@lobehub/chat 1.61.5 → 1.61.6

package/CHANGELOG.md

@@ -2,6 +2,31 @@
 
 # Changelog
 
+### [Version 1.61.6](https://github.com/lobehub/lobe-chat/compare/v1.61.5...v1.61.6)
+
+<sup>Released on **2025-02-20**</sup>
+
+#### 🐛 Bug Fixes
+
+- **misc**: Casdoor webhooks error.
+
+<br/>
+
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+
+#### What's fixed
+
+- **misc**: Casdoor webhooks error, closes [#6304](https://github.com/lobehub/lobe-chat/issues/6304) ([7a458b9](https://github.com/lobehub/lobe-chat/commit/7a458b9))
+
+</details>
+
+<div align="right">
+
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+
+</div>
+
 ### [Version 1.61.5](https://github.com/lobehub/lobe-chat/compare/v1.61.4...v1.61.5)
 
 <sup>Released on **2025-02-19**</sup>

package/changelog/v1.json

@@ -1,4 +1,13 @@
 [
+  {
+    "children": {
+      "fixes": [
+        "Casdoor webhooks error."
+      ]
+    },
+    "date": "2025-02-20",
+    "version": "1.61.6"
+  },
   {
     "children": {
       "improvements": [

package/docs/self-hosting/advanced/auth/next-auth/casdoor.mdx

@@ -106,6 +106,8 @@ If you are deploying using a public network, the following assumptions apply:
 
   ### Configure Webhook (Optional)
 
+  > Available on Casdoor `>=1.843.0`.
+
   Configure the Casdoor webhook so that LobeChat can receive notifications when user information is updated.
 
   Go to `Admin` -> `Webhooks`, add a webhook, and fill in the following fields:
@@ -118,7 +120,6 @@ If you are deploying using a public network, the following assumptions apply:
   > The secret is generated by yourself, you can visit [https://generate-secret.vercel.app/10](https://generate-secret.vercel.app/10) to generate a 10 bit secret.
 
   - Event: `update-user`
-  - Is user extented: `true`
 
   Save and Exit, then copy the Webhook secret and fill it in the environment variable \`CASDOOR\_WEBHOOK\_SECRET.
 

package/docs/self-hosting/advanced/auth/next-auth/casdoor.zh-CN.mdx

@@ -95,6 +95,8 @@ tags:
 
   ### 配置 Webhook （可选）
 
+  > 在 Casdoor `>=1.843.0` 上可用。
+
   配置 Casdoor 的 Webhook 以便在用户信息更新时同步到 LobeChat 。
 
   前往 `管理工具` -> `Webhooks`，创建一个 Webhook，添加一个 Webhook，填写以下字段：
@@ -107,7 +109,6 @@ tags:
   > 密钥由你自己生成，用于验证 Casdoor 发送的请求是否合法。 可以前往 [https://generate-secret.vercel.app/10](https://generate-secret.vercel.app/10) 生成一个 10 位的密钥。
 
   - 事件：`update-user`
-  - 拓展用户字段：`true`
 
   保存，并退出。 将该密钥填写到环境变量中的 `CASDOOR_WEBHOOK_SECRET`。
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lobehub/chat",
-  "version": "1.61.5",
+  "version": "1.61.6",
   "description": "Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.",
   "keywords": [
     "framework",

package/src/app/(backend)/api/webhooks/casdoor/route.ts

@@ -16,9 +16,7 @@ export const POST = async (req: Request): Promise<NextResponse> => {
     );
   }
 
-  const { action, extendedUser } = payload;
-
-  pino.trace(`casdoor webhook payload: ${{ action, extendedUser }}`);
+  const { action, object } = payload;
 
   const nextAuthUserService = new NextAuthUserService();
   switch (action) {
@@ -26,12 +24,12 @@ export const POST = async (req: Request): Promise<NextResponse> => {
       return nextAuthUserService.safeUpdateUser(
         {
           provider: 'casdoor',
-          providerAccountId: extendedUser.id,
+          providerAccountId: object.id,
         },
         {
-          avatar: extendedUser?.avatar,
-          email: extendedUser?.email,
-          fullName: extendedUser.displayName,
+          avatar: object?.avatar,
+          email: object?.email,
+          fullName: object.displayName,
         },
       );
     }

