feat(auth): add tool authentication request flow

Add support for tools to request authentication credentials during execution:

- Add RequestedAuthConfigs field to EventActions for storing auth requests
- Implement GenerateAuthEvent to convert auth requests to adk_request_credential function calls
- Add RequestAuthConfig method to ToolContext for tools to request authentication
- Add AuthConfig field to Tool interface for tools to declare auth requirements
- Integrate auth event generation into the LLM base flow

Also fix test comparisons to ignore RequestedAuthConfigs field initialization
and add UTC timezone setup in database tests for consistent timestamp formatting.

Author: cpunion

agent/remoteagent/a2a_agent_test.go

@@ -756,6 +756,7 @@ func TestRemoteAgent_EmptyResultForEmptySession(t *testing.T) {
 		cmpopts.IgnoreFields(session.Event{}, "ID"),
 		cmpopts.IgnoreFields(session.Event{}, "Timestamp"),
 		cmpopts.IgnoreFields(session.EventActions{}, "StateDelta"),
+		cmpopts.IgnoreFields(session.EventActions{}, "RequestedAuthConfigs"),
 	}
 	if diff := cmp.Diff(wantEvents, gotEvents, ignoreFields...); diff != "" {
 		t.Fatalf("agent.Run() wrong result (+got,-want):\ngot = %+v\nwant = %+v\ndiff = %s", gotEvents, wantEvents, diff)

agent/remoteagent/utils_test.go

@@ -305,6 +305,7 @@ func TestPresentAsUserMessage(t *testing.T) {
 		cmpopts.IgnoreFields(session.Event{}, "InvocationID"),
 		cmpopts.IgnoreFields(session.Event{}, "Timestamp"),
 		cmpopts.IgnoreFields(session.EventActions{}, "StateDelta"),
+		cmpopts.IgnoreFields(session.EventActions{}, "RequestedAuthConfigs"),
 	}
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {

agent/workflowagents/loopagent/agent_test.go

@@ -234,7 +234,7 @@ func TestNewLoopAgent(t *testing.T) {
 
 			ignoreFields := []cmp.Option{
 				cmpopts.IgnoreFields(session.Event{}, "ID", "InvocationID", "Timestamp"),
-				cmpopts.IgnoreFields(session.EventActions{}, "StateDelta"),
+				cmpopts.IgnoreFields(session.EventActions{}, "StateDelta", "RequestedAuthConfigs"),
 				cmpopts.IgnoreFields(genai.FunctionCall{}, "ID"),
 				cmpopts.IgnoreFields(genai.FunctionResponse{}, "ID"),
 			}

agent/workflowagents/sequentialagent/agent_test.go

@@ -254,7 +254,7 @@ func TestNewSequentialAgent(t *testing.T) {
 				for i, gotEvent := range gotEvents {
 					tt.wantEvents[i].Timestamp = gotEvent.Timestamp
 					if diff := cmp.Diff(tt.wantEvents[i], gotEvent, cmpopts.IgnoreFields(session.Event{}, "ID", "Timestamp", "InvocationID"),
-						cmpopts.IgnoreFields(session.EventActions{}, "StateDelta")); diff != "" {
+						cmpopts.IgnoreFields(session.EventActions{}, "StateDelta", "RequestedAuthConfigs")); diff != "" {
 						t.Errorf("event[i] mismatch (-want +got):\n%s", diff)
 					}
 				}

