npm - @elizaos/plugin-elizacloud - Versions diffs - 2.0.0-alpha.7 → 2.0.0-beta.1 - Mend

@elizaos/plugin-elizacloud 2.0.0-alpha.7 → 2.0.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (378) hide show

package/LICENSE +21 -0
package/README.md +220 -0
package/auto-enable.ts +17 -0
package/dist/browser/index.browser.js +2 -21
package/dist/browser/index.browser.js.map +5 -37
package/dist/cjs/index.d.ts +2 -2
package/dist/cjs/index.node.cjs +12173 -2271
package/dist/cjs/index.node.js.map +135 -27
package/dist/cloud/auth.d.ts +19 -0
package/dist/cloud/auth.d.ts.map +1 -0
package/dist/cloud/auth.js +330 -0
package/dist/cloud/auth.js.map +12 -0
package/dist/cloud/backup.d.ts +18 -0
package/dist/cloud/backup.d.ts.map +1 -0
package/dist/cloud/backup.js +63 -0
package/dist/cloud/backup.js.map +10 -0
package/dist/cloud/base-url.d.ts +3 -0
package/dist/cloud/base-url.d.ts.map +1 -0
package/dist/cloud/base-url.js +77 -0
package/dist/cloud/base-url.js.map +10 -0
package/dist/cloud/bridge-client.d.ts +126 -0
package/dist/cloud/bridge-client.d.ts.map +1 -0
package/dist/cloud/bridge-client.js +432 -0
package/dist/cloud/bridge-client.js.map +11 -0
package/dist/cloud/cloud-api-key.d.ts +26 -0
package/dist/cloud/cloud-api-key.d.ts.map +1 -0
package/dist/cloud/cloud-api-key.js +60 -0
package/dist/cloud/cloud-api-key.js.map +10 -0
package/dist/cloud/cloud-manager.d.ts +33 -0
package/dist/cloud/cloud-manager.d.ts.map +1 -0
package/dist/cloud/cloud-manager.js +853 -0
package/dist/cloud/cloud-manager.js.map +16 -0
package/dist/cloud/cloud-proxy.d.ts +20 -0
package/dist/cloud/cloud-proxy.d.ts.map +1 -0
package/dist/cloud/cloud-proxy.js +54 -0
package/dist/cloud/cloud-proxy.js.map +10 -0
package/dist/cloud/cloud-wallet.d.ts +94 -0
package/dist/cloud/cloud-wallet.d.ts.map +1 -0
package/dist/cloud/cloud-wallet.js +5195 -0
package/dist/cloud/cloud-wallet.js.map +92 -0
package/dist/cloud/index.d.ts +9 -0
package/dist/cloud/index.d.ts.map +1 -0
package/dist/cloud/index.js +30 -0
package/dist/cloud/index.js.map +9 -0
package/dist/cloud/reconnect.d.ts +26 -0
package/dist/cloud/reconnect.d.ts.map +1 -0
package/dist/cloud/reconnect.js +104 -0
package/dist/cloud/reconnect.js.map +10 -0
package/dist/cloud/validate-url.d.ts +2 -0
package/dist/cloud/validate-url.d.ts.map +1 -0
package/dist/cloud/validate-url.js +174 -0
package/dist/cloud/validate-url.js.map +10 -0
package/dist/cloud-providers/cloud-status.d.ts.map +1 -1
package/dist/cloud-providers/cloud-status.js +78 -0
package/dist/cloud-providers/cloud-status.js.map +10 -0
package/dist/cloud-providers/container-health.d.ts.map +1 -1
package/dist/cloud-providers/container-health.js +74 -0
package/dist/cloud-providers/container-health.js.map +10 -0
package/dist/cloud-providers/credit-balance.d.ts.map +1 -1
package/dist/cloud-providers/credit-balance.js +85 -0
package/dist/cloud-providers/credit-balance.js.map +10 -0
package/dist/cloud-providers/index.d.ts.map +1 -1
package/dist/cloud-providers/index.js +24 -0
package/dist/cloud-providers/index.js.map +9 -0
package/dist/cloud-providers/model-registry.d.ts.map +1 -1
package/dist/cloud-providers/model-registry.js +71 -0
package/dist/cloud-providers/model-registry.js.map +10 -0
package/dist/index.browser.d.ts +4 -2
package/dist/index.browser.d.ts.map +1 -1
package/dist/index.d.ts +18 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +12851 -0
package/dist/index.js.map +145 -0
package/dist/index.node.d.ts +15 -2
package/dist/index.node.d.ts.map +1 -1
package/dist/init.d.ts.map +1 -1
package/dist/init.js +169 -0
package/dist/init.js.map +12 -0
package/dist/lib/cloud-connection.d.ts +78 -0
package/dist/lib/cloud-connection.d.ts.map +1 -0
package/dist/lib/cloud-connection.js +731 -0
package/dist/lib/cloud-connection.js.map +14 -0
package/dist/lib/cloud-secrets.d.ts +23 -0
package/dist/lib/cloud-secrets.d.ts.map +1 -0
package/dist/lib/cloud-secrets.js +64 -0
package/dist/lib/cloud-secrets.js.map +10 -0
package/dist/lib/config-env.d.ts +5 -0
package/dist/lib/config-env.d.ts.map +1 -0
package/dist/lib/config-env.js +191 -0
package/dist/lib/config-env.js.map +11 -0
package/dist/lib/config-like.d.ts +40 -0
package/dist/lib/config-like.d.ts.map +1 -0
package/dist/lib/config-like.js +103 -0
package/dist/lib/config-like.js.map +10 -0
package/dist/lib/credential-type-map.d.ts +53 -0
package/dist/lib/credential-type-map.d.ts.map +1 -0
package/dist/lib/credential-type-map.js +88 -0
package/dist/lib/credential-type-map.js.map +10 -0
package/dist/lib/feature-flags.d.ts +2 -0
package/dist/lib/feature-flags.d.ts.map +1 -0
package/dist/lib/feature-flags.js +40 -0
package/dist/lib/feature-flags.js.map +10 -0
package/dist/lib/http.d.ts +22 -0
package/dist/lib/http.d.ts.map +1 -0
package/dist/lib/http.js +107 -0
package/dist/lib/http.js.map +10 -0
package/dist/lib/server-cloud-tts.d.ts +34 -0
package/dist/lib/server-cloud-tts.d.ts.map +1 -0
package/dist/lib/server-cloud-tts.js +549 -0
package/dist/lib/server-cloud-tts.js.map +13 -0
package/dist/lib/state-paths.d.ts +4 -0
package/dist/lib/state-paths.d.ts.map +1 -0
package/dist/lib/state-paths.js +52 -0
package/dist/lib/state-paths.js.map +10 -0
package/dist/lib/tts-debug.d.ts +4 -0
package/dist/lib/tts-debug.d.ts.map +1 -0
package/dist/lib/tts-debug.js +57 -0
package/dist/lib/tts-debug.js.map +10 -0
package/dist/models/embeddings.d.ts.map +1 -1
package/dist/models/embeddings.js +319 -0
package/dist/models/embeddings.js.map +13 -0
package/dist/models/image.d.ts.map +1 -1
package/dist/models/image.js +374 -0
package/dist/models/image.js.map +14 -0
package/dist/models/index.d.ts +1 -2
package/dist/models/index.d.ts.map +1 -1
package/dist/models/index.js +1386 -0
package/dist/models/index.js.map +20 -0
package/dist/models/research.d.ts.map +1 -1
package/dist/models/research.js +324 -0
package/dist/models/research.js.map +13 -0
package/dist/models/speech.d.ts.map +1 -1
package/dist/models/speech.js +273 -0
package/dist/models/speech.js.map +13 -0
package/dist/models/text.d.ts +5 -2
package/dist/models/text.d.ts.map +1 -1
package/dist/models/text.js +803 -0
package/dist/models/text.js.map +15 -0
package/dist/models/tokenization.d.ts.map +1 -1
package/dist/models/tokenization.js +65 -0
package/dist/models/tokenization.js.map +10 -0
package/dist/models/transcription.d.ts.map +1 -1
package/dist/models/transcription.js +283 -0
package/dist/models/transcription.js.map +13 -0
package/dist/node/index.d.ts +2 -2
package/dist/node/index.node.js +12171 -2266
package/dist/node/index.node.js.map +135 -27
package/dist/onboarding.d.ts +35 -0
package/dist/onboarding.d.ts.map +1 -0
package/dist/onboarding.js +883 -0
package/dist/onboarding.js.map +14 -0
package/dist/plugin.d.ts +20 -0
package/dist/plugin.d.ts.map +1 -0
package/dist/plugin.js +7611 -0
package/dist/plugin.js.map +104 -0
package/dist/providers/openai.d.ts.map +1 -1
package/dist/providers/openai.js +127 -0
package/dist/providers/openai.js.map +11 -0
package/dist/register-routes.d.ts +2 -0
package/dist/register-routes.d.ts.map +1 -0
package/dist/register-routes.js +7612 -0
package/dist/register-routes.js.map +105 -0
package/dist/routes/cloud-billing-routes.d.ts +9 -0
package/dist/routes/cloud-billing-routes.d.ts.map +1 -0
package/dist/routes/cloud-billing-routes.js +807 -0
package/dist/routes/cloud-billing-routes.js.map +14 -0
package/dist/routes/cloud-compat-routes.d.ts +10 -0
package/dist/routes/cloud-compat-routes.d.ts.map +1 -0
package/dist/routes/cloud-compat-routes.js +538 -0
package/dist/routes/cloud-compat-routes.js.map +14 -0
package/dist/routes/cloud-features-routes.d.ts +9 -0
package/dist/routes/cloud-features-routes.d.ts.map +1 -0
package/dist/routes/cloud-features-routes.js +124 -0
package/dist/routes/cloud-features-routes.js.map +11 -0
package/dist/routes/cloud-provisioning.d.ts +14 -0
package/dist/routes/cloud-provisioning.d.ts.map +1 -0
package/dist/routes/cloud-provisioning.js +37 -0
package/dist/routes/cloud-provisioning.js.map +10 -0
package/dist/routes/cloud-relay-routes.d.ts +22 -0
package/dist/routes/cloud-relay-routes.d.ts.map +1 -0
package/dist/routes/cloud-relay-routes.js +60 -0
package/dist/routes/cloud-relay-routes.js.map +10 -0
package/dist/routes/cloud-routes-autonomous.d.ts +83 -0
package/dist/routes/cloud-routes-autonomous.d.ts.map +1 -0
package/dist/routes/cloud-routes-autonomous.js +6134 -0
package/dist/routes/cloud-routes-autonomous.js.map +97 -0
package/dist/routes/cloud-routes.d.ts +35 -0
package/dist/routes/cloud-routes.d.ts.map +1 -0
package/dist/routes/cloud-routes.js +6888 -0
package/dist/routes/cloud-routes.js.map +100 -0
package/dist/routes/cloud-status-routes-autonomous.d.ts +15 -0
package/dist/routes/cloud-status-routes-autonomous.d.ts.map +1 -0
package/dist/routes/cloud-status-routes-autonomous.js +396 -0
package/dist/routes/cloud-status-routes-autonomous.js.map +13 -0
package/dist/routes/cloud-status-routes.d.ts +4 -0
package/dist/routes/cloud-status-routes.d.ts.map +1 -0
package/dist/routes/cloud-status-routes.js +771 -0
package/dist/routes/cloud-status-routes.js.map +15 -0
package/dist/services/cloud-auth.d.ts +140 -5
package/dist/services/cloud-auth.d.ts.map +1 -1
package/dist/services/cloud-auth.js +363 -0
package/dist/services/cloud-auth.js.map +12 -0
package/dist/services/cloud-backup.d.ts.map +1 -1
package/dist/services/cloud-backup.js +176 -0
package/dist/services/cloud-backup.js.map +11 -0
package/dist/services/cloud-bootstrap.d.ts +38 -0
package/dist/services/cloud-bootstrap.d.ts.map +1 -0
package/dist/services/cloud-bootstrap.js +84 -0
package/dist/services/cloud-bootstrap.js.map +10 -0
