mur_core/a2a/

client.rs

//! A2A Client — discover and communicate with remote agents.

use super::protocol::{
    AgentCard, JsonRpcRequest, JsonRpcResponse, TaskRequest, TaskResponse, TaskStatusUpdate,
    methods,
};
use anyhow::{Context, Result};
use std::collections::HashMap;
use tokio::sync::RwLock;

/// Client for communicating with A2A-compatible agents.
pub struct A2aClient {
    http: reqwest::Client,
    /// Cache of discovered agent cards keyed by base URL.
    agent_cache: RwLock<HashMap<String, AgentCard>>,
    /// Per-agent bearer tokens keyed by base URL.
    agent_tokens: RwLock<HashMap<String, String>>,
    /// Optional global fallback bearer token used when no per-agent token is set.
    auth_token: Option<String>,
}

/// Options for sending a task.
pub struct SendTaskOptions {
    /// Timeout in seconds.
    pub timeout_secs: Option<u64>,
    /// Whether to subscribe to streaming updates.
    pub subscribe: bool,
}

impl Default for SendTaskOptions {
    fn default() -> Self {
        Self {
            timeout_secs: Some(30),
            subscribe: false,
        }
    }
}

impl A2aClient {
    /// Create a new A2A client with an optional global fallback auth token.
    pub fn new(auth_token: Option<String>) -> Self {
        Self {
            http: reqwest::Client::builder()
                .connect_timeout(std::time::Duration::from_secs(10))
                .timeout(std::time::Duration::from_secs(30))
                .build()
                .unwrap_or_else(|_| reqwest::Client::new()),
            agent_cache: RwLock::new(HashMap::new()),
            agent_tokens: RwLock::new(HashMap::new()),
            auth_token,
        }
    }

    /// Set an authentication token for a specific agent base URL.
    pub async fn set_agent_token(&self, base_url: &str, token: String) {
        let mut tokens = self.agent_tokens.write().await;
        tokens.insert(base_url.to_string(), token);
    }

    /// Look up the bearer token for a given base URL.
    /// Returns the per-agent token if set, otherwise falls back to the global token.
    async fn resolve_token(&self, base_url: &str) -> Option<String> {
        let tokens = self.agent_tokens.read().await;
        if let Some(token) = tokens.get(base_url) {
            return Some(token.clone());
        }
        self.auth_token.clone()
    }

    /// Validate a URL to prevent SSRF attacks.
    fn validate_url(url_str: &str) -> Result<()> {
        if !url_str.starts_with("http://") && !url_str.starts_with("https://") {
            anyhow::bail!("Only http/https URLs allowed, got: {}", url_str);
        }
        // Extract host portion
        let host = url_str
            .split("://").nth(1).unwrap_or("")
            .split('/').next().unwrap_or("")
            .split(':').next().unwrap_or("");
        let blocked = [
            "localhost", "127.0.0.1", "::1", "0.0.0.0",
            "metadata.google.internal",
        ];
        if blocked.contains(&host)
            || host.starts_with("169.254.")
            || host.starts_with("10.")
            || host.starts_with("192.168.")
            || host.starts_with("172.16.") || host.starts_with("172.17.")
        {
            anyhow::bail!("SSRF blocked: URL points to private/loopback address: {}", host);
        }
        Ok(())
    }

    /// Discover an agent by fetching its card from `/.well-known/agent.json`.
    pub async fn discover(&self, base_url: &str) -> Result<AgentCard> {
        let url = format!(
            "{}/.well-known/agent.json",
            base_url.trim_end_matches('/')
        );
        Self::validate_url(&url)?;

        let mut request = self.http.get(&url);
        if let Some(token) = self.resolve_token(base_url).await {
            request = request.header("Authorization", format!("Bearer {}", token));
        }

        let response = request
            .send()
            .await
            .with_context(|| format!("Fetching agent card from {}", url))?;

        if !response.status().is_success() {
            anyhow::bail!(
                "Agent discovery failed for {}: HTTP {}",
                url,
                response.status()
            );
        }

        let card: AgentCard = response
            .json()
            .await
            .context("Parsing agent card JSON")?;

        // Cache the card
        {
            let mut cache = self.agent_cache.write().await;
            cache.insert(base_url.to_string(), card.clone());
        }

        Ok(card)
    }

    /// Get a cached agent card, or discover if not cached.
    pub async fn get_agent(&self, base_url: &str) -> Result<AgentCard> {
        {
            let cache = self.agent_cache.read().await;
            if let Some(card) = cache.get(base_url) {
                return Ok(card.clone());
            }
        }
        self.discover(base_url).await
    }

    /// Send a task to an agent, optionally applying a timeout from `SendTaskOptions`.
    pub async fn send_task(
        &self,
        agent_url: &str,
        task: &TaskRequest,
        options: Option<SendTaskOptions>,
    ) -> Result<TaskResponse> {
        let rpc_request = JsonRpcRequest::new(
            methods::TASKS_SEND,
            Some(serde_json::to_value(task)?),
            serde_json::json!(uuid::Uuid::new_v4().to_string()),
        );

        let timeout_secs = options.and_then(|o| o.timeout_secs);
        let rpc_future = self.send_rpc(agent_url, &rpc_request);

        let response = if let Some(secs) = timeout_secs {
            tokio::time::timeout(std::time::Duration::from_secs(secs), rpc_future)
                .await
                .map_err(|_| anyhow::anyhow!("Task send timed out after {}s", secs))??
        } else {
            rpc_future.await?
        };

