@obtoai/agent-bridge 0.1.0-beta.1

package/src/config.js

@@ -0,0 +1,65 @@
+'use strict';
+
+// Loads daemon config from `~/.obto-bridge/config.json`, with env overrides.
+// Env always wins so users can run the daemon non-interactively in CI / launchd
+// without touching the config file.
+
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+const CONFIG_DIR = path.join(os.homedir(), '.obto-bridge');
+const CONFIG_PATH = path.join(CONFIG_DIR, 'config.json');
+
+const loadConfig = () => {
+  let file = {};
+  try {
+    file = JSON.parse(fs.readFileSync(CONFIG_PATH, 'utf8'));
+  } catch (_) {
+    // File missing/invalid — fall back to env-only.
+  }
+
+  const cfg = {
+    baseUrl: process.env.BRIDGE_BASE_URL || file.baseUrl || 'https://agent-bridge.obto.co',
+    originHost: process.env.BRIDGE_ORIGIN_HOST || file.originHost || 'agent-bridge.obto.co',
+    accountId: process.env.BRIDGE_ACCOUNT_ID || file.accountId || '',
+    apiToken: process.env.BRIDGE_API_TOKEN || file.apiToken || '',
+    agentId: process.env.AGENT_ID || file.agentId || 'unnamed-agent',
+    projectDir: path.resolve(
+      process.env.BRIDGE_PROJECT_DIR || file.projectDir || process.cwd(),
+    ),
+    // Which coding agent the daemon drives: 'claude' (Claude Agent SDK) or
+    // 'codex' (Codex SDK). Claude is the default and the more capable driver
+    // (per-tool permission relay); Codex runs unattended in a fixed sandbox.
+    agent: String(process.env.BRIDGE_AGENT || file.agent || 'claude')
+      .trim()
+      .toLowerCase(),
+    // Codex-only: filesystem sandbox for unattended Codex sessions, since
+    // Codex has no per-tool human relay. read-only | workspace-write |
+    // danger-full-access. BRIDGE_ALLOW_ALL=1 forces danger-full-access.
+    codexSandbox:
+      process.env.BRIDGE_CODEX_SANDBOX || file.codexSandbox || 'workspace-write',
+    // Optional / advanced
+    relayPermissions: (process.env.BRIDGE_RELAY_PERMISSIONS === '1') || !!file.relayPermissions,
+    allowAll: (process.env.BRIDGE_ALLOW_ALL === '1') || !!file.allowAll,
+    relayTimeoutMs:
+      parseInt(process.env.BRIDGE_RELAY_TIMEOUT_MS, 10) ||
+      file.relayTimeoutMs ||
+      600000,
+    liveGuardDisabled: (process.env.BRIDGE_LIVE_GUARD_DISABLED === '1') || !!file.liveGuardDisabled,
+    liveThresholdMs:
+      parseInt(process.env.BRIDGE_LIVE_THRESHOLD_MS, 10) ||
+      file.liveThresholdMs ||
+      60000,
+  };
+
+  if (!cfg.apiToken) {
+    throw new Error(
+      'No apiToken configured. Set BRIDGE_API_TOKEN env or write to ' + CONFIG_PATH,
+    );
+  }
+
+  return cfg;
+};
+
+module.exports = { loadConfig, CONFIG_DIR, CONFIG_PATH };

