arkclaw-webchat-cli 0.5.1__tar.gz → 0.6.0__tar.gz

{arkclaw_webchat_cli-0.5.1 → arkclaw_webchat_cli-0.6.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: arkclaw-webchat-cli
-Version: 0.5.1
+Version: 0.6.0
 Summary: CLI to chat with an ArkClaw EE space's Claw over enterprise SSO — zero permanent AK/SK.
 Author: ArkClaw Team
 Keywords: arkclaw,cli,ee,openclaw,sso,sts

{arkclaw_webchat_cli-0.5.1 → arkclaw_webchat_cli-0.6.0}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "arkclaw-webchat-cli"
-version = "0.5.1"
+version = "0.6.0"
 description = "CLI to chat with an ArkClaw EE space's Claw over enterprise SSO — zero permanent AK/SK."
 readme = "README.md"
 requires-python = ">=3.10"

{arkclaw_webchat_cli-0.5.1 → arkclaw_webchat_cli-0.6.0}/src/ee_claw/config.py

@@ -126,6 +126,24 @@ def get_session(space: str, claw: str, session: str) -> dict[str, object] | None
     return entry if isinstance(entry, dict) else None
 
 
+def forget_claw(space: str, claw: str) -> bool:
+    """Drop ALL recorded sessions for a (space, claw) — used to self-heal the
+    `agents` list when a claw turns out to be inaccessible. Returns True if any
+    entry was removed."""
+    data = _load_sessions()
+    prefix = f"{space}|{claw}|"
+    doomed = [k for k in data if k.startswith(prefix)]
+    if not doomed:
+        return False
+    for k in doomed:
+        del data[k]
+    _dir()
+    fd = os.open(_sessions_path(), os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o600)
+    with os.fdopen(fd, "w") as f:
+        f.write(json.dumps(data, ensure_ascii=False))
+    return True
+
+
 # --- Named-agent registry ------------------------------------------------------
 # Maps a human-friendly agent name (the a2a agent-card name, an openclaw claw
 # Name) → a non-secret connection snapshot, so `arkclaw chat <name>` works.

{arkclaw_webchat_cli-0.5.1 → arkclaw_webchat_cli-0.6.0}/src/ee_claw/errors.py

@@ -83,6 +83,13 @@ class StsError(AuthError):
     code = "ARKCLAW_E_STS"
 
 
+class ClawAccessDeniedError(StsError):
+    """The user is not authorized for this specific claw (server per-user gate).
+    Distinct so callers can prune it from local history (self-healing)."""
+
+    code = "ARKCLAW_E_FORBIDDEN"
+
+
 # --- Secret redaction -------------------------------------------------------
 # Never let a full token reach the terminal, a log, or an error message.
 #

{arkclaw_webchat_cli-0.5.1 → arkclaw_webchat_cli-0.6.0}/src/ee_claw/flows.py

@@ -11,6 +11,7 @@ and every error is a typed :class:`~ee_claw.errors.ArkclawError`.
 from __future__ import annotations
 
 import asyncio
+import dataclasses
 import json
 import os
 import pathlib
@@ -29,6 +30,7 @@ from ee_claw.attachments import collect_files
 from ee_claw.config import SessionConfig
 from ee_claw.errors import (
     ArkclawError,
+    ClawAccessDeniedError,
     ExpiredError,
     NetworkError,
     NoClawError,
@@ -51,7 +53,7 @@ from ee_claw.identity import (
 from ee_claw.oauth import OAuthClient
 from ee_claw.output import Emitter
 from ee_claw.providers import ProviderContext, resolve_token_source
-from ee_claw.sts import assume_role_with_oidc
+from ee_claw.sts import assume_role_with_oidc, get_chat_token
 from ee_claw.transport.a2a import A2ATransport, agent_card
 from ee_claw.transport.base import Approver, Attachment, Transport, TurnEvent, TurnResult
 from ee_claw.transport.openclaw import OpenClawTransport, session_key_for
@@ -114,6 +116,37 @@ def _user_identity(id_token: str | None) -> dict[str, str]:
     return ident
 