internal/llminternal/auth_functions.go

@@ -0,0 +1,89 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package llminternal
+
+import (
+	"github.com/google/uuid"
+	"google.golang.org/genai"
+
+	"google.golang.org/adk/agent"
+	"google.golang.org/adk/auth"
+	"google.golang.org/adk/model"
+	"google.golang.org/adk/session"
+)
+
+const afFunctionCallIDPrefix = "adk-"
+
+// generateFunctionCallID creates a unique function call ID.
+// This matches Python's generate_client_function_call_id() with AF_FUNCTION_CALL_ID_PREFIX = 'adk-'
+func generateFunctionCallID() string {
+	return afFunctionCallIDPrefix + uuid.NewString()
+}
+
+// GenerateAuthEvent creates an event with adk_request_credential function calls
+// from the RequestedAuthConfigs in the function response event.
+// This matches Python ADK's generate_auth_event in flows/llm_flows/functions.py.
+func GenerateAuthEvent(ctx agent.InvocationContext, fnResponseEvent *session.Event) *session.Event {
+	if fnResponseEvent == nil || len(fnResponseEvent.Actions.RequestedAuthConfigs) == 0 {
+		return nil
+	}
+
+	var parts []*genai.Part
+	var longRunningToolIDs []string
+
+	for functionCallID, authConfig := range fnResponseEvent.Actions.RequestedAuthConfigs {
+		// Create args map matching Python's AuthToolArguments.model_dump()
+		// Note: We preserve *auth.AuthConfig pointer since this is in-memory,
+		// matching Python's behavior where objects are passed by reference.
+		argsMap := map[string]any{
+			"function_call_id": functionCallID,
+			"auth_config":      authConfig, // Keep as *auth.AuthConfig pointer
+		}
+
+		// Create the adk_request_credential function call
+		requestEucFunctionCall := &genai.FunctionCall{
+			Name: auth.RequestEUCFunctionCallName,
+			Args: argsMap,
+		}
+
+		// Generate a unique ID for this function call
+		requestEucFunctionCall.ID = generateFunctionCallID()
+		longRunningToolIDs = append(longRunningToolIDs, requestEucFunctionCall.ID)
+
+		parts = append(parts, &genai.Part{
+			FunctionCall: requestEucFunctionCall,
+		})
+	}
+
+	// Determine the role from the original event
+	role := "model"
+	if fnResponseEvent.Content != nil && fnResponseEvent.Content.Role != "" {
+		role = fnResponseEvent.Content.Role
+	}
+
+	// Create the auth event
+	authEvent := session.NewEvent(ctx.InvocationID())
+	authEvent.Author = ctx.Agent().Name()
+	authEvent.Branch = ctx.Branch()
+	authEvent.LLMResponse = model.LLMResponse{
+		Content: &genai.Content{
+			Role:  role,
+			Parts: parts,
+		},
+	}
+	authEvent.LongRunningToolIDs = longRunningToolIDs
+
+	return authEvent
+}

