@m1a0rz/agent-identity 0.4.5 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README-cn.md +70 -9
- package/README.md +70 -9
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +80 -27
- package/dist/src/actions/identity-actions.d.ts.map +1 -1
- package/dist/src/actions/identity-actions.js +1 -1
- package/dist/src/commands/identity-commands.d.ts.map +1 -1
- package/dist/src/commands/identity-commands.js +1 -37
- package/dist/src/hooks/before-agent-start.d.ts +11 -3
- package/dist/src/hooks/before-agent-start.d.ts.map +1 -1
- package/dist/src/hooks/before-agent-start.js +12 -11
- package/dist/src/hooks/before-dispatch.d.ts +71 -0
- package/dist/src/hooks/before-dispatch.d.ts.map +1 -0
- package/dist/src/hooks/before-dispatch.js +148 -0
- package/dist/src/hooks/before-tool-call.d.ts +12 -3
- package/dist/src/hooks/before-tool-call.d.ts.map +1 -1
- package/dist/src/hooks/before-tool-call.js +51 -60
- package/dist/src/hooks/llm-input.d.ts +2 -0
- package/dist/src/hooks/llm-input.d.ts.map +1 -1
- package/dist/src/hooks/llm-input.js +30 -7
- package/dist/src/hooks/tool-result-persist.d.ts +1 -0
- package/dist/src/hooks/tool-result-persist.d.ts.map +1 -1
- package/dist/src/hooks/tool-result-persist.js +5 -2
- package/dist/src/local-server/handlers.d.ts +44 -0
- package/dist/src/local-server/handlers.d.ts.map +1 -0
- package/dist/src/local-server/handlers.js +207 -0
- package/dist/src/local-server/identity-socket.d.ts +18 -0
- package/dist/src/local-server/identity-socket.d.ts.map +1 -0
- package/dist/src/local-server/identity-socket.js +198 -0
- package/dist/src/local-server/peer-check.d.ts +58 -0
- package/dist/src/local-server/peer-check.d.ts.map +1 -0
- package/dist/src/local-server/peer-check.js +206 -0
- package/dist/src/local-server/peercred-linux.d.ts +30 -0
- package/dist/src/local-server/peercred-linux.d.ts.map +1 -0
- package/dist/src/local-server/peercred-linux.js +69 -0
- package/dist/src/preflight/plugin-preflight.d.ts +18 -8
- package/dist/src/preflight/plugin-preflight.d.ts.map +1 -1
- package/dist/src/preflight/plugin-preflight.js +96 -92
- package/dist/src/preflight/plugin-state.d.ts +1 -1
- package/dist/src/preflight/plugin-state.d.ts.map +1 -1
- package/dist/src/risk/llm-risk-check.d.ts +0 -5
- package/dist/src/risk/llm-risk-check.d.ts.map +1 -1
- package/dist/src/risk/llm-risk-check.js +10 -1
- package/dist/src/risk/low-risk-tools.d.ts.map +1 -1
- package/dist/src/risk/low-risk-tools.js +0 -1
- package/dist/src/services/identity-client.d.ts +0 -1
- package/dist/src/services/identity-client.d.ts.map +1 -1
- package/dist/src/services/identity-client.js +1 -1
- package/dist/src/services/skill-contract-renderer.d.ts.map +1 -1
- package/dist/src/services/skill-contract-renderer.js +15 -4
- package/dist/src/store/dispatch-feature-flag.d.ts +7 -0
- package/dist/src/store/dispatch-feature-flag.d.ts.map +1 -0
- package/dist/src/store/dispatch-feature-flag.js +36 -0
- package/dist/src/tools/identity-config-suggest.d.ts +1 -1
- package/dist/src/tools/identity-config-suggest.d.ts.map +1 -1
- package/dist/src/tools/identity-config-suggest.js +1 -1
- package/dist/src/tools/identity-config.d.ts +1 -1
- package/dist/src/tools/identity-config.d.ts.map +1 -1
- package/dist/src/tools/identity-config.js +1 -1
- package/dist/src/tools/identity-fetch.d.ts +1 -1
- package/dist/src/tools/identity-fetch.d.ts.map +1 -1
- package/dist/src/tools/identity-fetch.js +1 -2
- package/dist/src/tools/identity-get-role-credentials.d.ts +1 -1
- package/dist/src/tools/identity-get-role-credentials.d.ts.map +1 -1
- package/dist/src/tools/identity-get-role-credentials.js +1 -1
- package/dist/src/tools/identity-get-session-token.d.ts +1 -1
- package/dist/src/tools/identity-get-session-token.d.ts.map +1 -1
- package/dist/src/tools/identity-get-session-token.js +1 -1
- package/dist/src/tools/identity-get-tip-token.d.ts +1 -1
- package/dist/src/tools/identity-get-tip-token.d.ts.map +1 -1
- package/dist/src/tools/identity-get-tip-token.js +1 -1
- package/dist/src/tools/identity-list-credentials.d.ts +1 -1
- package/dist/src/tools/identity-list-credentials.d.ts.map +1 -1
- package/dist/src/tools/identity-list-credentials.js +1 -1
- package/dist/src/tools/identity-list-risk-patterns.d.ts +1 -1
- package/dist/src/tools/identity-list-risk-patterns.d.ts.map +1 -1
- package/dist/src/tools/identity-list-risk-patterns.js +1 -1
- package/dist/src/tools/identity-list-roles.d.ts +1 -1
- package/dist/src/tools/identity-list-roles.d.ts.map +1 -1
- package/dist/src/tools/identity-list-roles.js +1 -1
- package/dist/src/tools/identity-list-tips.d.ts +1 -1
- package/dist/src/tools/identity-list-tips.d.ts.map +1 -1
- package/dist/src/tools/identity-list-tips.js +1 -1
- package/dist/src/tools/identity-login.d.ts +1 -1
- package/dist/src/tools/identity-login.d.ts.map +1 -1
- package/dist/src/tools/identity-login.js +1 -1
- package/dist/src/tools/identity-logout.d.ts +1 -1
- package/dist/src/tools/identity-logout.d.ts.map +1 -1
- package/dist/src/tools/identity-logout.js +1 -1
- package/dist/src/tools/identity-risk-check.d.ts +1 -1
- package/dist/src/tools/identity-risk-check.d.ts.map +1 -1
- package/dist/src/tools/identity-risk-check.js +1 -1
- package/dist/src/tools/identity-set-binding.d.ts +1 -1
- package/dist/src/tools/identity-set-binding.d.ts.map +1 -1
- package/dist/src/tools/identity-set-binding.js +1 -1
- package/dist/src/tools/identity-status.d.ts +1 -1
- package/dist/src/tools/identity-status.d.ts.map +1 -1
- package/dist/src/tools/identity-status.js +1 -1
- package/dist/src/tools/identity-unset-binding.d.ts +1 -1
- package/dist/src/tools/identity-unset-binding.d.ts.map +1 -1
- package/dist/src/tools/identity-unset-binding.js +1 -1
- package/dist/src/tools/identity-whoami.d.ts +1 -1
