@opengoat/core 2026.2.15 → 2026.2.18-2

package/dist/core/providers/application/provider.service.js

@@ -1,7 +1,17 @@
+import { normalizeAgentId } from "../../domain/agent-id.js";
 import { createNoopLogger } from "../../logging/index.js";
 import { executeCommand } from "../command-executor.js";
-import { InvalidProviderConfigError, UnsupportedProviderActionError } from "../index.js";
+import { callOpenClawGatewayRpc, resolveGatewayAgentCallTimeoutMs, } from "../openclaw-gateway-rpc.js";
+import { AgentConfigNotFoundError, InvalidAgentConfigError, InvalidProviderConfigError, ProviderCommandNotFoundError, UnsupportedProviderActionError } from "../index.js";
 const OPENCLAW_PROVIDER_ID = "openclaw";
+const AGENT_CONFIG_FILE_NAME = "config.json";
+const PROVIDER_SESSION_BINDINGS_SCHEMA_VERSION = 1;
+const OPENCLAW_RETRYABLE_FAILURE_MAX_ATTEMPTS = 4;
+const OPENCLAW_RETRY_BACKOFF_BASE_MS = 100;
+const OPENCLAW_RETRY_BACKOFF_MAX_MS = 1_500;
+const OPENCLAW_COMMAND_RESPONSE_TIMEOUT_MS = 30_000;
+const OPENCLAW_COMMAND_RESPONSE_POLL_MS = 250;
+const OPENCLAW_COMMAND_HISTORY_LIMIT = 250;
 export class ProviderService {
     fileSystem;
     pathPort;
@@ -18,27 +28,26 @@ export class ProviderService {
     }
     async listProviders() {
         const registry = await this.getProviderRegistry();
-        const provider = registry.create(OPENCLAW_PROVIDER_ID);
-        return [
-            {
-                id: provider.id,
-                displayName: provider.displayName,
-                kind: provider.kind,
-                capabilities: provider.capabilities
-            }
-        ];
+        return registry.listProviders().map((provider) => ({
+            id: provider.id,
+            displayName: provider.displayName,
+            kind: provider.kind,
+            capabilities: provider.capabilities
+        }));
     }
     async getProviderOnboarding(providerId) {
-        assertOpenClawProviderId(providerId);
+        const normalizedProviderId = normalizeProviderId(providerId);
         const registry = await this.getProviderRegistry();
-        return registry.getProviderOnboarding(OPENCLAW_PROVIDER_ID);
+        return registry.getProviderOnboarding(normalizedProviderId);
     }
     async invokeProviderAuth(paths, providerId, options = {}) {
-        assertOpenClawProviderId(providerId);
+        const normalizedProviderId = normalizeProviderId(providerId);
         const registry = await this.getProviderRegistry();
-        const provider = registry.create(OPENCLAW_PROVIDER_ID);
-        const env = await this.resolveProviderEnv(paths, options.env);
-        this.logger.info("Invoking OpenClaw auth.");
+        const provider = registry.create(normalizedProviderId);
+        const env = await this.resolveProviderEnv(paths, normalizedProviderId, options.env);
+        this.logger.info("Invoking provider auth.", {
+            providerId: provider.id
+        });
         return provider.invokeAuth?.({
             ...options,
             env
@@ -49,8 +58,8 @@ export class ProviderService {
         };
     }
     async getProviderConfig(paths, providerId) {
-        assertOpenClawProviderId(providerId);
-        const configPath = this.getProviderConfigPath(paths);
+        const normalizedProviderId = normalizeProviderId(providerId);
+        const configPath = this.getProviderConfigPath(paths, normalizedProviderId);
         const exists = await this.fileSystem.exists(configPath);
         if (!exists) {
             return null;
@@ -61,18 +70,21 @@ export class ProviderService {
             parsed = JSON.parse(raw);
         }
         catch {
-            throw new InvalidProviderConfigError(providerId, configPath);
+            throw new InvalidProviderConfigError(normalizedProviderId, configPath);
         }
         if (!isProviderStoredConfig(parsed)) {
-            throw new InvalidProviderConfigError(providerId, configPath, "schema mismatch");
+            throw new InvalidProviderConfigError(normalizedProviderId, configPath, "schema mismatch");
+        }
+        if (parsed.providerId.trim().toLowerCase() !== normalizedProviderId) {
+            throw new InvalidProviderConfigError(normalizedProviderId, configPath, `provider id mismatch (found "${parsed.providerId}")`);
         }
         return parsed;
     }
     async setProviderConfig(paths, providerId, env, options = {}) {
-        assertOpenClawProviderId(providerId);
-        const providerDir = this.pathPort.join(paths.providersDir, OPENCLAW_PROVIDER_ID);
-        const configPath = this.getProviderConfigPath(paths);
-        const existing = await this.getProviderConfig(paths, OPENCLAW_PROVIDER_ID);
+        const normalizedProviderId = normalizeProviderId(providerId);
+        const providerDir = this.pathPort.join(paths.providersDir, normalizedProviderId);
+        const configPath = this.getProviderConfigPath(paths, normalizedProviderId);
+        const existing = await this.getProviderConfig(paths, normalizedProviderId);
         const replace = options.replace ?? false;
         const mergedEnv = sanitizeEnvMap({
             ...(replace ? {} : (existing?.env ?? {})),
@@ -80,7 +92,7 @@ export class ProviderService {
         });
         const next = {
             schemaVersion: 1,
-            providerId: OPENCLAW_PROVIDER_ID,
+            providerId: normalizedProviderId,
             env: mergedEnv,
             updatedAt: this.nowIso()
         };
@@ -89,7 +101,7 @@ export class ProviderService {
         return next;
     }
     async getOpenClawGatewayConfig(paths, inputEnv) {
-        const env = await this.resolveProviderEnv(paths, inputEnv);
+        const env = await this.resolveProviderEnv(paths, OPENCLAW_PROVIDER_ID, inputEnv);
         const explicitMode = env.OPENGOAT_OPENCLAW_GATEWAY_MODE?.trim().toLowerCase();
         const parsedArgs = parseOpenClawArguments(env.OPENCLAW_ARGUMENTS ?? "");
         const mode = explicitMode === "external" || parsedArgs.remoteUrl || parsedArgs.token ? "external" : "local";
@@ -125,116 +137,319 @@ export class ProviderService {
         await this.setProviderConfig(paths, OPENCLAW_PROVIDER_ID, nextEnv, { replace: true });
