feat: add credential management

credentials.go

@@ -0,0 +1,27 @@
+package gptscript
+
+import "time"
+
+type CredentialType string
+
+const (
+	CredentialTypeTool          CredentialType = "tool"
+	CredentialTypeModelProvider CredentialType = "modelProvider"
+)
+
+type Credential struct {
+	Context      string            `json:"context"`
+	ToolName     string            `json:"toolName"`
+	Type         CredentialType    `json:"type"`
+	Env          map[string]string `json:"env"`
+	Ephemeral    bool              `json:"ephemeral,omitempty"`
+	ExpiresAt    *time.Time        `json:"expiresAt"`
+	RefreshToken string            `json:"refreshToken"`
+}
+
+type CredentialRequest struct {
+	Content     string   `json:"content"`
+	AllContexts bool     `json:"allContexts"`
+	Context     []string `json:"context"`
+	Name        string   `json:"name"`
+}

go.mod

@@ -2,15 +2,20 @@ module github.com/gptscript-ai/go-gptscript
 
 go 1.23.0
 
-require github.com/getkin/kin-openapi v0.124.0
+require (
+	github.com/getkin/kin-openapi v0.124.0
+	github.com/stretchr/testify v1.8.4
+)
 
 require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/go-openapi/jsonpointer v0.20.2 // indirect
 	github.com/go-openapi/swag v0.22.8 // indirect
 	github.com/invopop/yaml v0.2.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
 	github.com/perimeterx/marshmallow v1.1.5 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

gptscript.go

@@ -307,6 +307,60 @@ func (g *GPTScript) PromptResponse(ctx context.Context, resp PromptResponse) err
 	return err
 }
 
+func (g *GPTScript) ListCredentials(ctx context.Context, credCtxs []string, allContexts bool) ([]Credential, error) {
+	req := CredentialRequest{}
+	if allContexts {
+		req.AllContexts = true
+	} else {
+		req.Context = credCtxs
+	}
+
+	out, err := g.runBasicCommand(ctx, "credentials", req)
+	if err != nil {
+		return nil, err
+	}
+
+	var creds []Credential
+	if err = json.Unmarshal([]byte(out), &creds); err != nil {
+		return nil, err
+	}
+	return creds, nil
+}
+
+func (g *GPTScript) CreateCredential(ctx context.Context, cred Credential) error {
+	credJSON, err := json.Marshal(cred)
+	if err != nil {
+		return fmt.Errorf("failed to marshal credential: %w", err)
+	}
+
+	_, err = g.runBasicCommand(ctx, "credentials/create", CredentialRequest{Content: string(credJSON)})
+	return err
+}
+
+func (g *GPTScript) RevealCredential(ctx context.Context, credCtxs []string, name string) (Credential, error) {
+	out, err := g.runBasicCommand(ctx, "credentials/reveal", CredentialRequest{
+		Context: credCtxs,
+		Name:    name,
+	})
+	if err != nil {
+		return Credential{}, err
+	}
+
+	var cred Credential
+	if err = json.Unmarshal([]byte(out), &cred); err != nil {
+		return Credential{}, err
+	}
+	return cred, nil
+}
+
+func (g *GPTScript) DeleteCredential(ctx context.Context, credCtx, name string) error {
+	_, err := g.runBasicCommand(ctx, "credentials/delete", CredentialRequest{
+		Context: []string{credCtx}, // Only one context can be specified for delete operations
+		Name:    name,
+	})
+	return err
+}
+
 func (g *GPTScript) runBasicCommand(ctx context.Context, requestPath string, body any) (string, error) {
 	run := &Run{
 		url:          g.url,

gptscript_test.go

@@ -3,13 +3,16 @@ package gptscript
 import (
 	"context"
 	"fmt"
+	"math/rand"
 	"os"
 	"path/filepath"
 	"runtime"
+	"strconv"
 	"strings"
 	"testing"
 
 	"github.com/getkin/kin-openapi/openapi3"
+	"github.com/stretchr/testify/require"
 )
 
 var g *GPTScript
@@ -1448,3 +1451,37 @@ func TestLoadTools(t *testing.T) {
 		t.Errorf("Unexpected name: %s", prg.Name)
 	}
 }
+
+func TestCredentials(t *testing.T) {
+	// We will test in the following order of create, list, reveal, delete.
+	name := "test-" + strconv.Itoa(rand.Int())
+	if len(name) > 20 {
+		name = name[:20]
+	}
+
+	// Create
+	err := g.CreateCredential(context.Background(), Credential{
+		Context:      "testing",
+		ToolName:     name,
+		Type:         CredentialTypeTool,
+		Env:          map[string]string{"ENV": "testing"},
+		RefreshToken: "my-refresh-token",
+	})
+	require.NoError(t, err)
+
+	// List
+	creds, err := g.ListCredentials(context.Background(), []string{"testing"}, false)
+	require.NoError(t, err)
+	require.GreaterOrEqual(t, len(creds), 1)
+
+	// Reveal
+	cred, err := g.RevealCredential(context.Background(), []string{"testing"}, name)
+	require.NoError(t, err)
+	require.Contains(t, cred.Env, "ENV")
+	require.Equal(t, cred.Env["ENV"], "testing")
+	require.Equal(t, cred.RefreshToken, "my-refresh-token")
+
+	// Delete
+	err = g.DeleteCredential(context.Background(), "testing", name)
+	require.NoError(t, err)
+}

run.go

@@ -325,6 +325,15 @@ func (r *Run) request(ctx context.Context, payload any) (err error) {
 
 						done, _ = out["done"].(bool)
 						r.rawOutput = out
+					case []any:
+						b, err := json.Marshal(out)
+						if err != nil {
+							r.state = Error
+							r.err = fmt.Errorf("failed to process stdout: %w", err)
+							return
+						}
+
+						r.output = string(b)
 					default:
 						r.state = Error
 						r.err = fmt.Errorf("failed to process stdout, invalid type: %T", out)