@creatoraris/openclaw-wecom 0.2.2 → 0.3.1

package/index.js

@@ -1,5 +1,7 @@
 import http from 'node:http';
 import crypto from 'node:crypto';
+import fs from 'node:fs/promises';
+import path from 'node:path';
 import { URL } from 'node:url';
 import { WeComCrypto } from './crypto.js';
 
@@ -9,6 +11,7 @@ const plugin = {
     const token = cfg.token || process.env.WECOM_TOKEN;
     const encodingAESKey = cfg.encodingAESKey || process.env.WECOM_ENCODING_AES_KEY;
     const corpId = cfg.corpId || process.env.WECOM_CORP_ID || '';
+    const corpSecret = cfg.corpSecret || process.env.WECOM_CORPSECRET || '';
     const port = Number(cfg.port || process.env.PORT || 8788);
 
     if (!token || !encodingAESKey) {
@@ -73,17 +76,154 @@ const plugin = {
       return JSON.stringify({ encrypt: encrypted, msgsignature, timestamp: Number(timestamp), nonce });
     }
 
-    function extractUserText(msg, isGroup = false) {
+    // ── Image handling ──
+
+    const IMAGE_CACHE_DIR = '/tmp/openclaw-wecom-images';
+    const IMAGE_MAX_AGE_MS = 60 * 60 * 1000;
+
+    let wecomAccessToken = null;
+    let tokenExpireTime = 0;
+
+    async function getWeComAccessToken() {
+      if (!corpId || !corpSecret) return null;
+      const now = Date.now();
+      if (wecomAccessToken && now < tokenExpireTime) return wecomAccessToken;
+      try {
+        const url = `https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=${corpId}&corpsecret=${corpSecret}`;
+        const data = await (await fetch(url)).json();
+        if (data.errcode === 0 && data.access_token) {
+          wecomAccessToken = data.access_token;
+          tokenExpireTime = now + (data.expires_in - 300) * 1000;
+          log.info('[WeCom] access_token obtained');
+          return wecomAccessToken;
+        }
+        log.error(`[WeCom] access_token failed: ${data.errmsg}`);
+        return null;
+      } catch (err) {
+        log.error(`[WeCom] access_token error: ${err.message}`);
+        return null;
+      }
+    }
+
+    async function downloadWeComMedia(mediaId) {
+      try {
+        const accessToken = await getWeComAccessToken();
+        if (!accessToken) return null;
+        const url = `https://qyapi.weixin.qq.com/cgi-bin/media/get?access_token=${accessToken}&media_id=${mediaId}`;
+        log.info(`[WeCom Media] downloading media_id=${mediaId}`);
+        const response = await fetch(url);
+        if (!response.ok) return null;
+        const contentType = response.headers.get('content-type') || '';
+        if (contentType.includes('application/json')) return null;
+        const buffer = await response.arrayBuffer();
+        if (buffer.byteLength > 10 * 1024 * 1024) return null;
+        await fs.mkdir(IMAGE_CACHE_DIR, { recursive: true });
+        const filename = `${Date.now()}-${crypto.randomBytes(4).toString('hex')}-media.jpg`;
+        const filepath = path.join(IMAGE_CACHE_DIR, filename);
+        await fs.writeFile(filepath, Buffer.from(buffer));
+        log.info(`[WeCom Media] saved ${filename} (${(buffer.byteLength / 1024 / 1024).toFixed(2)}MB)`);
+        return filepath;
+      } catch (err) {
+        log.error(`[WeCom Media] download failed: ${err.message}`);
+        return null;
+      }
+    }
+
+    function decryptImageIfNeeded(buf) {
+      // Check if already a known image format
+      if ((buf[0] === 0xff && buf[1] === 0xd8) || (buf[0] === 0x89 && buf[1] === 0x50)) return buf;
+      // Try AES-256-CBC decryption with WeCom encodingAESKey
+      if (buf.length % 16 !== 0) return buf;
+      try {
+        const decipher = crypto.createDecipheriv('aes-256-cbc', botCrypto.aesKey, botCrypto.iv);
+        decipher.setAutoPadding(false);
+        let decrypted = Buffer.concat([decipher.update(buf), decipher.final()]);
+        // Remove PKCS7 padding
+        const pad = decrypted[decrypted.length - 1];
+        if (pad > 0 && pad <= 32) decrypted = decrypted.subarray(0, decrypted.length - pad);
+        // Verify it's a real image now
+        if ((decrypted[0] === 0xff && decrypted[1] === 0xd8) || (decrypted[0] === 0x89 && decrypted[1] === 0x50)) {
+          log.info('[Image] decrypted successfully');
+          return decrypted;
+        }
+        return buf;
+      } catch { return buf; }
+    }
+
+    async function downloadImage(imageUrl) {
+      try {
+        log.info(`[Image] downloading ${imageUrl.slice(0, 100)}`);
+        const response = await fetch(imageUrl);
+        if (!response.ok) return null;
+        let buffer = Buffer.from(await response.arrayBuffer());
+        if (buffer.byteLength > 10 * 1024 * 1024) return null;
+        buffer = decryptImageIfNeeded(buffer);
+        await fs.mkdir(IMAGE_CACHE_DIR, { recursive: true });
+        // Detect actual format from magic bytes
+        const ext = (buffer[0] === 0x89 && buffer[1] === 0x50) ? '.png' : '.jpg';
+        const filename = `${Date.now()}-${crypto.randomBytes(4).toString('hex')}${ext}`;
+        const filepath = path.join(IMAGE_CACHE_DIR, filename);
+        await fs.writeFile(filepath, buffer);
+        log.info(`[Image] saved ${filename} (${(buffer.byteLength / 1024 / 1024).toFixed(2)}MB)`);
+        return filepath;
+      } catch (err) {
+        log.error(`[Image] download failed: ${err.message}`);
+        return null;
+      }
+    }
+
+    async function resolveImage(imageObj) {
+      log.info(`[Image] raw fields: ${JSON.stringify(imageObj)}`);
+      const mediaId = imageObj?.media_id;
+      const imageUrl = imageObj?.url || imageObj?.pic_url;
+      let localPath = null;
+      if (mediaId) localPath = await downloadWeComMedia(mediaId);
+      if (!localPath && imageUrl) localPath = await downloadImage(imageUrl);
+      if (localPath) return `[用户发送了一张图片]\n本地路径: ${localPath}\n请使用image工具分析这张图片并回复用户。`;
+      if (imageUrl) return `[用户发送了一张图片]\n图片URL: ${imageUrl}`;
+      return '[用户发送了一张图片，但无法获取]';
+    }
+
+    async function cleanupImageCache() {
+      try {
+        const files = await fs.readdir(IMAGE_CACHE_DIR).catch(() => []);
+        const cutoff = Date.now() - IMAGE_MAX_AGE_MS;
+        for (const file of files) {
+          const filepath = path.join(IMAGE_CACHE_DIR, file);
+          const stat = await fs.stat(filepath).catch(() => null);
+          if (stat && stat.mtimeMs < cutoff) await fs.unlink(filepath).catch(() => {});
+        }
+      } catch {}
+    }
+
+    async function extractUserText(msg, isGroup = false) {
       const cleanMention = (text) => isGroup ? text.replace(/@[^\s@]+\s*/g, '').trim() : text.trim();
 
