Fix: Pass Bearer Token to tool_context.actions.requested_auth_configs
#298
Conversation
MagnusDot
changed the title
tool_context.actions.requested_auth_configs
MagnusDot
changed the title
tool_context.actions.requested_auth_configstool_context.actions.requested_auth_configs #267
MagnusDot
changed the title
tool_context.actions.requested_auth_configs #267tool_context.actions.requested_auth_configs
|
@boyangsvl can you look at it please 🙏 |
|
@seanzhou1023 PTAL. |
|
@hangfei any news ? 🫣 |
|
sorry we didn't provide enough documents. auth response is not passed in this way. It should be only passed as a function response to adk_request_credential, please see : https://github.com/google/adk-docs/blob/main/docs/tools/authentication.md [ool_context.actions.requested_auth_configs is not something that is supposed to be touch out of adk. |
|
and this is only used when tools are requesting credential on demand. e.g. : and client send back the auth credential as response. If client needs to actively pass in auth credential to tools, you can directly pass in the session.state, and if you want it to be removed after one invocation you can append the key with 'temp:' namespace, see https://google.github.io/adk-docs/tools/#state-management |
3 participants
This MR fixes issue #267 where HTTP Bearer tokens provided in ADK requests were not correctly propagated to
tool_context.actions.requested_auth_configs.Changes Made:
src/google/adk/agents/invocation_context.py: Added a requested_auth_configs attribute to store authentication configurations requested by the client to pass to tools.src/google/adk/runners.py: Modified to support passing an authentication token during invocation via run_async and configuring it in the invocation context.src/google/adk/tools/tool_context.py: Enhanced the get_auth_response() method to first check if a Bearer token is available in requested_auth_configs before using the standard method of retrieving the token from the session state.tests/unittests/auth/test_bearer_token_auth.py: Added a new test file to validate the Bearer token authentication functionality, including tests to verify correct token configuration in the invocation context and proper retrieval by tools.Summary:
This change allows passing a Bearer authentication token directly during agent invocation, facilitating authentication to external APIs without requiring user interaction to obtain the token. The token is passed to the tool context and can be retrieved by tools via the get_auth_response() method.
Fixes #267