Implement OAuth2 authentication support for custom LiteLLM providers

- Add OAuth2Config and OAuth2ConfigLoader for litellm_config.json configuration - Add OAuth2TokenManager for token acquisition, caching, and refresh - Extend LLM class to support OAuth2 authentication with custom providers - Add comprehensive tests covering OAuth2 flow and error handling - Add documentation and usage examples - Support Client Credentials OAuth2 flow for server-to-server authentication - Maintain backward compatibility with existing LLM providers Fixes #3114 Co-Authored-By: João <joao@crewai.com>
2026-05-03 08:12:39 +00:00 · 2025-07-07 17:57:40 +00:00
parent a0fcc0c8d1
commit ac1080afd8
7 changed files with 630 additions and 2 deletions
--- a/src/crewai/llms/oauth2_config.py
+++ b/src/crewai/llms/oauth2_config.py
@@ -0,0 +1,38 @@
+from pathlib import Path
+from typing import Dict, List, Optional
+import json
+from pydantic import BaseModel, Field
+
+
+class OAuth2Config(BaseModel):
+    client_id: str = Field(description="OAuth2 client ID")
+    client_secret: str = Field(description="OAuth2 client secret") 
+    token_url: str = Field(description="OAuth2 token endpoint URL")
+    scope: Optional[str] = Field(default=None, description="OAuth2 scope")
+    provider_name: str = Field(description="Custom provider name")
+    refresh_token: Optional[str] = Field(default=None, description="OAuth2 refresh token")
+
+
+class OAuth2ConfigLoader:
+    def __init__(self, config_path: Optional[str] = None):
+        self.config_path = Path(config_path) if config_path else Path("litellm_config.json")
+    
+    def load_config(self) -> Dict[str, OAuth2Config]:
+        """Load OAuth2 configurations from litellm_config.json"""
+        if not self.config_path.exists():
+            return {}
+        
+        try:
+            with open(self.config_path, 'r') as f:
+                data = json.load(f)
+            
+            oauth2_configs = {}
+            for provider_name, config_data in data.get("oauth2_providers", {}).items():
+                oauth2_configs[provider_name] = OAuth2Config(
+                    provider_name=provider_name,
+                    **config_data
+                )
+            
+            return oauth2_configs
+        except (json.JSONDecodeError, KeyError, ValueError) as e:
+            raise ValueError(f"Invalid OAuth2 configuration in {self.config_path}: {e}")