package/src/daemon.js

@@ -0,0 +1,171 @@
+'use strict';
+
+const { loadConfig } = require('./config');
+const { startStream } = require('./stream-client');
+const { loadState, saveState, getBinding, setBinding } = require('./state');
+const { drive, tryResolvePermission, activeAgent } = require('./driver');
+const { postAgentActivity } = require('./bridge-http');
+
+const log = (level, msg, data) => {
+  const line = { ts: new Date().toISOString(), level, msg };
+  if (data !== undefined) line.data = data;
+  console.log(JSON.stringify(line));
+};
+
+// Fire-and-forget activity ping. The "agent is working" indicator is a UX
+// nicety — a failed ping must never interfere with the actual turn, so we
+// swallow every error and never await it in the hot path. We still log both
+// failure modes: a rejected promise (network error) AND a resolved-but-non-ok
+// response (4xx/5xx) — fetch does not throw on HTTP errors, so a 404/401 would
+// otherwise pass silently.
+const emitActivity = (threadId, activityState) => {
+  postAgentActivity(threadId, activityState)
+    .then((res) => {
+      if (!res || !res.ok) {
+        log('warn', 'agent-activity ping rejected', {
+          threadId,
+          state: activityState,
+          status: res && res.status,
+          body: res && res.data,
+        });
+      }
+    })
+    .catch((err) => {
+      log('warn', 'agent-activity ping failed', {
+        threadId,
+        state: activityState,
+        error: err && err.message ? err.message : String(err),
+      });
+    });
+};
+
+let cfg;
+try {
+  cfg = loadConfig();
+} catch (err) {
+  log('error', 'config load failed', { error: err && err.message });
+  process.exit(1);
+}
+
+const state = loadState();
+let stopped = false;
+let stream = null;
+
+const handleEvent = async (sseEvent) => {
+  if (sseEvent.event !== 'reply') return;
+  let payload;
+  try {
+    payload = JSON.parse(sseEvent.data);
+  } catch (e) {
+    log('error', 'unparseable sse data', { error: e.message });
+    return;
+  }
+
+  const threadId = String(payload.threadId || '').trim();
+  if (!threadId) {
+    log('warn', 'event missing threadId — dropping', { messageId: payload.messageId });
+    return;
+  }
+
+  const binding = getBinding(state, threadId);
+  log('event', 'reply received', {
+    threadId,
+    author: payload.author,
+    messageId: payload.messageId,
+    hasBinding: !!binding,
+  });
+
+  // Permission-relay replies: resolve the pending request inside the driver and
+  // skip starting a new turn.
+  if (tryResolvePermission(threadId, payload.body || '', log)) {
+    return;
+  }
+
+  // Tell the browser a turn has started. Cleared in the finally below so the
+  // indicator drops whether the turn succeeds, skips, or throws.
+  emitActivity(threadId, 'working');
+  try {
+    const result = await drive({
+      threadId,
+      projectDir: cfg.projectDir,
+      binding,
+      payload,
+      log,
+    });
+
+    if (
+      result &&
+      result.sessionId &&
+      (!binding || binding.sessionId !== result.sessionId)
+    ) {
+      setBinding(state, threadId, {
+        sessionId: result.sessionId,
+        projectDir: result.projectDir,
+        jsonlPath: result.jsonlPath,
+        lastJsonlMtimeMs: result.lastJsonlMtimeMs || null,
+        agentId: cfg.agentId,
+        createdAt: new Date().toISOString(),
+        lastDriveAt: new Date().toISOString(),
+      });
+      log('info', 'binding created', { threadId, sessionId: result.sessionId });
+    } else if (binding && !result.skipped) {
+      binding.lastDriveAt = new Date().toISOString();
+      if (result && result.lastJsonlMtimeMs) {
+        binding.lastJsonlMtimeMs = result.lastJsonlMtimeMs;
+      }
+      saveState(state);
+    }
+  } catch (err) {
+    log('error', 'handle failed', {
+      threadId,
+      error: err && err.message ? err.message : String(err),
+    });
+  } finally {
+    emitActivity(threadId, 'idle');
+  }
+};
+
+const start = () => {
+  log('info', 'starting daemon', {
+    baseUrl: cfg.baseUrl,
+    accountId: cfg.accountId,
+    agentId: cfg.agentId,
+    agent: activeAgent(),
+    projectDir: cfg.projectDir,
+    boundThreads: Object.keys(state.bindings || {}),
+  });
+
+  const url = cfg.baseUrl.replace(/\/$/, '') + '/api/bridge/stream';
+  stream = startStream({
+    url,
+    // Re-read config on every (re)connect so a rotated token (via
+    // `obto-bridge rotate-token`, which rewrites config.json) is picked up
+    // automatically without restarting the daemon.
+    getHeaders: () => {
+      const fresh = loadConfig();
+      return {
+        'OBTO-ORIGIN-HOST': fresh.originHost,
+        Authorization: 'Bearer ' + fresh.apiToken,
+      };
+    },
+    onEvent: (ev) => {
+      handleEvent(ev).catch((err) => {
+        log('error', 'handleEvent threw', { error: err && err.message });
+      });
+    },
+    log,
+  });
+};
+
+const shutdown = (signal) => {
+  if (stopped) return;
+  stopped = true;
+  log('info', 'shutting down', { signal });
+  try { stream && stream.stop(); } catch (_) {}
+  setTimeout(() => process.exit(0), 200);
+};
+
+process.on('SIGINT', () => shutdown('SIGINT'));
+process.on('SIGTERM', () => shutdown('SIGTERM'));
+
+start();