internal/llminternal/auth_functions_test.go

@@ -0,0 +1,150 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package llminternal
+
+import (
+	"testing"
+
+	"google.golang.org/adk/auth"
+	contextinternal "google.golang.org/adk/internal/context"
+	"google.golang.org/adk/session"
+)
+
+func TestGenerateAuthEvent_Nil(t *testing.T) {
+	inv := contextinternal.NewInvocationContext(t.Context(), contextinternal.InvocationContextParams{})
+
+	// Nil event
+	result := GenerateAuthEvent(inv, nil)
+	if result != nil {
+		t.Error("GenerateAuthEvent(nil) should return nil")
+	}
+
+	// Empty RequestedAuthConfigs
+	event := &session.Event{
+		Actions: session.EventActions{
+			RequestedAuthConfigs: make(map[string]*auth.AuthConfig),
+		},
+	}
+	result = GenerateAuthEvent(inv, event)
+	if result != nil {
+		t.Error("GenerateAuthEvent with empty RequestedAuthConfigs should return nil")
+	}
+}
+
+// Note: TestGenerateAuthEvent_CreatesEvent and TestGenerateAuthEvent_MultipleCalls
+// are skipped as they require full invocation context with agent setup.
+// The GenerateAuthEvent function is tested indirectly through integration tests.
+
+func TestGenerateFunctionCallID(t *testing.T) {
+	id1 := generateFunctionCallID()
+	id2 := generateFunctionCallID()
+
+	if id1 == "" {
+		t.Error("generateFunctionCallID() returned empty string")
+	}
+	if id1 == id2 {
+		t.Error("generateFunctionCallID() should return unique IDs")
+	}
+	if len(id1) < 4 || id1[:4] != "adk-" {
+		t.Errorf("generateFunctionCallID() = %q, should start with 'adk-'", id1)
+	}
+}
+
+func TestParseAuthConfigFromMap(t *testing.T) {
+	data := map[string]any{
+		"credential_key": "test-key",
+		"exchanged_auth_credential": map[string]any{
+			"auth_type": "oauth2",
+			"oauth2": map[string]any{
+				"access_token":  "token123",
+				"refresh_token": "refresh456",
+				"expires_at":    float64(1234567890),
+			},
+		},
+	}
+
+	config, err := parseAuthConfigFromMap(data)
+	if err != nil {
+		t.Fatalf("parseAuthConfigFromMap() error = %v", err)
+	}
+	if config.CredentialKey != "test-key" {
+		t.Errorf("CredentialKey = %q, want %q", config.CredentialKey, "test-key")
+	}
+	if config.ExchangedAuthCredential == nil {
+		t.Fatal("ExchangedAuthCredential should not be nil")
+	}
+	if config.ExchangedAuthCredential.OAuth2 == nil {
+		t.Fatal("OAuth2 should not be nil")
+	}
+	if config.ExchangedAuthCredential.OAuth2.AccessToken != "token123" {
+		t.Errorf("AccessToken = %q, want %q", config.ExchangedAuthCredential.OAuth2.AccessToken, "token123")
+	}
+}
+
+func TestParseAuthCredentialFromMap(t *testing.T) {
+	data := map[string]any{
+		"auth_type": "oauth2",
+		"oauth2": map[string]any{
+			"access_token":  "access",
+			"refresh_token": "refresh",
+			"expires_at":    float64(9999999999),
+		},
+	}
+
+	cred, err := parseAuthCredentialFromMap(data)
+	if err != nil {
+		t.Fatalf("parseAuthCredentialFromMap() error = %v", err)
+	}
+	if cred.AuthType != auth.AuthCredentialTypeOAuth2 {
+		t.Errorf("AuthType = %v, want %v", cred.AuthType, auth.AuthCredentialTypeOAuth2)
+	}
+	if cred.OAuth2.AccessToken != "access" {
+		t.Errorf("AccessToken = %q, want %q", cred.OAuth2.AccessToken, "access")
+	}
+	if cred.OAuth2.RefreshToken != "refresh" {
+		t.Errorf("RefreshToken = %q, want %q", cred.OAuth2.RefreshToken, "refresh")
+	}
+}
+
+func TestParseAuthCredentialFromMap_NotAMap(t *testing.T) {
+	_, err := parseAuthCredentialFromMap("not a map")
+	if err == nil {
+		t.Error("parseAuthCredentialFromMap() should error for non-map input")
+	}
+}
+
+func TestAuthPreprocessorResult_Init(t *testing.T) {
+	// Verify CurrentAuthPreprocessorResult starts as nil
+	if CurrentAuthPreprocessorResult != nil {
+		// Clear it for test isolation
+		CurrentAuthPreprocessorResult = nil
+	}
+
+	result := &AuthPreprocessorResult{
+		ToolIdsToResume:   make(map[string]bool),
+		CredentialsStored: true,
+		OriginalEvent:     &session.Event{},
+	}
+
+	if result.ToolIdsToResume == nil {
+		t.Error("ToolIdsToResume should not be nil")
+	}
+	if !result.CredentialsStored {
+		t.Error("CredentialsStored should be true")
+	}
+	if result.OriginalEvent == nil {
+		t.Error("OriginalEvent should not be nil")
+	}
+}

