passwd-sso-cli 0.4.3

package/dist/commands/agent-decrypt.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Decrypt agent — holds vault key in memory, serves decrypt requests via Unix socket.
+ * Authorization is checked against the server for every request (no caching).
+ *
+ * Socket: $XDG_RUNTIME_DIR/passwd-sso/decrypt.sock
+ * Protocol: newline-delimited JSON over Unix domain socket
+ */
+export interface DecryptAgentOptions {
+    eval?: boolean;
+}
+export declare function decryptAgentCommand(opts: DecryptAgentOptions): Promise<void>;

package/dist/commands/agent-decrypt.js

@@ -0,0 +1,317 @@
+/**
+ * Decrypt agent — holds vault key in memory, serves decrypt requests via Unix socket.
+ * Authorization is checked against the server for every request (no caching).
+ *
+ * Socket: $XDG_RUNTIME_DIR/passwd-sso/decrypt.sock
+ * Protocol: newline-delimited JSON over Unix domain socket
+ */
+import { createServer } from "node:net";
+import { spawn } from "node:child_process";
+import { mkdirSync, lstatSync, chmodSync, unlinkSync } from "node:fs";
+import { join } from "node:path";
+import { z } from "zod";
+import { apiRequest, startBackgroundRefresh } from "../lib/api-client.js";
+import { decryptData, hexEncode } from "../lib/crypto.js";
+import { buildPersonalEntryAAD } from "../lib/crypto-aad.js";
+import { getEncryptionKey, getUserId, getSecretKeyBytes, setEncryptionKey } from "../lib/vault-state.js";
+import { readPassphrase, unlockWithPassphrase } from "./unlock.js";
+import * as output from "../lib/output.js";
+// ─── Input Validation Schema ───────────────────────────────────
+const DecryptRequestSchema = z.object({
+    entryId: z.string().regex(/^[a-zA-Z0-9_-]{1,100}$/),
+    clientId: z.string().startsWith("mcpc_").max(100),
+    field: z.enum(["password", "username", "url", "notes", "totp", "title", "_json"]).default("password"),
+});
+// ─── Socket Path ───────────────────────────────────────────────
+function getDecryptSocketPath() {
+    const xdg = process.env.XDG_RUNTIME_DIR;
+    if (!xdg) {
+        process.stderr.write("Error: $XDG_RUNTIME_DIR is not set.\n" +
+            "On Linux, this is typically /run/user/<uid>.\n" +
+            "Ensure your session manager sets XDG_RUNTIME_DIR (systemd-logind or pam_systemd).\n");
+        process.exit(1);
+    }
+    return join(xdg, "passwd-sso", "decrypt.sock");
+}
+/**
+ * Prepare the socket directory and validate ownership before binding.
+ */
+function prepareSocket(socketPath) {
+    const dir = join(socketPath, "..");
+    mkdirSync(dir, { recursive: true, mode: 0o700 });
+    // Verify directory ownership (lstatSync avoids following symlinks)
+    const dirStat = lstatSync(dir);
+    if (!dirStat.isDirectory()) {
+        process.stderr.write(`Error: ${dir} is not a directory (possible symlink attack)\n`);
+        process.exit(1);
+    }
+    const uid = process.getuid?.();
+    if (uid !== undefined && dirStat.uid !== uid) {
+        process.stderr.write(`Error: Socket directory ${dir} is owned by uid ${dirStat.uid}, expected ${uid}\n`);
+        process.exit(1);
+    }
+    // Remove stale socket if present, verify ownership first
+    try {
+        const sockStat = lstatSync(socketPath);
+        if (uid !== undefined && sockStat.uid !== uid) {
+            process.stderr.write(`Error: Stale socket ${socketPath} is owned by uid ${sockStat.uid}, not removing\n`);
+            process.exit(1);
+        }
+        unlinkSync(socketPath);
+    }
+    catch {
+        // Socket doesn't exist, that's fine
+    }
+}
+// ─── Decrypt Request Handler ───────────────────────────────────
+async function handleDecryptRequest(req) {
+    // Step 1: Check authorization with server (no caching — ensures immediate revocation)
+    const checkRes = await apiRequest(`/api/vault/delegation/check?clientId=${req.clientId}&entryId=${req.entryId}`);
+    if (!checkRes.ok || !checkRes.data.authorized) {
+        const reason = checkRes.data.reason ?? "unauthorized";
+        return { ok: false, error: `Not authorized: ${reason}` };
+    }
+    // Step 2: Fetch the vault entry
+    const entryRes = await apiRequest(`/api/passwords/${req.entryId}`);
+    if (!entryRes.ok) {
+        return { ok: false, error: `Failed to fetch entry: HTTP ${entryRes.status}` };
+    }
+    const entry = entryRes.data;
+    // Defense in depth: verify returned entry matches requested ID
+    if (entry.id !== req.entryId) {
+        return { ok: false, error: "Entry ID mismatch (server returned unexpected entry)" };
+    }
+    // Step 3: Decrypt with vault key
