@agentikos/omega-os 0.1.0 → 0.19.5

package/omega/Agentik_Engine/omega_engine/validate.py

@@ -0,0 +1,186 @@
+"""Validate provider credentials at install time + on demand.
+
+The install used to write provider config + credentials to the vault and
+then say "ok". The first mission would discover the key was wrong/expired
+and fail. This module closes the gap: ``omega validate providers`` does a
+1-token round-trip against each configured provider's real API.
+
+For each provider we know how to validate:
+
+  * **claude**     ``/v1/messages`` with max_tokens=1
+  * **glm**        ``/api/paas/v4/chat/completions`` with max_tokens=1
+  * **openai**     ``/v1/chat/completions`` with max_tokens=1
+  * **deepseek**   ``/v1/chat/completions`` with max_tokens=1
+
+Each provider's adapter already knows its endpoint + auth shape — we
+reuse it. A 200 OK is a pass; anything else is a fail with the API's
+error string surfaced.
+"""
+from __future__ import annotations
+
+import os
+from dataclasses import dataclass
+from pathlib import Path
+from typing import Any
+
+import yaml
+
+
+@dataclass
+class ValidationResult:
+    provider: str
+    ok: bool
+    detail: str
+    elapsed_ms: int = 0
+
+
+def _read_router_config(omega_home: str | Path) -> list[dict[str, Any]]:
+    p = (Path(omega_home) / "Agentik_SSOT" / "providers" / "router.yaml")
+    if not p.exists():
+        return []
+    data = yaml.safe_load(p.read_text()) or {}
+    return list(data.get("providers") or [])
+
+
+def _read_secret(omega_home: str | Path, secret_ref: str) -> str:
+    if not secret_ref:
+        return ""
+    if env := os.environ.get(secret_ref):
+        return env
+    try:
+        from omega_engine.vault import vault_read
+        return vault_read(omega_home, secret_ref) or ""
+    except Exception:  # noqa: BLE001
+        return ""
+
+
+def _validate_claude(api_key: str) -> ValidationResult:
+    """1-token call against Anthropic /v1/messages."""
+    if not api_key:
+        return ValidationResult("claude", False, "no API key in env or vault")
+    import json
+    import time
+    import urllib.error
+    import urllib.request
+    start = time.time()
+    body = json.dumps({
+        "model": "claude-haiku-4-5",
+        "max_tokens": 1,
+        "messages": [{"role": "user", "content": "x"}],
+    }).encode()
+    req = urllib.request.Request(
+        "https://api.anthropic.com/v1/messages",
+        data=body, method="POST",
+        headers={
+            "Content-Type": "application/json",
+            "x-api-key": api_key,
+            "anthropic-version": "2023-06-01",
+        },
+    )
+    try:
+        with urllib.request.urlopen(req, timeout=15) as resp:  # noqa: S310
+            resp.read()
+        return ValidationResult(
+            "claude", True, "ok", int((time.time() - start) * 1000),
+        )
+    except urllib.error.HTTPError as exc:
+        detail = exc.read().decode("utf-8", errors="replace")[:300] if exc.fp else ""
+        return ValidationResult(
+            "claude", False, f"HTTP {exc.code}: {detail or exc.reason}",
+            int((time.time() - start) * 1000),
+        )
+    except Exception as exc:  # noqa: BLE001
+        return ValidationResult(
+            "claude", False, f"network error: {exc}"[:200],
+            int((time.time() - start) * 1000),
+        )
+
+
+def _validate_openai_compat(
+    provider: str, api_key: str, base_url: str, model: str,
+) -> ValidationResult:
+    """1-token call against any OpenAI-compatible /chat/completions."""
+    if not api_key:
+        return ValidationResult(provider, False, "no API key in env or vault")
+    import json
+    import time
+    import urllib.error
+    import urllib.request
+    start = time.time()
+    body = json.dumps({
+        "model": model,
+        "max_tokens": 1,
+        "messages": [{"role": "user", "content": "x"}],
+    }).encode()
+    req = urllib.request.Request(
+        f"{base_url.rstrip('/')}/chat/completions",
+        data=body, method="POST",
+        headers={
+            "Content-Type": "application/json",
+            "Authorization": f"Bearer {api_key}",
+        },
+    )
+    try:
+        with urllib.request.urlopen(req, timeout=15) as resp:  # noqa: S310
+            resp.read()
+        return ValidationResult(
+            provider, True, "ok", int((time.time() - start) * 1000),
+        )
+    except urllib.error.HTTPError as exc:
+        detail = exc.read().decode("utf-8", errors="replace")[:300] if exc.fp else ""
+        return ValidationResult(
+            provider, False, f"HTTP {exc.code}: {detail or exc.reason}",
+            int((time.time() - start) * 1000),
+        )
+    except Exception as exc:  # noqa: BLE001
+        return ValidationResult(
+            provider, False, f"network error: {exc}"[:200],
+            int((time.time() - start) * 1000),
+        )
+
+
+def validate_one(
+    omega_home: str | Path, provider_id: str,
+    *, secret_ref: str | None = None,
+) -> ValidationResult:
+    """Validate one provider by id. Reads secret from env or vault."""
