feat(platform): Create external API (#9272)

We want to allow external api calls against our platform
We also want to keep it sep from internal platform calls for dev ex,
security and scale seperation of concerns

### Changes 🏗️

This PR adds the required external routes
It mounts the new routes on the same app 

Infra PR will seprate routing and domains

### Checklist 📋

#### For code changes:
- [ ] I have clearly listed my changes in the PR description
- [ ] I have made a test plan
- [ ] I have tested my changes according to the test plan:
  <!-- Put your test plan here: -->
  - [ ] ...

<details>
  <summary>Example test plan</summary>
  
  - [ ] Create from scratch and execute an agent with at least 3 blocks
- [ ] Import an agent from file upload, and confirm it executes
correctly
  - [ ] Upload agent to marketplace
- [ ] Import an agent from marketplace and confirm it executes correctly
  - [ ] Edit an agent from monitor, and confirm it executes correctly
</details>

#### For configuration changes:
- [ ] `.env.example` is updated or already compatible with my changes
- [ ] `docker-compose.yml` is updated or already compatible with my
changes
- [ ] I have included a list of my configuration changes in the PR
description (under **Changes**)

<details>
  <summary>Examples of configuration changes</summary>

  - Changing ports
  - Adding new services that need to communicate with each other
  - Secrets or environment variable changes
  - New or infrastructure changes such as databases
</details>

autogpt_platform/backend/backend/data/execution.py

@@ -1,9 +1,10 @@
 from collections import defaultdict
 from datetime import datetime, timezone
 from multiprocessing import Manager
-from typing import Any, AsyncGenerator, Generator, Generic, TypeVar
+from typing import Any, AsyncGenerator, Generator, Generic, Optional, TypeVar
 
 from prisma.enums import AgentExecutionStatus
+from prisma.errors import PrismaError
 from prisma.models import (
     AgentGraphExecution,
     AgentNodeExecution,
@@ -325,6 +326,30 @@ async def update_execution_status(
     return ExecutionResult.from_db(res)
 
 
+async def get_execution(
+    execution_id: str, user_id: str
+) -> Optional[AgentNodeExecution]:
+    """
+    Get an execution by ID. Returns None if not found.
+
+    Args:
+        execution_id: The ID of the execution to retrieve
+
+    Returns:
+        The execution if found, None otherwise
+    """
+    try:
+        execution = await AgentNodeExecution.prisma().find_unique(
+            where={
+                "id": execution_id,
+                "userId": user_id,
+            }
+        )
+        return execution
+    except PrismaError:
+        return None
+
+
 async def get_execution_results(graph_exec_id: str) -> list[ExecutionResult]:
     executions = await AgentNodeExecution.prisma().find_many(
         where={"agentGraphExecutionId": graph_exec_id},

autogpt_platform/backend/backend/executor/manager.py

@@ -812,8 +812,8 @@ class ExecutionManager(AppService):
             # Extract request input data, and assign it to the input pin.
             if block.block_type == BlockType.INPUT:
                 name = node.input_default.get("name")
-                if name and name in data:
-                    input_data = {"value": data[name]}
+                if name in data.get("node_input", {}):
+                    input_data = {"value": data["node_input"][name]}
 
             # Extract webhook payload, and assign it to the input pin
             webhook_payload_key = f"webhook_{node.webhook_id}_payload"

autogpt_platform/backend/backend/server/external/api.py

@@ -0,0 +1,11 @@
+from fastapi import FastAPI
+
+from .routes.v1 import v1_router
+
+external_app = FastAPI(
+    title="AutoGPT External API",
+    description="External API for AutoGPT integrations",
+    docs_url="/docs",
+    version="1.0",
+)
+external_app.include_router(v1_router, prefix="/v1")

autogpt_platform/backend/backend/server/external/middleware.py

@@ -0,0 +1,37 @@
+from fastapi import Depends, HTTPException, Request
+from fastapi.security import APIKeyHeader
+from prisma.enums import APIKeyPermission
+
+from backend.data.api_key import has_permission, validate_api_key
+
+api_key_header = APIKeyHeader(name="X-API-Key")
+
+
+async def require_api_key(request: Request):
+    """Base middleware for API key authentication"""
+    api_key = await api_key_header(request)
+
+    if api_key is None:
+        raise HTTPException(status_code=401, detail="Missing API key")
+
+    api_key_obj = await validate_api_key(api_key)
+
+    if not api_key_obj:
+        raise HTTPException(status_code=401, detail="Invalid API key")
+
+    request.state.api_key = api_key_obj
+    return api_key_obj
+
+
+def require_permission(permission: APIKeyPermission):
+    """Dependency function for checking specific permissions"""
+
+    async def check_permission(api_key=Depends(require_api_key)):
+        if not has_permission(api_key, permission):
+            raise HTTPException(
+                status_code=403,
+                detail=f"API key missing required permission: {permission}",
+            )
+        return api_key
+
+    return check_permission

