g_ui_adk.event_translator:Error translating ADK event: Object of type SecuritySchemeType is not JSON serializable #3288
Description
Bug Description: TypeError: Object of type SecuritySchemeType is not JSON serializable
Context
Copilotkit.ai + ADK
Summary
Two issues are observed when the agent uses an OpenAPIToolset configured for OAuth2:
- An
ERRORoccurs during the event translation of a tool call, specifically aTypeError: Object of type SecuritySchemeType is not JSON serializable. This suggests an attempt to JSON-serialize internal security scheme objects when preparing tool call arguments for the UI. - Following the authorization prompt response, a critical UI error is logged:
CopilotError: Cannot send 'RUN_FINISHED' while tool calls are still active: <tool-call-id>. This indicates a state management issue where the framework believes a previous, long-running tool call is still active, preventing the session from cleanly progressing.
Reproduction Steps
- Environment Setup: Create an agent using the ADK framework.
- Tool Configuration: Configure an
OpenAPIToolsetwith anOAuth2Authcredential.- The
OpenAPIToolsetis initialized with aspec_strcontaining an OAuth2 security scheme and anauth_credentialof typeOAuth2Auth. - The agent's
toolslist includes thisopenapi_toolset. (Seeopenapi_connector_tool.pyandagent.pyin the provided context).
- The
- Initial Conversation: Start a chat session and trigger the agent to call the tool (e.g., by asking to list workbooks). This will be the initial, unauthenticated call.
- User Input 1: "list workbooks for site 'mysite'"
- Observation 1 (Error 1): The agent performs a tool call. After the call, the following Python traceback/log error is observed in the agent logs:
[agent] ERROR:ag_ui_adk.event_translator:Error translating ADK event: Object of type SecuritySchemeType is not JSON serializable [agent] Traceback (most recent call last): ... [agent] TypeError: Object of type SecuritySchemeType is not JSON serializable - User Interface: The UI prompts the user for authorization (a common response when a tool is called but no credentials are yet present for a long-running tool).
- Observation 2 (Error 2): After the authorization flow is complete, the UI logs this error:
[ui] [21:44:05.280] ERROR: Error in action execution argument stream ... [ui] "message": "Cannot send 'RUN_FINISHED' while tool calls are still active: adk-68111be6-b3ba-4ed5-9601-1277e4de4392",
Expected Behavior
- The
ag_ui_adk.event_translatorshould correctly handle the serialization of tool call arguments, even when the underlying tool is anOpenAPIToolsetwith an OAuth2 security scheme, and should not attempt to serialize framework-specific objects likeSecuritySchemeType. - Upon completion of the initial, unauthenticated tool call (which prompts for authorization), the ADK framework should properly close the active tool call so that subsequent events (such as the successful authentication redirect or a second user prompt) can proceed without the "tool calls are still active" error.
Root Cause Suggestion
The ag_ui_adk/event_translator.py logic around line 338 attempts to json.dumps(func_call.args). If func_call.args contains an object from the fastapi.openapi.models module (like SecuritySchemeType which might be inadvertently packaged with the arguments during the initial tool call preparation), it fails serialization.
The second issue suggests a failure in the event lifecycle to correctly register and deregister the initial unauthenticated tool call, which is a required precursor for the OAuth flow. This tool call is registered as "long-running" but never appears to complete cleanly in the agent's state machine.
Relevant Code Snippets (from provided context)
openapi_connector_tool.py (Tool Initialization)
# The error happens when the tool is called and auth is missing
openapi_toolset = OpenAPIToolset(
spec_str=OPENAPI_SPEC_YAML,
spec_str_type="yaml",
#auth_scheme=oauth2_scheme,
auth_credential=oauth2_credential
)Other comments
The same agent works well through "adk web"