@nextclaw/channel-plugin-feishu 0.2.14 → 0.2.16

package/src/nextclaw-sdk/dedupe.ts

@@ -0,0 +1,246 @@
+import fs from "node:fs";
+import path from "node:path";
+
+function pruneMapToMaxSize<K, V>(map: Map<K, V>, maxSize: number): void {
+  while (map.size > maxSize) {
+    const firstKey = map.keys().next().value;
+    if (firstKey === undefined) {
+      break;
+    }
+    map.delete(firstKey);
+  }
+}
+
+export function createDedupeCache(options: {
+  ttlMs: number;
+  maxSize: number;
+}): {
+  check: (key: string | undefined | null, now?: number) => boolean;
+  peek: (key: string | undefined | null, now?: number) => boolean;
+  delete: (key: string | undefined | null) => void;
+  clear: () => void;
+  size: () => number;
+} {
+  const ttlMs = Math.max(0, options.ttlMs);
+  const maxSize = Math.max(0, Math.floor(options.maxSize));
+  const cache = new Map<string, number>();
+
+  const touch = (key: string, now: number) => {
+    cache.delete(key);
+    cache.set(key, now);
+  };
+
+  const prune = (now: number) => {
+    const cutoff = ttlMs > 0 ? now - ttlMs : undefined;
+    if (cutoff !== undefined) {
+      for (const [key, seenAt] of cache) {
+        if (seenAt < cutoff) {
+          cache.delete(key);
+        }
+      }
+    }
+    if (maxSize <= 0) {
+      cache.clear();
+      return;
+    }
+    pruneMapToMaxSize(cache, maxSize);
+  };
+
+  const hasUnexpired = (key: string, now: number, touchOnRead: boolean): boolean => {
+    const seenAt = cache.get(key);
+    if (seenAt === undefined) {
+      return false;
+    }
+    if (ttlMs > 0 && now - seenAt >= ttlMs) {
+      cache.delete(key);
+      return false;
+    }
+    if (touchOnRead) {
+      touch(key, now);
+    }
+    return true;
+  };
+
+  return {
+    check: (key, now = Date.now()) => {
+      if (!key) {
+        return false;
+      }
+      if (hasUnexpired(key, now, true)) {
+        return true;
+      }
+      touch(key, now);
+      prune(now);
+      return false;
+    },
+    peek: (key, now = Date.now()) => {
+      if (!key) {
+        return false;
+      }
+      return hasUnexpired(key, now, false);
+    },
+    delete: (key) => {
+      if (key) {
+        cache.delete(key);
+      }
+    },
+    clear: () => cache.clear(),
+    size: () => cache.size,
+  };
+}
+
+export async function readJsonFileWithFallback<T>(
+  filePath: string,
+  fallback: T,
+): Promise<{ value: T; exists: boolean }> {
+  try {
+    const raw = await fs.promises.readFile(filePath, "utf-8");
+    return { value: JSON.parse(raw) as T, exists: true };
+  } catch (error) {
+    const code = (error as { code?: string }).code;
+    if (code === "ENOENT") {
+      return { value: fallback, exists: false };
+    }
+    return { value: fallback, exists: false };
+  }
+}
+
+async function writeJsonFileAtomically(filePath: string, value: unknown): Promise<void> {
+  await fs.promises.mkdir(path.dirname(filePath), { recursive: true, mode: 0o700 });
+  const tempPath = `${filePath}.${process.pid}.${Date.now()}.tmp`;
+  await fs.promises.writeFile(tempPath, `${JSON.stringify(value, null, 2)}\n`, { mode: 0o600 });
+  await fs.promises.rename(tempPath, filePath);
+}
+
+export function createPersistentDedupe(options: {
+  ttlMs: number;
+  memoryMaxSize: number;
+  fileMaxEntries: number;
+  resolveFilePath: (namespace: string) => string;
+  onDiskError?: (error: unknown) => void;
