@skaile/workspaces 0.10.0 → 0.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +57 -0
- package/README.md +2 -2
- package/dist/asset-manager/index.js +2 -2
- package/dist/asset-manager/scaffold.js +1 -1
- package/dist/base-assets/connectors/deploy.js +1 -1
- package/dist/base-assets/connectors/devserver.js +1 -1
- package/dist/base-assets/connectors/flow/adapter.js +1 -1
- package/dist/base-assets/connectors/flow/run-flow.js +2 -2
- package/dist/base-assets/connectors/flow.js +1 -1
- package/dist/base-assets/connectors/git.js +1 -1
- package/dist/base-assets/connectors/gmail.js +1 -1
- package/dist/base-assets/connectors/local.js +1 -1
- package/dist/base-assets/connectors/mattermost.js +1 -1
- package/dist/base-assets/connectors/memory.js +1 -1
- package/dist/base-assets/connectors/minio.js +1 -1
- package/dist/base-assets/connectors/postgres.js +1 -1
- package/dist/base-assets/connectors/redis.js +1 -1
- package/dist/base-assets/connectors/s3.js +1 -1
- package/dist/base-assets/connectors/sharepoint.js +1 -1
- package/dist/base-assets/connectors/sqlite.js +1 -1
- package/dist/base-assets/connectors/static-server.js +1 -1
- package/dist/base-assets/connectors/tunnel.js +1 -1
- package/dist/base-assets/connectors/webdav.js +1 -1
- package/dist/base-assets/connectors/xstate-store.js +1 -1
- package/dist/base-assets/connectors/xstate.js +1 -1
- package/dist/base-assets/connectors/yjs.js +1 -1
- package/dist/bridge/drivers/claude-sdk.js +42 -1
- package/dist/bridge/drivers/claude-sdk.js.map +1 -1
- package/dist/bridge/drivers/codex.js +1 -1
- package/dist/bridge/drivers/echo.js +1 -1
- package/dist/bridge/drivers/omp.js +1 -1
- package/dist/bridge/index.js +2 -2
- package/dist/bridge/src/drivers/claude-sdk.d.ts +22 -0
- package/dist/bridge/src/drivers/claude-sdk.d.ts.map +1 -1
- package/dist/{chunk-YWQ3NGCS.js → chunk-BTKNSMLK.js} +2 -2
- package/dist/{chunk-YWQ3NGCS.js.map → chunk-BTKNSMLK.js.map} +1 -1
- package/dist/{chunk-I3S4BAAR.js → chunk-FEBLE7QX.js} +2 -2
- package/dist/{chunk-I3S4BAAR.js.map → chunk-FEBLE7QX.js.map} +1 -1
- package/dist/{chunk-BYZI6FMB.js → chunk-L6PKR6YY.js} +199 -85
- package/dist/chunk-L6PKR6YY.js.map +1 -0
- package/dist/{chunk-XIVOEUAF.js → chunk-OQIBHB4F.js} +2 -2
- package/dist/{chunk-XIVOEUAF.js.map → chunk-OQIBHB4F.js.map} +1 -1
- package/dist/{chunk-EPGHAOEU.js → chunk-UHSC75L7.js} +19 -3
- package/dist/chunk-UHSC75L7.js.map +1 -0
- package/dist/{chunk-OSJH4SPO.js → chunk-VMU2WEN7.js} +3 -3
- package/dist/{chunk-OSJH4SPO.js.map → chunk-VMU2WEN7.js.map} +1 -1
- package/dist/{chunk-S7RACIZI.js → chunk-YOFKTALB.js} +2 -2
- package/dist/{chunk-S7RACIZI.js.map → chunk-YOFKTALB.js.map} +1 -1
- package/dist/{chunk-NPNRWHCU.js → chunk-ZLLUIIZR.js} +3 -3
- package/dist/{chunk-NPNRWHCU.js.map → chunk-ZLLUIIZR.js.map} +1 -1
- package/dist/cli/index.js +9 -9
- package/dist/connectors/index.js +1 -1
- package/dist/connectors/src/connector-manager.d.ts +7 -0
