@nexustechpro/baileys 2.0.2 → 2.0.6

package/lib/Utils/tc-token-utils.js

@@ -0,0 +1,162 @@
+import { getBinaryNodeChild, getBinaryNodeChildren, isHostedLidUser, isHostedPnUser, isJidMetaAI, isLidUser, isPnUser, jidNormalizedUser } from '../WABinary/index.js';
+// Same phone-number pattern as WABinary's isJidBot, applied against the user
+// part so the check is invariant to @c.us ↔ @s.whatsapp.net normalization.
+const BOT_PHONE_REGEX = /^1313555\d{4}$|^131655500\d{2}$/;
+/**
+ * Mirrors WA Web's `Wid.isRegularUser()` (user ∧ ¬PSA ∧ ¬Bot). Used to gate tctoken
+ * storage against malformed notifications — WA Web filters server-side but we
+ * defend here for parity with `WAWebSetTcTokenChatAction.handleIncomingTcToken`.
+ * Works for both pre- and post-normalized JIDs (`@c.us` vs `@s.whatsapp.net`).
+ */
+function isRegularUser(jid) {
+    if (!jid)
+        return false;
+    const user = jid.split('@')[0] ?? '';
+    if (user === '0')
+        return false; // PSA
+    if (BOT_PHONE_REGEX.test(user))
+        return false; // Bot by phone pattern
+    if (isJidMetaAI(jid))
+        return false; // MetaAI (@bot server)
+    return !!(isPnUser(jid) || isLidUser(jid) || isHostedPnUser(jid) || isHostedLidUser(jid) || jid.endsWith('@c.us'));
+}
+const TC_TOKEN_BUCKET_DURATION = 604800; // 7 days
+const TC_TOKEN_NUM_BUCKETS = 4; // ~28-day rolling window
+/** Sentinel key under `tctoken` store holding a JSON array of tracked storage JIDs for cross-session pruning. */
+export const TC_TOKEN_INDEX_KEY = '__index';
+/** Read the persisted tctoken JID index and return its entries (never contains the sentinel key itself). */
+export async function readTcTokenIndex(keys) {
+    const data = await keys.get('tctoken', [TC_TOKEN_INDEX_KEY]);
+    const entry = data[TC_TOKEN_INDEX_KEY];
+    if (!entry?.token?.length)
+        return [];
+    try {
+        const parsed = JSON.parse(Buffer.from(entry.token).toString());
+        if (!Array.isArray(parsed))
+            return [];
+        return parsed.filter((j) => typeof j === 'string' && j.length > 0 && j !== TC_TOKEN_INDEX_KEY);
+    }
+    catch {
+        return [];
+    }
+}
+/** Build a SignalDataSet fragment that writes the merged index (persisted ∪ added) under the sentinel key. */
+export async function buildMergedTcTokenIndexWrite(keys, addedJids) {
+    const persisted = await readTcTokenIndex(keys);
+    const merged = new Set(persisted);
+    for (const jid of addedJids) {
+        if (jid && jid !== TC_TOKEN_INDEX_KEY)
+            merged.add(jid);
+    }
+    return {
+        [TC_TOKEN_INDEX_KEY]: { token: Buffer.from(JSON.stringify([...merged])) }
+    };
+}
+// WA Web has separate sender/receiver AB props for these but they're identical today
+export function isTcTokenExpired(timestamp) {
+    if (timestamp === null || timestamp === undefined)
+        return true;
+    const ts = typeof timestamp === 'string' ? parseInt(timestamp) : timestamp;
+    if (isNaN(ts))
+        return true;
+    const now = Math.floor(Date.now() / 1000);
+    const currentBucket = Math.floor(now / TC_TOKEN_BUCKET_DURATION);
+    const cutoffBucket = currentBucket - (TC_TOKEN_NUM_BUCKETS - 1);
+    const cutoffTimestamp = cutoffBucket * TC_TOKEN_BUCKET_DURATION;
+    return ts < cutoffTimestamp;
+}
+export function shouldSendNewTcToken(senderTimestamp) {
+    if (senderTimestamp === undefined)
+        return true;
+    const now = Math.floor(Date.now() / 1000);
+    const currentBucket = Math.floor(now / TC_TOKEN_BUCKET_DURATION);
+    const senderBucket = Math.floor(senderTimestamp / TC_TOKEN_BUCKET_DURATION);
+    return currentBucket > senderBucket;
+}
+/** Resolve JID to LID for tctoken storage (WA Web stores under LID) */
+export async function resolveTcTokenJid(jid, getLIDForPN) {
+    if (isLidUser(jid))
+        return jid;
+    const lid = await getLIDForPN(jid);
+    return lid ?? jid;
+}
+/** Resolve target JID for issuing privacy token based on AB prop 14303 */
+export async function resolveIssuanceJid(jid, issueToLid, getLIDForPN, getPNForLID) {
+    if (issueToLid) {
+        if (isLidUser(jid))
+            return jid;
+        const lid = await getLIDForPN(jid);
+        return lid ?? jid;
+    }
+    if (!isLidUser(jid))
