@dcrays/dcgchat 0.4.27 → 0.5.0

package/src/cronToolCall.ts

@@ -1,202 +0,0 @@
-import { channelInfo, ENV } from './utils/constant.js'
-/**
- * cron-delivery-guard — 定时任务投递守护插件
- *
- * 核心机制：通过 before_tool_call 钩子拦截 cron 工具调用，
- * 当 delivery.mode 为 "announce" 且未指定 channel 时，
- * 自动注入 bestEffort: true，使投递失败时静默降级，
- * 不影响 cron 执行结果的保存。
- *
- * 背景：
- * - 定时任务的 delivery 设为 announce 模式，如果没有指定 channel，
- *   投递可能因找不到有效渠道而失败
- * - bestEffort: true 让框架在投递失败时不报错，避免丢失执行结果
- */
-
-import { dcgLogger } from './utils/log.js'
-
-const LOG_TAG = 'cron-delivery-guard'
-
-// ---- 类型定义 ----
-
-interface ToolCallEvent {
-  toolName: string
-  toolCallId: string
-  params: Record<string, unknown>
-  result?: { content: string }
-}
-
-interface HookContext {
-  agentId: string
-  sessionKey: string
-}
-
-interface BeforeToolCallResult {
-  block?: boolean
-  blockReason?: string
-  params?: Record<string, unknown>
-}
-
-// ---- delivery 类型 ----
-
-interface CronDelivery {
-  mode?: string
-  channel?: string
-  to?: string
-  bestEffort?: boolean
-  [key: string]: unknown
-}
-/**
- * 解析 OpenClaw mobook direct 会话 key。
- * 形如 `agent:main:mobook:direct:14:5466`（大小写不敏感，与路由 toLowerCase 一致）
- * - 倒数第二段：account / peer（delivery.accountId）
- * - 最后一段：会话 id（delivery.to）
- */
-export function formatterSessionKey(sessionKey: string): { agentId: string; sessionId: string } {
-  const parts = sessionKey.split(':').filter((s) => s.length > 0)
-  const norm = parts.map((s) => s.toLowerCase())
-  if (parts.length >= 6 && norm[0] === 'agent' && norm[2] === 'mobook' && norm[3] === 'direct') {
-    return {
-      agentId: parts[4] ?? '',
-      sessionId: parts[5] ?? ''
-    }
-  }
-  if (parts.length >= 2) {
-    return {
-      agentId: parts[parts.length - 2] ?? '',
-      sessionId: parts[parts.length - 1] ?? ''
-    }
-  }
-  return { agentId: '', sessionId: '' }
-}
-
-// ---- 辅助函数 ----
-
-/**
- * 判断是否为 cron 工具调用
- */
-function isCronTool(toolName: string): boolean {
-  return toolName === 'cron'
-}
-
-/**
- * 从 cron 参数中提取 delivery 配置
- * cron 工具的参数结构可能是:
- * - params.delivery (顶层)
- * - params.job.delivery (嵌套在 job 中)
- */
-function extractDelivery(params: Record<string, unknown>): CronDelivery | null {
-  // 尝试顶层 delivery
-  if (params.delivery && typeof params.delivery === 'object') {
-    return params.delivery as CronDelivery
-  }
-
-  // 尝试 job.delivery
-  const job = params.job as Record<string, unknown> | undefined
-  if (job?.delivery && typeof job.delivery === 'object') {
-    return job.delivery as CronDelivery
-  }
-
-  // 尝试 payload 中的 deliver 相关字段 (兼容 qqbot-cron 风格)
-  const payload = job?.payload as Record<string, unknown> | undefined
-  if (payload?.deliver === true && payload.channel === undefined) {
-    // payload 风格: { deliver: true, channel?: string }
-    // 这种情况不是 delivery 对象，跳过
-    return null
-  }
-
-  return null
-}
-
-/**
- * 判断 delivery 是否需要注入 bestEffort
- * 条件: mode 为 "announce" 且没有 channel
- */
-function needsBestEffort(delivery: CronDelivery): boolean {
-  return delivery.mode === 'announce' && !delivery.channel && !delivery.bestEffort
-}
-
-/**
- * 深拷贝 params，在 delivery 上写入 dcg 路由（to / accountId / sessionKey）。
- * bestEffort + 默认 channel 仅在 needsBestEffort 为真时写入（announce 且无 channel）。
- *
- * 说明：原先仅在 needsBestEffort 为真时才改 delivery，若 jobs 里已有 channel 会整段跳过，
- * 导致 `delivery.to` 永远不会被本钩子写入；运行时若缺 to 就会一直 not-delivered。
- */
-function patchCronDeliveryInParams(
-  params: Record<string, unknown>,
-  sk: string,
-  deliverySnapshot: CronDelivery
-): Record<string, unknown> | null {
-  const newParams = JSON.parse(JSON.stringify(params)) as Record<string, unknown>
-  const { agentId } = formatterSessionKey(sk)
-  const announceNoChannel = needsBestEffort(deliverySnapshot)
-
-  const apply = (d: CronDelivery) => {
-    d.to = `dcg-cron:${sk}`
