sovr-mcp-proxy 6.0.1 → 7.0.0

package/dist/hooksAdapter.mjs

@@ -0,0 +1,291 @@
+// src/hooksAdapter.ts
+import { writeFileSync, readFileSync, existsSync, mkdirSync, chmodSync } from "fs";
+import { join, dirname } from "path";
+import { homedir } from "os";
+var DEFAULT_TOOL_PATTERNS = [
+  "Bash",
+  "bash",
+  "shell",
+  "execute_command",
+  "Write",
+  // File write operations
+  "Edit",
+  // File edit operations
+  "MultiEdit"
+  // Multi-file edit operations
+];
+var DEFAULT_HOOK_TIMEOUT = 10;
+function generateHookScript(config) {
+  const failExit = config.failMode === "closed" ? 2 : 0;
+  const endpoint = config.endpoint || "http://localhost:45557";
+  const apiKeyRef = config.apiKey ? `"${config.apiKey}"` : '"${SOVR_API_KEY:-}"';
+  return `#!/bin/bash
+# SOVR PreToolUse Hook for Claude Code
+# Generated by: npx sovr-mcp-proxy init --claude-code
+# 
+# This hook intercepts ALL tool calls and evaluates them against
+# SOVR security policies BEFORE Claude Code executes them.
+#
+# Exit codes:
+#   0 = ALLOW (proceed with tool call)
+#   2 = BLOCK (reject tool call)
+#
+# Environment:
+#   SOVR_API_KEY     \u2014 API key for SOVR authentication
+#   SOVR_ENDPOINT    \u2014 SOVR daemon endpoint (default: ${endpoint})
+#   SOVR_FAIL_MODE   \u2014 'open' (default) or 'closed'
+#   SOVR_HOOK_DEBUG  \u2014 Set to '1' for debug logging
+
+set -euo pipefail
+
+# Configuration
+SOVR_ENDPOINT="\${SOVR_ENDPOINT:-${endpoint}}"
+SOVR_API_KEY=${apiKeyRef}
+SOVR_FAIL_MODE="\${SOVR_FAIL_MODE:-${config.failMode || "open"}}"
+SOVR_HOOK_DEBUG="\${SOVR_HOOK_DEBUG:-0}"
+FAIL_EXIT=${failExit}
+
+# Debug logging
+debug() {
+  if [ "$SOVR_HOOK_DEBUG" = "1" ]; then
+    echo "[SOVR-HOOK $(date -u +%H:%M:%S)] $*" >&2
+  fi
+}
+
+# Read hook input from stdin
+INPUT=$(cat)
+debug "Input: $INPUT"
+
+# Extract tool name and input from JSON
+TOOL_NAME=$(echo "$INPUT" | grep -o '"tool_name":"[^"]*"' | head -1 | cut -d'"' -f4 2>/dev/null || echo "unknown")
+TOOL_INPUT=$(echo "$INPUT" | grep -o '"tool_input":{[^}]*}' | head -1 2>/dev/null || echo "{}")
+
+debug "Tool: $TOOL_NAME"
+
+# Skip non-dangerous tools (read-only operations)
+case "$TOOL_NAME" in
+  Read|View|LS|Glob|Grep|TodoRead|WebFetch|WebSearch)
+    debug "SKIP: Read-only tool $TOOL_NAME"
+    exit 0
+    ;;
+esac
+
+# Extract command for Bash tools
+COMMAND=""
+case "$TOOL_NAME" in
+  Bash|bash|shell|execute_command)
+    COMMAND=$(echo "$TOOL_INPUT" | grep -o '"command":"[^"]*"' | head -1 | cut -d'"' -f4 2>/dev/null || echo "")
+    ;;
+  Write|Edit|MultiEdit)
+    COMMAND=$(echo "$TOOL_INPUT" | grep -o '"file_path":"[^"]*"' | head -1 | cut -d'"' -f4 2>/dev/null || echo "")
+    ;;
+esac
+
+debug "Command: $COMMAND"
+
+# Call SOVR daemon for evaluation
+RESPONSE=$(curl -s -X POST "$SOVR_ENDPOINT/api/hook/evaluate" \\
+  -H "Content-Type: application/json" \\
+  -H "X-SOVR-API-Key: $SOVR_API_KEY" \\
+  -d "{
+    \\"tool_name\\": \\"$TOOL_NAME\\",
+    \\"command\\": $(echo "$COMMAND" | python3 -c 'import json,sys; print(json.dumps(sys.stdin.read()))' 2>/dev/null || echo '""'),
+    \\"channel\\": \\"hooks\\",
