PyPI - solace-agent-mesh - Versions diffs - 1.4.12__py3-none-any.whl → 1.5.0__py3-none-any.whl - Mend

solace-agent-mesh 1.4.12py3-none-any.whl → 1.5.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of solace-agent-mesh might be problematic. Click here for more details.

Files changed (181) hide show

solace_agent_mesh/agent/adk/invocation_monitor.py DELETED Viewed

@@ -1,295 +0,0 @@
-import copy
-import datetime
-import json
-import os
-import yaml
-from solace_ai_connector.common.log import log
-class InvocationMonitor:
-    LOG_DIRECTORY = "/tmp/solace-agent-mesh"
-    START_TOPIC_SUFFIX = "a2a/v1/agent/request/OrchestratorAgent"
-    END_TOPIC_CONTAINS = "a2a/v1/gateway/response/"
-    EXCLUDE_TOPIC_SUFFIX = "/discovery/agentcards"
-    LOG_FILE_VERSION = "1.0"
-    def __init__(self):
-        self._is_logging_active = False
-        self._current_log_buffer = []
-        self._current_logfile_path = None
-        self._invocation_start_time = None
-        self._triggering_event_details = None
-        self._current_invocation_id = None
-        self._current_session_id = None
-        try:
-            os.makedirs(self.LOG_DIRECTORY, exist_ok=True)
-            log.info(
-                f"InvocationMonitor initialized. Logging to directory: {self.LOG_DIRECTORY}"
-            )
-        except Exception as e:
-            log.error(
-                f"InvocationMonitor: Failed to create log directory {self.LOG_DIRECTORY}: {e}"
-            )
-            self.LOG_DIRECTORY = None
-    def _sanitize(self, value):
-        """Replace underscores with dashes and convert to string."""
-        return str(value).replace("_", "-") if value is not None else "unknown"
-    def _generate_logfile_path(self, invocation_id, gateway) -> str:
-        if not self.LOG_DIRECTORY:
-            return None
-        timestamp = str(int(datetime.datetime.now(datetime.timezone.utc).timestamp()))
-        invocation_id = self._sanitize(invocation_id)
-        gateway = self._sanitize(gateway)
-        filename = f"{invocation_id}_{gateway}_{timestamp}.stim"
-        return os.path.join(self.LOG_DIRECTORY, filename)
-    def _finalize_log_file(self, terminating_event_details=None):
-        if not self._is_logging_active or not self._current_logfile_path:
-            if self._is_logging_active:
-                log.warning("InvocationMonitor: Finalize called but no log file path.")
-            self._reset_session()
-            return
-        if not self._current_log_buffer and not self._triggering_event_details:
-            log.info(
-                f"InvocationMonitor: No messages were logged for {self._current_logfile_path}. Skipping file creation."
-            )
-            self._reset_session()
-            return
-        invocation_end_time = datetime.datetime.now(datetime.timezone.utc).timestamp()
-        yaml_data = {
-            "invocation_details": {
-                "log_file_version": self.LOG_FILE_VERSION,
-                "start_time": self._invocation_start_time,
-                "end_time": invocation_end_time,
-                "triggering_event": self._triggering_event_details,
-                "terminating_event": terminating_event_details,
-            },
-            "invocation_flow": self._current_log_buffer,
-        }
-        try:
-            with open(self._current_logfile_path, "w", encoding="utf-8") as f:
-                yaml.dump(
-                    yaml_data,
-                    f,
-                    sort_keys=False,
-                    allow_unicode=True,
-                    indent=2,
-                    default_flow_style=False,
-                )
-            log.info(
-                f"InvocationMonitor: YAML content saved to .stim file: {self._current_logfile_path}"
-            )
-        except Exception as e:
-            log.error(
-                f"InvocationMonitor: Failed to write YAML content to .stim file {self._current_logfile_path}: {e}"
-            )
-        finally:
-            self._reset_session()
-    def _reset_session(self):
-        self._is_logging_active = False
-        self._current_log_buffer = []
-        self._current_logfile_path = None
-        self._invocation_start_time = None
-        self._triggering_event_details = None
-        self._current_invocation_id = None
-        self._current_session_id = None
-    def _prepare_payload_for_yaml(self, payload):
-        if isinstance(payload, str):
-            try:
-                return json.loads(payload)
-            except json.JSONDecodeError:
-                return payload
-        elif isinstance(payload, (dict, list)):
-            return payload
-        elif isinstance(payload, bytes):
-            try:
-                return payload.decode("utf-8")
-            except UnicodeDecodeError:
-                return repr(payload)
