Files
trycua--cua/libs/python/computer-server/computer_server/main.py
T
wehub-resource-sync 91e75e620b
CI: cua-driver distro-compat matrix / debian:12 (glibc 2.36) (push) Has been cancelled
CI: SPDX Headers / Check SPDX headers (warn-only) (push) Has been cancelled
CD: Docs MCP Server / build (linux/amd64) (push) Has been cancelled
CD: Docs MCP Server / build (linux/arm64) (push) Has been cancelled
CD: Docs MCP Server / merge (push) Has been cancelled
CI: cua-driver distro-compat matrix / Resolve release version (push) Has been cancelled
CI: cua-driver distro-compat matrix / fedora:41 (glibc 2.40) (push) Has been cancelled
CI: cua-driver distro-compat matrix / rockylinux:9 (glibc 2.34) (push) Has been cancelled
CI: cua-driver distro-compat matrix / ubuntu:22.04 (glibc 2.35) (push) Has been cancelled
CI: cua-driver distro-compat matrix / ubuntu:24.04 (glibc 2.39) (push) Has been cancelled
CI: cua-driver distro-compat matrix / Distro compat summary (push) Has been cancelled
CI: Rust Linux unit / Rust Linux unit and compile (push) Has been cancelled
CI: Rust Windows unit / Rust Windows unit and compile (push) Has been cancelled
CI: Nix Linux Rust source / Nix / compositor build (push) Has been cancelled
CI: Nix Linux Rust source / Nix / driver package (push) Has been cancelled
CI: Nix Linux Rust source / Nix / Rust unit tests (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:03:19 +08:00

1434 lines
52 KiB
Python

import asyncio
import base64
import hashlib
import inspect
import json
import logging
import os
import platform
import time
import traceback
from contextlib import redirect_stderr, redirect_stdout
from io import StringIO
from typing import Any, Dict, List, Literal, Optional, Union, cast
import aiohttp
import uvicorn
from cua_core.telemetry import record_event
from fastapi import (
FastAPI,
Header,
HTTPException,
Request,
WebSocket,
WebSocketDisconnect,
)
from fastapi.middleware.cors import CORSMiddleware
from fastapi.responses import JSONResponse, StreamingResponse
from .browser import get_browser_manager
from .handlers.factory import OS_TYPE, HandlerFactory
# Try to import MCP server for SSE integration
try:
from .mcp_server import create_mcp_server
HAS_MCP = True
except ImportError:
HAS_MCP = False
# Status code returned when UNAVAILABLE_WITHOUT_CONTAINER_NAME is set and CONTAINER_NAME is missing.
DEFAULT_UNAVAILABLE_STATUS_CODE: int = 503
def _parse_bool_env(name: str) -> bool:
return os.environ.get(name, "").lower().strip() in ("1", "true", "yes", "y", "on")
def _unavailable_status_code() -> Optional[int]:
"""Return the HTTP status code to use when CONTAINER_NAME is required but unset.
When ``UNAVAILABLE_WITHOUT_CONTAINER_NAME`` is truthy and ``CONTAINER_NAME`` is not
set, the server should reject requests with the configured status code
(``UNAVAILABLE_WITHOUT_CONTAINER_NAME_RESPONSE_STATUS_CODE``, default 503) rather
than passing through to local dev mode. Returns ``None`` when the server should
proceed normally (either because ``CONTAINER_NAME`` is set, or because the
unavailable-without-container flag is not enabled).
"""
if os.environ.get("CONTAINER_NAME"):
return None
if not _parse_bool_env("UNAVAILABLE_WITHOUT_CONTAINER_NAME"):
return None
try:
return int(
os.environ.get(
"UNAVAILABLE_WITHOUT_CONTAINER_NAME_RESPONSE_STATUS_CODE",
str(DEFAULT_UNAVAILABLE_STATUS_CODE),
)
)
except ValueError:
return DEFAULT_UNAVAILABLE_STATUS_CODE
try:
from cua_agent import ComputerAgent
HAS_AGENT = True
except ImportError:
HAS_AGENT = False
# Set up logging with more detail
logger = logging.getLogger(__name__)
logger.setLevel(logging.INFO)
# Configure WebSocket with larger message size
WEBSOCKET_MAX_SIZE = 1024 * 1024 * 10 # 10MB limit
# Create MCP app first if available (needed for lifespan)
_mcp_http_app = None
if HAS_MCP:
try:
mcp_server = create_mcp_server()
# Configure FastMCP to use "/" as its internal path, then mount at /mcp
# This results in endpoint at /mcp (mount) + / (internal) = /mcp
_mcp_http_app = mcp_server.http_app(path="/")
logger.info("MCP server created for /mcp endpoint (streamable HTTP transport)")
except Exception as e:
logger.warning(f"Failed to create MCP server: {e}")
# Configure application with WebSocket settings and MCP lifespan
app = FastAPI(
title="Computer API",
description="API for the Computer project",
version="0.1.0",
websocket_max_size=WEBSOCKET_MAX_SIZE,
lifespan=_mcp_http_app.lifespan if _mcp_http_app else None,
redirect_slashes=False,
)
class UnavailableWithoutContainerMiddleware:
"""ASGI middleware that rejects all requests when CONTAINER_NAME is required but unset.
Controlled by env vars (read per-request so tests and dynamic config work):
- ``UNAVAILABLE_WITHOUT_CONTAINER_NAME``: if truthy and ``CONTAINER_NAME`` is unset,
every HTTP and WebSocket request is rejected.
- ``UNAVAILABLE_WITHOUT_CONTAINER_NAME_RESPONSE_STATUS_CODE``: HTTP status code for
rejections (default 503).
When disabled (either env var not set), requests pass through unchanged, preserving
the original "local development mode" behavior for backwards compatibility.
