@inetafrica/open-claudia 1.14.1 → 1.14.3

package/bot-agent.js

@@ -724,6 +724,25 @@ function looksLikeClaudeToken(value) {
   return /^sk-ant-[A-Za-z0-9._-]+$/.test(text) || text.length >= 80 && /^[A-Za-z0-9._=-]+$/.test(text);
 }
 
+
+function looksLikeClaudeAuthReply(value) {
+  const text = String(value || "").trim();
+  if (!text) return false;
+  if (looksLikeClaudeToken(text)) return true;
+  if (/^https?:\/\//i.test(text) && /claude|anthropic/i.test(text)) return true;
+  // OAuth callback/login codes are usually long, dense strings. Do not consume normal chat.
+  if (text.length >= 24 && !/\s/.test(text) && /^[A-Za-z0-9._~:/?#[\]@!$&'()*+,;=%-]+$/.test(text)) return true;
+  return false;
+}
+
+function clearPendingClaudeAuth() {
+  if (pendingClaudeAuthProcess && pendingClaudeAuthProcess.kill) {
+    try { pendingClaudeAuthProcess.kill("SIGTERM"); } catch (e) {}
+  }
+  pendingClaudeAuthProcess = null;
+  pendingClaudeAuthLabel = null;
+}
+
 function getClaudeOAuthToken() {
   if (config[CLAUDE_OAUTH_TOKEN_KEY]) return { value: config[CLAUDE_OAUTH_TOKEN_KEY], source: ".env" };
   if (process.env.CLAUDE_CODE_OAUTH_TOKEN) return { value: process.env.CLAUDE_CODE_OAUTH_TOKEN, source: "process env" };
@@ -868,6 +887,19 @@ function runClaudeAuthStatusDiagnostic() {
   }
 }
 
+
+async function sendClaudeAuthStatusSummary(prefix = "Claude auth status") {
+  const output = runClaudeAuthStatusDiagnostic();
+  const tokenInfo = getClaudeOAuthToken();
+  const lines = summarizeClaudeAuthStatus(output, isClaudeAuthErrorText(output) ? 1 : 0, tokenInfo);
+  await send([
+    prefix,
+    "",
+    ...lines,
+    `Bot OAuth token: ${tokenInfo.value ? "configured via " + tokenInfo.source : "not configured"}`,
+  ].join("\n"));
+}
+
 function claudeEmptyFailureMessage(code, stderrText = "") {
   const stderr = redactSensitive(String(stderrText || "").trim());
   if (isClaudeUsageLimitText(stderr)) return claudeUsageLimitMessage(stderr.slice(-1200));
@@ -955,9 +987,16 @@ async function runClaudeAuthCommand(args, label, opts = {}) {
     const token = opts.captureToken ? extractClaudeToken(output) : null;
     if (token && !tokenStored) tokenStored = saveClaudeOAuthToken(token);
     const final = redactSensitive(output.trim());
-    if (tokenStored) await send(`${label} finished. OAuth token stored for launchd/non-interactive Claude runs.`);
-    else if (final) await send(`${label} finished (exit ${code}).\n\n${final.slice(-2500)}`);
-    else await send(`${label} finished (exit ${code}).`);
+    if (tokenStored) {
+      await send(`${label} finished. OAuth token stored for launchd/non-interactive Claude runs.`);
+      await sendClaudeAuthStatusSummary("Post-auth check:");
+    } else if (final) {
+      await send(`${label} finished (exit ${code}).\n\n${final.slice(-2500)}`);
+      await sendClaudeAuthStatusSummary("Post-auth check:");
+    } else {
+      await send(`${label} finished (exit ${code}).`);
+      await sendClaudeAuthStatusSummary("Post-auth check:");
+    }
   });
   proc.on("error", async (err) => {
     pendingClaudeAuthProcess = null;
@@ -1671,6 +1710,13 @@ bot.onText(/\/(?:auth_status|auth status)$/, async (msg) => {
   proc.on("error", async (err) => send(`Claude auth status failed: ${redactSensitive(err.message)}`));
 });
 
