@grackle-ai/server 0.72.0 → 0.72.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auto-reconnect.js +3 -3
- package/dist/auto-reconnect.js.map +1 -1
- package/dist/credential-bundle.d.ts +12 -0
- package/dist/credential-bundle.d.ts.map +1 -0
- package/dist/credential-bundle.js +183 -0
- package/dist/credential-bundle.js.map +1 -0
- package/dist/credential-providers.d.ts +0 -10
- package/dist/credential-providers.d.ts.map +1 -1
- package/dist/credential-providers.js +5 -177
- package/dist/credential-providers.js.map +1 -1
- package/dist/db-seed.d.ts +16 -0
- package/dist/db-seed.d.ts.map +1 -0
- package/dist/db-seed.js +176 -0
- package/dist/db-seed.js.map +1 -0
- package/dist/db.d.ts.map +1 -1
- package/dist/db.js +1 -165
- package/dist/db.js.map +1 -1
- package/dist/finding-store.d.ts +0 -2
- package/dist/finding-store.d.ts.map +1 -1
- package/dist/finding-store.js +0 -23
- package/dist/finding-store.js.map +1 -1
- package/dist/grpc-service.d.ts.map +1 -1
- package/dist/grpc-service.js +10 -7
- package/dist/grpc-service.js.map +1 -1
- package/dist/index.js +6 -4
- package/dist/index.js.map +1 -1
- package/dist/orchestrator-context.js +27 -1
- package/dist/orchestrator-context.js.map +1 -1
- package/dist/task-store.d.ts +24 -1
- package/dist/task-store.d.ts.map +1 -1
- package/dist/task-store.js +43 -20
- package/dist/task-store.js.map +1 -1
- package/dist/{token-broker.d.ts → token-push.d.ts} +3 -27
- package/dist/token-push.d.ts.map +1 -0
- package/dist/{token-broker.js → token-push.js} +25 -71
- package/dist/token-push.js.map +1 -0
- package/dist/token-store.d.ts +25 -0
- package/dist/token-store.d.ts.map +1 -0
- package/dist/token-store.js +58 -0
- package/dist/token-store.js.map +1 -0
- package/dist/ws-bridge.d.ts.map +1 -1
- package/dist/ws-bridge.js +10 -7
- package/dist/ws-bridge.js.map +1 -1
- package/package.json +7 -7
- package/dist/token-broker.d.ts.map +0 -1
- package/dist/token-broker.js.map +0 -1
package/dist/task-store.js
CHANGED
|
@@ -5,7 +5,45 @@ import { TASK_STATUS, taskStatusToEnum, taskStatusToString } from "@grackle-ai/c
|
|
|
5
5
|
import { MAX_TASK_DEPTH } from "@grackle-ai/common";
|
|
6
6
|
import { safeParseJsonArray } from "./json-helpers.js";
|
|
7
7
|
import { slugify } from "./utils/slugify.js";
|
|
8
|
-
/**
|
|
8
|
+
/**
|
|
9
|
+
* Low-level insert — writes a task row with all fields pre-computed.
|
|
10
|
+
* Auto-assigns `sortOrder` based on the workspace's current max.
|
|
11
|
+
* No business logic (parent validation, branch generation, depth limits).
|
|
12
|
+
*/
|
|
13
|
+
export function insertTask(fields) {
|
|
14
|
+
const depsJson = JSON.stringify(fields.dependsOn);
|
|
15
|
+
const sortOrderConditions = [];
|
|
16
|
+
if (fields.workspaceId) {
|
|
17
|
+
sortOrderConditions.push(eq(tasks.workspaceId, fields.workspaceId));
|
|
18
|
+
}
|
|
19
|
+
const maxRowQuery = db
|
|
20
|
+
.select({ maxOrder: sql `max(sort_order)` })
|
|
21
|
+
.from(tasks);
|
|
22
|
+
const maxRow = sortOrderConditions.length > 0
|
|
23
|
+
? maxRowQuery.where(and(...sortOrderConditions)).get()
|
|
24
|
+
: maxRowQuery.get();
|
|
25
|
+
const sortOrder = (maxRow?.maxOrder ?? -1) + 1;
|
|
26
|
+
db.insert(tasks)
|
|
27
|
+
.values({
|
|
28
|
+
id: fields.id,
|
|
29
|
+
workspaceId: fields.workspaceId || null,
|
|
30
|
+
title: fields.title,
|
|
31
|
+
description: fields.description,
|
|
32
|
+
branch: fields.branch,
|
|
33
|
+
dependsOn: depsJson,
|
|
34
|
+
sortOrder,
|
|
35
|
+
parentTaskId: fields.parentTaskId,
|
|
36
|
+
depth: fields.depth,
|
|
37
|
+
canDecompose: fields.canDecompose,
|
|
38
|
+
defaultPersonaId: fields.defaultPersonaId,
|
|
39
|
+
})
|
|
40
|
+
.run();
|
|
41
|
+
}
|
|
42
|
+
/**
|
|
43
|
+
* Create a task with business logic: validates parent, enforces depth limits,
|
|
44
|
+
* auto-generates branch name, and derives canDecompose.
|
|
45
|
+
* Delegates the actual insert to {@link insertTask}.
