@adversity/coding-tool-x 3.1.0 → 3.1.2

package/src/server/api/oauth.js

@@ -1,294 +0,0 @@
-'use strict';
-
-const express = require('express');
-const router = express.Router();
-const { OAUTH_PROVIDERS, getProviderConfig } = require('../config/oauth-providers');
-const {
-  startFlow,
-  getPendingFlow,
-  completeFlow,
-  failFlow,
-  cancelFlow,
-  exchangeCodeForToken,
-  refreshToken
-} = require('../services/oauth-service');
-const {
-  startCallbackServer,
-  stopCallbackServer,
-  isServerRunning
-} = require('../services/oauth-callback-server');
-const {
-  getAllTokens,
-  getToken,
-  saveToken,
-  updateToken,
-  deleteToken
-} = require('../services/oauth-token-storage');
-
-// Track callback servers by state
-const stateToPort = new Map();
-
-// GET /api/oauth/providers - List available OAuth providers
-router.get('/providers', (req, res) => {
-  try {
-    const providers = Object.entries(OAUTH_PROVIDERS).map(([id, config]) => ({
-      id,
-      name: config.name,
-      scopes: config.scopes
-    }));
-    res.json({ providers });
-  } catch (error) {
-    console.error('Error fetching OAuth providers:', error);
-    res.status(500).json({ error: error.message });
-  }
-});
-
-// POST /api/oauth/start - Start OAuth flow
-router.post('/start', async (req, res) => {
-  try {
-    const { provider, channelId, mode = 'browser' } = req.body;
-
-    if (!provider) {
-      return res.status(400).json({ error: 'Missing required field: provider' });
-    }
-
-    // Validate provider
-    if (!OAUTH_PROVIDERS[provider]) {
-      return res.status(400).json({ error: `Unknown provider: ${provider}` });
-    }
-
-    const providerConfig = getProviderConfig(provider);
-    const { state, authUrl } = startFlow(provider, channelId);
-    const callbackPort = providerConfig.callbackPort;
-    const callbackPath = providerConfig.callbackPath;
-
-    // Track state -> port mapping
-    stateToPort.set(state, callbackPort);
-
-    // Start callback server
-    await startCallbackServer(callbackPort, callbackPath, async (callbackData) => {
-      const { code, state: cbState, error, errorDescription } = callbackData;
-
-      if (error) {
-        failFlow(cbState, `${error}: ${errorDescription || 'Unknown error'}`);
-        return;
-      }
-
-      if (!code) {
-        failFlow(cbState, 'No authorization code received');
-        return;
-      }
-
-      // Get pending flow to retrieve code verifier
-      const flow = getPendingFlow(cbState);
-      if (!flow) {
-        console.error('OAuth callback received for unknown state:', cbState);
-        return;
-      }
-
-      try {
-        // Exchange code for token
-        const tokenResult = await exchangeCodeForToken(
-          flow.provider,
-          code,
-          flow.codeVerifier
-        );
-
-        // Calculate expiry time
-        const now = Date.now();
-        const expiresAt = tokenResult.expiresIn
-          ? now + (tokenResult.expiresIn * 1000)
-          : null;
-
-        // Save token
-        const savedToken = saveToken({
-          provider: flow.provider,
-          channelId: flow.channelId,
-          accessToken: tokenResult.accessToken,
-          refreshToken: tokenResult.refreshToken,
-          idToken: tokenResult.idToken,
-          expiresAt,
-          scope: tokenResult.scope
-        });
-
-        // Mark flow as completed
-        completeFlow(cbState, savedToken.id);
-        console.log(`OAuth flow completed for provider: ${flow.provider}, tokenId: ${savedToken.id}`);
-      } catch (err) {
-        console.error('Error exchanging code for token:', err);
-        failFlow(cbState, err.message);
-      }
-    });
-
