npm - @openape/openclaw-plugin-grants - Versions diffs - 0.2.0 - Mend

@openape/openclaw-plugin-grants 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/dist/index.js ADDED Viewed

@@ -0,0 +1,1424 @@
+// src/types.ts
+var DEFAULT_CONFIG = {
+  mode: "local",
+  audience: "openclaw",
+  defaultApproval: "once",
+  pollIntervalMs: 3e3,
+  pollTimeoutMs: 3e5
+};
+// src/adapters/loader.ts
+import { createHash } from "crypto";
+import { existsSync, readFileSync, readdirSync } from "fs";
+import { homedir } from "os";
+import { dirname, join } from "path";
+import { fileURLToPath } from "url";
+// src/adapters/toml.ts
+function parseKeyValue(line) {
+  const eqIndex = line.indexOf("=");
+  if (eqIndex === -1)
+    return null;
+  const key = line.slice(0, eqIndex).trim();
+  const value = line.slice(eqIndex + 1).trim();
+  if (!key || !value)
+    return null;
+  return { key, value };
+}
+function splitTomlArray(inner) {
+  const elements = [];
+  let current = "";
+  let inQuote = false;
+  for (let i = 0; i < inner.length; i++) {
+    const char = inner[i];
+    if (char === '"') {
+      inQuote = !inQuote;
+      current += char;
+    } else if (char === "," && !inQuote) {
+      elements.push(current);
+      current = "";
+    } else {
+      current += char;
+    }
+  }
+  if (current.trim())
+    elements.push(current);
+  return elements;
+}
+function parseTomlValue(raw) {
+  const trimmed = raw.trim();
+  if (trimmed.startsWith('"') && trimmed.endsWith('"'))
+    return trimmed.slice(1, -1);
+  if (trimmed === "true")
+    return true;
+  if (trimmed === "false")
+    return false;
+  if (trimmed.startsWith("[") && trimmed.endsWith("]")) {
+    const inner = trimmed.slice(1, -1).trim();
+    if (!inner)
+      return [];
+    return splitTomlArray(inner).map((value) => value.trim().replace(/^"|"$/g, ""));
+  }
+  return trimmed;
+}
+function parseAdapterToml(content) {
+  const result = {};
+  const operations = [];
+  let currentSection = "root";
+  let currentEntry = {};
+  const flushOperation = () => {
+    if (currentSection === "operation" && Object.keys(currentEntry).length > 0) {
+      operations.push(currentEntry);
+      currentEntry = {};
+    }
+  };
+  for (const rawLine of content.split("\n")) {
+    const line = rawLine.trim();
+    if (!line || line.startsWith("#"))
+      continue;
+    if (line === "[cli]") {
+      flushOperation();
+      currentSection = "cli";
+      result.cli = {};
+      continue;
+    }
+    if (line === "[[operation]]") {
+      flushOperation();
+      currentSection = "operation";
+      currentEntry = {};
+      continue;
+    }
+    const kv = parseKeyValue(line);
+    if (!kv)
+      continue;
+    const value = parseTomlValue(kv.value);
+    if (currentSection === "root") {
+      ;
+      result[kv.key] = value;
+    } else if (currentSection === "cli") {
+      ;
+      result.cli[kv.key] = value;
+    } else {
+      currentEntry[kv.key] = value;
+    }
+  }
+  flushOperation();
+  result.operation = operations;
+  if (result.schema !== "openape-shapes/v1") {
+    throw new Error(`Unsupported adapter schema: ${result.schema ?? "missing"}`);
+  }
+  if (!result.cli?.id || !result.cli.executable) {
+    throw new Error("Adapter is missing cli.id or cli.executable");
+  }
+  if (!result.operation?.length) {
+    throw new Error("Adapter must define at least one [[operation]] entry");
+  }
+  return {
+    schema: result.schema,
+    cli: {
+      id: String(result.cli.id),
+      executable: String(result.cli.executable),
+      ...result.cli.audience ? { audience: String(result.cli.audience) } : {},
+      ...result.cli.version ? { version: String(result.cli.version) } : {}
+    },
+    operations: result.operation.map((operation) => {
+      if (!Array.isArray(operation.command) || operation.command.some((token) => typeof token !== "string")) {
+        throw new Error(`Operation ${String(operation.id ?? "<unknown>")} is missing command[]`);
+      }
+      if (!Array.isArray(operation.resource_chain) || operation.resource_chain.some((token) => typeof token !== "string")) {
+        throw new Error(`Operation ${String(operation.id ?? "<unknown>")} is missing resource_chain[]`);
+      }
+      if (typeof operation.id !== "string" || typeof operation.display !== "string" || typeof operation.action !== "string") {
+        throw new TypeError("Operation must define id, display, and action");
+      }
+      return {
+        id: operation.id,
+        command: operation.command,
+        ...Array.isArray(operation.positionals) ? { positionals: operation.positionals } : {},
+        ...Array.isArray(operation.required_options) ? { required_options: operation.required_options } : {},
+        display: operation.display,
+        action: operation.action,
+        risk: operation.risk || "low",
+        resource_chain: operation.resource_chain,
+        ...operation.exact_command !== void 0 ? { exact_command: Boolean(operation.exact_command) } : {}
+      };
+    })
+  };
+}
+// src/adapters/loader.ts
+var PACKAGE_DIR = dirname(fileURLToPath(import.meta.url));
+function digest(content) {
+  return `SHA-256:${createHash("sha256").update(content).digest("hex")}`;
+}
+function bundledAdapterDir() {
+  return join(PACKAGE_DIR, "..", "..", "adapters");
+}
+function getSearchDirs(options) {
+  const dirs = [];
+  if (options?.explicit) {
+    dirs.push(...options.explicit);
+  }
+  if (options?.workspaceDir) {
+    dirs.push(join(options.workspaceDir, ".openclaw", "adapters"));
+  }
+  dirs.push(join(homedir(), ".openclaw", "adapters"));
+  dirs.push(bundledAdapterDir());
+  return dirs;
+}
+function loadAdapterFromFile(filePath) {
+  const content = readFileSync(filePath, "utf-8");
+  const adapter = parseAdapterToml(content);
+  return {
+    adapter,
+    source: filePath,
+    digest: digest(content)
+  };
+}
+function loadAdapter(cliId, options) {
+  const dirs = getSearchDirs(options);
+  for (const dir of dirs) {
+    const filePath = join(dir, `${cliId}.toml`);
