npm - @slock-ai/computer - Versions diffs - 0.0.1-play.20260511091124 - Mend

@slock-ai/computer 0.0.1-play.20260511091124

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +556 -0
package/package.json +38 -0

package/dist/index.js ADDED Viewed

@@ -0,0 +1,556 @@
+#!/usr/bin/env node
+// src/index.ts
+import { Command } from "commander";
+// src/proxy.ts
+import { ProxyAgent } from "undici";
+var fetchDispatcherCache = /* @__PURE__ */ new Map();
+function getDefaultPort(protocol) {
+  switch (protocol) {
+    case "https:":
+      return "443";
+    case "http:":
+      return "80";
+    default:
+      return "";
+  }
+}
+function hostMatchesNoProxyEntry(hostname, ruleHost) {
+  if (!ruleHost) return false;
+  const normalizedRule = ruleHost.replace(/^\*\./, ".").replace(/^\./, "").toLowerCase();
+  const normalizedHost = hostname.toLowerCase();
+  return normalizedHost === normalizedRule || normalizedHost.endsWith(`.${normalizedRule}`);
+}
+function getProxyUrlForTarget(targetUrl, env) {
+  const protocol = new URL(targetUrl).protocol;
+  switch (protocol) {
+    case "https:":
+      return env.HTTPS_PROXY || env.https_proxy || env.ALL_PROXY || env.all_proxy;
+    case "http:":
+      return env.HTTP_PROXY || env.http_proxy || env.ALL_PROXY || env.all_proxy;
+    default:
+      return env.ALL_PROXY || env.all_proxy;
+  }
+}
+function shouldBypassProxy(targetUrl, env) {
+  const rawNoProxy = env.NO_PROXY || env.no_proxy;
+  if (!rawNoProxy) return false;
+  const url = new URL(targetUrl);
+  const hostname = url.hostname.toLowerCase();
+  const port = url.port || getDefaultPort(url.protocol);
+  return rawNoProxy.split(",").map((entry) => entry.trim()).filter(Boolean).some((entry) => {
+    if (entry === "*") return true;
+    const [ruleHost, rulePort] = entry.split(":", 2);
+    if (rulePort && rulePort !== port) return false;
+    return hostMatchesNoProxyEntry(hostname, ruleHost);
+  });
+}
+function buildFetchDispatcher(targetUrl, env = process.env) {
+  const proxyUrl = getProxyUrlForTarget(targetUrl, env);
+  if (!proxyUrl) return void 0;
+  if (shouldBypassProxy(targetUrl, env)) return void 0;
+  const cached = fetchDispatcherCache.get(proxyUrl);
+  if (cached) return cached;
+  const dispatcher = new ProxyAgent(proxyUrl);
+  fetchDispatcherCache.set(proxyUrl, dispatcher);
+  return dispatcher;
+}
+// src/computor/apiClient.ts
+var ComputorApiError = class extends Error {
+  constructor(status, code, message) {
+    super(message);
+    this.status = status;
+    this.code = code;
+    this.name = "ComputorApiError";
+  }
+};
+var ComputorHttpClient = class {
+  constructor(serverUrl) {
+    this.serverUrl = serverUrl;
+  }
+  async startDeviceAuth(request) {
+    return this.requestJson("POST", "/api/auth/device/start", request);
+  }
+  async pollDeviceToken(deviceCode) {
+    const res = await this.fetchJson("POST", "/api/auth/device/token", { deviceCode });
+    if (res.ok) {
+      const parsed = res.data;
+      return { ...parsed, status: "approved" };
+    }
+    const status = res.data?.status ?? res.code;
+    if (res.status === 428 || status === "authorization_pending") return { status: "authorization_pending" };
+    if (res.status === 429 || status === "slow_down") {
+      const interval = res.data?.interval;
+      return { status: "slow_down", interval: typeof interval === "number" ? interval : void 0 };
+    }
+    if (res.status === 410 || status === "expired_token") return { status: "expired_token" };
+    if (res.status === 403 || status === "denied") return { status: "denied" };
+    throw new ComputorApiError(res.status, res.code, res.message);
+  }
+  async refreshSession(refreshToken, targetServerId) {
+    return this.requestJson(
+      "POST",
+      "/api/auth/refresh",
