@openclaw/feishu 2026.2.2 → 2026.2.9

package/src/onboarding.ts

@@ -1,124 +1,113 @@
 import type {
   ChannelOnboardingAdapter,
   ChannelOnboardingDmPolicy,
+  ClawdbotConfig,
   DmPolicy,
-  OpenClawConfig,
   WizardPrompter,
 } from "openclaw/plugin-sdk";
-import {
-  addWildcardAllowFrom,
-  DEFAULT_ACCOUNT_ID,
-  formatDocsLink,
-  normalizeAccountId,
-  promptAccountId,
-} from "openclaw/plugin-sdk";
-import {
-  listFeishuAccountIds,
-  resolveDefaultFeishuAccountId,
-  resolveFeishuAccount,
-} from "openclaw/plugin-sdk";
+import { addWildcardAllowFrom, DEFAULT_ACCOUNT_ID, formatDocsLink } from "openclaw/plugin-sdk";
+import type { FeishuConfig } from "./types.js";
+import { resolveFeishuCredentials } from "./accounts.js";
+import { probeFeishu } from "./probe.js";
 
 const channel = "feishu" as const;
 
-function setFeishuDmPolicy(cfg: OpenClawConfig, policy: DmPolicy): OpenClawConfig {
+function setFeishuDmPolicy(cfg: ClawdbotConfig, dmPolicy: DmPolicy): ClawdbotConfig {
   const allowFrom =
-    policy === "open" ? addWildcardAllowFrom(cfg.channels?.feishu?.allowFrom) : undefined;
+    dmPolicy === "open"
+      ? addWildcardAllowFrom(cfg.channels?.feishu?.allowFrom)?.map((entry) => String(entry))
+      : undefined;
   return {
     ...cfg,
     channels: {
       ...cfg.channels,
       feishu: {
         ...cfg.channels?.feishu,
-        enabled: true,
-        dmPolicy: policy,
+        dmPolicy,
         ...(allowFrom ? { allowFrom } : {}),
       },
     },
   };
 }
 
-async function noteFeishuSetup(prompter: WizardPrompter): Promise<void> {
-  await prompter.note(
-    [
-      "Create a Feishu/Lark app and enable Bot + Event Subscription (WebSocket).",
-      "Copy the App ID and App Secret from the app credentials page.",
-      'Lark (global): use open.larksuite.com and set domain="lark".',
-      `Docs: ${formatDocsLink("/channels/feishu", "channels/feishu")}`,
-    ].join("\n"),
-    "Feishu setup",
-  );
-}
-
-function normalizeAllowEntry(entry: string): string {
-  return entry.replace(/^(feishu|lark):/i, "").trim();
+function setFeishuAllowFrom(cfg: ClawdbotConfig, allowFrom: string[]): ClawdbotConfig {
+  return {
+    ...cfg,
+    channels: {
+      ...cfg.channels,
+      feishu: {
+        ...cfg.channels?.feishu,
+        allowFrom,
+      },
+    },
+  };
 }
 
-function resolveDomainChoice(domain?: string | null): "feishu" | "lark" {
-  const normalized = String(domain ?? "").toLowerCase();
-  if (normalized.includes("lark") || normalized.includes("larksuite")) {
-    return "lark";
-  }
-  return "feishu";
+function parseAllowFromInput(raw: string): string[] {
+  return raw
+    .split(/[\n,;]+/g)
+    .map((entry) => entry.trim())
+    .filter(Boolean);
 }
 
