wave-agent-sdk 0.15.7 → 0.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/managers/aiManager.d.ts.map +1 -1
- package/dist/managers/aiManager.js +24 -0
- package/dist/managers/backgroundTaskManager.d.ts.map +1 -1
- package/dist/managers/backgroundTaskManager.js +1 -0
- package/dist/managers/hookManager.d.ts +1 -1
- package/dist/managers/hookManager.d.ts.map +1 -1
- package/dist/managers/permissionManager.d.ts +2 -0
- package/dist/managers/permissionManager.d.ts.map +1 -1
- package/dist/managers/permissionManager.js +54 -0
- package/dist/managers/slashCommandManager.d.ts +1 -0
- package/dist/managers/slashCommandManager.d.ts.map +1 -1
- package/dist/managers/slashCommandManager.js +40 -0
- package/dist/managers/subagentManager.d.ts +6 -1
- package/dist/managers/subagentManager.d.ts.map +1 -1
- package/dist/managers/subagentManager.js +11 -8
- package/dist/services/authService.d.ts +28 -0
- package/dist/services/authService.d.ts.map +1 -0
- package/dist/services/authService.js +175 -0
- package/dist/services/configurationService.d.ts +5 -1
- package/dist/services/configurationService.d.ts.map +1 -1
- package/dist/services/configurationService.js +37 -1
- package/dist/tools/bashTool.d.ts.map +1 -1
- package/dist/tools/bashTool.js +1 -0
- package/dist/types/auth.d.ts +4 -0
- package/dist/types/auth.d.ts.map +1 -0
- package/dist/types/auth.js +1 -0
- package/dist/types/hooks.d.ts +2 -2
- package/dist/types/hooks.d.ts.map +1 -1
- package/dist/types/index.d.ts +1 -0
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +1 -0
- package/dist/utils/containerSetup.d.ts.map +1 -1
- package/dist/utils/containerSetup.js +5 -0
- package/package.json +1 -1
- package/src/index.ts +1 -0
- package/src/managers/aiManager.ts +34 -0
- package/src/managers/backgroundTaskManager.ts +1 -0
- package/src/managers/hookManager.ts +1 -1
- package/src/managers/permissionManager.ts +67 -0
- package/src/managers/slashCommandManager.ts +59 -0
- package/src/managers/subagentManager.ts +16 -9
- package/src/services/authService.ts +234 -0
- package/src/services/configurationService.ts +43 -1
- package/src/tools/bashTool.ts +1 -0
- package/src/types/auth.ts +3 -0
- package/src/types/hooks.ts +2 -2
- package/src/types/index.ts +1 -0
- package/src/utils/containerSetup.ts +6 -0
package/dist/index.d.ts
CHANGED
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,cAAc,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,cAAc,mBAAmB,CAAC;AAClC,cAAc,2BAA2B,CAAC;AAG1C,cAAc,sBAAsB,CAAC;AAGrC,cAAc,YAAY,CAAC;AAC3B,cAAc,kBAAkB,CAAC;AACjC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,4BAA4B,CAAC;AAG3C,cAAc,uBAAuB,CAAC;AACtC,cAAc,kCAAkC,CAAC;AACjD,cAAc,uBAAuB,CAAC;AACtC,cAAc,yBAAyB,CAAC;AACxC,cAAc,qBAAqB,CAAC;AACpC,cAAc,8BAA8B,CAAC;AAC7C,cAAc,4BAA4B,CAAC;AAC3C,cAAc,iBAAiB,CAAC;AAChC,cAAc,0BAA0B,CAAC;AACzC,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,6BAA6B,CAAC;AAC5C,cAAc,qBAAqB,CAAC;AACpC,cAAc,0BAA0B,CAAC;AACzC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,kBAAkB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"aiManager.d.ts","sourceRoot":"","sources":["../../src/managers/aiManager.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,aAAa,EACb,WAAW,EACX,KAAK,EAGN,MAAM,mBAAmB,CAAC;AAY3B,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAclD,MAAM,WAAW,kBAAkB;IACjC,uBAAuB,CAAC,EAAE,CAAC,YAAY,EAAE,OAAO,KAAK,IAAI,CAAC;IAC1D,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;CACvC;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,CAAC,EAAE,kBAAkB,CAAC;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,uEAAuE;IACvE,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,kDAAkD;IAClD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,6FAA6F;IAC7F,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,qBAAa,SAAS;IAgBlB,OAAO,CAAC,SAAS;IAfZ,SAAS,EAAE,OAAO,CAAS;IAClC,OAAO,CAAC,eAAe,CAAgC;IACvD,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,IAAI,CAAC;IAC7C,OAAO,CAAC,mBAAmB,CAAgC;IAC3D,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,MAAM,CAAU;IACxB,OAAO,CAAC,aAAa,CAAC,CAAS;IAC/B,OAAO,CAAC,6BAA6B,CAAa;IAClD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAS;IACnC,sEAAsE;IACtE,OAAO,CAAC,eAAe,CAAqB;gBAIlC,SAAS,EAAE,SAAS,EAC5B,OAAO,EAAE,gBAAgB;IAU3B,OAAO,KAAK,WAAW,GAEtB;IAED,OAAO,KAAK,cAAc,GAEzB;IAED,OAAO,KAAK,aAAa,GAIxB;IAED,OAAO,KAAK,WAAW,GAItB;IAED,OAAO,KAAK,qBAAqB,GAEhC;IAED,OAAO,KAAK,WAAW,GAEtB;IAED,OAAO,KAAK,gBAAgB,GAM3B;IAED,OAAO,KAAK,iBAAiB,GAE5B;IAED,OAAO,KAAK,oBAAoB,GAE/B;IAGM,gBAAgB,IAAI,aAAa;IAIjC,cAAc,IAAI,WAAW;IA6B7B,iBAAiB,IAAI,MAAM;IAI3B,WAAW,IAAI,MAAM,GAAG,SAAS;IAIjC,oBAAoB,IAAI,OAAO;IAI/B,UAAU,IAAI,MAAM;IAI3B;;;OAGG;IACI,UAAU,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAK3C,OAAO,CAAC,YAAY,CAAkB;IACtC,OAAO,CAAC,SAAS,CAAqB;IAEtC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAgBvB,YAAY,CAAC,SAAS,EAAE,OAAO,GAAG,IAAI;IAUtC,cAAc,IAAI,IAAI;IAuB7B,OAAO,CAAC,qBAAqB;YAsBf,6BAA6B;
|
|
1
|
+
