solace-agent-mesh 1.5.1__py3-none-any.whl → 1.6.1__py3-none-any.whl

solace_agent_mesh/gateway/base/app.py

@@ -19,6 +19,7 @@ from ...common.a2a import (
 
 log = logging.getLogger(__name__)
 
+
 class BaseGatewayComponent(ComponentBase):
     pass
 
@@ -244,6 +245,20 @@ class BaseGatewayApp(App):
                 )
             },
         ]
+
+        # Add trust card subscription if trust manager is enabled
+        trust_config = resolved_app_config_block.get("trust_manager")
+        if trust_config and trust_config.get("enabled", False):
+            from ...common.a2a.protocol import get_trust_card_subscription_topic
+
+            trust_card_topic = get_trust_card_subscription_topic(self.namespace)
+            subscriptions.append({"topic": trust_card_topic})
+            log.info(
+                "Trust Manager enabled for gateway '%s', added trust card subscription: %s",
+                self.gateway_id,
+                trust_card_topic,
+            )
+
         log.info(
             "Generated Solace subscriptions for gateway '%s': %s",
             self.gateway_id,
@@ -272,7 +287,7 @@ class BaseGatewayApp(App):
         broker_config["queue_name"] = (
             f"{self.namespace.strip('/')}/q/gdk/gateway/{self.gateway_id}"
         )
-        broker_config["temporary_queue"] = True
+        broker_config["temporary_queue"] = modified_app_info.get("broker", {}).get("temporary_queue", True)
         log.debug(
             "Injected broker settings for gateway '%s': %s",
             self.gateway_id,

solace_agent_mesh/gateway/base/component.py

@@ -282,6 +282,9 @@ class BaseGatewayComponent(SamComponentBase):
             "user_id_for_a2a", user_identity.get("id")
         )
 
+        system_purpose = self.get_config("system_purpose", "")
+        response_format = self.get_config("response_format", "")
+
         if not a2a_session_id:
             a2a_session_id = f"gdk-session-{uuid.uuid4().hex}"
             log.warning(
@@ -291,7 +294,11 @@ class BaseGatewayComponent(SamComponentBase):
             )
             external_request_context["a2a_session_id"] = a2a_session_id
 
-        a2a_metadata = {"agent_name": target_agent_name}
+        a2a_metadata = {
+            "agent_name": target_agent_name,
+            "system_purpose": system_purpose,
+            "response_format": response_format,
+        }
         invoked_artifacts = external_request_context.get("invoked_with_artifacts")
         if invoked_artifacts:
             a2a_metadata["invoked_with_artifacts"] = invoked_artifacts
@@ -336,6 +343,37 @@ class BaseGatewayComponent(SamComponentBase):
         if user_config:
             user_properties["a2aUserConfig"] = user_config
 
+        # Enterprise feature: Add signed user claims if trust manager available
+        if hasattr(self, "trust_manager") and self.trust_manager:
+            log.debug(
+                "%s Attempting to sign user claims for task %s",
+                log_id_prefix,
+                task_id,
+            )
+            try:
+                auth_token = self.trust_manager.sign_user_claims(
+                    user_info=user_identity, task_id=task_id
+                )
+                user_properties["authToken"] = auth_token
+                log.debug(
+                    "%s Successfully signed user claims for task %s",
+                    log_id_prefix,
+                    task_id,
+                )
+            except Exception as e:
+                log.error(
+                    "%s Failed to sign user claims for task %s: %s",
+                    log_id_prefix,
+                    task_id,
+                    e,
+                )
+                # Continue without token - enterprise feature is optional
+        else:
+            log.debug(
+                "%s Trust Manager not available, proceeding without authentication token",
+                log_id_prefix,
+            )
+
         user_properties["replyTo"] = a2a.get_gateway_response_topic(
             self.namespace, self.gateway_id, task_id
         )
@@ -359,49 +397,55 @@ class BaseGatewayComponent(SamComponentBase):
         )
         return task_id
 
-    def process_event(self, event: Event):
-        if event.event_type == EventType.MESSAGE:
-            original_broker_message: Optional[SolaceMessage] = event.data
-            if not original_broker_message:
-                log.warning(
-                    "%s Received MESSAGE event with no data. Ignoring.",
-                    self.log_identifier,
-                )
-                return
+    def _handle_message(self, message: SolaceMessage, topic: str) -> None:
+        """
+        Override to use queue-based pattern instead of direct async.
 