- package/dist/src/tools/identity-whoami.d.ts.map +1 -1
- package/dist/src/tools/identity-whoami.js +1 -1
- package/dist/src/types.d.ts +22 -0
- package/dist/src/types.d.ts.map +1 -1
- package/dist/src/utils/tool-result.d.ts +26 -0
- package/dist/src/utils/tool-result.d.ts.map +1 -0
- package/dist/src/utils/tool-result.js +40 -0
- package/openclaw.plugin.json +15 -0
- package/package.json +9 -6
- package/skills/SKILL.md +3 -8
- package/dist/src/store/tool-approval-store.d.ts +0 -40
- package/dist/src/store/tool-approval-store.d.ts.map +0 -1
- package/dist/src/store/tool-approval-store.js +0 -162
- package/dist/src/tools/identity-approve-tool.d.ts +0 -15
- package/dist/src/tools/identity-approve-tool.d.ts.map +0 -1
- package/dist/src/tools/identity-approve-tool.js +0 -50
- package/dist/src/utils/approval-channel.d.ts +0 -7
- package/dist/src/utils/approval-channel.d.ts.map +0 -1
- package/dist/src/utils/approval-channel.js +0 -28
package/README-cn.md
CHANGED
|
@@ -9,9 +9,11 @@ UserPool OIDC 登录、TIP (Trusted Identity Provider) 令牌(通过 Identity
|
|
|
9
9
|
## 功能特性
|
|
10
10
|
|
|
11
11
|
- **OIDC 登录**:`/identity login` 返回 IdP 授权 URL。用户打开 URL 后,IdP 重定向到 `/identity/oauth/callback`。
|
|
12
|
-
- **
|
|
12
|
+
- **LLM 前置认证拦截(`before_dispatch`)**:在 LLM 调用前拦截未认证消息,节省 token 开销。直接在静态回复中返回 OIDC 登录 URL。在不支持 `before_dispatch` 的旧版 OpenClaw 上自动回退到 `before_agent_start`。
|
|
13
|
+
- **TIP 令牌**:`before_dispatch` / `before_agent_start` 钩子在会话中有已登录用户时获取 TIP 令牌。
|
|
13
14
|
- **凭据 3LO**:`/identity fetch <provider>` 返回授权 URL。IdP 重定向到 Identity 提供的回调地址(控制台配置)。
|
|
14
15
|
- **凭据绑定**:`/identity set <provider> <envVar>` 将存储的凭据绑定到环境变量。凭据按工具调用粒度安全注入,并发多用户会话之间互相隔离。
|
|
16
|
+
- **本地身份服务(UDS)**:可选的 HTTP-over-Unix-Domain-Socket 服务,将 TIP 令牌、OIDC 会话令牌及所有插件工具暴露给本地其他进程。支持 Linux `SO_PEERCRED` + `/proc` 进程级校验和可配置进程白名单。
|
|
15
17
|
- **加密会话存储**:`sessions.json` 使用 AES-256-GCM 加密存储在磁盘上。旧版明文文件首次加载时自动迁移。
|
|
16
18
|
- **内存 TIP 缓存**:TIP 令牌仅存储在内存中(不持久化到磁盘)。TIP 是短效令牌,可随时从用户 session token 重新获取。
|
|
17
19
|
- **动态 UserPool**:通过 `userPoolName` + `clientName` 解析 OIDC 配置(无需手动配置 clientId)。
|
|
@@ -44,8 +46,6 @@ UserPool OIDC 登录、TIP (Trusted Identity Provider) 令牌(通过 Identity
|
|
|
44
46
|
| `fetch <provider> [--flow=...]` | 添加凭据。flow 根据 provider 类型自动推断;可用 `--flow` 覆盖。 |
|
|
45
47
|
| `set <provider> <envVar>` | 将凭据绑定到环境变量供工具注入。无凭据时从 `process.env[envVar]` 导入。 |
|
|
46
48
|
| `unset <provider>` | 移除 provider 的环境变量绑定。 |
|
|
47
|
-
| `approve <approval_id>` | 审批待处理的高风险工具调用。 |
|
|
48
|
-
| `reject <approval_id>` | 拒绝待处理的高风险工具调用。 |
|
|
49
49
|
|
|
50
50
|
## OIDC 登录流程
|
|
51
51
|
|
|
@@ -144,7 +144,7 @@ openclaw plugins install --link .
|
|
|
144
144
|
- `llmRiskCheck`:LLM 配置(`endpoint`、`api`、`model`、`apiKey`、`timeoutMs`、`cacheTtlMs`)。`enableLlmRiskCheck` 为 true 时必填。
|
|
145
145
|
- `approvalTtlSeconds`:审批链接/命令的 TTL(秒)。默认 300。
|
|
146
146
|
|
|
147
|
-
**预期结果**:配置完成后,插件可正常发起登录、获取 TIP Token。开启 AuthZ 相关开关后,agent/工具/skill
|
|
147
|
+
**预期结果**:配置完成后,插件可正常发起登录、获取 TIP Token。开启 AuthZ 相关开关后,agent/工具/skill 权限检查与高风险审批生效。高风险工具调用通过 OpenClaw 原生 `requireApproval` 机制处理(UI 覆层、Telegram 按钮、Discord 交互、`/approve` CLI)。
|
|
148
148
|
|
|
149
149
|
---
|
|
150
150
|
|
|
@@ -177,7 +177,10 @@ openclaw plugins install --link .
|
|
|
177
177
|
"lowRiskBypass": true,
|
|
178
178
|
"enableLlmRiskCheck": false,
|
|
179
179
|
"approvalTtlSeconds": 300
|
|
180
|
-
}
|
|
180
|
+
},
|
|
181
|
+
"localServer": false,
|
|
182
|
+
"localServerAllowlist": [],
|
|
183
|
+
"localServerFailOpen": true
|
|
181
184
|
}
|
|
182
185
|
}
|
|
183
186
|
}
|
|
@@ -206,6 +209,9 @@ openclaw plugins install --link .
|
|
|
206
209
|
| `subagentTipPropagation` | boolean | 否 | 将 TIP 和 session 传播到子 agent。默认 false |
|
|
207
210
|
| `webchatSessionExchange` | boolean | 否 | 启用 `identity.session.put` / `identity.session.get` gateway WS 方法供 webchat 客户端使用。默认 false |
|
|
208
211
|
| `personalSessionMode` | boolean | 否 | 个人/单用户模式:TIP、OIDC session、凭据仅存储在 `agent:main:main`(不做按发送者或 per-channel-peer 隔离)。子 agent 会话不变。默认 false;多租户或群聊共享场景勿开启。 |
|
|
212
|
+
| `localServer` | boolean | 否 | 启用本地 UDS 身份服务。默认 false。详见[本地身份服务(UDS)](#本地身份服务uds)。 |
|
|
213
|
+
| `localServerAllowlist` | string[] | 否 | 额外允许访问 UDS 服务的进程名/路径。`curl` 始终允许。 |
|
|
214
|
+
| `localServerFailOpen` | boolean | 否 | 无法识别对端进程时是否放行。默认 true。 |
|
|
209
215
|
|
|
210
216
|
\* AK/SK 至少通过 `accessKeyId`+`secretAccessKey`、环境变量、`credentialsMetadataUrl`+`roleTrn` 或 `credentialsFile` 之一提供。
|
|
211
217
|
|
|
@@ -246,7 +252,7 @@ TIP token 通过 `GetWorkloadAccessTokenForJWT` 获取。工作负载行为:
|
|
|
246
252
|
|
|
247
253
|
当用户从飞书聊天运行 `/identity` 时,登录成功和凭据获取的跟进消息会通过飞书发送。凭据从 openclaw.json 的 `channels.feishu` 读取(与 feishu 扩展相同:`appId`、`appSecret`,可选 `accounts`)。agent-identity 无需额外配置。
|
|
248
254
|
|
|
249
|
-
|
|
255
|
+
**审批消息**(当高风险工具被拦截时):插件从 `before_tool_call` 返回 `requireApproval`,OpenClaw 框架在所有渠道原生处理审批 UI(exec 覆层、Telegram 按钮、Discord 交互、`/approve` CLI)。无需插件侧推送逻辑。
|
|
250
256
|
|
|
251
257
|
### WebChat Session Exchange(Gateway WS 方法)
|
|
252
258
|
|
|
@@ -299,16 +305,71 @@ TIP token 通过 `GetWorkloadAccessTokenForJWT` 获取。工作负载行为:
|
|
|
299
305
|
- **identity_config_suggest** — 可合并的配置片段(`intent`、`lang`)
|
|
300
306
|
- **identity_set_binding** / **identity_unset_binding** — 工具注入用的环境变量绑定
|
|
301
307
|
- **identity_risk_check** / **identity_list_risk_patterns** — 风险评估(可选插件能力)
|
|
302
|
-
- **identity_approve_tool** — 可选;**仅供人工审批** — 推荐 `/identity approve <id>`(模型不得自批)
|
|
303
308
|
- **identity_list_tips** — 所有有效 TIP 与绑定(运维 / 多会话排查)
|
|
304
309
|
|
|
305
310
|
## 钩子
|
|
306
311
|
|
|
307
|
-
- **
|
|
312
|
+
- **before_dispatch** - 无状态 LLM 前置认证拦截。在 LLM 调用前检查 TIP 令牌是否有效。未找到 TIP 时,以静态回复(包含 OIDC 登录 URL)阻断消息,LLM 零 token 消耗。开启 `authz.agentCheck` 后同时执行 agent 级 CheckPermission。设置特性标志使 `before_agent_start` 跳过冗余认证逻辑。
|
|
313
|
+
