o ưix*@sUddlmZddlmZmZmZmZmZmZm Z m Z ddl m Z m Z m Z ddlmZddlmZddlmZddlZddlZddlZddlmZdd lmZd Zd Zd Zd ZdZdZ dZ!ej"#ej"$ddZ%dcddZ&ddddZ'ded d!Z(dfd"d#Z)dgd%d&Z*ed'd(Gd)d*d*Z+e+d+d,e+d-d.e+d/d0d1d2d3e+d4d5d6d2d3e+d7d8d9e+d:d;de+d?d@dAd2d3e+dBdCdDd2d3g Z,dEe-dF<dhdidIdJZ.djdLdMZ/dkdTdUZ0dldmdWdXZ1  dldYdZd[dndadbZ2dS)o) annotations)AnyCallableDictFinalListOptionalSequenceTuple)datetime timedeltatimezone)Lock)Path) dataclassN)sap_service_key)_get_httpx_clientz /oauth/tokenZ AICORE_CONFIGZ AICORE_HOMEZAICORE_PROFILEZ VCAP_SERVICESZaicoreZAICORE_SERVICE_KEY~z.aicorereturnstrcCs tttSN)osgetenvHOME_PATH_ENV_VARDEFAULT_HOME_PATHrrS/home/app/Keep/.python/lib/python3.10/site-packages/litellm/llms/sap/credentials.py _get_home rdDict[str, Any]path Sequence[str]rcCs:|}|D]}t|tr||vrtd|||}q|S)N.) isinstancedictKeyErrorjoin)rr!curkrrr _get_nesteds  r*var_nameOptional[Dict[str, Any]]cCs8tj|}|s dSzt|WStjyYdSwr)renvirongetjsonloadsJSONDecodeError)r+rawrrr_load_json_env(s  r3cCs ttpiSr)r3VCAP_SERVICES_ENV_VARrrrr _load_vcap2rr5labelcCs8tD]}|D]}|d|kr|Sq qdS)Nr6)r5valuesr.)r6ZservicesZsvcrrr_get_vcap_service6s r8T)frozenc@s:eZdZUded<dZded<dZded<dZded <dS) CredentialsValuernameNzOptional[Tuple[str, ...]]vcap_key Optional[str]defaultzOptional[Callable[[str], str]] transform_fn)__name__ __module__ __qualname____annotations__r<r>r?rrrrr:>s   r: client_id)Zclientid client_secret)Z clientsecretauth_urlurlcC|d|tr dStSN/rstripendswithAUTH_ENDPOINT_SUFFIXrGrrrL  rQ)r?base_url)Z serviceurlsZ AI_API_URLcCs|d|dr dSdS)NrKz/v2rL)rNrOrGrrrrQRrRresource_groupr>)r>cert_url)ZcerturlcCrIrJrMrGrrrrQYrRcert_file_path key_file_pathcert_str)Z certificatecC |ddSN\n replacesrrrrQa key_str)keycCrYrZr]r_rrrrQdrazFinal[List[CredentialsValue]]CREDENTIAL_VALUESprofiler=cCstt}|p tjt}tt}|rt|n ||dvrdnd|d}|rZ|rZz|j dd}t |WdWS1sDwYWnt j yYt |dw|s`|dvrktd |d |d iS) z Loads config JSON from: 1) $AICORE_CONFIG if set, otherwise 2) $AICORE_HOME/config.json (or config_.json when profile is given/not default) Returns {} when nothing is found. )NrLr>z config.jsonZconfig_z.jsonzutf-8)encodingNz, is not valid JSON. Please fix or remove it!z)Unable to locate profile config file at 'z' in AICORE_HOME '')rrrr-r.PROFILE_ENV_VARrCONFIG_FILE_ENV_VARexistsopenr/loadr1r&FileNotFoundError)rehomeZcfg_envZcfg_pathfrrr init_confis0     & rpr;cCsd|S)NZAICORE_)upper)r;rrr _env_namesrrcredkwargsenvDict[str, str]config service_likecCs|j|vr||jdur||jSt|j}||vr$||dur$||S||jfD]}||vr;||dur;||Sq)|r`|jr`zt|d|j}|durQ|WSW|jSty_Y|jSw|jS)N) credentials)r;rrr<r*r&r>)rsrtrurwrxZenv_keyrcvalrrr_resolve_values*     r{ service_keyc Kst|}tj}d}|s|ptpttptt}i}tD]}t |||||d}|dur+q|j r3| |}|||j <qd| vrF| d|d<|S)a> Resolution