feat(platform): add login redirect flow for OAuth and Connect endpoints

- Fix OAuth resume CORS issue by adding JSON response support
- Add X-Frame-Options: DENY security headers to OAuth endpoints
- Fix authentication fallthrough vulnerability in OAuth router
- Replace dangerouslySetInnerHTML with React consent components
- Add rate limiting to consent submission endpoint

Connect flow for unauthenticated users:
- Add ConnectLoginState model and Redis storage functions
- Handle unauthenticated users in /connect/{provider} endpoint
- Add /connect/resume endpoint for post-login continuation
- Create /auth/connect-resume frontend page
- Update login page to handle connect_session parameter
- Update auth callback to redirect to connect-resume

This enables the full credential broker popup flow where:
1. External app opens popup to /connect/{provider}
2. If user not logged in -> redirect to /login?connect_session=X
3. User logs in -> redirect to /auth/connect-resume
4. User sees consent form and approves
5. postMessage returns grant_id to opener

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

.branchlet.json

@@ -1,37 +0,0 @@
-{
-  "worktreeCopyPatterns": [
-    ".env*",
-    ".vscode/**",
-    ".auth/**",
-    ".claude/**",
-    "autogpt_platform/.env*",
-    "autogpt_platform/backend/.env*",
-    "autogpt_platform/frontend/.env*",
-    "autogpt_platform/frontend/.auth/**",
-    "autogpt_platform/db/docker/.env*"
-  ],
-  "worktreeCopyIgnores": [
-    "**/node_modules/**",
-    "**/dist/**",
-    "**/.git/**",
-    "**/Thumbs.db",
-    "**/.DS_Store",
-    "**/.next/**",
-    "**/__pycache__/**",
-    "**/.ruff_cache/**",
-    "**/.pytest_cache/**",
-    "**/*.pyc",
-    "**/playwright-report/**",
-    "**/logs/**",
-    "**/site/**"
-  ],
-  "worktreePathTemplate": "$BASE_PATH.worktree",
-  "postCreateCmd": [
-    "cd autogpt_platform/autogpt_libs && poetry install",
-    "cd autogpt_platform/backend && poetry install && poetry run prisma generate",
-    "cd autogpt_platform/frontend && pnpm install",
-    "cd docs && pip install -r requirements.txt"
-  ],
-  "terminalCommand": "code .",
-  "deleteBranchWithWorktree": false
-}

.dockerignore

@@ -16,7 +16,6 @@
 !autogpt_platform/backend/poetry.lock
 !autogpt_platform/backend/README.md
 !autogpt_platform/backend/.env
-!autogpt_platform/backend/gen_prisma_types_stub.py
 
 # Platform - Market
 !autogpt_platform/market/market/

.github/workflows/claude-dependabot.yml

@@ -74,7 +74,7 @@ jobs:
 
       - name: Generate Prisma Client
         working-directory: autogpt_platform/backend
-        run: poetry run prisma generate && poetry run gen-prisma-stub
+        run: poetry run prisma generate
 
       # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml)
       - name: Set up Node.js

.github/workflows/claude.yml

@@ -90,7 +90,7 @@ jobs:
 
       - name: Generate Prisma Client
         working-directory: autogpt_platform/backend
-        run: poetry run prisma generate && poetry run gen-prisma-stub
+        run: poetry run prisma generate
 
       # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml)
       - name: Set up Node.js

.github/workflows/copilot-setup-steps.yml

@@ -72,7 +72,7 @@ jobs:
 
       - name: Generate Prisma Client
         working-directory: autogpt_platform/backend
-        run: poetry run prisma generate && poetry run gen-prisma-stub
+        run: poetry run prisma generate
 
       # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml)
       - name: Set up Node.js
@@ -108,16 +108,6 @@ jobs:
       #   run: pnpm playwright install --with-deps chromium
 
       # Docker setup for development environment
-      - name: Free up disk space
-        run: |
-          # Remove large unused tools to free disk space for Docker builds
-          sudo rm -rf /usr/share/dotnet
-          sudo rm -rf /usr/local/lib/android
-          sudo rm -rf /opt/ghc
-          sudo rm -rf /opt/hostedtoolcache/CodeQL
-          sudo docker system prune -af
-          df -h
-
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 

.github/workflows/platform-backend-ci.yml

@@ -134,7 +134,7 @@ jobs:
         run: poetry install
 
       - name: Generate Prisma Client
-        run: poetry run prisma generate && poetry run gen-prisma-stub
+        run: poetry run prisma generate
 
       - id: supabase
         name: Start Supabase
@@ -176,7 +176,7 @@ jobs:
           }
 
       - name: Run Database Migrations
-        run: poetry run prisma migrate deploy
+        run: poetry run prisma migrate dev --name updates
         env:
           DATABASE_URL: ${{ steps.supabase.outputs.DB_URL }}
           DIRECT_URL: ${{ steps.supabase.outputs.DB_URL }}
@@ -209,6 +209,7 @@ jobs:
       PLAIN_OUTPUT: True
       RUN_ENV: local
       PORT: 8080
+      OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
       # We know these are here, don't report this as a security vulnerability
       # This is used as the default credential for the entire system's RabbitMQ instance
       # If you want to replace this, you can do so by making our entire system generate

.github/workflows/platform-frontend-ci.yml

@@ -11,7 +11,6 @@ on:
       - ".github/workflows/platform-frontend-ci.yml"
       - "autogpt_platform/frontend/**"
   merge_group:
-  workflow_dispatch:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.event_name == 'merge_group' && format('merge-queue-{0}', github.ref) || format('{0}-{1}', github.ref, github.event.pull_request.number || github.sha) }}
@@ -152,14 +151,6 @@ jobs:
         run: |
           cp ../.env.default ../.env
 
-      - name: Copy backend .env and set OpenAI API key
-        run: |
-          cp ../backend/.env.default ../backend/.env
-          echo "OPENAI_INTERNAL_API_KEY=${{ secrets.OPENAI_API_KEY }}" >> ../backend/.env
-        env:
-          # Used by E2E test data script to generate embeddings for approved store agents
-          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
-
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 

.github/workflows/repo-close-stale-issues.yml

@@ -11,7 +11,7 @@ jobs:
   stale:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/stale@v10
+      - uses: actions/stale@v9
         with:
           # operations-per-run: 5000
           stale-issue-message: >

.github/workflows/repo-pr-label.yml

@@ -61,6 +61,6 @@ jobs:
       pull-requests: write
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/labeler@v6
+      - uses: actions/labeler@v5
         with:
           sync-labels: true

autogpt_platform/Makefile

@@ -12,7 +12,6 @@ reset-db:
 	rm -rf db/docker/volumes/db/data
 	cd backend && poetry run prisma migrate deploy
 	cd backend && poetry run prisma generate
-	cd backend && poetry run gen-prisma-stub
 	
 # View logs for core services
 logs-core:
@@ -34,7 +33,6 @@ init-env:
 migrate:
 	cd backend && poetry run prisma migrate deploy
 	cd backend && poetry run prisma generate
-	cd backend && poetry run gen-prisma-stub
 
 run-backend:
 	cd backend && poetry run app

autogpt_platform/autogpt_libs/autogpt_libs/api_key/keysmith.py

@@ -57,9 +57,6 @@ class APIKeySmith:
 
     def hash_key(self, raw_key: str) -> tuple[str, str]:
         """Migrate a legacy hash to secure hash format."""
-        if not raw_key.startswith(self.PREFIX):
-            raise ValueError("Key without 'agpt_' prefix would fail validation")
-
         salt = self._generate_salt()
         hash = self._hash_key_with_salt(raw_key, salt)
         return hash, salt.hex()

autogpt_platform/autogpt_libs/autogpt_libs/auth/helpers.py

@@ -1,25 +1,29 @@
 from fastapi import FastAPI
+from fastapi.openapi.utils import get_openapi
 
 from .jwt_utils import bearer_jwt_auth
 
 
 def add_auth_responses_to_openapi(app: FastAPI) -> None:
     """
-    Patch a FastAPI instance's `openapi()` method to add 401 responses
+    Set up custom OpenAPI schema generation that adds 401 responses
     to all authenticated endpoints.
 
     This is needed when using HTTPBearer with auto_error=False to get proper
     401 responses instead of 403, but FastAPI only automatically adds security
     responses when auto_error=True.
     """
-    # Wrap current method to allow stacking OpenAPI schema modifiers like this
-    wrapped_openapi = app.openapi
 
     def custom_openapi():
         if app.openapi_schema:
             return app.openapi_schema
 
-        openapi_schema = wrapped_openapi()
+        openapi_schema = get_openapi(
+            title=app.title,
+            version=app.version,
+            description=app.description,
+            routes=app.routes,
+        )
 
         # Add 401 response to all endpoints that have security requirements
         for path, methods in openapi_schema["paths"].items():

autogpt_platform/backend/.gitignore

@@ -18,4 +18,3 @@ load-tests/results/
 load-tests/*.json
 load-tests/*.log
 load-tests/node_modules/*
-migrations/*/rollback*.sql

autogpt_platform/backend/Dockerfile

@@ -48,8 +48,7 @@ RUN poetry install --no-ansi --no-root
 # Generate Prisma client
 COPY autogpt_platform/backend/schema.prisma ./
 COPY autogpt_platform/backend/backend/data/partial_types.py ./backend/data/partial_types.py
-COPY autogpt_platform/backend/gen_prisma_types_stub.py ./
-RUN poetry run prisma generate && poetry run gen-prisma-stub
+RUN poetry run prisma generate
 
 FROM debian:13-slim AS server_dependencies
 

autogpt_platform/backend/TESTING.md

@@ -108,7 +108,7 @@ import fastapi.testclient
 import pytest
 from pytest_snapshot.plugin import Snapshot
 
-from backend.api.features.myroute import router
+from backend.server.v2.myroute import router
 
 app = fastapi.FastAPI()
 app.include_router(router)
@@ -149,7 +149,7 @@ These provide the easiest way to set up authentication mocking in test modules:
 import fastapi
 import fastapi.testclient
 import pytest
-from backend.api.features.myroute import router
+from backend.server.v2.myroute import router
 
 app = fastapi.FastAPI()
 app.include_router(router)

autogpt_platform/backend/backend/api/external/fastapi_app.py

@@ -1,25 +0,0 @@
-from fastapi import FastAPI
-
-from backend.api.middleware.security import SecurityHeadersMiddleware
-from backend.monitoring.instrumentation import instrument_fastapi
-
-from .v1.routes import v1_router
-
-external_api = FastAPI(
-    title="AutoGPT External API",
-    description="External API for AutoGPT integrations",
-    docs_url="/docs",
-    version="1.0",
-)
-
-external_api.add_middleware(SecurityHeadersMiddleware)
-external_api.include_router(v1_router, prefix="/v1")
-
-# Add Prometheus instrumentation
-instrument_fastapi(
-    external_api,
-    service_name="external-api",
-    expose_endpoint=True,
-    endpoint="/metrics",
-    include_in_schema=True,
-)

autogpt_platform/backend/backend/api/external/middleware.py

@@ -1,107 +0,0 @@
-from fastapi import HTTPException, Security, status
-from fastapi.security import APIKeyHeader, HTTPAuthorizationCredentials, HTTPBearer
-from prisma.enums import APIKeyPermission
-
-from backend.data.auth.api_key import APIKeyInfo, validate_api_key
-from backend.data.auth.base import APIAuthorizationInfo
-from backend.data.auth.oauth import (
-    InvalidClientError,
-    InvalidTokenError,
-    OAuthAccessTokenInfo,
-    validate_access_token,
-)
-
-api_key_header = APIKeyHeader(name="X-API-Key", auto_error=False)
-bearer_auth = HTTPBearer(auto_error=False)
-
-
-async def require_api_key(api_key: str | None = Security(api_key_header)) -> APIKeyInfo:
-    """Middleware for API key authentication only"""
-    if api_key is None:
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED, detail="Missing API key"
-        )
-
-    api_key_obj = await validate_api_key(api_key)
-
-    if not api_key_obj:
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid API key"
-        )
-
-    return api_key_obj
-
-
-async def require_access_token(
-    bearer: HTTPAuthorizationCredentials | None = Security(bearer_auth),
-) -> OAuthAccessTokenInfo:
-    """Middleware for OAuth access token authentication only"""
-    if bearer is None:
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Missing Authorization header",
-        )
-
-    try:
-        token_info, _ = await validate_access_token(bearer.credentials)
-    except (InvalidClientError, InvalidTokenError) as e:
-        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=str(e))
-
-    return token_info
-
-
-async def require_auth(
-    api_key: str | None = Security(api_key_header),
-    bearer: HTTPAuthorizationCredentials | None = Security(bearer_auth),
-) -> APIAuthorizationInfo:
-    """
-    Unified authentication middleware supporting both API keys and OAuth tokens.
-
-    Supports two authentication methods, which are checked in order:
-    1. X-API-Key header (existing API key authentication)
-    2. Authorization: Bearer <token> header (OAuth access token)
-
-    Returns:
-        APIAuthorizationInfo: base class of both APIKeyInfo and OAuthAccessTokenInfo.
-    """
-    # Try API key first
-    if api_key is not None:
-        api_key_info = await validate_api_key(api_key)
-        if api_key_info:
-            return api_key_info
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid API key"
-        )
-
-    # Try OAuth bearer token
-    if bearer is not None:
-        try:
-            token_info, _ = await validate_access_token(bearer.credentials)
-            return token_info
-        except (InvalidClientError, InvalidTokenError) as e:
-            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=str(e))
-
-    # No credentials provided
-    raise HTTPException(
-        status_code=status.HTTP_401_UNAUTHORIZED,
-        detail="Missing authentication. Provide API key or access token.",
-    )
-
-
-def require_permission(permission: APIKeyPermission):
-    """
-    Dependency function for checking specific permissions
-    (works with API keys and OAuth tokens)
-    """
-
-    async def check_permission(
-        auth: APIAuthorizationInfo = Security(require_auth),
-    ) -> APIAuthorizationInfo:
-        if permission not in auth.scopes:
-            raise HTTPException(
-                status_code=status.HTTP_403_FORBIDDEN,
-                detail=f"Missing required permission: {permission.value}",
-            )
-        return auth
-
-    return check_permission

autogpt_platform/backend/backend/api/external/v1/integrations.py

@@ -1,655 +0,0 @@
-"""
-External API endpoints for integrations and credentials.
-
-This module provides endpoints for external applications (like Autopilot) to:
-- Initiate OAuth flows with custom callback URLs
-- Complete OAuth flows by exchanging authorization codes
-- Create API key, user/password, and host-scoped credentials
-- List and manage user credentials
-"""
-
-import logging
-from typing import TYPE_CHECKING, Annotated, Any, Literal, Optional, Union
-from urllib.parse import urlparse
-
-from fastapi import APIRouter, Body, HTTPException, Path, Security, status
-from prisma.enums import APIKeyPermission
-from pydantic import BaseModel, Field, SecretStr
-
-from backend.api.external.middleware import require_permission
-from backend.api.features.integrations.models import get_all_provider_names
-from backend.data.auth.base import APIAuthorizationInfo
-from backend.data.model import (
-    APIKeyCredentials,
-    Credentials,
-    CredentialsType,
-    HostScopedCredentials,
-    OAuth2Credentials,
-    UserPasswordCredentials,
-)
-from backend.integrations.creds_manager import IntegrationCredentialsManager
-from backend.integrations.oauth import CREDENTIALS_BY_PROVIDER, HANDLERS_BY_NAME
-from backend.integrations.providers import ProviderName
-from backend.util.settings import Settings
-
-if TYPE_CHECKING:
-    from backend.integrations.oauth import BaseOAuthHandler
-
-logger = logging.getLogger(__name__)
-settings = Settings()
-creds_manager = IntegrationCredentialsManager()
-
-integrations_router = APIRouter(prefix="/integrations", tags=["integrations"])
-
-
-# ==================== Request/Response Models ==================== #
-
-
-class OAuthInitiateRequest(BaseModel):
-    """Request model for initiating an OAuth flow."""
-
-    callback_url: str = Field(
-        ..., description="The external app's callback URL for OAuth redirect"
-    )
-    scopes: list[str] = Field(
-        default_factory=list, description="OAuth scopes to request"
-    )
-    state_metadata: dict[str, Any] = Field(
-        default_factory=dict,
-        description="Arbitrary metadata to echo back on completion",
-    )
-
-
-class OAuthInitiateResponse(BaseModel):
-    """Response model for OAuth initiation."""
-
-    login_url: str = Field(..., description="URL to redirect user for OAuth consent")
-    state_token: str = Field(..., description="State token for CSRF protection")
-    expires_at: int = Field(
-        ..., description="Unix timestamp when the state token expires"
-    )
-
-
-class OAuthCompleteRequest(BaseModel):
-    """Request model for completing an OAuth flow."""
-
-    code: str = Field(..., description="Authorization code from OAuth provider")
-    state_token: str = Field(..., description="State token from initiate request")
-
-
-class OAuthCompleteResponse(BaseModel):
-    """Response model for OAuth completion."""
-
-    credentials_id: str = Field(..., description="ID of the stored credentials")
-    provider: str = Field(..., description="Provider name")
-    type: str = Field(..., description="Credential type (oauth2)")
-    title: Optional[str] = Field(None, description="Credential title")
-    scopes: list[str] = Field(default_factory=list, description="Granted scopes")
-    username: Optional[str] = Field(None, description="Username from provider")
-    state_metadata: dict[str, Any] = Field(
-        default_factory=dict, description="Echoed metadata from initiate request"
-    )
-
-
-class CredentialSummary(BaseModel):
-    """Summary of a credential without sensitive data."""
-
-    id: str
-    provider: str
-    type: CredentialsType
-    title: Optional[str] = None
-    scopes: Optional[list[str]] = None
-    username: Optional[str] = None
-    host: Optional[str] = None
-
-
-class ProviderInfo(BaseModel):
-    """Information about an integration provider."""
-
-    name: str
-    supports_oauth: bool = False
-    supports_api_key: bool = False
-    supports_user_password: bool = False
-    supports_host_scoped: bool = False
-    default_scopes: list[str] = Field(default_factory=list)
-
-
-# ==================== Credential Creation Models ==================== #
-
-
-class CreateAPIKeyCredentialRequest(BaseModel):
-    """Request model for creating API key credentials."""
-
-    type: Literal["api_key"] = "api_key"
-    api_key: str = Field(..., description="The API key")
-    title: str = Field(..., description="A name for this credential")
-    expires_at: Optional[int] = Field(
-        None, description="Unix timestamp when the API key expires"
-    )
-
-
-class CreateUserPasswordCredentialRequest(BaseModel):
-    """Request model for creating username/password credentials."""
-
-    type: Literal["user_password"] = "user_password"
-    username: str = Field(..., description="Username")
-    password: str = Field(..., description="Password")
-    title: str = Field(..., description="A name for this credential")
-
-
-class CreateHostScopedCredentialRequest(BaseModel):
-    """Request model for creating host-scoped credentials."""
-
-    type: Literal["host_scoped"] = "host_scoped"
-    host: str = Field(..., description="Host/domain pattern to match")
-    headers: dict[str, str] = Field(..., description="Headers to include in requests")
-    title: str = Field(..., description="A name for this credential")
-
-
-# Union type for credential creation
-CreateCredentialRequest = Annotated[
-    CreateAPIKeyCredentialRequest
-    | CreateUserPasswordCredentialRequest
-    | CreateHostScopedCredentialRequest,
-    Field(discriminator="type"),
-]
-
-
-class CreateCredentialResponse(BaseModel):
-    """Response model for credential creation."""
-
-    id: str
-    provider: str
-    type: CredentialsType
-    title: Optional[str] = None
-
-
-# ==================== Helper Functions ==================== #
-
-
-def validate_callback_url(callback_url: str) -> bool:
-    """Validate that the callback URL is from an allowed origin."""
-    allowed_origins = settings.config.external_oauth_callback_origins
-
-    try:
-        parsed = urlparse(callback_url)
-        callback_origin = f"{parsed.scheme}://{parsed.netloc}"
-
-        for allowed in allowed_origins:
-            # Simple origin matching
-            if callback_origin == allowed:
-                return True
-
-        # Allow localhost with any port in development (proper hostname check)
-        if parsed.hostname == "localhost":
-            for allowed in allowed_origins:
-                allowed_parsed = urlparse(allowed)
-                if allowed_parsed.hostname == "localhost":
-                    return True
-
-        return False
-    except Exception:
-        return False
-
-
-def _get_oauth_handler_for_external(
-    provider_name: str, redirect_uri: str
-) -> "BaseOAuthHandler":
-    """Get an OAuth handler configured with an external redirect URI."""
-    # Ensure blocks are loaded so SDK providers are available
-    try:
-        from backend.blocks import load_all_blocks
-
-        load_all_blocks()
-    except Exception as e:
-        logger.warning(f"Failed to load blocks: {e}")
-
-    if provider_name not in HANDLERS_BY_NAME:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail=f"Provider '{provider_name}' does not support OAuth",
-        )
-
-    # Check if this provider has custom OAuth credentials
-    oauth_credentials = CREDENTIALS_BY_PROVIDER.get(provider_name)
-
-    if oauth_credentials and not oauth_credentials.use_secrets:
-        import os
-
-        client_id = (
-            os.getenv(oauth_credentials.client_id_env_var)
-            if oauth_credentials.client_id_env_var
-            else None
-        )
-        client_secret = (
-            os.getenv(oauth_credentials.client_secret_env_var)
-            if oauth_credentials.client_secret_env_var
-            else None
-        )
-    else:
-        client_id = getattr(settings.secrets, f"{provider_name}_client_id", None)
-        client_secret = getattr(
-            settings.secrets, f"{provider_name}_client_secret", None
-        )
-
-    if not (client_id and client_secret):
-        logger.error(f"Attempt to use unconfigured {provider_name} OAuth integration")
-        raise HTTPException(
-            status_code=status.HTTP_501_NOT_IMPLEMENTED,
-            detail={
-                "message": f"Integration with provider '{provider_name}' is not configured.",
-                "hint": "Set client ID and secret in the application's deployment environment",
-            },
-        )
-
-    handler_class = HANDLERS_BY_NAME[provider_name]
-    return handler_class(
-        client_id=client_id,
-        client_secret=client_secret,
-        redirect_uri=redirect_uri,
-    )
-
-
-# ==================== Endpoints ==================== #
-
-
-@integrations_router.get("/providers", response_model=list[ProviderInfo])
-async def list_providers(
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.READ_INTEGRATIONS)
-    ),
-) -> list[ProviderInfo]:
-    """
-    List all available integration providers.
-
-    Returns a list of all providers with their supported credential types.
-    Most providers support API key credentials, and some also support OAuth.
-    """
-    # Ensure blocks are loaded
-    try:
-        from backend.blocks import load_all_blocks
-
-        load_all_blocks()
-    except Exception as e:
-        logger.warning(f"Failed to load blocks: {e}")
-
-    from backend.sdk.registry import AutoRegistry
-
-    providers = []
-    for name in get_all_provider_names():
-        supports_oauth = name in HANDLERS_BY_NAME
-        handler_class = HANDLERS_BY_NAME.get(name)
-        default_scopes = (
-            getattr(handler_class, "DEFAULT_SCOPES", []) if handler_class else []
-        )
-
-        # Check if provider has specific auth types from SDK registration
-        sdk_provider = AutoRegistry.get_provider(name)
-        if sdk_provider and sdk_provider.supported_auth_types:
-            supports_api_key = "api_key" in sdk_provider.supported_auth_types
-            supports_user_password = (
-                "user_password" in sdk_provider.supported_auth_types
-            )
-            supports_host_scoped = "host_scoped" in sdk_provider.supported_auth_types
-        else:
-            # Fallback for legacy providers
-            supports_api_key = True  # All providers can accept API keys
-            supports_user_password = name in ("smtp",)
-            supports_host_scoped = name == "http"
-
-        providers.append(
-            ProviderInfo(
-                name=name,
-                supports_oauth=supports_oauth,
-                supports_api_key=supports_api_key,
-                supports_user_password=supports_user_password,
-                supports_host_scoped=supports_host_scoped,
-                default_scopes=default_scopes,
-            )
-        )
-
-    return providers
-
-
-@integrations_router.post(
-    "/{provider}/oauth/initiate",
-    response_model=OAuthInitiateResponse,
-    summary="Initiate OAuth flow",
-)
-async def initiate_oauth(
-    provider: Annotated[str, Path(title="The OAuth provider")],
-    request: OAuthInitiateRequest,
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.MANAGE_INTEGRATIONS)
-    ),
-) -> OAuthInitiateResponse:
-    """
-    Initiate an OAuth flow for an external application.
-
-    This endpoint allows external apps to start an OAuth flow with a custom
-    callback URL. The callback URL must be from an allowed origin configured
-    in the platform settings.
-
-    Returns a login URL to redirect the user to, along with a state token
-    for CSRF protection.
-    """
-    # Validate callback URL
-    if not validate_callback_url(request.callback_url):
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail=(
-                f"Callback URL origin is not allowed. "
-                f"Allowed origins: {settings.config.external_oauth_callback_origins}",
-            ),
-        )
-
-    # Validate provider
-    try:
-        provider_name = ProviderName(provider)
-    except ValueError:
-        # Check if it's a dynamically registered provider
-        if provider not in HANDLERS_BY_NAME:
-            raise HTTPException(
-                status_code=status.HTTP_404_NOT_FOUND,
-                detail=f"Provider '{provider}' not found",
-            )
-        provider_name = provider
-
-    # Get OAuth handler with external callback URL
-    handler = _get_oauth_handler_for_external(
-        provider if isinstance(provider_name, str) else provider_name.value,
-        request.callback_url,
-    )
-
-    # Store state token with external flow metadata
-    # Note: initiated_by_api_key_id is only available for API key auth, not OAuth
-    api_key_id = getattr(auth, "id", None) if auth.type == "api_key" else None
-    state_token, code_challenge = await creds_manager.store.store_state_token(
-        user_id=auth.user_id,
-        provider=provider if isinstance(provider_name, str) else provider_name.value,
-        scopes=request.scopes,
-        callback_url=request.callback_url,
-        state_metadata=request.state_metadata,
-        initiated_by_api_key_id=api_key_id,
-    )
-
-    # Build login URL
-    login_url = handler.get_login_url(
-        request.scopes, state_token, code_challenge=code_challenge
-    )
-
-    # Calculate expiration (10 minutes from now)
-    from datetime import datetime, timedelta, timezone
-
-    expires_at = int((datetime.now(timezone.utc) + timedelta(minutes=10)).timestamp())
-
-    return OAuthInitiateResponse(
-        login_url=login_url,
-        state_token=state_token,
-        expires_at=expires_at,
-    )
-
-
-@integrations_router.post(
-    "/{provider}/oauth/complete",
-    response_model=OAuthCompleteResponse,
-    summary="Complete OAuth flow",
-)
-async def complete_oauth(
-    provider: Annotated[str, Path(title="The OAuth provider")],
-    request: OAuthCompleteRequest,
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.MANAGE_INTEGRATIONS)
-    ),
-) -> OAuthCompleteResponse:
-    """
-    Complete an OAuth flow by exchanging the authorization code for tokens.
-
-    This endpoint should be called after the user has authorized the application
-    and been redirected back to the external app's callback URL with an
-    authorization code.
-    """
-    # Verify state token
-    valid_state = await creds_manager.store.verify_state_token(
-        auth.user_id, request.state_token, provider
-    )
-
-    if not valid_state:
-        logger.warning(f"Invalid or expired state token for provider {provider}")
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="Invalid or expired state token",
-        )
-
-    # Verify this is an external flow (callback_url must be set)
-    if not valid_state.callback_url:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="State token was not created for external OAuth flow",
-        )
-
-    # Get OAuth handler with the original callback URL
-    handler = _get_oauth_handler_for_external(provider, valid_state.callback_url)
-
-    try:
-        scopes = valid_state.scopes
-        scopes = handler.handle_default_scopes(scopes)
-
-        credentials = await handler.exchange_code_for_tokens(
-            request.code, scopes, valid_state.code_verifier
-        )
-
-        # Handle Linear's space-separated scopes
-        if len(credentials.scopes) == 1 and " " in credentials.scopes[0]:
-            credentials.scopes = credentials.scopes[0].split(" ")
-
-        # Check scope mismatch
-        if not set(scopes).issubset(set(credentials.scopes)):
-            logger.warning(
-                f"Granted scopes {credentials.scopes} for provider {provider} "
-                f"do not include all requested scopes {scopes}"
-            )
-
-    except Exception as e:
-        logger.error(f"OAuth2 Code->Token exchange failed for provider {provider}: {e}")
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail=f"OAuth2 callback failed to exchange code for tokens: {str(e)}",
-        )
-
-    # Store credentials
-    await creds_manager.create(auth.user_id, credentials)
-
-    logger.info(f"Successfully completed external OAuth for provider {provider}")
-
-    return OAuthCompleteResponse(
-        credentials_id=credentials.id,
-        provider=credentials.provider,
-        type=credentials.type,
-        title=credentials.title,
-        scopes=credentials.scopes,
-        username=credentials.username,
-        state_metadata=valid_state.state_metadata,
-    )
-
-
-@integrations_router.get("/credentials", response_model=list[CredentialSummary])
-async def list_credentials(
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.READ_INTEGRATIONS)
-    ),
-) -> list[CredentialSummary]:
-    """
-    List all credentials for the authenticated user.
-
-    Returns metadata about each credential without exposing sensitive tokens.
-    """
-    credentials = await creds_manager.store.get_all_creds(auth.user_id)
-    return [
-        CredentialSummary(
-            id=cred.id,
-            provider=cred.provider,
-            type=cred.type,
-            title=cred.title,
-            scopes=cred.scopes if isinstance(cred, OAuth2Credentials) else None,
-            username=cred.username if isinstance(cred, OAuth2Credentials) else None,
-            host=cred.host if isinstance(cred, HostScopedCredentials) else None,
-        )
-        for cred in credentials
-    ]
-
-
-@integrations_router.get(
-    "/{provider}/credentials", response_model=list[CredentialSummary]
-)
-async def list_credentials_by_provider(
-    provider: Annotated[str, Path(title="The provider to list credentials for")],
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.READ_INTEGRATIONS)
-    ),
-) -> list[CredentialSummary]:
-    """
-    List credentials for a specific provider.
-    """
-    credentials = await creds_manager.store.get_creds_by_provider(
-        auth.user_id, provider
-    )
-    return [
-        CredentialSummary(
-            id=cred.id,
-            provider=cred.provider,
-            type=cred.type,
-            title=cred.title,
-            scopes=cred.scopes if isinstance(cred, OAuth2Credentials) else None,
-            username=cred.username if isinstance(cred, OAuth2Credentials) else None,
-            host=cred.host if isinstance(cred, HostScopedCredentials) else None,
-        )
-        for cred in credentials
-    ]
-
-
-@integrations_router.post(
-    "/{provider}/credentials",
-    response_model=CreateCredentialResponse,
-    status_code=status.HTTP_201_CREATED,
-    summary="Create credentials",
-)
-async def create_credential(
-    provider: Annotated[str, Path(title="The provider to create credentials for")],
-    request: Union[
-        CreateAPIKeyCredentialRequest,
-        CreateUserPasswordCredentialRequest,
-        CreateHostScopedCredentialRequest,
-    ] = Body(..., discriminator="type"),
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.MANAGE_INTEGRATIONS)
-    ),
-) -> CreateCredentialResponse:
-    """
-    Create non-OAuth credentials for a provider.
-
-    Supports creating:
-    - API key credentials (type: "api_key")
-    - Username/password credentials (type: "user_password")
-    - Host-scoped credentials (type: "host_scoped")
-
-    For OAuth credentials, use the OAuth initiate/complete flow instead.
-    """
-    # Validate provider exists
-    all_providers = get_all_provider_names()
-    if provider not in all_providers:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail=f"Provider '{provider}' not found",
-        )
-
-    # Create the appropriate credential type
-    credentials: Credentials
-    if request.type == "api_key":
-        credentials = APIKeyCredentials(
-            provider=provider,
-            api_key=SecretStr(request.api_key),
-            title=request.title,
-            expires_at=request.expires_at,
-        )
-    elif request.type == "user_password":
-        credentials = UserPasswordCredentials(
-            provider=provider,
-            username=SecretStr(request.username),
-            password=SecretStr(request.password),
-            title=request.title,
-        )
-    elif request.type == "host_scoped":
-        # Convert string headers to SecretStr
-        secret_headers = {k: SecretStr(v) for k, v in request.headers.items()}
-        credentials = HostScopedCredentials(
-            provider=provider,
-            host=request.host,
-            headers=secret_headers,
-            title=request.title,
-        )
-    else:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail=f"Unsupported credential type: {request.type}",
-        )
-
-    # Store credentials
-    try:
-        await creds_manager.create(auth.user_id, credentials)
-    except Exception as e:
-        logger.error(f"Failed to store credentials: {e}")
-        raise HTTPException(
-            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail=f"Failed to store credentials: {str(e)}",
-        )
-
-    logger.info(f"Created {request.type} credentials for provider {provider}")
-
-    return CreateCredentialResponse(
-        id=credentials.id,
-        provider=provider,
-        type=credentials.type,
-        title=credentials.title,
-    )
-
-
-class DeleteCredentialResponse(BaseModel):
-    """Response model for deleting a credential."""
-
-    deleted: bool = Field(..., description="Whether the credential was deleted")
-    credentials_id: str = Field(..., description="ID of the deleted credential")
-
-
-@integrations_router.delete(
-    "/{provider}/credentials/{cred_id}",
-    response_model=DeleteCredentialResponse,
-)
-async def delete_credential(
-    provider: Annotated[str, Path(title="The provider")],
-    cred_id: Annotated[str, Path(title="The credential ID to delete")],
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.DELETE_INTEGRATIONS)
-    ),
-) -> DeleteCredentialResponse:
-    """
-    Delete a credential.
-
-    Note: This does not revoke the tokens with the provider. For full cleanup,
-    use the main API's delete endpoint which handles webhook cleanup and
-    token revocation.
-    """
-    creds = await creds_manager.store.get_creds_by_id(auth.user_id, cred_id)
-    if not creds:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND, detail="Credentials not found"
-        )
-    if creds.provider != provider:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail="Credentials do not match the specified provider",
-        )
-
-    await creds_manager.delete(auth.user_id, cred_id)
-
-    return DeleteCredentialResponse(deleted=True, credentials_id=cred_id)

autogpt_platform/backend/backend/api/external/v1/routes.py

@@ -1,328 +0,0 @@
-import logging
-import urllib.parse
-from collections import defaultdict
-from typing import Annotated, Any, Literal, Optional, Sequence
-
-from fastapi import APIRouter, Body, HTTPException, Security
-from prisma.enums import AgentExecutionStatus, APIKeyPermission
-from pydantic import BaseModel, Field
-from typing_extensions import TypedDict
-
-import backend.api.features.store.cache as store_cache
-import backend.api.features.store.model as store_model
-import backend.data.block
-from backend.api.external.middleware import require_permission
-from backend.data import execution as execution_db
-from backend.data import graph as graph_db
-from backend.data import user as user_db
-from backend.data.auth.base import APIAuthorizationInfo
-from backend.data.block import BlockInput, CompletedBlockOutput
-from backend.executor.utils import add_graph_execution
-from backend.util.settings import Settings
-
-from .integrations import integrations_router
-from .tools import tools_router
-
-settings = Settings()
-logger = logging.getLogger(__name__)
-
-v1_router = APIRouter()
-
-v1_router.include_router(integrations_router)
-v1_router.include_router(tools_router)
-
-
-class UserInfoResponse(BaseModel):
-    id: str
-    name: Optional[str]
-    email: str
-    timezone: str = Field(
-        description="The user's last known timezone (e.g. 'Europe/Amsterdam'), "
-        "or 'not-set' if not set"
-    )
-
-
-@v1_router.get(
-    path="/me",
-    tags=["user", "meta"],
-)
-async def get_user_info(
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.IDENTITY)
-    ),
-) -> UserInfoResponse:
-    user = await user_db.get_user_by_id(auth.user_id)
-
-    return UserInfoResponse(
-        id=user.id,
-        name=user.name,
-        email=user.email,
-        timezone=user.timezone,
-    )
-
-
-@v1_router.get(
-    path="/blocks",
-    tags=["blocks"],
-    dependencies=[Security(require_permission(APIKeyPermission.READ_BLOCK))],
-)
-async def get_graph_blocks() -> Sequence[dict[Any, Any]]:
-    blocks = [block() for block in backend.data.block.get_blocks().values()]
-    return [b.to_dict() for b in blocks if not b.disabled]
-
-
-@v1_router.post(
-    path="/blocks/{block_id}/execute",
-    tags=["blocks"],
-    dependencies=[Security(require_permission(APIKeyPermission.EXECUTE_BLOCK))],
-)
-async def execute_graph_block(
-    block_id: str,
-    data: BlockInput,
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.EXECUTE_BLOCK)
-    ),
-) -> CompletedBlockOutput:
-    obj = backend.data.block.get_block(block_id)
-    if not obj:
-        raise HTTPException(status_code=404, detail=f"Block #{block_id} not found.")
-
-    output = defaultdict(list)
-    async for name, data in obj.execute(data):
-        output[name].append(data)
-    return output
-
-
-@v1_router.post(
-    path="/graphs/{graph_id}/execute/{graph_version}",
-    tags=["graphs"],
-)
-async def execute_graph(
-    graph_id: str,
-    graph_version: int,
-    node_input: Annotated[dict[str, Any], Body(..., embed=True, default_factory=dict)],
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.EXECUTE_GRAPH)
-    ),
-) -> dict[str, Any]:
-    try:
-        graph_exec = await add_graph_execution(
-            graph_id=graph_id,
-            user_id=auth.user_id,
-            inputs=node_input,
-            graph_version=graph_version,
-        )
-        return {"id": graph_exec.id}
-    except Exception as e:
-        msg = str(e).encode().decode("unicode_escape")
-        raise HTTPException(status_code=400, detail=msg)
-
-
-class ExecutionNode(TypedDict):
-    node_id: str
-    input: Any
-    output: dict[str, Any]
-
-
-class GraphExecutionResult(TypedDict):
-    execution_id: str
-    status: str
-    nodes: list[ExecutionNode]
-    output: Optional[list[dict[str, str]]]
-
-
-@v1_router.get(
-    path="/graphs/{graph_id}/executions/{graph_exec_id}/results",
-    tags=["graphs"],
-)
-async def get_graph_execution_results(
-    graph_id: str,
-    graph_exec_id: str,
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.READ_GRAPH)
-    ),
-) -> GraphExecutionResult:
-    graph_exec = await execution_db.get_graph_execution(
-        user_id=auth.user_id,
-        execution_id=graph_exec_id,
-        include_node_executions=True,
-    )
-    if not graph_exec:
-        raise HTTPException(
-            status_code=404, detail=f"Graph execution #{graph_exec_id} not found."
-        )
-
-    if not await graph_db.get_graph(
-        graph_id=graph_exec.graph_id,
-        version=graph_exec.graph_version,
-        user_id=auth.user_id,
-    ):
-        raise HTTPException(status_code=404, detail=f"Graph #{graph_id} not found.")
-
-    return GraphExecutionResult(
-        execution_id=graph_exec_id,
-        status=graph_exec.status.value,
-        nodes=[
-            ExecutionNode(
-                node_id=node_exec.node_id,
-                input=node_exec.input_data.get("value", node_exec.input_data),
-                output={k: v for k, v in node_exec.output_data.items()},
-            )
-            for node_exec in graph_exec.node_executions
-        ],
-        output=(
-            [
-                {name: value}
-                for name, values in graph_exec.outputs.items()
-                for value in values
-            ]
-            if graph_exec.status == AgentExecutionStatus.COMPLETED
-            else None
-        ),
-    )
-
-
-##############################################
-############### Store Endpoints ##############
-##############################################
-
-
-@v1_router.get(
-    path="/store/agents",
-    tags=["store"],
-    dependencies=[Security(require_permission(APIKeyPermission.READ_STORE))],
-    response_model=store_model.StoreAgentsResponse,
-)
-async def get_store_agents(
-    featured: bool = False,
-    creator: str | None = None,
-    sorted_by: Literal["rating", "runs", "name", "updated_at"] | None = None,
-    search_query: str | None = None,
-    category: str | None = None,
-    page: int = 1,
-    page_size: int = 20,
-) -> store_model.StoreAgentsResponse:
-    """
-    Get a paginated list of agents from the store with optional filtering and sorting.
-
-    Args:
-        featured: Filter to only show featured agents
-        creator: Filter agents by creator username
-        sorted_by: Sort agents by "runs", "rating", "name", or "updated_at"
-        search_query: Search agents by name, subheading and description
-        category: Filter agents by category
-        page: Page number for pagination (default 1)
-        page_size: Number of agents per page (default 20)
-
-    Returns:
-        StoreAgentsResponse: Paginated list of agents matching the filters
-    """
-    if page < 1:
-        raise HTTPException(status_code=422, detail="Page must be greater than 0")
-
-    if page_size < 1:
-        raise HTTPException(status_code=422, detail="Page size must be greater than 0")
-
-    agents = await store_cache._get_cached_store_agents(
-        featured=featured,
-        creator=creator,
-        sorted_by=sorted_by,
-        search_query=search_query,
-        category=category,
-        page=page,
-        page_size=page_size,
-    )
-    return agents
-
-
-@v1_router.get(
-    path="/store/agents/{username}/{agent_name}",
-    tags=["store"],
-    dependencies=[Security(require_permission(APIKeyPermission.READ_STORE))],
-    response_model=store_model.StoreAgentDetails,
-)
-async def get_store_agent(
-    username: str,
-    agent_name: str,
-) -> store_model.StoreAgentDetails:
-    """
-    Get details of a specific store agent by username and agent name.
-
-    Args:
-        username: Creator's username
-        agent_name: Name/slug of the agent
-
-    Returns:
-        StoreAgentDetails: Detailed information about the agent
-    """
-    username = urllib.parse.unquote(username).lower()
-    agent_name = urllib.parse.unquote(agent_name).lower()
-    agent = await store_cache._get_cached_agent_details(
-        username=username, agent_name=agent_name
-    )
-    return agent
-
-
-@v1_router.get(
-    path="/store/creators",
-    tags=["store"],
-    dependencies=[Security(require_permission(APIKeyPermission.READ_STORE))],
-    response_model=store_model.CreatorsResponse,
-)
-async def get_store_creators(
-    featured: bool = False,
-    search_query: str | None = None,
-    sorted_by: Literal["agent_rating", "agent_runs", "num_agents"] | None = None,
-    page: int = 1,
-    page_size: int = 20,
-) -> store_model.CreatorsResponse:
-    """
-    Get a paginated list of store creators with optional filtering and sorting.
-
-    Args:
-        featured: Filter to only show featured creators
-        search_query: Search creators by profile description
-        sorted_by: Sort by "agent_rating", "agent_runs", or "num_agents"
-        page: Page number for pagination (default 1)
-        page_size: Number of creators per page (default 20)
-
-    Returns:
-        CreatorsResponse: Paginated list of creators matching the filters
-    """
-    if page < 1:
-        raise HTTPException(status_code=422, detail="Page must be greater than 0")
-
-    if page_size < 1:
-        raise HTTPException(status_code=422, detail="Page size must be greater than 0")
-
-    creators = await store_cache._get_cached_store_creators(
-        featured=featured,
-        search_query=search_query,
-        sorted_by=sorted_by,
-        page=page,
-        page_size=page_size,
-    )
-    return creators
-
-
-@v1_router.get(
-    path="/store/creators/{username}",
-    tags=["store"],
-    dependencies=[Security(require_permission(APIKeyPermission.READ_STORE))],
-    response_model=store_model.CreatorDetails,
-)
-async def get_store_creator(
-    username: str,
-) -> store_model.CreatorDetails:
-    """
-    Get details of a specific store creator by username.
-
-    Args:
-        username: Creator's username
-
-    Returns:
-        CreatorDetails: Detailed information about the creator
-    """
-    username = urllib.parse.unquote(username).lower()
-    creator = await store_cache._get_cached_creator_details(username=username)
-    return creator

autogpt_platform/backend/backend/api/external/v1/tools.py

@@ -1,152 +0,0 @@
-"""External API routes for chat tools - stateless HTTP endpoints.
-
-Note: These endpoints use ephemeral sessions that are not persisted to Redis.
-As a result, session-based rate limiting (max_agent_runs, max_agent_schedules)
-is not enforced for external API calls. Each request creates a fresh session
-with zeroed counters. Rate limiting for external API consumers should be
-handled separately (e.g., via API key quotas).
-"""
-
-import logging
-from typing import Any
-
-from fastapi import APIRouter, Security
-from prisma.enums import APIKeyPermission
-from pydantic import BaseModel, Field
-
-from backend.api.external.middleware import require_permission
-from backend.api.features.chat.model import ChatSession
-from backend.api.features.chat.tools import find_agent_tool, run_agent_tool
-from backend.api.features.chat.tools.models import ToolResponseBase
-from backend.data.auth.base import APIAuthorizationInfo
-
-logger = logging.getLogger(__name__)
-
-tools_router = APIRouter(prefix="/tools", tags=["tools"])
-
-# Note: We use Security() as a function parameter dependency (auth: APIAuthorizationInfo = Security(...))
-# rather than in the decorator's dependencies= list. This avoids duplicate permission checks
-# while still enforcing auth AND giving us access to auth for extracting user_id.
-
-
-# Request models
-class FindAgentRequest(BaseModel):
-    query: str = Field(..., description="Search query for finding agents")
-
-
-class RunAgentRequest(BaseModel):
-    """Request to run or schedule an agent.
-
-    The tool automatically handles the setup flow:
-    - First call returns available inputs so user can decide what values to use
-    - Returns missing credentials if user needs to configure them
-    - Executes when inputs are provided OR use_defaults=true
-    - Schedules execution if schedule_name and cron are provided
-    """
-
-    username_agent_slug: str = Field(
-        ...,
-        description="The marketplace agent slug (e.g., 'username/agent-name')",
-    )
-    inputs: dict[str, Any] = Field(
-        default_factory=dict,
-        description="Dictionary of input values for the agent",
-    )
-    use_defaults: bool = Field(
-        default=False,
-        description="Set to true to run with default values (user must confirm)",
-    )
-    schedule_name: str | None = Field(
-        None,
-        description="Name for scheduled execution (triggers scheduling mode)",
-    )
-    cron: str | None = Field(
-        None,
-        description="Cron expression (5 fields: minute hour day month weekday)",
-    )
-    timezone: str = Field(
-        default="UTC",
-        description="IANA timezone (e.g., 'America/New_York', 'UTC')",
-    )
-
-
-def _create_ephemeral_session(user_id: str | None) -> ChatSession:
-    """Create an ephemeral session for stateless API requests."""
-    return ChatSession.new(user_id)
-
-
-@tools_router.post(
-    path="/find-agent",
-)
-async def find_agent(
-    request: FindAgentRequest,
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.USE_TOOLS)
-    ),
-) -> dict[str, Any]:
-    """
-    Search for agents in the marketplace based on capabilities and user needs.
-
-    Args:
-        request: Search query for finding agents
-
-    Returns:
-        List of matching agents or no results response
-    """
-    session = _create_ephemeral_session(auth.user_id)
-    result = await find_agent_tool._execute(
-        user_id=auth.user_id,
-        session=session,
-        query=request.query,
-    )
-    return _response_to_dict(result)
-
-
-@tools_router.post(
-    path="/run-agent",
-)
-async def run_agent(
-    request: RunAgentRequest,
-    auth: APIAuthorizationInfo = Security(
-        require_permission(APIKeyPermission.USE_TOOLS)
-    ),
-) -> dict[str, Any]:
-    """
-    Run or schedule an agent from the marketplace.
-
-    The endpoint automatically handles the setup flow:
-    - Returns missing inputs if required fields are not provided
-    - Returns missing credentials if user needs to configure them
-    - Executes immediately if all requirements are met
-    - Schedules execution if schedule_name and cron are provided
-
-    For scheduled execution:
-    - Cron format: "minute hour day month weekday"
-    - Examples: "0 9 * * 1-5" (9am weekdays), "0 0 * * *" (daily at midnight)
-    - Timezone: Use IANA timezone names like "America/New_York"
-
-    Args:
-        request: Agent slug, inputs, and optional schedule config
-
-    Returns:
-        - setup_requirements: If inputs or credentials are missing
-        - execution_started: If agent was run or scheduled successfully
-        - error: If something went wrong
-    """
-    session = _create_ephemeral_session(auth.user_id)
-    result = await run_agent_tool._execute(
-        user_id=auth.user_id,
-        session=session,
-        username_agent_slug=request.username_agent_slug,
-        inputs=request.inputs,
-        use_defaults=request.use_defaults,
-        schedule_name=request.schedule_name or "",
-        cron=request.cron or "",
-        timezone=request.timezone,
-    )
-    return _response_to_dict(result)
-
-
-def _response_to_dict(result: ToolResponseBase) -> dict[str, Any]:
-    """Convert a tool response to a dictionary for JSON serialization."""
-    return result.model_dump()

autogpt_platform/backend/backend/api/features/analytics_test.py

@@ -1,340 +0,0 @@
-"""Tests for analytics API endpoints."""
-
-import json
-from unittest.mock import AsyncMock, Mock
-
-import fastapi
-import fastapi.testclient
-import pytest
-import pytest_mock
-from pytest_snapshot.plugin import Snapshot
-
-from .analytics import router as analytics_router
-
-app = fastapi.FastAPI()
-app.include_router(analytics_router)
-
-client = fastapi.testclient.TestClient(app)
-
-
-@pytest.fixture(autouse=True)
-def setup_app_auth(mock_jwt_user):
-    """Setup auth overrides for all tests in this module."""
-    from autogpt_libs.auth.jwt_utils import get_jwt_payload
-
-    app.dependency_overrides[get_jwt_payload] = mock_jwt_user["get_jwt_payload"]
-    yield
-    app.dependency_overrides.clear()
-
-
-# =============================================================================
-# /log_raw_metric endpoint tests
-# =============================================================================
-
-
-def test_log_raw_metric_success(
-    mocker: pytest_mock.MockFixture,
-    configured_snapshot: Snapshot,
-    test_user_id: str,
-) -> None:
-    """Test successful raw metric logging."""
-    mock_result = Mock(id="metric-123-uuid")
-    mock_log_metric = mocker.patch(
-        "backend.data.analytics.log_raw_metric",
-        new_callable=AsyncMock,
-        return_value=mock_result,
-    )
-
-    request_data = {
-        "metric_name": "page_load_time",
-        "metric_value": 2.5,
-        "data_string": "/dashboard",
-    }
-
-    response = client.post("/log_raw_metric", json=request_data)
-
-    assert response.status_code == 200, f"Unexpected response: {response.text}"
-    assert response.json() == "metric-123-uuid"
-
-    mock_log_metric.assert_called_once_with(
-        user_id=test_user_id,
-        metric_name="page_load_time",
-        metric_value=2.5,
-        data_string="/dashboard",
-    )
-
-    configured_snapshot.assert_match(
-        json.dumps({"metric_id": response.json()}, indent=2, sort_keys=True),
-        "analytics_log_metric_success",
-    )
-
-
-@pytest.mark.parametrize(
-    "metric_value,metric_name,data_string,test_id",
-    [
-        (100, "api_calls_count", "external_api", "integer_value"),
-        (0, "error_count", "no_errors", "zero_value"),
-        (-5.2, "temperature_delta", "cooling", "negative_value"),
-        (1.23456789, "precision_test", "float_precision", "float_precision"),
-        (999999999, "large_number", "max_value", "large_number"),
-        (0.0000001, "tiny_number", "min_value", "tiny_number"),
-    ],
-)
-def test_log_raw_metric_various_values(
-    mocker: pytest_mock.MockFixture,
-    configured_snapshot: Snapshot,
-    metric_value: float,
-    metric_name: str,
-    data_string: str,
-    test_id: str,
-) -> None:
-    """Test raw metric logging with various metric values."""
-    mock_result = Mock(id=f"metric-{test_id}-uuid")
-    mocker.patch(
-        "backend.data.analytics.log_raw_metric",
-        new_callable=AsyncMock,
-        return_value=mock_result,
-    )
-
-    request_data = {
-        "metric_name": metric_name,
-        "metric_value": metric_value,
-        "data_string": data_string,
-    }
-
-    response = client.post("/log_raw_metric", json=request_data)
-
-    assert response.status_code == 200, f"Failed for {test_id}: {response.text}"
-
-    configured_snapshot.assert_match(
-        json.dumps(
-            {"metric_id": response.json(), "test_case": test_id},
-            indent=2,
-            sort_keys=True,
-        ),
-        f"analytics_metric_{test_id}",
-    )
-
-
-@pytest.mark.parametrize(
-    "invalid_data,expected_error",
-    [
-        ({}, "Field required"),
-        ({"metric_name": "test"}, "Field required"),
-        (
-            {"metric_name": "test", "metric_value": "not_a_number", "data_string": "x"},
-            "Input should be a valid number",
-        ),
-        (
-            {"metric_name": "", "metric_value": 1.0, "data_string": "test"},
-            "String should have at least 1 character",
-        ),
-        (
-            {"metric_name": "test", "metric_value": 1.0, "data_string": ""},
-            "String should have at least 1 character",
-        ),
-    ],
-    ids=[
-        "empty_request",
-        "missing_metric_value_and_data_string",
-        "invalid_metric_value_type",
-        "empty_metric_name",
-        "empty_data_string",
-    ],
-)
-def test_log_raw_metric_validation_errors(
-    invalid_data: dict,
-    expected_error: str,
-) -> None:
-    """Test validation errors for invalid metric requests."""
-    response = client.post("/log_raw_metric", json=invalid_data)
-
-    assert response.status_code == 422
-    error_detail = response.json()
-    assert "detail" in error_detail, f"Missing 'detail' in error: {error_detail}"
-
-    error_text = json.dumps(error_detail)
-    assert (
-        expected_error in error_text
-    ), f"Expected '{expected_error}' in error response: {error_text}"
-
-
-def test_log_raw_metric_service_error(
-    mocker: pytest_mock.MockFixture,
-    test_user_id: str,
-) -> None:
-    """Test error handling when analytics service fails."""
-    mocker.patch(
-        "backend.data.analytics.log_raw_metric",
-        new_callable=AsyncMock,
-        side_effect=Exception("Database connection failed"),
-    )
-
-    request_data = {
-        "metric_name": "test_metric",
-        "metric_value": 1.0,
-        "data_string": "test",
-    }
-
-    response = client.post("/log_raw_metric", json=request_data)
-
-    assert response.status_code == 500
-    error_detail = response.json()["detail"]
-    assert "Database connection failed" in error_detail["message"]
-    assert "hint" in error_detail
-
-
-# =============================================================================
-# /log_raw_analytics endpoint tests
-# =============================================================================
-
-
-def test_log_raw_analytics_success(
-    mocker: pytest_mock.MockFixture,
-    configured_snapshot: Snapshot,
-    test_user_id: str,
-) -> None:
-    """Test successful raw analytics logging."""
-    mock_result = Mock(id="analytics-789-uuid")
-    mock_log_analytics = mocker.patch(
-        "backend.data.analytics.log_raw_analytics",
-        new_callable=AsyncMock,
-        return_value=mock_result,
-    )
-
-    request_data = {
-        "type": "user_action",
-        "data": {
-            "action": "button_click",
-            "button_id": "submit_form",
-            "timestamp": "2023-01-01T00:00:00Z",
-            "metadata": {"form_type": "registration", "fields_filled": 5},
-        },
-        "data_index": "button_click_submit_form",
-    }
-
-    response = client.post("/log_raw_analytics", json=request_data)
-
-    assert response.status_code == 200, f"Unexpected response: {response.text}"
-    assert response.json() == "analytics-789-uuid"
-
-    mock_log_analytics.assert_called_once_with(
-        test_user_id,
-        "user_action",
-        request_data["data"],
-        "button_click_submit_form",
-    )
-
-    configured_snapshot.assert_match(
-        json.dumps({"analytics_id": response.json()}, indent=2, sort_keys=True),
-        "analytics_log_analytics_success",
-    )
-
-
-def test_log_raw_analytics_complex_data(
-    mocker: pytest_mock.MockFixture,
-    configured_snapshot: Snapshot,
-) -> None:
-    """Test raw analytics logging with complex nested data structures."""
-    mock_result = Mock(id="analytics-complex-uuid")
-    mocker.patch(
-        "backend.data.analytics.log_raw_analytics",
-        new_callable=AsyncMock,
-        return_value=mock_result,
-    )
-
-    request_data = {
-        "type": "agent_execution",
-        "data": {
-            "agent_id": "agent_123",
-            "execution_id": "exec_456",
-            "status": "completed",
-            "duration_ms": 3500,
-            "nodes_executed": 15,
-            "blocks_used": [
-                {"block_id": "llm_block", "count": 3},
-                {"block_id": "http_block", "count": 5},
-                {"block_id": "code_block", "count": 2},
-            ],
-            "errors": [],
-            "metadata": {
-                "trigger": "manual",
-                "user_tier": "premium",
-                "environment": "production",
-            },
-        },
-        "data_index": "agent_123_exec_456",
-    }
-
-    response = client.post("/log_raw_analytics", json=request_data)
-
-    assert response.status_code == 200
-
-    configured_snapshot.assert_match(
-        json.dumps(
-            {"analytics_id": response.json(), "logged_data": request_data["data"]},
-            indent=2,
-            sort_keys=True,
-        ),
-        "analytics_log_analytics_complex_data",
-    )
-
-
-@pytest.mark.parametrize(
-    "invalid_data,expected_error",
-    [
-        ({}, "Field required"),
-        ({"type": "test"}, "Field required"),
-        (
-            {"type": "test", "data": "not_a_dict", "data_index": "test"},
-            "Input should be a valid dictionary",
-        ),
-        ({"type": "test", "data": {"key": "value"}}, "Field required"),
-    ],
-    ids=[
-        "empty_request",
-        "missing_data_and_data_index",
-        "invalid_data_type",
-        "missing_data_index",
-    ],
-)
-def test_log_raw_analytics_validation_errors(
-    invalid_data: dict,
-    expected_error: str,
-) -> None:
-    """Test validation errors for invalid analytics requests."""
-    response = client.post("/log_raw_analytics", json=invalid_data)
-
-    assert response.status_code == 422
-    error_detail = response.json()
-    assert "detail" in error_detail, f"Missing 'detail' in error: {error_detail}"
-
-    error_text = json.dumps(error_detail)
-    assert (
-        expected_error in error_text
-    ), f"Expected '{expected_error}' in error response: {error_text}"
-
-
-def test_log_raw_analytics_service_error(
-    mocker: pytest_mock.MockFixture,
-    test_user_id: str,
-) -> None:
-    """Test error handling when analytics service fails."""
-    mocker.patch(
-        "backend.data.analytics.log_raw_analytics",
-        new_callable=AsyncMock,
-        side_effect=Exception("Analytics DB unreachable"),
-    )
-
-    request_data = {
-        "type": "test_event",
-        "data": {"key": "value"},
-        "data_index": "test_index",
-    }
-
-    response = client.post("/log_raw_analytics", json=request_data)
-
-    assert response.status_code == 500
-    error_detail = response.json()["detail"]
-    assert "Analytics DB unreachable" in error_detail["message"]
-    assert "hint" in error_detail