-        return str(payload)
-    def _add_log_entry(
-        self,
-        direction: str,
-        topic: str,
-        payload: any,
-        component_identifier: str,
-        is_trigger_event=False,
-    ):
-        timestamp = datetime.datetime.now(datetime.timezone.utc).timestamp()
-        prepared_payload = self._prepare_payload_for_yaml(payload)
-        log_entry_dict = {
-            "topic": topic,
-            "timestamp": timestamp,
-            "component": component_identifier,
-            "direction": direction,
-            "payload": prepared_payload,
-        }
-        if is_trigger_event:
-            return {
-                "timestamp": timestamp,
-                "component": component_identifier,
-                "direction": direction,
-                "topic": topic,
-                "payload": prepared_payload,
-            }
-        if self._is_logging_active:
-            self._current_log_buffer.append(log_entry_dict)
-        return log_entry_dict
-    def log_message_event(
-        self,
-        direction: str,
-        topic: str,
-        payload: any,
-        component_identifier: str = "A2A_Host",
-    ):
-        if not self.LOG_DIRECTORY:
-            log.error(
-                "InvocationMonitor: Log directory not available. Skipping log_message_event."
-            )
-            return
-        if topic.endswith(self.EXCLUDE_TOPIC_SUFFIX):
-            return
-        if self.START_TOPIC_SUFFIX in topic:
-            method = None
-            invocation_id = None
-            session_id = None
-            if isinstance(payload, dict):
-                method = payload.get("method")
-                invocation_id = payload.get("id") or "unknown"
-                session_id = payload.get("params", {}).get("sessionId", None)
-            elif isinstance(payload, str):
-                try:
-                    payload_obj = json.loads(payload)
-                    method = payload_obj.get("method")
-                    invocation_id = payload_obj.get("id") or "unknown"
-                    session_id = payload_obj.get("params", {}).get("sessionId", None)
-                except Exception:
-                    invocation_id = "unknown"
-                    session_id = None
-            if method != "tasks/sendSubscribe":
-                if self._is_logging_active and method == "tasks/cancel":
-                    log.warning(
-                        f"InvocationMonitor: Cancel event received for topic {topic} (id={invocation_id}, sessionId={session_id}) while a session for {self._current_logfile_path} was active. "
-                        "Finalizing previous session with reason: 'Request was canceled'."
-                    )
-                    self._finalize_log_file(
-                        terminating_event_details={
-                            "reason": "Request was canceled",
-                            "topic": topic,
-                            "method": method,
-                            "invocation_id": invocation_id,
-                            "session_id": session_id,
-                        }
-                    )
-                return
-            if self._is_logging_active:
-                log.warning(
-                    f"InvocationMonitor: New start event received for topic {topic} (id={invocation_id}, sessionId={session_id}, method={method}) while a session for {self._current_logfile_path} was active. "
-                    "Finalizing previous session with reason: 'New session started before old one ended'."
-                )
-                self._finalize_log_file(
-                    terminating_event_details={
-                        "reason": "New session started before old one ended",
-                        "topic": topic,
-                        "method": method,
-                        "invocation_id": invocation_id,
-                        "session_id": session_id,
-                    }
-                )
-            self._is_logging_active = True
-            self._current_log_buffer = []
-            self._current_invocation_id = invocation_id
-            self._current_session_id = session_id
-            log.debug(
-                f"InvocationMonitor: Received start event for topic {topic}. Payload: {payload}"
-            )
-            gateway = "unknown"
-            if session_id and "web-session" in session_id:
-                gateway = "web"
-            elif session_id and "slack" in session_id:
-                gateway = "slack"
-            self._current_logfile_path = self._generate_logfile_path(
-                invocation_id, gateway
-            )
-            if not self._current_logfile_path:
-                log.error(
-                    "InvocationMonitor: Could not generate logfile path. Aborting logging for this session."
