@openclaw/zalouser 2026.3.12 → 2026.5.1-beta.2

package/src/accounts.ts

@@ -1,7 +1,19 @@
-import { DEFAULT_ACCOUNT_ID, normalizeAccountId } from "openclaw/plugin-sdk/account-id";
-import { createAccountListHelpers, type OpenClawConfig } from "openclaw/plugin-sdk/zalouser";
+import {
+  createAccountListHelpers,
+  DEFAULT_ACCOUNT_ID,
+  normalizeAccountId,
+  resolveMergedAccountConfig,
+} from "openclaw/plugin-sdk/account-resolution";
+import type { OpenClawConfig } from "openclaw/plugin-sdk/config-types";
+import { normalizeOptionalString } from "openclaw/plugin-sdk/text-runtime";
 import type { ResolvedZalouserAccount, ZalouserAccountConfig, ZalouserConfig } from "./types.js";
-import { checkZaloAuthenticated, getZaloUserInfo } from "./zalo-js.js";
+
+let zalouserAccountsRuntimePromise: Promise<typeof import("./accounts.runtime.js")> | undefined;
+
+async function loadZalouserAccountsRuntime() {
+  zalouserAccountsRuntimePromise ??= import("./accounts.runtime.js");
+  return await zalouserAccountsRuntimePromise;
+}
 
 const {
   listAccountIds: listZalouserAccountIds,
@@ -9,22 +21,20 @@ const {
 } = createAccountListHelpers("zalouser");
 export { listZalouserAccountIds, resolveDefaultZalouserAccountId };
 
-function resolveAccountConfig(
-  cfg: OpenClawConfig,
-  accountId: string,
-): ZalouserAccountConfig | undefined {
-  const accounts = (cfg.channels?.zalouser as ZalouserConfig | undefined)?.accounts;
-  if (!accounts || typeof accounts !== "object") {
-    return undefined;
-  }
-  return accounts[accountId] as ZalouserAccountConfig | undefined;
-}
-
 function mergeZalouserAccountConfig(cfg: OpenClawConfig, accountId: string): ZalouserAccountConfig {
-  const raw = (cfg.channels?.zalouser ?? {}) as ZalouserConfig;
-  const { accounts: _ignored, defaultAccount: _ignored2, ...base } = raw;
-  const account = resolveAccountConfig(cfg, accountId) ?? {};
-  return { ...base, ...account };
+  const merged = resolveMergedAccountConfig<ZalouserAccountConfig>({
+    channelConfig: cfg.channels?.zalouser as ZalouserAccountConfig | undefined,
+    accounts: (cfg.channels?.zalouser as ZalouserConfig | undefined)?.accounts as
+      | Record<string, Partial<ZalouserAccountConfig>>
+      | undefined,
+    accountId,
+    omitKeys: ["defaultAccount"],
+  });
+  return {
+    ...merged,
+    // Match Telegram's safe default: groups stay allowlisted unless explicitly opened.
+    groupPolicy: merged.groupPolicy ?? "allowlist",
+  };
 }
 
 function resolveProfile(config: ZalouserAccountConfig, accountId: string): string {
@@ -43,22 +53,31 @@ function resolveProfile(config: ZalouserAccountConfig, accountId: string): strin
   return "default";
 }
 
+function resolveZalouserAccountBase(params: { cfg: OpenClawConfig; accountId?: string | null }) {
+  const accountId = normalizeAccountId(
+    params.accountId ?? resolveDefaultZalouserAccountId(params.cfg),
+  );
+  const baseEnabled =
+    (params.cfg.channels?.zalouser as ZalouserConfig | undefined)?.enabled !== false;
+  const merged = mergeZalouserAccountConfig(params.cfg, accountId);
+  return {
+    accountId,
+    enabled: baseEnabled && merged.enabled !== false,
+    merged,
+    profile: resolveProfile(merged, accountId),
+  };
+}
+
 export async function resolveZalouserAccount(params: {
   cfg: OpenClawConfig;
   accountId?: string | null;
 }): Promise<ResolvedZalouserAccount> {
-  const accountId = normalizeAccountId(params.accountId);
-  const baseEnabled =
-    (params.cfg.channels?.zalouser as ZalouserConfig | undefined)?.enabled !== false;
-  const merged = mergeZalouserAccountConfig(params.cfg, accountId);
-  const accountEnabled = merged.enabled !== false;
-  const enabled = baseEnabled && accountEnabled;
-  const profile = resolveProfile(merged, accountId);
-  const authenticated = await checkZaloAuthenticated(profile);
+  const { accountId, enabled, merged, profile } = resolveZalouserAccountBase(params);
+  const authenticated = await (await loadZalouserAccountsRuntime()).checkZaloAuthenticated(profile);
 
