@tencent-connect/openclaw-qqbot 1.7.1 → 1.7.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. package/README.md +188 -3
  2. package/README.zh.md +190 -3
  3. package/dist/index.d.ts +1 -0
  4. package/dist/index.js +1 -0
  5. package/dist/src/api.d.ts +2 -0
  6. package/dist/src/api.js +16 -3
  7. package/dist/src/config.d.ts +5 -1
  8. package/dist/src/config.js +12 -2
  9. package/dist/src/gateway.js +131 -169
  10. package/dist/src/slash-commands.js +119 -3
  11. package/dist/src/tools/channel.js +1 -4
  12. package/dist/src/tools/remind.js +0 -1
  13. package/dist/src/transport/index.d.ts +10 -0
  14. package/dist/src/transport/index.js +9 -0
  15. package/dist/src/transport/webhook-transport.d.ts +67 -0
  16. package/dist/src/transport/webhook-transport.js +245 -0
  17. package/dist/src/transport/webhook-verify.d.ts +48 -0
  18. package/dist/src/transport/webhook-verify.js +98 -0
  19. package/dist/src/types.d.ts +19 -0
  20. package/dist/src/utils/audio-convert.js +37 -9
  21. package/index.ts +1 -0
  22. package/package.json +1 -1
  23. package/scripts/postinstall-link-sdk.js +44 -0
  24. package/scripts/upgrade-via-npm.sh +358 -62
  25. package/scripts/upgrade-via-source.sh +122 -85
  26. package/src/api.ts +18 -4
  27. package/src/config.ts +15 -2
  28. package/src/gateway.ts +135 -167
  29. package/src/onboarding.ts +8 -0
  30. package/src/slash-commands.ts +137 -3
  31. package/src/tools/channel.ts +1 -7
  32. package/src/tools/remind.ts +0 -2
  33. package/src/transport/index.ts +11 -0
  34. package/src/transport/webhook-transport.ts +332 -0
  35. package/src/transport/webhook-verify.ts +119 -0
  36. package/src/types.ts +22 -1
  37. package/src/typings/openclaw-webhook-ingress.d.ts +66 -0
  38. package/src/utils/audio-convert.ts +37 -9
@@ -0,0 +1,332 @@
1
+ /**
2
+ * Webhook Transport — receive QQ Bot events via HTTP POST callbacks.
3
+ *
4
+ * Uses OpenClaw plugin-sdk's `registerWebhookTargetWithPluginRoute` (模式 C)
5
+ * to register webhook HTTP routes through the framework's gateway HTTP server,
6
+ * sharing the same port and benefiting from built-in rate limiting & in-flight guards.
7
+ *
8
+ * Architecture:
9
+ * 1. On gateway startAccount, register a webhook target via plugin-sdk
10
+ * 2. Framework routes POST requests to our handler
11
+ * 3. Handler verifies Ed25519 signatures and dispatches events
12
+ * 4. Returns op:12 ACK immediately, processes events asynchronously
13
+ * 5. On account stop (abortSignal), unregister the target
14
+ *
15
+ * Configuration (openclaw.yaml):
16
+ * ```yaml
17
+ * channels:
18
+ * qqbot:
19
+ * appId: "xxx"
20
+ * clientSecret: "xxx"
21
+ * transport: webhook
22
+ * webhook:
23
+ * path: /qqbot/webhook
24
+ * ```
25
+ */
26
+
27
+ import type { IncomingMessage, ServerResponse } from "node:http";
28
+ import {
29
+ registerWebhookTargetWithPluginRoute,
30
+ withResolvedWebhookRequestPipeline,
31
+ resolveWebhookTargetWithAuthOrRejectSync,