-                )
-                self._reset_session()
-                return
-            self._invocation_start_time = datetime.datetime.now(
-                datetime.timezone.utc
-            ).timestamp()
-            self._triggering_event_details = self._add_log_entry(
-                direction, topic, payload, component_identifier, is_trigger_event=True
-            )
-            if self._triggering_event_details:
-                first_flow_entry = {
-                    "topic": self._triggering_event_details["topic"],
-                    "timestamp": self._triggering_event_details["timestamp"],
-                    "component": self._triggering_event_details["component"],
-                    "direction": self._triggering_event_details["direction"],
-                    "payload": copy.deepcopy(self._triggering_event_details["payload"]),
-                }
-                self._current_log_buffer.append(first_flow_entry)
-            log.info(
-                f"InvocationMonitor: Started YAML logging (to .stim file) for new invocation. File: {self._current_logfile_path}. Trigger: {topic}"
-            )
-        elif self._is_logging_active:
-            current_event_details = self._add_log_entry(
-                direction, topic, payload, component_identifier, is_trigger_event=False
-            )
-            if self.END_TOPIC_CONTAINS in topic:
-                log.info(
-                    f"InvocationMonitor: End condition met by topic {topic}. Finalizing YAML content to .stim file: {self._current_logfile_path}"
-                )
-                terminating_event_info = {
-                    "timestamp": current_event_details["timestamp"],
-                    "component": current_event_details["component"],
-                    "direction": current_event_details["direction"],
-                    "topic": current_event_details["topic"],
-                    "payload": copy.deepcopy(current_event_details["payload"]),
-                }
-                self._finalize_log_file(
-                    terminating_event_details=terminating_event_info
-                )
-    def cleanup(self):
-        log.info("InvocationMonitor: Cleanup called.")
-        if self._is_logging_active and self._current_logfile_path:
-            log.warning(
-                f"InvocationMonitor: Finalizing YAML content to .stim file {self._current_logfile_path} during cleanup."
-            )
-            self._finalize_log_file(
-                terminating_event_details={"reason": "Session finalized during cleanup"}
-            )

solace_agent_mesh/assets/docs/assets/js/483cef9a.4736f2d8.js DELETED Viewed

@@ -1 +0,0 @@

- "use strict";(self.webpackChunksolace_agenitc_mesh_docs=self.webpackChunksolace_agenitc_mesh_docs||[]).push([[2274],{4700:(e,n,t)=>{t.r(n),t.d(n,{assets:()=>c,contentTitle:()=>a,default:()=>x,frontMatter:()=>r,metadata:()=>o,toc:()=>l});const o=JSON.parse('{"id":"documentation/Enterprise/single-sign-on","title":"SSO","description":"How to enable