{"version":3,"file":"aiManager.d.ts","sourceRoot":"","sources":["../../src/managers/aiManager.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,aAAa,EACb,WAAW,EACX,KAAK,EAGN,MAAM,mBAAmB,CAAC;AAY3B,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAclD,MAAM,WAAW,kBAAkB;IACjC,uBAAuB,CAAC,EAAE,CAAC,YAAY,EAAE,OAAO,KAAK,IAAI,CAAC;IAC1D,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;CACvC;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,CAAC,EAAE,kBAAkB,CAAC;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,uEAAuE;IACvE,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,kDAAkD;IAClD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,6FAA6F;IAC7F,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,qBAAa,SAAS;IAgBlB,OAAO,CAAC,SAAS;IAfZ,SAAS,EAAE,OAAO,CAAS;IAClC,OAAO,CAAC,eAAe,CAAgC;IACvD,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,IAAI,CAAC;IAC7C,OAAO,CAAC,mBAAmB,CAAgC;IAC3D,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,MAAM,CAAU;IACxB,OAAO,CAAC,aAAa,CAAC,CAAS;IAC/B,OAAO,CAAC,6BAA6B,CAAa;IAClD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAS;IACnC,sEAAsE;IACtE,OAAO,CAAC,eAAe,CAAqB;gBAIlC,SAAS,EAAE,SAAS,EAC5B,OAAO,EAAE,gBAAgB;IAU3B,OAAO,KAAK,WAAW,GAEtB;IAED,OAAO,KAAK,cAAc,GAEzB;IAED,OAAO,KAAK,aAAa,GAIxB;IAED,OAAO,KAAK,WAAW,GAItB;IAED,OAAO,KAAK,qBAAqB,GAEhC;IAED,OAAO,KAAK,WAAW,GAEtB;IAED,OAAO,KAAK,gBAAgB,GAM3B;IAED,OAAO,KAAK,iBAAiB,GAE5B;IAED,OAAO,KAAK,oBAAoB,GAE/B;IAGM,gBAAgB,IAAI,aAAa;IAIjC,cAAc,IAAI,WAAW;IA6B7B,iBAAiB,IAAI,MAAM;IAI3B,WAAW,IAAI,MAAM,GAAG,SAAS;IAIjC,oBAAoB,IAAI,OAAO;IAI/B,UAAU,IAAI,MAAM;IAI3B;;;OAGG;IACI,UAAU,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAK3C,OAAO,CAAC,YAAY,CAAkB;IACtC,OAAO,CAAC,SAAS,CAAqB;IAEtC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAgBvB,YAAY,CAAC,SAAS,EAAE,OAAO,GAAG,IAAI;IAUtC,cAAc,IAAI,IAAI;IAuB7B,OAAO,CAAC,qBAAqB;YAsBf,6BAA6B;IAiSpC,eAAe,IAAI,OAAO;IAI1B,eAAe,CAAC,YAAY,EAAE,OAAO,GAAG,IAAI;IAOnD,OAAO,KAAK,eAAe,GAE1B;IAED,OAAO,KAAK,YAAY,GAEvB;IAEY,aAAa,CACxB,OAAO,GAAE;QACP,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,oEAAoE;QACpE,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;QACxB,SAAS,CAAC,EAAE,MAAM,CAAC;KACf,GACL,OAAO,CAAC,IAAI,CAAC;IA6tBhB;;;;OAIG;YACW,gBAAgB;IAkF9B;;;OAGG;YACW,sBAAsB;IAsEpC;;OAEG;YACW,uBAAuB;IA2DrC;;;;OAIG;IACH,OAAO,CAAC,oBAAoB;CAkC7B"}
|
|
@@ -340,6 +340,30 @@ export class AIManager {
|
|
|
340
340
|
afterTokens: "1",
|
|
341
341
|
model: this.getModelConfig().fastModel,
|
|
342
342
|
}).catch(() => { });
|
|
343
|
+
// Run SessionStart hooks after compaction to restore context
|
|
344
|
+
if (this.hookManager) {
|
|
345
|
+
try {
|
|
346
|
+
const newSessionId = this.messageManager.getSessionId();
|
|
347
|
+
const sessionStartResult = await this.hookManager.executeSessionStartHooks("compact", newSessionId, this.messageManager.getTranscriptPath(), this.subagentType);
|
|
348
|
+
// Inject additionalContext as a meta user message
|
|
349
|
+
if (sessionStartResult.additionalContext) {
|
|
350
|
+
this.messageManager.addUserMessage({
|
|
351
|
+
content: `<system-reminder>\nSessionStart hook additional context: ${sessionStartResult.additionalContext}\n</system-reminder>`,
|
|
352
|
+
isMeta: true,
|
|
353
|
+
});
|
|
354
|
+
}
|
|
355
|
+
// Inject initialUserMessage as a meta user message
|
|
356
|
+
if (sessionStartResult.initialUserMessage) {
|
|
357
|
+
this.messageManager.addUserMessage({
|
|
358
|
+
content: sessionStartResult.initialUserMessage,
|
|
359
|
+
isMeta: true,
|
|
360
|
+
});
|
|
361
|
+
}
|
|
362
|
+
}
|
|
363
|
+
catch (error) {
|
|
364
|
+
logger?.warn(`SessionStart hooks on compact failed: ${error.message}`);
|
|
365
|
+
}
|
|
366
|
+
}
|
|
343
367
|
}
|
|
344
368
|
catch (compactError) {
|
|
345
369
|
this.consecutiveCompactionFailures++;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"backgroundTaskManager.d.ts","sourceRoot":"","sources":["../../src/managers/backgroundTaskManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAS,KAAK,YAAY,EAAE,MAAM,eAAe,CAAC;AAIzD,OAAO,EAAE,cAAc,EAAmB,MAAM,uBAAuB,CAAC;AAGxE,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAGlD,MAAM,WAAW,8BAA8B;IAC7C,uBAAuB,CAAC,EAAE,CAAC,KAAK,EAAE,cAAc,EAAE,KAAK,IAAI,CAAC;CAC7D;AAED,MAAM,WAAW,4BAA4B;IAC3C,SAAS,CAAC,EAAE,8BAA8B,CAAC;IAC3C,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,qBAAa,qBAAqB;IAO9B,OAAO,CAAC,SAAS;IANnB,OAAO,CAAC,KAAK,CAAqC;IAClD,OAAO,CAAC,MAAM,CAAK;IACnB,OAAO,CAAC,SAAS,CAAiC;IAClD,OAAO,CAAC,OAAO,CAAS;gBAGd,SAAS,EAAE,SAAS,EAC5B,OAAO,EAAE,4BAA4B;IAMvC,OAAO,KAAK,iBAAiB,GAE5B;IAED,OAAO,CAAC,iBAAiB;IAIlB,UAAU,IAAI,MAAM;IAIpB,OAAO,CAAC,IAAI,EAAE,cAAc,GAAG,IAAI;IAKnC,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,cAAc,GAAG,SAAS;IAI/C,WAAW,IAAI,cAAc,EAAE;IAI/B,UAAU,CACf,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,MAAM,GACf;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,YAAY,CAAC;QAAC,MAAM,EAAE,MAAM,IAAI,CAAA;KAAE;
|
|
1
|
+
{"version":3,"file":"backgroundTaskManager.d.ts","sourceRoot":"","sources":["../../src/managers/backgroundTaskManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAS,KAAK,YAAY,EAAE,MAAM,eAAe,CAAC;AAIzD,OAAO,EAAE,cAAc,EAAmB,MAAM,uBAAuB,CAAC;AAGxE,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAGlD,MAAM,WAAW,8BAA8B;IAC7C,uBAAuB,CAAC,EAAE,CAAC,KAAK,EAAE,cAAc,EAAE,KAAK,IAAI,CAAC;CAC7D;AAED,MAAM,WAAW,4BAA4B;IAC3C,SAAS,CAAC,EAAE,8BAA8B,CAAC;IAC3C,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,qBAAa,qBAAqB;IAO9B,OAAO,CAAC,SAAS;IANnB,OAAO,CAAC,KAAK,CAAqC;IAClD,OAAO,CAAC,MAAM,CAAK;IACnB,OAAO,CAAC,SAAS,CAAiC;IAClD,OAAO,CAAC,OAAO,CAAS;gBAGd,SAAS,EAAE,SAAS,EAC5B,OAAO,EAAE,4BAA4B;IAMvC,OAAO,KAAK,iBAAiB,GAE5B;IAED,OAAO,CAAC,iBAAiB;IAIlB,UAAU,IAAI,MAAM;IAIpB,OAAO,CAAC,IAAI,EAAE,cAAc,GAAG,IAAI;IAKnC,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,cAAc,GAAG,SAAS;IAI/C,WAAW,IAAI,cAAc,EAAE;IAI/B,UAAU,CACf,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,MAAM,GACf;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,YAAY,CAAC;QAAC,MAAM,EAAE,MAAM,IAAI,CAAA;KAAE;IAwKnD,YAAY,CACjB,KAAK,EAAE,YAAY,EACnB,OAAO,EAAE,MAAM,EACf,aAAa,GAAE,MAAW,EAC1B,aAAa,GAAE,MAAW,GACzB,MAAM;IA+HF,SAAS,CACd,EAAE,EAAE,MAAM,EACV,MAAM,CAAC,EAAE,MAAM,GACd;QACD,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,EAAE,MAAM,CAAC;QACf,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,GAAG,IAAI;IAoCD,QAAQ,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO;IAgC7B,OAAO,IAAI,IAAI;CAUvB"}
|
|
@@ -106,7 +106,7 @@ export declare class HookManager {
|
|
|
106
106
|
* Execute SessionStart hooks during initialization.
