flow_domain/

contract.rs

use serde::{Deserialize, Serialize};

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct NodeConstraints {
    pub max_duration_ms: Option<u64>,
    pub no_credential_access: bool,
    pub no_execution_authority: bool,
    pub no_network_access: bool,
}

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct NodeContract {
    pub kind: String,
    pub type_id: String,
    pub title: String,
    pub description: Option<String>,
    pub input_schema: serde_json::Value,
    pub output_schema: serde_json::Value,
    pub constraints: NodeConstraints,
}

/// Error raised while reading a RAO contract off a node or validating a model
/// output against it (RAO Spec v1.0, docs/rao-spec).
#[derive(Debug, Clone, PartialEq)]
pub enum ContractError {
    /// A contract field on the node is present but not usable.
    InvalidField { field: String, reason: String },
    /// The threshold ordering invariant does not hold.
    InvalidThresholds(String),
    /// The model output does not conform to the expected envelope schema.
    SchemaViolation(String),
}

impl std::fmt::Display for ContractError {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        match self {
            ContractError::InvalidField { field, reason } => {
                write!(f, "invalid contract field `{field}`: {reason}")
            }
            ContractError::InvalidThresholds(reason) => {
                write!(f, "invalid contract thresholds: {reason}")
            }
            ContractError::SchemaViolation(reason) => {
                write!(f, "output violates contract schema: {reason}")
            }
        }
    }
}

impl std::error::Error for ContractError {}

/// How an AI node's reported confidence was produced (RAO node-contract
/// `confidence_type`). Self-reported in-text confidence is `verbalized`;
/// `token_level` derives from token logprobs; `calibrated` is post-processed
/// against a calibration set.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum ConfidenceType {
    Verbalized,
    TokenLevel,
    Calibrated,
}

impl ConfidenceType {
    pub fn parse(s: &str) -> Option<Self> {
        match s {
            "verbalized" => Some(Self::Verbalized),
            "token_level" => Some(Self::TokenLevel),
            "calibrated" => Some(Self::Calibrated),
            _ => None,
        }
    }

    pub fn as_str(&self) -> &'static str {
        match self {
            Self::Verbalized => "verbalized",
            Self::TokenLevel => "token_level",
            Self::Calibrated => "calibrated",
        }
    }
}

/// Where the orchestration engine routes a contract-bound AI output. Decided
/// by [`RoutingThresholds::route`] - never by the model (RAO constraint 5).
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum RouteDecision {
    /// Confidence clears `auto_approve_above`: output flows to the next step.
    AutoApprove,
    /// Confidence sits in the human review band, or the model set `escalate`:
    /// the run pauses at a human approval gate.
    HumanReview,
    /// Confidence is below `suppress_below`: the output is suppressed and the
    /// node fails so the flow's fallback (`.fail`) path runs.
    Suppress,
}

impl RouteDecision {
    pub fn as_str(&self) -> &'static str {
        match self {
            Self::AutoApprove => "auto_approve",
            Self::HumanReview => "human_review",
            Self::Suppress => "suppress",
        }
    }
}

/// RAO routing thresholds. Applied by the orchestration engine to the model's
/// reported confidence; defined on the node contract, never in the prompt.
#[derive(Debug, Clone, Copy, PartialEq, Serialize, Deserialize)]
pub struct RoutingThresholds {
    /// Confidence strictly above this value routes to the next step.
    pub auto_approve_above: f64,
    /// Inclusive `[low, high]` band routed to a human approval gate.
    pub human_review_band: (f64, f64),
    /// Confidence strictly below this value suppresses the output and fails
    /// the node onto its fallback path.
    pub suppress_below: f64,
}

impl Default for RoutingThresholds {
    /// Defaults mirror the RAO spec's reference contract:
    /// suppress < 0.50, review [0.50, 0.85], auto-approve > 0.85.
    fn default() -> Self {
        Self {
            auto_approve_above: 0.85,
            human_review_band: (0.50, 0.85),
            suppress_below: 0.50,
        }
    }
}

