@f2a/network 0.1.2

package/packages/openclaw-adapter/src/webhook-server.ts

@@ -0,0 +1,202 @@
+/**
+ * Webhook Server
+ * 接收 F2A Node 的事件通知
+ */
+
+import { createServer, IncomingMessage, ServerResponse } from 'http';
+import type { 
+  WebhookEvent, 
+  DiscoverWebhookPayload, 
+  DelegateWebhookPayload,
+  AgentCapability,
+  TaskResponse 
+} from './types.js';
+import { webhookLogger as logger } from './logger.js';
+
+/** 默认请求体大小限制 (64KB) - 元数据交换足够，防止 DoS */
+const DEFAULT_MAX_BODY_SIZE = 64 * 1024;
+
+export interface WebhookHandler {
+  onDiscover(payload: DiscoverWebhookPayload): Promise<{
+    capabilities: AgentCapability[];
+    reputation?: number;
+  }>;
+  
+  onDelegate(payload: DelegateWebhookPayload): Promise<{
+    accepted: boolean;
+    taskId: string;
+    reason?: string;
+  }>;
+  
+  onStatus(): Promise<{
+    status: 'available' | 'busy' | 'offline';
+    load?: number;
+  }>;
+}
+
+export class WebhookServer {
+  private port: number;
+  private handler: WebhookHandler;
+  private server?: ReturnType<typeof createServer>;
+  private maxBodySize: number;
+  /** 允许的 CORS 来源列表 */
+  private allowedOrigins: string[];
+
+  constructor(port: number, handler: WebhookHandler, options?: { 
+    maxBodySize?: number;
+    allowedOrigins?: string[];
+  }) {
+    this.port = port;
+    this.handler = handler;
+    this.maxBodySize = options?.maxBodySize || DEFAULT_MAX_BODY_SIZE;
+    // 默认只允许 localhost
+    this.allowedOrigins = options?.allowedOrigins ?? ['http://localhost'];
+  }
+
+  /**
+   * 启动 Webhook 服务器
+   */
+  async start(): Promise<void> {
+    return new Promise((resolve, reject) => {
+      this.server = createServer(this.handleRequest.bind(this));
+      
+      this.server.listen(this.port, () => {
+        logger.info('服务器启动在端口 %d', this.port);
+        resolve();
+      });
+
+      this.server.on('error', (err) => {
+        reject(err);
+      });
+    });
+  }
+
+  /**
+   * 停止 Webhook 服务器
+   */
+  async stop(): Promise<void> {
+    if (this.server) {
+      return new Promise((resolve) => {
+        this.server?.close(() => {
+          logger.info('服务器已停止');
+          resolve();
+        });
+      });
+    }
+  }
+
+  /**
+   * 处理 HTTP 请求
+   */
+  private async handleRequest(req: IncomingMessage, res: ServerResponse): Promise<void> {
+    // 设置 CORS - 使用配置的允许来源
+    const origin = req.headers.origin;
+    // 当 allowedOrigins 为空数组时，使用默认值 'http://localhost'
+    // 当 origin 不在允许列表中时，使用第一个允许的来源或默认值
+    const defaultOrigin = 'http://localhost';
+    let allowOrigin: string;
+    
+    if (this.allowedOrigins.length === 0) {
+      // 没有配置允许来源，使用默认值
+      allowOrigin = defaultOrigin;
+    } else if (origin && this.allowedOrigins.includes(origin)) {
