gdmcode 0.1.0__py3-none-any.whl

src/remote/server.py

@@ -0,0 +1,586 @@
+"""RemoteServer — HTTP + WebSocket LAN bridge for phone-based agent control."""
+from __future__ import annotations
+
+import asyncio
+import base64
+import hashlib
+import json
+import logging
+import queue
+import secrets
+from typing import TYPE_CHECKING
+
+from src.remote.command_filter import RemoteCommandFilter
+from src.remote.models import InputMessage as RemoteInputMessage
+from src.remote.permission_handler import RemotePermissionPromptHandler, _put_send_queue
+from src.remote.token_manager import PairingTokenService
+from src.remote.phone_ui import AuditLog, get_html as _get_phone_ui_html, CSP_HEADER as _CSP_HEADER
+
+if TYPE_CHECKING:
+    pass
+
+__all__ = ["RemoteServer"]
+
+log = logging.getLogger(__name__)
+
+_WS_MAGIC = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
+
+# WebSocket frame opcodes
+_OP_CONTINUATION = 0x0
+_OP_TEXT = 0x1
+_OP_BINARY = 0x2
+_OP_CLOSE = 0x8
+_OP_PING = 0x9
+_OP_PONG = 0xA
+
+_HTML_PAGE = """\
+<!DOCTYPE html>
+<html lang="en">
+<head><meta charset="utf-8"><title>gdm remote</title>
+<meta name="viewport" content="width=device-width,initial-scale=1">
+<style>body{font-family:monospace;padding:1em}
+#status{color:#888;margin-bottom:1em}
+#transcript{white-space:pre-wrap;border:1px solid #ccc;padding:.5em;min-height:4em}</style>
+</head>
+<body>
+<h1>gdm remote</h1>
+<div id="status">Disconnected</div>
+<div id="transcript"></div>
+<script>
+const csrfCookie = document.cookie.split(';').map(c=>c.trim())
+  .find(c=>c.startsWith('csrf='));
+const csrfToken = csrfCookie ? csrfCookie.split('=')[1] : '';
+const ws = new WebSocket('ws://' + location.host + '/ws');
+ws.onopen = () => { document.getElementById('status').textContent = 'Connected'; };
+ws.onclose = () => { document.getElementById('status').textContent = 'Disconnected'; };
+ws.onmessage = (e) => {
+  const msg = JSON.parse(e.data);
+  if (msg.type === 'transcript') {
+    document.getElementById('transcript').textContent += msg.text + '\\n';
+  }
+};
+</script>
+</body></html>
+"""
+
+_STATUS_TEXT = {
+    200: "OK",
+    201: "Created",
+    400: "Bad Request",
+    401: "Unauthorized",
+    403: "Forbidden",
+    404: "Not Found",
+    500: "Internal Server Error",
+}
+
+
+def _ws_accept_key(client_key: str) -> str:
+    digest = hashlib.sha1((client_key + _WS_MAGIC).encode()).digest()
+    return base64.b64encode(digest).decode()
+
+
+def _parse_cookies(header: str) -> dict[str, str]:
+    result: dict[str, str] = {}
+    for part in header.split(";"):
+        name, _, value = part.strip().partition("=")
+        if name:
+            result[name.strip()] = value.strip()
+    return result
+
+
+async def _ws_read_frame(
+    reader: asyncio.StreamReader,
+) -> tuple[int, bytes]:
+    """Read one WebSocket frame; returns (opcode, unmasked_payload)."""
+    header = await reader.readexactly(2)
+    opcode = header[0] & 0x0F
+    masked = bool(header[1] & 0x80)
+    payload_len = header[1] & 0x7F
+
+    if payload_len == 126:
+        payload_len = int.from_bytes(await reader.readexactly(2), "big")
+    elif payload_len == 127:
+        payload_len = int.from_bytes(await reader.readexactly(8), "big")
+
+    mask_key = await reader.readexactly(4) if masked else b""
+    payload = bytearray(await reader.readexactly(payload_len))
+
+    if masked:
+        for i in range(len(payload)):
+            payload[i] ^= mask_key[i % 4]
+
+    return opcode, bytes(payload)
+
+
+async def _ws_write_frame(
+    writer: asyncio.StreamWriter, opcode: int, payload: bytes
+) -> None:
+    """Write one WebSocket frame (server→client, always unmasked)."""
