arkclaw-webchat-cli 0.4.0__tar.gz → 0.5.1__tar.gz

{arkclaw_webchat_cli-0.4.0 → arkclaw_webchat_cli-0.5.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: arkclaw-webchat-cli
-Version: 0.4.0
+Version: 0.5.1
 Summary: CLI to chat with an ArkClaw EE space's Claw over enterprise SSO — zero permanent AK/SK.
 Author: ArkClaw Team
 Keywords: arkclaw,cli,ee,openclaw,sso,sts

{arkclaw_webchat_cli-0.4.0 → arkclaw_webchat_cli-0.5.1}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "arkclaw-webchat-cli"
-version = "0.4.0"
+version = "0.5.1"
 description = "CLI to chat with an ArkClaw EE space's Claw over enterprise SSO — zero permanent AK/SK."
 readme = "README.md"
 requires-python = ">=3.10"

{arkclaw_webchat_cli-0.4.0 → arkclaw_webchat_cli-0.5.1}/src/ee_claw/__init__.py

@@ -10,6 +10,13 @@ AssumeRoleWithOIDC → GetClawInstanceChatToken → OpenClaw WebSocket).
 
 from __future__ import annotations
 
-__version__ = "0.1.0"
+from importlib.metadata import PackageNotFoundError
+from importlib.metadata import version as _pkg_version
+
+try:
+    # Single source of truth: the installed package metadata (pyproject version).
+    __version__ = _pkg_version("arkclaw-webchat-cli")
+except PackageNotFoundError:  # running from a source tree without an install
+    __version__ = "0.0.0+local"
 
 __all__ = ["__version__"]

{arkclaw_webchat_cli-0.4.0 → arkclaw_webchat_cli-0.5.1}/src/ee_claw/cli.py

@@ -436,7 +436,22 @@ def _rewrite_agent_shortcut(argv: list[str]) -> None:
         argv.insert(1, "chat")
 
 
+@app.command()
+def version() -> None:
+    """显示已安装的 arkclaw 版本。"""
+    from ee_claw import __version__
+
+    typer.echo(f"arkclaw {__version__}")
+
+
 def main() -> None:
+    # `--version` / `-V` is handled here (before Typer) so it works as a bare
+    # top-level flag without a group callback. `arkclaw version` is the command.
+    if len(sys.argv) >= 2 and sys.argv[1] in ("--version", "-V"):
+        from ee_claw import __version__
+
+        print(f"arkclaw {__version__}")
+        return
     _rewrite_agent_shortcut(sys.argv)
     app()
 

{arkclaw_webchat_cli-0.4.0 → arkclaw_webchat_cli-0.5.1}/src/ee_claw/flows.py

@@ -90,6 +90,30 @@ def _openclaw_creds(cfg: SessionConfig, id_token: str | None) -> dict[str, str]:
     return assume_role_with_oidc(str(id_token), str(cfg.role_trn), cfg.provider_trn)
 
 
+def _user_identity(id_token: str | None) -> dict[str, str]:
+    """The SSO user's identity from the *verified* id_token, for per-user authz
+    at GetClawInstanceChatToken. When the CLI's STS role is a space *resource*
+    account, the control plane checks these against the claw's owner and denies
+    a non-owner (fail-closed) — so a leaked claw_id can't chat someone else's
+    claw. Read from the token ONLY (never user input), so it can't impersonate."""
+    if not id_token:
+        return {}
+    try:
+        claims = decode_claims(id_token)
+    except ArkclawError:
+        return {}
+    ident: dict[str, str] = {}
+    if claims.get("sub"):
+        ident["UserPoolUserUid"] = str(claims["sub"])
+    if claims.get("email"):
+        ident["Email"] = str(claims["email"])
+    for c in ("union_id", "uid"):
+        if claims.get(c):
+            ident["UnionId"] = str(claims[c])
+            break
+    return ident
+
+
 def _normalize(url: str) -> tuple[str, str]:
     base = (url if "//" in url else "https://" + url).rstrip("/")
     host = urllib.parse.urlparse(base).hostname or ""
@@ -472,6 +496,7 @@ def make_transport(
     *,
     session: str | None = None,
     approver: Approver | None = None,
+    identity: dict[str, str] | None = None,
 ) -> Transport:
     """The target-plane seam: pick the adapter from config, not code. The
     abstract session name is mapped to transport-specific addressing inside
@@ -483,6 +508,7 @@ def make_transport(
             clawid=clawid,
             region=cfg.region,
             creds=creds,
+            identity=identity,
             session_key=session_key_for(session),
             approver=approver,
         )
@@ -667,7 +693,10 @@ def _target_transport(
             hint="请加 --clawid <ci-...>(或 login 时带 --clawid 设默认)。",
         )
     creds = _openclaw_creds(cfg, id_token)
-    return clawid, make_transport(cfg, clawid, creds, session=session, approver=approver)
+    return clawid, make_transport(
+        cfg, clawid, creds, session=session, approver=approver,
+        identity=_user_identity(id_token),
+    )
 
 
 def _save_session_state(cfg: SessionConfig, target: str, session: str | None, transport: Transport) -> None:
@@ -991,7 +1020,9 @@ def _openclaw_file_transport(clawid: str | None) -> tuple[OpenClawTransport, str
     if not cfg.region:
         raise RegionError("登录信息缺少区域。", hint="重新 login 并加 --region。")
     creds = _openclaw_creds(cfg, id_token)
-    return OpenClawTransport(clawid=clawid, region=str(cfg.region), creds=creds), clawid
+    return OpenClawTransport(
+        clawid=clawid, region=str(cfg.region), creds=creds, identity=_user_identity(id_token)
+    ), clawid
 
 
 def do_ls(emitter: Emitter, *, clawid: str | None = None) -> dict[str, Any]:

