@nordsym/apiclaw 1.5.9 → 1.5.11

package/src/product-whitelist.ts

@@ -0,0 +1,246 @@
+/**
+ * Multi-Product Whitelist System
+ * Supports multiple products (Hivr, NordSym, partners) with namespaced agentIds
+ * 
+ * Format: product:agentId
+ * Examples: hivr:bytebee, nordsym:mollebot, partner_x:agent1
+ */
+
+interface ProductSource {
+  name: string;
+  convexUrl: string;
+  queryPath: string;
+  agentIdField: string;
+  authToken?: string;
+}
+
+// Product sources configuration
+const PRODUCT_SOURCES: ProductSource[] = [
+  {
+    name: 'hivr',
+    convexUrl: 'https://sensible-quail-275.convex.cloud',
+    queryPath: 'agents:list',
+    agentIdField: 'handle', // ✅ Fixed: Hivr agents use 'handle', not 'agentId'
+  },
+  // Add more products here as needed
+  // {
+  //   name: 'nordsym',
+  //   convexUrl: 'https://nordsym-deployment.convex.cloud',
+  //   queryPath: 'team:listAgents',
+  //   agentIdField: 'memberId',
+  // },
+];
+
+// Fallback static whitelist (emergency only)
+const STATIC_WHITELIST = [
+  'hivr:bytebee',
+  'hivr:analyzerbee',
+  'hivr:buildbee',
+  'hivr:buzzwriter',
+  'hivr:hivemind',
+  'hivr:hivesage',
+  'hivr:symbot',
+  'hivr:hivrqueen',
+  'hivr:marketmaven',
+  'hivr:reconbee',
+  'hivr:sprintbee',
+  'hivr:quillbee',
+];
+
+// Cache per product (5 minutes TTL)
+interface ProductCache {
+  agents: string[];
+  expiresAt: number;
+}
+
+const cache = new Map<string, ProductCache>();
+const CACHE_TTL = 5 * 60 * 1000; // 5 minutes
+
+/**
+ * Fetch agents from a single product source
+ */
+async function fetchFromProduct(source: ProductSource): Promise<string[]> {
+  try {
+    const headers: Record<string, string> = {
+      'Content-Type': 'application/json',
+    };
+    
+    if (source.authToken) {
+      headers['Authorization'] = `Bearer ${source.authToken}`;
+    }
+    
+    const response = await fetch(`${source.convexUrl}/api/query`, {
+      method: 'POST',
+      headers,
+      body: JSON.stringify({
+        path: source.queryPath,
+        args: {},
+      }),
+    });
+    
+    if (!response.ok) {
+      console.warn(`[Whitelist] ${source.name}: HTTP ${response.status}`);
+      return [];
+    }
+    
+    const result = await response.json() as any;
+    
+    // Convex HTTP API returns { status: "success", value: [...] }
+    const data = result.value || result;
+    
+    if (!Array.isArray(data)) {
+      console.warn(`[Whitelist] ${source.name}: Invalid response format`, typeof data);
+      return [];
+    }
+    
+    // Extract agentIds and add namespace
+    const agents = data
+      .map((item: any) => {
+        const agentId = item[source.agentIdField];
+        if (!agentId) return null;
+        return `${source.name}:${String(agentId).toLowerCase().trim()}`;
+      })
+      .filter((id): id is string => id !== null && id.length > 0);
+    
+    console.log(`[Whitelist] ${source.name}: Fetched ${agents.length} agents`);
+    return agents;
+    
+  } catch (error) {
+    console.error(`[Whitelist] ${source.name}: Fetch failed`, error);
+    return [];
+  }
+}
+
+/**
+ * Fetch and merge agents from all product sources
+ */
+async function fetchAllProducts(): Promise<string[]> {
+  const results = await Promise.allSettled(
+    PRODUCT_SOURCES.map(source => fetchFromProduct(source))
+  );
+  
+  const allAgents: string[] = [];
+  
