@xfxstudio/claworld 0.2.13 → 0.2.14

package/src/openclaw/runtime/tool-inventory.js

@@ -3,16 +3,10 @@ export const CLAWORLD_TOOL_CONTRACT_VERSION = 'v1';
 export const CLAWORLD_CHAT_REQUEST_TOOL_NAMES = Object.freeze([
   'claworld_request_chat',
   'claworld_chat_inbox',
-  'claworld_accept_chat_request',
-  'claworld_reject_chat_request',
 ]);
 
-export const CLAWORLD_BOOTSTRAP_TOOL_NAMES = Object.freeze([
-  'claworld_pair_agent',
-]);
-
-export const CLAWORLD_PROFILE_TOOL_NAMES = Object.freeze([
-  'claworld_profile',
+export const CLAWORLD_ACCOUNT_TOOL_NAMES = Object.freeze([
+  'claworld_account',
 ]);
 
 export const CLAWORLD_FEEDBACK_TOOL_NAMES = Object.freeze([
@@ -30,24 +24,8 @@ export const CLAWORLD_WORLD_ADMIN_PUBLIC_TOOL_NAMES = Object.freeze([
   'claworld_manage_world',
 ]);
 
-export const CLAWORLD_COMPATIBILITY_TOOL_NAMES = Object.freeze([
-  'claworld_list_owned_worlds',
-  'claworld_prepare_world_join',
-  'claworld_search_world',
-]);
-
-export const CLAWORLD_RETIRED_PUBLIC_TOOL_NAMES = Object.freeze([
-  'claworld_send_friend_request',
-  'claworld_list_friend_requests',
-  'claworld_accept_friend_request',
-  'claworld_reject_friend_request',
-  'claworld_broadcast_world',
-  'claworld_resolve_agent',
-]);
-
 export const CLAWORLD_REGISTERED_TOOL_NAMES = Object.freeze([
-  ...CLAWORLD_BOOTSTRAP_TOOL_NAMES,
-  ...CLAWORLD_PROFILE_TOOL_NAMES,
+  ...CLAWORLD_ACCOUNT_TOOL_NAMES,
   ...CLAWORLD_WORLD_TOOL_NAMES,
   ...CLAWORLD_WORLD_ADMIN_PUBLIC_TOOL_NAMES,
   ...CLAWORLD_CHAT_REQUEST_TOOL_NAMES,
@@ -71,8 +49,7 @@ export const CLAWORLD_READ_ONLY_OPENCLAW_TOOL_NAMES = Object.freeze([
 ]);
 
 export const CLAWORLD_PLUGIN_SMOKE_REQUIRED_TOOL_NAMES = Object.freeze([
-  ...CLAWORLD_BOOTSTRAP_TOOL_NAMES,
-  ...CLAWORLD_PROFILE_TOOL_NAMES,
+  ...CLAWORLD_ACCOUNT_TOOL_NAMES,
   ...CLAWORLD_WORLD_TOOL_NAMES,
   ...CLAWORLD_WORLD_ADMIN_PUBLIC_TOOL_NAMES,
   ...CLAWORLD_CHAT_REQUEST_TOOL_NAMES,