+    secret_ref = (
+        secret_ref or f"{provider_id.upper()}_API_KEY"
+    )
+    key = _read_secret(omega_home, secret_ref)
+    pid = provider_id.lower()
+    if pid == "claude":
+        return _validate_claude(key)
+    if pid == "glm":
+        return _validate_openai_compat(
+            "glm", key,
+            "https://open.bigmodel.cn/api/paas/v4",
+            "glm-4-flash",
+        )
+    if pid == "openai":
+        return _validate_openai_compat(
+            "openai", key, "https://api.openai.com/v1", "gpt-4o-mini",
+        )
+    if pid == "deepseek":
+        return _validate_openai_compat(
+            "deepseek", key, "https://api.deepseek.com/v1", "deepseek-chat",
+        )
+    return ValidationResult(
+        provider_id, False,
+        f"no validator known for provider {provider_id!r}",
+    )
+
+
+def validate_all(omega_home: str | Path) -> list[ValidationResult]:
+    """Validate every provider in ``router.yaml``."""
+    out: list[ValidationResult] = []
+    for cfg in _read_router_config(omega_home):
+        if not bool(cfg.get("enabled", True)):
+            continue
+        pid = str(cfg.get("id", "")).strip()
+        if not pid:
+            continue
+        out.append(validate_one(
+            omega_home, pid, secret_ref=cfg.get("secret_ref"),
+        ))
+    return out

package/omega/Agentik_Engine/omega_engine/vault.py

@@ -0,0 +1,342 @@
+"""Encrypted secrets vault — age if available, chmod 600 plaintext fallback.
+
+The vault is the single source for *how* a secret reaches disk. It exists so
+that the rest of the engine never duplicates the "if age then encrypt else
+chmod 600" logic.
+
+Backends
+--------
+* **age** (preferred) — uses the system `age` and `age-keygen` binaries.
+  At first write, we generate an age identity at
+  `Agentik_Extra/etc/secrets/.vault-key` (mode 600) plus its public recipient
+  at `.vault-pub` (mode 644). Every secret is written as `<ref>.age` next to
+  the key file.
+* **plain** (fallback) — when age is not installed, secrets are still stored
+  with mode 600 under `Agentik_Extra/etc/secrets/<ref>`. The doctor flags
+  this as "unencrypted" so the operator can install age and re-write.
+
+API
+---
+* ``vault_init(home)`` — idempotent. Ensures the secrets dir exists, mode 700.
+  If age is installed, ensures the keypair exists. Returns a status dict.
+* ``vault_write(home, ref, value)`` — write a secret. Returns the path.
+* ``vault_read(home, ref) -> str | None`` — read a secret, or None if absent.
+* ``vault_status(home)`` — summary for ``omega doctor``.
+
+The vault is intentionally narrow: one value per ref, plain string. Tokens
+are strings; structured secrets (mcp-<id>.env) keep their dotenv layout for
+now and can migrate later.
+"""
+from __future__ import annotations
+
+import os
+import shutil
+import stat
+import subprocess
+from pathlib import Path
+from typing import Any
+
+
+def _safe_ref(ref: str) -> str:
+    """Refuse path-traversal — `ref` is a flat filename only."""
+    if not ref or "/" in ref or "\\" in ref or ".." in ref:
+        raise ValueError(f"invalid secret ref: {ref!r}")
+    if ref.startswith("."):
+        raise ValueError(f"secret ref must not start with '.': {ref!r}")
+    return ref
+
+
+def _safe_project_slug(project: str) -> str:
+    """A project slug is a flat name — no traversal."""
+    if not project or "/" in project or "\\" in project or ".." in project:
+        raise ValueError(f"invalid project slug: {project!r}")
+    if project.startswith("."):
+        raise ValueError(f"project slug must not start with '.': {project!r}")
+    return project
+
+
+def _secrets_dir(home: Path, project: str | None = None) -> Path:
+    """Return the vault directory, creating it with mode 700.
+
+    When ``project`` is set, the directory is
+    ``Agentik_Coding/projects/<slug>/.secrets/`` — a per-project vault that
+    sits next to the project's code. Otherwise the global vault at
+    ``Agentik_Extra/etc/secrets/``.