 
+def _probe_claw_access(
+    cfg: SessionConfig, id_token: str, claw_ids: list[str]
+) -> tuple[set[str], set[str]]:
+    """Which of ``claw_ids`` the current user can ACTUALLY chat — checked live by
+    minting a (throwaway) ChatToken for each, the only per-user check the CLI's
+    role can do. Returns (accessible, denied). A transient/non-permission error
+    keeps the claw (don't hide it on a network blip). Raises ArkclawError if
+    creds can't be obtained at all (caller falls back to the unchecked list)."""
+    from concurrent.futures import ThreadPoolExecutor
+
+    creds = _openclaw_creds(cfg, id_token)  # may raise (offline / expired / no creds)
+    identity = _user_identity(id_token)
+    region = str(cfg.region)
+
+    def check(cid: str) -> tuple[str, bool]:
+        try:
+            get_chat_token(cid, region, creds, identity=identity)
+            return cid, True
+        except ClawAccessDeniedError:
+            return cid, False
+        except ArkclawError:
+            return cid, True  # transient/other — keep, don't silently drop
+
+    accessible: set[str] = set()
+    denied: set[str] = set()
+    with ThreadPoolExecutor(max_workers=min(8, max(1, len(claw_ids)))) as ex:
+        for cid, ok in ex.map(check, claw_ids):
+            (accessible if ok else denied).add(cid)
+    return accessible, denied
+
+
 def _normalize(url: str) -> tuple[str, str]:
     base = (url if "//" in url else "https://" + url).rstrip("/")
     host = urllib.parse.urlparse(base).hostname or ""
@@ -129,55 +162,72 @@ def _is_userpool_address(host: str) -> bool:
 
 
 def do_init(emitter: Emitter, address: str | None = None) -> dict[str, Any]:
-    """``arkclaw init``: one-time interactive setup. Captures the login address
-    plus the bits not yet auto-discoverable (the CLI's OAuth client, the STS
-    role) so that afterwards ``arkclaw login`` needs no env vars or flags.
-    Anything the space already self-describes (issuer, region, and — once the
-    platform publishes it — client_id/role) is auto-filled and not asked."""
-    if emitter.json or not sys.stdin.isatty():
-        raise ValidationError(
-            "arkclaw init 是交互式的,需要终端。",
-            hint="在终端直接运行 `arkclaw init`;脚本里改用 env(ARKCLAW_CLIENT_ID/ROLE_TRN)+ flags。",
-        )
+    """``arkclaw init``: one-time setup. The GOAL is **address-only** — when the
+    space publishes its CLI config (issuer/region/client_id/role…) via
+    ``/.well-known/arkclaw-cli`` or GetAuthConfig, the user gives ONLY the
+    address and nothing is asked (works non-interactively too). Until then, it
+    prompts for the few bits discovery can't provide (the CLI's OAuth client,
+    the STS role)."""
+    interactive = not emitter.json and sys.stdin.isatty()
+
+    def need_tty() -> None:
+        if not interactive:
+            raise ValidationError(
+                "该空间尚未发布 CLI 配置,需要补充 client_id/role,而当前非交互终端。",
+                hint="在终端运行 `arkclaw init <地址>`;或脚本里用 env(ARKCLAW_CLIENT_ID/ROLE_TRN)+ flags。",
+            )
 
-    def ask(label: str, default: str | None = None, *, required: bool = False) -> str | None:
+    def ask(label: str, default: str | None = None, *, required: bool = False) -> str:
         suffix = f" [{default}]" if default else ""
         while True:
             ans = input(f"  {label}{suffix}: ").strip() or (default or "")
             if ans or not required:
-                return ans or None
+                return ans
             emitter.line("    (必填)")
 