-    // Open browser if mode is 'browser'
-    if (mode === 'browser') {
-      try {
-        const open = require('open');
-        await open(authUrl);
-      } catch (err) {
-        console.error('Failed to open browser:', err);
-        // Don't fail the request, user can still open URL manually
-      }
-    }
-
-    res.json({
-      success: true,
-      stateId: state,
-      authUrl,
-      callbackPort
-    });
-  } catch (error) {
-    console.error('Error starting OAuth flow:', error);
-    res.status(500).json({ error: error.message });
-  }
-});
-
-// GET /api/oauth/status/:stateId - Get OAuth flow status
-router.get('/status/:stateId', (req, res) => {
-  try {
-    const { stateId } = req.params;
-    const flow = getPendingFlow(stateId);
-
-    if (!flow) {
-      return res.status(404).json({
-        status: 'not_found',
-        error: 'OAuth flow not found or expired'
-      });
-    }
-
-    const response = {
-      status: flow.status
-    };
-
-    if (flow.status === 'completed' && flow.tokenId) {
-      response.tokenId = flow.tokenId;
-    }
-
-    if (flow.status === 'failed' && flow.error) {
-      response.error = flow.error;
-    }
-
-    res.json(response);
-  } catch (error) {
-    console.error('Error fetching OAuth status:', error);
-    res.status(500).json({ error: error.message });
-  }
-});
-
-// POST /api/oauth/cancel/:stateId - Cancel OAuth flow
-router.post('/cancel/:stateId', (req, res) => {
-  try {
-    const { stateId } = req.params;
-
-    // Get port for this state
-    const port = stateToPort.get(stateId);
-
-    // Stop callback server if running
-    if (port && isServerRunning(port)) {
-      stopCallbackServer(port);
-    }
-
-    // Cancel the flow
-    cancelFlow(stateId);
-
-    // Clean up state -> port mapping
-    stateToPort.delete(stateId);
-
-    res.json({ success: true });
-  } catch (error) {
-    console.error('Error cancelling OAuth flow:', error);
-    res.status(500).json({ error: error.message });
-  }
-});
-
-// GET /api/oauth/tokens - List all tokens (masked)
-router.get('/tokens', (req, res) => {
-  try {
-    const tokens = getAllTokens();
-    res.json({ tokens });
-  } catch (error) {
-    console.error('Error fetching OAuth tokens:', error);
-    res.status(500).json({ error: error.message });
-  }
-});
-
-// GET /api/oauth/tokens/:tokenId - Get single token (masked)
-router.get('/tokens/:tokenId', (req, res) => {
-  try {
-    const token = getToken(req.params.tokenId);
-    if (!token) {
-      return res.status(404).json({ error: 'Token not found' });
-    }
-    // Return masked token info
-    const masked = {
-      ...token,
-      accessToken: token.accessToken ? token.accessToken.substring(0, 8) + '...' : null,
-      refreshToken: token.refreshToken ? token.refreshToken.substring(0, 8) + '...' : null
-    };
-    res.json(masked);
-  } catch (error) {
-    console.error('Error fetching OAuth token:', error);
-    res.status(500).json({ error: error.message });
-  }
-});
-
-// DELETE /api/oauth/tokens/:tokenId - Delete a token
-router.delete('/tokens/:tokenId', (req, res) => {
-  try {
-    const { tokenId } = req.params;
-    const result = deleteToken(tokenId);
-    res.json(result);
-  } catch (error) {
-    if (error.message === 'Token not found') {
-      return res.status(404).json({ error: 'Token not found' });
-    }
-    console.error('Error deleting OAuth token:', error);
-    res.status(500).json({ error: error.message });
-  }
-});
-
-// POST /api/oauth/refresh/:tokenId - Refresh a token
-router.post('/refresh/:tokenId', async (req, res) => {
-  try {
-    const { tokenId } = req.params;
-    const token = getToken(tokenId);
-
