@openclaw/zalo 2026.2.21 → 2026.2.23

package/CHANGELOG.md

@@ -1,5 +1,11 @@
 # Changelog
 
+## 2026.2.22
+
+### Changes
+
+- Version alignment with core OpenClaw release numbers.
+
 ## 0.1.0
 
 ### Features

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/zalo",
-  "version": "2026.2.21",
+  "version": "2026.2.23",
   "description": "OpenClaw Zalo channel plugin",
   "type": "module",
   "dependencies": {

package/src/actions.ts

@@ -3,7 +3,7 @@ import type {
   ChannelMessageActionName,
   OpenClawConfig,
 } from "openclaw/plugin-sdk";
-import { jsonResult, readStringParam } from "openclaw/plugin-sdk";
+import { extractToolSend, jsonResult, readStringParam } from "openclaw/plugin-sdk";
 import { listEnabledZaloAccounts } from "./accounts.js";
 import { sendMessageZalo } from "./send.js";
 
@@ -25,18 +25,7 @@ export const zaloMessageActions: ChannelMessageActionAdapter = {
     return Array.from(actions);
   },
   supportsButtons: () => false,
-  extractToolSend: ({ args }) => {
-    const action = typeof args.action === "string" ? args.action.trim() : "";
-    if (action !== "sendMessage") {
-      return null;
-    }
-    const to = typeof args.to === "string" ? args.to : undefined;
-    if (!to) {
-      return null;
-    }
-    const accountId = typeof args.accountId === "string" ? args.accountId.trim() : undefined;
-    return { to, accountId };
-  },
+  extractToolSend: ({ args }) => extractToolSend(args, "sendMessage"),
   handleAction: async ({ action, params, cfg, accountId }) => {
     if (action === "send") {
       const to = readStringParam(params, "to", { required: true });

package/src/channel.ts

@@ -7,6 +7,7 @@ import type {
 import {
   applyAccountNameToChannelSection,
   buildChannelConfigSchema,
+  buildTokenChannelStatusSummary,
   DEFAULT_ACCOUNT_ID,
   deleteAccountFromConfigSection,
   chunkTextForOutbound,
@@ -309,17 +310,7 @@ export const zaloPlugin: ChannelPlugin<ResolvedZaloAccount> = {
       lastError: null,
     },
     collectStatusIssues: collectZaloStatusIssues,
-    buildChannelSummary: ({ snapshot }) => ({
-      configured: snapshot.configured ?? false,
-      tokenSource: snapshot.tokenSource ?? "none",
-      running: snapshot.running ?? false,
-      mode: snapshot.mode ?? null,
-      lastStartAt: snapshot.lastStartAt ?? null,
-      lastStopAt: snapshot.lastStopAt ?? null,
-      lastError: snapshot.lastError ?? null,
-      probe: snapshot.probe,
-      lastProbeAt: snapshot.lastProbeAt ?? null,
-    }),
+    buildChannelSummary: ({ snapshot }) => buildTokenChannelStatusSummary(snapshot),
     probeAccount: async ({ account, timeoutMs }) =>
       probeZalo(account.token, timeoutMs, resolveZaloProxyFetch(account.config.proxy)),
     buildAccountSnapshot: ({ account, runtime }) => {

package/src/monitor.ts

@@ -1,13 +1,16 @@
 import { timingSafeEqual } from "node:crypto";
 import type { IncomingMessage, ServerResponse } from "node:http";
-import type { OpenClawConfig, MarkdownTableMode } from "openclaw/plugin-sdk";
+import type { MarkdownTableMode, OpenClawConfig, OutboundReplyPayload } from "openclaw/plugin-sdk";
 import {
+  createDedupeCache,
   createReplyPrefixOptions,
   readJsonBodyWithLimit,
   registerWebhookTarget,
   rejectNonPostWebhookRequest,
   resolveSingleWebhookTarget,
   resolveSenderCommandAuthorization,
+  resolveOutboundMediaUrls,
+  sendMediaWithLeadingCaption,
   resolveWebhookPath,
   resolveWebhookTargets,
   requestBodyErrorToText,
@@ -92,7 +95,10 @@ type WebhookTarget = {
 
 const webhookTargets = new Map<string, WebhookTarget[]>();
 const webhookRateLimits = new Map<string, WebhookRateLimitState>();
-const recentWebhookEvents = new Map<string, number>();
+const recentWebhookEvents = createDedupeCache({
+  ttlMs: ZALO_WEBHOOK_REPLAY_WINDOW_MS,
+  maxSize: 5000,
+});
 const webhookStatusCounters = new Map<string, number>();
 
