@browserbridge/bbx 1.2.0 → 1.4.0

package/packages/native-host/bin/postinstall.js

@@ -16,28 +16,49 @@ import { installNativeManifest } from '../src/install-manifest.js';
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 const repoRoot = path.resolve(__dirname, '../../..');
 
-try {
-  await installNativeManifest({ repoRoot, preserveCustomExtensionId: true });
-  process.stdout.write('Browser Bridge: native host installed. Run `bbx doctor` to verify.\n');
-} catch (err) {
-  // Non-fatal - user can run `bbx install` manually.
-  const message = err instanceof Error ? err.message : String(err);
-  process.stderr.write(
-    `Browser Bridge: native host auto-install skipped (${message}).\nRun \`bbx install\` manually if needed.\n`
-  );
-  process.exit(0);
-}
+/**
+ * @param {{
+ *   installNativeManifestFn?: typeof installNativeManifest,
+ *   restartBridgeDaemonIfRunningFn?: typeof restartBridgeDaemonIfRunning,
+ *   stdout?: Pick<NodeJS.WriteStream, 'write'>,
+ *   stderr?: Pick<NodeJS.WriteStream, 'write'>,
+ *   exit?: (code?: number) => void,
+ * }} [deps]
+ * @returns {Promise<void>}
+ */
+export async function runPostinstall({
+  installNativeManifestFn = installNativeManifest,
+  restartBridgeDaemonIfRunningFn = restartBridgeDaemonIfRunning,
+  stdout = process.stdout,
+  stderr = process.stderr,
+  exit = (code) => process.exit(code),
+} = {}) {
+  try {
+    await installNativeManifestFn({ repoRoot, preserveCustomExtensionId: true });
+    stdout.write('Browser Bridge: native host installed. Run `bbx doctor` to verify.\n');
+  } catch (err) {
+    // Non-fatal - user can run `bbx install` manually.
+    const message = err instanceof Error ? err.message : String(err);
+    stderr.write(
+      `Browser Bridge: native host auto-install skipped (${message}).\nRun \`bbx install\` manually if needed.\n`
+    );
+    exit(0);
+    return;
+  }
 
-try {
-  const restartResult = await restartBridgeDaemonIfRunning();
-  if (restartResult) {
-    process.stdout.write(
-      'Browser Bridge: restarted the local daemon to use the updated install.\n'
+  try {
+    const restartResult = await restartBridgeDaemonIfRunningFn();
+    if (restartResult) {
+      stdout.write('Browser Bridge: restarted the local daemon to use the updated install.\n');
+    }
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    stderr.write(
+      `Browser Bridge: native host installed, but daemon restart failed (${message}).\nRun \`bbx restart\` if needed.\n`
     );
   }
-} catch (err) {
-  const message = err instanceof Error ? err.message : String(err);
-  process.stderr.write(
-    `Browser Bridge: native host installed, but daemon restart failed (${message}).\nRun \`bbx restart\` if needed.\n`
-  );
+}
+
+if (process.argv[1] && path.resolve(process.argv[1]) === fileURLToPath(import.meta.url)) {
+  await runPostinstall();
 }

