update

Author: phrocker

.local.env

@@ -1,8 +1,8 @@
-SENTRIUS_VERSION=1.1.178
-SENTRIUS_SSH_VERSION=1.1.33
-SENTRIUS_KEYCLOAK_VERSION=1.1.46
-SENTRIUS_AGENT_VERSION=1.1.33
-SENTRIUS_AI_AGENT_VERSION=1.1.60
-LLMPROXY_VERSION=1.0.43
-LAUNCHER_VERSION=1.0.50
-AGENTPROXY_VERSION=1.0.63
+SENTRIUS_VERSION=1.1.188
+SENTRIUS_SSH_VERSION=1.1.35
+SENTRIUS_KEYCLOAK_VERSION=1.1.47
+SENTRIUS_AGENT_VERSION=1.1.34
+SENTRIUS_AI_AGENT_VERSION=1.1.63
+LLMPROXY_VERSION=1.0.46
+LAUNCHER_VERSION=1.0.51
+AGENTPROXY_VERSION=1.0.66

.local.env.bak

@@ -1,8 +1,8 @@
-SENTRIUS_VERSION=1.1.178
-SENTRIUS_SSH_VERSION=1.1.33
-SENTRIUS_KEYCLOAK_VERSION=1.1.46
-SENTRIUS_AGENT_VERSION=1.1.33
-SENTRIUS_AI_AGENT_VERSION=1.1.60
-LLMPROXY_VERSION=1.0.43
-LAUNCHER_VERSION=1.0.50
-AGENTPROXY_VERSION=1.0.63
+SENTRIUS_VERSION=1.1.188
+SENTRIUS_SSH_VERSION=1.1.35
+SENTRIUS_KEYCLOAK_VERSION=1.1.47
+SENTRIUS_AGENT_VERSION=1.1.34
+SENTRIUS_AI_AGENT_VERSION=1.1.63
+LLMPROXY_VERSION=1.0.46
+LAUNCHER_VERSION=1.0.51
+AGENTPROXY_VERSION=1.0.66

ai-agent/src/main/java/io/sentrius/agent/analysis/agents/agents/AgentVerb.java

@@ -1,6 +1,8 @@
 package io.sentrius.agent.analysis.agents.agents;
 
 import java.lang.reflect.Method;
+import java.util.List;
+import io.sentrius.sso.core.dto.capabilities.ParameterDescriptor;
 import io.sentrius.sso.core.model.verbs.DefaultInterpreter;
 import io.sentrius.sso.core.model.verbs.InputInterpreterIfc;
 import io.sentrius.sso.core.model.verbs.OutputInterpreterIfc;
@@ -13,6 +15,8 @@ public class AgentVerb {
     private String name;
     private String description;
     private Method method;
+    private List<ParameterDescriptor> paramDescriptions;
+    private boolean isAiCallable = true;
     @Builder.Default
     private boolean requiresTokenManagement = false;
     @Builder.Default

ai-agent/src/main/java/io/sentrius/agent/analysis/agents/agents/ChatAgent.java

@@ -79,6 +79,7 @@ public void onApplicationEvent(final ApplicationReadyEvent event) {
 
         verbRegistry.scanClasspath();
 
+
         var keyPair = agentKeyService.getKeyPair();
 
         try {

ai-agent/src/main/java/io/sentrius/agent/analysis/agents/agents/RegisteredAgent.java

@@ -2,9 +2,12 @@
 
 import java.util.HashMap;
 import java.util.Map;
+import java.util.UUID;
 import java.util.concurrent.TimeUnit;
 import com.fasterxml.jackson.databind.node.ArrayNode;
 import io.sentrius.agent.analysis.agents.verbs.AgentVerbs;
+import io.sentrius.agent.analysis.api.AgentKeyService;
+import io.sentrius.agent.config.AgentConfigOptions;
 import io.sentrius.sso.core.dto.ztat.AgentExecution;
 import io.sentrius.sso.core.dto.ztat.ZtatRequestDTO;
 import io.sentrius.sso.core.exceptions.ZtatException;
@@ -14,6 +17,7 @@
 import io.sentrius.sso.core.services.agents.AgentExecutionService;
 import io.sentrius.sso.core.services.agents.ZeroTrustClientService;
 import io.sentrius.sso.core.dto.UserDTO;
+import io.sentrius.sso.core.services.security.KeycloakService;
 import io.sentrius.sso.core.utils.JsonUtil;
 import jakarta.annotation.PreDestroy;
 import lombok.RequiredArgsConstructor;
@@ -35,6 +39,9 @@ public class RegisteredAgent implements ApplicationListener<ApplicationReadyEven
     final VerbRegistry verbRegistry;
     final AgentVerbs agentVerbs;
     final AgentExecutionService agentExecutionService;
+    final AgentConfigOptions agentConfigOptions;
+    final AgentKeyService agentKeyService;
+    private final KeycloakService keycloakService;
 