+  for (const result of results) {
+    if (result.status === 'fulfilled') {
+      allAgents.push(...result.value);
+    }
+  }
+  
+  // If no products returned data, use static fallback
+  if (allAgents.length === 0) {
+    console.warn('[Whitelist] All sources failed, using static fallback');
+    return STATIC_WHITELIST;
+  }
+  
+  return allAgents;
+}
+
+/**
+ * Get current whitelist (cached or fresh)
+ */
+export async function getWhitelist(): Promise<string[]> {
+  const now = Date.now();
+  
+  // Check if any cache entry is still valid
+  const validCaches: string[] = [];
+  for (const [product, cached] of cache.entries()) {
+    if (now < cached.expiresAt) {
+      validCaches.push(...cached.agents);
+    }
+  }
+  
+  // If all caches valid, return merged
+  if (validCaches.length > 0 && cache.size === PRODUCT_SOURCES.length) {
+    return validCaches;
+  }
+  
+  // Fetch fresh data
+  const agents = await fetchAllProducts();
+  
+  // Update cache per product
+  const agentsByProduct = new Map<string, string[]>();
+  for (const agent of agents) {
+    const [product] = agent.split(':');
+    if (!agentsByProduct.has(product)) {
+      agentsByProduct.set(product, []);
+    }
+    agentsByProduct.get(product)!.push(agent);
+  }
+  
+  for (const [product, productAgents] of agentsByProduct.entries()) {
+    cache.set(product, {
+      agents: productAgents,
+      expiresAt: now + CACHE_TTL,
+    });
+  }
+  
+  return agents;
+}
+
+/**
+ * Check if agentId is authorized
+ * Supports both namespaced (product:agent) and legacy (agent) formats
+ */
+export async function isAuthorized(agentId: string | undefined): Promise<boolean> {
+  if (!agentId) return false;
+  
+  const normalized = agentId.toLowerCase().trim();
+  const whitelist = await getWhitelist();
+  
+  // Check exact match (namespaced)
+  if (whitelist.includes(normalized)) {
+    return true;
+  }
+  
+  // Legacy support: check if agentId matches any product's agent (without namespace)
+  // e.g., "bytebee" matches "hivr:bytebee"
+  if (!normalized.includes(':')) {
+    const legacyMatch = whitelist.some(entry => {
+      const [, agent] = entry.split(':');
+      return agent === normalized;
+    });
+    if (legacyMatch) {
+      console.log(`[Whitelist] Legacy match for ${normalized}`);
+      return true;
+    }
+  }
+  
+  return false;
+}
+
+/**
+ * Extract product name from agentId
+ */
+export function getProduct(agentId: string): string | null {
+  const [product] = agentId.split(':');
+  return product || null;
+}
+
+/**
+ * Force refresh whitelist (call after adding new agent)
+ */
+export function invalidateCache(product?: string): void {
+  if (product) {
+    cache.delete(product);
+    console.log(`[Whitelist] Cache invalidated for ${product}`);
+  } else {
+    cache.clear();
+    console.log('[Whitelist] All caches invalidated');
+  }
+}
+
+/**
+ * Add new product source dynamically
+ */
+export function addProductSource(source: ProductSource): void {
+  const existing = PRODUCT_SOURCES.find(s => s.name === source.name);
+  if (existing) {
+    console.warn(`[Whitelist] Product ${source.name} already exists, updating`);
+    Object.assign(existing, source);
+  } else {
+    PRODUCT_SOURCES.push(source);
+    console.log(`[Whitelist] Added product source: ${source.name}`);
+  }
+  invalidateCache(source.name);
+}