-    if (!token) {
-      return res.status(404).json({ error: 'Token not found' });
-    }
-
-    if (!token.refreshToken) {
-      return res.status(400).json({ error: 'Token does not have a refresh token' });
-    }
-
-    // Refresh the token
-    const refreshResult = await refreshToken(token.provider, token.refreshToken);
-
-    // Calculate new expiry time
-    const now = Date.now();
-    const expiresAt = refreshResult.expiresIn
-      ? now + (refreshResult.expiresIn * 1000)
-      : null;
-
-    // Update token in storage
-    const updatedToken = updateToken(tokenId, {
-      accessToken: refreshResult.accessToken,
-      refreshToken: refreshResult.refreshToken || token.refreshToken,
-      expiresAt,
-      scope: refreshResult.scope || token.scope
-    });
-
-    res.json({
-      success: true,
-      expiresAt: updatedToken.expiresAt
-    });
-  } catch (error) {
-    if (error.message === 'Token not found') {
-      return res.status(404).json({ error: 'Token not found' });
-    }
-    console.error('Error refreshing OAuth token:', error);
-    res.status(500).json({ error: error.message });
-  }
-});
-
-module.exports = router;

package/src/server/api/permissions.js

@@ -1,385 +0,0 @@
-/**
- * Command Permissions API 路由
- *
- * 管理 Claude Code / Codex / Gemini CLI 命令执行权限
- *
- * 三个 CLI 工具的权限控制机制：
- *
- * 1. Claude Code:
- *    - 配置文件: ~/.claude/settings.json (用户级) 或 .claude/settings.json (项目级)
- *    - 权限格式: permissions.allow / permissions.deny 数组
- *    - 支持通配符: Bash(npm run *), Read(./src/**)
- *
- * 2. Codex CLI:
- *    - 启动参数: --ask-for-approval never/on-request/on-failure
- *    - 沙箱模式: --sandbox read-only/workspace-write/danger-full-access
- *    - YOLO 模式: --yolo 或 --dangerously-bypass-approvals-and-sandbox
- *
- * 3. Gemini CLI:
- *    - 启动参数: --approval-mode default/auto_edit/yolo
- *    - 允许工具: --allowed-tools "ShellTool(git status)"
- *    - 沙箱: --sandbox / -s
- */
-
-const express = require('express');
-const fs = require('fs');
-const path = require('path');
-const os = require('os');
-const permissionTemplatesService = require('../services/permission-templates-service');
-
-const router = express.Router();
-
-// Claude Code 设置文件路径
-function getClaudeSettingsPath(projectPath) {
-  if (projectPath) {
-    return path.join(projectPath, '.claude', 'settings.json');
-  }
-  return path.join(os.homedir(), '.claude', 'settings.json');
-}
-
-// 读取 Claude Code settings.json
-function readClaudeSettings(projectPath) {
-  const settingsPath = getClaudeSettingsPath(projectPath);
-  try {
-    if (fs.existsSync(settingsPath)) {
-      const content = fs.readFileSync(settingsPath, 'utf-8');
-      return JSON.parse(content);
-    }
-  } catch (err) {
-    console.error('[Permissions API] Error reading Claude settings:', err);
-  }
-  return {};
-}
-
-// 保存 Claude Code settings.json
-function saveClaudeSettings(projectPath, settings) {
-  const settingsPath = getClaudeSettingsPath(projectPath);
-  const settingsDir = path.dirname(settingsPath);
-
-  try {
-    // 确保目录存在
-    if (!fs.existsSync(settingsDir)) {
-      fs.mkdirSync(settingsDir, { recursive: true });
-    }
-
-    // 写入文件
-    fs.writeFileSync(settingsPath, JSON.stringify(settings, null, 2), 'utf-8');
-
-    // 验证文件已创建
-    if (!fs.existsSync(settingsPath)) {
-      throw new Error('文件写入后验证失败，文件未被创建');
-    }
-
-    return { success: true, path: settingsPath };
-  } catch (err) {
-    console.error('[Permissions API] Error saving Claude settings:', err);
-    throw new Error(`保存配置文件失败: ${err.message}`);
-  }
-}
-
-// 全局 all-allow 状态（内存中）
-let globalAllAllowEnabled = process.env.CLAUDE_ALL_ALLOW === 'true';
-
-/**
- * 获取项目的命令执行权限设置
- * GET /api/permissions