+      { refreshToken },
+      void 0,
+      targetServerId
+    );
+  }
+  async getMe(accessToken, targetServerId) {
+    return this.requestJson("GET", "/api/auth/me", void 0, accessToken, targetServerId);
+  }
+  async attach(accessToken, request) {
+    return this.requestJson(
+      "POST",
+      "/api/computors/attach",
+      request,
+      accessToken,
+      request.targetServerId
+    );
+  }
+  async requestJson(method, pathname, body, accessToken, targetServerId) {
+    const res = await this.fetchJson(method, pathname, body, accessToken, targetServerId);
+    if (!res.ok) throw new ComputorApiError(res.status, res.code, res.message);
+    return res.data;
+  }
+  async fetchJson(method, pathname, body, accessToken, targetServerId) {
+    const url = new URL(pathname, this.serverUrl).toString();
+    const headers = { "Content-Type": "application/json" };
+    if (accessToken) headers.Authorization = `Bearer ${accessToken}`;
+    if (targetServerId) headers["X-Server-Id"] = targetServerId;
+    const dispatcher = buildFetchDispatcher(url);
+    const init = {
+      method,
+      headers,
+      body: body === void 0 ? void 0 : JSON.stringify(body)
+    };
+    if (dispatcher) init.dispatcher = dispatcher;
+    const response = await fetch(url, init);
+    const contentType = response.headers.get("content-type") ?? "";
+    const data = contentType.includes("application/json") ? await response.json().catch(() => null) : null;
+    const error = data;
+    return {
+      ok: response.ok,
+      status: response.status,
+      data,
+      code: error?.errorCode ?? error?.code ?? error?.status ?? `HTTP_${response.status}`,
+      message: error?.message ?? error?.error ?? `HTTP ${response.status}`
+    };
+  }
+};
+// src/computor/attachFlow.ts
+import { randomUUID as randomUUID2 } from "crypto";
+// src/computor/localIdentity.ts
+import { randomUUID } from "crypto";
+import fs from "fs/promises";
+import path2 from "path";
+// src/computor/paths.ts
+import os from "os";
+import path from "path";
+function resolveSlockHome(env = process.env, homeDir = os.homedir()) {
+  const configured = env.SLOCK_HOME?.trim();
+  const raw = configured && configured.length > 0 ? configured : path.join(homeDir, ".slock");
+  return path.resolve(expandHome(raw, homeDir));
+}
+function expandHome(input, homeDir) {
+  if (input === "~") return homeDir;
+  if (input.startsWith("~/")) return path.join(homeDir, input.slice(2));
+  return input;
+}
+function authDir(slockHome) {
+  return path.join(slockHome, "auth");
+}
+function activeSessionPath(slockHome) {
+  return path.join(authDir(slockHome), "active");
+}
+function sessionPath(slockHome, humanId) {
+  return path.join(authDir(slockHome), "sessions", humanId, "session.json");
+}
+function computersDir(slockHome) {
+  return path.join(slockHome, "computers");
+}
+// src/computor/localIdentity.ts
+var LocalIdentityError = class extends Error {
+  constructor(code, message) {
+    super(message);
+    this.code = code;
+    this.name = "LocalIdentityError";
+  }
+};
+function getComputorDirectoryName(serverMachineId) {
+  if (!serverMachineId || serverMachineId.includes("/") || serverMachineId.includes("\\")) {
+    throw new LocalIdentityError("INVALID_SERVER_MACHINE_ID", "serverMachineId is not safe for a local computor path.");
+  }
+  return `computer-${serverMachineId}`;
+}
+function isLocalComputorState(value) {
+  const candidate = value;
+  return typeof candidate?.serverMachineId === "string" && typeof candidate.serverId === "string" && (candidate.humanId === void 0 || typeof candidate.humanId === "string");
+}
+async function readComputorState(statePath) {
+  let raw;
+  try {
+    raw = await fs.readFile(statePath, "utf8");
