@vibetechnologies/chrome-sync 0.4.0

package/dist/extract.js

@@ -0,0 +1,228 @@
+/**
+ * Chrome cookie extraction — reads and decrypts cookies from local Chrome profile.
+ *
+ * Supports: macOS (Keychain), Linux (libsecret / fallback "peanuts"), Windows (DPAPI via AES-GCM).
+ */
+import { execSync } from "node:child_process";
+import { copyFileSync, existsSync, mkdtempSync } from "node:fs";
+import { homedir, platform, tmpdir } from "node:os";
+import { join } from "node:path";
+import crypto from "node:crypto";
+/** Get Chrome profile directory for current OS */
+export function getChromeProfileDir(profile = "Default") {
+    const home = homedir();
+    switch (platform()) {
+        case "darwin":
+            return join(home, "Library/Application Support/Google/Chrome", profile);
+        case "linux":
+            return join(home, ".config/google-chrome", profile);
+        case "win32":
+            return join(process.env.LOCALAPPDATA || join(home, "AppData/Local"), "Google/Chrome/User Data", profile);
+        default:
+            throw new Error(`Unsupported platform: ${platform()}`);
+    }
+}
+/** Get Chrome cookie DB path */
+export function getCookieDbPath(profile = "Default") {
+    const profileDir = getChromeProfileDir(profile);
+    // Windows stores in Network/ subfolder since Chrome 96+
+    if (platform() === "win32") {
+        const networkPath = join(profileDir, "Network", "Cookies");
+        if (existsSync(networkPath))
+            return networkPath;
+    }
+    return join(profileDir, "Cookies");
+}
+/** Get Chrome decryption key for macOS (Keychain) */
+function getMacKey() {
+    // Allow bypassing keychain entirely via env var (useful for SSH/CI)
+    const cachedKey = process.env.CHROME_SAFE_STORAGE_KEY;
+    if (cachedKey) {
+        return crypto.pbkdf2Sync(cachedKey, "saltysalt", 1003, 16, "sha1");
+    }
+    let chromePassword;
+    try {
+        chromePassword = execSync("security find-generic-password -s 'Chrome Safe Storage' -w", { encoding: "utf-8", stdio: ["pipe", "pipe", "pipe"] }).trim();
+    }
+    catch {
+        // Keychain is locked (common over SSH). Try unlocking with password from env.
+        const keychainPass = process.env.KEYCHAIN_PASSWORD;
+        if (keychainPass) {
+            try {
+                execSync(`security unlock-keychain -p "${keychainPass.replace(/"/g, '\\"')}" ~/Library/Keychains/login.keychain-db`, { stdio: "pipe" });
+                chromePassword = execSync("security find-generic-password -s 'Chrome Safe Storage' -w", { encoding: "utf-8", stdio: ["pipe", "pipe", "pipe"] }).trim();
+            }
+            catch {
+                throw new Error("Cannot access macOS Keychain. The login keychain is locked.\n" +
+                    "Options:\n" +
+                    "  1. Run this command in a GUI terminal (not over SSH)\n" +
+                    "  2. Set CHROME_SAFE_STORAGE_KEY env var (get it once: security find-generic-password -s 'Chrome Safe Storage' -w)\n" +
+                    "  3. Set KEYCHAIN_PASSWORD env var to your macOS login password\n" +
+                    "  4. Unlock manually: security unlock-keychain ~/Library/Keychains/login.keychain-db");
+            }
+        }
+        else {
+            throw new Error("Cannot access macOS Keychain. The login keychain is locked.\n" +
+                "Options:\n" +
+                "  1. Run this command in a GUI terminal (not over SSH)\n" +
+                "  2. Set CHROME_SAFE_STORAGE_KEY env var (get it once: security find-generic-password -s 'Chrome Safe Storage' -w)\n" +