package/src/lib/agent-profile.js

@@ -1,74 +0,0 @@
-import { resolvePublicIdentity } from './public-identity.js';
-
-function normalizeOptionalString(value, { maxLength = 280 } = {}) {
-  if (value == null) return null;
-  const normalized = String(value).trim();
-  if (!normalized) return null;
-  return normalized.slice(0, maxLength);
-}
-
-function normalizeTagList(rawTags, { maxItems = 8, maxLength = 24 } = {}) {
-  if (!Array.isArray(rawTags)) return [];
-  const seen = new Set();
-  const tags = [];
-  for (const value of rawTags) {
-    const normalized = normalizeOptionalString(value, { maxLength });
-    if (!normalized) continue;
-    const key = normalized.toLowerCase();
-    if (seen.has(key)) continue;
-    seen.add(key);
-    tags.push(normalized);
-    if (tags.length >= maxItems) break;
-  }
-  return tags;
-}
-
-function normalizeBooleanFlag(value, fallback = true) {
-  if (typeof value === 'boolean') return value;
-  if (typeof value === 'number') {
-    if (value === 1) return true;
-    if (value === 0) return false;
-  }
-  if (typeof value === 'string') {
-    const normalized = value.trim().toLowerCase();
-    if (normalized === 'true' || normalized === '1') return true;
-    if (normalized === 'false' || normalized === '0') return false;
-  }
-  return fallback;
-}
-
-export function resolveAgentDisplayName(agent = {}) {
-  const publicIdentityDisplayName = normalizeOptionalString(resolvePublicIdentity(agent).displayName, { maxLength: 80 });
-  if (publicIdentityDisplayName) return publicIdentityDisplayName;
-  const displayName = normalizeOptionalString(agent.displayName, { maxLength: 80 });
-  if (displayName) return displayName;
-  return normalizeOptionalString(agent.agentId, { maxLength: 80 })
-    || 'agent';
-}
-
-export function normalizeAgentProfile(profile) {
-  const source = profile && typeof profile === 'object' ? profile : {};
-  return {
-    headline: normalizeOptionalString(source.headline, { maxLength: 120 }),
-    bio: normalizeOptionalString(source.bio, { maxLength: 300 }),
-    avatarUrl: normalizeOptionalString(source.avatarUrl, { maxLength: 512 }),
-    tags: normalizeTagList(source.tags),
-  };
-}
-
-export function resolveAgentVisibility(agent = {}) {
-  const discoverable = normalizeBooleanFlag(agent.discoverable, true);
-  const requestedContactable = normalizeBooleanFlag(agent.contactable, true);
-  return {
-    discoverable,
-    contactable: discoverable ? requestedContactable : false,
-  };
-}
-
-export function normalizeAgentInputMetadata({ displayName, profile, discoverable, contactable } = {}) {
-  return {
-    displayName: resolveAgentDisplayName({ displayName }),
-    profile: normalizeAgentProfile(profile),
-    ...resolveAgentVisibility({ discoverable, contactable }),
-  };
-}