         return this.getOpenClawGatewayConfig(paths);
     }
-    async getAgentProvider(_paths, agentId) {
+    async getAgentProvider(paths, agentId) {
+        const normalizedAgentId = normalizeAgentIdentity(agentId);
+        const providerId = await this.resolveAgentProviderId(paths, normalizedAgentId);
         return {
-            agentId,
-            providerId: OPENCLAW_PROVIDER_ID
+            agentId: normalizedAgentId,
+            providerId,
         };
     }
-    async setAgentProvider(_paths, agentId, providerId) {
-        assertOpenClawProviderId(providerId);
+    async setAgentProvider(paths, agentId, providerId) {
+        const normalizedAgentId = normalizeAgentIdentity(agentId);
+        const normalizedProviderId = normalizeProviderId(providerId);
+        await this.assertProviderExists(normalizedProviderId);
+        if (normalizedAgentId === "ceo" &&
+            normalizedProviderId !== OPENCLAW_PROVIDER_ID) {
+            throw new Error("ceo provider is fixed to \"openclaw\".");
+        }
+        const configPath = this.pathPort.join(paths.agentsDir, normalizedAgentId, AGENT_CONFIG_FILE_NAME);
+        const config = await this.readAgentConfig(configPath, normalizedAgentId);
+        const runtime = asRecord(config.runtime);
+        const currentProvider = asRecord(runtime.provider);
+        runtime.provider = {
+            ...currentProvider,
+            id: normalizedProviderId,
+        };
+        if ("adapter" in runtime) {
+            delete runtime.adapter;
+        }
+        config.runtime = runtime;
+        await this.fileSystem.writeFile(configPath, `${JSON.stringify(config, null, 2)}\n`);
         return {
-            agentId,
-            providerId: OPENCLAW_PROVIDER_ID
+            agentId: normalizedAgentId,
+            providerId: normalizedProviderId,
         };
     }
     async invokeAgent(paths, agentId, options, runtimeContext = {}) {
+        const normalizedAgentId = normalizeAgentIdentity(agentId);
+        const binding = await this.getAgentProvider(paths, normalizedAgentId);
         const registry = await this.getProviderRegistry();
-        const provider = registry.create(OPENCLAW_PROVIDER_ID);
+        const provider = registry.create(binding.providerId);
         const mergedSystemPrompt = options.systemPrompt?.trim();
+        const env = await this.resolveProviderEnv(paths, provider.id, options.env);
+        const providerSessionAlias = options.providerSessionId?.trim();
+        const mappedProviderSessionId = await this.resolveProviderSessionIdAlias(paths, provider.id, normalizedAgentId, providerSessionAlias);
         const invokeOptions = {
             ...options,
             systemPrompt: mergedSystemPrompt || undefined,
             cwd: options.cwd,
-            env: await this.resolveProviderEnv(paths, options.env),
-            agent: provider.capabilities.agent ? options.agent || agentId : options.agent
+            env,
+            providerSessionId: mappedProviderSessionId,
+            agent: provider.capabilities.agent
+                ? options.agent || normalizedAgentId
+                : options.agent
         };
-        this.logger.info("Invoking OpenClaw for agent.", {
-            agentId,
+        this.logger.info("Invoking provider for agent.", {
+            agentId: normalizedAgentId,
+            providerId: provider.id,
             cwd: invokeOptions.cwd
         });
         runtimeContext.hooks?.onInvocationStarted?.({
             runId: runtimeContext.runId,
             timestamp: this.nowIso(),
             step: runtimeContext.step,
-            agentId,
+            agentId: normalizedAgentId,
             providerId: provider.id
         });
-        let result = await provider.invoke(invokeOptions);
-        result = await this.retryGatewayInvocationOnUvCwdFailure(paths, provider, invokeOptions, result);
+        let result;
+        try {
+            if (provider.id === OPENCLAW_PROVIDER_ID &&
+                isOpenClawCommandMessage(invokeOptions.message)) {
+                result = await this.invokeOpenClawCommandViaGateway(normalizedAgentId, invokeOptions, env);
+            }
+            else if (provider.id === OPENCLAW_PROVIDER_ID) {
+                result = await this.invokeOpenClawProviderWithRecovery(paths, provider, invokeOptions);
+            }
+            else {
+                result = await provider.invoke(invokeOptions);
+            }
+        }
+        catch (error) {
+            if (error instanceof ProviderCommandNotFoundError &&
+                provider.id === OPENCLAW_PROVIDER_ID) {
+                result = await this.invokeAgentViaGateway(normalizedAgentId, invokeOptions, env);
+            }
+            else {
+                throw error;
+            }
+        }
+        await this.persistProviderSessionIdAlias(paths, provider.id, normalizedAgentId, providerSessionAlias, result.providerSessionId);
         runtimeContext.hooks?.onInvocationCompleted?.({
             runId: runtimeContext.runId,
             timestamp: this.nowIso(),
             step: runtimeContext.step,
-            agentId,
+            agentId: normalizedAgentId,
             providerId: provider.id,
             code: result.code
         });
         return {
             ...result,
-            agentId,
+            agentId: normalizedAgentId,
             providerId: provider.id
         };
     }
     async createProviderAgent(paths, agentId, options) {
-        if (options.providerId) {
-            assertOpenClawProviderId(options.providerId);
-        }
+        const normalizedAgentId = normalizeAgentIdentity(agentId);
+        const requestedProviderId = options.providerId?.trim()
+            ? normalizeProviderId(options.providerId)
+            : OPENCLAW_PROVIDER_ID;
         const registry = await this.getProviderRegistry();
-        const provider = registry.create(OPENCLAW_PROVIDER_ID);
+        const provider = registry.create(requestedProviderId);
         if (!provider.capabilities.agentCreate || !provider.createAgent) {
