@vellumai/assistant 0.6.5 → 0.7.0

package/src/runtime/capability-tokens.ts

@@ -1,41 +1,27 @@
 /**
- * Capability token minting and verification for scoped, short-lived tokens
- * issued to the chrome extension (and other thin clients) so they can submit
- * results back to the runtime without a full guardian-bound JWT.
+ * Capability token verification for scoped, short-lived tokens issued to the
+ * chrome extension (and other thin clients).
  *
- * Design:
- *   - Tokens are HMAC-SHA256 signed over a JSON claims payload.
- *   - Claims include a bound capability, guardian id, nonce, and expiry.
- *   - Signing uses a long-lived random secret persisted to
- *     `~/.vellum/protected/` with 0600 permissions. The protected
- *     directory sits outside the workspace per AGENTS.md: workspace
- *     directories must not hold security-sensitive material.
- *   - The secret is generated once on first launch and reused across
- *     subsequent daemon restarts so previously-minted tokens still verify.
- *   - Tests inject their own secret via `setCapabilityTokenSecretForTests`.
+ * Both minting and verification are owned by the gateway
+ * (`gateway/src/auth/capability-tokens.ts`). The daemon delegates
+ * verification to the gateway via IPC so it never needs to read the
+ * HMAC secret from the filesystem.
  *
- * The encoded token format is `<base64url(payload)>.<base64url(sig)>`.
+ * Test-only helpers (`mintHostBrowserCapability`,
+ * `setCapabilityTokenSecretForTests`, `resetCapabilityTokenSecretForTests`)
+ * implement the same HMAC logic in-process so assistant tests can create
+ * and verify tokens without a live gateway.
  */
 
 import { createHmac, randomBytes, timingSafeEqual } from "node:crypto";
-import {
-  chmodSync,
-  existsSync,
-  mkdirSync,
-  readFileSync,
-  renameSync,
-  unlinkSync,
-  writeFileSync,
-} from "node:fs";
-import { dirname, join } from "node:path";
 
+import { ipcCall } from "../ipc/gateway-client.js";
 import { getLogger } from "../util/logger.js";
-import { getDataDir, getProtectedDir } from "../util/platform.js";
 
 const log = getLogger("capability-tokens");
 
 // ---------------------------------------------------------------------------
-// Types
+// Types (mirror the gateway's types for consumer convenience)
 // ---------------------------------------------------------------------------
 
 /** Capability identifiers that can be bound to a capability token. */
@@ -58,213 +44,10 @@ export interface CapabilityToken {
 }
 
 // ---------------------------------------------------------------------------
-// Secret lifecycle
+// In-process HMAC helpers (shared between test mint/verify and IPC verify)
 // ---------------------------------------------------------------------------
 
