@shuyhere/takotako 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CONTRIBUTING.md +84 -0
- package/LICENSE +21 -0
- package/README.md +171 -0
- package/dist/agents/communication.d.ts +48 -0
- package/dist/agents/communication.d.ts.map +1 -0
- package/dist/agents/communication.js +123 -0
- package/dist/agents/communication.js.map +1 -0
- package/dist/agents/config.d.ts +52 -0
- package/dist/agents/config.d.ts.map +1 -0
- package/dist/agents/config.js +65 -0
- package/dist/agents/config.js.map +1 -0
- package/dist/agents/model-catalog.d.ts +49 -0
- package/dist/agents/model-catalog.d.ts.map +1 -0
- package/dist/agents/model-catalog.js +79 -0
- package/dist/agents/model-catalog.js.map +1 -0
- package/dist/agents/registry.d.ts +71 -0
- package/dist/agents/registry.d.ts.map +1 -0
- package/dist/agents/registry.js +297 -0
- package/dist/agents/registry.js.map +1 -0
- package/dist/agents/roles.d.ts +79 -0
- package/dist/agents/roles.d.ts.map +1 -0
- package/dist/agents/roles.js +174 -0
- package/dist/agents/roles.js.map +1 -0
- package/dist/agents/subagent.d.ts +124 -0
- package/dist/agents/subagent.d.ts.map +1 -0
- package/dist/agents/subagent.js +352 -0
- package/dist/agents/subagent.js.map +1 -0
- package/dist/agents/templates.d.ts +18 -0
- package/dist/agents/templates.d.ts.map +1 -0
- package/dist/agents/templates.js +341 -0
- package/dist/agents/templates.js.map +1 -0
- package/dist/agents/thread-binding.d.ts +77 -0
- package/dist/agents/thread-binding.d.ts.map +1 -0
- package/dist/agents/thread-binding.js +167 -0
- package/dist/agents/thread-binding.js.map +1 -0
- package/dist/auth/agent-profiles.d.ts +46 -0
- package/dist/auth/agent-profiles.d.ts.map +1 -0
- package/dist/auth/agent-profiles.js +97 -0
- package/dist/auth/agent-profiles.js.map +1 -0
- package/dist/auth/allow-from.d.ts +27 -0
- package/dist/auth/allow-from.d.ts.map +1 -0
- package/dist/auth/allow-from.js +118 -0
- package/dist/auth/allow-from.js.map +1 -0
- package/dist/auth/oauth.d.ts +66 -0
- package/dist/auth/oauth.d.ts.map +1 -0
- package/dist/auth/oauth.js +253 -0
- package/dist/auth/oauth.js.map +1 -0
- package/dist/auth/storage.d.ts +69 -0
- package/dist/auth/storage.d.ts.map +1 -0
- package/dist/auth/storage.js +157 -0
- package/dist/auth/storage.js.map +1 -0
- package/dist/cache/file-cache.d.ts +68 -0
- package/dist/cache/file-cache.d.ts.map +1 -0
- package/dist/cache/file-cache.js +176 -0
- package/dist/cache/file-cache.js.map +1 -0
- package/dist/cache/manager.d.ts +69 -0
- package/dist/cache/manager.d.ts.map +1 -0
- package/dist/cache/manager.js +117 -0
- package/dist/cache/manager.js.map +1 -0
- package/dist/cache/symbol-index.d.ts +75 -0
- package/dist/cache/symbol-index.d.ts.map +1 -0
- package/dist/cache/symbol-index.js +267 -0
- package/dist/cache/symbol-index.js.map +1 -0
- package/dist/cache/tool-cache.d.ts +75 -0
- package/dist/cache/tool-cache.d.ts.map +1 -0
- package/dist/cache/tool-cache.js +173 -0
- package/dist/cache/tool-cache.js.map +1 -0
- package/dist/channels/channel.d.ts +156 -0
- package/dist/channels/channel.d.ts.map +1 -0
- package/dist/channels/channel.js +25 -0
- package/dist/channels/channel.js.map +1 -0
- package/dist/channels/cli.d.ts +35 -0
- package/dist/channels/cli.d.ts.map +1 -0
- package/dist/channels/cli.js +94 -0
- package/dist/channels/cli.js.map +1 -0
- package/dist/channels/delivery-queue.d.ts +31 -0
- package/dist/channels/delivery-queue.d.ts.map +1 -0
- package/dist/channels/delivery-queue.js +127 -0
- package/dist/channels/delivery-queue.js.map +1 -0
- package/dist/channels/discord.d.ts +124 -0
- package/dist/channels/discord.d.ts.map +1 -0
- package/dist/channels/discord.js +664 -0
- package/dist/channels/discord.js.map +1 -0
- package/dist/channels/retry.d.ts +31 -0
- package/dist/channels/retry.d.ts.map +1 -0
- package/dist/channels/retry.js +94 -0
- package/dist/channels/retry.js.map +1 -0
- package/dist/channels/telegram.d.ts +69 -0
- package/dist/channels/telegram.d.ts.map +1 -0
- package/dist/channels/telegram.js +499 -0
- package/dist/channels/telegram.js.map +1 -0
- package/dist/channels/tui.d.ts +42 -0
- package/dist/channels/tui.d.ts.map +1 -0
- package/dist/channels/tui.js +126 -0
- package/dist/channels/tui.js.map +1 -0
- package/dist/cli/acp.d.ts +10 -0
- package/dist/cli/acp.d.ts.map +1 -0
- package/dist/cli/acp.js +69 -0
- package/dist/cli/acp.js.map +1 -0
- package/dist/cli/audit.d.ts +11 -0
- package/dist/cli/audit.d.ts.map +1 -0
- package/dist/cli/audit.js +55 -0
- package/dist/cli/audit.js.map +1 -0
- package/dist/cli/cache.d.ts +10 -0
- package/dist/cli/cache.d.ts.map +1 -0
- package/dist/cli/cache.js +77 -0
- package/dist/cli/cache.js.map +1 -0
- package/dist/cli/config.d.ts +5 -0
- package/dist/cli/config.d.ts.map +1 -0
- package/dist/cli/config.js +168 -0
- package/dist/cli/config.js.map +1 -0
- package/dist/cli/cron.d.ts +5 -0
- package/dist/cli/cron.d.ts.map +1 -0
- package/dist/cli/cron.js +192 -0
- package/dist/cli/cron.js.map +1 -0
- package/dist/cli/extensions.d.ts +5 -0
- package/dist/cli/extensions.d.ts.map +1 -0
- package/dist/cli/extensions.js +53 -0
- package/dist/cli/extensions.js.map +1 -0
- package/dist/cli/logs.d.ts +5 -0
- package/dist/cli/logs.d.ts.map +1 -0
- package/dist/cli/logs.js +49 -0
- package/dist/cli/logs.js.map +1 -0
- package/dist/cli/memory.d.ts +5 -0
- package/dist/cli/memory.d.ts.map +1 -0
- package/dist/cli/memory.js +78 -0
- package/dist/cli/memory.js.map +1 -0
- package/dist/cli/message.d.ts +5 -0
- package/dist/cli/message.d.ts.map +1 -0
- package/dist/cli/message.js +69 -0
- package/dist/cli/message.js.map +1 -0
- package/dist/cli/service.d.ts +14 -0
- package/dist/cli/service.d.ts.map +1 -0
- package/dist/cli/service.js +181 -0
- package/dist/cli/service.js.map +1 -0
- package/dist/cli/symphony.d.ts +5 -0
- package/dist/cli/symphony.d.ts.map +1 -0
- package/dist/cli/symphony.js +114 -0
- package/dist/cli/symphony.js.map +1 -0
- package/dist/cli/update.d.ts +5 -0
- package/dist/cli/update.d.ts.map +1 -0
- package/dist/cli/update.js +48 -0
- package/dist/cli/update.js.map +1 -0
- package/dist/commands/channel-setup.d.ts +31 -0
- package/dist/commands/channel-setup.d.ts.map +1 -0
- package/dist/commands/channel-setup.js +138 -0
- package/dist/commands/channel-setup.js.map +1 -0
- package/dist/commands/dispatch.d.ts +48 -0
- package/dist/commands/dispatch.d.ts.map +1 -0
- package/dist/commands/dispatch.js +68 -0
- package/dist/commands/dispatch.js.map +1 -0
- package/dist/commands/model-picker.d.ts +16 -0
- package/dist/commands/model-picker.d.ts.map +1 -0
- package/dist/commands/model-picker.js +120 -0
- package/dist/commands/model-picker.js.map +1 -0
- package/dist/commands/parser.d.ts +32 -0
- package/dist/commands/parser.d.ts.map +1 -0
- package/dist/commands/parser.js +39 -0
- package/dist/commands/parser.js.map +1 -0
- package/dist/commands/registry.d.ts +76 -0
- package/dist/commands/registry.d.ts.map +1 -0
- package/dist/commands/registry.js +351 -0
- package/dist/commands/registry.js.map +1 -0
- package/dist/commands/skill-commands.d.ts +35 -0
- package/dist/commands/skill-commands.d.ts.map +1 -0
- package/dist/commands/skill-commands.js +61 -0
- package/dist/commands/skill-commands.js.map +1 -0
- package/dist/config/resolve.d.ts +25 -0
- package/dist/config/resolve.d.ts.map +1 -0
- package/dist/config/resolve.js +289 -0
- package/dist/config/resolve.js.map +1 -0
- package/dist/config/schema.d.ts +520 -0
- package/dist/config/schema.d.ts.map +1 -0
- package/dist/config/schema.js +123 -0
- package/dist/config/schema.js.map +1 -0
- package/dist/core/agent-loop.d.ts +137 -0
- package/dist/core/agent-loop.d.ts.map +1 -0
- package/dist/core/agent-loop.js +700 -0
- package/dist/core/agent-loop.js.map +1 -0
- package/dist/core/audit.d.ts +87 -0
- package/dist/core/audit.d.ts.map +1 -0
- package/dist/core/audit.js +224 -0
- package/dist/core/audit.js.map +1 -0
- package/dist/core/bootstrap.d.ts +23 -0
- package/dist/core/bootstrap.d.ts.map +1 -0
- package/dist/core/bootstrap.js +162 -0
- package/dist/core/bootstrap.js.map +1 -0
- package/dist/core/context.d.ts +44 -0
- package/dist/core/context.d.ts.map +1 -0
- package/dist/core/context.js +65 -0
- package/dist/core/context.js.map +1 -0
- package/dist/core/cron.d.ts +111 -0
- package/dist/core/cron.d.ts.map +1 -0
- package/dist/core/cron.js +284 -0
- package/dist/core/cron.js.map +1 -0
- package/dist/core/exec-approvals.d.ts +50 -0
- package/dist/core/exec-approvals.d.ts.map +1 -0
- package/dist/core/exec-approvals.js +187 -0
- package/dist/core/exec-approvals.js.map +1 -0
- package/dist/core/heartbeat.d.ts +71 -0
- package/dist/core/heartbeat.d.ts.map +1 -0
- package/dist/core/heartbeat.js +214 -0
- package/dist/core/heartbeat.js.map +1 -0
- package/dist/core/message-queue.d.ts +60 -0
- package/dist/core/message-queue.d.ts.map +1 -0
- package/dist/core/message-queue.js +182 -0
- package/dist/core/message-queue.js.map +1 -0
- package/dist/core/network-policy.d.ts +39 -0
- package/dist/core/network-policy.d.ts.map +1 -0
- package/dist/core/network-policy.js +121 -0
- package/dist/core/network-policy.js.map +1 -0
- package/dist/core/progress.d.ts +48 -0
- package/dist/core/progress.d.ts.map +1 -0
- package/dist/core/progress.js +81 -0
- package/dist/core/progress.js.map +1 -0
- package/dist/core/prompt.d.ts +105 -0
- package/dist/core/prompt.d.ts.map +1 -0
- package/dist/core/prompt.js +411 -0
- package/dist/core/prompt.js.map +1 -0
- package/dist/core/pruning.d.ts +40 -0
- package/dist/core/pruning.d.ts.map +1 -0
- package/dist/core/pruning.js +165 -0
- package/dist/core/pruning.js.map +1 -0