             throw new UnsupportedProviderActionError(provider.id, "create_agent");
         }
-        const result = await provider.createAgent({
-            agentId,
-            displayName: options.displayName,
-            workspaceDir: options.workspaceDir,
-            internalConfigDir: options.internalConfigDir,
-            cwd: options.cwd,
-            env: await this.resolveProviderEnv(paths, options.env),
-            onStdout: options.onStdout,
-            onStderr: options.onStderr
-        });
+        const env = await this.resolveProviderEnv(paths, provider.id, options.env);
+        let result;
+        try {
+            result = await provider.createAgent({
+                agentId: normalizedAgentId,
+                displayName: options.displayName,
+                workspaceDir: options.workspaceDir,
+                internalConfigDir: options.internalConfigDir,
+                cwd: options.cwd,
+                env,
+                onStdout: options.onStdout,
+                onStderr: options.onStderr
+            });
+        }
+        catch (error) {
+            if (error instanceof ProviderCommandNotFoundError &&
+                provider.id === OPENCLAW_PROVIDER_ID) {
+                result = await this.createProviderAgentViaGateway(normalizedAgentId, {
+                    displayName: options.displayName,
+                    workspaceDir: options.workspaceDir,
+                    internalConfigDir: options.internalConfigDir,
+                    env,
+                });
+            }
+            else {
+                throw error;
+            }
+        }
         return {
             ...result,
-            agentId,
+            agentId: normalizedAgentId,
             providerId: provider.id
         };
     }
     async deleteProviderAgent(paths, agentId, options) {
-        if (options.providerId) {
-            assertOpenClawProviderId(options.providerId);
-        }
+        const normalizedAgentId = normalizeAgentIdentity(agentId);
+        const requestedProviderId = options.providerId?.trim()
+            ? normalizeProviderId(options.providerId)
+            : OPENCLAW_PROVIDER_ID;
         const registry = await this.getProviderRegistry();
-        const provider = registry.create(OPENCLAW_PROVIDER_ID);
+        const provider = registry.create(requestedProviderId);
         if (!provider.capabilities.agentDelete || !provider.deleteAgent) {
             throw new UnsupportedProviderActionError(provider.id, "delete_agent");
         }
-        const result = await provider.deleteAgent({
-            agentId,
-            cwd: options.cwd,
-            env: await this.resolveProviderEnv(paths, options.env),
-            onStdout: options.onStdout,
-            onStderr: options.onStderr
-        });
+        const env = await this.resolveProviderEnv(paths, provider.id, options.env);
+        let result;
+        try {
+            result = await provider.deleteAgent({
+                agentId: normalizedAgentId,
+                cwd: options.cwd,
+                env,
+                onStdout: options.onStdout,
+                onStderr: options.onStderr
+            });
+        }
+        catch (error) {
+            if (error instanceof ProviderCommandNotFoundError &&
+                provider.id === OPENCLAW_PROVIDER_ID) {
+                result = await this.deleteProviderAgentViaGateway(normalizedAgentId, env);
+            }
+            else {
+                throw error;
+            }
+        }
         return {
             ...result,
-            agentId,
+            agentId: normalizedAgentId,
             providerId: provider.id
         };
     }
-    async getAgentRuntimeProfile(_paths, agentId) {
+    async listOpenClawAgentsViaGateway(paths, inputEnv) {
+        const env = await this.resolveProviderEnv(paths, OPENCLAW_PROVIDER_ID, inputEnv);
+        const payload = await this.callGatewayMethod(env, "config.get", {});
+        const parsed = parseGatewayConfigPayload(payload);
+        if (!parsed) {
+            return [];
+        }
+        return readGatewayAgentsList(parsed);
+    }
+    async getOpenClawSkillsStatusViaGateway(paths, inputEnv) {
+        const env = await this.resolveProviderEnv(paths, OPENCLAW_PROVIDER_ID, inputEnv);
+        const payload = await this.callGatewayMethod(env, "skills.status", {});
+        return asRecord(payload);
+    }
+    async syncOpenClawAgentExecutionPoliciesViaGateway(paths, rawAgentIds, inputEnv) {
+        const env = await this.resolveProviderEnv(paths, OPENCLAW_PROVIDER_ID, inputEnv);
+        const warnings = [];
+        const normalizedAgentIds = [
+            ...new Set(rawAgentIds
+                .map((agentId) => normalizeAgentId(agentId))
+                .filter((agentId) => Boolean(agentId))),
+        ];
+        if (normalizedAgentIds.length === 0) {
+            return warnings;
+        }
+        const snapshot = await this.getOpenClawConfigViaGateway(paths, env);
+        const root = snapshot.config;
+        const agents = asRecord(root.agents);
+        const list = Array.isArray(agents.list) ? [...agents.list] : [];
+        const indexById = new Map();
+        for (let index = 0; index < list.length; index += 1) {
+            const entry = asRecord(list[index]);
+            const id = normalizeAgentId(String(entry.id ?? ""));
+            if (!id || indexById.has(id)) {
+                continue;
+            }
+            indexById.set(id, index);
+        }
+        let changed = false;
+        for (const agentId of normalizedAgentIds) {
+            const index = indexById.get(agentId);
+            if (index === undefined) {
+                warnings.push(`OpenClaw gateway policy sync skipped for "${agentId}" because no agents.list entry was found.`);
+                continue;
+            }
+            const current = asRecord(list[index]);
+            const next = {
+                ...current,
+            };
+            if (readAgentSandboxMode(current) !== "off") {
+                next.sandbox = {
+                    ...asRecord(current.sandbox),
+                    mode: "off",
