feat: allow injection of custom auth for local tools

[angrybayblade]

🔍 Review Summary

Release Note

Purpose:

• Enhance security and robustness of the Composio framework.

Changes:

• Enhancement:

  • Introduced an optional GitHub access token in the git_clone function for flexible authentication.

• Bug Fix:

  • Added validation to prevent invalid parameter placements in metadata for remote actions.

• New Feature:

  • Enabled custom authentication parameters injection into metadata with error handling.

Impact:

• Improves user experience by offering flexible authentication and ensuring error-free local actions, strengthening system security and reliability.

Original Description

---

[!IMPORTANT]
Enhance Composio framework with flexible custom authentication handling and validation improvements.

• Behavior:
  • Extend ParamPlacement in collections.py to include metadata.
  • Update _serialize_auth() in collections.py to raise an error if metadata is used for remote actions.
  • Modify git_clone_cmd() in git_clone.py to accept github_access_token as an argument.
  • Update execute() in git_clone.py to pass github_access_token from metadata.
  • Enhance _execute_local() in toolset.py to inject custom auth parameters into metadata if in_ is metadata.
• Misc:
  • Add error handling for invalid custom auth in _execute_local() in toolset.py.
  • Add tests for custom auth handling in test_toolset.py.

^{This description was created by for 5dc452a. It will automatically update as commits are pushed.}

---

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
composio	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Dec 31, 2024 8:51am

[ellipsis-dev]

👍 Looks good to me! Reviewed everything up to 5027da1 in 27 seconds

More details

• Looked at 90 lines of code in 3 files
• Skipped 0 files when reviewing.
• Skipped posting 3 drafted comments based on config settings.

1. python/composio/client/collections.py:1040

• Draft comment:
  Ensure that the addition of 'metadata' to ParamPlacement is handled consistently across the codebase. The _serialize_auth function raises an error for 'metadata' in remote execution, but this should be documented or handled in other parts of the code where ParamPlacement is used.
• Reason this comment was not posted:
  Comment did not seem useful.

2. python/composio/tools/local/filetool/actions/git_clone.py:26

• Draft comment:
  Ensure that the usage of the optional github_access_token parameter is documented, and update any relevant documentation or usage examples to reflect this change.
• Reason this comment was not posted:
  Confidence changes required: 50%
  The git_clone_cmd function now accepts an optional github_access_token parameter, which defaults to an environment variable if not provided. This is a good practice for flexibility, but ensure that the environment variable is documented and that the function's usage is updated accordingly.

3. python/composio/tools/toolset.py:482

• Draft comment:
  Document or validate the usage of custom authentication parameters with 'metadata' placement in the _execute_local method to ensure users understand how to use this feature.
• Reason this comment was not posted:
  Confidence changes required: 50%
  The _execute_local method in ComposioToolSet class now processes custom authentication parameters, specifically those with 'metadata' placement. This is a crucial change for custom auth handling, and it should be documented or validated to ensure users understand how to use it.

Workflow ID: wflow_Pd2LSzpoi8OJfsEn

---

You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.

[entelligence-ai-pr-reviews]

Walkthrough

This update enhances the Composio framework by introducing custom authentication parameters for local tools. The git_clone function now supports an optional GitHub access token, offering more flexible authentication. Additionally, it includes error handling for invalid parameter placements in metadata, ensuring robust execution of local actions.

Changes

File(s)	Summary
python/composio/client/collections.py	Added validation to prevent 'metadata' as a parameter placement for remote actions.
python/composio/tools/local/filetool/actions/git_clone.py	Enhanced git_clone_cmd to accept an optional GitHub access token for improved authentication.
python/composio/tools/toolset.py	Implemented logic for injecting custom authentication parameters into metadata with error handling.

🔗 Related PRs

• feat: Support requesting connected_account in custom action #1090: The update adds support for a connected_account parameter in custom actions within the Composio framework, allowing access to a user's Gmail token through modifications in execute() and runtime.py.
• fix: bring eslint + TS issues to zero #1013: The pull request aims to enhance code quality and type safety by enforcing stricter ESLint rules, refactoring code, and improving error handling, leading to a more maintainable and robust codebase.
• fix: model serialization should be to dict, not json #1033: The update improves the serialization process in toolset.py by switching from JSON to dictionary format, enhancing data manipulation and reliability, along with adding a new test for parameter serialization.
• feat: decrease bundle size, eslint and ts issues to zero  #1032: The update optimizes the Composio JS SDK by automating version bumps, reducing bundle size through Rollup configuration changes, and enhancing documentation for future tasks.

Entelligence.ai can learn from your feedback. Simply add 👍 / 👎 emojis to teach it your preferences. More shortcuts below

Emoji Descriptions:

• ⚠️ Potential Issue - May require further investigation.
• 🔒 Security Vulnerability - Fix to ensure system safety.
• 💻 Code Improvement - Suggestions to enhance code quality.
• 🔨 Refactor Suggestion - Recommendations for restructuring code.
• ℹ️ Others - General comments and information.

Interact with the Bot:

• Send a message or request using the format:
  @bot + *your message*

Example: @bot Can you suggest improvements for this code?

• Help the Bot learn by providing feedback on its responses.
  @bot + *feedback*

Example: @bot Do not comment on `save_auth` function !

[ellipsis-dev]

👍 Looks good to me! Incremental review on 5dc452a in 13 seconds

More details

• Looked at 74 lines of code in 1 files
• Skipped 0 files when reviewing.
• Skipped posting 2 drafted comments based on config settings.

1. python/tests/test_tools/test_toolset.py:335

• Draft comment:
  Consider adding a return type annotation to the function test_custom_auth_on_localtool for better readability and static analysis.
• Reason this comment was not posted:
  Confidence changes required: 20%
  The test function test_custom_auth_on_localtool is missing a return type annotation. Adding type annotations improves code readability and helps with static analysis.

2. python/tests/test_tools/test_toolset.py:365

• Draft comment:
  Consider adding a return type annotation to the function test_bad_custom_auth_on_localtool for better readability and static analysis.
• Reason this comment was not posted:
  Confidence changes required: 20%
  The test function test_bad_custom_auth_on_localtool is missing a return type annotation. Adding type annotations improves code readability and helps with static analysis.

Workflow ID: wflow_iDuwGTk188qf5BAy

---

You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.