 async function promptFeishuAllowFrom(params: {
-  cfg: OpenClawConfig;
+  cfg: ClawdbotConfig;
   prompter: WizardPrompter;
-  accountId?: string | null;
-}): Promise<OpenClawConfig> {
-  const { cfg, prompter } = params;
-  const accountId = normalizeAccountId(params.accountId);
-  const isDefault = accountId === DEFAULT_ACCOUNT_ID;
-  const existingAllowFrom = isDefault
-    ? (cfg.channels?.feishu?.allowFrom ?? [])
-    : (cfg.channels?.feishu?.accounts?.[accountId]?.allowFrom ?? []);
-
-  const entry = await prompter.text({
-    message: "Feishu allowFrom (open_id or union_id)",
-    placeholder: "ou_xxx",
-    initialValue: existingAllowFrom[0] ? String(existingAllowFrom[0]) : undefined,
-    validate: (value) => {
-      const raw = String(value ?? "").trim();
-      if (!raw) {
-        return "Required";
-      }
-      const entries = raw
-        .split(/[\n,;]+/g)
-        .map((item) => normalizeAllowEntry(item))
-        .filter(Boolean);
-      const invalid = entries.filter((item) => item !== "*" && !/^o[un]_[a-zA-Z0-9]+$/.test(item));
-      if (invalid.length > 0) {
-        return `Invalid Feishu ids: ${invalid.join(", ")}`;
-      }
-      return undefined;
-    },
-  });
+}): Promise<ClawdbotConfig> {
+  const existing = params.cfg.channels?.feishu?.allowFrom ?? [];
+  await params.prompter.note(
+    [
+      "Allowlist Feishu DMs by open_id or user_id.",
+      "You can find user open_id in Feishu admin console or via API.",
+      "Examples:",
+      "- ou_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
+      "- on_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
+    ].join("\n"),
+    "Feishu allowlist",
+  );
 
-  const parsed = String(entry)
-    .split(/[\n,;]+/g)
-    .map((item) => normalizeAllowEntry(item))
-    .filter(Boolean);
-  const merged = [
-    ...existingAllowFrom.map((item) => normalizeAllowEntry(String(item))),
-    ...parsed,
-  ].filter(Boolean);
-  const unique = Array.from(new Set(merged));
+  while (true) {
+    const entry = await params.prompter.text({
+      message: "Feishu allowFrom (user open_ids)",
+      placeholder: "ou_xxxxx, ou_yyyyy",
+      initialValue: existing[0] ? String(existing[0]) : undefined,
+      validate: (value) => (String(value ?? "").trim() ? undefined : "Required"),
+    });
+    const parts = parseAllowFromInput(String(entry));
+    if (parts.length === 0) {
+      await params.prompter.note("Enter at least one user.", "Feishu allowlist");
+      continue;
+    }
 
-  if (isDefault) {
-    return {
-      ...cfg,
-      channels: {
-        ...cfg.channels,
-        feishu: {
-          ...cfg.channels?.feishu,
-          enabled: true,
-          dmPolicy: "allowlist",
-          allowFrom: unique,
-        },
-      },
-    };
+    const unique = [
+      ...new Set([
+        ...existing.map((v: string | number) => String(v).trim()).filter(Boolean),
+        ...parts,
+      ]),
+    ];
+    return setFeishuAllowFrom(params.cfg, unique);
   }
+}
+
+async function noteFeishuCredentialHelp(prompter: WizardPrompter): Promise<void> {
+  await prompter.note(
+    [
+      "1) Go to Feishu Open Platform (open.feishu.cn)",
+      "2) Create a self-built app",
+      "3) Get App ID and App Secret from Credentials page",
+      "4) Enable required permissions: im:message, im:chat, contact:user.base:readonly",
+      "5) Publish the app or add it to a test group",
+      "Tip: you can also set FEISHU_APP_ID / FEISHU_APP_SECRET env vars.",
+      `Docs: ${formatDocsLink("/channels/feishu", "feishu")}`,
+    ].join("\n"),
+    "Feishu credentials",
+  );
+}
 
