j6dZddlmZddlZddlZddlZddlmZmZddlm Z ddl m Z m Z ej eZddlmZddlmZd Zd Zd Ze d GddZdZd+dZd,dZd-dZd.dZd.dZd/d!Zd0d#Z d1d2d)Z d1d3d*Z!dS)4zIGeneric managed-tool gateway helpers for Nous-hosted vendor passthroughs.) annotationsN)datetimetimezone) dataclass)CallableOptionalget_hermes_home)managed_nous_tools_enabledznousresearch.comhttpsxT)frozenc8eZdZUded<ded<ded<ded<dS)ManagedToolGatewayConfigstrvendorgateway_originnous_user_tokenbool managed_modeN)__name__ __module__ __qualname____annotations__?/home/ubuntu/.hermes/hermes-agent/tools/managed_tool_gateway.pyrrs?KKKrrc$tdz S)zDReturn the Hermes auth store path, respecting HERMES_HOME overrides.z auth.jsonr rrrauth_json_pathrs   { **rreturnOptional[dict]cr t}|sdStj|}|di}t |tsdS|di}t |tr|Sn#t$rYnwxYwdS)N providersnous) ris_filejsonloads read_textget isinstancedict Exception)pathdatar# nous_providers r_read_nous_provider_stater0#s  ||~~ 4z$..**++HH["-- )T** 4! fb11 mT * * !  !      4s"B'AB'9,B'' B43B4valueobjectOptional[datetime]ct|tr|sdS|}|dr |dddz} t j|}n#t $rYdSwxYw|j |tj }| tj S)NZz+00:00)tzinfo) r*rstripendswithr fromisoformat ValueErrorr7replacerutc astimezone)r1 normalizedparseds r_parse_timestamprA4s eS ! !tJ30_x/ ' 33 tt }x|44   X\ * **s#A88 BB expires_at skew_secondsintrct|}|dS|tjtjz }|t dt|kS)NTr)rArnowrr= total_secondsmaxrD)rBrCexpires remainings r_access_token_is_expiringrKCsXz**Gt8< 555DDFFI As<0011 11r Optional[str]cltjd}t|tr(|r|St pi}|d}t|tr(|r|SdS)aCheap probe for a Nous gateway token without triggering refresh. Availability scans (`hermes tools`, banner/status paint, provider `is_available()` checks) must stay off the synchronous OAuth refresh path. This helper therefore only inspects the explicit env override and the cached auth-store token, without checking expiry and without making any network calls. Truthful refresh handling stays in request/session paths that call :func:`read_nous_access_token`. TOOL_GATEWAY_USER_TOKEN access_tokenN)osgetenvr*rr8r0r))explicitr/rOs rpeek_nous_access_tokenrSKsy233H(C   X^^%5%5 ~~-//52M $$^44L,$$$););)=)=$!!### 4rcLtjd}t|tr(|r|St pi}t }|r*t|dts|S ddl m }|t}t|tr(|r|Sn2#t$r%}td|Yd}~nd}~wwxYw|S)zJRead a Nous Subscriber OAuth access token from auth store or env override.rNrBr)resolve_nous_access_token)refresh_skew_secondsz$Nous access token refresh failed: %sN)rPrQr*rr8r0rSrKr)'_NOUS_ACCESS_TOKEN_REFRESH_SKEW_SECONDShermes_cli.authrUr,loggerdebug)rRr/ cached_tokenrUrefreshed_tokenexcs rread_nous_access_tokenr^`sQy233H(C   X^^%5%5 ~~-//52M)++L5,''/ B======33!H    os + + +0E0E0G0G +"((** * BBB ;SAAAAAAAAB sAC22 D!<DD!rctjdd}|stS|dvr|St d)z,Return configured shared gateway URL scheme.TOOL_GATEWAY_SCHEME>httpr z-TOOL_GATEWAY_SCHEME must be 'http' or 'https')rPrQr8lower_DEFAULT_TOOL_GATEWAY_SCHEMEr;)schemes rget_tool_gateway_schemerf|sZ Y,b 1 1 7 7 9 9 ? ? A AF ,++ """ D E EErrc|ddd}tj|dd}|r|St }tjddd}|r |d|d|S|d|dtS) z0Return the gateway origin for a specific vendor.-_ _GATEWAY_URLra/TOOL_GATEWAY_DOMAINz://z -gateway.)upperr<rPrQr8rstriprf_DEFAULT_TOOL_GATEWAY_DOMAIN)r vendor_keyexplicit_vendor_url shared_scheme shared_domains rbuild_vendor_gateway_urlrtsLLNN**344BBBJ)J3399;;BB3GG#""+--MI3R88>>@@FFsKKMEDDFDD]DDD O O O O1M O OOrgateway_builderOptional[Callable[[str], str]] token_reader%Optional[Callable[[], Optional[str]]]"Optional[ManagedToolGatewayConfig]ctsdS|pt}|pt}||}|}|r|sdSt|||dS)z8Resolve shared managed-tool gateway config for a vendor.NT)rrrr)r rtr^r)rrurwresolved_gateway_builderresolved_token_readerrrs rresolve_managed_tool_gatewayr}s & ' 't.J2J(B,B--f55N++--O t #%'    rc8t|||ptduS)a|Return True when gateway URL and a likely-usable Nous token are present. Defaults to :func:`peek_nous_access_token` so read-only availability scans avoid synchronous OAuth refresh. Callers that are about to make a real gateway request should use :func:`resolve_managed_tool_gateway` (which still defaults to the refresh-aware :func:`read_nous_access_token`). )rurwN)r}rS)rrurws ris_managed_tool_gateway_readyrs4 ('!;%;     r)r r!)r1r2r r3)rBr2rCrDr r)r rL)r r)rrr r)NN)rrrurvrwrxr ry)rrrurvrwrxr r)"__doc__ __future__rr&loggingrPrr dataclassesrtypingrr getLoggerrrYhermes_constantsr tools.tool_backend_helpersr rordrWrrr0rArKrSr^rfrtr}rrrrrsOO""""""  ''''''''!!!!!!%%%%%%%%  8 $ $,,,,,,AAAAAA1&*-' $+++ " + + + +2222*8 F F F F P P P P"7;:>67;:>r