|
|
107
107
|
* Collects additionalContext and initialUserMessage from hook stdout.
|
|
108
108
|
*/
|
|
109
|
-
executeSessionStartHooks(source: "startup" | "
|
|
109
|
+
executeSessionStartHooks(source: "startup" | "compact" | "clear", sessionId: string, transcriptPath: string, agentType?: string): Promise<{
|
|
110
110
|
results: HookExecutionResult[];
|
|
111
111
|
additionalContext?: string;
|
|
112
112
|
initialUserMessage?: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hookManager.d.ts","sourceRoot":"","sources":["../../src/managers/hookManager.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EACL,KAAK,SAAS,EAEd,KAAK,oBAAoB,EACzB,KAAK,4BAA4B,EACjC,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EAItB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,EACV,iBAAiB,EACjB,wBAAwB,EACzB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAGtD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAIlD,qBAAa,WAAW;IAMpB,OAAO,CAAC,SAAS;IALnB,OAAO,CAAC,aAAa,CAAuC;IAC5D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAc;IACtC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAGvB,SAAS,EAAE,SAAS,EAC5B,OAAO,EAAE,MAAM,EACf,OAAO,GAAE,WAA+B;IAM1C;;;OAGG;IACH,iBAAiB,CACf,SAAS,CAAC,EAAE,wBAAwB,EACpC,YAAY,CAAC,EAAE,wBAAwB,GACtC,IAAI;IAyBP;;;OAGG;IACH,+BAA+B,CAAC,UAAU,EAAE,iBAAiB,GAAG,IAAI,GAAG,IAAI;IA6B3E;;OAEG;IACG,YAAY,CAChB,KAAK,EAAE,SAAS,EAChB,OAAO,EAAE,oBAAoB,GAAG,4BAA4B,GAC3D,OAAO,CAAC,mBAAmB,EAAE,CAAC;IAkHjC;;;OAGG;IACH,kBAAkB,CAChB,KAAK,EAAE,SAAS,EAChB,OAAO,EAAE,mBAAmB,EAAE,EAC9B,cAAc,CAAC,EAAE,cAAc,EAC/B,MAAM,CAAC,EAAE,MAAM,EACf,cAAc,CAAC,EAAE,MAAM,GACtB;QACD,WAAW,EAAE,OAAO,CAAC;QACrB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB;IA2CD;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAiBzB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA0F3B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAQ9B;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,SAAS,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO;IAWtD;;OAEG;IACH,qBAAqB,CAAC,MAAM,EAAE,iBAAiB,GAAG,oBAAoB;IA8DtE;;OAEG;IACH,OAAO,CAAC,4BAA4B;IAyCpC;;OAEG;IACH,gBAAgB,IAAI,wBAAwB,GAAG,SAAS;IAOxD;;OAEG;IACH,kBAAkB,IAAI,IAAI;IAI1B;;OAEG;IACH,OAAO,CAAC,wBAAwB;IA6DhC;;OAEG;IACH,OAAO,CAAC,wBAAwB;IA8BhC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAa/B;;OAEG;IACH,OAAO,CAAC,aAAa;IAwCrB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAmD3B;;OAEG;IACH,qBAAqB,IAAI;QACvB,WAAW,EAAE,MAAM,CAAC;QACpB,YAAY,EAAE,MAAM,CAAC;QACrB,aAAa,EAAE,MAAM,CAAC;QACtB,cAAc,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;KAC3C;IAwDD;;OAEG;IACH,mBAAmB,CACjB,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,wBAAwB,GAC9B,IAAI;IAkBP;;;OAGG;IACG,wBAAwB,CAC5B,MAAM,EAAE,SAAS,GAAG,
|
|
1
|
+
{"version":3,"file":"hookManager.d.ts","sourceRoot":"","sources":["../../src/managers/hookManager.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EACL,KAAK,SAAS,EAEd,KAAK,oBAAoB,EACzB,KAAK,4BAA4B,EACjC,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EAItB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,EACV,iBAAiB,EACjB,wBAAwB,EACzB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAGtD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAIlD,qBAAa,WAAW;IAMpB,OAAO,CAAC,SAAS;IALnB,OAAO,CAAC,aAAa,CAAuC;IAC5D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAc;IACtC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAGvB,SAAS,EAAE,SAAS,EAC5B,OAAO,EAAE,MAAM,EACf,OAAO,GAAE,WAA+B;IAM1C;;;OAGG;IACH,iBAAiB,CACf,SAAS,CAAC,EAAE,wBAAwB,EACpC,YAAY,CAAC,EAAE,wBAAwB,GACtC,IAAI;IAyBP;;;OAGG;IACH,+BAA+B,CAAC,UAAU,EAAE,iBAAiB,GAAG,IAAI,GAAG,IAAI;IA6B3E;;OAEG;IACG,YAAY,CAChB,KAAK,EAAE,SAAS,EAChB,OAAO,EAAE,oBAAoB,GAAG,4BAA4B,GAC3D,OAAO,CAAC,mBAAmB,EAAE,CAAC;IAkHjC;;;OAGG;IACH,kBAAkB,CAChB,KAAK,EAAE,SAAS,EAChB,OAAO,EAAE,mBAAmB,EAAE,EAC9B,cAAc,CAAC,EAAE,cAAc,EAC/B,MAAM,CAAC,EAAE,MAAM,EACf,cAAc,CAAC,EAAE,MAAM,GACtB;QACD,WAAW,EAAE,OAAO,CAAC;QACrB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB;IA2CD;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAiBzB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA0F3B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAQ9B;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,SAAS,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO;IAWtD;;OAEG;IACH,qBAAqB,CAAC,MAAM,EAAE,iBAAiB,GAAG,oBAAoB;IA8DtE;;OAEG;IACH,OAAO,CAAC,4BAA4B;IAyCpC;;OAEG;IACH,gBAAgB,IAAI,wBAAwB,GAAG,SAAS;IAOxD;;OAEG;IACH,kBAAkB,IAAI,IAAI;IAI1B;;OAEG;IACH,OAAO,CAAC,wBAAwB;IA6DhC;;OAEG;IACH,OAAO,CAAC,wBAAwB;IA8BhC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAa/B;;OAEG;IACH,OAAO,CAAC,aAAa;IAwCrB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAmD3B;;OAEG;IACH,qBAAqB,IAAI;QACvB,WAAW,EAAE,MAAM,CAAC;QACpB,YAAY,EAAE,MAAM,CAAC;QACrB,aAAa,EAAE,MAAM,CAAC;QACtB,cAAc,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;KAC3C;IAwDD;;OAEG;IACH,mBAAmB,CACjB,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,wBAAwB,GAC9B,IAAI;IAkBP;;;OAGG;IACG,wBAAwB,CAC5B,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,OAAO,EACvC,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,EACtB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC;QACT,OAAO,EAAE,mBAAmB,EAAE,CAAC;QAC/B,iBAAiB,CAAC,EAAE,MAAM,CAAC;QAC3B,kBAAkB,CAAC,EAAE,MAAM,CAAC;KAC7B,CAAC;IA8CF;;;;OAIG;IACG,sBAAsB,CAC1B,MAAM,EAAE,gBAAgB,EACxB,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,mBAAmB,EAAE,CAAC;CAuBlC"}
|
|
@@ -40,6 +40,8 @@ export declare class PermissionManager {
|
|
|
40
40
|
private systemAdditionalDirectories;
|
|
41
41
|
private planFilePath?;
|
|
42
42
|
private workdir?;
|
|
43
|
+
private worktreeName?;
|
|
44
|
+
private mainRepoRoot?;
|
|
43
45
|
private onConfiguredPermissionModeChange?;
|
|
44
46
|
private _logger?;
|
|
45
47
|
