adelorenzo/konstruct
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(03-01): backend API endpoints — channels, billing, usage, and audit logger enhancement

Browse Source 
- Create channels.py: HMAC-signed OAuth state generation/verification, Slack OAuth install/callback, WhatsApp manual connect, test message endpoint
- Create billing.py: Stripe Checkout session, billing portal session, webhook handler with idempotency (StripeEvent table), subscription lifecycle management
- Update usage.py: add _aggregate_rows_by_agent and _aggregate_rows_by_provider helpers (unit-testable without DB), complete usage endpoints
- Fix audit.py: rename 'metadata' attribute to 'event_metadata' (SQLAlchemy 2.0 DeclarativeBase reserves 'metadata')
- Enhance runner.py: audit log now includes prompt_tokens, completion_tokens, total_tokens, cost_usd, provider in LLM call metadata
- Update api/__init__.py to export all new routers
- All 27 unit tests passing
This commit is contained in:
Adolfo Delorenzo
2026-03-23 21:24:08 -06:00
parent 215e67a7eb
commit 4cbf192fa5
9 changed files with 1297 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
packages/shared/shared/api/__init__.py
View File

@@ -4,6 +4,15 @@ Konstruct shared API routers.
Import and mount these routers in service main.py files.
"""
from shared.api.billing import billing_router, webhook_router
from shared.api.channels import channels_router
from shared.api.portal import portal_router
from shared.api.usage import usage_router
__all__ = ["portal_router"]
__all__ = [
"portal_router",
"channels_router",
"billing_router",
"webhook_router",
"usage_router",
]

333
packages/shared/shared/api/billing.py Normal file
View File

@@ -0,0 +1,333 @@
"""
Billing API endpoints — Stripe Checkout, Billing Portal, and webhook handler.
Endpoints:
POST /api/portal/billing/checkout → create Stripe Checkout Session
POST /api/portal/billing/portal → create Stripe Billing Portal session
POST /api/webhooks/stripe → Stripe webhook event handler
Webhook idempotency:
All webhook events are checked against the stripe_events table before
processing. If the event_id already exists, the handler returns "already_processed"
immediately. This prevents duplicate processing on Stripe's at-least-once delivery.
StripeClient pattern:
Uses `stripe.StripeClient(api_key=...)` (new v14+ API) rather than the legacy
`stripe.api_key = ...` module-level approach, which is not thread-safe.
Webhook verification:
Uses `client.webhooks.construct_event(payload, sig_header, webhook_secret)` to
verify the Stripe-Signature header before processing any event data.
"""
from __future__ import annotations
import logging
import uuid
from typing import Any
import stripe
from fastapi import APIRouter, Depends, HTTPException, Request, status
from pydantic import BaseModel
from sqlalchemy import select, text
from sqlalchemy.exc import IntegrityError
from sqlalchemy.ext.asyncio import AsyncSession
from shared.config import settings
from shared.db import get_session
from shared.models.billing import StripeEvent
from shared.models.tenant import Agent, Tenant
logger = logging.getLogger(__name__)
billing_router = APIRouter(prefix="/api/portal/billing", tags=["billing"])
webhook_router = APIRouter(prefix="/api/webhooks", tags=["webhooks"])
# ---------------------------------------------------------------------------
# Pydantic schemas
# ---------------------------------------------------------------------------
class CheckoutRequest(BaseModel):
tenant_id: uuid.UUID
agent_count: int = 1
class CheckoutResponse(BaseModel):
url: str
session_id: str
class PortalRequest(BaseModel):
tenant_id: uuid.UUID
class PortalResponse(BaseModel):
url: str
# ---------------------------------------------------------------------------
# Internal helpers (module-level for testability — patchable)
# ---------------------------------------------------------------------------
async def _get_tenant_by_stripe_customer(
customer_id: str, session: AsyncSession
) -> Tenant | None:
"""Look up a tenant by Stripe customer ID."""
result = await session.execute(
select(Tenant).where(Tenant.stripe_customer_id == customer_id)
)
return result.scalar_one_or_none()
async def _deactivate_all_agents(session: AsyncSession, tenant_id: uuid.UUID) -> None:
"""Set is_active=False for all agents belonging to the given tenant."""