- package/dist/core/rate-limiter.d.ts +64 -0
- package/dist/core/rate-limiter.d.ts.map +1 -0
- package/dist/core/rate-limiter.js +142 -0
- package/dist/core/rate-limiter.js.map +1 -0
- package/dist/core/reactions.d.ts +31 -0
- package/dist/core/reactions.d.ts.map +1 -0
- package/dist/core/reactions.js +67 -0
- package/dist/core/reactions.js.map +1 -0
- package/dist/core/retry-queue.d.ts +56 -0
- package/dist/core/retry-queue.d.ts.map +1 -0
- package/dist/core/retry-queue.js +106 -0
- package/dist/core/retry-queue.js.map +1 -0
- package/dist/core/sanitizer.d.ts +38 -0
- package/dist/core/sanitizer.d.ts.map +1 -0
- package/dist/core/sanitizer.js +181 -0
- package/dist/core/sanitizer.js.map +1 -0
- package/dist/core/secret-scanner.d.ts +39 -0
- package/dist/core/secret-scanner.d.ts.map +1 -0
- package/dist/core/secret-scanner.js +96 -0
- package/dist/core/secret-scanner.js.map +1 -0
- package/dist/core/secrets.d.ts +38 -0
- package/dist/core/secrets.d.ts.map +1 -0
- package/dist/core/secrets.js +137 -0
- package/dist/core/secrets.js.map +1 -0
- package/dist/core/security.d.ts +58 -0
- package/dist/core/security.d.ts.map +1 -0
- package/dist/core/security.js +120 -0
- package/dist/core/security.js.map +1 -0
- package/dist/core/self-awareness.d.ts +19 -0
- package/dist/core/self-awareness.d.ts.map +1 -0
- package/dist/core/self-awareness.js +124 -0
- package/dist/core/self-awareness.js.map +1 -0
- package/dist/core/session-init.d.ts +34 -0
- package/dist/core/session-init.d.ts.map +1 -0
- package/dist/core/session-init.js +68 -0
- package/dist/core/session-init.js.map +1 -0
- package/dist/core/streaming.d.ts +82 -0
- package/dist/core/streaming.d.ts.map +1 -0
- package/dist/core/streaming.js +264 -0
- package/dist/core/streaming.js.map +1 -0
- package/dist/core/symphony/orchestrator.d.ts +61 -0
- package/dist/core/symphony/orchestrator.d.ts.map +1 -0
- package/dist/core/symphony/orchestrator.js +476 -0
- package/dist/core/symphony/orchestrator.js.map +1 -0
- package/dist/core/symphony/status.d.ts +11 -0
- package/dist/core/symphony/status.d.ts.map +1 -0
- package/dist/core/symphony/status.js +133 -0
- package/dist/core/symphony/status.js.map +1 -0
- package/dist/core/symphony/types.d.ts +84 -0
- package/dist/core/symphony/types.d.ts.map +1 -0
- package/dist/core/symphony/types.js +5 -0
- package/dist/core/symphony/types.js.map +1 -0
- package/dist/core/symphony/workflow.d.ts +18 -0
- package/dist/core/symphony/workflow.d.ts.map +1 -0
- package/dist/core/symphony/workflow.js +149 -0
- package/dist/core/symphony/workflow.js.map +1 -0
- package/dist/core/symphony/workspace.d.ts +24 -0
- package/dist/core/symphony/workspace.d.ts.map +1 -0
- package/dist/core/symphony/workspace.js +94 -0
- package/dist/core/symphony/workspace.js.map +1 -0
- package/dist/core/thinking.d.ts +27 -0
- package/dist/core/thinking.d.ts.map +1 -0
- package/dist/core/thinking.js +83 -0
- package/dist/core/thinking.js.map +1 -0
- package/dist/core/thread-bindings.d.ts +47 -0
- package/dist/core/thread-bindings.d.ts.map +1 -0
- package/dist/core/thread-bindings.js +94 -0
- package/dist/core/thread-bindings.js.map +1 -0
- package/dist/core/timezone.d.ts +28 -0
- package/dist/core/timezone.d.ts.map +1 -0
- package/dist/core/timezone.js +72 -0
- package/dist/core/timezone.js.map +1 -0
- package/dist/core/tool-loop-detector.d.ts +41 -0
- package/dist/core/tool-loop-detector.d.ts.map +1 -0
- package/dist/core/tool-loop-detector.js +83 -0
- package/dist/core/tool-loop-detector.js.map +1 -0
- package/dist/core/tool-validator.d.ts +44 -0
- package/dist/core/tool-validator.d.ts.map +1 -0
- package/dist/core/tool-validator.js +175 -0
- package/dist/core/tool-validator.js.map +1 -0
- package/dist/core/typing.d.ts +25 -0
- package/dist/core/typing.d.ts.map +1 -0
- package/dist/core/typing.js +48 -0
- package/dist/core/typing.js.map +1 -0
- package/dist/core/usage-tracker.d.ts +66 -0
- package/dist/core/usage-tracker.d.ts.map +1 -0
- package/dist/core/usage-tracker.js +163 -0
- package/dist/core/usage-tracker.js.map +1 -0
- package/dist/daemon/commands.d.ts +16 -0
- package/dist/daemon/commands.d.ts.map +1 -0
- package/dist/daemon/commands.js +445 -0
- package/dist/daemon/commands.js.map +1 -0
- package/dist/daemon/pid.d.ts +30 -0
- package/dist/daemon/pid.d.ts.map +1 -0
- package/dist/daemon/pid.js +62 -0
- package/dist/daemon/pid.js.map +1 -0
- package/dist/doctor/checks/browser.d.ts +9 -0
- package/dist/doctor/checks/browser.d.ts.map +1 -0
- package/dist/doctor/checks/browser.js +54 -0
- package/dist/doctor/checks/browser.js.map +1 -0
- package/dist/doctor/checks/channels.d.ts +9 -0
- package/dist/doctor/checks/channels.d.ts.map +1 -0
- package/dist/doctor/checks/channels.js +90 -0
- package/dist/doctor/checks/channels.js.map +1 -0
- package/dist/doctor/checks/config.d.ts +10 -0
- package/dist/doctor/checks/config.d.ts.map +1 -0
- package/dist/doctor/checks/config.js +89 -0
- package/dist/doctor/checks/config.js.map +1 -0
- package/dist/doctor/checks/memory.d.ts +10 -0
- package/dist/doctor/checks/memory.d.ts.map +1 -0
- package/dist/doctor/checks/memory.js +82 -0
- package/dist/doctor/checks/memory.js.map +1 -0
- package/dist/doctor/checks/permissions.d.ts +9 -0
- package/dist/doctor/checks/permissions.d.ts.map +1 -0
- package/dist/doctor/checks/permissions.js +53 -0
- package/dist/doctor/checks/permissions.js.map +1 -0
- package/dist/doctor/checks/providers.d.ts +10 -0
- package/dist/doctor/checks/providers.d.ts.map +1 -0
- package/dist/doctor/checks/providers.js +93 -0
- package/dist/doctor/checks/providers.js.map +1 -0
- package/dist/doctor/checks/sessions.d.ts +10 -0
- package/dist/doctor/checks/sessions.d.ts.map +1 -0
- package/dist/doctor/checks/sessions.js +86 -0
- package/dist/doctor/checks/sessions.js.map +1 -0
- package/dist/doctor/doctor.d.ts +35 -0
- package/dist/doctor/doctor.d.ts.map +1 -0
- package/dist/doctor/doctor.js +51 -0
- package/dist/doctor/doctor.js.map +1 -0
- package/dist/doctor/repairs.d.ts +14 -0
- package/dist/doctor/repairs.d.ts.map +1 -0
- package/dist/doctor/repairs.js +34 -0
- package/dist/doctor/repairs.js.map +1 -0
- package/dist/gateway/compaction.d.ts +63 -0
- package/dist/gateway/compaction.d.ts.map +1 -0
- package/dist/gateway/compaction.js +235 -0
- package/dist/gateway/compaction.js.map +1 -0
- package/dist/gateway/gateway.d.ts +94 -0
- package/dist/gateway/gateway.d.ts.map +1 -0
- package/dist/gateway/gateway.js +466 -0
- package/dist/gateway/gateway.js.map +1 -0
- package/dist/gateway/lock.d.ts +24 -0
- package/dist/gateway/lock.d.ts.map +1 -0
- package/dist/gateway/lock.js +88 -0
- package/dist/gateway/lock.js.map +1 -0
- package/dist/gateway/protocol.d.ts +117 -0
- package/dist/gateway/protocol.d.ts.map +1 -0
- package/dist/gateway/protocol.js +5 -0
- package/dist/gateway/protocol.js.map +1 -0
- package/dist/gateway/session.d.ts +123 -0
- package/dist/gateway/session.d.ts.map +1 -0
- package/dist/gateway/session.js +573 -0
- package/dist/gateway/session.js.map +1 -0
- package/dist/hooks/hooks.d.ts +18 -0
- package/dist/hooks/hooks.d.ts.map +1 -0
- package/dist/hooks/hooks.js +45 -0
- package/dist/hooks/hooks.js.map +1 -0
- package/dist/hooks/types.d.ts +112 -0
- package/dist/hooks/types.d.ts.map +1 -0
- package/dist/hooks/types.js +23 -0
- package/dist/hooks/types.js.map +1 -0
- package/dist/index.d.ts +27 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +2900 -0
- package/dist/index.js.map +1 -0
- package/dist/media/storage.d.ts +25 -0
- package/dist/media/storage.d.ts.map +1 -0
- package/dist/media/storage.js +97 -0
- package/dist/media/storage.js.map +1 -0
- package/dist/memory/embeddings.d.ts +46 -0
- package/dist/memory/embeddings.d.ts.map +1 -0
- package/dist/memory/embeddings.js +118 -0
- package/dist/memory/embeddings.js.map +1 -0
- package/dist/memory/hybrid.d.ts +35 -0
- package/dist/memory/hybrid.d.ts.map +1 -0
- package/dist/memory/hybrid.js +156 -0
- package/dist/memory/hybrid.js.map +1 -0
- package/dist/memory/markdown.d.ts +48 -0
- package/dist/memory/markdown.d.ts.map +1 -0
- package/dist/memory/markdown.js +228 -0
- package/dist/memory/markdown.js.map +1 -0
- package/dist/memory/store.d.ts +88 -0
- package/dist/memory/store.d.ts.map +1 -0
- package/dist/memory/store.js +21 -0
- package/dist/memory/store.js.map +1 -0
- package/dist/memory/vector.d.ts +24 -0
- package/dist/memory/vector.d.ts.map +1 -0
- package/dist/memory/vector.js +63 -0
- package/dist/memory/vector.js.map +1 -0
- package/dist/mods/mod.d.ts +100 -0
- package/dist/mods/mod.d.ts.map +1 -0
- package/dist/mods/mod.js +242 -0
- package/dist/mods/mod.js.map +1 -0
- package/dist/onboard/channels.d.ts +12 -0
- package/dist/onboard/channels.d.ts.map +1 -0
- package/dist/onboard/channels.js +283 -0
- package/dist/onboard/channels.js.map +1 -0
- package/dist/onboard/models.d.ts +13 -0
- package/dist/onboard/models.d.ts.map +1 -0
- package/dist/onboard/models.js +491 -0
- package/dist/onboard/models.js.map +1 -0
- package/dist/onboard/onboard.d.ts +12 -0
- package/dist/onboard/onboard.d.ts.map +1 -0
- package/dist/onboard/onboard.js +1137 -0
- package/dist/onboard/onboard.js.map +1 -0
- package/dist/providers/anthropic.d.ts +83 -0
- package/dist/providers/anthropic.d.ts.map +1 -0
- package/dist/providers/anthropic.js +583 -0
- package/dist/providers/anthropic.js.map +1 -0
- package/dist/providers/failover.d.ts +46 -0
- package/dist/providers/failover.d.ts.map +1 -0
- package/dist/providers/failover.js +149 -0
- package/dist/providers/failover.js.map +1 -0
- package/dist/providers/litellm.d.ts +38 -0
- package/dist/providers/litellm.d.ts.map +1 -0
- package/dist/providers/litellm.js +349 -0
