npm - @sunnoy/wecom - Versions diffs - 1.1.2 → 1.2.0 - Mend

@sunnoy/wecom 1.1.2 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/crypto.js CHANGED Viewed

@@ -1,108 +1,135 @@
 import { createCipheriv, createDecipheriv, randomBytes, createHash } from "node:crypto";
-import { XMLParser, XMLBuilder } from "fast-xml-parser";
-import { CONSTANTS } from "./utils.js";
 import { logger } from "./logger.js";
+import { CONSTANTS } from "./utils.js";
 /**
  * Enterprise WeChat Intelligent Robot Crypto Implementation
  * Simplified for AI Bot mode (no corpId validation)
  */
 export class WecomCrypto {
-    token;
-    encodingAesKey;
-    aesKey;
-    iv;
-    constructor(token, encodingAesKey) {
-        if (!encodingAesKey || encodingAesKey.length !== CONSTANTS.AES_KEY_LENGTH) {
-            throw new Error(`EncodingAESKey invalid: length must be ${CONSTANTS.AES_KEY_LENGTH}`);
-        }
-        if (!token) {
-            throw new Error("Token is required");
-        }
-        this.token = token;
-        this.encodingAesKey = encodingAesKey;
-        this.aesKey = Buffer.from(encodingAesKey + "=", "base64");
-        this.iv = this.aesKey.subarray(0, 16);
-        logger.debug("WecomCrypto initialized (AI Bot mode)");
+  token;
+  encodingAesKey;
+  aesKey;
+  iv;
+  constructor(token, encodingAesKey) {
+    if (!encodingAesKey || encodingAesKey.length !== CONSTANTS.AES_KEY_LENGTH) {
+      throw new Error(`EncodingAESKey invalid: length must be ${CONSTANTS.AES_KEY_LENGTH}`);
+    }
+    if (!token) {
+      throw new Error("Token is required");
     }
+    this.token = token;
+    this.encodingAesKey = encodingAesKey;
+    this.aesKey = Buffer.from(encodingAesKey + "=", "base64");
+    this.iv = this.aesKey.subarray(0, 16);
+    logger.debug("WecomCrypto initialized (AI Bot mode)");
+  }
-    getSignature(timestamp, nonce, encrypt) {
-        const shasum = createHash("sha1");
-        const arr = [this.token, timestamp, nonce, encrypt].sort();
-        shasum.update(arr.join(""));
-        return shasum.digest("hex");
+  getSignature(timestamp, nonce, encrypt) {
+    const shasum = createHash("sha1");
+    // WeCom requires plain lexicographic sorting before SHA1; localeCompare is locale-sensitive.
+    const sorted = [this.token, timestamp, nonce, encrypt]
+      .map((value) => String(value))
+      .toSorted();
+    shasum.update(sorted.join(""));
+    return shasum.digest("hex");
+  }
+  decrypt(text) {
+    let decipher;
+    try {
+      decipher = createDecipheriv("aes-256-cbc", this.aesKey, this.iv);
+      decipher.setAutoPadding(false);
+    } catch (e) {
+      throw new Error(`Decrypt init failed: ${String(e)}`, { cause: e });
     }
-    decrypt(text) {
-        let decipher;
-        try {
-            decipher = createDecipheriv("aes-256-cbc", this.aesKey, this.iv);
-            decipher.setAutoPadding(false);
-        } catch (e) {
-            throw new Error(`Decrypt init failed: ${String(e)}`);
-        }
+    let deciphered = Buffer.concat([decipher.update(text, "base64"), decipher.final()]);
-        let deciphered = Buffer.concat([
-            decipher.update(text, "base64"),
-            decipher.final(),
-        ]);
+    deciphered = this.decodePkcs7(deciphered);
-        deciphered = this.decodePkcs7(deciphered);
+    // Format: 16 random bytes | 4 bytes msg_len | msg_content | appid
+    const content = deciphered.subarray(16);