-    emitter.line("arkclaw init —— 一次性配置(能自动发现的不会问你)\n")
-    address = address or ask("空间登录地址 (https://…)", required=True)
+    if not address:
+        need_tty()
+        emitter.line("arkclaw init —— 配置一次(能自动发现的不问你)\n")
+        address = ask("空间登录地址 (https://…)", required=True)
     base, host = _normalize(str(address))
     disc = discover_cli_config(base) or {}
     issuer = disc.get("issuer") or (f"https://{host}" if _is_userpool_address(host) else None)
     region = disc.get("region") or derive_region(base)
-    if issuer:
-        emitter.line("  ✓ 自动发现身份池 issuer")
-    if region:
-        emitter.line(f"  ✓ 区域: {region}")
-
-    # User-facing name is "webchat" (the ChatToken/wss path); internally it's
-    # the "openclaw" transport. "a2a" is unchanged.
-    disc_t = str(disc.get("transport") or "")
-    transport_in = ask("传输方式 (webchat/a2a)", default=("a2a" if disc_t == "a2a" else "webchat")) or "webchat"
-    transport = "a2a" if transport_in.lower() == "a2a" else "openclaw"
-    client_id = disc.get("client_id") or ask(
-        "CLI client_id(public OAuth 客户端,问管理员;平台发布发现后免此项)", required=True
-    )
-    role_trn: object = None
-    endpoint: object = None
-    if transport == "openclaw":
-        role_trn = disc.get("role_trn") or ask("STS role TRN (trn:iam::<账号>:role/<名字>)", required=True)
+    transport = "a2a" if str(disc.get("transport") or "").lower() == "a2a" else "openclaw"
+    client_id = disc.get("client_id")
+    role_trn = disc.get("role_trn")
+    provider_trn = disc.get("provider_trn")
+    endpoint = disc.get("endpoint")
+    clawid = disc.get("clawid")
+
+    # Fully discovered = the space published this CLI's client + target plane →
+    # nothing to ask (address-only). Otherwise prompt ONLY for what's missing.
+    complete = bool(client_id) and (bool(role_trn) if transport == "openclaw" else bool(endpoint))
+    if complete:
+        emitter.line("✓ 该空间已发布 CLI 配置 —— 全部自动解析,无需手动输入。")
     else:
-        endpoint = disc.get("endpoint") or ask("A2A endpoint (https://…)", required=True)
-    clawid = disc.get("clawid") or ask("默认 claw id (ci-…,可留空,登录后用 arkclaw agents 选)")
+        need_tty()
+        if issuer:
+            emitter.line("  ✓ 自动发现身份池 issuer")
+        if region:
+            emitter.line(f"  ✓ 区域: {region}")
+        # "webchat" = the ChatToken/wss path (internal name "openclaw"); "a2a" unchanged.
+        t_in = ask("传输方式 (webchat/a2a)", default=("a2a" if transport == "a2a" else "webchat"))
+        transport = "a2a" if t_in.lower() == "a2a" else "openclaw"
+        if not client_id:
+            client_id = ask(
+                "CLI client_id(public OAuth 客户端,问管理员;平台发布发现后免此项)", required=True
+            )
+        if transport == "openclaw" and not role_trn:
+            role_trn = ask("STS role TRN (trn:iam::<账号>:role/<名字>)", required=True)
+        elif transport == "a2a" and not endpoint:
+            endpoint = ask("A2A endpoint (https://…)", required=True)
+        if not clawid:
+            clawid = ask("默认 claw id (ci-…,可留空,登录后用 arkclaw agents 选)") or None
 
     saved = {
         "address": base, "issuer": issuer, "client_id": client_id, "transport": transport,
-        "region": region, "role_trn": role_trn, "provider_trn": disc.get("provider_trn"),
+        "region": region, "role_trn": role_trn, "provider_trn": provider_trn,
         "endpoint": endpoint, "space_id": disc.get("space_id"), "clawid": clawid,
     }
     config_mod.save_defaults(saved)
@@ -706,6 +756,15 @@ def _save_session_state(cfg: SessionConfig, target: str, session: str | None, tr
     config_mod.record_session(str(cfg.space), target, session or "main", extra)
 