       if (msg.msgtype === 'text') return cleanMention(msg.text?.content || '');
       if (msg.msgtype === 'voice') return msg.voice?.content?.trim() || '';
+
       if (msg.msgtype === 'mixed') {
         const parts = msg.mixed?.msg_item || [];
-        const text = parts.filter(p => p.msgtype === 'text').map(p => p.text?.content || '').join(' ');
-        return cleanMention(text);
+        const textParts = [];
+        const imagePrompts = [];
+        for (const part of parts) {
+          if (part.msgtype === 'text') {
+            textParts.push(part.text?.content || '');
+          } else if (part.msgtype === 'image') {
+            imagePrompts.push(await resolveImage(part.image));
+          }
+        }
+        let result = cleanMention(textParts.join(' '));
+        if (imagePrompts.length > 0) {
+          result = result ? `${result}\n\n${imagePrompts.join('\n\n')}` : imagePrompts.join('\n\n');
+        }
+        return result;
+      }
+
+      if (msg.msgtype === 'image') {
+        return await resolveImage(msg.image);
       }
-      if (msg.msgtype === 'image') return '[图片消息] 暂不支持图片回复';
+
       return '';
     }
 
@@ -280,7 +420,7 @@ const plugin = {
           }
 
           const isGroup = chattype === 'group';
-          const text = extractUserText(msg, isGroup);
+          const text = await extractUserText(msg, isGroup);
           log.info(`[<- ${source}] (${msgtype}) ${text.slice(0, 100)}`);
 
           if (!text) {
@@ -325,6 +465,7 @@ const plugin = {
           });
 
           cleanupStreams();
+          cleanupImageCache();
           return;
         }
 
@@ -354,7 +495,7 @@ const plugin = {
           });
 
           server.listen(port, '127.0.0.1', () => {
-            log.info(`wecom-bridge listening on 127.0.0.1:${port}`);
+            log.info(`openclaw-wecom plugin listening on 127.0.0.1:${port}`);
             log.info(`  Callback: /callback`);
             log.info(`  OpenClaw: ${openclawApi}`);
             resolve();

package/openclaw.plugin.json

@@ -1,6 +1,6 @@
 {
   "id": "openclaw-wecom",
-  "version": "0.2.2",
+  "version": "0.3.0",
   "name": "企业微信（WeCom）",
   "description": "企业微信智能助手机器人桥接，支持流式回复、加密消息、单聊和群聊",
   "author": "CreatorAris",
@@ -38,7 +38,11 @@
       },
       "corpId": {
         "type": "string",
-        "description": "企业微信 CorpID（可选，用于消息加密校验）"
+        "description": "企业微信 CorpID（可选，用于图片下载）"
+      },
+      "corpSecret": {
+        "type": "string",
+        "description": "企业微信 CorpSecret（可选，用于图片下载）"
       },
       "port": {
         "type": "number",
@@ -60,7 +64,12 @@
     },
     "corpId": {
       "label": "CorpID",
-      "description": "企业微信企业 ID，可选"
+      "description": "企业微信企业 ID，配合 CorpSecret 可下载图片"
+    },
+    "corpSecret": {
+      "label": "CorpSecret",
+      "sensitive": true,
+      "description": "企业微信应用密钥，配合 CorpID 可下载图片"
     },
     "port": {
       "label": "端口",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@creatoraris/openclaw-wecom",
-  "version": "0.2.2",
+  "version": "0.3.1",
   "description": "Enterprise WeChat (WeCom) channel plugin for OpenClaw - 企业微信智能助手机器人桥接",
   "main": "index.js",
   "type": "module",