+    """
+    if project is not None:
+        slug = _safe_project_slug(project)
+        d = (Path(home) / "Agentik_Coding" / "projects" / slug / ".secrets")
+    else:
+        d = Path(home) / "Agentik_Extra" / "etc" / "secrets"
+    d.mkdir(parents=True, exist_ok=True)
+    try:
+        os.chmod(d, 0o700)
+    except OSError:
+        pass
+    return d
+
+
+def _global_key_dir(home: Path) -> Path:
+    """Where the age keypair lives. Always the global secrets dir — every
+    per-project vault encrypts to the same recipient so the engine can
+    decrypt anything with one key."""
+    return _secrets_dir(home, project=None)
+
+
+def _age_available() -> bool:
+    return shutil.which("age") is not None and shutil.which("age-keygen") is not None
+
+
+def vault_init(home: str | Path) -> dict[str, Any]:
+    """Idempotent vault setup. Generates the age keypair on first call when
+    age is installed; no-op afterwards. Always safe to call.
+
+    Returns: ``{ "backend": "age" | "plain", "key_path"?, "pub_path"?, ... }``
+    """
+    home = Path(home)
+    sec = _global_key_dir(home)
+    if not _age_available():
+        return {"backend": "plain", "age_installed": False, "secrets_dir": str(sec)}
+
+    key_path = sec / ".vault-key"
+    pub_path = sec / ".vault-pub"
+    if key_path.exists() and pub_path.exists():
+        return {
+            "backend": "age", "age_installed": True,
+            "key_path": str(key_path), "pub_path": str(pub_path),
+            "secrets_dir": str(sec),
+        }
+
+    # Generate a fresh keypair.
+    proc = subprocess.run(
+        ["age-keygen", "-o", str(key_path)],
+        check=False, capture_output=True, text=True, timeout=30,
+    )
+    if proc.returncode != 0:
+        return {
+            "backend": "plain", "age_installed": True,
+            "secrets_dir": str(sec),
+            "warning": f"age-keygen failed: {proc.stderr.strip()[:200]}",
+        }
+    try:
+        os.chmod(key_path, 0o600)
+    except OSError:
+        pass
+
+    # age-keygen prints "Public key: age1xyz..." to stderr.
+    pub: str | None = None
+    for line in (proc.stderr or "").splitlines():
+        s = line.strip()
+        if s.startswith("Public key:"):
+            pub = s.split(":", 1)[1].strip()
+            break
+    if not pub:
+        # Some age-keygen versions write the public key as a comment in the
+        # private-key file. Try to extract it from there.
+        for line in key_path.read_text().splitlines():
+            s = line.strip()
+            if s.lower().startswith("# public key:"):
+                pub = s.split(":", 1)[1].strip()
+                break
+    if not pub:
+        return {
+            "backend": "plain", "age_installed": True,
+            "secrets_dir": str(sec),
+            "warning": "could not extract public key from age-keygen output",
+        }
+
+    pub_path.write_text(pub + "\n")
+    try:
+        os.chmod(pub_path, 0o644)
+    except OSError:
+        pass
+    return {
+        "backend": "age", "age_installed": True,
+        "key_path": str(key_path), "pub_path": str(pub_path),
+        "secrets_dir": str(sec),
+    }
+
+
+def vault_write(
+    home: str | Path,
+    ref: str,
+    value: str,
+    *,
+    project: str | None = None,
+) -> Path:
+    """Write a secret. age-encrypted when available, mode-600 plaintext otherwise.
+
+    With ``project=<slug>``, the secret is scoped to that project's vault at
+    ``Agentik_Coding/projects/<slug>/.secrets/`` (encrypted to the SAME age
+    recipient as the global vault, so one key decrypts everything). Without
+    ``project``, the global vault is used.
+
+    Returns the on-disk path written. Idempotent for a given (ref, value):
+    re-writing rotates the secret in place.
+    """
+    ref = _safe_ref(ref)
+    if not isinstance(value, str) or not value:
+        raise ValueError("secret value must be a non-empty string")
+
+    home = Path(home)
+    # vault_init always operates on the global dir so the keypair is
+    # discoverable from any project.
+    info = vault_init(home)
+    sec = _secrets_dir(home, project=project)
+
+    if info["backend"] == "age":
+        pub = Path(info["pub_path"]).read_text().strip()
+        target = sec / f"{ref}.age"
+        proc = subprocess.run(
+            ["age", "-r", pub, "-o", str(target)],
+            input=value, text=True, check=False, capture_output=True, timeout=30,
+        )
+        if proc.returncode != 0:
+            raise RuntimeError(
+                f"age encrypt failed for ref={ref}: {proc.stderr.strip()[:200]}"
+            )
+        try:
+            os.chmod(target, 0o600)
+        except OSError:
+            pass
+        # Best-effort cleanup of a previous plaintext for the same ref.