+    if (existsSync(filePath)) {
+      return loadAdapterFromFile(filePath);
+    }
+  }
+  throw new Error(`No adapter found for CLI: ${cliId}`);
+}
+function discoverAdapters(options) {
+  const dirs = getSearchDirs(options);
+  const seen = /* @__PURE__ */ new Set();
+  const adapters = [];
+  for (const dir of dirs) {
+    if (!existsSync(dir))
+      continue;
+    let entries;
+    try {
+      entries = readdirSync(dir);
+    } catch {
+      continue;
+    }
+    for (const entry of entries) {
+      if (!entry.endsWith(".toml"))
+        continue;
+      const cliId = entry.slice(0, -5);
+      if (seen.has(cliId))
+        continue;
+      try {
+        const loaded = loadAdapterFromFile(join(dir, entry));
+        seen.add(cliId);
+        adapters.push(loaded);
+      } catch {
+      }
+    }
+  }
+  return adapters;
+}
+// src/store/grant-store.ts
+import { existsSync as existsSync2, mkdirSync, readFileSync as readFileSync2, writeFileSync } from "fs";
+import { dirname as dirname2, join as join2 } from "path";
+import { randomUUID } from "crypto";
+var GrantStore = class {
+  grants = /* @__PURE__ */ new Map();
+  filePath;
+  constructor(stateDir) {
+    this.filePath = stateDir ? join2(stateDir, "grants", "store.json") : null;
+    this.load();
+  }
+  createGrant(input) {
+    const grant = {
+      id: randomUUID().slice(0, 8),
+      permission: input.permission,
+      approval: "once",
+      status: "pending",
+      command: input.command,
+      reason: input.reason,
+      risk: input.risk,
+      display: input.display,
+      createdAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.grants.set(grant.id, grant);
+    this.save();
+    return grant;
+  }
+  approveGrant(id, approval, expiresAt) {
+    const grant = this.grants.get(id);
+    if (!grant || grant.status !== "pending")
+      return null;
+    grant.status = "approved";
+    grant.approval = approval;
+    grant.decidedAt = (/* @__PURE__ */ new Date()).toISOString();
+    if (expiresAt)
+      grant.expiresAt = expiresAt;
+    this.save();
+    return grant;
+  }
+  denyGrant(id) {
+    const grant = this.grants.get(id);
+    if (!grant || grant.status !== "pending")
+      return null;
+    grant.status = "denied";
+    grant.decidedAt = (/* @__PURE__ */ new Date()).toISOString();
+    this.save();
+    return grant;
+  }
+  consumeGrant(id) {
+    const grant = this.grants.get(id);
+    if (!grant || grant.status !== "approved")
+      return false;
+    if (grant.approval === "once") {
+      grant.status = "used";
+      grant.usedAt = (/* @__PURE__ */ new Date()).toISOString();
+      this.save();
+    }
+    return true;
+  }
+  revokeGrant(id) {
+    const grant = this.grants.get(id);
+    if (!grant || grant.status !== "approved" && grant.status !== "pending")
+      return false;
+    grant.status = "revoked";
+    this.save();
+    return true;
+  }
+  getGrant(id) {
+    return this.grants.get(id);
+  }
+  listGrants(filter) {
+    const grants = Array.from(this.grants.values());
+    if (filter?.status)
+      return grants.filter((g) => g.status === filter.status);
+    return grants;
+  }
+  getActiveGrantCount() {
+    return Array.from(this.grants.values()).filter((g) => g.status === "approved" || g.status === "pending").length;
+  }
+  load() {
+    if (!this.filePath || !existsSync2(this.filePath))
+      return;
+    try {
+      const data = JSON.parse(readFileSync2(this.filePath, "utf-8"));
+      if (Array.isArray(data)) {
+        for (const grant of data) {
+          this.grants.set(grant.id, grant);
+        }
+      }
+    } catch {
+    }
+  }
+  save() {
+    if (!this.filePath)
+      return;
+    const dir = dirname2(this.filePath);
+    if (!existsSync2(dir))
+      mkdirSync(dir, { recursive: true });
+    writeFileSync(this.filePath, JSON.stringify(Array.from(this.grants.values()), null, 2));
+  }
+};
+// src/store/grant-cache.ts
+import { cliAuthorizationDetailCovers } from "@openape/core";
+var GrantCache = class {
+  entries = /* @__PURE__ */ new Map();
+  put(grant, detail) {
+    if (grant.approval === "once")
+      return;
+    const expiresAt = grant.expiresAt ? new Date(grant.expiresAt).getTime() : null;
+    this.entries.set(grant.permission, {
+      grant,
+      detail,
+      expiresAt
+    });
+  }
+  lookup(permission, detail) {
+    const direct = this.entries.get(permission);
+    if (direct) {
+      if (this.isExpired(direct)) {
+        this.entries.delete(permission);
+        return null;
+      }
+      return direct.grant;
+    }
+    for (const [key, entry] of this.entries) {
+      if (this.isExpired(entry)) {
+        this.entries.delete(key);
+        continue;
+      }
+      if (cliAuthorizationDetailCovers(entry.detail, detail)) {
+        return entry.grant;
+      }
+    }
+    return null;
+  }
+  remove(permission) {
+    return this.entries.delete(permission);
+  }
+  clear() {
+    this.entries.clear();
+  }
+  size() {
+    return this.entries.size;
+  }
+  isExpired(entry) {
+    if (!entry.expiresAt)
+      return false;
+    return Date.now() > entry.expiresAt;
+  }
+};
+// src/store/audit-log.ts
+import { appendFileSync, existsSync as existsSync3, mkdirSync as mkdirSync2 } from "fs";
+import { dirname as dirname3, join as join3 } from "path";
+var AuditLog = class {
+  filePath;
+  constructor(stateDir) {
+    this.filePath = stateDir ? join3(stateDir, "grants", "audit.jsonl") : null;
+    if (this.filePath) {
+      const dir = dirname3(this.filePath);
+      if (!existsSync3(dir))
+        mkdirSync2(dir, { recursive: true });
+    }
+  }
+  write(entry) {
+    const full = {
+      ts: (/* @__PURE__ */ new Date()).toISOString(),
+      ...entry
+    };
+    if (this.filePath) {
+      appendFileSync(this.filePath, JSON.stringify(full) + "\n");
+    }
+  }
+};
+// src/local/local-jwt.ts
+import { existsSync as existsSync4, mkdirSync as mkdirSync3, readFileSync as readFileSync3, writeFileSync as writeFileSync2 } from "fs";
+import { join as join4 } from "path";
