langmart-gateway-type3 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +29 -0
- package/README.md +480 -0
- package/dist/bash-tools.d.ts +56 -0
- package/dist/bash-tools.d.ts.map +1 -0
- package/dist/bash-tools.js +188 -0
- package/dist/bash-tools.js.map +1 -0
- package/dist/core-tools.d.ts +94 -0
- package/dist/core-tools.d.ts.map +1 -0
- package/dist/core-tools.js +694 -0
- package/dist/core-tools.js.map +1 -0
- package/dist/debug-utils.d.ts +22 -0
- package/dist/debug-utils.d.ts.map +1 -0
- package/dist/debug-utils.js +37 -0
- package/dist/debug-utils.js.map +1 -0
- package/dist/devops-tools.d.ts +147 -0
- package/dist/devops-tools.d.ts.map +1 -0
- package/dist/devops-tools.js +718 -0
- package/dist/devops-tools.js.map +1 -0
- package/dist/gateway-config.d.ts +56 -0
- package/dist/gateway-config.d.ts.map +1 -0
- package/dist/gateway-config.js +198 -0
- package/dist/gateway-config.js.map +1 -0
- package/dist/gateway-mode.d.ts +58 -0
- package/dist/gateway-mode.d.ts.map +1 -0
- package/dist/gateway-mode.js +240 -0
- package/dist/gateway-mode.js.map +1 -0
- package/dist/gateway-server.d.ts +208 -0
- package/dist/gateway-server.d.ts.map +1 -0
- package/dist/gateway-server.js +1811 -0
- package/dist/gateway-server.js.map +1 -0
- package/dist/headless-session.d.ts +192 -0
- package/dist/headless-session.d.ts.map +1 -0
- package/dist/headless-session.js +584 -0
- package/dist/headless-session.js.map +1 -0
- package/dist/index-server.d.ts +4 -0
- package/dist/index-server.d.ts.map +1 -0
- package/dist/index-server.js +129 -0
- package/dist/index-server.js.map +1 -0
- package/dist/index.d.ts +6 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +101 -0
- package/dist/index.js.map +1 -0
- package/dist/key-vault.d.ts +102 -0
- package/dist/key-vault.d.ts.map +1 -0
- package/dist/key-vault.js +365 -0
- package/dist/key-vault.js.map +1 -0
- package/dist/local-vault.d.ts +195 -0
- package/dist/local-vault.d.ts.map +1 -0
- package/dist/local-vault.js +571 -0
- package/dist/local-vault.js.map +1 -0
- package/dist/marketplace-tools.d.ts +104 -0
- package/dist/marketplace-tools.d.ts.map +1 -0
- package/dist/marketplace-tools.js +2846 -0
- package/dist/marketplace-tools.js.map +1 -0
- package/dist/mcp-manager.d.ts +114 -0
- package/dist/mcp-manager.d.ts.map +1 -0
- package/dist/mcp-manager.js +338 -0
- package/dist/mcp-manager.js.map +1 -0
- package/dist/web-tools.d.ts +86 -0
- package/dist/web-tools.d.ts.map +1 -0
- package/dist/web-tools.js +431 -0
- package/dist/web-tools.js.map +1 -0
- package/dist/websocket-handler.d.ts +131 -0
- package/dist/websocket-handler.d.ts.map +1 -0
- package/dist/websocket-handler.js +596 -0
- package/dist/websocket-handler.js.map +1 -0
- package/dist/welcome-pages.d.ts +6 -0
- package/dist/welcome-pages.d.ts.map +1 -0
- package/dist/welcome-pages.js +200 -0
- package/dist/welcome-pages.js.map +1 -0
- package/package.json +168 -0
- package/scripts/install-remote.sh +282 -0
- package/scripts/start.sh +85 -0
- package/scripts/status.sh +79 -0
- package/scripts/stop.sh +67 -0
|
@@ -0,0 +1,365 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.KeyVault = void 0;
|
|
37
|
+
const debug_utils_1 = require("./debug-utils");
|
|
38
|
+
/**
|
|
39
|
+
* KeyVault - Automatic API Key Detection and Redaction
|
|
40
|
+
*
|
|
41
|
+
* This module automatically detects API keys in user prompts, replaces them with
|
|
42
|
+
* random placeholders before sending to LLMs, and restores real values in responses.
|
|
43
|
+
*
|
|
44
|
+
* Prevents accidental exposure of sensitive API keys to LLM providers.