package/src/app/(backend)/api/webhooks/casdoor/validateRequest.ts

@@ -11,8 +11,9 @@ export type CasdoorUserEntity = {
 
 interface CasdoorWebhookPayload {
   action: string;
-  // Only support user event currently
-  extendedUser: CasdoorUserEntity;
+  // The object is the user entity that is updated.
+  // ref: https://github.com/casdoor/casdoor/issues/1918#issuecomment-1572218847
+  object: CasdoorUserEntity;
 }
 
 export const validateRequest = async (request: Request, secret?: string) => {
@@ -21,7 +22,9 @@ export const validateRequest = async (request: Request, secret?: string) => {
   const casdoorSecret = headerPayload.get('casdoor-secret')!;
   try {
     if (casdoorSecret === secret) {
-      return JSON.parse(payloadString) as CasdoorWebhookPayload;
+      return JSON.parse(payloadString, (k, v) =>
+        k === 'object' && typeof v === 'string' ? JSON.parse(v) : v,
+      ) as CasdoorWebhookPayload;
     } else {
       console.warn(
         '[Casdoor]: secret verify failed, please check your secret in `CASDOOR_WEBHOOK_SECRET`',
@@ -32,7 +35,7 @@ export const validateRequest = async (request: Request, secret?: string) => {
     if (!authEnv.CASDOOR_WEBHOOK_SECRET) {
       throw new Error('`CASDOOR_WEBHOOK_SECRET` environment variable is missing.');
     }
-    console.error('[Casdoor]: incoming webhook failed in verification.\n', e);
+    console.error('[Casdoor]: incoming webhook failed in verification.\n', e, payloadString);
     return;
   }
 };

package/src/server/globalConfig/index.test.ts

@@ -0,0 +1,81 @@
+import { describe, expect, it, vi } from 'vitest';
+
+import { getAppConfig } from '@/config/app';
+import { knowledgeEnv } from '@/config/knowledge';
+import { SystemEmbeddingConfig } from '@/types/knowledgeBase';
+import { FilesConfigItem } from '@/types/user/settings/filesConfig';
+
+import { getServerDefaultAgentConfig, getServerDefaultFilesConfig } from './index';
+import { parseAgentConfig } from './parseDefaultAgent';
+import { parseFilesConfig } from './parseFilesConfig';
+
+vi.mock('@/config/app', () => ({
+  getAppConfig: vi.fn(),
+}));
+
+vi.mock('@/config/knowledge', () => ({
+  knowledgeEnv: {
+    DEFAULT_FILES_CONFIG: 'test_config',
+  },
+}));
+
+vi.mock('./parseDefaultAgent', () => ({
+  parseAgentConfig: vi.fn(),
+}));
+
+vi.mock('./parseFilesConfig', () => ({
+  parseFilesConfig: vi.fn(),
+}));
+
+describe('getServerDefaultAgentConfig', () => {
+  it('should return parsed agent config', () => {
+    const mockConfig = { key: 'value' };
+    vi.mocked(getAppConfig).mockReturnValue({
+      DEFAULT_AGENT_CONFIG: 'test_agent_config',
+    } as any);
+    vi.mocked(parseAgentConfig).mockReturnValue(mockConfig);
+
+    const result = getServerDefaultAgentConfig();
+
+    expect(parseAgentConfig).toHaveBeenCalledWith('test_agent_config');
+    expect(result).toEqual(mockConfig);
+  });
+
+  it('should return empty object if parseAgentConfig returns undefined', () => {
+    vi.mocked(getAppConfig).mockReturnValue({
+      DEFAULT_AGENT_CONFIG: 'test_agent_config',
+    } as any);
+    vi.mocked(parseAgentConfig).mockReturnValue(undefined);
+
+    const result = getServerDefaultAgentConfig();
+
+    expect(result).toEqual({});
+  });
+});
+
+describe('getServerDefaultFilesConfig', () => {
+  it('should return parsed files config', () => {
+    const mockEmbeddingModel: FilesConfigItem = {
+      model: 'test-model',
+      provider: 'test-provider',
+    };
+
+    const mockRerankerModel: FilesConfigItem = {
+      model: 'test-reranker',
+      provider: 'test-provider',
+    };
+
+    const mockConfig: SystemEmbeddingConfig = {
+      embeddingModel: mockEmbeddingModel,
+      queryMode: 'hybrid',
+      rerankerModel: mockRerankerModel,
+    };
+
+    vi.mocked(parseFilesConfig).mockReturnValue(mockConfig);
+
+    const result = getServerDefaultFilesConfig();
+
+    expect(parseFilesConfig).toHaveBeenCalledWith('test_config');
+    expect(result).toEqual(mockConfig);
+  });
+});