+function setFeishuGroupPolicy(
+  cfg: ClawdbotConfig,
+  groupPolicy: "open" | "allowlist" | "disabled",
+): ClawdbotConfig {
   return {
     ...cfg,
     channels: {
@@ -126,15 +115,20 @@ async function promptFeishuAllowFrom(params: {
       feishu: {
         ...cfg.channels?.feishu,
         enabled: true,
-        accounts: {
-          ...cfg.channels?.feishu?.accounts,
-          [accountId]: {
-            ...cfg.channels?.feishu?.accounts?.[accountId],
-            enabled: cfg.channels?.feishu?.accounts?.[accountId]?.enabled ?? true,
-            dmPolicy: "allowlist",
-            allowFrom: unique,
-          },
-        },
+        groupPolicy,
+      },
+    },
+  };
+}
+
+function setFeishuGroupAllowFrom(cfg: ClawdbotConfig, groupAllowFrom: string[]): ClawdbotConfig {
+  return {
+    ...cfg,
+    channels: {
+      ...cfg.channels,
+      feishu: {
+        ...cfg.channels?.feishu,
+        groupAllowFrom,
       },
     },
   };
@@ -145,134 +139,221 @@ const dmPolicy: ChannelOnboardingDmPolicy = {
   channel,
   policyKey: "channels.feishu.dmPolicy",
   allowFromKey: "channels.feishu.allowFrom",
-  getCurrent: (cfg) => cfg.channels?.feishu?.dmPolicy ?? "pairing",
+  getCurrent: (cfg) => (cfg.channels?.feishu as FeishuConfig | undefined)?.dmPolicy ?? "pairing",
   setPolicy: (cfg, policy) => setFeishuDmPolicy(cfg, policy),
   promptAllowFrom: promptFeishuAllowFrom,
 };
 
-function updateFeishuConfig(
-  cfg: OpenClawConfig,
-  accountId: string,
-  updates: { appId?: string; appSecret?: string; domain?: string; enabled?: boolean },
-): OpenClawConfig {
-  const isDefault = accountId === DEFAULT_ACCOUNT_ID;
-  const next = { ...cfg } as OpenClawConfig;
-  const feishu = { ...next.channels?.feishu } as Record<string, unknown>;
-  const accounts = feishu.accounts
-    ? { ...(feishu.accounts as Record<string, unknown>) }
-    : undefined;
-
-  if (isDefault && !accounts) {
-    return {
-      ...next,
-      channels: {
-        ...next.channels,
-        feishu: {
-          ...feishu,
-          ...updates,
-          enabled: updates.enabled ?? true,
-        },
-      },
-    };
-  }
-
-  const resolvedAccounts = accounts ?? {};
-  const existing = (resolvedAccounts[accountId] as Record<string, unknown>) ?? {};
-  resolvedAccounts[accountId] = {
-    ...existing,
-    ...updates,
-    enabled: updates.enabled ?? true,
-  };
-
-  return {
-    ...next,
-    channels: {
-      ...next.channels,
-      feishu: {
-        ...feishu,
-        accounts: resolvedAccounts,
-      },
-    },
-  };
-}
-
 export const feishuOnboardingAdapter: ChannelOnboardingAdapter = {
   channel,
-  dmPolicy,
   getStatus: async ({ cfg }) => {
-    const configured = listFeishuAccountIds(cfg).some((id) => {
-      const acc = resolveFeishuAccount({ cfg, accountId: id });
-      return acc.tokenSource !== "none";
-    });
+    const feishuCfg = cfg.channels?.feishu as FeishuConfig | undefined;
+    const configured = Boolean(resolveFeishuCredentials(feishuCfg));
+
+    // Try to probe if configured
+    let probeResult = null;
+    if (configured && feishuCfg) {
+      try {
+        probeResult = await probeFeishu(feishuCfg);
+      } catch {
+        // Ignore probe errors
+      }
+    }
+
+    const statusLines: string[] = [];
+    if (!configured) {
+      statusLines.push("Feishu: needs app credentials");
+    } else if (probeResult?.ok) {
+      statusLines.push(
+        `Feishu: connected as ${probeResult.botName ?? probeResult.botOpenId ?? "bot"}`,
+      );
+    } else {
+      statusLines.push("Feishu: configured (connection not verified)");
+    }
+
     return {
       channel,
       configured,
-      statusLines: [`Feishu: ${configured ? "configured" : "needs app credentials"}`],
-      selectionHint: configured ? "configured" : "requires app credentials",
-      quickstartScore: configured ? 1 : 10,
+      statusLines,
+      selectionHint: configured ? "configured" : "needs app creds",
+      quickstartScore: configured ? 2 : 0,
     };
   },
-  configure: async ({ cfg, prompter, accountOverrides, shouldPromptAccountIds }) => {
+
+  configure: async ({ cfg, prompter }) => {
+    const feishuCfg = cfg.channels?.feishu as FeishuConfig | undefined;
+    const resolved = resolveFeishuCredentials(feishuCfg);
+    const hasConfigCreds = Boolean(feishuCfg?.appId?.trim() && feishuCfg?.appSecret?.trim());
+    const canUseEnv = Boolean(
+      !hasConfigCreds && process.env.FEISHU_APP_ID?.trim() && process.env.FEISHU_APP_SECRET?.trim(),
+    );
+
     let next = cfg;
-    const override = accountOverrides.feishu?.trim();
-    const defaultId = resolveDefaultFeishuAccountId(next);
-    let accountId = override ? normalizeAccountId(override) : defaultId;
+    let appId: string | null = null;
+    let appSecret: string | null = null;
+
+    if (!resolved) {
+      await noteFeishuCredentialHelp(prompter);
+    }
 