package/dist/services/cloud-bridge.d.ts +1 -1
package/dist/services/cloud-bridge.d.ts.map +1 -1
package/dist/services/cloud-bridge.js +308 -0
package/dist/services/cloud-bridge.js.map +11 -0
package/dist/services/cloud-container.d.ts.map +1 -1
package/dist/services/cloud-container.js +241 -0
package/dist/services/cloud-container.js.map +11 -0
package/dist/services/cloud-credential-provider.d.ts +55 -0
package/dist/services/cloud-credential-provider.d.ts.map +1 -0
package/dist/services/cloud-credential-provider.js +190 -0
package/dist/services/cloud-credential-provider.js.map +11 -0
package/dist/services/cloud-managed-gateway-relay.d.ts +38 -0
package/dist/services/cloud-managed-gateway-relay.d.ts.map +1 -0
package/dist/services/cloud-managed-gateway-relay.js +479 -0
package/dist/services/cloud-managed-gateway-relay.js.map +10 -0
package/dist/services/cloud-model-registry.d.ts.map +1 -1
package/dist/services/cloud-model-registry.js +175 -0
package/dist/services/cloud-model-registry.js.map +10 -0
package/dist/services/index.d.ts +3 -1
package/dist/services/index.d.ts.map +1 -1
package/dist/services/index.js +29 -0
package/dist/services/index.js.map +9 -0
package/dist/types/cloud.d.ts +41 -19
package/dist/types/cloud.d.ts.map +1 -1
package/dist/types/cloud.js +52 -0
package/dist/types/cloud.js.map +10 -0
package/dist/types/index.d.ts +1 -1
package/dist/types/index.d.ts.map +1 -1
package/dist/types/index.js +24 -0
package/dist/types/index.js.map +9 -0
package/dist/utils/cloud-api.d.ts +2 -27
package/dist/utils/cloud-api.d.ts.map +1 -1
package/dist/utils/cloud-api.js +33 -0
package/dist/utils/cloud-api.js.map +10 -0
package/dist/utils/cloud-sdk/client.d.ts +133 -0
package/dist/utils/cloud-sdk/client.d.ts.map +1 -0
package/dist/utils/cloud-sdk/client.js +3561 -0
package/dist/utils/cloud-sdk/client.js.map +13 -0
package/dist/utils/cloud-sdk/http.d.ts +37 -0
package/dist/utils/cloud-sdk/http.d.ts.map +1 -0
package/dist/utils/cloud-sdk/http.js +237 -0
package/dist/utils/cloud-sdk/http.js.map +11 -0
package/dist/utils/cloud-sdk/index.d.ts +6 -0
package/dist/utils/cloud-sdk/index.d.ts.map +1 -0
package/dist/utils/cloud-sdk/index.js +29 -0
package/dist/utils/cloud-sdk/index.js.map +9 -0
package/dist/utils/cloud-sdk/public-routes.d.ts +5377 -0
package/dist/utils/cloud-sdk/public-routes.d.ts.map +1 -0
package/dist/utils/cloud-sdk/public-routes.js +2950 -0
package/dist/utils/cloud-sdk/public-routes.js.map +10 -0
package/dist/utils/cloud-sdk/types.cloud-api.d.ts +101 -0
package/dist/utils/cloud-sdk/types.cloud-api.d.ts.map +1 -0
package/dist/utils/cloud-sdk/types.cloud-api.js +2 -0
package/dist/utils/cloud-sdk/types.cloud-api.js.map +9 -0
package/dist/utils/cloud-sdk/types.d.ts +655 -0
package/dist/utils/cloud-sdk/types.d.ts.map +1 -0
package/dist/utils/cloud-sdk/types.js +29 -0
package/dist/utils/cloud-sdk/types.js.map +10 -0
package/dist/utils/config.d.ts +7 -3
package/dist/utils/config.d.ts.map +1 -1
package/dist/utils/config.js +137 -0
package/dist/utils/config.js.map +10 -0
package/dist/utils/events.d.ts.map +1 -1
package/dist/utils/events.js +43 -0
package/dist/utils/events.js.map +10 -0
package/dist/utils/helpers.d.ts.map +1 -1
package/dist/utils/helpers.js +103 -0
package/dist/utils/helpers.js.map +10 -0
package/dist/utils/responses-output.d.ts +13 -0
package/dist/utils/responses-output.d.ts.map +1 -0
package/dist/utils/responses-output.js +102 -0
package/dist/utils/responses-output.js.map +10 -0
package/dist/utils/sdk-client.d.ts +5 -0
package/dist/utils/sdk-client.d.ts.map +1 -0
package/dist/utils/sdk-client.js +144 -0
package/dist/utils/sdk-client.js.map +11 -0
package/package.json +108 -19
package/src/cloud/auth.ts +175 -0
package/src/cloud/backup.ts +46 -0
package/src/cloud/base-url.ts +62 -0
package/src/cloud/bridge-client.ts +602 -0
package/src/cloud/cloud-api-key.ts +80 -0
package/src/cloud/cloud-manager.ts +163 -0
package/src/cloud/cloud-proxy.ts +52 -0
package/src/cloud/cloud-wallet.ts +341 -0
package/src/cloud/index.ts +28 -0
package/src/cloud/reconnect.ts +111 -0
package/src/cloud/validate-url.ts +181 -0
package/src/cloud-providers/cloud-status.ts +75 -0
package/src/cloud-providers/container-health.ts +68 -0
package/src/cloud-providers/credit-balance.ts +70 -0
package/src/cloud-providers/index.ts +3 -0
package/src/cloud-providers/model-registry.ts +74 -0
package/src/index.browser.ts +10 -0
package/src/index.node.ts +39 -0
package/src/index.ts +347 -0
package/src/init.ts +39 -0
package/src/lib/cloud-connection.ts +663 -0
package/src/lib/cloud-secrets.ts +58 -0
package/src/lib/config-env.ts +168 -0
package/src/lib/config-like.ts +149 -0
package/src/lib/credential-type-map.ts +130 -0
package/src/lib/feature-flags.ts +26 -0
package/src/lib/http.ts +139 -0
package/src/lib/server-cloud-tts.ts +609 -0
package/src/lib/state-paths.ts +28 -0
package/src/lib/tts-debug.ts +34 -0
package/src/models/embeddings.ts +234 -0
package/src/models/image.ts +219 -0
package/src/models/index.ts +16 -0
package/src/models/research.ts +265 -0
package/src/models/speech.ts +78 -0
package/src/models/text.ts +899 -0
package/src/models/tokenization.ts +67 -0
package/src/models/transcription.ts +97 -0
package/src/onboarding.ts +396 -0
package/src/plugin.ts +243 -0
package/src/providers/openai.ts +16 -0
package/src/register-routes.ts +6 -0
package/src/routes/cloud-billing-routes.ts +754 -0
package/src/routes/cloud-compat-routes.ts +314 -0
package/src/routes/cloud-features-routes.ts +57 -0
package/src/routes/cloud-provisioning.ts +37 -0
package/src/routes/cloud-relay-routes.ts +89 -0
package/src/routes/cloud-routes-autonomous.ts +996 -0
package/src/routes/cloud-routes.ts +576 -0
package/src/routes/cloud-status-routes-autonomous.ts +234 -0
package/src/routes/cloud-status-routes.ts +73 -0
package/src/services/cloud-auth.ts +567 -0
package/src/services/cloud-backup.ts +208 -0
package/src/services/cloud-bootstrap.ts +108 -0
package/src/services/cloud-bridge.ts +386 -0
package/src/services/cloud-container.ts +297 -0
package/src/services/cloud-credential-provider.ts +210 -0
package/src/services/cloud-managed-gateway-relay.ts +663 -0
package/src/services/cloud-model-registry.ts +202 -0
package/src/services/index.ts +17 -0
package/{types → src/types}/cloud.ts +52 -29
package/{types → src/types}/index.ts +6 -0
package/src/utils/cloud-api.ts +10 -0
package/src/utils/cloud-sdk/client.ts +735 -0
package/src/utils/cloud-sdk/http.ts +291 -0
package/src/utils/cloud-sdk/index.ts +23 -0
package/src/utils/cloud-sdk/public-routes.ts +5070 -0
package/src/utils/cloud-sdk/types.cloud-api.ts +120 -0
package/src/utils/cloud-sdk/types.ts +762 -0
package/src/utils/config.ts +174 -0
package/src/utils/events.ts +37 -0
package/src/utils/helpers.ts +107 -0
package/src/utils/responses-output.ts +115 -0
package/src/utils/sdk-client.ts +37 -0
package/dist/actions/check-credits.d.ts +0 -6
package/dist/actions/check-credits.d.ts.map +0 -1
package/dist/actions/freeze-agent.d.ts +0 -9
package/dist/actions/freeze-agent.d.ts.map +0 -1
package/dist/actions/index.d.ts +0 -5
package/dist/actions/index.d.ts.map +0 -1
package/dist/actions/provision-agent.d.ts +0 -8
package/dist/actions/provision-agent.d.ts.map +0 -1
package/dist/actions/resume-agent.d.ts +0 -9
package/dist/actions/resume-agent.d.ts.map +0 -1
package/dist/build.d.ts +0 -3
package/dist/build.d.ts.map +0 -1
package/dist/generated/specs/specs.d.ts +0 -55
package/dist/generated/specs/specs.d.ts.map +0 -1
package/dist/models/object.d.ts +0 -4
package/dist/models/object.d.ts.map +0 -1
package/dist/utils/forwarded-settings.d.ts +0 -8
package/dist/utils/forwarded-settings.d.ts.map +0 -1

package/dist/services/cloud-auth.js ADDED Viewed

@@ -0,0 +1,363 @@
+import { createRequire } from "node:module";
+var __defProp = Object.defineProperty;
+var __returnValue = (v) => v;
+function __exportSetter(name, newValue) {
+  this[name] = __returnValue.bind(null, newValue);
+}
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, {
+      get: all[name],
+      enumerable: true,
+      configurable: true,
+      set: __exportSetter.bind(all, name)
+    });
+};
+var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
+var __require = /* @__PURE__ */ createRequire(import.meta.url);
+// src/types/cloud.ts
+import {
+  CloudApiError,
+  InsufficientCreditsError
+} from "@elizaos/cloud-sdk";
+var DEFAULT_CLOUD_CONFIG = {
+  enabled: false,
+  baseUrl: "https://www.elizacloud.ai/api/v1",
+  inferenceMode: "cloud",
+  autoProvision: false,
+  bridge: {
+    reconnectIntervalMs: 3000,
+    maxReconnectAttempts: 20,
+    heartbeatIntervalMs: 30000
+  },
+  backup: {
+    autoBackupIntervalMs: 3600000,
+    maxSnapshots: 10
+  },
+  container: {
+    defaultImage: "elizaos/agent:latest",
+    defaultArchitecture: "arm64",
+    defaultCpu: 1792,
+    defaultMemory: 1792,
+    defaultPort: 3000
+  }
+};
+// src/utils/cloud-api.ts
+import {
+  CloudApiClient,
+  CloudApiError as CloudApiError2,
+  ElizaCloudHttpClient,
+  InsufficientCreditsError as InsufficientCreditsError2
+} from "@elizaos/cloud-sdk";
+// src/services/cloud-auth.ts
+import {
+  logger,
+  Service,
+  resolveApiSecurityConfig,
+  resolveDesktopApiPort
+} from "@elizaos/core";
+import { createRemoteJWKSet, jwtVerify } from "jose";
+async function deriveDeviceId() {
+  const os = await import("node:os");
+  const crypto = await import("node:crypto");
+  const cpus = os.cpus();
+  const raw = [
+    os.hostname(),
+    os.platform(),
+    os.arch(),
+    cpus[0]?.model ?? "?",
+    cpus.length,
+    os.totalmem()
+  ].join(":");
+  return crypto.createHash("sha256").update(raw).digest("hex");
