@heybox/hb-sdk 0.4.4 → 0.4.6

package/dist/cli-chunks/{session-DiyDXvXu.cjs → session-D7lF9mpd.cjs}

@@ -1,7 +1,8 @@
 'use strict';
 
+var index = require('./index-DuwxUSkq.cjs');
+var node_crypto = require('node:crypto');
 var path = require('node:path');
-var index = require('./index-Bboot1us.cjs');
 var require$$0$2 = require('fs');
 var require$$0 = require('constants');
 var require$$0$1 = require('stream');
@@ -66,6 +67,281 @@ function isTruthyEnvFlag(value) {
         .toLowerCase());
 }
 
+const globalHeyboxCliRequestConfig = {};
+function readHeyboxCliRequestConfig() {
+    return normalizeHeyboxRylaiServiceTagConfig(globalHeyboxCliRequestConfig);
+}
+function resolveHeyboxRylaiServiceTag(pathWithQuery, config = readHeyboxCliRequestConfig()) {
+    const normalized = normalizeHeyboxRylaiServiceTagConfig(config);
+    const pathname = pathWithQuery ? getPathname(pathWithQuery) : '';
+    const specialTag = normalized.special_tag;
+    if (pathname && specialTag?.path_prefix_list.some((prefix) => pathname.startsWith(prefix))) {
+        return specialTag.tag_name;
+    }
+    return normalized.default_tag;
+}
+function normalizeHeyboxRylaiServiceTagConfig(config) {
+    const defaultTag = normalizeHeyboxRylaiServiceTag(config.default_tag);
+    const specialTagName = normalizeHeyboxRylaiServiceTag(config.special_tag?.tag_name);
+    const pathPrefixList = config.special_tag?.path_prefix_list?.filter(isValidPathPrefix) || [];
+    return {
+        ...(defaultTag ? { default_tag: defaultTag } : {}),
+        ...(specialTagName && pathPrefixList.length
+            ? {
+                special_tag: {
+                    tag_name: specialTagName,
+                    path_prefix_list: pathPrefixList,
+                },
+            }
+            : {}),
+    };
+}
+function normalizeHeyboxRylaiServiceTag(value) {
+    const tag = String(value ?? '').trim();
+    if (!tag) {
+        return undefined;
+    }
+    if (/[\r\n]/.test(tag)) {
+        throw new Error('x-rylai-service-tag 不允许包含换行符');
+    }
+    return tag;
+}
+function isValidPathPrefix(value) {
+    return typeof value === 'string' && value.startsWith('/') && !/[\r\n]/.test(value);
+}
+function getPathname(pathWithQuery) {
+    try {
+        return new URL(pathWithQuery, 'https://api.xiaoheihe.cn').pathname;
+    }
+    catch {
+        return '';
+    }
+}
+
+const SIGN_VERSION = '999.0.4';
+const SIGN_CHARSET = 'AB45STUVWZEFGJ6CH01D237IXYPQRKLMN89';
+function createHeyboxOpenPlatformSignParams(pathname, options = {}) {
+    const now = options.now ?? new Date();
+    const time = Math.trunc(now.getTime() / 1000);
+    const nonce = options.nonce ?? md5(`${time}${Date.now()}${node_crypto.randomBytes(16).toString('hex')}`).toUpperCase();
+    return {
+        version: SIGN_VERSION,
+        hkey: generateSignature(pathname, time + 1, nonce),
+        _time: time,
+        nonce,
+    };
+}
+function generateSignature(path, time, nonce) {
+    const normalizedPath = `/${path
+        .split('/')
+        .filter(Boolean)
+        .join('/')}/`;
+    const transformedTime = transformWithOffset(String(time), SIGN_CHARSET, -2);
+    const transformedPath = transform(normalizedPath, SIGN_CHARSET);
+    const transformedNonce = transform(nonce, SIGN_CHARSET);
+    const combined = interleave([transformedTime, transformedPath, transformedNonce]).slice(0, 20);
+    const hash = md5(combined);
+    let sign = `${mixColumns(hash.slice(-6).split('').map((char) => char.charCodeAt(0))).reduce((sum, value) => sum + value, 0) % 100}`;
+    sign = sign.length < 2 ? `0${sign}` : sign;
+    return `${transformWithOffset(hash.substring(0, 5), SIGN_CHARSET, -4)}${sign}`;
+}
+function transformWithOffset(str, charset, offset) {
+    return transform(str, charset.slice(0, offset));
+}
+function transform(str, charset) {
+    let output = '';
+    for (let index = 0; index < str.length; index += 1) {
+        output += charset[str.charCodeAt(index) % charset.length];
+    }
+    return output;
+}
+function interleave(strings) {
+    let output = '';
+    const maxLength = Math.max(...strings.map((str) => str.length));
+    for (let index = 0; index < maxLength; index += 1) {
+        for (const str of strings) {
+            if (index < str.length) {
+                output += str[index];
+            }
+        }
+    }
+    return output;
+}
+function mixColumns(column) {
+    const output = [...column];
+    output[0] = multiplyE(column[0]) ^ multiply4(column[1]) ^ multiply3(column[2]) ^ multiply2(column[3]);
+    output[1] = multiply2(column[0]) ^ multiplyE(column[1]) ^ multiply4(column[2]) ^ multiply3(column[3]);
+    output[2] = multiply3(column[0]) ^ multiply2(column[1]) ^ multiplyE(column[2]) ^ multiply4(column[3]);
+    output[3] = multiply4(column[0]) ^ multiply3(column[1]) ^ multiply2(column[2]) ^ multiplyE(column[3]);
+    return output;
+}
+function multiply1(value) {
+    if (value & 0x80) {
+        return ((value << 1) ^ 0x1b) & 0xff;
+    }
+    return value << 1;
+}
+function multiply2(value) {
+    return multiply1(value) ^ value;
+}
+function multiply3(value) {
+    return multiply2(multiply1(value));
+}
+function multiply4(value) {
+    return multiply3(multiply2(multiply1(value)));
+}
+function multiplyE(value) {
+    return multiply4(value) ^ multiply3(value) ^ multiply2(value);
+}
+function md5(input) {
