### Overview Major restructuring from monolithic `arcade-ai` package to modular library architecture with standardized uv-based dependency management.  ### New Package Structure - **`arcade-tdk`** - Lightweight toolkit development kit (core decorators, auth) - **`arcade-core`** - Core execution engine and catalog functionality - **`arcade-serve`** - FastAPI/MCP server components - **`arcade-ai`** - Meta package that includes CLI functionality. Optionally include evals via the `evals` extra. Optionally include all packages via the `all` extra. ### Key Benefits - **Lighter Dependencies**: Toolkits now depend only on `arcade-tdk` (~2 deps) vs full `arcade-ai` (~30+ deps) - **Faster Builds**: uv provides 10-100x faster dependency resolution and installation - **Better Modularity**: Clear separation of concerns, consumers import only what they need - **Standard Tooling**: Eliminates custom poetry scripts, uses standard Python packaging ### Migration Impact - All 20 toolkits converted from poetry → uv with `arcade-tdk` dependencies plus `arcade-ai[evals]` and `arcade-serve` dev dependencies. When developing locally, devs should install toolkits via `make install-local`. - Modern Python 3.10+ type hints throughout - Standardized build system with hatchling backend - Enhanced Makefile with robust toolkit management commands - Removed `arcade dev` CLI command - Reduce the number of files created by `arcade new` and add an option to not generate a tests and evals folder. This foundation enables faster development cycles and cleaner dependency chains for the growing toolkit ecosystem. ### Todo After this PR is merged - [ ] Post-merge workflow(s) (release & publish containers, etc) - [ ] Release order plan. @EricGustin suggests releasing in the following order: 1. `arcade-core` version 0.1.0 2. `arcade-serve` version 0.1.0 and `arcade-tdk` version 0.1.0 3. `arcade-ai` version 2.0.0 4. Patch release for all toolkits (all changes in toolkits are internal refactors) - [ ] [Update docs](https://github.com/ArcadeAI/docs/pull/318) --------- Co-authored-by: Eric Gustin <eric@arcade.dev> Co-authored-by: Eric Gustin <34000337+EricGustin@users.noreply.github.com>
45 lines
1.2 KiB
Python
45 lines
1.2 KiB
Python
import logging
|
|
from dataclasses import dataclass
|
|
from enum import Enum
|
|
|
|
import jwt
|
|
|
|
SUPPORTED_TOKEN_VER = "1" # noqa: S105 Possible hardcoded password assigned (false positive)
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
@dataclass
|
|
class TokenValidationResult:
|
|
valid: bool
|
|
error: str | None = None
|
|
|
|
|
|
class SigningAlgorithm(str, Enum):
|
|
HS256 = "HS256"
|
|
|
|
|
|
def validate_engine_token(worker_secret: str, token: str) -> TokenValidationResult:
|
|
try:
|
|
payload = jwt.decode(
|
|
token,
|
|
worker_secret,
|
|
algorithms=[SigningAlgorithm.HS256],
|
|
verify=True,
|
|
audience="worker",
|
|
)
|
|
except jwt.InvalidSignatureError as e:
|
|
logger.warning(
|
|
"Invalid signature. Is the Arcade Engine configured with the Worker secret '%s'?",
|
|
worker_secret,
|
|
)
|
|
return TokenValidationResult(valid=False, error=str(e))
|
|
|
|
except jwt.InvalidTokenError as e:
|
|
return TokenValidationResult(valid=False, error=str(e))
|
|
|
|
token_ver = payload.get("ver")
|
|
if token_ver != SUPPORTED_TOKEN_VER:
|
|
return TokenValidationResult(valid=False, error=f"Unsupported token version: {token_ver}")
|
|
|
|
return TokenValidationResult(valid=True)
|