+}
+function detectPlatform() {
+  if (typeof process === "undefined")
+    return "web";
+  const map = {
+    darwin: "macos",
+    win32: "windows",
+    linux: "linux"
+  };
+  return map[process.platform] ?? "linux";
+}
+function readEnvKey(env, key) {
+  const value = env[key];
+  if (typeof value !== "string")
+    return null;
+  const trimmed = value.trim();
+  return trimmed.length > 0 ? trimmed : null;
+}
+function processEnv() {
+  if (typeof process === "undefined")
+    return {};
+  return process.env;
+}
+function defaultRedirectUri(env) {
+  const security = resolveApiSecurityConfig(env);
+  const port = resolveDesktopApiPort(env);
+  const scheme = security.isLoopbackBind ? "http" : "https";
+  const host = security.bindHost.startsWith("[") ? security.bindHost : security.bindHost.includes(":") && !security.bindHost.startsWith("[") ? `[${security.bindHost}]` : security.bindHost;
+  return `${scheme}://${host}:${port}/api/auth/login/sso/callback`;
+}
+function getSsoRedirectUrl(bootstrap, args) {
+  const env = args.env ?? processEnv();
+  const clientId = args.clientId ?? readEnvKey(env, "ELIZA_CLOUD_CLIENT_ID");
+  if (!clientId) {
+    throw new Error("ELIZA_CLOUD_CLIENT_ID is not configured — cannot start Eliza Cloud SSO");
+  }
+  if (args.state.length === 0) {
+    throw new Error("getSsoRedirectUrl requires a non-empty state nonce");
+  }
+  const issuer = bootstrap.getExpectedIssuer();
+  const redirectUri = defaultRedirectUri(env);
+  const params = new URLSearchParams;
+  params.set("response_type", "code");
+  params.set("client_id", clientId);
+  params.set("redirect_uri", redirectUri);
+  params.set("scope", "openid profile");
+  params.set("state", args.state);
+  if (args.returnTo) {
+    params.set("eliza_return_to", args.returnTo);
+  }
+  return `${issuer}/oauth/authorize?${params.toString()}`;
+}
+function shapeIdTokenClaims(payload) {
+  if (typeof payload.iss !== "string" || payload.iss.length === 0) {
+    throw new Error("id_token missing issuer claim");
+  }
+  if (typeof payload.sub !== "string" || payload.sub.length === 0) {
+    throw new Error("id_token missing sub claim");
+  }
+  if (typeof payload.aud !== "string" && !(Array.isArray(payload.aud) && payload.aud.every((value) => typeof value === "string"))) {
+    throw new Error("id_token missing or malformed aud claim");
+  }
+  if (typeof payload.exp !== "number" || !Number.isFinite(payload.exp)) {
+    throw new Error("id_token missing exp claim");
+  }
+  if (typeof payload.iat !== "number" || !Number.isFinite(payload.iat)) {
+    throw new Error("id_token missing iat claim");
+  }
+  if (typeof payload.email !== "string" || payload.email.length === 0) {
+    throw new Error("id_token missing email claim — Eliza Cloud SSO requires it");
+  }
+  if (typeof payload.name !== "string" || payload.name.length === 0) {
+    throw new Error("id_token missing name claim — Eliza Cloud SSO requires it");
+  }
+  const extra = {};
+  for (const [key, value] of Object.entries(payload)) {
+    if (key !== "iss" && key !== "sub" && key !== "aud" && key !== "exp" && key !== "iat" && key !== "email" && key !== "email_verified" && key !== "name" && key !== "picture") {
+      extra[key] = value;
+    }
+  }
+  return {
+    iss: payload.iss,
+    sub: payload.sub,
+    aud: payload.aud,
+    exp: payload.exp,
+    iat: payload.iat,
+    email: payload.email,
+    email_verified: typeof payload.email_verified === "boolean" ? payload.email_verified : undefined,
+    name: payload.name,
+    picture: typeof payload.picture === "string" ? payload.picture : undefined,
+    extra
+  };
+}
+function shapeTokenResponse(payload) {
+  if (!payload || typeof payload !== "object") {
+    throw new Error("Eliza Cloud token endpoint returned a non-object body");
+  }
+  const raw = payload;
+  if (typeof raw.id_token !== "string" || raw.id_token.length === 0) {
+    throw new Error("Eliza Cloud token endpoint did not return an id_token");
+  }
+  return { idToken: raw.id_token };
+}
+async function exchangeCodeForSession(args) {
+  if (args.code.length === 0) {
+    throw new Error("exchangeCodeForSession requires a non-empty code");
+  }
+  if (!args.state || !args.expectedState || args.state !== args.expectedState) {
+    throw new Error("Eliza Cloud SSO state mismatch — refusing to exchange code (possible CSRF)");
+  }
+  const env = args.env ?? processEnv();
+  const clientId = readEnvKey(env, "ELIZA_CLOUD_CLIENT_ID");
+  if (!clientId) {
+    throw new Error("ELIZA_CLOUD_CLIENT_ID is not configured — cannot complete Eliza Cloud SSO");
+  }
+  const clientSecret = readEnvKey(env, "ELIZA_CLOUD_CLIENT_SECRET");
+  if (!clientSecret) {
+    throw new Error("ELIZA_CLOUD_CLIENT_SECRET is not configured — cannot complete Eliza Cloud SSO");
+  }
+  const issuer = args.bootstrap.getExpectedIssuer();
+  const redirectUri = args.redirectUri ?? defaultRedirectUri(env);
+  const tokenUrl = `${issuer}/oauth/token`;
+  const fetchImpl = args.fetchImpl ?? fetch;
+  const body = new URLSearchParams;
+  body.set("grant_type", "authorization_code");
+  body.set("code", args.code);
+  body.set("redirect_uri", redirectUri);
+  body.set("client_id", clientId);
+  body.set("client_secret", clientSecret);
+  const response = await fetchImpl(tokenUrl, {
+    method: "POST",
+    headers: {
+      "content-type": "application/x-www-form-urlencoded",
+      accept: "application/json"
+    },
+    body: body.toString()
+  });
+  if (!response.ok) {
+    throw new Error(`Eliza Cloud token endpoint returned HTTP ${response.status} for code exchange`);
+  }
+  const payload = await response.json();
+  const { idToken } = shapeTokenResponse(payload);
+  const jwksUrl = args.bootstrap.getJwksUrl();
+  const remoteJwks = createRemoteJWKSet(new URL(jwksUrl));
+  const verified = await jwtVerify(idToken, remoteJwks, {
+    algorithms: ["RS256"],
+    issuer,
+    audience: clientId
+  });
+  const claims = shapeIdTokenClaims(verified.payload);
+  return {
+    cloudUserId: claims.sub,
+    email: claims.email,
+    displayName: claims.name,
+    claims
+  };
+}
+class CloudAuthService extends Service {
+  static serviceType = "CLOUD_AUTH";
+  capabilityDescription = "Eliza Cloud device authentication and SSO session helpers";
+  client;
+  credentials = null;
+  constructor(runtime) {
+    super(runtime);
+    this.client = new CloudApiClient(DEFAULT_CLOUD_CONFIG.baseUrl);
+  }
+  static async start(runtime) {
+    const service = new CloudAuthService(runtime);
+    await service.initialize();
+    return service;
+  }
+  async stop() {
+    this.credentials = null;
+  }
+  async initialize() {
+    const baseUrl = String(this.runtime.getSetting("ELIZAOS_CLOUD_BASE_URL") ?? DEFAULT_CLOUD_CONFIG.baseUrl);
+    this.client.setBaseUrl(baseUrl);
+    const existingKey = this.runtime.getSetting("ELIZAOS_CLOUD_API_KEY");
+    if (existingKey) {
+      const key = String(existingKey);
+      this.client.setApiKey(key);
+      this.credentials = {
+        apiKey: key,
+        userId: String(this.runtime.getSetting("ELIZAOS_CLOUD_USER_ID") ?? ""),
+        organizationId: String(this.runtime.getSetting("ELIZAOS_CLOUD_ORG_ID") ?? this.runtime.getSetting("ELIZA_CLOUD_ORGANIZATION_ID") ?? ""),
+        authenticatedAt: Date.now()
+      };
+      logger.info("[CloudAuth] Authenticated with saved API key");
+      this.validateApiKey(key).then((valid) => {
+        if (!valid) {
+          logger.warn("[CloudAuth] Saved API key could not be validated (cloud may be unreachable or key revoked) — model calls will use the key anyway");
+        }
+      }).catch(() => {});
+      return;
+    }
+    const enabled = this.runtime.getSetting("ELIZAOS_CLOUD_ENABLED");
+    if (enabled === "true" || enabled === "1") {
+      try {
+        await this.authenticateWithDevice();
+      } catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        logger.warn(`[CloudAuth] Device auth failed (cloud may be unreachable): ${msg}`);
+        logger.info("[CloudAuth] Service will start unauthenticated — cloud features disabled until connectivity is restored");
+      }
+    } else {
+      logger.info("[CloudAuth] Cloud not enabled (set ELIZAOS_CLOUD_ENABLED=true)");
+    }
+  }
+  async validateApiKey(key) {
+    try {
+      const validationClient = new CloudApiClient(this.client.getBaseUrl(), key);
+      await validationClient.get("/models", { timeoutMs: 1e4 });
+      return true;
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      logger.warn(`[CloudAuth] Could not reach cloud API to validate key: ${msg}`);
+      return false;
+    }
+  }
+  async authenticateWithDevice() {
+    const deviceId = await deriveDeviceId();
+    const platform = detectPlatform();
+    const appVersion = process.env.ELIZAOS_CLOUD_APP_VERSION ?? "2.0.0-beta.0";
+    const os = await import("node:os");
+    logger.info(`[CloudAuth] Authenticating device (platform=${platform})`);
+    const response = await this.client.postUnauthenticated("/device-auth", {
+      deviceId,
+      platform,
+      appVersion,
+      deviceName: os.hostname()
+    });
+    this.credentials = {
+      apiKey: response.data.apiKey,
+      userId: response.data.userId,
+      organizationId: response.data.organizationId,
+      authenticatedAt: Date.now()
+    };
+    this.client.setApiKey(response.data.apiKey);
+    const action = response.data.isNew ? "New account created" : "Authenticated";
+    logger.info(`[CloudAuth] ${action} (credits: $${response.data.credits.toFixed(2)})`);
+    return this.credentials;
