Skip to content

Add comprehensive endpoint scanning and capabilities API system #75

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
phrocker merged 8 commits into from
Jul 7, 2025
Merged

Add comprehensive endpoint scanning and capabilities API system #75

phrocker merged 8 commits into from
Jul 7, 2025

Conversation

Copy link
Contributor

Copilot AI commented Jul 6, 2025
edited
Loading

This PR implements a unified endpoint discovery system that scans and exposes all REST API endpoints and AI agent Verb methods across the Sentrius platform, enabling dynamic capability discovery for AI agents and Python clients.

Overview

The system provides a centralized way to discover what operations are available across all sub-projects, extracting descriptions, parameters, access limitations, and metadata from both:

  • REST endpoints from Spring controllers with @LimitAccess annotations
  • Verb methods from AI agent classes with @Verb annotations

Key Components

Data Models (core/src/main/java/io/sentrius/sso/core/dto/capabilities/)

  • EndpointDescriptor - Unified descriptor for both REST and Verb endpoints
  • ParameterDescriptor - Parameter information with types and sources
  • AccessLimitations - Extracted @LimitAccess annotation data

Endpoint Scanning Service

  • EndpointScanningService - Scans classpath for both controller methods and verb methods
  • Extracts HTTP methods, paths, parameters, access control information
  • Provides caching and refresh capabilities for performance

REST API (/api/v1/capabilities/)

  • GET /endpoints - All endpoints with optional filtering by type/auth requirements
  • GET /rest - REST endpoints only
  • GET /verbs - AI agent verb methods only
  • GET /refresh - Force cache refresh (requires admin access)

VerbRegistry Integration

Enhanced existing VerbRegistry with new methods:

  • getVerbDescriptors() - Get endpoint descriptors for all verbs
  • getAiCallableVerbDescriptors() - Get only AI-callable verb descriptors

Example Usage

For AI Agents

curl -H "Authorization: Bearer <token>" \
  "/api/v1/capabilities/verbs"

For Python Agents

response = requests.get("/api/v1/capabilities/endpoints")
capabilities = response.json()
for cap in capabilities:
    print(f"{cap['type']}: {cap['name']} - {cap['description']}")

Response Format

[
  {
    "name": "listusers",
    "description": "Returns list of users", 
    "type": "REST",
    "httpMethod": "GET",
    "path": "/api/v1/users/list",
    "accessLimitations": {
      "hasLimitAccess": true,
      "userAccess": ["CAN_VIEW_USERS"]
    }
  },
  {
    "name": "assess_ztat_requests",
    "description": "Analyzes ztats requests by prompting the LLM",
    "type": "VERB",
    "requiresTokenManagement": true,
    "metadata": {
      "isAiCallable": true
    }
  }
]

Features

  • Unified Discovery: Single API to discover both REST endpoints and AI verbs
  • Rich Metadata: Extracts descriptions, parameters, access requirements, HTTP methods
  • Security Aware: Properly handles and exposes @LimitAccess restrictions
  • Performance Optimized: Caching with manual refresh capability
  • Filterable: Support for filtering by type, authentication requirements
  • Extensible: Easy to extend for additional endpoint types or metadata

Testing

  • Unit tests for core scanning functionality
  • Integration tests for full Spring context scanning
  • Comprehensive documentation with usage examples

This enables the dynamic population of Verb annotations and makes capabilities available to Python agents as requested in the issue requirements.

Fixes #74.

Warning

Firewall rules blocked me from connecting to one or more addresses

I tried to connect to the following addresses, but was blocked by firewall rules:

  • repository.jboss.org
    • Triggering command: /usr/lib/jvm/temurin-17-jdk-amd64/bin/java --enable-native-access=ALL-UNNAMED -classpath /usr/share/apache-maven-3.9.10/boot/plexus-classworlds-2.9.0.jar -Dclassworlds.conf=/usr/share/apache-maven-3.9.10/bin/m2.conf -Dmaven.home=/usr/share/apache-maven-3.9.10 -Dlibrary.jansi.path=/usr/share/apache-maven-3.9.10/lib/jansi-native -Dmaven.multiModuleProjectDirectory=/home/REDACTED/work/Sentrius/Sentrius org.codehaus.plexus.classworlds.launcher.Launcher clean compile -DskipTests (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI changed the title [WIP] Add descriptors from all endpoints Add comprehensive endpoint scanning and capabilities API system Jul 6, 2025
Copilot AI requested a review from phrocker July 6, 2025 16:00
Copilot AI and others added 6 commits July 6, 2025 16:17
@phrocker phrocker marked this pull request as ready for review July 7, 2025 00:59
@phrocker phrocker merged commit a83ea7e into main Jul 7, 2025
7 checks passed
@phrocker phrocker deleted the copilot/fix-74 branch July 31, 2025 13:54
phrocker added a commit that referenced this pull request Nov 27, 2025
@phrocker
Add trust evaluation and scoring system for agents and users with ATP…
f1e4cde 
…L integration (#75)

* Initial plan

* Add trust evaluation backend infrastructure

- Created AgentTrustScoreHistory entity for storing trust scores
- Created AgentTrustScoreHistoryRepository for data access
- Created AgentTrustScoreService for managing trust scores
- Created TrustEvaluationService in analytics agent for scheduled evaluations
- Created TrustScoreApiController for REST API endpoints
- Created TrustScoreViewController for UI rendering
- Made TrustScoreCalculator public for analytics module access
- All builds and tests passing

Co-authored-by: phrocker <1781585+phrocker@users.noreply.github.com>

* Add trust scores UI pages and navigation

- Created trust_scores.html for viewing all agent trust scores
- Created agent_trust_score.html for detailed agent trust score history
- Added navigation link to sidebar for Trust Scores page
- Created unit tests for AgentTrustScoreService
- All tests passing, full build successful

Co-authored-by: phrocker <1781585+phrocker@users.noreply.github.com>

* Enhanced behavior evaluation and added comprehensive documentation

- Improved AgentContext.evaluateBehavior() with granular scoring based on prior runs and incidents
- Added TRUST_EVALUATION.md with complete system documentation
- Documented architecture, API endpoints, configuration, and usage examples
- Included troubleshooting guide and future enhancement ideas
- All builds passing

Co-authored-by: phrocker <1781585+phrocker@users.noreply.github.com>

* Extend trust evaluation to include human users

- Modified TrustEvaluationService to evaluate both agents and human users
- Added SessionLogRepository to track human user session activity
- Created buildHumanUserContext() to evaluate users based on session history
- Renamed evaluateAllAgents() to evaluateAllAgentsAndUsers()
- Added evaluateEntity() method that handles both USER and NON_PERSON_ENTITY types
- Updated UI labels from "Agent Trust Scores" to "Trust Scores - Agents & Users"
- Updated documentation to reflect support for human users
- Human users are evaluated based on session activity (prior sessions vs prior runs)
- All builds and tests passing

Co-authored-by: phrocker <1781585+phrocker@users.noreply.github.com>

* Add database migration for agent_trust_score_history table

- Created V34__create_agent_trust_score_history.sql Flyway migration
- Defines table schema with all required columns (id, agent_id, trust_score, component scores, etc.)
- Creates indexes for optimal query performance on agent_id, timestamp, and evaluation_result
- Fixes PostgreSQL error: "relation agent_trust_score_history does not exist"
- Migration will run automatically on application startup

Co-authored-by: phrocker <1781585+phrocker@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: phrocker <1781585+phrocker@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@phrocker phrocker Awaiting requested review from phrocker

Assignees

@phrocker phrocker

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add descriptors from all endpoints

2 participants

@phrocker