{arkclaw_webchat_cli-0.4.0 → arkclaw_webchat_cli-0.5.1}/src/ee_claw/sts.py

@@ -121,11 +121,34 @@ def assume_role_with_oidc(
     return creds
 
 
-def get_chat_token(clawid: str, region: str, creds: dict[str, str]) -> tuple[str, str]:
-    """GetClawInstanceChatToken with temp creds → (ChatToken, Endpoint)."""
+def _volc_error(body: str) -> tuple[str, str]:
+    """Extract ``(Code, Message)`` from a Volcengine error envelope
+    (``ResponseMetadata.Error``); ``('', '')`` if it can't be parsed. Lets the
+    CLI surface a clean message instead of dumping the raw JSON envelope."""
+    try:
+        err = json.loads(body)["ResponseMetadata"]["Error"]
+        return str(err.get("Code") or ""), str(err.get("Message") or "")
+    except (ValueError, KeyError, TypeError):
+        return "", ""
+
+
+def get_chat_token(
+    clawid: str, region: str, creds: dict[str, str], *, identity: dict[str, str] | None = None
+) -> tuple[str, str]:
+    """GetClawInstanceChatToken with temp creds → (ChatToken, Endpoint).
+
+    ``identity`` carries the SSO user's identity (``UserPoolUserUid``/``Email``/
+    ``UnionId``) taken from the *verified* id_token. The control plane's
+    resource-account branch authorizes the user against the claw's owner with
+    these fields and denies a non-owner (fail-closed) — so a leaked claw_id is
+    not enough to chat someone else's claw. (Sent always; the owning-tenant
+    branch ignores it.)"""
     host = f"arkclaw.{region}.volcengineapi.com"
     query = {"Action": "GetClawInstanceChatToken", "Version": ARKCLAW_API_VERSION}
-    body = json.dumps({"ClawInstanceId": clawid, "ProjectName": "default"}).encode()
+    payload: dict[str, str] = {"ClawInstanceId": clawid, "ProjectName": "default"}
+    if identity:
+        payload.update({k: v for k, v in identity.items() if v})
+    body = json.dumps(payload).encode()
     headers = sign_headers(
         "POST", host, query, body,
         ak=creds["AccessKeyId"], sk=creds["SecretAccessKey"],
@@ -138,9 +161,23 @@ def get_chat_token(clawid: str, region: str, creds: dict[str, str]) -> tuple[str
             urllib.request.Request(url, data=body, headers=headers), timeout=30
         ).read()
     except urllib.error.HTTPError as e:
-        # Redact BEFORE truncating so a split token can't slip past the regex.
+        err_body = e.read().decode(errors="replace")
+        code, message = _volc_error(err_body)
+        if code == "AccessDenied" or "AccessDenied" in err_body:  # coruscant per-user gate
+            raise StsError(
+                "权限不足:当前用户无权访问该 Claw 实例(非所有者且未获授权)。",
+                hint="运行 `arkclaw agents` 查看你有权访问的 Claw 实例,或使用 `--clawid` 指定其它实例。",
+            ) from e
+        if code == "ErrMissingUserIdentity":  # gate ran but the CLI sent no identity
+            raise StsError(
+                "权限校验失败:请求未包含用户身份信息。",
+                hint="请将 CLI 升级至最新版本(uv tool upgrade arkclaw-webchat-cli),并重新登录(arkclaw login)。",
+            ) from e
+        # Anything else: surface the clean Code/Message — never the raw JSON envelope.
+        # Redact first so a split token can't slip past the regex.
+        clean = redact(message or err_body)[:200]
         raise StsError(
-            f"GetClawInstanceChatToken failed: {redact(e.read().decode(errors='replace'))[:300]}"
+            f"获取会话令牌失败:{clean}", hint=(f"服务端错误码:{code}" if code else None)
         ) from e
     except urllib.error.URLError as e:
         raise NetworkError(f"cannot reach {host}: {e.reason}") from e

{arkclaw_webchat_cli-0.4.0 → arkclaw_webchat_cli-0.5.1}/src/ee_claw/transport/openclaw.py

@@ -334,6 +334,7 @@ class OpenClawTransport:
     clawid: str
     region: str
     creds: dict[str, str]
+    identity: dict[str, str] | None = None  # SSO user identity for per-claw authz
     session_key: str = SESSION_KEY
     approver: Approver | None = None
     idle_timeout: float = 30.0
@@ -355,7 +356,7 @@ class OpenClawTransport:
                     TurnEvent(kind="info", text=f"⚠ 二进制文件无法内联,已跳过: {name}")
                 )
         on_event(TurnEvent(kind="status", text="获取 ChatToken"))
-        chat_token, endpoint = get_chat_token(self.clawid, self.region, self.creds)
+        chat_token, endpoint = get_chat_token(self.clawid, self.region, self.creds, identity=self.identity)
         on_event(TurnEvent(kind="status", text="连接 claw(wss)"))
         url = (
             f"wss://{endpoint}/?chatToken={urllib.parse.quote(chat_token)}"
@@ -415,7 +416,7 @@ class OpenClawTransport:
     async def _request(self, method: str, params: dict[str, Any]) -> dict[str, Any]:
         """connect (hello-ok) → one control request → its res payload. Errors
         are redacted; the token-bearing URL is never echoed."""
-        chat_token, endpoint = get_chat_token(self.clawid, self.region, self.creds)
+        chat_token, endpoint = get_chat_token(self.clawid, self.region, self.creds, identity=self.identity)
         url = (
             f"wss://{endpoint}/?chatToken={urllib.parse.quote(chat_token)}"
             f"&clawInstanceId={urllib.parse.quote(self.clawid)}"