@ouro.bot/cli 0.1.0-alpha.364 → 0.1.0-alpha.365

package/dist/repertoire/credential-access.js

@@ -1,13 +1,13 @@
 "use strict";
 /**
- * Credential access layer — store-agnostic credential management.
+ * Credential access layer.
  *
- * Two backends, one interface:
- *   - BuiltInCredentialStore: AES-256-GCM encrypted files, zero npm deps
- *   - AacCredentialStore: delegates to the `aac` CLI (Bitwarden Agent Access)
+ * Bitwarden/Vaultwarden is the sole runtime credential store. The only local
+ * secret is the vault unlock material held by an explicit local unlock store.
  *
- * Raw secrets are NEVER returned to callers except via getRawSecret(),
- * which is reserved for internal use by the credential gateway (apiRequest).
+ * Each agent owns one credential vault. getCredentialStore() returns that
+ * agent's vault directly; item names are not shared or namespaced across
+ * agents.
  */
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
@@ -43,485 +43,65 @@ var __importStar = (this && this.__importStar) || (function () {
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AacCredentialStore = exports.BuiltInCredentialStore = void 0;
-exports.domainToSlug = domainToSlug;
-exports.ensureVaultDefaults = ensureVaultDefaults;
 exports.getCredentialStore = getCredentialStore;
 exports.resetCredentialStore = resetCredentialStore;
 const crypto = __importStar(require("node:crypto"));
 const fs = __importStar(require("node:fs"));
-const path = __importStar(require("node:path"));
 const os = __importStar(require("node:os"));
-const node_child_process_1 = require("node:child_process");
+const path = __importStar(require("node:path"));
 const runtime_1 = require("../nerves/runtime");
 const identity = __importStar(require("../heart/identity"));
-// ---------------------------------------------------------------------------
-// Helpers
-// ---------------------------------------------------------------------------
-/** Convert a domain string to a filesystem-safe slug. */
-function domainToSlug(domain) {
-    return domain
-        .toLowerCase()
-        .replace(/[^a-z0-9]+/g, "-")
-        .replace(/^-+|-+$/g, "");
-}
-class BuiltInCredentialStore {
-    vaultDir;
-    keyPath;
-    masterKey = null;
-    constructor(agentName, vaultDir, keyDir) {
-        const homeBase = process.env.WEBSITE_SITE_NAME ? "/home" : os.homedir();
-        this.vaultDir = vaultDir ?? path.join(homeBase, "AgentBundles", `${agentName}.ouro`, "vault");
-        const effectiveKeyDir = keyDir ?? path.join(homeBase, ".agentsecrets", agentName);
-        this.keyPath = path.join(effectiveKeyDir, "vault.key");
-    }
-    isReady() {
-        return true;
-    }
-    async get(domain) {
-        (0, runtime_1.emitNervesEvent)({
-            event: "repertoire.credential_get_start",
-            component: "repertoire",
-            message: `getting credential for ${domain}`,
-            meta: { domain },
-        });
-        const stored = this.readEncrypted(domain);
-        if (!stored) {
-            (0, runtime_1.emitNervesEvent)({
-                event: "repertoire.credential_get_end",
-                component: "repertoire",
-                message: `no credential found for ${domain}`,
-                meta: { domain, found: false },
-            });
-            return null;
-        }
-        (0, runtime_1.emitNervesEvent)({
-            event: "repertoire.credential_get_end",
-            component: "repertoire",
-            message: `credential found for ${domain}`,
-            meta: { domain, found: true },
-        });
-        return {
-            domain: stored.domain,
-            username: stored.username,
-            notes: stored.notes,
-            createdAt: stored.createdAt,
-        };
-    }
-    async getRawSecret(domain, field) {
-        const stored = this.readEncrypted(domain);
-        if (!stored) {
-            (0, runtime_1.emitNervesEvent)({
-                level: "error",
-                event: "repertoire.credential_get_error",
-                component: "repertoire",
-                message: `no credential found for domain "${domain}"`,
