@awcp/transport-sshfs 0.0.0-dev-202601300724

package/dist/delegator/credential-manager.d.ts

@@ -0,0 +1,90 @@
+/**
+ * SSH Credential Manager configuration
+ */
+export interface CredentialManagerConfig {
+    /** Directory to store temporary keys (default: ~/.awcp/keys) */
+    keyDir?: string;
+    /** SSH server port (default: 22) */
+    sshPort?: number;
+    /** SSH server host (default: localhost) */
+    sshHost?: string;
+    /** SSH user for connections */
+    sshUser?: string;
+    /** Path to authorized_keys file (default: ~/.ssh/authorized_keys) */
+    authorizedKeysPath?: string;
+}
+/**
+ * Generated credential
+ */
+export interface GeneratedCredential {
+    /** The private key content */
+    privateKey: string;
+    /** The public key content */
+    publicKey: string;
+    /** Path to the private key file */
+    privateKeyPath: string;
+    /** Path to the public key file */
+    publicKeyPath: string;
+    /** Delegation ID for tracking */
+    delegationId: string;
+}
+/**
+ * SSH Credential Manager
+ *
+ * Manages temporary SSH keys for AWCP delegations.
+ *
+ * TODO [Security]: Consider SSH certificates with built-in expiry for production.
+ */
+export declare class CredentialManager {
+    private config;
+    private activeCredentials;
+    constructor(config?: CredentialManagerConfig);
+    /**
+     * Get the path to authorized_keys file
+     */
+    private getAuthorizedKeysPath;
+    /**
+     * Generate a temporary SSH key pair for a delegation
+     */
+    generateCredential(delegationId: string, _ttlSeconds: number): Promise<{
+        credential: string;
+        endpoint: {
+            host: string;
+            port: number;
+            user: string;
+        };
+    }>;
+    /**
+     * Revoke a credential
+     */
+    revokeCredential(delegationId: string): Promise<void>;
+    /**
+     * Get credential info for a delegation
+     */
+    getCredential(delegationId: string): GeneratedCredential | undefined;
+    /**
+     * Revoke all credentials
+     */
+    revokeAll(): Promise<void>;
+    /**
+     * Clean up stale AWCP keys from authorized_keys (call on startup)
+     */
+    cleanupStaleKeys(): Promise<number>;
+    /**
+     * Clean up stale key files from key directory (call on startup)
+     */
+    cleanupStaleKeyFiles(): Promise<number>;
+    /**
+     * Add a public key to authorized_keys
+     */
+    private addToAuthorizedKeys;
+    /**
+     * Remove a public key from authorized_keys by delegation ID
+     */
+    private removeFromAuthorizedKeys;
+    /**
+     * Execute ssh-keygen to generate a key pair
+     */
+    private execSshKeygen;
+}
+//# sourceMappingURL=credential-manager.d.ts.map

package/dist/delegator/credential-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-manager.d.ts","sourceRoot":"","sources":["../../src/delegator/credential-manager.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,gEAAgE;IAChE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,oCAAoC;IACpC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,2CAA2C;IAC3C,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,+BAA+B;IAC/B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,qEAAqE;IACrE,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,8BAA8B;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,6BAA6B;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,mCAAmC;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,kCAAkC;IAClC,aAAa,EAAE,MAAM,CAAC;IACtB,iCAAiC;IACjC,YAAY,EAAE,MAAM,CAAC;CACtB;AASD;;;;;;GAMG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAA0B;IACxC,OAAO,CAAC,iBAAiB,CAA0C;gBAEvD,MAAM,CAAC,EAAE,uBAAuB;IAI5C;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAI7B;;OAEG;IACG,kBAAkB,CACtB,YAAY,EAAE,MAAM,EACpB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC;QACT,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAA;SAAE,CAAC;KACxD,CAAC;IAsCF;;OAEG;IACG,gBAAgB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAwB3D;;OAEG;IACH,aAAa,CAAC,YAAY,EAAE,MAAM,GAAG,mBAAmB,GAAG,SAAS;IAIpE;;OAEG;IACG,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;IAMhC;;OAEG;IACG,gBAAgB,IAAI,OAAO,CAAC,MAAM,CAAC;IA0BzC;;OAEG;IACG,oBAAoB,IAAI,OAAO,CAAC,MAAM,CAAC;IAkC7C;;OAEG;YACW,mBAAmB;IAcjC;;OAEG;YACW,wBAAwB;IAkBtC;;OAEG;IACH,OAAO,CAAC,aAAa;CAyBtB"}