+bot.onText(/\/cancel_auth$/, async (msg) => {
+  if (!isAuthorized(msg)) return;
+  if (!pendingClaudeAuthProcess) return send("No Claude auth flow is pending.");
+  clearPendingClaudeAuth();
+  await send("Claude auth flow cancelled. Normal messages will go to the assistant again.");
+});
+
 bot.onText(/\/login$/, async (msg) => {
   if (!isAuthorized(msg)) return;
   await runClaudeAuthCommand(["auth", "login", "--claudeai", "--email", "sumeet@inet.africa"], "Claude login");
@@ -1694,6 +1740,7 @@ bot.onText(/\/use_oauth_token(?:\s+(.+))?$/, async (msg, match) => {
   if (!looksLikeClaudeToken(token)) return send("That doesn't look like a Claude OAuth token. Not saved.");
   saveClaudeOAuthToken(token);
   await send(`Claude OAuth token stored in .env${vault.isUnlocked() ? " and vault" : ""}. Restart the bot so launchd picks it up, or use /restart.`);
+  await sendClaudeAuthStatusSummary("Stored token. Current Claude auth status:");
 });
 
 bot.onText(/\/clear_oauth_token$/, async (msg) => {
@@ -1938,27 +1985,35 @@ bot.on("message", async (msg) => {
   if (msg.voice || msg.audio || msg.photo || msg.document || msg.video || msg.sticker) return;
   if (isDuplicate(msg.message_id)) return;
 
-  // Handle pending Claude auth/token paste-back
+  // Handle pending Claude auth/token paste-back. Only consume code/token-looking replies;
+  // normal chat must still go to Claude instead of being deleted.
   if (pendingClaudeAuthProcess) {
     const text = msg.text.trim();
-    await deleteMessage(msg.message_id);
     if (pendingClaudeAuthLabel === "manual OAuth token save") {
-      pendingClaudeAuthProcess = null;
-      pendingClaudeAuthLabel = null;
-      if (!looksLikeClaudeToken(text)) { await send("That doesn't look like a Claude OAuth token. Not saved."); return; }
-      saveClaudeOAuthToken(text);
-      await send(`Claude OAuth token stored in .env${vault.isUnlocked() ? " and vault" : ""}. Restart the bot so launchd picks it up, or use /restart.`);
+      if (looksLikeClaudeToken(text)) {
+        await deleteMessage(msg.message_id);
+        clearPendingClaudeAuth();
+        saveClaudeOAuthToken(text);
+        await send(`Claude OAuth token stored in .env${vault.isUnlocked() ? " and vault" : ""}. Restart the bot so launchd picks it up, or use /restart.`);
+        await sendClaudeAuthStatusSummary("Stored token. Current Claude auth status:");
+        return;
+      }
+      await send("That does not look like a Claude OAuth token, so I did not delete it or store it. Send /cancel_auth to stop token paste mode.");
+      // Fall through and treat the message normally.
+    } else if (looksLikeClaudeAuthReply(text)) {
+      await deleteMessage(msg.message_id);
+      try {
+        pendingClaudeAuthProcess.stdin.write(text + "\n");
+        await send("Sent to Claude auth process. I’ll confirm when Claude finishes the auth check.");
+      } catch (e) {
+        clearPendingClaudeAuth();
+        await send(`Could not send to Claude auth process: ${redactSensitive(e.message)}`);
+      }
       return;
+    } else {
+      await send("Claude auth is still waiting for a login code/token. I left your message visible and will handle it normally. Send /cancel_auth to cancel the auth flow.");
+      // Fall through and treat the message normally.
     }
-    try {
-      pendingClaudeAuthProcess.stdin.write(text + "\n");
-      await send("Sent to Claude auth process.");
-    } catch (e) {
-      pendingClaudeAuthProcess = null;
-      pendingClaudeAuthLabel = null;
-      await send(`Could not send to Claude auth process: ${redactSensitive(e.message)}`);
-    }
-    return;
   }
 
