Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 43 additions & 1 deletion a2a/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -145,11 +145,53 @@ func (s *NamedSecuritySchemes) UnmarshalJSON(b []byte) error {
n++
}
if n == 0 {
// No discriminator found — this may be a raw scheme object from
// a non-Go SDK (e.g., Java Jackson serialization). Unmarshal once
// into a map of fields and dispatch based on distinctive keys.
// MutualTLS is intentionally excluded — it has no distinctive
// fields and would falsely match arbitrary JSON.
var raw map[SecuritySchemeName]json.RawMessage
if err := json.Unmarshal(b, &raw); err != nil {
return fmt.Errorf("unknown security scheme for %s: %w", name, err)
}
return fmt.Errorf("unknown security scheme type for %s: %v", name, jsonKeys([]byte(raw[name])))
rawJSON := raw[name]

var fields map[string]json.RawMessage
if err := json.Unmarshal(rawJSON, &fields); err != nil {
return fmt.Errorf("unknown security scheme for %s: invalid JSON: %w", name, err)
}

var scheme SecurityScheme
switch {
case fields["flows"] != nil:
var s OAuth2SecurityScheme
if err := json.Unmarshal(rawJSON, &s); err != nil {
return fmt.Errorf("unknown security scheme for %s: %w", name, err)
}
scheme = s
case fields["location"] != nil:
var s APIKeySecurityScheme
if err := json.Unmarshal(rawJSON, &s); err != nil {
return fmt.Errorf("unknown security scheme for %s: %w", name, err)
}
scheme = s
case fields["scheme"] != nil:
var s HTTPAuthSecurityScheme
if err := json.Unmarshal(rawJSON, &s); err != nil {
return fmt.Errorf("unknown security scheme for %s: %w", name, err)
}
scheme = s
case fields["openIdConnectUrl"] != nil:
var s OpenIDConnectSecurityScheme
if err := json.Unmarshal(rawJSON, &s); err != nil {
return fmt.Errorf("unknown security scheme for %s: %w", name, err)
}
scheme = s
default:
return fmt.Errorf("unknown security scheme type for %s: %v", name, jsonKeys([]byte(rawJSON)))
}
result[name] = scheme
continue
}
if n != 1 {
return fmt.Errorf("expected exactly one security scheme type for %s, got %d", name, n)
Expand Down
110 changes: 110 additions & 0 deletions a2a/java_compat_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
// Copyright 2025 The A2A Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package a2a

import (
"encoding/json"
"testing"
)

func TestParseJavaJacksonAgentCard(t *testing.T) {
// Exact raw JSON from #347 — Java server using Jackson serialization
const javaJacksonJSON = `{
"name": "A2AT-Test-Agent",
"description": "Helps with event",
"provider": null,
"version": "1.0.0",
"documentationUrl": null,
"capabilities": {
"streaming": true,
"pushNotifications": true,
"extendedAgentCard": false,
"extensions": [
{
"description": "push notification extension",
"params": null,
"required": false,
"uri": "https://projects.tmforum.org/a2aproject/telecommunication/extensions/Notification-T/v1"
}
]
},
"defaultInputModes": ["text"],
"defaultOutputModes": ["text"],
"skills": [
{
"id": "event_publish",
"name": "Event publish",
"description": "Helps with event publish",
"tags": ["event"],
"examples": ["push current event"],
"inputModes": null,
"outputModes": null,
"securityRequirements": null
}
],
"securitySchemes": {
"oauth2SecurityScheme": {
"flows": {
"authorizationCode": null,
"clientCredentials": {
"refreshUrl": null,
"scopes": {
"profile": "profile",
"openid": "openid"
},
"tokenUrl": "http://a2a-agent-backend:27561/auth"
},
"deviceCode": null
},
"description": "Enables client credentials flow for authentication and authorization",
"oauth2MetadataUrl": null
}
},
"securityRequirements": null,
"iconUrl": null,
"supportedInterfaces": [
{
"protocolBinding": "HTTP+JSON",
"url": "http://a2a-agent-backend:27561",
"tenant": "",
"protocolVersion": "1.0"
}
],
"signatures": null
}`

var card AgentCard
if err := json.Unmarshal([]byte(javaJacksonJSON), &card); err != nil {
t.Fatalf("failed to parse Java Jackson AgentCard: %v", err)
}

// Verify security scheme was parsed
if len(card.SecuritySchemes) != 1 {
t.Fatalf("expected 1 security scheme, got %d", len(card.SecuritySchemes))
}
scheme := card.SecuritySchemes["oauth2SecurityScheme"]
oauth2, ok := scheme.(OAuth2SecurityScheme)
if !ok {
t.Fatalf("expected OAuth2SecurityScheme, got %T", scheme)
}
cc, ok := oauth2.Flows.(ClientCredentialsOAuthFlow)
if !ok {
t.Fatalf("expected ClientCredentialsOAuthFlow, got %T", oauth2.Flows)
}
if cc.TokenURL != "http://a2a-agent-backend:27561/auth" {
t.Fatalf("tokenUrl mismatch: got %s", cc.TokenURL)
}
t.Logf("✓ parsed Java Jackson AgentCard successfully: name=%s, tokenUrl=%s", card.Name, cc.TokenURL)
}
Loading