package/packages/native-host/src/auth-token.js

@@ -0,0 +1,92 @@
+// @ts-check
+
+import { randomBytes } from 'node:crypto';
+import fs from 'node:fs';
+import path from 'node:path';
+
+import { getBridgeDir } from './config.js';
+
+const TOKEN_FILENAME = 'daemon.auth';
+const TOKEN_BYTES = 32;
+const TOKEN_PATTERN = /^[A-Za-z0-9_-]{32,256}$/u;
+
+/**
+ * @param {NodeJS.ProcessEnv} [env=process.env]
+ * @returns {string}
+ */
+export function getBridgeAuthTokenPath(env = process.env) {
+  return path.join(getBridgeDir(env), TOKEN_FILENAME);
+}
+
+/**
+ * @param {unknown} value
+ * @returns {string | null}
+ */
+export function normalizeBridgeAuthToken(value) {
+  if (typeof value !== 'string') {
+    return null;
+  }
+  const token = value.trim();
+  return TOKEN_PATTERN.test(token) ? token : null;
+}
+
+/**
+ * @param {{ tokenPath?: string, readFile?: typeof fs.promises.readFile }} [options={}]
+ * @returns {Promise<string | null>}
+ */
+export async function readBridgeAuthToken(options = {}) {
+  const tokenPath = options.tokenPath ?? getBridgeAuthTokenPath();
+  const readFile = options.readFile ?? fs.promises.readFile.bind(fs.promises);
+  try {
+    return normalizeBridgeAuthToken(await readFile(tokenPath, 'utf8'));
+  } catch (error) {
+    if (isMissingFileError(error)) {
+      return null;
+    }
+    throw error;
+  }
+}
+
+/**
+ * @param {{
+ *   tokenPath?: string,
+ *   readFile?: typeof fs.promises.readFile,
+ *   writeFile?: typeof fs.promises.writeFile,
+ *   mkdir?: typeof fs.promises.mkdir,
+ *   chmod?: typeof fs.promises.chmod,
+ *   randomBytesFn?: typeof randomBytes
+ * }} [options={}]
+ * @returns {Promise<string>}
+ */
+export async function ensureBridgeAuthToken(options = {}) {
+  const tokenPath = options.tokenPath ?? getBridgeAuthTokenPath();
+  const readFile = options.readFile ?? fs.promises.readFile.bind(fs.promises);
+  const writeFile = options.writeFile ?? fs.promises.writeFile.bind(fs.promises);
+  const mkdir = options.mkdir ?? fs.promises.mkdir.bind(fs.promises);
+  const chmod = options.chmod ?? fs.promises.chmod.bind(fs.promises);
+  const randomBytesFn = options.randomBytesFn ?? randomBytes;
+  const existing = await readBridgeAuthToken({ tokenPath, readFile });
+  if (existing) {
+    return existing;
+  }
+
+  const token = randomBytesFn(TOKEN_BYTES).toString('base64url');
+  await mkdir(path.dirname(tokenPath), { recursive: true });
+  await writeFile(tokenPath, `${token}\n`, { encoding: 'utf8', mode: 0o600 });
+  if (process.platform !== 'win32') {
+    await chmod(tokenPath, 0o600).catch(() => {});
+  }
+  return token;
+}
+
+/**
+ * @param {unknown} error
+ * @returns {boolean}
+ */
+function isMissingFileError(error) {
+  return Boolean(
+    error &&
+    typeof error === 'object' &&
+    /** @type {{ code?: unknown }} */ (error).code === 'ENOENT'
+  );
+}

package/packages/native-host/src/daemon-process.js

@@ -10,7 +10,6 @@ import { pingExistingDaemon } from './daemon.js';
 import {
   createSocketBridgeTransport,
   formatBridgeTransport,
-  getBridgeDir,
   getBridgeTransport,
   getDaemonPidPath,
 } from './config.js';
@@ -74,7 +73,7 @@ export function spawnBridgeDaemonProcess() {
  * @returns {Promise<void>}
  */
 export async function writeDaemonPidFile(pid = process.pid, pidPath = getDaemonPidPath()) {
-  await fs.promises.mkdir(getBridgeDir(), { recursive: true });
+  await fs.promises.mkdir(path.dirname(pidPath), { recursive: true });
   await fs.promises.writeFile(pidPath, `${pid}\n`, 'utf8');
 }
 

package/packages/native-host/src/daemon.js

@@ -36,6 +36,11 @@ import {
   getBridgeTransport,
   getSocketPath,
 } from './config.js';
+import {
+  ensureBridgeAuthToken,
+  normalizeBridgeAuthToken,
+  readBridgeAuthToken,
+} from './auth-token.js';
 import { normalizeDaemonLogger } from './daemon-logger.js';
 import { writeJsonLine } from './framing.js';
 