-            log.debug(
-                "%s Received SolaceMessage on topic: %s. Bridging to internal queue.",
+        Gateway uses an internal queue for message processing to ensure
+        strict ordering and backpressure handling.
+
+        Args:
+            message: The Solace message
+            topic: The topic the message was received on
+        """
+        log.debug(
+            "%s Received SolaceMessage on topic: %s. Bridging to internal queue.",
+            self.log_identifier,
+            topic,
+        )
+
+        try:
+            msg_data_for_processor = {
+                "topic": topic,
+                "payload": message.get_payload(),
+                "user_properties": message.get_user_properties(),
+                "_original_broker_message": message,
+            }
+            self.internal_event_queue.put_nowait(msg_data_for_processor)
+        except queue.Full:
+            log.error(
+                "%s Internal event queue full. Cannot bridge message.",
                 self.log_identifier,
-                original_broker_message.get_topic(),
             )
-            try:
-                msg_data_for_processor = {
-                    "topic": original_broker_message.get_topic(),
-                    "payload": original_broker_message.get_payload(),
-                    "user_properties": original_broker_message.get_user_properties(),
-                    "_original_broker_message": original_broker_message,
-                }
-                self.internal_event_queue.put_nowait(msg_data_for_processor)
-            except queue.Full:
-                log.error(
-                    "%s Internal event queue full. Cannot bridge message. NACKing.",
-                    self.log_identifier,
-                )
-                original_broker_message.call_negative_acknowledgements()
-            except Exception as e:
-                log.exception(
-                    "%s Error bridging message to internal queue: %s. NACKing.",
-                    self.log_identifier,
-                    e,
-                )
-                original_broker_message.call_negative_acknowledgements()
-        else:
-            log.debug(
-                "%s Received non-MESSAGE event type: %s. Passing to super.",
+            raise
+        except Exception as e:
+            log.exception(
+                "%s Error bridging message to internal queue: %s",
                 self.log_identifier,
-                event.event_type,
+                e,
             )
-            super().process_event(event)
+            raise
+
+    async def _handle_message_async(self, message, topic: str) -> None:
+        """
+        Not used by gateway - we override _handle_message() instead.
+
+        This is here to satisfy the abstract method requirement, but the
+        gateway uses the queue-based pattern via _handle_message() override.
+        """
+        raise NotImplementedError(
+            "Gateway uses queue-based message handling via _handle_message() override"
+        )
 
     async def _handle_resolved_signals(
         self,
@@ -1113,6 +1157,9 @@ class BaseGatewayComponent(SamComponentBase):
 
     async def _async_setup_and_run(self) -> None:
         """Main async logic for the gateway component."""
+        # Call base class to initialize Trust Manager
+        await super()._async_setup_and_run()
+
         log.info(
             "%s Starting _start_listener() to initiate external platform connection.",
             self.log_identifier,
@@ -1127,6 +1174,17 @@ class BaseGatewayComponent(SamComponentBase):
 
     def _pre_async_cleanup(self) -> None:
         """Pre-cleanup actions for the gateway component."""
+        # Cleanup Trust Manager if present (ENTERPRISE FEATURE)
+        if self.trust_manager:
+            try:
+                log.info("%s Cleaning up Trust Manager...", self.log_identifier)
+                self.trust_manager.cleanup(self.cancel_timer)
+                log.info("%s Trust Manager cleanup complete", self.log_identifier)
+            except Exception as e:
+                log.error(
+                    "%s Error during Trust Manager cleanup: %s", self.log_identifier, e
+                )
+
         log.info("%s Calling _stop_listener()...", self.log_identifier)
         self._stop_listener()
 
