@agentunion/kite 1.4.0 → 1.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (718) hide show
  1. package/.claude/skills/kite/checklists/feature-checklist.md +496 -0
  2. package/.claude/skills/kite/references/event-patterns.md +180 -0
  3. package/.claude/skills/kite/references/health-check.md +202 -0
  4. package/.claude/skills/kite/references/http-service.md +199 -0
  5. package/.claude/skills/kite/references/module-md-spec.md +172 -0
  6. package/.claude/skills/kite/references/multi-connection.md +147 -0
  7. package/.claude/skills/kite/references/rpc-patterns.md +199 -0
  8. package/.claude/skills/kite/references/shutdown-sequence.md +146 -0
  9. package/.claude/skills/kite/references/stdin-protocol.md +147 -0
  10. package/.claude/skills/kite/references/test-center-integration.md +178 -0
  11. package/.claude/skills/kite/references/ws-lifecycle.md +301 -0
  12. package/.claude/skills/kite/skill.md +272 -0
  13. package/.claude/skills/kite/templates/go/README.md +20 -0
  14. package/.claude/skills/kite/templates/node/entry.js +134 -0
  15. package/.claude/skills/kite/templates/node/module.md +16 -0
  16. package/.claude/skills/kite/templates/node/server.js +351 -0
  17. package/.claude/skills/kite/templates/node/server_http.js +90 -0
  18. package/.claude/skills/kite/templates/python/entry.py +425 -0
  19. package/.claude/skills/kite/templates/python/module.md +26 -0
  20. package/.claude/skills/kite/templates/python/server.py +447 -0
  21. package/.claude/skills/kite/templates/python/server_http.py +433 -0
  22. package/CHANGELOG.md +102 -0
  23. package/cli.js +78 -5
  24. package/core/dependency_checker.py +250 -0
  25. package/core/env_checker.py +586 -0
  26. package/dependencies_lock.json +128 -0
  27. package/docs/05-/347/237/255/344/277/241/350/256/244/350/257/201/344/270/216/347/224/250/346/210/267/344/277/241/346/201/257/346/216/245/345/217/243/346/226/207/346/241/243.md +507 -0
  28. package/docs/ACP/345/215/217/350/256/256/345/205/274/345/256/271/346/226/271/346/241/210.md +138 -0
  29. package/docs/CI/344/270/216AI/350/207/252/345/212/250/345/214/226/346/265/213/350/257/225/346/226/271/346/241/210.md +75 -0
  30. package/docs/CLI/345/274/200/345/217/221/350/256/241/345/210/222.md +595 -0
  31. package/docs/ClaudeCode/350/277/234/347/250/213/345/215/217/344/275/234/347/263/273/347/273/237-/346/212/200/346/234/257/350/257/204/344/274/260.md +535 -0
  32. package/docs/ClaudeCode/350/277/234/347/250/213/345/215/217/344/275/234/347/263/273/347/273/237/350/256/276/350/256/241.md +631 -0
  33. package/docs/Evol-App/344/275/277/347/224/250KernelClient/346/224/271/351/200/240/345/256/214/346/210/220.md +342 -0
  34. package/docs/Evol/346/216/247/345/210/266/345/217/260/346/217/222/344/273/266/345/214/226/346/236/266/346/236/204/346/246/202/350/246/201.md +604 -0
  35. package/docs/Evol/346/216/247/345/210/266/345/217/260/346/217/222/344/273/266/345/214/226/346/236/266/346/236/204/350/256/276/350/256/241.md +1708 -0
  36. package/docs/Evol/346/250/241/345/235/227/350/256/276/350/256/241/346/226/271/346/241/210.md +1154 -0
  37. package/docs/Evol/351/241/265/351/235/242/346/217/222/344/273/266/345/214/226-Evol/346/250/241/345/235/227/345/256/236/346/226/275/346/214/207/345/215/227.md +403 -0
  38. package/docs/Evol/351/241/265/351/235/242/346/217/222/344/273/266/345/214/226-/345/244/226/351/203/250/346/250/241/345/235/227/346/216/245/345/205/245/346/214/207/345/215/227.md +468 -0
  39. package/docs/HTTP-RPC/350/277/201/347/247/273/345/210/260WebSocket/350/256/241/345/210/222.md +318 -0
  40. package/docs/INDEX.md +388 -0
  41. package/docs/KITE_DOCS_GUIDE.md +33 -0
  42. package/docs/Kernel-Client-Kite-Token/346/224/257/346/214/201/345/256/236/346/226/275/345/256/214/346/210/220.md +330 -0
  43. package/docs/Kernel/344/270/273/345/212/250Ping/346/234/272/345/210/266-/346/255/243/347/241/256/345/256/236/347/216/260.md +235 -0
  44. package/docs/Kernel/344/270/273/345/212/250Ping/346/234/272/345/210/266/345/256/236/346/226/275/346/200/273/347/273/223.md +204 -0
  45. package/docs/Kite/345/256/211/350/243/205/351/227/256/351/242/230/350/247/243/345/206/263/346/226/271/346/241/210.md +362 -0
  46. package/docs/Kite/346/216/247/345/210/266/345/217/260/346/217/222/344/273/266/345/214/226/346/236/266/346/236/204/350/256/276/350/256/241-/347/273/210/346/236/201/347/233/256/346/240/207.md +721 -0
  47. package/docs/Kite/346/216/247/345/210/266/345/217/260/347/273/237/344/270/200WebSocket/346/224/271/351/200/240/346/226/271/346/241/210.md +821 -0
  48. package/docs/Kite/346/241/206/346/236/266/350/256/276/350/256/241/01-/346/241/206/346/236/266/345/256/232/344/275/215.md +12 -0
  49. package/docs/Kite/346/241/206/346/236/266/350/256/276/350/256/241/02-/346/240/270/345/277/203/346/246/202/345/277/265.md +341 -0
  50. package/docs/Kite/346/241/206/346/236/266/350/256/276/350/256/241/03-/347/263/273/347/273/237/346/236/266/346/236/204.md +257 -0
  51. package/docs/Kite/346/241/206/346/236/266/350/256/276/350/256/241/04-/346/250/241/345/235/227/350/247/204/350/214/203.md +263 -0
  52. package/docs/Kite/346/241/206/346/236/266/350/256/276/350/256/241/05-/346/240/270/345/277/203/346/265/201/347/250/213-/346/226/260/347/211/210.md +267 -0
  53. package/docs/Kite/346/241/206/346/236/266/350/256/276/350/256/241/05-/346/240/270/345/277/203/346/265/201/347/250/213.md +149 -0
  54. package/docs/Kite/346/241/206/346/236/266/350/256/276/350/256/241/06-/347/233/256/345/275/225/347/273/223/346/236/204.md +231 -0
  55. package/docs/Kite/346/241/206/346/236/266/350/256/276/350/256/241/07-/346/225/260/346/215/256/346/250/241/345/236/213.md +68 -0
  56. package/docs/Kite/346/241/206/346/236/266/350/256/276/350/256/241/08-/346/211/251/345/261/225/346/200/247.md +34 -0
  57. package/docs/Kite/346/241/206/346/236/266/350/256/276/350/256/241/09-/344/270/216/345/205/267/344/275/223/345/272/224/347/224/250/347/232/204/345/205/263/347/263/273.md +22 -0
  58. package/docs/Kite/346/241/206/346/236/266/350/256/276/350/256/241/README.md +46 -0
  59. package/docs/Kite/347/263/273/347/273/237/345/220/257/345/212/250/346/265/201/347/250/213.md +567 -0
  60. package/docs/Launcher/345/220/257/345/212/250/345/231/250/346/226/207/346/241/243.md +745 -0
  61. package/docs/Polyglot/350/277/220/350/241/214/346/227/266/344/270/216Clawdbot/345/205/274/345/256/271/346/200/247/350/256/276/350/256/241.md +321 -0
  62. package/docs/Redis/344/270/216/346/250/241/345/235/227/345/244/232/345/256/236/344/276/213/346/226/271/346/241/210.md +438 -0
  63. package/docs/Relay-Kite-Token/350/256/244/350/257/201/345/256/236/346/226/275/345/256/214/346/210/220.md +178 -0
  64. package/docs/Relay-Token/346/235/203/351/231/220/351/205/215/347/275/256/351/252/214/350/257/201.md +113 -0
  65. package/docs/Watchdog/345/201/245/345/272/267/346/243/200/346/237/245/344/270/216WebSocket-Ping/346/234/272/345/210/266/345/210/206/346/236/220.md +367 -0
  66. package/docs/Watchdog/350/265/204/346/272/220/347/233/221/346/216/247/347/255/226/347/225/245.md +92 -0
  67. package/docs/WebSocket/346/216/245/346/224/266/345/276/252/347/216/257/346/255/273/351/224/201/351/230/262/350/214/203/350/247/204/350/214/203.md +357 -0
  68. package/docs/WebSocket/350/277/236/346/216/245/351/237/247/346/200/247/344/270/216/351/207/215/350/277/236/346/234/272/345/210/266/345/256/214/346/225/264/346/226/271/346/241/210.md +531 -0
  69. package/docs/WebSocket/350/277/236/346/216/245/351/237/247/346/200/247/346/226/271/346/241/210.md +169 -0
  70. package/docs/WebSocket/351/207/215/350/277/236/346/234/272/345/210/266/346/265/213/350/257/225/346/212/245/345/221/212.md +169 -0
  71. package/docs/WebSocket/351/207/215/350/277/236/351/200/200/351/201/277/346/234/272/345/210/266/346/226/271/346/241/210.md +394 -0
  72. package/docs/Web/346/250/241/345/235/227/344/270/216Evol/346/250/241/345/235/227/351/207/215/346/236/204/345/210/206/346/236/220.md +521 -0
  73. package/docs/audit-api-guide.md +68 -0
  74. package/docs/audit-module-design.md +315 -0
  75. package/docs/audit-module-implementation-summary.md +149 -0
  76. package/docs/llm-context-design.md +52 -0
  77. package/docs/llm-test-enhancement-plan.md +970 -0
  78. package/docs/logs-api-guide.md +42 -0
  79. package/docs/npm/345/214/205Python/347/216/257/345/242/203/347/256/241/347/220/206/346/226/271/346/241/210.md +302 -0
  80. package/docs/npm/345/217/221/345/270/203/344/270/216CLI/344/275/277/347/224/250/346/214/207/345/215/227.md +245 -0
  81. package/docs/stdio/344/270/216/347/253/257/345/217/243/345/217/221/347/216/260/351/207/215/346/236/204.md +480 -0
  82. package/docs/web/346/250/241/345/235/227/344/270/255/350/275/254/346/234/215/345/212/241/350/256/276/350/256/241/346/226/271/346/241/210.md +449 -0
  83. package/docs//344/272/213/344/273/266/345/244/204/347/220/206/346/234/272/345/210/266.md +388 -0
  84. package/docs//344/272/213/344/273/266/345/244/204/347/220/206/350/247/204/350/214/203.md +113 -0
  85. package/docs//344/272/213/344/273/266/350/256/242/351/230/205/351/200/232/351/205/215/347/254/246/350/247/204/350/214/203.md +256 -0
  86. package/docs//344/272/213/344/273/266/351/230/237/345/210/227/345/274/271/346/200/247/347/256/241/347/220/206.md +449 -0
  87. package/docs//344/272/244/344/272/222/345/274/217/347/273/210/347/253/257/346/216/247/345/210/266/346/226/271/346/241/210.md +301 -0
  88. package/docs//344/273/243/347/220/206/345/220/257/345/212/250/345/231/250/344/270/216/345/256/271/345/231/250/345/214/226.md +140 -0
  89. package/docs//344/273/243/347/240/201/347/273/237/350/256/241/345/267/245/345/205/267/344/275/277/347/224/250/350/257/264/346/230/216.md +217 -0
  90. package/docs//344/274/230/351/233/205/351/200/200/345/207/272/350/247/204/350/214/203.md +362 -0
  91. package/docs//344/276/235/350/265/226/347/256/241/347/220/206/350/257/264/346/230/216.md +141 -0
  92. package/docs//344/277/256/345/244/215/346/235/203/351/231/220/351/227/256/351/242/230-evol-RPC/346/235/203/351/231/220.md +268 -0
  93. package/docs//345/210/240/351/231/244kernel-client-example/345/256/214/346/210/220.md +309 -0
  94. package/docs//345/210/240/351/231/244ws-management/345/256/214/346/210/220.md +418 -0
  95. package/docs//345/220/257/345/212/250/344/274/230/345/214/226/346/226/271/346/241/210.md +522 -0
  96. package/docs//345/220/257/345/212/250/344/276/235/350/265/226/344/270/216/346/216/222/345/272/217.md +105 -0
  97. package/docs//345/256/211/350/243/205/350/204/232/346/234/254/345/274/200/345/217/221/346/226/207/346/241/243.md +643 -0
  98. package/docs//345/256/214/346/225/264/345/220/257/345/212/250/346/265/201/347/250/213/350/256/276/350/256/241.md +452 -0
  99. package/docs//345/256/236/347/216/260/350/247/204/345/210/222.md +195 -0
  100. package/docs//345/277/203/350/267/263/346/234/272/345/210/266/351/207/215/346/236/204/346/200/273/347/273/223.md +166 -0
  101. package/docs//346/217/241/346/211/213/350/256/244/350/257/201/346/226/271/346/241/210-/345/256/211/345/205/250/345/256/241/346/237/245.md +176 -0