-    if (agentId) d.accountId = agentId
-    if (announceNoChannel) {
-      d.bestEffort = true
-      d.channel = "dcgchat"
-    }
-  }
-
-  if (newParams.delivery && typeof newParams.delivery === 'object') {
-    apply(newParams.delivery as CronDelivery)
-    newParams.sessionKey = sk
-    return newParams
-  }
-
-  const job = newParams.job as Record<string, unknown> | undefined
-  if (job?.delivery && typeof job.delivery === 'object') {
-    apply(job.delivery as CronDelivery)
-    newParams.sessionKey = sk
-    return newParams
-  }
-
-  return null
-}
-
-export function cronToolCall(event: { toolName: any; params: any; toolCallId: any }, sk: string) {
-  const { toolName, params, toolCallId } = event
-
-  // 仅处理 cron 工具
-  if (isCronTool(toolName)) {
-    const delivery = extractDelivery(params)
-    if (!delivery) {
-      dcgLogger(`[${LOG_TAG}] cron call (${toolCallId}) has no delivery config, skip.`)
-      return undefined
-    }
-    const newParams = patchCronDeliveryInParams(params, sk, delivery)
-    if (!newParams) {
-      dcgLogger(`[${LOG_TAG}] cron call (${toolCallId}) could not locate delivery on params clone, skip.`)
-      return undefined
-    }
-
-    const patched = newParams.delivery ?? (newParams.job as Record<string, unknown>)?.delivery
-    if (needsBestEffort(delivery)) {
-      dcgLogger(
-        `[${LOG_TAG}] cron call (${toolCallId}) patched delivery (announce, no channel): bestEffort=true, ` +
-          `delivery=${JSON.stringify(patched)}`
-      )
-    } else {
-      dcgLogger(
-        `[${LOG_TAG}] cron call (${toolCallId}) patched delivery.to / accountId (sessionKey=${sk}), ` +
-          `delivery=${JSON.stringify(patched)}`
-      )
-    }
-
-    return { params: newParams }
-  } else if (toolName === 'exec') {
-    if (params.command.indexOf('cron create') > -1 || params.command.indexOf('cron add') > -1) {
-      const newParams = JSON.parse(JSON.stringify(params)) as Record<string, unknown>
-      newParams.command =
-        params.command.replace('--json', '') + `  --session-key ${sk}  --channel ${"dcgchat"}  --to dcg-cron:${sk} --json`
-      return { params: newParams }
-    } else {
-      return undefined
-    }
-  }
-
-  return undefined
-}

package/src/gateway/index.ts

@@ -1,447 +0,0 @@
-// Gateway connection handler - connects to local OpenClaw gateway
-import { WebSocket } from 'ws'
-import crypto from 'crypto'
-import { deriveDeviceIdFromPublicKey, publicKeyRawBase64UrlFromPem, buildDeviceAuthPayloadV3, signDevicePayload } from './security.js'
-import { dcgLogger } from '../utils/log.js'
-import { getWorkspaceDir } from '../utils/global.js'
-import { handleGatewayEventMessage } from '../utils/gatewayMsgHanlder.js'
-
-export interface GatewayEvent {
-  type: string
-  payload?: Record<string, unknown>
-  seq?: number
-}
-
-export interface GatewayHelloOk {
-  server: {
-    connId: string
-  }
-  features: {
-    methods: string[]
-    events: string[]
-  }
-  policy?: {
-    tickIntervalMs?: number
-  }
-  auth?: {
-    deviceToken?: string
-    role?: string
-    scopes?: string[]
-  }
-}
-
-export interface GatewayResponse {
-  type: 'res'
-  id: string
-  ok: boolean
-  /** 多数 RPC 成功时的返回值 */
-  result?: unknown
-  /** connect 及部分响应使用 payload（见 docs/gateway/protocol.md） */
-  payload?: unknown
-  error?: {
-    code: string
-    message: string
-    details?: Record<string, unknown>
-  }
-}
-
-export interface GatewayEventFrame {
-  type: 'event'
-  event: string
-  payload?: Record<string, unknown>
-  seq?: number
-}
-
-export interface GatewayHelloOkFrame {
-  type: 'hello-ok'
-  server: {
-    connId: string
-  }
-  features: {
-    methods: string[]
-    events: string[]
-  }
-  policy?: {
-    tickIntervalMs?: number
-  }
-}
-
-// Union of all possible gateway messages