|
|
45
|
+
*/
|
|
46
|
+
const crypto = __importStar(require("crypto"));
|
|
47
|
+
class KeyVault {
|
|
48
|
+
constructor() {
|
|
49
|
+
this.keyMappings = new Map();
|
|
50
|
+
// API key detection patterns for major LLM providers
|
|
51
|
+
// More flexible patterns to catch keys even if length varies slightly
|
|
52
|
+
this.KEY_PATTERNS = [
|
|
53
|
+
{
|
|
54
|
+
name: 'openai-project',
|
|
55
|
+
pattern: /\bsk-proj-[A-Za-z0-9_-]{40,200}\b/g,
|
|
56
|
+
prefix: 'sk-proj-',
|
|
57
|
+
minLength: 48,
|
|
58
|
+
maxLength: 208
|
|
59
|
+
},
|
|
60
|
+
{
|
|
61
|
+
name: 'anthropic',
|
|
62
|
+
pattern: /\bsk-ant-api\d+-[A-Za-z0-9_-]{20,100}\b/g,
|
|
63
|
+
prefix: 'sk-ant-api',
|
|
64
|
+
minLength: 30,
|
|
65
|
+
maxLength: 120
|
|
66
|
+
},
|
|
67
|
+
{
|
|
68
|
+
name: 'google-gemini',
|
|
69
|
+
pattern: /\bAIza[A-Za-z0-9_\\-]{30,50}\b/g,
|
|
70
|
+
prefix: 'AIza',
|
|
71
|
+
minLength: 34,
|
|
72
|
+
maxLength: 54
|
|
73
|
+
},
|
|
74
|
+
{
|
|
75
|
+
name: 'groq',
|
|
76
|
+
pattern: /\bgsk_[A-Za-z0-9]{40,60}\b/g,
|
|
77
|
+
prefix: 'gsk_',
|
|
78
|
+
minLength: 44,
|
|
79
|
+
maxLength: 64
|
|
80
|
+
},
|
|
81
|
+
{
|
|
82
|
+
name: 'deepseek',
|
|
83
|
+
pattern: /\bsk-[A-Za-z0-9]{40,60}\b/g,
|
|
84
|
+
prefix: 'sk-',
|
|
85
|
+
minLength: 43,
|
|
86
|
+
maxLength: 63
|
|
87
|
+
},
|
|
88
|
+
{
|
|
89
|
+
name: 'openai-legacy',
|
|
90
|
+
pattern: /\bsk-[A-Za-z0-9]{40,60}\b/g,
|
|
91
|
+
prefix: 'sk-',
|
|
92
|
+
minLength: 43,
|
|
93
|
+
maxLength: 63
|
|
94
|
+
}
|
|
95
|
+
];
|
|
96
|
+
}
|
|
97
|
+
/**
|
|
98
|
+
* Generate a random key with the same format as the original
|
|
99
|
+
*/
|
|
100
|
+
generateRandomKey(provider, originalKey) {
|
|
101
|
+
const pattern = this.KEY_PATTERNS.find(p => p.name === provider);
|
|
102
|
+
if (!pattern) {
|
|
103
|
+
throw new Error(`Unknown provider: ${provider}`);
|
|
104
|
+
}
|
|
105
|
+
const keyLength = originalKey.length - pattern.prefix.length;
|
|
106
|
+
const randomChars = crypto.randomBytes(Math.ceil(keyLength / 2))
|
|
107
|
+
.toString('hex')
|
|
108
|
+
.substring(0, keyLength);
|
|
109
|
+
return pattern.prefix + randomChars;
|
|
110
|
+
}
|
|
111
|
+
/**
|
|
112
|
+
* Detect and redact API keys in text
|
|
113
|
+
* Returns both redacted text and list of detected keys
|
|
114
|
+
*/
|
|
115
|
+
redactKeys(text) {
|
|
116
|
+
let redactedText = text;
|
|
117
|
+
let detectedCount = 0;
|
|
118
|
+
for (const pattern of this.KEY_PATTERNS) {
|
|
119
|
+
const matches = text.matchAll(pattern.pattern);
|
|
120
|
+
for (const match of matches) {
|
|
121
|
+
const realKey = match[0];
|
|
122
|
+
// Check if we've already seen this key
|
|
123
|
+
let mapping = Array.from(this.keyMappings.values())
|
|
124
|
+
.find(m => m.real === realKey);
|
|
125
|
+
if (!mapping) {
|
|
126
|
+
// Generate new random key with same format
|
|
127
|
+
const redactedKey = this.generateRandomKey(pattern.name, realKey);
|
|
128
|
+
const now = new Date();
|
|
129
|
+
mapping = {
|
|
130
|
+
redacted: redactedKey,
|
|
131
|
+
real: realKey,
|
|
132
|
+
provider: pattern.name,
|
|
133
|
+
detectedAt: now,
|
|
134
|
+
lastUsed: now,
|
|
135
|
+
useCount: 0
|
|
136
|
+
};
|
|
137
|
+
// Store both directions for fast lookup
|
|
138
|
+
this.keyMappings.set(redactedKey, mapping);
|
|
139
|
+
detectedCount++;
|
|
140
|
+
(0, debug_utils_1.debugLog)(`[KeyVault] 🔐 Detected ${pattern.name} API key, redacted to: ${redactedKey.substring(0, 15)}...`);
|
|
141
|
+
}
|
|
142
|
+
// Replace real key with redacted version
|
|
143
|
+
redactedText = redactedText.replace(realKey, mapping.redacted);
|
|
144
|
+
}
|
|
145
|
+
}
|
|
146
|
+
return { redactedText, detectedCount };
|
|
147
|
+
}
|
|
148
|
+
/**
|
|
149
|
+
* Restore real API keys in text (for LLM responses and tool calls)
|
|
150
|
+
*/
|
|
151
|
+
restoreKeys(text) {
|
|
152
|
+
let restoredText = text;
|
|
153
|
+
let restoredCount = 0;
|
|
154
|
+
// Check all stored redacted keys
|
|
155
|
+
for (const [redactedKey, mapping] of this.keyMappings.entries()) {
|
|
156
|
+
if (text.includes(redactedKey)) {
|
|
157
|
+
restoredText = restoredText.replace(new RegExp(redactedKey, 'g'), mapping.real);
|
|
158
|
+
restoredCount++;
|
|
159
|
+
// Update usage tracking
|
|
160
|
+
mapping.lastUsed = new Date();
|
|
161
|
+
mapping.useCount++;
|
|
162
|
+
(0, debug_utils_1.debugLog)(`[KeyVault] 🔓 Restored ${mapping.provider} API key from: ${redactedKey.substring(0, 15)}...`);
|
|
163
|
+
}
|
|
164
|
+
}
|
|
165
|
+
return { restoredText, restoredCount };
|
|
166
|
+
}
|
|
167
|
+
/**
|
|
168
|
+
* Check if text contains any API keys (real or redacted)
