rubyn-code 0.2.2 → 0.4.0

data/lib/rubyn_code/agent/tool_processor.rb

@@ -0,0 +1,178 @@
+# frozen_string_literal: true
+
+module RubynCode
+  module Agent
+    # Handles tool definition filtering, permission checks, and execution
+    # for the agent loop.
+    module ToolProcessor # rubocop:disable Metrics/ModuleLength -- tool filtering + permissions + execution + decision signals
+      CORE_TOOLS = %w[read_file write_file edit_file glob grep bash spawn_agent background_run].freeze
+      PLAN_MODE_RISK_LEVELS = %i[read].freeze
+
+      private
+
+      def tool_definitions
+        all_tools = @tool_executor.tool_definitions
+        return all_tools if all_tools.size <= CORE_TOOLS.size
+
+        @discovered_tools ||= Set.new
+
+        # Use DynamicToolSchema to filter based on detected task context
+        context = detect_task_context
+        if context
+          active = DynamicToolSchema.active_tools(task_context: context, discovered_tools: @discovered_tools)
+          return DynamicToolSchema.filter(all_tools, active_names: active)
+        end
+
+        all_tools.select { |t| core_or_discovered?(t) }
+      end
+
+      def detect_task_context # rubocop:disable Metrics/CyclomaticComplexity -- safe navigation chain
+        last_msg = @conversation&.messages&.reverse_each&.find { |m| m[:role] == 'user' } # rubocop:disable Style/SafeNavigationChainLength
+        return nil unless last_msg
+
+        text = last_msg[:content]
+        return nil unless text.is_a?(String)
+
+        DynamicToolSchema.detect_context(text)
+      rescue StandardError
+        nil
+      end
+
+      def core_or_discovered?(tool)
+        name = tool[:name] || tool['name']
+        CORE_TOOLS.include?(name) || @discovered_tools&.include?(name)
+      end
+
+      def discover_tool(name)
+        (@discovered_tools ||= Set.new).add(name)
+      end
+
+      def read_only_tool_definitions
+        Tools::Registry.all.select { |t| PLAN_MODE_RISK_LEVELS.include?(t::RISK_LEVEL) }.map(&:to_schema)
+      end
+
+      # -- tool dispatch with budget + signals
+      def process_tool_calls(tool_calls)
+        aggregate_chars = 0
+        budget = Config::Defaults::MAX_MESSAGE_TOOL_RESULTS_CHARS
+
+        tool_calls.each do |tool_call|
+          result, is_error = run_single_tool(tool_call)
+          aggregate_chars += result.to_s.length
+          result = truncate_tool_result(result, aggregate_chars, budget)
+          notify_tool_result(field(tool_call, :name), result, is_error)
+          record_tool_result(tool_call, result, is_error)
+        end
+        @decision_compactor&.signal_edit_batch_complete!
+      end
+
+      def run_single_tool(tool_call)
+        tool_name  = field(tool_call, :name)
+        tool_input = field(tool_call, :input) || {}
+        decision = Permissions::Policy.check(
+          tool_name: tool_name, tool_input: tool_input, tier: @permission_tier, deny_list: @deny_list
+        )
+        @on_tool_call&.call(tool_name, tool_input) rescue nil # rubocop:disable Style/RescueModifier
+        execute_with_permission(decision, tool_name, tool_input)
+      end
+
+      def truncate_tool_result(result, aggregate_chars, budget)
+        return result unless aggregate_chars > budget
+
+        remaining = [budget - (aggregate_chars - result.to_s.length), 500].max
+        RubynCode::Debug.token("Tool result budget exceeded: #{aggregate_chars}/#{budget} chars")
+        "#{result.to_s[0, remaining]}\n\n[truncated — tool result budget exceeded (#{budget} chars/message)]"
+      end
+
+      def notify_tool_result(tool_name, result, is_error)
+        @on_tool_result&.call(tool_name, result, is_error) rescue nil # rubocop:disable Style/RescueModifier
+      end
+
+      def record_tool_result(tool_call, result, is_error)
+        tool_name = field(tool_call, :name)
+        @stall_detector.record(tool_name, field(tool_call, :input) || {})
+        @conversation.add_tool_result(field(tool_call, :id), tool_name, result, is_error: is_error)
+      end
+
+      def execute_with_permission(decision, tool_name, tool_input)
+        case decision
+        when :deny  then ["Tool '#{tool_name}' is blocked by the deny list.", true]
+        when :ask   then ask_and_execute(tool_name, tool_input)
+        when :allow then execute_tool(tool_name, tool_input)
+        else ["Unknown permission decision: #{decision}", true]
+        end
+      end
+
+      def ask_and_execute(tool_name, tool_input)
+        if prompt_user(tool_name,
+                       tool_input)
+          execute_tool(tool_name,
+                       tool_input)
+        else
+          ["User denied permission for '#{tool_name}'.", true]
+        end
+      end
+
+      def execute_tool(tool_name, tool_input)
+        discover_tool(tool_name)
+        @hook_runner.fire(:pre_tool_use, tool_name: tool_name, tool_input: tool_input)
+        result = dispatch_tool(tool_name, tool_input)
+        @hook_runner.fire(:post_tool_use, tool_name: tool_name, tool_input: tool_input, result: result)
+        signal_decision_compactor(tool_name, tool_input, result)
+        [result.to_s, false]
+      rescue RubynCode::UserDeniedError => e
+        # User refused this call via the IDE. Surface as is_error so the model
+        # knows the tool did not run, not that it ran and returned text.
+        [e.message, true]
+      rescue StandardError => e
+        ["Error executing #{tool_name}: #{e.message}", true]
+      end
+
+      # Run the tool through @tool_wrapper if one is configured (IDE mode),
+      # otherwise call the executor directly. The wrapper receives the raw
+      # tool name/input so it can emit protocol notifications and gate the
+      # call; the block below is what actually performs the work.
+      def dispatch_tool(tool_name, tool_input)
+        if @tool_wrapper
+          @tool_wrapper.call(tool_name, tool_input) do
+            @tool_executor.execute(tool_name, symbolize_keys(tool_input))
+          end
+        else
+          @tool_executor.execute(tool_name, symbolize_keys(tool_input))
+        end
+      end
+
+      def signal_decision_compactor(tool_name, tool_input, result) # rubocop:disable Metrics/CyclomaticComplexity -- tool dispatch
+        return unless @decision_compactor
+
+        case tool_name
+        when 'edit_file', 'write_file'
+          path = tool_input[:path] || tool_input['path']
+          @decision_compactor.signal_file_edited!(path) if path
+        when 'run_specs'
+          @decision_compactor.signal_specs_passed! if result.to_s.include?('0 failures')
+        end
+      rescue StandardError
+        nil
+      end
+
+      def prompt_user(tool_name, tool_input)
+        risk = resolve_tool_risk(tool_name)
+        if risk == :destructive
+          Permissions::Prompter.confirm_destructive(tool_name,
+                                                    tool_input)
+        else
+          Permissions::Prompter.confirm(
+            tool_name, tool_input
+          )
+        end
+      end
+
+      def resolve_tool_risk(tool_name)
+        Tools::Registry.get(tool_name).risk_level
+      rescue ToolNotFoundError
+        :unknown
+      end
+    end
+  end
+end