+    \\"context\\": {
+      \\"platform\\": \\"claude-code\\",
+      \\"hook_event\\": \\"PreToolUse\\"
+    }
+  }" \\
+  --connect-timeout 3 --max-time 5 2>/dev/null) || {
+  debug "SOVR daemon unreachable, fail-$SOVR_FAIL_MODE"
+  exit $FAIL_EXIT
+}
+
+debug "Response: $RESPONSE"
+
+# Parse verdict
+VERDICT=$(echo "$RESPONSE" | grep -o '"verdict":"[^"]*"' | head -1 | cut -d'"' -f4 2>/dev/null || echo "")
+REASON=$(echo "$RESPONSE" | grep -o '"reason":"[^"]*"' | head -1 | cut -d'"' -f4 2>/dev/null || echo "Policy evaluation failed")
+
+case "$VERDICT" in
+  allow)
+    debug "ALLOWED: $TOOL_NAME"
+    exit 0
+    ;;
+  deny)
+    debug "BLOCKED: $TOOL_NAME \u2014 $REASON"
+    # Output block reason as JSON for Claude Code to display
+    echo "{\\"error\\": \\"SOVR Policy Violation: $REASON\\"}"
+    exit 2
+    ;;
+  escalate)
+    debug "ESCALATED: $TOOL_NAME \u2014 requires approval"
+    echo "{\\"error\\": \\"SOVR: This action requires human approval. Reason: $REASON\\"}"
+    exit 2
+    ;;
+  *)
+    debug "UNKNOWN verdict: $VERDICT, fail-$SOVR_FAIL_MODE"
+    exit $FAIL_EXIT
+    ;;
+esac
+`;
+}
+function generateAuditHookScript(config) {
+  const endpoint = config.endpoint || "http://localhost:45557";
+  const apiKeyRef = config.apiKey ? `"${config.apiKey}"` : '"${SOVR_API_KEY:-}"';
+  return `#!/bin/bash
+# SOVR PostToolUse Audit Hook for Claude Code
+# Records tool execution results for audit trail
+set -euo pipefail
+
+SOVR_ENDPOINT="\${SOVR_ENDPOINT:-${endpoint}}"
+SOVR_API_KEY=${apiKeyRef}
+
+INPUT=$(cat)
+TOOL_NAME=$(echo "$INPUT" | grep -o '"tool_name":"[^"]*"' | head -1 | cut -d'"' -f4 2>/dev/null || echo "unknown")
+
+# Fire-and-forget audit log
+curl -s -X POST "$SOVR_ENDPOINT/api/hook/audit" \\
+  -H "Content-Type: application/json" \\
+  -H "X-SOVR-API-Key: $SOVR_API_KEY" \\
+  -d "{
+    \\"tool_name\\": \\"$TOOL_NAME\\",
+    \\"event\\": \\"PostToolUse\\",
+    \\"timestamp\\": $(date +%s)000
+  }" \\
+  --connect-timeout 2 --max-time 3 2>/dev/null &
+
+# Always allow (audit is non-blocking)
+exit 0
+`;
+}
+function generateHooksConfig(config) {
+  const hookScriptPath = getHookScriptPath();
+  const timeout = config.hookTimeout || DEFAULT_HOOK_TIMEOUT;
+  const hooks = {
+    PreToolUse: []
+  };
+  const patterns = config.toolPatterns || DEFAULT_TOOL_PATTERNS;
+  for (const pattern of patterns) {
+    hooks.PreToolUse.push({
+      matcher: { tool_name: pattern },
+      hooks: [{ command: hookScriptPath, timeout }]
+    });
+  }
+  if (config.addAuditHook) {
+    const auditScriptPath = getAuditHookScriptPath();
+    hooks.PostToolUse = patterns.map((pattern) => ({
+      matcher: { tool_name: pattern },
+      hooks: [{ command: auditScriptPath, timeout: 5 }]
+    }));
+  }
+  return hooks;
+}
+function installHooks(config) {
+  const settingsPath = config.settingsPath || getDefaultSettingsPath();
+  const hookScriptPath = getHookScriptPath();
+  const auditScriptPath = config.addAuditHook ? getAuditHookScriptPath() : void 0;
+  const settingsDir = dirname(settingsPath);
+  const hooksDir = dirname(hookScriptPath);