  102. package/docs//346/217/241/346/211/213/350/256/244/350/257/201/346/226/271/346/241/210.md +908 -0
  103. package/docs//346/226/207/346/241/243/346/233/264/346/226/260/346/270/205/345/215/225.md +83 -0
  104. package/docs//346/227/245/345/277/227/344/270/216/345/274/202/345/270/270/345/244/204/347/220/206/350/247/204/350/214/203.md +829 -0
  105. package/docs//346/227/245/345/277/227/350/260/203/350/257/225/345/256/236/346/210/230/346/214/207/345/215/227.md +25 -0
  106. package/docs//346/236/266/346/236/204/345/200/237/351/211/264/346/214/207/345/215/227.md +977 -0
  107. package/docs//346/236/266/346/236/204/346/224/271/351/200/240-/345/256/214/346/210/220/346/200/273/347/273/223.md +440 -0
  108. package/docs//346/236/266/346/236/204/347/216/260/347/212/266/344/270/216/347/273/210/346/236/201/347/233/256/346/240/207/345/257/271/346/257/224/345/210/206/346/236/220.md +508 -0
  109. package/docs//346/250/241/345/235/227/345/244/232/350/277/236/346/216/245/346/216/247/345/210/266/347/255/226/347/225/245.md +220 -0
  110. package/docs//346/250/241/345/235/227/345/256/211/350/243/205/346/234/272/345/210/266/350/256/276/350/256/241.md +500 -0
  111. package/docs//346/250/241/345/235/227/345/274/200/345/217/221/346/214/207/345/215/227.md +1824 -0
  112. package/docs//346/250/241/345/235/227/347/203/255/346/233/264/346/226/260.md +89 -0
  113. package/docs//346/250/241/345/235/227/350/277/234/347/250/213/351/203/250/347/275/262/345/274/200/345/217/221/350/247/204/350/214/203.md +460 -0
  114. package/docs//346/250/241/345/235/227/351/200/200/345/207/272/346/234/272/345/210/266/345/256/214/346/225/264/346/226/271/346/241/210.md +303 -0
  115. package/docs//346/250/241/345/235/227/351/205/215/347/275/256/345/212/240/350/275/275/344/270/216/347/203/255/351/207/215/350/275/275/350/247/204/350/214/203.md +369 -0
  116. package/docs//346/265/213/350/257/225/344/270/255/345/277/203/346/267/273/345/212/240/346/250/241/345/235/227/346/265/213/350/257/225/346/214/207/345/215/227.md +147 -0
  117. package/docs//347/211/210/346/234/254/351/224/201/345/256/232/347/216/257/345/242/203/347/256/241/347/220/206/346/226/271/346/241/210.md +331 -0
  118. package/docs//347/216/257/345/242/203/345/217/230/351/207/217/344/270/216/350/277/220/350/241/214/346/227/266/347/233/256/345/275/225/350/256/276/350/256/241.md +499 -0
  119. package/docs//347/216/257/345/242/203/347/256/241/347/220/206/345/256/214/346/225/264/346/226/271/346/241/210.md +334 -0
  120. package/docs//350/231/232/346/213/237/346/250/241/345/235/227/344/270/255/350/275/254/346/234/215/345/212/241/345/256/214/346/225/264/350/256/276/350/256/241.md +1496 -0
  121. package/docs//350/231/232/346/213/237/347/216/257/345/242/203/345/267/245/344/275/234/345/216/237/347/220/206.md +163 -0
  122. package/docs//350/256/241/345/210/222/347/256/241/347/220/206/345/231/250/344/275/277/347/224/250/346/214/207/345/215/227.md +196 -0
  123. package/docs//350/256/244/350/257/201/346/250/241/345/235/227/344/270/216Gateway/350/256/276/350/256/241/346/226/271/346/241/210.md +765 -0
  124. package/docs//350/277/234/347/250/213/346/250/241/345/235/227/350/256/276/350/256/241-/346/227/247/347/211/210.md +1117 -0
  125. package/docs//350/277/234/347/250/213/346/250/241/345/235/227/350/256/276/350/256/241.md +451 -0
  126. package/docs//351/207/215/346/236/204/346/234/272/345/210/266/346/270/205/345/215/225.md +192 -0
  127. package/docs//351/223/276/350/267/257/350/277/275/350/270/252/346/226/271/346/241/210.md +242 -0
  128. package/docs//351/231/215/347/272/247/347/255/226/347/225/245/350/256/276/350/256/241/346/226/271/346/241/210.md +618 -0
  129. package/extensions/agents/assistant/entry.py +113 -14
  130. package/extensions/agents/assistant/module.md +27 -22
  131. package/extensions/agents/assistant/server.py +308 -106
  132. package/extensions/channels/acp_channel/entry.py +114 -16
  133. package/extensions/channels/acp_channel/module.md +4 -0
  134. package/extensions/channels/acp_channel/server.py +412 -105
  135. package/extensions/channels/phone_channel/__init__.py +1 -0
  136. package/extensions/channels/phone_channel/entry.py +503 -0
  137. package/extensions/channels/phone_channel/module.md +31 -0
  138. package/extensions/channels/phone_channel/server.py +686 -0
  139. package/extensions/event_hub_bench/entry.py +55 -12
  140. package/extensions/event_hub_bench/module.md +27 -27
  141. package/extensions/services/audit/README.md +134 -0
  142. package/extensions/services/audit/collector.py +73 -0
  143. package/extensions/services/audit/entry.py +444 -0
  144. package/extensions/services/audit/module.md +66 -0
  145. package/extensions/services/audit/query_audit.py +111 -0
  146. package/extensions/services/audit/routes/__init__.py +1 -0
  147. package/extensions/services/audit/routes/routes_audit.py +113 -0
  148. package/extensions/services/audit/schemas/__init__.py +5 -0
  149. package/extensions/services/audit/schemas/audit_event.py +92 -0
  150. package/extensions/services/audit/server.py +542 -0
  151. package/extensions/services/audit/storage.py +95 -0
  152. package/extensions/services/auth/entry.py +1054 -0
  153. package/extensions/services/auth/module.md +31 -0
  154. package/extensions/services/auth/token_store.py +185 -0
  155. package/extensions/services/auth/verifiers/evol_account.py +101 -0
  156. package/extensions/services/auth/verifiers/kite_token.py +38 -0
  157. package/extensions/services/auth/verifiers/pairing_code.py +71 -0
  158. package/extensions/services/backup/entry.py +505 -201
  159. package/extensions/services/backup/module.md +4 -2
  160. package/extensions/services/dataclaw/api/__init__.py +0 -0
  161. package/extensions/services/dataclaw/api/admin.py +367 -0
  162. package/extensions/services/dataclaw/api/copyright.py +175 -0
  163. package/extensions/services/dataclaw/api/credits.py +177 -0
  164. package/extensions/services/dataclaw/api/data.py +179 -0
  165. package/extensions/services/dataclaw/api/demands.py +269 -0
  166. package/extensions/services/dataclaw/api/feeds.py +262 -0
  167. package/extensions/services/dataclaw/api/identity.py +505 -0
  168. package/extensions/services/dataclaw/api/notifications.py +104 -0
  169. package/extensions/services/dataclaw/api/reviews.py +138 -0
  170. package/extensions/services/dataclaw/api/search.py +153 -0
  171. package/extensions/services/dataclaw/api/subscriptions.py +157 -0
  172. package/extensions/services/dataclaw/config.json5 +96 -0
  173. package/extensions/services/dataclaw/core/__init__.py +0 -0
  174. package/extensions/services/dataclaw/core/auth.py +95 -0
  175. package/extensions/services/dataclaw/core/config.py +50 -0
  176. package/extensions/services/dataclaw/core/database.py +70 -0
  177. package/extensions/services/dataclaw/entry.py +416 -0
  178. package/extensions/services/dataclaw/gofeed/351/241/271/347/233/256/346/211/200/346/234/211/346/235/203/350/275/254/347/247/273/346/265/201/347/250/213/350/257/264/346/230/216.md +309 -0
  179. package/extensions/services/dataclaw/migrate.py +283 -0
  180. package/extensions/services/dataclaw/models/__init__.py +0 -0
  181. package/extensions/services/dataclaw/module.md +49 -0
  182. package/extensions/services/dataclaw/requirements.txt +18 -0
  183. package/extensions/services/dataclaw/server.py +759 -0
  184. package/extensions/services/dataclaw/services/__init__.py +0 -0
  185. package/extensions/services/dataclaw/services/agent_service.py +132 -0
  186. package/extensions/services/dataclaw/services/credit_service.py +235 -0
  187. package/extensions/services/dataclaw/services/email_service.py +140 -0
  188. package/extensions/services/dataclaw/services/feed_service.py +259 -0
  189. package/extensions/services/dataclaw/services/notification_service.py +209 -0
  190. package/extensions/services/dataclaw/services/oauth_service.py +275 -0
  191. package/extensions/services/dataclaw/services/pricing.py +102 -0
  192. package/extensions/services/dataclaw/services/quality.py +79 -0
  193. package/extensions/services/dataclaw/services/reputation.py +142 -0
  194. package/extensions/services/dataclaw/services/sms_service.py +174 -0
  195. package/extensions/services/dataclaw/static/css/common.css +853 -0
  196. package/extensions/services/dataclaw/static/css/themes/blue.css +42 -0
  197. package/extensions/services/dataclaw/static/css/themes/dark.css +42 -0
  198. package/extensions/services/dataclaw/static/css/themes/light.css +35 -0
  199. package/extensions/services/dataclaw/static/js/api.js +103 -0
  200. package/extensions/services/dataclaw/static/js/common.js +321 -0
  201. package/extensions/services/dataclaw/static/js/i18n.js +95 -0
  202. package/extensions/services/dataclaw/static/js/pages/admin.js +152 -0
  203. package/extensions/services/dataclaw/static/js/pages/dashboard.js +82 -0
  204. package/extensions/services/dataclaw/static/js/pages/feed-detail.js +180 -0
  205. package/extensions/services/dataclaw/static/js/pages/feed-manage.js +158 -0
  206. package/extensions/services/dataclaw/static/js/theme.js +46 -0
  207. package/extensions/services/dataclaw/static/locales/en-US.json +464 -0
  208. package/extensions/services/dataclaw/static/locales/ja-JP.json +464 -0
  209. package/extensions/services/dataclaw/static/locales/zh-CN.json +464 -0
  210. package/extensions/services/dataclaw/templates/admin/index.html +90 -0
  211. package/extensions/services/dataclaw/templates/base.html +136 -0
  212. package/extensions/services/dataclaw/templates/credits/balance.html +106 -0
  213. package/extensions/services/dataclaw/templates/credits/deposit.html +164 -0
  214. package/extensions/services/dataclaw/templates/credits/history.html +90 -0
  215. package/extensions/services/dataclaw/templates/dashboard.html +52 -0
  216. package/extensions/services/dataclaw/templates/demands/create.html +78 -0
  217. package/extensions/services/dataclaw/templates/demands/detail.html +136 -0
  218. package/extensions/services/dataclaw/templates/demands/list.html +94 -0
  219. package/extensions/services/dataclaw/templates/feeds/create.html +95 -0
  220. package/extensions/services/dataclaw/templates/feeds/detail.html +110 -0
  221. package/extensions/services/dataclaw/templates/feeds/list.html +110 -0
  222. package/extensions/services/dataclaw/templates/feeds/manage.html +88 -0
  223. package/extensions/services/dataclaw/templates/index.html +185 -0
  224. package/extensions/services/dataclaw/templates/login.html +246 -0
  225. package/extensions/services/dataclaw/templates/register.html +164 -0
  226. package/extensions/services/dataclaw/templates/settings/notifications.html +96 -0
  227. package/extensions/services/dataclaw/templates/settings/profile.html +167 -0
  228. package/extensions/services/dataclaw/templates/subscriptions/list.html +64 -0
  229. package/extensions/services/dataclaw/tests/__init__.py +0 -0
  230. package/extensions/services/dataclaw/tests/conftest.py +68 -0
  231. package/extensions/services/dataclaw/tests/integration/__init__.py +0 -0
