npm - openclaw-safeclaw-plugin - Versions diffs - 0.9.0 → 0.9.2 - Mend

openclaw-safeclaw-plugin 0.9.0 → 0.9.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/cli.tsx CHANGED Viewed

@@ -134,7 +134,37 @@ if (command === 'connect') {
   writeFileSync(configPath, JSON.stringify(config, null, 2) + '\n');
   chmodSync(configPath, 0o600);
-  console.log(`Connected! API key saved to ${configPath}`);
+  console.log(`API key saved to ${configPath}`);
+  // Validate key via handshake
+  try {
+    const res = await fetch(`${serviceUrl}/handshake`, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Authorization': `Bearer ${apiKey}`,
+      },
+      body: JSON.stringify({ pluginVersion: '0.1.3', configHash: '' }),
+      signal: AbortSignal.timeout(5000),
+    });
+    if (res.ok) {
+      const data = await res.json() as Record<string, unknown>;
+      console.log(`Connected! org=${data.orgId}, scope=${data.scope}`);
+    } else {
+      let detail = `HTTP ${res.status}`;
+      try {
+        const body = await res.json() as Record<string, unknown>;
+        detail = (body.error ?? body.detail ?? detail) as string;
+      } catch { /* ignore */ }
+      console.warn(`Warning: API key saved but handshake failed — ${detail}`);
+      if (res.status === 401) {
+        console.warn('The key may be invalid or revoked. Check https://safeclaw.eu/dashboard');
+      }
+    }
+  } catch {
+    console.warn(`Warning: API key saved but could not reach ${serviceUrl}`);
+    console.warn('Run "safeclaw status" later to verify the connection.');
+  }
   // Register with OpenClaw
   console.log('Registering SafeClaw plugin with OpenClaw...');
@@ -267,7 +297,55 @@ if (command === 'connect') {
     }
   }
-  // 5. OpenClaw installed
+  // 5. Handshake — validates API key actually works
+  if (serviceHealthy && cfg.apiKey) {
+    try {
+      const res = await fetch(`${cfg.serviceUrl}/handshake`, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          'Authorization': `Bearer ${cfg.apiKey}`,
+        },
+        body: JSON.stringify({ pluginVersion: '0.1.3', configHash: '' }),
+        signal: AbortSignal.timeout(cfg.timeoutMs),
+      });
+      if (res.ok) {
+        const data = await res.json() as Record<string, unknown>;
+        console.log(`[ok] Handshake: org=${data.orgId}, scope=${data.scope}, engine=${data.engineReady ? 'ready' : 'not ready'}`);
+      } else {
+        let detail = `HTTP ${res.status}`;
+        try {
+          const body = await res.json() as Record<string, unknown>;
+          detail = (body.error ?? body.detail ?? detail) as string;
+        } catch { /* ignore parse errors */ }
+        console.log(`[!!] Handshake failed: ${detail}`);
+        if (res.status === 401) {
+          console.log('     ↳ API key is invalid or revoked. Get a new key at https://safeclaw.eu/dashboard');
+        } else if (res.status === 403) {
+          console.log('     ↳ API key lacks required scope. Check key permissions in your dashboard.');
+        } else if (res.status === 500) {
+          console.log('     ↳ Server error — check service logs for details.');
+        }
+        allOk = false;
+      }
+    } catch (e) {
+      const isTimeout = e instanceof DOMException && e.name === 'TimeoutError';
+      if (isTimeout) {
+        console.log(`[!!] Handshake failed: timeout after ${cfg.timeoutMs}ms`);
+        console.log('     ↳ Service may be overloaded. Try increasing SAFECLAW_TIMEOUT_MS.');
+      } else {
+        console.log('[!!] Handshake failed: could not connect');
+        console.log(`     ↳ Is the service running at ${cfg.serviceUrl}?`);
+      }
+      allOk = false;
+    }
+  } else if (serviceHealthy && !cfg.apiKey) {
+    console.log('[!!] Handshake: skipped — no API key configured');
+    console.log('     ↳ Run: safeclaw connect <your-api-key>');
+    allOk = false;
+  }
+  // 6. OpenClaw installed
   try {
     execSync('which openclaw', { encoding: 'utf-8', stdio: 'pipe' });
     console.log('[ok] OpenClaw: installed');
@@ -276,7 +354,7 @@ if (command === 'connect') {
     allOk = false;
   }
-  // 6. Plugin extension files exist
+  // 7. Plugin extension files exist
   const extensionDir = join(homedir(), '.openclaw', 'extensions', 'safeclaw');
   const hasManifest = existsSync(join(extensionDir, 'openclaw.plugin.json'));
   const hasEntry = existsSync(join(extensionDir, 'index.js'));
@@ -295,7 +373,7 @@ if (command === 'connect') {
     allOk = false;
   }
-  // 7. Plugin enabled in OpenClaw config
+  // 8. Plugin enabled in OpenClaw config
   const ocConfigPath = join(homedir(), '.openclaw', 'openclaw.json');
   if (existsSync(ocConfigPath)) {
     const ocConfig = readJson(ocConfigPath);