package/dist/delegator/credential-manager.js

@@ -0,0 +1,216 @@
+import { unlink, mkdir, readFile, writeFile, appendFile, readdir } from 'node:fs/promises';
+import { join } from 'node:path';
+import { spawn } from 'node:child_process';
+import { homedir } from 'node:os';
+const DEFAULT_KEY_DIR = join(homedir(), '.awcp', 'keys');
+/**
+ * Marker prefix for AWCP-managed keys in authorized_keys
+ */
+const AWCP_KEY_COMMENT_PREFIX = 'awcp-temp-key-';
+/**
+ * SSH Credential Manager
+ *
+ * Manages temporary SSH keys for AWCP delegations.
+ *
+ * TODO [Security]: Consider SSH certificates with built-in expiry for production.
+ */
+export class CredentialManager {
+    config;
+    activeCredentials = new Map();
+    constructor(config) {
+        this.config = config ?? {};
+    }
+    /**
+     * Get the path to authorized_keys file
+     */
+    getAuthorizedKeysPath() {
+        return this.config.authorizedKeysPath ?? join(homedir(), '.ssh', 'authorized_keys');
+    }
+    /**
+     * Generate a temporary SSH key pair for a delegation
+     */
+    async generateCredential(delegationId, _ttlSeconds) {
+        const keyDir = this.config.keyDir ?? DEFAULT_KEY_DIR;
+        await mkdir(keyDir, { recursive: true, mode: 0o700 });
+        const privateKeyPath = join(keyDir, `${delegationId}`);
+        const publicKeyPath = join(keyDir, `${delegationId}.pub`);
+        // Generate key pair using ssh-keygen with AWCP marker comment
+        const keyComment = `${AWCP_KEY_COMMENT_PREFIX}${delegationId}`;
+        await this.execSshKeygen(privateKeyPath, keyComment);
+        // Read the generated keys
+        const privateKey = await readFile(privateKeyPath, 'utf-8');
+        const publicKey = await readFile(publicKeyPath, 'utf-8');
+        const credential = {
+            privateKey,
+            publicKey,
+            privateKeyPath,
+            publicKeyPath,
+            delegationId,
+        };
+        this.activeCredentials.set(delegationId, credential);
+        // Add public key to authorized_keys
+        await this.addToAuthorizedKeys(publicKey);
+        return {
+            credential: privateKey,
+            endpoint: {
+                host: this.config.sshHost ?? 'localhost',
+                port: this.config.sshPort ?? 22,
+                user: this.config.sshUser ?? process.env['USER'] ?? 'awcp',
+            },
+        };
+    }
+    /**
+     * Revoke a credential
+     */
+    async revokeCredential(delegationId) {
+        const credential = this.activeCredentials.get(delegationId);
+        if (!credential) {
+            return;
+        }
+        // Remove from authorized_keys first
+        await this.removeFromAuthorizedKeys(delegationId);
+        // Remove key files
+        try {
+            await unlink(credential.privateKeyPath);
+        }
+        catch {
+            // Ignore errors if file doesn't exist
+        }
+        try {
+            await unlink(credential.publicKeyPath);
+        }
+        catch {
+            // Ignore errors if file doesn't exist
+        }
+        this.activeCredentials.delete(delegationId);
+    }
+    /**
+     * Get credential info for a delegation
+     */
+    getCredential(delegationId) {
+        return this.activeCredentials.get(delegationId);
+    }
+    /**
+     * Revoke all credentials
+     */
+    async revokeAll() {
+        for (const delegationId of this.activeCredentials.keys()) {
+            await this.revokeCredential(delegationId);
+        }
+    }
+    /**
+     * Clean up stale AWCP keys from authorized_keys (call on startup)
+     */
+    async cleanupStaleKeys() {
+        const authorizedKeysPath = this.getAuthorizedKeysPath();
+        try {
+            const content = await readFile(authorizedKeysPath, 'utf-8');
+            const lines = content.split('\n');
+            const cleanedLines = lines.filter(line => {
+                // Keep lines that don't have AWCP marker