+    return node_crypto.createHash('md5').update(input).digest('hex');
+}
+
+const DEFAULT_PLATFORM_PARAMS = {
+    os_type: 'web',
+    app: 'heybox',
+    x_client_type: 'web',
+    x_os_type: 'Mac',
+    x_app: 'heybox',
+    x_client_version: '999.999.999',
+};
+const HEYBOX_WEB_REFERER = 'https://www.xiaoheihe.cn/';
+function resolveHeyboxId(session) {
+    if (session.heyboxId.trim()) {
+        return session.heyboxId.trim();
+    }
+    return session.cookieHeader
+        .split(';')
+        .map((part) => part.trim())
+        .find((part) => part.startsWith('heybox_id='))
+        ?.slice('heybox_id='.length);
+}
+function createHeyboxAuthHeaders(session, options = {}) {
+    const serviceTag = resolveHeyboxRylaiServiceTag(options.pathWithQuery);
+    return {
+        Cookie: session.cookieHeader,
+        Referer: HEYBOX_WEB_REFERER,
+        ...(options.contentType ? { 'Content-Type': options.contentType } : {}),
+        ...(serviceTag ? { 'x-rylai-service-tag': serviceTag } : {}),
+    };
+}
+function createHeyboxRequestContext(session, options = {}) {
+    const heyboxId = resolveHeyboxId(session);
+    const serviceTag = resolveHeyboxRylaiServiceTag(options.pathWithQuery);
+    return {
+        baseUrl: HEYBOX_API_BASE_URL,
+        headers: createHeyboxAuthHeaders(session, options),
+        platformParams: {
+            ...DEFAULT_PLATFORM_PARAMS,
+            ...options.platformParams,
+            ...(heyboxId ? { heybox_id: heyboxId } : {}),
+            ...(serviceTag ? { special_tag: serviceTag } : {}),
+        },
+    };
+}
+function createHeyboxOpenPlatformRequestContext(session, pathWithQuery, options = {}) {
+    return createHeyboxRequestContext(session, {
+        ...options,
+        pathWithQuery,
+        platformParams: {
+            x_app: 'heybox_website',
+            ...createHeyboxOpenPlatformSignParams(getApiPathname(pathWithQuery)),
+            ...options.platformParams,
+        },
+    });
+}
+function createHeyboxApiUrl(baseUrl, pathWithQuery, params) {
+    const url = new URL(pathWithQuery, baseUrl);
+    for (const [key, value] of Object.entries(params)) {
+        if (value !== '') {
+            url.searchParams.set(key, String(value));
+        }
+    }
+    return url.toString();
+}
+function getApiPathname(pathWithQuery) {
+    return new URL(pathWithQuery, HEYBOX_API_BASE_URL).pathname;
+}
+const ENVELOPE_BODY_PREVIEW_LENGTH = 1000;
+async function readHeyboxApiEnvelope(response, options) {
+    const rawBody = await response.text();
+    let envelope = null;
+    let parseError = null;
+    if (rawBody) {
+        try {
+            envelope = JSON.parse(rawBody);
+        }
+        catch (error) {
+            parseError = error;
+        }
+    }
+    const envelopeOk = envelope?.status === 'ok' && (!options.requireResult || envelope?.result !== undefined);
+    if (response.ok && envelopeOk) {
+        return envelope.result;
+    }
+    const { message, verboseMessage } = formatHeyboxEnvelopeError({
+        response,
+        envelope,
+        parseError,
+        rawBody,
+        pathWithQuery: options.pathWithQuery,
+    });
+    throw new index.CliError(message, verboseMessage);
+}
+function formatHeyboxEnvelopeError(input) {
+    const parts = [`Heybox API ${input.pathWithQuery} failed`, `HTTP ${input.response.status}`];
+    if (input.envelope) {
+        const msg = typeof input.envelope.msg === 'string' ? input.envelope.msg.trim() : '';
+        const sbeUserMessage = readSbeUserMessage(input.envelope.result);
+        parts.push(`msg=${msg || '(empty)'}`);
+        if (typeof input.envelope.status === 'string') {
+            parts.push(`envelope.status=${input.envelope.status}`);
+        }
+        const { status: _s, msg: _m, result: _r, ...extras } = input.envelope;
+        if (Object.keys(extras).length > 0) {
+            parts.push(`extras=${truncate(safeJsonStringify(extras), ENVELOPE_BODY_PREVIEW_LENGTH)}`);
+        }
+        if (input.envelope.result !== undefined) {
+            parts.push(`result=${truncate(safeJsonStringify(input.envelope.result), ENVELOPE_BODY_PREVIEW_LENGTH)}`);
+        }
+        return {
+            message: sbeUserMessage || msg || `Heybox API ${input.pathWithQuery} 请求失败`,
+            verboseMessage: parts.join(' '),
+        };
+    }
+    if (input.parseError) {
+        const parseMsg = input.parseError instanceof Error ? input.parseError.message : String(input.parseError);
+        parts.push(`parseError=${parseMsg}`);
+    }
+    parts.push(input.rawBody ? `body=${truncate(input.rawBody, ENVELOPE_BODY_PREVIEW_LENGTH)}` : 'body=(empty)');
+    return {
+        message: `Heybox API ${input.pathWithQuery} 请求失败`,
+        verboseMessage: parts.join(' '),
+    };
+}
+function readSbeUserMessage(result) {
+    if (!result || typeof result !== 'object') {
+        return '';
+    }
+    const sbe = result.sbe;
+    if (!sbe || typeof sbe !== 'object') {
+        return '';
+    }
+    const userMessage = sbe.user_message;
+    return typeof userMessage === 'string' ? userMessage.trim() : '';
+}
+function truncate(value, max) {
+    return value.length > max ? `${value.slice(0, max)}...(+${value.length - max} chars)` : value;
+}
+function safeJsonStringify(value) {
+    try {
+        return JSON.stringify(value);
+    }
+    catch {
+        return String(value);
+    }
+}
+
 var fs$1 = {};
 
