feat(secrets): expand SecretRef coverage across user-supplied credentials (#29580)

* feat(secrets): expand secret target coverage and gateway tooling

* docs(secrets): align gateway and CLI secret docs

* chore(protocol): regenerate swift gateway models for secrets methods

* fix(config): restore talk apiKey fallback and stabilize runner test

* ci(windows): reduce test worker count for shard stability

* ci(windows): raise node heap for test shard stability

* test(feishu): make proxy env precedence assertion windows-safe

* fix(gateway): resolve auth password SecretInput refs for clients

* fix(gateway): resolve remote SecretInput credentials for clients

* fix(secrets): skip inactive refs in command snapshot assignments

* fix(secrets): scope gateway.remote refs to effective auth surfaces

* fix(secrets): ignore memory defaults when enabled agents disable search

* fix(secrets): honor Google Chat serviceAccountRef inheritance

* fix(secrets): address tsgo errors in command and gateway collectors

* fix(secrets): avoid auth-store load in providers-only configure

* fix(gateway): defer local password ref resolution by precedence

* fix(secrets): gate telegram webhook secret refs by webhook mode

* fix(secrets): gate slack signing secret refs to http mode

* fix(secrets): skip telegram botToken refs when tokenFile is set

* fix(secrets): gate discord pluralkit refs by enabled flag

* fix(secrets): gate discord voice tts refs by voice enabled

* test(secrets): make runtime fixture modes explicit

* fix(cli): resolve local qr password secret refs

* fix(cli): fail when gateway leaves command refs unresolved

* fix(gateway): fail when local password SecretRef is unresolved

* fix(gateway): fail when required remote SecretRefs are unresolved

* fix(gateway): resolve local password refs only when password can win

* fix(cli): skip local password SecretRef resolution on qr token override

* test(gateway): cast SecretRef fixtures to OpenClawConfig

* test(secrets): activate mode-gated targets in runtime coverage fixture

* fix(cron): support SecretInput webhook tokens safely

* fix(bluebubbles): support SecretInput passwords across config paths

* fix(msteams): make appPassword SecretInput-safe in onboarding/token paths

* fix(bluebubbles): align SecretInput schema helper typing

* fix(cli): clarify secrets.resolve version-skew errors

* refactor(secrets): return structured inactive paths from secrets.resolve

* refactor(gateway): type onboarding secret writes as SecretInput

* chore(protocol): regenerate swift models for secrets.resolve

* feat(secrets): expand extension credential secretref support

* fix(secrets): gate web-search refs by active provider

* fix(onboarding): detect SecretRef credentials in extension status

* fix(onboarding): allow keeping existing ref in secret prompt

* fix(onboarding): resolve gateway password SecretRefs for probe and tui

* fix(onboarding): honor secret-input-mode for local gateway auth

* fix(acp): resolve gateway SecretInput credentials

* fix(secrets): gate gateway.remote refs to remote surfaces

* test(secrets): cover pattern matching and inactive array refs

* docs(secrets): clarify secrets.resolve and remote active surfaces

* fix(bluebubbles): keep existing SecretRef during onboarding

* fix(tests): resolve CI type errors in new SecretRef coverage

* fix(extensions): replace raw fetch with SSRF-guarded fetch

* test(secrets): mark gateway remote targets active in runtime coverage

* test(infra): normalize home-prefix expectation across platforms

* fix(cli): only resolve local qr password refs in password mode

* test(cli): cover local qr token mode with unresolved password ref

* docs(cli): clarify local qr password ref resolution behavior

* refactor(extensions): reuse sdk SecretInput helpers

* fix(wizard): resolve onboarding env-template secrets before plaintext

* fix(cli): surface secrets.resolve diagnostics in memory and qr

* test(secrets): repair post-rebase runtime and fixtures

* fix(gateway): skip remote password ref resolution when token wins

* fix(secrets): treat tailscale remote gateway refs as active

* fix(gateway): allow remote password fallback when token ref is unresolved

* fix(gateway): ignore stale local password refs for none and trusted-proxy