-let _secret: Buffer | undefined;
-
-/**
- * Returns the canonical path where the capability-token secret is
- * persisted: `~/.vellum/protected/capability-token-secret`. The protected
- * directory is the canonical location for security-sensitive material
- * and sits outside the workspace (which AGENTS.md forbids for secrets).
- */
-function getSecretPath(): string {
-  return join(getProtectedDir(), "capability-token-secret");
-}
-
-/**
- * Legacy path under `workspace/data/` where earlier builds persisted the
- * capability-token secret. We keep this as a read-only migration source
- * so existing deployments don't regenerate their secret (and invalidate
- * every outstanding token) on upgrade — the first launch after the
- * upgrade copies the legacy file into `getProtectedDir()` and removes it
- * from the workspace.
- */
-function getLegacySecretPath(): string {
-  return join(getDataDir(), "capability-token-secret");
-}
-
-/**
- * Path overrides used by unit tests to drive the secret lifecycle
- * without touching the real `~/.vellum/` tree. Production callers must
- * omit this argument so the canonical paths (`getProtectedDir()` +
- * `getDataDir()`) are used.
- */
-export interface CapabilityTokenSecretPaths {
-  /** Protected-directory secret path (authoritative). */
-  secretPath: string;
-  /** Legacy workspace-directory secret path (migration source). */
-  legacySecretPath: string;
-}
-
-/**
- * Load the capability-token secret from disk or generate and persist a new
- * one. Atomically writes with mode 0o600 so the secret is not readable by
- * other users on the same host.
- *
- * Migration: if the secret exists only at the legacy workspace path, copy
- * it into the protected directory and delete the workspace copy so we do
- * not leave security-sensitive material inside `workspace/`.
- *
- * The optional `paths` argument is for unit tests only — production
- * callers must omit it and use the canonical `~/.vellum/protected/` /
- * `~/.vellum/workspace/data/` paths.
- */
-export function loadOrCreateCapabilityTokenSecret(
-  paths?: CapabilityTokenSecretPaths,
-): Buffer {
-  const keyPath = paths?.secretPath ?? getSecretPath();
-  const legacyPath = paths?.legacySecretPath ?? getLegacySecretPath();
-  if (existsSync(keyPath)) {
-    try {
-      const raw = readFileSync(keyPath);
-      if (raw.length === 32) {
-        return raw;
-      }
-      log.warn(
-        { keyPath, length: raw.length },
-        "capability token secret has unexpected length — regenerating",
-      );
-    } catch (err) {
-      log.warn(
-        { err, keyPath },
-        "Failed to read capability token secret — regenerating",
-      );
-    }
-  }
-
-  // Attempt to migrate a legacy workspace-directory secret before we
-  // generate a fresh one. If this succeeds we end up with the legacy
-  // secret persisted at the protected path and the workspace copy
-  // removed, preserving every outstanding token across the upgrade.
-  const migrated = migrateLegacyCapabilityTokenSecret(keyPath, legacyPath);
-  if (migrated) {
-    return migrated;
-  }
-
-  const fresh = randomBytes(32);
-  writeSecretAtomic(keyPath, fresh);
-  log.info("Capability token secret generated and persisted");
-  return fresh;
-}
-
-/**
- * Write `secret` to `keyPath` atomically with mode 0o600. Ensures the
- * parent directory exists.
- */
-function writeSecretAtomic(keyPath: string, secret: Buffer): void {
-  const dir = dirname(keyPath);
-  if (!existsSync(dir)) {
-    mkdirSync(dir, { recursive: true });
-  }
-  const tmpPath = `${keyPath}.tmp.${process.pid}`;
-  writeFileSync(tmpPath, secret, { mode: 0o600 });
-  renameSync(tmpPath, keyPath);
-  try {
-    chmodSync(keyPath, 0o600);
-  } catch (err) {
-    log.warn(
-      { err, keyPath },
-      "Failed to chmod capability token secret after write",
-    );
-  }
-}
-
-/**
- * If a pre-migration capability token secret exists under the workspace
- * data directory, copy it into the protected directory and remove the
- * workspace copy. Returns the migrated secret if migration ran
- * successfully, or `undefined` if there was nothing to migrate or the
- * migration failed.
- */
-function migrateLegacyCapabilityTokenSecret(
-  secretPath: string,
-  legacyPath: string,
-): Buffer | undefined {
-  if (!existsSync(legacyPath)) {
-    return undefined;
-  }
-  try {
-    const raw = readFileSync(legacyPath);
-    if (raw.length !== 32) {
-      log.warn(
-        { legacyPath, length: raw.length },
-        "legacy capability token secret has unexpected length — ignoring",
-      );
-      return undefined;
-    }
-    writeSecretAtomic(secretPath, raw);
-    try {
-      unlinkSync(legacyPath);
-    } catch (err) {
-      log.warn(
-        { err, legacyPath },
-        "Failed to remove legacy workspace capability token secret after migration",
-      );
-    }
-    log.info(
-      { from: legacyPath, to: secretPath },
-      "Migrated capability token secret out of workspace into protected directory",
-    );
-    return raw;
-  } catch (err) {
-    log.warn(
-      { err, legacyPath },
-      "Failed to migrate legacy capability token secret — regenerating",
-    );
-    return undefined;
-  }
-}
-
-/**
- * Initialize the module-level secret. Called once at daemon startup. Safe
- * to call multiple times — subsequent calls overwrite the cached value
- * (useful in tests that reset state).
- */
-export function initCapabilityTokenSecret(secret: Buffer): void {
-  if (secret.length !== 32) {
-    throw new Error(
-      `capability token secret must be 32 bytes, got ${secret.length}`,
-    );
-  }
-  _secret = secret;
-}
-
-/**
- * Test-only helper to inject a deterministic secret.
- */
-export function setCapabilityTokenSecretForTests(secret: Buffer): void {
-  _secret = secret;
-}
-
-/**
- * Reset the cached secret. Test-only — exposed so test isolation can
- * force a reload from disk.
- */
-export function resetCapabilityTokenSecretForTests(): void {
-  _secret = undefined;
-}
-
-function getSecret(): Buffer {
-  if (_secret) return _secret;
-  if (process.env.NODE_ENV === "test") {
-    _secret = randomBytes(32);
-    return _secret;
-  }
-  // Lazy load — daemon startup is expected to call
-  // `initCapabilityTokenSecret(loadOrCreateCapabilityTokenSecret())` but
-  // we fall back to a disk load here so unit tests and early call sites
-  // don't have to depend on startup ordering.
-  _secret = loadOrCreateCapabilityTokenSecret();
-  return _secret;
-}
-
-// ---------------------------------------------------------------------------
-// Mint / verify
-// ---------------------------------------------------------------------------
-
-const DEFAULT_TTL_MS = 30 * 60 * 1000; // 30 minutes
+let _testSecret: Buffer | undefined;
 