- package/dist/providers/litellm.js.map +1 -0
- package/dist/providers/openai.d.ts +28 -0
- package/dist/providers/openai.d.ts.map +1 -0
- package/dist/providers/openai.js +321 -0
- package/dist/providers/openai.js.map +1 -0
- package/dist/providers/prompt-cache.d.ts +50 -0
- package/dist/providers/prompt-cache.d.ts.map +1 -0
- package/dist/providers/prompt-cache.js +96 -0
- package/dist/providers/prompt-cache.js.map +1 -0
- package/dist/providers/provider.d.ts +173 -0
- package/dist/providers/provider.d.ts.map +1 -0
- package/dist/providers/provider.js +22 -0
- package/dist/providers/provider.js.map +1 -0
- package/dist/sandbox/config.d.ts +42 -0
- package/dist/sandbox/config.d.ts.map +1 -0
- package/dist/sandbox/config.js +20 -0
- package/dist/sandbox/config.js.map +1 -0
- package/dist/sandbox/container.d.ts +71 -0
- package/dist/sandbox/container.d.ts.map +1 -0
- package/dist/sandbox/container.js +193 -0
- package/dist/sandbox/container.js.map +1 -0
- package/dist/sandbox/sandbox.d.ts +82 -0
- package/dist/sandbox/sandbox.d.ts.map +1 -0
- package/dist/sandbox/sandbox.js +176 -0
- package/dist/sandbox/sandbox.js.map +1 -0
- package/dist/skills/channel-loader.d.ts +18 -0
- package/dist/skills/channel-loader.d.ts.map +1 -0
- package/dist/skills/channel-loader.js +35 -0
- package/dist/skills/channel-loader.js.map +1 -0
- package/dist/skills/extension-loader.d.ts +15 -0
- package/dist/skills/extension-loader.d.ts.map +1 -0
- package/dist/skills/extension-loader.js +63 -0
- package/dist/skills/extension-loader.js.map +1 -0
- package/dist/skills/extension-registry.d.ts +32 -0
- package/dist/skills/extension-registry.d.ts.map +1 -0
- package/dist/skills/extension-registry.js +57 -0
- package/dist/skills/extension-registry.js.map +1 -0
- package/dist/skills/extensions.d.ts +91 -0
- package/dist/skills/extensions.d.ts.map +1 -0
- package/dist/skills/extensions.js +14 -0
- package/dist/skills/extensions.js.map +1 -0
- package/dist/skills/loader.d.ts +64 -0
- package/dist/skills/loader.d.ts.map +1 -0
- package/dist/skills/loader.js +382 -0
- package/dist/skills/loader.js.map +1 -0
- package/dist/skills/marketplace.d.ts +56 -0
- package/dist/skills/marketplace.d.ts.map +1 -0
- package/dist/skills/marketplace.js +183 -0
- package/dist/skills/marketplace.js.map +1 -0
- package/dist/skills/types.d.ts +94 -0
- package/dist/skills/types.d.ts.map +1 -0
- package/dist/skills/types.js +9 -0
- package/dist/skills/types.js.map +1 -0
- package/dist/tools/acp-sessions.d.ts +89 -0
- package/dist/tools/acp-sessions.d.ts.map +1 -0
- package/dist/tools/acp-sessions.js +391 -0
- package/dist/tools/acp-sessions.js.map +1 -0
- package/dist/tools/acp.d.ts +18 -0
- package/dist/tools/acp.d.ts.map +1 -0
- package/dist/tools/acp.js +102 -0
- package/dist/tools/acp.js.map +1 -0
- package/dist/tools/agent-tools.d.ts +24 -0
- package/dist/tools/agent-tools.d.ts.map +1 -0
- package/dist/tools/agent-tools.js +611 -0
- package/dist/tools/agent-tools.js.map +1 -0
- package/dist/tools/browser.d.ts +26 -0
- package/dist/tools/browser.d.ts.map +1 -0
- package/dist/tools/browser.js +242 -0
- package/dist/tools/browser.js.map +1 -0
- package/dist/tools/comms.d.ts +8 -0
- package/dist/tools/comms.d.ts.map +1 -0
- package/dist/tools/comms.js +39 -0
- package/dist/tools/comms.js.map +1 -0
- package/dist/tools/cron-tools.d.ts +9 -0
- package/dist/tools/cron-tools.d.ts.map +1 -0
- package/dist/tools/cron-tools.js +117 -0
- package/dist/tools/cron-tools.js.map +1 -0
- package/dist/tools/exec-safety.d.ts +71 -0
- package/dist/tools/exec-safety.d.ts.map +1 -0
- package/dist/tools/exec-safety.js +141 -0
- package/dist/tools/exec-safety.js.map +1 -0
- package/dist/tools/exec.d.ts +24 -0
- package/dist/tools/exec.d.ts.map +1 -0
- package/dist/tools/exec.js +191 -0
- package/dist/tools/exec.js.map +1 -0
- package/dist/tools/fs.d.ts +15 -0
- package/dist/tools/fs.d.ts.map +1 -0
- package/dist/tools/fs.js +249 -0
- package/dist/tools/fs.js.map +1 -0
- package/dist/tools/git.d.ts +9 -0
- package/dist/tools/git.d.ts.map +1 -0
- package/dist/tools/git.js +56 -0
- package/dist/tools/git.js.map +1 -0
- package/dist/tools/image.d.ts +15 -0
- package/dist/tools/image.d.ts.map +1 -0
- package/dist/tools/image.js +106 -0
- package/dist/tools/image.js.map +1 -0
- package/dist/tools/introspect.d.ts +22 -0
- package/dist/tools/introspect.d.ts.map +1 -0
- package/dist/tools/introspect.js +223 -0
- package/dist/tools/introspect.js.map +1 -0
- package/dist/tools/memory.d.ts +11 -0
- package/dist/tools/memory.d.ts.map +1 -0
- package/dist/tools/memory.js +101 -0
- package/dist/tools/memory.js.map +1 -0
- package/dist/tools/message.d.ts +24 -0
- package/dist/tools/message.d.ts.map +1 -0
- package/dist/tools/message.js +205 -0
- package/dist/tools/message.js.map +1 -0
- package/dist/tools/model.d.ts +14 -0
- package/dist/tools/model.d.ts.map +1 -0
- package/dist/tools/model.js +62 -0
- package/dist/tools/model.js.map +1 -0
- package/dist/tools/policy.d.ts +101 -0
- package/dist/tools/policy.d.ts.map +1 -0
- package/dist/tools/policy.js +168 -0
- package/dist/tools/policy.js.map +1 -0
- package/dist/tools/registry.d.ts +52 -0
- package/dist/tools/registry.d.ts.map +1 -0
- package/dist/tools/registry.js +154 -0
- package/dist/tools/registry.js.map +1 -0
- package/dist/tools/search.d.ts +10 -0
- package/dist/tools/search.d.ts.map +1 -0
- package/dist/tools/search.js +78 -0
- package/dist/tools/search.js.map +1 -0
- package/dist/tools/session.d.ts +13 -0
- package/dist/tools/session.d.ts.map +1 -0
- package/dist/tools/session.js +142 -0
- package/dist/tools/session.js.map +1 -0
- package/dist/tools/spawn.d.ts +10 -0
- package/dist/tools/spawn.d.ts.map +1 -0
- package/dist/tools/spawn.js +72 -0
- package/dist/tools/spawn.js.map +1 -0
- package/dist/tools/symphony.d.ts +12 -0
- package/dist/tools/symphony.d.ts.map +1 -0
- package/dist/tools/symphony.js +142 -0
- package/dist/tools/symphony.js.map +1 -0
- package/dist/tools/system-tools.d.ts +11 -0
- package/dist/tools/system-tools.d.ts.map +1 -0
- package/dist/tools/system-tools.js +39 -0
- package/dist/tools/system-tools.js.map +1 -0
- package/dist/tools/tool.d.ts +119 -0
- package/dist/tools/tool.d.ts.map +1 -0
- package/dist/tools/tool.js +29 -0
- package/dist/tools/tool.js.map +1 -0
- package/dist/tools/web.d.ts +10 -0
- package/dist/tools/web.d.ts.map +1 -0
- package/dist/tools/web.js +105 -0
- package/dist/tools/web.js.map +1 -0
- package/dist/tui/App.d.ts +43 -0
- package/dist/tui/App.d.ts.map +1 -0
- package/dist/tui/App.js +265 -0
- package/dist/tui/App.js.map +1 -0
- package/dist/tui/bridge.d.ts +40 -0
- package/dist/tui/bridge.d.ts.map +1 -0
- package/dist/tui/bridge.js +29 -0
- package/dist/tui/bridge.js.map +1 -0
- package/dist/tui/components/Header.d.ts +14 -0
- package/dist/tui/components/Header.d.ts.map +1 -0
- package/dist/tui/components/Header.js +7 -0
- package/dist/tui/components/Header.js.map +1 -0
- package/dist/tui/components/InputBar.d.ts +10 -0
- package/dist/tui/components/InputBar.d.ts.map +1 -0
- package/dist/tui/components/InputBar.js +121 -0
- package/dist/tui/components/InputBar.js.map +1 -0
- package/dist/tui/components/MessageList.d.ts +18 -0
- package/dist/tui/components/MessageList.d.ts.map +1 -0
- package/dist/tui/components/MessageList.js +34 -0
- package/dist/tui/components/MessageList.js.map +1 -0
- package/dist/tui/components/Spinner.d.ts +9 -0
- package/dist/tui/components/Spinner.d.ts.map +1 -0
- package/dist/tui/components/Spinner.js +18 -0
- package/dist/tui/components/Spinner.js.map +1 -0
- package/dist/tui/components/StatusBar.d.ts +16 -0
- package/dist/tui/components/StatusBar.d.ts.map +1 -0
- package/dist/tui/components/StatusBar.js +15 -0
- package/dist/tui/components/StatusBar.js.map +1 -0
- package/dist/tui/components/ToolCallBox.d.ts +12 -0
- package/dist/tui/components/ToolCallBox.d.ts.map +1 -0
- package/dist/tui/components/ToolCallBox.js +12 -0
- package/dist/tui/components/ToolCallBox.js.map +1 -0
- package/dist/tui/theme.d.ts +58 -0
- package/dist/tui/theme.d.ts.map +1 -0
- package/dist/tui/theme.js +80 -0
- package/dist/tui/theme.js.map +1 -0
- package/dist/utils/logger.d.ts +16 -0
- package/dist/utils/logger.d.ts.map +1 -0
- package/dist/utils/logger.js +70 -0
- package/dist/utils/logger.js.map +1 -0
- package/docs/DEVELOPMENT.md +74 -0
- package/docs/INSTALL.md +161 -0
- package/docs/USAGE.md +94 -0
- package/docs/architecture.md +128 -0
- package/docs/channels.md +140 -0
- package/docs/configuration.md +209 -0
- package/docs/io-system.md +430 -0
- package/docs/providers.md +99 -0
- package/docs/skill-channels.md +113 -0
- package/docs/skills.md +246 -0
- package/package.json +89 -0
- package/skills/acp-router/SKILL.md +41 -0
- package/skills/acp-router/tools/acp-router.mjs +239 -0
- package/skills/find-skills/SKILL.md +133 -0
- package/skills/security-audit/SKILL.md +181 -0
- package/skills/security-audit/audit.sh +67 -0
- package/skills/skill-creator/SKILL.md +479 -0
- package/skills/skill-security-audit/.clawhub/origin.json +7 -0
- package/skills/skill-security-audit/SKILL.md +196 -0
- package/skills/skill-security-audit/_meta.json +6 -0
- package/skills/skill-security-audit/references/prompt-injection-patterns.md +276 -0
- package/skills/skill-security-audit/references/vulnerability-patterns.md +348 -0
- package/skills/symphony/README.md +53 -0
- package/skills/symphony/SKILL.md +75 -0
- package/skills/symphony/tools/symphony-orchestrator.ts +8 -0
- package/tako.example.json +33 -0
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Per-agent auth profiles — provider credentials scoped to individual agents.
