omnikey-cli 1.0.27 → 1.0.29

package/backend-dist/web-search/browser-playwright.js

@@ -40,44 +40,12 @@ exports.isAnyBrowserRunning = isAnyBrowserRunning;
 exports.isBrowserOpenWithUrl = isBrowserOpenWithUrl;
 exports.fetchWithPlaywright = fetchWithPlaywright;
 const axios_1 = __importDefault(require("axios"));
-// Utility: Promise with timeout
-async function withTimeout(promise, ms, label, log) {
-    let timeoutId;
-    return Promise.race([
-        promise,
-        new Promise((resolve) => {
-            timeoutId = setTimeout(() => {
-                log.warn('browser-playwright: fetch timed out', { label, ms });
-                resolve(null);
-            }, ms);
-        }),
-    ]).then((result) => {
-        clearTimeout(timeoutId);
-        return result;
-    });
-}
-/**
- * Playwright-based web fetching using the user's installed browser profile.
- *
- * Key design decisions:
- *   1. Detects which Chromium browsers are currently RUNNING and tries those
- *      first — the active browser is where the authenticated session lives.
- *   2. Discovers the actual profile directory dynamically (Default, Profile 1,
- *      Profile 2 …) rather than hardcoding "Default".
- *   3. Checks multiple executable locations (system /Applications and
- *      user ~/Applications).
- *   4. Firefox is intentionally excluded from Playwright — headless Firefox
- *      on macOS has a known RenderCompositorSWGL rendering bug that causes
- *      30-second timeouts. Cookies from Firefox are still extracted separately
- *      by browser-cookies.ts for the plain-HTTP fallback.
- *
- * macOS only. Returns null on other platforms.
- */
 const child_process_1 = require("child_process");
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const path = __importStar(require("path"));
 const playwright_core_1 = __importDefault(require("playwright-core"));
+const config_1 = require("../config");
 const home = os.homedir();
 const BROWSER_CATALOGUE = [
     {
@@ -137,6 +105,44 @@ const BROWSER_CATALOGUE = [
         userDataDir: path.join(home, 'Library/Application Support/Chromium'),
     },
 ];
+const WINDOWS_BROWSER_CATALOGUE = [
+    {
+        name: 'Chrome',
+        executablePaths: [
+            'C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe',
+            'C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe',
+            path.join(home, 'AppData', 'Local', 'Google', 'Chrome', 'Application', 'chrome.exe'),
+        ],
+        userDataDir: path.join(home, 'AppData', 'Local', 'Google', 'Chrome', 'User Data'),
+    },
+    {
+        name: 'Edge',
+        executablePaths: [
+            'C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe',
+            'C:\\Program Files\\Microsoft\\Edge\\Application\\msedge.exe',
+            path.join(home, 'AppData', 'Local', 'Microsoft', 'Edge', 'Application', 'msedge.exe'),
+        ],
+        userDataDir: path.join(home, 'AppData', 'Local', 'Microsoft', 'Edge', 'User Data'),
+    },
+    {
+        name: 'Brave',
+        executablePaths: [
+            'C:\\Program Files\\BraveSoftware\\Brave-Browser\\Application\\brave.exe',
+            path.join(home, 'AppData', 'Local', 'BraveSoftware', 'Brave-Browser', 'Application', 'brave.exe'),
+        ],
+        userDataDir: path.join(home, 'AppData', 'Local', 'BraveSoftware', 'Brave-Browser', 'User Data'),
+    },
+];
+function resolveExistingExecutablePath(paths) {
+    for (const p of paths) {
+        try {
+            if (fs.existsSync(p))
+                return p;
+        }
+        catch { }
+    }
+    return null;
+}
 // ─── Running browser detection ────────────────────────────────────────────────
 /**
  * Returns the names of browsers that are currently running.
@@ -145,6 +151,32 @@ const BROWSER_CATALOGUE = [
  */
 function getRunningBrowserNames() {
     const running = new Set();
+    if (process.platform === 'win32') {
+        // tasklist /FO CSV /NH outputs one "ImageName","PID",... line per process.