  232. package/extensions/services/dataclaw/tests/integration/test_workflows.py +239 -0
  233. package/extensions/services/dataclaw/tests/unit/__init__.py +0 -0
  234. package/extensions/services/dataclaw/tests/unit/test_admin.py +70 -0
  235. package/extensions/services/dataclaw/tests/unit/test_copyright.py +63 -0
  236. package/extensions/services/dataclaw/tests/unit/test_credits.py +80 -0
  237. package/extensions/services/dataclaw/tests/unit/test_data.py +98 -0
  238. package/extensions/services/dataclaw/tests/unit/test_demands.py +106 -0
  239. package/extensions/services/dataclaw/tests/unit/test_feeds.py +98 -0
  240. package/extensions/services/dataclaw/tests/unit/test_identity.py +88 -0
  241. package/extensions/services/dataclaw/tests/unit/test_notifications.py +36 -0
  242. package/extensions/services/dataclaw/tests/unit/test_reviews.py +68 -0
  243. package/extensions/services/dataclaw/tests/unit/test_search.py +64 -0
  244. package/extensions/services/dataclaw/tests/unit/test_subscriptions.py +65 -0
  245. package/extensions/services/dataclaw/tests/unit/test_system.py +106 -0
  246. package/extensions/services/dataclaw/utils/__init__.py +0 -0
  247. package/extensions/services/dataclaw/utils/crypto.py +38 -0
  248. package/extensions/services/dataclaw/utils/id_generator.py +52 -0
  249. package/extensions/services/dataclaw/ws/__init__.py +0 -0
  250. package/extensions/services/dataclaw/ws/handler.py +163 -0
  251. package/extensions/services/dataclaw//345/215/217/350/256/2561-/351/241/271/347/233/256/346/235/241/344/273/266/346/216/210/346/235/203/344/270/216/350/202/241/346/235/203/345/257/271/344/273/267/345/215/217/350/256/256.md +243 -0
  252. package/extensions/services/dataclaw//345/215/217/350/256/2562-/351/241/271/347/233/256/350/264/255/344/271/260/346/235/203/344/270/216/345/244/226/345/214/205/345/247/224/346/211/230/345/274/200/345/217/221/345/215/217/350/256/256.md +434 -0
  253. package/extensions/services/evol/__init__.py +1 -0
  254. package/extensions/services/evol/async_http.py +551 -0
  255. package/extensions/services/evol/auth_manager.py +602 -0
  256. package/extensions/services/evol/config.json5 +16 -0
  257. package/extensions/services/evol/config_loader.py +117 -0
  258. package/extensions/services/evol/entry.py +568 -0
  259. package/extensions/services/evol/evol_api.py +969 -0
  260. package/extensions/services/evol/evol_config.json5 +29 -0
  261. package/extensions/services/evol/mfa_totp.py +77 -0
  262. package/extensions/services/evol/migrate_tokens.py +122 -0
  263. package/extensions/services/evol/module.md +150 -0
  264. package/extensions/services/evol/nonce_pool.py +113 -0
  265. package/extensions/services/evol/oauth_manager.py +223 -0
  266. package/extensions/services/evol/pairing.py +251 -0
  267. package/extensions/services/evol/pairing_codes.jsonl +2 -0
  268. package/extensions/services/evol/relay.py +1031 -0
  269. package/extensions/services/evol/relay_config.json5 +85 -0
  270. package/extensions/services/evol/routes/__init__.py +1 -0
  271. package/extensions/services/evol/routes/routes_llm.py +231 -0
  272. package/extensions/services/evol/routes/routes_rpc.py +90 -0
  273. package/extensions/services/evol/routes/routes_test.py +68 -0
  274. package/extensions/services/evol/server.py +2426 -0
  275. package/extensions/services/evol/static/assets/CommissionView-Cs_ys6Gm.js +1 -0
  276. package/extensions/services/evol/static/assets/CommissionView-DACet_Oo.css +1 -0
  277. package/extensions/services/evol/static/assets/IframePage-DbO11U9G.js +1 -0
  278. package/extensions/services/evol/static/assets/IframePage-c572lT8i.css +1 -0
  279. package/extensions/services/evol/static/assets/TeamDetailView-DULrGD7k.css +1 -0
  280. package/extensions/services/evol/static/assets/TeamDetailView-gy_MBEqG.js +139 -0
  281. package/extensions/services/evol/static/assets/element-plus-Bd7pZkkM.js +63 -0
  282. package/extensions/services/evol/static/assets/index-CmMONKzG.css +1 -0
  283. package/extensions/services/evol/static/assets/index-D44bBe__.js +2 -0
  284. package/extensions/services/evol/static/assets/vue-vendor-DtF-__I4.js +29 -0
  285. package/extensions/services/evol/static/index.html +16 -0
  286. package/extensions/services/evol/static/logo.png +0 -0
  287. package/extensions/services/evol/stats_manager.py +243 -0
  288. package/extensions/services/evol/web/README.md +89 -0
  289. package/extensions/services/evol/web/build.bat +44 -0
  290. package/extensions/services/evol/web/index.html +13 -0
  291. package/extensions/services/evol/web/package-lock.json +1718 -0
  292. package/extensions/services/evol/web/package.json +26 -0
  293. package/extensions/services/evol/web/public/logo.png +0 -0
  294. package/extensions/services/evol/web/src/App.vue +7 -0
  295. package/extensions/services/evol/web/src/components/layout/AppHeader.vue +202 -0
  296. package/extensions/services/evol/web/src/components/layout/AppLayout.vue +61 -0
  297. package/extensions/services/evol/web/src/components/layout/AppSidebar.vue +115 -0
  298. package/extensions/services/evol/web/src/components/login/LoginPage.vue +271 -0
  299. package/extensions/services/evol/web/src/components/team/AddMemberModal.vue +181 -0
  300. package/extensions/services/evol/web/src/components/team/GroupTreeNode.vue +156 -0
  301. package/extensions/services/evol/web/src/components/team/TeamAlertConfig.vue +221 -0
  302. package/extensions/services/evol/web/src/components/team/TeamBillModal.vue +165 -0
  303. package/extensions/services/evol/web/src/components/team/TeamMembersAndGroups.vue +499 -0
  304. package/extensions/services/evol/web/src/components/team/TeamStatsPanel.vue +907 -0
  305. package/extensions/services/evol/web/src/components/team/TreeNode.vue +331 -0
  306. package/extensions/services/evol/web/src/components/team/stats/StatsExportProgress.vue +44 -0
  307. package/extensions/services/evol/web/src/components/team/stats/StatsHeader.vue +89 -0
  308. package/extensions/services/evol/web/src/components/team/stats/StatsMemberDetail.vue +415 -0
  309. package/extensions/services/evol/web/src/components/team/stats/StatsSummary.vue +42 -0
  310. package/extensions/services/evol/web/src/components/team/stats/helpers.ts +195 -0
  311. package/extensions/services/evol/web/src/components/team/stats/stats.css +741 -0
  312. package/extensions/services/evol/web/src/components/team/stats/useStatsApi.ts +114 -0
  313. package/extensions/services/evol/web/src/components/team/stats/useStatsCharts.ts +242 -0
  314. package/extensions/services/evol/web/src/components/team/stats/useStatsExport.ts +232 -0
  315. package/extensions/services/evol/web/src/composables/useFormatters.ts +42 -0
  316. package/extensions/services/evol/web/src/composables/useTheme.ts +52 -0
  317. package/extensions/services/evol/web/src/env.d.ts +7 -0
  318. package/extensions/services/evol/web/src/i18n/en.ts +361 -0
  319. package/extensions/services/evol/web/src/i18n/index.ts +36 -0
  320. package/extensions/services/evol/web/src/i18n/zh.ts +379 -0
  321. package/extensions/services/evol/web/src/main.ts +21 -0
  322. package/extensions/services/evol/web/src/router/index.ts +81 -0
  323. package/extensions/services/evol/web/src/services/kernel-client.ts +406 -0
  324. package/extensions/services/evol/web/src/stores/auth.ts +189 -0
  325. package/extensions/services/evol/web/src/stores/connection.ts +134 -0
  326. package/extensions/services/evol/web/src/stores/pages.ts +79 -0
  327. package/extensions/services/evol/web/src/styles/base.css +213 -0
  328. package/extensions/services/evol/web/src/styles/variables.css +138 -0
  329. package/extensions/services/evol/web/src/types/rpc.ts +35 -0
  330. package/extensions/services/evol/web/src/types/token.ts +87 -0
  331. package/extensions/services/evol/web/src/views/AccountView.vue +1532 -0
  332. package/extensions/services/evol/web/src/views/AiServiceView.vue +219 -0
  333. package/extensions/services/evol/web/src/views/CommissionView.vue +1220 -0
  334. package/extensions/services/evol/web/src/views/CreditsView.vue +131 -0
  335. package/extensions/services/evol/web/src/views/EndpointView.vue +163 -0
  336. package/extensions/services/evol/web/src/views/IframePage.vue +120 -0
  337. package/extensions/services/evol/web/src/views/TeamDetailView.vue +473 -0
  338. package/extensions/services/evol/web/src/views/TeamView.vue +332 -0
  339. package/extensions/services/evol/web/tsconfig.json +31 -0
  340. package/extensions/services/evol/web/tsconfig.node.json +10 -0
  341. package/extensions/services/evol/web/vite.config.ts +49 -0
  342. package/extensions/services/evolmem/__init__.py +0 -0
  343. package/extensions/services/evolmem/entry.py +387 -0
  344. package/extensions/services/evolmem/hooks/__init__.py +0 -0
  345. package/extensions/services/evolmem/hooks/assistant_stop.py +228 -0
  346. package/extensions/services/evolmem/hooks/common.py +76 -0
  347. package/extensions/services/evolmem/hooks/pre_tool_use.py +56 -0
  348. package/extensions/services/evolmem/hooks/session_end.py +133 -0
  349. package/extensions/services/evolmem/hooks/session_start.py +229 -0
  350. package/extensions/services/evolmem/hooks/user_prompt.py +122 -0
  351. package/extensions/services/evolmem/module.md +48 -0
  352. package/extensions/services/evolmem/prompts/00-server-info.md +28 -0
  353. package/extensions/services/evolmem/prompts/01-behavior.md +46 -0
  354. package/extensions/services/evolmem/prompts/02-summary-format.md +112 -0
  355. package/extensions/services/evolmem/prompts/03-file-query.md +92 -0
  356. package/extensions/services/evolmem/prompts/04-topic-stats.md +11 -0
  357. package/extensions/services/evolmem/prompts/05-recent-topics.md +84 -0
  358. package/extensions/services/evolmem/scripts/__init__.py +0 -0
  359. package/extensions/services/evolmem/scripts/extract_keywords.py +40 -0
  360. package/extensions/services/evolmem/scripts/search_topics.py +91 -0
  361. package/extensions/services/evolmem/server.py +641 -0
  362. package/extensions/services/gateway/entry.py +964 -0
  363. package/extensions/services/gateway/module.md +29 -0
  364. package/extensions/services/gateway/nonce_pool.py +65 -0
  365. package/extensions/services/gateway/relay.py +133 -0
  366. package/extensions/services/gateway/ws_server.py +285 -0
  367. package/extensions/services/kite_console/auth_manager.py +603 -0
  368. package/extensions/services/kite_console/config.json5 +19 -0
  369. package/extensions/services/kite_console/config_loader.py +117 -0
  370. package/extensions/services/kite_console/entry.py +528 -0
  371. package/extensions/services/kite_console/evol_api.py +179 -0
  372. package/extensions/services/kite_console/evol_config.json5 +29 -0
  373. package/extensions/services/kite_console/mfa_totp.py +77 -0
  374. package/extensions/services/kite_console/migrate_tokens.py +122 -0
  375. package/extensions/services/kite_console/module.md +37 -0
  376. package/extensions/services/kite_console/nonce_pool.py +113 -0