   return {
     accountId,
-    name: merged.name?.trim() || undefined,
+    name: normalizeOptionalString(merged.name),
     enabled,
     profile,
     authenticated,
@@ -70,17 +89,11 @@ export function resolveZalouserAccountSync(params: {
   cfg: OpenClawConfig;
   accountId?: string | null;
 }): ResolvedZalouserAccount {
-  const accountId = normalizeAccountId(params.accountId);
-  const baseEnabled =
-    (params.cfg.channels?.zalouser as ZalouserConfig | undefined)?.enabled !== false;
-  const merged = mergeZalouserAccountConfig(params.cfg, accountId);
-  const accountEnabled = merged.enabled !== false;
-  const enabled = baseEnabled && accountEnabled;
-  const profile = resolveProfile(merged, accountId);
+  const { accountId, enabled, merged, profile } = resolveZalouserAccountBase(params);
 
   return {
     accountId,
-    name: merged.name?.trim() || undefined,
+    name: normalizeOptionalString(merged.name),
     enabled,
     profile,
     authenticated: false,
@@ -101,7 +114,7 @@ export async function listEnabledZalouserAccounts(
 export async function getZcaUserInfo(
   profile: string,
 ): Promise<{ userId?: string; displayName?: string } | null> {
-  const info = await getZaloUserInfo(profile);
+  const info = await (await loadZalouserAccountsRuntime()).getZaloUserInfo(profile);
   if (!info) {
     return null;
   }
@@ -111,6 +124,8 @@ export async function getZcaUserInfo(
   };
 }
 
-export { checkZaloAuthenticated as checkZcaAuthenticated };
+export async function checkZcaAuthenticated(profile: string): Promise<boolean> {
+  return await (await loadZalouserAccountsRuntime()).checkZaloAuthenticated(profile);
+}
 
 export type { ResolvedZalouserAccount } from "./types.js";

package/src/channel-api.ts

@@ -0,0 +1,20 @@
+export { formatAllowFromLowercase } from "openclaw/plugin-sdk/allow-from";
+export type {
+  ChannelDirectoryEntry,
+  ChannelGroupContext,
+  ChannelMessageActionAdapter,
+} from "openclaw/plugin-sdk/channel-contract";
+export { buildChannelConfigSchema } from "openclaw/plugin-sdk/channel-config-schema";
+export type { ChannelPlugin } from "openclaw/plugin-sdk/core";
+export {
+  DEFAULT_ACCOUNT_ID,
+  normalizeAccountId,
+  type OpenClawConfig,
+} from "openclaw/plugin-sdk/core";
+export { isDangerousNameMatchingEnabled } from "openclaw/plugin-sdk/dangerous-name-runtime";
+export type { GroupToolPolicyConfig } from "openclaw/plugin-sdk/config-types";
+export { chunkTextForOutbound } from "openclaw/plugin-sdk/text-chunking";
+export {
+  isNumericTargetId,
+  sendPayloadWithChunkedTextAndMedia,
+} from "openclaw/plugin-sdk/reply-payload";

