mirror of
https://github.com/meta-llama/llama-stack.git
synced 2025-12-03 09:53:45 +00:00
fix: Remove authorization from provider data (#4161)
# What does this PR do?
- Remove backward compatibility for authorization in mcp_headers
- Enforce authorization must use dedicated parameter
- Add validation error if Authorization found in provider_data headers
- Update test_mcp.py to use authorization parameter
- Update test_mcp_json_schema.py to use authorization parameter
- Update test_tools_with_schemas.py to use authorization parameter
- Update documentation to show the change in the authorization approach
Breaking Change:
- Authorization can no longer be passed via mcp_headers in provider_data
- Users must use the dedicated 'authorization' parameter instead
- Clear error message guides users to the new approach"
## Test Plan
CI
---------
Co-authored-by: Omar Abdelwahab <omara@fb.com>
Co-authored-by: Ashwin Bharambe <ashwin.bharambe@gmail.com>
(cherry picked from commit fe91d331ef)
# Conflicts:
# src/llama_stack/providers/remote/tool_runtime/model_context_protocol/model_context_protocol.py
# tests/integration/inference/test_tools_with_schemas.py
# tests/integration/tool_runtime/test_mcp.py
# tests/integration/tool_runtime/test_mcp_json_schema.py
This commit is contained in:
Omar Abdelwahab
Mergify
parent
49a290e53e
commit
9d54a854d9
5 changed files with 178 additions and 28 deletions
|
|
@ -9,8 +9,6 @@ Integration tests for MCP tools with complex JSON Schema support.
|
|||
Tests $ref, $defs, and other JSON Schema features through MCP integration.
|
||||
"""
|
||||
|
||||
import json
|
||||
|
||||
import pytest
|
||||
|
||||
from llama_stack import LlamaStackAsLibraryClient
|
||||
|
|
@ -123,15 +121,19 @@ class TestMCPSchemaPreservation:
|
|||
mcp_endpoint=dict(uri=uri),
|
||||
)
|
||||
|
||||
<<<<<<< HEAD
|
||||
provider_data = {"mcp_headers": {uri: {"Authorization": f"Bearer {AUTH_TOKEN}"}}}
|
||||
auth_headers = {
|
||||
"X-LlamaStack-Provider-Data": json.dumps(provider_data),
|
||||
}
|
||||
|
||||
=======
|
||||
# Use the dedicated authorization parameter
|
||||
>>>>>>> fe91d331 (fix: Remove authorization from provider data (#4161))
|
||||
# List runtime tools
|
||||
response = llama_stack_client.tool_runtime.list_tools(
|
||||
tool_group_id=test_toolgroup_id,
|
||||
extra_headers=auth_headers,
|
||||
authorization=AUTH_TOKEN,
|
||||
)
|
||||
|
||||
tools = response
|
||||
|
|
@ -166,15 +168,20 @@ class TestMCPSchemaPreservation:
|
|||
provider_id="model-context-protocol",
|
||||
mcp_endpoint=dict(uri=uri),
|
||||
)
|
||||
<<<<<<< HEAD
|
||||
provider_data = {"mcp_headers": {uri: {"Authorization": f"Bearer {AUTH_TOKEN}"}}}
|
||||
auth_headers = {
|
||||
"X-LlamaStack-Provider-Data": json.dumps(provider_data),
|
||||
}
|
||||
|
||||
=======
|
||||
|
||||
# Use the dedicated authorization parameter
|
||||
>>>>>>> fe91d331 (fix: Remove authorization from provider data (#4161))
|
||||
# List tools
|
||||
response = llama_stack_client.tool_runtime.list_tools(
|
||||
tool_group_id=test_toolgroup_id,
|
||||
extra_headers=auth_headers,
|
||||
authorization=AUTH_TOKEN,
|
||||
)
|
||||
|
||||
# Find book_flight tool (which should have $ref/$defs)
|
||||
|
|
@ -216,14 +223,18 @@ class TestMCPSchemaPreservation:
|
|||
mcp_endpoint=dict(uri=uri),
|
||||
)
|
||||
|
||||
<<<<<<< HEAD
|
||||
provider_data = {"mcp_headers": {uri: {"Authorization": f"Bearer {AUTH_TOKEN}"}}}
|
||||
auth_headers = {
|
||||
"X-LlamaStack-Provider-Data": json.dumps(provider_data),
|
||||
}
|
||||
|
||||
=======
|
||||
# Use the dedicated authorization parameter
|