  377. package/extensions/services/kite_console/oauth_manager.py +223 -0
  378. package/extensions/services/kite_console/pairing.py +280 -0
  379. package/extensions/services/kite_console/pairing_codes.jsonl +2 -0
  380. package/extensions/services/kite_console/relay.py +1350 -0
  381. package/extensions/services/kite_console/relay_config.json5 +96 -0
  382. package/extensions/services/kite_console/routes/__init__.py +1 -0
  383. package/extensions/services/kite_console/routes/routes_llm.py +231 -0
  384. package/extensions/services/kite_console/routes/routes_proxy.py +115 -0
  385. package/extensions/services/kite_console/routes/routes_rpc.py +89 -0
  386. package/extensions/services/kite_console/routes/routes_test.py +68 -0
  387. package/extensions/services/kite_console/server.py +1742 -0
  388. package/extensions/services/kite_console/static/css/style.css +1854 -0
  389. package/extensions/services/kite_console/static/index.html +1524 -0
  390. package/extensions/services/kite_console/static/js/dialog.js +292 -0
  391. package/extensions/services/kite_console/static/js/evol-app.js +7740 -0
  392. package/extensions/services/kite_console/static/js/evol-app.js.backup +2777 -0
  393. package/extensions/services/kite_console/static/js/kernel-client.js +560 -0
  394. package/extensions/services/kite_console/static/js/kernel-client.js.backup +434 -0
  395. package/extensions/services/kite_console/static/js/registry-tests.js +592 -0
  396. package/extensions/services/kite_console/static/js/tests/ARCHITECTURE.md +67 -0
  397. package/extensions/services/kite_console/static/js/tests/README.md +140 -0
  398. package/extensions/services/kite_console/static/js/tests/index.js +161 -0
  399. package/extensions/services/kite_console/static/js/tests/integration/auth.js +120 -0
  400. package/extensions/services/kite_console/static/js/tests/integration/channel-interaction.js +188 -0
  401. package/extensions/services/kite_console/static/js/tests/integration/elastic-connection.js +115 -0
  402. package/extensions/services/kite_console/static/js/tests/integration/full-workflow.js +43 -0
  403. package/extensions/services/kite_console/static/js/tests/integration/multi-instance.js +304 -0
  404. package/extensions/services/kite_console/static/js/tests/integration/nested-rpc.js +266 -0
  405. package/extensions/services/kite_console/static/js/tests/integration/pingpong.js +25 -0
  406. package/extensions/services/kite_console/static/js/tests/integration/redis.js +227 -0
  407. package/extensions/services/kite_console/static/js/tests/integration/registry-core.js +52 -0
  408. package/extensions/services/kite_console/static/js/tests/integration/remote-deploy.js +85 -0
  409. package/extensions/services/kite_console/static/js/tests/integration/require-init.js +96 -0
  410. package/extensions/services/kite_console/static/js/tests/integration/scaling-control.js +193 -0
  411. package/extensions/services/kite_console/static/js/tests/integration/trace.js +109 -0
  412. package/extensions/services/kite_console/static/js/tests/modules/acp_channel.js +339 -0
  413. package/extensions/services/kite_console/static/js/tests/modules/auth.js +96 -0
  414. package/extensions/services/kite_console/static/js/tests/modules/backup.js +49 -0
  415. package/extensions/services/kite_console/static/js/tests/modules/gateway.js +41 -0
  416. package/extensions/services/kite_console/static/js/tests/modules/kernel.js +90 -0
  417. package/extensions/services/kite_console/static/js/tests/modules/launcher.js +75 -0
  418. package/extensions/services/kite_console/static/js/tests/modules/multi_instance.js +129 -0
  419. package/extensions/services/kite_console/static/js/tests/modules/phone_channel.js +364 -0
  420. package/extensions/services/kite_console/static/js/tests/modules/redis.js +178 -0
  421. package/extensions/services/kite_console/static/js/tests/modules/watchdog.js +60 -0
  422. package/extensions/services/kite_console/static/js/tests/modules/web.js +70 -0
  423. package/extensions/services/kite_console/static/js/tests/test-runner.js +123 -0
  424. package/extensions/services/kite_console/static/js/virtual-list.js +200 -0
  425. package/extensions/services/kite_console/static/pairing.html +248 -0
  426. package/extensions/services/kite_console/static/test_kernel_client_token.html +352 -0
  427. package/extensions/services/kite_console/static/test_registry.html +262 -0
  428. package/extensions/services/kite_console/static/test_relay.html +462 -0
  429. package/extensions/services/kite_console/stats_manager.py +247 -0
  430. package/extensions/services/logs/README.md +215 -0
  431. package/extensions/services/logs/api_logger.py +37 -0
  432. package/extensions/services/logs/baseline.py +121 -0
  433. package/extensions/services/logs/cleaner.py +76 -0
  434. package/extensions/services/logs/entry.py +449 -0
  435. package/extensions/services/logs/formatter.py +129 -0
  436. package/extensions/services/logs/module.md +38 -0
  437. package/extensions/services/logs/quick_diagnostic.py +128 -0
  438. package/extensions/services/logs/routes/__init__.py +1 -0
  439. package/extensions/services/logs/routes/routes_logs.py +218 -0
  440. package/extensions/services/logs/routes/routes_logs.py.backup +173 -0
  441. package/extensions/services/logs/scanner.py +100 -0
  442. package/extensions/services/logs/searcher.py +263 -0
  443. package/extensions/services/logs/server.py +553 -0
  444. package/extensions/services/logs.zip +0 -0
  445. package/extensions/services/model_service/config.json5 +30 -0
  446. package/extensions/services/model_service/entry.py +633 -162
  447. package/extensions/services/model_service/module.md +11 -2
  448. package/extensions/services/proxy/.claude/settings.local.json +13 -0
  449. package/extensions/services/proxy/__init__.py +0 -0
  450. package/extensions/services/proxy/agentcp/LICENCE +178 -0
  451. package/extensions/services/proxy/agentcp/README copy.md +85 -0
  452. package/extensions/services/proxy/agentcp/README.md +260 -0
  453. package/extensions/services/proxy/agentcp/__init__.py +16 -0
  454. package/extensions/services/proxy/agentcp/agent.py +4 -0
  455. package/extensions/services/proxy/agentcp/agentcp.py +2494 -0
  456. package/extensions/services/proxy/agentcp/agentprofile.json +89 -0
  457. package/extensions/services/proxy/agentcp/ap/__init__.py +16 -0
  458. package/extensions/services/proxy/agentcp/ap/ap_client.py +316 -0
  459. package/extensions/services/proxy/agentcp/assets/images/wechat_qr.png +0 -0
  460. package/extensions/services/proxy/agentcp/backup/metrics.json +31 -0
  461. package/extensions/services/proxy/agentcp/base/__init__.py +20 -0
  462. package/extensions/services/proxy/agentcp/base/auth_client.py +257 -0
  463. package/extensions/services/proxy/agentcp/base/client.py +112 -0
  464. package/extensions/services/proxy/agentcp/base/env.py +34 -0
  465. package/extensions/services/proxy/agentcp/base/html_util.py +336 -0
  466. package/extensions/services/proxy/agentcp/base/log.py +98 -0
  467. package/extensions/services/proxy/agentcp/ca/__init__.py +17 -0
  468. package/extensions/services/proxy/agentcp/ca/ca_client.py +414 -0
  469. package/extensions/services/proxy/agentcp/ca/ca_root.py +74 -0
  470. package/extensions/services/proxy/agentcp/context/__init__.py +20 -0
  471. package/extensions/services/proxy/agentcp/context/context.py +73 -0
  472. package/extensions/services/proxy/agentcp/context/exceptions.py +114 -0
  473. package/extensions/services/proxy/agentcp/create_profile.py +125 -0
  474. package/extensions/services/proxy/agentcp/create_profile_weather.py +125 -0
  475. package/extensions/services/proxy/agentcp/db/__init__.py +15 -0
  476. package/extensions/services/proxy/agentcp/db/db_mananger.py +550 -0
  477. package/extensions/services/proxy/agentcp/docs/UDP_HEARTBEAT_FIX_REPORT.md +265 -0
  478. package/extensions/services/proxy/agentcp/docs/heartbeat_issue_analysis.md +291 -0
  479. package/extensions/services/proxy/agentcp/file/__init__.py +16 -0
  480. package/extensions/services/proxy/agentcp/file/file_client.py +141 -0
  481. package/extensions/services/proxy/agentcp/file/wss_binary_message.py +137 -0
  482. package/extensions/services/proxy/agentcp/hcp.py +299 -0
  483. package/extensions/services/proxy/agentcp/heartbeat/__init__.py +16 -0
  484. package/extensions/services/proxy/agentcp/heartbeat/heartbeat_client.py +360 -0
  485. package/extensions/services/proxy/agentcp/improved_scheduler.py +498 -0
  486. package/extensions/services/proxy/agentcp/llm_agent_utils.py +249 -0
  487. package/extensions/services/proxy/agentcp/llm_server.py +172 -0
  488. package/extensions/services/proxy/agentcp/mermaid.py +210 -0
  489. package/extensions/services/proxy/agentcp/message.py +149 -0
  490. package/extensions/services/proxy/agentcp/metrics.py +256 -0
  491. package/extensions/services/proxy/agentcp/monitoring/__init__.py +20 -0
  492. package/extensions/services/proxy/agentcp/monitoring/global_monitor.py +27 -0
  493. package/extensions/services/proxy/agentcp/monitoring/metrics_store.py +325 -0
  494. package/extensions/services/proxy/agentcp/monitoring/monitoring_service.py +269 -0
  495. package/extensions/services/proxy/agentcp/monitoring/sliding_window.py +222 -0
  496. package/extensions/services/proxy/agentcp/monitoring/standalone_reader.py +224 -0
  497. package/extensions/services/proxy/agentcp/msg/__init__.py +21 -0
  498. package/extensions/services/proxy/agentcp/msg/connection_manager.py +456 -0
  499. package/extensions/services/proxy/agentcp/msg/message_client.py +2058 -0
  500. package/extensions/services/proxy/agentcp/msg/message_serialize.py +263 -0
  501. package/extensions/services/proxy/agentcp/msg/open_ai_message.py +88 -0
  502. package/extensions/services/proxy/agentcp/msg/session_manager.py +1062 -0
  503. package/extensions/services/proxy/agentcp/msg/stream_client.py +267 -0
  504. package/extensions/services/proxy/agentcp/msg/websocket_file_receiver.py +89 -0
  505. package/extensions/services/proxy/agentcp/msg/ws_logger.py +685 -0
  506. package/extensions/services/proxy/agentcp/msg/wss_binary_message.py +137 -0
  507. package/extensions/services/proxy/agentcp/requirements.txt +7 -0
  508. package/extensions/services/proxy/agentcp/samples/agent_graph/README.md +37 -0
  509. package/extensions/services/proxy/agentcp/samples/agent_graph/agentprofile.json +89 -0
  510. package/extensions/services/proxy/agentcp/samples/agent_graph/create_profile.py +138 -0
  511. package/extensions/services/proxy/agentcp/samples/agent_graph/main.py +164 -0
  512. package/extensions/services/proxy/agentcp/samples/agent_use/create_profile.py +123 -0
  513. package/extensions/services/proxy/agentcp/samples/agent_use/llm/create_profile.py +129 -0
  514. package/extensions/services/proxy/agentcp/samples/agent_use/llm/env.json +5 -0
  515. package/extensions/services/proxy/agentcp/samples/agent_use/llm/main.py +146 -0
  516. package/extensions/services/proxy/agentcp/samples/agent_use/main.py +123 -0