+import { randomUUID as randomUUID2 } from "crypto";
+import * as jose from "jose";
+var LOCAL_ISSUER = "local://openclaw-grants";
+var KEY_ALGORITHM = "EdDSA";
+var LocalJwtSigner = class {
+  privateKey = null;
+  publicKey = null;
+  kid = "";
+  stateDir;
+  constructor(stateDir) {
+    this.stateDir = stateDir;
+  }
+  async init() {
+    const keyDir = join4(this.stateDir, "grants", "keys");
+    const privatePath = join4(keyDir, "private.jwk");
+    const publicPath = join4(keyDir, "public.jwk");
+    if (existsSync4(privatePath) && existsSync4(publicPath)) {
+      const privData = JSON.parse(readFileSync3(privatePath, "utf-8"));
+      const pubData = JSON.parse(readFileSync3(publicPath, "utf-8"));
+      this.privateKey = await jose.importJWK(privData, KEY_ALGORITHM);
+      this.publicKey = await jose.importJWK(pubData, KEY_ALGORITHM);
+      this.kid = privData.kid ?? "local-1";
+    } else {
+      const { privateKey, publicKey } = await jose.generateKeyPair(KEY_ALGORITHM, { crv: "Ed25519" });
+      this.privateKey = privateKey;
+      this.publicKey = publicKey;
+      this.kid = `local-${Date.now()}`;
+      if (!existsSync4(keyDir))
+        mkdirSync3(keyDir, { recursive: true });
+      const privJwk = await jose.exportJWK(privateKey);
+      privJwk.kid = this.kid;
+      privJwk.alg = KEY_ALGORITHM;
+      writeFileSync2(privatePath, JSON.stringify(privJwk, null, 2));
+      const pubJwk = await jose.exportJWK(publicKey);
+      pubJwk.kid = this.kid;
+      pubJwk.alg = KEY_ALGORITHM;
+      pubJwk.use = "sig";
+      writeFileSync2(publicPath, JSON.stringify(pubJwk, null, 2));
+    }
+  }
+  async signGrant(options) {
+    if (!this.privateKey)
+      throw new Error("LocalJwtSigner not initialized");
+    const { grant, audience, detail, executionContext } = options;
+    const expirationTime = this.getExpiration(grant);
+    const jwt = await new jose.SignJWT({
+      grant_id: grant.id,
+      grant_type: grant.approval,
+      permissions: [grant.permission],
+      authorization_details: [detail],
+      cmd_hash: executionContext.argv_hash,
+      command: grant.command,
+      execution_context: executionContext
+    }).setProtectedHeader({ alg: KEY_ALGORITHM, kid: this.kid }).setIssuedAt().setIssuer(LOCAL_ISSUER).setSubject("local-agent").setAudience(audience).setExpirationTime(expirationTime).setJti(randomUUID2()).sign(this.privateKey);
+    return jwt;
+  }
+  async getJwks() {
+    if (!this.publicKey)
+      throw new Error("LocalJwtSigner not initialized");
+    const jwk = await jose.exportJWK(this.publicKey);
+    jwk.kid = this.kid;
+    jwk.alg = KEY_ALGORITHM;
+    jwk.use = "sig";
+    return { keys: [jwk] };
+  }
+  getIssuer() {
+    return LOCAL_ISSUER;
+  }
+  getExpiration(grant) {
+    switch (grant.approval) {
+      case "once":
+        return "5m";
+      case "timed":
+        if (grant.expiresAt) {
+          const secondsFromNow = Math.max(0, Math.floor((new Date(grant.expiresAt).getTime() - Date.now()) / 1e3));
+          return `${secondsFromNow}s`;
+        }
+        return "1h";
+      case "always":
+        return "1h";
+      default:
+        return "5m";
+    }
+  }
+};
+// src/approval/channel-approval.ts
+var RISK_EMOJI = {
+  low: "\u{1F7E2}",
+  // green circle
+  medium: "\u{1F7E1}",
+  // yellow circle
+  high: "\u{1F534}",
+  // red circle
+  critical: "\u26D4"
+  // no entry
+};
+var ChannelApproval = class {
+  constructor(api, store, timeoutMs = 3e5) {
+    this.api = api;
+    this.store = store;
+    this.timeoutMs = timeoutMs;
+    this.registerCommands();
+  }
+  pending = /* @__PURE__ */ new Map();
+  async requestApproval(grant) {
+    const emoji = RISK_EMOJI[grant.risk] ?? "\u{1F50D}";
+    const message = [
+      `\u{1F510} Grant Request ${emoji} [${grant.risk} risk]`,
+      `Operation: ${grant.display}`,
+      `Permission: ${grant.permission}`,
+      grant.reason ? `Reason: ${grant.reason}` : "",
+      `ID: ${grant.id}`,
+      "",
+      "Reply: /grant-approve <id> [once|1h|4h|always] or /grant-deny <id>"
+    ].filter(Boolean).join("\n");
+    await this.api.sendChannelMessage({
+      text: message,
+      actions: [
+        { label: "Once", value: `grant-approve ${grant.id} once` },
+        { label: "1h", value: `grant-approve ${grant.id} 1h` },
+        { label: "4h", value: `grant-approve ${grant.id} 4h` },
+        { label: "Always", value: `grant-approve ${grant.id} always` },
+        { label: "Deny", value: `grant-deny ${grant.id}` }
+      ]
+    });
+    return new Promise((resolve) => {
+      const timeout = setTimeout(() => {
+        this.pending.delete(grant.id);
+        resolve({ approved: false });
+      }, this.timeoutMs);
+      this.pending.set(grant.id, { resolve, timeout });
+    });
+  }
+  registerCommands() {
+    this.api.onChannelCommand("grant-approve", async (args) => {
+      const [id, durationOrType] = args;
+      if (!id)
+        return;
+      let approval = "once";
+      let expiresAt;
+      if (durationOrType === "always") {
+        approval = "always";
+      } else if (durationOrType === "1h" || durationOrType === "4h") {
+        approval = "timed";
+        const hours = durationOrType === "1h" ? 1 : 4;
+        expiresAt = new Date(Date.now() + hours * 36e5).toISOString();
+      } else if (durationOrType === "once" || !durationOrType) {
+        approval = "once";
+      }
+      const grant = this.store.approveGrant(id, approval, expiresAt);
+      if (!grant) {
+        this.api.log.warn(`[grants] Cannot approve grant ${id}: not found or not pending`);
+        return;
+      }
+      const pending = this.pending.get(id);
+      if (pending) {
+        clearTimeout(pending.timeout);
+        this.pending.delete(id);
+        pending.resolve({ approved: true, approval });
+      }
+    });
+    this.api.onChannelCommand("grant-deny", async (args) => {
+      const [id] = args;
+      if (!id)
+        return;
+      this.store.denyGrant(id);
+      const pending = this.pending.get(id);
+      if (pending) {