+    const encryptionKey = getEncryptionKey();
+    if (!encryptionKey) {
+        return { ok: false, error: "Vault is locked" };
+    }
+    const userId = getUserId();
+    try {
+        const aad = entry.aadVersion >= 1 && userId
+            ? buildPersonalEntryAAD(userId, entry.id)
+            : undefined;
+        const plaintext = await decryptData(entry.encryptedBlob, encryptionKey, aad);
+        const blob = JSON.parse(plaintext);
+        // Step 4: Extract requested field or return full JSON
+        if (req.field === "_json") {
+            return { ok: true, value: JSON.stringify(blob) };
+        }
+        const fieldValue = blob[req.field];
+        if (fieldValue === undefined || fieldValue === null) {
+            return { ok: false, error: `Field "${req.field}" not found in entry` };
+        }
+        const value = typeof fieldValue === "object"
+            ? JSON.stringify(fieldValue)
+            : String(fieldValue);
+        return { ok: true, value };
+    }
+    catch (err) {
+        return {
+            ok: false,
+            error: `Decrypt failed: ${err instanceof Error ? err.message : "unknown error"}`,
+        };
+    }
+}
+// ─── Connection Handler ────────────────────────────────────────
+const MAX_BUFFER_SIZE = 64 * 1024; // 64KB — far more than any valid request
+function handleConnection(socket) {
+    let buffer = "";
+    socket.on("data", (chunk) => {
+        buffer += chunk.toString("utf-8");
+        if (buffer.length > MAX_BUFFER_SIZE) {
+            socket.write(JSON.stringify({ ok: false, error: "Request too large" }) + "\n");
+            socket.destroy();
+            buffer = "";
+            return;
+        }
+        // Process complete newline-delimited JSON messages
+        const lines = buffer.split("\n");
+        buffer = lines.pop() ?? ""; // Keep incomplete last line
+        for (const line of lines) {
+            const trimmed = line.trim();
+            if (!trimmed)
+                continue;
+            void (async () => {
+                let response;
+                try {
+                    const raw = JSON.parse(trimmed);
+                    const parsed = DecryptRequestSchema.safeParse(raw);
+                    if (!parsed.success) {
+                        response = {
+                            ok: false,
+                            error: `Invalid request: ${parsed.error.issues.map((i) => i.message).join(", ")}`,
+                        };
+                    }
+                    else {
+                        response = await handleDecryptRequest(parsed.data);
+                    }
+                }
+                catch (err) {
+                    response = {
+                        ok: false,
+                        error: `Parse error: ${err instanceof Error ? err.message : "unknown error"}`,
+                    };
+                }
+                socket.write(JSON.stringify(response) + "\n");
+                socket.end();
+            })();
+        }
+    });
+    socket.on("error", () => {
+        // Silently handle client disconnects
+    });
+}
+export async function decryptAgentCommand(opts) {
+    if (process.platform === "win32") {
+        process.stderr.write("Error: Decrypt agent is not supported on Windows.\n");
+        process.exit(1);
+    }
+    // Internal daemon mode: receives vault key via IPC from parent
+    if (process.env._PSSO_DAEMON === "1") {
+        return runDaemonChild();
+    }
+    const socketPath = getDecryptSocketPath();
+    // Prompt for passphrase via TTY — explicitly does NOT use PSSO_PASSPHRASE env
+    if (!process.stdin.isTTY) {
+        process.stderr.write("Error: No TTY available. The decrypt agent requires a TTY for passphrase input.\n" +
+            "Run in an interactive terminal.\n");
+        process.exit(1);
+    }
+    // In --eval mode, stdout is captured by the shell — write prompt to stderr
+    const passphrase = await readPassphrase("Master passphrase: ", { useStderr: opts.eval });
+    if (!passphrase) {
+        process.stderr.write("Error: Passphrase is required.\n");
+        process.exit(1);
+    }
+    const unlocked = await unlockWithPassphrase(passphrase);
+    if (!unlocked) {
+        process.exit(1);
+    }
+    if (opts.eval) {
+        // Fork as background daemon, pass vault key via IPC
+        return forkDaemon(socketPath);
+    }
+    // Foreground mode
+    startForegroundAgent(socketPath);
+}
+/**
+ * --eval mode: fork a detached child, pass vault key via IPC, output eval commands, exit.