||||
>>>>>>> fe91d331 (fix: Remove authorization from provider data (#4161))
|
||||
response = llama_stack_client.tool_runtime.list_tools(
|
||||
tool_group_id=test_toolgroup_id,
|
||||
extra_headers=auth_headers,
|
||||
authorization=AUTH_TOKEN,
|
||||
)
|
||||
|
||||
# Find get_weather tool
|
||||
|
|
@ -263,15 +274,19 @@ class TestMCPToolInvocation:
|
|||
mcp_endpoint=dict(uri=uri),
|
||||
)
|
||||
|
||||
<<<<<<< HEAD
|
||||
provider_data = {"mcp_headers": {uri: {"Authorization": f"Bearer {AUTH_TOKEN}"}}}
|
||||
auth_headers = {
|
||||
"X-LlamaStack-Provider-Data": json.dumps(provider_data),
|
||||
}
|
||||
|
||||
# List tools to populate the tool index
|
||||
=======
|
||||
# Use the dedicated authorization parameter
|
||||
>>>>>>> fe91d331 (fix: Remove authorization from provider data (#4161))
|
||||
llama_stack_client.tool_runtime.list_tools(
|
||||
tool_group_id=test_toolgroup_id,
|
||||
extra_headers=auth_headers,
|
||||
authorization=AUTH_TOKEN,
|
||||
)
|
||||
|
||||
# Invoke tool with complex nested data
|
||||
|
|
@ -283,7 +298,7 @@ class TestMCPToolInvocation:
|
|||
"shipping": {"address": {"street": "123 Main St", "city": "San Francisco", "zipcode": "94102"}},
|
||||
}
|
||||
},
|
||||
extra_headers=auth_headers,
|
||||
authorization=AUTH_TOKEN,
|
||||
)
|
||||
|
||||
# Should succeed without schema validation errors
|
||||
|
|
@ -309,22 +324,26 @@ class TestMCPToolInvocation:
|
|||
mcp_endpoint=dict(uri=uri),
|
||||
)
|
||||
|
||||
<<<<<<< HEAD
|
||||
provider_data = {"mcp_headers": {uri: {"Authorization": f"Bearer {AUTH_TOKEN}"}}}
|
||||
auth_headers = {
|
||||
"X-LlamaStack-Provider-Data": json.dumps(provider_data),
|
||||
}
|
||||
|
||||
# List tools to populate the tool index
|
||||
=======
|
||||
# Use the dedicated authorization parameter
|
||||
>>>>>>> fe91d331 (fix: Remove authorization from provider data (#4161))
|
||||
llama_stack_client.tool_runtime.list_tools(
|
||||
tool_group_id=test_toolgroup_id,
|
||||
extra_headers=auth_headers,
|
||||
authorization=AUTH_TOKEN,
|
||||
)
|
||||
|
||||
# Test with email format
|
||||
result_email = llama_stack_client.tool_runtime.invoke_tool(
|
||||
tool_name="flexible_contact",
|
||||
kwargs={"contact_info": "user@example.com"},
|
||||
extra_headers=auth_headers,
|
||||
authorization=AUTH_TOKEN,
|
||||
)
|
||||
|
||||
assert result_email.error_message is None
|
||||
|
|
@ -333,7 +352,7 @@ class TestMCPToolInvocation:
|
|||
result_phone = llama_stack_client.tool_runtime.invoke_tool(
|
||||
tool_name="flexible_contact",
|
||||
kwargs={"contact_info": "+15551234567"},
|
||||
extra_headers=auth_headers,
|
||||
authorization=AUTH_TOKEN,
|
||||
)
|
||||
|
||||
assert result_phone.error_message is None
|
||||
|
|
@ -365,6 +384,7 @@ class TestAgentWithMCPTools:
|
|||
mcp_endpoint=dict(uri=uri),
|
||||
)
|
||||
|
||||
<<<<<<< HEAD
|
||||
provider_data = {"mcp_headers": {uri: {"Authorization": f"Bearer {AUTH_TOKEN}"}}}
|
||||
auth_headers = {
|
||||
"X-LlamaStack-Provider-Data": json.dumps(provider_data),
|
||||
|
|
@ -373,6 +393,12 @@ class TestAgentWithMCPTools:
|
|||
tools_list = llama_stack_client.tools.list(
|
||||
toolgroup_id=test_toolgroup_id,
|
||||
extra_headers=auth_headers,
|
||||
=======
|
||||
# Use the dedicated authorization parameter
|
||||
tools_list = llama_stack_client.tool_runtime.list_tools(
|
||||
tool_group_id=test_toolgroup_id,
|
||||
authorization=AUTH_TOKEN,
|
||||
>>>>>>> fe91d331 (fix: Remove authorization from provider data (#4161))
|
||||
)
|
||||
tool_defs = [
|
||||
{
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue