chore(deps): Bump actions/setup-python from 5 to 6

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5 to 6.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/dependabot.yml

@@ -1,5 +1,29 @@
 version: 2
 updates:
+  # autogpt_libs (Poetry project)
+  - package-ecosystem: "pip"
+    directory: "autogpt_platform/autogpt_libs"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+    target-branch: "dev"
+    commit-message:
+      prefix: "chore(libs/deps)"
+      prefix-development: "chore(libs/deps-dev)"
+    ignore:
+      - dependency-name: "poetry"
+    groups:
+      production-dependencies:
+        dependency-type: "production"
+        update-types:
+          - "minor"
+          - "patch"
+      development-dependencies:
+        dependency-type: "development"
+        update-types:
+          - "minor"
+          - "patch"
+
   # backend (Poetry project)
   - package-ecosystem: "pip"
     directory: "autogpt_platform/backend"

.github/workflows/classic-autogpt-ci.yml

@@ -72,7 +72,7 @@ jobs:
           git config --global user.email "github-bot@agpt.co"
 
       - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python-version }}
 

.github/workflows/classic-autogpts-ci.yml

@@ -50,7 +50,7 @@ jobs:
           submodules: true
 
       - name: Set up Python ${{ env.min-python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ env.min-python-version }}
 

.github/workflows/classic-benchmark-ci.yml

@@ -48,7 +48,7 @@ jobs:
           submodules: true
 
       - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python-version }}
 
@@ -120,7 +120,7 @@ jobs:
           submodules: true
 
       - name: Set up Python ${{ env.min-python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ env.min-python-version }}
 

.github/workflows/classic-benchmark_publish_package.yml

@@ -16,7 +16,7 @@ jobs:
         fetch-depth: 0
 
     - name: Set up Python
-      uses: actions/setup-python@v5
+      uses: actions/setup-python@v6
       with:
         python-version: 3.8
 

.github/workflows/classic-forge-ci.yml

@@ -100,7 +100,7 @@ jobs:
           fi
 
       - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python-version }}
 

.github/workflows/classic-python-checks.yml

@@ -73,7 +73,7 @@ jobs:
           fetch-depth: 0
 
       - name: Set up Python ${{ env.min-python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ env.min-python-version }}
 
@@ -125,7 +125,7 @@ jobs:
           fetch-depth: 0
 
       - name: Set up Python ${{ env.min-python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ env.min-python-version }}
 

.github/workflows/claude-ci-failure-auto-fix.yml

@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.workflow_run.head_branch }}
           fetch-depth: 0

.github/workflows/claude-dependabot.yml

@@ -30,13 +30,13 @@ jobs:
       actions: read # Required for CI access
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 1
 
       # Backend Python/Poetry setup (mirrors platform-backend-ci.yml)
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: "3.11"  # Use standard version matching CI
 

.github/workflows/claude.yml

@@ -40,7 +40,7 @@ jobs:
       actions: read # Required for CI access
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 1
 
@@ -52,7 +52,7 @@ jobs:
 
       # Backend Python/Poetry setup (mirrors platform-backend-ci.yml)
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: "3.11"  # Use standard version matching CI
 

.github/workflows/codeql.yml

@@ -58,7 +58,7 @@ jobs:
         # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v6
+      uses: actions/checkout@v4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

.github/workflows/copilot-setup-steps.yml

@@ -27,14 +27,14 @@ jobs:
     # If you do not check out your code, Copilot will do this for you.
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
           submodules: true
 
       # Backend Python/Poetry setup (mirrors platform-backend-ci.yml)
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: "3.11"  # Use standard version matching CI
 

.github/workflows/docs-block-sync.yml

@@ -23,12 +23,12 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 1
 
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: "3.11"
 

.github/workflows/docs-claude-review.yml

@@ -23,12 +23,12 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: "3.11"
 

.github/workflows/docs-enhance.yml

@@ -28,12 +28,12 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 1
 
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: "3.11"
 

.github/workflows/platform-autogpt-deploy-dev.yaml

@@ -25,12 +25,12 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.inputs.git_ref || github.ref_name }}
 
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: '3.11'
 
@@ -52,7 +52,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Trigger deploy workflow
-        uses: peter-evans/repository-dispatch@v4
+        uses: peter-evans/repository-dispatch@v3
         with:
           token: ${{ secrets.DEPLOY_TOKEN }}
           repository: Significant-Gravitas/AutoGPT_cloud_infrastructure

.github/workflows/platform-autogpt-deploy-prod.yml

@@ -17,12 +17,12 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.ref_name || 'master' }}
 
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: '3.11'
 
@@ -45,7 +45,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Trigger deploy workflow
-        uses: peter-evans/repository-dispatch@v4
+        uses: peter-evans/repository-dispatch@v3
         with:
           token: ${{ secrets.DEPLOY_TOKEN }}
           repository: Significant-Gravitas/AutoGPT_cloud_infrastructure

.github/workflows/platform-backend-ci.yml

@@ -6,11 +6,13 @@ on:
     paths:
       - ".github/workflows/platform-backend-ci.yml"
       - "autogpt_platform/backend/**"
+      - "autogpt_platform/autogpt_libs/**"
   pull_request:
     branches: [master, dev, release-*]
     paths:
       - ".github/workflows/platform-backend-ci.yml"
       - "autogpt_platform/backend/**"
+      - "autogpt_platform/autogpt_libs/**"
   merge_group:
 
 concurrency:
@@ -66,13 +68,13 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
           submodules: true
 
       - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python-version }}
 

.github/workflows/platform-dev-deploy-event-dispatcher.yml

@@ -82,7 +82,7 @@ jobs:
           
       - name: Dispatch Deploy Event
         if: steps.check_status.outputs.should_deploy == 'true'
-        uses: peter-evans/repository-dispatch@v4
+        uses: peter-evans/repository-dispatch@v3
         with:
           token: ${{ secrets.DISPATCH_TOKEN }}
           repository: Significant-Gravitas/AutoGPT_cloud_infrastructure
@@ -110,7 +110,7 @@ jobs:
 
       - name: Dispatch Undeploy Event (from comment)
         if: steps.check_status.outputs.should_undeploy == 'true'
-        uses: peter-evans/repository-dispatch@v4
+        uses: peter-evans/repository-dispatch@v3
         with:
           token: ${{ secrets.DISPATCH_TOKEN }}
           repository: Significant-Gravitas/AutoGPT_cloud_infrastructure
@@ -168,7 +168,7 @@ jobs:
           github.event_name == 'pull_request' &&
           github.event.action == 'closed' &&
           steps.check_pr_close.outputs.should_undeploy == 'true'
-        uses: peter-evans/repository-dispatch@v4
+        uses: peter-evans/repository-dispatch@v3
         with:
           token: ${{ secrets.DISPATCH_TOKEN }}
           repository: Significant-Gravitas/AutoGPT_cloud_infrastructure

.github/workflows/platform-frontend-ci.yml

@@ -31,7 +31,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
 
       - name: Check for component changes
         uses: dorny/paths-filter@v3
@@ -71,7 +71,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
 
       - name: Set up Node.js
         uses: actions/setup-node@v6
@@ -107,7 +107,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
@@ -148,7 +148,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           submodules: recursive
 
@@ -277,7 +277,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           submodules: recursive
 

.github/workflows/platform-fullstack-ci.yml

@@ -29,7 +29,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
 
       - name: Set up Node.js
         uses: actions/setup-node@v6
@@ -63,7 +63,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           submodules: recursive
 

.github/workflows/repo-workflow-checker.yml

@@ -11,11 +11,11 @@ jobs:
     steps:
       # - name: Wait some time for all actions to start
       #   run: sleep 30
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v4
         # with:
           # fetch-depth: 0
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: "3.10"
       - name: Install dependencies

autogpt_platform/CLAUDE.md

@@ -8,7 +8,7 @@ AutoGPT Platform is a monorepo containing:
 
 - **Backend** (`backend`): Python FastAPI server with async support
 - **Frontend** (`frontend`): Next.js React application
-- **Shared Libraries** (`backend/api/auth`, `backend/logging`): Auth, logging, and common utilities integrated into backend
+- **Shared Libraries** (`autogpt_libs`): Common Python utilities
 
 ## Component Documentation
 

autogpt_platform/autogpt_libs/README.md

@@ -0,0 +1,3 @@
+# AutoGPT Libs
+
+This is a new project to store shared functionality across different services in the AutoGPT Platform (e.g. authentication)

autogpt_platform/autogpt_libs/autogpt_libs/api_key/test_keysmith.py

@@ -1,6 +1,6 @@
 import hashlib
 
-from backend.api.auth.api_key.keysmith import APIKeySmith
+from autogpt_libs.api_key.keysmith import APIKeySmith
 
 
 def test_generate_api_key():

autogpt_platform/autogpt_libs/autogpt_libs/auth/config_test.py

@@ -9,7 +9,7 @@ import os
 import pytest
 from pytest_mock import MockerFixture
 
-from backend.api.auth.config import AuthConfigError, Settings
+from autogpt_libs.auth.config import AuthConfigError, Settings
 
 
 def test_environment_variable_precedence(mocker: MockerFixture):
@@ -228,7 +228,7 @@ def test_no_crypto_warning(mocker: MockerFixture, caplog: pytest.LogCaptureFixtu
     mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": secret}, clear=True)
 
     # Mock has_crypto to return False
-    mocker.patch("backend.api.auth.config.has_crypto", False)
+    mocker.patch("autogpt_libs.auth.config.has_crypto", False)
 
     with caplog.at_level(logging.WARNING):
         Settings()

autogpt_platform/autogpt_libs/autogpt_libs/auth/dependencies.py

@@ -43,7 +43,7 @@ def get_optional_user_id(
 
     try:
         # Parse JWT token to get user ID
-        from backend.api.auth.jwt_utils import parse_jwt_token
+        from autogpt_libs.auth.jwt_utils import parse_jwt_token
 
         payload = parse_jwt_token(credentials.credentials)
         return payload.get("sub")

autogpt_platform/autogpt_libs/autogpt_libs/auth/dependencies_test.py

@@ -11,12 +11,12 @@ from fastapi import FastAPI, HTTPException, Request, Security
 from fastapi.testclient import TestClient
 from pytest_mock import MockerFixture
 
-from backend.api.auth.dependencies import (
+from autogpt_libs.auth.dependencies import (
     get_user_id,
     requires_admin_user,
     requires_user,
 )
-from backend.api.auth.models import User
+from autogpt_libs.auth.models import User
 
 
 class TestAuthDependencies:
@@ -53,7 +53,7 @@ class TestAuthDependencies:
 
         # Mock get_jwt_payload to return our test payload
         mocker.patch(
-            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
         user = await requires_user(jwt_payload)
         assert isinstance(user, User)
@@ -70,7 +70,7 @@ class TestAuthDependencies:
         }
 
         mocker.patch(
-            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
         user = await requires_user(jwt_payload)
         assert user.user_id == "admin-456"
@@ -105,7 +105,7 @@ class TestAuthDependencies:
         }
 
         mocker.patch(
-            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
         user = await requires_admin_user(jwt_payload)
         assert user.user_id == "admin-789"
@@ -137,7 +137,7 @@ class TestAuthDependencies:
         jwt_payload = {"sub": "user-id-xyz", "role": "user"}
 
         mocker.patch(
-            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
         user_id = await get_user_id(request, jwt_payload)
         assert user_id == "user-id-xyz"
@@ -344,7 +344,7 @@ class TestAuthDependenciesEdgeCases:
     ):
         """Test that errors propagate correctly through dependencies."""
         # Import verify_user to test it directly since dependencies use FastAPI Security
-        from backend.api.auth.jwt_utils import verify_user
+        from autogpt_libs.auth.jwt_utils import verify_user
 
         with pytest.raises(HTTPException) as exc_info:
             verify_user(payload, admin_only=admin_only)
@@ -354,7 +354,7 @@ class TestAuthDependenciesEdgeCases:
     async def test_dependency_valid_user(self):
         """Test valid user case for dependency."""
         # Import verify_user to test it directly since dependencies use FastAPI Security
-        from backend.api.auth.jwt_utils import verify_user
+        from autogpt_libs.auth.jwt_utils import verify_user
 
         # Valid case
         user = verify_user({"sub": "user", "role": "user"}, admin_only=False)
@@ -376,16 +376,16 @@ class TestAdminImpersonation:
         }
 
         # Mock verify_user to return admin user data
-        mock_verify_user = mocker.patch("backend.api.auth.dependencies.verify_user")
+        mock_verify_user = mocker.patch("autogpt_libs.auth.dependencies.verify_user")
         mock_verify_user.return_value = Mock(
             user_id="admin-456", email="admin@example.com", role="admin"
         )
 
         # Mock logger to verify audit logging
-        mock_logger = mocker.patch("backend.api.auth.dependencies.logger")
+        mock_logger = mocker.patch("autogpt_libs.auth.dependencies.logger")
 
         mocker.patch(
-            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         user_id = await get_user_id(request, jwt_payload)
@@ -412,13 +412,13 @@ class TestAdminImpersonation:
         }
 
         # Mock verify_user to return regular user data
-        mock_verify_user = mocker.patch("backend.api.auth.dependencies.verify_user")
+        mock_verify_user = mocker.patch("autogpt_libs.auth.dependencies.verify_user")
         mock_verify_user.return_value = Mock(
             user_id="regular-user", email="user@example.com", role="user"
         )
 
         mocker.patch(
-            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         with pytest.raises(HTTPException) as exc_info:
@@ -439,7 +439,7 @@ class TestAdminImpersonation:
         }
 
         mocker.patch(
-            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         user_id = await get_user_id(request, jwt_payload)
@@ -459,7 +459,7 @@ class TestAdminImpersonation:
         }
 
         mocker.patch(
-            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         user_id = await get_user_id(request, jwt_payload)
@@ -479,16 +479,16 @@ class TestAdminImpersonation:
         }
 
         # Mock verify_user to return admin user data
-        mock_verify_user = mocker.patch("backend.api.auth.dependencies.verify_user")
+        mock_verify_user = mocker.patch("autogpt_libs.auth.dependencies.verify_user")
         mock_verify_user.return_value = Mock(
             user_id="admin-999", email="superadmin@company.com", role="admin"
         )
 
         # Mock logger to capture audit trail
-        mock_logger = mocker.patch("backend.api.auth.dependencies.logger")
+        mock_logger = mocker.patch("autogpt_libs.auth.dependencies.logger")
 
         mocker.patch(
-            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         user_id = await get_user_id(request, jwt_payload)
@@ -515,7 +515,7 @@ class TestAdminImpersonation:
         }
 
         mocker.patch(
-            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         user_id = await get_user_id(request, jwt_payload)
@@ -535,16 +535,16 @@ class TestAdminImpersonation:
         }
 
         # Mock verify_user to return admin user data
-        mock_verify_user = mocker.patch("backend.api.auth.dependencies.verify_user")
+        mock_verify_user = mocker.patch("autogpt_libs.auth.dependencies.verify_user")
         mock_verify_user.return_value = Mock(
             user_id="admin-456", email="admin@example.com", role="admin"
         )
 
         # Mock logger
-        mock_logger = mocker.patch("backend.api.auth.dependencies.logger")
+        mock_logger = mocker.patch("autogpt_libs.auth.dependencies.logger")
 
         mocker.patch(
-            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         user_id = await get_user_id(request, jwt_payload)

autogpt_platform/autogpt_libs/autogpt_libs/auth/helpers_test.py

@@ -3,11 +3,13 @@ Comprehensive tests for auth helpers module to achieve 100% coverage.
 Tests OpenAPI schema generation and authentication response handling.
 """
 
+from unittest import mock
+
 from fastapi import FastAPI
 from fastapi.openapi.utils import get_openapi
 
-from backend.api.auth.helpers import add_auth_responses_to_openapi
-from backend.api.auth.jwt_utils import bearer_jwt_auth
+from autogpt_libs.auth.helpers import add_auth_responses_to_openapi
+from autogpt_libs.auth.jwt_utils import bearer_jwt_auth
 
 
 def test_add_auth_responses_to_openapi_basic():
@@ -17,7 +19,7 @@ def test_add_auth_responses_to_openapi_basic():
     # Add some test endpoints with authentication
     from fastapi import Depends
 
-    from backend.api.auth.dependencies import requires_user
+    from autogpt_libs.auth.dependencies import requires_user
 
     @app.get("/protected", dependencies=[Depends(requires_user)])
     def protected_endpoint():
@@ -62,7 +64,7 @@ def test_add_auth_responses_to_openapi_with_security():
     # Mock endpoint with security
     from fastapi import Security
 
-    from backend.api.auth.dependencies import get_user_id
+    from autogpt_libs.auth.dependencies import get_user_id
 
     @app.get("/secured")
     def secured_endpoint(user_id: str = Security(get_user_id)):
@@ -128,7 +130,7 @@ def test_add_auth_responses_to_openapi_existing_responses():
 
     from fastapi import Security
 
-    from backend.api.auth.jwt_utils import get_jwt_payload
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
 
     @app.get(
         "/with-responses",
@@ -195,8 +197,8 @@ def test_add_auth_responses_to_openapi_multiple_security_schemes():
 
     from fastapi import Security
 
-    from backend.api.auth.dependencies import requires_admin_user, requires_user
-    from backend.api.auth.models import User
+    from autogpt_libs.auth.dependencies import requires_admin_user, requires_user
+    from autogpt_libs.auth.models import User
 
     @app.get("/multi-auth")
     def multi_auth(
@@ -225,29 +227,26 @@ def test_add_auth_responses_to_openapi_empty_components():
     """Test when OpenAPI schema has no components section initially."""
     app = FastAPI()
 
-    def mock_openapi():
-        schema = get_openapi(
-            title=app.title,
-            version=app.version,
-            routes=app.routes,
-        )
-        # Remove components if it exists to test component creation
+    # Mock get_openapi to return schema without components
+    original_get_openapi = get_openapi
+
+    def mock_get_openapi(*args, **kwargs):
+        schema = original_get_openapi(*args, **kwargs)
+        # Remove components if it exists
         if "components" in schema:
             del schema["components"]
         return schema
 
-    # Replace app's openapi method
-    app.openapi = mock_openapi
+    with mock.patch("autogpt_libs.auth.helpers.get_openapi", mock_get_openapi):
+        # Apply customization
+        add_auth_responses_to_openapi(app)
 
-    # Apply customization (this wraps our mock)
-    add_auth_responses_to_openapi(app)
+        schema = app.openapi()
 
-    schema = app.openapi()
-
-    # Components should be created
-    assert "components" in schema
-    assert "responses" in schema["components"]
-    assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
+        # Components should be created
+        assert "components" in schema
+        assert "responses" in schema["components"]
+        assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
 
 
 def test_add_auth_responses_to_openapi_all_http_methods():
@@ -256,7 +255,7 @@ def test_add_auth_responses_to_openapi_all_http_methods():
 
     from fastapi import Security
 
-    from backend.api.auth.jwt_utils import get_jwt_payload
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
 
     @app.get("/resource")
     def get_resource(jwt: dict = Security(get_jwt_payload)):
@@ -334,59 +333,53 @@ def test_endpoint_without_responses_section():
     app = FastAPI()
 
     from fastapi import Security
+    from fastapi.openapi.utils import get_openapi as original_get_openapi
 
-    from backend.api.auth.jwt_utils import get_jwt_payload
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
 
     # Create endpoint
     @app.get("/no-responses")
     def endpoint_without_responses(jwt: dict = Security(get_jwt_payload)):
         return {"data": "test"}
 
-    # Create a mock openapi method that removes responses from the endpoint
-    def mock_openapi():
-        schema = get_openapi(
-            title=app.title,
-            version=app.version,
-            routes=app.routes,
-        )
-        # Remove responses from our endpoint to test response creation
+    # Mock get_openapi to remove responses from the endpoint
+    def mock_get_openapi(*args, **kwargs):
+        schema = original_get_openapi(*args, **kwargs)
+        # Remove responses from our endpoint to trigger line 40
         if "/no-responses" in schema.get("paths", {}):
             if "get" in schema["paths"]["/no-responses"]:
+                # Delete responses to force the code to create it
                 if "responses" in schema["paths"]["/no-responses"]["get"]:
                     del schema["paths"]["/no-responses"]["get"]["responses"]
         return schema
 
