4 @@ LITE_LLM_API_BASE_FIELD = "api_base"
 LITE_LLM_API_KEY_FIELD = "api_key"
 LITE_LLM_API_VERSION_FIELD = "api_version"
 LITE_LLM_MODEL_FIELD = "model"
-LITE_LLM_AZURE_AD_TOKEN_PROVIDER = "azure_ad_token_provider"
 LITE_LLM_AZURE_AD_TOKEN = "azure_ad_token"

rasa/shared/providers/embedding/azure_openai_embedding_client.py

@@ -19,14 +19,13 @@ from rasa.shared.constants import (
 )
 from rasa.shared.exceptions import ProviderClientValidationError
 from rasa.shared.providers._configs.azure_openai_client_config import (
-    AzureOAuthConfig,
+    AzureEntraIDOAuthConfig,
     AzureOpenAIClientConfig,
 )
 from rasa.shared.providers.constants import (
     DEFAULT_AZURE_API_KEY_NAME,
     LITE_LLM_API_KEY_FIELD,
     LITE_LLM_AZURE_AD_TOKEN,
-    LITE_LLM_AZURE_AD_TOKEN_PROVIDER,
 )
 from rasa.shared.providers.embedding._base_litellm_embedding_client import (
     _BaseLiteLLMEmbeddingClient,
@@ -48,7 +47,7 @@ class AzureOpenAIEmbeddingClient(_BaseLiteLLMEmbeddingClient):
             If not provided, it will be set via environment variable.
         api_version (Optional[str]): The version of the API to use.
             If not provided, it will be set via environment variable.
-        oauth (Optional[AzureOAuthConfig]): Optional OAuth configuration. If provided,
+        oauth (Optional[AzureEntraIDOAuthConfig]): Optional OAuth configuration. If provided,
             the client will use OAuth for authentication.
         kwargs (Optional[Dict[str, Any]]): Optional configuration parameters specific
             to the embedding model deployment.
@@ -66,7 +65,7 @@ class AzureOpenAIEmbeddingClient(_BaseLiteLLMEmbeddingClient):
         api_base: Optional[str] = None,
         api_type: Optional[str] = None,
         api_version: Optional[str] = None,
-        oauth: Optional[AzureOAuthConfig] = None,
+        oauth: Optional[AzureEntraIDOAuthConfig] = None,
         **kwargs: Any,
     ):
         super().__init__()  # type: ignore
@@ -238,7 +237,6 @@ class AzureOpenAIEmbeddingClient(_BaseLiteLLMEmbeddingClient):
         auth_parameter = (
             {
                 LITE_LLM_AZURE_AD_TOKEN: self._oauth.get_bearer_token(),
-                LITE_LLM_AZURE_AD_TOKEN_PROVIDER: self._oauth.get_bearer_token_provider(),  # noqa: E501
             }
             if self._oauth
             else {LITE_LLM_API_KEY_FIELD: self._api_key_env_var}

rasa/shared/providers/llm/azure_openai_llm_client.py

@@ -23,7 +23,7 @@ from rasa.shared.constants import (
 )
 from rasa.shared.exceptions import ProviderClientValidationError
 from rasa.shared.providers._configs.azure_openai_client_config import (
-    AzureOAuthConfig,
+    AzureEntraIDOAuthConfig,
     AzureOpenAIClientConfig,
 )
 from rasa.shared.providers.constants import (
@@ -32,7 +32,6 @@ from rasa.shared.providers.constants import (
     LITE_LLM_API_KEY_FIELD,
     LITE_LLM_API_VERSION_FIELD,
     LITE_LLM_AZURE_AD_TOKEN,
-    LITE_LLM_AZURE_AD_TOKEN_PROVIDER,
 )
 from rasa.shared.providers.llm._base_litellm_client import _BaseLiteLLMClient
 from rasa.shared.utils.io import raise_deprecation_warning
@@ -86,7 +85,7 @@ class AzureOpenAILLMClient(_BaseLiteLLMClient):
         api_type: Optional[str] = None,
         api_base: Optional[str] = None,
         api_version: Optional[str] = None,
-        oauth: Optional[AzureOAuthConfig] = None,
+        oauth: Optional[AzureEntraIDOAuthConfig] = None,
         **kwargs: Any,
     ):
         super().__init__()  # type: ignore
@@ -329,7 +328,6 @@ class AzureOpenAILLMClient(_BaseLiteLLMClient):
         auth_parameter = (
             {
                 LITE_LLM_AZURE_AD_TOKEN: self._oauth.get_bearer_token(),
-                LITE_LLM_AZURE_AD_TOKEN_PROVIDER: self._oauth.get_bearer_token_provider(),  # noqa: E501
             }
             if self._oauth
             else {LITE_LLM_API_KEY_FIELD: self._api_key_env_var}

rasa/version.py

@@ -1,3 +1,3 @@
 # this file will automatically be changed,
 # do not add anything but the version number here!
-__version__ = "3.12.0dev1"
+__version__ = "3.12.0dev2"