"""
_DETAIL = "Service unavailable: CONTAINER_NAME is required but not configured"
def __init__(self, app):
self.app = app
async def __call__(self, scope, receive, send):
scope_type = scope.get("type")
if scope_type in ("http", "websocket"):
status_code = _unavailable_status_code()
if status_code is not None:
if scope_type == "http":
await self._reject_http(send, status_code)
else:
await self._reject_websocket(receive, send, status_code)
return
await self.app(scope, receive, send)
@classmethod
async def _reject_http(cls, send, status_code):
body = json.dumps({"detail": cls._DETAIL}).encode()
await send(
{
"type": "http.response.start",
"status": status_code,
"headers": [
(b"content-type", b"application/json"),
(b"content-length", str(len(body)).encode()),
],
}
)
await send({"type": "http.response.body", "body": body})
@classmethod
async def _reject_websocket(cls, receive, send, status_code):
# Accept first so we can send a structured JSON error before closing — this
# preserves the existing error shape that clients already handle.
event = await receive()
if event.get("type") != "websocket.connect":
return
await send({"type": "websocket.accept"})
await send(
{
"type": "websocket.send",
"text": json.dumps(
{
"success": False,
"error": cls._DETAIL,
"status_code": status_code,
}
),
}
)
# 1008 = Policy Violation
await send({"type": "websocket.close", "code": 1008})
app.add_middleware(UnavailableWithoutContainerMiddleware)
# CORS configuration
origins = ["*"]
app.add_middleware(
CORSMiddleware,
allow_origins=origins,
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
)
class McpBarePathRewrite:
"""Serve the MCP app at both /mcp and /mcp/.
Starlette's Mount only matches "/mcp/..." — a bare "/mcp" resolves
to inner path "" and 404s, and redirect_slashes=False on the outer
app disables the 307 rescue. Most MCP clients (claude.ai included)
POST to the bare path, so rewrite it before routing. A rewrite
(not a redirect) keeps POST bodies and SSE streaming intact; pure
ASGI (not BaseHTTPMiddleware) so responses aren't buffered.
"""
def __init__(self, app):
self.app = app
async def __call__(self, scope, receive, send):
if scope["type"] == "http" and scope["path"] == "/mcp":
scope = dict(scope, path="/mcp/")
await self.app(scope, receive, send)
class McpAcceptHeaderShim:
"""Make the MCP streamable-HTTP endpoint tolerant of the Accept header.
The MCP Python SDK's StreamableHTTP transport rejects requests with
JSON-RPC -32600 ("Not Acceptable: Client must accept ...") unless the
request's Accept header advertises BOTH ``application/json`` and
``text/event-stream`` (POST path), or ``text/event-stream`` (GET SSE
path). claude.ai's MCP connector does not always send both, so its
handshake POST to /mcp is rejected before it ever reaches a tool.
This pure-ASGI shim normalizes the inbound Accept header for /mcp
requests so it always contains both media types, which lets the SDK's
Accept check pass for every client regardless of what it sent. It only
rewrites the REQUEST header — it does not touch ``json_response`` or any
response semantics, so the server still negotiates JSON vs. SSE exactly
as it would otherwise. This keeps existing MCP clients (Claude Code,
SDK) unaffected while admitting stricter/looser connectors.
Scoped to the /mcp prefix only; all other routes are passed through
untouched. Pure ASGI (not BaseHTTPMiddleware) so streaming responses
are not buffered.
"""
_COMBINED = b"application/json, text/event-stream"
def __init__(self, app):
self.app = app
async def __call__(self, scope, receive, send):
path = scope.get("path", "")
# Match the bare /mcp endpoint and anything under /mcp/, but NOT
# unrelated routes that merely share the prefix (e.g. /mcpx).
if scope["type"] == "http" and (path == "/mcp" or path.startswith("/mcp/")):
headers = [(k, v) for (k, v) in scope.get("headers", []) if k != b"accept"]
headers.append((b"accept", self._COMBINED))
scope = dict(scope, headers=headers)
await self.app(scope, receive, send)
# Mount MCP server at /mcp - FastMCP's internal path is "/" so endpoint is /mcp.
#
# Middleware ordering note: Starlette's app.add_middleware() prepends, so the
# LAST one added runs FIRST (outermost). We want, outermost -> innermost:
# McpBarePathRewrite (fix the path) -> McpAcceptHeaderShim (fix Accept) -> app
# so add McpAcceptHeaderShim first, then McpBarePathRewrite.
if _mcp_http_app:
app.mount("/mcp", _mcp_http_app)
app.add_middleware(McpAcceptHeaderShim)
app.add_middleware(McpBarePathRewrite)
protocol_version = 1
try:
from importlib.metadata import version
package_version = version("cua-computer-server")
except Exception:
# Fallback for cases where package is not installed or importlib.metadata is not available
try:
import pkg_resources
package_version = pkg_resources.get_distribution("cua-computer-server").version
except Exception:
package_version = "unknown"
(
accessibility_handler,
automation_handler,
diorama_handler,
file_handler,
desktop_handler,
window_handler,
) = HandlerFactory.create_handlers()
# Helper function for direction-based scrolling
async def _scroll_direction_handler(direction: str, clicks: int = 1) -> Dict[str, Any]:
"""
Scroll in a specified direction.
Args:
direction: One of 'up', 'down', 'left', 'right'
clicks: Number of scroll clicks (default: 1)
"""
direction = direction.lower()
if direction == "down":
return await automation_handler.scroll_down(clicks)
elif direction == "up":
return await automation_handler.scroll_up(clicks)
elif direction in ("left", "right"):
# For horizontal scrolling, use scroll with x amount
x_amount = -300 if direction == "left" else 300
return await automation_handler.scroll(x_amount * clicks, 0)
else:
raise ValueError(f"Invalid direction: {direction}. Use 'up', 'down', 'left', or 'right'.")