package/src/proxy.ts

@@ -33,4 +33,4 @@ export async function callProxy(provider: string, params: any): Promise<any> {
   return response.json();
 }
 
-export const PROXY_PROVIDERS = ["openrouter", "brave_search", "resend", "elevenlabs", "46elks", "twilio", "replicate", "firecrawl", "e2b", "groq", "deepgram", "serper", "mistral", "cohere", "together", "stability", "assemblyai", "github"];
+export const PROXY_PROVIDERS = ["openrouter", "brave_search", "resend", "elevenlabs", "46elks", "twilio", "replicate", "firecrawl", "e2b", "groq", "deepgram", "serper", "mistral", "cohere", "together", "stability", "assemblyai", "github", "apilayer"];

package/test-actual-handlers.ts

@@ -0,0 +1,92 @@
+import * as fs from 'fs';
+import * as path from 'path';
+import { homedir } from 'os';
+import { executeAPICall } from './src/execute.js';
+
+interface TestResult {
+  name: string;
+  success: boolean;
+  error?: string;
+}
+
+// Load credentials
+function loadEnv(): Record<string, string> {
+  const envPath = path.join(homedir(), '.secrets', 'apilayer.env');
+  const content = fs.readFileSync(envPath, 'utf-8');
+  const vars: Record<string, string> = {};
+  for (const line of content.split('\n')) {
+    const match = line.match(/^([^=]+)=(.*)$/);
+    if (match) {
+      vars[match[1].trim()] = match[2].trim();
+    }
+  }
+  return vars;
+}
+
+const env = loadEnv();
+
+const tests: Array<{ name: string; action: string; params: Record<string, unknown> }> = [
+  { name: 'ExchangeRate API', action: 'exchange_rates', params: {} },
+  { name: 'AviationStack API', action: 'aviation', params: {} },
+  { name: 'ScreenshotLayer API', action: 'screenshot', params: { url: 'https://example.com' } },
+  { name: 'Number Verification API', action: 'verify_number', params: { number: '+46701234567' } },
+  { name: 'Email Verification API', action: 'verify_email', params: { email: 'test@example.com' } },
+  { name: 'Marketstack API', action: 'market_data', params: { symbols: 'AAPL' } },
+  { name: 'VAT Layer API', action: 'vat_check', params: { vat_number: 'SE556012345601' } },
+  { name: 'Finance News API', action: 'finance_news', params: { tickers: 'AAPL' } },
+  { name: 'Image Crop API', action: 'image_crop', params: { url: 'https://example.com/image.jpg' } },
+  { name: 'Advanced Scraper API', action: 'scrape', params: { url: 'https://example.com' } },
+  { name: 'PDF Generate API', action: 'pdf_generate', params: { document_url: 'https://example.com' } },
+  { name: 'World News API', action: 'world_news', params: { url: 'https://example.com' } },
+  { name: 'Skills API', action: 'skills', params: { q: 'machine learning' } },
+  { name: 'Form API', action: 'form_submit', params: { endpoint: 'test' } },
+];
+
+async function runTests() {
+  console.log('🧪 Testing all 14 APILayer handlers via executeAPICall()\n');
+
+  const results: TestResult[] = [];
+  let working = 0;
+
+  for (const test of tests) {
+    try {
+      const result = await executeAPICall('apilayer', test.action, test.params);
+      const success = result.success === true;
+
+      if (success) {
+        working++;
+        console.log(`✅ ${test.name}`);
+      } else {
+        console.log(`❌ ${test.name}: ${result.error || 'unknown error'}`);
+      }
+
+      results.push({
+        name: test.name,
+        success,
+        error: result.error,
+      });
+    } catch (err) {
+      const errorMsg = err instanceof Error ? err.message : String(err);
+      console.log(`❌ ${test.name}: ${errorMsg}`);
+      results.push({
+        name: test.name,
+        success: false,
+        error: errorMsg,
+      });
+    }
+  }
+
+  console.log('\n' + '='.repeat(60));
+  console.log('📊 FINAL RESULTS');
+  console.log('='.repeat(60));
+  console.log(`\n✅ WORKING: ${working}/14`);
+  console.log(`❌ NOT WORKING: ${14 - working}/14\n`);
+
+  const failed = results.filter(r => !r.success);
+  if (failed.length > 0) {
+    console.log('Failed services:');
+    failed.forEach(r => console.log(`  • ${r.name}: ${r.error}`));
+  }
+}
+
+runTests().catch(console.error);