+                };
+                changed = true;
+            }
+            if (!hasAgentToolsAllowAll(current)) {
+                next.tools = {
+                    ...asRecord(current.tools),
+                    allow: ["*"],
+                };
+                changed = true;
+            }
+            list[index] = next;
+        }
+        if (!changed) {
+            return warnings;
+        }
+        const nextRoot = {
+            ...root,
+            agents: {
+                ...agents,
+                list,
+            },
+        };
+        await this.applyOpenClawConfigViaGateway(paths, nextRoot, snapshot.hash, env);
+        return warnings;
+    }
+    async getAgentRuntimeProfile(paths, agentId) {
+        const normalizedAgentId = normalizeAgentIdentity(agentId);
+        const providerId = await this.resolveAgentProviderId(paths, normalizedAgentId);
         const registry = await this.getProviderRegistry();
-        const provider = registry.create(OPENCLAW_PROVIDER_ID);
+        const provider = registry.create(providerId);
+        const runtimePolicy = registry.getProviderRuntimePolicy(provider.id);
         return {
-            agentId,
+            agentId: normalizedAgentId,
             providerId: provider.id,
             providerKind: provider.kind,
-            workspaceAccess: "internal"
+            workspaceAccess: runtimePolicy.invocation.cwd,
+            roleSkillDirectories: [...runtimePolicy.skills.directories],
+            roleSkillIds: {
+                manager: [...runtimePolicy.skills.roleSkillIds.manager],
+                individual: [...runtimePolicy.skills.roleSkillIds.individual],
+            },
         };
     }
+    async listProviderRoleSkillDirectories() {
+        const registry = await this.getProviderRegistry();
+        const directories = new Set();
+        for (const providerId of registry.listProviderIds()) {
+            const runtimePolicy = registry.getProviderRuntimePolicy(providerId);
+            for (const directory of runtimePolicy.skills.directories) {
+                const normalized = directory.trim();
+                if (!normalized) {
+                    continue;
+                }
+                directories.add(normalized);
+            }
+        }
+        return [...directories].sort((left, right) => left.localeCompare(right));
+    }
+    async listProviderRoleSkillIds() {
+        const registry = await this.getProviderRegistry();
+        const roleSkillIds = new Set();
+        for (const providerId of registry.listProviderIds()) {
+            const runtimePolicy = registry.getProviderRuntimePolicy(providerId);
+            for (const skillId of [
+                ...runtimePolicy.skills.roleSkillIds.manager,
+                ...runtimePolicy.skills.roleSkillIds.individual,
+            ]) {
+                const normalized = skillId.trim().toLowerCase();
+                if (!normalized) {
+                    continue;
+                }
+                roleSkillIds.add(normalized);
+            }
+        }
+        return [...roleSkillIds].sort((left, right) => left.localeCompare(right));
+    }
     async restartLocalGateway(paths, inputEnv) {
-        const env = await this.resolveProviderEnv(paths, inputEnv);
+        const env = await this.resolveProviderEnv(paths, OPENCLAW_PROVIDER_ID, inputEnv);
         const gatewayConfig = await this.getOpenClawGatewayConfig(paths, env);
         if (gatewayConfig.mode !== "local") {
             return false;
@@ -263,16 +478,392 @@ export class ProviderService {
         this.logger.warn("OpenClaw gateway restarted.");
         return true;
     }
-    getProviderConfigPath(paths) {
-        return this.pathPort.join(paths.providersDir, OPENCLAW_PROVIDER_ID, "config.json");
+    async invokeAgentViaGateway(fallbackAgentId, invokeOptions, env) {
+        const agentId = (invokeOptions.agent || fallbackAgentId).trim();
+        const payload = await this.callGatewayMethod(env, "agent", buildGatewayAgentParams({
+            message: invokeOptions.message,
+            agentId,
+            model: invokeOptions.model,
+            providerSessionId: invokeOptions.providerSessionId,
+            idempotencyKey: invokeOptions.idempotencyKey,
+        }), {
+            expectFinal: true,
+            timeoutMs: resolveGatewayAgentCallTimeoutMs(),
+        });
+        const normalized = normalizeGatewayAgentPayload(payload);
+        return {
+            code: 0,
+            stdout: normalized.stdout,
+            stderr: "",
+            providerSessionId: normalized.providerSessionId,
+        };
+    }
+    async invokeOpenClawCommandViaGateway(fallbackAgentId, invokeOptions, env) {
+        const agentId = (invokeOptions.agent || fallbackAgentId).trim();
+        const idempotencyKey = invokeOptions.idempotencyKey?.trim() || `opengoat-${Date.now()}-${Math.random()}`;
+        const providerSessionId = invokeOptions.providerSessionId?.trim() || idempotencyKey;
+        const sessionKey = buildOpenClawSessionKey(agentId, providerSessionId);
+        const knownSignatures = await this.captureKnownGatewayAssistantSignatures(env, sessionKey);
+        await this.callGatewayMethod(env, "chat.send", {
+            sessionKey,
+            message: invokeOptions.message,
+            idempotencyKey,
+            deliver: false,
+        }, {
+            timeoutMs: resolveGatewayAgentCallTimeoutMs(OPENCLAW_COMMAND_RESPONSE_TIMEOUT_MS),
+        });
+        const commandResponse = await this.awaitOpenClawProgrammaticCommandResponse({
+            env,
+            sessionKey,
+            knownSignatures,
+            timeoutMs: OPENCLAW_COMMAND_RESPONSE_TIMEOUT_MS,
+            pollIntervalMs: OPENCLAW_COMMAND_RESPONSE_POLL_MS,
+        });
+        return {
+            code: 0,
+            stdout: commandResponse,
+            stderr: "",
+            providerSessionId,
+        };
+    }
+    async captureKnownGatewayAssistantSignatures(env, sessionKey) {
+        const messages = await this.readOpenClawChatHistoryMessages(env, sessionKey);
+        const signatures = new Set();