- package/dist/connectors/src/connector-manager.d.ts.map +1 -1
- package/dist/runner/index.js +5 -5
- package/dist/runner/src/ai-credential-refresh.d.ts +74 -0
- package/dist/runner/src/ai-credential-refresh.d.ts.map +1 -0
- package/dist/runner/src/serve-credentials.d.ts +21 -0
- package/dist/runner/src/serve-credentials.d.ts.map +1 -1
- package/dist/runner/src/serve.d.ts +2 -2
- package/dist/runner/src/serve.d.ts.map +1 -1
- package/dist/sdk/asset-manager.js +2 -2
- package/dist/sdk/bridge.js +2 -2
- package/dist/sdk/index.js +5 -5
- package/dist/sdk/runner.js +5 -5
- package/dist/{setup-QIEPIYH2.js → setup-QAOUBECX.js} +4 -4
- package/dist/{setup-QIEPIYH2.js.map → setup-QAOUBECX.js.map} +1 -1
- package/dist/tui/index.js +5 -5
- package/dist/workspace-plugin/index.js +1 -1
- package/package.json +1 -1
- package/dist/chunk-BYZI6FMB.js.map +0 -1
- package/dist/chunk-EPGHAOEU.js.map +0 -1
|
@@ -1,12 +1,12 @@
|
|
|
1
|
-
import { WorkspacePlugin } from './chunk-
|
|
1
|
+
import { WorkspacePlugin } from './chunk-BTKNSMLK.js';
|
|
2
2
|
import { WebSocketServerTransport } from './chunk-PBWMV5GM.js';
|
|
3
3
|
import { assembleSystemPrompt, buildCapabilitiesPromptSection } from './chunk-W3UDISS2.js';
|
|
4
4
|
import { PROTOCOL_VERSION } from './chunk-TDSRLMDB.js';
|
|
5
|
-
import { EventNormalizer } from './chunk-
|
|
5
|
+
import { EventNormalizer } from './chunk-VMU2WEN7.js';
|
|
6
6
|
import { classifyClaudeSdkError } from './chunk-EWP5HZBV.js';
|
|
7
|
-
import { createDriver } from './chunk-
|
|
7
|
+
import { createDriver } from './chunk-YOFKTALB.js';
|
|
8
8
|
import { deployCatalogEntry, undeployCatalogEntry } from './chunk-LV2HPH3C.js';
|
|
9
|
-
import { registerBuiltinConnectors, findMissingPackages, installNpmPackages, ConnectorManager, ConnectorStartupError, buildConnectorPromptSection, buildSdkConnectorTools } from './chunk-
|
|
9
|
+
import { registerBuiltinConnectors, findMissingPackages, installNpmPackages, ConnectorManager, ConnectorStartupError, buildConnectorPromptSection, buildSdkConnectorTools } from './chunk-UHSC75L7.js';
|
|
10
10
|
import { loadConnectorDeclarations, PreMintedSecretProvider, InMemorySecretProvider } from './chunk-W75ASXH4.js';
|
|
11
11
|
import { renderStimulusPrompt, buildOrchestratorPrompt } from './chunk-GZWJGNNN.js';
|
|
12
12
|
import { resolveSettings, resolveApiKey, providerEnvKey } from './chunk-4RUVG5GX.js';
|
|
@@ -1488,47 +1488,74 @@ function handleMountResourceRequest(command, manager, emit) {
|
|
|
1488
1488
|
}
|
|
1489
1489
|
}
|
|
1490
1490
|
|
|
1491
|
-
// runner/src/
|
|
1492
|
-
|
|
1493
|
-
|
|
1494
|
-
|
|
1495
|
-
|
|
1496
|
-
|
|
1497
|
-
|
|
1498
|
-
|
|
1499
|
-
|
|
1500
|
-
|
|
1501
|
-
|
|
1491
|
+
// runner/src/ai-credential-refresh.ts
|
|
1492
|
+
var PROACTIVE_AI_REFRESH_MARGIN_MS = 5 * 60 * 1e3;
|
|
1493
|
+
function createAiCredentialRefreshScheduler(deps) {
|
|
1494
|
+
const now = deps.now ?? (() => Date.now());
|
|
1495
|
+