+    hdr = bytearray()
+    hdr.append(0x80 | opcode)  # FIN=1
+    plen = len(payload)
+    if plen <= 125:
+        hdr.append(plen)
+    elif plen <= 65535:
+        hdr.append(126)
+        hdr.extend(plen.to_bytes(2, "big"))
+    else:
+        hdr.append(127)
+        hdr.extend(plen.to_bytes(8, "big"))
+    writer.write(bytes(hdr) + payload)
+    await writer.drain()
+
+
+async def _try_queue_get(q: queue.Queue, timeout: float = 0.05):
+    """Non-blocking get from a threading.Queue in async context."""
+
+    def _get():
+        try:
+            return q.get(timeout=timeout)
+        except queue.Empty:
+            return None
+
+    loop = asyncio.get_running_loop()
+    return await loop.run_in_executor(None, _get)
+
+
+class RemoteServer:
+    """HTTP + WebSocket LAN server.
+
+    HTTP routes
+    -----------
+    GET /health   → {"status": "ok", "version": "1"}
+    GET /         → minimal phone UI (HTML)
+    POST /pair    → exchange pairing token, set session + CSRF cookies
+
+    WebSocket
+    ---------
+    GET /ws       → authenticated, CSRF-protected WebSocket connection
+    """
+
+    def __init__(
+        self,
+        input_broker,
+        event_fanout,
+        permission_bridge,
+        port: int = 8765,
+    ) -> None:
+        self._input_broker = input_broker
+        self._event_fanout = event_fanout
+        self._permission_bridge = permission_bridge
+        self._port = port
+        self._token_manager = PairingTokenService()
+        self._command_filter = RemoteCommandFilter()
+        self._audit_log = AuditLog()
+        # session_cookie_value → csrf_token
+        self._sessions: dict[str, str] = {}
+        self._server: asyncio.Server | None = None
+
+    async def start(self) -> None:
+        self._server = await asyncio.start_server(
+            self._handle_connection, "0.0.0.0", self._port
+        )
+        log.info("RemoteServer listening on port %d", self._port)
+
+    async def stop(self) -> None:
+        if self._server:
+            self._server.close()
+            await self._server.wait_closed()
+            self._server = None
+            log.info("RemoteServer stopped")
+
+    # ------------------------------------------------------------------
+    # Connection entry-point
+    # ------------------------------------------------------------------
+
+    async def _handle_connection(
+        self, reader: asyncio.StreamReader, writer: asyncio.StreamWriter
+    ) -> None:
+        try:
+            await self._dispatch(reader, writer)
+        except Exception:
+            log.debug("connection handler exception", exc_info=True)
+        finally:
+            try:
+                writer.close()
+                await writer.wait_closed()
+            except Exception:
+                pass
+
+    async def _dispatch(
+        self, reader: asyncio.StreamReader, writer: asyncio.StreamWriter
+    ) -> None:
+        # Read request line
+        try:
+            raw_line = await asyncio.wait_for(reader.readline(), timeout=10.0)
+        except asyncio.TimeoutError:
+            return
+        if not raw_line:
+            return
+
+        parts = raw_line.decode("ascii", "surrogateescape").strip().split(" ", 2)
+        if len(parts) < 2:
+            return
+        method, path = parts[0].upper(), parts[1]
+
+        # Read headers
+        headers: dict[str, str] = {}
+        while True:
+            try:
+                line = await asyncio.wait_for(reader.readline(), timeout=5.0)
+            except asyncio.TimeoutError:
+                return
+            if line in (b"\r\n", b"\n", b""):
+                break
+            decoded = line.decode("ascii", "surrogateescape").strip()
+            if ":" in decoded:
+                name, _, value = decoded.partition(":")
+                headers[name.strip().lower()] = value.strip()
+
+        # WebSocket upgrade?