impl RoutingThresholds {
    /// Enforce `0 <= suppress_below <= band.low <= band.high <= auto_approve_above <= 1`.
    pub fn validate(&self) -> Result<(), ContractError> {
        let (lo, hi) = self.human_review_band;
        let ordered = 0.0 <= self.suppress_below
            && self.suppress_below <= lo
            && lo <= hi
            && hi <= self.auto_approve_above
            && self.auto_approve_above <= 1.0;
        if !ordered {
            return Err(ContractError::InvalidThresholds(format!(
                "expected 0 <= suppressBelow ({}) <= reviewLow ({lo}) <= reviewHigh ({hi}) \
                 <= autoApproveAbove ({}) <= 1",
                self.suppress_below, self.auto_approve_above
            )));
        }
        Ok(())
    }

    /// Route a reported confidence. `escalate` can only force a human gate -
    /// it can never raise an output past one (RAO checklist 5.4).
    pub fn route(&self, confidence: f64, escalate: bool) -> RouteDecision {
        if confidence < self.suppress_below {
            return RouteDecision::Suppress;
        }
        if escalate {
            return RouteDecision::HumanReview;
        }
        if confidence > self.auto_approve_above {
            return RouteDecision::AutoApprove;
        }
        RouteDecision::HumanReview
    }
}

/// RAO node contract carried by an `ai` node (scalar fields on the node body,
/// so it round-trips through the DSL). Presence of `contract: true` opts the
/// node into contract-bound output: the model must return an
/// [`AiOutputEnvelope`], and the engine validates and routes it.
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct AiNodeContract {
    pub contract_version: String,
    pub thresholds: RoutingThresholds,
    /// When set, the envelope's `confidence_type` must match.
    pub confidence_type: Option<ConfidenceType>,
    /// Inference wall-clock budget; exceeding it fails the node.
    pub max_inference_ms: Option<u64>,
}

impl AiNodeContract {
    /// Read the contract off an AI node's `data`. Returns `Ok(None)` when the
    /// node does not opt in (`contract` absent or false). Field names follow
    /// the node-data camelCase convention.
    pub fn from_node_data(data: &serde_json::Value) -> Result<Option<Self>, ContractError> {
        let enabled = match data.get("contract") {
            None => false,
            Some(serde_json::Value::Bool(b)) => *b,
            Some(serde_json::Value::String(s)) => s == "true",
            Some(other) => {
                return Err(ContractError::InvalidField {
                    field: "contract".into(),
                    reason: format!("expected a boolean, got {other}"),
                })
            }
        };
        if !enabled {
            return Ok(None);
        }

        let defaults = RoutingThresholds::default();
        let thresholds = RoutingThresholds {
            auto_approve_above: read_unit_f64(data, "autoApproveAbove")?
                .unwrap_or(defaults.auto_approve_above),
            human_review_band: (
                read_unit_f64(data, "reviewLow")?.unwrap_or(defaults.human_review_band.0),
                read_unit_f64(data, "reviewHigh")?.unwrap_or(defaults.human_review_band.1),
            ),
            suppress_below: read_unit_f64(data, "suppressBelow")?
                .unwrap_or(defaults.suppress_below),
        };
        thresholds.validate()?;

        let confidence_type = match data.get("confidenceType").and_then(|v| v.as_str()) {
            None => None,
            Some(s) => Some(ConfidenceType::parse(s).ok_or_else(|| {
                ContractError::InvalidField {
                    field: "confidenceType".into(),
                    reason: format!(
                        "expected one of verbalized | token_level | calibrated, got `{s}`"
                    ),
                }
            })?),
        };

        let max_inference_ms = match data.get("maxInferenceMs") {
            None => None,
            Some(v) => Some(v.as_u64().ok_or_else(|| ContractError::InvalidField {
                field: "maxInferenceMs".into(),
                reason: format!("expected a positive integer, got {v}"),
            })?),
        };

        let contract_version = data
            .get("contractVersion")
            .and_then(|v| v.as_str())
            .unwrap_or("1.0.0")
            .to_string();

        Ok(Some(Self {
            contract_version,
            thresholds,
            confidence_type,
            max_inference_ms,
        }))
    }
}

