arkclaw-webchat-cli 0.1.0__tar.gz

arkclaw_webchat_cli-0.1.0/.gitignore

@@ -0,0 +1,7 @@
+.venv/
+__pycache__/
+*.egg-info/
+dist/
+build/
+.pytest_cache/
+.ruff_cache/

arkclaw_webchat_cli-0.1.0/PKG-INFO

@@ -0,0 +1,87 @@
+Metadata-Version: 2.4
+Name: arkclaw-webchat-cli
+Version: 0.1.0
+Summary: CLI to chat with an ArkClaw EE space's Claw over enterprise SSO — zero permanent AK/SK.
+Author: ArkClaw Team
+Keywords: arkclaw,cli,ee,openclaw,sso,sts
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: Operating System :: MacOS
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Requires-Python: >=3.10
+Requires-Dist: typer>=0.12.0
+Requires-Dist: websockets>=12.0
+Provides-Extra: dev
+Requires-Dist: pytest>=7.4; extra == 'dev'
+Requires-Dist: ruff>=0.6; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# ee-claw
+
+A tiny CLI to chat with a **Claw** in an **ArkClaw EE** space from your terminal —
+authenticated by your existing **enterprise SSO** session, with **zero permanent
+AK/SK** ever stored.
+
+```bash
+pip install ee-claw
+
+arkclaw login https://<space>.arkclaw-enterprise-bj.volceapi.com/
+arkclaw chat
+```
+
+That's it. `login` reuses the SSO session your browser already holds for the
+space; `chat` talks to the Claw you last had open there.
+
+## How it works
+
+```
+Chrome login (id_token)  →  STS AssumeRoleWithOIDC  →  temporary creds
+                         →  GetClawInstanceChatToken →  ChatToken
+                         →  OpenClaw WebSocket        →  chat
+```
+
+- **`login <space-url>`** reads the `id_token` Chrome already holds for the space
+  (you must be logged in there), validates it by exchanging it for **temporary**
+  credentials via Volcengine STS, and caches the session in
+  `~/.arkclaw/ee_login.json` (mode `0600`). No browser is opened, nothing is
+  pasted, **no permanent AK/SK is ever written**.
+- **`chat`** uses the cached login to mint a one-time `ChatToken`
+  (`GetClawInstanceChatToken`) and opens an OpenClaw WebSocket. Without
+  `--clawid` it uses the claw you most recently opened in the browser (read from
+  Chrome history); pass `--clawid ci-...` to target a specific one.
+
+## Admin setup (once per space)
+
+The CLI needs one piece of space-level configuration: the **STS role** whose
+trust policy accepts the space's enterprise-SSO identity pool and whose
+permission policy allows `arkclaw:GetClawInstanceChatToken`. Provide it via
+(highest precedence first):
+
+1. `--role-trn trn:iam::<account>:role/<name>`
+2. `ARKCLAW_ROLE_TRN` environment variable
+3. the space serving `GET <space-url>/.well-known/arkclaw-cli` →
+   `{"region": ..., "role_trn": ..., "provider_trn": ...}` (then the user types
+   only the URL)
+
+Nothing is hardcoded per space. Region is derived from the URL (override with
+`--region`); the OIDC provider is inferred from the token issuer (override with
+`--provider-trn`). If no role can be resolved, `login` fails with
+`ARKCLAW_E_UNCONFIGURED`.
+
+## Security
+
+The role is a least-privilege bridge: enterprise SSO identity → **1-hour**
+temporary credentials that can do exactly **one** thing
+(`GetClawInstanceChatToken`) and nothing else in the account. See the error
+codes (`ARKCLAW_E_NOLOGIN`, `ARKCLAW_E_STS`, `ARKCLAW_E_UNCONFIGURED`, …) for
+clear diagnostics.
+
+## Scope
+
+- Platform: **Chrome on macOS/Linux** (reads Chrome's Local Storage + history).
+- This is the ArkClaw EE companion CLI; the general-purpose public SDK is
+  `arkclaw-sdk` (standard OIDC login + a2a chat) and lives separately.

