@agentapprove/openclaw 0.1.8 → 0.2.0

package/dist/index.js

@@ -9,7 +9,7 @@ import { homedir as homedir3 } from "os";
 import { execSync } from "child_process";
 
 // src/e2e-crypto.ts
-import { createHash, createHmac, createCipheriv, randomBytes } from "crypto";
+import { createHash, createHmac, createCipheriv, createDecipheriv, randomBytes, timingSafeEqual } from "crypto";
 import { readFileSync as readFileSync2, writeFileSync as writeFileSync2, existsSync as existsSync2, copyFileSync } from "fs";
 import { join as join2 } from "path";
 import { homedir as homedir2 } from "os";
@@ -135,6 +135,35 @@ function e2eEncrypt(keyHex, plaintext) {
   const hmac = createHmac("sha256", macKey).update(Buffer.concat([iv, ciphertext])).digest("hex");
   return `E2E:v1:${kid}:${ivHex}:${ciphertextBase64}:${hmac}`;
 }
+function isE2EEncrypted(value) {
+  return value.startsWith("E2E:v1:");
+}
+function e2eDecrypt(keyHex, encrypted) {
+  try {
+    if (!isE2EEncrypted(encrypted)) return null;
+    const parts = encrypted.split(":");
+    if (parts.length !== 6) return null;
+    const kid = parts[2];
+    if (kid !== keyId(keyHex)) return null;
+    const ivHex = parts[3];
+    const ciphertextBase64 = parts[4];
+    const hmacHex = parts[5];
+    const encKey = deriveEncKey(keyHex);
+    const macKey = deriveMacKey(keyHex);
+    const iv = Buffer.from(ivHex, "hex");
+    const ciphertext = Buffer.from(ciphertextBase64, "base64");
+    const expectedHmac = createHmac("sha256", macKey).update(Buffer.concat([iv, ciphertext])).digest();
+    const actualHmac = Buffer.from(hmacHex, "hex");
+    if (expectedHmac.length !== actualHmac.length || !timingSafeEqual(expectedHmac, actualHmac)) {
+      return null;
+    }
+    const decipher = createDecipheriv("aes-256-ctr", encKey, iv);
+    const plaintext = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+    return plaintext.toString("utf-8");
+  } catch {
+    return null;
+  }
+}
 function applyApprovalE2E(payload, userKey, serverKey) {
   const sensitiveFields = {};
   for (const field of ["command", "toolInput", "cwd"]) {
@@ -386,7 +415,7 @@ function loadConfig(openclawConfig, logger) {
     failBehavior,
     privacyTier,
     debug,
-    hookVersion: "1.1.4",
+    hookVersion: "1.2.0",
     agentType: "openclaw",
     agentName,
     e2eEnabled,
@@ -731,6 +760,51 @@ async function sendApprovalRequest(request, config, pluginPath, hookName = "open
   processConfigSync(parsed, config);
   return parsed;
 }
+async function sendStopRequest(request, config, pluginPath, hookName = "openclaw-plugin") {
+  if (!config.token) {
+    throw new Error("Missing token. Download the iOS app, run npx agentapprove, and pair your device. Subscription required.");
+  }
+  let payload = applyEventPrivacyFilter(
+    { ...request },
+    config.privacyTier
+  );
+  if (config.e2eEnabled && config.e2eUserKey) {
+    payload = applyEventE2E(payload, config.e2eUserKey);
+    if (config.debug) {
+      debugLog("E2E encryption applied to stop request", hookName);
+    }
+  }
+  const bodyStr = JSON.stringify(payload);
+  const pluginHash = getPluginHash(pluginPath, config.debug, hookName);
+  const hmacHeaders = buildHMACHeaders(bodyStr, config.token, config.hookVersion, pluginHash);
+  const headers = {
+    "Authorization": `Bearer ${config.token}`,
+    ...hmacHeaders
+  };
+  const url = `${config.apiUrl}/${config.apiVersion}/stop`;
+  const stopTimeoutMs = 3e5;
+  if (config.debug) {
+    debugLog(`Sending stop request to ${url}`, hookName);
+    debugLog(`=== SENT TO ${url} ===`, hookName);
