github/mem0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
HuaqingXu
2026-03-06 21:11:10 +08:00
commit 927b8a6cac
144 changed files with 26301 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

167
utils/gcp_auth.py Normal file
View File

@@ -0,0 +1,167 @@
import os
import json
from typing import Optional, Dict, Any
try:
from google.oauth2 import service_account
from google.auth import default
import google.auth.credentials
except ImportError:
raise ImportError("google-auth is required for GCP authentication. Install with: pip install google-auth")
class GCPAuthenticator:
"""
Centralized GCP authentication handler that supports multiple credential methods.
Priority order:
1. service_account_json (dict) - In-memory service account credentials
2. credentials_path (str) - Path to service account JSON file
3. Environment variables (GOOGLE_APPLICATION_CREDENTIALS)
4. Default credentials (for environments like GCE, Cloud Run, etc.)
"""
@staticmethod
def get_credentials(
service_account_json: Optional[Dict[str, Any]] = None,
credentials_path: Optional[str] = None,
scopes: Optional[list] = None
) -> tuple[google.auth.credentials.Credentials, Optional[str]]:
"""
Get Google credentials using the priority order defined above.
Args:
service_account_json: Service account credentials as a dictionary
credentials_path: Path to service account JSON file
scopes: List of OAuth scopes (optional)
Returns:
tuple: (credentials, project_id)
Raises:
ValueError: If no valid credentials are found
"""
credentials = None
project_id = None
# Method 1: Service account JSON (in-memory)
if service_account_json:
credentials = service_account.Credentials.from_service_account_info(
service_account_json, scopes=scopes
)
project_id = service_account_json.get("project_id")
# Method 2: Service account file path
elif credentials_path and os.path.isfile(credentials_path):
credentials = service_account.Credentials.from_service_account_file(
credentials_path, scopes=scopes
)
# Extract project_id from the file
with open(credentials_path, 'r') as f:
cred_data = json.load(f)
project_id = cred_data.get("project_id")
# Method 3: Environment variable path
elif os.getenv("GOOGLE_APPLICATION_CREDENTIALS"):
env_path = os.getenv("GOOGLE_APPLICATION_CREDENTIALS")
if os.path.isfile(env_path):
credentials = service_account.Credentials.from_service_account_file(
env_path, scopes=scopes
)
# Extract project_id from the file
with open(env_path, 'r') as f:
cred_data = json.load(f)
project_id = cred_data.get("project_id")
# Method 4: Default credentials (GCE, Cloud Run, etc.)
if not credentials:
try:
credentials, project_id = default(scopes=scopes)
except Exception as e:
raise ValueError(
f"No valid GCP credentials found. Please provide one of:\n"
f"1. service_account_json parameter (dict)\n"
f"2. credentials_path parameter (file path)\n"
f"3. GOOGLE_APPLICATION_CREDENTIALS environment variable\n"
f"4. Default credentials (if running on GCP)\n"
f"Error: {e}"
)
return credentials, project_id
@staticmethod
def setup_vertex_ai(
service_account_json: Optional[Dict[str, Any]] = None,
credentials_path: Optional[str] = None,
project_id: Optional[str] = None,
location: str = "us-central1"
) -> str:
"""
Initialize Vertex AI with proper authentication.
Args:
service_account_json: Service account credentials as dict
credentials_path: Path to service account JSON file
project_id: GCP project ID (optional, will be auto-detected)
location: GCP location/region
Returns:
str: The project ID being used
Raises:
ValueError: If authentication fails
"""
try:
import vertexai
except ImportError:
raise ImportError("google-cloud-aiplatform is required for Vertex AI. Install with: pip install google-cloud-aiplatform")
credentials, detected_project_id = GCPAuthenticator.get_credentials(
service_account_json=service_account_json,
credentials_path=credentials_path,
scopes=["https://www.googleapis.com/auth/cloud-platform"]
)
# Use provided project_id or fall back to detected one
final_project_id = project_id or detected_project_id or os.getenv("GOOGLE_CLOUD_PROJECT")
if not final_project_id:
raise ValueError("Project ID could not be determined. Please provide project_id parameter or set GOOGLE_CLOUD_PROJECT environment variable.")
vertexai.init(project=final_project_id, location=location, credentials=credentials)
return final_project_id
@staticmethod
def get_genai_client(
service_account_json: Optional[Dict[str, Any]] = None,
credentials_path: Optional[str] = None,
api_key: Optional[str] = None
):
"""
Get a Google GenAI client with authentication.
Args:
service_account_json: Service account credentials as dict
credentials_path: Path to service account JSON file
api_key: API key (takes precedence over service account)
Returns:
Google GenAI client instance
"""
try:
from google.genai import Client as GenAIClient
except ImportError:
raise ImportError("google-genai is required. Install with: pip install google-genai")
# If API key is provided, use it directly
if api_key:
return GenAIClient(api_key=api_key)
# Otherwise, try service account authentication
credentials, _ = GCPAuthenticator.get_credentials(
service_account_json=service_account_json,
credentials_path=credentials_path,
scopes=["https://www.googleapis.com/auth/generative-language"]
)
return GenAIClient(credentials=credentials)