@id-wispera/core 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +268 -0
- package/dist/audit.d.ts +68 -0
- package/dist/audit.d.ts.map +1 -0
- package/dist/audit.js +252 -0
- package/dist/audit.js.map +1 -0
- package/dist/auth/index.d.ts +8 -0
- package/dist/auth/index.d.ts.map +1 -0
- package/dist/auth/index.js +8 -0
- package/dist/auth/index.js.map +1 -0
- package/dist/auth/keychainProvider.d.ts +40 -0
- package/dist/auth/keychainProvider.d.ts.map +1 -0
- package/dist/auth/keychainProvider.js +98 -0
- package/dist/auth/keychainProvider.js.map +1 -0
- package/dist/auth/passphraseProvider.d.ts +80 -0
- package/dist/auth/passphraseProvider.d.ts.map +1 -0
- package/dist/auth/passphraseProvider.js +188 -0
- package/dist/auth/passphraseProvider.js.map +1 -0
- package/dist/auth/sessionTokenManager.d.ts +106 -0
- package/dist/auth/sessionTokenManager.d.ts.map +1 -0
- package/dist/auth/sessionTokenManager.js +263 -0
- package/dist/auth/sessionTokenManager.js.map +1 -0
- package/dist/delegation.d.ts +81 -0
- package/dist/delegation.d.ts.map +1 -0
- package/dist/delegation.js +299 -0
- package/dist/delegation.js.map +1 -0
- package/dist/detection.d.ts +35 -0
- package/dist/detection.d.ts.map +1 -0
- package/dist/detection.js +474 -0
- package/dist/detection.js.map +1 -0
- package/dist/exec/execManager.d.ts +60 -0
- package/dist/exec/execManager.d.ts.map +1 -0
- package/dist/exec/execManager.js +226 -0
- package/dist/exec/execManager.js.map +1 -0
- package/dist/exec/index.d.ts +6 -0
- package/dist/exec/index.d.ts.map +1 -0
- package/dist/exec/index.js +5 -0
- package/dist/exec/index.js.map +1 -0
- package/dist/index.d.ts +35 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +98 -0
- package/dist/index.js.map +1 -0
- package/dist/integrations/base.d.ts +64 -0
- package/dist/integrations/base.d.ts.map +1 -0
- package/dist/integrations/base.js +173 -0
- package/dist/integrations/base.js.map +1 -0
- package/dist/integrations/envMapping.d.ts +47 -0
- package/dist/integrations/envMapping.d.ts.map +1 -0
- package/dist/integrations/envMapping.js +174 -0
- package/dist/integrations/envMapping.js.map +1 -0
- package/dist/integrations/google-a2a.d.ts +48 -0
- package/dist/integrations/google-a2a.d.ts.map +1 -0
- package/dist/integrations/google-a2a.js +108 -0
- package/dist/integrations/google-a2a.js.map +1 -0
- package/dist/integrations/index.d.ts +14 -0
- package/dist/integrations/index.d.ts.map +1 -0
- package/dist/integrations/index.js +14 -0
- package/dist/integrations/index.js.map +1 -0
- package/dist/integrations/langchain.d.ts +38 -0
- package/dist/integrations/langchain.d.ts.map +1 -0
- package/dist/integrations/langchain.js +45 -0
- package/dist/integrations/langchain.js.map +1 -0
- package/dist/integrations/openai-agents.d.ts +76 -0
- package/dist/integrations/openai-agents.d.ts.map +1 -0
- package/dist/integrations/openai-agents.js +95 -0
- package/dist/integrations/openai-agents.js.map +1 -0
- package/dist/integrations/slack.d.ts +59 -0
- package/dist/integrations/slack.d.ts.map +1 -0
- package/dist/integrations/slack.js +113 -0
- package/dist/integrations/slack.js.map +1 -0
- package/dist/integrations/types.d.ts +107 -0
- package/dist/integrations/types.d.ts.map +1 -0
- package/dist/integrations/types.js +6 -0
- package/dist/integrations/types.js.map +1 -0
- package/dist/locations.d.ts +157 -0
- package/dist/locations.d.ts.map +1 -0
- package/dist/locations.js +733 -0
- package/dist/locations.js.map +1 -0
- package/dist/passport.d.ts +70 -0
- package/dist/passport.d.ts.map +1 -0
- package/dist/passport.js +429 -0
- package/dist/passport.js.map +1 -0
- package/dist/policy.d.ts +80 -0
- package/dist/policy.d.ts.map +1 -0
- package/dist/policy.js +392 -0
- package/dist/policy.js.map +1 -0
- package/dist/providers/openclaw.d.ts +80 -0
- package/dist/providers/openclaw.d.ts.map +1 -0
- package/dist/providers/openclaw.js +712 -0
- package/dist/providers/openclaw.js.map +1 -0
- package/dist/provisioning/adminPassport.d.ts +51 -0
- package/dist/provisioning/adminPassport.d.ts.map +1 -0
- package/dist/provisioning/adminPassport.js +101 -0
- package/dist/provisioning/adminPassport.js.map +1 -0
- package/dist/provisioning/index.d.ts +81 -0
- package/dist/provisioning/index.d.ts.map +1 -0
- package/dist/provisioning/index.js +141 -0
- package/dist/provisioning/index.js.map +1 -0
- package/dist/provisioning/provider.d.ts +59 -0
- package/dist/provisioning/provider.d.ts.map +1 -0
- package/dist/provisioning/provider.js +52 -0
- package/dist/provisioning/provider.js.map +1 -0
- package/dist/provisioning/providers/anthropic.d.ts +32 -0
- package/dist/provisioning/providers/anthropic.d.ts.map +1 -0
- package/dist/provisioning/providers/anthropic.js +116 -0
- package/dist/provisioning/providers/anthropic.js.map +1 -0
- package/dist/provisioning/providers/aws.d.ts +29 -0
- package/dist/provisioning/providers/aws.d.ts.map +1 -0
- package/dist/provisioning/providers/aws.js +455 -0
- package/dist/provisioning/providers/aws.js.map +1 -0
- package/dist/provisioning/providers/azure-entra.d.ts +32 -0
- package/dist/provisioning/providers/azure-entra.d.ts.map +1 -0
- package/dist/provisioning/providers/azure-entra.js +312 -0
- package/dist/provisioning/providers/azure-entra.js.map +1 -0
- package/dist/provisioning/providers/github.d.ts +24 -0
- package/dist/provisioning/providers/github.d.ts.map +1 -0
- package/dist/provisioning/providers/github.js +219 -0
- package/dist/provisioning/providers/github.js.map +1 -0
- package/dist/provisioning/providers/google-cloud.d.ts +34 -0
- package/dist/provisioning/providers/google-cloud.d.ts.map +1 -0
- package/dist/provisioning/providers/google-cloud.js +366 -0
- package/dist/provisioning/providers/google-cloud.js.map +1 -0
- package/dist/provisioning/providers/openai.d.ts +29 -0
- package/dist/provisioning/providers/openai.d.ts.map +1 -0
- package/dist/provisioning/providers/openai.js +263 -0
- package/dist/provisioning/providers/openai.js.map +1 -0
- package/dist/provisioning/providers/sendgrid.d.ts +27 -0
- package/dist/provisioning/providers/sendgrid.d.ts.map +1 -0
- package/dist/provisioning/providers/sendgrid.js +186 -0
- package/dist/provisioning/providers/sendgrid.js.map +1 -0
- package/dist/provisioning/providers/twilio.d.ts +27 -0
- package/dist/provisioning/providers/twilio.d.ts.map +1 -0
- package/dist/provisioning/providers/twilio.js +194 -0
- package/dist/provisioning/providers/twilio.js.map +1 -0
- package/dist/provisioning/types.d.ts +274 -0
- package/dist/provisioning/types.d.ts.map +1 -0
- package/dist/provisioning/types.js +6 -0
- package/dist/provisioning/types.js.map +1 -0
- package/dist/sharing.d.ts +60 -0
- package/dist/sharing.d.ts.map +1 -0
- package/dist/sharing.js +305 -0
- package/dist/sharing.js.map +1 -0
- package/dist/types.d.ts +396 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +88 -0
- package/dist/types.js.map +1 -0
- package/dist/utils.d.ts +45 -0
- package/dist/utils.d.ts.map +1 -0
- package/dist/utils.js +110 -0
- package/dist/utils.js.map +1 -0
- package/dist/vault.d.ts +151 -0
- package/dist/vault.d.ts.map +1 -0
- package/dist/vault.js +499 -0
- package/dist/vault.js.map +1 -0
- package/package.json +117 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"delegation.js","sourceRoot":"","sources":["../src/delegation.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAGL,YAAY,GACb,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEvC,+EAA+E;AAC/E,8BAA8B;AAC9B,+EAA+E;AAE/E;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,KAAY,EACZ,UAAkB,EAClB,UAA4C,EAC5C,KAAa;IAEb,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAC1D,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,YAAY,CAAC,uBAAuB,UAAU,EAAE,EAAE,oBAAoB,CAAC,CAAC;IACpF,CAAC;IAED,MAAM,GAAG,GAAkB;QACzB,GAAG,UAAU;QACb,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IAEF,MAAM,YAAY,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,eAAe,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IAEhE,MAAM,OAAO,GAAa;QACxB,GAAG,QAAQ;QACX,eAAe,EAAE,YAAY;QAC7B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IAEF,MAAM,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IAEnC,MAAM,SAAS,CAAC,KAAK,EAAE;QACrB,UAAU;QACV,MAAM,EAAE,UAAU;QAClB,KAAK;QACL,OAAO,EAAE,8BAA8B,UAAU,CAAC,IAAI,SAAS,UAAU,CAAC,EAAE,GAAG;QAC/E,QAAQ,EAAE;YACR,cAAc,EAAE,UAAU,CAAC,IAAI;YAC/B,YAAY,EAAE,UAAU,CAAC,EAAE;YAC3B,eAAe,EAAE,UAAU,CAAC,KAAK;SAClC;KACF,CAAC,CAAC;IAEH,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAAY,EACZ,UAAkB,EAClB,KAAa;IAEb,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAC1D,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,YAAY,CAAC,uBAAuB,UAAU,EAAE,EAAE,oBAAoB,CAAC,CAAC;IACpF,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,eAAe,IAAI,QAAQ,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvE,MAAM,IAAI,YAAY,CAAC,yBAAyB,EAAE,eAAe,CAAC,CAAC;IACrE,CAAC;IAED,MAAM,UAAU,GAAG,QAAQ,CAAC,eAAe,CAAC,QAAQ,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACjF,MAAM,YAAY,GAAG,QAAQ,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAE3D,MAAM,OAAO,GAAa;QACxB,GAAG,QAAQ;QACX,eAAe,EAAE,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS;QACnE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IAEF,MAAM,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IAEnC,MAAM,SAAS,CAAC,KAAK,EAAE;QACrB,UAAU;QACV,MAAM,EAAE,UAAU;QAClB,KAAK;QACL,OAAO,EAAE,4BAA4B,UAAU,EAAE,IAAI,SAAS,UAAU,EAAE,EAAE,GAAG;QAC/E,QAAQ,EAAE;YACR,iBAAiB,EAAE,UAAU;SAC9B;KACF,CAAC,CAAC;IAEH,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAAY,EACZ,UAAkB,EAClB,KAAa;IAEb,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAC1D,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,YAAY,CAAC,uBAAuB,UAAU,EAAE,EAAE,oBAAoB,CAAC,CAAC;IACpF,CAAC;IAED,MAAM,aAAa,GAAG,QAAQ,CAAC,eAAe,CAAC;IAE/C,MAAM,OAAO,GAAa;QACxB,GAAG,QAAQ;QACX,eAAe,EAAE,SAAS;QAC1B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IAEF,MAAM,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IAEnC,MAAM,SAAS,CAAC,KAAK,EAAE;QACrB,UAAU;QACV,MAAM,EAAE,UAAU;QAClB,KAAK;QACL,OAAO,EAAE,4BAA4B,aAAa,EAAE,MAAM,IAAI,CAAC,gBAAgB;QAC/E,QAAQ,EAAE;YACR,kBAAkB,EAAE,aAAa;SAClC;KACF,CAAC,CAAC;IAEH,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,+EAA+E;AAC/E,4BAA4B;AAC5B,+EAA+E;AAE/E;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,QAAkB;IACnD,OAAO,QAAQ,CAAC,eAAe,EAAE,MAAM,IAAI,CAAC,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAkB;IACjD,IAAI,CAAC,QAAQ,CAAC,eAAe,IAAI,QAAQ,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvE,OAAO,QAAQ,CAAC,UAAU,CAAC;IAC7B,CAAC;IACD,OAAO,QAAQ,CAAC,eAAe,CAAC,QAAQ,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,EAAE,IAAI,QAAQ,CAAC,UAAU,CAAC;AAClG,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,QAAkB;IAClD,OAAO,QAAQ,CAAC,UAAU,CAAC;AAC7B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CAAC,QAAkB;IACxD,MAAM,IAAI,GAAG,IAAI,GAAG,CAAS,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC;IAEpD,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;QAC7B,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;YAC3C,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YACnB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACnB,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,QAAkB,EAAE,MAAc;IACpE,IAAI,QAAQ,CAAC,UAAU,KAAK,MAAM;QAAE,OAAO,IAAI,CAAC;IAEhD,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;QAC7B,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;YAC3C,IAAI,GAAG,CAAC,IAAI,KAAK,MAAM,IAAI,GAAG,CAAC,EAAE,KAAK,MAAM;gBAAE,OAAO,IAAI,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,QAAkB;IAClD,MAAM,KAAK,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAEpC,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;QAC7B,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;YAC3C,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrB,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,QAAkB;IACrD,IAAI,CAAC,QAAQ,CAAC,eAAe;QAAE,OAAO,KAAK,CAAC;IAE5C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,OAAO,QAAQ,CAAC,eAAe,CAAC,IAAI,CAClC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,SAAS,IAAI,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,GAAG,CACxD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,QAAkB;IACtD,IAAI,CAAC,QAAQ,CAAC,eAAe;QAAE,OAAO,EAAE,CAAC;IAEzC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,OAAO,QAAQ,CAAC,eAAe,CAAC,MAAM,CACpC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,SAAS,IAAI,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,GAAG,CACxD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CACpC,QAAkB,EAClB,aAAqB,CAAC;IAEtB,IAAI,CAAC,QAAQ,CAAC,eAAe;QAAE,OAAO,EAAE,CAAC;IAEzC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,UAAU,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAE7E,OAAO,QAAQ,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE;QAC7C,IAAI,CAAC,GAAG,CAAC,SAAS;YAAE,OAAO,KAAK,CAAC;QACjC,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC1C,OAAO,SAAS,GAAG,GAAG,IAAI,SAAS,IAAI,SAAS,CAAC;IACnD,CAAC,CAAC,CAAC;AACL,CAAC;AAED,+EAA+E;AAC/E,4BAA4B;AAC5B,+EAA+E;AAE/E;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,QAAkB;IAClD,uCAAuC;IACvC,IAAI,cAAc,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAE7C,wDAAwD;IACxD,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;QAC7B,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;YAC3C,IAAI,GAAG,CAAC,KAAK,IAAI,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACtC,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBAC1C,KAAK,MAAM,CAAC,IAAI,cAAc,EAAE,CAAC;oBAC/B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC;wBAAE,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;gBACvD,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAkB,EAAE,KAAa;IAChE,MAAM,cAAc,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IACnD,OAAO,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,QAAkB;IAKrD,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC;IACrC,IAAI,YAAY,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,CAAC;IAC1C,MAAM,YAAY,GAA2D,EAAE,CAAC;IAEhF,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;QAC7B,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;YAC3C,IAAI,GAAG,CAAC,KAAK,IAAI,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACtC,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBAC1C,MAAM,aAAa,GAAG,CAAC,GAAG,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBAE9E,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC7B,YAAY,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,aAAa,EAAE,CAAC,CAAC;gBAC5C,CAAC;gBAED,YAAY,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACjF,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,aAAa;QACb,cAAc,EAAE,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC;QACxC,YAAY;KACb,CAAC;AACJ,CAAC;AAED,+EAA+E;AAC/E,wBAAwB;AACxB,+EAA+E;AAE/E;;GAEG;AACH,MAAM,UAAU,uBAAuB,CAAC,QAAkB;IAIxD,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,IAAI,CAAC,QAAQ,CAAC,eAAe,IAAI,QAAQ,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;IACrC,CAAC;IAED,iCAAiC;IACjC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAS,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC;IACpD,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;QAC3C,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;YACrB,MAAM,CAAC,IAAI,CAAC,kCAAkC,GAAG,CAAC,EAAE,0BAA0B,CAAC,CAAC;QAClF,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACnB,CAAC;IAED,yDAAyD;IACzD,IAAI,YAAY,GAAG,QAAQ,CAAC,UAAU,CAAC;IACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzD,MAAM,GAAG,GAAG,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACxC,IAAI,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YACrC,MAAM,CAAC,IAAI,CACT,uBAAuB,CAAC,GAAG,CAAC,oBAAoB,YAAY,WAAW,GAAG,CAAC,IAAI,GAAG,CACnF,CAAC;QACJ,CAAC;QACD,YAAY,GAAG,GAAG,EAAE,EAAE,IAAI,YAAY,CAAC;IACzC,CAAC;IAED,gCAAgC;IAChC,MAAM,OAAO,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,6BAA6B,CAAC,CAAC;IAC9D,CAAC;IAED,2CAA2C;IAC3C,IAAI,aAAa,GAAgB,IAAI,CAAC;IACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzD,MAAM,GAAG,GAAG,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACxC,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACxC,IAAI,aAAa,IAAI,OAAO,GAAG,aAAa,EAAE,CAAC;gBAC7C,MAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACnE,CAAC;YACD,aAAa,GAAG,OAAO,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;QAC1B,MAAM;KACP,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* ID Wispera Credential Detection
|
|
3
|
+
* Regex + heuristic patterns for detecting exposed credentials
|
|
4
|
+
*/
|
|
5
|
+
import { CredentialType, DetectionResult } from './types.js';
|
|
6
|
+
/**
|
|
7
|
+
* Detect credentials in text
|
|
8
|
+
* Returns array of detected credentials with type, position, and confidence
|
|
9
|
+
*/
|
|
10
|
+
export declare function detectCredentials(text: string): DetectionResult[];
|
|
11
|
+
/**
|
|
12
|
+
* Classify a known credential value
|
|
13
|
+
* Returns the most likely credential type
|
|
14
|
+
*/
|
|
15
|
+
export declare function classifyCredential(value: string): CredentialType;
|
|
16
|
+
/**
|
|
17
|
+
* Check if text likely contains credentials
|
|
18
|
+
* Quick check without full detection (faster)
|
|
19
|
+
*/
|
|
20
|
+
export declare function mightContainCredentials(text: string): boolean;
|
|
21
|
+
/**
|
|
22
|
+
* Mask detected credentials in text
|
|
23
|
+
* Returns text with credentials replaced by masked versions
|
|
24
|
+
*/
|
|
25
|
+
export declare function maskCredentialsInText(text: string): string;
|
|
26
|
+
/**
|
|
27
|
+
* Get statistics about detections
|
|
28
|
+
*/
|
|
29
|
+
export declare function getDetectionStats(results: DetectionResult[]): {
|
|
30
|
+
total: number;
|
|
31
|
+
byType: Record<CredentialType, number>;
|
|
32
|
+
highConfidence: number;
|
|
33
|
+
averageConfidence: number;
|
|
34
|
+
};
|
|
35
|
+
//# sourceMappingURL=detection.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"detection.d.ts","sourceRoot":"","sources":["../src/detection.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AA2W7D;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,EAAE,CAoEjE;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,cAAc,CA4BhE;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAgB7D;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAc1D;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG;IAC7D,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;IACvC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,EAAE,MAAM,CAAC;CAC3B,CAgBA"}
|
|
@@ -0,0 +1,474 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* ID Wispera Credential Detection
|
|
3
|
+
* Regex + heuristic patterns for detecting exposed credentials
|
|
4
|
+
*/
|
|
5
|
+
import { maskValue } from './utils.js';
|
|
6
|
+
/**
|
|
7
|
+
* Known credential patterns
|
|
8
|
+
* Each pattern includes a confidence score (0-1) indicating how certain we are
|
|
9
|
+
*/
|
|
10
|
+
const DETECTION_PATTERNS = [
|
|
11
|
+
// OpenAI API Keys
|
|
12
|
+
{
|
|
13
|
+
type: 'api-key',
|
|
14
|
+
name: 'OpenAI API Key',
|
|
15
|
+
pattern: /sk-[a-zA-Z0-9]{20,}T3BlbkFJ[a-zA-Z0-9]{20,}/g,
|
|
16
|
+
confidence: 0.99,
|
|
17
|
+
},
|
|
18
|
+
{
|
|
19
|
+
type: 'api-key',
|
|
20
|
+
name: 'OpenAI Project Key',
|
|
21
|
+
pattern: /sk-proj-[a-zA-Z0-9_-]{20,}/g,
|
|
22
|
+
confidence: 0.99,
|
|
23
|
+
},
|
|
24
|
+
{
|
|
25
|
+
type: 'api-key',
|
|
26
|
+
name: 'OpenAI Service Account Key',
|
|
27
|
+
pattern: /sk-svcacct-[a-zA-Z0-9_-]{20,}/g,
|
|
28
|
+
confidence: 0.99,
|
|
29
|
+
},
|
|
30
|
+
{
|
|
31
|
+
type: 'api-key',
|
|
32
|
+
name: 'OpenAI Key (legacy)',
|
|
33
|
+
pattern: /sk-[a-zA-Z0-9]{32,}/g,
|
|
34
|
+
confidence: 0.85,
|
|
35
|
+
},
|
|
36
|
+
// Anthropic API Keys
|
|
37
|
+
{
|
|
38
|
+
type: 'api-key',
|
|
39
|
+
name: 'Anthropic API Key',
|
|
40
|
+
pattern: /sk-ant-[a-zA-Z0-9_-]{90,}/g,
|
|
41
|
+
confidence: 0.99,
|
|
42
|
+
},
|
|
43
|
+
// AWS Credentials
|
|
44
|
+
{
|
|
45
|
+
type: 'api-key',
|
|
46
|
+
name: 'AWS Access Key ID',
|
|
47
|
+
pattern: /AKIA[0-9A-Z]{16}/g,
|
|
48
|
+
confidence: 0.99,
|
|
49
|
+
},
|
|
50
|
+
{
|
|
51
|
+
type: 'secret',
|
|
52
|
+
name: 'AWS Secret Access Key',
|
|
53
|
+
pattern: /(?<![A-Za-z0-9/+=])[A-Za-z0-9/+=]{40}(?![A-Za-z0-9/+=])/g,
|
|
54
|
+
confidence: 0.5, // Low confidence without context
|
|
55
|
+
validate: (match) => /^[A-Za-z0-9/+=]{40}$/.test(match) && !/^[A-Za-z]+$/.test(match),
|
|
56
|
+
},
|
|
57
|
+
// GitHub Tokens
|
|
58
|
+
{
|
|
59
|
+
type: 'api-key',
|
|
60
|
+
name: 'GitHub Personal Access Token',
|
|
61
|
+
pattern: /ghp_[a-zA-Z0-9]{36}/g,
|
|
62
|
+
confidence: 0.99,
|
|
63
|
+
},
|
|
64
|
+
{
|
|
65
|
+
type: 'api-key',
|
|
66
|
+
name: 'GitHub OAuth Token',
|
|
67
|
+
pattern: /gho_[a-zA-Z0-9]{36}/g,
|
|
68
|
+
confidence: 0.99,
|
|
69
|
+
},
|
|
70
|
+
{
|
|
71
|
+
type: 'api-key',
|
|
72
|
+
name: 'GitHub App Token',
|
|
73
|
+
pattern: /ghu_[a-zA-Z0-9]{36}/g,
|
|
74
|
+
confidence: 0.99,
|
|
75
|
+
},
|
|
76
|
+
{
|
|
77
|
+
type: 'api-key',
|
|
78
|
+
name: 'GitHub Server Token',
|
|
79
|
+
pattern: /ghs_[a-zA-Z0-9]{36}/g,
|
|
80
|
+
confidence: 0.99,
|
|
81
|
+
},
|
|
82
|
+
{
|
|
83
|
+
type: 'api-key',
|
|
84
|
+
name: 'GitHub Refresh Token',
|
|
85
|
+
pattern: /ghr_[a-zA-Z0-9]{36}/g,
|
|
86
|
+
confidence: 0.99,
|
|
87
|
+
},
|
|
88
|
+
// Google Cloud
|
|
89
|
+
{
|
|
90
|
+
type: 'api-key',
|
|
91
|
+
name: 'Google API Key',
|
|
92
|
+
pattern: /AIza[0-9A-Za-z_-]{35}/g,
|
|
93
|
+
confidence: 0.95,
|
|
94
|
+
},
|
|
95
|
+
{
|
|
96
|
+
type: 'oauth-token',
|
|
97
|
+
name: 'Google OAuth Token',
|
|
98
|
+
pattern: /ya29\.[0-9A-Za-z_-]+/g,
|
|
99
|
+
confidence: 0.9,
|
|
100
|
+
},
|
|
101
|
+
// Azure
|
|
102
|
+
{
|
|
103
|
+
type: 'api-key',
|
|
104
|
+
name: 'Azure Storage Key',
|
|
105
|
+
pattern: /[a-zA-Z0-9+/]{86}==/g,
|
|
106
|
+
confidence: 0.6,
|
|
107
|
+
validate: (match) => match.length === 88,
|
|
108
|
+
},
|
|
109
|
+
// Stripe
|
|
110
|
+
{
|
|
111
|
+
type: 'api-key',
|
|
112
|
+
name: 'Stripe Secret Key',
|
|
113
|
+
pattern: /sk_live_[a-zA-Z0-9]{24,}/g,
|
|
114
|
+
confidence: 0.99,
|
|
115
|
+
},
|
|
116
|
+
{
|
|
117
|
+
type: 'api-key',
|
|
118
|
+
name: 'Stripe Test Key',
|
|
119
|
+
pattern: /sk_test_[a-zA-Z0-9]{24,}/g,
|
|
120
|
+
confidence: 0.99,
|
|
121
|
+
},
|
|
122
|
+
{
|
|
123
|
+
type: 'api-key',
|
|
124
|
+
name: 'Stripe Restricted Key',
|
|
125
|
+
pattern: /rk_live_[a-zA-Z0-9]{24,}/g,
|
|
126
|
+
confidence: 0.99,
|
|
127
|
+
},
|
|
128
|
+
// Twilio
|
|
129
|
+
{
|
|
130
|
+
type: 'api-key',
|
|
131
|
+
name: 'Twilio API Key',
|
|
132
|
+
pattern: /SK[a-f0-9]{32}/g,
|
|
133
|
+
confidence: 0.9,
|
|
134
|
+
},
|
|
135
|
+
// Slack
|
|
136
|
+
{
|
|
137
|
+
type: 'api-key',
|
|
138
|
+
name: 'Slack Bot Token',
|
|
139
|
+
pattern: /xoxb-[0-9]{10,}-[0-9]{10,}-[a-zA-Z0-9]{24}/g,
|
|
140
|
+
confidence: 0.99,
|
|
141
|
+
},
|
|
142
|
+
{
|
|
143
|
+
type: 'api-key',
|
|
144
|
+
name: 'Slack User Token',
|
|
145
|
+
pattern: /xoxp-[0-9]{10,}-[0-9]{10,}-[a-zA-Z0-9]{24}/g,
|
|
146
|
+
confidence: 0.99,
|
|
147
|
+
},
|
|
148
|
+
{
|
|
149
|
+
type: 'api-key',
|
|
150
|
+
name: 'Slack Webhook',
|
|
151
|
+
pattern: /https:\/\/hooks\.slack\.com\/services\/T[a-zA-Z0-9_]+\/B[a-zA-Z0-9_]+\/[a-zA-Z0-9_]+/g,
|
|
152
|
+
confidence: 0.99,
|
|
153
|
+
},
|
|
154
|
+
// Discord
|
|
155
|
+
{
|
|
156
|
+
type: 'api-key',
|
|
157
|
+
name: 'Discord Bot Token',
|
|
158
|
+
pattern: /[MN][A-Za-z\d]{23,}\.[\w-]{6}\.[\w-]{27}/g,
|
|
159
|
+
confidence: 0.9,
|
|
160
|
+
},
|
|
161
|
+
{
|
|
162
|
+
type: 'api-key',
|
|
163
|
+
name: 'Discord Webhook',
|
|
164
|
+
pattern: /https:\/\/discord(?:app)?\.com\/api\/webhooks\/[0-9]+\/[a-zA-Z0-9_-]+/g,
|
|
165
|
+
confidence: 0.99,
|
|
166
|
+
},
|
|
167
|
+
// SendGrid
|
|
168
|
+
{
|
|
169
|
+
type: 'api-key',
|
|
170
|
+
name: 'SendGrid API Key',
|
|
171
|
+
pattern: /SG\.[a-zA-Z0-9_-]{22}\.[a-zA-Z0-9_-]{43}/g,
|
|
172
|
+
confidence: 0.99,
|
|
173
|
+
},
|
|
174
|
+
// Mailgun
|
|
175
|
+
{
|
|
176
|
+
type: 'api-key',
|
|
177
|
+
name: 'Mailgun API Key',
|
|
178
|
+
pattern: /key-[a-zA-Z0-9]{32}/g,
|
|
179
|
+
confidence: 0.95,
|
|
180
|
+
},
|
|
181
|
+
// npm
|
|
182
|
+
{
|
|
183
|
+
type: 'api-key',
|
|
184
|
+
name: 'npm Access Token',
|
|
185
|
+
pattern: /npm_[a-zA-Z0-9]{36}/g,
|
|
186
|
+
confidence: 0.99,
|
|
187
|
+
},
|
|
188
|
+
// PyPI
|
|
189
|
+
{
|
|
190
|
+
type: 'api-key',
|
|
191
|
+
name: 'PyPI API Token',
|
|
192
|
+
pattern: /pypi-[a-zA-Z0-9_-]{100,}/g,
|
|
193
|
+
confidence: 0.99,
|
|
194
|
+
},
|
|
195
|
+
// JWTs
|
|
196
|
+
{
|
|
197
|
+
type: 'jwt',
|
|
198
|
+
name: 'JWT Token',
|
|
199
|
+
pattern: /eyJ[a-zA-Z0-9_-]*\.eyJ[a-zA-Z0-9_-]*\.[a-zA-Z0-9_-]*/g,
|
|
200
|
+
confidence: 0.95,
|
|
201
|
+
},
|
|
202
|
+
// Private Keys
|
|
203
|
+
{
|
|
204
|
+
type: 'private-key',
|
|
205
|
+
name: 'RSA Private Key',
|
|
206
|
+
pattern: /-----BEGIN RSA PRIVATE KEY-----[\s\S]*?-----END RSA PRIVATE KEY-----/g,
|
|
207
|
+
confidence: 0.99,
|
|
208
|
+
},
|
|
209
|
+
{
|
|
210
|
+
type: 'private-key',
|
|
211
|
+
name: 'Private Key',
|
|
212
|
+
pattern: /-----BEGIN PRIVATE KEY-----[\s\S]*?-----END PRIVATE KEY-----/g,
|
|
213
|
+
confidence: 0.99,
|
|
214
|
+
},
|
|
215
|
+
{
|
|
216
|
+
type: 'private-key',
|
|
217
|
+
name: 'EC Private Key',
|
|
218
|
+
pattern: /-----BEGIN EC PRIVATE KEY-----[\s\S]*?-----END EC PRIVATE KEY-----/g,
|
|
219
|
+
confidence: 0.99,
|
|
220
|
+
},
|
|
221
|
+
{
|
|
222
|
+
type: 'private-key',
|
|
223
|
+
name: 'OpenSSH Private Key',
|
|
224
|
+
pattern: /-----BEGIN OPENSSH PRIVATE KEY-----[\s\S]*?-----END OPENSSH PRIVATE KEY-----/g,
|
|
225
|
+
confidence: 0.99,
|
|
226
|
+
},
|
|
227
|
+
// Connection Strings
|
|
228
|
+
{
|
|
229
|
+
type: 'connection-string',
|
|
230
|
+
name: 'MongoDB Connection String',
|
|
231
|
+
pattern: /mongodb(\+srv)?:\/\/[a-zA-Z0-9_-]+:[a-zA-Z0-9_-]+@[a-zA-Z0-9._-]+/g,
|
|
232
|
+
confidence: 0.95,
|
|
233
|
+
},
|
|
234
|
+
{
|
|
235
|
+
type: 'connection-string',
|
|
236
|
+
name: 'PostgreSQL Connection String',
|
|
237
|
+
pattern: /postgres(ql)?:\/\/[a-zA-Z0-9_-]+:[a-zA-Z0-9_-]+@[a-zA-Z0-9._-]+/g,
|
|
238
|
+
confidence: 0.95,
|
|
239
|
+
},
|
|
240
|
+
{
|
|
241
|
+
type: 'connection-string',
|
|
242
|
+
name: 'MySQL Connection String',
|
|
243
|
+
pattern: /mysql:\/\/[a-zA-Z0-9_-]+:[a-zA-Z0-9_-]+@[a-zA-Z0-9._-]+/g,
|
|
244
|
+
confidence: 0.95,
|
|
245
|
+
},
|
|
246
|
+
{
|
|
247
|
+
type: 'connection-string',
|
|
248
|
+
name: 'Redis Connection String',
|
|
249
|
+
pattern: /redis:\/\/[a-zA-Z0-9_-]+:[a-zA-Z0-9_-]+@[a-zA-Z0-9._-]+/g,
|
|
250
|
+
confidence: 0.95,
|
|
251
|
+
},
|
|
252
|
+
// Generic API Key patterns (lower confidence)
|
|
253
|
+
{
|
|
254
|
+
type: 'api-key',
|
|
255
|
+
name: 'Generic API Key',
|
|
256
|
+
pattern: /(?:api[_-]?key|apikey|api[_-]?secret)['":\s=]+['"]?([a-zA-Z0-9_-]{20,})['"]?/gi,
|
|
257
|
+
confidence: 0.7,
|
|
258
|
+
},
|
|
259
|
+
{
|
|
260
|
+
type: 'secret',
|
|
261
|
+
name: 'Generic Secret',
|
|
262
|
+
pattern: /(?:secret|password|passwd|pwd)['":\s=]+['"]?([a-zA-Z0-9_!@#$%^&*-]{8,})['"]?/gi,
|
|
263
|
+
confidence: 0.6,
|
|
264
|
+
},
|
|
265
|
+
{
|
|
266
|
+
type: 'api-key',
|
|
267
|
+
name: 'Bearer Token',
|
|
268
|
+
pattern: /Bearer\s+[a-zA-Z0-9_-]{20,}/g,
|
|
269
|
+
confidence: 0.85,
|
|
270
|
+
},
|
|
271
|
+
// =====================
|
|
272
|
+
// OpenClaw-specific patterns
|
|
273
|
+
// =====================
|
|
274
|
+
// Telegram Bot Token
|
|
275
|
+
{
|
|
276
|
+
type: 'bot-token',
|
|
277
|
+
name: 'Telegram Bot Token',
|
|
278
|
+
pattern: /\d{8,10}:[A-Za-z0-9_-]{35}/g,
|
|
279
|
+
confidence: 0.95,
|
|
280
|
+
},
|
|
281
|
+
// Slack Tokens
|
|
282
|
+
{
|
|
283
|
+
type: 'bot-token',
|
|
284
|
+
name: 'Slack App Token',
|
|
285
|
+
pattern: /xapp-\d+-[A-Z0-9]+-\d+-[a-zA-Z0-9]+/g,
|
|
286
|
+
confidence: 0.99,
|
|
287
|
+
},
|
|
288
|
+
// OpenRouter API Key
|
|
289
|
+
{
|
|
290
|
+
type: 'api-key',
|
|
291
|
+
name: 'OpenRouter API Key',
|
|
292
|
+
pattern: /sk-or-v1-[a-zA-Z0-9]{48,}/g,
|
|
293
|
+
confidence: 0.99,
|
|
294
|
+
},
|
|
295
|
+
// OpenClaw Gateway Token (40-char hex)
|
|
296
|
+
{
|
|
297
|
+
type: 'api-key',
|
|
298
|
+
name: 'OpenClaw Gateway Token',
|
|
299
|
+
pattern: /(?:gateway[_-]?token|OPENCLAW_GATEWAY_TOKEN)['":\s=]+['"]?([a-f0-9]{40})['"]?/gi,
|
|
300
|
+
confidence: 0.9,
|
|
301
|
+
},
|
|
302
|
+
// WhatsApp Session Identifiers (in OpenClaw format)
|
|
303
|
+
{
|
|
304
|
+
type: 'session-keys',
|
|
305
|
+
name: 'WhatsApp JID',
|
|
306
|
+
pattern: /\d{10,15}:\d+@s\.whatsapp\.net/g,
|
|
307
|
+
confidence: 0.95,
|
|
308
|
+
},
|
|
309
|
+
// OpenClaw advSecretKey (base64)
|
|
310
|
+
{
|
|
311
|
+
type: 'secret',
|
|
312
|
+
name: 'OpenClaw Adv Secret Key',
|
|
313
|
+
pattern: /"advSecretKey"\s*:\s*"([A-Za-z0-9+/=]{20,})"/g,
|
|
314
|
+
confidence: 0.9,
|
|
315
|
+
},
|
|
316
|
+
// OpenClaw noiseKey/signedIdentityKey private keys (base64 in Buffer format)
|
|
317
|
+
{
|
|
318
|
+
type: 'private-key',
|
|
319
|
+
name: 'OpenClaw Buffer Private Key',
|
|
320
|
+
pattern: /"private"\s*:\s*\{\s*"type"\s*:\s*"Buffer"\s*,\s*"data"\s*:\s*"([A-Za-z0-9+/=]{20,})"/g,
|
|
321
|
+
confidence: 0.85,
|
|
322
|
+
},
|
|
323
|
+
];
|
|
324
|
+
// ============================================================================
|
|
325
|
+
// Detection Functions
|
|
326
|
+
// ============================================================================
|
|
327
|
+
/**
|
|
328
|
+
* Detect credentials in text
|
|
329
|
+
* Returns array of detected credentials with type, position, and confidence
|
|
330
|
+
*/
|
|
331
|
+
export function detectCredentials(text) {
|
|
332
|
+
const results = [];
|
|
333
|
+
const seen = new Set(); // Avoid duplicates
|
|
334
|
+
for (const patternDef of DETECTION_PATTERNS) {
|
|
335
|
+
// Reset regex state
|
|
336
|
+
patternDef.pattern.lastIndex = 0;
|
|
337
|
+
let match;
|
|
338
|
+
while ((match = patternDef.pattern.exec(text)) !== null) {
|
|
339
|
+
const value = match[1] ?? match[0]; // Use capture group if present
|
|
340
|
+
const key = `${value}-${match.index}`;
|
|
341
|
+
// Skip if we've already found this exact match
|
|
342
|
+
if (seen.has(key))
|
|
343
|
+
continue;
|
|
344
|
+
seen.add(key);
|
|
345
|
+
// Run validation if present
|
|
346
|
+
if (patternDef.validate && !patternDef.validate(value)) {
|
|
347
|
+
continue;
|
|
348
|
+
}
|
|
349
|
+
// Calculate line and column
|
|
350
|
+
const beforeMatch = text.substring(0, match.index);
|
|
351
|
+
const lines = beforeMatch.split('\n');
|
|
352
|
+
const line = lines.length;
|
|
353
|
+
const column = (lines[lines.length - 1]?.length ?? 0) + 1;
|
|
354
|
+
// Get context (surrounding text)
|
|
355
|
+
const contextStart = Math.max(0, match.index - 20);
|
|
356
|
+
const contextEnd = Math.min(text.length, match.index + value.length + 20);
|
|
357
|
+
const context = text.substring(contextStart, contextEnd);
|
|
358
|
+
results.push({
|
|
359
|
+
type: patternDef.type,
|
|
360
|
+
value: value,
|
|
361
|
+
startIndex: match.index,
|
|
362
|
+
endIndex: match.index + match[0].length,
|
|
363
|
+
confidence: patternDef.confidence,
|
|
364
|
+
line,
|
|
365
|
+
column,
|
|
366
|
+
pattern: patternDef.name,
|
|
367
|
+
context: context.replace(/\n/g, '\\n'),
|
|
368
|
+
});
|
|
369
|
+
}
|
|
370
|
+
}
|
|
371
|
+
// Sort by position
|
|
372
|
+
results.sort((a, b) => a.startIndex - b.startIndex);
|
|
373
|
+
// Remove overlapping matches (keep higher confidence) - O(n) since results are sorted by startIndex
|
|
374
|
+
const filtered = [];
|
|
375
|
+
for (const result of results) {
|
|
376
|
+
if (filtered.length > 0) {
|
|
377
|
+
const last = filtered[filtered.length - 1];
|
|
378
|
+
// Check overlap with the last added result
|
|
379
|
+
if (last && result.startIndex < last.endIndex) {
|
|
380
|
+
// Overlapping: keep the one with higher confidence
|
|
381
|
+
if (result.confidence > last.confidence) {
|
|
382
|
+
filtered[filtered.length - 1] = result;
|
|
383
|
+
}
|
|
384
|
+
continue;
|
|
385
|
+
}
|
|
386
|
+
}
|
|
387
|
+
filtered.push(result);
|
|
388
|
+
}
|
|
389
|
+
return filtered;
|
|
390
|
+
}
|
|
391
|
+
/**
|
|
392
|
+
* Classify a known credential value
|
|
393
|
+
* Returns the most likely credential type
|
|
394
|
+
*/
|
|
395
|
+
export function classifyCredential(value) {
|
|
396
|
+
// Check each pattern
|
|
397
|
+
for (const patternDef of DETECTION_PATTERNS) {
|
|
398
|
+
patternDef.pattern.lastIndex = 0;
|
|
399
|
+
if (patternDef.pattern.test(value)) {
|
|
400
|
+
if (patternDef.validate && !patternDef.validate(value)) {
|
|
401
|
+
continue;
|
|
402
|
+
}
|
|
403
|
+
if (patternDef.confidence >= 0.8) {
|
|
404
|
+
return patternDef.type;
|
|
405
|
+
}
|
|
406
|
+
}
|
|
407
|
+
}
|
|
408
|
+
// Fallback heuristics
|
|
409
|
+
if (value.startsWith('-----BEGIN') && value.includes('PRIVATE KEY')) {
|
|
410
|
+
return 'private-key';
|
|
411
|
+
}
|
|
412
|
+
if (value.startsWith('eyJ') && value.split('.').length === 3) {
|
|
413
|
+
return 'jwt';
|
|
414
|
+
}
|
|
415
|
+
if (value.includes('://') && value.includes('@')) {
|
|
416
|
+
return 'connection-string';
|
|
417
|
+
}
|
|
418
|
+
return 'custom';
|
|
419
|
+
}
|
|
420
|
+
/**
|
|
421
|
+
* Check if text likely contains credentials
|
|
422
|
+
* Quick check without full detection (faster)
|
|
423
|
+
*/
|
|
424
|
+
export function mightContainCredentials(text) {
|
|
425
|
+
const quickPatterns = [
|
|
426
|
+
/sk-[a-zA-Z0-9]/,
|
|
427
|
+
/AKIA[0-9A-Z]/,
|
|
428
|
+
/ghp_[a-zA-Z0-9]/,
|
|
429
|
+
/gho_[a-zA-Z0-9]/,
|
|
430
|
+
/eyJ[a-zA-Z0-9]/,
|
|
431
|
+
/-----BEGIN.*PRIVATE KEY/,
|
|
432
|
+
/api[_-]?key/i,
|
|
433
|
+
/secret[_-]?key/i,
|
|
434
|
+
/password\s*[=:]/i,
|
|
435
|
+
/mongodb\+srv:\/\//,
|
|
436
|
+
/Bearer\s+[a-zA-Z0-9]/,
|
|
437
|
+
];
|
|
438
|
+
return quickPatterns.some((p) => p.test(text));
|
|
439
|
+
}
|
|
440
|
+
/**
|
|
441
|
+
* Mask detected credentials in text
|
|
442
|
+
* Returns text with credentials replaced by masked versions
|
|
443
|
+
*/
|
|
444
|
+
export function maskCredentialsInText(text) {
|
|
445
|
+
const detections = detectCredentials(text);
|
|
446
|
+
let masked = text;
|
|
447
|
+
let offset = 0;
|
|
448
|
+
for (const detection of detections) {
|
|
449
|
+
const start = detection.startIndex + offset;
|
|
450
|
+
const end = detection.endIndex + offset;
|
|
451
|
+
const maskedValue = maskValue(detection.value);
|
|
452
|
+
masked = masked.substring(0, start) + maskedValue + masked.substring(end);
|
|
453
|
+
offset += maskedValue.length - (detection.endIndex - detection.startIndex);
|
|
454
|
+
}
|
|
455
|
+
return masked;
|
|
456
|
+
}
|
|
457
|
+
/**
|
|
458
|
+
* Get statistics about detections
|
|
459
|
+
*/
|
|
460
|
+
export function getDetectionStats(results) {
|
|
461
|
+
const byType = {};
|
|
462
|
+
for (const result of results) {
|
|
463
|
+
byType[result.type] = (byType[result.type] ?? 0) + 1;
|
|
464
|
+
}
|
|
465
|
+
return {
|
|
466
|
+
total: results.length,
|
|
467
|
+
byType: byType,
|
|
468
|
+
highConfidence: results.filter((r) => r.confidence >= 0.9).length,
|
|
469
|
+
averageConfidence: results.length > 0
|
|
470
|
+
? results.reduce((sum, r) => sum + r.confidence, 0) / results.length
|
|
471
|
+
: 0,
|
|
472
|
+
};
|
|
473
|
+
}
|
|
474
|
+