package/dist/cli.js CHANGED Viewed

@@ -119,7 +119,39 @@ if (command === 'connect') {
     mkdirSync(configDir, { recursive: true });
     writeFileSync(configPath, JSON.stringify(config, null, 2) + '\n');
     chmodSync(configPath, 0o600);
-    console.log(`Connected! API key saved to ${configPath}`);
+    console.log(`API key saved to ${configPath}`);
+    // Validate key via handshake
+    try {
+        const res = await fetch(`${serviceUrl}/handshake`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'Authorization': `Bearer ${apiKey}`,
+            },
+            body: JSON.stringify({ pluginVersion: '0.1.3', configHash: '' }),
+            signal: AbortSignal.timeout(5000),
+        });
+        if (res.ok) {
+            const data = await res.json();
+            console.log(`Connected! org=${data.orgId}, scope=${data.scope}`);
+        }
+        else {
+            let detail = `HTTP ${res.status}`;
+            try {
+                const body = await res.json();
+                detail = (body.error ?? body.detail ?? detail);
+            }
+            catch { /* ignore */ }
+            console.warn(`Warning: API key saved but handshake failed — ${detail}`);
+            if (res.status === 401) {
+                console.warn('The key may be invalid or revoked. Check https://safeclaw.eu/dashboard');
+            }
+        }
+    }
+    catch {
+        console.warn(`Warning: API key saved but could not reach ${serviceUrl}`);
+        console.warn('Run "safeclaw status" later to verify the connection.');
+    }
     // Register with OpenClaw
     console.log('Registering SafeClaw plugin with OpenClaw...');
     const registered = registerWithOpenClaw();
@@ -261,7 +293,61 @@ else if (command === 'status') {
             allOk = false;
         }
     }
-    // 5. OpenClaw installed
+    // 5. Handshake — validates API key actually works
+    if (serviceHealthy && cfg.apiKey) {
+        try {
+            const res = await fetch(`${cfg.serviceUrl}/handshake`, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    'Authorization': `Bearer ${cfg.apiKey}`,
+                },
+                body: JSON.stringify({ pluginVersion: '0.1.3', configHash: '' }),
+                signal: AbortSignal.timeout(cfg.timeoutMs),
+            });
+            if (res.ok) {
+                const data = await res.json();
+                console.log(`[ok] Handshake: org=${data.orgId}, scope=${data.scope}, engine=${data.engineReady ? 'ready' : 'not ready'}`);
+            }
+            else {
+                let detail = `HTTP ${res.status}`;
+                try {
+                    const body = await res.json();
+                    detail = (body.error ?? body.detail ?? detail);
+                }
+                catch { /* ignore parse errors */ }
+                console.log(`[!!] Handshake failed: ${detail}`);
+                if (res.status === 401) {
+                    console.log('     ↳ API key is invalid or revoked. Get a new key at https://safeclaw.eu/dashboard');
+                }
+                else if (res.status === 403) {
+                    console.log('     ↳ API key lacks required scope. Check key permissions in your dashboard.');
+                }
+                else if (res.status === 500) {
+                    console.log('     ↳ Server error — check service logs for details.');
+                }
+                allOk = false;
+            }
+        }
+        catch (e) {
+            const isTimeout = e instanceof DOMException && e.name === 'TimeoutError';
+            if (isTimeout) {
+                console.log(`[!!] Handshake failed: timeout after ${cfg.timeoutMs}ms`);
+                console.log('     ↳ Service may be overloaded. Try increasing SAFECLAW_TIMEOUT_MS.');
+            }
+            else {
+                console.log('[!!] Handshake failed: could not connect');
+                console.log(`     ↳ Is the service running at ${cfg.serviceUrl}?`);
+            }
+            allOk = false;
+        }
+    }
+    else if (serviceHealthy && !cfg.apiKey) {
+        console.log('[!!] Handshake: skipped — no API key configured');
+        console.log('     ↳ Run: safeclaw connect <your-api-key>');
+        allOk = false;
+    }
+    // 6. OpenClaw installed
     try {
         execSync('which openclaw', { encoding: 'utf-8', stdio: 'pipe' });
         console.log('[ok] OpenClaw: installed');
@@ -270,7 +356,7 @@ else if (command === 'status') {
         console.log('[!!] OpenClaw: not found in PATH');
         allOk = false;
     }
-    // 6. Plugin extension files exist
+    // 7. Plugin extension files exist
     const extensionDir = join(homedir(), '.openclaw', 'extensions', 'safeclaw');
     const hasManifest = existsSync(join(extensionDir, 'openclaw.plugin.json'));
     const hasEntry = existsSync(join(extensionDir, 'index.js'));
@@ -291,7 +377,7 @@ else if (command === 'status') {
         console.log('[!!] Plugin: not installed. Run: safeclaw setup');
         allOk = false;
     }
-    // 7. Plugin enabled in OpenClaw config
+    // 8. Plugin enabled in OpenClaw config
     const ocConfigPath = join(homedir(), '.openclaw', 'openclaw.json');
     if (existsSync(ocConfigPath)) {
         const ocConfig = readJson(ocConfigPath);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "openclaw-safeclaw-plugin",
-  "version": "0.9.0",
+  "version": "0.9.2",
   "description": "SafeClaw Neurosymbolic Governance plugin for OpenClaw — validates AI agent actions against OWL ontologies and SHACL constraints",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",