autogpt_platform/backend/backend/server/external/routes/v1.py

@@ -0,0 +1,111 @@
+import logging
+from collections import defaultdict
+from typing import Any, Sequence
+
+from autogpt_libs.utils.cache import thread_cached
+from fastapi import APIRouter, Depends, HTTPException
+from prisma.enums import APIKeyPermission
+
+import backend.data.block
+from backend.data import execution as execution_db
+from backend.data import graph as graph_db
+from backend.data.api_key import APIKey
+from backend.data.block import BlockInput, CompletedBlockOutput
+from backend.executor import ExecutionManager
+from backend.server.external.middleware import require_permission
+from backend.util.service import get_service_client
+from backend.util.settings import Settings
+
+
+@thread_cached
+def execution_manager_client() -> ExecutionManager:
+    return get_service_client(ExecutionManager)
+
+
+settings = Settings()
+logger = logging.getLogger(__name__)
+
+v1_router = APIRouter()
+
+
+@v1_router.get(
+    path="/blocks",
+    tags=["blocks"],
+    dependencies=[Depends(require_permission(APIKeyPermission.READ_BLOCK))],
+)
+def get_graph_blocks() -> Sequence[dict[Any, Any]]:
+    blocks = [block() for block in backend.data.block.get_blocks().values()]
+    return [b.to_dict() for b in blocks]
+
+
+@v1_router.post(
+    path="/blocks/{block_id}/execute",
+    tags=["blocks"],
+    dependencies=[Depends(require_permission(APIKeyPermission.EXECUTE_BLOCK))],
+)
+def execute_graph_block(
+    block_id: str,
+    data: BlockInput,
+    api_key: APIKey = Depends(require_permission(APIKeyPermission.EXECUTE_BLOCK)),
+) -> CompletedBlockOutput:
+    obj = backend.data.block.get_block(block_id)
+    if not obj:
+        raise HTTPException(status_code=404, detail=f"Block #{block_id} not found.")
+
+    output = defaultdict(list)
+    for name, data in obj.execute(data):
+        output[name].append(data)
+    return output
+
+
+@v1_router.post(
+    path="/graphs/{graph_id}/execute",
+    tags=["graphs"],
+)
+def execute_graph(
+    graph_id: str,
+    node_input: dict[Any, Any],
+    api_key: APIKey = Depends(require_permission(APIKeyPermission.EXECUTE_GRAPH)),
+) -> dict[str, Any]:
+    try:
+        graph_exec = execution_manager_client().add_execution(
+            graph_id, node_input, user_id=api_key.user_id
+        )
+        return {"id": graph_exec.graph_exec_id}
+    except Exception as e:
+        msg = e.__str__().encode().decode("unicode_escape")
+        raise HTTPException(status_code=400, detail=msg)
+
+
+@v1_router.get(
+    path="/graphs/{graph_id}/executions/{graph_exec_id}/results",
+    tags=["graphs"],
+)
+async def get_graph_execution_results(
+    graph_id: str,
+    graph_exec_id: str,
+    api_key: APIKey = Depends(require_permission(APIKeyPermission.READ_GRAPH)),
+) -> dict:
+    graph = await graph_db.get_graph(graph_id, user_id=api_key.user_id)
+    if not graph:
+        raise HTTPException(status_code=404, detail=f"Graph #{graph_id} not found.")
+
+    results = await execution_db.get_execution_results(graph_exec_id)
+
+    return {
+        "execution_id": graph_exec_id,
+        "nodes": [
+            {
+                "node_id": result.node_id,
+                "input": (
+                    result.input_data.get("value")
+                    if "value" in result.input_data
+                    else result.input_data
+                ),
+                "output": result.output_data.get(
+                    "response", result.output_data.get("result", [])
+                ),
+            }
+            for result in results
+        ],
+    }

autogpt_platform/backend/backend/server/rest_api.py

@@ -20,6 +20,7 @@ import backend.server.v2.library.routes
 import backend.server.v2.store.routes
 import backend.util.service
 import backend.util.settings
+from backend.server.external.api import external_app
 
 settings = backend.util.settings.Settings()
 logger = logging.getLogger(__name__)
@@ -94,6 +95,8 @@ app.include_router(
     backend.server.v2.library.routes.router, tags=["v2"], prefix="/api/library"
 )
 
+app.mount("/external-api", external_app)
+
 
 @app.get(path="/health", tags=["health"], dependencies=[])
 async def health():

autogpt_platform/backend/backend/server/routers/v1.py

@@ -613,7 +613,6 @@ def get_execution_schedules(
     tags=["api-keys"],
     dependencies=[Depends(auth_middleware)],
 )
-@feature_flag("api-keys-enabled")
 async def create_api_key(
     request: CreateAPIKeyRequest, user_id: Annotated[str, Depends(get_user_id)]
 ) -> CreateAPIKeyResponse:
@@ -637,7 +636,6 @@ async def create_api_key(
     tags=["api-keys"],
     dependencies=[Depends(auth_middleware)],
 )
-@feature_flag("api-keys-enabled")
 async def get_api_keys(
     user_id: Annotated[str, Depends(get_user_id)]
 ) -> list[APIKeyWithoutHash]:
@@ -655,7 +653,6 @@ async def get_api_keys(
     tags=["api-keys"],
     dependencies=[Depends(auth_middleware)],
 )
-@feature_flag("api-keys-enabled")
 async def get_api_key(
     key_id: str, user_id: Annotated[str, Depends(get_user_id)]
 ) -> APIKeyWithoutHash:

autogpt_platform/backend/test/executor/test_manager.py

@@ -125,7 +125,7 @@ async def test_agent_execution(server: SpinTestServer):
     logger.info("Starting test_agent_execution")
     test_user = await create_test_user()
     test_graph = await create_graph(server, create_test_graph(), test_user)
-    data = {"input_1": "Hello", "input_2": "World"}
+    data = {"node_input": {"input_1": "Hello", "input_2": "World"}}
     graph_exec_id = await execute_graph(
         server.agent_server,
         test_graph,