solace-agent-mesh 1.1.0__py3-none-any.whl → 1.3.1__py3-none-any.whl

solace_agent_mesh/gateway/http_sse/dependencies.py

@@ -3,39 +3,40 @@ Defines FastAPI dependency injectors to access shared resources
 managed by the WebUIBackendComponent.
 """
 
-from fastapi import Depends, HTTPException, status, Request
-from typing import (
-    TYPE_CHECKING,
-    Callable,
-    Dict,
-    Optional,
-    Any,
-)
-import os
+from collections.abc import Callable
+from typing import TYPE_CHECKING, Any
 
+from fastapi import Depends, HTTPException, Request, status
 from solace_ai_connector.common.log import log
-from ...gateway.http_sse.sse_manager import SSEManager
-from ...gateway.http_sse.session_manager import SessionManager
-from ...common.agent_registry import AgentRegistry
-
-from ...gateway.http_sse.services.agent_service import AgentService
-from ...gateway.http_sse.services.task_service import TaskService
-from ...gateway.http_sse.services.people_service import PeopleService
-from ...gateway.base.task_context import TaskContextManager
 
-from ...core_a2a.service import CoreA2AService
-from ...common.services.identity_service import BaseIdentityService
+from ...common.agent_registry import AgentRegistry
 from ...common.middleware.config_resolver import ConfigResolver
+from ...common.services.identity_service import BaseIdentityService
+from ...core_a2a.service import CoreA2AService
+from ...gateway.base.task_context import TaskContextManager
+from ...gateway.http_sse.services.agent_card_service import AgentCardService
+from ...gateway.http_sse.services.people_service import PeopleService
+from ...gateway.http_sse.services.task_service import TaskService
+from ...gateway.http_sse.session_manager import SessionManager
+from ...gateway.http_sse.sse_manager import SSEManager
+from .application.services.session_service import SessionService
+from .infrastructure.persistence_service import PersistenceService
 
-from google.adk.artifacts import BaseArtifactService
+try:
+    from google.adk.artifacts import BaseArtifactService
+except ImportError:
+    # Mock BaseArtifactService for environments without Google ADK
+    class BaseArtifactService:
+        pass
 
 
 if TYPE_CHECKING:
     from gateway.http_sse.component import WebUIBackendComponent
 
 sac_component_instance: "WebUIBackendComponent" = None
+persistence_service_instance: "PersistenceService" = None
 
-api_config: Optional[Dict[str, Any]] = None
+api_config: dict[str, Any] | None = None
 
 
 def set_component_instance(component: "WebUIBackendComponent"):
@@ -48,7 +49,30 @@ def set_component_instance(component: "WebUIBackendComponent"):
         log.warning("[Dependencies] SAC Component instance already set.")
 
 
-def set_api_config(config: Dict[str, Any]):
+def set_persistence_service(persistence_service: "PersistenceService"):
+    """Called by the component during its startup to provide its instance."""
+    global persistence_service_instance
+    if persistence_service_instance is None:
+        persistence_service_instance = persistence_service
+        log.info("[Dependencies] Persistence Service instance provided.")
+    else:
+        log.warning("[Dependencies] Persistence Service instance already set.")
+
+
+def get_persistence_service() -> "PersistenceService":
+    """FastAPI dependency to get the PersistenceService instance."""
+    if persistence_service_instance is None:
+        log.warning(
+            "[Dependencies] PersistenceService not available - running in compatibility mode"
+        )
+        raise HTTPException(
+            status_code=status.HTTP_503_SERVICE_UNAVAILABLE,
+            detail="Persistence service not available in compatibility mode.",
+        )
+    return persistence_service_instance
+
+
+def set_api_config(config: dict[str, Any]):
     """Called during startup to provide API configuration."""
     global api_config
     if api_config is None:
@@ -71,7 +95,7 @@ def get_sac_component() -> "WebUIBackendComponent":
     return sac_component_instance
 
 
-def get_api_config() -> Dict[str, Any]:
+def get_api_config() -> dict[str, Any]:
     """FastAPI dependency to get the API configuration."""
     if api_config is None:
         log.critical("[Dependencies] API configuration accessed before it was set!")
@@ -128,26 +152,43 @@ def get_user_id(
 ) -> str:
     """
     FastAPI dependency that returns the user's identity.
-    It prioritizes the authenticated user from `request.state.user` (set by AuthMiddleware)
-    and falls back to the SessionManager for non-authenticated or legacy scenarios.
+    When FRONTEND_USE_AUTHORIZATION is true: Fully relies on OAuth - user must be authenticated by AuthMiddleware.
+    When FRONTEND_USE_AUTHORIZATION is false: Uses development fallback user.
     """
     log.debug("[Dependencies] Resolving user_id string")
 