+  }
+  authenticateWithApiKey(input) {
+    const apiKey = input.apiKey.trim();
+    if (!apiKey) {
+      throw new Error("Eliza Cloud API key is required");
+    }
+    this.client.setApiKey(apiKey);
+    this.credentials = {
+      apiKey,
+      userId: input.userId ?? "",
+      organizationId: input.organizationId ?? "",
+      authenticatedAt: Date.now()
+    };
+    logger.info("[CloudAuth] Authenticated with API key");
+    return this.credentials;
+  }
+  clearAuth() {
+    this.credentials = null;
+    this.client.setApiKey(undefined);
+  }
+  isAuthenticated() {
+    return this.credentials !== null;
+  }
+  getCredentials() {
+    return this.credentials;
+  }
+  getApiKey() {
+    return this.credentials?.apiKey ?? this.client.getApiKey();
+  }
+  getClient() {
+    return this.client;
+  }
+  getUserId() {
+    return this.credentials?.userId;
+  }
+  getOrganizationId() {
+    return this.credentials?.organizationId;
+  }
+}
+export {
+  getSsoRedirectUrl,
+  exchangeCodeForSession,
+  CloudAuthService
+};
+//# debugId=500754D72B6C3D2B64756E2164756E21

package/dist/services/cloud-auth.js.map ADDED Viewed

@@ -0,0 +1,12 @@
+{
+  "version": 3,
+  "sources": ["../src/types/cloud.ts", "../src/utils/cloud-api.ts", "../src/services/cloud-auth.ts"],
+  "sourcesContent": [
+    "/**\n * Cloud-specific types for ElizaCloud integration.\n *\n * These types mirror the eliza-cloud-v2 database schemas and API contracts\n * for containers, auth, credits, bridge messaging, and agent state snapshots.\n */\n\n// ─── Container Types ────────────────────────────────────────────────────────\n\nexport type ContainerStatus =\n  | \"pending\"\n  | \"building\"\n  | \"deploying\"\n  | \"running\"\n  | \"stopped\"\n  | \"failed\"\n  | \"suspended\";\n\nexport type ContainerBillingStatus =\n  | \"active\"\n  | \"warning\"\n  | \"suspended\"\n  | \"shutdown_pending\"\n  | \"archived\";\n\nexport type ContainerArchitecture = \"arm64\" | \"x86_64\";\n\nexport interface CloudContainer {\n  id: string;\n  name: string;\n  project_name: string;\n  description: string | null;\n  organization_id: string;\n  user_id: string;\n  status: ContainerStatus;\n  image_tag: string | null;\n  port: number;\n  desired_count: number;\n  cpu: number;\n  memory: number;\n  architecture: ContainerArchitecture;\n  environment_vars: Record<string, string>;\n  health_check_path: string;\n  load_balancer_url: string | null;\n  ecr_repository_uri: string | null;\n  ecr_image_tag: string | null;\n  cloudformation_stack_name: string | null;\n  billing_status: ContainerBillingStatus;\n  total_billed: string;\n  last_deployed_at: string | null;\n  last_health_check: string | null;\n  deployment_log: string | null;\n  error_message: string | null;\n  metadata: Record<string, unknown>;\n  created_at: string;\n  updated_at: string;\n}\n\nexport interface CreateContainerRequest {\n  name: string;\n  project_name: string;\n  description?: string;\n  port?: number;\n  desired_count?: number;\n  cpu?: number;\n  memory?: number;\n  environment_vars?: Record<string, string>;\n  health_check_path?: string;\n  ecr_image_uri: string;\n  ecr_repository_uri?: string;\n  image_tag?: string;\n  architecture?: ContainerArchitecture;\n}\n\nexport interface CreateContainerResponse {\n  success: boolean;\n  data: CloudContainer;\n  message: string;\n  creditsDeducted: number;\n  creditsRemaining: number;\n  stackName: string;\n  polling: {\n    endpoint: string;\n    intervalMs: number;\n    expectedDurationMs: number;\n  };\n}\n\nexport interface ContainerListResponse {\n  success: boolean;\n  data: CloudContainer[];\n}\n\nexport interface ContainerGetResponse {\n  success: boolean;\n  data: CloudContainer;\n}\n\nexport interface ContainerDeleteResponse {\n  success: boolean;\n  message?: string;\n}\n\nexport interface ContainerHealthResponse {\n  success: boolean;\n  data: {\n    status: string;\n    healthy: boolean;\n    lastCheck: string | null;\n    uptime: number | null;\n  };\n}\n\n// ─── Auth Types ─────────────────────────────────────────────────────────────\n\nexport type DevicePlatform = \"ios\" | \"android\" | \"macos\" | \"windows\" | \"linux\" | \"web\";\n\nexport interface DeviceAuthRequest {\n  deviceId: string;\n  platform: DevicePlatform;\n  appVersion: string;\n  deviceName?: string;\n}\n\nexport interface DeviceAuthResponse {\n  success: boolean;\n  data: {\n    apiKey: string;\n    userId: string;\n    organizationId: string;\n    credits: number;\n    isNew: boolean;\n  };\n}\n\nexport interface CloudCredentials {\n  apiKey: string;\n  userId: string;\n  organizationId: string;\n  authenticatedAt: number;\n}\n\n// ─── Credits Types ──────────────────────────────────────────────────────────\n\nexport interface CreditBalanceResponse {\n  success: boolean;\n  data: {\n    balance: number;\n    currency: string;\n  };\n}\n\nexport interface CreditSummaryResponse {\n  success: boolean;\n  data: {\n    balance: number;\n    totalSpent: number;\n    totalAdded: number;\n    recentTransactions: CreditTransaction[];\n  };\n}\n\nexport interface CreditTransaction {\n  id: string;\n  amount: number;\n  description: string;\n  type: \"credit\" | \"debit\";\n  created_at: string;\n}\n\n// ─── Bridge Types ───────────────────────────────────────────────────────────\n\nexport type BridgeConnectionState = \"disconnected\" | \"connecting\" | \"connected\" | \"reconnecting\";\n\nexport interface BridgeMessage {\n  jsonrpc: \"2.0\";\n  id?: string | number;\n  method?: string;\n  params?: Record<string, unknown>;\n  result?: unknown;\n  error?: BridgeError;\n}\n\nexport interface BridgeError {\n  code: number;\n  message: string;\n  data?: unknown;\n}\n\nexport type BridgeMessageHandler = (message: BridgeMessage) => void;\n\nexport interface BridgeConnection {\n  containerId: string;\n  state: BridgeConnectionState;\n  connectedAt: number | null;\n  lastHeartbeat: number | null;\n  reconnectAttempts: number;\n}\n\n// ─── Managed Gateway Relay Types ───────────────────────────────────────────\n\nexport interface GatewayRelaySession {\n  id: string;\n  organizationId: string;\n  userId: string;\n  runtimeAgentId: string;\n  agentName: string | null;\n  platform: \"local-runtime\";\n  createdAt: string;\n  lastSeenAt: string;\n}\n\nexport interface GatewayRelayRequest {\n  jsonrpc: \"2.0\";\n  id?: string | number;\n  method: string;\n  params?: Record<string, unknown>;\n}\n\nexport interface GatewayRelayResponse {\n  jsonrpc: \"2.0\";\n  id?: string | number;\n  result?: Record<string, unknown>;\n  error?: BridgeError;\n}\n\nexport interface GatewayRelayRequestEnvelope {\n  requestId: string;\n  rpc: GatewayRelayRequest;\n  queuedAt: string;\n}\n\nexport interface RegisterGatewayRelaySessionResponse {\n  success: boolean;\n  data: {\n    session: GatewayRelaySession;\n  };\n}\n\nexport interface PollGatewayRelayResponse {\n  success: boolean;\n  data: {\n    request: GatewayRelayRequestEnvelope | null;\n  };\n}\n\n// ─── Snapshot / Backup Types ────────────────────────────────────────────────\n\nexport type SnapshotType = \"manual\" | \"auto\" | \"pre-eviction\";\n\nexport interface AgentSnapshot {\n  id: string;\n  containerId: string;\n  organizationId: string;\n  snapshotType: SnapshotType;\n  storageUrl: string;\n  sizeBytes: number;\n  agentConfig: Record<string, unknown>;\n  metadata: Record<string, unknown>;\n  created_at: string;\n}\n\nexport interface CreateSnapshotRequest {\n  snapshotType?: SnapshotType;\n  metadata?: Record<string, unknown>;\n}\n\nexport interface CreateSnapshotResponse {\n  success: boolean;\n  data: AgentSnapshot;\n}\n\nexport interface SnapshotListResponse {\n  success: boolean;\n  data: AgentSnapshot[];\n}\n\nexport interface RestoreSnapshotRequest {\n  snapshotId: string;\n}\n\nexport interface RestoreSnapshotResponse {\n  success: boolean;\n  message: string;\n}\n\n// ─── Cloud Config Types ─────────────────────────────────────────────────────\n\nexport type InferenceMode = \"cloud\" | \"byok\" | \"local\";\n\nexport interface CloudPluginConfig {\n  /** Enable ElizaCloud integration. */\n  enabled: boolean;\n  /** ElizaCloud API base URL. */\n  baseUrl: string;\n  /** Stored API key for authenticated requests. */\n  apiKey?: string;\n  /** Device ID used for auto-signup authentication. */\n  deviceId?: string;\n  /** Platform identifier. */\n  platform?: DevicePlatform;\n  /** Inference mode: cloud (ElizaCloud proxied), byok (user keys), local (no cloud). */\n  inferenceMode: InferenceMode;\n  /** Auto-deploy agents to cloud on creation. */\n  autoProvision: boolean;\n  /** Bridge reconnection settings. */\n  bridge: {\n    reconnectIntervalMs: number;\n    maxReconnectAttempts: number;\n    heartbeatIntervalMs: number;\n  };\n  /** Auto-backup settings. */\n  backup: {\n    autoBackupIntervalMs: number;\n    maxSnapshots: number;\n  };\n  /** Default container settings for new deployments. */\n  container: {\n    defaultImage: string;\n    defaultArchitecture: ContainerArchitecture;\n    defaultCpu: number;\n    defaultMemory: number;\n    defaultPort: number;\n  };\n}\n\nexport const DEFAULT_CLOUD_CONFIG: CloudPluginConfig = {\n  enabled: false,\n  baseUrl: \"https://www.elizacloud.ai/api/v1\",\n  inferenceMode: \"cloud\",\n  autoProvision: false,\n  bridge: {\n    reconnectIntervalMs: 3000,\n    maxReconnectAttempts: 20,\n    heartbeatIntervalMs: 30_000,\n  },\n  backup: {\n    autoBackupIntervalMs: 3_600_000, // 1 hour\n    maxSnapshots: 10,\n  },\n  container: {\n    defaultImage: \"elizaos/agent:latest\",\n    defaultArchitecture: \"arm64\",\n    defaultCpu: 1792,\n    defaultMemory: 1792,\n    defaultPort: 3000,\n  },\n};\n\n// ─── API Error Types ────────────────────────────────────────────────────────\n\nexport type { CloudApiErrorBody } from \"@elizaos/cloud-sdk\";\nexport {\n  CloudApiError,\n  InsufficientCreditsError,\n} from \"@elizaos/cloud-sdk\";\n",