SSO","source":"@site/docs/documentation/Enterprise/single-sign-on.md","sourceDirName":"documentation/Enterprise","slug":"/documentation/Enterprise/single-sign-on","permalink":"/solace-agent-mesh/docs/documentation/Enterprise/single-sign-on","draft":false,"unlisted":false,"editUrl":"https://github.com/SolaceLabs/solace-agent-mesh/edit/main/docs/docs/documentation/Enterprise/single-sign-on.md","tags":[],"version":"current","sidebarPosition":10,"frontMatter":{"title":"SSO","sidebar_position":10},"sidebar":"docSidebar","previous":{"title":"RBAC Setup Guide","permalink":"/solace-agent-mesh/docs/documentation/Enterprise/rbac-setup-guilde"}}');var i=t(4848),s=t(8453);const r={title:"SSO",sidebar_position:10},a=void 0,c={},l=[{value:"How to enable SSO",id:"how-to-enable-sso",level:2},{value:"Running Solace Agent Mesh Enterprise with SSO enabled",id:"running-solace-agent-mesh-enterprise-with-sso-enabled",level:2}];function h(e){const n={a:"a",admonition:"admonition",code:"code",h2:"h2",p:"p",pre:"pre",strong:"strong",...(0,s.R)(),...e.components},{Details:t}=n;return t||function(e,n){throw new Error("Expected "+(n?"component":"object")+" `"+e+"` to be defined: you likely forgot to import, pass, or provide it.")}("Details",!0),(0,i.jsxs)(i.Fragment,{children:[(0,i.jsx)(n.h2,{id:"how-to-enable-sso",children:"How to enable SSO"}),"\n",(0,i.jsx)(n.p,{children:"Before running the Docker container, create two configuration files for SSO under the root directory in your Named Docker Volume. Use the content provided below for each file:"}),"\n",(0,i.jsxs)(t,{children:[(0,i.jsx)("summary",{children:"Configuration files for SSO"}),(0,i.jsx)(n.p,{children:(0,i.jsx)(n.strong,{children:"oauth2_server.yaml"})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-yaml",children:'---\n# Example gateway configuration with OAuth2 service integration\n# This shows how to configure a gateway to use the OAuth2 authentication service\n\nlog:\n stdout_log_level: INFO\n log_file_level: DEBUG\n log_file: oauth_server.log\n\n!include ../shared_config.yaml\n\nshared_config:\n # OAuth2 service configuration\n - oauth2_config: &oauth2_config\n enabled: true\n config_file: "config/sso_vol/oauth2_config.yaml"\n host: ${OAUTH2_HOST, localhost}\n port: ${OAUTH2_PORT, 9000}\n ssl_cert: "" # Optional: path to SSL certificate\n ssl_key: "" # Optional: path to SSL private key\n\nflows:\n # Initialize OAuth2 service\n - name: oauth2_service\n components:\n - component_name: oauth2_auth_service\n component_module: src.components.oauth2_component\n component_config:\n <<: *oauth2_config\n'})}),(0,i.jsx)(n.p,{children:(0,i.jsx)(n.strong,{children:"oauth2_config.yaml"})}),(0,i.jsx)(n.p,{children:"In the oauth2_config.yaml file, uncomment the authentication provider you want to use.\nNote that the Azure provider is configured as the default option."}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-yaml",children:'---\n# OAuth2 Service Configuration\n# This file configures the OAuth2 authentication service that supports multiple providers\n# All providers now use the unified OIDC approach with automatic endpoint discovery\n\n# Enable or disable the OAuth2 service\nenabled: ${OAUTH2_ENABLED:false}\n\n# Development mode - enables insecure transport and relaxed token scope for local development\n# Set OAUTH2_DEV_MODE=true for local development (NEVER use in production!)