|
|
3
|
+
*
|
|
4
|
+
* Stored at: ~/.tako/agents/<id>/agent/auth-profiles.json
|
|
5
|
+
*
|
|
6
|
+
* Resolution order:
|
|
7
|
+
* 1. Agent-specific profile (this file)
|
|
8
|
+
* 2. Main agent's profile (inherited on creation)
|
|
9
|
+
* 3. Global auth (storage.ts / env vars)
|
|
10
|
+
*/
|
|
11
|
+
export interface AuthProfile {
|
|
12
|
+
type: 'api_key' | 'oauth';
|
|
13
|
+
key?: string;
|
|
14
|
+
accessToken?: string;
|
|
15
|
+
refreshToken?: string;
|
|
16
|
+
expiresAt?: number;
|
|
17
|
+
}
|
|
18
|
+
export interface AuthProfilesFile {
|
|
19
|
+
version: 1;
|
|
20
|
+
profiles: Record<string, AuthProfile>;
|
|
21
|
+
}
|
|
22
|
+
export declare function loadAuthProfiles(agentId: string): Promise<AuthProfilesFile>;
|
|
23
|
+
export declare function saveAuthProfiles(agentId: string, data: AuthProfilesFile): Promise<void>;
|
|
24
|
+
/**
|
|
25
|
+
* Set or update a single auth profile for an agent.
|
|
26
|
+
*/
|
|
27
|
+
export declare function setAuthProfile(agentId: string, profileKey: string, profile: AuthProfile): Promise<void>;
|
|
28
|
+
/**
|
|
29
|
+
* Remove an auth profile from an agent.
|
|
30
|
+
*/
|
|
31
|
+
export declare function removeAuthProfile(agentId: string, profileKey: string): Promise<boolean>;
|
|
32
|
+
/**
|
|
33
|
+
* Inherit auth profiles from a source agent to a new agent.
|
|
34
|
+
* Used when creating sub-agents.
|
|
35
|
+
*/
|
|
36
|
+
export declare function inheritAuthProfiles(sourceAgentId: string, targetAgentId: string): Promise<void>;
|
|
37
|
+
/**
|
|
38
|
+
* Resolve an API key for a provider, checking agent profile first.
|
|
39
|
+
* Returns the key string or null if not found at this level.
|
|
40
|
+
*/
|
|
41
|
+
export declare function resolveAgentAuthKey(agentId: string, providerKey: string): Promise<string | null>;
|
|
42
|
+
/**
|
|
43
|
+
* Mask an API key for display (show first 8 and last 4 chars).
|
|
44
|
+
*/
|
|
45
|
+
export declare function maskKey(key: string): string;
|
|
46
|
+
//# sourceMappingURL=agent-profiles.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"agent-profiles.d.ts","sourceRoot":"","sources":["../../src/auth/agent-profiles.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AASH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,SAAS,GAAG,OAAO,CAAC;IAC1B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,CAAC,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;CACvC;AAUD,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAWjF;AAED,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CAO7F;AAED;;GAEG;AACH,wBAAsB,cAAc,CAClC,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC,CAIf;AAED;;GAEG;AACH,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,OAAO,CAAC,CAMlB;AAED;;;GAGG;AACH,wBAAsB,mBAAmB,CACvC,aAAa,EAAE,MAAM,EACrB,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,IAAI,CAAC,CAIf;AAED;;;GAGG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAexB;AAED;;GAEG;AACH,wBAAgB,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAG3C"}
|
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Per-agent auth profiles — provider credentials scoped to individual agents.
|
|
3
|
+
*
|
|
4
|
+
* Stored at: ~/.tako/agents/<id>/agent/auth-profiles.json
|
|
5
|
+
*
|
|
6
|
+
* Resolution order:
|
|
7
|
+
* 1. Agent-specific profile (this file)
|
|
8
|
+
* 2. Main agent's profile (inherited on creation)
|
|
9
|
+
* 3. Global auth (storage.ts / env vars)
|
|
10
|
+
*/
|
|
11
|
+
import { homedir } from 'node:os';
|
|
12
|
+
import { join } from 'node:path';
|
|
13
|
+
import { mkdir, readFile, writeFile } from 'node:fs/promises';
|
|
14
|
+
import { existsSync } from 'node:fs';
|
|
15
|
+
// ─── Paths ──────────────────────────────────────────────────────────
|
|
16
|
+
function getProfilesPath(agentId) {
|
|
17
|
+
return join(homedir(), '.tako', 'agents', agentId, 'agent', 'auth-profiles.json');
|
|
18
|
+
}
|
|
19
|
+
// ─── Read / Write ───────────────────────────────────────────────────
|
|
20
|
+
export async function loadAuthProfiles(agentId) {
|
|
21
|
+
const filePath = getProfilesPath(agentId);
|
|
22
|
+
if (!existsSync(filePath)) {
|
|
23
|
+
return { version: 1, profiles: {} };
|
|
24
|
+
}
|
|
25
|
+
try {
|
|
26
|
+
const raw = await readFile(filePath, 'utf-8');
|
|
27
|
+
return JSON.parse(raw);
|
|
28
|
+
}
|
|
29
|
+
catch {
|
|
30
|
+
return { version: 1, profiles: {} };
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
export async function saveAuthProfiles(agentId, data) {
|
|
34
|
+
const filePath = getProfilesPath(agentId);
|
|
35
|
+
const dir = join(filePath, '..');
|
|
36
|
+
await mkdir(dir, { recursive: true });
|
|
37
|
+
// Mask keys in the saved file for safety — store the real values
|
|
38
|
+
await writeFile(filePath, JSON.stringify(data, null, 2) + '\n', { mode: 0o600 });
|
|
39
|
+
}
|
|
40
|
+
/**
|
|
41
|
+
* Set or update a single auth profile for an agent.
|
|
42
|
+
*/
|
|
43
|
+
export async function setAuthProfile(agentId, profileKey, profile) {
|
|
44
|
+
const data = await loadAuthProfiles(agentId);
|
|
45
|
+
data.profiles[profileKey] = profile;
|
|
46
|
+
await saveAuthProfiles(agentId, data);
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* Remove an auth profile from an agent.
|
|
50
|
+
*/
|
|
51
|
+
export async function removeAuthProfile(agentId, profileKey) {
|
|
52
|
+
const data = await loadAuthProfiles(agentId);
|
|
53
|
+
if (!(profileKey in data.profiles))
|
|
54
|
+
return false;
|
|
55
|
+
delete data.profiles[profileKey];
|
|
56
|
+
await saveAuthProfiles(agentId, data);
|
|
57
|
+
return true;
|
|
58
|
+
}
|
|
59
|
+
/**
|
|
60
|
+
* Inherit auth profiles from a source agent to a new agent.
|
|
61
|
+
* Used when creating sub-agents.
|
|
62
|
+
*/
|
|
63
|
+
export async function inheritAuthProfiles(sourceAgentId, targetAgentId) {
|
|
64
|
+
const source = await loadAuthProfiles(sourceAgentId);
|
|
65
|
+
if (Object.keys(source.profiles).length === 0)
|
|
66
|
+
return;
|
|
67
|
+
await saveAuthProfiles(targetAgentId, { ...source });
|
|
68
|
+
}
|
|
69
|
+
/**
|
|
70
|
+
* Resolve an API key for a provider, checking agent profile first.
|
|
71
|
+
* Returns the key string or null if not found at this level.
