@aion0/forge 0.10.25 → 0.10.27

package/lib/auth/login-status.ts

@@ -0,0 +1,291 @@
+/**
+ * Login Status — central registry of expirable auth credentials.
+ *
+ * Auto-discovers sources from two places:
+ *   1. Connector manifests with a `test:` block → one source per
+ *      connector. Browser-side or HTTP, decided by `test.probe`.
+ *   2. External hardcoded sources (currently just GitLab 2FA via
+ *      `git fetch`).
+ *
+ * Each source can:
+ *   - check()    → runs the test, returns { ok, detail }
+ *   - refresh()  → returns either a URL for the user to open, or a
+ *                  shell command for them to run interactively
+ *
+ * Results are cached in-memory and persisted to
+ * `<dataDir>/login-status.json` so the panel doesn't re-probe every
+ * open (which would slow the UI and disturb the user's Chrome tabs).
+ */
+
+import { existsSync, readFileSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { spawn } from 'node:child_process';
+import { getDataDir } from '../dirs';
+import { listConnectorIds, getConnector, getInstalledConnector } from '../connectors/registry';
+import { runConnectorTest } from '../connectors/test-runner';
+import { expandSettingsTokens } from '../plugins/templates';
+import type { ConnectorDefinition } from '../connectors/types';
+
+export type LoginCategory = 'browser' | 'token' | 'external';
+
+export type RefreshHint =
+  | { kind: 'open-url'; url: string; description?: string }
+  | { kind: 'show-command'; command: string; description: string }
+  | { kind: 'open-settings'; section: string };
+
+export interface LoginSource {
+  id: string;
+  label: string;
+  category: LoginCategory;
+  /** Free-form one-line description shown under the label. */
+  detail?: string;
+  /** Returns true if check is safe to run without prompting the user. */
+  refresh: RefreshHint;
+}
+
+export interface LoginCheckResult {
+  ok: boolean;
+  /** Short status message (e.g. "session active", "401 unauthorized"). */
+  message?: string;
+  /** Optional URL the probe landed on — useful for diagnosing redirects. */
+  landed_url?: string;
+  /** Timestamp of this check (ms since epoch). */
+  checked_at: number;
+  /** Duration of the check itself, ms. */
+  duration_ms: number;
+}
+
+export interface LoginStatusRow {
+  source: LoginSource;
+  result: LoginCheckResult | null;
+}
+
+// ─── In-memory + disk cache ─────────────────────────────────────────
+
+const CACHE_FILE = () => join(getDataDir(), 'login-status.json');
+let cache: Record<string, LoginCheckResult> | null = null;
+
+function loadCache(): Record<string, LoginCheckResult> {
+  if (cache) return cache;
+  try {
+    if (existsSync(CACHE_FILE())) {
+      cache = JSON.parse(readFileSync(CACHE_FILE(), 'utf-8'));
+      return cache!;
+    }
+  } catch (e) {
+    console.warn('[login-status] cache read failed:', (e as Error).message);
+  }
+  cache = {};
+  return cache;
+}
+
+function persistCache(): void {
+  try {
+    writeFileSync(CACHE_FILE(), JSON.stringify(cache || {}, null, 2));
+  } catch (e) {
+    console.warn('[login-status] cache write failed:', (e as Error).message);
+  }
+}
+
+export function getCachedResult(sourceId: string): LoginCheckResult | null {
+  return loadCache()[sourceId] ?? null;
+}
+
+export function setCachedResult(sourceId: string, r: LoginCheckResult): void {
+  loadCache()[sourceId] = r;
+  persistCache();
+}
+
+// ─── Source enumeration ─────────────────────────────────────────────
+
+/**
+ * Build the canonical list of LoginSources. Browser/HTTP sources come
+ * from connector manifests; external sources are hardcoded here.
+ *
+ * Connector-derived rows are filtered to those with `test:` declared —
+ * connectors without a test block (e.g. `nac` which uses per-call SSH
+ * password) are intentionally omitted.
+ */
+export function listSources(): LoginSource[] {
+  const out: LoginSource[] = [];
+
+  // 1. Connector-derived — skip any connector the user hasn't installed
+  //    (no entry in connector-configs.json). An un-installed connector
+  //    would just probe with default/empty settings and always fail,
+  //    polluting the panel.
+  for (const id of listConnectorIds()) {
+    const def = getConnector(id);
+    if (!def || !def.test) continue;
+    if (!getInstalledConnector(id)) continue;
+    const probe = def.test.probe || 'http';
+    const category: LoginCategory = probe === 'browser' ? 'browser' : 'token';
+
+    // Refresh hint per category
+    let refresh: RefreshHint;
+    if (probe === 'browser') {
+      // For browser sources, host_match (e.g. "{base_url}/*") needs
+      // settings tokens expanded — the user-saved {base_url} lives in
+      // the connector's installed config, not in plain settings.
+      const rawHm = def.host_match || def.connectors?.[0]?.host_match || '';
+      const inst = getInstalledConnector(id);
+      const expanded = inst ? expandSettingsTokens(rawHm, inst.config as any) : rawHm;
+      // Strip Chrome match-pattern suffix like `/*`
+      const url = expanded.replace(/\/\*$/, '/');
+      // Heuristic: if expansion left literal `{...}` tokens behind,
+      // settings are incomplete — fall back to opening Settings.
+      const stillUnresolved = /\{[^}]+\}/.test(url) || !/^https?:\/\//.test(url);
+      refresh = stillUnresolved