constructor(container: Container, options?: PermissionManagerOptions);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissionManager.d.ts","sourceRoot":"","sources":["../../src/managers/permissionManager.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,KAAK,EACV,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,cAAc,EACf,MAAM,yBAAyB,CAAC;AAEjC,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAiBhD,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;
|
|
1
|
+
{"version":3,"file":"permissionManager.d.ts","sourceRoot":"","sources":["../../src/managers/permissionManager.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,KAAK,EACV,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,cAAc,EACf,MAAM,yBAAyB,CAAC;AAEjC,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAiBhD,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAkElD,MAAM,WAAW,wBAAwB;IACvC,+CAA+C;IAC/C,wBAAwB,CAAC,EAAE,cAAc,CAAC;IAC1C,kCAAkC;IAClC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,iCAAiC;IACjC,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,0DAA0D;IAC1D,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;IAChC,yDAAyD;IACzD,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,8DAA8D;IAC9D,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAC;IACjC,gEAAgE;IAChE,2BAA2B,CAAC,EAAE,MAAM,EAAE,CAAC;IACvC,oCAAoC;IACpC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,sBAAsB;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,qBAAa,iBAAiB;IAiB1B,OAAO,CAAC,SAAS;IAhBnB,OAAO,CAAC,wBAAwB,CAAC,CAAiB;IAClD,OAAO,CAAC,YAAY,CAAgB;IACpC,OAAO,CAAC,WAAW,CAAgB;IACnC,OAAO,CAAC,oBAAoB,CAAgB;IAC5C,OAAO,CAAC,mBAAmB,CAAgB;IAC3C,OAAO,CAAC,cAAc,CAAgB;IACtC,OAAO,CAAC,qBAAqB,CAAgB;IAC7C,OAAO,CAAC,2BAA2B,CAAgB;IACnD,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,OAAO,CAAC,CAAS;IACzB,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,gCAAgC,CAAC,CAAiC;IAC1E,OAAO,CAAC,OAAO,CAAC,CAAS;gBAGf,SAAS,EAAE,SAAS,EAC5B,OAAO,GAAE,wBAA6B;IAmBxC;;OAEG;IACH,OAAO,CAAC,UAAU;IAIlB;;OAEG;IACI,mCAAmC,CACxC,QAAQ,EAAE,CAAC,IAAI,EAAE,cAAc,KAAK,IAAI,GACvC,IAAI;IAIP;;OAEG;IACH,8BAA8B,CAAC,cAAc,CAAC,EAAE,cAAc,GAAG,IAAI;IAcrE;;OAEG;IACI,2BAA2B,IAAI,cAAc,GAAG,SAAS;IAIhE;;OAEG;IACI,eAAe,IAAI,MAAM,EAAE;IAIlC;;OAEG;IACI,cAAc,IAAI,MAAM,EAAE;IAIjC;;OAEG;IACI,uBAAuB,IAAI,MAAM,EAAE;IAI1C;;OAEG;IACI,sBAAsB,IAAI,MAAM,EAAE;IAIzC;;OAEG;IACI,wBAAwB,IAAI,MAAM,EAAE;IAI3C;;OAEG;IACI,8BAA8B,IAAI,MAAM,EAAE;IAIjD;;OAEG;IACI,sBAAsB,IAAI,MAAM,EAAE;IAIzC;;OAEG;IACH,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI;IAIzC;;OAEG;IACH,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI;IAIxC;;OAEG;IACI,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI;IAI/C;;OAEG;IACI,mBAAmB,IAAI,IAAI;IAIlC;;OAEG;IACH,2BAA2B,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,IAAI;IAUxD;;OAEG;IACI,4BAA4B,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAY5D;;OAEG;IACI,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI;IAItD;;OAEG;IACI,eAAe,IAAI,MAAM,GAAG,SAAS;IAI5C;;OAEG;IACI,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO;IAIpD;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAkCxB;;OAEG;IACH,uBAAuB,CAAC,iBAAiB,CAAC,EAAE,cAAc,GAAG,cAAc;IAI3E;;OAEG;IACH,8BAA8B,CAC5B,iBAAiB,CAAC,EAAE,cAAc,GACjC,cAAc;IAejB;;;OAGG;IACG,eAAe,CACnB,OAAO,EAAE,qBAAqB,GAC7B,OAAO,CAAC,kBAAkB,CAAC;IAkP9B;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAO3C;;OAEG;IACI,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAc9C;;OAEG;IACH,aAAa,CACX,QAAQ,EAAE,MAAM,EAChB,cAAc,EAAE,cAAc,EAC9B,QAAQ,CAAC,EAAE,kBAAkB,EAC7B,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACnC,UAAU,CAAC,EAAE,MAAM,EACnB,WAAW,CAAC,EAAE,MAAM,GACnB,qBAAqB;IAoFxB;;OAEG;IACH,OAAO,CAAC,WAAW;IA2EnB;;OAEG;IACH,OAAO,CAAC,eAAe;IAoHvB;;;;;;;OAOG;IACI,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE;IAgGjE;;;OAGG;IACU,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CA6C5D"}
|
|
@@ -11,6 +11,7 @@ import { RESTRICTED_TOOLS } from "../types/permissions.js";
|
|
|
11
11
|
import { splitBashCommand, stripEnvVars, stripRedirections, hasWriteRedirections, getSmartPrefix, isDangerousFind, DANGEROUS_COMMANDS, } from "../utils/bashParser.js";
|
|
12
12
|
import { isPathInside } from "../utils/pathSafety.js";
|
|
13
13
|
import { BASH_TOOL_NAME, EDIT_TOOL_NAME, WRITE_TOOL_NAME, READ_TOOL_NAME, } from "../constants/tools.js";
|
|
14
|
+
import { getCurrentWorktreeSession } from "../utils/worktreeSession.js";
|
|
14
15
|
const SAFE_COMMANDS = [
|
|
15
16
|
"cd",
|
|
16
17
|
"ls",
|
|
@@ -92,6 +93,8 @@ export class PermissionManager {
|
|
|
92
93
|
this.addSystemAdditionalDirectory(dir);
|
|
93
94
|
}
|
|
94
95
|
this.workdir = this.container.get("Workdir");
|
|
96
|
+
this.worktreeName = this.container.get("WorktreeName");
|
|
97
|
+
this.mainRepoRoot = this.container.get("MainRepoRoot");
|
|
95
98
|
}
|
|
96
99
|
/**
|
|
97
100
|
* Resolve the working directory from the DI container
|
|
@@ -314,6 +317,57 @@ export class PermissionManager {
|
|
|
314
317
|
if (context.permissionMode === "bypassPermissions") {
|
|
315
318
|
return { behavior: "allow" };
|
|
316
319
|
}
|
|
320
|
+
// 1.0 Check worktree safety for Write and Edit tools
|
|
321
|
+
// Support both CLI -w sessions (container-registered) and EnterWorktree mid-session (module-level)
|
|
322
|
+
const worktreeSession = getCurrentWorktreeSession();
|
|
323
|
+
const effectiveWorktreeName = this.worktreeName || worktreeSession?.worktreeName;
|
|
324
|
+
const effectiveWorkdir = this.workdir || worktreeSession?.worktreePath;
|
|
325
|
+
const effectiveMainRepoRoot = this.mainRepoRoot || worktreeSession?.repoRoot;
|
|
326
|
+
if (effectiveWorktreeName &&
|
|
327
|
+
effectiveMainRepoRoot &&
|
|
328
|
+
effectiveWorkdir &&
|
|
329
|
+
(context.toolName === WRITE_TOOL_NAME ||
|
|
330
|
+
context.toolName === EDIT_TOOL_NAME)) {
|
|
331
|
+
const targetPath = context.toolInput?.file_path;
|
|
332
|
+
if (targetPath) {
|
|
333
|
+
const absoluteTargetPath = path.resolve(effectiveWorkdir, targetPath);
|
|
334
|
+
const isInsideMainRepo = isPathInside(absoluteTargetPath, effectiveMainRepoRoot);
