@m1a0rz/agent-identity 0.3.2 → 0.3.3

package/dist/index.js

@@ -19,8 +19,8 @@ import { createLlmInputHandler } from "./src/hooks/llm-input.js";
 import { createSessionsSendPropagationHandler } from "./src/hooks/sessions-send-propagation.js";
 import { createSessionsSpawnPropagationHandler } from "./src/hooks/sessions-spawn-propagation.js";
 import { createSubagentEndedCleanupHandler } from "./src/hooks/subagent-ended-cleanup.js";
-import { setSender, clearSender } from "./src/store/group-sender-store.js";
-import { deriveSessionKey, isGroupOrChannelSessionKey, } from "./src/utils/derive-session-key.js";
+import { setSender, clearSender } from "./src/store/sender-session-store.js";
+import { deriveSessionKey, needsSenderIsolation, } from "./src/utils/derive-session-key.js";
 import { createBeforeToolCallHandler } from "./src/hooks/before-tool-call.js";
 import { createAfterToolCallHandler } from "./src/hooks/after-tool-call.js";
 import * as skillPathStore from "./src/store/skill-path-store.js";
@@ -43,7 +43,7 @@ import { createIdentityStatusTool } from "./src/tools/identity-status.js";
 import { createIdentityUnsetBindingTool } from "./src/tools/identity-unset-binding.js";
 import { createIdentityWhoamiTool } from "./src/tools/identity-whoami.js";
 import { parseSessionKeyToDeliveryTarget, } from "./src/utils/derive-session-key.js";
-import { logInfo, logWarn } from "./src/utils/logger.js";
+import { logDebug, logInfo, logWarn } from "./src/utils/logger.js";
 import { initEncryptionKey } from "./src/store/encryption.js";
 const PLUGIN_STORE_DIR = "~/.openclaw/plugins/identity";
 /**
@@ -323,7 +323,7 @@ export default function register(api) {
             accountId: ctx.accountId,
             config: api.runtime.config.loadConfig(),
         });
-        if (!sessionKey || !isGroupOrChannelSessionKey(sessionKey))
+        if (!sessionKey || !needsSenderIsolation(sessionKey))
             return;
         setSender(sessionKey, {
             senderId,
@@ -333,7 +333,7 @@ export default function register(api) {
             messageId: metadata?.messageId,
             capturedAt: Date.now(),
         });
-        logInfo(api.logger, `group sender captured session=${sessionKey} sender=${senderId}`);
+        logDebug(api.logger, `sender captured session=${sessionKey} sender=${senderId}`);
     }, { priority: 200 });
     api.on("session_end", (_event, ctx) => {
         if (ctx.sessionKey)

package/dist/src/actions/identity-actions.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"identity-actions.d.ts","sourceRoot":"","sources":["../../../src/actions/identity-actions.ts"],"names":[],"mappings":"AAgBA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAE1D,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,gCAAgC,CAAC;AAC9E,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AACvE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC;AAc/E,OAAO,EAKL,KAAK,eAAe,EACrB,MAAM,8BAA8B,CAAC;AAUtC,MAAM,MAAM,oBAAoB,GAAG;IACjC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,eAAe,CAAC;IACjC,aAAa,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAC;IACnD,uBAAuB,CAAC,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAC9D,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,uBAAuB,CAAC;IACzC,MAAM,CAAC,EAAE,qBAAqB,CAAC;IAC/B,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,qBAAqB,CAAC,EAAE,CACtB,kBAAkB,EAAE,wBAAwB,GAAG,MAAM,EACrD,IAAI,EAAE,MAAM,KACT,OAAO,CAAC,IAAI,CAAC,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG,aAAa,GAAG,YAAY,GAAG,QAAQ,CAAC;AAgFhE,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,EAAE,OAAO,CAAC;IAClB,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,MAAM,EAAE,OAAO,CAAC;IAChB,2CAA2C;IAC3C,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,wDAAwD;IACxD,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,4BAA4B;IAC5B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,uBAAuB;IACvB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,wCAAwC;IACxC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAC7C,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC,CAAC;AAEF,wBAAsB,SAAS,CAC7B,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,CAAC,EAAE,cAAc,GACtB,OAAO,CAAC,YAAY,CAAC,CAsCvB;AAED,MAAM,MAAM,WAAW,GACnB;IAAE,IAAI,EAAE,mBAAmB,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,GAC1C;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GACrC;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAEvC,wBAAsB,QAAQ,CAC5B,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,OAAO,CAAC,EAAE;IAAE,MAAM,CAAC,EAAE,cAAc,CAAC;IAAC,cAAc,CAAC,EAAE,wBAAwB,GAAG,IAAI,CAAA;CAAE,GACtF,OAAO,CAAC,WAAW,CAAC,CAqDtB;AAED,MAAM,MAAM,YAAY,GAAG;IAAE,EAAE,EAAE,OAAO,CAAA;CAAE,CAAC;AAE3C,wBAAsB,SAAS,CAC7B,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,YAAY,CAAC,CASvB;AAID,MAAM,MAAM,qBAAqB,GAAG;IAClC,SAAS,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAClG,UAAU,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACtE,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,wBAAsB,kBAAkB,CACtC,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,IAAI,GAAE,MAAU,EAChB,MAAM,CAAC,EAAE,qBAAqB,GAC7B,OAAO,CAAC,qBAAqB,CAAC,CAqFhC;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,EAAE,KAAK,CAAC;QACV,UAAU,EAAE,MAAM,CAAC;QACnB,GAAG,EAAE,MAAM,CAAC;QACZ,KAAK,EAAE,MAAM,EAAE,CAAC;QAChB,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC,CAAC;IACH,oDAAoD;IACpD,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;CAC3D,CAAC;AAEF,wBAAsB,WAAW,CAAC,IAAI,EAAE,mBAAmB,GAAG,OAAO,CAAC,cAAc,CAAC,CAsBpF;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC,CAAC;AAEF,wBAAsB,SAAS,CAAC,IAAI,EAAE,mBAAmB,GAAG,OAAO,CAAC,YAAY,CAAC,CA2ChF;AAED,MAAM,MAAM,WAAW,GACnB;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GACpC;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GACtD;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAEvC,wBAAsB,QAAQ,CAC5B,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE;IACN,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,SAAS,CAAC;IAChB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,cAAc,CAAC,EAAE,wBAAwB,GAAG,IAAI,CAAC;IACjD,MAAM,CAAC,EAAE,cAAc,CAAC;IACxB,kFAAkF;IAClF,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CAC7B,GACA,OAAO,CAAC,WAAW,CAAC,CA4JtB;AAED,MAAM,MAAM,gBAAgB,GAAG;IAAE,EAAE,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAEjF,wBAAsB,aAAa,CACjC,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,GAC3C,OAAO,CAAC,gBAAgB,CAAC,CAkC3B;AAED,MAAM,MAAM,kBAAkB,GAAG;IAAE,EAAE,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAEnF,wBAAsB,eAAe,CACnC,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,GAC3B,OAAO,CAAC,kBAAkB,CAAC,CAW7B"}
+{"version":3,"file":"identity-actions.d.ts","sourceRoot":"","sources":["../../../src/actions/identity-actions.ts"],"names":[],"mappings":"AAgBA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAE1D,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,gCAAgC,CAAC;AAC9E,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AACvE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC;AAgB/E,OAAO,EAKL,KAAK,eAAe,EACrB,MAAM,8BAA8B,CAAC;AAUtC,MAAM,MAAM,oBAAoB,GAAG;IACjC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,eAAe,CAAC;IACjC,aAAa,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAC;IACnD,uBAAuB,CAAC,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAC9D,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,uBAAuB,CAAC;IACzC,MAAM,CAAC,EAAE,qBAAqB,CAAC;IAC/B,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,qBAAqB,CAAC,EAAE,CACtB,kBAAkB,EAAE,wBAAwB,GAAG,MAAM,EACrD,IAAI,EAAE,MAAM,KACT,OAAO,CAAC,IAAI,CAAC,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG,aAAa,GAAG,YAAY,GAAG,QAAQ,CAAC;AAgFhE,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,EAAE,OAAO,CAAC;IAClB,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,MAAM,EAAE,OAAO,CAAC;IAChB,2CAA2C;IAC3C,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,wDAAwD;IACxD,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,4BAA4B;IAC5B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,uBAAuB;IACvB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,wCAAwC;IACxC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAC7C,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC,CAAC;AAEF,wBAAsB,SAAS,CAC7B,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,CAAC,EAAE,cAAc,GACtB,OAAO,CAAC,YAAY,CAAC,CAsCvB;AAED,MAAM,MAAM,WAAW,GACnB;IAAE,IAAI,EAAE,mBAAmB,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,GAC1C;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GACrC;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAEvC,wBAAsB,QAAQ,CAC5B,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,OAAO,CAAC,EAAE;IAAE,MAAM,CAAC,EAAE,cAAc,CAAC;IAAC,cAAc,CAAC,EAAE,wBAAwB,GAAG,IAAI,CAAA;CAAE,GACtF,OAAO,CAAC,WAAW,CAAC,CA0DtB;AAED,MAAM,MAAM,YAAY,GAAG;IAAE,EAAE,EAAE,OAAO,CAAA;CAAE,CAAC;AAE3C,wBAAsB,SAAS,CAC7B,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,YAAY,CAAC,CASvB;AAID,MAAM,MAAM,qBAAqB,GAAG;IAClC,SAAS,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAClG,UAAU,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACtE,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,wBAAsB,kBAAkB,CACtC,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,IAAI,GAAE,MAAU,EAChB,MAAM,CAAC,EAAE,qBAAqB,GAC7B,OAAO,CAAC,qBAAqB,CAAC,CAqFhC;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,EAAE,KAAK,CAAC;QACV,UAAU,EAAE,MAAM,CAAC;QACnB,GAAG,EAAE,MAAM,CAAC;QACZ,KAAK,EAAE,MAAM,EAAE,CAAC;QAChB,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC,CAAC;IACH,oDAAoD;IACpD,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;CAC3D,CAAC;AAEF,wBAAsB,WAAW,CAAC,IAAI,EAAE,mBAAmB,GAAG,OAAO,CAAC,cAAc,CAAC,CAsBpF;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC,CAAC;AAEF,wBAAsB,SAAS,CAAC,IAAI,EAAE,mBAAmB,GAAG,OAAO,CAAC,YAAY,CAAC,CA2ChF;AAED,MAAM,MAAM,WAAW,GACnB;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GACpC;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GACtD;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAEvC,wBAAsB,QAAQ,CAC5B,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE;IACN,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,SAAS,CAAC;IAChB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,cAAc,CAAC,EAAE,wBAAwB,GAAG,IAAI,CAAC;IACjD,MAAM,CAAC,EAAE,cAAc,CAAC;IACxB,kFAAkF;IAClF,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CAC7B,GACA,OAAO,CAAC,WAAW,CAAC,CA4JtB;AAED,MAAM,MAAM,gBAAgB,GAAG;IAAE,EAAE,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAEjF,wBAAsB,aAAa,CACjC,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,GAC3C,OAAO,CAAC,gBAAgB,CAAC,CAkC3B;AAED,MAAM,MAAM,kBAAkB,GAAG;IAAE,EAAE,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAEnF,wBAAsB,eAAe,CACnC,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,GAC3B,OAAO,CAAC,kBAAkB,CAAC,CAW7B"}