  517. package/extensions/services/proxy/agentcp/samples/agent_use/readme.md +379 -0
  518. package/extensions/services/proxy/agentcp/samples/agent_use/search/create_profile.py +129 -0
  519. package/extensions/services/proxy/agentcp/samples/agent_use/search/main.py +28 -0
  520. package/extensions/services/proxy/agentcp/samples/agent_use/tool/create_profile.py +129 -0
  521. package/extensions/services/proxy/agentcp/samples/agent_use/tool/main.py +20 -0
  522. package/extensions/services/proxy/agentcp/samples/ali_amap/README.md +97 -0
  523. package/extensions/services/proxy/agentcp/samples/ali_amap/amap_agent.py +88 -0
  524. package/extensions/services/proxy/agentcp/samples/ali_amap/create_profile.py +125 -0
  525. package/extensions/services/proxy/agentcp/samples/compute_agent/agent/powershell.py +228 -0
  526. package/extensions/services/proxy/agentcp/samples/compute_agent/agent/software.py +63 -0
  527. package/extensions/services/proxy/agentcp/samples/compute_agent/agent/tools.py +36 -0
  528. package/extensions/services/proxy/agentcp/samples/compute_agent/browser_user.py +41 -0
  529. package/extensions/services/proxy/agentcp/samples/deepseek/README.md +79 -0
  530. package/extensions/services/proxy/agentcp/samples/deepseek/create_profile.py +126 -0
  531. package/extensions/services/proxy/agentcp/samples/deepseek/deepseek.py +42 -0
  532. package/extensions/services/proxy/agentcp/samples/dify_chat/README.md +78 -0
  533. package/extensions/services/proxy/agentcp/samples/dify_chat/create_profile.py +126 -0
  534. package/extensions/services/proxy/agentcp/samples/dify_chat/dify_chat.py +47 -0
  535. package/extensions/services/proxy/agentcp/samples/dify_workflow/README.md +78 -0
  536. package/extensions/services/proxy/agentcp/samples/dify_workflow/create_profile.py +126 -0
  537. package/extensions/services/proxy/agentcp/samples/dify_workflow/dify_workflow.py +46 -0
  538. package/extensions/services/proxy/agentcp/samples/executor/README.md +44 -0
  539. package/extensions/services/proxy/agentcp/samples/executor/agentprofile.json +89 -0
  540. package/extensions/services/proxy/agentcp/samples/executor/create_profile.py +139 -0
  541. package/extensions/services/proxy/agentcp/samples/executor/main.py +160 -0
  542. package/extensions/services/proxy/agentcp/samples/filereader/README.md +45 -0
  543. package/extensions/services/proxy/agentcp/samples/filereader/agentprofile.json +90 -0
  544. package/extensions/services/proxy/agentcp/samples/filereader/create_profile.py +137 -0
  545. package/extensions/services/proxy/agentcp/samples/filereader/main.py +253 -0
  546. package/extensions/services/proxy/agentcp/samples/filewriter/README.md +38 -0
  547. package/extensions/services/proxy/agentcp/samples/filewriter/agentprofile.json +91 -0
  548. package/extensions/services/proxy/agentcp/samples/filewriter/create_profile.py +138 -0
  549. package/extensions/services/proxy/agentcp/samples/filewriter/main.py +289 -0
  550. package/extensions/services/proxy/agentcp/samples/hcp/README.md +85 -0
  551. package/extensions/services/proxy/agentcp/samples/hcp/acp_weather_agent.zip +0 -0
  552. package/extensions/services/proxy/agentcp/samples/hcp/create_profile.py +125 -0
  553. package/extensions/services/proxy/agentcp/samples/hcp/hcp.py +237 -0
  554. package/extensions/services/proxy/agentcp/samples/helloworld/README.md +68 -0
  555. package/extensions/services/proxy/agentcp/samples/helloworld/hello_world.py +40 -0
  556. package/extensions/services/proxy/agentcp/samples/llm_agent/MEADME.md +117 -0
  557. package/extensions/services/proxy/agentcp/samples/llm_agent/create_profile.py +125 -0
  558. package/extensions/services/proxy/agentcp/samples/llm_agent/qwen_agent.py +136 -0
  559. package/extensions/services/proxy/agentcp/samples/local_llm_agent/README.md +90 -0
  560. package/extensions/services/proxy/agentcp/samples/local_llm_agent/create_profile.py +125 -0
  561. package/extensions/services/proxy/agentcp/samples/local_llm_agent/main.py +49 -0
  562. package/extensions/services/proxy/agentcp/samples/query_llm_from_agent/README.md +55 -0
  563. package/extensions/services/proxy/agentcp/samples/query_llm_from_agent/create_profile.py +125 -0
  564. package/extensions/services/proxy/agentcp/samples/query_llm_from_agent/main.py +23 -0
  565. package/extensions/services/proxy/agentcp/samples/query_weather_api_agent/README.md +103 -0
  566. package/extensions/services/proxy/agentcp/samples/query_weather_api_agent/create_profile.py +125 -0
  567. package/extensions/services/proxy/agentcp/samples/query_weather_api_agent/main.py +69 -0
  568. package/extensions/services/proxy/agentcp/samples/query_weather_from_agent/README.md +58 -0
  569. package/extensions/services/proxy/agentcp/samples/query_weather_from_agent/create_profile.py +125 -0
  570. package/extensions/services/proxy/agentcp/samples/query_weather_from_agent/main.py +25 -0
  571. package/extensions/services/proxy/agentcp/samples/qwen3/README.md +71 -0
  572. package/extensions/services/proxy/agentcp/samples/qwen3/create_profile.py +126 -0
  573. package/extensions/services/proxy/agentcp/samples/qwen3/qwen3.py +37 -0
  574. package/extensions/services/proxy/agentcp/samples/qwen3_tools/README.md +133 -0
  575. package/extensions/services/proxy/agentcp/samples/qwen3_tools/create_profile.py +126 -0
  576. package/extensions/services/proxy/agentcp/samples/qwen3_tools/qwen3_tools.py +98 -0
  577. package/extensions/services/proxy/agentcp/samples/search/create_profile_qwen.py +125 -0
  578. package/extensions/services/proxy/agentcp/samples/search/create_profile_search.py +125 -0
  579. package/extensions/services/proxy/agentcp/samples/search/qwen_agent.py +136 -0
  580. package/extensions/services/proxy/agentcp/samples/search/search_agent.py +170 -0
  581. package/extensions/services/proxy/agentcp/samples/wrapper_agently_to_agent/README.md +89 -0
  582. package/extensions/services/proxy/agentcp/samples/wrapper_agently_to_agent/create_profile.py +125 -0
  583. package/extensions/services/proxy/agentcp/samples/wrapper_agently_to_agent/main.py +44 -0
  584. package/extensions/services/proxy/agentcp/utils/__init__.py +15 -0
  585. package/extensions/services/proxy/agentcp/utils/file_util.py +117 -0
  586. package/extensions/services/proxy/agentcp/utils/proxy_bypass.py +99 -0
  587. package/extensions/services/proxy/agentcp/workflow.py +203 -0
  588. package/extensions/services/proxy/aid_manager.py +419 -0
  589. package/extensions/services/proxy/auth_bridge.py +182 -0
  590. package/extensions/services/proxy/config_store.py +79 -0
  591. package/extensions/services/proxy/entry.py +528 -0
  592. package/extensions/services/proxy/evol/__init__.py +1 -0
  593. package/extensions/services/proxy/evol/config.py +37 -0
  594. package/extensions/services/proxy/evol/http/__init__.py +1 -0
  595. package/extensions/services/proxy/evol/http/async_http.py +551 -0
  596. package/extensions/services/proxy/evol/log.py +28 -0
  597. package/extensions/services/proxy/evol/presenter/__init__.py +2 -0
  598. package/extensions/services/proxy/evol/presenter/agentIdPresenter.py +1031 -0
  599. package/extensions/services/proxy/evol/presenter/apikeyPresenter.py +96 -0
  600. package/extensions/services/proxy/evol/presenter/configPresenter.py +234 -0
  601. package/extensions/services/proxy/evol/presenter/userPresenter.py +71 -0
  602. package/extensions/services/proxy/evol/server/__init__.py +1 -0
  603. package/extensions/services/proxy/evol/server/claude_proxy_async.py +3434 -0
  604. package/extensions/services/proxy/evol/server/openclaw_proxy.py +1861 -0
  605. package/extensions/services/proxy/evol/server/proxy_config.py +15 -0
  606. package/extensions/services/proxy/evol/server/proxy_engine.py +501 -0
  607. package/extensions/services/proxy/evol/version.py +24 -0
  608. package/extensions/services/proxy/module.md +151 -0
  609. package/extensions/services/proxy/server.py +952 -0
  610. package/extensions/services/redis/ALIGNMENT_CHECKLIST.md +121 -0
  611. package/extensions/services/redis/ALIGNMENT_STATUS.md +548 -0
  612. package/extensions/services/redis/config.json5 +8 -0
  613. package/extensions/services/redis/entry.py +1509 -0
  614. package/extensions/services/redis/entry.py.backup +405 -0
  615. package/extensions/services/redis/module.md +48 -0
  616. package/extensions/services/redis/redis_builtin.py +332 -0
  617. package/extensions/services/redis/redis_external.py +164 -0
  618. package/extensions/services/testUi/entry.py +446 -0
  619. package/extensions/services/testUi/module.md +18 -0
  620. package/extensions/services/testUi/ui/cards.html +131 -0
  621. package/extensions/services/testUi/ui/index.html +22 -0
  622. package/extensions/services/testUi/ui/particles.html +143 -0
  623. package/extensions/services/watchdog/entry.py +1258 -767
  624. package/extensions/services/watchdog/module.md +3 -0
  625. package/extensions/services/watchdog/monitor.py +483 -75
  626. package/extensions/services/web/auth_manager.py +602 -0
  627. package/extensions/services/web/config.json5 +11 -0
  628. package/extensions/services/web/entry.py +598 -478
  629. package/extensions/services/web/mfa_totp.py +77 -0
  630. package/extensions/services/web/module.md +17 -14
  631. package/extensions/services/web/nonce_pool.py +113 -0
  632. package/extensions/services/web/oauth_manager.py +223 -0
  633. package/extensions/services/web/pairing.py +3 -2
  634. package/extensions/services/web/pairing_codes.jsonl +1 -0
  635. package/extensions/services/web/relay.py +442 -63
  636. package/extensions/services/web/relay_config.json5 +1 -2
  637. package/extensions/services/web/routes/routes_rpc.py +6 -6
  638. package/extensions/services/web/server.py +380 -181
  639. package/extensions/services/web/static/index.html +1752 -1738
  640. package/extensions/services/web/static/js/app.js +32 -0
  641. package/extensions/services/web/static/js/kernel-client.js +48 -9
  642. package/extensions/services/web/static/js/token-manager.js +10 -10
  643. package/extensions/services/web/vendor/bluetooth/audio.py +1 -1
  644. package/extensions/services/web/vendor/config.py +2 -2
  645. package/extensions/services/web/vendor/storage/identity.py +1 -1
  646. package/kernel/entry.py +77 -23
  647. package/kernel/event_hub.py +1122 -74
  648. package/kernel/module.md +26 -1
  649. package/kernel/registry_store.py +209 -36
  650. package/kernel/rpc_router.py +1400 -465
  651. package/kernel/server.py +1084 -108
  652. package/kite_cli/builders/__init__.py +4 -0
  653. package/kite_cli/builders/base.py +67 -0
  654. package/kite_cli/builders/custom.py +31 -0
  655. package/kite_cli/builders/detector.py +56 -0
  656. package/kite_cli/builders/go.py +34 -0
  657. package/kite_cli/builders/gradle.py +41 -0
  658. package/kite_cli/builders/maven.py +36 -0
  659. package/kite_cli/builders/npm.py +44 -0
  660. package/kite_cli/builders/python.py +37 -0
  661. package/kite_cli/commands/BUILD_GUIDE.md +109 -0
  662. package/kite_cli/commands/build.py +142 -0
