OpenSource
/
dify
Watch 4
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 152 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7175 Commits
4 Branches
Tree: 08dd3f7b50
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '08dd3f7b50'
${ noResults }
dify/api/services/tools/builtin_tools_manage_servic...

builtin_tools_manage_service.py 31KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756 
  1. import json

  2. import logging

  3. import re

  4. from collections.abc import Mapping

  5. from pathlib import Path

  6. from typing import Any, Optional

  7. 

  8. from sqlalchemy import exists, select

  9. from sqlalchemy.orm import Session

  10. 

  11. from configs import dify_config

  12. from constants import HIDDEN_VALUE, UNKNOWN_VALUE

  13. from core.helper.position_helper import is_filtered

  14. from core.helper.provider_cache import NoOpProviderCredentialCache, ToolProviderCredentialsCache

  15. from core.plugin.entities.plugin import ToolProviderID

  16. from core.tools.builtin_tool.provider import BuiltinToolProviderController

  17. from core.tools.builtin_tool.providers._positions import BuiltinToolProviderSort

  18. from core.tools.entities.api_entities import (

  19.     ToolApiEntity,

  20.     ToolProviderApiEntity,

  21.     ToolProviderCredentialApiEntity,

  22.     ToolProviderCredentialInfoApiEntity,

  23. )

  24. from core.tools.entities.tool_entities import CredentialType

  25. from core.tools.errors import ToolProviderNotFoundError

  26. from core.tools.plugin_tool.provider import PluginToolProviderController

  27. from core.tools.tool_label_manager import ToolLabelManager

  28. from core.tools.tool_manager import ToolManager

  29. from core.tools.utils.encryption import create_provider_encrypter

  30. from core.tools.utils.system_oauth_encryption import decrypt_system_oauth_params

  31. from extensions.ext_database import db

  32. from extensions.ext_redis import redis_client

  33. from models.tools import BuiltinToolProvider, ToolOAuthSystemClient, ToolOAuthTenantClient

  34. from services.plugin.plugin_service import PluginService

  35. from services.tools.tools_transform_service import ToolTransformService

  36. 

  37. logger = logging.getLogger(__name__)

  38. 

  39. 

  40. class BuiltinToolManageService:

  41.     __MAX_BUILTIN_TOOL_PROVIDER_COUNT__ = 100

  42.     __DEFAULT_EXPIRES_AT__ = 2147483647

  43. 

  44.     @staticmethod

  45.     def delete_custom_oauth_client_params(tenant_id: str, provider: str):

  46.         """

  47.         delete custom oauth client params

  48.         """

  49.         tool_provider = ToolProviderID(provider)

  50.         with Session(db.engine) as session:

  51.             session.query(ToolOAuthTenantClient).filter_by(

  52.                 tenant_id=tenant_id,

  53.                 provider=tool_provider.provider_name,

  54.                 plugin_id=tool_provider.plugin_id,

  55.             ).delete()

  56.             session.commit()

  57.         return {"result": "success"}

  58. 

  59.     @staticmethod

  60.     def get_builtin_tool_provider_oauth_client_schema(tenant_id: str, provider_name: str):

  61.         """

  62.         get builtin tool provider oauth client schema

  63.         """

  64.         provider = ToolManager.get_builtin_provider(provider_name, tenant_id)

  65.         verified = not isinstance(provider, PluginToolProviderController) or PluginService.is_plugin_verified(

  66.             tenant_id, provider.plugin_unique_identifier

  67.         )

  68. 

  69.         is_oauth_custom_client_enabled = BuiltinToolManageService.is_oauth_custom_client_enabled(

  70.             tenant_id, provider_name

  71.         )

  72.         is_system_oauth_params_exists = verified and BuiltinToolManageService.is_oauth_system_client_exists(

  73.             provider_name

  74.         )

  75.         result = {

  76.             "schema": provider.get_oauth_client_schema(),

  77.             "is_oauth_custom_client_enabled": is_oauth_custom_client_enabled,

  78.             "is_system_oauth_params_exists": is_system_oauth_params_exists,

  79.             "client_params": BuiltinToolManageService.get_custom_oauth_client_params(tenant_id, provider_name),

  80.             "redirect_uri": f"{dify_config.CONSOLE_API_URL}/console/api/oauth/plugin/{provider_name}/tool/callback",

  81.         }

  82.         return result

  83. 

