commandmate 0.2.12 → 0.3.0

package/dist/server/src/lib/auth.js

@@ -0,0 +1,250 @@
+"use strict";
+/**
+ * Token Authentication Core Module
+ * Issue #331: Token authentication and HTTPS support
+ *
+ * CONSTRAINTS:
+ * - C001: No Next.js module dependencies (next/headers, next/server, etc.)
+ *   This module must be compatible with CLI build (tsconfig.cli.json)
+ * - S001: Token verification uses crypto.timingSafeEqual() (timing-safe comparison)
+ * - S002: AUTH_EXCLUDED_PATHS matching uses === (exact match, no startsWith)
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_COOKIE_MAX_AGE_SECONDS = exports.RATE_LIMIT_CONFIG = exports.isValidTokenHash = exports.DEFAULT_EXPIRE_DURATION_MS = exports.computeExpireAt = exports.parseDuration = exports.AUTH_EXCLUDED_PATHS = exports.AUTH_COOKIE_NAME = void 0;
+exports.generateToken = generateToken;
+exports.hashToken = hashToken;
+exports.verifyToken = verifyToken;
+exports.parseCookies = parseCookies;
+exports.isAuthEnabled = isAuthEnabled;
+exports.getTokenMaxAge = getTokenMaxAge;
+exports.isHttpsEnabled = isHttpsEnabled;
+exports.buildAuthCookieOptions = buildAuthCookieOptions;
+exports.createRateLimiter = createRateLimiter;
+const crypto_1 = __importDefault(require("crypto"));
+// Import and re-export shared constants and functions from Edge Runtime-compatible config
+const auth_config_1 = require("../config/auth-config");
+Object.defineProperty(exports, "AUTH_COOKIE_NAME", { enumerable: true, get: function () { return auth_config_1.AUTH_COOKIE_NAME; } });
+Object.defineProperty(exports, "AUTH_EXCLUDED_PATHS", { enumerable: true, get: function () { return auth_config_1.AUTH_EXCLUDED_PATHS; } });
+Object.defineProperty(exports, "parseDuration", { enumerable: true, get: function () { return auth_config_1.parseDuration; } });
+Object.defineProperty(exports, "computeExpireAt", { enumerable: true, get: function () { return auth_config_1.computeExpireAt; } });
+Object.defineProperty(exports, "DEFAULT_EXPIRE_DURATION_MS", { enumerable: true, get: function () { return auth_config_1.DEFAULT_EXPIRE_DURATION_MS; } });
+Object.defineProperty(exports, "isValidTokenHash", { enumerable: true, get: function () { return auth_config_1.isValidTokenHash; } });
+/** Rate limiting configuration for brute-force protection */
+exports.RATE_LIMIT_CONFIG = {
+    /** Maximum failed attempts before lockout */
+    maxAttempts: 5,
+    /** Lockout duration in ms (15 minutes) */
+    lockoutDuration: 15 * 60 * 1000,
+    /** Cleanup interval in ms (1 hour) */
+    cleanupInterval: 60 * 60 * 1000,
+};
+/** Fallback cookie maxAge in seconds when no explicit expiry is set (24 hours) */
+exports.DEFAULT_COOKIE_MAX_AGE_SECONDS = 24 * 60 * 60;
+// ============================================================
+// Module-level state (initialized from env at import time)
+// ============================================================
+/** The stored hash of the authentication token */
+const storedTokenHash = (() => {
+    const hash = process.env.CM_AUTH_TOKEN_HASH || undefined;
+    if (!hash)
+        return undefined;
+    // Store validation result to avoid type predicate narrowing to 'never' in else branch
+    const valid = (0, auth_config_1.isValidTokenHash)(hash);
+    if (!valid) {
+        console.error(`[Security] CM_AUTH_TOKEN_HASH is not a valid 64-character hex string (got ${hash.length} chars). Authentication will be disabled.`);
+        return undefined;
+    }
+    return hash;
+})();
+/** Token expiration timestamp (ms since epoch) */
+const expireAt = (0, auth_config_1.computeExpireAt)();
+// ============================================================
+// Token Functions
+// ============================================================