+        ? { kind: 'open-settings', section: 'connectors' }
+        : { kind: 'open-url', url, description: 'Open in a new tab to log in' };
+    } else {
+      // HTTP/token — fix by editing connector settings (PAT, API token)
+      refresh = { kind: 'open-settings', section: 'connectors' };
+    }
+
+    out.push({
+      id: `connector:${id}`,
+      label: def.name || id,
+      category,
+      detail: def.test.description,
+      refresh,
+    });
+  }
+
+  // 2. External: GitLab 2FA — derive SSH host from the gitlab
+  //    connector. Only surface this row if gitlab connector is
+  //    installed; otherwise it's noise.
+  const gitlabHost = getGitLabHost();
+  if (gitlabHost) {
+    out.push({
+      id: 'ext:gitlab-2fa',
+      label: 'GitLab 2FA',
+      category: 'external',
+      detail: `ssh git@${gitlabHost} 2fa_verify (BatchMode)`,
+      refresh: {
+        kind: 'show-command',
+        command: `ssh git@${gitlabHost} 2fa_verify`,
+        description:
+          'Run in a terminal — it will prompt for your 2FA token. Once accepted, future git fetch/push work for a while.',
+      },
+    });
+  }
+
+  return out;
+}
+
+/** Pull the gitlab connector's host from its installed base_url, if any. */
+function getGitLabHost(): string | null {
+  try {
+    const inst = getInstalledConnector('gitlab');
+    const baseUrl = (inst?.config as any)?.base_url as string | undefined;
+    if (!baseUrl) return null;
+    return new URL(baseUrl).hostname || null;
+  } catch {
+    return null;
+  }
+}
+
+// ─── Checks ─────────────────────────────────────────────────────────
+
+/**
+ * Run the check for one source. Returns the fresh result AND writes it
+ * to the cache.
+ */
+export async function checkSource(source: LoginSource): Promise<LoginCheckResult> {
+  const t0 = Date.now();
+  let r: Omit<LoginCheckResult, 'checked_at' | 'duration_ms'>;
+
+  if (source.id.startsWith('connector:')) {
+    r = await checkConnector(source.id.slice('connector:'.length));
+  } else if (source.id === 'ext:gitlab-2fa') {
+    r = await checkGitLab2fa();
+  } else {
+    r = { ok: false, message: `unknown source ${source.id}` };
+  }
+
+  const result: LoginCheckResult = {
+    ...r,
+    checked_at: Date.now(),
+    duration_ms: Date.now() - t0,
+  };
+  setCachedResult(source.id, result);
+  return result;
+}
+
+async function checkConnector(
+  connectorId: string,
+): Promise<Omit<LoginCheckResult, 'checked_at' | 'duration_ms'>> {
+  // Direct lib call — self-fetching the route hits the auth middleware
+  // (no session cookie) and would return "unauthorized" for every probe.
+  try {
+    const r = await runConnectorTest(connectorId);
+    return {
+      ok: !!r.ok,
+      message: r.ok ? (r.message || 'ok') : (r.error || `HTTP ${r.status || '?'}`),
+      landed_url: r.url,
+    };
+  } catch (e) {
+    return { ok: false, message: `probe error: ${(e as Error).message}` };
+  }
+}
+
+async function checkGitLab2fa(): Promise<Omit<LoginCheckResult, 'checked_at' | 'duration_ms'>> {
+  const host = getGitLabHost();
+  if (!host) {
+    return {
+      ok: false,
+      message: 'gitlab connector not installed or base_url empty',
+    };
+  }
+  // Passive probe: SSH to the host with NO command. gitlab-shell prints
+  // "Welcome to GitLab, @user!" then closes — only triggers SSH key auth,
+  // never the interactive 2fa_verify push. Used here purely to confirm
+  // the SSH path + key + server are all reachable; if your setup gates
+  // git operations behind a separate 2FA window, this won't catch that
+  // (no known passive 2FA-status command).
+  return new Promise((resolve) => {
+    const proc = spawn(
+      'ssh',
+      ['-o', 'BatchMode=yes', '-o', 'ConnectTimeout=30', `git@${host}`],
+      { stdio: ['ignore', 'pipe', 'pipe'] },
+    );
+    let stdout = '';
+    let stderr = '';
+    const timer = setTimeout(() => {
+      try { proc.kill('SIGTERM'); } catch {}
+      resolve({ ok: false, message: 'timeout after 35s — host unreachable' });
+    }, 35_000);
+    proc.stdout?.on('data', (b) => { stdout += b.toString('utf-8'); });
+    proc.stderr?.on('data', (b) => { stderr += b.toString('utf-8'); });
+    proc.on('close', (code) => {
+      clearTimeout(timer);
+      const combined = (stdout + '\n' + stderr).trim().replace(/\s+/g, ' ');
+      // gitlab-shell exits 0 on greeting; "Welcome to GitLab" is the
+      // success marker regardless of exit code (some setups exit 1 with
+      // PTY warnings on stderr but still authenticate).
+      const welcomed = /Welcome to GitLab/i.test(combined);
+      if (welcomed) {
+        const m = combined.match(/Welcome to GitLab,?\s*@?[\w.-]+!?/i);
+        resolve({ ok: true, message: m ? m[0] : 'gitlab-shell greeted ok' });
+      } else {
+        resolve({
+          ok: false,
+          message: `exit ${code}: ${combined.slice(0, 400) || '(no output)'}`,
+        });
+      }
+    });
+    proc.on('error', (e) => {
+      clearTimeout(timer);
+      resolve({ ok: false, message: e.message });
+    });
+  });
+}
+
+// ─── Bulk view ──────────────────────────────────────────────────────
+
+export function listStatus(): LoginStatusRow[] {
+  return listSources().map((source) => ({
+    source,
+    result: getCachedResult(source.id),
+  }));
+}