const setTimeoutImpl = deps.setTimeoutImpl ?? ((handler, ms) => {
|
|
1496
|
+
const handle = setTimeout(handler, ms);
|
|
1497
|
+
return handle;
|
|
1498
|
+
});
|
|
1499
|
+
const clearTimeoutImpl = deps.clearTimeoutImpl ?? ((handle) => {
|
|
1500
|
+
clearTimeout(handle);
|
|
1501
|
+
});
|
|
1502
|
+
const marginMs = deps.marginMs ?? PROACTIVE_AI_REFRESH_MARGIN_MS;
|
|
1503
|
+
let timer = null;
|
|
1504
|
+
function cancel() {
|
|
1505
|
+
if (timer !== null) {
|
|
1506
|
+
clearTimeoutImpl(timer);
|
|
1507
|
+
timer = null;
|
|
1508
|
+
}
|
|
1502
1509
|
}
|
|
1503
|
-
|
|
1504
|
-
|
|
1505
|
-
|
|
1506
|
-
|
|
1507
|
-
|
|
1508
|
-
|
|
1510
|
+
async function fire() {
|
|
1511
|
+
timer = null;
|
|
1512
|
+
let next;
|
|
1513
|
+
try {
|
|
1514
|
+
next = await deps.refresh();
|
|
1515
|
+
} catch (err) {
|
|
1516
|
+
deps.log(
|
|
1517
|
+
`[ai-credential-refresh] refresh threw: ${err instanceof Error ? err.message : String(err)}; reactive 401 path remains as safety net`
|
|
1518
|
+
);
|
|
1519
|
+
return;
|
|
1520
|
+
}
|
|
1521
|
+
if (next === void 0) {
|
|
1522
|
+
deps.log(
|
|
1523
|
+
"[ai-credential-refresh] refresh returned no expiry; reactive 401 path remains as safety net"
|
|
1524
|
+
);
|
|
1525
|
+
return;
|
|
1526
|
+
}
|
|
1527
|
+
schedule(next);
|
|
1509
1528
|
}
|
|
1510
|
-
|
|
1511
|
-
|
|
1512
|
-
|
|
1513
|
-
|
|
1514
|
-
|
|
1515
|
-
|
|
1516
|
-
|
|
1517
|
-
|
|
1518
|
-
|
|
1519
|
-
|
|
1520
|
-
|
|
1521
|
-
|
|
1522
|
-
|
|
1523
|
-
|
|
1524
|
-
}
|
|
1525
|
-
|
|
1526
|
-
|
|
1527
|
-
|
|
1528
|
-
|
|
1529
|
-
|
|
1530
|
-
|
|
1531
|
-
|
|
1529
|
+
function schedule(expiresAtIso) {
|
|
1530
|
+
cancel();
|
|
1531
|
+
if (!expiresAtIso) {
|
|
1532
|
+
return;
|
|
1533
|
+
}
|
|
1534
|
+
const expiresAtMs = Date.parse(expiresAtIso);
|
|
1535
|
+
if (!Number.isFinite(expiresAtMs)) return;
|
|
1536
|
+
const delayMs = expiresAtMs - now() - marginMs;
|
|
1537
|
+
if (delayMs <= 0) {
|
|
1538
|
+
deps.log(
|
|
1539
|
+
`[ai-credential-refresh] token within ${marginMs / 1e3}s of expiry; refreshing now`
|
|
1540
|
+
);
|
|
1541
|
+
timer = setTimeoutImpl(() => {
|
|
1542
|
+
void fire();
|
|
1543
|
+
}, 0);
|
|
1544
|
+
} else {
|
|
1545
|
+
deps.log(
|
|
1546
|
+
`[ai-credential-refresh] scheduled in ${Math.round(delayMs / 1e3)}s (expiresAt=${expiresAtIso})`
|
|
1547
|
+
);
|
|
1548
|
+
timer = setTimeoutImpl(() => {
|
|
1549
|
+
void fire();
|
|
1550
|
+
}, delayMs);
|
|
1551
|
+
}
|
|
1552
|
+
timer.unref?.();
|
|
1553
|
+
}
|
|
1554
|
+
return {
|
|
1555
|
+
schedule,
|
|
1556
|
+
cancel,
|
|
1557
|
+
isPending: () => timer !== null
|
|
1558
|
+
};
|
|
1532
1559
|
}
|
|
1533
1560
|
function keywordSearch(capabilities, query, limit) {
|
|
1534
1561
|
const tokens = query.toLowerCase().split(/\s+/).filter((t) => t.length > 0);
|
|
@@ -1602,33 +1629,6 @@ function bootstrapCapabilityRegistry(registry) {
|
|
|
1602
1629
|
registry.register(cap, "agent");
|
|
1603
1630