 function base64urlEncode(buf: Buffer): string {
   return buf
@@ -284,56 +67,62 @@ function sign(payload: string, secret: Buffer): string {
   return base64urlEncode(createHmac("sha256", secret).update(payload).digest());
 }
 
-/**
- * Mint a capability token bound to the `host_browser_command` capability
- * for the given guardian id. Default TTL is 30 minutes.
- */
-export function mintHostBrowserCapability(
-  guardianId: string,
-  ttlMs: number = DEFAULT_TTL_MS,
-): CapabilityToken {
-  const expiresAt = Date.now() + ttlMs;
-  const nonce = randomBytes(16).toString("hex");
-  const claims: CapabilityClaims = {
-    capability: "host_browser_command",
-    guardianId,
-    nonce,
-    expiresAt,
-  };
-  const payload = base64urlEncode(Buffer.from(JSON.stringify(claims), "utf8"));
-  const sig = sign(payload, getSecret());
-  return { token: `${payload}.${sig}`, expiresAt };
-}
+// ---------------------------------------------------------------------------
+// Verify (production: gateway IPC, test: in-process)
+// ---------------------------------------------------------------------------
 
 /**
- * Verify a capability token minted by `mintHostBrowserCapability`.
- *
- * Returns the decoded claims on success or null if the signature is
- * invalid, the payload is malformed, the token has expired, or the bound
- * capability is not `host_browser_command`.
+ * Verify a capability token.
  *
- * Signature comparison uses `timingSafeEqual` to avoid leaking the secret
- * through timing side channels.
+ * In production, delegates to the gateway via IPC. In tests (when a
+ * secret has been injected via `setCapabilityTokenSecretForTests`),
+ * verifies in-process so tests don't need a live gateway.
  *
- * The `/v1/browser-relay` WebSocket upgrade handler in `http-server.ts`
- * (`handleBrowserRelayUpgrade`) calls this to authenticate self-hosted
- * chrome extensions on the capability-token branch before falling
- * through to the JWT compatibility path. The `/v1/host-browser-result`
- * POST route may also call it (see that route's auth handling) when a
- * result is posted back with a capability-token bearer instead of a
- * guardian-bound JWT.
+ * Returns the decoded claims on success or null on any failure.
  */
-export function verifyHostBrowserCapability(
+export async function verifyHostBrowserCapability(
+  token: string,
+): Promise<CapabilityClaims | null> {
+  if (typeof token !== "string" || token.length === 0) return null;
+
+  // Test path: in-process verification with the injected secret.
+  if (_testSecret) {
+    return verifyInProcess(token, _testSecret);
+  }
+
+  // Production path: delegate to the gateway.
+  try {
+    const result = await ipcCall("verify_capability_token", { token });
+    if (!result || typeof result !== "object") return null;
+
+    const claims = result as Record<string, unknown>;
+    if (claims.valid === false) return null;
+    if (claims.capability !== "host_browser_command") return null;
+    if (
+      typeof claims.guardianId !== "string" ||
+      claims.guardianId.length === 0
+    ) {
+      return null;
+    }
+
+    return claims as unknown as CapabilityClaims;
+  } catch (err) {
+    log.warn({ err }, "Failed to verify capability token via gateway IPC");
+    return null;
+  }
+}
+
+function verifyInProcess(
   token: string,
+  secret: Buffer,
 ): CapabilityClaims | null {
-  if (typeof token !== "string") return null;
   const dot = token.indexOf(".");
   if (dot < 0) return null;
   const payload = token.slice(0, dot);
   const sig = token.slice(dot + 1);
   if (!payload || !sig) return null;
 