 function isJsonContentType(value: string | string[] | undefined): boolean {
@@ -141,22 +147,7 @@ function isReplayEvent(update: ZaloUpdate, nowMs: number): boolean {
     return false;
   }
   const key = `${update.event_name}:${messageId}`;
-  const seenAt = recentWebhookEvents.get(key);
-  recentWebhookEvents.set(key, nowMs);
-
-  if (seenAt && nowMs - seenAt < ZALO_WEBHOOK_REPLAY_WINDOW_MS) {
-    return true;
-  }
-
-  if (recentWebhookEvents.size > 5000) {
-    for (const [eventKey, timestamp] of recentWebhookEvents) {
-      if (nowMs - timestamp >= ZALO_WEBHOOK_REPLAY_WINDOW_MS) {
-        recentWebhookEvents.delete(eventKey);
-      }
-    }
-  }
-
-  return false;
+  return recentWebhookEvents.check(key, nowMs);
 }
 
 function recordWebhookStatus(
@@ -447,7 +438,7 @@ async function handleImageMessage(
   if (photo) {
     try {
       const maxBytes = mediaMaxMb * 1024 * 1024;
-      const fetched = await core.channel.media.fetchRemoteMedia({ url: photo });
+      const fetched = await core.channel.media.fetchRemoteMedia({ url: photo, maxBytes });
       const saved = await core.channel.media.saveMediaBuffer(
         fetched.buffer,
         fetched.contentType,
@@ -692,7 +683,7 @@ async function processMessageWithPipeline(params: {
 }
 
 async function deliverZaloReply(params: {
-  payload: { text?: string; mediaUrls?: string[]; mediaUrl?: string };
+  payload: OutboundReplyPayload;
   token: string;
   chatId: string;
   runtime: ZaloRuntimeEnv;
@@ -707,24 +698,18 @@ async function deliverZaloReply(params: {
   const tableMode = params.tableMode ?? "code";
   const text = core.channel.text.convertMarkdownTables(payload.text ?? "", tableMode);
 
-  const mediaList = payload.mediaUrls?.length
-    ? payload.mediaUrls
-    : payload.mediaUrl
-      ? [payload.mediaUrl]
-      : [];
-
-  if (mediaList.length > 0) {
-    let first = true;
-    for (const mediaUrl of mediaList) {
-      const caption = first ? text : undefined;
-      first = false;
-      try {
-        await sendPhoto(token, { chat_id: chatId, photo: mediaUrl, caption }, fetcher);
-        statusSink?.({ lastOutboundAt: Date.now() });
-      } catch (err) {
-        runtime.error?.(`Zalo photo send failed: ${String(err)}`);
-      }
-    }
+  const sentMedia = await sendMediaWithLeadingCaption({
+    mediaUrls: resolveOutboundMediaUrls(payload),
+    caption: text,
+    send: async ({ mediaUrl, caption }) => {
+      await sendPhoto(token, { chat_id: chatId, photo: mediaUrl, caption }, fetcher);
+      statusSink?.({ lastOutboundAt: Date.now() });
+    },
+    onError: (error) => {
+      runtime.error?.(`Zalo photo send failed: ${String(error)}`);
+    },
+  });
+  if (sentMedia) {
     return;
   }
 

package/src/monitor.webhook.test.ts

@@ -21,113 +21,84 @@ async function withServer(handler: RequestListener, fn: (baseUrl: string) => Pro
   }
 }
 
+const DEFAULT_ACCOUNT: ResolvedZaloAccount = {
+  accountId: "default",
+  enabled: true,
+  token: "tok",
+  tokenSource: "config",
+  config: {},
+};
+
+const webhookRequestHandler: RequestListener = async (req, res) => {
+  const handled = await handleZaloWebhookRequest(req, res);
+  if (!handled) {
+    res.statusCode = 404;
+    res.end("not found");
+  }
+};
+
+function registerTarget(params: {
+  path: string;
+  secret?: string;
+  statusSink?: (patch: { lastInboundAt?: number; lastOutboundAt?: number }) => void;
+}): () => void {
+  return registerZaloWebhookTarget({
+    token: "tok",
+    account: DEFAULT_ACCOUNT,
+    config: {} as OpenClawConfig,
+    runtime: {},
+    core: {} as PluginRuntime,
+    secret: params.secret ?? "secret",
+    path: params.path,
+    mediaMaxMb: 5,
+    statusSink: params.statusSink,
+  });
+}
+
 describe("handleZaloWebhookRequest", () => {
   it("returns 400 for non-object payloads", async () => {
-    const core = {} as PluginRuntime;
-    const account: ResolvedZaloAccount = {
-      accountId: "default",
-      enabled: true,
-      token: "tok",
-      tokenSource: "config",
-      config: {},
-    };
-    const unregister = registerZaloWebhookTarget({
-      token: "tok",
-      account,
-      config: {} as OpenClawConfig,
-      runtime: {},
-      core,
-      secret: "secret",
-      path: "/hook",
-      mediaMaxMb: 5,
-    });
+    const unregister = registerTarget({ path: "/hook" });
 