package/dist/src/actions/identity-actions.js

@@ -15,7 +15,7 @@
  */
 import { logDebug, logInfo, logWarn } from "../utils/logger.js";
 import { getOrRefreshTIPToken } from "../services/tip-with-refresh.js";
-import { fetchOIDCDiscovery, buildAuthorizationUrl, generateState, } from "../services/oidc-client.js";
+import { fetchOIDCDiscovery, buildAuthorizationUrl, generateState, generatePKCE, generateNonce, } from "../services/oidc-client.js";
 import { loadCredentialEnvBindings, loadAllCredentialEnvBindings, setCredentialEnvBinding, deleteCredentialEnvBinding, } from "../store/credential-env-bindings.js";
 import { loadCredentials, setCredential, getCredential, deleteCredentialsForSession, } from "../store/credential-store.js";
 import { getSession, deleteSession } from "../store/session-store.js";
@@ -134,13 +134,18 @@ export async function runLogin(deps, sessionKey, options) {
         const oidcConfig = await getOidcConfig();
         const discovery = await fetchOIDCDiscovery(oidcConfig.discoveryUrl);
         const state = await generateState();
-        await createState(storeDir, sessionKey, "", state, deliveryTarget);
+        const { codeVerifier, codeChallenge } = await generatePKCE();
+        const nonce = await generateNonce();
+        await createState(storeDir, sessionKey, "", state, deliveryTarget, { codeVerifier, nonce });
         const authUrl = buildAuthorizationUrl({
             authorizationEndpoint: discovery.authorization_endpoint,
             clientId: oidcConfig.clientId,
             redirectUri: oidcConfig.callbackUrl,
             scope: oidcConfig.scope ?? "openid profile email offline_access",
             state,
+            codeChallenge,
+            codeChallengeMethod: "S256",
+            nonce,
         });
         logInfo(logger, `login returning IdP URL for sessionKey=${sessionKey.slice(0, 24)}...`);
         return { kind: "auth_url", authUrl };

package/dist/src/commands/identity-commands.js

@@ -15,7 +15,7 @@
  */
 import { runStatus, runLogin, runLogout, runListCredentials, runListTips, runConfig, runFetch, runSetBinding, runUnsetBinding, } from "../actions/identity-actions.js";
 import { deriveSessionKey, deriveDeliveryTargetFromContext, } from "../utils/derive-session-key.js";
-import { buildEffectiveSessionKey } from "../store/group-sender-store.js";
+import { buildEffectiveSessionKey } from "../store/sender-session-store.js";
 import { logDebug } from "../utils/logger.js";
 import { diagnoseRisk } from "../risk/diagnose-risk.js";
 import { getRiskPatterns } from "../risk/classify-risk.js";
@@ -169,7 +169,7 @@ function createIdentityHandler(deps) {
             config: ctx.config,
         });
         const sessionKey = baseSessionKey
-            ? buildEffectiveSessionKey(baseSessionKey, ctx.senderId)
+            ? buildEffectiveSessionKey(baseSessionKey, ctx.senderId, ctx.channel)
             : null;
         const needsSession = [
             "login",

package/dist/src/hooks/before-agent-start.js

@@ -16,7 +16,7 @@
 import { getOrRefreshTIPToken } from "../services/tip-with-refresh.js";
 import { logDebug, logWarn } from "../utils/logger.js";
 import { isSubagentSessionKey } from "../utils/derive-session-key.js";
-import { resolveEffectiveSessionKey } from "../store/group-sender-store.js";
+import { resolveEffectiveSessionKey } from "../store/sender-session-store.js";
 export function createBeforeAgentStartHandler(deps) {
     const { storeDir, identityService, configWorkloadName, getOidcConfigForRefresh, logger } = deps;
     const tipRefreshOptions = {

package/dist/src/hooks/before-tool-call.js

@@ -23,9 +23,9 @@ import { applyEnvSnapshot } from "../store/credential-env-snapshot.js";
 import { getOrRefreshTIPToken } from "../services/tip-with-refresh.js";
 import { supportsSyncApproval } from "../utils/approval-channel.js";
 import { extractDelegationChainFromJwt } from "../utils/auth.js";
-import { isSubagentSessionKey, isGroupOrChannelSessionKey } from "../utils/derive-session-key.js";
+import { isSubagentSessionKey, needsSenderIsolation } from "../utils/derive-session-key.js";
 import { LOG_PREFIX, logDebug, logWarn } from "../utils/logger.js";
-import { getSender, resolveEffectiveSessionKeyForRun } from "../store/group-sender-store.js";
+import { getSender, resolveEffectiveSessionKeyForRun } from "../store/sender-session-store.js";
 // ─── Exempt tools (bypass session + authz entirely) ──────────────────
 const IDENTITY_EXEMPT_TOOLS = new Set([
     "identity_login",
@@ -98,8 +98,8 @@ export function createBeforeToolCallHandler(deps) {
         if (!sessionKey)
             return;
         const effectiveKey = resolveEffectiveSessionKeyForRun(sessionKey, event.runId);
-        // Phase 1: group sender context
-        if (isGroupOrChannelSessionKey(sessionKey)) {
+        // Phase 1: sender context for shared sessions (group/channel and default main)
+        if (needsSenderIsolation(sessionKey)) {
             const groupSender = getSender(sessionKey);
             if (groupSender) {
                 params._enhancedContext = {

package/dist/src/hooks/llm-input.js

@@ -20,15 +20,15 @@
  */
 import { parseAvailableSkills } from "../utils/parse-available-skills.js";
 import * as skillPathStore from "../store/skill-path-store.js";
-import { freezeRun, resolveEffectiveSessionKey } from "../store/group-sender-store.js";
-import { isGroupOrChannelSessionKey } from "../utils/derive-session-key.js";
+import { freezeRun, resolveEffectiveSessionKey } from "../store/sender-session-store.js";
+import { needsSenderIsolation } from "../utils/derive-session-key.js";
 import { logDebug } from "../utils/logger.js";
 export function createLlmInputHandler(deps) {
     const { enabled, logger } = deps;
     return (event, ctx) => {
         if (!ctx.sessionKey)
             return;
-        if (event.runId && isGroupOrChannelSessionKey(ctx.sessionKey)) {
+        if (event.runId && needsSenderIsolation(ctx.sessionKey)) {
             const effectiveKey = resolveEffectiveSessionKey(ctx.sessionKey);
             if (effectiveKey !== ctx.sessionKey) {
                 freezeRun(event.runId, effectiveKey);

