agent-anywhere-gateway 0.1.0

package/src/shared/capabilities.js

@@ -0,0 +1,175 @@
+const MODE_OPTIONS = ["default", "auto-review", "full-access"];
+const REASONING_EFFORT_OPTIONS = ["low", "medium", "high", "xhigh"];
+const DEFAULT_REASONING_EFFORT = "high";
+const DEFAULT_MODE = "auto-review";
+const APPROVAL_POLICY_OPTIONS = ["never", "on-request"];
+const MODEL_OPTIONS = ["gpt-5.5", "gpt-5.4", "gpt-5.3-codex", "gpt-5.2", "gpt-5-codex", "o3"];
+const CAPABILITY_OPTION_LIMIT = 50;
+const CAPABILITY_STRING_LIMIT = 128;
+
+function uniqueOptions(values, fallback, { limit = CAPABILITY_OPTION_LIMIT, maxLength = CAPABILITY_STRING_LIMIT } = {}) {
+  const options = [];
+  for (const value of values || []) {
+    const option = String(value || "").trim();
+    if (option && option.length <= maxLength && !options.includes(option)) {
+      options.push(option);
+      if (options.length >= limit) {
+        break;
+      }
+    }
+  }
+  return options.length ? options : fallback;
+}
+
+function shortString(value) {
+  const text = String(value || "").trim();
+  return text && text.length <= CAPABILITY_STRING_LIMIT ? text : null;
+}
+
+function baseCapabilities(provider = "codex", overrides = {}) {
+  return {
+    providers: uniqueOptions(overrides.providers, [provider], { limit: 8 }),
+    models: uniqueOptions(overrides.models, MODEL_OPTIONS),
+    default_model: shortString(overrides.default_model),
+    input_modalities: uniqueOptions(overrides.input_modalities, []),
+    reasoning_efforts: uniqueOptions(overrides.reasoning_efforts, REASONING_EFFORT_OPTIONS),
+    approval_policies: uniqueOptions(overrides.approval_policies, APPROVAL_POLICY_OPTIONS),
+    modes: uniqueOptions(overrides.modes, MODE_OPTIONS)
+  };
+}
+
+function compactProviderCapabilities(provider = "codex", capabilities = {}) {
+  const compacted = baseCapabilities(provider, {
+    models: capabilities.models,
+    providers: [provider],
+    default_model: capabilities.default_model,
+    input_modalities: capabilities.input_modalities,
+    reasoning_efforts: capabilities.reasoning_efforts,
+    approval_policies: capabilities.approval_policies,
+    modes: capabilities.modes
+  });
+  compacted.providers = [provider];
+  if (compacted.default_model && !compacted.models.includes(compacted.default_model)) {
+    compacted.default_model = compacted.models[0] || null;
+  }
+  return compacted;
+}
+
+function compactProviderCapabilitiesMap(providerCapabilities = {}, providers = []) {
+  const map = {};
+  for (const provider of providers.slice(0, 8)) {
+    const key = shortString(provider);
+    if (!key || !providerCapabilities[key]) {
+      continue;
+    }
+    map[key] = compactProviderCapabilities(key, providerCapabilities[key]);
+  }
+  return map;
+}
+
+function buildCapabilities(provider = "codex", overrides = {}) {
+  const capabilities = baseCapabilities(provider, overrides);
+  if (capabilities.default_model && !capabilities.models.includes(capabilities.default_model)) {
+    capabilities.default_model = capabilities.models[0] || null;
+  }
+  const providerCapabilities = compactProviderCapabilitiesMap(overrides.provider_capabilities, capabilities.providers);
+  if (Object.keys(providerCapabilities).length) {
+    capabilities.provider_capabilities = providerCapabilities;
+  }
+  return capabilities;
+}
+
+function compactCapabilities(provider = "codex", capabilities = {}) {
+  return buildCapabilities(provider, {
+    models: capabilities.models,
+    providers: capabilities.providers,
