claude-remote 0.5.1 → 0.6.0

package/lib/cli.js

@@ -0,0 +1,154 @@
+'use strict';
+
+const fs = require('fs');
+const crypto = require('crypto');
+const { TOKEN_FILE } = require('./state');
+
+// --- CLI argument parsing ---
+const BLOCKED_FLAGS = new Set([
+  '--print', '-p',
+  '--output-format',
+  '--input-format',
+  '--include-partial-messages',
+  '--json-schema',
+  '--no-session-persistence',
+  '--max-budget-usd',
+  '--max-turns',
+  '--fallback-model',
+  '--permission-prompt-tool',
+  '--version', '-v',
+  '--help', '-h',
+  '--init-only',
+  '--maintenance',
+  '--token',
+  '--no-auth',
+]);
+
+const FLAGS_WITH_VALUE = new Set([
+  '--resume', '-r', '--session-id', '--from-pr', '--model',
+  '--system-prompt', '--system-prompt-file',
+  '--append-system-prompt', '--append-system-prompt-file',
+  '--permission-mode', '--add-dir', '--worktree', '-w',
+  '--mcp-config', '--settings', '--setting-sources',
+  '--agent', '--agents', '--teammate-mode',
+  '--allowedTools', '--disallowedTools', '--tools',
+  '--betas', '--debug', '--plugin-dir',
+  '--output-format', '--input-format', '--json-schema',
+  '--max-budget-usd', '--max-turns', '--fallback-model',
+  '--permission-prompt-tool',
+  '--token',
+]);
+
+function parseCliArgs(argv) {
+  const rawArgs = argv.slice(2);
+  let cwd = null;
+  const claudeArgs = [];
+  const blocked = [];
+  let token = null;
+  let noAuth = false;
+
+  let i = 0;
+  while (i < rawArgs.length) {
+    const arg = rawArgs[i];
+
+    if (arg === '--') {
+      claudeArgs.push(...rawArgs.slice(i + 1));
+      break;
+    }
+
+    if (!arg.startsWith('-')) {
+      if (!cwd) {
+        cwd = arg;
+      } else {
+        claudeArgs.push(arg);
+      }
+      i++;
+      continue;
+    }
+
+    const eqIdx = arg.indexOf('=');
+    const flagName = eqIdx > 0 ? arg.substring(0, eqIdx) : arg;
+
+    if (flagName === '--token') {
+      if (eqIdx > 0) {
+        token = arg.substring(eqIdx + 1);
+      } else if (i + 1 < rawArgs.length && !rawArgs[i + 1].startsWith('-')) {
+        i++;
+        token = rawArgs[i];
+      } else {
+        token = '';
+      }
+      i++;
+      continue;
+    }
+    if (flagName === '--no-auth') {
+      noAuth = true;
+      i++;
+      continue;
+    }
+
+    if (BLOCKED_FLAGS.has(flagName)) {
+      blocked.push(flagName);
+      if (eqIdx > 0) {
+        // --flag=value, already consumed
+      } else if (FLAGS_WITH_VALUE.has(flagName) && i + 1 < rawArgs.length) {
+        i++;
+      }
+      i++;
+      continue;
+    }
+
+    claudeArgs.push(arg);
+    if (eqIdx < 0 && FLAGS_WITH_VALUE.has(flagName) && i + 1 < rawArgs.length && !rawArgs[i + 1].startsWith('-')) {
+      i++;
+      claudeArgs.push(rawArgs[i]);
+    }
+    i++;
+  }
+
+  return { cwd: cwd || process.cwd(), claudeArgs, blocked, token, noAuth };
+}
+
+// --- Auth token resolution ---
+const AUTH_TOKEN_ENV_VAR = 'CLAUDE_REMOTE_TOKEN';
+const LEGACY_AUTH_TOKEN_ENV_VAR = 'TOKEN';
+
+function resolveAuthToken(cliToken, authDisabled) {
+  if (authDisabled) return null;
+  if (cliToken) return cliToken;
+  if (process.env[AUTH_TOKEN_ENV_VAR]) return process.env[AUTH_TOKEN_ENV_VAR];
+  try {
+    const saved = fs.readFileSync(TOKEN_FILE, 'utf8').trim();
+    if (saved) return saved;
+  } catch {}
+  const generated = crypto.randomBytes(24).toString('base64url');
+  try { fs.writeFileSync(TOKEN_FILE, generated + '\n', { mode: 0o600 }); } catch {}