+    const lenList = content.subarray(0, 4);
+    const xmlLen = lenList.readUInt32BE(0);
+    const xmlContent = content.subarray(4, 4 + xmlLen).toString("utf-8");
+    // For AI Bot mode, corpId/appid is empty, skip validation
-        // Format: 16 random bytes | 4 bytes msg_len | msg_content | appid
-        const content = deciphered.subarray(16);
-        const lenList = content.subarray(0, 4);
-        const xmlLen = lenList.readUInt32BE(0);
-        const xmlContent = content.subarray(4, 4 + xmlLen).toString("utf-8");
-        // For AI Bot mode, corpId/appid is empty, skip validation
+    return { message: xmlContent };
+  }
-        return { message: xmlContent };
-    }
+  encrypt(text) {
+    // For AI Bot mode, corpId is empty
+    const random16 = randomBytes(16);
+    const msgBuffer = Buffer.from(text);
+    const lenBuffer = Buffer.alloc(4);
+    lenBuffer.writeUInt32BE(msgBuffer.length, 0);
-    encrypt(text) {
-        // For AI Bot mode, corpId is empty
-        const random16 = randomBytes(16);
-        const msgBuffer = Buffer.from(text);
-        const lenBuffer = Buffer.alloc(4);
-        lenBuffer.writeUInt32BE(msgBuffer.length, 0);
+    const rawMsg = Buffer.concat([random16, lenBuffer, msgBuffer]);
+    const encoded = this.encodePkcs7(rawMsg);
-        const rawMsg = Buffer.concat([random16, lenBuffer, msgBuffer]);
-        const encoded = this.encodePkcs7(rawMsg);
+    const cipher = createCipheriv("aes-256-cbc", this.aesKey, this.iv);
+    cipher.setAutoPadding(false);
+    const ciphered = Buffer.concat([cipher.update(encoded), cipher.final()]);
+    return ciphered.toString("base64");
+  }
-        const cipher = createCipheriv("aes-256-cbc", this.aesKey, this.iv);
-        cipher.setAutoPadding(false);
-        const ciphered = Buffer.concat([cipher.update(encoded), cipher.final()]);
-        return ciphered.toString("base64");
-    }
+  encodePkcs7(buff) {
+    const blockSize = CONSTANTS.AES_BLOCK_SIZE;
+    const amountToPad = blockSize - (buff.length % blockSize);
+    const pad = Buffer.alloc(amountToPad, amountToPad);
+    return Buffer.concat([buff, pad]);
+  }
-    encodePkcs7(buff) {
-        const blockSize = CONSTANTS.AES_BLOCK_SIZE;
-        const amountToPad = blockSize - (buff.length % blockSize);
-        const pad = Buffer.alloc(amountToPad, amountToPad);
-        return Buffer.concat([buff, pad]);
+  decodePkcs7(buff) {
+    const pad = buff[buff.length - 1];
+    if (pad < 1 || pad > CONSTANTS.AES_BLOCK_SIZE) {
+      throw new Error(`Invalid PKCS7 padding: ${pad}`);
     }
+    for (let i = buff.length - pad; i < buff.length; i++) {
+      if (buff[i] !== pad) {
+        throw new Error("Invalid PKCS7 padding: inconsistent padding bytes");
+      }
+    }
+    return buff.subarray(0, buff.length - pad);
+  }
-    decodePkcs7(buff) {
-        const pad = buff[buff.length - 1];
-        if (pad < 1 || pad > CONSTANTS.AES_BLOCK_SIZE) {
-            throw new Error(`Invalid PKCS7 padding: ${pad}`);
-        }
-        for (let i = buff.length - pad; i < buff.length; i++) {
-            if (buff[i] !== pad) {
-                throw new Error("Invalid PKCS7 padding: inconsistent padding bytes");
-            }
+  /**
+   * Decrypt image/media file from Enterprise WeChat.
+   * Images are encrypted with AES-256-CBC using the same key as messages.
+   * Note: WeCom uses PKCS7 padding to 32-byte blocks (not standard 16-byte).
