@dcrays/dcgchat 0.4.27 → 0.5.0

package/src/gateway/security.ts

@@ -1,95 +0,0 @@
-// Security utilities for the tunnel plugin
-import crypto from 'crypto'
-
-// ED25519 SubjectPublicKeyInfo prefix (must match openclaw gateway `ED25519_SPKI_PREFIX`)
-const ED25519_SPKI_PREFIX = Buffer.from('302a300506032b6570032100', 'hex')
-
-/**
- * Raw 32-byte Ed25519 public key bytes from PEM (same rules as openclaw `derivePublicKeyRaw`).
- */
-export function derivePublicKeyRawFromPem(publicKeyPem: string): Buffer {
-  const spki = crypto.createPublicKey(publicKeyPem).export({ type: 'spki', format: 'der' }) as Buffer
-  if (spki.length === ED25519_SPKI_PREFIX.length + 32 && spki.subarray(0, ED25519_SPKI_PREFIX.length).equals(ED25519_SPKI_PREFIX)) {
-    return spki.subarray(ED25519_SPKI_PREFIX.length)
-  }
-  return spki
-}
-
-/**
- * Base64url encode (no padding)
- */
-export function base64UrlEncode(buffer: Buffer): string {
-  return buffer.toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '')
-}
-
-/** Wire-format device public key (base64url of raw 32 bytes), matches gateway expectations. */
-export function publicKeyRawBase64UrlFromPem(publicKeyPem: string): string {
-  return base64UrlEncode(derivePublicKeyRawFromPem(publicKeyPem))
-}
-
-/**
- * Derive device ID from ED25519 public key
- * Device ID = sha256(rawPublicKey)
- */
-export function deriveDeviceIdFromPublicKey(publicKeyPem: string): string {
-  const rawPublicKey = derivePublicKeyRawFromPem(publicKeyPem)
-  return crypto.createHash('sha256').update(rawPublicKey).digest('hex')
-}
-
-/**
- * Sign device payload
- */
-export function signDevicePayload(privateKeyPem: string, payload: string, encoding: 'base64' | 'base64url' = 'base64url'): string {
-  const key = crypto.createPrivateKey(privateKeyPem)
-  const sig = crypto.sign(null, Buffer.from(payload, 'utf8'), key)
-  return encoding === 'base64url' ? base64UrlEncode(sig) : sig.toString('base64')
-}
-function normalizeTrimmedMetadata(value: unknown): string {
-  if (typeof value !== 'string') return ''
-  const trimmed = value.trim()
-  return trimmed ? trimmed : ''
-}
-
-function toLowerAscii(input: string): string {
-  return input.replace(/[A-Z]/g, (char) => String.fromCharCode(char.charCodeAt(0) + 32))
-}
-
-function normalizeDeviceMetadataForAuth(value: unknown): string {
-  const trimmed = normalizeTrimmedMetadata(value)
-  if (!trimmed) return ''
-  return toLowerAscii(trimmed)
-}
-
-/**
- * Device authentication payload v3（与 openclaw `buildDeviceAuthPayloadV3` 一致）
- */
-export function buildDeviceAuthPayloadV3(params: {
-  deviceId: string
-  clientId: string
-  clientMode: string
-  role: string
-  scopes: string[]
-  signedAtMs: number
-  token: string
-  nonce: string
-  platform?: string
-  deviceFamily?: string
-}): string {
-  const scopes = params.scopes.join(',')
-  const token = params.token ?? ''
-  const platform = normalizeDeviceMetadataForAuth(params.platform ?? '')
-  const deviceFamily = normalizeDeviceMetadataForAuth(params.deviceFamily ?? '')
-  return [
-    'v3',
-    params.deviceId,
-    params.clientId,
-    params.clientMode,
-    params.role,
-    scopes,
-    String(params.signedAtMs),
-    token,
-    params.nonce,
-    platform,
-    deviceFamily
-  ].join('|')
-}

package/src/gateway/socket.ts

@@ -1,285 +0,0 @@
-import type { OpenClawConfig } from 'openclaw/plugin-sdk'