+        is_upgrade = (
+            "upgrade" in headers.get("connection", "").lower()
+            and headers.get("upgrade", "").lower() == "websocket"
+        )
+        if is_upgrade:
+            await self._handle_ws_upgrade(reader, writer, path, headers)
+            return
+
+        # Plain HTTP routing
+        await self._route_http(reader, writer, method, path, headers)
+
+    # ------------------------------------------------------------------
+    # HTTP routing
+    # ------------------------------------------------------------------
+
+    async def _route_http(
+        self,
+        reader: asyncio.StreamReader,
+        writer: asyncio.StreamWriter,
+        method: str,
+        path: str,
+        headers: dict[str, str],
+    ) -> None:
+        if method == "GET" and path == "/health":
+            await self._send_json(writer, 200, {"status": "ok", "version": "1"})
+
+        elif method == "GET" and path == "/":
+            html = _get_phone_ui_html().encode("utf-8")
+            await self._send_response(
+                writer,
+                200,
+                [
+                    ("Content-Type", "text/html; charset=utf-8"),
+                    ("Content-Security-Policy", _CSP_HEADER),
+                ],
+                html,
+            )
+
+        elif method == "POST" and path == "/pair":
+            cl = int(headers.get("content-length", 0))
+            body = await reader.read(cl) if cl > 0 else b""
+            await self._handle_pair(writer, body)
+
+        else:
+            await self._send_response(writer, 404, [], b"Not Found")
+
+    async def _handle_pair(
+        self, writer: asyncio.StreamWriter, body: bytes
+    ) -> None:
+        try:
+            data = json.loads(body) if body else {}
+            token = str(data.get("token", ""))
+        except (json.JSONDecodeError, ValueError):
+            await self._send_json(writer, 400, {"error": "invalid body"})
+            return
+
+        try:
+            session_value = self._token_manager.exchange(token)
+        except ValueError as exc:
+            await self._send_json(writer, 401, {"error": str(exc)})
+            return
+
+        csrf_token = secrets.token_urlsafe(32)
+        self._sessions[session_value] = csrf_token
+
+        await self._send_response(
+            writer,
+            200,
+            [
+                ("Content-Type", "application/json"),
+                (
+                    "Set-Cookie",
+                    f"session={session_value}; HttpOnly; SameSite=Strict; Path=/",
+                ),
+                ("Set-Cookie", f"csrf={csrf_token}; SameSite=Strict; Path=/"),
+            ],
+            json.dumps({"status": "ok"}).encode(),
+        )
+
+    # ------------------------------------------------------------------
+    # HTTP response helpers
+    # ------------------------------------------------------------------
+
+    async def _send_json(
+        self, writer: asyncio.StreamWriter, status: int, data: dict
+    ) -> None:
+        body = json.dumps(data).encode()
+        await self._send_response(
+            writer, status, [("Content-Type", "application/json")], body
+        )
+
+    async def _send_response(
+        self,
+        writer: asyncio.StreamWriter,
+        status: int,
+        headers: list[tuple[str, str]],
+        body: bytes,
+    ) -> None:
+        status_text = _STATUS_TEXT.get(status, "Unknown")
+        lines = [
+            f"HTTP/1.1 {status} {status_text}",
+            f"Content-Length: {len(body)}",
+            "Connection: close",
+        ]
+        for name, value in headers:
+            lines.append(f"{name}: {value}")
+        response = "\r\n".join(lines) + "\r\n\r\n"
+        writer.write(response.encode() + body)
+        await writer.drain()
+
+    # ------------------------------------------------------------------
+    # WebSocket upgrade + session
+    # ------------------------------------------------------------------
+
+    async def _handle_ws_upgrade(
+        self,
+        reader: asyncio.StreamReader,
+        writer: asyncio.StreamWriter,
+        path: str,
+        headers: dict[str, str],
+    ) -> None:
+        if path != "/ws":
+            await self._send_response(writer, 404, [], b"Not Found")
+            return
+
+        # Authenticate via session cookie
+        cookies = _parse_cookies(headers.get("cookie", ""))
+        session_value = cookies.get("session", "")
+        if not session_value or session_value not in self._sessions:
+            await self._send_response(writer, 401, [], b"Unauthorized")
+            return
+
+        # CSRF double-submit check
+        stored_csrf = self._sessions[session_value]
+        csrf_cookie = cookies.get("csrf", "")