+/**
+ * Generate a cryptographically secure random token
+ * @returns 64-character hex string (32 bytes of entropy)
+ */
+function generateToken() {
+    return crypto_1.default.randomBytes(32).toString('hex');
+}
+/**
+ * Hash a token using SHA-256
+ * @param token - The plain text token to hash
+ * @returns 64-character hex string (SHA-256 hash)
+ */
+function hashToken(token) {
+    return crypto_1.default.createHash('sha256').update(token).digest('hex');
+}
+/**
+ * Verify a token against the stored hash
+ * S001: Uses crypto.timingSafeEqual() for timing-safe comparison
+ *
+ * @param token - The plain text token to verify
+ * @returns true if the token is valid and not expired
+ */
+function verifyToken(token) {
+    if (!storedTokenHash) {
+        return false;
+    }
+    // Guard against undefined/null/empty token
+    if (!token || typeof token !== 'string') {
+        return false;
+    }
+    // Check expiration
+    if (expireAt !== null && Date.now() > expireAt) {
+        return false;
+    }
+    const tokenHash = hashToken(token);
+    // S001: timing-safe comparison to prevent timing attacks
+    const hashBuffer = Buffer.from(tokenHash, 'hex');
+    const storedBuffer = Buffer.from(storedTokenHash, 'hex');
+    if (hashBuffer.length !== storedBuffer.length) {
+        return false;
+    }
+    return crypto_1.default.timingSafeEqual(hashBuffer, storedBuffer);
+}
+// ============================================================
+// Cookie Parsing (for WebSocket authentication)
+// ============================================================
+/**
+ * Parse a Cookie header string into key-value pairs
+ * Used by WebSocket upgrade handler where next/headers is not available
+ *
+ * @param cookieHeader - Raw Cookie header string
+ * @returns Parsed cookies as Record<string, string>
+ */
+function parseCookies(cookieHeader) {
+    const cookies = {};
+    if (!cookieHeader) {
+        return cookies;
+    }
+    const pairs = cookieHeader.split(';');
+    for (const pair of pairs) {
+        const eqIndex = pair.indexOf('=');
+        if (eqIndex === -1) {
+            continue;
+        }
+        const name = pair.substring(0, eqIndex).trim();
+        const value = pair.substring(eqIndex + 1).trim();
+        if (name) {
+            cookies[name] = value;
+        }
+    }
+    return cookies;
+}
+// ============================================================
+// Auth State Functions
+// ============================================================
+/**
+ * Check if authentication is enabled.
+ * Returns true only when CM_AUTH_TOKEN_HASH is set AND passes format validation.
+ * This prevents the state where auth appears enabled but login is impossible
+ * (e.g., when the hash value is malformed).
+ */
+function isAuthEnabled() {
+    return !!storedTokenHash;
+}
+/**
+ * Calculate the Cookie maxAge in seconds (remaining token lifetime)
+ * @returns maxAge in seconds, or 0 if expired/no expiry
+ */
+function getTokenMaxAge() {
+    if (expireAt === null) {
+        return 0;
+    }
+    const remaining = expireAt - Date.now();
+    if (remaining <= 0) {
+        return 0;
+    }
+    return Math.floor(remaining / 1000);
+}
+/**
+ * Check if HTTPS is enabled based on certificate environment variable
+ * @returns true if CM_HTTPS_CERT is set (indicating TLS certificates are configured)
+ */
+function isHttpsEnabled() {
+    return !!process.env.CM_HTTPS_CERT;
+}
+/**
+ * Build authentication cookie options with consistent security settings.
+ * Centralizes cookie configuration to enforce HttpOnly, SameSite, and Secure flags.
+ *
+ * @param maxAge - Cookie max age in seconds. Use 0 to clear the cookie.