-export type GatewayMessage = GatewayEventFrame | GatewayResponse | GatewayHelloOkFrame
-
-export interface GatewayConfig {
-  url: string
-  token: string
-  role: string
-  scopes: string[]
-  reconnectInterval?: number
-  maxReconnectAttempts?: number
-}
-
-/**
- * Gateway connection handler
- */
-export class GatewayConnection {
-  private ws: WebSocket | null = null
-  private config: Required<GatewayConfig>
-  private deviceId: string
-  private privateKeyPem: string
-  private publicKeyB64Url: string
-  private connected: boolean = false
-  private connId: string | null = null
-  /** 服务端 connect.challenge 提供的 nonce，须与签名载荷一致 */
-  private connectChallengeNonce: string | null = null
-  private connectSent: boolean = false
-  private pendingRpcById: Map<string, (response: GatewayResponse) => void> = new Map()
-  private eventHandlers: Set<(event: GatewayEvent) => void> = new Set()
-
-  constructor(config: GatewayConfig) {
-    this.config = {
-      url: config.url,
-      token: config.token,
-      role: config.role || 'operator',
-      scopes: config.scopes || ['operator.admin'],
-      reconnectInterval: config.reconnectInterval || 5000,
-      maxReconnectAttempts: config.maxReconnectAttempts || 10
-    }
-
-    const identity = this.loadOrCreateDeviceIdentity()
-    // 必须与公钥指纹一致（deriveDeviceIdFromPublicKey），不可用随机 UUID
-    this.deviceId = identity.deviceId
-    this.privateKeyPem = identity.privateKeyPem
-    this.publicKeyB64Url = identity.publicKeyB64Url
-  }
-
-  private loadOrCreateDeviceIdentity() {
-    const fs = require('fs')
-    const path = require('path')
-    const workspaceDir = getWorkspaceDir()
-    const stateDir = path.join(workspaceDir, '.state')
-    const deviceFile = path.join(stateDir, 'device.json')
-
-    // Try to load existing identity
-    if (fs.existsSync(deviceFile)) {
-      const stored = JSON.parse(fs.readFileSync(deviceFile, 'utf8'))
-      if (stored.deviceId && stored.publicKeyPem && stored.privateKeyPem) {
-        const derivedId = deriveDeviceIdFromPublicKey(stored.publicKeyPem)
-        const deviceId = derivedId !== stored.deviceId ? derivedId : stored.deviceId
-        if (derivedId !== stored.deviceId) {
-          try {
-            fs.writeFileSync(deviceFile, JSON.stringify({ ...stored, deviceId: derivedId }, null, 2))
-          } catch {
-            /* keep in-memory fixed id only */
-          }
-        }
-        return {
-          deviceId,
-          publicKeyPem: stored.publicKeyPem,
-          privateKeyPem: stored.privateKeyPem,
-          publicKeyB64Url: publicKeyRawBase64UrlFromPem(stored.publicKeyPem)
-        }
-      }
-    }
-
-    // Create new identity
-    const keyPair = crypto.generateKeyPairSync('ed25519')
-    const publicKeyPem = keyPair.publicKey.export({ type: 'spki', format: 'pem' }).toString()
-    const privateKeyPem = keyPair.privateKey.export({ type: 'pkcs8', format: 'pem' }).toString()
-    const deviceId = deriveDeviceIdFromPublicKey(publicKeyPem)
-    const publicKeyB64Url = publicKeyRawBase64UrlFromPem(publicKeyPem)
-
-    // Ensure directory exists
-    if (!fs.existsSync(stateDir)) {
-      fs.mkdirSync(stateDir, { recursive: true })
-    }
-
-    // Save identity
-    fs.writeFileSync(
-      deviceFile,
-      JSON.stringify(
-        {
-          version: 1,
-          deviceId,
-          publicKeyPem,
-          privateKeyPem,
-          createdAtMs: Date.now()
-        },
-        null,
-        2
-      )
-    )
-    fs.chmodSync(deviceFile, 0o600)
-
-    return { deviceId, publicKeyPem, privateKeyPem, publicKeyB64Url }
-  }
-
-  /**
-   * Connect to the gateway
-   */
-  async connect(): Promise<GatewayHelloOk> {
-    return new Promise((resolve, reject) => {
-      this.connectChallengeNonce = null
-      this.connectSent = false
