@soyeht/soyeht 0.2.1 → 0.2.2

package/openclaw.plugin.json

@@ -5,7 +5,7 @@
   ],
   "name": "Soyeht",
   "description": "Channel plugin for the Soyeht Flutter mobile app",
-  "version": "0.2.1",
+  "version": "0.2.2",
   "configSchema": {
     "type": "object",
     "additionalProperties": false,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@soyeht/soyeht",
-  "version": "0.2.1",
+  "version": "0.2.2",
   "description": "OpenClaw channel plugin for the Soyeht Flutter mobile app",
   "type": "module",
   "main": "src/index.ts",

package/src/index.ts

@@ -23,6 +23,7 @@ import {
 import {
   handleSecurityIdentity,
   handleSecurityPair,
+  handleSecurityPairingInfo,
   handleSecurityPairingStart,
 } from "./pairing.js";
 import { PLUGIN_VERSION } from "./version.js";
@@ -89,6 +90,7 @@ const soyehtPlugin: OpenClawPluginDefinition = {
     // Security RPC
     api.registerGatewayMethod("soyeht.security.identity", handleSecurityIdentity(api, v2deps));
     api.registerGatewayMethod("soyeht.security.pairing.start", handleSecurityPairingStart(api, v2deps));
+    api.registerGatewayMethod("soyeht.security.pairing.info", handleSecurityPairingInfo(api, v2deps));
     api.registerGatewayMethod("soyeht.security.pair", handleSecurityPair(api, v2deps));
     api.registerGatewayMethod("soyeht.security.handshake.init", handleSecurityHandshake(api, v2deps));
     api.registerGatewayMethod("soyeht.security.handshake.finish", handleSecurityHandshakeFinish(api, v2deps));

package/src/pairing.ts

@@ -136,6 +136,61 @@ function resolveGatewayUrl(api: OpenClawPluginApi, configGatewayUrl: string): st
   return "";
 }
 
+// ---------------------------------------------------------------------------
+// soyeht.security.pairing.info — return session data for a given pairing token
+// ---------------------------------------------------------------------------
+
+export function handleSecurityPairingInfo(
+  _api: OpenClawPluginApi,
+  v2deps: SecurityV2Deps,
+): GatewayRequestHandler {
+  return async ({ params, respond }) => {
+    if (!v2deps.ready) {
+      respond(false, undefined, { code: "NOT_READY", message: "Service not ready" });
+      return;
+    }
+    if (!v2deps.identity) {
+      respond(false, undefined, { code: "NO_IDENTITY", message: "Identity not initialized" });
+      return;
+    }
+
+    const pairingToken = params["pairingToken"] as string | undefined;
+    if (!pairingToken) {
+      respond(false, undefined, {
+        code: "INVALID_PARAMS",
+        message: "Missing required param: pairingToken",
+      });
+      return;
+    }
+
+    const session = v2deps.pairingSessions.get(pairingToken);
+    if (!session) {
+      respond(false, undefined, {
+        code: "PAIRING_REQUIRED",
+        message: "No active pairing session. Scan a fresh QR code first.",
+      });
+      return;
+    }
+
+    if (session.expiresAt <= Date.now()) {
+      respond(false, undefined, {
+        code: "PAIRING_EXPIRED",
+        message: "Pairing QR expired. Scan a fresh QR code first.",
+      });
+      return;
+    }
+
+    respond(true, {
+      accountId: session.accountId,
+      expiresAt: session.expiresAt,
+      allowOverwrite: session.allowOverwrite,
+      pluginIdentityKey: v2deps.identity.signKey.publicKeyB64,
+      pluginDhKey: v2deps.identity.dhKey.publicKeyB64,
+      fingerprint: computeFingerprint(v2deps.identity),
+    });
+  };
+}
+
 // ---------------------------------------------------------------------------
 // soyeht.security.identity — expose plugin public keys
 // ---------------------------------------------------------------------------

package/src/service.ts

@@ -10,13 +10,11 @@ import {
 } from "./security.js";
 import { loadOrGenerateIdentity, loadPeers, loadSessions, saveSession } from "./identity.js";
 import { zeroBuffer } from "./ratchet.js";
-import { base64UrlEncode, computeFingerprint, ed25519Sign, type X25519KeyPair } from "./crypto.js";
+import { base64UrlEncode, computeFingerprint, type X25519KeyPair } from "./crypto.js";
 import type { IdentityBundle, PeerIdentity } from "./identity.js";
 import type { RatchetState } from "./ratchet.js";
 import { createOutboundQueue, type OutboundQueue } from "./outbound-queue.js";
 import { renderQrTerminal } from "./qr.js";
-import { resolveSoyehtAccount } from "./config.js";
-import { buildPairingQrTranscript, buildPairingQrTranscriptV2 } from "./pairing.js";
 
