@agenticmail/enterprise 0.5.77 → 0.5.79

package/src/browser/server-context.types.ts

@@ -0,0 +1,65 @@
+import type { Server } from "node:http";
+import type { RunningChrome } from "./chrome.js";
+import type { BrowserTab } from "./client.js";
+import type { ResolvedBrowserConfig, ResolvedBrowserProfile } from "./config.js";
+
+export type { BrowserTab };
+
+/**
+ * Runtime state for a single profile's Chrome instance.
+ */
+export type ProfileRuntimeState = {
+  profile: ResolvedBrowserProfile;
+  running: RunningChrome | null;
+  /** Sticky tab selection when callers omit targetId (keeps snapshot+act consistent). */
+  lastTargetId?: string | null;
+};
+
+export type BrowserServerState = {
+  server?: Server | null;
+  port: number;
+  resolved: ResolvedBrowserConfig;
+  profiles: Map<string, ProfileRuntimeState>;
+};
+
+type BrowserProfileActions = {
+  ensureBrowserAvailable: () => Promise<void>;
+  ensureTabAvailable: (targetId?: string) => Promise<BrowserTab>;
+  isHttpReachable: (timeoutMs?: number) => Promise<boolean>;
+  isReachable: (timeoutMs?: number) => Promise<boolean>;
+  listTabs: () => Promise<BrowserTab[]>;
+  openTab: (url: string) => Promise<BrowserTab>;
+  focusTab: (targetId: string) => Promise<void>;
+  closeTab: (targetId: string) => Promise<void>;
+  stopRunningBrowser: () => Promise<{ stopped: boolean }>;
+  resetProfile: () => Promise<{ moved: boolean; from: string; to?: string }>;
+};
+
+export type BrowserRouteContext = {
+  state: () => BrowserServerState;
+  forProfile: (profileName?: string) => ProfileContext;
+  listProfiles: () => Promise<ProfileStatus[]>;
+  // Legacy methods delegate to default profile for backward compatibility
+  mapTabError: (err: unknown) => { status: number; message: string } | null;
+} & BrowserProfileActions;
+
+export type ProfileContext = {
+  profile: ResolvedBrowserProfile;
+} & BrowserProfileActions;
+
+export type ProfileStatus = {
+  name: string;
+  cdpPort: number;
+  cdpUrl: string;
+  color: string;
+  running: boolean;
+  tabCount: number;
+  isDefault: boolean;
+  isRemote: boolean;
+};
+
+export type ContextOptions = {
+  getState: () => BrowserServerState | null;
+  onEnsureAttachTarget?: (profile: ResolvedBrowserProfile) => Promise<void>;
+  refreshConfigFromDisk?: boolean;
+};

package/src/browser/server-lifecycle.ts

@@ -0,0 +1,48 @@
+import type { ResolvedBrowserConfig } from "./config.js";
+import { resolveProfile } from "./config.js";
+import { ensureChromeExtensionRelayServer } from "./extension-relay.js";
+import {
+  type BrowserServerState,
+  createBrowserRouteContext,
+  listKnownProfileNames,
+} from "./server-context.js";
+
+export async function ensureExtensionRelayForProfiles(params: {
+  resolved: ResolvedBrowserConfig;
+  onWarn: (message: string) => void;
+}) {
+  for (const name of Object.keys(params.resolved.profiles)) {
+    const profile = resolveProfile(params.resolved, name);
+    if (!profile || profile.driver !== "extension") {
+      continue;
+    }
+    await ensureChromeExtensionRelayServer({ cdpUrl: profile.cdpUrl }).catch((err) => {
+      params.onWarn(`Chrome extension relay init failed for profile "${name}": ${String(err)}`);
+    });
+  }
+}
+
+export async function stopKnownBrowserProfiles(params: {
+  getState: () => BrowserServerState | null;
+  onWarn: (message: string) => void;
+}) {
+  const current = params.getState();
+  if (!current) {
+    return;
+  }
+  const ctx = createBrowserRouteContext({
+    getState: params.getState,
+    refreshConfigFromDisk: true,
+  });
+  try {
+    for (const name of listKnownProfileNames(current)) {
+      try {
+        await ctx.forProfile(name).stopRunningBrowser();
+      } catch {
+        // ignore
+      }
+    }
+  } catch (err) {
+    params.onWarn(`openclaw browser stop failed: ${String(err)}`);
+  }
+}

package/src/browser/server-middleware.ts

@@ -0,0 +1,37 @@
+import type { Express } from "express";
+import express from "express";
+import { browserMutationGuardMiddleware } from "./csrf.js";
+import { isAuthorizedBrowserRequest } from "./http-auth.js";
+
+export function installBrowserCommonMiddleware(app: Express) {
+  app.use((req, res, next) => {
+    const ctrl = new AbortController();
+    const abort = () => ctrl.abort(new Error("request aborted"));
+    req.once("aborted", abort);
+    res.once("close", () => {
+      if (!res.writableEnded) {
+        abort();
+      }
+    });
+    // Make the signal available to browser route handlers (best-effort).
+    (req as unknown as { signal?: AbortSignal }).signal = ctrl.signal;
+    next();
+  });
+  app.use(express.json({ limit: "1mb" }));
+  app.use(browserMutationGuardMiddleware());
+}
+
+export function installBrowserAuthMiddleware(
+  app: Express,
+  auth: { token?: string; password?: string },
+) {
+  if (!auth.token && !auth.password) {
+    return;
+  }
+  app.use((req, res, next) => {
+    if (isAuthorizedBrowserRequest(req, auth)) {
+      return next();
+    }
+    res.status(401).send("Unauthorized");
+  });
+}