+                "  3. Set KEYCHAIN_PASSWORD env var to your macOS login password\n" +
+                "  4. Unlock manually: security unlock-keychain ~/Library/Keychains/login.keychain-db");
+        }
+    }
+    return crypto.pbkdf2Sync(chromePassword, "saltysalt", 1003, 16, "sha1");
+}
+/** Get Chrome decryption key for Linux (libsecret or fallback) */
+function getLinuxKey() {
+    let password = "peanuts"; // fallback when no keyring
+    try {
+        // Try libsecret via secret-tool
+        password = execSync("secret-tool lookup application chrome", { encoding: "utf-8" }).trim();
+    }
+    catch {
+        // Fall back to "peanuts" — Chrome's hardcoded fallback on Linux without a keyring
+    }
+    return crypto.pbkdf2Sync(password, "saltysalt", 1003, 16, "sha1");
+}
+/** Get Chrome decryption key for Windows (from Local State) */
+function getWindowsKey(profile = "Default") {
+    const home = homedir();
+    const localStatePath = join(process.env.LOCALAPPDATA || join(home, "AppData/Local"), "Google/Chrome/User Data/Local State");
+    const localState = JSON.parse(require("node:fs").readFileSync(localStatePath, "utf-8"));
+    const encryptedKey = Buffer.from(localState.os_crypt.encrypted_key, "base64");
+    // Remove "DPAPI" prefix (5 bytes)
+    const keyWithoutPrefix = encryptedKey.subarray(5);
+    // On Windows, we'd need DPAPI to decrypt — which requires native module
+    // For now, throw with guidance
+    throw new Error("Windows DPAPI decryption requires the 'win-dpapi' native module. " +
+        "Install: npm install win-dpapi");
+}
+/** Decrypt a single cookie value */
+function decryptCookieValue(encryptedValue, key) {
+    if (!encryptedValue || encryptedValue.length === 0)
+        return "";
+    // v10/v11 prefix = encrypted (macOS/Linux use AES-128-CBC)
+    const prefix = encryptedValue.subarray(0, 3).toString();
+    if (prefix === "v10" || prefix === "v11") {
+        if (platform() === "win32") {
+            // Windows v10 uses AES-256-GCM
+            const nonce = encryptedValue.subarray(3, 15); // 12-byte nonce
+            const ciphertext = encryptedValue.subarray(15, -16);
+            const tag = encryptedValue.subarray(-16);
+            const decipher = crypto.createDecipheriv("aes-256-gcm", key, nonce);
+            decipher.setAuthTag(tag);
+            return Buffer.concat([
+                decipher.update(ciphertext),
+                decipher.final(),
+            ]).toString("utf-8");
+        }
+        // macOS / Linux: AES-128-CBC
+        const iv = Buffer.alloc(16, " "); // 16 spaces
+        const ciphertext = encryptedValue.subarray(3);
+        const decipher = crypto.createDecipheriv("aes-128-cbc", key, iv);
+        decipher.setAutoPadding(true);
+        const decrypted = Buffer.concat([
+            decipher.update(ciphertext),
+            decipher.final(),
+        ]);
+        return decrypted.toString("utf-8");
+    }
+    // Not encrypted — return as-is
+    return encryptedValue.toString("utf-8");
+}
+/** Map Chrome sameSite int to Playwright string */
+function mapSameSite(value) {
+    switch (value) {
+        case 2:
+            return "Strict";
+        case 1:
+            return "Lax";
+        default:
+            return "None";
+    }
+}
+/**
+ * Extract cookies from local Chrome for specific domains (or all cookies if domains is empty).
+ *
+ * @param domains - Array of domains to extract (e.g., [".google.com"]). Empty = all cookies.