+}) {
+  const ttlMs = Math.max(0, Math.floor(options.ttlMs));
+  const fileMaxEntries = Math.max(1, Math.floor(options.fileMaxEntries));
+  const memory = createDedupeCache({
+    ttlMs,
+    maxSize: Math.max(0, Math.floor(options.memoryMaxSize)),
+  });
+  const inflight = new Map<string, Promise<boolean>>();
+
+  const sanitize = (value: unknown): Record<string, number> => {
+    if (!value || typeof value !== "object") {
+      return {};
+    }
+    const out: Record<string, number> = {};
+    for (const [key, timestamp] of Object.entries(value as Record<string, unknown>)) {
+      if (typeof timestamp === "number" && Number.isFinite(timestamp) && timestamp > 0) {
+        out[key] = timestamp;
+      }
+    }
+    return out;
+  };
+
+  const pruneData = (data: Record<string, number>, now: number) => {
+    if (ttlMs > 0) {
+      for (const [key, timestamp] of Object.entries(data)) {
+        if (now - timestamp >= ttlMs) {
+          delete data[key];
+        }
+      }
+    }
+    const keys = Object.keys(data);
+    if (keys.length > fileMaxEntries) {
+      keys
+        .toSorted((left, right) => data[left] - data[right])
+        .slice(0, keys.length - fileMaxEntries)
+        .forEach((key) => {
+          delete data[key];
+        });
+    }
+  };
+
+  const checkAndRecordInner = async (
+    key: string,
+    namespace: string,
+    scopedKey: string,
+    now: number,
+    onDiskError?: (error: unknown) => void,
+  ): Promise<boolean> => {
+    if (memory.check(scopedKey, now)) {
+      return false;
+    }
+
+    const filePath = options.resolveFilePath(namespace);
+    try {
+      const { value } = await readJsonFileWithFallback<Record<string, number>>(filePath, {});
+      const data = sanitize(value);
+      const seenAt = data[key];
+      if (seenAt != null && (ttlMs <= 0 || now - seenAt < ttlMs)) {
+        return false;
+      }
+      data[key] = now;
+      pruneData(data, now);
+      await writeJsonFileAtomically(filePath, data);
+      return true;
+    } catch (error) {
+      onDiskError?.(error);
+      memory.check(scopedKey, now);
+      return true;
+    }
+  };
+
+  return {
+    async checkAndRecord(
+      key: string,
+      dedupeOptions?: {
+        namespace?: string;
+        now?: number;
+        onDiskError?: (error: unknown) => void;
+      },
+    ): Promise<boolean> {
+      const trimmed = key.trim();
+      if (!trimmed) {
+        return true;
+      }
+      const namespace = dedupeOptions?.namespace?.trim() || "global";
+      const scopedKey = `${namespace}:${trimmed}`;
+      if (inflight.has(scopedKey)) {
+        return false;
+      }
+      const work = checkAndRecordInner(
+        trimmed,
+        namespace,
+        scopedKey,
+        dedupeOptions?.now ?? Date.now(),
+        dedupeOptions?.onDiskError ?? options.onDiskError,
+      );
+      inflight.set(scopedKey, work);
+      try {
+        return await work;
+      } finally {
+        inflight.delete(scopedKey);
+      }
+    },
+    async warmup(namespace = "global", onError?: (error: unknown) => void): Promise<number> {
+      const filePath = options.resolveFilePath(namespace);
+      try {
+        const { value } = await readJsonFileWithFallback<Record<string, number>>(filePath, {});
+        const now = Date.now();
+        let loaded = 0;
+        for (const [key, timestamp] of Object.entries(sanitize(value))) {