* fix(gateway): skip remote secret ref resolution on local call paths

* test(cli): cover qr remote tailscale secret ref resolution

* fix(secrets): align gateway password active-surface with auth inference

* fix(cli): resolve inferred local gateway password refs in qr

* fix(gateway): prefer resolvable remote password over token ref pre-resolution

* test(gateway): cover none and trusted-proxy stale password refs

* docs(secrets): sync qr and gateway active-surface behavior

* fix: restore stability blockers from pre-release audit

* Secrets: fix collector/runtime precedence contradictions

* docs: align secrets and web credential docs

* fix(rebase): resolve integration regressions after main rebase

* fix(node-host): resolve gateway secret refs for auth

* fix(secrets): harden secretinput runtime readers

* gateway: skip inactive auth secretref resolution

* cli: avoid gateway preflight for inactive secret refs

* extensions: allow unresolved refs in onboarding status

* tests: fix qr-cli module mock hoist ordering

* Security: align audit checks with SecretInput resolution

* Gateway: resolve local-mode remote fallback secret refs

* Node host: avoid resolving inactive password secret refs

* Secrets runtime: mark Slack appToken inactive for HTTP mode

* secrets: keep inactive gateway remote refs non-blocking

* cli: include agent memory secret targets in runtime resolution

* docs(secrets): sync docs with active-surface and web search behavior

* fix(secrets): keep telegram top-level token refs active for blank account tokens

* fix(daemon): resolve gateway password secret refs for probe auth

* fix(secrets): skip IRC NickServ ref resolution when NickServ is disabled

* fix(secrets): align token inheritance and exec timeout defaults

* docs(secrets): clarify active-surface notes in cli docs

* cli: require secrets.resolve gateway capability

* gateway: log auth secret surface diagnostics

* secrets: remove dead provider resolver module

* fix(secrets): restore gateway auth precedence and fallback resolution

* fix(tests): align plugin runtime mock typings

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>

extensions/nextcloud-talk/src/accounts.ts

@@ -8,6 +8,7 @@ import {
   normalizeAccountId,
   normalizeOptionalAccountId,
 } from "openclaw/plugin-sdk/account-id";
+import { normalizeResolvedSecretInputString } from "./secret-input.js";
 import type { CoreConfig, NextcloudTalkAccountConfig } from "./types.js";
 
 function isTruthyEnvValue(value?: string): boolean {
@@ -119,8 +120,12 @@ function resolveNextcloudTalkSecret(
     }
   }
 
-  if (merged.botSecret?.trim()) {
-    return { secret: merged.botSecret.trim(), source: "config" };
+  const inlineSecret = normalizeResolvedSecretInputString({
+    value: merged.botSecret,
+    path: `channels.nextcloud-talk.accounts.${opts.accountId ?? DEFAULT_ACCOUNT_ID}.botSecret`,
+  });
+  if (inlineSecret) {
+    return { secret: inlineSecret, source: "config" };
   }
 
   return { secret: "", source: "none" };

extensions/nextcloud-talk/src/config-schema.test.ts

@@ -0,0 +1,36 @@
+import { describe, expect, it } from "vitest";
+import { NextcloudTalkConfigSchema } from "./config-schema.js";
+
+describe("NextcloudTalkConfigSchema SecretInput", () => {
+  it("accepts SecretRef botSecret and apiPassword at top-level", () => {
+    const result = NextcloudTalkConfigSchema.safeParse({
+      baseUrl: "https://cloud.example.com",
+      botSecret: { source: "env", provider: "default", id: "NEXTCLOUD_TALK_BOT_SECRET" },
+      apiUser: "bot",
+      apiPassword: { source: "env", provider: "default", id: "NEXTCLOUD_TALK_API_PASSWORD" },
+    });
+    expect(result.success).toBe(true);
+  });
+
+  it("accepts SecretRef botSecret and apiPassword on account", () => {
+    const result = NextcloudTalkConfigSchema.safeParse({
+      accounts: {
+        main: {
+          baseUrl: "https://cloud.example.com",
+          botSecret: {
+            source: "env",
+            provider: "default",
+            id: "NEXTCLOUD_TALK_MAIN_BOT_SECRET",
+          },
+          apiUser: "bot",
+          apiPassword: {
+            source: "env",
+            provider: "default",
+            id: "NEXTCLOUD_TALK_MAIN_API_PASSWORD",
+          },
+        },
+      },
+    });
+    expect(result.success).toBe(true);
+  });
+});

