@syengup/friday-channel-next 0.0.12 → 0.0.14

package/install.js

@@ -46,13 +46,19 @@ function isRunningFromNpmPackage() {
 
 // --------------- prerequisites ---------------
 
-const required = ["pnpm", "node", "openclaw"];
+const required = ["node", "openclaw"];
 const missing = required.filter((c) => !has(c));
 if (missing.length) {
   missing.forEach((c) => err(`${c} is required but not found. Install it first.`));
   process.exit(1);
 }
 
+const PKG = has("pnpm") ? "pnpm" : has("npm") ? "npm" : null;
+if (!PKG) {
+  err("pnpm or npm is required but not found. Install one first.");
+  process.exit(1);
+}
+
 if (!existsSync(OPENCLAW_CONFIG)) {
   err(`OpenClaw config not found at ${OPENCLAW_CONFIG}`);
   err("Make sure OpenClaw is installed and has been run at least once.");
@@ -88,10 +94,10 @@ process.chdir(PLUGIN_DIR);
 // --------------- install + build ---------------
 
 log("Installing dependencies...");
-execSync("pnpm install", { stdio: "inherit" });
+execSync(`${PKG} install`, { stdio: "inherit" });
 
 log("Building TypeScript...");
-execSync("pnpm build", { stdio: "inherit" });
+execSync(`${PKG} run build`, { stdio: "inherit" });
 
 // --------------- configure OpenClaw ---------------
 

package/install.sh

@@ -22,13 +22,23 @@ err()  { printf "  ${RED}X${NC} %s\\n" "$1" >&2; }
 trap 'err "Install failed."' ERR
 
 # Check prerequisites
-for cmd in pnpm node git openclaw; do
+for cmd in node git openclaw; do
   if ! command -v "$cmd" &>/dev/null; then
     err "$cmd is required but not found. Install it first."
     exit 1
   fi
 done
 
+# Auto-detect package manager (prefer pnpm, fall back to npm)
+if command -v pnpm &>/dev/null; then
+  PKG="pnpm"
+elif command -v npm &>/dev/null; then
+  PKG="npm"
+else
+  err "pnpm or npm is required but not found. Install one first."
+  exit 1
+fi
+
 if [ ! -f "$OPENCLAW_CONFIG" ]; then
   err "OpenClaw config not found at $OPENCLAW_CONFIG"
   err "Make sure OpenClaw is installed and has been run at least once."
@@ -48,10 +58,10 @@ fi
 cd "$PLUGIN_DIR"
 
 log "Installing dependencies..."
-pnpm install
+$PKG install
 
 log "Building TypeScript..."
-pnpm build
+$PKG run build
 
 # Step 2: Configure OpenClaw
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@syengup/friday-channel-next",
-  "version": "0.0.12",
+  "version": "0.0.14",
   "description": "OpenClaw Friday Next Apple channel plugin",
   "type": "module",
   "files": [
@@ -13,7 +13,7 @@
   ],
   "scripts": {
     "build": "tsc -p tsconfig.json",
-    "test": "pnpm test:unit && pnpm test:e2e",
+    "test": "npm run test:unit && npm run test:e2e",
     "test:unit": "vitest run",
     "test:e2e": "vitest run --config vitest.e2e.config.ts",
     "test:smoke": "node scripts/e2e-smoke.mjs",