|
|
72
|
+
*/
|
|
73
|
+
export async function resolveAgentAuthKey(agentId, providerKey) {
|
|
74
|
+
const data = await loadAuthProfiles(agentId);
|
|
75
|
+
const profile = data.profiles[providerKey];
|
|
76
|
+
if (!profile)
|
|
77
|
+
return null;
|
|
78
|
+
if (profile.type === 'api_key' && profile.key) {
|
|
79
|
+
return profile.key;
|
|
80
|
+
}
|
|
81
|
+
if (profile.type === 'oauth' && profile.accessToken) {
|
|
82
|
+
if (profile.expiresAt && profile.expiresAt < Date.now() / 1000) {
|
|
83
|
+
return null; // expired
|
|
84
|
+
}
|
|
85
|
+
return profile.accessToken;
|
|
86
|
+
}
|
|
87
|
+
return null;
|
|
88
|
+
}
|
|
89
|
+
/**
|
|
90
|
+
* Mask an API key for display (show first 8 and last 4 chars).
|
|
91
|
+
*/
|
|
92
|
+
export function maskKey(key) {
|
|
93
|
+
if (key.length <= 12)
|
|
94
|
+
return '***';
|
|
95
|
+
return `${key.slice(0, 8)}...${key.slice(-4)}`;
|
|
96
|
+
}
|
|
97
|
+
//# sourceMappingURL=agent-profiles.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"agent-profiles.js","sourceRoot":"","sources":["../../src/auth/agent-profiles.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAiBrC,uEAAuE;AAEvE,SAAS,eAAe,CAAC,OAAe;IACtC,OAAO,IAAI,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,oBAAoB,CAAC,CAAC;AACpF,CAAC;AAED,uEAAuE;AAEvE,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAAe;IACpD,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IAC1C,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IACtC,CAAC;IACD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAqB,CAAC;IAC7C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IACtC,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAAe,EAAE,IAAsB;IAC5E,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IACjC,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEtC,iEAAiE;IACjE,MAAM,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;AACnF,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,OAAe,EACf,UAAkB,EAClB,OAAoB;IAEpB,MAAM,IAAI,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAC7C,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,OAAO,CAAC;IACpC,MAAM,gBAAgB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,OAAe,EACf,UAAkB;IAElB,MAAM,IAAI,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAC7C,IAAI,CAAC,CAAC,UAAU,IAAI,IAAI,CAAC,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IACjD,OAAO,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IACjC,MAAM,gBAAgB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IACtC,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,aAAqB,EACrB,aAAqB;IAErB,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,aAAa,CAAC,CAAC;IACrD,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IACtD,MAAM,gBAAgB,CAAC,aAAa,EAAE,EAAE,GAAG,MAAM,EAAE,CAAC,CAAC;AACvD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAe,EACf,WAAmB;IAEnB,MAAM,IAAI,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC3C,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,CAAC;IAE1B,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAC9C,OAAO,OAAO,CAAC,GAAG,CAAC;IACrB,CAAC;IACD,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QACpD,IAAI,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;YAC/D,OAAO,IAAI,CAAC,CAAC,UAAU;QACzB,CAAC;QACD,OAAO,OAAO,CAAC,WAAW,CAAC;IAC7B,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,OAAO,CAAC,GAAW;IACjC,IAAI,GAAG,CAAC,MAAM,IAAI,EAAE;QAAE,OAAO,KAAK,CAAC;IACnC,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACjD,CAAC"}
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AllowFrom ACL — per-agent, per-channel access control.
|
|
3
|
+
*
|
|
4
|
+
* Stores allowlist config at:
|
|
5
|
+
* ~/.tako/credentials/<channel>-<agentId>-allowFrom.json
|
|
6
|
+
*
|
|
7
|
+
* Modes:
|
|
8
|
+
* - "open": anyone can talk (default — preserves existing behavior)
|
|
9
|
+
* - "allowlist": only listed user IDs are permitted
|
|
10
|
+
*
|
|
11
|
+
* The owner (first user to onboard) is always allowed.
|
|
12
|
+
*/
|
|
13
|
+
import type { Tool } from '../tools/tool.js';
|
|
14
|
+
export type AllowFromMode = 'allowlist' | 'open';
|
|
15
|
+
export interface AllowFromConfig {
|
|
16
|
+
allowedUserIds: string[];
|
|
17
|
+
mode: AllowFromMode;
|
|
18
|
+
}
|
|
19
|
+
export declare function loadAllowFrom(channel: string, agentId: string): Promise<AllowFromConfig>;
|
|
20
|
+
export declare function saveAllowFrom(channel: string, agentId: string, config: AllowFromConfig): Promise<void>;
|
|
21
|
+
/**
|
|
22
|
+
* Check if a user is allowed to send messages on this channel/agent.
|
|
23
|
+
* Returns true if allowed, false if blocked.
|
|
24
|
+
*/
|
|
25
|
+
export declare function isUserAllowed(channel: string, agentId: string, userId: string): Promise<boolean>;
|
|
26
|
+
export declare function createAllowFromTools(): Tool[];
|
|
27
|
+
//# sourceMappingURL=allow-from.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"allow-from.d.ts","sourceRoot":"","sources":["../../src/auth/allow-from.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAMH,OAAO,KAAK,EAAE,IAAI,EAA2B,MAAM,kBAAkB,CAAC;AAItE,MAAM,MAAM,aAAa,GAAG,WAAW,GAAG,MAAM,CAAC;AAEjD,MAAM,WAAW,eAAe;IAC9B,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,IAAI,EAAE,aAAa,CAAC;CACrB;AAcD,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAW9F;AAED,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC,CAK5G;AAID;;;GAGG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,OAAO,CAAC,CAIlB;AAID,wBAAgB,oBAAoB,IAAI,IAAI,EAAE,CA4E7C"}
|
|
@@ -0,0 +1,118 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AllowFrom ACL — per-agent, per-channel access control.
|
|
3
|
+
*
|
|
4
|
+
* Stores allowlist config at:
|
|
5
|
+
* ~/.tako/credentials/<channel>-<agentId>-allowFrom.json
|
|
6
|
+
*
|
|
7
|
+
* Modes:
|
|
8
|
+
* - "open": anyone can talk (default — preserves existing behavior)
|
|
9
|
+
* - "allowlist": only listed user IDs are permitted
|
|
10
|
+
*
|
|
11
|
+
* The owner (first user to onboard) is always allowed.
|
|
12
|
+
*/
|
|
13
|
+
import { homedir } from 'node:os';
|
|
14
|
+
import { join } from 'node:path';
|
|
15
|
+
import { mkdir, readFile, writeFile } from 'node:fs/promises';
|
|
16
|
+
import { existsSync } from 'node:fs';
|
|
17
|
+
// ─── Paths ──────────────────────────────────────────────────────────
|
|
18
|
+
function getCredentialsDir() {
|
|
19
|
+
return join(homedir(), '.tako', 'credentials');
|
|
20
|
+
}
|
|
21
|
+
function getAllowFromPath(channel, agentId) {
|
|
22
|
+
return join(getCredentialsDir(), `${channel}-${agentId}-allowFrom.json`);
|
|
23
|
+
}
|
|
24
|
+
// ─── Read / Write ───────────────────────────────────────────────────
|
|
25
|
+
export async function loadAllowFrom(channel, agentId) {
|
|
26
|
+
const filePath = getAllowFromPath(channel, agentId);
|
|
27
|
+
if (!existsSync(filePath)) {
|
|
28
|
+
return { allowedUserIds: [], mode: 'open' };
|
|
29
|
+
}
|
|
30
|
+
try {
|
|
31
|
+
const raw = await readFile(filePath, 'utf-8');
|
|
32
|
+
return JSON.parse(raw);
|
|
33
|
+
}
|
|
34
|
+
catch {
|
|
35
|
+
return { allowedUserIds: [], mode: 'open' };
|
|
36
|
+
}
|
|
37
|
+
}
|
|
38
|
+
export async function saveAllowFrom(channel, agentId, config) {
|
|
39
|
+
const dir = getCredentialsDir();
|
|
40
|
+
await mkdir(dir, { recursive: true });
|
|
41
|
+
const filePath = getAllowFromPath(channel, agentId);
|
|
42
|
+
await writeFile(filePath, JSON.stringify(config, null, 2) + '\n', { mode: 0o600 });
|
|
43
|
+
}
|
|
44
|
+
// ─── Check ──────────────────────────────────────────────────────────
|
|
45
|
+
/**
|
|
46
|
+
* Check if a user is allowed to send messages on this channel/agent.
|
|
47
|
+
* Returns true if allowed, false if blocked.