+        clearTimeout(pending.timeout);
+        this.pending.delete(id);
+        pending.resolve({ approved: false });
+      }
+    });
+  }
+};
+// src/adapters/parser.ts
+import { canonicalizeCliPermission, computeArgvHash } from "@openape/core";
+function parseOptionArgs(tokens) {
+  const options = {};
+  const positionals = [];
+  for (let index = 0; index < tokens.length; index += 1) {
+    const token = tokens[index];
+    if (!token.startsWith("--")) {
+      positionals.push(token);
+      continue;
+    }
+    const stripped = token.slice(2);
+    const eqIndex = stripped.indexOf("=");
+    if (eqIndex >= 0) {
+      options[stripped.slice(0, eqIndex)] = stripped.slice(eqIndex + 1);
+      continue;
+    }
+    const next = tokens[index + 1];
+    if (next && !next.startsWith("--")) {
+      options[stripped] = next;
+      index += 1;
+      continue;
+    }
+    options[stripped] = "true";
+  }
+  return { options, positionals };
+}
+function resolveBindingToken(binding, bindings) {
+  const match = binding.match(/^\{([^}|]+)(?:\|([^}]+))?\}$/);
+  if (!match)
+    return binding;
+  const [, name, transform] = match;
+  const value = bindings[name];
+  if (!value)
+    throw new Error(`Missing binding: ${name}`);
+  if (!transform)
+    return value;
+  if (transform === "owner" || transform === "name") {
+    const [owner, repo] = value.split("/");
+    if (!owner || !repo)
+      throw new Error(`Binding ${name} must be in owner/name form`);
+    return transform === "owner" ? owner : repo;
+  }
+  throw new Error(`Unsupported binding transform: ${transform}`);
+}
+function renderTemplate(template, bindings) {
+  return template.replace(/\{([^}]+)\}/g, (_, expression) => resolveBindingToken(`{${expression}}`, bindings));
+}
+function parseResourceChain(chain, bindings) {
+  return chain.map((entry) => {
+    const [resource, selectorSpec = "*"] = entry.split(":", 2);
+    if (!resource)
+      throw new Error(`Invalid resource chain entry: ${entry}`);
+    if (selectorSpec === "*") {
+      return { resource };
+    }
+    const selector = Object.fromEntries(
+      selectorSpec.split(",").map((segment) => {
+        const [key, rawValue] = segment.split("=", 2);
+        if (!key || !rawValue)
+          throw new Error(`Invalid selector segment: ${segment}`);
+        return [key, renderTemplate(rawValue, bindings)];
+      })
+    );
+    return { resource, selector };
+  });
+}
+function matchOperation(operation, argv) {
+  if (argv.length < operation.command.length)
+    return null;
+  const prefix = argv.slice(0, operation.command.length);
+  if (prefix.join("\0") !== operation.command.join("\0"))
+    return null;
+  const remainder = argv.slice(operation.command.length);
+  const { options, positionals } = parseOptionArgs(remainder);
+  const expectedPositionals = operation.positionals ?? [];
+  if (positionals.length !== expectedPositionals.length)
+    return null;
+  for (const option of operation.required_options ?? []) {
+    if (!options[option])
+      return null;
+  }
+  const bindings = { ...options };
+  expectedPositionals.forEach((name, index) => {
+    bindings[name] = positionals[index];
+  });
+  return bindings;
+}
+async function resolveCommand(loaded, fullArgv) {
+  const [executable, ...commandArgv] = fullArgv;
+  if (!executable) {
+    throw new Error("Missing wrapped command");
+  }
+  if (executable !== loaded.adapter.cli.executable) {
+    throw new Error(`Adapter ${loaded.adapter.cli.id} expects executable ${loaded.adapter.cli.executable}, got ${executable}`);
+  }
+  const matches = loaded.adapter.operations.flatMap((operation2) => {
+    try {
+      const bindings2 = matchOperation(operation2, commandArgv);
+      return bindings2 ? [{ operation: operation2, bindings: bindings2 }] : [];
+    } catch {
+      return [];
+    }
+  });
+  if (matches.length === 0) {
+    throw new Error(`No adapter operation matched: ${fullArgv.join(" ")}`);
+  }
+  if (matches.length > 1) {
+    matches.sort((a, b) => {
+      const scoreA = (a.operation.required_options?.length ?? 0) + (a.operation.positionals?.length ?? 0) + (a.operation.exact_command ? 1 : 0);
+      const scoreB = (b.operation.required_options?.length ?? 0) + (b.operation.positionals?.length ?? 0) + (b.operation.exact_command ? 1 : 0);
+      return scoreB - scoreA;
+    });
+  }
+  const { operation, bindings } = matches[0];
+  const resource_chain = parseResourceChain(operation.resource_chain, bindings);
+  const detail = {
+    type: "openape_cli",
+    cli_id: loaded.adapter.cli.id,
+    operation_id: operation.id,
+    resource_chain,
+    action: operation.action,
+    permission: "",
+    display: renderTemplate(operation.display, bindings),
+    risk: operation.risk,
+    ...operation.exact_command ? { constraints: { exact_command: true } } : {}
+  };
+  detail.permission = canonicalizeCliPermission(detail);
+  return {
+    adapter: loaded.adapter,
+    source: loaded.source,
+    digest: loaded.digest,
+    executable,
+    commandArgv,
+    bindings,
+    detail,
+    executionContext: {
+      argv: fullArgv,
+      argv_hash: await computeArgvHash(fullArgv),
+      adapter_id: loaded.adapter.cli.id,
+      adapter_version: loaded.adapter.cli.version ?? loaded.adapter.schema,
+      adapter_digest: loaded.digest,
+      resolved_executable: executable,
+      context_bindings: bindings
+    },
+    permission: detail.permission
+  };
+}
+async function createFallbackCommand(commandString) {
+  const argv = parseCommandString(commandString);
+  const hash = await computeArgvHash(argv);
+  return {
+    command: commandString,
+    argv,
+    hash,
+    permission: `unknown.command[hash=${hash.slice(7, 19)}]#execute`,
+    display: `Execute: ${commandString.length > 60 ? `${commandString.slice(0, 57)}...` : commandString}`,
+    risk: "high"
+  };
+}
+function parseCommandString(command) {
+  const argv = [];
+  let current = "";
+  let inQuote = null;
+  for (let i = 0; i < command.length; i++) {
