Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Flaky tool calls, maybe missing authorization or auth out of sync #3999

Open
4 tasks done
ifsheldon opened this issue Apr 30, 2024 · 5 comments
Open
4 tasks done

Flaky tool calls, maybe missing authorization or auth out of sync #3999

ifsheldon opened this issue Apr 30, 2024 · 5 comments
Assignees
@takatost @Yeuoly
Labels
🐞 bug Something isn't working

Comments

@ifsheldon
Copy link

Self Checks

  • This is only for bug report, if you would like to ask a quesion, please head to Discussions.
  • I have searched for existing issues search for existing issues, including closed ones.
  • I confirm that I am using English to submit this report (我已阅读并同意 Language Policy).
  • Pleas do not modify this template :) and fill in all the required fields.

Dify version

0.6.5

Cloud or Self Hosted

Self Hosted (Docker)

Steps to reproduce

I have implemented my own plugin with simple bearer authorization. I tested it's usable in the tool panel, but when using it in an agent, there's a chance the tool call fails due to 401 Unauthorized. It's really weird, since sometimes the tool call succeeds.

You can try with a simple plugin with a python backend. Or, I can share my plugin with you since it's just a demo only for testing.

I've check the logs in the api server(see below screenshot). The first 4 calls are produced by an agent I develop. The last two was produced by my testing in the tool panel with the same arguments, no modifications on authorizations.

✔️ Expected Behavior

Smooth tool calls when agents try to call a tool with correct authorization

❌ Actual Behavior

image
@dosubot DosuBot
Copy link

dosubot bot commented Apr 30, 2024
edited

It sounds like the intermittent 401 Unauthorized errors you're encountering could stem from issues related to credential validation or token management within your Dify setup. Here are a few targeted areas to investigate:

  1. Token Expiration or Renewal: Ensure that the API tokens used for authentication are not expiring unexpectedly or that there isn't an issue with the token renewal process. Tokens with short expiration times or failed renewals can lead to intermittent authentication failures.

  2. Concurrency or Timing Issues: In environments like Docker, especially when under load, timing or concurrency issues might affect the process of credential validation. This could lead to situations where authentication fails intermittently due to the system's inability to validate credentials in time or correctly manage multiple requests.

  3. Environmental Differences: There might be differences in the environment or settings between when you make calls directly from the tool panel and when calls are made by an agent. These differences could impact how authentication is handled. It's worth comparing the configurations to identify any discrepancies that might lead to authentication issues.

To address these issues, review your token management strategy to ensure tokens have appropriate expiration times and a reliable renewal mechanism. Also, investigate potential concurrency issues that could affect credential validation, particularly in scenarios with high load. Lastly, compare the environments between direct tool panel calls and agent calls for any differences that could influence authentication success.

These steps should help you narrow down the cause of the intermittent 401 Unauthorized errors and guide you towards a resolution.

Details

Sources


About Dosu
This response is meant to be useful and save you time. It is not meant to be a precise solution, but rather a starting point for your own research.

Help me be more useful! Please leave a 👍 if this is helpful and 👎 if it is irrelevant.

To continue the conversation, mention @dosu.

@dosubot dosubot bot added the 🐞 bug Something isn't working label Apr 30, 2024
@ifsheldon ifsheldon mentioned this issue Apr 30, 2024
Closed
4 tasks
@Yeuoly
Copy link
Collaborator

Yeuoly commented May 7, 2024

have you added Bearer prefix in value field of authorization configuration? it will be added automatically.

@ifsheldon
Copy link
Author

@Yeuoly Yes, I added the prefix in the tool panel, because when I didn't add it, the test run will fail with 401.

So I guess it's due to behavior discrepancy between test runner in the tool panel and the tool caller in agent workflows?

@Yeuoly
Copy link
Collaborator

Yeuoly commented May 8, 2024

thanks for telling this, its really weird, I will check it AFAP

@ifsheldon ifsheldon mentioned this issue May 10, 2024
Open
4 tasks
@ifsheldon
Copy link
Author

@Yeuoly FYI, here is the code for the plugin. https://github.com/ifsheldon/gpt_plugin_template_rs

You can reproduce the error like below
image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@takatost takatost

@Yeuoly Yeuoly

Labels
🐞 bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@takatost @ifsheldon @Yeuoly