# Command aliases for common alternative names
COMMAND_ALIASES = {
"type": "type_text",
"key": "press_key",
"tap": "left_click",
"click": "left_click",
"shell": "run_command",
"exec": "run_command",
"read_file": "read_text",
"write_file": "write_text",
"ls": "list_dir",
"mkdir": "create_dir",
"rm": "delete_file",
"rmdir": "delete_dir",
}
handlers = {
"version": lambda: {"protocol": protocol_version, "package": package_version},
# App-Use commands
"diorama_cmd": diorama_handler.diorama_cmd,
# Accessibility commands
"get_accessibility_tree": accessibility_handler.get_accessibility_tree,
"find_element": accessibility_handler.find_element,
# Shell commands
"run_command": automation_handler.run_command,
# File system commands
"file_exists": file_handler.file_exists,
"directory_exists": file_handler.directory_exists,
"list_dir": file_handler.list_dir,
"read_text": file_handler.read_text,
"write_text": file_handler.write_text,
"read_bytes": file_handler.read_bytes,
"write_bytes": file_handler.write_bytes,
"get_file_size": file_handler.get_file_size,
"delete_file": file_handler.delete_file,
"create_dir": file_handler.create_dir,
"delete_dir": file_handler.delete_dir,
# Desktop commands
"get_desktop_environment": desktop_handler.get_desktop_environment,
"set_wallpaper": desktop_handler.set_wallpaper,
# Window management
"open": window_handler.open,
"launch": window_handler.launch,
"get_current_window_id": window_handler.get_current_window_id,
"get_application_windows": window_handler.get_application_windows,
"get_window_name": window_handler.get_window_name,
"get_window_size": window_handler.get_window_size,
"get_window_position": window_handler.get_window_position,
"set_window_size": window_handler.set_window_size,
"set_window_position": window_handler.set_window_position,
"maximize_window": window_handler.maximize_window,
"minimize_window": window_handler.minimize_window,
"activate_window": window_handler.activate_window,
"close_window": window_handler.close_window,
# Mouse commands
"mouse_down": automation_handler.mouse_down,
"mouse_up": automation_handler.mouse_up,
"left_click": automation_handler.left_click,
"right_click": automation_handler.right_click,
"double_click": automation_handler.double_click,
"move_cursor": automation_handler.move_cursor,
"drag_to": automation_handler.drag_to,
"drag": automation_handler.drag,
# Keyboard commands
"key_down": automation_handler.key_down,
"key_up": automation_handler.key_up,
"type_text": automation_handler.type_text,
"press_key": automation_handler.press_key,
"hotkey": automation_handler.hotkey,
# Scrolling actions
"scroll": automation_handler.scroll,
"scroll_down": automation_handler.scroll_down,
"scroll_up": automation_handler.scroll_up,
"scroll_direction": _scroll_direction_handler,
# Screen actions
"screenshot": automation_handler.screenshot,
"get_cursor_position": automation_handler.get_cursor_position,
"get_screen_size": automation_handler.get_screen_size,
# Clipboard actions
"copy_to_clipboard": automation_handler.copy_to_clipboard,
"set_clipboard": automation_handler.set_clipboard,
}
# Android-only commands — registered only when the Android handler is active
# so non-Android server instances don't fail at startup with AttributeError.
if hasattr(automation_handler, "multitouch_gesture"):
handlers["multitouch_gesture"] = automation_handler.multitouch_gesture
class AuthenticationManager:
def __init__(self):
self.container_name = os.environ.get("CONTAINER_NAME")
self.api_base_url = os.environ.get("CUA_BASE_URL_AUTH", "https://www.cua.ai").rstrip("/")
async def auth(self, container_name: str, api_key: str) -> bool:
"""Authenticate container name and API key against the TryCUA API.
Every call hits the API directly — results are not cached. The
previous implementation cached both successes and failures with a
60 s TTL (``CUA_AUTH_TTL_SECONDS``), but that caused transient
network/DNS errors immediately after VM boot to lock out legitimate
clients for the full TTL window. Since the gate sits in front of
every SDK request on a freshly provisioned VM, a single cold-start
DNS hiccup would flip the VM into a perpetually-401 state until
the TTL expired.
"""
# If no CONTAINER_NAME is set, always allow access (local development)
if not self.container_name:
logger.info(
"No CONTAINER_NAME set in environment. Allowing access (local development mode)"
)
return True
# Layer 1: VM Identity Verification
if container_name != self.container_name:
logger.warning(
f"VM name mismatch. Expected: {self.container_name}, Got: {container_name}"
)
return False
logger.info(f"Authenticating with TryCUA API for container: {container_name}")
try:
from cua_core.http import cua_version_headers
async with aiohttp.ClientSession() as session:
headers = {"Authorization": f"Bearer {api_key}", **cua_version_headers()}
async with session.get(
f"{self.api_base_url}/api/vm/auth?container_name={container_name}",
headers=headers,
) as resp:
is_valid = resp.status == 200 and bool((await resp.text()).strip())
if is_valid:
logger.info(f"Authentication successful for container: {container_name}")
else:
logger.warning(
f"Authentication failed for container: {container_name}. Status: {resp.status}"
)
return is_valid
except aiohttp.ClientError as e:
logger.error(f"Failed to validate API key with TryCUA API: {str(e)}")
return False
except Exception as e:
logger.error(f"Unexpected error during authentication: {str(e)}")
return False
class ConnectionManager:
def __init__(self):
self.active_connections: List[WebSocket] = []
async def connect(self, websocket: WebSocket):
await websocket.accept()
self.active_connections.append(websocket)
def disconnect(self, websocket: WebSocket):
self.active_connections.remove(websocket)
manager = ConnectionManager()
auth_manager = AuthenticationManager()
# PTY session manager (lazy-initialised)
from .pty_manager import PtyManager
pty_manager = PtyManager()
def _resolve_command(command: str) -> str:
"""Resolve command aliases to their canonical names."""
