@openclaw/zalo 2026.5.2 → 2026.5.3-beta.2

package/src/token.test.ts

@@ -1,92 +0,0 @@
-import fs from "node:fs";
-import os from "node:os";
-import path from "node:path";
-import { describe, expect, it } from "vitest";
-import { resolveZaloToken } from "./token.js";
-import type { ZaloConfig } from "./types.js";
-
-describe("resolveZaloToken", () => {
-  it("falls back to top-level token for non-default accounts without overrides", () => {
-    const cfg = {
-      botToken: "top-level-token",
-      accounts: {
-        work: {},
-      },
-    } as ZaloConfig;
-    const res = resolveZaloToken(cfg, "work");
-    expect(res.token).toBe("top-level-token");
-    expect(res.source).toBe("config");
-  });
-
-  it("uses accounts.default botToken for default account when configured", () => {
-    const cfg = {
-      botToken: "top-level-token",
-      accounts: {
-        default: {
-          botToken: "default-account-token",
-        },
-      },
-    } as ZaloConfig;
-    const res = resolveZaloToken(cfg, "default");
-    expect(res.token).toBe("default-account-token");
-    expect(res.source).toBe("config");
-  });
-
-  it("uses configured defaultAccount token when accountId is omitted", () => {
-    const cfg = {
-      defaultAccount: "work",
-      botToken: "top-level-token",
-      accounts: {
-        work: {
-          botToken: "work-token",
-        },
-      },
-    } as ZaloConfig;
-    const res = resolveZaloToken(cfg);
-    expect(res.token).toBe("work-token");
-    expect(res.source).toBe("config");
-  });
-
-  it("does not inherit top-level token when account token is explicitly blank", () => {
-    const cfg = {
-      botToken: "top-level-token",
-      accounts: {
-        work: {
-          botToken: "",
-        },
-      },
-    } as ZaloConfig;
-    const res = resolveZaloToken(cfg, "work");
-    expect(res.token).toBe("");
-    expect(res.source).toBe("none");
-  });
-
-  it("resolves account token when account key casing differs from normalized id", () => {
-    const cfg = {
-      accounts: {
-        Work: {
-          botToken: "work-token",
-        },
-      },
-    } as ZaloConfig;
-    const res = resolveZaloToken(cfg, "work");
-    expect(res.token).toBe("work-token");
-    expect(res.source).toBe("config");
-  });
-
-  it.runIf(process.platform !== "win32")("rejects symlinked token files", () => {
-    const dir = fs.mkdtempSync(path.join(os.tmpdir(), "openclaw-zalo-token-"));
-    const tokenFile = path.join(dir, "token.txt");
-    const tokenLink = path.join(dir, "token-link.txt");
-    fs.writeFileSync(tokenFile, "file-token\n", "utf8");
-    fs.symlinkSync(tokenFile, tokenLink);
-
-    const cfg = {
-      tokenFile: tokenLink,
-    } as ZaloConfig;
-    const res = resolveZaloToken(cfg);
-    expect(res.token).toBe("");
-    expect(res.source).toBe("none");
-    fs.rmSync(dir, { recursive: true, force: true });
-  });
-});