|
|
46
|
+
*/
|
|
9
47
|
export function createTask(id, workspaceId, title, description, dependsOn, workspaceSlug, parentTaskId = "", canDecompose, defaultPersonaId = "") {
|
|
10
48
|
let depth = 0;
|
|
11
49
|
let branch;
|
|
@@ -29,33 +67,18 @@ export function createTask(id, workspaceId, title, description, dependsOn, works
|
|
|
29
67
|
}
|
|
30
68
|
// Derive canDecompose when not explicitly set: root=true, child=false
|
|
31
69
|
const resolvedCanDecompose = canDecompose ?? !parentTaskId;
|
|
32
|
-
|
|
33
|
-
const sortOrderConditions = [];
|
|
34
|
-
if (workspaceId) {
|
|
35
|
-
sortOrderConditions.push(eq(tasks.workspaceId, workspaceId));
|
|
36
|
-
}
|
|
37
|
-
const maxRowQuery = db
|
|
38
|
-
.select({ maxOrder: sql `max(sort_order)` })
|
|
39
|
-
.from(tasks);
|
|
40
|
-
const maxRow = sortOrderConditions.length > 0
|
|
41
|
-
? maxRowQuery.where(and(...sortOrderConditions)).get()
|
|
42
|
-
: maxRowQuery.get();
|
|
43
|
-
const sortOrder = (maxRow?.maxOrder ?? -1) + 1;
|
|
44
|
-
db.insert(tasks)
|
|
45
|
-
.values({
|
|
70
|
+
insertTask({
|
|
46
71
|
id,
|
|
47
|
-
workspaceId
|
|
72
|
+
workspaceId,
|
|
48
73
|
title,
|
|
49
74
|
description,
|
|
50
75
|
branch,
|
|
51
|
-
dependsOn
|
|
52
|
-
sortOrder,
|
|
76
|
+
dependsOn,
|
|
53
77
|
parentTaskId,
|
|
54
78
|
depth,
|
|
55
79
|
canDecompose: resolvedCanDecompose,
|
|
56
80
|
defaultPersonaId,
|
|
57
|
-
})
|
|
58
|
-
.run();
|
|
81
|
+
});
|
|
59
82
|
}
|
|
60
83
|
/** Retrieve a single task by ID. */
|
|
61
84
|
export function getTask(id) {
|
package/dist/task-store.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"task-store.js","sourceRoot":"","sources":["../src/task-store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,KAAK,EAAgB,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAY,MAAM,aAAa,CAAC;AAC9D,OAAO,EAAE,WAAW,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAEvF,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACvD,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"task-store.js","sourceRoot":"","sources":["../src/task-store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,KAAK,EAAgB,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAY,MAAM,aAAa,CAAC;AAC9D,OAAO,EAAE,WAAW,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAEvF,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACvD,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAkB7C;;;;GAIG;AACH,MAAM,UAAU,UAAU,CAAC,MAAwB;IACjD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAClD,MAAM,mBAAmB,GAAU,EAAE,CAAC;IACtC,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;QACvB,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC;IACtE,CAAC;IACD,MAAM,WAAW,GAAG,EAAE;SACnB,MAAM,CAAC,EAAE,QAAQ,EAAE,GAAG,CAAQ,iBAAiB,EAAE,CAAC;SAClD,IAAI,CAAC,KAAK,CAAC,CAAC;IACf,MAAM,MAAM,GAAG,mBAAmB,CAAC,MAAM,GAAG,CAAC;QAC3C,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,mBAAmB,CAAC,CAAC,CAAC,GAAG,EAAE;QACtD,CAAC,CAAC,WAAW,CAAC,GAAG,EAAE,CAAC;IACtB,MAAM,SAAS,GAAG,CAAC,MAAM,EAAE,QAAQ,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAC/C,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC;SACb,MAAM,CAAC;QACN,EAAE,EAAE,MAAM,CAAC,EAAE;QACb,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,IAAI;QACvC,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,SAAS,EAAE,QAAQ;QACnB,SAAS;QACT,YAAY,EAAE,MAAM,CAAC,YAAY;QACjC,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,YAAY,EAAE,MAAM,CAAC,YAAY;QACjC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;KAC1C,CAAC;SACD,GAAG,EAAE,CAAC;AACX,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,UAAU,CACxB,EAAU,EACV,WAA+B,EAC/B,KAAa,EACb,WAAmB,EACnB,SAAmB,EACnB,aAAqB,EACrB,eAAuB,EAAE,EACzB,YAAsB,EACtB,mBAA2B,EAAE;IAE7B,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,MAAc,CAAC;IAEnB,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;QACrC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,0BAA0B,YAAY,EAAE,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,gBAAgB,MAAM,CAAC,KAAK,MAAM,YAAY,sCAAsC,CACrF,CAAC;QACJ,CAAC;QACD,KAAK,GAAG,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC;QACzB,IAAI,KAAK,GAAG,cAAc,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,sCAAsC,cAAc,EAAE,CAAC,CAAC;QAC1E,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,IAAI,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;IAChD,CAAC;SAAM,CAAC;QACN,MAAM,MAAM,GAAG,aAAa,IAAI,MAAM,CAAC;QACvC,MAAM,GAAG,GAAG,MAAM,IAAI,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;IACzC,CAAC;IAED,sEAAsE;IACtE,MAAM,oBAAoB,GAAG,YAAY,IAAI,CAAC,YAAY,CAAC;IAE3D,UAAU,CAAC;QACT,EAAE;QACF,WAAW;QACX,KAAK;QACL,WAAW;QACX,MAAM;QACN,SAAS;QACT,YAAY;QACZ,KAAK;QACL,YAAY,EAAE,oBAAoB;QAClC,gBAAgB;KACjB,CAAC,CAAC;AACL,CAAC;AAED,oCAAoC;AACpC,MAAM,UAAU,OAAO,CAAC,EAAU;IAChC,OAAO,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;AAC/D,CAAC;AAUD,8