        if let Some(error) = response.error {
            anyhow::bail!("A2A error {}: {}", error.code, error.message);
        }

        let result = response
            .result
            .ok_or_else(|| anyhow::anyhow!("Empty result from agent"))?;

        serde_json::from_value(result).context("Parsing task response")
    }

    /// Get the status of a task.
    pub async fn get_task(
        &self,
        agent_url: &str,
        task_id: &str,
    ) -> Result<TaskResponse> {
        let rpc_request = JsonRpcRequest::new(
            methods::TASKS_GET,
            Some(serde_json::json!({"id": task_id})),
            serde_json::json!(uuid::Uuid::new_v4().to_string()),
        );

        let response = self.send_rpc(agent_url, &rpc_request).await?;

        if let Some(error) = response.error {
            anyhow::bail!("A2A error {}: {}", error.code, error.message);
        }

        let result = response
            .result
            .ok_or_else(|| anyhow::anyhow!("Empty result from agent"))?;

        serde_json::from_value(result).context("Parsing task response")
    }

    /// Cancel a running task.
    pub async fn cancel_task(
        &self,
        agent_url: &str,
        task_id: &str,
    ) -> Result<TaskStatusUpdate> {
        let rpc_request = JsonRpcRequest::new(
            methods::TASKS_CANCEL,
            Some(serde_json::json!({"id": task_id})),
            serde_json::json!(uuid::Uuid::new_v4().to_string()),
        );

        let response = self.send_rpc(agent_url, &rpc_request).await?;

        if let Some(error) = response.error {
            anyhow::bail!("A2A error {}: {}", error.code, error.message);
        }

        let result = response
            .result
            .ok_or_else(|| anyhow::anyhow!("Empty result from agent"))?;

        serde_json::from_value(result).context("Parsing cancel response")
    }

    /// Send a raw JSON-RPC request to an agent.
    async fn send_rpc(
        &self,
        agent_url: &str,
        request: &JsonRpcRequest,
    ) -> Result<JsonRpcResponse> {
        let url = format!("{}/a2a", agent_url.trim_end_matches('/'));

        let mut http_request = self
            .http
            .post(&url)
            .header("Content-Type", "application/json");

        if let Some(token) = self.resolve_token(agent_url).await {
            http_request =
                http_request.header("Authorization", format!("Bearer {}", token));
        }

        let response = http_request
            .json(request)
            .send()
            .await
            .with_context(|| format!("Sending A2A request to {}", url))?;

        if !response.status().is_success() {
            anyhow::bail!("A2A request failed: HTTP {}", response.status());
        }

        response.json().await.context("Parsing JSON-RPC response")
    }

    /// List all cached agents.
    pub async fn cached_agents(&self) -> Vec<AgentCard> {
        let cache = self.agent_cache.read().await;
        cache.values().cloned().collect()
    }

    /// Clear the agent cache.
    pub async fn clear_cache(&self) {
        let mut cache = self.agent_cache.write().await;
        cache.clear();
    }
}

/// Response from a multi-agent broadcast.
#[derive(Debug)]
pub struct BroadcastResult {
    pub agent_url: String,
    pub result: Result<TaskResponse>,
}

/// Broadcast a task to multiple agents sequentially.
///
/// Since `client` is behind `&` (not `Arc`), we dispatch one at a time.
/// Each agent receives its own send_task call.
pub async fn broadcast_task(
    client: &A2aClient,
    agent_urls: &[String],
    task: &TaskRequest,
) -> Vec<BroadcastResult> {
    let mut results = Vec::with_capacity(agent_urls.len());

    for url in agent_urls {
        let result = client.send_task(url, task, None).await;
        results.push(BroadcastResult {
            agent_url: url.clone(),
            result,
        });
    }

    results
}

#[cfg(test)]
mod tests {
    use super::*;

    #[tokio::test]
    async fn test_client_creation() {
        let client = A2aClient::new(None);
        assert!(client.cached_agents().await.is_empty());

        let client_auth = A2aClient::new(Some("test-token".into()));
        assert!(client_auth.auth_token.is_some());
    }

    #[test]
    fn test_send_task_options_default() {
        let opts = SendTaskOptions::default();
        assert_eq!(opts.timeout_secs, Some(30));
        assert!(!opts.subscribe);
    }

    #[tokio::test]
    async fn test_cache_operations() {
        let client = A2aClient::new(None);
        assert!(client.cached_agents().await.is_empty());
        client.clear_cache().await;
        assert!(client.cached_agents().await.is_empty());
    }

    #[tokio::test]
    async fn test_per_agent_token() {
        let client = A2aClient::new(Some("global-token".into()));

        // No per-agent token yet — should fall back to global
        let token = client.resolve_token("https://agent-a.example.com").await;
        assert_eq!(token, Some("global-token".into()));

        // Set a per-agent token
        client.set_agent_token("https://agent-a.example.com", "agent-a-token".into()).await;

        // Per-agent token takes precedence
        let token = client.resolve_token("https://agent-a.example.com").await;
        assert_eq!(token, Some("agent-a-token".into()));

        // Other agents still use the global fallback
        let token = client.resolve_token("https://agent-b.example.com").await;
        assert_eq!(token, Some("global-token".into()));
    }

    #[tokio::test]
    async fn test_no_token() {
        let client = A2aClient::new(None);
        let token = client.resolve_token("https://agent.example.com").await;
        assert!(token.is_none());
    }
}