  84.     @staticmethod

  85.     def list_builtin_tool_provider_tools(tenant_id: str, provider: str) -> list[ToolApiEntity]:

  86.         """

  87.         list builtin tool provider tools

  88. 

  89.         :param tenant_id: the id of the tenant

  90.         :param provider: the name of the provider

  91. 

  92.         :return: the list of tools

  93.         """

  94.         provider_controller = ToolManager.get_builtin_provider(provider, tenant_id)

  95.         tools = provider_controller.get_tools()

  96. 

  97.         result: list[ToolApiEntity] = []

  98.         for tool in tools or []:

  99.             result.append(

  100.                 ToolTransformService.convert_tool_entity_to_api_entity(

  101.                     tool=tool,

  102.                     tenant_id=tenant_id,

  103.                     labels=ToolLabelManager.get_tool_labels(provider_controller),

  104.                 )

  105.             )

  106. 

  107.         return result

  108. 

  109.     @staticmethod

  110.     def get_builtin_tool_provider_info(tenant_id: str, provider: str):

  111.         """

  112.         get builtin tool provider info

  113.         """

  114.         provider_controller = ToolManager.get_builtin_provider(provider, tenant_id)

  115.         # check if user has added the provider

  116.         builtin_provider = BuiltinToolManageService.get_builtin_provider(provider, tenant_id)

  117.         if builtin_provider is None:

  118.             raise ValueError(f"you have not added provider {provider}")

  119. 

  120.         entity = ToolTransformService.builtin_provider_to_user_provider(

  121.             provider_controller=provider_controller,

  122.             db_provider=builtin_provider,

  123.             decrypt_credentials=True,

  124.         )

  125. 

  126.         entity.original_credentials = {}

  127.         return entity

  128. 

  129.     @staticmethod

  130.     def list_builtin_provider_credentials_schema(provider_name: str, credential_type: CredentialType, tenant_id: str):

  131.         """

  132.         list builtin provider credentials schema

  133. 

  134.         :param credential_type: credential type

  135.         :param provider_name: the name of the provider

  136.         :param tenant_id: the id of the tenant

  137.         :return: the list of tool providers

  138.         """

  139.         provider = ToolManager.get_builtin_provider(provider_name, tenant_id)

  140.         return provider.get_credentials_schema_by_type(credential_type)

  141. 

  142.     @staticmethod

  143.     def update_builtin_tool_provider(

  144.         user_id: str,

  145.         tenant_id: str,

  146.         provider: str,

  147.         credential_id: str,

  148.         credentials: dict | None = None,

  149.         name: str | None = None,

  150.     ):

  151.         """

  152.         update builtin tool provider

  153.         """

  154.         with Session(db.engine) as session:

  155.             # get if the provider exists

  156.             db_provider = (

  157.                 session.query(BuiltinToolProvider)

  158.                 .where(

  159.                     BuiltinToolProvider.tenant_id == tenant_id,

  160.                     BuiltinToolProvider.id == credential_id,

  161.                 )

  162.                 .first()

  163.             )

  164.             if db_provider is None:

  165.                 raise ValueError(f"you have not added provider {provider}")

  166. 

  167.             try:

  168.                 if CredentialType.of(db_provider.credential_type).is_editable() and credentials:

  169.                     provider_controller = ToolManager.get_builtin_provider(provider, tenant_id)

  170.                     if not provider_controller.need_credentials:

  171.                         raise ValueError(f"provider {provider} does not need credentials")

  172. 

  173.                     encrypter, cache = BuiltinToolManageService.create_tool_encrypter(

  174.                         tenant_id, db_provider, provider, provider_controller

  175.                     )

  176. 

  177.                     original_credentials = encrypter.decrypt(db_provider.credentials)

  178.                     new_credentials: dict = {

  179.                         key: value if value != HIDDEN_VALUE else original_credentials.get(key, UNKNOWN_VALUE)

  180.                         for key, value in credentials.items()

  181.                     }

  182. 