-                meta: { domain, field, reason: `no credential found for domain "${domain}"` },
-            });
-            throw new Error(`no credential found for domain "${domain}"`);
-        }
-        const value = stored[field];
-        if (value === undefined || value === null) {
-            (0, runtime_1.emitNervesEvent)({
-                level: "error",
-                event: "repertoire.credential_get_error",
-                component: "repertoire",
-                message: `field "${field}" not found for domain "${domain}"`,
-                meta: { domain, field, reason: `field "${field}" not found for domain "${domain}"` },
-            });
-            throw new Error(`field "${field}" not found for domain "${domain}"`);
-        }
-        return String(value);
-    }
-    async store(domain, data) {
-        (0, runtime_1.emitNervesEvent)({
-            event: "repertoire.credential_store_start",
-            component: "repertoire",
-            message: `storing credential for ${domain}`,
-            meta: { domain },
-        });
-        this.ensureDirs();
-        const key = this.getOrCreateKey();
-        const credential = {
-            domain,
-            username: data.username,
-            password: data.password,
-            notes: data.notes,
-            createdAt: new Date().toISOString(),
-        };
-        const plaintext = JSON.stringify(credential);
-        const iv = crypto.randomBytes(12);
-        const cipher = crypto.createCipheriv("aes-256-gcm", key, iv);
-        const encrypted = Buffer.concat([cipher.update(plaintext, "utf-8"), cipher.final()]);
-        const tag = cipher.getAuthTag();
-        const payload = {
-            iv: iv.toString("hex"),
-            tag: tag.toString("hex"),
-            data: encrypted.toString("hex"),
-        };
-        const slug = domainToSlug(domain);
-        const encPath = path.join(this.vaultDir, `${slug}.enc`);
-        fs.writeFileSync(encPath, JSON.stringify(payload), "utf-8");
-        (0, runtime_1.emitNervesEvent)({
-            event: "repertoire.credential_store_end",
-            component: "repertoire",
-            message: `credential stored for ${domain}`,
-            meta: { domain },
-        });
-    }
-    async list() {
-        (0, runtime_1.emitNervesEvent)({
-            event: "repertoire.credential_list_start",
-            component: "repertoire",
-            message: "listing credentials",
-            meta: {},
-        });
-        if (!fs.existsSync(this.vaultDir)) {
-            (0, runtime_1.emitNervesEvent)({
-                event: "repertoire.credential_list_end",
-                component: "repertoire",
-                message: "credential list complete (no vault dir)",
-                meta: { count: 0 },
-            });
-            return [];
-        }
-        const files = fs.readdirSync(this.vaultDir).filter((f) => f.endsWith(".enc"));
-        const results = [];
-        for (const file of files) {
-            const slug = file.replace(/\.enc$/, "");
-            let stored = null;
-            try {
-                stored = this.readEncryptedBySlug(slug);
-            }
-            catch {
-                // Skip corrupt/unreadable files
-            }
-            if (stored) {
-                results.push({
-                    domain: stored.domain,
-                    username: stored.username,
-                    notes: stored.notes,
-                    createdAt: stored.createdAt,
-                });
-            }
-        }
-        (0, runtime_1.emitNervesEvent)({
-            event: "repertoire.credential_list_end",
-            component: "repertoire",
-            message: "credential list complete",
-            meta: { count: results.length },
-        });
-        return results;
-    }
-    async delete(domain) {
-        (0, runtime_1.emitNervesEvent)({
-            event: "repertoire.credential_delete_start",
-            component: "repertoire",
-            message: `deleting credential for ${domain}`,