|
}
|
|
1604
1631
|
}
|
|
1605
|
-
var CLAUDE_CODE_CREDENTIALS_KEY = "CLAUDE_CODE_CREDENTIALS_JSON";
|
|
1606
|
-
async function writeClaudeCodeCredentialsFile(home, json) {
|
|
1607
|
-
const claudeDir = join(home, ".claude");
|
|
1608
|
-
await mkdir(claudeDir, { recursive: true, mode: 448 });
|
|
1609
|
-
const finalPath = join(claudeDir, ".credentials.json");
|
|
1610
|
-
const tmpPath = `${finalPath}.tmp.${process.pid}.${Date.now()}.${Math.random().toString(36).slice(2)}`;
|
|
1611
|
-
await writeFile(tmpPath, json, { mode: 384 });
|
|
1612
|
-
await rename(tmpPath, finalPath);
|
|
1613
|
-
return finalPath;
|
|
1614
|
-
}
|
|
1615
|
-
async function mergeAndRewriteCredentialsFile(home, accessToken, expiresAt) {
|
|
1616
|
-
const credPath = join(home, ".claude", ".credentials.json");
|
|
1617
|
-
let merged = {};
|
|
1618
|
-
if (existsSync(credPath)) {
|
|
1619
|
-
try {
|
|
1620
|
-
merged = JSON.parse(readFileSync(credPath, "utf-8"));
|
|
1621
|
-
} catch {
|
|
1622
|
-
merged = {};
|
|
1623
|
-
}
|
|
1624
|
-
}
|
|
1625
|
-
const oauthBlock = merged.claudeAiOauth ?? {};
|
|
1626
|
-
oauthBlock.accessToken = accessToken;
|
|
1627
|
-
if (expiresAt) oauthBlock.expiresAt = expiresAt;
|
|
1628
|
-
merged.claudeAiOauth = oauthBlock;
|
|
1629
|
-
merged.accessToken = accessToken;
|
|
1630
|
-
return writeClaudeCodeCredentialsFile(home, JSON.stringify(merged));
|
|
1631
|
-
}
|
|
1632
1632
|
var DEFAULT_AUDIENCE = ["llm", "user"];
|
|
1633
1633
|
function audienceOf(cap) {
|
|
1634
1634
|
return cap.audience ?? DEFAULT_AUDIENCE;
|
|
@@ -2300,6 +2300,49 @@ function rewriteFileChangedPath(event, cwd, mounts) {
|
|
|
2300
2300
|
}
|
|
2301
2301
|
return event;
|
|
2302
2302
|
}
|
|
2303
|
+
|
|
2304
|
+
// runner/src/refresh-flag-dispatcher.ts
|
|
2305
|
+
async function dispatchRefreshToExposedGitMounts(manager, log) {
|
|
2306
|
+
if (!manager) return;
|
|
2307
|
+
let gitConnectors;
|
|
2308
|
+
try {
|
|
2309
|
+
gitConnectors = manager.listGitConnectors();
|
|
2310
|
+
} catch (err) {
|
|
2311
|
+
log.warn("listGitConnectors failed during refresh-flag dispatch", {
|
|
2312
|
+
error: err instanceof Error ? err.message : String(err)
|
|
2313
|
+
});
|
|
2314
|
+
return;
|
|
2315
|
+
}
|
|
2316
|
+
const eligible = gitConnectors.filter(
|
|
2317
|
+
(m) => m.exposeAccessToken === true && m.auth === "backend"
|
|
2318
|
+
);
|
|
2319
|
+
if (eligible.length === 0) {
|
|
2320
|
+
log.debug("refresh-flag fired but no eligible git connectors (Tier-2 backend) found");
|
|
2321
|
+
return;
|
|
2322
|
+
}
|
|
2323
|
+
log.info("refresh-flag fired -- dispatching backend mediation", {
|
|
2324
|
+
connectorIds: eligible.map((m) => m.id)
|
|
2325
|
+
});
|
|
2326
|
+
await Promise.all(
|
|
2327
|
+
eligible.map(async (m) => {
|
|
2328
|
+
try {
|
|
2329
|
+
const entry = manager.get(m.id);
|
|
2330
|
+
if (typeof entry.connector.refreshExposedCredential !== "function") {
|
|
2331
|
+