@@ -47,7 +52,7 @@ const DAEMON_VERSION = loadDaemonVersion();
 /** @typedef {import('../../protocol/src/types.js').SetupStatus} SetupStatus */
 /** @typedef {import('./config.js').BridgeTransport} BridgeTransport */
 /** @typedef {import('./daemon-logger.js').DaemonLoggerLike} DaemonLoggerLike */
-/** @typedef {import('node:net').Socket & { __clientId?: string, __extensionId?: string, __browserName?: string, __profileLabel?: string, __accessEnabled?: boolean, __lastActiveAt?: number }} ClientSocket */
+/** @typedef {import('node:net').Socket & { __clientId?: string, __extensionId?: string, __browserName?: string, __profileLabel?: string, __accessEnabled?: boolean, __lastActiveAt?: number, __authenticated?: boolean }} ClientSocket */
 /** @typedef {{ socket: ClientSocket, timeoutId: NodeJS.Timeout, source?: string, method?: string, targets: Set<ClientSocket>, lastErrorResponse?: import('../../protocol/src/types.js').BridgeResponse }} PendingEntry */
 /**
  * @typedef {{
@@ -134,6 +139,7 @@ export function isWindowsNamedPipePath(socketPath) {
  *   browserName?: string,
  *   profileLabel?: string,
  *   accessEnabled?: boolean,
+ *   authToken?: string,
  *   at?: number
  * }} DaemonMessage
  */
@@ -146,7 +152,8 @@ export class BridgeDaemon {
    *   listenOptions?: import('node:net').ListenOptions | null,
    *   setupStatusLoader?: () => Promise<SetupStatus>,
    *   setupInstaller?: (params: Record<string, unknown>) => Promise<SetupInstallResult>,
-   *   logger?: DaemonLoggerLike | Pick<Console, 'log' | 'error'>
+   *   logger?: DaemonLoggerLike | Pick<Console, 'log' | 'error'>,
+   *   authToken?: string | null
    * }} [options={}]
    */
   constructor({
@@ -156,6 +163,7 @@ export class BridgeDaemon {
     setupStatusLoader = collectSetupStatus,
     setupInstaller = installSetupTarget,
     logger = undefined,
+    authToken = undefined,
   } = {}) {
     this.transport = socketPath ? createSocketBridgeTransport(socketPath) : transport;
     this.socketPath =
@@ -196,6 +204,15 @@ export class BridgeDaemon {
     this.totalResponseTimeMs = 0;
     /** @type {Map<string, number>} */
     this.requestStartTimes = new Map();
+    /** @type {string | null | undefined} */
+    this.authToken = authToken;
+  }
+
+  /**
+   * @returns {boolean}
+   */
+  isAuthRequired() {
+    return Boolean(this.authToken);
   }
 
   /**
@@ -260,8 +277,8 @@ export class BridgeDaemon {
     if (!pending) {
       return undefined;
     }
+    clearTimeout(pending.timeoutId);
     this.pendingRequests.delete(requestId);
-    this.requestStartTimes.delete(requestId);
     this.removePendingRequestIndex(this.pendingRequestsByOwnerSocket, pending.socket, requestId);
     for (const targetSocket of pending.targets) {
       this.removePendingRequestIndex(this.pendingRequestsByTargetSocket, targetSocket, requestId);
@@ -307,7 +324,20 @@ export class BridgeDaemon {
    * @returns {void}
    */
   registerSocket(socket, message) {
+    if (this.isAuthRequired() && normalizeBridgeAuthToken(message.authToken) !== this.authToken) {
+      this.logger.error('socket registration rejected', { role: message.role ?? null });
+      void writeJsonLine(socket, {
+        type: 'registration_failed',
+        error: {
+          code: ERROR_CODES.ACCESS_DENIED,
+          message: 'Bridge daemon authentication failed.',
+        },
+      }).finally(() => socket.destroy());
+      return;
+    }
+
     if (message.role === 'extension') {
+      socket.__authenticated = true;
       const extensionId = randomUUID();
       socket.__extensionId = extensionId;
       socket.__browserName =
@@ -327,6 +357,7 @@ export class BridgeDaemon {
     }
 