order per key: kwargs > env (AICORE_) > config (AICORE_ or plain ) > service-like source from JSON in $AICORE_SERVICE_KEY (same structure as a VCAP service object) falling back to service entry in $VCAP_SERVICES with label 'aicore' > default N)rtrurwrxrUrF)rprr-rr3SERVICE_KEY_ENV_VARr8VCAP_AICORE_SERVICE_NAMErdr{r?r;keyspop) r|rertrwrurxoutrsvaluerrrfetch_credentialss$    rg>@<)timeoutexpiry_buffer_minutesrfloatrint"Tuple[Callable[[], str], str, str]c std||d|}|d|d|d|d|d |d|dr1s5td d ud uo? d ud uoFd ug}td d |Dd krWtdt d d ddfdd d fdd d fdd }||d|dfS)a Creates a callable that fetches and caches an OAuth2 bearer token using credentials from `fetch_credentials()`. The callable: - Automatically loads credentials via fetch_credentials(profile, **overrides) - Fetches a new token only if expired or near expiry - Caches token thread-safely with a configurable refresh buffer Args: profile: Optional AICore profile name timeout: HTTP request timeout in seconds (default 30s) expiry_buffer_minutes: Refresh the token this many minutes before expiry overrides: Any explicit credential overrides (client_id, client_secret, etc.) Returns: Callable[[], str]: function returning a valid "Bearer " string. )r|rerFrDrErXrbrVrWz@fetch_credentials did not return valid 'auth_url' or 'client_id'Ncss|]}t|VqdSr)bool).0mrrr sz$get_token_creator..zuInvalid credentials: provide exactly one of client_secret, (cert_str & key_str), or (cert_file_path & key_file_path).rtuple[str, datetime]c sdd}r |d<t}|j|d}z'||}|d}t|dd}ttj t |d}d ||fWSt yX}zt |d t |} td | |d}~ww) NZclient_credentials)Z grant_typerDrE)data access_token expires_ini)secondszBearer textzToken request failed: )rpostraise_for_statusr/rr.r nowr utcr Exceptiongetattrr RuntimeError) cert_pairrclientresppayloadrrZ expiry_dateemsg)rFrDrErr_request_tokens" z)get_token_creator.._request_tokenc srSrrrrdd}dd}tQ}tj|d}tj|d}t|d }||Wdn1s=wYt|d }||Wdn1sWwY||fdWdS1smwYfdS)Nr[r\zcert.pemzkey.pemw)r)r^tempfileTemporaryDirectoryrr!r'rkwrite)Zcert_str_fixedZ key_str_fixedtmpZ cert_pathZkey_pathro)rrVrXrErWrbrr _fetch_token&s"          z'get_token_creator.._fetch_tokenrcsd&ttj}dusdus|tdkr\WdS1s+wYdS)N)minutes)r rr rr )r)rrlocktoken token_expiryrr get_token9s  $z$get_token_creator..get_tokenrSrTrr)rrrr)rr. ValueErrorsumr)r|rerrZ overridesrymodesrr) rrrFrVrXrDrErrWrbrrrrget_token_creators6        rr)rr r!r"rr)r+rrr,)rr )r6rrr,r)rer=rr )r;rrr) rsr:rtr rurvrwr rxr,rr=)NN)r|r=rer=rrv) r|r=rer=rrrrrr)3 __future__rtypingrrrrrrr r r r r threadingrpathlibr dataclassesrr/rrZlitellmrZ&litellm.llms.custom_httpx.http_handlerrrPrirrhr4r~r}r!r' expanduserrrr*r3r5r8r:rdrCrprrr{rrrrrrs~(            # '  #"