package/dist/src/hooks/sessions-send-propagation.js

@@ -16,7 +16,7 @@
 import { getOrRefreshTIPToken } from "../services/tip-with-refresh.js";
 import { propagateTIPToTarget } from "../services/tip-propagation.js";
 import { logWarn } from "../utils/logger.js";
-import { resolveEffectiveSessionKeyForRun } from "../store/group-sender-store.js";
+import { resolveEffectiveSessionKeyForRun } from "../store/sender-session-store.js";
 export function createSessionsSendPropagationHandler(deps) {
     const { storeDir, identityService, configWorkloadName, getOidcConfigForRefresh, subagentTipPropagation, logger, } = deps;
     return async (event, ctx) => {

package/dist/src/hooks/sessions-spawn-propagation.js

@@ -16,7 +16,7 @@
 import { getOrRefreshTIPToken } from "../services/tip-with-refresh.js";
 import { propagateTIPToTarget } from "../services/tip-propagation.js";
 import { logWarn } from "../utils/logger.js";
-import { resolveEffectiveSessionKeyForRun } from "../store/group-sender-store.js";
+import { resolveEffectiveSessionKeyForRun } from "../store/sender-session-store.js";
 export function createSessionsSpawnPropagationHandler(deps) {
     const { storeDir, identityService, configWorkloadName, getOidcConfigForRefresh, subagentTipPropagation, logger, } = deps;
     return async (event, ctx) => {

package/dist/src/hooks/subagent-ended-cleanup.js

@@ -21,7 +21,7 @@
  */
 import { deleteSession } from "../store/session-store.js";
 import { deleteTIPToken } from "../store/tip-store.js";
-import { clearFrozenRun } from "../store/group-sender-store.js";
+import { clearFrozenRun } from "../store/sender-session-store.js";
 import { logDebug, logWarn } from "../utils/logger.js";
 export function createSubagentEndedCleanupHandler(deps) {
     const { storeDir, logger } = deps;

package/dist/src/routes/oidc-login.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oidc-login.d.ts","sourceRoot":"","sources":["../../../src/routes/oidc-login.ts"],"names":[],"mappings":"AAgBA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AACjE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAKvE,MAAM,MAAM,eAAe,GAAG;IAC5B,oGAAoG;IACpG,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kHAAkH;IAClH,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,eAAe,CAAC;IACxB,eAAe,EAAE,eAAe,CAAC;IACjC,oHAAoH;IACpH,cAAc,CAAC,EAAE,CACf,UAAU,EAAE,MAAM,EAClB,GAAG,EAAE,MAAM,EACX,cAAc,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,KACxE,OAAO,CAAC,IAAI,CAAC,CAAC;CACpB,CAAC;AAEF,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,gBAAgB,IAGhD,KAAK,eAAe,EAAE,KAAK,cAAc,KAAG,OAAO,CAAC,IAAI,CAAC,CA4ExE;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAClD,eAAe,EAAE,eAAe,CAAC;IACjC,cAAc,CAAC,EAAE,CACf,UAAU,EAAE,MAAM,EAClB,GAAG,EAAE,MAAM,EACX,cAAc,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,KACxE,OAAO,CAAC,IAAI,CAAC,CAAC;CACpB,CAAC;AAEF,+FAA+F;AAC/F,wBAAgB,6BAA6B,CAAC,IAAI,EAAE,oBAAoB,IAGxD,KAAK,eAAe,EAAE,KAAK,cAAc,KAAG,OAAO,CAAC,IAAI,CAAC,CA6ExE"}
+{"version":3,"file":"oidc-login.d.ts","sourceRoot":"","sources":["../../../src/routes/oidc-login.ts"],"names":[],"mappings":"AAgBA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AACjE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AASvE,MAAM,MAAM,eAAe,GAAG;IAC5B,oGAAoG;IACpG,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kHAAkH;IAClH,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,eAAe,CAAC;IACxB,eAAe,EAAE,eAAe,CAAC;IACjC,oHAAoH;IACpH,cAAc,CAAC,EAAE,CACf,UAAU,EAAE,MAAM,EAClB,GAAG,EAAE,MAAM,EACX,cAAc,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,KACxE,OAAO,CAAC,IAAI,CAAC,CAAC;CACpB,CAAC;AAEF,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,gBAAgB,IAGhD,KAAK,eAAe,EAAE,KAAK,cAAc,KAAG,OAAO,CAAC,IAAI,CAAC,CAsGxE;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAClD,eAAe,EAAE,eAAe,CAAC;IACjC,cAAc,CAAC,EAAE,CACf,UAAU,EAAE,MAAM,EAClB,GAAG,EAAE,MAAM,EACX,cAAc,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,KACxE,OAAO,CAAC,IAAI,CAAC,CAAC;CACpB,CAAC;AAEF,+FAA+F;AAC/F,wBAAgB,6BAA6B,CAAC,IAAI,EAAE,oBAAoB,IAGxD,KAAK,eAAe,EAAE,KAAK,cAAc,KAAG,OAAO,CAAC,IAAI,CAAC,CAuGxE"}

package/dist/src/routes/oidc-login.js

@@ -13,7 +13,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import { fetchOIDCDiscovery, exchangeCodeForTokens } from "../services/oidc-client.js";
+import { fetchOIDCDiscovery, exchangeCodeForTokens, verifyIdToken, } from "../services/oidc-client.js";
 import { consumeState } from "../store/oidc-state-store.js";
 import { setSession } from "../store/session-store.js";
 export function createOIDCCallbackHandler(deps) {
@@ -56,10 +56,31 @@ export function createOIDCCallbackHandler(deps) {
                 clientSecret: config.clientSecret,
                 code,
                 redirectUri: config.callbackUrl,
+                codeVerifier: entry.codeVerifier,
             });
-            const userToken = tokens.id_token ?? tokens.access_token;
-            const parsed = identityService.parseUserToken(userToken);
-            const sub = parsed.sub ?? "unknown";
+            const idToken = tokens.id_token;
+            if (!idToken) {
+                res.statusCode = 400;
+                res.setHeader("Content-Type", "application/json");
+                res.end(JSON.stringify({ error: "Token response missing id_token (required for OIDC)" }));
+                return;
+            }
+            if (!discovery.jwks_uri || !discovery.issuer) {
+                res.statusCode = 500;
+                res.setHeader("Content-Type", "application/json");
+                res.end(JSON.stringify({
+                    error: "OIDC discovery missing jwks_uri or issuer; cannot verify id_token",
+                }));
+                return;
+            }
+            const { sub } = await verifyIdToken({
+                idToken,
+                jwksUri: discovery.jwks_uri,
+                issuer: discovery.issuer,
+                audience: config.clientId,
+                nonce: entry.nonce,
+            });
+            const userToken = idToken;
             await setSession(storeDir, entry.sessionKey, {
                 userToken,
                 sub,
@@ -128,10 +149,31 @@ export function createOIDCCallbackHandlerLazy(deps) {
                 clientSecret: config.clientSecret,
                 code,
                 redirectUri: config.callbackUrl,
+                codeVerifier: entry.codeVerifier,
+            });
+            const idToken = tokens.id_token;
+            if (!idToken) {
+                res.statusCode = 400;
+                res.setHeader("Content-Type", "application/json");
+                res.end(JSON.stringify({ error: "Token response missing id_token (required for OIDC)" }));
+                return;
+            }
+            if (!discovery.jwks_uri || !discovery.issuer) {
+                res.statusCode = 500;
+                res.setHeader("Content-Type", "application/json");
+                res.end(JSON.stringify({
+                    error: "OIDC discovery missing jwks_uri or issuer; cannot verify id_token",
+                }));
+                return;
+            }
+            const { sub } = await verifyIdToken({
+                idToken,
+                jwksUri: discovery.jwks_uri,
+                issuer: discovery.issuer,
+                audience: config.clientId,
+                nonce: entry.nonce,
             });
-            const userToken = tokens.id_token ?? tokens.access_token;
-            const parsed = identityService.parseUserToken(userToken);
-            const sub = parsed.sub ?? "unknown";
+            const userToken = idToken;
             await setSession(storeDir, entry.sessionKey, {
                 userToken,
                 sub,

package/dist/src/services/identity-service.d.ts

@@ -24,8 +24,9 @@ export declare class IdentityService {
         sub?: string;
     }): Promise<TIPTokenEntry>;
     /**
-     * Validate user token (basic JWT decode for sub; full validation would use UserPool JWKS).
-     * For now we trust tokens that are stored via login flow.
+     * Lightweight expiry check for stored user tokens.
+     * Signature verification is performed at the trust boundary (OIDC callback and token refresh),
+     * so tokens stored in session are already verified. This method only checks format and expiry.
      */
     parseUserToken(userToken: string): {
         valid: boolean;