 const HEARTBEAT_INTERVAL_MS = 60_000; // 60s
 
@@ -93,49 +91,12 @@ async function showPairingQr(api: OpenClawPluginApi, v2deps: SecurityV2Deps): Pr
   const fingerprint = computeFingerprint(identity);
 
   // Resolve gatewayUrl from config or runtime
-  const cfg = await api.runtime.config.loadConfig();
-  const account = resolveSoyehtAccount(cfg, accountId);
-  let gatewayUrl = account.gatewayUrl;
-  if (!gatewayUrl) {
-    const runtime = api.runtime as Record<string, unknown>;
-    if (typeof runtime["gatewayUrl"] === "string" && runtime["gatewayUrl"]) {
-      gatewayUrl = runtime["gatewayUrl"];
-    } else if (typeof runtime["baseUrl"] === "string" && runtime["baseUrl"]) {
-      gatewayUrl = runtime["baseUrl"];
-    }
-  }
-
-  const basePayload = {
-    accountId,
-    pairingToken,
-    expiresAt,
-    allowOverwrite: false,
-    pluginIdentityKey: identity.signKey.publicKeyB64,
-    pluginDhKey: identity.dhKey.publicKeyB64,
-    fingerprint,
-  };
-
-  let qrPayload: Record<string, unknown>;
-
-  if (gatewayUrl) {
-    const transcript = buildPairingQrTranscriptV2({ gatewayUrl, ...basePayload });
-    const signature = base64UrlEncode(ed25519Sign(identity.signKey.privateKey, transcript));
-    qrPayload = {
-      version: 2,
-      type: "soyeht_pairing_qr",
-      gatewayUrl,
-      ...basePayload,
-      signature,
-    };
-  } else {
-    const transcript = buildPairingQrTranscript(basePayload);
-    const signature = base64UrlEncode(ed25519Sign(identity.signKey.privateKey, transcript));
-    qrPayload = {
-      version: 1,
-      type: "soyeht_pairing_qr",
-      ...basePayload,
-      signature,
-    };
+  let gatewayUrl = "";
+  const runtime = api.runtime as Record<string, unknown>;
+  if (typeof runtime["gatewayUrl"] === "string" && runtime["gatewayUrl"]) {
+    gatewayUrl = runtime["gatewayUrl"];
+  } else if (typeof runtime["baseUrl"] === "string" && runtime["baseUrl"]) {
+    gatewayUrl = runtime["baseUrl"];
   }
 
   v2deps.pairingSessions.set(pairingToken, {
@@ -145,11 +106,15 @@ async function showPairingQr(api: OpenClawPluginApi, v2deps: SecurityV2Deps): Pr
     allowOverwrite: false,
   });
 
-  const qrText = JSON.stringify(qrPayload);
+  // Compact QR: soyeht://pair?g=<gatewayUrl>&t=<token>&fp=<fingerprint>
+  // App fetches full key material via RPC soyeht.security.pairing.info
+  const qrText = `soyeht://pair?g=${encodeURIComponent(gatewayUrl)}&t=${pairingToken}&fp=${fingerprint}`;
   const rendered = renderQrTerminal(qrText);
 
   if (rendered) {
-    api.logger.info("[soyeht] Scan this QR code with the Soyeht app to pair:\n\n" + rendered);
+    // Write QR directly to stdout to avoid logger prefixes breaking ANSI escape codes
+    process.stdout.write("\n" + rendered + "\n\n");
+    api.logger.info(`[soyeht] Scan the QR code above with the Soyeht app to pair`);
     api.logger.info(`[soyeht] Fingerprint: ${fingerprint}`);
     api.logger.info(`[soyeht] QR expires in ${AUTO_PAIRING_TTL_MS / 1000}s — restart plugin to generate a new one`);
   } else {

package/src/version.ts

@@ -1 +1 @@
-export const PLUGIN_VERSION = "0.2.1";
+export const PLUGIN_VERSION = "0.2.2";