@syengup/friday-channel-next 0.0.35 → 0.0.37

package/dist/src/http/handlers/files-download.js

@@ -0,0 +1,210 @@
+/**
+ * File download handler for GET /friday-next/files/:id
+ *
+ * Sources checked (in order):
+ * 1. In-memory file index (POST /friday-next/files and resolved attachments this session)
+ * 2. Plugin-root `attachments/` on disk (same basename as URL token; survives restarts)
+ * 3. OpenClaw media buffer (~/.openclaw/media/inbound/<id>)
+ */
+import { createFridayNextLogger } from "../../logging.js";
+import { extractBearerToken } from "../middleware/auth.js";
+import { getExternalFileSourceByUrlToken, getFile, guessMimeType, readAttachmentFileFromDisk, readFile, } from "./files.js";
+import path from "node:path";
+import fs from "node:fs";
+import os from "node:os";
+const logger = createFridayNextLogger("files-download");
+const MIME_FROM_EXT = {
+    png: "image/png",
+    jpg: "image/jpeg",
+    jpeg: "image/jpeg",
+    gif: "image/gif",
+    webp: "image/webp",
+    heic: "image/heic",
+    pdf: "application/pdf",
+    mp4: "video/mp4",
+    mov: "video/quicktime",
+    mp3: "audio/mpeg",
+    wav: "audio/wav",
+    ogg: "audio/ogg",
+    opus: "audio/opus",
+    m4a: "audio/mp4",
+    aac: "audio/aac",
+    flac: "audio/flac",
+};
+function sendError(res, status, message) {
+    if (res.headersSent)
+        return;
+    res.statusCode = status;
+    res.setHeader("Content-Type", "application/json; charset=utf-8");
+    res.end(JSON.stringify({ error: message }));
+}
+/** Avoid decodeURIComponent throwing on malformed % sequences (would surface as 500). */
+function tryDecodeURIComponent(segment) {
+    try {
+        return decodeURIComponent(segment);
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Safe Content-Disposition: strip CR/LF/quotes from basename; add RFC 5987 filename* for Unicode.
+ */
+function contentDispositionInline(filename) {
+    const base = path.basename(filename).replace(/[\r\n"]/g, "_").replace(/\\/g, "_") || "file";
+    const ascii = /^[\x20-\x7E]*$/.test(base) ? base : "file";
+    return `inline; filename="${ascii}"; filename*=UTF-8''${encodeURIComponent(base)}`;
+}
+/**
+ * Full-body or single-range 206 response. iOS/Safari often sends Range for JPEG; proxies may error if mishandled.
+ */
+function sendBuffer(req, res, buffer, mimeType, filename) {
+    const total = buffer.length;
+    const disposition = contentDispositionInline(filename);
+    const rangeRaw = req.headers.range;
+    const range = typeof rangeRaw === "string" && /^bytes=/i.test(rangeRaw.trim())
+        ? rangeRaw.trim()
+        : undefined;
+    res.setHeader("Accept-Ranges", "bytes");
+    res.setHeader("Cache-Control", "private, max-age=3600");
+    res.setHeader("Content-Type", mimeType);
+    res.setHeader("Content-Disposition", disposition);
+    if (!range || total === 0) {
+        res.statusCode = 200;
+        res.setHeader("Content-Length", String(total));
+        res.end(buffer);
+        return;
+    }
+    const m = /^bytes=(\d*)-(\d*)$/i.exec(range);
+    if (!m) {
+        res.statusCode = 200;
+        res.setHeader("Content-Length", String(total));
+        res.end(buffer);
+        return;
+    }
+    let start = 0;
+    let end = total - 1;
+    if (m[1] === "" && m[2] !== "") {
+        const suffixLen = parseInt(m[2], 10);
+        if (!Number.isFinite(suffixLen) || suffixLen <= 0) {
+            res.statusCode = 200;
+            res.setHeader("Content-Length", String(total));
+            res.end(buffer);
+            return;
+        }
+        start = Math.max(0, total - suffixLen);
+        end = total - 1;
+    }
+    else if (m[1] !== "" && m[2] === "") {
+        start = parseInt(m[1], 10);
+        end = total - 1;
+    }
+    else if (m[1] !== "" && m[2] !== "") {
+        start = parseInt(m[1], 10);
+        end = parseInt(m[2], 10);
+    }
+    if (!Number.isFinite(start) || !Number.isFinite(end) || start > end || start >= total) {
+        res.statusCode = 416;
+        res.setHeader("Content-Range", `bytes */${total}`);