+        const exeMap = {
+            'chrome.exe': 'Chrome',
+            'msedge.exe': 'Edge',
+            'brave.exe': 'Brave',
+            'opera.exe': 'Opera',
+            'vivaldi.exe': 'Vivaldi',
+        };
+        try {
+            const out = (0, child_process_1.execSync)('tasklist /FO CSV /NH 2>nul', {
+                encoding: 'utf8',
+                stdio: ['pipe', 'pipe', 'pipe'],
+            });
+            for (const line of out.split('\n')) {
+                const exe = line.split(',')[0]?.replace(/"/g, '').trim().toLowerCase();
+                const name = exeMap[exe];
+                if (name)
+                    running.add(name);
+            }
+        }
+        catch {
+            // tasklist failed — proceed without running-browser info
+        }
+        return running;
+    }
     try {
         // ps -axco command lists only the process name (no path, no args)
         const output = (0, child_process_1.execSync)('ps -axco command', {
@@ -164,13 +196,11 @@ function getRunningBrowserNames() {
         };
         for (const [processName, browserName] of Object.entries(processMap)) {
             if (processName === 'safari') {
-                // Only match the main Safari process exactly (case-insensitive, trimmed)
                 if (lines.some((l) => l.trim() === 'safari')) {
                     running.add(browserName);
                 }
             }
             else {
-                // For other browsers, allow exact match or substring match
                 if (lines.some((l) => l.trim() === processName || l.includes(processName))) {
                     running.add(browserName);
                 }
@@ -194,23 +224,60 @@ async function fetchWithCDP(url, browsersWithUrl, log) {
     // Collect candidate ports:
     //   1. DevToolsActivePort file (written when Chrome was started with --remote-debugging-port)
     //   2. Well-known default ports developers commonly use
+    //   3. On Windows: all ports browser processes are currently listening on
     const candidatePorts = [];
-    for (const candidate of BROWSER_CATALOGUE) {
-        if (!browsersWithUrl.has(candidate.name))
-            continue;
-        if (candidate.name === 'Safari')
-            continue; // CDP is Chromium-only
-        const portFile = path.join(candidate.userDataDir, 'DevToolsActivePort');
-        if (fs.existsSync(portFile)) {
-            try {
-                const raw = fs.readFileSync(portFile, 'utf8');
-                const port = parseInt(raw.split('\n')[0].trim(), 10);
-                if (!isNaN(port) && port > 0 && !candidatePorts.includes(port)) {
+    if (process.platform !== 'win32') {
+        // macOS: read DevToolsActivePort from confirmed-open browsers
+        for (const candidate of BROWSER_CATALOGUE) {
+            if (!browsersWithUrl.has(candidate.name))
+                continue;
+            if (candidate.name === 'Safari')
+                continue;
+            const portFile = path.join(candidate.userDataDir, 'DevToolsActivePort');
+            if (fs.existsSync(portFile)) {
+                try {
+                    const raw = fs.readFileSync(portFile, 'utf8');
+                    const port = parseInt(raw.split('\n')[0].trim(), 10);
+                    if (!isNaN(port) && port > 0 && !candidatePorts.includes(port)) {
+                        candidatePorts.push(port);
+                    }
+                }
+                catch { }
+            }
+        }
+    }
+    // Windows: AppleScript is unavailable so browsersWithUrl is always empty.
+    // Read DevToolsActivePort from Windows browser paths directly, and also ask
+    // PowerShell for every TCP port the browser processes are listening on —
+    // this catches any --remote-debugging-port value, not just well-known ones.
+    if (process.platform === 'win32') {
+        for (const candidate of WINDOWS_BROWSER_CATALOGUE) {
+            const portFile = path.join(candidate.userDataDir, 'DevToolsActivePort');
+            if (fs.existsSync(portFile)) {
+                try {
+                    const raw = fs.readFileSync(portFile, 'utf8');
+                    const port = parseInt(raw.split('\n')[0].trim(), 10);
+                    if (!isNaN(port) && port > 0 && !candidatePorts.includes(port)) {
+                        candidatePorts.push(port);
+                    }
+                }
+                catch { }
+            }
+        }
+        // Enumerate all listening ports owned by browser processes via PowerShell.