+   * @param {Buffer} encryptedData - The encrypted image data (raw bytes, not base64)
+   * @returns {Buffer} - Decrypted image data
+   */
+  decryptMedia(encryptedData) {
+    const decipher = createDecipheriv("aes-256-cbc", this.aesKey, this.iv);
+    decipher.setAutoPadding(false);
+    const decrypted = Buffer.concat([
+      decipher.update(encryptedData),
+      decipher.final(),
+    ]);
+    // Remove PKCS7 padding manually (padded to 32-byte blocks).
+    const padLen = decrypted[decrypted.length - 1];
+    let unpadded = decrypted;
+    if (padLen >= 1 && padLen <= 32) {
+      let validPadding = true;
+      for (let i = decrypted.length - padLen; i < decrypted.length; i++) {
+        if (decrypted[i] !== padLen) {
+          validPadding = false;
+          break;
         }
-        return buff.subarray(0, buff.length - pad);
+      }
+      if (validPadding) {
+        unpadded = decrypted.subarray(0, decrypted.length - padLen);
+      }
     }
-}
-export const xmlParser = new XMLParser({
-    ignoreAttributes: true,
-    parseTagValue: false
-});
-export const xmlBuilder = new XMLBuilder({
-    format: false,
-    ignoreAttributes: true
-});
+    logger.debug("Media decrypted successfully", {
+      inputSize: encryptedData.length,
+      outputSize: unpadded.length,
+    });
+    return unpadded;
+  }
+}

package/dynamic-agent.js CHANGED Viewed

@@ -1,120 +1,103 @@
-import { logger } from "./logger.js";
 /**
- * Dynamic Agent Manager (Minimal Version)
- *
- * 极简版：插件只负责生成 AgentId
- * 所有 Workspace 创建和 Bootstrap 文件由 OpenClaw 主程序自动处理
- *
- * 流程：
- * 1. 插件收到消息 → generateAgentId() 生成 agentId
- * 2. 插件构造 SessionKey → `agent:{agentId}:{peerKind}:{peerId}`
- * 3. OpenClaw 解析 SessionKey → 提取 agentId
- * 4. OpenClaw 调用 resolveAgentWorkspaceDir() → fallback 到 ~/.openclaw/workspace-{agentId}
- * 5. OpenClaw 调用 ensureAgentWorkspace() → 自动创建目录和 Bootstrap 文件
+ * Dynamic agent helpers.
+ *
+ * This plugin only computes deterministic agent ids/session keys.
+ * Workspace/bootstrap creation is handled by OpenClaw core.
  */
 /**
- * 生成 AgentId
- * 规范：wecom-dm-{userId} 或 wecom-group-{groupId}
- *
- * @param {string} chatType - "dm" 或 "group"
- * @param {string} peerId - userId 或 groupId
+ * Build a deterministic agent id for dm/group contexts.
+ *
+ * @param {string} chatType - "dm" or "group"
+ * @param {string} peerId - user id or group id
  * @returns {string} agentId
  */
 export function generateAgentId(chatType, peerId) {
-    const sanitizedId = String(peerId).toLowerCase().replace(/[^a-z0-9_-]/g, "_");
-    if (chatType === "group") {
-        return `wecom-group-${sanitizedId}`;
-    }
-    return `wecom-dm-${sanitizedId}`;
+  const sanitizedId = String(peerId)
+    .toLowerCase()
+    .replace(/[^a-z0-9_-]/g, "_");
+  if (chatType === "group") {
+    return `wecom-group-${sanitizedId}`;
+  }
+  return `wecom-dm-${sanitizedId}`;
 }
 /**
- * 获取动态 Agent 配置
+ * Resolve runtime dynamic-agent settings from config.