+    # AuthMiddleware should always set user state for both auth enabled/disabled cases
     if hasattr(request.state, "user") and request.state.user:
         user_id = request.state.user.get("id")
         if user_id:
             log.debug(f"[Dependencies] Using user ID from AuthMiddleware: {user_id}")
             return user_id
         else:
-            log.warning(
-                "[Dependencies] request.state.user exists but has no 'id' field. Falling back."
+            log.error(
+                "[Dependencies] request.state.user exists but has no 'id' field: %s. This indicates a bug in AuthMiddleware.",
+                request.state.user,
             )
 
-    log.debug("[Dependencies] Falling back to SessionManager for user_id")
-    try:
-        return session_manager.get_a2a_client_id(request)
-    except AssertionError:
-        return f"anonymous_user:{os.urandom(8).hex()}"
+    # If we reach here, AuthMiddleware didn't set user state properly
+    use_authorization = session_manager.use_authorization
+
+    if use_authorization:
+        # When OAuth is enabled, we should never reach here - AuthMiddleware should have handled authentication
+        log.error(
+            "[Dependencies] OAuth is enabled but no authenticated user found. This indicates an authentication failure or middleware bug."
+        )
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Authentication required but user not found",
+        )
+    else:
+        # When auth is disabled, use development fallback user
+        fallback_id = "sam_dev_user"
+        log.info(
+            "[Dependencies] Authorization disabled and no user in request state, using fallback user: %s",
+            fallback_id,
+        )
+        return fallback_id
 
 
 def ensure_session_id(
@@ -161,21 +202,21 @@ def ensure_session_id(
 
 def get_identity_service(
     component: "WebUIBackendComponent" = Depends(get_sac_component),
-) -> Optional[BaseIdentityService]:
+) -> BaseIdentityService | None:
     """FastAPI dependency to get the configured IdentityService instance."""
     log.debug("[Dependencies] get_identity_service called")
     return component.identity_service
 
 
 def get_people_service(
-    identity_service: Optional[BaseIdentityService] = Depends(get_identity_service),
+    identity_service: BaseIdentityService | None = Depends(get_identity_service),
 ) -> PeopleService:
     """FastAPI dependency to get an instance of PeopleService."""
     log.debug("[Dependencies] get_people_service called")
     return PeopleService(identity_service=identity_service)
 
 
-PublishFunc = Callable[[str, Dict, Optional[Dict]], None]
+PublishFunc = Callable[[str, dict, dict | None], None]
 
 
 def get_publish_a2a_func(
@@ -212,7 +253,7 @@ def get_config_resolver(
 
 def get_app_config(
     component: "WebUIBackendComponent" = Depends(get_sac_component),
-) -> Dict[str, Any]:
+) -> dict[str, Any]:
     """
     FastAPI dependency to safely get the application configuration dictionary.
     """
@@ -225,8 +266,8 @@ async def get_user_config(
     user_id: str = Depends(get_user_id),
     config_resolver: ConfigResolver = Depends(get_config_resolver),
     component: "WebUIBackendComponent" = Depends(get_sac_component),
-    app_config: Dict[str, Any] = Depends(get_app_config),
-) -> Dict[str, Any]:
+    app_config: dict[str, Any] = Depends(get_app_config),
+) -> dict[str, Any]:
     """
     FastAPI dependency to get the user-specific configuration.
     """
@@ -243,7 +284,7 @@ async def get_user_config(
 
 def get_shared_artifact_service(
     component: "WebUIBackendComponent" = Depends(get_sac_component),
-) -> Optional[BaseArtifactService]:
+) -> BaseArtifactService | None:
     """FastAPI dependency to get the shared ArtifactService."""
     log.debug("[Dependencies] get_shared_artifact_service called")
     return component.get_shared_artifact_service()
@@ -251,7 +292,7 @@ def get_shared_artifact_service(
 
 def get_embed_config(
     component: "WebUIBackendComponent" = Depends(get_sac_component),
-) -> Dict[str, Any]:
+) -> dict[str, Any]:
     """FastAPI dependency to get embed-related configuration."""
     log.debug("[Dependencies] get_embed_config called")
     return component.get_embed_config()
@@ -282,12 +323,12 @@ def get_task_context_manager_from_component(
     return component.task_context_manager
 
