tiennm99/goclaw
1
0
Fork 0
mirror of https://github.com/tiennm99/goclaw.git synced 2026-06-10 06:10:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
4e9f155a4c8ca9400a50cd4fedc90dfd896f4e54
goclaw/internal/store/secure_cli_store.go
T
Goon 75c570e951 feat(security): credentialed exec + HTTP RBAC + API key cache (#197) 
- Secure CLI credential injection via AES-256-GCM encrypted env vars
- API key management with fine-grained RBAC scopes
- resolveAuth/requireAuth middleware across all 25+ HTTP handlers
- In-memory API key cache with TTL, negative caching, pubsub invalidation
- Sandbox-first execution (fails if unavailable, no silent fallback)
- Credential scrubbing, constant-time token comparison, Admin-only CLI creds
- SQL migration 000020: secure_cli_binaries + api_keys tables
- 14 unit tests for cache and RBAC with race detector

Closes #197
2026-03-15 20:13:18 +07:00

43 lines
1.9 KiB
Go
Raw Blame History

package store
import (
"context"
"encoding/json"
"github.com/google/uuid"
)
// SecureCLIBinary represents a CLI binary with auto-injected credentials.
// Credentials are encrypted at rest and injected into child processes via Direct Exec Mode.
type SecureCLIBinary struct {
BaseModel
BinaryName string `json:"binary_name"`
BinaryPath *string `json:"binary_path,omitempty"`
Description string `json:"description"`
EncryptedEnv []byte `json:"-"` // AES-256-GCM encrypted JSON — never serialized to API
DenyArgs json.RawMessage `json:"deny_args"` // regex patterns for blocked subcommands
DenyVerbose json.RawMessage `json:"deny_verbose"` // blocked verbose/debug flags
TimeoutSeconds int `json:"timeout_seconds"`
Tips string `json:"tips"` // hint injected into TOOLS.md context
AgentID *uuid.UUID `json:"agent_id,omitempty"`
Enabled bool `json:"enabled"`
CreatedBy string `json:"created_by"`
}
// SecureCLIStore manages secure CLI binary credential configurations.
type SecureCLIStore interface {
Create(ctx context.Context, b *SecureCLIBinary) error
Get(ctx context.Context, id uuid.UUID) (*SecureCLIBinary, error)
Update(ctx context.Context, id uuid.UUID, updates map[string]any) error
Delete(ctx context.Context, id uuid.UUID) error
List(ctx context.Context) ([]SecureCLIBinary, error)
ListByAgent(ctx context.Context, agentID uuid.UUID) ([]SecureCLIBinary, error)
// LookupByBinary finds the best-matching credential config for a binary name.
// Priority: agent-specific > global (agent_id IS NULL). Returns nil if not found.
LookupByBinary(ctx context.Context, binaryName string, agentID *uuid.UUID) (*SecureCLIBinary, error)
// ListEnabled returns all enabled configs (for TOOLS.md context generation).
ListEnabled(ctx context.Context) ([]SecureCLIBinary, error)
}
Reference in New Issue View Git Blame Copy Permalink