\ndevelopment_mode: ${OAUTH2_DEV_MODE:false}\n\n# OAuth2 providers configuration\n# All providers now use the unified OIDCProvider with automatic endpoint discovery\nproviders:\n # Google OAuth2 provider\n # google:\n # # OIDC issuer URL - endpoints will be discovered automatically\n # issuer: "https://accounts.google.com"\n # client_id: ${GOOGLE_CLIENT_ID}\n # client_secret: ${GOOGLE_CLIENT_SECRET}\n # redirect_uri: ${GOOGLE_REDIRECT_URI:http://localhost:8080/callback}\n # scope: "openid email profile"\n\n # Azure/Microsoft OAuth2 provider\n azure:\n # Azure OIDC issuer URL includes tenant ID\n issuer: https://login.microsoftonline.com/${AZURE_TENANT_ID}/v2.0\n client_id: ${AZURE_CLIENT_ID}\n client_secret: ${AZURE_CLIENT_SECRET}\n redirect_uri: ${AZURE_REDIRECT_URI:http://localhost:8080/callback}\n scope: "openid email profile offline_access"\n\n # Auth0 OAuth2 provider\n # auth0:\n # # Auth0 issuer URL\n # issuer: ${AUTH0_ISSUER:https://your-domain.auth0.com/}\n # client_id: ${AUTH0_CLIENT_ID}\n # client_secret: ${AUTH0_CLIENT_SECRET}\n # redirect_uri: ${AUTH0_REDIRECT_URI:http://localhost:8080/callback}\n # scope: "openid email profile"\n # # Optional: Auth0 audience for API access\n # audience: ${AUTH0_AUDIENCE:}\n\n # # Okta OAuth2 provider (example)\n # okta:\n # issuer: ${OKTA_ISSUER:https://your-okta-domain.okta.com/oauth2/default}\n # client_id: ${OKTA_CLIENT_ID}\n # client_secret: ${OKTA_CLIENT_SECRET}\n # redirect_uri: ${OKTA_REDIRECT_URI:http://localhost:8080/callback}\n # scope: "openid email profile"\n\n # # Keycloak OAuth2 provider (example)\n # keycloak:\n # issuer: ${KEYCLOAK_ISSUER:https://your-keycloak.com/auth/realms/your-realm}\n # client_id: ${KEYCLOAK_CLIENT_ID}\n # client_secret: ${KEYCLOAK_CLIENT_SECRET}\n # redirect_uri: ${KEYCLOAK_REDIRECT_URI:http://localhost:8080/callback}\n # scope: "openid email profile"\n\n # # Generic OIDC provider (for any standard OIDC-compliant provider)\n # custom_oidc:\n # # Just provide the issuer URL and the service will discover all endpoints\n # issuer: ${CUSTOM_OIDC_ISSUER:https://your-provider.com}\n # client_id: ${CUSTOM_OIDC_CLIENT_ID}\n # client_secret: ${CUSTOM_OIDC_CLIENT_SECRET}\n # redirect_uri: ${CUSTOM_OIDC_REDIRECT_URI:http://localhost:8080/callback}\n # scope: "openid email profile"\n\n# Logging configuration\nlogging:\n level: ${OAUTH2_LOG_LEVEL:INFO}\n\n# Session configuration\nsession:\n # Session timeout in seconds (default: 1 hour)\n timeout: ${OAUTH2_SESSION_TIMEOUT:3600}\n\n# Security configuration\nsecurity:\n # CORS settings\n cors:\n enabled: ${OAUTH2_CORS_ENABLED:true}\n origins: ${OAUTH2_CORS_ORIGINS:*}\n\n # Rate limiting\n rate_limit:\n enabled: ${OAUTH2_RATE_LIMIT_ENABLED:true}\n requests_per_minute: ${OAUTH2_RATE_LIMIT_RPM:60}\n'})})]}),"\n",(0,i.jsx)(n.h2,{id:"running-solace-agent-mesh-enterprise-with-sso-enabled",children:"Running Solace Agent Mesh Enterprise with SSO enabled"}),"\n",(0,i.jsx)(n.p,{children:"Here is an example of Docker run command with Azure SSO provider for production use case:"}),"\n",(0,i.jsx)(n.admonition,{type:"tip",children:(0,i.jsxs)(n.p,{children:["You may need to include ",(0,i.jsx)(n.code,{children:"--platform linux/amd64"})," depending on the host machine you\u2019re using."]