-import { getOpenClawConfig } from '../utils/global.js'
-import { GatewayConnection, type GatewayConfig } from './index.js'
-import { dcgLogger } from '../utils/log.js'
-
-/** 与 gateway-methods 中 registerGatewayMethod 名称一致（供引用） */
-export const DCGCHAT_GATEWAY_METHODS = ['dcgchat.cron.status', 'dcgchat.cron.add', 'dcgchat.cron.list', 'dcgchat.cron.remove'] as const
-
-const PING_INTERVAL_MS = 30_000
-const RECONNECT_DELAY_MS = 5_000
-
-type OpenClawGatewaySection = {
-  port?: number
-  bind?: string
-  tls?: { enabled?: boolean }
-  auth?: { mode?: string; token?: string }
-  remote?: { url?: string }
-}
-
-function getGatewaySection(cfg: OpenClawConfig): OpenClawGatewaySection | undefined {
-  return (cfg as OpenClawConfig & { gateway?: OpenClawGatewaySection }).gateway
-}
-
-/**
- * 从 OpenClaw 配置解析本地/远程 Gateway WebSocket 与 token。
- * 可用环境变量覆盖：OPENCLAW_GATEWAY_URL、OPENCLAW_GATEWAY_TOKEN。
- */
-export function resolveGatewayClientConfig(cfg: OpenClawConfig | null): GatewayConfig {
-  if (!cfg) {
-    throw new Error('OpenClaw 配置未初始化（需先完成插件 register）')
-  }
-  const g = getGatewaySection(cfg)
-  const token = process.env.OPENCLAW_GATEWAY_TOKEN || g?.auth?.token || ''
-  if (!token) {
-    throw new Error('缺少 Gateway token：请在 openclaw.json 的 gateway.auth.token 设置，或设置环境变量 OPENCLAW_GATEWAY_TOKEN')
-  }
-
-  const scheme = g?.tls?.enabled === true ? 'wss' : 'ws'
-  const url = process.env.OPENCLAW_GATEWAY_URL || g?.remote?.url || `${scheme}://127.0.0.1:${g?.port ?? 18789}`
-
-  return {
-    url,
-    token,
-    role: 'operator',
-    scopes: ['operator.admin']
-  }
-}
-
-function resolveConfigSafe(): GatewayConfig | null {
-  try {
-    return resolveGatewayClientConfig(getOpenClawConfig())
-  } catch (e) {
-    dcgLogger(`Gateway 持久连接未启动: ${e}`, 'error')
-    return null
-  }
-}
-
-/**
- * 解析要调用的 Gateway 方法。
- * - 纯文本：整段为 method，params 为空
- * - JSON：`{ "method": "dcgchat.cron.list", "params": { "includeDisabled": true } }`
- */
-export function parseGatewayRpcMessage(message: string): { method: string; params: Record<string, unknown> } {
-  const trimmed = message.trim()
-  if (!trimmed) {
-    throw new Error('message 为空')
-  }
-  if (!trimmed.startsWith('{')) {
-    return { method: trimmed, params: {} }
-  }
-  let parsed: unknown
-  try {
-    parsed = JSON.parse(trimmed)
-  } catch {
-    throw new Error('message 不是合法 JSON')
-  }
-  if (!parsed || typeof parsed !== 'object' || Array.isArray(parsed)) {
-    throw new Error('message JSON 必须是对象')
-  }
-  const o = parsed as Record<string, unknown>
-  if (typeof o.method !== 'string' || !o.method.trim()) {
-    throw new Error('message JSON 须包含非空字符串字段 method')
-  }
-  if (o.params != null && (typeof o.params !== 'object' || Array.isArray(o.params))) {
-    throw new Error('message JSON 的 params 必须是对象')
-  }
-  return {
-    method: o.method.trim(),
-    params: (o.params as Record<string, unknown>) || {}
-  }
-}
-
-/** 任意 method + params，由调用方决定载荷 */
-export type GatewayRpcPayload = {
-  method: string
-  params?: Record<string, unknown>
-}
-
-let persistentConn: GatewayConnection | null = null
-let pingTimer: ReturnType<typeof setInterval> | null = null
-let reconnectTimer: ReturnType<typeof setTimeout> | null = null
-/** register 可能被调用多次，只保留一个「延迟首次连接」定时器，避免同一时刻触发两次 connect */
-let startupConnectTimer: ReturnType<typeof setTimeout> | null = null
-let connectInFlight = false
-let socketStopped = true