+  mkdirSync(settingsDir, { recursive: true });
+  mkdirSync(hooksDir, { recursive: true });
+  writeFileSync(hookScriptPath, generateHookScript(config), "utf-8");
+  chmodSync(hookScriptPath, 493);
+  if (auditScriptPath) {
+    writeFileSync(auditScriptPath, generateAuditHookScript(config), "utf-8");
+    chmodSync(auditScriptPath, 493);
+  }
+  let existingSettings = {};
+  let backup;
+  if (existsSync(settingsPath)) {
+    try {
+      const raw = readFileSync(settingsPath, "utf-8");
+      existingSettings = JSON.parse(raw);
+      backup = `${settingsPath}.sovr-backup.${Date.now()}`;
+      writeFileSync(backup, raw, "utf-8");
+    } catch {
+    }
+  }
+  const sovrHooks = generateHooksConfig(config);
+  const mergedHooks = {};
+  if (existingSettings.hooks) {
+    for (const [event, defs] of Object.entries(existingSettings.hooks)) {
+      mergedHooks[event] = defs.filter(
+        (d) => !d.hooks.some((h) => h.command.includes("sovr"))
+      );
+    }
+  }
+  for (const [event, defs] of Object.entries(sovrHooks)) {
+    if (!mergedHooks[event]) mergedHooks[event] = [];
+    mergedHooks[event].push(...defs);
+  }
+  const updatedSettings = {
+    ...existingSettings,
+    hooks: mergedHooks
+  };
+  writeFileSync(settingsPath, JSON.stringify(updatedSettings, null, 2), "utf-8");
+  return {
+    settingsPath,
+    hookScriptPath,
+    auditScriptPath,
+    installed: true,
+    backup
+  };
+}
+function uninstallHooks(config) {
+  const settingsPath = config?.settingsPath || getDefaultSettingsPath();
+  if (!existsSync(settingsPath)) {
+    return { removed: false, settingsPath };
+  }
+  try {
+    const raw = readFileSync(settingsPath, "utf-8");
+    const settings = JSON.parse(raw);
+    if (settings.hooks) {
+      for (const [event, defs] of Object.entries(settings.hooks)) {
+        settings.hooks[event] = defs.filter(
+          (d) => !d.hooks.some((h) => h.command.includes("sovr"))
+        );
+      }
+    }
+    writeFileSync(settingsPath, JSON.stringify(settings, null, 2), "utf-8");
+    return { removed: true, settingsPath };
+  } catch {
+    return { removed: false, settingsPath };
+  }
+}
+function getDefaultSettingsPath() {
+  return join(homedir(), ".claude", "settings.json");
+}
+function getHookScriptPath() {
+  return join(homedir(), ".sovr", "hooks", "sovr-pretool-hook.sh");
+}
+function getAuditHookScriptPath() {
+  return join(homedir(), ".sovr", "hooks", "sovr-posttool-audit.sh");
+}
+function detectClaudeCode() {
+  const defaultPath = getDefaultSettingsPath();
+  if (existsSync(dirname(defaultPath))) {
+    return {
+      found: true,
+      settingsPath: defaultPath
+    };
+  }
+  const altPaths = [
+    join(homedir(), ".config", "claude", "settings.json"),
+    join(homedir(), "Library", "Application Support", "Claude", "settings.json")
+  ];
+  for (const p of altPaths) {
+    if (existsSync(dirname(p))) {
+      return { found: true, settingsPath: p };
+    }
+  }
+  return { found: false };
+}
+export {
+  detectClaudeCode,
+  generateAuditHookScript,
+  generateHookScript,
+  generateHooksConfig,
+  installHooks,
+  uninstallHooks
+};