package/src/channel.adapters.ts

@@ -0,0 +1,390 @@
+import { createScopedDmSecurityResolver } from "openclaw/plugin-sdk/channel-config-helpers";
+import { createPairingPrefixStripper } from "openclaw/plugin-sdk/channel-pairing";
+import {
+  createEmptyChannelResult,
+  createRawChannelSendResultAdapter,
+} from "openclaw/plugin-sdk/channel-send-result";
+import { createStaticReplyToModeResolver } from "openclaw/plugin-sdk/conversation-runtime";
+import { createLazyRuntimeModule } from "openclaw/plugin-sdk/lazy-runtime";
+import type { RuntimeEnv } from "openclaw/plugin-sdk/runtime-env";
+import { normalizeLowercaseStringOrEmpty } from "openclaw/plugin-sdk/text-runtime";
+import {
+  checkZcaAuthenticated,
+  listZalouserAccountIds,
+  resolveDefaultZalouserAccountId,
+  resolveZalouserAccountSync,
+  type ResolvedZalouserAccount,
+} from "./accounts.js";
+import type {
+  ChannelGroupContext,
+  ChannelMessageActionAdapter,
+  GroupToolPolicyConfig,
+  OpenClawConfig,
+} from "./channel-api.js";
+import {
+  DEFAULT_ACCOUNT_ID,
+  chunkTextForOutbound,
+  isDangerousNameMatchingEnabled,
+  isNumericTargetId,
+  normalizeAccountId,
+  sendPayloadWithChunkedTextAndMedia,
+} from "./channel-api.js";
+import { buildZalouserGroupCandidates, findZalouserGroupEntry } from "./group-policy.js";
+import { resolveZalouserReactionMessageIds } from "./message-sid.js";
+import { writeQrDataUrlToTempFile } from "./qr-temp-file.js";
+import { getZalouserRuntime } from "./runtime.js";
+import {
+  normalizeZalouserTarget,
+  parseZalouserOutboundTarget,
+  resolveZalouserOutboundSessionRoute,
+} from "./session-route.js";
+
+const loadZalouserChannelRuntime = createLazyRuntimeModule(() => import("./channel.runtime.js"));
+
+const ZALOUSER_TEXT_CHUNK_LIMIT = 2000;
+
+export function resolveZalouserQrProfile(accountId?: string | null): string {
+  const normalized = normalizeAccountId(accountId);
+  if (!normalized || normalized === DEFAULT_ACCOUNT_ID) {
+    return process.env.ZALOUSER_PROFILE?.trim() || process.env.ZCA_PROFILE?.trim() || "default";
+  }
+  return normalized;
+}
+
+function resolveZalouserOutboundChunkMode(cfg: OpenClawConfig, accountId?: string) {
+  return getZalouserRuntime().channel.text.resolveChunkMode(cfg, "zalouser", accountId);
+}
+
+function resolveZalouserOutboundTextChunkLimit(cfg: OpenClawConfig, accountId?: string) {
+  return getZalouserRuntime().channel.text.resolveTextChunkLimit(cfg, "zalouser", accountId, {
+    fallbackLimit: ZALOUSER_TEXT_CHUNK_LIMIT,
+  });
+}
+
+function resolveZalouserGroupPolicyEntry(params: ChannelGroupContext) {
+  const account = resolveZalouserAccountSync({
+    cfg: params.cfg,
+    accountId: params.accountId ?? undefined,
+  });
+  const groups = account.config.groups ?? {};
+  return findZalouserGroupEntry(
+    groups,
+    buildZalouserGroupCandidates({
+      groupId: params.groupId,
+      groupChannel: params.groupChannel,
+      includeWildcard: true,
+      allowNameMatching: isDangerousNameMatchingEnabled(account.config),
+    }),
+  );
+}
+
+function resolveZalouserGroupToolPolicy(
+  params: ChannelGroupContext,
+): GroupToolPolicyConfig | undefined {
+  return resolveZalouserGroupPolicyEntry(params)?.tools;
+}
+
+function resolveZalouserRequireMention(params: ChannelGroupContext): boolean {
+  const entry = resolveZalouserGroupPolicyEntry(params);
+  if (typeof entry?.requireMention === "boolean") {
+    return entry.requireMention;
+  }
+  return true;
+}
+