return COMMAND_ALIASES.get(command, command)
def _suggest_similar_commands(command: str) -> List[str]:
"""Suggest similar commands for typos."""
all_commands = list(handlers.keys()) + list(COMMAND_ALIASES.keys())
suggestions = []
command_lower = command.lower()
for cmd in all_commands:
# Simple similarity: starts with same letter or contains the input
if cmd.lower().startswith(command_lower[:2]) or command_lower in cmd.lower():
suggestions.append(cmd)
return suggestions[:5]
@app.get("/status")
async def status():
# get computer-server features
features = []
if HAS_AGENT:
features.append("agent")
if HAS_MCP:
features.append("mcp")
return {"status": "ok", "os_type": OS_TYPE, "features": features}
@app.get("/commands")
async def list_commands():
"""List all available commands and their aliases."""
commands_info = {}
for cmd_name, handler_func in handlers.items():
try:
sig = inspect.signature(handler_func)
params = [
{
"name": p.name,
"required": p.default == inspect.Parameter.empty,
"default": None if p.default == inspect.Parameter.empty else p.default,
}
for p in sig.parameters.values()
]
except (ValueError, TypeError):
params = []
commands_info[cmd_name] = {"params": params}
# Add alias information
aliases_by_command: Dict[str, List[str]] = {}
for alias, canonical in COMMAND_ALIASES.items():
if canonical not in aliases_by_command:
aliases_by_command[canonical] = []
aliases_by_command[canonical].append(alias)
for cmd_name in commands_info:
if cmd_name in aliases_by_command:
commands_info[cmd_name]["aliases"] = aliases_by_command[cmd_name]
return {
"commands": commands_info,
"aliases": COMMAND_ALIASES,
}
@app.websocket("/ws", name="websocket_endpoint")
async def websocket_endpoint(websocket: WebSocket):
global handlers
# WebSocket message size is configured at the app or endpoint level, not on the instance
await manager.connect(websocket)
# Check if CONTAINER_NAME is set (indicating cloud provider)
server_container_name = os.environ.get("CONTAINER_NAME")
# If cloud provider, perform authentication handshake
if server_container_name:
try:
logger.info(
f"Cloud provider detected. CONTAINER_NAME: {server_container_name}. Waiting for authentication..."
)
# Wait for authentication message
auth_data = await websocket.receive_json()
# Validate auth message format
if auth_data.get("command") != "authenticate":
await websocket.send_json(
{"success": False, "error": "First message must be authentication"}
)
await websocket.close()
manager.disconnect(websocket)
return
# Extract credentials
client_api_key = auth_data.get("params", {}).get("api_key")
client_container_name = auth_data.get("params", {}).get("container_name")
# Validate credentials using AuthenticationManager
if not client_api_key:
await websocket.send_json({"success": False, "error": "API key required"})
await websocket.close()
manager.disconnect(websocket)
return
if not client_container_name:
await websocket.send_json({"success": False, "error": "Container name required"})
await websocket.close()
manager.disconnect(websocket)
return
# Use AuthenticationManager for validation
is_authenticated = await auth_manager.auth(client_container_name, client_api_key)
if not is_authenticated:
await websocket.send_json({"success": False, "error": "Authentication failed"})
await websocket.close()
manager.disconnect(websocket)
return
logger.info(f"Authentication successful for VM: {client_container_name}")
await websocket.send_json({"success": True, "message": "Authentication successful"})
# Emit vm_session_started event for funnel tracking
api_key_hash = hashlib.sha256(client_api_key.encode()).hexdigest()
record_event(
"vm_session_started",
{
"api_key_hash": api_key_hash,
"vm_id": client_container_name,
"connection_type": "websocket",
},
)
except Exception as e:
logger.error(f"Error during authentication handshake: {str(e)}")
await websocket.send_json({"success": False, "error": "Authentication failed"})
await websocket.close()
manager.disconnect(websocket)
return
try:
while True:
try:
data = await websocket.receive_json()
command = data.get("command")
params = data.get("params", {})
# Resolve command aliases
command = _resolve_command(command)
if command not in handlers:
suggestions = _suggest_similar_commands(command)
error_msg = f"Unknown command: {command}"
if suggestions:
error_msg += f". Did you mean: {', '.join(suggestions)}?"
await websocket.send_json({"success": False, "error": error_msg})
continue
try:
# Filter params to only include those accepted by the handler function
handler_func = handlers[command]
sig = inspect.signature(handler_func)
filtered_params = {k: v for k, v in params.items() if k in sig.parameters}
# Handle both sync and async functions
if asyncio.iscoroutinefunction(handler_func):
result = await handler_func(**filtered_params)
else:
# Run sync functions in thread pool to avoid blocking event loop
result = await asyncio.to_thread(handler_func, **filtered_params)
await websocket.send_json({"success": True, **result})
except Exception as cmd_error:
logger.error(f"Error executing command {command}: {str(cmd_error)}")
logger.error(traceback.format_exc())
await websocket.send_json({"success": False, "error": str(cmd_error)})
except WebSocketDisconnect:
raise
except json.JSONDecodeError as json_err:
logger.error(f"JSON decode error: {str(json_err)}")
await websocket.send_json(
{"success": False, "error": f"Invalid JSON: {str(json_err)}"}
)
except Exception as loop_error:
logger.error(f"Error in message loop: {str(loop_error)}")
logger.error(traceback.format_exc())
await websocket.send_json({"success": False, "error": str(loop_error)})
except WebSocketDisconnect:
logger.info("Client disconnected")
manager.disconnect(websocket)
except Exception as e:
logger.error(f"Fatal error in websocket connection: {str(e)}")
logger.error(traceback.format_exc())
try:
await websocket.close()
except:
pass
manager.disconnect(websocket)
@app.post("/cmd")
async def cmd_endpoint(
request: Request,
container_name: Optional[str] = Header(None, alias="X-Container-Name"),
api_key: Optional[str] = Header(None, alias="X-API-Key"),
):
"""
Backup endpoint for when WebSocket connections fail.