+        return jid;
+    if (getPNForLID) {
+        const pn = await getPNForLID(jid);
+        return pn ?? jid;
+    }
+    return jid;
+}
+export async function buildTcTokenFromJid({ authState, jid, baseContent = [], getLIDForPN }) {
+    try {
+        const storageJid = await resolveTcTokenJid(jid, getLIDForPN);
+        const tcTokenData = await authState.keys.get('tctoken', [storageJid]);
+        const entry = tcTokenData?.[storageJid];
+        const tcTokenBuffer = entry?.token;
+        if (!tcTokenBuffer?.length || isTcTokenExpired(entry?.timestamp)) {
+            if (tcTokenBuffer) {
+                // Preserve senderTimestamp so shouldSendNewTcToken() keeps its dedupe state
+                // after we drop the unusable peer token. Only wipe the record entirely when
+                // there's nothing worth keeping.
+                const cleared = entry?.senderTimestamp !== undefined
+                    ? { token: Buffer.alloc(0), senderTimestamp: entry.senderTimestamp }
+                    : null;
+                await authState.keys.set({ tctoken: { [storageJid]: cleared } });
+            }
+            return baseContent.length > 0 ? baseContent : undefined;
+        }
+        baseContent.push({
+            tag: 'tctoken',
+            attrs: {},
+            content: tcTokenBuffer
+        });
+        return baseContent;
+    }
+    catch (error) {
+        return baseContent.length > 0 ? baseContent : undefined;
+    }
+}
+export async function storeTcTokensFromIqResult({ result, fallbackJid, keys, getLIDForPN, onNewJidStored }) {
+    const tokensNode = getBinaryNodeChild(result, 'tokens');
+    if (!tokensNode)
+        return;
+    const tokenNodes = getBinaryNodeChildren(tokensNode, 'token');
+    for (const tokenNode of tokenNodes) {
+        if (tokenNode.attrs.type !== 'trusted_contact' || !(tokenNode.content instanceof Uint8Array)) {
+            continue;
+        }
+        // In notifications tokenNode.attrs.jid is your own device JID, not the sender's
+        const rawJid = jidNormalizedUser(fallbackJid || tokenNode.attrs.jid);
+        if (!isRegularUser(rawJid))
+            continue;
+        const storageJid = await resolveTcTokenJid(rawJid, getLIDForPN);
+        const existingTcData = await keys.get('tctoken', [storageJid]);
+        const existingEntry = existingTcData[storageJid];
+        const existingTs = existingEntry?.timestamp ? Number(existingEntry.timestamp) : 0;
+        const incomingTs = tokenNode.attrs.t ? Number(tokenNode.attrs.t) : 0;
+        // timestamp-less tokens would be immediately expired
+        if (!incomingTs)
+            continue;
+        if (existingTs > 0 && existingTs > incomingTs)
+            continue;
+        await keys.set({
+            tctoken: {
+                [storageJid]: {
+                    ...existingEntry,
+                    token: Buffer.from(tokenNode.content),
+                    timestamp: tokenNode.attrs.t
+                }
+            }
+        });
+        onNewJidStored?.(storageJid);
+    }
+}

package/lib/Utils/use-multi-file-auth-state.js

@@ -1,121 +1,121 @@
-import { Mutex } from 'async-mutex';
-import { mkdir, readFile, stat, unlink, writeFile } from 'fs/promises';
-import { join } from 'path';
-import { proto } from '../../WAProto/index.js';
-import { initAuthCreds } from './auth-utils.js';
-import { BufferJSON } from './generics.js';
-// We need to lock files due to the fact that we are using async functions to read and write files
-// https://github.com/WhiskeySockets/Baileys/issues/794
-// https://github.com/nodejs/node/issues/26338
-// Use a Map to store mutexes for each file path
-const fileLocks = new Map();
-// Get or create a mutex for a specific file path
-const getFileLock = (path) => {
-    let mutex = fileLocks.get(path);
-    if (!mutex) {
-        mutex = new Mutex();
-        fileLocks.set(path, mutex);
-    }
-    return mutex;
-};
-/**
- * stores the full authentication state in a single folder.
- * Far more efficient than singlefileauthstate
- *
- * Again, I wouldn't endorse this for any production level use other than perhaps a bot.
- * Would recommend writing an auth state for use with a proper SQL or No-SQL DB
- * */