arkclaw_webchat_cli-0.1.0/README.md

@@ -0,0 +1,65 @@
+# ee-claw
+
+A tiny CLI to chat with a **Claw** in an **ArkClaw EE** space from your terminal —
+authenticated by your existing **enterprise SSO** session, with **zero permanent
+AK/SK** ever stored.
+
+```bash
+pip install ee-claw
+
+arkclaw login https://<space>.arkclaw-enterprise-bj.volceapi.com/
+arkclaw chat
+```
+
+That's it. `login` reuses the SSO session your browser already holds for the
+space; `chat` talks to the Claw you last had open there.
+
+## How it works
+
+```
+Chrome login (id_token)  →  STS AssumeRoleWithOIDC  →  temporary creds
+                         →  GetClawInstanceChatToken →  ChatToken
+                         →  OpenClaw WebSocket        →  chat
+```
+
+- **`login <space-url>`** reads the `id_token` Chrome already holds for the space
+  (you must be logged in there), validates it by exchanging it for **temporary**
+  credentials via Volcengine STS, and caches the session in
+  `~/.arkclaw/ee_login.json` (mode `0600`). No browser is opened, nothing is
+  pasted, **no permanent AK/SK is ever written**.
+- **`chat`** uses the cached login to mint a one-time `ChatToken`
+  (`GetClawInstanceChatToken`) and opens an OpenClaw WebSocket. Without
+  `--clawid` it uses the claw you most recently opened in the browser (read from
+  Chrome history); pass `--clawid ci-...` to target a specific one.
+
+## Admin setup (once per space)
+
+The CLI needs one piece of space-level configuration: the **STS role** whose
+trust policy accepts the space's enterprise-SSO identity pool and whose
+permission policy allows `arkclaw:GetClawInstanceChatToken`. Provide it via
+(highest precedence first):
+
+1. `--role-trn trn:iam::<account>:role/<name>`
+2. `ARKCLAW_ROLE_TRN` environment variable
+3. the space serving `GET <space-url>/.well-known/arkclaw-cli` →
+   `{"region": ..., "role_trn": ..., "provider_trn": ...}` (then the user types
+   only the URL)
+
+Nothing is hardcoded per space. Region is derived from the URL (override with
+`--region`); the OIDC provider is inferred from the token issuer (override with
+`--provider-trn`). If no role can be resolved, `login` fails with
+`ARKCLAW_E_UNCONFIGURED`.
+
+## Security
+
+The role is a least-privilege bridge: enterprise SSO identity → **1-hour**
+temporary credentials that can do exactly **one** thing
+(`GetClawInstanceChatToken`) and nothing else in the account. See the error
+codes (`ARKCLAW_E_NOLOGIN`, `ARKCLAW_E_STS`, `ARKCLAW_E_UNCONFIGURED`, …) for
+clear diagnostics.
+
+## Scope
+
+- Platform: **Chrome on macOS/Linux** (reads Chrome's Local Storage + history).
+- This is the ArkClaw EE companion CLI; the general-purpose public SDK is
+  `arkclaw-sdk` (standard OIDC login + a2a chat) and lives separately.

arkclaw_webchat_cli-0.1.0/pyproject.toml

@@ -0,0 +1,47 @@
+[build-system]
+requires = ["hatchling>=1.21"]
+build-backend = "hatchling.build"
+
+[project]
+name = "arkclaw-webchat-cli"
+version = "0.1.0"
+description = "CLI to chat with an ArkClaw EE space's Claw over enterprise SSO — zero permanent AK/SK."
+readme = "README.md"
+requires-python = ">=3.10"
+authors = [{ name = "ArkClaw Team" }]
+keywords = ["arkclaw", "ee", "sso", "sts", "cli", "openclaw"]
+classifiers = [
+    "Development Status :: 3 - Alpha",
+    "Intended Audience :: Developers",
+    "Operating System :: MacOS",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Programming Language :: Python :: 3.13",
+]
+dependencies = [
+    "typer>=0.12.0",
+    "websockets>=12.0",
+]
+
+[project.optional-dependencies]
+dev = [
+    "pytest>=7.4",
+    "ruff>=0.6",
+]
+
+[project.scripts]
+arkclaw-webchat = "ee_claw.cli:main"
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/ee_claw"]
+
+[tool.ruff]
+line-length = 100
+target-version = "py310"
+src = ["src", "tests"]
+
+[tool.ruff.lint]
+select = ["E", "W", "F", "I", "UP", "B"]
+ignore = ["E501"]

