Shared auth runtime for OpenClaw skills

Go to file

ywkj dabcddb05e Build and Release auth-rt / build (amd64, darwin) (push) Failing after 2m53s Details Build and Release auth-rt / build (amd64, linux) (push) Failing after 1m16s Details Build and Release auth-rt / build (arm64, darwin) (push) Failing after 1m9s Details Build and Release auth-rt / build (arm64, linux) (push) Failing after 1m15s Details Build and Release auth-rt / release (push) Has been skipped Details feat: Go 重写 auth-rt CLI，真正的零依赖二进制 - cli/ 目录：完整的 Go 实现（env/cache/auth/http/retry） - install.sh：支持本地编译和 --download 从 release 下载 - .forgejo/workflows/release.yml：CI 交叉编译 darwin/linux × amd64/arm64 - auth-cli.ts：改为调用 auth-rt 二进制（不再需要 bun/node） - 分发策略：skill install.sh 优先从 release 下载，失败则 clone + go build Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>		2026-03-20 20:51:45 +08:00
.forgejo/workflows	feat: Go 重写 auth-rt CLI，真正的零依赖二进制	2026-03-20 20:51:45 +08:00
cli	feat: Go 重写 auth-rt CLI，真正的零依赖二进制	2026-03-20 20:51:45 +08:00
dist	fix: createEnvConfig() now calls loadGlobalEnv() + export functional API	2026-03-20 06:42:07 +08:00
src	feat: Go 重写 auth-rt CLI，真正的零依赖二进制	2026-03-20 20:51:45 +08:00
.gitignore	feat: Go 重写 auth-rt CLI，真正的零依赖二进制	2026-03-20 20:51:45 +08:00
README.md	feat: initial auth-runtime module	2026-03-12 07:33:43 +08:00
bun.lock	feat: initial auth-runtime module	2026-03-12 07:33:43 +08:00
install.sh	feat: Go 重写 auth-rt CLI，真正的零依赖二进制	2026-03-20 20:51:45 +08:00
package.json	fix: 改用 shell wrapper 代替 bun compile（bun 1.x compile 有 bug）	2026-03-20 18:30:56 +08:00
tsconfig.json	feat: initial auth-runtime module	2026-03-12 07:33:43 +08:00

README.md

@clawd/auth-runtime

Shared TypeScript auth runtime for OpenClaw skills.

Features

Token caching with configurable TTL
Automatic token refresh
Session-expired auto retry (401/403)
Environment-based configuration
Type-safe API

Installation

bun add file:../../_shared/auth-runtime

Usage

import {
  createEnvConfig,
  getAccessToken,
  requestApiWithAutoRefresh,
} from '@clawd/auth-runtime';

const config = createEnvConfig();
const token = await getAccessToken(false, config);

const result = await requestApiWithAutoRefresh(
  'POST',
  `${config.authBase}/ecom/tasks/scrape`,
  false,
  config,
  JSON.stringify({ url: 'https://detail.1688.com/offer/123.html' }),
  token,
);

API

Functions

`createEnvConfig(): EnvConfig`

Create configuration from environment variables:

AUTH_BASE: Auth base URL (default: https://api-gw-test.yuanwei-lnc.com)
CLIENT_KEY: Client key (required)
AUTH_CACHE_DIR: Cache directory (default: /tmp/skill-auth-cache)
AUTH_MIN_TTL_SEC: Minimum token TTL in seconds (default: 60)

`getAccessToken(dryRun, config): Promise<string>`

Get access token with caching.

`refreshAccessToken(dryRun, config): Promise<string>`

Refresh access token (bypass cache).

`fetchSessionJson(dryRun, config): Promise<SessionResponse>`

Fetch session JSON from auth endpoint.

`requestApi(method, url, authToken?, body?): Promise<ApiResponse>`

Make HTTP request with optional authorization header.

`isRetryableSessionError(response): boolean`

Check whether response likely indicates expired runtime session.

`requestApiWithAutoRefresh(method, url, dryRun, config, body?, accessToken?): Promise<ApiResponse>`

Call API with one automatic token refresh + retry on session-expired style errors.

Types

`EnvConfig`

Environment configuration.

`SessionResponse`

Session response from auth endpoint.

`CachedTokenData`

Cached token data.

`HttpMethod`

Supported HTTP methods.

`ApiResponse`

HTTP response.

Building

bun run build