DAA8D;AAC9D,SAAS,iBAAiB,CAAC,KAAa;IACtC,OAAO,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACrD,CAAC;AAED,2JAA2J;AAC3J,MAAM,UAAU,SAAS,CAAC,WAAoB,EAAE,OAA0B;IACxE,MAAM,UAAU,GAAU,EAAE,CAAC;IAC7B,IAAI,WAAW,EAAE,CAAC;QAChB,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC;IACtD,CAAC;IAED,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;QACpB,mEAAmE;QACnE,MAAM,SAAS,GAAG,kBAAkB,CAAC,gBAAgB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;QACvE,IAAI,SAAS,EAAE,CAAC;YACd,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC;QAC/C,CAAC;aAAM,CAAC;YACN,iEAAiE;YACjE,UAAU,CAAC,IAAI,CAAC,GAAG,CAAA,GAAG,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;QACpB,MAAM,OAAO,GAAG,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,IAAI,OAAO,GAAG,CAAC;QAC/B,UAAU,CAAC,IAAI,CACb,EAAE,CACA,GAAG,CAAA,GAAG,KAAK,CAAC,KAAK,SAAS,OAAO,cAAc,EAC/C,GAAG,CAAA,GAAG,KAAK,CAAC,WAAW,SAAS,OAAO,cAAc,CACrD,CACH,CAAC;IACJ,CAAC;IAED,MAAM,KAAK,GAAG,EAAE;SACb,MAAM,EAAE;SACR,IAAI,CAAC,KAAK,CAAC,CAAC;IACf,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC;QACpC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC,CAAC;QACjC,CAAC,CAAC,KAAK,CAAC;IACV,OAAO,QAAQ;SACZ,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;SACnD,GAAG,EAAE,CAAC;AACX,CAAC;AAED,2CAA2C;AAC3C,MAAM,UAAU,UAAU,CACxB,EAAU,EACV,KAAa,EACb,WAAmB,EACnB,MAAc,EACd,SAAmB,EACnB,gBAAyB;IAEzB,MAAM,IAAI,GAA4B;QACpC,KAAK;QACL,WAAW;QACX,MAAM;QACN,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;QACpC,SAAS,EAAE,GAAG,CAAA,iBAAiB;KAChC,CAAC;IACF,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;QACnC,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;IAC3C,CAAC;IACD,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC;SACb,GAAG,CAAC,IAAI,CAAC;SACT,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;SACvB,GAAG,EAAE,CAAC;AACX,CAAC;AAED,oCAAoC;AACpC,MAAM,UAAU,gBAAgB,CAAC,EAAU,EAAE,WAAmB;IAC9D,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC;SACb,GAAG,CAAC;QACH,WAAW;QACX,SAAS,EAAE,GAAG,CAAA,iBAAiB;KAChC,CAAC;SACD,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;SACvB,GAAG,EAAE,CAAC;AACX,CAAC;AAED,iDAAiD;AACjD,MAAM,UAAU,gBAAgB,CAAC,EAAU,EAAE,SAAmB;IAC9D,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC;SACb,GAAG,CAAC;QACH,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;QACpC,SAAS,EAAE,GAAG,CAAA,iBAAiB;KAChC,CAAC;SACD,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;SACvB,GAAG,EAAE,CAAC;AACX,CAAC;AAED,mCAAmC;AACnC,MAAM,UAAU,gBAAgB,CAAC,EAAU,EAAE,MAAkB;IAC7D,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC;SACb,GAAG,CAAC;QACH,MAAM;QACN,SAAS,EAAE,GAAG,CAAA,iBAAiB;KAChC,CAAC;SACD,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;SACvB,GAAG,EAAE,CAAC;AACX,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAC9B,EAAU,EACV,SAAgC,UAAU;IAE1C,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC;SACb,GAAG,CAAC;QACH,MAAM;QACN,WAAW,EAAE,GAAG,CAAA,iBAAiB;QACjC,SAAS,EAAE,GAAG,CAAA,iBAAiB;KAChC,CAAC;SACD,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;SACvB,GAAG,EAAE,CAAC;AACX,CAAC;AAED,gEAAgE;AAChE,MAAM,UAAU,UAAU,CAAC,EAAU;IACnC,MAAM,MAAM,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;IAC9D,OAAO,MAAM,CAAC,OAAO,CAAC;AACxB,CAAC;AAED,qEAAqE;AACrE,MAAM,UAAU,iBAAiB,CAAC,WAAoB;IACpD,MAAM,GAAG,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;IACnC,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;QACzB,IAAI,IAAI,CAAC,MAAM,KAAK,WAAW,CAAC,WAAW,EAAE,CAAC;YAC5C,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,IAAI,GAAG,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAChD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YAC1B,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,CAAC;YAC5C,OAAO,GAAG,EAAE,MAAM,KAAK,WAAW,CAAC,QAAQ,CAAC;QAC9C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,iFAAiF;AACjF,MAAM,UAAU,eAAe,CAAC,WAAoB;IAClD,OAAO,iBAAiB,CAAC,WAAW,CAAC,CAAC;AACxC,CAAC;AAED,yEAAyE;AACzE,MAAM,UAAU,kBAAkB,CAAC,MAAc;IAC/C,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC7B,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,IAAI,GAAG,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAChD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;QAC3B,OAAO,GAAG,EAAE,MAAM,KAAK,WAAW,CAAC,QAAQ,CAAC;IAC9C,CAAC,CAAC,CAAC;AACL,CAAC;AAED,wDAAwD;AAExD,sGAAsG;AACtG,MAAM,UAAU,gBAAgB,CAAC,IAAe;IAC9C,MAAM,GAAG,GAAG,IAAI,GAAG,EAAoB,CAAC;IACxC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;YACrB,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YAC3C,IAAI,QAAQ,EAAE,CAAC;gBACb,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACxB,CAAC;iBAAM,CAAC;gBACN,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,4DAA4D;AAC5D,MAAM,UAAU,WAAW,CAAC,MAAc;IACxC,OAAO,EAAE;SACN,MAAM,EAAE;SACR,IAAI,CAAC,KAAK,CAAC;SACX,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;SACrC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