|
|
169
|
+
*/
|
|
170
|
+
containsKeys(text) {
|
|
171
|
+
// Check for real keys
|
|
172
|
+
for (const pattern of this.KEY_PATTERNS) {
|
|
173
|
+
if (pattern.pattern.test(text)) {
|
|
174
|
+
return true;
|
|
175
|
+
}
|
|
176
|
+
}
|
|
177
|
+
// Check for redacted keys
|
|
178
|
+
for (const redactedKey of this.keyMappings.keys()) {
|
|
179
|
+
if (text.includes(redactedKey)) {
|
|
180
|
+
return true;
|
|
181
|
+
}
|
|
182
|
+
}
|
|
183
|
+
return false;
|
|
184
|
+
}
|
|
185
|
+
/**
|
|
186
|
+
* Get statistics about redacted keys
|
|
187
|
+
*/
|
|
188
|
+
getStats() {
|
|
189
|
+
const byProvider = {};
|
|
190
|
+
let oldestDate = null;
|
|
191
|
+
let newestDate = null;
|
|
192
|
+
let oldestMapping = null;
|
|
193
|
+
let newestMapping = null;
|
|
194
|
+
let totalAge = 0;
|
|
195
|
+
for (const mapping of this.keyMappings.values()) {
|
|
196
|
+
byProvider[mapping.provider] = (byProvider[mapping.provider] || 0) + 1;
|
|
197
|
+
if (!oldestDate || mapping.detectedAt < oldestDate) {
|
|
198
|
+
oldestDate = mapping.detectedAt;
|
|
199
|
+
oldestMapping = mapping;
|
|
200
|
+
}
|
|
201
|
+
if (!newestDate || mapping.detectedAt > newestDate) {
|
|
202
|
+
newestDate = mapping.detectedAt;
|
|
203
|
+
newestMapping = mapping;
|
|
204
|
+
}
|
|
205
|
+
totalAge += Date.now() - mapping.detectedAt.getTime();
|
|
206
|
+
}
|
|
207
|
+
const count = this.keyMappings.size;
|
|
208
|
+
const averageAge = count > 0 ? totalAge / count / 1000 / 60 : 0; // Convert to minutes
|
|
209
|
+
return {
|
|
210
|
+
totalKeys: count,
|
|
211
|
+
byProvider,
|
|
212
|
+
oldestKey: oldestMapping ? {
|
|
213
|
+
provider: oldestMapping.provider,
|
|
214
|
+
ageMinutes: (Date.now() - oldestMapping.detectedAt.getTime()) / 1000 / 60
|
|
215
|
+
} : undefined,
|
|
216
|
+
newestKey: newestMapping ? {
|
|
217
|
+
provider: newestMapping.provider,
|
|
218
|
+
ageMinutes: (Date.now() - newestMapping.detectedAt.getTime()) / 1000 / 60
|
|
219
|
+
} : undefined,
|
|
220
|
+
averageAge
|
|
221
|
+
};
|
|
222
|
+
}
|
|
223
|
+
/**
|
|
224
|
+
* Get keys older than specified age in minutes
|
|
225
|
+
*/
|
|
226
|
+
getOldKeys(maxAgeMinutes) {
|
|
227
|
+
const now = Date.now();
|
|
228
|
+
const maxAgeMs = maxAgeMinutes * 60 * 1000;
|
|
229
|
+
const oldKeys = [];
|
|
230
|
+
for (const mapping of this.keyMappings.values()) {
|
|
231
|
+
const age = now - mapping.detectedAt.getTime();
|
|
232
|
+
if (age > maxAgeMs) {
|
|
233
|
+
oldKeys.push({
|
|
234
|
+
provider: mapping.provider,
|
|
235
|
+
ageMinutes: age / 1000 / 60,
|
|
236
|
+
lastUsedMinutes: (now - mapping.lastUsed.getTime()) / 1000 / 60,
|
|
237
|
+
useCount: mapping.useCount
|
|
238
|
+
});
|
|
239
|
+
}
|
|
240
|
+
}
|
|
241
|
+
return oldKeys;
|
|
242
|
+
}
|
|
243
|
+
/**
|
|
244
|
+
* Clean up keys older than specified age in minutes
|
|
245
|
+
* Returns number of keys removed
|
|
246
|
+
*/
|
|
247
|
+
cleanupOldKeys(maxAgeMinutes) {
|
|
248
|
+
const now = Date.now();
|
|
249
|
+
const maxAgeMs = maxAgeMinutes * 60 * 1000;
|
|
250
|
+
const keysToRemove = [];
|
|
251
|
+
for (const [redactedKey, mapping] of this.keyMappings.entries()) {
|
|
252
|
+
const age = now - mapping.detectedAt.getTime();
|
|
253
|
+
if (age > maxAgeMs) {
|
|
254
|
+
keysToRemove.push(redactedKey);
|
|
255
|
+
}
|
|
256
|
+
}
|
|
257
|
+
for (const key of keysToRemove) {
|
|
258
|
+
this.keyMappings.delete(key);
|
|
259
|
+
}
|
|
260
|
+
if (keysToRemove.length > 0) {
|
|
261
|
+
(0, debug_utils_1.debugLog)(`[KeyVault] 🧹 Cleaned up ${keysToRemove.length} key(s) older than ${maxAgeMinutes} minutes`);
|
|
262
|
+
}
|
|
263
|
+
return keysToRemove.length;
|
|
264
|
+
}
|
|
265
|
+
/**
|
|
266
|
+
* Clean up keys not used for specified time in minutes
|
|
267
|
+
* Returns number of keys removed
|
|
268
|
+
*/
|
|
269
|
+
cleanupUnusedKeys(unusedMinutes) {
|
|
270
|
+
const now = Date.now();
|
|
271
|
+
const unusedMs = unusedMinutes * 60 * 1000;
|
|
272
|
+
const keysToRemove = [];
|
|
273
|
+
for (const [redactedKey, mapping] of this.keyMappings.entries()) {
|
|
274
|
+
const timeSinceLastUse = now - mapping.lastUsed.getTime();
|
|
275
|
+
if (timeSinceLastUse > unusedMs && mapping.useCount === 0) {
|
|
276
|
+
keysToRemove.push(redactedKey);
|
|
277
|
+
}
|
|
278
|
+
}
|
|
279
|
+
for (const key of keysToRemove) {
|
|
280
|
+
this.keyMappings.delete(key);
|
|
281
|
+
}
|
|
282
|
+
if (keysToRemove.length > 0) {
|
|
283
|
+
(0, debug_utils_1.debugLog)(`[KeyVault] 🧹 Cleaned up ${keysToRemove.length} unused key(s) (not used for ${unusedMinutes} minutes)`);
|
|
284
|
+
}
|
|
285
|
+