+      // origin 在允许列表中
+      allowOrigin = origin;
+    } else {
+      // origin 不在允许列表中，使用第一个允许的来源
+      allowOrigin = this.allowedOrigins[0];
+    }
+    
+    res.setHeader('Access-Control-Allow-Origin', allowOrigin);
+    res.setHeader('Access-Control-Allow-Methods', 'POST, OPTIONS');
+    res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
+
+    if (req.method === 'OPTIONS') {
+      res.writeHead(200);
+      res.end();
+      return;
+    }
+
+    if (req.method !== 'POST') {
+      res.writeHead(405, { 'Content-Type': 'application/json' });
+      res.end(JSON.stringify({ error: 'Method not allowed' }));
+      return;
+    }
+
+    try {
+      const body = await this.parseBody(req);
+      const event = body as WebhookEvent;
+
+      logger.info('收到事件: %s', event.type);
+
+      let result: unknown;
+
+      switch (event.type) {
+        case 'discover':
+          result = await this.handler.onDiscover(event.payload as DiscoverWebhookPayload);
+          break;
+
+        case 'delegate':
+          result = await this.handler.onDelegate(event.payload as DelegateWebhookPayload);
+          break;
+
+        case 'status':
+          result = await this.handler.onStatus();
+          break;
+
+        default:
+          res.writeHead(400, { 'Content-Type': 'application/json' });
+          res.end(JSON.stringify({ error: `Unknown event type: ${event.type}` }));
+          return;
+      }
+
+      res.writeHead(200, { 'Content-Type': 'application/json' });
+      res.end(JSON.stringify(result));
+
+    } catch (error) {
+      logger.error('处理错误: %s', error);
+      res.writeHead(500, { 'Content-Type': 'application/json' });
+      res.end(JSON.stringify({ 
+        error: error instanceof Error ? error.message : 'Internal error' 
+      }));
+    }
+  }
+
+  /**
+   * 解析请求体
+   * 带大小限制，防止 DoS 攻击
+   */
+  private parseBody(req: IncomingMessage): Promise<unknown> {
+    return new Promise((resolve, reject) => {
+      let body = '';
+      let size = 0;
+      
+      req.on('data', (chunk) => {
+        size += chunk.length;
+        
+        // 检查请求体大小
+        if (size > this.maxBodySize) {
+          req.destroy();
+          reject(new Error(`Request body too large: ${size} bytes (max: ${this.maxBodySize})`));
+          return;
+        }
+        
+        body += chunk.toString();
+      });
+      
+      req.on('end', () => {
+        try {
+          resolve(JSON.parse(body));
+        } catch (e) {
+          reject(new Error('Invalid JSON'));
+        }
+      });
+      
+      req.on('error', reject);
+    });
+  }
+
+  getUrl(): string {
+    return `http://localhost:${this.port}/webhook`;
+  }
+}