-    # Replace app's openapi method
-    app.openapi = mock_openapi
+    with mock.patch("autogpt_libs.auth.helpers.get_openapi", mock_get_openapi):
+        # Apply customization
+        add_auth_responses_to_openapi(app)
 
-    # Apply customization (this wraps our mock)
-    add_auth_responses_to_openapi(app)
+        # Get schema and verify 401 was added
+        schema = app.openapi()
 
-    # Get schema and verify 401 was added
-    schema = app.openapi()
-
-    # The endpoint should now have 401 response
-    if "/no-responses" in schema["paths"]:
-        if "get" in schema["paths"]["/no-responses"]:
-            responses = schema["paths"]["/no-responses"]["get"].get("responses", {})
-            assert "401" in responses
-            assert (
-                responses["401"]["$ref"]
-                == "#/components/responses/HTTP401NotAuthenticatedError"
-            )
+        # The endpoint should now have 401 response
+        if "/no-responses" in schema["paths"]:
+            if "get" in schema["paths"]["/no-responses"]:
+                responses = schema["paths"]["/no-responses"]["get"].get("responses", {})
+                assert "401" in responses
+                assert (
+                    responses["401"]["$ref"]
+                    == "#/components/responses/HTTP401NotAuthenticatedError"
+                )
 
 
 def test_components_with_existing_responses():
     """Test when components already has a responses section."""
     app = FastAPI()
 
-    # Create a mock openapi method that adds existing components/responses
-    def mock_openapi():
-        schema = get_openapi(
-            title=app.title,
-            version=app.version,
-            routes=app.routes,
-        )
+    # Mock get_openapi to return schema with existing components/responses
+    from fastapi.openapi.utils import get_openapi as original_get_openapi
+
+    def mock_get_openapi(*args, **kwargs):
+        schema = original_get_openapi(*args, **kwargs)
         # Add existing components/responses
         if "components" not in schema:
             schema["components"] = {}
@@ -395,21 +388,21 @@ def test_components_with_existing_responses():
         }
         return schema
 
-    # Replace app's openapi method
-    app.openapi = mock_openapi
+    with mock.patch("autogpt_libs.auth.helpers.get_openapi", mock_get_openapi):
+        # Apply customization
+        add_auth_responses_to_openapi(app)
 
-    # Apply customization (this wraps our mock)
-    add_auth_responses_to_openapi(app)
+        schema = app.openapi()
 
-    schema = app.openapi()
+        # Both responses should exist
+        assert "ExistingResponse" in schema["components"]["responses"]
+        assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
 
-    # Both responses should exist
-    assert "ExistingResponse" in schema["components"]["responses"]
-    assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
-
-    # Verify our 401 response structure
-    error_response = schema["components"]["responses"]["HTTP401NotAuthenticatedError"]
-    assert error_response["description"] == "Authentication required"
+        # Verify our 401 response structure
+        error_response = schema["components"]["responses"][
+            "HTTP401NotAuthenticatedError"
+        ]
+        assert error_response["description"] == "Authentication required"
 
 
 def test_openapi_schema_persistence():
@@ -418,7 +411,7 @@ def test_openapi_schema_persistence():
 
     from fastapi import Security
 
-    from backend.api.auth.jwt_utils import get_jwt_payload
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
 
     @app.get("/test")
     def test_endpoint(jwt: dict = Security(get_jwt_payload)):

autogpt_platform/autogpt_libs/autogpt_libs/auth/jwt_utils_test.py

@@ -12,9 +12,9 @@ from fastapi import HTTPException
 from fastapi.security import HTTPAuthorizationCredentials
 from pytest_mock import MockerFixture
 
-from backend.api.auth import config, jwt_utils
-from backend.api.auth.config import Settings
-from backend.api.auth.models import User
+from autogpt_libs.auth import config, jwt_utils
+from autogpt_libs.auth.config import Settings
+from autogpt_libs.auth.models import User
 
 MOCK_JWT_SECRET = "test-secret-key-with-at-least-32-characters"
 TEST_USER_PAYLOAD = {

autogpt_platform/autogpt_libs/autogpt_libs/rate_limit/config.py

@@ -0,0 +1,33 @@
+from typing import Optional
+
+from pydantic import Field
+from pydantic_settings import BaseSettings, SettingsConfigDict
+
+
+class RateLimitSettings(BaseSettings):
+    redis_host: str = Field(
+        default="redis://localhost:6379",
+        description="Redis host",
+        validation_alias="REDIS_HOST",
+    )
+
+    redis_port: str = Field(
+        default="6379", description="Redis port", validation_alias="REDIS_PORT"
+    )
+
+    redis_password: Optional[str] = Field(
+        default=None,
+        description="Redis password",
+        validation_alias="REDIS_PASSWORD",
+    )
+
+    requests_per_minute: int = Field(
+        default=60,
+        description="Maximum number of requests allowed per minute per API key",
+        validation_alias="RATE_LIMIT_REQUESTS_PER_MINUTE",
+    )
+
+    model_config = SettingsConfigDict(case_sensitive=True, extra="ignore")
+
+
+RATE_LIMIT_SETTINGS = RateLimitSettings()

autogpt_platform/autogpt_libs/autogpt_libs/rate_limit/limiter.py

@@ -0,0 +1,51 @@
+import time
+from typing import Tuple
+
+from redis import Redis
+
+from .config import RATE_LIMIT_SETTINGS
+
+
+class RateLimiter:
+    def __init__(
+        self,
+        redis_host: str = RATE_LIMIT_SETTINGS.redis_host,
+        redis_port: str = RATE_LIMIT_SETTINGS.redis_port,
+        redis_password: str | None = RATE_LIMIT_SETTINGS.redis_password,
+        requests_per_minute: int = RATE_LIMIT_SETTINGS.requests_per_minute,
+    ):
+        self.redis = Redis(
+            host=redis_host,
+            port=int(redis_port),
+            password=redis_password,
+            decode_responses=True,
+        )
+        self.window = 60
+        self.max_requests = requests_per_minute
+
+    async def check_rate_limit(self, api_key_id: str) -> Tuple[bool, int, int]:
+        """
+        Check if request is within rate limits.
+
+        Args:
+            api_key_id: The API key identifier to check
+
+        Returns:
+            Tuple of (is_allowed, remaining_requests, reset_time)
+        """
+        now = time.time()
+        window_start = now - self.window
+        key = f"ratelimit:{api_key_id}:1min"
+
+        pipe = self.redis.pipeline()
+        pipe.zremrangebyscore(key, 0, window_start)
+        pipe.zadd(key, {str(now): now})
+        pipe.zcount(key, window_start, now)
+        pipe.expire(key, self.window)
+
+        _, _, request_count, _ = pipe.execute()
+
+        remaining = max(0, self.max_requests - request_count)
+        reset_time = int(now + self.window)
+
+        return request_count <= self.max_requests, remaining, reset_time

autogpt_platform/autogpt_libs/autogpt_libs/rate_limit/middleware.py

@@ -0,0 +1,32 @@
+from fastapi import HTTPException, Request
+from starlette.middleware.base import RequestResponseEndpoint
+
+from .limiter import RateLimiter
+
+
+async def rate_limit_middleware(request: Request, call_next: RequestResponseEndpoint):
+    """FastAPI middleware for rate limiting API requests."""
+    limiter = RateLimiter()
+
+    if not request.url.path.startswith("/api"):
+        return await call_next(request)
+
+    api_key = request.headers.get("Authorization")
+    if not api_key:
+        return await call_next(request)
+
+    api_key = api_key.replace("Bearer ", "")
+
+    is_allowed, remaining, reset_time = await limiter.check_rate_limit(api_key)
+
+    if not is_allowed:
+        raise HTTPException(
+            status_code=429, detail="Rate limit exceeded. Please try again later."
+        )
+
+    response = await call_next(request)
+    response.headers["X-RateLimit-Limit"] = str(limiter.max_requests)
+    response.headers["X-RateLimit-Remaining"] = str(remaining)
+    response.headers["X-RateLimit-Reset"] = str(reset_time)
+
+    return response

autogpt_platform/autogpt_libs/autogpt_libs/supabase_integration_credentials_store/types.py

@@ -0,0 +1,76 @@
+from typing import Annotated, Any, Literal, Optional, TypedDict
+from uuid import uuid4
+
+from pydantic import BaseModel, Field, SecretStr, field_serializer
+
+
+class _BaseCredentials(BaseModel):
+    id: str = Field(default_factory=lambda: str(uuid4()))
+    provider: str
+    title: Optional[str]
+
+    @field_serializer("*")
+    def dump_secret_strings(value: Any, _info):
+        if isinstance(value, SecretStr):
+            return value.get_secret_value()
+        return value
+
+
+class OAuth2Credentials(_BaseCredentials):
+    type: Literal["oauth2"] = "oauth2"
+    username: Optional[str]
+    """Username of the third-party service user that these credentials belong to"""
+    access_token: SecretStr
+    access_token_expires_at: Optional[int]
+    """Unix timestamp (seconds) indicating when the access token expires (if at all)"""
+    refresh_token: Optional[SecretStr]
+    refresh_token_expires_at: Optional[int]
+    """Unix timestamp (seconds) indicating when the refresh token expires (if at all)"""
+    scopes: list[str]
+    metadata: dict[str, Any] = Field(default_factory=dict)
+
+    def bearer(self) -> str:
+        return f"Bearer {self.access_token.get_secret_value()}"
+
+
+class APIKeyCredentials(_BaseCredentials):
+    type: Literal["api_key"] = "api_key"
+    api_key: SecretStr
+    expires_at: Optional[int]
+    """Unix timestamp (seconds) indicating when the API key expires (if at all)"""
+
+    def bearer(self) -> str:
+        return f"Bearer {self.api_key.get_secret_value()}"
+
+
+Credentials = Annotated[
+    OAuth2Credentials | APIKeyCredentials,
+    Field(discriminator="type"),
+]
+
+
+CredentialsType = Literal["api_key", "oauth2"]
+
+
+class OAuthState(BaseModel):
+    token: str
+    provider: str
+    expires_at: int
+    code_verifier: Optional[str] = None
+    scopes: list[str]
+    """Unix timestamp (seconds) indicating when this OAuth state expires"""
+
+
+class UserMetadata(BaseModel):
+    integration_credentials: list[Credentials] = Field(default_factory=list)
+    integration_oauth_states: list[OAuthState] = Field(default_factory=list)
+
+
+class UserMetadataRaw(TypedDict, total=False):
+    integration_credentials: list[dict]
+    integration_oauth_states: list[dict]
+
+
+class UserIntegrations(BaseModel):
+    credentials: list[Credentials] = Field(default_factory=list)
+    oauth_states: list[OAuthState] = Field(default_factory=list)

