mikael-lovqvists-claude-agent/claude-code-conduit
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Add HMAC auth, user permissions, snake_case rename

Browse Source 
Each request is signed with HMAC-SHA256 over timestamp+body using a
per-user secret loaded from a --secrets file (never env vars or git).
Users have a canApprove list controlling who may approve queued actions.
Queue entries track submitted_by for permission checks on approve/deny.

Also renames all identifiers to snake_case throughout the codebase.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
mikael-lovqvists-claude-agent
2026-03-07 20:18:41 +00:00
parent f02e2a746d
commit 67c1c3f9a4
11 changed files with 226 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
client/conduit.mjs
View File

@@ -1,22 +1,35 @@
// Conduit client module — import this when using conduit programmatically.
// Designed for use by Claude or other tools that want to call conduit actions.
// Usage: const client = create_conduit_client("agent", secret); await client.call_action("list-actions");
import { sign_request } from "./auth.mjs";
const BASE_URL = process.env.CONDUIT_URL || "http://localhost:3015";
export async function callAction(action, params = {}) {
const res = await fetch(`${BASE_URL}/action`, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ action, ...params }),
});
return res.json();
}
export function create_conduit_client(username, secret) {
function auth_headers(body_string) {
return sign_request(secret, username, body_string);
}
export async function listActions() {
return callAction("list-actions");
}
async function call_action(action, params = {}) {
const body_string = JSON.stringify({ action, ...params });
const res = await fetch(`${BASE_URL}/action`, {
method: "POST",
headers: { "Content-Type": "application/json", ...auth_headers(body_string) },
body: body_string,
});
return res.json();
}
export async function getQueue() {
const res = await fetch(`${BASE_URL}/queue`);
return res.json();
async function list_actions() {
return call_action("list-actions");
}
async function get_queue() {
const res = await fetch(`${BASE_URL}/queue`, {
headers: auth_headers(""),
});
return res.json();
}
return { call_action, list_actions, get_queue };
}