;SACnD,GAAG,EAAE,CAAC;AACX,CAAC;AAED,6HAA6H;AAC7H,MAAM,UAAU,cAAc,CAAC,MAAc;IAC3C,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC7B,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,WAAW,IAAI,SAAS,CAAC,CAAC;IACzD,MAAM,WAAW,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAC9C,MAAM,OAAO,GAAG,IAAI,GAAG,CAAkB,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;IAExE,MAAM,MAAM,GAAc,EAAE,CAAC;IAC7B,MAAM,KAAK,GAAa,CAAC,MAAM,CAAC,CAAC;IACjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC5C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,SAAS;QACX,CAAC;QACD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACnC,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACnB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACvB,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,mEAAmE;AACnE,MAAM,UAAU,YAAY,CAAC,MAAc;IACzC,MAAM,SAAS,GAAc,EAAE,CAAC;IAChC,IAAI,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC9B,OAAO,OAAO,EAAE,YAAY,EAAE,CAAC;QAC7B,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC7C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM;QACR,CAAC;QACD,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC1B,OAAO,GAAG,MAAM,CAAC;IACnB,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,kDAAkD;AAClD,MAAM,UAAU,oBAAoB,CAAC,MAAc;IACjD,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACrC,MAAM,MAAM,GAA2B,EAAE,CAAC;IAC1C,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QAC7B,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACzD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
@@ -1,26 +1,3 @@
|
|
|
1
|
-
import { powerline } from "@grackle-ai/common";
|
|
2
|
-
interface TokenConfig {
|
|
3
|
-
name: string;
|
|
4
|
-
type: string;
|
|
5
|
-
envVar?: string;
|
|
6
|
-
filePath?: string;
|
|
7
|
-
value: string;
|
|
8
|
-
expiresAt?: string;
|
|
9
|
-
}
|
|
10
|
-
/** Encrypt and store a token, then auto-push to all connected environments. */
|
|
11
|
-
export declare function setToken(entry: TokenConfig): Promise<void>;
|
|
12
|
-
/** Delete a token by name and re-push the updated bundle to all environments. */
|
|
13
|
-
export declare function deleteToken(name: string): Promise<void>;
|
|
14
|
-
/** List all stored tokens (values are omitted for security). */
|
|
15
|
-
export declare function listTokens(): Array<{
|
|
16
|
-
name: string;
|
|
17
|
-
type: string;
|
|
18
|
-
envVar?: string;
|
|
19
|
-
filePath?: string;
|
|
20
|
-
expiresAt?: string;
|
|
21
|
-
}>;
|
|
22
|
-
/** Build a decrypted token bundle suitable for pushing to a PowerLine. */
|
|
23
|
-
export declare function getBundle(): powerline.TokenBundle;
|
|
24
1
|
/** Options for {@link pushToEnv}. */
|
|
25
2
|
export interface PushToEnvOptions {
|
|
26
3
|
/** When true, filter out file-type tokens (only push env vars). */
|
|
@@ -28,6 +5,8 @@ export interface PushToEnvOptions {
|
|
|
28
5
|
}
|
|
29
6
|
/** Push the current token bundle to a single connected environment. */
|
|
30
7
|
export declare function pushToEnv(environmentId: string, options?: PushToEnvOptions): Promise<void>;
|
|
8
|
+
/** Push the current token bundle to all connected environments in parallel. */
|
|
9
|
+
export declare function pushToAll(): Promise<void>;
|
|
31
10
|
/**
|
|
32
11
|
* Push enabled provider credentials to a single connected environment.
|
|
33
12
|
* When `runtime` is specified, only providers relevant to that runtime are included.
|
|
@@ -40,7 +19,4 @@ export declare function pushProviderCredentialsToEnv(environmentId: string, runt
|
|
|
40
19
|
* Both pushes run concurrently; failures are logged as warnings and do not block.
|
|
41
20
|
*/
|
|
42
21
|
export declare function refreshTokensForTask(environmentId: string, runtime?: string, options?: PushToEnvOptions): Promise<void>;
|
|
43
|
-
|
|
44
|
-
export declare function pushToAll(): Promise<void>;
|
|
45
|
-
export {};
|
|
46
|
-
//# sourceMappingURL=token-broker.d.ts.map
|
|
22
|
+
//# sourceMappingURL=token-push.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-push.d.ts","sourceRoot":"","sources":["../src/token-push.ts"],"names":[],"mappings":"AAeA,qCAAqC;AACrC,MAAM,WAAW,gBAAgB;IAC/B,mEAAmE;IACnE,iBAAiB,CAAC,EAAE,OAAO,CAAC;CAC7B;AAED,uEAAuE;AACvE,wBAAsB,SAAS,CAAC,aAAa,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CAiBhG;AAED,+EAA+E;AAC/E,wBAAsB,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC,CAc/C;AAED;;;;GAIG;AACH,wBAAsB,4BAA4B,CAAC,aAAa,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CAiBrI;AAED;;;;GAIG;AACH,wBAAsB,oBAAoB,CAAC,aAAa,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CAY7H"}
|
|
@@ -1,63 +1,17 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
1
|
+
/**
|
|
2
|
+
* Token push orchestration — distributes stored tokens and credential
|
|
3
|
+
* provider bundles to connected PowerLine environments.