@@ -1177,6 +1235,13 @@ class BaseGatewayComponent(SamComponentBase):
                     processed_successfully = await self._handle_discovery_message(
                         payload
                     )
+                elif (
+                    hasattr(self, "trust_manager")
+                    and self.trust_manager
+                    and self.trust_manager.is_trust_card_topic(topic)
+                ):
+                    await self.trust_manager.handle_trust_card_message(payload, topic)
+                    processed_successfully = True
                 elif a2a.topic_matches_subscription(
                     topic,
                     a2a.get_gateway_response_subscription_topic(
@@ -1321,6 +1386,14 @@ class BaseGatewayComponent(SamComponentBase):
     ) -> None:
         pass
 
+    def _get_component_id(self) -> str:
+        """Returns the gateway ID as the component identifier."""
+        return self.gateway_id
+
+    def _get_component_type(self) -> str:
+        """Returns 'gateway' as the component type."""
+        return "gateway"
+
     def invoke(self, message, data):
         if isinstance(message, SolaceMessage):
             message.call_acknowledgements()

solace_agent_mesh/gateway/http_sse/alembic/versions/20251015_add_session_performance_indexes.py

@@ -0,0 +1,70 @@
+"""add performance indexes for query optimization
+
+Revision ID: 20251015_session_idx
+Revises: 98882922fa59
+Create Date: 2025-10-15
+
+"""
+
+from collections.abc import Sequence
+
+import sqlalchemy as sa
+from alembic import op
+
+revision: str = "20251015_session_idx"
+down_revision: str | Sequence[str] | None = "98882922fa59"
+branch_labels: str | Sequence[str] | None = None
+depends_on: str | Sequence[str] | None = None
+
+
+def upgrade() -> None:
+    """Add composite indexes for optimal query performance."""
+
+    op.create_index("ix_sessions_user_id", "sessions", ["user_id"], unique=False)
+
+    op.create_index(
+        "ix_sessions_user_updated",
+        "sessions",
+        ["user_id", sa.text("updated_time DESC")],
+        unique=False,
+    )
+
+    op.create_index(
+        "ix_chat_tasks_session_user_created",
+        "chat_tasks",
+        ["session_id", "user_id", "created_time"],
+        unique=False,
+    )
+
+    op.create_index(
+        "ix_tasks_user_start_time",
+        "tasks",
+        ["user_id", sa.text("start_time DESC")],
+        unique=False,
+    )
+
+    op.create_index(
+        "ix_task_events_task_created",
+        "task_events",
+        ["task_id", "created_time"],
+        unique=False,
+    )
+
+    op.drop_index("ix_tasks_initial_request_text", table_name="tasks")
+
+
+def downgrade() -> None:
+    """Remove performance indexes."""
+
+    op.create_index(
+        op.f("ix_tasks_initial_request_text"),
+        "tasks",
+        ["initial_request_text"],
+        unique=False,
+    )
+
+    op.drop_index("ix_task_events_task_created", table_name="task_events")
+    op.drop_index("ix_tasks_user_start_time", table_name="tasks")
+    op.drop_index("ix_chat_tasks_session_user_created", table_name="chat_tasks")
+    op.drop_index("ix_sessions_user_updated", table_name="sessions")
+    op.drop_index("ix_sessions_user_id", table_name="sessions")

solace_agent_mesh/gateway/http_sse/component.py

@@ -146,6 +146,27 @@ class WebUIBackendComponent(BaseGatewayComponent):
             timer_id=self._sse_cleanup_timer_id,
             interval_ms=cleanup_interval_sec * 1000,
         )
+        
+        # Set up health check timer for agent registry
+        from ...common.constants import HEALTH_CHECK_INTERVAL_SECONDS
+        self.health_check_timer_id = f"agent_health_check_{self.gateway_id}"
+        health_check_interval_seconds = self.get_config("agent_health_check_interval_seconds", HEALTH_CHECK_INTERVAL_SECONDS)
+        if health_check_interval_seconds > 0:
+            log.info(
+                "%s Scheduling agent health check every %d seconds.",
+                self.log_identifier,
+                health_check_interval_seconds,
+            )
+            self.add_timer(
+                delay_ms=health_check_interval_seconds * 1000,
+                timer_id=self.health_check_timer_id,
+                interval_ms=health_check_interval_seconds * 1000,
+            )
+        else:
+            log.warning(
+                "%s Agent health check interval not configured or invalid, health checks will not run periodically.",
+                self.log_identifier,
+            )
 