-export const useMultiFileAuthState = async (folder) => {
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    const writeData = async (data, file) => {
-        const filePath = join(folder, fixFileName(file));
-        const mutex = getFileLock(filePath);
-        return mutex.acquire().then(async (release) => {
-            try {
-                await writeFile(filePath, JSON.stringify(data, BufferJSON.replacer));
-            }
-            finally {
-                release();
-            }
-        });
-    };
-    const readData = async (file) => {
-        try {
-            const filePath = join(folder, fixFileName(file));
-            const mutex = getFileLock(filePath);
-            return await mutex.acquire().then(async (release) => {
-                try {
-                    const data = await readFile(filePath, { encoding: 'utf-8' });
-                    return JSON.parse(data, BufferJSON.reviver);
-                }
-                finally {
-                    release();
-                }
-            });
-        }
-        catch (error) {
-            return null;
-        }
-    };
-    const removeData = async (file) => {
-        try {
-            const filePath = join(folder, fixFileName(file));
-            const mutex = getFileLock(filePath);
-            return mutex.acquire().then(async (release) => {
-                try {
-                    await unlink(filePath);
-                }
-                catch {
-                }
-                finally {
-                    release();
-                }
-            });
-        }
-        catch { }
-    };
-    const folderInfo = await stat(folder).catch(() => { });
-    if (folderInfo) {
-        if (!folderInfo.isDirectory()) {
-            throw new Error(`found something that is not a directory at ${folder}, either delete it or specify a different location`);
-        }
-    }
-    else {
-        await mkdir(folder, { recursive: true });
-    }
-    const fixFileName = (file) => file?.replace(/\//g, '__')?.replace(/:/g, '-');
-    const creds = (await readData('creds.json')) || initAuthCreds();
-    return {
-        state: {
-            creds,
-            keys: {
-                get: async (type, ids) => {
-                    const data = {};
-                    await Promise.all(ids.map(async (id) => {
-                        let value = await readData(`${type}-${id}.json`);
-                        if (type === 'app-state-sync-key' && value) {
-                            value = proto.Message.AppStateSyncKeyData.fromObject(value);
-                        }
-                        data[id] = value;
-                    }));
-                    return data;
-                },
-                set: async (data) => {
-                    const tasks = [];
-                    for (const category in data) {
-                        for (const id in data[category]) {
-                            const value = data[category][id];
-                            const file = `${category}-${id}.json`;
-                            tasks.push(value ? writeData(value, file) : removeData(file));
-                        }
-                    }
-                    await Promise.all(tasks);
-                }
-            }
-        },
-        saveCreds: async () => {
-            return writeData(creds, 'creds.json');
-        }
-    };
-};
+import { Mutex } from 'async-mutex';
+import { mkdir, readFile, stat, unlink, writeFile } from 'fs/promises';
+import { join } from 'path';
+import { proto } from '../../WAProto/index.js';
+import { initAuthCreds } from './auth-utils.js';
+import { BufferJSON } from './generics.js';
+// We need to lock files due to the fact that we are using async functions to read and write files
+// https://github.com/WhiskeySockets/Baileys/issues/794
+// https://github.com/nodejs/node/issues/26338
+// Use a Map to store mutexes for each file path
+const fileLocks = new Map();
+// Get or create a mutex for a specific file path
+const getFileLock = (path) => {
+    let mutex = fileLocks.get(path);
+    if (!mutex) {
+        mutex = new Mutex();
+        fileLocks.set(path, mutex);
+    }
+    return mutex;
+};
+/**
+ * stores the full authentication state in a single folder.