  183.                     if CredentialType.of(db_provider.credential_type).is_validate_allowed():

  184.                         provider_controller.validate_credentials(user_id, new_credentials)

  185. 

  186.                     # encrypt credentials

  187.                     db_provider.encrypted_credentials = json.dumps(encrypter.encrypt(new_credentials))

  188. 

  189.                     cache.delete()

  190. 

  191.                 # update name if provided

  192.                 if name and name != db_provider.name:

  193.                     # check if the name is already used

  194.                     if session.scalar(

  195.                         select(

  196.                             exists().where(

  197.                                 BuiltinToolProvider.tenant_id == tenant_id,

  198.                                 BuiltinToolProvider.provider == provider,

  199.                                 BuiltinToolProvider.name == name,

  200.                             )

  201.                         )

  202.                     ):

  203.                         raise ValueError(f"the credential name '{name}' is already used")

  204. 

  205.                     db_provider.name = name

  206. 

  207.                 session.commit()

  208.             except Exception as e:

  209.                 session.rollback()

  210.                 raise ValueError(str(e))

  211.         return {"result": "success"}

  212. 

  213.     @staticmethod

  214.     def add_builtin_tool_provider(

  215.         user_id: str,

  216.         api_type: CredentialType,

  217.         tenant_id: str,

  218.         provider: str,

  219.         credentials: dict,

  220.         expires_at: int = -1,

  221.         name: str | None = None,

  222.     ):

  223.         """

  224.         add builtin tool provider

  225.         """

  226.         with Session(db.engine) as session:

  227.             try:

  228.                 lock = f"builtin_tool_provider_create_lock:{tenant_id}_{provider}"

  229.                 with redis_client.lock(lock, timeout=20):

  230.                     provider_controller = ToolManager.get_builtin_provider(provider, tenant_id)

  231.                     if not provider_controller.need_credentials:

  232.                         raise ValueError(f"provider {provider} does not need credentials")

  233. 

  234.                     provider_count = (

  235.                         session.query(BuiltinToolProvider).filter_by(tenant_id=tenant_id, provider=provider).count()

  236.                     )

  237. 

  238.                     # check if the provider count is reached the limit

  239.                     if provider_count >= BuiltinToolManageService.__MAX_BUILTIN_TOOL_PROVIDER_COUNT__:

  240.                         raise ValueError(f"you have reached the maximum number of providers for {provider}")

  241. 

  242.                     # validate credentials if allowed

  243.                     if CredentialType.of(api_type).is_validate_allowed():

  244.                         provider_controller.validate_credentials(user_id, credentials)

  245. 

  246.                     # generate name if not provided

  247.                     if name is None or name == "":

  248.                         name = BuiltinToolManageService.generate_builtin_tool_provider_name(

  249.                             session=session, tenant_id=tenant_id, provider=provider, credential_type=api_type

  250.                         )

  251.                     else:

  252.                         # check if the name is already used

  253.                         if session.scalar(

  254.                             select(

  255.                                 exists().where(

  256.                                     BuiltinToolProvider.tenant_id == tenant_id,

  257.                                     BuiltinToolProvider.provider == provider,

  258.                                     BuiltinToolProvider.name == name,

  259.                                 )

  260.                             )

  261.                         ):

  262.                             raise ValueError(f"the credential name '{name}' is already used")

  263. 

  264.                     # create encrypter

  265.                     encrypter, _ = create_provider_encrypter(

  266.                         tenant_id=tenant_id,

  267.                         config=[

  268.                             x.to_basic_provider_config()

  269.                             for x in provider_controller.get_credentials_schema_by_type(api_type)

  270.                         ],

  271.                         cache=NoOpProviderCredentialCache(),

  272.                     )

  273. 