+    "export type {\n  CloudApiErrorBody,\n  CloudRequestOptions,\n} from \"@elizaos/cloud-sdk\";\nexport {\n  CloudApiClient,\n  CloudApiError,\n  ElizaCloudHttpClient,\n  InsufficientCreditsError,\n} from \"@elizaos/cloud-sdk\";\n",
+    "/**\n * CloudAuthService — Eliza Cloud authentication entry points.\n *\n * Two distinct auth flows live here:\n *\n * 1. **Device auto-signup** (`authenticateWithDevice`) — convenience-only.\n *    Derives a hardware fingerprint and exchanges it for a free-tier API key\n *    against the cloud signup endpoint. The result is treated as opaque and\n *    is **never** trusted as inbound auth for the local Eliza dashboard.\n *    See `docs/security/remote-auth-hardening-plan.md` §7 for the explicit\n *    demotion rationale.\n *\n * 2. **Eliza Cloud SSO** (`getSsoRedirectUrl` / `exchangeCodeForSession`) —\n *    OAuth-style authorization-code flow against the cloud issuer. The\n *    callback handler in `app-core` (`api/auth/cloud-sso.ts`) consumes these\n *    methods to bind a verified cloud user to a local Identity. All error\n *    paths fail closed: the methods throw and the caller MUST refuse the\n *    request. There is no partial-claims fallback.\n */\n\nimport {\n  type RuntimeEnvRecord,\n  type IAgentRuntime,\n  logger,\n  Service,\n  resolveApiSecurityConfig,\n  resolveDesktopApiPort,\n} from \"@elizaos/core\";\nimport { createRemoteJWKSet, jwtVerify } from \"jose\";\nimport type { CloudCredentials, DeviceAuthResponse, DevicePlatform } from \"../types/cloud\";\nimport { DEFAULT_CLOUD_CONFIG } from \"../types/cloud\";\nimport { CloudApiClient } from \"../utils/cloud-api\";\nimport type { CloudBootstrapService } from \"./cloud-bootstrap\";\n\n/** SHA-256 hash of hostname + platform + arch + cpu + memory. */\nasync function deriveDeviceId(): Promise<string> {\n  const os = await import(\"node:os\");\n  const crypto = await import(\"node:crypto\");\n  const cpus = os.cpus();\n  const raw = [\n    os.hostname(),\n    os.platform(),\n    os.arch(),\n    cpus[0]?.model ?? \"?\",\n    cpus.length,\n    os.totalmem(),\n  ].join(\":\");\n  return crypto.createHash(\"sha256\").update(raw).digest(\"hex\");\n}\n\nfunction detectPlatform(): DevicePlatform {\n  if (typeof process === \"undefined\") return \"web\";\n  const map: Record<string, DevicePlatform> = {\n    darwin: \"macos\",\n    win32: \"windows\",\n    linux: \"linux\",\n  };\n  return map[process.platform] ?? \"linux\";\n}\n\n// ─── Eliza Cloud SSO ───────────────────────────────────────────────────────\n\n/**\n * Required ID-token claims for an Eliza Cloud SSO exchange.\n *\n * `sub` is the cloud user id (canonical identity key). `email` and `name`\n * are surfaced for UI display and identity provisioning. Anything else the\n * cloud issuer adds is preserved on `extra` for callers that need it but\n * is never required for auth decisions.\n */\nexport interface CloudSsoIdTokenClaims {\n  iss: string;\n  sub: string;\n  aud: string | string[];\n  exp: number;\n  iat: number;\n  email: string;\n  email_verified?: boolean;\n  name: string;\n  picture?: string;\n  extra: Record<string, unknown>;\n}\n\nexport interface CloudSsoSession {\n  cloudUserId: string;\n  email: string;\n  displayName: string;\n  claims: CloudSsoIdTokenClaims;\n}\n\nexport interface SsoRedirectArgs {\n  /**\n   * Local URL the user should land on after the SSO round-trip\n   * (e.g. `/onboarding/setup`). The dashboard's callback route forwards\n   * to this once the session cookie is set; it is NOT sent to the cloud\n   * issuer.\n   */\n  returnTo?: string;\n  /**\n   * State nonce. The caller is responsible for generating this with\n   * `crypto.randomBytes(32)` and storing it server-side keyed by the\n   * issued cookie / pending exchange.\n   */\n  state: string;\n  /**\n   * Override for `ELIZA_CLOUD_CLIENT_ID`. Falls through to the env when\n   * unset; explicitly throws when neither is provided.\n   */\n  clientId?: string;\n  /** Allows tests to inject a synthetic env record. */\n  env?: RuntimeEnvRecord;\n}\n\nexport interface ExchangeCodeArgs {\n  /** Authorization code returned on the SSO callback. */\n  code: string;\n  /** State value the cloud issuer echoed back on the callback. */\n  state: string;\n  /**\n   * State value the caller originally issued. Compared with `state` and\n   * mismatch causes a fail-closed throw before any network call is made.\n   */\n  expectedState: string;\n  /**\n   * Source for `getJwksUrl()`. The caller resolves this from the runtime\n   * service registry (`runtime.getService(\"CLOUD_BOOTSTRAP\")`) so this\n   * file does not import from `app-core` directly.\n   */\n  bootstrap: CloudBootstrapService;\n  /** Allows tests to inject a fake fetch for the token endpoint. */\n  fetchImpl?: typeof fetch;\n  /** Allows tests to inject a synthetic env record. */\n  env?: RuntimeEnvRecord;\n  /** Optional override for the redirect URI; defaults to the local callback. */\n  redirectUri?: string;\n}\n\ninterface RawTokenResponse {\n  id_token?: unknown;\n  access_token?: unknown;\n  token_type?: unknown;\n  expires_in?: unknown;\n  scope?: unknown;\n}\n\ninterface ApiKeyAuthInput {\n  apiKey: string;\n  organizationId?: string;\n  userId?: string;\n}\n\ninterface RawIdTokenPayload {\n  iss?: unknown;\n  sub?: unknown;\n  aud?: unknown;\n  exp?: unknown;\n  iat?: unknown;\n  email?: unknown;\n  email_verified?: unknown;\n  name?: unknown;\n  picture?: unknown;\n  [otherProperty: string]: unknown;\n}\n\nfunction readEnvKey(env: RuntimeEnvRecord, key: string): string | null {\n  const value = env[key];\n  if (typeof value !== \"string\") return null;\n  const trimmed = value.trim();\n  return trimmed.length > 0 ? trimmed : null;\n}\n\nfunction processEnv(): RuntimeEnvRecord {\n  if (typeof process === \"undefined\") return {};\n  return process.env as RuntimeEnvRecord;\n}\n\n/**\n * Build the local SSO callback URL the cloud issuer will redirect back to.\n *\n * Reads `ELIZA_API_BIND` and the desktop API port from `@elizaos/core`'s\n * runtime-env helper so the redirect_uri matches whatever the dashboard\n * is actually serving on. Loopback binds default to `http://127.0.0.1:<port>`;\n * non-loopback binds (cloud-provisioned containers) use `https://`.\n */\nfunction defaultRedirectUri(env: RuntimeEnvRecord): string {\n  const security = resolveApiSecurityConfig(env);\n  const port = resolveDesktopApiPort(env);\n  const scheme = security.isLoopbackBind ? \"http\" : \"https\";\n  // Strip any IPv6 brackets the bind host might already include.\n  const host = security.bindHost.startsWith(\"[\")\n    ? security.bindHost\n    : security.bindHost.includes(\":\") && !security.bindHost.startsWith(\"[\")\n      ? `[${security.bindHost}]`\n      : security.bindHost;\n  return `${scheme}://${host}:${port}/api/auth/login/sso/callback`;\n}\n\n/**\n * Returns the absolute URL the dashboard should redirect the user to in\n * order to start an Eliza Cloud SSO authorization-code flow.\n *\n * Throws when `ELIZA_CLOUD_CLIENT_ID` is unset and no `clientId` override\n * is provided — there is no built-in default. `ELIZA_CLOUD_ISSUER` is read\n * via the `CloudBootstrapService`'s service-port and must already be set;\n * if not, this method throws via the bootstrap's existing fail-closed\n * behaviour.\n *\n * The `state` argument MUST be generated by the caller with a cryptographic\n * RNG and stored server-side bound to the issued cookie. This method does\n * NOT generate or persist state.\n *\n * @param bootstrap - Service-port that exposes `getExpectedIssuer()`.\n * @param args - Required `state`, optional `clientId` / `returnTo` / `env`.\n */\nexport function getSsoRedirectUrl(bootstrap: CloudBootstrapService, args: SsoRedirectArgs): string {\n  const env = args.env ?? processEnv();\n  const clientId = args.clientId ?? readEnvKey(env, \"ELIZA_CLOUD_CLIENT_ID\");\n  if (!clientId) {\n    throw new Error(\"ELIZA_CLOUD_CLIENT_ID is not configured — cannot start Eliza Cloud SSO\");\n  }\n  if (args.state.length === 0) {\n    throw new Error(\"getSsoRedirectUrl requires a non-empty state nonce\");\n  }\n  const issuer = bootstrap.getExpectedIssuer();\n  const redirectUri = defaultRedirectUri(env);\n  const params = new URLSearchParams();\n  params.set(\"response_type\", \"code\");\n  params.set(\"client_id\", clientId);\n  params.set(\"redirect_uri\", redirectUri);\n  params.set(\"scope\", \"openid profile\");\n  params.set(\"state\", args.state);\n  if (args.returnTo) {\n    // Forwarded through state on the cloud side is not safe (issuer-controlled);\n    // we surface it as a separate hint that the local callback honours.\n    params.set(\"eliza_return_to\", args.returnTo);\n  }\n  return `${issuer}/oauth/authorize?${params.toString()}`;\n}\n\nfunction shapeIdTokenClaims(payload: RawIdTokenPayload): CloudSsoIdTokenClaims {\n  if (typeof payload.iss !== \"string\" || payload.iss.length === 0) {\n    throw new Error(\"id_token missing issuer claim\");\n  }\n  if (typeof payload.sub !== \"string\" || payload.sub.length === 0) {\n    throw new Error(\"id_token missing sub claim\");\n  }\n  if (\n    typeof payload.aud !== \"string\" &&\n    !