mirror of
https://github.com/alkimake/paperclip.git
synced 2026-06-17 11:20:37 +09:00
270 lines
9.3 KiB
TypeScript
270 lines
9.3 KiB
TypeScript
/**
|
|
* Plugin secrets host-side handler — resolves secret references through the
|
|
* Paperclip secret provider system.
|
|
*
|
|
* When a plugin worker calls `ctx.secrets.resolve(secretRef)`, the JSON-RPC
|
|
* request arrives at the host with `{ secretRef }`. This module provides the
|
|
* concrete `HostServices.secrets` adapter that:
|
|
*
|
|
* 1. Parses the `secretRef` string to identify the secret.
|
|
* 2. Looks up the secret record and its latest version in the database.
|
|
* 3. Delegates to the configured `SecretProviderModule` to decrypt /
|
|
* resolve the raw value.
|
|
* 4. Returns the resolved plaintext value to the worker.
|
|
*
|
|
* ## Secret Reference Format
|
|
*
|
|
* A `secretRef` is a **secret UUID** — the primary key (`id`) of a row in
|
|
* the `company_secrets` table. Operators place these UUIDs into plugin
|
|
* config values; plugin workers resolve them at execution time via
|
|
* `ctx.secrets.resolve(secretId)`.
|
|
*
|
|
* ## Security Invariants
|
|
*
|
|
* - Resolved values are **never** logged, persisted, or included in error
|
|
* messages (per PLUGIN_SPEC.md §22).
|
|
* - The handler is capability-gated: only plugins with `secrets.read-ref`
|
|
* declared in their manifest may call it (enforced by `host-client-factory`).
|
|
* - The host handler itself does not cache resolved values. Each call goes
|
|
* through the secret provider to honour rotation.
|
|
*
|
|
* @see PLUGIN_SPEC.md §22 — Secrets
|
|
* @see host-client-factory.ts — capability gating
|
|
* @see services/secrets.ts — secretService used by agent env bindings
|
|
*/
|
|
|
|
import type { Db } from "@paperclipai/db";
|
|
import type { PaperclipPluginManifestV1 } from "@paperclipai/shared";
|
|
import {
|
|
collectSecretRefPaths,
|
|
isUuidSecretRef,
|
|
readConfigValueAtPath,
|
|
} from "./json-schema-secret-refs.js";
|
|
import { pluginRegistryService } from "./plugin-registry.js";
|
|
import { secretService } from "./secrets.js";
|
|
|
|
export const PLUGIN_SECRET_REFS_REQUIRE_COMPANY_MESSAGE =
|
|
"Plugin secret references require an active company-scoped runtime context";
|
|
|
|
// ---------------------------------------------------------------------------
|
|
// Error helpers
|
|
// ---------------------------------------------------------------------------
|
|
|
|
function invalidSecretRef(secretRef: string): Error {
|
|
const err = new Error(`Invalid secret reference: ${secretRef}`);
|
|
err.name = "InvalidSecretRefError";
|
|
return err;
|
|
}
|
|
|
|
// ---------------------------------------------------------------------------
|
|
// Validation
|
|
// ---------------------------------------------------------------------------
|
|
|
|
/**
|
|
* Extract secret reference UUIDs from a plugin's configJson, scoped to only
|
|
* the fields annotated with `format: "secret-ref"` in the schema.
|
|
*
|
|
* When no schema is provided, falls back to collecting all UUID-shaped strings
|
|
* (backwards-compatible for plugins without a declared instanceConfigSchema).