data/lib/rubyn_code/agent/usage_tracker.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+module RubynCode
+  module Agent
+    # Tracks token usage and task budgets from LLM responses.
+    # Extracted from ResponseParser to keep module size manageable.
+    module UsageTracker
+      TASK_BUDGET_TOTAL = 100_000 # tokens per user message
+
+      private
+
+      def track_usage(response)
+        usage = extract_usage(response)
+        return unless usage
+
+        log_usage(usage)
+        @context_manager.track_usage(usage)
+      rescue NoMethodError
+        # context_manager does not implement track_usage yet
+      end
+
+      def extract_usage(response)
+        if response.respond_to?(:usage)
+          response.usage
+        elsif response.is_a?(Hash)
+          response[:usage] || response['usage']
+        end
+      end
+
+      def log_usage(usage)
+        input_tokens  = usage.respond_to?(:input_tokens) ? usage.input_tokens : usage[:input_tokens]
+        output_tokens = usage.respond_to?(:output_tokens) ? usage.output_tokens : usage[:output_tokens]
+        cache_info    = build_cache_info(usage)
+        RubynCode::Debug.token("in=#{input_tokens} out=#{output_tokens}#{cache_info}")
+      end
+
+      def build_cache_info(usage)
+        cache_create = usage.respond_to?(:cache_creation_input_tokens) ? usage.cache_creation_input_tokens.to_i : 0
+        cache_read   = usage.respond_to?(:cache_read_input_tokens) ? usage.cache_read_input_tokens.to_i : 0
+        return '' unless cache_create.positive? || cache_read.positive?
+
+        " cache_create=#{cache_create} cache_read=#{cache_read}"
+      end
+
+      def update_task_budget(response)
+        usage = response.respond_to?(:usage) ? response.usage : nil
+        return unless usage
+
+        output = usage.respond_to?(:output_tokens) ? usage.output_tokens.to_i : 0
+        input  = usage.respond_to?(:input_tokens) ? usage.input_tokens.to_i : 0
+
+        @task_budget_remaining ||= TASK_BUDGET_TOTAL
+        @task_budget_remaining = [@task_budget_remaining - input - output, 0].max
+
+        RubynCode::Debug.token("task_budget_remaining=#{@task_budget_remaining}/#{TASK_BUDGET_TOTAL}")
+      end
+    end
+  end
+end