+          if (ttlMs > 0 && now - timestamp >= ttlMs) {
+            continue;
+          }
+          memory.check(`${namespace}:${key}`, timestamp);
+          loaded += 1;
+        }
+        return loaded;
+      } catch (error) {
+        onError?.(error);
+        return 0;
+      }
+    },
+    clearMemory: () => memory.clear(),
+    memorySize: () => memory.size(),
+  };
+}

package/src/nextclaw-sdk/feishu.ts

@@ -0,0 +1,77 @@
+export type {
+  AllowlistMatch,
+  AnyAgentTool,
+  BaseProbeResult,
+  ChannelGroupContext,
+  ChannelMeta,
+  ChannelOnboardingAdapter,
+  ChannelOnboardingDmPolicy,
+  ChannelOutboundAdapter,
+  ChannelPlugin,
+  ClawdbotConfig,
+  DmPolicy,
+  GroupToolPolicyConfig,
+  HistoryEntry,
+  OpenClawConfig,
+  OpenClawPluginApi,
+  PluginRuntime,
+  ReplyPayload,
+  RuntimeEnv,
+  SecretInput,
+  WizardPrompter,
+} from "./types.js";
+export {
+  buildAgentMediaPayload,
+  buildProbeChannelStatusSummary,
+  buildRuntimeAccountStatusSnapshot,
+  collectAllowlistProviderRestrictSendersWarnings,
+  createDefaultChannelRuntimeState,
+  createReplyPrefixContext,
+  createScopedPairingAccess,
+  createTypingCallbacks,
+  emptyPluginConfigSchema,
+  evaluateSenderGroupAccessForPolicy,
+  formatAllowFromLowercase,
+  formatDocsLink,
+  issuePairingChallenge,
+  listDirectoryGroupEntriesFromMapKeysAndAllowFrom,
+  listDirectoryUserEntriesFromAllowFromAndMapKeys,
+  logTypingFailure,
+  mapAllowFromEntries,
+  PAIRING_APPROVED_MESSAGE,
+  resolveDefaultGroupPolicy,
+  resolveOpenProviderRuntimeGroupPolicy,
+  warnMissingProviderGroupPolicyFallbackOnce,
+} from "./core.js";
+export { DEFAULT_ACCOUNT_ID, normalizeAgentId } from "./account-id.js";
+export { createDedupeCache, createPersistentDedupe, readJsonFileWithFallback } from "./dedupe.js";
+export {
+  buildPendingHistoryContextFromMap,
+  clearHistoryEntriesIfEnabled,
+  DEFAULT_GROUP_HISTORY_LIMIT,
+  recordPendingHistoryEntryIfEnabled,
+} from "./history.js";
+export {
+  applyBasicWebhookRequestGuards,
+  createFixedWindowRateLimiter,
+  createWebhookAnomalyTracker,
+  fetchWithSsrFGuard,
+  installRequestBodyLimitGuard,
+  readJsonBodyWithLimit,
+  WEBHOOK_ANOMALY_COUNTER_DEFAULTS,
+  WEBHOOK_RATE_LIMIT_DEFAULTS,
+  withTempDownloadPath,
+} from "./network.js";
+export {
+  buildSecretInputSchema,
+  buildSingleChannelSecretPromptState,
+  hasConfiguredSecretInput,
+  mergeAllowFromEntries,
+  normalizeResolvedSecretInputString,
+  normalizeSecretInputString,
+  promptSingleChannelSecretInput,
+  setTopLevelChannelAllowFrom,
+  setTopLevelChannelDmPolicyWithAllowFrom,
+  setTopLevelChannelGroupPolicy,
+  splitOnboardingEntries,
+} from "./secrets.js";

package/src/nextclaw-sdk/history.ts

@@ -0,0 +1,127 @@
+import type { HistoryEntry } from "./types.js";
+
+export const HISTORY_CONTEXT_MARKER = "[Chat messages since your last reply - for context]";
+export const CURRENT_MESSAGE_MARKER = "[Current message]";
+export const DEFAULT_GROUP_HISTORY_LIMIT = 50;
+const MAX_HISTORY_KEYS = 1_000;
+
+function evictOldHistoryKeys<T>(historyMap: Map<string, T[]>, maxKeys = MAX_HISTORY_KEYS): void {
+  if (historyMap.size <= maxKeys) {
+    return;
+  }
+  const keysToDelete = historyMap.size - maxKeys;
+  const iterator = historyMap.keys();
+  for (let index = 0; index < keysToDelete; index += 1) {
+    const key = iterator.next().value;