return keysToRemove.length;
|
|
286
|
+
}
|
|
287
|
+
/**
|
|
288
|
+
* Get age of a specific redacted key in minutes
|
|
289
|
+
*/
|
|
290
|
+
getKeyAge(redactedKey) {
|
|
291
|
+
const mapping = this.keyMappings.get(redactedKey);
|
|
292
|
+
if (!mapping)
|
|
293
|
+
return null;
|
|
294
|
+
return (Date.now() - mapping.detectedAt.getTime()) / 1000 / 60;
|
|
295
|
+
}
|
|
296
|
+
/**
|
|
297
|
+
* Get detailed info about all stored keys
|
|
298
|
+
*/
|
|
299
|
+
getAllKeysInfo() {
|
|
300
|
+
const now = Date.now();
|
|
301
|
+
const keysInfo = [];
|
|
302
|
+
for (const mapping of this.keyMappings.values()) {
|
|
303
|
+
keysInfo.push({
|
|
304
|
+
provider: mapping.provider,
|
|
305
|
+
redactedPrefix: mapping.redacted.substring(0, 15) + '...',
|
|
306
|
+
ageMinutes: (now - mapping.detectedAt.getTime()) / 1000 / 60,
|
|
307
|
+
lastUsedMinutes: (now - mapping.lastUsed.getTime()) / 1000 / 60,
|
|
308
|
+
useCount: mapping.useCount
|
|
309
|
+
});
|
|
310
|
+
}
|
|
311
|
+
return keysInfo.sort((a, b) => b.ageMinutes - a.ageMinutes); // Sort by age, oldest first
|
|
312
|
+
}
|
|
313
|
+
/**
|
|
314
|
+
* Get comprehensive statistics for UI display
|
|
315
|
+
*/
|
|
316
|
+
getStatistics() {
|
|
317
|
+
const now = Date.now();
|
|
318
|
+
const keys = [];
|
|
319
|
+
for (const mapping of this.keyMappings.values()) {
|
|
320
|
+
keys.push({
|
|
321
|
+
provider: mapping.provider,
|
|
322
|
+
redactedPrefix: mapping.redacted.substring(0, 15) + '...',
|
|
323
|
+
detectedAt: mapping.detectedAt,
|
|
324
|
+
age: Math.round((now - mapping.detectedAt.getTime()) / 1000 / 60), // Minutes
|
|
325
|
+
useCount: mapping.useCount
|
|
326
|
+
});
|
|
327
|
+
}
|
|
328
|
+
return {
|
|
329
|
+
totalKeys: this.keyMappings.size,
|
|
330
|
+
keys: keys.sort((a, b) => b.age - a.age) // Sort by age, oldest first
|
|
331
|
+
};
|
|
332
|
+
}
|
|
333
|
+
/**
|
|
334
|
+
* Clear all stored key mappings (use when starting new chat session)
|
|
335
|
+
*/
|
|
336
|
+
clear() {
|
|
337
|
+
const count = this.keyMappings.size;
|
|
338
|
+
this.keyMappings.clear();
|
|
339
|
+
if (count > 0) {
|
|
340
|
+
(0, debug_utils_1.debugLog)(`[KeyVault] 🗑️ Cleared ${count} key mappings`);
|
|
341
|
+
}
|
|
342
|
+
}
|
|
343
|
+
/**
|
|
344
|
+
* Process a chat message before sending to LLM
|
|
345
|
+
*/
|
|
346
|
+
processOutgoingMessage(message) {
|
|
347
|
+
const { redactedText, detectedCount } = this.redactKeys(message);
|
|
348
|
+
if (detectedCount > 0) {
|
|
349
|
+
(0, debug_utils_1.debugLog)(`[KeyVault] 📤 Outgoing message: Redacted ${detectedCount} API key(s)`);
|
|
350
|
+
}
|
|
351
|
+
return redactedText;
|
|
352
|
+
}
|
|
353
|
+
/**
|
|
354
|
+
* Process a response from LLM before showing to user
|
|
355
|
+
*/
|
|
356
|
+
processIncomingMessage(message) {
|
|
357
|
+
const { restoredText, restoredCount } = this.restoreKeys(message);
|
|
358
|
+
if (restoredCount > 0) {
|
|
359
|
+
(0, debug_utils_1.debugLog)(`[KeyVault] 📥 Incoming message: Restored ${restoredCount} API key(s)`);
|
|
360
|
+
}
|
|
361
|
+
return restoredText;
|
|
362
|
+
}
|
|
363
|
+
}
|
|
364
|
+
exports.KeyVault = KeyVault;
|
|
365
|
+
//# sourceMappingURL=key-vault.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"key-vault.js","sourceRoot":"","sources":["../key-vault.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAyC;AACzC;;;;;;;GAOG;AAEH,+CAAiC;AAWjC,MAAa,QAAQ;IAArB;QACY,gBAAW,GAA4B,IAAI,GAAG,EAAE,CAAC;QAEzD,qDAAqD;QACrD,sEAAsE;QACrD,iBAAY,GAAG;YAC5B;gBACI,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,oCAAoC;gBAC7C,MAAM,EAAE,UAAU;gBAClB,SAAS,EAAE,EAAE;gBACb,SAAS,EAAE,GAAG;aACjB;YACD;gBACI,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,0CAA0C;gBACnD,MAAM,EAAE,YAAY;gBACpB,SAAS,EAAE,EAAE;gBACb,SAAS,EAAE,GAAG;aACjB;YACD;gBACI,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE,iCAAiC;gBAC1C,MAAM,EAAE,MAAM;gBACd,SAAS,EAAE,EAAE;gBACb,SAAS,EAAE,EAAE;aAChB;YACD;gBACI,IAAI,EAAE,MAAM;gBACZ,OAAO,EAAE,6BAA6B;gBACtC,MAAM,EAAE,MAAM;gBACd,SAAS,EAAE,EAAE;gBACb,SAAS,EAAE,EAAE;aAChB;YACD;gBACI,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,4BAA4B;gBACrC,MAAM,EAAE,KAAK;gBACb,SAAS,EAAE,EAAE;gBACb,SAAS,EAAE,EAAE;aAChB;YACD;gBACI,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE,4BAA4B;gBACrC,MAAM,EAAE,KAAK;gBACb,SAAS,EAAE,EAAE;gBACb,SAAS,EAAE,EAAE;aAChB;SACJ,CAAC;IA4VN,CAAC;IA1VG;;OAEG;IACK,iBAAiB,CAAC,QAAgB,EAAE,WAAmB;QAC3D,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;QACjE,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,qBAAqB,QAAQ,EAAE,CAAC,CAAC;QACrD,CAAC;QAED,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC;QAC7D,