autogpt_platform/backend/backend/api/features/builder/db.py

@@ -1,689 +0,0 @@
-import logging
-from dataclasses import dataclass
-from datetime import datetime, timedelta, timezone
-from difflib import SequenceMatcher
-from typing import Sequence
-
-import prisma
-
-import backend.api.features.library.db as library_db
-import backend.api.features.library.model as library_model
-import backend.api.features.store.db as store_db
-import backend.api.features.store.model as store_model
-import backend.data.block
-from backend.blocks import load_all_blocks
-from backend.blocks.llm import LlmModel
-from backend.data.block import AnyBlockSchema, BlockCategory, BlockInfo, BlockSchema
-from backend.data.db import query_raw_with_schema
-from backend.integrations.providers import ProviderName
-from backend.util.cache import cached
-from backend.util.models import Pagination
-
-from .model import (
-    BlockCategoryResponse,
-    BlockResponse,
-    BlockType,
-    CountResponse,
-    FilterType,
-    Provider,
-    ProviderResponse,
-    SearchEntry,
-)
-
-logger = logging.getLogger(__name__)
-llm_models = [name.name.lower().replace("_", " ") for name in LlmModel]
-
-MAX_LIBRARY_AGENT_RESULTS = 100
-MAX_MARKETPLACE_AGENT_RESULTS = 100
-MIN_SCORE_FOR_FILTERED_RESULTS = 10.0
-
-SearchResultItem = BlockInfo | library_model.LibraryAgent | store_model.StoreAgent
-
-
-@dataclass
-class _ScoredItem:
-    item: SearchResultItem
-    filter_type: FilterType
-    score: float
-    sort_key: str
-
-
-@dataclass
-class _SearchCacheEntry:
-    items: list[SearchResultItem]
-    total_items: dict[FilterType, int]
-
-
-def get_block_categories(category_blocks: int = 3) -> list[BlockCategoryResponse]:
-    categories: dict[BlockCategory, BlockCategoryResponse] = {}
-
-    for block_type in load_all_blocks().values():
-        block: AnyBlockSchema = block_type()
-        # Skip disabled blocks
-        if block.disabled:
-            continue
-        # Skip blocks that don't have categories (all should have at least one)
-        if not block.categories:
-            continue
-
-        # Add block to the categories
-        for category in block.categories:
-            if category not in categories:
-                categories[category] = BlockCategoryResponse(
-                    name=category.name.lower(),
-                    total_blocks=0,
-                    blocks=[],
-                )
-
-            categories[category].total_blocks += 1
-
-            # Append if the category has less than the specified number of blocks
-            if len(categories[category].blocks) < category_blocks:
-                categories[category].blocks.append(block.get_info())
-
-    # Sort categories by name
-    return sorted(categories.values(), key=lambda x: x.name)
-
-
-def get_blocks(
-    *,
-    category: str | None = None,
-    type: BlockType | None = None,
-    provider: ProviderName | None = None,
-    page: int = 1,
-    page_size: int = 50,
-) -> BlockResponse:
-    """
-    Get blocks based on either category, type or provider.
-    Providing nothing fetches all block types.
-    """
-    # Only one of category, type, or provider can be specified
-    if (category and type) or (category and provider) or (type and provider):
-        raise ValueError("Only one of category, type, or provider can be specified")
-
-    blocks: list[AnyBlockSchema] = []
-    skip = (page - 1) * page_size
-    take = page_size
-    total = 0
-
-    for block_type in load_all_blocks().values():
-        block: AnyBlockSchema = block_type()
-        # Skip disabled blocks
-        if block.disabled:
-            continue
-        # Skip blocks that don't match the category
-        if category and category not in {c.name.lower() for c in block.categories}:
-            continue
-        # Skip blocks that don't match the type
-        if (
-            (type == "input" and block.block_type.value != "Input")
-            or (type == "output" and block.block_type.value != "Output")
-            or (type == "action" and block.block_type.value in ("Input", "Output"))
-        ):
-            continue
-        # Skip blocks that don't match the provider
-        if provider:
-            credentials_info = block.input_schema.get_credentials_fields_info().values()
-            if not any(provider in info.provider for info in credentials_info):
-                continue
-
-        total += 1
-        if skip > 0:
-            skip -= 1
-            continue
-        if take > 0:
-            take -= 1
-            blocks.append(block)
-
-    return BlockResponse(
-        blocks=[b.get_info() for b in blocks],
-        pagination=Pagination(
-            total_items=total,
-            total_pages=(total + page_size - 1) // page_size,
-            current_page=page,
-            page_size=page_size,
-        ),
-    )
-
-
-def get_block_by_id(block_id: str) -> BlockInfo | None:
-    """
-    Get a specific block by its ID.
-    """
-    for block_type in load_all_blocks().values():
-        block: AnyBlockSchema = block_type()
-        if block.id == block_id:
-            return block.get_info()
-    return None
-
-
-async def update_search(user_id: str, search: SearchEntry) -> str:
-    """
-    Upsert a search request for the user and return the search ID.
-    """
-    if search.search_id:
-        # Update existing search
-        await prisma.models.BuilderSearchHistory.prisma().update(
-            where={
-                "id": search.search_id,
-            },
-            data={
-                "searchQuery": search.search_query or "",
-                "filter": search.filter or [],  # type: ignore
-                "byCreator": search.by_creator or [],
-            },
-        )
-        return search.search_id
-    else:
-        # Create new search
-        new_search = await prisma.models.BuilderSearchHistory.prisma().create(
-            data={
-                "userId": user_id,
-                "searchQuery": search.search_query or "",
-                "filter": search.filter or [],  # type: ignore
-                "byCreator": search.by_creator or [],
-            }
-        )
-        return new_search.id
-
-
-async def get_recent_searches(user_id: str, limit: int = 5) -> list[SearchEntry]:
-    """
-    Get the user's most recent search requests.
-    """
-    searches = await prisma.models.BuilderSearchHistory.prisma().find_many(
-        where={
-            "userId": user_id,
-        },
-        order={
-            "updatedAt": "desc",
-        },
-        take=limit,
-    )
-    return [
-        SearchEntry(
-            search_query=s.searchQuery,
-            filter=s.filter,  # type: ignore
-            by_creator=s.byCreator,
-            search_id=s.id,
-        )
-        for s in searches
-    ]
-
-
-async def get_sorted_search_results(
-    *,
-    user_id: str,
-    search_query: str | None,
-    filters: Sequence[FilterType],
-    by_creator: Sequence[str] | None = None,
-) -> _SearchCacheEntry:
-    normalized_filters: tuple[FilterType, ...] = tuple(sorted(set(filters or [])))
-    normalized_creators: tuple[str, ...] = tuple(sorted(set(by_creator or [])))
-    return await _build_cached_search_results(
-        user_id=user_id,
-        search_query=search_query or "",
-        filters=normalized_filters,
-        by_creator=normalized_creators,
-    )
-
-
-@cached(ttl_seconds=300, shared_cache=True)
-async def _build_cached_search_results(
-    user_id: str,
-    search_query: str,
-    filters: tuple[FilterType, ...],
-    by_creator: tuple[str, ...],
-) -> _SearchCacheEntry:
-    normalized_query = (search_query or "").strip().lower()
-
-    include_blocks = "blocks" in filters
-    include_integrations = "integrations" in filters
-    include_library_agents = "my_agents" in filters
-    include_marketplace_agents = "marketplace_agents" in filters
-
-    scored_items: list[_ScoredItem] = []
-    total_items: dict[FilterType, int] = {
-        "blocks": 0,
-        "integrations": 0,
-        "marketplace_agents": 0,
-        "my_agents": 0,
-    }
-
-    block_results, block_total, integration_total = _collect_block_results(
-        normalized_query=normalized_query,
-        include_blocks=include_blocks,
-        include_integrations=include_integrations,
-    )
-    scored_items.extend(block_results)
-    total_items["blocks"] = block_total
-    total_items["integrations"] = integration_total
-
-    if include_library_agents:
-        library_response = await library_db.list_library_agents(
-            user_id=user_id,
-            search_term=search_query or None,
-            page=1,
-            page_size=MAX_LIBRARY_AGENT_RESULTS,
-        )
-        total_items["my_agents"] = library_response.pagination.total_items
-        scored_items.extend(
-            _build_library_items(
-                agents=library_response.agents,
-                normalized_query=normalized_query,
-            )
-        )
-
-    if include_marketplace_agents:
-        marketplace_response = await store_db.get_store_agents(
-            creators=list(by_creator) or None,
-            search_query=search_query or None,
-            page=1,
-            page_size=MAX_MARKETPLACE_AGENT_RESULTS,
-        )
-        total_items["marketplace_agents"] = marketplace_response.pagination.total_items
-        scored_items.extend(
-            _build_marketplace_items(
-                agents=marketplace_response.agents,
-                normalized_query=normalized_query,
-            )
-        )
-
-    sorted_items = sorted(
-        scored_items,
-        key=lambda entry: (-entry.score, entry.sort_key, entry.filter_type),
-    )
-
-    return _SearchCacheEntry(
-        items=[entry.item for entry in sorted_items],
-        total_items=total_items,
-    )
-
-
-def _collect_block_results(
-    *,
-    normalized_query: str,
-    include_blocks: bool,
-    include_integrations: bool,
-) -> tuple[list[_ScoredItem], int, int]:
-    results: list[_ScoredItem] = []
-    block_count = 0
-    integration_count = 0
-
-    if not include_blocks and not include_integrations:
-        return results, block_count, integration_count
-
-    for block_type in load_all_blocks().values():
-        block: AnyBlockSchema = block_type()
-        if block.disabled:
-            continue
-
-        block_info = block.get_info()
-        credentials = list(block.input_schema.get_credentials_fields().values())
-        is_integration = len(credentials) > 0
-
-        if is_integration and not include_integrations:
-            continue
-        if not is_integration and not include_blocks:
-            continue
-
-        score = _score_block(block, block_info, normalized_query)
-        if not _should_include_item(score, normalized_query):
-            continue
-
-        filter_type: FilterType = "integrations" if is_integration else "blocks"
-        if is_integration:
-            integration_count += 1
-        else:
-            block_count += 1
-
-        results.append(
-            _ScoredItem(
-                item=block_info,
-                filter_type=filter_type,
-                score=score,
-                sort_key=_get_item_name(block_info),
-            )
-        )
-
-    return results, block_count, integration_count
-
-
-def _build_library_items(
-    *,
-    agents: list[library_model.LibraryAgent],
-    normalized_query: str,
-) -> list[_ScoredItem]:
-    results: list[_ScoredItem] = []
-
-    for agent in agents:
-        score = _score_library_agent(agent, normalized_query)
-        if not _should_include_item(score, normalized_query):
-            continue
-
-        results.append(
-            _ScoredItem(
-                item=agent,
-                filter_type="my_agents",
-                score=score,
-                sort_key=_get_item_name(agent),
-            )
-        )
-
-    return results
-
-
-def _build_marketplace_items(
-    *,
-    agents: list[store_model.StoreAgent],
-    normalized_query: str,
-) -> list[_ScoredItem]:
-    results: list[_ScoredItem] = []
-
-    for agent in agents:
-        score = _score_store_agent(agent, normalized_query)
-        if not _should_include_item(score, normalized_query):
-            continue
-
-        results.append(
-            _ScoredItem(
-                item=agent,
-                filter_type="marketplace_agents",
-                score=score,
-                sort_key=_get_item_name(agent),
-            )
-        )
-
-    return results
-
-
-def get_providers(
-    query: str = "",
-    page: int = 1,
-    page_size: int = 50,
-) -> ProviderResponse:
-    providers = []
-    query = query.lower()
-
-    skip = (page - 1) * page_size
-    take = page_size
-
-    all_providers = _get_all_providers()
-
-    for provider in all_providers.values():
-        if (
-            query not in provider.name.value.lower()
-            and query not in provider.description.lower()
-        ):
-            continue
-        if skip > 0:
-            skip -= 1
-            continue
-        if take > 0:
-            take -= 1
-            providers.append(provider)
-
-    total = len(all_providers)
-
-    return ProviderResponse(
-        providers=providers,
-        pagination=Pagination(
-            total_items=total,
-            total_pages=(total + page_size - 1) // page_size,
-            current_page=page,
-            page_size=page_size,
-        ),
-    )
-
-
-async def get_counts(user_id: str) -> CountResponse:
-    my_agents = await prisma.models.LibraryAgent.prisma().count(
-        where={
-            "userId": user_id,
-            "isDeleted": False,
-            "isArchived": False,
-        }
-    )
-    counts = await _get_static_counts()
-    return CountResponse(
-        my_agents=my_agents,
-        **counts,
-    )
-
-
-@cached(ttl_seconds=3600)
-async def _get_static_counts():
-    """
-    Get counts of blocks, integrations, and marketplace agents.
-    This is cached to avoid unnecessary database queries and calculations.
-    """
-    all_blocks = 0
-    input_blocks = 0
-    action_blocks = 0
-    output_blocks = 0
-    integrations = 0
-
-    for block_type in load_all_blocks().values():
-        block: AnyBlockSchema = block_type()
-        if block.disabled:
-            continue
-
-        all_blocks += 1
-
-        if block.block_type.value == "Input":
-            input_blocks += 1
-        elif block.block_type.value == "Output":
-            output_blocks += 1
-        else:
-            action_blocks += 1
-
-        credentials = list(block.input_schema.get_credentials_fields().values())
-        if len(credentials) > 0:
-            integrations += 1
-
-    marketplace_agents = await prisma.models.StoreAgent.prisma().count()
-
-    return {
-        "all_blocks": all_blocks,
-        "input_blocks": input_blocks,
-        "action_blocks": action_blocks,
-        "output_blocks": output_blocks,
-        "integrations": integrations,
-        "marketplace_agents": marketplace_agents,
-    }
-
-
-def _matches_llm_model(schema_cls: type[BlockSchema], query: str) -> bool:
-    for field in schema_cls.model_fields.values():
-        if field.annotation == LlmModel:
-            # Check if query matches any value in llm_models
-            if any(query in name for name in llm_models):
-                return True
-    return False
-
-
-def _score_block(
-    block: AnyBlockSchema,
-    block_info: BlockInfo,
-    normalized_query: str,
-) -> float:
-    if not normalized_query:
-        return 0.0
-
-    name = block_info.name.lower()
-    description = block_info.description.lower()
-    score = _score_primary_fields(name, description, normalized_query)
-
-    category_text = " ".join(
-        category.get("category", "").lower() for category in block_info.categories
-    )
-    score += _score_additional_field(category_text, normalized_query, 12, 6)
-
-    credentials_info = block.input_schema.get_credentials_fields_info().values()
-    provider_names = [
-        provider.value.lower()
-        for info in credentials_info
-        for provider in info.provider
-    ]
-    provider_text = " ".join(provider_names)
-    score += _score_additional_field(provider_text, normalized_query, 15, 6)
-
-    if _matches_llm_model(block.input_schema, normalized_query):
-        score += 20
-
-    return score
-
-
-def _score_library_agent(
-    agent: library_model.LibraryAgent,
-    normalized_query: str,
-) -> float:
-    if not normalized_query:
-        return 0.0
-
-    name = agent.name.lower()
-    description = (agent.description or "").lower()
-    instructions = (agent.instructions or "").lower()
-
-    score = _score_primary_fields(name, description, normalized_query)
-    score += _score_additional_field(instructions, normalized_query, 15, 6)
-    score += _score_additional_field(
-        agent.creator_name.lower(), normalized_query, 10, 5
-    )
-
-    return score
-
-
-def _score_store_agent(
-    agent: store_model.StoreAgent,
-    normalized_query: str,
-) -> float:
-    if not normalized_query:
-        return 0.0
-
-    name = agent.agent_name.lower()
-    description = agent.description.lower()
-    sub_heading = agent.sub_heading.lower()
-
-    score = _score_primary_fields(name, description, normalized_query)
-    score += _score_additional_field(sub_heading, normalized_query, 12, 6)
-    score += _score_additional_field(agent.creator.lower(), normalized_query, 10, 5)
-
-    return score
-
-
-def _score_primary_fields(name: str, description: str, query: str) -> float:
-    score = 0.0
-    if name == query:
-        score += 120
-    elif name.startswith(query):
-        score += 90
-    elif query in name:
-        score += 60
-
-    score += SequenceMatcher(None, name, query).ratio() * 50
-    if description:
-        if query in description:
-            score += 30
-        score += SequenceMatcher(None, description, query).ratio() * 25
-    return score
-
-
-def _score_additional_field(
-    value: str,
-    query: str,
-    contains_weight: float,
-    similarity_weight: float,
-) -> float:
-    if not value or not query:
-        return 0.0
-
-    score = 0.0
-    if query in value:
-        score += contains_weight
-    score += SequenceMatcher(None, value, query).ratio() * similarity_weight
-    return score
-
-
-def _should_include_item(score: float, normalized_query: str) -> bool:
-    if not normalized_query:
-        return True
-    return score >= MIN_SCORE_FOR_FILTERED_RESULTS
-
-
-def _get_item_name(item: SearchResultItem) -> str:
-    if isinstance(item, BlockInfo):
-        return item.name.lower()
-    if isinstance(item, library_model.LibraryAgent):
-        return item.name.lower()
-    return item.agent_name.lower()
-
-
-@cached(ttl_seconds=3600)
-def _get_all_providers() -> dict[ProviderName, Provider]:
-    providers: dict[ProviderName, Provider] = {}
-
-    for block_type in load_all_blocks().values():
-        block: AnyBlockSchema = block_type()
-        if block.disabled:
-            continue
-
-        credentials_info = block.input_schema.get_credentials_fields_info().values()
-        for info in credentials_info:
-            for provider in info.provider:  # provider is a ProviderName enum member
-                if provider in providers:
-                    providers[provider].integration_count += 1
-                else:
-                    providers[provider] = Provider(
-                        name=provider, description="", integration_count=1
-                    )
-    return providers
-
-
-@cached(ttl_seconds=3600)
-async def get_suggested_blocks(count: int = 5) -> list[BlockInfo]:
-    suggested_blocks = []
-    # Sum the number of executions for each block type
-    # Prisma cannot group by nested relations, so we do a raw query
-    # Calculate the cutoff timestamp
-    timestamp_threshold = datetime.now(timezone.utc) - timedelta(days=30)
-
-    results = await query_raw_with_schema(
-        """
-        SELECT
-            agent_node."agentBlockId" AS block_id,
-            COUNT(execution.id) AS execution_count
-        FROM {schema_prefix}"AgentNodeExecution" execution
-        JOIN {schema_prefix}"AgentNode" agent_node ON execution."agentNodeId" = agent_node.id
-        WHERE execution."endedTime" >= $1::timestamp
-        GROUP BY agent_node."agentBlockId"
-        ORDER BY execution_count DESC;
-        """,
-        timestamp_threshold,
-    )
-
-    # Get the top blocks based on execution count
-    # But ignore Input and Output blocks
-    blocks: list[tuple[BlockInfo, int]] = []
-
-    for block_type in load_all_blocks().values():
-        block: AnyBlockSchema = block_type()
-        if block.disabled or block.block_type in (
-            backend.data.block.BlockType.INPUT,
-            backend.data.block.BlockType.OUTPUT,
-            backend.data.block.BlockType.AGENT,
-        ):
-            continue
-        # Find the execution count for this block
-        execution_count = next(
-            (row["execution_count"] for row in results if row["block_id"] == block.id),
-            0,
-        )
-        blocks.append((block.get_info(), execution_count))
-    # Sort blocks by execution count
-    blocks.sort(key=lambda x: x[1], reverse=True)
-
-    suggested_blocks = [block[0] for block in blocks]
-
-    # Return the top blocks
-    return suggested_blocks[:count]

autogpt_platform/backend/backend/api/features/oauth.py

@@ -1,833 +0,0 @@
-"""
-OAuth 2.0 Provider Endpoints
-
-Implements OAuth 2.0 Authorization Code flow with PKCE support.
-
-Flow:
-1. User clicks "Login with AutoGPT" in 3rd party app
-2. App redirects user to /auth/authorize with client_id, redirect_uri, scope, state
-3. User sees consent screen (if not already logged in, redirects to login first)
-4. User approves → backend creates authorization code
-5. User redirected back to app with code
-6. App exchanges code for access/refresh tokens at /api/oauth/token
-7. App uses access token to call external API endpoints
-"""
-
-import io
-import logging
-import os
-import uuid
-from datetime import datetime
-from typing import Literal, Optional
-from urllib.parse import urlencode
-
-from autogpt_libs.auth import get_user_id
-from fastapi import APIRouter, Body, HTTPException, Security, UploadFile, status
-from gcloud.aio import storage as async_storage
-from PIL import Image
-from prisma.enums import APIKeyPermission
-from pydantic import BaseModel, Field
-
-from backend.data.auth.oauth import (
-    InvalidClientError,
-    InvalidGrantError,
-    OAuthApplicationInfo,
-    TokenIntrospectionResult,
-    consume_authorization_code,
-    create_access_token,
-    create_authorization_code,
-    create_refresh_token,
-    get_oauth_application,
-    get_oauth_application_by_id,
-    introspect_token,
-    list_user_oauth_applications,
-    refresh_tokens,
-    revoke_access_token,
-    revoke_refresh_token,
-    update_oauth_application,
-    validate_client_credentials,
-    validate_redirect_uri,
-    validate_scopes,
-)
-from backend.util.settings import Settings
-from backend.util.virus_scanner import scan_content_safe
-
-settings = Settings()
-logger = logging.getLogger(__name__)
-
-router = APIRouter()
-
-
-# ============================================================================
-# Request/Response Models
-# ============================================================================
-
-
-class TokenResponse(BaseModel):
-    """OAuth 2.0 token response"""
-
-    token_type: Literal["Bearer"] = "Bearer"
-    access_token: str
-    access_token_expires_at: datetime
-    refresh_token: str
-    refresh_token_expires_at: datetime
-    scopes: list[str]
-
-
-class ErrorResponse(BaseModel):
-    """OAuth 2.0 error response"""
-
-    error: str
-    error_description: Optional[str] = None
-
-
-class OAuthApplicationPublicInfo(BaseModel):
-    """Public information about an OAuth application (for consent screen)"""
-
-    name: str
-    description: Optional[str] = None
-    logo_url: Optional[str] = None
-    scopes: list[str]
-
-
-# ============================================================================
-# Application Info Endpoint
-# ============================================================================
-
-
-@router.get(
-    "/app/{client_id}",
-    responses={
-        404: {"description": "Application not found or disabled"},
-    },
-)
-async def get_oauth_app_info(
-    client_id: str, user_id: str = Security(get_user_id)
-) -> OAuthApplicationPublicInfo:
-    """
-    Get public information about an OAuth application.
-
-    This endpoint is used by the consent screen to display application details
-    to the user before they authorize access.
-
-    Returns:
-    - name: Application name
-    - description: Application description (if provided)
-    - scopes: List of scopes the application is allowed to request
-    """
-    app = await get_oauth_application(client_id)
-    if not app or not app.is_active:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail="Application not found",
-        )
-
-    return OAuthApplicationPublicInfo(
-        name=app.name,
-        description=app.description,
-        logo_url=app.logo_url,
-        scopes=[s.value for s in app.scopes],
-    )
-
-
-# ============================================================================
-# Authorization Endpoint
-# ============================================================================
-
-
-class AuthorizeRequest(BaseModel):
-    """OAuth 2.0 authorization request"""
-
-    client_id: str = Field(description="Client identifier")
-    redirect_uri: str = Field(description="Redirect URI")
-    scopes: list[str] = Field(description="List of scopes")
-    state: str = Field(description="Anti-CSRF token from client")
-    response_type: str = Field(
-        default="code", description="Must be 'code' for authorization code flow"
-    )
-    code_challenge: str = Field(description="PKCE code challenge (required)")
-    code_challenge_method: Literal["S256", "plain"] = Field(
-        default="S256", description="PKCE code challenge method (S256 recommended)"
-    )
-
-
-class AuthorizeResponse(BaseModel):
-    """OAuth 2.0 authorization response with redirect URL"""
-
-    redirect_url: str = Field(description="URL to redirect the user to")
-
-
-@router.post("/authorize")
-async def authorize(
-    request: AuthorizeRequest = Body(),
-    user_id: str = Security(get_user_id),
-) -> AuthorizeResponse:
-    """
-    OAuth 2.0 Authorization Endpoint
-
-    User must be logged in (authenticated with Supabase JWT).
-    This endpoint creates an authorization code and returns a redirect URL.
-
-    PKCE (Proof Key for Code Exchange) is REQUIRED for all authorization requests.
-
-    The frontend consent screen should call this endpoint after the user approves,
-    then redirect the user to the returned `redirect_url`.
-
-    Request Body:
-    - client_id: The OAuth application's client ID
-    - redirect_uri: Where to redirect after authorization (must match registered URI)
-    - scopes: List of permissions (e.g., "EXECUTE_GRAPH READ_GRAPH")
-    - state: Anti-CSRF token provided by client (will be returned in redirect)
-    - response_type: Must be "code" (for authorization code flow)
-    - code_challenge: PKCE code challenge (required)
-    - code_challenge_method: "S256" (recommended) or "plain"
-
-    Returns:
-    - redirect_url: The URL to redirect the user to (includes authorization code)
-
-    Error cases return a redirect_url with error parameters, or raise HTTPException
-    for critical errors (like invalid redirect_uri).
-    """
-    try:
-        # Validate response_type
-        if request.response_type != "code":
-            return _error_redirect_url(
-                request.redirect_uri,
-                request.state,
-                "unsupported_response_type",
-                "Only 'code' response type is supported",
-            )
-
-        # Get application
-        app = await get_oauth_application(request.client_id)
-        if not app:
-            return _error_redirect_url(
-                request.redirect_uri,
-                request.state,
-                "invalid_client",
-                "Unknown client_id",
-            )
-
-        if not app.is_active:
-            return _error_redirect_url(
-                request.redirect_uri,
-                request.state,
-                "invalid_client",
-                "Application is not active",
-            )
-
-        # Validate redirect URI
-        if not validate_redirect_uri(app, request.redirect_uri):
-            # For invalid redirect_uri, we can't redirect safely
-            # Must return error instead
-            raise HTTPException(
-                status_code=status.HTTP_400_BAD_REQUEST,
-                detail=(
-                    "Invalid redirect_uri. "
-                    f"Must be one of: {', '.join(app.redirect_uris)}"
-                ),
-            )
-
-        # Parse and validate scopes
-        try:
-            requested_scopes = [APIKeyPermission(s.strip()) for s in request.scopes]
-        except ValueError as e:
-            return _error_redirect_url(
-                request.redirect_uri,
-                request.state,
-                "invalid_scope",
-                f"Invalid scope: {e}",
-            )
-
-        if not requested_scopes:
-            return _error_redirect_url(
-                request.redirect_uri,
-                request.state,
-                "invalid_scope",
-                "At least one scope is required",
-            )
-
-        if not validate_scopes(app, requested_scopes):
-            return _error_redirect_url(
-                request.redirect_uri,
-                request.state,
-                "invalid_scope",
-                "Application is not authorized for all requested scopes. "
-                f"Allowed: {', '.join(s.value for s in app.scopes)}",
-            )
-
-        # Create authorization code
-        auth_code = await create_authorization_code(
-            application_id=app.id,
-            user_id=user_id,
-            scopes=requested_scopes,
-            redirect_uri=request.redirect_uri,
-            code_challenge=request.code_challenge,
-            code_challenge_method=request.code_challenge_method,
-        )
-
-        # Build redirect URL with authorization code
-        params = {
-            "code": auth_code.code,
-            "state": request.state,
-        }
-        redirect_url = f"{request.redirect_uri}?{urlencode(params)}"
-
-        logger.info(
-            f"Authorization code issued for user #{user_id} "
-            f"and app {app.name} (#{app.id})"
-        )
-
-        return AuthorizeResponse(redirect_url=redirect_url)
-
-    except HTTPException:
-        raise
-    except Exception as e:
-        logger.error(f"Error in authorization endpoint: {e}", exc_info=True)
-        return _error_redirect_url(
-            request.redirect_uri,
-            request.state,
-            "server_error",
-            "An unexpected error occurred",
-        )
-
-
-def _error_redirect_url(
-    redirect_uri: str,
-    state: str,
-    error: str,
-    error_description: Optional[str] = None,
-) -> AuthorizeResponse:
-    """Helper to build redirect URL with OAuth error parameters"""
-    params = {
-        "error": error,
-        "state": state,
-    }
-    if error_description:
-        params["error_description"] = error_description
-
-    redirect_url = f"{redirect_uri}?{urlencode(params)}"
-    return AuthorizeResponse(redirect_url=redirect_url)
-
-
-# ============================================================================
-# Token Endpoint
-# ============================================================================
-
-
-class TokenRequestByCode(BaseModel):
-    grant_type: Literal["authorization_code"]
-    code: str = Field(description="Authorization code")
-    redirect_uri: str = Field(
-        description="Redirect URI (must match authorization request)"
-    )
-    client_id: str
-    client_secret: str
-    code_verifier: str = Field(description="PKCE code verifier")
-
-
-class TokenRequestByRefreshToken(BaseModel):
-    grant_type: Literal["refresh_token"]
-    refresh_token: str
-    client_id: str
-    client_secret: str
-
-
-@router.post("/token")
-async def token(
-    request: TokenRequestByCode | TokenRequestByRefreshToken = Body(),
-) -> TokenResponse:
-    """
-    OAuth 2.0 Token Endpoint
-
-    Exchanges authorization code or refresh token for access token.
-
-    Grant Types:
-    1. authorization_code: Exchange authorization code for tokens
-       - Required: grant_type, code, redirect_uri, client_id, client_secret
-       - Optional: code_verifier (required if PKCE was used)
-
-    2. refresh_token: Exchange refresh token for new access token
-       - Required: grant_type, refresh_token, client_id, client_secret
-
-    Returns:
-    - access_token: Bearer token for API access (1 hour TTL)
-    - token_type: "Bearer"
-    - expires_in: Seconds until access token expires
-    - refresh_token: Token for refreshing access (30 days TTL)
-    - scopes: List of scopes
-    """
-    # Validate client credentials
-    try:
-        app = await validate_client_credentials(
-            request.client_id, request.client_secret
-        )
-    except InvalidClientError as e:
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail=str(e),
-        )
-
-    # Handle authorization_code grant
-    if request.grant_type == "authorization_code":
-        # Consume authorization code
-        try:
-            user_id, scopes = await consume_authorization_code(
-                code=request.code,
-                application_id=app.id,
-                redirect_uri=request.redirect_uri,
-                code_verifier=request.code_verifier,
-            )
-        except InvalidGrantError as e:
-            raise HTTPException(
-                status_code=status.HTTP_400_BAD_REQUEST,
-                detail=str(e),
-            )
-
-        # Create access and refresh tokens
-        access_token = await create_access_token(app.id, user_id, scopes)
-        refresh_token = await create_refresh_token(app.id, user_id, scopes)
-
-        logger.info(
-            f"Access token issued for user #{user_id} and app {app.name} (#{app.id})"
-            "via authorization code"
-        )
-
-        if not access_token.token or not refresh_token.token:
-            raise HTTPException(
-                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-                detail="Failed to generate tokens",
-            )
-
-        return TokenResponse(
-            token_type="Bearer",
-            access_token=access_token.token.get_secret_value(),
-            access_token_expires_at=access_token.expires_at,
-            refresh_token=refresh_token.token.get_secret_value(),
-            refresh_token_expires_at=refresh_token.expires_at,
-            scopes=list(s.value for s in scopes),
-        )
-
-    # Handle refresh_token grant
-    elif request.grant_type == "refresh_token":
-        # Refresh access token
-        try:
-            new_access_token, new_refresh_token = await refresh_tokens(
-                request.refresh_token, app.id
-            )
-        except InvalidGrantError as e:
-            raise HTTPException(
-                status_code=status.HTTP_400_BAD_REQUEST,
-                detail=str(e),
-            )
-
-        logger.info(
-            f"Tokens refreshed for user #{new_access_token.user_id} "
-            f"by app {app.name} (#{app.id})"
-        )
-
-        if not new_access_token.token or not new_refresh_token.token:
-            raise HTTPException(
-                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-                detail="Failed to generate tokens",
-            )
-
-        return TokenResponse(
-            token_type="Bearer",
-            access_token=new_access_token.token.get_secret_value(),
-            access_token_expires_at=new_access_token.expires_at,
-            refresh_token=new_refresh_token.token.get_secret_value(),
-            refresh_token_expires_at=new_refresh_token.expires_at,
-            scopes=list(s.value for s in new_access_token.scopes),
-        )
-
-    else:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail=f"Unsupported grant_type: {request.grant_type}. "
-            "Must be 'authorization_code' or 'refresh_token'",
-        )
-
-
-# ============================================================================
-# Token Introspection Endpoint
-# ============================================================================
-
-
-@router.post("/introspect")
-async def introspect(
-    token: str = Body(description="Token to introspect"),
-    token_type_hint: Optional[Literal["access_token", "refresh_token"]] = Body(
-        None, description="Hint about token type ('access_token' or 'refresh_token')"
-    ),
-    client_id: str = Body(description="Client identifier"),
-    client_secret: str = Body(description="Client secret"),
-) -> TokenIntrospectionResult:
-    """
-    OAuth 2.0 Token Introspection Endpoint (RFC 7662)
-
-    Allows clients to check if a token is valid and get its metadata.
-
-    Returns:
-    - active: Whether the token is currently active
-    - scopes: List of authorized scopes (if active)
-    - client_id: The client the token was issued to (if active)
-    - user_id: The user the token represents (if active)
-    - exp: Expiration timestamp (if active)
-    - token_type: "access_token" or "refresh_token" (if active)
-    """
-    # Validate client credentials
-    try:
-        await validate_client_credentials(client_id, client_secret)
-    except InvalidClientError as e:
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail=str(e),
-        )
-
-    # Introspect the token
-    return await introspect_token(token, token_type_hint)
-
-
-# ============================================================================
-# Token Revocation Endpoint
-# ============================================================================
-
-
-@router.post("/revoke")
-async def revoke(
-    token: str = Body(description="Token to revoke"),
-    token_type_hint: Optional[Literal["access_token", "refresh_token"]] = Body(
-        None, description="Hint about token type ('access_token' or 'refresh_token')"
-    ),
-    client_id: str = Body(description="Client identifier"),
-    client_secret: str = Body(description="Client secret"),
-):
-    """
-    OAuth 2.0 Token Revocation Endpoint (RFC 7009)
-
-    Allows clients to revoke an access or refresh token.
-
-    Note: Revoking a refresh token does NOT revoke associated access tokens.
-    Revoking an access token does NOT revoke the associated refresh token.
-    """
-    # Validate client credentials
-    try:
-        app = await validate_client_credentials(client_id, client_secret)
-    except InvalidClientError as e:
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail=str(e),
-        )
-
-    # Try to revoke as access token first
-    # Note: We pass app.id to ensure the token belongs to the authenticated app
-    if token_type_hint != "refresh_token":
-        revoked = await revoke_access_token(token, app.id)
-        if revoked:
-            logger.info(
-                f"Access token revoked for app {app.name} (#{app.id}); "
-                f"user #{revoked.user_id}"
-            )
-            return {"status": "ok"}
-
-    # Try to revoke as refresh token
-    revoked = await revoke_refresh_token(token, app.id)
-    if revoked:
-        logger.info(
-            f"Refresh token revoked for app {app.name} (#{app.id}); "
-            f"user #{revoked.user_id}"
-        )
-        return {"status": "ok"}
-
-    # Per RFC 7009, revocation endpoint returns 200 even if token not found
-    # or if token belongs to a different application.
-    # This prevents token scanning attacks.
-    logger.warning(f"Unsuccessful token revocation attempt by app {app.name} #{app.id}")
-    return {"status": "ok"}
-
-
-# ============================================================================
-# Application Management Endpoints (for app owners)
-# ============================================================================
-
-
-@router.get("/apps/mine")
-async def list_my_oauth_apps(
-    user_id: str = Security(get_user_id),
-) -> list[OAuthApplicationInfo]:
-    """
-    List all OAuth applications owned by the current user.
-
-    Returns a list of OAuth applications with their details including:
-    - id, name, description, logo_url
-    - client_id (public identifier)
-    - redirect_uris, grant_types, scopes
-    - is_active status
-    - created_at, updated_at timestamps
-
-    Note: client_secret is never returned for security reasons.
-    """
-    return await list_user_oauth_applications(user_id)
-
-
-@router.patch("/apps/{app_id}/status")
-async def update_app_status(
-    app_id: str,
-    user_id: str = Security(get_user_id),
-    is_active: bool = Body(description="Whether the app should be active", embed=True),
-) -> OAuthApplicationInfo:
-    """
-    Enable or disable an OAuth application.
-
-    Only the application owner can update the status.
-    When disabled, the application cannot be used for new authorizations
-    and existing access tokens will fail validation.
-
-    Returns the updated application info.
-    """
-    updated_app = await update_oauth_application(
-        app_id=app_id,
-        owner_id=user_id,
-        is_active=is_active,
-    )
-
-    if not updated_app:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail="Application not found or you don't have permission to update it",
-        )
-
-    action = "enabled" if is_active else "disabled"
-    logger.info(f"OAuth app {updated_app.name} (#{app_id}) {action} by user #{user_id}")
-
-    return updated_app
-
-
-class UpdateAppLogoRequest(BaseModel):
-    logo_url: str = Field(description="URL of the uploaded logo image")
-
-
-@router.patch("/apps/{app_id}/logo")
-async def update_app_logo(
-    app_id: str,
-    request: UpdateAppLogoRequest = Body(),
-    user_id: str = Security(get_user_id),
-) -> OAuthApplicationInfo:
-    """
-    Update the logo URL for an OAuth application.
-
-    Only the application owner can update the logo.
-    The logo should be uploaded first using the media upload endpoint,
-    then this endpoint is called with the resulting URL.
-
-    Logo requirements:
-    - Must be square (1:1 aspect ratio)
-    - Minimum 512x512 pixels
-    - Maximum 2048x2048 pixels
-
-    Returns the updated application info.
-    """
-    if (
-        not (app := await get_oauth_application_by_id(app_id))
-        or app.owner_id != user_id
-    ):
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail="OAuth App not found",
-        )
-
-    # Delete the current app logo file (if any and it's in our cloud storage)
-    await _delete_app_current_logo_file(app)
-
-    updated_app = await update_oauth_application(
-        app_id=app_id,
-        owner_id=user_id,
-        logo_url=request.logo_url,
-    )
-
-    if not updated_app:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail="Application not found or you don't have permission to update it",
-        )
-
-    logger.info(
-        f"OAuth app {updated_app.name} (#{app_id}) logo updated by user #{user_id}"
-    )
-
-    return updated_app
-
-
-# Logo upload constraints
-LOGO_MIN_SIZE = 512
-LOGO_MAX_SIZE = 2048
-LOGO_ALLOWED_TYPES = {"image/jpeg", "image/png", "image/webp"}
-LOGO_MAX_FILE_SIZE = 3 * 1024 * 1024  # 3MB
-
-
-@router.post("/apps/{app_id}/logo/upload")
-async def upload_app_logo(
-    app_id: str,
-    file: UploadFile,
-    user_id: str = Security(get_user_id),
-) -> OAuthApplicationInfo:
-    """
-    Upload a logo image for an OAuth application.
-
-    Requirements:
-    - Image must be square (1:1 aspect ratio)
-    - Minimum 512x512 pixels
-    - Maximum 2048x2048 pixels
-    - Allowed formats: JPEG, PNG, WebP
-    - Maximum file size: 3MB
-
-    The image is uploaded to cloud storage and the app's logoUrl is updated.
-    Returns the updated application info.
-    """
-    # Verify ownership to reduce vulnerability to DoS(torage) or DoM(oney) attacks
-    if (
-        not (app := await get_oauth_application_by_id(app_id))
-        or app.owner_id != user_id
-    ):
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail="OAuth App not found",
-        )
-
-    # Check GCS configuration
-    if not settings.config.media_gcs_bucket_name:
-        raise HTTPException(
-            status_code=status.HTTP_503_SERVICE_UNAVAILABLE,
-            detail="Media storage is not configured",
-        )
-
-    # Validate content type
-    content_type = file.content_type
-    if content_type not in LOGO_ALLOWED_TYPES:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail=f"Invalid file type. Allowed: JPEG, PNG, WebP. Got: {content_type}",
-        )
-
-    # Read file content
-    try:
-        file_bytes = await file.read()
-    except Exception as e:
-        logger.error(f"Error reading logo file: {e}")
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="Failed to read uploaded file",
-        )
-
-    # Check file size
-    if len(file_bytes) > LOGO_MAX_FILE_SIZE:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail=(
-                "File too large. "
-                f"Maximum size is {LOGO_MAX_FILE_SIZE // 1024 // 1024}MB"
-            ),
-        )
-
-    # Validate image dimensions
-    try:
-        image = Image.open(io.BytesIO(file_bytes))
-        width, height = image.size
-
-        if width != height:
-            raise HTTPException(
-                status_code=status.HTTP_400_BAD_REQUEST,
-                detail=f"Logo must be square. Got {width}x{height}",
-            )
-
-        if width < LOGO_MIN_SIZE:
-            raise HTTPException(
-                status_code=status.HTTP_400_BAD_REQUEST,
-                detail=f"Logo too small. Minimum {LOGO_MIN_SIZE}x{LOGO_MIN_SIZE}. "
-                f"Got {width}x{height}",
-            )
-
-        if width > LOGO_MAX_SIZE:
-            raise HTTPException(
-                status_code=status.HTTP_400_BAD_REQUEST,
-                detail=f"Logo too large. Maximum {LOGO_MAX_SIZE}x{LOGO_MAX_SIZE}. "
-                f"Got {width}x{height}",
-            )
-    except HTTPException:
-        raise
-    except Exception as e:
-        logger.error(f"Error validating logo image: {e}")
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="Invalid image file",
-        )
-
-    # Scan for viruses
-    filename = file.filename or "logo"
-    await scan_content_safe(file_bytes, filename=filename)
-
-    # Generate unique filename
-    file_ext = os.path.splitext(filename)[1].lower() or ".png"
-    unique_filename = f"{uuid.uuid4()}{file_ext}"
-    storage_path = f"oauth-apps/{app_id}/logo/{unique_filename}"
-
-    # Upload to GCS
-    try:
-        async with async_storage.Storage() as async_client:
-            bucket_name = settings.config.media_gcs_bucket_name
-
-            await async_client.upload(
-                bucket_name, storage_path, file_bytes, content_type=content_type
-            )
-
-            logo_url = f"https://storage.googleapis.com/{bucket_name}/{storage_path}"
-    except Exception as e:
-        logger.error(f"Error uploading logo to GCS: {e}")
-        raise HTTPException(
-            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail="Failed to upload logo",
-        )
-
-    # Delete the current app logo file (if any and it's in our cloud storage)
-    await _delete_app_current_logo_file(app)
-
-    # Update the app with the new logo URL
-    updated_app = await update_oauth_application(
-        app_id=app_id,
-        owner_id=user_id,
-        logo_url=logo_url,
-    )
-
-    if not updated_app:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail="Application not found or you don't have permission to update it",
-        )
-
-    logger.info(
-        f"OAuth app {updated_app.name} (#{app_id}) logo uploaded by user #{user_id}"
-    )
-
-    return updated_app
-
-
-async def _delete_app_current_logo_file(app: OAuthApplicationInfo):
-    """
-    Delete the current logo file for the given app, if there is one in our cloud storage
-    """
-    bucket_name = settings.config.media_gcs_bucket_name
-    storage_base_url = f"https://storage.googleapis.com/{bucket_name}/"
-
-    if app.logo_url and app.logo_url.startswith(storage_base_url):
-        # Parse blob path from URL: https://storage.googleapis.com/{bucket}/{path}
-        old_path = app.logo_url.replace(storage_base_url, "")
-        try:
-            async with async_storage.Storage() as async_client:
-                await async_client.delete(bucket_name, old_path)
-            logger.info(f"Deleted old logo for OAuth app #{app.id}: {old_path}")
-        except Exception as e:
-            # Log but don't fail - the new logo was uploaded successfully
-            logger.warning(
-                f"Failed to delete old logo for OAuth app #{app.id}: {e}", exc_info=e
-            )

autogpt_platform/backend/backend/api/features/store/content_handlers.py

@@ -1,417 +0,0 @@
-"""
-Content Type Handlers for Unified Embeddings
-
-Pluggable system for different content sources (store agents, blocks, docs).
-Each handler knows how to fetch and process its content type for embedding.
-"""
-
-import logging
-from abc import ABC, abstractmethod
-from dataclasses import dataclass
-from pathlib import Path
-from typing import Any
-
-from prisma.enums import ContentType
-
-from backend.data.db import query_raw_with_schema
-
-logger = logging.getLogger(__name__)
-
-
-@dataclass
-class ContentItem:
-    """Represents a piece of content to be embedded."""
-
-    content_id: str  # Unique identifier (DB ID or file path)
-    content_type: ContentType
-    searchable_text: str  # Combined text for embedding
-    metadata: dict[str, Any]  # Content-specific metadata
-    user_id: str | None = None  # For user-scoped content
-
-
-class ContentHandler(ABC):
-    """Base handler for fetching and processing content for embeddings."""
-
-    @property
-    @abstractmethod
-    def content_type(self) -> ContentType:
-        """The ContentType this handler manages."""
-        pass
-
-    @abstractmethod
-    async def get_missing_items(self, batch_size: int) -> list[ContentItem]:
-        """
-        Fetch items that don't have embeddings yet.
-
-        Args:
-            batch_size: Maximum number of items to return
-
-        Returns:
-            List of ContentItem objects ready for embedding
-        """
-        pass
-
-    @abstractmethod
-    async def get_stats(self) -> dict[str, int]:
-        """
-        Get statistics about embedding coverage.
-
-        Returns:
-            Dict with keys: total, with_embeddings, without_embeddings
-        """
-        pass
-
-
-class StoreAgentHandler(ContentHandler):
-    """Handler for marketplace store agent listings."""
-
-    @property
-    def content_type(self) -> ContentType:
-        return ContentType.STORE_AGENT
-
-    async def get_missing_items(self, batch_size: int) -> list[ContentItem]:
-        """Fetch approved store listings without embeddings."""
-        from backend.api.features.store.embeddings import build_searchable_text
-
-        missing = await query_raw_with_schema(
-            """
-            SELECT
-                slv.id,
-                slv.name,
-                slv.description,
-                slv."subHeading",
-                slv.categories
-            FROM {schema_prefix}"StoreListingVersion" slv
-            LEFT JOIN {schema_prefix}"UnifiedContentEmbedding" uce
-                ON slv.id = uce."contentId" AND uce."contentType" = 'STORE_AGENT'::{schema_prefix}"ContentType"
-            WHERE slv."submissionStatus" = 'APPROVED'
-            AND slv."isDeleted" = false
-            AND uce."contentId" IS NULL
-            LIMIT $1
-            """,
-            batch_size,
-        )
-
-        return [
-            ContentItem(
-                content_id=row["id"],
-                content_type=ContentType.STORE_AGENT,
-                searchable_text=build_searchable_text(
-                    name=row["name"],
-                    description=row["description"],
-                    sub_heading=row["subHeading"],
-                    categories=row["categories"] or [],
-                ),
-                metadata={
-                    "name": row["name"],
-                    "categories": row["categories"] or [],
-                },
-                user_id=None,  # Store agents are public
-            )
-            for row in missing
-        ]
-
-    async def get_stats(self) -> dict[str, int]:
-        """Get statistics about store agent embedding coverage."""
-        # Count approved versions
-        approved_result = await query_raw_with_schema(
-            """
-            SELECT COUNT(*) as count
-            FROM {schema_prefix}"StoreListingVersion"
-            WHERE "submissionStatus" = 'APPROVED'
-            AND "isDeleted" = false
-            """
-        )
-        total_approved = approved_result[0]["count"] if approved_result else 0
-
-        # Count versions with embeddings
-        embedded_result = await query_raw_with_schema(
-            """
-            SELECT COUNT(*) as count
-            FROM {schema_prefix}"StoreListingVersion" slv
-            JOIN {schema_prefix}"UnifiedContentEmbedding" uce ON slv.id = uce."contentId" AND uce."contentType" = 'STORE_AGENT'::{schema_prefix}"ContentType"
-            WHERE slv."submissionStatus" = 'APPROVED'
-            AND slv."isDeleted" = false
-            """
-        )
-        with_embeddings = embedded_result[0]["count"] if embedded_result else 0
-
-        return {
-            "total": total_approved,
-            "with_embeddings": with_embeddings,
-            "without_embeddings": total_approved - with_embeddings,
-        }
-
-
-class BlockHandler(ContentHandler):
-    """Handler for block definitions (Python classes)."""
-
-    @property
-    def content_type(self) -> ContentType:
-        return ContentType.BLOCK
-
-    async def get_missing_items(self, batch_size: int) -> list[ContentItem]:
-        """Fetch blocks without embeddings."""
-        from backend.data.block import get_blocks
-
-        # Get all available blocks
-        all_blocks = get_blocks()
-
-        # Check which ones have embeddings
-        if not all_blocks:
-            return []
-
-        block_ids = list(all_blocks.keys())
-
-        # Query for existing embeddings
-        placeholders = ",".join([f"${i+1}" for i in range(len(block_ids))])
-        existing_result = await query_raw_with_schema(
-            f"""
-            SELECT "contentId"
-            FROM {{schema_prefix}}"UnifiedContentEmbedding"
-            WHERE "contentType" = 'BLOCK'::{{schema_prefix}}"ContentType"
-            AND "contentId" = ANY(ARRAY[{placeholders}])
-            """,
-            *block_ids,
-        )
-
-        existing_ids = {row["contentId"] for row in existing_result}
-        missing_blocks = [
-            (block_id, block_cls)
-            for block_id, block_cls in all_blocks.items()
-            if block_id not in existing_ids
-        ]
-
-        # Convert to ContentItem
-        items = []
-        for block_id, block_cls in missing_blocks[:batch_size]:
-            try:
-                block_instance = block_cls()
-
-                # Build searchable text from block metadata
-                parts = []
-                if hasattr(block_instance, "name") and block_instance.name:
-                    parts.append(block_instance.name)
-                if (
-                    hasattr(block_instance, "description")
-                    and block_instance.description
-                ):
-                    parts.append(block_instance.description)
-                if hasattr(block_instance, "categories") and block_instance.categories:
-                    # Convert BlockCategory enum to strings
-                    parts.append(
-                        " ".join(str(cat.value) for cat in block_instance.categories)
-                    )
-
-                # Add input/output schema info
-                if hasattr(block_instance, "input_schema"):
-                    schema = block_instance.input_schema
-                    if hasattr(schema, "model_json_schema"):
-                        schema_dict = schema.model_json_schema()
-                        if "properties" in schema_dict:
-                            for prop_name, prop_info in schema_dict[
-                                "properties"
-                            ].items():
-                                if "description" in prop_info:
-                                    parts.append(
-                                        f"{prop_name}: {prop_info['description']}"
-                                    )
-
-                searchable_text = " ".join(parts)
-
-                items.append(
-                    ContentItem(
-                        content_id=block_id,
-                        content_type=ContentType.BLOCK,
-                        searchable_text=searchable_text,
-                        metadata={
-                            "name": getattr(block_instance, "name", ""),
-                            "categories": getattr(block_instance, "categories", []),
-                        },
-                        user_id=None,  # Blocks are public
-                    )
-                )
-            except Exception as e:
-                logger.warning(f"Failed to process block {block_id}: {e}")
-                continue
-
-        return items
-
-    async def get_stats(self) -> dict[str, int]:
-        """Get statistics about block embedding coverage."""
-        from backend.data.block import get_blocks
-
-        all_blocks = get_blocks()
-        total_blocks = len(all_blocks)
-
-        if total_blocks == 0:
-            return {"total": 0, "with_embeddings": 0, "without_embeddings": 0}
-
-        block_ids = list(all_blocks.keys())
-        placeholders = ",".join([f"${i+1}" for i in range(len(block_ids))])
-
-        embedded_result = await query_raw_with_schema(
-            f"""
-            SELECT COUNT(*) as count
-            FROM {{schema_prefix}}"UnifiedContentEmbedding"
-            WHERE "contentType" = 'BLOCK'::{{schema_prefix}}"ContentType"
-            AND "contentId" = ANY(ARRAY[{placeholders}])
-            """,
-            *block_ids,
-        )
-
-        with_embeddings = embedded_result[0]["count"] if embedded_result else 0
-
-        return {
-            "total": total_blocks,
-            "with_embeddings": with_embeddings,
-            "without_embeddings": total_blocks - with_embeddings,
-        }
-
-
-class DocumentationHandler(ContentHandler):
-    """Handler for documentation files (.md/.mdx)."""
-
-    @property
-    def content_type(self) -> ContentType:
-        return ContentType.DOCUMENTATION
-
-    def _get_docs_root(self) -> Path:
-        """Get the documentation root directory."""
-        # Assuming docs are in /docs relative to project root
-        backend_root = Path(__file__).parent.parent.parent.parent
-        docs_root = backend_root.parent.parent / "docs"
-        return docs_root
-
-    def _extract_title_and_content(self, file_path: Path) -> tuple[str, str]:
-        """Extract title and content from markdown file."""
-        try:
-            content = file_path.read_text(encoding="utf-8")
-
-            # Try to extract title from first # heading
-            lines = content.split("\n")
-            title = ""
-            body_lines = []
-
-            for line in lines:
-                if line.startswith("# ") and not title:
-                    title = line[2:].strip()
-                else:
-                    body_lines.append(line)
-
-            # If no title found, use filename
-            if not title:
-                title = file_path.stem.replace("-", " ").replace("_", " ").title()
-
-            body = "\n".join(body_lines)
-
-            return title, body
-        except Exception as e:
-            logger.warning(f"Failed to read {file_path}: {e}")
-            return file_path.stem, ""
-
-    async def get_missing_items(self, batch_size: int) -> list[ContentItem]:
-        """Fetch documentation files without embeddings."""
-        docs_root = self._get_docs_root()
-
-        if not docs_root.exists():
-            logger.warning(f"Documentation root not found: {docs_root}")
-            return []
-
-        # Find all .md and .mdx files
-        all_docs = list(docs_root.rglob("*.md")) + list(docs_root.rglob("*.mdx"))
-
-        # Get relative paths for content IDs
-        doc_paths = [str(doc.relative_to(docs_root)) for doc in all_docs]
-
-        if not doc_paths:
-            return []
-
-        # Check which ones have embeddings
-        placeholders = ",".join([f"${i+1}" for i in range(len(doc_paths))])
-        existing_result = await query_raw_with_schema(
-            f"""
-            SELECT "contentId"
-            FROM {{schema_prefix}}"UnifiedContentEmbedding"
-            WHERE "contentType" = 'DOCUMENTATION'::{{schema_prefix}}"ContentType"
-            AND "contentId" = ANY(ARRAY[{placeholders}])
-            """,
-            *doc_paths,
-        )
-
-        existing_ids = {row["contentId"] for row in existing_result}
-        missing_docs = [
-            (doc_path, doc_file)
-            for doc_path, doc_file in zip(doc_paths, all_docs)
-            if doc_path not in existing_ids
-        ]
-
-        # Convert to ContentItem
-        items = []
-        for doc_path, doc_file in missing_docs[:batch_size]:
-            try:
-                title, content = self._extract_title_and_content(doc_file)
-
-                # Build searchable text
-                searchable_text = f"{title} {content}"
-
-                items.append(
-                    ContentItem(
-                        content_id=doc_path,
-                        content_type=ContentType.DOCUMENTATION,
-                        searchable_text=searchable_text,
-                        metadata={
-                            "title": title,
-                            "path": doc_path,
-                        },
-                        user_id=None,  # Documentation is public
-                    )
-                )
-            except Exception as e:
-                logger.warning(f"Failed to process doc {doc_path}: {e}")
-                continue
-
-        return items
-
-    async def get_stats(self) -> dict[str, int]:
-        """Get statistics about documentation embedding coverage."""
-        docs_root = self._get_docs_root()
-
-        if not docs_root.exists():
-            return {"total": 0, "with_embeddings": 0, "without_embeddings": 0}
-
-        # Count all .md and .mdx files
-        all_docs = list(docs_root.rglob("*.md")) + list(docs_root.rglob("*.mdx"))
-        total_docs = len(all_docs)
-
-        if total_docs == 0:
-            return {"total": 0, "with_embeddings": 0, "without_embeddings": 0}
-
-        doc_paths = [str(doc.relative_to(docs_root)) for doc in all_docs]
-        placeholders = ",".join([f"${i+1}" for i in range(len(doc_paths))])
-
-        embedded_result = await query_raw_with_schema(
-            f"""
-            SELECT COUNT(*) as count
-            FROM {{schema_prefix}}"UnifiedContentEmbedding"
-            WHERE "contentType" = 'DOCUMENTATION'::{{schema_prefix}}"ContentType"
-            AND "contentId" = ANY(ARRAY[{placeholders}])
-            """,
-            *doc_paths,
-        )
-
-        with_embeddings = embedded_result[0]["count"] if embedded_result else 0
-
-        return {
-            "total": total_docs,
-            "with_embeddings": with_embeddings,
-            "without_embeddings": total_docs - with_embeddings,
-        }
-
-
-# Content handler registry
-CONTENT_HANDLERS: dict[ContentType, ContentHandler] = {
-    ContentType.STORE_AGENT: StoreAgentHandler(),
-    ContentType.BLOCK: BlockHandler(),
-    ContentType.DOCUMENTATION: DocumentationHandler(),
-}

autogpt_platform/backend/backend/api/features/store/content_handlers_integration_test.py