         session_config = self._resolve_session_config()
         if session_config.get("type") == "sql":
@@ -265,6 +286,10 @@ class WebUIBackendComponent(BaseGatewayComponent):
                 log.debug("%s SSE buffer cleanup timer triggered.", self.log_identifier)
                 self.sse_event_buffer.cleanup_stale_buffers()
                 return
+            elif event.data.get("timer_id") == self.health_check_timer_id:
+                log.debug("%s Agent health check timer triggered.", self.log_identifier)
+                self._check_agent_health()
+                return
             
             if timer_id == self._data_retention_timer_id:
                 log.debug("%s Data retention cleanup timer triggered.", self.log_identifier)
@@ -354,7 +379,7 @@ class WebUIBackendComponent(BaseGatewayComponent):
                     ),
                     "retry_interval": main_broker_config.get("retry_interval"),
                     "retry_count": main_broker_config.get("retry_count"),
-                    "temporary_queue": True,
+                    "temporary_queue": main_broker_config.get("temporary_queue", True),
                 },
             }
 
@@ -486,7 +511,7 @@ class WebUIBackendComponent(BaseGatewayComponent):
                     ),
                     "retry_interval": main_broker_config.get("retry_interval"),
                     "retry_count": main_broker_config.get("retry_count"),
-                    "temporary_queue": True,
+                    "temporary_queue": main_broker_config.get("temporary_queue", True),
                 },
             }
 
@@ -1197,7 +1222,7 @@ class WebUIBackendComponent(BaseGatewayComponent):
                 app=self.fastapi_app,
                 host=self.fastapi_host,
                 port=port,
-                log_level="info",
+                log_level="warning",
                 lifespan="on",
                 ssl_keyfile=self.ssl_keyfile,
                 ssl_certfile=self.ssl_certfile,
@@ -1404,6 +1429,7 @@ class WebUIBackendComponent(BaseGatewayComponent):
             self.data_retention_service = None
             log.info("%s Data retention service cleaned up.", self.log_identifier)
         
+        self.cancel_timer(self.health_check_timer_id)
         log.info("%s Cleaning up visualization resources...", self.log_identifier)
         if self._visualization_message_queue:
             self._visualization_message_queue.put(None)
@@ -1729,6 +1755,76 @@ class WebUIBackendComponent(BaseGatewayComponent):
 