+ * @param profile - Chrome profile name (default: "Default")
+ */
+export async function extractCookies(domains, profile = "Default") {
+    const dbPath = getCookieDbPath(profile);
+    if (!existsSync(dbPath)) {
+        throw new Error(`Chrome cookie database not found at: ${dbPath}\n` +
+            `Make sure Chrome is installed and the profile "${profile}" exists.`);
+    }
+    // Copy DB to temp file to avoid lock conflicts with running Chrome
+    const tempDir = mkdtempSync(join(tmpdir(), "browser-sync-"));
+    const tempDb = join(tempDir, "Cookies");
+    copyFileSync(dbPath, tempDb);
+    // Also copy WAL/SHM if they exist (needed for recent writes)
+    for (const ext of ["-wal", "-shm"]) {
+        if (existsSync(dbPath + ext)) {
+            copyFileSync(dbPath + ext, tempDb + ext);
+        }
+    }
+    // Get decryption key
+    let key;
+    switch (platform()) {
+        case "darwin":
+            key = getMacKey();
+            break;
+        case "linux":
+            key = getLinuxKey();
+            break;
+        case "win32":
+            key = getWindowsKey(profile);
+            break;
+        default:
+            throw new Error(`Unsupported platform: ${platform()}`);
+    }
+    // Query cookies — dynamic import for better-sqlite3
+    const Database = (await import("better-sqlite3")).default;
+    const db = new Database(tempDb, { readonly: true });
+    let query = `SELECT name, encrypted_value, host_key, path, expires_utc, is_httponly, is_secure, samesite FROM cookies`;
+    if (domains.length > 0) {
+        const domainClauses = domains
+            .map((d) => `host_key LIKE '%${d.replace(/'/g, "''")}'`)
+            .join(" OR ");
+        query += ` WHERE ${domainClauses}`;
+    }
+    const rows = db
+        .prepare(query)
+        .all();
+    db.close();
+    const cookies = [];
+    for (const row of rows) {
+        try {
+            const value = decryptCookieValue(row.encrypted_value, key);
+            if (!value)
+                continue;
+            cookies.push({
+                name: row.name,
+                value,
+                domain: row.host_key,
+                path: row.path,
+                // Chrome stores expires as microseconds since 1601-01-01; convert to Unix seconds
+                expires: row.expires_utc === 0
+                    ? -1
+                    : Math.floor((row.expires_utc / 1000000) - 11644473600),
+                httpOnly: row.is_httponly === 1,
+                secure: row.is_secure === 1,
+                sameSite: mapSameSite(row.samesite),
+            });
+        }
+        catch {
+            // Skip cookies that fail to decrypt (stale entries, etc.)
+        }
+    }
+    return cookies;
+}
+/**
+ * Extract cookies and format as Playwright-compatible StorageState
+ */
+export async function extractStorageState(domains, profile = "Default") {
+    const cookies = await extractCookies(domains, profile);
+    return { cookies, origins: [] };
+}
+//# sourceMappingURL=extract.js.map

package/dist/extract.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"extract.js","sourceRoot":"","sources":["../src/extract.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAChE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACpD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,MAAM,MAAM,aAAa,CAAC;AAkBjC,kDAAkD;AAClD,MAAM,UAAU,mBAAmB,CAAC,OAAO,GAAG,SAAS;IACrD,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;IACvB,QAAQ,QAAQ,EAAE,EAAE,CAAC;QACnB,KAAK,QAAQ;YACX,OAAO,IAAI,CAAC,IAAI,EAAE,2CAA2C,EAAE,OAAO,CAAC,CAAC;QAC1E,KAAK,OAAO;YACV,OAAO,IAAI,CAAC,IAAI,EAAE,uBAAuB,EAAE,OAAO,CAAC,CAAC;QACtD,KAAK,OAAO;YACV,OAAO,IAAI,CACT,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,IAAI,EAAE,eAAe,CAAC,EACvD,yBAAyB,EACzB,OAAO,CACR,CAAC;QACJ;YACE,MAAM,IAAI,KAAK,CAAC,yBAAyB,QAAQ,EAAE,EAAE,CAAC,CAAC;IAC3D,CAAC;AACH,CAAC;AAED,gCAAgC;AAChC,MAAM,UAAU,eAAe,CAAC,OAAO,GAAG,SAAS;IACjD,MAAM,UAAU,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;IAChD,wDAAwD;IACxD,IAAI,QAAQ,EAAE,KAAK,OAAO,EAAE,CAAC;QAC3B,MAAM,WAAW,GAAG,IAAI,CAAC,UAAU,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAC3D,IAAI,UAAU,CAAC,WAAW,CAAC;YAAE,OAAO,WAAW,CAAC;IAClD,CAAC;IACD,OAAO,IAAI,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;AACrC,CAAC;AAED,qDAAqD;AACrD,SAAS,SAAS;IAChB,oEAAoE;IACpE,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;IACtD,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,MAAM,CAAC,UAAU,CAAC,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,cAAsB,CAAC;IAE3B,IAAI,CAAC;QACH,cAAc,GAAG,QAAQ,CACvB,4DAA4D,EAC5D,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CACvD,CAAC,IAAI,EAAE,CAAC;IACX,CAAC;IAAC,MAAM,CAAC;QACP,8EAA8E;QAC9E,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;QACnD,IAAI,YAAY,EAAE,CAAC;YACjB,IAAI,CAAC;gBACH,QAAQ,CACN,gCAAgC,YAAY,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,yCAAyC,EAC1G,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAC;gBACF,cAAc,GAAG,QAAQ,CACvB,4DAA4D,EAC5D,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CACvD,CAAC,IAAI,EAAE,CAAC;YACX,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,IAAI,KAAK,CACb,+DAA+D;oBAC7D,YAAY;oBACZ,0DAA0D;oBAC1D,sHAAsH;oBACtH,mEAAmE;oBACnE,sFAAsF,CACzF,CAAC;YACJ,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CACb,+DAA+D;gBAC7D,YAAY;gBACZ,0DAA0D;gBAC1D,sHAAsH;gBACtH,mEAAmE;gBACnE,sFAAsF,CACzF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC,UAAU,CAAC,cAAc,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;AAC1E,CAAC;AAED,kEAAkE;AAClE,SAAS,WAAW;IAClB,IAAI,QAAQ,GAAG,SAAS,CAAC,CAAC,2BAA2B;IAErD,IAAI,CAAC;QACH,gCAAgC;QAChC,QAAQ,GAAG,QAAQ,CACjB,uCAAuC,EACvC,EAAE,QAAQ,EAAE,OAAO,EAAE,CACtB,CAAC,IAAI,EAAE,CAAC;IACX,CAAC;IAAC,MAAM,CAAC;QACP,kFAAkF;IACpF,CAAC;IAED,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;AACpE,CAAC;AAED,+DAA+D;AAC/D,SAAS,aAAa,CAAC,OAAO,GAAG,SAAS;IACxC,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;IACvB,MAAM,cAAc,GAAG,IAAI,CACzB,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,IAAI,EAAE,eAAe,CAAC,EACvD,qCAAqC,CACtC,CAAC;IAEF,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAC3B,OAAO,CAAC,SAAS,CAAC,CAAC,YAAY,CAAC,cAAc,EAAE,OAAO,CAAC,CACzD,CAAC;IAEF,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAC9B,UAAU,CAAC,QAAQ,CAAC,aAAa,EACjC,QAAQ,CACT,CAAC;IAEF,kCAAkC;IAClC,MAAM,gBAAgB,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAElD,wEAAwE;IACxE,+BAA+B;IAC/B,MAAM,IAAI,KAAK,CACb,mEAAmE;QACjE,gCAAgC,CACnC,CAAC;AACJ,CAAC;AAED,oCAAoC;AACpC,SAAS,kBAAkB,CACzB,cAAsB,EACtB,GAAW;IAEX,IAAI,CAAC,cAAc,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAE9D,2DAA2D;IAC3D,MAAM,MAAM,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;IAExD,IAAI,MAAM,KAAK,KAAK,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QACzC,IAAI,QAAQ,EAAE,KAAK,OAAO,EAAE,CAAC;YAC3B,+BAA+B;YAC/B,MAAM,KAAK,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB;YAC9D,MAAM,UAAU,GAAG,cAAc,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;YACpD,MAAM,GAAG,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC;YACzC,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;YACpE,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YACzB,OAAO,MAAM,CAAC,MAAM,CAAC;gBACnB,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC;gBAC3B,QAAQ,CAAC,KAAK,EAAE;aACjB,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACvB,CAAC;QAED,6BAA6B;QAC7B,MAAM,EAAE,GAAG,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,YAAY;QAC9C,MAAM,UAAU,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QAC9C,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QACjE,QAAQ,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAC9B,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC;YAC3B,QAAQ,CAAC,KAAK,EAAE;SACjB,CAAC,CAAC;QACH,OAAO,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACrC,CAAC;IAED,+BAA+B;IAC/B,OAAO,cAAc,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AAC1C,CAAC;AAED,mDAAmD;AACnD,SAAS,WAAW,CAAC,KAAa;IAChC,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,CAAC;YACJ,OAAO,QAAQ,CAAC;QAClB,KAAK,CAAC;YACJ,OAAO,KAAK,CAAC;QACf;YACE,OAAO,MAAM,CAAC;IAClB,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,OAAiB,EACjB,OAAO,GAAG,SAAS;