package/src/driver.js

@@ -0,0 +1,47 @@
+'use strict';
+
+// Agent-agnostic driver selector. The daemon drives whichever coding agent the
+// operator configured — Claude (via the Claude Agent SDK) or Codex (via the
+// Codex SDK) — chosen by `agent` in config.json / the BRIDGE_AGENT env var.
+// Everything else in the daemon (SSE, state, the bridge HTTP client) is
+// agent-neutral; only the driver differs.
+//
+// The codex driver is require()d lazily, so a Claude-only install never loads
+// @openai/codex-sdk (and vice versa).
+
+const { loadConfig } = require('./config');
+
+let resolved = null;
+
+const pick = () => {
+  if (resolved) return resolved;
+  let agent = 'claude';
+  try {
+    agent = (loadConfig().agent || 'claude').toLowerCase();
+  } catch (_) {
+    // config unreadable — default to claude
+  }
+  if (agent === 'codex') {
+    resolved = { name: 'codex', mod: require('./codex-driver') };
+  } else {
+    resolved = { name: 'claude', mod: require('./claude-driver') };
+  }
+  return resolved;
+};
+
+const drive = (params) => pick().mod.drive(params);
+
+// Permission relay is Claude-only — Codex exposes no per-tool callback. For a
+// Codex daemon this is always a no-op so the reply path goes straight to
+// drive(); for Claude it delegates to the real relay resolver.
+const tryResolvePermission = (threadId, body, log) => {
+  const p = pick();
+  if (typeof p.mod.tryResolvePermission === 'function') {
+    return p.mod.tryResolvePermission(threadId, body, log);
+  }
+  return false;
+};
+
+const activeAgent = () => pick().name;
+
+module.exports = { drive, tryResolvePermission, activeAgent };

package/src/session-scanner.js

@@ -0,0 +1,53 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+// Claude Code stores session JSONLs at:
+//   ~/.claude/projects/<encodedAbsProjectDir>/<sessionId>.jsonl
+// where the encoded dir is the absolute cwd with path separators flattened
+// to `-`:
+//   macOS/Linux  /Users/x/proj      -> -Users-x-proj
+//   Windows      C:\Users\x\proj    -> C--Users-x-proj   (drive colon + `\`)
+// NOTE: confirm against Claude Code's own Windows encoding before treating
+// this as load-bearing. The daemon only uses it for the (default-off)
+// freshness guard and `obto-bridge status` — resume goes through the SDK by
+// sessionId, not this path — so a Windows mismatch is non-fatal.
+const encodeProjectDir = (absDir) => String(absDir).replace(/[/\\:]/g, '-');
+
+const projectHashDir = (absDir) =>
+  path.join(os.homedir(), '.claude', 'projects', encodeProjectDir(absDir));
+
+// Returns { sessionId, jsonlPath, mtimeMs } for the most-recently-modified
+// session JSONL in the project, or null if the project dir doesn't exist
+// or has no sessions.
+const scanLatestSession = (absProjectDir) => {
+  const dir = projectHashDir(absProjectDir);
+  let entries;
+  try {
+    entries = fs.readdirSync(dir);
+  } catch (_) {
+    return null;
+  }
+
+  let best = null;
+  for (const name of entries) {
+    if (!name.endsWith('.jsonl')) continue;
+    const full = path.join(dir, name);
+    let st;
+    try {
+      st = fs.statSync(full);
+    } catch (_) {
+      continue;
+    }
+    if (!st.isFile()) continue;
+    const sessionId = name.slice(0, -'.jsonl'.length);
+    if (!best || st.mtimeMs > best.mtimeMs) {
+      best = { sessionId, jsonlPath: full, mtimeMs: st.mtimeMs };
+    }
+  }
+  return best;
+};
+
+module.exports = { encodeProjectDir, projectHashDir, scanLatestSession };