package/dist/src/services/identity-service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"identity-service.d.ts","sourceRoot":"","sources":["../../../src/services/identity-service.ts"],"names":[],"mappings":"AAgBA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAC;AAEpE,MAAM,MAAM,qBAAqB,GAAG;IAClC,cAAc,EAAE,uBAAuB,CAAC;IACxC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,+EAA+E;IAC/E,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,qBAAa,eAAe;IACd,OAAO,CAAC,QAAQ,CAAC,MAAM;gBAAN,MAAM,EAAE,qBAAqB;IAEpD,sBAAsB,CAAC,MAAM,EAAE;QACnC,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,sFAAsF;QACtF,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,SAAS,EAAE,MAAM,CAAC;QAClB,GAAG,CAAC,EAAE,MAAM,CAAC;KACd,GAAG,OAAO,CAAC,aAAa,CAAC;IA2B1B;;;OAGG;IACH,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG;QAAE,KAAK,EAAE,OAAO,CAAC;QAAC,GAAG,CAAC,EAAE,MAAM,CAAA;KAAE;CAiBpE"}
+{"version":3,"file":"identity-service.d.ts","sourceRoot":"","sources":["../../../src/services/identity-service.ts"],"names":[],"mappings":"AAgBA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAC;AAEpE,MAAM,MAAM,qBAAqB,GAAG;IAClC,cAAc,EAAE,uBAAuB,CAAC;IACxC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,+EAA+E;IAC/E,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,qBAAa,eAAe;IACd,OAAO,CAAC,QAAQ,CAAC,MAAM;gBAAN,MAAM,EAAE,qBAAqB;IAEpD,sBAAsB,CAAC,MAAM,EAAE;QACnC,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,sFAAsF;QACtF,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,SAAS,EAAE,MAAM,CAAC;QAClB,GAAG,CAAC,EAAE,MAAM,CAAC;KACd,GAAG,OAAO,CAAC,aAAa,CAAC;IA2B1B;;;;OAIG;IACH,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG;QAAE,KAAK,EAAE,OAAO,CAAC;QAAC,GAAG,CAAC,EAAE,MAAM,CAAA;KAAE;CAiBpE"}

package/dist/src/services/identity-service.js

@@ -42,8 +42,9 @@ export class IdentityService {
         };
     }
     /**
-     * Validate user token (basic JWT decode for sub; full validation would use UserPool JWKS).
-     * For now we trust tokens that are stored via login flow.
+     * Lightweight expiry check for stored user tokens.
+     * Signature verification is performed at the trust boundary (OIDC callback and token refresh),
+     * so tokens stored in session are already verified. This method only checks format and expiry.
      */
     parseUserToken(userToken) {
         try {

package/dist/src/services/oidc-client.d.ts

@@ -1,11 +1,3 @@
-/**
- * OIDC client for UserPool login flow.
- * Fetches .well-known/openid-configuration from data plane, then:
- * - Build authorization URL for login
- * - Exchange code for tokens
- *
- * Reference: veadk auth/middleware/oauth2_auth.py
- */
 /** Default OIDC scope for login. Includes offline_access for refresh_token support. */
 export declare const DEFAULT_OIDC_SCOPE = "openid profile email offline_access";
 export type OIDCDiscovery = {
@@ -28,7 +20,14 @@ export declare function buildAuthorizationUrl(params: {
     responseType?: string;
     codeChallenge?: string;
     codeChallengeMethod?: string;
+    nonce?: string;
 }): string;
+/** Generate PKCE code_verifier and code_challenge (S256). */
+export declare function generatePKCE(): Promise<{
+    codeVerifier: string;
+    codeChallenge: string;
+}>;
+export declare function generateNonce(): Promise<string>;
 export declare function exchangeCodeForTokens(params: {
     tokenEndpoint: string;
     clientId: string;
@@ -43,6 +42,24 @@ export declare function exchangeCodeForTokens(params: {
     refresh_token?: string;
     id_token?: string;
 }>;
+export type VerifyIdTokenParams = {
+    idToken: string;
+    jwksUri: string;
+    issuer: string;
+    audience: string;
+    /** Expected nonce (must match nonce claim in id_token when provided). */
+    nonce?: string;
+};
+export type VerifyIdTokenResult = {
+    sub: string;
+};
+/**
+ * Verify id_token using IdP's JWKS (public key).
+ * Validates signature, issuer, audience, expiry, and nonce per OIDC spec.
+ * JWKS instances are cached per jwks_uri to avoid redundant remote fetches.
+ * MUST be called before marking user as logged in.
+ */
+export declare function verifyIdToken(params: VerifyIdTokenParams): Promise<VerifyIdTokenResult>;
 /** Refresh access/id token using refresh_token grant. */
 export declare function refreshAccessToken(params: {
     tokenEndpoint: string;

package/dist/src/services/oidc-client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oidc-client.d.ts","sourceRoot":"","sources":["../../../src/services/oidc-client.ts"],"names":[],"mappings":"AAgBA;;;;;;;GAOG;AAEH,uFAAuF;AACvF,eAAO,MAAM,kBAAkB,wCAAwC,CAAC;AAExE,MAAM,MAAM,aAAa,GAAG;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACrC,CAAC;AAEF,wBAAsB,kBAAkB,CACtC,YAAY,EAAE,MAAM,EACpB,SAAS,SAAS,GACjB,OAAO,CAAC,aAAa,CAAC,CAoBxB;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE;IAC5C,qBAAqB,EAAE,MAAM,CAAC;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B,GAAG,MAAM,CA0BT;AAED,wBAAsB,qBAAqB,CAAC,MAAM,EAAE;IAClD,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,GAAG,OAAO,CAAC;IACV,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,CAAC,CA6CD;AAED,yDAAyD;AACzD,wBAAsB,kBAAkB,CAAC,MAAM,EAAE;IAC/C,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;CACtB,GAAG,OAAO,CAAC;IACV,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC,CAwCD;AAED,wBAAsB,aAAa,IAAI,OAAO,CAAC,MAAM,CAAC,CAGrD"}
+{"version":3,"file":"oidc-client.d.ts","sourceRoot":"","sources":["../../../src/services/oidc-client.ts"],"names":[],"mappings":"AA4BA,uFAAuF;AACvF,eAAO,MAAM,kBAAkB,wCAAwC,CAAC;AAaxE,MAAM,MAAM,aAAa,GAAG;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACrC,CAAC;AAEF,wBAAsB,kBAAkB,CACtC,YAAY,EAAE,MAAM,EACpB,SAAS,SAAS,GACjB,OAAO,CAAC,aAAa,CAAC,CAoBxB;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE;IAC5C,qBAAqB,EAAE,MAAM,CAAC;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,GAAG,MAAM,CA8BT;AAED,6DAA6D;AAC7D,wBAAsB,YAAY,IAAI,OAAO,CAAC;IAAE,YAAY,EAAE,MAAM,CAAC;IAAC,aAAa,EAAE,MAAM,CAAA;CAAE,CAAC,CAK7F;AAED,wBAAsB,aAAa,IAAI,OAAO,CAAC,MAAM,CAAC,CAGrD;AAED,wBAAsB,qBAAqB,CAAC,MAAM,EAAE;IAClD,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,GAAG,OAAO,CAAC;IACV,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,CAAC,CA6CD;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,yEAAyE;IACzE,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF;;;;;GAKG;AACH,wBAAsB,aAAa,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CA0B7F;AAED,yDAAyD;AACzD,wBAAsB,kBAAkB,CAAC,MAAM,EAAE;IAC/C,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;CACtB,GAAG,OAAO,CAAC;IACV,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC,CAwCD;AAED,wBAAsB,aAAa,IAAI,OAAO,CAAC,MAAM,CAAC,CAGrD"}