})}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:'docker run -itd -p 8000:8000 -p 9000:9000 \\\n -e LLM_SERVICE_API_KEY="<YOUR_LLM_TOKEN>" \\\n -e LLM_SERVICE_ENDPOINT="<YOUR_LLM_SERVICE_ENDPOINT>" \\\n -e LLM_SERVICE_PLANNING_MODEL_NAME="<YOUR_MODEL_NAME>" \\\n -e LLM_SERVICE_GENERAL_MODEL_NAME="<YOUR_MODEL_NAME>" \\\n -e NAMESPACE="<YOUR_NAMESPACE>" \\\n -e SOLACE_DEV_MODE="false" \\\n -e SOLACE_BROKER_URL="<YOUR_BROKER_URL>" \\\n -e SOLACE_BROKER_VPN="<YOUR_BROKER_VPN>" \\\n -e SOLACE_BROKER_USERNAME="<YOUR_BROKER_USERNAME>" \\\n -e SOLACE_BROKER_PASSWORD="<YOUR_BROKER_PASSWORD>" \\\n -e FASTAPI_HOST="0.0.0.0" \\\n -e FASTAPI_PORT="8000" \\\n -e AZURE_TENANT_ID="xxxxxxxxx-xxxxxx-xxxxxxxx-xxxxxxxxxx" \\\n -e AZURE_CLIENT_ID="xxxxxxxxx-xxxxxx-xxxxxxxx-xxxxxxxxxx" \\\n -e AZURE_CLIENT_SECRET="xxxxxxxxx-xxxxxx-xxxxxxxx-xxxxxxxxxx" \\\n -e OAUTH2_ENABLED="true" \\\n -e OAUTH2_LOG_LEVEL="DEBUG" \\\n -e OAUTH2_DEV_MODE="true" \\\n -e OAUTH2_HOST="0.0.0.0" \\\n -e OAUTH2_PORT="9000" \\\n -e FRONTEND_USE_AUTHORIZATION="true" \\\n -e FRONTEND_REDIRECT_URL="http://localhost:8000" \\\n -e FRONTEND_AUTH_LOGIN_URL="http://localhost:8000/api/v1/auth/login" \\\n -e EXTERNAL_AUTH_SERVICE_URL="http://localhost:9000" \\\n -e EXTERNAL_AUTH_PROVIDER="azure" \\\n -e EXTERNAL_AUTH_CALLBACK="http://localhost:8000/api/v1/auth/callback" \\\n -v <YOUR_NAMED_DOCKER_VOLUME>:/app/config/sso_vol/ \\\n --name sam-ent-prod-sso \\\nsolace-agent-mesh-enterprise:<tag> run config/sso_vol/oauth2_server.yaml config/webui_backend.yaml config/a2a_orchestrator.yaml config/a2a_agents.yaml\n'})}),"\n",(0,i.jsxs)(n.p,{children:["You can then access Solace Agent Mesh Enterprise UI through ",(0,i.jsx)(n.a,{href:"http://localhost:8000",children:"http://localhost:8000"})]}),"\n",(0,i.jsxs)(t,{children:[(0,i.jsx)("summary",{children:"Configuration Options"}),(0,i.jsx)(n.p,{children:(0,i.jsx)(n.strong,{children:"Specify the hostname and port for the UI running in the docker container. The main UI runs on port 8000 by default. Using 0.0.0.0 as the host allows external access to the container."})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:'-e FASTAPI_HOST="0.0.0.0" \\\n-e FASTAPI_PORT="8000" \\ \n'})}),(0,i.jsx)(n.p,{children:(0,i.jsx)(n.strong,{children:"Enable single sign-on processing on the frontend."})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:'-e FRONTEND_USE_AUTHORIZATION="true" \\\n'})}),(0,i.jsx)(n.p,{children:(0,i.jsxs)(n.strong,{children:["Specify the main URL of the UI. For instance, this could be ",(0,i.jsx)(n.a,{href:"https://www.example.com",children:"https://www.example.com"})]})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:'-e FRONTEND_REDIRECT_URL="http://localhost:8000" \\\n'})}),(0,i.jsx)(n.p,{children:(0,i.jsxs)(n.strong,{children:["Set the login URL used by the main UI. For instance, this could be ",(0,i.jsx)(n.a,{href:"https://www.example.com/api/v1/auth/login",children:"https://www.example.com/api/v1/auth/login"})]})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:'-e FRONTEND_AUTH_LOGIN_URL="http://localhost:8000/api/v1/auth/login" \\\n'})}),(0,i.jsx)(n.p,{children:(0,i.jsx)(n.strong,{children:"Enable the OAUTH2 server and set the log level"})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:'-e OAUTH2_ENABLED="true" \\\n-e OAUTH2_LOG_LEVEL="DEBUG" \\\n'})}),(0,i.jsx)(n.p,{children:(0,i.jsx)(n.strong,{children:"Specify the hostname and port for the authorization server running in the docker container. Using 0.0.0.0 as the host allows external access to the container."