+  return generated;
+}
+
+function initConfig() {
+  const parsed = parseCliArgs(process.argv);
+  const authDisabled = parsed.noAuth || process.env.NO_AUTH === '1';
+  const authToken = resolveAuthToken(parsed.token, authDisabled);
+  const unusedLegacyTokenEnv = !!process.env[LEGACY_AUTH_TOKEN_ENV_VAR] && !process.env[AUTH_TOKEN_ENV_VAR];
+
+  return {
+    PORT: parseInt(process.env.PORT || '3100', 10),
+    CWD: parsed.cwd,
+    AUTH_TOKEN: authToken,
+    AUTH_DISABLED: authDisabled,
+    ENABLE_WEB: process.env.ENABLE_WEB === '1',
+    CLAUDE_EXTRA_ARGS: parsed.claudeArgs,
+    DEBUG_TTY_INPUT: process.env.CLAUDE_REMOTE_DEBUG_TTY_INPUT === '1',
+    blockedArgs: parsed.blocked,
+    unusedLegacyTokenEnv,
+    LEGACY_AUTH_TOKEN_ENV_VAR,
+    AUTH_TOKEN_ENV_VAR,
+  };
+}
+
+module.exports = {
+  parseCliArgs,
+  resolveAuthToken,
+  initConfig,
+};

package/lib/hooks.js

@@ -0,0 +1,93 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const { state } = require('./state');
+const { log } = require('./logger');
+
+function setupHooks() {
+  const claudeDir = path.join(state.CWD, '.claude');
+  if (!fs.existsSync(claudeDir)) fs.mkdirSync(claudeDir, { recursive: true });
+
+  const settingsPath = path.join(claudeDir, 'settings.local.json');
+  let settings = {};
+  try { settings = JSON.parse(fs.readFileSync(settingsPath, 'utf8')); } catch {}
+
+  const hookScript = path.resolve(__dirname, '..', 'hooks', 'bridge-approval.js').replace(/\\/g, '/');
+  const hookCmd = `node "${hookScript}"`;
+
+  // Merge bridge hook into PreToolUse (preserve user's other hooks)
+  const existing = settings.hooks?.PreToolUse || [];
+  const bridgeIdx = existing.findIndex(e =>
+    e.hooks?.some(h => h.command?.includes('bridge-approval'))
+  );
+  const bridgeEntry = {
+    matcher: '',
+    hooks: [{ type: 'command', command: hookCmd, timeout: 120 }],
+  };
+
+  if (bridgeIdx >= 0) {
+    existing[bridgeIdx] = bridgeEntry;
+  } else {
+    existing.push(bridgeEntry);
+  }
+
+  settings.hooks = settings.hooks || {};
+  settings.hooks.PreToolUse = existing;
+
+  // Merge bridge hook into Stop
+  const stopScript = path.resolve(__dirname, '..', 'hooks', 'bridge-stop.js').replace(/\\/g, '/');
+  const stopCmd = `node "${stopScript}"`;
+  const existingStop = settings.hooks.Stop || [];
+  const stopBridgeIdx = existingStop.findIndex(e =>
+    e.hooks?.some(h => h.command?.includes('bridge-stop'))
+  );
+  const stopEntry = {
+    hooks: [{ type: 'command', command: stopCmd, timeout: 10 }],
+  };
+  if (stopBridgeIdx >= 0) {
+    existingStop[stopBridgeIdx] = stopEntry;
+  } else {
+    existingStop.push(stopEntry);
+  }
+  settings.hooks.Stop = existingStop;
+
+  // SessionStart
+  const sessionStartScript = path.resolve(__dirname, '..', 'hooks', 'bridge-session-start.js').replace(/\\/g, '/');
+  const sessionStartCmd = `node "${sessionStartScript}"`;
+  const existingSessionStart = settings.hooks.SessionStart || [];
+  const sessionStartBridgeIdx = existingSessionStart.findIndex(e =>
+    e.hooks?.some(h => h.command?.includes('bridge-session-start'))
+  );
+  const sessionStartEntry = {
+    hooks: [{ type: 'command', command: sessionStartCmd, timeout: 10 }],
+  };
+  if (sessionStartBridgeIdx >= 0) {
+    existingSessionStart[sessionStartBridgeIdx] = sessionStartEntry;
+  } else {
+    existingSessionStart.push(sessionStartEntry);
+  }
+  settings.hooks.SessionStart = existingSessionStart;