+  } catch (err) {
+    if (err.code === "ENOENT") return null;
+    throw err;
+  }
+  try {
+    const parsed = JSON.parse(raw);
+    return isLocalComputorState(parsed) ? parsed : null;
+  } catch {
+    return null;
+  }
+}
+async function writeComputorStateAfterAttach(slockHome, attach) {
+  const state = {
+    serverMachineId: attach.serverMachineId,
+    humanId: attach.humanId,
+    serverId: attach.serverId
+  };
+  const computorDir = path2.join(computersDir(slockHome), getComputorDirectoryName(attach.serverMachineId));
+  const statePath = path2.join(computorDir, "state.json");
+  const tempPath = path2.join(computorDir, `state.json.${process.pid}.${randomUUID()}.tmp`);
+  await fs.mkdir(computorDir, { recursive: true, mode: 448 });
+  await fs.writeFile(tempPath, `${JSON.stringify(state, null, 2)}
+`, { mode: 384 });
+  await fs.rename(tempPath, statePath);
+  return { serverMachineId: state.serverMachineId, statePath, state };
+}
+async function probeExistingServerMachineIdentity(slockHome, targetServerId, authenticatedHumanId) {
+  let entries;
+  try {
+    const dirents = await fs.readdir(computersDir(slockHome), { withFileTypes: true });
+    entries = dirents.filter((entry) => entry.isDirectory() && entry.name.startsWith("computer-")).map((entry) => entry.name).sort();
+  } catch (err) {
+    if (err.code === "ENOENT") return null;
+    throw err;
+  }
+  const matches = [];
+  for (const entry of entries) {
+    const statePath = path2.join(computersDir(slockHome), entry, "state.json");
+    const state = await readComputorState(statePath);
+    if (state?.serverId === targetServerId && state.humanId === authenticatedHumanId) {
+      matches.push({ serverMachineId: state.serverMachineId, statePath, state });
+    }
+  }
+  if (matches.length > 1) {
+    throw new LocalIdentityError(
+      "MULTIPLE_LOCAL_COMPUTERS",
+      `Multiple local computor state files match server ${targetServerId}; refusing to guess which serverMachineId to resume.`
+    );
+  }
+  return matches[0] ?? null;
+}
+// src/computor/sessionStore.ts
+import fs2 from "fs/promises";
+import path3 from "path";
+async function readJsonFile(filePath) {
+  let raw;
+  try {
+    raw = await fs2.readFile(filePath, "utf8");
+  } catch (err) {
+    if (err.code === "ENOENT") return null;
+    throw err;
+  }
+  try {
+    return JSON.parse(raw);
+  } catch {
+    return null;
+  }
+}
+async function writeJsonAtomic(filePath, value) {
+  await fs2.mkdir(path3.dirname(filePath), { recursive: true, mode: 448 });
+  const tmpPath = path3.join(
+    path3.dirname(filePath),
+    `.${path3.basename(filePath)}.${process.pid}.${Date.now()}.tmp`
+  );
+  await fs2.writeFile(tmpPath, `${JSON.stringify(value, null, 2)}
+`, {
+    encoding: "utf8",
+    mode: 384
+  });
+  await fs2.rename(tmpPath, filePath);
+}
+function isActiveSessionPointer(value) {
+  return typeof value?.humanId === "string";
+}
+function isComputorSession(value) {
+  const candidate = value;
+  return typeof candidate?.accessToken === "string" && typeof candidate.refreshToken === "string" && typeof candidate.humanId === "string";
+}
+async function readActiveSessionPointer(slockHome) {
+  const value = await readJsonFile(activeSessionPath(slockHome));
+  return isActiveSessionPointer(value) ? value : null;
+}
+async function readSession(slockHome, humanId) {
+  const value = await readJsonFile(sessionPath(slockHome, humanId));
+  return isComputorSession(value) ? value : null;
+}
+async function writeSession(slockHome, session) {
+  await writeJsonAtomic(sessionPath(slockHome, session.humanId), {
+    ...session,
+    updatedAt: session.updatedAt ?? (/* @__PURE__ */ new Date()).toISOString()
+  });
+}
+async function writeActiveSessionPointer(slockHome, pointer) {