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;aAC3D,QAAQ,CAAC,KAAK,CAAC;aACf,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QAE7B,OAAO,OAAO,CAAC,MAAM,GAAG,WAAW,CAAC;IACxC,CAAC;IAED;;;OAGG;IACI,UAAU,CAAC,IAAY;QAC1B,IAAI,YAAY,GAAG,IAAI,CAAC;QACxB,IAAI,aAAa,GAAG,CAAC,CAAC;QAEtB,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtC,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAE/C,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;gBAC1B,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBAEzB,uCAAuC;gBACvC,IAAI,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;qBAC9C,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC;gBAEnC,IAAI,CAAC,OAAO,EAAE,CAAC;oBACX,2CAA2C;oBAC3C,MAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;oBAElE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,OAAO,GAAG;wBACN,QAAQ,EAAE,WAAW;wBACrB,IAAI,EAAE,OAAO;wBACb,QAAQ,EAAE,OAAO,CAAC,IAAI;wBACtB,UAAU,EAAE,GAAG;wBACf,QAAQ,EAAE,GAAG;wBACb,QAAQ,EAAE,CAAC;qBACd,CAAC;oBAEF,wCAAwC;oBACxC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;oBAC3C,aAAa,EAAE,CAAC;oBAEhB,IAAA,sBAAQ,EAAC,0BAA0B,OAAO,CAAC,IAAI,0BAA0B,WAAW,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;gBAChH,CAAC;gBAED,yCAAyC;gBACzC,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;YACnE,CAAC;QACL,CAAC;QAED,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,CAAC;IAC3C,CAAC;IAED;;OAEG;IACI,WAAW,CAAC,IAAY;QAC3B,IAAI,YAAY,GAAG,IAAI,CAAC;QACxB,IAAI,aAAa,GAAG,CAAC,CAAC;QAEtB,iCAAiC;QACjC,KAAK,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,CAAC;YAC9D,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC7B,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,WAAW,EAAE,GAAG,CAAC,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;gBAChF,aAAa,EAAE,CAAC;gBAEhB,wBAAwB;gBACxB,OAAO,CAAC,QAAQ,GAAG,IAAI,IAAI,EAAE,CAAC;gBAC9B,OAAO,CAAC,QAAQ,EAAE,CAAC;gBAEnB,IAAA,sBAAQ,EAAC,0BAA0B,OAAO,CAAC,QAAQ,kBAAkB,WAAW,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;YAC5G,CAAC;QACL,CAAC;QAED,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,CAAC;IAC3C,CAAC;IAED;;OAEG;IACI,YAAY,CAAC,IAAY;QAC5B,sBAAsB;QACtB,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtC,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC;QAED,0BAA0B;QAC1B,KAAK,MAAM,WAAW,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC;YAChD,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC7B,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC;QAED,OAAO,KAAK,CAAC;IACjB,CAAC;IAED;;OAEG;IACI,QAAQ;QAOX,MAAM,UAAU,GAA2B,EAAE,CAAC;QAC9C,IAAI,UAAU,GAAgB,IAAI,CAAC;QACnC,IAAI,UAAU,GAAgB,IAAI,CAAC;QACnC,IAAI,aAAa,GAAsB,IAAI,CAAC;QAC5C,IAAI,aAAa,GAAsB,IAAI,CAAC;QAC5C,IAAI,QAAQ,GAAG,CAAC,CAAC;QAEjB,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,EAAE,CAAC;YAC9C,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YAEvE,IAAI,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,GAAG,UAAU,EAAE,CAAC;gBACjD,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;gBAChC,aAAa,GAAG,OAAO,CAAC;YAC5B,CAAC;YAED,IAAI,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,GAAG,UAAU,EAAE,CAAC;gBACjD,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;gBAChC,aAAa,GAAG,OAAO,CAAC;YAC5B,CAAC;YAED,QAAQ,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;QAC1D,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;QACpC,MAAM,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,GAAG,KAAK,GAAG,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,qBAAqB;QAEtF,OAAO;YACH,SAAS,EAAE,KAAK;YAChB,UAAU;YACV,SAAS,EAAE,aAAa,CAAC,CAAC,CAAC;gBACvB,QAAQ,EAAE,aAAa,CAAC,QAAQ;gBAChC,UAAU,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,aAAa,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,GAAG,IAAI,GAAG,EAAE;aAC5E,CAAC,CAAC,CAAC,SAAS;YACb,SAAS,EAAE,aAAa,CAAC,CAAC,CAAC;gBACvB,QAAQ,EAAE,aAAa,CAAC,QAAQ;gBAChC,UAAU,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,aAAa,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,GAAG,IAAI,GAAG,EAAE;aAC5E,CAAC,CAAC,CAAC,SAAS;YACb,UAAU;SACb,CAAC;IACN,CAAC;IAED;;OAEG;IACI,UAAU,CAAC,aAAqB;QAMnC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAG,aAAa,GAAG,EAAE,GAAG,IAAI,CAAC;QAC3C,MAAM,OAAO,GAAe,EAAE,CAAC;QAE/B,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,EAAE,CAAC;YAC9C,MAAM,GAAG,GAAG,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;YAC/C,IAAI,GAAG,GAAG,QAAQ,EAAE,CAAC;gBACjB,OAAO,CAAC,IAAI,CAAC;oBACT,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,UAAU,EAAE,GAAG,GAAG,IAAI,GAAG,EAAE;oBAC3B,eAAe,EAAE,CAAC,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,GAAG,IAAI,GAAG,EAAE;oBAC/D,QAAQ,EAAE,OAAO,CAAC,QAAQ;iBAC7B,CAAC,CAAC;YACP,CAAC;QACL,CAAC