+
+  // SessionEnd
+  const sessionEndScript = path.resolve(__dirname, '..', 'hooks', 'bridge-session-end.js').replace(/\\/g, '/');
+  const sessionEndCmd = `node "${sessionEndScript}"`;
+  const existingSessionEnd = settings.hooks.SessionEnd || [];
+  const sessionEndBridgeIdx = existingSessionEnd.findIndex(e =>
+    e.hooks?.some(h => h.command?.includes('bridge-session-end'))
+  );
+  const sessionEndEntry = {
+    hooks: [{ type: 'command', command: sessionEndCmd, timeout: 10 }],
+  };
+  if (sessionEndBridgeIdx >= 0) {
+    existingSessionEnd[sessionEndBridgeIdx] = sessionEndEntry;
+  } else {
+    existingSessionEnd.push(sessionEndEntry);
+  }
+  settings.hooks.SessionEnd = existingSessionEnd;
+
+  fs.writeFileSync(settingsPath, JSON.stringify(settings, null, 2));
+  log(`Hooks configured: ${settingsPath}`);
+}
+
+module.exports = { setupHooks };

package/lib/http-server.js

@@ -0,0 +1,166 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const http = require('http');
+const { state, ALWAYS_AUTO_ALLOW, PARTIAL_AUTO_ALLOW } = require('./state');
+const { log, broadcast, isAuthenticatedClient, setTurnState, recomputeEffectiveApprovalMode } = require('./logger');
+const { maybeAttachHookSession, markExpectingSwitch } = require('./transcript');
+
+const MIME = {
+  '.html': 'text/html; charset=utf-8',
+  '.js': 'text/javascript; charset=utf-8',
+  '.css': 'text/css; charset=utf-8',
+  '.json': 'application/json',
+  '.png': 'image/png',
+  '.svg': 'image/svg+xml',
+};
+
+function createHttpServer() {
+  return http.createServer((req, res) => {
+    const url = req.url.split('?')[0];
+
+    // --- API: Hook approval endpoint ---
+    if (req.method === 'POST' && url === '/hook/pre-tool-use') {
+      let body = '';
+      req.on('data', chunk => (body += chunk));
+      req.on('end', () => {
+        let data;
+        try { data = JSON.parse(body); } catch {
+          res.writeHead(400, { 'Content-Type': 'application/json' });
+          res.end(JSON.stringify({ decision: 'ask' }));
+          return;
+        }
+
+        maybeAttachHookSession(data, 'pre-tool-use');
+        const effectiveApprovalMode = recomputeEffectiveApprovalMode('pre-tool-use');
+
+        if (ALWAYS_AUTO_ALLOW.has(data.tool_name)) {
+          res.writeHead(200, { 'Content-Type': 'application/json' });
+          res.end(JSON.stringify({ decision: 'allow' }));
+          log(`Permission auto-allowed (always): ${data.tool_name}`);
+          return;
+        }
+
+        if (effectiveApprovalMode === 'all') {
+          res.writeHead(200, { 'Content-Type': 'application/json' });
+          res.end(JSON.stringify({ decision: 'allow' }));
+          log(`Permission auto-allowed (mode=all): ${data.tool_name}`);
+          return;
+        }
+        if (effectiveApprovalMode === 'partial' && PARTIAL_AUTO_ALLOW.has(data.tool_name)) {
+          res.writeHead(200, { 'Content-Type': 'application/json' });
+          res.end(JSON.stringify({ decision: 'allow' }));
+          log(`Permission auto-allowed (mode=partial): ${data.tool_name}`);
+          return;
+        }
+
+        const clients = [...state.wss.clients].filter(isAuthenticatedClient);
+        if (clients.length === 0) {
+          res.writeHead(200, { 'Content-Type': 'application/json' });
+          res.end(JSON.stringify({ decision: 'ask' }));
+          return;
+        }
+
+        const id = String(++state.approvalSeq);