+    const char = command[i];
+    if (inQuote) {
+      if (char === inQuote) {
+        inQuote = null;
+      } else {
+        current += char;
+      }
+    } else if (char === "'" || char === '"') {
+      inQuote = char;
+    } else if (char === " " || char === "	") {
+      if (current) {
+        argv.push(current);
+        current = "";
+      }
+    } else {
+      current += char;
+    }
+  }
+  if (current)
+    argv.push(current);
+  return argv;
+}
+async function resolveCommandFromAdapters(adapters, commandString) {
+  const argv = parseCommandString(commandString);
+  if (argv.length === 0) {
+    throw new Error("Empty command");
+  }
+  const executable = argv[0];
+  for (const loaded of adapters) {
+    if (loaded.adapter.cli.executable !== executable)
+      continue;
+    try {
+      const resolved = await resolveCommand(loaded, argv);
+      return { resolved, fallback: null };
+    } catch {
+    }
+  }
+  const fallback = await createFallbackCommand(commandString);
+  return { resolved: null, fallback };
+}
+// src/execution/executor.ts
+async function executeCommand(api, options) {
+  const { command, args, jwt, privileged, apesBinaryPath, timeout } = options;
+  if (privileged && jwt && apesBinaryPath) {
+    return executeWithApes(api, { command, args, jwt, binaryPath: apesBinaryPath, timeout });
+  }
+  return executeDirectly(api, { command, args, timeout });
+}
+async function executeDirectly(api, options) {
+  try {
+    const result = await api.runtime.system.runCommandWithTimeout(
+      options.command,
+      options.args,
+      { timeout: options.timeout ?? 3e4 }
+    );
+    if (result.exitCode !== 0) {
+      return {
+        success: false,
+        output: result.stdout || void 0,
+        error: result.stderr || `Command exited with code ${result.exitCode}`
+      };
+    }
+    return {
+      success: true,
+      output: result.stdout
+    };
+  } catch (error) {
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : String(error)
+    };
+  }
+}
+async function executeWithApes(api, options) {
+  try {
+    const result = await api.runtime.system.runCommandWithTimeout(
+      options.binaryPath,
+      ["--grant", options.jwt, "--", options.command, ...options.args],
+      { timeout: options.timeout ?? 3e4 }
+    );
+    if (result.exitCode !== 0) {
+      return {
+        success: false,
+        output: result.stdout || void 0,
+        error: result.stderr || `apes exited with code ${result.exitCode}`
+      };
+    }
+    return {
+      success: true,
+      output: result.stdout
+    };
+  } catch (error) {
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : String(error)
+    };
+  }
+}
+// src/idp/idp-grants.ts
+import { hostname } from "os";
+import { verifyAuthzJWT } from "@openape/grants";
+import { cliAuthorizationDetailCovers as cliAuthorizationDetailCovers2 } from "@openape/core";
+// src/idp/discovery.ts
+import { resolveIdP } from "@openape/core";
+var _discoveryCache = {};
+function extractDomain(email) {
+  const parts = email.split("@");
+  if (parts.length !== 2 || !parts[1])
+    throw new Error(`Invalid email: ${email}`);
+  return parts[1];
+}
+async function discoverIdpUrl(email, pinnedUrl) {
+  if (pinnedUrl)
+    return pinnedUrl;
+  const domain = extractDomain(email);
+  const idpUrl = await resolveIdP(domain);
+  if (!idpUrl)
+    throw new Error(`No DDISA record found for domain: ${domain}`);
+  return idpUrl;
+}
+async function discoverEndpoints(idpUrl) {
+  if (_discoveryCache[idpUrl])
+    return _discoveryCache[idpUrl];
+  try {
+    const response = await fetch(`${idpUrl}/.well-known/openid-configuration`);
+    if (response.ok) {
+      const data = await response.json();
+      _discoveryCache[idpUrl] = data;
+      return data;
+    }
+  } catch {
+  }
+  _discoveryCache[idpUrl] = {};
+  return {};
+}
+async function getGrantsEndpoint(idpUrl) {
+  const disco = await discoverEndpoints(idpUrl);
+  return disco.openape_grants_endpoint || `${idpUrl}/api/grants`;
+}
+async function getAgentChallengeEndpoint(idpUrl) {
+  const disco = await discoverEndpoints(idpUrl);
+  return disco.ddisa_agent_challenge_endpoint || `${idpUrl}/api/agent/challenge`;
+}
+async function getAgentAuthenticateEndpoint(idpUrl) {
+  const disco = await discoverEndpoints(idpUrl);
+  return disco.ddisa_agent_authenticate_endpoint || `${idpUrl}/api/agent/authenticate`;
+}
+async function getJwksUri(idpUrl) {
+  const disco = await discoverEndpoints(idpUrl);
+  return disco.jwks_uri || `${idpUrl}/.well-known/jwks.json`;
+}
+function clearDiscoveryCache() {
+  for (const key of Object.keys(_discoveryCache))
+    delete _discoveryCache[key];
+}
+// src/idp/idp-grants.ts
+async function handleIdpGrantExec(ctx, options) {
+  const { config, api, authState, store, cache, audit } = ctx;
+  const { resolved, fallback, command, reason, privileged } = options;
+  let permission;
+  let display;
+  let risk;
+  let detail = null;
+  let argv;
+  if (resolved) {
+    permission = resolved.permission;
+    display = resolved.detail.display;
+    risk = resolved.detail.risk;
+    detail = resolved.detail;
+    argv = [resolved.executable, ...resolved.commandArgv];
+  } else if (fallback) {
+    permission = fallback.permission;
+    display = fallback.display;
+    risk = fallback.risk;
+    argv = fallback.argv;
+  } else {
+    return { success: false, error: "Command resolution failed" };
+  }
+  if (detail) {
+    const cached = cache.lookup(permission, detail);
+    if (cached) {
+      api.log.info(`[grants] IdP cache hit for ${permission}`);
+      audit.write({ event: "grant_used", grantId: cached.id, permission, command, detail: "idp cache hit" });
+      return doExecute(api, config, argv, cached.jwt, privileged);
+    }
+  }
+  const grantsEndpoint = await getGrantsEndpoint(authState.idpUrl);
+  const grantBody = {
+    requester: authState.email,
+    target_host: hostname(),
+    audience: config.audience,
+    grant_type: config.defaultApproval,
+    command: argv,