|
|
48
|
+
*/
|
|
49
|
+
export async function isUserAllowed(channel, agentId, userId) {
|
|
50
|
+
const config = await loadAllowFrom(channel, agentId);
|
|
51
|
+
if (config.mode === 'open')
|
|
52
|
+
return true;
|
|
53
|
+
return config.allowedUserIds.includes(userId);
|
|
54
|
+
}
|
|
55
|
+
// ─── Tools ──────────────────────────────────────────────────────────
|
|
56
|
+
export function createAllowFromTools() {
|
|
57
|
+
const allowFromAdd = {
|
|
58
|
+
name: 'allow_from_add',
|
|
59
|
+
description: 'Add a user ID to the allowlist for the current channel. Requires admin/operator role.',
|
|
60
|
+
parameters: {
|
|
61
|
+
type: 'object',
|
|
62
|
+
properties: {
|
|
63
|
+
userId: { type: 'string', description: 'User ID to allow' },
|
|
64
|
+
channel: { type: 'string', description: 'Channel type (e.g. discord, telegram)' },
|
|
65
|
+
agentId: { type: 'string', description: 'Agent ID (defaults to current agent)' },
|
|
66
|
+
},
|
|
67
|
+
required: ['userId'],
|
|
68
|
+
},
|
|
69
|
+
group: 'agents',
|
|
70
|
+
async execute(params, ctx) {
|
|
71
|
+
const { userId, channel: chan, agentId: aid } = params;
|
|
72
|
+
const channel = chan ?? ctx.channelType ?? 'cli';
|
|
73
|
+
const agentId = aid ?? ctx.agentId ?? 'main';
|
|
74
|
+
const config = await loadAllowFrom(channel, agentId);
|
|
75
|
+
if (!config.allowedUserIds.includes(userId)) {
|
|
76
|
+
config.allowedUserIds.push(userId);
|
|
77
|
+
}
|
|
78
|
+
// Switch to allowlist mode when adding users
|
|
79
|
+
config.mode = 'allowlist';
|
|
80
|
+
await saveAllowFrom(channel, agentId, config);
|
|
81
|
+
return {
|
|
82
|
+
output: `Added user ${userId} to allowlist for ${channel}/${agentId}. Mode: allowlist.`,
|
|
83
|
+
success: true,
|
|
84
|
+
};
|
|
85
|
+
},
|
|
86
|
+
};
|
|
87
|
+
const allowFromRemove = {
|
|
88
|
+
name: 'allow_from_remove',
|
|
89
|
+
description: 'Remove a user ID from the allowlist for the current channel. Requires admin/operator role.',
|
|
90
|
+
parameters: {
|
|
91
|
+
type: 'object',
|
|
92
|
+
properties: {
|
|
93
|
+
userId: { type: 'string', description: 'User ID to remove' },
|
|
94
|
+
channel: { type: 'string', description: 'Channel type (e.g. discord, telegram)' },
|
|
95
|
+
agentId: { type: 'string', description: 'Agent ID (defaults to current agent)' },
|
|
96
|
+
},
|
|
97
|
+
required: ['userId'],
|
|
98
|
+
},
|
|
99
|
+
group: 'agents',
|
|
100
|
+
async execute(params, ctx) {
|
|
101
|
+
const { userId, channel: chan, agentId: aid } = params;
|
|
102
|
+
const channel = chan ?? ctx.channelType ?? 'cli';
|
|
103
|
+
const agentId = aid ?? ctx.agentId ?? 'main';
|
|
104
|
+
const config = await loadAllowFrom(channel, agentId);
|
|
105
|
+
config.allowedUserIds = config.allowedUserIds.filter((id) => id !== userId);
|
|
106
|
+
await saveAllowFrom(channel, agentId, config);
|
|
107
|
+
const modeNote = config.allowedUserIds.length === 0
|
|
108
|
+
? ' (allowlist is now empty — consider switching to "open" mode)'
|
|
109
|
+
: '';
|
|
110
|
+
return {
|
|
111
|
+
output: `Removed user ${userId} from allowlist for ${channel}/${agentId}.${modeNote}`,
|
|
112
|
+
success: true,
|
|
113
|
+
};
|
|
114
|
+
},
|
|
115
|
+
};
|
|
116
|
+
return [allowFromAdd, allowFromRemove];
|
|
117
|
+
}
|
|
118
|
+
//# sourceMappingURL=allow-from.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"allow-from.js","sourceRoot":"","sources":["../../src/auth/allow-from.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAYrC,uEAAuE;AAEvE,SAAS,iBAAiB;IACxB,OAAO,IAAI,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC;AACjD,CAAC;AAED,SAAS,gBAAgB,CAAC,OAAe,EAAE,OAAe;IACxD,OAAO,IAAI,CAAC,iBAAiB,EAAE,EAAE,GAAG,OAAO,IAAI,OAAO,iBAAiB,CAAC,CAAC;AAC3E,CAAC;AAED,uEAAuE;AAEvE,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,OAAe,EAAE,OAAe;IAClE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACpD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,cAAc,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC9C,CAAC;IACD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAoB,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,cAAc,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC9C,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,OAAe,EAAE,OAAe,EAAE,MAAuB;IAC3F,MAAM,GAAG,GAAG,iBAAiB,EAAE,CAAC;IAChC,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,gBAAgB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;AACrF,CAAC;AAED,uEAAuE;AAEvE;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAAe,EACf,OAAe,EACf,MAAc;IAEd,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACrD,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM;QAAE,OAAO,IAAI,CAAC;IACxC,OAAO,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;AAChD,CAAC;AAED,uEAAuE;AAEvE,MAAM,UAAU,oBAAoB;IAClC,MAAM,YAAY,GAAS;QACzB,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,uFAAuF;QACpG,UAAU,EAAE;YACV,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE;gBAC3D,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,uCAAuC,EAAE;gBACjF,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sCAAsC,EAAE;aACjF;YACD,QAAQ,EAAE,CAAC,QAAQ,CAAC;SACrB;QACD,KAAK,EAAE,QAAQ;QACf,KAAK,CAAC,OAAO,CAAC,MAAe,EAAE,GAAgB;YAC7C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,MAI/C,CAAC;YACF,MAAM,OAAO,GAAG,IAAI,IAAI,GAAG,CAAC,WAAW,IAAI,KAAK,CAAC;YACjD,MAAM,OAAO,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,IAAI,MAAM,CAAC;YAE7C,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACrD,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC5C,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACrC,CAAC;YACD,6CAA6C;YAC7C,MAAM,CAAC,IAAI,GAAG,WAAW,CAAC;YAC1B,MAAM,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;YAE9C,OAAO;gBACL,MAAM,EAAE,cAAc,MAAM,qBAAqB,OAAO,IAAI,OAAO,oBAAoB;gBACvF,OAAO,EAAE,IAAI;aACd,CAAC;QACJ,CAAC;KACF,CAAC;IAEF,MAAM,eAAe,GAAS;QAC5B,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,4FAA4F;QACzG,UAAU,EAAE;YACV,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,mBAAmB,EAAE;gBAC5D,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,uCAAuC,EAAE;gBACjF,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sCAAsC,EAAE;aACjF;YACD,QAAQ,EAAE,CAAC,QAAQ,CAAC;SACrB;QACD,KAAK,EAAE,QAAQ;QACf,KAAK,CAAC,OAAO,CAAC,MAAe,EAAE,GAAgB;YAC7C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,MAI/C,CAAC;YACF,MAAM,OAAO,GAAG,IAAI,IAAI,GAAG,CAAC,WAAW,IAAI,KAAK,CAAC;YACjD,MAAM,OAAO,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,IAAI,MAAM,CAAC;YAE7C,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACrD,MAAM,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,KAAK,MAAM,CAAC,CAAC;YAC5E,MAAM,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;YAE9C,MAAM,QAAQ,GAAG,MAAM,CAAC,cAAc,CAAC,MAAM,KAAK,CAAC;gBACjD,CAAC,CAAC,+DAA+D;gBACjE,CAAC,CAAC,EAAE,CAAC;YAEP,OAAO;gBACL,MAAM,EAAE,gBAAgB,MAAM,uBAAuB,OAAO,IAAI,OAAO,IAAI,QAAQ,EAAE;gBACrF,OAAO,EAAE,IAAI;aACd,CAAC;QACJ,CAAC;KACF,CAAC;IAEF,OAAO,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;AACzC,CAAC"}
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* OAuth helper — PKCE flow for provider authentication.
|
|
3
|
+
*
|
|
4
|
+
* Implements the Authorization Code flow with PKCE:
|
|
5
|
+
* 1. Generate code_verifier + code_challenge
|
|
6
|
+
* 2. Build authorization URL
|
|
7
|
+
* 3. Open browser (or print URL for manual visit)
|
|
8
|
+
* 4. Wait for user to paste authorization code
|
|
9
|
+
* 5. Exchange code for access + refresh tokens
|
|
10
|
+
* 6. Store tokens via auth/storage.ts
|
|
11
|
+
* 7. Auto-refresh when expired
|
|
12
|
+
*/
|
|
13
|
+
import { type OAuthCredential } from './storage.js';
|
|
14
|
+
export declare function generateCodeVerifier(): string;
|
|
15
|
+
export declare function generateCodeChallenge(verifier: string): string;
|
|
16
|
+
export interface OAuthProviderConfig {
|
|
17
|
+
provider: string;
|
|
18
|
+
client_id: string;
|
|
19
|
+
auth_url: string;
|
|
20
|
+
token_url: string;
|
|
21
|
+
redirect_uri: string;
|
|
22
|
+
scopes: string[];
|
|
23
|
+
}
|
|
24
|
+
/** Known OAuth configurations for providers. */
|
|
25
|
+
export declare const OAUTH_PROVIDERS: Record<string, OAuthProviderConfig>;
|
|
26
|
+
export interface AuthUrlParams {
|
|
27
|
+
config: OAuthProviderConfig;
|
|
28
|
+
code_verifier: string;
|
|
29
|
+
state?: string;
|
|
30
|
+
}
|
|
31
|
+
export declare function buildAuthUrl(params: AuthUrlParams): string;
|
|
32
|
+
export interface TokenResponse {
|
|
33
|
+
access_token: string;
|
|
34
|
+
refresh_token?: string;
|
|
35
|
+
token_type: string;
|
|
36
|
+
expires_in?: number;
|
|
37
|
+
scope?: string;
|
|
38
|
+
}
|
|
39
|
+
export declare function exchangeCode(config: OAuthProviderConfig, code: string, code_verifier: string): Promise<TokenResponse>;
|
|
40
|
+
export declare function refreshToken(config: OAuthProviderConfig, refresh_token: string): Promise<TokenResponse>;
|
|
41
|
+
export declare function storeOAuthTokens(provider: string, tokenResponse: TokenResponse, clientId?: string): Promise<OAuthCredential>;
|
|
42
|
+
/**
|
|
43
|
+
* Get a valid OAuth access token, refreshing if expired.
|
|
44
|
+
* Returns null if no OAuth credential exists or refresh fails.
|
|
45
|
+
*/
|
|
46
|
+
export declare function getValidOAuthToken(provider: string): Promise<string | null>;
|
|
47
|
+
/**
|
|
48
|
+
* Open a URL in the user's default browser.
|
|
49
|
+
* Falls back to printing the URL if opening fails.
|
|
50
|
+
*/
|
|
51
|
+
export declare function openBrowser(url: string): Promise<boolean>;
|
|
52
|
+
export interface OAuthFlowResult {
|
|
53
|
+
credential: OAuthCredential;
|
|
54
|
+
provider: string;
|
|
55
|
+
}
|
|
56
|
+
/**
|
|
57
|
+
* Run the full interactive OAuth flow.
|
|
58
|
+
* This is used by the onboarding wizard and `tako models auth` commands.
|
|
59
|
+
* The caller provides UI functions for prompting the user.
|
|
60
|
+
*/
|
|
61
|
+
export declare function runOAuthFlow(providerKey: string, ui: {
|
|
62
|
+
log: (msg: string) => void;
|
|
63
|
+
prompt: (message: string) => Promise<string | null>;
|
|
64
|
+
}): Promise<OAuthFlowResult | null>;
|
|
65
|
+
export declare function validateAnthropicSetupToken(token: string): string | undefined;
|
|
66
|
+
//# sourceMappingURL=oauth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../../src/auth/oauth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,OAAO,EAIL,KAAK,eAAe,EACrB,MAAM,cAAc,CAAC;AAItB,wBAAgB,oBAAoB,IAAI,MAAM,CAE7C;AAED,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAE9D;AAID,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED,gDAAgD;AAChD,eAAO,MAAM,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,mBAAmB,CAS/D,CAAC;AAIF,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,mBAAmB,CAAC;IAC5B,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,wBAAgB,YAAY,CAAC,MAAM,EAAE,aAAa,GAAG,MAAM,CAc1D;AAID,MAAM,WAAW,aAAa;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,wBAAsB,YAAY,CAChC,MAAM,EAAE,mBAAmB,EAC3B,IAAI,EAAE,MAAM,EACZ,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,aAAa,CAAC,CAmBxB;AAID,wBAAsB,YAAY,CAChC,MAAM,EAAE,mBAAmB,EAC3B,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,aAAa,CAAC,CAiBxB;AAID,wBAAsB,gBAAgB,CACpC,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,aAAa,EAC5B,QAAQ,CAAC,EAAE,MAAM,GAChB,OAAO,CAAC,eAAe,CAAC,CAiB1B;AAID;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAsBjF;AAID;;;GAGG;AACH,wBAAsB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAS/D;AA0DD,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,eAAe,CAAC;IAC5B,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAChC,WAAW,EAAE,MAAM,EACnB,EAAE,EAAE;IACF,GAAG,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC3B,MAAM,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;CACrD,GACA,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC,CAuDjC;AAOD,wBAAgB,2BAA2B,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAU7E"}
|
|
@@ -0,0 +1,253 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* OAuth helper — PKCE flow for provider authentication.