package/lib/chat/agent-loop.ts

@@ -48,7 +48,10 @@ const MAX_TOKENS = 16000;
 // raw is summarized by the memory-standalone Temper Summary sub-task
 // and recalled via buildMemoryContext as compact blocks instead.
 const HISTORY_MSG_BUDGET = 60;
-const HISTORY_TOKEN_BUDGET = 8000;
+// Bumped 8000 → 32000 — modern models all ≥ 200k context; 8000 was
+// stripping single oversized tool results (e.g. mantis.search_bugs
+// returning 20k chars), leaving history empty after orphan-trim.
+const HISTORY_TOKEN_BUDGET = 32000;
 // Hard cap on a single tool_result stored into the conversation (chars).
 // A giant result (e.g. a connector returning a full test tree) would
 // otherwise blow the whole HISTORY_TOKEN_BUDGET, push its paired

package/lib/chat/protocols/http.ts

@@ -36,6 +36,13 @@ export interface HttpProtocolArgs {
    * larger than 8KB (Todos / search responses routinely exceed this).
    */
   noTruncation?: boolean;
+  /**
+   * Set to false to disable TLS cert verification (self-signed appliances:
+   * FortiNAC, ESXi, internal services). Default true. Manifests opt in
+   * via top-level `http: { verify_tls: false }`; tool-dispatcher forwards
+   * that value here.
+   */
+  verifyTls?: boolean;
 }
 
 export interface HttpProtocolResult {
@@ -115,13 +122,33 @@ function expandUrlPath(
   return out;
 }
 