package/src/lib/http-auth.js

@@ -1,151 +0,0 @@
-function unauthorized(reason) {
-  return {
-    error: 'not_authenticated',
-    reason,
-  };
-}
-
-function forbidden(reason, extra = {}) {
-  return {
-    error: 'forbidden',
-    reason,
-    ...extra,
-  };
-}
-
-function isExpired(isoTs, nowMs = Date.now()) {
-  if (!isoTs) return false;
-  const expiresAtMs = Date.parse(isoTs);
-  if (Number.isNaN(expiresAtMs)) return false;
-  return expiresAtMs <= nowMs;
-}
-
-function normalizeHeaderValue(value) {
-  if (Array.isArray(value)) {
-    const [first] = value;
-    return typeof first === 'string' ? first.trim() : '';
-  }
-  if (typeof value === 'string') return value.trim();
-  return '';
-}
-
-export function readAppTokenFromRequest(req) {
-  const authorization = normalizeHeaderValue(req?.headers?.authorization);
-  if (/^bearer\s+/i.test(authorization)) {
-    const token = authorization.replace(/^bearer\s+/i, '').trim();
-    if (token) return { token, source: 'authorization' };
-  }
-
-  const appTokenHeader = normalizeHeaderValue(req?.headers?.['x-claworld-app-token']);
-  if (appTokenHeader) return { token: appTokenHeader, source: 'x-claworld-app-token' };
-
-  const legacyRelayToken = normalizeHeaderValue(req?.headers?.['x-relay-token']);
-  if (legacyRelayToken) return { token: legacyRelayToken, source: 'x-relay-token' };
-
-  return { token: null, source: null };
-}
-
-export function authenticateAppTokenRequest({ store, req }) {
-  const { token, source } = readAppTokenFromRequest(req);
-  if (!token) {
-    return {
-      present: false,
-      ok: false,
-      source: null,
-      token: null,
-      agent: null,
-      credential: null,
-      error: null,
-    };
-  }
-
-  const credential = store.getCredentialByToken(token);
-  if (!credential) {
-    return {
-      present: true,
-      ok: false,
-      source,
-      token,
-      agent: null,
-      credential: null,
-      error: unauthorized('credential_invalid'),
-    };
-  }
-  if (credential.status !== 'active' || credential.revokedAt) {
-    return {
-      present: true,
-      ok: false,
-      source,
-      token,
-      agent: null,
-      credential,
-      error: unauthorized('credential_revoked'),
-    };
-  }
-  if (isExpired(credential.expiresAt)) {
-    return {
-      present: true,
-      ok: false,
-      source,
-      token,
-      agent: null,
-      credential,
-      error: unauthorized('credential_expired'),
-    };
-  }
-
-  const agent = store.getAgent(credential.agentId);
-  if (!agent) {
-    return {
-      present: true,
-      ok: false,
-      source,
-      token,
-      agent: null,
-      credential,
-      error: unauthorized('credential_invalid'),
-    };
-  }
-
-  return {
-    present: true,
-    ok: true,
-    source,
-    token,
-    agent,
-    credential,
-    error: null,
-  };
-}
-
-export function resolveAuthenticatedAgentId({ store, req, providedAgentId = null, fieldName = 'agentId' } = {}) {
-  const auth = authenticateAppTokenRequest({ store, req });
-  if (auth.present && !auth.ok) {
-    return {
-      ok: false,
-      status: 401,
-      body: auth.error,
-    };
-  }
-
-  const explicitAgentId = String(providedAgentId || '').trim() || null;
-  const authenticatedAgentId = auth.ok ? auth.agent.agentId : null;
-
-  if (explicitAgentId && authenticatedAgentId && explicitAgentId !== authenticatedAgentId) {
-    return {
-      ok: false,
-      status: 403,
-      body: forbidden('agent_identity_mismatch', {
-        field: fieldName,
-        authenticatedAgentId,
-        providedAgentId: explicitAgentId,
-      }),
-    };
-  }
-
-  return {
-    ok: true,
-    auth,
-    agentId: explicitAgentId || authenticatedAgentId || null,
-  };
-}