package/packages/openclaw-adapter/tsconfig.json

@@ -0,0 +1,20 @@
+{
+  "compilerOptions": {
+    "target": "ES2022",
+    "module": "NodeNext",
+    "moduleResolution": "NodeNext",
+    "lib": ["ES2022"],
+    "outDir": "./dist",
+    "rootDir": "./src",
+    "strict": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true,
+    "declaration": true,
+    "declarationMap": true,
+    "sourceMap": true,
+    "resolveJsonModule": true
+  },
+  "include": ["src/**/*"],
+  "exclude": ["node_modules", "dist", "**/*.test.ts"]
+}

package/src/cli/commands.test.ts

@@ -0,0 +1,157 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { listPending, confirm, reject } from './commands.js';
+import { request, RequestOptions } from 'http';
+
+// Mock http module
+vi.mock('http', () => ({
+  request: vi.fn(),
+}));
+
+describe('CLI Commands', () => {
+  const mockRequest = {
+    on: vi.fn(),
+    write: vi.fn(),
+    end: vi.fn(),
+  };
+
+  const mockResponse = {
+    statusCode: 200,
+    on: vi.fn(),
+  };
+
+  beforeEach(() => {
+    vi.clearAllMocks();
+    process.env.F2A_CONTROL_PORT = '9001';
+    process.env.F2A_CONTROL_TOKEN = 'test-token';
+  });
+
+  afterEach(() => {
+    delete process.env.F2A_CONTROL_PORT;
+    delete process.env.F2A_CONTROL_TOKEN;
+  });
+
+  describe('listPending', () => {
+    it('should list pending connections', async () => {
+      const pendingData = {
+        success: true,
+        pending: [
+          { index: 1, agentIdShort: 'abc123', address: '192.168.1.1', port: 9000, remainingMinutes: 30 }
+        ]
+      };
+
+      mockResponse.on.mockImplementation((event: string, callback: Function) => {
+        if (event === 'data') callback(Buffer.from(JSON.stringify(pendingData)));
+        if (event === 'end') callback();
+      });
+
+      (request as any).mockImplementation((options: RequestOptions, callback: Function) => {
+        callback(mockResponse);
+        return mockRequest;
+      });
+
+      const consoleSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
+      await listPending();
+      
+      expect(consoleSpy).toHaveBeenCalledWith(expect.stringContaining('待确认连接'));
+      consoleSpy.mockRestore();
+    });
+
+    it('should show no pending message when empty', async () => {
+      mockResponse.on.mockImplementation((event: string, callback: Function) => {
+        if (event === 'data') callback(Buffer.from(JSON.stringify({ success: true, pending: [] })));
+        if (event === 'end') callback();
+      });
+
+      (request as any).mockImplementation((options: RequestOptions, callback: Function) => {
+        callback(mockResponse);
+        return mockRequest;
+      });
+
+      const consoleSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
+      await listPending();
+      
+      expect(consoleSpy).toHaveBeenCalledWith('没有待确认的连接请求');
+      consoleSpy.mockRestore();
+    });
+
+    it('should handle connection error', async () => {
+      (request as any).mockImplementation(() => {
+        const req = {
+          ...mockRequest,
+          on: (event: string, callback: Function) => {
+            if (event === 'error') callback(new Error('Connection refused'));
+          }
+        };
+        return req;
+      });
+
+      const consoleSpy = vi.spyOn(console, 'error').mockImplementation(() => {});
+      const exitSpy = vi.spyOn(process, 'exit').mockImplementation(() => { throw new Error('exit'); });
+
+      await expect(listPending()).rejects.toThrow('exit');
+      
+      consoleSpy.mockRestore();
+      exitSpy.mockRestore();
+    });
+  });
+
+  describe('confirm', () => {
+    it('should confirm connection successfully', async () => {
+      mockResponse.on.mockImplementation((event: string, callback: Function) => {
+        if (event === 'data') callback(Buffer.from(JSON.stringify({ success: true, message: '已确认' })));
+        if (event === 'end') callback();
+      });
+
+      (request as any).mockImplementation((options: RequestOptions, callback: Function) => {
+        callback(mockResponse);
+        return mockRequest;
+      });
+
+      const consoleSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
+      await confirm(1);
+      
+      expect(consoleSpy).toHaveBeenCalledWith(expect.stringContaining('已确认'));
+      consoleSpy.mockRestore();
+    });
+
+    it('should handle confirm error', async () => {
+      mockResponse.on.mockImplementation((event: string, callback: Function) => {
+        if (event === 'data') callback(Buffer.from(JSON.stringify({ success: false, error: 'Invalid ID' })));
+        if (event === 'end') callback();
+      });
+
+      (request as any).mockImplementation((options: RequestOptions, callback: Function) => {
+        callback(mockResponse);
+        return mockRequest;
+      });
+
+      const consoleSpy = vi.spyOn(console, 'error').mockImplementation(() => {});
+      const exitSpy = vi.spyOn(process, 'exit').mockImplementation(() => { throw new Error('exit'); });
+
+      await expect(confirm(999)).rejects.toThrow('exit');
+      
+      consoleSpy.mockRestore();
+      exitSpy.mockRestore();
+    });
+  });
+
+  describe('reject', () => {
+    it('should reject connection with reason', async () => {
+      mockResponse.on.mockImplementation((event: string, callback: Function) => {
+        if (event === 'data') callback(Buffer.from(JSON.stringify({ success: true, message: '已拒绝' })));
+        if (event === 'end') callback();
+      });
+
+      (request as any).mockImplementation((options: RequestOptions, callback: Function) => {
+        callback(mockResponse);
+        return mockRequest;
+      });
+
+      const consoleSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
+      await reject(1, '可疑连接');
+      
+      expect(consoleSpy).toHaveBeenCalledWith(expect.stringContaining('已拒绝'));
+      consoleSpy.mockRestore();
+    });
+  });
+});