autogpt_platform/autogpt_libs/pyproject.toml

@@ -0,0 +1,40 @@
+[tool.poetry]
+name = "autogpt-libs"
+version = "0.2.0"
+description = "Shared libraries across AutoGPT Platform"
+authors = ["AutoGPT team <info@agpt.co>"]
+readme = "README.md"
+packages = [{ include = "autogpt_libs" }]
+
+[tool.poetry.dependencies]
+python = ">=3.10,<4.0"
+colorama = "^0.4.6"
+cryptography = "^46.0"
+expiringdict = "^1.2.2"
+fastapi = "^0.128.0"
+google-cloud-logging = "^3.13.0"
+launchdarkly-server-sdk = "^9.14.1"
+pydantic = "^2.12.5"
+pydantic-settings = "^2.12.0"
+pyjwt = { version = "^2.11.0", extras = ["crypto"] }
+redis = "^6.2.0"
+supabase = "^2.27.2"
+uvicorn = "^0.40.0"
+
+[tool.poetry.group.dev.dependencies]
+pyright = "^1.1.408"
+pytest = "^8.4.1"
+pytest-asyncio = "^1.3.0"
+pytest-mock = "^3.15.1"
+pytest-cov = "^7.0.0"
+ruff = "^0.15.0"
+
+[build-system]
+requires = ["poetry-core"]
+build-backend = "poetry.core.masonry.api"
+
+[tool.ruff]
+line-length = 88
+
+[tool.ruff.lint]
+extend-select = ["I"]  # sort dependencies

autogpt_platform/backend/Dockerfile

@@ -39,7 +39,8 @@ ENV PATH=/opt/poetry/bin:$PATH
 
 RUN pip3 install poetry --break-system-packages
 
-# Copy and install dependencies (autogpt_libs merged into backend - OPEN-2998)
+# Copy and install dependencies
+COPY autogpt_platform/autogpt_libs /app/autogpt_platform/autogpt_libs
 COPY autogpt_platform/backend/poetry.lock autogpt_platform/backend/pyproject.toml /app/autogpt_platform/backend/
 WORKDIR /app/autogpt_platform/backend
 RUN poetry install --no-ansi --no-root
@@ -82,9 +83,11 @@ COPY --from=builder /root/.cache/prisma-python/binaries /root/.cache/prisma-pyth
 
 ENV PATH="/app/autogpt_platform/backend/.venv/bin:$PATH"
 
-# autogpt_libs merged into backend (OPEN-2998)
+RUN mkdir -p /app/autogpt_platform/autogpt_libs
 RUN mkdir -p /app/autogpt_platform/backend
 
+COPY autogpt_platform/autogpt_libs /app/autogpt_platform/autogpt_libs
+
 COPY autogpt_platform/backend/poetry.lock autogpt_platform/backend/pyproject.toml /app/autogpt_platform/backend/
 
 WORKDIR /app/autogpt_platform/backend

autogpt_platform/backend/TESTING.md

@@ -132,7 +132,7 @@ def test_endpoint_success(snapshot: Snapshot):
 
 ### Testing with Authentication
 
-For the main API routes that use JWT authentication, auth is provided by the `backend.api.auth` module. If the test actually uses the `user_id`, the recommended approach for testing is to mock the `get_jwt_payload` function, which underpins all higher-level auth functions used in the API (`requires_user`, `requires_admin_user`, `get_user_id`).
+For the main API routes that use JWT authentication, auth is provided by the `autogpt_libs.auth` module. If the test actually uses the `user_id`, the recommended approach for testing is to mock the `get_jwt_payload` function, which underpins all higher-level auth functions used in the API (`requires_user`, `requires_admin_user`, `get_user_id`).
 
 If the test doesn't need the `user_id` specifically, mocking is not necessary as during tests auth is disabled anyway (see `conftest.py`).
 
@@ -158,7 +158,7 @@ client = fastapi.testclient.TestClient(app)
 @pytest.fixture(autouse=True)
 def setup_app_auth(mock_jwt_user):
     """Setup auth overrides for all tests in this module"""
-    from backend.api.auth.jwt_utils import get_jwt_payload
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
 
     app.dependency_overrides[get_jwt_payload] = mock_jwt_user['get_jwt_payload']
     yield
@@ -171,7 +171,7 @@ For admin-only endpoints, use `mock_jwt_admin` instead:
 @pytest.fixture(autouse=True)
 def setup_app_auth(mock_jwt_admin):
     """Setup auth overrides for admin tests"""
-    from backend.api.auth.jwt_utils import get_jwt_payload
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
 
     app.dependency_overrides[get_jwt_payload] = mock_jwt_admin['get_jwt_payload']
     yield

autogpt_platform/backend/backend/api/features/admin/credit_admin_routes.py

@@ -1,10 +1,10 @@
 import logging
 import typing
 
+from autogpt_libs.auth import get_user_id, requires_admin_user
 from fastapi import APIRouter, Body, Security
 from prisma.enums import CreditTransactionType
 
-from backend.api.auth import get_user_id, requires_admin_user
 from backend.data.credit import admin_get_user_history, get_user_credit_model
 from backend.util.json import SafeJson
 

autogpt_platform/backend/backend/api/features/admin/credit_admin_routes_test.py

@@ -6,9 +6,9 @@ import fastapi.testclient
 import prisma.enums
 import pytest
 import pytest_mock
+from autogpt_libs.auth.jwt_utils import get_jwt_payload
 from pytest_snapshot.plugin import Snapshot
 
-from backend.api.auth.jwt_utils import get_jwt_payload
 from backend.data.model import UserTransaction
 from backend.util.json import SafeJson
 from backend.util.models import Pagination

autogpt_platform/backend/backend/api/features/admin/execution_analytics_routes.py

@@ -3,10 +3,10 @@ import logging
 from datetime import datetime
 from typing import Optional
 
+from autogpt_libs.auth import get_user_id, requires_admin_user
 from fastapi import APIRouter, HTTPException, Security
 from pydantic import BaseModel, Field
 
-from backend.api.auth import get_user_id, requires_admin_user
 from backend.blocks.llm import LlmModel
 from backend.data.analytics import (
     AccuracyTrendsResponse,

autogpt_platform/backend/backend/api/features/admin/store_admin_routes.py

@@ -2,11 +2,11 @@ import logging
 import tempfile
 import typing
 
+import autogpt_libs.auth
 import fastapi
 import fastapi.responses
 import prisma.enums
 
-import backend.api.auth
 import backend.api.features.store.cache as store_cache
 import backend.api.features.store.db as store_db
 import backend.api.features.store.model as store_model
@@ -17,7 +17,7 @@ logger = logging.getLogger(__name__)
 router = fastapi.APIRouter(
     prefix="/admin",
     tags=["store", "admin"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_admin_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_admin_user)],
 )
 
 
@@ -73,7 +73,7 @@ async def get_admin_listings_with_versions(
 async def review_submission(
     store_listing_version_id: str,
     request: store_model.ReviewSubmissionRequest,
-    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
 ):
     """
     Review a store listing submission.
@@ -117,7 +117,7 @@ async def review_submission(
     tags=["store", "admin"],
 )
 async def admin_download_agent_file(
-    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
     store_listing_version_id: str = fastapi.Path(
         ..., description="The ID of the agent to download"
     ),

autogpt_platform/backend/backend/api/features/analytics.py

@@ -5,10 +5,10 @@ from typing import Annotated
 
 import fastapi
 import pydantic
+from autogpt_libs.auth import get_user_id
+from autogpt_libs.auth.dependencies import requires_user
 
 import backend.data.analytics
-from backend.api.auth import get_user_id
-from backend.api.auth.dependencies import requires_user
 
 router = fastapi.APIRouter(dependencies=[fastapi.Security(requires_user)])
 logger = logging.getLogger(__name__)

autogpt_platform/backend/backend/api/features/analytics_test.py

@@ -20,7 +20,7 @@ client = fastapi.testclient.TestClient(app)
 @pytest.fixture(autouse=True)
 def setup_app_auth(mock_jwt_user):
     """Setup auth overrides for all tests in this module."""
-    from backend.api.auth.jwt_utils import get_jwt_payload
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
 
     app.dependency_overrides[get_jwt_payload] = mock_jwt_user["get_jwt_payload"]
     yield

autogpt_platform/backend/backend/api/features/builder/routes.py

@@ -2,8 +2,8 @@ import logging
 from typing import Annotated, Sequence
 
 import fastapi
+from autogpt_libs.auth.dependencies import get_user_id, requires_user
 
-from backend.api.auth.dependencies import get_user_id, requires_user
 from backend.integrations.providers import ProviderName
 from backend.util.models import Pagination
 

autogpt_platform/backend/backend/api/features/chat/response_model.py

@@ -10,8 +10,6 @@ from typing import Any
 
 from pydantic import BaseModel, Field
 
-from backend.util.json import dumps as json_dumps
-
 
 class ResponseType(str, Enum):
     """Types of streaming responses following AI SDK protocol."""
@@ -195,18 +193,6 @@ class StreamError(StreamBaseResponse):
         default=None, description="Additional error details"
     )
 
