mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-06-21 10:22:18 +00:00
c276b017ad
* feat(relay): authenticate the connector⇄gateway WS channel
The relay gateway may be customer-managed and internet-exposed, so the
connector⇄gateway channel is itself authenticated (distinct from the
platform crypto the relay path sheds). Add gateway/relay/auth.py — a
Python port of the connector's HMAC token + delivery-signature schemes
(relayAuthToken.ts / deliverySigning.ts), verified byte-for-byte against
the connector's compiled TypeScript via cross-language test vectors.
Present an Authorization bearer on the /relay WS upgrade keyed by the
per-gateway secret (resolved from GATEWAY_RELAY_ID / GATEWAY_RELAY_SECRET
in env or config). The connector rejects an unauthenticated/invalid/
revoked upgrade with close 4401.
* feat(relay): signed-HTTP inbound delivery receiver
The connector delivers normalized inbound events to a tenant's gateway
over a signed HTTP POST, not the outbound /relay WS: the connector
instance owning a platform socket is generally not the instance a given
gateway dialed out to, so inbound targets a tenant endpoint that may
load-balance across gateway instances.
Add gateway/relay/inbound_receiver.py — verifies x-relay-signature /
x-relay-timestamp over the EXACT raw request bytes (re-serializing would
break the HMAC: JS JSON.stringify is compact, Python json.dumps spaces)
against the per-tenant delivery key verify list within a 300s replay
window, then dispatches messages to handle_message and interrupts to the
interrupt handler. Wire it into the adapter lifecycle (start in connect()
when a delivery key + bind port are configured, tear down in disconnect();
a purely-outbound dev gateway runs without it).
Refine test_relay_sheds_crypto to distinguish PLATFORM crypto (Discord
ed25519, Twilio/WeCom HMAC — still shed) from the connector⇄gateway
CHANNEL auth (intended): auth.py / inbound_receiver.py are exempt from
the platform-symbol scan but still banned from importing platform-crypto
modules, plus a positive guard that auth.py uses only stdlib hmac/hashlib.
* feat(relay): hermes gateway enroll CLI
Add the gateway half of zero-touch enrollment. `hermes gateway enroll`
resolves a fresh Nous Portal access token (the tenant-proving identity),
POSTs {enrollmentToken, gatewayId} to the connector's /relay/enroll, and
persists GATEWAY_RELAY_ID / GATEWAY_RELAY_SECRET / GATEWAY_RELAY_DELIVERY_KEY
to ~/.hermes/.env. The per-gateway secret authenticates the WS upgrade;
the per-tenant delivery key verifies signed inbound deliveries.
Refuses under is_managed() (hosted installs get the secret stamped in by
the orchestrator). Added as an 'enroll' subcommand on the existing
gateway subparser — not a new top-level command.
* docs(relay): inbound is signed HTTP, not WS; document channel auth
Fix the stale contract: §3/§5 said inbound rode the WS socket (single-
instance only, predates the multi-instance socket-ownership + channel-auth
model). Inbound + connector→gateway interrupt are signed HTTP POSTs to the
tenant endpoint. Add §6.1 documenting the two channel-auth schemes (per-
gateway WS-upgrade secret, per-tenant inbound delivery key) and how they
differ from the platform crypto the relay path sheds.
* test(relay): update build_gateway_parser callers for cmd_gateway_enroll
The enroll subcommand added cmd_gateway_enroll as a required keyword-only
arg to build_gateway_parser, but two existing parser-extraction tests still
called it with only cmd_gateway/cmd_proxy — failing CI with TypeError.
Thread the new handler through both call sites and add a test asserting
`gateway enroll` dispatches to cmd_gateway_enroll with its flags parsed.