 
+def _forget_inaccessible(cfg: SessionConfig, claw: str) -> None:
+    """A chat to ``claw`` was denied (not the user's, not shared). Drop it from
+    local history so `arkclaw agents` stops listing it, and clear it as the
+    default if it was the default (so a bare `arkclaw chat` won't keep failing)."""
+    config_mod.forget_claw(str(cfg.space), claw)
+    if cfg.claw == claw:
+        config_mod.save_config(dataclasses.replace(cfg, claw=None))
+
+
 def _resolve_target(name: str) -> SessionConfig | None:
     """A chat target by name: the agent registry (card/claw names recorded by
     ``login``/``agents``) first, then profile names."""
@@ -782,13 +841,18 @@ def do_chat(
     target, transport = _target_transport(
         cfg, clawid, id_token, session=session, approver=approver
     )
-    config_mod.record_session(str(cfg.space), target, session or "main")
-
+    # NOTE: do NOT record the session here (before the turn) — a denied claw
+    # would pollute `arkclaw agents`. Recording happens only after a turn
+    # SUCCEEDS, via _save_session_state below.
     if message is not None:
         stdin_text = _stdin_context()
         if stdin_text:
             attachments.insert(0, Attachment(name="<stdin>", content=stdin_text.encode()))
-        result = asyncio.run(_run_turn(transport, message, emitter, files=attachments))
+        try:
+            result = asyncio.run(_run_turn(transport, message, emitter, files=attachments))
+        except ClawAccessDeniedError:
+            _forget_inaccessible(cfg, target)  # self-heal: drop it from `agents`
+            raise
         emitter.line("")
         if result.timed_out:
             emitter.line("⚠ 回合超时结束,回复可能不完整。")
@@ -832,6 +896,8 @@ def do_chat(
         except ArkclawError as e:
             # One bad turn (server failure, network blip) must not kill the
             # REPL — report it and keep the conversation open.
+            if isinstance(e, ClawAccessDeniedError):
+                _forget_inaccessible(cfg, target)  # self-heal: drop it from `agents`
             emitter.line(f"\n✗ {e.code}: {e.message}")
             if e.hint:
                 emitter.line(f"  {e.hint}")
@@ -964,12 +1030,11 @@ def do_agents(emitter: Emitter) -> dict[str, Any]:
             )
     elif cfg.transport == "openclaw":
         emitter.line(f"★ 当前登录(openclaw)· 空间 {cfg.space}")
-        # The claws you can chat = the ones YOU have used from this machine,
-        # remembered locally — NOT a server enumeration of the space. The
-        # space-wide ListClawInstances returns every member's claws to anyone
-        # (no per-user scoping reachable by the CLI's role), so we don't call it.
-        # New claws enter via `arkclaw chat ci-...`; each chat is recorded
-        # (record_session) and shows up here next time.
+        # Candidates = the claws YOU have used from this machine (local history) +
+        # your default — NOT a server enumeration (the space-wide list isn't
+        # per-user scoped for the CLI's role). We then VERIFY access to each by
+        # minting a throwaway ChatToken, so only claws you can actually chat are
+        # shown; denied ones are pruned from history (and cleared as default).
         seen: dict[str, float] = {}
         for s in config_mod.list_sessions():
             cid = s.get("claw")
@@ -978,12 +1043,29 @@ def do_agents(emitter: Emitter) -> dict[str, Any]:
                 seen[str(cid)] = max(seen.get(str(cid), 0.0), float(ts) if isinstance(ts, (int, float)) else 0.0)
         if cfg.claw and str(cfg.claw) not in seen:
             seen[str(cfg.claw)] = 0.0  # the default claw, even if not chatted yet
-        claws = [
-            {"ClawInstanceId": cid, "last_used": ts}
-            for cid, ts in sorted(seen.items(), key=lambda kv: kv[1], reverse=True)
-        ]
+
+        claw_ids = sorted(seen, key=lambda c: seen[c], reverse=True)
+        checked = False
+        if claw_ids:
+            if not emitter.json:
+                emitter.line("  核对访问权限中…")
+            try:
+                _, id_token = _load_session(cfg)
+                accessible, denied = _probe_claw_access(cfg, id_token, claw_ids)
+                checked = True
+                for cid in denied:
+                    config_mod.forget_claw(str(cfg.space), cid)  # stop listing it
+                    if cfg.claw == cid:
+                        config_mod.save_config(dataclasses.replace(cfg, claw=None))
+                        cfg = config_mod.load_config() or cfg
+                        current["default_claw"] = cfg.claw
+                claw_ids = [c for c in claw_ids if c in accessible]
+            except ArkclawError:
+                checked = False  # offline / expired / no creds → show unchecked
+
+        claws = [{"ClawInstanceId": cid, "last_used": seen[cid]} for cid in claw_ids]
         current["claws"] = claws
-        current["source"] = "local-history"
+        current["source"] = "verified" if checked else "local-history-unchecked"
         if claws:
             emitter.table(
                 ["Claw(可 chat)", "上次使用", "默认"],
@@ -996,6 +1078,10 @@ def do_agents(emitter: Emitter) -> dict[str, Any]:
                     for c in claws
                 ],
             )
+            if not checked:
+                emitter.line("  ⚠ 未能核对权限(离线/会话过期),以上为本地历史,可能含你无权访问的。")
+        elif checked:
+            emitter.line("  你在本空间没有可访问的 claw(历史里的都已无权或不存在)。")
         else:
             emitter.line("  还没用过任何 claw。用 `arkclaw chat ci-xxxx` 开始,之后这里会记住它。")
 