 var universalify = {};
@@ -2959,20 +3235,39 @@ async function requireHeyboxAuthSession(options = {}) {
     return session;
 }
 async function writeHeyboxAuthSession(session, options = {}) {
-    const cacheFile = getAuthCacheFilePath(options);
     const cache = {
         version: AUTH_CACHE_VERSION,
         updatedAt: (options.now?.() ?? new Date()).toISOString(),
         heybox: session,
     };
-    await fs.ensureDir(path.dirname(cacheFile));
-    await fs.writeJson(cacheFile, cache, { spaces: 2 });
-    await fs.chmod(cacheFile, 0o600);
-    return cache;
+    return writeAuthCache(cache, options);
 }
 async function clearHeyboxAuthSession(options = {}) {
     await fs.remove(getAuthCacheFilePath(options));
 }
+function createSelectedDeveloperEntitySnapshot(input, options = {}) {
+    return {
+        entityId: input.entityId,
+        entityName: input.entityName,
+        ...(input.ownerHeyboxId === undefined ? {} : { ownerHeyboxId: input.ownerHeyboxId }),
+        selectedAt: (options.now?.() ?? new Date()).toISOString(),
+    };
+}
+async function setSelectedDeveloperEntitySnapshot(input, options = {}) {
+    const cache = await readAuthCache(options);
+    if (!cache.heybox) {
+        throw new Error('未发现 Heybox 登录态，请先运行 hb-sdk login');
+    }
+    const selectedEntity = createSelectedDeveloperEntitySnapshot(input, options);
+    return writeAuthCache({
+        version: AUTH_CACHE_VERSION,
+        updatedAt: (options.now?.() ?? new Date()).toISOString(),
+        heybox: {
+            ...cache.heybox,
+            selectedEntity,
+        },
+    }, options);
+}
 async function readRedactedHeyboxAuthStatus(options = {}) {
     const cacheFile = getAuthCacheFilePath(options);
     const session = await readHeyboxAuthSession(options);
@@ -2988,8 +3283,16 @@ async function readRedactedHeyboxAuthStatus(options = {}) {
         loginBaseUrl: session.loginBaseUrl,
         loggedIn: true,
         loggedInAt: session.loggedInAt,
+        ...(session.selectedEntity ? { selectedEntity: session.selectedEntity } : {}),
     };
 }
+async function writeAuthCache(cache, options = {}) {
+    const cacheFile = getAuthCacheFilePath(options);
+    await fs.ensureDir(path.dirname(cacheFile));
+    await fs.writeJson(cacheFile, cache, { spaces: 2 });
+    await fs.chmod(cacheFile, 0o600);
+    return cache;
+}
 function createEmptyAuthCache(options = {}) {
     return {
         version: AUTH_CACHE_VERSION,
@@ -3020,21 +3323,56 @@ function isHeyboxAuthSession(value) {
         typeof value.loggedInAt === 'string');
 }
 function normalizeHeyboxAuthSession(session) {
-    return {
-        ...session,
+    const normalized = {
+        heyboxId: session.heyboxId,
+        pkey: session.pkey,
+        xXhhHeyboxId: session.xXhhHeyboxId,
+        cookieHeader: session.cookieHeader,
+        loggedInAt: session.loggedInAt,
         loginBaseUrl: resolveHeyboxLoginBaseUrl({ loginBaseUrl: session.loginBaseUrl }),
     };
+    const selectedEntity = normalizeSelectedDeveloperEntitySnapshot(session.selectedEntity);
+    if (selectedEntity) {
+        normalized.selectedEntity = selectedEntity;
+    }
+    return normalized;
+}
+function normalizeSelectedDeveloperEntitySnapshot(value) {
+    if (!isRecord(value)) {
+        return undefined;
+    }
+    if (typeof value.entityId !== 'number' || !Number.isFinite(value.entityId)) {
+        return undefined;
+    }
+    if (typeof value.entityName !== 'string' || value.entityName.length === 0) {
+        return undefined;
+    }
+    if (value.ownerHeyboxId !== undefined && (typeof value.ownerHeyboxId !== 'number' || !Number.isFinite(value.ownerHeyboxId))) {
+        return undefined;
+    }
+    if (typeof value.selectedAt !== 'string' || value.selectedAt.length === 0) {
+        return undefined;
+    }
+    return {
+        entityId: value.entityId,
+        entityName: value.entityName,
+        ...(value.ownerHeyboxId === undefined ? {} : { ownerHeyboxId: value.ownerHeyboxId }),
+        selectedAt: value.selectedAt,
+    };
 }
 function isRecord(value) {
     return Object.prototype.toString.call(value) === '[object Object]';
 }
 