-/** 用于忽略「已被替换的旧连接」上的 close/error */
-let socketGeneration = 0
-
-function clearPingTimer(): void {
-  if (pingTimer) {
-    clearInterval(pingTimer)
-    pingTimer = null
-  }
-}
-
-function clearReconnectTimer(): void {
-  if (reconnectTimer) {
-    clearTimeout(reconnectTimer)
-    reconnectTimer = null
-  }
-}
-
-function clearStartupConnectTimer(): void {
-  if (startupConnectTimer) {
-    clearTimeout(startupConnectTimer)
-    startupConnectTimer = null
-  }
-}
-
-function startPingTimer(gw: GatewayConnection): void {
-  clearPingTimer()
-  pingTimer = setInterval(() => {
-    if (!gw.isConnected()) return
-    try {
-      gw.ping()
-    } catch (e) {
-      dcgLogger(`Gateway ping 失败: ${e}`, 'error')
-    }
-  }, PING_INTERVAL_MS)
-}
-
-function scheduleReconnect(): void {
-  if (socketStopped || reconnectTimer) return
-  reconnectTimer = setTimeout(() => {
-    reconnectTimer = null
-    void connectPersistentGateway()
-  }, RECONNECT_DELAY_MS)
-}
-
-function attachSocketLifecycle(gw: GatewayConnection, generation: number): void {
-  const ws = gw.getWebSocket()
-  if (!ws) return
-
-  const onDown = () => {
-    if (generation !== socketGeneration) return
-    clearPingTimer()
-    if (persistentConn === gw) {
-      persistentConn = null
-    }
-    dcgLogger('Gateway WebSocket 已断开，将在 5s 后重连', 'error')
-    if (!socketStopped) {
-      scheduleReconnect()
-    }
-  }
-
-  ws.once('close', onDown)
-  ws.once('error', onDown)
-}
-
-async function connectPersistentGateway(): Promise<void> {
-  if (socketStopped) return
-  if (persistentConn?.isConnected()) return
-  if (connectInFlight) return
-
-  const cfg = resolveConfigSafe()
-  if (!cfg) return
-
-  connectInFlight = true
-  try {
-    socketGeneration += 1
-    const generation = socketGeneration
-
-    if (persistentConn) {
-      try {
-        persistentConn.close()
-      } catch {
-        /* ignore */
-      }
-      persistentConn = null
-    }
-
-    const gw = new GatewayConnection(cfg)
-    await gw.connect()
-    if (socketStopped) {
-      try {
-        gw.close()
-      } catch {
-        /* ignore */
-      }
-      return
-    }
-    if (generation !== socketGeneration) {
-      try {
-        gw.close()
-      } catch {
-        /* ignore */
-      }
-      return
-    }
-    persistentConn = gw
-    attachSocketLifecycle(gw, generation)
-    startPingTimer(gw)
-    dcgLogger(`Gateway 持久连接成功 connId=${gw.getConnId() ?? '?'}`)
-  } catch (e) {
-    dcgLogger(`Gateway 连接失败: ${e}`, 'error')
-    persistentConn = null
-    clearPingTimer()
-    if (!socketStopped) {
-      scheduleReconnect()
-    }
-  } finally {
-    connectInFlight = false
-  }
-}
-
-/**
- * 插件 register 后调用：建立到 OpenClaw Gateway 的长连接，30s 一次 WebSocket ping，断线每 5s 重连。
- */
-export function startDcgchatGatewaySocket(): void {
-  socketStopped = false
-  clearReconnectTimer()
-  if (startupConnectTimer != null) return
-  startupConnectTimer = setTimeout(() => {
-    startupConnectTimer = null
-    void connectPersistentGateway()
-  }, 0)
-}
-
-/**
- * 停止长连接与重连（例如测试或显式下线）。
- */
-export function stopDcgchatGatewaySocket(): void {
-  socketStopped = true
-  clearReconnectTimer()
-  clearStartupConnectTimer()
-  clearPingTimer()
-  if (persistentConn) {
-    try {
-      persistentConn.close()
-    } catch {
-      /* ignore */
-    }
-    persistentConn = null
-  }
-}
-
-export function isDcgchatGatewaySocketConnected(): boolean {