+ * @returns Cookie options object compatible with Next.js response.cookies.set()
+ */
+function buildAuthCookieOptions(maxAge) {
+    return {
+        httpOnly: true,
+        sameSite: 'strict',
+        secure: isHttpsEnabled(),
+        maxAge,
+        path: '/',
+    };
+}
+/**
+ * Create a rate limiter for brute-force protection
+ * Uses in-memory Map with periodic cleanup
+ *
+ * @returns RateLimiter instance with checkLimit, recordFailure, recordSuccess, destroy
+ */
+function createRateLimiter() {
+    const entries = new Map();
+    // Periodic cleanup of expired entries
+    const cleanupTimer = setInterval(() => {
+        const now = Date.now();
+        for (const [ip, entry] of entries) {
+            // Remove entries whose lockout has expired (or was never set)
+            // and whose last attempt is older than the lockout duration
+            const isLockoutExpired = entry.lockedUntil === null || now > entry.lockedUntil;
+            const isStale = now - entry.lastAttempt > exports.RATE_LIMIT_CONFIG.lockoutDuration;
+            if (isLockoutExpired && isStale) {
+                entries.delete(ip);
+            }
+        }
+    }, exports.RATE_LIMIT_CONFIG.cleanupInterval);
+    // Ensure timer doesn't prevent process exit
+    if (cleanupTimer.unref) {
+        cleanupTimer.unref();
+    }
+    return {
+        checkLimit(ip) {
+            const entry = entries.get(ip);
+            if (!entry) {
+                return { allowed: true };
+            }
+            // Check if lockout has expired
+            if (entry.lockedUntil !== null) {
+                const now = Date.now();
+                if (now < entry.lockedUntil) {
+                    const retryAfter = Math.ceil((entry.lockedUntil - now) / 1000);
+                    return { allowed: false, retryAfter };
+                }
+                // Lockout expired - reset entry
+                entry.attempts = 0;
+                entry.lockedUntil = null;
+            }
+            return { allowed: true };
+        },
+        recordFailure(ip) {
+            const now = Date.now();
+            const entry = entries.get(ip) || { attempts: 0, lockedUntil: null, lastAttempt: now };
+            entry.attempts++;
+            entry.lastAttempt = now;
+            if (entry.attempts >= exports.RATE_LIMIT_CONFIG.maxAttempts) {
+                entry.lockedUntil = now + exports.RATE_LIMIT_CONFIG.lockoutDuration;
+            }
+            entries.set(ip, entry);
+        },
+        recordSuccess(ip) {
+            entries.delete(ip);
+        },
+        destroy() {
+            clearInterval(cleanupTimer);
+            entries.clear();
+        },
+    };
+}

package/dist/server/src/lib/auto-yes-manager.js

@@ -22,6 +22,10 @@ exports.clearAllPollerStates = clearAllPollerStates;
 exports.getLastServerResponseTimestamp = getLastServerResponseTimestamp;
 exports.executeRegexWithTimeout = executeRegexWithTimeout;
 exports.checkStopCondition = checkStopCondition;
+exports.validatePollingContext = validatePollingContext;
+exports.captureAndCleanOutput = captureAndCleanOutput;
+exports.processStopConditionDelta = processStopConditionDelta;
+exports.detectAndRespondToPrompt = detectAndRespondToPrompt;
 exports.startAutoYesPolling = startAutoYesPolling;
 exports.stopAutoYesPolling = stopAutoYesPolling;
 exports.stopAllAutoYesPolling = stopAllAutoYesPolling;
@@ -196,6 +200,18 @@ function clearAllAutoYesStates() {
 // =============================================================================
 // Server-side Polling (Issue #138)
 // =============================================================================
+/**
+ * Get poller state for a worktree.
+ * Returns undefined if no poller state exists.
+ *
+ * Issue #323: Introduced for consistency with getAutoYesState() accessor pattern (DR003).
+ *
+ * @param worktreeId - Worktree identifier
+ * @returns Poller state or undefined
+ */
+function getPollerState(worktreeId) {
+    return autoYesPollerStates.get(worktreeId);
+}
 /**
  * Get the number of active pollers.