     def get_agent_registry(self) -> AgentRegistry:
         return self.agent_registry
+        
+    def _check_agent_health(self):
+        """
+        Checks the health of peer agents and de-registers unresponsive ones.
+        This is called periodically by the health check timer.
+        Uses TTL-based expiration to determine if an agent is unresponsive.
+        """
+            
+        log.debug("%s Performing agent health check...", self.log_identifier)
+        
+        # Get TTL from configuration or use default from constants
+        from ...common.constants import HEALTH_CHECK_TTL_SECONDS, HEALTH_CHECK_INTERVAL_SECONDS
+        ttl_seconds = self.get_config("agent_health_check_ttl_seconds", HEALTH_CHECK_TTL_SECONDS)
+        health_check_interval = self.get_config("agent_health_check_interval_seconds", HEALTH_CHECK_INTERVAL_SECONDS)
+
+        log.debug(
+            "%s Health check configuration: interval=%d seconds, TTL=%d seconds",
+            self.log_identifier,
+            health_check_interval,
+            ttl_seconds
+        )
+        
+        # Validate configuration values
+        if ttl_seconds <= 0 or health_check_interval <= 0 or ttl_seconds < health_check_interval:
+            log.error(
+                "%s agent_health_check_ttl_seconds (%d) and agent_health_check_interval_seconds (%d) must be positive and TTL must be greater than interval.",
+                self.log_identifier,
+                ttl_seconds,
+                health_check_interval
+            )
+            raise ValueError(f"Invalid health check configuration. agent_health_check_ttl_seconds ({ttl_seconds}) and agent_health_check_interval_seconds ({health_check_interval}) must be positive and TTL must be greater than interval.")
+        
+        # Get all agent names from the registry
+        agent_names = self.agent_registry.get_agent_names()
+        total_agents = len(agent_names)
+        agents_to_deregister = []
+        
+        log.debug("%s Checking health of %d peer agents", self.log_identifier, total_agents)
+        
+        for agent_name in agent_names:
+            # Check if the agent's TTL has expired
+            is_expired, time_since_last_seen = self.agent_registry.check_ttl_expired(agent_name, ttl_seconds)
+            
+            if is_expired:
+                log.warning(
+                    "%s Agent '%s' TTL has expired. De-registering. Time since last seen: %d seconds (TTL: %d seconds)",
+                    self.log_identifier,
+                    agent_name,
+                    time_since_last_seen,
+                    ttl_seconds
+                )
+                agents_to_deregister.append(agent_name)
+        
+        # De-register unresponsive agents
+        for agent_name in agents_to_deregister:
+            self._deregister_agent(agent_name)
+            
+        log.info(
+            "%s Agent health check completed. Total agents: %d, De-registered: %d",
+            self.log_identifier,
+            total_agents,
+            len(agents_to_deregister)
+        )
+        
+    def _deregister_agent(self, agent_name: str):
+        """
+        De-registers an agent from the registry and publishes a de-registration event.
+        """
+        # Remove from registry
+        self.agent_registry.remove_agent(agent_name)
 
     def get_sse_manager(self) -> SSEManager:
         return self.sse_manager

solace_agent_mesh/gateway/http_sse/dependencies.py

@@ -243,10 +243,10 @@ def get_people_service(
     return PeopleService(identity_service=identity_service)
 
 
-def get_task_repository(db: Session = Depends(get_db)) -> ITaskRepository:
+def get_task_repository() -> ITaskRepository:
     """FastAPI dependency to get an instance of TaskRepository."""
     log.debug("[Dependencies] get_task_repository called")
-    return TaskRepository(db)
+    return TaskRepository()
 
 
 def get_feedback_service(
@@ -525,9 +525,9 @@ def get_session_validator(
             try:
                 db = SessionLocal()
                 try:
-                    session_repository = SessionRepository(db)
+                    session_repository = SessionRepository()
                     session_domain = session_repository.find_user_session(
-                        session_id, user_id
+                        db, session_id, user_id
                     )
                     return session_domain is not None
                 finally:

solace_agent_mesh/gateway/http_sse/main.py

@@ -107,6 +107,7 @@ def _extract_user_identifier(user_info: dict) -> str:
         or user_info.get("email")
         or user_info.get("name")
         or user_info.get("azp")
+        or user_info.get("user_id") # internal /user_info endpoint format maps identifier to user_id
     )
 
     if user_identifier and user_identifier.lower() == "unknown":

solace_agent_mesh/gateway/http_sse/repository/chat_task_repository.py

@@ -16,12 +16,9 @@ from .models import ChatTaskModel
 class ChatTaskRepository(IChatTaskRepository):
     """SQLAlchemy implementation of chat task repository."""
 
-    def __init__(self, db: DBSession):
-        self.db = db
-
-    def save(self, task: ChatTask) -> ChatTask:
+    def save(self, session: DBSession, task: ChatTask) -> ChatTask:
         """Save or update a chat task (upsert)."""
-        existing = self.db.query(ChatTaskModel).filter(
+        existing = session.query(ChatTaskModel).filter(
             ChatTaskModel.id == task.id
         ).first()
 
@@ -43,12 +40,12 @@ class ChatTaskRepository(IChatTaskRepository):
                 created_time=task.created_time,
                 updated_time=task.updated_time
             )
-            self.db.add(model)
+            session.add(model)
 
-        self.db.commit()
+        session.flush()
 
         # Reload to get updated values
-        model = self.db.query(ChatTaskModel).filter(
+        model = session.query(ChatTaskModel).filter(
             ChatTaskModel.id == task.id
         ).first()
 