|
|
4
|
+
*
|
|
5
|
+
* This is service-level logic that depends on adapter-manager (network) and
|
|
6
|
+
* env-registry (lookup). The pure persistence layer lives in
|
|
7
|
+
* {@link ./token-store.ts}, and credential bundle building lives in
|
|
8
|
+
* {@link ./credential-bundle.ts}.
|
|
9
|
+
*/
|
|
7
10
|
import * as adapterManager from "./adapter-manager.js";
|
|
8
11
|
import * as envRegistry from "./env-registry.js";
|
|
12
|
+
import { getBundle } from "./token-store.js";
|
|
13
|
+
import { buildProviderTokenBundle } from "./credential-bundle.js";
|
|
9
14
|
import { logger } from "./logger.js";
|
|
10
|
-
import { buildProviderTokenBundle } from "./credential-providers.js";
|
|
11
|
-
/** Encrypt and store a token, then auto-push to all connected environments. */
|
|
12
|
-
export async function setToken(entry) {
|
|
13
|
-
const encrypted = {
|
|
14
|
-
...entry,
|
|
15
|
-
value: encrypt(entry.value),
|
|
16
|
-
};
|
|
17
|
-
db.insert(tokens)
|
|
18
|
-
.values({ id: entry.name, config: JSON.stringify(encrypted) })
|
|
19
|
-
.onConflictDoUpdate({
|
|
20
|
-
target: tokens.id,
|
|
21
|
-
set: { config: JSON.stringify(encrypted) },
|
|
22
|
-
})
|
|
23
|
-
.run();
|
|
24
|
-
// Auto-push to all connected environments
|
|
25
|
-
await pushToAll();
|
|
26
|
-
}
|
|
27
|
-
/** Delete a token by name and re-push the updated bundle to all environments. */
|
|
28
|
-
export async function deleteToken(name) {
|
|
29
|
-
db.delete(tokens).where(eq(tokens.id, name)).run();
|
|
30
|
-
await pushToAll();
|
|
31
|
-
}
|
|
32
|
-
/** List all stored tokens (values are omitted for security). */
|
|
33
|
-
export function listTokens() {
|
|
34
|
-
const rows = db.select().from(tokens).all();
|
|
35
|
-
return rows.map((row) => {
|
|
36
|
-
const cfg = JSON.parse(row.config);
|
|
37
|
-
return {
|
|
38
|
-
name: cfg.name,
|
|
39
|
-
type: cfg.type,
|
|
40
|
-
envVar: cfg.envVar,
|
|
41
|
-
filePath: cfg.filePath,
|
|
42
|
-
expiresAt: cfg.expiresAt,
|
|
43
|
-
};
|
|
44
|
-
});
|
|
45
|
-
}
|
|
46
|
-
/** Build a decrypted token bundle suitable for pushing to a PowerLine. */
|
|
47
|
-
export function getBundle() {
|
|
48
|
-
const rows = db.select().from(tokens).all();
|
|
49
|
-
const items = rows.map((row) => {
|
|
50
|
-
const cfg = JSON.parse(row.config);
|
|
51
|
-
return create(powerline.TokenItemSchema, {
|
|
52
|
-
name: cfg.name,
|
|
53
|
-
type: cfg.type,
|
|
54
|
-
envVar: cfg.envVar || "",
|
|
55
|
-
filePath: cfg.filePath || "",
|
|
56
|
-
value: decrypt(cfg.value),
|
|
57
|
-
});
|
|
58
|
-
});
|
|
59
|
-
return create(powerline.TokenBundleSchema, { tokens: items });
|
|
60
|
-
}
|
|
61
15
|
/** Push the current token bundle to a single connected environment. */
|
|
62
16
|
export async function pushToEnv(environmentId, options) {
|
|
63
17
|
const conn = adapterManager.getConnection(environmentId);
|
|
@@ -73,6 +27,19 @@ export async function pushToEnv(environmentId, options) {
|
|
|
73
27
|
}
|
|
74
28
|
await conn.client.pushTokens(bundle);
|
|
75
29
|
}
|
|
30
|
+
/** Push the current token bundle to all connected environments in parallel. */
|
|
31
|
+
export async function pushToAll() {
|
|
32
|
+
const connections = adapterManager.listConnections();
|
|
33
|
+
const promises = [];
|
|
34
|
+
for (const [environmentId] of connections) {
|
|
35
|
+
const env = envRegistry.getEnvironment(environmentId);
|
|
36
|
+
const opts = env?.adapterType === "local" ? { excludeFileTokens: true } : undefined;
|
|
37
|
+
promises.push(pushToEnv(environmentId, opts).catch((err) => {
|
|
38
|
+
logger.error({ environmentId, err }, "Failed to push tokens");
|
|
39
|
+
}));
|
|
40
|
+
}
|
|
41
|
+
await Promise.all(promises);
|
|
42
|
+
}
|
|
76
43
|
/**
|
|
77
44
|
* Push enabled provider credentials to a single connected environment.
|
|
78
45
|
* When `runtime` is specified, only providers relevant to that runtime are included.