@@ -1,215 +0,0 @@
-"""
-Integration tests for content handlers using real DB.
-
-Run with: poetry run pytest backend/api/features/store/content_handlers_integration_test.py -xvs
-
-These tests use the real database but mock OpenAI calls.
-"""
-
-from unittest.mock import patch
-
-import pytest
-
-from backend.api.features.store.content_handlers import (
-    CONTENT_HANDLERS,
-    BlockHandler,
-    DocumentationHandler,
-    StoreAgentHandler,
-)
-from backend.api.features.store.embeddings import (
-    EMBEDDING_DIM,
-    backfill_all_content_types,
-    ensure_content_embedding,
-    get_embedding_stats,
-)
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_store_agent_handler_real_db():
-    """Test StoreAgentHandler with real database queries."""
-    handler = StoreAgentHandler()
-
-    # Get stats from real DB
-    stats = await handler.get_stats()
-
-    # Stats should have correct structure
-    assert "total" in stats
-    assert "with_embeddings" in stats
-    assert "without_embeddings" in stats
-    assert stats["total"] >= 0
-    assert stats["with_embeddings"] >= 0
-    assert stats["without_embeddings"] >= 0
-
-    # Get missing items (max 1 to keep test fast)
-    items = await handler.get_missing_items(batch_size=1)
-
-    # Items should be list (may be empty if all have embeddings)
-    assert isinstance(items, list)
-
-    if items:
-        item = items[0]
-        assert item.content_id is not None
-        assert item.content_type.value == "STORE_AGENT"
-        assert item.searchable_text != ""
-        assert item.user_id is None
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_block_handler_real_db():
-    """Test BlockHandler with real database queries."""
-    handler = BlockHandler()
-
-    # Get stats from real DB
-    stats = await handler.get_stats()
-
-    # Stats should have correct structure
-    assert "total" in stats
-    assert "with_embeddings" in stats
-    assert "without_embeddings" in stats
-    assert stats["total"] >= 0  # Should have at least some blocks
-    assert stats["with_embeddings"] >= 0
-    assert stats["without_embeddings"] >= 0
-
-    # Get missing items (max 1 to keep test fast)
-    items = await handler.get_missing_items(batch_size=1)
-
-    # Items should be list
-    assert isinstance(items, list)
-
-    if items:
-        item = items[0]
-        assert item.content_id is not None  # Should be block UUID
-        assert item.content_type.value == "BLOCK"
-        assert item.searchable_text != ""
-        assert item.user_id is None
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_documentation_handler_real_fs():
-    """Test DocumentationHandler with real filesystem."""
-    handler = DocumentationHandler()
-
-    # Get stats from real filesystem
-    stats = await handler.get_stats()
-
-    # Stats should have correct structure
-    assert "total" in stats
-    assert "with_embeddings" in stats
-    assert "without_embeddings" in stats
-    assert stats["total"] >= 0
-    assert stats["with_embeddings"] >= 0
-    assert stats["without_embeddings"] >= 0
-
-    # Get missing items (max 1 to keep test fast)
-    items = await handler.get_missing_items(batch_size=1)
-
-    # Items should be list
-    assert isinstance(items, list)
-
-    if items:
-        item = items[0]
-        assert item.content_id is not None  # Should be relative path
-        assert item.content_type.value == "DOCUMENTATION"
-        assert item.searchable_text != ""
-        assert item.user_id is None
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_get_embedding_stats_all_types():
-    """Test get_embedding_stats aggregates all content types."""
-    stats = await get_embedding_stats()
-
-    # Should have structure with by_type and totals
-    assert "by_type" in stats
-    assert "totals" in stats
-
-    # Check each content type is present
-    by_type = stats["by_type"]
-    assert "STORE_AGENT" in by_type
-    assert "BLOCK" in by_type
-    assert "DOCUMENTATION" in by_type
-
-    # Check totals are aggregated
-    totals = stats["totals"]
-    assert totals["total"] >= 0
-    assert totals["with_embeddings"] >= 0
-    assert totals["without_embeddings"] >= 0
-    assert "coverage_percent" in totals
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@patch("backend.api.features.store.embeddings.generate_embedding")
-async def test_ensure_content_embedding_blocks(mock_generate):
-    """Test creating embeddings for blocks (mocked OpenAI)."""
-    # Mock OpenAI to return fake embedding
-    mock_generate.return_value = [0.1] * EMBEDDING_DIM
-
-    # Get one block without embedding
-    handler = BlockHandler()
-    items = await handler.get_missing_items(batch_size=1)
-
-    if not items:
-        pytest.skip("No blocks without embeddings")
-
-    item = items[0]
-
-    # Try to create embedding (OpenAI mocked)
-    result = await ensure_content_embedding(
-        content_type=item.content_type,
-        content_id=item.content_id,
-        searchable_text=item.searchable_text,
-        metadata=item.metadata,
-        user_id=item.user_id,
-    )
-
-    # Should succeed with mocked OpenAI
-    assert result is True
-    mock_generate.assert_called_once()
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@patch("backend.api.features.store.embeddings.generate_embedding")
-async def test_backfill_all_content_types_dry_run(mock_generate):
-    """Test backfill_all_content_types processes all handlers in order."""
-    # Mock OpenAI to return fake embedding
-    mock_generate.return_value = [0.1] * EMBEDDING_DIM
-
-    # Run backfill with batch_size=1 to process max 1 per type
-    result = await backfill_all_content_types(batch_size=1)
-
-    # Should have results for all content types
-    assert "by_type" in result
-    assert "totals" in result
-
-    by_type = result["by_type"]
-    assert "BLOCK" in by_type
-    assert "STORE_AGENT" in by_type
-    assert "DOCUMENTATION" in by_type
-
-    # Each type should have correct structure
-    for content_type, type_result in by_type.items():
-        assert "processed" in type_result
-        assert "success" in type_result
-        assert "failed" in type_result
-
-    # Totals should aggregate
-    totals = result["totals"]
-    assert totals["processed"] >= 0
-    assert totals["success"] >= 0
-    assert totals["failed"] >= 0
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_content_handler_registry():
-    """Test all handlers are registered in correct order."""
-    from prisma.enums import ContentType
-
-    # All three types should be registered
-    assert ContentType.STORE_AGENT in CONTENT_HANDLERS
-    assert ContentType.BLOCK in CONTENT_HANDLERS
-    assert ContentType.DOCUMENTATION in CONTENT_HANDLERS
-
-    # Check handler types
-    assert isinstance(CONTENT_HANDLERS[ContentType.STORE_AGENT], StoreAgentHandler)
-    assert isinstance(CONTENT_HANDLERS[ContentType.BLOCK], BlockHandler)
-    assert isinstance(CONTENT_HANDLERS[ContentType.DOCUMENTATION], DocumentationHandler)

autogpt_platform/backend/backend/api/features/store/content_handlers_test.py

@@ -1,324 +0,0 @@
-"""
-E2E tests for content handlers (blocks, store agents, documentation).
-
-Tests the full flow: discovering content → generating embeddings → storing.
-"""
-
-from pathlib import Path
-from unittest.mock import MagicMock, patch
-
-import pytest
-from prisma.enums import ContentType
-
-from backend.api.features.store.content_handlers import (
-    CONTENT_HANDLERS,
-    BlockHandler,
-    DocumentationHandler,
-    StoreAgentHandler,
-)
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_store_agent_handler_get_missing_items(mocker):
-    """Test StoreAgentHandler fetches approved agents without embeddings."""
-    handler = StoreAgentHandler()
-
-    # Mock database query
-    mock_missing = [
-        {
-            "id": "agent-1",
-            "name": "Test Agent",
-            "description": "A test agent",
-            "subHeading": "Test heading",
-            "categories": ["AI", "Testing"],
-        }
-    ]
-
-    with patch(
-        "backend.api.features.store.content_handlers.query_raw_with_schema",
-        return_value=mock_missing,
-    ):
-        items = await handler.get_missing_items(batch_size=10)
-
-        assert len(items) == 1
-        assert items[0].content_id == "agent-1"
-        assert items[0].content_type == ContentType.STORE_AGENT
-        assert "Test Agent" in items[0].searchable_text
-        assert "A test agent" in items[0].searchable_text
-        assert items[0].metadata["name"] == "Test Agent"
-        assert items[0].user_id is None
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_store_agent_handler_get_stats(mocker):
-    """Test StoreAgentHandler returns correct stats."""
-    handler = StoreAgentHandler()
-
-    # Mock approved count query
-    mock_approved = [{"count": 50}]
-    # Mock embedded count query
-    mock_embedded = [{"count": 30}]
-
-    with patch(
-        "backend.api.features.store.content_handlers.query_raw_with_schema",
-        side_effect=[mock_approved, mock_embedded],
-    ):
-        stats = await handler.get_stats()
-
-        assert stats["total"] == 50
-        assert stats["with_embeddings"] == 30
-        assert stats["without_embeddings"] == 20
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_block_handler_get_missing_items(mocker):
-    """Test BlockHandler discovers blocks without embeddings."""
-    handler = BlockHandler()
-
-    # Mock get_blocks to return test blocks
-    mock_block_class = MagicMock()
-    mock_block_instance = MagicMock()
-    mock_block_instance.name = "Calculator Block"
-    mock_block_instance.description = "Performs calculations"
-    mock_block_instance.categories = [MagicMock(value="MATH")]
-    mock_block_instance.input_schema.model_json_schema.return_value = {
-        "properties": {"expression": {"description": "Math expression to evaluate"}}
-    }
-    mock_block_class.return_value = mock_block_instance
-
-    mock_blocks = {"block-uuid-1": mock_block_class}
-
-    # Mock existing embeddings query (no embeddings exist)
-    mock_existing = []
-
-    with patch(
-        "backend.data.block.get_blocks",
-        return_value=mock_blocks,
-    ):
-        with patch(
-            "backend.api.features.store.content_handlers.query_raw_with_schema",
-            return_value=mock_existing,
-        ):
-            items = await handler.get_missing_items(batch_size=10)
-
-            assert len(items) == 1
-            assert items[0].content_id == "block-uuid-1"
-            assert items[0].content_type == ContentType.BLOCK
-            assert "Calculator Block" in items[0].searchable_text
-            assert "Performs calculations" in items[0].searchable_text
-            assert "MATH" in items[0].searchable_text
-            assert "expression: Math expression" in items[0].searchable_text
-            assert items[0].user_id is None
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_block_handler_get_stats(mocker):
-    """Test BlockHandler returns correct stats."""
-    handler = BlockHandler()
-
-    # Mock get_blocks
-    mock_blocks = {
-        "block-1": MagicMock(),
-        "block-2": MagicMock(),
-        "block-3": MagicMock(),
-    }
-
-    # Mock embedded count query (2 blocks have embeddings)
-    mock_embedded = [{"count": 2}]
-
-    with patch(
-        "backend.data.block.get_blocks",
-        return_value=mock_blocks,
-    ):
-        with patch(
-            "backend.api.features.store.content_handlers.query_raw_with_schema",
-            return_value=mock_embedded,
-        ):
-            stats = await handler.get_stats()
-
-            assert stats["total"] == 3
-            assert stats["with_embeddings"] == 2
-            assert stats["without_embeddings"] == 1
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_documentation_handler_get_missing_items(tmp_path, mocker):
-    """Test DocumentationHandler discovers docs without embeddings."""
-    handler = DocumentationHandler()
-
-    # Create temporary docs directory with test files
-    docs_root = tmp_path / "docs"
-    docs_root.mkdir()
-
-    (docs_root / "guide.md").write_text("# Getting Started\n\nThis is a guide.")
-    (docs_root / "api.mdx").write_text("# API Reference\n\nAPI documentation.")
-
-    # Mock _get_docs_root to return temp dir
-    with patch.object(handler, "_get_docs_root", return_value=docs_root):
-        # Mock existing embeddings query (no embeddings exist)
-        with patch(
-            "backend.api.features.store.content_handlers.query_raw_with_schema",
-            return_value=[],
-        ):
-            items = await handler.get_missing_items(batch_size=10)
-
-            assert len(items) == 2
-
-            # Check guide.md
-            guide_item = next(
-                (item for item in items if item.content_id == "guide.md"), None
-            )
-            assert guide_item is not None
-            assert guide_item.content_type == ContentType.DOCUMENTATION
-            assert "Getting Started" in guide_item.searchable_text
-            assert "This is a guide" in guide_item.searchable_text
-            assert guide_item.metadata["title"] == "Getting Started"
-            assert guide_item.user_id is None
-
-            # Check api.mdx
-            api_item = next(
-                (item for item in items if item.content_id == "api.mdx"), None
-            )
-            assert api_item is not None
-            assert "API Reference" in api_item.searchable_text
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_documentation_handler_get_stats(tmp_path, mocker):
-    """Test DocumentationHandler returns correct stats."""
-    handler = DocumentationHandler()
-
-    # Create temporary docs directory
-    docs_root = tmp_path / "docs"
-    docs_root.mkdir()
-    (docs_root / "doc1.md").write_text("# Doc 1")
-    (docs_root / "doc2.md").write_text("# Doc 2")
-    (docs_root / "doc3.mdx").write_text("# Doc 3")
-
-    # Mock embedded count query (1 doc has embedding)
-    mock_embedded = [{"count": 1}]
-
-    with patch.object(handler, "_get_docs_root", return_value=docs_root):
-        with patch(
-            "backend.api.features.store.content_handlers.query_raw_with_schema",
-            return_value=mock_embedded,
-        ):
-            stats = await handler.get_stats()
-
-            assert stats["total"] == 3
-            assert stats["with_embeddings"] == 1
-            assert stats["without_embeddings"] == 2
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_documentation_handler_title_extraction(tmp_path):
-    """Test DocumentationHandler extracts title from markdown heading."""
-    handler = DocumentationHandler()
-
-    # Test with heading
-    doc_with_heading = tmp_path / "with_heading.md"
-    doc_with_heading.write_text("# My Title\n\nContent here")
-    title, content = handler._extract_title_and_content(doc_with_heading)
-    assert title == "My Title"
-    assert "# My Title" not in content
-    assert "Content here" in content
-
-    # Test without heading
-    doc_without_heading = tmp_path / "no-heading.md"
-    doc_without_heading.write_text("Just content, no heading")
-    title, content = handler._extract_title_and_content(doc_without_heading)
-    assert title == "No Heading"  # Uses filename
-    assert "Just content" in content
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_content_handlers_registry():
-    """Test all content types are registered."""
-    assert ContentType.STORE_AGENT in CONTENT_HANDLERS
-    assert ContentType.BLOCK in CONTENT_HANDLERS
-    assert ContentType.DOCUMENTATION in CONTENT_HANDLERS
-
-    assert isinstance(CONTENT_HANDLERS[ContentType.STORE_AGENT], StoreAgentHandler)
-    assert isinstance(CONTENT_HANDLERS[ContentType.BLOCK], BlockHandler)
-    assert isinstance(CONTENT_HANDLERS[ContentType.DOCUMENTATION], DocumentationHandler)
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_block_handler_handles_missing_attributes():
-    """Test BlockHandler gracefully handles blocks with missing attributes."""
-    handler = BlockHandler()
-
-    # Mock block with minimal attributes
-    mock_block_class = MagicMock()
-    mock_block_instance = MagicMock()
-    mock_block_instance.name = "Minimal Block"
-    # No description, categories, or schema
-    del mock_block_instance.description
-    del mock_block_instance.categories
-    del mock_block_instance.input_schema
-    mock_block_class.return_value = mock_block_instance
-
-    mock_blocks = {"block-minimal": mock_block_class}
-
-    with patch(
-        "backend.data.block.get_blocks",
-        return_value=mock_blocks,
-    ):
-        with patch(
-            "backend.api.features.store.content_handlers.query_raw_with_schema",
-            return_value=[],
-        ):
-            items = await handler.get_missing_items(batch_size=10)
-
-            assert len(items) == 1
-            assert items[0].searchable_text == "Minimal Block"
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_block_handler_skips_failed_blocks():
-    """Test BlockHandler skips blocks that fail to instantiate."""
-    handler = BlockHandler()
-
-    # Mock one good block and one bad block
-    good_block = MagicMock()
-    good_instance = MagicMock()
-    good_instance.name = "Good Block"
-    good_instance.description = "Works fine"
-    good_instance.categories = []
-    good_block.return_value = good_instance
-
-    bad_block = MagicMock()
-    bad_block.side_effect = Exception("Instantiation failed")
-
-    mock_blocks = {"good-block": good_block, "bad-block": bad_block}
-
-    with patch(
-        "backend.data.block.get_blocks",
-        return_value=mock_blocks,
-    ):
-        with patch(
-            "backend.api.features.store.content_handlers.query_raw_with_schema",
-            return_value=[],
-        ):
-            items = await handler.get_missing_items(batch_size=10)
-
-            # Should only get the good block
-            assert len(items) == 1
-            assert items[0].content_id == "good-block"
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_documentation_handler_missing_docs_directory():
-    """Test DocumentationHandler handles missing docs directory gracefully."""
-    handler = DocumentationHandler()
-
-    # Mock _get_docs_root to return non-existent path
-    fake_path = Path("/nonexistent/docs")
-    with patch.object(handler, "_get_docs_root", return_value=fake_path):
-        items = await handler.get_missing_items(batch_size=10)
-        assert items == []
-
-        stats = await handler.get_stats()
-        assert stats["total"] == 0
-        assert stats["with_embeddings"] == 0
-        assert stats["without_embeddings"] == 0

autogpt_platform/backend/backend/api/features/store/embeddings.py

@@ -1,737 +0,0 @@
-"""
-Unified Content Embeddings Service
-
-Handles generation and storage of OpenAI embeddings for all content types
-(store listings, blocks, documentation, library agents) to enable semantic/hybrid search.
-"""
-
-import asyncio
-import logging
-import time
-from typing import Any
-
-import prisma
-from prisma.enums import ContentType
-from tiktoken import encoding_for_model
-
-from backend.api.features.store.content_handlers import CONTENT_HANDLERS
-from backend.data.db import execute_raw_with_schema, query_raw_with_schema
-from backend.util.clients import get_openai_client
-from backend.util.json import dumps
-
-logger = logging.getLogger(__name__)
-
-
-# OpenAI embedding model configuration
-EMBEDDING_MODEL = "text-embedding-3-small"
-# Embedding dimension for the model above
-# text-embedding-3-small: 1536, text-embedding-3-large: 3072
-EMBEDDING_DIM = 1536
-# OpenAI embedding token limit (8,191 with 1 token buffer for safety)
-EMBEDDING_MAX_TOKENS = 8191
-
-
-def build_searchable_text(
-    name: str,
-    description: str,
-    sub_heading: str,
-    categories: list[str],
-) -> str:
-    """
-    Build searchable text from listing version fields.
-
-    Combines relevant fields into a single string for embedding.
-    """
-    parts = []
-
-    # Name is important - include it
-    if name:
-        parts.append(name)
-
-    # Sub-heading provides context
-    if sub_heading:
-        parts.append(sub_heading)
-
-    # Description is the main content
-    if description:
-        parts.append(description)
-
-    # Categories help with semantic matching
-    if categories:
-        parts.append(" ".join(categories))
-
-    return " ".join(parts)
-
-
-async def generate_embedding(text: str) -> list[float] | None:
-    """
-    Generate embedding for text using OpenAI API.
-
-    Returns None if embedding generation fails.
-    Fail-fast: no retries to maintain consistency with approval flow.
-    """
-    try:
-        client = get_openai_client()
-        if not client:
-            logger.error("openai_internal_api_key not set, cannot generate embedding")
-            return None
-
-        # Truncate text to token limit using tiktoken
-        # Character-based truncation is insufficient because token ratios vary by content type
-        enc = encoding_for_model(EMBEDDING_MODEL)
-        tokens = enc.encode(text)
-        if len(tokens) > EMBEDDING_MAX_TOKENS:
-            tokens = tokens[:EMBEDDING_MAX_TOKENS]
-            truncated_text = enc.decode(tokens)
-            logger.info(
-                f"Truncated text from {len(enc.encode(text))} to {len(tokens)} tokens"
-            )
-        else:
-            truncated_text = text
-
-        start_time = time.time()
-        response = await client.embeddings.create(
-            model=EMBEDDING_MODEL,
-            input=truncated_text,
-        )
-        latency_ms = (time.time() - start_time) * 1000
-
-        embedding = response.data[0].embedding
-        logger.info(
-            f"Generated embedding: {len(embedding)} dims, "
-            f"{len(tokens)} tokens, {latency_ms:.0f}ms"
-        )
-        return embedding
-
-    except Exception as e:
-        logger.error(f"Failed to generate embedding: {e}")
-        return None
-
-
-async def store_embedding(
-    version_id: str,
-    embedding: list[float],
-    tx: prisma.Prisma | None = None,
-) -> bool:
-    """
-    Store embedding in the database.
-
-    BACKWARD COMPATIBILITY: Maintained for existing store listing usage.
-    DEPRECATED: Use ensure_embedding() instead (includes searchable_text).
-    """
-    return await store_content_embedding(
-        content_type=ContentType.STORE_AGENT,
-        content_id=version_id,
-        embedding=embedding,
-        searchable_text="",  # Empty for backward compat; ensure_embedding() populates this
-        metadata=None,
-        user_id=None,  # Store agents are public
-        tx=tx,
-    )
-
-
-async def store_content_embedding(
-    content_type: ContentType,
-    content_id: str,
-    embedding: list[float],
-    searchable_text: str,
-    metadata: dict | None = None,
-    user_id: str | None = None,
-    tx: prisma.Prisma | None = None,
-) -> bool:
-    """
-    Store embedding in the unified content embeddings table.
-
-    New function for unified content embedding storage.
-    Uses raw SQL since Prisma doesn't natively support pgvector.
-    """
-    try:
-        client = tx if tx else prisma.get_client()
-
-        # Convert embedding to PostgreSQL vector format
-        embedding_str = embedding_to_vector_string(embedding)
-        metadata_json = dumps(metadata or {})
-
-        # Upsert the embedding
-        # WHERE clause in DO UPDATE prevents PostgreSQL 15 bug with NULLS NOT DISTINCT
-        await execute_raw_with_schema(
-            """
-            INSERT INTO {schema_prefix}"UnifiedContentEmbedding" (
-                "id", "contentType", "contentId", "userId", "embedding", "searchableText", "metadata", "createdAt", "updatedAt"
-            )
-            VALUES (gen_random_uuid()::text, $1::{schema_prefix}"ContentType", $2, $3, $4::vector, $5, $6::jsonb, NOW(), NOW())
-            ON CONFLICT ("contentType", "contentId", "userId")
-            DO UPDATE SET
-                "embedding" = $4::vector,
-                "searchableText" = $5,
-                "metadata" = $6::jsonb,
-                "updatedAt" = NOW()
-            WHERE {schema_prefix}"UnifiedContentEmbedding"."contentType" = $1::{schema_prefix}"ContentType"
-                AND {schema_prefix}"UnifiedContentEmbedding"."contentId" = $2
-                AND ({schema_prefix}"UnifiedContentEmbedding"."userId" = $3 OR ($3 IS NULL AND {schema_prefix}"UnifiedContentEmbedding"."userId" IS NULL))
-            """,
-            content_type,
-            content_id,
-            user_id,
-            embedding_str,
-            searchable_text,
-            metadata_json,
-            client=client,
-            set_public_search_path=True,
-        )
-
-        logger.info(f"Stored embedding for {content_type}:{content_id}")
-        return True
-
-    except Exception as e:
-        logger.error(f"Failed to store embedding for {content_type}:{content_id}: {e}")
-        return False
-
-
-async def get_embedding(version_id: str) -> dict[str, Any] | None:
-    """
-    Retrieve embedding record for a listing version.
-
-    BACKWARD COMPATIBILITY: Maintained for existing store listing usage.
-    Returns dict with storeListingVersionId, embedding, timestamps or None if not found.
-    """
-    result = await get_content_embedding(
-        ContentType.STORE_AGENT, version_id, user_id=None
-    )
-    if result:
-        # Transform to old format for backward compatibility
-        return {
-            "storeListingVersionId": result["contentId"],
-            "embedding": result["embedding"],
-            "createdAt": result["createdAt"],
-            "updatedAt": result["updatedAt"],
-        }
-    return None
-
-
-async def get_content_embedding(
-    content_type: ContentType, content_id: str, user_id: str | None = None
-) -> dict[str, Any] | None:
-    """
-    Retrieve embedding record for any content type.
-
-    New function for unified content embedding retrieval.
-    Returns dict with contentType, contentId, embedding, timestamps or None if not found.
-    """
-    try:
-        result = await query_raw_with_schema(
-            """
-            SELECT
-                "contentType",
-                "contentId",
-                "userId",
-                "embedding"::text as "embedding",
-                "searchableText",
-                "metadata",
-                "createdAt",
-                "updatedAt"
-            FROM {schema_prefix}"UnifiedContentEmbedding"
-            WHERE "contentType" = $1::{schema_prefix}"ContentType" AND "contentId" = $2 AND ("userId" = $3 OR ($3 IS NULL AND "userId" IS NULL))
-            """,
-            content_type,
-            content_id,
-            user_id,
-            set_public_search_path=True,
-        )
-
-        if result and len(result) > 0:
-            return result[0]
-        return None
-
-    except Exception as e:
-        logger.error(f"Failed to get embedding for {content_type}:{content_id}: {e}")
-        return None
-
-
-async def ensure_embedding(
-    version_id: str,
-    name: str,
-    description: str,
-    sub_heading: str,
-    categories: list[str],
-    force: bool = False,
-    tx: prisma.Prisma | None = None,
-) -> bool:
-    """
-    Ensure an embedding exists for the listing version.
-
-    Creates embedding if missing. Use force=True to regenerate.
-    Backward-compatible wrapper for store listings.
-
-    Args:
-        version_id: The StoreListingVersion ID
-        name: Agent name
-        description: Agent description
-        sub_heading: Agent sub-heading
-        categories: Agent categories
-        force: Force regeneration even if embedding exists
-        tx: Optional transaction client
-
-    Returns:
-        True if embedding exists/was created, False on failure
-    """
-    try:
-        # Check if embedding already exists
-        if not force:
-            existing = await get_embedding(version_id)
-            if existing and existing.get("embedding"):
-                logger.debug(f"Embedding for version {version_id} already exists")
-                return True
-
-        # Build searchable text for embedding
-        searchable_text = build_searchable_text(
-            name, description, sub_heading, categories
-        )
-
-        # Generate new embedding
-        embedding = await generate_embedding(searchable_text)
-        if embedding is None:
-            logger.warning(f"Could not generate embedding for version {version_id}")
-            return False
-
-        # Store the embedding with metadata using new function
-        metadata = {
-            "name": name,
-            "subHeading": sub_heading,
-            "categories": categories,
-        }
-        return await store_content_embedding(
-            content_type=ContentType.STORE_AGENT,
-            content_id=version_id,
-            embedding=embedding,
-            searchable_text=searchable_text,
-            metadata=metadata,
-            user_id=None,  # Store agents are public
-            tx=tx,
-        )
-
-    except Exception as e:
-        logger.error(f"Failed to ensure embedding for version {version_id}: {e}")
-        return False
-
-
-async def delete_embedding(version_id: str) -> bool:
-    """
-    Delete embedding for a listing version.
-
-    BACKWARD COMPATIBILITY: Maintained for existing store listing usage.
-    Note: This is usually handled automatically by CASCADE delete,
-    but provided for manual cleanup if needed.
-    """
-    return await delete_content_embedding(ContentType.STORE_AGENT, version_id)
-
-
-async def delete_content_embedding(
-    content_type: ContentType, content_id: str, user_id: str | None = None
-) -> bool:
-    """
-    Delete embedding for any content type.
-
-    New function for unified content embedding deletion.
-    Note: This is usually handled automatically by CASCADE delete,
-    but provided for manual cleanup if needed.
-
-    Args:
-        content_type: The type of content (STORE_AGENT, LIBRARY_AGENT, etc.)
-        content_id: The unique identifier for the content
-        user_id: Optional user ID. For public content (STORE_AGENT, BLOCK), pass None.
-                 For user-scoped content (LIBRARY_AGENT), pass the user's ID to avoid
-                 deleting embeddings belonging to other users.
-
-    Returns:
-        True if deletion succeeded, False otherwise
-    """
-    try:
-        client = prisma.get_client()
-
-        await execute_raw_with_schema(
-            """
-            DELETE FROM {schema_prefix}"UnifiedContentEmbedding"
-            WHERE "contentType" = $1::{schema_prefix}"ContentType"
-              AND "contentId" = $2
-              AND ("userId" = $3 OR ($3 IS NULL AND "userId" IS NULL))
-            """,
-            content_type,
-            content_id,
-            user_id,
-            client=client,
-        )
-
-        user_str = f" (user: {user_id})" if user_id else ""
-        logger.info(f"Deleted embedding for {content_type}:{content_id}{user_str}")
-        return True
-
-    except Exception as e:
-        logger.error(f"Failed to delete embedding for {content_type}:{content_id}: {e}")
-        return False
-
-
-async def get_embedding_stats() -> dict[str, Any]:
-    """
-    Get statistics about embedding coverage for all content types.
-
-    Returns stats per content type and overall totals.
-    """
-    try:
-        stats_by_type = {}
-        total_items = 0
-        total_with_embeddings = 0
-        total_without_embeddings = 0
-
-        # Aggregate stats from all handlers
-        for content_type, handler in CONTENT_HANDLERS.items():
-            try:
-                stats = await handler.get_stats()
-                stats_by_type[content_type.value] = {
-                    "total": stats["total"],
-                    "with_embeddings": stats["with_embeddings"],
-                    "without_embeddings": stats["without_embeddings"],
-                    "coverage_percent": (
-                        round(stats["with_embeddings"] / stats["total"] * 100, 1)
-                        if stats["total"] > 0
-                        else 0
-                    ),
-                }
-
-                total_items += stats["total"]
-                total_with_embeddings += stats["with_embeddings"]
-                total_without_embeddings += stats["without_embeddings"]
-
-            except Exception as e:
-                logger.error(f"Failed to get stats for {content_type.value}: {e}")
-                stats_by_type[content_type.value] = {
-                    "total": 0,
-                    "with_embeddings": 0,
-                    "without_embeddings": 0,
-                    "coverage_percent": 0,
-                    "error": str(e),
-                }
-
-        return {
-            "by_type": stats_by_type,
-            "totals": {
-                "total": total_items,
-                "with_embeddings": total_with_embeddings,
-                "without_embeddings": total_without_embeddings,
-                "coverage_percent": (
-                    round(total_with_embeddings / total_items * 100, 1)
-                    if total_items > 0
-                    else 0
-                ),
-            },
-        }
-
-    except Exception as e:
-        logger.error(f"Failed to get embedding stats: {e}")
-        return {
-            "by_type": {},
-            "totals": {
-                "total": 0,
-                "with_embeddings": 0,
-                "without_embeddings": 0,
-                "coverage_percent": 0,
-            },
-            "error": str(e),
-        }
-
-
-async def backfill_missing_embeddings(batch_size: int = 10) -> dict[str, Any]:
-    """
-    Generate embeddings for approved listings that don't have them.
-
-    BACKWARD COMPATIBILITY: Maintained for existing usage.
-    This now delegates to backfill_all_content_types() to process all content types.
-
-    Args:
-        batch_size: Number of embeddings to generate per content type
-
-    Returns:
-        Dict with success/failure counts aggregated across all content types
-    """
-    # Delegate to the new generic backfill system
-    result = await backfill_all_content_types(batch_size)
-
-    # Return in the old format for backward compatibility
-    return result["totals"]
-
-
-async def backfill_all_content_types(batch_size: int = 10) -> dict[str, Any]:
-    """
-    Generate embeddings for all content types using registered handlers.
-
-    Processes content types in order: BLOCK → STORE_AGENT → DOCUMENTATION.
-    This ensures foundational content (blocks) are searchable first.
-
-    Args:
-        batch_size: Number of embeddings to generate per content type
-
-    Returns:
-        Dict with stats per content type and overall totals
-    """
-    results_by_type = {}
-    total_processed = 0
-    total_success = 0
-    total_failed = 0
-
-    # Process content types in explicit order
-    processing_order = [
-        ContentType.BLOCK,
-        ContentType.STORE_AGENT,
-        ContentType.DOCUMENTATION,
-    ]
-
-    for content_type in processing_order:
-        handler = CONTENT_HANDLERS.get(content_type)
-        if not handler:
-            logger.warning(f"No handler registered for {content_type.value}")
-            continue
-        try:
-            logger.info(f"Processing {content_type.value} content type...")
-
-            # Get missing items from handler
-            missing_items = await handler.get_missing_items(batch_size)
-
-            if not missing_items:
-                results_by_type[content_type.value] = {
-                    "processed": 0,
-                    "success": 0,
-                    "failed": 0,
-                    "message": "No missing embeddings",
-                }
-                continue
-
-            # Process embeddings concurrently for better performance
-            embedding_tasks = [
-                ensure_content_embedding(
-                    content_type=item.content_type,
-                    content_id=item.content_id,
-                    searchable_text=item.searchable_text,
-                    metadata=item.metadata,
-                    user_id=item.user_id,
-                )
-                for item in missing_items
-            ]
-
-            results = await asyncio.gather(*embedding_tasks, return_exceptions=True)
-
-            success = sum(1 for result in results if result is True)
-            failed = len(results) - success
-
-            results_by_type[content_type.value] = {
-                "processed": len(missing_items),
-                "success": success,
-                "failed": failed,
-                "message": f"Backfilled {success} embeddings, {failed} failed",
-            }
-
-            total_processed += len(missing_items)
-            total_success += success
-            total_failed += failed
-
-            logger.info(
-                f"{content_type.value}: processed {len(missing_items)}, "
-                f"success {success}, failed {failed}"
-            )
-
-        except Exception as e:
-            logger.error(f"Failed to process {content_type.value}: {e}")
-            results_by_type[content_type.value] = {
-                "processed": 0,
-                "success": 0,
-                "failed": 0,
-                "error": str(e),
-            }
-
-    return {
-        "by_type": results_by_type,
-        "totals": {
-            "processed": total_processed,
-            "success": total_success,
-            "failed": total_failed,
-            "message": f"Overall: {total_success} succeeded, {total_failed} failed",
-        },
-    }
-
-
-async def embed_query(query: str) -> list[float] | None:
-    """
-    Generate embedding for a search query.
-
-    Same as generate_embedding but with clearer intent.
-    """
-    return await generate_embedding(query)
-
-
-def embedding_to_vector_string(embedding: list[float]) -> str:
-    """Convert embedding list to PostgreSQL vector string format."""
-    return "[" + ",".join(str(x) for x in embedding) + "]"
-
-
-async def ensure_content_embedding(
-    content_type: ContentType,
-    content_id: str,
-    searchable_text: str,
-    metadata: dict | None = None,
-    user_id: str | None = None,
-    force: bool = False,
-    tx: prisma.Prisma | None = None,
-) -> bool:
-    """
-    Ensure an embedding exists for any content type.
-
-    Generic function for creating embeddings for store agents, blocks, docs, etc.
-
-    Args:
-        content_type: ContentType enum value (STORE_AGENT, BLOCK, etc.)
-        content_id: Unique identifier for the content
-        searchable_text: Combined text for embedding generation
-        metadata: Optional metadata to store with embedding
-        force: Force regeneration even if embedding exists
-        tx: Optional transaction client
-
-    Returns:
-        True if embedding exists/was created, False on failure
-    """
-    try:
-        # Check if embedding already exists
-        if not force:
-            existing = await get_content_embedding(content_type, content_id, user_id)
-            if existing and existing.get("embedding"):
-                logger.debug(
-                    f"Embedding for {content_type}:{content_id} already exists"
-                )
-                return True
-
-        # Generate new embedding
-        embedding = await generate_embedding(searchable_text)
-        if embedding is None:
-            logger.warning(
-                f"Could not generate embedding for {content_type}:{content_id}"
-            )
-            return False
-
-        # Store the embedding
-        return await store_content_embedding(
-            content_type=content_type,
-            content_id=content_id,
-            embedding=embedding,
-            searchable_text=searchable_text,
-            metadata=metadata or {},
-            user_id=user_id,
-            tx=tx,
-        )
-
-    except Exception as e:
-        logger.error(f"Failed to ensure embedding for {content_type}:{content_id}: {e}")
-        return False
-
-
-async def cleanup_orphaned_embeddings() -> dict[str, Any]:
-    """
-    Clean up embeddings for blocks and docs that no longer exist.
-
-    Compares current blocks/docs with embeddings in database and removes orphaned records.
-    Store agents are NOT cleaned up - they're properly filtered during search.
-
-    Returns:
-        Dict with cleanup statistics per content type
-    """
-    from backend.api.features.store.content_handlers import CONTENT_HANDLERS
-    from backend.data.db import query_raw_with_schema
-
-    results_by_type = {}
-    total_deleted = 0
-
-    # Only cleanup BLOCK and DOCUMENTATION - store agents are filtered during search
-    cleanup_types = [ContentType.BLOCK, ContentType.DOCUMENTATION]
-
-    for content_type in cleanup_types:
-        try:
-            handler = CONTENT_HANDLERS.get(content_type)
-            if not handler:
-                logger.warning(f"No handler registered for {content_type}")
-                results_by_type[content_type.value] = {
-                    "deleted": 0,
-                    "error": "No handler registered",
-                }
-                continue
-
-            # Get all current content IDs from handler
-            if content_type == ContentType.BLOCK:
-                from backend.data.block import get_blocks
-
-                current_ids = set(get_blocks().keys())
-            elif content_type == ContentType.DOCUMENTATION:
-                from pathlib import Path
-
-                backend_root = Path(__file__).parent.parent.parent.parent
-                docs_root = backend_root.parent.parent / "docs"
-                if docs_root.exists():
-                    all_docs = list(docs_root.rglob("*.md")) + list(
-                        docs_root.rglob("*.mdx")
-                    )
-                    current_ids = {str(doc.relative_to(docs_root)) for doc in all_docs}
-                else:
-                    current_ids = set()
-            else:
-                current_ids = set()
-
-            # Get all embedding IDs from database
-            db_embeddings = await query_raw_with_schema(
-                """
-                SELECT "contentId"
-                FROM {schema_prefix}"UnifiedContentEmbedding"
-                WHERE "contentType" = $1::{schema_prefix}"ContentType"
-                """,
-                content_type,
-            )
-
-            db_ids = {row["contentId"] for row in db_embeddings}
-
-            # Find orphaned embeddings (in DB but not in current content)
-            orphaned_ids = db_ids - current_ids
-
-            if not orphaned_ids:
-                logger.info(f"{content_type.value}: No orphaned embeddings found")
-                results_by_type[content_type.value] = {
-                    "deleted": 0,
-                    "message": "No orphaned embeddings",
-                }
-                continue
-
-            # Delete orphaned embeddings
-            deleted = 0
-            for content_id in orphaned_ids:
-                if await delete_content_embedding(content_type, content_id):
-                    deleted += 1
-
-            logger.info(
-                f"{content_type.value}: Deleted {deleted}/{len(orphaned_ids)} orphaned embeddings"
-            )
-            results_by_type[content_type.value] = {
-                "deleted": deleted,
-                "orphaned": len(orphaned_ids),
-                "message": f"Deleted {deleted} orphaned embeddings",
-            }
-
-            total_deleted += deleted
-
-        except Exception as e:
-            logger.error(f"Failed to cleanup {content_type.value}: {e}")
-            results_by_type[content_type.value] = {
-                "deleted": 0,
-                "error": str(e),
-            }
-
-    return {
-        "by_type": results_by_type,
-        "totals": {
-            "deleted": total_deleted,
-            "message": f"Deleted {total_deleted} orphaned embeddings",
-        },
-    }

autogpt_platform/backend/backend/api/features/store/embeddings_schema_test.py

@@ -1,315 +0,0 @@
-"""
-Integration tests for embeddings with schema handling.
-
-These tests verify that embeddings operations work correctly across different database schemas.
-"""
-
-from unittest.mock import AsyncMock, MagicMock, patch
-
-import pytest
-from prisma.enums import ContentType
-
-from backend.api.features.store import embeddings
-from backend.api.features.store.embeddings import EMBEDDING_DIM
-
-# Schema prefix tests removed - functionality moved to db.raw_with_schema() helper
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_store_content_embedding_with_schema():
-    """Test storing embeddings with proper schema handling."""
-    with patch("backend.data.db.get_database_schema") as mock_schema:
-        mock_schema.return_value = "platform"
-
-        with patch("prisma.get_client") as mock_get_client:
-            mock_client = AsyncMock()
-            mock_get_client.return_value = mock_client
-
-            result = await embeddings.store_content_embedding(
-                content_type=ContentType.STORE_AGENT,
-                content_id="test-id",
-                embedding=[0.1] * EMBEDDING_DIM,
-                searchable_text="test text",
-                metadata={"test": "data"},
-                user_id=None,
-            )
-
-            # Verify the query was called
-            assert mock_client.execute_raw.called
-
-            # Get the SQL query that was executed
-            call_args = mock_client.execute_raw.call_args
-            sql_query = call_args[0][0]
-
-            # Verify schema prefix is in the query
-            assert '"platform"."UnifiedContentEmbedding"' in sql_query
-
-            # Verify result
-            assert result is True
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_get_content_embedding_with_schema():
-    """Test retrieving embeddings with proper schema handling."""
-    with patch("backend.data.db.get_database_schema") as mock_schema:
-        mock_schema.return_value = "platform"
-
-        with patch("prisma.get_client") as mock_get_client:
-            mock_client = AsyncMock()
-            mock_client.query_raw.return_value = [
-                {
-                    "contentType": "STORE_AGENT",
-                    "contentId": "test-id",
-                    "userId": None,
-                    "embedding": "[0.1, 0.2]",
-                    "searchableText": "test",
-                    "metadata": {},
-                    "createdAt": "2024-01-01",
-                    "updatedAt": "2024-01-01",
-                }
-            ]
-            mock_get_client.return_value = mock_client
-
-            result = await embeddings.get_content_embedding(
-                ContentType.STORE_AGENT,
-                "test-id",
-                user_id=None,
-            )
-
-            # Verify the query was called
-            assert mock_client.query_raw.called
-
-            # Get the SQL query that was executed
-            call_args = mock_client.query_raw.call_args
-            sql_query = call_args[0][0]
-
-            # Verify schema prefix is in the query
-            assert '"platform"."UnifiedContentEmbedding"' in sql_query
-
-            # Verify result
-            assert result is not None
-            assert result["contentId"] == "test-id"
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_delete_content_embedding_with_schema():
-    """Test deleting embeddings with proper schema handling."""
-    with patch("backend.data.db.get_database_schema") as mock_schema:
-        mock_schema.return_value = "platform"
-
-        with patch("prisma.get_client") as mock_get_client:
-            mock_client = AsyncMock()
-            mock_get_client.return_value = mock_client
-
-            result = await embeddings.delete_content_embedding(
-                ContentType.STORE_AGENT,
-                "test-id",
-            )
-
-            # Verify the query was called
-            assert mock_client.execute_raw.called
-
-            # Get the SQL query that was executed
-            call_args = mock_client.execute_raw.call_args
-            sql_query = call_args[0][0]
-
-            # Verify schema prefix is in the query
-            assert '"platform"."UnifiedContentEmbedding"' in sql_query
-
-            # Verify result
-            assert result is True
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_get_embedding_stats_with_schema():
-    """Test embedding statistics with proper schema handling via content handlers."""
-    # Mock handler to return stats
-    mock_handler = MagicMock()
-    mock_handler.get_stats = AsyncMock(
-        return_value={
-            "total": 100,
-            "with_embeddings": 80,
-            "without_embeddings": 20,
-        }
-    )
-
-    with patch(
-        "backend.api.features.store.embeddings.CONTENT_HANDLERS",
-        {ContentType.STORE_AGENT: mock_handler},
-    ):
-        result = await embeddings.get_embedding_stats()
-
-        # Verify handler was called
-        mock_handler.get_stats.assert_called_once()
-
-        # Verify new result structure
-        assert "by_type" in result
-        assert "totals" in result
-        assert result["totals"]["total"] == 100
-        assert result["totals"]["with_embeddings"] == 80
-        assert result["totals"]["without_embeddings"] == 20
-        assert result["totals"]["coverage_percent"] == 80.0
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_backfill_missing_embeddings_with_schema():
-    """Test backfilling embeddings via content handlers."""
-    from backend.api.features.store.content_handlers import ContentItem
-
-    # Create mock content item
-    mock_item = ContentItem(
-        content_id="version-1",
-        content_type=ContentType.STORE_AGENT,
-        searchable_text="Test Agent Test description",
-        metadata={"name": "Test Agent"},
-    )
-
-    # Mock handler
-    mock_handler = MagicMock()
-    mock_handler.get_missing_items = AsyncMock(return_value=[mock_item])
-
-    with patch(
-        "backend.api.features.store.embeddings.CONTENT_HANDLERS",
-        {ContentType.STORE_AGENT: mock_handler},
-    ):
-        with patch(
-            "backend.api.features.store.embeddings.generate_embedding",
-            return_value=[0.1] * EMBEDDING_DIM,
-        ):
-            with patch(
-                "backend.api.features.store.embeddings.store_content_embedding",
-                return_value=True,
-            ):
-                result = await embeddings.backfill_missing_embeddings(batch_size=10)
-
-                # Verify handler was called
-                mock_handler.get_missing_items.assert_called_once_with(10)
-
-                # Verify results
-                assert result["processed"] == 1
-                assert result["success"] == 1
-                assert result["failed"] == 0
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_ensure_content_embedding_with_schema():
-    """Test ensuring embeddings exist with proper schema handling."""
-    with patch("backend.data.db.get_database_schema") as mock_schema:
-        mock_schema.return_value = "platform"
-
-        with patch(
-            "backend.api.features.store.embeddings.get_content_embedding"
-        ) as mock_get:
-            # Simulate no existing embedding
-            mock_get.return_value = None
-
-            with patch(
-                "backend.api.features.store.embeddings.generate_embedding"
-            ) as mock_generate:
-                mock_generate.return_value = [0.1] * EMBEDDING_DIM
-
-                with patch(
-                    "backend.api.features.store.embeddings.store_content_embedding"
-                ) as mock_store:
-                    mock_store.return_value = True
-
-                    result = await embeddings.ensure_content_embedding(
-                        content_type=ContentType.STORE_AGENT,
-                        content_id="test-id",
-                        searchable_text="test text",
-                        metadata={"test": "data"},
-                        user_id=None,
-                        force=False,
-                    )
-
-                    # Verify the flow
-                    assert mock_get.called
-                    assert mock_generate.called
-                    assert mock_store.called
-                    assert result is True
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_backward_compatibility_store_embedding():
-    """Test backward compatibility wrapper for store_embedding."""
-    with patch(
-        "backend.api.features.store.embeddings.store_content_embedding"
-    ) as mock_store:
-        mock_store.return_value = True
-
-        result = await embeddings.store_embedding(
-            version_id="test-version-id",
-            embedding=[0.1] * EMBEDDING_DIM,
-            tx=None,
-        )
-
-        # Verify it calls the new function with correct parameters
-        assert mock_store.called
-        call_args = mock_store.call_args
-
-        assert call_args[1]["content_type"] == ContentType.STORE_AGENT
-        assert call_args[1]["content_id"] == "test-version-id"
-        assert call_args[1]["user_id"] is None
-        assert result is True
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_backward_compatibility_get_embedding():
-    """Test backward compatibility wrapper for get_embedding."""
-    with patch(
-        "backend.api.features.store.embeddings.get_content_embedding"
-    ) as mock_get:
-        mock_get.return_value = {
-            "contentType": "STORE_AGENT",
-            "contentId": "test-version-id",
-            "embedding": "[0.1, 0.2]",
-            "createdAt": "2024-01-01",
-            "updatedAt": "2024-01-01",
-        }
-
-        result = await embeddings.get_embedding("test-version-id")
-
-        # Verify it calls the new function
-        assert mock_get.called
-
-        # Verify it transforms to old format
-        assert result is not None
-        assert result["storeListingVersionId"] == "test-version-id"
-        assert "embedding" in result
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_schema_handling_error_cases():
-    """Test error handling in schema-aware operations."""
-    with patch("backend.data.db.get_database_schema") as mock_schema:
-        mock_schema.return_value = "platform"
-
-        with patch("prisma.get_client") as mock_get_client:
-            mock_client = AsyncMock()
-            mock_client.execute_raw.side_effect = Exception("Database error")
-            mock_get_client.return_value = mock_client
-
-            result = await embeddings.store_content_embedding(
-                content_type=ContentType.STORE_AGENT,
-                content_id="test-id",
-                embedding=[0.1] * EMBEDDING_DIM,
-                searchable_text="test",
-                metadata=None,
-                user_id=None,
-            )
-
-            # Should return False on error, not raise
-            assert result is False
-
-
-if __name__ == "__main__":
-    pytest.main([__file__, "-v", "-s"])