package/src/browser/server.ts

@@ -0,0 +1,110 @@
+import type { Server } from "node:http";
+import express from "express";
+
+import { resolveBrowserConfig } from "./config.js";
+import { ensureBrowserControlAuth, resolveBrowserControlAuth } from "./control-auth.js";
+import { isPwAiLoaded } from "./pw-ai-state.js";
+import { registerBrowserRoutes } from "./routes/index.js";
+import type { BrowserRouteRegistrar } from "./routes/types.js";
+import { type BrowserServerState, createBrowserRouteContext } from "./server-context.js";
+import { ensureExtensionRelayForProfiles, stopKnownBrowserProfiles } from "./server-lifecycle.js";
+import {
+import { createSubsystemLogger, loadConfig } from "./enterprise-compat.js";
+  installBrowserAuthMiddleware,
+  installBrowserCommonMiddleware,
+} from "./server-middleware.js";
+
+let state: BrowserServerState | null = null;
+const log = createSubsystemLogger("browser");
+const logServer = log.child("server");
+
+export async function startBrowserControlServerFromConfig(): Promise<BrowserServerState | null> {
+  if (state) {
+    return state;
+  }
+
+  const cfg = loadConfig();
+  const resolved = resolveBrowserConfig(cfg.browser, cfg);
+  if (!resolved.enabled) {
+    return null;
+  }
+
+  let browserAuth = resolveBrowserControlAuth(cfg);
+  try {
+    const ensured = await ensureBrowserControlAuth({ cfg });
+    browserAuth = ensured.auth;
+    if (ensured.generatedToken) {
+      logServer.info("No browser auth configured; generated gateway.auth.token automatically.");
+    }
+  } catch (err) {
+    logServer.warn(`failed to auto-configure browser auth: ${String(err)}`);
+  }
+
+  const app = express();
+  installBrowserCommonMiddleware(app);
+  installBrowserAuthMiddleware(app, browserAuth);
+
+  const ctx = createBrowserRouteContext({
+    getState: () => state,
+    refreshConfigFromDisk: true,
+  });
+  registerBrowserRoutes(app as unknown as BrowserRouteRegistrar, ctx);
+
+  const port = resolved.controlPort;
+  const server = await new Promise<Server>((resolve, reject) => {
+    const s = app.listen(port, "127.0.0.1", () => resolve(s));
+    s.once("error", reject);
+  }).catch((err) => {
+    logServer.error(`openclaw browser server failed to bind 127.0.0.1:${port}: ${String(err)}`);
+    return null;
+  });
+
+  if (!server) {
+    return null;
+  }
+
+  state = {
+    server,
+    port,
+    resolved,
+    profiles: new Map(),
+  };
+
+  await ensureExtensionRelayForProfiles({
+    resolved,
+    onWarn: (message) => logServer.warn(message),
+  });
+
+  const authMode = browserAuth.token ? "token" : browserAuth.password ? "password" : "off";
+  logServer.info(`Browser control listening on http://127.0.0.1:${port}/ (auth=${authMode})`);
+  return state;
+}
+
+export async function stopBrowserControlServer(): Promise<void> {
+  const current = state;
+  if (!current) {
+    return;
+  }
+
+  await stopKnownBrowserProfiles({
+    getState: () => state,
+    onWarn: (message) => logServer.warn(message),
+  });
+
+  if (current.server) {
+    await new Promise<void>((resolve) => {
+      current.server?.close(() => resolve());
+    });
+  }
+  state = null;
+
+  // Optional: avoid importing heavy Playwright bridge when this process never used it.
+  if (isPwAiLoaded()) {
+    try {
+      const mod = await import("./pw-ai.js");
+      await mod.closePlaywrightBrowserConnection();
+    } catch {
+      // ignore
+    }
+  }
+}

package/src/browser/target-id.ts

@@ -0,0 +1,30 @@
+export type TargetIdResolution =
+  | { ok: true; targetId: string }
+  | { ok: false; reason: "not_found" | "ambiguous"; matches?: string[] };
+
+export function resolveTargetIdFromTabs(
+  input: string,
+  tabs: Array<{ targetId: string }>,
+): TargetIdResolution {
+  const needle = input.trim();
+  if (!needle) {
+    return { ok: false, reason: "not_found" };
+  }
+
+  const exact = tabs.find((t) => t.targetId === needle);
+  if (exact) {
+    return { ok: true, targetId: exact.targetId };
+  }
+
+  const lower = needle.toLowerCase();
+  const matches = tabs.map((t) => t.targetId).filter((id) => id.toLowerCase().startsWith(lower));
+
+  const only = matches.length === 1 ? matches[0] : undefined;
+  if (only) {
+    return { ok: true, targetId: only };
+  }
+  if (matches.length === 0) {
+    return { ok: false, reason: "not_found" };
+  }
+  return { ok: false, reason: "ambiguous", matches };
+}

package/src/browser/trash.ts

@@ -0,0 +1,21 @@
+import fs from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import { runExec } from "./enterprise-compat.js";
+
+export async function movePathToTrash(targetPath: string): Promise<string> {
+  try {
+    await runExec("trash", [targetPath], { timeoutMs: 10_000 });
+    return targetPath;
+  } catch {
+    const trashDir = path.join(os.homedir(), ".Trash");
+    fs.mkdirSync(trashDir, { recursive: true });
+    const base = path.basename(targetPath);
+    let dest = path.join(trashDir, `${base}-${Date.now()}`);
+    if (fs.existsSync(dest)) {
+      dest = path.join(trashDir, `${base}-${Date.now()}-${Math.random()}`);
+    }
+    fs.renameSync(targetPath, dest);
+    return dest;
+  }
+}