package/src/server/routers/lambda/user.test.ts

@@ -0,0 +1,305 @@
+// @vitest-environment node
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+
+import { enableClerk } from '@/const/auth';
+import { serverDB } from '@/database/server';
+import { MessageModel } from '@/database/server/models/message';
+import { SessionModel } from '@/database/server/models/session';
+import { UserModel, UserNotFoundError } from '@/database/server/models/user';
+import { LobeNextAuthDbAdapter } from '@/libs/next-auth/adapter';
+import { KeyVaultsGateKeeper } from '@/server/modules/KeyVaultsEncrypt';
+import { UserService } from '@/server/services/user';
+
+import { userRouter } from './user';
+
+// Mock modules
+vi.mock('@clerk/nextjs/server', () => ({
+  currentUser: vi.fn(),
+}));
+
+vi.mock('@/database/server', () => ({
+  serverDB: {},
+}));
+
+vi.mock('@/database/server/models/message');
+vi.mock('@/database/server/models/session');
+vi.mock('@/database/server/models/user');
+vi.mock('@/libs/next-auth/adapter');
+vi.mock('@/server/modules/KeyVaultsEncrypt');
+vi.mock('@/server/services/user');
+vi.mock('@/const/auth', () => ({
+  enableClerk: true,
+}));
+
+describe('userRouter', () => {
+  const mockUserId = 'test-user-id';
+  const mockCtx = {
+    userId: mockUserId,
+  };
+
+  beforeEach(() => {
+    vi.clearAllMocks();
+  });
+
+  describe('getUserRegistrationDuration', () => {
+    it('should return registration duration', async () => {
+      const mockDuration = { duration: 100, createdAt: '2023-01-01', updatedAt: '2023-01-02' };
+      vi.mocked(UserModel).mockImplementation(
+        () =>
+          ({
+            getUserRegistrationDuration: vi.fn().mockResolvedValue(mockDuration),
+          }) as any,
+      );
+
+      const result = await userRouter.createCaller({ ...mockCtx }).getUserRegistrationDuration();
+
+      expect(result).toEqual(mockDuration);
+      expect(UserModel).toHaveBeenCalledWith(serverDB, mockUserId);
+    });
+  });
+
+  describe('getUserSSOProviders', () => {
+    it('should return SSO providers', async () => {
+      const mockProviders = [
+        {
+          provider: 'google',
+          providerAccountId: '123',
+          userId: 'user-1',
+          type: 'oauth',
+        },
+      ];
+      vi.mocked(UserModel).mockImplementation(
+        () =>
+          ({
+            getUserSSOProviders: vi.fn().mockResolvedValue(mockProviders),
+          }) as any,
+      );
+
+      const result = await userRouter.createCaller({ ...mockCtx }).getUserSSOProviders();
+
+      expect(result).toEqual(mockProviders);
+      expect(UserModel).toHaveBeenCalledWith(serverDB, mockUserId);
+    });
+  });
+
+  describe('getUserState', () => {
+    it('should return user state', async () => {
+      const mockState = {
+        isOnboarded: true,
+        preference: { telemetry: true },
+        settings: {},
+        userId: mockUserId,
+      };
+
+      vi.mocked(UserModel).mockImplementation(
+        () =>
+          ({
+            getUserState: vi.fn().mockResolvedValue(mockState),
+          }) as any,
+      );
+
+      vi.mocked(MessageModel).mockImplementation(
+        () =>
+          ({
+            hasMoreThanN: vi.fn().mockResolvedValue(true),
+          }) as any,
+      );
+
+      vi.mocked(SessionModel).mockImplementation(
+        () =>
+          ({
+            hasMoreThanN: vi.fn().mockResolvedValue(true),
+          }) as any,
+      );
+
+      const result = await userRouter.createCaller({ ...mockCtx }).getUserState();
+
+      expect(result).toEqual({
+        isOnboard: true,
+        preference: { telemetry: true },
+        settings: {},
+        hasConversation: true,
+        canEnablePWAGuide: true,
+        canEnableTrace: true,
+        userId: mockUserId,
+      });
+    });
+
+    it('should create new user when user not found (clerk enabled)', async () => {
+      const mockClerkUser = {
+        id: mockUserId,
+        createdAt: new Date(),
+        emailAddresses: [{ id: 'email-1', emailAddress: 'test@example.com' }],
+        firstName: 'Test',
+        lastName: 'User',
+        imageUrl: 'avatar.jpg',
+        phoneNumbers: [],
+        primaryEmailAddressId: 'email-1',
+        primaryPhoneNumberId: null,
+        username: 'testuser',
+      };
+
+      const { currentUser } = await import('@clerk/nextjs/server');
+      vi.mocked(currentUser).mockResolvedValue(mockClerkUser as any);
+
+      vi.mocked(UserService).mockImplementation(
+        () =>
+          ({
+            createUser: vi.fn().mockResolvedValue({ success: true }),
+          }) as any,
+      );
+