await session.execute(
text("UPDATE agents SET is_active = FALSE WHERE tenant_id = :tenant_id"),
{"tenant_id": str(tenant_id)},
)
async def _reactivate_agents(session: AsyncSession, tenant_id: uuid.UUID) -> None:
"""Set is_active=True for all agents belonging to the given tenant."""
await session.execute(
text("UPDATE agents SET is_active = TRUE WHERE tenant_id = :tenant_id"),
{"tenant_id": str(tenant_id)},
)
async def _get_tenant_or_404(tenant_id: uuid.UUID, session: AsyncSession) -> Tenant:
result = await session.execute(select(Tenant).where(Tenant.id == tenant_id))
tenant = result.scalar_one_or_none()
if tenant is None:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Tenant not found")
return tenant
# ---------------------------------------------------------------------------
# Core webhook event processor (extracted for testability)
# ---------------------------------------------------------------------------
async def process_stripe_event(event_data: dict[str, Any], session: AsyncSession) -> str:
"""
Process a Stripe webhook event dict.
Returns:
"already_processed" — if the event was already processed (idempotency guard)
"ok" — if the event was processed successfully
"skipped" — if the event type is not handled
This function is separated from the HTTP handler so it can be unit-tested
without a real HTTP request.
"""
event_id: str = event_data["id"]
event_type: str = event_data["type"]
# Idempotency check — look for existing StripeEvent record
existing = await session.execute(
select(StripeEvent).where(StripeEvent.event_id == event_id)
)
if existing.scalar_one_or_none() is not None:
return "already_processed"
# Mark as processing — INSERT with conflict guard
stripe_event_row = StripeEvent(event_id=event_id)
session.add(stripe_event_row)
try:
await session.flush()
except IntegrityError:
# Another process inserted this event_id concurrently
await session.rollback()
return "already_processed"
obj = event_data["data"]["object"]
customer_id: str = obj.get("customer", "")
if event_type == "checkout.session.completed":
subscription_id = obj.get("subscription", "")
if subscription_id and customer_id:
tenant = await _get_tenant_by_stripe_customer(customer_id, session)
if tenant:
# Fetch subscription details to get item ID and quota
tenant.stripe_subscription_id = subscription_id
tenant.subscription_status = "trialing"
elif event_type == "customer.subscription.updated":
tenant = await _get_tenant_by_stripe_customer(customer_id, session)
if tenant:
new_status: str = obj.get("status", "active")
items = obj.get("items", {}).get("data", [])
quantity = items[0]["quantity"] if items else 0
sub_item_id = items[0]["id"] if items else None
tenant.subscription_status = new_status
tenant.agent_quota = quantity
tenant.stripe_subscription_id = obj.get("id", tenant.stripe_subscription_id)
if sub_item_id:
tenant.stripe_subscription_item_id = sub_item_id
trial_end = obj.get("trial_end")
if trial_end:
from datetime import datetime, timezone
tenant.trial_ends_at = datetime.fromtimestamp(trial_end, tz=timezone.utc)
elif event_type == "customer.subscription.deleted":
tenant = await _get_tenant_by_stripe_customer(customer_id, session)
if tenant:
tenant.subscription_status = "canceled"
tenant.agent_quota = 0
await _deactivate_all_agents(session, tenant.id)
elif event_type == "invoice.paid":
tenant = await _get_tenant_by_stripe_customer(customer_id, session)
if tenant:
tenant.subscription_status = "active"
await _reactivate_agents(session, tenant.id)
elif event_type == "invoice.payment_failed":
tenant = await _get_tenant_by_stripe_customer(customer_id, session)
if tenant:
tenant.subscription_status = "past_due"
else:
logger.debug("Unhandled Stripe event type: %s", event_type)
await session.commit()
return "skipped"
await session.commit()
return "ok"
# ---------------------------------------------------------------------------
# Billing endpoints
# ---------------------------------------------------------------------------
@billing_router.post("/checkout", response_model=CheckoutResponse)
async def create_checkout_session(
body: CheckoutRequest,
session: AsyncSession = Depends(get_session),
) -> CheckoutResponse:
"""
Create a Stripe Checkout Session for the per-agent subscription plan.