+    reason: reason ?? display,
+    permissions: [permission]
+  };
+  if (resolved) {
+    grantBody.authorization_details = [resolved.detail];
+    grantBody.execution_context = resolved.executionContext;
+  }
+  const createResp = await fetch(grantsEndpoint, {
+    method: "POST",
+    headers: {
+      "Authorization": `Bearer ${authState.token}`,
+      "Content-Type": "application/json"
+    },
+    body: JSON.stringify(grantBody)
+  });
+  if (!createResp.ok) {
+    const text = await createResp.text();
+    return { success: false, error: `IdP grant creation failed: ${createResp.status} ${text}` };
+  }
+  const { id: grantId } = await createResp.json();
+  audit.write({ event: "grant_requested", grantId, permission, command });
+  const localGrant = store.createGrant({ permission, command, reason, risk, display });
+  const pollInterval = config.pollIntervalMs ?? 3e3;
+  const pollTimeout = config.pollTimeoutMs ?? 3e5;
+  const deadline = Date.now() + pollTimeout;
+  while (Date.now() < deadline) {
+    const statusResp = await fetch(`${grantsEndpoint}/${grantId}`, {
+      headers: { Authorization: `Bearer ${authState.token}` }
+    });
+    if (statusResp.ok) {
+      const { status } = await statusResp.json();
+      if (status === "approved")
+        break;
+      if (status === "denied" || status === "revoked") {
+        audit.write({ event: "grant_denied", grantId, permission });
+        store.denyGrant(localGrant.id);
+        return { success: false, error: `Grant ${status}: ${display}` };
+      }
+    }
+    await new Promise((resolve) => setTimeout(resolve, pollInterval));
+  }
+  if (Date.now() >= deadline) {
+    return { success: false, error: `Grant approval timed out for: ${display}` };
+  }
+  const tokenResp = await fetch(`${grantsEndpoint}/${grantId}/token`, {
+    method: "POST",
+    headers: { Authorization: `Bearer ${authState.token}` }
+  });
+  if (!tokenResp.ok) {
+    return { success: false, error: `Failed to fetch grant token: ${tokenResp.status}` };
+  }
+  const { authz_jwt: jwt } = await tokenResp.json();
+  if (resolved) {
+    const jwksUri = await getJwksUri(authState.idpUrl);
+    const verifyResult = await verifyAuthzJWT(jwt, {
+      expectedIss: authState.idpUrl,
+      expectedAud: config.audience,
+      jwksUri
+    });
+    if (!verifyResult.valid) {
+      return { success: false, error: `Grant JWT verification failed: ${verifyResult.error}` };
+    }
+    const claims = verifyResult.claims;
+    const grantedDetails = extractCliDetails(claims);
+    if (grantedDetails.length > 0 && !grantedDetails.some((d) => cliAuthorizationDetailCovers2(d, resolved.detail))) {
+      return { success: false, error: `Grant does not cover required permission: ${permission}` };
+    }
+  }
+  const approval = config.defaultApproval;
+  store.approveGrant(localGrant.id, approval);
+  if (detail && approval !== "once") {
+    const updatedGrant = store.getGrant(localGrant.id);
+    updatedGrant.jwt = jwt;
+    cache.put(updatedGrant, detail);
+  }
+  store.consumeGrant(localGrant.id);
+  audit.write({ event: "grant_approved", grantId, permission, command });
+  return doExecute(api, config, argv, jwt, privileged);
+}
+function extractCliDetails(claims) {
+  const details = claims.authorization_details;
+  if (!Array.isArray(details))
+    return [];
+  return details.filter(
+    (d) => typeof d === "object" && d !== null && d.type === "openape_cli"
+  );
+}
+async function doExecute(api, config, argv, jwt, privileged) {
+  const [command, ...args] = argv;
+  if (!command)
+    return { success: false, error: "Empty command" };
+  return executeCommand(api, {
+    command,
+    args,
+    jwt,
+    privileged: privileged && config.apes?.enabled,
+    apesBinaryPath: config.apes?.binaryPath ?? "apes"
+  });
+}
+// src/tools/grant-exec.ts
+async function handleGrantExec(ctx, input) {
+  const { config, api, adapters, store, cache, audit } = ctx;
+  const resolution = await resolveCommandFromAdapters(adapters, input.command);
+  let permission;
+  let display;
+  let risk;
+  let detail = null;
+  let executionContext = null;
+  let argv;
+  if (resolution.resolved) {
+    const r = resolution.resolved;
+    permission = r.permission;
+    display = r.detail.display;
+    risk = r.detail.risk;
+    detail = r.detail;
+    executionContext = r.executionContext;
+    argv = [r.executable, ...r.commandArgv];
+  } else if (resolution.fallback) {
+    const f = resolution.fallback;
+    permission = f.permission;
+    display = f.display;
+    risk = f.risk;
+    argv = f.argv;
+  } else {
+    return { success: false, error: "Command resolution failed" };
+  }
+  if (detail) {
+    const cached = cache.lookup(permission, detail);
+    if (cached) {
+      api.log.info(`[grants] Cache hit for ${permission}`);
+      audit.write({ event: "grant_used", grantId: cached.id, permission, command: input.command, detail: "cache hit" });
+      return doExecute2(ctx, argv, input, cached.jwt);
+    }
+  }
+  const grant = store.createGrant({
+    permission,
+    command: input.command,
+    reason: input.reason,
+    risk,
+    display
+  });
+  audit.write({ event: "grant_requested", grantId: grant.id, permission, command: input.command });
+  if (config.mode === "local") {
+    if (!ctx.channelApproval) {
+      return { success: false, error: "Channel approval not available" };
+    }
+    const result = await ctx.channelApproval.requestApproval(grant);
+    if (!result.approved) {
+      audit.write({ event: "grant_denied", grantId: grant.id, permission });
+      return { success: false, error: `Grant denied for: ${display}` };
+    }
+    const approvedGrant = store.getGrant(grant.id);
+    if (!approvedGrant || approvedGrant.status !== "approved") {
+      return { success: false, error: "Grant not in approved state" };
+    }
+    let jwt;
+    if (ctx.localJwt && detail && executionContext) {
+      jwt = await ctx.localJwt.signGrant({
+        grant: approvedGrant,
+        audience: config.audience,
+        detail,
