Merge branch 'main' into alexw/coral-login

cohere-ai · Jun 20, 2024 · 291ac69 · 291ac69
2 parents 67cb6dc + 8bda6c9
commit 291ac69
Show file tree

Hide file tree

Showing 128 changed files with 3,742 additions and 1,498 deletions.
diff --git a/docs/auth_guide.md b/docs/auth_guide.md
@@ -4,18 +4,31 @@
 
 By default, the Toolkit does not enforce any authentication strategies, but they can be enabled from `src/backend/config/auth.py`.
 
-The list of implemented authentication strategies exist in `src/backend/services/auth`. Currently, there exists:
-- BasicAuthentication (for email/password auth): no setup required.
-- GoogleOAuth (Currently not ready - still requiring frontend integration and E2E testing, targeting mid-June): requires setting up [Google OAuth 2.0](https://support.google.com/cloud/answer/6158849?hl=en). You will need to retrieve a client ID and client secret and set them as environment variables.
+This is the current list of implemented Auth strategies:
 
-To enable one or more of these strategies, simply add them to the `ENABLED_AUTH_STRATEGIES` list in the configurations.
+- BasicAuthentication (for email/password auth): no setup required.
+- GoogleOAuth: requires setting up [Google OAuth 2.0](https://support.google.com/cloud/answer/6158849?hl=en). To enable this strategy, you will need to configure your Google OAuth app and retrieve `GOOGLE_CLIENT_ID` and `GOOGLE_CLIENT_SECRET` values.
+- OpenIDConnect: To enable this strategy, you will need to configure your SSO app and retrieve `OIDC_CLIENT_ID`, `OIDC_CLIENT_SECRET`, and `OIDC_WELL_KNOWN_ENDPOINT` values. Note that this should work with any OAuth app that follows OpenID Connect conventions, the strategy assumes that the well-known endpoint will return the required endpoints. See `oidc.py` for implementation details.
 
-After enabling one or more strategies, you must create a secret key to be used to encrypt the JWT tokens generated by the backend and store it in the `AUTH_SECRET_KEY` environment variable.
+To enable one or more of these strategies, add them to the `ENABLED_AUTH_STRATEGIES` list in the `backend/config/auth.py` file, then add any required environment variables in your `.env` file, and generate a secret key to be used as the `AUTH_SECRET_KEY` environment variable. This is used to encode and decode your access tokens.
 
-For testing use-cases, you can enter any string value.
-For production use-cases, We recommend running the following in a local CLI to generate a random key:
+For the `AUTH_SECRET_KEY`, if you want to test auth functionality you can use any string value.
+For production use-cases, it is recommended to run the following python commands in a local CLI to generate a random key:
 
 ```
 import secrets
 print(secrets.token_hex(32))
 ```
+
+## Configuring your OAuth app's Redirect URI
+
+When configuring your OAuth apps, make sure to whitelist the Redirect URI to the frontend endpoint, it should look like 
+`<FRONTEND_HOST>/auth/<STRATEGY_NAME>`. For example, your Redirect URI will be `http://localhost:4000/auth/google` if you're running the GoogleOAuth class locally.
+
+## Implementing new Auth strategies
+
+To implement a new strategy, refer to the `backend/services/auth/strategies` folder. Auth strategies will need to inherit from one of two base classes, `BaseAuthenticationStrategy` or `BaseOAuthStrategy`.
+
+If your strategy requires environment variables, create a new `<AUTH_METHOD>Settings` class that inherits from `Settings`. The values you set in your Settings class will automatically be retrieved from the `.env` file.
+
+OAuth strategies should implement the `authorize` method to verify an authorization code and return an access token.
diff --git a/docs/custom_tool_guides/tool_guide.md b/docs/custom_tool_guides/tool_guide.md
@@ -179,7 +179,7 @@ Remember, you can also access your tools via the API.
 - List tools:
 
 ```bash
-curl --location --request GET 'http://localhost:8000/tools' \
+curl --location --request GET 'http://localhost:8000/v1/tools' \
 --header 'User-Id: me' \
 --header 'Content-Type: application/json' \
 --data '{}'
@@ -188,7 +188,7 @@ curl --location --request GET 'http://localhost:8000/tools' \
 - Chat turns with tools:
 
 ```bash
-curl --location 'http://localhost:8000/chat-stream' \
+curl --location 'http://localhost:8000/v1/chat-stream' \
 --header 'User-Id: me' \
 --header 'Content-Type: application/json' \
 --data '{

diff --git a/docs/how_to_guides.md b/docs/how_to_guides.md
@@ -19,10 +19,10 @@ To add your own deployment:
 
 ## How to call the backend as an API
 
-It is possible to just run the backend service, and call it in the same manner as the Cohere API. Note streaming and non streaming endpoints are split into 'http://localhost:8000/chat-stream' and 'http://localhost:8000/chat' compared to the API. For example, to stream:
+It is possible to just run the backend service, and call it in the same manner as the Cohere API. Note streaming and non streaming endpoints are split into 'http://localhost:8000/v1/chat-stream' and 'http://localhost:8000/v1/chat' compared to the API. For example, to stream:
 
 ```bash
-curl --location 'http://localhost:8000/chat-stream' \
+curl --location 'http://localhost:8000/v1/chat-stream' \
 --header 'User-Id: me' \
 --header 'Content-Type: application/json' \
 --data '{
@@ -79,12 +79,12 @@ Python interpreter and Tavily Internet search are provided in the toolkit by def
 
 Example API call:
 ```bash
-curl --location 'http://localhost:8000/langchain-chat' \
+curl --location 'http://localhost:8000/v1/langchain-chat' \
 --header 'User-Id: me' \
 --header 'Content-Type: application/json' \
 --data '{
     "message": "Tell me about the aya model",
-    "tools": [{"name": "Python_Interpreter"},{"name": "Internet Search"},]
+    "tools": [{"name": "Python_Interpreter"},{"name": "Internet_Search"}]
 }'
 ```