@eclaw/openclaw-channel 1.2.0 → 1.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/webhook-handler.d.ts +2 -1
- package/dist/webhook-handler.js +4 -8
- package/dist/webhook-registry.js +23 -11
- package/package.json +1 -1
|
@@ -15,4 +15,5 @@
|
|
|
15
15
|
* - Mission context via eclaw_context.missionHints
|
|
16
16
|
* - Silent suppression via silentToken (default "[SILENT]")
|
|
17
17
|
*/
|
|
18
|
-
export declare function createWebhookHandler(
|
|
18
|
+
export declare function createWebhookHandler(_expectedToken: string, // kept for API compat; auth is handled by webhook-registry
|
|
19
|
+
accountId: string, cfg: any): (req: any, res: any) => Promise<void>;
|
package/dist/webhook-handler.js
CHANGED
|
@@ -17,19 +17,15 @@ import { getClient, setActiveEvent, clearActiveEvent } from './outbound.js';
|
|
|
17
17
|
* - Mission context via eclaw_context.missionHints
|
|
18
18
|
* - Silent suppression via silentToken (default "[SILENT]")
|
|
19
19
|
*/
|
|
20
|
-
export function createWebhookHandler(
|
|
20
|
+
export function createWebhookHandler(_expectedToken, // kept for API compat; auth is handled by webhook-registry
|
|
21
|
+
accountId,
|
|
21
22
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
|
22
23
|
cfg // full openclaw config (ctx.cfg from startAccount)
|
|
23
24
|
) {
|
|
24
25
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
|
25
26
|
return async (req, res) => {
|
|
26
|
-
//
|
|
27
|
-
|
|
28
|
-
if (expectedToken && (!authHeader || authHeader !== `Bearer ${expectedToken}`)) {
|
|
29
|
-
res.writeHead(401, { 'Content-Type': 'application/json' });
|
|
30
|
-
res.end(JSON.stringify({ error: 'Unauthorized' }));
|
|
31
|
-
return;
|
|
32
|
-
}
|
|
27
|
+
// Token verification is handled by webhook-registry dispatch.
|
|
28
|
+
// No additional auth check needed here.
|
|
33
29
|
const msg = req.body;
|
|
34
30
|
// ACK immediately so E-Claw doesn't time out
|
|
35
31
|
res.writeHead(200, { 'Content-Type': 'application/json' });
|
package/dist/webhook-registry.js
CHANGED
|
@@ -22,18 +22,30 @@ export function unregisterWebhookToken(callbackToken) {
|
|
|
22
22
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
|
23
23
|
export async function dispatchWebhook(req, res) {
|
|
24
24
|
const authHeader = req.headers?.authorization;
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
25
|
+
// Try Bearer-token routing first (preferred)
|
|
26
|
+
if (authHeader?.startsWith('Bearer ')) {
|
|
27
|
+
const token = authHeader.slice(7);
|
|
28
|
+
const entry = registry.get(token);
|
|
29
|
+
if (entry) {
|
|
30
|
+
await entry.handler(req, res);
|
|
31
|
+
return;
|
|
32
|
+
}
|
|
33
|
+
// Token present but unknown — fall through to single-handler fallback
|
|
29
34
|
}
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
if (
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
res.end(JSON.stringify({ error: 'Unknown token' }));
|
|
35
|
+
// Fallback: if exactly one handler is registered, route to it.
|
|
36
|
+
// This handles E-Claw backends that don't echo callback_token.
|
|
37
|
+
if (registry.size === 1) {
|
|
38
|
+
const [, entry] = [...registry.entries()][0];
|
|
39
|
+
await entry.handler(req, res);
|
|
36
40
|
return;
|
|
37
41
|
}
|
|
38
|
-
|
|
42
|
+
// No valid routing possible
|
|
43
|
+
if (registry.size === 0) {
|
|
44
|
+
res.writeHead(503, { 'Content-Type': 'application/json' });
|
|
45
|
+
res.end(JSON.stringify({ error: 'No handlers registered' }));
|
|
46
|
+
}
|
|
47
|
+
else {
|
|
48
|
+
res.writeHead(401, { 'Content-Type': 'application/json' });
|
|
49
|
+
res.end(JSON.stringify({ error: 'Unauthorized' }));
|
|
50
|
+
}
|
|
39
51
|
}
|