package/src/http/handlers/device-approve.test.ts

@@ -0,0 +1,244 @@
+import { beforeEach, describe, expect, it, vi } from "vitest";
+import { EventEmitter } from "node:events";
+import { PassThrough } from "node:stream";
+import type { IncomingMessage, ServerResponse } from "node:http";
+import { setMockRuntime } from "../../test-support/mock-runtime.js";
+
+const mockExecImpl = vi.hoisted(() => vi.fn());
+vi.mock("node:child_process", () => ({
+  exec: mockExecImpl,
+}));
+
+import { handleDeviceApprove } from "./device-approve.js";
+
+class MockRes extends EventEmitter {
+  statusCode = 0;
+  headers: Record<string, string> = {};
+  body = "";
+  setHeader(name: string, value: string): void {
+    this.headers[name.toLowerCase()] = value;
+  }
+  end(body?: string): void {
+    if (body) this.body += body;
+  }
+}
+
+function mockReq(method: string, headers: Record<string, string> = {}): PassThrough & { method: string; headers: Record<string, string> } {
+  const stream = new PassThrough() as unknown as PassThrough & { method: string; headers: Record<string, string> };
+  stream.method = method;
+  stream.headers = headers;
+  return stream;
+}
+
+function mockExecSuccess(stdout: string) {
+  const child = new EventEmitter() as EventEmitter & { stdout: EventEmitter; stderr: EventEmitter };
+  child.stdout = new EventEmitter();
+  child.stderr = new EventEmitter();
+  mockExecImpl.mockImplementationOnce((_cmd: string, _opts: unknown, cb: (error: null, stdout: string, stderr: string) => void) => {
+    cb(null, stdout, "");
+    return child;
+  });
+}
+
+function mockExecError(message: string, stderr?: string) {
+  const err = new Error(message) as Error & { stderr: string };
+  err.stderr = stderr ?? "";
+  const child = new EventEmitter() as EventEmitter & { stdout: EventEmitter; stderr: EventEmitter };
+  child.stdout = new EventEmitter();
+  child.stderr = new EventEmitter();
+  mockExecImpl.mockImplementationOnce((_cmd: string, _opts: unknown, cb: (error: Error) => void) => {
+    cb(err);
+    return child;
+  });
+}
+
+function mockExecErrorWithStderr(err: Error & { stderr?: string }) {
+  const child = new EventEmitter() as EventEmitter & { stdout: EventEmitter; stderr: EventEmitter };
+  child.stdout = new EventEmitter();
+  child.stderr = new EventEmitter();
+  mockExecImpl.mockImplementationOnce((_cmd: string, _opts: unknown, cb: (error: Error) => void) => {
+    cb(err);
+    return child;
+  });
+}
+
+const DEVICE_ID = "a80b8c4b305fb02c5772c409c6dfcbacde691b61557f7779511ad1a5be8fdf06";
+const REQUEST_ID = "12f150e8-b1bc-4688-be23-e3a7fa8b9e51";
+
+describe("handleDeviceApprove", () => {
+  beforeEach(() => {
+    setMockRuntime();
+    mockExecImpl.mockReset();
+  });
+
+  it("returns 405 on non-POST", async () => {
+    const req = { method: "GET", headers: {} } as IncomingMessage;
+    const res = new MockRes() as unknown as ServerResponse;
+    await handleDeviceApprove(req, res);
+    expect((res as unknown as MockRes).statusCode).toBe(405);
+  });
+
+  it("returns 401 for missing auth", async () => {
+    const req = mockReq("POST");
+    const res = new MockRes() as unknown as ServerResponse;
+    const p = handleDeviceApprove(req as unknown as IncomingMessage, res);
+    req.end(JSON.stringify({ deviceId: DEVICE_ID }));
+    await p;
+    expect((res as unknown as MockRes).statusCode).toBe(401);