-            meta: { domain },
-        });
-        const slug = domainToSlug(domain);
-        const encPath = path.join(this.vaultDir, `${slug}.enc`);
-        if (!fs.existsSync(encPath)) {
-            (0, runtime_1.emitNervesEvent)({
-                event: "repertoire.credential_delete_end",
-                component: "repertoire",
-                message: `no credential to delete for ${domain}`,
-                meta: { domain, deleted: false },
-            });
-            return false;
-        }
-        fs.unlinkSync(encPath);
-        (0, runtime_1.emitNervesEvent)({
-            event: "repertoire.credential_delete_end",
-            component: "repertoire",
-            message: `credential deleted for ${domain}`,
-            meta: { domain, deleted: true },
-        });
-        return true;
-    }
-    // --- Private ---
-    ensureDirs() {
-        if (!fs.existsSync(this.vaultDir)) {
-            fs.mkdirSync(this.vaultDir, { recursive: true });
-        }
-        const keyDir = path.dirname(this.keyPath);
-        if (!fs.existsSync(keyDir)) {
-            fs.mkdirSync(keyDir, { recursive: true, mode: 0o700 });
-        }
-    }
-    getOrCreateKey() {
-        if (this.masterKey)
-            return this.masterKey;
-        if (fs.existsSync(this.keyPath)) {
-            this.masterKey = fs.readFileSync(this.keyPath);
-            return this.masterKey;
-        }
-        // Generate new 256-bit key
-        const key = crypto.randomBytes(32);
-        fs.writeFileSync(this.keyPath, key, { mode: 0o600 });
-        this.masterKey = key;
-        return key;
-    }
-    readEncrypted(domain) {
-        return this.readEncryptedBySlug(domainToSlug(domain));
-    }
-    readEncryptedBySlug(slug) {
-        const encPath = path.join(this.vaultDir, `${slug}.enc`);
-        if (!fs.existsSync(encPath))
-            return null;
-        const key = this.getOrCreateKey();
-        const raw = fs.readFileSync(encPath, "utf-8");
-        const payload = JSON.parse(raw);
-        const iv = Buffer.from(payload.iv, "hex");
-        const tag = Buffer.from(payload.tag, "hex");
-        const encrypted = Buffer.from(payload.data, "hex");
-        const decipher = crypto.createDecipheriv("aes-256-gcm", key, iv);
-        decipher.setAuthTag(tag);
-        const decrypted = Buffer.concat([decipher.update(encrypted), decipher.final()]);
-        return JSON.parse(decrypted.toString("utf-8"));
-    }
-}
-exports.BuiltInCredentialStore = BuiltInCredentialStore;
-// ---------------------------------------------------------------------------
-// AacCredentialStore — delegates to `aac` CLI
-// ---------------------------------------------------------------------------
-function execAac(args) {
-    return new Promise((resolve, reject) => {
-        (0, node_child_process_1.execFile)("aac", args, { timeout: 10_000 }, (err, stdout) => {
-            if (err) {
-                reject(new Error(`aac CLI error: ${err.message}`));
-                return;
-            }
-            resolve(stdout);
-        });
-    });
-}
-class AacCredentialStore {
-    aacAvailable = null;
-    isReady() {
-        // Synchronous check — returns last-known state or false if unchecked
-        return this.aacAvailable === true;
-    }
-    async checkReady() {
-        try {
-            const stdout = await execAac(["connections", "list"]);
-            const parsed = JSON.parse(stdout);
-            this.aacAvailable = Array.isArray(parsed) && parsed.length > 0;
-        }
-        catch {
-            this.aacAvailable = false;
-        }
-        return this.aacAvailable;
-    }
-    async get(domain) {
-        (0, runtime_1.emitNervesEvent)({
-            event: "repertoire.credential_get_start",
-            component: "repertoire",
-            message: `getting credential via aac for ${domain}`,
-            meta: { domain, backend: "aac" },
-        });
-        try {
-            const stdout = await execAac(["--domain", domain, "--output", "json"]);
-            const parsed = JSON.parse(stdout);
-            if (!parsed.success) {