Creates a Stripe Customer lazily if the tenant does not yet have one.
Uses 14-day trial period on first checkout.
"""
if not settings.stripe_secret_key:
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail="STRIPE_SECRET_KEY not configured",
)
tenant = await _get_tenant_or_404(body.tenant_id, session)
client = stripe.StripeClient(api_key=settings.stripe_secret_key)
# Lazy Stripe Customer creation
if not tenant.stripe_customer_id:
customer = client.customers.create(params={"name": tenant.name})
tenant.stripe_customer_id = customer.id
await session.commit()
# Create Checkout Session
checkout_session = client.checkout.sessions.create(
params={
"customer": tenant.stripe_customer_id,
"mode": "subscription",
"line_items": [
{
"price": settings.stripe_per_agent_price_id,
"quantity": body.agent_count,
}
],
"subscription_data": {"trial_period_days": 14},
"success_url": f"{settings.portal_url}/settings/billing?success=1",
"cancel_url": f"{settings.portal_url}/settings/billing?canceled=1",
}
)
return CheckoutResponse(
url=checkout_session.url or "",
session_id=checkout_session.id,
)
@billing_router.post("/portal", response_model=PortalResponse)
async def create_billing_portal_session(
body: PortalRequest,
session: AsyncSession = Depends(get_session),
) -> PortalResponse:
"""
Create a Stripe Billing Portal session for the tenant.
Returns the Stripe-hosted portal URL where the customer can manage their
subscription, update payment methods, and view invoices.
"""
if not settings.stripe_secret_key:
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail="STRIPE_SECRET_KEY not configured",
)
tenant = await _get_tenant_or_404(body.tenant_id, session)
if not tenant.stripe_customer_id:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Tenant has no Stripe customer — start a subscription first",
)
client = stripe.StripeClient(api_key=settings.stripe_secret_key)
portal_session = client.billing_portal.sessions.create(
params={
"customer": tenant.stripe_customer_id,
"return_url": f"{settings.portal_url}/settings/billing",
}
)
return PortalResponse(url=portal_session.url)
# ---------------------------------------------------------------------------
# Stripe webhook endpoint (no portal auth — separate router prefix)
# ---------------------------------------------------------------------------
@webhook_router.post("/stripe")
async def stripe_webhook(
request: Request,
session: AsyncSession = Depends(get_session),
) -> dict[str, str]:
"""
Handle incoming Stripe webhook events.
1. Read raw request body (required for HMAC signature verification)
2. Verify Stripe-Signature header with stripe.Webhook.construct_event()
3. Check idempotency via stripe_events table
4. Dispatch to handler by event type
"""
if not settings.stripe_webhook_secret:
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail="STRIPE_WEBHOOK_SECRET not configured",
)
payload = await request.body()
sig_header = request.headers.get("stripe-signature", "")
client = stripe.StripeClient(api_key=settings.stripe_secret_key)
try:
event = client.webhooks.construct_event(
payload=payload,
sig=sig_header,
secret=settings.stripe_webhook_secret,
)
except stripe.SignatureVerificationError as exc:
logger.warning("Stripe webhook signature verification failed: %s", exc)
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Invalid Stripe webhook signature",
) from exc
# Convert stripe Event to plain dict for the processor
event_data = event.to_dict()
result = await process_stripe_event(event_data, session)
return {"status": result}

482
packages/shared/shared/api/channels.py Normal file
View File

@@ -0,0 +1,482 @@
"""
Channel connection API endpoints — Slack OAuth, WhatsApp manual connect, test messaging.