package/dist/src/services/oidc-client.js

@@ -18,11 +18,22 @@
  * Fetches .well-known/openid-configuration from data plane, then:
  * - Build authorization URL for login
  * - Exchange code for tokens
+ * - Verify id_token using IdP JWKS before trusting identity
  *
  * Reference: veadk auth/middleware/oauth2_auth.py
  */
+import { createRemoteJWKSet, jwtVerify } from "jose";
 /** Default OIDC scope for login. Includes offline_access for refresh_token support. */
 export const DEFAULT_OIDC_SCOPE = "openid profile email offline_access";
+const jwksCache = new Map();
+function getOrCreateJWKS(jwksUri) {
+    let jwks = jwksCache.get(jwksUri);
+    if (!jwks) {
+        jwks = createRemoteJWKSet(new URL(jwksUri));
+        jwksCache.set(jwksUri, jwks);
+    }
+    return jwks;
+}
 export async function fetchOIDCDiscovery(discoveryUrl, timeoutMs = 10_000) {
     const controller = new AbortController();
     const timer = setTimeout(() => controller.abort(), timeoutMs);
@@ -46,7 +57,7 @@ export async function fetchOIDCDiscovery(discoveryUrl, timeoutMs = 10_000) {
     }
 }
 export function buildAuthorizationUrl(params) {
-    const { authorizationEndpoint, clientId, redirectUri, scope = DEFAULT_OIDC_SCOPE, state, responseType = "code", codeChallenge, codeChallengeMethod, } = params;
+    const { authorizationEndpoint, clientId, redirectUri, scope = DEFAULT_OIDC_SCOPE, state, responseType = "code", codeChallenge, codeChallengeMethod, nonce, } = params;
     const search = new URLSearchParams({
         response_type: responseType,
         client_id: clientId,
@@ -58,9 +69,23 @@ export function buildAuthorizationUrl(params) {
         search.set("code_challenge", codeChallenge);
         search.set("code_challenge_method", codeChallengeMethod ?? "S256");
     }
+    if (nonce) {
+        search.set("nonce", nonce);
+    }
     const sep = authorizationEndpoint.includes("?") ? "&" : "?";
     return `${authorizationEndpoint}${sep}${search.toString()}`;
 }
+/** Generate PKCE code_verifier and code_challenge (S256). */
+export async function generatePKCE() {
+    const { randomBytes, createHash } = await import("node:crypto");
+    const codeVerifier = randomBytes(32).toString("base64url");
+    const codeChallenge = createHash("sha256").update(codeVerifier).digest("base64url");
+    return { codeVerifier, codeChallenge };
+}
+export async function generateNonce() {
+    const { randomBytes } = await import("node:crypto");
+    return randomBytes(16).toString("base64url");
+}
 export async function exchangeCodeForTokens(params) {
     const { tokenEndpoint, clientId, clientSecret, code, redirectUri, codeVerifier } = params;
     const body = new URLSearchParams({
@@ -102,6 +127,35 @@ export async function exchangeCodeForTokens(params) {
         id_token: data.id_token,
     };
 }
+/**
+ * Verify id_token using IdP's JWKS (public key).
+ * Validates signature, issuer, audience, expiry, and nonce per OIDC spec.
+ * JWKS instances are cached per jwks_uri to avoid redundant remote fetches.
+ * MUST be called before marking user as logged in.
+ */
+export async function verifyIdToken(params) {
+    const { idToken, jwksUri, issuer, audience, nonce } = params;
+    if (!jwksUri) {
+        throw new Error("OIDC discovery missing jwks_uri; cannot verify id_token");
+    }
+    const JWKS = getOrCreateJWKS(jwksUri);
+    const { payload } = await jwtVerify(idToken, JWKS, {
+        issuer,
+        audience,
+        clockTolerance: 60,
+    });
+    const sub = payload.sub;
+    if (!sub || typeof sub !== "string") {
+        throw new Error("id_token missing sub claim");
+    }
+    if (nonce) {
+        const tokenNonce = payload.nonce;
+        if (tokenNonce !== nonce) {
+            throw new Error("id_token nonce mismatch (possible replay attack)");
+        }
+    }
+    return { sub };
+}
 /** Refresh access/id token using refresh_token grant. */
 export async function refreshAccessToken(params) {
     const { tokenEndpoint, clientId, clientSecret, refreshToken } = params;

package/dist/src/services/session-refresh.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"session-refresh.d.ts","sourceRoot":"","sources":["../../../src/services/session-refresh.ts"],"names":[],"mappings":"AAwBA,MAAM,MAAM,oBAAoB,GAAG;IACjC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF;;;;GAIG;AACH,wBAAsB,uBAAuB,CAC3C,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,aAAa,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,GACjD,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CA4BxB"}
+{"version":3,"file":"session-refresh.d.ts","sourceRoot":"","sources":["../../../src/services/session-refresh.ts"],"names":[],"mappings":"AAwBA,MAAM,MAAM,oBAAoB,GAAG;IACjC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF;;;;GAIG;AACH,wBAAsB,uBAAuB,CAC3C,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,aAAa,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,GACjD,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAsCxB"}

package/dist/src/services/session-refresh.js

@@ -18,7 +18,7 @@
  * Used by before_agent_start when GetWorkloadAccessTokenForJWT fails with "token has expired".
  */
 import { getSession, setSession } from "../store/session-store.js";
-import { fetchOIDCDiscovery, refreshAccessToken } from "./oidc-client.js";
+import { fetchOIDCDiscovery, refreshAccessToken, verifyIdToken } from "./oidc-client.js";
 /**
  * Refresh session userToken using refresh_token grant.
  * Updates session with new userToken (and rotated refresh_token if returned).
@@ -37,7 +37,16 @@ export async function refreshSessionUserToken(storeDir, sessionKey, getOidcConfi
             clientSecret: config.clientSecret,
             refreshToken: session.refreshToken,
         });
-        const userToken = tokens.id_token ?? tokens.access_token;
+        const idToken = tokens.id_token;
+        if (idToken && discovery.jwks_uri && discovery.issuer) {
+            await verifyIdToken({
+                idToken,
+                jwksUri: discovery.jwks_uri,
+                issuer: discovery.issuer,
+                audience: config.clientId,
+            });
+        }
+        const userToken = idToken ?? tokens.access_token;
         const newRefreshToken = tokens.refresh_token ?? session.refreshToken;
         await setSession(storeDir, sessionKey, {
             ...session,

package/dist/src/store/oidc-state-store.d.ts

@@ -9,7 +9,14 @@ export type OIDCStateEntry = {
     createdAt: number;
     /** Delivery target for sending follow-up message; avoids parsing sessionKey. */
     deliveryTarget?: SessionKeyDeliveryTarget | null;
+    /** PKCE code_verifier for S256 challenge; sent in token exchange. */
+    codeVerifier?: string;
+    /** Nonce sent in authorization request; validated against id_token nonce claim. */
+    nonce?: string;
 };
-export declare function createState(_storeDir: string, sessionKey: string, redirectUri: string, state: string, deliveryTarget?: SessionKeyDeliveryTarget | null): Promise<void>;
+export declare function createState(_storeDir: string, sessionKey: string, redirectUri: string, state: string, deliveryTarget?: SessionKeyDeliveryTarget | null, extra?: {
+    codeVerifier?: string;
+    nonce?: string;
+}): Promise<void>;
 export declare function consumeState(_storeDir: string, state: string): Promise<OIDCStateEntry | null>;
 //# sourceMappingURL=oidc-state-store.d.ts.map

package/dist/src/store/oidc-state-store.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oidc-state-store.d.ts","sourceRoot":"","sources":["../../../src/store/oidc-state-store.ts"],"names":[],"mappings":"AAgBA;;;GAGG;AAEH,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC;AAE/E,MAAM,MAAM,cAAc,GAAG;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,gFAAgF;IAChF,cAAc,CAAC,EAAE,wBAAwB,GAAG,IAAI,CAAC;CAClD,CAAC;AAYF,wBAAsB,WAAW,CAC/B,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,EACnB,KAAK,EAAE,MAAM,EACb,cAAc,CAAC,EAAE,wBAAwB,GAAG,IAAI,GAC/C,OAAO,CAAC,IAAI,CAAC,CAQf;AAED,wBAAsB,YAAY,CAChC,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAOhC"}
+{"version":3,"file":"oidc-state-store.d.ts","sourceRoot":"","sources":["../../../src/store/oidc-state-store.ts"],"names":[],"mappings":"AAgBA;;;GAGG;AAEH,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC;AAE/E,MAAM,MAAM,cAAc,GAAG;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,gFAAgF;IAChF,cAAc,CAAC,EAAE,wBAAwB,GAAG,IAAI,CAAC;IACjD,qEAAqE;IACrE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,mFAAmF;IACnF,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAYF,wBAAsB,WAAW,CAC/B,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,EACnB,KAAK,EAAE,MAAM,EACb,cAAc,CAAC,EAAE,wBAAwB,GAAG,IAAI,EAChD,KAAK,CAAC,EAAE;IAAE,YAAY,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,GAChD,OAAO,CAAC,IAAI,CAAC,CAUf;AAED,wBAAsB,YAAY,CAChC,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAOhC"}

package/dist/src/store/oidc-state-store.js

@@ -22,13 +22,15 @@ function pruneExpired() {
             states.delete(k);
     }
 }
-export async function createState(_storeDir, sessionKey, redirectUri, state, deliveryTarget) {
+export async function createState(_storeDir, sessionKey, redirectUri, state, deliveryTarget, extra) {
     pruneExpired();
     states.set(state, {
         sessionKey,
         redirectUri,
         createdAt: Date.now(),
         deliveryTarget: deliveryTarget ?? undefined,
+        codeVerifier: extra?.codeVerifier,
+        nonce: extra?.nonce,
     });
 }
 export async function consumeState(_storeDir, state) {