+                return !line.includes(AWCP_KEY_COMMENT_PREFIX);
+            });
+            const removedCount = lines.length - cleanedLines.length;
+            if (removedCount > 0) {
+                await writeFile(authorizedKeysPath, cleanedLines.join('\n'));
+                console.log(`[CredentialManager] Cleaned up ${removedCount} stale AWCP keys from authorized_keys`);
+            }
+            return removedCount;
+        }
+        catch {
+            // File doesn't exist or can't be read, nothing to clean
+            return 0;
+        }
+    }
+    /**
+     * Clean up stale key files from key directory (call on startup)
+     */
+    async cleanupStaleKeyFiles() {
+        const keyDir = this.config.keyDir ?? DEFAULT_KEY_DIR;
+        try {
+            const files = await readdir(keyDir);
+            let removedCount = 0;
+            for (const file of files) {
+                // Skip files that are currently active
+                const delegationId = file.replace(/\.pub$/, '');
+                if (this.activeCredentials.has(delegationId)) {
+                    continue;
+                }
+                // Remove stale key files
+                try {
+                    await unlink(join(keyDir, file));
+                    removedCount++;
+                }
+                catch {
+                    // Ignore errors
+                }
+            }
+            if (removedCount > 0) {
+                console.log(`[CredentialManager] Cleaned up ${removedCount} stale key files`);
+            }
+            return removedCount;
+        }
+        catch {
+            // Directory doesn't exist, nothing to clean
+            return 0;
+        }
+    }
+    /**
+     * Add a public key to authorized_keys
+     */
+    async addToAuthorizedKeys(publicKey) {
+        const authorizedKeysPath = this.getAuthorizedKeysPath();
+        // Ensure .ssh directory exists
+        const sshDir = join(homedir(), '.ssh');
+        await mkdir(sshDir, { recursive: true, mode: 0o700 });
+        // Ensure the key ends with newline
+        const keyLine = publicKey.trim() + '\n';
+        // Append to authorized_keys
+        await appendFile(authorizedKeysPath, keyLine, { mode: 0o600 });
+    }
+    /**
+     * Remove a public key from authorized_keys by delegation ID
+     */
+    async removeFromAuthorizedKeys(delegationId) {
+        const authorizedKeysPath = this.getAuthorizedKeysPath();
+        const keyMarker = `${AWCP_KEY_COMMENT_PREFIX}${delegationId}`;
+        try {
+            const content = await readFile(authorizedKeysPath, 'utf-8');
+            const lines = content.split('\n');
+            // Filter out lines containing this delegation's key marker
+            const filteredLines = lines.filter(line => !line.includes(keyMarker));
+            // Write back
+            await writeFile(authorizedKeysPath, filteredLines.join('\n'), { mode: 0o600 });
+        }
+        catch {
+            // File doesn't exist or can't be read, nothing to remove
+        }
+    }
+    /**
+     * Execute ssh-keygen to generate a key pair
+     */
+    execSshKeygen(keyPath, comment) {
+        return new Promise((resolve, reject) => {
+            const proc = spawn('ssh-keygen', [
+                '-t', 'ed25519',
+                '-f', keyPath,
+                '-N', '', // No passphrase
+                '-C', comment,
+            ]);
+            let stderr = '';
+            proc.stderr.on('data', (data) => {
+                stderr += data.toString();
+            });
+            proc.on('close', (code) => {
+                if (code === 0) {
+                    resolve();
+                }
+                else {
+                    reject(new Error(`ssh-keygen failed: ${stderr}`));
+                }
+            });
+            proc.on('error', reject);
+        });
+    }
+}
+//# sourceMappingURL=credential-manager.js.map

