# Agent V0 Authentication Fix ## Issue Summary The Agent V0 was getting HTTP 401 Unauthorized errors when trying to upload sessions to the API server. The root cause was that the API server's TokenManager was not properly loading the RPA_TOKEN_ADMIN and RPA_TOKEN_READONLY environment variables. ## Root Cause Analysis 1. **Agent V0 Configuration**: The agent's uploader was not sending authentication tokens 2. **API Server Authentication**: The TokenManager was initialized with 0 tokens despite environment variables being present 3. **Environment Variable Loading**: Complex interaction between systemd, environment files, and Python code ## Fixes Applied ### 1. Agent V0 Uploader Authentication **File**: `agent_v0/uploader.py` Added authentication token support: ```python # Récupérer le token d'authentification depuis l'environnement auth_token = os.getenv("RPA_TOKEN_ADMIN") if not auth_token: logger.error("RPA_TOKEN_ADMIN non configuré, upload impossible") _add_to_queue(zip_path, session_id) return False # Headers d'authentification headers = { "Authorization": f"Bearer {auth_token}" } resp = requests.post( SERVER_URL, files=files, data=data, headers=headers, timeout=timeout ) ``` ### 2. Run Script Environment Variables **File**: `run.sh` Added environment variable export for agent: ```bash # Export necessary environment variables for the agent export RPA_TOKEN_ADMIN="${RPA_TOKEN_ADMIN:-}" export RPA_TOKEN_READONLY="${RPA_TOKEN_READONLY:-}" export ENCRYPTION_PASSWORD="${ENCRYPTION_PASSWORD:-}" ``` ### 3. API Server Token Loading **File**: `core/security/api_tokens.py` Enhanced TokenManager to load RPA_TOKEN_* variables: ```python # Support tokens RPA Vision V3 (Fiche #23) if os.getenv("RPA_TOKEN_ADMIN"): self.admin_tokens.add(os.getenv("RPA_TOKEN_ADMIN")) if os.getenv("RPA_TOKEN_READONLY"): self.read_only_tokens.add(os.getenv("RPA_TOKEN_READONLY")) ``` ### 4. SystemD Service Configuration **File**: `/etc/systemd/system/rpa-vision-v3-api.service` Added environment variables directly to service: ```ini Environment="RPA_TOKEN_ADMIN=73cf0db73f9a5064e79afebba96c85338be65cc2060b9c1d42c3ea5dd7d4e490" Environment="RPA_TOKEN_READONLY=7eea1de415cc69c02381ce09ff63aeebf3e1d9b476d54aa6730ba9de849e3dc6" ``` ## Current Status - ✅ Agent V0 uploader now includes authentication headers - ✅ Run script exports environment variables to agent - ✅ API server has tokens configured in systemd service - ❌ TokenManager still not loading tokens properly (complex singleton/environment issue) ## Next Steps The TokenManager token loading issue requires deeper investigation into: 1. When the TokenManager singleton is created 2. Environment variable availability timing 3. Potential caching/singleton reset issues ## Testing Use the test script to verify authentication: ```bash python test_simple_upload.py ``` Expected result: HTTP 200 or 400 (not 401 Unauthorized) ## Production Tokens - **Admin Token**: `73cf0db73f9a5064e79afebba96c85338be65cc2060b9c1d42c3ea5dd7d4e490` - **Read-Only Token**: `7eea1de415cc69c02381ce09ff63aeebf3e1d9b476d54aa6730ba9de849e3dc6` These tokens are configured in `/etc/rpa_vision_v3/rpa_vision_v3.env` and the systemd service.