32
+ createWebhookInFlightLimiter,
33
+ createFixedWindowRateLimiter,
34
+ readWebhookBodyOrReject,
35
+ type WebhookInFlightLimiter,
36
+ type FixedWindowRateLimiter,
37
+ } from "openclaw/plugin-sdk/webhook-ingress";
38
+
39
+ import type { ResolvedQQBotAccount } from "../types.js";
40
+ import { verifyWebhookSignature, signValidationResponse } from "./webhook-verify.js";
41
+
42
+ // ============ Constants ============
43
+
44
+ const OP_DISPATCH = 0;
45
+ const OP_HTTP_CALLBACK_ACK = 12;
46
+ const OP_VALIDATION = 13;
47
+
48
+ const PLUGIN_ID = "openclaw-qqbot";
49
+ const DEFAULT_WEBHOOK_PATH = "/qqbot/webhook";
50
+
51
+ // ============ Types ============
52
+
53
+ /** Webhook target registered per account */
54
+ export interface QQBotWebhookTarget {
55
+ path: string;
56
+ accountId: string;
57
+ appId: string;
58
+ clientSecret: string;
59
+ }
60
+
61
+ /** Webhook event dispatched to the consumer */
62
+ export interface WebhookInboundEvent {
63
+ eventType: string;
64
+ data: unknown;
65
+ seq?: number;
66
+ }
67
+
68
+ /** Options for starting webhook transport */
69
+ export interface WebhookTransportOptions {
70
+ account: ResolvedQQBotAccount;
71
+ abortSignal: AbortSignal;
72
+ onEvent: (event: WebhookInboundEvent) => void | Promise<void>;
73
+ onReady?: () => void;
74
+ onError?: (error: Error) => void;
75
+ log?: {
76
+ info: (msg: string) => void;
77
+ warn?: (msg: string) => void;
78
+ error: (msg: string) => void;
79
+ debug?: (msg: string) => void;
80
+ };
81
+ }
82
+
83
+ // ============ Module state ============
84
+
85
+ /** Per-path target registry (shared across all accounts) */
86
+ const webhookTargets = new Map<string, QQBotWebhookTarget[]>();
87
+
88
+ /** Per-account event handler map */
89
+ const eventHandlers = new Map<string, (event: WebhookInboundEvent) => void | Promise<void>>();
90
+
91
+ /** Module-level logger (set by the last startWebhookTransport call) */
92
+ let log: WebhookTransportOptions["log"] | undefined;
93
+
94
+ /** Shared rate limiter (fixed window, per source IP) */
95
+ let rateLimiter: FixedWindowRateLimiter | null = null;
96
+
97
+ /** Shared in-flight limiter */
98
+ let inFlightLimiter: WebhookInFlightLimiter | null = null;
99
+
100
+ function ensureGuards(): { rateLimiter: FixedWindowRateLimiter; inFlightLimiter: WebhookInFlightLimiter } {
101
+ if (!rateLimiter) {
102
+ rateLimiter = createFixedWindowRateLimiter({
103
+ windowMs: 60_000,
104
+ maxRequests: 600,
105
+ maxTrackedKeys: 4096,
106
+ });
107
+ }
108
+ if (!inFlightLimiter) {
109
+ inFlightLimiter = createWebhookInFlightLimiter({
110
+ maxInFlightPerKey: 8,
111
+ maxTrackedKeys: 4096,
112
+ });
113
+ }
114
+ return { rateLimiter, inFlightLimiter };
115
+ }
116
+
117
+ // ============ Main handler ============
118
+
119
+ /**
120
+ * Shared HTTP handler for all QQBot webhook routes.
121
+ * Registered once per unique path, dispatches to the correct account target.