package/src/cli/commands.ts

@@ -0,0 +1,129 @@
+/**
+ * F2A CLI
+ * 命令行工具
+ */
+
+import { request, RequestOptions } from 'http';
+
+const CONTROL_PORT = parseInt(process.env.F2A_CONTROL_PORT || '9001');
+const CONTROL_TOKEN = process.env.F2A_CONTROL_TOKEN || 'f2a-default-token';
+
+interface ControlResponse {
+  success: boolean;
+  message?: string;
+  pending?: Array<{
+    index: number;
+    agentIdShort: string;
+    address: string;
+    port: number;
+    remainingMinutes: number;
+  }>;
+  error?: string;
+}
+
+/**
+ * 发送控制命令
+ */
+async function sendControlCommand(
+  action: string,
+  idOrIndex?: string | number,
+  reason?: string
+): Promise<ControlResponse> {
+  return new Promise((resolve, reject) => {
+    const payload = JSON.stringify({ action, idOrIndex, reason });
+
+    const options: RequestOptions = {
+      hostname: '127.0.0.1',
+      port: CONTROL_PORT,
+      path: '/control',
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'X-F2A-Token': CONTROL_TOKEN,
+        'Content-Length': Buffer.byteLength(payload)
+      }
+    };
+
+    const req = request(options, (res) => {
+      let data = '';
+      res.on('data', chunk => data += chunk);
+      res.on('end', () => {
+        try {
+          resolve(JSON.parse(data));
+        } catch {
+          resolve({ success: false, error: 'Invalid response' });
+        }
+      });
+    });
+
+    req.on('error', (err) => {
+      reject(err);
+    });
+
+    req.write(payload);
+    req.end();
+  });
+}
+
+/**
+ * 列出待确认连接
+ */
+export async function listPending(): Promise<void> {
+  try {
+    const result = await sendControlCommand('list-pending');
+    
+    if (result.success && result.pending && result.pending.length > 0) {
+      console.log(`待确认连接 (${result.pending.length}个):`);
+      result.pending.forEach(p => {
+        console.log(`${p.index}. ${p.agentIdShort} 来自 ${p.address}:${p.port} [剩余${p.remainingMinutes}分钟]`);
+      });
+    } else {
+      console.log('没有待确认的连接请求');
+    }
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    console.error(`[F2A] 无法连接到 Daemon: ${message}`);
+    console.error('[F2A] 请确保 Daemon 正在运行');
+    process.exit(1);
+  }
+}
+
+/**
+ * 确认连接
+ */
+export async function confirm(idOrIndex: string | number): Promise<void> {
+  try {
+    const result = await sendControlCommand('confirm', idOrIndex);
+    
+    if (result.success) {
+      console.log(`[F2A] ${result.message}`);
+    } else {
+      console.error(`[F2A] 错误: ${result.error}`);
+      process.exit(1);
+    }
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    console.error(`[F2A] 无法连接到 Daemon: ${message}`);
+    process.exit(1);
+  }
+}
+
+/**
+ * 拒绝连接
+ */
+export async function reject(idOrIndex: string | number, reason?: string): Promise<void> {
+  try {
+    const result = await sendControlCommand('reject', idOrIndex, reason);
+    
+    if (result.success) {
+      console.log(`[F2A] ${result.message}`);
+    } else {
+      console.error(`[F2A] 错误: ${result.error}`);
+      process.exit(1);
+    }
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    console.error(`[F2A] 无法连接到 Daemon: ${message}`);
+    process.exit(1);
+  }
+}

package/src/cli/index.test.ts

@@ -0,0 +1,77 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+
+// Mock dependencies before importing
+const mockRequest = vi.fn();
+const mockExistsSync = vi.fn();
+const mockReadFileSync = vi.fn();
+
+vi.mock('http', () => ({
+  request: (...args: any[]) => mockRequest(...args),
+}));
+
+vi.mock('fs', () => ({
+  existsSync: (...args: any[]) => mockExistsSync(...args),
+  readFileSync: (...args: any[]) => mockReadFileSync(...args),
+}));
+
+vi.mock('os', () => ({
+  homedir: vi.fn().mockReturnValue('/home/test'),
+}));
+
+describe('CLI Index', () => {
+  const mockReq = {
+    on: vi.fn(),
+    write: vi.fn(),
+    end: vi.fn(),
+  };
+
+  const mockRes = {
+    statusCode: 200,
+    on: vi.fn(),
+  };
+
+  beforeEach(() => {
+    vi.clearAllMocks();
+    
+    mockRequest.mockImplementation((options: any, callback: Function) => {
+      callback(mockRes);
+      return mockReq;
+    });
+
+    mockRes.on.mockImplementation((event: string, callback: Function) => {
+      if (event === 'data') callback(Buffer.from(JSON.stringify({ success: true, status: 'ok' })));
+      if (event === 'end') callback();
+    });
+
+    mockExistsSync.mockReturnValue(false);
+  });
+
+  afterEach(() => {
+    vi.resetModules();
+    delete process.env.F2A_CONTROL_PORT;
+    delete process.env.F2A_CONTROL_TOKEN;
+  });
+
+  describe('getControlToken', () => {
+    it('should use environment variable token', async () => {
+      process.env.F2A_CONTROL_TOKEN = 'env-token';
+      
+      vi.resetModules();
+      // Just verify env is set correctly
+      expect(process.env.F2A_CONTROL_TOKEN).toBe('env-token');
+    });
+
+    it('should read token from file when env not set', async () => {
+      delete process.env.F2A_CONTROL_TOKEN;
+      
+      mockExistsSync.mockReturnValue(true);
+      mockReadFileSync.mockReturnValue('file-token');
+      
+      vi.resetModules();
+      // Import will trigger the token reading
+      await import('./index');
+      
+      expect(mockExistsSync).toHaveBeenCalled();
+    });
+  });
+});