+  await writeJsonAtomic(activeSessionPath(slockHome), pointer);
+}
+async function writeSessionAndActivePointer(slockHome, session, targetServerId) {
+  await writeSession(slockHome, session);
+  await writeActiveSessionPointer(slockHome, {
+    humanId: session.humanId,
+    serverId: targetServerId
+  });
+}
+// src/computor/attachFlow.ts
+var DEFAULT_CLIENT_VERSION = "0.0.1";
+var ComputorAttachFlowError = class extends Error {
+  constructor(code, message) {
+    super(message);
+    this.code = code;
+    this.name = "ComputorAttachFlowError";
+  }
+};
+async function runComputorAttachFlow(options) {
+  const slockHome = options.slockHome ?? resolveSlockHome(options.env, options.homeDir);
+  const attachAttemptId = options.generateAttemptId?.() ?? randomUUID2();
+  const session = await ensureHumanSession({ ...options, slockHome });
+  const existingIdentity = await probeExistingServerMachineIdentity(
+    slockHome,
+    options.targetServerId,
+    session.humanId
+  );
+  const existingServerMachineId = existingIdentity?.serverMachineId ?? null;
+  const attachResult = await attachWithRetry({
+    client: options.client,
+    session,
+    slockHome,
+    targetServerId: options.targetServerId,
+    existingServerMachineId,
+    attachAttemptId,
+    clientVersion: options.clientVersion ?? DEFAULT_CLIENT_VERSION,
+    wait: options.wait,
+    maxAttempts: options.maxAttachAttempts ?? 3
+  });
+  if (attachResult.attach.serverId !== options.targetServerId) {
+    throw new ComputorAttachFlowError(
+      "ATTACH_SERVER_MISMATCH",
+      `Attach response serverId=${attachResult.attach.serverId} did not match targetServerId=${options.targetServerId}`
+    );
+  }
+  if (existingServerMachineId && attachResult.attach.serverMachineId !== existingServerMachineId) {
+    throw new ComputorAttachFlowError(
+      "ATTACH_IDENTITY_MISMATCH",
+      `Attach resumed serverMachineId=${attachResult.attach.serverMachineId}, expected local state identity ${existingServerMachineId}`
+    );
+  }
+  await options.onPostAttachSuccess?.(attachResult.attach);
+  return {
+    attachAttemptId,
+    slockHome,
+    existingServerMachineId,
+    session: attachResult.session,
+    attach: attachResult.attach
+  };
+}
+async function ensureHumanSession(options) {
+  const active = await readActiveSessionPointer(options.slockHome);
+  if (!active) return runDeviceLogin(options);
+  const session = await readSession(options.slockHome, active.humanId);
+  if (!session) return runDeviceLogin(options);
+  try {
+    await options.client.getMe(session.accessToken, options.targetServerId);
+    return session;
+  } catch (err) {
+    if (!(err instanceof ComputorApiError) || err.status !== 401) {
+      throw err;
+    }
+  }
+  try {
+    const refreshed = await options.client.refreshSession(session.refreshToken, options.targetServerId);
+    const nextSession = mergeRefreshedSession(session, refreshed);
+    await writeSession(options.slockHome, nextSession);
+    return nextSession;
+  } catch (err) {
+    if (!(err instanceof ComputorApiError) || err.status !== 401) {
+      throw err;
+    }
+    return runDeviceLogin(options);
+  }
+}
+async function runDeviceLogin(options) {
+  const challenge = await options.client.startDeviceAuth({
+    targetServerId: options.targetServerId,
+    clientId: "slock-computer",
+    clientVersion: options.clientVersion ?? DEFAULT_CLIENT_VERSION
+  });
+  await options.onDeviceCode?.(challenge);
+  let intervalSeconds = Math.max(1, challenge.interval);
+  for (let poll = 0; poll < (options.maxDevicePolls ?? 120); poll += 1) {
+    const response = await options.client.pollDeviceToken(challenge.deviceCode);
+    if (response.status === "approved") {
+      if (response.serverId !== options.targetServerId) {