log.debug("connector lacks refreshExposedCredential -- skipping", {
|
|
2332
|
+
connectorId: m.id
|
|
2333
|
+
});
|
|
2334
|
+
return;
|
|
2335
|
+
}
|
|
2336
|
+
await entry.connector.refreshExposedCredential(m.id, entry.handle);
|
|
2337
|
+
} catch (err) {
|
|
2338
|
+
log.warn("refresh-flag dispatch failed for connector", {
|
|
2339
|
+
connectorId: m.id,
|
|
2340
|
+
error: err instanceof Error ? err.message : String(err)
|
|
2341
|
+
});
|
|
2342
|
+
}
|
|
2343
|
+
})
|
|
2344
|
+
);
|
|
2345
|
+
}
|
|
2303
2346
|
var RUNNER_CAP_ORIGIN = { kind: "framework" };
|
|
2304
2347
|
function notImplemented(name) {
|
|
2305
2348
|
return {
|
|
@@ -2471,6 +2514,54 @@ function buildRunnerCapabilities(handlers) {
|
|
|
2471
2514
|
})
|
|
2472
2515
|
];
|
|
2473
2516
|
}
|
|
2517
|
+
var CLAUDE_CODE_CREDENTIALS_KEY = "CLAUDE_CODE_CREDENTIALS_JSON";
|
|
2518
|
+
async function writeClaudeCodeCredentialsFile(home, json) {
|
|
2519
|
+
const claudeDir = join(home, ".claude");
|
|
2520
|
+
await mkdir(claudeDir, { recursive: true, mode: 448 });
|
|
2521
|
+
const finalPath = join(claudeDir, ".credentials.json");
|
|
2522
|
+
const tmpPath = `${finalPath}.tmp.${process.pid}.${Date.now()}.${Math.random().toString(36).slice(2)}`;
|
|
2523
|
+
await writeFile(tmpPath, json, { mode: 384 });
|
|
2524
|
+
await rename(tmpPath, finalPath);
|
|
2525
|
+
return finalPath;
|
|
2526
|
+
}
|
|
2527
|
+
async function mergeAndRewriteCredentialsFile(home, accessToken, expiresAt) {
|
|
2528
|
+
const credPath = join(home, ".claude", ".credentials.json");
|
|
2529
|
+
let merged = {};
|
|
2530
|
+
if (existsSync(credPath)) {
|
|
2531
|
+
try {
|
|
2532
|
+
merged = JSON.parse(readFileSync(credPath, "utf-8"));
|
|
2533
|
+
} catch {
|
|
2534
|
+
merged = {};
|
|
2535
|
+
}
|
|
2536
|
+
}
|
|
2537
|
+
const oauthBlock = merged.claudeAiOauth ?? {};
|
|
2538
|
+
oauthBlock.accessToken = accessToken;
|
|
2539
|
+
if (expiresAt) oauthBlock.expiresAt = expiresAt;
|
|
2540
|
+
merged.claudeAiOauth = oauthBlock;
|
|
2541
|
+
merged.accessToken = accessToken;
|
|
2542
|
+
return writeClaudeCodeCredentialsFile(home, JSON.stringify(merged));
|
|
2543
|
+
}
|
|
2544
|
+
function extractClaudeAiOauthExpiresAt(json) {
|
|
2545
|
+
let parsed;
|
|
2546
|
+
try {
|
|
2547
|
+
parsed = JSON.parse(json);
|
|
2548
|
+
} catch {
|
|
2549
|
+
return null;
|
|
2550
|
+
}
|
|
2551
|
+
if (!parsed || typeof parsed !== "object") return null;
|
|
2552
|
+
const obj = parsed;
|
|
2553
|
+
const oauth = obj.claudeAiOauth;
|
|
2554
|
+
const raw = oauth?.expiresAt ?? obj.expiresAt;
|
|
2555
|
+
if (raw == null) return null;
|
|
2556
|
+
if (typeof raw === "string") {
|
|
2557
|
+
const t = Date.parse(raw);
|
|
2558
|
+
return Number.isFinite(t) ? new Date(t).toISOString() : null;
|
|
2559
|
+
}
|
|
2560
|
+
if (typeof raw === "number" && Number.isFinite(raw)) {
|
|
2561
|
+
return new Date(raw).toISOString();
|
|
2562
|
+
}
|
|
2563
|
+
return null;
|
|
2564
|
+