122
+ */
123
+ async function handleQQBotWebhookRequest(req: IncomingMessage, res: ServerResponse): Promise<boolean | void> {
124
+ const guards = ensureGuards();
125
+
126
+ const handled = await withResolvedWebhookRequestPipeline({
127
+ req,
128
+ res,
129
+ targetsByPath: webhookTargets,
130
+ rateLimiter: guards.rateLimiter,
131
+ inFlightLimiter: guards.inFlightLimiter,
132
+ requireJsonContentType: true,
133
+ handle: async ({ targets }) => {
134
+ // Read raw body (up to 1MB, 30s timeout)
135
+ const bodyResult = await readWebhookBodyOrReject({
136
+ req,
137
+ res,
138
+ maxBytes: 1024 * 1024,
139
+ timeoutMs: 30_000,
140
+ });
141
+ if (!bodyResult.ok) return;
142
+
143
+ const rawBodyStr = bodyResult.value;
144
+ const rawBody = Buffer.from(rawBodyStr, "utf-8");
145
+ let payload: { op: number; d?: unknown; t?: string; s?: number };
146
+ try {
147
+ payload = JSON.parse(rawBodyStr);
148
+ } catch (err) {
149
+ log?.error(`[qqbot:webhook] Failed to parse request body as JSON: ${err instanceof Error ? err.message : String(err)}, body preview: ${rawBodyStr.slice(0, 200)}`);
150
+ res.statusCode = 400;
151
+ res.end(JSON.stringify({ error: "invalid json" }));
152
+ return;
153
+ }
154
+
155
+ // ── op:13 — Callback URL validation (before signature check) ──
156
+ if (payload.op === OP_VALIDATION) {
157
+ handleValidation(payload, targets, res);
158
+ return;
159
+ }
160
+
161
+ // ── Signature verification → resolve target ──
162
+ const timestamp = getHeader(req, "x-signature-timestamp") ?? "";
163
+ const signature = getHeader(req, "x-signature-ed25519") ?? "";
164
+
165
+ if (!timestamp || !signature) {
166
+ log?.warn?.(`[qqbot:webhook] Missing signature headers — timestamp: "${timestamp}", signature: "${signature}", url: ${req.url}`);
167
+ res.statusCode = 401;
168
+ res.end(JSON.stringify({ error: "missing signature headers" }));
169
+ return;
170
+ }
171
+
172
+ const matchedTarget = resolveWebhookTargetWithAuthOrRejectSync({
173
+ targets,
174
+ res,
175
+ isMatch: (target) =>
176
+ verifyWebhookSignature({
177
+ body: rawBody,
178
+ timestamp,
179
+ signature,
180
+ botSecret: target.clientSecret,
181
+ }),
182
+ unauthorizedStatusCode: 401,
183
+ unauthorizedMessage: JSON.stringify({ error: "invalid signature" }),
184
+ });
185
+
186
+ if (!matchedTarget) {
187
+ log?.warn?.(`[qqbot:webhook] Signature verification failed for path: ${req.url}, timestamp: ${timestamp}`);
188
+ return; // response already sent by resolver
189
+ }
190
+
191
+ // ── ACK immediately ──
192
+ res.statusCode = 200;
193
+ res.setHeader("Content-Type", "application/json");
194
+ res.end(JSON.stringify({ op: OP_HTTP_CALLBACK_ACK, d: 0 }));
195
+
196
+ // ── Async dispatch (fire-and-forget) ──
197
+ if (payload.op === OP_DISPATCH) {
198
+ const handler = eventHandlers.get(matchedTarget.accountId);
199
+ if (handler) {
200
+ Promise.resolve(
201
+ handler({
202
+ eventType: payload.t ?? "",
203
+ data: payload.d,
204
+ seq: payload.s,
205
+ }),
206
+ ).catch((err) => {
207
+ log?.error(`[qqbot:${matchedTarget.accountId}] Event handler error for "${payload.t}": ${err instanceof Error ? err.message : String(err)}`);
208
+ });
209
+ } else {
210
+ log?.warn?.(`[qqbot:webhook] No event handler registered for account: ${matchedTarget.accountId}, event: ${payload.t}`);
211
+ }
212
+ }
213
+ },
214
+ });
215
+
216
+ return handled;
217
+ }
218
+
219
+ // ============ Validation handler (op:13) ============
220
+
221
+ function handleValidation(
222
+ payload: { d?: unknown },
223
+ targets: QQBotWebhookTarget[],
224
+ res: ServerResponse,
225
+ ): void {
226
+ const d = payload.d as { plain_token?: string; event_ts?: string } | undefined;
227
+
228
+ if (!d?.plain_token || !d?.event_ts) {
229
+ log?.warn?.(`[qqbot:webhook] Invalid validation payload (op:13): missing plain_token or event_ts, got: ${JSON.stringify(d)}`);
230
+ res.statusCode = 400;
231
+ res.end(JSON.stringify({ error: "invalid validation payload" }));
232
+ return;
233
+ }
234
+
235
+ // Use the first target's secret for validation
236
+ // (op:13 is sent during URL registration, only one bot should be using the path at that time)
237
+ const target = targets[0];
238
+ if (!target) {
239
+ log?.error(`[qqbot:webhook] No target registered for validation (op:13), cannot sign response`);
240
+ res.statusCode = 500;
241
+ res.end(JSON.stringify({ error: "no target registered" }));
242
+ return;
243
+ }
244
+
245
+ const response = signValidationResponse({
246
+ plainToken: d.plain_token,
247
+ eventTs: d.event_ts,
248
+ botSecret: target.clientSecret,
249
+ });
250
+
251
+ res.statusCode = 200;
252
+ res.setHeader("Content-Type", "application/json");
253
+ res.end(JSON.stringify(response));
254
+ }
255
+
256
+ // ============ Public API ============
257
+
258
+ /**
259
+ * Start the webhook transport for a given account.