-    def to_sse(self) -> str:
-        """Convert to SSE format, only emitting fields required by AI SDK protocol.
-
-        The AI SDK uses z.strictObject({type, errorText}) which rejects
-        any extra fields like `code` or `details`.
-        """
-        data = {
-            "type": self.type.value,
-            "errorText": self.errorText,
-        }
-        return f"data: {json_dumps(data)}\n\n"
-
 
 class StreamHeartbeat(StreamBaseResponse):
     """Heartbeat to keep SSE connection alive during long-running operations.

autogpt_platform/backend/backend/api/features/chat/routes.py

@@ -5,11 +5,11 @@ import uuid as uuid_module
 from collections.abc import AsyncGenerator
 from typing import Annotated
 
+from autogpt_libs import auth
 from fastapi import APIRouter, Depends, Header, HTTPException, Query, Response, Security
 from fastapi.responses import StreamingResponse
 from pydantic import BaseModel
 
-from backend.api import auth
 from backend.util.exceptions import NotFoundError
 
 from . import service as chat_service
@@ -303,7 +303,7 @@ async def stream_chat_post(
 
     session = await _validate_and_get_session(session_id, user_id)
     logger.info(
-        f"[TIMING] session validated in {(time.perf_counter() - stream_start_time) * 1000:.1f}ms",
+        f"[TIMING] session validated in {(time.perf_counter() - stream_start_time)*1000:.1f}ms",
         extra={
             "json_fields": {
                 **log_meta,
@@ -327,7 +327,7 @@ async def stream_chat_post(
         operation_id=operation_id,
     )
     logger.info(
-        f"[TIMING] create_task completed in {(time.perf_counter() - task_create_start) * 1000:.1f}ms",
+        f"[TIMING] create_task completed in {(time.perf_counter() - task_create_start)*1000:.1f}ms",
         extra={
             "json_fields": {
                 **log_meta,
@@ -377,7 +377,7 @@ async def stream_chat_post(
             gen_end_time = time_module.perf_counter()
             total_time = (gen_end_time - gen_start_time) * 1000
             logger.info(
-                f"[TIMING] run_ai_generation FINISHED in {total_time / 1000:.1f}s; "
+                f"[TIMING] run_ai_generation FINISHED in {total_time/1000:.1f}s; "
                 f"task={task_id}, session={session_id}, "
                 f"ttfc={ttfc or -1:.2f}s, n_chunks={chunk_count}",
                 extra={

autogpt_platform/backend/backend/api/features/chat/service.py

@@ -1233,7 +1233,7 @@ async def _stream_chat_chunks(
 
                 total_time = (time_module.perf_counter() - stream_chunks_start) * 1000
                 logger.info(
-                    f"[TIMING] _stream_chat_chunks COMPLETED in {total_time / 1000:.1f}s; "
+                    f"[TIMING] _stream_chat_chunks COMPLETED in {total_time/1000:.1f}s; "
                     f"session={session.session_id}, user={session.user_id}",
                     extra={"json_fields": {**log_meta, "total_time_ms": total_time}},
                 )

autogpt_platform/backend/backend/api/features/chat/stream_registry.py

@@ -569,7 +569,7 @@ async def _stream_listener(
                             if isinstance(chunk, StreamFinish):
                                 total_time = (time.perf_counter() - start_time) * 1000
                                 logger.info(
-                                    f"[TIMING] StreamFinish received in {total_time / 1000:.1f}s; delivered={messages_delivered}",
+                                    f"[TIMING] StreamFinish received in {total_time/1000:.1f}s; delivered={messages_delivered}",
                                     extra={
                                         "json_fields": {
                                             **log_meta,
@@ -620,7 +620,7 @@ async def _stream_listener(
         # Clean up listener task mapping on exit
         total_time = (time.perf_counter() - start_time) * 1000
         logger.info(
-            f"[TIMING] _stream_listener FINISHED in {total_time / 1000:.1f}s; task={task_id}, "
+            f"[TIMING] _stream_listener FINISHED in {total_time/1000:.1f}s; task={task_id}, "
             f"delivered={messages_delivered}, xread_count={xread_count}",
             extra={
                 "json_fields": {

autogpt_platform/backend/backend/api/features/chat/tools/run_block.py

@@ -151,10 +151,9 @@ class RunBlockTool(BaseTool):
         logger.info(f"Executing block {block.name} ({block_id}) for user {user_id}")
 
         creds_manager = IntegrationCredentialsManager()
-        (
-            matched_credentials,
-            missing_credentials,
-        ) = await self._resolve_block_credentials(user_id, block, input_data)
+        matched_credentials, missing_credentials = (
+            await self._resolve_block_credentials(user_id, block, input_data)
+        )
 
         if missing_credentials:
             # Return setup requirements response with missing credentials

autogpt_platform/backend/backend/api/features/executions/review/review_routes_test.py

@@ -25,7 +25,7 @@ FIXED_NOW = datetime.datetime(2023, 1, 1, 0, 0, 0, tzinfo=datetime.timezone.utc)
 @pytest_asyncio.fixture(loop_scope="session")
 async def client(server, mock_jwt_user) -> AsyncGenerator[httpx.AsyncClient, None]:
     """Create async HTTP client with auth overrides"""
-    from backend.api.auth.jwt_utils import get_jwt_payload
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
 
     # Override get_jwt_payload dependency to return our test user
     app.dependency_overrides[get_jwt_payload] = mock_jwt_user["get_jwt_payload"]

autogpt_platform/backend/backend/api/features/executions/review/routes.py

@@ -2,10 +2,10 @@ import asyncio
 import logging
 from typing import Any, List
 
+import autogpt_libs.auth as autogpt_auth_lib
 from fastapi import APIRouter, HTTPException, Query, Security, status
 from prisma.enums import ReviewStatus
 
-import backend.api.auth as autogpt_auth_lib
 from backend.data.execution import (
     ExecutionContext,
     ExecutionStatus,

autogpt_platform/backend/backend/api/features/integrations/router.py

@@ -3,6 +3,7 @@ import logging
 from datetime import datetime, timedelta, timezone
 from typing import TYPE_CHECKING, Annotated, List, Literal
 
+from autogpt_libs.auth import get_user_id
 from fastapi import (
     APIRouter,
     Body,
@@ -16,7 +17,6 @@ from fastapi import (
 from pydantic import BaseModel, Field, SecretStr
 from starlette.status import HTTP_500_INTERNAL_SERVER_ERROR, HTTP_502_BAD_GATEWAY
 
-from backend.api.auth import get_user_id
 from backend.api.features.library.db import set_preset_webhook, update_preset
 from backend.api.features.library.model import LibraryAgentPreset
 from backend.data.graph import NodeModel, get_graph, set_node_webhook

autogpt_platform/backend/backend/api/features/library/routes/agents.py

@@ -1,10 +1,10 @@
 from typing import Literal, Optional
 
+import autogpt_libs.auth as autogpt_auth_lib
 from fastapi import APIRouter, Body, HTTPException, Query, Security, status
 from fastapi.responses import Response
 from prisma.enums import OnboardingStep
 
-import backend.api.auth as autogpt_auth_lib
 from backend.data.onboarding import complete_onboarding_step
 
 from .. import db as library_db

autogpt_platform/backend/backend/api/features/library/routes/presets.py

@@ -1,9 +1,9 @@
 import logging
 from typing import Any, Optional
 
+import autogpt_libs.auth as autogpt_auth_lib
 from fastapi import APIRouter, Body, HTTPException, Query, Security, status
 
-import backend.api.auth as autogpt_auth_lib
 from backend.data.execution import GraphExecutionMeta
 from backend.data.graph import get_graph
 from backend.data.integrations import get_webhook

autogpt_platform/backend/backend/api/features/library/routes_test.py

@@ -23,7 +23,7 @@ FIXED_NOW = datetime.datetime(2023, 1, 1, 0, 0, 0)
 @pytest.fixture(autouse=True)
 def setup_app_auth(mock_jwt_user):
     """Setup auth overrides for all tests in this module"""
-    from backend.api.auth.jwt_utils import get_jwt_payload
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
 
     app.dependency_overrides[get_jwt_payload] = mock_jwt_user["get_jwt_payload"]
     yield

autogpt_platform/backend/backend/api/features/oauth.py

@@ -21,13 +21,13 @@ from datetime import datetime
 from typing import Literal, Optional
 from urllib.parse import urlencode
 
+from autogpt_libs.auth import get_user_id
 from fastapi import APIRouter, Body, HTTPException, Security, UploadFile, status
 from gcloud.aio import storage as async_storage
 from PIL import Image
 from prisma.enums import APIKeyPermission
 from pydantic import BaseModel, Field
 
-from backend.api.auth import get_user_id
 from backend.data.auth.oauth import (
     InvalidClientError,
     InvalidGrantError,

autogpt_platform/backend/backend/api/features/oauth_test.py

@@ -21,6 +21,7 @@ from typing import AsyncGenerator
 import httpx
 import pytest
 import pytest_asyncio
+from autogpt_libs.api_key.keysmith import APIKeySmith
 from prisma.enums import APIKeyPermission
 from prisma.models import OAuthAccessToken as PrismaOAuthAccessToken
 from prisma.models import OAuthApplication as PrismaOAuthApplication
@@ -28,7 +29,6 @@ from prisma.models import OAuthAuthorizationCode as PrismaOAuthAuthorizationCode
 from prisma.models import OAuthRefreshToken as PrismaOAuthRefreshToken
 from prisma.models import User as PrismaUser
 
-from backend.api.auth.api_key.keysmith import APIKeySmith
 from backend.api.rest_api import app
 
 keysmith = APIKeySmith()
@@ -134,7 +134,7 @@ async def client(server, test_user: str) -> AsyncGenerator[httpx.AsyncClient, No
     Depends on `server` to ensure the DB is connected and `test_user` to ensure
     the user exists in the database before running tests.
     """
-    from backend.api.auth import get_user_id
+    from autogpt_libs.auth import get_user_id
 
     # Override get_user_id dependency to return our test user
     def override_get_user_id():

autogpt_platform/backend/backend/api/features/otto/routes.py

@@ -1,9 +1,8 @@
 import logging
 
+from autogpt_libs.auth import get_user_id, requires_user
 from fastapi import APIRouter, HTTPException, Security
 