|
|
*/
|
|
export function extractSecretRefsFromConfig(
|
|
configJson: unknown,
|
|
schema?: Record<string, unknown> | null,
|
|
): Set<string> {
|
|
return new Set(extractSecretRefPathsFromConfig(configJson, schema).keys());
|
|
}
|
|
|
|
export function extractSecretRefPathsFromConfig(
|
|
configJson: unknown,
|
|
schema?: Record<string, unknown> | null,
|
|
): Map<string, Set<string>> {
|
|
const refs = new Map<string, Set<string>>();
|
|
const addRef = (secretRef: string, path: string) => {
|
|
const existing = refs.get(secretRef) ?? new Set<string>();
|
|
existing.add(path);
|
|
refs.set(secretRef, existing);
|
|
};
|
|
if (configJson == null || typeof configJson !== "object") return new Map();
|
|
|
|
const secretPaths = collectSecretRefPaths(schema);
|
|
|
|
// If schema declares secret-ref paths, extract only those values.
|
|
if (secretPaths.size > 0) {
|
|
for (const dotPath of secretPaths) {
|
|
const current = readConfigValueAtPath(configJson as Record<string, unknown>, dotPath);
|
|
if (typeof current === "string" && isUuidSecretRef(current)) {
|
|
addRef(current, dotPath);
|
|
}
|
|
}
|
|
return refs;
|
|
}
|
|
|
|
// Fallback: no schema or no secret-ref annotations — collect all UUIDs.
|
|
// This preserves backwards compatibility for plugins that omit
|
|
// instanceConfigSchema.
|
|
function walkAll(value: unknown): void {
|
|
if (typeof value === "string") {
|
|
if (isUuidSecretRef(value)) addRef(value, "$");
|
|
} else if (Array.isArray(value)) {
|
|
for (const item of value) walkAll(item);
|
|
} else if (value !== null && typeof value === "object") {
|
|
for (const v of Object.values(value as Record<string, unknown>)) walkAll(v);
|
|
}
|
|
}
|
|
|
|
walkAll(configJson);
|
|
return refs;
|
|
}
|
|
|
|
// ---------------------------------------------------------------------------
|
|
// Handler factory
|
|
// ---------------------------------------------------------------------------
|
|
|
|
/**
|
|
* Input shape for the `secrets.resolve` handler.
|
|
*
|
|
* Matches `WorkerToHostMethods["secrets.resolve"][0]` from `protocol.ts`.
|
|
*/
|
|
export interface PluginSecretsResolveParams {
|
|
/** The secret reference string (a secret UUID). */
|
|
secretRef: string;
|
|
/** The company whose scoped plugin config is active for this invocation. */
|
|
companyId?: string | null;
|
|
}
|
|
|
|
/**
|
|
* Options for creating the plugin secrets handler.
|
|
*/
|
|
export interface PluginSecretsHandlerOptions {
|
|
/** Database connection. */
|
|
db: Db;
|
|
/**
|
|
* The plugin ID using this handler.
|
|
* Used for logging context only; never included in error payloads
|
|
* that reach the plugin worker.
|
|
*/
|
|
pluginId: string;
|
|
/** Plugin manifest, used to extract schema-declared secret-ref paths. */
|
|
manifest?: PaperclipPluginManifestV1 | null;
|
|
}
|
|
|
|
/**
|
|
* The `HostServices.secrets` adapter for the plugin host-client factory.
|
|
*/
|
|
export interface PluginSecretsService {
|
|
/**
|
|
* Resolve a secret reference to its current plaintext value.
|
|
*
|
|
* @param params - Contains the `secretRef` (UUID of the secret)
|
|
* @returns The resolved secret value
|
|
* @throws {Error} If the secret is not found, has no versions, or
|
|
* the provider fails to resolve
|
|
*/
|
|
resolve(params: PluginSecretsResolveParams): Promise<string>;
|
|
}
|
|
|
|
/**
|
|
* Create a `HostServices.secrets` adapter for a specific plugin.
|
|
*
|
|
* The returned service looks up secrets by UUID, fetches the latest version
|
|
* material, and delegates to the appropriate `SecretProviderModule` for
|
|
* decryption.
