Skip to content

fix: session_service.create_session issue #401

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 28 commits into
base: main
Choose a base branch
from
Open

fix: session_service.create_session issue #401

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
f792da6
fix: session_service.create_session issue
hsuyuming Jun 11, 2025
874d136
fix: await issue, and provide fully example
hsuyuming Jun 11, 2025
9cbeeb4
add typehint
hsuyuming Jun 11, 2025
a84a5cc
fix: await coroutine to complete
hsuyuming Jun 13, 2025
b704bfa
docs: add license
hsuyuming Jun 13, 2025
eccbcbb
docs: add license
hsuyuming Jun 13, 2025
76f4986
fix yaml format
hsuyuming Jun 13, 2025
c49c2e2
docs: add fastapi server, so people can try it out
hsuyuming Jun 13, 2025
bce077e
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jun 13, 2025
435fac2
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jun 17, 2025
b127864
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jun 18, 2025
28445cc
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jun 20, 2025
3ab3b26
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jun 23, 2025
716f9d3
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jun 24, 2025
e9991c2
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jun 26, 2025
6e989f0
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jul 11, 2025
ff0f1a9
remove unused asyncio import
hsuyuming Jul 11, 2025
60c927a
Merge branch 'main' into fix/session_does_not_await_issue
lavinigam-gcp Jul 15, 2025
6165a73
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jul 16, 2025
6d4f20c
Merge branch 'main' into fix/session_does_not_await_issue
lavinigam-gcp Jul 16, 2025
a89ac18
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jul 17, 2025
198602d
docs: update code base on suggestion
hsuyuming Jul 17, 2025
821e5ad
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jul 17, 2025
9935e82
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jul 18, 2025
9d22db5
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Jul 24, 2025
15b7581
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Aug 1, 2025
329ffa5
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Aug 4, 2025
9bbbe60
Merge branch 'main' into fix/session_does_not_await_issue
hsuyuming Aug 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
221 changes: 116 additions & 105 deletions docs/tools/authentication.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -551,127 +551,138 @@ except Exception as e:
```py title="helpers.py"
--8<-- "examples/python/snippets/tools/auth/helpers.py"
```
=== "Mock fastapi server"

```py title="mock_server.py (Change USER_INFO_ENDPOINT based on where you deploy userinfo endpoint.)"
--8<-- "examples/python/snippets/tools/auth/mock_server.py"
```
=== "data model"

```py title="model.py"
--8<-- "examples/python/snippets/tools/auth/model.py"
```
=== "Spec"

```yaml
openapi: 3.0.1
info:
title: Okta User Info API
title: User Info API
version: 1.0.0
description: |-
API to retrieve user profile information based on a valid Okta OIDC Access Token.
Authentication is handled via OpenID Connect with Okta.
API to retrieve user profile information based on a valid OIDC Access Token.
Authentication is handled via OpenID Connect with Any Idp provider.
contact:
name: API Support
email: [email protected] # Replace with actual contact if available
servers:
- url: <substitute with your server name>
description: Production Environment
- url: <substitute with your server name>
description: Production Environment
paths:
/okta-jwt-user-api:
get:
summary: Get Authenticated User Info
description: |-
Fetches profile details for the user
operationId: getUserInfo
tags:
- User Profile
security:
- okta_oidc:
- openid
- email
- profile
responses:
'200':
description: Successfully retrieved user information.
content:
application/json:
schema:
type: object
properties:
sub:
type: string
description: Subject identifier for the user.
example: "abcdefg"
name:
type: string
description: Full name of the user.
example: "Example LastName"
locale:
type: string
description: User's locale, e.g., en-US or en_US.
example: "en_US"
email:
type: string
format: email
description: User's primary email address.
example: "[email protected]"
preferred_username:
type: string
description: Preferred username of the user (often the email).
example: "[email protected]"
given_name:
type: string
description: Given name (first name) of the user.
example: "Example"
family_name:
type: string
description: Family name (last name) of the user.
example: "LastName"
zoneinfo:
type: string
description: User's timezone, e.g., America/Los_Angeles.
example: "America/Los_Angeles"
updated_at:
type: integer
format: int64 # Using int64 for Unix timestamp
description: Timestamp when the user's profile was last updated (Unix epoch time).
example: 1743617719
email_verified:
type: boolean
description: Indicates if the user's email address has been verified.
example: true
required:
- sub
- name
- locale
- email
- preferred_username
- given_name
- family_name
- zoneinfo
- updated_at
- email_verified
'401':
description: Unauthorized. The provided Bearer token is missing, invalid, or expired.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
'403':
description: Forbidden. The provided token does not have the required scopes or permissions to access this resource.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/oidc-jwt-user-api:
get:
summary: Get Authenticated User Info
description: |-
Fetches profile details for the user
operationId: getUserInfo
tags:
- User Profile
security:
- idp_oidc:
- openid
- email
- profile
responses:
'200':
description: Successfully retrieved user information.
content:
application/json:
schema:
type: object
properties:
sub:
type: string
description: Subject identifier for the user.
example: "abcdefg"
name:
type: string
description: Full name of the user.
example: "Example LastName"
locale:
type: string
description: User's locale, e.g., en-US or en_US.
example: "en_US"
email:
type: string
format: email
description: User's primary email address.
example: "[email protected]"
preferred_username:
type: string
description: Preferred username of the user (often the email).
example: "[email protected]"
given_name:
type: string
description: Given name (first name) of the user.
example: "Example"
family_name:
type: string
description: Family name (last name) of the user.
example: "LastName"
zoneinfo:
type: string
description: User's timezone, e.g., America/Los_Angeles.
example: "America/Los_Angeles"
updated_at:
type: integer
format: int64 # Using int64 for Unix timestamp
description: Timestamp when the user's profile was last updated (Unix epoch time).
example: 1743617719
email_verified:
type: boolean
description: Indicates if the user's email address has been verified.
example: true
required:
- sub
- name
- locale
- email
- preferred_username
- given_name
- family_name
- zoneinfo
- updated_at
- email_verified
'401':
description: Unauthorized. The provided Bearer token is missing, invalid, or expired.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
'403':
description: Forbidden. The provided token does not have the required scopes or permissions to access this resource.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
components:
securitySchemes:
okta_oidc:
securitySchemes:
idp_oidc:
type: openIdConnect
description: Authentication via Okta using OpenID Connect. Requires a Bearer Access Token.
description: Authentication via idp using OpenID Connect. Requires a Bearer Access Token.
# TODO: Change this url base on your Identity provider. (e.g: https://accounts.google.com/.well-known/openid-configuration)
openIdConnectUrl: https://your-endpoint.okta.com/.well-known/openid-configuration
schemas:
Error:
schemas:
Error:
type: object
properties:
code:
type: string
description: An error code.
message:
type: string
description: A human-readable error message.
required:
- code
- message
code:
type: string
description: An error code.
message:
type: string
description: A human-readable error message.
required:
- code
- message
```