+ */
+async function forkDaemon(socketPath) {
+    const secretBytes = getSecretKeyBytes();
+    if (!secretBytes) {
+        process.stderr.write("Error: Secret key bytes not available.\n");
+        process.exit(1);
+    }
+    // Send secret key bytes (not derived CryptoKey) — child will derive encryption key
+    const secretHex = hexEncode(secretBytes);
+    const userId = getUserId();
+    // Reconstruct args for child: remove --eval, add internal daemon flag.
+    // Preserve tsx loader flags (--require, --import) so .ts files work in child.
+    const childArgs = [
+        ...process.execArgv.filter((a) => !a.startsWith("--eval")),
+        ...process.argv.slice(1).filter((a) => a !== "--eval"),
+    ];
+    const child = spawn(process.execPath, childArgs, {
+        detached: true,
+        stdio: ["ignore", "ignore", "inherit", "ipc"],
+        env: { ...process.env, _PSSO_DAEMON: "1" },
+    });
+    // Send secret key bytes + userId to child via IPC (child derives encryption key)
+    child.send({ secretHex, userId });
+    // Wait briefly for child to acknowledge, then output eval commands
+    child.on("message", () => {
+        console.log(`PSSO_AGENT_SOCK='${socketPath}'; export PSSO_AGENT_SOCK;`);
+        console.log(`PSSO_AGENT_PID='${child.pid}'; export PSSO_AGENT_PID;`);
+        console.log(`trap 'kill ${child.pid} 2>/dev/null; rm -f ${socketPath}' EXIT;`);
+        child.unref();
+        child.disconnect();
+        process.exit(0);
+    });
+    // If child exits before acknowledging, report error
+    child.on("exit", (code) => {
+        process.stderr.write(`Agent child exited unexpectedly with code ${code}\n`);
+        process.exit(1);
+    });
+    // Timeout if child doesn't respond
+    setTimeout(() => {
+        process.stderr.write("Error: Agent child did not respond within 10s.\n");
+        child.kill();
+        process.exit(1);
+    }, 10_000);
+}
+/**
+ * Internal: runs as the daemon child process (forked by --eval).
+ * Receives vault key via IPC from parent, then starts the agent.
+ */
+function runDaemonChild() {
+    return new Promise((resolve) => {
+        process.on("message", async (msg) => {
+            try {
+                // Derive encryption key from secret key bytes
+                const { hexDecode, deriveEncryptionKey } = await import("../lib/crypto.js");
+                const secretBytes = hexDecode(msg.secretHex);
+                const key = await deriveEncryptionKey(secretBytes);
+                setEncryptionKey(key, msg.userId ?? undefined);
+                // Acknowledge to parent
+                process.send("ready");
+                // Disconnect IPC (no longer needed)
+                if (process.disconnect)
+                    process.disconnect();
+                // Start agent in foreground (this process stays running)
+                const socketPath = getDecryptSocketPath();
+                startForegroundAgent(socketPath);
+                resolve();
+            }
+            catch (err) {
+                process.stderr.write(`Daemon init error: ${err}\n`);
+                process.exit(1);
+            }
+        });
+    });
+}
+/**
+ * Start the agent in foreground mode (used by both direct and daemon child).
+ */
+async function startForegroundAgent(socketPath) {
+    startBackgroundRefresh();
+    prepareSocket(socketPath);
+    const server = createServer(handleConnection);
+    server.listen(socketPath, () => {
+        chmodSync(socketPath, 0o600);
+        output.success("Decrypt agent started.");
+        output.info(`Socket: ${socketPath}`);
+        output.info("In another terminal, run:");
+        console.log(`  export PSSO_AGENT_SOCK='${socketPath}'`);
+        output.info("Press Ctrl+C to stop the agent.");
+    });
+    server.on("error", (err) => {
+        process.stderr.write(`Agent socket error: ${err.message}\n`);
+        process.exit(1);
+    });
+    // Clean up on process exit
+    const cleanup = () => {
+        server.close();
+        try {
+            unlinkSync(socketPath);
+        }
+        catch {
+            // Already cleaned up
+        }
+    };
+    process.on("exit", cleanup);
+    process.on("SIGINT", () => {
+        cleanup();
+        process.exit(0);
+    });
+    process.on("SIGTERM", () => {
+        cleanup();
+        process.exit(0);
+    });
+    // Keep process running
+    await new Promise(() => {
+        // Never resolves — process exits via signal handlers
+    });
+}
+//# sourceMappingURL=agent-decrypt.js.map