|
|
3
|
+
*
|
|
4
|
+
* Implements the Authorization Code flow with PKCE:
|
|
5
|
+
* 1. Generate code_verifier + code_challenge
|
|
6
|
+
* 2. Build authorization URL
|
|
7
|
+
* 3. Open browser (or print URL for manual visit)
|
|
8
|
+
* 4. Wait for user to paste authorization code
|
|
9
|
+
* 5. Exchange code for access + refresh tokens
|
|
10
|
+
* 6. Store tokens via auth/storage.ts
|
|
11
|
+
* 7. Auto-refresh when expired
|
|
12
|
+
*/
|
|
13
|
+
import { randomBytes, createHash } from 'node:crypto';
|
|
14
|
+
import { createServer } from 'node:http';
|
|
15
|
+
import { writeAuthCredential, readAuthCredential, isTokenExpired, } from './storage.js';
|
|
16
|
+
// ─── PKCE ───────────────────────────────────────────────────────────
|
|
17
|
+
export function generateCodeVerifier() {
|
|
18
|
+
return randomBytes(32).toString('base64url');
|
|
19
|
+
}
|
|
20
|
+
export function generateCodeChallenge(verifier) {
|
|
21
|
+
return createHash('sha256').update(verifier).digest('base64url');
|
|
22
|
+
}
|
|
23
|
+
/** Known OAuth configurations for providers. */
|
|
24
|
+
export const OAUTH_PROVIDERS = {
|
|
25
|
+
'openai-codex': {
|
|
26
|
+
provider: 'openai-codex',
|
|
27
|
+
client_id: 'app_EMoamEEZ73f0CkXaXp7hrann',
|
|
28
|
+
auth_url: 'https://auth.openai.com/oauth/authorize',
|
|
29
|
+
token_url: 'https://auth.openai.com/oauth/token',
|
|
30
|
+
redirect_uri: 'http://localhost:1455/auth/callback',
|
|
31
|
+
scopes: ['openid', 'profile', 'email', 'offline_access'],
|
|
32
|
+
},
|
|
33
|
+
};
|
|
34
|
+
export function buildAuthUrl(params) {
|
|
35
|
+
const { config, code_verifier, state } = params;
|
|
36
|
+
const code_challenge = generateCodeChallenge(code_verifier);
|
|
37
|
+
const url = new URL(config.auth_url);
|
|
38
|
+
url.searchParams.set('client_id', config.client_id);
|
|
39
|
+
url.searchParams.set('redirect_uri', config.redirect_uri);
|
|
40
|
+
url.searchParams.set('response_type', 'code');
|
|
41
|
+
url.searchParams.set('scope', config.scopes.join(' '));
|
|
42
|
+
url.searchParams.set('code_challenge', code_challenge);
|
|
43
|
+
url.searchParams.set('code_challenge_method', 'S256');
|
|
44
|
+
if (state)
|
|
45
|
+
url.searchParams.set('state', state);
|
|
46
|
+
return url.toString();
|
|
47
|
+
}
|
|
48
|
+
export async function exchangeCode(config, code, code_verifier) {
|
|
49
|
+
const res = await fetch(config.token_url, {
|
|
50
|
+
method: 'POST',
|
|
51
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
52
|
+
body: new URLSearchParams({
|
|
53
|
+
grant_type: 'authorization_code',
|
|
54
|
+
code,
|
|
55
|
+
redirect_uri: config.redirect_uri,
|
|
56
|
+
client_id: config.client_id,
|
|
57
|
+
code_verifier,
|
|
58
|
+
}),
|
|
59
|
+
});
|
|
60
|
+
if (!res.ok) {
|
|
61
|
+
const body = await res.text();
|
|
62
|
+
throw new Error(`Token exchange failed (${res.status}): ${body}`);
|
|
63
|
+
}
|
|
64
|
+
return res.json();
|
|
65
|
+
}
|
|
66
|
+
// ─── Token refresh ──────────────────────────────────────────────────
|
|
67
|
+
export async function refreshToken(config, refresh_token) {
|
|
68
|
+
const res = await fetch(config.token_url, {
|
|
69
|
+
method: 'POST',
|
|
70
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
71
|
+
body: new URLSearchParams({
|
|
72
|
+
grant_type: 'refresh_token',
|
|
73
|
+
refresh_token,
|
|
74
|
+
client_id: config.client_id,
|
|
75
|
+
}),
|
|
76
|
+
});
|
|
77
|
+
if (!res.ok) {
|
|
78
|
+
const body = await res.text();
|
|
79
|
+
throw new Error(`Token refresh failed (${res.status}): ${body}`);
|
|
80
|
+
}
|
|
81
|
+
return res.json();
|
|
82
|
+
}
|
|
83
|
+
// ─── Store OAuth tokens ─────────────────────────────────────────────
|
|
84
|
+
export async function storeOAuthTokens(provider, tokenResponse, clientId) {
|
|
85
|
+
const credential = {
|
|
86
|
+
provider,
|
|
87
|
+
auth_method: 'oauth',
|
|
88
|
+
access_token: tokenResponse.access_token,
|
|
89
|
+
refresh_token: tokenResponse.refresh_token,
|
|
90
|
+
expires_at: tokenResponse.expires_in
|
|
91
|
+
? Math.floor(Date.now() / 1000) + tokenResponse.expires_in
|
|
92
|
+
: undefined,
|
|
93
|
+
token_type: tokenResponse.token_type,
|
|
94
|
+
scope: tokenResponse.scope,
|
|
95
|
+
client_id: clientId,
|
|
96
|
+
created_at: Date.now(),
|
|
97
|
+
};
|
|
98
|
+
await writeAuthCredential(credential);
|
|
99
|
+
return credential;
|
|
100
|
+
}
|
|
101
|
+
// ─── Auto-refresh ───────────────────────────────────────────────────
|
|
102
|
+
/**
|
|
103
|
+
* Get a valid OAuth access token, refreshing if expired.
|
|
104
|
+
* Returns null if no OAuth credential exists or refresh fails.
|
|
105
|
+
*/
|
|
106
|
+
export async function getValidOAuthToken(provider) {
|
|
107
|
+
const cred = await readAuthCredential(provider);
|
|
108
|
+
if (!cred || cred.auth_method !== 'oauth')
|
|
109
|
+
return null;
|
|
110
|
+
if (!isTokenExpired(cred)) {
|
|
111
|
+
return cred.access_token;
|
|
112
|
+
}
|
|
113
|
+
// Try to refresh
|
|
114
|
+
if (!cred.refresh_token)
|
|
115
|
+
return null;
|
|
116
|
+
const config = OAUTH_PROVIDERS[provider];
|
|
117
|
+
if (!config)
|
|
118
|
+
return null;
|
|
119
|
+
try {
|
|
120
|
+
const tokenResponse = await refreshToken(config, cred.refresh_token);
|
|
121
|
+
const updated = await storeOAuthTokens(provider, tokenResponse, cred.client_id);
|
|
122
|
+
return updated.access_token;
|
|
123
|
+
}
|
|
124
|
+
catch (err) {
|
|
125
|
+
console.warn(`[oauth] Failed to refresh token for ${provider}:`, err.message);
|
|
126
|
+
return null;
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
// ─── Browser opener ─────────────────────────────────────────────────
|
|
130
|
+
/**
|
|
131
|
+
* Open a URL in the user's default browser.
|
|
132
|
+
* Falls back to printing the URL if opening fails.
|
|
133
|
+
*/
|
|
134
|
+
export async function openBrowser(url) {
|
|
135
|
+
try {
|
|
136
|
+
const { default: open } = await import('open');
|
|
137
|
+
await open(url);
|
|
138
|
+
return true;
|
|
139
|
+
}
|
|
140
|
+
catch {
|
|
141
|
+
// open package not available or failed — that's fine
|
|
142
|
+
return false;
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
// ─── Local OAuth callback server ────────────────────────────────────
|
|
146
|
+
async function startLocalOAuthServer(expectedState) {
|
|
147
|
+
return new Promise((resolveServer) => {
|
|
148
|
+
let resolveCode;
|
|
149
|
+
const codePromise = new Promise((resolve) => {
|
|
150
|
+
resolveCode = resolve;
|
|
151
|
+
});
|
|
152
|
+
const server = createServer((req, res) => {
|
|
153
|
+
const url = new URL(req.url, `http://localhost:1455`);
|
|
154
|
+
if (url.pathname === '/auth/callback') {
|
|
155
|
+
const code = url.searchParams.get('code');
|
|
156
|
+
const state = url.searchParams.get('state');
|
|
157
|
+
if (state && state !== expectedState) {
|
|
158
|
+
res.writeHead(400, { 'Content-Type': 'text/plain' });
|
|
159
|
+
res.end('State mismatch');
|
|
160
|
+
return;
|
|
161
|
+
}
|
|
162
|
+
res.writeHead(200, { 'Content-Type': 'text/html' });
|
|
163
|
+
res.end('<html><head><title>Authentication successful</title></head>' +
|
|
164
|
+
'<body><h2>\uD83D\uDC19 Tako — Authentication successful!</h2>' +
|
|
165
|
+
'<p>Return to your terminal to continue.</p></body></html>');
|
|
166
|
+
if (code) {
|
|
167
|
+
resolveCode({ code });
|
|
168
|
+
}
|
|
169
|
+
}
|
|
170
|
+
});
|
|
171
|
+
server.listen(1455, '127.0.0.1', () => {
|
|
172
|
+
resolveServer({
|
|
173
|
+
waitForCode: () => codePromise,
|
|
174
|
+
cancelWait: () => resolveCode(null),
|
|
175
|
+
close: () => server.close(),
|
|
176
|
+
});
|
|
177
|
+
});
|
|
178
|
+
// Timeout after 120 seconds
|
|
179
|
+
setTimeout(() => {
|
|
180
|
+
resolveCode(null);
|
|
181
|
+
server.close();
|
|
182
|
+
}, 120_000);
|
|
183
|
+
});
|
|
184
|
+
}
|
|
185
|
+
/**
|
|
186
|
+
* Run the full interactive OAuth flow.
|
|
187
|
+
* This is used by the onboarding wizard and `tako models auth` commands.
|
|
188
|
+
* The caller provides UI functions for prompting the user.