+        try {
+            const psOut = (0, child_process_1.execSync)('powershell -NoProfile -NonInteractive -Command ' +
+                '"$p=Get-Process -Name chrome,msedge,brave,opera,vivaldi -EA SilentlyContinue;' +
+                'if($p){$p|%{$id=$_.Id;Get-NetTCPConnection -OwningProcess $id -State Listen -EA SilentlyContinue}}' +
+                '|Select-Object -ExpandProperty LocalPort|Sort-Object -Unique"', { encoding: 'utf8', timeout: 5000, stdio: ['pipe', 'pipe', 'pipe'] }).trim();
+            for (const line of psOut.split('\n')) {
+                const port = parseInt(line.trim(), 10);
+                if (!isNaN(port) && port > 1024 && !candidatePorts.includes(port)) {
                     candidatePorts.push(port);
                 }
             }
-            catch { }
         }
+        catch { }
     }
     // Always probe the most common debug ports — many developers run Chrome with
     // --remote-debugging-port=9222 and these checks are cheap (instant refusal if closed).
@@ -218,11 +285,22 @@ async function fetchWithCDP(url, browsersWithUrl, log) {
         if (!candidatePorts.includes(p))
             candidatePorts.push(p);
     }
+    // User-configured port (set via `omnikey grant-browser-access`) gets tried first.
+    if (config_1.config.browserDebugPort && !candidatePorts.includes(config_1.config.browserDebugPort)) {
+        candidatePorts.unshift(config_1.config.browserDebugPort);
+    }
+    else if (config_1.config.browserDebugPort) {
+        // Already in the list — move it to the front so it is tried before auto-detected ports.
+        candidatePorts.splice(candidatePorts.indexOf(config_1.config.browserDebugPort), 1);
+        candidatePorts.unshift(config_1.config.browserDebugPort);
+    }
     for (const port of candidatePorts) {
         // Quick HTTP probe: /json/version returns immediately if the debug endpoint is up.
         let endpointUp = false;
         try {
-            const probe = await axios_1.default.get(`http://localhost:${port}/json/version`, { timeout: 800 });
+            // Use 127.0.0.1 explicitly — on Windows, `localhost` may resolve to ::1
+            // while Chrome binds its debug endpoint to 127.0.0.1 only.
+            const probe = await axios_1.default.get(`http://127.0.0.1:${port}/json/version`, { timeout: 800 });
             endpointUp = probe.status === 200;
         }
         catch {
@@ -345,12 +423,12 @@ function getBrowsersWithUrlOpen(url, log) {
                     return false;
                 }
             });
-            log.debug('browser-playwright: tab check', { browser: browserName, targetHostname, found });
+            log.info('browser-playwright: tab check', { browser: browserName, targetHostname, found });
             if (found)
                 confirmed.add(browserName);
         }
         catch {
-            log.debug('browser-playwright: AppleScript tab check failed — skipping browser', {
+            log.warn('browser-playwright: AppleScript tab check failed — skipping browser', {
                 browser: browserName,
             });
         }
@@ -359,12 +437,62 @@ function getBrowsersWithUrlOpen(url, log) {
 }
 /**
  * Returns true if the given URL's hostname is confirmed open in any running
- * browser tab via AppleScript. Returns false if the check cannot be performed
- * or if no browser has the URL open.
+ * browser tab. On macOS this uses AppleScript; on Windows it queries the CDP
+ * debug endpoint's /json tab list (requires --remote-debugging-port).
  */
-function isBrowserOpenWithUrl(url, log) {
+async function isBrowserOpenWithUrl(url, log) {
+    if (process.platform === 'win32') {
+        return isBrowserOpenWithUrlWindows(url, log);
+    }
     return getBrowsersWithUrlOpen(url, log).size > 0;
 }
+async function isBrowserOpenWithUrlWindows(url, log) {
+    let targetHostname;
+    try {
+        targetHostname = new URL(url).hostname;
+    }
+    catch {
+        return false;
+    }
+    // If no browser processes are running at all, skip the port probes.