  274.                     db_provider = BuiltinToolProvider(

  275.                         tenant_id=tenant_id,

  276.                         user_id=user_id,

  277.                         provider=provider,

  278.                         encrypted_credentials=json.dumps(encrypter.encrypt(credentials)),

  279.                         credential_type=api_type.value,

  280.                         name=name,

  281.                         expires_at=expires_at

  282.                         if expires_at is not None

  283.                         else BuiltinToolManageService.__DEFAULT_EXPIRES_AT__,

  284.                     )

  285. 

  286.                     session.add(db_provider)

  287.                     session.commit()

  288.             except Exception as e:

  289.                 session.rollback()

  290.                 raise ValueError(str(e))

  291.         return {"result": "success"}

  292. 

  293.     @staticmethod

  294.     def create_tool_encrypter(

  295.         tenant_id: str,

  296.         db_provider: BuiltinToolProvider,

  297.         provider: str,

  298.         provider_controller: BuiltinToolProviderController,

  299.     ):

  300.         encrypter, cache = create_provider_encrypter(

  301.             tenant_id=tenant_id,

  302.             config=[

  303.                 x.to_basic_provider_config()

  304.                 for x in provider_controller.get_credentials_schema_by_type(db_provider.credential_type)

  305.             ],

  306.             cache=ToolProviderCredentialsCache(tenant_id=tenant_id, provider=provider, credential_id=db_provider.id),

  307.         )

  308.         return encrypter, cache

  309. 

  310.     @staticmethod

  311.     def generate_builtin_tool_provider_name(

  312.         session: Session, tenant_id: str, provider: str, credential_type: CredentialType

  313.     ) -> str:

  314.         try:

  315.             db_providers = (

  316.                 session.query(BuiltinToolProvider)

  317.                 .filter_by(

  318.                     tenant_id=tenant_id,

  319.                     provider=provider,

  320.                     credential_type=credential_type.value,

  321.                 )

  322.                 .order_by(BuiltinToolProvider.created_at.desc())

  323.                 .all()

  324.             )

  325. 

  326.             # Get the default name pattern

  327.             default_pattern = f"{credential_type.get_name()}"

  328. 

  329.             # Find all names that match the default pattern: "{default_pattern} {number}"

  330.             pattern = rf"^{re.escape(default_pattern)}\s+(\d+)$"

  331.             numbers = []

  332. 

  333.             for db_provider in db_providers:

  334.                 if db_provider.name:

  335.                     match = re.match(pattern, db_provider.name.strip())

  336.                     if match:

  337.                         numbers.append(int(match.group(1)))

  338. 

  339.             # If no default pattern names found, start with 1

  340.             if not numbers:

  341.                 return f"{default_pattern} 1"

  342. 

  343.             # Find the next number

  344.             max_number = max(numbers)

  345.             return f"{default_pattern} {max_number + 1}"

  346.         except Exception as e:

  347.             logger.warning("Error generating next provider name for %s: %s", provider, str(e))

  348.             # fallback

  349.             return f"{credential_type.get_name()} 1"

  350. 

  351.     @staticmethod

  352.     def get_builtin_tool_provider_credentials(

  353.         tenant_id: str, provider_name: str

  354.     ) -> list[ToolProviderCredentialApiEntity]:

  355.         """

  356.         get builtin tool provider credentials

  357.         """

  358.         with db.session.no_autoflush:

  359.             providers = (

  360.                 db.session.query(BuiltinToolProvider)

  361.                 .filter_by(tenant_id=tenant_id, provider=provider_name)

  362.                 .order_by(BuiltinToolProvider.is_default.desc(), BuiltinToolProvider.created_at.asc())

  363.                 .all()

  364.             )

  365. 

  366.             if len(providers) == 0:

  367.                 return []

  368. 

  369.             default_provider = providers[0]

  370.             default_provider.is_default = True

  371.             provider_controller = ToolManager.get_builtin_provider(default_provider.provider, tenant_id)

  372. 