-  return persistentConn?.isConnected() ?? false
-}
-
-/**
- * 在已连接时调用 Gateway RPC；`params` 完全由调用方传入，不做固定结构。
- */
-export async function callGatewayMethod<T = unknown>(method: string, params: Record<string, unknown> = {}): Promise<T> {
-  const gw = persistentConn
-  if (!gw?.isConnected()) {
-    throw new Error('Gateway 未连接（等待重连或检查配置）')
-  }
-  return gw.callMethod<T>(method, params)
-}
-
-/**
- * 使用对象形式发送 RPC（推荐）。
- */
-export async function sendGatewayRpc<T = unknown>(payload: GatewayRpcPayload): Promise<T> {
-  return callGatewayMethod<T>(payload.method, payload.params ?? {})
-}
-
-/**
- * 兼容：字符串方法名，或 JSON 字符串 `{ method, params? }`。
- */
-export async function sendMessageToGateway(message: string): Promise<unknown> {
-  const { method, params } = parseGatewayRpcMessage(message)
-  return callGatewayMethod(method, params)
-}

package/src/monitor.ts

@@ -1,165 +0,0 @@
-import type { ClawdbotConfig, RuntimeEnv } from 'openclaw/plugin-sdk'
-import WebSocket from 'ws'
-import { resolveAccount } from './channel.js'
-import { setWsConnection, getOpenClawConfig } from './utils/global.js'
-import { dcgLogger } from './utils/log.js'
-import { isWsOpen } from './transport.js'
-import { handleParsedWsMessage } from './utils/wsMessageHandler.js'
-
-export type MonitorDcgchatOpts = {
-  config?: ClawdbotConfig
-  runtime?: RuntimeEnv
-  abortSignal?: AbortSignal
-  accountId?: string
-}
-
-const RECONNECT_DELAY_MS = 3000
-const HEARTBEAT_INTERVAL_MS = 30_000
-
-function buildConnectUrl(account: Record<string, string>): string {
-  const { wsUrl, botToken, userId, domainId, appId } = account
-  const url = new URL(wsUrl)
-  if (botToken) url.searchParams.set('bot_token', botToken)
-  if (userId) url.searchParams.set('_userId', userId)
-  url.searchParams.set('_domainId', domainId || '1000')
-  url.searchParams.set('_appId', appId || '100')
-  return url.toString()
-}
-
-export async function monitorDcgchatProvider(opts: MonitorDcgchatOpts): Promise<void> {
-  const { abortSignal, accountId } = opts
-
-  const config = getOpenClawConfig()
-  if (!config) {
-    dcgLogger('no config available', 'error')
-    return
-  }
-
-  const account = resolveAccount(config, accountId ?? 'default')
-
-  if (!account.wsUrl) {
-    dcgLogger(` wsUrl not configured`, 'error')
-    return
-  }
-
-  let shouldReconnect = true
-  let ws: WebSocket | null = null
-  let heartbeatTimer: ReturnType<typeof setInterval> | null = null
-  let heartbeatLogCounter = 0
-
-  const isOpenclawBotHeartbeat = (raw: WebSocket.RawData, parsedMsg: { messageType?: string }): boolean => {
-    if (parsedMsg?.messageType === 'openclaw_bot_heartbeat') return true
-    if (typeof raw === 'object' && raw !== null && !Buffer.isBuffer(raw)) {
-      return (raw as { messageType?: string }).messageType === 'openclaw_bot_heartbeat'
-    }
-    return false
-  }
-
-  const stopHeartbeat = () => {
-    if (heartbeatTimer) {
-      clearInterval(heartbeatTimer)
-      heartbeatTimer = null
-    }
-  }
-  function onHeartbeat() {
-    if (isWsOpen()) {
-      const heartbeat = {
-        messageType: 'openclaw_bot_heartbeat',
-        _userId: Number(account.userId) || 0,
-        source: 'client',
-        content: {
-          bot_token: account.botToken,
-          status: '1'
-        }
-      }
-      ws?.send(JSON.stringify(heartbeat))
-    }
-  }
-  const startHeartbeat = () => {