+        csrf_header = headers.get("x-csrf-token", "")
+        if not csrf_header or csrf_header != stored_csrf or csrf_cookie != stored_csrf:
+            await self._send_response(writer, 403, [], b"CSRF check failed")
+            return
+
+        # Complete WebSocket handshake
+        ws_key = headers.get("sec-websocket-key", "")
+        accept = _ws_accept_key(ws_key)
+        handshake = (
+            "HTTP/1.1 101 Switching Protocols\r\n"
+            "Upgrade: websocket\r\n"
+            "Connection: Upgrade\r\n"
+            f"Sec-WebSocket-Accept: {accept}\r\n"
+            "\r\n"
+        )
+        writer.write(handshake.encode())
+        await writer.drain()
+
+        await self._ws_session(reader, writer)
+
+    async def _ws_session(
+        self, reader: asyncio.StreamReader, writer: asyncio.StreamWriter
+    ) -> None:
+        conn_id = secrets.token_hex(8)
+        sub_queue: queue.Queue = self._event_fanout.subscribe(conn_id, maxsize=100)
+        send_queue: asyncio.Queue[str] = asyncio.Queue(maxsize=100)
+        permission_handler = RemotePermissionPromptHandler(send_queue)
+        stop_event = asyncio.Event()
+        tasks: set[asyncio.Task] = set()
+
+        # Send initial session state
+        await _put_send_queue(
+            send_queue,
+            json.dumps({"type": "state", "status": "connected", "turn": 0, "cost_usd": 0.0}),
+        )
+
+        try:
+            await asyncio.gather(
+                self._ws_sender(writer, send_queue, stop_event),
+                self._ws_fanout_relay(sub_queue, send_queue, stop_event, permission_handler, tasks),
+                self._ws_receiver(reader, writer, send_queue, stop_event, permission_handler),
+                return_exceptions=True,
+            )
+        finally:
+            stop_event.set()
+            self._event_fanout.unsubscribe(conn_id)
+            permission_handler.cancel_all()
+            # Let any in-flight permission tasks resolve
+            if tasks:
+                await asyncio.gather(*tasks, return_exceptions=True)
+
+    # ------------------------------------------------------------------
+    # WebSocket subtasks
+    # ------------------------------------------------------------------
+
+    async def _ws_sender(
+        self,
+        writer: asyncio.StreamWriter,
+        send_queue: asyncio.Queue,
+        stop_event: asyncio.Event,
+    ) -> None:
+        try:
+            while not stop_event.is_set():
+                try:
+                    msg: str = await asyncio.wait_for(send_queue.get(), timeout=0.1)
+                except asyncio.TimeoutError:
+                    continue
+                await _ws_write_frame(writer, _OP_TEXT, msg.encode())
+        except (ConnectionError, BrokenPipeError, asyncio.IncompleteReadError):
+            pass
+        except asyncio.CancelledError:
+            pass
+        finally:
+            stop_event.set()
+
+    async def _ws_fanout_relay(
+        self,
+        sub_queue: queue.Queue,
+        send_queue: asyncio.Queue,
+        stop_event: asyncio.Event,
+        permission_handler: RemotePermissionPromptHandler,
+        tasks: set,
+    ) -> None:
+        try:
+            while not stop_event.is_set():
+                event = await _try_queue_get(sub_queue, timeout=0.05)
+                if event is None:
+                    continue
+
+                if event.type == "permission_request":
+                    payload = event.payload or {}
+                    bridge_request_id = payload.get("request_id", "")
+                    description = payload.get("prompt", "")
+                    risk_level = payload.get("risk_level", "medium")
+                    task = asyncio.create_task(
+                        self._do_permission(
+                            bridge_request_id, description, risk_level, permission_handler
+                        )
+                    )
+                    tasks.add(task)
+                    task.add_done_callback(tasks.discard)
+                else:
+                    msg = self._format_event(event)
+                    if msg:
+                        await _put_send_queue(send_queue, msg)
+        except asyncio.CancelledError:
+            pass
+        finally:
+            stop_event.set()
+
+    async def _do_permission(
+        self,
+        bridge_request_id: str,
+        description: str,
+        risk_level: str,
+        permission_handler: RemotePermissionPromptHandler,
+    ) -> None:
+        approved = await permission_handler(description, risk_level)
+        self._permission_bridge.respond(bridge_request_id, approved)
+
+    def _format_event(self, event) -> str | None:
+        """Convert a SessionEvent to a JSON string for the WebSocket client."""
