@allbaseai/openclaw-allbase 0.1.4 → 0.1.5

package/index.ts

@@ -130,7 +130,7 @@ function writeOAuthProfileToConfig(
   cfg.profiles = cfg.profiles || {};
   cfg.profiles[profileName] = {
     ...(cfg.profiles[profileName] || {}),
-    oauthAccessToken: values.oauthAccessToken,
+    ...(values.oauthAccessToken ? { oauthAccessToken: values.oauthAccessToken } : {}),
     ...(values.oauthRefreshToken ? { oauthRefreshToken: values.oauthRefreshToken } : {}),
     oauthClientId: values.oauthClientId,
     oauthTokenEndpoint: values.oauthTokenEndpoint,
@@ -233,6 +233,67 @@ function jwtExpMs(token: string): number | null {
   return null;
 }
 
+
+
+async function ensureOAuthClientId(
+  profileName: string,
+  baseUrl: string,
+  profile: AllbaseProfile,
+  redirectUri: string,
+): Promise<{ clientId: string; tokenEndpoint: string; registrationEndpoint: string }> {
+  const existingClientId = (profile.oauthClientId || process.env.ALLBASE_OAUTH_CLIENT_ID || '').trim();
+  const tokenEndpoint = (profile.oauthTokenEndpoint || process.env.ALLBASE_OAUTH_TOKEN_ENDPOINT || `${baseUrl}/oauth/token`).trim();
+
+  // discover registration endpoint
+  let registrationEndpoint = `${baseUrl}/oauth/register`;
+  try {
+    const d = await fetch(`${baseUrl}/.well-known/oauth-authorization-server`);
+    if (d.ok) {
+      const doc = await d.json() as any;
+      if (typeof doc?.registration_endpoint === 'string' && doc.registration_endpoint.trim()) {
+        registrationEndpoint = doc.registration_endpoint.trim();
+      }
+    }
+  } catch {
+    // use default
+  }
+
+  if (existingClientId) {
+    return { clientId: existingClientId, tokenEndpoint, registrationEndpoint };
+  }
+
+  const resp = await fetch(registrationEndpoint, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({
+      client_name: 'OpenClaw Allbase Plugin',
+      redirect_uris: [redirectUri],
+      grant_types: ['authorization_code', 'refresh_token'],
+      response_types: ['code'],
+      scope: 'allbase:read allbase:write',
+      token_endpoint_auth_method: 'none',
+      client_uri: 'https://docs.openclaw.ai',
+    }),
+  });
+
+  const text = await resp.text();
+  let body: any = {};
+  try { body = text ? JSON.parse(text) : {}; } catch { body = { raw: text }; }
+  if (!resp.ok || !body?.client_id) {
+    throw new Error(`OAuth client registration failed (${resp.status}): ${typeof body === 'string' ? body : JSON.stringify(body)}`);
+  }
+
+  const clientId = String(body.client_id);
+  writeOAuthProfileToConfig(profileName, {
+    oauthAccessToken: profile.oauthAccessToken || '',
+    oauthRefreshToken: profile.oauthRefreshToken,
+    oauthClientId: clientId,
+    oauthTokenEndpoint: tokenEndpoint,
+    baseUrl,
+  });
+
+  return { clientId, tokenEndpoint, registrationEndpoint };
+}
 async function getOAuthToken(baseUrl: string, profile: AllbaseProfile): Promise<{ token: string; exp: number }> {
   const directToken = profile.oauthAccessToken?.trim();
   if (directToken) {
@@ -517,15 +578,10 @@ const plugin = {
           const cfg = getConfig(api);
           const profile = (cfg.profiles || {})[profileName] || {};
           const baseUrl = resolveBaseUrl(cfg, profile);
-          const clientId = (profile.oauthClientId || process.env.ALLBASE_OAUTH_CLIENT_ID || "").trim();
-          if (!clientId) {
-            return { text: "Missing oauthClientId. Set it in plugins.entries.openclaw-allbase.config.profiles.<profile>.oauthClientId or ALLBASE_OAUTH_CLIENT_ID." };
-          }
-
-          const tokenEndpoint = (profile.oauthTokenEndpoint || `${baseUrl}/oauth/token`).trim();
-          const authorizeEndpoint = `${baseUrl}/oauth/authorize`;
           const redirectUri = (process.env.ALLBASE_OAUTH_REDIRECT_URI || "urn:ietf:wg:oauth:2.0:oob").trim();
-          const scope = (profile.oauthScope || process.env.ALLBASE_OAUTH_SCOPE || "offline_access openid profile").trim();
+          const scope = (profile.oauthScope || process.env.ALLBASE_OAUTH_SCOPE || "allbase:read allbase:write").trim();
+          const { clientId, tokenEndpoint } = await ensureOAuthClientId(profileName, baseUrl, profile, redirectUri);
+          const authorizeEndpoint = `${baseUrl}/oauth/authorize`;
           const state = base64Url(randomBytes(24));
           const codeVerifier = base64Url(randomBytes(48));
           const codeChallenge = base64Url(createHash('sha256').update(codeVerifier).digest());
@@ -577,9 +633,20 @@ const plugin = {
       handler: async (cmdCtx) => {
         try {
           const raw = (cmdCtx.args || "").trim();
-          const [code, profileArg] = raw.split(/\s+/);
-          if (!code) return { text: "Usage: /allbase-auth-complete <CODE> [profile]" };
+          const [codeOrUrl, profileArg] = raw.split(/\s+/);
+          if (!codeOrUrl) return { text: "Usage: /allbase-auth-complete <CODE|CALLBACK_URL> [profile]" };
           const profileName = profileArg || "default";
+          let code = codeOrUrl;
+          if (codeOrUrl.includes("code=") || codeOrUrl.startsWith("http")) {
+            try {
+              const u = new URL(codeOrUrl);
+              const c = u.searchParams.get("code");
+              if (c) code = c;
+            } catch {
+              const m = codeOrUrl.match(/[?&]code=([^&]+)/);
+              if (m?.[1]) code = decodeURIComponent(m[1]);
+            }
+          }
           const store = readOAuthStore();
           const pending = store.pending?.[profileName];
           if (!pending) return { text: `No pending OAuth flow for profile '${profileName}'. Run /allbase-auth-start ${profileName} first.` };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@allbaseai/openclaw-allbase",
-  "version": "0.1.4",
+  "version": "0.1.5",
   "type": "module",
   "description": "OpenClaw plugin to map OpenClaw agents to Allbase agent/workspace profiles.",
   "license": "MIT",