@@ -56,11 +53,12 @@ class ChatTaskRepository(IChatTaskRepository):
 
     def find_by_session(
         self,
+        session: DBSession,
         session_id: SessionId,
         user_id: UserId
     ) -> List[ChatTask]:
         """Find all tasks for a session."""
-        models = self.db.query(ChatTaskModel).filter(
+        models = session.query(ChatTaskModel).filter(
             ChatTaskModel.session_id == session_id,
             ChatTaskModel.user_id == user_id
         ).order_by(ChatTaskModel.created_time.asc()).all()
@@ -69,23 +67,24 @@ class ChatTaskRepository(IChatTaskRepository):
 
     def find_by_id(
         self,
+        session: DBSession,
         task_id: str,
         user_id: UserId
     ) -> Optional[ChatTask]:
         """Find a specific task."""
-        model = self.db.query(ChatTaskModel).filter(
+        model = session.query(ChatTaskModel).filter(
             ChatTaskModel.id == task_id,
             ChatTaskModel.user_id == user_id
         ).first()
 
         return self._model_to_entity(model) if model else None
 
-    def delete_by_session(self, session_id: SessionId) -> bool:
+    def delete_by_session(self, session: DBSession, session_id: SessionId) -> bool:
         """Delete all tasks for a session."""
-        result = self.db.query(ChatTaskModel).filter(
+        result = session.query(ChatTaskModel).filter(
             ChatTaskModel.session_id == session_id
         ).delete()
-        self.db.commit()
+        session.flush()
         return result > 0
 
     def _model_to_entity(self, model: ChatTaskModel) -> ChatTask:

solace_agent_mesh/gateway/http_sse/repository/feedback_repository.py

@@ -12,10 +12,7 @@ from .models import FeedbackModel
 class FeedbackRepository(IFeedbackRepository):
     """SQLAlchemy implementation of feedback repository."""
 
-    def __init__(self, db: DBSession):
-        self.db = db
-
-    def save(self, feedback: Feedback) -> Feedback:
+    def save(self, session: DBSession, feedback: Feedback) -> Feedback:
         """Save feedback."""
         model = FeedbackModel(
             id=feedback.id,
@@ -26,12 +23,12 @@ class FeedbackRepository(IFeedbackRepository):
             comment=feedback.comment,
             created_time=feedback.created_time,
         )
-        self.db.add(model)
-        self.db.commit()
-        self.db.refresh(model)
+        session.add(model)
+        session.flush()
+        session.refresh(model)
         return self._model_to_entity(model)
 
-    def delete_feedback_older_than(self, cutoff_time_ms: int, batch_size: int) -> int:
+    def delete_feedback_older_than(self, session: DBSession, cutoff_time_ms: int, batch_size: int) -> int:
         """
         Delete feedback records older than the cutoff time.
         Uses batch deletion to avoid long-running transactions.
@@ -44,36 +41,36 @@ class FeedbackRepository(IFeedbackRepository):
             Total number of feedback records deleted
         """
         total_deleted = 0
-        
+
         while True:
             # Find a batch of feedback IDs to delete
             feedback_ids_to_delete = (
-                self.db.query(FeedbackModel.id)
+                session.query(FeedbackModel.id)
                 .filter(FeedbackModel.created_time < cutoff_time_ms)
                 .limit(batch_size)
                 .all()
             )
-            
+
             if not feedback_ids_to_delete:
                 break
-            
+
             # Extract IDs from the result tuples
             ids = [feedback_id[0] for feedback_id in feedback_ids_to_delete]
-            
+
             # Delete this batch
             deleted_count = (
-                self.db.query(FeedbackModel)
+                session.query(FeedbackModel)
                 .filter(FeedbackModel.id.in_(ids))
                 .delete(synchronize_session=False)
             )
-            
-            self.db.commit()
+
+            session.commit()
             total_deleted += deleted_count
-            
+
             # If we deleted fewer than batch_size, we're done
             if deleted_count < batch_size:
                 break
-        
+
         return total_deleted
 
     def _model_to_entity(self, model: FeedbackModel) -> Feedback: