@lobu/gateway 3.0.5 → 3.0.7

package/src/proxy/proxy-manager.ts

@@ -0,0 +1,81 @@
+import { existsSync } from "node:fs";
+import type { Server } from "node:http";
+import { createLogger } from "@lobu/core";
+import { startHttpProxy, stopHttpProxy } from "./http-proxy";
+
+const logger = createLogger("proxy-manager");
+
+let proxyServer: Server | null = null;
+
+/**
+ * Determine the bind host for the proxy.
+ * DEPLOYMENT_MODE=docker is expected to run inside a container. Fail fast if not,
+ * then bind to all interfaces so workers on lobu-internal can connect.
+ */
+function getProxyBindHost(): string {
+  const deploymentMode = process.env.DEPLOYMENT_MODE;
+
+  if (deploymentMode === "docker") {
+    const runningInContainer =
+      existsSync("/.dockerenv") || existsSync("/run/.containerenv");
+    if (!runningInContainer) {
+      throw new Error(
+        "DEPLOYMENT_MODE=docker requires gateway to run inside a container"
+      );
+    }
+  }
+
+  // Docker Compose / K8s: bind to all interfaces
+  return "::";
+}
+
+/**
+ * Start filtering HTTP proxy for worker network isolation
+ * Workers can only access internet via this proxy, which enforces domain allowlist/blocklist
+ *
+ * Behavior based on environment configuration:
+ * - Empty/unset: Deny all (complete isolation)
+ * - WORKER_ALLOWED_DOMAINS=*: Allow all (unrestricted)
+ * - WORKER_ALLOWED_DOMAINS=domains: Allowlist mode
+ * - WORKER_DISALLOWED_DOMAINS=domains: Blocklist mode
+ * - Both set: Allowlist with exceptions
+ */
+export async function startFilteringProxy(): Promise<void> {
+  try {
+    const parsedPort = Number.parseInt(
+      process.env.WORKER_PROXY_PORT || "8118",
+      10
+    );
+    const port = Number.isFinite(parsedPort) ? parsedPort : 8118;
+    const host = getProxyBindHost();
+
+    proxyServer = await startHttpProxy(port, host);
+
+    logger.debug(`HTTP proxy started on ${host}:${port}`);
+  } catch (error) {
+    logger.error("Failed to start HTTP proxy:", error);
+    throw error;
+  }
+}
+
+/**
+ * Stop filtering proxy (cleanup on shutdown)
+ */
+async function stopFilteringProxy(): Promise<void> {
+  if (proxyServer) {
+    logger.info("Stopping HTTP proxy...");
+    await stopHttpProxy(proxyServer);
+    proxyServer = null;
+  }
+}
+
+/**
+ * Handle graceful shutdown
+ */
+process.on("SIGTERM", async () => {
+  await stopFilteringProxy();
+});
+
+process.on("SIGINT", async () => {
+  await stopFilteringProxy();
+});

package/src/proxy/secret-proxy.ts

@@ -0,0 +1,402 @@
+import { createLogger } from "@lobu/core";
+import type { Context } from "hono";
+import { Hono } from "hono";
+import type Redis from "ioredis";
+import type { AuthProfilesManager } from "../auth/settings/auth-profiles-manager";
+import type { ProviderUpstreamConfig } from "../modules/module-system";
+
+const logger = createLogger("secret-proxy");
+
+const PLACEHOLDER_PREFIX = "lobu_secret_";
+const REDIS_KEY_PREFIX = "lobu:secret:";
+
+export interface SecretMapping {
+  agentId: string;
+  envVarName: string;
+  value: string;
+  deploymentName: string;
+}
+
+export interface SecretProxyConfig {
+  defaultUpstreamUrl: string;
+  providerUpstreams?: ProviderUpstreamConfig[];
+}
+
+/**
+ * Generic secret injection proxy.
+ *
+ * Workers receive random placeholder tokens instead of real secrets.
+ * This proxy intercepts requests, swaps placeholders back to real values
+ * in auth headers, and forwards to the upstream API.
+ *
+ * Zero provider-specific logic — works for any API that uses
+ * X-Api-Key or Authorization: Bearer headers.