- **before_agent_start** - 面向不支持 `before_dispatch` 的旧版 OpenClaw 的回退认证拦截。当 `before_dispatch` 活跃时,此钩子的认证逻辑为空操作。仍负责获取 TIP 令牌和执行 agent CheckPermission。
|
|
308
314
|
- **subagent_spawned** - 在子 agent 创建时将 TIP 传播到子会话。
|
|
309
|
-
- **before_tool_call** - 群组上下文注入、可选 AuthZ(TIP 检查、CheckPermission
|
|
315
|
+
- **before_tool_call** - 群组上下文注入、可选 AuthZ(TIP 检查、CheckPermission、通过 `requireApproval` 处理风险审批)、工具调用级凭据注入。高风险工具调用返回 `requireApproval` 给 OpenClaw 框架,由框架原生处理审批 UI。
|
|
310
316
|
- **after_tool_call** - 清理工具调用级凭据注入状态。
|
|
311
317
|
|
|
318
|
+
## 本地身份服务(UDS)
|
|
319
|
+
|
|
320
|
+
当 `identity.localServer` 为 `true` 时,插件启动一个基于 Unix Domain Socket 的 HTTP 服务,允许本地其他进程(脚本、插件、CLI 工具)访问身份令牌和执行插件工具,无需经过 OpenClaw 消息通道。
|
|
321
|
+
|
|
322
|
+
### 配置
|
|
323
|
+
|
|
324
|
+
| 参数 | 类型 | 描述 |
|
|
325
|
+
|------|------|------|
|
|
326
|
+
| `localServer` | boolean | 启用本地 UDS 服务。默认 false。 |
|
|
327
|
+
| `localServerAllowlist` | string[] | 额外允许连接的进程名或路径。支持精确匹配和 glob 后缀(如 `"python*"`)。`curl` 默认始终允许。 |
|
|
328
|
+
| `localServerFailOpen` | boolean | 无法识别对端进程时,是否允许连接(依赖 0600 socket 权限兜底)。默认 true。设为 false 为严格模式。 |
|
|
329
|
+
|
|
330
|
+
**Socket 路径**:`~/.openclaw/plugins/identity/identity.sock`(权限 `0600`,仅 owner 可访问)。
|
|
331
|
+
|
|
332
|
+
### 端点
|
|
333
|
+
|
|
334
|
+
| 方法 | 路径 | 描述 |
|
|
335
|
+
|------|------|------|
|
|
336
|
+
| `GET` | `/token` | 主会话的 TIP 令牌 |
|
|
337
|
+
| `GET` | `/token?session=<key>` | 指定会话的 TIP 令牌 |
|
|
338
|
+
| `GET` | `/session` | 主会话的 OIDC session(id_token) |
|
|
339
|
+
| `GET` | `/status` | 服务健康状态与可用会话概览 |
|
|
340
|
+
| `GET` | `/tools` | 列出所有可用工具名称、描述及 JSON Schema |
|
|
341
|
+
| `POST` | `/tool/<name>` | 执行指定工具。Body:`{ "params": {...}, "session": "..." }` |
|
|
342
|
+
|
|
343
|
+
### 进程级校验(Linux)
|
|
344
|
+
|
|
345
|
+
在 Linux 上,服务通过以下方式校验连接进程:
|
|
346
|
+
|
|
347
|
+
1. **`SO_PEERCRED`**(内核级):通过 `getsockopt` 零开销获取对端 PID/UID/GID。需注册原生 provider。
|
|
348
|
+
2. **`/proc` 文件系统**:从 `/proc/<pid>/exe`、`/proc/<pid>/comm`、`/proc/<pid>/status` 获取进程名和路径,无需 spawn 外部进程。
|
|
349
|
+
|
|
350
|
+
解析后的进程信息与内置白名单(`curl`)及 `localServerAllowlist` 自定义条目做匹配。当 `localServerFailOpen` 为 true(默认)时,无法识别的对端将被放行(socket 文件权限提供基础安全保障)。
|
|
351
|
+
|
|
352
|
+
### 使用示例
|
|
353
|
+
|
|
354
|
+
```bash
|
|
355
|
+
# 获取 TIP 令牌
|
|
356
|
+
curl --unix-socket ~/.openclaw/plugins/identity/identity.sock http://localhost/token
|
|
357
|
+
|
|
358
|
+
# 获取 OIDC session 令牌
|
|
359
|
+
curl --unix-socket ~/.openclaw/plugins/identity/identity.sock http://localhost/session
|
|
360
|
+
|
|
361
|
+
# 列出可用工具
|
|
362
|
+
curl --unix-socket ~/.openclaw/plugins/identity/identity.sock http://localhost/tools
|
|
363
|
+
|
|
364
|
+
# 执行工具
|
|
365
|
+
curl --unix-socket ~/.openclaw/plugins/identity/identity.sock \
|
|
366
|
+
-X POST http://localhost/tool/identity_whoami \
|
|
367
|
+
-H 'Content-Type: application/json' \
|
|
368
|
+
-d '{"params": {}, "session": ""}'
|
|
369
|
+
```
|
|
370
|
+
|
|
371
|
+
更多语言示例见 [`demo/local-server/`](demo/local-server/)(Python、Go、TypeScript、Java、Rust)。
|
|
372
|
+
|
|
312
373
|
## 数据存储
|
|
313
374
|
|
|
314
375
|
插件数据位于 `~/.openclaw/plugins/identity/`:
|
package/README.md
CHANGED
|
@@ -9,9 +9,11 @@ Integrates with [Volcengine Agent Identity and Permission Management](https://ww
|
|
|
9
9
|
## Features
|
|
10
10
|
|
|
11
11
|
- **OIDC Login**: `/identity login` returns IdP auth URL (no HTTP start endpoint). User opens URL, IdP redirects to `/identity/oauth/callback`.
|
|
12
|
-
- **
|
|
12
|
+
- **Pre-LLM Auth Gate (`before_dispatch`)**: Blocks unauthenticated messages before the LLM is invoked, saving tokens. Returns an OIDC login URL directly in the static response. Falls back to `before_agent_start` on older OpenClaw versions.
|
|
13
|
+
- **TIP Token**: `before_dispatch` / `before_agent_start` hooks fetch TIP token when session has a logged-in user.
|
|
13
14
|
- **Credential 3LO**: `/identity fetch <provider>` returns auth URL. IdP redirects to Identity-provided callback (control-plane config).
|
|
14
15
|
- **Credential Binding**: `/identity set <provider> <envVar>` binds stored credential to env var. Credentials are securely injected per-tool-call, isolated between concurrent multi-user sessions.
|
|
16
|
+
- **Local Identity Server (UDS)**: Optional HTTP-over-Unix-Domain-Socket server exposing TIP tokens, OIDC session tokens, and all plugin tools to other local processes. Supports peer credential checking (Linux `SO_PEERCRED` + `/proc`) and configurable process allowlist.
|
|
15
17
|
- **Encrypted Session Storage**: `sessions.json` is encrypted at rest (AES-256-GCM). Plaintext sessions from older versions are auto-migrated on first load.
|
|
16
18
|
- **In-memory TIP Cache**: TIP tokens are stored only in memory (no disk persistence). They are short-lived and re-obtained from the user's session token on demand.
|
|
17
19
|
- **Dynamic UserPool**: Resolve OIDC config by `userPoolName` + `clientName` (no manual clientId).
|
|
@@ -44,8 +46,6 @@ Single command `/identity` (alias `/id`) with subcommands. Default with no args:
|
|
|
44
46
|
| `fetch <provider> [--flow=...]` | Add credential. Flow auto-inferred from provider type (api_key/oauth2/m2m); override with `--flow`. |
|
|
45
47
|
| `set <provider> <envVar>` | Bind credential to env var for tool injection. If no credential, import from `process.env[envVar]`. |
|
|
46
48
|
| `unset <provider>` | Remove env binding for provider. |
|
|
47
|
-
| `approve <approval_id>` | Approve a pending high-risk tool call. |
|
|
48
|
-
| `reject <approval_id>` | Reject a pending high-risk tool call. |
|
|
49
49
|
|
|
50
50
|
## OIDC Login Flow
|
|
51
51
|
|
|
@@ -144,7 +144,7 @@ The plugin typically needs three types of config:
|
|
|
144
144
|
- `llmRiskCheck`: LLM config (`endpoint`, `api`, `model`, `apiKey`, `timeoutMs`, `cacheTtlMs`). Required when `enableLlmRiskCheck` is true.