(Array.isArray(payload.aud) && payload.aud.every((value) => typeof value === \"string\"))\n  ) {\n    throw new Error(\"id_token missing or malformed aud claim\");\n  }\n  if (typeof payload.exp !== \"number\" || !Number.isFinite(payload.exp)) {\n    throw new Error(\"id_token missing exp claim\");\n  }\n  if (typeof payload.iat !== \"number\" || !Number.isFinite(payload.iat)) {\n    throw new Error(\"id_token missing iat claim\");\n  }\n  if (typeof payload.email !== \"string\" || payload.email.length === 0) {\n    throw new Error(\"id_token missing email claim — Eliza Cloud SSO requires it\");\n  }\n  if (typeof payload.name !== \"string\" || payload.name.length === 0) {\n    throw new Error(\"id_token missing name claim — Eliza Cloud SSO requires it\");\n  }\n  const extra: Record<string, unknown> = {};\n  for (const [key, value] of Object.entries(payload)) {\n    if (\n      key !== \"iss\" &&\n      key !== \"sub\" &&\n      key !== \"aud\" &&\n      key !== \"exp\" &&\n      key !== \"iat\" &&\n      key !== \"email\" &&\n      key !== \"email_verified\" &&\n      key !== \"name\" &&\n      key !== \"picture\"\n    ) {\n      extra[key] = value;\n    }\n  }\n  return {\n    iss: payload.iss,\n    sub: payload.sub,\n    aud: payload.aud as string | string[],\n    exp: payload.exp,\n    iat: payload.iat,\n    email: payload.email,\n    email_verified:\n      typeof payload.email_verified === \"boolean\" ? payload.email_verified : undefined,\n    name: payload.name,\n    picture: typeof payload.picture === \"string\" ? payload.picture : undefined,\n    extra,\n  };\n}\n\nfunction shapeTokenResponse(payload: unknown): { idToken: string } {\n  if (!payload || typeof payload !== \"object\") {\n    throw new Error(\"Eliza Cloud token endpoint returned a non-object body\");\n  }\n  const raw = payload as RawTokenResponse;\n  if (typeof raw.id_token !== \"string\" || raw.id_token.length === 0) {\n    throw new Error(\"Eliza Cloud token endpoint did not return an id_token\");\n  }\n  return { idToken: raw.id_token };\n}\n\n/**\n * Exchange an authorization code for a verified Eliza Cloud session.\n *\n * Steps:\n *   1. Compare `state === expectedState`. Mismatch throws.\n *   2. POST to `${ELIZA_CLOUD_ISSUER}/oauth/token` with the code,\n *      `client_id`, and `client_secret` (the latter from\n *      `ELIZA_CLOUD_CLIENT_SECRET`).\n *   3. Verify the returned `id_token` against the JWKS exposed by\n *      `CloudBootstrapService.getJwksUrl()`. RS256 only.\n *   4. Project the claims onto a `CloudSsoSession`.\n *\n * Any error in fetch / signature verify / claim shape throws — this method\n * NEVER returns a partial or fallback session.\n */\nexport async function exchangeCodeForSession(args: ExchangeCodeArgs): Promise<CloudSsoSession> {\n  if (args.code.length === 0) {\n    throw new Error(\"exchangeCodeForSession requires a non-empty code\");\n  }\n  if (!args.state || !args.expectedState || args.state !== args.expectedState) {\n    throw new Error(\"Eliza Cloud SSO state mismatch — refusing to exchange code (possible CSRF)\");\n  }\n\n  const env = args.env ?? processEnv();\n  const clientId = readEnvKey(env, \"ELIZA_CLOUD_CLIENT_ID\");\n  if (!clientId) {\n    throw new Error(\"ELIZA_CLOUD_CLIENT_ID is not configured — cannot complete Eliza Cloud SSO\");\n  }\n  const clientSecret = readEnvKey(env, \"ELIZA_CLOUD_CLIENT_SECRET\");\n  if (!clientSecret) {\n    throw new Error(\n      \"ELIZA_CLOUD_CLIENT_SECRET is not configured — cannot complete Eliza Cloud SSO\"\n    );\n  }\n\n  const issuer = args.bootstrap.getExpectedIssuer();\n  const redirectUri = args.redirectUri ?? defaultRedirectUri(env);\n  const tokenUrl = `${issuer}/oauth/token`;\n\n  const fetchImpl = args.fetchImpl ?? fetch;\n  const body = new URLSearchParams();\n  body.set(\"grant_type\", \"authorization_code\");\n  body.set(\"code\", args.code);\n  body.set(\"redirect_uri\", redirectUri);\n  body.set(\"client_id\", clientId);\n  body.set(\"client_secret\", clientSecret);\n\n  const response = await fetchImpl(tokenUrl, {\n    method: \"POST\",\n    headers: {\n      \"content-type\": \"application/x-www-form-urlencoded\",\n      accept: \"application/json\",\n    },\n    body: body.toString(),\n  });\n  if (!response.ok) {\n    throw new Error(\n      `Eliza Cloud token endpoint returned HTTP ${response.status} for code exchange`\n    );\n  }\n  const payload: unknown = await response.json();\n  const { idToken } = shapeTokenResponse(payload);\n\n  const jwksUrl = args.bootstrap.getJwksUrl();\n  const remoteJwks = createRemoteJWKSet(new URL(jwksUrl));\n\n  const verified = await jwtVerify(idToken, remoteJwks, {\n    algorithms: [\"RS256\"],\n    issuer,\n    audience: clientId,\n  });\n\n  const claims = shapeIdTokenClaims(verified.payload as RawIdTokenPayload);\n\n  return {\n    cloudUserId: claims.sub,\n    email: claims.email,\n    displayName: claims.name,\n    claims,\n  };\n}\n\n// ─── Service ───────────────────────────────────────────────────────────────\n\nexport class CloudAuthService extends Service {\n  static serviceType = \"CLOUD_AUTH\";\n  capabilityDescription = \"Eliza Cloud device authentication and SSO session helpers\";\n\n  private client: CloudApiClient;\n  private credentials: CloudCredentials | null = null;\n\n  constructor(runtime?: IAgentRuntime) {\n    super(runtime);\n    this.client = new CloudApiClient(DEFAULT_CLOUD_CONFIG.baseUrl);\n  }\n\n  static async start(runtime: IAgentRuntime): Promise<Service> {\n    const service = new CloudAuthService(runtime);\n    await service.initialize();\n    return service;\n  }\n\n  async stop(): Promise<void> {\n    this.credentials = null;\n  }\n\n  private async initialize(): Promise<void> {\n    const baseUrl = String(\n      this.runtime.getSetting(\"ELIZAOS_CLOUD_BASE_URL\") ?? DEFAULT_CLOUD_CONFIG.baseUrl\n    );\n    this.client.setBaseUrl(baseUrl);\n\n    // Try existing API key first.  If the key is present in settings\n    // (persisted via config file or character secrets in the DB), trust it\n    // immediately so the agent is functional even when the cloud API is\n    // temporarily unreachable.  A background validation fires to confirm\n    // the key — if it turns out to be revoked the next model call will\n    // surface the error, but the agent won't stall on startup.\n    const existingKey = this.runtime.getSetting(\"ELIZAOS_CLOUD_API_KEY\");\n    if (existingKey) {\n      const key = String(existingKey);\n      this.client.setApiKey(key);\n\n      // Accept the key optimistically — no blocking network call.\n      this.credentials = {\n        apiKey: key,\n        userId: String(this.runtime.getSetting(\"ELIZAOS_CLOUD_USER_ID\") ?? \"\"),\n        organizationId: String(\n          this.runtime.getSetting(\"ELIZAOS_CLOUD_ORG_ID\") ??\n            this.runtime.getSetting(\"ELIZA_CLOUD_ORGANIZATION_ID\") ??\n            \"\"\n        ),\n        authenticatedAt: Date.now(),\n      };\n      logger.info(\"[CloudAuth] Authenticated with saved API key\");\n\n      // Non-blocking validation — if the key is invalid the next model\n      // call will surface the error; we just log a warning here.\n      this.validateApiKey(key)\n        .then((valid) => {\n          if (!valid) {\n            logger.warn(\n              \"[CloudAuth] Saved API key could not be validated (cloud may be unreachable or key revoked) — model calls will use the key anyway\"\n            );\n          }\n        })\n        .catch(() => {\n          // Swallow — already logged inside validateApiKey\n        });\n      return;\n    }\n\n    // Device-based auto-signup when explicitly enabled\n    const enabled = this.runtime.getSetting(\"ELIZAOS_CLOUD_ENABLED\");\n    if (enabled === \"true\" || enabled === \"1\") {\n      try {\n        await this.authenticateWithDevice();\n      } catch (err) {\n        const msg = err instanceof Error ? err.message : String(err);\n        logger.warn(`[CloudAuth] Device auth failed (cloud may be unreachable): ${msg}`);\n        logger.info(\n          \"[CloudAuth] Service will start unauthenticated — cloud features disabled until connectivity is restored\"\n        );\n      }\n    } else {\n      logger.info(\"[CloudAuth] Cloud not enabled (set ELIZAOS_CLOUD_ENABLED=true)\");\n    }\n  }\n\n  private async validateApiKey(key: string): Promise<boolean> {\n    try {\n      const validationClient = new CloudApiClient(this.client.getBaseUrl(), key);\n      await validationClient.get(\"/models\", { timeoutMs: 10_000 });\n      return true;\n    } catch (err) {\n      const msg = err instanceof Error ? err.message : String(err);\n      logger.warn(`[CloudAuth] Could not reach cloud API to validate key: ${msg}`);\n      return false;\n    }\n  }\n\n  /**\n   * Free-tier device auto-signup. **Convenience only — not a security\n   * primitive.** The hardware fingerprint is treated as opaque material the\n   * cloud signup endpoint can use to mint a fresh API key + $5 free credit\n   * for new installs. The result is usable for outbound LLM calls; it never\n   * authorizes inbound dashboard access.\n   *\n   * See `docs/security/remote-auth-hardening-plan.md` §7.