+        log(`Permission #${id}: ${data.tool_name} → ${clients.length} WebUI client(s)`);
+
+        broadcast({
+          type: 'permission_request',
+          id,
+          toolName: data.tool_name,
+          toolInput: data.tool_input,
+          permissionMode: data.permission_mode,
+        });
+
+        const timer = setTimeout(() => {
+          state.pendingApprovals.delete(id);
+          res.writeHead(200, { 'Content-Type': 'application/json' });
+          res.end(JSON.stringify({ decision: 'ask' }));
+          log(`Permission #${id}: timeout → ask`);
+          broadcast({
+            type: 'permission_resolved',
+            id,
+            decision: 'ask',
+            reason: 'timeout',
+          });
+        }, 90000);
+
+        state.pendingApprovals.set(id, { res, timer });
+      });
+      return;
+    }
+
+    // --- API: Session start hook endpoint ---
+    if (req.method === 'POST' && url === '/hook/session-start') {
+      let body = '';
+      req.on('data', chunk => (body += chunk));
+      req.on('end', () => {
+        try {
+          const data = JSON.parse(body);
+          log(`/hook/session-start received (source=${data.source || 'unknown'}, session_id=${data.session_id || 'none'})`);
+          maybeAttachHookSession(data, 'session-start');
+        } catch {}
+        res.writeHead(200, { 'Content-Type': 'application/json' });
+        res.end('{}');
+      });
+      return;
+    }
+
+    // --- API: Session end hook endpoint ---
+    if (req.method === 'POST' && url === '/hook/session-end') {
+      let body = '';
+      req.on('data', chunk => (body += chunk));
+      req.on('end', () => {
+        let data = {};
+        try { data = JSON.parse(body); } catch {}
+        const reason = data.reason || 'unknown';
+        log(`/hook/session-end received (reason=${reason})`);
+        if (reason === 'clear') {
+          markExpectingSwitch();
+        }
+        setTurnState('idle', { reason: `session-end:${reason}` });
+        broadcast({ type: 'session_end', reason });
+        res.writeHead(200, { 'Content-Type': 'application/json' });
+        res.end('{}');
+      });
+      return;
+    }
+
+    // --- API: Stop hook endpoint ---
+    if (req.method === 'POST' && url === '/hook/stop') {
+      let body = '';
+      req.on('data', chunk => (body += chunk));
+      req.on('end', () => {
+        log('/hook/stop received — broadcasting turn_complete');
+        try {
+          maybeAttachHookSession(JSON.parse(body), 'stop');
+        } catch {}
+        setTurnState('idle', { reason: 'stop-hook' });
+        res.writeHead(200, { 'Content-Type': 'application/json' });
+        res.end('{}');
+      });
+      return;
+    }
+
+    // --- Static files ---
+    if (!state.ENABLE_WEB) {
+      res.writeHead(403, { 'Content-Type': 'text/plain; charset=utf-8' });
+      res.end('Web UI disabled. Start with ENABLE_WEB=1 to enable.');
+      return;
+    }
+    const filePath = path.join(__dirname, '..', 'web', url === '/' ? 'index.html' : url);
+    const ext = path.extname(filePath);
+    fs.readFile(filePath, (err, data) => {
+      if (err) {
+        res.writeHead(404);
+        res.end('Not found');
+        return;
+      }
+      res.writeHead(200, { 'Content-Type': MIME[ext] || 'application/octet-stream' });
+      res.end(data);
+    });
+  });
+}
+
+module.exports = { createHttpServer };