   // Handle onboarding

package/bot.js

@@ -786,6 +786,25 @@ function looksLikeClaudeToken(value) {
   return /^sk-ant-[A-Za-z0-9._-]+$/.test(text) || text.length >= 80 && /^[A-Za-z0-9._=-]+$/.test(text);
 }
 
+
+function looksLikeClaudeAuthReply(value) {
+  const text = String(value || "").trim();
+  if (!text) return false;
+  if (looksLikeClaudeToken(text)) return true;
+  if (/^https?:\/\//i.test(text) && /claude|anthropic/i.test(text)) return true;
+  // OAuth callback/login codes are usually long, dense strings. Do not consume normal chat.
+  if (text.length >= 24 && !/\s/.test(text) && /^[A-Za-z0-9._~:/?#[\]@!$&'()*+,;=%-]+$/.test(text)) return true;
+  return false;
+}
+
+function clearPendingClaudeAuth() {
+  if (pendingClaudeAuthProcess && pendingClaudeAuthProcess.kill) {
+    try { pendingClaudeAuthProcess.kill("SIGTERM"); } catch (e) {}
+  }
+  pendingClaudeAuthProcess = null;
+  pendingClaudeAuthLabel = null;
+}
+
 function getClaudeOAuthToken() {
   if (config[CLAUDE_OAUTH_TOKEN_KEY]) return { value: config[CLAUDE_OAUTH_TOKEN_KEY], source: ".env" };
   if (process.env.CLAUDE_CODE_OAUTH_TOKEN) return { value: process.env.CLAUDE_CODE_OAUTH_TOKEN, source: "process env" };
@@ -930,6 +949,19 @@ function runClaudeAuthStatusDiagnostic() {
   }
 }
 
+
+async function sendClaudeAuthStatusSummary(prefix = "Claude auth status") {
+  const output = runClaudeAuthStatusDiagnostic();
+  const tokenInfo = getClaudeOAuthToken();
+  const lines = summarizeClaudeAuthStatus(output, isClaudeAuthErrorText(output) ? 1 : 0, tokenInfo);
+  await send([
+    prefix,
+    "",
+    ...lines,
+    `Bot OAuth token: ${tokenInfo.value ? "configured via " + tokenInfo.source : "not configured"}`,
+  ].join("\n"));
+}
+
 function claudeEmptyFailureMessage(code, stderrText = "") {
   const stderr = redactSensitive(String(stderrText || "").trim());
   if (isClaudeUsageLimitText(stderr)) return claudeUsageLimitMessage(stderr.slice(-1200));
@@ -1017,9 +1049,16 @@ async function runClaudeAuthCommand(args, label, opts = {}) {
     const token = opts.captureToken ? extractClaudeToken(output) : null;
     if (token && !tokenStored) tokenStored = saveClaudeOAuthToken(token);
     const final = redactSensitive(output.trim());
-    if (tokenStored) await send(`${label} finished. OAuth token stored for launchd/non-interactive Claude runs.`);
-    else if (final) await send(`${label} finished (exit ${code}).\n\n${final.slice(-2500)}`);
-    else await send(`${label} finished (exit ${code}).`);
+    if (tokenStored) {
+      await send(`${label} finished. OAuth token stored for launchd/non-interactive Claude runs.`);
+      await sendClaudeAuthStatusSummary("Post-auth check:");
+    } else if (final) {
+      await send(`${label} finished (exit ${code}).\n\n${final.slice(-2500)}`);
+      await sendClaudeAuthStatusSummary("Post-auth check:");
+    } else {
+      await send(`${label} finished (exit ${code}).`);
+      await sendClaudeAuthStatusSummary("Post-auth check:");
+    }
   });
   proc.on("error", async (err) => {
     pendingClaudeAuthProcess = null;
@@ -1702,6 +1741,13 @@ bot.onText(/\/(?:auth_status|auth status)$/, async (msg) => {
   proc.on("error", async (err) => send(`Claude auth status failed: ${redactSensitive(err.message)}`));
 });
 