-  const expected = sign(payload, getSecret());
+  const expected = sign(payload, secret);
   const a = Buffer.from(sig, "utf8");
   const b = Buffer.from(expected, "utf8");
   if (a.length !== b.length) return null;
@@ -353,9 +142,6 @@ export function verifyHostBrowserCapability(
   if (typeof claims.guardianId !== "string" || claims.guardianId.length === 0) {
     return null;
   }
-  if (typeof claims.nonce !== "string" || claims.nonce.length === 0) {
-    return null;
-  }
   if (typeof claims.expiresAt !== "number" || claims.expiresAt <= Date.now()) {
     return null;
   }
@@ -363,52 +149,42 @@ export function verifyHostBrowserCapability(
 }
 
 // ---------------------------------------------------------------------------
-// Dev-only fallback token file
+// Test-only helpers
 // ---------------------------------------------------------------------------
 
 /**
- * Path to the dev-pairing fallback token file. The runtime writes a freshly
- * minted capability token to this location on daemon startup so developers
- * can manually pair the chrome extension without wiring the native
- * messaging helper. Production users should pair via the native helper
- * (PRs 7/12/13).
- */
-export function getDaemonTokenFilePath(): string {
-  // Stored under the per-instance protected directory. Both writer and
-  // reader run in the same daemon process, so they resolve the same
-  // per-instance path (honoring BASE_DATA_DIR for multi-instance setups).
-  // This is a dev-only convenience path — production pairing goes through
-  // the native messaging flow.
-  return join(getProtectedDir(), "daemon-token");
-}
-
-/**
- * Write a freshly-minted capability token to the per-instance dev token
- * file (see `getDaemonTokenFilePath`) with 0600 permissions. Swallows
- * errors so a failure here never blocks daemon startup — this is a
- * dev-convenience path, not a production auth requirement.
+ * Mint a capability token in-process. Test-only — production minting is
+ * done by the gateway.
  */
-export function writeDaemonTokenFallback(guardianId: string): void {
-  try {
-    const { token } = mintHostBrowserCapability(guardianId);
-    const filePath = getDaemonTokenFilePath();
-    const dir = dirname(filePath);
-    if (!existsSync(dir)) {
-      mkdirSync(dir, { recursive: true });
-    }
-    const tmpPath = `${filePath}.tmp.${process.pid}`;
-    writeFileSync(tmpPath, token, { mode: 0o600 });
-    renameSync(tmpPath, filePath);
-    try {
-      chmodSync(filePath, 0o600);
-    } catch {
-      // best-effort
-    }
-    log.info({ filePath }, "Dev capability token written to daemon-token file");
-  } catch (err) {
-    log.warn(
-      { err },
-      "Failed to write dev capability token file; manual pairing still available via /v1/browser-extension-pair",
+export function mintHostBrowserCapability(
+  guardianId: string,
+  ttlMs: number = 30 * 60 * 1000,
+): CapabilityToken {
+  const secret = _testSecret;
+  if (!secret) {
+    throw new Error(
+      "capability token secret not set — call setCapabilityTokenSecretForTests() first",
     );
   }
+  const expiresAt = Date.now() + ttlMs;
+  const nonce = randomBytes(16).toString("hex");
+  const claims: CapabilityClaims = {
+    capability: "host_browser_command",
+    guardianId,
+    nonce,
+    expiresAt,
+  };
+  const payload = base64urlEncode(Buffer.from(JSON.stringify(claims), "utf8"));
+  const sig = sign(payload, secret);
+  return { token: `${payload}.${sig}`, expiresAt };
+}
+
+/** Inject a deterministic secret for tests. */
+export function setCapabilityTokenSecretForTests(secret: Buffer): void {
+  _testSecret = secret;
+}
+
+/** Reset the test secret. */
+export function resetCapabilityTokenSecretForTests(): void {
+  _testSecret = undefined;
 }

package/src/runtime/channel-approval-types.ts

@@ -14,12 +14,7 @@ import type { GuardianDecisionAction } from "./guardian-decision-types.js";
 // ---------------------------------------------------------------------------
 