|
|
335
|
+
const isInsideWorktree = isPathInside(absoluteTargetPath, effectiveWorkdir);
|
|
336
|
+
// Allow the plan file even if outside worktree
|
|
337
|
+
if (this.planFilePath) {
|
|
338
|
+
const absolutePlanPath = path.resolve(this.planFilePath);
|
|
339
|
+
if (absoluteTargetPath === absolutePlanPath) {
|
|
340
|
+
// Fall through — plan file is allowed
|
|
341
|
+
}
|
|
342
|
+
else if (isInsideMainRepo && !isInsideWorktree) {
|
|
343
|
+
logger?.warn("Worktree safety violation", {
|
|
344
|
+
toolName: context.toolName,
|
|
345
|
+
targetPath,
|
|
346
|
+
worktreeName: effectiveWorktreeName,
|
|
347
|
+
mainRepoRoot: effectiveMainRepoRoot,
|
|
348
|
+
workdir: effectiveWorkdir,
|
|
349
|
+
});
|
|
350
|
+
return {
|
|
351
|
+
behavior: "deny",
|
|
352
|
+
message: `Access denied: You are currently in a worktree session ("${effectiveWorktreeName}"). Modifying files in the main repository (outside the worktree) is not allowed. Please only modify files within the worktree directory: ${effectiveWorkdir}`,
|
|
353
|
+
};
|
|
354
|
+
}
|
|
355
|
+
}
|
|
356
|
+
else if (isInsideMainRepo && !isInsideWorktree) {
|
|
357
|
+
logger?.warn("Worktree safety violation", {
|
|
358
|
+
toolName: context.toolName,
|
|
359
|
+
targetPath,
|
|
360
|
+
worktreeName: effectiveWorktreeName,
|
|
361
|
+
mainRepoRoot: effectiveMainRepoRoot,
|
|
362
|
+
workdir: effectiveWorkdir,
|
|
363
|
+
});
|
|
364
|
+
return {
|
|
365
|
+
behavior: "deny",
|
|
366
|
+
message: `Access denied: You are currently in a worktree session ("${effectiveWorktreeName}"). Modifying files in the main repository (outside the worktree) is not allowed. Please only modify files within the worktree directory: ${effectiveWorkdir}`,
|
|
367
|
+
};
|
|
368
|
+
}
|
|
369
|
+
}
|
|
370
|
+
}
|
|
317
371
|
// 1.1 If acceptEdits mode, allow Edit, Write, and mkdir in safe zone
|
|
318
372
|
if (context.permissionMode === "acceptEdits") {
|
|
319
373
|
const autoAcceptedTools = [EDIT_TOOL_NAME, WRITE_TOOL_NAME];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"slashCommandManager.d.ts","sourceRoot":"","sources":["../../src/managers/slashCommandManager.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAQ1E,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAWlD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"slashCommandManager.d.ts","sourceRoot":"","sources":["../../src/managers/slashCommandManager.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAQ1E,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAWlD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAOxD,MAAM,WAAW,0BAA0B;IACzC,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,qBAAa,mBAAmB;IAQ5B,OAAO,CAAC,SAAS;IAPnB,OAAO,CAAC,QAAQ,CAAmC;IACnD,OAAO,CAAC,cAAc,CAAyC;IAC/D,OAAO,CAAC,eAAe,CAAqB;IAC5C,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,6BAA6B,CAAgC;gBAG3D,SAAS,EAAE,SAAS,EAC5B,OAAO,EAAE,0BAA0B;IAK9B,UAAU,IAAI,IAAI;IAazB,OAAO,KAAK,cAAc,GAEzB;IAED,OAAO,KAAK,SAAS,GAEpB;IAED,OAAO,KAAK,qBAAqB,GAEhC;IAED,OAAO,KAAK,WAAW,GAEtB;IAED,OAAO,KAAK,YAAY,GAEvB;IAED,OAAO,KAAK,eAAe,GAE1B;IAED,OAAO,KAAK,aAAa,GAExB;IAED,OAAO,KAAK,WAAW,GAEtB;IAED,OAAO,CAAC,yBAAyB;IAqEjC;;OAEG;IACH,OAAO,CAAC,kBAAkB;IA2C1B;;OAEG;IACI,qBAAqB,CAAC,MAAM,EAAE,aAAa,EAAE,GAAG,IAAI;IAmM3D;;OAEG;IACI,sBAAsB,CAC3B,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,kBAAkB,EAAE,GAC7B,IAAI;IA0CP;;OAEG;IACI,oBAAoB,IAAI,IAAI;IAWnC;;OAEG;IACI,eAAe,CAAC,OAAO,EAAE,YAAY,GAAG,IAAI;IAInD;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAIzB;;OAEG;IACI,WAAW,IAAI,YAAY,EAAE;IAIpC;;OAEG;IACI,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,YAAY,GAAG,SAAS;IAI9D;;OAEG;IACU,cAAc,CACzB,SAAS,EAAE,MAAM,EACjB,IAAI,CAAC,EAAE,MAAM,GACZ,OAAO,CAAC,OAAO,CAAC;IA2BnB;;;OAGG;IACI,4BAA4B,CAAC,KAAK,EAAE,MAAM,GAAG;QAClD,OAAO,EAAE,OAAO,CAAC;QACjB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,IAAI,CAAC,EAAE,MAAM,CAAC;KACf;IAeD;;OAEG;IACI,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO;IAI7C;;OAEG;IACI,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,kBAAkB,GAAG,SAAS;IAI1E;;OAEG;IACI,iBAAiB,IAAI,kBAAkB,EAAE;IAIhD;;OAEG;YACW,+BAA+B;IAuD7C;;OAEG;IACI,mBAAmB,IAAI,IAAI;CAQnC"}
|
|
@@ -44,6 +44,9 @@ export class SlashCommandManager {
|
|
|
44
44
|
get memoryService() {
|
|
45
45
|
return this.container.get("MemoryService");
|
|
46
46
|
}
|
|
47
|
+
get hookManager() {
|
|
48
|
+
return this.container.get("HookManager");
|
|
49
|
+
}
|
|
47
50
|
initializeBuiltinCommands() {
|
|
48
51
|
// Register built-in clear command
|
|
49
52
|
this.registerCommand({
|
|
@@ -52,9 +55,46 @@ export class SlashCommandManager {
|
|
|
52
55
|
description: "Clear conversation history and reset session",
|
|
53
56
|
handler: async () => {
|
|
54
57
|
this.aiManager.abortAIMessage();
|
|
58
|
+
// Capture old session info before clearing
|
|
59
|
+
const oldSessionId = this.messageManager.getSessionId();
|
|
60
|
+
const transcriptPath = this.messageManager.getTranscriptPath();
|
|
61
|
+
// Run SessionEnd hooks (cleanup before clear)
|
|
62
|
+
if (this.hookManager) {
|
|
63
|
+
try {
|
|
64
|
+
await this.hookManager.executeSessionEndHooks("clear", oldSessionId, transcriptPath);
|
|
65
|
+
}
|
|
66
|
+
catch (error) {
|
|
67
|
+
logger?.warn(`SessionEnd hooks on clear failed: ${error.message}`);
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
// Clear messages and generate new session
|
|
55
71
|
this.messageManager.clearMessages();
|
|
56
72
|
this.memoryService.clearCache();
|
|
57
73
|
await this.taskManager.syncWithSession();
|
|
74
|
+
// Run SessionStart hooks (restore context for new session)
|
|
75
|
+
if (this.hookManager) {
|
|
76
|
+
try {
|
|
77
|
+
const newSessionId = this.messageManager.getSessionId();
|
|
78
|
+
const sessionStartResult = await this.hookManager.executeSessionStartHooks("clear", newSessionId, this.messageManager.getTranscriptPath());