package/test-apilayer-all-14.ts

@@ -0,0 +1,249 @@
+import * as fs from 'fs';
+import * as path from 'path';
+import { homedir } from 'os';
+
+interface TestResult {
+  name: string;
+  endpoint: string;
+  status: number | string;
+  success: boolean;
+  error?: string;
+  responseTime: number;
+}
+
+const results: TestResult[] = [];
+
+// Load credentials
+function loadEnvFile(): Record<string, string> {
+  const envPath = path.join(homedir(), '.secrets', 'apilayer.env');
+  if (!fs.existsSync(envPath)) {
+    console.error(`❌ No credentials file at ${envPath}`);
+    process.exit(1);
+  }
+
+  const content = fs.readFileSync(envPath, 'utf-8');
+  const vars: Record<string, string> = {};
+  for (const line of content.split('\n')) {
+    const match = line.match(/^([^=]+)=(.*)$/);
+    if (match) {
+      vars[match[1].trim()] = match[2].trim().replace(/^['""]|["'"]$/g, '');
+    }
+  }
+  return vars;
+}
+
+const env = loadEnvFile();
+
+// Test configurations - ALL 14 APIs
+const tests = [
+  {
+    name: 'ExchangeRate API',
+    url: (key: string) => `https://api.apilayer.com/exchangerate?apikey=${key}`,
+    key: env.APILAYER_EXCHANGERATE_KEY,
+    method: 'GET',
+    authType: 'query'
+  },
+  {
+    name: 'AviationStack API',
+    url: (key: string) => `https://api.apilayer.com/aviationstack?access_key=${key}`,
+    key: env.APILAYER_AVIATIONSTACK_KEY,
+    method: 'GET',
+    authType: 'query'
+  },
+  {
+    name: 'PDF Layer API',
+    url: (key: string) => `https://api.apilayer.com/pdf?url=https://example.com`,
+    key: env.APILAYER_PDFLAYER_KEY,
+    method: 'GET',
+    authType: 'header'
+  },
+  {
+    name: 'Screenshot Layer API',
+    url: (key: string) => `https://api.apilayer.com/screenshot?url=https://example.com&access_key=${key}`,
+    key: env.APILAYER_SCREENSHOTLAYER_KEY,
+    method: 'GET',
+    authType: 'query'
+  },
+  {
+    name: 'SkillAPI',
+    url: (key: string) => `https://api.promptapi.com/skills?q=test`,
+    key: env.APILAYER_SKILLAPI_KEY,
+    method: 'GET',
+    authType: 'header',
+    domain: 'promptapi.com'
+  },
+  {
+    name: 'Image Crop API',
+    url: (key: string) => `https://api.apilayer.com/crop?url=https://example.com/image.jpg`,
+    key: env.APILAYER_IMAGECROP_KEY,
+    method: 'GET',
+    authType: 'header'
+  },
+  {
+    name: 'Form API',
+    url: (key: string) => `https://api.apilayer.com/form`,
+    key: env.APILAYER_FORMAPI_KEY,
+    method: 'POST',
+    authType: 'header',
+    body: 'Test Form'
+  },
+  {
+    name: 'Number Verification API',
+    url: (key: string) => `https://api.apilayer.com/validate?number=1234567890&access_key=${key}`,
+    key: env.APILAYER_NUMVERIFY_KEY,
+    method: 'GET',
+    authType: 'query'
+  },
+  {
+    name: 'Email Verification API',
+    url: (key: string) => `https://api.apilayer.com/check?email=test@example.com&access_key=${key}`,
+    key: env.APILAYER_EMAILVERIFY_KEY,
+    method: 'GET',
+    authType: 'query'
+  },
+  {
+    name: 'Marketstack API',
+    url: (key: string) => `https://api.apilayer.com/eod?symbols=AAPL&access_key=${key}`,
+    key: env.APILAYER_MARKETSTACK_KEY,
+    method: 'GET',
+    authType: 'query'
+  },
+  {
+    name: 'World News API',
+    url: (key: string) => `https://api.apilayer.com/worldnews?keywords=test`,
+    key: env.APILAYER_WORLDNEWS_KEY,
+    method: 'GET',
+    authType: 'header'
+  },
+  {