|
|
145
145
|
- `approvalTtlSeconds`: Approval link/command TTL (seconds). Default 300.
|
|
146
146
|
|
|
147
|
-
**Expected outcome**: After config, the plugin can initiate login and obtain TIP Token. With AuthZ flags enabled, agent/tool/skill permission checks and high-risk approvals apply
|
|
147
|
+
**Expected outcome**: After config, the plugin can initiate login and obtain TIP Token. With AuthZ flags enabled, agent/tool/skill permission checks and high-risk approvals apply. High-risk tool calls use OpenClaw's native `requireApproval` mechanism (UI overlay, Telegram buttons, Discord interactions, `/approve` CLI).
|
|
148
148
|
|
|
149
149
|
---
|
|
150
150
|
|
|
@@ -177,7 +177,10 @@ Add to `openclaw.json` under `plugins.entries.agent-identity.config`:
|
|
|
177
177
|
"lowRiskBypass": true,
|
|
178
178
|
"enableLlmRiskCheck": false,
|
|
179
179
|
"approvalTtlSeconds": 300
|
|
180
|
-
}
|
|
180
|
+
},
|
|
181
|
+
"localServer": false,
|
|
182
|
+
"localServerAllowlist": [],
|
|
183
|
+
"localServerFailOpen": true
|
|
181
184
|
}
|
|
182
185
|
}
|
|
183
186
|
}
|
|
@@ -206,6 +209,9 @@ Add to `openclaw.json` under `plugins.entries.agent-identity.config`:
|
|
|
206
209
|
| `subagentTipPropagation` | boolean | No | Propagate TIP and session to subagents. Default false |
|
|
207
210
|
| `webchatSessionExchange` | boolean | No | Enable `identity.session.put` / `identity.session.get` gateway WS methods for webchat clients. Default false |
|
|
208
211
|
| `personalSessionMode` | boolean | No | Single-user mode: TIP, OIDC session, and credentials are stored only under `agent:main:main` (no per-sender or per-channel-peer keys). Subagent sessions unchanged. Default false — do not enable for multi-tenant or shared groups. |
|
|
212
|
+
| `localServer` | boolean | No | Enable the local UDS identity server. Default false. See [Local Identity Server (UDS)](#local-identity-server-uds). |
|
|
213
|
+
| `localServerAllowlist` | string[] | No | Additional process names/paths allowed to access the UDS server. `curl` always allowed. |
|
|
214
|
+
| `localServerFailOpen` | boolean | No | Allow connections when peer cannot be identified. Default true. |
|
|
209
215
|
|
|
210
216
|
\* AK/SK must be provided via `accessKeyId`+`secretAccessKey`, environment variables, `credentialsMetadataUrl`+`roleTrn`, or `credentialsFile`.
|
|
211
217
|
|
|
@@ -246,7 +252,7 @@ TIP token is obtained via `GetWorkloadAccessTokenForJWT`. Workload behavior:
|
|
|
246
252
|
|
|
247
253
|
Login success and credential fetch follow-up messages (e.g. "✓ Credential for `google` added.") are sent via Feishu when the user runs `/identity` from a Feishu chat. Credentials are read from `channels.feishu` in openclaw.json (same as feishu extension: `appId`, `appSecret`, optional `accounts`). No extra config in agent-identity is required.
|
|
248
254
|
|
|
249
|
-
**Approval messages** (when a high-risk tool is blocked):
|
|
255
|
+
**Approval messages** (when a high-risk tool is blocked): The plugin returns `requireApproval` from `before_tool_call`, and OpenClaw handles the approval UI natively across all channels (exec overlay, Telegram buttons, Discord interactions, `/approve` CLI). No plugin-side delivery logic is needed.
|
|
250
256
|
|
|
251
257
|
### WebChat Session Exchange (Gateway WS Methods)
|
|
252
258
|
|
|
@@ -299,16 +305,71 @@ Agent-facing behavior is summarized in [`skills/SKILL.md`](skills/SKILL.md). Reg
|
|
|
299
305
|
- **identity_config_suggest** — Config merge snippets (`intent`, `lang`)
|
|
300
306
|
- **identity_set_binding** / **identity_unset_binding** — Env var bindings for tool injection
|
|
301
307
|
- **identity_risk_check** / **identity_list_risk_patterns** — Risk evaluation (optional plugin)
|
|
302
|
-
- **identity_approve_tool** — Optional; **human approval only** — prefer `/identity approve <id>` (agents must not self-approve)
|
|
303
308
|
- **identity_list_tips** — All valid TIP tokens and bindings (ops / multi-session debug)
|
|
304
309
|
|
|
305
310
|
## Hooks
|
|
306
311
|
|
|
307
|
-
- **
|
|
312
|
+
- **before_dispatch** - Stateless pre-LLM authentication gate. Checks for a valid TIP token before the LLM is invoked. If no TIP is found, blocks the message with a static response containing an OIDC login URL. Zero LLM token cost for unauthenticated users. When `authz.agentCheck` is enabled, also runs agent-level CheckPermission. Sets a feature flag so `before_agent_start` skips redundant auth logic.
|
|
313
|
+
- **before_agent_start** - Fallback auth gate for older OpenClaw versions that do not support `before_dispatch`. When `before_dispatch` is active, this hook is a no-op for authentication. Still fetches TIP token and runs agent CheckPermission when applicable.
|
|
308
314
|
- **subagent_spawned** - Propagate TIP to child session on subagent spawn.
|
|
309
|
-
- **before_tool_call** - Group context injection, optional AuthZ (TIP check, CheckPermission, risk
|
|
315
|
+
- **before_tool_call** - Group context injection, optional AuthZ (TIP check, CheckPermission, risk via `requireApproval`), and per-tool-call credential injection. High-risk tool calls return `requireApproval` to the OpenClaw framework, which handles approval UI natively.
|
|
310
316
|
- **after_tool_call** - Clean up per-tool-call credential injection state.
|
|
311
317
|
|
|
318
|
+
## Local Identity Server (UDS)
|
|
319
|
+
|
|
320
|
+
When `identity.localServer` is `true`, the plugin starts an HTTP server over a Unix Domain Socket, allowing other local processes (scripts, plugins, CLIs) to access identity tokens and execute plugin tools without going through OpenClaw's messaging layer.
|
|
321
|
+
|
|
322
|
+
### Configuration
|
|
323
|
+
|
|
324
|
+
| Param | Type | Description |
|
|
325
|
+
|-------|------|-------------|
|
|
326
|
+
| `localServer` | boolean | Enable the local UDS server. Default false. |
|
|
327
|
+
| `localServerAllowlist` | string[] | Additional process names or paths allowed to connect. Supports exact match and glob suffix (e.g. `"python*"`). `curl` is always allowed by default. |
|
|
328
|
+
| `localServerFailOpen` | boolean | When peer identity cannot be resolved, allow the connection (relying on 0600 socket permissions). Default true. Set to false for strict mode. |
|
|
329
|
+
|
|
330
|
+
**Socket path**: `~/.openclaw/plugins/identity/identity.sock` (permissions `0600`, owner-only access).
|
|
331
|
+
|
|
332
|
+
### Endpoints
|
|
333
|
+
|
|
334
|
+
| Method | Path | Description |
|
|
335
|
+
|--------|------|-------------|
|
|
336
|
+
| `GET` | `/token` | TIP token for the main session |
|
|
337
|
+
| `GET` | `/token?session=<key>` | TIP token for a specific session |
|
|
338
|
+
| `GET` | `/session` | OIDC session (id_token) for main session |
|
|
339
|
+
| `GET` | `/status` | Server health and available sessions summary |
|
|
340
|
+
| `GET` | `/tools` | List all available tool names with descriptions and JSON schemas |
|
|
341
|
+
| `POST` | `/tool/<name>` | Execute a registered tool. Body: `{ "params": {...}, "session": "..." }` |
|
|
342
|
+
|
|
343
|
+
### Peer Credential Checking (Linux)
|
|
344
|
+
|
|
345
|
+
On Linux, the server validates connecting processes via:
|
|
346
|
+
|
|
347
|
+
1. **`SO_PEERCRED`** (kernel-level): Zero-overhead retrieval of peer PID/UID/GID via `getsockopt`. Requires a registered native provider.