  663. package/kite_cli/commands/check.py +60 -0
  664. package/kite_cli/commands/config.py +156 -0
  665. package/kite_cli/commands/deps.py +58 -0
  666. package/kite_cli/commands/deps_install.py +67 -0
  667. package/kite_cli/commands/disable.py +162 -0
  668. package/kite_cli/commands/enable.py +162 -0
  669. package/kite_cli/commands/env_check.py +45 -0
  670. package/kite_cli/commands/export.py +96 -0
  671. package/kite_cli/commands/import_cmd.py +110 -0
  672. package/kite_cli/commands/install.py +50 -23
  673. package/kite_cli/commands/install_skill.py +107 -0
  674. package/kite_cli/commands/list.py +128 -31
  675. package/kite_cli/commands/outdated.py +202 -0
  676. package/kite_cli/commands/prepare.py +49 -0
  677. package/kite_cli/commands/search.py +33 -17
  678. package/kite_cli/commands/update.py +115 -2
  679. package/kite_cli/commands/venv_setup.py +56 -0
  680. package/kite_cli/commands/why.py +48 -0
  681. package/kite_cli/core/config_manager.py +145 -0
  682. package/kite_cli/core/downloader.py +32 -2
  683. package/kite_cli/main.py +179 -5
  684. package/kite_cli/utils/colors.py +153 -0
  685. package/kite_cli/utils/dependency_graph.py +209 -0
  686. package/kite_cli/utils/process.py +55 -0
  687. package/kite_cli/utils/progress.py +207 -0
  688. package/kite_cli/utils/table.py +101 -0
  689. package/launcher/count_lines.py +192 -43
  690. package/launcher/entry.py +4543 -2517
  691. package/launcher/logging_setup.py +54 -1
  692. package/launcher/module.md +37 -2
  693. package/launcher/module_scanner.py +103 -20
  694. package/launcher/process_manager.py +355 -76
  695. package/main.py +10 -1
  696. package/package.json +11 -1
  697. package/python_version.json +4 -0
  698. package/requirements.txt +41 -0
  699. package/scripts/auto-fix-deps.py +128 -0
  700. package/scripts/env-manager.js +351 -0
  701. package/scripts/final-test.js +78 -0
  702. package/scripts/python-env.js +79 -0
  703. package/scripts/scan_dependencies.py +461 -0
  704. package/scripts/setup-python-env.js +700 -0
  705. package/scripts/test-alluser.js +48 -0
  706. package/scripts/test-different-version.js +86 -0
  707. package/scripts/test-direct.js +63 -0
  708. package/scripts/test-extract-installer.js +28 -0
  709. package/scripts/test-install-log.js +54 -0
  710. package/scripts/test-installer.js +39 -0
  711. package/scripts/test-integration.js +250 -0
  712. package/scripts/test-real-install.js +210 -0
  713. package/scripts/test-targetdir.js +49 -0
  714. package/scripts/test-venv-real.js +47 -0
  715. package/scripts/test-venv-simple.js +57 -0
  716. package/scripts/test-wait.js +49 -0
  717. package/scripts/test-with-log.js +63 -0
  718. package/extensions/services/web/config.yaml +0 -149
package/docs//350/256/244/350/257/201/346/250/241/345/235/227/344/270/216Gateway/350/256/276/350/256/241/346/226/271/346/241/210.md ADDED
@@ -0,0 +1,765 @@
1
+ # 认证模块与 Gateway 设计方案
2
+
3
+ ## 1. 问题与目标
4
+
5
+ 现有认证逻辑全部耦合在 `kite_console/relay.py` 中(配对码、Token、OAuth、MFA)。需要:
6
+
7
+ - 将认证逻辑抽离为独立的 **Auth 模块**(标准 Kite 模块)
8
+ - 新增独立的 **Gateway 模块**(标准 Kite 模块,独立端口)
9
+ - kite_console 的 Relay 组件保持为控制台内部组件,与 Gateway 在认证流程上行为一致
10
+ - 全程使用 **JSON-RPC 2.0** 格式,包括握手阶段
11
+
12
+ ## 2. 系统拓扑
13
+
14
+ ```
15
+ ┌──────────────────────────────────────────────────────────────────┐
16
+ │ Kite 实例 │
17
+ │ │
18
+ │ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ │
19
+ │ │ Launcher │ │ Watchdog │ │ Web │ │ Backup │ ... │
20
+ │ └────┬─────┘ └────┬─────┘ └────┬─────┘ └────┬─────┘ │
21
+ │ └──────────────┼─────────────┼─────────────┘ │
22
+ │ │ stdin token│ │
23
+ │ ┌──────▼─────────────▼──────┐ │
24
+ │ │ Kernel │ │
25
+ │ │ Registry·EventHub·RPC │ │
26
+ │ └──┬──────────┬──────────┬──┘ │
27
+ │ │ │ │ │
28
+ │ ┌───────▼──┐ ┌───▼────┐ ┌──▼─────────────┐ │
29
+ │ │ Auth │ │Gateway │ │ Kite Console │ │
30
+ │ │ (认证服务)│ │ (网关) │ │ (控制台+Relay) │ │
31
+ │ │ 纯RPC服务 │ │WS+HTTP │ │ HTTP+WS │ │
32
+ │ └──────────┘ └───┬────┘ └──────┬─────────┘ │
33
+ │ │ │ │
34
+ └────────────────────────────┼──────────────┼─────────────────────┘
35
+ │ │
36
+ ┌─────────▼──┐ ┌────────▼────────┐
37
+ │ 远程模块 │ │ 浏览器/远程客户端│
38
+ │ (卫星Kite) │ │ (控制台前端) │
39
+ └────────────┘ └─────────────────┘
40
+ ```
41
+
42
+ ### 2.1 三个角色
43
+
44
+ | 角色 | 性质 | 职责 | 对外端口 |
45
+ |------|------|------|----------|
46
+ | **Auth** | 标准 Kite 模块 | 认证逻辑 + Token 持久化 + 审计 | 无(纯 RPC) |
47
+ | **Gateway** | 标准 Kite 模块 | 远程接入网关(WS + OAuth HTTP 回调) | 独立端口 |
48
+ | **Relay** | kite_console 内部组件 | 控制台复用端口的接入层 | 复用控制台端口 |
49
+
50
+ ### 2.2 状态分层
51
+
52
+ | 状态类型 | 归属 | 生命周期 | 重启后 |
53
+ |----------|------|----------|--------|
54
+ | nonce 池 | Gateway/Relay | 连接级,秒级 | 连接断了 nonce 自然失效 |
55
+ | session 映射 | Gateway/Relay | 连接级 | 连接断了 session 无意义 |
56
+ | 权限配置 | Gateway/Relay | 启动时加载 | 从配置重新加载 |
57
+ | 速率限制(IP/设备) | Gateway/Relay | 进程级 | 重置,可接受 |
58
+ | Token 记录 | Auth | 持久化(JSONL) | 不丢失 |
59
+ | 设备/账号注册 | Auth | 持久化 | 不丢失 |
60
+ | 审计日志 | Auth | 持久化 | 不丢失 |
61
+ | 速率限制(账号级) | Auth | 进程级 | 重置,可接受 |
62
+
63
+ Gateway/Relay 的状态全是**连接绑定的临时状态**。Gateway 重启 → 所有连接断开 → 所有状态自然失效 → 客户端重连重新认证。
64
+
65
+ ## 3. 协议格式
66
+
67
+ **全程 JSON-RPC 2.0**,包括握手阶段。不引入非标消息格式。
68
+
69
+ ### 3.1 challenge(JSON-RPC notification)
70
+
71
+ Gateway/Relay 在 accept 连接后主动推送:
72
+
73
+ ```json
74
+ {
75
+ "jsonrpc": "2.0",
76
+ "method": "challenge",
77
+ "params": {
78
+ "nonce": "a1b2c3d4-uuid",
79
+ "ts": 1710000000000,
80
+ "timeout_ms": 10000,
81
+ "auth_methods": ["pairing_code", "sms", "email", "oauth", "kite_token"],
82
+ "protocol": { "version": 1 }
83
+ }
84
+ }
85
+ ```
86
+
87
+ - notification(无 `id` 字段),不需要客户端回复
88
+ - `timeout_ms`:整个 pre-auth 阶段的超时,超时后关闭连接
89
+ - `auth_methods`:Gateway 启动时从 Auth 模块查询并缓存
90
+
91
+ ### 3.2 pre-auth RPC(JSON-RPC request/response)
92
+
93
+ challenge 之后、auth.connect 之前,客户端可调用有限的 pre-auth 方法:
94
+
95
+ ```json
96
+ {
97
+ "jsonrpc": "2.0",
98
+ "id": "req-1",
99
+ "method": "auth.request_pairing_code",
100
+ "params": {}
101
+ }
102
+ ```
103
+
104
+ Gateway **透明转发**这些请求到 Auth 模块(通过 Kernel RPC 路由),返回结果后**关闭连接**,避免未认证客户端长时间占用网关资源。
105
+
106
+ ### 3.3 auth.connect(JSON-RPC request)
107
+
108
+ 客户端发起认证:
109
+
110
+ ```json
111
+ {
112
+ "jsonrpc": "2.0",
113
+ "id": "connect-1",
114
+ "method": "auth.connect",
115
+ "params": {
116
+ "nonce": "a1b2c3d4-uuid",
117
+ "protocol": { "min": 1, "max": 1 },
118
+ "client": {
119
+ "id": "my-app",
120
+ "type": "frontend",
121
+ "version": "1.0.0",
122
+ "device": "browser-01",
123
+ "channel": "default"
124
+ },
125
+ "auth": {
126
+ "method": "pairing_code",
127
+ "code": "482916"
128
+ }
129
+ }
130
+ }
131
+ ```
132
+
133
+ **`auth.connect` 不是透明转发**——Gateway 拦截处理:
134
+ 1. 验证 nonce(本地消费)
135
+ 2. 提取 auth 信息,调用 `auth.verify()` RPC(通过 Kernel 转发到 Auth 模块)
136
+ 3. 成功后为客户端创建到 Kernel 的代理连接
137
+ 4. 返回 hello-ok
138
+
139
+ ### 3.4 hello-ok(JSON-RPC response)
140
+
141
+ ```json
142
+ {
143
+ "jsonrpc": "2.0",
144
+ "id": "connect-1",
145
+ "result": {
146
+ "protocol": 1,
147
+ "kernel": { "version": "0.5.0", "instance_id": "kite-abc123" },
148
+ "identity": { "module_id": "frontend-xxx", "role": "admin" },
149
+ "token": "tok_xxx",
150
+ "policy": { "max_payload_bytes": 1048576, "ping_interval_ms": 5000 },
151
+ "features": { "events": ["module.*"], "rpc_namespaces": ["kernel", "auth"] }
152
+ }
153
+ }
154
+ ```
155
+
156
+ ### 3.5 pre-auth 方法分类
157
+
158
+ | 方法 | Gateway 行为 | 连接处理 |
159
+ |------|-------------|----------|
160
+ | `auth.request_pairing_code` | 透明转发到 Auth | 返回后**关闭连接** |
161
+ | `auth.send_sms_code` | 透明转发到 Auth | 返回后**关闭连接** |
162
+ | `auth.send_email_code` | 透明转发到 Auth | 返回后**关闭连接** |
163
+ | `auth.get_oauth_url` | 透明转发到 Auth | 返回后**关闭连接** |
164
+ | `auth.connect` | Gateway 拦截处理 | 成功→保持连接进入 relay;失败→关闭 |
165
+ | 其他任何方法 | **拒绝**(4001 Unauthorized) | — |
166
+
167
+ ## 4. 完整认证时序图
168
+
169
+ ### 4.1 配对码登录
170
+
171
+ ```mermaid
172
+ sequenceDiagram
173
+ actor U as 用户
174
+ participant C as 远程客户端
175
+ participant GW as Gateway/Relay
176
+ participant K as Kernel
177
+ participant A as Auth 模块
178
+
179
+ Note over C,A: ── 阶段1:获取配对码(短连接)──
180
+
181
+ C->>GW: WS connect
182
+ GW->>GW: accept,生成 nonce
183
+ GW->>C: notification: challenge {nonce, ts, auth_methods}
184
+ C->>GW: request: auth.request_pairing_code()
185
+ GW->>K: RPC: auth.request_pairing_code()
186
+ K->>A: 转发
187
+ A->>A: 生成配对码 482916(5分钟过期)
188
+ A->>K: event.publish(auth.code_generated, {code})
189
+ A->>K: {code:"482916", expires_at:xxx}
190
+ K->>GW: 转发响应
191
+ GW->>C: response: {code:"482916", expires_at:xxx}
192
+ GW--xC: 关闭连接(pre-auth 短连接)
193
+
194
+ Note over U: 用户通过控制台/其他渠道看到配对码
195
+
196
+ Note over C,A: ── 阶段2:提交配对码认证(新连接)──
197
+
198
+ C->>GW: WS connect(新连接)
199
+ GW->>GW: accept,生成新 nonce
200
+ GW->>C: notification: challenge {nonce, ts, auth_methods}
201
+ C->>GW: request: auth.connect {nonce, client:{...}, auth:{method:"pairing_code", code:"482916"}}
202
+ GW->>GW: 验证 nonce ✓(消费后删除)
203
+ GW->>K: RPC: auth.verify({method:"pairing_code", code:"482916", client_info:{...}})
204
+ K->>A: 转发
205
+ A->>A: 验证配对码 ✓(消费后删除)
206
+ A->>K: RPC: kernel.generate_token({module_id:"frontend-xxx"})
207
+ K->>K: 生成 token,注册到 token_map
208
+ K->>A: {token:"tok_xxx"}
209
+ A->>A: 存储 token 元数据(auth_method, device, trust_level)
210
+ A->>K: event.publish(auth.success)
211
+ A->>K: {success:true, token:"tok_xxx", role:"admin", trust_level:"low"}
212
+ K->>GW: 转发响应
213
+
214
+ Note over GW,K: ── 阶段3:建立代理连接 ──
215
+
216
+ GW->>K: WS connect /ws?id=frontend-xxx
217
+ GW->>K: auth {token:"tok_xxx"}
218
+ K->>GW: auth ok
219
+ GW->>K: registry.register({module_id:"frontend-xxx"})
220
+ GW->>K: event.publish(module.ready)
221
+ GW->>C: response: hello-ok {protocol, kernel, identity, token:"tok_xxx"}
222
+
223
+ Note over C,K: ═══ 认证完成,进入 JSON-RPC 透传模式 ═══
224
+ ```
225
+
226
+ ### 4.2 短信验证码登录
227
+
228
+ ```mermaid
229
+ sequenceDiagram
230
+ actor U as 用户
231
+ participant C as 远程客户端
232
+ participant GW as Gateway/Relay
233
+ participant K as Kernel
234
+ participant A as Auth 模块
235
+ participant SMS as 短信服务商
236
+
237
+ Note over C,A: ── 阶段1:请求发送验证码(短连接)──
238
+
239
+ C->>GW: WS connect
240
+ GW->>C: notification: challenge {nonce, ts, auth_methods}
241
+ C->>GW: request: auth.send_sms_code({phone:"138xxxx1234"})
242
+ GW->>K: RPC: auth.send_sms_code({phone:"138xxxx1234"})
243
+ K->>A: 转发
244
+ A->>A: 校验手机号在授权列表 ✓
245
+ A->>A: 账号级速率限制检查 ✓
246
+ A->>A: 生成验证码 592831(5分钟过期)
247
+ A->>SMS: 发送短信
248
+ A->>K: {sent:true, expires_at:xxx}
249
+ K->>GW: 转发响应
250
+ GW->>C: response: {sent:true, expires_at:xxx}
251
+ GW--xC: 关闭连接
252
+
253
+ Note over U: 用户收到短信
254
+
255
+ Note over C,A: ── 阶段2:提交验证码认证(新连接)──
256
+
257
+ C->>GW: WS connect
258
+ GW->>C: notification: challenge {nonce, ts, auth_methods}
259
+ C->>GW: request: auth.connect {nonce, auth:{method:"sms", phone:"138xxxx1234", code:"592831"}}
260
+ GW->>GW: 验证 nonce ✓
261
+ GW->>K: RPC: auth.verify({method:"sms", phone:"138xxxx1234", code:"592831", client_info:{...}})
262
+ K->>A: 转发
263
+ A->>A: 验证验证码 ✓ + 手机号授权 ✓
264
+ A->>K: kernel.generate_token(...)
