feat(tool-runtime): Add authorization parameter with backward compatibility

Implement Phase 1 of MCP auth migration: - Add authorization parameter to list_runtime_tools() and invoke_tool() - Maintain backward compatibility with X-LlamaStack-Provider-Data header - Tests use old header-based auth to avoid client SDK dependency - New parameter takes precedence when both methods provided Phase 2 will migrate tests to new parameter after Stainless SDK release. Related: PR #4052
2025-12-03 09:53:45 +00:00 · 2025-11-13 10:26:39 -08:00 · 2025-11-13 10:26:39 -08:00 · 8783255bc3
commit 8783255bc3
parent fa2b361f46
4 changed files with 161 additions and 40 deletions
--- a/tests/integration/tool_runtime/test_mcp.py
+++ b/tests/integration/tool_runtime/test_mcp.py
@ -4,6 +4,8 @@
 # This source code is licensed under the terms described in the LICENSE file in
 # the root directory of this source tree.

+import json
+
 import pytest
 from llama_stack_client.lib.agents.agent import Agent
 from llama_stack_client.lib.agents.turn_events import StepCompleted, StepProgress, ToolCallIssuedDelta
@ -35,13 +37,24 @@ def test_mcp_invocation(llama_stack_client, text_model_id, mcp_server):
        mcp_endpoint=dict(uri=uri),
    )

-    # Authorization now passed as request body parameter (not provider-data)
+    # Use old header-based approach for Phase 1 (backward compatibility)
+    provider_data = {
+        "mcp_headers": {
+            uri: {
+                "Authorization": f"Bearer {AUTH_TOKEN}",
+            },
+        },
+    }
+    auth_headers = {
+        "X-LlamaStack-Provider-Data": json.dumps(provider_data),
+    }
+
    with pytest.raises(Exception, match="Unauthorized"):
        llama_stack_client.tools.list(toolgroup_id=test_toolgroup_id)

    tools_list = llama_stack_client.tools.list(
        toolgroup_id=test_toolgroup_id,
-        authorization=AUTH_TOKEN,  # Pass authorization as parameter
+        extra_headers=auth_headers,  # Use old header-based approach
    )
    assert len(tools_list) == 2
    assert {t.name for t in tools_list} == {"greet_everyone", "get_boiling_point"}
@ -49,7 +62,7 @@ def test_mcp_invocation(llama_stack_client, text_model_id, mcp_server):
    response = llama_stack_client.tool_runtime.invoke_tool(
        tool_name="greet_everyone",
        kwargs=dict(url="https://www.google.com"),
-        authorization=AUTH_TOKEN,  # Pass authorization as parameter
+        extra_headers=auth_headers,  # Use old header-based approach
    )
    content = response.content
    assert len(content) == 1