|
|
348
|
+
2. **`/proc` filesystem**: Derives process name and path from `/proc/<pid>/exe`, `/proc/<pid>/comm`, `/proc/<pid>/status`. No process spawning.
|
|
349
|
+
|
|
350
|
+
Resolved peer info is checked against the built-in allowlist (`curl`) plus any custom entries in `localServerAllowlist`. When `localServerFailOpen` is true (default), unresolvable peers are allowed (socket file permissions provide baseline security).
|
|
351
|
+
|
|
352
|
+
### Usage Examples
|
|
353
|
+
|
|
354
|
+
```bash
|
|
355
|
+
# Get TIP token
|
|
356
|
+
curl --unix-socket ~/.openclaw/plugins/identity/identity.sock http://localhost/token
|
|
357
|
+
|
|
358
|
+
# Get OIDC session token
|
|
359
|
+
curl --unix-socket ~/.openclaw/plugins/identity/identity.sock http://localhost/session
|
|
360
|
+
|
|
361
|
+
# List available tools
|
|
362
|
+
curl --unix-socket ~/.openclaw/plugins/identity/identity.sock http://localhost/tools
|
|
363
|
+
|
|
364
|
+
# Execute a tool
|
|
365
|
+
curl --unix-socket ~/.openclaw/plugins/identity/identity.sock \
|
|
366
|
+
-X POST http://localhost/tool/identity_whoami \
|
|
367
|
+
-H 'Content-Type: application/json' \
|
|
368
|
+
-d '{"params": {}, "session": ""}'
|
|
369
|
+
```
|
|
370
|
+
|
|
371
|
+
See [`demo/local-server/`](demo/local-server/) for examples in Python, Go, TypeScript, Java, and Rust.
|
|
372
|
+
|
|
312
373
|
## Data Storage
|
|
313
374
|
|
|
314
375
|
Plugin data at `~/.openclaw/plugins/identity/`:
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AAgBA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,iBAAiB,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AAgBA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,iBAAiB,EAAgB,MAAM,qBAAqB,CAAC;AAqF3E,MAAM,CAAC,OAAO,UAAU,QAAQ,CAAC,GAAG,EAAE,iBAAiB,QA6iBtD"}
|
package/dist/index.js
CHANGED
|
@@ -17,6 +17,8 @@ import { runPluginPreflight } from "./src/preflight/plugin-preflight.js";
|
|
|
17
17
|
import { pluginState } from "./src/preflight/plugin-state.js";
|
|
18
18
|
import { createIdentityCommand, createIdCommand } from "./src/commands/identity-commands.js";
|
|
19
19
|
import { createBeforeAgentStartHandler } from "./src/hooks/before-agent-start.js";
|
|
20
|
+
import { createBeforeDispatchHandler } from "./src/hooks/before-dispatch.js";
|
|
21
|
+
import { runLogin } from "./src/actions/identity-actions.js";
|
|
20
22
|
import { createLlmInputHandler } from "./src/hooks/llm-input.js";
|
|
21
23
|
import { createSessionsSendPropagationHandler } from "./src/hooks/sessions-send-propagation.js";
|
|
22
24
|
import { createSessionsSpawnPropagationHandler } from "./src/hooks/sessions-spawn-propagation.js";
|
|
@@ -31,7 +33,6 @@ import { createOIDCCallbackHandler, createOIDCCallbackHandlerLazy, } from "./src
|
|
|
31
33
|
import { IdentityClient, resolveOIDCConfig, } from "./src/services/identity-client.js";
|
|
32
34
|
import { IdentityService } from "./src/services/identity-service.js";
|
|
33
35
|
import { sendNotificationFeishu } from "./src/services/send-notification-feishu.js";
|
|
34
|
-
import { createIdentityApproveTool } from "./src/tools/identity-approve-tool.js";
|
|
35
36
|
import { createIdentityConfigTool } from "./src/tools/identity-config.js";
|
|
36
37
|
import { createIdentityConfigSuggestTool } from "./src/tools/identity-config-suggest.js";
|
|
37
38
|
import { createIdentityListRiskPatternsTool } from "./src/tools/identity-list-risk-patterns.js";
|
|
@@ -53,6 +54,7 @@ import { parseSessionKeyToDeliveryTarget, } from "./src/utils/derive-session-key
|
|
|
53
54
|
import { createSessionPutHandler, createSessionGetHandler, } from "./src/gateway/identity-session-methods.js";
|
|
54
55
|
import { logDebug, logInfo, logWarn } from "./src/utils/logger.js";
|
|
55
56
|
import { initEncryptionKey } from "./src/store/encryption.js";
|
|
57
|
+
import { startIdentitySocket, stopIdentitySocket } from "./src/local-server/identity-socket.js";
|
|
56
58
|
const PLUGIN_STORE_DIR = "~/.openclaw/plugins/identity";
|
|
57
59
|
/**
|
|
58
60
|
* Whether Identity should be enabled.
|
|
@@ -254,6 +256,7 @@ export default function register(api) {
|
|
|
254
256
|
await sendFn(target.to, text);
|
|
255
257
|
};
|
|
256
258
|
const onLoginSuccess = async (sessionKey, sub, deliveryTarget) => {
|
|
259
|
+
logInfo(api.logger, `onLoginSuccess: login completed for session=${sessionKey.slice(0, 24)}... (sub=${sub})`);
|
|
257
260
|
const targetOrKey = deliveryTarget ?? parseSessionKeyToDeliveryTarget(sessionKey) ?? sessionKey;
|
|
258
261
|
await sendToSession(targetOrKey, `✓ Login successful as ${sub}. You can continue in the chat.`);
|
|
259
262
|
};
|
|
@@ -319,28 +322,36 @@ export default function register(api) {
|
|
|
319
322
|
api.registerCommand(createIdCommand(identityCommandsDeps));
|
|
320
323
|
logInfo(api.logger, "commands /identity, /id (login, status, logout, list, list-roles, list-tips, fetch, set, unset); HTTP callback /identity/oauth/callback (credential OAuth uses Identity callback)");
|
|
321
324
|
// Tools (share deps with commands). Optional = only included when agent allowlist explicitly adds them.
|
|
322
|
-
|
|
323
|
-
api.registerTool(createIdentityLogoutTool(identityCommandsDeps), { optional: false });
|
|
324
|
-
api.registerTool(createIdentityStatusTool(identityCommandsDeps), { optional: false });
|
|
325
|
-
api.registerTool(createIdentityLoginTool(identityCommandsDeps), { optional: false });
|
|
326
|
-
api.registerTool(createIdentityListCredentialsTool(identityCommandsDeps), { optional: false });
|
|
327
|
-
api.registerTool(createIdentityListRolesTool(identityCommandsDeps), { optional: false });
|
|
328
|
-
api.registerTool(createIdentityListTipsTool(identityCommandsDeps), { optional: false });
|
|
329
|
-
api.registerTool(createIdentityConfigTool(identityCommandsDeps), { optional: false });
|
|
330
|
-
api.registerTool(createIdentityConfigSuggestTool(), { optional: false });
|
|
331
|
-
api.registerTool(createIdentityFetchTool(identityCommandsDeps), { optional: false });
|
|
332
|
-
api.registerTool(createIdentityGetRoleCredentialsTool(identityCommandsDeps), { optional: false });
|
|
333
|
-
api.registerTool(createIdentityGetTipTokenTool(identityCommandsDeps), { optional: false });
|
|
334
|
-
api.registerTool(createIdentityGetSessionTokenTool(identityCommandsDeps), { optional: false });
|
|
335
|
-
api.registerTool(createIdentitySetBindingTool(identityCommandsDeps), { optional: true });
|
|
336
|
-
api.registerTool(createIdentityUnsetBindingTool(identityCommandsDeps), { optional: true });
|
|
337
|
-
api.registerTool(createIdentityRiskCheckTool({ pluginConfig, logger: api.logger }), { optional: true });
|
|
338
|
-
api.registerTool(createIdentityListRiskPatternsTool(), { optional: true });
|
|
325
|
+
// Collected in an array so the same factories can be reused for the local UDS server.