265
+ K->>A: {token:"tok_xxx"}
266
+ A->>K: {success:true, token:"tok_xxx", role:"admin", trust_level:"low"}
267
+ K->>GW: 转发响应
268
+ GW->>K: 建立代理连接(同 4.1 阶段3)
269
+ GW->>C: response: hello-ok {token:"tok_xxx", ...}
270
+ ```
271
+
272
+ ### 4.3 OAuth 登录
273
+
274
+ ```mermaid
275
+ sequenceDiagram
276
+ actor U as 用户
277
+ participant C as 远程客户端(浏览器)
278
+ participant GW as Gateway/Relay
279
+ participant K as Kernel
280
+ participant A as Auth 模块
281
+ participant O as OAuth Provider
282
+
283
+ Note over C,O: ── 阶段1:获取授权 URL(短连接)──
284
+
285
+ C->>GW: WS connect
286
+ GW->>C: notification: challenge {nonce, ts, auth_methods}
287
+ C->>GW: request: auth.get_oauth_url({provider:"github"})
288
+ GW->>K: RPC: auth.get_oauth_url({provider:"github", redirect_uri:"https://gw:28800/auth/oauth/callback"})
289
+ K->>A: 转发
290
+ A->>A: 生成 state(防 CSRF),存储
291
+ A->>K: {auth_url:"https://github.com/login/oauth/authorize?...", state:"xxx"}
292
+ K->>GW: 转发响应
293
+ GW->>C: response: {auth_url:"...", state:"xxx"}
294
+ GW--xC: 关闭连接
295
+
296
+ Note over C,O: ── 阶段2:用户在 OAuth Provider 授权 ──
297
+
298
+ C->>O: 跳转到授权页
299
+ U->>O: 授权
300
+ O->>GW: HTTP redirect: GET /auth/oauth/callback?code=abc&state=xxx
301
+
302
+ Note over GW,A: ── 阶段3:Gateway HTTP 回调处理 ──
303
+
304
+ GW->>K: RPC: auth.oauth_callback({provider:"github", code:"abc", state:"xxx"})
305
+ K->>A: 转发
306
+ A->>A: 验证 state ✓
307
+ A->>O: POST /access_token {code, client_secret}
308
+ O->>A: {access_token}
309
+ A->>O: GET /user
310
+ O->>A: {email, name, id}
311
+ A->>A: 校验授权列表 ✓
312
+ A->>A: 生成 auth_ticket(60s 有效,一次性)
313
+ A->>K: {ticket:"tic_xxx"}
314
+ K->>GW: 转发响应
315
+ GW->>C: HTTP 200 {ticket:"tic_xxx"}
316
+
317
+ Note over C,A: ── 阶段4:用 ticket 完成 WS 认证(新连接)──
318
+
319
+ C->>GW: WS connect
320
+ GW->>C: notification: challenge {nonce, ts, auth_methods}
321
+ C->>GW: request: auth.connect {nonce, auth:{method:"oauth", ticket:"tic_xxx"}}
322
+ GW->>GW: 验证 nonce ✓
323
+ GW->>K: RPC: auth.verify({method:"oauth", ticket:"tic_xxx", client_info:{...}})
324
+ K->>A: 转发
325
+ A->>A: 验证 ticket ✓(一次性消费)
326
+ A->>K: kernel.generate_token(...)
327
+ K->>A: {token:"tok_xxx"}
328
+ A->>K: {success:true, token:"tok_xxx", role:"admin", trust_level:"medium"}
329
+ K->>GW: 转发响应
330
+ GW->>K: 建立代理连接(同 4.1 阶段3)
331
+ GW->>C: response: hello-ok {token:"tok_xxx", ...}
332
+ ```
333
+
334
+ ### 4.4 已有 Token 重连
335
+
336
+ ```mermaid
337
+ sequenceDiagram
338
+ participant C as 远程客户端
339
+ participant GW as Gateway/Relay
340
+ participant K as Kernel
341
+ participant A as Auth 模块
342
+
343
+ C->>GW: WS connect
344
+ GW->>C: notification: challenge {nonce, ts, auth_methods}
345
+ C->>GW: request: auth.connect {nonce, auth:{method:"kite_token", token:"tok_xxx"}}
346
+ GW->>GW: 验证 nonce ✓
347
+ GW->>K: RPC: auth.verify({method:"kite_token", token:"tok_xxx", client_info:{...}})
348
+ K->>A: 转发
349
+ A->>A: 验证 token(滑动30天 + 绝对180天)✓
350
+ A->>A: 更新 last_used_at
351
+ A->>K: {success:true, role:"admin", trust_level:"low"}
352
+ K->>GW: 转发响应
353
+
354
+ Note over GW: token 已存在,无需 kernel.generate_token
355
+
356
+ GW->>K: 建立代理连接(用已有 token)
357
+ GW->>C: response: hello-ok {...}
358
+ ```
359
+
360
+ ### 4.5 Token 撤销实时生效
361
+
362
+ ```mermaid
363
+ sequenceDiagram
364
+ participant Admin as 管理员
365
+ participant KC as Kite Console
366
+ participant K as Kernel
367
+ participant A as Auth 模块
368
+ participant GW as Gateway
369
+ participant C as 远程客户端
370
+
371
+ Admin->>KC: Token 管理面板 → 撤销
372
+ KC->>K: RPC: auth.revoke_token({token:"tok_xxx"})
373
+ K->>A: 转发
374
+ A->>A: 标记 token 无效
375
+ A->>K: event.publish(auth.token.revoked, {token:"tok_xxx"})
376
+ A->>K: {success:true}
377
+
378
+ K->>GW: 事件: auth.token.revoked {token:"tok_xxx"}
379
+ GW->>GW: 查找使用该 token 的 session
380
+ GW->>C: notification: kicked {reason:"token_revoked"}
381
+ GW--xC: close (code=4001)
382
+ GW->>K: 清理代理连接
383
+ ```
384
+
385
+ ## 5. 速率限制分层
386
+
387
+ ### 5.1 Gateway/Relay 层(连接级)
388
+
389
+ | 维度 | 策略 | 说明 |
390
+ |------|------|------|
391
+ | IP | 10s 内最多 200 次连接 | 防 DDoS |
392
+ | 设备 ID | 10s 内最多 20 次认证尝试 | 防暴力破解 |
393
+ | pre-auth 超时 | challenge 后 10s 内必须完成 | 防连接占用 |
394
+
395
+ ### 5.2 Auth 模块层(账号级)
396
+
397
+ | 维度 | 策略 | 说明 |
398
+ |------|------|------|
399
+ | 手机号 | 60s 内最多 1 次发送 | 防短信轰炸 |
400
+ | 邮箱 | 60s 内最多 1 次发送 | 防邮件轰炸 |
401
+ | 配对码尝试 | 连续 5 次失败后指数退避 | 防猜码 |
402
+ | OAuth state | 60s 过期,一次性 | 防 CSRF 重放 |
403
+ | auth_ticket | 60s 过期,一次性 | 防 ticket 重放 |
404
+
405
+ Gateway 管连接级限流,Auth 管业务级限流,各司其职。
406
+
407
+ ## 6. Gateway 模块设计
408
+
409
+ ### 6.1 模块定义
410
+
411
+ ```yaml
412
+ # extensions/services/gateway/module.md
413
+ ---
414
+ name: gateway
415
+ display_name: Gateway
416
+ type: service
417
+ state: enabled
418
+ runtime: python
419
+ entry: entry.py
420
+ subscriptions:
421
+ - module.ready
422
+ - module.shutdown
423
+ - auth.token.revoked
424
+ config:
425
+ ws_port: 28800
426
+ ws_host: "0.0.0.0"
427
+ tls:
428
+ enabled: false
429
+ cert: ""
430
+ key: ""
431
+ max_connections: 1000
432
+ challenge_timeout_ms: 10000
433
+ nonce_pool_size: 10000
434
+ nonce_ttl: 600
435
+ ---
436
+ ```
437
+
438
+ ### 6.2 Gateway 启动流程
439
+
440
+ ```mermaid
441
+ sequenceDiagram
442
+ participant L as Launcher
443
+ participant GW as Gateway
444
+ participant K as Kernel
445
+ participant A as Auth 模块
446
+
447
+ L->>GW: stdin boot_info {token, kernel_host, kernel_port}
448
+ GW->>K: WS connect + token 认证
449
+ K->>GW: auth ok
450
+ GW->>K: registry.register({module_id:"gateway"})
451
+ GW->>K: event.subscribe({patterns:["auth.token.revoked"]})
452
+ GW->>K: RPC: auth.get_supported_methods()
453
+ K->>A: 转发
454
+ A->>K: {methods:["pairing_code","sms","email","oauth","kite_token"]}
455
+ K->>GW: 转发响应
456
+ GW->>GW: 缓存 auth_methods
457
+ GW->>GW: 启动 WS 服务器 :28800(+ OAuth HTTP 回调)
458
+ GW->>K: event.publish(module.ready)
459
+ ```
460
+
461
+ ### 6.3 Gateway 连接处理流程
462
+
463
+ ```mermaid
464
+ flowchart TD
465
+ A[远程客户端 WS connect] --> B[accept]
466
+ B --> C[IP 速率限制检查]
467
+ C -->|超限| D[拒绝 4029]
468
+ C -->|通过| E[生成 nonce,发送 challenge]
469
+ E --> F{等待客户端消息}
470
+ F -->|超时| G[关闭 4003]
471
+ F -->|收到| H{method?}
472
+
473
+ H -->|auth.request_pairing_code<br/>auth.send_sms_code<br/>auth.send_email_code<br/>auth.get_oauth_url| I[透明转发到 Auth]
474
+ I --> J[返回结果]
475
+ J --> K[关闭连接]
476
+
477
+ H -->|auth.connect| L[验证 nonce]
478
+ L -->|无效| M[关闭 4010]
479
+ L -->|有效| N[调 auth.verify via Kernel]
480
+ N --> O{认证结果}
481
+ O -->|失败| P[返回错误,关闭 4001]
482
+ O -->|成功| Q[获取 token + role]
483
+ Q --> R[建立到 Kernel 的代理连接]
484
+ R --> S[返回 hello-ok]
485
+ S --> T[进入双向 JSON-RPC 透传]
486
+
487
+ H -->|其他方法| U[拒绝 4001 Unauthorized]
488
+ ```
489
+
490
+ ### 6.4 Gateway 与 Relay 的异同
491
+
492
+ | 维度 | Relay(kite_console 组件) | Gateway(独立模块) |
493
+ |------|--------------------------|-------------------|
494
+ | 端口 | 复用控制台 HTTP 端口 | 独立 WS/WSS 端口 |
495
+ | HTTP 能力 | 依赖 kite_console 的 FastAPI | 自带 OAuth 回调 HTTP 端口 |
496
+ | 客户端类型 | 浏览器前端 | 远程模块、卫星 Kite、App |
497
+ | 部署 | 随 kite_console 启动 | 独立模块,可选启用 |
498
+ | 认证流程 | 与 Gateway 完全一致 | 与 Relay 完全一致 |
499
+ | 代码关系 | 各自独立实现(零共享代码) | 各自独立实现 |
500
+
501
+ ## 7. Auth 模块设计
502
+
503
+ ### 7.1 模块定义
504
+
505
+ ```yaml
506
+ # extensions/services/auth/module.md
507
+ ---
508
+ name: auth
509
+ display_name: Auth
510
+ type: service
511
+ state: enabled
512
+ runtime: python
513
+ entry: entry.py
514