extensions/nextcloud-talk/src/config-schema.ts

@@ -9,6 +9,7 @@ import {
   requireOpenAllowFrom,
 } from "openclaw/plugin-sdk";
 import { z } from "zod";
+import { buildSecretInputSchema } from "./secret-input.js";
 
 export const NextcloudTalkRoomSchema = z
   .object({
@@ -27,10 +28,10 @@ export const NextcloudTalkAccountSchemaBase = z
     enabled: z.boolean().optional(),
     markdown: MarkdownConfigSchema,
     baseUrl: z.string().optional(),
-    botSecret: z.string().optional(),
+    botSecret: buildSecretInputSchema().optional(),
     botSecretFile: z.string().optional(),
     apiUser: z.string().optional(),
-    apiPassword: z.string().optional(),
+    apiPassword: buildSecretInputSchema().optional(),
     apiPasswordFile: z.string().optional(),
     dmPolicy: DmPolicySchema.optional().default("pairing"),
     webhookPort: z.number().int().positive().optional(),

extensions/nextcloud-talk/src/onboarding.ts

@@ -1,10 +1,13 @@
 import {
   addWildcardAllowFrom,
   formatDocsLink,
+  hasConfiguredSecretInput,
   mergeAllowFromEntries,
+  promptSingleChannelSecretInput,
   promptAccountId,
   DEFAULT_ACCOUNT_ID,
   normalizeAccountId,
+  type SecretInput,
   type ChannelOnboardingAdapter,
   type ChannelOnboardingDmPolicy,
   type OpenClawConfig,
@@ -216,7 +219,8 @@ export const nextcloudTalkOnboardingAdapter: ChannelOnboardingAdapter = {
     const allowEnv = accountId === DEFAULT_ACCOUNT_ID;
     const canUseEnv = allowEnv && Boolean(process.env.NEXTCLOUD_TALK_BOT_SECRET?.trim());
     const hasConfigSecret = Boolean(
-      resolvedAccount.config.botSecret || resolvedAccount.config.botSecretFile,
+      hasConfiguredSecretInput(resolvedAccount.config.botSecret) ||
+      resolvedAccount.config.botSecretFile,
     );
 
     let baseUrl = resolvedAccount.baseUrl;
@@ -238,59 +242,29 @@ export const nextcloudTalkOnboardingAdapter: ChannelOnboardingAdapter = {
       ).trim();
     }
 
-    let secret: string | null = null;
+    let secret: SecretInput | null = null;
     if (!accountConfigured) {
       await noteNextcloudTalkSecretHelp(prompter);
     }
 
-    if (canUseEnv && !resolvedAccount.config.botSecret) {
-      const keepEnv = await prompter.confirm({
-        message: "NEXTCLOUD_TALK_BOT_SECRET detected. Use env var?",
-        initialValue: true,
-      });
-      if (keepEnv) {
-        next = {
-          ...next,
-          channels: {
-            ...next.channels,
-            "nextcloud-talk": {
-              ...next.channels?.["nextcloud-talk"],
-              enabled: true,
-              baseUrl,
-            },
-          },
-        };
-      } else {
-        secret = String(
-          await prompter.text({
-            message: "Enter Nextcloud Talk bot secret",
-            validate: (value) => (value?.trim() ? undefined : "Required"),
-          }),
-        ).trim();
-      }
-    } else if (hasConfigSecret) {
-      const keep = await prompter.confirm({
-        message: "Nextcloud Talk secret already configured. Keep it?",
-        initialValue: true,
-      });
-      if (!keep) {
-        secret = String(
-          await prompter.text({
-            message: "Enter Nextcloud Talk bot secret",
-            validate: (value) => (value?.trim() ? undefined : "Required"),
-          }),
-        ).trim();
-      }
-    } else {
-      secret = String(
-        await prompter.text({
-          message: "Enter Nextcloud Talk bot secret",
-          validate: (value) => (value?.trim() ? undefined : "Required"),
-        }),
-      ).trim();
+    const secretResult = await promptSingleChannelSecretInput({
+      cfg: next,
+      prompter,
+      providerHint: "nextcloud-talk",
+      credentialLabel: "bot secret",
+      accountConfigured,
+      canUseEnv: canUseEnv && !hasConfigSecret,
+      hasConfigToken: hasConfigSecret,
+      envPrompt: "NEXTCLOUD_TALK_BOT_SECRET detected. Use env var?",
+      keepPrompt: "Nextcloud Talk bot secret already configured. Keep it?",
+      inputPrompt: "Enter Nextcloud Talk bot secret",
+      preferredEnvVar: "NEXTCLOUD_TALK_BOT_SECRET",
+    });
+    if (secretResult.action === "set") {
+      secret = secretResult.value;
     }
 