+        res.end();
+        return;
+    }
+    if (end >= total)
+        end = total - 1;
+    const chunk = buffer.subarray(start, end + 1);
+    res.statusCode = 206;
+    res.setHeader("Content-Length", String(chunk.length));
+    res.setHeader("Content-Range", `bytes ${start}-${end}/${total}`);
+    res.end(chunk);
+}
+export async function handleFilesDownload(req, res) {
+    try {
+        if (req.method !== "GET") {
+            sendError(res, 405, "Method Not Allowed");
+            return true;
+        }
+        if (!extractBearerToken(req)) {
+            sendError(res, 401, "Unauthorized");
+            return true;
+        }
+        let url;
+        try {
+            url = new URL(req.url ?? "/", "http://localhost");
+        }
+        catch {
+            sendError(res, 400, "Bad request URL");
+            return true;
+        }
+        const segments = url.pathname.split("/").filter(Boolean);
+        const rawSeg = segments[segments.length - 1] ?? "";
+        const fileToken = tryDecodeURIComponent(rawSeg);
+        if (fileToken === null) {
+            sendError(res, 400, "Invalid file path encoding");
+            return true;
+        }
+        if (!fileToken || fileToken === "files") {
+            sendError(res, 400, "Missing file ID");
+            return true;
+        }
+        // 1. Try Friday's own in-memory file index
+        const file = getFile(fileToken);
+        if (file) {
+            const { buffer, mimeType } = readFile(fileToken);
+            if (buffer) {
+                sendBuffer(req, res, buffer, mimeType, file.filename);
+                return true;
+            }
+        }
+        // 1.2 Plugin-root attachments/ (survives gateway restarts; basename = URL token)
+        const fromAttachments = readAttachmentFileFromDisk(fileToken);
+        if (fromAttachments) {
+            sendBuffer(req, res, fromAttachments.buffer, fromAttachments.mimeType, fromAttachments.filename);
+            return true;
+        }
+        // 1.4 Best-effort external source by token (when copy-to-attachments failed earlier)
+        const externalSource = getExternalFileSourceByUrlToken(fileToken);
+        if (externalSource && fs.existsSync(externalSource)) {
+            try {
+                const buffer = fs.readFileSync(externalSource);
+                const filename = path.basename(externalSource);
+                sendBuffer(req, res, buffer, guessMimeType(filename), filename);
+                return true;
+            }
+            catch {
+                // continue fallback chain
+            }
+        }
+        // 2. Try OpenClaw media buffer (~/.openclaw/media/inbound/<id>)
+        // fileId may include an extension (e.g. "uuid.png") — strip it to get the base id
+        const baseId = fileToken.replace(/\.[^.]+$/, "");
+        const mediaDir = path.join(os.homedir(), ".openclaw", "media", "inbound");
+        const candidates = [
+            path.join(mediaDir, baseId),
+            path.join(mediaDir, fileToken),
+        ];
+        for (const filePath of candidates) {
+            if (fs.existsSync(filePath)) {
+                try {
+                    const st = fs.statSync(filePath);
+                    if (!st.isFile())
+                        continue;
+                    const buffer = fs.readFileSync(filePath);
+                    const ext = path.extname(fileToken).toLowerCase().replace(/^\./, "");
+                    const mimeType = MIME_FROM_EXT[ext] ?? "application/octet-stream";
+                    sendBuffer(req, res, buffer, mimeType, fileToken);
+                    return true;
+                }
+                catch {
+                    // fall through to 404
+                }
+            }
+        }
+        sendError(res, 404, "File not found");
+        return true;
+    }
+    catch (err) {
+        logger.error(`GET download failed: ${String(err)}`);
+        sendError(res, 500, "Internal Server Error");
+        return true;
+    }
+}

