feat: add AcpProvider for ACP agent integration

Add Provider implementation that connects to ACP agents (claude-code-acp,
codex-acp) over stdio transport with support for MCP extensions, permissions,
model listing, and model switching.

Signed-off-by: Adrian Cole <adrian@tetrate.io>

Author: codefromthecrypt

Cargo.lock

@@ -16,6 +16,7 @@ string_slice = "warn"
 
 [workspace.dependencies]
 rmcp = { version = "0.15.0", features = ["schemars", "auth"] }
+sacp = "10.1.0"
 anyhow = "1.0"
 async-stream = "0.3"
 async-trait = "0.1"

Cargo.toml

@@ -18,7 +18,7 @@ workspace = true
 goose = { path = "../goose" }
 goose-mcp = { path = "../goose-mcp" }
 rmcp = { workspace = true }
-sacp = "10.1.0"
+sacp = { workspace = true }
 agent-client-protocol-schema = { version = "0.10", features = ["unstable_session_model"] }
 anyhow = { workspace = true }
 tokio = { workspace = true }

crates/goose-acp/Cargo.toml

@@ -59,6 +59,7 @@ pub async fn run_config_mcp<C: Connection>() {
     expected_session_id.assert_matches(&session.session_id().0);
 }
 
+#[allow(dead_code)]
 pub async fn run_initialize_without_provider() {
     let temp_dir = tempfile::tempdir().unwrap();
 
@@ -86,6 +87,7 @@ pub async fn run_initialize_without_provider() {
         .any(|m| &*m.id.0 == "goose-provider"));
 }
 
+#[allow(dead_code)]
 pub async fn run_load_model<C: Connection>() {
     let expected_session_id = ExpectedSessionId::default();
     let openai = OpenAiFixture::new(

crates/goose-acp/tests/common_tests/mod.rs

@@ -265,6 +265,7 @@ pub trait Connection: Sized {
 
     async fn new(config: TestConnectionConfig, openai: OpenAiFixture) -> Self;
     async fn new_session(&mut self) -> (Self::Session, Option<SessionModelState>);
+    #[allow(dead_code)]
     async fn load_session(
         &mut self,
         session_id: &str,
@@ -328,4 +329,5 @@ pub async fn initialize_agent(agent: Arc<GooseAcpAgent>) -> sacp::schema::Initia
         .unwrap()
 }
 
+pub mod provider;
 pub mod server;

