@a2hmarket/a2hmarket 0.2.0

package/src/api-client.ts

@@ -0,0 +1,154 @@
+import { computeHttpSignature } from "./signer.js";
+import type { A2HCredentials } from "./credentials.js";
+
+export class PlatformError extends Error {
+  code: string;
+  httpStatus: number;
+  constructor(code: string, message: string, httpStatus: number) {
+    super(`A2H API error [${code}]: ${message}`);
+    this.name = "PlatformError";
+    this.code = code;
+    this.httpStatus = httpStatus;
+  }
+}
+
+interface PlatformResponse {
+  code?: string | number;
+  message?: string;
+  data?: unknown;
+}
+
+export class A2HApiClient {
+  private creds: A2HCredentials;
+
+  constructor(creds: A2HCredentials) {
+    this.creds = creds;
+  }
+
+  get agentId(): string {
+    return this.creds.agentId;
+  }
+
+  get credentials(): A2HCredentials {
+    return this.creds;
+  }
+
+  /**
+   * GET with signature. apiPath may include query string.
+   * signPath is the path used for signing (without query), auto-extracted if omitted.
+   */
+  async getJSON<T = unknown>(apiPath: string, signPath?: string): Promise<T> {
+    return this.doRequest<T>("GET", this.creds.apiUrl, apiPath, signPath);
+  }
+
+  /** POST JSON with signature. */
+  async postJSON<T = unknown>(apiPath: string, body?: unknown): Promise<T> {
+    return this.doRequest<T>("POST", this.creds.apiUrl, apiPath, undefined, body);
+  }
+
+  /** POST JSON to a different base URL (e.g. OSS service). */
+  async postJSONToHost<T = unknown>(
+    baseUrl: string,
+    apiPath: string,
+    signPath: string,
+    body?: unknown
+  ): Promise<T> {
+    return this.doRequest<T>("POST", baseUrl.replace(/\/+$/, ""), apiPath, signPath, body);
+  }
+
+  /** DELETE with signature. */
+  async deleteJSON<T = unknown>(apiPath: string): Promise<T> {
+    return this.doRequest<T>("DELETE", this.creds.apiUrl, apiPath);
+  }
+
+  /** PUT binary to a pre-signed URL (no business signature). */
+  async putBinary(
+    uploadUrl: string,
+    signedHeaders: Record<string, string>,
+    data: Buffer | Uint8Array
+  ): Promise<void> {
+    const headers: Record<string, string> = { ...signedHeaders };
+    const resp = await fetch(uploadUrl, {
+      method: "PUT",
+      headers,
+      body: data as unknown as BodyInit,
+    });
+    if (!resp.ok) {
+      const text = await resp.text().catch(() => "");
+      throw new Error(`PUT binary HTTP ${resp.status}: ${text.slice(0, 200)}`);
+    }
+  }
+
+  // ─── Internal ────────────────────────────────────────────────────
+
+  private async doRequest<T>(
+    method: string,
+    baseUrl: string,
+    apiPath: string,
+    signPath?: string,
+    body?: unknown
+  ): Promise<T> {
+    // Determine signing path (strip query string)
+    const effectiveSignPath =
+      signPath ?? (apiPath.includes("?") ? apiPath.slice(0, apiPath.indexOf("?")) : apiPath);
+
+    const timestamp = String(Math.floor(Date.now() / 1000));
+    const signature = computeHttpSignature(
+      this.creds.agentKey,
+      method,
+      effectiveSignPath,
+      this.creds.agentId,
+      timestamp
+    );
+
+    const url = baseUrl + apiPath;
+    const headers: Record<string, string> = {
+      "Content-Type": "application/json",
+      "X-Agent-Id": this.creds.agentId,
+      "X-Timestamp": timestamp,
+      "X-Agent-Signature": signature,
+    };
+
+    const init: RequestInit = { method, headers };
+    if (method !== "GET" && method !== "HEAD") {
+      init.body = JSON.stringify(body ?? {});
+    }
+
+    const resp = await fetch(url, init);
+    const rawBody = await resp.text();
+
+    if (!resp.ok) {
+      let pr: PlatformResponse = {};
+      try {
+        pr = JSON.parse(rawBody);
+      } catch {
+        // not JSON
+      }
+      const msg = pr.message || rawBody.slice(0, 200);
+      const code = pr.code != null ? String(pr.code) : String(resp.status);
+      throw new PlatformError(code, msg, resp.status);
+    }
+
+    // Parse platform wrapper: { code: "200", message: "...", data: T }
+    let parsed: PlatformResponse;
+    try {
+      parsed = JSON.parse(rawBody);
+    } catch {
+      // Response is not standard platform format, try direct parse
+      return JSON.parse(rawBody) as T;
+    }
+
+    // Normalize code (handles both "200" and 200)
+    const codeStr = String(parsed.code ?? "").replace(/"/g, "");
+    if (codeStr && codeStr !== "200") {
+      throw new PlatformError(codeStr, parsed.message ?? "", 0);
+    }
+
+    // Return the data field
+    if (parsed.data !== undefined && parsed.data !== null) {
+      return parsed.data as T;
+    }
+
+    return undefined as T;
+  }
+}