  */
 export function getDynamicAgentConfig(config) {
-    const wecom = config?.channels?.wecom || {};
-    return {
-        enabled: wecom.dynamicAgents?.enabled !== false,
-        // 私聊配置
-        dmCreateAgent: wecom.dm?.createAgentOnFirstMessage !== false,
-        // 群聊配置
-        groupEnabled: wecom.groupChat?.enabled !== false,
-        groupRequireMention: wecom.groupChat?.requireMention !== false,
-        groupMentionPatterns: wecom.groupChat?.mentionPatterns || ["@"],
-        groupCreateAgent: wecom.groupChat?.createAgentOnFirstMessage !== false,
-        groupHistoryLimit: wecom.groupChat?.historyLimit || 10,
-    };
+  const wecom = config?.channels?.wecom || {};
+  return {
+    enabled: wecom.dynamicAgents?.enabled !== false,
+    dmCreateAgent: wecom.dm?.createAgentOnFirstMessage !== false,
+    groupEnabled: wecom.groupChat?.enabled !== false,
+    groupRequireMention: wecom.groupChat?.requireMention !== false,
+    groupMentionPatterns: wecom.groupChat?.mentionPatterns || ["@"],
+  };
 }
 /**
- * 检查是否应该为此消息创建/使用动态 Agent
- *
- * @param {Object} options
- * @param {string} options.chatType - "dm" 或 "group"
- * @param {Object} options.config - openclaw 配置
- * @returns {boolean}
+ * Decide whether this message context should route to a dynamic agent.
  */
 export function shouldUseDynamicAgent({ chatType, config }) {
-    const dynamicConfig = getDynamicAgentConfig(config);
-    if (!dynamicConfig.enabled) {
-        return false;
-    }
-    if (chatType === "dm") {
-        return dynamicConfig.dmCreateAgent;
-    }
-    if (chatType === "group") {
-        return dynamicConfig.groupCreateAgent;
-    }
+  const dynamicConfig = getDynamicAgentConfig(config);
+  if (!dynamicConfig.enabled) {
     return false;
+  }
+  if (chatType === "group") {
+    return dynamicConfig.groupEnabled;
+  }
+  return dynamicConfig.dmCreateAgent;
 }
 /**
- * 检查群聊消息是否满足触发条件（@提及）
+ * Decide whether a group message should trigger a response.
  */
 export function shouldTriggerGroupResponse(content, config) {
-    const dynamicConfig = getDynamicAgentConfig(config);
-    if (!dynamicConfig.groupEnabled) {
-        return false;
-    }
-    if (!dynamicConfig.groupRequireMention) {
-        return true; // 不需要 @，所有消息都触发
-    }
+  const dynamicConfig = getDynamicAgentConfig(config);
-    // 检查是否包含 @提及
-    const patterns = dynamicConfig.groupMentionPatterns;
-    for (const pattern of patterns) {
-        if (content.includes(pattern)) {
-            return true;
-        }
+  if (!dynamicConfig.groupEnabled) {
+    return false;
+  }
+  if (!dynamicConfig.groupRequireMention) {
+    return true;
+  }
+  // Match any configured mention marker in the original message content.
+  // Use word-boundary check to avoid false positives on email addresses.
+  const patterns = dynamicConfig.groupMentionPatterns;
+  for (const pattern of patterns) {
+    const escaped = escapeRegExp(pattern);
+    // @ must NOT be preceded by a word char (avoids user@domain false matches).
+    const re = new RegExp(`(?:^|(?<=\\s|[^\\w]))${escaped}`, "u");
+    if (re.test(content)) {
+      return true;
     }
+  }
-    return false;
+  return false;
 }
 /**
- * 从群聊消息中提取实际内容（移除 @提及）
+ * Remove configured mention markers from group message text.
  */
 export function extractGroupMessageContent(content, config) {
-    const dynamicConfig = getDynamicAgentConfig(config);
-    let cleanContent = content;
-    // 移除 @提及 pattern
-    const patterns = dynamicConfig.groupMentionPatterns;
-    for (const pattern of patterns) {
-        // 移除 @xxx 格式的提及（包括后面可能的空格）
-        const regex = new RegExp(`${pattern}\\S*\\s*`, "g");
-        cleanContent = cleanContent.replace(regex, "");
-    }
+  const dynamicConfig = getDynamicAgentConfig(config);
+  let cleanContent = content;
+  const patterns = dynamicConfig.groupMentionPatterns;
+  for (const pattern of patterns) {
+    const escapedPattern = escapeRegExp(pattern);
+    // Only strip @name tokens that are NOT part of email-style addresses.
+    // Require the pattern to be preceded by start-of-string or whitespace.