 
-def get_agent_service(
+def get_agent_card_service(
     registry: AgentRegistry = Depends(get_agent_registry),
-) -> AgentService:
-    """FastAPI dependency to get an instance of AgentService."""
-    log.debug("[Dependencies] get_agent_service called")
-    return AgentService(agent_registry=registry)
+) -> AgentCardService:
+    """FastAPI dependency to get an instance of AgentCardService."""
+    log.debug("[Dependencies] get_agent_card_service called")
+    return AgentCardService(agent_registry=registry)
 
 
 def get_task_service(
@@ -314,3 +355,65 @@ def get_task_service(
         task_context_lock=task_context_manager._lock,
         app_name=app_name,
     )
+
+
+def get_session_service(
+    component: "WebUIBackendComponent" = Depends(get_sac_component),
+) -> SessionService:
+    log.debug("[Dependencies] get_session_service called")
+
+    if (
+        hasattr(component, "persistence_service")
+        and component.persistence_service is not None
+    ):
+        log.debug("Using database-backed session service")
+        container = component.persistence_service.container
+        return container.get_session_service()
+    else:
+        log.debug("No database configured - session persistence not available")
+        raise HTTPException(
+            status_code=status.HTTP_501_NOT_IMPLEMENTED,
+            detail="Session management requires database configuration. Configure 'database_url' in your gateway configuration.",
+        )
+
+
+def get_session_validator(
+    component: "WebUIBackendComponent" = Depends(get_sac_component),
+) -> Callable[[str, str], bool]:
+    """
+    FastAPI dependency that returns a session validator function.
+
+    With database: Validates sessions against database
+    Without database: Validates sessions using basic checks (session exists in recent activity)
+    """
+    log.debug("[Dependencies] get_session_validator called")
+
+    # Check if component has a persistence service (database-backed)
+    if (
+        hasattr(component, "persistence_service")
+        and component.persistence_service is not None
+    ):
+        log.debug("Using database-backed session validation")
+
+        def validate_with_database(session_id: str, user_id: str) -> bool:
+            container = component.persistence_service.container
+            session_service = container.get_session_service()
+            session_domain = session_service.get_session(
+                session_id=session_id, user_id=user_id
+            )
+            return session_domain is not None
+
+        return validate_with_database
+    else:
+        log.debug("No database configured - using basic session validation")
+
+        def validate_without_database(session_id: str, user_id: str) -> bool:
+            """Basic validation: check session ID format and user authentication"""
+            # Validate session ID format (should be web-session-* format from SessionManager)
+            if not session_id or not session_id.startswith("web-session-"):
+                return False
+            # If user_id is provided (authenticated), allow access
+            # This provides basic security while allowing filesystem-based artifacts
+            return bool(user_id)
+
+        return validate_without_database

solace_agent_mesh/gateway/http_sse/domain/entities/__init__.py

@@ -0,0 +1,3 @@
+from .session import Message, Session, SessionHistory
+
+__all__ = ["Session", "Message", "SessionHistory"]