})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:'-e OAUTH2_HOST="0.0.0.0" \\\n-e OAUTH2_PORT="9000" \\\n'})}),(0,i.jsx)(n.p,{children:(0,i.jsx)(n.strong,{children:"Specify whether the Oauth2 checks use dev mode. When dev mode is true the following environment variables are added to allow http access and relax the token scope. This MUST be set false in a production environment."})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:'-e OAUTH2_DEV_MODE="true" \\\n'})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:'OAUTHLIB_RELAX_TOKEN_SCOPE="1"\nOAUTHLIB_INSECURE_TRANSPORT="1"\n'})}),(0,i.jsx)(n.p,{children:(0,i.jsx)(n.strong,{children:"Configure the environment variables for your chosen authentication provider. Refer to the oauth2_config.yaml file to identify the required variables. For example, with Azure set the following"})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:'-e AZURE_TENANT_ID="xxxxxxxxx-xxxxxx-xxxxxxxx-xxxxxxxxxx" \\\n-e AZURE_CLIENT_ID="xxxxxxxxx-xxxxxx-xxxxxxxx-xxxxxxxxxx" \\\n-e AZURE_CLIENT_SECRET="xxxxxxxxx-xxxxxx-xxxxxxxx-xxxxxxxxxx" \\\n'})}),(0,i.jsx)(n.p,{children:(0,i.jsx)(n.strong,{children:"Configure the authorization server's public URL (accessible from outside the Docker container) and specify the OAuth2 provider\u2019s name from oauth2_config.yaml (this example uses the azure profile):"})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:'-e EXTERNAL_AUTH_SERVICE_URL="http://localhost:9000" \\\n-e EXTERNAL_AUTH_PROVIDER="azure" \\\n'})}),(0,i.jsx)(n.p,{children:(0,i.jsxs)(n.strong,{children:["Lastly, set the callback URL that your auth provider will use to redirect with the auth code. For instance, this could be ",(0,i.jsx)(n.a,{href:"https://www.example.com/api/v1/auth/callback",children:"https://www.example.com/api/v1/auth/callback"})]})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:'-e EXTERNAL_AUTH_CALLBACK="http://localhost:8000/api/v1/auth/callback" \\\n'})}),(0,i.jsx)(n.p,{children:(0,i.jsx)(n.strong,{children:"Note that both the main UI and authorization server ports must be mapped to the host machine, as shown in the Docker run command above:"})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"-p 8000:8000 -p 9000:9000 \\\n"})}),(0,i.jsx)(n.p,{children:(0,i.jsx)(n.strong,{children:"The oauth 2 configuration files must be mounted inside the container:"})}),(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"-v <YOUR_NAMED_DOCKER_VOLUME>:/app/config/sso_vol/ \\\n"})})]})]})}function x(e={}){const{wrapper:n}={...(0,s.R)(),...e.components};return n?(0,i.jsx)(n,{...e,children:(0,i.jsx)(h,{...e})}):h(e)}},8453:(e,n,t)=>{t.d(n,{R:()=>r,x:()=>a});var o=t(6540);const i={},s=o.createContext(i);function r(e){const n=o.useContext(s);return o.useMemo((function(){return"function"==typeof e?e(n):{...n,...e}}),[n,e])}function a(e){let n;return n=e.disableParentContext?"function"==typeof e.components?e.components(i):e.components||i:r(e.components),o.createElement(s.Provider,{value:n},e.children)}}}]);

solace-agent-mesh 1.4.12__py3-none-any.whl → 1.5.0__py3-none-any.whl

Potentially problematic release.

solace-agent-mesh 1.4.12py3-none-any.whl → 1.5.0py3-none-any.whl