data/lib/rubyn_code/auth/key_encryption.rb

@@ -0,0 +1,118 @@
+# frozen_string_literal: true
+
+require 'openssl'
+require 'base64'
+require 'securerandom'
+require 'etc'
+require 'socket'
+
+module RubynCode
+  module Auth
+    # Encrypts and decrypts provider API keys at rest using AES-256-GCM.
+    #
+    # The encryption key is derived via PBKDF2 from machine-specific identifiers
+    # (username, hostname, home directory) combined with a random salt stored in
+    # ~/.rubyn-code/.encryption_salt. This means keys are only decryptable on the
+    # same machine by the same user.
+    #
+    # Encrypted values are prefixed with "enc:v1:" so plaintext values from older
+    # versions are transparently migrated on first read.
+    module KeyEncryption
+      CIPHER = 'aes-256-gcm'
+      PREFIX = 'enc:v1:'
+      IV_LENGTH = 12
+      TAG_LENGTH = 16
+      PBKDF2_ITERATIONS = 100_000
+      KEY_LENGTH = 32
+      SALT_LENGTH = 32
+
+      class << self
+        def encrypt(plaintext)
+          return nil unless plaintext
+
+          cipher = OpenSSL::Cipher.new(CIPHER).encrypt
+          key = derive_key
+          cipher.key = key
+          iv = cipher.random_iv
+
+          ciphertext = cipher.update(plaintext) + cipher.final
+          tag = cipher.auth_tag(TAG_LENGTH)
+
+          encoded = Base64.strict_encode64(iv + ciphertext + tag)
+          "#{PREFIX}#{encoded}"
+        end
+
+        def decrypt(value)
+          return nil unless value
+          return value unless encrypted?(value)
+
+          raw = Base64.strict_decode64(value.delete_prefix(PREFIX))
+          decrypt_raw(raw)
+        rescue OpenSSL::Cipher::CipherError, ArgumentError
+          nil
+        end
+
+        def encrypted?(value)
+          value.is_a?(String) && value.start_with?(PREFIX)
+        end
+
+        private
+
+        def decrypt_raw(raw)
+          iv = raw[0, IV_LENGTH]
+          tag = raw[-TAG_LENGTH, TAG_LENGTH]
+          ciphertext = raw[IV_LENGTH...-TAG_LENGTH]
+
+          cipher = OpenSSL::Cipher.new(CIPHER).decrypt
+          cipher.key = derive_key
+          cipher.iv = iv
+          cipher.auth_tag = tag
+          (cipher.update(ciphertext) + cipher.final).force_encoding('UTF-8')
+        end
+
+        def derive_key
+          OpenSSL::KDF.pbkdf2_hmac(
+            machine_identity,
+            salt: load_or_create_salt,
+            iterations: PBKDF2_ITERATIONS,
+            length: KEY_LENGTH,
+            hash: 'SHA256'
+          )
+        end
+
+        def machine_identity
+          # Use the real UID's login name rather than Etc.getlogin. Etc.getlogin
+          # reads the controlling tty's owner and can return "root" when the tty
+          # is root-owned (common after `sudo`, and in some VSCode integrated
+          # terminal setups) — even though the process itself is running as the
+          # real user. That mismatch derives a different AES key on decrypt vs.
+          # encrypt and the AEAD tag check fails, which surfaces as a misleading
+          # "No <provider> API key configured" error.
+          user = begin
+            Etc.getpwuid(Process.uid).name
+          rescue StandardError
+            ENV['USER'] || Etc.getlogin || 'unknown'
+          end
+          [user, Socket.gethostname, Dir.home].join(':')
+        end
+
+        def load_or_create_salt
+          path = salt_path
+          if File.exist?(path)
+            File.binread(path)
+          else
+            salt = SecureRandom.random_bytes(SALT_LENGTH)
+            FileUtils.mkdir_p(File.dirname(path), mode: 0o700)
+            File.binwrite(path, salt)
+            File.chmod(0o600, path)
+            salt
+          end
+        end
+
+        def salt_path
+          File.join(Config::Defaults::HOME_DIR, '.encryption_salt')
+        end
+      end
+    end
+  end
+end

data/lib/rubyn_code/auth/oauth.rb

@@ -25,25 +25,11 @@ module RubynCode
         code_challenge = derive_code_challenge(code_verifier)
         state = SecureRandom.hex(24)
 