     private volatile boolean running = true;
     private Thread workerThread;
@@ -74,6 +81,8 @@ public void onApplicationEvent(final ApplicationReadyEvent event) {
             .username(zeroTrustClientService.getUsername())
             .build();
         var execution = agentExecutionService.getAgentExecution(user);
+        
+        var keyPair = agentKeyService.getKeyPair();
         try {
             agentClientService.heartbeat(execution, execution.getUser().getUsername());
         } catch (ZtatException e) {
@@ -93,6 +102,32 @@ public void onApplicationEvent(final ApplicationReadyEvent event) {
 
                 log.error(e.getMessage());
                 log.info("Registering v1.0.2 agent failed. Retrying in 10 seconds...");
+
+                try {
+                    var agentName = agentConfigOptions.getNamePrefix() + "-" + UUID.randomUUID().toString();
+                    var base64PublicKey = agentKeyService.getBase64PublicKey(keyPair.getPublic());
+                    var agentRegistrationDTO = agentClientService.bootstrap(
+                        agentName, base64PublicKey
+                        , keyPair.getPublic().getAlgorithm()
+                    );
+
+                    var encryptedSecret = agentRegistrationDTO.getClientSecret();
+                    var decryptedSecret = agentKeyService.
+                        decryptWithPrivateKey(encryptedSecret, keyPair.getPrivate());
+                    keycloakService.createKeycloakClient(
+                        agentName,
+                        decryptedSecret
+                    );
+
+                    final UserDTO newUserDTO = UserDTO.builder()
+                        .username(zeroTrustClientService.getUsername())
+                        .build();
+                    execution = agentExecutionService.getAgentExecution(newUserDTO);
+                } catch (Exception e1) {
+                    log.error("Failed to bootstrap agent", e1);
+                } catch (ZtatException ex) {
+                    log.error("Failed to bootstrap agent", ex);
+                }
                 try {
                     Thread.sleep(10_000);
                 } catch (InterruptedException ex) {

ai-agent/src/main/java/io/sentrius/agent/analysis/agents/agents/VerbRegistry.java

@@ -3,6 +3,7 @@
 import io.github.classgraph.ClassGraph;
 import io.github.classgraph.ScanResult;
 import io.sentrius.sso.core.dto.capabilities.EndpointDescriptor;
+import io.sentrius.agent.discovery.AgentEndpointDiscoveryService;
 import io.sentrius.sso.core.dto.ztat.AgentExecution;
 import io.sentrius.sso.core.dto.ztat.ZtatRequestDTO;
 import io.sentrius.sso.core.exceptions.ZtatException;
@@ -39,6 +40,8 @@ public class VerbRegistry {
     private final Map<String, AgentVerb> verbs = new HashMap<>();
     private final Map<String, Object> instances = new HashMap<>();
 
+    private final AgentEndpointDiscoveryService agentEndpointDiscoveryService;
+
     public void scanClasspath() {
         // Scan the classpath for classes with the @Verb annotation
         synchronized (this) {
@@ -173,7 +176,7 @@ public VerbResponse execute(AgentExecution agentExecution, VerbResponse priorRes
     public Map<String, AgentVerb> getVerbs() {
         return new HashMap<>(verbs);
     }
-    
+
     /**
      * Gets endpoint descriptors for all registered verbs.
      * This provides integration with the centralized endpoint scanning system.

ai-agent/src/main/java/io/sentrius/agent/config/AgentConfigOptions.java

@@ -1,5 +1,6 @@
 package io.sentrius.agent.config;
 
+import java.util.List;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.extern.slf4j.Slf4j;
@@ -14,4 +15,5 @@ public class AgentConfigOptions {
 
     private String namePrefix;
     private String type;
+    private List<String> endpoints;
 }

ai-agent/src/main/java/io/sentrius/agent/discovery/AgentEndpointDiscoveryService.java