+    default_model: capabilities.default_model,
+    input_modalities: capabilities.input_modalities,
+    reasoning_efforts: capabilities.reasoning_efforts,
+    approval_policies: capabilities.approval_policies,
+    modes: capabilities.modes,
+    provider_capabilities: capabilities.provider_capabilities
+  });
+}
+
+function capabilitiesForProvider(provider, capabilities = {}) {
+  const selected = String(provider || "").trim();
+  if (selected && capabilities.provider_capabilities?.[selected]) {
+    return capabilities.provider_capabilities[selected];
+  }
+  return capabilities;
+}
+
+function assertAllowedOption(name, value, options) {
+  if (!options.includes(value)) {
+    const error = new Error(`${name} 只能是：${options.join(", ")}`);
+    error.statusCode = 400;
+    throw error;
+  }
+}
+
+function optionList(capabilities, key, fallback) {
+  return uniqueOptions(capabilities?.[key], fallback);
+}
+
+function selectOption(input, defaults, key, options, fallback) {
+  const hasInput = input[key] !== undefined && input[key] !== null && String(input[key]).trim() !== "";
+  const raw = hasInput ? input[key] : defaults[key];
+  const fallbackValue = options.includes(fallback) ? fallback : options[0];
+  const value = String(raw || fallbackValue);
+  if (hasInput) {
+    assertAllowedOption(key, value, options);
+    return value;
+  }
+  return options.includes(value) ? value : fallbackValue;
+}
+
+function normalizeAgentSettings(input = {}, defaults = {}, capabilities = {}) {
+  const modelOptions = optionList(capabilities, "models", MODEL_OPTIONS);
+  const reasoningOptions = optionList(capabilities, "reasoning_efforts", REASONING_EFFORT_OPTIONS);
+  const approvalOptions = optionList(capabilities, "approval_policies", APPROVAL_POLICY_OPTIONS);
+  const modeOptions = optionList(capabilities, "modes", MODE_OPTIONS);
+
+  const model = selectOption(input, defaults, "model", modelOptions, capabilities.default_model || modelOptions[0]);
+  const reasoning_effort = selectOption(input, defaults, "reasoning_effort", reasoningOptions, DEFAULT_REASONING_EFFORT);
+  const approval_policy = selectOption(input, defaults, "approval_policy", approvalOptions, "on-request");
+  const mode = selectOption(input, defaults, "mode", modeOptions, DEFAULT_MODE);
+
+  return { model, reasoning_effort, approval_policy, mode };
+}
+
+function codexPolicyForMode(mode) {
+  if (mode === "auto-review") {
+    return {
+      sandbox: "workspace-write",
+      networkAccess: false,
+      approvalRisk: "low"
+    };
+  }
+  if (mode === "full-access") {
+    return {
+      sandbox: "danger-full-access",
+      networkAccess: true,
+      approvalRisk: "high"
+    };
+  }
+  return {
+    sandbox: "workspace-write",
+    networkAccess: false,
+    approvalRisk: "medium"
+  };
+}
+
+module.exports = {
+  APPROVAL_POLICY_OPTIONS,
+  DEFAULT_MODE,
+  DEFAULT_REASONING_EFFORT,
+  MODEL_OPTIONS,
+  MODE_OPTIONS,
+  REASONING_EFFORT_OPTIONS,
+  buildCapabilities,
+  capabilitiesForProvider,
+  compactCapabilities,
+  codexPolicyForMode,
+  normalizeAgentSettings
+};

package/src/shared/gateway-protocol.js

@@ -0,0 +1,26 @@
+const GatewayMessageType = Object.freeze({
+  APPROVAL_DECISION: "approval_decision",
+  ERROR: "error",
+  HEARTBEAT: "heartbeat",
+  REQUEST: "request",
+  RESPONSE: "response",
+  RUN_REPLAY: "run_replay",
+  STREAM_COMPLETE: "stream_complete",
+  STREAM_ERROR: "stream_error",
+  STREAM_EVENT: "stream_event"
+});
+
+const GatewayRequestMethod = Object.freeze({
+  CANCEL_TURN: "cancel_turn",