+        for (const message of messages) {
+            const signature = buildGatewayChatMessageSignature(message);
+            if (signature) {
+                signatures.add(signature);
+            }
+        }
+        return signatures;
+    }
+    async readOpenClawChatHistoryMessages(env, sessionKey) {
+        const payload = await this.callGatewayMethod(env, "chat.history", {
+            sessionKey,
+            limit: OPENCLAW_COMMAND_HISTORY_LIMIT,
+        }, {
+            timeoutMs: resolveGatewayAgentCallTimeoutMs(10_000),
+        });
+        const messages = asRecord(payload).messages;
+        if (!Array.isArray(messages)) {
+            return [];
+        }
+        return messages.map((message) => asRecord(message));
+    }
+    async awaitOpenClawProgrammaticCommandResponse(params) {
+        const deadlineMs = Date.now() + Math.max(0, params.timeoutMs);
+        while (Date.now() <= deadlineMs) {
+            const messages = await this.readOpenClawChatHistoryMessages(params.env, params.sessionKey);
+            const nextText = findNewProgrammaticAssistantText(messages, params.knownSignatures);
+            if (nextText) {
+                return nextText;
+            }
+            if (Date.now() >= deadlineMs) {
+                break;
+            }
+            await sleep(params.pollIntervalMs);
+        }
+        throw new Error(`OpenClaw command timed out waiting for programmatic response for session "${params.sessionKey}".`);
+    }
+    async createProviderAgentViaGateway(agentId, options) {
+        const payload = await this.callGatewayMethod(options.env, "config.get", {});
+        const configPayload = asRecord(payload);
+        const rawConfig = parseGatewayConfigPayload(configPayload);
+        if (!rawConfig) {
+            throw new Error("OpenClaw gateway config.get did not return valid JSON.");
+        }
+        const root = asRecord(rawConfig);
+        const agents = asRecord(root.agents);
+        const list = Array.isArray(agents.list) ? [...agents.list] : [];
+        const normalizedTarget = normalizeAgentId(agentId);
+        if (!normalizedTarget) {
+            throw new Error("Agent id cannot be empty.");
+        }
+        const index = list.findIndex((entry) => {
+            const id = normalizeAgentId(asRecord(entry).id);
+            return id === normalizedTarget;
+        });
+        const nextEntry = {
+            ...(index >= 0 ? asRecord(list[index]) : {}),
+            id: normalizedTarget,
+            name: options.displayName,
+            workspace: options.workspaceDir,
+            agentDir: options.internalConfigDir,
+            sandbox: {
+                mode: "off",
+            },
+            tools: {
+                allow: ["*"],
+            },
+        };
+        if (index >= 0) {
+            list[index] = nextEntry;
+        }
+        else {
+            list.push(nextEntry);
+        }
+        const nextRoot = {
+            ...root,
+            agents: {
+                ...agents,
+                list,
+            },
+        };
+        const applyParams = {
+            raw: `${JSON.stringify(nextRoot, null, 2)}\n`,
+        };
+        const hash = configPayload.hash;
+        if (typeof hash === "string" && hash.trim().length > 0) {
+            applyParams.baseHash = hash.trim();
+        }
+        await this.callGatewayMethod(options.env, "config.apply", applyParams);
+        return {
+            code: 0,
+            stdout: "created via OpenClaw gateway config.apply",
+            stderr: "",
+        };
+    }
+    async deleteProviderAgentViaGateway(agentId, env) {
+        const normalizedTarget = normalizeAgentId(agentId);
+        if (!normalizedTarget) {
+            throw new Error("Agent id cannot be empty.");
+        }
+        const payload = await this.callGatewayMethod(env, "config.get", {});
+        const configPayload = asRecord(payload);
+        const rawConfig = parseGatewayConfigPayload(configPayload);
+        if (!rawConfig) {
+            throw new Error("OpenClaw gateway config.get did not return valid JSON.");
+        }
+        const root = asRecord(rawConfig);
+        const agents = asRecord(root.agents);
+        const list = Array.isArray(agents.list) ? [...agents.list] : [];
+        const nextList = list.filter((entry) => {
+            const id = normalizeAgentId(asRecord(entry).id);
+            return id !== normalizedTarget;
+        });
+        if (nextList.length === list.length) {
+            return {
+                code: 0,
+                stdout: "agent already absent in OpenClaw config",
+                stderr: "",
+            };
+        }
+        const nextRoot = {
+            ...root,
+            agents: {
+                ...agents,
+                list: nextList,
+            },
+        };
+        const applyParams = {
+            raw: `${JSON.stringify(nextRoot, null, 2)}\n`,
+        };
+        const hash = configPayload.hash;
+        if (typeof hash === "string" && hash.trim().length > 0) {
+            applyParams.baseHash = hash.trim();
+        }
+        await this.callGatewayMethod(env, "config.apply", applyParams);
+        return {
+            code: 0,
+            stdout: "deleted via OpenClaw gateway config.apply",
+            stderr: "",
+        };
+    }
+    async callGatewayMethod(env, method, params, options = {}) {
+        return callOpenClawGatewayRpc({
+            env,
+            method,
+            params,
+            options,
+        });
     }
-    async resolveProviderEnv(paths, inputEnv) {
-        const config = await this.getProviderConfig(paths, OPENCLAW_PROVIDER_ID);
+    async getOpenClawConfigViaGateway(paths, inputEnv) {
+        const env = await this.resolveProviderEnv(paths, OPENCLAW_PROVIDER_ID, inputEnv);
+        const payload = await this.callGatewayMethod(env, "config.get", {});
+        const record = asRecord(payload);
+        const config = parseGatewayConfigPayload(record);
+        if (!config) {
+            throw new Error("OpenClaw gateway config.get did not return valid JSON.");
+        }