-    if (shouldPromptAccountIds && !override) {
-      accountId = await promptAccountId({
-        cfg: next,
-        prompter,
-        label: "Feishu",
-        currentId: accountId,
-        listAccountIds: listFeishuAccountIds,
-        defaultAccountId: defaultId,
+    if (canUseEnv) {
+      const keepEnv = await prompter.confirm({
+        message: "FEISHU_APP_ID + FEISHU_APP_SECRET detected. Use env vars?",
+        initialValue: true,
       });
+      if (keepEnv) {
+        next = {
+          ...next,
+          channels: {
+            ...next.channels,
+            feishu: { ...next.channels?.feishu, enabled: true },
+          },
+        };
+      } else {
+        appId = String(
+          await prompter.text({
+            message: "Enter Feishu App ID",
+            validate: (value) => (value?.trim() ? undefined : "Required"),
+          }),
+        ).trim();
+        appSecret = String(
+          await prompter.text({
+            message: "Enter Feishu App Secret",
+            validate: (value) => (value?.trim() ? undefined : "Required"),
+          }),
+        ).trim();
+      }
+    } else if (hasConfigCreds) {
+      const keep = await prompter.confirm({
+        message: "Feishu credentials already configured. Keep them?",
+        initialValue: true,
+      });
+      if (!keep) {
+        appId = String(
+          await prompter.text({
+            message: "Enter Feishu App ID",
+            validate: (value) => (value?.trim() ? undefined : "Required"),
+          }),
+        ).trim();
+        appSecret = String(
+          await prompter.text({
+            message: "Enter Feishu App Secret",
+            validate: (value) => (value?.trim() ? undefined : "Required"),
+          }),
+        ).trim();
+      }
+    } else {
+      appId = String(
+        await prompter.text({
+          message: "Enter Feishu App ID",
+          validate: (value) => (value?.trim() ? undefined : "Required"),
+        }),
+      ).trim();
+      appSecret = String(
+        await prompter.text({
+          message: "Enter Feishu App Secret",
+          validate: (value) => (value?.trim() ? undefined : "Required"),
+        }),
+      ).trim();
     }
 