+      vi.mocked(UserModel).mockImplementation(
+        () =>
+          ({
+            getUserState: vi
+              .fn()
+              .mockRejectedValueOnce(new UserNotFoundError())
+              .mockResolvedValueOnce({
+                isOnboarded: false,
+                preference: { telemetry: null },
+                settings: {},
+              }),
+          }) as any,
+      );
+
+      vi.mocked(MessageModel).mockImplementation(
+        () =>
+          ({
+            hasMoreThanN: vi.fn().mockResolvedValue(false),
+          }) as any,
+      );
+
+      vi.mocked(SessionModel).mockImplementation(
+        () =>
+          ({
+            hasMoreThanN: vi.fn().mockResolvedValue(false),
+          }) as any,
+      );
+
+      const result = await userRouter.createCaller({ ...mockCtx } as any).getUserState();
+
+      expect(result).toEqual({
+        isOnboard: true,
+        preference: { telemetry: null },
+        settings: {},
+        hasConversation: false,
+        canEnablePWAGuide: false,
+        canEnableTrace: false,
+        userId: mockUserId,
+      });
+    });
+  });
+
+  describe('makeUserOnboarded', () => {
+    it('should update user onboarded status', async () => {
+      vi.mocked(UserModel).mockImplementation(
+        () =>
+          ({
+            updateUser: vi.fn().mockResolvedValue({ rowCount: 1 }),
+          }) as any,
+      );
+
+      await userRouter.createCaller({ ...mockCtx }).makeUserOnboarded();
+
+      expect(UserModel).toHaveBeenCalledWith(serverDB, mockUserId);
+    });
+  });
+
+  describe('unlinkSSOProvider', () => {
+    it('should unlink SSO provider successfully', async () => {
+      const mockInput = {
+        provider: 'google',
+        providerAccountId: '123',
+      };
+
+      const mockAccount = {
+        userId: mockUserId,
+        provider: 'google',
+        providerAccountId: '123',
+        type: 'oauth',
+      };
+
+      vi.mocked(LobeNextAuthDbAdapter).mockReturnValue({
+        getAccount: vi.fn().mockResolvedValue(mockAccount),
+        unlinkAccount: vi.fn().mockResolvedValue(undefined),
+      } as any);
+
+      await expect(
+        userRouter.createCaller({ ...mockCtx }).unlinkSSOProvider(mockInput),
+      ).resolves.not.toThrow();
+    });
+
+    it('should throw error if account does not exist', async () => {
+      const mockInput = {
+        provider: 'google',
+        providerAccountId: '123',
+      };
+
+      vi.mocked(LobeNextAuthDbAdapter).mockReturnValue({
+        getAccount: vi.fn().mockResolvedValue(null),
+        unlinkAccount: vi.fn(),
+      } as any);
+
+      await expect(
+        userRouter.createCaller({ ...mockCtx }).unlinkSSOProvider(mockInput),
+      ).rejects.toThrow('The account does not exist');
+    });
+
+    it('should throw error if adapter methods are not implemented', async () => {
+      const mockInput = {
+        provider: 'google',
+        providerAccountId: '123',
+      };
+
+      vi.mocked(LobeNextAuthDbAdapter).mockReturnValue({} as any);
+
+      await expect(
+        userRouter.createCaller({ ...mockCtx }).unlinkSSOProvider(mockInput),
+      ).rejects.toThrow('The method in LobeNextAuthDbAdapter `unlinkAccount` is not implemented');
+    });
+  });
+
+  describe('updateSettings', () => {
+    it('should update settings with encrypted key vaults', async () => {
+      const mockSettings = {
+        keyVaults: { openai: { key: 'test-key' } },
+        general: { language: 'en-US' },
+      };
+
+      const mockEncryptedVaults = 'encrypted-data';
+      const mockGateKeeper = {
+        encrypt: vi.fn().mockResolvedValue(mockEncryptedVaults),
+      };
+
+      vi.mocked(KeyVaultsGateKeeper.initWithEnvKey).mockResolvedValue(mockGateKeeper as any);
+      vi.mocked(UserModel).mockImplementation(
+        () =>
+          ({
+            updateSetting: vi.fn().mockResolvedValue({ rowCount: 1 }),
+          }) as any,
+      );
+
+      await userRouter.createCaller({ ...mockCtx }).updateSettings(mockSettings);
+
+      expect(mockGateKeeper.encrypt).toHaveBeenCalledWith(JSON.stringify(mockSettings.keyVaults));
+    });
+
+    it('should update settings without key vaults', async () => {
+      const mockSettings = {
+        general: { language: 'en-US' },
+      };
+
+      vi.mocked(UserModel).mockImplementation(
+        () =>
+          ({
+            updateSetting: vi.fn().mockResolvedValue({ rowCount: 1 }),
+          }) as any,
+      );
+
+      await userRouter.createCaller({ ...mockCtx }).updateSettings(mockSettings);
+
+      expect(UserModel).toHaveBeenCalledWith(serverDB, mockUserId);
+    });
+  });
+});