+        const hash = record.hash;
+        return {
+            config,
+            hash: typeof hash === "string" && hash.trim().length > 0
+                ? hash.trim()
+                : undefined,
+        };
+    }
+    async applyOpenClawConfigViaGateway(paths, config, baseHash, inputEnv) {
+        const env = await this.resolveProviderEnv(paths, OPENCLAW_PROVIDER_ID, inputEnv);
+        const params = {
+            raw: `${JSON.stringify(config, null, 2)}\n`,
+        };
+        if (typeof baseHash === "string" && baseHash.trim().length > 0) {
+            params.baseHash = baseHash.trim();
+        }
+        await this.callGatewayMethod(env, "config.apply", params);
+    }
+    getProviderConfigPath(paths, providerId) {
+        return this.pathPort.join(paths.providersDir, providerId, "config.json");
+    }
+    async resolveProviderEnv(paths, providerId, inputEnv) {
+        const config = await this.getProviderConfig(paths, providerId);
         return {
             ...(config?.env ?? {}),
             ...(inputEnv ?? process.env)
         };
     }
+    async resolveAgentProviderId(paths, agentId) {
+        if (agentId === "ceo") {
+            return OPENCLAW_PROVIDER_ID;
+        }
+        const configPath = this.pathPort.join(paths.agentsDir, agentId, AGENT_CONFIG_FILE_NAME);
+        const config = await this.readAgentConfig(configPath, agentId);
+        const runtime = asRecord(config.runtime);
+        const provider = asRecord(runtime.provider);
+        const explicitProviderId = readOptionalString(provider.id);
+        if (explicitProviderId) {
+            return this.assertProviderExists(explicitProviderId);
+        }
+        const legacyProviderId = readOptionalString(runtime.adapter);
+        if (legacyProviderId) {
+            return this.assertProviderExists(legacyProviderId);
+        }
+        return OPENCLAW_PROVIDER_ID;
+    }
+    async assertProviderExists(rawProviderId) {
+        const providerId = normalizeProviderId(rawProviderId);
+        const registry = await this.getProviderRegistry();
+        registry.create(providerId);
+        return providerId;
+    }
+    async readAgentConfig(configPath, agentId) {
+        const exists = await this.fileSystem.exists(configPath);
+        if (!exists) {
+            throw new AgentConfigNotFoundError(agentId);
+        }
+        const raw = await this.fileSystem.readFile(configPath);
+        let parsed;
+        try {
+            parsed = JSON.parse(raw);
+        }
+        catch {
+            throw new InvalidAgentConfigError(agentId, configPath);
+        }
+        if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
+            throw new InvalidAgentConfigError(agentId, configPath, "schema mismatch");
+        }
+        return parsed;
+    }
+    async resolveProviderSessionIdAlias(paths, providerId, agentId, providerSessionAlias) {
+        const alias = providerSessionAlias?.trim();
+        if (!alias) {
+            return undefined;
+        }
+        if (providerId === OPENCLAW_PROVIDER_ID) {
+            return alias;
+        }
+        const bindings = await this.readProviderSessionBindings(paths, providerId, agentId);
+        const mapped = bindings.bindings[alias]?.trim();
+        return mapped || undefined;
+    }
+    async persistProviderSessionIdAlias(paths, providerId, agentId, providerSessionAlias, providerSessionId) {
+        if (providerId === OPENCLAW_PROVIDER_ID) {
+            return;
+        }
+        const alias = providerSessionAlias?.trim();
+        const resolvedProviderSessionId = providerSessionId?.trim();
+        if (!alias || !resolvedProviderSessionId) {
+            return;
+        }
+        const bindings = await this.readProviderSessionBindings(paths, providerId, agentId);
+        if (bindings.bindings[alias] === resolvedProviderSessionId) {
+            return;
+        }
+        bindings.bindings[alias] = resolvedProviderSessionId;
+        bindings.updatedAt = this.nowIso();
+        await this.writeProviderSessionBindings(paths, providerId, agentId, bindings);
+    }
+    async readProviderSessionBindings(paths, providerId, agentId) {
+        const normalizedProviderId = normalizeProviderId(providerId);
+        const normalizedAgentId = normalizeAgentIdentity(agentId);
+        const bindingsPath = this.getProviderSessionBindingsPath(paths, normalizedProviderId, normalizedAgentId);
+        const exists = await this.fileSystem.exists(bindingsPath);
+        if (!exists) {
+            return createProviderSessionBindingsShape({
+                providerId: normalizedProviderId,
+                agentId: normalizedAgentId,
+                updatedAt: this.nowIso(),
+            });
+        }
+        let parsed;
+        try {
+            parsed = JSON.parse(await this.fileSystem.readFile(bindingsPath));
+        }
+        catch {
+            return createProviderSessionBindingsShape({
+                providerId: normalizedProviderId,
+                agentId: normalizedAgentId,
+                updatedAt: this.nowIso(),
+            });
+        }
+        if (!isProviderSessionBindingsShape(parsed, normalizedProviderId, normalizedAgentId)) {
+            return createProviderSessionBindingsShape({
+                providerId: normalizedProviderId,
+                agentId: normalizedAgentId,
+                updatedAt: this.nowIso(),
+            });
+        }
+        return parsed;
+    }
+    async writeProviderSessionBindings(paths, providerId, agentId, bindings) {
+        const bindingsDir = this.pathPort.join(paths.providersDir, providerId, "sessions");
+        const bindingsPath = this.getProviderSessionBindingsPath(paths, providerId, agentId);
+        await this.fileSystem.ensureDir(bindingsDir);
+        await this.fileSystem.writeFile(bindingsPath, `${JSON.stringify(bindings, null, 2)}\n`);
+    }
+    async invokeOpenClawProviderWithRecovery(paths, provider, invokeOptions) {
+        let attempt = 0;
+        while (attempt < OPENCLAW_RETRYABLE_FAILURE_MAX_ATTEMPTS) {
+            attempt += 1;
+            let result;
+            try {