/// Structured output a contract-bound AI node must return (RAO node-contract
/// `expected_output`). Anything outside this schema is a node failure.
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct AiOutputEnvelope {
    pub primary_output: String,
    pub confidence: f64,
    pub confidence_type: ConfidenceType,
    pub escalate: bool,
    #[serde(skip_serializing_if = "Option::is_none")]
    pub reasoning: Option<String>,
}

impl AiOutputEnvelope {
    /// Strictly validate a parsed model output against the envelope schema.
    /// Missing fields, wrong types, or an out-of-range confidence are
    /// [`ContractError::SchemaViolation`]s - failed nodes, not degraded trust.
    pub fn from_value(value: &serde_json::Value) -> Result<Self, ContractError> {
        let obj = value
            .as_object()
            .ok_or_else(|| ContractError::SchemaViolation("output is not a JSON object".into()))?;

        let primary_output = obj
            .get("primary_output")
            .and_then(|v| v.as_str())
            .ok_or_else(|| {
                ContractError::SchemaViolation("missing string field `primary_output`".into())
            })?
            .to_string();

        let confidence = obj.get("confidence").and_then(|v| v.as_f64()).ok_or_else(|| {
            ContractError::SchemaViolation("missing numeric field `confidence`".into())
        })?;
        if !(0.0..=1.0).contains(&confidence) {
            return Err(ContractError::SchemaViolation(format!(
                "confidence {confidence} is outside [0.0, 1.0]"
            )));
        }

        let confidence_type = match obj.get("confidence_type").and_then(|v| v.as_str()) {
            Some(s) => ConfidenceType::parse(s).ok_or_else(|| {
                ContractError::SchemaViolation(format!("unknown confidence_type `{s}`"))
            })?,
            None => {
                return Err(ContractError::SchemaViolation(
                    "missing string field `confidence_type`".into(),
                ))
            }
        };

        let escalate = obj.get("escalate").and_then(|v| v.as_bool()).ok_or_else(|| {
            ContractError::SchemaViolation("missing boolean field `escalate`".into())
        })?;

        let reasoning = match obj.get("reasoning") {
            None | Some(serde_json::Value::Null) => None,
            Some(serde_json::Value::String(s)) => Some(s.clone()),
            Some(other) => {
                return Err(ContractError::SchemaViolation(format!(
                    "`reasoning` must be a string when present, got {other}"
                )))
            }
        };

        Ok(Self {
            primary_output,
            confidence,
            confidence_type,
            escalate,
            reasoning,
        })
    }

    /// JSON Schema for the envelope, used both as a hard `response_schema`
    /// where the provider supports it and inside the system instruction.
    pub fn json_schema() -> serde_json::Value {
        serde_json::json!({
            "type": "object",
            "properties": {
                "primary_output": { "type": "string" },
                "confidence": { "type": "number", "minimum": 0.0, "maximum": 1.0 },
                "confidence_type": {
                    "type": "string",
                    "enum": ["verbalized", "token_level", "calibrated"]
                },
                "escalate": { "type": "boolean" },
                "reasoning": { "type": "string" }
            },
            "required": ["primary_output", "confidence", "confidence_type", "escalate"],
            "additionalProperties": false
        })
    }
}

/// Read an optional node-data number constrained to `[0.0, 1.0]`.
fn read_unit_f64(data: &serde_json::Value, field: &str) -> Result<Option<f64>, ContractError> {
    match data.get(field) {
        None => Ok(None),
        Some(v) => {
            let n = v.as_f64().ok_or_else(|| ContractError::InvalidField {
                field: field.into(),
                reason: format!("expected a number, got {v}"),
            })?;
            if !(0.0..=1.0).contains(&n) {
                return Err(ContractError::InvalidField {
                    field: field.into(),
                    reason: format!("{n} is outside [0.0, 1.0]"),
                });
            }
            Ok(Some(n))
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use serde_json::json;

    #[test]
    fn contract_absent_when_not_opted_in() {
        assert_eq!(AiNodeContract::from_node_data(&json!({})).unwrap(), None);
        assert_eq!(
            AiNodeContract::from_node_data(&json!({ "contract": false })).unwrap(),
            None
        );
    }