{arkclaw_webchat_cli-0.5.1 → arkclaw_webchat_cli-0.6.0}/src/ee_claw/identity.py

@@ -118,6 +118,20 @@ def discover_cli_config(url: str) -> dict[str, object] | None:
         if result.get(k):
             out["client_id"] = result[k]
             break
+    # The remaining CLI-plane fields (platform-added). Once the BFF surfaces
+    # these on GetAuthConfig, the user types ONLY the address — login/init
+    # resolve everything. (camelCase from the BFF → snake_case the CLI uses.)
+    for src, dst in (
+        ("roleTrn", "role_trn"),
+        ("providerTrn", "provider_trn"),
+        ("region", "region"),
+        ("spaceId", "space_id"),
+        ("transport", "transport"),
+        ("endpoint", "endpoint"),
+        ("defaultClawId", "clawid"),
+    ):
+        if result.get(src):
+            out[dst] = result[src]
     return out or None
 
 

{arkclaw_webchat_cli-0.5.1 → arkclaw_webchat_cli-0.6.0}/src/ee_claw/sts.py

@@ -16,7 +16,7 @@ import urllib.error
 import urllib.parse
 import urllib.request
 
-from ee_claw.errors import NetworkError, StsError, redact
+from ee_claw.errors import ClawAccessDeniedError, NetworkError, StsError, redact
 
 STS_HOST = "sts.volcengineapi.com"
 STS_VERSION = "2018-01-01"
@@ -164,7 +164,7 @@ def get_chat_token(
         err_body = e.read().decode(errors="replace")
         code, message = _volc_error(err_body)
         if code == "AccessDenied" or "AccessDenied" in err_body:  # coruscant per-user gate
-            raise StsError(
+            raise ClawAccessDeniedError(
                 "权限不足:当前用户无权访问该 Claw 实例(非所有者且未获授权)。",
                 hint="运行 `arkclaw agents` 查看你有权访问的 Claw 实例,或使用 `--clawid` 指定其它实例。",
             ) from e

{arkclaw_webchat_cli-0.5.1 → arkclaw_webchat_cli-0.6.0}/src/ee_claw/transport/openclaw.py

@@ -1,6 +1,10 @@
-"""OpenClaw WebSocket transport (protocol v3).
+"""OpenClaw WebSocket transport (protocol v3–v4, negotiated).
 