+  DISCOVER_PROJECTS: "discover_projects",
+  LIST_RUNTIME_SESSIONS: "list_runtime_sessions",
+  READ_PROJECT_FILE: "read_project_file",
+  READ_RUNTIME_SESSION: "read_runtime_session",
+  RUN: "run",
+  STEER_TURN: "steer_turn"
+});
+
+module.exports = {
+  GatewayMessageType,
+  GatewayRequestMethod
+};

package/src/shared/http-utils.js

@@ -0,0 +1,78 @@
+const fs = require("node:fs");
+const path = require("node:path");
+
+const CONTENT_TYPES = {
+  ".html": "text/html; charset=utf-8",
+  ".css": "text/css; charset=utf-8",
+  ".js": "text/javascript; charset=utf-8",
+  ".json": "application/json; charset=utf-8",
+  ".svg": "image/svg+xml"
+};
+
+function sendJson(res, statusCode, payload) {
+  res.writeHead(statusCode, {
+    "Content-Type": "application/json; charset=utf-8",
+    "Cache-Control": "no-store"
+  });
+  res.end(JSON.stringify(payload));
+}
+
+function sendError(res, error) {
+  sendJson(res, error.statusCode || 500, {
+    error: error.message || "服务异常。"
+  });
+}
+
+async function readJson(req) {
+  let body = "";
+  for await (const chunk of req) {
+    body += chunk.toString("utf8");
+    if (body.length > 1024 * 1024) {
+      const error = new Error("请求体过大。");
+      error.statusCode = 413;
+      throw error;
+    }
+  }
+  if (!body.trim()) {
+    return {};
+  }
+  return JSON.parse(body);
+}
+
+function serveStatic(req, res, publicDir) {
+  const url = new URL(req.url, "http://localhost");
+  const safePath = path.normalize(decodeURIComponent(url.pathname)).replace(/^(\.\.[/\\])+/, "");
+  const targetPath = path.join(publicDir, safePath === "/" ? "index.html" : safePath);
+  const resolved = path.resolve(targetPath);
+  if (!resolved.startsWith(path.resolve(publicDir))) {
+    sendJson(res, 403, { error: "禁止访问该路径。" });
+    return true;
+  }
+  if (!fs.existsSync(resolved) || !fs.statSync(resolved).isFile()) {
+    return false;
+  }
+  res.writeHead(200, {
+    "Content-Type": CONTENT_TYPES[path.extname(resolved)] || "application/octet-stream",
+    "Cache-Control": "no-store"
+  });
+  fs.createReadStream(resolved).pipe(res);
+  return true;
+}
+
+function sseWrite(res, event) {
+  res.write(`data: ${JSON.stringify(event)}\n\n`);
+}
+
+function sseDone(res) {
+  res.write("data: [DONE]\n\n");
+  res.end();
+}
+
+module.exports = {
+  readJson,
+  sendError,
+  sendJson,
+  serveStatic,
+  sseDone,
+  sseWrite
+};

package/src/shared/image-attachments.js

@@ -0,0 +1,269 @@
+const fs = require("node:fs");
+const path = require("node:path");
+const { randomUUID } = require("node:crypto");
+
+const MAX_IMAGE_ATTACHMENTS = 8;
+const MAX_IMAGE_BYTES = 10 * 1024 * 1024;
+const MAX_TOTAL_IMAGE_BYTES = 25 * 1024 * 1024;
+const MAX_TEXT_ATTACHMENTS = 8;
+const MAX_TEXT_BYTES = 512 * 1024;
+const MAX_TOTAL_TEXT_BYTES = 2 * 1024 * 1024;
+const IMAGE_EXTENSIONS = {
+  "image/gif": ".gif",
+  "image/jpeg": ".jpg",
+  "image/png": ".png",
+  "image/webp": ".webp"
+};
+const TEXT_MIME_TYPES = new Set([
+  "text/markdown",
+  "text/plain"
+]);
+
+function sanitizeFileName(value, fallback = "image") {
+  const clean = String(value || "")
+    .replace(/[/\\?%*:|"<>]/g, "-")
+    .replace(/\s+/g, " ")
+    .trim()
+    .slice(0, 80);
+  return clean || fallback;
+}
+
+function parseImageDataUrl(dataUrl) {
+  const match = /^data:(image\/(?:png|jpeg|webp|gif));base64,([a-zA-Z0-9+/=\r\n]+)$/.exec(String(dataUrl || ""));
+  if (!match) {
+    const error = new Error("图片必须是 png、jpeg、webp 或 gif 的 base64 data URL。");
+    error.statusCode = 400;
+    throw error;
+  }