+/**
+ * Collapse consecutive slashes in the URL's pathname only — fixes the
+ * `https://host//api/...` artifact when settings.base_url has a trailing
+ * slash AND the manifest path starts with `/`. Query string and fragment
+ * are NOT touched (a query value like `?url=//foo` is left alone).
+ *
+ * If `url` doesn't parse, returns it unchanged.
+ */
+function collapsePathSlashes(url: string): string {
+  try {
+    const u = new URL(url);
+    u.pathname = u.pathname.replace(/\/{2,}/g, '/');
+    return u.toString();
+  } catch {
+    return url;
+  }
+}
+
 function buildUrl(
   spec: HttpRequestSpec,
   settings: Record<string, any>,
   args: Record<string, any>,
   paramSchemas?: Record<string, ConnectorFieldSchema>,
 ): string {
-  const base = expandUrlPath(spec.url, settings, args, paramSchemas);
+  const base = collapsePathSlashes(
+    expandUrlPath(spec.url, settings, args, paramSchemas),
+  );
   if (!spec.query) return base;
   const url = new URL(base);
   for (const [k, raw] of Object.entries(spec.query)) {
@@ -143,13 +170,72 @@ function buildUrl(
  * appends a query param). Centralised so the chat dispatcher and the
  * connector-test probe stay consistent.
  */
-export function applyAuth(
+// Bearer-token-exchange cache (BD, etc) — module-level so repeated tool
+// calls within the bearer's TTL skip the exchange round-trip.
+//   key = `<api_token>|<exchange_url>` (api_token resolved after template
+//   expansion so different settings rotations get separate entries).
+const _bearerCache = new Map<string, { bearer: string; expiresAt: number }>();
+
+function pickByPath(obj: any, path: string | undefined, fallback: string): any {
+  const p = (path && path.trim()) || fallback;
+  const parts = p.split('.').filter(Boolean);
+  let cur = obj;
+  for (const k of parts) {
+    if (cur == null || typeof cur !== 'object') return undefined;
+    cur = cur[k];
+  }
+  return cur;
+}
+
+async function exchangeBearerToken(
+  auth: Extract<ConnectorAuth, { type: 'bearer-token-exchange' }>,
+  settings: Record<string, any>,
+  args: Record<string, any>,
+): Promise<string> {
+  const exp = (s: string | undefined) =>
+    s == null ? '' : expandAllTokens(String(s), settings, args);
+  const apiToken = exp(auth.api_token);
+  // Same pathname-only collapse as buildUrl — guards against trailing
+  // slash on settings.base_url producing `host//api/...`.
+  const exchangeUrl = collapsePathSlashes(exp(auth.exchange_url));
+  if (!apiToken) throw new Error('bearer-token-exchange: api_token is empty');
+  if (!exchangeUrl) throw new Error('bearer-token-exchange: exchange_url is empty');
+  const key = `${apiToken}|${exchangeUrl}`;
+  const cached = _bearerCache.get(key);
+  if (cached && cached.expiresAt > Date.now() + 60_000) return cached.bearer;
+
+  const authHeader = exp(auth.exchange_auth_header || `token ${auth.api_token}`);
+  const headers: Record<string, string> = { Authorization: authHeader };
+  if (auth.exchange_headers) {
+    for (const [k, v] of Object.entries(auth.exchange_headers)) headers[k] = exp(v);
+  }
+  const res = await fetch(exchangeUrl, {
+    method: auth.exchange_method || 'POST',
+    headers,
+  });
+  if (!res.ok) {
+    const body = await res.text().catch(() => '');
+    throw new Error(`bearer-token-exchange: ${res.status} ${res.statusText}: ${body.slice(0, 200)}`);
+  }
+  const j: any = await res.json().catch(() => ({}));
+  const bearer = pickByPath(j, auth.bearer_path, 'bearerToken');
+  const expiresMs = Number(pickByPath(j, auth.expires_path, 'expiresInMilliseconds')) || 0;
+  if (typeof bearer !== 'string' || !bearer) {
+    throw new Error(`bearer-token-exchange: missing bearer at "${auth.bearer_path || 'bearerToken'}" in response`);
+  }
+  // Cache for the reported TTL, or 5 minutes if not provided.
+  const ttl = expiresMs > 0 ? expiresMs : 5 * 60 * 1000;
+  _bearerCache.set(key, { bearer, expiresAt: Date.now() + ttl });
+  return bearer;
+}
+
+export async function applyAuth(
   url: string,
   headers: Headers,
   auth: ConnectorAuth | undefined,
   settings: Record<string, any>,
   args: Record<string, any> = {},
-): string {
+): Promise<string> {
   if (!auth || auth.type === 'none') return url;
   const exp = (s: string) => expandAllTokens(String(s ?? ''), settings, args);
   switch (auth.type) {
@@ -173,6 +259,11 @@ export function applyAuth(
       u.searchParams.set(auth.name, exp(auth.value));
       return u.toString();
     }
+    case 'bearer-token-exchange': {
+      const bearer = await exchangeBearerToken(auth, settings, args);
+      headers.set('Authorization', `Bearer ${bearer}`);
+      return url;
+    }
   }
   return url;
 }
@@ -293,7 +384,7 @@ function truncate(s: string): { text: string; truncated: boolean; totalBytes: nu
   return { text: slice, truncated: true, totalBytes: buf.byteLength };
 }
 