|
|
189
|
+
*/
|
|
190
|
+
export async function runOAuthFlow(providerKey, ui) {
|
|
191
|
+
const config = OAUTH_PROVIDERS[providerKey];
|
|
192
|
+
if (!config) {
|
|
193
|
+
ui.log(`Unknown OAuth provider: ${providerKey}`);
|
|
194
|
+
return null;
|
|
195
|
+
}
|
|
196
|
+
// Generate PKCE + state
|
|
197
|
+
const code_verifier = generateCodeVerifier();
|
|
198
|
+
const state = randomBytes(16).toString('hex');
|
|
199
|
+
const authUrl = buildAuthUrl({ config, code_verifier, state });
|
|
200
|
+
// Start local callback server
|
|
201
|
+
const server = await startLocalOAuthServer(state);
|
|
202
|
+
// Open browser
|
|
203
|
+
ui.log('Opening browser for authentication...');
|
|
204
|
+
const opened = await openBrowser(authUrl);
|
|
205
|
+
if (!opened) {
|
|
206
|
+
ui.log('Could not open browser. Visit this URL manually:');
|
|
207
|
+
}
|
|
208
|
+
ui.log(authUrl);
|
|
209
|
+
// Race: wait for callback OR manual paste as fallback
|
|
210
|
+
let code = null;
|
|
211
|
+
const callbackResult = await Promise.race([
|
|
212
|
+
server.waitForCode(),
|
|
213
|
+
ui.prompt('Waiting for browser callback... Or paste the redirect URL/code:').then((input) => {
|
|
214
|
+
if (!input)
|
|
215
|
+
return null;
|
|
216
|
+
try {
|
|
217
|
+
const url = new URL(input.trim());
|
|
218
|
+
return { code: url.searchParams.get('code') || input.trim() };
|
|
219
|
+
}
|
|
220
|
+
catch {
|
|
221
|
+
return { code: input.trim() };
|
|
222
|
+
}
|
|
223
|
+
}),
|
|
224
|
+
]);
|
|
225
|
+
server.close();
|
|
226
|
+
if (callbackResult?.code) {
|
|
227
|
+
code = callbackResult.code;
|
|
228
|
+
}
|
|
229
|
+
if (!code) {
|
|
230
|
+
ui.log('No authorization code received.');
|
|
231
|
+
return null;
|
|
232
|
+
}
|
|
233
|
+
// Exchange code for tokens
|
|
234
|
+
const tokenResponse = await exchangeCode(config, code, code_verifier);
|
|
235
|
+
const credential = await storeOAuthTokens(providerKey, tokenResponse, config.client_id);
|
|
236
|
+
return { credential, provider: providerKey };
|
|
237
|
+
}
|
|
238
|
+
// ─── Anthropic setup-token helpers ──────────────────────────────────
|
|
239
|
+
const ANTHROPIC_SETUP_TOKEN_PREFIX = 'sk-ant-oat01-';
|
|
240
|
+
const ANTHROPIC_SETUP_TOKEN_MIN_LENGTH = 80;
|
|
241
|
+
export function validateAnthropicSetupToken(token) {
|
|
242
|
+
const trimmed = token.trim();
|
|
243
|
+
if (!trimmed)
|
|
244
|
+
return 'Required';
|
|
245
|
+
if (!trimmed.startsWith(ANTHROPIC_SETUP_TOKEN_PREFIX)) {
|
|
246
|
+
return `Expected token starting with ${ANTHROPIC_SETUP_TOKEN_PREFIX}`;
|
|
247
|
+
}
|
|
248
|
+
if (trimmed.length < ANTHROPIC_SETUP_TOKEN_MIN_LENGTH) {
|
|
249
|
+
return 'Token looks too short; paste the full setup-token';
|
|
250
|
+
}
|
|
251
|
+
return undefined;
|
|
252
|
+
}
|
|
253
|
+
//# sourceMappingURL=oauth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../src/auth/oauth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EACL,mBAAmB,EACnB,kBAAkB,EAClB,cAAc,GAEf,MAAM,cAAc,CAAC;AAEtB,uEAAuE;AAEvE,MAAM,UAAU,oBAAoB;IAClC,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAC/C,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,QAAgB;IACpD,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;AACnE,CAAC;AAaD,gDAAgD;AAChD,MAAM,CAAC,MAAM,eAAe,GAAwC;IAClE,cAAc,EAAE;QACd,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,8BAA8B;QACzC,QAAQ,EAAE,yCAAyC;QACnD,SAAS,EAAE,qCAAqC;QAChD,YAAY,EAAE,qCAAqC;QACnD,MAAM,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,gBAAgB,CAAC;KACzD;CACF,CAAC;AAUF,MAAM,UAAU,YAAY,CAAC,MAAqB;IAChD,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,KAAK,EAAE,GAAG,MAAM,CAAC;IAChD,MAAM,cAAc,GAAG,qBAAqB,CAAC,aAAa,CAAC,CAAC;IAE5D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACrC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;IACpD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IAC1D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAC9C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACvD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,EAAE,cAAc,CAAC,CAAC;IACvD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IACtD,IAAI,KAAK;QAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAEhD,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC;AAYD,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,MAA2B,EAC3B,IAAY,EACZ,aAAqB;IAErB,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE;QACxC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,UAAU,EAAE,oBAAoB;YAChC,IAAI;YACJ,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,aAAa;SACd,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IACpE,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,EAA4B,CAAC;AAC9C,CAAC;AAED,uEAAuE;AAEvE,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,MAA2B,EAC3B,aAAqB;IAErB,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE;QACxC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,UAAU,EAAE,eAAe;YAC3B,aAAa;YACb,SAAS,EAAE,MAAM,CAAC,SAAS;SAC5B,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IACnE,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,EAA4B,CAAC;AAC9C,CAAC;AAED,uEAAuE;AAEvE,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,QAAgB,EAChB,aAA4B,EAC5B,QAAiB;IAEjB,MAAM,UAAU,GAAoB;QAClC,QAAQ;QACR,WAAW,EAAE,OAAO;QACpB,YAAY,EAAE,aAAa,CAAC,YAAY;QACxC,aAAa,EAAE,aAAa,CAAC,aAAa;QAC1C,UAAU,EAAE,aAAa,CAAC,UAAU;YAClC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,aAAa,CAAC,UAAU;YAC1D,CAAC,CAAC,SAAS;QACb,UAAU,EAAE,aAAa,CAAC,UAAU;QACpC,KAAK,EAAE,aAAa,CAAC,KAAK;QAC1B,SAAS,EAAE,QAAQ;QACnB,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE;KACvB,CAAC;IAEF,MAAM,mBAAmB,CAAC,UAAU,CAAC,CAAC;IACtC,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,uEAAuE;AAEvE;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,QAAgB;IACvD,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,KAAK,OAAO;QAAE,OAAO,IAAI,CAAC;IAEvD,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED,iBAAiB;IACjB,IAAI,CAAC,IAAI,CAAC,aAAa;QAAE,OAAO,IAAI,CAAC;IAErC,MAAM,MAAM,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;IACzC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,IAAI,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QACrE,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,QAAQ,EAAE,aAAa,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QAChF,OAAO,OAAO,CAAC,YAAY,CAAC;IAC9B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,uCAAuC,QAAQ,GAAG,EAAG,GAAa,CAAC,OAAO,CAAC,CAAC;QACzF,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,uEAAuE;AAEvE;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,GAAW;IAC3C,IAAI,CAAC;QACH,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC;QAC/C,MAAM,IAAI,CAAC,GAAG,CAAC,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,qDAAqD;QACrD,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,uEAAuE;AAEvE,KAAK,UAAU,qBAAqB,CAAC,aAAqB;IAKxD,OAAO,IAAI,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;QACnC,IAAI,WAAsD,CAAC;QAC3D,MAAM,WAAW,GAAG,IAAI,OAAO,CAA0B,CAAC,OAAO,EAAE,EAAE;YACnE,WAAW,GAAG,OAAO,CAAC;QACxB,CAAC,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;YACvC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAI,EAAE,uBAAuB,CAAC,CAAC;YACvD,IAAI,GAAG,CAAC,QAAQ,KAAK,gBAAgB,EAAE,CAAC;gBACtC,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;gBAE5C,IAAI,KAAK,IAAI,KAAK,KAAK,aAAa,EAAE,CAAC;oBACrC,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC;oBACrD,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;oBAC1B,OAAO;gBACT,CAAC;gBAED,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;gBACpD,GAAG,CAAC,GAAG,CACL,6DAA6D;oBAC7D,+DAA+D;oBAC/D,2DAA2D,CAC5D,CAAC;gBAEF,IAAI,IAAI,EAAE,CAAC;oBACT,WAAY,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;gBACzB,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE;YACpC,aAAa,CAAC;gBACZ,WAAW,EAAE,GAAG,EAAE,CAAC,WAAW;gBAC9B,UAAU,EAAE,GAAG,EAAE,CAAC,WAAY,CAAC,IAAI,CAAC;gBACpC,KAAK,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,EAAE;aAC5B,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,4BAA4B;QAC5B,UAAU,CAAC,GAAG,EAAE;YACd,WAAY,CAAC,IAAI,CAAC,CAAC;YACnB,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,CAAC,EAAE,OAAO,CAAC,CAAC;IACd,CAAC,CAAC,CAAC;AACL,CAAC;AASD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,WAAmB,EACnB,EAGC;IAED,MAAM,MAAM,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;IAC5C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,EAAE,CAAC,GAAG,CAAC,2BAA2B,WAAW,EAAE,CAAC,CAAC;QACjD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,wBAAwB;IACxB,MAAM,aAAa,GAAG,oBAAoB,EAAE,CAAC;IAC7C,MAAM,KAAK,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC9C,MAAM,OAAO,GAAG,YAAY,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC,CAAC;IAE/D,8BAA8B;IAC9B,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,KAAK,CAAC,CAAC;IAElD,eAAe;IACf,EAAE,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;IAC1C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,EAAE,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;IAC7D,CAAC;IACD,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAEhB,sDAAsD;IACtD,IAAI,IAAI,GAAkB,IAAI,CAAC;IAE/B,MAAM,cAAc,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC;QACxC,MAAM,CAAC,WAAW,EAAE;QACpB,EAAE,CAAC,MAAM,CAAC,iEAAiE,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;YAC1F,IAAI,CAAC,KAAK;gBAAE,OAAO,IAAI,CAAC;YACxB,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;gBAClC,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;YAChE,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;YAChC,CAAC;QACH,CAAC,CAAC;KACH,CAAC,CAAC;IAEH,MAAM,CAAC,KAAK,EAAE,CAAC;IAEf,IAAI,cAAc,EAAE,IAAI,EAAE,CAAC;QACzB,IAAI,GAAG,cAAc,CAAC,IAAI,CAAC;IAC7B,CAAC;IAED,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,EAAE,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC;QAC1C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,2BAA2B;IAC3B,MAAM,aAAa,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE,IAAI,EAAE,aAAa,CAAC,CAAC;IACtE,MAAM,UAAU,GAAG,MAAM,gBAAgB,CAAC,WAAW,EAAE,aAAa,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;IAExF,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;AAC/C,CAAC;AAED,uEAAuE;AAEvE,MAAM,4BAA4B,GAAG,eAAe,CAAC;AACrD,MAAM,gCAAgC,GAAG,EAAE,CAAC;AAE5C,MAAM,UAAU,2BAA2B,CAAC,KAAa;IACvD,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC7B,IAAI,CAAC,OAAO;QAAE,OAAO,UAAU,CAAC;IAChC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,4BAA4B,CAAC,EAAE,CAAC;QACtD,OAAO,gCAAgC,4BAA4B,EAAE,CAAC;IACxE,CAAC;IACD,IAAI,OAAO,CAAC,MAAM,GAAG,gCAAgC,EAAE,CAAC;QACtD,OAAO,mDAAmD,CAAC;IAC7D,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}
|