fix: complete SAP AI Core provider implementation with tests and retry fixes

- Fix ensureToken/resolveDeploymentURL to return orchHTTPError for HTTP
  failures, making them recognizable by isRetryableError() for proper retry
- Fix log message to reflect all 3 endpoints (not just completion)
- Add comprehensive handleStream unit tests (10 test cases)
- Add Python unit tests for KAgentSAPAICoreLlm (41 test cases)
- Add warning log URL context in Python retry path

Signed-off-by: Huimin Tai <huimin.tai@sap.com>

Author: Huimin Tai

go/adk/pkg/models/sapaicore.go

@@ -1,6 +1,7 @@
 package models
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"net/http"
@@ -47,7 +48,7 @@ func NewSAPAICoreModelWithLogger(config SAPAICoreConfig, logger logr.Logger) (*S
 	}, nil
 }
 
-func (m *SAPAICoreModel) ensureToken() (string, error) {
+func (m *SAPAICoreModel) ensureToken(ctx context.Context) (string, error) {
 	m.mu.Lock()
 	defer m.mu.Unlock()
 
@@ -66,18 +67,25 @@ func (m *SAPAICoreModel) ensureToken() (string, error) {
 		tokenURL += "/oauth/token"
 	}
 
-	resp, err := m.httpClient.PostForm(tokenURL, url.Values{
+	formData := url.Values{
 		"grant_type":    {"client_credentials"},
 		"client_id":     {clientID},
 		"client_secret": {clientSecret},
-	})
+	}
+	req, err := http.NewRequestWithContext(ctx, "POST", tokenURL, strings.NewReader(formData.Encode()))
+	if err != nil {
+		return "", fmt.Errorf("failed to create OAuth2 token request: %w", err)
+	}
+	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+
+	resp, err := m.httpClient.Do(req)
 	if err != nil {
 		return "", fmt.Errorf("OAuth2 token request failed: %w", err)
 	}
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusOK {
-		return "", fmt.Errorf("OAuth2 token request returned %d", resp.StatusCode)
+		return "", &orchHTTPError{StatusCode: resp.StatusCode, URL: tokenURL}
 	}
 
 	var tokenResp struct {
@@ -104,7 +112,7 @@ func (m *SAPAICoreModel) invalidateToken() {
 	m.tokenExpiresAt = time.Time{}
 }
 
-func (m *SAPAICoreModel) resolveDeploymentURL() (string, error) {
+func (m *SAPAICoreModel) resolveDeploymentURL(ctx context.Context) (string, error) {
 	m.mu.Lock()
 	if m.deploymentURL != "" && time.Now().Before(m.deploymentURLAt.Add(time.Hour)) {
 		u := m.deploymentURL
@@ -113,13 +121,13 @@ func (m *SAPAICoreModel) resolveDeploymentURL() (string, error) {
 	}
 	m.mu.Unlock()
 
-	token, err := m.ensureToken()
+	token, err := m.ensureToken(ctx)
 	if err != nil {
 		return "", err
 	}
 
 	reqURL := fmt.Sprintf("%s/v2/lm/deployments", m.Config.BaseUrl)
-	req, err := http.NewRequest("GET", reqURL, nil)
+	req, err := http.NewRequestWithContext(ctx, "GET", reqURL, nil)
 	if err != nil {
 		return "", err
 	}
@@ -133,7 +141,7 @@ func (m *SAPAICoreModel) resolveDeploymentURL() (string, error) {
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusOK {
-		return "", fmt.Errorf("list deployments returned %d", resp.StatusCode)
+		return "", &orchHTTPError{StatusCode: resp.StatusCode, URL: reqURL}
 	}
 
 	var result struct {

go/adk/pkg/models/sapaicore_adk.go

@@ -5,6 +5,7 @@ import (
 	"bytes"
 	"context"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"iter"
@@ -27,7 +28,12 @@ func (m *SAPAICoreModel) GenerateContent(ctx context.Context, req *model.LLMRequ
 			if isRetryableError(err) {
 				m.invalidateToken()
 				m.invalidateDeploymentURL()
-				m.Logger.Info("SAP AI Core request failed, retrying", "error", err)
+				var he *orchHTTPError
+				if errors.As(err, &he) {
+					m.Logger.Info("SAP AI Core request failed, retrying", "status", he.StatusCode, "url", he.URL)
+				} else {
+					m.Logger.Info("SAP AI Core request failed, retrying", "error", err)
+				}
 				resp, err = m.doRequest(ctx, req, stream)
 				if err != nil {
 					yield(nil, fmt.Errorf("SAP AI Core retry failed: %w", err))
@@ -49,12 +55,12 @@ func (m *SAPAICoreModel) GenerateContent(ctx context.Context, req *model.LLMRequ
 }
 
 func (m *SAPAICoreModel) doRequest(ctx context.Context, req *model.LLMRequest, stream bool) (*http.Response, error) {
-	deploymentURL, err := m.resolveDeploymentURL()
+	deploymentURL, err := m.resolveDeploymentURL(ctx)
 	if err != nil {
 		return nil, err
 	}
 
-	token, err := m.ensureToken()
+	token, err := m.ensureToken(ctx)
 	if err != nil {
 		return nil, err
 	}
@@ -82,7 +88,7 @@ func (m *SAPAICoreModel) doRequest(ctx context.Context, req *model.LLMRequest, s
 	if resp.StatusCode != http.StatusOK {
 		defer resp.Body.Close()
 		errBody, _ := io.ReadAll(io.LimitReader(resp.Body, 1024))
-		return nil, &orchHTTPError{StatusCode: resp.StatusCode, Body: string(errBody)}
+		return nil, &orchHTTPError{StatusCode: resp.StatusCode, Body: string(errBody), URL: url}
 	}
 
 	return resp, nil
@@ -91,10 +97,11 @@ func (m *SAPAICoreModel) doRequest(ctx context.Context, req *model.LLMRequest, s
 type orchHTTPError struct {
 	StatusCode int
 	Body       string
+	URL        string
 }
 
 func (e *orchHTTPError) Error() string {
-	return fmt.Sprintf("SAP AI Core returned HTTP %d: %s", e.StatusCode, e.Body)
+	return fmt.Sprintf("SAP AI Core returned HTTP %d (url: %s): %s", e.StatusCode, e.URL, e.Body)
 }
 
 func isRetryableError(err error) bool {