+                result = await provider.invoke(invokeOptions);
+                result = await this.retryGatewayInvocationOnUvCwdFailure(paths, provider, invokeOptions, result);
+            }
+            catch (error) {
+                if (!isGatewayRetryableLockFailureError(error) || attempt >= OPENCLAW_RETRYABLE_FAILURE_MAX_ATTEMPTS) {
+                    throw error;
+                }
+                const delayMs = resolveOpenClawRetryDelayMs(attempt);
+                this.logger.warn("OpenClaw invocation failed in locked/in-flight state; retrying.", {
+                    attempt,
+                    maxAttempts: OPENCLAW_RETRYABLE_FAILURE_MAX_ATTEMPTS,
+                    delayMs,
+                    error: summarizeRetryFailureOutput(error instanceof Error ? error.message : String(error))
+                });
+                await sleep(delayMs);
+                continue;
+            }
+            if (!isGatewayRetryableLockFailureResult(result) || attempt >= OPENCLAW_RETRYABLE_FAILURE_MAX_ATTEMPTS) {
+                return result;
+            }
+            const delayMs = resolveOpenClawRetryDelayMs(attempt);
+            this.logger.warn("OpenClaw invocation returned locked/in-flight result; retrying.", {
+                attempt,
+                maxAttempts: OPENCLAW_RETRYABLE_FAILURE_MAX_ATTEMPTS,
+                delayMs,
+                code: result.code,
+                stderr: summarizeRetryFailureOutput(result.stderr),
+                stdout: summarizeRetryFailureOutput(result.stdout)
+            });
+            await sleep(delayMs);
+        }
+        return provider.invoke(invokeOptions);
+    }
+    getProviderSessionBindingsPath(paths, providerId, agentId) {
+        return this.pathPort.join(paths.providersDir, providerId, "sessions", `${agentId}.json`);
+    }
     async retryGatewayInvocationOnUvCwdFailure(paths, provider, invokeOptions, result) {
         if (!isGatewayUvCwdFailure(result)) {
             return result;
@@ -347,6 +938,47 @@ function isGatewayUvCwdFailure(result) {
     const details = `${result.stderr}\n${result.stdout}`.toLowerCase();
     return details.includes("process.cwd failed") && details.includes("uv_cwd");
 }
+function isGatewayRetryableLockFailureResult(result) {
+    if (result.code === 0) {
+        return false;
+    }
+    return isGatewayRetryableLockFailureText(`${result.stderr}\n${result.stdout}`);
+}
+function isGatewayRetryableLockFailureError(error) {
+    if (!(error instanceof Error)) {
+        return false;
+    }
+    return isGatewayRetryableLockFailureText(error.message);
+}
+function isGatewayRetryableLockFailureText(value) {
+    const details = value.trim().toLowerCase();
+    if (!details) {
+        return false;
+    }
+    return (details.includes("session file locked") ||
+        details.includes("timeout waiting for session store lock") ||
+        details.includes("in_flight") ||
+        details.includes("already in flight") ||
+        details.includes("run is already active"));
+}
+function resolveOpenClawRetryDelayMs(attempt) {
+    const exponent = Math.max(0, attempt - 1);
+    const next = OPENCLAW_RETRY_BACKOFF_BASE_MS * (2 ** exponent);
+    return Math.min(OPENCLAW_RETRY_BACKOFF_MAX_MS, next);
+}
+function summarizeRetryFailureOutput(value) {
+    const trimmed = value.trim();
+    if (!trimmed) {
+        return undefined;
+    }
+    if (trimmed.length <= 240) {
+        return trimmed;
+    }
+    return `${trimmed.slice(0, 237)}...`;
+}
+async function sleep(durationMs) {
+    await new Promise((resolve) => setTimeout(resolve, Math.max(0, durationMs)));
+}
 function extractOpenClawGlobalArgs(raw) {
     const parts = (raw ?? "")
         .split(/\s+/)
@@ -369,9 +1001,252 @@ function extractOpenClawGlobalArgs(raw) {
     }
     return result;
 }
-function assertOpenClawProviderId(providerId) {
-    if (providerId.trim().toLowerCase() !== OPENCLAW_PROVIDER_ID) {
-        throw new Error(`Only \"${OPENCLAW_PROVIDER_ID}\" is supported in this OpenGoat version.`);
+function buildGatewayAgentParams(options) {
+    const idempotencyKey = options.idempotencyKey?.trim() || `opengoat-${Date.now()}-${Math.random()}`;
+    const params = {
+        message: options.message,
+        agentId: options.agentId,
+        idempotencyKey,
+    };
+    if (options.model?.trim()) {
+        params.model = options.model.trim();
+    }
+    if (options.providerSessionId?.trim()) {
+        params.sessionId = options.providerSessionId.trim();
+        params.sessionKey = buildOpenClawSessionKey(options.agentId, options.providerSessionId.trim());
+    }
+    return params;
+}
+function buildOpenClawSessionKey(agentId, providerSessionId) {
+    if (providerSessionId.includes(":")) {
+        return providerSessionId.toLowerCase();
+    }
+    return `agent:${normalizeSessionSegment(agentId) || "main"}:${normalizeSessionSegment(providerSessionId) || "main"}`;
+}
+function normalizeSessionSegment(value) {
+    return value
+        .trim()
+        .toLowerCase()
+        .replace(/[^a-z0-9:-]+/g, "-")
+        .replace(/^-+|-+$/g, "");
+}
+function isOpenClawCommandMessage(message) {
+    return message.trim().startsWith("/");
+}
+function normalizeGatewayAgentPayload(payload) {
+    const record = asRecord(payload);
+    const payloads = Array.isArray(record.payloads) ? record.payloads : [];
+    const chunks = [];
+    for (const payloadEntry of payloads) {
+        const entry = asRecord(payloadEntry);
+        const text = entry.text;
+        if (typeof text === "string" && text.trim().length > 0) {
+            chunks.push(text.trim());
+        }
+    }
+    const sessionId = asRecord(asRecord(record.meta).agentMeta).sessionId;
+    return {
+        stdout: chunks.join("\n\n").trim(),
+        providerSessionId: typeof sessionId === "string" && sessionId.trim().length > 0
+            ? sessionId.trim()
+            : undefined,
+    };
+}
+function buildGatewayChatMessageSignature(message) {
+    const role = readOptionalString(message.role);
+    const timestamp = typeof message.timestamp === "number" ? String(message.timestamp) : "";