-                (0, runtime_1.emitNervesEvent)({
-                    event: "repertoire.credential_get_end",
-                    component: "repertoire",
-                    message: `no aac credential for ${domain}`,
-                    meta: { domain, found: false, backend: "aac" },
-                });
-                return null;
-            }
-            const cred = parsed.credential;
-            (0, runtime_1.emitNervesEvent)({
-                event: "repertoire.credential_get_end",
-                component: "repertoire",
-                message: `aac credential found for ${domain}`,
-                meta: { domain, found: true, backend: "aac" },
-            });
-            return {
-                domain,
-                username: cred.username,
-                notes: cred.notes,
-                createdAt: cred.createdAt ?? new Date().toISOString(),
-            };
-        }
-        catch {
-            (0, runtime_1.emitNervesEvent)({
-                event: "repertoire.credential_get_end",
-                component: "repertoire",
-                message: `aac credential lookup failed for ${domain}`,
-                meta: { domain, found: false, backend: "aac" },
-            });
-            return null;
-        }
-    }
-    async getRawSecret(domain, field) {
-        const stdout = await execAac(["--domain", domain, "--output", "json"]);
-        const parsed = JSON.parse(stdout);
-        if (!parsed.success) {
-            throw new Error(`aac lookup failed for domain "${domain}": ${parsed.error ?? "unknown error"}`);
-        }
-        const value = parsed.credential[field];
-        if (value === undefined || value === null) {
-            throw new Error(`field "${field}" not found for domain "${domain}"`);
-        }
-        return String(value);
-    }
-    async store(_domain, _data) {
-        throw new Error("store() is not supported in aac mode — aac is read-from-vault only. " +
-            "Use BuiltInCredentialStore for agent-owned credentials, or manage vault items " +
-            "directly in Bitwarden.");
-    }
-    async list() {
-        (0, runtime_1.emitNervesEvent)({
-            event: "repertoire.credential_list_start",
-            component: "repertoire",
-            message: "listing aac connections",
-            meta: { backend: "aac" },
-        });
-        try {
-            const stdout = await execAac(["connections", "list"]);
-            const parsed = JSON.parse(stdout);
-            const results = (Array.isArray(parsed) ? parsed : []).map((item) => ({
-                domain: String(item.domain ?? ""),
-                username: item.username ? String(item.username) : undefined,
-                notes: item.notes ? String(item.notes) : undefined,
-                createdAt: item.createdAt ? String(item.createdAt) : new Date().toISOString(),
-            }));
-            (0, runtime_1.emitNervesEvent)({
-                event: "repertoire.credential_list_end",
-                component: "repertoire",
-                message: "aac connections listed",
-                meta: { backend: "aac", count: results.length },
-            });
-            return results;
-        }
-        catch {
-            (0, runtime_1.emitNervesEvent)({
-                event: "repertoire.credential_list_end",
-                component: "repertoire",
-                message: "aac connections list failed",
-                meta: { backend: "aac", count: 0 },
-            });
-            return [];
-        }
-    }
-    async delete(_domain) {
-        throw new Error("delete() is not supported in aac mode — manage vault items directly in Bitwarden.");
-    }
-}
-exports.AacCredentialStore = AacCredentialStore;
-// ---------------------------------------------------------------------------
-// Singleton + auto-detection
-// ---------------------------------------------------------------------------
-let _store = null;
-/**
- * Auto-add vault defaults to agent.json when no vault section exists.
- * Returns the vault config (either existing or freshly written defaults).