123 lines
3.3 KiB
Python
123 lines
3.3 KiB
Python
"""Unit tests for extracted subcommand parser builders (profile, gateway).
|
|
|
|
Confirms the builders attach the same subactions and ``func=`` dispatch that
|
|
lived inline in ``main()`` before the god-file Phase 2 extraction.
|
|
"""
|
|
|
|
from __future__ import annotations
|
|
|
|
import argparse
|
|
|
|
from hermes_cli.subcommands.gateway import build_gateway_parser
|
|
from hermes_cli.subcommands.profile import build_profile_parser
|
|
|
|
|
|
def _h_gateway(args): # pragma: no cover - identity only
|
|
return "gateway"
|
|
|
|
|
|
def _h_proxy(args): # pragma: no cover - identity only
|
|
return "proxy"
|
|
|
|
|
|
def _h_gateway_enroll(args): # pragma: no cover - identity only
|
|
return "gateway_enroll"
|
|
|
|
|
|
def _h_profile(args): # pragma: no cover - identity only
|
|
return "profile"
|
|
|
|
|
|
def _profile_parser():
|
|
p = argparse.ArgumentParser(prog="hermes")
|
|
sub = p.add_subparsers(dest="command")
|
|
build_profile_parser(sub, cmd_profile=_h_profile)
|
|
return p
|
|
|
|
|
|
def _gateway_parser():
|
|
p = argparse.ArgumentParser(prog="hermes")
|
|
sub = p.add_subparsers(dest="command")
|
|
build_gateway_parser(
|
|
sub,
|
|
cmd_gateway=_h_gateway,
|
|
cmd_proxy=_h_proxy,
|
|
cmd_gateway_enroll=_h_gateway_enroll,
|
|
)
|
|
return p
|
|
|
|
|
|
def test_profile_subactions_and_dispatch():
|
|
p = _profile_parser()
|
|
ns = p.parse_args(["profile", "list"])
|
|
assert ns.command == "profile"
|
|
assert ns.profile_action == "list"
|
|
assert ns.func is _h_profile
|
|
# a representative arg-taking subaction
|
|
ns2 = p.parse_args(["profile", "show", "work"])
|
|
assert ns2.profile_action == "show"
|
|
|
|
|
|
def test_profile_has_expected_actions():
|
|
p = _profile_parser()
|
|
# Map each subaction to a minimal valid argv suffix.
|
|
cases = {
|
|
"list": [],
|
|
"use": ["work"],
|
|
"create": ["work"],
|
|
"delete": ["work"],
|
|
"show": ["work"],
|
|
"rename": ["old", "new"],
|
|
"export": ["work"],
|
|
"import": ["/tmp/x.zip"],
|
|
}
|
|
for action, extra in cases.items():
|
|
ns = p.parse_args(["profile", action, *extra])
|
|
assert ns.profile_action == action
|
|
|
|
|
|
def test_gateway_and_proxy_dispatch():
|
|
p = _gateway_parser()
|
|
gw = p.parse_args(["gateway", "run"])
|
|
assert gw.command == "gateway"
|
|
assert gw.func is _h_gateway
|
|
px = p.parse_args(["proxy"])
|
|
assert px.command == "proxy"
|
|
assert px.func is _h_proxy
|
|
|
|
|
|
def test_gateway_accept_hooks_flag():
|
|
p = _gateway_parser()
|
|
ns = p.parse_args(["gateway", "run", "--accept-hooks"])
|
|
assert ns.accept_hooks is True
|
|
|
|
|
|
def test_gateway_lifecycle_accepts_legacy_platform_flag():
|
|
p = _gateway_parser()
|
|
for action in ("start", "restart", "status"):
|
|
ns = p.parse_args(["gateway", action, "--platform", "photon"])
|
|
assert ns.gateway_command == action
|
|
assert ns.platform == "photon"
|
|
assert ns.func is _h_gateway
|
|
|
|
|
|
def test_gateway_enroll_dispatch():
|
|
p = _gateway_parser()
|
|
ns = p.parse_args(
|
|
[
|
|
"gateway",
|
|
"enroll",
|
|
"--token",
|
|
"tok",
|
|
"--connector-url",
|
|
"wss://connector.example.com/relay",
|
|
"--gateway-id",
|
|
"gw-1",
|
|
]
|
|
)
|
|
assert ns.command == "gateway"
|
|
assert ns.gateway_command == "enroll"
|
|
assert ns.func is _h_gateway_enroll
|
|
assert ns.token == "tok"
|
|
assert ns.connector_url == "wss://connector.example.com/relay"
|
|
assert ns.gateway_id == "gw-1"
|