-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcomplete-example.py
More file actions
359 lines (299 loc) · 12.9 KB
/
Copy pathcomplete-example.py
File metadata and controls
359 lines (299 loc) · 12.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
"""
Complete Microsoft Agent Framework + APort Integration Example
This example demonstrates a production-ready integration of APort with
Microsoft Agent Framework using middleware for pre-execution authorization.
Features:
1. Agent Run Middleware - Verifies authorization before agent execution
2. Function Calling Middleware - Authorizes individual tool/function calls
3. Proper error handling with framework-compliant responses
4. Audit trail generation
5. Both function-based and class-based middleware examples
Prerequisites:
pip install agent-framework
pip install aporthq-sdk-python
pip install azure-identity # For Azure authentication
Run: python complete-example.py
"""
import asyncio
import os
import logging
from typing import Dict, Any
# Microsoft Agent Framework imports
# Note: Adjust imports based on actual SDK structure
try:
from agent_framework.azure import AzureAIAgentClient
from azure.identity.aio import AzureCliCredential
from agent_framework import AgentRunContext
except ImportError:
print("⚠️ Microsoft Agent Framework not installed")
print(" Install with: pip install agent-framework azure-identity")
print(" This example will show the pattern but won't run without the SDK")
# Type stubs for documentation
class AzureAIAgentClient:
pass
class AzureCliCredential:
pass
# Import APort middleware
from aport_middleware import (
aport_agent_middleware,
aport_function_middleware,
AportAgentMiddleware,
AportFunctionMiddleware,
)
# Configure logging
logging.basicConfig(
level=logging.INFO,
format="%(asctime)s - %(name)s - %(levelname)s - %(message)s"
)
logger = logging.getLogger(__name__)
# ============================================================================
# Example Tool Functions
# ============================================================================
async def process_refund_tool(order_id: str, amount: int, currency: str = "USD") -> Dict[str, Any]:
"""
Process a refund - only called if APort authorization passes.
This function will be wrapped by function calling middleware,
which verifies authorization before execution.
"""
logger.info(f"Processing refund: ${amount/100:.2f} {currency} for order {order_id}")
# Simulate API call
await asyncio.sleep(0.1)
return {
"status": "success",
"refund_id": f"ref_{order_id}_{amount}",
"amount": amount,
"currency": currency,
"order_id": order_id,
}
async def export_data_tool(table_name: str, row_limit: int, include_pii: bool = False) -> Dict[str, Any]:
"""
Export data - only called if APort authorization passes.
"""
logger.info(f"Exporting data: {table_name}, limit={row_limit}, pii={include_pii}")
await asyncio.sleep(0.1)
return {
"status": "success",
"export_id": f"exp_{table_name}",
"table_name": table_name,
"rows_exported": min(row_limit, 1000),
"include_pii": include_pii,
}
# ============================================================================
# Example 1: Function-Based Middleware
# ============================================================================
async def example_function_based_middleware():
"""
Example using function-based middleware (simplest approach).
"""
logger.info("=" * 60)
logger.info("Example 1: Function-Based Middleware")
logger.info("=" * 60)
try:
credential = AzureCliCredential()
# Create agent with APort middleware
async with AzureAIAgentClient(async_credential=credential).create_agent(
name="RefundAgent",
instructions=(
"You are a customer support agent that can process refunds. "
"When a customer requests a refund, use the refund tool to process it. "
"Always confirm the amount and currency before processing."
),
tools=[process_refund_tool, export_data_tool],
middleware=[
aport_agent_middleware, # Agent-level middleware
aport_function_middleware, # Function-level middleware
],
) as agent:
# Example 1: Authorized refund
logger.info("\n📝 Test 1: Authorized refund ($50)")
logger.info("-" * 60)
result = await agent.run(
"Process a $50 refund for order 12345",
metadata={
"agent_id": os.getenv("APORT_AGENT_ID", "ap_demo_agent"),
"policy_id": "finance.payment.refund.v1",
"action": "refund",
"amount": 5000, # $50.00 in cents
"currency": "USD",
"order_id": "12345",
"region": "US",
}
)
logger.info(f"✅ Result: {result}")
# Example 2: Large refund (might exceed limits)
logger.info("\n📝 Test 2: Large refund ($10,000)")
logger.info("-" * 60)
result = await agent.run(
"Process a $10,000 refund for order 67890",
metadata={
"agent_id": os.getenv("APORT_AGENT_ID", "ap_demo_agent"),
"policy_id": "finance.payment.refund.v1",
"action": "refund",
"amount": 1000000, # $10,000.00 in cents
"currency": "USD",
"order_id": "67890",
"region": "US",
}
)
logger.info(f"Result: {result}")
logger.info("(This may be denied if amount exceeds policy limits)")
except Exception as e:
logger.error(f"Error in function-based middleware example: {e}", exc_info=True)
# ============================================================================
# Example 2: Class-Based Middleware
# ============================================================================
async def example_class_based_middleware():
"""
Example using class-based middleware (for stateful operations).