+    if (getRunningBrowserNames().size === 0)
+        return false;
+    const candidatePorts = [];
+    if (config_1.config.browserDebugPort)
+        candidatePorts.push(config_1.config.browserDebugPort);
+    for (const p of [9222, 9229, 9333]) {
+        if (!candidatePorts.includes(p))
+            candidatePorts.push(p);
+    }
+    for (const port of candidatePorts) {
+        try {
+            const resp = await axios_1.default.get(`http://127.0.0.1:${port}/json`, {
+                timeout: 800,
+            });
+            if (!Array.isArray(resp.data))
+                continue;
+            const found = resp.data.some((tab) => {
+                try {
+                    return new URL(tab.url ?? '').hostname === targetHostname;
+                }
+                catch {
+                    return false;
+                }
+            });
+            if (found) {
+                log.info('browser-playwright: Windows CDP tab check confirmed URL open', {
+                    port,
+                    hostname: targetHostname,
+                });
+                return true;
+            }
+        }
+        catch {
+            // Port not listening — skip
+        }
+    }
+    return false;
+}
 // ─── Strategy 0: Live-tab AppleScript extraction ──────────────────────────────
 //
 // When the user already has the URL open in a browser we can pull the rendered
@@ -441,7 +569,7 @@ function findTabLocation(appName, url) {
  * URL open. Returns null if the URL is not open or extraction fails.
  */
 async function fetchFromRunningBrowserTab(url, browsersWithUrl, log) {
-    if (process.platform !== 'darwin' || browsersWithUrl.size === 0)
+    if (config_1.config.terminalPlatform !== 'macos' || browsersWithUrl.size === 0)
         return null;
     for (const browserName of browsersWithUrl) {
         const info = BROWSER_APPLESCRIPT[browserName];
@@ -574,40 +702,23 @@ async function fetchFromRunningBrowserTab(url, browsersWithUrl, log) {
 /**
  * Fetches a URL using the user's browser session.
  *
- * Only browsers that are confirmed (via AppleScript) to have the URL open are
- * tried — this avoids wasting time on browsers or profiles that don't hold the
- * active session.
- *
- * Strategies in order:
- *  0. Live-tab extraction — reads content directly from the open tab via
- *     AppleScript JS execution. No cookie decryption required.
- *  1. Cookie injection — decrypts cookies and injects into a fresh headless
- *     Chromium context (handles cookie-based auth when live tab unavailable).
- *  2. Profile copy — copies Local Storage + IndexedDB to a temp dir (handles
- *     localStorage/sessionStorage token auth flows).
- *  3. Safari Playwright — WebKit with injected Safari cookies (Safari only).
+ * Strategies:
+ *  -1. CDP via --remote-debugging-port — macOS + Windows; requires Chrome to be
+ *      started with --remote-debugging-port=9222.
+ *   0. Live-tab AppleScript extraction — macOS only.
  */
 async function fetchWithPlaywright(url, log) {
-    // Determine which browsers have the URL open right now.
     const browsersWithUrl = getBrowsersWithUrlOpen(url, log);
     log.info('browser-playwright: browsers with URL open', {
         url,
         browsers: [...browsersWithUrl],
     });
-    // ── Strategy -1: CDP via DevToolsActivePort ──────────────────────────────
-    // Fastest path — connects directly to the live browser's JS-rendered tab.
-    // Only works when Chrome was launched with --remote-debugging-port.
-    if (browsersWithUrl.size > 0) {
-        const cdpResult = await fetchWithCDP(url, browsersWithUrl, log);
-        if (cdpResult) {
-            return cdpResult.content;
-        }
-    }
-    // ── Strategy 0: extract from the live tab directly ────────────────────────
+    const cdpResult = await fetchWithCDP(url, browsersWithUrl, log);
+    if (cdpResult)
+        return cdpResult.content;
     const liveContent = await fetchFromRunningBrowserTab(url, browsersWithUrl, log);
-    if (liveContent) {
+    if (liveContent)
         return liveContent;
-    }
-    log.warn('browser-playwright: all strategies exhausted', { url });
+    log.warn('browser-playwright: all strategies exhausted — on Windows, launch Chrome with --remote-debugging-port=9222', { url });
     return null;
 }

package/backend-dist/web-search/web-search-provider.js

@@ -170,7 +170,7 @@ async function fetchPlainHttp(url, log) {
         // sites use redirects, 302s, custom error pages, or soft-blocks
         // rather than a clean 401/403, so checking status codes alone is
         // unreliable. Fall through to the browser-session path instead.