package/dist/commands/agent.d.ts

@@ -0,0 +1,13 @@
+/**
+ * `passwd-sso agent` — Start an SSH agent backed by vault SSH keys.
+ *
+ * Usage:
+ *   eval $(passwd-sso agent --eval)   # Set SSH_AUTH_SOCK
+ *   ssh-add -l                         # List vault SSH keys
+ *   ssh -T git@github.com              # Use via agent
+ */
+export interface AgentOptions {
+    eval?: boolean;
+    decrypt?: boolean;
+}
+export declare function agentCommand(opts: AgentOptions): Promise<void>;

package/dist/commands/agent.js

@@ -0,0 +1,116 @@
+/**
+ * `passwd-sso agent` — Start an SSH agent backed by vault SSH keys.
+ *
+ * Usage:
+ *   eval $(passwd-sso agent --eval)   # Set SSH_AUTH_SOCK
+ *   ssh-add -l                         # List vault SSH keys
+ *   ssh -T git@github.com              # Use via agent
+ */
+import { apiRequest } from "../lib/api-client.js";
+import { decryptData } from "../lib/crypto.js";
+import { buildPersonalEntryAAD } from "../lib/crypto-aad.js";
+import { getEncryptionKey, getUserId, isUnlocked } from "../lib/vault-state.js";
+import { autoUnlockIfNeeded } from "./unlock.js";
+import { loadKey, clearKeys } from "../lib/ssh-key-agent.js";
+import { startAgent, stopAgent } from "../lib/ssh-agent-socket.js";
+import { decryptAgentCommand } from "./agent-decrypt.js";
+import * as output from "../lib/output.js";
+/**
+ * Build an SSH public key blob from the stored public key string.
+ * The public key is in OpenSSH format: "ssh-ed25519 AAAA... comment"
+ */
+function parsePublicKeyBlob(publicKeyStr) {
+    const parts = publicKeyStr.trim().split(/\s+/);
+    if (parts.length < 2)
+        return null;
+    try {
+        return Buffer.from(parts[1], "base64");
+    }
+    catch {
+        return null;
+    }
+}
+export async function agentCommand(opts) {
+    if (opts.decrypt) {
+        return decryptAgentCommand({ eval: opts.eval });
+    }
+    if (!await autoUnlockIfNeeded()) {
+        output.error("Vault is locked. Run `passwd-sso unlock` first, or set PSSO_PASSPHRASE.");
+        process.exit(1);
+    }
+    const encryptionKey = getEncryptionKey();
+    if (!encryptionKey) {
+        output.error("Encryption key not available.");
+        process.exit(1);
+    }
+    const userId = getUserId();
+    // Fetch all SSH_KEY entries from the vault
+    const res = await apiRequest("/api/passwords?type=SSH_KEY&include=blob");
+    if (!res.ok) {
+        output.error(`Failed to fetch SSH keys: HTTP ${res.status}`);
+        process.exit(1);
+    }
+    const entries = res.data;
+    if (entries.length === 0) {
+        output.error("No SSH keys found in vault.");
+        process.exit(1);
+    }
+    // Decrypt and load each SSH key
+    let loadedCount = 0;
+    for (const entry of entries) {
+        try {
+            const aad = entry.aadVersion >= 1 && userId