  373.             credentials: list[ToolProviderCredentialApiEntity] = []

  374.             encrypters = {}

  375.             for provider in providers:

  376.                 credential_type = provider.credential_type

  377.                 if credential_type not in encrypters:

  378.                     encrypters[credential_type] = BuiltinToolManageService.create_tool_encrypter(

  379.                         tenant_id, provider, provider.provider, provider_controller

  380.                     )[0]

  381.                 encrypter = encrypters[credential_type]

  382.                 decrypt_credential = encrypter.mask_tool_credentials(encrypter.decrypt(provider.credentials))

  383.                 credential_entity = ToolTransformService.convert_builtin_provider_to_credential_entity(

  384.                     provider=provider,

  385.                     credentials=decrypt_credential,

  386.                 )

  387.                 credentials.append(credential_entity)

  388.             return credentials

  389. 

  390.     @staticmethod

  391.     def get_builtin_tool_provider_credential_info(tenant_id: str, provider: str) -> ToolProviderCredentialInfoApiEntity:

  392.         """

  393.         get builtin tool provider credential info

  394.         """

  395.         provider_controller = ToolManager.get_builtin_provider(provider, tenant_id)

  396.         supported_credential_types = provider_controller.get_supported_credential_types()

  397.         credentials = BuiltinToolManageService.get_builtin_tool_provider_credentials(tenant_id, provider)

  398.         credential_info = ToolProviderCredentialInfoApiEntity(

  399.             supported_credential_types=supported_credential_types,

  400.             is_oauth_custom_client_enabled=BuiltinToolManageService.is_oauth_custom_client_enabled(tenant_id, provider),

  401.             credentials=credentials,

  402.         )

  403. 

  404.         return credential_info

  405. 

  406.     @staticmethod

  407.     def delete_builtin_tool_provider(tenant_id: str, provider: str, credential_id: str):

  408.         """

  409.         delete tool provider

  410.         """

  411.         with Session(db.engine) as session:

  412.             db_provider = (

  413.                 session.query(BuiltinToolProvider)

  414.                 .where(

  415.                     BuiltinToolProvider.tenant_id == tenant_id,

  416.                     BuiltinToolProvider.id == credential_id,

  417.                 )

  418.                 .first()

  419.             )

  420. 

  421.             if db_provider is None:

  422.                 raise ValueError(f"you have not added provider {provider}")

  423. 

  424.             session.delete(db_provider)

  425.             session.commit()

  426. 

  427.             # delete cache

  428.             provider_controller = ToolManager.get_builtin_provider(provider, tenant_id)

  429.             _, cache = BuiltinToolManageService.create_tool_encrypter(

  430.                 tenant_id, db_provider, provider, provider_controller

  431.             )

  432.             cache.delete()

  433. 

  434.         return {"result": "success"}

  435. 

  436.     @staticmethod

  437.     def set_default_provider(tenant_id: str, user_id: str, provider: str, id: str):

  438.         """

  439.         set default provider

  440.         """

  441.         with Session(db.engine) as session:

  442.             # get provider

  443.             target_provider = session.query(BuiltinToolProvider).filter_by(id=id).first()

  444.             if target_provider is None:

  445.                 raise ValueError("provider not found")

  446. 

  447.             # clear default provider

  448.             session.query(BuiltinToolProvider).filter_by(

  449.                 tenant_id=tenant_id, user_id=user_id, provider=provider, is_default=True

  450.             ).update({"is_default": False})

  451. 

  452.             # set new default provider

  453.             target_provider.is_default = True

  454.             session.commit()

  455.         return {"result": "success"}

  456. 

  457.     @staticmethod

  458.     def is_oauth_system_client_exists(provider_name: str) -> bool:

  459.         """

  460.         check if oauth system client exists

  461.         """

  462.         tool_provider = ToolProviderID(provider_name)

  463.         with Session(db.engine, autoflush=False) as session:

  464.             system_client: ToolOAuthSystemClient | None = (

  465.                 session.query(ToolOAuthSystemClient)

  466.                 .filter_by(plugin_id=tool_provider.plugin_id, provider=tool_provider.provider_name)

  467.                 .first()

  468.             )

  469.             return system_client is not None

  470. 