package/dist/src/store/{group-sender-store.d.ts → sender-session-store.d.ts}

@@ -10,16 +10,23 @@ export declare function setSender(sessionKey: string, info: SenderInfo): void;
 export declare function getSender(sessionKey: string): SenderInfo | undefined;
 export declare function clearSender(sessionKey: string): void;
 /**
- * For group sessions, append :user:<senderId> so each member gets isolated
- * TIP tokens, credentials and session state.
- * For non-group sessions the key is returned unchanged.
+ * For shared sessions (group/channel and default "main"), resolve to a
+ * user-scoped effective key so each user gets isolated state.
+ *
+ * For main shared sessions from a sendable channel, promote the key to
+ * per-channel-peer format (agent:{id}:{channel}:direct:{senderId}).
+ * This makes the key parseable by parseSessionKeyToDeliveryTarget,
+ * enabling message delivery after OIDC login and approval flows.
+ *
+ * For group sessions or main sessions without channel info, fall back to
+ * appending :user:<senderId>.
  */
 export declare function resolveEffectiveSessionKey(sessionKey: string): string;
 /**
- * Same as resolveEffectiveSessionKey but takes an explicit senderId
- * (used by commands where ctx.senderId is already available).
+ * Same as resolveEffectiveSessionKey but takes explicit senderId and channel
+ * (used by commands where ctx.senderId and ctx.channel are directly available).
  */
-export declare function buildEffectiveSessionKey(sessionKey: string, senderId?: string): string;
+export declare function buildEffectiveSessionKey(sessionKey: string, senderId?: string, channel?: string): string;
 /**
  * Freeze the effective sessionKey for a runId.
  * Once frozen, all hooks in this run use the same user-scoped key
@@ -32,4 +39,4 @@ export declare function freezeRun(runId: string, effectiveKey: string): void;
  */
 export declare function resolveEffectiveSessionKeyForRun(sessionKey: string, runId?: string): string;
 export declare function clearFrozenRun(runId: string): void;
-//# sourceMappingURL=group-sender-store.d.ts.map
+//# sourceMappingURL=sender-session-store.d.ts.map

package/dist/src/store/sender-session-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sender-session-store.d.ts","sourceRoot":"","sources":["../../../src/store/sender-session-store.ts"],"names":[],"mappings":"AAkCA,MAAM,MAAM,UAAU,GAAG;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAIF,wBAAgB,SAAS,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,GAAG,IAAI,CAGpE;AAED,wBAAgB,SAAS,CAAC,UAAU,EAAE,MAAM,GAAG,UAAU,GAAG,SAAS,CAQpE;AAED,wBAAgB,WAAW,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAEpD;AAkBD;;;;;;;;;;;GAWG;AACH,wBAAgB,0BAA0B,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CASrE;AAED;;;GAGG;AACH,wBAAgB,wBAAwB,CACtC,UAAU,EAAE,MAAM,EAClB,QAAQ,CAAC,EAAE,MAAM,EACjB,OAAO,CAAC,EAAE,MAAM,GACf,MAAM,CAOR;AASD;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,IAAI,CAInE;AAED;;;GAGG;AACH,wBAAgB,gCAAgC,CAAC,UAAU,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,CAQ3F;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAElD"}

package/dist/src/store/{group-sender-store.js → sender-session-store.js}

@@ -14,11 +14,14 @@
  * limitations under the License.
  */
 /**
- * Lightweight in-memory store that maps group sessionKey → latest sender info.
- * Written by the message_received handler, read by before_tool_call to inject
- * sender identity into tool params so group-chat users can be distinguished.
+ * Lightweight in-memory store that maps shared sessionKey → latest sender info.
+ * Covers both group/channel sessions and default "main" sessions (dmScope unset).
+ *
+ * For main sessions from sendable channels, the effective key is promoted to
+ * per-channel-peer format (agent:{id}:{channel}:direct:{senderId}), making it
+ * parseable for message delivery after OIDC login and approval flows.
  */
-import { isGroupOrChannelSessionKey } from "../utils/derive-session-key.js";
+import { needsSenderIsolation, isMainSharedSessionKey, parseAgentIdFromSessionKey, isSendableChannel, } from "../utils/derive-session-key.js";
 const SESSION_TTL_MS = 2 * 60 * 60 * 1000;
 const store = new Map();
 export function setSender(sessionKey, info) {
@@ -39,25 +42,51 @@ export function clearSender(sessionKey) {
     store.delete(sessionKey);
 }
 /**
- * For group sessions, append :user:<senderId> so each member gets isolated
- * TIP tokens, credentials and session state.
- * For non-group sessions the key is returned unchanged.
+ * Build a per-channel-peer key from a main shared session when channel is sendable.
+ * Returns null if the key can't be promoted (not main, or channel not sendable).
+ */
+function promoteMainToChannelPeerKey(sessionKey, channel, senderId) {
+    if (!isMainSharedSessionKey(sessionKey))
+        return null;
+    const ch = (channel ?? "").trim().toLowerCase();
+    if (!ch || !isSendableChannel(ch))
+        return null;
+    const agentId = parseAgentIdFromSessionKey(sessionKey) ?? "main";
+    return `agent:${agentId}:${ch}:direct:${senderId.toLowerCase()}`;
+}
+/**
+ * For shared sessions (group/channel and default "main"), resolve to a
+ * user-scoped effective key so each user gets isolated state.
+ *
+ * For main shared sessions from a sendable channel, promote the key to
+ * per-channel-peer format (agent:{id}:{channel}:direct:{senderId}).
+ * This makes the key parseable by parseSessionKeyToDeliveryTarget,
+ * enabling message delivery after OIDC login and approval flows.
+ *
+ * For group sessions or main sessions without channel info, fall back to
+ * appending :user:<senderId>.
  */
 export function resolveEffectiveSessionKey(sessionKey) {
-    if (!isGroupOrChannelSessionKey(sessionKey))
+    if (!needsSenderIsolation(sessionKey))
         return sessionKey;
     const sender = getSender(sessionKey);
     if (!sender?.senderId)
         return sessionKey;
+    const promoted = promoteMainToChannelPeerKey(sessionKey, sender.channelId, sender.senderId);
+    if (promoted)
+        return promoted;
     return `${sessionKey}:user:${sender.senderId}`;
 }
 /**
- * Same as resolveEffectiveSessionKey but takes an explicit senderId
- * (used by commands where ctx.senderId is already available).
+ * Same as resolveEffectiveSessionKey but takes explicit senderId and channel
+ * (used by commands where ctx.senderId and ctx.channel are directly available).
  */
-export function buildEffectiveSessionKey(sessionKey, senderId) {
-    if (!senderId || !isGroupOrChannelSessionKey(sessionKey))
+export function buildEffectiveSessionKey(sessionKey, senderId, channel) {
+    if (!senderId || !needsSenderIsolation(sessionKey))
         return sessionKey;
+    const promoted = promoteMainToChannelPeerKey(sessionKey, channel, senderId);
+    if (promoted)
+        return promoted;
     return `${sessionKey}:user:${senderId}`;
 }
 // --------------- freeze-by-runId ---------------

package/dist/src/tools/identity-approve-tool.js

@@ -16,7 +16,7 @@
 import { Type } from "@sinclair/typebox";
 import { jsonResult } from "openclaw/plugin-sdk";
 import * as toolApprovalStore from "../store/tool-approval-store.js";
-import { resolveEffectiveSessionKey } from "../store/group-sender-store.js";
+import { resolveEffectiveSessionKey } from "../store/sender-session-store.js";
 import { logDebug, logWarn } from "../utils/logger.js";
 export function createIdentityApproveTool(deps) {
     return (ctx) => ({

package/dist/src/tools/identity-fetch.js

@@ -18,7 +18,7 @@ import { optionalStringEnum } from "openclaw/plugin-sdk";
 import { jsonResult } from "openclaw/plugin-sdk";
 import { runFetch } from "../actions/identity-actions.js";
 import { getCredential, resolveCredentialValue } from "../store/credential-store.js";
-import { resolveEffectiveSessionKey } from "../store/group-sender-store.js";
+import { resolveEffectiveSessionKey } from "../store/sender-session-store.js";
 const FETCH_FLOWS = ["oauth2-user", "oauth2-m2m", "apikey"];
 export function createIdentityFetchTool(deps) {
     return (ctx) => ({