package/dist/src/http/handlers/files-upload.d.ts

@@ -0,0 +1,8 @@
+/**
+ * File upload handler for POST /friday-next/files
+ *
+ * Handles multipart file uploads from the iOS app.
+ * Stores files and returns file IDs that can be referenced in messages.
+ */
+import type { IncomingMessage, ServerResponse } from "node:http";
+export declare function handleFilesUpload(req: IncomingMessage, res: ServerResponse): Promise<boolean>;

package/dist/src/http/handlers/files-upload.js

@@ -0,0 +1,136 @@
+/**
+ * File upload handler for POST /friday-next/files
+ *
+ * Handles multipart file uploads from the iOS app.
+ * Stores files and returns file IDs that can be referenced in messages.
+ */
+import { extractBearerToken } from "../middleware/auth.js";
+import { storeFile, guessMimeType } from "./files.js";
+async function parseMultipartBody(req, boundaryContentType) {
+    const boundaryMatch = boundaryContentType.match(/boundary=(?:"([^"]+)"|([^;]+))/i);
+    if (!boundaryMatch)
+        return null;
+    const boundary = boundaryMatch[1] ?? boundaryMatch[2];
+    if (!boundary)
+        return null;
+    const chunks = [];
+    await new Promise((resolve, reject) => {
+        req.on("data", (c) => chunks.push(c));
+        req.on("end", resolve);
+        req.on("error", reject);
+    });
+    const body = Buffer.concat(chunks);
+    const parts = { fields: {}, files: [] };
+    const boundaryBuffer = Buffer.from(`--${boundary}`);
+    let start = 0;
+    while (start < body.length) {
+        const idx = bufferIndexOf(body, boundaryBuffer, start);
+        if (idx === -1)
+            break;
+        const nextStart = idx + boundaryBuffer.length;
+        if (body[nextStart] === 0x2d && body[nextStart + 1] === 0x2d) {
+            // "--" after boundary = end
+            break;
+        }
+        if (body[nextStart] !== 0x0d || body[nextStart + 1] !== 0x0a) {
+            start = nextStart;
+            continue;
+        }
+        const headerEnd = bufferIndexOf(body, Buffer.from("\r\n\r\n"), nextStart + 2);
+        if (headerEnd === -1) {
+            start = nextStart;
+            continue;
+        }
+        const headers = body.subarray(idx + boundaryBuffer.length + 2, headerEnd).toString("utf-8");
+        const contentDisposition = extractHeaderValue(headers, "Content-Disposition");
+        const contentTypeHeader = extractHeaderValue(headers, "Content-Type");
+        const filenameMatch = contentDisposition?.match(/filename="([^"]+)"/);
+        const nameMatch = contentDisposition?.match(/name="([^"]+)"/);
+        const filename = filenameMatch?.[1] ?? nameMatch?.[1] ?? "file";
+        const isFile = Boolean(filenameMatch);
+        const dataStart = headerEnd + 4;
+        // Search for the closing boundary marker (\r\n--boundary) rather than just
+        // \r\n, since binary file data may contain CRLF bytes.
+        const closingBoundary = Buffer.from(`\r\n--${boundary}`);
+        const endIdx = bufferIndexOf(body, closingBoundary, dataStart);
+        const end = endIdx === -1 ? body.length - 2 : endIdx;
+        if (isFile) {
+            const buffer = body.subarray(dataStart, end);
+            const mimeType = contentTypeHeader ?? guessMimeType(filename);
+            parts.files.push({ filename, buffer, contentType: mimeType });
+        }
+        else if (nameMatch) {
+            const value = body.subarray(dataStart, end).toString("utf-8").trim();
+            parts.fields[nameMatch[1]] = value;
+        }
+        start = end + 2;
+    }
+    return parts;
+}
+function extractHeaderValue(headers, name) {
+    const lines = headers.split(/\r\n/);
+    for (const line of lines) {
+        const [key, ...valueParts] = line.split(":");
+        if (key.trim().toLowerCase() === name.toLowerCase()) {
+            return valueParts.join(":").trim();
+        }
+    }
+    return undefined;
+}
+function bufferIndexOf(haystack, needle, start = 0) {
+    for (let i = start; i <= haystack.length - needle.length; i++) {
+        let match = true;
+        for (let j = 0; j < needle.length; j++) {
+            if (haystack[i + j] !== needle[j]) {
+                match = false;
+                break;
+            }
+        }
+        if (match)
+            return i;
+    }
+    return -1;
+}
+export async function handleFilesUpload(req, res) {
+    if (req.method !== "POST") {
+        res.statusCode = 405;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: "Method Not Allowed" }));
+        return true;
+    }
+    const token = extractBearerToken(req);
+    if (!token) {
+        res.statusCode = 401;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: "Unauthorized: bearer token mismatch" }));
+        return true;
+    }
+    const contentType = req.headers["content-type"] ?? "";
+    const parsed = await parseMultipartBody(req, contentType);
+    if (!parsed) {
+        res.statusCode = 400;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: "Invalid multipart form data" }));
+        return true;
+    }
+    if (parsed.files.length === 0) {
+        res.statusCode = 400;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: "No files provided" }));
+        return true;
+    }
+    const files = parsed.files.map((file) => {
+        const stored = storeFile(file.buffer, file.filename, file.contentType);
+        return {
+            id: stored.id,
+            filename: stored.filename,
+            mimeType: stored.mimeType,
+            size: stored.size,
+            url: `/friday-next/files/${encodeURIComponent(stored.urlToken)}`,
+        };
+    });
+    res.statusCode = 200;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify({ files }));
+    return true;
+}