+const zalouserRawSendResultAdapter = createRawChannelSendResultAdapter({
+  channel: "zalouser",
+  sendText: async ({ to, text, accountId, cfg }) => {
+    const { sendMessageZalouser } = await loadZalouserChannelRuntime();
+    const account = resolveZalouserAccountSync({ cfg: cfg, accountId });
+    const target = parseZalouserOutboundTarget(to);
+    return await sendMessageZalouser(target.threadId, text, {
+      profile: account.profile,
+      isGroup: target.isGroup,
+      textMode: "markdown",
+      textChunkMode: resolveZalouserOutboundChunkMode(cfg, account.accountId),
+      textChunkLimit: resolveZalouserOutboundTextChunkLimit(cfg, account.accountId),
+    });
+  },
+  sendMedia: async ({ to, text, mediaUrl, accountId, cfg, mediaLocalRoots, mediaReadFile }) => {
+    const { sendMessageZalouser } = await loadZalouserChannelRuntime();
+    const account = resolveZalouserAccountSync({ cfg: cfg, accountId });
+    const target = parseZalouserOutboundTarget(to);
+    return await sendMessageZalouser(target.threadId, text, {
+      profile: account.profile,
+      isGroup: target.isGroup,
+      mediaUrl,
+      mediaLocalRoots,
+      mediaReadFile,
+      textMode: "markdown",
+      textChunkMode: resolveZalouserOutboundChunkMode(cfg, account.accountId),
+      textChunkLimit: resolveZalouserOutboundTextChunkLimit(cfg, account.accountId),
+    });
+  },
+});
+
+const resolveZalouserDmPolicy = createScopedDmSecurityResolver<ResolvedZalouserAccount>({
+  channelKey: "zalouser",
+  resolvePolicy: (account) => account.config.dmPolicy,
+  resolveAllowFrom: (account) => account.config.allowFrom,
+  policyPathSuffix: "dmPolicy",
+  normalizeEntry: (raw) => raw.trim().replace(/^(zalouser|zlu):/i, ""),
+});
+
+export const zalouserGroupsAdapter = {
+  resolveRequireMention: resolveZalouserRequireMention,
+  resolveToolPolicy: resolveZalouserGroupToolPolicy,
+};
+
+export const zalouserMessageActions: ChannelMessageActionAdapter = {
+  describeMessageTool: ({ cfg, accountId }) => {
+    const accounts = accountId
+      ? [resolveZalouserAccountSync({ cfg, accountId })].filter((account) => account.enabled)
+      : listZalouserAccountIds(cfg)
+          .map((resolvedAccountId) =>
+            resolveZalouserAccountSync({ cfg, accountId: resolvedAccountId }),
+          )
+          .filter((account) => account.enabled);
+    if (accounts.length === 0) {
+      return null;
+    }
+    return { actions: ["react"] };
+  },
+  supportsAction: ({ action }) => action === "react",
+  handleAction: async ({ action, params, cfg, accountId, toolContext }) => {
+    if (action !== "react") {
+      throw new Error(`Zalouser action ${action} not supported`);
+    }
+    const { sendReactionZalouser } = await loadZalouserChannelRuntime();
+    const account = resolveZalouserAccountSync({ cfg, accountId });
+    const threadId =
+      (typeof params.threadId === "string" ? params.threadId.trim() : "") ||
+      (typeof params.to === "string" ? params.to.trim() : "") ||
+      (typeof params.chatId === "string" ? params.chatId.trim() : "") ||
+      (toolContext?.currentChannelId?.trim() ?? "");
+    if (!threadId) {
+      throw new Error("Zalouser react requires threadId (or to/chatId).");
+    }
+    const emoji = typeof params.emoji === "string" ? params.emoji.trim() : "";
+    if (!emoji) {
+      throw new Error("Zalouser react requires emoji.");
+    }
+    const ids = resolveZalouserReactionMessageIds({
+      messageId: typeof params.messageId === "string" ? params.messageId : undefined,