+ events:
515
+ - auth.success
516
+ - auth.failed
517
+ - auth.rate_limited
518
+ - auth.code_generated
519
+ - auth.token.created
520
+ - auth.token.revoked
521
+ - auth.token.expired
522
+ - auth.token.rotated
523
+ - auth.device.registered
524
+ - auth.anomaly.*
525
+ subscriptions:
526
+ - module.ready
527
+ - module.shutdown
528
+ ---
529
+ ```
530
+
531
+ ### 7.2 RPC 方法
532
+
533
+ #### 认证类
534
+
535
+ | 方法 | 调用者 | 说明 |
536
+ |------|--------|------|
537
+ | `auth.verify` | Gateway/Relay | 统一认证入口,验证各种凭据 |
538
+ | `auth.request_pairing_code` | Gateway/Relay(代客户端) | 生成配对码 |
539
+ | `auth.send_sms_code` | Gateway/Relay(代客户端) | 发送短信验证码 |
540
+ | `auth.send_email_code` | Gateway/Relay(代客户端) | 发送邮箱验证码 |
541
+ | `auth.get_oauth_url` | Gateway/Relay(代客户端) | 生成 OAuth 授权 URL |
542
+ | `auth.oauth_callback` | Gateway(HTTP 回调) | 处理 OAuth 回调,返回 ticket |
543
+ | `auth.get_supported_methods` | Gateway/Relay(启动时) | 查询支持的认证方式 |
544
+ | `auth.register_aid` | 已认证客户端 | 注册 AID 设备密钥 |
545
+ | `auth.setup_mfa` | 已认证客户端 | 绑定 MFA |
546
+
547
+ #### Token 管理类
548
+
549
+ | 方法 | 调用者 | 说明 |
550
+ |------|--------|------|
551
+ | `auth.list_tokens` | 控制台前端 | 列出 token(支持按 auth_method 筛选) |
552
+ | `auth.revoke_token` | 控制台前端 | 撤销单个 token |
553
+ | `auth.revoke_tokens_by_method` | 控制台前端 | 按认证方式批量撤销 |
554
+ | `auth.refresh_token` | Gateway/Relay | 刷新 token 有效期 |
555
+
556
+ #### 审计类
557
+
558
+ | 方法 | 调用者 | 说明 |
559
+ |------|--------|------|
560
+ | `auth.query_logs` | 控制台前端 | 查询认证日志 |
561
+ | `auth.get_stats` | 控制台前端 | 认证统计 |
562
+
563
+ ### 7.3 `auth.verify` 统一入口
564
+
565
+ ```json
566
+ // 请求
567
+ {
568
+ "method": "pairing_code",
569
+ "code": "482916",
570
+ "client_info": {
571
+ "device": "browser-01",
572
+ "channel": "default",
573
+ "ip": "1.2.3.4",
574
+ "platform": "browser"
575
+ }
576
+ }
577
+
578
+ // 成功响应
579
+ {
580
+ "success": true,
581
+ "token": "tok_xxx",
582
+ "role": "admin",
583
+ "trust_level": "low",
584
+ "module_id": "frontend-xxx"
585
+ }
586
+
587
+ // 失败响应
588
+ {
589
+ "success": false,
590
+ "error": "invalid_code",
591
+ "retry_after_ms": 0
592
+ }
593
+ ```
594
+
595
+ Auth 模块内部根据 `method` 分发到对应的 verifier。
596
+
597
+ ### 7.4 Auth 模块文件结构
598
+
599
+ ```
600
+ extensions/services/auth/
601
+ ├── module.md
602
+ ├── entry.py # 模块入口
603
+ ├── rpc_handler.py # RPC 分发
604
+ ├── verifiers/ # 各认证方式
605
+ │ ├── pairing_code.py
606
+ │ ├── sms.py
607
+ │ ├── email_code.py
608
+ │ ├── oauth.py
609
+ │ ├── kite_token.py
610
+ │ ├── aid.py
611
+ │ └── mfa.py
612
+ ├── token_store.py # Token 持久化(JSONL)
613
+ ├── audit_logger.py # 审计日志
614
+ └── anomaly_detector.py # 异常检测
615
+ ```
616
+
617
+ ## 8. 关键设计决策与挑剔评估
618
+
619
+ ### 8.1 challenge 由接入层发,不经过 Auth
620
+
621
+ **决策**:Gateway/Relay 自己生成 nonce、发送 challenge、验证 nonce。Auth 模块不感知 nonce。
622
+
623
+ **理由**:
624
+ - nonce 是连接级防重放,与 TCP 连接绑定,天然属于接入层
625
+ - Gateway/Relay 已经是认证过的 Kite 模块,有自己的 Kernel 连接,调 `auth.verify()` 就是普通跨模块 RPC
626
+ - Kernel 不需要任何改动
627
+
628
+ **风险评估**:无。nonce 丢失(Gateway 重启)= 连接断开 = 客户端重连拿新 nonce,零代价。
629
+
630
+ ### 8.2 pre-auth 短连接策略
631
+
632
+ **决策**:请求配对码/验证码/OAuth URL 后立即关闭连接。只有 `auth.connect` 成功后才保持长连接。
633
+
634
+ **理由**:未认证客户端不应长时间占用网关连接资源。恶意客户端可以大量建立连接但不认证,耗尽 Gateway 连接池。
635
+
636
+ **风险评估**:客户端需要建立两次连接(请求码 + 认证),多一次 TCP 握手开销。可接受——安全性优先于便利性。
637
+
638
+ ### 8.3 auth.connect 由 Gateway 拦截,不透传
639
+
640
+ **决策**:`auth.connect` 不像其他 `auth.*` 方法那样透传到 Auth 模块。Gateway 拦截它,本地验证 nonce,然后调 `auth.verify()`。
641
+
642
+ **理由**:
643
+ - nonce 在 Gateway 本地,必须由 Gateway 验证
644
+ - 认证成功后 Gateway 需要创建代理连接,这是 Gateway 的职责
645
+ - Auth 模块不需要知道 `auth.connect` 的存在,它只回答 `auth.verify()`
646
+
647
+ **风险评估**:Gateway 和 Relay 都需要实现 `auth.connect` 的拦截逻辑。但这是接入层的核心职责,不可避免。
648
+
649
+ ### 8.4 Auth 模块单点故障
650
+
651
+ **问题**:Auth 模块挂了会怎样?
652
+
653
+ **已登录客户端的通信链路**:
654
+
655
+ ```
656
+ 客户端 ←→ Gateway ←→ Kernel ←→ 目标模块
657
+ ```
658
+
659
+ Auth 模块**不在这条链路上**。认证成功后,Gateway 已为客户端建立了独立的 Kernel 代理连接,后续通信直接透传,不经过 Auth。
660
+
661
+ **影响范围**:
662
+
663
+ | 场景 | Auth 挂了期间 | Auth 重启后 |
664
+ |------|-------------|------------|
665
+ | 已登录的远程客户端 | ✅ 不受影响,正常通信 | ✅ 无需重新登录 |
666
+ | 本地模块 | ✅ 不受影响(Launcher/Kernel 管理) | ✅ 无影响 |
667
+ | 新的远程登录请求 | ❌ 失败(auth.verify 返回 MODULE_OFFLINE) | ✅ 恢复 |
668
+ | Token 撤销操作 | ❌ 不可用 | ✅ 恢复 |
669
+ | Token 管理面板 | ❌ 不可用 | ✅ 恢复 |
670
+
671
+ **结论**:Auth 挂了的唯一影响是**这期间无法新登录**。Auth 重启后从 JSONL 恢复 token 记录,所有功能恢复,无需任何客户端重新登录。Watchdog 监控 Auth 模块,异常时自动重启。
672
+
673
+ ### 8.5 Gateway 重启的重连风暴
674
+
675
+ **问题**:Gateway 重启 → 所有远程客户端同时断线 → 同时重连。
676
+
677
+ **评估**:
678
+ - 客户端已有指数退避 + jitter(`kernel-client.js`),重连自然错开
679
+ - 持有 kite_token 的客户端:`auth.verify({method:"kite_token"})` 验证很快,无用户交互
680
+ - 无 token 的客户端:需要重新走配对码/短信流程,但这种情况少
681
+ - Gateway 的 IP 速率限制会平滑突发流量
682
+
683
+ **结论**:可接受。
684
+
685
+ ### 8.6 OAuth HTTP 回调在 Gateway 上
686
+
687
+ **问题**:Gateway 是 WS 网关,现在还要提供 HTTP 端口处理 OAuth 回调。
688
+
689
+ **评估**:
690
+ - OAuth 回调是标准 HTTP GET,逻辑极简(收到 code+state → 调 `auth.oauth_callback()` RPC → 返回 ticket)
691
+ - Gateway 可以在 WS 端口旁边开一个轻量 HTTP handler,或复用同一端口(如 aiohttp 同时支持 WS 和 HTTP)
692
+ - kite_console 的 Relay 不需要单独处理,因为 kite_console 本身就有 FastAPI HTTP 服务
693
+
694
+ **结论**:可接受。Gateway 增加一个 `/auth/oauth/callback` HTTP 路由即可。
695
+
696
+ ### 8.7 auth_methods 缓存一致性
697
+
698
+ **问题**:Gateway 启动时查询 `auth.get_supported_methods()` 并缓存。如果 Auth 模块后续动态增减认证方式,Gateway 的缓存过期。
699
+
700
+ **评估**:
701
+ - 认证方式变更极低频(部署级别的变更)
702
+ - Auth 模块可以在方法变更时发布事件 `auth.methods_changed`,Gateway 订阅后刷新缓存
703
+ - 或者 Gateway 定期刷新(如每 5 分钟)
704
+
705
+ **结论**:初期不需要动态刷新,Gateway 重启即可。后续按需加事件通知。
706
+
707
+ ### 8.8 Kernel 零改动确认
708
+
709
+ 本方案 **Kernel 不需要任何改动**:
710
+
711
+ - Gateway/Relay 用自己的 token 连 Kernel → 已有机制
712
+ - 调 `auth.*` RPC → Kernel 标准跨模块转发,已有机制
713
+ - `kernel.generate_token()` → 已有内置方法
714
+ - 事件发布/订阅 → 已有机制
715
+ - 为客户端创建新的 Kernel 连接 → 已有机制(现有 Relay 就是这么做的)
716
+
717
+ ### 8.9 Kernel 重启后的 Token 失效问题
718
+
719
+ **问题**:Kernel 重启后 `token_map`(内存)清空,但 Auth 的 JSONL 里还记着之前颁发的 token。客户端拿旧 token 重连时,Auth 说"有效",但 Kernel 不认识了。
720
+
721
+ **解决方案**:Auth 模块订阅 `module.ready`(kernel)事件。Kernel 重启后,Auth 检测到 kernel ready,将所有存活的 token 通过 `kernel.register_tokens()` 批量重新注册到 Kernel 的 `token_map`。
722
+
723
+ ```mermaid
724
+ sequenceDiagram
725
+ participant K as Kernel(重启后)
726
+ participant A as Auth 模块
727
+
728
+ K->>K: 启动,token_map 为空
729
+ A->>A: 收到 module.ready(kernel) 事件
730
+ A->>A: 从 JSONL 加载所有存活 token
731
+ A->>K: RPC: kernel.register_tokens([{module_id, token}, ...])
732
+ K->>K: 批量注册到 token_map
733
+ K->>A: {registered: N}
734
+ Note over K,A: token_map 恢复,旧 token 重新可用
735
+ ```
736
+
737
+ 这样 Kernel 重启对已登录客户端透明——Gateway 重连 Kernel 后,客户端的 token 仍然有效。
738
+
739
+ ## 9. 迁移路径
740
+
741
+ ### 阶段一:Auth 模块
742
+
743
+ 1. 创建 `extensions/services/auth/` 模块骨架
744
+ 2. 实现 `auth.verify()`(先支持 pairing_code + kite_token)
745
+ 3. 实现 `auth.request_pairing_code()`
746
+ 4. 实现 `auth.list_tokens()` / `auth.revoke_token()`
747
+ 5. 改造 kite_console Relay:认证逻辑改为调 `auth.*` RPC
748
+ 6. 测试:现有配对码登录和 Token 登录流程不受影响
749
+
750
+ ### 阶段二:Gateway 模块
751
+
752
+ 1. 创建 `extensions/services/gateway/` 模块骨架
753
+ 2. 实现 WS 服务器 + challenge/connect 握手
754
+ 3. 实现 pre-auth 白名单 + 速率限制
755
+ 4. 实现代理连接建立 + 双向 JSON-RPC 透传
756
+ 5. 实现 OAuth HTTP 回调端点
757
+ 6. 测试:远程模块通过 Gateway 端口接入
758
+
759
+ ### 阶段三:扩展认证方式
760
+
761
+ 1. Auth 模块新增 verifier:sms、email、oauth、aid
762
+ 2. 前端增加多种登录方式 UI
763
+ 3. 控制台增加 Token 管理界面增强
764
+ 4. 异常检测后台任务
765
+