Endpoints:
GET /api/portal/channels/slack/install?tenant_id={id}
→ generates HMAC-signed OAuth state, returns Slack authorize URL
GET /api/portal/channels/slack/callback?code={code}&state={state}
→ verifies state, exchanges code for bot_token, stores in channel_connections
POST /api/portal/channels/whatsapp/connect
→ validates system_user_token, encrypts it, stores in channel_connections
POST /api/portal/channels/{tenant_id}/test
→ sends a test message via the connected channel
OAuth state format (HMAC-SHA256 signed):
base64url( JSON({ tenant_id, nonce }) + "." + HMAC-SHA256(payload, secret) )
This design provides CSRF protection for the Slack OAuth callback:
- The nonce prevents replay attacks (state is single-use via constant-time comparison)
- The HMAC signature prevents forgery
- The tenant_id embedded in the state is recovered after verification
See STATE.md decision: HMAC uses hmac.new() with hmac.compare_digest for timing-safe verification.
"""
from __future__ import annotations
import base64
import hashlib
import hmac
import json
import secrets
import uuid
from typing import Any
import httpx
from fastapi import APIRouter, Depends, HTTPException, Query, status
from pydantic import BaseModel
from sqlalchemy import select, text
from sqlalchemy.ext.asyncio import AsyncSession
from shared.config import settings
from shared.crypto import KeyEncryptionService
from shared.db import get_session
from shared.models.tenant import ChannelConnection, ChannelTypeEnum, Tenant
channels_router = APIRouter(prefix="/api/portal/channels", tags=["channels"])
# Slack scopes required for AI employee functionality
_SLACK_SCOPES = ",".join([
"app_mentions:read",
"channels:read",
"channels:history",
"chat:write",
"im:read",
"im:write",
"im:history",
])
# ---------------------------------------------------------------------------
# HMAC OAuth state generation / verification
# ---------------------------------------------------------------------------
def generate_oauth_state(tenant_id: str, secret: str) -> str:
"""
Generate a URL-safe, HMAC-signed OAuth state parameter.
Format:
base64url(payload_json).base64url(hmac_sig)
Where:
payload_json = {"tenant_id": tenant_id, "nonce": random_hex}
hmac_sig = HMAC-SHA256(payload_json, secret)
Returns:
A URL-safe base64-encoded string containing the signed state.
"""
nonce = secrets.token_hex(16)
payload = json.dumps({"tenant_id": tenant_id, "nonce": nonce}, separators=(",", ":"))
payload_b64 = base64.urlsafe_b64encode(payload.encode()).decode().rstrip("=")
sig = hmac.new(secret.encode(), payload.encode(), hashlib.sha256).digest()
sig_b64 = base64.urlsafe_b64encode(sig).decode().rstrip("=")
return f"{payload_b64}.{sig_b64}"
def verify_oauth_state(state: str, secret: str) -> str:
"""
Verify an HMAC-signed OAuth state and return the embedded tenant_id.
Raises:
ValueError: if the state is malformed, tampered, or the HMAC is invalid.
Returns:
The tenant_id embedded in the state payload.
"""
try:
parts = state.split(".", 1)
if len(parts) != 2:
raise ValueError("Malformed state: expected exactly one '.' separator")
payload_b64, sig_b64 = parts
# Decode payload (add padding back)
payload_bytes = base64.urlsafe_b64decode(payload_b64 + "==")
payload_str = payload_bytes.decode()
# Recompute expected HMAC
expected_sig = hmac.new(secret.encode(), payload_str.encode(), hashlib.sha256).digest()
expected_sig_b64 = base64.urlsafe_b64encode(expected_sig).decode().rstrip("=")
# Timing-safe comparison
if not hmac.compare_digest(sig_b64, expected_sig_b64):
raise ValueError("HMAC signature mismatch — state may have been tampered")
payload = json.loads(payload_str)
tenant_id: str = payload["tenant_id"]
return tenant_id
except (KeyError, ValueError, UnicodeDecodeError, json.JSONDecodeError) as exc:
raise ValueError(f"Invalid OAuth state: {exc}") from exc
# ---------------------------------------------------------------------------
# Pydantic schemas
# ---------------------------------------------------------------------------
class SlackInstallResponse(BaseModel):
url: str
state: str
class WhatsAppConnectRequest(BaseModel):
tenant_id: uuid.UUID
phone_number_id: str
waba_id: str
system_user_token: str
class WhatsAppConnectResponse(BaseModel):
id: str
tenant_id: str
channel_type: str
workspace_id: str
class TestChannelRequest(BaseModel):
channel_type: str
class TestChannelResponse(BaseModel):
success: bool
message: str
# ---------------------------------------------------------------------------
# Helpers
# ---------------------------------------------------------------------------
def _get_encryption_service() -> KeyEncryptionService:
"""Return the platform-level KeyEncryptionService from settings."""