+      cliMsgId: typeof params.cliMsgId === "string" ? params.cliMsgId : undefined,
+      currentMessageId: toolContext?.currentMessageId,
+    });
+    if (!ids) {
+      throw new Error(
+        "Zalouser react requires messageId + cliMsgId (or a current message context id).",
+      );
+    }
+    const result = await sendReactionZalouser({
+      profile: account.profile,
+      threadId,
+      isGroup: params.isGroup === true,
+      msgId: ids.msgId,
+      cliMsgId: ids.cliMsgId,
+      emoji,
+      remove: params.remove === true,
+    });
+    if (!result.ok) {
+      throw new Error(result.error || "Failed to react on Zalo message");
+    }
+    return {
+      content: [
+        {
+          type: "text" as const,
+          text:
+            params.remove === true
+              ? `Removed reaction ${emoji} from ${ids.msgId}`
+              : `Reacted ${emoji} on ${ids.msgId}`,
+        },
+      ],
+      details: {
+        messageId: ids.msgId,
+        cliMsgId: ids.cliMsgId,
+        threadId,
+      },
+    };
+  },
+};
+
+export const zalouserResolverAdapter = {
+  resolveTargets: async ({
+    cfg,
+    accountId,
+    inputs,
+    kind,
+    runtime,
+  }: {
+    cfg: OpenClawConfig;
+    accountId?: string | null;
+    inputs: string[];
+    kind: "user" | "group";
+    runtime: RuntimeEnv;
+  }) => {
+    const results = [];
+    for (const input of inputs) {
+      const trimmed = input.trim();
+      if (!trimmed) {
+        results.push({ input, resolved: false, note: "empty input" });
+        continue;
+      }
+      if (/^\d+$/.test(trimmed)) {
+        results.push({ input, resolved: true, id: trimmed });
+        continue;
+      }
+      try {
+        const runtimeModule = await loadZalouserChannelRuntime();
+        const account = resolveZalouserAccountSync({
+          cfg: cfg,
+          accountId: accountId ?? resolveDefaultZalouserAccountId(cfg),
+        });
+        if (kind === "user") {
+          const friends = await runtimeModule.listZaloFriendsMatching(account.profile, trimmed);
+          const best = friends[0];
+          results.push({
+            input,
+            resolved: Boolean(best?.userId),
+            id: best?.userId,
+            name: best?.displayName,
+            note: friends.length > 1 ? "multiple matches; chose first" : undefined,
+          });
+        } else {
+          const groups = await runtimeModule.listZaloGroupsMatching(account.profile, trimmed);
+          const best =
+            groups.find(
+              (group) =>
+                normalizeLowercaseStringOrEmpty(group.name) ===
+                normalizeLowercaseStringOrEmpty(trimmed),
+            ) ?? groups[0];
+          results.push({
+            input,
+            resolved: Boolean(best?.groupId),
+            id: best?.groupId,
+            name: best?.name,
+            note: groups.length > 1 ? "multiple matches; chose first" : undefined,
+          });
+        }
+      } catch (err) {
+        runtime.error?.(`zalouser resolve failed: ${String(err)}`);
+        results.push({ input, resolved: false, note: "lookup failed" });
+      }
+    }
+    return results;
+  },
+};
+
+export const zalouserAuthAdapter = {
+  login: async ({
+    cfg,
+    accountId,
+    runtime,
+  }: {
+    cfg: OpenClawConfig;
+    accountId?: string | null;
+    runtime: RuntimeEnv;
+  }) => {
+    const { startZaloQrLogin, waitForZaloQrLogin } = await loadZalouserChannelRuntime();