|
|
@@ -109,17 +76,4 @@ export async function refreshTokensForTask(environmentId, runtime, options) {
|
|
|
109
76
|
logger.warn({ environmentId, err: results[1].reason }, "Failed to push provider credentials before task start");
|
|
110
77
|
}
|
|
111
78
|
}
|
|
112
|
-
|
|
113
|
-
export async function pushToAll() {
|
|
114
|
-
const connections = adapterManager.listConnections();
|
|
115
|
-
const promises = [];
|
|
116
|
-
for (const [environmentId] of connections) {
|
|
117
|
-
const env = envRegistry.getEnvironment(environmentId);
|
|
118
|
-
const opts = env?.adapterType === "local" ? { excludeFileTokens: true } : undefined;
|
|
119
|
-
promises.push(pushToEnv(environmentId, opts).catch((err) => {
|
|
120
|
-
logger.error({ environmentId, err }, "Failed to push tokens");
|
|
121
|
-
}));
|
|
122
|
-
}
|
|
123
|
-
await Promise.all(promises);
|
|
124
|
-
}
|
|
125
|
-
//# sourceMappingURL=token-broker.js.map
|
|
79
|
+
//# sourceMappingURL=token-push.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-push.js","sourceRoot":"","sources":["../src/token-push.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,OAAO,KAAK,cAAc,MAAM,sBAAsB,CAAC;AACvD,OAAO,KAAK,WAAW,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AAClE,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAQrC,uEAAuE;AACvE,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,aAAqB,EAAE,OAA0B;IAC/E,MAAM,IAAI,GAAG,cAAc,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;IACzD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,IAAI,OAAO,EAAE,iBAAiB,EAAE,CAAC;QAC/B,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,OAAO;IACT,CAAC;IAED,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC;AAED,+EAA+E;AAC/E,MAAM,CAAC,KAAK,UAAU,SAAS;IAC7B,MAAM,WAAW,GAAG,cAAc,CAAC,eAAe,EAAE,CAAC;IACrD,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,KAAK,MAAM,CAAC,aAAa,CAAC,IAAI,WAAW,EAAE,CAAC;QAC1C,MAAM,GAAG,GAAG,WAAW,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC;QACtD,MAAM,IAAI,GACR,GAAG,EAAE,WAAW,KAAK,OAAO,CAAC,CAAC,CAAC,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;QACzE,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACzD,MAAM,CAAC,KAAK,CAAC,EAAE,aAAa,EAAE,GAAG,EAAE,EAAE,uBAAuB,CAAC,CAAC;QAChE,CAAC,CAAC,CAAC,CAAC;IACN,CAAC;IAED,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;AAC9B,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAAC,aAAqB,EAAE,OAAgB,EAAE,OAA0B;IACpH,MAAM,IAAI,GAAG,cAAc,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;IACzD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAC;IAEjD,IAAI,OAAO,EAAE,iBAAiB,EAAE,CAAC;QAC/B,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,OAAO;IACT,CAAC;IAED,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,aAAqB,EAAE,OAAgB,EAAE,OAA0B;IAC5G,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC;QACvC,SAAS,CAAC,aAAa,EAAE,OAAO,CAAC;QACjC,4BAA4B,CAAC,aAAa,EAAE,OAAO,EAAE,OAAO,CAAC;KAC9D,CAAC,CAAC;IAEH,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CAAC,EAAE,aAAa,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,yCAAyC,CAAC,CAAC;IACpG,CAAC;IACD,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CAAC,EAAE,aAAa,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,uDAAuD,CAAC,CAAC;IAClH,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
import { powerline } from "@grackle-ai/common";
|
|
2
|
+
/** Shape of a token's stored configuration. */
|
|
3
|
+
export interface TokenConfig {
|
|
4
|
+
name: string;
|
|
5
|
+
type: string;
|
|
6
|
+
envVar?: string;
|
|
7
|
+
filePath?: string;
|
|
8
|
+
value: string;
|
|
9
|
+
expiresAt?: string;
|
|
10
|
+
}
|
|
11
|
+
/** Encrypt and store (or update) a token. */
|
|
12
|
+
export declare function setToken(entry: TokenConfig): void;
|
|
13
|
+
/** Delete a token by name. */
|
|
14
|
+
export declare function deleteToken(name: string): void;
|
|
15
|
+
/** List all stored tokens (values are omitted for security). */
|
|
16
|
+
export declare function listTokens(): Array<{
|
|
17
|
+
name: string;
|
|
18
|
+
type: string;
|
|
19
|
+
envVar?: string;
|
|
20
|
+
filePath?: string;
|
|
21
|
+
expiresAt?: string;
|
|
22
|
+
}>;
|
|
23
|
+
/** Build a decrypted token bundle suitable for pushing to a PowerLine. */
|
|
24
|
+
export declare function getBundle(): powerline.TokenBundle;
|
|
25
|
+
//# sourceMappingURL=token-store.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-store.d.ts","sourceRoot":"","sources":["../src/token-store.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAE/C,+CAA+C;AAC/C,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,6CAA6C;AAC7C,wBAAgB,QAAQ,CAAC,KAAK,EAAE,WAAW,GAAG,IAAI,CAYjD;AAED,8BAA8B;AAC9B,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,CAE9C;AAED,gEAAgE;AAChE,wBAAgB,UAAU,IAAI,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAY1H;AAED,0EAA0E;AAC1E,wBAAgB,SAAS,IAAI,SAAS,CAAC,WAAW,CAcjD"}
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Pure persistence layer for encrypted token storage.
|
|
3
|
+
* No network operations — see {@link ./token-push.ts} for push orchestration.