arkclaw_webchat_cli-0.1.0/src/ee_claw/__init__.py

@@ -0,0 +1,15 @@
+"""ee-claw — a tiny CLI to chat with an ArkClaw EE space's Claw over enterprise
+SSO, with zero permanent AK/SK.
+
+    arkclaw login <space-url>      # reuse the browser's SSO session → STS temp creds
+    arkclaw chat                   # talk to the Claw you last had open
+
+See :mod:`ee_claw.core` for the mechanism (Chrome login read → STS
+AssumeRoleWithOIDC → GetClawInstanceChatToken → OpenClaw WebSocket).
+"""
+
+from __future__ import annotations
+
+__version__ = "0.1.0"
+
+__all__ = ["__version__"]

arkclaw_webchat_cli-0.1.0/src/ee_claw/cli.py

@@ -0,0 +1,74 @@
+"""The ``arkclaw`` command: ``login <space-url>`` and ``chat``.
+
+Thin wrapper over :mod:`ee_claw.core` — argument parsing only, no logic.
+"""
+
+from __future__ import annotations
+
+import typer
+
+from ee_claw import core
+
+app = typer.Typer(
+    add_completion=False,
+    no_args_is_help=True,
+    help="Chat with an ArkClaw EE space's Claw over enterprise SSO — no permanent keys.",
+)
+
+
+@app.command()
+def login(
+    space: str = typer.Argument(
+        ...,
+        help="ArkClaw space URL, e.g. https://<space>.arkclaw-enterprise-bj.volceapi.com",
+    ),
+    role_trn: str | None = typer.Option(
+        None,
+        "--role-trn",
+        help="STS role TRN (admin-provided). Falls back to ARKCLAW_ROLE_TRN env "
+        "or the space's /.well-known/arkclaw-cli.",
+    ),
+    provider_trn: str | None = typer.Option(
+        None, "--provider-trn", help="OIDC provider TRN (optional; inferred from the token issuer)."
+    ),
+    region: str | None = typer.Option(
+        None, "--region", help="Space region (e.g. cn-beijing); derived from the URL if omitted."
+    ),
+) -> None:
+    """Log into an ArkClaw EE space by reusing your browser's SSO session.
+
+    You must already be logged into the space in Chrome. The id_token is read
+    from Chrome, exchanged for temporary credentials via STS, and cached — no
+    browser is opened, nothing is pasted, no permanent AK/SK is ever stored.
+    """
+    try:
+        core.do_login(
+            space, typer.echo, role_trn=role_trn, provider_trn=provider_trn, region=region
+        )
+    except (ValueError, RuntimeError) as exc:
+        typer.echo(f"✗ {exc}", err=True)
+        raise typer.Exit(1) from exc
+
+
+@app.command()
+def chat(
+    clawid: str | None = typer.Option(
+        None,
+        "--clawid",
+        help="Claw instance id (ci-...). Omit to use the claw you last had open in the browser.",
+    ),
+) -> None:
+    """Chat with a Claw in the logged-in space (Ctrl+C to exit)."""
+    try:
+        core.do_chat(clawid, typer.echo)
+    except (ValueError, RuntimeError) as exc:
+        typer.echo(f"✗ {exc}", err=True)
+        raise typer.Exit(1) from exc
+
+
+def main() -> None:
+    app()
+
+
+if __name__ == "__main__":
+    main()