IAEnB,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IAExC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,wCAAwC,MAAM,IAAI;YAChD,kDAAkD,OAAO,WAAW,CACvE,CAAC;IACJ,CAAC;IAED,mEAAmE;IACnE,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,eAAe,CAAC,CAAC,CAAC;IAC7D,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IACxC,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE7B,6DAA6D;IAC7D,KAAK,MAAM,GAAG,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC;QACnC,IAAI,UAAU,CAAC,MAAM,GAAG,GAAG,CAAC,EAAE,CAAC;YAC7B,YAAY,CAAC,MAAM,GAAG,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,qBAAqB;IACrB,IAAI,GAAW,CAAC;IAChB,QAAQ,QAAQ,EAAE,EAAE,CAAC;QACnB,KAAK,QAAQ;YACX,GAAG,GAAG,SAAS,EAAE,CAAC;YAClB,MAAM;QACR,KAAK,OAAO;YACV,GAAG,GAAG,WAAW,EAAE,CAAC;YACpB,MAAM;QACR,KAAK,OAAO;YACV,GAAG,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;YAC7B,MAAM;QACR;YACE,MAAM,IAAI,KAAK,CAAC,yBAAyB,QAAQ,EAAE,EAAE,CAAC,CAAC;IAC3D,CAAC;IAED,oDAAoD;IACpD,MAAM,QAAQ,GAAG,CAAC,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,OAAO,CAAC;IAC1D,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;IAEpD,IAAI,KAAK,GAAG,0GAA0G,CAAC;IAEvH,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,aAAa,GAAG,OAAO;aAC1B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,mBAAmB,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,CAAC;aACvD,IAAI,CAAC,MAAM,CAAC,CAAC;QAChB,KAAK,IAAI,UAAU,aAAa,EAAE,CAAC;IACrC,CAAC;IAED,MAAM,IAAI,GAAG,EAAE;SACZ,OAAO,CAAC,KAAK,CAAC;SACd,GAAG,EASJ,CAAC;IAEH,EAAE,CAAC,KAAK,EAAE,CAAC;IAEX,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,kBAAkB,CAAC,GAAG,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;YAC3D,IAAI,CAAC,KAAK;gBAAE,SAAS;YAErB,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,KAAK;gBACL,MAAM,EAAE,GAAG,CAAC,QAAQ;gBACpB,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,kFAAkF;gBAClF,OAAO,EACL,GAAG,CAAC,WAAW,KAAK,CAAC;oBACnB,CAAC,CAAC,CAAC,CAAC;oBACJ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,WAAW,GAAG,OAAO,CAAC,GAAG,WAAW,CAAC;gBAC3D,QAAQ,EAAE,GAAG,CAAC,WAAW,KAAK,CAAC;gBAC/B,MAAM,EAAE,GAAG,CAAC,SAAS,KAAK,CAAC;gBAC3B,QAAQ,EAAE,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC;aACpC,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,0DAA0D;QAC5D,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAiB,EACjB,OAAO,GAAG,SAAS;IAEnB,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACvD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;AAClC,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+export { extractCookies, extractStorageState, getChromeProfileDir, getCookieDbPath } from "./extract.js";
+export type { Cookie, StorageState } from "./extract.js";
+export { loginViaBrowser, loginWithToken, pushCookies, loadAuth, saveAuth, clearAuth } from "./api.js";

package/dist/index.js

@@ -0,0 +1,3 @@
+export { extractCookies, extractStorageState, getChromeProfileDir, getCookieDbPath } from "./extract.js";
+export { loginViaBrowser, loginWithToken, pushCookies, loadAuth, saveAuth, clearAuth } from "./api.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAEzG,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,WAAW,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC"}

package/dist/server.d.ts

@@ -0,0 +1,22 @@
+/**
+ * Server-side handler for browser-sync cookie injection.
+ *
+ * Receives cookies from the CLI, connects to the tenant's Chrome via CDP,
+ * and injects them using Network.setCookies.
+ *
+ * Mount at: POST /admin/api/browser-sync/cookies
+ */
+import type { StorageState } from "./extract.js";
+interface BrowserSyncRequest {
+    storageState: StorageState;
+    subdomain?: string;
+}
+/**
+ * Express/Hono-style handler for the browser-sync cookie push endpoint.
+ * Integrate with the bot's admin API router.
+ */
+export declare function handleBrowserSyncPush(body: BrowserSyncRequest, resolveCdpUrl: (subdomain?: string) => Promise<string>): Promise<{
+    injected: number;
+    errors: string[];
+}>;
+export type { BrowserSyncRequest };

package/dist/server.js

@@ -0,0 +1,87 @@
+/**
+ * Server-side handler for browser-sync cookie injection.