-        auth_url = build_authorization_url(code_challenge:, state:)
-
-        callback_server = Server.new
-        open_browser(auth_url)
-
-        result = callback_server.wait_for_callback(timeout: 120)
-
-        unless secure_compare(result[:state], state)
-          raise StateMismatchError, 'OAuth state parameter mismatch — possible CSRF attack'
-        end
+        result = perform_browser_auth(code_challenge, state)
+        validate_state!(result[:state], state)
 
         tokens = exchange_code(code: result[:code], code_verifier:)
-
-        TokenStore.save(
-          access_token: tokens[:access_token],
-          refresh_token: tokens[:refresh_token],
-          expires_at: Time.now + tokens[:expires_in].to_i
-        )
-
+        persist_tokens(tokens)
         tokens
       end
 
@@ -51,35 +37,13 @@ module RubynCode
         stored = TokenStore.load
         raise RefreshError, 'No stored refresh token available' unless stored&.dig(:refresh_token)
 
-        response = http_client.post(token_url) do |req|
-          req.headers['Content-Type'] = 'application/x-www-form-urlencoded'
-          req.body = URI.encode_www_form(
-            grant_type: 'refresh_token',
-            client_id: client_id,
-            refresh_token: stored[:refresh_token]
-          )
-        end
-
-        unless response.success?
-          body = parse_json(response.body)
-          error_msg = body&.dig('error_description') || body&.dig('error') || response.body
-          raise RefreshError, "Token refresh failed (#{response.status}): #{error_msg}"
-        end
+        response = post_refresh_request(stored[:refresh_token])
+        raise_refresh_error(response) unless response.success?
 
         body = parse_json(response.body)
         raise RefreshError, 'Invalid response from token endpoint' unless body
 
-        TokenStore.save(
-          access_token: body['access_token'],
-          refresh_token: body['refresh_token'] || stored[:refresh_token],
-          expires_at: Time.now + body['expires_in'].to_i
-        )
-
-        {
-          access_token: body['access_token'],
-          refresh_token: body['refresh_token'] || stored[:refresh_token],
-          expires_in: body['expires_in']
-        }
+        save_refreshed_tokens(body, stored)
       end
 
       private
@@ -108,40 +72,92 @@ module RubynCode
       end
 
       def exchange_code(code:, code_verifier:)
-        response = http_client.post(token_url) do |req|
+        response = post_code_exchange(code, code_verifier)
+        raise_exchange_error(response) unless response.success?
+
+        body = parse_json(response.body)
+        raise TokenExchangeError, 'Invalid response from token endpoint' unless body
+
+        { access_token: body['access_token'], refresh_token: body['refresh_token'], expires_in: body['expires_in'] }
+      end
+
+      def post_code_exchange(code, code_verifier)
+        http_client.post(token_url) do |req|
           req.headers['Content-Type'] = 'application/x-www-form-urlencoded'
           req.body = URI.encode_www_form(
-            grant_type: 'authorization_code',
-            client_id: client_id,
-            code: code,
-            redirect_uri: redirect_uri,
-            code_verifier: code_verifier
+            grant_type: 'authorization_code', client_id: client_id,
+            code: code, redirect_uri: redirect_uri, code_verifier: code_verifier
           )
         end
+      end
+
+      def raise_exchange_error(response)
+        body = parse_json(response.body)
+        error_msg = body&.dig('error_description') || body&.dig('error') || response.body
+        raise TokenExchangeError, "Code exchange failed (#{response.status}): #{error_msg}"
+      end
+
+      def perform_browser_auth(code_challenge, state)
+        auth_url = build_authorization_url(code_challenge:, state:)
+        callback_server = Server.new
+        open_browser(auth_url)
+        callback_server.wait_for_callback(timeout: 120)
+      end
+
+      def validate_state!(received, expected)
+        return if secure_compare(received, expected)
+
+        raise StateMismatchError, 'OAuth state parameter mismatch — possible CSRF attack'
+      end
 