|
|
79
|
+
// Inject additionalContext as a meta user message
|
|
80
|
+
if (sessionStartResult.additionalContext) {
|
|
81
|
+
this.messageManager.addUserMessage({
|
|
82
|
+
content: `<system-reminder>\nSessionStart hook additional context: ${sessionStartResult.additionalContext}\n</system-reminder>`,
|
|
83
|
+
isMeta: true,
|
|
84
|
+
});
|
|
85
|
+
}
|
|
86
|
+
// Inject initialUserMessage as a meta user message
|
|
87
|
+
if (sessionStartResult.initialUserMessage) {
|
|
88
|
+
this.messageManager.addUserMessage({
|
|
89
|
+
content: sessionStartResult.initialUserMessage,
|
|
90
|
+
isMeta: true,
|
|
91
|
+
});
|
|
92
|
+
}
|
|
93
|
+
}
|
|
94
|
+
catch (error) {
|
|
95
|
+
logger?.warn(`SessionStart hooks on clear failed: ${error.message}`);
|
|
96
|
+
}
|
|
97
|
+
}
|
|
58
98
|
},
|
|
59
99
|
});
|
|
60
100
|
}
|
|
@@ -4,8 +4,11 @@ import type { Message, Usage } from "../types/index.js";
|
|
|
4
4
|
import { AIManager } from "./aiManager.js";
|
|
5
5
|
import { MessageManager } from "./messageManager.js";
|
|
6
6
|
import { ToolManager } from "./toolManager.js";
|
|
7
|
+
import { BackgroundTaskManager } from "./backgroundTaskManager.js";
|
|
8
|
+
import { NotificationQueue } from "./notificationQueue.js";
|
|
7
9
|
import { UserMessageParams, type AgentToolBlockUpdateParams } from "../utils/messageOperations.js";
|
|
8
10
|
import { Container } from "../utils/container.js";
|
|
11
|
+
import type { PermissionManager } from "./permissionManager.js";
|
|
9
12
|
import type { PermissionMode } from "../types/permissions.js";
|
|
10
13
|
export interface SubagentManagerCallbacks {
|
|
11
14
|
/** Triggered when subagent adds user message */
|
|
@@ -29,6 +32,9 @@ export interface SubagentInstance {
|
|
|
29
32
|
aiManager: AIManager;
|
|
30
33
|
messageManager: MessageManager;
|
|
31
34
|
toolManager: ToolManager;
|
|
35
|
+
permissionManager: PermissionManager;
|
|
36
|
+
backgroundTaskManager: BackgroundTaskManager;
|
|
37
|
+
notificationQueue: NotificationQueue;
|
|
32
38
|
status: "initializing" | "active" | "completed" | "error" | "aborted";
|
|
33
39
|
messages: Message[];
|
|
34
40
|
usedTools: {
|
|
@@ -53,7 +59,6 @@ export interface SubagentManagerOptions {
|
|
|
53
59
|
}
|
|
54
60
|
export declare class SubagentManager {
|
|
55
61
|
private instances;
|
|
56
|
-
private subagentPermissionManagers;
|
|
57
62
|
private cachedConfigurations;
|
|
58
63
|
private workdir;
|
|
59
64
|
private callbacks?;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"subagentManager.d.ts","sourceRoot":"","sources":["../../src/managers/subagentManager.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AAEzB,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACxE,OAAO,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"subagentManager.d.ts","sourceRoot":"","sources":["../../src/managers/subagentManager.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AAEzB,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACxE,OAAO,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAM/C,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAE3D,OAAO,EACL,iBAAiB,EACjB,KAAK,0BAA0B,EAChC,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAChE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAG9D,MAAM,WAAW,wBAAwB;IAEvC,gDAAgD;IAChD,0BAA0B,CAAC,EAAE,CAC3B,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,iBAAiB,KACtB,IAAI,CAAC;IACV,wDAAwD;IACxD,+BAA+B,CAAC,EAAE,CAAC,UAAU,EAAE,MAAM,KAAK,IAAI,CAAC;IAC/D,0DAA0D;IAC1D,iCAAiC,CAAC,EAAE,CAClC,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,KAChB,IAAI,CAAC;IACV,4DAA4D;IAC5D,mCAAmC,CAAC,EAAE,CACpC,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,KAChB,IAAI,CAAC;IACV,oDAAoD;IACpD,0BAA0B,CAAC,EAAE,CAC3B,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,0BAA0B,KAC/B,IAAI,CAAC;IACV,8CAA8C;IAC9C,wBAAwB,CAAC,EAAE,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,IAAI,CAAC;IAC7E,yDAAyD;IACzD,iCAAiC,CAAC,EAAE,CAClC,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,MAAM,KACX,IAAI,CAAC;CACX;AAED,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,qBAAqB,CAAC;IACrC,SAAS,EAAE,SAAS,CAAC;IACrB,cAAc,EAAE,cAAc,CAAC;IAC/B,WAAW,EAAE,WAAW,CAAC;IACzB,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,qBAAqB,EAAE,qBAAqB,CAAC;IAC7C,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,MAAM,EAAE,cAAc,GAAG,QAAQ,GAAG,WAAW,GAAG,OAAO,GAAG,SAAS,CAAC;IACtE,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,SAAS,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;QACb,UAAU,EAAE,MAAM,CAAC;QACnB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,EAAE,CAAC;IACJ,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,IAAI,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC;CAC5B;AAED,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,wBAAwB,CAAC;IACrC,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IACtC,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,qBAAa,eAAe;IAC1B,OAAO,CAAC,SAAS,CAAuC;IACxD,OAAO,CAAC,oBAAoB,CAAwC;IAEpE,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,SAAS,CAAC,CAA2B;IAC7C,OAAO,CAAC,YAAY,CAAC,CAAyB;IAC9C,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,MAAM,CAAU;gBAEZ,SAAS,EAAE,SAAS,EAAE,OAAO,EAAE,sBAAsB;IAQjE,OAAO,KAAK,oBAAoB,GAE/B;IAED;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IA+BjC;;OAEG;IACH,OAAO,CAAC,8BAA8B;IAatC;;OAEG;IACG,kBAAkB,IAAI,OAAO,CAAC,qBAAqB,EAAE,CAAC;IAY5D;;OAEG;IACH,iBAAiB,IAAI,qBAAqB,EAAE;IAS5C;;OAEG;IACG,YAAY,CAAC,IAAI,EAAE,MAAM;IAa/B;;;OAGG;IACH,oBAAoB,CAClB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,qBAAqB,EAAE,GAC9B,IAAI;IAgCP;;OAEG;IACG,cAAc,CAClB,aAAa,EAAE,qBAAqB,EACpC,UAAU,EAAE;QACV,WAAW,EAAE,MAAM,CAAC;QACpB,MAAM,EAAE,MAAM,CAAC;QACf,aAAa,EAAE,MAAM,CAAC;QACtB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;QACxB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,MAAM,CAAC,EAAE,OAAO,CAAC;QACjB,sBAAsB,CAAC,EAAE,cAAc,CAAC;QACxC,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,EACD,eAAe,CAAC,EAAE,OAAO,EACzB,QAAQ,CAAC,EAAE,MAAM,IAAI,GACpB,OAAO,CAAC,gBAAgB,CAAC;IAkJ5B;;;;;OAKG;IACG,YAAY,CAChB,QAAQ,EAAE,gBAAgB,EAC1B,MAAM,EAAE,MAAM,EACd,WAAW,CAAC,EAAE,WAAW,EACzB,eAAe,CAAC,EAAE,OAAO,GACxB,OAAO,CAAC,MAAM,CAAC;IAiFZ,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;YA6C/C,eAAe;IAmJ7B;;OAEG;IACH,WAAW,CAAC,UAAU,EAAE,MAAM,GAAG,gBAAgB,GAAG,IAAI;IAIxD;;OAEG;IACH,oBAAoB,CAClB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,gBAAgB,CAAC,QAAQ,CAAC,GACjC,IAAI;IAOP;;OAEG;IACH,oBAAoB,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,IAAI;IAOhE;;OAEG;IACH,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAYzC;;OAEG;IACH,kBAAkB,IAAI,gBAAgB,EAAE;IAOxC;;OAEG;IACH,OAAO,IAAI,IAAI;IAQf;;;OAGG;IACH,OAAO,CAAC,uBAAuB;CA+FhC"}
