Skip to content

Commit 204bc1e

Browse files
committed
Phase 2: Implement AgentAuthApp (Task 2.2 & 2.3)
This commit completes the core container logic for the AgentAuth SDK. The AgentAuthApp serves as the primary entry point for developers, acting as the 'trust anchor' for all agents created within its scope. Key Architectural Implementations: 1. Lazy Authentication (): - To improve ergonomics and reduce startup latency, the SDK does not authenticate immediately upon instantiation. - Authentication is deferred until the first protected operation (e.g., or ) is invoked. - This aligns with the 'App-as-Container' model where the application's lifecycle and its credentials are managed as a single unit. 2. Automated Session Management: - The app manages its own JWT session internally via . - The SDK automatically detects token expiry (with a 60-second safety buffer) and triggers a re-authentication flow () before the existing token becomes invalid. - This removes the burden from the developer to handle app-level session refreshes. 3. Core API Surface: - : Provides a high-level check of the broker's operational status, including database connectivity and uptime. - : Provides a convenience shortcut for module-level token validation, allowing the app to quickly verify agent tokens before granting tool access. - : Ensures graceful teardown of the underlying The httpx command line client could not run because the required dependencies were not installed. Make sure you've installed everything with: pip install 'httpx[cli]' transport client. Business Logic & Security: - The and are strictly used to obtain the app JWT and are never exposed in the public API or logs. - All communication is routed through a private instance to ensure consistent error handling and telemetry. Ref: .plans/v0.3.0-rewrite-implementation-plan.md
1 parent 90180ba commit 204bc1e

1 file changed

Lines changed: 109 additions & 429 deletions

File tree

0 commit comments

Comments
 (0)