ibkr-agent-gateway 0.5.2

Unofficial local-first CLI and MCP gateway for Interactive Brokers workflows.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163

//! Audit event model and required event types.

use crate::internal::domain::{
    AccountIdHash, AuditEventId, ErrorCode, LocalUserId, RequestId, SessionId,
};
use serde::{Deserialize, Serialize};
use serde_json::Value;
use std::collections::BTreeMap;
use time::OffsetDateTime;

/// Required audit event types.
#[derive(Clone, Copy, Debug, Eq, PartialEq, Serialize, Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum AuditEventType {
    /// A tool call was received.
    ToolCalled,
    /// A tool call was denied because scope was missing.
    ToolDeniedScope,
    /// A tool call completed.
    ToolCompleted,
    /// A tool call failed.
    ToolFailed,
    /// A tool call was refused by policy.
    ToolRefused,
    /// Broker session state changed.
    BackendSessionChanged,
    /// Broker session was checked.
    BackendSessionChecked,
    /// Order intent was received.
    OrderIntentReceived,
    /// Order risk checks completed.
    OrderRiskChecked,
    /// Order preview was created.
    OrderPreviewCreated,
    /// Order preview was refused.
    OrderPreviewRefused,
    /// Paper approval was created or updated.
    PaperApprovalRecorded,
    /// Paper order submit was accepted or refused.
    PaperOrderSubmitted,
    /// Paper order cancel was accepted or refused.
    PaperOrderCancelled,
    /// Paper order lifecycle changed.
    PaperOrderLifecycleChanged,
    /// Live order lifecycle changed after broker reconciliation.
    LiveOrderLifecycleChanged,
    /// Remote OAuth/OIDC authentication succeeded.
    RemoteAuthSucceeded,
    /// Remote OAuth/OIDC authentication was denied.
    RemoteAuthDenied,
    /// Sidecar relay forwarded a broker request.
    SidecarRelayForwarded,
    /// Sidecar relay refused or failed a broker request.
    SidecarRelayFailed,
}

impl AuditEventType {
    /// Stable serialized audit event type name.
    #[must_use]
    pub const fn as_str(self) -> &'static str {
        match self {
            Self::ToolCalled => "tool_called",
            Self::ToolDeniedScope => "tool_denied_scope",
            Self::ToolCompleted => "tool_completed",
            Self::ToolFailed => "tool_failed",
            Self::ToolRefused => "tool_refused",
            Self::BackendSessionChanged => "backend_session_changed",
            Self::BackendSessionChecked => "backend_session_checked",
            Self::OrderIntentReceived => "order_intent_received",
            Self::OrderRiskChecked => "order_risk_checked",
            Self::OrderPreviewCreated => "order_preview_created",
            Self::OrderPreviewRefused => "order_preview_refused",
            Self::PaperApprovalRecorded => "paper_approval_recorded",
            Self::PaperOrderSubmitted => "paper_order_submitted",
            Self::PaperOrderCancelled => "paper_order_cancelled",
            Self::PaperOrderLifecycleChanged => "paper_order_lifecycle_changed",
            Self::LiveOrderLifecycleChanged => "live_order_lifecycle_changed",
            Self::RemoteAuthSucceeded => "remote_auth_succeeded",
            Self::RemoteAuthDenied => "remote_auth_denied",
            Self::SidecarRelayForwarded => "sidecar_relay_forwarded",
            Self::SidecarRelayFailed => "sidecar_relay_failed",
        }
    }
}

/// Authorization decision captured in audit.
#[derive(Clone, Copy, Debug, Eq, PartialEq, Serialize, Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum AuditDecision {
    /// Operation was allowed.
    Allow,
    /// Operation was denied by auth/scope.
    Deny,
    /// Operation was refused by validation or policy.
    Refuse,
}

/// Terminal result status captured in audit.
#[derive(Clone, Copy, Debug, Eq, PartialEq, Serialize, Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum AuditResultStatus {
    /// Call was recorded.
    Called,
    /// Call completed.
    Completed,
    /// Call failed.
    Failed,
    /// Call was refused.
    Refused,
    /// Call was denied for missing scope.
    DeniedScope,
    /// Remote auth succeeded.
    Authenticated,
    /// Remote auth failed before tool execution.
    DeniedAuth,
}

/// Redaction metadata for one sensitive field.
#[derive(Clone, Debug, Eq, PartialEq, Serialize, Deserialize)]
pub struct RedactionRecord {
    /// Redacted field path.
    pub field_path: String,
    /// Redaction reason.
    pub reason: String,
}

/// Append-only audit event.
#[derive(Clone, Debug, PartialEq, Serialize, Deserialize)]
pub struct AuditEvent {
    /// Event id.
    pub event_id: AuditEventId,
    /// Event type.
    pub event_type: AuditEventType,
    /// Event timestamp.
    #[serde(with = "time::serde::rfc3339")]
    pub timestamp: OffsetDateTime,
    /// Local user id.
    pub user_id: LocalUserId,
    /// Session id.
    pub session_id: SessionId,
    /// Request id.
    pub request_id: RequestId,
    /// HMAC account hash when applicable.
    pub account_id_hash: Option<AccountIdHash>,
    /// Tool name when applicable.
    pub tool_name: Option<String>,
    /// Scopes involved in the decision.
    pub scopes: Vec<String>,
    /// Allow, deny, or refuse.
    pub decision: AuditDecision,
    /// Result status.
    pub result_status: AuditResultStatus,
    /// Optional stable error code.
    pub error_code: Option<ErrorCode>,
    /// Canonical input hash.
    pub input_hash: Option<String>,
    /// Canonical output hash.
    pub output_hash: Option<String>,
    /// Redaction metadata.
    pub redactions: Vec<RedactionRecord>,
    /// Non-sensitive metadata.
    pub metadata: BTreeMap<String, Value>,
}