arkclaw_webchat_cli-0.1.0/src/ee_claw/core.py

@@ -0,0 +1,472 @@
+"""ArkClaw EE Claw access for the CLI.
+
+Two user-facing commands sit on top of this module:
+
+* ``arkclaw login --url <space>`` — resolve the space's IdP/region/role from the
+  URL, run the browser (PKCE loopback) login, exchange the resulting OIDC
+  id_token for **temporary** Volcengine credentials via ``AssumeRoleWithOIDC``
+  (no permanent AK/SK ever touches the user), and cache them.
+* ``arkclaw chat --clawid <ci-...>`` — with the cached login, call
+  ``GetClawInstanceChatToken`` (temp creds) → open the OpenClaw WebSocket →
+  ``chat.send`` → stream the reply.
+
+The whole chain (login → STS → GetClawInstanceChatToken → wss) was validated
+end-to-end against a live ArkClaw EE claw. See the module-level constants for
+the exact hosts/versions/protocol frames that were confirmed to work.
+"""
+
+from __future__ import annotations
+
+import datetime
+import hashlib
+import hmac
+import json
+import urllib.error
+import urllib.parse
+import urllib.request
+import uuid
+
+STS_HOST = "sts.volcengineapi.com"
+STS_VERSION = "2018-01-01"
+ARKCLAW_API_VERSION = "2026-03-01"
+ARKCLAW_SERVICE = "arkclaw"
+_SESSION_KEY = "agent:main:main"          # OpenClaw default session
+_WS_CLIENT_ID = "openclaw-control-ui"     # ONLY this client.id is accepted
+
+
+# ---------------------------------------------------------------------------
+# Space resolution (URL -> {issuer/client for login, region/role/provider for STS})
+# ---------------------------------------------------------------------------
+
+
+def derive_region(url: str) -> str | None:
+    """Best-effort region from the space's gateway host
+    (``…apigateway-cn-shanghai…`` / ``…-bj…``). Overridable via --region."""
+    import re
+    host = (urllib.parse.urlparse(url if "//" in url else "https://" + url).hostname or "").lower()
+    m = re.search(r"(cn-[a-z]+|ap-[a-z]+-\d)", host)
+    if m:
+        return m.group(1)
+    if "-bj" in host:
+        return "cn-beijing"
+    if "-sh" in host:
+        return "cn-shanghai"
+    return None
+
+
+def discover_cli_config(url: str) -> dict | None:
+    """Optional space self-description: ``GET <space>/.well-known/arkclaw-cli``
+    → ``{"region", "role_trn", "provider_trn"}``. Returns None if absent (404 /
+    not served) — the admin then supplies --role-trn instead. No hardcoding."""
+    base = (url if "//" in url else "https://" + url).rstrip("/")
+    try:
+        raw = urllib.request.urlopen(base + "/.well-known/arkclaw-cli", timeout=8).read()
+        d = json.loads(raw)
+        return d if isinstance(d, dict) else None
+    except Exception:
+        return None
+
+
+# ---------------------------------------------------------------------------
+# Volcengine SigV4 (HMAC-SHA256), with optional STS session token
+# ---------------------------------------------------------------------------
+
+
+def _sign_headers(
+    method: str,
+    host: str,
+    query: dict[str, str],
+    body: bytes,
+    *,
+    ak: str,
+    sk: str,
+    service: str,
+    region: str,
+    session_token: str | None = None,
+    extra: dict[str, str] | None = None,
+) -> dict[str, str]:
+    now = datetime.datetime.now(datetime.timezone.utc)
+    xdate = now.strftime("%Y%m%dT%H%M%SZ")
+    datestamp = xdate[:8]
+    payload_hash = hashlib.sha256(body).hexdigest()
+    signed = {
+        "content-type": "application/json",
+        "host": host,
+        "x-content-sha256": payload_hash,
+        "x-date": xdate,
+    }
+    if session_token:
+        signed["x-security-token"] = session_token
+    signed_headers = ";".join(sorted(signed))
+    canon_headers = "".join(f"{k}:{signed[k]}\n" for k in sorted(signed))
+    canon_query = "&".join(
+        f"{urllib.parse.quote(k, safe='-_.~')}={urllib.parse.quote(str(v), safe='-_.~')}"
+        for k, v in sorted(query.items())
+    )
+    canon_req = f"{method}\n/\n{canon_query}\n{canon_headers}\n{signed_headers}\n{payload_hash}"
+    scope = f"{datestamp}/{region}/{service}/request"
+    sts = f"HMAC-SHA256\n{xdate}\n{scope}\n{hashlib.sha256(canon_req.encode()).hexdigest()}"
+
+    def _h(key: bytes, msg: str) -> bytes:
+        return hmac.new(key, msg.encode(), hashlib.sha256).digest()
+
+    k_signing = _h(_h(_h(_h(sk.encode(), datestamp), region), service), "request")
+    sig = hmac.new(k_signing, sts.encode(), hashlib.sha256).hexdigest()
+    out = {
+        "Content-Type": "application/json",
+        "Host": host,
+        "X-Date": xdate,
+        "X-Content-Sha256": payload_hash,
+        "Authorization": (
+            f"HMAC-SHA256 Credential={ak}/{scope}, "
+            f"SignedHeaders={signed_headers}, Signature={sig}"
+        ),
+    }
+    if session_token:
+        out["X-Security-Token"] = session_token
+    if extra:
+        out.update(extra)
+    return out
+
+