    #[test]
    fn contract_defaults_mirror_spec_reference() {
        let c = AiNodeContract::from_node_data(&json!({ "contract": true }))
            .unwrap()
            .unwrap();
        assert_eq!(c.contract_version, "1.0.0");
        assert_eq!(c.thresholds, RoutingThresholds::default());
        assert_eq!(c.confidence_type, None);
    }

    #[test]
    fn contract_reads_custom_thresholds() {
        let c = AiNodeContract::from_node_data(&json!({
            "contract": true,
            "autoApproveAbove": 0.9,
            "reviewLow": 0.6,
            "reviewHigh": 0.9,
            "suppressBelow": 0.4,
            "confidenceType": "verbalized",
            "maxInferenceMs": 8000,
            "contractVersion": "1.1.0"
        }))
        .unwrap()
        .unwrap();
        assert_eq!(c.thresholds.auto_approve_above, 0.9);
        assert_eq!(c.thresholds.human_review_band, (0.6, 0.9));
        assert_eq!(c.thresholds.suppress_below, 0.4);
        assert_eq!(c.confidence_type, Some(ConfidenceType::Verbalized));
        assert_eq!(c.max_inference_ms, Some(8000));
        assert_eq!(c.contract_version, "1.1.0");
    }

    #[test]
    fn contract_rejects_misordered_thresholds() {
        let err = AiNodeContract::from_node_data(&json!({
            "contract": true,
            "suppressBelow": 0.9,
            "reviewLow": 0.5
        }))
        .unwrap_err();
        assert!(matches!(err, ContractError::InvalidThresholds(_)));
    }

    #[test]
    fn contract_rejects_out_of_range_threshold() {
        let err = AiNodeContract::from_node_data(&json!({
            "contract": true,
            "autoApproveAbove": 1.5
        }))
        .unwrap_err();
        assert!(matches!(err, ContractError::InvalidField { .. }));
    }

    #[test]
    fn routing_follows_thresholds() {
        let t = RoutingThresholds::default();
        assert_eq!(t.route(0.95, false), RouteDecision::AutoApprove);
        assert_eq!(t.route(0.85, false), RouteDecision::HumanReview);
        assert_eq!(t.route(0.50, false), RouteDecision::HumanReview);
        assert_eq!(t.route(0.49, false), RouteDecision::Suppress);
    }

    #[test]
    fn escalate_forces_review_but_never_bypasses_suppression() {
        let t = RoutingThresholds::default();
        assert_eq!(t.route(0.95, true), RouteDecision::HumanReview);
        assert_eq!(t.route(0.10, true), RouteDecision::Suppress);
    }

    #[test]
    fn envelope_parses_valid_output() {
        let env = AiOutputEnvelope::from_value(&json!({
            "primary_output": "JCL step 3 failed: dataset not found",
            "confidence": 0.72,
            "confidence_type": "verbalized",
            "escalate": false,
            "reasoning": "IEF212I in the log names the missing DD"
        }))
        .unwrap();
        assert_eq!(env.confidence, 0.72);
        assert_eq!(env.confidence_type, ConfidenceType::Verbalized);
        assert!(!env.escalate);
        assert!(env.reasoning.is_some());
    }

    #[test]
    fn envelope_rejects_missing_or_invalid_fields() {
        for bad in [
            json!("just text"),
            json!({ "confidence": 0.9, "confidence_type": "verbalized", "escalate": false }),
            json!({ "primary_output": "x", "confidence_type": "verbalized", "escalate": false }),
            json!({ "primary_output": "x", "confidence": 1.2, "confidence_type": "verbalized", "escalate": false }),
            json!({ "primary_output": "x", "confidence": 0.9, "confidence_type": "vibes", "escalate": false }),
            json!({ "primary_output": "x", "confidence": 0.9, "confidence_type": "verbalized" }),
        ] {
            assert!(
                AiOutputEnvelope::from_value(&bad).is_err(),
                "expected schema violation for {bad}"
            );
        }
    }
}