 Refactored from the live-validated ``core.ws_chat`` (2026-06-05, real EE claw).
+The connect frame negotiates ``minProtocol=3 .. maxProtocol=4`` so it works
+against both older claws (v3) and OpenClaw ≥5.28 (v4); the server picks the
+version. (The post-connect frame shapes below were calibrated on a live v3
+claw; v4 is expected to be compatible for these — verify against a v4 claw.)
 Confirmed protocol details, preserved exactly:
 
 * The ChatToken from ``GetClawInstanceChatToken`` is **single-use** — a fresh
@@ -9,7 +13,7 @@ Confirmed protocol details, preserved exactly:
   ``connect.challenge`` event (no response required), then expects a
   ``connect`` request whose ``client.id`` MUST be ``openclaw-control-ui``
   (server whitelist; anything else → INVALID_REQUEST), with
-  ``role=operator`` / ``scopes=["operator.admin"]`` / protocol pinned to 3.
+  ``role=operator`` / ``scopes=["operator.admin"]`` / protocol negotiated v3–v4.
 * ``chat.send`` (sessionKey ``agent:main:main``) → ``{ok:true, payload:{runId,
   status:"started"}}``, then ``agent`` events stream assistant text
   (``data.delta`` incremental) and the ``chat`` event with ``state=final``
@@ -31,6 +35,8 @@ from __future__ import annotations
 
 import asyncio
 import json
+import os
+import sys
 import urllib.parse
 import uuid
 from collections.abc import Sequence
@@ -43,6 +49,11 @@ from ee_claw.transport.base import Approver, Attachment, OnEvent, TurnEvent, Tur
 
 SESSION_KEY = "agent:main:main"        # OpenClaw default session
 WS_CLIENT_ID = "openclaw-control-ui"   # ONLY this client.id is accepted
+# ws protocol versions this client speaks; the server negotiates the highest
+# mutually-supported one (v3 for older claws, v4 for OpenClaw ≥ 5.28). Pinning a
+# single version makes a newer claw reject the connect with PROTOCOL_MISMATCH.
+MIN_PROTOCOL = 3
+MAX_PROTOCOL = 4
 
 
 def session_key_for(name: str | None) -> str:
@@ -61,14 +72,40 @@ class _Ws(Protocol):
     async def recv(self) -> str | bytes: ...
 
 
+class _DebugWs:
+    """Frame tracer. With ``ARKCLAW_DEBUG_WS`` set, dump every ws frame (sent
+    and received) to stderr — redacted (no tokens) and length-capped — for
+    diagnosing protocol changes (e.g. OpenClaw v4) against a live claw."""
+
+    def __init__(self, ws: Any) -> None:
+        self._ws = ws
+
+    async def send(self, data: str) -> None:
+        sys.stderr.write(f"[ws →] {redact(data)[:2000]}\n")
+        sys.stderr.flush()
+        await self._ws.send(data)
+
+    async def recv(self) -> str | bytes:
+        data = await self._ws.recv()
+        text = data if isinstance(data, str) else bytes(data).decode("utf-8", "replace")
+        sys.stderr.write(f"[ws ←] {redact(text)[:2000]}\n")
+        sys.stderr.flush()
+        return data
+
+
+def _wrap_debug(ws: Any) -> Any:
+    """Wrap ``ws`` in a frame tracer when ARKCLAW_DEBUG_WS is set; else pass through."""
+    return _DebugWs(ws) if os.environ.get("ARKCLAW_DEBUG_WS") else ws
+
+
 def connect_frame() -> dict[str, Any]:
     return {
         "type": "req",
         "id": str(uuid.uuid4()),
         "method": "connect",
         "params": {
-            "minProtocol": 3,
-            "maxProtocol": 3,
+            "minProtocol": MIN_PROTOCOL,
+            "maxProtocol": MAX_PROTOCOL,
             "client": {
                 "id": WS_CLIENT_ID,
                 "version": "arkclaw-cli",
@@ -369,6 +406,7 @@ class OpenClawTransport:
             connect = websockets.connect
         try:
             async with connect(url, max_size=None) as ws:
+                ws = _wrap_debug(ws)
                 self._active_ws = ws
                 try:
                     return await drive_chat(
@@ -428,6 +466,7 @@ class OpenClawTransport:
             connect = websockets.connect
         try:
             async with connect(url, max_size=None) as ws:
+                ws = _wrap_debug(ws)
                 await ws.send(json.dumps(connect_frame()))
                 loop = asyncio.get_running_loop()
                 deadline = loop.time() + self.turn_timeout