Accepts commands via HTTP POST with streaming response.
Headers:
- X-Container-Name: Container name for cloud authentication
- X-API-Key: API key for cloud authentication
Body:
{
"command": "command_name",
"params": {...}
}
"""
global handlers
# Parse request body
try:
body = await request.json()
command = body.get("command")
params = body.get("params", {})
except Exception as e:
raise HTTPException(status_code=400, detail=f"Invalid JSON body: {str(e)}")
if not command:
raise HTTPException(status_code=400, detail="Command is required")
# Resolve command aliases
command = _resolve_command(command)
# Check if CONTAINER_NAME is set (indicating cloud provider)
server_container_name = os.environ.get("CONTAINER_NAME")
# If cloud provider, perform authentication
if server_container_name:
logger.info(
f"Cloud provider detected. CONTAINER_NAME: {server_container_name}. Performing authentication..."
)
# Validate required headers
if not container_name:
raise HTTPException(status_code=401, detail="Container name required")
if not api_key:
raise HTTPException(status_code=401, detail="API key required")
# Validate with AuthenticationManager
is_authenticated = await auth_manager.auth(container_name, api_key)
if not is_authenticated:
raise HTTPException(status_code=401, detail="Authentication failed")
# Emit vm_session_started event for funnel tracking
api_key_hash = hashlib.sha256(api_key.encode()).hexdigest()
record_event(
"vm_session_started",
{
"api_key_hash": api_key_hash,
"vm_id": container_name,
"connection_type": "http",
},
)
if command not in handlers:
suggestions = _suggest_similar_commands(command)
error_msg = f"Unknown command: {command}"
if suggestions:
error_msg += f". Did you mean: {', '.join(suggestions)}?"
raise HTTPException(status_code=400, detail=error_msg)
async def generate_response():
"""Generate streaming response for the command execution"""
try:
# Filter params to only include those accepted by the handler function
handler_func = handlers[command]
sig = inspect.signature(handler_func)
filtered_params = {k: v for k, v in params.items() if k in sig.parameters}
# Handle both sync and async functions
if asyncio.iscoroutinefunction(handler_func):
result = await handler_func(**filtered_params)
else:
# Run sync functions in thread pool to avoid blocking event loop
result = await asyncio.to_thread(handler_func, **filtered_params)
# Stream the successful result
response_data = {"success": True, **result}
yield f"data: {json.dumps(response_data)}\n\n"
except Exception as cmd_error:
logger.error(f"Error executing command {command}: {str(cmd_error)}")
logger.error(traceback.format_exc())
# Stream the error result
error_data = {"success": False, "error": str(cmd_error)}
yield f"data: {json.dumps(error_data)}\n\n"
return StreamingResponse(
generate_response(),
media_type="text/plain",
headers={
"Cache-Control": "no-cache",
"Connection": "keep-alive",
},
)
async def _require_auth(
container_name: Optional[str],
api_key: Optional[str],
) -> None:
"""Raise HTTPException(401) when cloud auth is configured and credentials are invalid."""
server_container_name = os.environ.get("CONTAINER_NAME")
if not server_container_name:
return # local development — no auth required
if not container_name:
raise HTTPException(status_code=401, detail="Container name required")
if not api_key:
raise HTTPException(status_code=401, detail="API key required")
if not await auth_manager.auth(container_name, api_key):
raise HTTPException(status_code=401, detail="Authentication failed")
# ---------------------------------------------------------------------------
# PTY endpoints
# ---------------------------------------------------------------------------
@app.post("/pty")
async def pty_create(
request: Request,
container_name: Optional[str] = Header(None, alias="X-Container-Name"),
api_key: Optional[str] = Header(None, alias="X-API-Key"),
):
"""Spawn a new PTY session.
Body (JSON, all fields optional):
``{"command": str, "cols": int, "rows": int, "cwd": str, "envs": dict}``
Returns: ``{"pid": int, "cols": int, "rows": int}``
"""
await _require_auth(container_name, api_key)
try:
body = await request.json()
except Exception:
body = {}
# On Android, always use adb shell regardless of any caller-supplied command,
# so that PTY sessions run inside the emulator rather than on the host.
if os.environ.get("IS_CUA_ANDROID") == "true":
command = "adb shell"
else:
command = body.get("command")
info = await pty_manager.create(
command=command,
cols=int(body.get("cols", 80)),
rows=int(body.get("rows", 24)),
cwd=body.get("cwd"),
envs=body.get("envs"),
)
return info
@app.get("/pty/{pid}")
async def pty_info(
pid: int,
container_name: Optional[str] = Header(None, alias="X-Container-Name"),
api_key: Optional[str] = Header(None, alias="X-API-Key"),
):
"""Return metadata for PTY session *pid*.
Returns: ``{"pid": int, "cols": int, "rows": int}``
"""
await _require_auth(container_name, api_key)
info = pty_manager.get_info(pid)
if info is None:
from fastapi import HTTPException
raise HTTPException(status_code=404, detail=f"PTY session {pid} not found")
return info
@app.delete("/pty/{pid}")
async def pty_kill(
pid: int,
container_name: Optional[str] = Header(None, alias="X-Container-Name"),
api_key: Optional[str] = Header(None, alias="X-API-Key"),
):
"""Kill PTY session *pid*.