-    if (secret || baseUrl !== resolvedAccount.baseUrl) {
+    if (secretResult.action === "use-env" || secret || baseUrl !== resolvedAccount.baseUrl) {
       if (accountId === DEFAULT_ACCOUNT_ID) {
         next = {
           ...next,
@@ -328,6 +302,74 @@ export const nextcloudTalkOnboardingAdapter: ChannelOnboardingAdapter = {
       }
     }
 
+    const existingApiUser = resolvedAccount.config.apiUser?.trim();
+    const existingApiPasswordConfigured = Boolean(
+      hasConfiguredSecretInput(resolvedAccount.config.apiPassword) ||
+      resolvedAccount.config.apiPasswordFile,
+    );
+    const configureApiCredentials = await prompter.confirm({
+      message: "Configure optional Nextcloud Talk API credentials for room lookups?",
+      initialValue: Boolean(existingApiUser && existingApiPasswordConfigured),
+    });
+    if (configureApiCredentials) {
+      const apiUser = String(
+        await prompter.text({
+          message: "Nextcloud Talk API user",
+          initialValue: existingApiUser,
+          validate: (value) => (String(value ?? "").trim() ? undefined : "Required"),
+        }),
+      ).trim();
+      const apiPasswordResult = await promptSingleChannelSecretInput({
+        cfg: next,
+        prompter,
+        providerHint: "nextcloud-talk-api",
+        credentialLabel: "API password",
+        accountConfigured: Boolean(existingApiUser && existingApiPasswordConfigured),
+        canUseEnv: false,
+        hasConfigToken: existingApiPasswordConfigured,
+        envPrompt: "",
+        keepPrompt: "Nextcloud Talk API password already configured. Keep it?",
+        inputPrompt: "Enter Nextcloud Talk API password",
+        preferredEnvVar: "NEXTCLOUD_TALK_API_PASSWORD",
+      });
+      const apiPassword = apiPasswordResult.action === "set" ? apiPasswordResult.value : undefined;
+      if (accountId === DEFAULT_ACCOUNT_ID) {
+        next = {
+          ...next,
+          channels: {
+            ...next.channels,
+            "nextcloud-talk": {
+              ...next.channels?.["nextcloud-talk"],
+              enabled: true,
+              apiUser,
+              ...(apiPassword ? { apiPassword } : {}),
+            },
+          },
+        };
+      } else {
+        next = {
+          ...next,
+          channels: {
+            ...next.channels,
+            "nextcloud-talk": {
+              ...next.channels?.["nextcloud-talk"],
+              enabled: true,
+              accounts: {
+                ...next.channels?.["nextcloud-talk"]?.accounts,
+                [accountId]: {
+                  ...next.channels?.["nextcloud-talk"]?.accounts?.[accountId],
+                  enabled:
+                    next.channels?.["nextcloud-talk"]?.accounts?.[accountId]?.enabled ?? true,
+                  apiUser,
+                  ...(apiPassword ? { apiPassword } : {}),
+                },
+              },
+            },
+          },
+        };
+      }
+    }
+
     if (forceAllowFrom) {
       next = await promptNextcloudTalkAllowFrom({
         cfg: next,

extensions/nextcloud-talk/src/room-info.ts

@@ -1,6 +1,8 @@
 import { readFileSync } from "node:fs";
+import { fetchWithSsrFGuard } from "openclaw/plugin-sdk";
 import type { RuntimeEnv } from "openclaw/plugin-sdk";
 import type { ResolvedNextcloudTalkAccount } from "./accounts.js";
+import { normalizeResolvedSecretInputString } from "./secret-input.js";
 
 const ROOM_CACHE_TTL_MS = 5 * 60 * 1000;
 const ROOM_CACHE_ERROR_TTL_MS = 30 * 1000;
@@ -15,11 +17,15 @@ function resolveRoomCacheKey(params: { accountId: string; roomToken: string }) {
 }
 