-export async function runHttp({ tool, settings, args, connectorAuth, noTruncation }: HttpProtocolArgs): Promise<HttpProtocolResult> {
+export async function runHttp({ tool, settings, args, connectorAuth, noTruncation, verifyTls }: HttpProtocolArgs): Promise<HttpProtocolResult> {
   const spec = tool.request;
   if (!spec || !spec.url) {
     return { content: 'http tool missing `request.url`', is_error: true };
@@ -322,17 +413,30 @@ export async function runHttp({ tool, settings, args, connectorAuth, noTruncatio
   // Tool-level auth overrides connector-level. `{ type: 'none' }` is a
   // valid override that disables auth entirely (public endpoint).
   const effectiveAuth = tool.auth ?? connectorAuth;
-  url = applyAuth(url, headers, effectiveAuth, settings, argsWithDefaults);
+  url = await applyAuth(url, headers, effectiveAuth, settings, argsWithDefaults);
 
   const controller = new AbortController();
   const timer = setTimeout(() => controller.abort(), timeoutMs);
 
   let res: Response;
   try {
-    res = await fetch(url, { method, headers, body, signal: controller.signal });
+    if (verifyTls === false) {
+      // Skip TLS cert verification — for self-signed appliances (NAC,
+      // ESXi, etc.). Use undici's own fetch + Agent so dispatcher and
+      // fetch are version-matched; passing an external undici Agent
+      // into Node's bundled global fetch fails with UND_ERR_INVALID_ARG
+      // because Node 22 ships an older undici than the installed one.
+      const { fetch: undiciFetch, Agent } = await import('undici');
+      const dispatcher = new Agent({ connect: { rejectUnauthorized: false } });
+      res = await undiciFetch(url, { method, headers, body, signal: controller.signal, dispatcher }) as unknown as Response;
+    } else {
+      res = await fetch(url, { method, headers, body, signal: controller.signal });
+    }
   } catch (e) {
     clearTimeout(timer);
-    return { content: `http request failed: ${(e as Error).message}`, is_error: true };
+    const err = e as Error & { cause?: { message?: string; code?: string } };
+    const cause = err.cause ? ` (cause: ${err.cause.code || ''} ${err.cause.message || ''})` : '';
+    return { content: `http request failed: ${err.message}${cause}`, is_error: true };
   }
   clearTimeout(timer);
 