     if (message.role === 'agent') {
+      socket.__authenticated = true;
       const clientId = message.clientId || randomUUID();
       this.agentSockets.set(clientId, socket);
       socket.__clientId = clientId;
@@ -343,6 +374,10 @@ export class BridgeDaemon {
    * @returns {Promise<BridgeDaemon>}
    */
   async start() {
+    if (this.authToken === undefined) {
+      this.authToken = this.transport.type === 'tcp' ? await ensureBridgeAuthToken() : null;
+    }
+
     if (this.transport.type === 'socket' && !isWindowsNamedPipePath(this.socketPath)) {
       const socketDir = path.dirname(this.socketPath);
       await fs.promises.mkdir(socketDir, { recursive: true });
@@ -373,14 +408,22 @@ export class BridgeDaemon {
       typedSocket.on('error', (err) => {
         this.logger.error('socket error', { message: err.message });
       });
-      parseJsonLines(typedSocket, (raw) => {
-        const message = /** @type {DaemonMessage} */ (raw);
-        void this.handleClientMessage(typedSocket, message).catch((err) => {
-          this.logger.error('handler error', {
-            message: err instanceof Error ? err.message : String(err),
+      parseJsonLines(
+        typedSocket,
+        (raw) => {
+          const message = /** @type {DaemonMessage} */ (raw);
+          void this.handleClientMessage(typedSocket, message).catch((err) => {
+            this.logger.error('handler error', {
+              message: err instanceof Error ? err.message : String(err),
+            });
           });
-        });
-      });
+        },
+        {
+          onProtocolError: (error) => {
+            this.logger.error('socket protocol error', { message: error.message });
+          },
+        }
+      );
       typedSocket.on('close', () => this.handleSocketClose(typedSocket));
     });
 
@@ -478,6 +521,10 @@ export class BridgeDaemon {
       return this.registerSocket(socket, message);
     }
 
+    if (this.isAuthRequired() && !socket.__authenticated) {
+      return this.rejectUnauthenticatedMessage(socket, message);
+    }
+
     if (message?.type === 'log') {
       this.pushLog(message.entry ?? {});
       return;
@@ -516,13 +563,73 @@ export class BridgeDaemon {
     });
   }
 
+  /**
+   * @param {ClientSocket} socket
+   * @param {DaemonMessage} message
+   * @returns {Promise<void>}
+   */
+  async rejectUnauthenticatedMessage(socket, message) {
+    if (message?.type === 'agent.request') {
+      const candidate =
+        message.request && typeof message.request === 'object'
+          ? /** @type {Record<string, unknown>} */ (/** @type {unknown} */ (message.request))
+          : {};
+      const response = createFailure(
+        typeof candidate.id === 'string' && candidate.id.trim() ? candidate.id : 'unauthenticated',
+        ERROR_CODES.ACCESS_DENIED,
+        'Register with the daemon auth token before sending bridge requests.',
+        null,
+        typeof candidate.method === 'string' ? { method: candidate.method } : {}
+      );
+      await writeJsonLine(socket, { type: 'agent.response', response });
+      return;
+    }
+
+    await writeJsonLine(socket, {
+      type: 'error',
+      error: {
+        code: ERROR_CODES.ACCESS_DENIED,
+        message: 'Register with the daemon auth token before sending bridge messages.',
+      },
+    });
+  }
+
   /**
    * @param {ClientSocket} socket
    * @param {DaemonMessage} message
    * @returns {Promise<void>}
    */
   async handleAgentRequest(socket, message) {
-    const request = validateBridgeRequest(message.request);
+    /** @type {BridgeRequest} */
+    let request;
+    try {
+      request = validateBridgeRequest(message.request);
+    } catch (error) {
+      const candidate =
+        message.request && typeof message.request === 'object'
+          ? /** @type {Record<string, unknown>} */ (/** @type {unknown} */ (message.request))
+          : {};
+      const response = createFailure(
+        typeof candidate.id === 'string' && candidate.id.trim() ? candidate.id : 'invalid_request',
+        ERROR_CODES.INVALID_REQUEST,
+        error instanceof Error ? error.message : String(error),
+        null,
+        typeof candidate.method === 'string' ? { method: candidate.method } : {}
+      );
+      await writeJsonLine(socket, { type: 'agent.response', response });
+      return;
+    }
+
+    if (this.pendingRequests.has(request.id)) {
+      const response = createFailure(
+        request.id,
+        ERROR_CODES.INVALID_REQUEST,
+        `Request id ${JSON.stringify(request.id)} is already in flight.`
+      );
+      await writeJsonLine(socket, { type: 'agent.response', response });
+      return;
+    }
+
     if (request.method === 'health.ping') {
       if (this.extensionSockets.size === 0) {
         const response = createSuccess(request.id, {
@@ -541,8 +648,10 @@ export class BridgeDaemon {
     }
 