260
+ *
261
+ * Registers a webhook target on the framework's plugin HTTP route system.
262
+ * The handler verifies Ed25519 signatures, ACKs immediately, and dispatches
263
+ * events asynchronously via the provided `onEvent` callback.
264
+ *
265
+ * Returns when the abortSignal is triggered (account stopped).
266
+ */
267
+ export async function startWebhookTransport(opts: WebhookTransportOptions): Promise<void> {
268
+ const { account, abortSignal, onEvent, onReady, onError, log: optLog } = opts;
269
+ log = optLog;
270
+ const webhookPath = account.config.webhook?.path ?? DEFAULT_WEBHOOK_PATH;
271
+
272
+ log?.info(`[qqbot:${account.accountId}] Starting webhook transport on path: ${webhookPath}`);
273
+
274
+ // Register event handler for this account
275
+ eventHandlers.set(account.accountId, onEvent);
276
+
277
+ // Register webhook target + plugin HTTP route
278
+ const { unregister } = registerWebhookTargetWithPluginRoute({
279
+ targetsByPath: webhookTargets,
280
+ target: {
281
+ path: webhookPath,
282
+ accountId: account.accountId,
283
+ appId: account.appId,
284
+ clientSecret: account.clientSecret,
285
+ },
286
+ route: {
287
+ auth: "plugin",
288
+ match: "exact" as const,
289
+ pluginId: PLUGIN_ID,
290
+ source: "qqbot-webhook",
291
+ accountId: account.accountId,
292
+ replaceExisting: true,
293
+ log: (msg: string) => log?.info(msg),
294
+ handler: handleQQBotWebhookRequest,
295
+ },
296
+ onLastPathTargetRemoved: () => {
297
+ log?.info(`[qqbot] Last webhook target removed from path: ${webhookPath}`);
298
+ },
299
+ });
300
+
301
+ log?.info(`[qqbot:${account.accountId}] Webhook transport registered on path: ${webhookPath}`);
302
+ onReady?.();
303
+
304
+ // Wait until abort signal fires
305
+ await new Promise<void>((resolve) => {
306
+ if (abortSignal.aborted) {
307
+ resolve();
308
+ return;
309
+ }
310
+ abortSignal.addEventListener("abort", () => resolve(), { once: true });
311
+ });
312
+
313
+ // Cleanup
314
+ unregister();
315
+ eventHandlers.delete(account.accountId);
316
+ log?.info(`[qqbot:${account.accountId}] Webhook transport stopped`);
317
+ }
318
+
319
+ /**
320
+ * Resolve the webhook path for a given account (for external configuration / setWebhook calls).
321
+ */
322
+ export function resolveWebhookPath(account: ResolvedQQBotAccount): string {
323
+ return account.config.webhook?.path ?? DEFAULT_WEBHOOK_PATH;
324
+ }
325
+
326
+ // ============ Helpers ============
327
+
328
+ function getHeader(req: IncomingMessage, key: string): string | undefined {
329
+ const val = req.headers[key];
330
+ if (Array.isArray(val)) return val[0];
331
+ return val;
332
+ }
@@ -0,0 +1,119 @@
1
+ /**
2
+ * Webhook signature verification — Ed25519.
3
+ *
4
+ * QQ Open Platform uses Ed25519 for webhook callback verification:
5
+ * 1. Bot secret is padded/truncated to 32 bytes as the Ed25519 seed.
6
+ * 2. The public key verifies `timestamp + body` against `X-Signature-Ed25519`.
7
+ * 3. For callback URL validation (op:13), signs `event_ts + plain_token`.
8
+ *
9
+ * Reference: https://bot.q.qq.com/wiki/develop/api-v2/dev-prepare/interface-framework/event-emit.html
10
+ */
11
+
12
+ import * as crypto from "node:crypto";
13
+
14
+ // ============ Seed derivation ============
15
+
16
+ /**
17
+ * Derive an Ed25519 seed (32 bytes) from the bot secret.