@@ -0,0 +1,78 @@
+package io.sentrius.agent.discovery;
+
+import io.sentrius.agent.analysis.agents.agents.AgentVerb;
+import io.sentrius.agent.config.AgentConfigOptions;
+import io.sentrius.sso.core.dto.capabilities.EndpointDescriptor;
+import io.sentrius.sso.core.dto.ztat.AgentExecution;
+import io.sentrius.sso.core.exceptions.ZtatException;
+import io.sentrius.sso.core.model.verbs.DefaultInterpreter;
+import io.sentrius.sso.core.services.agents.ZeroTrustClientService;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestTemplate;
+
+import java.util.*;
+import java.util.stream.Collectors;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+public class AgentEndpointDiscoveryService {
+
+    private final AgentConfigOptions agentConfigOptions;
+    private final RestTemplate restTemplate = new RestTemplate();
+    private final ZeroTrustClientService zeroTrustClientService;
+
+    // Simulated verb registry for example
+    private final Map<String, AgentVerb> verbs = new HashMap<>();
+
+    public Map<String, AgentVerb> discoverEndpoints(AgentExecution agentExecution) {
+        String discoveryUrl = agentConfigOptions.getEndpoints() + "?type=VERB";
+
+        log.info("Querying discovery endpoint: {}", discoveryUrl);
+
+        try {
+
+            List<EndpointDescriptor> descriptors = zeroTrustClientService.callGetOnApi(agentExecution, discoveryUrl);
+            if (descriptors == null || descriptors.isEmpty()) {
+                log.info("No endpoints discovered from capabilities API");
+                return verbs;
+            }
+
+            List<EndpointDescriptor> verbEndpoints = descriptors.stream()
+                .filter(d -> "VERB".equalsIgnoreCase(d.getType()))
+                .toList();
+
+            log.info("Discovered {} VERB endpoints", verbEndpoints.size());
+
+            for (EndpointDescriptor endpoint : verbEndpoints) {
+                if (!verbs.containsKey(endpoint.getName())) {
+                    log.warn("Discovered verb '{}' not registered in agent", endpoint.getName());
+                    // You could also register it here dynamically if desired
+                    verbs.put(endpoint.getName(), convertToVerbDefinition(endpoint));
+                }
+            }
+
+        } catch (Exception e) {
+            log.error("Failed to discover endpoints: {}", e.getMessage(), e);
+        } catch (ZtatException e) {
+            throw new RuntimeException(e);
+        }
+        return verbs;
+    }
+
+    private AgentVerb convertToVerbDefinition(EndpointDescriptor descriptor) {
+        return AgentVerb.builder()
+            .name(descriptor.getName())
+            .description(descriptor.getDescription())
+            .returnType(descriptor.getReturnType() != null ? descriptor.getReturnType() : String.class)
+            .requiresTokenManagement(descriptor.isRequiresTokenManagement())
+            .outputInterpreter(DefaultInterpreter.class) // You can enhance this later if `metadata` has interpreter info
+            .inputInterpreter(DefaultInterpreter.class)
+            .paramDescriptions(descriptor.getParameters())
+            .isAiCallable(true) // Assume everything from the API is callable
+            .build();
+    }
+}

api/src/main/java/io/sentrius/sso/config/AppConfig.java

@@ -12,4 +12,13 @@ public class AppConfig {
     // Your configuration beans
     @Value("${agentproxy.externalUrl:}") // Defaults to empty string if not set
     private String agentProxyExternalUrl;
+
+    @Value("${sentrius.agent.register.bootstrap.allow:false}")
+    private boolean allowRegistration;
+
+    @Value("${sentrius.agent.bootstrap.policy:default-policy.yaml}")
+    private String defaultPolicyFile;
+
+    @Value("${sentrius.agent.launcher.service:http://sentrius-launcherservice:8080/}")
+    private String sentriusLauncherService;
 }

api/src/main/java/io/sentrius/sso/controllers/api/AgentApiController.java

@@ -151,7 +151,7 @@ public ResponseEntity<?> requestRegistration(
         @RequestHeader("Authorization") String token,
         HttpServletRequest request, HttpServletResponse response) throws SQLException, GeneralSecurityException {
 
-        String compactJwt = token.startsWith("Bearer ") ? token.substring(7) : token;
+        String compactJwt = token.startsWith("Beaer ") ? token.substring(7) : token;
 
 
         if (!keycloakService.validateJwt(compactJwt)) {