|
|
4
|
+
*/
|
|
5
|
+
import { eq } from "drizzle-orm";
|
|
6
|
+
import db from "./db.js";
|
|
7
|
+
import { tokens } from "./schema.js";
|
|
8
|
+
import { encrypt, decrypt } from "./crypto.js";
|
|
9
|
+
import { create } from "@bufbuild/protobuf";
|
|
10
|
+
import { powerline } from "@grackle-ai/common";
|
|
11
|
+
/** Encrypt and store (or update) a token. */
|
|
12
|
+
export function setToken(entry) {
|
|
13
|
+
const encrypted = {
|
|
14
|
+
...entry,
|
|
15
|
+
value: encrypt(entry.value),
|
|
16
|
+
};
|
|
17
|
+
db.insert(tokens)
|
|
18
|
+
.values({ id: entry.name, config: JSON.stringify(encrypted) })
|
|
19
|
+
.onConflictDoUpdate({
|
|
20
|
+
target: tokens.id,
|
|
21
|
+
set: { config: JSON.stringify(encrypted) },
|
|
22
|
+
})
|
|
23
|
+
.run();
|
|
24
|
+
}
|
|
25
|
+
/** Delete a token by name. */
|
|
26
|
+
export function deleteToken(name) {
|
|
27
|
+
db.delete(tokens).where(eq(tokens.id, name)).run();
|
|
28
|
+
}
|
|
29
|
+
/** List all stored tokens (values are omitted for security). */
|
|
30
|
+
export function listTokens() {
|
|
31
|
+
const rows = db.select().from(tokens).all();
|
|
32
|
+
return rows.map((row) => {
|
|
33
|
+
const cfg = JSON.parse(row.config);
|
|
34
|
+
return {
|
|
35
|
+
name: cfg.name,
|
|
36
|
+
type: cfg.type,
|
|
37
|
+
envVar: cfg.envVar,
|
|
38
|
+
filePath: cfg.filePath,
|
|
39
|
+
expiresAt: cfg.expiresAt,
|
|
40
|
+
};
|
|
41
|
+
});
|
|
42
|
+
}
|
|
43
|
+
/** Build a decrypted token bundle suitable for pushing to a PowerLine. */
|
|
44
|
+
export function getBundle() {
|
|
45
|
+
const rows = db.select().from(tokens).all();
|
|
46
|
+
const items = rows.map((row) => {
|
|
47
|
+
const cfg = JSON.parse(row.config);
|
|
48
|
+
return create(powerline.TokenItemSchema, {
|
|
49
|
+
name: cfg.name,
|
|
50
|
+
type: cfg.type,
|
|
51
|
+
envVar: cfg.envVar || "",
|
|
52
|
+
filePath: cfg.filePath || "",
|
|
53
|
+
value: decrypt(cfg.value),
|
|
54
|
+
});
|
|
55
|
+
});
|
|
56
|
+
return create(powerline.TokenBundleSchema, { tokens: items });
|
|
57
|
+
}
|
|
58
|
+
//# sourceMappingURL=token-store.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-store.js","sourceRoot":"","sources":["../src/token-store.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,EAAiB,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAY/C,6CAA6C;AAC7C,MAAM,UAAU,QAAQ,CAAC,KAAkB;IACzC,MAAM,SAAS,GAAgB;QAC7B,GAAG,KAAK;QACR,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC;KAC5B,CAAC;IACF,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC;SACd,MAAM,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;SAC7D,kBAAkB,CAAC;QAClB,MAAM,EAAE,MAAM,CAAC,EAAE;QACjB,GAAG,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE;KAC3C,CAAC;SACD,GAAG,EAAE,CAAC;AACX,CAAC;AAED,8BAA8B;AAC9B,MAAM,UAAU,WAAW,CAAC,IAAY;IACtC,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;AACrD,CAAC;AAED,gEAAgE;AAChE,MAAM,UAAU,UAAU;IACxB,MAAM,IAAI,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC;IAC5C,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAa,EAAE,EAAE;QAChC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAgB,CAAC;QAClD,OAAO;YACL,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,SAAS,EAAE,GAAG,CAAC,SAAS;SACzB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,0EAA0E;AAC1E,MAAM,UAAU,SAAS;IACvB,MAAM,IAAI,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC;IAC5C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAa,EAAE,EAAE;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAgB,CAAC;QAClD,OAAO,MAAM,CAAC,SAAS,CAAC,eAAe,EAAE;YACvC,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,MAAM,EAAE,GAAG,CAAC,MAAM,IAAI,EAAE;YACxB,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,EAAE;YAC5B,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC;SAC1B,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC,SAAS,CAAC,iBAAiB,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;AAChE,CAAC"}
|