+    const account = resolveZalouserAccountSync({
+      cfg: cfg,
+      accountId: accountId ?? resolveDefaultZalouserAccountId(cfg),
+    });
+
+    runtime.log(
+      `Generating QR login for Zalo Personal (account: ${account.accountId}, profile: ${account.profile})...`,
+    );
+
+    const started = await startZaloQrLogin({
+      profile: account.profile,
+      timeoutMs: 35_000,
+    });
+    if (!started.qrDataUrl) {
+      throw new Error(started.message || "Failed to start QR login");
+    }
+
+    const qrPath = await writeQrDataUrlToTempFile(started.qrDataUrl, account.profile);
+    if (qrPath) {
+      runtime.log(`Scan QR image: ${qrPath}`);
+    } else {
+      runtime.log("QR generated but could not be written to a temp file.");
+    }
+
+    const waited = await waitForZaloQrLogin({ profile: account.profile, timeoutMs: 180_000 });
+    if (!waited.connected) {
+      throw new Error(waited.message || "Zalouser login failed");
+    }
+
+    runtime.log(waited.message);
+  },
+};
+
+export const zalouserSecurityAdapter = {
+  resolveDmPolicy: resolveZalouserDmPolicy,
+  collectAuditFindings: async (params: {
+    accountId?: string | null;
+    account: ResolvedZalouserAccount;
+    orderedAccountIds: string[];
+    hasExplicitAccountPath: boolean;
+  }) => (await loadZalouserChannelRuntime()).collectZalouserSecurityAuditFindings(params),
+};
+
+export const zalouserThreadingAdapter = {
+  resolveReplyToMode: createStaticReplyToModeResolver("off"),
+};
+
+export const zalouserPairingTextAdapter = {
+  idLabel: "zalouserUserId",
+  message: "Your pairing request has been approved.",
+  normalizeAllowEntry: createPairingPrefixStripper(/^(zalouser|zlu):/i),
+  notify: async ({ cfg, id, message }: { cfg: OpenClawConfig; id: string; message: string }) => {
+    const { sendMessageZalouser } = await loadZalouserChannelRuntime();
+    const account = resolveZalouserAccountSync({ cfg: cfg });
+    const authenticated = await checkZcaAuthenticated(account.profile);
+    if (!authenticated) {
+      throw new Error("Zalouser not authenticated");
+    }
+    await sendMessageZalouser(id, message, {
+      profile: account.profile,
+    });
+  },
+};
+
+export const zalouserOutboundAdapter = {
+  deliveryMode: "direct" as const,
+  chunker: chunkTextForOutbound,
+  chunkerMode: "markdown" as const,
+  sendPayload: async (
+    ctx: { payload: object } & Parameters<
+      NonNullable<typeof zalouserRawSendResultAdapter.sendText>
+    >[0],
+  ) =>
+    await sendPayloadWithChunkedTextAndMedia({
+      ctx,
+      sendText: (nextCtx) => zalouserRawSendResultAdapter.sendText!(nextCtx),
+      sendMedia: (nextCtx) => zalouserRawSendResultAdapter.sendMedia!(nextCtx),
+      emptyResult: createEmptyChannelResult("zalouser"),
+    }),
+  ...zalouserRawSendResultAdapter,
+};
+
+export const zalouserMessagingAdapter = {
+  normalizeTarget: (raw: string) => normalizeZalouserTarget(raw),
+  resolveOutboundSessionRoute: (
+    params: Parameters<typeof resolveZalouserOutboundSessionRoute>[0],
+  ) => resolveZalouserOutboundSessionRoute(params),
+  targetResolver: {
+    looksLikeId: (raw: string) => {
+      const normalized = normalizeZalouserTarget(raw);
+      if (!normalized) {
+        return false;
+      }
+      if (/^group:[^\s]+$/i.test(normalized) || /^user:[^\s]+$/i.test(normalized)) {
+        return true;
+      }
+      return isNumericTargetId(normalized);
+    },
+    hint: "<user:id|group:id>",
+  },
+};