package/src/channel-state.ts

@@ -0,0 +1,11 @@
+import type { LastChannelStore } from "./last-channel.js";
+
+let _store: LastChannelStore | null = null;
+
+export function setLastChannelStore(store: LastChannelStore): void {
+  _store = store;
+}
+
+export function getLastChannelStore(): LastChannelStore | null {
+  return _store;
+}

package/src/credentials.ts

@@ -0,0 +1,131 @@
+import { readFileSync, existsSync } from "node:fs";
+import { join, dirname } from "node:path";
+import { homedir } from "node:os";
+import { fileURLToPath } from "node:url";
+
+export interface A2HNotifyConfig {
+  channel: string;  // e.g. "feishu"
+  target: string;   // e.g. "ou_xxxxx" (feishu open_id) or chat_id
+}
+
+export interface A2HCredentials {
+  agentId: string;
+  agentKey: string;
+  apiUrl: string;
+  mqttUrl: string;
+  notify?: A2HNotifyConfig;
+}
+
+// ── Load from pluginConfig (openclaw.json) — preferred ─────────────────
+
+export function loadCredentialsFromConfig(
+  pluginConfig?: Record<string, unknown>,
+): A2HCredentials | null {
+  if (!pluginConfig) return null;
+
+  const agentId = (pluginConfig.agentId as string) ?? "";
+  const agentKey = (pluginConfig.agentKey as string) ?? "";
+  if (!agentId || !agentKey) return null;
+
+  const notifyRaw = pluginConfig.notify as Record<string, string> | undefined;
+  const notify: A2HNotifyConfig | undefined =
+    notifyRaw?.channel && notifyRaw?.target
+      ? { channel: notifyRaw.channel, target: notifyRaw.target }
+      : undefined;
+
+  return {
+    agentId,
+    agentKey,
+    apiUrl: ((pluginConfig.apiUrl as string) ?? "https://api.a2hmarket.ai").replace(/\/+$/, ""),
+    mqttUrl: (pluginConfig.mqttUrl as string) ?? "mqtts://post-cn-e4k4o78q702.mqtt.aliyuncs.com:8883",
+    notify,
+  };
+}
+
+// ── Load from file — fallback for dev mode ─────────────────────────────
+
+const PLUGIN_DIR = join(dirname(fileURLToPath(import.meta.url)), "..");
+const OPENCLAW_STATE_DIR = join(homedir(), ".openclaw", "a2hmarket");
+const HOME_CONFIG_DIR = join(homedir(), ".a2hmarket");
+const CREDENTIALS_FILE = "credentials.json";
+
+interface RawCredentials {
+  agent_id?: string;
+  agent_key?: string;
+  api_url?: string;
+  mqtt_url?: string;
+  notify?: { channel?: string; target?: string };