if not settings.platform_encryption_key:
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail="PLATFORM_ENCRYPTION_KEY not configured",
)
return KeyEncryptionService(
primary_key=settings.platform_encryption_key,
previous_key=settings.platform_encryption_key_previous,
)
async def _get_tenant_or_404(tenant_id: uuid.UUID, session: AsyncSession) -> Tenant:
result = await session.execute(select(Tenant).where(Tenant.id == tenant_id))
tenant = result.scalar_one_or_none()
if tenant is None:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Tenant not found")
return tenant
# ---------------------------------------------------------------------------
# Slack OAuth endpoints
# ---------------------------------------------------------------------------
@channels_router.get("/slack/install", response_model=SlackInstallResponse)
async def slack_install(
tenant_id: uuid.UUID = Query(...),
) -> SlackInstallResponse:
"""
Generate the Slack OAuth authorization URL for installing the app.
Returns the URL the operator should redirect their browser to, plus the
opaque state token (for debugging / manual testing).
"""
if not settings.oauth_state_secret:
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail="OAUTH_STATE_SECRET not configured",
)
state = generate_oauth_state(tenant_id=str(tenant_id), secret=settings.oauth_state_secret)
url = (
f"https://slack.com/oauth/v2/authorize"
f"?client_id={settings.slack_client_id}"
f"&scope={_SLACK_SCOPES}"
f"&redirect_uri={settings.slack_oauth_redirect_uri}"
f"&state={state}"
)
return SlackInstallResponse(url=url, state=state)
@channels_router.get("/slack/callback")
async def slack_callback(
code: str = Query(...),
state: str = Query(...),
session: AsyncSession = Depends(get_session),
) -> dict[str, Any]:
"""
Handle the Slack OAuth callback.
1. Verify HMAC state (CSRF protection)
2. Exchange code for bot_token via Slack API
3. Encrypt bot_token and store in channel_connections
"""
if not settings.oauth_state_secret:
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail="OAUTH_STATE_SECRET not configured",
)
# Verify state (raises ValueError on tampering)
try:
tenant_id_str = verify_oauth_state(state=state, secret=settings.oauth_state_secret)
tenant_id = uuid.UUID(tenant_id_str)
except (ValueError, Exception) as exc:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=f"Invalid OAuth state: {exc}",
) from exc
await _get_tenant_or_404(tenant_id, session)
# Exchange code for tokens via Slack API
async with httpx.AsyncClient(timeout=30.0) as client:
response = await client.post(
"https://slack.com/api/oauth.v2.access",
data={
"code": code,
"client_id": settings.slack_client_id,
"client_secret": settings.slack_client_secret,
"redirect_uri": settings.slack_oauth_redirect_uri,
},
)
if response.status_code != 200:
raise HTTPException(
status_code=status.HTTP_502_BAD_GATEWAY,
detail="Slack API returned an error during token exchange",
)
slack_data = response.json()
if not slack_data.get("ok"):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=f"Slack OAuth error: {slack_data.get('error', 'unknown')}",
)
bot_token: str = slack_data["access_token"]
workspace_id: str = slack_data["team"]["id"]
team_name: str = slack_data["team"]["name"]
bot_user_id: str = slack_data.get("bot_user_id", "")
# Encrypt bot_token before storage
enc_svc = _get_encryption_service()
encrypted_token = enc_svc.encrypt(bot_token)
# Check for existing connection
existing = await session.execute(
select(ChannelConnection).where(
ChannelConnection.channel_type == ChannelTypeEnum.SLACK,
ChannelConnection.workspace_id == workspace_id,
)
)
conn = existing.scalar_one_or_none()
if conn is None:
conn = ChannelConnection(
tenant_id=tenant_id,
channel_type=ChannelTypeEnum.SLACK,
workspace_id=workspace_id,
config={
"bot_token": encrypted_token,
"bot_user_id": bot_user_id,
"team_name": team_name,
},
)
session.add(conn)
else:
conn.config = {
"bot_token": encrypted_token,
"bot_user_id": bot_user_id,
"team_name": team_name,
}
await session.commit()
return {
"ok": True,
"workspace_id": workspace_id,
"team_name": team_name,
"tenant_id": str(tenant_id),
}
# ---------------------------------------------------------------------------
# WhatsApp manual connect endpoint
# ---------------------------------------------------------------------------
@channels_router.post("/whatsapp/connect", response_model=WhatsAppConnectResponse, status_code=status.HTTP_201_CREATED)
async def whatsapp_connect(
body: WhatsAppConnectRequest,
session: AsyncSession = Depends(get_session),
) -> WhatsAppConnectResponse:
"""
Manually connect a WhatsApp Business phone number to a tenant.