+        throw new ComputorAttachFlowError(
+          "DEVICE_TOKEN_SERVER_MISMATCH",
+          `Device token serverId=${response.serverId} did not match targetServerId=${options.targetServerId}`
+        );
+      }
+      const session = {
+        accessToken: response.accessToken,
+        refreshToken: response.refreshToken,
+        humanId: response.humanId,
+        serverId: response.serverId,
+        updatedAt: (/* @__PURE__ */ new Date()).toISOString()
+      };
+      await writeSessionAndActivePointer(options.slockHome, session, options.targetServerId);
+      return session;
+    }
+    if (response.status === "expired_token") {
+      throw new ComputorAttachFlowError("LOGIN_EXPIRED", "Device login expired; retry attach.");
+    }
+    if (response.status === "denied") {
+      throw new ComputorAttachFlowError("LOGIN_DENIED", "Device login was denied.");
+    }
+    if (response.status === "slow_down") {
+      intervalSeconds = Math.max(intervalSeconds * 2, response.interval ?? 0);
+    }
+    await (options.wait ?? sleep)(intervalSeconds * 1e3);
+  }
+  throw new ComputorAttachFlowError("LOGIN_POLL_EXHAUSTED", "Device login did not complete before polling budget expired.");
+}
+function mergeRefreshedSession(previous, refreshed) {
+  return {
+    ...previous,
+    accessToken: refreshed.accessToken,
+    refreshToken: refreshed.refreshToken,
+    humanId: refreshed.humanId ?? previous.humanId,
+    serverId: refreshed.serverId ?? previous.serverId,
+    updatedAt: (/* @__PURE__ */ new Date()).toISOString()
+  };
+}
+async function attachWithRetry(args) {
+  const request = buildAttachRequest(args);
+  let session = args.session;
+  let refreshedAfterAttach401 = false;
+  for (let attempt = 0; attempt < args.maxAttempts; attempt += 1) {
+    try {
+      return { attach: await args.client.attach(session.accessToken, request), session };
+    } catch (err) {
+      if (!(err instanceof ComputorApiError)) throw err;
+      if (err.status === 401 && !refreshedAfterAttach401) {
+        refreshedAfterAttach401 = true;
+        try {
+          const refreshed = await args.client.refreshSession(session.refreshToken, args.targetServerId);
+          session = mergeRefreshedSession(session, refreshed);
+          await writeSession(args.slockHome, session);
+          attempt -= 1;
+          continue;
+        } catch (refreshErr) {
+          if (refreshErr instanceof ComputorApiError && refreshErr.status === 401) {
+            throw new ComputorAttachFlowError("SESSION_INVALID", "Session expired; re-run attach to log in again.");
+          }
+          throw refreshErr;
+        }
+      }
+      throwTerminalAttachError(err, args.existingServerMachineId !== null);
+      if (attempt >= args.maxAttempts - 1 || err.status < 500) throw err;
+      await (args.wait ?? sleep)(100 * 2 ** attempt);
+    }
+  }
+  throw new ComputorAttachFlowError("ATTACH_RETRY_EXHAUSTED", "Attach did not complete before retry budget expired.");
+}
+function buildAttachRequest(args) {
+  return {
+    targetServerId: args.targetServerId,
+    attachAttemptId: args.attachAttemptId,
+    ...args.existingServerMachineId ? { existingServerMachineId: args.existingServerMachineId } : {},
+    clientId: "slock-computer",
+    clientVersion: args.clientVersion
+  };
+}
+function throwTerminalAttachError(err, hadExistingIdentity) {
+  if (err.status === 403 && err.code === "insufficient_role") {
+    throw new ComputorAttachFlowError("INSUFFICIENT_ROLE", "Owner/admin role is required to attach this server.");
+  }
+  if (err.status === 409) {
+    throw new ComputorAttachFlowError(
+      "ATTEMPT_CONFLICT",
+      "Attach attempt id is already bound to another human or target server."