autogpt_platform/backend/backend/api/features/store/embeddings_test.py

@@ -1,407 +0,0 @@
-from unittest.mock import AsyncMock, MagicMock, patch
-
-import prisma
-import pytest
-from prisma import Prisma
-from prisma.enums import ContentType
-
-from backend.api.features.store import embeddings
-
-
-@pytest.fixture(autouse=True)
-async def setup_prisma():
-    """Setup Prisma client for tests."""
-    try:
-        Prisma()
-    except prisma.errors.ClientAlreadyRegisteredError:
-        pass
-    yield
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_build_searchable_text():
-    """Test searchable text building from listing fields."""
-    result = embeddings.build_searchable_text(
-        name="AI Assistant",
-        description="A helpful AI assistant for productivity",
-        sub_heading="Boost your productivity",
-        categories=["AI", "Productivity"],
-    )
-
-    expected = "AI Assistant Boost your productivity A helpful AI assistant for productivity AI Productivity"
-    assert result == expected
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_build_searchable_text_empty_fields():
-    """Test searchable text building with empty fields."""
-    result = embeddings.build_searchable_text(
-        name="", description="Test description", sub_heading="", categories=[]
-    )
-
-    assert result == "Test description"
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_generate_embedding_success():
-    """Test successful embedding generation."""
-    # Mock OpenAI response
-    mock_client = MagicMock()
-    mock_response = MagicMock()
-    mock_response.data = [MagicMock()]
-    mock_response.data[0].embedding = [0.1, 0.2, 0.3] * 512  # 1536 dimensions
-
-    # Use AsyncMock for async embeddings.create method
-    mock_client.embeddings.create = AsyncMock(return_value=mock_response)
-
-    # Patch at the point of use in embeddings.py
-    with patch(
-        "backend.api.features.store.embeddings.get_openai_client"
-    ) as mock_get_client:
-        mock_get_client.return_value = mock_client
-
-        result = await embeddings.generate_embedding("test text")
-
-        assert result is not None
-        assert len(result) == embeddings.EMBEDDING_DIM
-        assert result[0] == 0.1
-
-        mock_client.embeddings.create.assert_called_once_with(
-            model="text-embedding-3-small", input="test text"
-        )
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_generate_embedding_no_api_key():
-    """Test embedding generation without API key."""
-    # Patch at the point of use in embeddings.py
-    with patch(
-        "backend.api.features.store.embeddings.get_openai_client"
-    ) as mock_get_client:
-        mock_get_client.return_value = None
-
-        result = await embeddings.generate_embedding("test text")
-
-        assert result is None
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_generate_embedding_api_error():
-    """Test embedding generation with API error."""
-    mock_client = MagicMock()
-    mock_client.embeddings.create = AsyncMock(side_effect=Exception("API Error"))
-
-    # Patch at the point of use in embeddings.py
-    with patch(
-        "backend.api.features.store.embeddings.get_openai_client"
-    ) as mock_get_client:
-        mock_get_client.return_value = mock_client
-
-        result = await embeddings.generate_embedding("test text")
-
-        assert result is None
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_generate_embedding_text_truncation():
-    """Test that long text is properly truncated using tiktoken."""
-    from tiktoken import encoding_for_model
-
-    mock_client = MagicMock()
-    mock_response = MagicMock()
-    mock_response.data = [MagicMock()]
-    mock_response.data[0].embedding = [0.1] * embeddings.EMBEDDING_DIM
-
-    # Use AsyncMock for async embeddings.create method
-    mock_client.embeddings.create = AsyncMock(return_value=mock_response)
-
-    # Patch at the point of use in embeddings.py
-    with patch(
-        "backend.api.features.store.embeddings.get_openai_client"
-    ) as mock_get_client:
-        mock_get_client.return_value = mock_client
-
-        # Create text that will exceed 8191 tokens
-        # Use varied characters to ensure token-heavy text: each word is ~1 token
-        words = [f"word{i}" for i in range(10000)]
-        long_text = " ".join(words)  # ~10000 tokens
-
-        await embeddings.generate_embedding(long_text)
-
-        # Verify text was truncated to 8191 tokens
-        call_args = mock_client.embeddings.create.call_args
-        truncated_text = call_args.kwargs["input"]
-
-        # Count actual tokens in truncated text
-        enc = encoding_for_model("text-embedding-3-small")
-        actual_tokens = len(enc.encode(truncated_text))
-
-        # Should be at or just under 8191 tokens
-        assert actual_tokens <= 8191
-        # Should be close to the limit (not over-truncated)
-        assert actual_tokens >= 8100
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_store_embedding_success(mocker):
-    """Test successful embedding storage."""
-    mock_client = mocker.AsyncMock()
-    mock_client.execute_raw = mocker.AsyncMock()
-
-    embedding = [0.1, 0.2, 0.3]
-
-    result = await embeddings.store_embedding(
-        version_id="test-version-id", embedding=embedding, tx=mock_client
-    )
-
-    assert result is True
-    # execute_raw is called twice: once for SET search_path, once for INSERT
-    assert mock_client.execute_raw.call_count == 2
-
-    # First call: SET search_path
-    first_call_args = mock_client.execute_raw.call_args_list[0][0]
-    assert "SET search_path" in first_call_args[0]
-
-    # Second call: INSERT query with the actual data
-    second_call_args = mock_client.execute_raw.call_args_list[1][0]
-    assert "test-version-id" in second_call_args
-    assert "[0.1,0.2,0.3]" in second_call_args
-    assert None in second_call_args  # userId should be None for store agents
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_store_embedding_database_error(mocker):
-    """Test embedding storage with database error."""
-    mock_client = mocker.AsyncMock()
-    mock_client.execute_raw.side_effect = Exception("Database error")
-
-    embedding = [0.1, 0.2, 0.3]
-
-    result = await embeddings.store_embedding(
-        version_id="test-version-id", embedding=embedding, tx=mock_client
-    )
-
-    assert result is False
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_get_embedding_success():
-    """Test successful embedding retrieval."""
-    mock_result = [
-        {
-            "contentType": "STORE_AGENT",
-            "contentId": "test-version-id",
-            "userId": None,
-            "embedding": "[0.1,0.2,0.3]",
-            "searchableText": "Test text",
-            "metadata": {},
-            "createdAt": "2024-01-01T00:00:00Z",
-            "updatedAt": "2024-01-01T00:00:00Z",
-        }
-    ]
-
-    with patch(
-        "backend.api.features.store.embeddings.query_raw_with_schema",
-        return_value=mock_result,
-    ):
-        result = await embeddings.get_embedding("test-version-id")
-
-        assert result is not None
-        assert result["storeListingVersionId"] == "test-version-id"
-        assert result["embedding"] == "[0.1,0.2,0.3]"
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_get_embedding_not_found():
-    """Test embedding retrieval when not found."""
-    with patch(
-        "backend.api.features.store.embeddings.query_raw_with_schema",
-        return_value=[],
-    ):
-        result = await embeddings.get_embedding("test-version-id")
-
-        assert result is None
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@patch("backend.api.features.store.embeddings.generate_embedding")
-@patch("backend.api.features.store.embeddings.store_embedding")
-@patch("backend.api.features.store.embeddings.get_embedding")
-async def test_ensure_embedding_already_exists(mock_get, mock_store, mock_generate):
-    """Test ensure_embedding when embedding already exists."""
-    mock_get.return_value = {"embedding": "[0.1,0.2,0.3]"}
-
-    result = await embeddings.ensure_embedding(
-        version_id="test-id",
-        name="Test",
-        description="Test description",
-        sub_heading="Test heading",
-        categories=["test"],
-    )
-
-    assert result is True
-    mock_generate.assert_not_called()
-    mock_store.assert_not_called()
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@patch("backend.api.features.store.embeddings.generate_embedding")
-@patch("backend.api.features.store.embeddings.store_content_embedding")
-@patch("backend.api.features.store.embeddings.get_embedding")
-async def test_ensure_embedding_create_new(mock_get, mock_store, mock_generate):
-    """Test ensure_embedding creating new embedding."""
-    mock_get.return_value = None
-    mock_generate.return_value = [0.1, 0.2, 0.3]
-    mock_store.return_value = True
-
-    result = await embeddings.ensure_embedding(
-        version_id="test-id",
-        name="Test",
-        description="Test description",
-        sub_heading="Test heading",
-        categories=["test"],
-    )
-
-    assert result is True
-    mock_generate.assert_called_once_with("Test Test heading Test description test")
-    mock_store.assert_called_once_with(
-        content_type=ContentType.STORE_AGENT,
-        content_id="test-id",
-        embedding=[0.1, 0.2, 0.3],
-        searchable_text="Test Test heading Test description test",
-        metadata={"name": "Test", "subHeading": "Test heading", "categories": ["test"]},
-        user_id=None,
-        tx=None,
-    )
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@patch("backend.api.features.store.embeddings.generate_embedding")
-@patch("backend.api.features.store.embeddings.get_embedding")
-async def test_ensure_embedding_generation_fails(mock_get, mock_generate):
-    """Test ensure_embedding when generation fails."""
-    mock_get.return_value = None
-    mock_generate.return_value = None
-
-    result = await embeddings.ensure_embedding(
-        version_id="test-id",
-        name="Test",
-        description="Test description",
-        sub_heading="Test heading",
-        categories=["test"],
-    )
-
-    assert result is False
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_get_embedding_stats():
-    """Test embedding statistics retrieval."""
-    # Mock handler stats for each content type
-    mock_handler = MagicMock()
-    mock_handler.get_stats = AsyncMock(
-        return_value={
-            "total": 100,
-            "with_embeddings": 75,
-            "without_embeddings": 25,
-        }
-    )
-
-    # Patch the CONTENT_HANDLERS where it's used (in embeddings module)
-    with patch(
-        "backend.api.features.store.embeddings.CONTENT_HANDLERS",
-        {ContentType.STORE_AGENT: mock_handler},
-    ):
-        result = await embeddings.get_embedding_stats()
-
-        assert "by_type" in result
-        assert "totals" in result
-        assert result["totals"]["total"] == 100
-        assert result["totals"]["with_embeddings"] == 75
-        assert result["totals"]["without_embeddings"] == 25
-        assert result["totals"]["coverage_percent"] == 75.0
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@patch("backend.api.features.store.embeddings.store_content_embedding")
-async def test_backfill_missing_embeddings_success(mock_store):
-    """Test backfill with successful embedding generation."""
-    # Mock ContentItem from handlers
-    from backend.api.features.store.content_handlers import ContentItem
-
-    mock_items = [
-        ContentItem(
-            content_id="version-1",
-            content_type=ContentType.STORE_AGENT,
-            searchable_text="Agent 1 Description 1",
-            metadata={"name": "Agent 1"},
-        ),
-        ContentItem(
-            content_id="version-2",
-            content_type=ContentType.STORE_AGENT,
-            searchable_text="Agent 2 Description 2",
-            metadata={"name": "Agent 2"},
-        ),
-    ]
-
-    # Mock handler to return missing items
-    mock_handler = MagicMock()
-    mock_handler.get_missing_items = AsyncMock(return_value=mock_items)
-
-    # Mock store_content_embedding to succeed for first, fail for second
-    mock_store.side_effect = [True, False]
-
-    with patch(
-        "backend.api.features.store.embeddings.CONTENT_HANDLERS",
-        {ContentType.STORE_AGENT: mock_handler},
-    ):
-        with patch(
-            "backend.api.features.store.embeddings.generate_embedding",
-            return_value=[0.1] * embeddings.EMBEDDING_DIM,
-        ):
-            result = await embeddings.backfill_missing_embeddings(batch_size=5)
-
-            assert result["processed"] == 2
-            assert result["success"] == 1
-            assert result["failed"] == 1
-            assert mock_store.call_count == 2
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_backfill_missing_embeddings_no_missing():
-    """Test backfill when no embeddings are missing."""
-    # Mock handler to return no missing items
-    mock_handler = MagicMock()
-    mock_handler.get_missing_items = AsyncMock(return_value=[])
-
-    with patch(
-        "backend.api.features.store.embeddings.CONTENT_HANDLERS",
-        {ContentType.STORE_AGENT: mock_handler},
-    ):
-        result = await embeddings.backfill_missing_embeddings(batch_size=5)
-
-        assert result["processed"] == 0
-        assert result["success"] == 0
-        assert result["failed"] == 0
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_embedding_to_vector_string():
-    """Test embedding to PostgreSQL vector string conversion."""
-    embedding = [0.1, 0.2, 0.3, -0.4]
-    result = embeddings.embedding_to_vector_string(embedding)
-    assert result == "[0.1,0.2,0.3,-0.4]"
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_embed_query():
-    """Test embed_query function (alias for generate_embedding)."""
-    with patch(
-        "backend.api.features.store.embeddings.generate_embedding"
-    ) as mock_generate:
-        mock_generate.return_value = [0.1, 0.2, 0.3]
-
-        result = await embeddings.embed_query("test query")
-
-        assert result == [0.1, 0.2, 0.3]
-        mock_generate.assert_called_once_with("test query")

autogpt_platform/backend/backend/api/features/store/hybrid_search.py

@@ -1,418 +0,0 @@
-"""
-Hybrid Search for Store Agents
-
-Combines semantic (embedding) search with lexical (tsvector) search
-for improved relevance in marketplace agent discovery.
-"""
-
-import logging
-from dataclasses import dataclass
-from datetime import datetime
-from typing import Any, Literal
-
-from backend.api.features.store.embeddings import (
-    EMBEDDING_DIM,
-    embed_query,
-    embedding_to_vector_string,
-)
-from backend.data.db import query_raw_with_schema
-
-logger = logging.getLogger(__name__)
-
-
-@dataclass
-class HybridSearchWeights:
-    """Weights for combining search signals."""
-
-    semantic: float = 0.30  # Embedding cosine similarity
-    lexical: float = 0.30  # tsvector ts_rank_cd score
-    category: float = 0.20  # Category match boost
-    recency: float = 0.10  # Newer agents ranked higher
-    popularity: float = 0.10  # Agent usage/runs (PageRank-like)
-
-    def __post_init__(self):
-        """Validate weights are non-negative and sum to approximately 1.0."""
-        total = (
-            self.semantic
-            + self.lexical
-            + self.category
-            + self.recency
-            + self.popularity
-        )
-
-        if any(
-            w < 0
-            for w in [
-                self.semantic,
-                self.lexical,
-                self.category,
-                self.recency,
-                self.popularity,
-            ]
-        ):
-            raise ValueError("All weights must be non-negative")
-
-        if not (0.99 <= total <= 1.01):
-            raise ValueError(f"Weights must sum to ~1.0, got {total:.3f}")
-
-
-DEFAULT_WEIGHTS = HybridSearchWeights()
-
-# Minimum relevance score threshold - agents below this are filtered out
-# With weights (0.30 semantic + 0.30 lexical + 0.20 category + 0.10 recency + 0.10 popularity):
-# - 0.20 means at least ~60% semantic match OR strong lexical match required
-# - Ensures only genuinely relevant results are returned
-# - Recency/popularity alone (0.10 each) won't pass the threshold
-DEFAULT_MIN_SCORE = 0.20
-
-
-@dataclass
-class HybridSearchResult:
-    """A single search result with score breakdown."""
-
-    slug: str
-    agent_name: str
-    agent_image: str
-    creator_username: str
-    creator_avatar: str
-    sub_heading: str
-    description: str
-    runs: int
-    rating: float
-    categories: list[str]
-    featured: bool
-    is_available: bool
-    updated_at: datetime
-
-    # Score breakdown (for debugging/tuning)
-    combined_score: float
-    semantic_score: float = 0.0
-    lexical_score: float = 0.0
-    category_score: float = 0.0
-    recency_score: float = 0.0
-    popularity_score: float = 0.0
-
-
-async def hybrid_search(
-    query: str,
-    featured: bool = False,
-    creators: list[str] | None = None,
-    category: str | None = None,
-    sorted_by: (
-        Literal["relevance", "rating", "runs", "name", "updated_at"] | None
-    ) = None,
-    page: int = 1,
-    page_size: int = 20,
-    weights: HybridSearchWeights | None = None,
-    min_score: float | None = None,
-) -> tuple[list[dict[str, Any]], int]:
-    """
-    Perform hybrid search combining semantic and lexical signals.
-
-    Args:
-        query: Search query string
-        featured: Filter for featured agents only
-        creators: Filter by creator usernames
-        category: Filter by category
-        sorted_by: Sort order (relevance uses hybrid scoring)
-        page: Page number (1-indexed)
-        page_size: Results per page
-        weights: Custom weights for search signals
-        min_score: Minimum relevance score threshold (0-1). Results below
-                   this score are filtered out. Defaults to DEFAULT_MIN_SCORE.
-
-    Returns:
-        Tuple of (results list, total count). Returns empty list if no
-        results meet the minimum relevance threshold.
-    """
-    # Validate inputs
-    query = query.strip()
-    if not query:
-        return [], 0  # Empty query returns no results
-
-    if page < 1:
-        page = 1
-    if page_size < 1:
-        page_size = 1
-    if page_size > 100:  # Cap at reasonable limit to prevent performance issues
-        page_size = 100
-
-    if weights is None:
-        weights = DEFAULT_WEIGHTS
-    if min_score is None:
-        min_score = DEFAULT_MIN_SCORE
-
-    offset = (page - 1) * page_size
-
-    # Generate query embedding
-    query_embedding = await embed_query(query)
-
-    # Build WHERE clause conditions
-    where_parts: list[str] = ["sa.is_available = true"]
-    params: list[Any] = []
-    param_index = 1
-
-    # Add search query for lexical matching
-    params.append(query)
-    query_param = f"${param_index}"
-    param_index += 1
-
-    # Add lowercased query for category matching
-    params.append(query.lower())
-    query_lower_param = f"${param_index}"
-    param_index += 1
-
-    if featured:
-        where_parts.append("sa.featured = true")
-
-    if creators:
-        where_parts.append(f"sa.creator_username = ANY(${param_index})")
-        params.append(creators)
-        param_index += 1
-
-    if category:
-        where_parts.append(f"${param_index} = ANY(sa.categories)")
-        params.append(category)
-        param_index += 1
-
-    # Safe: where_parts only contains hardcoded strings with $N parameter placeholders
-    # No user input is concatenated directly into the SQL string
-    where_clause = " AND ".join(where_parts)
-
-    # Graceful degradation: fall back to lexical-only search if embedding unavailable
-    if query_embedding is None or not query_embedding:
-        logger.warning(
-            "Failed to generate query embedding - falling back to lexical-only search. "
-            "Check that openai_internal_api_key is configured and OpenAI API is accessible."
-        )
-        # Use zero embedding (semantic score will be 0)
-        query_embedding = [0.0] * EMBEDDING_DIM
-
-        # Adjust weights: redistribute semantic weight to other components
-        # Semantic becomes 0, lexical increases proportionally
-        total_non_semantic = (
-            weights.lexical + weights.category + weights.recency + weights.popularity
-        )
-        if total_non_semantic > 0:
-            # Redistribute semantic weight proportionally to other components
-            redistribution_factor = 1.0 / total_non_semantic
-            weights = HybridSearchWeights(
-                semantic=0.0,
-                lexical=weights.lexical * redistribution_factor,
-                category=weights.category * redistribution_factor,
-                recency=weights.recency * redistribution_factor,
-                popularity=weights.popularity * redistribution_factor,
-            )
-        else:
-            # Fallback: all weight to lexical if other components are also 0
-            weights = HybridSearchWeights(
-                semantic=0.0,
-                lexical=1.0,
-                category=0.0,
-                recency=0.0,
-                popularity=0.0,
-            )
-
-    # Add embedding parameter
-    embedding_str = embedding_to_vector_string(query_embedding)
-    params.append(embedding_str)
-    embedding_param = f"${param_index}"
-    param_index += 1
-
-    # Add weight parameters for SQL calculation
-    params.append(weights.semantic)
-    weight_semantic_param = f"${param_index}"
-    param_index += 1
-
-    params.append(weights.lexical)
-    weight_lexical_param = f"${param_index}"
-    param_index += 1
-
-    params.append(weights.category)
-    weight_category_param = f"${param_index}"
-    param_index += 1
-
-    params.append(weights.recency)
-    weight_recency_param = f"${param_index}"
-    param_index += 1
-
-    params.append(weights.popularity)
-    weight_popularity_param = f"${param_index}"
-    param_index += 1
-
-    # Add min_score parameter
-    params.append(min_score)
-    min_score_param = f"${param_index}"
-    param_index += 1
-
-    # Optimized hybrid search query:
-    # 1. Direct join to UnifiedContentEmbedding via contentId=storeListingVersionId (no redundant JOINs)
-    # 2. UNION approach (deduplicates agents matching both branches)
-    # 3. COUNT(*) OVER() to get total count in single query
-    # 4. Optimized category matching with EXISTS + unnest
-    # 5. Pre-calculated max values for lexical and popularity normalization
-    # 6. Simplified recency calculation with linear decay
-    # 7. Logarithmic popularity scaling to prevent viral agents from dominating
-    sql_query = f"""
-            WITH candidates AS (
-                -- Lexical matches (uses GIN index on search column)
-                SELECT sa."storeListingVersionId"
-                FROM {{schema_prefix}}"StoreAgent" sa
-                WHERE {where_clause}
-                AND sa.search @@ plainto_tsquery('english', {query_param})
-
-                UNION
-
-                -- Semantic matches (uses HNSW index on embedding with KNN)
-                SELECT "storeListingVersionId"
-                FROM (
-                    SELECT sa."storeListingVersionId", uce.embedding
-                    FROM {{schema_prefix}}"StoreAgent" sa
-                    INNER JOIN {{schema_prefix}}"UnifiedContentEmbedding" uce
-                        ON sa."storeListingVersionId" = uce."contentId" AND uce."contentType" = 'STORE_AGENT'::{{schema_prefix}}"ContentType"
-                    WHERE {where_clause}
-                    ORDER BY uce.embedding <=> {embedding_param}::vector
-                    LIMIT 200
-                ) semantic_results
-            ),
-            search_scores AS (
-                SELECT
-                    sa.slug,
-                    sa.agent_name,
-                    sa.agent_image,
-                    sa.creator_username,
-                    sa.creator_avatar,
-                    sa.sub_heading,
-                    sa.description,
-                    sa.runs,
-                    sa.rating,
-                    sa.categories,
-                    sa.featured,
-                    sa.is_available,
-                    sa.updated_at,
-                    -- Semantic score: cosine similarity (1 - distance)
-                    COALESCE(1 - (uce.embedding <=> {embedding_param}::vector), 0) as semantic_score,
-                    -- Lexical score: ts_rank_cd (will be normalized later)
-                    COALESCE(ts_rank_cd(sa.search, plainto_tsquery('english', {query_param})), 0) as lexical_raw,
-                    -- Category match: optimized with unnest for better performance
-                    CASE
-                        WHEN EXISTS (
-                            SELECT 1 FROM unnest(sa.categories) cat
-                            WHERE LOWER(cat) LIKE '%' || {query_lower_param} || '%'
-                        )
-                        THEN 1.0
-                        ELSE 0.0
-                    END as category_score,
-                    -- Recency score: linear decay over 90 days (simpler than exponential)
-                    GREATEST(0, 1 - EXTRACT(EPOCH FROM (NOW() - sa.updated_at)) / (90 * 24 * 3600)) as recency_score,
-                    -- Popularity raw: agent runs count (will be normalized with log scaling)
-                    sa.runs as popularity_raw
-                FROM candidates c
-                INNER JOIN {{schema_prefix}}"StoreAgent" sa
-                    ON c."storeListingVersionId" = sa."storeListingVersionId"
-                LEFT JOIN {{schema_prefix}}"UnifiedContentEmbedding" uce
-                    ON sa."storeListingVersionId" = uce."contentId" AND uce."contentType" = 'STORE_AGENT'::{{schema_prefix}}"ContentType"
-            ),
-            max_lexical AS (
-                SELECT MAX(lexical_raw) as max_val FROM search_scores
-            ),
-            max_popularity AS (
-                SELECT MAX(popularity_raw) as max_val FROM search_scores
-            ),
-            normalized AS (
-                SELECT
-                    ss.*,
-                    -- Normalize lexical score by pre-calculated max
-                    CASE
-                        WHEN ml.max_val > 0
-                        THEN ss.lexical_raw / ml.max_val
-                        ELSE 0
-                    END as lexical_score,
-                    -- Normalize popularity with logarithmic scaling to prevent viral agents from dominating
-                    -- LOG(1 + runs) / LOG(1 + max_runs) ensures score is 0-1 range
-                    CASE
-                        WHEN mp.max_val > 0 AND ss.popularity_raw > 0
-                        THEN LN(1 + ss.popularity_raw) / LN(1 + mp.max_val)
-                        ELSE 0
-                    END as popularity_score
-                FROM search_scores ss
-                CROSS JOIN max_lexical ml
-                CROSS JOIN max_popularity mp
-            ),
-            scored AS (
-                SELECT
-                    slug,
-                    agent_name,
-                    agent_image,
-                    creator_username,
-                    creator_avatar,
-                    sub_heading,
-                    description,
-                    runs,
-                    rating,
-                    categories,
-                    featured,
-                    is_available,
-                    updated_at,
-                    semantic_score,
-                    lexical_score,
-                    category_score,
-                    recency_score,
-                    popularity_score,
-                    (
-                        {weight_semantic_param} * semantic_score +
-                        {weight_lexical_param} * lexical_score +
-                        {weight_category_param} * category_score +
-                        {weight_recency_param} * recency_score +
-                        {weight_popularity_param} * popularity_score
-                    ) as combined_score
-                FROM normalized
-            ),
-            filtered AS (
-                SELECT
-                    *,
-                    COUNT(*) OVER () as total_count
-                FROM scored
-                WHERE combined_score >= {min_score_param}
-            )
-            SELECT * FROM filtered
-            ORDER BY combined_score DESC
-            LIMIT ${param_index} OFFSET ${param_index + 1}
-    """
-
-    # Add pagination params
-    params.extend([page_size, offset])
-
-    # Execute search query - includes total_count via window function
-    results = await query_raw_with_schema(
-        sql_query, *params, set_public_search_path=True
-    )
-
-    # Extract total count from first result (all rows have same count)
-    total = results[0]["total_count"] if results else 0
-
-    # Remove total_count from results before returning
-    for result in results:
-        result.pop("total_count", None)
-
-    # Log without sensitive query content
-    logger.info(f"Hybrid search: {len(results)} results, {total} total")
-
-    return results, total
-
-
-async def hybrid_search_simple(
-    query: str,
-    page: int = 1,
-    page_size: int = 20,
-) -> tuple[list[dict[str, Any]], int]:
-    """
-    Simplified hybrid search for common use cases.
-
-    Uses default weights and no filters.
-    """
-    return await hybrid_search(
-        query=query,
-        page=page,
-        page_size=page_size,
-    )

autogpt_platform/backend/backend/api/features/store/hybrid_search_test.py

@@ -1,365 +0,0 @@
-"""
-Integration tests for hybrid search with schema handling.
-
-These tests verify that hybrid search works correctly across different database schemas.
-"""
-
-from unittest.mock import patch
-
-import pytest
-
-from backend.api.features.store import embeddings
-from backend.api.features.store.hybrid_search import HybridSearchWeights, hybrid_search
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_hybrid_search_with_schema_handling():
-    """Test that hybrid search correctly handles database schema prefixes."""
-    # Test with a mock query to ensure schema handling works
-    query = "test agent"
-
-    with patch(
-        "backend.api.features.store.hybrid_search.query_raw_with_schema"
-    ) as mock_query:
-        # Mock the query result
-        mock_query.return_value = [
-            {
-                "slug": "test/agent",
-                "agent_name": "Test Agent",
-                "agent_image": "test.png",
-                "creator_username": "test",
-                "creator_avatar": "avatar.png",
-                "sub_heading": "Test sub-heading",
-                "description": "Test description",
-                "runs": 10,
-                "rating": 4.5,
-                "categories": ["test"],
-                "featured": False,
-                "is_available": True,
-                "updated_at": "2024-01-01T00:00:00Z",
-                "combined_score": 0.8,
-                "semantic_score": 0.7,
-                "lexical_score": 0.6,
-                "category_score": 0.5,
-                "recency_score": 0.4,
-                "total_count": 1,
-            }
-        ]
-
-        with patch(
-            "backend.api.features.store.hybrid_search.embed_query"
-        ) as mock_embed:
-            mock_embed.return_value = [0.1] * embeddings.EMBEDDING_DIM  # Mock embedding
-
-            results, total = await hybrid_search(
-                query=query,
-                page=1,
-                page_size=20,
-            )
-
-            # Verify the query was called
-            assert mock_query.called
-            # Verify the SQL template uses schema_prefix placeholder
-            call_args = mock_query.call_args
-            sql_template = call_args[0][0]
-            assert "{schema_prefix}" in sql_template
-
-            # Verify results
-            assert len(results) == 1
-            assert total == 1
-            assert results[0]["slug"] == "test/agent"
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_hybrid_search_with_public_schema():
-    """Test hybrid search when using public schema (no prefix needed)."""
-    with patch("backend.data.db.get_database_schema") as mock_schema:
-        mock_schema.return_value = "public"
-
-        with patch(
-            "backend.api.features.store.hybrid_search.query_raw_with_schema"
-        ) as mock_query:
-            mock_query.return_value = []
-
-            with patch(
-                "backend.api.features.store.hybrid_search.embed_query"
-            ) as mock_embed:
-                mock_embed.return_value = [0.1] * embeddings.EMBEDDING_DIM
-
-                results, total = await hybrid_search(
-                    query="test",
-                    page=1,
-                    page_size=20,
-                )
-
-                # Verify the mock was set up correctly
-                assert mock_schema.return_value == "public"
-
-                # Results should work even with empty results
-                assert results == []
-                assert total == 0
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_hybrid_search_with_custom_schema():
-    """Test hybrid search when using custom schema (e.g., 'platform')."""
-    with patch("backend.data.db.get_database_schema") as mock_schema:
-        mock_schema.return_value = "platform"
-
-        with patch(
-            "backend.api.features.store.hybrid_search.query_raw_with_schema"
-        ) as mock_query:
-            mock_query.return_value = []
-
-            with patch(
-                "backend.api.features.store.hybrid_search.embed_query"
-            ) as mock_embed:
-                mock_embed.return_value = [0.1] * embeddings.EMBEDDING_DIM
-
-                results, total = await hybrid_search(
-                    query="test",
-                    page=1,
-                    page_size=20,
-                )
-
-                # Verify the mock was set up correctly
-                assert mock_schema.return_value == "platform"
-
-                assert results == []
-                assert total == 0
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_hybrid_search_without_embeddings():
-    """Test hybrid search gracefully degrades when embeddings are unavailable."""
-    # Mock database to return some results
-    mock_results = [
-        {
-            "slug": "test-agent",
-            "agent_name": "Test Agent",
-            "agent_image": "test.png",
-            "creator_username": "creator",
-            "creator_avatar": "avatar.png",
-            "sub_heading": "Test heading",
-            "description": "Test description",
-            "runs": 100,
-            "rating": 4.5,
-            "categories": ["AI"],
-            "featured": False,
-            "is_available": True,
-            "updated_at": "2025-01-01T00:00:00Z",
-            "semantic_score": 0.0,  # Zero because no embedding
-            "lexical_score": 0.5,
-            "category_score": 0.0,
-            "recency_score": 0.1,
-            "popularity_score": 0.2,
-            "combined_score": 0.3,
-            "total_count": 1,
-        }
-    ]
-
-    with patch("backend.api.features.store.hybrid_search.embed_query") as mock_embed:
-        with patch(
-            "backend.api.features.store.hybrid_search.query_raw_with_schema"
-        ) as mock_query:
-            # Simulate embedding failure
-            mock_embed.return_value = None
-            mock_query.return_value = mock_results
-
-            # Should NOT raise - graceful degradation
-            results, total = await hybrid_search(
-                query="test",
-                page=1,
-                page_size=20,
-            )
-
-            # Verify it returns results even without embeddings
-            assert len(results) == 1
-            assert results[0]["slug"] == "test-agent"
-            assert total == 1
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_hybrid_search_with_filters():
-    """Test hybrid search with various filters."""
-    with patch(
-        "backend.api.features.store.hybrid_search.query_raw_with_schema"
-    ) as mock_query:
-        mock_query.return_value = []
-
-        with patch(
-            "backend.api.features.store.hybrid_search.embed_query"
-        ) as mock_embed:
-            mock_embed.return_value = [0.1] * embeddings.EMBEDDING_DIM
-
-            # Test with featured filter
-            results, total = await hybrid_search(
-                query="test",
-                featured=True,
-                creators=["user1", "user2"],
-                category="productivity",
-                page=1,
-                page_size=10,
-            )
-
-            # Verify filters were applied in the query
-            call_args = mock_query.call_args
-            params = call_args[0][1:]  # Skip SQL template
-
-            # Should have query, query_lower, creators array, category
-            assert len(params) >= 4
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_hybrid_search_weights():
-    """Test hybrid search with custom weights."""
-    custom_weights = HybridSearchWeights(
-        semantic=0.5,
-        lexical=0.3,
-        category=0.1,
-        recency=0.1,
-        popularity=0.0,
-    )
-
-    with patch(
-        "backend.api.features.store.hybrid_search.query_raw_with_schema"
-    ) as mock_query:
-        mock_query.return_value = []
-
-        with patch(
-            "backend.api.features.store.hybrid_search.embed_query"
-        ) as mock_embed:
-            mock_embed.return_value = [0.1] * embeddings.EMBEDDING_DIM
-
-            results, total = await hybrid_search(
-                query="test",
-                weights=custom_weights,
-                page=1,
-                page_size=20,
-            )
-
-            # Verify custom weights were used in the query
-            call_args = mock_query.call_args
-            sql_template = call_args[0][0]
-            params = call_args[0][1:]  # Get all parameters passed
-
-            # Check that SQL uses parameterized weights (not f-string interpolation)
-            assert "$" in sql_template  # Verify parameterization is used
-
-            # Check that custom weights are in the params
-            assert 0.5 in params  # semantic weight
-            assert 0.3 in params  # lexical weight
-            assert 0.1 in params  # category and recency weights
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_hybrid_search_min_score_filtering():
-    """Test hybrid search minimum score threshold."""
-    with patch(
-        "backend.api.features.store.hybrid_search.query_raw_with_schema"
-    ) as mock_query:
-        # Return results with varying scores
-        mock_query.return_value = [
-            {
-                "slug": "high-score/agent",
-                "agent_name": "High Score Agent",
-                "combined_score": 0.8,
-                "total_count": 1,
-                # ... other fields
-            }
-        ]
-
-        with patch(
-            "backend.api.features.store.hybrid_search.embed_query"
-        ) as mock_embed:
-            mock_embed.return_value = [0.1] * embeddings.EMBEDDING_DIM
-
-            # Test with custom min_score
-            results, total = await hybrid_search(
-                query="test",
-                min_score=0.5,  # High threshold
-                page=1,
-                page_size=20,
-            )
-
-            # Verify min_score was applied in query
-            call_args = mock_query.call_args
-            sql_template = call_args[0][0]
-            params = call_args[0][1:]  # Get all parameters
-
-            # Check that SQL uses parameterized min_score
-            assert "combined_score >=" in sql_template
-            assert "$" in sql_template  # Verify parameterization
-
-            # Check that custom min_score is in the params
-            assert 0.5 in params
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_hybrid_search_pagination():
-    """Test hybrid search pagination."""
-    with patch(
-        "backend.api.features.store.hybrid_search.query_raw_with_schema"
-    ) as mock_query:
-        mock_query.return_value = []
-
-        with patch(
-            "backend.api.features.store.hybrid_search.embed_query"
-        ) as mock_embed:
-            mock_embed.return_value = [0.1] * embeddings.EMBEDDING_DIM
-
-            # Test page 2 with page_size 10
-            results, total = await hybrid_search(
-                query="test",
-                page=2,
-                page_size=10,
-            )
-
-            # Verify pagination parameters
-            call_args = mock_query.call_args
-            params = call_args[0]
-
-            # Last two params should be LIMIT and OFFSET
-            limit = params[-2]
-            offset = params[-1]
-
-            assert limit == 10  # page_size
-            assert offset == 10  # (page - 1) * page_size = (2 - 1) * 10
-
-
-@pytest.mark.asyncio(loop_scope="session")
-@pytest.mark.integration
-async def test_hybrid_search_error_handling():
-    """Test hybrid search error handling."""
-    with patch(
-        "backend.api.features.store.hybrid_search.query_raw_with_schema"
-    ) as mock_query:
-        # Simulate database error
-        mock_query.side_effect = Exception("Database connection error")
-
-        with patch(
-            "backend.api.features.store.hybrid_search.embed_query"
-        ) as mock_embed:
-            mock_embed.return_value = [0.1] * embeddings.EMBEDDING_DIM
-
-            # Should raise exception
-            with pytest.raises(Exception) as exc_info:
-                await hybrid_search(
-                    query="test",
-                    page=1,
-                    page_size=20,
-                )
-
-            assert "Database connection error" in str(exc_info.value)
-
-
-if __name__ == "__main__":
-    pytest.main([__file__, "-v", "-s"])

autogpt_platform/backend/backend/api/utils/openapi.py

@@ -1,41 +0,0 @@
-from fastapi import FastAPI
-
-
-def sort_openapi(app: FastAPI) -> None:
-    """
-    Patch a FastAPI instance's `openapi()` method to sort the endpoints,
-    schemas, and responses.
-    """
-    wrapped_openapi = app.openapi
-
-    def custom_openapi():
-        if app.openapi_schema:
-            return app.openapi_schema
-
-        openapi_schema = wrapped_openapi()
-
-        # Sort endpoints
-        openapi_schema["paths"] = dict(sorted(openapi_schema["paths"].items()))
-
-        # Sort endpoints -> methods
-        for p in openapi_schema["paths"].keys():
-            openapi_schema["paths"][p] = dict(
-                sorted(openapi_schema["paths"][p].items())
-            )
-
-            # Sort endpoints -> methods -> responses
-            for m in openapi_schema["paths"][p].keys():
-                openapi_schema["paths"][p][m]["responses"] = dict(
-                    sorted(openapi_schema["paths"][p][m]["responses"].items())
-                )
-
-        # Sort schemas and responses as well
-        for k in openapi_schema["components"].keys():
-            openapi_schema["components"][k] = dict(
-                sorted(openapi_schema["components"][k].items())
-            )
-
-        app.openapi_schema = openapi_schema
-        return openapi_schema
-
-    app.openapi = custom_openapi

autogpt_platform/backend/backend/app.py

@@ -36,10 +36,10 @@ def main(**kwargs):
     Run all the processes required for the AutoGPT-server (REST and WebSocket APIs).
     """
 
-    from backend.api.rest_api import AgentServer
-    from backend.api.ws_api import WebsocketServer
     from backend.executor import DatabaseManager, ExecutionManager, Scheduler
     from backend.notifications import NotificationManager
+    from backend.server.rest_api import AgentServer
+    from backend.server.ws_api import WebsocketServer
 
     run_processes(
         DatabaseManager().set_log_level("warning"),

autogpt_platform/backend/backend/blocks/ai_condition.py

@@ -1,7 +1,6 @@
 from typing import Any
 
 from backend.blocks.llm import (
-    DEFAULT_LLM_MODEL,
     TEST_CREDENTIALS,
     TEST_CREDENTIALS_INPUT,
     AIBlockBase,
@@ -50,7 +49,7 @@ class AIConditionBlock(AIBlockBase):
         )
         model: LlmModel = SchemaField(
             title="LLM Model",
-            default=DEFAULT_LLM_MODEL,
+            default=LlmModel.GPT4O,
             description="The language model to use for evaluating the condition.",
             advanced=False,
         )
@@ -82,7 +81,7 @@ class AIConditionBlock(AIBlockBase):
                 "condition": "the input is an email address",
                 "yes_value": "Valid email",
                 "no_value": "Not an email",
-                "model": DEFAULT_LLM_MODEL,
+                "model": LlmModel.GPT4O,
                 "credentials": TEST_CREDENTIALS_INPUT,
             },
             test_credentials=TEST_CREDENTIALS,

autogpt_platform/backend/backend/blocks/ai_shortform_video_block.py

@@ -20,7 +20,6 @@ from backend.data.model import (
     SchemaField,
 )
 from backend.integrations.providers import ProviderName
-from backend.util.exceptions import BlockExecutionError
 from backend.util.request import Requests
 
 TEST_CREDENTIALS = APIKeyCredentials(
@@ -247,11 +246,7 @@ class AIShortformVideoCreatorBlock(Block):
             await asyncio.sleep(10)
 
         logger.error("Video creation timed out")
-        raise BlockExecutionError(
-            message="Video creation timed out",
-            block_name=self.name,
-            block_id=self.id,
-        )
+        raise TimeoutError("Video creation timed out")
 
     def __init__(self):
         super().__init__(
@@ -427,11 +422,7 @@ class AIAdMakerVideoCreatorBlock(Block):
             await asyncio.sleep(10)
 
         logger.error("Video creation timed out")
-        raise BlockExecutionError(
-            message="Video creation timed out",
-            block_name=self.name,
-            block_id=self.id,
-        )
+        raise TimeoutError("Video creation timed out")
 
     def __init__(self):
         super().__init__(
@@ -608,11 +599,7 @@ class AIScreenshotToVideoAdBlock(Block):
             await asyncio.sleep(10)
 
         logger.error("Video creation timed out")
-        raise BlockExecutionError(
-            message="Video creation timed out",
-            block_name=self.name,
-            block_id=self.id,
-        )
+        raise TimeoutError("Video creation timed out")
 
     def __init__(self):
         super().__init__(

autogpt_platform/backend/backend/blocks/airtable/_webhook.py

@@ -6,9 +6,6 @@ import hashlib
 import hmac
 import logging
 from enum import Enum
-from typing import cast
-
-from prisma.types import Serializable
 
 from backend.sdk import (
     BaseWebhooksManager,
@@ -87,9 +84,7 @@ class AirtableWebhookManager(BaseWebhooksManager):
         # update webhook config
         await update_webhook(
             webhook.id,
-            config=cast(
-                dict[str, Serializable], {"base_id": base_id, "cursor": response.cursor}
-            ),
+            config={"base_id": base_id, "cursor": response.cursor},
         )
 
         event_type = "notification"

autogpt_platform/backend/backend/blocks/branching.py

@@ -106,10 +106,7 @@ class ConditionBlock(Block):
             ComparisonOperator.LESS_THAN_OR_EQUAL: lambda a, b: a <= b,
         }
 
-        try:
-            result = comparison_funcs[operator](value1, value2)
-        except Exception as e:
-            raise ValueError(f"Comparison failed: {e}") from e
+        result = comparison_funcs[operator](value1, value2)
 
         yield "result", result
 

autogpt_platform/backend/backend/blocks/dataforseo/related_keywords.py

@@ -182,10 +182,13 @@ class DataForSeoRelatedKeywordsBlock(Block):
             if results and len(results) > 0:
                 # results is a list, get the first element
                 first_result = results[0] if isinstance(results, list) else results
-                # Handle missing key, null value, or valid list value
-                if isinstance(first_result, dict):
-                    items = first_result.get("items") or []
-                else:
+                items = (
+                    first_result.get("items", [])
+                    if isinstance(first_result, dict)
+                    else []
+                )
+                # Ensure items is never None
+                if items is None:
                     items = []
                 for item in items:
                     # Extract keyword_data from the item

autogpt_platform/backend/backend/blocks/firecrawl/extract.py

@@ -15,7 +15,6 @@ from backend.sdk import (
     SchemaField,
     cost,
 )
-from backend.util.exceptions import BlockExecutionError
 
 from ._config import firecrawl
 
@@ -60,18 +59,11 @@ class FirecrawlExtractBlock(Block):
     ) -> BlockOutput:
         app = FirecrawlApp(api_key=credentials.api_key.get_secret_value())
 
-        try:
-            extract_result = app.extract(
-                urls=input_data.urls,
-                prompt=input_data.prompt,
-                schema=input_data.output_schema,
-                enable_web_search=input_data.enable_web_search,
-            )
-        except Exception as e:
-            raise BlockExecutionError(
-                message=f"Extract failed: {e}",
-                block_name=self.name,
-                block_id=self.id,
-            ) from e
+        extract_result = app.extract(
+            urls=input_data.urls,
+            prompt=input_data.prompt,
+            schema=input_data.output_schema,
+            enable_web_search=input_data.enable_web_search,
+        )
 
         yield "data", extract_result.data

autogpt_platform/backend/backend/blocks/flux_kontext.py

@@ -19,7 +19,6 @@ from backend.data.model import (
     SchemaField,
 )
 from backend.integrations.providers import ProviderName
-from backend.util.exceptions import ModerationError
 from backend.util.file import MediaFileType, store_media_file
 
 TEST_CREDENTIALS = APIKeyCredentials(
@@ -154,8 +153,6 @@ class AIImageEditorBlock(Block):
             ),
             aspect_ratio=input_data.aspect_ratio.value,
             seed=input_data.seed,
-            user_id=user_id,
-            graph_exec_id=graph_exec_id,
         )
         yield "output_image", result
 
@@ -167,8 +164,6 @@ class AIImageEditorBlock(Block):
         input_image_b64: Optional[str],
         aspect_ratio: str,
         seed: Optional[int],
-        user_id: str,
-        graph_exec_id: str,
     ) -> MediaFileType:
         client = ReplicateClient(api_token=api_key.get_secret_value())
         input_params = {
@@ -178,21 +173,11 @@ class AIImageEditorBlock(Block):
             **({"seed": seed} if seed is not None else {}),
         }
 
-        try:
-            output: FileOutput | list[FileOutput] = await client.async_run(  # type: ignore
-                model_name,
-                input=input_params,
-                wait=False,
-            )
-        except Exception as e:
-            if "flagged as sensitive" in str(e).lower():
-                raise ModerationError(
-                    message="Content was flagged as sensitive by the model provider",
-                    user_id=user_id,
-                    graph_exec_id=graph_exec_id,
-                    moderation_type="model_provider",
-                )
-            raise ValueError(f"Model execution failed: {e}") from e
+        output: FileOutput | list[FileOutput] = await client.async_run(  # type: ignore
+            model_name,
+            input=input_params,
+            wait=False,
+        )
 
         if isinstance(output, list) and output:
             output = output[0]

autogpt_platform/backend/backend/blocks/github/example_payloads/discussion.created.json

@@ -1,108 +0,0 @@
-{
-  "action": "created",
-  "discussion": {
-    "repository_url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT",
-    "category": {
-      "id": 12345678,
-      "node_id": "DIC_kwDOJKSTjM4CXXXX",
-      "repository_id": 614765452,
-      "emoji": ":pray:",
-      "name": "Q&A",
-      "description": "Ask the community for help",
-      "created_at": "2023-03-16T09:21:07Z",
-      "updated_at": "2023-03-16T09:21:07Z",
-      "slug": "q-a",
-      "is_answerable": true
-    },
-    "answer_html_url": null,
-    "answer_chosen_at": null,
-    "answer_chosen_by": null,
-    "html_url": "https://github.com/Significant-Gravitas/AutoGPT/discussions/9999",
-    "id": 5000000001,
-    "node_id": "D_kwDOJKSTjM4AYYYY",
-    "number": 9999,
-    "title": "How do I configure custom blocks?",
-    "user": {
-      "login": "curious-user",
-      "id": 22222222,
-      "node_id": "MDQ6VXNlcjIyMjIyMjIy",
-      "avatar_url": "https://avatars.githubusercontent.com/u/22222222?v=4",
-      "url": "https://api.github.com/users/curious-user",
-      "html_url": "https://github.com/curious-user",
-      "type": "User",
-      "site_admin": false
-    },
-    "state": "open",
-    "state_reason": null,
-    "locked": false,
-    "comments": 0,
-    "created_at": "2024-12-01T17:00:00Z",
-    "updated_at": "2024-12-01T17:00:00Z",
-    "author_association": "NONE",
-    "active_lock_reason": null,
-    "body": "## Question\n\nI'm trying to create a custom block for my specific use case. I've read the documentation but I'm not sure how to:\n\n1. Define the input/output schema\n2. Handle authentication\n3. Test my block locally\n\nCan someone point me to examples or provide guidance?\n\n## Environment\n\n- AutoGPT Platform version: latest\n- Python: 3.11",
-    "reactions": {
-      "url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/discussions/9999/reactions",
-      "total_count": 0,
-      "+1": 0,
-      "-1": 0,
-      "laugh": 0,
-      "hooray": 0,
-      "confused": 0,
-      "heart": 0,
-      "rocket": 0,
-      "eyes": 0
-    },
-    "timeline_url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/discussions/9999/timeline"
-  },
-  "repository": {
-    "id": 614765452,
-    "node_id": "R_kgDOJKSTjA",
-    "name": "AutoGPT",
-    "full_name": "Significant-Gravitas/AutoGPT",
-    "private": false,
-    "owner": {
-      "login": "Significant-Gravitas",
-      "id": 130738209,
-      "node_id": "O_kgDOB8roIQ",
-      "avatar_url": "https://avatars.githubusercontent.com/u/130738209?v=4",
-      "url": "https://api.github.com/users/Significant-Gravitas",
-      "html_url": "https://github.com/Significant-Gravitas",
-      "type": "Organization",
-      "site_admin": false
-    },
-    "html_url": "https://github.com/Significant-Gravitas/AutoGPT",
-    "description": "AutoGPT is the vision of accessible AI for everyone, to use and to build on.",
-    "fork": false,
-    "url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT",
-    "created_at": "2023-03-16T09:21:07Z",
-    "updated_at": "2024-12-01T17:00:00Z",
-    "pushed_at": "2024-12-01T12:00:00Z",
-    "stargazers_count": 170000,
-    "watchers_count": 170000,
-    "language": "Python",
-    "has_discussions": true,
-    "forks_count": 45000,
-    "visibility": "public",
-    "default_branch": "master"
-  },
-  "organization": {
-    "login": "Significant-Gravitas",
-    "id": 130738209,
-    "node_id": "O_kgDOB8roIQ",
-    "url": "https://api.github.com/orgs/Significant-Gravitas",
-    "avatar_url": "https://avatars.githubusercontent.com/u/130738209?v=4",
-    "description": ""
-  },
-  "sender": {
-    "login": "curious-user",
-    "id": 22222222,
-    "node_id": "MDQ6VXNlcjIyMjIyMjIy",
-    "avatar_url": "https://avatars.githubusercontent.com/u/22222222?v=4",
-    "gravatar_id": "",
-    "url": "https://api.github.com/users/curious-user",
-    "html_url": "https://github.com/curious-user",
-    "type": "User",
-    "site_admin": false
-  }
-}

autogpt_platform/backend/backend/blocks/github/example_payloads/issues.opened.json

@@ -1,112 +0,0 @@
-{
-  "action": "opened",
-  "issue": {
-    "url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/issues/12345",
-    "repository_url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT",
-    "labels_url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/issues/12345/labels{/name}",
-    "comments_url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/issues/12345/comments",
-    "events_url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/issues/12345/events",
-    "html_url": "https://github.com/Significant-Gravitas/AutoGPT/issues/12345",
-    "id": 2000000001,
-    "node_id": "I_kwDOJKSTjM5wXXXX",
-    "number": 12345,
-    "title": "Bug: Application crashes when processing large files",
-    "user": {
-      "login": "bug-reporter",
-      "id": 11111111,
-      "node_id": "MDQ6VXNlcjExMTExMTEx",
-      "avatar_url": "https://avatars.githubusercontent.com/u/11111111?v=4",
-      "url": "https://api.github.com/users/bug-reporter",
-      "html_url": "https://github.com/bug-reporter",
-      "type": "User",
-      "site_admin": false
-    },
-    "labels": [
-      {
-        "id": 5272676214,
-        "node_id": "LA_kwDOJKSTjM8AAAABOkandg",
-        "url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/labels/bug",
-        "name": "bug",
-        "color": "d73a4a",
-        "default": true,
-        "description": "Something isn't working"
-      }
-    ],
-    "state": "open",
-    "locked": false,
-    "assignee": null,
-    "assignees": [],
-    "milestone": null,
-    "comments": 0,
-    "created_at": "2024-12-01T16:00:00Z",
-    "updated_at": "2024-12-01T16:00:00Z",
-    "closed_at": null,
-    "author_association": "NONE",
-    "active_lock_reason": null,
-    "body": "## Description\n\nWhen I try to process a file larger than 100MB, the application crashes with an out of memory error.\n\n## Steps to Reproduce\n\n1. Open the application\n2. Select a file larger than 100MB\n3. Click 'Process'\n4. Application crashes\n\n## Expected Behavior\n\nThe application should handle large files gracefully.\n\n## Environment\n\n- OS: Ubuntu 22.04\n- Python: 3.11\n- AutoGPT Version: 1.0.0",
-    "reactions": {
-      "url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/issues/12345/reactions",
-      "total_count": 0,
-      "+1": 0,
-      "-1": 0,
-      "laugh": 0,
-      "hooray": 0,
-      "confused": 0,
-      "heart": 0,
-      "rocket": 0,
-      "eyes": 0
-    },
-    "timeline_url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/issues/12345/timeline",
-    "state_reason": null
-  },
-  "repository": {
-    "id": 614765452,
-    "node_id": "R_kgDOJKSTjA",
-    "name": "AutoGPT",
-    "full_name": "Significant-Gravitas/AutoGPT",
-    "private": false,
-    "owner": {
-      "login": "Significant-Gravitas",
-      "id": 130738209,
-      "node_id": "O_kgDOB8roIQ",
-      "avatar_url": "https://avatars.githubusercontent.com/u/130738209?v=4",
-      "url": "https://api.github.com/users/Significant-Gravitas",
-      "html_url": "https://github.com/Significant-Gravitas",
-      "type": "Organization",
-      "site_admin": false
-    },
-    "html_url": "https://github.com/Significant-Gravitas/AutoGPT",
-    "description": "AutoGPT is the vision of accessible AI for everyone, to use and to build on.",
-    "fork": false,
-    "url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT",
-    "created_at": "2023-03-16T09:21:07Z",
-    "updated_at": "2024-12-01T16:00:00Z",
-    "pushed_at": "2024-12-01T12:00:00Z",
-    "stargazers_count": 170000,
-    "watchers_count": 170000,
-    "language": "Python",
-    "forks_count": 45000,
-    "open_issues_count": 190,
-    "visibility": "public",
-    "default_branch": "master"
-  },
-  "organization": {
-    "login": "Significant-Gravitas",
-    "id": 130738209,
-    "node_id": "O_kgDOB8roIQ",
-    "url": "https://api.github.com/orgs/Significant-Gravitas",
-    "avatar_url": "https://avatars.githubusercontent.com/u/130738209?v=4",
-    "description": ""
-  },
-  "sender": {
-    "login": "bug-reporter",
-    "id": 11111111,
-    "node_id": "MDQ6VXNlcjExMTExMTEx",
-    "avatar_url": "https://avatars.githubusercontent.com/u/11111111?v=4",
-    "gravatar_id": "",
-    "url": "https://api.github.com/users/bug-reporter",
-    "html_url": "https://github.com/bug-reporter",
-    "type": "User",
-    "site_admin": false
-  }
-}

autogpt_platform/backend/backend/blocks/github/example_payloads/release.published.json