package/src/channel.directory.test.ts

@@ -1,72 +1,59 @@
-import type { RuntimeEnv } from "openclaw/plugin-sdk/zalouser";
-import { describe, expect, it, vi } from "vitest";
-
-const listZaloGroupMembersMock = vi.hoisted(() => vi.fn(async () => []));
-
-vi.mock("./zalo-js.js", async (importOriginal) => {
-  const actual = (await importOriginal()) as Record<string, unknown>;
-  return {
-    ...actual,
-    listZaloGroupMembers: listZaloGroupMembersMock,
-  };
-});
-
-vi.mock("./accounts.js", async (importOriginal) => {
-  const actual = (await importOriginal()) as Record<string, unknown>;
-  return {
-    ...actual,
-    resolveZalouserAccountSync: () => ({
-      accountId: "default",
-      profile: "default",
-      name: "test",
-      enabled: true,
-      authenticated: true,
-      config: {},
-    }),
-  };
-});
-
-import { zalouserPlugin } from "./channel.js";
-
-const runtimeStub: RuntimeEnv = {
-  log: vi.fn(),
-  error: vi.fn(),
-  exit: ((code: number): never => {
-    throw new Error(`exit ${code}`);
-  }) as RuntimeEnv["exit"],
-};
+import { beforeEach, describe, expect, it } from "vitest";
+import "./accounts.test-mocks.js";
+import { listZalouserDirectoryGroupMembers } from "./directory.js";
+import "./zalo-js.test-mocks.js";
+import { listZaloGroupMembersMock } from "./zalo-js.test-mocks.js";
 
 describe("zalouser directory group members", () => {
-  it("accepts prefixed group ids from directory groups list output", async () => {
-    await zalouserPlugin.directory!.listGroupMembers!({
-      cfg: {},
-      accountId: "default",
-      groupId: "group:1471383327500481391",
-      runtime: runtimeStub,
-    });
+  beforeEach(() => {
+    listZaloGroupMembersMock.mockClear();
+  });
 
-    expect(listZaloGroupMembersMock).toHaveBeenCalledWith("default", "1471383327500481391");
+  it("accepts prefixed group ids from directory groups list output", async () => {
+    await listZalouserDirectoryGroupMembers(
+      {
+        cfg: {},
+        accountId: "default",
+        groupId: "group:1471383327500481391",
+      },
+      {
+        listZaloGroupMembers: async (profile, groupId) =>
+          await listZaloGroupMembersMock(profile, groupId),
+      },
+    );
+
+    expect(listZaloGroupMembersMock).toHaveBeenLastCalledWith("default", "1471383327500481391");
   });
 
   it("keeps backward compatibility for raw group ids", async () => {
-    await zalouserPlugin.directory!.listGroupMembers!({
-      cfg: {},
-      accountId: "default",
-      groupId: "1471383327500481391",
-      runtime: runtimeStub,
-    });
-
-    expect(listZaloGroupMembersMock).toHaveBeenCalledWith("default", "1471383327500481391");
+    await listZalouserDirectoryGroupMembers(
+      {
+        cfg: {},
+        accountId: "default",
+        groupId: "1471383327500481391",
+      },
+      {
+        listZaloGroupMembers: async (profile, groupId) =>
+          await listZaloGroupMembersMock(profile, groupId),
+      },
+    );
+
+    expect(listZaloGroupMembersMock).toHaveBeenLastCalledWith("default", "1471383327500481391");
   });
 
   it("accepts provider-native g- group ids without stripping the prefix", async () => {
-    await zalouserPlugin.directory!.listGroupMembers!({
-      cfg: {},
-      accountId: "default",
-      groupId: "g-1471383327500481391",
-      runtime: runtimeStub,
-    });
-
-    expect(listZaloGroupMembersMock).toHaveBeenCalledWith("default", "g-1471383327500481391");
+    await listZalouserDirectoryGroupMembers(
+      {
+        cfg: {},
+        accountId: "default",
+        groupId: "g-1471383327500481391",
+      },
+      {
+        listZaloGroupMembers: async (profile, groupId) =>
+          await listZaloGroupMembersMock(profile, groupId),
+      },
+    );
+
+    expect(listZaloGroupMembersMock).toHaveBeenLastCalledWith("default", "g-1471383327500481391");
   });
 });

package/src/channel.runtime.ts

@@ -0,0 +1,12 @@
+export { probeZalouser } from "./probe.js";
+export { collectZalouserSecurityAuditFindings } from "./security-audit.js";
+export { sendMessageZalouser, sendReactionZalouser } from "./send.js";
+export {
+  listZaloFriendsMatching,
+  listZaloGroupMembers,
+  listZaloGroupsMatching,
+  logoutZaloProfile,
+  startZaloQrLogin,
+  waitForZaloQrLogin,
+  getZaloUserInfo,
+} from "./zalo-js.js";