|
|
@@ -13,7 +13,6 @@ import { logger } from "../utils/globalLogger.js";
|
|
|
13
13
|
export class SubagentManager {
|
|
14
14
|
constructor(container, options) {
|
|
15
15
|
this.instances = new Map();
|
|
16
|
-
this.subagentPermissionManagers = new Map();
|
|
17
16
|
this.cachedConfigurations = null;
|
|
18
17
|
this.container = container;
|
|
19
18
|
this.workdir = options.workdir;
|
|
@@ -59,10 +58,10 @@ export class SubagentManager {
|
|
|
59
58
|
const parentPm = this.container.get("PermissionManager");
|
|
60
59
|
if (!parentPm)
|
|
61
60
|
return;
|
|
62
|
-
for (const
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
61
|
+
for (const instance of this.instances.values()) {
|
|
62
|
+
instance.permissionManager.updateAllowedRules(parentPm.getAllowedRules());
|
|
63
|
+
instance.permissionManager.updateDeniedRules(parentPm.getDeniedRules());
|
|
64
|
+
instance.permissionManager.updateAdditionalDirectories(parentPm.getAdditionalDirectories());
|
|
66
65
|
}
|
|
67
66
|
}
|
|
68
67
|
/**
|
|
@@ -173,8 +172,6 @@ export class SubagentManager {
|
|
|
173
172
|
if (parameters.permissionModeOverride) {
|
|
174
173
|
subagentContainer.register("PermissionMode", parameters.permissionModeOverride);
|
|
175
174
|
}
|
|
176
|
-
// Track this subagent's PermissionManager for rule sync
|
|
177
|
-
this.subagentPermissionManagers.set(subagentId, subagentPermissionManager);
|
|
178
175
|
// Add temporary permission rules if provided
|
|
179
176
|
if (parameters.allowedTools) {
|
|
180
177
|
logger.debug(`Adding ${parameters.allowedTools.length} temporary permission rules to subagent ${subagentId}`, { rules: parameters.allowedTools });
|
|
@@ -223,6 +220,9 @@ export class SubagentManager {
|
|
|
223
220
|
aiManager,
|
|
224
221
|
messageManager,
|
|
225
222
|
toolManager,
|
|
223
|
+
permissionManager: subagentPermissionManager,
|
|
224
|
+
backgroundTaskManager: subagentBackgroundTaskManager,
|
|
225
|
+
notificationQueue: subagentNotificationQueue,
|
|
226
226
|
status: "initializing",
|
|
227
227
|
messages: [],
|
|
228
228
|
usedTools: [], // Initialize usedTools
|
|
@@ -502,7 +502,6 @@ export class SubagentManager {
|
|
|
502
502
|
instance.status === "error" ||
|
|
503
503
|
instance.status === "aborted")) {
|
|
504
504
|
this.instances.delete(subagentId);
|
|
505
|
-
this.subagentPermissionManagers.delete(subagentId);
|
|
506
505
|
}
|
|
507
506
|
}
|
|
508
507
|
/**
|
|
@@ -515,6 +514,10 @@ export class SubagentManager {
|
|
|
515
514
|
* Clean up all instances (for session end)
|
|
516
515
|
*/
|
|
517
516
|
cleanup() {
|
|
517
|
+
for (const instance of this.instances.values()) {
|
|
518
|
+
instance.aiManager.abortAIMessage();
|
|
519
|
+
instance.backgroundTaskManager.cleanup();
|
|
520
|
+
}
|
|
518
521
|
this.instances.clear();
|
|
519
522
|
}
|
|
520
523
|
/**
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AuthService
|
|
3
|
+
*
|
|
4
|
+
* Handles SSO authentication via the admin server.
|
|
5
|
+
* Manages auth token storage in ~/.wave/auth.json.
|
|
6
|
+
*/
|
|
7
|
+
import type { AuthConfig } from "../types/auth.js";
|
|
8
|
+
export declare class AuthService {
|
|
9
|
+
private static instance;
|
|
10
|
+
static getInstance(): AuthService;
|
|
11
|
+
getAuthPath(): string;
|
|
12
|
+
loadAuth(): AuthConfig;
|
|
13
|
+
saveAuth(config: AuthConfig): void;
|
|
14
|
+
clearAuth(): void;
|
|
15
|
+
getSSOToken(): string | undefined;
|
|
16
|
+
getAdminBaseUrl(): string;
|
|
17
|
+
login(options?: {
|
|
18
|
+
/** Callback to receive the auth URL (for display in CLI). */
|
|
19
|
+
onAuthUrl?: (url: string) => void;
|
|
20
|
+
/** Read token manually (e.g. from stdin). Resolves with token or rejects on cancel. */
|
|
21
|
+
readToken?: () => Promise<string>;
|
|
22
|
+
}): Promise<string>;
|
|
23
|
+
private startLocalAuthServer;
|
|
24
|
+
private openBrowser;
|
|
25
|
+
isSSOAuthenticated(): boolean;
|
|
26
|
+
}
|
|
27
|
+
export declare const authService: AuthService;
|
|
28
|
+
//# sourceMappingURL=authService.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"authService.d.ts","sourceRoot":"","sources":["../../src/services/authService.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAgBH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAInD,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAc;IAErC,MAAM,CAAC,WAAW,IAAI,WAAW;IAOjC,WAAW,IAAI,MAAM;IAKrB,QAAQ,IAAI,UAAU;IAatB,QAAQ,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI;IAUlC,SAAS,IAAI,IAAI;IAajB,WAAW,IAAI,MAAM,GAAG,SAAS;IAKjC,eAAe,IAAI,MAAM;IAUnB,KAAK,CAAC,OAAO,CAAC,EAAE;QACpB,6DAA6D;QAC7D,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QAClC,uFAAuF;QACvF,SAAS,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;KACnC,GAAG,OAAO,CAAC,MAAM,CAAC;IAgCnB,OAAO,CAAC,oBAAoB;YAiFd,WAAW;IAmBzB,kBAAkB,IAAI,OAAO;CAG9B;AAED,eAAO,MAAM,WAAW,aAA4B,CAAC"}
|
|
@@ -0,0 +1,175 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AuthService
|
|
3
|
+
*
|
|
4
|
+
* Handles SSO authentication via the admin server.
|
|
5
|
+
* Manages auth token storage in ~/.wave/auth.json.