+        if event.type == "transcript":
+            p = event.payload or {}
+            return json.dumps(
+                {"type": "transcript", "text": str(p.get("text", "")), "turn": int(p.get("turn", 0))}
+            )
+        if event.type == "state":
+            p = event.payload or {}
+            return json.dumps(
+                {
+                    "type": "state",
+                    "status": str(p.get("status", "unknown")),
+                    "turn": int(p.get("turn", 0)),
+                    "cost_usd": float(p.get("cost_usd", 0.0)),
+                }
+            )
+        # Forward other event types as generic messages
+        return json.dumps({"type": "event", "event_type": event.type, "payload": event.payload})
+
+    async def _ws_receiver(
+        self,
+        reader: asyncio.StreamReader,
+        writer: asyncio.StreamWriter,
+        send_queue: asyncio.Queue,
+        stop_event: asyncio.Event,
+        permission_handler: RemotePermissionPromptHandler,
+    ) -> None:
+        try:
+            while not stop_event.is_set():
+                try:
+                    opcode, payload = await asyncio.wait_for(
+                        _ws_read_frame(reader), timeout=0.5
+                    )
+                except asyncio.TimeoutError:
+                    continue
+                except (asyncio.IncompleteReadError, ConnectionError, EOFError):
+                    break
+
+                if opcode == _OP_PING:
+                    await _ws_write_frame(writer, _OP_PONG, payload)
+                elif opcode == _OP_CLOSE:
+                    close_payload = payload[:2] if len(payload) >= 2 else b""
+                    try:
+                        await _ws_write_frame(writer, _OP_CLOSE, close_payload)
+                    except Exception:
+                        pass
+                    break
+                elif opcode == _OP_TEXT:
+                    await self._handle_ws_message(
+                        payload.decode("utf-8", "replace"),
+                        send_queue,
+                        permission_handler,
+                    )
+        except asyncio.CancelledError:
+            pass
+        finally:
+            stop_event.set()
+
+    async def _handle_ws_message(
+        self,
+        text: str,
+        send_queue: asyncio.Queue,
+        permission_handler: RemotePermissionPromptHandler,
+    ) -> None:
+        try:
+            data = json.loads(text)
+        except json.JSONDecodeError:
+            log.warning("RemoteServer: invalid JSON from client: %r", text)
+            return
+
+        msg_type = data.get("type")
+
+        if msg_type == "ping":
+            await _put_send_queue(send_queue, json.dumps({"type": "pong"}))
+
+        elif msg_type == "input":
+            raw_text = data.get("text", "")
+            is_cmd = raw_text.startswith("/")
+            input_msg = RemoteInputMessage(text=raw_text, command=is_cmd)
+            filtered = self._command_filter.filter(input_msg)
+            if filtered is not None:
+                self._input_broker.put("remote", filtered.text)
+            self._audit_log.record("input_sent", {"text": raw_text[:200]})
+
+        elif msg_type == "permission_response":
+            req_id = data.get("id", "")
+            decision = data.get("decision", "deny")
+            permission_handler.resolve(req_id, decision)
+            action = "permission_approved" if decision == "approve" else "permission_denied"
+            self._audit_log.record(action, {"id": req_id})

src/remote/token_manager.py

@@ -0,0 +1,61 @@
+"""Pairing token service — single-use, TTL-bounded, cryptographically secure."""
+from __future__ import annotations
+import logging
+import secrets
+import threading
+import time
+from dataclasses import dataclass, field
+
+__all__ = ["PairingTokenService"]
+
+log = logging.getLogger(__name__)
+
+_TTL = 90.0  # seconds
+
+
+@dataclass
+class _Token:
+    value: str
+    issued_at: float
+    used: bool = False
+
+
+class PairingTokenService:
+    """Issues single-use pairing tokens with a 90-second TTL.
+
+    Thread-safe.  Tokens are never logged.
+    """
+
+    def __init__(self) -> None:
+        self._tokens: dict[str, _Token] = {}
+        self._lock = threading.Lock()
+
+    def issue(self) -> str:
+        """Return a new cryptographically random token."""
+        token = secrets.token_urlsafe(32)
+        with self._lock:
+            self._tokens[token] = _Token(value=token, issued_at=time.time())
+        return token
+
+    def exchange(self, token: str) -> str:
+        """Validate token and return a new session cookie value.
+
+        Raises ValueError on unknown, expired, or already-used tokens.
+        """
+        with self._lock:
+            t = self._tokens.get(token)
+            if t is None:
+                raise ValueError("token not found")
+            if t.used:
+                raise ValueError("token already used")
+            if time.time() - t.issued_at > _TTL:
+                del self._tokens[token]
+                raise ValueError("token expired")
+            t.used = True
+            session_value = secrets.token_urlsafe(32)
+        return session_value
+
+    def revoke(self, token: str) -> None:
+        """Remove a token unconditionally."""
+        with self._lock:
+            self._tokens.pop(token, None)