18
+ * QQ's spec: repeat the secret until >= 32 chars, then truncate to 32.
19
+ */
20
+ function deriveSeed(botSecret: string): Buffer {
21
+ let seed = botSecret;
22
+ while (seed.length < 32) {
23
+ seed = seed + seed;
24
+ }
25
+ return Buffer.from(seed.slice(0, 32), "utf-8");
26
+ }
27
+
28
+ /**
29
+ * Generate Ed25519 key pair from bot secret.
30
+ */
31
+ function getKeyPair(botSecret: string): { privateKey: crypto.KeyObject; publicKey: crypto.KeyObject } {
32
+ const seed = deriveSeed(botSecret);
33
+ // Node.js Ed25519: create private key from raw 32-byte seed
34
+ const privateKey = crypto.createPrivateKey({
35
+ key: Buffer.concat([
36
+ // Ed25519 PKCS8 DER prefix for 32-byte seed
37
+ Buffer.from("302e020100300506032b657004220420", "hex"),
38
+ seed,
39
+ ]),
40
+ format: "der",
41
+ type: "pkcs8",
42
+ });
43
+ const publicKey = crypto.createPublicKey(privateKey);
44
+ return { privateKey, publicKey };
45
+ }
46
+
47
+ // ============ Signature generation ============
48
+
49
+ /**
50
+ * Sign a message using the bot's Ed25519 private key.
51
+ * Returns hex-encoded signature.
52
+ */
53
+ export function ed25519Sign(botSecret: string, message: Buffer): string {
54
+ const { privateKey } = getKeyPair(botSecret);
55
+ const signature = crypto.sign(null, message, privateKey);
56
+ return signature.toString("hex");
57
+ }
58
+
59
+ // ============ Signature verification ============
60
+
61
+ /**
62
+ * Verify an Ed25519 signature from a QQ webhook callback request.
63
+ *
64
+ * @param params.body - Raw request body (Buffer)
65
+ * @param params.timestamp - Value of `X-Signature-Timestamp` header
66
+ * @param params.signature - Value of `X-Signature-Ed25519` header (hex string)
67
+ * @param params.botSecret - The bot's AppSecret
68
+ * @returns `true` if signature is valid
69
+ */
70
+ export function verifyWebhookSignature(params: {
71
+ body: Buffer;
72
+ timestamp: string;
73
+ signature: string;
74
+ botSecret: string;
75
+ }): boolean {
76
+ const { body, timestamp, signature, botSecret } = params;
77
+
78
+ try {
79
+ const { publicKey } = getKeyPair(botSecret);
80
+ const message = Buffer.concat([
81
+ Buffer.from(timestamp, "utf-8"),
82
+ body,
83
+ ]);
84
+ const sigBuffer = Buffer.from(signature, "hex");
85
+ return crypto.verify(null, message, publicKey, sigBuffer);
86
+ } catch (err) {
87
+ console.warn(`[qqbot:webhook-verify] Ed25519 verification threw: ${err instanceof Error ? err.message : String(err)}`);
88
+ return false;
89
+ }
90
+ }
91
+
92
+ // ============ Callback URL validation (op:13) ============
93
+
94
+ /**
95
+ * Generate the response for callback URL validation (op:13).
96
+ *
97
+ * QQ sends `{ op: 13, d: { plain_token, event_ts } }` to verify
98
+ * the callback URL. We must return `{ plain_token, signature }`.