 function readApiPassword(params: {
-  apiPassword?: string;
+  apiPassword?: unknown;
   apiPasswordFile?: string;
 }): string | undefined {
-  if (params.apiPassword?.trim()) {
-    return params.apiPassword.trim();
+  const inlinePassword = normalizeResolvedSecretInputString({
+    value: params.apiPassword,
+    path: "channels.nextcloud-talk.apiPassword",
+  });
+  if (inlinePassword) {
+    return inlinePassword;
   }
   if (!params.apiPasswordFile) {
     return undefined;
@@ -89,31 +95,40 @@ export async function resolveNextcloudTalkRoomKind(params: {
   const auth = Buffer.from(`${apiUser}:${apiPassword}`, "utf-8").toString("base64");
 
   try {
-    const response = await fetch(url, {
-      method: "GET",
-      headers: {
-        Authorization: `Basic ${auth}`,
-        "OCS-APIRequest": "true",
-        Accept: "application/json",
+    const { response, release } = await fetchWithSsrFGuard({
+      url,
+      init: {
+        method: "GET",
+        headers: {
+          Authorization: `Basic ${auth}`,
+          "OCS-APIRequest": "true",
+          Accept: "application/json",
+        },
       },
+      auditContext: "nextcloud-talk.room-info",
     });
+    try {
+      if (!response.ok) {
+        roomCache.set(key, {
+          fetchedAt: Date.now(),
+          error: `status:${response.status}`,
+        });
+        runtime?.log?.(
+          `nextcloud-talk: room lookup failed (${response.status}) token=${roomToken}`,
+        );
+        return undefined;
+      }
 
-    if (!response.ok) {
-      roomCache.set(key, {
-        fetchedAt: Date.now(),
-        error: `status:${response.status}`,
-      });
-      runtime?.log?.(`nextcloud-talk: room lookup failed (${response.status}) token=${roomToken}`);
-      return undefined;
+      const payload = (await response.json()) as {
+        ocs?: { data?: { type?: number | string } };
+      };
+      const type = coerceRoomType(payload.ocs?.data?.type);
+      const kind = resolveRoomKindFromType(type);
+      roomCache.set(key, { fetchedAt: Date.now(), kind });
+      return kind;
+    } finally {
+      await release();
     }
-
-    const payload = (await response.json()) as {
-      ocs?: { data?: { type?: number | string } };
-    };
-    const type = coerceRoomType(payload.ocs?.data?.type);
-    const kind = resolveRoomKindFromType(type);
-    roomCache.set(key, { fetchedAt: Date.now(), kind });
-    return kind;
   } catch (err) {
     roomCache.set(key, {
       fetchedAt: Date.now(),

extensions/nextcloud-talk/src/secret-input.ts

@@ -0,0 +1,19 @@
+import {
+  hasConfiguredSecretInput,
+  normalizeResolvedSecretInputString,
+  normalizeSecretInputString,
+} from "openclaw/plugin-sdk";
+import { z } from "zod";
+
+export { hasConfiguredSecretInput, normalizeResolvedSecretInputString, normalizeSecretInputString };
+
+export function buildSecretInputSchema() {
+  return z.union([
+    z.string(),
+    z.object({
+      source: z.enum(["env", "file", "exec"]),
+      provider: z.string().min(1),
+      id: z.string().min(1),
+    }),
+  ]);
+}

extensions/nextcloud-talk/src/types.ts

@@ -3,6 +3,7 @@ import type {
   DmConfig,
   DmPolicy,
   GroupPolicy,
+  SecretInput,
 } from "openclaw/plugin-sdk";
 
 export type { DmPolicy, GroupPolicy };
@@ -29,13 +30,13 @@ export type NextcloudTalkAccountConfig = {
   /** Base URL of the Nextcloud instance (e.g., "https://cloud.example.com"). */
   baseUrl?: string;
   /** Bot shared secret from occ talk:bot:install output. */
-  botSecret?: string;
+  botSecret?: SecretInput;
   /** Path to file containing bot secret (for secret managers). */
   botSecretFile?: string;
   /** Optional API user for room lookups (DM detection). */
   apiUser?: string;
   /** Optional API password/app password for room lookups. */
-  apiPassword?: string;
+  apiPassword?: SecretInput;
   /** Path to file containing API password/app password. */
   apiPasswordFile?: string;
   /** Direct message policy (default: pairing). */