}
|
|
2474
2565
|
|
|
2475
2566
|
// runner/src/session-stimulus.ts
|
|
2476
2567
|
var DEFAULT_COALESCE_MS = 50;
|
|
@@ -2732,9 +2823,8 @@ async function startAgentServer(opts) {
|
|
|
2732
2823
|
});
|
|
2733
2824
|
};
|
|
2734
2825
|
let aiProviderConfigId;
|
|
2735
|
-
|
|
2826
|
+
async function mintAndPersistAiCredential(args) {
|
|
2736
2827
|
if (!transport.connected || aiProviderConfigId === void 0) {
|
|
2737
|
-
log("[serve] auth error: no transport or no aiProviderConfigId; surfacing");
|
|
2738
2828
|
return {
|
|
2739
2829
|
ok: false,
|
|
2740
2830
|
code: "not-configured",
|
|
@@ -2742,20 +2832,17 @@ async function startAgentServer(opts) {
|
|
|
2742
2832
|
};
|
|
2743
2833
|
}
|
|
2744
2834
|
const targetConfigId = args.configId || aiProviderConfigId;
|
|
2745
|
-
log("[serve] auth error: invoking host.refresh_credential capability");
|
|
2746
2835
|
try {
|
|
2747
2836
|
const result = await capabilityRegistry.invokeRemote("host.refresh_credential", {
|
|
2748
2837
|
kind: "ai-credentials",
|
|
2749
2838
|
id: targetConfigId,
|
|
2750
|
-
reason:
|
|
2839
|
+
reason: args.reason
|
|
2751
2840
|
});
|
|
2752
2841
|
if (!result?.ok) {
|
|
2753
|
-
log(`[serve] auth error: mint failed (code=${result?.code ?? "backend-error"}); surfacing`);
|
|
2754
2842
|
return result ?? { ok: false, code: "backend-error", message: "no result from host" };
|
|
2755
2843
|
}
|
|
2756
2844
|
const home = process.env.HOME ?? homedir();
|
|
2757
2845
|
if (!home) {
|
|
2758
|
-
log("[serve] auth error: HOME unset; cannot rewrite credentials file");
|
|
2759
2846
|
return {
|
|
2760
2847
|
ok: false,
|
|
2761
2848
|
code: "backend-error",
|
|
@@ -2763,13 +2850,38 @@ async function startAgentServer(opts) {
|
|
|
2763
2850
|
};
|
|
2764
2851
|
}
|
|
2765
2852
|
await mergeAndRewriteCredentialsFile(home, result.token, result.expiresAt ?? null);
|
|
2766
|
-
|
|
2853
|
+
aiCredentialRefreshScheduler.schedule(result.expiresAt ?? null);
|
|
2767
2854
|
return result;
|
|
2768
2855
|
} catch (err) {
|
|
2769
2856
|
const errMsg = err instanceof Error ? err.message : String(err);
|
|
2770
|
-
log(`[serve] auth error: host.refresh_credential threw: ${errMsg}`);
|
|
2771
2857
|
return { ok: false, code: "backend-error", message: errMsg };
|
|
2772
2858
|
}
|
|
2859
|
+
}
|
|
2860
|
+
const aiCredentialRefreshScheduler = createAiCredentialRefreshScheduler({
|
|
2861
|
+
refresh: async () => {
|
|
2862
|
+
const result = await mintAndPersistAiCredential({ reason: "refresh" });
|
|
2863
|
+
if (!result.ok) {
|
|
2864
|
+
log(
|
|
2865
|
+
`[serve] proactive AI refresh failed (code=${result.code}); leaving reactive path as fallback`
|
|
2866
|
+
);
|
|
2867
|
+
return void 0;
|
|
2868
|
+
}
|
|
2869
|
+
return result.expiresAt ?? null;
|
|
2870
|
+
},
|
|
2871
|
+
log
|
|
2872
|
+
});
|
|
2873
|
+
const onAuthError = async (args) => {
|
|
2874
|
+
log("[serve] auth error: invoking host.refresh_credential capability");