|
|
339
326
|
const authz = pluginConfig.authz;
|
|
340
|
-
const
|
|
341
|
-
|
|
342
|
-
optional:
|
|
343
|
-
|
|
327
|
+
const toolRegs = [
|
|
328
|
+
{ factory: createIdentityWhoamiTool(identityCommandsDeps), optional: false },
|
|
329
|
+
{ factory: createIdentityLogoutTool(identityCommandsDeps), optional: false },
|
|
330
|
+
{ factory: createIdentityStatusTool(identityCommandsDeps), optional: false },
|
|
331
|
+
{ factory: createIdentityLoginTool(identityCommandsDeps), optional: false },
|
|
332
|
+
{ factory: createIdentityListCredentialsTool(identityCommandsDeps), optional: false },
|
|
333
|
+
{ factory: createIdentityListRolesTool(identityCommandsDeps), optional: false },
|
|
334
|
+
{ factory: createIdentityListTipsTool(identityCommandsDeps), optional: false },
|
|
335
|
+
{ factory: createIdentityConfigTool(identityCommandsDeps), optional: false },
|
|
336
|
+
{ factory: createIdentityConfigSuggestTool(), optional: false },
|
|
337
|
+
{ factory: createIdentityFetchTool(identityCommandsDeps), optional: false },
|
|
338
|
+
{ factory: createIdentityGetRoleCredentialsTool(identityCommandsDeps), optional: false },
|
|
339
|
+
{ factory: createIdentityGetTipTokenTool(identityCommandsDeps), optional: false },
|
|
340
|
+
{ factory: createIdentityGetSessionTokenTool(identityCommandsDeps), optional: false },
|
|
341
|
+
{ factory: createIdentitySetBindingTool(identityCommandsDeps), optional: true },
|
|
342
|
+
{ factory: createIdentityUnsetBindingTool(identityCommandsDeps), optional: true },
|
|
343
|
+
{ factory: createIdentityRiskCheckTool({ pluginConfig, logger: api.logger }), optional: true },
|
|
344
|
+
{ factory: createIdentityListRiskPatternsTool(), optional: true },
|
|
345
|
+
];
|
|
346
|
+
for (const { factory, optional } of toolRegs) {
|
|
347
|
+
api.registerTool(factory, { optional });
|
|
348
|
+
}
|
|
349
|
+
// Build name → factory map for the local UDS server (same factories, zero duplication).
|
|
350
|
+
const toolFactoryMap = new Map();
|
|
351
|
+
for (const { factory } of toolRegs) {
|
|
352
|
+
const sample = factory({});
|
|
353
|
+
toolFactoryMap.set(sample.name, factory);
|
|
354
|
+
}
|
|
344
355
|
// Capture group sender on every inbound message so before_tool_call can
|
|
345
356
|
// identify which user triggered the current run.
|
|
346
357
|
api.on("message_received", (event, ctx) => {
|
|
@@ -386,11 +397,31 @@ export default function register(api) {
|
|
|
386
397
|
logDebug(api.logger, `sender captured session=${sessionKey} sender=${senderId}`);
|
|
387
398
|
}, { priority: 200 });
|
|
388
399
|
api.on("session_end", (_event, ctx) => {
|
|
389
|
-
if (ctx.sessionKey)
|
|
400
|
+
if (ctx.sessionKey) {
|
|
390
401
|
clearSender(ctx.sessionKey);
|
|
402
|
+
}
|
|
391
403
|
});
|
|
392
404
|
// Hooks
|
|
393
405
|
if (hasIdentity) {
|
|
406
|
+
// before_dispatch: stateless pre-LLM auth gate — checks TIP token on
|
|
407
|
+
// every message and blocks unauthenticated users BEFORE model invocation
|
|
408
|
+
// (zero token cost). Also sets a feature flag so before_agent_start
|
|
409
|
+
// knows to skip its legacy auth logic.
|
|
410
|
+
api.on("before_dispatch", createBeforeDispatchHandler({
|
|
411
|
+
storeDir,
|
|
412
|
+
identityService,
|
|
413
|
+
configWorkloadName: identityCfg?.workloadName,
|
|
414
|
+
getOidcConfigForRefresh,
|
|
415
|
+
logger: api.logger,
|
|
416
|
+
identityClient: hasIdentity ? identityClient : undefined,
|
|
417
|
+
namespaceName: authz?.namespaceName ?? "default",
|
|
418
|
+
agentCheck: authz?.agentCheck ?? false,
|
|
419
|
+
generateLoginUrl: async (sessionKey) => runLogin(identityCommandsDeps, sessionKey),
|
|
420
|
+
}));
|
|
421
|
+
// before_agent_start: legacy fallback for older openclaw versions that
|
|
422
|
+
// don't support before_dispatch. When before_dispatch is active, this
|
|
423
|
+
// hook skips auth entirely. Otherwise injects IDENTITY_REQUIRED_CONTEXT
|
|
424
|
+
// for LLM-based login prompt generation.
|
|
394
425
|
api.on("before_agent_start", createBeforeAgentStartHandler({
|
|
395
426
|
storeDir,
|
|
396
427
|
identityService,
|
|
@@ -439,9 +470,7 @@ export default function register(api) {
|
|
|
439
470
|
identityClient: hasIdentity ? identityClient : undefined,
|
|
440
471
|
namespaceName: authz?.namespaceName ?? "default",
|
|
441
472
|
logger: api.logger,
|
|
442
|
-
sendToSession,
|
|
443
473
|
authz,
|
|
444
|
-
approvalTtlMs,
|
|
445
474
|
identityService: hasIdentity ? identityService : undefined,
|
|
446
475
|
getOidcConfigForRefresh: getOidcConfigForRefresh ?? undefined,
|
|
447
476
|
configWorkloadName: identityCfg?.workloadName,
|
|
@@ -467,8 +496,8 @@ export default function register(api) {
|
|
|
467
496
|
// On any failure, set pluginState.degraded so hooks skip all interception.
|
|
468
497
|
const authzEnabled = !!(authz?.agentCheck || authz?.toolCheck || authz?.requireRiskApproval);
|
|
469
498
|
runPluginPreflight({
|
|
499
|
+
pluginConfig,
|
|
470
500
|
identityClient,
|
|
471
|
-
identityService,
|
|
472
501
|
hasIdentity,
|
|
473
502
|
credentialConfig: identityCfg
|
|
474
503
|
? {
|
|
@@ -485,7 +514,6 @@ export default function register(api) {
|
|
|
485
514
|
: explicitOidcEnabled
|
|
486
515
|
? { mode: "explicit", discoveryUrl: userpool?.discoveryUrl }
|
|
487
516
|
: undefined,
|
|
488
|
-
workloadPoolName: identityCfg?.workloadPoolName,
|
|
489
517
|
authzEnabled,
|
|
490
518
|
namespaceName: authz?.namespaceName ?? "default",
|
|
491
519
|
logger: api.logger,
|
|
@@ -497,4 +525,29 @@ export default function register(api) {
|
|
|
497
525
|
}).catch((err) => {
|
|
498
526
|
logWarn(api.logger, `[identity] preflight threw unexpectedly: ${String(err)}`);
|
|
499
527
|
});
|
|
528
|
+
// Local UDS server: lets other processes on the same machine retrieve
|
|
529
|
+
// TIP tokens via HTTP-over-UDS (no network exposure, 0600 socket).
|
|
530
|
+
// Registered as a proper service so OpenClaw manages start/stop lifecycle.