package/dist/delegator/credential-manager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-manager.js","sourceRoot":"","sources":["../../src/delegator/credential-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAC3F,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAkClC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;AAEzD;;GAEG;AACH,MAAM,uBAAuB,GAAG,gBAAgB,CAAC;AAEjD;;;;;;GAMG;AACH,MAAM,OAAO,iBAAiB;IACpB,MAAM,CAA0B;IAChC,iBAAiB,GAAG,IAAI,GAAG,EAA+B,CAAC;IAEnE,YAAY,MAAgC;QAC1C,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,EAAE,CAAC;IAC7B,CAAC;IAED;;OAEG;IACK,qBAAqB;QAC3B,OAAO,IAAI,CAAC,MAAM,CAAC,kBAAkB,IAAI,IAAI,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,iBAAiB,CAAC,CAAC;IACtF,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,kBAAkB,CACtB,YAAoB,EACpB,WAAmB;QAKnB,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,eAAe,CAAC;QACrD,MAAM,KAAK,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAEtD,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,YAAY,EAAE,CAAC,CAAC;QACvD,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,YAAY,MAAM,CAAC,CAAC;QAE1D,8DAA8D;QAC9D,MAAM,UAAU,GAAG,GAAG,uBAAuB,GAAG,YAAY,EAAE,CAAC;QAC/D,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;QAErD,0BAA0B;QAC1B,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;QAC3D,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QAEzD,MAAM,UAAU,GAAwB;YACtC,UAAU;YACV,SAAS;YACT,cAAc;YACd,aAAa;YACb,YAAY;SACb,CAAC;QAEF,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAErD,oCAAoC;QACpC,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC;QAE1C,OAAO;YACL,UAAU,EAAE,UAAU;YACtB,QAAQ,EAAE;gBACR,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,WAAW;gBACxC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE;gBAC/B,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,MAAM;aAC3D;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,YAAoB;QACzC,MAAM,UAAU,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC5D,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO;QACT,CAAC;QAED,oCAAoC;QACpC,MAAM,IAAI,CAAC,wBAAwB,CAAC,YAAY,CAAC,CAAC;QAElD,mBAAmB;QACnB,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YACP,sCAAsC;QACxC,CAAC;QACD,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;QACzC,CAAC;QAAC,MAAM,CAAC;YACP,sCAAsC;QACxC,CAAC;QAED,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,YAAoB;QAChC,OAAO,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS;QACb,KAAK,MAAM,YAAY,IAAI,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,EAAE,CAAC;YACzD,MAAM,IAAI,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB;QACpB,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAExD,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,kBAAkB,EAAE,OAAO,CAAC,CAAC;YAC5D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAElC,MAAM,YAAY,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE;gBACvC,yCAAyC;gBACzC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC;YACjD,CAAC,CAAC,CAAC;YAEH,MAAM,YAAY,GAAG,KAAK,CAAC,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC;YAExD,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;gBACrB,MAAM,SAAS,CAAC,kBAAkB,EAAE,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;gBAC7D,OAAO,CAAC,GAAG,CAAC,kCAAkC,YAAY,uCAAuC,CAAC,CAAC;YACrG,CAAC;YAED,OAAO,YAAY,CAAC;QACtB,CAAC;QAAC,MAAM,CAAC;YACP,wDAAwD;YACxD,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,oBAAoB;QACxB,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,eAAe,CAAC;QAErD,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;YACpC,IAAI,YAAY,GAAG,CAAC,CAAC;YAErB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,uCAAuC;gBACvC,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;gBAChD,IAAI,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;oBAC7C,SAAS;gBACX,CAAC;gBAED,yBAAyB;gBACzB,IAAI,CAAC;oBACH,MAAM,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;oBACjC,YAAY,EAAE,CAAC;gBACjB,CAAC;gBAAC,MAAM,CAAC;oBACP,gBAAgB;gBAClB,CAAC;YACH,CAAC;YAED,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;gBACrB,OAAO,CAAC,GAAG,CAAC,kCAAkC,YAAY,kBAAkB,CAAC,CAAC;YAChF,CAAC;YAED,OAAO,YAAY,CAAC;QACtB,CAAC;QAAC,MAAM,CAAC;YACP,4CAA4C;YAC5C,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,mBAAmB,CAAC,SAAiB;QACjD,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAExD,+BAA+B;QAC/B,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,MAAM,CAAC,CAAC;QACvC,MAAM,KAAK,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAEtD,mCAAmC;QACnC,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC;QAExC,4BAA4B;QAC5B,MAAM,UAAU,CAAC,kBAAkB,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACjE,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,wBAAwB,CAAC,YAAoB;QACzD,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACxD,MAAM,SAAS,GAAG,GAAG,uBAAuB,GAAG,YAAY,EAAE,CAAC;QAE9D,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,kBAAkB,EAAE,OAAO,CAAC,CAAC;YAC5D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAElC,2DAA2D;YAC3D,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;YAEtE,aAAa;YACb,MAAM,SAAS,CAAC,kBAAkB,EAAE,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACjF,CAAC;QAAC,MAAM,CAAC;YACP,yDAAyD;QAC3D,CAAC;IACH,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,OAAe,EAAE,OAAe;QACpD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,IAAI,GAAG,KAAK,CAAC,YAAY,EAAE;gBAC/B,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,EAAE,EAAE,gBAAgB;gBAC1B,IAAI,EAAE,OAAO;aACd,CAAC,CAAC;YAEH,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC9B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACxB,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;oBACf,OAAO,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,IAAI,KAAK,CAAC,sBAAsB,MAAM,EAAE,CAAC,CAAC,CAAC;gBACpD,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC;IACL,CAAC;CACF"}