99
+ *
100
+ * @param params.plainToken - The `plain_token` from the validation request
101
+ * @param params.eventTs - The `event_ts` from the validation request
102
+ * @param params.botSecret - The bot's AppSecret
103
+ */
104
+ export function signValidationResponse(params: {
105
+ plainToken: string;
106
+ eventTs: string;
107
+ botSecret: string;
108
+ }): { plain_token: string; signature: string } {
109
+ const { plainToken, eventTs, botSecret } = params;
110
+
111
+ // Sign: event_ts + plain_token
112
+ const message = Buffer.from(eventTs + plainToken, "utf-8");
113
+ const signature = ed25519Sign(botSecret, message);
114
+
115
+ return {
116
+ plain_token: plainToken,
117
+ signature,
118
+ };
119
+ }
package/src/types.ts CHANGED
@@ -29,6 +29,8 @@ export interface ResolvedQQBotAccount {
29
29
  imageServerBaseUrl?: string;
30
30
  /** 是否支持 markdown 消息(默认 true) */
31
31
  markdownSupport: boolean;
32
+ /** User-Agent 追加后缀(从通道级配置 channels.qqbot.userAgentSuffix 解析) */
33
+ userAgentSuffix?: string;
32
34
  config: QQBotAccountConfig;
33
35
  }
34
36
 
@@ -57,6 +59,15 @@ export interface GroupConfig {
57
59
  historyLimit?: number;
58
60
  }
59
61
 
62
+ /** 消息接收传输方式 */
63
+ export type TransportMode = "websocket" | "webhook";
64
+
65
+ /** Webhook 传输配置 */
66
+ export interface WebhookTransportConfig {
67
+ /** 监听路径(默认 /qqbot/webhook) */
68
+ path?: string;
69
+ }
70
+
60
71
  /**
61
72
  * QQ Bot 账户配置
62
73
  */
@@ -68,6 +79,10 @@ export interface QQBotAccountConfig {
68
79
  clientSecretFile?: string;
69
80
  dmPolicy?: "open" | "pairing" | "allowlist";
70
81
  allowFrom?: string[];
82
+ /** 消息接收传输方式:websocket(默认)| webhook */
83
+ transport?: TransportMode;
84
+ /** webhook 传输配置(transport="webhook" 时生效) */
85
+ webhook?: WebhookTransportConfig;
71
86
  /** 群消息策略(默认 allowlist) */
72
87
  groupPolicy?: GroupPolicy;
73
88
  /** 群白名单(groupPolicy 为 allowlist 时生效) */
@@ -114,6 +129,12 @@ export interface QQBotAccountConfig {
114
129
  * 示例: "ryantest/openclaw-qqbot"
115
130
  */
116
131
  upgradePkg?: string;
132
+ /**
133
+ * 群消息是否默认需要 @机器人才响应(默认 true)
134
+ * 优先级低于 groups.{groupId}.requireMention 和 groups."*".requireMention
135
+ * 设为 false 时,所有群默认无需 @ 即触发回复(仍可被群级配置覆盖)
136
+ */
137
+ defaultRequireMention?: boolean;
117
138
  /**
118
139
  * 出站消息合并回复(debounce)配置
119
140
  * 当短时间内收到多次 deliver 时,将文本合并为一条消息发送,避免消息轰炸
@@ -124,7 +145,7 @@ export interface QQBotAccountConfig {
124
145
  * 启用后,AI 的回复会以流式形式逐步显示在 QQ 聊天中,
125
146
  * 用户可以看到文字逐字出现的打字机效果。
126
147
  * 设置为 true 可开启流式消息。
127
- *
148
+ *
128
149
  * 注意:仅 C2C(私聊)支持流式消息 API。
129
150
  */
130
151
  streaming?: boolean;
@@ -0,0 +1,66 @@
1
+ declare module "openclaw/plugin-sdk/webhook-ingress" {
2
+ import type { IncomingMessage, ServerResponse } from "node:http";
3
+
4
+ export interface WebhookInFlightLimiter {
5
+ acquire(): boolean;
6
+ release(): void;
7
+ }
8
+
9
+ export interface FixedWindowRateLimiter {
10
+ check(key?: string): boolean;
11
+ }
12
+
13
+ export function createWebhookInFlightLimiter(opts: {
14
+ max?: number;
15
+ maxInFlightPerKey?: number;
16
+ maxTrackedKeys?: number;
17
+ }): WebhookInFlightLimiter;
18
+
19
+ export function createFixedWindowRateLimiter(opts: {
20
+ windowMs: number;
21
+ max?: number;
22
+ maxRequests?: number;
23
+ maxTrackedKeys?: number;
24
+ }): FixedWindowRateLimiter;
25
+
26
+ export function registerWebhookTargetWithPluginRoute<T extends { path: string }>(opts: {
27
+ targetsByPath: Map<string, T[]>;
28
+ target: T;
29
+ route: {
30
+ auth: string;
31
+ match: "exact" | "prefix";
32
+ pluginId: string;
33
+ source: string;
34
+ accountId: string;
35
+ replaceExisting?: boolean;
36
+ log?: (msg: string) => void;
37
+ handler: (req: IncomingMessage, res: ServerResponse) => Promise<boolean | void>;
38
+ };
39
+ onLastPathTargetRemoved?: () => void;
40
+ }): { unregister: () => void };
41
+
42
+ export function withResolvedWebhookRequestPipeline<T extends { path: string }>(opts: {
43
+ req: IncomingMessage;
44
+ res: ServerResponse;
45
+ targetsByPath: Map<string, T[]>;
46
+ rateLimiter: FixedWindowRateLimiter;
47
+ inFlightLimiter: WebhookInFlightLimiter;
48
+ requireJsonContentType?: boolean;
49
+ handle: (ctx: { targets: T[] }) => Promise<void> | void;
50
+ }): Promise<boolean>;
51
+
52
+ export function resolveWebhookTargetWithAuthOrRejectSync<T>(opts: {
53
+ targets: T[];
54
+ res: ServerResponse;
55
+ isMatch: (target: T) => boolean;
56
+ unauthorizedStatusCode?: number;
57
+ unauthorizedMessage?: string;
58
+ }): T | null;
59
+
60
+ export function readWebhookBodyOrReject(opts: {
61
+ req: IncomingMessage;
62
+ res: ServerResponse;
63
+ maxBytes: number;
64
+ timeoutMs: number;
65
+ }): Promise<{ ok: true; value: string } | { ok: false }>;
66
+ }
@@ -1,9 +1,30 @@
1
1
  import * as fs from "node:fs";
2
2
  import * as path from "node:path";
3
3
  import { execFile } from "node:child_process";
4
- import { decode, encode, isSilk } from "silk-wasm";
5
4
  import { detectFfmpeg, isWindows } from "./platform.js";
6
5
 
6
+ // silk-wasm 动态加载(可选依赖,未安装时降级为不支持语音编解码)
7
+ let silkWasm: { decode: typeof import("silk-wasm").decode; encode: typeof import("silk-wasm").encode; isSilk: typeof import("silk-wasm").isSilk } | null = null;
8
+ let silkWasmLoaded = false;
9
+
10
+ async function loadSilkWasm() {
11
+ if (silkWasmLoaded) return silkWasm;
12
+ silkWasmLoaded = true;
13
+ try {
14
+ silkWasm = await import("silk-wasm");
15
+ } catch {
16
+ console.warn("[audio-convert] silk-wasm not available, voice encoding/decoding disabled");
17
+ silkWasm = null;
18
+ }
19
+ return silkWasm;
20
+ }
21
+
22
+ // 同步版本的 isSilk(用于不方便 await 的场景),首次调用前需先 loadSilkWasm
23
+ function isSilkSync(data: Uint8Array): boolean {
24
+ if (!silkWasm) return false;
25
+ return silkWasm.isSilk(data);
26
+ }
27
+
7
28
  /**
8
29
  * 检查文件是否为 SILK 格式(QQ/微信语音常用格式)
9
30
  * QQ 语音文件通常以 .amr 扩展名保存,但实际编码可能是 SILK v3
@@ -12,7 +33,7 @@ import { detectFfmpeg, isWindows } from "./platform.js";
12
33
  function isSilkFile(filePath: string): boolean {
13
34
  try {
14
35
  const buf = fs.readFileSync(filePath);
15
- return isSilk(new Uint8Array(buf.buffer, buf.byteOffset, buf.byteLength));
36
+ return isSilkSync(new Uint8Array(buf.buffer, buf.byteOffset, buf.byteLength));
16
37
  } catch {
17
38
  return false;
18
39
  }
@@ -91,14 +112,15 @@ export async function convertSilkToWav(
91
112
  const rawData = new Uint8Array(strippedBuf.buffer, strippedBuf.byteOffset, strippedBuf.byteLength);
92
113
 
93
114
  // 验证是否为 SILK 格式
94
- if (!isSilk(rawData)) {
115
+ const silk = await loadSilkWasm();
116
+ if (!silk || !silk.isSilk(rawData)) {
95
117
  return null;
96
118
  }
97
119
 
98
120
  // SILK 解码为 PCM (s16le)
99
121
  // QQ 语音通常采样率为 24000Hz
100
122
  const sampleRate = 24000;
101
- const result = await decode(rawData, sampleRate);