  471.     @staticmethod

  472.     def is_oauth_custom_client_enabled(tenant_id: str, provider: str) -> bool:

  473.         """

  474.         check if oauth custom client is enabled

  475.         """

  476.         tool_provider = ToolProviderID(provider)

  477.         with Session(db.engine, autoflush=False) as session:

  478.             user_client: ToolOAuthTenantClient | None = (

  479.                 session.query(ToolOAuthTenantClient)

  480.                 .filter_by(

  481.                     tenant_id=tenant_id,

  482.                     provider=tool_provider.provider_name,

  483.                     plugin_id=tool_provider.plugin_id,

  484.                     enabled=True,

  485.                 )

  486.                 .first()

  487.             )

  488.             return user_client is not None and user_client.enabled

  489. 

  490.     @staticmethod

  491.     def get_oauth_client(tenant_id: str, provider: str) -> Mapping[str, Any] | None:

  492.         """

  493.         get builtin tool provider

  494.         """

  495.         tool_provider = ToolProviderID(provider)

  496.         provider_controller = ToolManager.get_builtin_provider(provider, tenant_id)

  497.         encrypter, _ = create_provider_encrypter(

  498.             tenant_id=tenant_id,

  499.             config=[x.to_basic_provider_config() for x in provider_controller.get_oauth_client_schema()],

  500.             cache=NoOpProviderCredentialCache(),

  501.         )

  502.         with Session(db.engine, autoflush=False) as session:

  503.             user_client: ToolOAuthTenantClient | None = (

  504.                 session.query(ToolOAuthTenantClient)

  505.                 .filter_by(

  506.                     tenant_id=tenant_id,

  507.                     provider=tool_provider.provider_name,

  508.                     plugin_id=tool_provider.plugin_id,

  509.                     enabled=True,

  510.                 )

  511.                 .first()

  512.             )

  513.             oauth_params: Mapping[str, Any] | None = None

  514.             if user_client:

  515.                 oauth_params = encrypter.decrypt(user_client.oauth_params)

  516.                 return oauth_params

  517. 

  518.             # only verified provider can use official oauth client

  519.             is_verified = not isinstance(

  520.                 provider_controller, PluginToolProviderController

  521.             ) or PluginService.is_plugin_verified(tenant_id, provider_controller.plugin_unique_identifier)

  522.             if not is_verified:

  523.                 return oauth_params

  524. 

  525.             system_client: ToolOAuthSystemClient | None = (

  526.                 session.query(ToolOAuthSystemClient)

  527.                 .filter_by(plugin_id=tool_provider.plugin_id, provider=tool_provider.provider_name)

  528.                 .first()

  529.             )

  530.             if system_client:

  531.                 try:

  532.                     oauth_params = decrypt_system_oauth_params(system_client.encrypted_oauth_params)

  533.                 except Exception as e:

  534.                     raise ValueError(f"Error decrypting system oauth params: {e}")

  535. 

  536.             return oauth_params

  537. 

  538.     @staticmethod

  539.     def get_builtin_tool_provider_icon(provider: str):

  540.         """

  541.         get tool provider icon and it's mimetype

  542.         """

  543.         icon_path, mime_type = ToolManager.get_hardcoded_provider_icon(provider)

  544.         icon_bytes = Path(icon_path).read_bytes()

  545. 

  546.         return icon_bytes, mime_type

  547. 

  548.     @staticmethod

  549.     def list_builtin_tools(user_id: str, tenant_id: str) -> list[ToolProviderApiEntity]:

  550.         """

  551.         list builtin tools

  552.         """

  553.         # get all builtin providers

  554.         provider_controllers = ToolManager.list_builtin_providers(tenant_id)

  555. 

  556.         # get all user added providers

  557.         db_providers: list[BuiltinToolProvider] = ToolManager.list_default_builtin_providers(tenant_id)

  558. 

  559.         # rewrite db_providers

  560.         for db_provider in db_providers:

  561.             db_provider.provider = str(ToolProviderID(db_provider.provider))

  562. 

  563.         # find provider

  564.         def find_provider(provider):

  565.             return next(filter(lambda db_provider: db_provider.provider == provider, db_providers), None)

  566. 

  567.         result: list[ToolProviderApiEntity] = []

  568. 

