Skip to content

Files Plugin: OBO Gateway + Dev Playground#139

Open
atilafassina wants to merge 10 commits intoplugin/filesfrom
plugin/files-obo-gateway
Open

Files Plugin: OBO Gateway + Dev Playground#139
atilafassina wants to merge 10 commits intoplugin/filesfrom
plugin/files-obo-gateway

Conversation

@atilafassina
Copy link

@atilafassina atilafassina commented Feb 26, 2026
edited
Loading

This PR implements an OBO Gateway and prevents the Files Plugin from using the Service Principal in production.

  • Adds a gateway in Files Plugin injectRoutes()
  • Injects user context on every handler
  • Throws a 401 when user token isn't found
  • Adds resolveUserContext(req) to Plugin
  • Updates docs and tests accordingly
  • Fixes upload URL
  • Bubbles up token and scope errors to the user with 403
  • Other errors are 401

dev playground

  • Adds a Files route to dev-playground
  • Updates app.yml to setup UC resource
files-api-playground.mp4

atilafassina and others added 6 commits February 26, 2026 10:53
@atilafassina
feat: create gateway and inject user context to every handler
5aac8b6
@atilafassina
docs: update API references
a6b8182
@atilafassina
fix: register volume in app.yml for dev-playground
ac2bac3
@atilafassina
docs: update Class Plugin
7a2184c
@atilafassina @claude
chore: add files route and UI to dev-playground (#114)
eaf5cb1 
* chore: add files route and UI to dev-playground

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: Atila Fassina <atila@fassina.eu>

* docs: regen

---------

Signed-off-by: Atila Fassina <atila@fassina.eu>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
@atilafassina
fix: url path when uploading files + error handling/logging
b01ef61
@atilafassina atilafassina marked this pull request as ready for review February 26, 2026 15:03
Copilot AI review requested due to automatic review settings February 26, 2026 15:03
Copilot AI reviewed Feb 26, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR introduces an OBO (on-behalf-of) gateway for the Files plugin so that all Files routes run under user context when a user token is present, and production requests without a user token are rejected. It also adjusts error propagation for auth-related SDK errors, fixes Files upload URL construction, and adds a dev-playground file browser route.

Changes:

  • Add router-level middleware in Files plugin to establish user context via resolveUserContext(req) + runInUserContext() for all downstream handlers.
  • Add resolveUserContext(req) to the base Plugin, and allow execute() to rethrow ApiError 401/403 so handlers can return those statuses.
  • Fix FilesConnector upload URL host normalization and add dev-playground UI/routes for browsing files.

Reviewed changes

Copilot reviewed 11 out of 11 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
packages/appkit/src/plugins/files/tests/plugin.test.ts Updates router mock to include use() for new gateway middleware registration.
packages/appkit/src/plugins/files/plugin.ts Adds OBO gateway middleware and refactors handlers to rely on context + bubble 401/403 ApiErrors.
packages/appkit/src/plugin/plugin.ts Adds resolveUserContext() and changes execute() to rethrow ApiError 401/403.
packages/appkit/src/connectors/files/client.ts Normalizes host to include scheme when building REST upload URL.
docs/docs/plugins.md Documents OBO gateway and new user-context resolution approach.
docs/docs/api/appkit/Class.Plugin.md Adds API docs for resolveUserContext() and updates asUser() throws section.
apps/dev-playground/client/src/routes/index.tsx Adds “File Browser” card to the dev-playground index.
apps/dev-playground/client/src/routes/files.route.tsx New file browser route UI backed by /api/files/* endpoints.
apps/dev-playground/client/src/routes/__root.tsx Adds a nav link to the new Files route.
apps/dev-playground/client/src/routeTree.gen.ts Updates generated route tree to include /files.
apps/dev-playground/app.yaml Adds DATABRICKS_DEFAULT_VOLUME env binding for the dev-playground.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@atilafassina atilafassina changed the title feat: create gateway and inject user context to every handler Files Plugin: OBO Gateway + Dev Playground Feb 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@atilafassina