+    );
+  }
+  if (hadExistingIdentity && (err.status === 403 || err.status === 404)) {
+    throw new ComputorAttachFlowError(
+      "STALE_IDENTITY",
+      "Local state.json references an unknown or foreign server machine; refusing to create a fallback machine."
+    );
+  }
+}
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+// src/output.ts
+var CliExit = class extends Error {
+  constructor(exitCode) {
+    super(`CliExit(${exitCode})`);
+    this.exitCode = exitCode;
+    this.name = "CliExit";
+  }
+};
+function fail(code, message, exitCode = 1) {
+  process.stderr.write(JSON.stringify({ ok: false, code, message }) + "\n");
+  throw new CliExit(exitCode);
+}
+// src/index.ts
+var program = new Command();
+program.name("slock-computer").description("Slock Computer login and attach entrypoint.").version("0.0.1");
+program.command("attach").argument("<serverId>", "target Slock server id").option("--server-url <url>", "Slock API base URL; defaults to SLOCK_SERVER_URL").option("--client-version <version>", "slock-computer client version", "0.0.1").action(async (serverId, opts) => {
+  const slockHome = resolveSlockHome();
+  const serverUrl = opts.serverUrl ?? process.env.SLOCK_SERVER_URL;
+  if (!serverUrl) {
+    fail("MISSING_SERVER_URL", "Set SLOCK_SERVER_URL or pass --server-url.");
+  }
+  const result = await runComputorAttachFlow({
+    targetServerId: serverId,
+    slockHome,
+    clientVersion: opts.clientVersion,
+    client: new ComputorHttpClient(serverUrl),
+    onDeviceCode: (challenge) => {
+      const uri = challenge.verificationUriComplete ?? challenge.verificationUri;
+      process.stdout.write(`Open ${uri} and enter code ${challenge.userCode}
+`);
+    },
+    onPostAttachSuccess: async (attach) => {
+      await writeComputorStateAfterAttach(slockHome, attach);
+    }
+  });
+  process.stdout.write(
+    `Attach authorized for server ${result.attach.serverId} as computor ${result.attach.serverMachineId} (${result.attach.resumed ? "resumed" : "created"}).
+`
+  );
+});
+program.parseAsync().catch((err) => {
+  if (err instanceof CliExit) {
+    process.exitCode = err.exitCode;
+    return;
+  }
+  if (err instanceof ComputorAttachFlowError) {
+    fail(err.code, err.message);
+  }
+  if (err instanceof ComputorApiError) {
+    fail(err.code, err.message);
+  }
+  process.stderr.write(`Unexpected error: ${err?.message ?? err}
+`);
+  process.exitCode = 1;
+});

package/package.json ADDED Viewed

@@ -0,0 +1,38 @@
+{
+  "name": "@slock-ai/computer",
+  "version": "0.0.1-play.20260511091124",
+  "description": "Slock Computer attach and local runtime entrypoint.",
+  "type": "module",
+  "bin": {
+    "slock-computer": "dist/index.js"
+  },
+  "files": [
+    "dist"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/botiverse/slock.git",
+    "directory": "packages/computer"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "computer": "tsx src/index.ts",
+    "start": "tsx src/index.ts",
+    "build": "tsup",
+    "test": "node --import tsx --test --test-force-exit 'src/**/*.test.ts'",
+    "typecheck": "tsc --noEmit"
+  },
+  "dependencies": {
+    "commander": "^12.1.0",
+    "undici": "^7.24.7"
+  },
+  "devDependencies": {
+    "@types/node": "^25.5.0",
+    "tsup": "^8.5.1",
+    "tsx": "^4.21.0",
+    "typescript": "^5.9.3"
+  },
+  "private": false
+}