@@ -1,97 +0,0 @@
-{
-  "action": "published",
-  "release": {
-    "url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/releases/123456789",
-    "assets_url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/releases/123456789/assets",
-    "upload_url": "https://uploads.github.com/repos/Significant-Gravitas/AutoGPT/releases/123456789/assets{?name,label}",
-    "html_url": "https://github.com/Significant-Gravitas/AutoGPT/releases/tag/v1.0.0",
-    "id": 123456789,
-    "author": {
-      "login": "ntindle",
-      "id": 12345678,
-      "node_id": "MDQ6VXNlcjEyMzQ1Njc4",
-      "avatar_url": "https://avatars.githubusercontent.com/u/12345678?v=4",
-      "gravatar_id": "",
-      "url": "https://api.github.com/users/ntindle",
-      "html_url": "https://github.com/ntindle",
-      "type": "User",
-      "site_admin": false
-    },
-    "node_id": "RE_kwDOJKSTjM4HWwAA",
-    "tag_name": "v1.0.0",
-    "target_commitish": "master",
-    "name": "AutoGPT Platform v1.0.0",
-    "draft": false,
-    "prerelease": false,
-    "created_at": "2024-12-01T10:00:00Z",
-    "published_at": "2024-12-01T12:00:00Z",
-    "assets": [
-      {
-        "url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/releases/assets/987654321",
-        "id": 987654321,
-        "node_id": "RA_kwDOJKSTjM4HWwBB",
-        "name": "autogpt-v1.0.0.zip",
-        "label": "Release Package",
-        "content_type": "application/zip",
-        "state": "uploaded",
-        "size": 52428800,
-        "download_count": 0,
-        "created_at": "2024-12-01T11:30:00Z",
-        "updated_at": "2024-12-01T11:35:00Z",
-        "browser_download_url": "https://github.com/Significant-Gravitas/AutoGPT/releases/download/v1.0.0/autogpt-v1.0.0.zip"
-      }
-    ],
-    "tarball_url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/tarball/v1.0.0",
-    "zipball_url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT/zipball/v1.0.0",
-    "body": "## What's New\n\n- Feature 1: Amazing new capability\n- Feature 2: Performance improvements\n- Bug fixes and stability improvements\n\n## Breaking Changes\n\nNone\n\n## Contributors\n\nThanks to all our contributors!"
-  },
-  "repository": {
-    "id": 614765452,
-    "node_id": "R_kgDOJKSTjA",
-    "name": "AutoGPT",
-    "full_name": "Significant-Gravitas/AutoGPT",
-    "private": false,
-    "owner": {
-      "login": "Significant-Gravitas",
-      "id": 130738209,
-      "node_id": "O_kgDOB8roIQ",
-      "avatar_url": "https://avatars.githubusercontent.com/u/130738209?v=4",
-      "url": "https://api.github.com/users/Significant-Gravitas",
-      "html_url": "https://github.com/Significant-Gravitas",
-      "type": "Organization",
-      "site_admin": false
-    },
-    "html_url": "https://github.com/Significant-Gravitas/AutoGPT",
-    "description": "AutoGPT is the vision of accessible AI for everyone, to use and to build on.",
-    "fork": false,
-    "url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT",
-    "created_at": "2023-03-16T09:21:07Z",
-    "updated_at": "2024-12-01T12:00:00Z",
-    "pushed_at": "2024-12-01T12:00:00Z",
-    "stargazers_count": 170000,
-    "watchers_count": 170000,
-    "language": "Python",
-    "forks_count": 45000,
-    "visibility": "public",
-    "default_branch": "master"
-  },
-  "organization": {
-    "login": "Significant-Gravitas",
-    "id": 130738209,
-    "node_id": "O_kgDOB8roIQ",
-    "url": "https://api.github.com/orgs/Significant-Gravitas",
-    "avatar_url": "https://avatars.githubusercontent.com/u/130738209?v=4",
-    "description": ""
-  },
-  "sender": {
-    "login": "ntindle",
-    "id": 12345678,
-    "node_id": "MDQ6VXNlcjEyMzQ1Njc4",
-    "avatar_url": "https://avatars.githubusercontent.com/u/12345678?v=4",
-    "gravatar_id": "",
-    "url": "https://api.github.com/users/ntindle",
-    "html_url": "https://github.com/ntindle",
-    "type": "User",
-    "site_admin": false
-  }
-}

autogpt_platform/backend/backend/blocks/github/example_payloads/star.created.json

@@ -1,53 +0,0 @@
-{
-  "action": "created",
-  "starred_at": "2024-12-01T15:30:00Z",
-  "repository": {
-    "id": 614765452,
-    "node_id": "R_kgDOJKSTjA",
-    "name": "AutoGPT",
-    "full_name": "Significant-Gravitas/AutoGPT",
-    "private": false,
-    "owner": {
-      "login": "Significant-Gravitas",
-      "id": 130738209,
-      "node_id": "O_kgDOB8roIQ",
-      "avatar_url": "https://avatars.githubusercontent.com/u/130738209?v=4",
-      "url": "https://api.github.com/users/Significant-Gravitas",
-      "html_url": "https://github.com/Significant-Gravitas",
-      "type": "Organization",
-      "site_admin": false
-    },
-    "html_url": "https://github.com/Significant-Gravitas/AutoGPT",
-    "description": "AutoGPT is the vision of accessible AI for everyone, to use and to build on.",
-    "fork": false,
-    "url": "https://api.github.com/repos/Significant-Gravitas/AutoGPT",
-    "created_at": "2023-03-16T09:21:07Z",
-    "updated_at": "2024-12-01T15:30:00Z",
-    "pushed_at": "2024-12-01T12:00:00Z",
-    "stargazers_count": 170001,
-    "watchers_count": 170001,
-    "language": "Python",
-    "forks_count": 45000,
-    "visibility": "public",
-    "default_branch": "master"
-  },
-  "organization": {
-    "login": "Significant-Gravitas",
-    "id": 130738209,
-    "node_id": "O_kgDOB8roIQ",
-    "url": "https://api.github.com/orgs/Significant-Gravitas",
-    "avatar_url": "https://avatars.githubusercontent.com/u/130738209?v=4",
-    "description": ""
-  },
-  "sender": {
-    "login": "awesome-contributor",
-    "id": 98765432,
-    "node_id": "MDQ6VXNlcjk4NzY1NDMy",
-    "avatar_url": "https://avatars.githubusercontent.com/u/98765432?v=4",
-    "gravatar_id": "",
-    "url": "https://api.github.com/users/awesome-contributor",
-    "html_url": "https://github.com/awesome-contributor",
-    "type": "User",
-    "site_admin": false
-  }
-}

autogpt_platform/backend/backend/blocks/github/triggers.py

@@ -159,391 +159,3 @@ class GithubPullRequestTriggerBlock(GitHubTriggerBase, Block):
 
 
 # --8<-- [end:GithubTriggerExample]
-
-
-class GithubStarTriggerBlock(GitHubTriggerBase, Block):
-    """Trigger block for GitHub star events - useful for milestone celebrations."""
-
-    EXAMPLE_PAYLOAD_FILE = (
-        Path(__file__).parent / "example_payloads" / "star.created.json"
-    )
-
-    class Input(GitHubTriggerBase.Input):
-        class EventsFilter(BaseModel):
-            """
-            https://docs.github.com/en/webhooks/webhook-events-and-payloads#star
-            """
-
-            created: bool = False
-            deleted: bool = False
-
-        events: EventsFilter = SchemaField(
-            title="Events", description="The star events to subscribe to"
-        )
-
-    class Output(GitHubTriggerBase.Output):
-        event: str = SchemaField(
-            description="The star event that triggered the webhook ('created' or 'deleted')"
-        )
-        starred_at: str = SchemaField(
-            description="ISO timestamp when the repo was starred (empty if deleted)"
-        )
-        stargazers_count: int = SchemaField(
-            description="Current number of stars on the repository"
-        )
-        repository_name: str = SchemaField(
-            description="Full name of the repository (owner/repo)"
-        )
-        repository_url: str = SchemaField(description="URL to the repository")
-
-    def __init__(self):
-        from backend.integrations.webhooks.github import GithubWebhookType
-
-        example_payload = json.loads(
-            self.EXAMPLE_PAYLOAD_FILE.read_text(encoding="utf-8")
-        )
-
-        super().__init__(
-            id="551e0a35-100b-49b7-89b8-3031322239b6",
-            description="This block triggers on GitHub star events. "
-            "Useful for celebrating milestones (e.g., 1k, 10k stars) or tracking engagement.",
-            categories={BlockCategory.DEVELOPER_TOOLS, BlockCategory.INPUT},
-            input_schema=GithubStarTriggerBlock.Input,
-            output_schema=GithubStarTriggerBlock.Output,
-            webhook_config=BlockWebhookConfig(
-                provider=ProviderName.GITHUB,
-                webhook_type=GithubWebhookType.REPO,
-                resource_format="{repo}",
-                event_filter_input="events",
-                event_format="star.{event}",
-            ),
-            test_input={
-                "repo": "Significant-Gravitas/AutoGPT",
-                "events": {"created": True},
-                "credentials": TEST_CREDENTIALS_INPUT,
-                "payload": example_payload,
-            },
-            test_credentials=TEST_CREDENTIALS,
-            test_output=[
-                ("payload", example_payload),
-                ("triggered_by_user", example_payload["sender"]),
-                ("event", example_payload["action"]),
-                ("starred_at", example_payload.get("starred_at", "")),
-                ("stargazers_count", example_payload["repository"]["stargazers_count"]),
-                ("repository_name", example_payload["repository"]["full_name"]),
-                ("repository_url", example_payload["repository"]["html_url"]),
-            ],
-        )
-
-    async def run(self, input_data: Input, **kwargs) -> BlockOutput:  # type: ignore
-        async for name, value in super().run(input_data, **kwargs):
-            yield name, value
-        yield "event", input_data.payload["action"]
-        yield "starred_at", input_data.payload.get("starred_at", "")
-        yield "stargazers_count", input_data.payload["repository"]["stargazers_count"]
-        yield "repository_name", input_data.payload["repository"]["full_name"]
-        yield "repository_url", input_data.payload["repository"]["html_url"]
-
-
-class GithubReleaseTriggerBlock(GitHubTriggerBase, Block):
-    """Trigger block for GitHub release events - ideal for announcing new versions."""
-
-    EXAMPLE_PAYLOAD_FILE = (
-        Path(__file__).parent / "example_payloads" / "release.published.json"
-    )
-
-    class Input(GitHubTriggerBase.Input):
-        class EventsFilter(BaseModel):
-            """
-            https://docs.github.com/en/webhooks/webhook-events-and-payloads#release
-            """
-
-            published: bool = False
-            unpublished: bool = False
-            created: bool = False
-            edited: bool = False
-            deleted: bool = False
-            prereleased: bool = False
-            released: bool = False
-
-        events: EventsFilter = SchemaField(
-            title="Events", description="The release events to subscribe to"
-        )
-
-    class Output(GitHubTriggerBase.Output):
-        event: str = SchemaField(
-            description="The release event that triggered the webhook (e.g., 'published')"
-        )
-        release: dict = SchemaField(description="The full release object")
-        release_url: str = SchemaField(description="URL to the release page")
-        tag_name: str = SchemaField(description="The release tag name (e.g., 'v1.0.0')")
-        release_name: str = SchemaField(description="Human-readable release name")
-        body: str = SchemaField(description="Release notes/description")
-        prerelease: bool = SchemaField(description="Whether this is a prerelease")
-        draft: bool = SchemaField(description="Whether this is a draft release")
-        assets: list = SchemaField(description="List of release assets/files")
-
-    def __init__(self):
-        from backend.integrations.webhooks.github import GithubWebhookType
-
-        example_payload = json.loads(
-            self.EXAMPLE_PAYLOAD_FILE.read_text(encoding="utf-8")
-        )
-
-        super().__init__(
-            id="2052dd1b-74e1-46ac-9c87-c7a0e057b60b",
-            description="This block triggers on GitHub release events. "
-            "Perfect for automating announcements to Discord, Twitter, or other platforms.",
-            categories={BlockCategory.DEVELOPER_TOOLS, BlockCategory.INPUT},
-            input_schema=GithubReleaseTriggerBlock.Input,
-            output_schema=GithubReleaseTriggerBlock.Output,
-            webhook_config=BlockWebhookConfig(
-                provider=ProviderName.GITHUB,
-                webhook_type=GithubWebhookType.REPO,
-                resource_format="{repo}",
-                event_filter_input="events",
-                event_format="release.{event}",
-            ),
-            test_input={
-                "repo": "Significant-Gravitas/AutoGPT",
-                "events": {"published": True},
-                "credentials": TEST_CREDENTIALS_INPUT,
-                "payload": example_payload,
-            },
-            test_credentials=TEST_CREDENTIALS,
-            test_output=[
-                ("payload", example_payload),
-                ("triggered_by_user", example_payload["sender"]),
-                ("event", example_payload["action"]),
-                ("release", example_payload["release"]),
-                ("release_url", example_payload["release"]["html_url"]),
-                ("tag_name", example_payload["release"]["tag_name"]),
-                ("release_name", example_payload["release"]["name"]),
-                ("body", example_payload["release"]["body"]),
-                ("prerelease", example_payload["release"]["prerelease"]),
-                ("draft", example_payload["release"]["draft"]),
-                ("assets", example_payload["release"]["assets"]),
-            ],
-        )
-
-    async def run(self, input_data: Input, **kwargs) -> BlockOutput:  # type: ignore
-        async for name, value in super().run(input_data, **kwargs):
-            yield name, value
-        release = input_data.payload["release"]
-        yield "event", input_data.payload["action"]
-        yield "release", release
-        yield "release_url", release["html_url"]
-        yield "tag_name", release["tag_name"]
-        yield "release_name", release.get("name", "")
-        yield "body", release.get("body", "")
-        yield "prerelease", release["prerelease"]
-        yield "draft", release["draft"]
-        yield "assets", release["assets"]
-
-
-class GithubIssuesTriggerBlock(GitHubTriggerBase, Block):
-    """Trigger block for GitHub issues events - great for triage and notifications."""
-
-    EXAMPLE_PAYLOAD_FILE = (
-        Path(__file__).parent / "example_payloads" / "issues.opened.json"
-    )
-
-    class Input(GitHubTriggerBase.Input):
-        class EventsFilter(BaseModel):
-            """
-            https://docs.github.com/en/webhooks/webhook-events-and-payloads#issues
-            """
-
-            opened: bool = False
-            edited: bool = False
-            deleted: bool = False
-            closed: bool = False
-            reopened: bool = False
-            assigned: bool = False
-            unassigned: bool = False
-            labeled: bool = False
-            unlabeled: bool = False
-            locked: bool = False
-            unlocked: bool = False
-            transferred: bool = False
-            milestoned: bool = False
-            demilestoned: bool = False
-            pinned: bool = False
-            unpinned: bool = False
-
-        events: EventsFilter = SchemaField(
-            title="Events", description="The issue events to subscribe to"
-        )
-
-    class Output(GitHubTriggerBase.Output):
-        event: str = SchemaField(
-            description="The issue event that triggered the webhook (e.g., 'opened')"
-        )
-        number: int = SchemaField(description="The issue number")
-        issue: dict = SchemaField(description="The full issue object")
-        issue_url: str = SchemaField(description="URL to the issue")
-        issue_title: str = SchemaField(description="The issue title")
-        issue_body: str = SchemaField(description="The issue body/description")
-        labels: list = SchemaField(description="List of labels on the issue")
-        assignees: list = SchemaField(description="List of assignees")
-        state: str = SchemaField(description="Issue state ('open' or 'closed')")
-
-    def __init__(self):
-        from backend.integrations.webhooks.github import GithubWebhookType
-
-        example_payload = json.loads(
-            self.EXAMPLE_PAYLOAD_FILE.read_text(encoding="utf-8")
-        )
-
-        super().__init__(
-            id="b2605464-e486-4bf4-aad3-d8a213c8a48a",
-            description="This block triggers on GitHub issues events. "
-            "Useful for automated triage, notifications, and welcoming first-time contributors.",
-            categories={BlockCategory.DEVELOPER_TOOLS, BlockCategory.INPUT},
-            input_schema=GithubIssuesTriggerBlock.Input,
-            output_schema=GithubIssuesTriggerBlock.Output,
-            webhook_config=BlockWebhookConfig(
-                provider=ProviderName.GITHUB,
-                webhook_type=GithubWebhookType.REPO,
-                resource_format="{repo}",
-                event_filter_input="events",
-                event_format="issues.{event}",
-            ),
-            test_input={
-                "repo": "Significant-Gravitas/AutoGPT",
-                "events": {"opened": True},
-                "credentials": TEST_CREDENTIALS_INPUT,
-                "payload": example_payload,
-            },
-            test_credentials=TEST_CREDENTIALS,
-            test_output=[
-                ("payload", example_payload),
-                ("triggered_by_user", example_payload["sender"]),
-                ("event", example_payload["action"]),
-                ("number", example_payload["issue"]["number"]),
-                ("issue", example_payload["issue"]),
-                ("issue_url", example_payload["issue"]["html_url"]),
-                ("issue_title", example_payload["issue"]["title"]),
-                ("issue_body", example_payload["issue"]["body"]),
-                ("labels", example_payload["issue"]["labels"]),
-                ("assignees", example_payload["issue"]["assignees"]),
-                ("state", example_payload["issue"]["state"]),
-            ],
-        )
-
-    async def run(self, input_data: Input, **kwargs) -> BlockOutput:  # type: ignore
-        async for name, value in super().run(input_data, **kwargs):
-            yield name, value
-        issue = input_data.payload["issue"]
-        yield "event", input_data.payload["action"]
-        yield "number", issue["number"]
-        yield "issue", issue
-        yield "issue_url", issue["html_url"]
-        yield "issue_title", issue["title"]
-        yield "issue_body", issue.get("body") or ""
-        yield "labels", issue["labels"]
-        yield "assignees", issue["assignees"]
-        yield "state", issue["state"]
-
-
-class GithubDiscussionTriggerBlock(GitHubTriggerBase, Block):
-    """Trigger block for GitHub discussion events - perfect for community Q&A sync."""
-
-    EXAMPLE_PAYLOAD_FILE = (
-        Path(__file__).parent / "example_payloads" / "discussion.created.json"
-    )
-
-    class Input(GitHubTriggerBase.Input):
-        class EventsFilter(BaseModel):
-            """
-            https://docs.github.com/en/webhooks/webhook-events-and-payloads#discussion
-            """
-
-            created: bool = False
-            edited: bool = False
-            deleted: bool = False
-            answered: bool = False
-            unanswered: bool = False
-            labeled: bool = False
-            unlabeled: bool = False
-            locked: bool = False
-            unlocked: bool = False
-            category_changed: bool = False
-            transferred: bool = False
-            pinned: bool = False
-            unpinned: bool = False
-
-        events: EventsFilter = SchemaField(
-            title="Events", description="The discussion events to subscribe to"
-        )
-
-    class Output(GitHubTriggerBase.Output):
-        event: str = SchemaField(
-            description="The discussion event that triggered the webhook"
-        )
-        number: int = SchemaField(description="The discussion number")
-        discussion: dict = SchemaField(description="The full discussion object")
-        discussion_url: str = SchemaField(description="URL to the discussion")
-        title: str = SchemaField(description="The discussion title")
-        body: str = SchemaField(description="The discussion body")
-        category: dict = SchemaField(description="The discussion category object")
-        category_name: str = SchemaField(description="Name of the category")
-        state: str = SchemaField(description="Discussion state")
-
-    def __init__(self):
-        from backend.integrations.webhooks.github import GithubWebhookType
-
-        example_payload = json.loads(
-            self.EXAMPLE_PAYLOAD_FILE.read_text(encoding="utf-8")
-        )
-
-        super().__init__(
-            id="87f847b3-d81a-424e-8e89-acadb5c9d52b",
-            description="This block triggers on GitHub Discussions events. "
-            "Great for syncing Q&A to Discord or auto-responding to common questions. "
-            "Note: Discussions must be enabled on the repository.",
-            categories={BlockCategory.DEVELOPER_TOOLS, BlockCategory.INPUT},
-            input_schema=GithubDiscussionTriggerBlock.Input,
-            output_schema=GithubDiscussionTriggerBlock.Output,
-            webhook_config=BlockWebhookConfig(
-                provider=ProviderName.GITHUB,
-                webhook_type=GithubWebhookType.REPO,
-                resource_format="{repo}",
-                event_filter_input="events",
-                event_format="discussion.{event}",
-            ),
-            test_input={
-                "repo": "Significant-Gravitas/AutoGPT",
-                "events": {"created": True},
-                "credentials": TEST_CREDENTIALS_INPUT,
-                "payload": example_payload,
-            },
-            test_credentials=TEST_CREDENTIALS,
-            test_output=[
-                ("payload", example_payload),
-                ("triggered_by_user", example_payload["sender"]),
-                ("event", example_payload["action"]),
-                ("number", example_payload["discussion"]["number"]),
-                ("discussion", example_payload["discussion"]),
-                ("discussion_url", example_payload["discussion"]["html_url"]),
-                ("title", example_payload["discussion"]["title"]),
-                ("body", example_payload["discussion"]["body"]),
-                ("category", example_payload["discussion"]["category"]),
-                ("category_name", example_payload["discussion"]["category"]["name"]),
-                ("state", example_payload["discussion"]["state"]),
-            ],
-        )
-
-    async def run(self, input_data: Input, **kwargs) -> BlockOutput:  # type: ignore
-        async for name, value in super().run(input_data, **kwargs):
-            yield name, value
-        discussion = input_data.payload["discussion"]
-        yield "event", input_data.payload["action"]
-        yield "number", discussion["number"]
-        yield "discussion", discussion
-        yield "discussion_url", discussion["html_url"]
-        yield "title", discussion["title"]
-        yield "body", discussion.get("body") or ""
-        yield "category", discussion["category"]
-        yield "category_name", discussion["category"]["name"]
-        yield "state", discussion["state"]

autogpt_platform/backend/backend/blocks/helpers/review.py

@@ -1,184 +0,0 @@
-"""
-Shared helpers for Human-In-The-Loop (HITL) review functionality.
-Used by both the dedicated HumanInTheLoopBlock and blocks that require human review.
-"""
-
-import logging
-from typing import Any, Optional
-
-from prisma.enums import ReviewStatus
-from pydantic import BaseModel
-
-from backend.data.execution import ExecutionContext, ExecutionStatus
-from backend.data.human_review import ReviewResult
-from backend.executor.manager import async_update_node_execution_status
-from backend.util.clients import get_database_manager_async_client
-
-logger = logging.getLogger(__name__)
-
-
-class ReviewDecision(BaseModel):
-    """Result of a review decision."""
-
-    should_proceed: bool
-    message: str
-    review_result: ReviewResult
-
-
-class HITLReviewHelper:
-    """Helper class for Human-In-The-Loop review operations."""
-
-    @staticmethod
-    async def get_or_create_human_review(**kwargs) -> Optional[ReviewResult]:
-        """Create or retrieve a human review from the database."""
-        return await get_database_manager_async_client().get_or_create_human_review(
-            **kwargs
-        )
-
-    @staticmethod
-    async def update_node_execution_status(**kwargs) -> None:
-        """Update the execution status of a node."""
-        await async_update_node_execution_status(
-            db_client=get_database_manager_async_client(), **kwargs
-        )
-
-    @staticmethod
-    async def update_review_processed_status(
-        node_exec_id: str, processed: bool
-    ) -> None:
-        """Update the processed status of a review."""
-        return await get_database_manager_async_client().update_review_processed_status(
-            node_exec_id, processed
-        )
-
-    @staticmethod
-    async def _handle_review_request(
-        input_data: Any,
-        user_id: str,
-        node_exec_id: str,
-        graph_exec_id: str,
-        graph_id: str,
-        graph_version: int,
-        execution_context: ExecutionContext,
-        block_name: str = "Block",
-        editable: bool = False,
-    ) -> Optional[ReviewResult]:
-        """
-        Handle a review request for a block that requires human review.
-
-        Args:
-            input_data: The input data to be reviewed
-            user_id: ID of the user requesting the review
-            node_exec_id: ID of the node execution
-            graph_exec_id: ID of the graph execution
-            graph_id: ID of the graph
-            graph_version: Version of the graph
-            execution_context: Current execution context
-            block_name: Name of the block requesting review
-            editable: Whether the reviewer can edit the data
-
-        Returns:
-            ReviewResult if review is complete, None if waiting for human input
-
-        Raises:
-            Exception: If review creation or status update fails
-        """
-        # Skip review if safe mode is disabled - return auto-approved result
-        if not execution_context.safe_mode:
-            logger.info(
-                f"Block {block_name} skipping review for node {node_exec_id} - safe mode disabled"
-            )
-            return ReviewResult(
-                data=input_data,
-                status=ReviewStatus.APPROVED,
-                message="Auto-approved (safe mode disabled)",
-                processed=True,
-                node_exec_id=node_exec_id,
-            )
-
-        result = await HITLReviewHelper.get_or_create_human_review(
-            user_id=user_id,
-            node_exec_id=node_exec_id,
-            graph_exec_id=graph_exec_id,
-            graph_id=graph_id,
-            graph_version=graph_version,
-            input_data=input_data,
-            message=f"Review required for {block_name} execution",
-            editable=editable,
-        )
-
-        if result is None:
-            logger.info(
-                f"Block {block_name} pausing execution for node {node_exec_id} - awaiting human review"
-            )
-            await HITLReviewHelper.update_node_execution_status(
-                exec_id=node_exec_id,
-                status=ExecutionStatus.REVIEW,
-            )
-            return None  # Signal that execution should pause
-
-        # Mark review as processed if not already done
-        if not result.processed:
-            await HITLReviewHelper.update_review_processed_status(
-                node_exec_id=node_exec_id, processed=True
-            )
-
-        return result
-
-    @staticmethod
-    async def handle_review_decision(
-        input_data: Any,
-        user_id: str,
-        node_exec_id: str,
-        graph_exec_id: str,
-        graph_id: str,
-        graph_version: int,
-        execution_context: ExecutionContext,
-        block_name: str = "Block",
-        editable: bool = False,
-    ) -> Optional[ReviewDecision]:
-        """
-        Handle a review request and return the decision in a single call.
-
-        Args:
-            input_data: The input data to be reviewed
-            user_id: ID of the user requesting the review
-            node_exec_id: ID of the node execution
-            graph_exec_id: ID of the graph execution
-            graph_id: ID of the graph
-            graph_version: Version of the graph
-            execution_context: Current execution context
-            block_name: Name of the block requesting review
-            editable: Whether the reviewer can edit the data
-
-        Returns:
-            ReviewDecision if review is complete (approved/rejected),
-            None if execution should pause (awaiting review)
-        """
-        review_result = await HITLReviewHelper._handle_review_request(
-            input_data=input_data,
-            user_id=user_id,
-            node_exec_id=node_exec_id,
-            graph_exec_id=graph_exec_id,
-            graph_id=graph_id,
-            graph_version=graph_version,
-            execution_context=execution_context,
-            block_name=block_name,
-            editable=editable,
-        )
-
-        if review_result is None:
-            # Still awaiting review - return None to pause execution
-            return None
-
-        # Review is complete, determine outcome
-        should_proceed = review_result.status == ReviewStatus.APPROVED
-        message = review_result.message or (
-            "Execution approved by reviewer"
-            if should_proceed
-            else "Execution rejected by reviewer"
-        )
-
-        return ReviewDecision(
-            should_proceed=should_proceed, message=message, review_result=review_result
-        )

autogpt_platform/backend/backend/blocks/human_in_the_loop.py

@@ -1,9 +1,8 @@
 import logging
-from typing import Any
+from typing import Any, Literal
 
 from prisma.enums import ReviewStatus
 
-from backend.blocks.helpers.review import HITLReviewHelper
 from backend.data.block import (
     Block,
     BlockCategory,
@@ -12,9 +11,11 @@ from backend.data.block import (
     BlockSchemaOutput,
     BlockType,
 )
-from backend.data.execution import ExecutionContext
+from backend.data.execution import ExecutionContext, ExecutionStatus
 from backend.data.human_review import ReviewResult
 from backend.data.model import SchemaField
+from backend.executor.manager import async_update_node_execution_status
+from backend.util.clients import get_database_manager_async_client
 
 logger = logging.getLogger(__name__)
 
@@ -44,11 +45,11 @@ class HumanInTheLoopBlock(Block):
         )
 
     class Output(BlockSchemaOutput):
-        approved_data: Any = SchemaField(
-            description="The data when approved (may be modified by reviewer)"
+        reviewed_data: Any = SchemaField(
+            description="The data after human review (may be modified)"
         )
-        rejected_data: Any = SchemaField(
-            description="The data when rejected (may be modified by reviewer)"
+        status: Literal["approved", "rejected"] = SchemaField(
+            description="Status of the review: 'approved' or 'rejected'"
         )
         review_message: str = SchemaField(
             description="Any message provided by the reviewer", default=""
@@ -68,29 +69,36 @@ class HumanInTheLoopBlock(Block):
                 "editable": True,
             },
             test_output=[
-                ("approved_data", {"name": "John Doe", "age": 30}),
+                ("status", "approved"),
+                ("reviewed_data", {"name": "John Doe", "age": 30}),
             ],
             test_mock={
-                "handle_review_decision": lambda **kwargs: type(
-                    "ReviewDecision",
-                    (),
-                    {
-                        "should_proceed": True,
-                        "message": "Test approval message",
-                        "review_result": ReviewResult(
-                            data={"name": "John Doe", "age": 30},
-                            status=ReviewStatus.APPROVED,
-                            message="",
-                            processed=False,
-                            node_exec_id="test-node-exec-id",
-                        ),
-                    },
-                )(),
+                "get_or_create_human_review": lambda *_args, **_kwargs: ReviewResult(
+                    data={"name": "John Doe", "age": 30},
+                    status=ReviewStatus.APPROVED,
+                    message="",
+                    processed=False,
+                    node_exec_id="test-node-exec-id",
+                ),
+                "update_node_execution_status": lambda *_args, **_kwargs: None,
+                "update_review_processed_status": lambda *_args, **_kwargs: None,
             },
         )
 
-    async def handle_review_decision(self, **kwargs):
-        return await HITLReviewHelper.handle_review_decision(**kwargs)
+    async def get_or_create_human_review(self, **kwargs):
+        return await get_database_manager_async_client().get_or_create_human_review(
+            **kwargs
+        )
+
+    async def update_node_execution_status(self, **kwargs):
+        return await async_update_node_execution_status(
+            db_client=get_database_manager_async_client(), **kwargs
+        )
+
+    async def update_review_processed_status(self, node_exec_id: str, processed: bool):
+        return await get_database_manager_async_client().update_review_processed_status(
+            node_exec_id, processed
+        )
 
     async def run(
         self,
@@ -102,38 +110,60 @@ class HumanInTheLoopBlock(Block):
         graph_id: str,
         graph_version: int,
         execution_context: ExecutionContext,
-        **_kwargs,
+        **kwargs,
     ) -> BlockOutput:
         if not execution_context.safe_mode:
             logger.info(
                 f"HITL block skipping review for node {node_exec_id} - safe mode disabled"
             )
-            yield "approved_data", input_data.data
+            yield "status", "approved"
+            yield "reviewed_data", input_data.data
             yield "review_message", "Auto-approved (safe mode disabled)"
             return
 
-        decision = await self.handle_review_decision(
-            input_data=input_data.data,
-            user_id=user_id,
-            node_exec_id=node_exec_id,
-            graph_exec_id=graph_exec_id,
-            graph_id=graph_id,
-            graph_version=graph_version,
-            execution_context=execution_context,
-            block_name=self.name,
-            editable=input_data.editable,
-        )
+        try:
+            result = await self.get_or_create_human_review(
+                user_id=user_id,
+                node_exec_id=node_exec_id,
+                graph_exec_id=graph_exec_id,
+                graph_id=graph_id,
+                graph_version=graph_version,
+                input_data=input_data.data,
+                message=input_data.name,
+                editable=input_data.editable,
+            )
+        except Exception as e:
+            logger.error(f"Error in HITL block for node {node_exec_id}: {str(e)}")
+            raise
 
-        if decision is None:
-            return
+        if result is None:
+            logger.info(
+                f"HITL block pausing execution for node {node_exec_id} - awaiting human review"
+            )
+            try:
+                await self.update_node_execution_status(
+                    exec_id=node_exec_id,
+                    status=ExecutionStatus.REVIEW,
+                )
+                return
+            except Exception as e:
+                logger.error(
+                    f"Failed to update node status for HITL block {node_exec_id}: {str(e)}"
+                )
+                raise
 
-        status = decision.review_result.status
-        if status == ReviewStatus.APPROVED:
-            yield "approved_data", decision.review_result.data
-        elif status == ReviewStatus.REJECTED:
-            yield "rejected_data", decision.review_result.data
-        else:
-            raise RuntimeError(f"Unexpected review status: {status}")
+        if not result.processed:
+            await self.update_review_processed_status(
+                node_exec_id=node_exec_id, processed=True
+            )
 
-        if decision.message:
-            yield "review_message", decision.message
+            if result.status == ReviewStatus.APPROVED:
+                yield "status", "approved"
+                yield "reviewed_data", result.data
+                if result.message:
+                    yield "review_message", result.message
+
+            elif result.status == ReviewStatus.REJECTED:
+                yield "status", "rejected"
+                if result.message:
+                    yield "review_message", result.message

autogpt_platform/backend/backend/blocks/ideogram.py

@@ -2,6 +2,7 @@ from enum import Enum
 from typing import Any, Dict, Literal, Optional
 
 from pydantic import SecretStr
+from requests.exceptions import RequestException
 
 from backend.data.block import (
     Block,
@@ -331,8 +332,8 @@ class IdeogramModelBlock(Block):
         try:
             response = await Requests().post(url, headers=headers, json=data)
             return response.json()["data"][0]["url"]
-        except Exception as e:
-            raise ValueError(f"Failed to fetch image with V3 endpoint: {e}") from e
+        except RequestException as e:
+            raise Exception(f"Failed to fetch image with V3 endpoint: {str(e)}")
 
     async def _run_model_legacy(
         self,
@@ -384,8 +385,8 @@ class IdeogramModelBlock(Block):
         try:
             response = await Requests().post(url, headers=headers, json=data)
             return response.json()["data"][0]["url"]
-        except Exception as e:
-            raise ValueError(f"Failed to fetch image with legacy endpoint: {e}") from e
+        except RequestException as e:
+            raise Exception(f"Failed to fetch image with legacy endpoint: {str(e)}")
 
     async def upscale_image(self, api_key: SecretStr, image_url: str):
         url = "https://api.ideogram.ai/upscale"
@@ -412,5 +413,5 @@ class IdeogramModelBlock(Block):
 
             return (response.json())["data"][0]["url"]
 
-        except Exception as e:
-            raise ValueError(f"Failed to upscale image: {e}") from e
+        except RequestException as e:
+            raise Exception(f"Failed to upscale image: {str(e)}")

autogpt_platform/backend/backend/blocks/jina/search.py

@@ -16,7 +16,6 @@ from backend.data.block import (
     BlockSchemaOutput,
 )
 from backend.data.model import SchemaField
-from backend.util.exceptions import BlockExecutionError
 
 
 class SearchTheWebBlock(Block, GetRequest):
@@ -57,17 +56,7 @@ class SearchTheWebBlock(Block, GetRequest):
 
         # Prepend the Jina Search URL to the encoded query
         jina_search_url = f"https://s.jina.ai/{encoded_query}"
-
-        try:
-            results = await self.get_request(
-                jina_search_url, headers=headers, json=False
-            )
-        except Exception as e:
-            raise BlockExecutionError(
-                message=f"Search failed: {e}",
-                block_name=self.name,
-                block_id=self.id,
-            ) from e
+        results = await self.get_request(jina_search_url, headers=headers, json=False)
 
         # Output the search results
         yield "results", results

autogpt_platform/backend/backend/blocks/llm.py

@@ -92,9 +92,8 @@ class LlmModel(str, Enum, metaclass=LlmModelMeta):
     O1 = "o1"
     O1_MINI = "o1-mini"
     # GPT-5 models
-    GPT5_2 = "gpt-5.2-2025-12-11"
-    GPT5_1 = "gpt-5.1-2025-11-13"
     GPT5 = "gpt-5-2025-08-07"
+    GPT5_1 = "gpt-5.1-2025-11-13"
     GPT5_MINI = "gpt-5-mini-2025-08-07"
     GPT5_NANO = "gpt-5-nano-2025-08-07"
     GPT5_CHAT = "gpt-5-chat-latest"
@@ -195,9 +194,8 @@ MODEL_METADATA = {
     LlmModel.O1: ModelMetadata("openai", 200000, 100000),  # o1-2024-12-17
     LlmModel.O1_MINI: ModelMetadata("openai", 128000, 65536),  # o1-mini-2024-09-12
     # GPT-5 models
-    LlmModel.GPT5_2: ModelMetadata("openai", 400000, 128000),
-    LlmModel.GPT5_1: ModelMetadata("openai", 400000, 128000),
     LlmModel.GPT5: ModelMetadata("openai", 400000, 128000),
+    LlmModel.GPT5_1: ModelMetadata("openai", 400000, 128000),
     LlmModel.GPT5_MINI: ModelMetadata("openai", 400000, 128000),
     LlmModel.GPT5_NANO: ModelMetadata("openai", 400000, 128000),
     LlmModel.GPT5_CHAT: ModelMetadata("openai", 400000, 16384),
@@ -305,8 +303,6 @@ MODEL_METADATA = {
     LlmModel.V0_1_0_MD: ModelMetadata("v0", 128000, 64000),
 }
 
-DEFAULT_LLM_MODEL = LlmModel.GPT5_2
-
 for model in LlmModel:
     if model not in MODEL_METADATA:
         raise ValueError(f"Missing MODEL_METADATA metadata for model: {model}")
@@ -794,7 +790,7 @@ class AIStructuredResponseGeneratorBlock(AIBlockBase):
         )
         model: LlmModel = SchemaField(
             title="LLM Model",
-            default=DEFAULT_LLM_MODEL,
+            default=LlmModel.GPT4O,
             description="The language model to use for answering the prompt.",
             advanced=False,
         )
@@ -859,7 +855,7 @@ class AIStructuredResponseGeneratorBlock(AIBlockBase):
             input_schema=AIStructuredResponseGeneratorBlock.Input,
             output_schema=AIStructuredResponseGeneratorBlock.Output,
             test_input={
-                "model": DEFAULT_LLM_MODEL,
+                "model": LlmModel.GPT4O,
                 "credentials": TEST_CREDENTIALS_INPUT,
                 "expected_format": {
                     "key1": "value1",
@@ -1225,7 +1221,7 @@ class AITextGeneratorBlock(AIBlockBase):
         )
         model: LlmModel = SchemaField(
             title="LLM Model",
-            default=DEFAULT_LLM_MODEL,
+            default=LlmModel.GPT4O,
             description="The language model to use for answering the prompt.",
             advanced=False,
         )
@@ -1321,7 +1317,7 @@ class AITextSummarizerBlock(AIBlockBase):
         )
         model: LlmModel = SchemaField(
             title="LLM Model",
-            default=DEFAULT_LLM_MODEL,
+            default=LlmModel.GPT4O,
             description="The language model to use for summarizing the text.",
         )
         focus: str = SchemaField(
@@ -1538,7 +1534,7 @@ class AIConversationBlock(AIBlockBase):
         )
         model: LlmModel = SchemaField(
             title="LLM Model",
-            default=DEFAULT_LLM_MODEL,
+            default=LlmModel.GPT4O,
             description="The language model to use for the conversation.",
         )
         credentials: AICredentials = AICredentialsField()
@@ -1576,7 +1572,7 @@ class AIConversationBlock(AIBlockBase):
                     },
                     {"role": "user", "content": "Where was it played?"},
                 ],
-                "model": DEFAULT_LLM_MODEL,
+                "model": LlmModel.GPT4O,
                 "credentials": TEST_CREDENTIALS_INPUT,
             },
             test_credentials=TEST_CREDENTIALS,
@@ -1639,7 +1635,7 @@ class AIListGeneratorBlock(AIBlockBase):
         )
         model: LlmModel = SchemaField(
             title="LLM Model",
-            default=DEFAULT_LLM_MODEL,
+            default=LlmModel.GPT4O,
             description="The language model to use for generating the list.",
             advanced=True,
         )
@@ -1696,7 +1692,7 @@ class AIListGeneratorBlock(AIBlockBase):
                     "drawing explorers to uncover its mysteries. Each planet showcases the limitless possibilities of "
                     "fictional worlds."
                 ),
-                "model": DEFAULT_LLM_MODEL,
+                "model": LlmModel.GPT4O,
                 "credentials": TEST_CREDENTIALS_INPUT,
                 "max_retries": 3,
                 "force_json_output": False,

autogpt_platform/backend/backend/blocks/replicate/replicate_block.py

@@ -18,7 +18,6 @@ from backend.data.block import (
     BlockSchemaOutput,
 )
 from backend.data.model import APIKeyCredentials, CredentialsField, SchemaField
-from backend.util.exceptions import BlockExecutionError, BlockInputError
 
 logger = logging.getLogger(__name__)
 
@@ -112,27 +111,9 @@ class ReplicateModelBlock(Block):
             yield "status", "succeeded"
             yield "model_name", input_data.model_name
         except Exception as e:
-            error_msg = str(e)
-            logger.error(f"Error running Replicate model: {error_msg}")
-
-            # Input validation errors (422, 400) → BlockInputError
-            if (
-                "422" in error_msg
-                or "Input validation failed" in error_msg
-                or "400" in error_msg
-            ):
-                raise BlockInputError(
-                    message=f"Invalid model inputs: {error_msg}",
-                    block_name=self.name,
-                    block_id=self.id,
-                ) from e
-            # Everything else → BlockExecutionError
-            else:
-                raise BlockExecutionError(
-                    message=f"Replicate model error: {error_msg}",
-                    block_name=self.name,
-                    block_id=self.id,
-                ) from e
+            error_msg = f"Unexpected error running Replicate model: {str(e)}"
+            logger.error(error_msg)
+            raise RuntimeError(error_msg)
 
     async def run_model(self, model_ref: str, model_inputs: dict, api_key: SecretStr):
         """

autogpt_platform/backend/backend/blocks/search.py

@@ -18,7 +18,6 @@ from backend.data.model import (
     SchemaField,
 )
 from backend.integrations.providers import ProviderName
-from backend.util.request import DEFAULT_USER_AGENT
 
 
 class GetWikipediaSummaryBlock(Block, GetRequest):
@@ -40,32 +39,16 @@ class GetWikipediaSummaryBlock(Block, GetRequest):
             output_schema=GetWikipediaSummaryBlock.Output,
             test_input={"topic": "Artificial Intelligence"},
             test_output=("summary", "summary content"),
-            test_mock={
-                "get_request": lambda url, headers, json: {"extract": "summary content"}
-            },
+            test_mock={"get_request": lambda url, json: {"extract": "summary content"}},
         )
 
     async def run(self, input_data: Input, **kwargs) -> BlockOutput:
         topic = input_data.topic
-        # URL-encode the topic to handle spaces and special characters
-        encoded_topic = quote(topic, safe="")
-        url = f"https://en.wikipedia.org/api/rest_v1/page/summary/{encoded_topic}"
-
-        # Set headers per Wikimedia robot policy (https://w.wiki/4wJS)
-        # - User-Agent: Required, must identify the bot
-        # - Accept-Encoding: gzip recommended to reduce bandwidth
-        headers = {
-            "User-Agent": DEFAULT_USER_AGENT,
-            "Accept-Encoding": "gzip, deflate",
-        }
-
-        try:
-            response = await self.get_request(url, headers=headers, json=True)
-            if "extract" not in response:
-                raise ValueError(f"Unable to parse Wikipedia response: {response}")
-            yield "summary", response["extract"]
-        except Exception as e:
-            raise ValueError(f"Failed to fetch Wikipedia summary: {e}") from e
+        url = f"https://en.wikipedia.org/api/rest_v1/page/summary/{topic}"
+        response = await self.get_request(url, json=True)
+        if "extract" not in response:
+            raise RuntimeError(f"Unable to parse Wikipedia response: {response}")
+        yield "summary", response["extract"]
 
 
 TEST_CREDENTIALS = APIKeyCredentials(

autogpt_platform/backend/backend/blocks/smart_decision_maker.py

@@ -1,11 +1,8 @@
 import logging
 import re
 from collections import Counter
-from concurrent.futures import Future
 from typing import TYPE_CHECKING, Any
 
-from pydantic import BaseModel
-
 import backend.blocks.llm as llm
 from backend.blocks.agent import AgentExecutorBlock
 from backend.data.block import (
@@ -23,41 +20,16 @@ from backend.data.dynamic_fields import (
     is_dynamic_field,
     is_tool_pin,
 )
-from backend.data.execution import ExecutionContext
 from backend.data.model import NodeExecutionStats, SchemaField
 from backend.util import json
 from backend.util.clients import get_database_manager_async_client
-from backend.util.prompt import MAIN_OBJECTIVE_PREFIX
 
 if TYPE_CHECKING:
     from backend.data.graph import Link, Node
-    from backend.executor.manager import ExecutionProcessor
 
 logger = logging.getLogger(__name__)
 
 
-class ToolInfo(BaseModel):
-    """Processed tool call information."""
-
-    tool_call: Any  # The original tool call object from LLM response
-    tool_name: str  # The function name
-    tool_def: dict[str, Any]  # The tool definition from tool_functions
-    input_data: dict[str, Any]  # Processed input data ready for tool execution
-    field_mapping: dict[str, str]  # Field name mapping for the tool
-
-
-class ExecutionParams(BaseModel):
-    """Tool execution parameters."""
-
-    user_id: str
-    graph_id: str
-    node_id: str
-    graph_version: int
-    graph_exec_id: str
-    node_exec_id: str
-    execution_context: "ExecutionContext"
-
-
 def _get_tool_requests(entry: dict[str, Any]) -> list[str]:
     """
     Return a list of tool_call_ids if the entry is a tool request.
@@ -133,50 +105,6 @@ def _create_tool_response(call_id: str, output: Any) -> dict[str, Any]:
     return {"role": "tool", "tool_call_id": call_id, "content": content}
 
 
-def _combine_tool_responses(tool_outputs: list[dict[str, Any]]) -> list[dict[str, Any]]:
-    """
-    Combine multiple Anthropic tool responses into a single user message.
-    For non-Anthropic formats, returns the original list unchanged.
-    """
-    if len(tool_outputs) <= 1:
-        return tool_outputs
-
-    # Anthropic responses have role="user", type="message", and content is a list with tool_result items
-    anthropic_responses = [
-        output
-        for output in tool_outputs
-        if (
-            output.get("role") == "user"
-            and output.get("type") == "message"
-            and isinstance(output.get("content"), list)
-            and any(
-                item.get("type") == "tool_result"
-                for item in output.get("content", [])
-                if isinstance(item, dict)
-            )
-        )
-    ]
-
-    if len(anthropic_responses) > 1:
-        combined_content = [
-            item for response in anthropic_responses for item in response["content"]
-        ]
-
-        combined_response = {
-            "role": "user",
-            "type": "message",
-            "content": combined_content,
-        }
-
-        non_anthropic_responses = [
-            output for output in tool_outputs if output not in anthropic_responses
-        ]
-
-        return [combined_response] + non_anthropic_responses
-
-    return tool_outputs
-
-
 def _convert_raw_response_to_dict(raw_response: Any) -> dict[str, Any]:
     """
     Safely convert raw_response to dictionary format for conversation history.
@@ -226,7 +154,7 @@ class SmartDecisionMakerBlock(Block):
         )
         model: llm.LlmModel = SchemaField(
             title="LLM Model",
-            default=llm.DEFAULT_LLM_MODEL,
+            default=llm.LlmModel.GPT4O,
             description="The language model to use for answering the prompt.",
             advanced=False,
         )
@@ -276,17 +204,6 @@ class SmartDecisionMakerBlock(Block):
             default="localhost:11434",
             description="Ollama host for local  models",
         )
-        agent_mode_max_iterations: int = SchemaField(
-            title="Agent Mode Max Iterations",
-            description="Maximum iterations for agent mode. 0 = traditional mode (single LLM call, yield tool calls for external execution), -1 = infinite agent mode (loop until finished), 1+ = agent mode with max iterations limit.",
-            advanced=True,
-            default=0,
-        )
-        conversation_compaction: bool = SchemaField(
-            default=True,
-            title="Context window auto-compaction",
-            description="Automatically compact the context window once it hits the limit",
-        )
 
         @classmethod
         def get_missing_links(cls, data: BlockInput, links: list["Link"]) -> set[str]:
@@ -391,12 +308,8 @@ class SmartDecisionMakerBlock(Block):
         """
         block = sink_node.block
 
-        # Use custom name from node metadata if set, otherwise fall back to block.name
-        custom_name = sink_node.metadata.get("customized_name")
-        tool_name = custom_name if custom_name else block.name
-
         tool_function: dict[str, Any] = {
-            "name": SmartDecisionMakerBlock.cleanup(tool_name),
+            "name": SmartDecisionMakerBlock.cleanup(block.name),
             "description": block.description,
         }
         sink_block_input_schema = block.input_schema
@@ -493,24 +406,14 @@ class SmartDecisionMakerBlock(Block):
                 f"Sink graph metadata not found: {graph_id} {graph_version}"
             )
 
-        # Use custom name from node metadata if set, otherwise fall back to graph name
-        custom_name = sink_node.metadata.get("customized_name")
-        tool_name = custom_name if custom_name else sink_graph_meta.name
-
         tool_function: dict[str, Any] = {
-            "name": SmartDecisionMakerBlock.cleanup(tool_name),
+            "name": SmartDecisionMakerBlock.cleanup(sink_graph_meta.name),
             "description": sink_graph_meta.description,
         }
 
         properties = {}
-        field_mapping = {}
 
         for link in links:
-            field_name = link.sink_name
-
-            clean_field_name = SmartDecisionMakerBlock.cleanup(field_name)
-            field_mapping[clean_field_name] = field_name
-
             sink_block_input_schema = sink_node.input_default["input_schema"]
             sink_block_properties = sink_block_input_schema.get("properties", {}).get(
                 link.sink_name, {}
@@ -520,7 +423,7 @@ class SmartDecisionMakerBlock(Block):
                 if "description" in sink_block_properties
                 else f"The {link.sink_name} of the tool"
             )
-            properties[clean_field_name] = {
+            properties[link.sink_name] = {
                 "type": "string",
                 "description": description,
                 "default": json.dumps(sink_block_properties.get("default", None)),
@@ -533,7 +436,7 @@ class SmartDecisionMakerBlock(Block):
             "strict": True,
         }
 