+ *
+ * Receives cookies from the CLI, connects to the tenant's Chrome via CDP,
+ * and injects them using Network.setCookies.
+ *
+ * Mount at: POST /admin/api/browser-sync/cookies
+ */
+/**
+ * Inject cookies into a tenant's cloud Chrome via CDP.
+ *
+ * @param cdpUrl - The Chrome DevTools Protocol WebSocket URL (e.g., ws://localhost:3000)
+ * @param cookies - Playwright-format cookies to inject
+ */
+async function injectCookiesViaCDP(cdpUrl, cookies) {
+    // Connect to Chrome via CDP WebSocket
+    const ws = await connectCDP(cdpUrl);
+    const errors = [];
+    let injected = 0;
+    try {
+        // Convert to CDP Network.CookieParam format
+        const cdpCookies = cookies.map((c) => ({
+            name: c.name,
+            value: c.value,
+            domain: c.domain,
+            path: c.path,
+            expires: c.expires > 0 ? c.expires : undefined,
+            httpOnly: c.httpOnly,
+            secure: c.secure,
+            sameSite: c.sameSite,
+        }));
+        // Inject via Network.setCookies (batch)
+        const result = await sendCDPCommand(ws, "Network.setCookies", {
+            cookies: cdpCookies,
+        });
+        if (result.error) {
+            errors.push(result.error.message);
+        }
+        else {
+            injected = cdpCookies.length;
+        }
+    }
+    finally {
+        ws.close();
+    }
+    return { injected, errors };
+}
+/** Connect to Chrome CDP endpoint */
+async function connectCDP(cdpUrl) {
+    // Get the debugger WebSocket URL from /json/version
+    const httpUrl = cdpUrl.replace("ws://", "http://").replace("wss://", "https://");
+    const versionRes = await fetch(`${httpUrl}/json/version`);
+    const version = (await versionRes.json());
+    return new Promise((resolve, reject) => {
+        const ws = new WebSocket(version.webSocketDebuggerUrl);
+        ws.onopen = () => resolve(ws);
+        ws.onerror = (err) => reject(new Error(`CDP connection failed: ${err}`));
+    });
+}
+/** Send a CDP command and wait for response */
+function sendCDPCommand(ws, method, params) {
+    const id = Math.floor(Math.random() * 1e9);
+    return new Promise((resolve) => {
+        const handler = (event) => {
+            const data = JSON.parse(String(event.data));
+            if (data.id === id) {
+                ws.removeEventListener("message", handler);
+                resolve(data);
+            }
+        };
+        ws.addEventListener("message", handler);
+        ws.send(JSON.stringify({ id, method, params }));
+    });
+}
+/**
+ * Express/Hono-style handler for the browser-sync cookie push endpoint.
+ * Integrate with the bot's admin API router.
+ */
+export async function handleBrowserSyncPush(body, resolveCdpUrl) {
+    const { storageState, subdomain } = body;
+    if (!storageState?.cookies?.length) {
+        return { injected: 0, errors: ["No cookies provided"] };
+    }
+    const cdpUrl = await resolveCdpUrl(subdomain);
+    return injectCookiesViaCDP(cdpUrl, storageState.cookies);
+}
+//# sourceMappingURL=server.js.map

package/dist/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAUH;;;;;GAKG;AACH,KAAK,UAAU,mBAAmB,CAChC,MAAc,EACd,OAAgC;IAEhC,sCAAsC;IACtC,MAAM,EAAE,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,CAAC;IACpC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,QAAQ,GAAG,CAAC,CAAC;IAEjB,IAAI,CAAC;QACH,4CAA4C;QAC5C,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACrC,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,OAAO,EAAE,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;YAC9C,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,QAAQ,EAAE,CAAC,CAAC,QAAQ;SACrB,CAAC,CAAC,CAAC;QAEJ,wCAAwC;QACxC,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,EAAE,EAAE,oBAAoB,EAAE;YAC5D,OAAO,EAAE,UAAU;SACpB,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACpC,CAAC;aAAM,CAAC;YACN,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC;QAC/B,CAAC;IACH,CAAC;YAAS,CAAC;QACT,EAAE,CAAC,KAAK,EAAE,CAAC;IACb,