+# ---------------------------------------------------------------------------
+# STS + GetClawInstanceChatToken
+# ---------------------------------------------------------------------------
+
+
+def assume_role_with_oidc(
+    id_token: str, role_trn: str, provider_trn: str | None = None
+) -> dict[str, str]:
+    """Exchange a UserPool id_token for temporary creds. **Anonymous** (no AK/SK):
+    the OIDC token IS the credential. Token MUST go in the POST body (too long
+    for the query) and the host MUST be ``sts.volcengineapi.com``."""
+    params = {
+        "RoleTrn": role_trn,
+        "OIDCToken": id_token,
+        "RoleSessionName": "arkclaw-cli",
+        "DurationSeconds": "3600",
+    }
+    if provider_trn:
+        params["OIDCProviderTrn"] = provider_trn
+    body = urllib.parse.urlencode(params).encode()
+    url = f"https://{STS_HOST}/?Action=AssumeRoleWithOIDC&Version={STS_VERSION}"
+    req = urllib.request.Request(
+        url, data=body, headers={"Content-Type": "application/x-www-form-urlencoded"}
+    )
+    try:
+        raw = urllib.request.urlopen(req, timeout=15).read()
+    except urllib.error.HTTPError as e:
+        raise RuntimeError(f"AssumeRoleWithOIDC rejected: {e.read().decode()[:300]}") from e
+    except urllib.error.URLError as e:
+        raise RuntimeError(f"cannot reach STS endpoint ({STS_HOST}): {e.reason}") from e
+    return json.loads(raw)["Result"]["Credentials"]
+
+
+def get_chat_token(clawid: str, region: str, creds: dict[str, str]) -> tuple[str, str]:
+    """GetClawInstanceChatToken with temp creds → (ChatToken, Endpoint)."""
+    host = f"arkclaw.{region}.volcengineapi.com"
+    query = {"Action": "GetClawInstanceChatToken", "Version": ARKCLAW_API_VERSION}
+    body = json.dumps({"ClawInstanceId": clawid, "ProjectName": "default"}).encode()
+    headers = _sign_headers(
+        "POST", host, query, body,
+        ak=creds["AccessKeyId"], sk=creds["SecretAccessKey"],
+        service=ARKCLAW_SERVICE, region=region, session_token=creds.get("SessionToken"),
+        extra={"ServiceName": ARKCLAW_SERVICE, "Region": region},
+    )
+    url = f"https://{host}/?Action=GetClawInstanceChatToken&Version={ARKCLAW_API_VERSION}"
+    try:
+        raw = urllib.request.urlopen(
+            urllib.request.Request(url, data=body, headers=headers), timeout=30
+        ).read()
+    except urllib.error.HTTPError as e:
+        raise RuntimeError(f"GetClawInstanceChatToken failed: {e.read().decode()[:300]}") from e
+    res = json.loads(raw)["Result"]
+    return res["ChatToken"], res["Endpoint"]
+
+
+# ---------------------------------------------------------------------------
+# OpenClaw WebSocket chat (protocol v3)
+# ---------------------------------------------------------------------------
+
+
+async def ws_chat(endpoint: str, chat_token: str, clawid: str, message: str, echo) -> str:
+    """connect (v3) → chat.send → stream assistant text until state=final."""
+    import websockets
+
+    url = f"wss://{endpoint}/?chatToken={urllib.parse.quote(chat_token)}&clawInstanceId={urllib.parse.quote(clawid)}"
+    final = ""
+    async with websockets.connect(url, max_size=None) as ws:
+        await ws.send(json.dumps({
+            "type": "req", "id": str(uuid.uuid4()), "method": "connect",
+            "params": {
+                "minProtocol": 3, "maxProtocol": 3,
+                "client": {"id": _WS_CLIENT_ID, "version": "arkclaw-cli", "platform": "cli", "mode": "webchat"},
+                "role": "operator", "scopes": ["operator.admin"], "caps": ["tool-events"], "locale": "zh-CN",
+            },
+        }))
+        import asyncio
+        sent = False
+        deadline = asyncio.get_event_loop().time() + 120
+        while asyncio.get_event_loop().time() < deadline:
+            try:
+                raw = await asyncio.wait_for(ws.recv(), 30)
+            except asyncio.TimeoutError:
+                break
+            msg = json.loads(raw)
+            if not sent and msg.get("type") == "res" and msg.get("ok"):
+                sent = True
+                await ws.send(json.dumps({
+                    "type": "req", "id": str(uuid.uuid4()), "method": "chat.send",
+                    "params": {"sessionKey": _SESSION_KEY, "message": message,
+                               "deliver": False, "idempotencyKey": str(uuid.uuid4())},
+                }))
+                continue
+            if msg.get("event") == "agent":
+                data = (msg.get("payload") or {}).get("data") or {}
+                if data.get("delta"):
+                    echo(data["delta"], nl=False)
+            if msg.get("event") == "chat":
+                p = msg.get("payload") or {}
+                if p.get("state") == "final":
+                    content = ((p.get("message") or {}).get("content")) or ""
+                    final = content if isinstance(content, str) else final