;QAED,OAAO,OAAO,CAAC;IACnB,CAAC;IAED;;;OAGG;IACI,cAAc,CAAC,aAAqB;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAG,aAAa,GAAG,EAAE,GAAG,IAAI,CAAC;QAC3C,MAAM,YAAY,GAAa,EAAE,CAAC;QAElC,KAAK,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,CAAC;YAC9D,MAAM,GAAG,GAAG,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;YAC/C,IAAI,GAAG,GAAG,QAAQ,EAAE,CAAC;gBACjB,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACnC,CAAC;QACL,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;YAC7B,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,IAAA,sBAAQ,EAAC,4BAA4B,YAAY,CAAC,MAAM,sBAAsB,aAAa,UAAU,CAAC,CAAC;QAC3G,CAAC;QAED,OAAO,YAAY,CAAC,MAAM,CAAC;IAC/B,CAAC;IAED;;;OAGG;IACI,iBAAiB,CAAC,aAAqB;QAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAG,aAAa,GAAG,EAAE,GAAG,IAAI,CAAC;QAC3C,MAAM,YAAY,GAAa,EAAE,CAAC;QAElC,KAAK,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,CAAC;YAC9D,MAAM,gBAAgB,GAAG,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;YAC1D,IAAI,gBAAgB,GAAG,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;gBACxD,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACnC,CAAC;QACL,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;YAC7B,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,IAAA,sBAAQ,EAAC,4BAA4B,YAAY,CAAC,MAAM,gCAAgC,aAAa,WAAW,CAAC,CAAC;QACtH,CAAC;QAED,OAAO,YAAY,CAAC,MAAM,CAAC;IAC/B,CAAC;IAED;;OAEG;IACI,SAAS,CAAC,WAAmB;QAChC,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAClD,IAAI,CAAC,OAAO;YAAE,OAAO,IAAI,CAAC;QAE1B,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,GAAG,IAAI,GAAG,EAAE,CAAC;IACnE,CAAC;IAED;;OAEG;IACI,cAAc;QAOjB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAe,EAAE,CAAC;QAEhC,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,EAAE,CAAC;YAC9C,QAAQ,CAAC,IAAI,CAAC;gBACV,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,cAAc,EAAE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;gBACzD,UAAU,EAAE,CAAC,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,GAAG,IAAI,GAAG,EAAE;gBAC5D,eAAe,EAAE,CAAC,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,GAAG,IAAI,GAAG,EAAE;gBAC/D,QAAQ,EAAE,OAAO,CAAC,QAAQ;aAC7B,CAAC,CAAC;QACP,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,4BAA4B;IAC7F,CAAC;IAED;;OAEG;IACI,aAAa;QAUhB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,IAAI,GAAe,EAAE,CAAC;QAE5B,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,EAAE,CAAC;YAC9C,IAAI,CAAC,IAAI,CAAC;gBACN,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,cAAc,EAAE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;gBACzD,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,GAAG,IAAI,GAAG,EAAE,CAAC,EAAE,UAAU;gBAC7E,QAAQ,EAAE,OAAO,CAAC,QAAQ;aAC7B,CAAC,CAAC;QACP,CAAC;QAED,OAAO;YACH,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI;YAChC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,4BAA4B;SACxE,CAAC;IACN,CAAC;IAED;;OAEG;IACI,KAAK;QACR,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;QACpC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;QACzB,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;YACZ,IAAA,sBAAQ,EAAC,2BAA2B,KAAK,eAAe,CAAC,CAAC;QAC9D,CAAC;IACL,CAAC;IAED;;OAEG;IACI,sBAAsB,CAAC,OAAe;QACzC,MAAM,EAAE,YAAY,EAAE,aAAa,EAAE,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAEjE,IAAI,aAAa,GAAG,CAAC,EAAE,CAAC;YACpB,IAAA,sBAAQ,EAAC,4CAA4C,aAAa,aAAa,CAAC,CAAC;QACrF,CAAC;QAED,OAAO,YAAY,CAAC;IACxB,CAAC;IAED;;OAEG;IACI,sBAAsB,CAAC,OAAe;QACzC,MAAM,EAAE,YAAY,EAAE,aAAa,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAElE,IAAI,aAAa,GAAG,CAAC,EAAE,CAAC;YACpB,IAAA,sBAAQ,EAAC,4CAA4C,aAAa,aAAa,CAAC,CAAC;QACrF,CAAC;QAED,OAAO,YAAY,CAAC;IACxB,CAAC;CACJ;AA5YD,4BA4YC"}
|
|
@@ -0,0 +1,195 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Local Vault for Gateway Type 3
|
|
3
|
+
*
|
|
4
|
+
* TWO-PART ARCHITECTURE:
|
|
5
|
+
*
|
|
6
|
+
* Part 1: Clear Text Configuration (.vault/config.json)
|
|
7
|
+
* - Human-readable JSON
|
|
8
|
+
* - Maps provider names to connection_id UUIDs
|
|
9
|
+
* - Editable by users
|
|
10
|
+
* - NOT encrypted
|
|
11
|
+
*
|
|
12
|
+
* Part 2: Encrypted Keystore (.vault/keystore.enc)
|
|
13
|
+
* - AES-256-GCM encrypted credentials
|
|
14
|
+
* - Base64-encoded for readability
|
|
15
|
+
* - Header with DO NOT EDIT warnings
|
|
16
|
+
* - Maps connection_id to API keys
|
|
17
|
+
*
|
|
18
|
+
* Key Features:
|
|
19
|
+
* - Separation of configuration and secrets
|
|
20
|
+
* - Clear warnings against manual keystore edits
|
|
21
|
+
* - User-friendly configuration editing
|
|
22
|
+
* - Secure credential storage
|
|
23
|
+
*/
|
|
24
|
+
export declare class LocalVault {
|
|
25
|
+
private static instances;