+    debugLogRawInline(bodyStr);
+    debugLog("=== END SENT ===", hookName);
+  }
+  const response = await httpPost(url, bodyStr, headers, stopTimeoutMs);
+  if (config.debug) {
+    debugLog(`Stop response: ${response.body || "<empty>"}`, hookName);
+  }
+  if (response.status !== 200) {
+    throw new Error(`Stop API returned status ${response.status}: ${response.body.slice(0, 200)}`);
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(response.body);
+  } catch {
+    parsed = {};
+  }
+  processConfigSync(parsed, config);
+  return parsed;
+}
 async function sendEvent(event, config, pluginPath, hookName = "openclaw-plugin") {
   if (!config.token) return;
   const eventType = event.eventType;
@@ -777,6 +851,153 @@ async function sendEvent(event, config, pluginPath, hookName = "openclaw-plugin"
   }
 }
 
+// src/gateway-client.ts
+import { randomUUID } from "crypto";
+var DEFAULT_GATEWAY_PORT = 18789;
+var CONNECT_TIMEOUT_MS = 1e4;
+var HOOK_NAME = "openclaw-gateway";
+function resolveGatewayConfig(pluginConfig, debug) {
+  const gw = pluginConfig?.gateway;
+  const envPortRaw = process.env.OPENCLAW_GATEWAY_PORT;
+  const envPort = parseInt(envPortRaw || "", 10);
+  if (envPortRaw && isNaN(envPort)) {
+    debugLog(`Invalid OPENCLAW_GATEWAY_PORT "${envPortRaw}", using default ${DEFAULT_GATEWAY_PORT}`, HOOK_NAME);
+  }
+  const port = (typeof gw?.port === "number" && gw.port > 0 ? gw.port : void 0) || (!isNaN(envPort) ? envPort : void 0) || DEFAULT_GATEWAY_PORT;
+  const auth = gw?.auth;
+  const configToken = typeof auth?.token === "string" ? auth.token : "";
+  const token = configToken || process.env.OPENCLAW_GATEWAY_TOKEN || "";
+  if (!token) {
+    return null;
+  }
+  return { port, token, debug };
+}
+async function sendChatMessage(gwConfig, sessionKey, message, idempotencyKey = randomUUID()) {
+  let WebSocket;
+  try {
+    ({ default: WebSocket } = await import("ws"));
+  } catch {
+    throw new Error(
+      'The "ws" package is required for Gateway WebSocket support. Install it with: npm install ws'
+    );
+  }
+  return new Promise((resolve, reject) => {
+    const url = `ws://127.0.0.1:${gwConfig.port}`;
+    let settled = false;
+    let connectReqId;
+    let chatReqId;
+    if (gwConfig.debug) {
+      debugLog(`Connecting to gateway at ${url}`, HOOK_NAME);
+    }
+    const ws = new WebSocket(url);
+    const sendOrFail = (payload) => {
+      ws.send(payload, (sendErr) => {
+        if (sendErr && !settled) {
+          settled = true;
+          cleanup();
+          reject(sendErr);
+        }
+      });
+    };
+    const timeout = setTimeout(() => {
+      if (!settled) {
+        settled = true;
+        try {
+          ws.terminate();
+        } catch {
+        }
+        reject(new Error(`Gateway connection timed out after ${CONNECT_TIMEOUT_MS}ms`));
+      }
+    }, CONNECT_TIMEOUT_MS);
+    const cleanup = () => {
+      clearTimeout(timeout);
+      try {
+        ws.terminate();
+      } catch {
+      }
+    };
+    ws.on("error", (err) => {
+      if (!settled) {
+        settled = true;
+        cleanup();
+        reject(err);
+      }
+    });
+    ws.on("message", (data) => {
+      let msg;
+      try {
+        msg = JSON.parse(data.toString());
+      } catch {
+        return;
+      }
+      if (msg.type === "event" && msg.event === "connect.challenge" && !connectReqId) {
+        connectReqId = randomUUID();
+        sendOrFail(JSON.stringify({
+          type: "req",
+          id: connectReqId,
+          method: "connect",
+          params: {
+            minProtocol: 3,