+                    break
+    echo("")
+    return final
+
+
+# ---------------------------------------------------------------------------
+# Login store (~/.arkclaw/ee_login.json, 0600) + the two command entrypoints
+# ---------------------------------------------------------------------------
+
+
+def _login_path():
+    import pathlib
+    d = pathlib.Path.home() / ".arkclaw"
+    d.mkdir(mode=0o700, exist_ok=True)
+    return d / "ee_login.json"
+
+
+def save_login(data: dict) -> None:
+    import os
+    p = _login_path()
+    p.write_text(json.dumps(data))
+    os.chmod(p, 0o600)
+
+
+def load_login() -> dict | None:
+    p = _login_path()
+    return json.loads(p.read_text()) if p.exists() else None
+
+
+def _decode_claims(jwt: str) -> dict:
+    import base64
+    seg = jwt.split(".")[1]
+    return json.loads(base64.urlsafe_b64decode(seg + "=" * (-len(seg) % 4)))
+
+
+_JWT_RE = None
+
+
+def read_chrome_token(space_host: str, key: str = "volcclaw_userpool_id_token") -> str | None:
+    """Read the freshest ``key`` for ``space_host`` directly from Chrome's
+    Local Storage (LevelDB), so the user doesn't copy/paste. Files are copied to
+    a temp dir first (Chrome holds a lock on the live DB). Best-effort: returns
+    None if not found (caller falls back to paste)."""
+    import pathlib
+    import re
+    import shutil
+    import tempfile
+
+    global _JWT_RE
+    if _JWT_RE is None:
+        _JWT_RE = re.compile(rb"eyJ[A-Za-z0-9_-]{8,}\.[A-Za-z0-9_-]{8,}\.[A-Za-z0-9_-]{8,}")
+    roots = [
+        pathlib.Path.home() / "Library/Application Support/Google/Chrome",
+        pathlib.Path.home() / "Library/Application Support/Google/Chrome Beta",
+        pathlib.Path.home() / ".config/google-chrome",
+    ]
+    host_b, key_b = space_host.encode(), key.encode()
+    best: tuple[str, int] | None = None
+    for root in roots:
+        if not root.exists():
+            continue
+        for ldb in root.glob("*/Local Storage/leveldb"):
+            tmp = pathlib.Path(tempfile.mkdtemp(prefix="arkclaw-ls-"))
+            for f in ldb.glob("*"):
+                if f.suffix in (".ldb", ".log") or f.name.startswith("MANIFEST"):
+                    try:
+                        shutil.copy(f, tmp / f.name)
+                    except OSError:
+                        pass
+            for f in tmp.glob("*"):
+                try:
+                    data = f.read_bytes()
+                except OSError:
+                    continue
+                pos = 0
+                while True:
+                    k = data.find(key_b, pos)
+                    if k < 0:
+                        break
+                    pos = k + 1
+                    if host_b not in data[max(0, k - 256):k]:  # key is origin-prefixed
+                        continue
+                    m = _JWT_RE.search(data[k:k + 4096])
+                    if not m:
+                        continue
+                    tok = m.group().decode()
+                    try:
+                        exp = int(_decode_claims(tok).get("exp", 0))
+                    except Exception:
+                        continue
+                    if best is None or exp > best[1]:
+                        best = (tok, exp)
+            shutil.rmtree(tmp, ignore_errors=True)
+    return best[0] if best else None
+
+
+def read_chrome_recent_claw(space_host: str) -> str | None:
+    """Find the most-recently-visited claw in this space from Chrome history —
+    the chat page URL is ``<space_host>/clawSpace/<ci-...>/chat``. No server call,
+    no extra IAM permission (we read what the user just looked at, same disk-read
+    trick as the token). Returns the ``ci-...`` id or None."""
+    import pathlib
+    import re
+    import shutil
+    import sqlite3
+    import tempfile
+
+    pat = re.compile(r"/clawSpace/(ci-[a-z0-9]+)", re.I)
+    roots = [
+        pathlib.Path.home() / "Library/Application Support/Google/Chrome",
+        pathlib.Path.home() / "Library/Application Support/Google/Chrome Beta",
+        pathlib.Path.home() / ".config/google-chrome",
+    ]
+    best: tuple[int, str] | None = None  # (last_visit_time, claw_id)
+    for root in roots:
+        if not root.exists():
+            continue
+        for hist in root.glob("*/History"):
+            tmp = pathlib.Path(tempfile.mkdtemp(prefix="arkclaw-h-"))
+            db = tmp / "History"
+            try:
+                shutil.copy(hist, db)
+                con = sqlite3.connect(f"file:{db}?mode=ro", uri=True)
+                rows = con.execute(
+                    "SELECT url, last_visit_time FROM urls "
+                    "WHERE url LIKE ? ORDER BY last_visit_time DESC LIMIT 50",
+                    (f"%{space_host}/clawSpace/ci-%",),
+                ).fetchall()
+                con.close()
+            except Exception:
