sequrity 0.0.1__py3-none-any.whl

sequrity/__init__.py

@@ -0,0 +1,14 @@
+"""Sequrity API Python client.
+
+This package provides a Python client for interacting with the Sequrity API,
+enabling secure LLM interactions with policy enforcement.
+"""
+
+from sequrity.client import SequrityClient
+
+try:
+    from sequrity._version import __version__
+except ImportError:
+    __version__ = "0.0.0.dev0"
+
+__all__ = ["SequrityClient", "__version__"]

sequrity/_version.py

@@ -0,0 +1,34 @@
+# file generated by setuptools-scm
+# don't change, don't track in version control
+
+__all__ = [
+    "__version__",
+    "__version_tuple__",
+    "version",
+    "version_tuple",
+    "__commit_id__",
+    "commit_id",
+]
+
+TYPE_CHECKING = False
+if TYPE_CHECKING:
+    from typing import Tuple
+    from typing import Union
+
+    VERSION_TUPLE = Tuple[Union[int, str], ...]
+    COMMIT_ID = Union[str, None]
+else:
+    VERSION_TUPLE = object
+    COMMIT_ID = object
+
+version: str
+__version__: str
+__version_tuple__: VERSION_TUPLE
+version_tuple: VERSION_TUPLE
+commit_id: COMMIT_ID
+__commit_id__: COMMIT_ID
+
+__version__ = version = '0.0.1'
+__version_tuple__ = version_tuple = (0, 0, 1)
+
+__commit_id__ = commit_id = None

sequrity/client.py

@@ -0,0 +1,35 @@
+"""Sequrity API client module.
+
+This module provides the main client class for interacting with the Sequrity API.
+"""
+
+import httpx
+
+from .constants import SEQURITY_API_URL
+from .control.wrapper import ControlApiWrapper
+
+
+class SequrityClient:
+    """Main client for interacting with the Sequrity API.
+
+    The SequrityClient provides a high-level interface for accessing Sequrity's
+    security features, including chat completion with security policies and
+    LangGraph integration.
+
+    Attributes:
+        control: The Control API wrapper for chat completions and LangGraph operations.
+    """
+
+    def __init__(self, api_key: str, base_url: str | None = None, timeout: int = 300):
+        """Initialize the Sequrity client.
+
+        Args:
+            api_key: Your Sequrity API key for authentication.
+            base_url: Optional custom base URL for the Sequrity API.
+                Defaults to the production Sequrity API URL.
+            timeout: Request timeout in seconds. Defaults to 300.
+        """
+        self._api_key = api_key
+        self._base_url = base_url or SEQURITY_API_URL
+        self._client = httpx.Client(timeout=timeout)
+        self.control = ControlApiWrapper(client=self._client, base_url=self._base_url, api_key=self._api_key)

sequrity/constants.py

@@ -0,0 +1,27 @@
+from enum import StrEnum
+
+
+class SequrityProductEnum(StrEnum):
+    CONTROL = "control"
+
+
+SEQURITY_API_URL = "https://api.sequrity.ai"
+
+CONTROL_API_PATHS = {
+    "chat_completions": {
+        "default": "/control/v1/chat/completions",
+        "with_service_provider": "/control/{service_provider}/v1/chat/completions",
+    },
+    "responses": {
+        "default": "/control/v1/responses",
+    },
+    "generate_policy": {
+        "default": "/control/v1/generate_policy",
+    },
+    "vscode_chat_completions": {
+        "default": "/control/vscode/{service_provider}/v1/chat/completions",
+    },
+    "langgraph_chat_completions": {
+        "default": "/control/lang-graph/{service_provider}/v1/chat/completions",
+    },
+}

sequrity/control/__init__.py

@@ -0,0 +1,23 @@
+from .types import (
+    ControlFlowMetaPolicy,
+    FeaturesHeader,
+    FineGrainedConfigHeader,
+    InternalPolicyPreset,
+    MetaData,
+    ResponseContentJsonSchema,
+    ResponseFormat,
+    SecurityPolicyHeader,
+    ValueWithMeta,
+)
+
+__all__ = [
+    "FeaturesHeader",
+    "FineGrainedConfigHeader",
+    "MetaData",
+    "ResponseContentJsonSchema",
+    "SecurityPolicyHeader",
+    "ValueWithMeta",
+    "InternalPolicyPreset",
+    "ResponseFormat",
+    "ControlFlowMetaPolicy",
+]