-    stopHeartbeat()
-    heartbeatTimer = setInterval(() => {
-      onHeartbeat()
-    }, HEARTBEAT_INTERVAL_MS)
-  }
-
-  const connect = () => {
-    if (!shouldReconnect) return
-
-    const connectUrl = buildConnectUrl(account as Record<string, any>)
-    dcgLogger(`connecting to ${connectUrl}`)
-    ws = new WebSocket(connectUrl)
-
-    ws.on('open', () => {
-      dcgLogger(`socket connected`)
-      setWsConnection(ws)
-      startHeartbeat()
-      onHeartbeat()
-    })
-
-    ws.on('message', async (data) => {
-      let parsed: { messageType?: string; content: any }
-      try {
-        parsed = JSON.parse(data.toString())
-      } catch {
-        dcgLogger(`用户消息解析失败: invalid JSON received`, 'error')
-        return
-      }
-
-      const payloadStr = data.toString()
-      const heartbeat = isOpenclawBotHeartbeat(data, parsed)
-      if (heartbeat) {
-        heartbeatLogCounter += 1
-        if (heartbeatLogCounter % 10 === 0 || heartbeatLogCounter === 1) {
-          dcgLogger(`${parsed?.messageType}, ${payloadStr}`)
-          dcgLogger(`heartbeat ack received, ${payloadStr}`)
-        }
-        return
-      }
-
-      dcgLogger(`${parsed?.messageType}, ${payloadStr}`)
-      try {
-        parsed.content = JSON.parse(parsed.content)
-      } catch {
-        dcgLogger(`用户消息content字段解析失败: invalid JSON received`, 'error')
-        return
-      }
-      await handleParsedWsMessage(parsed, payloadStr, account.accountId)
-    })
-
-    ws.on('close', (code, reason) => {
-      stopHeartbeat()
-      setWsConnection(null)
-      dcgLogger(`disconnected (code=${code}, reason=${reason?.toString() || ''})`, 'error')
-      if (shouldReconnect) {
-        dcgLogger(`reconnecting in ${RECONNECT_DELAY_MS}ms...`)
-        setTimeout(connect, RECONNECT_DELAY_MS)
-      }
-    })
-
-    ws.on('error', (e) => {
-      dcgLogger(`WebSocket error: ${String(e)}`, 'error')
-    })
-  }
-
-  connect()
-
-  await new Promise<void>((resolve) => {
-    if (abortSignal?.aborted) {
-      shouldReconnect = false
-      ws?.close()
-      resolve()
-      return
-    }
-    abortSignal?.addEventListener(
-      'abort',
-      () => {
-        dcgLogger(`socket stopping`)
-        stopHeartbeat()
-        shouldReconnect = false
-        ws?.close()
-        resolve()
-      },
-      { once: true }
-    )
-  })
-}

package/src/request/api.ts

@@ -1,70 +0,0 @@
-import { post } from './request.js'
-import type { IStsToken, IStsTokenReq } from '../types.js'
-import { getUserTokenCache, setUserTokenCache } from './userInfo.js'
-import { dcgLogger } from '../utils/log.js'
-
-export const getStsToken = async (name: string, botToken: string, isPrivate: 1 | 0) => {
-  // 确保 userToken 已缓存（如果未缓存会自动获取并缓存）
-  await getUserToken(botToken)
-
-  const response = await post<IStsTokenReq, IStsToken>('/user/getStsTokenByAsync', { sourceFileName: name, isPrivate }, { botToken })
-
-  if (!response || !response.data || !response.data.bucket) {
-    throw new Error('获取 OSS 临时凭证失败')
-  }
-
-  return response.data
-}
-export const generateSignUrl = async (file_url: string, botToken: string) => {
-  try {
-    // 确保 userToken 已缓存（如果未缓存会自动获取并缓存）
-    await getUserToken(botToken)
-
-    const response = await post<any>('/user/generateSignUrl', { loudPlatform: 0, fileName: file_url }, { botToken })
-    if (response.code === 0 && response.data) {