+                rows = []
+            finally:
+                shutil.rmtree(tmp, ignore_errors=True)
+            for url, t in rows:
+                m = pat.search(url or "")
+                if m and (best is None or (t or 0) > best[0]):
+                    best = (t or 0, m.group(1))
+    return best[1] if best else None
+
+
+def do_login(
+    url: str,
+    echo,
+    *,
+    role_trn: str | None = None,
+    provider_trn: str | None = None,
+    region: str | None = None,
+) -> None:
+    """`arkclaw login <space-url>`: read the id_token Chrome already holds for the
+    space (you must already be logged into it), exchange it for **temporary**
+    credentials via STS, and cache the session. No browser opened, no paste, no
+    permanent AK/SK ever. Nothing is hardcoded per space: the STS role comes from
+    ``--role-trn`` / ``ARKCLAW_ROLE_TRN`` / the space's ``/.well-known/arkclaw-cli``;
+    the region is derived from the URL (override with ``--region``)."""
+    base = (url if "//" in url else "https://" + url).rstrip("/")
+    host = urllib.parse.urlparse(base).hostname
+
+    # Config resolution (no hardcoding): explicit flag > env var > space
+    # self-description (/.well-known/arkclaw-cli) > derived. The admin sets the
+    # STS role once (env var, like AWS_ROLE_ARN); the production path is the space
+    # serving its own /.well-known/arkclaw-cli so the user types only the URL.
+    import os
+    disc = discover_cli_config(base) or {}
+    region = region or os.environ.get("ARKCLAW_REGION") or disc.get("region") or derive_region(base)
+    role_trn = role_trn or os.environ.get("ARKCLAW_ROLE_TRN") or disc.get("role_trn")
+    provider_trn = (
+        provider_trn or os.environ.get("ARKCLAW_PROVIDER_TRN") or disc.get("provider_trn")
+    )
+    if not region:
+        raise ValueError("ARKCLAW_E_REGION: 无法从空间地址推断区域,请加 --region <如 cn-beijing>。")
+    if not role_trn:
+        raise ValueError(
+            "ARKCLAW_E_UNCONFIGURED: 该空间未配置 CLI 访问。\n"
+            "  需要管理员提供 STS 角色 —— 加 --role-trn trn:iam::<account>:role/<name>,\n"
+            "  或由空间暴露 GET /.well-known/arkclaw-cli 供自动发现。"
+        )
+
+    # Read what Chrome already holds for this space. No browser, no paste.
+    id_token = read_chrome_token(host)
+    if not id_token:
+        raise ValueError(
+            f"ARKCLAW_E_NOLOGIN: 未在 Chrome 中找到 {host} 的登录态。"
+            " 请先在 Chrome 用企业 SSO 登录该空间(打开它的对话页)再运行本命令。"
+        )
+    if id_token.count(".") != 2:
+        raise ValueError("ARKCLAW_E_TOKEN: 从 Chrome 读到的不是有效 JWT id_token。")
+    echo("✓ 已从 Chrome 读取该空间登录态。")
+    claims = _decode_claims(id_token)
+    echo(f"    ✓ 身份: {claims.get('email') or claims.get('name') or claims.get('sub')}"
+         f"  (iss={(claims.get('iss') or '')[:48]}…)")
+    echo("    校验登录中…")
+    try:
+        assume_role_with_oidc(id_token, role_trn, provider_trn)
+    except RuntimeError as e:
+        raise RuntimeError(
+            "ARKCLAW_E_STS: 用该登录换取临时凭据失败 —— 多半是管理员未为该空间身份池配置 STS "
+            "信任(OIDC provider / role),或角色无 arkclaw:GetClawInstanceChatToken 权限。\n"
+            f"  详情: {e}"
+        ) from e
+    claw = read_chrome_recent_claw(host)  # what the user just had open; no server call
+    save_login({
+        "space": host, "url": base, "id_token": id_token,
+        "region": region, "role_trn": role_trn, "provider_trn": provider_trn,
+        "claw": claw,
+    })
+    echo(
+        f"✅ 已登录并保存(空间 {host} · 区域 {region}"
+        + (f" · 默认 claw {claw}" if claw else "")
+        + ")。现在: arkclaw chat"
+        + ("" if claw else " --clawid <ci-...>")
+    )
+
+
+def do_chat(clawid: str | None, echo) -> None:
+    """`arkclaw chat [--clawid <ci-...>]`: cached login → STS temp creds →
+    GetClawInstanceChatToken → OpenClaw WebSocket REPL. Without --clawid, uses the
+    claw captured from the browser at login (last claw you had open)."""
+    import asyncio
+    data = load_login()
+    if not data:
+        raise ValueError("ARKCLAW_E_NOLOGIN: 尚未登录。先运行: arkclaw login <空间地址> --from-chrome")
+    clawid = clawid or data.get("claw")
+    if not clawid:
+        raise ValueError(
+            "ARKCLAW_E_NOCLAW: 未指定 claw,且登录时未从浏览器历史发现(可能没进过某个 claw 的对话页)。"
+            "请加 --clawid <ci-...>。"
+        )
+    creds = assume_role_with_oidc(data["id_token"], data["role_trn"], data.get("provider_trn"))
+    echo(f"ArkClaw chat · claw {clawid} · 空间 {data.get('space')} (Ctrl+C 退出)")
+    while True:
+        try:
+            msg = input("You> ").strip()
+        except (EOFError, KeyboardInterrupt):
+            echo("\nbye")
+            return
+        if not msg:
+            continue
+        chat_token, endpoint = get_chat_token(clawid, data["region"], creds)  # one-time per ws
+        echo("Agent> ", nl=False)
+        asyncio.run(ws_chat(endpoint, chat_token, clawid, msg, echo))