package/dist/delegator/index.d.ts

@@ -0,0 +1,2 @@
+export { CredentialManager, type CredentialManagerConfig, type GeneratedCredential } from './credential-manager.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/delegator/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/delegator/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,uBAAuB,EAAE,KAAK,mBAAmB,EAAE,MAAM,yBAAyB,CAAC"}

package/dist/delegator/index.js

@@ -0,0 +1,2 @@
+export { CredentialManager } from './credential-manager.js';
+//# sourceMappingURL=index.js.map

package/dist/delegator/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/delegator/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAA0D,MAAM,yBAAyB,CAAC"}

package/dist/executor/index.d.ts

@@ -0,0 +1,2 @@
+export { SshfsMountClient, type SshfsMountConfig, type MountParams } from './sshfs-client.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/executor/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/executor/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,KAAK,gBAAgB,EAAE,KAAK,WAAW,EAAE,MAAM,mBAAmB,CAAC"}

package/dist/executor/index.js

@@ -0,0 +1,2 @@
+export { SshfsMountClient } from './sshfs-client.js';
+//# sourceMappingURL=index.js.map

package/dist/executor/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/executor/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAA2C,MAAM,mBAAmB,CAAC"}

package/dist/executor/sshfs-client.d.ts

@@ -0,0 +1,62 @@
+/**
+ * SSHFS Mount Client configuration
+ */
+export interface SshfsMountConfig {
+    /** Directory to store temporary key files */
+    tempKeyDir?: string;
+    /** Additional sshfs options */
+    defaultOptions?: Record<string, string>;
+    /** Timeout for mount operation in ms (default: 30000) */
+    mountTimeout?: number;
+}
+/**
+ * Mount parameters
+ */
+export interface MountParams {
+    endpoint: {
+        host: string;
+        port: number;
+        user: string;
+    };
+    exportLocator: string;
+    credential: string;
+    mountPoint: string;
+    options?: Record<string, string>;
+}
+/**
+ * SSHFS Mount Client
+ *
+ * Handles mounting remote filesystems via SSHFS on the Remote side.
+ */
+export declare class SshfsMountClient {
+    private config;
+    private activeMounts;
+    constructor(config?: SshfsMountConfig);
+    /**
+     * Check if sshfs is available
+     */
+    checkDependency(): Promise<{
+        available: boolean;
+        version?: string;
+        error?: string;
+    }>;
+    /**
+     * Mount a remote filesystem
+     */
+    mount(params: MountParams): Promise<void>;
+    /**
+     * Unmount a filesystem
+     */
+    unmount(mountPoint: string): Promise<void>;
+    /**
+     * Check if a mount point is currently mounted
+     */
+    isMounted(mountPoint: string): Promise<boolean>;
+    /**
+     * Unmount all active mounts
+     */
+    unmountAll(): Promise<void>;
+    private execMount;
+    private execCommand;
+}
+//# sourceMappingURL=sshfs-client.d.ts.map

package/dist/executor/sshfs-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sshfs-client.d.ts","sourceRoot":"","sources":["../../src/executor/sshfs-client.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,6CAA6C;IAC7C,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,+BAA+B;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxC,yDAAyD;IACzD,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC;AAcD;;;;GAIG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAmB;IACjC,OAAO,CAAC,YAAY,CAAkC;gBAE1C,MAAM,CAAC,EAAE,gBAAgB;IAIrC;;OAEG;IACG,eAAe,IAAI,OAAO,CAAC;QAAE,SAAS,EAAE,OAAO,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAoC1F;;OAEG;IACG,KAAK,CAAC,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IA+D/C;;OAEG;IACG,OAAO,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAgChD;;OAEG;IACG,SAAS,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAUrD;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAMjC,OAAO,CAAC,SAAS;IAyDjB,OAAO,CAAC,WAAW;CAepB"}