|
|
2875
|
+
const result = await mintAndPersistAiCredential({
|
|
2876
|
+
configId: args.configId,
|
|
2877
|
+
reason: "retry-401"
|
|
2878
|
+
});
|
|
2879
|
+
if (!result.ok) {
|
|
2880
|
+
log(`[serve] auth error: mint failed (code=${result.code}); surfacing`);
|
|
2881
|
+
} else {
|
|
2882
|
+
log("[serve] auth error: rewrote .credentials.json with mediated accessToken");
|
|
2883
|
+
}
|
|
2884
|
+
return result;
|
|
2773
2885
|
};
|
|
2774
2886
|
const APPROVAL_REQUIRED_CAPABILITY_TIMEOUT_MS = 15 * 60 * 1e3;
|
|
2775
2887
|
function buildClientCapabilityHandler2(wire) {
|
|
@@ -3208,6 +3320,7 @@ async function startAgentServer(opts) {
|
|
|
3208
3320
|
driver?.kill();
|
|
3209
3321
|
} catch {
|
|
3210
3322
|
}
|
|
3323
|
+
aiCredentialRefreshScheduler.cancel();
|
|
3211
3324
|
for (const [callId, pending] of pendingCapabilityCalls) {
|
|
3212
3325
|
clearTimeout(pending.timer);
|
|
3213
3326
|
pending.reject(new Error(`Session terminated before capability_result (callId=${callId})`));
|
|
@@ -3270,6 +3383,7 @@ async function startAgentServer(opts) {
|
|
|
3270
3383
|
}
|
|
3271
3384
|
sendEvent({ type: "protocol_info", version: PROTOCOL_VERSION });
|
|
3272
3385
|
preMintedSecrets = new PreMintedSecretProvider(cmd.credentials);
|
|
3386
|
+
let initialAiCredentialExpiresAt = null;
|
|
3273
3387
|
if (cmd.secrets) {
|
|
3274
3388
|
const ccdValue = cmd.secrets[CLAUDE_CODE_CREDENTIALS_KEY];
|
|
3275
3389
|
if (ccdValue) {
|
|
@@ -3285,6 +3399,7 @@ async function startAgentServer(opts) {
|
|
|
3285
3399
|
log(`[serve] failed to write Claude Code credentials file: ${errMsg}`);
|
|
3286
3400
|
}
|
|
3287
3401
|
}
|
|
3402
|
+
initialAiCredentialExpiresAt = extractClaudeAiOauthExpiresAt(ccdValue);
|
|
3288
3403
|
}
|
|
3289
3404
|
const otherSecrets = Object.fromEntries(
|
|
3290
3405
|
Object.entries(cmd.secrets).filter(([k]) => k !== CLAUDE_CODE_CREDENTIALS_KEY)
|
|
@@ -3336,6 +3451,9 @@ async function startAgentServer(opts) {
|
|
|
3336
3451
|
aiProviderConfigId = cmd.resolvedConfig.aiProviderConfigId;
|
|
3337
3452
|
log(`[serve] stashed aiProviderConfigId=${aiProviderConfigId}`);
|
|
3338
3453
|
}
|
|
3454
|
+
if (aiProviderConfigId && initialAiCredentialExpiresAt) {
|
|
3455
|
+
aiCredentialRefreshScheduler.schedule(initialAiCredentialExpiresAt);
|
|
3456
|
+
}
|
|
3339
3457
|
const cfg = {
|
|
3340
3458
|
aiResources: cmd.resolvedConfig.aiResources,
|
|
3341
3459
|
subagents: cmd.resolvedConfig.subagents,
|
|
@@ -3347,10 +3465,6 @@ async function startAgentServer(opts) {
|
|
|
3347
3465
|
log(
|
|
3348
3466
|
`[serve] configure cfg keys=${Object.keys(cfg).join(",")} sharedState=${cfg.sharedState ? cfg.sharedState.length : "undefined"} resourceManager=${resourceManager ? "set" : "null"}`
|
|
3349
3467
|
);
|
|
3350
|
-
if (cfg.aiProviderConfigId) {
|
|
3351
|
-
aiProviderConfigId = cfg.aiProviderConfigId;
|
|
3352
|
-
log(`[serve] stashed aiProviderConfigId=${aiProviderConfigId}`);