-    await noteFeishuSetup(prompter);
+    if (appId && appSecret) {
+      next = {
+        ...next,
+        channels: {
+          ...next.channels,
+          feishu: {
+            ...next.channels?.feishu,
+            enabled: true,
+            appId,
+            appSecret,
+          },
+        },
+      };
+
+      // Test connection
+      const testCfg = next.channels?.feishu as FeishuConfig;
+      try {
+        const probe = await probeFeishu(testCfg);
+        if (probe.ok) {
+          await prompter.note(
+            `Connected as ${probe.botName ?? probe.botOpenId ?? "bot"}`,
+            "Feishu connection test",
+          );
+        } else {
+          await prompter.note(
+            `Connection failed: ${probe.error ?? "unknown error"}`,
+            "Feishu connection test",
+          );
+        }
+      } catch (err) {
+        await prompter.note(`Connection test failed: ${String(err)}`, "Feishu connection test");
+      }
+    }
+
+    // Domain selection
+    const currentDomain = (next.channels?.feishu as FeishuConfig | undefined)?.domain ?? "feishu";
+    const domain = await prompter.select({
+      message: "Which Feishu domain?",
+      options: [
+        { value: "feishu", label: "Feishu (feishu.cn) - China" },
+        { value: "lark", label: "Lark (larksuite.com) - International" },
+      ],
+      initialValue: currentDomain,
+    });
+    if (domain) {
+      next = {
+        ...next,
+        channels: {
+          ...next.channels,
+          feishu: {
+            ...next.channels?.feishu,
+            domain: domain as "feishu" | "lark",
+          },
+        },
+      };
+    }
 
-    const resolved = resolveFeishuAccount({ cfg: next, accountId });
-    const domainChoice = await prompter.select({
-      message: "Feishu domain",
+    // Group policy
+    const groupPolicy = await prompter.select({
+      message: "Group chat policy",
       options: [
-        { value: "feishu", label: "Feishu (China) — open.feishu.cn" },
-        { value: "lark", label: "Lark (global) — open.larksuite.com" },
+        { value: "allowlist", label: "Allowlist - only respond in specific groups" },
+        { value: "open", label: "Open - respond in all groups (requires mention)" },
+        { value: "disabled", label: "Disabled - don't respond in groups" },
       ],
-      initialValue: resolveDomainChoice(resolved.config.domain),
+      initialValue: (next.channels?.feishu as FeishuConfig | undefined)?.groupPolicy ?? "allowlist",
     });
-    const domain = domainChoice === "lark" ? "lark" : "feishu";
+    if (groupPolicy) {
+      next = setFeishuGroupPolicy(next, groupPolicy as "open" | "allowlist" | "disabled");
+    }
 
-    const isDefault = accountId === DEFAULT_ACCOUNT_ID;
-    const envAppId = process.env.FEISHU_APP_ID?.trim();
-    const envSecret = process.env.FEISHU_APP_SECRET?.trim();
-    if (isDefault && envAppId && envSecret) {
-      const useEnv = await prompter.confirm({
-        message: "FEISHU_APP_ID/FEISHU_APP_SECRET detected. Use env vars?",
-        initialValue: true,
+    // Group allowlist if needed
+    if (groupPolicy === "allowlist") {
+      const existing = (next.channels?.feishu as FeishuConfig | undefined)?.groupAllowFrom ?? [];
+      const entry = await prompter.text({
+        message: "Group chat allowlist (chat_ids)",
+        placeholder: "oc_xxxxx, oc_yyyyy",
+        initialValue: existing.length > 0 ? existing.map(String).join(", ") : undefined,
       });
-      if (useEnv) {
-        next = updateFeishuConfig(next, accountId, { enabled: true, domain });
-        return { cfg: next, accountId };
+      if (entry) {
+        const parts = parseAllowFromInput(String(entry));
+        if (parts.length > 0) {
+          next = setFeishuGroupAllowFrom(next, parts);
+        }
       }
     }
-    const appId = String(
-      await prompter.text({
-        message: "Feishu App ID (cli_...)",
-        initialValue: resolved.config.appId?.trim() || undefined,
-        validate: (value) => (String(value ?? "").trim() ? undefined : "Required"),
-      }),
-    ).trim();
 
-    const appSecret = String(
-      await prompter.text({
-        message: "Feishu App Secret",
-        initialValue: resolved.config.appSecret?.trim() || undefined,
-        validate: (value) => (String(value ?? "").trim() ? undefined : "Required"),
-      }),
-    ).trim();
+    return { cfg: next, accountId: DEFAULT_ACCOUNT_ID };
+  },
 
-    next = updateFeishuConfig(next, accountId, { appId, appSecret, domain, enabled: true });
+  dmPolicy,
 