+  agentId?: string;
+  agentKey?: string;
+  secret?: string;
+}
+
+export function loadCredentialsFromFile(configDir?: string): A2HCredentials {
+  let dir: string;
+  if (configDir) {
+    dir = configDir;
+  } else {
+    // Priority: stateDir > plugin dir > ~/.a2hmarket/ (legacy)
+    const statePath = join(OPENCLAW_STATE_DIR, CREDENTIALS_FILE);
+    const pluginPath = join(PLUGIN_DIR, CREDENTIALS_FILE);
+    dir = existsSync(statePath)
+      ? OPENCLAW_STATE_DIR
+      : existsSync(pluginPath)
+        ? PLUGIN_DIR
+        : HOME_CONFIG_DIR;
+  }
+  const filePath = join(dir, CREDENTIALS_FILE);
+
+  let raw: RawCredentials;
+  try {
+    raw = JSON.parse(readFileSync(filePath, "utf-8"));
+  } catch (err) {
+    throw new Error(
+      `Failed to read credentials from ${filePath}: ${err instanceof Error ? err.message : String(err)}`,
+    );
+  }
+
+  const agentId = raw.agent_id ?? raw.agentId ?? "";
+  const agentKey = raw.agent_key ?? raw.agentKey ?? raw.secret ?? "";
+  if (!agentId || !agentKey) {
+    throw new Error(`Invalid credentials in ${filePath}: agent_id and agent_key are required`);
+  }
+
+  const notify: A2HNotifyConfig | undefined =
+    raw.notify?.channel && raw.notify?.target
+      ? { channel: raw.notify.channel, target: raw.notify.target }
+      : undefined;
+
+  return {
+    agentId,
+    agentKey,
+    apiUrl: (raw.api_url ?? "https://api.a2hmarket.ai").replace(/\/+$/, ""),
+    mqttUrl: raw.mqtt_url ?? "mqtts://post-cn-e4k4o78q702.mqtt.aliyuncs.com:8883",
+    notify,
+  };
+}
+
+// ── Unified loader: pluginConfig > file ────────────────────────────────
+
+let _cachedCreds: A2HCredentials | null = null;
+let _pluginConfig: Record<string, unknown> | undefined;
+
+export function initCredentials(pluginConfig?: Record<string, unknown>): void {
+  _pluginConfig = pluginConfig;
+  _cachedCreds = null;
+}
+
+export function loadCredentials(): A2HCredentials {
+  if (_cachedCreds) return _cachedCreds;
+
+  // Priority: pluginConfig (openclaw.json) > file (dev mode fallback)
+  const fromConfig = loadCredentialsFromConfig(_pluginConfig);
+  if (fromConfig) {
+    _cachedCreds = fromConfig;
+    return fromConfig;
+  }
+
+  const fromFile = loadCredentialsFromFile();
+  _cachedCreds = fromFile;
+  return fromFile;
+}