-from backend.api.auth import get_user_id, requires_user
-
 from .models import ApiResponse, ChatRequest
 from .service import OttoService
 

autogpt_platform/backend/backend/api/features/otto/routes_test.py

@@ -19,7 +19,7 @@ client = fastapi.testclient.TestClient(app)
 @pytest.fixture(autouse=True)
 def setup_app_auth(mock_jwt_user):
     """Setup auth overrides for all tests in this module"""
-    from backend.api.auth.jwt_utils import get_jwt_payload
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
 
     app.dependency_overrides[get_jwt_payload] = mock_jwt_user["get_jwt_payload"]
     yield

autogpt_platform/backend/backend/api/features/postmark/postmark.py

@@ -57,7 +57,7 @@ async def postmark_webhook_handler(
     webhook: Annotated[
         PostmarkWebhook,
         Body(discriminator="RecordType"),
-    ],
+    ]
 ):
     logger.info(f"Received webhook from Postmark: {webhook}")
     match webhook:

autogpt_platform/backend/backend/api/features/store/content_handlers.py

@@ -164,7 +164,7 @@ class BlockHandler(ContentHandler):
         block_ids = list(all_blocks.keys())
 
         # Query for existing embeddings
-        placeholders = ",".join([f"${i + 1}" for i in range(len(block_ids))])
+        placeholders = ",".join([f"${i+1}" for i in range(len(block_ids))])
         existing_result = await query_raw_with_schema(
             f"""
             SELECT "contentId"
@@ -265,7 +265,7 @@ class BlockHandler(ContentHandler):
             return {"total": 0, "with_embeddings": 0, "without_embeddings": 0}
 
         block_ids = enabled_block_ids
-        placeholders = ",".join([f"${i + 1}" for i in range(len(block_ids))])
+        placeholders = ",".join([f"${i+1}" for i in range(len(block_ids))])
 
         embedded_result = await query_raw_with_schema(
             f"""
@@ -508,7 +508,7 @@ class DocumentationHandler(ContentHandler):
         ]
 
         # Check which ones have embeddings
-        placeholders = ",".join([f"${i + 1}" for i in range(len(section_content_ids))])
+        placeholders = ",".join([f"${i+1}" for i in range(len(section_content_ids))])
         existing_result = await query_raw_with_schema(
             f"""
             SELECT "contentId"

autogpt_platform/backend/backend/api/features/store/media_test.py

@@ -47,7 +47,7 @@ def mock_storage_client(mocker):
 
 async def test_upload_media_success(mock_settings, mock_storage_client):
     # Create test JPEG data with valid signature
-    test_data = b"\xff\xd8\xff" + b"test data"
+    test_data = b"\xFF\xD8\xFF" + b"test data"
 
     test_file = fastapi.UploadFile(
         filename="laptop.jpeg",
@@ -85,7 +85,7 @@ async def test_upload_media_missing_credentials(monkeypatch):
 
     test_file = fastapi.UploadFile(
         filename="laptop.jpeg",
-        file=io.BytesIO(b"\xff\xd8\xff" + b"test data"),  # Valid JPEG signature
+        file=io.BytesIO(b"\xFF\xD8\xFF" + b"test data"),  # Valid JPEG signature
         headers=starlette.datastructures.Headers({"content-type": "image/jpeg"}),
     )
 
@@ -110,7 +110,7 @@ async def test_upload_media_video_type(mock_settings, mock_storage_client):
 
 
 async def test_upload_media_file_too_large(mock_settings, mock_storage_client):
-    large_data = b"\xff\xd8\xff" + b"x" * (
+    large_data = b"\xFF\xD8\xFF" + b"x" * (
         50 * 1024 * 1024 + 1
     )  # 50MB + 1 byte with valid JPEG signature
     test_file = fastapi.UploadFile(

autogpt_platform/backend/backend/api/features/store/routes.py

@@ -4,11 +4,11 @@ import typing
 import urllib.parse
 from typing import Literal
 
+import autogpt_libs.auth
 import fastapi
 import fastapi.responses
 import prisma.enums
 
-import backend.api.auth
 import backend.data.graph
 import backend.util.json
 from backend.util.models import Pagination
@@ -34,11 +34,11 @@ router = fastapi.APIRouter()
     "/profile",
     summary="Get user profile",
     tags=["store", "private"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_user)],
     response_model=store_model.ProfileDetails,
 )
 async def get_profile(
-    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
 ):
     """
     Get the profile details for the authenticated user.
@@ -57,12 +57,12 @@ async def get_profile(
     "/profile",
     summary="Update user profile",
     tags=["store", "private"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_user)],
     response_model=store_model.CreatorDetails,
 )
 async def update_or_create_profile(
     profile: store_model.Profile,
-    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
 ):
     """
     Update the store profile for the authenticated user.
@@ -169,7 +169,7 @@ async def unified_search(
     page: int = 1,
     page_size: int = 20,
     user_id: str | None = fastapi.Security(
-        backend.api.auth.get_optional_user_id, use_cache=False
+        autogpt_libs.auth.get_optional_user_id, use_cache=False
     ),
 ):
     """
@@ -274,7 +274,7 @@ async def get_agent(
     "/graph/{store_listing_version_id}",
     summary="Get agent graph",
     tags=["store"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_user)],
 )
 async def get_graph_meta_by_store_listing_version_id(
     store_listing_version_id: str,
@@ -290,7 +290,7 @@ async def get_graph_meta_by_store_listing_version_id(
     "/agents/{store_listing_version_id}",
     summary="Get agent by version",
     tags=["store"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_user)],
     response_model=store_model.StoreAgentDetails,
 )
 async def get_store_agent(store_listing_version_id: str):
@@ -306,14 +306,14 @@ async def get_store_agent(store_listing_version_id: str):
     "/agents/{username}/{agent_name}/review",
     summary="Create agent review",
     tags=["store"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_user)],
     response_model=store_model.StoreReview,
 )
 async def create_review(
     username: str,
     agent_name: str,
     review: store_model.StoreReviewCreate,
-    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
 ):
     """
     Create a review for a store agent.
@@ -417,11 +417,11 @@ async def get_creator(
     "/myagents",
     summary="Get my agents",
     tags=["store", "private"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_user)],
     response_model=store_model.MyAgentsResponse,
 )
 async def get_my_agents(
-    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
     page: typing.Annotated[int, fastapi.Query(ge=1)] = 1,
     page_size: typing.Annotated[int, fastapi.Query(ge=1)] = 20,
 ):
@@ -436,12 +436,12 @@ async def get_my_agents(
     "/submissions/{submission_id}",
     summary="Delete store submission",
     tags=["store", "private"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_user)],
     response_model=bool,
 )
 async def delete_submission(
     submission_id: str,
-    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
 ):
     """
     Delete a store listing submission.
@@ -465,11 +465,11 @@ async def delete_submission(
     "/submissions",
     summary="List my submissions",
     tags=["store", "private"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_user)],
     response_model=store_model.StoreSubmissionsResponse,
 )
 async def get_submissions(
-    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
     page: int = 1,
     page_size: int = 20,
 ):
@@ -508,12 +508,12 @@ async def get_submissions(
     "/submissions",
     summary="Create store submission",
     tags=["store", "private"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_user)],
     response_model=store_model.StoreSubmission,
 )
 async def create_submission(
     submission_request: store_model.StoreSubmissionRequest,
-    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
 ):
     """
     Create a new store listing submission.
@@ -552,13 +552,13 @@ async def create_submission(
     "/submissions/{store_listing_version_id}",
     summary="Edit store submission",
     tags=["store", "private"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_user)],
     response_model=store_model.StoreSubmission,
 )
 async def edit_submission(
     store_listing_version_id: str,
     submission_request: store_model.StoreSubmissionEditRequest,
-    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
 ):
     """
     Edit an existing store listing submission.
@@ -596,11 +596,11 @@ async def edit_submission(
     "/submissions/media",
     summary="Upload submission media",
     tags=["store", "private"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_user)],
 )
 async def upload_submission_media(
     file: fastapi.UploadFile,
-    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
 ):
     """
     Upload media (images/videos) for a store listing submission.
@@ -623,11 +623,11 @@ async def upload_submission_media(
     "/submissions/generate_image",
     summary="Generate submission image",
     tags=["store", "private"],
-    dependencies=[fastapi.Security(backend.api.auth.requires_user)],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_user)],
 )
 async def generate_image(
     agent_id: str,
-    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
 ) -> fastapi.responses.Response:
     """
     Generate an image for a store listing submission.

autogpt_platform/backend/backend/api/features/store/routes_test.py

@@ -24,7 +24,7 @@ client = fastapi.testclient.TestClient(app)
 @pytest.fixture(autouse=True)
 def setup_app_auth(mock_jwt_user):
     """Setup auth overrides for all tests in this module"""
-    from backend.api.auth.jwt_utils import get_jwt_payload
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
 
     app.dependency_overrides[get_jwt_payload] = mock_jwt_user["get_jwt_payload"]
     yield

autogpt_platform/backend/backend/api/features/v1.py

@@ -9,6 +9,8 @@ from typing import Annotated, Any, Sequence, get_args
 
 import pydantic
 import stripe
+from autogpt_libs.auth import get_user_id, requires_user
+from autogpt_libs.auth.jwt_utils import get_jwt_payload
 from fastapi import (
     APIRouter,
     Body,
@@ -26,8 +28,6 @@ from pydantic import BaseModel
 from starlette.status import HTTP_204_NO_CONTENT, HTTP_404_NOT_FOUND
 from typing_extensions import Optional, TypedDict
 
-from backend.api.auth import get_user_id, requires_user
-from backend.api.auth.jwt_utils import get_jwt_payload
 from backend.api.model import (
     CreateAPIKeyRequest,
     CreateAPIKeyResponse,

autogpt_platform/backend/backend/api/features/v1_test.py

@@ -25,7 +25,7 @@ client = fastapi.testclient.TestClient(app)
 @pytest.fixture(autouse=True)
 def setup_app_auth(mock_jwt_user, setup_test_user):
     """Setup auth overrides for all tests in this module"""
-    from backend.api.auth.jwt_utils import get_jwt_payload
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
 