sequrity/control/chat_completion.py

@@ -0,0 +1,116 @@
+from typing import Literal
+from urllib.parse import urljoin
+
+import httpx
+
+from ..constants import CONTROL_API_PATHS
+from ..service_provider import LlmServiceProviderEnum
+from ..types.chat_completion.request import ChatCompletionRequest, Message, ReasoningEffort, ResponseFormat, Tool
+from ..types.chat_completion.response import ChatCompletionResponse
+from .types.headers import FeaturesHeader, FineGrainedConfigHeader, SecurityPolicyHeader
+
+
+def create_chat_completion_sync(
+    client: httpx.Client,
+    base_url: str,
+    api_key: str,
+    messages: list[Message] | list[dict],
+    model: str,
+    llm_api_key: str | None,
+    features: FeaturesHeader | None = None,
+    security_policy: SecurityPolicyHeader | None = None,
+    fine_grained_config: FineGrainedConfigHeader | None = None,
+    provider: LlmServiceProviderEnum | Literal["default"] = "default",
+    session_id: str | None = None,
+    reasoning_effort: ReasoningEffort | None = None,
+    response_format: ResponseFormat | None = None,
+    seed: int | None = None,
+    stream: bool | None = None,
+    temperature: float | None = None,
+    tools: list[Tool] | None = None,
+    top_p: float | None = None,
+    return_type: Literal["python", "json"] = "python",
+) -> ChatCompletionResponse | dict:
+    """Send a chat completion request to the Sequrity secure orchestrator.
+
+    Args:
+        client: HTTP client for making requests.
+        base_url: Base URL of the Sequrity API.
+        api_key: Sequrity API key for authentication.
+        messages: List of chat messages.
+        model: Model name to use for completion.
+        llm_api_key: Optional LLM provider API key (uses server default if None).
+        features: Security features to enable.
+        security_policy: Security policy configuration.
+        fine_grained_config: Fine-grained security settings.
+        provider: LLM service provider (openai, openrouter, etc.).
+        session_id: Explicit session ID for continuing an existing conversation.
+            If None and no tool messages in the request, a new session is created.
+        reasoning_effort: Reasoning effort level for supported models.
+        response_format: Response format specification.
+        seed: Random seed for reproducibility.
+        stream: Whether to stream the response.
+        temperature: Sampling temperature.
+        tools: List of tools available to the model.
+        top_p: Nucleus sampling parameter.
+        return_type: Return as "python" (ChatCompletionResponse) or "json" (dict).
+
+    Returns:
+        ChatCompletionResponse if return_type="python", dict if return_type="json".
+
+    Raises:
+        httpx.HTTPStatusError: If the request fails.
+    """
+
+    # Construct the URL based on service provider
+    if provider == "default":
+        path = CONTROL_API_PATHS["chat_completions"]["default"]
+    else:
+        path = CONTROL_API_PATHS["chat_completions"]["with_service_provider"].format(service_provider=provider)
+    url = urljoin(base_url, path)
+
+    # Prepare the request payload
+    payload = ChatCompletionRequest.model_validate(
+        {
+            "messages": messages,
+            "model": model,
+            "reasoning_effort": reasoning_effort,
+            "response_format": response_format,
+            "seed": seed,
+            "stream": stream,
+            "temperature": temperature,
+            "tools": tools,
+            "top_p": top_p,
+        }
+    ).model_dump(exclude_none=True)
+
+    headers = {
+        "Authorization": f"Bearer {api_key}",
+        "Content-Type": "application/json",
+    }
+    if llm_api_key:
+        headers["X-Api-Key"] = llm_api_key
+    if features:
+        headers["X-Security-Features"] = features.dump_for_headers(mode="json_str")
+    if security_policy:
+        headers["X-Security-Policy"] = security_policy.dump_for_headers(mode="json_str")
+    if fine_grained_config:
+        headers["X-Security-Config"] = fine_grained_config.dump_for_headers(mode="json_str")
+    if session_id:
+        headers["X-Session-Id"] = session_id
+
+    # Make the HTTP request
+    response = client.post(url, json=payload, headers=headers)
+    response.raise_for_status()
+    response_data = response.json()
+    session_id = response.headers.get("X-Session-Id")
+
+    # Parse and return the response
+    response = ChatCompletionResponse.model_validate(response_data)
+    response.session_id = session_id
+    if return_type == "json":
+        return response.model_dump(mode="json")
+    elif return_type == "python":
+        return response
+    else:
+        raise ValueError(f"Invalid return_type: {return_type}")

sequrity/control/langgraph/__init__.py

@@ -0,0 +1,3 @@
+from .run import run_graph_sync
+
+__all__ = ["run_graph_sync"]