  *
@@ -221,7 +237,7 @@ function clearAllPollerStates() {
  * @returns Timestamp (Date.now()) of the last server response, or null if none
  */
 function getLastServerResponseTimestamp(worktreeId) {
-    const pollerState = autoYesPollerStates.get(worktreeId);
+    const pollerState = getPollerState(worktreeId);
     return pollerState?.lastServerResponseTimestamp ?? null;
 }
 /**
@@ -231,7 +247,7 @@ function getLastServerResponseTimestamp(worktreeId) {
  * @param timestamp - Timestamp value (Date.now())
  */
 function updateLastServerResponseTimestamp(worktreeId, timestamp) {
-    const pollerState = autoYesPollerStates.get(worktreeId);
+    const pollerState = getPollerState(worktreeId);
     if (pollerState) {
         pollerState.lastServerResponseTimestamp = timestamp;
     }
@@ -242,7 +258,7 @@ function updateLastServerResponseTimestamp(worktreeId, timestamp) {
  * @param worktreeId - Worktree identifier
  */
 function resetErrorCount(worktreeId) {
-    const pollerState = autoYesPollerStates.get(worktreeId);
+    const pollerState = getPollerState(worktreeId);
     if (pollerState) {
         pollerState.consecutiveErrors = 0;
         pollerState.currentInterval = exports.POLLING_INTERVAL_MS;
@@ -254,7 +270,7 @@ function resetErrorCount(worktreeId) {
  * @param worktreeId - Worktree identifier
  */
 function incrementErrorCount(worktreeId) {
-    const pollerState = autoYesPollerStates.get(worktreeId);
+    const pollerState = getPollerState(worktreeId);
     if (pollerState) {
         pollerState.consecutiveErrors++;
         pollerState.currentInterval = calculateBackoffInterval(pollerState.consecutiveErrors);
@@ -342,137 +358,205 @@ function checkStopCondition(worktreeId, cleanOutput) {
     }
     return false;
 }
+// =============================================================================
+// Extracted Functions for pollAutoYes (Issue #323: SRP decomposition)
+// =============================================================================
 /**
- * Internal polling function that recursively schedules itself via setTimeout.
- * Captures tmux output, detects prompts, and sends auto-responses when appropriate.
+ * Validate that polling context is still valid.
+ * Checks pollerState existence and auto-yes enabled state.
  *
- * Includes duplicate prevention (Issue #306): skips prompts that have already
- * been answered (tracked via lastAnsweredPromptKey) and applies a cooldown
- * interval (COOLDOWN_INTERVAL_MS) after successful responses.
+ * @sideeffect When returning 'expired', calls stopAutoYesPolling() to clean up
+ * the poller state. This side-effect is intentional - separating the check from
+ * the cleanup would risk callers forgetting to call stopAutoYesPolling() (DR002).
  *
+ * @internal Exported for testing purposes only.
+ * @precondition worktreeId is validated by isValidWorktreeId() in startAutoYesPolling()
+ * gateway before being registered in globalThis Map. This function assumes worktreeId
+ * has already passed that validation.
  * @param worktreeId - Worktree identifier
- * @param cliToolId - CLI tool type being polled
+ * @param pollerState - Current poller state (or undefined if not found)
+ * @returns 'valid' | 'stopped' | 'expired'
  */
-async function pollAutoYes(worktreeId, cliToolId) {
-    // Check if poller was stopped
-    const pollerState = autoYesPollerStates.get(worktreeId);
+function validatePollingContext(worktreeId, pollerState) {
     if (!pollerState)
-        return;
-    // Check if auto-yes is still enabled
+        return 'stopped';
     const autoYesState = getAutoYesState(worktreeId);
     if (!autoYesState?.enabled || isAutoYesExpired(autoYesState)) {
         stopAutoYesPolling(worktreeId);
-        return;
+        return 'expired';
     }
+    return 'valid';
+}
+/**
+ * Capture tmux session output and strip ANSI escape codes.
+ *
+ * @internal Exported for testing purposes only.
+ * @precondition worktreeId is validated by isValidWorktreeId() in startAutoYesPolling()
+ * gateway before being registered in globalThis Map. This function assumes worktreeId
+ * has already passed that validation.
+ * @param worktreeId - Worktree identifier
+ * @param cliToolId - CLI tool type being polled
+ * @returns Cleaned output string (ANSI stripped)
+ */
+async function captureAndCleanOutput(worktreeId, cliToolId) {
+    // 5000 lines: matches the existing pollAutoYes() line limit (IC002).
+    // captureSessionOutput() default is 1000 lines, but tmux buffer capture
+    // requires 5000 to avoid truncating long outputs.
+    const output = await (0, cli_session_1.captureSessionOutput)(worktreeId, cliToolId, 5000);
+    return (0, cli_patterns_1.stripAnsi)(output);
+}
+/**
+ * Process stop condition check using delta-based approach.
