tools.connect_service module
OAuth service connection management.
Lets users connect, disconnect, and check their OAuth service connections (GitHub, Google, Discord, Microsoft) so other tools can act on their behalf.
- async tools.connect_service.handle_connect_service(provider, scopes=None, ctx=None)[source]
Mint an OAuth authorization link the user must visit to connect a service.
Backs the
connect_servicetool. Validates that the requested provider is configured on this instance, then asks the OAuth manager to generate a ready-to-click authorization URL for the calling user and returns a JSON payload describing what to do next.It fetches the process-wide OAuth manager via
oauth_manager.get_oauth_manager(), gates onOAuthManager.is_provider_configured(whether client credentials exist), and delegates toOAuthManager.generate_connect_urlwhich mints a one-time link code and writes a JSON state payload to the Redis keystargazer:oauth_state:{state}(with a TTL) usingctx.redisbefore returning the provider authorize URL; the human-readable provider blurb comes from the module-levelPROVIDER_INFOmap. No model, event bus, or HTTP call is made directly here.Called by the tool-execution machinery (the inference worker), not by other Python code:
tool_loader.load_toolsregisters this function as the handler for theconnect_serviceentry inTOOLS, and it is dispatched by name with the schema arguments plus an injectedctx. No internal call sites were found.- Parameters:
- Returns:
A JSON string. On success it carries
status=authorization_requiredwith theprovider,description,authorization_url, andinstructions; otherwise anerrormessage (Redis unavailable, provider not configured, or URL generation failure).- Return type:
- async tools.connect_service.handle_check_connection(provider, ctx=None)[source]
Report whether the user has an active OAuth connection for one provider.
Backs the
check_service_connectiontool. Returns the connection status for a single provider, including its stored scopes and expiry when present, so the model can decide whether to prompt the user to connect.It obtains the OAuth manager via
oauth_manager.get_oauth_manager()and first checksOAuthManager.is_provider_configured; if a token exists it callsOAuthManager.has_token(a non-refreshing token lookup againstctx.redis) and thenOAuthManager.list_user_connectionsto pull the matching connection record (scopes,expires_at,has_refresh_token) which is merged into the response. These reads go to the user’s stored token in Redis; no provider HTTP call is made.Called by the tool-execution machinery (the inference worker) via the
check_service_connectionregistration inTOOLS/tool_loader.load_tools; it is dispatched by name with an injectedctx. No internal Python call sites were found.- Parameters:
provider (
str) – Service to check (github,google,discord, ormicrosoft).ctx (
ToolContext|None) – Tool context supplyingredisanduser_id; ifNoneor lacking Redis the call short-circuits.
- Returns:
A JSON string with
connected(bool) andprovider. When connected, the matching connection fields (e.g.scopes,expires_at) are merged in; when not configured,reasonisprovider_not_configured; when Redis is unavailable, anerrormessage is returned instead.- Return type:
- async tools.connect_service.handle_disconnect_service(provider, ctx=None)[source]
Revoke and delete the user’s stored OAuth token for one provider.
Backs the
disconnect_servicetool. If the user has a token for the provider it is revoked and removed so the user must re-authorize later; if there is nothing to disconnect the function reports that without error.It obtains the OAuth manager via
oauth_manager.get_oauth_manager(), checksOAuthManager.has_tokenagainstctx.redis, and on a hit callsOAuthManager.delete_tokenwhich best-effort revokes the token at the provider’srevoke_url(Google/Discord; failures are logged and ignored) and then deletes the local copy from Redis. The deletion is the durable side effect; remote revocation is best-effort.Called by the tool-execution machinery (the inference worker) via the
disconnect_serviceregistration inTOOLS/tool_loader.load_tools; it is dispatched by name with an injectedctx. No internal Python call sites were found.- Parameters:
provider (
str) – Service to disconnect (github,google,discord, ormicrosoft).ctx (
ToolContext|None) – Tool context supplyingredisanduser_id; ifNoneor lacking Redis the call short-circuits.
- Returns:
A JSON string with the
providerand astatusofdisconnectedwhen a token was removed,not_connectedwhen there was nothing to remove, or anerrormessage when Redis is unavailable.- Return type:
- async tools.connect_service.handle_list_connected(ctx=None)[source]
List the user’s connected OAuth services and the still-available ones.
Backs the
list_connected_servicestool. Returns every provider the user has connected (with scopes and expiry) alongside the configured providers they have not yet connected, giving the model a full picture of OAuth state.It obtains the OAuth manager via
oauth_manager.get_oauth_manager()and reads the user’s connections withOAuthManager.list_user_connections(which loads each provider’s stored token fromctx.redis) and the set of instances configured with credentials viaOAuthManager.list_configured_providers; configured providers not already connected are surfaced asavailable_servicesusing thePROVIDER_INFOblurbs. No provider HTTP call is made.Called by the tool-execution machinery (the inference worker) via the
list_connected_servicesregistration inTOOLS/tool_loader.load_tools; it is dispatched by name with an injectedctx. No internal Python call sites were found.- Parameters:
ctx (
ToolContext|None) – Tool context supplyingredisanduser_id; ifNoneor lacking Redis the call short-circuits.- Returns:
A JSON string with
connected_services(the user’s connection records) andavailable_services(configured-but-unconnected providers with descriptions), or anerrormessage when Redis is unavailable.- Return type: