@searchfe/openclaw-baiduapp 0.1.0-beta.4 → 0.1.0-beta.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/index.d.ts +0 -8
  2. package/dist/index.js +23 -50
  3. package/dist/index.js.map +1 -1
  4. package/openclaw.plugin.json +1 -3
  5. package/package.json +1 -1
package/dist/index.d.ts CHANGED
@@ -7,7 +7,6 @@ interface BaiduAppAccountConfig {
7
7
  webhookPath?: string;
8
8
  token?: string;
9
9
  encodingAESKey?: string;
10
- receiveId?: string;
11
10
  appKey?: string;
12
11
  appSecret?: string;
13
12
  apiBase?: string;
@@ -26,7 +25,6 @@ interface ResolvedBaiduAppAccount {
26
25
  configured: boolean;
27
26
  token?: string;
28
27
  encodingAESKey?: string;
29
- receiveId: string;
30
28
  appKey?: string;
31
29
  appSecret?: string;
32
30
  apiBase: string;
@@ -130,9 +128,6 @@ declare const baiduAppPlugin: {
130
128
  encodingAESKey: {
131
129
  type: string;
132
130
  };
133
- receiveId: {
134
- type: string;
135
- };
136
131
  appKey: {
137
132
  type: string;
138
133
  };
@@ -179,9 +174,6 @@ declare const baiduAppPlugin: {
179
174
  encodingAESKey: {
180
175
  type: string;
181
176
  };
182
- receiveId: {
183
- type: string;
184
- };
185
177
  appKey: {
186
178
  type: string;
187
179
  };
package/dist/index.js CHANGED
@@ -4055,7 +4055,6 @@ var BaiduAppAccountSchema = external_exports.object({
4055
4055
  webhookPath: external_exports.string().optional(),
4056
4056
  token: external_exports.string().optional(),
4057
4057
  encodingAESKey: external_exports.string().optional(),
4058
- receiveId: external_exports.string().optional(),
4059
4058
  appKey: external_exports.string().optional(),
4060
4059
  appSecret: external_exports.string().optional(),
4061
4060
  apiBase: external_exports.string().optional(),
@@ -4077,7 +4076,6 @@ var BaiduAppConfigJsonSchema = {
4077
4076
  webhookPath: { type: "string" },
4078
4077
  token: { type: "string" },
4079
4078
  encodingAESKey: { type: "string" },
4080
- receiveId: { type: "string" },
4081
4079
  appKey: { type: "string" },
4082
4080
  appSecret: { type: "string" },
4083
4081
  apiBase: { type: "string" },
@@ -4096,7 +4094,6 @@ var BaiduAppConfigJsonSchema = {
4096
4094
  webhookPath: { type: "string" },
4097
4095
  token: { type: "string" },
4098
4096
  encodingAESKey: { type: "string" },
4099
- receiveId: { type: "string" },
4100
4097
  appKey: { type: "string" },
4101
4098
  appSecret: { type: "string" },
4102
4099
  apiBase: { type: "string" },
@@ -4159,7 +4156,6 @@ function resolveBaiduAppAccount(params) {
4159
4156
  const isDefaultAccount = accountId === DEFAULT_ACCOUNT_ID;
4160
4157
  const token = merged.token?.trim() || (isDefaultAccount ? process.env.BAIDU_APP_TOKEN?.trim() : void 0) || void 0;
4161
4158
  const encodingAESKey = merged.encodingAESKey?.trim() || (isDefaultAccount ? process.env.BAIDU_APP_ENCODING_AES_KEY?.trim() : void 0) || void 0;
4162
- const receiveId = merged.receiveId?.trim() ?? "";
4163
4159
  const appKey = merged.appKey?.trim() || (isDefaultAccount ? process.env.BAIDU_APP_KEY?.trim() : void 0) || void 0;
4164
4160
  const appSecret = merged.appSecret?.trim() || (isDefaultAccount ? process.env.BAIDU_APP_SECRET?.trim() : void 0) || void 0;
4165
4161
  const configured = Boolean(token && encodingAESKey);
@@ -4173,7 +4169,6 @@ function resolveBaiduAppAccount(params) {
4173
4169
  configured,
4174
4170
  token,
4175
4171
  encodingAESKey,
4176
- receiveId,
4177
4172
  appKey,
4178
4173
  appSecret,
4179
4174
  apiBase,
@@ -4525,15 +4520,7 @@ function decryptBaiduAppEncrypted(params) {
4525
4520
  if (msgEnd > decrypted.length) {
4526
4521
  throw new Error(`invalid decrypted msg length (msgEnd=${msgEnd}, payloadLength=${decrypted.length})`);
4527
4522
  }
4528
- const msg = decrypted.subarray(msgStart, msgEnd).toString("utf8");
4529
- const receiveId = params.receiveId ?? "";
4530
- if (receiveId) {