|
|
531
|
+
if (identityCfg?.localServer && hasIdentity) {
|
|
532
|
+
const socketOpts = {
|
|
533
|
+
storeDir,
|
|
534
|
+
identityService,
|
|
535
|
+
configWorkloadName: identityCfg.workloadName,
|
|
536
|
+
getOidcConfigForRefresh,
|
|
537
|
+
logger: api.logger,
|
|
538
|
+
allowlist: identityCfg.localServerAllowlist,
|
|
539
|
+
failOpen: identityCfg.localServerFailOpen ?? true,
|
|
540
|
+
toolFactories: toolFactoryMap,
|
|
541
|
+
};
|
|
542
|
+
api.registerService({
|
|
543
|
+
id: "identity-local-server",
|
|
544
|
+
start: async () => {
|
|
545
|
+
const socketPath = await startIdentitySocket(socketOpts);
|
|
546
|
+
logInfo(api.logger, `local identity server ready at ${socketPath}`);
|
|
547
|
+
},
|
|
548
|
+
stop: async () => {
|
|
549
|
+
await stopIdentitySocket(api.logger);
|
|
550
|
+
},
|
|
551
|
+
});
|
|
552
|
+
}
|
|
500
553
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"identity-actions.d.ts","sourceRoot":"","sources":["../../../src/actions/identity-actions.ts"],"names":[],"mappings":"AAgBA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,KAAK,EAEV,uBAAuB,EAExB,MAAM,gCAAgC,CAAC;AACxC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AACvE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC;AAgB/E,OAAO,EAKL,KAAK,eAAe,EACrB,MAAM,8BAA8B,CAAC;AAWtC,MAAM,MAAM,oBAAoB,GAAG;IACjC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,gFAAgF;IAChF,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,6DAA6D;IAC7D,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,eAAe,CAAC;IACjC,aAAa,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAC;IACnD,uBAAuB,CAAC,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAC9D,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,uBAAuB,CAAC;IACzC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,qBAAqB,CAAC;IAC/B,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,qBAAqB,CAAC,EAAE,CACtB,kBAAkB,EAAE,wBAAwB,GAAG,MAAM,EACrD,IAAI,EAAE,MAAM,KACT,OAAO,CAAC,IAAI,CAAC,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG,aAAa,GAAG,YAAY,GAAG,QAAQ,GAAG,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"identity-actions.d.ts","sourceRoot":"","sources":["../../../src/actions/identity-actions.ts"],"names":[],"mappings":"AAgBA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,KAAK,EAEV,uBAAuB,EAExB,MAAM,gCAAgC,CAAC;AACxC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AACvE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC;AAgB/E,OAAO,EAKL,KAAK,eAAe,EACrB,MAAM,8BAA8B,CAAC;AAWtC,MAAM,MAAM,oBAAoB,GAAG;IACjC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,gFAAgF;IAChF,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,6DAA6D;IAC7D,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,eAAe,CAAC;IACjC,aAAa,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAC;IACnD,uBAAuB,CAAC,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAC9D,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,uBAAuB,CAAC;IACzC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,qBAAqB,CAAC;IAC/B,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,qBAAqB,CAAC,EAAE,CACtB,kBAAkB,EAAE,wBAAwB,GAAG,MAAM,EACrD,IAAI,EAAE,MAAM,KACT,OAAO,CAAC,IAAI,CAAC,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG,aAAa,GAAG,YAAY,GAAG,QAAQ,GAAG,MAAM,CAAC;AAoHzE,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,EAAE,OAAO,CAAC;IAClB,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,MAAM,EAAE,OAAO,CAAC;IAChB,2CAA2C;IAC3C,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,wDAAwD;IACxD,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,4BAA4B;IAC5B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,uBAAuB;IACvB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,wCAAwC;IACxC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAC7C,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC,CAAC;AAEF,wBAAsB,SAAS,CAC7B,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,CAAC,EAAE,cAAc,GACtB,OAAO,CAAC,YAAY,CAAC,CA4BvB;AAED,MAAM,MAAM,WAAW,GACnB;IAAE,IAAI,EAAE,mBAAmB,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,GAC1C;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GACrC;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAEvC,wBAAsB,QAAQ,CAC5B,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,OAAO,CAAC,EAAE;IAAE,MAAM,CAAC,EAAE,cAAc,CAAC;IAAC,cAAc,CAAC,EAAE,wBAAwB,GAAG,IAAI,CAAA;CAAE,GACtF,OAAO,CAAC,WAAW,CAAC,CAyDtB;AAED,MAAM,MAAM,YAAY,GAAG;IAAE,EAAE,EAAE,OAAO,CAAA;CAAE,CAAC;AAE3C,wBAAsB,SAAS,CAC7B,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,YAAY,CAAC,CASvB;AAID,MAAM,MAAM,WAAW,GAAG;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,SAAS,EAAE,WAAW,EAAE,CAAC;IACzB,UAAU,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACtE,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,wBAAsB,kBAAkB,CACtC,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,IAAI,GAAE,MAAU,EAChB,MAAM,CAAC,EAAE,qBAAqB,GAC7B,OAAO,CAAC,qBAAqB,CAAC,CA6DhC;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,CAAC;AAEF,MAAM,MAAM,yBAAyB,GAAG;IACtC,SAAS,EAAE,eAAe,EAAE,CAAC;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,wBAAsB,sBAAsB,CAC1C,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,CAAC,EAAE;IAAE,IAAI,CAAC,EAAE,MAAM,CAAA;CAAE,GACzB,OAAO,CAAC,yBAAyB,CAAC,CA2CpC;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,EAAE,KAAK,CAAC;QACV,UAAU,EAAE,MAAM,CAAC;QACnB,GAAG,EAAE,MAAM,CAAC;QACZ,KAAK,EAAE,MAAM,EAAE,CAAC;QAChB,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC,CAAC;IACH,oDAAoD;IACpD,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;CAC3D,CAAC;AAEF,wBAAsB,WAAW,CAAC,IAAI,EAAE,mBAAmB,GAAG,OAAO,CAAC,cAAc,CAAC,CAsBpF;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC,CAAC;AAEF,wBAAsB,SAAS,CAAC,IAAI,EAAE,mBAAmB,GAAG,OAAO,CAAC,YAAY,CAAC,CA6ChF;AAED,MAAM,MAAM,WAAW,GACnB;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GACpC;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GACtD;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAEvC,wBAAsB,QAAQ,CAC5B,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE;IACN,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,SAAS,CAAC;IAChB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,cAAc,CAAC,EAAE,wBAAwB,GAAG,IAAI,CAAC;IACjD,MAAM,CAAC,EAAE,cAAc,CAAC;IACxB,kFAAkF;IAClF,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CAC7B,GACA,OAAO,CAAC,WAAW,CAAC,CAqKtB;AAED,MAAM,MAAM,gBAAgB,GAAG;IAAE,EAAE,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAEjF,wBAAsB,aAAa,CACjC,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,GAC3C,OAAO,CAAC,gBAAgB,CAAC,CAkC3B;AAED,MAAM,MAAM,kBAAkB,GAAG;IAAE,EAAE,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAEnF,wBAAsB,eAAe,CACnC,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,GAC3B,OAAO,CAAC,kBAAkB,CAAC,CAW7B;AAED,MAAM,MAAM,8BAA8B,GACtC;IACE,IAAI,EAAE,SAAS,CAAC;IAChB,WAAW,EAAE;QACX,WAAW,EAAE,MAAM,CAAC;QACpB,eAAe,EAAE,MAAM,CAAC;QACxB,YAAY,EAAE,MAAM,CAAC;QACrB,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,CAAC;CACH,GACD;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAEvC,wBAAsB,qBAAqB,CACzC,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE;IACN,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,OAAO,qBAAqB,EAAE,cAAc,CAAC;CACvD,GACA,OAAO,CAAC,8BAA8B,CAAC,CAsDzC;AAED,MAAM,MAAM,iBAAiB,GACzB;IACE,IAAI,EAAE,SAAS,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB,GACD;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAEvC;;GAEG;AACH,wBAAsB,cAAc,CAClC,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,EAClB,MAAM,CAAC,EAAE,cAAc,GACtB,OAAO,CAAC,iBAAiB,CAAC,CAgB5B;AAED,MAAM,MAAM,qBAAqB,GAC7B;IACE,IAAI,EAAE,SAAS,CAAC;IAChB,4CAA4C;IAC5C,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,GACD;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAEvC;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,IAAI,EAAE,mBAAmB,EACzB,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,qBAAqB,CAAC,CAoBhC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"identity-commands.d.ts","sourceRoot":"","sources":["../../../src/commands/identity-commands.ts"],"names":[],"mappings":"AAgBA;;;GAGG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAYL,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,SAAS,EACf,MAAM,gCAAgC,CAAC;