+ * Far more efficient than singlefileauthstate
+ *
+ * Again, I wouldn't endorse this for any production level use other than perhaps a bot.
+ * Would recommend writing an auth state for use with a proper SQL or No-SQL DB
+ * */
+export const useMultiFileAuthState = async (folder) => {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const writeData = async (data, file) => {
+        const filePath = join(folder, fixFileName(file));
+        const mutex = getFileLock(filePath);
+        return mutex.acquire().then(async (release) => {
+            try {
+                await writeFile(filePath, JSON.stringify(data, BufferJSON.replacer));
+            }
+            finally {
+                release();
+            }
+        });
+    };
+    const readData = async (file) => {
+        try {
+            const filePath = join(folder, fixFileName(file));
+            const mutex = getFileLock(filePath);
+            return await mutex.acquire().then(async (release) => {
+                try {
+                    const data = await readFile(filePath, { encoding: 'utf-8' });
+                    return JSON.parse(data, BufferJSON.reviver);
+                }
+                finally {
+                    release();
+                }
+            });
+        }
+        catch (error) {
+            return null;
+        }
+    };
+    const removeData = async (file) => {
+        try {
+            const filePath = join(folder, fixFileName(file));
+            const mutex = getFileLock(filePath);
+            return mutex.acquire().then(async (release) => {
+                try {
+                    await unlink(filePath);
+                }
+                catch {
+                }
+                finally {
+                    release();
+                }
+            });
+        }
+        catch { }
+    };
+    const folderInfo = await stat(folder).catch(() => { });
+    if (folderInfo) {
+        if (!folderInfo.isDirectory()) {
+            throw new Error(`found something that is not a directory at ${folder}, either delete it or specify a different location`);
+        }
+    }
+    else {
+        await mkdir(folder, { recursive: true });
+    }
+    const fixFileName = (file) => file?.replace(/\//g, '__')?.replace(/:/g, '-');
+    const creds = (await readData('creds.json')) || initAuthCreds();
+    return {
+        state: {
+            creds,
+            keys: {
+                get: async (type, ids) => {
+                    const data = {};
+                    await Promise.all(ids.map(async (id) => {
+                        let value = await readData(`${type}-${id}.json`);
+                        if (type === 'app-state-sync-key' && value) {
+                            value = proto.Message.AppStateSyncKeyData.fromObject(value);
+                        }
+                        data[id] = value;
+                    }));
+                    return data;
+                },
+                set: async (data) => {
+                    const tasks = [];
+                    for (const category in data) {
+                        for (const id in data[category]) {
+                            const value = data[category][id];
+                            const file = `${category}-${id}.json`;
+                            tasks.push(value ? writeData(value, file) : removeData(file));
+                        }
+                    }
+                    await Promise.all(tasks);
+                }
+            }
+        },
+        saveCreds: async () => {
+            return writeData(creds, 'creds.json');
+        }
+    };
+};
 //# sourceMappingURL=use-multi-file-auth-state.js.map