+    const regex = new RegExp(`(?:^|(?<=\\s))${escapedPattern}\\S*\\s*`, "gu");
+    cleanContent = cleanContent.replace(regex, "");
+  }
+  return cleanContent.trim();
+}
-    return cleanContent.trim();
+function escapeRegExp(value) {
+  return String(value).replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
 }

package/image-processor.js CHANGED Viewed

@@ -1,5 +1,5 @@
-import { readFile } from "fs/promises";
 import { createHash } from "crypto";
+import { readFile } from "fs/promises";
 import { logger } from "./logger.js";
 /**
@@ -11,8 +11,8 @@ import { logger } from "./logger.js";
 // Image format signatures (magic bytes)
 const IMAGE_SIGNATURES = {
-    JPG: [0xFF, 0xD8, 0xFF],
-    PNG: [0x89, 0x50, 0x4E, 0x47, 0x0D, 0x0A, 0x1A, 0x0A],
+  JPG: [0xff, 0xd8, 0xff],
+  PNG: [0x89, 0x50, 0x4e, 0x47, 0x0d, 0x0a, 0x1a, 0x0a],
 };
 // 2MB size limit (before base64 encoding)
@@ -25,23 +25,23 @@ const MAX_IMAGE_SIZE = 2 * 1024 * 1024;
  * @throws {Error} If file not found or cannot be read
  */
 export async function loadImageFromPath(filePath) {
-    try {
-        logger.debug("Loading image from path", { filePath });
-        const buffer = await readFile(filePath);
-        logger.debug("Image loaded successfully", {
-            filePath,
-            size: buffer.length
-        });
-        return buffer;
-    } catch (error) {
-        if (error.code === "ENOENT") {
-            throw new Error(`Image file not found: ${filePath}`);
-        } else if (error.code === "EACCES") {
-            throw new Error(`Permission denied reading image: ${filePath}`);
-        } else {
-            throw new Error(`Failed to read image file: ${error.message}`);
-        }
+  try {
+    logger.debug("Loading image from path", { filePath });
+    const buffer = await readFile(filePath);
+    logger.debug("Image loaded successfully", {
+      filePath,
+      size: buffer.length,
+    });
+    return buffer;
+  } catch (error) {
+    if (error.code === "ENOENT") {
+      throw new Error(`Image file not found: ${filePath}`, { cause: error });
+    } else if (error.code === "EACCES") {
+      throw new Error(`Permission denied reading image: ${filePath}`, { cause: error });
+    } else {
+      throw new Error(`Failed to read image file: ${error.message}`, { cause: error });
     }
+  }
 }
 /**
@@ -50,7 +50,7 @@ export async function loadImageFromPath(filePath) {
  * @returns {string} Base64-encoded string
  */
 export function encodeImageToBase64(buffer) {
-    return buffer.toString("base64");
+  return buffer.toString("base64");
 }
 /**
@@ -59,7 +59,7 @@ export function encodeImageToBase64(buffer) {
  * @returns {string} MD5 hash in hexadecimal
  */
 export function calculateMD5(buffer) {
-    return createHash("md5").update(buffer).digest("hex");
+  return createHash("md5").update(buffer).digest("hex");
 }
 /**
@@ -68,16 +68,14 @@ export function calculateMD5(buffer) {
  * @throws {Error} If size exceeds 2MB limit
  */
 export function validateImageSize(buffer) {
-    const sizeBytes = buffer.length;
-    const sizeMB = (sizeBytes / 1024 / 1024).toFixed(2);
+  const sizeBytes = buffer.length;
+  const sizeMB = (sizeBytes / 1024 / 1024).toFixed(2);
-    if (sizeBytes > MAX_IMAGE_SIZE) {
-        throw new Error(
-            `Image size ${sizeMB}MB exceeds 2MB limit (actual: ${sizeBytes} bytes)`
-        );
-    }
+  if (sizeBytes > MAX_IMAGE_SIZE) {
+    throw new Error(`Image size ${sizeMB}MB exceeds 2MB limit (actual: ${sizeBytes} bytes)`);
+  }
-    logger.debug("Image size validated", { sizeBytes, sizeMB });
+  logger.debug("Image size validated", { sizeBytes, sizeMB });
 }
 /**
@@ -87,34 +85,29 @@ export function validateImageSize(buffer) {