- * Query: projectPath - 项目路径, cliType - CLI 类型 (claude/codex/gemini)
- */
-router.get('/', (req, res) => {
-  try {
-    const { projectPath, cliType = 'claude' } = req.query;
-
-    if (!projectPath) {
-      return res.status(400).json({
-        success: false,
-        message: '缺少 projectPath 参数'
-      });
-    }
-
-    if (!fs.existsSync(projectPath)) {
-      return res.status(404).json({
-        success: false,
-        message: '项目路径不存在'
-      });
-    }
-
-    // 读取 Claude Code 配置（所有 CLI 工具共用此配置管理）
-    const settings = readClaudeSettings(projectPath);
-    const permissions = settings.permissions || {};
-
-    res.json({
-      success: true,
-      cliType,
-      settings: {
-        // Claude Code 格式
-        allow: permissions.allow || [],
-        deny: permissions.deny || [],
-        // 兼容旧格式
-        allowedCommands: permissions.allow || [],
-        denyCommands: permissions.deny || []
-      }
-    });
-  } catch (err) {
-    console.error('[Permissions API] Get permissions error:', err);
-    res.status(500).json({
-      success: false,
-      message: err.message
-    });
-  }
-});
-
-/**
- * 保存项目的命令执行权限设置
- * POST /api/permissions
- * Body: { projectPath, settings: { allow, deny } }
- */
-router.post('/', (req, res) => {
-  try {
-    const { projectPath, settings: newPermissions } = req.body;
-
-    if (!projectPath) {
-      return res.status(400).json({
-        success: false,
-        message: '缺少 projectPath 参数'
-      });
-    }
-
-    if (!fs.existsSync(projectPath)) {
-      return res.status(404).json({
-        success: false,
-        message: '项目路径不存在'
-      });
-    }
-
-    // 读取现有设置
-    const settings = readClaudeSettings(projectPath);
-
-    // 更新权限设置（使用 Claude Code 的标准格式）
-    settings.permissions = {
-      allow: newPermissions?.allow || newPermissions?.allowedCommands || [],
-      deny: newPermissions?.deny || newPermissions?.denyCommands || []
-    };
-
-    // 保存设置
-    const saveResult = saveClaudeSettings(projectPath, settings);
-
-    res.json({
-      success: true,
-      message: '权限设置已保存',
-      savedTo: '.claude/settings.json',
-      fullPath: saveResult.path
-    });
-  } catch (err) {
-    console.error('[Permissions API] Save permissions error:', err);
-    res.status(500).json({
-      success: false,
-      message: err.message
-    });
-  }
-});
-
-/**
- * 获取全局 all-allow 模式状态
- * GET /api/permissions/all-allow
- */
-router.get('/all-allow', (req, res) => {
-  try {
-    res.json({
-      success: true,
-      enabled: globalAllAllowEnabled,
-      note: '此设置通过启动命令参数控制，如 claude --dangerously-skip-permissions'
-    });
-  } catch (err) {
-    console.error('[Permissions API] Get all-allow status error:', err);
-    res.status(500).json({
-      success: false,
-      message: err.message
-    });
-  }
-});
-
-/**
- * 设置全局 all-allow 模式（运行时）
- * POST /api/permissions/all-allow
- * Body: { enabled }
- */
-router.post('/all-allow', (req, res) => {
-  try {
-    const { enabled } = req.body;
-    globalAllAllowEnabled = !!enabled;
-
-    res.json({
-      success: true,
-      enabled: globalAllAllowEnabled,
-      message: enabled ? 'All-Allow 模式已启用' : 'All-Allow 模式已禁用'
-    });
-  } catch (err) {
-    console.error('[Permissions API] Set all-allow status error:', err);
-    res.status(500).json({
-      success: false,
-      message: err.message
-    });
-  }
-});
-
-/**
- * 获取所有权限模版（内置 + 自定义）
- * GET /api/permissions/templates
- */
-router.get('/templates', (req, res) => {
-  try {
-    const templates = permissionTemplatesService.getAllTemplates();
-    res.json({
-      success: true,
-      data: templates
-    });
-  } catch (err) {
