()
| 678 | }); |
| 679 | |
| 680 | const registerIpcHandlers = () => { |
| 681 | ipcMain.handle("executor:server:connection", (): DesktopServerConnection | null => |
| 682 | connection ? toDesktopServerConnection(connection) : null, |
| 683 | ); |
| 684 | // The bearer token, exposed only for the "Connect an agent" install command |
| 685 | // (an external agent needs it in plaintext). The renderer's own requests |
| 686 | // never use it — the header is injected at the session layer. |
| 687 | ipcMain.handle("executor:server:auth-token", (): string | null => connection?.authToken ?? null); |
| 688 | ipcMain.handle("executor:settings:get", (): DesktopServerSettings => getServerSettings()); |
| 689 | ipcMain.handle( |
| 690 | "executor:settings:update", |
| 691 | (_evt, patch: Partial<DesktopServerSettings>): DesktopServerSettings => |
| 692 | updateServerSettings(patch), |
| 693 | ); |
| 694 | // Rotate the bearer token (auth.json). A supervised daemon must be restarted |
| 695 | // so it re-reads auth.json at boot, then re-attached; a managed sidecar is |
| 696 | // restarted in-process. Either way the webview header is re-injected. |
| 697 | ipcMain.handle("executor:server:rotate-token", async (): Promise<DesktopServerConnection> => { |
| 698 | rotateServerToken(); |
| 699 | if (connection?.supervisedDaemon) { |
| 700 | const previous = connection; |
| 701 | await restartSupervisedService(); |
| 702 | const active = (await waitForSupervisedAttach(15_000)) ?? previous; |
| 703 | connection = active; |
| 704 | installBearerAuthHeader(active.baseUrl, active.authToken); |
| 705 | const window = liveMainWindow(); |
| 706 | if (window) await window.loadURL(webUrlForConnection(active)); |
| 707 | return toDesktopServerConnection(active); |
| 708 | } |
| 709 | return restartSidecarAndReload(); |
| 710 | }); |
| 711 | // Background-service control surface — lets a Settings toggle enable or |
| 712 | // disable the supervised daemon. Disabling tears down the service and falls |
| 713 | // back to a managed sidecar on next launch. |
| 714 | ipcMain.handle("executor:service:status", () => supervisedServiceStatus()); |
| 715 | ipcMain.handle( |
| 716 | "executor:service:set-enabled", |
| 717 | async (_evt, enabled: unknown): Promise<boolean> => { |
| 718 | if (typeof enabled !== "boolean") return false; |
| 719 | if (enabled) { |
| 720 | const settings = getServerSettings(); |
| 721 | await installSupervisedService({ |
| 722 | port: settings.port, |
| 723 | dataDir: DESKTOP_DATA_DIR, |
| 724 | }); |
| 725 | const next = await waitForSupervisedAttach(15_000); |
| 726 | if (next) { |
| 727 | if (connection && !connection.supervisedDaemon) await stopConnection(connection); |
| 728 | connection = next; |
| 729 | armSupervisedMonitor(); |
| 730 | installBearerAuthHeader(next.baseUrl, next.authToken); |
| 731 | const window = liveMainWindow(); |
| 732 | if (window) await window.loadURL(webUrlForConnection(next)); |
| 733 | } |
| 734 | return true; |
| 735 | } |
| 736 | stopSupervisedMonitor(); |
| 737 | await uninstallSupervisedService(DESKTOP_DATA_DIR); |
no test coverage detected