Returns: ``{"killed": bool}``
"""
await _require_auth(container_name, api_key)
killed = await pty_manager.kill(pid)
return {"killed": killed}
@app.post("/pty/{pid}/stdin")
async def pty_stdin(
pid: int,
request: Request,
container_name: Optional[str] = Header(None, alias="X-Container-Name"),
api_key: Optional[str] = Header(None, alias="X-API-Key"),
):
"""Write data to stdin of PTY session *pid*.
Body: ``{"data": "<base64-encoded bytes>"}``
"""
await _require_auth(container_name, api_key)
body = await request.json()
raw = base64.b64decode(body.get("data", ""))
await pty_manager.send_stdin(pid, raw)
return {"ok": True}
@app.post("/pty/{pid}/resize")
async def pty_resize(
pid: int,
request: Request,
container_name: Optional[str] = Header(None, alias="X-Container-Name"),
api_key: Optional[str] = Header(None, alias="X-API-Key"),
):
"""Resize the terminal for PTY session *pid*.
Body: ``{"cols": int, "rows": int}``
"""
await _require_auth(container_name, api_key)
body = await request.json()
await pty_manager.resize(pid, int(body.get("cols", 80)), int(body.get("rows", 24)))
return {"ok": True}
@app.get("/pty/{pid}/stream")
async def pty_stream(
pid: int,
container_name: Optional[str] = Header(None, alias="X-Container-Name"),
api_key: Optional[str] = Header(None, alias="X-API-Key"),
):
"""SSE stream for PTY session *pid*.
Events:
- ``data: {"type": "output", "data": "<base64>"}``
- ``data: {"type": "exit", "code": <int>}``
"""
await _require_auth(container_name, api_key)
q = pty_manager.subscribe(pid)
async def _generate():
try:
while True:
msg = await q.get()
if msg["type"] == "output":
payload = {"type": "output", "data": base64.b64encode(msg["data"]).decode()}
else:
payload = {"type": "exit", "code": msg.get("code", 0)}
yield f"data: {json.dumps(payload)}\n\n"
if msg["type"] == "exit":
break
finally:
pty_manager.unsubscribe(pid, q)
return StreamingResponse(
_generate(),
media_type="text/event-stream",
headers={"Cache-Control": "no-cache", "Connection": "keep-alive"},
)
@app.websocket("/pty/{pid}/ws")
async def pty_ws(
pid: int,
websocket: WebSocket,
):
"""WebSocket endpoint for interactive PTY session *pid*.
Auth (when CONTAINER_NAME is set): pass ``api_key`` and
``container_name`` as query parameters, e.g.
``/pty/123/ws?api_key=…&container_name=…``.
Client → Server messages (JSON):
- ``{"type": "stdin", "data": "<base64>"}``
- ``{"type": "resize", "cols": N, "rows": N}``
- ``{"type": "disconnect"}``
Server → Client messages (JSON):
- ``{"type": "output", "data": "<base64>"}``
- ``{"type": "exit", "code": N}``
"""
container_name = websocket.query_params.get("container_name")
api_key = websocket.query_params.get("api_key")
try:
await _require_auth(container_name, api_key)
except HTTPException:
await websocket.close(code=1008) # 1008 = Policy Violation
return
await websocket.accept()
q = pty_manager.subscribe(pid)
async def _send_output():
"""Forward PTY output to the WebSocket client."""
try:
while True:
msg = await q.get()
if msg["type"] == "output":
payload = {"type": "output", "data": base64.b64encode(msg["data"]).decode()}
else:
payload = {"type": "exit", "code": msg.get("code", 0)}
await websocket.send_text(json.dumps(payload))
if msg["type"] == "exit":
break
except Exception:
pass
finally:
pty_manager.unsubscribe(pid, q)
output_task = asyncio.create_task(_send_output())
try:
while True:
try:
raw = await websocket.receive_text()
except WebSocketDisconnect:
break
except Exception:
break
try:
msg = json.loads(raw)
except json.JSONDecodeError:
continue
msg_type = msg.get("type")
if msg_type == "stdin":
data = base64.b64decode(msg.get("data", ""))
await pty_manager.send_stdin(pid, data)
elif msg_type == "resize":
await pty_manager.resize(pid, int(msg.get("cols", 80)), int(msg.get("rows", 24)))
elif msg_type == "disconnect":
break
finally:
output_task.cancel()
pty_manager.unsubscribe(pid, q)
try:
await websocket.close()
except Exception:
pass
@app.post("/responses")
async def agent_response_endpoint(
request: Request,
api_key: Optional[str] = Header(None, alias="X-API-Key"),
):
"""
Minimal proxy to run ComputerAgent for up to 2 turns.
Security:
- If CONTAINER_NAME is set on the server, require X-API-Key
and validate using AuthenticationManager unless CUA_ENABLE_PUBLIC_PROXY is true.