sequrity/control/langgraph/graph_executor.py

@@ -0,0 +1,282 @@
+"""LangGraph integration for SequrityClient.
+
+This module provides functionality to execute LangGraph StateGraphs securely
+through the Sequrity orchestrator.
+"""
+
+import json
+from typing import Callable
+
+try:
+    from langgraph.graph import END, START, StateGraph
+
+    LANGGRAPH_AVAILABLE = True
+except ImportError:
+    LANGGRAPH_AVAILABLE = False
+
+
+class LangGraphExecutor:
+    """Executor for running LangGraph StateGraphs through Sequrity.
+
+    This class handles:
+        1. Converting LangGraph to executable Python code
+        2. Mapping nodes to tools (external) or internal functions
+        3. Executing code via secure orchestrator
+        4. Handling tool calls for external nodes
+    """
+
+    def __init__(
+        self,
+        graph: "StateGraph",
+        node_functions: dict[str, Callable] | None = None,
+        internal_node_mapping: dict[str, str] | None = None,
+    ):
+        """Initialize the executor.
+
+        Args:
+            graph: LangGraph StateGraph to execute.
+            node_functions: Dict mapping node names to their functions.
+            internal_node_mapping: Map of node names to internal tool names
+                (e.g., {"agent": "parse_with_ai"}).
+
+        Raises:
+            RuntimeError: If LangGraph is not installed.
+        """
+        if not LANGGRAPH_AVAILABLE:
+            raise RuntimeError("LangGraph is not installed. Install it with: pip install langgraph")
+
+        self.graph = graph
+
+        # Extract node functions if not provided
+        if node_functions is None:
+            self.node_functions = self._extract_function_map(graph)
+        else:
+            self.node_functions = node_functions
+
+        # Determine which nodes are internal vs external
+        self.internal_node_mapping = internal_node_mapping or {}
+        self.external_nodes: set[str] = set()
+        for node_name in self.node_functions.keys():
+            if node_name not in self.internal_node_mapping:
+                self.external_nodes.add(node_name)
+
+        # Generate code once at initialization
+        self.generated_code = self._graph_to_code(graph, self.node_functions)
+
+    def _extract_function_map(self, graph: "StateGraph") -> dict[str, Callable]:
+        """Extract node functions from LangGraph StateGraph.
+
+        Args:
+            graph: The StateGraph to extract functions from.
+
+        Returns:
+            Dict mapping node names to their callable functions.
+        """
+        function_map = {}
+
+        # Access internal graph structure to get nodes
+        if hasattr(graph, "nodes"):
+            for node_name, node_data in graph.nodes.items():
+                if hasattr(node_data, "func"):
+                    function_map[node_name] = node_data.func
+                elif callable(node_data):
+                    function_map[node_name] = node_data
+
+        return function_map
+
+    def build_tool_definitions(self) -> list[dict]:
+        """Build OpenAI-style tool definitions for external nodes.
+
+        Each external node becomes a tool that the orchestrator can call.
+
+        Returns:
+            List of tool definition dicts in OpenAI function calling format.
+        """
+        tools = []
+
+        for node_name in self.external_nodes:
+            func = self.node_functions.get(node_name)
+
+            # Get description from function if available
+            if func:
+                description = getattr(func, "__doc__", f"Execute node: {node_name}")
+            else:
+                description = f"Execute node: {node_name}"
+
+            # Build tool schema
+            tool_def = {
+                "type": "function",
+                "function": {
+                    "name": node_name,
+                    "description": description,
+                    "parameters": {
+                        "type": "object",
+                        "properties": {"state": {"type": "object", "description": "Current state dict"}},
+                        "required": ["state"],
+                    },
+                },
+            }
+            tools.append(tool_def)
+
+        return tools
+
+    def execute_tool_call(self, tool_call: dict) -> dict:
+        """Execute a tool call (external node).
+
+        Args:
+            tool_call: Tool call dict with id, name, and arguments.
+
+        Returns:
+            The result dict from executing the node function.
+
+        Raises:
+            RuntimeError: If no function is found for the specified tool name.
+        """
+        tool_name = tool_call.get("function", {}).get("name")
+        arguments_str = tool_call.get("function", {}).get("arguments", "{}")
+
+        # Parse arguments
+        try:
+            arguments = json.loads(arguments_str)
+        except json.JSONDecodeError:
+            arguments = {}
+
+        # Get the node function
+        node_func = self.node_functions.get(tool_name)
+        if not node_func:
+            raise RuntimeError(f"No function found for external node: {tool_name}")
+
+        # Execute the node function
+        state = arguments.get("state", {})
+        result = node_func(state)
+
+        return result
+
+    def _graph_to_code(self, graph: "StateGraph", function_map: dict[str, Callable]) -> str:
+        """Convert a LangGraph StateGraph into executable Python code.
+
+        Generates:
+            - Module-level code with state = initial_state