package/src/state.js

@@ -0,0 +1,61 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+const STATE_DIR = path.join(os.homedir(), '.agent-bridge-daemon');
+const STATE_PATH = path.join(STATE_DIR, 'state.json');
+
+const ensureDir = () => {
+  try {
+    fs.mkdirSync(STATE_DIR, { recursive: true, mode: 0o700 });
+  } catch (_) {}
+};
+
+// Schema:
+// {
+//   "bindings": {
+//     "<threadId>": {
+//       "sessionId": "<uuid>",
+//       "projectDir": "/abs/path",
+//       "jsonlPath": "/.../<sid>.jsonl",
+//       "createdAt": "iso-ts",
+//       "lastDriveAt": "iso-ts"
+//     }, ...
+//   }
+// }
+const loadState = () => {
+  let raw;
+  try {
+    raw = JSON.parse(fs.readFileSync(STATE_PATH, 'utf8'));
+  } catch (_) {
+    raw = {};
+  }
+  if (!raw.bindings || typeof raw.bindings !== 'object') {
+    raw.bindings = {};
+  }
+  return raw;
+};
+
+const saveState = (state) => {
+  ensureDir();
+  fs.writeFileSync(STATE_PATH, JSON.stringify(state, null, 2), 'utf8');
+};
+
+const getBinding = (state, threadId) =>
+  state.bindings && state.bindings[threadId] ? state.bindings[threadId] : null;
+
+const setBinding = (state, threadId, info) => {
+  state.bindings[threadId] = info;
+  saveState(state);
+};
+
+module.exports = {
+  STATE_DIR,
+  STATE_PATH,
+  loadState,
+  saveState,
+  getBinding,
+  setBinding,
+};