solace_agent_mesh/gateway/http_sse/domain/entities/session.py

@@ -0,0 +1,90 @@
+from datetime import datetime, timezone
+
+from pydantic import BaseModel
+
+from ...shared.enums import MessageType, SenderType, SessionStatus
+from ...shared.types import AgentId, MessageId, SessionId, UserId
+
+
+class Session(BaseModel):
+    id: SessionId
+    user_id: UserId
+    name: str | None = None
+    agent_id: AgentId | None = None
+    status: SessionStatus = SessionStatus.ACTIVE
+    created_at: datetime
+    updated_at: datetime | None = None
+    last_activity: datetime | None = None
+
+    def update_name(self, new_name: str) -> None:
+        if not new_name or len(new_name.strip()) == 0:
+            raise ValueError("Session name cannot be empty")
+        if len(new_name) > 255:
+            raise ValueError("Session name cannot exceed 255 characters")
+
+        self.name = new_name.strip()
+        self.updated_at = datetime.now(timezone.utc)
+
+    def mark_activity(self) -> None:
+        self.last_activity = datetime.now(timezone.utc)
+        self.updated_at = datetime.now(timezone.utc)
+
+    def archive(self) -> None:
+        self.status = SessionStatus.ARCHIVED
+        self.updated_at = datetime.now(timezone.utc)
+
+    def activate(self) -> None:
+        self.status = SessionStatus.ACTIVE
+        self.updated_at = datetime.now(timezone.utc)
+
+    def can_be_deleted_by_user(self, user_id: UserId) -> bool:
+        return self.user_id == user_id
+
+    def can_be_accessed_by_user(self, user_id: UserId) -> bool:
+        return self.user_id == user_id
+
+
+class Message(BaseModel):
+    id: MessageId
+    session_id: SessionId
+    message: str
+    sender_type: SenderType
+    sender_name: str
+    message_type: MessageType = MessageType.TEXT
+    created_at: datetime
+
+    def validate_message_content(self) -> None:
+        if not self.message or len(self.message.strip()) == 0:
+            raise ValueError("Message content cannot be empty")
+        if len(self.message) > 10_000_000:
+            raise ValueError("Message content exceeds maximum length (10MB)")
+
+    def is_from_user(self) -> bool:
+        return self.sender_type == SenderType.USER
+
+    def is_from_agent(self) -> bool:
+        return self.sender_type == SenderType.AGENT
+
+    def is_system_message(self) -> bool:
+        return self.sender_type == SenderType.SYSTEM
+
+
+class SessionHistory(BaseModel):
+    session: Session
+    messages: list[Message] = []
+    total_message_count: int = 0
+
+    def add_message(self, message: Message) -> None:
+        if message.session_id != self.session.id:
+            raise ValueError("Message does not belong to this session")
+
+        message.validate_message_content()
+        self.messages.append(message)
+        self.total_message_count += 1
+        self.session.mark_activity()
+
+    def get_messages_by_sender_type(self, sender_type: SenderType) -> list[Message]:
+        return [msg for msg in self.messages if msg.sender_type == sender_type]
+
+    def get_latest_messages(self, count: int = 10) -> list[Message]:
+        return sorted(self.messages, key=lambda x: x.created_at, reverse=True)[:count]

solace_agent_mesh/gateway/http_sse/domain/repositories/__init__.py

@@ -0,0 +1,3 @@
+from .session_repository import IMessageRepository, ISessionRepository
+
+__all__ = ["ISessionRepository", "IMessageRepository"]

solace_agent_mesh/gateway/http_sse/domain/repositories/session_repository.py

@@ -0,0 +1,54 @@
+from abc import ABC, abstractmethod
+
+from ...shared.types import PaginationInfo, SessionId, UserId
+from ..entities.session import Message, Session
+
+
+class ISessionRepository(ABC):
+    @abstractmethod
+    def get_by_id(self, session_id: SessionId) -> Session | None:
+        pass
+
+    @abstractmethod
+    def get_by_user_id(
+        self, user_id: UserId, pagination: PaginationInfo | None = None
+    ) -> list[Session]:
+        pass
+
+    @abstractmethod
+    def get_user_session(
+        self, session_id: SessionId, user_id: UserId
+    ) -> Session | None:
+        pass
+
+    @abstractmethod
+    def create(self, session: Session) -> Session:
+        pass
+
+    @abstractmethod
+    def update(self, session: Session) -> Session | None:
+        pass
+
+    @abstractmethod
+    def delete(self, session_id: SessionId, user_id: UserId) -> bool:
+        pass
+
+    @abstractmethod
+    def exists(self, session_id: SessionId) -> bool:
+        pass
+
+
+class IMessageRepository(ABC):
+    @abstractmethod
+    def get_by_session_id(
+        self, session_id: SessionId, pagination: PaginationInfo | None = None
+    ) -> list[Message]:
+        pass
+
+    @abstractmethod
+    def create(self, message: Message) -> Message:
+        pass
+
+    @abstractmethod
+    def delete_by_session_id(self, session_id: SessionId) -> bool:
+        pass

solace_agent_mesh/gateway/http_sse/infrastructure/__init__.py

@@ -0,0 +1,4 @@
+from .persistence.database_service import DatabaseService
+from .repositories.session_repository import SessionRepository, MessageRepository
+
+__all__ = ["DatabaseService", "SessionRepository", "MessageRepository"]

solace_agent_mesh/gateway/http_sse/infrastructure/dependency_injection/__init__.py

@@ -0,0 +1,3 @@
+from .container import ApplicationContainer, get_container, initialize_container
+
+__all__ = ["ApplicationContainer", "initialize_container", "get_container"]

solace_agent_mesh/gateway/http_sse/infrastructure/dependency_injection/container.py