+  const buffer = Buffer.from(match[2].replace(/\s/g, ""), "base64");
+  return { mimeType: match[1], buffer };
+}
+
+function normalizeImageAttachments(input = []) {
+  if (!Array.isArray(input)) {
+    const error = new Error("图片附件格式不正确。");
+    error.statusCode = 400;
+    throw error;
+  }
+  if (input.length > MAX_IMAGE_ATTACHMENTS) {
+    const error = new Error(`一次最多上传 ${MAX_IMAGE_ATTACHMENTS} 张图片。`);
+    error.statusCode = 400;
+    throw error;
+  }
+
+  let totalBytes = 0;
+  return input.map((item, index) => {
+    const dataUrl = item?.data_url || item?.dataUrl;
+    const parsed = parseImageDataUrl(dataUrl);
+    const mimeType = String(item?.mime_type || item?.type || parsed.mimeType);
+    if (mimeType !== parsed.mimeType || !IMAGE_EXTENSIONS[mimeType]) {
+      const error = new Error("图片 MIME 类型不受支持。");
+      error.statusCode = 400;
+      throw error;
+    }
+    if (parsed.buffer.length > MAX_IMAGE_BYTES) {
+      const error = new Error("单张图片不能超过 10MB。");
+      error.statusCode = 400;
+      throw error;
+    }
+    totalBytes += parsed.buffer.length;
+    if (totalBytes > MAX_TOTAL_IMAGE_BYTES) {
+      const error = new Error("图片总大小不能超过 25MB。");
+      error.statusCode = 400;
+      throw error;
+    }
+    const id = String(item?.id || `image_${index + 1}`);
+    const name = sanitizeFileName(item?.name, `${id}${IMAGE_EXTENSIONS[mimeType]}`);
+    return {
+      id,
+      name,
+      mime_type: mimeType,
+      size: parsed.buffer.length,
+      data_url: `data:${mimeType};base64,${parsed.buffer.toString("base64")}`
+    };
+  });
+}
+
+function normalizeTextAttachment(item, index) {
+  const mimeType = String(item?.mime_type || item?.type || "text/plain").toLowerCase();
+  if (!TEXT_MIME_TYPES.has(mimeType)) {
+    const error = new Error("文本附件只支持 markdown 或 txt 文件。");
+    error.statusCode = 400;
+    throw error;
+  }
+  const content = String(item?.content || "");
+  const size = Buffer.byteLength(content, "utf8");
+  if (size > MAX_TEXT_BYTES) {
+    const error = new Error("单个文本附件不能超过 512KB。");
+    error.statusCode = 400;
+    throw error;
+  }
+  const id = String(item?.id || `text_${index + 1}`);
+  return {
+    id,
+    kind: "text",
+    name: sanitizeFileName(item?.name, `${id}${mimeType === "text/markdown" ? ".md" : ".txt"}`),
+    mime_type: mimeType,
+    size,
+    content
+  };
+}
+
+function normalizeAttachments(input = []) {
+  if (!Array.isArray(input)) {
+    const error = new Error("附件格式不正确。");
+    error.statusCode = 400;
+    throw error;
+  }
+
+  const images = [];
+  const texts = [];
+  for (const item of input) {
+    const mimeType = String(item?.mime_type || item?.type || "").toLowerCase();
+    if (mimeType.startsWith("image/") || item?.data_url || item?.dataUrl) {
+      images.push(item);
+    } else {
+      texts.push(item);
+    }
+  }
+  if (texts.length > MAX_TEXT_ATTACHMENTS) {
+    const error = new Error(`一次最多上传 ${MAX_TEXT_ATTACHMENTS} 个文本附件。`);
+    error.statusCode = 400;
+    throw error;
+  }
+
+  const normalizedTexts = texts.map(normalizeTextAttachment);
+  const totalTextBytes = normalizedTexts.reduce((total, item) => total + item.size, 0);
+  if (totalTextBytes > MAX_TOTAL_TEXT_BYTES) {
+    const error = new Error("文本附件总大小不能超过 2MB。");
+    error.statusCode = 400;
+    throw error;
+  }
+
+  return [
+    ...normalizeImageAttachments(images),
+    ...normalizedTexts
+  ];
+}
+
+function imageAttachmentsOnly(attachments = []) {
+  return attachments.filter((item) => String(item?.mime_type || item?.type || "").startsWith("image/"));