package/dist/src/tools/identity-list-credentials.js

@@ -16,7 +16,7 @@
 import { Type } from "@sinclair/typebox";
 import { jsonResult } from "openclaw/plugin-sdk";
 import { runListCredentials } from "../actions/identity-actions.js";
-import { resolveEffectiveSessionKey } from "../store/group-sender-store.js";
+import { resolveEffectiveSessionKey } from "../store/sender-session-store.js";
 export function createIdentityListCredentialsTool(deps) {
     return (ctx) => ({
         name: "identity_list_credentials",

package/dist/src/tools/identity-login.js

@@ -16,7 +16,7 @@
 import { Type } from "@sinclair/typebox";
 import { jsonResult } from "openclaw/plugin-sdk";
 import { runLogin } from "../actions/identity-actions.js";
-import { resolveEffectiveSessionKey } from "../store/group-sender-store.js";
+import { resolveEffectiveSessionKey } from "../store/sender-session-store.js";
 export function createIdentityLoginTool(deps) {
     return (ctx) => ({
         name: "identity_login",

package/dist/src/tools/identity-logout.js

@@ -16,7 +16,7 @@
 import { Type } from "@sinclair/typebox";
 import { jsonResult } from "openclaw/plugin-sdk";
 import { runLogout } from "../actions/identity-actions.js";
-import { resolveEffectiveSessionKey } from "../store/group-sender-store.js";
+import { resolveEffectiveSessionKey } from "../store/sender-session-store.js";
 export function createIdentityLogoutTool(deps) {
     return (ctx) => {
         const sessionKey = ctx.sessionKey ? resolveEffectiveSessionKey(ctx.sessionKey) : undefined;

package/dist/src/tools/identity-set-binding.js

@@ -16,7 +16,7 @@
 import { Type } from "@sinclair/typebox";
 import { jsonResult } from "openclaw/plugin-sdk";
 import { runSetBinding } from "../actions/identity-actions.js";
-import { resolveEffectiveSessionKey } from "../store/group-sender-store.js";
+import { resolveEffectiveSessionKey } from "../store/sender-session-store.js";
 export function createIdentitySetBindingTool(deps) {
     return (ctx) => ({
         name: "identity_set_binding",

package/dist/src/tools/identity-status.js

@@ -16,7 +16,7 @@
 import { Type } from "@sinclair/typebox";
 import { jsonResult } from "openclaw/plugin-sdk";
 import { runStatus } from "../actions/identity-actions.js";
-import { resolveEffectiveSessionKey } from "../store/group-sender-store.js";
+import { resolveEffectiveSessionKey } from "../store/sender-session-store.js";
 export function createIdentityStatusTool(deps) {
     return (ctx) => ({
         name: "identity_status",

package/dist/src/tools/identity-unset-binding.js

@@ -16,7 +16,7 @@
 import { Type } from "@sinclair/typebox";
 import { jsonResult } from "openclaw/plugin-sdk";
 import { runUnsetBinding } from "../actions/identity-actions.js";
-import { resolveEffectiveSessionKey } from "../store/group-sender-store.js";
+import { resolveEffectiveSessionKey } from "../store/sender-session-store.js";
 export function createIdentityUnsetBindingTool(deps) {
     return (ctx) => ({
         name: "identity_unset_binding",

package/dist/src/tools/identity-whoami.js

@@ -16,7 +16,7 @@
 import { Type } from "@sinclair/typebox";
 import { jsonResult } from "openclaw/plugin-sdk";
 import { runStatus } from "../actions/identity-actions.js";
-import { resolveEffectiveSessionKey } from "../store/group-sender-store.js";
+import { resolveEffectiveSessionKey } from "../store/sender-session-store.js";
 export function createIdentityWhoamiTool(deps) {
     return (ctx) => {
         const sessionKey = ctx.sessionKey ? resolveEffectiveSessionKey(ctx.sessionKey) : undefined;

package/dist/src/utils/derive-session-key.d.ts

@@ -49,12 +49,35 @@ export declare function resolveAgentId(params: ResolveAgentIdParams): string;
  */
 export declare function isSubagentSessionKey(sessionKey: string | undefined | null): boolean;
 /**
- * Check whether sessionKey represents a group/channel conversation.
- * Examples:
- * - agent:main:telegram:group:-1001
- * - agent:main:slack:channel:C123456
+ * Check whether sessionKey represents a group/channel conversation
+ * by parsing the key structure: agent:{agentId}:{channel}:{scope}:{peerId}...
+ * where scope is "group" or "channel".
+ *
+ * This is stricter than a naive `:group:` substring match — it only checks
+ * position [3] of the colon-delimited key, preventing false positives from
+ * user-scoped suffixes like `...:user:some_group_admin`.
  */
 export declare function isGroupOrChannelSessionKey(sessionKey: string | undefined | null): boolean;
+/**
+ * Check whether sessionKey is the default "main" shared session (agent:{id}:main).
+ * When dmScope is unset, all DM users share this key — including:
+ * - Feishu/Telegram/etc. DMs (have senderId, will be isolated)
+ * - webchat/tui (typically no senderId; single-user, so no isolation needed)
+ */
+export declare function isMainSharedSessionKey(sessionKey: string | undefined | null): boolean;
+/**
+ * Whether the sessionKey may be shared by multiple users and thus requires
+ * per-sender isolation (appending :user:<senderId>).
+ * True for group/channel sessions AND default "main" sessions.
+ *
+ * Safety for webchat/tui: these channels typically don't provide senderId.
+ * When senderId is absent, the isolation gracefully degrades:
+ * - message_received handler skips (no senderId → early return)
+ * - resolveEffectiveSessionKey returns key unchanged (no stored sender)
+ * - buildEffectiveSessionKey returns key unchanged (senderId is undefined)
+ * So webchat/tui users keep using `agent:main:main` directly — correct for single-user contexts.
+ */
+export declare function needsSenderIsolation(sessionKey: string | undefined | null): boolean;
 export type ResolveWorkloadNameParams = {
     sessionKey?: string;
     agentId?: string;
@@ -67,6 +90,12 @@ export type ResolveWorkloadNameParams = {
  * For main/cron/etc: use configWorkloadName ?? agentId ?? "openclaw-agent".
  */
 export declare function resolveWorkloadNameForSession(params: ResolveWorkloadNameParams): string;
+/**
+ * Check if the from/to context indicates a group conversation.
+ * Reuses the same per-channel logic as extractGroupPeerId.
+ * Use this at message-receive time when raw context fields are available.
+ */
+export declare function isGroupContext(channel: string, from?: string, to?: string): boolean;
 /**
  * Derive sessionKey from command context.
  * Matches OpenClaw routing buildAgentPeerSessionKey for common cases.
@@ -78,6 +107,7 @@ export type SessionKeyDeliveryTarget = {
     /** For feishu per-account sessions (agent:main:feishu:default:direct:ou_xxx). */
     accountId?: string;
 };
+export declare function isSendableChannel(channel: string | undefined | null): boolean;
 /** Command context shape (subset of PluginCommandContext). */
 export type CommandContextForDelivery = {
     channel: string;