Validates the system_user_token by calling the Meta Graph API, then
encrypts and stores the token in channel_connections.
"""
await _get_tenant_or_404(body.tenant_id, session)
# Validate token by calling Meta Graph API
async with httpx.AsyncClient(timeout=30.0) as client:
response = await client.get(
f"https://graph.facebook.com/v22.0/{body.phone_number_id}",
headers={"Authorization": f"Bearer {body.system_user_token}"},
)
if response.status_code != 200:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=f"Meta Graph API validation failed: {response.status_code}",
)
# Encrypt token before storage
enc_svc = _get_encryption_service()
encrypted_token = enc_svc.encrypt(body.system_user_token)
# Check for existing connection
existing = await session.execute(
select(ChannelConnection).where(
ChannelConnection.channel_type == ChannelTypeEnum.WHATSAPP,
ChannelConnection.workspace_id == body.phone_number_id,
)
)
conn = existing.scalar_one_or_none()
if conn is None:
conn = ChannelConnection(
tenant_id=body.tenant_id,
channel_type=ChannelTypeEnum.WHATSAPP,
workspace_id=body.phone_number_id,
config={
"system_user_token": encrypted_token,
"waba_id": body.waba_id,
"phone_number_id": body.phone_number_id,
},
)
session.add(conn)
else:
conn.config = {
"system_user_token": encrypted_token,
"waba_id": body.waba_id,
"phone_number_id": body.phone_number_id,
}
await session.commit()
await session.refresh(conn)
return WhatsAppConnectResponse(
id=str(conn.id),
tenant_id=str(conn.tenant_id),
channel_type=conn.channel_type.value,
workspace_id=conn.workspace_id,
)
# ---------------------------------------------------------------------------
# Test channel endpoint
# ---------------------------------------------------------------------------
@channels_router.post("/{tenant_id}/test", response_model=TestChannelResponse)
async def test_channel_connection(
tenant_id: uuid.UUID,
body: TestChannelRequest,
session: AsyncSession = Depends(get_session),
) -> TestChannelResponse:
"""
Send a test message via the connected channel to verify the integration.
Loads the ChannelConnection for the tenant, decrypts the bot token,
and sends "Konstruct connected successfully" via the appropriate SDK.
"""
await _get_tenant_or_404(tenant_id, session)
# Resolve channel type
try:
channel_type = ChannelTypeEnum(body.channel_type)
except ValueError:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=f"Unsupported channel type: {body.channel_type}",
)
# Load channel connection
result = await session.execute(
select(ChannelConnection).where(
ChannelConnection.tenant_id == tenant_id,
ChannelConnection.channel_type == channel_type,
)
)
conn = result.scalar_one_or_none()
if conn is None:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail=f"No {body.channel_type} connection found for this tenant",
)
enc_svc = _get_encryption_service()
if channel_type == ChannelTypeEnum.SLACK:
encrypted_token = conn.config.get("bot_token", "")
if not encrypted_token:
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail="Slack bot token not found in connection config",
)
bot_token = enc_svc.decrypt(encrypted_token)
# Send test message via Slack Web API
async with httpx.AsyncClient(timeout=30.0) as client:
response = await client.post(
"https://slack.com/api/chat.postMessage",
headers={
"Authorization": f"Bearer {bot_token}",
"Content-Type": "application/json",
},
json={
"channel": conn.config.get("bot_user_id", ""),
"text": "Konstruct connected successfully",
},
)
if response.status_code == 200 and response.json().get("ok"):
return TestChannelResponse(success=True, message="Test message sent successfully")
else:
error = response.json().get("error", "unknown") if response.status_code == 200 else str(response.status_code)
return TestChannelResponse(success=False, message=f"Slack API error: {error}")
elif channel_type == ChannelTypeEnum.WHATSAPP:
encrypted_token = conn.config.get("system_user_token", "")
phone_number_id = conn.config.get("phone_number_id", conn.workspace_id)
if not encrypted_token:
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail="WhatsApp system user token not found in connection config",
)