+ */
+export class SecretProxy {
+  private app: Hono;
+  private redis!: Redis;
+  private config: SecretProxyConfig;
+  private slugMap: Map<string, string>;
+  private slugToProviderId: Map<string, string> = new Map();
+  private authProfilesManager?: AuthProfilesManager;
+  private systemKeyResolver?: (providerId: string) => string | undefined;
+
+  constructor(config: SecretProxyConfig) {
+    this.config = config;
+    this.slugMap = new Map();
+    for (const upstream of config.providerUpstreams ?? []) {
+      this.slugMap.set(upstream.slug, upstream.upstreamBaseUrl);
+      logger.debug(
+        `Registered provider upstream: ${upstream.slug} -> ${upstream.upstreamBaseUrl}`
+      );
+    }
+    this.app = new Hono();
+    this.setupRoutes();
+  }
+
+  initialize(redis: Redis): void {
+    this.redis = redis;
+  }
+
+  setAuthProfilesManager(manager: AuthProfilesManager): void {
+    this.authProfilesManager = manager;
+  }
+
+  /**
+   * Set a callback that resolves system-level API keys for a provider.
+   * Used as fallback when no per-agent auth profile exists.
+   */
+  setSystemKeyResolver(
+    resolver: (providerId: string) => string | undefined
+  ): void {
+    this.systemKeyResolver = resolver;
+  }
+
+  /**
+   * Register a provider upstream for slug-based routing.
+   * Called after provider modules are initialized.
+   */
+  registerUpstream(
+    upstream: ProviderUpstreamConfig,
+    providerId?: string
+  ): void {
+    this.slugMap.set(upstream.slug, upstream.upstreamBaseUrl);
+    if (providerId) {
+      this.slugToProviderId.set(upstream.slug, providerId);
+    }
+    logger.debug(
+      `Registered provider upstream: ${upstream.slug} -> ${upstream.upstreamBaseUrl}${providerId ? ` (providerId: ${providerId})` : ""}`
+    );
+  }
+
+  getApp(): Hono {
+    return this.app;
+  }
+
+  private setupRoutes(): void {
+    this.app.get("/health", (c) =>
+      c.json({
+        service: "secret-proxy",
+        status: "enabled",
+        timestamp: new Date().toISOString(),
+      })
+    );
+
+    this.app.all("/*", (c) => this.handleRequest(c));
+  }
+
+  private async handleRequest(c: Context): Promise<Response> {
+    try {
+      return await this.forward(c);
+    } catch (error) {
+      logger.error("Secret proxy error:", error);
+      return c.json({ error: "Internal proxy error" }, 500);
+    }
+  }
+
+  /**
+   * Resolve a placeholder token to its real value via Redis.
+   * Handles both plain (`lobu_secret_<uuid>`) and prefixed
+   * (`sk-ant-oat01-lobu_secret_<uuid>`) placeholders.
+   */
+  private async resolveSecret(placeholder: string): Promise<string | null> {
+    const prefixIdx = placeholder.indexOf(PLACEHOLDER_PREFIX);
+    if (prefixIdx === -1) return null;
+    const uuid = placeholder.slice(prefixIdx + PLACEHOLDER_PREFIX.length);
+    const key = `${REDIS_KEY_PREFIX}${uuid}`;
+    const raw = await this.redis.get(key);
+    if (!raw) return null;
+    try {
+      const mapping: SecretMapping = JSON.parse(raw);
+      return mapping.value;
+    } catch {
+      return null;
+    }
+  }
+
+  /**
+   * If the value contains a UUID placeholder prefix, resolve the real secret.
+   * Returns the value unchanged if it's not a recognized pattern.