package/src/token.ts

@@ -1,79 +0,0 @@
-import { DEFAULT_ACCOUNT_ID, normalizeAccountId } from "openclaw/plugin-sdk/account-id";
-import type { BaseTokenResolution } from "openclaw/plugin-sdk/channel-contract";
-import { tryReadSecretFileSync } from "openclaw/plugin-sdk/core";
-import { resolveAccountEntry } from "openclaw/plugin-sdk/routing";
-import { normalizeResolvedSecretInputString, normalizeSecretInputString } from "./secret-input.js";
-import type { ZaloConfig } from "./types.js";
-
-type ZaloTokenResolution = BaseTokenResolution & {
-  source: "env" | "config" | "configFile" | "none";
-};
-
-function readTokenFromFile(tokenFile: string | undefined): string {
-  return tryReadSecretFileSync(tokenFile, "Zalo token file", { rejectSymlink: true }) ?? "";
-}
-
-export function resolveZaloToken(
-  config: ZaloConfig | undefined,
-  accountId?: string | null,
-  options?: { allowUnresolvedSecretRef?: boolean },
-): ZaloTokenResolution {
-  const resolvedAccountId = normalizeAccountId(accountId ?? config?.defaultAccount);
-  const isDefaultAccount = resolvedAccountId === DEFAULT_ACCOUNT_ID;
-  const baseConfig = config;
-  const accountConfig = resolveAccountEntry(
-    baseConfig?.accounts as Record<string, ZaloConfig> | undefined,
-    normalizeAccountId(resolvedAccountId),
-  );
-  const accountHasBotToken = Boolean(
-    accountConfig && Object.prototype.hasOwnProperty.call(accountConfig, "botToken"),
-  );
-
-  if (accountConfig && accountHasBotToken) {
-    const token = options?.allowUnresolvedSecretRef
-      ? normalizeSecretInputString(accountConfig.botToken)
-      : normalizeResolvedSecretInputString({
-          value: accountConfig.botToken,
-          path: `channels.zalo.accounts.${resolvedAccountId}.botToken`,
-        });
-    if (token) {
-      return { token, source: "config" };
-    }
-    const fileToken = readTokenFromFile(accountConfig.tokenFile);
-    if (fileToken) {
-      return { token: fileToken, source: "configFile" };
-    }
-  }
-
-  if (!accountHasBotToken) {
-    const fileToken = readTokenFromFile(accountConfig?.tokenFile);
-    if (fileToken) {
-      return { token: fileToken, source: "configFile" };
-    }
-  }
-
-  if (!accountHasBotToken) {
-    const token = options?.allowUnresolvedSecretRef
-      ? normalizeSecretInputString(baseConfig?.botToken)
-      : normalizeResolvedSecretInputString({
-          value: baseConfig?.botToken,
-          path: "channels.zalo.botToken",
-        });
-    if (token) {
-      return { token, source: "config" };
-    }
-    const fileToken = readTokenFromFile(baseConfig?.tokenFile);
-    if (fileToken) {
-      return { token: fileToken, source: "configFile" };
-    }
-  }
-
-  if (isDefaultAccount) {
-    const envToken = process.env.ZALO_BOT_TOKEN?.trim();
-    if (envToken) {
-      return { token: envToken, source: "env" };
-    }
-  }
-
-  return { token: "", source: "none" };
-}

package/src/types.ts

@@ -1,50 +0,0 @@
-import type { SecretInput } from "openclaw/plugin-sdk/secret-input";
-
-export type ZaloAccountConfig = {
-  /** Optional display name for this account (used in CLI/UI lists). */
-  name?: string;
-  /** If false, do not start this Zalo account. Default: true. */
-  enabled?: boolean;
-  /** Bot token from Zalo Bot Creator. */
-  botToken?: SecretInput;
-  /** Path to file containing the bot token. */
-  tokenFile?: string;
-  /** Webhook URL for receiving updates (HTTPS required). */
-  webhookUrl?: string;
-  /** Webhook secret token (8-256 chars) for request verification. */
-  webhookSecret?: SecretInput;
-  /** Webhook path for the gateway HTTP server (defaults to webhook URL path). */
-  webhookPath?: string;
-  /** Direct message access policy (default: pairing). */
-  dmPolicy?: "pairing" | "allowlist" | "open" | "disabled";
-  /** Allowlist for DM senders (Zalo user IDs). */
-  allowFrom?: Array<string | number>;
-  /** Group-message access policy. */
-  groupPolicy?: "open" | "allowlist" | "disabled";
-  /** Allowlist for group senders (falls back to allowFrom when unset). */
-  groupAllowFrom?: Array<string | number>;
-  /** Max inbound media size in MB. */
-  mediaMaxMb?: number;
-  /** Proxy URL for API requests. */
-  proxy?: string;
-  /** Outbound response prefix override for this channel/account. */
-  responsePrefix?: string;
-};
-
-export type ZaloConfig = {
-  /** Optional per-account Zalo configuration (multi-account). */
-  accounts?: Record<string, ZaloAccountConfig>;
-  /** Default account ID when multiple accounts are configured. */
-  defaultAccount?: string;
-} & ZaloAccountConfig;
-
-type ZaloTokenSource = "env" | "config" | "configFile" | "none";
-
-export type ResolvedZaloAccount = {
-  accountId: string;
-  name?: string;
-  enabled: boolean;
-  token: string;
-  tokenSource: ZaloTokenSource;
-  config: ZaloAccountConfig;
-};

package/test-api.ts

@@ -1 +0,0 @@
-export { evaluateZaloGroupAccess, resolveZaloRuntimeGroupPolicy } from "./src/group-access.js";

package/tsconfig.json

@@ -1,16 +0,0 @@
-{
-  "extends": "../tsconfig.package-boundary.base.json",
-  "compilerOptions": {
-    "rootDir": "."
-  },
-  "include": ["./*.ts", "./src/**/*.ts"],
-  "exclude": [
-    "./**/*.test.ts",
-    "./dist/**",
-    "./node_modules/**",
-    "./src/test-support/**",
-    "./src/**/*test-helpers.ts",
-    "./src/**/*test-harness.ts",
-    "./src/**/*test-support.ts"
-  ]
-}