internal/llminternal/base_flow.go

@@ -125,6 +125,38 @@ func (f *Flow) runOneStep(ctx agent.InvocationContext) iter.Seq2[*session.Event,
 		if ctx.Ended() {
 			return
 		}
+
+		// Check if auth preprocessor found tools that need to be re-executed.
+		// This implements the "Surgical Resumption" pattern from Python ADK.
+		if result := CurrentAuthPreprocessorResult; result != nil && result.OriginalEvent != nil && len(result.ToolIdsToResume) > 0 {
+			// Clear the result immediately to prevent re-processing
+			CurrentAuthPreprocessorResult = nil
+
+			// Build tools map
+			tools := make(map[string]tool.Tool)
+			for k, v := range req.Tools {
+				if t, ok := v.(tool.Tool); ok {
+					tools[k] = t
+				}
+			}
+
+			// Execute function calls from the original event that match our tools_to_resume
+			// This matches Python's handle_function_calls_async with tools_to_resume filter
+			fnResponseEvent, err := f.handleFunctionCalls(ctx, tools, &result.OriginalEvent.LLMResponse, result.ToolIdsToResume)
+			if err != nil {
+				yield(nil, err)
+				return
+			}
+			if fnResponseEvent != nil {
+				if !yield(fnResponseEvent, nil) {
+					return
+				}
+			}
+
+			// Return after tool re-execution - Python does the same
+			return
+		}
+
 		spans := telemetry.StartTrace(ctx, "call_llm")
 		// Create event to pass to callback state delta
 		stateDelta := make(map[string]any)
@@ -163,10 +195,8 @@ func (f *Flow) runOneStep(ctx agent.InvocationContext) iter.Seq2[*session.Event,
 			if !yield(modelResponseEvent, nil) {
 				return
 			}
-			// TODO: generate and yield an auth event if needed.
 
 			// Handle function calls.
-
 			ev, err := f.handleFunctionCalls(ctx, tools, resp)
 			if err != nil {
 				yield(nil, err)
@@ -180,6 +210,14 @@ func (f *Flow) runOneStep(ctx agent.InvocationContext) iter.Seq2[*session.Event,
 				return
 			}
 
+			// Generate and yield an auth event if needed.
+			// This converts RequestedAuthConfigs into adk_request_credential function calls.
+			if authEvent := GenerateAuthEvent(ctx, ev); authEvent != nil {
+				if !yield(authEvent, nil) {
+					return
+				}
+			}
+
 			// Actually handle "transfer_to_agent" tool. The function call sets the ev.Actions.TransferToAgent field.
 			// We are following python's execution flow which is
 			//   BaseLlmFlow._postprocess_async
@@ -364,14 +402,25 @@ func findLongRunningFunctionCallIDs(c *genai.Content, tools map[string]tool.Tool
 }
 
 // handleFunctionCalls calls the functions and returns the function response event.
+// If toolsToResume is non-nil and non-empty, only function calls with IDs in the map are executed.
 //
-// TODO: accept filters to include/exclude function calls.
 // TODO: check feasibility of running tool.Run concurrently.
-func (f *Flow) handleFunctionCalls(ctx agent.InvocationContext, toolsDict map[string]tool.Tool, resp *model.LLMResponse) (*session.Event, error) {
+func (f *Flow) handleFunctionCalls(ctx agent.InvocationContext, toolsDict map[string]tool.Tool, resp *model.LLMResponse, toolsToResume ...map[string]bool) (*session.Event, error) {
 	var fnResponseEvents []*session.Event
 
+	// Build filter map if provided
+	var filterMap map[string]bool
+	if len(toolsToResume) > 0 && toolsToResume[0] != nil && len(toolsToResume[0]) > 0 {
+		filterMap = toolsToResume[0]
+	}
+
 	fnCalls := utils.FunctionCalls(resp.Content)
 	for _, fnCall := range fnCalls {
+		// Skip function calls not in the filter (if filter is provided)
+		if filterMap != nil && !filterMap[fnCall.ID] {
+			continue
+		}
+
 		curTool, ok := toolsDict[fnCall.Name]
 		if !ok {
 			return nil, fmt.Errorf("unknown tool: %q", fnCall.Name)
@@ -380,6 +429,7 @@ func (f *Flow) handleFunctionCalls(ctx agent.InvocationContext, toolsDict map[st
 		if !ok {
 			return nil, fmt.Errorf("tool %q is not a function tool", curTool.Name())
 		}
+
 		toolCtx := toolinternal.NewToolContext(ctx, fnCall.ID, &session.EventActions{StateDelta: make(map[string]any)})
 		// toolCtx := tool.
 		spans := telemetry.StartTrace(ctx, "execute_tool "+fnCall.Name)