+   */
+  private async swap(value: string): Promise<string> {
+    if (value.includes(PLACEHOLDER_PREFIX)) {
+      const resolved = await this.resolveSecret(value);
+      if (!resolved) {
+        logger.warn("Failed to resolve secret placeholder");
+        return value;
+      }
+      return resolved;
+    }
+
+    return value;
+  }
+
+  private async forward(c: Context): Promise<Response> {
+    // Build upstream URL — strip the proxy mount prefix and resolve provider slug
+    const url = new URL(c.req.url);
+    const rawPath = url.pathname.replace(/^\/api\/proxy/, "");
+
+    // Try slug-based routing: /api/proxy/{slug}/rest/of/path
+    let upstreamBaseUrl = this.config.defaultUpstreamUrl;
+    let forwardPath = rawPath;
+    let resolvedSlug: string | undefined;
+    let urlAgentId: string | undefined;
+    const slugMatch = rawPath.match(/^\/([^/]+)(\/.*)?$/);
+    if (slugMatch) {
+      const candidateSlug = slugMatch[1]!;
+      const resolved = this.slugMap.get(candidateSlug);
+      if (resolved) {
+        upstreamBaseUrl = resolved;
+        forwardPath = slugMatch[2] || "";
+        resolvedSlug = candidateSlug;
+
+        // Extract agentId from /a/{agentId} path segment if present.
+        // URL format: /api/proxy/{slug}/a/{agentId}/v1/chat/completions
+        const agentMatch = forwardPath.match(/^\/a\/([^/]+)(\/.*)?$/);
+        if (agentMatch) {
+          urlAgentId = agentMatch[1];
+          forwardPath = agentMatch[2] || "";
+        }
+      }
+    }
+
+    const upstream = `${upstreamBaseUrl}${forwardPath}${url.search}`;
+
+    // Copy request body for non-GET/HEAD
+    const method = c.req.method;
+    let body: string | undefined;
+    if (method !== "GET" && method !== "HEAD") {
+      body = await c.req.text();
+    }
+
+    // Build headers, swapping placeholder secrets in auth headers
+    const headers: Record<string, string> = {};
+
+    // Forward all original headers (except host/connection)
+    const skip = new Set(["host", "connection", "transfer-encoding"]);
+    for (const [key, val] of Object.entries(c.req.header())) {
+      if (val && !skip.has(key.toLowerCase())) {
+        headers[key] = val;
+      }
+    }
+
+    // Resolve credentials: prefer URL-based agentId (no header parsing needed),
+    // fall back to marker/placeholder swap for backward compatibility.
+    if (urlAgentId && resolvedSlug && this.authProfilesManager) {
+      const providerId = this.slugToProviderId.get(resolvedSlug);
+      if (providerId) {
+        const profile = await this.authProfilesManager.getBestProfile(
+          urlAgentId,
+          providerId
+        );
+        if (profile?.credential) {
+          headers.authorization = `Bearer ${profile.credential}`;
+        } else if (this.systemKeyResolver) {
+          const systemKey = this.systemKeyResolver(providerId);
+          if (systemKey) {
+            headers.authorization = `Bearer ${systemKey}`;
+          } else {
+            logger.warn(
+              `No auth profile or system key for agent ${urlAgentId}, provider ${providerId}`
+            );
+            return c.json(
+              {
+                error: {
+                  message:
+                    "No provider credentials configured. End-user provider setup is not available in chat yet. Ask an admin to connect a provider for the base agent.",
+                  type: "authentication_error",
+                  code: "no_credentials",
+                },
+              },
+              401
+            );
+          }
+        } else {
+          logger.warn(
+            `No auth profile for agent ${urlAgentId}, provider ${providerId}`
+          );
+          return c.json(
+            {
+              error: {
+                message:
+                  "No provider credentials configured. End-user provider setup is not available in chat yet. Ask an admin to connect a provider for the base agent.",
+                type: "authentication_error",
+                code: "no_credentials",
+              },
+            },
+            401
+          );
+        }
+      } else {
+        logger.warn(`No providerId mapping for slug "${resolvedSlug}"`);
+      }
+    } else {
+      // Legacy path: swap UUID placeholders in auth headers (non-provider secrets)
+      const apiKey = headers["x-api-key"];
+      if (apiKey) {
+        headers["x-api-key"] = await this.swap(apiKey);
+      }
+
+      const auth = headers.authorization || headers.Authorization;
+      if (auth) {
+        const parts = auth.split(" ");
+        if (parts.length === 2 && parts[0]?.toLowerCase() === "bearer") {