+                ? buildPersonalEntryAAD(userId, entry.id)
+                : undefined;
+            const plaintext = await decryptData(entry.encryptedBlob, encryptionKey, aad);
+            const blob = JSON.parse(plaintext);
+            if (!blob.privateKey || !blob.publicKey)
+                continue;
+            const publicKeyBlob = parsePublicKeyBlob(blob.publicKey);
+            if (!publicKeyBlob)
+                continue;
+            await loadKey(entry.id, blob.privateKey, publicKeyBlob, blob.comment ?? blob.title ?? "", blob.passphrase);
+            loadedCount++;
+        }
+        catch (err) {
+            output.warn(`Failed to load SSH key ${entry.id}: ${err instanceof Error ? err.message : "unknown error"}`);
+        }
+    }
+    if (loadedCount === 0) {
+        output.error("No valid SSH keys could be loaded.");
+        process.exit(1);
+    }
+    // Start the agent socket
+    const socketPath = startAgent();
+    if (opts.eval) {
+        // Output shell commands to set SSH_AUTH_SOCK
+        // The user runs: eval $(passwd-sso agent --eval)
+        console.log(`SSH_AUTH_SOCK=${socketPath}; export SSH_AUTH_SOCK;`);
+        console.log(`echo "Agent pid ${process.pid}";`);
+    }
+    else {
+        output.success(`SSH agent started with ${loadedCount} key(s).`);
+        output.info(`Socket: ${socketPath}`);
+        output.info("Set SSH_AUTH_SOCK:");
+        console.log(`  export SSH_AUTH_SOCK=${socketPath}`);
+        output.info("Or use:");
+        console.log(`  eval $(passwd-sso agent --eval)`);
+    }
+    // Keep process running until interrupted
+    output.info("Press Ctrl+C to stop the agent.");
+    // Handle vault lock → clear keys
+    const checkLock = setInterval(() => {
+        if (!isUnlocked()) {
+            output.warn("Vault locked — clearing agent keys.");
+            clearKeys();
+            stopAgent();
+            clearInterval(checkLock);
+            process.exit(0);
+        }
+    }, 5000);
+    // Wait forever (signal handlers in ssh-agent-socket.ts handle cleanup)
+    await new Promise(() => {
+        // Never resolves — process exits via signal handlers
+    });
+}
+//# sourceMappingURL=agent.js.map

package/dist/commands/api-key.d.ts

@@ -0,0 +1,22 @@
+/**
+ * `passwd-sso api-key` — Manage API keys.
+ *
+ * Subcommands:
+ *   list   — List API keys
+ *   create — Create a new API key
+ *   revoke — Revoke an API key
+ */
+export declare function apiKeyListCommand(options?: {
+    json?: boolean;
+}): Promise<void>;
+interface CreateOptions {
+    name: string;
+    scopes: string[];
+    days: number;
+    json?: boolean;
+}
+export declare function apiKeyCreateCommand(opts: CreateOptions): Promise<void>;
+export declare function apiKeyRevokeCommand(id: string, options?: {
+    json?: boolean;
+}): Promise<void>;
+export {};