{rasa_pro-3.12.0.dev1.dist-info → rasa_pro-3.12.0.dev2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: rasa-pro
-Version: 3.12.0.dev1
+Version: 3.12.0.dev2
 Summary: State-of-the-art open-core Conversational AI framework for Enterprises that natively leverages generative AI for effortless assistant development.
 Home-page: https://rasa.com
 Keywords: nlp,machine-learning,machine-learning-library,bot,bots,botkit,rasa conversational-agents,conversational-ai,chatbot,chatbot-framework,bot-framework

{rasa_pro-3.12.0.dev1.dist-info → rasa_pro-3.12.0.dev2.dist-info}/RECORD

@@ -672,23 +672,26 @@ rasa/shared/nlu/training_data/training_data.py,sha256=KY51CJD9NY6vs9Zs7e-ivtyIYJ
 rasa/shared/nlu/training_data/util.py,sha256=mom7CxLKI5RfOpsJrAKL281a_b01sIcQsr04gSmEEbU,7049
 rasa/shared/providers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 rasa/shared/providers/_configs/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-rasa/shared/providers/_configs/azure_openai_client_config.py,sha256=4CwnOv5X0VQ7WbfGdT_x_Fkx5WHBYRDIUPKxH8iC6TY,22824
+rasa/shared/providers/_configs/azure_entra_id_client_creds.py,sha256=S6slRcUERNAbkA2sp-Ykk3Y6wl6EnvnHYLY_ILsveVc,1103
+rasa/shared/providers/_configs/azure_entra_id_config.py,sha256=bScClwyvCW7EO0GCvgUOS77CscFG2JrkH2zsojm4L1g,18391
+rasa/shared/providers/_configs/azure_openai_client_config.py,sha256=01kg6TqjfjkZ6q2zASs-jp7j39adyLp6F37yi2fVpDo,10076
 rasa/shared/providers/_configs/client_config.py,sha256=nQ469h1XI970_7Vs49hNIpBIwlAeiAg-cwV0JFp7Hg0,1618
 rasa/shared/providers/_configs/default_litellm_client_config.py,sha256=tViurJ1NDbiBn9b5DbzhFHO1pJM889MC-GakWhEX07E,4352
 rasa/shared/providers/_configs/huggingface_local_embedding_client_config.py,sha256=q8ddTFwddDhx654ZQmg9eP_yo77N3Xg77hAmfXOmzPg,8200
 rasa/shared/providers/_configs/litellm_router_client_config.py,sha256=OX7egiQXkGSYxIfEOFrGFwCIKFJc3IgBKrZGqdjeMVQ,7265
 rasa/shared/providers/_configs/model_group_config.py,sha256=E1_hjP1p9b08m-28EPNNCwoFUJ1MMdkmC54Bai6JK0A,5730
+rasa/shared/providers/_configs/oauth_config.py,sha256=OPwignGb4xGI7GCTsfVUCM57fQYNDk-_IVXkt-OHyw0,775
 rasa/shared/providers/_configs/openai_client_config.py,sha256=tKCQSjtpVmPO_30sRmcFFDk0tNFs5bVseyI7iBU6ZOY,5839
 rasa/shared/providers/_configs/rasa_llm_client_config.py,sha256=elpbqVNSgkAiM0Dg-0N3ayVkSi6TAERepdZG7Bv8NdI,2245
 rasa/shared/providers/_configs/self_hosted_llm_client_config.py,sha256=l2JnypPXFL6KVxhftKTYvh-NqpXJ8--pjbJ-IQHoPRs,5963
 rasa/shared/providers/_configs/utils.py,sha256=-1WxEcrV5WHv3Q6GVGTJJZcdBe_p8NU4ArVspTTa8mg,3731
 rasa/shared/providers/_ssl_verification_utils.py,sha256=4tujCOjg0KKX2_DzOb7lZTdsUXtzRB4UkfhkC3W0jO0,4166
 rasa/shared/providers/_utils.py,sha256=JW2A1FM4QsIWNUH3QoMo_DRiZ90UW9tiu9n9RR1Oih4,3090
-rasa/shared/providers/constants.py,sha256=LYnqUf511ydlQcC7Ka6J_g5DGpi_fN48AVlEY577zJQ,295
+rasa/shared/providers/constants.py,sha256=hgV8yNGxIbID_2h65OoSfSjIE4UkazrsqRg4SdkPAmI,234
 rasa/shared/providers/embedding/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 rasa/shared/providers/embedding/_base_litellm_embedding_client.py,sha256=EW1AdTklBDJTVDGKslBZ-IMi7WgRzBdKbLIn9BiuXX4,8796
