FijdZddlmZddlZddlZddlmZmZmZe hdZ e hdZ e hdZ dZ ejd ZddZdddZddZd dZd!dZ dd"dZdS)#aCredential-pool disk-boundary sanitization helpers. These helpers define which credential-pool entries are references to borrowed runtime secrets and strip raw values before those entries are written to ``auth.json``. They intentionally have no dependency on ``hermes_cli.auth`` so both the pool model and the final auth-store write boundary can share the same policy without import cycles. ) annotationsN)AnyDictMapping>z xai-oauth loopback_pkcez openai-codex device_codez minimax-oauthoauthnousr  anthropic hermes_pkce>scope client_id expires_at expires_in token_type last_status agent_key_id last_refresh expires_at_ms secret_sourcelast_status_atlast_error_codeagent_key_reusedlast_error_reasonlast_error_messagesecret_fingerprintlast_error_reset_atagent_key_expires_atagent_key_expires_inagent_key_obtained_at>tokenapikeysecrettokensapi_keyid_tokenpassword agent_key api_token auth_token credential secret_key credentials oauth_token private_key access_token bearer_token authorization client_secret refresh_token session_token)_api_key _api_token _access_token _auth_token_refresh_token _bearer_token_client_secret _id_token _oauth_token _private_key_session_token _secret_key _password_secret_token_keyz(?<=[a-z0-9])(?=[A-Z])keyrreturnstrct|pd}td|}|ddddS)N_-.)rMstrip_CAMEL_CASE_BOUNDARYsublowerreplace)rKraws A/home/ubuntu/.hermes/hermes-agent/agent/credential_persistence.py_normalize_keyrZas` ciR..   C  " "3 , ,C 99;;  sC ( ( 0 0c : ::source provider_idboolc.t|pd}|sdS|dks|drdSt|pd}||ftvS)zGReturn True when ``source`` points at a borrowed/reference-only secret.rOFmanualzmanual:)rMrSrV startswith_PERSISTABLE_PROVIDER_SOURCES)r\r]normalized_sourcenormalized_providers rYis_borrowed_credential_sourceregsFLb))//117799 uH$$(9(D(DY(O(O$uk/R006688>>@@ !2 3;X XXr[ct|}|r |tvrdS|tvrdS|tS)NFT)rZ_SAFE_SECRETISH_METADATA_KEYS_SECRET_VALUE_KEYSendswith_SECRET_VALUE_SUFFIXES)rK normalizeds rY_is_secret_payload_keyrlrsM$$J 'DDDu'''t   5 6 66r[value str | Nonec|dSt|}|sdStj|dd}d|ddS)Nzutf-8 surrogatepass)errorssha256:)rMhashlibsha256encode hexdigest)rmtextdigests rY_fingerprint_valuerz{se }t u::D t ^DKKKHH I I S S U UF "VCRC[ " ""r[payloadMapping[str, Any]c^dD]*}t||}|r|cS+|D])\}}t|rt|}|r|cS*|d}t |t r|dr|SdS)N)r-r5r9r*r&r(r!rr)rzgetitemsrl isinstancerMra)r{rK fingerprintrmexistings rY_credential_secret_fingerprintrs[(S)9)9::      mmoo## U !# & & #,U33K #""""{{/00H(C  X%8%8%C%C 4r[Dict[str, Any]ct|}t|d|s|St|}d|D}|r||d<|S)aKReturn a disk-safe credential-pool payload. Owned sources (manual entries and Hermes-owned OAuth/device-code state) pass through unchanged. Borrowed/reference-only sources keep labels, source refs, status/cooldown metadata, counters, and a non-reversible fingerprint, but raw secret value fields are removed. r\c8i|]\}}t|||S)rl).0rKrms rY z8sanitize_borrowed_credential_payload..s< C%c** Ur[r!)dictrer~rr)r{r]resultr sanitizeds rY$sanitize_borrowed_credential_payloadrs']]F (H)=)={ K K 088K ,,..I 6*5 &' r[)rKrrLrM)N)r\rr]rrLr^)rKrrLr^)rmrrLrn)r{r|rLrn)r{r|r]rrLr)__doc__ __future__rrtretypingrrr frozensetrbrgrhrjcompilerTrZrerlrzrrrr[rYrso#""""" %%%%%%%%%% !* +++!!!* +++!!.Y   0&"rz";<<;;;; YYYYY7777####(r[