romtuck/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8262a03060
openclaw/extensions
History
gerald Ruby 8262a03060 feat: add GitHub 2FA gate extension for sensitive tools 
Add a new extension that gates sensitive tool calls (exec, Bash, Write,
Edit, NotebookEdit) behind GitHub Device Flow authentication. Users must
approve on GitHub Mobile or enter a code at github.com/login/device
before the bot can execute dangerous operations.

Key changes:
- Wire up before_tool_call hook in tool execution path (tool-hook-wrapper.ts)
- Create 2fa-github extension with:
  - GitHub Device Authorization Flow implementation
  - File-based session store with TTL (~/.clawdbot/2fa-sessions.json)
  - Non-blocking flow: returns immediately with code, user retries after approval
  - Configurable tool list and session TTL (default 30 min)

Configuration:
  plugins.entries.2fa-github.config.clientId: "Ov23..."
  # or GITHUB_2FA_CLIENT_ID env var

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-29 11:32:13 -08:00
..
2fa-github feat: add GitHub 2FA gate extension for sensitive tools 2026-01-29 11:32:13 -08:00
bluebubbles chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
copilot-proxy chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
diagnostics-otel chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
discord chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
google-antigravity-auth chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
google-gemini-cli-auth chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
googlechat chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
imessage chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
line chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
llm-task chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
lobster chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
matrix chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
mattermost chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
memory-core chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
memory-lancedb chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
msteams chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
nextcloud-talk chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
nostr chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
open-prose chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
qwen-portal-auth fix: enforce plugin config schemas (#1272) (thanks @thewilloftheshadow) 2026-01-20 11:03:17 +00:00
signal chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
slack chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
telegram chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
tlon chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
twitch chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
voice-call chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
whatsapp chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
zalo chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00
zalouser chore(release): bump versions to 2026.1.29 2026-01-29 16:48:13 +00:00