     # setup_test_user fixture already executed and user is created in database
     # It returns the user_id which we don't need to await
@@ -499,12 +499,10 @@ async def test_upload_file_success(test_user_id: str):
     )
 
     # Mock dependencies
-    with (
-        patch("backend.api.features.v1.scan_content_safe") as mock_scan,
-        patch(
-            "backend.api.features.v1.get_cloud_storage_handler"
-        ) as mock_handler_getter,
-    ):
+    with patch("backend.api.features.v1.scan_content_safe") as mock_scan, patch(
+        "backend.api.features.v1.get_cloud_storage_handler"
+    ) as mock_handler_getter:
+
         mock_scan.return_value = None
         mock_handler = AsyncMock()
         mock_handler.store_file.return_value = "gcs://test-bucket/uploads/123/test.txt"
@@ -553,12 +551,10 @@ async def test_upload_file_no_filename(test_user_id: str):
         ),
     )
 
-    with (
-        patch("backend.api.features.v1.scan_content_safe") as mock_scan,
-        patch(
-            "backend.api.features.v1.get_cloud_storage_handler"
-        ) as mock_handler_getter,
-    ):
+    with patch("backend.api.features.v1.scan_content_safe") as mock_scan, patch(
+        "backend.api.features.v1.get_cloud_storage_handler"
+    ) as mock_handler_getter:
+
         mock_scan.return_value = None
         mock_handler = AsyncMock()
         mock_handler.store_file.return_value = (
@@ -636,12 +632,10 @@ async def test_upload_file_cloud_storage_failure(test_user_id: str):
         headers=starlette.datastructures.Headers({"content-type": "text/plain"}),
     )
 
-    with (
-        patch("backend.api.features.v1.scan_content_safe") as mock_scan,
-        patch(
-            "backend.api.features.v1.get_cloud_storage_handler"
-        ) as mock_handler_getter,
-    ):
+    with patch("backend.api.features.v1.scan_content_safe") as mock_scan, patch(
+        "backend.api.features.v1.get_cloud_storage_handler"
+    ) as mock_handler_getter:
+
         mock_scan.return_value = None
         mock_handler = AsyncMock()
         mock_handler.store_file.side_effect = RuntimeError("Storage error!")
@@ -685,12 +679,10 @@ async def test_upload_file_gcs_not_configured_fallback(test_user_id: str):
         headers=starlette.datastructures.Headers({"content-type": "text/plain"}),
     )
 
-    with (
-        patch("backend.api.features.v1.scan_content_safe") as mock_scan,
-        patch(
-            "backend.api.features.v1.get_cloud_storage_handler"
-        ) as mock_handler_getter,
-    ):
+    with patch("backend.api.features.v1.scan_content_safe") as mock_scan, patch(
+        "backend.api.features.v1.get_cloud_storage_handler"
+    ) as mock_handler_getter:
+
         mock_scan.return_value = None
         mock_handler = AsyncMock()
         mock_handler.config.gcs_bucket_name = ""  # Simulate no GCS bucket configured

autogpt_platform/backend/backend/api/features/workspace/routes.py

@@ -8,9 +8,9 @@ from typing import Annotated
 from urllib.parse import quote
 
 import fastapi
+from autogpt_libs.auth.dependencies import get_user_id, requires_user
 from fastapi.responses import Response
 
-from backend.api.auth.dependencies import get_user_id, requires_user
 from backend.data.workspace import get_workspace, get_workspace_file
 from backend.util.workspace_storage import get_workspace_storage
 

autogpt_platform/backend/backend/api/rest_api.py

@@ -9,6 +9,8 @@ import fastapi.responses
 import pydantic
 import starlette.middleware.cors
 import uvicorn
+from autogpt_libs.auth import add_auth_responses_to_openapi
+from autogpt_libs.auth import verify_settings as verify_auth_settings
 from fastapi.exceptions import RequestValidationError
 from fastapi.middleware.gzip import GZipMiddleware
 from fastapi.routing import APIRoute
@@ -38,8 +40,6 @@ import backend.data.user
 import backend.integrations.webhooks.utils
 import backend.util.service
 import backend.util.settings
-from backend.api.auth import add_auth_responses_to_openapi
-from backend.api.auth import verify_settings as verify_auth_settings
 from backend.api.features.chat.completion_consumer import (
     start_completion_consumer,
     stop_completion_consumer,
@@ -69,7 +69,7 @@ from .utils.openapi import sort_openapi
 settings = backend.util.settings.Settings()
 logger = logging.getLogger(__name__)
 
-logging.getLogger("backend.api.auth").setLevel(logging.INFO)
+logging.getLogger("autogpt_libs").setLevel(logging.INFO)
 
 
 @contextlib.contextmanager

autogpt_platform/backend/backend/api/utils/api_key_auth_test.py

@@ -457,8 +457,7 @@ async def test_api_key_with_unicode_characters_normalization_attack(mock_request
     """Test that Unicode normalization doesn't bypass validation."""
     # Create auth with composed Unicode character
     auth = APIKeyAuthenticator(
-        header_name="X-API-Key",
-        expected_token="café",  # é is composed
+        header_name="X-API-Key", expected_token="café"  # é is composed
     )
 
     # Try with decomposed version (c + a + f + e + ´)
@@ -523,8 +522,8 @@ async def test_api_keys_with_newline_variations(mock_request):
         "valid\r\ntoken",  # Windows newline
         "valid\rtoken",  # Mac newline
         "valid\x85token",  # NEL (Next Line)
-        "valid\x0btoken",  # Vertical Tab
-        "valid\x0ctoken",  # Form Feed
+        "valid\x0Btoken",  # Vertical Tab
+        "valid\x0Ctoken",  # Form Feed
     ]
 
     for api_key in newline_variations:

autogpt_platform/backend/backend/api/ws_api.py

@@ -5,10 +5,10 @@ from typing import Protocol
 
 import pydantic
 import uvicorn
+from autogpt_libs.auth.jwt_utils import parse_jwt_token
 from fastapi import Depends, FastAPI, WebSocket, WebSocketDisconnect
 from starlette.middleware.cors import CORSMiddleware
 
-from backend.api.auth.jwt_utils import parse_jwt_token
 from backend.api.conn_manager import ConnectionManager
 from backend.api.model import (
     WSMessage,

autogpt_platform/backend/backend/api/ws_api_test.py

@@ -44,12 +44,9 @@ def test_websocket_server_uses_cors_helper(mocker) -> None:
         "backend.api.ws_api.build_cors_params", return_value=cors_params
     )
 
-    with (
-        override_config(
-            settings, "backend_cors_allow_origins", cors_params["allow_origins"]
-        ),
-        override_config(settings, "app_env", AppEnvironment.LOCAL),
-    ):
+    with override_config(
+        settings, "backend_cors_allow_origins", cors_params["allow_origins"]
+    ), override_config(settings, "app_env", AppEnvironment.LOCAL):
         WebsocketServer().run()
 
     build_cors.assert_called_once_with(
@@ -68,12 +65,9 @@ def test_websocket_server_uses_cors_helper(mocker) -> None:
 def test_websocket_server_blocks_localhost_in_production(mocker) -> None:
     mocker.patch("backend.api.ws_api.uvicorn.run")
 
-    with (
-        override_config(
-            settings, "backend_cors_allow_origins", ["http://localhost:3000"]
-        ),
-        override_config(settings, "app_env", AppEnvironment.PRODUCTION),
-    ):
+    with override_config(
+        settings, "backend_cors_allow_origins", ["http://localhost:3000"]
+    ), override_config(settings, "app_env", AppEnvironment.PRODUCTION):
         with pytest.raises(ValueError):
             WebsocketServer().run()
 

autogpt_platform/backend/backend/blocks/ai_image_generator_block.py

@@ -174,9 +174,7 @@ class AIImageGeneratorBlock(Block):
             ],
             test_mock={
                 # Return a data URI directly so store_media_file doesn't need to download
-                "_run_client": lambda *args, **kwargs: (
-                    "data:image/webp;base64,UklGRiQAAABXRUJQVlA4IBgAAAAwAQCdASoBAAEAAQAcJYgCdAEO"
-                )
+                "_run_client": lambda *args, **kwargs: "data:image/webp;base64,UklGRiQAAABXRUJQVlA4IBgAAAAwAQCdASoBAAEAAQAcJYgCdAEO"
             },
         )
 

autogpt_platform/backend/backend/blocks/ai_music_generator.py

@@ -142,9 +142,7 @@ class AIMusicGeneratorBlock(Block):
                 ),
             ],
             test_mock={
-                "run_model": lambda api_key, music_gen_model_version, prompt, duration, temperature, top_k, top_p, classifier_free_guidance, output_format, normalization_strategy: (
-                    "https://replicate.com/output/generated-audio-url.wav"
-                ),
+                "run_model": lambda api_key, music_gen_model_version, prompt, duration, temperature, top_k, top_p, classifier_free_guidance, output_format, normalization_strategy: "https://replicate.com/output/generated-audio-url.wav",
             },
             test_credentials=TEST_CREDENTIALS,
         )

autogpt_platform/backend/backend/blocks/ayrshare/post_to_bluesky.py

@@ -69,18 +69,12 @@ class PostToBlueskyBlock(Block):
 
         client = create_ayrshare_client()
         if not client:
-            yield (
-                "error",
-                "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY.",
-            )
+            yield "error", "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY."
             return
 
         # Validate character limit for Bluesky
         if len(input_data.post) > 300:
-            yield (
-                "error",
-                f"Post text exceeds Bluesky's 300 character limit ({len(input_data.post)} characters)",
-            )
+            yield "error", f"Post text exceeds Bluesky's 300 character limit ({len(input_data.post)} characters)"
             return
 
         # Validate media constraints for Bluesky

autogpt_platform/backend/backend/blocks/ayrshare/post_to_facebook.py

@@ -131,10 +131,7 @@ class PostToFacebookBlock(Block):
 
         client = create_ayrshare_client()
         if not client:
-            yield (
-                "error",
-                "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY.",
-            )
+            yield "error", "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY."
             return
 