-    console.error('[Permissions API] Get templates error:', err);
-    res.status(500).json({
-      success: false,
-      message: err.message
-    });
-  }
-});
-
-/**
- * 获取单个权限模版
- * GET /api/permissions/templates/:id
- */
-router.get('/templates/:id', (req, res) => {
-  try {
-    const template = permissionTemplatesService.getTemplateById(req.params.id);
-    if (!template) {
-      return res.status(404).json({
-        success: false,
-        message: '模版不存在'
-      });
-    }
-    res.json({
-      success: true,
-      data: template
-    });
-  } catch (err) {
-    console.error('[Permissions API] Get template error:', err);
-    res.status(500).json({
-      success: false,
-      message: err.message
-    });
-  }
-});
-
-/**
- * 创建自定义权限模版
- * POST /api/permissions/templates
- */
-router.post('/templates', (req, res) => {
-  try {
-    const template = permissionTemplatesService.createTemplate(req.body);
-    res.json({
-      success: true,
-      data: template,
-      message: '模版创建成功'
-    });
-  } catch (err) {
-    console.error('[Permissions API] Create template error:', err);
-    res.status(400).json({
-      success: false,
-      message: err.message
-    });
-  }
-});
-
-/**
- * 更新自定义权限模版
- * PUT /api/permissions/templates/:id
- */
-router.put('/templates/:id', (req, res) => {
-  try {
-    const template = permissionTemplatesService.updateTemplate(req.params.id, req.body);
-    res.json({
-      success: true,
-      data: template,
-      message: '模版更新成功'
-    });
-  } catch (err) {
-    console.error('[Permissions API] Update template error:', err);
-    res.status(400).json({
-      success: false,
-      message: err.message
-    });
-  }
-});
-
-/**
- * 删除自定义权限模版
- * DELETE /api/permissions/templates/:id
- */
-router.delete('/templates/:id', (req, res) => {
-  try {
-    permissionTemplatesService.deleteTemplate(req.params.id);
-    res.json({
-      success: true,
-      message: '模版删除成功'
-    });
-  } catch (err) {
-    console.error('[Permissions API] Delete template error:', err);
-    res.status(400).json({
-      success: false,
-      message: err.message
-    });
-  }
-});
-
-/**
- * 获取各 CLI 工具的启动参数配置说明
- * GET /api/permissions/cli-config
- */
-router.get('/cli-config', (req, res) => {
-  try {
-    const cliConfigs = {
-      claude: {
-        name: 'Claude Code',
-        configFile: '.claude/settings.json',
-        userConfigFile: '~/.claude/settings.json',
-        permissionFormat: {
-          example: {
-            permissions: {
-              allow: ['Bash(npm run:*)', 'Read(./src/**)'],
-              deny: ['Bash(rm:*)', 'Read(.env)']
-            }
-          }
-        },
-        allAllowFlag: '--dangerously-skip-permissions',
-        docs: 'https://docs.anthropic.com/en/docs/claude-code'
-      },
-      codex: {
-        name: 'Codex CLI',
-        sandboxModes: ['read-only', 'workspace-write'],
-        approvalModes: ['suggest', 'auto-edit'],
-        allAllowFlag: '--dangerously-bypass-approvals-and-sandbox',
-        example: 'codex --approval-mode auto-edit --sandbox workspace-write "task"',
-        docs: 'https://github.com/openai/codex'
-      },
-      gemini: {
-        name: 'Gemini CLI',
-        allowedToolsFlag: '--allowedTools "ShellTool(git status)"',
-        sandboxFlag: '--sandbox / -s',
-        allAllowFlag: '--yolo',
-        docs: 'https://github.com/google-gemini/gemini-cli'
-      }
-    };
-
-    res.json({
-      success: true,
-      cliConfigs
-    });
-  } catch (err) {
-    console.error('[Permissions API] Get CLI config error:', err);
-    res.status(500).json({
-      success: false,
-      message: err.message
-    });
-  }
-});
-
-module.exports = router;