package/src/stream-client.js

@@ -0,0 +1,144 @@
+'use strict';
+
+// Thin SSE consumer for /api/bridge/stream. Uses built-in fetch + the response
+// body's ReadableStream to parse newline-delimited SSE events. Handles
+// reconnection with exponential backoff. No external deps.
+
+const parseSseFrame = (frame) => {
+  // SSE frame is a sequence of "field: value" lines terminated by a blank line.
+  // We care about: `event:`, `data:`, `id:`. Comments (`:`) are ignored.
+  const out = { event: 'message', id: null, data: '' };
+  const lines = frame.split('\n');
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    if (!line || line.charAt(0) === ':') continue;
+    const idx = line.indexOf(':');
+    let field, value;
+    if (idx === -1) {
+      field = line.trim();
+      value = '';
+    } else {
+      field = line.slice(0, idx).trim();
+      value = line.slice(idx + 1);
+      if (value.charAt(0) === ' ') value = value.slice(1);
+    }
+    if (field === 'event') out.event = value;
+    else if (field === 'id') out.id = value;
+    else if (field === 'data') {
+      out.data = out.data ? out.data + '\n' + value : value;
+    }
+  }
+  return out;
+};
+
+// Connect once, yield SSE events to the onEvent callback. Returns an
+// AbortController so the caller can cancel.
+const connectOnce = async ({ url, headers, onEvent, onError, log }) => {
+  const ac = new AbortController();
+  const res = await fetch(url, {
+    method: 'GET',
+    headers: Object.assign({ Accept: 'text/event-stream' }, headers || {}),
+    signal: ac.signal,
+    cache: 'no-store',
+  });
+
+  if (!res.ok) {
+    const err = new Error('SSE connect failed: HTTP ' + res.status);
+    err.status = res.status;
+    throw err;
+  }
+  if (!res.body) {
+    throw new Error('SSE connect: no response body');
+  }
+
+  if (log) log('info', 'sse stream connected', { status: res.status });
+
+  // Read the body as a stream of UTF-8 chunks; split on blank lines (frame
+  // delimiter per SSE spec). Pump until end-of-stream or abort.
+  (async () => {
+    const reader = res.body.getReader();
+    const decoder = new TextDecoder('utf-8');
+    let buf = '';
+    try {
+      while (true) {
+        const { value, done } = await reader.read();
+        if (done) break;
+        buf += decoder.decode(value, { stream: true });
+
+        // Split on \n\n (or \r\n\r\n) — SSE frame delimiter.
+        let i;
+        while ((i = buf.indexOf('\n\n')) !== -1 || (i = buf.indexOf('\r\n\r\n')) !== -1) {
+          const sep = buf.indexOf('\r\n\r\n') !== -1 && buf.indexOf('\r\n\r\n') === i ? 4 : 2;
+          const frame = buf.slice(0, i);
+          buf = buf.slice(i + sep);
+          if (frame.trim().length === 0) continue;
+          try {
+            onEvent(parseSseFrame(frame));
+          } catch (e) {
+            if (log) log('error', 'sse frame handler threw', { error: e && e.message });
+          }
+        }
+      }
+      if (onError) onError(new Error('stream ended'));
+    } catch (err) {
+      if (err && err.name === 'AbortError') return;
+      if (onError) onError(err);
+    }
+  })();
+
+  return ac;
+};
+
+// Persistent connection with exponential backoff on disconnect.
+// `getHeaders` is a (sync) function — called fresh on every (re)connect so
+// rotated tokens are picked up automatically.
+const startStream = ({ url, getHeaders, headers, onEvent, log }) => {
+  let stopped = false;
+  let backoff = 1000;
+  let currentAc = null;
+
+  // Back-compat: callers can pass a static `headers` object OR a `getHeaders`
+  // callback. The callback wins; otherwise we wrap the static object.
+  const resolveHeaders = typeof getHeaders === 'function'
+    ? getHeaders
+    : () => headers;
+
+  const loop = async () => {
+    while (!stopped) {
+      try {
+        currentAc = await connectOnce({
+          url,
+          headers: resolveHeaders(),
+          onEvent,
+          onError: (err) => {
+            if (log) log('warn', 'sse stream lost', { error: err && err.message });
+            try { currentAc && currentAc.abort(); } catch (_) {}
+          },
+          log,
+        });
+        backoff = 1000;
+        // Wait until the connection ends. We don't have a clean signal from
+        // connectOnce for "stream closed" so we busy-poll the AbortController.
+        while (!stopped && currentAc && !currentAc.signal.aborted) {
+          await new Promise((r) => setTimeout(r, 500));
+        }
+      } catch (err) {
+        if (log) log('error', 'sse connect failed', { error: err && err.message, backoffMs: backoff });
+      }
+      if (stopped) break;
+      await new Promise((r) => setTimeout(r, backoff));
+      backoff = Math.min(backoff * 2, 30000);
+    }
+  };
+
+  loop();
+
+  return {
+    stop: () => {
+      stopped = true;
+      try { currentAc && currentAc.abort(); } catch (_) {}
+    },
+  };
+};
+
+module.exports = { startStream, parseSseFrame };