-      this.ws = new WebSocket(this.config.url)
-
-      let handshakeSettled = false
-      const finishHandshake = (fn: () => void) => {
-        if (handshakeSettled) return
-        handshakeSettled = true
-        clearTimeout(timeout)
-        fn()
-      }
-
-      const timeout = setTimeout(() => {
-        finishHandshake(() => reject(new Error('Gateway connection timeout')))
-      }, 15000)
-
-      this.ws.on('open', () => {
-        dcgLogger('Gateway connection opened（等待 connect.challenge）')
-      })
-
-      this.ws.on('message', (data, ...args) => {
-        try {
-          const msg = JSON.parse(data.toString())
-          this.handleMessage(
-            msg,
-            (hello) => finishHandshake(() => resolve(hello)),
-            (err) => finishHandshake(() => reject(err)),
-            timeout
-          )
-        } catch (err) {
-          dcgLogger(`[Gateway] 解析消息失败: ${err}`, 'error')
-        }
-      })
-
-      this.ws.on('close', () => {
-        this.connected = false
-        finishHandshake(() => reject(new Error('Gateway 在握手完成前关闭了连接')))
-      })
-
-      this.ws.on('error', (err) => {
-        dcgLogger(`Gateway 连接错误: ${err}`, 'error')
-        finishHandshake(() => reject(err))
-      })
-    })
-  }
-
-  /**
-   * Send initial connect request
-   */
-  private sendConnect(): void {
-    if (this.connectSent) return
-    const nonce = this.connectChallengeNonce?.trim() ?? ''
-    if (!nonce) return
-
-    this.connectSent = true
-    const signedAtMs = Date.now()
-    const platform = process.platform
-
-    const payload = buildDeviceAuthPayloadV3({
-      deviceId: this.deviceId,
-      clientId: 'gateway-client',
-      clientMode: 'backend',
-      role: this.config.role,
-      scopes: this.config.scopes,
-      signedAtMs,
-      token: this.config.token,
-      nonce,
-      platform,
-      deviceFamily: ''
-    })
-
-    const signature = signDevicePayload(this.privateKeyPem, payload)
-
-    this.ws?.send(
-      JSON.stringify({
-        type: 'req',
-        id: '1',
-        method: 'connect',
-        params: {
-          minProtocol: 3,
-          maxProtocol: 3,
-          client: {
-            id: 'gateway-client',
-            version: '1.0.0',
-            platform,
-            mode: 'backend'
-          },
-          auth: { token: this.config.token },
-          role: this.config.role,
-          scopes: this.config.scopes,
-          device: {
-            id: this.deviceId,
-            publicKey: this.publicKeyB64Url,
-            signature,
-            signedAt: signedAtMs,
-            nonce
-          }
-        }
-      })
-    )
-  }
-
-  /**
-   * Handle incoming messages
-   */
-  private mapHelloPayloadToHelloOk(payload: Record<string, unknown>): GatewayHelloOk {
-    const serverRaw = payload.server as Record<string, unknown> | undefined
-    const featuresRaw = payload.features as Record<string, unknown> | undefined
-    return {
-      server: { connId: typeof serverRaw?.connId === 'string' ? serverRaw.connId : '' },
-      features: {
-        methods: Array.isArray(featuresRaw?.methods) ? (featuresRaw.methods as string[]) : [],
-        events: Array.isArray(featuresRaw?.events) ? (featuresRaw.events as string[]) : []
-      },
-      policy: payload.policy as GatewayHelloOk['policy'],
-      auth: payload.auth as GatewayHelloOk['auth']
-    }
-  }
-
-  private handleMessage(
-    msg: Record<string, any>,
-    resolveHello: (helloOk: GatewayHelloOk) => void,
-    rejectHello: (err: Error) => void,
-    timeout: NodeJS.Timeout
-  ): void {
-    const msgType = msg.type as string | undefined
-
-    if (msg.type === 'event' && msg.event === 'connect.challenge') {
-      const payload = msg.payload as Record<string, unknown> | undefined
-      const nonce = typeof payload?.nonce === 'string' ? payload.nonce.trim() : ''