+          const swapped = await this.swap(parts[1]!);
+          const headerName = headers.authorization
+            ? "authorization"
+            : "Authorization";
+          headers[headerName] = `Bearer ${swapped}`;
+        }
+      }
+    }
+
+    logger.info(`Forwarding to upstream: ${method} ${upstream}`);
+
+    const response = await fetch(upstream, { method, headers, body });
+
+    if (!response.ok) {
+      // Read body for error details (clone to avoid consuming the stream)
+      const errBody = await response
+        .clone()
+        .text()
+        .catch(() => "");
+      logger.warn(
+        `Upstream returned ${response.status} for ${method} ${upstream}: ${errBody.slice(0, 300)}`
+      );
+    }
+
+    // Build response headers (skip hop-by-hop)
+    const responseHeaders = new Headers();
+    response.headers.forEach((value, key) => {
+      if (
+        ![
+          "transfer-encoding",
+          "connection",
+          "upgrade",
+          "content-encoding",
+        ].includes(key.toLowerCase())
+      ) {
+        responseHeaders.set(key, value);
+      }
+    });
+
+    // Stream SSE / chunked responses directly
+    if (
+      response.headers.get("content-type")?.includes("text/event-stream") ||
+      response.headers.get("transfer-encoding") === "chunked"
+    ) {
+      responseHeaders.set("Cache-Control", "no-cache");
+      responseHeaders.set("Connection", "keep-alive");
+      if (response.body) {
+        return new Response(response.body as ReadableStream, {
+          status: response.status,
+          headers: responseHeaders,
+        });
+      }
+      return c.json({ error: "No response body from upstream" }, 502);
+    }
+
+    // Regular response pass-through
+    const text = await response.text();
+    return new Response(text, {
+      status: response.status,
+      headers: responseHeaders,
+    });
+  }
+}
+
+// ============================================================================
+// Utility: store / delete placeholder mappings in Redis
+// ============================================================================
+
+/**
+ * Store a secret placeholder mapping in Redis.
+ * Called by the deployment manager when generating env vars.
+ */
+export async function storeSecretMapping(
+  redis: Redis,
+  uuid: string,
+  mapping: SecretMapping,
+  ttlSeconds: number = 7 * 24 * 60 * 60 // 7 days default
+): Promise<void> {
+  const key = `${REDIS_KEY_PREFIX}${uuid}`;
+  await redis.set(key, JSON.stringify(mapping), "EX", ttlSeconds);
+}
+
+/**
+ * Delete all secret placeholder mappings for a given deployment.
+ * Called during deployment teardown.
+ */
+export async function deleteSecretMappings(
+  redis: Redis,
+  deploymentName: string
+): Promise<void> {
+  const pattern = `${REDIS_KEY_PREFIX}*`;
+  let cursor = "0";
+  do {
+    const [next, keys] = await redis.scan(
+      cursor,
+      "MATCH",
+      pattern,
+      "COUNT",
+      100
+    );
+    cursor = next;
+    for (const key of keys) {
+      try {
+        const raw = await redis.get(key);
+        if (raw) {
+          const mapping: SecretMapping = JSON.parse(raw);
+          if (mapping.deploymentName === deploymentName) {
+            await redis.del(key);
+          }
+        }
+      } catch {
+        // Skip malformed entries
+      }
+    }
+  } while (cursor !== "0");
+}
+
+/**
+ * Generate a UUID placeholder token and store its mapping in Redis.
+ * Returns the placeholder string to pass to the worker.
+ * Used for non-provider secrets (custom env vars with _KEY/_TOKEN/_SECRET patterns).
+ */
+export async function generatePlaceholder(
+  redis: Redis,
+  agentId: string,
+  envVarName: string,
+  realValue: string,
+  deploymentName: string,
+  ttlSeconds?: number
+): Promise<string> {
+  const uuid = crypto.randomUUID();
+  await storeSecretMapping(
+    redis,
+    uuid,
+    { agentId, envVarName, value: realValue, deploymentName },
+    ttlSeconds
+  );
+  return `${PLACEHOLDER_PREFIX}${uuid}`;
+}

package/src/proxy/token-refresh-job.ts

@@ -0,0 +1,143 @@
+import { createLogger } from "@lobu/core";
+import type Redis from "ioredis";
+import type { OAuthClient } from "../auth/oauth/client";
+import type { AuthProfilesManager } from "../auth/settings/auth-profiles-manager";
+
+const logger = createLogger("token-refresh-job");
+
+const REFRESH_INTERVAL_MS = 2 * 60 * 1000; // 2 minutes
+const EXPIRY_BUFFER_MS = 5 * 60 * 1000; // Refresh tokens expiring within 5 minutes
+
+export interface RefreshableProvider {
+  providerId: string;
+  oauthClient: OAuthClient;
+}
+
+/**
+ * Background job that proactively refreshes OAuth tokens before they expire.