+    const text = extractGatewayChatText(message);
+    if (!role || !timestamp || !text) {
+        return undefined;
+    }
+    return `${role}|${timestamp}|${text}`;
+}
+function findNewProgrammaticAssistantText(messages, knownSignatures) {
+    for (let index = messages.length - 1; index >= 0; index -= 1) {
+        const message = messages[index];
+        if (!message || !isProgrammaticGatewayAssistantMessage(message)) {
+            continue;
+        }
+        const signature = buildGatewayChatMessageSignature(message);
+        if (!signature || knownSignatures.has(signature)) {
+            continue;
+        }
+        const text = extractGatewayChatText(message);
+        if (!text) {
+            continue;
+        }
+        knownSignatures.add(signature);
+        return text;
+    }
+    return undefined;
+}
+function isProgrammaticGatewayAssistantMessage(message) {
+    if (readOptionalString(message.role) !== "assistant") {
+        return false;
+    }
+    const provider = readOptionalString(message.provider);
+    const model = readOptionalString(message.model);
+    if (provider === "openclaw" && model === "gateway-injected") {
+        return true;
+    }
+    const usage = asRecord(message.usage);
+    const totalTokens = usage.totalTokens;
+    return typeof totalTokens === "number" && totalTokens === 0;
+}
+function extractGatewayChatText(message) {
+    const content = message.content;
+    if (!Array.isArray(content)) {
+        return "";
+    }
+    const lines = [];
+    for (const chunk of content) {
+        const record = asRecord(chunk);
+        if (readOptionalString(record.type) !== "text") {
+            continue;
+        }
+        const text = readOptionalString(record.text);
+        if (text) {
+            lines.push(text);
+        }
+    }
+    return lines.join("\n\n").trim();
+}
+function parseGatewayConfigPayload(payload) {
+    const record = asRecord(payload);
+    const raw = record.raw;
+    if (typeof raw !== "string" || raw.trim().length === 0) {
+        return undefined;
+    }
+    const parsed = parseLooseJson(raw);
+    if (!parsed) {
+        return undefined;
+    }
+    return parsed;
+}
+function readGatewayAgentsList(config) {
+    const agents = asRecord(config.agents);
+    const list = Array.isArray(agents.list) ? agents.list : [];
+    const entries = [];
+    for (const entry of list) {
+        const record = asRecord(entry);
+        const id = normalizeAgentId(String(record.id ?? ""));
+        if (!id) {
+            continue;
+        }
+        entries.push({
+            id,
+            name: typeof record.name === "string" && record.name.trim().length > 0
+                ? record.name.trim()
+                : undefined,
+            workspace: typeof record.workspace === "string" ? record.workspace : "",
+            agentDir: typeof record.agentDir === "string" ? record.agentDir : "",
+        });
+    }
+    return entries;
+}
+function readAgentSandboxMode(entry) {
+    const sandbox = asRecord(entry.sandbox);
+    const mode = sandbox.mode;
+    if (typeof mode !== "string") {
+        return undefined;
+    }
+    const normalized = mode.trim();
+    return normalized.length > 0 ? normalized : undefined;
+}
+function hasAgentToolsAllowAll(entry) {
+    const tools = asRecord(entry.tools);
+    const allow = tools.allow;
+    if (!Array.isArray(allow)) {
+        return false;
+    }
+    return allow.some((value) => typeof value === "string" && value.trim() === "*");
+}
+function parseLooseJson(raw) {
+    const trimmed = raw.trim();
+    if (!trimmed) {
+        return undefined;
+    }
+    try {
+        const parsed = JSON.parse(trimmed);
+        return asRecord(parsed);
     }
+    catch {
+        // continue
+    }
+    const starts = [
+        trimmed.indexOf("{"),
+        trimmed.lastIndexOf("{"),
+        trimmed.indexOf("["),
+        trimmed.lastIndexOf("["),
+    ].filter((value, index, arr) => value >= 0 && arr.indexOf(value) === index);
+    for (const start of starts) {
+        const candidate = trimmed.slice(start).trim();
+        if (!candidate) {
+            continue;
+        }
+        try {
+            const parsed = JSON.parse(candidate);
+            return asRecord(parsed);
+        }
+        catch {
+            // keep trying
+        }
+    }
+    return undefined;
+}
+function asRecord(value) {
+    if (!value || typeof value !== "object" || Array.isArray(value)) {
+        return {};
+    }
+    return value;
+}
+function normalizeProviderId(providerId) {
+    const normalized = providerId.trim().toLowerCase();
+    if (!normalized) {
+        throw new Error("Provider id cannot be empty.");
+    }
+    return normalized;
+}
+function normalizeAgentIdentity(agentId) {
+    const normalized = normalizeAgentId(agentId);
+    if (!normalized) {
+        throw new Error("Agent id cannot be empty.");
+    }
+    return normalized;
+}
+function readOptionalString(value) {
+    if (typeof value !== "string") {
+        return undefined;
+    }
+    const normalized = value.trim();
+    return normalized.length > 0 ? normalized : undefined;
+}
+function isProviderSessionBindingsShape(value, providerId, agentId) {
+    if (!value || typeof value !== "object" || Array.isArray(value)) {
+        return false;
+    }
+    const record = value;
+    if (record.schemaVersion !== PROVIDER_SESSION_BINDINGS_SCHEMA_VERSION) {
+        return false;
+    }
+    if (record.providerId !== providerId || record.agentId !== agentId) {
+        return false;
+    }
+    if (typeof record.updatedAt !== "string" || !record.updatedAt.trim()) {
+        return false;
+    }
+    if (!record.bindings || typeof record.bindings !== "object" || Array.isArray(record.bindings)) {
+        return false;
+    }
+    return true;
+}
+function createProviderSessionBindingsShape(params) {
+    return {
+        schemaVersion: PROVIDER_SESSION_BINDINGS_SCHEMA_VERSION,
+        providerId: params.providerId,
+        agentId: params.agentId,
+        updatedAt: params.updatedAt,
+        bindings: {},
+    };
 }
 //# sourceMappingURL=provider.service.js.map