arkclaw_webchat_cli-0.1.0/tests/test_smoke.py

@@ -0,0 +1,41 @@
+"""Smoke tests — no network, no Chrome required."""
+
+from __future__ import annotations
+
+from typer.testing import CliRunner
+
+from ee_claw import core
+from ee_claw.cli import app
+
+runner = CliRunner()
+
+
+def test_cli_help_shows_login_and_chat():
+    out = runner.invoke(app, ["--help"]).output
+    assert "login" in out
+    assert "chat" in out
+
+
+def test_login_takes_positional_space_url():
+    out = runner.invoke(app, ["login", "--help"]).output
+    assert "SPACE" in out.upper()
+
+
+def test_chat_clawid_is_optional():
+    out = runner.invoke(app, ["chat", "--help"]).output
+    assert "--clawid" in out
+
+
+def test_derive_region_from_url():
+    assert core.derive_region("https://x.arkclaw-enterprise-bj.volceapi.com") == "cn-beijing"
+    assert core.derive_region("https://y.apigateway-cn-shanghai.volceapi.com") == "cn-shanghai"
+
+
+def test_chat_without_login_errors_cleanly(tmp_path, monkeypatch):
+    # Point the login store at an empty dir → load_login() returns None.
+    import pathlib
+
+    monkeypatch.setattr(pathlib.Path, "home", classmethod(lambda cls: tmp_path))
+    result = runner.invoke(app, ["chat"])
+    assert result.exit_code == 1
+    assert "ARKCLAW_E_NOLOGIN" in result.output