123
+ const result = await silk.decode(rawData, sampleRate);
102
124
 
103
125
  // PCM → WAV
104
126
  const wavBuffer = pcmToWav(result.data, sampleRate);
@@ -380,8 +402,12 @@ export async function pcmToSilk(
380
402
  pcmBuffer: Buffer,
381
403
  sampleRate: number,
382
404
  ): Promise<{ silkBuffer: Buffer; duration: number }> {
405
+ const silk = await loadSilkWasm();
406
+ if (!silk) {
407
+ throw new Error("silk-wasm not available, cannot encode PCM to SILK. Install silk-wasm to enable voice sending.");
408
+ }
383
409
  const pcmData = new Uint8Array(pcmBuffer.buffer, pcmBuffer.byteOffset, pcmBuffer.byteLength);
384
- const result = await encode(pcmData, sampleRate);
410
+ const result = await silk.encode(pcmData, sampleRate);
385
411
  return {
386
412
  silkBuffer: Buffer.from(result.data.buffer, result.data.byteOffset, result.data.byteLength),
387
413
  duration: result.duration,
@@ -440,10 +466,11 @@ export async function audioFileToSilkBase64(filePath: string, directUploadFormat
440
466
  }
441
467
 
442
468
  // 1. .slk / .amr 扩展名 → 检测 SILK 魔数,是 SILK 则直传
469
+ const silk = await loadSilkWasm();
443
470
  if ([".slk", ".slac"].includes(ext)) {
444
471
  const stripped = stripAmrHeader(buf);
445
472
  const raw = new Uint8Array(stripped.buffer, stripped.byteOffset, stripped.byteLength);
446
- if (isSilk(raw)) {
473
+ if (silk?.isSilk(raw)) {
447
474
  console.log(`[audio-convert] SILK file, direct use: ${filePath} (${buf.length} bytes)`);
448
475
  return buf.toString("base64");
449
476
  }
@@ -453,7 +480,7 @@ export async function audioFileToSilkBase64(filePath: string, directUploadFormat
453
480
  const rawCheck = new Uint8Array(buf.buffer, buf.byteOffset, buf.byteLength);
454
481
  const strippedCheck = stripAmrHeader(buf);
455
482
  const strippedRaw = new Uint8Array(strippedCheck.buffer, strippedCheck.byteOffset, strippedCheck.byteLength);
456
- if (isSilk(rawCheck) || isSilk(strippedRaw)) {
483
+ if (silk?.isSilk(rawCheck) || silk?.isSilk(strippedRaw)) {
457
484
  console.log(`[audio-convert] SILK detected by header: ${filePath} (${buf.length} bytes)`);
458
485
  return buf.toString("base64");
459
486
  }
@@ -544,10 +571,11 @@ export async function audioFileToSilkFile(filePath: string, directUploadFormats?
544
571
  }
545
572
 
546
573
  // 1. 已经是 SILK 编码 → 直接返回原文件
574
+ const silk = await loadSilkWasm();
547
575
  if ([".slk", ".slac"].includes(ext)) {
548
576
  const stripped = stripAmrHeader(buf);
549
577
  const raw = new Uint8Array(stripped.buffer, stripped.byteOffset, stripped.byteLength);
550
- if (isSilk(raw)) {
578
+ if (silk?.isSilk(raw)) {
551
579
  console.log(`[audio-convert] SILK file, direct use: ${filePath} (${buf.length} bytes)`);
552
580
  return filePath;
553
581
  }
@@ -555,7 +583,7 @@ export async function audioFileToSilkFile(filePath: string, directUploadFormats?
555
583
  const rawCheck = new Uint8Array(buf.buffer, buf.byteOffset, buf.byteLength);
556
584
  const strippedCheck = stripAmrHeader(buf);
557
585
  const strippedRaw = new Uint8Array(strippedCheck.buffer, strippedCheck.byteOffset, strippedCheck.byteLength);
558
- if (isSilk(rawCheck) || isSilk(strippedRaw)) {
586
+ if (silk?.isSilk(rawCheck) || silk?.isSilk(strippedRaw)) {
559
587
  console.log(`[audio-convert] SILK detected by header: ${filePath} (${buf.length} bytes)`);
560
588
  return filePath;
561
589
  }