package/dist/commands/api-key.js

@@ -0,0 +1,118 @@
+/**
+ * `passwd-sso api-key` — Manage API keys.
+ *
+ * Subcommands:
+ *   list   — List API keys
+ *   create — Create a new API key
+ *   revoke — Revoke an API key
+ */
+import { apiRequest } from "../lib/api-client.js";
+import * as output from "../lib/output.js";
+export async function apiKeyListCommand(options = {}) {
+    const res = await apiRequest("/api/api-keys");
+    if (!res.ok) {
+        output.error(`Failed to list API keys: HTTP ${res.status}`);
+        return;
+    }
+    const keys = res.data;
+    if (keys.length === 0) {
+        if (options.json) {
+            output.json([]);
+        }
+        else {
+            output.info("No API keys found.");
+        }
+        return;
+    }
+    if (options.json) {
+        output.json(keys.map((key) => ({
+            id: key.id,
+            name: key.name,
+            prefix: key.prefix,
+            scopes: key.scopes,
+            status: key.revokedAt
+                ? "revoked"
+                : new Date(key.expiresAt) < new Date()
+                    ? "expired"
+                    : "active",
+            expiresAt: key.expiresAt,
+            createdAt: key.createdAt,
+            revokedAt: key.revokedAt,
+            lastUsedAt: key.lastUsedAt,
+        })));
+        return;
+    }
+    const rows = [];
+    for (const key of keys) {
+        const status = key.revokedAt
+            ? "revoked"
+            : new Date(key.expiresAt) < new Date()
+                ? "expired"
+                : "active";
+        rows.push([
+            key.id,
+            key.name,
+            key.prefix + "...",
+            key.scopes.join(", "),
+            status,
+            new Date(key.expiresAt).toLocaleDateString(),
+            key.lastUsedAt ? new Date(key.lastUsedAt).toLocaleDateString() : "never",
+        ]);
+    }
+    output.table(["ID", "Name", "Prefix", "Scopes", "Status", "Expires", "Last Used"], rows);
+}
+export async function apiKeyCreateCommand(opts) {
+    const expiresAt = new Date();
+    expiresAt.setDate(expiresAt.getDate() + opts.days);
+    const res = await apiRequest("/api/api-keys", {
+        method: "POST",
+        body: {
+            name: opts.name,
+            scope: opts.scopes,
+            expiresAt: expiresAt.toISOString(),
+        },
+    });
+    if (!res.ok) {
+        const err = res.data;
+        output.error(`Failed to create API key: ${err.error ?? `HTTP ${res.status}`}`);
+        return;
+    }
+    if (opts.json) {
+        output.json({
+            id: res.data.id,
+            token: res.data.token,
+            name: res.data.name,
+            prefix: res.data.prefix,
+            scopes: res.data.scopes,
+            expiresAt: res.data.expiresAt,
+        });
+        return;
+    }
+    output.success("API key created:");
+    console.log(`  Name:    ${res.data.name}`);
+    console.log(`  Scopes:  ${res.data.scopes.join(", ")}`);
+    console.log(`  Expires: ${new Date(res.data.expiresAt).toLocaleDateString()}`);
+    console.log();
+    output.warn("Copy this token — it will not be shown again:");
+    console.log(`  ${res.data.token}`);
+}
+export async function apiKeyRevokeCommand(id, options = {}) {
+    const res = await apiRequest(`/api/api-keys/${encodeURIComponent(id)}`, { method: "DELETE" });
+    if (!res.ok) {
+        const err = res.data;
+        if (options.json) {
+            output.json({ success: false, error: err.error ?? `HTTP ${res.status}` });
+        }
+        else {
+            output.error(`Failed to revoke API key: ${err.error ?? `HTTP ${res.status}`}`);
+        }
+        return;
+    }
+    if (options.json) {
+        output.json({ success: true, id });
+    }
+    else {
+        output.success("API key revoked.");
+    }
+}
+//# sourceMappingURL=api-key.js.map

package/dist/commands/decrypt.d.ts

@@ -0,0 +1,17 @@
+/**
+ * `passwd-sso decrypt <id>` — Thin client that connects to the decrypt agent socket.
+ * Sends a decrypt request and prints the result to stdout.
+ * Used by Claude Code hooks to decrypt credentials without exposing them to the LLM.
+ *
+ * Usage:
+ *   passwd-sso decrypt <entryId> --field password --mcp-client <mcpc_xxx>
+ *   passwd-sso decrypt <entryId> --json --mcp-client <mcpc_xxx>
+ *   passwd-sso decrypt abc123 --field password --mcp-client mcpc_xxx | curl --config - ...
+ *
+ * --json outputs all decrypted fields as JSON (ignores --field).
+ */
+export declare function decryptCommand(id: string, options: {
+    field?: string;
+    mcpClient: string;
+    json?: boolean;
+}): Promise<void>;