package/src/lib/policy.js

@@ -1,114 +0,0 @@
-import { resolveAgentVisibility } from './agent-profile.js';
-const ALLOW_DECISION = Object.freeze({ allowed: true });
-const EMPTY_SET = Object.freeze(new Set());
-
-function parsePolicyCsvSet(rawValue) {
-  if (typeof rawValue !== 'string') return EMPTY_SET;
-  const values = rawValue
-    .split(',')
-    .map((value) => value.trim().toLowerCase())
-    .filter(Boolean);
-  return values.length > 0 ? new Set(values) : EMPTY_SET;
-}
-
-function buildRequestDenyPolicyFromEnv(env) {
-  return Object.freeze({
-    blockedAgentIds: parsePolicyCsvSet(env.RELAY_POLICY_BLOCKED_AGENT_IDS),
-    deniedAgentIds: parsePolicyCsvSet(env.RELAY_POLICY_DENIED_AGENT_IDS),
-  });
-}
-
-function agentInPolicySet(values, candidate) {
-  const normalized = String(candidate || '').trim().toLowerCase();
-  return normalized ? values.has(normalized) : false;
-}
-
-const requestDenyPolicy = buildRequestDenyPolicyFromEnv(process.env);
-
-function deny(status, error, extras = {}) {
-  return { allowed: false, status, error, ...extras };
-}
-
-export function defaultCanRequest({ fromAgentId, fromAgent, toAgent }) {
-  const visibility = resolveAgentVisibility(toAgent);
-  if (agentInPolicySet(requestDenyPolicy.blockedAgentIds, fromAgentId)) {
-    return deny(403, 'request_blocked_by_policy');
-  }
-  if (agentInPolicySet(requestDenyPolicy.deniedAgentIds, fromAgentId)) {
-    return deny(403, 'request_denied_by_policy');
-  }
-  if (toAgent.agentId === fromAgentId) return deny(400, 'self_request_not_allowed');
-  if (!visibility.discoverable) return deny(403, 'target_not_discoverable');
-  if (!visibility.contactable) return deny(403, 'target_not_contactable');
-  return ALLOW_DECISION;
-}
-
-export function defaultCanAccept() {
-  return ALLOW_DECISION;
-}
-
-export function defaultCanStartSession() {
-  return ALLOW_DECISION;
-}
-
-export function defaultCanDeliverTurn({ session, roundBudget, fromAgentId }) {
-  if (session.state !== 'active') {
-    const terminationReason = typeof session?.terminationReason === 'string' && session.terminationReason.trim()
-      ? session.terminationReason.trim()
-      : null;
-    return deny(terminationReason === 'session_timeout' ? 409 : 400, terminationReason || 'session_not_active');
-  }
-  if (roundBudget?.hasExplicitBudget && Number(roundBudget.remainingTurns) <= 0) {
-    return deny(400, 'max_turns_reached');
-  }
-  if (fromAgentId !== session.currentSpeakerAgentId) return deny(400, 'not_current_speaker');
-  return ALLOW_DECISION;
-}
-
-export function createRelayPolicyHooks(policy) {
-  const hooks = policy && typeof policy === 'object' ? policy : {};
-  return {
-    canRequest: typeof hooks.canRequest === 'function' ? hooks.canRequest : defaultCanRequest,
-    canAccept: typeof hooks.canAccept === 'function' ? hooks.canAccept : defaultCanAccept,
-    canStartSession: typeof hooks.canStartSession === 'function' ? hooks.canStartSession : defaultCanStartSession,
-    canDeliverTurn: typeof hooks.canDeliverTurn === 'function' ? hooks.canDeliverTurn : defaultCanDeliverTurn,
-  };
-}
-
-export function resolvePolicyDecision(decision, { defaultStatus = 403, defaultError = 'forbidden' } = {}) {
-  if (decision == null || decision === true) return { allowed: true };
-  if (decision === false) return { allowed: false, status: defaultStatus, body: { error: defaultError } };
-  if (typeof decision !== 'object') return { allowed: true };
-
-  const hasDenyShape = decision.allowed === false
-    || (decision.allowed === undefined && (decision.status !== undefined || decision.error !== undefined || decision.body !== undefined));
-
-  if (!hasDenyShape) return { allowed: true };
-
-  const status = Number.isInteger(decision.status) ? decision.status : defaultStatus;
-  if (decision.body && typeof decision.body === 'object') return { allowed: false, status, body: decision.body };
-  const error = typeof decision.error === 'string' && decision.error.trim() ? decision.error : defaultError;
-  return { allowed: false, status, body: { error } };
-}
-
-export function evaluatePolicyHook({
-  hook,
-  context,
-  hookName,
-  defaultStatus = 403,
-  defaultError = 'forbidden',
-}) {
-  try {
-    return resolvePolicyDecision(hook(context), { defaultStatus, defaultError });
-  } catch (error) {
-    return {
-      allowed: false,
-      status: 500,
-      body: {
-        error: 'policy_hook_error',
-        hook: hookName,
-        message: error instanceof Error ? error.message : String(error),
-      },
-    };
-  }
-}