+            maxProtocol: 3,
+            client: { id: "agentapprove-plugin", version: "1.0", platform: "node", mode: "operator" },
+            role: "operator",
+            scopes: ["operator.admin"],
+            auth: { token: gwConfig.token }
+          }
+        }));
+        if (gwConfig.debug) {
+          debugLog("Sent connect request", HOOK_NAME);
+        }
+        return;
+      }
+      if (msg.type === "res" && connectReqId && msg.id === connectReqId && !chatReqId) {
+        if (!msg.ok) {
+          settled = true;
+          cleanup();
+          reject(new Error(`Gateway auth failed: ${msg.error?.message || "unknown"}`));
+          return;
+        }
+        chatReqId = randomUUID();
+        sendOrFail(JSON.stringify({
+          type: "req",
+          id: chatReqId,
+          method: "chat.send",
+          params: {
+            sessionKey,
+            message,
+            idempotencyKey
+          }
+        }));
+        if (gwConfig.debug) {
+          debugLog(`Sent chat.send for session ${sessionKey}`, HOOK_NAME);
+        }
+        return;
+      }
+      if (msg.type === "res" && chatReqId && msg.id === chatReqId) {
+        settled = true;
+        cleanup();
+        if (msg.ok) {
+          const runId = msg.payload?.runId;
+          if (gwConfig.debug) {
+            debugLog(`chat.send succeeded, runId=${runId || "unknown"}`, HOOK_NAME);
+          }
+          resolve({ runId });
+        } else {
+          reject(new Error(`chat.send failed: ${msg.error?.message || "unknown"}`));
+        }
+        return;
+      }
+    });
+    ws.on("close", () => {
+      if (!settled) {
+        settled = true;
+        cleanup();
+        reject(new Error("Gateway connection closed unexpectedly"));
+      }
+    });
+  });
+}
+
 // src/index.ts
 var pluginFilePath;
 try {
@@ -1106,18 +1327,67 @@ function register(api) {
       debugLog(`Agent ended: success=${event.success}${event.durationMs ? `, duration=${event.durationMs}ms` : ""}${event.error ? `, error=${event.error}` : ""}`, HOOK_AGENT_END);
     }
     const conversationId = resolveConversationId();
-    void sendEvent({
-      eventType: "stop",
+    const stopRequest = {
       agent: config.agentType,
       agentName: config.agentName,
-      hookType: "agent_end",
+      eventType: "stop",
+      status: event.success ? "completed" : "error",
+      loopCount: Array.isArray(event.messages) ? event.messages.length : 0,
       sessionId: conversationId,
       conversationId,
-      status: event.success ? "completed" : "error",
-      durationMs: event.durationMs,
-      response: event.error || void 0,
-      timestamp: (/* @__PURE__ */ new Date()).toISOString()
-    }, config, pluginFilePath, HOOK_AGENT_END);
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      ...config.e2eEnabled && config.e2eUserKey ? { e2eKeyId: keyId(config.e2eUserKey) } : {}
+    };
+    try {
+      const response = await sendStopRequest(stopRequest, config, pluginFilePath, HOOK_AGENT_END);
+      if (config.debug) {
+        debugLog(`Stop response: followup=${response.followup_message ? "yes" : "no"}`, HOOK_AGENT_END);
+      }
+      if (response.followup_message) {
+        let followupText = response.followup_message;
+        if (config.e2eEnabled && config.e2eUserKey && isE2EEncrypted(followupText)) {
+          const decrypted = e2eDecrypt(config.e2eUserKey, followupText);
+          if (!decrypted) {
+            api.logger.warn("Agent Approve: failed to decrypt follow-up message");
+            return;
+          }
+          if (config.debug) {