-        tool_function["_field_mapping"] = field_mapping
+        # Store node info for later use in output processing
         tool_function["_sink_node_id"] = sink_node.id
 
         return {"type": "function", "function": tool_function}
@@ -603,7 +506,6 @@ class SmartDecisionMakerBlock(Block):
         Returns the response if successful, raises ValueError if validation fails.
         """
         resp = await llm.llm_call(
-            compress_prompt_to_fit=input_data.conversation_compaction,
             credentials=credentials,
             llm_model=input_data.model,
             prompt=current_prompt,
@@ -691,291 +593,6 @@ class SmartDecisionMakerBlock(Block):
 
         return resp
 
-    def _process_tool_calls(
-        self, response, tool_functions: list[dict[str, Any]]
-    ) -> list[ToolInfo]:
-        """Process tool calls and extract tool definitions, arguments, and input data.
-
-        Returns a list of tool info dicts with:
-        - tool_call: The original tool call object
-        - tool_name: The function name
-        - tool_def: The tool definition from tool_functions
-        - input_data: Processed input data dict (includes None values)
-        - field_mapping: Field name mapping for the tool
-        """
-        if not response.tool_calls:
-            return []
-
-        processed_tools = []
-        for tool_call in response.tool_calls:
-            tool_name = tool_call.function.name
-            tool_args = json.loads(tool_call.function.arguments)
-
-            tool_def = next(
-                (
-                    tool
-                    for tool in tool_functions
-                    if tool["function"]["name"] == tool_name
-                ),
-                None,
-            )
-            if not tool_def:
-                if len(tool_functions) == 1:
-                    tool_def = tool_functions[0]
-                else:
-                    continue
-
-            # Build input data for the tool
-            input_data = {}
-            field_mapping = tool_def["function"].get("_field_mapping", {})
-            if "function" in tool_def and "parameters" in tool_def["function"]:
-                expected_args = tool_def["function"]["parameters"].get("properties", {})
-                for clean_arg_name in expected_args:
-                    original_field_name = field_mapping.get(
-                        clean_arg_name, clean_arg_name
-                    )
-                    arg_value = tool_args.get(clean_arg_name)
-                    # Include all expected parameters, even if None (for backward compatibility with tests)
-                    input_data[original_field_name] = arg_value
-
-            processed_tools.append(
-                ToolInfo(
-                    tool_call=tool_call,
-                    tool_name=tool_name,
-                    tool_def=tool_def,
-                    input_data=input_data,
-                    field_mapping=field_mapping,
-                )
-            )
-
-        return processed_tools
-
-    def _update_conversation(
-        self, prompt: list[dict], response, tool_outputs: list | None = None
-    ):
-        """Update conversation history with response and tool outputs."""
-        # Don't add separate reasoning message with tool calls (breaks Anthropic's tool_use->tool_result pairing)
-        assistant_message = _convert_raw_response_to_dict(response.raw_response)
-        has_tool_calls = isinstance(assistant_message.get("content"), list) and any(
-            item.get("type") == "tool_use"
-            for item in assistant_message.get("content", [])
-        )
-
-        if response.reasoning and not has_tool_calls:
-            prompt.append(
-                {"role": "assistant", "content": f"[Reasoning]: {response.reasoning}"}
-            )
-
-        prompt.append(assistant_message)
-
-        if tool_outputs:
-            prompt.extend(tool_outputs)
-
-    async def _execute_single_tool_with_manager(
-        self,
-        tool_info: ToolInfo,
-        execution_params: ExecutionParams,
-        execution_processor: "ExecutionProcessor",
-    ) -> dict:
-        """Execute a single tool using the execution manager for proper integration."""
-        # Lazy imports to avoid circular dependencies
-        from backend.data.execution import NodeExecutionEntry
-
-        tool_call = tool_info.tool_call
-        tool_def = tool_info.tool_def
-        raw_input_data = tool_info.input_data
-
-        # Get sink node and field mapping
-        sink_node_id = tool_def["function"]["_sink_node_id"]
-
-        # Use proper database operations for tool execution
-        db_client = get_database_manager_async_client()
-
-        # Get target node
-        target_node = await db_client.get_node(sink_node_id)
-        if not target_node:
-            raise ValueError(f"Target node {sink_node_id} not found")
-
-        # Create proper node execution using upsert_execution_input
-        node_exec_result = None
-        final_input_data = None
-
-        # Add all inputs to the execution
-        if not raw_input_data:
-            raise ValueError(f"Tool call has no input data: {tool_call}")
-
-        for input_name, input_value in raw_input_data.items():
-            node_exec_result, final_input_data = await db_client.upsert_execution_input(
-                node_id=sink_node_id,
-                graph_exec_id=execution_params.graph_exec_id,
-                input_name=input_name,
-                input_data=input_value,
-            )
-
-        assert node_exec_result is not None, "node_exec_result should not be None"
-
-        # Create NodeExecutionEntry for execution manager
-        node_exec_entry = NodeExecutionEntry(
-            user_id=execution_params.user_id,
-            graph_exec_id=execution_params.graph_exec_id,
-            graph_id=execution_params.graph_id,
-            graph_version=execution_params.graph_version,
-            node_exec_id=node_exec_result.node_exec_id,
-            node_id=sink_node_id,
-            block_id=target_node.block_id,
-            inputs=final_input_data or {},
-            execution_context=execution_params.execution_context,
-        )
-
-        # Use the execution manager to execute the tool node
-        try:
-            # Get NodeExecutionProgress from the execution manager's running nodes
-            node_exec_progress = execution_processor.running_node_execution[
-                sink_node_id
-            ]
-
-            # Use the execution manager's own graph stats
-            graph_stats_pair = (
-                execution_processor.execution_stats,
-                execution_processor.execution_stats_lock,
-            )
-
-            # Create a completed future for the task tracking system
-            node_exec_future = Future()
-            node_exec_progress.add_task(
-                node_exec_id=node_exec_result.node_exec_id,
-                task=node_exec_future,
-            )
-
-            # Execute the node directly since we're in the SmartDecisionMaker context
-            node_exec_future.set_result(
-                await execution_processor.on_node_execution(
-                    node_exec=node_exec_entry,
-                    node_exec_progress=node_exec_progress,
-                    nodes_input_masks=None,
-                    graph_stats_pair=graph_stats_pair,
-                )
-            )
-
-            # Get outputs from database after execution completes using database manager client
-            node_outputs = await db_client.get_execution_outputs_by_node_exec_id(
-                node_exec_result.node_exec_id
-            )
-
-            # Create tool response
-            tool_response_content = (
-                json.dumps(node_outputs)
-                if node_outputs
-                else "Tool executed successfully"
-            )
-            return _create_tool_response(tool_call.id, tool_response_content)
-
-        except Exception as e:
-            logger.error(f"Tool execution with manager failed: {e}")
-            # Return error response
-            return _create_tool_response(
-                tool_call.id, f"Tool execution failed: {str(e)}"
-            )
-
-    async def _execute_tools_agent_mode(
-        self,
-        input_data,
-        credentials,
-        tool_functions: list[dict[str, Any]],
-        prompt: list[dict],
-        graph_exec_id: str,
-        node_id: str,
-        node_exec_id: str,
-        user_id: str,
-        graph_id: str,
-        graph_version: int,
-        execution_context: ExecutionContext,
-        execution_processor: "ExecutionProcessor",
-    ):
-        """Execute tools in agent mode with a loop until finished."""
-        max_iterations = input_data.agent_mode_max_iterations
-        iteration = 0
-
-        # Execution parameters for tool execution
-        execution_params = ExecutionParams(
-            user_id=user_id,
-            graph_id=graph_id,
-            node_id=node_id,
-            graph_version=graph_version,
-            graph_exec_id=graph_exec_id,
-            node_exec_id=node_exec_id,
-            execution_context=execution_context,
-        )
-
-        current_prompt = list(prompt)
-
-        while max_iterations < 0 or iteration < max_iterations:
-            iteration += 1
-            logger.debug(f"Agent mode iteration {iteration}")
-
-            # Prepare prompt for this iteration
-            iteration_prompt = list(current_prompt)
-
-            # On the last iteration, add a special system message to encourage completion
-            if max_iterations > 0 and iteration == max_iterations:
-                last_iteration_message = {
-                    "role": "system",
-                    "content": f"{MAIN_OBJECTIVE_PREFIX}This is your last iteration ({iteration}/{max_iterations}). "
-                    "Try to complete the task with the information you have. If you cannot fully complete it, "
-                    "provide a summary of what you've accomplished and what remains to be done. "
-                    "Prefer finishing with a clear response rather than making additional tool calls.",
-                }
-                iteration_prompt.append(last_iteration_message)
-
-            # Get LLM response
-            try:
-                response = await self._attempt_llm_call_with_validation(
-                    credentials, input_data, iteration_prompt, tool_functions
-                )
-            except Exception as e:
-                yield "error", f"LLM call failed in agent mode iteration {iteration}: {str(e)}"
-                return
-
-            # Process tool calls
-            processed_tools = self._process_tool_calls(response, tool_functions)
-
-            # If no tool calls, we're done
-            if not processed_tools:
-                yield "finished", response.response
-                self._update_conversation(current_prompt, response)
-                yield "conversations", current_prompt
-                return
-
-            # Execute tools and collect responses
-            tool_outputs = []
-            for tool_info in processed_tools:
-                try:
-                    tool_response = await self._execute_single_tool_with_manager(
-                        tool_info, execution_params, execution_processor
-                    )
-                    tool_outputs.append(tool_response)
-                except Exception as e:
-                    logger.error(f"Tool execution failed: {e}")
-                    # Create error response for the tool
-                    error_response = _create_tool_response(
-                        tool_info.tool_call.id, f"Error: {str(e)}"
-                    )
-                    tool_outputs.append(error_response)
-
-            tool_outputs = _combine_tool_responses(tool_outputs)
-
-            self._update_conversation(current_prompt, response, tool_outputs)
-
-            # Yield intermediate conversation state
-            yield "conversations", current_prompt
-
-        # If we reach max iterations, yield the current state
-        if max_iterations < 0:
-            yield "finished", f"Agent mode completed after {iteration} iterations"
-        else:
-            yield "finished", f"Agent mode completed after {max_iterations} iterations (limit reached)"
-        yield "conversations", current_prompt
-
     async def run(
         self,
         input_data: Input,
@@ -986,31 +603,9 @@ class SmartDecisionMakerBlock(Block):
         graph_exec_id: str,
         node_exec_id: str,
         user_id: str,
-        graph_version: int,
-        execution_context: ExecutionContext,
-        execution_processor: "ExecutionProcessor",
-        nodes_to_skip: set[str] | None = None,
         **kwargs,
     ) -> BlockOutput:
-
         tool_functions = await self._create_tool_node_signatures(node_id)
-        original_tool_count = len(tool_functions)
-
-        # Filter out tools for nodes that should be skipped (e.g., missing optional credentials)
-        if nodes_to_skip:
-            tool_functions = [
-                tf
-                for tf in tool_functions
-                if tf.get("function", {}).get("_sink_node_id") not in nodes_to_skip
-            ]
-
-            # Only raise error if we had tools but they were all filtered out
-            if original_tool_count > 0 and not tool_functions:
-                raise ValueError(
-                    "No available tools to execute - all downstream nodes are unavailable "
-                    "(possibly due to missing optional credentials)"
-                )
-
         yield "tool_functions", json.dumps(tool_functions)
 
         conversation_history = input_data.conversation_history or []
@@ -1053,52 +648,24 @@ class SmartDecisionMakerBlock(Block):
             input_data.prompt = llm.fmt.format_string(input_data.prompt, values)
             input_data.sys_prompt = llm.fmt.format_string(input_data.sys_prompt, values)
 
+        prefix = "[Main Objective Prompt]: "
+
         if input_data.sys_prompt and not any(
-            p["role"] == "system" and p["content"].startswith(MAIN_OBJECTIVE_PREFIX)
-            for p in prompt
+            p["role"] == "system" and p["content"].startswith(prefix) for p in prompt
         ):
-            prompt.append(
-                {
-                    "role": "system",
-                    "content": MAIN_OBJECTIVE_PREFIX + input_data.sys_prompt,
-                }
-            )
+            prompt.append({"role": "system", "content": prefix + input_data.sys_prompt})
 
         if input_data.prompt and not any(
-            p["role"] == "user" and p["content"].startswith(MAIN_OBJECTIVE_PREFIX)
-            for p in prompt
+            p["role"] == "user" and p["content"].startswith(prefix) for p in prompt
         ):
-            prompt.append(
-                {"role": "user", "content": MAIN_OBJECTIVE_PREFIX + input_data.prompt}
-            )
+            prompt.append({"role": "user", "content": prefix + input_data.prompt})
 
-        # Execute tools based on the selected mode
-        if input_data.agent_mode_max_iterations != 0:
-            # In agent mode, execute tools directly in a loop until finished
-            async for result in self._execute_tools_agent_mode(
-                input_data=input_data,
-                credentials=credentials,
-                tool_functions=tool_functions,
-                prompt=prompt,
-                graph_exec_id=graph_exec_id,
-                node_id=node_id,
-                node_exec_id=node_exec_id,
-                user_id=user_id,
-                graph_id=graph_id,
-                graph_version=graph_version,
-                execution_context=execution_context,
-                execution_processor=execution_processor,
-            ):
-                yield result
-            return
-
-        # One-off mode: single LLM call and yield tool calls for external execution
         current_prompt = list(prompt)
         max_attempts = max(1, int(input_data.retry))
         response = None
 
         last_error = None
-        for _ in range(max_attempts):
+        for attempt in range(max_attempts):
             try:
                 response = await self._attempt_llm_call_with_validation(
                     credentials, input_data, current_prompt, tool_functions
@@ -1161,9 +728,8 @@ class SmartDecisionMakerBlock(Block):
                 original_field_name = field_mapping.get(clean_arg_name, clean_arg_name)
                 arg_value = tool_args.get(clean_arg_name)
 
-                # Use original_field_name directly (not sanitized) to match link sink_name
-                # The field_mapping already translates from LLM's cleaned names to original names
-                emit_key = f"tools_^_{sink_node_id}_~_{original_field_name}"
+                sanitized_arg_name = self.cleanup(original_field_name)
+                emit_key = f"tools_^_{sink_node_id}_~_{sanitized_arg_name}"
 
                 logger.debug(
                     "[SmartDecisionMakerBlock|geid:%s|neid:%s] emit %s",

autogpt_platform/backend/backend/blocks/test/test_blocks_dos_vulnerability.py

@@ -196,15 +196,6 @@ class TestXMLParserBlockSecurity:
             async for _ in block.run(XMLParserBlock.Input(input_xml=large_xml)):
                 pass
 
-    async def test_rejects_text_outside_root(self):
-        """Ensure parser surfaces readable errors for invalid root text."""
-        block = XMLParserBlock()
-        invalid_xml = "<root><child>value</child></root> trailing"
-
-        with pytest.raises(ValueError, match="text outside the root element"):
-            async for _ in block.run(XMLParserBlock.Input(input_xml=invalid_xml)):
-                pass
-
 
 class TestStoreMediaFileSecurity:
     """Test file storage security limits."""

autogpt_platform/backend/backend/blocks/test/test_llm.py

@@ -28,7 +28,7 @@ class TestLLMStatsTracking:
 
             response = await llm.llm_call(
                 credentials=llm.TEST_CREDENTIALS,
-                llm_model=llm.DEFAULT_LLM_MODEL,
+                llm_model=llm.LlmModel.GPT4O,
                 prompt=[{"role": "user", "content": "Hello"}],
                 max_tokens=100,
             )
@@ -65,7 +65,7 @@ class TestLLMStatsTracking:
         input_data = llm.AIStructuredResponseGeneratorBlock.Input(
             prompt="Test prompt",
             expected_format={"key1": "desc1", "key2": "desc2"},
-            model=llm.DEFAULT_LLM_MODEL,
+            model=llm.LlmModel.GPT4O,
             credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore  # type: ignore
         )
 
@@ -109,7 +109,7 @@ class TestLLMStatsTracking:
         # Run the block
         input_data = llm.AITextGeneratorBlock.Input(
             prompt="Generate text",
-            model=llm.DEFAULT_LLM_MODEL,
+            model=llm.LlmModel.GPT4O,
             credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore
         )
 
@@ -170,7 +170,7 @@ class TestLLMStatsTracking:
         input_data = llm.AIStructuredResponseGeneratorBlock.Input(
             prompt="Test prompt",
             expected_format={"key1": "desc1", "key2": "desc2"},
-            model=llm.DEFAULT_LLM_MODEL,
+            model=llm.LlmModel.GPT4O,
             credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore
             retry=2,
         )
@@ -228,7 +228,7 @@ class TestLLMStatsTracking:
 
         input_data = llm.AITextSummarizerBlock.Input(
             text=long_text,
-            model=llm.DEFAULT_LLM_MODEL,
+            model=llm.LlmModel.GPT4O,
             credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore
             max_tokens=100,  # Small chunks
             chunk_overlap=10,
@@ -299,7 +299,7 @@ class TestLLMStatsTracking:
             # Test with very short text (should only need 1 chunk + 1 final summary)
             input_data = llm.AITextSummarizerBlock.Input(
                 text="This is a short text.",
-                model=llm.DEFAULT_LLM_MODEL,
+                model=llm.LlmModel.GPT4O,
                 credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore
                 max_tokens=1000,  # Large enough to avoid chunking
             )
@@ -346,7 +346,7 @@ class TestLLMStatsTracking:
                 {"role": "assistant", "content": "Hi there!"},
                 {"role": "user", "content": "How are you?"},
             ],
-            model=llm.DEFAULT_LLM_MODEL,
+            model=llm.LlmModel.GPT4O,
             credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore
         )
 
@@ -387,7 +387,7 @@ class TestLLMStatsTracking:
         # Run the block
         input_data = llm.AIListGeneratorBlock.Input(
             focus="test items",
-            model=llm.DEFAULT_LLM_MODEL,
+            model=llm.LlmModel.GPT4O,
             credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore
             max_retries=3,
         )
@@ -469,7 +469,7 @@ class TestLLMStatsTracking:
         input_data = llm.AIStructuredResponseGeneratorBlock.Input(
             prompt="Test",
             expected_format={"result": "desc"},
-            model=llm.DEFAULT_LLM_MODEL,
+            model=llm.LlmModel.GPT4O,
             credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore
         )
 
@@ -513,7 +513,7 @@ class TestAITextSummarizerValidation:
         # Create input data
         input_data = llm.AITextSummarizerBlock.Input(
             text="Some text to summarize",
-            model=llm.DEFAULT_LLM_MODEL,
+            model=llm.LlmModel.GPT4O,
             credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore
             style=llm.SummaryStyle.BULLET_POINTS,
         )
@@ -558,7 +558,7 @@ class TestAITextSummarizerValidation:
         # Create input data
         input_data = llm.AITextSummarizerBlock.Input(
             text="Some text to summarize",
-            model=llm.DEFAULT_LLM_MODEL,
+            model=llm.LlmModel.GPT4O,
             credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore
             style=llm.SummaryStyle.BULLET_POINTS,
             max_tokens=1000,
@@ -593,7 +593,7 @@ class TestAITextSummarizerValidation:
         # Create input data
         input_data = llm.AITextSummarizerBlock.Input(
             text="Some text to summarize",
-            model=llm.DEFAULT_LLM_MODEL,
+            model=llm.LlmModel.GPT4O,
             credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore
         )
 
@@ -623,7 +623,7 @@ class TestAITextSummarizerValidation:
         # Create input data
         input_data = llm.AITextSummarizerBlock.Input(
             text="Some text to summarize",
-            model=llm.DEFAULT_LLM_MODEL,
+            model=llm.LlmModel.GPT4O,
             credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore
             max_tokens=1000,
         )
@@ -654,7 +654,7 @@ class TestAITextSummarizerValidation:
         # Create input data
         input_data = llm.AITextSummarizerBlock.Input(
             text="Some text to summarize",
-            model=llm.DEFAULT_LLM_MODEL,
+            model=llm.LlmModel.GPT4O,
             credentials=llm.TEST_CREDENTIALS_INPUT,  # type: ignore
         )
 

autogpt_platform/backend/backend/blocks/test/test_smart_decision_maker.py

@@ -1,14 +1,10 @@
 import logging
-import threading
-from collections import defaultdict
-from unittest.mock import AsyncMock, MagicMock, patch
 
 import pytest
 
-from backend.api.model import CreateGraph
-from backend.api.rest_api import AgentServer
-from backend.data.execution import ExecutionContext
 from backend.data.model import ProviderName, User
+from backend.server.model import CreateGraph
+from backend.server.rest_api import AgentServer
 from backend.usecases.sample import create_test_graph, create_test_user
 from backend.util.test import SpinTestServer, wait_execution
 
@@ -21,10 +17,10 @@ async def create_graph(s: SpinTestServer, g, u: User):
 
 
 async def create_credentials(s: SpinTestServer, u: User):
-    import backend.blocks.llm as llm_module
+    import backend.blocks.llm as llm
 
     provider = ProviderName.OPENAI
-    credentials = llm_module.TEST_CREDENTIALS
+    credentials = llm.TEST_CREDENTIALS
     return await s.agent_server.test_create_credentials(u.id, provider, credentials)
 
 
@@ -200,6 +196,8 @@ async def test_smart_decision_maker_function_signature(server: SpinTestServer):
 @pytest.mark.asyncio
 async def test_smart_decision_maker_tracks_llm_stats():
     """Test that SmartDecisionMakerBlock correctly tracks LLM usage stats."""
+    from unittest.mock import MagicMock, patch
+
     import backend.blocks.llm as llm_module
     from backend.blocks.smart_decision_maker import SmartDecisionMakerBlock
 
@@ -218,6 +216,7 @@ async def test_smart_decision_maker_tracks_llm_stats():
     }
 
     # Mock the _create_tool_node_signatures method to avoid database calls
+    from unittest.mock import AsyncMock
 
     with patch(
         "backend.blocks.llm.llm_call",
@@ -233,21 +232,12 @@ async def test_smart_decision_maker_tracks_llm_stats():
         # Create test input
         input_data = SmartDecisionMakerBlock.Input(
             prompt="Should I continue with this task?",
-            model=llm_module.DEFAULT_LLM_MODEL,
+            model=llm_module.LlmModel.GPT4O,
             credentials=llm_module.TEST_CREDENTIALS_INPUT,  # type: ignore
-            agent_mode_max_iterations=0,
         )
 
         # Execute the block
         outputs = {}
-        # Create execution context
-
-        mock_execution_context = ExecutionContext(safe_mode=False)
-
-        # Create a mock execution processor for tests
-
-        mock_execution_processor = MagicMock()
-
         async for output_name, output_data in block.run(
             input_data,
             credentials=llm_module.TEST_CREDENTIALS,
@@ -256,9 +246,6 @@ async def test_smart_decision_maker_tracks_llm_stats():
             graph_exec_id="test-exec-id",
             node_exec_id="test-node-exec-id",
             user_id="test-user-id",
-            graph_version=1,
-            execution_context=mock_execution_context,
-            execution_processor=mock_execution_processor,
         ):
             outputs[output_name] = output_data
 
@@ -276,6 +263,8 @@ async def test_smart_decision_maker_tracks_llm_stats():
 @pytest.mark.asyncio
 async def test_smart_decision_maker_parameter_validation():
     """Test that SmartDecisionMakerBlock correctly validates tool call parameters."""
+    from unittest.mock import MagicMock, patch
+
     import backend.blocks.llm as llm_module
     from backend.blocks.smart_decision_maker import SmartDecisionMakerBlock
 
@@ -322,6 +311,8 @@ async def test_smart_decision_maker_parameter_validation():
     mock_response_with_typo.reasoning = None
     mock_response_with_typo.raw_response = {"role": "assistant", "content": None}
 
+    from unittest.mock import AsyncMock
+
     with patch(
         "backend.blocks.llm.llm_call",
         new_callable=AsyncMock,
@@ -335,20 +326,11 @@ async def test_smart_decision_maker_parameter_validation():
 
         input_data = SmartDecisionMakerBlock.Input(
             prompt="Search for keywords",
-            model=llm_module.DEFAULT_LLM_MODEL,
+            model=llm_module.LlmModel.GPT4O,
             credentials=llm_module.TEST_CREDENTIALS_INPUT,  # type: ignore
             retry=2,  # Set retry to 2 for testing
-            agent_mode_max_iterations=0,
         )
 
-        # Create execution context
-
-        mock_execution_context = ExecutionContext(safe_mode=False)
-
-        # Create a mock execution processor for tests
-
-        mock_execution_processor = MagicMock()
-
         # Should raise ValueError after retries due to typo'd parameter name
         with pytest.raises(ValueError) as exc_info:
             outputs = {}
@@ -360,9 +342,6 @@ async def test_smart_decision_maker_parameter_validation():
                 graph_exec_id="test-exec-id",
                 node_exec_id="test-node-exec-id",
                 user_id="test-user-id",
-                graph_version=1,
-                execution_context=mock_execution_context,
-                execution_processor=mock_execution_processor,
             ):
                 outputs[output_name] = output_data
 
@@ -389,6 +368,8 @@ async def test_smart_decision_maker_parameter_validation():
     mock_response_missing_required.reasoning = None
     mock_response_missing_required.raw_response = {"role": "assistant", "content": None}
 
+    from unittest.mock import AsyncMock
+
     with patch(
         "backend.blocks.llm.llm_call",
         new_callable=AsyncMock,
@@ -402,19 +383,10 @@ async def test_smart_decision_maker_parameter_validation():
 
         input_data = SmartDecisionMakerBlock.Input(
             prompt="Search for keywords",
-            model=llm_module.DEFAULT_LLM_MODEL,
+            model=llm_module.LlmModel.GPT4O,
             credentials=llm_module.TEST_CREDENTIALS_INPUT,  # type: ignore
-            agent_mode_max_iterations=0,
         )
 
-        # Create execution context
-
-        mock_execution_context = ExecutionContext(safe_mode=False)
-
-        # Create a mock execution processor for tests
-
-        mock_execution_processor = MagicMock()
-
         # Should raise ValueError due to missing required parameter
         with pytest.raises(ValueError) as exc_info:
             outputs = {}
@@ -426,9 +398,6 @@ async def test_smart_decision_maker_parameter_validation():
                 graph_exec_id="test-exec-id",
                 node_exec_id="test-node-exec-id",
                 user_id="test-user-id",
-                graph_version=1,
-                execution_context=mock_execution_context,
-                execution_processor=mock_execution_processor,
             ):
                 outputs[output_name] = output_data
 
@@ -449,6 +418,8 @@ async def test_smart_decision_maker_parameter_validation():
     mock_response_valid.reasoning = None
     mock_response_valid.raw_response = {"role": "assistant", "content": None}
 
+    from unittest.mock import AsyncMock
+
     with patch(
         "backend.blocks.llm.llm_call",
         new_callable=AsyncMock,
@@ -462,21 +433,12 @@ async def test_smart_decision_maker_parameter_validation():
 
         input_data = SmartDecisionMakerBlock.Input(
             prompt="Search for keywords",
-            model=llm_module.DEFAULT_LLM_MODEL,
+            model=llm_module.LlmModel.GPT4O,
             credentials=llm_module.TEST_CREDENTIALS_INPUT,  # type: ignore
-            agent_mode_max_iterations=0,
         )
 
         # Should succeed - optional parameter missing is OK
         outputs = {}
-        # Create execution context
-
-        mock_execution_context = ExecutionContext(safe_mode=False)
-
-        # Create a mock execution processor for tests
-
-        mock_execution_processor = MagicMock()
-
         async for output_name, output_data in block.run(
             input_data,
             credentials=llm_module.TEST_CREDENTIALS,
@@ -485,9 +447,6 @@ async def test_smart_decision_maker_parameter_validation():
             graph_exec_id="test-exec-id",
             node_exec_id="test-node-exec-id",
             user_id="test-user-id",
-            graph_version=1,
-            execution_context=mock_execution_context,
-            execution_processor=mock_execution_processor,
         ):
             outputs[output_name] = output_data
 
@@ -513,6 +472,8 @@ async def test_smart_decision_maker_parameter_validation():
     mock_response_all_params.reasoning = None
     mock_response_all_params.raw_response = {"role": "assistant", "content": None}
 
+    from unittest.mock import AsyncMock
+
     with patch(
         "backend.blocks.llm.llm_call",
         new_callable=AsyncMock,
@@ -526,21 +487,12 @@ async def test_smart_decision_maker_parameter_validation():
 
         input_data = SmartDecisionMakerBlock.Input(
             prompt="Search for keywords",
-            model=llm_module.DEFAULT_LLM_MODEL,
+            model=llm_module.LlmModel.GPT4O,
             credentials=llm_module.TEST_CREDENTIALS_INPUT,  # type: ignore
-            agent_mode_max_iterations=0,
         )
 
         # Should succeed with all parameters
         outputs = {}
-        # Create execution context
-
-        mock_execution_context = ExecutionContext(safe_mode=False)
-
-        # Create a mock execution processor for tests
-
-        mock_execution_processor = MagicMock()
-
         async for output_name, output_data in block.run(
             input_data,
             credentials=llm_module.TEST_CREDENTIALS,
@@ -549,9 +501,6 @@ async def test_smart_decision_maker_parameter_validation():
             graph_exec_id="test-exec-id",
             node_exec_id="test-node-exec-id",
             user_id="test-user-id",
-            graph_version=1,
-            execution_context=mock_execution_context,
-            execution_processor=mock_execution_processor,
         ):
             outputs[output_name] = output_data
 
@@ -564,6 +513,8 @@ async def test_smart_decision_maker_parameter_validation():
 @pytest.mark.asyncio
 async def test_smart_decision_maker_raw_response_conversion():
     """Test that SmartDecisionMaker correctly handles different raw_response types with retry mechanism."""
+    from unittest.mock import MagicMock, patch
+
     import backend.blocks.llm as llm_module
     from backend.blocks.smart_decision_maker import SmartDecisionMakerBlock
 
@@ -633,6 +584,7 @@ async def test_smart_decision_maker_raw_response_conversion():
     )
 
     # Mock llm_call to return different responses on different calls
+    from unittest.mock import AsyncMock
 
     with patch(
         "backend.blocks.llm.llm_call", new_callable=AsyncMock
@@ -648,22 +600,13 @@ async def test_smart_decision_maker_raw_response_conversion():
 
         input_data = SmartDecisionMakerBlock.Input(
             prompt="Test prompt",
-            model=llm_module.DEFAULT_LLM_MODEL,
+            model=llm_module.LlmModel.GPT4O,
             credentials=llm_module.TEST_CREDENTIALS_INPUT,  # type: ignore
             retry=2,
-            agent_mode_max_iterations=0,
         )
 
         # Should succeed after retry, demonstrating our helper function works
         outputs = {}
-        # Create execution context
-
-        mock_execution_context = ExecutionContext(safe_mode=False)
-
-        # Create a mock execution processor for tests
-
-        mock_execution_processor = MagicMock()
-
         async for output_name, output_data in block.run(
             input_data,
             credentials=llm_module.TEST_CREDENTIALS,
@@ -672,9 +615,6 @@ async def test_smart_decision_maker_raw_response_conversion():
             graph_exec_id="test-exec-id",
             node_exec_id="test-node-exec-id",
             user_id="test-user-id",
-            graph_version=1,
-            execution_context=mock_execution_context,
-            execution_processor=mock_execution_processor,
         ):
             outputs[output_name] = output_data
 
@@ -710,6 +650,8 @@ async def test_smart_decision_maker_raw_response_conversion():
         "I'll help you with that."  # Ollama returns string
     )
 
+    from unittest.mock import AsyncMock
+
     with patch(
         "backend.blocks.llm.llm_call",
         new_callable=AsyncMock,
@@ -722,20 +664,11 @@ async def test_smart_decision_maker_raw_response_conversion():
     ):
         input_data = SmartDecisionMakerBlock.Input(
             prompt="Simple prompt",
-            model=llm_module.DEFAULT_LLM_MODEL,
+            model=llm_module.LlmModel.GPT4O,
             credentials=llm_module.TEST_CREDENTIALS_INPUT,  # type: ignore
-            agent_mode_max_iterations=0,
         )
 
         outputs = {}
-        # Create execution context
-
-        mock_execution_context = ExecutionContext(safe_mode=False)
-
-        # Create a mock execution processor for tests
-
-        mock_execution_processor = MagicMock()
-
         async for output_name, output_data in block.run(
             input_data,
             credentials=llm_module.TEST_CREDENTIALS,
@@ -744,9 +677,6 @@ async def test_smart_decision_maker_raw_response_conversion():
             graph_exec_id="test-exec-id",
             node_exec_id="test-node-exec-id",
             user_id="test-user-id",
-            graph_version=1,
-            execution_context=mock_execution_context,
-            execution_processor=mock_execution_processor,
         ):
             outputs[output_name] = output_data
 
@@ -766,6 +696,8 @@ async def test_smart_decision_maker_raw_response_conversion():
         "content": "Test response",
     }  # Dict format
 
+    from unittest.mock import AsyncMock
+
     with patch(
         "backend.blocks.llm.llm_call",
         new_callable=AsyncMock,
@@ -778,20 +710,11 @@ async def test_smart_decision_maker_raw_response_conversion():
     ):
         input_data = SmartDecisionMakerBlock.Input(
             prompt="Another test",
-            model=llm_module.DEFAULT_LLM_MODEL,
+            model=llm_module.LlmModel.GPT4O,
             credentials=llm_module.TEST_CREDENTIALS_INPUT,  # type: ignore
-            agent_mode_max_iterations=0,
         )
 
         outputs = {}
-        # Create execution context
-
-        mock_execution_context = ExecutionContext(safe_mode=False)
-
-        # Create a mock execution processor for tests
-
-        mock_execution_processor = MagicMock()
-
         async for output_name, output_data in block.run(
             input_data,
             credentials=llm_module.TEST_CREDENTIALS,
@@ -800,410 +723,8 @@ async def test_smart_decision_maker_raw_response_conversion():
             graph_exec_id="test-exec-id",
             node_exec_id="test-node-exec-id",
             user_id="test-user-id",
-            graph_version=1,
-            execution_context=mock_execution_context,
-            execution_processor=mock_execution_processor,
         ):
             outputs[output_name] = output_data
 
         assert "finished" in outputs
         assert outputs["finished"] == "Test response"
-
-
-@pytest.mark.asyncio
-async def test_smart_decision_maker_agent_mode():
-    """Test that agent mode executes tools directly and loops until finished."""
-    import backend.blocks.llm as llm_module
-    from backend.blocks.smart_decision_maker import SmartDecisionMakerBlock
-
-    block = SmartDecisionMakerBlock()
-
-    # Mock tool call that requires multiple iterations
-    mock_tool_call_1 = MagicMock()
-    mock_tool_call_1.id = "call_1"
-    mock_tool_call_1.function.name = "search_keywords"
-    mock_tool_call_1.function.arguments = (
-        '{"query": "test", "max_keyword_difficulty": 50}'
-    )
-
-    mock_response_1 = MagicMock()
-    mock_response_1.response = None
-    mock_response_1.tool_calls = [mock_tool_call_1]
-    mock_response_1.prompt_tokens = 50
-    mock_response_1.completion_tokens = 25
-    mock_response_1.reasoning = "Using search tool"
-    mock_response_1.raw_response = {
-        "role": "assistant",
-        "content": None,
-        "tool_calls": [{"id": "call_1", "type": "function"}],
-    }
-
-    # Final response with no tool calls (finished)
-    mock_response_2 = MagicMock()
-    mock_response_2.response = "Task completed successfully"
-    mock_response_2.tool_calls = []
-    mock_response_2.prompt_tokens = 30
-    mock_response_2.completion_tokens = 15
-    mock_response_2.reasoning = None
-    mock_response_2.raw_response = {
-        "role": "assistant",
-        "content": "Task completed successfully",
-    }
-
-    # Mock the LLM call to return different responses on each iteration
-    llm_call_mock = AsyncMock()
-    llm_call_mock.side_effect = [mock_response_1, mock_response_2]
-
-    # Mock tool node signatures
-    mock_tool_signatures = [
-        {
-            "type": "function",
-            "function": {
-                "name": "search_keywords",
-                "_sink_node_id": "test-sink-node-id",
-                "_field_mapping": {},
-                "parameters": {
-                    "properties": {
-                        "query": {"type": "string"},
-                        "max_keyword_difficulty": {"type": "integer"},
-                    },
-                    "required": ["query", "max_keyword_difficulty"],
-                },
-            },
-        }
-    ]
-
-    # Mock database and execution components
-    mock_db_client = AsyncMock()
-    mock_node = MagicMock()
-    mock_node.block_id = "test-block-id"
-    mock_db_client.get_node.return_value = mock_node
-
-    # Mock upsert_execution_input to return proper NodeExecutionResult and input data
-    mock_node_exec_result = MagicMock()
-    mock_node_exec_result.node_exec_id = "test-tool-exec-id"
-    mock_input_data = {"query": "test", "max_keyword_difficulty": 50}
-    mock_db_client.upsert_execution_input.return_value = (
-        mock_node_exec_result,
-        mock_input_data,
-    )
-
-    # No longer need mock_execute_node since we use execution_processor.on_node_execution
-
-    with patch("backend.blocks.llm.llm_call", llm_call_mock), patch.object(
-        block, "_create_tool_node_signatures", return_value=mock_tool_signatures
-    ), patch(
-        "backend.blocks.smart_decision_maker.get_database_manager_async_client",
-        return_value=mock_db_client,
-    ), patch(
-        "backend.executor.manager.async_update_node_execution_status",
-        new_callable=AsyncMock,
-    ), patch(
-        "backend.integrations.creds_manager.IntegrationCredentialsManager"
-    ):
-
-        # Create a mock execution context
-
-        mock_execution_context = ExecutionContext(
-            safe_mode=False,
-        )
-
-        # Create a mock execution processor for agent mode tests
-
-        mock_execution_processor = AsyncMock()
-        # Configure the execution processor mock with required attributes
-        mock_execution_processor.running_node_execution = defaultdict(MagicMock)
-        mock_execution_processor.execution_stats = MagicMock()
-        mock_execution_processor.execution_stats_lock = threading.Lock()
-
-        # Mock the on_node_execution method to return successful stats
-        mock_node_stats = MagicMock()
-        mock_node_stats.error = None  # No error
-        mock_execution_processor.on_node_execution = AsyncMock(
-            return_value=mock_node_stats
-        )
-
-        # Mock the get_execution_outputs_by_node_exec_id method
-        mock_db_client.get_execution_outputs_by_node_exec_id.return_value = {
-            "result": {"status": "success", "data": "search completed"}
-        }
-
-        # Test agent mode with max_iterations = 3
-        input_data = SmartDecisionMakerBlock.Input(
-            prompt="Complete this task using tools",
-            model=llm_module.DEFAULT_LLM_MODEL,
-            credentials=llm_module.TEST_CREDENTIALS_INPUT,  # type: ignore
-            agent_mode_max_iterations=3,  # Enable agent mode with 3 max iterations
-        )
-
-        outputs = {}
-        async for output_name, output_data in block.run(
-            input_data,
-            credentials=llm_module.TEST_CREDENTIALS,
-            graph_id="test-graph-id",
-            node_id="test-node-id",
-            graph_exec_id="test-exec-id",
-            node_exec_id="test-node-exec-id",
-            user_id="test-user-id",
-            graph_version=1,
-            execution_context=mock_execution_context,
-            execution_processor=mock_execution_processor,
-        ):
-            outputs[output_name] = output_data
-
-        # Verify agent mode behavior
-        assert "tool_functions" in outputs  # tool_functions is yielded in both modes
-        assert "finished" in outputs
-        assert outputs["finished"] == "Task completed successfully"
-        assert "conversations" in outputs
-
-        # Verify the conversation includes tool responses
-        conversations = outputs["conversations"]
-        assert len(conversations) > 2  # Should have multiple conversation entries
-
-        # Verify LLM was called twice (once for tool call, once for finish)
-        assert llm_call_mock.call_count == 2
-
-        # Verify tool was executed via execution processor
-        assert mock_execution_processor.on_node_execution.call_count == 1
-
-
-@pytest.mark.asyncio
-async def test_smart_decision_maker_traditional_mode_default():
-    """Test that default behavior (agent_mode_max_iterations=0) works as traditional mode."""
-    import backend.blocks.llm as llm_module
-    from backend.blocks.smart_decision_maker import SmartDecisionMakerBlock
-
-    block = SmartDecisionMakerBlock()
-
-    # Mock tool call
-    mock_tool_call = MagicMock()
-    mock_tool_call.function.name = "search_keywords"
-    mock_tool_call.function.arguments = (
-        '{"query": "test", "max_keyword_difficulty": 50}'
-    )
-
-    mock_response = MagicMock()
-    mock_response.response = None
-    mock_response.tool_calls = [mock_tool_call]
-    mock_response.prompt_tokens = 50
-    mock_response.completion_tokens = 25
-    mock_response.reasoning = None
-    mock_response.raw_response = {"role": "assistant", "content": None}
-
-    mock_tool_signatures = [
-        {
-            "type": "function",
-            "function": {
-                "name": "search_keywords",
-                "_sink_node_id": "test-sink-node-id",
-                "_field_mapping": {},
-                "parameters": {
-                    "properties": {
-                        "query": {"type": "string"},
-                        "max_keyword_difficulty": {"type": "integer"},
-                    },
-                    "required": ["query", "max_keyword_difficulty"],
-                },
-            },
-        }
-    ]
-
-    with patch(
-        "backend.blocks.llm.llm_call",
-        new_callable=AsyncMock,
-        return_value=mock_response,
-    ), patch.object(
-        block, "_create_tool_node_signatures", return_value=mock_tool_signatures
-    ):
-
-        # Test default behavior (traditional mode)
-        input_data = SmartDecisionMakerBlock.Input(
-            prompt="Test prompt",
-            model=llm_module.DEFAULT_LLM_MODEL,
-            credentials=llm_module.TEST_CREDENTIALS_INPUT,  # type: ignore
-            agent_mode_max_iterations=0,  # Traditional mode
-        )
-
-        # Create execution context
-
-        mock_execution_context = ExecutionContext(safe_mode=False)
-
-        # Create a mock execution processor for tests
-
-        mock_execution_processor = MagicMock()
-
-        outputs = {}
-        async for output_name, output_data in block.run(
-            input_data,
-            credentials=llm_module.TEST_CREDENTIALS,
-            graph_id="test-graph-id",
-            node_id="test-node-id",
-            graph_exec_id="test-exec-id",
-            node_exec_id="test-node-exec-id",
-            user_id="test-user-id",
-            graph_version=1,
-            execution_context=mock_execution_context,
-            execution_processor=mock_execution_processor,
-        ):
-            outputs[output_name] = output_data
-
-        # Verify traditional mode behavior
-        assert (
-            "tool_functions" in outputs
-        )  # Should yield tool_functions in traditional mode
-        assert (
-            "tools_^_test-sink-node-id_~_query" in outputs
-        )  # Should yield individual tool parameters
-        assert "tools_^_test-sink-node-id_~_max_keyword_difficulty" in outputs
-        assert "conversations" in outputs
-
-
-@pytest.mark.asyncio
-async def test_smart_decision_maker_uses_customized_name_for_blocks():
-    """Test that SmartDecisionMakerBlock uses customized_name from node metadata for tool names."""
-    from unittest.mock import MagicMock
-
-    from backend.blocks.basic import StoreValueBlock
-    from backend.blocks.smart_decision_maker import SmartDecisionMakerBlock
-    from backend.data.graph import Link, Node
-
-    # Create a mock node with customized_name in metadata
-    mock_node = MagicMock(spec=Node)
-    mock_node.id = "test-node-id"
-    mock_node.block_id = StoreValueBlock().id
-    mock_node.metadata = {"customized_name": "My Custom Tool Name"}
-    mock_node.block = StoreValueBlock()
-
-    # Create a mock link
-    mock_link = MagicMock(spec=Link)
-    mock_link.sink_name = "input"
-
-    # Call the function directly
-    result = await SmartDecisionMakerBlock._create_block_function_signature(
-        mock_node, [mock_link]
-    )
-
-    # Verify the tool name uses the customized name (cleaned up)
-    assert result["type"] == "function"
-    assert result["function"]["name"] == "my_custom_tool_name"  # Cleaned version
-    assert result["function"]["_sink_node_id"] == "test-node-id"
-
-
-@pytest.mark.asyncio
-async def test_smart_decision_maker_falls_back_to_block_name():
-    """Test that SmartDecisionMakerBlock falls back to block.name when no customized_name."""
-    from unittest.mock import MagicMock
-
-    from backend.blocks.basic import StoreValueBlock
-    from backend.blocks.smart_decision_maker import SmartDecisionMakerBlock
-    from backend.data.graph import Link, Node
-
-    # Create a mock node without customized_name
-    mock_node = MagicMock(spec=Node)
-    mock_node.id = "test-node-id"
-    mock_node.block_id = StoreValueBlock().id
-    mock_node.metadata = {}  # No customized_name
-    mock_node.block = StoreValueBlock()
-
-    # Create a mock link
-    mock_link = MagicMock(spec=Link)
-    mock_link.sink_name = "input"
-
-    # Call the function directly
-    result = await SmartDecisionMakerBlock._create_block_function_signature(
-        mock_node, [mock_link]
-    )
-
-    # Verify the tool name uses the block's default name
-    assert result["type"] == "function"
-    assert result["function"]["name"] == "storevalueblock"  # Default block name cleaned
-    assert result["function"]["_sink_node_id"] == "test-node-id"
-
-
-@pytest.mark.asyncio
-async def test_smart_decision_maker_uses_customized_name_for_agents():
-    """Test that SmartDecisionMakerBlock uses customized_name from metadata for agent nodes."""
-    from unittest.mock import AsyncMock, MagicMock, patch
-
-    from backend.blocks.smart_decision_maker import SmartDecisionMakerBlock
-    from backend.data.graph import Link, Node
-
-    # Create a mock node with customized_name in metadata
-    mock_node = MagicMock(spec=Node)
-    mock_node.id = "test-agent-node-id"
-    mock_node.metadata = {"customized_name": "My Custom Agent"}
-    mock_node.input_default = {
-        "graph_id": "test-graph-id",
-        "graph_version": 1,
-        "input_schema": {"properties": {"test_input": {"description": "Test input"}}},
-    }
-
-    # Create a mock link
-    mock_link = MagicMock(spec=Link)
-    mock_link.sink_name = "test_input"
-
-    # Mock the database client
-    mock_graph_meta = MagicMock()
-    mock_graph_meta.name = "Original Agent Name"
-    mock_graph_meta.description = "Agent description"
-
-    mock_db_client = AsyncMock()
-    mock_db_client.get_graph_metadata.return_value = mock_graph_meta
-
-    with patch(
-        "backend.blocks.smart_decision_maker.get_database_manager_async_client",
-        return_value=mock_db_client,
-    ):
-        result = await SmartDecisionMakerBlock._create_agent_function_signature(
-            mock_node, [mock_link]
-        )
-
-    # Verify the tool name uses the customized name (cleaned up)
-    assert result["type"] == "function"
-    assert result["function"]["name"] == "my_custom_agent"  # Cleaned version
-    assert result["function"]["_sink_node_id"] == "test-agent-node-id"
-
-
-@pytest.mark.asyncio
-async def test_smart_decision_maker_agent_falls_back_to_graph_name():
-    """Test that agent node falls back to graph name when no customized_name."""
-    from unittest.mock import AsyncMock, MagicMock, patch
-
-    from backend.blocks.smart_decision_maker import SmartDecisionMakerBlock
-    from backend.data.graph import Link, Node
-
-    # Create a mock node without customized_name
-    mock_node = MagicMock(spec=Node)
-    mock_node.id = "test-agent-node-id"
-    mock_node.metadata = {}  # No customized_name
-    mock_node.input_default = {
-        "graph_id": "test-graph-id",
-        "graph_version": 1,
-        "input_schema": {"properties": {"test_input": {"description": "Test input"}}},
-    }
-
-    # Create a mock link
-    mock_link = MagicMock(spec=Link)
-    mock_link.sink_name = "test_input"
-
-    # Mock the database client
-    mock_graph_meta = MagicMock()
-    mock_graph_meta.name = "Original Agent Name"
-    mock_graph_meta.description = "Agent description"
-
-    mock_db_client = AsyncMock()
-    mock_db_client.get_graph_metadata.return_value = mock_graph_meta
-
-    with patch(
-        "backend.blocks.smart_decision_maker.get_database_manager_async_client",
-        return_value=mock_db_client,
-    ):
-        result = await SmartDecisionMakerBlock._create_agent_function_signature(
-            mock_node, [mock_link]
-        )
-
-    # Verify the tool name uses the graph's default name
-    assert result["type"] == "function"
-    assert result["function"]["name"] == "original_agent_name"  # Graph name cleaned
-    assert result["function"]["_sink_node_id"] == "test-agent-node-id"

autogpt_platform/backend/backend/blocks/test/test_smart_decision_maker_dict.py

@@ -15,7 +15,6 @@ async def test_smart_decision_maker_handles_dynamic_dict_fields():
     mock_node.block = CreateDictionaryBlock()
     mock_node.block_id = CreateDictionaryBlock().id
     mock_node.input_default = {}
-    mock_node.metadata = {}
 
     # Create mock links with dynamic dictionary fields
     mock_links = [
@@ -78,7 +77,6 @@ async def test_smart_decision_maker_handles_dynamic_list_fields():
     mock_node.block = AddToListBlock()
     mock_node.block_id = AddToListBlock().id
     mock_node.input_default = {}
-    mock_node.metadata = {}
 
     # Create mock links with dynamic list fields
     mock_links = [

autogpt_platform/backend/backend/blocks/test/test_smart_decision_maker_dynamic_fields.py

@@ -1,7 +1,7 @@
 """Comprehensive tests for SmartDecisionMakerBlock dynamic field handling."""
 
 import json
-from unittest.mock import AsyncMock, MagicMock, Mock, patch
+from unittest.mock import AsyncMock, Mock, patch
 
 import pytest
 
@@ -44,7 +44,6 @@ async def test_create_block_function_signature_with_dict_fields():
     mock_node.block = CreateDictionaryBlock()
     mock_node.block_id = CreateDictionaryBlock().id
     mock_node.input_default = {}
-    mock_node.metadata = {}
 
     # Create mock links with dynamic dictionary fields (source sanitized, sink original)
     mock_links = [
@@ -107,7 +106,6 @@ async def test_create_block_function_signature_with_list_fields():
     mock_node.block = AddToListBlock()
     mock_node.block_id = AddToListBlock().id
     mock_node.input_default = {}
-    mock_node.metadata = {}
 
     # Create mock links with dynamic list fields
     mock_links = [
@@ -161,7 +159,6 @@ async def test_create_block_function_signature_with_object_fields():
     mock_node.block = MatchTextPatternBlock()
     mock_node.block_id = MatchTextPatternBlock().id
     mock_node.input_default = {}
-    mock_node.metadata = {}
 
     # Create mock links with dynamic object fields
     mock_links = [
@@ -211,13 +208,11 @@ async def test_create_tool_node_signatures():
         mock_dict_node.block = CreateDictionaryBlock()
         mock_dict_node.block_id = CreateDictionaryBlock().id
         mock_dict_node.input_default = {}
-        mock_dict_node.metadata = {}
 
         mock_list_node = Mock()
         mock_list_node.block = AddToListBlock()
         mock_list_node.block_id = AddToListBlock().id
         mock_list_node.input_default = {}
-        mock_list_node.metadata = {}
 
         # Mock links with dynamic fields
         dict_link1 = Mock(
@@ -313,47 +308,10 @@ async def test_output_yielding_with_dynamic_fields():
     ) as mock_llm:
         mock_llm.return_value = mock_response
 
-        # Mock the database manager to avoid HTTP calls during tool execution
-        with patch(
-            "backend.blocks.smart_decision_maker.get_database_manager_async_client"
-        ) as mock_db_manager, patch.object(
+        # Mock the function signature creation
+        with patch.object(
             block, "_create_tool_node_signatures", new_callable=AsyncMock
         ) as mock_sig:
-            # Set up the mock database manager
-            mock_db_client = AsyncMock()
-            mock_db_manager.return_value = mock_db_client
-
-            # Mock the node retrieval
-            mock_target_node = Mock()
-            mock_target_node.id = "test-sink-node-id"
-            mock_target_node.block_id = "CreateDictionaryBlock"
-            mock_target_node.block = Mock()
-            mock_target_node.block.name = "Create Dictionary"
-            mock_db_client.get_node.return_value = mock_target_node
-
-            # Mock the execution result creation
-            mock_node_exec_result = Mock()
-            mock_node_exec_result.node_exec_id = "mock-node-exec-id"
-            mock_final_input_data = {
-                "values_#_name": "Alice",
-                "values_#_age": 30,
-                "values_#_email": "alice@example.com",
-            }
-            mock_db_client.upsert_execution_input.return_value = (
-                mock_node_exec_result,
-                mock_final_input_data,
-            )
-
-            # Mock the output retrieval
-            mock_outputs = {
-                "values_#_name": "Alice",
-                "values_#_age": 30,
-                "values_#_email": "alice@example.com",
-            }
-            mock_db_client.get_execution_outputs_by_node_exec_id.return_value = (
-                mock_outputs
-            )
-
             mock_sig.return_value = [
                 {
                     "type": "function",
@@ -378,17 +336,11 @@ async def test_output_yielding_with_dynamic_fields():
             input_data = block.input_schema(
                 prompt="Create a user dictionary",
                 credentials=llm.TEST_CREDENTIALS_INPUT,
-                model=llm.DEFAULT_LLM_MODEL,
-                agent_mode_max_iterations=0,  # Use traditional mode to test output yielding
+                model=llm.LlmModel.GPT4O,
             )
 
             # Run the block
             outputs = {}
-            from backend.data.execution import ExecutionContext
-
-            mock_execution_context = ExecutionContext(safe_mode=False)
-            mock_execution_processor = MagicMock()
-
             async for output_name, output_value in block.run(
                 input_data,
                 credentials=llm.TEST_CREDENTIALS,
@@ -397,9 +349,6 @@ async def test_output_yielding_with_dynamic_fields():
                 graph_exec_id="test_exec",
                 node_exec_id="test_node_exec",
                 user_id="test_user",
-                graph_version=1,
-                execution_context=mock_execution_context,
-                execution_processor=mock_execution_processor,
             ):
                 outputs[output_name] = output_value
 
@@ -428,7 +377,6 @@ async def test_mixed_regular_and_dynamic_fields():
     mock_node.block.name = "TestBlock"
     mock_node.block.description = "A test block"
     mock_node.block.input_schema = Mock()
-    mock_node.metadata = {}
 
     # Mock the get_field_schema to return a proper schema for regular fields
     def get_field_schema(field_name):
@@ -563,108 +511,45 @@ async def test_validation_errors_dont_pollute_conversation():
                 }
             ]
 
-            # Mock the database manager to avoid HTTP calls during tool execution
-            with patch(
-                "backend.blocks.smart_decision_maker.get_database_manager_async_client"
-            ) as mock_db_manager:
-                # Set up the mock database manager for agent mode
-                mock_db_client = AsyncMock()
-                mock_db_manager.return_value = mock_db_client
+            # Create input data
+            from backend.blocks import llm
 
-                # Mock the node retrieval
-                mock_target_node = Mock()
-                mock_target_node.id = "test-sink-node-id"
-                mock_target_node.block_id = "TestBlock"
-                mock_target_node.block = Mock()
-                mock_target_node.block.name = "Test Block"
-                mock_db_client.get_node.return_value = mock_target_node
+            input_data = block.input_schema(
+                prompt="Test prompt",
+                credentials=llm.TEST_CREDENTIALS_INPUT,
+                model=llm.LlmModel.GPT4O,
+                retry=3,  # Allow retries
+            )
 
-                # Mock the execution result creation
-                mock_node_exec_result = Mock()
-                mock_node_exec_result.node_exec_id = "mock-node-exec-id"
-                mock_final_input_data = {"correct_param": "value"}
-                mock_db_client.upsert_execution_input.return_value = (
-                    mock_node_exec_result,
-                    mock_final_input_data,
-                )
+            # Run the block
+            outputs = {}
+            async for output_name, output_value in block.run(
+                input_data,
+                credentials=llm.TEST_CREDENTIALS,
+                graph_id="test_graph",
+                node_id="test_node",
+                graph_exec_id="test_exec",
+                node_exec_id="test_node_exec",
+                user_id="test_user",
+            ):
+                outputs[output_name] = output_value
 
-                # Mock the output retrieval
-                mock_outputs = {"correct_param": "value"}
-                mock_db_client.get_execution_outputs_by_node_exec_id.return_value = (
-                    mock_outputs
-                )
+            # Verify we had 2 LLM calls (initial + retry)
+            assert call_count == 2
 
-                # Create input data
-                from backend.blocks import llm
+            # Check the final conversation output
+            final_conversation = outputs.get("conversations", [])
 
-                input_data = block.input_schema(
-                    prompt="Test prompt",
-                    credentials=llm.TEST_CREDENTIALS_INPUT,
-                    model=llm.DEFAULT_LLM_MODEL,
-                    retry=3,  # Allow retries
-                    agent_mode_max_iterations=1,
-                )
+            # The final conversation should NOT contain the validation error message
+            error_messages = [
+                msg
+                for msg in final_conversation
+                if msg.get("role") == "user"
+                and "parameter errors" in msg.get("content", "")
+            ]
+            assert (
+                len(error_messages) == 0
+            ), "Validation error leaked into final conversation"
 
-                # Run the block
-                outputs = {}
-                from backend.data.execution import ExecutionContext
-
-                mock_execution_context = ExecutionContext(safe_mode=False)
-
-                # Create a proper mock execution processor for agent mode
-                from collections import defaultdict
-
-                mock_execution_processor = AsyncMock()
-                mock_execution_processor.execution_stats = MagicMock()
-                mock_execution_processor.execution_stats_lock = MagicMock()
-
-                # Create a mock NodeExecutionProgress for the sink node
-                mock_node_exec_progress = MagicMock()
-                mock_node_exec_progress.add_task = MagicMock()
-                mock_node_exec_progress.pop_output = MagicMock(
-                    return_value=None
-                )  # No outputs to process
-
-                # Set up running_node_execution as a defaultdict that returns our mock for any key
-                mock_execution_processor.running_node_execution = defaultdict(
-                    lambda: mock_node_exec_progress
-                )
-
-                # Mock the on_node_execution method that gets called during tool execution
-                mock_node_stats = MagicMock()
-                mock_node_stats.error = None
-                mock_execution_processor.on_node_execution.return_value = (
-                    mock_node_stats
-                )
-
-                async for output_name, output_value in block.run(
-                    input_data,
-                    credentials=llm.TEST_CREDENTIALS,
-                    graph_id="test_graph",
-                    node_id="test_node",
-                    graph_exec_id="test_exec",
-                    node_exec_id="test_node_exec",
-                    user_id="test_user",
-                    graph_version=1,
-                    execution_context=mock_execution_context,
-                    execution_processor=mock_execution_processor,
-                ):
-                    outputs[output_name] = output_value
-
-                # Verify we had at least 1 LLM call
-                assert call_count >= 1
-
-                # Check the final conversation output
-                final_conversation = outputs.get("conversations", [])
-
-                # The final conversation should NOT contain validation error messages
-                # Even if retries don't happen in agent mode, we should not leak errors
-                error_messages = [
-                    msg
-                    for msg in final_conversation
-                    if msg.get("role") == "user"
-                    and "parameter errors" in msg.get("content", "")
-                ]
-                assert (
-                    len(error_messages) == 0
-                ), "Validation error leaked into final conversation"
+            # The final conversation should only have the successful response
+            assert final_conversation[-1]["content"] == "valid"

autogpt_platform/backend/backend/blocks/wordpress/__init__.py

@@ -1,3 +1,3 @@
-from .blog import WordPressCreatePostBlock, WordPressGetAllPostsBlock
+from .blog import WordPressCreatePostBlock
 