+            - Linear flow with if-else for conditional routing
+            - Uses keyword arguments for function calls
+
+        Args:
+            graph: The StateGraph to convert.
+            function_map: Dict mapping node names to their callable functions.
+
+        Returns:
+            Generated Python code as a string.
+        """
+        nodes = graph.nodes
+        edges = list(graph.edges)
+        branches = dict(graph.branches)
+
+        code_lines = []
+        code_lines.append("# Module-level code - assumes initial_state is predefined")
+        code_lines.append("state = initial_state")
+        code_lines.append("")
+
+        # Find starting node
+        start_edges = [target for source, target in edges if source == START]
+        if not start_edges:
+            code_lines.append("# Extract final result for user")
+            code_lines.append("final_return_value = state.get('result', state)")
+            return "\n".join(code_lines)
+
+        # Generate code for each node
+        visited = set()
+        self._generate_node_code(start_edges[0], nodes, edges, branches, function_map, code_lines, visited, indent=0)
+
+        code_lines.append("")
+        code_lines.append("# Extract final result for user")
+        code_lines.append("final_return_value = state.get('result', state)")
+
+        return "\n".join(code_lines)
+
+    def _generate_node_code(self, node_name, nodes, edges, branches, function_map, code_lines, visited, indent=0):
+        """Recursively generate code for a node and its successors.
+
+        Args:
+            node_name: Name of the current node to generate code for.
+            nodes: Dict of all nodes in the graph.
+            edges: List of edge tuples (source, target).
+            branches: Dict of conditional branch specifications.
+            function_map: Dict mapping node names to their callable functions.
+            code_lines: List to append generated code lines to.
+            visited: Set of already visited node names.
+            indent: Current indentation level.
+        """
+        if node_name in visited or node_name == END or node_name == "__end__":
+            return
+
+        visited.add(node_name)
+        indent_str = "    " * indent
+
+        # Get function name
+        node_spec = nodes.get(node_name)
+        if not node_spec:
+            return
+
+        node_func = node_spec.runnable
+        if function_map and node_name in function_map:
+            func_name = function_map[node_name].__name__
+        else:
+            func_name = getattr(node_func, "__name__", getattr(node_func, "name", str(node_name)))
+
+        # Generate node execution code with keyword arguments
+        code_lines.append(f"{indent_str}# Node: {node_name}")
+        code_lines.append(f"{indent_str}{node_name}_result = {func_name}(state=state)")
+        code_lines.append(f"{indent_str}# Update state")
+        code_lines.append(f"{indent_str}for key, value in {node_name}_result.items():")
+        code_lines.append(f"{indent_str}    if key in state:")
+        code_lines.append(f"{indent_str}        if isinstance(value, list) and isinstance(state[key], list):")
+        code_lines.append(f"{indent_str}            state[key].extend(value)")
+        code_lines.append(f"{indent_str}        else:")
+        code_lines.append(f"{indent_str}            state[key] = value")
+        code_lines.append(f"{indent_str}    else:")
+        code_lines.append(f"{indent_str}        state[key] = value")
+        code_lines.append("")
+
+        # Check for conditional edges
+        if node_name in branches and branches[node_name]:
+            # Has conditional routing
+            branch_name = list(branches[node_name].keys())[0]
+            branch_spec = branches[node_name][branch_name]
+
+            # Use the branch name as the condition function name
+            condition_name = branch_name
+
+            # Get possible next nodes
+            possible_next = set()
+            if hasattr(branch_spec, "ends"):
+                ends = branch_spec.ends
+                possible_next.update(ends.values() if isinstance(ends, dict) else ends)
+
+            # Also check edges
+            for source, target in edges:
+                if source == node_name and target not in (END, "__end__"):
+                    possible_next.add(target)
+
+            code_lines.append(f"{indent_str}# Conditional routing")
+            code_lines.append(f"{indent_str}next_node = {condition_name}(state=state)")
+            code_lines.append("")
+
+            # Generate if-else for each possible path
+            if possible_next:
+                first = True
+                for next_node in sorted(possible_next):
+                    if_keyword = "if" if first else "elif"
+                    first = False
+
+                    code_lines.append(f"{indent_str}{if_keyword} next_node == '{next_node}':")
+                    branch_visited = visited.copy()
+                    self._generate_node_code(
+                        next_node, nodes, edges, branches, function_map, code_lines, branch_visited, indent + 1
+                    )
+        else:
+            # Regular edge - no condition
+            next_nodes = [target for source, target in edges if source == node_name]
+            if next_nodes and next_nodes[0] != END and next_nodes[0] != "__end__":
+                self._generate_node_code(
+                    next_nodes[0], nodes, edges, branches, function_map, code_lines, visited, indent
+                )