adk-acp 0.8.2

Agent Client Protocol (ACP) integration for ADK-Rust — connect to Claude Code, Codex, and other ACP agents
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193

//! Permission bridge between ADK ToolConfirmation and ACP RequestPermission.
//!
//! When the ADK Runner encounters a tool requiring confirmation, the bridge:
//! 1. Sends a RequestPermission to the ACP client
//! 2. Waits for the client response (or timeout)
//! 3. Returns the decision to the caller

use std::collections::HashMap;
use std::sync::Arc;
use std::time::Duration;

use tokio::sync::{Mutex, oneshot};

use super::error::AcpServerError;

/// Outcome of a permission request.
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum PermissionOutcome {
    /// The client approved the tool call.
    Approved,
    /// The client denied the tool call.
    Denied,
    /// No response arrived within the configured timeout.
    Timeout,
}

/// A pending permission request waiting for client response.
struct PendingPermission {
    #[allow(dead_code)]
    tool_name: String,
    response_tx: oneshot::Sender<bool>,
}

/// Bridges ADK ToolConfirmation with ACP RequestPermission.
///
/// Manages pending permission requests indexed by `function_call_id`.
/// Each request creates a oneshot channel; the caller awaits the response
/// or times out.
///
/// # Example
///
/// ```rust,ignore
/// let bridge = PermissionBridge::new(Duration::from_secs(120));
///
/// // In the handler task:
/// let outcome = bridge.request_permission("delete_file", "fc-1", &args).await;
///
/// // When client responds:
/// bridge.resolve_permission("fc-1", true).await?;
/// ```
pub struct PermissionBridge {
    timeout: Duration,
    pending: Arc<Mutex<HashMap<String, PendingPermission>>>,
}

impl PermissionBridge {
    /// Create a new permission bridge with the given timeout.
    pub fn new(timeout: Duration) -> Self {
        Self { timeout, pending: Arc::new(Mutex::new(HashMap::new())) }
    }

    /// Request permission for a tool call.
    ///
    /// Creates a oneshot channel, stores the pending request, and waits
    /// for a response or timeout. Returns the outcome.
    pub async fn request_permission(
        &self,
        tool_name: &str,
        function_call_id: &str,
        _args: &serde_json::Value,
    ) -> PermissionOutcome {
        let (tx, rx) = oneshot::channel();

        {
            let mut pending = self.pending.lock().await;
            pending.insert(
                function_call_id.to_string(),
                PendingPermission { tool_name: tool_name.to_string(), response_tx: tx },
            );
        }

        // Wait for response or timeout
        match tokio::time::timeout(self.timeout, rx).await {
            Ok(Ok(approved)) => {
                if approved {
                    PermissionOutcome::Approved
                } else {
                    PermissionOutcome::Denied
                }
            }
            Ok(Err(_)) => {
                // Channel was dropped (sender gone) — treat as denial
                self.cleanup(function_call_id).await;
                PermissionOutcome::Denied
            }
            Err(_) => {
                // Timeout expired
                self.cleanup(function_call_id).await;
                PermissionOutcome::Timeout
            }
        }
    }

    /// Resolve a pending permission request.
    ///
    /// Called when the ACP client responds to a RequestPermission message.
    ///
    /// # Errors
    ///
    /// Returns `SessionNotFound` if the `function_call_id` is not in the pending map.
    pub async fn resolve_permission(
        &self,
        function_call_id: &str,
        approved: bool,
    ) -> Result<(), AcpServerError> {
        let mut pending = self.pending.lock().await;
        let entry = pending.remove(function_call_id).ok_or_else(|| {
            AcpServerError::SessionNotFound(format!(
                "no pending permission for function_call_id: {function_call_id}"
            ))
        })?;

        // Send the decision; ignore error if receiver was dropped
        let _ = entry.response_tx.send(approved);
        Ok(())
    }

    /// Remove a pending request from the map (cleanup after timeout/drop).
    async fn cleanup(&self, function_call_id: &str) {
        let mut pending = self.pending.lock().await;
        pending.remove(function_call_id);
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[tokio::test]
    async fn test_approval_flow() {
        let bridge = PermissionBridge::new(Duration::from_secs(5));
        let bridge_clone = Arc::new(bridge);
        let bridge_for_resolve = bridge_clone.clone();

        let handle = tokio::spawn(async move {
            bridge_clone.request_permission("delete_file", "fc-1", &serde_json::json!({})).await
        });

        // Small delay to ensure request is registered
        tokio::time::sleep(Duration::from_millis(10)).await;

        bridge_for_resolve.resolve_permission("fc-1", true).await.unwrap();

        let outcome = handle.await.unwrap();
        assert_eq!(outcome, PermissionOutcome::Approved);
    }

    #[tokio::test]
    async fn test_denial_flow() {
        let bridge = PermissionBridge::new(Duration::from_secs(5));
        let bridge_clone = Arc::new(bridge);
        let bridge_for_resolve = bridge_clone.clone();

        let handle = tokio::spawn(async move {
            bridge_clone.request_permission("delete_file", "fc-2", &serde_json::json!({})).await
        });

        tokio::time::sleep(Duration::from_millis(10)).await;

        bridge_for_resolve.resolve_permission("fc-2", false).await.unwrap();

        let outcome = handle.await.unwrap();
        assert_eq!(outcome, PermissionOutcome::Denied);
    }

    #[tokio::test]
    async fn test_timeout_flow() {
        let bridge = PermissionBridge::new(Duration::from_millis(50));

        let outcome =
            bridge.request_permission("delete_file", "fc-3", &serde_json::json!({})).await;

        assert_eq!(outcome, PermissionOutcome::Timeout);
    }

    #[tokio::test]
    async fn test_resolve_unknown_id() {
        let bridge = PermissionBridge::new(Duration::from_secs(5));

        let result = bridge.resolve_permission("unknown-id", true).await;
        assert!(result.is_err());
    }
}