-__all__ = ["WordPressCreatePostBlock", "WordPressGetAllPostsBlock"]
+__all__ = ["WordPressCreatePostBlock"]

autogpt_platform/backend/backend/blocks/wordpress/_api.py

@@ -161,7 +161,7 @@ async def oauth_exchange_code_for_tokens(
         grant_type="authorization_code",
     ).model_dump(exclude_none=True)
 
-    response = await Requests(raise_for_status=False).post(
+    response = await Requests().post(
         f"{WORDPRESS_BASE_URL}oauth2/token",
         headers=headers,
         data=data,
@@ -205,7 +205,7 @@ async def oauth_refresh_tokens(
         grant_type="refresh_token",
     ).model_dump(exclude_none=True)
 
-    response = await Requests(raise_for_status=False).post(
+    response = await Requests().post(
         f"{WORDPRESS_BASE_URL}oauth2/token",
         headers=headers,
         data=data,
@@ -252,7 +252,7 @@ async def validate_token(
         "token": token,
     }
 
-    response = await Requests(raise_for_status=False).get(
+    response = await Requests().get(
         f"{WORDPRESS_BASE_URL}oauth2/token-info",
         params=params,
     )
@@ -296,7 +296,7 @@ async def make_api_request(
 
     url = f"{WORDPRESS_BASE_URL.rstrip('/')}{endpoint}"
 
-    request_method = getattr(Requests(raise_for_status=False), method.lower())
+    request_method = getattr(Requests(), method.lower())
     response = await request_method(
         url,
         headers=headers,
@@ -476,7 +476,6 @@ async def create_post(
         data["tags"] = ",".join(str(t) for t in data["tags"])
 
     # Make the API request
-    site = normalize_site(site)
     endpoint = f"/rest/v1.1/sites/{site}/posts/new"
 
     headers = {
@@ -484,7 +483,7 @@ async def create_post(
         "Content-Type": "application/x-www-form-urlencoded",
     }
 
-    response = await Requests(raise_for_status=False).post(
+    response = await Requests().post(
         f"{WORDPRESS_BASE_URL.rstrip('/')}{endpoint}",
         headers=headers,
         data=data,
@@ -500,132 +499,3 @@ async def create_post(
     )
     error_message = error_data.get("message", response.text)
     raise ValueError(f"Failed to create post: {response.status} - {error_message}")
-
-
-class Post(BaseModel):
-    """Response model for individual posts in a posts list response.
-
-    This is a simplified version compared to PostResponse, as the list endpoint
-    returns less detailed information than the create/get single post endpoints.
-    """
-
-    ID: int
-    site_ID: int
-    author: PostAuthor
-    date: datetime
-    modified: datetime
-    title: str
-    URL: str
-    short_URL: str
-    content: str | None = None
-    excerpt: str | None = None
-    slug: str
-    guid: str
-    status: str
-    sticky: bool
-    password: str | None = ""
-    parent: Union[Dict[str, Any], bool, None] = None
-    type: str
-    discussion: Dict[str, Union[str, bool, int]] | None = None
-    likes_enabled: bool | None = None
-    sharing_enabled: bool | None = None
-    like_count: int | None = None
-    i_like: bool | None = None
-    is_reblogged: bool | None = None
-    is_following: bool | None = None
-    global_ID: str | None = None
-    featured_image: str | None = None
-    post_thumbnail: Dict[str, Any] | None = None
-    format: str | None = None
-    geo: Union[Dict[str, Any], bool, None] = None
-    menu_order: int | None = None
-    page_template: str | None = None
-    publicize_URLs: List[str] | None = None
-    terms: Dict[str, Dict[str, Any]] | None = None
-    tags: Dict[str, Dict[str, Any]] | None = None
-    categories: Dict[str, Dict[str, Any]] | None = None
-    attachments: Dict[str, Dict[str, Any]] | None = None
-    attachment_count: int | None = None
-    metadata: List[Dict[str, Any]] | None = None
-    meta: Dict[str, Any] | None = None
-    capabilities: Dict[str, bool] | None = None
-    revisions: List[int] | None = None
-    other_URLs: Dict[str, Any] | None = None
-
-
-class PostsResponse(BaseModel):
-    """Response model for WordPress posts list."""
-
-    found: int
-    posts: List[Post]
-    meta: Dict[str, Any]
-
-
-def normalize_site(site: str) -> str:
-    """
-    Normalize a site identifier by stripping protocol and trailing slashes.
-
-    Args:
-        site: Site URL, domain, or ID (e.g., "https://myblog.wordpress.com/", "myblog.wordpress.com", "123456789")
-
-    Returns:
-        Normalized site identifier (domain or ID only)
-    """
-    site = site.strip()
-    if site.startswith("https://"):
-        site = site[8:]
-    elif site.startswith("http://"):
-        site = site[7:]
-    return site.rstrip("/")
-
-
-async def get_posts(
-    credentials: Credentials,
-    site: str,
-    status: PostStatus | None = None,
-    number: int = 100,
-    offset: int = 0,
-) -> PostsResponse:
-    """
-    Get posts from a WordPress site.
-
-    Args:
-        credentials: OAuth credentials
-        site: Site ID or domain (e.g., "myblog.wordpress.com" or "123456789")
-        status: Filter by post status using PostStatus enum, or None for all
-        number: Number of posts to retrieve (max 100)
-        offset: Number of posts to skip (for pagination)
-
-    Returns:
-        PostsResponse with the list of posts
-    """
-    site = normalize_site(site)
-    endpoint = f"/rest/v1.1/sites/{site}/posts"
-
-    headers = {
-        "Authorization": credentials.auth_header(),
-    }
-
-    params: Dict[str, Any] = {
-        "number": max(1, min(number, 100)),  # 1–100 posts per request
-        "offset": offset,
-    }
-
-    if status:
-        params["status"] = status.value
-    response = await Requests(raise_for_status=False).get(
-        f"{WORDPRESS_BASE_URL.rstrip('/')}{endpoint}",
-        headers=headers,
-        params=params,
-    )
-
-    if response.ok:
-        return PostsResponse.model_validate(response.json())
-
-    error_data = (
-        response.json()
-        if response.headers.get("content-type", "").startswith("application/json")
-        else {}
-    )
-    error_message = error_data.get("message", response.text)
-    raise ValueError(f"Failed to get posts: {response.status} - {error_message}")

autogpt_platform/backend/backend/blocks/wordpress/blog.py

@@ -9,15 +9,7 @@ from backend.sdk import (
     SchemaField,
 )
 
-from ._api import (
-    CreatePostRequest,
-    Post,
-    PostResponse,
-    PostsResponse,
-    PostStatus,
-    create_post,
-    get_posts,
-)
+from ._api import CreatePostRequest, PostResponse, PostStatus, create_post
 from ._config import wordpress
 
 
@@ -57,15 +49,8 @@ class WordPressCreatePostBlock(Block):
         media_urls: list[str] = SchemaField(
             description="URLs of images to sideload and attach to the post", default=[]
         )
-        publish_as_draft: bool = SchemaField(
-            description="If True, publishes the post as a draft. If False, publishes it publicly.",
-            default=False,
-        )
 
     class Output(BlockSchemaOutput):
-        site: str = SchemaField(
-            description="The site ID or domain (pass-through for chaining with other blocks)"
-        )
         post_id: int = SchemaField(description="The ID of the created post")
         post_url: str = SchemaField(description="The full URL of the created post")
         short_url: str = SchemaField(description="The shortened wp.me URL")
@@ -93,9 +78,7 @@ class WordPressCreatePostBlock(Block):
             tags=input_data.tags,
             featured_image=input_data.featured_image,
             media_urls=input_data.media_urls,
-            status=(
-                PostStatus.DRAFT if input_data.publish_as_draft else PostStatus.PUBLISH
-            ),
+            status=PostStatus.PUBLISH,
         )
 
         post_response: PostResponse = await create_post(
@@ -104,69 +87,7 @@ class WordPressCreatePostBlock(Block):
             post_data=post_request,
         )
 
-        yield "site", input_data.site
         yield "post_id", post_response.ID
         yield "post_url", post_response.URL
         yield "short_url", post_response.short_URL
         yield "post_data", post_response.model_dump()
-
-
-class WordPressGetAllPostsBlock(Block):
-    """
-    Fetches all posts from a WordPress.com site or Jetpack-enabled site.
-    Supports filtering by status and pagination.
-    """
-
-    class Input(BlockSchemaInput):
-        credentials: CredentialsMetaInput = wordpress.credentials_field()
-        site: str = SchemaField(
-            description="Site ID or domain (e.g., 'myblog.wordpress.com' or '123456789')"
-        )
-        status: PostStatus | None = SchemaField(
-            description="Filter by post status, or None for all",
-            default=None,
-        )
-        number: int = SchemaField(
-            description="Number of posts to retrieve (max 100 per request)", default=20
-        )
-        offset: int = SchemaField(
-            description="Number of posts to skip (for pagination)", default=0
-        )
-
-    class Output(BlockSchemaOutput):
-        site: str = SchemaField(
-            description="The site ID or domain (pass-through for chaining with other blocks)"
-        )
-        found: int = SchemaField(description="Total number of posts found")
-        posts: list[Post] = SchemaField(
-            description="List of post objects with their details"
-        )
-        post: Post = SchemaField(
-            description="Individual post object (yielded for each post)"
-        )
-
-    def __init__(self):
-        super().__init__(
-            id="97728fa7-7f6f-4789-ba0c-f2c114119536",
-            description="Fetch all posts from WordPress.com or Jetpack sites",
-            categories={BlockCategory.SOCIAL},
-            input_schema=self.Input,
-            output_schema=self.Output,
-        )
-
-    async def run(
-        self, input_data: Input, *, credentials: Credentials, **kwargs
-    ) -> BlockOutput:
-        posts_response: PostsResponse = await get_posts(
-            credentials=credentials,
-            site=input_data.site,
-            status=input_data.status,
-            number=input_data.number,
-            offset=input_data.offset,
-        )
-
-        yield "site", input_data.site
-        yield "found", posts_response.found
-        yield "posts", posts_response.posts
-        for post in posts_response.posts:
-            yield "post", post

autogpt_platform/backend/backend/blocks/xml_parser.py

@@ -1,5 +1,5 @@
 from gravitasml.parser import Parser
-from gravitasml.token import Token, tokenize
+from gravitasml.token import tokenize
 
 from backend.data.block import Block, BlockOutput, BlockSchemaInput, BlockSchemaOutput
 from backend.data.model import SchemaField
@@ -25,38 +25,6 @@ class XMLParserBlock(Block):
             ],
         )
 
-    @staticmethod
-    def _validate_tokens(tokens: list[Token]) -> None:
-        """Ensure the XML has a single root element and no stray text."""
-        if not tokens:
-            raise ValueError("XML input is empty.")
-
-        depth = 0
-        root_seen = False
-
-        for token in tokens:
-            if token.type == "TAG_OPEN":
-                if depth == 0 and root_seen:
-                    raise ValueError("XML must have a single root element.")
-                depth += 1
-                if depth == 1:
-                    root_seen = True
-            elif token.type == "TAG_CLOSE":
-                depth -= 1
-                if depth < 0:
-                    raise SyntaxError("Unexpected closing tag in XML input.")
-            elif token.type in {"TEXT", "ESCAPE"}:
-                if depth == 0 and token.value:
-                    raise ValueError(
-                        "XML contains text outside the root element; "
-                        "wrap content in a single root tag."
-                    )
-
-        if depth != 0:
-            raise SyntaxError("Unclosed tag detected in XML input.")
-        if not root_seen:
-            raise ValueError("XML must include a root element.")
-
     async def run(self, input_data: Input, **kwargs) -> BlockOutput:
         # Security fix: Add size limits to prevent XML bomb attacks
         MAX_XML_SIZE = 10 * 1024 * 1024  # 10MB limit for XML input
@@ -67,9 +35,7 @@ class XMLParserBlock(Block):
             )
 
         try:
-            tokens = list(tokenize(input_data.input_xml))
-            self._validate_tokens(tokens)
-
+            tokens = tokenize(input_data.input_xml)
             parser = Parser(tokens)
             parsed_result = parser.parse()
             yield "parsed_xml", parsed_result

autogpt_platform/backend/backend/blocks/youtube.py

@@ -111,8 +111,6 @@ class TranscribeYoutubeVideoBlock(Block):
                 return parsed_url.path.split("/")[2]
             if parsed_url.path[:3] == "/v/":
                 return parsed_url.path.split("/")[2]
-            if parsed_url.path.startswith("/shorts/"):
-                return parsed_url.path.split("/")[2]
         raise ValueError(f"Invalid YouTube URL: {url}")
 
     def get_transcript(

autogpt_platform/backend/backend/cli.py

@@ -244,7 +244,11 @@ def websocket(server_address: str, graph_exec_id: str):
 
     import websockets.asyncio.client
 
-    from backend.api.ws_api import WSMessage, WSMethod, WSSubscribeGraphExecutionRequest
+    from backend.server.ws_api import (
+        WSMessage,
+        WSMethod,
+        WSSubscribeGraphExecutionRequest,
+    )
 
     async def send_message(server_address: str):
         uri = f"ws://{server_address}"

autogpt_platform/backend/backend/cli/__init__.py

@@ -1 +0,0 @@
-"""CLI utilities for backend development & administration"""

autogpt_platform/backend/backend/cli/generate_openapi_json.py

@@ -1,57 +0,0 @@
-#!/usr/bin/env python3
-"""
-Script to generate OpenAPI JSON specification for the FastAPI app.
-
-This script imports the FastAPI app from backend.api.rest_api and outputs
-the OpenAPI specification as JSON to stdout or a specified file.
-
-Usage:
-  `poetry run python generate_openapi_json.py`
-  `poetry run python generate_openapi_json.py --output openapi.json`
-  `poetry run python generate_openapi_json.py --indent 4 --output openapi.json`
-"""
-
-import json
-import os
-from pathlib import Path
-
-import click
-
-
-@click.command()
-@click.option(
-    "--output",
-    type=click.Path(dir_okay=False, path_type=Path),
-    help="Output file path (default: stdout)",
-)
-@click.option(
-    "--pretty",
-    type=click.BOOL,
-    default=False,
-    help="Pretty-print JSON output (indented 2 spaces)",
-)
-def main(output: Path, pretty: bool):
-    """Generate and output the OpenAPI JSON specification."""
-    openapi_schema = get_openapi_schema()
-
-    json_output = json.dumps(openapi_schema, indent=2 if pretty else None)
-
-    if output:
-        output.write_text(json_output)
-        click.echo(f"✅ OpenAPI specification written to {output}\n\nPreview:")
-        click.echo(f"\n{json_output[:500]} ...")
-    else:
-        print(json_output)
-
-
-def get_openapi_schema():
-    """Get the OpenAPI schema from the FastAPI app"""
-    from backend.api.rest_api import app
-
-    return app.openapi()
-
-
-if __name__ == "__main__":
-    os.environ["LOG_LEVEL"] = "ERROR"  # disable stdout log output
-
-    main()

autogpt_platform/backend/backend/data/__init__.py

@@ -1,4 +1,4 @@
-from backend.api.features.library.model import LibraryAgentPreset
+from backend.server.v2.library.model import LibraryAgentPreset
 
 from .graph import NodeModel
 from .integrations import Webhook  # noqa: F401

autogpt_platform/backend/backend/data/api_key.py

@@ -1,24 +1,22 @@
 import logging
 import uuid
 from datetime import datetime, timezone
-from typing import Literal, Optional
+from typing import Optional
 
 from autogpt_libs.api_key.keysmith import APIKeySmith
 from prisma.enums import APIKeyPermission, APIKeyStatus
 from prisma.models import APIKey as PrismaAPIKey
-from prisma.types import APIKeyWhereUniqueInput
-from pydantic import Field
+from prisma.types import APIKeyCreateInput, APIKeyWhereUniqueInput
+from pydantic import BaseModel, Field
 
 from backend.data.includes import MAX_USER_API_KEYS_FETCH
 from backend.util.exceptions import NotAuthorizedError, NotFoundError
 
-from .base import APIAuthorizationInfo
-
 logger = logging.getLogger(__name__)
 keysmith = APIKeySmith()
 
 
-class APIKeyInfo(APIAuthorizationInfo):
+class APIKeyInfo(BaseModel):
     id: str
     name: str
     head: str = Field(
@@ -28,9 +26,12 @@ class APIKeyInfo(APIAuthorizationInfo):
         description=f"The last {APIKeySmith.TAIL_LENGTH} characters of the key"
     )
     status: APIKeyStatus
+    permissions: list[APIKeyPermission]
+    created_at: datetime
+    last_used_at: Optional[datetime] = None
+    revoked_at: Optional[datetime] = None
     description: Optional[str] = None
-
-    type: Literal["api_key"] = "api_key"  # type: ignore
+    user_id: str
 
     @staticmethod
     def from_db(api_key: PrismaAPIKey):
@@ -40,7 +41,7 @@ class APIKeyInfo(APIAuthorizationInfo):
             head=api_key.head,
             tail=api_key.tail,
             status=APIKeyStatus(api_key.status),
-            scopes=[APIKeyPermission(p) for p in api_key.permissions],
+            permissions=[APIKeyPermission(p) for p in api_key.permissions],
             created_at=api_key.createdAt,
             last_used_at=api_key.lastUsedAt,
             revoked_at=api_key.revokedAt,
@@ -82,17 +83,17 @@ async def create_api_key(
     generated_key = keysmith.generate_key()
 
     saved_key_obj = await PrismaAPIKey.prisma().create(
-        data={
-            "id": str(uuid.uuid4()),
-            "name": name,
-            "head": generated_key.head,
-            "tail": generated_key.tail,
-            "hash": generated_key.hash,
-            "salt": generated_key.salt,
-            "permissions": [p for p in permissions],
-            "description": description,
-            "userId": user_id,
-        }
+        data=APIKeyCreateInput(
+            id=str(uuid.uuid4()),
+            name=name,
+            head=generated_key.head,
+            tail=generated_key.tail,
+            hash=generated_key.hash,
+            salt=generated_key.salt,
+            permissions=permissions,
+            description=description,
+            userId=user_id,
+        )
     )
 
     return APIKeyInfo.from_db(saved_key_obj), generated_key.key
@@ -210,7 +211,7 @@ async def suspend_api_key(key_id: str, user_id: str) -> APIKeyInfo:
 
 
 def has_permission(api_key: APIKeyInfo, required_permission: APIKeyPermission) -> bool:
-    return required_permission in api_key.scopes
+    return required_permission in api_key.permissions
 
 
 async def get_api_key_by_id(key_id: str, user_id: str) -> Optional[APIKeyInfo]:

autogpt_platform/backend/backend/data/auth/base.py

@@ -1,15 +0,0 @@
-from datetime import datetime
-from typing import Literal, Optional
-
-from prisma.enums import APIKeyPermission
-from pydantic import BaseModel
-
-
-class APIAuthorizationInfo(BaseModel):
-    user_id: str
-    scopes: list[APIKeyPermission]
-    type: Literal["oauth", "api_key"]
-    created_at: datetime
-    expires_at: Optional[datetime] = None
-    last_used_at: Optional[datetime] = None
-    revoked_at: Optional[datetime] = None

autogpt_platform/backend/backend/data/auth/oauth.py

@@ -1,872 +0,0 @@
-"""
-OAuth 2.0 Provider Data Layer
-
-Handles management of OAuth applications, authorization codes,
-access tokens, and refresh tokens.
-
-Hashing strategy:
-- Access tokens & Refresh tokens: SHA256 (deterministic, allows direct lookup by hash)
-- Client secrets: Scrypt with salt (lookup by client_id, then verify with salt)
-"""
-
-import hashlib
-import logging
-import secrets
-import uuid
-from datetime import datetime, timedelta, timezone
-from typing import Literal, Optional
-
-from autogpt_libs.api_key.keysmith import APIKeySmith
-from prisma.enums import APIKeyPermission as APIPermission
-from prisma.models import OAuthAccessToken as PrismaOAuthAccessToken
-from prisma.models import OAuthApplication as PrismaOAuthApplication
-from prisma.models import OAuthAuthorizationCode as PrismaOAuthAuthorizationCode
-from prisma.models import OAuthRefreshToken as PrismaOAuthRefreshToken
-from prisma.types import OAuthApplicationUpdateInput
-from pydantic import BaseModel, Field, SecretStr
-
-from .base import APIAuthorizationInfo
-
-logger = logging.getLogger(__name__)
-keysmith = APIKeySmith()  # Only used for client secret hashing (Scrypt)
-
-
-def _generate_token() -> str:
-    """Generate a cryptographically secure random token."""
-    return secrets.token_urlsafe(32)
-
-
-def _hash_token(token: str) -> str:
-    """Hash a token using SHA256 (deterministic, for direct lookup)."""
-    return hashlib.sha256(token.encode()).hexdigest()
-
-
-# Token TTLs
-AUTHORIZATION_CODE_TTL = timedelta(minutes=10)
-ACCESS_TOKEN_TTL = timedelta(hours=1)
-REFRESH_TOKEN_TTL = timedelta(days=30)
-
-ACCESS_TOKEN_PREFIX = "agpt_xt_"
-REFRESH_TOKEN_PREFIX = "agpt_rt_"
-
-
-# ============================================================================
-# Exception Classes
-# ============================================================================
-
-
-class OAuthError(Exception):
-    """Base OAuth error"""
-
-    pass
-
-
-class InvalidClientError(OAuthError):
-    """Invalid client_id or client_secret"""
-
-    pass
-
-
-class InvalidGrantError(OAuthError):
-    """Invalid or expired authorization code/refresh token"""
-
-    def __init__(self, reason: str):
-        self.reason = reason
-        super().__init__(f"Invalid grant: {reason}")
-
-
-class InvalidTokenError(OAuthError):
-    """Invalid, expired, or revoked token"""
-
-    def __init__(self, reason: str):
-        self.reason = reason
-        super().__init__(f"Invalid token: {reason}")
-
-
-# ============================================================================
-# Data Models
-# ============================================================================
-
-
-class OAuthApplicationInfo(BaseModel):
-    """OAuth application information (without client secret hash)"""
-
-    id: str
-    name: str
-    description: Optional[str] = None
-    logo_url: Optional[str] = None
-    client_id: str
-    redirect_uris: list[str]
-    grant_types: list[str]
-    scopes: list[APIPermission]
-    owner_id: str
-    is_active: bool
-    created_at: datetime
-    updated_at: datetime
-
-    @staticmethod
-    def from_db(app: PrismaOAuthApplication):
-        return OAuthApplicationInfo(
-            id=app.id,
-            name=app.name,
-            description=app.description,
-            logo_url=app.logoUrl,
-            client_id=app.clientId,
-            redirect_uris=app.redirectUris,
-            grant_types=app.grantTypes,
-            scopes=[APIPermission(s) for s in app.scopes],
-            owner_id=app.ownerId,
-            is_active=app.isActive,
-            created_at=app.createdAt,
-            updated_at=app.updatedAt,
-        )
-
-
-class OAuthApplicationInfoWithSecret(OAuthApplicationInfo):
-    """OAuth application with client secret hash (for validation)"""
-
-    client_secret_hash: str
-    client_secret_salt: str
-
-    @staticmethod
-    def from_db(app: PrismaOAuthApplication):
-        return OAuthApplicationInfoWithSecret(
-            **OAuthApplicationInfo.from_db(app).model_dump(),
-            client_secret_hash=app.clientSecret,
-            client_secret_salt=app.clientSecretSalt,
-        )
-
-    def verify_secret(self, plaintext_secret: str) -> bool:
-        """Verify a plaintext client secret against the stored hash"""
-        # Use keysmith.verify_key() with stored salt
-        return keysmith.verify_key(
-            plaintext_secret, self.client_secret_hash, self.client_secret_salt
-        )
-
-
-class OAuthAuthorizationCodeInfo(BaseModel):
-    """Authorization code information"""
-
-    id: str
-    code: str
-    created_at: datetime
-    expires_at: datetime
-    application_id: str
-    user_id: str
-    scopes: list[APIPermission]
-    redirect_uri: str
-    code_challenge: Optional[str] = None
-    code_challenge_method: Optional[str] = None
-    used_at: Optional[datetime] = None
-
-    @property
-    def is_used(self) -> bool:
-        return self.used_at is not None
-
-    @staticmethod
-    def from_db(code: PrismaOAuthAuthorizationCode):
-        return OAuthAuthorizationCodeInfo(
-            id=code.id,
-            code=code.code,
-            created_at=code.createdAt,
-            expires_at=code.expiresAt,
-            application_id=code.applicationId,
-            user_id=code.userId,
-            scopes=[APIPermission(s) for s in code.scopes],
-            redirect_uri=code.redirectUri,
-            code_challenge=code.codeChallenge,
-            code_challenge_method=code.codeChallengeMethod,
-            used_at=code.usedAt,
-        )
-
-
-class OAuthAccessTokenInfo(APIAuthorizationInfo):
-    """Access token information"""
-
-    id: str
-    expires_at: datetime  # type: ignore
-    application_id: str
-
-    type: Literal["oauth"] = "oauth"  # type: ignore
-
-    @staticmethod
-    def from_db(token: PrismaOAuthAccessToken):
-        return OAuthAccessTokenInfo(
-            id=token.id,
-            user_id=token.userId,
-            scopes=[APIPermission(s) for s in token.scopes],
-            created_at=token.createdAt,
-            expires_at=token.expiresAt,
-            last_used_at=None,
-            revoked_at=token.revokedAt,
-            application_id=token.applicationId,
-        )
-
-
-class OAuthAccessToken(OAuthAccessTokenInfo):
-    """Access token with plaintext token included (sensitive)"""
-
-    token: SecretStr = Field(description="Plaintext token (sensitive)")
-
-    @staticmethod
-    def from_db(token: PrismaOAuthAccessToken, plaintext_token: str):  # type: ignore
-        return OAuthAccessToken(
-            **OAuthAccessTokenInfo.from_db(token).model_dump(),
-            token=SecretStr(plaintext_token),
-        )
-
-
-class OAuthRefreshTokenInfo(BaseModel):
-    """Refresh token information"""
-
-    id: str
-    user_id: str
-    scopes: list[APIPermission]
-    created_at: datetime
-    expires_at: datetime
-    application_id: str
-    revoked_at: Optional[datetime] = None
-
-    @property
-    def is_revoked(self) -> bool:
-        return self.revoked_at is not None
-
-    @staticmethod
-    def from_db(token: PrismaOAuthRefreshToken):
-        return OAuthRefreshTokenInfo(
-            id=token.id,
-            user_id=token.userId,
-            scopes=[APIPermission(s) for s in token.scopes],
-            created_at=token.createdAt,
-            expires_at=token.expiresAt,
-            application_id=token.applicationId,
-            revoked_at=token.revokedAt,
-        )
-
-
-class OAuthRefreshToken(OAuthRefreshTokenInfo):
-    """Refresh token with plaintext token included (sensitive)"""
-
-    token: SecretStr = Field(description="Plaintext token (sensitive)")
-
-    @staticmethod
-    def from_db(token: PrismaOAuthRefreshToken, plaintext_token: str):  # type: ignore
-        return OAuthRefreshToken(
-            **OAuthRefreshTokenInfo.from_db(token).model_dump(),
-            token=SecretStr(plaintext_token),
-        )
-
-
-class TokenIntrospectionResult(BaseModel):
-    """Result of token introspection (RFC 7662)"""
-
-    active: bool
-    scopes: Optional[list[str]] = None
-    client_id: Optional[str] = None
-    user_id: Optional[str] = None
-    exp: Optional[int] = None  # Unix timestamp
-    token_type: Optional[Literal["access_token", "refresh_token"]] = None
-
-
-# ============================================================================
-# OAuth Application Management
-# ============================================================================
-
-
-async def get_oauth_application(client_id: str) -> Optional[OAuthApplicationInfo]:
-    """Get OAuth application by client ID (without secret)"""
-    app = await PrismaOAuthApplication.prisma().find_unique(
-        where={"clientId": client_id}
-    )
-    if not app:
-        return None
-    return OAuthApplicationInfo.from_db(app)
-
-
-async def get_oauth_application_with_secret(
-    client_id: str,
-) -> Optional[OAuthApplicationInfoWithSecret]:
-    """Get OAuth application by client ID (with secret hash for validation)"""
-    app = await PrismaOAuthApplication.prisma().find_unique(
-        where={"clientId": client_id}
-    )
-    if not app:
-        return None
-    return OAuthApplicationInfoWithSecret.from_db(app)
-
-
-async def validate_client_credentials(
-    client_id: str, client_secret: str
-) -> OAuthApplicationInfo:
-    """
-    Validate client credentials and return application info.
-
-    Raises:
-        InvalidClientError: If client_id or client_secret is invalid, or app is inactive
-    """
-    app = await get_oauth_application_with_secret(client_id)
-    if not app:
-        raise InvalidClientError("Invalid client_id")
-
-    if not app.is_active:
-        raise InvalidClientError("Application is not active")
-
-    # Verify client secret
-    if not app.verify_secret(client_secret):
-        raise InvalidClientError("Invalid client_secret")
-
-    # Return without secret hash
-    return OAuthApplicationInfo(**app.model_dump(exclude={"client_secret_hash"}))
-
-
-def validate_redirect_uri(app: OAuthApplicationInfo, redirect_uri: str) -> bool:
-    """Validate that redirect URI is registered for the application"""
-    return redirect_uri in app.redirect_uris
-
-
-def validate_scopes(
-    app: OAuthApplicationInfo, requested_scopes: list[APIPermission]
-) -> bool:
-    """Validate that all requested scopes are allowed for the application"""
-    return all(scope in app.scopes for scope in requested_scopes)
-
-
-# ============================================================================
-# Authorization Code Flow
-# ============================================================================
-
-
-def _generate_authorization_code() -> str:
-    """Generate a cryptographically secure authorization code"""
-    # 32 bytes = 256 bits of entropy
-    return secrets.token_urlsafe(32)
-
-
-async def create_authorization_code(
-    application_id: str,
-    user_id: str,
-    scopes: list[APIPermission],
-    redirect_uri: str,
-    code_challenge: Optional[str] = None,
-    code_challenge_method: Optional[Literal["S256", "plain"]] = None,
-) -> OAuthAuthorizationCodeInfo:
-    """
-    Create a new authorization code.
-    Expires in 10 minutes and can only be used once.
-    """
-    code = _generate_authorization_code()
-    now = datetime.now(timezone.utc)
-    expires_at = now + AUTHORIZATION_CODE_TTL
-
-    saved_code = await PrismaOAuthAuthorizationCode.prisma().create(
-        data={
-            "id": str(uuid.uuid4()),
-            "code": code,
-            "expiresAt": expires_at,
-            "applicationId": application_id,
-            "userId": user_id,
-            "scopes": [s for s in scopes],
-            "redirectUri": redirect_uri,
-            "codeChallenge": code_challenge,
-            "codeChallengeMethod": code_challenge_method,
-        }
-    )
-
-    return OAuthAuthorizationCodeInfo.from_db(saved_code)
-
-
-async def consume_authorization_code(
-    code: str,
-    application_id: str,
-    redirect_uri: str,
-    code_verifier: Optional[str] = None,
-) -> tuple[str, list[APIPermission]]:
-    """
-    Consume an authorization code and return (user_id, scopes).
-
-    This marks the code as used and validates:
-    - Code exists and matches application
-    - Code is not expired
-    - Code has not been used
-    - Redirect URI matches
-    - PKCE code verifier matches (if code challenge was provided)
-
-    Raises:
-        InvalidGrantError: If code is invalid, expired, used, or PKCE fails
-    """
-    auth_code = await PrismaOAuthAuthorizationCode.prisma().find_unique(
-        where={"code": code}
-    )
-
-    if not auth_code:
-        raise InvalidGrantError("authorization code not found")
-
-    # Validate application
-    if auth_code.applicationId != application_id:
-        raise InvalidGrantError(
-            "authorization code does not belong to this application"
-        )
-
-    # Check if already used
-    if auth_code.usedAt is not None:
-        raise InvalidGrantError(
-            f"authorization code already used at {auth_code.usedAt}"
-        )
-
-    # Check expiration
-    now = datetime.now(timezone.utc)
-    if auth_code.expiresAt < now:
-        raise InvalidGrantError("authorization code expired")
-
-    # Validate redirect URI
-    if auth_code.redirectUri != redirect_uri:
-        raise InvalidGrantError("redirect_uri mismatch")
-
-    # Validate PKCE if code challenge was provided
-    if auth_code.codeChallenge:
-        if not code_verifier:
-            raise InvalidGrantError("code_verifier required but not provided")
-
-        if not _verify_pkce(
-            code_verifier, auth_code.codeChallenge, auth_code.codeChallengeMethod
-        ):
-            raise InvalidGrantError("PKCE verification failed")
-
-    # Mark code as used
-    await PrismaOAuthAuthorizationCode.prisma().update(
-        where={"code": code},
-        data={"usedAt": now},
-    )
-
-    return auth_code.userId, [APIPermission(s) for s in auth_code.scopes]
-
-
-def _verify_pkce(
-    code_verifier: str, code_challenge: str, code_challenge_method: Optional[str]
-) -> bool:
-    """
-    Verify PKCE code verifier against code challenge.
-
-    Supports:
-    - S256: SHA256(code_verifier) == code_challenge
-    - plain: code_verifier == code_challenge
-    """
-    if code_challenge_method == "S256":
-        # Hash the verifier with SHA256 and base64url encode
-        hashed = hashlib.sha256(code_verifier.encode("ascii")).digest()
-        computed_challenge = (
-            secrets.token_urlsafe(len(hashed)).encode("ascii").decode("ascii")
-        )
-        # For proper base64url encoding
-        import base64
-
-        computed_challenge = (
-            base64.urlsafe_b64encode(hashed).decode("ascii").rstrip("=")
-        )
-        return secrets.compare_digest(computed_challenge, code_challenge)
-    elif code_challenge_method == "plain" or code_challenge_method is None:
-        # Plain comparison
-        return secrets.compare_digest(code_verifier, code_challenge)
-    else:
-        logger.warning(f"Unsupported code challenge method: {code_challenge_method}")
-        return False
-
-
-# ============================================================================
-# Access Token Management
-# ============================================================================
-
-
-async def create_access_token(
-    application_id: str, user_id: str, scopes: list[APIPermission]
-) -> OAuthAccessToken:
-    """
-    Create a new access token.
-    Returns OAuthAccessToken (with plaintext token).
-    """
-    plaintext_token = ACCESS_TOKEN_PREFIX + _generate_token()
-    token_hash = _hash_token(plaintext_token)
-    now = datetime.now(timezone.utc)
-    expires_at = now + ACCESS_TOKEN_TTL
-
-    saved_token = await PrismaOAuthAccessToken.prisma().create(
-        data={
-            "id": str(uuid.uuid4()),
-            "token": token_hash,  # SHA256 hash for direct lookup
-            "expiresAt": expires_at,
-            "applicationId": application_id,
-            "userId": user_id,
-            "scopes": [s for s in scopes],
-        }
-    )
-
-    return OAuthAccessToken.from_db(saved_token, plaintext_token=plaintext_token)
-
-
-async def validate_access_token(
-    token: str,
-) -> tuple[OAuthAccessTokenInfo, OAuthApplicationInfo]:
-    """
-    Validate an access token and return token info.
-
-    Raises:
-        InvalidTokenError: If token is invalid, expired, or revoked
-        InvalidClientError: If the client application is not marked as active
-    """
-    token_hash = _hash_token(token)
-
-    # Direct lookup by hash
-    access_token = await PrismaOAuthAccessToken.prisma().find_unique(
-        where={"token": token_hash}, include={"Application": True}
-    )
-
-    if not access_token:
-        raise InvalidTokenError("access token not found")
-
-    if not access_token.Application:  # should be impossible
-        raise InvalidClientError("Client application not found")
-
-    if not access_token.Application.isActive:
-        raise InvalidClientError("Client application is disabled")
-
-    if access_token.revokedAt is not None:
-        raise InvalidTokenError("access token has been revoked")
-
-    # Check expiration
-    now = datetime.now(timezone.utc)
-    if access_token.expiresAt < now:
-        raise InvalidTokenError("access token expired")
-
-    return (
-        OAuthAccessTokenInfo.from_db(access_token),
-        OAuthApplicationInfo.from_db(access_token.Application),
-    )
-
-
-async def revoke_access_token(
-    token: str, application_id: str
-) -> OAuthAccessTokenInfo | None:
-    """
-    Revoke an access token.
-
-    Args:
-        token: The plaintext access token to revoke
-        application_id: The application ID making the revocation request.
-            Only tokens belonging to this application will be revoked.
-
-    Returns:
-        OAuthAccessTokenInfo if token was found and revoked, None otherwise.
-
-    Note:
-        Always performs exactly 2 DB queries regardless of outcome to prevent
-        timing side-channel attacks that could reveal token existence.
-    """
-    try:
-        token_hash = _hash_token(token)
-
-        # Use update_many to filter by both token and applicationId
-        updated_count = await PrismaOAuthAccessToken.prisma().update_many(
-            where={
-                "token": token_hash,
-                "applicationId": application_id,
-                "revokedAt": None,
-            },
-            data={"revokedAt": datetime.now(timezone.utc)},
-        )
-
-        # Always perform second query to ensure constant time
-        result = await PrismaOAuthAccessToken.prisma().find_unique(
-            where={"token": token_hash}
-        )
-
-        # Only return result if we actually revoked something
-        if updated_count == 0:
-            return None
-
-        return OAuthAccessTokenInfo.from_db(result) if result else None
-    except Exception as e:
-        logger.exception(f"Error revoking access token: {e}")
-        return None
-
-
-# ============================================================================
-# Refresh Token Management
-# ============================================================================
-
-
-async def create_refresh_token(
-    application_id: str, user_id: str, scopes: list[APIPermission]
-) -> OAuthRefreshToken:
-    """
-    Create a new refresh token.
-    Returns OAuthRefreshToken (with plaintext token).
-    """
-    plaintext_token = REFRESH_TOKEN_PREFIX + _generate_token()
-    token_hash = _hash_token(plaintext_token)
-    now = datetime.now(timezone.utc)
-    expires_at = now + REFRESH_TOKEN_TTL
-
-    saved_token = await PrismaOAuthRefreshToken.prisma().create(
-        data={
-            "id": str(uuid.uuid4()),
-            "token": token_hash,  # SHA256 hash for direct lookup
-            "expiresAt": expires_at,
-            "applicationId": application_id,
-            "userId": user_id,
-            "scopes": [s for s in scopes],
-        }
-    )
-
-    return OAuthRefreshToken.from_db(saved_token, plaintext_token=plaintext_token)
-
-
-async def refresh_tokens(
-    refresh_token: str, application_id: str
-) -> tuple[OAuthAccessToken, OAuthRefreshToken]:
-    """
-    Use a refresh token to create new access and refresh tokens.
-    Returns (new_access_token, new_refresh_token) both with plaintext tokens included.
-
-    Raises:
-        InvalidGrantError: If refresh token is invalid, expired, or revoked
-    """
-    token_hash = _hash_token(refresh_token)
-
-    # Direct lookup by hash
-    rt = await PrismaOAuthRefreshToken.prisma().find_unique(where={"token": token_hash})
-
-    if not rt:
-        raise InvalidGrantError("refresh token not found")
-
-    # NOTE: no need to check Application.isActive, this is checked by the token endpoint
-
-    if rt.revokedAt is not None:
-        raise InvalidGrantError("refresh token has been revoked")
-
-    # Validate application
-    if rt.applicationId != application_id:
-        raise InvalidGrantError("refresh token does not belong to this application")
-
-    # Check expiration
-    now = datetime.now(timezone.utc)
-    if rt.expiresAt < now:
-        raise InvalidGrantError("refresh token expired")
-
-    # Revoke old refresh token
-    await PrismaOAuthRefreshToken.prisma().update(
-        where={"token": token_hash},
-        data={"revokedAt": now},
-    )
-
-    # Create new access and refresh tokens with same scopes
-    scopes = [APIPermission(s) for s in rt.scopes]
-    new_access_token = await create_access_token(
-        rt.applicationId,
-        rt.userId,
-        scopes,
-    )
-    new_refresh_token = await create_refresh_token(
-        rt.applicationId,
-        rt.userId,
-        scopes,
-    )
-
-    return new_access_token, new_refresh_token
-
-
-async def revoke_refresh_token(
-    token: str, application_id: str
-) -> OAuthRefreshTokenInfo | None:
-    """
-    Revoke a refresh token.
-
-    Args:
-        token: The plaintext refresh token to revoke
-        application_id: The application ID making the revocation request.
-            Only tokens belonging to this application will be revoked.
-
-    Returns:
-        OAuthRefreshTokenInfo if token was found and revoked, None otherwise.
-
-    Note:
-        Always performs exactly 2 DB queries regardless of outcome to prevent
-        timing side-channel attacks that could reveal token existence.
-    """
-    try:
-        token_hash = _hash_token(token)
-
-        # Use update_many to filter by both token and applicationId
-        updated_count = await PrismaOAuthRefreshToken.prisma().update_many(
-            where={
-                "token": token_hash,
-                "applicationId": application_id,
-                "revokedAt": None,
-            },
-            data={"revokedAt": datetime.now(timezone.utc)},
-        )
-
-        # Always perform second query to ensure constant time
-        result = await PrismaOAuthRefreshToken.prisma().find_unique(
-            where={"token": token_hash}
-        )
-
-        # Only return result if we actually revoked something
-        if updated_count == 0:
-            return None
-
-        return OAuthRefreshTokenInfo.from_db(result) if result else None
-    except Exception as e:
-        logger.exception(f"Error revoking refresh token: {e}")
-        return None
-
-
-# ============================================================================
-# Token Introspection
-# ============================================================================
-
-
-async def introspect_token(
-    token: str,
-    token_type_hint: Optional[Literal["access_token", "refresh_token"]] = None,
-) -> TokenIntrospectionResult:
-    """
-    Introspect a token and return its metadata (RFC 7662).
-
-    Returns TokenIntrospectionResult with active=True and metadata if valid,
-    or active=False if the token is invalid/expired/revoked.
-    """
-    # Try as access token first (or if hint says "access_token")
-    if token_type_hint != "refresh_token":
-        try:
-            token_info, app = await validate_access_token(token)
-            return TokenIntrospectionResult(
-                active=True,
-                scopes=list(s.value for s in token_info.scopes),
-                client_id=app.client_id if app else None,
-                user_id=token_info.user_id,
-                exp=int(token_info.expires_at.timestamp()),
-                token_type="access_token",
-            )
-        except InvalidTokenError:
-            pass  # Try as refresh token
-
-    # Try as refresh token
-    token_hash = _hash_token(token)
-    refresh_token = await PrismaOAuthRefreshToken.prisma().find_unique(
-        where={"token": token_hash}
-    )
-
-    if refresh_token and refresh_token.revokedAt is None:
-        # Check if valid (not expired)
-        now = datetime.now(timezone.utc)
-        if refresh_token.expiresAt > now:
-            app = await get_oauth_application_by_id(refresh_token.applicationId)
-            return TokenIntrospectionResult(
-                active=True,
-                scopes=list(s for s in refresh_token.scopes),
-                client_id=app.client_id if app else None,
-                user_id=refresh_token.userId,
-                exp=int(refresh_token.expiresAt.timestamp()),
-                token_type="refresh_token",
-            )
-
-    # Token not found or inactive
-    return TokenIntrospectionResult(active=False)
-
-
-async def get_oauth_application_by_id(app_id: str) -> Optional[OAuthApplicationInfo]:
-    """Get OAuth application by ID"""
-    app = await PrismaOAuthApplication.prisma().find_unique(where={"id": app_id})
-    if not app:
-        return None
-    return OAuthApplicationInfo.from_db(app)
-
-
-async def list_user_oauth_applications(user_id: str) -> list[OAuthApplicationInfo]:
-    """Get all OAuth applications owned by a user"""
-    apps = await PrismaOAuthApplication.prisma().find_many(
-        where={"ownerId": user_id},
-        order={"createdAt": "desc"},
-    )
-    return [OAuthApplicationInfo.from_db(app) for app in apps]
-
-
-async def update_oauth_application(
-    app_id: str,
-    *,
-    owner_id: str,
-    is_active: Optional[bool] = None,
-    logo_url: Optional[str] = None,
-) -> Optional[OAuthApplicationInfo]:
-    """
-    Update OAuth application active status.
-    Only the owner can update their app's status.
-
-    Returns the updated app info, or None if app not found or not owned by user.
-    """
-    # First verify ownership
-    app = await PrismaOAuthApplication.prisma().find_first(
-        where={"id": app_id, "ownerId": owner_id}
-    )
-    if not app:
-        return None
-
-    patch: OAuthApplicationUpdateInput = {}
-    if is_active is not None:
-        patch["isActive"] = is_active
-    if logo_url:
-        patch["logoUrl"] = logo_url
-    if not patch:
-        return OAuthApplicationInfo.from_db(app)  # return unchanged
-
-    updated_app = await PrismaOAuthApplication.prisma().update(
-        where={"id": app_id},
-        data=patch,
-    )
-    return OAuthApplicationInfo.from_db(updated_app) if updated_app else None
-
-
-# ============================================================================
-# Token Cleanup
-# ============================================================================
-
-
-async def cleanup_expired_oauth_tokens() -> dict[str, int]:
-    """
-    Delete expired OAuth tokens from the database.
-
-    This removes:
-    - Expired authorization codes (10 min TTL)
-    - Expired access tokens (1 hour TTL)
-    - Expired refresh tokens (30 day TTL)
-
-    Returns a dict with counts of deleted tokens by type.
-    """
-    now = datetime.now(timezone.utc)
-
-    # Delete expired authorization codes
-    codes_result = await PrismaOAuthAuthorizationCode.prisma().delete_many(
-        where={"expiresAt": {"lt": now}}
-    )
-
-    # Delete expired access tokens
-    access_result = await PrismaOAuthAccessToken.prisma().delete_many(
-        where={"expiresAt": {"lt": now}}
-    )
-
-    # Delete expired refresh tokens
-    refresh_result = await PrismaOAuthRefreshToken.prisma().delete_many(
-        where={"expiresAt": {"lt": now}}
-    )
-
-    deleted = {
-        "authorization_codes": codes_result,
-        "access_tokens": access_result,
-        "refresh_tokens": refresh_result,
-    }
-
-    total = sum(deleted.values())
-    if total > 0:
-        logger.info(f"Cleaned up {total} expired OAuth tokens: {deleted}")
-
-    return deleted

autogpt_platform/backend/backend/data/block.py

@@ -50,8 +50,6 @@ from .model import (
 logger = logging.getLogger(__name__)
 
 if TYPE_CHECKING:
-    from backend.data.execution import ExecutionContext
-
     from .graph import Link
 
 app_config = Config()
@@ -474,7 +472,6 @@ class Block(ABC, Generic[BlockSchemaInputType, BlockSchemaOutputType]):
         self.block_type = block_type
         self.webhook_config = webhook_config
         self.execution_stats: NodeExecutionStats = NodeExecutionStats()
-        self.requires_human_review: bool = False
 
         if self.webhook_config:
             if isinstance(self.webhook_config, BlockWebhookConfig):
@@ -617,77 +614,7 @@ class Block(ABC, Generic[BlockSchemaInputType, BlockSchemaOutputType]):
                     block_id=self.id,
                 ) from ex
 
-    async def is_block_exec_need_review(
-        self,
-        input_data: BlockInput,
-        *,
-        user_id: str,
-        node_exec_id: str,
-        graph_exec_id: str,
-        graph_id: str,
-        graph_version: int,
-        execution_context: "ExecutionContext",
-        **kwargs,
-    ) -> tuple[bool, BlockInput]:
-        """
-        Check if this block execution needs human review and handle the review process.
-
-        Returns:
-            Tuple of (should_pause, input_data_to_use)
-            - should_pause: True if execution should be paused for review
-            - input_data_to_use: The input data to use (may be modified by reviewer)
-        """
-        # Skip review if not required or safe mode is disabled
-        if not self.requires_human_review or not execution_context.safe_mode:
-            return False, input_data
-
-        from backend.blocks.helpers.review import HITLReviewHelper
-
-        # Handle the review request and get decision
-        decision = await HITLReviewHelper.handle_review_decision(
-            input_data=input_data,
-            user_id=user_id,
-            node_exec_id=node_exec_id,
-            graph_exec_id=graph_exec_id,
-            graph_id=graph_id,
-            graph_version=graph_version,
-            execution_context=execution_context,
-            block_name=self.name,
-            editable=True,
-        )
-
-        if decision is None:
-            # We're awaiting review - pause execution
-            return True, input_data
-
-        if not decision.should_proceed:
-            # Review was rejected, raise an error to stop execution
-            raise BlockExecutionError(
-                message=f"Block execution rejected by reviewer: {decision.message}",
-                block_name=self.name,
-                block_id=self.id,
-            )
-
-        # Review was approved - use the potentially modified data
-        # ReviewResult.data must be a dict for block inputs
-        reviewed_data = decision.review_result.data
-        if not isinstance(reviewed_data, dict):
-            raise BlockExecutionError(
-                message=f"Review data must be a dict for block input, got {type(reviewed_data).__name__}",
-                block_name=self.name,
-                block_id=self.id,
-            )
-        return False, reviewed_data
-
     async def _execute(self, input_data: BlockInput, **kwargs) -> BlockOutput:
-        # Check for review requirement and get potentially modified input data
-        should_pause, input_data = await self.is_block_exec_need_review(
-            input_data, **kwargs
-        )
-        if should_pause:
-            return
-
-        # Validate the input data (original or reviewer-modified) once
         if error := self.input_schema.validate_data(input_data):
             raise BlockInputError(
                 message=f"Unable to execute block with invalid input data: {error}",
@@ -695,7 +622,6 @@ class Block(ABC, Generic[BlockSchemaInputType, BlockSchemaOutputType]):
                 block_id=self.id,
             )
 
-        # Use the validated input data
         async for output_name, output_data in self.run(
             self.input_schema(**{k: v for k, v in input_data.items() if v is not None}),
             **kwargs,

autogpt_platform/backend/backend/data/block_cost_config.py

@@ -59,13 +59,12 @@ from backend.integrations.credentials_store import (
 
 MODEL_COST: dict[LlmModel, int] = {
     LlmModel.O3: 4,
-    LlmModel.O3_MINI: 2,
-    LlmModel.O1: 16,
+    LlmModel.O3_MINI: 2,  # $1.10 / $4.40
+    LlmModel.O1: 16,  # $15 / $60
     LlmModel.O1_MINI: 4,
     # GPT-5 models
-    LlmModel.GPT5_2: 6,
-    LlmModel.GPT5_1: 5,
     LlmModel.GPT5: 2,
+    LlmModel.GPT5_1: 5,
     LlmModel.GPT5_MINI: 1,
     LlmModel.GPT5_NANO: 1,
     LlmModel.GPT5_CHAT: 5,
@@ -88,7 +87,7 @@ MODEL_COST: dict[LlmModel, int] = {
     LlmModel.AIML_API_LLAMA3_3_70B: 1,
     LlmModel.AIML_API_META_LLAMA_3_1_70B: 1,
     LlmModel.AIML_API_LLAMA_3_2_3B: 1,
-    LlmModel.LLAMA3_3_70B: 1,
+    LlmModel.LLAMA3_3_70B: 1,  # $0.59 / $0.79
     LlmModel.LLAMA3_1_8B: 1,
     LlmModel.OLLAMA_LLAMA3_3: 1,
     LlmModel.OLLAMA_LLAMA3_2: 1,

autogpt_platform/backend/backend/data/credential_grants.py

@@ -0,0 +1,327 @@
+"""
+Credential Grant data layer.
+
+Handles database operations for credential grants which allow OAuth clients
+to use credentials on behalf of users.
+"""
+
+from datetime import datetime, timezone
+from typing import Optional
+
+from prisma.enums import CredentialGrantPermission
+from prisma.models import CredentialGrant
+
+from backend.data.db import prisma
+
+
+async def create_credential_grant(
+    user_id: str,
+    client_id: str,
+    credential_id: str,
+    provider: str,
+    granted_scopes: list[str],
+    permissions: list[CredentialGrantPermission],
+    expires_at: Optional[datetime] = None,
+) -> CredentialGrant:
+    """
+    Create a new credential grant.
+
+    Args:
+        user_id: ID of the user granting access
+        client_id: Database ID of the OAuth client
+        credential_id: ID of the credential being granted
+        provider: Provider name (e.g., "google", "github")
+        granted_scopes: List of integration scopes granted
+        permissions: List of permissions (USE, DELETE)
+        expires_at: Optional expiration datetime
+
+    Returns:
+        Created CredentialGrant
+    """
+    return await prisma.credentialgrant.create(
+        data={  # type: ignore[typeddict-item]
+            "userId": user_id,
+            "clientId": client_id,
+            "credentialId": credential_id,
+            "provider": provider,
+            "grantedScopes": granted_scopes,
+            "permissions": permissions,
+            "expiresAt": expires_at,
+        }
+    )
+
+
+async def get_credential_grant(
+    grant_id: str,
+    user_id: Optional[str] = None,
+    client_id: Optional[str] = None,
+) -> Optional[CredentialGrant]:
+    """
+    Get a credential grant by ID.
+
+    Args:
+        grant_id: Grant ID
+        user_id: Optional user ID filter
+        client_id: Optional client database ID filter
+
+    Returns:
+        CredentialGrant or None
+    """
+    where: dict[str, str] = {"id": grant_id}
+    if user_id:
+        where["userId"] = user_id
+    if client_id:
+        where["clientId"] = client_id
+
+    return await prisma.credentialgrant.find_first(where=where)  # type: ignore[arg-type]
+
+
+async def get_grants_for_user_client(
+    user_id: str,
+    client_id: str,
+    include_revoked: bool = False,
+    include_expired: bool = False,
+) -> list[CredentialGrant]:
+    """
+    Get all credential grants for a user-client pair.
+
+    Args:
+        user_id: User ID
+        client_id: Client database ID
+        include_revoked: Include revoked grants
+        include_expired: Include expired grants
+
+    Returns:
+        List of CredentialGrant objects
+    """
+    where: dict[str, str | None] = {
+        "userId": user_id,
+        "clientId": client_id,
+    }
+
+    if not include_revoked:
+        where["revokedAt"] = None
+
+    grants = await prisma.credentialgrant.find_many(
+        where=where,  # type: ignore[arg-type]
+        order={"createdAt": "desc"},
+    )
+
+    # Filter expired if needed
+    if not include_expired:
+        now = datetime.now(timezone.utc)
+        grants = [g for g in grants if g.expiresAt is None or g.expiresAt > now]
+
+    return grants
+
+
+async def get_grants_for_credential(
+    user_id: str,
+    credential_id: str,
+) -> list[CredentialGrant]:
+    """
+    Get all active grants for a specific credential.
+
+    Args:
+        user_id: User ID
+        credential_id: Credential ID
+
+    Returns:
+        List of active CredentialGrant objects
+    """
+    now = datetime.now(timezone.utc)
+
+    grants = await prisma.credentialgrant.find_many(
+        where={
+            "userId": user_id,
+            "credentialId": credential_id,
+            "revokedAt": None,
+        },
+        include={"Client": True},
+    )
+
+    # Filter expired
+    return [g for g in grants if g.expiresAt is None or g.expiresAt > now]
+
+
+async def get_grant_by_credential_and_client(
+    user_id: str,
+    credential_id: str,
+    client_id: str,
+) -> Optional[CredentialGrant]:
+    """
+    Get the grant for a specific credential and client.
+
+    Args:
+        user_id: User ID
+        credential_id: Credential ID
+        client_id: Client database ID
+
+    Returns:
+        CredentialGrant or None
+    """
+    return await prisma.credentialgrant.find_first(
+        where={
+            "userId": user_id,
+            "credentialId": credential_id,
+            "clientId": client_id,
+            "revokedAt": None,
+        }
+    )
+
+
+async def update_grant_scopes(
+    grant_id: str,
+    granted_scopes: list[str],
+) -> CredentialGrant:
+    """
+    Update the granted scopes for a credential grant.
+
+    Args:
+        grant_id: Grant ID
+        granted_scopes: New list of granted scopes
+
+    Returns:
+        Updated CredentialGrant
+    """
+    result = await prisma.credentialgrant.update(
+        where={"id": grant_id},
+        data={"grantedScopes": granted_scopes},
+    )
+    if result is None:
+        raise ValueError(f"Grant {grant_id} not found")
+    return result
+
+
+async def update_grant_last_used(grant_id: str) -> None:
+    """
+    Update the lastUsedAt timestamp for a grant.
+
+    Args:
+        grant_id: Grant ID
+    """
+    await prisma.credentialgrant.update(
+        where={"id": grant_id},
+        data={"lastUsedAt": datetime.now(timezone.utc)},
+    )
+
+
+async def revoke_grant(grant_id: str) -> CredentialGrant:
+    """
+    Revoke a credential grant.
+
+    Args:
+        grant_id: Grant ID
+
+    Returns:
+        Revoked CredentialGrant
+    """
+    result = await prisma.credentialgrant.update(
+        where={"id": grant_id},
+        data={"revokedAt": datetime.now(timezone.utc)},
+    )
+    if result is None:
+        raise ValueError(f"Grant {grant_id} not found")
+    return result
+
+
+async def revoke_grants_for_credential(
+    user_id: str,
+    credential_id: str,
+) -> int:
+    """
+    Revoke all grants for a specific credential.
+
+    Args:
+        user_id: User ID
+        credential_id: Credential ID
+
+    Returns:
+        Number of grants revoked
+    """
+    return await prisma.credentialgrant.update_many(
+        where={
+            "userId": user_id,
+            "credentialId": credential_id,
+            "revokedAt": None,
+        },
+        data={"revokedAt": datetime.now(timezone.utc)},
+    )
+
+
+async def revoke_grants_for_client(
+    user_id: str,
+    client_id: str,
+) -> int:
+    """
+    Revoke all grants for a specific client.
+
+    Args:
+        user_id: User ID
+        client_id: Client database ID
+
+    Returns:
+        Number of grants revoked
+    """
+    return await prisma.credentialgrant.update_many(
+        where={
+            "userId": user_id,
+            "clientId": client_id,
+            "revokedAt": None,
+        },
+        data={"revokedAt": datetime.now(timezone.utc)},
+    )
+
+
+async def delete_grant(grant_id: str) -> None:
+    """
+    Permanently delete a credential grant.
+
+    Args:
+        grant_id: Grant ID
+    """
+    await prisma.credentialgrant.delete(where={"id": grant_id})
+
+
+async def check_grant_permission(
+    grant_id: str,
+    required_permission: CredentialGrantPermission,
+) -> bool:
+    """
+    Check if a grant has a specific permission.
+
+    Args:
+        grant_id: Grant ID
+        required_permission: Permission to check
+
+    Returns:
+        True if grant has the permission
+    """
+    grant = await prisma.credentialgrant.find_unique(where={"id": grant_id})
+    if not grant:
+        return False
+
+    return required_permission in grant.permissions
+
+
+async def is_grant_valid(grant_id: str) -> bool:
+    """
+    Check if a grant is valid (not revoked and not expired).
+
+    Args:
+        grant_id: Grant ID
+
+    Returns:
+        True if grant is valid
+    """
+    grant = await prisma.credentialgrant.find_unique(where={"id": grant_id})
+    if not grant:
+        return False
+
+    if grant.revokedAt:
+        return False
+
+    if grant.expiresAt and grant.expiresAt < datetime.now(timezone.utc):
+        return False
+
+    return True

autogpt_platform/backend/backend/data/credit.py

@@ -16,7 +16,6 @@ from prisma.models import CreditRefundRequest, CreditTransaction, User, UserBala
 from prisma.types import CreditRefundRequestCreateInput, CreditTransactionWhereInput
 from pydantic import BaseModel
 