+    name: 'Advanced Scraper API',
+    url: (key: string) => `https://api.apilayer.com/scraper?url=https://example.com`,
+    key: env.APILAYER_SCRAPER_KEY,
+    method: 'GET',
+    authType: 'header'
+  },
+  {
+    name: 'Finance News API',
+    url: (key: string) => `https://api.apilayer.com/news?limit=5`,
+    key: env.APILAYER_FINANCENEWS_KEY,
+    method: 'GET',
+    authType: 'header'
+  },
+  {
+    name: 'VAT Layer API',
+    url: (key: string) => `https://api.apilayer.com/validate?country_code=SE&access_key=${key}`,
+    key: env.APILAYER_VATLAYER_KEY,
+    method: 'GET',
+    authType: 'query'
+  }
+];
+
+async function runTests() {
+  console.log('🧪 Testing all 14 APILayer services...\n');
+
+  for (const test of tests) {
+    if (!test.key) {
+      results.push({
+        name: test.name,
+        endpoint: 'N/A',
+        status: 'NO KEY',
+        success: false,
+        responseTime: 0
+      });
+      console.log(`❌ ${test.name}: NO API KEY FOUND`);
+      continue;
+    }
+
+    try {
+      const startTime = Date.now();
+      const url = test.url(test.key);
+
+      const headers: Record<string, string> = {
+        'Content-Type': 'application/json'
+      };
+
+      // Add API key as header if needed
+      if (test.authType === 'header') {
+        headers['apikey'] = test.key;
+      }
+
+      const options: RequestInit = {
+        method: test.method,
+        headers
+      };
+
+      if (test.body) {
+        options.body = test.body;
+      }
+
+      const response = await fetch(url, options);
+      const responseTime = Date.now() - startTime;
+
+      let success = false;
+      let error: string | undefined;
+
+      if (response.ok) {
+        success = true;
+        console.log(`✅ ${test.name}: ${response.status} (${responseTime}ms)`);
+      } else {
+        let errorMsg = `HTTP ${response.status}`;
+        try {
+          const body = await response.json();
+          if (body.message) {
+            errorMsg += ` - ${body.message}`;
+          }
+        } catch {
+          // body not JSON
+        }
+        error = errorMsg;
+        console.log(`❌ ${test.name}: ${errorMsg} (${responseTime}ms)`);
+      }
+
+      results.push({
+        name: test.name,
+        endpoint: url.split('?')[0],
+        status: response.status,
+        success,
+        error,
+        responseTime
+      });
+
+    } catch (err) {
+      const errorMsg = err instanceof Error ? err.message : String(err);
+      console.log(`❌ ${test.name}: ${errorMsg}`);
+
+      results.push({
+        name: test.name,
+        endpoint: 'N/A',
+        status: 'ERROR',
+        success: false,
+        error: errorMsg,
+        responseTime: 0
+      });
+    }
+  }
+
+  // Summary
+  console.log('\n' + '='.repeat(60));
+  console.log('📊 SUMMARY');
+  console.log('='.repeat(60));
+
+  const working = results.filter(r => r.success);
+  const failed = results.filter(r => !r.success);
+
+  console.log(`\n✅ Working (${working.length}):`);
+  working.forEach(r => {
+    console.log(`  • ${r.name}`);
+  });
+
+  if (failed.length > 0) {
+    console.log(`\n❌ Failed (${failed.length}):`);
+    failed.forEach(r => {
+      console.log(`  • ${r.name}: ${r.error}`);
+    });
+  }
+
+  console.log(`\n📈 Success rate: ${working.length}/${results.length} (${Math.round(working.length / results.length * 100)}%)`);
+}
+
+runTests().catch(console.error);