|
|
6
|
+
*/
|
|
7
|
+
import { readFileSync, writeFileSync, existsSync, chmodSync, rmSync, mkdirSync, } from "fs";
|
|
8
|
+
import * as path from "path";
|
|
9
|
+
import * as os from "os";
|
|
10
|
+
import { createServer } from "http";
|
|
11
|
+
import { URL } from "url";
|
|
12
|
+
import { execFile } from "child_process";
|
|
13
|
+
import { promisify } from "util";
|
|
14
|
+
const execFileAsync = promisify(execFile);
|
|
15
|
+
export class AuthService {
|
|
16
|
+
static getInstance() {
|
|
17
|
+
if (!AuthService.instance) {
|
|
18
|
+
AuthService.instance = new AuthService();
|
|
19
|
+
}
|
|
20
|
+
return AuthService.instance;
|
|
21
|
+
}
|
|
22
|
+
getAuthPath() {
|
|
23
|
+
const homeDir = os.homedir();
|
|
24
|
+
return path.join(homeDir, ".wave", "auth.json");
|
|
25
|
+
}
|
|
26
|
+
loadAuth() {
|
|
27
|
+
const authPath = this.getAuthPath();
|
|
28
|
+
if (!existsSync(authPath)) {
|
|
29
|
+
return {};
|
|
30
|
+
}
|
|
31
|
+
try {
|
|
32
|
+
const content = readFileSync(authPath, "utf-8");
|
|
33
|
+
return JSON.parse(content);
|
|
34
|
+
}
|
|
35
|
+
catch {
|
|
36
|
+
return {};
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
saveAuth(config) {
|
|
40
|
+
const authPath = this.getAuthPath();
|
|
41
|
+
const waveDir = path.dirname(authPath);
|
|
42
|
+
if (!existsSync(waveDir)) {
|
|
43
|
+
mkdirSync(waveDir, { recursive: true });
|
|
44
|
+
}
|
|
45
|
+
writeFileSync(authPath, JSON.stringify(config, null, 2), "utf-8");
|
|
46
|
+
chmodSync(authPath, 0o600);
|
|
47
|
+
}
|
|
48
|
+
clearAuth() {
|
|
49
|
+
const config = this.loadAuth();
|
|
50
|
+
delete config.SSO_TOKEN;
|
|
51
|
+
if (Object.keys(config).length === 0) {
|
|
52
|
+
const authPath = this.getAuthPath();
|
|
53
|
+
if (existsSync(authPath)) {
|
|
54
|
+
rmSync(authPath);
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
else {
|
|
58
|
+
this.saveAuth(config);
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
getSSOToken() {
|
|
62
|
+
const config = this.loadAuth();
|
|
63
|
+
return config.SSO_TOKEN;
|
|
64
|
+
}
|
|
65
|
+
getAdminBaseUrl() {
|
|
66
|
+
const url = process.env.WAVE_ADMIN_URL;
|
|
67
|
+
if (!url) {
|
|
68
|
+
throw new Error("WAVE_ADMIN_URL environment variable is not set. SSO authentication requires this to be configured.");
|
|
69
|
+
}
|
|
70
|
+
return url;
|
|
71
|
+
}
|
|
72
|
+
async login(options) {
|
|
73
|
+
const adminUrl = this.getAdminBaseUrl();
|
|
74
|
+
// Step 1: Fetch available SSO providers
|
|
75
|
+
const providersResponse = await fetch(`${adminUrl}/api/auth/sso-providers`);
|
|
76
|
+
if (!providersResponse.ok) {
|
|
77
|
+
throw new Error(`Failed to fetch SSO providers: ${providersResponse.status} ${providersResponse.statusText}`);
|
|
78
|
+
}
|
|
79
|
+
const providers = (await providersResponse.json());
|
|
80
|
+
if (!providers || providers.length === 0) {
|
|
81
|
+
throw new Error("No SSO providers available");
|
|
82
|
+
}
|
|
83
|
+
const provider = providers[0].provider;
|
|
84
|
+
// Step 2-5: Start local server, open browser, wait for callback or manual input
|
|
85
|
+
const token = await this.startLocalAuthServer(adminUrl, provider, {
|
|
86
|
+
onAuthUrl: options?.onAuthUrl,
|
|
87
|
+
readToken: options?.readToken,
|
|
88
|
+
});
|
|
89
|
+
// Save the token (preserve existing keys)
|
|
90
|
+
const existing = this.loadAuth();
|
|
91
|
+
this.saveAuth({ ...existing, SSO_TOKEN: token });
|
|
92
|
+
return token;
|
|
93
|
+
}
|
|
94
|
+
startLocalAuthServer(adminUrl, provider, options) {
|
|
95
|
+
return new Promise((resolve, reject) => {
|
|
96
|
+
let settled = false;
|
|
97
|
+
const server = createServer((req, res) => {
|
|
98
|
+
if (req.url) {
|
|
99
|
+
const parsedUrl = new URL(req.url, `http://127.0.0.1`);
|
|
100
|
+
const token = parsedUrl.searchParams.get("token");
|
|
101
|
+
res.writeHead(200, { "Content-Type": "text/html" });
|
|
102
|
+
res.end("<html><body><h1>Authentication successful, you can close this window</h1></body></html>");
|
|
103
|
+
if (token && !settled) {
|
|
104
|
+
settled = true;
|
|
105
|
+
server.close();
|
|
106
|
+
resolve(token);
|
|
107
|
+
}
|
|
108
|
+
}
|
|
109
|
+
});
|
|
110
|
+
// Listen on 127.0.0.1 (IPv4) for reliable localhost callback
|
|
111
|
+
server.listen(0, "127.0.0.1", async () => {
|
|
112
|
+
const address = server.address();
|
|
113
|
+
if (typeof address !== "object" || !address) {
|
|
114
|
+
server.close();
|
|
115
|
+
reject(new Error("Failed to get server address"));
|
|
116
|
+
return;
|
|
117
|
+
}
|
|
118
|
+
const port = address.port;
|
|
119
|
+
const callbackUrl = `http://127.0.0.1:${port}`;
|
|
120
|
+
const authUrl = `${adminUrl}/api/auth/sso/${provider}?callback_url=${encodeURIComponent(callbackUrl)}`;
|
|
121
|
+
// Notify caller of the auth URL
|
|
122
|
+
options?.onAuthUrl?.(authUrl);
|
|
123
|
+
// Try to open browser; if it fails, keep server alive for manual visit
|
|
124
|
+
try {
|
|
125
|
+
await this.openBrowser(authUrl);
|
|
126
|
+
}
|
|
127
|
+
catch {
|
|
128
|
+
// Browser not available — server stays alive
|
|
129
|
+
}
|
|
130
|
+
});
|
|
131
|
+
// If manual token reading is provided, race between server callback and user input
|
|
132
|
+
if (options?.readToken) {
|
|
133
|
+
options.readToken().then((token) => {
|
|
134
|
+
if (!settled) {
|
|
135
|
+
settled = true;
|
|
136
|
+
server.close();
|
|
137
|
+
resolve(token);
|
|
138
|
+
}
|
|
139
|
+
}, () => {
|
|
140
|
+
// Manual input cancelled or closed, server keeps waiting for callback
|
|
141
|
+
});
|
|
142
|
+
}
|
|
143
|
+
// Timeout after 5 minutes
|
|
144
|
+
setTimeout(() => {
|
|
145
|
+
if (!settled) {
|
|
146
|
+
settled = true;
|
|
147
|
+
server.close();
|
|
148
|
+
reject(new Error("SSO authentication timed out after 5 minutes"));
|
|
149
|
+
}
|
|
150
|
+
}, 5 * 60 * 1000);
|
|
151
|
+
});
|
|
152
|
+
}
|
|
153
|
+
async openBrowser(url) {
|
|
154
|
+
const platform = process.platform;
|
|
155
|
+
let command;
|
|
156
|
+
let args;
|
|
157
|
+
if (platform === "darwin") {
|
|
158
|
+
command = "open";
|
|
159
|
+
args = [url];
|
|
160
|
+
}
|
|
161
|
+
else if (platform === "win32") {
|
|
162
|
+
command = "cmd";
|
|
163
|
+
args = ["/c", "start", "", url];
|
|
164
|
+
}
|
|
165
|
+
else {
|
|
166
|
+
command = "xdg-open";
|
|
167
|
+
args = [url];
|
|
168
|
+
}
|
|
169
|
+
await execFileAsync(command, args);
|
|
170
|
+
}
|
|
171
|
+
isSSOAuthenticated() {
|
|
172
|
+
return this.getSSOToken() !== undefined;
|
|
173
|
+
}
|
|
174
|
+
}
|
|
175
|
+
export const authService = AuthService.getInstance();
|
|
@@ -39,9 +39,13 @@ export declare class ConfigurationService {
|
|
|
39
39
|
* This replaces direct process.env modification
|
|
40
40
|
*/
|
|
41
41
|
setEnvironmentVars(env: Record<string, string>): void;
|
|
42
|
+
/**
|
|
43
|
+
* Read SSO token from ~/.wave/auth.json
|
|
44
|
+
*/
|
|
45
|
+
private readSSOToken;
|
|
42
46
|
/**
|
|
43
47
|
* Resolves gateway configuration from constructor args and environment
|
|
44
|
-
* Resolution priority: options > env (from settings.json) > process.env > error
|
|
48
|
+
* Resolution priority: SSO_TOKEN > options > env (from settings.json) > process.env > error
|
|
45
49
|
* @param apiKey - API key override (optional)
|
|
46
50
|
* @param baseURL - Base URL override (optional)
|
|
47
51
|
* @param defaultHeaders - HTTP headers override (optional)
|