|
|
26
|
+
private vaultDir;
|
|
27
|
+
private configPath;
|
|
28
|
+
private keystorePath;
|
|
29
|
+
private masterKey;
|
|
30
|
+
private cache;
|
|
31
|
+
private config;
|
|
32
|
+
private algorithm;
|
|
33
|
+
private userId?;
|
|
34
|
+
constructor(config: {
|
|
35
|
+
vaultPath?: string;
|
|
36
|
+
masterPassword?: string;
|
|
37
|
+
userId?: string;
|
|
38
|
+
});
|
|
39
|
+
/**
|
|
40
|
+
* Get singleton instance for a specific user
|
|
41
|
+
* Uses ~/.langmart/users/<userId> as vault directory for user-specific storage
|
|
42
|
+
*
|
|
43
|
+
* @param userId - User ID (optional for backward compatibility)
|
|
44
|
+
*/
|
|
45
|
+
static getInstance(userId?: string): LocalVault;
|
|
46
|
+
/**
|
|
47
|
+
* Reset singleton instance (for testing)
|
|
48
|
+
*/
|
|
49
|
+
static resetInstance(userId?: string): void;
|
|
50
|
+
/**
|
|
51
|
+
* Reset all singleton instances (for testing)
|
|
52
|
+
*/
|
|
53
|
+
static resetAllInstances(): void;
|
|
54
|
+
/**
|
|
55
|
+
* Get the user ID associated with this vault
|
|
56
|
+
*/
|
|
57
|
+
getUserId(): string | undefined;
|
|
58
|
+
/**
|
|
59
|
+
* Get the vault directory path
|
|
60
|
+
*/
|
|
61
|
+
getVaultPath(): string;
|
|
62
|
+
/**
|
|
63
|
+
* Check if legacy vault exists (data in ~/.langmart/ instead of ~/.langmart/users/<userId>/)
|
|
64
|
+
*/
|
|
65
|
+
static hasLegacyVault(): boolean;
|
|
66
|
+
/**
|
|
67
|
+
* Migrate legacy vault data to user-specific vault
|
|
68
|
+
* Call this after validating the API key to get the user ID
|
|
69
|
+
*
|
|
70
|
+
* @param userId - User ID to migrate data to
|
|
71
|
+
* @returns true if migration was successful, false if no legacy data found
|
|
72
|
+
*/
|
|
73
|
+
static migrateLegacyVault(userId: string): Promise<boolean>;
|
|
74
|
+
/**
|
|
75
|
+
* Store API key for an access point
|
|
76
|
+
* @param accessPointId - UUID of the access point
|
|
77
|
+
* @param apiKey - Provider API key
|
|
78
|
+
* @param provider - Optional provider name for config mapping
|
|
79
|
+
* @param description - Optional description for config
|
|
80
|
+
*/
|
|
81
|
+
setCredential(accessPointId: string, apiKey: string, provider?: string, description?: string): Promise<void>;
|
|
82
|
+
/**
|
|
83
|
+
* Get API key for an access point
|
|
84
|
+
* @param accessPointId - UUID of the access point
|
|
85
|
+
*/
|
|
86
|
+
getCredential(accessPointId: string): string | undefined;
|
|
87
|
+
/**
|
|
88
|
+
* Check if access point has credential
|
|
89
|
+
* @param accessPointId - UUID of the access point
|
|
90
|
+
*/
|
|
91
|
+
hasCredential(accessPointId: string): boolean;
|
|
92
|
+
/**
|
|
93
|
+
* List all access point IDs with credentials
|
|
94
|
+
*/
|
|
95
|
+
listAccessPoints(): string[];
|
|
96
|
+
/**
|
|
97
|
+
* Remove credential for an access point
|
|
98
|
+
* @param accessPointId - UUID of the access point
|
|
99
|
+
*/
|
|
100
|
+
removeCredential(accessPointId: string): Promise<void>;
|
|
101
|
+
/**
|
|
102
|
+
* Clear all credentials
|
|
103
|
+
*/
|
|
104
|
+
clearAll(): Promise<void>;
|
|
105
|
+
/**
|
|
106
|
+
* Store gateway authentication API key
|
|
107
|
+
* Special key stored with reserved ID '__gateway_auth__'
|
|
108
|
+
*/
|
|
109
|
+
setAuthKey(apiKey: string): Promise<void>;
|
|
110
|
+
/**
|
|
111
|
+
* Get gateway authentication API key
|
|
112
|
+
*/
|
|
113
|
+
getAuthKey(): string | undefined;
|
|
114
|
+
/**
|
|
115
|
+
* Check if gateway authentication key is stored
|
|
116
|
+
*/
|
|
117
|
+
hasAuthKey(): boolean;
|
|
118
|
+
/**
|
|
119
|
+
* Remove gateway authentication key (logout)
|
|
120
|
+
*/
|
|
121
|
+
removeAuthKey(): Promise<void>;
|
|
122
|
+
/**
|
|
123
|
+
* Load clear text configuration
|
|
124
|
+
*/
|
|
125
|
+
private loadConfig;
|
|
126
|
+
/**
|
|
127
|
+
* Save clear text configuration
|
|
128
|
+
*/
|
|
129
|
+
private saveConfig;
|
|
130
|
+
/**
|
|
131
|
+
* Load encrypted keystore
|
|
132
|
+
*/
|
|
133
|
+
private loadKeystore;
|
|
134
|
+
/**
|
|
135
|
+
* Save encrypted keystore with header warnings
|
|
136
|
+
*/
|
|
137
|
+
private saveKeystore;
|
|
138
|
+
/**
|
|
139
|
+
* Encrypt data using AES-256-GCM
|
|
140
|
+
*/
|
|
141
|
+
private encrypt;
|
|
142
|
+
/**
|
|
143
|
+
* Decrypt data using AES-256-GCM
|
|
144
|
+
*/
|
|
145
|
+
private decrypt;
|
|
146
|
+
/**
|
|
147
|
+
* Initialize vault with credentials from environment variables
|
|
148
|
+
* NOTE: This is for backward compatibility only
|
|
149
|
+
* In production, use connection_id as key, not provider names
|
|
150
|
+
* Example: vault.setCredential('uuid-of-connection', 'sk-...')