Body JSON:
{
"model": "...", # required
"input": "... or messages[]", # required
"agent_kwargs": { ... }, # optional, passed directly to ComputerAgent
"env": { ... } # optional env overrides for agent
}
"""
if not HAS_AGENT:
raise HTTPException(status_code=501, detail="ComputerAgent not available")
# Authenticate via AuthenticationManager if running in cloud (CONTAINER_NAME set)
container_name = os.environ.get("CONTAINER_NAME")
if container_name:
is_public = os.environ.get("CUA_ENABLE_PUBLIC_PROXY", "").lower().strip() in [
"1",
"true",
"yes",
"y",
"on",
]
if not is_public:
if not api_key:
raise HTTPException(status_code=401, detail="Missing AGENT PROXY auth headers")
ok = await auth_manager.auth(container_name, api_key)
if not ok:
raise HTTPException(status_code=401, detail="Unauthorized")
# Parse request body
try:
body = await request.json()
except Exception as e:
raise HTTPException(status_code=400, detail=f"Invalid JSON body: {str(e)}")
model = body.get("model")
input_data = body.get("input")
if not model or input_data is None:
raise HTTPException(status_code=400, detail="'model' and 'input' are required")
agent_kwargs: Dict[str, Any] = body.get("agent_kwargs") or {}
env_overrides: Dict[str, str] = body.get("env") or {}
# Simple env override context
class _EnvOverride:
def __init__(self, overrides: Dict[str, str]):
self.overrides = overrides
self._original: Dict[str, Optional[str]] = {}
def __enter__(self):
for k, v in (self.overrides or {}).items():
self._original[k] = os.environ.get(k)
os.environ[k] = str(v)
def __exit__(self, exc_type, exc, tb):
for k, old in self._original.items():
if old is None:
os.environ.pop(k, None)
else:
os.environ[k] = old
# Convert input to messages
def _to_messages(data: Union[str, List[Dict[str, Any]]]) -> List[Dict[str, Any]]:
if isinstance(data, str):
return [{"role": "user", "content": data}]
if isinstance(data, list):
return data
messages = _to_messages(input_data)
# Define a direct computer tool that implements the AsyncComputerHandler protocol
# and delegates to our existing automation/file/accessibility handlers.
from cua_agent.computers import AsyncComputerHandler # runtime-checkable Protocol
class DirectComputerInterface:
"""Interface wrapper providing BrowserTool compatibility.
Matches the same interface shape as Computer.interface so BrowserTool
works identically with both Computer (cloud) and DirectComputer (local).
"""
def __init__(self, automation_handler, browser_manager):
self._auto = automation_handler
self._browser = browser_manager
@property
def interface(self):
"""Return automation handler for hotkey, move_cursor, etc."""
return self._auto
async def playwright_exec(self, command: str, params: dict) -> dict:
"""Execute browser command via browser_manager."""
return await self._browser.execute_command(command, params)
class DirectComputer(AsyncComputerHandler):
def __init__(self):
# use module-scope handler singletons created by HandlerFactory
self._auto = automation_handler
self._file = file_handler
self._access = accessibility_handler
# Create interface for BrowserTool compatibility
self._interface = DirectComputerInterface(automation_handler, get_browser_manager())
@property
def interface(self):
"""Return interface compatible with BrowserTool.
This matches Computer.interface shape so BrowserTool works with either:
- computer.interface.interface.hotkey() -> automation
- computer.interface.playwright_exec() -> browser commands
- direct_computer.interface.interface.hotkey() -> automation
- direct_computer.interface.playwright_exec() -> browser commands
"""
return self._interface
async def get_environment(self) -> Literal["windows", "mac", "linux", "browser"]:
sys = platform.system().lower()
if "darwin" in sys or sys in ("macos", "mac"):
return "mac"
if "windows" in sys:
return "windows"
return "linux"
async def get_dimensions(self) -> tuple[int, int]:
size = await self._auto.get_screen_size()
return size["width"], size["height"]
async def screenshot(self) -> str:
img_b64 = await self._auto.screenshot()
return img_b64["image_data"]
async def click(self, x: int, y: int, button: str = "left") -> None:
if button == "left":
await self._auto.left_click(x, y)
elif button == "right":
await self._auto.right_click(x, y)
else:
await self._auto.left_click(x, y)
async def double_click(self, x: int, y: int) -> None:
await self._auto.double_click(x, y)
async def scroll(self, x: int, y: int, scroll_x: int, scroll_y: int) -> None:
await self._auto.move_cursor(x, y)
await self._auto.scroll(scroll_x, scroll_y)
async def type(self, text: str) -> None:
await self._auto.type_text(text)
async def wait(self, ms: int = 1000) -> None:
await asyncio.sleep(ms / 1000.0)
async def move(self, x: int, y: int) -> None:
await self._auto.move_cursor(x, y)
async def keypress(self, keys: Union[List[str], str]) -> None:
from computer.interface.models import Key
def normalize_key(key: str) -> str:
"""Normalize key name using SDK's Key.from_string()."""
result = Key.from_string(key)
if isinstance(result, Key):
# SDK mapped it to a Key enum, use its value
return result.value
else:
# SDK didn't map it - lowercase for pynput compatibility
# (pynput uses lowercase: Key.tab, Key.space, etc.)
return key.lower() if len(key) > 1 else key
if isinstance(keys, str):
parts = keys.replace("-", "+").split("+") if len(keys) > 1 else [keys]
else:
parts = keys
# Normalize all key parts using SDK's Key mapping
parts = [normalize_key(p) for p in parts]
if len(parts) == 1:
key = parts[0]