+        plain_old = sec / ref
+        if plain_old.exists():
+            try:
+                plain_old.unlink()
+            except OSError:
+                pass
+        return target
+
+    # Plain fallback.
+    target = sec / ref
+    fd = os.open(str(target), os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o600)
+    try:
+        with os.fdopen(fd, "w") as fh:
+            fh.write(value)
+    finally:
+        try:
+            os.close(fd)
+        except OSError:
+            pass
+    try:
+        os.chmod(target, stat.S_IRUSR | stat.S_IWUSR)  # 0o600
+    except OSError:
+        pass
+    return target
+
+
+def vault_read(
+    home: str | Path,
+    ref: str,
+    *,
+    project: str | None = None,
+) -> str | None:
+    """Read a secret. Tries age then plain; returns None if neither exists.
+
+    ``project=<slug>`` reads from the per-project vault.
+
+    Raises RuntimeError if an encrypted file exists but decryption fails
+    (so callers don't silently treat a broken vault as missing).
+    """
+    ref = _safe_ref(ref)
+    home = Path(home)
+    sec = _secrets_dir(home, project=project)
+    age_file = sec / f"{ref}.age"
+    plain_file = sec / ref
+
+    if age_file.exists():
+        # The age key always lives in the global dir.
+        key = _global_key_dir(home) / ".vault-key"
+        if not key.exists():
+            raise RuntimeError(
+                f"encrypted secret {age_file} exists but vault key {key} is missing"
+            )
+        if not _age_available():
+            raise RuntimeError(
+                f"encrypted secret {age_file} exists but `age` is not installed"
+            )
+        proc = subprocess.run(
+            ["age", "-d", "-i", str(key), str(age_file)],
+            check=False, capture_output=True, text=True, timeout=30,
+        )
+        if proc.returncode != 0:
+            raise RuntimeError(
+                f"age decrypt failed for ref={ref}: {proc.stderr.strip()[:200]}"
+            )
+        return proc.stdout
+    if plain_file.exists():
+        return plain_file.read_text()
+    return None
+
+
+def _file_has_real_secret(path: Path) -> bool:
+    """True iff the file contains at least one non-comment KEY=VALUE line.
+
+    A file with only commented placeholders like
+        # COMPOSIO_API_KEY=  # set this when ready
+    has nothing to leak and is not counted as a plaintext secret.
+    """
+    try:
+        text = path.read_text(errors="replace")
+    except OSError:
+        return False
+    if not text.strip():
+        return False
+    for raw in text.splitlines():
+        ln = raw.strip()
+        if not ln or ln.startswith("#"):
+            continue
+        if "=" not in ln:
+            # A bare opaque value (e.g. an OAuth token written as the whole
+            # file body) still counts as a real secret.
+            return True
+        k, _, v = ln.partition("=")
+        if v.strip().strip('"').strip("'"):
+            return True
+    return False
+
+
+def vault_status(home: str | Path, *, project: str | None = None) -> dict[str, Any]:
+    """Summary of the vault for `omega doctor`.
+
+    With ``project=<slug>``, summarises the per-project vault only.
+    """
+    home = Path(home)
+    sec = _secrets_dir(home, project=project)
+    info = vault_init(home)
+    files = [p for p in sec.iterdir() if p.is_file() and not p.name.startswith(".")]
+    encrypted = [p.name for p in files if p.suffix == ".age"]
+    plain_files = [p for p in files if p.suffix != ".age"]
+    # Discriminate real plaintext secrets from placeholder dotenv files.
+    real_plain = [p.name for p in plain_files if _file_has_real_secret(p)]
+    placeholders = [p.name for p in plain_files if p.name not in real_plain]
+    return {
+        "backend": info["backend"],
+        "age_installed": info.get("age_installed", False),
+        "encrypted_count": len(encrypted),
+        "plaintext_count": len(real_plain),
+        "placeholder_count": len(placeholders),
+        "secrets_dir": str(sec),
+        "project": project,
+    }
+
+
+def list_project_vaults(home: str | Path) -> list[dict[str, Any]]:
+    """Enumerate every per-project vault under
+    ``Agentik_Coding/projects/<slug>/.secrets/``. Returns a list of vault
+    statuses, one per project that has any vault (encrypted or plain).
+    """
+    home = Path(home)
+    projects_root = home / "Agentik_Coding" / "projects"
+    out: list[dict[str, Any]] = []
+    if not projects_root.is_dir():
+        return out
+    for proj_dir in sorted(projects_root.iterdir()):
+        if not proj_dir.is_dir():
+            continue
+        sec = proj_dir / ".secrets"
+        if not sec.is_dir():
+            continue
+        out.append(vault_status(home, project=proj_dir.name))
+    return out