     if (request.method === 'log.tail') {
+      const limit =
+        typeof request.params.limit === 'number' ? request.params.limit : DEFAULT_LOG_TAIL_LIMIT;
       const response = createSuccess(request.id, {
-        entries: this.recentLog.slice(-DEFAULT_LOG_TAIL_LIMIT),
+        entries: this.recentLog.slice(-limit),
       });
       await writeJsonLine(socket, { type: 'agent.response', response });
       return;
@@ -668,6 +777,12 @@ export class BridgeDaemon {
         void writeJsonLine(pending.socket, {
           type: 'agent.response',
           response,
+        }).catch((error) => {
+          this.logger.error('timeout response write failed', {
+            requestId: request.id,
+            method: pending.method,
+            message: error instanceof Error ? error.message : String(error),
+          });
         });
       }, this.pendingTimeoutMs),
     });
@@ -678,7 +793,30 @@ export class BridgeDaemon {
       targetCount: targets.length,
     });
     const broadcastPayload = { type: 'extension.request', request };
-    await Promise.all(targets.map((extSocket) => writeJsonLine(extSocket, broadcastPayload)));
+    await Promise.all(
+      targets.map(async (extSocket) => {
+        try {
+          await writeJsonLine(extSocket, broadcastPayload);
+        } catch (error) {
+          this.logger.error('request route failed', {
+            requestId: request.id,
+            method: request.method,
+            message: error instanceof Error ? error.message : String(error),
+          });
+          const pending = this.pendingRequests.get(request.id);
+          if (!pending) {
+            return;
+          }
+          this.removePendingTarget(request.id, pending, extSocket);
+          if (extSocket.__extensionId) {
+            this.extensionSockets.delete(extSocket.__extensionId);
+            this.invalidateConnectedExtensionsCache();
+          }
+          extSocket.destroy(error instanceof Error ? error : undefined);
+          await this.finishPendingRequestIfExhausted(request.id, pending);
+        }
+      })
+    );
   }
 
   /**
@@ -768,7 +906,6 @@ export class BridgeDaemon {
     this.removePendingTarget(responseMessage.id, pending, socket);
 
     if (responseMessage.ok) {
-      clearTimeout(pending.timeoutId);
       this.clearPendingRequest(responseMessage.id, pending);
       this.recordRequestCompletion(responseMessage.id, true);
       this.pushLog({
@@ -825,7 +962,9 @@ export class BridgeDaemon {
 
     if (socket.__clientId) {
       this.logger.info('agent disconnected', { clientId: socket.__clientId });
-      this.agentSockets.delete(socket.__clientId);
+      if (this.agentSockets.get(socket.__clientId) === socket) {
+        this.agentSockets.delete(socket.__clientId);
+      }
     }
 
     const ownedRequestIds = this.pendingRequestsByOwnerSocket.get(socket);
@@ -835,7 +974,6 @@ export class BridgeDaemon {
         if (!pending) {
           continue;
         }
-        clearTimeout(pending.timeoutId);
         this.clearPendingRequest(id, pending);
         this.recordRequestCompletion(id, false);
       }
@@ -849,7 +987,13 @@ export class BridgeDaemon {
           continue;
         }
         this.removePendingTarget(id, pending, socket);
-        void this.finishPendingRequestIfExhausted(id, pending);
+        void this.finishPendingRequestIfExhausted(id, pending).catch((error) => {
+          this.logger.error('pending exhaustion response failed', {
+            requestId: id,
+            method: pending.method,
+            message: error instanceof Error ? error.message : String(error),
+          });
+        });
       }
     }
   }
@@ -867,7 +1011,6 @@ export class BridgeDaemon {
       return;
     }
 
-    clearTimeout(pending.timeoutId);
     this.clearPendingRequest(requestId, pending);
     this.recordRequestCompletion(requestId, false);
 