-    return { cfg: next, accountId };
-  },
+  disable: (cfg) => ({
+    ...cfg,
+    channels: {
+      ...cfg.channels,
+      feishu: { ...cfg.channels?.feishu, enabled: false },
+    },
+  }),
 };

package/src/outbound.ts

@@ -0,0 +1,55 @@
+import type { ChannelOutboundAdapter } from "openclaw/plugin-sdk";
+import { sendMediaFeishu } from "./media.js";
+import { getFeishuRuntime } from "./runtime.js";
+import { sendMessageFeishu } from "./send.js";
+
+export const feishuOutbound: ChannelOutboundAdapter = {
+  deliveryMode: "direct",
+  chunker: (text, limit) => getFeishuRuntime().channel.text.chunkMarkdownText(text, limit),
+  chunkerMode: "markdown",
+  textChunkLimit: 4000,
+  sendText: async ({ cfg, to, text, accountId }) => {
+    const result = await sendMessageFeishu({ cfg, to, text, accountId: accountId ?? undefined });
+    return { channel: "feishu", ...result };
+  },
+  sendMedia: async ({ cfg, to, text, mediaUrl, accountId }) => {
+    // Send text first if provided
+    if (text?.trim()) {
+      await sendMessageFeishu({ cfg, to, text, accountId: accountId ?? undefined });
+    }
+
+    // Upload and send media if URL provided
+    if (mediaUrl) {
+      try {
+        const result = await sendMediaFeishu({
+          cfg,
+          to,
+          mediaUrl,
+          accountId: accountId ?? undefined,
+        });
+        return { channel: "feishu", ...result };
+      } catch (err) {
+        // Log the error for debugging
+        console.error(`[feishu] sendMediaFeishu failed:`, err);
+        // Fallback to URL link if upload fails
+        const fallbackText = `📎 ${mediaUrl}`;
+        const result = await sendMessageFeishu({
+          cfg,
+          to,
+          text: fallbackText,
+          accountId: accountId ?? undefined,
+        });
+        return { channel: "feishu", ...result };
+      }
+    }
+
+    // No media URL, just return text result
+    const result = await sendMessageFeishu({
+      cfg,
+      to,
+      text: text ?? "",
+      accountId: accountId ?? undefined,
+    });
+    return { channel: "feishu", ...result };
+  },
+};

package/src/perm-schema.ts

@@ -0,0 +1,52 @@
+import { Type, type Static } from "@sinclair/typebox";
+
+const TokenType = Type.Union([
+  Type.Literal("doc"),
+  Type.Literal("docx"),
+  Type.Literal("sheet"),
+  Type.Literal("bitable"),
+  Type.Literal("folder"),
+  Type.Literal("file"),
+  Type.Literal("wiki"),
+  Type.Literal("mindnote"),
+]);
+
+const MemberType = Type.Union([
+  Type.Literal("email"),
+  Type.Literal("openid"),
+  Type.Literal("userid"),
+  Type.Literal("unionid"),
+  Type.Literal("openchat"),
+  Type.Literal("opendepartmentid"),
+]);
+
+const Permission = Type.Union([
+  Type.Literal("view"),
+  Type.Literal("edit"),
+  Type.Literal("full_access"),
+]);
+
+export const FeishuPermSchema = Type.Union([
+  Type.Object({
+    action: Type.Literal("list"),
+    token: Type.String({ description: "File token" }),
+    type: TokenType,
+  }),
+  Type.Object({
+    action: Type.Literal("add"),
+    token: Type.String({ description: "File token" }),
+    type: TokenType,
+    member_type: MemberType,
+    member_id: Type.String({ description: "Member ID (email, open_id, user_id, etc.)" }),
+    perm: Permission,
+  }),
+  Type.Object({
+    action: Type.Literal("remove"),
+    token: Type.String({ description: "File token" }),
+    type: TokenType,
+    member_type: MemberType,
+    member_id: Type.String({ description: "Member ID to remove" }),
+  }),
+]);
+
+export type FeishuPermParams = Static<typeof FeishuPermSchema>;