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;AAC9B,CAAC;AAED,qCAAqC;AACrC,KAAK,UAAU,UAAU,CAAC,MAAc;IACtC,oDAAoD;IACpD,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IACjF,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,eAAe,CAAC,CAAC;IAC1D,MAAM,OAAO,GAAG,CAAC,MAAM,UAAU,CAAC,IAAI,EAAE,CAAqC,CAAC;IAE9E,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,EAAE,GAAG,IAAI,SAAS,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;QACvD,EAAE,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC9B,EAAE,CAAC,OAAO,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,0BAA0B,GAAG,EAAE,CAAC,CAAC,CAAC;IAC3E,CAAC,CAAC,CAAC;AACL,CAAC;AAED,+CAA+C;AAC/C,SAAS,cAAc,CACrB,EAAa,EACb,MAAc,EACd,MAA+B;IAE/B,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC;IAE3C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM,OAAO,GAAG,CAAC,KAAmB,EAAE,EAAE;YACtC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YAC5C,IAAI,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,CAAC;gBACnB,EAAE,CAAC,mBAAmB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC;QACH,CAAC,CAAC;QACF,EAAE,CAAC,gBAAgB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QACxC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,IAAwB,EACxB,aAAsD;IAEtD,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;IAEzC,IAAI,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;QACnC,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,qBAAqB,CAAC,EAAE,CAAC;IAC1D,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,SAAS,CAAC,CAAC;IAC9C,OAAO,mBAAmB,CAAC,MAAM,EAAE,YAAY,CAAC,OAAO,CAAC,CAAC;AAC3D,CAAC"}

package/package.json

@@ -0,0 +1,42 @@
+{
+  "name": "@vibetechnologies/chrome-sync",
+  "version": "0.4.0",
+  "description": "Sync browser cookies and sessions from your local Chrome to OpenClaw cloud browser",
+  "type": "module",
+  "bin": {
+    "chrome-sync": "./dist/cli.js"
+  },
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch",
+    "start": "node dist/cli.js"
+  },
+  "keywords": ["browser", "cookies", "sync", "chrome", "cdp", "openclaw"],
+  "author": "VibeTechnologies",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/VibeTechnologies/OpenClawBot.git",
+    "directory": "packages/browser-sync"
+  },
+  "engines": {
+    "node": ">=20"
+  },
+  "dependencies": {
+    "better-sqlite3": "^11.0.0",
+    "commander": "^12.0.0"
+  },
+  "devDependencies": {
+    "@types/better-sqlite3": "^7.6.0",
+    "@types/node": "^22.0.0",
+    "typescript": "^5.5.0"
+  }
+}

package/src/api.ts

@@ -0,0 +1,189 @@
+/**
+ * API client for syncing cookies to OpenClaw tenant cloud browser.
+ *
+ * Flow:
+ * 1. CLI starts localhost callback server, opens browser to /auth/cli
+ * 2. User authenticates on the web (Telegram OAuth or session)
+ * 3. Server redirects to localhost callback with token + username
+ * 4. CLI saves credentials, user runs `chrome-sync push`
+ */
+
+import { readFileSync, writeFileSync, mkdirSync, existsSync } from "node:fs";
+import { createServer } from "node:http";
+import { homedir } from "node:os";
+import { join } from "node:path";
+import type { StorageState } from "./extract.js";
+
+const CONFIG_DIR = join(homedir(), ".config", "chrome-sync");
+const TOKEN_FILE = join(CONFIG_DIR, "auth.json");
+
+interface AuthConfig {
+  apiUrl: string;
+  token: string;
+  username: string;
+  subdomain: string;
+}
+
+/** Store auth credentials */
+export function saveAuth(config: AuthConfig): void {
+  mkdirSync(CONFIG_DIR, { recursive: true });
+  writeFileSync(TOKEN_FILE, JSON.stringify(config, null, 2), { mode: 0o600 });
+}
+
+/** Load saved auth credentials */
+export function loadAuth(): AuthConfig | null {
+  if (!existsSync(TOKEN_FILE)) return null;
+  try {
+    return JSON.parse(readFileSync(TOKEN_FILE, "utf-8"));
+  } catch {
+    return null;
+  }
+}
+
+/** Clear saved auth */
+export function clearAuth(): void {
+  if (existsSync(TOKEN_FILE)) {
+    writeFileSync(TOKEN_FILE, "", { mode: 0o600 });
+  }
+}
+
+/**
+ * Login via browser OAuth callback flow.