+    if (key !== undefined) {
+      historyMap.delete(key);
+    }
+  }
+}
+
+function buildHistoryContext(params: {
+  historyText: string;
+  currentMessage: string;
+  lineBreak?: string;
+}): string {
+  const lineBreak = params.lineBreak ?? "\n";
+  if (!params.historyText.trim()) {
+    return params.currentMessage;
+  }
+  return [
+    HISTORY_CONTEXT_MARKER,
+    params.historyText,
+    "",
+    CURRENT_MESSAGE_MARKER,
+    params.currentMessage,
+  ].join(lineBreak);
+}
+
+function appendHistoryEntry<T extends HistoryEntry>(params: {
+  historyMap: Map<string, T[]>;
+  historyKey: string;
+  entry: T;
+  limit: number;
+}): T[] {
+  if (params.limit <= 0) {
+    return [];
+  }
+  const history = params.historyMap.get(params.historyKey) ?? [];
+  history.push(params.entry);
+  while (history.length > params.limit) {
+    history.shift();
+  }
+  if (params.historyMap.has(params.historyKey)) {
+    params.historyMap.delete(params.historyKey);
+  }
+  params.historyMap.set(params.historyKey, history);
+  evictOldHistoryKeys(params.historyMap);
+  return history;
+}
+
+function buildHistoryContextFromEntries(params: {
+  entries: HistoryEntry[];
+  currentMessage: string;
+  formatEntry: (entry: HistoryEntry) => string;
+  lineBreak?: string;
+  excludeLast?: boolean;
+}): string {
+  const lineBreak = params.lineBreak ?? "\n";
+  const entries = params.excludeLast === false ? params.entries : params.entries.slice(0, -1);
+  if (entries.length === 0) {
+    return params.currentMessage;
+  }
+  return buildHistoryContext({
+    historyText: entries.map(params.formatEntry).join(lineBreak),
+    currentMessage: params.currentMessage,
+    lineBreak,
+  });
+}
+
+export function recordPendingHistoryEntryIfEnabled<T extends HistoryEntry>(params: {
+  historyMap: Map<string, T[]>;
+  historyKey: string;
+  entry?: T | null;
+  limit: number;
+}): T[] {
+  if (!params.entry || params.limit <= 0) {
+    return [];
+  }
+  return appendHistoryEntry({
+    historyMap: params.historyMap,
+    historyKey: params.historyKey,
+    entry: params.entry,
+    limit: params.limit,
+  });
+}
+
+export function buildPendingHistoryContextFromMap(params: {
+  historyMap: Map<string, HistoryEntry[]>;
+  historyKey: string;
+  limit: number;
+  currentMessage: string;
+  formatEntry: (entry: HistoryEntry) => string;
+  lineBreak?: string;
+}): string {
+  if (params.limit <= 0) {
+    return params.currentMessage;
+  }
+  return buildHistoryContextFromEntries({
+    entries: params.historyMap.get(params.historyKey) ?? [],
+    currentMessage: params.currentMessage,
+    formatEntry: params.formatEntry,
+    lineBreak: params.lineBreak,
+    excludeLast: false,
+  });
+}
+
+export function clearHistoryEntriesIfEnabled(params: {
+  historyMap: Map<string, HistoryEntry[]>;
+  historyKey: string;
+  limit: number;
+}): void {
+  if (params.limit <= 0) {
+    return;
+  }
+  params.historyMap.set(params.historyKey, []);
+}

package/src/nextclaw-sdk/network-body.ts

@@ -0,0 +1,245 @@
+import type { IncomingMessage, ServerResponse } from "node:http";
+
+export type RequestBodyLimitErrorCode =
+  | "PAYLOAD_TOO_LARGE"
+  | "REQUEST_BODY_TIMEOUT"
+  | "CONNECTION_CLOSED";
+
+class RequestBodyLimitError extends Error {
+  readonly code: RequestBodyLimitErrorCode;
+  readonly statusCode: number;
+
+  constructor(code: RequestBodyLimitErrorCode) {