crates/goose-acp/tests/fixtures/mod.rs

@@ -0,0 +1,210 @@
+use super::{
+    spawn_acp_server_in_process, Connection, OpenAiFixture, PermissionDecision, Session,
+    TestConnectionConfig, TestOutput,
+};
+use async_trait::async_trait;
+use futures::StreamExt;
+use goose::acp::{AcpProvider, AcpProviderConfig, PermissionMapping};
+use goose::config::PermissionManager;
+use goose::conversation::message::{ActionRequiredData, Message, MessageContent};
+use goose::model::ModelConfig;
+use goose::permission::permission_confirmation::PrincipalType;
+use goose::permission::{Permission, PermissionConfirmation};
+use sacp::schema::{SessionModelState, ToolCallStatus};
+use std::sync::Arc;
+use tokio::sync::Mutex;
+
+#[allow(dead_code)]
+pub struct ClientToProviderConnection {
+    provider: Arc<Mutex<AcpProvider>>,
+    permission_manager: Arc<PermissionManager>,
+    _openai: OpenAiFixture,
+    _temp_dir: Option<tempfile::TempDir>,
+}
+
+#[allow(dead_code)]
+pub struct ClientToProviderSession {
+    provider: Arc<Mutex<AcpProvider>>,
+    session_id: sacp::schema::SessionId,
+    permission: PermissionDecision,
+}
+
+#[async_trait]
+impl Connection for ClientToProviderConnection {
+    type Session = ClientToProviderSession;
+
+    async fn new(config: TestConnectionConfig, openai: OpenAiFixture) -> Self {
+        let (data_root, temp_dir) = match config.data_root.as_os_str().is_empty() {
+            true => {
+                let temp_dir = tempfile::tempdir().unwrap();
+                (temp_dir.path().to_path_buf(), Some(temp_dir))
+            }
+            false => (config.data_root.clone(), None),
+        };
+
+        let goose_mode = config.goose_mode;
+        let mcp_servers = config.mcp_servers;
+
+        let (transport, _handle, permission_manager) = spawn_acp_server_in_process(
+            openai.uri(),
+            &config.builtins,
+            data_root.as_path(),
+            goose_mode,
+            config.provider_factory,
+        )
+        .await;
+
+        let provider_config = AcpProviderConfig {
+            command: "unused".into(),
+            args: vec![],
+            env: vec![],
+            work_dir: data_root,
+            mcp_servers,
+            session_mode_id: None,
+            permission_mapping: PermissionMapping::default(),
+        };
+
+        let provider = AcpProvider::connect_with_transport(
+            "acp-test".to_string(),
+            ModelConfig::new("default").unwrap(),
+            goose_mode,
+            provider_config,
+            transport.incoming,
+            transport.outgoing,
+        )
+        .await
+        .unwrap();
+
+        Self {
+            provider: Arc::new(Mutex::new(provider)),
+            permission_manager,
+            _openai: openai,
+            _temp_dir: temp_dir,
+        }
+    }
+
+    async fn new_session(&mut self) -> (ClientToProviderSession, Option<SessionModelState>) {
+        let (session_id, models) = self
+            .provider
+            .lock()
+            .await
+            .new_session()
+            .await
+            .expect("missing ACP session_id");
+
+        let session = ClientToProviderSession {
+            provider: Arc::clone(&self.provider),
+            session_id,
+            permission: PermissionDecision::Cancel,
+        };
+        (session, models)
+    }
+
+    async fn load_session(
+        &mut self,
+        _session_id: &str,
+    ) -> (ClientToProviderSession, Option<SessionModelState>) {
+        unimplemented!("provider sessions do not support load_session")
+    }
+
+    fn reset_openai(&self) {
+        self._openai.reset();
+    }
+
+    fn reset_permissions(&self) {
+        self.permission_manager.remove_extension("");
+    }
+}
+
+#[async_trait]
+impl Session for ClientToProviderSession {
+    fn session_id(&self) -> &sacp::schema::SessionId {
+        &self.session_id
+    }
+
+    async fn prompt(&mut self, prompt: &str, decision: PermissionDecision) -> TestOutput {
+        self.permission = decision;
+        let message = Message::user().with_text(prompt);
+        let session_id = self.session_id.0.to_string();
+        let provider = self.provider.lock().await;
+        let mut stream = provider
+            .stream(&session_id, "", &[message], &[])
+            .await
+            .unwrap();
+        let mut text = String::new();
+        let mut tool_error = false;
+        let mut saw_tool = false;
+
+        while let Some(item) = stream.next().await {
+            let (msg, _) = item.unwrap();
+            if let Some(msg) = msg {
+                for content in msg.content {
+                    match content {
+                        MessageContent::Text(t) => {
+                            text.push_str(&t.text);
+                        }
+                        MessageContent::ToolResponse(resp) => {
+                            saw_tool = true;
+                            if let Ok(result) = resp.tool_result {
+                                tool_error |= result.is_error.unwrap_or(false);
+                            }
+                        }
+                        MessageContent::ActionRequired(action) => {
+                            if let ActionRequiredData::ToolConfirmation { id, .. } = action.data {
+                                saw_tool = true;
+                                if matches!(
+                                    self.permission,
+                                    PermissionDecision::RejectAlways
+                                        | PermissionDecision::RejectOnce
+                                        | PermissionDecision::Cancel
+                                ) {
+                                    tool_error = true;
+                                }
+
+                                let permission = match self.permission {
+                                    PermissionDecision::AllowAlways => Permission::AlwaysAllow,
+                                    PermissionDecision::AllowOnce => Permission::AllowOnce,
+                                    PermissionDecision::RejectAlways => Permission::AlwaysDeny,
+                                    PermissionDecision::RejectOnce => Permission::DenyOnce,
+                                    PermissionDecision::Cancel => Permission::Cancel,
+                                };
+
+                                let confirmation = PermissionConfirmation {
+                                    principal_type: PrincipalType::Tool,
+                                    permission,
+                                };
+
+                                let handled = provider
+                                    .handle_permission_confirmation(&id, &confirmation)
+                                    .await;
+                                assert!(handled);
+                            }
+                        }
+                        _ => {}
+                    }
+                }
+            }
+        }
+
+        let tool_status = if saw_tool {
+            Some(if tool_error {
+                ToolCallStatus::Failed
+            } else {
+                ToolCallStatus::Completed
+            })
+        } else {
+            None
+        };
+
+        TestOutput { text, tool_status }
+    }
+
+    async fn set_model(&self, model_id: &str) {
+        self.provider
+            .lock()
+            .await
+            .set_model(&self.session_id, model_id)
+            .await
+            .unwrap();
+    }
+}

crates/goose-acp/tests/fixtures/provider.rs

@@ -0,0 +1,57 @@
+#![recursion_limit = "256"]
+
+mod common_tests;
+use common_tests::fixtures::provider::ClientToProviderConnection;
+use common_tests::fixtures::run_test;
+use common_tests::fixtures::server::ClientToAgentConnection;
+use common_tests::{
+    run_config_mcp, run_model_list, run_model_set, run_permission_persistence, run_prompt_basic,
+    run_prompt_codemode, run_prompt_image, run_prompt_mcp,
+};
+
+#[test]
+fn test_provider_prompt_basic() {
+    run_test(async { run_prompt_basic::<ClientToProviderConnection>().await });
+}
+
+#[test]
+fn test_provider_prompt_mcp() {
+    run_test(async { run_prompt_mcp::<ClientToProviderConnection>().await });
+}
+
+#[test]
+fn test_provider_prompt_codemode() {
+    run_test(async { run_prompt_codemode::<ClientToProviderConnection>().await });
+}
+
+#[test]
+fn test_provider_prompt_image() {
+    run_test(async { run_prompt_image::<ClientToProviderConnection>().await });
+}
+
+#[test]
+fn test_provider_config_mcp() {
+    run_test(async { run_config_mcp::<ClientToProviderConnection>().await });
+}
+
+#[test]
+fn test_provider_permission_persistence() {
+    run_test(async { run_permission_persistence::<ClientToProviderConnection>().await });
+}
+
+#[test]
+fn test_provider_model_list() {
+    run_test(async { run_model_list::<ClientToProviderConnection>().await });
+}
+
+#[test]
+fn test_provider_model_set() {
+    run_test(async { run_model_set::<ClientToProviderConnection>().await });
+}
+
+// TODO: run_load_model requires ACP-level session persistence (load_session)
+
+#[test]
+fn test_server_basic_completion_via_provider_suite() {
+    run_test(async { run_prompt_basic::<ClientToAgentConnection>().await });
+}

crates/goose-acp/tests/provider_test.rs

@@ -101,6 +101,7 @@ tempfile = { workspace = true }
 dashmap = "6.1"
 ahash = "0.8"
 tokio-util = { workspace = true, features = ["compat"] }
+sacp = { workspace = true }
 unicode-normalization = "0.1"
 goose-mcp = { path = "../goose-mcp" }