  569.         for provider_controller in provider_controllers:

  570.             try:

  571.                 # handle include, exclude

  572.                 if is_filtered(

  573.                     include_set=dify_config.POSITION_TOOL_INCLUDES_SET,  # type: ignore

  574.                     exclude_set=dify_config.POSITION_TOOL_EXCLUDES_SET,  # type: ignore

  575.                     data=provider_controller,

  576.                     name_func=lambda x: x.entity.identity.name,

  577.                 ):

  578.                     continue

  579. 

  580.                 # convert provider controller to user provider

  581.                 user_builtin_provider = ToolTransformService.builtin_provider_to_user_provider(

  582.                     provider_controller=provider_controller,

  583.                     db_provider=find_provider(provider_controller.entity.identity.name),

  584.                     decrypt_credentials=True,

  585.                 )

  586. 

  587.                 # add icon

  588.                 ToolTransformService.repack_provider(tenant_id=tenant_id, provider=user_builtin_provider)

  589. 

  590.                 tools = provider_controller.get_tools()

  591.                 for tool in tools or []:

  592.                     user_builtin_provider.tools.append(

  593.                         ToolTransformService.convert_tool_entity_to_api_entity(

  594.                             tenant_id=tenant_id,

  595.                             tool=tool,

  596.                             labels=ToolLabelManager.get_tool_labels(provider_controller),

  597.                         )

  598.                     )

  599. 

  600.                 result.append(user_builtin_provider)

  601.             except Exception as e:

  602.                 raise e

  603. 

  604.         return BuiltinToolProviderSort.sort(result)

  605. 

  606.     @staticmethod

  607.     def get_builtin_provider(provider_name: str, tenant_id: str) -> Optional[BuiltinToolProvider]:

  608.         """

  609.         This method is used to fetch the builtin provider from the database

  610.         1.if the default provider exists, return the default provider

  611.         2.if the default provider does not exist, return the oldest provider

  612.         """

  613.         with Session(db.engine, autoflush=False) as session:

  614.             try:

  615.                 full_provider_name = provider_name

  616.                 provider_id_entity = ToolProviderID(provider_name)

  617.                 provider_name = provider_id_entity.provider_name

  618. 

  619.                 if provider_id_entity.organization != "langgenius":

  620.                     provider = (

  621.                         session.query(BuiltinToolProvider)

  622.                         .where(

  623.                             BuiltinToolProvider.tenant_id == tenant_id,

  624.                             BuiltinToolProvider.provider == full_provider_name,

  625.                         )

  626.                         .order_by(

  627.                             BuiltinToolProvider.is_default.desc(),  # default=True first

  628.                             BuiltinToolProvider.created_at.asc(),  # oldest first

  629.                         )

  630.                         .first()

  631.                     )

  632.                 else:

  633.                     provider = (

  634.                         session.query(BuiltinToolProvider)

  635.                         .where(

  636.                             BuiltinToolProvider.tenant_id == tenant_id,

  637.                             (BuiltinToolProvider.provider == provider_name)

  638.                             | (BuiltinToolProvider.provider == full_provider_name),

  639.                         )

  640.                         .order_by(

  641.                             BuiltinToolProvider.is_default.desc(),  # default=True first

  642.                             BuiltinToolProvider.created_at.asc(),  # oldest first

  643.                         )

  644.                         .first()

  645.                     )

  646. 

  647.                 if provider is None:

  648.                     return None

  649. 

  650.                 provider.provider = ToolProviderID(provider.provider).to_string()

  651.                 return provider

  652.             except Exception:

  653.                 # it's an old provider without organization

  654.                 return (

  655.                     session.query(BuiltinToolProvider)

  656.                     .where(BuiltinToolProvider.tenant_id == tenant_id, BuiltinToolProvider.provider == provider_name)

  657.                     .order_by(

  658.                         BuiltinToolProvider.is_default.desc(),  # default=True first

  659.                         BuiltinToolProvider.created_at.asc(),  # oldest first

  660.                     )

  661.                     .first()

  662.                 )

  663. 