+bot.onText(/\/cancel_auth$/, async (msg) => {
+  if (!isAuthorized(msg)) return;
+  if (!pendingClaudeAuthProcess) return send("No Claude auth flow is pending.");
+  clearPendingClaudeAuth();
+  await send("Claude auth flow cancelled. Normal messages will go to the assistant again.");
+});
+
 bot.onText(/\/login$/, async (msg) => {
   if (!isAuthorized(msg)) return;
   await runClaudeAuthCommand(["auth", "login", "--claudeai", "--email", "sumeet@inet.africa"], "Claude login");
@@ -1725,6 +1771,7 @@ bot.onText(/\/use_oauth_token(?:\s+(.+))?$/, async (msg, match) => {
   if (!looksLikeClaudeToken(token)) return send("That doesn't look like a Claude OAuth token. Not saved.");
   saveClaudeOAuthToken(token);
   await send(`Claude OAuth token stored in .env${vault.isUnlocked() ? " and vault" : ""}. Restart the bot so launchd picks it up, or use /restart.`);
+  await sendClaudeAuthStatusSummary("Stored token. Current Claude auth status:");
 });
 
 bot.onText(/\/clear_oauth_token$/, async (msg) => {
@@ -1977,27 +2024,35 @@ bot.on("message", async (msg) => {
   if (msg.voice || msg.audio || msg.photo || msg.document || msg.video || msg.sticker) return;
   if (isDuplicate(msg.message_id)) return;
 
-  // Handle pending Claude auth/token paste-back
+  // Handle pending Claude auth/token paste-back. Only consume code/token-looking replies;
+  // normal chat must still go to Claude instead of being deleted.
   if (pendingClaudeAuthProcess) {
     const text = msg.text.trim();
-    await deleteMessage(msg.message_id);
     if (pendingClaudeAuthLabel === "manual OAuth token save") {
-      pendingClaudeAuthProcess = null;
-      pendingClaudeAuthLabel = null;
-      if (!looksLikeClaudeToken(text)) { await send("That doesn't look like a Claude OAuth token. Not saved."); return; }
-      saveClaudeOAuthToken(text);
-      await send(`Claude OAuth token stored in .env${vault.isUnlocked() ? " and vault" : ""}. Restart the bot so launchd picks it up, or use /restart.`);
+      if (looksLikeClaudeToken(text)) {
+        await deleteMessage(msg.message_id);
+        clearPendingClaudeAuth();
+        saveClaudeOAuthToken(text);
+        await send(`Claude OAuth token stored in .env${vault.isUnlocked() ? " and vault" : ""}. Restart the bot so launchd picks it up, or use /restart.`);
+        await sendClaudeAuthStatusSummary("Stored token. Current Claude auth status:");
+        return;
+      }
+      await send("That does not look like a Claude OAuth token, so I did not delete it or store it. Send /cancel_auth to stop token paste mode.");
+      // Fall through and treat the message normally.
+    } else if (looksLikeClaudeAuthReply(text)) {
+      await deleteMessage(msg.message_id);
+      try {
+        pendingClaudeAuthProcess.stdin.write(text + "\n");
+        await send("Sent to Claude auth process. I’ll confirm when Claude finishes the auth check.");
+      } catch (e) {
+        clearPendingClaudeAuth();
+        await send(`Could not send to Claude auth process: ${redactSensitive(e.message)}`);
+      }
       return;
+    } else {
+      await send("Claude auth is still waiting for a login code/token. I left your message visible and will handle it normally. Send /cancel_auth to cancel the auth flow.");
+      // Fall through and treat the message normally.
     }
-    try {
-      pendingClaudeAuthProcess.stdin.write(text + "\n");
-      await send("Sent to Claude auth process.");
-    } catch (e) {
-      pendingClaudeAuthProcess = null;
-      pendingClaudeAuthLabel = null;
-      await send(`Could not send to Claude auth process: ${redactSensitive(e.message)}`);
-    }
-    return;
   }
 
   // Handle onboarding

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@inetafrica/open-claudia",
-  "version": "1.14.1",
+  "version": "1.14.3",
   "description": "Your always-on AI coding assistant — Claude Code via Telegram",
   "main": "bot.js",
   "bin": {