@searchfe/openclaw-baiduapp 0.1.9-beta.1 → 0.1.9-beta.2

package/dist/index.js

@@ -2,7 +2,7 @@ import { spawnSync } from 'child_process';
 import readline from 'readline';
 import path2 from 'path';
 import { fileURLToPath } from 'url';
-import crypto2 from 'crypto';
+import crypto from 'crypto';
 import { createRequire } from 'module';
 import { lookup } from 'dns/promises';
 import fs2 from 'fs/promises';
@@ -4334,7 +4334,7 @@ function createLogger(prefix, opts) {
   };
 }
 function sha1Hex(input) {
-  return crypto2.createHash("sha1").update(input).digest("hex");
+  return crypto.createHash("sha1").update(input).digest("hex");
 }
 function computeAKSKBearerToken(params) {
   return sha1Hex(params.ak + params.sk + params.timestamp + params.nonce);
@@ -4349,19 +4349,22 @@ function verifyAKSKBearerToken(params) {
   return expected === params.token;
 }
 function generateNonce() {
-  return crypto2.randomBytes(8).toString("hex");
+  return crypto.randomBytes(8).toString("hex");
 }
 function buildAuthorizationHeader(params) {
   const token = computeAKSKBearerToken(params);
   return `Bearer ${token}`;
 }
+
+// src/types.ts
+var DEFAULT_BAIDU_APP_SESSION_ID = "agent:main:main";
 var require2 = createRequire(import.meta.url);
 var pkg = require2("../package.json");
 var PLUGIN_VERSION = pkg.version;
 
 // src/api.ts
 var logger = createLogger("openclaw-baiduapp");
-var DEFAULT_sessionId = "agent:main:main";
+var DEFAULT_sessionId = DEFAULT_BAIDU_APP_SESSION_ID;
 async function sendBaiduAppMessage(account, message, options) {
   if (!account.canSendActive) {
     logger.error("Account not configured for active sending (missing appKey or appSecret)");
@@ -4424,6 +4427,15 @@ async function sendBaiduAppMessage(account, message, options) {
     logger.error(`request failed: ${errmsg}`);
     return { ok: false, errcode: resp.status, errmsg };
   }
+  if (data.code !== 0) {
+    const errmsg = data.msg ?? `channel callback failed with code ${String(data.code)}`;
+    logger.error(`request failed: ${errmsg}`);
+    return {
+      ok: false,
+      errcode: data.code,
+      errmsg
+    };
+  }
   const result = {
     ok: true
   };
@@ -4769,92 +4781,122 @@ var require3 = createRequire(import.meta.url);
 var BaiduCloudSdk = require3("@baiducloud/sdk");
 var DefaultBosClient = BaiduCloudSdk.BosClient;
 var MAX_DOWNLOAD_REDIRECTS = 5;
-var EMPTY_QUERY_MD5 = crypto2.createHash("md5").update("").digest("hex");
-var SKS_BASE_TOKEN_POSITIONS = [12, 37, 5, 23, 48, 15, 62, 33];
-async function fetchSksCredentials(account, deps = {}) {
-  if (!account.appKey?.trim()) {
-    throw new Error("Cannot fetch SKS credentials without account.appKey");
-  }
-  if (!account.appSecret?.trim()) {
-    throw new Error("Cannot fetch SKS credentials without account.appSecret");
-  }
-  const fetchImpl = deps.fetchImpl ?? fetch;
-  const apiBase = account.apiBase.replace(/\/+$/, "");
-  const pageLid = deps.createPageLid?.() ?? generateSksPageLid();
-  const timestamp = String((deps.now?.() ?? /* @__PURE__ */ new Date()).getTime());
-  const token = createSksRequestToken({ pageLid, timestamp });
-  const url = `${apiBase}/channel/file/sts?ak=${encodeURIComponent(account.appKey)}&sk=${encodeURIComponent(account.appSecret)}&tk=${encodeURIComponent(token)}`;
-  const response = await fetchImpl(url, { method: "POST" });
-  if (!response.ok) {
-    throw new Error(`SKS request failed with HTTP ${response.status}`);
-  }
-  let payload;
-  try {
-    payload = await response.json();
-  } catch (error) {
-    throw new Error(`SKS response is not valid JSON: ${formatError(error)}`, { cause: error });
-  }
-  return parseSksCredentialsFromPayload(payload);
-}
-function parseSksCredentialsFromPayload(payload) {
-  const parsed = parseSksResponse(payload);
-  if (parsed.status !== 0) {
-    throw new Error(`SKS request failed with status ${parsed.status}`);
+async function fetchFileUploadSts(options, deps = {}) {
+  assertAccountCanUseChannelApi(options.account);
+  const responsePayload = await postAuthenticatedChannelJson(
+    options.account,
+    "/channel/file/sts",
+    {
+      sessionId: options.sessionId ?? DEFAULT_BAIDU_APP_SESSION_ID,
+      filename: requireSafeDisplayFileName(options.filename),
+      fileSize: options.fileSize,
+      fileType: normalizeOutboundFileType(options.fileType),
+      ...options.md5 ? { md5: options.md5 } : {}
+    },
+    deps
+  );
+  const envelope = parseChannelEnvelope(responsePayload, "file STS");
+  const data = envelope.data;
+  if (!data) {
+    throw new Error("file STS response missing data");
   }
-  if (!parsed.data) {
-    throw new Error("SKS response missing data");
+  const fileId = requireNonEmptyString(data.fileId, "file STS data.fileId");
+  const reuse = requireBoolean(data.reuse, "file STS data.reuse");
+  if (reuse) {
+    return { fileId, reuse };
   }
   return {
-    ak: requireNonEmptyString(parsed.data.ak, "SKS data.ak"),
-    sk: requireNonEmptyString(parsed.data.sk, "SKS data.sk"),
-    sessionToken: requireNonEmptyString(parsed.data.token, "SKS data.token"),
-    bucketName: requireNonEmptyString(parsed.data.bucketName, "SKS data.bucketName"),
-    prefixPath: sanitizeObjectKeyPrefix(requireNonEmptyString(parsed.data.preFixPath, "SKS data.preFixPath")),
-    endpoint: requireNonEmptyString(parsed.data.bceUrl, "SKS data.bceUrl")
+    fileId,
+    reuse,
+    sts: parseFileUploadStsCredentials(data.sts),
+    bceUrl: requireNonEmptyString(data.bceUrl, "file STS data.bceUrl"),
+    bucket: requireNonEmptyString(data.bucket, "file STS data.bucket"),
+    bosName: requireNonEmptyString(data.bosName, "file STS data.bosName")
   };
 }
-function createSksRequestToken(params) {
-  const pageLid = requireNonEmptyString(params.pageLid, "SKS pageLid");
-  const timestamp = requireNonEmptyString(params.timestamp, "SKS timestamp");
-  const baseToken = createSksBaseToken(pageLid);
-  const payload = `${baseToken}|${EMPTY_QUERY_MD5}|${timestamp}|${pageLid}`;
-  return `${Buffer.from(payload, "utf8").toString("base64")}-${pageLid}-3`;
+async function notifyFileUploadComplete(options, deps = {}) {
+  assertAccountCanUseChannelApi(options.account);
+  if (options.fileIds.length === 0) {
+    throw new Error("file complete requires at least one fileId");
+  }
+  const responsePayload = await postAuthenticatedChannelJson(
+    options.account,
+    "/channel/file/complete",
+    {
+      sessionId: options.sessionId ?? DEFAULT_BAIDU_APP_SESSION_ID,
+      fileIds: options.fileIds
+    },
+    deps
+  );
+  const envelope = parseChannelEnvelope(responsePayload, "file complete");
+  const files = extractCompleteFiles(envelope.data);
+  const fileIds = new Set(options.fileIds);
+  for (const file of files) {
+    if (!fileIds.has(file.fileId)) {
+      continue;
+    }
+    if (file.status === -1) {
+      throw new Error(`file complete failed for fileId ${file.fileId}`);
+    }
+  }
+  return { files };
 }
-function createBosClient(credentials, deps = {}) {
+function createBosClient(fileSts, deps = {}) {
+  if (!fileSts.sts || !fileSts.bceUrl) {
+    throw new Error("Cannot create BOS client without STS credentials");
+  }
   const BosClientCtor = deps.bosClientCtor ?? DefaultBosClient;
   return new BosClientCtor({
-    endpoint: credentials.endpoint,
-    sessionToken: credentials.sessionToken,
+    endpoint: fileSts.bceUrl,
+    sessionToken: fileSts.sts.token,
     credentials: {
-      ak: credentials.ak,
-      sk: credentials.sk
+      ak: fileSts.sts.ak,
+      sk: fileSts.sts.sk
     }
   });
 }
 async function uploadLocalFileToBos(options, deps = {}) {
   const localFile = await assertUploadableLocalFile(options.filePath);
-  const credentials = await fetchSksCredentials(options.account, deps);
-  const client = createBosClient(credentials, deps);
   const sourceName = options.fileName ?? path2.basename(localFile);
-  const sanitizedFileName = sanitizeFileName(sourceName);
-  const key = buildBosObjectKey({
-    prefixPath: credentials.prefixPath,
-    fileName: sanitizedFileName,
-    now: deps.now
-  });
-  const uploadOptions = options.contentType?.trim() ? {
-    "Content-Type": options.contentType.trim()
-  } : void 0;
-  const [, fileStat] = await Promise.all([
-    client.putObjectFromFile(credentials.bucketName, key, localFile, uploadOptions),
-    fs2.stat(localFile)
-  ]);
+  const fileName = requireSafeDisplayFileName(sourceName);
+  const [fileBuffer, fileStat] = await Promise.all([fs2.readFile(localFile), fs2.stat(localFile)]);
+  const md5 = crypto.createHash("md5").update(fileBuffer).digest("hex");
+  const fileType = inferOutboundFileType(fileName);
+  const fileSts = await fetchFileUploadSts(
+    {
+      account: options.account,
+      sessionId: options.sessionId,
+      filename: fileName,
+      fileSize: fileStat.size,
+      fileType,
+      md5
+    },
+    deps
+  );
+  if (!fileSts.reuse) {
+    const bucketName = requireNonEmptyString(fileSts.bucket, "file STS bucket");
+    const key = requireNonEmptyString(fileSts.bosName, "file STS bosName");
+    const client = createBosClient(fileSts, deps);
+    const uploadOptions = options.contentType?.trim() ? {
+      "Content-Type": options.contentType.trim()
+    } : void 0;
+    await client.putObjectFromFile(bucketName, key, localFile, uploadOptions);
+  }
+  await notifyFileUploadComplete(
+    {
+      account: options.account,
+      sessionId: options.sessionId,
+      fileIds: [fileSts.fileId]
+    },
+    deps
+  );
   return {
-    bucketName: credentials.bucketName,
-    key,
-    url: client.generateUrl(credentials.bucketName, key),
-    fileName: sanitizedFileName,
-    fileSize: fileStat.size
+    fileId: fileSts.fileId,
+    bucketName: fileSts.bucket,
+    key: fileSts.bosName,
+    fileName,
+    fileSize: fileStat.size,
+    reuse: fileSts.reuse
   };
 }
 async function downloadInboundFileToTemp(options, deps = {}) {
@@ -4952,38 +4994,93 @@ async function pruneExpiredTempFiles(deps = {}) {
   await walk(tempDir);
   return { deletedFiles };
 }
-function parseSksResponse(payload) {
+async function postAuthenticatedChannelJson(account, pathname, bodyPayload, deps) {
+  const fetchImpl = deps.fetchImpl ?? fetch;
+  const now = deps.now?.() ?? /* @__PURE__ */ new Date();
+  const timestamp = String(Math.floor(now.getTime() / 1e3));
+  const nonce = (deps.generateNonceImpl ?? generateNonce)();
+  const authorization = buildAuthorizationHeader({
+    ak: account.appKey ?? "",
+    sk: account.appSecret ?? "",
+    timestamp,
+    nonce
+  });
+  const url = new URL(`${account.apiBase.replace(/\/+$/, "")}${pathname}`);
+  url.searchParams.set("ak", account.appKey ?? "");
+  url.searchParams.set("timestamp", timestamp);
+  url.searchParams.set("nonce", nonce);
+  const response = await fetchImpl(url.toString(), {
+    method: "POST",
+    headers: {
+      "Authorization": authorization,
+      "Content-Type": "application/json"
+    },
+    body: JSON.stringify(bodyPayload)
+  });
+  if (!response.ok) {
+    throw new Error(`channel request failed with HTTP ${response.status}`);
+  }
+  try {
+    return await response.json();
+  } catch (error) {
+    throw new Error(`channel response is not valid JSON: ${formatError(error)}`, { cause: error });
+  }
+}
+function parseChannelEnvelope(payload, label) {
   if (!payload || typeof payload !== "object") {
-    throw new Error("SKS response must be an object");
+    throw new Error(`${label} response must be an object`);
   }
   const record = payload;
-  const status = typeof record.code === "number" ? record.code : typeof record.status === "number" ? record.status : void 0;
+  const code = record.code;
+  if (typeof code !== "number") {
+    throw new Error(`${label} response missing numeric code`);
+  }
+  if (code !== 0) {
+    const msg = typeof record.msg === "string" ? record.msg : "unknown error";
+    throw new Error(`${label} request failed with code ${code}: ${msg}`);
+  }
   const data = record.data;
   return {
-    status,
-    data: data && typeof data === "object" ? {
-      ak: data.ak,
-      sk: data.sk,
-      token: data.token,
-      bucketName: data.bucketName,
-      preFixPath: data.preFixPath,
-      bceUrl: data.bceUrl
-    } : void 0
+    code,
+    msg: typeof record.msg === "string" ? record.msg : void 0,
+    data: data && typeof data === "object" ? data : void 0
   };
 }
-function generateSksPageLid() {
-  return crypto2.randomBytes(16).toString("hex");
+function parseFileUploadStsCredentials(payload) {
+  if (!payload || typeof payload !== "object") {
+    throw new Error("file STS data.sts is required");
+  }
+  const record = payload;
+  return {
+    ak: requireNonEmptyString(record.ak, "file STS data.sts.ak"),
+    sk: requireNonEmptyString(record.sk, "file STS data.sts.sk"),
+    token: requireNonEmptyString(record.token, "file STS data.sts.token"),
+    expireAt: requireNumber(record.expireAt, "file STS data.sts.expireAt")
+  };
 }
-function createSksBaseToken(pageLid) {
-  const pageLidHash = crypto2.createHash("sha256").update(pageLid).digest("hex");
-  const characters = SKS_BASE_TOKEN_POSITIONS.map((position) => {
-    const character = pageLidHash[position];
-    if (!character) {
-      throw new Error(`SKS base token position is out of range: ${position}`);
-    }
-    return character;
+function extractCompleteFiles(payload) {
+  const files = payload?.files;
+  if (!Array.isArray(files)) {
+    return [];
+  }
+  return files.map((file, index) => {
+    if (!file || typeof file !== "object") {
+      throw new Error(`file complete data.files[${index}] must be an object`);
+    }
+    const record = file;
+    return {
+      fileId: requireNonEmptyString(record.fileId, `file complete data.files[${index}].fileId`),
+      status: requireNumber(record.status, `file complete data.files[${index}].status`)
+    };
   });
-  return characters.join("");
+}
+function assertAccountCanUseChannelApi(account) {
+  if (!account.appKey?.trim()) {
+    throw new Error("Cannot call channel API without account.appKey");
+  }
+  if (!account.appSecret?.trim()) {
+    throw new Error("Cannot call channel API without account.appSecret");
+  }
 }
 function requireNonEmptyString(value, label) {
   if (typeof value !== "string" || !value.trim()) {
@@ -4991,36 +5088,19 @@ function requireNonEmptyString(value, label) {
   }
   return value.trim();
 }
-function sanitizeObjectKeyPrefix(prefixPath) {
-  const normalized = prefixPath.replace(/\\/g, "/").trim();
-  const segments = normalized.split("/").map((segment) => segment.trim()).filter(Boolean);
-  if (segments.length === 0) {
-    throw new Error("SKS data.preFixPath must contain at least one safe path segment");
+function requireBoolean(value, label) {
+  if (typeof value !== "boolean") {
+    throw new Error(`${label} must be a boolean`);
   }
-  const safeSegments = segments.map((segment) => {
-    if (segment === "." || segment === "..") {
-      throw new Error("SKS data.preFixPath contains path traversal");
-    }
-    return sanitizeObjectKeySegment(segment);
-  });
-  return safeSegments.join("/");
+  return value;
 }
-function sanitizeObjectKeySegment(segment) {
-  const sanitized = segment.replace(/[^a-zA-Z0-9._-]+/g, "-").replace(/-+/g, "-").replace(/^-|-$/g, "");
-  if (!sanitized) {
-    throw new Error(`Object key segment is not safe: ${segment}`);
+function requireNumber(value, label) {
+  if (typeof value !== "number" || !Number.isFinite(value)) {
+    throw new Error(`${label} must be a finite number`);
   }
-  return sanitized.slice(0, 80);
+  return value;
 }
-function sanitizeFileName(fileName) {
-  assertSafeUntrustedFileName(fileName);
-  const parsed = path2.parse(fileName.trim());
-  const safeBase = parsed.name.replace(/[^a-zA-Z0-9._-]+/g, "-").replace(/-+/g, "-").replace(/^-|-$/g, "");
-  const safeExt = parsed.ext.replace(/[^a-zA-Z0-9.]+/g, "").slice(0, 16);
-  const baseName = safeBase || "file";
-  return `${baseName.slice(0, 80)}${safeExt}`;
-}
-function assertSafeUntrustedFileName(fileName) {
+function requireSafeDisplayFileName(fileName) {
   const trimmed = fileName.trim();
   if (!trimmed) {
     throw new Error("Filename cannot be empty");
@@ -5031,14 +5111,18 @@ function assertSafeUntrustedFileName(fileName) {
   if (trimmed === "." || trimmed === "..") {
     throw new Error(`Filename is not safe: ${fileName}`);
   }
+  return trimmed;
 }
-function buildBosObjectKey(params) {
-  const timestamp = formatUtcDate(params.now?.() ?? /* @__PURE__ */ new Date());
-  const uniqueId = crypto2.randomUUID();
-  return `${params.prefixPath}/${timestamp}/${uniqueId}-${params.fileName}`;
+function normalizeOutboundFileType(fileType) {
+  const normalized = fileType.trim().replace(/^\.+/, "").toLowerCase();
+  if (!normalized) {
+    throw new Error("fileType is required");
+  }
+  return normalized;
 }
-function formatUtcDate(date) {
-  return date.toISOString().slice(0, 10);
+function inferOutboundFileType(fileName) {
+  const extension = path2.extname(fileName).replace(/^\./, "").toLowerCase();
+  return extension || "bin";
 }
 async function assertUploadableLocalFile(filePath) {
   const resolvedPath = path2.resolve(filePath);
@@ -5163,11 +5247,11 @@ function parseContentDispositionFileName(contentDisposition) {
 }
 function resolveDownloadFileName(params) {
   const candidate = params.explicitFileName ?? params.headerFileName ?? params.urlFileName ?? "file.bin";
-  return sanitizeFileName(candidate);
+  return requireSafeDisplayFileName(candidate);
 }
 function buildTempFilePath(params) {
   const timestamp = (params.now?.() ?? /* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
-  return path2.join(params.tempDir, `${timestamp}-${crypto2.randomUUID()}-${params.fileName}`);
+  return path2.join(params.tempDir, `${timestamp}-${crypto.randomUUID()}-${params.fileName}`);
 }
 async function ensurePluginTempDir(resolveTmpDir) {
   const baseTmpDir = resolveTmpDir?.() ?? resolvePreferredOpenClawTmpDir();
@@ -5614,7 +5698,7 @@ function parseTextAndFilesFromList(list) {
   const fileItems = list.filter((entry) => entry.type === "file");
   const content = textItem?.type === "text" ? textItem.data.text.content : void 0;
   const files = fileItems.map((file) => {
-    const fileId = file.data.file_id;
+    const fileId = file.data.file.fileId;
     return typeof fileId === "string" && fileId.trim() ? { url: fileId, fileType: "file" } : null;
   }).filter((file) => file != null);
   return { content, files };
@@ -5715,7 +5799,7 @@ async function pollBaiduAppChatlistOnce(account, loggerOptions, requestOptions)
     version: PLUGIN_VERSION
   };
   const body = JSON.stringify(payload);
-  console.log("start poll");
+  console.log("start poll", url);
   const requestSignal = createAbortSignalController({
     signal: requestOptions?.signal,
     timeoutMs: requestOptions?.timeoutMs
@@ -5904,12 +5988,23 @@ function resolveOutboundLocalMediaPath(mediaUrl) {
   }
   return trimmed;
 }
-function inferBaiduOutboundFileType(params) {
-  const ext = path2.extname(params.mediaPath).toLowerCase();
-  return ext.startsWith(".") ? ext.slice(1) : ext || "bin";
-}
 function buildOutboundMediaPayload(params) {
   const caption = params.caption?.trim();
+  const mediaItem = params.externalUrl ? {
+    type: "external_url",
+    data: {
+      externalUrl: {
+        url: params.externalUrl
+      }
+    }
+  } : {
+    type: "file",
+    data: {
+      file: {
+        fileId: params.fileId ?? ""
+      }
+    }
+  };
   return {
     list: [
       ...caption ? [{
@@ -5918,12 +6013,7 @@ function buildOutboundMediaPayload(params) {
           text: { content: caption }
         }
       }] : [],
-      {
-        type: "file",
-        data: {
-          file_id: params.uploadedUrl
-        }
-      }
+      mediaItem
     ]
   };
 }
@@ -6207,15 +6297,15 @@ var baiduAppPlugin = {
             account,
             buildOutboundMediaPayload({
               caption: params.text,
-              uploadedUrl: remoteUrl,
-              fileType: inferBaiduOutboundFileType({ mediaPath: remoteUrl })
+              externalUrl: remoteUrl
             }),
             { agentid: account.accountId, isActive: true }
           );
           return {
             channel: "openclaw-baiduapp",
-            ok: true,
-            messageId: result.msgid ?? ""
+            ok: result.ok,
+            messageId: result.msgid ?? "",
+            error: result.ok ? void 0 : new Error(result.errmsg ?? "send failed")
           };
         } catch (err) {
           return {
@@ -6248,10 +6338,7 @@ var baiduAppPlugin = {
           account,
           buildOutboundMediaPayload({
             caption: params.text,
-            uploadedUrl: uploaded.url,
-            fileType: inferBaiduOutboundFileType({
-              mediaPath: uploaded.fileName || localMediaPath
-            })
+            fileId: uploaded.fileId
           }),
           { agentid: account.accountId, isActive: true }
         );