+ *
+ * On each tick:
+ * 1. Scans authProfiles for OAuth tokens expiring soon across all registered providers
+ * 2. Refreshes via the provider's OAuth client
+ * 3. Updates authProfiles with new credentials
+ */
+export class TokenRefreshJob {
+  private timer: Timer | null = null;
+  private refreshLocks = new Map<string, Promise<void>>();
+
+  constructor(
+    private authProfilesManager: AuthProfilesManager,
+    private redis: Redis,
+    private refreshableProviders: RefreshableProvider[]
+  ) {}
+
+  start(): void {
+    if (this.timer) return;
+    this.timer = setInterval(() => {
+      this.tick().catch((err) =>
+        logger.error("Token refresh tick failed:", err)
+      );
+    }, REFRESH_INTERVAL_MS);
+    logger.debug("Token refresh job started");
+  }
+
+  stop(): void {
+    if (this.timer) {
+      clearInterval(this.timer);
+      this.timer = null;
+    }
+    logger.info("Token refresh job stopped");
+  }
+
+  private async tick(): Promise<void> {
+    const pattern = "agent:settings:*";
+    let cursor = "0";
+    do {
+      const [next, keys] = await this.redis.scan(
+        cursor,
+        "MATCH",
+        pattern,
+        "COUNT",
+        100
+      );
+      cursor = next;
+      for (const key of keys) {
+        const agentId = key.replace("agent:settings:", "");
+        await this.maybeRefresh(agentId);
+      }
+    } while (cursor !== "0");
+  }
+
+  private async maybeRefresh(agentId: string): Promise<void> {
+    // Prevent concurrent refresh for the same agent
+    const existing = this.refreshLocks.get(agentId);
+    if (existing) {
+      await existing;
+      return;
+    }
+
+    const promise = this.doRefresh(agentId);
+    this.refreshLocks.set(agentId, promise);
+    try {
+      await promise;
+    } finally {
+      this.refreshLocks.delete(agentId);
+    }
+  }
+
+  private async doRefresh(agentId: string): Promise<void> {
+    for (const { providerId, oauthClient } of this.refreshableProviders) {
+      const profiles = await this.authProfilesManager.getProviderProfiles(
+        agentId,
+        providerId
+      );
+      const oauthProfile = profiles.find(
+        (profile) =>
+          profile.authType === "oauth" && !!profile.metadata?.refreshToken
+      );
+
+      if (!oauthProfile?.metadata?.refreshToken) continue;
+
+      const expiresAt = oauthProfile.metadata.expiresAt || 0;
+      const isExpiring = expiresAt <= Date.now() + EXPIRY_BUFFER_MS;
+      if (!isExpiring) continue;
+
+      logger.info(
+        `Refreshing ${providerId} token for agent ${agentId} profile ${oauthProfile.id}`,
+        { expiresAt: new Date(expiresAt).toISOString() }
+      );
+
+      try {
+        const newCredentials = await oauthClient.refreshToken(
+          oauthProfile.metadata.refreshToken
+        );
+
+        await this.authProfilesManager.upsertProfile({
+          agentId,
+          id: oauthProfile.id,
+          provider: oauthProfile.provider,
+          credential: newCredentials.accessToken,
+          authType: "oauth",
+          label: oauthProfile.label,
+          model: oauthProfile.model,
+          metadata: {
+            ...oauthProfile.metadata,
+            refreshToken: newCredentials.refreshToken,
+            expiresAt: newCredentials.expiresAt,
+          },
+          makePrimary: false,
+        });
+
+        logger.info(`Token refreshed for agent ${agentId} (${providerId})`);
+      } catch (error) {
+        logger.error(
+          `Failed to refresh ${providerId} token for agent ${agentId}`,
+          {
+            error,
+            profileId: oauthProfile.id,
+          }
+        );
+      }
+    }
+  }
+}