Added ADK Authentication Sample #2960
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary of Changes
Hello @nikhilpurwant, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
This pull request delivers a self-contained and fully functional authentication sample for the ADK, aimed at simplifying the understanding and testing of secure agent interactions. It bundles a local Identity Provider, a sample backend application, and an ADK agent, all configured to demonstrate the OAuth 2.0 Authorization Code Grant flow. This setup provides developers with a complete environment to experiment with ADK's authentication capabilities without relying on external services.
Highlights
- New ADK Authentication Sample: Introduced a comprehensive, all-in-one authentication sample for the Agent Development Kit (ADK), demonstrating the OAuth 2.0 Authorization Code Grant type.
- Integrated Components: The sample includes a local Identity Provider (IDP), a hotel booking application backend, and an ADK agent that interacts with the application using OpenAPI Tools, all designed to run locally.
- Detailed Documentation: Extensive documentation is provided in the
README.mdfile, covering setup steps, the authentication flow, and instructions for running each component. - OAuth 2.0 Authorization Code Grant: The sample specifically showcases the OAuth 2.0 Authorization Code Grant type, illustrating how an ADK agent can securely access protected resources.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in pull request comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
|
Response from ADK Triaging Agent Hello @nikhilpurwant, thank you for creating this PR! To help us review this contribution, could you please address the following points from our contribution guidelines:
This information will help reviewers to review your PR more efficiently. Thanks! |
adk-bot
added
bot triaged
There was a problem hiding this comment.
Code Review
This pull request adds a comprehensive all-in-one authentication sample for ADK, which is a great addition. The sample is well-structured and includes an IDP, a backend application, and an ADK agent, along with detailed documentation. My review focuses on improving security practices, error handling, and documentation clarity to make the sample more robust and easier for developers to use. I've identified a few areas for improvement, including a security vulnerability in token validation, unclear setup instructions, and some code that could be cleaner or more robust.
contributing/samples/authn-adk-all-in-one/hotel_booker_app/main.py
Outdated
Show resolved
Hide resolved
contributing/samples/authn-adk-all-in-one/idp/templates/login.html
Outdated
Show resolved
Hide resolved
contributing/samples/authn-adk-all-in-one/adk_agents/agent_openapi_tools/agent.py
Outdated
Show resolved
Hide resolved
contributing/samples/authn-adk-all-in-one/hotel_booker_app/hotelbooker_core.py
Outdated
Show resolved
Hide resolved
|
please run ./autoformat.sh to solve the format error |
Done. |
seanzhou1023
added
the
ready to pull
Merge #2960 1. All in one authentication sample (has an IDP, Agent and the application) under `contributing/samples/authn-adk-all-in-one/` 2. Documented for all the steps. 3. OAuth 2.0 Authorization Code Grant type used by the agent. COPYBARA_INTEGRATE_REVIEW=#2960 from nikhilpurwant:main dfcc821 PiperOrigin-RevId: 808672120
contributing/samples/authn-adk-all-in-one/