-exports.HEYBOX_API_BASE_URL = HEYBOX_API_BASE_URL;
 exports.clearHeyboxAuthSession = clearHeyboxAuthSession;
+exports.createHeyboxApiUrl = createHeyboxApiUrl;
 exports.createHeyboxAuthSession = createHeyboxAuthSession;
+exports.createHeyboxOpenPlatformRequestContext = createHeyboxOpenPlatformRequestContext;
 exports.getAuthCacheFilePath = getAuthCacheFilePath;
+exports.readHeyboxApiEnvelope = readHeyboxApiEnvelope;
 exports.readRedactedHeyboxAuthStatus = readRedactedHeyboxAuthStatus;
 exports.requireHeyboxAuthSession = requireHeyboxAuthSession;
 exports.resolveHeyboxApiBaseUrl = resolveHeyboxApiBaseUrl;
 exports.resolveHeyboxLoginBaseUrl = resolveHeyboxLoginBaseUrl;
+exports.setSelectedDeveloperEntitySnapshot = setSelectedDeveloperEntitySnapshot;
 exports.writeHeyboxAuthSession = writeHeyboxAuthSession;

package/dist/cli.cjs

@@ -1,6 +1,6 @@
 'use strict';
 
-var index = require('./cli-chunks/index-Bboot1us.cjs');
+var index = require('./cli-chunks/index-DuwxUSkq.cjs');
 require('node:module');
 require('node:fs');
 require('node:fs/promises');