package/src/server/services/nextAuthUser/index.ts

@@ -17,7 +17,7 @@ export class NextAuthUserService {
     { providerAccountId, provider }: { provider: string; providerAccountId: string },
     data: Partial<UserItem>,
   ) => {
-    pino.info('updating user due to webhook');
+    pino.info(`updating user "${JSON.stringify({ provider, providerAccountId })}" due to webhook`);
     // 1. Find User by account
     // @ts-expect-error: Already impl in `LobeNextauthDbAdapter`
     const user = await this.adapter.getUserByAccount({
@@ -37,7 +37,7 @@ export class NextAuthUserService {
       });
     } else {
       pino.warn(
-        `[${provider}]: Webhooks handler user update for "${JSON.stringify(data)}", but no user was found by the providerAccountId.`,
+        `[${provider}]: Webhooks handler user "${JSON.stringify({ provider, providerAccountId })}" update for "${JSON.stringify(data)}", but no user was found by the providerAccountId.`,
       );
     }
     return NextResponse.json({ message: 'user updated', success: true }, { status: 200 });

package/src/utils/errorResponse.test.ts

@@ -1,4 +1,4 @@
-import { describe, expect, it } from 'vitest';
+import { describe, expect, it, vi } from 'vitest';
 
 import { AgentRuntimeErrorType } from '@/libs/agent-runtime';
 import { ChatErrorType } from '@/types/fetch';
@@ -32,6 +32,30 @@ describe('createErrorResponse', () => {
     expect(response.status).toBe(403);
   });
 
+  it('returns a 429 status for InsufficientQuota error type', () => {
+    const errorType = AgentRuntimeErrorType.InsufficientQuota;
+    const response = createErrorResponse(errorType);
+    expect(response.status).toBe(429);
+  });
+
+  it('returns a 429 status for QuotaLimitReached error type', () => {
+    const errorType = AgentRuntimeErrorType.QuotaLimitReached;
+    const response = createErrorResponse(errorType);
+    expect(response.status).toBe(429);
+  });
+
+  it('returns a 400 status for ExceededContextWindow error type', () => {
+    const errorType = AgentRuntimeErrorType.ExceededContextWindow;
+    const response = createErrorResponse(errorType);
+    expect(response.status).toBe(400);
+  });
+
+  it('returns a 400 status for SystemTimeNotMatchError error type', () => {
+    const errorType = ChatErrorType.SystemTimeNotMatchError;
+    const response = createErrorResponse(errorType);
+    expect(response.status).toBe(400);
+  });
+
   describe('Provider Biz Error', () => {
     it('returns a 471 status for ProviderBizError error type', () => {
       const errorType = AgentRuntimeErrorType.ProviderBizError;
@@ -44,6 +68,18 @@ describe('createErrorResponse', () => {
       const response = createErrorResponse(errorType);
       expect(response.status).toBe(470);
     });
+
+    it('returns a 472 status for OllamaBizError error type', () => {
+      const errorType = AgentRuntimeErrorType.OllamaBizError;
+      const response = createErrorResponse(errorType);
+      expect(response.status).toBe(472);
+    });
+
+    it('returns a 472 status for OllamaServiceUnavailable error type', () => {
+      const errorType = ChatErrorType.OllamaServiceUnavailable;
+      const response = createErrorResponse(errorType);
+      expect(response.status).toBe(472);
+    });
   });
 
   // 测试状态码不在200-599范围内的情况