Update environment variables, Docker configuration, and dependencies; refactor token management and chat agent logic. Added FastAPI server setup and improved message handling in GigaChat client.

services/cache_service.py

@@ -12,7 +12,8 @@ class CacheService:
     """Сервис для работы с Redis кэшем."""
 
     def __init__(self, redis_url: Optional[str] = None):
-        self.redis_url = redis_url or "redis://localhost:6379/0"
+        import os
+        self.redis_url = redis_url or os.getenv("REDIS_URL", "redis://localhost:6379/0")
         self._client: Optional[redis.Redis] = None
 
     async def _get_client(self) -> redis.Redis:

services/token_manager.py

@@ -1,9 +1,13 @@
 """Управление токенами GigaChat."""
+import base64
 import os
 import time
+import uuid
 from typing import Optional
+from urllib.parse import urlencode
 
 import aiohttp
+from aiohttp import FormData
 from dotenv import load_dotenv
 
 load_dotenv()
@@ -17,10 +21,13 @@ class TokenManager:
         client_id: Optional[str] = None,
         client_secret: Optional[str] = None,
         auth_url: Optional[str] = None,
+        credentials: Optional[str] = None,
     ):
-        self.client_id = client_id or os.getenv("GIGACHAT_CLIENT_ID")
-        self.client_secret = client_secret or os.getenv("GIGACHAT_CLIENT_SECRET")
-        self.auth_url = auth_url or os.getenv(
+        # Приоритет: переданные параметры > переменные окружения > .env файл
+        self.credentials = credentials or os.environ.get("GIGACHAT_CREDENTIALS") or os.getenv("GIGACHAT_CREDENTIALS")
+        self.client_id = client_id or os.environ.get("GIGACHAT_CLIENT_ID") or os.getenv("GIGACHAT_CLIENT_ID")
+        self.client_secret = client_secret or os.environ.get("GIGACHAT_CLIENT_SECRET") or os.getenv("GIGACHAT_CLIENT_SECRET")
+        self.auth_url = auth_url or os.environ.get("GIGACHAT_AUTH_URL") or os.getenv(
             "GIGACHAT_AUTH_URL", "https://ngw.devices.sberbank.ru:9443/api/v2/oauth"
         )
         self._access_token: Optional[str] = None
@@ -39,24 +46,101 @@ class TokenManager:
         if not force_refresh and self._access_token and time.time() < self._expires_at:
             return self._access_token
 
-        async with aiohttp.ClientSession() as session:
-            auth = aiohttp.BasicAuth(self.client_id, self.client_secret)
-            async with session.post(
-                self.auth_url,
-                auth=auth,
-                data={"scope": "GIGACHAT_API_PERS"},
-            ) as response:
-                if response.status != 200:
-                    error_text = await response.text()
-                    raise Exception(f"Failed to get token: {response.status} - {error_text}")
+        # Определяем, какой вариант используется: готовый ключ или client_id/client_secret
+        if self.credentials:
+            # Используем готовый ключ авторизации (уже закодированный в Base64)
+            # Убираем префикс "Basic " если он есть
+            credentials_key = self.credentials.strip().replace('\n', '').replace('\r', '')
+            if credentials_key.startswith('Basic '):
+                credentials_key = credentials_key[6:]
+            
+            connector = aiohttp.TCPConnector(ssl=False)
+            async with aiohttp.ClientSession(connector=connector) as session:
+                headers = {
+                    "Authorization": f"Basic {credentials_key}",
+                    "Content-Type": "application/x-www-form-urlencoded",
+                    "Accept": "application/json",
+                    "RqUID": str(uuid.uuid4())
+                }
+                
+                form_data = {
+                    "scope": "GIGACHAT_API_PERS"
+                }
+                
+                async with session.post(
+                    self.auth_url,
+                    headers=headers,
+                    data=form_data,
+                ) as response:
+                    if response.status != 200:
+                        error_text = await response.text()
+                        raise Exception(f"Failed to get token: {response.status} - {error_text}")
 
-                data = await response.json()
-                self._access_token = data["access_token"]
-                # Токен обычно действителен 30 минут, обновляем за 5 минут до истечения
-                expires_in = data.get("expires_in", 1800)
-                self._expires_at = time.time() + expires_in - 300
+                    data = await response.json()
+                    self._access_token = data["access_token"]
+                    expires_in = data.get("expires_in", 1800)
+                    self._expires_at = time.time() + expires_in - 300
 
-                return self._access_token
+                    return self._access_token
+        elif self.client_id and self.client_secret:
+            # Очищаем от пробелов и переносов
+            client_secret = self.client_secret.strip().replace('\n', '').replace('\r', '')
+            
+            # Проверяем, является ли client_secret уже закодированным ключом Base64
+            # Если secret начинается с букв/цифр и длиннее 50 символов, это уже ключ авторизации
+            is_already_encoded = len(client_secret) > 50 and all(c.isalnum() or c in '+/=' for c in client_secret)
+            
+            if is_already_encoded:
+                # Это уже готовый ключ авторизации в Base64
+                encoded_credentials = client_secret
+                print(f"DEBUG: Using pre-encoded authorization key (length: {len(encoded_credentials)})")
+            else:
+                # Это настоящий client_id и client_secret, нужно закодировать
+                client_id = self.client_id.strip().replace('\n', '').replace('\r', '')
+                
+                if not client_id or not client_secret:
+                    raise Exception("GIGACHAT_CLIENT_ID and GIGACHAT_CLIENT_SECRET cannot be empty after cleaning")
+                
+                credentials_string = f"{client_id}:{client_secret}"
+                encoded_credentials = base64.b64encode(credentials_string.encode('utf-8')).decode('utf-8')
+                print(f"DEBUG: Encoded client_id:client_secret (length: {len(encoded_credentials)})")
+            
+            connector = aiohttp.TCPConnector(ssl=False)
+            async with aiohttp.ClientSession(connector=connector) as session:
+                headers = {
+                    "Content-Type": "application/x-www-form-urlencoded",
+                    "Accept": "application/json",
+                    "RqUID": str(uuid.uuid4()),
+                    "Authorization": f"Basic {encoded_credentials}"
+                }
+                
+                payload = {"scope": "GIGACHAT_API_PERS"}
+                
+                print(f"DEBUG: Authorization header starts with: Basic {encoded_credentials[:10]}...")
+                
+                async with session.post(
+                    self.auth_url,
+                    headers=headers,
+                    data=payload,
+                ) as response:
+                    if response.status != 200:
+                        error_text = await response.text()
+                        raise Exception(
+                            f"Failed to get token: {response.status} - {error_text}. "
+                            f"URL: {self.auth_url}"
+                        )
+
+                    data = await response.json()
+                    self._access_token = data["access_token"]
+                    expires_in = data.get("expires_in", 1800)
+                    self._expires_at = time.time() + expires_in - 300
+
+                    return self._access_token
+        else:
+            raise Exception(
+                "Either GIGACHAT_CREDENTIALS (ready authorization key) or "
+                "GIGACHAT_CLIENT_ID and GIGACHAT_CLIENT_SECRET must be set"
+            )
 
     def is_token_valid(self) -> bool:
         """Проверить, действителен ли текущий токен."""