-from backend.api.features.admin.model import UserHistoryResponse
 from backend.data.block_cost_config import BLOCK_COSTS
 from backend.data.db import query_raw_with_schema
 from backend.data.includes import MAX_CREDIT_REFUND_REQUESTS_FETCH
@@ -30,6 +29,7 @@ from backend.data.model import (
 from backend.data.notifications import NotificationEventModel, RefundRequestData
 from backend.data.user import get_user_by_id, get_user_email_by_id
 from backend.notifications.notifications import queue_notification_async
+from backend.server.v2.admin.model import UserHistoryResponse
 from backend.util.exceptions import InsufficientBalanceError
 from backend.util.feature_flag import Flag, is_feature_enabled
 from backend.util.json import SafeJson, dumps
@@ -341,19 +341,6 @@ class UserCreditBase(ABC):
 
         if result:
             # UserBalance is already updated by the CTE
-
-            # Clear insufficient funds notification flags when credits are added
-            # so user can receive alerts again if they run out in the future.
-            if transaction.amount > 0 and transaction.type in [
-                CreditTransactionType.GRANT,
-                CreditTransactionType.TOP_UP,
-            ]:
-                from backend.executor.manager import (
-                    clear_insufficient_funds_notifications,
-                )
-
-                await clear_insufficient_funds_notifications(user_id)
-
             return result[0]["balance"]
 
     async def _add_transaction(
@@ -543,22 +530,6 @@ class UserCreditBase(ABC):
         if result:
             new_balance, tx_key = result[0]["balance"], result[0]["transactionKey"]
             # UserBalance is already updated by the CTE
-
-            # Clear insufficient funds notification flags when credits are added
-            # so user can receive alerts again if they run out in the future.
-            if (
-                amount > 0
-                and is_active
-                and transaction_type
-                in [CreditTransactionType.GRANT, CreditTransactionType.TOP_UP]
-            ):
-                # Lazy import to avoid circular dependency with executor.manager
-                from backend.executor.manager import (
-                    clear_insufficient_funds_notifications,
-                )
-
-                await clear_insufficient_funds_notifications(user_id)
-
             return new_balance, tx_key
 
         # If no result, either user doesn't exist or insufficient balance

autogpt_platform/backend/backend/data/credit_ceiling_test.py

@@ -11,6 +11,7 @@ import pytest
 from prisma.enums import CreditTransactionType
 from prisma.errors import UniqueViolationError
 from prisma.models import CreditTransaction, User, UserBalance
+from prisma.types import UserBalanceCreateInput, UserBalanceUpsertInput, UserCreateInput
 
 from backend.data.credit import UserCredit
 from backend.util.json import SafeJson
@@ -21,11 +22,11 @@ async def create_test_user(user_id: str) -> None:
     """Create a test user for ceiling tests."""
     try:
         await User.prisma().create(
-            data={
-                "id": user_id,
-                "email": f"test-{user_id}@example.com",
-                "name": f"Test User {user_id[:8]}",
-            }
+            data=UserCreateInput(
+                id=user_id,
+                email=f"test-{user_id}@example.com",
+                name=f"Test User {user_id[:8]}",
+            )
         )
     except UniqueViolationError:
         # User already exists, continue
@@ -33,7 +34,10 @@ async def create_test_user(user_id: str) -> None:
 
     await UserBalance.prisma().upsert(
         where={"userId": user_id},
-        data={"create": {"userId": user_id, "balance": 0}, "update": {"balance": 0}},
+        data=UserBalanceUpsertInput(
+            create=UserBalanceCreateInput(userId=user_id, balance=0),
+            update={"balance": 0},
+        ),
     )
 
 

autogpt_platform/backend/backend/data/credit_concurrency_test.py

@@ -14,6 +14,7 @@ import pytest
 from prisma.enums import CreditTransactionType
 from prisma.errors import UniqueViolationError
 from prisma.models import CreditTransaction, User, UserBalance
+from prisma.types import UserBalanceCreateInput, UserBalanceUpsertInput, UserCreateInput
 
 from backend.data.credit import POSTGRES_INT_MAX, UsageTransactionMetadata, UserCredit
 from backend.util.exceptions import InsufficientBalanceError
@@ -28,11 +29,11 @@ async def create_test_user(user_id: str) -> None:
     """Create a test user with initial balance."""
     try:
         await User.prisma().create(
-            data={
-                "id": user_id,
-                "email": f"test-{user_id}@example.com",
-                "name": f"Test User {user_id[:8]}",
-            }
+            data=UserCreateInput(
+                id=user_id,
+                email=f"test-{user_id}@example.com",
+                name=f"Test User {user_id[:8]}",
+            )
         )
     except UniqueViolationError:
         # User already exists, continue
@@ -41,7 +42,10 @@ async def create_test_user(user_id: str) -> None:
     # Ensure UserBalance record exists
     await UserBalance.prisma().upsert(
         where={"userId": user_id},
-        data={"create": {"userId": user_id, "balance": 0}, "update": {"balance": 0}},
+        data=UserBalanceUpsertInput(
+            create=UserBalanceCreateInput(userId=user_id, balance=0),
+            update={"balance": 0},
+        ),
     )
 
 
@@ -342,10 +346,10 @@ async def test_integer_overflow_protection(server: SpinTestServer):
         # First, set balance near max
         await UserBalance.prisma().upsert(
             where={"userId": user_id},
-            data={
-                "create": {"userId": user_id, "balance": max_int - 100},
-                "update": {"balance": max_int - 100},
-            },
+            data=UserBalanceUpsertInput(
+                create=UserBalanceCreateInput(userId=user_id, balance=max_int - 100),
+                update={"balance": max_int - 100},
+            ),
         )
 
         # Try to add more than possible - should clamp to POSTGRES_INT_MAX

autogpt_platform/backend/backend/data/credit_integration_test.py

@@ -8,6 +8,7 @@ which would have caught the CreditTransactionType enum casting bug.
 import pytest
 from prisma.enums import CreditTransactionType
 from prisma.models import CreditTransaction, User, UserBalance
+from prisma.types import UserCreateInput
 
 from backend.data.credit import (
     AutoTopUpConfig,
@@ -29,12 +30,12 @@ async def cleanup_test_user():
     # Create the user first
     try:
         await User.prisma().create(
-            data={
-                "id": user_id,
-                "email": f"test-{user_id}@example.com",
-                "topUpConfig": SafeJson({}),
-                "timezone": "UTC",
-            }
+            data=UserCreateInput(
+                id=user_id,
+                email=f"test-{user_id}@example.com",
+                topUpConfig=SafeJson({}),
+                timezone="UTC",
+            )
         )
     except Exception:
         # User might already exist, that's fine

autogpt_platform/backend/backend/data/credit_refund_test.py

@@ -12,6 +12,12 @@ import pytest
 import stripe
 from prisma.enums import CreditTransactionType
 from prisma.models import CreditRefundRequest, CreditTransaction, User, UserBalance
+from prisma.types import (
+    CreditRefundRequestCreateInput,
+    CreditTransactionCreateInput,
+    UserBalanceCreateInput,
+    UserCreateInput,
+)
 
 from backend.data.credit import UserCredit
 from backend.util.json import SafeJson
@@ -35,32 +41,32 @@ async def setup_test_user_with_topup():
 
     # Create user
     await User.prisma().create(
-        data={
-            "id": REFUND_TEST_USER_ID,
-            "email": f"{REFUND_TEST_USER_ID}@example.com",
-            "name": "Refund Test User",
-        }
+        data=UserCreateInput(
+            id=REFUND_TEST_USER_ID,
+            email=f"{REFUND_TEST_USER_ID}@example.com",
+            name="Refund Test User",
+        )
     )
 
     # Create user balance
     await UserBalance.prisma().create(
-        data={
-            "userId": REFUND_TEST_USER_ID,
-            "balance": 1000,  # $10
-        }
+        data=UserBalanceCreateInput(
+            userId=REFUND_TEST_USER_ID,
+            balance=1000,  # $10
+        )
     )
 
     # Create a top-up transaction that can be refunded
     topup_tx = await CreditTransaction.prisma().create(
-        data={
-            "userId": REFUND_TEST_USER_ID,
-            "amount": 1000,
-            "type": CreditTransactionType.TOP_UP,
-            "transactionKey": "pi_test_12345",
-            "runningBalance": 1000,
-            "isActive": True,
-            "metadata": SafeJson({"stripe_payment_intent": "pi_test_12345"}),
-        }
+        data=CreditTransactionCreateInput(
+            userId=REFUND_TEST_USER_ID,
+            amount=1000,
+            type=CreditTransactionType.TOP_UP,
+            transactionKey="pi_test_12345",
+            runningBalance=1000,
+            isActive=True,
+            metadata=SafeJson({"stripe_payment_intent": "pi_test_12345"}),
+        )
     )
 
     return topup_tx
@@ -93,12 +99,12 @@ async def test_deduct_credits_atomic(server: SpinTestServer):
 
         # Create refund request record (simulating webhook flow)
         await CreditRefundRequest.prisma().create(
-            data={
-                "userId": REFUND_TEST_USER_ID,
-                "amount": 500,
-                "transactionKey": topup_tx.transactionKey,  # Should match the original transaction
-                "reason": "Test refund",
-            }
+            data=CreditRefundRequestCreateInput(
+                userId=REFUND_TEST_USER_ID,
+                amount=500,
+                transactionKey=topup_tx.transactionKey,  # Should match the original transaction
+                reason="Test refund",
+            )
         )
 
         # Call deduct_credits
@@ -286,12 +292,12 @@ async def test_concurrent_refunds(server: SpinTestServer):
         refund_requests = []
         for i in range(5):
             req = await CreditRefundRequest.prisma().create(
-                data={
-                    "userId": REFUND_TEST_USER_ID,
-                    "amount": 100,  # $1 each
-                    "transactionKey": topup_tx.transactionKey,
-                    "reason": f"Test refund {i}",
-                }
+                data=CreditRefundRequestCreateInput(
+                    userId=REFUND_TEST_USER_ID,
+                    amount=100,  # $1 each
+                    transactionKey=topup_tx.transactionKey,
+                    reason=f"Test refund {i}",
+                )
             )
             refund_requests.append(req)
 

autogpt_platform/backend/backend/data/credit_test.py

@@ -3,6 +3,11 @@ from datetime import datetime, timedelta, timezone
 import pytest
 from prisma.enums import CreditTransactionType
 from prisma.models import CreditTransaction, UserBalance
+from prisma.types import (
+    CreditTransactionCreateInput,
+    UserBalanceCreateInput,
+    UserBalanceUpsertInput,
+)
 
 from backend.blocks.llm import AITextGeneratorBlock
 from backend.data.block import get_block
@@ -23,10 +28,10 @@ async def disable_test_user_transactions():
     old_date = datetime.now(timezone.utc) - timedelta(days=35)  # More than a month ago
     await UserBalance.prisma().upsert(
         where={"userId": DEFAULT_USER_ID},
-        data={
-            "create": {"userId": DEFAULT_USER_ID, "balance": 0},
-            "update": {"balance": 0, "updatedAt": old_date},
-        },
+        data=UserBalanceUpsertInput(
+            create=UserBalanceCreateInput(userId=DEFAULT_USER_ID, balance=0),
+            update={"balance": 0, "updatedAt": old_date},
+        ),
     )
 
 
@@ -140,23 +145,23 @@ async def test_block_credit_reset(server: SpinTestServer):
 
         # Manually create a transaction with month 1 timestamp to establish history
         await CreditTransaction.prisma().create(
-            data={
-                "userId": DEFAULT_USER_ID,
-                "amount": 100,
-                "type": CreditTransactionType.TOP_UP,
-                "runningBalance": 1100,
-                "isActive": True,
-                "createdAt": month1,  # Set specific timestamp
-            }
+            data=CreditTransactionCreateInput(
+                userId=DEFAULT_USER_ID,
+                amount=100,
+                type=CreditTransactionType.TOP_UP,
+                runningBalance=1100,
+                isActive=True,
+                createdAt=month1,  # Set specific timestamp
+            )
         )
 
         # Update user balance to match
         await UserBalance.prisma().upsert(
             where={"userId": DEFAULT_USER_ID},
-            data={
-                "create": {"userId": DEFAULT_USER_ID, "balance": 1100},
-                "update": {"balance": 1100},
-            },
+            data=UserBalanceUpsertInput(
+                create=UserBalanceCreateInput(userId=DEFAULT_USER_ID, balance=1100),
+                update={"balance": 1100},
+            ),
         )
 
         # Now test month 2 behavior
@@ -175,14 +180,14 @@ async def test_block_credit_reset(server: SpinTestServer):
 
         # Create a month 2 transaction to update the last transaction time
         await CreditTransaction.prisma().create(
-            data={
-                "userId": DEFAULT_USER_ID,
-                "amount": -700,  # Spent 700 to get to 400
-                "type": CreditTransactionType.USAGE,
-                "runningBalance": 400,
-                "isActive": True,
-                "createdAt": month2,
-            }
+            data=CreditTransactionCreateInput(
+                userId=DEFAULT_USER_ID,
+                amount=-700,  # Spent 700 to get to 400
+                type=CreditTransactionType.USAGE,
+                runningBalance=400,
+                isActive=True,
+                createdAt=month2,
+            )
         )
 
         # Move to month 3

autogpt_platform/backend/backend/data/credit_underflow_test.py

@@ -12,6 +12,7 @@ import pytest
 from prisma.enums import CreditTransactionType
 from prisma.errors import UniqueViolationError
 from prisma.models import CreditTransaction, User, UserBalance
+from prisma.types import UserBalanceCreateInput, UserBalanceUpsertInput, UserCreateInput
 
 from backend.data.credit import POSTGRES_INT_MIN, UserCredit
 from backend.util.test import SpinTestServer
@@ -21,11 +22,11 @@ async def create_test_user(user_id: str) -> None:
     """Create a test user for underflow tests."""
     try:
         await User.prisma().create(
-            data={
-                "id": user_id,
-                "email": f"test-{user_id}@example.com",
-                "name": f"Test User {user_id[:8]}",
-            }
+            data=UserCreateInput(
+                id=user_id,
+                email=f"test-{user_id}@example.com",
+                name=f"Test User {user_id[:8]}",
+            )
         )
     except UniqueViolationError:
         # User already exists, continue
@@ -33,7 +34,10 @@ async def create_test_user(user_id: str) -> None:
 
     await UserBalance.prisma().upsert(
         where={"userId": user_id},
-        data={"create": {"userId": user_id, "balance": 0}, "update": {"balance": 0}},
+        data=UserBalanceUpsertInput(
+            create=UserBalanceCreateInput(userId=user_id, balance=0),
+            update={"balance": 0},
+        ),
     )
 
 
@@ -66,14 +70,14 @@ async def test_debug_underflow_step_by_step(server: SpinTestServer):
         initial_balance_target = POSTGRES_INT_MIN + 100
 
         # Use direct database update to set the balance close to underflow
-        from prisma.models import UserBalance
-
         await UserBalance.prisma().upsert(
             where={"userId": user_id},
-            data={
-                "create": {"userId": user_id, "balance": initial_balance_target},
-                "update": {"balance": initial_balance_target},
-            },
+            data=UserBalanceUpsertInput(
+                create=UserBalanceCreateInput(
+                    userId=user_id, balance=initial_balance_target
+                ),
+                update={"balance": initial_balance_target},
+            ),
         )
 
         current_balance = await credit_system.get_credits(user_id)
@@ -110,10 +114,10 @@ async def test_debug_underflow_step_by_step(server: SpinTestServer):
         # Set balance to exactly POSTGRES_INT_MIN
         await UserBalance.prisma().upsert(
             where={"userId": user_id},
-            data={
-                "create": {"userId": user_id, "balance": POSTGRES_INT_MIN},
-                "update": {"balance": POSTGRES_INT_MIN},
-            },
+            data=UserBalanceUpsertInput(
+                create=UserBalanceCreateInput(userId=user_id, balance=POSTGRES_INT_MIN),
+                update={"balance": POSTGRES_INT_MIN},
+            ),
         )
 
         edge_balance = await credit_system.get_credits(user_id)
@@ -147,15 +151,13 @@ async def test_underflow_protection_large_refunds(server: SpinTestServer):
         # Set up balance close to underflow threshold to test the protection
         # Set balance to POSTGRES_INT_MIN + 1000, then try to subtract 2000
         # This should trigger underflow protection
-        from prisma.models import UserBalance
-
         test_balance = POSTGRES_INT_MIN + 1000
         await UserBalance.prisma().upsert(
             where={"userId": user_id},
-            data={
-                "create": {"userId": user_id, "balance": test_balance},
-                "update": {"balance": test_balance},
-            },
+            data=UserBalanceUpsertInput(
+                create=UserBalanceCreateInput(userId=user_id, balance=test_balance),
+                update={"balance": test_balance},
+            ),
         )
 
         current_balance = await credit_system.get_credits(user_id)
@@ -212,15 +214,13 @@ async def test_multiple_large_refunds_cumulative_underflow(server: SpinTestServe
 
     try:
         # Set up balance close to underflow threshold
-        from prisma.models import UserBalance
-
         initial_balance = POSTGRES_INT_MIN + 500  # Close to minimum but with some room
         await UserBalance.prisma().upsert(
             where={"userId": user_id},
-            data={
-                "create": {"userId": user_id, "balance": initial_balance},
-                "update": {"balance": initial_balance},
-            },
+            data=UserBalanceUpsertInput(
+                create=UserBalanceCreateInput(userId=user_id, balance=initial_balance),
+                update={"balance": initial_balance},
+            ),
         )
 
         # Apply multiple refunds that would cumulatively underflow
@@ -290,15 +290,13 @@ async def test_concurrent_large_refunds_no_underflow(server: SpinTestServer):
 
     try:
         # Set up balance close to underflow threshold
-        from prisma.models import UserBalance
-
         initial_balance = POSTGRES_INT_MIN + 1000  # Close to minimum
         await UserBalance.prisma().upsert(
             where={"userId": user_id},
-            data={
-                "create": {"userId": user_id, "balance": initial_balance},
-                "update": {"balance": initial_balance},
-            },
+            data=UserBalanceUpsertInput(
+                create=UserBalanceCreateInput(userId=user_id, balance=initial_balance),
+                update={"balance": initial_balance},
+            ),
         )
 
         async def large_refund(amount: int, label: str):

autogpt_platform/backend/backend/data/credit_user_balance_migration_test.py

@@ -14,6 +14,7 @@ import pytest
 from prisma.enums import CreditTransactionType
 from prisma.errors import UniqueViolationError
 from prisma.models import CreditTransaction, User, UserBalance
+from prisma.types import UserBalanceCreateInput, UserCreateInput
 
 from backend.data.credit import UsageTransactionMetadata, UserCredit
 from backend.util.json import SafeJson
@@ -24,11 +25,11 @@ async def create_test_user(user_id: str) -> None:
     """Create a test user for migration tests."""
     try:
         await User.prisma().create(
-            data={
-                "id": user_id,
-                "email": f"test-{user_id}@example.com",
-                "name": f"Test User {user_id[:8]}",
-            }
+            data=UserCreateInput(
+                id=user_id,
+                email=f"test-{user_id}@example.com",
+                name=f"Test User {user_id[:8]}",
+            )
         )
     except UniqueViolationError:
         # User already exists, continue
@@ -121,7 +122,7 @@ async def test_detect_stale_user_balance_queries(server: SpinTestServer):
     try:
         # Create UserBalance with specific value
         await UserBalance.prisma().create(
-            data={"userId": user_id, "balance": 5000}  # $50
+            data=UserBalanceCreateInput(userId=user_id, balance=5000)  # $50
         )
 
         # Verify that get_credits returns UserBalance value (5000), not any stale User.balance value
@@ -160,7 +161,9 @@ async def test_concurrent_operations_use_userbalance_only(server: SpinTestServer
 
     try:
         # Set initial balance in UserBalance
-        await UserBalance.prisma().create(data={"userId": user_id, "balance": 1000})
+        await UserBalance.prisma().create(
+            data=UserBalanceCreateInput(userId=user_id, balance=1000)
+        )
 
         # Run concurrent operations to ensure they all use UserBalance atomic operations
         async def concurrent_spend(amount: int, label: str):

autogpt_platform/backend/backend/data/db.py

@@ -38,20 +38,6 @@ POOL_TIMEOUT = os.getenv("DB_POOL_TIMEOUT")
 if POOL_TIMEOUT:
     DATABASE_URL = add_param(DATABASE_URL, "pool_timeout", POOL_TIMEOUT)
 
-# Add public schema to search_path for pgvector type access
-# The vector extension is in public schema, but search_path is determined by schema parameter
-# Extract the schema from DATABASE_URL or default to 'public' (matching get_database_schema())
-parsed_url = urlparse(DATABASE_URL)
-url_params = dict(parse_qsl(parsed_url.query))
-db_schema = url_params.get("schema", "public")
-# Build search_path, avoiding duplicates if db_schema is already 'public'
-search_path_schemas = list(
-    dict.fromkeys([db_schema, "public"])
-)  # Preserves order, removes duplicates
-search_path = ",".join(search_path_schemas)
-# This allows using ::vector without schema qualification
-DATABASE_URL = add_param(DATABASE_URL, "options", f"-c search_path={search_path}")
-
 HTTP_TIMEOUT = int(POOL_TIMEOUT) if POOL_TIMEOUT else None
 
 prisma = Prisma(
@@ -122,102 +108,21 @@ def get_database_schema() -> str:
     return query_params.get("schema", "public")
 
 
-async def _raw_with_schema(
-    query_template: str,
-    *args,
-    execute: bool = False,
-    client: Prisma | None = None,
-    set_public_search_path: bool = False,
-) -> list[dict] | int:
-    """Internal: Execute raw SQL with proper schema handling.
-
-    Use query_raw_with_schema() or execute_raw_with_schema() instead.
-
-    Args:
-        query_template: SQL query with {schema_prefix} placeholder
-        *args: Query parameters
-        execute: If False, executes SELECT query. If True, executes INSERT/UPDATE/DELETE.
-        client: Optional Prisma client for transactions (only used when execute=True).
-        set_public_search_path: If True, sets search_path to include public schema.
-                                Needed for pgvector types and other public schema objects.
-
-    Returns:
-        - list[dict] if execute=False (query results)
-        - int if execute=True (number of affected rows)
-    """
+async def query_raw_with_schema(query_template: str, *args) -> list[dict]:
+    """Execute raw SQL query with proper schema handling."""
     schema = get_database_schema()
-    schema_prefix = f'"{schema}".' if schema != "public" else ""
+    schema_prefix = f"{schema}." if schema != "public" else ""
     formatted_query = query_template.format(schema_prefix=schema_prefix)
 
     import prisma as prisma_module
 
-    db_client = client if client else prisma_module.get_client()
-
-    # Set search_path to include public schema if requested
-    # Prisma doesn't support the 'options' connection parameter, so we set it per-session
-    # This is idempotent and safe to call multiple times
-    if set_public_search_path:
-        await db_client.execute_raw(f"SET search_path = {schema}, public")  # type: ignore
-
-    if execute:
-        result = await db_client.execute_raw(formatted_query, *args)  # type: ignore
-    else:
-        result = await db_client.query_raw(formatted_query, *args)  # type: ignore
+    result = await prisma_module.get_client().query_raw(
+        formatted_query, *args  # type: ignore
+    )
 
     return result
 
 
-async def query_raw_with_schema(
-    query_template: str, *args, set_public_search_path: bool = False
-) -> list[dict]:
-    """Execute raw SQL SELECT query with proper schema handling.
-
-    Args:
-        query_template: SQL query with {schema_prefix} placeholder
-        *args: Query parameters
-        set_public_search_path: If True, sets search_path to include public schema.
-                                Needed for pgvector types and other public schema objects.
-
-    Returns:
-        List of result rows as dictionaries
-
-    Example:
-        results = await query_raw_with_schema(
-            'SELECT * FROM {schema_prefix}"User" WHERE id = $1',
-            user_id
-        )
-    """
-    return await _raw_with_schema(query_template, *args, execute=False, set_public_search_path=set_public_search_path)  # type: ignore
-
-
-async def execute_raw_with_schema(
-    query_template: str,
-    *args,
-    client: Prisma | None = None,
-    set_public_search_path: bool = False,
-) -> int:
-    """Execute raw SQL command (INSERT/UPDATE/DELETE) with proper schema handling.
-
-    Args:
-        query_template: SQL query with {schema_prefix} placeholder
-        *args: Query parameters
-        client: Optional Prisma client for transactions
-        set_public_search_path: If True, sets search_path to include public schema.
-                                Needed for pgvector types and other public schema objects.
-
-    Returns:
-        Number of affected rows
-
-    Example:
-        await execute_raw_with_schema(
-            'INSERT INTO {schema_prefix}"User" (id, name) VALUES ($1, $2)',
-            user_id, name,
-            client=tx  # Optional transaction client
-        )
-    """
-    return await _raw_with_schema(query_template, *args, execute=True, client=client, set_public_search_path=set_public_search_path)  # type: ignore
-
-
 class BaseDbModel(BaseModel):
     id: str = Field(default_factory=lambda: str(uuid4()))
 

autogpt_platform/backend/backend/data/execution.py

@@ -5,7 +5,6 @@ from enum import Enum
 from multiprocessing import Manager
 from queue import Empty
 from typing import (
-    TYPE_CHECKING,
     Annotated,
     Any,
     AsyncGenerator,
@@ -28,6 +27,7 @@ from prisma.models import (
     AgentNodeExecutionKeyValueData,
 )
 from prisma.types import (
+    AgentGraphExecutionCreateInput,
     AgentGraphExecutionUpdateManyMutationInput,
     AgentGraphExecutionWhereInput,
     AgentNodeExecutionCreateInput,
@@ -35,7 +35,7 @@ from prisma.types import (
     AgentNodeExecutionKeyValueDataCreateInput,
     AgentNodeExecutionUpdateInput,
     AgentNodeExecutionWhereInput,
-    AgentNodeExecutionWhereUniqueInput,
+    _AgentNodeExecutionWhereUnique_id_Input,
 )
 from pydantic import BaseModel, ConfigDict, JsonValue, ValidationError
 from pydantic.fields import Field
@@ -66,15 +66,19 @@ from .includes import (
 )
 from .model import CredentialsMetaInput, GraphExecutionStats, NodeExecutionStats
 
-if TYPE_CHECKING:
-    pass
-
 T = TypeVar("T")
 
 logger = logging.getLogger(__name__)
 config = Config()
 
 
+class GrantResolverContext(BaseModel):
+    """Context for grant-based credential resolution in external API executions."""
+
+    client_db_id: str  # The OAuth client database UUID
+    grant_ids: list[str]  # List of grant IDs to use for credential resolution
+
+
 class ExecutionContext(BaseModel):
     """
     Unified context that carries execution-level data throughout the entire execution flow.
@@ -85,6 +89,8 @@ class ExecutionContext(BaseModel):
     user_timezone: str = "UTC"
     root_execution_id: Optional[str] = None
     parent_execution_id: Optional[str] = None
+    # For external API executions using credential grants
+    grant_resolver_context: Optional[GrantResolverContext] = None
 
 
 # -------------------------- Models -------------------------- #
@@ -383,7 +389,6 @@ class GraphExecutionWithNodes(GraphExecution):
         self,
         execution_context: ExecutionContext,
         compiled_nodes_input_masks: Optional[NodesInputMasks] = None,
-        nodes_to_skip: Optional[set[str]] = None,
     ):
         return GraphExecutionEntry(
             user_id=self.user_id,
@@ -391,7 +396,6 @@ class GraphExecutionWithNodes(GraphExecution):
             graph_version=self.graph_version or 0,
             graph_exec_id=self.id,
             nodes_input_masks=compiled_nodes_input_masks,
-            nodes_to_skip=nodes_to_skip or set(),
             execution_context=execution_context,
         )
 
@@ -711,18 +715,18 @@ async def create_graph_execution(
         The id of the AgentGraphExecution and the list of ExecutionResult for each node.
     """
     result = await AgentGraphExecution.prisma().create(
-        data={
-            "agentGraphId": graph_id,
-            "agentGraphVersion": graph_version,
-            "executionStatus": ExecutionStatus.INCOMPLETE,
-            "inputs": SafeJson(inputs),
-            "credentialInputs": (
+        data=AgentGraphExecutionCreateInput(
+            agentGraphId=graph_id,
+            agentGraphVersion=graph_version,
+            executionStatus=ExecutionStatus.INCOMPLETE,
+            inputs=SafeJson(inputs),
+            credentialInputs=(
                 SafeJson(credential_inputs) if credential_inputs else Json({})
             ),
-            "nodesInputMasks": (
+            nodesInputMasks=(
                 SafeJson(nodes_input_masks) if nodes_input_masks else Json({})
             ),
-            "NodeExecutions": {
+            NodeExecutions={
                 "create": [
                     AgentNodeExecutionCreateInput(
                         agentNodeId=node_id,
@@ -738,10 +742,10 @@ async def create_graph_execution(
                     for node_id, node_input in starting_nodes_input
                 ]
             },
-            "userId": user_id,
-            "agentPresetId": preset_id,
-            "parentGraphExecutionId": parent_graph_exec_id,
-        },
+            userId=user_id,
+            agentPresetId=preset_id,
+            parentGraphExecutionId=parent_graph_exec_id,
+        ),
         include=GRAPH_EXECUTION_INCLUDE_WITH_NODES,
     )
 
@@ -833,39 +837,15 @@ async def upsert_execution_output(
     """
     Insert AgentNodeExecutionInputOutput record for as one of AgentNodeExecution.Output.
     """
-    data: AgentNodeExecutionInputOutputCreateInput = {
-        "name": output_name,
-        "referencedByOutputExecId": node_exec_id,
-    }
+    data = AgentNodeExecutionInputOutputCreateInput(
+        name=output_name,
+        referencedByOutputExecId=node_exec_id,
+    )
     if output_data is not None:
         data["data"] = SafeJson(output_data)
     await AgentNodeExecutionInputOutput.prisma().create(data=data)
 
 
-async def get_execution_outputs_by_node_exec_id(
-    node_exec_id: str,
-) -> dict[str, Any]:
-    """
-    Get all execution outputs for a specific node execution ID.
-
-    Args:
-        node_exec_id: The node execution ID to get outputs for
-
-    Returns:
-        Dictionary mapping output names to their data values
-    """
-    outputs = await AgentNodeExecutionInputOutput.prisma().find_many(
-        where={"referencedByOutputExecId": node_exec_id}
-    )
-
-    result = {}
-    for output in outputs:
-        if output.data is not None:
-            result[output.name] = type_utils.convert(output.data, JsonValue)
-
-    return result
-
-
 async def update_graph_execution_start_time(
     graph_exec_id: str,
 ) -> GraphExecution | None:
@@ -978,7 +958,7 @@ async def update_node_execution_status(
 
     if res := await AgentNodeExecution.prisma().update(
         where=cast(
-            AgentNodeExecutionWhereUniqueInput,
+            _AgentNodeExecutionWhereUnique_id_Input,
             {
                 "id": node_exec_id,
                 "executionStatus": {"in": [s.value for s in allowed_from]},
@@ -1147,8 +1127,6 @@ class GraphExecutionEntry(BaseModel):
     graph_id: str
     graph_version: int
     nodes_input_masks: Optional[NodesInputMasks] = None
-    nodes_to_skip: set[str] = Field(default_factory=set)
-    """Node IDs that should be skipped due to optional credentials not being configured."""
     execution_context: ExecutionContext = Field(default_factory=ExecutionContext)
 
 

autogpt_platform/backend/backend/data/graph.py

@@ -94,15 +94,6 @@ class Node(BaseDbModel):
     input_links: list[Link] = []
     output_links: list[Link] = []
 
-    @property
-    def credentials_optional(self) -> bool:
-        """
-        Whether credentials are optional for this node.
-        When True and credentials are not configured, the node will be skipped
-        during execution rather than causing a validation error.
-        """
-        return self.metadata.get("credentials_optional", False)
-
     @property
     def block(self) -> AnyBlockSchema | "_UnknownBlockBase":
         """Get the block for this node. Returns UnknownBlock if block is deleted/missing."""
@@ -244,10 +235,7 @@ class BaseGraph(BaseDbModel):
         return any(
             node.block_id
             for node in self.nodes
-            if (
-                node.block.block_type == BlockType.HUMAN_IN_THE_LOOP
-                or node.block.requires_human_review
-            )
+            if node.block.block_type == BlockType.HUMAN_IN_THE_LOOP
         )
 
     @property
@@ -338,35 +326,7 @@ class Graph(BaseGraph):
     @computed_field
     @property
     def credentials_input_schema(self) -> dict[str, Any]:
-        schema = self._credentials_input_schema.jsonschema()
-
-        # Determine which credential fields are required based on credentials_optional metadata
-        graph_credentials_inputs = self.aggregate_credentials_inputs()
-        required_fields = []
-
-        # Build a map of node_id -> node for quick lookup
-        all_nodes = {node.id: node for node in self.nodes}
-        for sub_graph in self.sub_graphs:
-            for node in sub_graph.nodes:
-                all_nodes[node.id] = node
-
-        for field_key, (
-            _field_info,
-            node_field_pairs,
-        ) in graph_credentials_inputs.items():
-            # A field is required if ANY node using it has credentials_optional=False
-            is_required = False
-            for node_id, _field_name in node_field_pairs:
-                node = all_nodes.get(node_id)
-                if node and not node.credentials_optional:
-                    is_required = True
-                    break
-
-            if is_required:
-                required_fields.append(field_key)
-
-        schema["required"] = required_fields
-        return schema
+        return self._credentials_input_schema.jsonschema()
 
     @property
     def _credentials_input_schema(self) -> type[BlockSchema]:

autogpt_platform/backend/backend/data/graph_test.py

@@ -1,35 +1,23 @@
 import json
 from typing import Any
-from unittest.mock import AsyncMock, patch
 from uuid import UUID
 
 import fastapi.exceptions
 import pytest
 from pytest_snapshot.plugin import Snapshot
 
-import backend.api.features.store.model as store
-from backend.api.model import CreateGraph
+import backend.server.v2.store.model as store
 from backend.blocks.basic import StoreValueBlock
 from backend.blocks.io import AgentInputBlock, AgentOutputBlock
 from backend.data.block import BlockSchema, BlockSchemaInput
 from backend.data.graph import Graph, Link, Node
 from backend.data.model import SchemaField
 from backend.data.user import DEFAULT_USER_ID
+from backend.server.model import CreateGraph
 from backend.usecases.sample import create_test_user
 from backend.util.test import SpinTestServer
 
 
-@pytest.fixture(scope="session", autouse=True)
-def mock_embedding_functions():
-    """Mock embedding functions for all tests to avoid database/API dependencies."""
-    with patch(
-        "backend.api.features.store.db.ensure_embedding",
-        new_callable=AsyncMock,
-        return_value=True,
-    ):
-        yield
-
-
 @pytest.mark.asyncio(loop_scope="session")
 async def test_graph_creation(server: SpinTestServer, snapshot: Snapshot):
     """
@@ -408,58 +396,3 @@ async def test_access_store_listing_graph(server: SpinTestServer):
         created_graph.id, created_graph.version, "3e53486c-cf57-477e-ba2a-cb02dc828e1b"
     )
     assert got_graph is not None
-
-
-# ============================================================================
-# Tests for Optional Credentials Feature
-# ============================================================================
-
-
-def test_node_credentials_optional_default():
-    """Test that credentials_optional defaults to False when not set in metadata."""
-    node = Node(
-        id="test_node",
-        block_id=StoreValueBlock().id,
-        input_default={},
-        metadata={},
-    )
-    assert node.credentials_optional is False
-
-
-def test_node_credentials_optional_true():
-    """Test that credentials_optional returns True when explicitly set."""
-    node = Node(
-        id="test_node",
-        block_id=StoreValueBlock().id,
-        input_default={},
-        metadata={"credentials_optional": True},
-    )
-    assert node.credentials_optional is True
-
-
-def test_node_credentials_optional_false():
-    """Test that credentials_optional returns False when explicitly set to False."""
-    node = Node(
-        id="test_node",
-        block_id=StoreValueBlock().id,
-        input_default={},
-        metadata={"credentials_optional": False},
-    )
-    assert node.credentials_optional is False
-
-
-def test_node_credentials_optional_with_other_metadata():
-    """Test that credentials_optional works correctly with other metadata present."""
-    node = Node(
-        id="test_node",
-        block_id=StoreValueBlock().id,
-        input_default={},
-        metadata={
-            "position": {"x": 100, "y": 200},
-            "customized_name": "My Custom Node",
-            "credentials_optional": True,
-        },
-    )
-    assert node.credentials_optional is True
-    assert node.metadata["position"] == {"x": 100, "y": 200}
-    assert node.metadata["customized_name"] == "My Custom Node"

autogpt_platform/backend/backend/data/human_review.py

@@ -10,10 +10,14 @@ from typing import Optional
 
 from prisma.enums import ReviewStatus
 from prisma.models import PendingHumanReview
-from prisma.types import PendingHumanReviewUpdateInput
+from prisma.types import (
+    PendingHumanReviewCreateInput,
+    PendingHumanReviewUpdateInput,
+    PendingHumanReviewUpsertInput,
+)
 from pydantic import BaseModel
 
-from backend.api.features.executions.review.model import (
+from backend.server.v2.executions.review.model import (
     PendingHumanReviewModel,
     SafeJsonData,
 )
@@ -66,20 +70,20 @@ async def get_or_create_human_review(
         # Upsert - get existing or create new review
         review = await PendingHumanReview.prisma().upsert(
             where={"nodeExecId": node_exec_id},
-            data={
-                "create": {
-                    "userId": user_id,
-                    "nodeExecId": node_exec_id,
-                    "graphExecId": graph_exec_id,
-                    "graphId": graph_id,
-                    "graphVersion": graph_version,
-                    "payload": SafeJson(input_data),
-                    "instructions": message,
-                    "editable": editable,
-                    "status": ReviewStatus.WAITING,
-                },
-                "update": {},  # Do nothing on update - keep existing review as is
-            },
+            data=PendingHumanReviewUpsertInput(
+                create=PendingHumanReviewCreateInput(
+                    userId=user_id,
+                    nodeExecId=node_exec_id,
+                    graphExecId=graph_exec_id,
+                    graphId=graph_id,
+                    graphVersion=graph_version,
+                    payload=SafeJson(input_data),
+                    instructions=message,
+                    editable=editable,
+                    status=ReviewStatus.WAITING,
+                ),
+                update={},  # Do nothing on update - keep existing review as is
+            ),
         )
 
         logger.info(
@@ -100,7 +104,7 @@ async def get_or_create_human_review(
         return None
     else:
         return ReviewResult(
-            data=review.payload,
+            data=review.payload if review.status == ReviewStatus.APPROVED else None,
             status=review.status,
             message=review.reviewMessage or "",
             processed=review.processed,

autogpt_platform/backend/backend/data/integration_scopes.py

@@ -0,0 +1,302 @@
+"""
+Integration scopes mapping.
+
+Maps AutoGPT's fine-grained integration scopes to provider-specific OAuth scopes.
+These scopes are used to request granular permissions when connecting integrations
+through the Credential Broker.
+"""
+
+from enum import Enum
+from typing import Optional
+
+from backend.integrations.providers import ProviderName
+
+
+class IntegrationScope(str, Enum):
+    """
+    Fine-grained integration scopes for credential grants.
+
+    Format: {provider}:{resource}.{permission}
+    """
+
+    # Google scopes
+    GOOGLE_EMAIL_READ = "google:email.read"
+    GOOGLE_GMAIL_READONLY = "google:gmail.readonly"
+    GOOGLE_GMAIL_SEND = "google:gmail.send"
+    GOOGLE_GMAIL_MODIFY = "google:gmail.modify"
+    GOOGLE_DRIVE_READONLY = "google:drive.readonly"
+    GOOGLE_DRIVE_FILE = "google:drive.file"
+    GOOGLE_CALENDAR_READONLY = "google:calendar.readonly"
+    GOOGLE_CALENDAR_EVENTS = "google:calendar.events"
+    GOOGLE_SHEETS_READONLY = "google:sheets.readonly"
+    GOOGLE_SHEETS = "google:sheets"
+    GOOGLE_DOCS_READONLY = "google:docs.readonly"
+    GOOGLE_DOCS = "google:docs"
+
+    # GitHub scopes
+    GITHUB_REPOS_READ = "github:repos.read"
+    GITHUB_REPOS_WRITE = "github:repos.write"
+    GITHUB_ISSUES_READ = "github:issues.read"
+    GITHUB_ISSUES_WRITE = "github:issues.write"
+    GITHUB_USER_READ = "github:user.read"
+    GITHUB_GISTS = "github:gists"
+    GITHUB_NOTIFICATIONS = "github:notifications"
+
+    # Discord scopes
+    DISCORD_IDENTIFY = "discord:identify"
+    DISCORD_EMAIL = "discord:email"
+    DISCORD_GUILDS = "discord:guilds"
+    DISCORD_MESSAGES_READ = "discord:messages.read"
+
+    # Twitter scopes
+    TWITTER_READ = "twitter:read"
+    TWITTER_WRITE = "twitter:write"
+    TWITTER_DM = "twitter:dm"
+
+    # Notion scopes
+    NOTION_READ = "notion:read"
+    NOTION_WRITE = "notion:write"
+
+    # Todoist scopes
+    TODOIST_READ = "todoist:read"
+    TODOIST_WRITE = "todoist:write"
+
+
+# Scope descriptions for consent UI
+INTEGRATION_SCOPE_DESCRIPTIONS: dict[str, str] = {
+    # Google
+    IntegrationScope.GOOGLE_EMAIL_READ.value: "Read your email address",
+    IntegrationScope.GOOGLE_GMAIL_READONLY.value: "Read your Gmail messages",
+    IntegrationScope.GOOGLE_GMAIL_SEND.value: "Send emails on your behalf",
+    IntegrationScope.GOOGLE_GMAIL_MODIFY.value: "Read, send, and manage your emails",
+    IntegrationScope.GOOGLE_DRIVE_READONLY.value: "View files in your Google Drive",
+    IntegrationScope.GOOGLE_DRIVE_FILE.value: "Create and edit files in Google Drive",
+    IntegrationScope.GOOGLE_CALENDAR_READONLY.value: "View your calendar",
+    IntegrationScope.GOOGLE_CALENDAR_EVENTS.value: "Create and edit calendar events",
+    IntegrationScope.GOOGLE_SHEETS_READONLY.value: "View your spreadsheets",
+    IntegrationScope.GOOGLE_SHEETS.value: "Create and edit spreadsheets",
+    IntegrationScope.GOOGLE_DOCS_READONLY.value: "View your documents",
+    IntegrationScope.GOOGLE_DOCS.value: "Create and edit documents",
+    # GitHub
+    IntegrationScope.GITHUB_REPOS_READ.value: "Read repository information",
+    IntegrationScope.GITHUB_REPOS_WRITE.value: "Create and manage repositories",
+    IntegrationScope.GITHUB_ISSUES_READ.value: "Read issues and pull requests",
+    IntegrationScope.GITHUB_ISSUES_WRITE.value: "Create and manage issues",
+    IntegrationScope.GITHUB_USER_READ.value: "Read your GitHub profile",
+    IntegrationScope.GITHUB_GISTS.value: "Create and manage gists",
+    IntegrationScope.GITHUB_NOTIFICATIONS.value: "Access notifications",
+    # Discord
+    IntegrationScope.DISCORD_IDENTIFY.value: "Access your Discord username",
+    IntegrationScope.DISCORD_EMAIL.value: "Access your Discord email",
+    IntegrationScope.DISCORD_GUILDS.value: "View your server list",
+    IntegrationScope.DISCORD_MESSAGES_READ.value: "Read messages",
+    # Twitter
+    IntegrationScope.TWITTER_READ.value: "Read tweets and profile",
+    IntegrationScope.TWITTER_WRITE.value: "Post tweets on your behalf",
+    IntegrationScope.TWITTER_DM.value: "Send and read direct messages",
+    # Notion
+    IntegrationScope.NOTION_READ.value: "View Notion pages",
+    IntegrationScope.NOTION_WRITE.value: "Create and edit Notion pages",
+    # Todoist
+    IntegrationScope.TODOIST_READ.value: "View your tasks",
+    IntegrationScope.TODOIST_WRITE.value: "Create and manage tasks",
+}
+
+
+# Mapping from integration scopes to provider OAuth scopes
+INTEGRATION_SCOPE_MAPPING: dict[str, dict[str, list[str]]] = {
+    ProviderName.GOOGLE.value: {
+        IntegrationScope.GOOGLE_EMAIL_READ.value: [
+            "https://www.googleapis.com/auth/userinfo.email",
+            "openid",
+        ],
+        IntegrationScope.GOOGLE_GMAIL_READONLY.value: [
+            "https://www.googleapis.com/auth/gmail.readonly",
+        ],
+        IntegrationScope.GOOGLE_GMAIL_SEND.value: [
+            "https://www.googleapis.com/auth/gmail.send",
+        ],
+        IntegrationScope.GOOGLE_GMAIL_MODIFY.value: [
+            "https://www.googleapis.com/auth/gmail.modify",
+        ],
+        IntegrationScope.GOOGLE_DRIVE_READONLY.value: [
+            "https://www.googleapis.com/auth/drive.readonly",
+        ],
+        IntegrationScope.GOOGLE_DRIVE_FILE.value: [
+            "https://www.googleapis.com/auth/drive.file",
+        ],
+        IntegrationScope.GOOGLE_CALENDAR_READONLY.value: [
+            "https://www.googleapis.com/auth/calendar.readonly",
+        ],
+        IntegrationScope.GOOGLE_CALENDAR_EVENTS.value: [
+            "https://www.googleapis.com/auth/calendar.events",
+        ],
+        IntegrationScope.GOOGLE_SHEETS_READONLY.value: [
+            "https://www.googleapis.com/auth/spreadsheets.readonly",
+        ],
+        IntegrationScope.GOOGLE_SHEETS.value: [
+            "https://www.googleapis.com/auth/spreadsheets",
+        ],
+        IntegrationScope.GOOGLE_DOCS_READONLY.value: [
+            "https://www.googleapis.com/auth/documents.readonly",
+        ],
+        IntegrationScope.GOOGLE_DOCS.value: [
+            "https://www.googleapis.com/auth/documents",
+        ],
+    },
+    ProviderName.GITHUB.value: {
+        IntegrationScope.GITHUB_REPOS_READ.value: [
+            "repo:status",
+            "public_repo",
+        ],
+        IntegrationScope.GITHUB_REPOS_WRITE.value: [
+            "repo",
+        ],
+        IntegrationScope.GITHUB_ISSUES_READ.value: [
+            "repo:status",
+        ],
+        IntegrationScope.GITHUB_ISSUES_WRITE.value: [
+            "repo",
+        ],
+        IntegrationScope.GITHUB_USER_READ.value: [
+            "read:user",
+            "user:email",
+        ],
+        IntegrationScope.GITHUB_GISTS.value: [
+            "gist",
+        ],
+        IntegrationScope.GITHUB_NOTIFICATIONS.value: [
+            "notifications",
+        ],
+    },
+    ProviderName.DISCORD.value: {
+        IntegrationScope.DISCORD_IDENTIFY.value: [
+            "identify",
+        ],
+        IntegrationScope.DISCORD_EMAIL.value: [
+            "email",
+        ],
+        IntegrationScope.DISCORD_GUILDS.value: [
+            "guilds",
+        ],
+        IntegrationScope.DISCORD_MESSAGES_READ.value: [
+            "messages.read",
+        ],
+    },
+    ProviderName.TWITTER.value: {
+        IntegrationScope.TWITTER_READ.value: [
+            "tweet.read",
+            "users.read",
+        ],
+        IntegrationScope.TWITTER_WRITE.value: [
+            "tweet.write",
+        ],
+        IntegrationScope.TWITTER_DM.value: [
+            "dm.read",
+            "dm.write",
+        ],
+    },
+    ProviderName.NOTION.value: {
+        IntegrationScope.NOTION_READ.value: [],  # Notion uses workspace-level access
+        IntegrationScope.NOTION_WRITE.value: [],
+    },
+    ProviderName.TODOIST.value: {
+        IntegrationScope.TODOIST_READ.value: [
+            "data:read",
+        ],
+        IntegrationScope.TODOIST_WRITE.value: [
+            "data:read_write",
+        ],
+    },
+}
+
+
+def get_provider_scopes(
+    provider: ProviderName | str, integration_scopes: list[str]
+) -> list[str]:
+    """
+    Convert integration scopes to provider-specific OAuth scopes.
+
+    Args:
+        provider: The provider name
+        integration_scopes: List of integration scope strings
+
+    Returns:
+        List of provider-specific OAuth scopes
+    """
+    provider_value = provider.value if isinstance(provider, ProviderName) else provider
+    provider_mapping = INTEGRATION_SCOPE_MAPPING.get(provider_value, {})
+
+    oauth_scopes: set[str] = set()
+    for scope in integration_scopes:
+        if scope in provider_mapping:
+            oauth_scopes.update(provider_mapping[scope])
+
+    return list(oauth_scopes)
+
+
+def get_provider_for_scope(scope: str) -> Optional[ProviderName]:
+    """
+    Get the provider for an integration scope.
+
+    Args:
+        scope: Integration scope string (e.g., "google:gmail.readonly")
+
+    Returns:
+        ProviderName or None if not recognized
+    """
+    if ":" not in scope:
+        return None
+
+    provider_prefix = scope.split(":")[0]
+
+    # Map prefixes to providers
+    prefix_mapping = {
+        "google": ProviderName.GOOGLE,
+        "github": ProviderName.GITHUB,
+        "discord": ProviderName.DISCORD,
+        "twitter": ProviderName.TWITTER,
+        "notion": ProviderName.NOTION,
+        "todoist": ProviderName.TODOIST,
+    }
+
+    return prefix_mapping.get(provider_prefix)
+
+
+def validate_integration_scopes(scopes: list[str]) -> tuple[bool, list[str]]:
+    """
+    Validate a list of integration scopes.
+
+    Args:
+        scopes: List of integration scope strings
+
+    Returns:
+        Tuple of (valid, invalid_scopes)
+    """
+    valid_scopes = {s.value for s in IntegrationScope}
+    invalid = [s for s in scopes if s not in valid_scopes]
+    return len(invalid) == 0, invalid
+
+
+def group_scopes_by_provider(
+    scopes: list[str],
+) -> dict[ProviderName, list[str]]:
+    """
+    Group integration scopes by their provider.
+
+    Args:
+        scopes: List of integration scope strings
+
+    Returns:
+        Dictionary mapping providers to their scopes
+    """
+    grouped: dict[ProviderName, list[str]] = {}
+
+    for scope in scopes:
+        provider = get_provider_for_scope(scope)
+        if provider:
+            if provider not in grouped:
+                grouped[provider] = []
+            grouped[provider].append(scope)
+
+    return grouped