//# sourceMappingURL=detection.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"detection.js","sourceRoot":"","sources":["../src/detection.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAcvC;;;GAGG;AACH,MAAM,kBAAkB,GAAuB;IAC7C,kBAAkB;IAClB;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,8CAA8C;QACvD,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,6BAA6B;QACtC,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,4BAA4B;QAClC,OAAO,EAAE,gCAAgC;QACzC,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,qBAAqB;QAC3B,OAAO,EAAE,sBAAsB;QAC/B,UAAU,EAAE,IAAI;KACjB;IAED,qBAAqB;IACrB;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,4BAA4B;QACrC,UAAU,EAAE,IAAI;KACjB;IAED,kBAAkB;IAClB;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,mBAAmB;QAC5B,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,0DAA0D;QACnE,UAAU,EAAE,GAAG,EAAE,iCAAiC;QAClD,QAAQ,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,sBAAsB,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC;KACtF;IAED,gBAAgB;IAChB;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,8BAA8B;QACpC,OAAO,EAAE,sBAAsB;QAC/B,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,sBAAsB;QAC/B,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,sBAAsB;QAC/B,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,qBAAqB;QAC3B,OAAO,EAAE,sBAAsB;QAC/B,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,sBAAsB;QAC/B,UAAU,EAAE,IAAI;KACjB;IAED,eAAe;IACf;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,wBAAwB;QACjC,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,aAAa;QACnB,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,uBAAuB;QAChC,UAAU,EAAE,GAAG;KAChB;IAED,QAAQ;IACR;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,sBAAsB;QAC/B,UAAU,EAAE,GAAG;QACf,QAAQ,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,KAAK,EAAE;KACzC;IAED,SAAS;IACT;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,2BAA2B;QACpC,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,2BAA2B;QACpC,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,2BAA2B;QACpC,UAAU,EAAE,IAAI;KACjB;IAED,SAAS;IACT;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,iBAAiB;QAC1B,UAAU,EAAE,GAAG;KAChB;IAED,QAAQ;IACR;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,6CAA6C;QACtD,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,6CAA6C;QACtD,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,uFAAuF;QAChG,UAAU,EAAE,IAAI;KACjB;IAED,UAAU;IACV;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,2CAA2C;QACpD,UAAU,EAAE,GAAG;KAChB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,wEAAwE;QACjF,UAAU,EAAE,IAAI;KACjB;IAED,WAAW;IACX;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,2CAA2C;QACpD,UAAU,EAAE,IAAI;KACjB;IAED,UAAU;IACV;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,sBAAsB;QAC/B,UAAU,EAAE,IAAI;KACjB;IAED,MAAM;IACN;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,sBAAsB;QAC/B,UAAU,EAAE,IAAI;KACjB;IAED,OAAO;IACP;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,2BAA2B;QACpC,UAAU,EAAE,IAAI;KACjB;IAED,OAAO;IACP;QACE,IAAI,EAAE,KAAK;QACX,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,uDAAuD;QAChE,UAAU,EAAE,IAAI;KACjB;IAED,eAAe;IACf;QACE,IAAI,EAAE,aAAa;QACnB,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,uEAAuE;QAChF,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,aAAa;QACnB,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,+DAA+D;QACxE,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,aAAa;QACnB,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,qEAAqE;QAC9E,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,aAAa;QACnB,IAAI,EAAE,qBAAqB;QAC3B,OAAO,EAAE,+EAA+E;QACxF,UAAU,EAAE,IAAI;KACjB;IAED,qBAAqB;IACrB;QACE,IAAI,EAAE,mBAAmB;QACzB,IAAI,EAAE,2BAA2B;QACjC,OAAO,EAAE,oEAAoE;QAC7E,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,IAAI,EAAE,8BAA8B;QACpC,OAAO,EAAE,kEAAkE;QAC3E,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,0DAA0D;QACnE,UAAU,EAAE,IAAI;KACjB;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,0DAA0D;QACnE,UAAU,EAAE,IAAI;KACjB;IAED,8CAA8C;IAC9C;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,gFAAgF;QACzF,UAAU,EAAE,GAAG;KAChB;IACD;QACE,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,gFAAgF;QACzF,UAAU,EAAE,GAAG;KAChB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,8BAA8B;QACvC,UAAU,EAAE,IAAI;KACjB;IAED,wBAAwB;IACxB,6BAA6B;IAC7B,wBAAwB;IAExB,qBAAqB;IACrB;QACE,IAAI,EAAE,WAAW;QACjB,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,6BAA6B;QACtC,UAAU,EAAE,IAAI;KACjB;IAED,eAAe;IACf;QACE,IAAI,EAAE,WAAW;QACjB,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,sCAAsC;QAC/C,UAAU,EAAE,IAAI;KACjB;IAED,qBAAqB;IACrB;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,4BAA4B;QACrC,UAAU,EAAE,IAAI;KACjB;IAED,uCAAuC;IACvC;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,iFAAiF;QAC1F,UAAU,EAAE,GAAG;KAChB;IAED,oDAAoD;IACpD;QACE,IAAI,EAAE,cAAc;QACpB,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,iCAAiC;QAC1C,UAAU,EAAE,IAAI;KACjB;IAED,iCAAiC;IACjC;QACE,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,+CAA+C;QACxD,UAAU,EAAE,GAAG;KAChB;IAED,6EAA6E;IAC7E;QACE,IAAI,EAAE,aAAa;QACnB,IAAI,EAAE,6BAA6B;QACnC,OAAO,EAAE,wFAAwF;QACjG,UAAU,EAAE,IAAI;KACjB;CACF,CAAC;AAEF,+EAA+E;AAC/E,sBAAsB;AACtB,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAAY;IAC5C,MAAM,OAAO,GAAsB,EAAE,CAAC;IACtC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC,CAAC,mBAAmB;IAEnD,KAAK,MAAM,UAAU,IAAI,kBAAkB,EAAE,CAAC;QAC5C,oBAAoB;QACpB,UAAU,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QAEjC,IAAI,KAA6B,CAAC;QAClC,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACxD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,+BAA+B;YACnE,MAAM,GAAG,GAAG,GAAG,KAAK,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAEtC,+CAA+C;YAC/C,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;gBAAE,SAAS;YAC5B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAEd,4BAA4B;YAC5B,IAAI,UAAU,CAAC,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBACvD,SAAS;YACX,CAAC;YAED,4BAA4B;YAC5B,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YACnD,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,MAAM,CAAC;YAC1B,MAAM,MAAM,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YAE1D,iCAAiC;YACjC,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;YACnD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;YAC1E,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;YAEzD,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,UAAU,CAAC,IAAI;gBACrB,KAAK,EAAE,KAAK;gBACZ,UAAU,EAAE,KAAK,CAAC,KAAK;gBACvB,QAAQ,EAAE,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM;gBACvC,UAAU,EAAE,UAAU,CAAC,UAAU;gBACjC,IAAI;gBACJ,MAAM;gBACN,OAAO,EAAE,UAAU,CAAC,IAAI;gBACxB,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACvC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,mBAAmB;IACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC;IAEpD,oGAAoG;IACpG,MAAM,QAAQ,GAAsB,EAAE,CAAC;IACvC