+}
+
+function materializeImageAttachments(attachments = [], { baseDir, sessionId = "session", turnId = "turn" } = {}) {
+  if (!attachments.length) {
+    return [];
+  }
+  const targetDir = path.join(
+    baseDir || path.join(process.cwd(), ".data"),
+    "attachments",
+    sanitizeFileName(sessionId),
+    sanitizeFileName(turnId)
+  );
+  fs.mkdirSync(targetDir, { recursive: true });
+
+  return attachments.map((item, index) => {
+    if (item.path) {
+      return item;
+    }
+    const { mimeType, buffer } = parseImageDataUrl(item.data_url);
+    const ext = IMAGE_EXTENSIONS[mimeType] || ".img";
+    const basename = sanitizeFileName(path.basename(item.name || `image-${index + 1}`, path.extname(item.name || "")));
+    const filePath = path.join(targetDir, `${String(index + 1).padStart(2, "0")}-${basename}-${randomUUID()}${ext}`);
+    fs.writeFileSync(filePath, buffer, { mode: 0o600 });
+    return {
+      id: item.id || null,
+      type: "local_image",
+      path: filePath,
+      name: item.name || path.basename(filePath),
+      mime_type: mimeType,
+      size: buffer.length
+    };
+  });
+}
+
+function storeImageAttachments(attachments = [], { baseDir, sessionId = "session", turnId = "turn" } = {}) {
+  return materializeImageAttachments(attachments, { baseDir, sessionId, turnId }).map((item) => ({
+    id: item.id || null,
+    kind: "image",
+    name: item.name || path.basename(item.path || "image"),
+    mime_type: item.mime_type || "image",
+    size: Number(item.size || 0),
+    storage: "control-file",
+    path: item.path
+  }));
+}
+
+function summarizeImageAttachments(attachments = []) {
+  return attachments.map((item) => ({
+    id: item.id || null,
+    name: item.name || path.basename(item.path || "image"),
+    mime_type: item.mime_type || item.type || "image",
+    size: Number(item.size || 0)
+  }));
+}
+
+function summarizeAttachments(attachments = []) {
+  return attachments.map((item) => ({
+    id: item.id || null,
+    kind: item.kind || (String(item.mime_type || item.type || "").startsWith("image/") ? "image" : "text"),
+    name: item.name || path.basename(item.path || "attachment"),
+    mime_type: item.mime_type || item.type || "application/octet-stream",
+    size: Number(item.size || 0),
+    data_url: item.data_url || undefined
+  }));
+}
+
+function promptWithImageSummary(message, attachments = []) {
+  const text = String(message || "").trim();
+  if (!attachments.length) {
+    return text;
+  }
+  const summary = `[已附加 ${attachments.length} 张图片]`;
+  return text ? `${text}\n\n${summary}` : `图片输入\n\n${summary}`;
+}
+
+function promptWithAttachmentContent(message, attachments = []) {
+  const text = String(message || "").trim();
+  const images = imageAttachmentsOnly(attachments);
+  const textAttachments = attachments.filter((item) => item?.kind === "text");
+  const parts = [];
+  if (text) {
+    parts.push(text);
+  }
+  if (images.length) {
+    parts.push(`[已附加 ${images.length} 张图片]`);
+  }
+  for (const attachment of textAttachments) {
+    parts.push([
+      `--- 文本附件：${attachment.name || "untitled"} (${attachment.mime_type || "text/plain"}) ---`,
+      attachment.content || "",
+      "--- 文本附件结束 ---"
+    ].join("\n"));
+  }
+  if (!parts.length) {
+    return "附件输入";
+  }
+  if (!text && images.length && parts.length === 1) {
+    return `图片输入\n\n${parts[0]}`;
+  }
+  return parts.join("\n\n");
+}
+
+module.exports = {
+  MAX_IMAGE_ATTACHMENTS,
+  MAX_IMAGE_BYTES,
+  MAX_TOTAL_IMAGE_BYTES,