     try {
-      await withServer(
-        async (req, res) => {
-          const handled = await handleZaloWebhookRequest(req, res);
-          if (!handled) {
-            res.statusCode = 404;
-            res.end("not found");
-          }
-        },
-        async (baseUrl) => {
-          const response = await fetch(`${baseUrl}/hook`, {
-            method: "POST",
-            headers: {
-              "x-bot-api-secret-token": "secret",
-              "content-type": "application/json",
-            },
-            body: "null",
-          });
-
-          expect(response.status).toBe(400);
-          expect(await response.text()).toBe("Bad Request");
-        },
-      );
+      await withServer(webhookRequestHandler, async (baseUrl) => {
+        const response = await fetch(`${baseUrl}/hook`, {
+          method: "POST",
+          headers: {
+            "x-bot-api-secret-token": "secret",
+            "content-type": "application/json",
+          },
+          body: "null",
+        });
+
+        expect(response.status).toBe(400);
+        expect(await response.text()).toBe("Bad Request");
+      });
     } finally {
       unregister();
     }
   });
 
   it("rejects ambiguous routing when multiple targets match the same secret", async () => {
-    const core = {} as PluginRuntime;
-    const account: ResolvedZaloAccount = {
-      accountId: "default",
-      enabled: true,
-      token: "tok",
-      tokenSource: "config",
-      config: {},
-    };
     const sinkA = vi.fn();
     const sinkB = vi.fn();
-    const unregisterA = registerZaloWebhookTarget({
-      token: "tok",
-      account,
-      config: {} as OpenClawConfig,
-      runtime: {},
-      core,
-      secret: "secret",
-      path: "/hook",
-      mediaMaxMb: 5,
-      statusSink: sinkA,
-    });
-    const unregisterB = registerZaloWebhookTarget({
-      token: "tok",
-      account,
-      config: {} as OpenClawConfig,
-      runtime: {},
-      core,
-      secret: "secret",
-      path: "/hook",
-      mediaMaxMb: 5,
-      statusSink: sinkB,
-    });
+    const unregisterA = registerTarget({ path: "/hook", statusSink: sinkA });
+    const unregisterB = registerTarget({ path: "/hook", statusSink: sinkB });
 
     try {
-      await withServer(
-        async (req, res) => {
-          const handled = await handleZaloWebhookRequest(req, res);
-          if (!handled) {
-            res.statusCode = 404;
-            res.end("not found");
-          }
-        },
-        async (baseUrl) => {
-          const response = await fetch(`${baseUrl}/hook`, {
-            method: "POST",
-            headers: {
-              "x-bot-api-secret-token": "secret",
-              "content-type": "application/json",
-            },
-            body: "{}",
-          });
-
-          expect(response.status).toBe(401);
-          expect(sinkA).not.toHaveBeenCalled();
-          expect(sinkB).not.toHaveBeenCalled();
-        },
-      );
+      await withServer(webhookRequestHandler, async (baseUrl) => {
+        const response = await fetch(`${baseUrl}/hook`, {
+          method: "POST",
+          headers: {
+            "x-bot-api-secret-token": "secret",
+            "content-type": "application/json",
+          },
+          body: "{}",
+        });
+
+        expect(response.status).toBe(401);
+        expect(sinkA).not.toHaveBeenCalled();
+        expect(sinkB).not.toHaveBeenCalled();
+      });
     } finally {
       unregisterA();
       unregisterB();
@@ -135,73 +106,29 @@ describe("handleZaloWebhookRequest", () => {
   });
 
   it("returns 415 for non-json content-type", async () => {
-    const core = {} as PluginRuntime;
-    const account: ResolvedZaloAccount = {
-      accountId: "default",
-      enabled: true,
-      token: "tok",
-      tokenSource: "config",
-      config: {},
-    };
-    const unregister = registerZaloWebhookTarget({
-      token: "tok",
-      account,
-      config: {} as OpenClawConfig,
-      runtime: {},
-      core,
-      secret: "secret",
-      path: "/hook-content-type",
-      mediaMaxMb: 5,
-    });
+    const unregister = registerTarget({ path: "/hook-content-type" });
 
     try {
-      await withServer(
-        async (req, res) => {
-          const handled = await handleZaloWebhookRequest(req, res);
-          if (!handled) {
-            res.statusCode = 404;
-            res.end("not found");
-          }
-        },
-        async (baseUrl) => {
-          const response = await fetch(`${baseUrl}/hook-content-type`, {
-            method: "POST",
-            headers: {
-              "x-bot-api-secret-token": "secret",
-              "content-type": "text/plain",
-            },
-            body: "{}",
-          });
-
-          expect(response.status).toBe(415);
-        },
-      );
+      await withServer(webhookRequestHandler, async (baseUrl) => {
+        const response = await fetch(`${baseUrl}/hook-content-type`, {
+          method: "POST",
+          headers: {
+            "x-bot-api-secret-token": "secret",
+            "content-type": "text/plain",
+          },
+          body: "{}",
+        });
+
+        expect(response.status).toBe(415);
+      });
     } finally {
       unregister();
     }
   });
 