|
|
1
|
+
{"version":3,"file":"identity-commands.d.ts","sourceRoot":"","sources":["../../../src/commands/identity-commands.ts"],"names":[],"mappings":"AAgBA;;;GAGG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAYL,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,SAAS,EACf,MAAM,gCAAgC,CAAC;AAYxC,YAAY,EAAE,oBAAoB,EAAE,SAAS,EAAE,CAAC;AAEhD,MAAM,MAAM,sBAAsB,GAAG;IACnC,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,mBAAmB,CAAC;AA4uBvD,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,oBAAoB;;;;;mBAhlB3C,oBAAoB,KAAG,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;EAylBpE;AAED,0CAA0C;AAC1C,wBAAgB,eAAe,CAAC,IAAI,EAAE,oBAAoB;;;;;mBA5lBrC,oBAAoB,KAAG,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;EAqmBpE"}
|
|
@@ -20,8 +20,7 @@ import { pluginState } from "../preflight/plugin-state.js";
|
|
|
20
20
|
import { logDebug } from "../utils/logger.js";
|
|
21
21
|
import { diagnoseRisk } from "../risk/diagnose-risk.js";
|
|
22
22
|
import { getRiskPatterns } from "../risk/classify-risk.js";
|
|
23
|
-
|
|
24
|
-
const HELP_TEXT = `**/identity** – UserPool login, TIP token, credentials, and risk approval
|
|
23
|
+
const HELP_TEXT = `**/identity** – UserPool login, TIP token, credentials, and risk evaluation
|
|
25
24
|
|
|
26
25
|
Subcommands:
|
|
27
26
|
• \`whoami\` – Identity brief: sub, login time, TIP expiry
|
|
@@ -38,8 +37,6 @@ Subcommands:
|
|
|
38
37
|
• \`unset <provider>\` – Remove credential env binding
|
|
39
38
|
• \`risk <command>\` – Diagnose risk for a shell command (e.g. exec)
|
|
40
39
|
• \`risk-patterns\` – List built-in dangerous commands and sensitive paths
|
|
41
|
-
• \`approve <approval_id>\` – Approve a pending high-risk tool call
|
|
42
|
-
• \`reject <approval_id>\` – Reject a pending high-risk tool call
|
|
43
40
|
|
|
44
41
|
Fetch: flow auto-inferred from control-plane provider type; override with \`--flow=oauth2-user|oauth2-m2m|apikey|user\`.
|
|
45
42
|
|
|
@@ -191,8 +188,6 @@ function createIdentityHandler(deps) {
|
|
|
191
188
|
"get-role",
|
|
192
189
|
"set",
|
|
193
190
|
"unset",
|
|
194
|
-
"approve",
|
|
195
|
-
"reject",
|
|
196
191
|
].includes(sub);
|
|
197
192
|
if (needsSession && !sessionKey) {
|
|
198
193
|
return {
|
|
@@ -233,10 +228,6 @@ function createIdentityHandler(deps) {
|
|
|
233
228
|
return handleRisk(deps, rest);
|
|
234
229
|
case "risk-patterns":
|
|
235
230
|
return handleRiskPatterns();
|
|
236
|
-
case "approve":
|
|
237
|
-
return handleApprove(deps, sessionKey, rest);
|
|
238
|
-
case "reject":
|
|
239
|
-
return handleReject(deps, sessionKey, rest);
|
|
240
231
|
default:
|
|
241
232
|
return {
|
|
242
233
|
text: `Unknown subcommand: \`${sub}\`. Use \`/identity help\` for usage.`,
|
|
@@ -599,33 +590,6 @@ async function handleRisk(deps, rest) {
|
|
|
599
590
|
lines.push(`Reason: ${result.reason}`);
|
|
600
591
|
return { text: lines.join("\n") };
|
|
601
592
|
}
|
|
602
|
-
async function handleApprove(deps, sessionKey, rest) {
|
|
603
|
-
const approvalId = rest.trim();
|
|
604
|
-
if (!approvalId) {
|
|
605
|
-
return {
|
|
606
|
-
text: "Usage: `/identity approve <approval_id>`\nExample: `/identity approve abc123`\n\nUse the approval_id from the pending tool message. Must run from the same chat that triggered the approval request.",
|
|
607
|
-
};
|
|
608
|
-
}
|
|
609
|
-
const approvalTtlMs = (deps.pluginConfig?.authz?.approvalTtlSeconds ?? 300) * 1000;
|
|
610
|
-
const ok = toolApprovalStore.approve(approvalId, approvalTtlMs, sessionKey);
|
|
611
|
-
if (ok)
|
|
612
|
-
return { text: "✓ Tool call approved. You can retry the action now." };
|
|
613
|
-
return {
|
|
614
|
-
text: "⚠ Approval not found or expired. Run from the same chat that requested approval, or the request may have timed out.",
|
|
615
|
-
};
|
|
616
|
-
}
|
|
617
|
-
async function handleReject(deps, sessionKey, rest) {
|
|
618
|
-
const approvalId = rest.trim();
|
|
619
|
-
if (!approvalId) {
|
|
620
|
-
return {
|
|
621
|
-
text: "Usage: `/identity reject <approval_id>`\nExample: `/identity reject abc123`\n\nMust run from the same chat that triggered the approval request.",
|
|
622
|
-
};
|
|
623
|
-
}
|
|
624
|
-
const ok = toolApprovalStore.reject(approvalId, sessionKey);
|
|
625
|
-
if (ok)
|
|
626
|
-
return { text: "✓ Tool call rejected." };
|
|
627
|
-
return { text: "⚠ Approval not found or already expired. Run from the same chat that requested approval." };
|
|
628
|
-
}
|
|
629
593
|
async function handleRiskPatterns() {
|
|
630
594
|
const { commandPatterns, sensitivePaths } = getRiskPatterns();
|
|
631
595
|
const lines = [
|
|
@@ -1,7 +1,15 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* before_agent_start hook
|
|
3
|
-
*
|
|
4
|
-
*
|
|
2
|
+
* before_agent_start hook — legacy auth fallback + autonomous trigger handling.
|
|
3
|
+
*
|
|
4
|
+
* Feature-gated: when before_dispatch is active (runtime called it at least
|
|
5
|
+
* once), this hook skips all authentication logic because before_dispatch
|
|
6
|
+
* already handles blocking unauthenticated users at zero token cost.
|
|
7
|
+
*
|
|
8
|
+
* When before_dispatch is NOT active (older openclaw versions that don't
|
|
9
|
+
* support the hook), this hook falls back to the original behavior:
|
|
10
|
+
* - No TIP → inject IDENTITY_REQUIRED_CONTEXT into system prompt
|
|
11
|
+
* - TIP found → optionally run agent permission check
|
|
12
|
+
* - Autonomous triggers → skip interactive login injection
|
|
5
13
|
*/
|
|
6
14
|
import type { IdentityClientInterface } from "../services/identity-client.js";
|
|
7
15
|
import type { IdentityService } from "../services/identity-service.js";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"before-agent-start.d.ts","sourceRoot":"","sources":["../../../src/hooks/before-agent-start.ts"],"names":[],"mappings":"AAgBA
|
|
1
|
+
{"version":3,"file":"before-agent-start.d.ts","sourceRoot":"","sources":["../../../src/hooks/before-agent-start.ts"],"names":[],"mappings":"AAgBA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,gCAAgC,CAAC;AAC9E,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AACvE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AA0C3E,MAAM,MAAM,oBAAoB,GAAG;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,eAAe,CAAC;IACjC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,uBAAuB,CAAC,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAC9D,MAAM,EAAE;QAAE,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QAAC,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QAAC,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAA;KAAE,CAAC;IACtG,cAAc,CAAC,EAAE,uBAAuB,CAAC;IACzC,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB,CAAC;AAEF,wBAAgB,6BAA6B,CAAC,IAAI,EAAE,oBAAoB,IAoBpE,QAAQ;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,CAAA;CAAE,EAChD,KAAK;IAAE,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,KACnF,OAAO,CAAC;IAAE,cAAc,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAAC,CAmG/C"}
|