package/dist/ws-bridge.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ws-bridge.d.ts","sourceRoot":"","sources":["../src/ws-bridge.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,MAAM,IAAI,CAAC;AAChD,OAAO,KAAK,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"ws-bridge.d.ts","sourceRoot":"","sources":["../src/ws-bridge.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,MAAM,IAAI,CAAC;AAChD,OAAO,KAAK,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,WAAW,CAAC;AAgBtD,OAAO,KAAK,SAAS,MAAM,iBAAiB,CAAC;AA0E7C,0CAA0C;AAC1C,MAAM,WAAW,eAAe;IAC9B,qCAAqC;IACrC,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC;IACzC,+BAA+B;IAC/B,cAAc,CAAC,EAAE,CAAC,YAAY,EAAE,MAAM,KAAK,OAAO,CAAC;IACnD,+EAA+E;IAC/E,OAAO,EAAE,MAAM,CAAC;IAChB,6EAA6E;IAC7E,YAAY,EAAE,OAAO,CAAC;CACvB;AAED;;;;;;;GAOG;AACH,wBAAgB,eAAe,CAC7B,MAAM,EAAE,MAAM,GAAG,SAAS,EAC1B,OAAO,EAAE,MAAM,EACf,YAAY,EAAE,OAAO,GACpB,OAAO,CAyBT;AAED,wGAAwG;AACxG,wBAAgB,cAAc,CAC5B,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,eAAe,GACvB,eAAe,CAiDjB;AA6HD,8GAA8G;AAC9G,wBAAsB,gBAAgB,CACpC,EAAE,EAAE,SAAS,GAAG,SAAS,EACzB,IAAI,EAAE,SAAS,CAAC,OAAO,EACvB,OAAO,CAAC,EAAE;IAAE,SAAS,CAAC,EAAE,MAAM,CAAC;IAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,GACvE,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CA6I7B"}
|
package/dist/ws-bridge.js
CHANGED
|
@@ -6,7 +6,8 @@ import * as sessionStore from "./session-store.js";
|
|
|
6
6
|
import * as adapterManager from "./adapter-manager.js";
|
|
7
7
|
import { reconnectOrProvision, } from "@grackle-ai/adapter-sdk";
|
|
8
8
|
import * as streamHub from "./stream-hub.js";
|
|
9
|
-
import * as
|
|
9
|
+
import * as tokenStore from "./token-store.js";
|
|
10
|
+
import * as tokenPush from "./token-push.js";
|
|
10
11
|
import * as credentialProviders from "./credential-providers.js";
|
|
11
12
|
import * as workspaceStore from "./workspace-store.js";
|
|
12
13
|
import * as taskStore from "./task-store.js";
|
|
@@ -183,7 +184,7 @@ async function autoProvisionEnvironment(ws, environmentId, env, logContext) {
|
|
|
183
184
|
conn = await adapter.connect(environmentId, config, powerlineToken);
|
|
184
185
|
adapterManager.setConnection(environmentId, conn);
|
|
185
186
|
// Push stored tokens to newly connected environment
|
|
186
|
-
await
|
|
187
|
+
await tokenPush.pushToEnv(environmentId);
|
|
187
188
|
envRegistry.updateEnvironmentStatus(environmentId, "connected");
|
|
188
189
|
envRegistry.markBootstrapped(environmentId);
|
|
189
190
|
emit("environment.changed", {});
|
|
@@ -279,7 +280,7 @@ export async function startTaskSession(ws, task, options) {
|
|
|
279
280
|
});
|
|
280
281
|
// Re-push stored tokens + provider credentials (scoped to runtime) so they're fresh for this session.
|
|
281
282
|
// For local envs, skip file tokens — the PowerLine is on the same machine.
|
|
282
|
-
await
|
|
283
|
+
await tokenPush.refreshTokensForTask(environmentId, runtime, env.adapterType === "local" ? { excludeFileTokens: true } : undefined);
|
|
283
284
|
let mcpServersJson = "";
|
|
284
285
|
try {
|
|
285
286
|
const parsed = JSON.parse(resolvedPersonaRow.mcpServers || "[]");
|
|
@@ -1401,7 +1402,7 @@ async function handleMessage(ws, msg, subscriptions) {
|
|
|
1401
1402
|
const conn = await adapter.connect(environmentId, config, powerlineToken);
|
|
1402
1403
|
adapterManager.setConnection(environmentId, conn);
|
|
1403
1404
|
// Push stored tokens to newly connected environment
|
|
1404
|
-
await
|
|
1405
|
+
await tokenPush.pushToEnv(environmentId);
|
|
1405
1406
|
envRegistry.updateEnvironmentStatus(environmentId, "connected");
|
|
1406
1407
|
envRegistry.markBootstrapped(environmentId);
|
|
1407
1408
|
// Auto-recover suspended sessions (fire-and-forget)
|
|
@@ -1696,7 +1697,7 @@ async function handleMessage(ws, msg, subscriptions) {
|
|
|
1696
1697
|
}
|
|
1697
1698
|
// ─── Tokens ───────────────────────────────────────────
|
|
1698
1699
|
case "list_tokens": {
|
|
1699
|
-
const items =
|
|
1700
|
+
const items = tokenStore.listTokens();
|
|
1700
1701
|
sendWs(ws, {
|
|
1701
1702
|
type: "tokens",
|
|
1702
1703
|
payload: {
|
|
@@ -1721,7 +1722,7 @@ async function handleMessage(ws, msg, subscriptions) {
|
|
|
1721
1722
|
});
|
|
1722
1723
|
return;
|
|
1723
1724
|
}
|
|
1724
|
-
|
|
1725
|
+
tokenStore.setToken({
|
|
1725
1726
|
name,
|
|
1726
1727
|
type: msg.payload?.tokenType || "env_var",
|
|
1727
1728
|
envVar: msg.payload?.envVar || "",
|
|
@@ -1729,6 +1730,7 @@ async function handleMessage(ws, msg, subscriptions) {
|
|
|
1729
1730
|
value,
|
|
1730
1731
|
expiresAt: msg.payload?.expiresAt || "",
|
|
1731
1732
|
});
|
|
1733
|
+
await tokenPush.pushToAll();
|
|
1732
1734
|
emit("token.changed", {});
|
|
1733
1735
|
break;
|
|
1734
1736
|
}
|
|
@@ -1738,7 +1740,8 @@ async function handleMessage(ws, msg, subscriptions) {
|
|
|
1738
1740
|
sendWs(ws, { type: "error", payload: { message: "name required" } });
|
|
1739
1741
|
return;
|
|
1740
1742
|
}
|
|
1741
|
-
|
|
1743
|
+
tokenStore.deleteToken(tokenName);
|
|
1744
|
+
await tokenPush.pushToAll();
|
|
1742
1745
|
emit("token.changed", {});
|
|
1743
1746
|
break;
|
|
1744
1747
|
}
|