feat(rust): smooth-operator local-flavor seams (LocalTokenVerifier, builder auth/tools, widget serving)#108
Merged
Merged
Conversation
|
The smooth daemon runs the operator's LOCAL deployment flavor in-process. This adds the seams it needs, rebased onto main (drops the earlier bespoke extra_tools seam in favor of #68's ToolProvider — no collision): - LocalTokenVerifier (auth.rs): shared-secret AuthVerifier, constant-time, fail-closed; gates stray local processes without the JWT/IdP machinery. Rides the same ?token= / send_message.token slot. Exported. - LocalServerBuilder::auth(Arc<dyn AuthVerifier>) — install a verifier (was hardcoded NoAuthVerifier). - LocalServerBuilder::tools(Arc<dyn ToolProvider>) — install a host ToolProvider (#68's seam) so the runner merges its per-turn tools; the daemon passes an OS-sandboxed shell + egress provider. - Widget serving: LocalServerBuilder::serve_widget(token) + AppState::with_widget + router mounts / (host page, token JSON-injected) and /chat-widget.iife.js. Vendored the prebuilt @smooai/smooth-operator widget bundle under assets/. Off by default — K8s/Lambda never mount it. Tests: LocalTokenVerifier accept/reject; builder auth/tools/widget seams thread into AppState; router mounts the widget routes; widget off by default. 96 server + 44 auth tests pass; clippy/fmt clean. Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]> Claude-Session: https://claude.ai/code/session_016wBikCFJyoowRokiWK5rX1
1675162 to
cd9898d
Compare
brentrager
added a commit
that referenced
this pull request
Jun 25, 2026
…smoke drift) (#111) sync-versions.mjs stamped every published member Cargo.toml [package] version on a release but never touched rust/Cargo.lock — so the lockfile pinned the OLD versions and cargo build --locked (kind-deploy-smoke + every release cargo publish) refused to build until someone hand-synced it (bit #85, #108). Now the script also stamps the lock: bump the version of each [[package]] whose name is one of the lockstep published members (NOT -core, NOT the non-published lambda/examples at 0.1.0). Verified by simulating a 1.8.0 release → toml + lock advance together → --locked builds; lambda stays 0.1.0, core stays 0.14.1. Claude-Session: https://claude.ai/code/session_01U7Mn93HpqhSgEmX6tRdPAv Co-authored-by: Claude Opus 4.8 (1M context) <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Lands the local deployment-flavor seams the smooth daemon needs to run the operator in-process (closes th-845d79 on merge — the daemon repoints its path-deps off the worktree). Rebased onto current main (HITL + tool-call + citations + auth-verifier all landed since the branch base) — clean rebase, no conflicts.
The 4 seams (Rust reference):
LocalTokenVerifier— shared-secretAuthVerifier(constant-time, fail-closed), exported from the crate root (auth.rs,lib.rs).LocalServerBuilder::auth(Arc<dyn AuthVerifier>)— install a verifier on the local flavor (was hardcodedNoAuthVerifier).LocalServerBuilder::tools(Arc<dyn ToolProvider>)— reuses feat: agent injection seams — custom tools + per-org persona #68's existingToolProvider/AppState::with_toolsseam (NOT a parallelextra_toolsfield — avoids the collision, as coordinated).LocalServerBuilder::serve_widget(token)+AppState::with_widget; router mounts/(host page, token injected) +/chat-widget.iife.js; vendored prebuilt widget bundle underassets/. Off by default (K8s/Lambda never mount it).All additive — default behavior unchanged. Verified on current main: server + auth-crate suites green, local-flavor tests pass, fmt + clippy clean.
🤖 Generated with Claude Code