\n   */\n  async authenticateWithDevice(): Promise<CloudCredentials> {\n    const deviceId = await deriveDeviceId();\n    const platform = detectPlatform();\n    const appVersion = process.env.ELIZAOS_CLOUD_APP_VERSION ?? \"2.0.0-beta.0\";\n    const os = await import(\"node:os\");\n\n    logger.info(`[CloudAuth] Authenticating device (platform=${platform})`);\n\n    const response = await this.client.postUnauthenticated<DeviceAuthResponse>(\"/device-auth\", {\n      deviceId,\n      platform,\n      appVersion,\n      deviceName: os.hostname(),\n    });\n\n    this.credentials = {\n      apiKey: response.data.apiKey,\n      userId: response.data.userId,\n      organizationId: response.data.organizationId,\n      authenticatedAt: Date.now(),\n    };\n    this.client.setApiKey(response.data.apiKey);\n\n    const action = response.data.isNew ? \"New account created\" : \"Authenticated\";\n    logger.info(`[CloudAuth] ${action} (credits: $${response.data.credits.toFixed(2)})`);\n\n    return this.credentials;\n  }\n\n  authenticateWithApiKey(input: ApiKeyAuthInput): CloudCredentials {\n    const apiKey = input.apiKey.trim();\n    if (!apiKey) {\n      throw new Error(\"Eliza Cloud API key is required\");\n    }\n\n    this.client.setApiKey(apiKey);\n    this.credentials = {\n      apiKey,\n      userId: input.userId ?? \"\",\n      organizationId: input.organizationId ?? \"\",\n      authenticatedAt: Date.now(),\n    };\n\n    logger.info(\"[CloudAuth] Authenticated with API key\");\n    return this.credentials;\n  }\n\n  clearAuth(): void {\n    this.credentials = null;\n    this.client.setApiKey(undefined);\n  }\n\n  isAuthenticated(): boolean {\n    return this.credentials !== null;\n  }\n  getCredentials(): CloudCredentials | null {\n    return this.credentials;\n  }\n  getApiKey(): string | undefined {\n    return this.credentials?.apiKey ?? this.client.getApiKey();\n  }\n  getClient(): CloudApiClient {\n    return this.client;\n  }\n  getUserId(): string | undefined {\n    return this.credentials?.userId;\n  }\n  getOrganizationId(): string | undefined {\n    return this.credentials?.organizationId;\n  }\n}\n"
+  ],
+  "mappings": ";;;;;;;;;;;;;;;;;;;AAgWA;AAAA;AAAA;AAAA;AA1BO,IAAM,uBAA0C;AAAA,EACrD,SAAS;AAAA,EACT,SAAS;AAAA,EACT,eAAe;AAAA,EACf,eAAe;AAAA,EACf,QAAQ;AAAA,IACN,qBAAqB;AAAA,IACrB,sBAAsB;AAAA,IACtB,qBAAqB;AAAA,EACvB;AAAA,EACA,QAAQ;AAAA,IACN,sBAAsB;AAAA,IACtB,cAAc;AAAA,EAChB;AAAA,EACA,WAAW;AAAA,IACT,cAAc;AAAA,IACd,qBAAqB;AAAA,IACrB,YAAY;AAAA,IACZ,eAAe;AAAA,IACf,aAAa;AAAA,EACf;AACF;;;ACvVA;AAAA;AAAA,mBAEE;AAAA;AAAA,8BAEA;AAAA;;;ACYF;AAAA;AAAA;AAAA;AAAA;AAAA;AAQA;AAOA,eAAe,cAAc,GAAoB;AAAA,EAC/C,MAAM,KAAK,MAAa;AAAA,EACxB,MAAM,SAAS,MAAa;AAAA,EAC5B,MAAM,OAAO,GAAG,KAAK;AAAA,EACrB,MAAM,MAAM;AAAA,IACV,GAAG,SAAS;AAAA,IACZ,GAAG,SAAS;AAAA,IACZ,GAAG,KAAK;AAAA,IACR,KAAK,IAAI,SAAS;AAAA,IAClB,KAAK;AAAA,IACL,GAAG,SAAS;AAAA,EACd,EAAE,KAAK,GAAG;AAAA,EACV,OAAO,OAAO,WAAW,QAAQ,EAAE,OAAO,GAAG,EAAE,OAAO,KAAK;AAAA;AAG7D,SAAS,cAAc,GAAmB;AAAA,EACxC,IAAI,OAAO,YAAY;AAAA,IAAa,OAAO;AAAA,EAC3C,MAAM,MAAsC;AAAA,IAC1C,QAAQ;AAAA,IACR,OAAO;AAAA,IACP,OAAO;AAAA,EACT;AAAA,EACA,OAAO,IAAI,QAAQ,aAAa;AAAA;AA2GlC,SAAS,UAAU,CAAC,KAAuB,KAA4B;AAAA,EACrE,MAAM,QAAQ,IAAI;AAAA,EAClB,IAAI,OAAO,UAAU;AAAA,IAAU,OAAO;AAAA,EACtC,MAAM,UAAU,MAAM,KAAK;AAAA,EAC3B,OAAO,QAAQ,SAAS,IAAI,UAAU;AAAA;AAGxC,SAAS,UAAU,GAAqB;AAAA,EACtC,IAAI,OAAO,YAAY;AAAA,IAAa,OAAO,CAAC;AAAA,EAC5C,OAAO,QAAQ;AAAA;AAWjB,SAAS,kBAAkB,CAAC,KAA+B;AAAA,EACzD,MAAM,WAAW,yBAAyB,GAAG;AAAA,EAC7C,MAAM,OAAO,sBAAsB,GAAG;AAAA,EACtC,MAAM,SAAS,SAAS,iBAAiB,SAAS;AAAA,EAElD,MAAM,OAAO,SAAS,SAAS,WAAW,GAAG,IACzC,SAAS,WACT,SAAS,SAAS,SAAS,GAAG,KAAK,CAAC,SAAS,SAAS,WAAW,GAAG,IAClE,IAAI,SAAS,cACb,SAAS;AAAA,EACf,OAAO,GAAG,YAAY,QAAQ;AAAA;AAoBzB,SAAS,iBAAiB,CAAC,WAAkC,MAA+B;AAAA,EACjG,MAAM,MAAM,KAAK,OAAO,WAAW;AAAA,EACnC,MAAM,WAAW,KAAK,YAAY,WAAW,KAAK,uBAAuB;AAAA,EACzE,IAAI,CAAC,UAAU;AAAA,IACb,MAAM,IAAI,MAAM,wEAAuE;AAAA,EACzF;AAAA,EACA,IAAI,KAAK,MAAM,WAAW,GAAG;AAAA,IAC3B,MAAM,IAAI,MAAM,oDAAoD;AAAA,EACtE;AAAA,EACA,MAAM,SAAS,UAAU,kBAAkB;AAAA,EAC3C,MAAM,cAAc,mBAAmB,GAAG;AAAA,EAC1C,MAAM,SAAS,IAAI;AAAA,EACnB,OAAO,IAAI,iBAAiB,MAAM;AAAA,EAClC,OAAO,IAAI,aAAa,QAAQ;AAAA,EAChC,OAAO,IAAI,gBAAgB,WAAW;AAAA,EACtC,OAAO,IAAI,SAAS,gBAAgB;AAAA,EACpC,OAAO,IAAI,SAAS,KAAK,KAAK;AAAA,EAC9B,IAAI,KAAK,UAAU;AAAA,IAGjB,OAAO,IAAI,mBAAmB,KAAK,QAAQ;AAAA,EAC7C;AAAA,EACA,OAAO,GAAG,0BAA0B,OAAO,SAAS;AAAA;AAGtD,SAAS,kBAAkB,CAAC,SAAmD;AAAA,EAC7E,IAAI,OAAO,QAAQ,QAAQ,YAAY,QAAQ,IAAI,WAAW,GAAG;AAAA,IAC/D,MAAM,IAAI,MAAM,+BAA+B;AAAA,EACjD;AAAA,EACA,IAAI,OAAO,QAAQ,QAAQ,YAAY,QAAQ,IAAI,WAAW,GAAG;AAAA,IAC/D,MAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AAAA,EACA,IACE,OAAO,QAAQ,QAAQ,YACvB,EAAE,MAAM,QAAQ,QAAQ,GAAG,KAAK,QAAQ,IAAI,MAAM,CAAC,UAAU,OAAO,UAAU,QAAQ,IACtF;AAAA,IACA,MAAM,IAAI,MAAM,yCAAyC;AAAA,EAC3D;AAAA,EACA,IAAI,OAAO,QAAQ,QAAQ,YAAY,CAAC,OAAO,SAAS,QAAQ,GAAG,GAAG;AAAA,IACpE,MAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AAAA,EACA,IAAI,OAAO,QAAQ,QAAQ,YAAY,CAAC,OAAO,SAAS,QAAQ,GAAG,GAAG;AAAA,IACpE,MAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AAAA,EACA,IAAI,OAAO,QAAQ,UAAU,YAAY,QAAQ,MAAM,WAAW,GAAG;AAAA,IACnE,MAAM,IAAI,MAAM,4DAA2D;AAAA,EAC7E;AAAA,EACA,IAAI,OAAO,QAAQ,SAAS,YAAY,QAAQ,KAAK,WAAW,GAAG;AAAA,IACjE,MAAM,IAAI,MAAM,2DAA0D;AAAA,EAC5E;AAAA,EACA,MAAM,QAAiC,CAAC;AAAA,EACxC,YAAY,KAAK,UAAU,OAAO,QAAQ,OAAO,GAAG;AAAA,IAClD,IACE,QAAQ,SACR,QAAQ,SACR,QAAQ,SACR,QAAQ,SACR,QAAQ,SACR,QAAQ,WACR,QAAQ,oBACR,QAAQ,UACR,QAAQ,WACR;AAAA,MACA,MAAM,OAAO;AAAA,IACf;AAAA,EACF;AAAA,EACA,OAAO;AAAA,IACL,KAAK,QAAQ;AAAA,IACb,KAAK,QAAQ;AAAA,IACb,KAAK,QAAQ;AAAA,IACb,KAAK,QAAQ;AAAA,IACb,KAAK,QAAQ;AAAA,IACb,OAAO,QAAQ;AAAA,IACf,gBACE,OAAO,QAAQ,mBAAmB,YAAY,QAAQ,iBAAiB;AAAA,IACzE,MAAM,QAAQ;AAAA,IACd,SAAS,OAAO,QAAQ,YAAY,WAAW,QAAQ,UAAU;AAAA,IACjE;AAAA,EACF;AAAA;AAGF,SAAS,kBAAkB,CAAC,SAAuC;AAAA,EACjE,IAAI,CAAC,WAAW,OAAO,YAAY,UAAU;AAAA,IAC3C,MAAM,IAAI,MAAM,uDAAuD;AAAA,EACzE;AAAA,EACA,MAAM,MAAM;AAAA,EACZ,IAAI,OAAO,IAAI,aAAa,YAAY,IAAI,SAAS,WAAW,GAAG;AAAA,IACjE,MAAM,IAAI,MAAM,uDAAuD;AAAA,EACzE;AAAA,EACA,OAAO,EAAE,SAAS,IAAI,SAAS;AAAA;AAkBjC,eAAsB,sBAAsB,CAAC,MAAkD;AAAA,EAC7F,IAAI,KAAK,KAAK,WAAW,GAAG;AAAA,IAC1B,MAAM,IAAI,MAAM,kDAAkD;AAAA,EACpE;AAAA,EACA,IAAI,CAAC,KAAK,SAAS,CAAC,KAAK,iBAAiB,KAAK,UAAU,KAAK,eAAe;AAAA,IAC3E,MAAM,IAAI,MAAM,4EAA2E;AAAA,EAC7F;AAAA,EAEA,MAAM,MAAM,KAAK,OAAO,WAAW;AAAA,EACnC,MAAM,WAAW,WAAW,KAAK,uBAAuB;AAAA,EACxD,IAAI,CAAC,UAAU;AAAA,IACb,MAAM,IAAI,MAAM,2EAA0E;AAAA,EAC5F;AAAA,EACA,MAAM,eAAe,WAAW,KAAK,2BAA2B;AAAA,EAChE,IAAI,CAAC,cAAc;AAAA,IACjB,MAAM,IAAI,MACR,+EACF;AAAA,EACF;AAAA,EAEA,MAAM,SAAS,KAAK,UAAU,kBAAkB;AAAA,EAChD,MAAM,cAAc,KAAK,eAAe,mBAAmB,GAAG;AAAA,EAC9D,MAAM,WAAW,GAAG;AAAA,EAEpB,MAAM,YAAY,KAAK,aAAa;AAAA,EACpC,MAAM,OAAO,IAAI;AAAA,EACjB,KAAK,IAAI,cAAc,oBAAoB;AAAA,EAC3C,KAAK,IAAI,QAAQ,KAAK,IAAI;AAAA,EAC1B,KAAK,IAAI,gBAAgB,WAAW;AAAA,EACpC,KAAK,IAAI,aAAa,QAAQ;AAAA,EAC9B,KAAK,IAAI,iBAAiB,YAAY;AAAA,EAEtC,MAAM,WAAW,MAAM,UAAU,UAAU;AAAA,IACzC,QAAQ;AAAA,IACR,SAAS;AAAA,MACP,gBAAgB;AAAA,MAChB,QAAQ;AAAA,IACV;AAAA,IACA,MAAM,KAAK,SAAS;AAAA,EACtB,CAAC;AAAA,EACD,IAAI,CAAC,SAAS,IAAI;AAAA,IAChB,MAAM,IAAI,MACR,4CAA4C,SAAS,0BACvD;AAAA,EACF;AAAA,EACA,MAAM,UAAmB,MAAM,SAAS,KAAK;AAAA,EAC7C,QAAQ,YAAY,mBAAmB,OAAO;AAAA,EAE9C,MAAM,UAAU,KAAK,UAAU,WAAW;AAAA,EAC1C,MAAM,aAAa,mBAAmB,IAAI,IAAI,OAAO,CAAC;AAAA,EAEtD,MAAM,WAAW,MAAM,UAAU,SAAS,YAAY;AAAA,IACpD,YAAY,CAAC,OAAO;AAAA,IACpB;AAAA,IACA,UAAU;AAAA,EACZ,CAAC;AAAA,EAED,MAAM,SAAS,mBAAmB,SAAS,OAA4B;AAAA,EAEvE,OAAO;AAAA,IACL,aAAa,OAAO;AAAA,IACpB,OAAO,OAAO;AAAA,IACd,aAAa,OAAO;AAAA,IACpB;AAAA,EACF;AAAA;AAAA;AAKK,MAAM,yBAAyB,QAAQ;AAAA,SACrC,cAAc;AAAA,EACrB,wBAAwB;AAAA,EAEhB;AAAA,EACA,cAAuC;AAAA,EAE/C,WAAW,CAAC,SAAyB;AAAA,IACnC,MAAM,OAAO;AAAA,IACb,KAAK,SAAS,IAAI,eAAe,qBAAqB,OAAO;AAAA;AAAA,cAGlD,MAAK,CAAC,SAA0C;AAAA,IAC3D,MAAM,UAAU,IAAI,iBAAiB,OAAO;AAAA,IAC5C,MAAM,QAAQ,WAAW;AAAA,IACzB,OAAO;AAAA;AAAA,OAGH,KAAI,GAAkB;AAAA,IAC1B,KAAK,cAAc;AAAA;AAAA,OAGP,WAAU,GAAkB;AAAA,IACxC,MAAM,UAAU,OACd,KAAK,QAAQ,WAAW,wBAAwB,KAAK,qBAAqB,OAC5E;AAAA,IACA,KAAK,OAAO,WAAW,OAAO;AAAA,IAQ9B,MAAM,cAAc,KAAK,QAAQ,WAAW,uBAAuB;AAAA,IACnE,IAAI,aAAa;AAAA,MACf,MAAM,MAAM,OAAO,WAAW;AAAA,MAC9B,KAAK,OAAO,UAAU,GAAG;AAAA,MAGzB,KAAK,cAAc;AAAA,QACjB,QAAQ;AAAA,QACR,QAAQ,OAAO,KAAK,QAAQ,WAAW,uBAAuB,KAAK,EAAE;AAAA,QACrE,gBAAgB,OACd,KAAK,QAAQ,WAAW,sBAAsB,KAC5C,KAAK,QAAQ,WAAW,6BAA6B,KACrD,EACJ;AAAA,QACA,iBAAiB,KAAK,IAAI;AAAA,MAC5B;AAAA,MACA,OAAO,KAAK,8CAA8C;AAAA,MAI1D,KAAK,eAAe,GAAG,EACpB,KAAK,CAAC,UAAU;AAAA,QACf,IAAI,CAAC,OAAO;AAAA,UACV,OAAO,KACL,kIACF;AAAA,QACF;AAAA,OACD,EACA,MAAM,MAAM,EAEZ;AAAA,MACH;AAAA,IACF;AAAA,IAGA,MAAM,UAAU,KAAK,QAAQ,WAAW,uBAAuB;AAAA,IAC/D,IAAI,YAAY,UAAU,YAAY,KAAK;AAAA,MACzC,IAAI;AAAA,QACF,MAAM,KAAK,uBAAuB;AAAA,QAClC,OAAO,KAAK;AAAA,QACZ,MAAM,MAAM,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAAA,QAC3D,OAAO,KAAK,8DAA8D,KAAK;AAAA,QAC/E,OAAO,KACL,yGACF;AAAA;AAAA,IAEJ,EAAO;AAAA,MACL,OAAO,KAAK,gEAAgE;AAAA;AAAA;AAAA,OAIlE,eAAc,CAAC,KAA+B;AAAA,IAC1D,IAAI;AAAA,MACF,MAAM,mBAAmB,IAAI,eAAe,KAAK,OAAO,WAAW,GAAG,GAAG;AAAA,MACzE,MAAM,iBAAiB,IAAI,WAAW,EAAE,WAAW,IAAO,CAAC;AAAA,MAC3D,OAAO;AAAA,MACP,OAAO,KAAK;AAAA,MACZ,MAAM,MAAM,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAAA,MAC3D,OAAO,KAAK,0DAA0D,KAAK;AAAA,MAC3E,OAAO;AAAA;AAAA;AAAA,OAaL,uBAAsB,GAA8B;AAAA,IACxD,MAAM,WAAW,MAAM,eAAe;AAAA,IACtC,MAAM,WAAW,eAAe;AAAA,IAChC,MAAM,aAAa,QAAQ,IAAI,6BAA6B;AAAA,IAC5D,MAAM,KAAK,MAAa;AAAA,IAExB,OAAO,KAAK,+CAA+C,WAAW;AAAA,IAEtE,MAAM,WAAW,MAAM,KAAK,OAAO,oBAAwC,gBAAgB;AAAA,MACzF;AAAA,MACA;AAAA,MACA;AAAA,MACA,YAAY,GAAG,SAAS;AAAA,IAC1B,CAAC;AAAA,IAED,KAAK,cAAc;AAAA,MACjB,QAAQ,SAAS,KAAK;AAAA,MACtB,QAAQ,SAAS,KAAK;AAAA,MACtB,gBAAgB,SAAS,KAAK;AAAA,MAC9B,iBAAiB,KAAK,IAAI;AAAA,IAC5B;AAAA,IACA,KAAK,OAAO,UAAU,SAAS,KAAK,MAAM;AAAA,IAE1C,MAAM,SAAS,SAAS,KAAK,QAAQ,wBAAwB;AAAA,IAC7D,OAAO,KAAK,eAAe,qBAAqB,SAAS,KAAK,QAAQ,QAAQ,CAAC,IAAI;AAAA,IAEnF,OAAO,KAAK;AAAA;AAAA,EAGd,sBAAsB,CAAC,OAA0C;AAAA,IAC/D,MAAM,SAAS,MAAM,OAAO,KAAK;AAAA,IACjC,IAAI,CAAC,QAAQ;AAAA,MACX,MAAM,IAAI,MAAM,iCAAiC;AAAA,IACnD;AAAA,IAEA,KAAK,OAAO,UAAU,MAAM;AAAA,IAC5B,KAAK,cAAc;AAAA,MACjB;AAAA,MACA,QAAQ,MAAM,UAAU;AAAA,MACxB,gBAAgB,MAAM,kBAAkB;AAAA,MACxC,iBAAiB,KAAK,IAAI;AAAA,IAC5B;AAAA,IAEA,OAAO,KAAK,wCAAwC;AAAA,IACpD,OAAO,KAAK;AAAA;AAAA,EAGd,SAAS,GAAS;AAAA,IAChB,KAAK,cAAc;AAAA,IACnB,KAAK,OAAO,UAAU,SAAS;AAAA;AAAA,EAGjC,eAAe,GAAY;AAAA,IACzB,OAAO,KAAK,gBAAgB;AAAA;AAAA,EAE9B,cAAc,GAA4B;AAAA,IACxC,OAAO,KAAK;AAAA;AAAA,EAEd,SAAS,GAAuB;AAAA,IAC9B,OAAO,KAAK,aAAa,UAAU,KAAK,OAAO,UAAU;AAAA;AAAA,EAE3D,SAAS,GAAmB;AAAA,IAC1B,OAAO,KAAK;AAAA;AAAA,EAEd,SAAS,GAAuB;AAAA,IAC9B,OAAO,KAAK,aAAa;AAAA;AAAA,EAE3B,iBAAiB,GAAuB;AAAA,IACtC,OAAO,KAAK,aAAa;AAAA;AAE7B;",