package/src/feishu-notify.ts

@@ -0,0 +1,157 @@
+/**
+ * Feishu notification — send interactive card messages directly via Feishu API.
+ *
+ * Uses Feishu Open API v2:
+ *   1. Get tenant_access_token (cached)
+ *   2. Send interactive card message
+ *
+ * No SDK dependency needed — pure fetch.
+ */
+
+const FEISHU_TOKEN_URL = "https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal";
+const FEISHU_SEND_URL = "https://open.feishu.cn/open-apis/im/v1/messages";
+
+let tokenCache: { token: string; expiresAt: number } | null = null;
+
+async function getTenantToken(appId: string, appSecret: string): Promise<string> {
+  if (tokenCache && tokenCache.expiresAt > Date.now() + 60_000) {
+    return tokenCache.token;
+  }
+
+  const resp = await fetch(FEISHU_TOKEN_URL, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ app_id: appId, app_secret: appSecret }),
+  });
+
+  const data = (await resp.json()) as {
+    code: number;
+    tenant_access_token: string;
+    expire: number;
+  };
+
+  if (data.code !== 0) {
+    throw new Error(`feishu token error: code=${data.code}`);
+  }
+
+  tokenCache = {
+    token: data.tenant_access_token,
+    expiresAt: Date.now() + data.expire * 1000,
+  };
+
+  return tokenCache.token;
+}
+
+export interface FeishuCardElement {
+  tag: string;
+  content?: string;
+  text?: { tag: string; content: string };
+  actions?: Array<{
+    tag: string;
+    text: { tag: string; content: string };
+    type?: string;
+    value?: Record<string, unknown>;
+  }>;
+}
+
+export interface FeishuNotifyParams {
+  appId: string;
+  appSecret: string;
+  target: string;             // open_id (ou_xxx) or chat_id (oc_xxx)
+  title: string;
+  titleColor?: string;        // blue, green, red, orange, purple, turquoise, yellow, grey
+  elements: FeishuCardElement[];
+}
+
+/**
+ * Send a Feishu interactive card message.
+ */
+export async function sendFeishuCard(params: FeishuNotifyParams): Promise<string> {
+  const token = await getTenantToken(params.appId, params.appSecret);
+
+  // Determine receive_id_type from target format
+  const receiveIdType = params.target.startsWith("oc_") ? "chat_id" : "open_id";
+
+  const card = {
+    schema: "2.0",
+    config: { wide_screen_mode: true },
+    header: {
+      title: { tag: "plain_text", content: params.title },
+      template: params.titleColor ?? "blue",
+    },
+    body: {
+      elements: params.elements,
+    },
+  };
+
+  const resp = await fetch(`${FEISHU_SEND_URL}?receive_id_type=${receiveIdType}`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      Authorization: `Bearer ${token}`,
+    },
+    body: JSON.stringify({
+      receive_id: params.target,
+      msg_type: "interactive",
+      content: JSON.stringify(card),
+    }),
+  });
+
+  const data = (await resp.json()) as {
+    code: number;
+    msg: string;
+    data?: { message_id: string };
+  };
+
+  if (data.code !== 0) {
+    throw new Error(`feishu send error: code=${data.code} msg=${data.msg}`);
+  }
+
+  return data.data?.message_id ?? "";
+}
+
+/**
+ * Build a standard A2H Market notification card.
+ */
+export function buildA2HNotifyCard(params: {
+  type: "inbound" | "reply" | "approval";
+  peerId: string;
+  content: string;
+  agentId?: string;
+}): { title: string; titleColor: string; elements: FeishuCardElement[] } {
+  const titles = {
+    inbound: "📩 A2H Market · 收到消息",
+    reply: "🤖 A2H Market · 已自动回复",
+    approval: "🔔 A2H Market · 需要确认",
+  };
+
+  const colors = {
+    inbound: "blue",
+    reply: "green",
+    approval: "orange",
+  };
+
+  const elements: FeishuCardElement[] = [
+    {
+      tag: "markdown",
+      content: `**来自**: \`${params.peerId}\``,
+    },
+    {
+      tag: "markdown",
+      content: params.content,
+    },
+  ];
+
+  if (params.agentId) {
+    elements.push({
+      tag: "markdown",
+      content: `---\n*Agent: ${params.agentId}*`,
+    });
+  }
+
+  return {
+    title: titles[params.type],
+    titleColor: colors[params.type],
+    elements,
+  };
+}

package/src/last-channel.ts

@@ -0,0 +1,39 @@
+import { readFileSync, writeFileSync, mkdirSync } from "node:fs";
+import { dirname } from "node:path";
+
+export interface LastChannelRecord {
+  channel: string;
+  target: string;
+  sessionKey: string;
+  updatedAt: string;
+}
+
+/**
+ * Tracks the last channel + session the user used to interact with a2hmarket.
+ * Persisted as a JSON file alongside plugin data.
+ */
+export class LastChannelStore {
+  private filePath: string;
+
+  constructor(filePath: string) {
+    this.filePath = filePath;
+  }
+
+  get(): LastChannelRecord | null {
+    try {
+      const raw = readFileSync(this.filePath, "utf-8");
+      return JSON.parse(raw);
+    } catch {
+      return null;
+    }
+  }
+
+  set(record: Omit<LastChannelRecord, "updatedAt">): void {
+    const full: LastChannelRecord = {
+      ...record,
+      updatedAt: new Date().toISOString(),
+    };
+    mkdirSync(dirname(this.filePath), { recursive: true });
+    writeFileSync(this.filePath, JSON.stringify(full, null, 2));
+  }
+}