4531
- const trailing = decrypted.subarray(msgEnd).toString("utf8");
4532
- if (trailing !== receiveId) {
4533
- throw new Error(`receiveId mismatch (expected "${receiveId}", got "${trailing}")`);
4534
- }
4535
- }
4536
- return msg;
4523
+ return decrypted.subarray(msgStart, msgEnd).toString("utf8");
4537
4524
  }
4538
4525
  function encryptBaiduAppPlaintext(params) {
4539
4526
  const aesKey = decodeEncodingAESKey(params.encodingAESKey);
@@ -4542,8 +4529,7 @@ function encryptBaiduAppPlaintext(params) {
4542
4529
  const msg = Buffer.from(params.plaintext ?? "", "utf8");
4543
4530
  const msgLen = Buffer.alloc(4);
4544
4531
  msgLen.writeUInt32BE(msg.length, 0);
4545
- const receiveId = Buffer.from(params.receiveId ?? "", "utf8");
4546
- const raw = Buffer.concat([random16, msgLen, msg, receiveId]);
4532
+ const raw = Buffer.concat([random16, msgLen, msg]);
4547
4533
  const padded = pkcs7Pad(raw, PKCS7_BLOCK_SIZE);
4548
4534
  const cipher = crypto.createCipheriv("aes-256-cbc", aesKey, iv);
4549
4535
  cipher.setAutoPadding(false);
@@ -4627,8 +4613,13 @@ function splitMessageByBytes(text, maxBytes = MAX_MESSAGE_BYTES) {
4627
4613
  }
4628
4614
  function jsonOk(res, body) {
4629
4615
  res.statusCode = 200;
4630
- res.setHeader("Content-Type", "text/plain; charset=utf-8");
4631
- res.end(JSON.stringify(body));
4616
+ res.setHeader("Content-Type", "application/json; charset=utf-8");
4617
+ res.end(JSON.stringify({ status: 0, data: body }));
4618
+ }
4619
+ function jsonError(res, message, statusCode = 200) {
4620
+ res.statusCode = statusCode;
4621
+ res.setHeader("Content-Type", "application/json; charset=utf-8");
4622
+ res.end(JSON.stringify({ status: -1, message }));
4632
4623
  }
4633
4624
  async function readRawBody(req, maxBytes) {
4634
4625
  const chunks = [];
@@ -4685,7 +4676,6 @@ function buildEncryptedJsonReply(params) {
4685
4676
  const plaintext = JSON.stringify(params.plaintextJson ?? {});
4686
4677
  const encrypt = encryptBaiduAppPlaintext({
4687
4678
  encodingAESKey: params.account.encodingAESKey ?? "",
4688
- receiveId: params.account.receiveId ?? "",
4689
4679
  plaintext
4690
4680
  });
4691
4681
  const msgsignature = computeBaiduAppMsgSignature({
@@ -4774,7 +4764,6 @@ function decryptBaiduAppCandidates(params) {
4774
4764
  try {
4775
4765
  const plaintext = decryptBaiduAppEncrypted({
4776
4766
  encodingAESKey: candidate.account.encodingAESKey,
4777
- receiveId: candidate.account.receiveId,
4778
4767
  encrypt: params.encrypt
4779
4768
  });
4780
4769
  const msg = parseBaiduAppPlainMessage(plaintext);
@@ -4836,8 +4825,7 @@ async function handleBaiduAppWebhookRequest(req, res) {
4836
4825
  if (req.method === "GET") {
4837
4826
  const echostr = query.get("echostr") ?? "";
4838
4827
  if (!timestamp || !nonce || !signature || !echostr) {
4839
- res.statusCode = 400;
4840
- res.end("missing query params");
4828
+ jsonError(res, "missing query params", 400);
4841
4829
  return true;
4842
4830
  }
4843
4831
  const signatureMatched2 = targets.filter((candidate) => {
@@ -4853,14 +4841,12 @@ async function handleBaiduAppWebhookRequest(req, res) {
4853
4841
  });
4854
4842
  });
4855
4843
  if (signatureMatched2.length === 0) {
4856
- res.statusCode = 401;
4857
- res.end("unauthorized");
4844
+ jsonError(res, "unauthorized");
4858
4845
  return true;
4859
4846
  }
4860
4847
  const decryptable2 = signatureMatched2.filter((candidate) => Boolean(candidate.account.encodingAESKey));
4861
4848
  if (decryptable2.length === 0) {
4862
- res.statusCode = 401;
4863
- res.end("unauthorized");
4849
+ jsonError(res, "unauthorized");
4864
4850
  return true;
4865
4851
  }
4866
4852
  const decryptedCandidates2 = decryptBaiduAppCandidates({
@@ -4868,31 +4854,24 @@ async function handleBaiduAppWebhookRequest(req, res) {
4868
4854
  encrypt: echostr
4869
4855
  });
4870
4856