|
|
151
|
+
*/
|
|
152
|
+
initializeFromEnvironment(): Promise<void>;
|
|
153
|
+
/**
|
|
154
|
+
* Export credentials (for backup - USE WITH CAUTION)
|
|
155
|
+
* Returns map of connection_id -> apiKey
|
|
156
|
+
*/
|
|
157
|
+
export(): {
|
|
158
|
+
[accessPointId: string]: string;
|
|
159
|
+
};
|
|
160
|
+
/**
|
|
161
|
+
* Import credentials (for restore)
|
|
162
|
+
* @param credentials - Map of connection_id -> apiKey
|
|
163
|
+
*/
|
|
164
|
+
import(credentials: {
|
|
165
|
+
[accessPointId: string]: string;
|
|
166
|
+
}): Promise<void>;
|
|
167
|
+
}
|
|
168
|
+
/**
|
|
169
|
+
* Usage Example (PRODUCTION):
|
|
170
|
+
*
|
|
171
|
+
* const vault = new LocalVault({
|
|
172
|
+
* vaultPath: './.vault',
|
|
173
|
+
* masterPassword: 'my-secure-password'
|
|
174
|
+
* });
|
|
175
|
+
*
|
|
176
|
+
* // Store credential using connection_id (from database) with provider mapping
|
|
177
|
+
* await vault.setCredential(
|
|
178
|
+
* '12345678-1234-1234-1234-123456789abc', // connection_id
|
|
179
|
+
* 'sk-...', // API key
|
|
180
|
+
* 'groq', // provider name (optional, for config)
|
|
181
|
+
* 'Groq production endpoint' // description (optional)
|
|
182
|
+
* );
|
|
183
|
+
*
|
|
184
|
+
* // Retrieve credential using connection_id
|
|
185
|
+
* const apiKey = vault.getCredential('12345678-1234-1234-1234-123456789abc');
|
|
186
|
+
*
|
|
187
|
+
* // Check available access points
|
|
188
|
+
* const accessPoints = vault.listAccessPoints();
|
|
189
|
+
* debugLog('Stored credentials for:', accessPoints);
|
|
190
|
+
*
|
|
191
|
+
* // Files created:
|
|
192
|
+
* // .vault/config.json - Clear text, editable, maps provider names to UUIDs
|
|
193
|
+
* // .vault/keystore.enc - Encrypted, base64-encoded, with DO NOT EDIT warnings
|
|
194
|
+
*/
|
|
195
|
+
//# sourceMappingURL=local-vault.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"local-vault.d.ts","sourceRoot":"","sources":["../local-vault.ts"],"names":[],"mappings":"AA8BA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,qBAAa,UAAU;IACnB,OAAO,CAAC,MAAM,CAAC,SAAS,CAAsC;IAE9D,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,KAAK,CAAkC;IAC/C,OAAO,CAAC,MAAM,CAAc;IAC5B,OAAO,CAAC,SAAS,CAAiB;IAClC,OAAO,CAAC,MAAM,CAAC,CAAS;gBAEZ,MAAM,EAAE;QAChB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,MAAM,CAAC,EAAE,MAAM,CAAC;KACnB;IAkDD;;;;;OAKG;WACW,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,UAAU;IA6BtD;;OAEG;WACW,aAAa,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI;IAKlD;;OAEG;WACW,iBAAiB,IAAI,IAAI;IAIvC;;OAEG;IACI,SAAS,IAAI,MAAM,GAAG,SAAS;IAItC;;OAEG;IACI,YAAY,IAAI,MAAM;IAI7B;;OAEG;WACW,cAAc,IAAI,OAAO;IASvC;;;;;;OAMG;WACiB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAsExE;;;;;;OAMG;IACU,aAAa,CACtB,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE,MAAM,EACd,QAAQ,CAAC,EAAE,MAAM,EACjB,WAAW,CAAC,EAAE,MAAM,GACrB,OAAO,CAAC,IAAI,CAAC;IAoBhB;;;OAGG;IACI,aAAa,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAI/D;;;OAGG;IACI,aAAa,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO;IAIpD;;OAEG;IACI,gBAAgB,IAAI,MAAM,EAAE;IAInC;;;OAGG;IACU,gBAAgB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAgBnE;;OAEG;IACU,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;IAQtC;;;OAGG;IACU,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAiBtD;;OAEG;IACI,UAAU,IAAI,MAAM,GAAG,SAAS;IAIvC;;OAEG;IACI,UAAU,IAAI,OAAO;IAI5B;;OAEG;IACU,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IAM3C;;OAEG;IACH,OAAO,CAAC,UAAU;IAiBlB;;OAEG;YACW,UAAU;IAWxB;;OAEG;IACH,OAAO,CAAC,YAAY;IAkCpB;;OAEG;YACW,YAAY;IAuD1B;;OAEG;IACH,OAAO,CAAC,OAAO;IAaf;;OAEG;IACH,OAAO,CAAC,OAAO;IAcf;;;;;OAKG;IACU,yBAAyB,IAAI,OAAO,CAAC,IAAI,CAAC;IAsBvD;;;OAGG;IACI,MAAM,IAAI;QAAE,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE;IAKpD;;;OAGG;IACU,MAAM,CAAC,WAAW,EAAE;QAAE,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;CAOvF;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG"}
|