+    super(code);
+    this.name = "RequestBodyLimitError";
+    this.code = code;
+    this.statusCode = code === "PAYLOAD_TOO_LARGE" ? 413 : code === "REQUEST_BODY_TIMEOUT" ? 408 : 400;
+  }
+}
+
+function requestBodyErrorToText(code: RequestBodyLimitErrorCode): string {
+  switch (code) {
+    case "PAYLOAD_TOO_LARGE":
+      return "Payload too large";
+    case "REQUEST_BODY_TIMEOUT":
+      return "Request body timeout";
+    default:
+      return "Connection closed";
+  }
+}
+
+function parseContentLengthHeader(req: IncomingMessage): number | null {
+  const header = req.headers["content-length"];
+  const raw = Array.isArray(header) ? header[0] : header;
+  if (typeof raw !== "string") {
+    return null;
+  }
+  const parsed = Number.parseInt(raw, 10);
+  return Number.isFinite(parsed) && parsed >= 0 ? parsed : null;
+}
+
+async function readRequestBodyWithLimit(
+  req: IncomingMessage,
+  options: { maxBytes: number; timeoutMs?: number; encoding?: BufferEncoding },
+): Promise<string> {
+  const maxBytes = Math.max(1, Math.floor(options.maxBytes));
+  const timeoutMs =
+    typeof options.timeoutMs === "number" && options.timeoutMs > 0
+      ? Math.floor(options.timeoutMs)
+      : 30_000;
+  const encoding = options.encoding ?? "utf-8";
+
+  const declaredLength = parseContentLengthHeader(req);
+  if (declaredLength !== null && declaredLength > maxBytes) {
+    throw new RequestBodyLimitError("PAYLOAD_TOO_LARGE");
+  }
+
+  return await new Promise((resolve, reject) => {
+    let done = false;
+    let ended = false;
+    let totalBytes = 0;
+    const chunks: Buffer[] = [];
+
+    const finish = (cb: () => void) => {
+      if (done) {
+        return;
+      }
+      done = true;
+      req.removeListener("data", onData);
+      req.removeListener("end", onEnd);
+      req.removeListener("error", onError);
+      req.removeListener("close", onClose);
+      clearTimeout(timer);
+      cb();
+    };
+
+    const fail = (error: Error) => finish(() => reject(error));
+
+    const onData = (chunk: Buffer | string) => {
+      const buffer = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk);
+      totalBytes += buffer.length;
+      if (totalBytes > maxBytes) {
+        if (!req.destroyed) {
+          req.destroy();
+        }
+        fail(new RequestBodyLimitError("PAYLOAD_TOO_LARGE"));
+        return;
+      }
+      chunks.push(buffer);
+    };
+
+    const onEnd = () => {
+      ended = true;
+      finish(() => resolve(Buffer.concat(chunks).toString(encoding)));
+    };
+    const onError = (error: Error) => fail(error);
+    const onClose = () => {
+      if (!done && !ended) {
+        fail(new RequestBodyLimitError("CONNECTION_CLOSED"));
+      }
+    };
+
+    const timer = setTimeout(() => {
+      if (!req.destroyed) {
+        req.destroy();
+      }
+      fail(new RequestBodyLimitError("REQUEST_BODY_TIMEOUT"));
+    }, timeoutMs);
+
+    req.on("data", onData);
+    req.on("end", onEnd);
+    req.on("error", onError);
+    req.on("close", onClose);
+  });
+}
+
+export async function readJsonBodyWithLimit(
+  req: IncomingMessage,
+  options: { maxBytes: number; timeoutMs?: number; emptyObjectOnEmpty?: boolean },
+): Promise<
+  | { ok: true; value: unknown }
+  | { ok: false; error: string; code: RequestBodyLimitErrorCode | "INVALID_JSON" }
+> {
+  try {