+  });
+
+  it("returns 400 for missing body", async () => {
+    const req = mockReq("POST", { authorization: "Bearer test-token" });
+    const res = new MockRes() as unknown as ServerResponse;
+    const p = handleDeviceApprove(req as unknown as IncomingMessage, res);
+    req.end("");
+    await p;
+    expect((res as unknown as MockRes).statusCode).toBe(400);
+  });
+
+  it("returns 400 for missing deviceId", async () => {
+    const req = mockReq("POST", { authorization: "Bearer test-token" });
+    const res = new MockRes() as unknown as ServerResponse;
+    const p = handleDeviceApprove(req as unknown as IncomingMessage, res);
+    req.end(JSON.stringify({}));
+    await p;
+    expect((res as unknown as MockRes).statusCode).toBe(400);
+    expect(JSON.parse((res as unknown as MockRes).body).error).toContain("deviceId");
+  });
+
+  it("returns 502 when devices list CLI fails", async () => {
+    mockExecError("ENOENT");
+
+    const req = mockReq("POST", { authorization: "Bearer test-token" });
+    const res = new MockRes() as unknown as ServerResponse;
+    const p = handleDeviceApprove(req as unknown as IncomingMessage, res);
+    req.end(JSON.stringify({ deviceId: DEVICE_ID }));
+    await p;
+    expect((res as unknown as MockRes).statusCode).toBe(502);
+    expect(JSON.parse((res as unknown as MockRes).body).error).toContain("Failed to list devices");
+  });
+
+  it("returns 502 when devices list returns invalid JSON", async () => {
+    mockExecSuccess("not valid json {{{");
+
+    const req = mockReq("POST", { authorization: "Bearer test-token" });
+    const res = new MockRes() as unknown as ServerResponse;
+    const p = handleDeviceApprove(req as unknown as IncomingMessage, res);
+    req.end(JSON.stringify({ deviceId: DEVICE_ID }));
+    await p;
+    expect((res as unknown as MockRes).statusCode).toBe(502);
+    expect(JSON.parse((res as unknown as MockRes).body).error).toContain("Unexpected response");
+  });
+
+  it("returns 404 when deviceId not in pending list", async () => {
+    mockExecSuccess(JSON.stringify({
+      pending: [{ requestId: "uuid-1", deviceId: "OTHER_DEVICE" }],
+      paired: [],
+    }));
+
+    const req = mockReq("POST", { authorization: "Bearer test-token" });
+    const res = new MockRes() as unknown as ServerResponse;
+    const p = handleDeviceApprove(req as unknown as IncomingMessage, res);
+    req.end(JSON.stringify({ deviceId: DEVICE_ID }));
+    await p;
+    expect((res as unknown as MockRes).statusCode).toBe(404);
+    const body = JSON.parse((res as unknown as MockRes).body);
+    expect(body.error).toContain("No pending device found");
+    expect(body.deviceId).toBe(DEVICE_ID.toUpperCase());
+  });
+
+  it("returns 404 when pending array is empty", async () => {
+    mockExecSuccess(JSON.stringify({ pending: [], paired: [] }));
+
+    const req = mockReq("POST", { authorization: "Bearer test-token" });
+    const res = new MockRes() as unknown as ServerResponse;
+    const p = handleDeviceApprove(req as unknown as IncomingMessage, res);
+    req.end(JSON.stringify({ deviceId: DEVICE_ID }));
+    await p;
+    expect((res as unknown as MockRes).statusCode).toBe(404);
+  });
+
+  it("returns 502 when approve command fails", async () => {
+    mockExecSuccess(JSON.stringify({
+      pending: [{ requestId: REQUEST_ID, deviceId: DEVICE_ID }],