+  "debugId": "500754D72B6C3D2B64756E2164756E21",
+  "names": []
+}

package/dist/services/cloud-backup.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"cloud-backup.d.ts","sourceRoot":"","sources":["../../services/cloud-backup.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,KAAK,aAAa,EAAU,OAAO,EAAE,MAAM,eAAe,CAAC;AACpE,OAAO,KAAK,EACV,aAAa,EAIb,YAAY,EACb,MAAM,gBAAgB,CAAC;AAUxB,qBAAa,kBAAmB,SAAQ,OAAO;IAC7C,MAAM,CAAC,WAAW,SAAkB;IACpC,qBAAqB,SAA+C;IAEpE,OAAO,CAAC,WAAW,CAAoB;IACvC,OAAO,CAAC,WAAW,CAA2C;IAC9D,OAAO,CAAC,QAAQ,CAAC,YAAY,CAA4C;IACzE,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAoD;WAExE,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAMtD,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;YAQb,UAAU;IAYlB,cAAc,CAClB,WAAW,EAAE,MAAM,EACnB,YAAY,GAAE,YAAuB,EACrC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACjC,OAAO,CAAC,aAAa,CAAC;IAoBnB,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAQ5D,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAUvE,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAW3E,kBAAkB,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI;IAgClE,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI;IAS3C;;;OAGG;IACG,yBAAyB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAU5E;;;OAGG;YACW,cAAc;IAqB5B,qBAAqB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO;IAInD,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;CAGtD"}
1	+ {"version":3,"file":"cloud-backup.d.ts","sourceRoot":"","sources":["../../src/services/cloud-backup.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,KAAK,aAAa,EAAU,OAAO,EAAE,MAAM,eAAe,CAAC;AACpE,OAAO,KAAK,EACV,aAAa,EAIb,YAAY,EACb,MAAM,gBAAgB,CAAC;AAUxB,qBAAa,kBAAmB,SAAQ,OAAO;IAC7C,MAAM,CAAC,WAAW,SAAkB;IACpC,qBAAqB,SAA+C;IAEpE,OAAO,CAAC,WAAW,CAAoB;IACvC,OAAO,CAAC,WAAW,CAA2C;IAC9D,OAAO,CAAC,QAAQ,CAAC,YAAY,CAA4C;IACzE,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAoD;WAExE,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAMtD,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;YAQb,UAAU;IAYlB,cAAc,CAClB,WAAW,EAAE,MAAM,EACnB,YAAY,GAAE,YAAuB,EACrC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACjC,OAAO,CAAC,aAAa,CAAC;IAoBnB,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAQ5D,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAUvE,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAW3E,kBAAkB,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI;IAgClE,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI;IAS3C;;;OAGG;IACG,yBAAyB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAU5E;;;OAGG;YACW,cAAc;IAqB5B,qBAAqB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO;IAInD,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;CAGtD"}

package/dist/services/cloud-backup.js ADDED Viewed

@@ -0,0 +1,176 @@
+import { createRequire } from "node:module";
+var __defProp = Object.defineProperty;
+var __returnValue = (v) => v;
+function __exportSetter(name, newValue) {
+  this[name] = __returnValue.bind(null, newValue);
+}
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, {
+      get: all[name],
+      enumerable: true,
+      configurable: true,
+      set: __exportSetter.bind(all, name)
+    });
+};
+var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
+var __require = /* @__PURE__ */ createRequire(import.meta.url);
+// src/types/cloud.ts
+import {
+  CloudApiError,
+  InsufficientCreditsError
+} from "@elizaos/cloud-sdk";
+var DEFAULT_CLOUD_CONFIG = {
+  enabled: false,
+  baseUrl: "https://www.elizacloud.ai/api/v1",
+  inferenceMode: "cloud",
+  autoProvision: false,
+  bridge: {
+    reconnectIntervalMs: 3000,
+    maxReconnectAttempts: 20,
+    heartbeatIntervalMs: 30000
+  },
+  backup: {
+    autoBackupIntervalMs: 3600000,
+    maxSnapshots: 10
+  },
+  container: {
+    defaultImage: "elizaos/agent:latest",
+    defaultArchitecture: "arm64",
+    defaultCpu: 1792,
+    defaultMemory: 1792,
+    defaultPort: 3000
+  }
+};
+// src/services/cloud-backup.ts
+import { logger, Service } from "@elizaos/core";
+class CloudBackupService extends Service {
+  static serviceType = "CLOUD_BACKUP";
+  capabilityDescription = "ElizaCloud agent state backup and restore";
+  authService;
+  autoBackups = new Map;
+  maxSnapshots = DEFAULT_CLOUD_CONFIG.backup.maxSnapshots;
+  backupIntervalMs = DEFAULT_CLOUD_CONFIG.backup.autoBackupIntervalMs;
+  static async start(runtime) {
+    const service = new CloudBackupService(runtime);
+    await service.initialize();
+    return service;
+  }
+  async stop() {
+    for (const [, entry] of this.autoBackups) {
+      clearInterval(entry.timer);
+    }
+    this.autoBackups.clear();
+    logger.info("[CloudBackup] Service stopped");
+  }
+  async initialize() {
+    const auth = this.runtime.getService("CLOUD_AUTH");
+    if (!auth) {
+      logger.debug("[CloudBackup] CloudAuthService not available");
+      return;
+    }
+    this.authService = auth;
+    logger.info("[CloudBackup] Service initialized");
+  }
+  async createSnapshot(containerId, snapshotType = "manual", metadata) {
+    const client = this.authService.getClient();
+    const response = await client.post(`/agent-state/${containerId}/snapshot`, { snapshotType, metadata });
+    logger.info(`[CloudBackup] Created ${snapshotType} snapshot for container ${containerId} (id=${response.data.id}, size=${formatBytes(response.data.sizeBytes)})`);
+    const autoEntry = this.autoBackups.get(containerId);
+    if (autoEntry) {
+      autoEntry.lastBackupAt = Date.now();
+    }
+    return response.data;
+  }
+  async listSnapshots(containerId) {
+    const client = this.authService.getClient();
+    const response = await client.get(`/agent-state/${containerId}/snapshots`);
+    return response.data;
+  }
+  async restoreSnapshot(containerId, snapshotId) {
+    const client = this.authService.getClient();
+    await client.post(`/agent-state/${containerId}/restore`, {
+      snapshotId
+    });
+    logger.info(`[CloudBackup] Restored snapshot ${snapshotId} for container ${containerId}`);
+  }
+  async getLatestSnapshot(containerId) {
+    const snapshots = await this.listSnapshots(containerId);
+    if (snapshots.length === 0)
+      return null;
+    snapshots.sort((a, b) => new Date(b.created_at).getTime() - new Date(a.created_at).getTime());
+    return snapshots[0];
+  }
+  scheduleAutoBackup(containerId, intervalMs) {
+    if (this.autoBackups.has(containerId)) {
+      logger.debug(`[CloudBackup] Auto-backup already scheduled for ${containerId}`);
+      return;
+    }
+    const interval = intervalMs ?? this.backupIntervalMs;
+    const timer = setInterval(() => {
+      logger.debug(`[CloudBackup] Running auto-backup for container ${containerId}`);
+      this.createSnapshot(containerId, "auto", {
+        trigger: "scheduled",
+        scheduledIntervalMs: interval
+      }).then(() => this.pruneSnapshots(containerId)).catch((err) => {
+        logger.error(`[CloudBackup] Auto-backup failed for ${containerId}: ${err.message}`);
+      });
+    }, interval);
+    this.autoBackups.set(containerId, {
+      containerId,
+      timer,
+      lastBackupAt: null
+    });
+    logger.info(`[CloudBackup] Scheduled auto-backup for ${containerId} every ${Math.round(interval / 60000)} minutes`);
+  }
+  cancelAutoBackup(containerId) {
+    const entry = this.autoBackups.get(containerId);
+    if (!entry)
+      return;
+    clearInterval(entry.timer);
+    this.autoBackups.delete(containerId);
+    logger.info(`[CloudBackup] Cancelled auto-backup for ${containerId}`);
+  }
+  async createPreEvictionSnapshot(containerId) {
+    logger.info(`[CloudBackup] Creating pre-eviction snapshot for ${containerId}`);
+    return this.createSnapshot(containerId, "pre-eviction", {
+      trigger: "billing-eviction",
+      createdAt: new Date().toISOString()
+    });
+  }
+  async pruneSnapshots(containerId) {
+    const snapshots = await this.listSnapshots(containerId);
+    const autoSnapshots = snapshots.filter((s) => s.snapshotType === "auto").sort((a, b) => new Date(b.created_at).getTime() - new Date(a.created_at).getTime());
+    const excess = autoSnapshots.slice(this.maxSnapshots);
+    if (excess.length === 0)
+      return;
+    const client = this.authService.getClient();
+    for (const snapshot of excess) {
+      await client.delete(`/agent-state/${containerId}/snapshots/${snapshot.id}`);
+      logger.debug(`[CloudBackup] Pruned old auto snapshot ${snapshot.id} for ${containerId}`);
+    }
+    logger.info(`[CloudBackup] Pruned ${excess.length} old auto snapshot(s) for ${containerId}`);
+  }
+  isAutoBackupScheduled(containerId) {
+    return this.autoBackups.has(containerId);
+  }
+  getLastBackupTime(containerId) {
+    return this.autoBackups.get(containerId)?.lastBackupAt ?? null;
+  }
+}
+function formatBytes(bytes) {
+  if (bytes < 1024)
+    return `${bytes} B`;
+  if (bytes < 1024 * 1024)
+    return `${(bytes / 1024).toFixed(1)} KB`;
+  if (bytes < 1024 * 1024 * 1024)
+    return `${(bytes / (1024 * 1024)).toFixed(1)} MB`;
+  return `${(bytes / (1024 * 1024 * 1024)).toFixed(1)} GB`;
+}
+export {
+  CloudBackupService
+};
+//# debugId=3A3130D224AC9DB064756E2164756E21