+ * Manages baseline length, extracts new content, and delegates
+ * pattern matching to existing checkStopCondition().
+ *
+ * Note: This is a higher-level function that internally calls
+ * checkStopCondition() (L409, Issue #314) for regex pattern matching.
+ *
+ * @internal Exported for testing purposes only.
+ * @precondition worktreeId is validated by isValidWorktreeId() in startAutoYesPolling()
+ * gateway before being registered in globalThis Map. This function assumes worktreeId
+ * has already passed that validation.
+ * @param worktreeId - Worktree identifier
+ * @param pollerState - Current poller state (mutated: stopCheckBaselineLength updated)
+ * @param cleanOutput - ANSI-stripped terminal output
+ * @returns true if stop condition matched and auto-yes was disabled
+ */
+function processStopConditionDelta(worktreeId, pollerState, cleanOutput) {
+    if (pollerState.stopCheckBaselineLength < 0) {
+        // First poll: set baseline, skip stop condition check
+        pollerState.stopCheckBaselineLength = cleanOutput.length;
+        return false;
+    }
+    const baseline = pollerState.stopCheckBaselineLength;
+    if (cleanOutput.length > baseline) {
+        // Output grew: check only new content (delta)
+        const newContent = cleanOutput.substring(baseline);
+        pollerState.stopCheckBaselineLength = cleanOutput.length;
+        return checkStopCondition(worktreeId, newContent);
+    }
+    else if (cleanOutput.length < baseline) {
+        // Buffer shrank (old lines dropped from scrollback): reset baseline
+        pollerState.stopCheckBaselineLength = cleanOutput.length;
+    }
+    // If length unchanged: no new content, skip check
+    return false;
+}
+/**
+ * Detect prompt in terminal output, resolve auto-answer, and send response.
+ * Handles the complete flow: detection -> duplicate check -> answer resolution ->
+ * tmux send -> timestamp/error-count update -> promptKey recording.
+ *
+ * Note: Cooldown scheduling is NOT this function's responsibility.
+ * The caller (pollAutoYes() orchestrator) determines scheduling interval
+ * based on the return value ('responded' -> cooldown, others -> normal interval).
+ *
+ * @internal Exported for testing purposes only.
+ * @precondition worktreeId is validated by isValidWorktreeId() in startAutoYesPolling()
+ * gateway before being registered in globalThis Map. This function assumes worktreeId
+ * has already passed that validation.
+ * @param worktreeId - Worktree identifier
+ * @param pollerState - Current poller state (mutated: lastAnsweredPromptKey updated)
+ * @param cliToolId - CLI tool type
+ * @param cleanOutput - ANSI-stripped terminal output
+ * @returns 'responded' | 'no_prompt' | 'duplicate' | 'no_answer' | 'error'
+ */
+async function detectAndRespondToPrompt(worktreeId, pollerState, cliToolId, cleanOutput) {
     try {
-        // 1. Capture tmux output
-        const output = await (0, cli_session_1.captureSessionOutput)(worktreeId, cliToolId, 5000);
-        // 2. Strip ANSI codes
-        const cleanOutput = (0, cli_patterns_1.stripAnsi)(output);
-        // 2.5. Skip prompt detection during thinking state (Issue #161, Layer 1)
-        // This prevents false positive detection of numbered lists in CLI output
-        // while Claude is actively processing (thinking/planning).
-        //
-        // Issue #191: Apply windowing to detectThinking() to prevent stale thinking
-        // summary lines (e.g., "· Simmering...") from blocking prompt detection.
-        // Window size matches detectPrompt()'s multiple_choice scan range (50 lines).
-        //
-        // Safety: Claude CLI does not emit prompts during thinking, so narrowing
-        // the window cannot cause false auto-responses (see IA-003 in design doc).
-        //
-        // Processing order: stripAnsi -> split -> slice -> join
-        // stripAnsi is applied BEFORE split to ensure ANSI escape sequences spanning
-        // line boundaries do not affect line counting (IA-002).
-        //
-        // Boundary case: if buffer has fewer than 50 lines, slice(-50) returns the
-        // entire array (Array.prototype.slice specification), which is safe degradation
-        // equivalent to pre-fix behavior (IA-001).