+    const raw = await readRequestBodyWithLimit(req, options);
+    const trimmed = raw.trim();
+    if (!trimmed) {
+      if (options.emptyObjectOnEmpty === false) {
+        return { ok: false, code: "INVALID_JSON", error: "empty payload" };
+      }
+      return { ok: true, value: {} };
+    }
+    try {
+      return { ok: true, value: JSON.parse(trimmed) as unknown };
+    } catch (error) {
+      return {
+        ok: false,
+        code: "INVALID_JSON",
+        error: error instanceof Error ? error.message : String(error),
+      };
+    }
+  } catch (error) {
+    if (error instanceof RequestBodyLimitError) {
+      return { ok: false, code: error.code, error: requestBodyErrorToText(error.code) };
+    }
+    return {
+      ok: false,
+      code: "INVALID_JSON",
+      error: error instanceof Error ? error.message : String(error),
+    };
+  }
+}
+
+export function installRequestBodyLimitGuard(
+  req: IncomingMessage,
+  res: ServerResponse,
+  options: { maxBytes: number; timeoutMs?: number; responseFormat?: "json" | "text" },
+) {
+  const maxBytes = Math.max(1, Math.floor(options.maxBytes));
+  const timeoutMs =
+    typeof options.timeoutMs === "number" && options.timeoutMs > 0
+      ? Math.floor(options.timeoutMs)
+      : 30_000;
+  const responseFormat = options.responseFormat ?? "json";
+
+  let tripped = false;
+  let code: RequestBodyLimitErrorCode | null = null;
+  let done = false;
+  let ended = false;
+  let totalBytes = 0;
+
+  const finish = () => {
+    if (done) {
+      return;
+    }
+    done = true;
+    req.removeListener("data", onData);
+    req.removeListener("end", onEnd);
+    req.removeListener("close", onClose);
+    req.removeListener("error", onError);
+    clearTimeout(timer);
+  };
+
+  const respond = (error: RequestBodyLimitError) => {
+    if (res.headersSent) {
+      return;
+    }
+    const text = requestBodyErrorToText(error.code);
+    res.statusCode = error.statusCode;
+    if (responseFormat === "text") {
+      res.setHeader("Content-Type", "text/plain; charset=utf-8");
+      res.end(text);
+      return;
+    }
+    res.setHeader("Content-Type", "application/json; charset=utf-8");
+    res.end(JSON.stringify({ error: text }));
+  };
+
+  const trip = (error: RequestBodyLimitError) => {
+    if (tripped) {
+      return;
+    }
+    tripped = true;
+    code = error.code;
+    finish();
+    respond(error);
+    if (!req.destroyed) {
+      req.destroy();
+    }
+  };
+
+  const onData = (chunk: Buffer | string) => {
+    const buffer = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk);
+    totalBytes += buffer.length;
+    if (totalBytes > maxBytes) {
+      trip(new RequestBodyLimitError("PAYLOAD_TOO_LARGE"));
+    }
+  };
+  const onEnd = () => {
+    ended = true;
+    finish();
+  };
+  const onClose = () => {
+    if (!ended) {
+      finish();
+    }
+  };
+  const onError = () => finish();
+  const timer = setTimeout(() => trip(new RequestBodyLimitError("REQUEST_BODY_TIMEOUT")), timeoutMs);
+
+  req.on("data", onData);
+  req.on("end", onEnd);
+  req.on("close", onClose);
+  req.on("error", onError);
+
+  const declaredLength = parseContentLengthHeader(req);
+  if (declaredLength !== null && declaredLength > maxBytes) {
+    trip(new RequestBodyLimitError("PAYLOAD_TOO_LARGE"));
+  }
+
+  return {
+    dispose: finish,
+    isTripped: () => tripped,
+    code: () => code,
+  };
+}