- */
-function ensureVaultDefaults(agentName, agentRoot, existingVault) {
-    if (existingVault) {
-        return existingVault;
-    }
-    const configPath = path.join(agentRoot, "agent.json");
-    let raw;
+const bitwarden_store_1 = require("./bitwarden-store");
+const vault_unlock_1 = require("./vault-unlock");
+let stores = new Map();
+function loadVaultSectionForAgent(agentName) {
+    const configPath = path.join(identity.getAgentRoot(agentName), "agent.json");
     try {
-        raw = JSON.parse(fs.readFileSync(configPath, "utf-8"));
+        const parsed = JSON.parse(fs.readFileSync(configPath, "utf-8"));
+        return parsed.vault;
     }
     catch {
-        // agent.json unreadable — cannot auto-configure
         return undefined;
     }
-    const defaults = {
-        email: `${agentName}@ouro.bot`,
-        serverUrl: "https://vault.ouro.bot",
-    };
-    raw.vault = defaults;
-    fs.writeFileSync(configPath, JSON.stringify(raw, null, 2) + "\n", "utf-8");
-    (0, runtime_1.emitNervesEvent)({
-        event: "repertoire.vault_defaults_auto_configured",
-        component: "repertoire",
-        message: "auto-configured vault defaults in agent.json",
-        meta: { agentName, email: defaults.email, serverUrl: defaults.serverUrl },
-    });
-    return defaults;
 }
-/**
- * Get the credential store singleton.
- *
- * Priority:
- *   1. BitwardenCredentialStore — if vault config exists in agent.json + secrets.json
- *   2. BuiltInCredentialStore — fallback for agents without a vault (local-only, encrypted files)
- *
- * Future auth providers (1Password, etc.) would be added here as additional backends.
- */
-function getCredentialStore() {
-    if (_store)
-        return _store;
-    // Resolve identity up front. The previous implementation wrapped this call
-    // in a try/catch that silently fell back to `agentName = "default"`, which
-    // meant any test that hit getCredentialStore() without mocking identity
-    // silently constructed a BuiltInCredentialStore("default") routing writes
-    // to `~/AgentBundles/default.ouro/vault/` and `~/.agentsecrets/default/`.
-    // Same silent-leak class we just fixed in coding/manager.ts. No fallback:
-    // getAgentName() throws loudly if argv lacks --agent, which is correct for
-    // the only caller (production agents with a real identity). Uses the
-    // static ESM import above instead of `require("../heart/identity")` so
-    // `vi.mock("../heart/identity", ...)` in tests actually intercepts the
-    // call — require() bypasses vitest's module registry.
-    const agentName = identity.getAgentName();
-    const agentRoot = identity.getAgentRoot(agentName);
-    // Try to load vault config from agent.json + secrets.json. Only this block
-    // is defended with try/catch — bitwarden wiring can legitimately fail
-    // (missing vault config, no bw CLI, unreachable server) and the fallback
-    // to BuiltInCredentialStore is the intended behavior.
-    let backend = "built-in";
-    try {
-        const config = identity.loadAgentConfig?.();
-        // Auto-configure vault defaults if missing
-        const vaultSection = ensureVaultDefaults(agentName, agentRoot, config?.vault);
-        const vaultConfig = identity.resolveVaultConfig?.(agentName, vaultSection);
-        const secretsPath = identity.getAgentSecretsPath?.(agentName);
-        let vaultSecrets;
-        /* v8 ignore start -- requires real agent secrets.json + vault config + bw CLI @preserve */
-        if (secretsPath) {
-            try {
-                const fsSync = require("fs");
-                const secrets = JSON.parse(fsSync.readFileSync(secretsPath, "utf-8"));
-                vaultSecrets = secrets.vault;
-            }
-            catch {
-                // No secrets file or no vault section — fall through to built-in
-            }
-        }
-        const serverUrl = vaultConfig?.serverUrl;
-        const email = vaultConfig?.email;
-        const masterPassword = vaultSecrets?.masterPassword;
-        if (serverUrl && email && masterPassword) {
-            const { BitwardenCredentialStore } = require("./bitwarden-store");
-            _store = new BitwardenCredentialStore(serverUrl, email, masterPassword);
-            backend = "bitwarden";
-        }
-        /* v8 ignore stop */
-    }
-    catch {
-        // Bitwarden wiring failed — fall through to built-in store below.