+      paired: [],
+    }));
+    // second call (approve) fails
+    const approveErr = new Error("Command failed") as Error & { stderr: string };
+    approveErr.stderr = "unknown requestId";
+    mockExecErrorWithStderr(approveErr);
+
+    const req = mockReq("POST", { authorization: "Bearer test-token" });
+    const res = new MockRes() as unknown as ServerResponse;
+    const p = handleDeviceApprove(req as unknown as IncomingMessage, res);
+    req.end(JSON.stringify({ deviceId: DEVICE_ID }));
+    await p;
+    expect((res as unknown as MockRes).statusCode).toBe(502);
+    const body = JSON.parse((res as unknown as MockRes).body);
+    expect(body.error).toContain("Device approval command failed");
+    expect(body.detail).toBe("unknown requestId");
+  });
+
+  it("returns 502 when approve returns non-JSON", async () => {
+    mockExecSuccess(JSON.stringify({
+      pending: [{ requestId: REQUEST_ID, deviceId: DEVICE_ID }],
+      paired: [],
+    }));
+    mockExecSuccess("No pending device pairing requests to approve");
+
+    const req = mockReq("POST", { authorization: "Bearer test-token" });
+    const res = new MockRes() as unknown as ServerResponse;
+    const p = handleDeviceApprove(req as unknown as IncomingMessage, res);
+    req.end(JSON.stringify({ deviceId: DEVICE_ID }));
+    await p;
+    expect((res as unknown as MockRes).statusCode).toBe(502);
+    expect(JSON.parse((res as unknown as MockRes).body).error).toContain("Unexpected response from device approval");
+  });
+
+  it("succeeds with complete flow", async () => {
+    mockExecSuccess(JSON.stringify({
+      pending: [{ requestId: REQUEST_ID, deviceId: DEVICE_ID }],
+      paired: [],
+    }));
+    mockExecSuccess(JSON.stringify({
+      requestId: REQUEST_ID,
+      device: { deviceId: DEVICE_ID, approvedAtMs: 1778571972361 },
+    }));
+
+    const req = mockReq("POST", { authorization: "Bearer test-token" });
+    const res = new MockRes() as unknown as ServerResponse;
+    const p = handleDeviceApprove(req as unknown as IncomingMessage, res);
+    req.end(JSON.stringify({ deviceId: DEVICE_ID }));
+    await p;
+
+    expect((res as unknown as MockRes).statusCode).toBe(200);
+    const body = JSON.parse((res as unknown as MockRes).body);
+    expect(body.ok).toBe(true);
+    expect(body.deviceId).toBe(DEVICE_ID.toUpperCase());
+    expect(body.requestId).toBe(REQUEST_ID);
+    expect(body.approvedAtMs).toBe(1778571972361);
+    expect(mockExecImpl).toHaveBeenCalledTimes(2);
+  });
+
+  it("normalizes deviceId case-insensitively", async () => {
+    mockExecSuccess(JSON.stringify({
+      pending: [{ requestId: REQUEST_ID, deviceId: DEVICE_ID }],
+      paired: [],
+    }));
+    mockExecSuccess(JSON.stringify({
+      requestId: REQUEST_ID,
+      device: { deviceId: DEVICE_ID, approvedAtMs: 1 },
+    }));
+
+    const req = mockReq("POST", { authorization: "Bearer test-token" });
+    const res = new MockRes() as unknown as ServerResponse;
+    const p = handleDeviceApprove(req as unknown as IncomingMessage, res);
+    req.end(JSON.stringify({ deviceId: DEVICE_ID.toLowerCase() }));
+    await p;
+
+    expect((res as unknown as MockRes).statusCode).toBe(200);
+    const body = JSON.parse((res as unknown as MockRes).body);
+    expect(body.ok).toBe(true);
+    expect(body.deviceId).toBe(DEVICE_ID.toUpperCase());
+  });
+});