+            debugLog(`Decrypted follow-up: ${decrypted.slice(0, 50)}...`, HOOK_AGENT_END);
+          }
+          followupText = decrypted;
+        }
+        const gwConfig = resolveGatewayConfig(api.pluginConfig, config.debug);
+        if (!gwConfig) {
+          api.logger.warn(
+            "Agent Approve: follow-up received but no gateway token configured \u2014 set OPENCLAW_GATEWAY_TOKEN or gateway.auth.token in plugin config"
+          );
+          return;
+        }
+        if (!ctx.sessionKey) {
+          api.logger.warn(
+            "Agent Approve: follow-up received but session key unavailable \u2014 cannot send to OpenClaw"
+          );
+          return;
+        }
+        try {
+          const idempotencyKey = createHash2("sha256").update(`${ctx.sessionKey}:${stopRequest.timestamp}:${followupText}`).digest("hex").slice(0, 32);
+          const result = await sendChatMessage(gwConfig, ctx.sessionKey, followupText, idempotencyKey);
+          if (config.debug) {
+            debugLog(`Follow-up sent via gateway chat.send, runId=${result.runId || "unknown"}`, HOOK_AGENT_END);
+          }
+          api.logger.info(`Agent Approve: follow-up sent as user prompt via gateway`);
+        } catch (injectionError) {
+          const injMsg = injectionError instanceof Error ? injectionError.message : String(injectionError);
+          api.logger.warn(`Agent Approve: follow-up injection via gateway failed \u2014 ${injMsg}`);
+        }
+      }
+    } catch (error) {
+      const msg = error instanceof Error ? error.message : String(error);
+      if (config.debug) {
+        debugLog(`Stop request error: ${msg}`, HOOK_AGENT_END);
+      }
+      api.logger.warn(`Agent Approve: stop request failed \u2014 ${msg}`);
+    }
   });
   api.on("before_compaction", async (event, ctx) => {
     if (config.debug) {

package/package.json

@@ -1,12 +1,12 @@
 {
   "name": "@agentapprove/openclaw",
-  "version": "0.1.8",
+  "version": "0.2.0",
   "description": "Agent Approve plugin for OpenClaw - approve or deny AI agent tool calls from your iPhone and Apple Watch",
   "main": "dist/index.js",
   "scripts": {
-    "build": "esbuild src/index.ts --bundle --platform=node --target=node18 --outfile=dist/index.js --format=esm --external:crypto --external:fs --external:path --external:os --external:https --external:http --external:url --external:child_process",
+    "build": "esbuild src/index.ts --bundle --platform=node --target=node18 --outfile=dist/index.js --format=esm --external:crypto --external:fs --external:path --external:os --external:https --external:http --external:url --external:child_process --external:ws",
     "hash": "shasum -a 256 dist/index.js | cut -d' ' -f1",
-    "dev": "esbuild src/index.ts --bundle --platform=node --target=node18 --outfile=dist/index.js --format=esm --external:crypto --external:fs --external:path --external:os --external:https --external:http --external:url --external:child_process --watch"
+    "dev": "esbuild src/index.ts --bundle --platform=node --target=node18 --outfile=dist/index.js --format=esm --external:crypto --external:fs --external:path --external:os --external:https --external:http --external:url --external:child_process --external:ws --watch"
   },
   "openclaw": {
     "extensions": ["./dist/index.js"]
@@ -36,6 +36,14 @@
   "engines": {
     "node": ">=18"
   },
+  "peerDependencies": {
+    "ws": ">=7.0.0"
+  },
+  "peerDependenciesMeta": {
+    "ws": {
+      "optional": true
+    }
+  },
   "devDependencies": {
     "esbuild": "^0.24.0",
     "typescript": "^5.0.0"