+  MAX_TEXT_ATTACHMENTS,
+  MAX_TEXT_BYTES,
+  MAX_TOTAL_TEXT_BYTES,
+  imageAttachmentsOnly,
+  materializeImageAttachments,
+  normalizeAttachments,
+  normalizeImageAttachments,
+  promptWithAttachmentContent,
+  promptWithImageSummary,
+  storeImageAttachments,
+  summarizeAttachments,
+  summarizeImageAttachments
+};

package/src/shared/path-policy.js

@@ -0,0 +1,110 @@
+const fs = require("node:fs");
+const os = require("node:os");
+const path = require("node:path");
+
+function defaultAllowedRoots() {
+  return [path.dirname(process.cwd())];
+}
+
+function parseAllowedRoots(raw) {
+  const roots = raw
+    ? raw.split(",").map((item) => item.trim()).filter(Boolean)
+    : defaultAllowedRoots();
+  return roots.map((root) => path.resolve(root));
+}
+
+function isInside(childPath, rootPath) {
+  const relative = path.relative(rootPath, childPath);
+  return relative === "" || (!!relative && !relative.startsWith("..") && !path.isAbsolute(relative));
+}
+
+function expandHome(rawPath) {
+  return rawPath.startsWith("~") ? path.join(os.homedir(), rawPath.slice(1)) : rawPath;
+}
+
+function nearestExistingAncestor(resolvedPath) {
+  let current = resolvedPath;
+  while (!fs.existsSync(current)) {
+    const parent = path.dirname(current);
+    if (parent === current) {
+      return current;
+    }
+    current = parent;
+  }
+  return current;
+}
+
+function realpathForPolicy(resolvedPath) {
+  const existingAncestor = nearestExistingAncestor(resolvedPath);
+  const realAncestor = fs.realpathSync.native(existingAncestor);
+  const remainder = path.relative(existingAncestor, resolvedPath);
+  return remainder ? path.resolve(realAncestor, remainder) : realAncestor;
+}
+
+function realAllowedRoots(allowedRoots) {
+  return allowedRoots.map((root) => {
+    const resolved = path.resolve(expandHome(root));
+    return fs.existsSync(resolved) ? fs.realpathSync.native(resolved) : resolved;
+  });
+}
+
+function rejectOutside(resolved) {
+  const error = new Error(`项目路径不在允许根目录内：${resolved}`);
+  error.statusCode = 400;
+  throw error;
+}
+
+function resolveProjectPath(rawPath, allowedRoots = parseAllowedRoots(process.env.AGENT_ANYWHERE_ALLOWED_ROOTS)) {
+  if (!rawPath || typeof rawPath !== "string") {
+    const error = new Error("项目路径不能为空。");
+    error.statusCode = 400;
+    throw error;
+  }
+
+  const expanded = expandHome(rawPath);
+  const resolved = path.resolve(expanded);
+  const allowed = allowedRoots.some((root) => isInside(resolved, root));
+
+  if (!allowed) {
+    rejectOutside(resolved);
+  }
+
+  const realResolved = realpathForPolicy(resolved);
+  const realAllowed = realAllowedRoots(allowedRoots).some((root) => isInside(realResolved, root));
+
+  if (!realAllowed) {
+    rejectOutside(resolved);
+  }
+
+  return resolved;
+}
+
+function openOrCreateProjectPath(rawPath, { create = false, allowedRoots } = {}) {
+  const projectPath = resolveProjectPath(rawPath, allowedRoots);
+  const exists = fs.existsSync(projectPath);
+
+  if (create) {
+    if (exists && !fs.statSync(projectPath).isDirectory()) {
+      const error = new Error("目标路径已存在但不是目录。");
+      error.statusCode = 400;
+      throw error;
+    }
+    fs.mkdirSync(projectPath, { recursive: true });
+    return projectPath;
+  }
+
+  if (!exists || !fs.statSync(projectPath).isDirectory()) {
+    const error = new Error("项目目录不存在。");
+    error.statusCode = 404;
+    throw error;
+  }
+
+  return projectPath;
+}
+
+module.exports = {
+  isInside,
+  openOrCreateProjectPath,
+  parseAllowedRoots,
+  resolveProjectPath
+};