-        unless response.success?
-          body = parse_json(response.body)
-          error_msg = body&.dig('error_description') || body&.dig('error') || response.body
-          raise TokenExchangeError, "Code exchange failed (#{response.status}): #{error_msg}"
+      def persist_tokens(tokens)
+        TokenStore.save(
+          access_token: tokens[:access_token],
+          refresh_token: tokens[:refresh_token],
+          expires_at: Time.now + tokens[:expires_in].to_i
+        )
+      end
+
+      def post_refresh_request(refresh_token)
+        http_client.post(token_url) do |req|
+          req.headers['Content-Type'] = 'application/x-www-form-urlencoded'
+          req.body = URI.encode_www_form(
+            grant_type: 'refresh_token',
+            client_id: client_id,
+            refresh_token: refresh_token
+          )
         end
+      end
 
+      def raise_refresh_error(response)
         body = parse_json(response.body)
-        raise TokenExchangeError, 'Invalid response from token endpoint' unless body
+        error_msg = body&.dig('error_description') || body&.dig('error') || response.body
+        raise RefreshError, "Token refresh failed (#{response.status}): #{error_msg}"
+      end
+
+      def save_refreshed_tokens(body, stored)
+        effective_refresh = body['refresh_token'] || stored[:refresh_token]
+
+        TokenStore.save(
+          access_token: body['access_token'],
+          refresh_token: effective_refresh,
+          expires_at: Time.now + body['expires_in'].to_i
+        )
 
         {
           access_token: body['access_token'],
-          refresh_token: body['refresh_token'],
+          refresh_token: effective_refresh,
           expires_in: body['expires_in']
         }
       end
 
       def open_browser(url)
         launcher = case RUBY_PLATFORM
-                   when /darwin/  then 'open'
-                   when /linux/   then 'xdg-open'
-                   when /mingw|mswin/ then 'start'
-                   else 'xdg-open'
+                   when /darwin/       then 'open'
+                   when /linux/        then 'xdg-open'
+                   when /mingw|mswin/  then 'start'
                    end
+        launcher ||= 'xdg-open'
 
         system(launcher, url, exception: false)
       end
@@ -160,13 +176,13 @@ module RubynCode
         nil
       end
 
-      def secure_compare(a, b)
-        return false if a.nil? || b.nil?
-        return false unless a.bytesize == b.bytesize
+      def secure_compare(left, right) # rubocop:disable Naming/PredicateMethod -- constant-time comparison, not a predicate
+        return false if left.nil? || right.nil?
+        return false unless left.bytesize == right.bytesize
 
-        l = a.unpack('C*')
-        r = b.unpack('C*')
-        l.zip(r).reduce(0) { |acc, (x, y)| acc | (x ^ y) }.zero?
+        left_bytes = left.unpack('C*')
+        right_bytes = right.unpack('C*')
+        left_bytes.zip(right_bytes).reduce(0) { |acc, (lhs, rhs)| acc | (lhs ^ rhs) }.zero?
       end
 
       def client_id     = Config::Defaults::OAUTH_CLIENT_ID

data/lib/rubyn_code/auth/server.rb

@@ -56,35 +56,32 @@ module RubynCode
 
       def handle_callback(req, res, server)
         params = parse_query(req.query_string)
-        code = params['code']
-        state = params['state']
-
-        if code
-          @mutex.synchronize do
-            @result = { code: code, state: state }
-            @condvar.signal
-          end
-
-          res.status = 200
-          res.content_type = 'text/html; charset=utf-8'
-          res.body = success_html
+
+        if params['code']
+          handle_success_callback(params, res)
         else
-          error = params['error'] || 'unknown'
-          description = params['error_description'] || 'No authorization code received'
+          handle_error_callback(params, res)
+        end
 
-          res.status = 400
-          res.content_type = 'text/html; charset=utf-8'
-          res.body = error_html(error, description)
+        Thread.new { sleep(0.5) && server.shutdown }
+      end
 
-          @mutex.synchronize do
-            @condvar.signal
-          end
+      def handle_success_callback(params, res)
+        @mutex.synchronize do
+          @result = { code: params['code'], state: params['state'] }
+          @condvar.signal
         end
+        res.status = 200
+        res.content_type = 'text/html; charset=utf-8'
+        res.body = success_html
+      end
 
-        Thread.new do
-          sleep(0.5)
-          server.shutdown
-        end
+      def handle_error_callback(params, res)
+        res.status = 400
+        res.content_type = 'text/html; charset=utf-8'
+        res.body = error_html(params['error'] || 'unknown',
+                              params['error_description'] || 'No authorization code received')
+        @mutex.synchronize { @condvar.signal }
       end
 
       def parse_query(query_string)