         # Convert datetime to ISO format if provided

autogpt_platform/backend/backend/blocks/ayrshare/post_to_gmb.py

@@ -120,18 +120,12 @@ class PostToGMBBlock(Block):
 
         client = create_ayrshare_client()
         if not client:
-            yield (
-                "error",
-                "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY.",
-            )
+            yield "error", "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY."
             return
 
         # Validate GMB constraints
         if len(input_data.media_urls) > 1:
-            yield (
-                "error",
-                "Google My Business supports only one image or video per post",
-            )
+            yield "error", "Google My Business supports only one image or video per post"
             return
 
         # Validate offer coupon code length

autogpt_platform/backend/backend/blocks/ayrshare/post_to_instagram.py

@@ -123,25 +123,16 @@ class PostToInstagramBlock(Block):
 
         client = create_ayrshare_client()
         if not client:
-            yield (
-                "error",
-                "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY.",
-            )
+            yield "error", "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY."
             return
 
         # Validate Instagram constraints
         if len(input_data.post) > 2200:
-            yield (
-                "error",
-                f"Instagram post text exceeds 2,200 character limit ({len(input_data.post)} characters)",
-            )
+            yield "error", f"Instagram post text exceeds 2,200 character limit ({len(input_data.post)} characters)"
             return
 
         if len(input_data.media_urls) > 10:
-            yield (
-                "error",
-                "Instagram supports a maximum of 10 images/videos in a carousel",
-            )
+            yield "error", "Instagram supports a maximum of 10 images/videos in a carousel"
             return
 
         if len(input_data.collaborators) > 3:
@@ -156,10 +147,7 @@ class PostToInstagramBlock(Block):
         ]
 
         if any(reel_options) and not all(reel_options):
-            yield (
-                "error",
-                "When posting a reel, all reel options must be set: share_reels_feed, audio_name, and either thumbnail or thumbnail_offset",
-            )
+            yield "error", "When posting a reel, all reel options must be set: share_reels_feed, audio_name, and either thumbnail or thumbnail_offset"
             return
 
         # Count hashtags and mentions
@@ -167,17 +155,11 @@ class PostToInstagramBlock(Block):
         mention_count = input_data.post.count("@")
 
         if hashtag_count > 30:
-            yield (
-                "error",
-                f"Instagram allows maximum 30 hashtags ({hashtag_count} found)",
-            )
+            yield "error", f"Instagram allows maximum 30 hashtags ({hashtag_count} found)"
             return
 
         if mention_count > 3:
-            yield (
-                "error",
-                f"Instagram allows maximum 3 @mentions ({mention_count} found)",
-            )
+            yield "error", f"Instagram allows maximum 3 @mentions ({mention_count} found)"
             return
 
         # Convert datetime to ISO format if provided
@@ -209,10 +191,7 @@ class PostToInstagramBlock(Block):
             # Validate alt text length
             for i, alt in enumerate(input_data.alt_text):
                 if len(alt) > 1000:
-                    yield (
-                        "error",
-                        f"Alt text {i + 1} exceeds 1,000 character limit ({len(alt)} characters)",
-                    )
+                    yield "error", f"Alt text {i+1} exceeds 1,000 character limit ({len(alt)} characters)"
                     return
             instagram_options["altText"] = input_data.alt_text
 
@@ -227,19 +206,13 @@ class PostToInstagramBlock(Block):
                 try:
                     tag_obj = InstagramUserTag(**tag)
                 except Exception as e:
-                    yield (
-                        "error",
-                        f"Invalid user tag: {e}, tages need to be a dictionary with a 3 items: username (str), x (float) and y (float)",
-                    )
+                    yield "error", f"Invalid user tag: {e}, tages need to be a dictionary with a 3 items: username (str), x (float) and y (float)"
                     return
                 tag_dict: dict[str, float | str] = {"username": tag_obj.username}
                 if tag_obj.x is not None and tag_obj.y is not None:
                     # Validate coordinates
                     if not (0.0 <= tag_obj.x <= 1.0) or not (0.0 <= tag_obj.y <= 1.0):
-                        yield (
-                            "error",
-                            f"User tag coordinates must be between 0.0 and 1.0 (user: {tag_obj.username})",
-                        )
+                        yield "error", f"User tag coordinates must be between 0.0 and 1.0 (user: {tag_obj.username})"
                         return
                     tag_dict["x"] = tag_obj.x
                     tag_dict["y"] = tag_obj.y

autogpt_platform/backend/backend/blocks/ayrshare/post_to_linkedin.py

@@ -123,18 +123,12 @@ class PostToLinkedInBlock(Block):
 
         client = create_ayrshare_client()
         if not client:
-            yield (
-                "error",
-                "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY.",
-            )
+            yield "error", "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY."
             return
 
         # Validate LinkedIn constraints
         if len(input_data.post) > 3000:
-            yield (
-                "error",
-                f"LinkedIn post text exceeds 3,000 character limit ({len(input_data.post)} characters)",
-            )
+            yield "error", f"LinkedIn post text exceeds 3,000 character limit ({len(input_data.post)} characters)"
             return
 
         if len(input_data.media_urls) > 9:
@@ -142,19 +136,13 @@ class PostToLinkedInBlock(Block):
             return
 
         if input_data.document_title and len(input_data.document_title) > 400:
-            yield (
-                "error",
-                f"LinkedIn document title exceeds 400 character limit ({len(input_data.document_title)} characters)",
-            )
+            yield "error", f"LinkedIn document title exceeds 400 character limit ({len(input_data.document_title)} characters)"
             return
 
         # Validate visibility option
         valid_visibility = ["public", "connections", "loggedin"]
         if input_data.visibility not in valid_visibility:
-            yield (
-                "error",
-                f"LinkedIn visibility must be one of: {', '.join(valid_visibility)}",
-            )
+            yield "error", f"LinkedIn visibility must be one of: {', '.join(valid_visibility)}"
             return
 
         # Check for document extensions

autogpt_platform/backend/backend/blocks/ayrshare/post_to_pinterest.py

@@ -103,32 +103,20 @@ class PostToPinterestBlock(Block):
 
         client = create_ayrshare_client()
         if not client:
-            yield (
-                "error",
-                "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY.",
-            )
+            yield "error", "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY."
             return
 
         # Validate Pinterest constraints
         if len(input_data.post) > 500:
-            yield (
-                "error",
-                f"Pinterest pin description exceeds 500 character limit ({len(input_data.post)} characters)",
-            )
+            yield "error", f"Pinterest pin description exceeds 500 character limit ({len(input_data.post)} characters)"
             return
 
         if len(input_data.pin_title) > 100:
-            yield (
-                "error",
-                f"Pinterest pin title exceeds 100 character limit ({len(input_data.pin_title)} characters)",
-            )
+            yield "error", f"Pinterest pin title exceeds 100 character limit ({len(input_data.pin_title)} characters)"
             return
 
         if len(input_data.link) > 2048:
-            yield (
-                "error",
-                f"Pinterest link URL exceeds 2048 character limit ({len(input_data.link)} characters)",
-            )
+            yield "error", f"Pinterest link URL exceeds 2048 character limit ({len(input_data.link)} characters)"
             return
 
         if len(input_data.media_urls) == 0:
@@ -153,10 +141,7 @@ class PostToPinterestBlock(Block):
         # Validate alt text length
         for i, alt in enumerate(input_data.alt_text):
             if len(alt) > 500:
-                yield (
-                    "error",
-                    f"Pinterest alt text {i + 1} exceeds 500 character limit ({len(alt)} characters)",
-                )
+                yield "error", f"Pinterest alt text {i+1} exceeds 500 character limit ({len(alt)} characters)"
                 return
 
         # Convert datetime to ISO format if provided

autogpt_platform/backend/backend/blocks/ayrshare/post_to_snapchat.py

@@ -73,10 +73,7 @@ class PostToSnapchatBlock(Block):
 
         client = create_ayrshare_client()
         if not client:
-            yield (
-                "error",
-                "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY.",
-            )
+            yield "error", "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY."
             return
 
         # Validate Snapchat constraints
@@ -91,10 +88,7 @@ class PostToSnapchatBlock(Block):
         # Validate story type
         valid_story_types = ["story", "saved_story", "spotlight"]
         if input_data.story_type not in valid_story_types:
-            yield (
-                "error",
-                f"Snapchat story type must be one of: {', '.join(valid_story_types)}",
-            )
+            yield "error", f"Snapchat story type must be one of: {', '.join(valid_story_types)}"
             return
 
         # Convert datetime to ISO format if provided

autogpt_platform/backend/backend/blocks/ayrshare/post_to_telegram.py

@@ -68,10 +68,7 @@ class PostToTelegramBlock(Block):
 
         client = create_ayrshare_client()
         if not client:
-            yield (
-                "error",
-                "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY.",
-            )
+            yield "error", "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY."
             return
 
         # Validate Telegram constraints

autogpt_platform/backend/backend/blocks/ayrshare/post_to_threads.py

@@ -61,34 +61,22 @@ class PostToThreadsBlock(Block):
 
         client = create_ayrshare_client()
         if not client:
-            yield (
-                "error",
-                "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY.",
-            )
+            yield "error", "Ayrshare integration is not configured. Please set up the AYRSHARE_API_KEY."
             return
 
         # Validate Threads constraints
         if len(input_data.post) > 500:
-            yield (
-                "error",
-                f"Threads post text exceeds 500 character limit ({len(input_data.post)} characters)",
-            )
+            yield "error", f"Threads post text exceeds 500 character limit ({len(input_data.post)} characters)"
             return
 
         if len(input_data.media_urls) > 20:
-            yield (
-                "error",
-                "Threads supports a maximum of 20 images/videos in a carousel",
-            )
+            yield "error", "Threads supports a maximum of 20 images/videos in a carousel"
             return
 
         # Count hashtags (only 1 allowed)
         hashtag_count = input_data.post.count("#")
         if hashtag_count > 1:
-            yield (
-                "error",
-                f"Threads allows only 1 hashtag per post ({hashtag_count} found)",
-            )
+            yield "error", f"Threads allows only 1 hashtag per post ({hashtag_count} found)"
             return
 
         # Convert datetime to ISO format if provided