package/src/http/handlers/device-approve.ts

@@ -0,0 +1,158 @@
+import type { IncomingMessage, ServerResponse } from "node:http";
+import { exec } from "node:child_process";
+import { readJsonBody } from "../middleware/body.js";
+import { extractBearerToken } from "../middleware/auth.js";
+import { createFridayNextLogger } from "../../logging.js";
+
+// macOS LaunchAgent strips Homebrew from PATH; prepend common prefixes so
+// the child process can find openclaw. Windows doesn't need this.
+const EXEC_ENV = process.platform === "win32"
+  ? process.env
+  : { ...process.env, PATH: `/opt/homebrew/bin:/usr/local/bin:/home/linuxbrew/.linuxbrew/bin:${process.env.PATH ?? ""}` };
+
+interface PendingDevice {
+  requestId: string;
+  deviceId: string;
+}
+
+interface DeviceListJson {
+  pending?: PendingDevice[];
+}
+
+interface ApproveJson {
+  requestId: string;
+  device?: { deviceId: string; approvedAtMs?: number };
+}
+
+function execAsync(command: string, timeoutMs: number): Promise<{ stdout: string; stderr: string }> {
+  return new Promise((resolve, reject) => {
+    const child = exec(command, { encoding: "utf-8", timeout: timeoutMs, maxBuffer: 1024 * 1024, env: EXEC_ENV }, (error, stdout, stderr) => {
+      if (error) {
+        reject(error);
+      } else {
+        resolve({ stdout, stderr });
+      }
+    });
+    child.stdout?.on("data", () => { /* drain */ });
+    child.stderr?.on("data", () => { /* drain */ });
+  });
+}
+
+export async function handleDeviceApprove(
+  req: IncomingMessage,
+  res: ServerResponse,
+): Promise<boolean> {
+  const log = createFridayNextLogger("device-approve");
+
+  if (req.method !== "POST") {
+    res.statusCode = 405;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify({ error: "Method Not Allowed" }));
+    return true;
+  }
+
+  const token = extractBearerToken(req);
+  if (!token) {
+    res.statusCode = 401;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify({ error: "Unauthorized: bearer token mismatch" }));
+    return true;
+  }
+
+  const body = await readJsonBody(req);
+  if (!body) {
+    res.statusCode = 400;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify({ error: "Invalid JSON body" }));
+    return true;
+  }
+
+  const rawDeviceId = typeof body.deviceId === "string" ? body.deviceId : "";
+  if (!rawDeviceId.trim()) {
+    res.statusCode = 400;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify({ error: "Missing required field: deviceId" }));
+    return true;
+  }
+
+  const normalizedDeviceId = rawDeviceId.trim().toUpperCase();
+
+  let listStdout: string;
+  try {
+    const result = await execAsync("openclaw devices list --json", 15000);
+    listStdout = result.stdout;
+  } catch (err) {
+    const stderr = (err as { stderr?: string })?.stderr?.trim();
+    log.error(`devices list failed: ${err instanceof Error ? err.message : String(err)}`);
+    res.statusCode = 502;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify({ error: "Failed to list devices from gateway", detail: stderr || undefined }));
+    return true;
+  }
+
+  let listData: DeviceListJson;
+  try {
+    listData = JSON.parse(listStdout) as DeviceListJson;
+  } catch {
+    log.error(`devices list returned invalid JSON: ${listStdout.slice(0, 200)}`);
+    res.statusCode = 502;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify({ error: "Unexpected response from gateway device list" }));
+    return true;
+  }
+
+  const pending = listData.pending ?? [];
+  const match = pending.find(
+    (entry) => entry.deviceId.trim().toUpperCase() === normalizedDeviceId,
+  );
+
+  if (!match) {
+    res.statusCode = 404;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify({
+      error: "No pending device found for this deviceId",
+      deviceId: normalizedDeviceId,
+    }));
+    return true;
+  }
+
+  const requestId = match.requestId;
+  log.info(`approving deviceId=${normalizedDeviceId} requestId=${requestId}`);
+
+  let approveStdout: string;
+  try {
+    const result = await execAsync(`openclaw devices approve ${requestId} --json`, 15000);
+    approveStdout = result.stdout;
+  } catch (err) {
+    const stderr = (err as { stderr?: string })?.stderr?.trim();
+    log.error(`devices approve failed: ${err instanceof Error ? err.message : String(err)}`);
+    res.statusCode = 502;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify({
+      error: "Device approval command failed",
+      detail: stderr || (err instanceof Error ? err.message : "Unknown error"),
+    }));
+    return true;
+  }
+
+  let approveData: ApproveJson;
+  try {
+    approveData = JSON.parse(approveStdout) as ApproveJson;
+  } catch {
+    log.error(`devices approve returned non-JSON: ${approveStdout.slice(0, 200)}`);
+    res.statusCode = 502;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify({ error: "Unexpected response from device approval" }));
+    return true;
+  }
+
+  res.statusCode = 200;
+  res.setHeader("Content-Type", "application/json");
+  res.end(JSON.stringify({
+    ok: true,
+    deviceId: normalizedDeviceId,
+    requestId: approveData.requestId,
+    approvedAtMs: approveData.device?.approvedAtMs,
+  }));
+  return true;
+}

package/src/http/server.ts

@@ -11,6 +11,7 @@ import { handleSseStream } from "./handlers/sse.js";
 import { handleFilesUpload } from "./handlers/files-upload.js";
 import { handleFilesDownload } from "./handlers/files-download.js";
 import { handleCancel } from "./handlers/cancel.js";
+import { handleDeviceApprove } from "./handlers/device-approve.js";
 import { handleSessionsDelete } from "./handlers/sessions-delete.js";
 import { handleSessionsSettings } from "./handlers/sessions-settings.js";
 import { handleModelsList } from "./handlers/models-list.js";
@@ -59,6 +60,10 @@ async function handleFridayNextRoute(
     return await handleCancel(req, res);
   }
 
+  if (req.method === "POST" && pathname === "/friday-next/device-approve") {
+    return await handleDeviceApprove(req, res);
+  }
+
   if (req.method === "DELETE" && pathname === "/friday-next/sessions") {
     return await handleSessionsDelete(req, res);
   }