package/dist/src/http/handlers/files.d.ts

@@ -0,0 +1,75 @@
+/**
+ * File manager for Friday Next channel attachments.
+ *
+ * Files are copied under the plugin root `attachments/` and served at
+ * GET /friday-next/files/{token} so the app can use stable gateway URLs after restarts.
+ */
+/** Plugin-root `attachments/` directory; created on first use. */
+export declare function getAttachmentsDir(): string;
+export interface StoredFile {
+    id: string;
+    /** Path segment for /friday-next/files/{urlToken} (on-disk basename under attachments/). */
+    urlToken: string;
+    filename: string;
+    mimeType: string;
+    size: number;
+    path: string;
+    createdAt: number;
+}
+/**
+ * Read a file from `attachments/` by URL path token (disk basename).
+ * Used when the in-memory index was cleared after a gateway restart.
+ */
+export declare function readAttachmentFileFromDisk(fileToken: string): {
+    buffer: Buffer;
+    mimeType: string;
+    filename: string;
+} | null;
+/**
+ * Copy a local file into `attachments/` and register it (no full-buffer read for the copy path).
+ */
+/** Expand ~, file://, etc. for paths coming from the agent / message tool. */
+export declare function normalizeAgentMediaPath(raw: string): string;
+/**
+ * Store a file buffer and return its ID and metadata.
+ */
+export declare function storeFile(buffer: Buffer, filename: string, mimeType: string): StoredFile;
+/**
+ * Retrieve file metadata by ID or url token.
+ */
+export declare function getFile(id: string): StoredFile | undefined;
+/**
+ * Path segment for lookup: raw uuid / urlToken, or token extracted from `/friday-next/files/...`.
+ */
+export declare function fridayAttachmentLookupKey(ref: string): string;
+/**
+ * Canonical gateway URL `/friday-next/files/{urlToken}` with extension when stored (for history, MediaUrls).
+ */
+export declare function fridayFilesPublicUrl(ref: string): string;
+export declare function getExternalFileSourceByUrlToken(token: string): string | undefined;
+/**
+ * Read a file as a Buffer with its MIME type (by id or urlToken).
+ */
+export declare function readFile(id: string): {
+    buffer: Buffer | null;
+    mimeType: string;
+};
+/**
+ * Copy a file from a local filesystem path into the Friday Next channel file store
+ * and return its /friday-next/files/{token} URL. If the path is already a Friday Next channel
+ * file URL (i.e. starts with "/friday-next/files/"), return it as-is.
+ */
+export declare function resolveMediaUrl(localPath: string): string;
+export interface ResolvedAttachment {
+    fileName: string;
+    url: string;
+}
+/**
+ * Resolve a local path into a Friday-served attachment descriptor.
+ * Returns null when source file is missing or cannot be copied.
+ */
+export declare function resolveMediaAttachment(localPath: string): ResolvedAttachment | null;
+/**
+ * Guess MIME type from filename extension.
+ */
+export declare function guessMimeType(filename: string): string;