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC3C,2CAA2C;YAC3C,IAAI,IAAI,IAAI,MAAM,CAAC,UAAU,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC9C,mDAAmD;gBACnD,IAAI,MAAM,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;oBACxC,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC;gBACzC,CAAC;gBACD,SAAS;YACX,CAAC;QACH,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACxB,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAAC,KAAa;IAC9C,qBAAqB;IACrB,KAAK,MAAM,UAAU,IAAI,kBAAkB,EAAE,CAAC;QAC5C,UAAU,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QACjC,IAAI,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACnC,IAAI,UAAU,CAAC,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBACvD,SAAS;YACX,CAAC;YACD,IAAI,UAAU,CAAC,UAAU,IAAI,GAAG,EAAE,CAAC;gBACjC,OAAO,UAAU,CAAC,IAAI,CAAC;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,IAAI,KAAK,CAAC,UAAU,CAAC,YAAY,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;QACpE,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,IAAI,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7D,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACjD,OAAO,mBAAmB,CAAC;IAC7B,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,uBAAuB,CAAC,IAAY;IAClD,MAAM,aAAa,GAAG;QACpB,gBAAgB;QAChB,cAAc;QACd,iBAAiB;QACjB,iBAAiB;QACjB,gBAAgB;QAChB,yBAAyB;QACzB,cAAc;QACd,iBAAiB;QACjB,kBAAkB;QAClB,mBAAmB;QACnB,sBAAsB;KACvB,CAAC;IAEF,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACjD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,qBAAqB,CAAC,IAAY;IAChD,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IAC3C,IAAI,MAAM,GAAG,IAAI,CAAC;IAClB,IAAI,MAAM,GAAG,CAAC,CAAC;IAEf,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,SAAS,CAAC,UAAU,GAAG,MAAM,CAAC;QAC5C,MAAM,GAAG,GAAG,SAAS,CAAC,QAAQ,GAAG,MAAM,CAAC;QACxC,MAAM,WAAW,GAAG,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAC/C,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,GAAG,WAAW,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAC1E,MAAM,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,SAAS,CAAC,QAAQ,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;IAC7E,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAA0B;IAM1D,MAAM,MAAM,GAA2B,EAAE,CAAC;IAE1C,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACvD,CAAC;IAED,OAAO;QACL,KAAK,EAAE,OAAO,CAAC,MAAM;QACrB,MAAM,EAAE,MAAwC;QAChD,cAAc,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,IAAI,GAAG,CAAC,CAAC,MAAM;QACjE,iBAAiB,EACf,OAAO,CAAC,MAAM,GAAG,CAAC;YAChB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,GAAG,OAAO,CAAC,MAAM;YACpE,CAAC,CAAC,CAAC;KACR,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* ExecManager — Core Subprocess Credential Injection
|
|
3
|
+
*
|
|
4
|
+
* Handles the core exec logic independently of the CLI, so it can be
|
|
5
|
+
* reused by the MCP server or programmatic API in the future.
|
|
6
|
+
*
|
|
7
|
+
* Flow:
|
|
8
|
+
* 1. Resolve each passport (by ID or name)
|
|
9
|
+
* 2. Evaluate policy for each passport
|
|
10
|
+
* 3. Determine env var names (explicit, platform-map, or fallback)
|
|
11
|
+
* 4. Check for env var collisions
|
|
12
|
+
* 5. Inject into child process environment
|
|
13
|
+
* 6. Spawn the child process
|
|
14
|
+
* 7. Propagate signals (SIGTERM, SIGINT, SIGHUP)
|
|
15
|
+
* 8. Wait for exit
|
|
16
|
+
* 9. Log audit entries with process metadata
|
|
17
|
+
* 10. Return exit code
|
|
18
|
+
*/
|
|
19
|
+
import type { Vault } from '../vault.js';
|
|
20
|
+
export interface ExecPassportSpec {
|
|
21
|
+
/** Passport ID or name to retrieve */
|
|
22
|
+
passportRef: string;
|
|
23
|
+
/** Override the env var name (--as flag) */
|
|
24
|
+
envVarOverride?: string;
|
|
25
|
+
}
|
|
26
|
+
export interface ExecOptions {
|
|
27
|
+
/** Command and arguments to execute */
|
|
28
|
+
command: string[];
|
|
29
|
+
/** Passports to inject */
|
|
30
|
+
passports: ExecPassportSpec[];
|
|
31
|
+
/** Vault instance (already unlocked) */
|
|
32
|
+
vault: Vault;
|
|
33
|
+
/** Actor name for audit logging */
|
|
34
|
+
actor: string;
|
|
35
|
+
/** Whether to inherit the parent process environment */
|
|
36
|
+
inheritEnv?: boolean;
|
|
37
|
+
/** Additional environment variables to set */
|
|
38
|
+
extraEnv?: Record<string, string>;
|
|
39
|
+
/** Working directory for the child process */
|
|
40
|
+
cwd?: string;
|
|
41
|
+
/** Whether to run a dry run (print env vars, don't execute) */
|
|
42
|
+
dryRun?: boolean;
|
|
43
|
+
}
|
|
44
|
+
export interface ExecResult {
|
|
45
|
+
exitCode: number;
|
|
46
|
+
signal?: string;
|
|
47
|
+
injectedVars: {
|
|
48
|
+
envVar: string;
|
|
49
|
+
passportId: string;
|
|
50
|
+
passportName: string;
|
|
51
|
+
source: string;
|
|
52
|
+
}[];
|
|
53
|
+
duration: number;
|
|
54
|
+
auditEntryIds: string[];
|
|
55
|
+
}
|
|
56
|
+
/**
|
|
57
|
+
* Execute a command with vault credentials injected as environment variables.
|
|
58
|
+
*/
|
|
59
|
+
export declare function execWithCredentials(options: ExecOptions): Promise<ExecResult>;
|
|
60
|
+
//# sourceMappingURL=execManager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"execManager.d.ts","sourceRoot":"","sources":["../../src/exec/execManager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAIH,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAMzC,MAAM,WAAW,gBAAgB;IAC/B,sCAAsC;IACtC,WAAW,EAAE,MAAM,CAAC;IACpB,4CAA4C;IAC5C,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,WAAW;IAC1B,uCAAuC;IACvC,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,0BAA0B;IAC1B,SAAS,EAAE,gBAAgB,EAAE,CAAC;IAC9B,wCAAwC;IACxC,KAAK,EAAE,KAAK,CAAC;IACb,mCAAmC;IACnC,KAAK,EAAE,MAAM,CAAC;IACd,wDAAwD;IACxD,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,8CAA8C;IAC9C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAClC,8CAA8C;IAC9C,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,+DAA+D;IAC/D,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC7F,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,EAAE,CAAC;CACzB;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CA0PnF"}
|