Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update tools integration feedback #2

Merged
merged 16 commits into from
Feb 16, 2025
Merged

update tools integration feedback #2

merged 16 commits into from
Feb 16, 2025

Conversation

Taofiqq
Copy link
Collaborator

@Taofiqq Taofiqq commented Feb 11, 2025
edited
Loading

Tools Integration Feedback Updates

This PR introduces several improvements to the Permit.io integration for LangChain, focusing on enhanced authorization and authentication capabilities.

Key Changes

JWT Validation Tool Improvements

  1. Added support for multiple JWKS input methods
  • URL-based JWKS retrieval
  • Direct JSON JWKS input
  1. Flexible configuration options
  2. Improved error handling and validation

Permissions Check Tool Enhancements

  1. Renamed input model to LangchainPermissionsCheckToolInput for clarity
  2. Added support for ABAC (Attribute-Based Access Control) and ReBAC (Relationship-Based Access Control)
  3. Extended input schema to include:
  • attributes: Optional dictionary for fine-grained attribute checks
  • context: Optional dictionary for additional access control conditions

Configuration Improvements

  1. Added support for PDP (Policy Decision Point) URL configuration
  • Can be set via environment variable
  • Configurable during tool initialization
  1. Improved flexibility in tool configuration

New Features

  • Comprehensive JWT validation with multiple input methods
  • Support for complex permission checking scenarios
  • Enhanced flexibility in authorization checks

Test Coverage

  • Updated integration tests for JWT validation tool
  • Added tests for attribute and context-based permission checks
  • Maintained existing test suite compatibility

Recommended Setup

# JWT Validation
jwt_tool = LangchainJWTValidationTool(
    jwks_url="https://your-jwks-endpoint.com",
    # or
    jwks_json={"keys": [...]}
)

# Permissions Check
permissions_tool = LangchainPermissionsCheckTool(
    pdp_url="https://custom-pdp-url.com"
)

# Advanced Permission Check
result = permissions_tool.run(
    user="user123",
    action="read",
    resource="document",
    attributes={
        "department": "engineering",
        "sensitivity": "confidential"
    },
    context={
        "location": "office",
        "time_of_day": "business_hours"
    }
)

@Taofiqq Taofiqq requested a review from gemanor February 11, 2025 21:05
gemanor
gemanor reviewed Feb 12, 2025
View reviewed changes
Taofiqq
Taofiqq commented Feb 14, 2025
View reviewed changes
langchain_permit/retrievers.py
]

except Exception as e:
raise RuntimeError(f"Permission filtering failed: {str(e)}")

async def _aget_relevant_documents(
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@gemanor Is this what you are asking about for the question

Why haven’t you implemented the _get_relevant_documents in the SelfQueryRetriever? Isn’t it needde there?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this is what I meant :)

gemanor
gemanor reviewed Feb 16, 2025
View reviewed changes
@gemanor gemanor merged commit a983eba into master Feb 16, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gemanor gemanor gemanor left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Taofiqq @gemanor