   it("deduplicates webhook replay by event_name + message_id", async () => {
-    const core = {} as PluginRuntime;
-    const account: ResolvedZaloAccount = {
-      accountId: "default",
-      enabled: true,
-      token: "tok",
-      tokenSource: "config",
-      config: {},
-    };
     const sink = vi.fn();
-    const unregister = registerZaloWebhookTarget({
-      token: "tok",
-      account,
-      config: {} as OpenClawConfig,
-      runtime: {},
-      core,
-      secret: "secret",
-      path: "/hook-replay",
-      mediaMaxMb: 5,
-      statusSink: sink,
-    });
+    const unregister = registerTarget({ path: "/hook-replay", statusSink: sink });
 
     const payload = {
       event_name: "message.text.received",
@@ -215,91 +142,56 @@ describe("handleZaloWebhookRequest", () => {
     };
 
     try {
-      await withServer(
-        async (req, res) => {
-          const handled = await handleZaloWebhookRequest(req, res);
-          if (!handled) {
-            res.statusCode = 404;
-            res.end("not found");
-          }
-        },
-        async (baseUrl) => {
-          const first = await fetch(`${baseUrl}/hook-replay`, {
-            method: "POST",
-            headers: {
-              "x-bot-api-secret-token": "secret",
-              "content-type": "application/json",
-            },
-            body: JSON.stringify(payload),
-          });
-          const second = await fetch(`${baseUrl}/hook-replay`, {
-            method: "POST",
-            headers: {
-              "x-bot-api-secret-token": "secret",
-              "content-type": "application/json",
-            },
-            body: JSON.stringify(payload),
-          });
-
-          expect(first.status).toBe(200);
-          expect(second.status).toBe(200);
-          expect(sink).toHaveBeenCalledTimes(1);
-        },
-      );
+      await withServer(webhookRequestHandler, async (baseUrl) => {
+        const first = await fetch(`${baseUrl}/hook-replay`, {
+          method: "POST",
+          headers: {
+            "x-bot-api-secret-token": "secret",
+            "content-type": "application/json",
+          },
+          body: JSON.stringify(payload),
+        });
+        const second = await fetch(`${baseUrl}/hook-replay`, {
+          method: "POST",
+          headers: {
+            "x-bot-api-secret-token": "secret",
+            "content-type": "application/json",
+          },
+          body: JSON.stringify(payload),
+        });
+
+        expect(first.status).toBe(200);
+        expect(second.status).toBe(200);
+        expect(sink).toHaveBeenCalledTimes(1);
+      });
     } finally {
       unregister();
     }
   });
 
   it("returns 429 when per-path request rate exceeds threshold", async () => {
-    const core = {} as PluginRuntime;
-    const account: ResolvedZaloAccount = {
-      accountId: "default",
-      enabled: true,
-      token: "tok",
-      tokenSource: "config",
-      config: {},
-    };
-    const unregister = registerZaloWebhookTarget({
-      token: "tok",
-      account,
-      config: {} as OpenClawConfig,
-      runtime: {},
-      core,
-      secret: "secret",
-      path: "/hook-rate",
-      mediaMaxMb: 5,
-    });
+    const unregister = registerTarget({ path: "/hook-rate" });
 
     try {
-      await withServer(
-        async (req, res) => {
-          const handled = await handleZaloWebhookRequest(req, res);
-          if (!handled) {
-            res.statusCode = 404;
-            res.end("not found");
-          }
-        },
-        async (baseUrl) => {
-          let saw429 = false;
-          for (let i = 0; i < 130; i += 1) {
-            const response = await fetch(`${baseUrl}/hook-rate`, {
-              method: "POST",
-              headers: {
-                "x-bot-api-secret-token": "secret",
-                "content-type": "application/json",
-              },
-              body: "{}",
-            });
-            if (response.status === 429) {
-              saw429 = true;
-              break;
-            }
+      await withServer(webhookRequestHandler, async (baseUrl) => {
+        let saw429 = false;
+        for (let i = 0; i < 130; i += 1) {
+          const response = await fetch(`${baseUrl}/hook-rate`, {
+            method: "POST",
+            headers: {
+              "x-bot-api-secret-token": "secret",
+              "content-type": "application/json",
+            },
+            body: "{}",
+          });
+          if (response.status === 429) {
+            saw429 = true;
+            break;
           }
+        }
 
-          expect(saw429).toBe(true);
-        },
-      );
+        expect(saw429).toBe(true);
+      });
     } finally {
       unregister();
     }