package/src/mqtt-listener.ts

@@ -0,0 +1,125 @@
+import type { A2HCredentials } from "./credentials.js";
+import { MqttTokenClient, buildClientId } from "./mqtt-token.js";
+import { MqttTransport } from "./mqtt-transport.js";
+
+export interface A2AEnvelopeEvent {
+  senderId: string;
+  messageId: string;
+  text: string;
+  payload: Record<string, unknown>;
+  envelope: Record<string, unknown>;
+}
+
+type MessageHandler = (event: A2AEnvelopeEvent) => void | Promise<void>;
+
+/**
+ * MqttListener manages a long-lived MQTT connection that:
+ * 1. Subscribes to the agent's incoming P2P topic
+ * 2. Parses received A2A envelopes
+ * 3. Invokes the registered message handler (for channel dispatch)
+ */
+export class MqttListener {
+  private creds: A2HCredentials;
+  private transport: MqttTransport | null = null;
+  private handler: MessageHandler | null = null;
+  private log: { info: (m: string) => void; error: (m: string) => void; warn: (m: string) => void };
+
+  constructor(
+    creds: A2HCredentials,
+    log?: { info: (m: string) => void; error: (m: string) => void; warn: (m: string) => void },
+  ) {
+    this.creds = creds;
+    this.log = log ?? {
+      info: (m) => process.stderr.write(`a2hmarket: ${m}\n`),
+      error: (m) => process.stderr.write(`a2hmarket: ${m}\n`),
+      warn: (m) => process.stderr.write(`a2hmarket: ${m}\n`),
+    };
+  }
+
+  onMessage(handler: MessageHandler): void {
+    this.handler = handler;
+  }
+
+  async start(): Promise<void> {
+    const tokenClient = new MqttTokenClient(
+      this.creds.apiUrl,
+      this.creds.agentId,
+      this.creds.agentKey,
+    );
+
+    this.transport = new MqttTransport(this.creds.mqttUrl, tokenClient, this.creds.agentId, {
+      clientId: buildClientId(this.creds.agentId),
+      cleanSession: false,
+    });
+
+    this.transport.onMessage((msg) => {
+      this.handleMessage(msg.payload);
+    });
+
+    this.transport.onReconnect(() => {
+      // Reconnects are expected when another client uses the same clientId (e.g. mobile app).
+      // Log at warn level but don't flood — this is a known RocketMQ P2P clientId constraint.
+    });
+
+    try {
+      await this.transport.connect();
+      await this.transport.subscribe();
+      this.log.info("MQTT listener started");
+    } catch (err) {
+      this.log.error(
+        `MQTT listener start failed: ${err instanceof Error ? err.message : String(err)}`,
+      );
+    }
+  }
+
+  stop(): void {
+    this.transport?.close();
+    this.transport = null;
+    this.log.info("MQTT listener stopped");
+  }
+
+  isConnected(): boolean {
+    return this.transport?.isConnected() ?? false;
+  }
+
+  private handleMessage(raw: string): void {
+    try {
+      const envelope = JSON.parse(raw);
+      const payload = envelope.payload ?? {};
+      const senderId: string = envelope.sender_id ?? "";
+      const messageId: string =
+        envelope.message_id ?? `evt_${Date.now()}_${Math.random().toString(36).slice(2, 6)}`;
+      const text: string = typeof payload.text === "string" ? payload.text : "";
+
+      // Debug: log sender and target from envelope
+      const targetId: string = envelope.target_id ?? "";
+      this.log.info(
+        `envelope: sender=${senderId} target=${targetId} type=${envelope.message_type ?? "?"} msgId=${messageId}`,
+      );
+
+      if (!senderId) {
+        this.log.warn("received message without sender_id, skipping");
+        return;
+      }
+
+      // Skip messages sent BY ourselves (echo prevention)
+      if (senderId === this.creds.agentId) {
+        this.log.info(`skipping own message (echo): ${messageId}`);
+        return;
+      }
+
+      const event: A2AEnvelopeEvent = { senderId, messageId, text, payload, envelope };
+
+      // Invoke handler (async errors are caught below)
+      Promise.resolve(this.handler?.(event)).catch((err) => {
+        this.log.error(
+          `message handler error: ${err instanceof Error ? err.message : String(err)}`,
+        );
+      });
+    } catch (err) {
+      this.log.error(
+        `failed to parse message: ${err instanceof Error ? err.message : String(err)}`,
+      );
+    }
+  }
+}