-    }
-    /* v8 ignore next -- false branch only reachable when BitwardenCredentialStore was created above @preserve */
-    if (!_store) {
-        _store = new BuiltInCredentialStore(agentName);
-    }
+function bitwardenAppDataDir(agentName, vaultConfig) {
+    const digest = crypto
+        .createHash("sha256")
+        .update(`${agentName}:${vaultConfig.serverUrl}:${vaultConfig.email}`)
+        .digest("hex")
+        .slice(0, 24);
+    return path.join(os.homedir(), ".ouro-cli", "bitwarden", digest);
+}
+function getCredentialStore(agentNameInput) {
+    const agentName = agentNameInput ?? identity.getAgentName();
+    if (agentName === "SerpentGuide") {
+        throw new Error("SerpentGuide does not have a persistent credential vault; hatch bootstrap uses provider credentials in memory only.");
+    }
+    const vaultConfig = identity.resolveVaultConfig(agentName, loadVaultSectionForAgent(agentName));
+    const cacheKey = `${agentName}:${vaultConfig.serverUrl}:${vaultConfig.email}`;
+    const cached = stores.get(cacheKey);
+    if (cached)
+        return cached;
+    const unlock = (0, vault_unlock_1.readVaultUnlockSecret)({
+        agentName,
+        email: vaultConfig.email,
+        serverUrl: vaultConfig.serverUrl,
+    });
+    const store = new bitwarden_store_1.BitwardenCredentialStore(vaultConfig.serverUrl, vaultConfig.email, unlock.secret, { appDataDir: bitwardenAppDataDir(agentName, vaultConfig) });
+    stores.set(cacheKey, store);
     (0, runtime_1.emitNervesEvent)({
         event: "repertoire.credential_store_init",
         component: "repertoire",
         message: "credential store initialized",
-        meta: { backend, agentName },
+        meta: {
+            backend: "bitwarden",
+            agentName,
+            serverUrl: vaultConfig.serverUrl,
+            email: vaultConfig.email,
+        },
     });
-    return _store;
+    return store;
 }
-/** Reset the singleton — for tests only. */
 function resetCredentialStore() {
-    _store = null;
+    stores = new Map();
 }

package/dist/repertoire/tools-attachments.js

@@ -35,8 +35,8 @@ var __importStar = (this && this.__importStar) || (function () {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.attachmentToolDefinitions = void 0;
 const fs = __importStar(require("node:fs/promises"));
-const config_1 = require("../heart/config");
 const identity_1 = require("../heart/identity");
+const provider_credentials_1 = require("../heart/provider-credentials");
 const minimax_1 = require("../heart/providers/minimax");
 const minimax_vlm_1 = require("../heart/providers/minimax-vlm");
 const store_1 = require("../heart/attachments/store");
@@ -275,7 +275,8 @@ exports.attachmentToolDefinitions = [
             try {
                 const materialized = await (0, materialize_1.materializeAttachment)(agentName, attachmentId, { variant: "vision_safe" });
                 const imageDataUrl = await buildImageDataUrl(materialized.path, materialized.mimeType);
-                const { apiKey } = (0, config_1.getMinimaxConfig)();
+                const credential = await (0, provider_credentials_1.readProviderCredentialRecord)(agentName, "minimax");
+                const apiKey = credential.ok ? credential.record.credentials.apiKey : undefined;
                 if (!apiKey) {
                     return (0, tool_results_1.frictionToolResult)("describe_image", {
                         kind: "external_blocker",
@@ -285,13 +286,13 @@ exports.attachmentToolDefinitions = [
                         suggested_next_actions: [
                             {
                                 kind: "message",
-                                message: "Repair the minimax credentials for this agent, then retry describe_image.",
+                                message: "Run `ouro auth --agent <agent> --provider minimax`, then retry describe_image.",
                             },
                         ],
                     });
                 }
                 const description = await (0, minimax_vlm_1.minimaxVlmDescribe)({
-                    apiKey,
+                    apiKey: String(apiKey),
                     prompt,
                     imageDataUrl,
                     baseURL: minimax_1.MINIMAX_PROVIDER_BASE_URL,