+        executionContext
+      });
+      approvedGrant.jwt = jwt;
+    }
+    if (detail && approvedGrant.approval !== "once") {
+      cache.put(approvedGrant, detail);
+    }
+    store.consumeGrant(approvedGrant.id);
+    audit.write({ event: "grant_approved", grantId: approvedGrant.id, permission, command: input.command });
+    return doExecute2(ctx, argv, input, jwt);
+  }
+  if (config.mode === "idp") {
+    if (!ctx.idpAuthState) {
+      return { success: false, error: "IdP authentication not available. Check agentEmail and agentKeyPath config." };
+    }
+    return handleIdpGrantExec(
+      { config, api, authState: ctx.idpAuthState, store, cache, audit },
+      { resolved: resolution.resolved, fallback: resolution.fallback, command: input.command, reason: input.reason, privileged: input.privileged }
+    );
+  }
+  return { success: false, error: `Unknown mode: ${config.mode}` };
+}
+async function doExecute2(ctx, argv, input, jwt) {
+  const { config, api, audit } = ctx;
+  const [command, ...args] = argv;
+  if (!command) {
+    return { success: false, error: "Empty command" };
+  }
+  const privileged = input.privileged && config.apes?.enabled;
+  const result = await executeCommand(api, {
+    command,
+    args,
+    jwt,
+    privileged,
+    apesBinaryPath: config.apes?.binaryPath ?? "apes"
+  });
+  audit.write({
+    event: result.success ? "exec_success" : "exec_failed",
+    command: input.command,
+    detail: result.error
+  });
+  return result;
+}
+// src/idp/auth.ts
+import { readFileSync as readFileSync4 } from "fs";
+import { sign } from "crypto";
+async function authenticateAgent(options) {
+  const { idpUrl, email, keyPath } = options;
+  const keyContent = readFileSync4(keyPath, "utf-8");
+  const privateKey = loadEd25519PrivateKey(keyContent);
+  const challengeUrl = await getAgentChallengeEndpoint(idpUrl);
+  const challengeResp = await fetch(challengeUrl, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ agent_id: email })
+  });
+  if (!challengeResp.ok)
+    throw new Error(`Agent challenge failed: ${challengeResp.status} ${await challengeResp.text()}`);
+  const { challenge } = await challengeResp.json();
+  const signature = sign(null, Buffer.from(challenge), privateKey).toString("base64");
+  const authenticateUrl = await getAgentAuthenticateEndpoint(idpUrl);
+  const authResp = await fetch(authenticateUrl, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ agent_id: email, challenge, signature })
+  });
+  if (!authResp.ok)
+    throw new Error(`Agent authentication failed: ${authResp.status} ${await authResp.text()}`);
+  const { token, expires_in } = await authResp.json();
+  return {
+    idpUrl,
+    token,
+    email,
+    expiresAt: Math.floor(Date.now() / 1e3) + (expires_in || 3600)
+  };
+}
+function isTokenExpired(state) {
+  return Math.floor(Date.now() / 1e3) > state.expiresAt - 30;
+}
+function loadEd25519PrivateKey(content) {
+  if (content.includes("BEGIN PRIVATE KEY"))
+    return content;
+  if (content.includes("BEGIN OPENSSH PRIVATE KEY"))
+    return content;
+  throw new Error("Unsupported key format. Expected PKCS8 PEM or OpenSSH format.");
+}
+// src/execution/apes.ts
+import { existsSync as existsSync5 } from "fs";
+import { execFileSync } from "child_process";
+function detectApes(binaryPath = "apes") {
+  if (binaryPath !== "apes" && existsSync5(binaryPath)) {
+    return { available: true, path: binaryPath, version: getApesVersion(binaryPath) };
+  }
+  try {
+    const result = execFileSync("which", [binaryPath], { encoding: "utf-8", timeout: 5e3 }).trim();
+    if (result) {
+      return { available: true, path: result, version: getApesVersion(result) };
+    }
+  } catch {
+  }
+  return { available: false, path: binaryPath };
+}
+function getApesVersion(binaryPath) {
+  try {
+    return execFileSync(binaryPath, ["--version"], { encoding: "utf-8", timeout: 5e3 }).trim();
+  } catch {
+    return void 0;
+  }
+}
+function buildApesArgs(jwt, command, args) {
+  return ["--grant", jwt, "--", command, ...args];
+}
+// src/index.ts
+var BLOCKED_TOOLS = /* @__PURE__ */ new Set(["exec", "bash", "shell", "run_command"]);
+function register(api, userConfig) {
+  const config = { ...DEFAULT_CONFIG, ...userConfig };
+  api.log.info(`[grants] Initializing in ${config.mode} mode`);
+  const stateDir = api.runtime.config.getStateDir();
+  const workspaceDir = api.runtime.config.getWorkspaceDir();
+  const store = new GrantStore(stateDir);
+  const cache = new GrantCache();
+  const audit = new AuditLog(stateDir);
+  const adapters = discoverAdapters({
+    explicit: config.adapterPaths,
+    workspaceDir
+  });
+  api.log.info(`[grants] Loaded ${adapters.length} adapters: ${adapters.map((a) => a.adapter.cli.id).join(", ")}`);
+  let localJwt = null;
+  let channelApproval = null;
+  if (config.mode === "local") {
+    localJwt = new LocalJwtSigner(stateDir);
+    channelApproval = new ChannelApproval(api, store, config.pollTimeoutMs);
+    localJwt.init().catch((error) => {
+      api.log.error(`[grants] Failed to init local JWT: ${error}`);
+    });
+  }
+  let idpAuthState = null;
+  if (config.mode === "idp") {
+    if (!config.agentEmail || !config.agentKeyPath) {
+      api.log.error("[grants] IdP mode requires agentEmail and agentKeyPath");
+    } else {
+      discoverIdpUrl(config.agentEmail, config.idpUrl).then((idpUrl) => authenticateAgent({
+        idpUrl,
+        email: config.agentEmail,
+        keyPath: config.agentKeyPath
+      })).then((state) => {
+        idpAuthState = state;
+        api.log.info(`[grants] IdP auth OK: ${state.email} @ ${state.idpUrl}`);
+      }).catch((error) => {
+        api.log.error(`[grants] IdP auth failed: ${error}`);
+      });
+    }
+  }
+  api.registerTool({
+    name: "grant_exec",
+    description: [
+      "Execute a CLI command with grant-based authorization.",
+      "Commands are resolved against adapters for granular permissions.",
+      "The owner must approve the grant before execution proceeds."