@@ -344,8 +448,20 @@ export async function runHttp({ tool, settings, args, connectorAuth, noTruncatio
     return { content: text, is_error: !res.ok };
   }
   const { text: shown, truncated, totalBytes } = truncate(text);
-  const preamble = `HTTP ${res.status} ${res.statusText} · ${method} ${url}\n` +
-                   (truncated ? `(showing ${MAX_BODY_BYTES} of ${totalBytes} bytes — truncated)\n\n` : '\n');
+  let preamble = `HTTP ${res.status} ${res.statusText} · ${method} ${url}\n`;
+  // Surface user-declared response headers in the preamble so connector
+  // bash callers can grep them out before the body parse. Set-Cookie is
+  // the canonical case — appliances like FortiNAC put the session token
+  // in JSESSIONID and there's no other way for an http: tool to fish it
+  // out. Headers are lower-cased on lookup; emitted name preserves the
+  // schema's casing for readability.
+  if (spec.capture_response_headers && spec.capture_response_headers.length) {
+    for (const name of spec.capture_response_headers) {
+      const v = res.headers.get(name);
+      if (v != null) preamble += `${name}: ${v}\n`;
+    }
+  }
+  preamble += truncated ? `(showing ${MAX_BODY_BYTES} of ${totalBytes} bytes — truncated)\n\n` : '\n';
   return {
     content: preamble + shown,
     is_error: !res.ok,

package/lib/chat/session-store.ts

@@ -299,19 +299,42 @@ export function listMessagesCapped(
     SELECT * FROM chat_messages WHERE session_id = ?
     ORDER BY ts DESC LIMIT ?
   `).all(session_id, cap) as MessageRow[];
-  const newestFirst = rows.map(rowToMessage);
+  const chrono = rows.map(rowToMessage).reverse();
 
-  // Now apply tokenBudget walking newest → oldest. Always keep at
-  // least one (so an oversized last message doesn't strand the loop).
-  const kept: Message[] = [];
+  // Group messages so that an assistant `tool_use` message and its
+  // paired user `tool_result` reply are an indivisible unit. Without
+  // this, the token-budget walk can keep the oversized tool_result
+  // but drop the tool_use that produced it — leading to the
+  // tool_result being treated as an orphan and stripped, leaving an
+  // empty history. Each group is chronological.
+  const groups: Message[][] = [];
+  for (let i = 0; i < chrono.length; i++) {
+    const m = chrono[i];
+    const hasToolUse = m.role === 'assistant' && m.blocks.some((b) => b.type === 'tool_use');
+    const next = chrono[i + 1];
+    const nextHasToolResult =
+      next && next.role === 'user' && next.blocks.some((b) => b.type === 'tool_result');
+    if (hasToolUse && nextHasToolResult) {
+      groups.push([m, next]);
+      i++; // skip the partner — we just consumed it
+    } else {
+      groups.push([m]);
+    }
+  }
+
+  // Walk groups newest-first, applying the token budget. Always keep
+  // at least one group so an oversized last group doesn't strand the
+  // loop (provider will see a single message — still valid).
+  const keptGroups: Message[][] = [];
   let used = 0;
-  for (const m of newestFirst) {
-    const cost = estimateTokens(m);
-    if (kept.length > 0 && used + cost > tokenBudget) break;
-    kept.push(m);
+  for (let i = groups.length - 1; i >= 0; i--) {
+    const g = groups[i];
+    const cost = g.reduce((s, m) => s + estimateTokens(m), 0);
+    if (keptGroups.length > 0 && used + cost > tokenBudget) break;
+    keptGroups.unshift(g);
     used += cost;
   }
-  return kept.reverse();
+  return keptGroups.flat();
 }
 
 export function deleteMessage(id: string): boolean {

package/lib/chat/tool-dispatcher.ts

@@ -576,7 +576,7 @@ export async function dispatchTool(
     let result: ToolResult;
     switch (protocol) {
       case 'http':
-        result = await runHttp({ tool: located.tool, settings: effectiveSettings, args: argInput, connectorAuth: def.auth, noTruncation: opts.noTruncation });
+        result = await runHttp({ tool: located.tool, settings: effectiveSettings, args: argInput, connectorAuth: def.auth, noTruncation: opts.noTruncation, verifyTls: def.http?.verify_tls });
         break;
       case 'shell':
         result = await runShell({ tool: located.tool, settings: effectiveSettings, args: argInput });