package/dist/executor/sshfs-client.js

@@ -0,0 +1,225 @@
+import { spawn } from 'node:child_process';
+import { writeFile, unlink, mkdir, stat } from 'node:fs/promises';
+import { join } from 'node:path';
+import { MountFailedError, DependencyMissingError } from '@awcp/core';
+const DEFAULT_TEMP_KEY_DIR = '/tmp/awcp/client-keys';
+const DEFAULT_MOUNT_TIMEOUT = 30000;
+/**
+ * SSHFS Mount Client
+ *
+ * Handles mounting remote filesystems via SSHFS on the Remote side.
+ */
+export class SshfsMountClient {
+    config;
+    activeMounts = new Map();
+    constructor(config) {
+        this.config = config ?? {};
+    }
+    /**
+     * Check if sshfs is available
+     */
+    async checkDependency() {
+        return new Promise((resolve) => {
+            const proc = spawn('sshfs', ['--version']);
+            let output = '';
+            proc.stdout.on('data', (data) => {
+                output += data.toString();
+            });
+            proc.stderr.on('data', (data) => {
+                output += data.toString();
+            });
+            proc.on('close', (code) => {
+                if (code === 0 || output.includes('SSHFS')) {
+                    const versionMatch = output.match(/SSHFS version ([\d.]+)/);
+                    resolve({
+                        available: true,
+                        version: versionMatch?.[1],
+                    });
+                }
+                else {
+                    resolve({
+                        available: false,
+                        error: 'sshfs not found',
+                    });
+                }
+            });
+            proc.on('error', () => {
+                resolve({
+                    available: false,
+                    error: 'sshfs not found in PATH',
+                });
+            });
+        });
+    }
+    /**
+     * Mount a remote filesystem
+     */
+    async mount(params) {
+        // Check dependency
+        const depCheck = await this.checkDependency();
+        if (!depCheck.available) {
+            throw new DependencyMissingError('sshfs', 'Install sshfs: brew install macfuse && brew install sshfs (macOS) or apt install sshfs (Linux)');
+        }
+        const tempKeyDir = this.config.tempKeyDir ?? DEFAULT_TEMP_KEY_DIR;
+        await mkdir(tempKeyDir, { recursive: true });
+        // Write credential to temp file
+        const keyPath = join(tempKeyDir, `mount-${Date.now()}`);
+        await writeFile(keyPath, params.credential, { mode: 0o600 });
+        try {
+            // Build sshfs command
+            const { host, port, user } = params.endpoint;
+            const remoteSpec = `${user}@${host}:${params.exportLocator}`;
+            const options = {
+                ...this.config.defaultOptions,
+                ...params.options,
+            };
+            const args = [
+                remoteSpec,
+                params.mountPoint,
+                '-o', `IdentityFile=${keyPath}`,
+                '-o', `Port=${port}`,
+                '-o', 'StrictHostKeyChecking=no',
+                '-o', 'UserKnownHostsFile=/dev/null',
+                '-o', 'reconnect',
+                '-o', 'ServerAliveInterval=15',
+                '-o', 'ServerAliveCountMax=3',
+                '-o', 'noappledouble', // Prevent macOS ._* metadata files
+            ];
+            // Add custom options
+            for (const [key, value] of Object.entries(options)) {
+                args.push('-o', `${key}=${value}`);
+            }
+            console.log(`[SSHFS] Mounting: sshfs ${args.join(' ')}`);
+            // Execute mount (SSHFS will daemonize and exit immediately on success)
+            await this.execMount(args, params.mountPoint);
+            // Track active mount
+            this.activeMounts.set(params.mountPoint, {
+                mountPoint: params.mountPoint,
+                keyPath,
+            });
+        }
+        catch (error) {
+            // Cleanup key on failure
+            await unlink(keyPath).catch(() => { });
+            throw error;
+        }
+    }
+    /**
+     * Unmount a filesystem
+     */
+    async unmount(mountPoint) {
+        const activeMount = this.activeMounts.get(mountPoint);
+        // Try different unmount methods
+        const unmountCommands = [
+            ['umount', mountPoint],
+            ['fusermount', '-u', mountPoint],
+            ['diskutil', 'unmount', mountPoint], // macOS
+        ];
+        let success = false;
+        for (const cmd of unmountCommands) {
+            try {
+                await this.execCommand(cmd[0], cmd.slice(1));
+                success = true;
+                break;
+            }
+            catch {
+                // Try next method
+            }
+        }
+        if (!success) {
+            console.warn(`Failed to unmount ${mountPoint}, may need manual cleanup`);
+        }
+        // Cleanup
+        if (activeMount) {
+            await unlink(activeMount.keyPath).catch(() => { });
+            this.activeMounts.delete(mountPoint);
+        }
+    }
+    /**
+     * Check if a mount point is currently mounted
+     */
+    async isMounted(mountPoint) {
+        try {
+            // Check if the mount point exists and is tracked
+            await stat(mountPoint);
+            return this.activeMounts.has(mountPoint);
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Unmount all active mounts
+     */
+    async unmountAll() {
+        for (const mountPoint of this.activeMounts.keys()) {
+            await this.unmount(mountPoint);
+        }
+    }
+    execMount(args, mountPoint) {
+        const timeout = this.config.mountTimeout ?? DEFAULT_MOUNT_TIMEOUT;
+        return new Promise((resolve, reject) => {
+            // SSHFS without -f will daemonize and exit immediately with code 0 on success
+            const proc = spawn('sshfs', args, {
+                stdio: ['ignore', 'pipe', 'pipe'],
+            });
+            let stderr = '';
+            proc.stderr.on('data', (data) => {
+                stderr += data.toString();
+            });
+            const timer = setTimeout(async () => {
+                proc.kill();
+                // Clean up possible zombie mount
+                try {
+                    await this.unmount(mountPoint);
+                }
+                catch {
+                    // Ignore - mount may not exist
+                }
+                reject(new MountFailedError(`Mount timeout after ${timeout}ms`));
+            }, timeout);
+            proc.on('close', async (code) => {
+                clearTimeout(timer);
+                if (code !== 0) {
+                    reject(new MountFailedError(stderr || `sshfs exited with code ${code}`));
+                    return;
+                }
+                // SSHFS daemonized successfully (exit code 0)
+                // Now verify the mount is actually there
+                try {
+                    const mountStat = await stat(mountPoint);
+                    const parentStat = await stat(join(mountPoint, '..'));
+                    if (mountStat.dev !== parentStat.dev) {
+                        // Different device = mounted successfully
+                        resolve();
+                    }
+                    else {
+                        reject(new MountFailedError('SSHFS exited but mount not detected'));
+                    }
+                }
+                catch (error) {
+                    reject(new MountFailedError(`Mount verification failed: ${error}`));
+                }
+            });
+            proc.on('error', (error) => {
+                clearTimeout(timer);
+                reject(new MountFailedError(error.message));
+            });
+        });
+    }
+    execCommand(cmd, args) {
+        return new Promise((resolve, reject) => {
+            const proc = spawn(cmd, args);
+            proc.on('close', (code) => {
+                if (code === 0) {
+                    resolve();
+                }
+                else {
+                    reject(new Error(`${cmd} exited with code ${code}`));
+                }
+            });
+            proc.on('error', reject);
+        });
+    }
+}
+//# sourceMappingURL=sshfs-client.js.map