 rasa/shared/providers/embedding/_langchain_embedding_client_adapter.py,sha256=IR2Rb3ReJ9C9sxOoOGRXgtz8STWdMREs_4AeSMKFjl4,2135
-rasa/shared/providers/embedding/azure_openai_embedding_client.py,sha256=EIezqXhrMb6bEg49OkClIXGb-H-0o7CNnap3Nf9pcLw,12483
+rasa/shared/providers/embedding/azure_openai_embedding_client.py,sha256=QvFnnu-Jmcq9ABnNbxc4sWyi1mwVz7nWtuzpjIccokI,12361
 rasa/shared/providers/embedding/default_litellm_embedding_client.py,sha256=da17WeHjZp95Uv9jmTKxklNRcNpn-qRsRPcwDQusElg,4397
 rasa/shared/providers/embedding/embedding_client.py,sha256=rmFBKSKSihqmzpuZ-I0zVm1BBqTjL6V-K65gefoI35o,2839
 rasa/shared/providers/embedding/embedding_response.py,sha256=H55mSAL3LfVvDlBklaCCQ4AnNwCsQSQ1f2D0oPrx3FY,1204
@@ -697,7 +700,7 @@ rasa/shared/providers/embedding/litellm_router_embedding_client.py,sha256=eafDk6
 rasa/shared/providers/embedding/openai_embedding_client.py,sha256=XNRGE7apo2v3kWRrtgxE-Gq4rvNko3IiXtvgC4krDYE,5429
 rasa/shared/providers/llm/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 rasa/shared/providers/llm/_base_litellm_client.py,sha256=ZoLGPfFxa2YhA7JuEk8W2E_an1m_eK5MXxdFLwj026M,10038
-rasa/shared/providers/llm/azure_openai_llm_client.py,sha256=HXuUX0eNH5gy-0Nmm5YuqGPlLZvRrUV8Qs43pM30zvE,15010
+rasa/shared/providers/llm/azure_openai_llm_client.py,sha256=59rJi3IzznDkPkFwfJX3fCGPt0veUpJMqcPdBQLF4pw,14881
 rasa/shared/providers/llm/default_litellm_llm_client.py,sha256=e3f-YMS7-aariB5erRot7NReD-eaVPgeD45rypF-sUw,3974
 rasa/shared/providers/llm/litellm_router_llm_client.py,sha256=e9OIQrXH80G_JxzOn3rIATAHl4nmN-kTK2RLnWpAuGQ,7592
 rasa/shared/providers/llm/llm_client.py,sha256=c2pYAS-0AmZKe_gLTptwmBspXFaCUDqK0qLTqo3l2Ok,2392
@@ -782,9 +785,9 @@ rasa/utils/train_utils.py,sha256=f1NWpp5y6al0dzoQyyio4hc4Nf73DRoRSHDzEK6-C4E,212
 rasa/utils/url_tools.py,sha256=JQcHL2aLqLHu82k7_d9imUoETCm2bmlHaDpOJ-dKqBc,1218
 rasa/utils/yaml.py,sha256=KjbZq5C94ZP7Jdsw8bYYF7HASI6K4-C_kdHfrnPLpSI,2000
 rasa/validator.py,sha256=wl5IKiyDmk6FlDcGO2Js-H-gHPeqVqUJ6hB4fgN0xjI,66796
-rasa/version.py,sha256=GJdudg_5YuWRFetde9-Wwcs5ARtFvjExGxcxDgvlQxw,121
-rasa_pro-3.12.0.dev1.dist-info/METADATA,sha256=HGhiL9O-I1zYt-UDu0OvXiUhPSTRhCocizU1ZuZ6fPo,10844
-rasa_pro-3.12.0.dev1.dist-info/NOTICE,sha256=7HlBoMHJY9CL2GlYSfTQ-PZsVmLmVkYmMiPlTjhuCqA,218
-rasa_pro-3.12.0.dev1.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-rasa_pro-3.12.0.dev1.dist-info/entry_points.txt,sha256=ckJ2SfEyTPgBqj_I6vm_tqY9dZF_LAPJZA335Xp0Q9U,43
-rasa_pro-3.12.0.dev1.dist-info/RECORD,,
+rasa/version.py,sha256=Qk-yx_nkp859YygvuBicHLhsbvQxDrL2J8-SMq3DiIw,121
+rasa_pro-3.12.0.dev2.dist-info/METADATA,sha256=ugLXE3EIrVQcn9W5z_5PTSKMLm5G0N7lTh4y9wrL8nA,10844
+rasa_pro-3.12.0.dev2.dist-info/NOTICE,sha256=7HlBoMHJY9CL2GlYSfTQ-PZsVmLmVkYmMiPlTjhuCqA,218
+rasa_pro-3.12.0.dev2.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+rasa_pro-3.12.0.dev2.dist-info/entry_points.txt,sha256=ckJ2SfEyTPgBqj_I6vm_tqY9dZF_LAPJZA335Xp0Q9U,43
+rasa_pro-3.12.0.dev2.dist-info/RECORD,,