package/src/openclaw/installer/constants.js

@@ -1,14 +0,0 @@
-import { createRequire } from 'module';
-
-const require = createRequire(import.meta.url);
-const installerPackageJson = require('../../../package.json');
-
-export const CLAWORLD_INSTALLER_BIN_NAME = 'claworld';
-export const CLAWORLD_INSTALLER_PACKAGE_NAME = '@xfxstudio/claworld';
-export const CLAWORLD_INSTALLER_PACKAGE_VERSION = installerPackageJson.version;
-export const CLAWORLD_INSTALLER_DEFAULT_PLUGIN_SOURCE = `${CLAWORLD_INSTALLER_PACKAGE_NAME}@${CLAWORLD_INSTALLER_PACKAGE_VERSION}`;
-export const CLAWORLD_INSTALLER_COMMAND = 'npx -y @xfxstudio/claworld install';
-export const CLAWORLD_DOCTOR_COMMAND = 'npx -y @xfxstudio/claworld doctor';
-export const CLAWORLD_UPDATE_COMMAND = 'npx -y @xfxstudio/claworld update';
-export const CLAWORLD_UNINSTALL_COMMAND = 'npx -y @xfxstudio/claworld uninstall';
-export const CLAWORLD_OPENCLAW_MIN_HOST_VERSION = '>=2026.3.22';

package/src/product-shell/agent-cards/card-routes.js

@@ -1,64 +0,0 @@
-import { resolveAuthenticatedAgentId } from '../../lib/http-auth.js';
-
-function sendAgentCardError(res, error) {
-  const status = Number.isInteger(error?.status) ? error.status : 500;
-  if (error?.responseBody && typeof error.responseBody === 'object') {
-    return res.status(status).json(error.responseBody);
-  }
-  const code = typeof error?.code === 'string' ? error.code : 'internal_error';
-  return res.status(status).json({ error: code, message: error?.message || code });
-}
-
-function buildAbsoluteUrl(req, publicPath) {
-  return `${req.protocol}://${req.get('host')}${publicPath}`;
-}
-
-export function registerAgentCardRoutes(app, { store, agentCardService }) {
-  app.get('/v1/meta/agent-cards', (_req, res) => {
-    res.json(agentCardService.getManifest());
-  });
-
-  app.post('/v1/agent-cards/render', async (req, res) => {
-    const resolvedAgent = resolveAuthenticatedAgentId({
-      store,
-      req,
-      providedAgentId: req.body?.agentId || null,
-      fieldName: 'agentId',
-    });
-    if (!resolvedAgent.ok) {
-      return res.status(resolvedAgent.status).json(resolvedAgent.body);
-    }
-
-    try {
-      const result = await agentCardService.renderCard({
-        agentId: resolvedAgent.agentId,
-        publicHandle: req.body?.publicHandle,
-        displayName: req.body?.displayName,
-        templateId: req.body?.templateId,
-        templateVersion: req.body?.templateVersion,
-        themeId: req.body?.themeId,
-        title: req.body?.title,
-        subtitle: req.body?.subtitle,
-        ctaLines: req.body?.ctaLines,
-        qrTargetUrl: req.body?.qrTargetUrl,
-        footerLabel: req.body?.footerLabel,
-        badgeText: req.body?.badgeText,
-        expiresInSeconds: req.body?.expiresInSeconds,
-        forceRegenerate: req.body?.forceRegenerate === true,
-      });
-
-      const imageUrl = result.card.imageUrl || (result.card.publicPath ? buildAbsoluteUrl(req, result.card.publicPath) : null);
-      const downloadUrl = result.card.downloadUrl || imageUrl;
-      return res.status(result.cacheHit ? 200 : 201).json({
-        ...result,
-        card: {
-          ...result.card,
-          ...(imageUrl ? { imageUrl } : {}),
-          ...(downloadUrl ? { downloadUrl } : {}),
-        },
-      });
-    } catch (error) {
-      return sendAgentCardError(res, error);
-    }
-  });
-}