|
|
*
|
|
* @example
|
|
* ```ts
|
|
* const secretsHandler = createPluginSecretsHandler({ db, pluginId });
|
|
* const handlers = createHostClientHandlers({
|
|
* pluginId,
|
|
* capabilities: manifest.capabilities,
|
|
* services: {
|
|
* secrets: secretsHandler,
|
|
* // ...
|
|
* },
|
|
* });
|
|
* ```
|
|
*
|
|
* @param options - Database connection and plugin identity
|
|
* @returns A `PluginSecretsService` suitable for `HostServices.secrets`
|
|
*/
|
|
/** Simple sliding-window rate limiter for secret resolution attempts. */
|
|
function createRateLimiter(maxAttempts: number, windowMs: number) {
|
|
const attempts = new Map<string, number[]>();
|
|
|
|
return {
|
|
check(key: string): boolean {
|
|
const now = Date.now();
|
|
const windowStart = now - windowMs;
|
|
const existing = (attempts.get(key) ?? []).filter((ts) => ts > windowStart);
|
|
if (existing.length >= maxAttempts) return false;
|
|
existing.push(now);
|
|
attempts.set(key, existing);
|
|
return true;
|
|
},
|
|
};
|
|
}
|
|
|
|
export function createPluginSecretsHandler(
|
|
options: PluginSecretsHandlerOptions,
|
|
): PluginSecretsService {
|
|
const { pluginId, manifest } = options;
|
|
const registry = pluginRegistryService(options.db);
|
|
const secrets = secretService(options.db);
|
|
|
|
// Rate limit: max 30 resolution attempts per plugin+company per minute.
|
|
const rateLimiter = createRateLimiter(30, 60_000);
|
|
|
|
return {
|
|
async resolve(params: PluginSecretsResolveParams): Promise<string> {
|
|
const { secretRef } = params;
|
|
|
|
// ---------------------------------------------------------------
|
|
// 1. Validate the ref format
|
|
// ---------------------------------------------------------------
|
|
if (!secretRef || typeof secretRef !== "string" || secretRef.trim().length === 0) {
|
|
throw invalidSecretRef(secretRef ?? "<empty>");
|
|
}
|
|
|
|
const trimmedRef = secretRef.trim();
|
|
|
|
if (!isUuidSecretRef(trimmedRef)) {
|
|
throw invalidSecretRef(trimmedRef);
|
|
}
|
|
|
|
const companyId = typeof params.companyId === "string" ? params.companyId.trim() : "";
|
|
const rateLimitKey = `${pluginId}:${companyId || "__no_company__"}`;
|
|
if (!rateLimiter.check(rateLimitKey)) {
|
|
const err = new Error("Rate limit exceeded for secret resolution");
|
|
err.name = "RateLimitExceededError";
|
|
throw err;
|
|
}
|
|
|
|
if (!companyId) {
|
|
throw new Error(PLUGIN_SECRET_REFS_REQUIRE_COMPANY_MESSAGE);
|
|
}
|
|
|
|
const configRow = await registry.getConfig(pluginId, companyId);
|
|
const refsBySecret = extractSecretRefPathsFromConfig(
|
|
configRow?.configJson ?? {},
|
|
manifest?.instanceConfigSchema,
|
|
);
|
|
const paths = [...(refsBySecret.get(trimmedRef) ?? [])];
|
|
if (paths.length === 0) {
|
|
throw new Error("Secret is not referenced by this company's plugin config");
|
|
}
|
|
if (paths.length > 1) {
|
|
throw new Error(
|
|
`Secret reference is ambiguous in this company's plugin config at: ${paths.join(", ")}`,
|
|
);
|
|
}
|
|
|
|
return secrets.resolveSecretValue(companyId, trimmedRef, "latest", {
|
|
consumerType: "plugin",
|
|
consumerId: pluginId,
|
|
configPath: paths[0],
|
|
actorType: "plugin",
|
|
actorId: pluginId,
|
|
pluginId,
|
|
});
|
|
},
|
|
};
|
|
}
|