  664.     @staticmethod

  665.     def save_custom_oauth_client_params(

  666.         tenant_id: str,

  667.         provider: str,

  668.         client_params: Optional[dict] = None,

  669.         enable_oauth_custom_client: Optional[bool] = None,

  670.     ):

  671.         """

  672.         setup oauth custom client

  673.         """

  674.         if client_params is None and enable_oauth_custom_client is None:

  675.             return {"result": "success"}

  676. 

  677.         tool_provider = ToolProviderID(provider)

  678.         provider_controller = ToolManager.get_builtin_provider(provider, tenant_id)

  679.         if not provider_controller:

  680.             raise ToolProviderNotFoundError(f"Provider {provider} not found")

  681. 

  682.         if not isinstance(provider_controller, (BuiltinToolProviderController, PluginToolProviderController)):

  683.             raise ValueError(f"Provider {provider} is not a builtin or plugin provider")

  684. 

  685.         with Session(db.engine) as session:

  686.             custom_client_params = (

  687.                 session.query(ToolOAuthTenantClient)

  688.                 .filter_by(

  689.                     tenant_id=tenant_id,

  690.                     plugin_id=tool_provider.plugin_id,

  691.                     provider=tool_provider.provider_name,

  692.                 )

  693.                 .first()

  694.             )

  695. 

  696.             # if the record does not exist, create a basic record

  697.             if custom_client_params is None:

  698.                 custom_client_params = ToolOAuthTenantClient(

  699.                     tenant_id=tenant_id,

  700.                     plugin_id=tool_provider.plugin_id,

  701.                     provider=tool_provider.provider_name,

  702.                 )

  703.                 session.add(custom_client_params)

  704. 

  705.             if client_params is not None:

  706.                 encrypter, _ = create_provider_encrypter(

  707.                     tenant_id=tenant_id,

  708.                     config=[x.to_basic_provider_config() for x in provider_controller.get_oauth_client_schema()],

  709.                     cache=NoOpProviderCredentialCache(),

  710.                 )

  711.                 original_params = encrypter.decrypt(custom_client_params.oauth_params)

  712.                 new_params: dict = {

  713.                     key: value if value != HIDDEN_VALUE else original_params.get(key, UNKNOWN_VALUE)

  714.                     for key, value in client_params.items()

  715.                 }

  716.                 custom_client_params.encrypted_oauth_params = json.dumps(encrypter.encrypt(new_params))

  717. 

  718.             if enable_oauth_custom_client is not None:

  719.                 custom_client_params.enabled = enable_oauth_custom_client

  720. 

  721.             session.commit()

  722.         return {"result": "success"}

  723. 

  724.     @staticmethod

  725.     def get_custom_oauth_client_params(tenant_id: str, provider: str):

  726.         """

  727.         get custom oauth client params

  728.         """

  729.         with Session(db.engine) as session:

  730.             tool_provider = ToolProviderID(provider)

  731.             custom_oauth_client_params: ToolOAuthTenantClient | None = (

  732.                 session.query(ToolOAuthTenantClient)

  733.                 .filter_by(

  734.                     tenant_id=tenant_id,

  735.                     plugin_id=tool_provider.plugin_id,

  736.                     provider=tool_provider.provider_name,

  737.                 )

  738.                 .first()

  739.             )

  740.             if custom_oauth_client_params is None:

  741.                 return {}

  742. 

  743.             provider_controller = ToolManager.get_builtin_provider(provider, tenant_id)

  744.             if not provider_controller:

  745.                 raise ToolProviderNotFoundError(f"Provider {provider} not found")

  746. 

  747.             if not isinstance(provider_controller, BuiltinToolProviderController):

  748.                 raise ValueError(f"Provider {provider} is not a builtin or plugin provider")

  749. 

  750.             encrypter, _ = create_provider_encrypter(

  751.                 tenant_id=tenant_id,

  752.                 config=[x.to_basic_provider_config() for x in provider_controller.get_oauth_client_schema()],

  753.                 cache=NoOpProviderCredentialCache(),

  754.             )

  755. 

  756.             return encrypter.mask_tool_credentials(encrypter.decrypt(custom_oauth_client_params.oauth_params))