16 changes: 15 additions & 1 deletion examples/python/snippets/tools/auth/agent_cli.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,17 @@
# Copyright 2025 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

import asyncio
from dotenv import load_dotenv
from google.adk.artifacts.in_memory_artifact_service import InMemoryArtifactService
Expand All @@ -22,7 +36,7 @@ async def async_main():
artifacts_service = InMemoryArtifactService()

# Create a new user session to maintain conversation state.
session = session_service.create_session(
session = await session_service.create_session(
state={}, # Optional state dictionary for session-specific data
app_name='my_app', # Application identifier
user_id='user' # User identifier
Expand Down
18 changes: 16 additions & 2 deletions examples/python/snippets/tools/auth/helpers.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,17 @@
# Copyright 2025 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

from google.adk.auth import AuthConfig
from google.adk.events import Event
import asyncio
Expand Down Expand Up @@ -100,11 +114,11 @@ def get_function_call_auth_config(event: Event) -> AuthConfig:
and event.content.parts[0] # Use content, not contents
and event.content.parts[0].function_call
and event.content.parts[0].function_call.args
and event.content.parts[0].function_call.args.get('auth_config')
and event.content.parts[0].function_call.args.get('authConfig')
):
# Reconstruct the AuthConfig object using the dictionary provided in the arguments.
# The ** operator unpacks the dictionary into keyword arguments for the constructor.
return AuthConfig(
**event.content.parts[0].function_call.args.get('auth_config')
**event.content.parts[0].function_call.args.get('authConfig')
)
raise ValueError(f'Cannot get auth config from event {event}')
Loading