Skip to content

feat(toolbox-langchain): Support per-invocation auth via RunnableConfig #291

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: anubhav-state-li
Choose a base branch
from
Open

feat(toolbox-langchain): Support per-invocation auth via RunnableConfig #291

wants to merge 2 commits into from

Conversation

anubhav756
Copy link
Contributor

@anubhav756 anubhav756 commented Jun 19, 2025
edited
Loading

Summary

This PR introduces a major enhancement to the toolbox-langchain package by adding support for dynamic, per-invocation authentication. This is achieved by reading auth_token_getters from LangChain's standard RunnableConfig, enabling ToolboxTool to be used safely and effectively in multi-user environments like LangGraph.

Motivation

Currently, authentication tokens can only be provided to a ToolboxTool at initialization time, either via ToolboxClient.load_tool/load_toolset or by calling tool.add_auth_token_getters() on the tool instance. This static binding of credentials poses a significant challenge in modern agentic frameworks like LangGraph.

Challenge

In LangGraph, a single graph containing tool instances is often created once and then shared across multiple users and requests. It is insecure and impractical to configure these shared tool instances with any single user's credentials. The required credentials must be provided dynamically, on a per-request basis.

Proposed Solution

This PR solves this problem by introducing a third, invocation-time method for providing auth. It leverages LangChain's idiomatic RunnableConfig as the vehicle for passing request-specific authentication, making toolbox-langchain fully compatible with multi-tenant and shared-use patterns.

Description of Changes

The core of this change lies in how the ToolboxTool handles an invocation:

  • The tool's invocation method (_arun/_run) is updated to accept the config: RunnableConfig argument, which is standard in the LangChain.
  • The tool inspects the config for a specific key: config["configurable"]["auth_token_getters"].
  • If auth_token_getters are found in the config, the tool:
    a. Introspects its own authentication and authorization requirements (using the properties exposed in fix(toolbox-core): Expose authorization token requirements on ToolboxTool #294).
    b. Creates a temporary, in-memory copy of the underlying proxied ToolboxTool. This is critical, as it ensures the original shared tool instance is never mutated.
  • The auth_token_getters from the config are applied to this new, temporary copy of the tool using its add_auth_token_getters method.
  • The actual tool execution is performed using this temporary, request-specific authenticated tool instance.

This mechanism provides a thread-safe and secure way to handle user-specific credentials without affecting the shared state of the primary tool in the graph.

Usage Example

from langchain_core.runnables import RunnableConfig

# Define the per-invocation configuration with the user's token getter
config = RunnableConfig(
    configurable={
        "auth_token_getters": {
            "my-google-auth": lambda: "<TOKEN>"
        }
    }
)

...

result = await agent_executor.ainvoke(
    {"input": "Search for rows by my user ID"},
    config=config
)

@anubhav756 anubhav756 self-assigned this Jun 19, 2025
@anubhav756 anubhav756 force-pushed the anubhav-self-auth-tools branch from 931c9fc to 93fd46d Compare June 19, 2025 13:53
@anubhav756 anubhav756 mentioned this pull request Jun 19, 2025
Open
@anubhav756 anubhav756 force-pushed the anubhav-self-auth-tools branch from 93fd46d to 336b8d5 Compare June 19, 2025 14:11
@anubhav756
Copy link
Contributor Author

/gcbrun

@anubhav756 anubhav756 force-pushed the anubhav-self-auth-tools branch from 336b8d5 to 0f50eb0 Compare June 19, 2025 14:32
@anubhav756 anubhav756 marked this pull request as ready for review June 19, 2025 14:43
@anubhav756 anubhav756 requested a review from a team as a code owner June 19, 2025 14:43
@anubhav756 anubhav756 changed the title feat(toolbox-langchain): Implement self-authenticated tools feat(toolbox-langchain): Support per-invocation auth via RunnableConfig Jun 19, 2025
This was referenced Jun 19, 2025
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kurtisvg kurtisvg Awaiting requested review from kurtisvg

@twishabansal twishabansal Awaiting requested review from twishabansal

Assignees

@anubhav756 anubhav756

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@anubhav756