 /** The set of actions a user can take on an approval prompt. */
-export type ApprovalAction =
-  | "approve_once"
-  | "approve_10m"
-  | "approve_conversation"
-  | "approve_always"
-  | "reject";
+export type ApprovalAction = "approve_once" | "reject";
 
 /** An action presented to the user as a tappable button or text option. */
 export interface ApprovalActionOption {

package/src/runtime/channel-approvals.ts

@@ -9,10 +9,7 @@
  *   3. Consume user decisions and apply them to the underlying session
  */
 
-import { addRule } from "../permissions/trust-store.js";
 import type { UserDecision } from "../permissions/types.js";
-import { isPermissionControlsV2Enabled } from "../permissions/v2-consent-policy.js";
-import { getTool } from "../tools/registry.js";
 import { composeApprovalMessage } from "./approval-message-composer.js";
 import type {
   ApprovalAction,
@@ -22,7 +19,6 @@ import type {
 } from "./channel-approval-types.js";
 import { toApprovalActionOptions } from "./channel-approval-types.js";
 import {
-  buildDecisionActions,
   buildOneTimeDecisionActions,
   buildPlainTextFallback,
 } from "./guardian-decision-types.js";
@@ -34,7 +30,6 @@ export interface PendingApprovalInfo {
   toolName: string;
   input: Record<string, unknown>;
   riskLevel: string;
-  persistentDecisionsAllowed?: boolean;
 }
 
 // ---------------------------------------------------------------------------
@@ -73,18 +68,15 @@ export function getApprovalInfoByConversation(
       toolName: i.confirmationDetails!.toolName,
       input: i.confirmationDetails!.input,
       riskLevel: i.confirmationDetails!.riskLevel,
-      persistentDecisionsAllowed:
-        i.confirmationDetails!.persistentDecisionsAllowed,
     }));
 }
 
 /**
  * Internal helper: turn a PendingApprovalInfo into a ChannelApprovalPrompt.
  *
- * Derives actions from the shared `buildDecisionActions` builder defined in
- * guardian-decision-types.ts, then maps them to the channel-facing
- * `ApprovalActionOption` shape. This ensures channel button sets are always
- * consistent with the unified `GuardianDecisionPrompt` type.
+ * Derives actions from `buildOneTimeDecisionActions`, then maps them to the
+ * channel-facing `ApprovalActionOption` shape. This ensures channel button sets
+ * are always consistent with the unified `GuardianDecisionPrompt` type.
  */
 function buildPromptFromApprovalInfo(
   info: PendingApprovalInfo,
@@ -94,11 +86,7 @@ function buildPromptFromApprovalInfo(
     toolName: info.toolName,
   });
 
-  const decisionActions = isPermissionControlsV2Enabled()
-    ? buildOneTimeDecisionActions()
-    : buildDecisionActions({
-        persistentDecisionsAllowed: info.persistentDecisionsAllowed,
-      });
+  const decisionActions = buildOneTimeDecisionActions();
   const actions = toApprovalActionOptions(decisionActions);
   const plainTextFallback = buildPlainTextFallback(promptText, decisionActions);
 
@@ -137,25 +125,10 @@ export function buildApprovalUIMetadata(
 
 /**
  * Map a channel-level `ApprovalAction` to the permission system's
- * `UserDecision` type. Temporary approval modes (`approve_10m`,
- * `approve_conversation`) map directly to their `allow_*` counterparts so
- * the permission pipeline can activate the appropriate override.
+ * `UserDecision` type.
  */
 function mapApprovalActionToUserDecision(action: ApprovalAction): UserDecision {
-  if (isPermissionControlsV2Enabled()) {
-    return action === "reject" ? "deny" : "allow";
-  }
-
-  switch (action) {
-    case "reject":
-      return "deny";
-    case "approve_10m":
-      return "allow_10m";
-    case "approve_conversation":
-      return "allow_conversation";
-    default:
-      return "allow";
-  }
+  return action === "reject" ? "deny" : "allow";
 }
 