package/dist/executor/sshfs-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sshfs-client.js","sourceRoot":"","sources":["../../src/executor/sshfs-client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAqB,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAClE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AAsCtE,MAAM,oBAAoB,GAAG,uBAAuB,CAAC;AACrD,MAAM,qBAAqB,GAAG,KAAK,CAAC;AAEpC;;;;GAIG;AACH,MAAM,OAAO,gBAAgB;IACnB,MAAM,CAAmB;IACzB,YAAY,GAAG,IAAI,GAAG,EAAuB,CAAC;IAEtD,YAAY,MAAyB;QACnC,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,EAAE,CAAC;IAC7B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe;QACnB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;YAE3C,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC9B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC9B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACxB,IAAI,IAAI,KAAK,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC3C,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;oBAC5D,OAAO,CAAC;wBACN,SAAS,EAAE,IAAI;wBACf,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC;qBAC3B,CAAC,CAAC;gBACL,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC;wBACN,SAAS,EAAE,KAAK;wBAChB,KAAK,EAAE,iBAAiB;qBACzB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;gBACpB,OAAO,CAAC;oBACN,SAAS,EAAE,KAAK;oBAChB,KAAK,EAAE,yBAAyB;iBACjC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,MAAmB;QAC7B,mBAAmB;QACnB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAC9C,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,CAAC;YACxB,MAAM,IAAI,sBAAsB,CAC9B,OAAO,EACP,gGAAgG,CACjG,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,oBAAoB,CAAC;QAClE,MAAM,KAAK,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAE7C,gCAAgC;QAChC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,EAAE,SAAS,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACxD,MAAM,SAAS,CAAC,OAAO,EAAE,MAAM,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAE7D,IAAI,CAAC;YACH,sBAAsB;YACtB,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC;YAC7C,MAAM,UAAU,GAAG,GAAG,IAAI,IAAI,IAAI,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;YAE7D,MAAM,OAAO,GAAG;gBACd,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc;gBAC7B,GAAG,MAAM,CAAC,OAAO;aAClB,CAAC;YAEF,MAAM,IAAI,GAAG;gBACX,UAAU;gBACV,MAAM,CAAC,UAAU;gBACjB,IAAI,EAAE,gBAAgB,OAAO,EAAE;gBAC/B,IAAI,EAAE,QAAQ,IAAI,EAAE;gBACpB,IAAI,EAAE,0BAA0B;gBAChC,IAAI,EAAE,8BAA8B;gBACpC,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,wBAAwB;gBAC9B,IAAI,EAAE,uBAAuB;gBAC7B,IAAI,EAAE,eAAe,EAAG,mCAAmC;aAC5D,CAAC;YAEF,qBAAqB;YACrB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;gBACnD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,GAAG,IAAI,KAAK,EAAE,CAAC,CAAC;YACrC,CAAC;YAED,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAEzD,uEAAuE;YACvE,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;YAE9C,qBAAqB;YACrB,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,UAAU,EAAE;gBACvC,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,OAAO;aACR,CAAC,CAAC;QAEL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,yBAAyB;YACzB,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;YACtC,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,UAAkB;QAC9B,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAEtD,gCAAgC;QAChC,MAAM,eAAe,GAAG;YACtB,CAAC,QAAQ,EAAE,UAAU,CAAC;YACtB,CAAC,YAAY,EAAE,IAAI,EAAE,UAAU,CAAC;YAChC,CAAC,UAAU,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,QAAQ;SAC9C,CAAC;QAEF,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,KAAK,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;YAClC,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAE,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC9C,OAAO,GAAG,IAAI,CAAC;gBACf,MAAM;YACR,CAAC;YAAC,MAAM,CAAC;gBACP,kBAAkB;YACpB,CAAC;QACH,CAAC;QAED,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,IAAI,CAAC,qBAAqB,UAAU,2BAA2B,CAAC,CAAC;QAC3E,CAAC;QAED,UAAU;QACV,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;YAClD,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CAAC,UAAkB;QAChC,IAAI,CAAC;YACH,iDAAiD;YACjD,MAAM,IAAI,CAAC,UAAU,CAAC,CAAC;YACvB,OAAO,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU;QACd,KAAK,MAAM,UAAU,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,CAAC;YAClD,MAAM,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACjC,CAAC;IACH,CAAC;IAEO,SAAS,CAAC,IAAc,EAAE,UAAkB;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,qBAAqB,CAAC;QAElE,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,8EAA8E;YAC9E,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,EAAE,IAAI,EAAE;gBAChC,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;aAClC,CAAC,CAAC;YAEH,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC9B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,CAAC,CAAC,CAAC;YAEH,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,IAAI,EAAE;gBAClC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACZ,iCAAiC;gBACjC,IAAI,CAAC;oBACH,MAAM,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;gBACjC,CAAC;gBAAC,MAAM,CAAC;oBACP,+BAA+B;gBACjC,CAAC;gBACD,MAAM,CAAC,IAAI,gBAAgB,CAAC,uBAAuB,OAAO,IAAI,CAAC,CAAC,CAAC;YACnE,CAAC,EAAE,OAAO,CAAC,CAAC;YAEZ,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;gBAC9B,YAAY,CAAC,KAAK,CAAC,CAAC;gBAEpB,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;oBACf,MAAM,CAAC,IAAI,gBAAgB,CAAC,MAAM,IAAI,0BAA0B,IAAI,EAAE,CAAC,CAAC,CAAC;oBACzE,OAAO;gBACT,CAAC;gBAED,8CAA8C;gBAC9C,yCAAyC;gBACzC,IAAI,CAAC;oBACH,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,CAAC;oBACzC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC;oBAEtD,IAAI,SAAS,CAAC,GAAG,KAAK,UAAU,CAAC,GAAG,EAAE,CAAC;wBACrC,0CAA0C;wBAC1C,OAAO,EAAE,CAAC;oBACZ,CAAC;yBAAM,CAAC;wBACN,MAAM,CAAC,IAAI,gBAAgB,CAAC,qCAAqC,CAAC,CAAC,CAAC;oBACtE,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,IAAI,gBAAgB,CAAC,8BAA8B,KAAK,EAAE,CAAC,CAAC,CAAC;gBACtE,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;gBACzB,YAAY,CAAC,KAAK,CAAC,CAAC;gBACpB,MAAM,CAAC,IAAI,gBAAgB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9C,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,WAAW,CAAC,GAAW,EAAE,IAAc;QAC7C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAE9B,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACxB,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;oBACf,OAAO,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,IAAI,KAAK,CAAC,GAAG,GAAG,qBAAqB,IAAI,EAAE,CAAC,CAAC,CAAC;gBACvD,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC;IACL,CAAC;CACF"}