-        const recentLines = cleanOutput.split('\n').slice(-exports.THINKING_CHECK_LINE_COUNT).join('\n');
-        if ((0, cli_patterns_1.detectThinking)(cliToolId, recentLines)) {
-            scheduleNextPoll(worktreeId, cliToolId);
-            return;
-        }
-        // 2.7. Check stop condition (Issue #314)
-        // After thinking check, before prompt detection: if terminal output matches
-        // the stop pattern, disable auto-yes and stop polling immediately.
-        //
-        // Delta-based check: Only check NEW output since Auto-Yes was enabled.
-        // On the first poll, establish the baseline output length (skip check to
-        // avoid matching pre-existing terminal content like shell prompts or paths).
-        // On subsequent polls, check only the output delta (new content appended).
-        // If the buffer shrank (tmux scrollback shifted), reset baseline and skip
-        // that cycle to avoid false positives from old content.
-        if (pollerState.stopCheckBaselineLength < 0) {
-            // First poll: set baseline, skip stop condition check
-            pollerState.stopCheckBaselineLength = cleanOutput.length;
-        }
-        else {
-            const baseline = pollerState.stopCheckBaselineLength;
-            if (cleanOutput.length > baseline) {
-                // Output grew: check only new content (delta)
-                const newContent = cleanOutput.substring(baseline);
-                pollerState.stopCheckBaselineLength = cleanOutput.length;
-                if (checkStopCondition(worktreeId, newContent)) {
-                    return;
-                }
-            }
-            else if (cleanOutput.length < baseline) {
-                // Buffer shrank (old lines dropped from scrollback): reset baseline
-                pollerState.stopCheckBaselineLength = cleanOutput.length;
-            }
-            // If length unchanged: no new content, skip check
-        }
-        // 3. Detect prompt
+        // 1. Detect prompt
         const promptOptions = (0, cli_patterns_1.buildDetectPromptOptions)(cliToolId);
         const promptDetection = (0, prompt_detector_1.detectPrompt)(cleanOutput, promptOptions);
         if (!promptDetection.isPrompt || !promptDetection.promptData) {
             // No prompt detected - reset lastAnsweredPromptKey (Issue #306)
             pollerState.lastAnsweredPromptKey = null;
-            scheduleNextPoll(worktreeId, cliToolId);
-            return;
+            return 'no_prompt';
         }
-        // Issue #306: Check for duplicate prompt before responding
+        // 2. Check for duplicate prompt (Issue #306)
         const promptKey = (0, prompt_key_1.generatePromptKey)(promptDetection.promptData);
         if (isDuplicatePrompt(pollerState, promptKey)) {
-            scheduleNextPoll(worktreeId, cliToolId);
-            return;
+            return 'duplicate';
         }
-        // 4. Resolve auto answer
+        // 3. Resolve auto answer
         const answer = (0, auto_yes_resolver_1.resolveAutoAnswer)(promptDetection.promptData);
         if (answer === null) {
-            // Cannot auto-answer this prompt
-            scheduleNextPoll(worktreeId, cliToolId);
-            return;
+            return 'no_answer';
         }
-        // 5. Send answer to tmux
+        // 4. Send answer to tmux
         const manager = manager_1.CLIToolManager.getInstance();
         const cliTool = manager.getTool(cliToolId);
         const sessionName = cliTool.getSessionName(worktreeId);
-        // Issue #287 Bug2: Uses shared sendPromptAnswer() to unify logic
-        // with route.ts, including cursor-key navigation for Claude Code
-        // multiple-choice prompts and fallback handling.
         await (0, prompt_answer_sender_1.sendPromptAnswer)({
             sessionName,
             answer,
             cliToolId,
             promptData: promptDetection.promptData,
         });
-        // 6. Update timestamp
+        // 5. Update timestamp and reset error count
         updateLastServerResponseTimestamp(worktreeId, Date.now());
-        // 7. Reset error count on success
         resetErrorCount(worktreeId);
-        // Issue #306: Record answered prompt key and apply cooldown
+        // 6. Record answered prompt key
         pollerState.lastAnsweredPromptKey = promptKey;
         // Log success (without sensitive content)
         console.info(`[Auto-Yes Poller] Sent response for worktree: ${worktreeId}`);
-        // Issue #306: Apply cooldown interval after successful response (early return)
-        scheduleNextPoll(worktreeId, cliToolId, exports.COOLDOWN_INTERVAL_MS);
+        return 'responded';
+    }
+    catch (error) {
+        // IC003: This catch handles errors from prompt detection/sending only.