  * @throws {Error} If format is not supported
  */
 export function detectImageFormat(buffer) {
-    // Check PNG signature
-    if (buffer.length >= IMAGE_SIGNATURES.PNG.length) {
-        const isPNG = IMAGE_SIGNATURES.PNG.every(
-            (byte, index) => buffer[index] === byte
-        );
-        if (isPNG) {
-            logger.debug("Image format detected: PNG");
-            return "PNG";
-        }
+  // Check PNG signature
+  if (buffer.length >= IMAGE_SIGNATURES.PNG.length) {
+    const isPNG = IMAGE_SIGNATURES.PNG.every((byte, index) => buffer[index] === byte);
+    if (isPNG) {
+      logger.debug("Image format detected: PNG");
+      return "PNG";
     }
-    // Check JPG signature
-    if (buffer.length >= IMAGE_SIGNATURES.JPG.length) {
-        const isJPG = IMAGE_SIGNATURES.JPG.every(
-            (byte, index) => buffer[index] === byte
-        );
-        if (isJPG) {
-            logger.debug("Image format detected: JPG");
-            return "JPG";
-        }
+  }
+  // Check JPG signature
+  if (buffer.length >= IMAGE_SIGNATURES.JPG.length) {
+    const isJPG = IMAGE_SIGNATURES.JPG.every((byte, index) => buffer[index] === byte);
+    if (isJPG) {
+      logger.debug("Image format detected: JPG");
+      return "JPG";
     }
+  }
-    // Unknown format
-    const header = buffer.slice(0, 16).toString("hex");
-    throw new Error(
-        `Unsupported image format. Only JPG and PNG are supported. ` +
-        `File header: ${header}`
-    );
+  // Unknown format
+  const header = buffer.subarray(0, 16).toString("hex");
+  throw new Error(
+    `Unsupported image format. Only JPG and PNG are supported. File header: ${header}`,
+  );
 }
 /**
@@ -137,43 +130,43 @@ export function detectImageFormat(buffer) {
  * // Returns: { base64: "...", md5: "...", format: "JPG", size: 123456 }
  */
 export async function prepareImageForMsgItem(filePath) {
-    logger.debug("Starting image processing pipeline", { filePath });
-    try {
-        // Step 1: Load image
-        const buffer = await loadImageFromPath(filePath);
-        // Step 2: Validate size
-        validateImageSize(buffer);
-        // Step 3: Detect format
-        const format = detectImageFormat(buffer);
-        // Step 4: Encode to base64
-        const base64 = encodeImageToBase64(buffer);
-        // Step 5: Calculate MD5
-        const md5 = calculateMD5(buffer);
-        logger.info("Image processed successfully", {
-            filePath,
-            format,
-            size: buffer.length,
-            md5,
-            base64Length: base64.length
-        });
-        return {
-            base64,
-            md5,
-            format,
-            size: buffer.length
-        };
-    } catch (error) {
-        logger.error("Image processing failed", {
-            filePath,
-            error: error.message
-        });
-        throw error;
-    }
+  logger.debug("Starting image processing pipeline", { filePath });
+  try {
+    // Step 1: Load image
+    const buffer = await loadImageFromPath(filePath);
+    // Step 2: Validate size
+    validateImageSize(buffer);
+    // Step 3: Detect format
+    const format = detectImageFormat(buffer);
+    // Step 4: Encode to base64
+    const base64 = encodeImageToBase64(buffer);
+    // Step 5: Calculate MD5
+    const md5 = calculateMD5(buffer);
+    logger.info("Image processed successfully", {
+      filePath,
+      format,
+      size: buffer.length,
+      md5,
+      base64Length: base64.length,
+    });
+    return {
+      base64,
+      md5,
+      format,
+      size: buffer.length,
+    };
+  } catch (error) {
+    logger.error("Image processing failed", {
+      filePath,
+      error: error.message,
+    });
+    throw error;
+  }
 }