package/dist/index.d.ts

@@ -0,0 +1,8 @@
+/**
+ * @awcp/transport-sshfs
+ *
+ * SSHFS Transport implementation for AWCP data plane
+ */
+export { CredentialManager, type CredentialManagerConfig, type GeneratedCredential, } from './delegator/index.js';
+export { SshfsMountClient, type SshfsMountConfig, type MountParams, } from './executor/index.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EACL,iBAAiB,EACjB,KAAK,uBAAuB,EAC5B,KAAK,mBAAmB,GACzB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EACL,gBAAgB,EAChB,KAAK,gBAAgB,EACrB,KAAK,WAAW,GACjB,MAAM,qBAAqB,CAAC"}

package/dist/index.js

@@ -0,0 +1,10 @@
+/**
+ * @awcp/transport-sshfs
+ *
+ * SSHFS Transport implementation for AWCP data plane
+ */
+// Delegator-side exports
+export { CredentialManager, } from './delegator/index.js';
+// Executor-side exports
+export { SshfsMountClient, } from './executor/index.js';
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,yBAAyB;AACzB,OAAO,EACL,iBAAiB,GAGlB,MAAM,sBAAsB,CAAC;AAE9B,wBAAwB;AACxB,OAAO,EACL,gBAAgB,GAGjB,MAAM,qBAAqB,CAAC"}

package/package.json

@@ -0,0 +1,48 @@
+{
+  "name": "@awcp/transport-sshfs",
+  "version": "0.0.0-dev-202601300724",
+  "description": "AWCP SSHFS Transport - SSH/SFTP based data plane implementation",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    },
+    "./host": {
+      "types": "./dist/host/index.d.ts",
+      "import": "./dist/host/index.js"
+    },
+    "./remote": {
+      "types": "./dist/remote/index.d.ts",
+      "import": "./dist/remote/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json",
+    "clean": "rm -rf dist *.tsbuildinfo",
+    "test": "vitest run",
+    "test:watch": "vitest"
+  },
+  "dependencies": {
+    "@awcp/core": "0.0.0-dev-202601300724"
+  },
+  "keywords": [
+    "awcp",
+    "sshfs",
+    "transport",
+    "sftp",
+    "mount"
+  ],
+  "license": "Apache-2.0",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/anthropics/awcp.git",
+    "directory": "packages/transport-sshfs"
+  }
+}