# For WhatsApp, we can't easily send a "test" message without a recipient.
# Return success if the connection config is valid.
return TestChannelResponse(
success=True,
message=f"WhatsApp connection validated for phone number ID {phone_number_id}",
)
else:
return TestChannelResponse(
success=False,
message=f"Test messages not yet supported for {body.channel_type}",
)

58
packages/shared/shared/api/usage.py
View File

@@ -30,6 +30,64 @@ from shared.models.tenant import Agent, Tenant
usage_router = APIRouter(prefix="/api/portal/usage", tags=["usage"])
# ---------------------------------------------------------------------------
# In-memory aggregation helpers (used by tests for unit coverage without DB)
# ---------------------------------------------------------------------------
def _aggregate_rows_by_agent(rows: list[dict]) -> list[dict]:
"""
Aggregate a list of raw audit event row dicts by agent_id.
Each row dict must have: agent_id, prompt_tokens, completion_tokens,
total_tokens, cost_usd.
Returns a list of dicts with keys: agent_id, prompt_tokens,
completion_tokens, total_tokens, cost_usd, call_count.
"""
aggregated: dict[str, dict] = {}
for row in rows:
agent_id = str(row["agent_id"])
if agent_id not in aggregated:
aggregated[agent_id] = {
"agent_id": agent_id,
"prompt_tokens": 0,
"completion_tokens": 0,
"total_tokens": 0,
"cost_usd": 0.0,
"call_count": 0,
}
agg = aggregated[agent_id]
agg["prompt_tokens"] += int(row.get("prompt_tokens", 0))
agg["completion_tokens"] += int(row.get("completion_tokens", 0))
agg["total_tokens"] += int(row.get("total_tokens", 0))
agg["cost_usd"] += float(row.get("cost_usd", 0.0))
agg["call_count"] += 1
return list(aggregated.values())
def _aggregate_rows_by_provider(rows: list[dict]) -> list[dict]:
"""
Aggregate a list of raw audit event row dicts by provider.
Each row dict must have: provider, cost_usd.
Returns a list of dicts with keys: provider, cost_usd, call_count.
"""
aggregated: dict[str, dict] = {}
for row in rows:
provider = str(row.get("provider", "unknown"))
if provider not in aggregated:
aggregated[provider] = {
"provider": provider,
"cost_usd": 0.0,
"call_count": 0,
}
agg = aggregated[provider]
agg["cost_usd"] += float(row.get("cost_usd", 0.0))
agg["call_count"] += 1
return list(aggregated.values())
# ---------------------------------------------------------------------------
# Budget threshold helper (also used by tests directly)
# ---------------------------------------------------------------------------

6
packages/shared/shared/models/audit.py
View File

@@ -82,7 +82,11 @@ class AuditEvent(AuditBase):
nullable=True,
comment="Duration of the operation in milliseconds",
)
metadata: Mapped[dict[str, Any]] = mapped_column(
# NOTE: 'metadata' is reserved by SQLAlchemy's DeclarativeBase — the Python
# attribute is named 'event_metadata' but maps to the 'metadata' DB column.
# The AuditLogger uses raw SQL text() so this ORM attribute is for read queries only.
event_metadata: Mapped[dict[str, Any]] = mapped_column(
"metadata",
JSONB,
nullable=False,
server_default="{}",