# Route single printable characters through type_text so the
# insertion is layout-independent. press_key uses a physical-key
# path (pynput keyboard.press/release) that follows the active
# input source — under a Russian or CJK layout it inserts the
# layout-mapped character instead of the intended ASCII one.
# type_text uses pynput keyboard.type() which bypasses the
# layout and inserts the literal Unicode codepoint.
#
# A key is "printable" when it is exactly one character long
# and unicodedata.category is not a control category (Cc/Cs).
# Special keys (return, tab, escape, arrows, f1-f12, …) are
# multi-character strings or map to a Key enum — those still
# go through press_key unchanged.
#
# See: https://github.com/trycua/cua/issues/1605
import unicodedata
if len(key) == 1 and unicodedata.category(key) not in ("Cc", "Cs", "Cn"):
await self._auto.type_text(key)
else:
await self._auto.press_key(key)
else:
await self._auto.hotkey(parts)
async def drag(self, path: List[Dict[str, int]]) -> None:
if not path:
return
start = path[0]
await self._auto.mouse_down(start["x"], start["y"])
for pt in path[1:]:
await self._auto.move_cursor(pt["x"], pt["y"])
end = path[-1]
await self._auto.mouse_up(end["x"], end["y"])
async def get_current_url(self) -> str:
# Not available in this server context
return ""
async def left_mouse_down(self, x: Optional[int] = None, y: Optional[int] = None) -> None:
await self._auto.mouse_down(x, y, button="left")
async def left_mouse_up(self, x: Optional[int] = None, y: Optional[int] = None) -> None:
await self._auto.mouse_up(x, y, button="left")
# # Inline image URLs to base64
# import base64, mimetypes, requests
# # Use a browser-like User-Agent to avoid 403s from some CDNs (e.g., Wikimedia)
# HEADERS = {
# "User-Agent": (
# "Mozilla/5.0 (Windows NT 10.0; Win64; x64) "
# "AppleWebKit/537.36 (KHTML, like Gecko) "
# "Chrome/124.0.0.0 Safari/537.36"
# )
# }
# def _to_data_url(content_bytes: bytes, url: str, resp: requests.Response) -> str:
# ctype = resp.headers.get("Content-Type") or mimetypes.guess_type(url)[0] or "application/octet-stream"
# b64 = base64.b64encode(content_bytes).decode("utf-8")
# return f"data:{ctype};base64,{b64}"
# def inline_image_urls(messages):
# # messages: List[{"role": "...","content":[...]}]
# out = []
# for m in messages:
# if not isinstance(m.get("content"), list):
# out.append(m)
# continue
# new_content = []
# for part in (m.get("content") or []):
# if part.get("type") == "input_image" and (url := part.get("image_url")):
# resp = requests.get(url, headers=HEADERS, timeout=30)
# resp.raise_for_status()
# new_content.append({
# "type": "input_image",
# "image_url": _to_data_url(resp.content, url, resp)
# })
# else:
# new_content.append(part)
# out.append({**m, "content": new_content})
# return out
# messages = inline_image_urls(messages)
error = None
with _EnvOverride(env_overrides):
# Prepare tools: if caller did not pass tools, inject our DirectComputer
tools = agent_kwargs.get("tools")
if not tools:
tools = [DirectComputer()]
agent_kwargs = {**agent_kwargs, "tools": tools}
# Instantiate agent with our tools
agent = ComputerAgent(model=model, **agent_kwargs) # type: ignore[arg-type]
total_output: List[Any] = []
total_usage: Dict[str, Any] = {}
pending_computer_call_ids = set()
try:
async for result in agent.run(messages):
total_output += result["output"]
# Try to collect usage if present
if (
isinstance(result, dict)
and "usage" in result
and isinstance(result["usage"], dict)
):
# Merge usage counters
for k, v in result["usage"].items():
if isinstance(v, (int, float)):
total_usage[k] = total_usage.get(k, 0) + v
else:
total_usage[k] = v
for msg in result.get("output", []):
if msg.get("type") == "computer_call":
pending_computer_call_ids.add(msg["call_id"])
elif msg.get("type") == "computer_call_output":
pending_computer_call_ids.discard(msg["call_id"])
# exit if no pending computer calls
if not pending_computer_call_ids:
break
except Exception as e:
logger.error(f"Error running agent: {str(e)}")
logger.error(traceback.format_exc())
error = str(e)
# Build response payload
payload = {
"model": model,
"error": error,
"output": total_output,
"usage": total_usage,
"status": "completed" if not error else "failed",
}
# CORS: allow any origin
headers = {
"Cache-Control": "no-cache",
"Connection": "keep-alive",
}
return JSONResponse(content=payload, headers=headers)
@app.post("/playwright_exec")
async def playwright_exec_endpoint(
request: Request,
container_name: Optional[str] = Header(None, alias="X-Container-Name"),
api_key: Optional[str] = Header(None, alias="X-API-Key"),
):
"""
Execute Playwright browser commands.
Headers:
- X-Container-Name: Container name for cloud authentication
- X-API-Key: API key for cloud authentication
Body:
{
"command": "visit_url|click|type|scroll|web_search",
"params": {...}
}
"""
# Parse request body
try:
body = await request.json()
command = body.get("command")
params = body.get("params", {})
except Exception as e:
raise HTTPException(status_code=400, detail=f"Invalid JSON body: {str(e)}")
if not command:
raise HTTPException(status_code=400, detail="Command is required")
# Check if CONTAINER_NAME is set (indicating cloud provider)
server_container_name = os.environ.get("CONTAINER_NAME")
# If cloud provider, perform authentication
if server_container_name:
logger.info(
f"Cloud provider detected. CONTAINER_NAME: {server_container_name}. Performing authentication..."
)
# Validate required headers
if not container_name:
raise HTTPException(status_code=401, detail="Container name required")
if not api_key:
raise HTTPException(status_code=401, detail="API key required")
# Validate with AuthenticationManager
is_authenticated = await auth_manager.auth(container_name, api_key)
if not is_authenticated:
raise HTTPException(status_code=401, detail="Authentication failed")
# Get browser manager and execute command
try:
browser_manager = get_browser_manager()
result = await browser_manager.execute_command(command, params)
if result.get("success"):
return JSONResponse(content=result)
else:
raise HTTPException(status_code=400, detail=result.get("error", "Command failed"))
except Exception as e:
logger.error(f"Error executing playwright command: {str(e)}")
logger.error(traceback.format_exc())
raise HTTPException(status_code=500, detail=str(e))
if __name__ == "__main__":
uvicorn.run(app, host="0.0.0.0", port=8000)