-      if (!nonce) {
-        rejectHello(new Error('connect.challenge 缺少 nonce'))
-        return
-      }
-      this.connectChallengeNonce = nonce
-      this.sendConnect()
-      return
-    }
-
-    // 协议 v3：握手成功为 type:"res" + payload.type:"hello-ok"（见 openclaw docs/gateway/protocol.md）
-    if (msg.type === 'res' && !this.connected) {
-      const ok = msg.ok === true
-      const inner = msg.payload as Record<string, unknown> | undefined
-      if (ok && inner && inner.type === 'hello-ok') {
-        this.connected = true
-        const serverRaw = inner.server as Record<string, unknown> | undefined
-        this.connId = typeof serverRaw?.connId === 'string' ? serverRaw.connId : null
-        clearTimeout(timeout)
-        dcgLogger(`[Gateway] 已连接 connId=${this.connId ?? '(none)'}`)
-        resolveHello(this.mapHelloPayloadToHelloOk(inner))
-        return
-      }
-      if (msg.ok === false) {
-        const errObj = msg.error as Record<string, unknown> | undefined
-        const message = (typeof errObj?.message === 'string' && errObj.message) || 'Gateway connect 被拒绝'
-        clearTimeout(timeout)
-        rejectHello(new Error(message))
-        return
-      }
-    }
-
-    // 旧式或其它实现：顶层 hello-ok
-    if (msgType === 'hello-ok' || (!msgType && msg.server)) {
-      this.connected = true
-      this.connId = ((msg.server as Record<string, unknown>)?.connId as string) || null
-      clearTimeout(timeout)
-      dcgLogger(`[Gateway] 已连接 connId=${this.connId ?? '(none)'}`)
-      resolveHello(msg as unknown as GatewayHelloOk)
-      return
-    }
-    if (msg.type === 'res') {
-      const handler = this.pendingRpcById.get(msg.id as string)
-      if (handler) {
-        this.pendingRpcById.delete(msg.id as string)
-        handler(msg as unknown as GatewayResponse)
-      }
-      return
-    }
-
-    if (msg.type === 'event') {
-      const event = handleGatewayEventMessage(msg)
-      this.eventHandlers.forEach((h) => h(event))
-    }
-  }
-
-  /**
-   * Call a gateway method
-   */
-  async callMethod<T = unknown>(method: string, params: Record<string, unknown> = {}): Promise<T> {
-    const id = crypto.randomUUID()
-
-    return new Promise((resolve, reject) => {
-      if (!this.connected || !this.ws) {
-        reject(new Error('Not connected to gateway'))
-        return
-      }
-
-      const timeout = setTimeout(() => {
-        this.pendingRpcById.delete(id)
-        reject(new Error('Method call timeout'))
-      }, 30000)
-
-      this.pendingRpcById.set(id, (response) => {
-        clearTimeout(timeout)
-        if (response.ok) {
-          const body = response.result !== undefined ? response.result : (response as GatewayResponse).payload
-          resolve(body as T)
-        } else {
-          reject(new Error(response.error?.message || 'Method call failed'))
-        }
-      })
-
-      this.ws.send(
-        JSON.stringify({
-          type: 'req',
-          id,
-          method,
-          params
-        })
-      )
-    })
-  }
-
-  /**
-   * Register event handler
-   */
-  onEvent(handler: (event: GatewayEvent) => void): () => void {
-    this.eventHandlers.add(handler)
-    return () => this.eventHandlers.delete(handler)
-  }
-
-  /**
-   * Close connection
-   */
-  close(): void {
-    this.ws?.close(1000, 'Plugin stopped')
-    this.connected = false
-  }
-
-  /**
-   * Check if connected
-   */
-  isConnected(): boolean {
-    return this.connected
-  }
-
-  /**
-   * Get connection ID
-   */
-  getConnId(): string | null {
-    return this.connId
-  }
-
-  /**
-   * Get the WebSocket instance (for external use)
-   */
-  getWebSocket(): WebSocket | null {
-    return this.ws
-  }
-
-  /**
-   * Ping the gateway
-   */
-  ping(): void {
-    this.ws?.ping()
-  }
-}