@@ -902,6 +1045,7 @@ export class BridgeDaemon {
    */
   recordRequestCompletion(requestId, ok) {
     const startedAt = this.requestStartTimes.get(requestId);
+    this.requestStartTimes.delete(requestId);
     this.requestsProcessed += 1;
     if (!ok) {
       this.requestsFailed += 1;
@@ -933,10 +1077,22 @@ export class BridgeDaemon {
 export async function pingExistingDaemon(transport) {
   const resolvedTransport =
     typeof transport === 'string' ? createSocketBridgeTransport(transport) : transport;
+  const authToken = resolvedTransport.type === 'tcp' ? await readBridgeAuthToken() : null;
   return new Promise((resolve) => {
-    const timeout = setTimeout(() => {
+    let settled = false;
+    /** @param {boolean} value */
+    function finish(value) {
+      if (settled) {
+        return;
+      }
+      settled = true;
+      clearTimeout(timeout);
       socket.destroy();
-      resolve(false);
+      resolve(value);
+    }
+
+    const timeout = setTimeout(() => {
+      finish(false);
     }, DAEMON_EXISTING_SOCKET_PING_TIMEOUT_MS);
 
     const socket =
@@ -944,27 +1100,37 @@ export async function pingExistingDaemon(transport) {
         ? net.createConnection({ host: resolvedTransport.host, port: resolvedTransport.port })
         : net.createConnection(resolvedTransport.socketPath);
     socket.once('error', () => {
-      clearTimeout(timeout);
-      resolve(false);
+      finish(false);
     });
 
     let buf = '';
     socket.setEncoding('utf8');
     socket.on('data', (chunk) => {
       buf += chunk;
-      if (buf.includes('\n')) {
-        clearTimeout(timeout);
-        socket.destroy();
+      while (buf.includes('\n')) {
+        const index = buf.indexOf('\n');
+        const line = buf.slice(0, index).trim();
+        buf = buf.slice(index + 1);
+        if (!line) {
+          continue;
+        }
         try {
-          const msg = JSON.parse(buf.slice(0, buf.indexOf('\n')).trim());
-          resolve(msg?.response?.result?.daemon === 'ok');
+          const msg = JSON.parse(line);
+          if (msg?.type === 'agent.response') {
+            finish(msg?.response?.result?.daemon === 'ok');
+          }
         } catch {
-          resolve(false);
+          finish(false);
         }
       }
     });
 
     socket.once('connect', () => {
+      if (authToken) {
+        socket.write(
+          `${JSON.stringify({ type: 'register', role: 'agent', clientId: 'ping_probe', authToken })}\n`
+        );
+      }
       socket.write(
         `${JSON.stringify({
           type: 'agent.request',
@@ -986,7 +1152,10 @@ export async function pingExistingDaemon(transport) {
  * @returns {SetupInstallParams & { action: 'install' | 'uninstall', kind: 'mcp' | 'skill', target: string }}
  */
 export function normalizeSetupInstallParams(params) {
-  const action = params.action === 'uninstall' ? 'uninstall' : 'install';
+  const action = params.action == null ? 'install' : params.action;
+  if (action !== 'install' && action !== 'uninstall') {
+    throw new Error('setup.install action must be "install" or "uninstall".');
+  }
   const kind = params.kind === 'mcp' || params.kind === 'skill' ? params.kind : null;
   const target = typeof params.target === 'string' ? params.target.trim().toLowerCase() : '';
   if (!kind) {
@@ -995,7 +1164,7 @@ export function normalizeSetupInstallParams(params) {
   if (!target) {
     throw new Error('setup.install requires a target.');
   }
-  return { action, kind, target };
+  return { action: /** @type {'install' | 'uninstall'} */ (action), kind, target };
 }
 
 /**

package/packages/native-host/src/framing.js

@@ -24,6 +24,19 @@ export async function writeNativeMessage(stream, message) {
   }
 }
 
+/**
+ * @param {NodeJS.WritableStream} stream
+ * @returns {(message: unknown) => Promise<void>}
+ */
+export function createNativeMessageWriter(stream) {
+  let queue = Promise.resolve();
+  return (message) => {
+    const writePromise = queue.then(() => writeNativeMessage(stream, message));
+    queue = writePromise.catch(() => {});
+    return writePromise;
+  };
+}
+
 /**
  * @param {NodeJS.ReadableStream} stream
  * @param {(message: unknown) => void} onMessage