"""
logger.info("\n" + "=" * 60)
logger.info("Example 2: Class-Based Middleware")
logger.info("=" * 60)
try:
credential = AzureCliCredential()
# Create middleware instances
agent_middleware = AportAgentMiddleware(
api_key=os.getenv("APORT_API_KEY"),
base_url=os.getenv("APORT_API_URL", "https://api.aport.io"),
timeout_ms=800,
)
function_middleware = AportFunctionMiddleware(
api_key=os.getenv("APORT_API_KEY"),
base_url=os.getenv("APORT_API_URL", "https://api.aport.io"),
policy_mapping={
"process_refund": "finance.payment.refund.v1",
"export_data": "data.export.create.v1",
},
)
# Create agent with class-based middleware
async with AzureAIAgentClient(async_credential=credential).create_agent(
name="DataAgent",
instructions=(
"You are a data export assistant. "
"When users request data exports, use the export_data tool."
),
tools=[export_data_tool],
middleware=[
agent_middleware.process, # Use process method
function_middleware.process, # Function middleware
],
) as agent:
result = await agent.run(
"Export 1000 rows from the users table",
metadata={
"agent_id": os.getenv("APORT_AGENT_ID", "ap_demo_agent"),
"policy_id": "data.export.create.v1",
"action": "export",
"table_name": "users",
"row_limit": 1000,
"include_pii": False,
}
)
logger.info(f"✅ Result: {result}")
except Exception as e:
logger.error(f"Error in class-based middleware example: {e}", exc_info=True)
# ============================================================================
# Example 3: Agent-Level vs Run-Level Middleware
# ============================================================================
async def example_agent_vs_run_level():
"""
Example showing agent-level vs run-level middleware.
"""
logger.info("\n" + "=" * 60)
logger.info("Example 3: Agent-Level vs Run-Level Middleware")
logger.info("=" * 60)
try:
credential = AzureCliCredential()
# Agent-level middleware: Applied to ALL runs
async with AzureAIAgentClient(async_credential=credential).create_agent(
name="FlexibleAgent",
instructions="You are a helpful assistant.",
tools=[process_refund_tool],
middleware=[
aport_agent_middleware, # Agent-level: applies to all runs
],
) as agent:
# Run 1: Uses agent-level middleware only
logger.info("\n📝 Run 1: Agent-level middleware only")
result1 = await agent.run(
"What's the weather?",
metadata={
"agent_id": os.getenv("APORT_AGENT_ID", "ap_demo_agent"),
# No policy_id - just passport verification
}
)
logger.info(f"Result: {result1}")
# Run 2: Agent-level + run-level middleware
logger.info("\n📝 Run 2: Agent-level + run-level middleware")
# Define run-level middleware (e.g., additional logging)
async def run_level_logging_middleware(context, next):
logger.info("Run-level middleware: Before execution")
await next(context)
logger.info("Run-level middleware: After execution")
result2 = await agent.run(
"Process a $25 refund for order 11111",
middleware=[run_level_logging_middleware], # Run-level only
metadata={
"agent_id": os.getenv("APORT_AGENT_ID", "ap_demo_agent"),
"policy_id": "finance.payment.refund.v1",
"action": "refund",
"amount": 2500,
"currency": "USD",
}
)
logger.info(f"Result: {result2}")
except Exception as e:
logger.error(f"Error in agent vs run-level example: {e}", exc_info=True)
# ============================================================================
# Main
# ============================================================================
async def main():
"""
Run all examples.
"""
logger.info("🛡️ Microsoft Agent Framework + APort Integration Examples")
logger.info("=" * 60)
logger.info("\nThis example demonstrates:")
logger.info("1. Function-based middleware (simplest)")
logger.info("2. Class-based middleware (stateful)")
logger.info("3. Agent-level vs run-level middleware")
logger.info("4. Proper error handling and audit trails")
logger.info("\nSecurity Flow:")
logger.info(" User Request")
logger.info(" ↓")
logger.info(" APort Agent Middleware (pre-execution authorization)")
logger.info(" ↓")
logger.info(" Agent Execution")
logger.info(" ↓")
logger.info(" APort Function Middleware (tool-level authorization)")
logger.info(" ↓")
logger.info(" Tool Execution (if authorized)")
logger.info(" ↓")
logger.info(" Audit Trail Generation")
logger.info()
# Check if Microsoft Agent Framework is available
try:
from agent_framework.azure import AzureAIAgentClient
except ImportError:
logger.warning("⚠️ Microsoft Agent Framework not installed")
logger.warning(" Install with: pip install agent-framework azure-identity")
logger.warning(" This example shows the pattern but requires the SDK to run")
return
# Run examples
try:
await example_function_based_middleware()
await example_class_based_middleware()
await example_agent_vs_run_level()
logger.info("\n" + "=" * 60)
logger.info("✨ Examples completed!")
logger.info("\nKey Takeaways:")
logger.info("- Function-based middleware: Simplest, stateless")
logger.info("- Class-based middleware: Stateful, reusable")
logger.info("- Agent-level: Applies to all runs")
logger.info("- Run-level: Per-request customization")
logger.info("- APort integrates seamlessly with Microsoft Agent Framework")
logger.info("- Fail-closed by default with audit trails")
except Exception as e:
logger.error(f"Error running examples: {e}", exc_info=True)
if __name__ == "__main__":
asyncio.run(main())