  if (decryptedCandidates2.length === 0) {
4871
- res.statusCode = 400;
4872
- res.end("decrypt failed");
4857
+ jsonError(res, "decrypt failed");
4873
4858
  return true;
4874
4859
  }
4875
4860
  const selected2 = selectDecryptedTarget({ candidates: decryptedCandidates2, logger });
4876
- res.statusCode = 200;
4877
- res.setHeader("Content-Type", "text/plain; charset=utf-8");
4878
- res.end(selected2.plaintext);
4861
+ jsonOk(res, selected2.plaintext);
4879
4862
  return true;
4880
4863
  }
4881
4864
  if (req.method !== "POST") {
4882
- res.statusCode = 405;
4883
- res.setHeader("Allow", "GET, POST");
4884
- res.end("Method Not Allowed");
4865
+ jsonError(res, "Method Not Allowed", 405);
4885
4866
  return true;
4886
4867
  }
4887
4868
  if (!timestamp || !nonce || !signature) {
4888
- res.statusCode = 400;
4889
- res.end("missing query params");
4869
+ jsonError(res, "missing query params");
4890
4870
  return true;
4891
4871
  }
4892
4872
  const body = await readRawBody(req, 1024 * 1024);
4893
4873
  if (!body.ok || !body.raw) {
4894
- res.statusCode = body.error === "payload too large" ? 413 : 400;
4895
- res.end(body.error ?? "invalid payload");
4874
+ jsonError(res, body.error ?? "invalid payload");
4896
4875
  return true;
4897
4876
  }
4898
4877
  const rawBody = body.raw;
@@ -4914,14 +4893,12 @@ async function handleBaiduAppWebhookRequest(req, res) {
4914
4893
  logger.info(`inbound json parsed: hasEncrypt=${Boolean(encrypt)}`);
4915
4894
  } catch {
4916
4895
  logger.warn(`inbound payload parse failed: not valid xml or json`);
4917
- res.statusCode = 400;
4918
- res.end("invalid payload format");
4896
+ jsonError(res, "invalid payload format");
4919
4897
  return true;
4920
4898
  }
4921
4899
  }
4922
4900
  if (!encrypt) {
4923
- res.statusCode = 400;
4924
- res.end("missing encrypt");
4901
+ jsonError(res, "missing encrypt");
4925
4902
  return true;
4926
4903
  }
4927
4904
  const signatureMatched = targets.filter((candidate) => {
@@ -4938,16 +4915,14 @@ async function handleBaiduAppWebhookRequest(req, res) {
4938
4915
  });
4939
4916
  if (signatureMatched.length === 0) {
4940
4917
  logger.warn(`signature verification failed: checked ${targets.length} account(s), none matched`);
4941
- res.statusCode = 401;
4942
- res.end("unauthorized");
4918
+ jsonError(res, "unauthorized");
4943
4919
  return true;
4944
4920
  }
4945
4921
  logger.debug(`signature verified: ${signatureMatched.length} account(s) matched`);
4946
4922
  const decryptable = signatureMatched.filter((candidate) => Boolean(candidate.account.encodingAESKey));
4947
4923
  if (decryptable.length === 0) {
4948
4924
  logger.warn(`no account has encodingAESKey configured`);
4949
- res.statusCode = 500;
4950
- res.end("baidu-app not configured");
4925
+ jsonError(res, "baidu-app not configured");
4951
4926
  return true;
4952
4927
  }
4953
4928
  const decryptedCandidates = decryptBaiduAppCandidates({
@@ -4956,16 +4931,14 @@ async function handleBaiduAppWebhookRequest(req, res) {
4956
4931
  });
4957
4932
  if (decryptedCandidates.length === 0) {
4958
4933
  logger.warn(`decrypt failed for all ${decryptable.length} candidate account(s)`);
4959
- res.statusCode = 400;
4960
- res.end("decrypt failed");
4934
+ jsonError(res, "decrypt failed");
4961
4935
  return true;
4962
4936
  }
4963
4937
  const selected = selectDecryptedTarget({ candidates: decryptedCandidates, logger });
4964
4938
  const target = selected.target;
4965
4939
  if (!target.account.configured || !target.account.token || !target.account.encodingAESKey) {
4966
4940
  logger.warn(`selected account ${target.account.accountId} not fully configured`);
4967
- res.statusCode = 500;
4968
- res.end("baidu-app not configured");
4941
+ jsonError(res, "baidu-app not configured");
4969
4942
  return true;
4970
4943
  }
4971
4944
  const msg = selected.msg;