+        // incrementErrorCount is called here, and this function never throws,
+        // preventing double incrementErrorCount in the outer pollAutoYes() catch.
+        incrementErrorCount(worktreeId);
+        console.warn(`[Auto-Yes Poller] Error in detectAndRespondToPrompt for worktree ${worktreeId}: ${getErrorMessage(error)}`);
+        return 'error';
+    }
+}
+/**
+ * Internal polling function that recursively schedules itself via setTimeout.
+ * Orchestrates the polling flow by delegating to extracted functions.
+ *
+ * Issue #323: Refactored from ~139 lines to ~30 lines as an orchestrator.
+ * Each responsibility is delegated to a focused function:
+ * - validatePollingContext(): Pre-condition checks
+ * - captureAndCleanOutput(): tmux output capture + ANSI cleanup
+ * - processStopConditionDelta(): Stop condition delta-based check
+ * - detectAndRespondToPrompt(): Prompt detection + auto-response
+ *
+ * @param worktreeId - Worktree identifier
+ * @param cliToolId - CLI tool type being polled
+ */
+async function pollAutoYes(worktreeId, cliToolId) {
+    // 1. Validate context
+    const pollerState = getPollerState(worktreeId);
+    const contextResult = validatePollingContext(worktreeId, pollerState);
+    if (contextResult !== 'valid')
         return;
+    // pollerState is guaranteed non-null after 'valid' check
+    try {
+        // 2. Capture and clean output
+        const cleanOutput = await captureAndCleanOutput(worktreeId, cliToolId);
+        // 3. Thinking check (inline - policy decision about window size)
+        // Issue #161 Layer 1 / Issue #191: windowing applied to detectThinking()
+        const recentLines = cleanOutput.split('\n').slice(-exports.THINKING_CHECK_LINE_COUNT).join('\n');
+        if ((0, cli_patterns_1.detectThinking)(cliToolId, recentLines)) {
+            scheduleNextPoll(worktreeId, cliToolId);
+            return;
+        }
+        // 4. Stop condition delta check (Issue #314)
+        if (processStopConditionDelta(worktreeId, pollerState, cleanOutput)) {
+            return;
+        }
+        // 5. Detect and respond to prompt
+        const result = await detectAndRespondToPrompt(worktreeId, pollerState, cliToolId, cleanOutput);
+        if (result === 'responded') {
+            // Issue #306: Apply cooldown interval after successful response
+            scheduleNextPoll(worktreeId, cliToolId, exports.COOLDOWN_INTERVAL_MS);
+            return;
+        }
     }
     catch (error) {
-        // Increment error count on failure
+        // IC003: This catch handles captureAndCleanOutput() or processStopConditionDelta()
+        // errors only. detectAndRespondToPrompt() catches its own errors and returns
+        // 'error' instead of throwing (preventing double incrementErrorCount).
         incrementErrorCount(worktreeId);
-        // Log error (without sensitive details)
         console.warn(`[Auto-Yes Poller] Error for worktree ${worktreeId}: ${getErrorMessage(error)}`);
     }
     // Schedule next poll (catch block fallthrough or other paths)
@@ -485,7 +569,7 @@ async function pollAutoYes(worktreeId, cliToolId) {
  *   Type: number | undefined (optional parameter).
  */
 function scheduleNextPoll(worktreeId, cliToolId, overrideInterval) {
-    const pollerState = autoYesPollerStates.get(worktreeId);
+    const pollerState = getPollerState(worktreeId);
     if (!pollerState)
         return;
     // S4-F003: Floor guard - polling interval must not be below POLLING_INTERVAL_MS
@@ -548,7 +632,7 @@ function startAutoYesPolling(worktreeId, cliToolId) {
  * @param worktreeId - Worktree identifier
  */
 function stopAutoYesPolling(worktreeId) {
-    const pollerState = autoYesPollerStates.get(worktreeId);
+    const pollerState = getPollerState(worktreeId);
     if (!pollerState)
         return;
     // Clear timer