-        if (isSelfHostedMacOS && (0, browser_playwright_1.isBrowserOpenWithUrl)(url, log)) {
+        if (isSelfHostedWithBrowserSession && (await (0, browser_playwright_1.isBrowserOpenWithUrl)(url, log))) {
             return { html: null, authBlocked: true, finalUrl: url };
         }
         if (status === 401 || status === 403) {
@@ -192,19 +192,19 @@ async function fetchFromActiveTab(url, log) {
     log.info('web_fetch: falling back to active-tab extraction', { url });
     return (0, browser_playwright_1.fetchWithPlaywright)(url, log);
 }
-const isSelfHostedMacOS = config_1.config.isSelfHosted && config_1.config.terminalPlatform === 'macos';
+const isSelfHostedWithBrowserSession = config_1.config.isSelfHosted;
 async function executeWebFetch(url, log) {
     log.info('Executing web_fetch tool', { url });
     // ── Step 1: plain HTTP request ────────────────────────────────────────────
     const { html, authBlocked, finalUrl } = await fetchPlainHttp(url, log);
     const plainText = html ? stripHtml(html) : '';
-    if (!isSelfHostedMacOS) {
+    if (!isSelfHostedWithBrowserSession) {
         if (authBlocked) {
-            log.warn('Error: page requires authentication. Run OmniKey in self-hosted mode on macOS to enable browser-session access.');
+            log.warn('Error: page requires authentication. Run OmniKey in self-hosted mode on macOS or Windows to enable browser-session access.');
         }
         return plainText.slice(0, exports.MAX_TOOL_CONTENT_CHARS) || 'No content retrieved';
     }
-    // ── Step 2 (self-hosted macOS only): LLM auth check on plain response ─────
+    // ── Step 2 (self-hosted desktop): LLM auth check on plain response ────────
     let looksUnauthenticated = false;
     if (!authBlocked && plainText) {
         log.info('web_fetch: performing LLM auth check on plain HTTP response', { url });
@@ -214,7 +214,7 @@ async function executeWebFetch(url, log) {
         }
         looksUnauthenticated = true;
     }
-    // ── Step 3 (self-hosted macOS only): active-tab extraction ───────────────
+    // ── Step 3 (self-hosted desktop): active-tab extraction ──────────────────
     // Only attempted when there is evidence authentication is required.
     const needsAuth = authBlocked || looksUnauthenticated;
     if (needsAuth) {
@@ -226,7 +226,15 @@ async function executeWebFetch(url, log) {
     }
     // All strategies exhausted.
     if (authBlocked) {
-        log.warn('Error: page requires authentication. Open the page in Chrome and ensure "Allow JavaScript from Apple Events" is enabled (View → Developer → Allow JavaScript from Apple Events).');
+        if (config_1.config.terminalPlatform === 'macos') {
+            log.warn('Error: page requires authentication. Open the page in Chrome and ensure "Allow JavaScript from Apple Events" is enabled (View → Developer → Allow JavaScript from Apple Events).');
+        }
+        else if (config_1.config.terminalPlatform === 'windows') {
+            log.warn('Error: page requires authentication. To enable live browser-session access on Windows, ' +
+                'launch Chrome with --remote-debugging-port=9222: right-click your Chrome shortcut → Properties, ' +
+                'and append "--remote-debugging-port=9222" to the Target field, then restart Chrome. ' +
+                'OmniKey will then read the authenticated tab directly.');
+        }
     }
     return plainText.slice(0, exports.MAX_TOOL_CONTENT_CHARS) || 'No content retrieved';
 }