package/dist/src/utils/derive-session-key.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"derive-session-key.d.ts","sourceRoot":"","sources":["../../../src/utils/derive-session-key.ts"],"names":[],"mappings":"AAgBA;;;GAGG;AAEH,yFAAyF;AACzF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,OAAO,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAC/B,MAAM,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE;YAAE,EAAE,CAAC,EAAE,MAAM,CAAC;YAAC,OAAO,CAAC,EAAE,MAAM,CAAA;SAAE,CAAA;KAAE,CAAC;CAC3D,CAAC;AAEF,KAAK,sBAAsB,GAAG;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,iBAAiB,CAAC;CAC3B,CAAC;AAUF;;GAEG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE,iBAAiB,GAAG,MAAM,CAE/D;AAED;;;GAGG;AACH,wBAAgB,0BAA0B,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GAAG,MAAM,GAAG,IAAI,CAM/F;AAED,MAAM,MAAM,oBAAoB,GAAG;IACjC,qFAAqF;IACrF,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,uDAAuD;IACvD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,mEAAmE;IACnE,MAAM,CAAC,EAAE,iBAAiB,CAAC;CAC5B,CAAC;AAEF;;;GAGG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,oBAAoB,GAAG,MAAM,CASnE;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GAAG,OAAO,CAKnF;AAED;;;;;GAKG;AACH,wBAAgB,0BAA0B,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GAAG,OAAO,CAIzF;AAED,MAAM,MAAM,yBAAyB,GAAG;IACtC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,qDAAqD;IACrD,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,6BAA6B,CAAC,MAAM,EAAE,yBAAyB,GAAG,MAAM,CAiBvF;AAsGD;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,sBAAsB,GAAG,MAAM,GAAG,IAAI,CAiC9E;AAED,MAAM,MAAM,wBAAwB,GAAG;IACrC,OAAO,EAAE,MAAM,CAAC;IAChB,EAAE,EAAE,MAAM,CAAC;IACX,iFAAiF;IACjF,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAaF,8DAA8D;AAC9D,MAAM,MAAM,yBAAyB,GAAG;IACtC,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,+BAA+B,CAC7C,GAAG,EAAE,yBAAyB,GAC7B,wBAAwB,GAAG,IAAI,CAmBjC;AAED;;;;GAIG;AACH,wBAAgB,+BAA+B,CAC7C,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GACpC,wBAAwB,GAAG,IAAI,CAyDjC"}
+{"version":3,"file":"derive-session-key.d.ts","sourceRoot":"","sources":["../../../src/utils/derive-session-key.ts"],"names":[],"mappings":"AAgBA;;;GAGG;AAEH,yFAAyF;AACzF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,OAAO,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAC/B,MAAM,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE;YAAE,EAAE,CAAC,EAAE,MAAM,CAAC;YAAC,OAAO,CAAC,EAAE,MAAM,CAAA;SAAE,CAAA;KAAE,CAAC;CAC3D,CAAC;AAEF,KAAK,sBAAsB,GAAG;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,iBAAiB,CAAC;CAC3B,CAAC;AAUF;;GAEG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE,iBAAiB,GAAG,MAAM,CAE/D;AAED;;;GAGG;AACH,wBAAgB,0BAA0B,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GAAG,MAAM,GAAG,IAAI,CAM/F;AAED,MAAM,MAAM,oBAAoB,GAAG;IACjC,qFAAqF;IACrF,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,uDAAuD;IACvD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,mEAAmE;IACnE,MAAM,CAAC,EAAE,iBAAiB,CAAC;CAC5B,CAAC;AAEF;;;GAGG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,oBAAoB,GAAG,MAAM,CASnE;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GAAG,OAAO,CAKnF;AAED;;;;;;;;GAQG;AACH,wBAAgB,0BAA0B,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GAAG,OAAO,CAOzF;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GAAG,OAAO,CAIrF;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GAAG,OAAO,CAEnF;AAED,MAAM,MAAM,yBAAyB,GAAG;IACtC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,qDAAqD;IACrD,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,6BAA6B,CAAC,MAAM,EAAE,yBAAyB,GAAG,MAAM,CAiBvF;AAuGD;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,EAAE,MAAM,GAAG,OAAO,CAEnF;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,sBAAsB,GAAG,MAAM,GAAG,IAAI,CAiC9E;AAED,MAAM,MAAM,wBAAwB,GAAG;IACrC,OAAO,EAAE,MAAM,CAAC;IAChB,EAAE,EAAE,MAAM,CAAC;IACX,iFAAiF;IACjF,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAaF,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GAAG,OAAO,CAE7E;AAED,8DAA8D;AAC9D,MAAM,MAAM,yBAAyB,GAAG;IACtC,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,+BAA+B,CAC7C,GAAG,EAAE,yBAAyB,GAC7B,wBAAwB,GAAG,IAAI,CAmBjC;AAED;;;;GAIG;AACH,wBAAgB,+BAA+B,CAC7C,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GACpC,wBAAwB,GAAG,IAAI,CAyDjC"}

package/dist/src/utils/derive-session-key.js

@@ -65,16 +65,50 @@ export function isSubagentSessionKey(sessionKey) {
     return raw.includes(":subagent:");
 }
 /**
- * Check whether sessionKey represents a group/channel conversation.
- * Examples:
- * - agent:main:telegram:group:-1001
- * - agent:main:slack:channel:C123456
+ * Check whether sessionKey represents a group/channel conversation
+ * by parsing the key structure: agent:{agentId}:{channel}:{scope}:{peerId}...
+ * where scope is "group" or "channel".
+ *
+ * This is stricter than a naive `:group:` substring match — it only checks
+ * position [3] of the colon-delimited key, preventing false positives from
+ * user-scoped suffixes like `...:user:some_group_admin`.
  */
 export function isGroupOrChannelSessionKey(sessionKey) {
     const raw = (sessionKey ?? "").trim().toLowerCase();
     if (!raw)
         return false;
-    return raw.includes(":group:") || raw.includes(":channel:");
+    const parts = raw.split(":");
+    if (parts.length < 5 || parts[0] !== "agent")
+        return false;
+    const scope = parts[3];
+    return scope === "group" || scope === "channel";
+}
+/**
+ * Check whether sessionKey is the default "main" shared session (agent:{id}:main).
+ * When dmScope is unset, all DM users share this key — including:
+ * - Feishu/Telegram/etc. DMs (have senderId, will be isolated)
+ * - webchat/tui (typically no senderId; single-user, so no isolation needed)
+ */
+export function isMainSharedSessionKey(sessionKey) {
+    const raw = (sessionKey ?? "").trim().toLowerCase();
+    if (!raw)
+        return false;
+    return /^agent:[^:]+:main$/.test(raw);
+}
+/**
+ * Whether the sessionKey may be shared by multiple users and thus requires
+ * per-sender isolation (appending :user:<senderId>).
+ * True for group/channel sessions AND default "main" sessions.
+ *
+ * Safety for webchat/tui: these channels typically don't provide senderId.
+ * When senderId is absent, the isolation gracefully degrades:
+ * - message_received handler skips (no senderId → early return)
+ * - resolveEffectiveSessionKey returns key unchanged (no stored sender)
+ * - buildEffectiveSessionKey returns key unchanged (senderId is undefined)
+ * So webchat/tui users keep using `agent:main:main` directly — correct for single-user contexts.
+ */
+export function needsSenderIsolation(sessionKey) {
+    return isGroupOrChannelSessionKey(sessionKey) || isMainSharedSessionKey(sessionKey);
 }
 /**
  * Resolve workload name for GetWorkloadAccessToken when roleTrn is not set.
@@ -180,6 +214,14 @@ function extractGroupPeerId(channel, from, to) {
             return pickFirst(pickByPrefix(fromRaw, `${ch}:group:`), pickByPrefix(fromRaw, `${ch}:channel:`), pickByPrefix(toRaw, `${ch}:group:`), pickByPrefix(toRaw, `${ch}:channel:`));
     }
 }
+/**
+ * Check if the from/to context indicates a group conversation.
+ * Reuses the same per-channel logic as extractGroupPeerId.
+ * Use this at message-receive time when raw context fields are available.
+ */
+export function isGroupContext(channel, from, to) {
+    return extractGroupPeerId(channel, from, to) !== null;
+}
 /**
  * Derive sessionKey from command context.
  * Matches OpenClaw routing buildAgentPeerSessionKey for common cases.
@@ -223,6 +265,9 @@ const SENDABLE_CHANNELS = new Set([
     "line",
     "feishu",
 ]);
+export function isSendableChannel(channel) {
+    return SENDABLE_CHANNELS.has((channel ?? "").trim().toLowerCase());
+}
 /**
  * Derive delivery target directly from command context (channel, from, to).
  * Use this when sessionKey cannot be parsed reliably.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@m1a0rz/agent-identity",
-  "version": "0.3.2",
+  "version": "0.3.3",
   "description": "Agent Identity: UserPool (用户池) login, TIP token (工作负载令牌), credential hosting (凭据托管 OAuth2/API key), optional tool/skill permission control (CheckPermission) and risk approval. Integrates with Volcengine 智能体身份和权限管理平台.",
   "type": "module",
   "main": "dist/index.js",
@@ -12,14 +12,15 @@
   "keywords": ["openclaw", "identity", "volcengine", "userpool", "credential", "TIP", "auth", "agent"],
   "license": "Apache-2.0",
   "dependencies": {
-    "@sinclair/typebox": "0.34.48"
+    "@sinclair/typebox": "0.34.48",
+    "jose": "^5.9.6"
   },
   "devDependencies": {
     "@types/node": "^22.0.0",
     "typescript": "^5.7.0"
   },
   "peerDependencies": {
-    "openclaw": ">=2026.2.21"
+    "openclaw": ">=2026.3.8"
   },
   "peerDependenciesMeta": {
     "openclaw": {

package/dist/src/store/group-sender-store.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"group-sender-store.d.ts","sourceRoot":"","sources":["../../../src/store/group-sender-store.ts"],"names":[],"mappings":"AA0BA,MAAM,MAAM,UAAU,GAAG;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAIF,wBAAgB,SAAS,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,GAAG,IAAI,CAGpE;AAED,wBAAgB,SAAS,CAAC,UAAU,EAAE,MAAM,GAAG,UAAU,GAAG,SAAS,CAQpE;AAED,wBAAgB,WAAW,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAEpD;AAED;;;;GAIG;AACH,wBAAgB,0BAA0B,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAKrE;AAED;;;GAGG;AACH,wBAAgB,wBAAwB,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,CAGtF;AASD;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,IAAI,CAInE;AAED;;;GAGG;AACH,wBAAgB,gCAAgC,CAAC,UAAU,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,CAQ3F;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAElD"}