|
|
3353
|
-
}
|
|
3354
3468
|
let pendingResumeSessionId;
|
|
3355
3469
|
const cfgResumeSessionId = cfg.resumeSessionId;
|
|
3356
3470
|
const cfgExpectedSig = cfg.expectedCapabilitySignature;
|
|
@@ -4128,6 +4242,6 @@ function touchSession(state) {
|
|
|
4128
4242
|
return { ...state, updatedAt: (/* @__PURE__ */ new Date()).toISOString() };
|
|
4129
4243
|
}
|
|
4130
4244
|
|
|
4131
|
-
export { CLAUDE_CODE_CREDENTIALS_KEY, COMPILE_MANIFEST_FILENAME, CapabilityRegistry, DEFAULT_CAPABILITY_CALL_TIMEOUT_MS, DEFAULT_COALESCE_MS, MarkdownStreamer, PreInitRingSink, agentDefinitionExists, bootstrapCapabilityRegistry, bootstrapRunnerLogStore, buildAgentResources, buildClientCapabilityHandler, buildContextSection, buildEnvironmentSection, builtinCapabilities, clearPreInitRingSink, clearSession, compileComposition, computeCapabilitySignature, createAgentSession, createSessionStimulusBus, defineCapability, deleteSession, emitSystemPromptComposed, ensureGitConfigInclude, getPreInitRingSink, handleMountResourceRequest, handleResourceRequest, installPreInitRingSink, listSessions, loadAgentManifest, loadCompileManifest, loadCompileManifestFromDir, loadSession, loadSessionById, newSession, registerCompositionCapabilities, rejectCapabilityOnApprovalDeny, resetRunnerLogStore, resolveAgentComposition, resolveAgentMixins, resolveBinding, resolveCapabilityCallTimeoutMs, resolveCapabilityResult, resolveComposition, resolveMixin, runAgentChat, saveSession, setCurrentSession, startAgentServer, touchSession, writeClaudeCodeCredentialsFile };
|
|
4132
|
-
//# sourceMappingURL=chunk-
|
|
4133
|
-
//# sourceMappingURL=chunk-
|
|
4245
|
+
export { CLAUDE_CODE_CREDENTIALS_KEY, COMPILE_MANIFEST_FILENAME, CapabilityRegistry, DEFAULT_CAPABILITY_CALL_TIMEOUT_MS, DEFAULT_COALESCE_MS, MarkdownStreamer, PreInitRingSink, agentDefinitionExists, bootstrapCapabilityRegistry, bootstrapRunnerLogStore, buildAgentResources, buildClientCapabilityHandler, buildContextSection, buildEnvironmentSection, builtinCapabilities, clearPreInitRingSink, clearSession, compileComposition, computeCapabilitySignature, createAgentSession, createSessionStimulusBus, defineCapability, deleteSession, emitSystemPromptComposed, ensureGitConfigInclude, extractClaudeAiOauthExpiresAt, getPreInitRingSink, handleMountResourceRequest, handleResourceRequest, installPreInitRingSink, listSessions, loadAgentManifest, loadCompileManifest, loadCompileManifestFromDir, loadSession, loadSessionById, newSession, registerCompositionCapabilities, rejectCapabilityOnApprovalDeny, resetRunnerLogStore, resolveAgentComposition, resolveAgentMixins, resolveBinding, resolveCapabilityCallTimeoutMs, resolveCapabilityResult, resolveComposition, resolveMixin, runAgentChat, saveSession, setCurrentSession, startAgentServer, touchSession, writeClaudeCodeCredentialsFile };
|
|
4246
|
+
//# sourceMappingURL=chunk-L6PKR6YY.js.map
|
|
4247
|
+
//# sourceMappingURL=chunk-L6PKR6YY.js.map
|