 // ---------------------------------------------------------------------------
@@ -170,10 +143,6 @@ export interface HandleDecisionResult {
 /**
  * Find the pending interaction for a conversation, map the user's decision to the
  * permission system's vocabulary, and apply it via session.handleConfirmationResponse().
- *
- * For `approve_always`, a trust rule is persisted using the first allowlist
- * option and first scope option from the pending confirmation (narrow
- * default). The current invocation is also approved.
  */
 export function handleChannelDecision(
   conversationId: string,
@@ -190,41 +159,6 @@ export function handleChannelDecision(
     : pending[0];
   if (!info) return { applied: false };
 
-  if (
-    !isPermissionControlsV2Enabled() &&
-    decision.action === "approve_always"
-  ) {
-    // Only persist a trust rule when the confirmation explicitly allows persistence
-    // AND provides explicit allowlist/scope options. Without explicit options we
-    // would create a blanket "**"/"everywhere" rule, which is a security risk.
-    const interaction = pendingInteractions.get(info.requestId);
-    const details = interaction?.confirmationDetails;
-    if (
-      details &&
-      details.persistentDecisionsAllowed !== false &&
-      details.allowlistOptions?.length
-    ) {
-      const pattern = details.allowlistOptions[0].pattern;
-      // Non-scoped tools (web_fetch, network_request, etc.) have empty
-      // scopeOptions — default to 'everywhere' so approve_always still
-      // persists a trust rule instead of silently degrading to one-time.
-      const scope = details.scopeOptions?.length
-        ? details.scopeOptions[0].scope
-        : "everywhere";
-      // Only persist executionTarget for skill-origin tools — core tools don't
-      // set it in their PolicyContext, so a persisted value would prevent the
-      // rule from ever matching on subsequent permission checks.
-      const tool = getTool(details.toolName);
-      const executionTarget =
-        tool?.origin === "skill" ? details.executionTarget : undefined;
-      addRule(details.toolName, pattern, scope, "allow", 100, {
-        executionTarget,
-      });
-    }
-    // When persistence is not allowed or options are missing, the decision
-    // still proceeds as a one-time approval (falls through to session call).
-  }
-
   // Resolve the interaction to get the conversation and remove from tracker
   const resolved = pendingInteractions.resolve(info.requestId);
   if (!resolved) return { applied: false };
@@ -260,10 +194,6 @@ export function handleChannelDecision(
  * Build an approval prompt that includes context about which non-guardian
  * user is requesting the action. Sent to the guardian's chat so they
  * can approve or deny on behalf of the requester.
- *
- * Uses the shared `buildDecisionActions` builder with `forGuardianOnBehalf`
- * set to true, which excludes `approve_always` since guardians cannot
- * permanently allowlist tools on behalf of requesters.
  */
 export function buildGuardianApprovalPrompt(
   info: PendingApprovalInfo,
@@ -275,9 +205,7 @@ export function buildGuardianApprovalPrompt(
     requesterIdentifier,
   });
 
-  const decisionActions = isPermissionControlsV2Enabled()
-    ? buildOneTimeDecisionActions()
-    : buildDecisionActions({ forGuardianOnBehalf: true });
+  const decisionActions = buildOneTimeDecisionActions();
   const actions = toApprovalActionOptions(decisionActions);
   const plainTextFallback = buildPlainTextFallback(promptText, decisionActions);
 

package/src/runtime/channel-readiness-service.ts

@@ -1,9 +1,9 @@
 import { resolveTwilioPhoneNumber } from "../calls/twilio-config.js";
 import { hasTwilioCredentials } from "../calls/twilio-rest.js";
 import { getChannelInvitePolicy } from "../channels/config.js";
+import { getIsPlatform } from "../config/env-registry.js";
 import { getConfig, getNestedValue, loadRawConfig } from "../config/loader.js";
 import { isEmailEnabled } from "../email/feature-gate.js";
-import { shouldUsePlatformCallbacks } from "../inbound/platform-callback-registration.js";
 import { credentialKey } from "../security/credential-key.js";
 import { getSecureKeyAsync } from "../security/secure-keys.js";
 import { resolveWhatsAppDisplayNumber } from "./channel-invite-transports/whatsapp.js";
@@ -43,7 +43,7 @@ function hasWebhookRoutingConfigured(allowManagedCallbacks = false): {
   }
 
   const usesManagedCallbacks =
-    allowManagedCallbacks && shouldUsePlatformCallbacks();
+    allowManagedCallbacks && getIsPlatform();
   return {
     configured: usesManagedCallbacks,
     usesManagedCallbacks,