@@ -0,0 +1,123 @@
+from collections.abc import Callable
+from typing import Any, TypeVar
+
+from ...application.services.session_service import SessionService
+from ...domain.repositories.session_repository import (
+    IMessageRepository,
+    ISessionRepository,
+)
+from ...infrastructure.persistence import database_service as db_service_module
+from ...infrastructure.persistence.database_service import DatabaseService
+from ...infrastructure.repositories.session_repository import (
+    MessageRepository,
+    SessionRepository,
+)
+
+T = TypeVar("T")
+
+
+class DIContainer:
+    """Dependency injection container."""
+
+    def __init__(self):
+        self._services: dict[str, Any] = {}
+        self._factories: dict[str, Callable] = {}
+        self._singletons: dict[str, Any] = {}
+
+    def register_singleton(self, service_type: type, instance: Any) -> None:
+        self._singletons[service_type.__name__] = instance
+
+    def register_factory(self, service_type: type, factory: Callable) -> None:
+        self._factories[service_type.__name__] = factory
+
+    def register_transient(self, service_type: type, implementation: type) -> None:
+        """Register a transient service (new instance each time)."""
+        self._services[service_type.__name__] = implementation
+
+    def get(self, service_type: type) -> Any:
+        """Get an instance of the requested service."""
+        service_name = service_type.__name__
+
+        # Check singletons first
+        if service_name in self._singletons:
+            return self._singletons[service_name]
+
+        # Check factories
+        if service_name in self._factories:
+            return self._factories[service_name]()
+
+        # Check transient services
+        if service_name in self._services:
+            implementation = self._services[service_name]
+            return self._create_instance(implementation)
+
+        raise ValueError(f"Service {service_name} is not registered")
+
+    def _create_instance(self, implementation: type) -> Any:
+        """Create an instance with dependency injection."""
+        # This is a simplified implementation
+        # In a production system, you'd use a more sophisticated approach
+        # like inspecting constructor parameters and resolving them automatically
+        return implementation()
+
+
+class ApplicationContainer:
+    """Application-specific dependency injection container."""
+
+    def __init__(self, database_url: str | None = None):
+        self.container = DIContainer()
+        self.database_url = database_url
+        self.has_database = database_url is not None
+        self._setup_dependencies()
+
+    def _setup_dependencies(self) -> None:
+        if self.has_database:
+            database_service = DatabaseService(self.database_url)
+            self.container.register_singleton(DatabaseService, database_service)
+            db_service_module.database_service = database_service
+
+            session_repository = SessionRepository(database_service)
+            message_repository = MessageRepository(database_service)
+
+            self.container.register_singleton(ISessionRepository, session_repository)
+            self.container.register_singleton(IMessageRepository, message_repository)
+
+            def session_service_factory():
+                return SessionService(session_repository, message_repository)
+
+            self.container.register_factory(SessionService, session_service_factory)
+
+    def get_database_service(self) -> DatabaseService | None:
+        if not self.has_database:
+            return None
+        return self.container.get(DatabaseService)
+
+    def get_session_service(self) -> SessionService | None:
+        if not self.has_database:
+            return None
+        return self.container.get(SessionService)
+
+
+# Global container instance
+_container: ApplicationContainer | None = None
+
+
+def initialize_container(database_url: str | None = None) -> ApplicationContainer:
+    global _container
+    _container = ApplicationContainer(database_url)
+
+    # Only create tables if database is available
+    if _container.has_database:
+        database_service = _container.get_database_service()
+        if database_service:
+            database_service.create_tables()
+
+    return _container
+
+
+def get_container() -> ApplicationContainer:
+    if _container is None:
+        raise RuntimeError(
+            "Container not initialized. Call initialize_container() first."
+        )
+    return _container

solace_agent_mesh/gateway/http_sse/infrastructure/persistence/__init__.py

@@ -0,0 +1,4 @@
+from .database_service import DatabaseService
+from .models import Base, SessionModel, MessageModel
+
+__all__ = ["DatabaseService", "Base", "SessionModel", "MessageModel"]

solace_agent_mesh/gateway/http_sse/infrastructure/persistence/database_persistence_service.py

@@ -0,0 +1,16 @@
+from sqlalchemy.orm import sessionmaker
+
+from .database_service import DatabaseService
+
+
+class DatabasePersistenceService:
+    def __init__(self, db_url: str):
+        self.db_service = DatabaseService(db_url)
+        self._session_factory = sessionmaker(bind=self.db_service.engine)
+
+    def Session(self):
+        return self._session_factory()
+
+    @property
+    def engine(self):
+        return self.db_service.engine