-      // @ts-ignore
-      return response.data?.filePath
-    }
-    return ''
-  } catch (error) {
-    return ''
-  }
-}
-
-/**
- * 通过 botToken 查询 userToken
- * @param botToken 机器人 token
- * @returns userToken
- */
-export const queryUserTokenByBotToken = async (botToken: string): Promise<string> => {
-  const response = await post<{ botToken: string }, { token: string }>('/organization/queryUserTokenByBotToken', { botToken })
-
-  if (!response || !response.data || !response.data.token) {
-    dcgLogger('获取绑定的用户信息失败: token:' + botToken + '|' + JSON.stringify(response), 'error')
-    return ''
-  }
-
-  return response.data.token
-}
-
-/**
- * 获取 userToken（优先从缓存获取，缓存未命中则调用 API）
- * @param botToken 机器人 token
- * @returns userToken
- */
-export const getUserToken = async (botToken: string): Promise<string> => {
-  // 1. 尝试从缓存获取
-  const cachedToken = getUserTokenCache(botToken)
-  if (cachedToken) {
-    return cachedToken
-  }
-
-  // 2. 缓存未命中，调用 API 获取
-  dcgLogger(`[api] cache miss, fetching userToken for botToken=${botToken.slice(0, 10)}...`)
-  const userToken = await queryUserTokenByBotToken(botToken)
-
-  // 3. 缓存新获取的 token
-  setUserTokenCache(botToken, userToken)
-
-  return userToken
-}

package/src/request/oss.ts

@@ -1,61 +0,0 @@
-import { createReadStream } from 'node:fs'
-// @ts-ignore
-import OSS from 'ali-oss'
-import { getStsToken, getUserToken } from './api.js'
-import { dcgLogger } from '../utils/log.js'
-
-/** 将 File/路径/Buffer 转为 ali-oss put 所需的 Buffer 或 ReadableStream */
-async function toUploadContent(
-  input: File | string | Buffer
-): Promise<{ content: Buffer | ReturnType<typeof createReadStream>; fileName: string }> {
-  if (Buffer.isBuffer(input)) {
-    return { content: input, fileName: 'file' }
-  }
-  if (typeof input === 'string') {
-    return {
-      content: createReadStream(input),
-      fileName: input.split('/').pop() ?? 'file'
-    }
-  }
-  // File: ali-oss 需要 Buffer/Stream，用 arrayBuffer 转 Buffer
-  const buf = Buffer.from(await input.arrayBuffer())
-  return { content: buf, fileName: input.name }
-}
-
-export const ossUpload = async (file: File | string | Buffer, botToken: string, isPrivate: 0 | 1 = 1) => {
-  await getUserToken(botToken)
-
-  const { content, fileName } = await toUploadContent(file)
-  const data = await getStsToken(fileName, botToken, isPrivate)
-
-  const options: OSS.Options = {
-    // 从STS服务获取的临时访问密钥（AccessKey ID和AccessKey Secret）。
-    accessKeyId: data.tempAccessKeyId,
-    accessKeySecret: data.tempAccessKeySecret,
-    // 从STS服务获取的安全令牌（SecurityToken）。
-    stsToken: data.tempSecurityToken,
-    // 填写Bucket名称。
-    bucket: data.bucket,
-    endpoint: data.endPoint,
-    region: data.region,
-    secure: true,
-    cname: true,
-    authorizationV4: true
-  }
-
-  const client = new OSS(options)
-
-  const name = `${data.uploadDir}${data.ossFileKey}`
-
-  try {
-    const objectResult = await client.put(name, content)
-    if (objectResult?.res?.status !== 200) {
-      dcgLogger(`OSS 上传失败, ${objectResult?.res?.status}`)
-    }
-    dcgLogger(`OSS 上传成功, ${objectResult.name || objectResult.url}`)
-    // const url = `${data.protocol || 'http'}://${data.bucket}.${data.endPoint}/${data.uploadDir}${data.ossFileKey}`
-    return isPrivate === 1 ? objectResult.name || objectResult.url : objectResult.url
-  } catch (error) {
-    dcgLogger(`OSS 上传失败: ${error}`, 'error')
-  }
-}