+    ].join(" "),
+    inputSchema: {
+      type: "object",
+      properties: {
+        command: {
+          type: "string",
+          description: 'The full CLI command to execute (e.g. "gh pr merge 42 --repo openape/core")'
+        },
+        reason: {
+          type: "string",
+          description: "Why this command needs to be executed"
+        },
+        privileged: {
+          type: "boolean",
+          description: "Whether this command requires elevated privileges (via apes)"
+        }
+      },
+      required: ["command"]
+    },
+    handler: async (input) => {
+      api.log.info(`[grants] grant_exec called: ${input.command}`);
+      return handleGrantExec(
+        { config, api, adapters, store, cache, audit, localJwt, channelApproval, idpAuthState },
+        input
+      );
+    }
+  });
+  api.on("before_tool_call", async (context) => {
+    if (BLOCKED_TOOLS.has(context.toolName)) {
+      api.log.warn(`[grants] Blocked tool: ${context.toolName} \u2014 use grant_exec instead`);
+      audit.write({ event: "exec_blocked", command: String(context.toolInput.command ?? context.toolName) });
+      return {
+        allow: false,
+        message: `Direct command execution via "${context.toolName}" is disabled. Use grant_exec instead for authorized command execution.`
+      };
+    }
+    return { allow: true };
+  }, { priority: 100 });
+  api.registerHttpRoute({
+    path: "/grants/.well-known/jwks.json",
+    method: "GET",
+    handler: async () => {
+      if (!localJwt) {
+        return {
+          status: 404,
+          headers: { "Content-Type": "application/json" },
+          body: { error: "JWKS not available in IdP mode" }
+        };
+      }
+      try {
+        const jwks = await localJwt.getJwks();
+        return {
+          status: 200,
+          headers: { "Content-Type": "application/json", "Cache-Control": "public, max-age=3600" },
+          body: jwks
+        };
+      } catch {
+        return {
+          status: 500,
+          headers: { "Content-Type": "application/json" },
+          body: { error: "JWKS not ready" }
+        };
+      }
+    }
+  });
+  api.registerCli({
+    name: "grants",
+    description: "Manage grant-based command execution",
+    subcommands: [
+      {
+        name: "status",
+        description: "Show grant system status (mode, auth, active grants)",
+        handler: async () => {
+          console.log(`Mode: ${config.mode}`);
+          console.log(`Adapters: ${adapters.length} loaded`);
+          console.log(`Active grants: ${store.getActiveGrantCount()}`);
+          console.log(`Cache entries: ${cache.size()}`);
+        }
+      },
+      {
+        name: "list",
+        description: "List all grants",
+        handler: async () => {
+          const grants = store.listGrants();
+          if (grants.length === 0) {
+            console.log("No grants");
+            return;
+          }
+          for (const g of grants) {
+            console.log(`${g.id} [${g.status}] ${g.permission} (${g.approval})`);
+          }
+        }
+      },
+      {
+        name: "revoke",
+        description: "Revoke a grant by ID",
+        handler: async (args) => {
+          const id = args[0];
+          if (!id) {
+            console.error("Usage: openclaw grants revoke <grant-id>");
+            return;
+          }
+          const success = store.revokeGrant(id);
+          if (success) {
+            cache.remove(store.getGrant(id)?.permission ?? "");
+            audit.write({ event: "grant_revoked", grantId: id });
+            console.log(`Grant ${id} revoked`);
+          } else {
+            console.error(`Grant ${id} not found or cannot be revoked`);
+          }
+        }
+      },
+      {
+        name: "adapters",
+        description: "List loaded adapters and their operations",
+        handler: async () => {
+          if (adapters.length === 0) {
+            console.log("No adapters loaded");
+            return;
+          }
+          for (const a of adapters) {
+            console.log(`
+${a.adapter.cli.id} (${a.adapter.cli.executable})`);
+            for (const op of a.adapter.operations) {
+              console.log(`  ${op.id}: ${op.display} [${op.risk}]`);
+            }
+          }
+        }
+      }
+    ],
+    handler: async (args) => {
+      console.log(`Unknown subcommand: ${args.join(" ")}`);
+      console.log("Available: status, list, revoke, adapters");
+    }
+  });
+  api.log.info("[grants] Plugin registered successfully");
+}
+export {
+  AuditLog,
+  ChannelApproval,
+  GrantCache,
+  GrantStore,
+  LocalJwtSigner,
+  authenticateAgent,
+  buildApesArgs,
+  clearDiscoveryCache,
+  createFallbackCommand,
+  detectApes,
+  discoverAdapters,
+  discoverEndpoints,
+  discoverIdpUrl,
+  executeCommand,
+  getGrantsEndpoint,
+  handleGrantExec,
+  handleIdpGrantExec,
+  isTokenExpired,
+  loadAdapter,
+  loadAdapterFromFile,
+  parseAdapterToml,
+  parseCommandString,
+  register,
+  resolveCommand,
+  resolveCommandFromAdapters
+};
+//# sourceMappingURL=index.js.map