+ *
+ * 1. Starts a localhost HTTP server on a random port
+ * 2. Opens browser to apiUrl/auth/cli?callback_port=<port>
+ * 3. User authenticates on the web
+ * 4. Server redirects to http://localhost:<port>/callback?token=...&username=...&subdomain=...
+ * 5. CLI saves credentials and closes
+ */
+export async function loginViaBrowser(
+  apiUrl: string = "https://console.openclaw.vibebrowser.app"
+): Promise<AuthConfig> {
+  return new Promise((resolve, reject) => {
+    const server = createServer((req, res) => {
+      const url = new URL(req.url ?? "/", `http://localhost`);
+
+      if (url.pathname === "/callback") {
+        const token = url.searchParams.get("token");
+        const username = url.searchParams.get("username");
+        const subdomain = url.searchParams.get("subdomain");
+
+        if (!token) {
+          res.writeHead(400, { "Content-Type": "text/html" });
+          res.end("<html><body><h2>Authentication failed</h2><p>No token received. Close this window and try again.</p></body></html>");
+          server.close();
+          reject(new Error("No token received from server"));
+          return;
+        }
+
+        const config: AuthConfig = {
+          apiUrl,
+          token,
+          username: username || "user",
+          subdomain: subdomain || "",
+        };
+        saveAuth(config);
+
+        res.writeHead(200, { "Content-Type": "text/html" });
+        res.end(`<html><body><h2>✓ Authenticated as ${config.username}</h2><p>You can close this window and return to the terminal.</p></body></html>`);
+        server.close();
+        resolve(config);
+      } else {
+        res.writeHead(404);
+        res.end();
+      }
+    });
+
+    server.listen(0, "127.0.0.1", () => {
+      const addr = server.address();
+      if (!addr || typeof addr === "string") {
+        server.close();
+        reject(new Error("Failed to start callback server"));
+        return;
+      }
+
+      const port = addr.port;
+      const authUrl = `${apiUrl}/auth/cli?callback_port=${port}`;
+
+      // Open browser
+      import("node:child_process").then(({ exec }) => {
+        const openCmd =
+          process.platform === "darwin"
+            ? `open "${authUrl}"`
+            : process.platform === "win32"
+              ? `start "" "${authUrl}"`
+              : `xdg-open "${authUrl}"`;
+        exec(openCmd);
+      });
+
+      console.log(`  Opening browser for authentication...`);
+      console.log(`  If it doesn't open, visit: ${authUrl}`);
+    });
+
+    // Timeout after 2 minutes
+    setTimeout(() => {
+      server.close();
+      reject(new Error("Authentication timed out (2 minutes). Try again."));
+    }, 120_000);
+  });
+}
+
+/**
+ * Login with a direct token (for CI/automation).
+ */
+export async function loginWithToken(apiUrl: string, token: string): Promise<AuthConfig> {
+  const res = await fetch(`${apiUrl}/admin/api/users`, {
+    headers: { Authorization: `Bearer ${token}` },
+  });
+
+  if (!res.ok) {
+    throw new Error(`Authentication failed: ${res.status} ${res.statusText}`);
+  }
+
+  const config: AuthConfig = {
+    apiUrl,
+    token,
+    username: "admin",
+    subdomain: "",
+  };
+
+  saveAuth(config);
+  return config;
+}
+
+/**
+ * Push cookies to the tenant's cloud browser.
+ */
+export async function pushCookies(
+  storageState: StorageState,
+  options?: { subdomain?: string }
+): Promise<{ injected: number; errors: string[] }> {
+  const auth = loadAuth();
+  if (!auth) {
+    throw new Error("Not authenticated. Run `chrome-sync login` first.");
+  }
+
+  const subdomain = options?.subdomain || auth.subdomain;
+
+  const res = await fetch(
+    `${auth.apiUrl}/admin/api/browser-sync/cookies`,
+    {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${auth.token}`,
+        "Content-Type": "application/json",
+      },
+      body: JSON.stringify({
+        storageState,
+        subdomain: subdomain || undefined,
+      }),
+    }
+  );
+
+  if (!res.ok) {
+    const body = await res.text();
+    throw new Error(`Failed to push cookies: ${res.status} — ${body}`);
+  }
+
+  return res.json() as Promise<{ injected: number; errors: string[] }>;
+}