@yanhaidao/wecom 2.2.7 → 2.3.2

package/src/dynamic-agent.ts

@@ -29,23 +29,23 @@ export function getDynamicAgentConfig(config: OpenClawConfig): DynamicAgentConfi
     };
 }
 
+function sanitizeDynamicIdPart(value: string): string {
+    return String(value)
+        .trim()
+        .toLowerCase()
+        .replace(/[^a-z0-9_-]/g, "_");
+}
+
 /**
  * **generateAgentId (生成动态 Agent ID)**
  *
- * 根据聊天类型和对端 ID 生成确定性的 Agent ID。
- * 格式: wecom-{type}-{sanitizedPeerId}
- * - type: dm | group
- * - sanitizedPeerId: 小写，非字母数字下划线横线替换为下划线
- *
- * @example
- * generateAgentId("dm", "ZhangSan") // "wecom-dm-zhangsan"
- * generateAgentId("group", "wr123456") // "wecom-group-wr123456"
+ * 根据账号 + 聊天类型 + 对端 ID 生成确定性的 Agent ID，避免多账号串会话。
+ * 格式: wecom-{accountId}-{type}-{sanitizedPeerId}
  */
-export function generateAgentId(chatType: "dm" | "group", peerId: string): string {
-    const sanitized = String(peerId)
-        .toLowerCase()
-        .replace(/[^a-z0-9_-]/g, "_");
-    return `wecom-${chatType}-${sanitized}`;
+export function generateAgentId(chatType: "dm" | "group", peerId: string, accountId?: string): string {
+    const sanitizedPeer = sanitizeDynamicIdPart(peerId) || "unknown";
+    const sanitizedAccountId = sanitizeDynamicIdPart(accountId ?? "default") || "default";
+    return `wecom-${sanitizedAccountId}-${chatType}-${sanitizedPeer}`;
 }
 
 /**

package/src/gateway-monitor.ts

@@ -0,0 +1,200 @@
+import type {
+  ChannelGatewayContext,
+  OpenClawConfig,
+  PluginRuntime,
+} from "openclaw/plugin-sdk";
+
+import {
+  detectMode,
+  listWecomAccountIds,
+  resolveWecomAccount,
+  resolveWecomAccountConflict,
+} from "./config/index.js";
+import { registerAgentWebhookTarget, registerWecomWebhookTarget } from "./monitor.js";
+import type { ResolvedWecomAccount, WecomConfig } from "./types/index.js";
+
+type AccountRouteRegistryItem = {
+  botPaths: string[];
+  agentPath?: string;
+};
+
+const accountRouteRegistry = new Map<string, AccountRouteRegistryItem>();
+
+function logRegisteredRouteSummary(
+  ctx: ChannelGatewayContext<ResolvedWecomAccount>,
+  preferredOrder: string[],
+): void {
+  const seen = new Set<string>();
+  const orderedAccountIds = [
+    ...preferredOrder.filter((accountId) => accountRouteRegistry.has(accountId)),
+    ...Array.from(accountRouteRegistry.keys())
+      .filter((accountId) => !seen.has(accountId))
+      .sort((a, b) => a.localeCompare(b)),
+  ].filter((accountId) => {
+    if (seen.has(accountId)) return false;
+    seen.add(accountId);
+    return true;
+  });
+
+  const entries = orderedAccountIds
+    .map((accountId) => {
+      const routes = accountRouteRegistry.get(accountId);
+      if (!routes) return undefined;
+      const botText = routes.botPaths.length > 0 ? routes.botPaths.join(", ") : "未启用";
+      const agentText = routes.agentPath ?? "未启用";
+      return `accountId=${accountId}（Bot: ${botText}；Agent: ${agentText}）`;
+    })
+    .filter((entry): entry is string => Boolean(entry));
+  const summary = entries.length > 0 ? entries.join("； ") : "无";
+  ctx.log?.info(`[${ctx.account.accountId}] 已注册账号路由汇总：${summary}`);
+}
+
+function resolveExpectedRouteSummaryAccountIds(cfg: OpenClawConfig): string[] {
+  return listWecomAccountIds(cfg)
+    .filter((accountId) => {
+      const conflict = resolveWecomAccountConflict({ cfg, accountId });
+      if (conflict) return false;
+      const account = resolveWecomAccount({ cfg, accountId });
+      if (!account.enabled || !account.configured) return false;
+      return Boolean(account.bot?.configured || account.agent?.configured);
+    })
+    .sort((a, b) => a.localeCompare(b));
+}
+
+function waitForAbortSignal(abortSignal: AbortSignal): Promise<void> {
+  if (abortSignal.aborted) {
+    return Promise.resolve();
+  }
+  return new Promise<void>((resolve) => {
+    const onAbort = () => {
+      abortSignal.removeEventListener("abort", onAbort);
+      resolve();
+    };
+    abortSignal.addEventListener("abort", onAbort, { once: true });
+  });
+}
+
+/**
+ * Keeps WeCom webhook targets registered for the account lifecycle.
+ * The promise only settles after gateway abort/reload signals shutdown.
+ */
+export async function monitorWecomProvider(
+  ctx: ChannelGatewayContext<ResolvedWecomAccount>,
+): Promise<void> {
+  const account = ctx.account;
+  const cfg = ctx.cfg as OpenClawConfig;
+  const expectedRouteSummaryAccountIds = resolveExpectedRouteSummaryAccountIds(cfg);
+  const conflict = resolveWecomAccountConflict({
+    cfg,
+    accountId: account.accountId,
+  });
+  if (conflict) {
+    ctx.setStatus({
+      accountId: account.accountId,
+      running: false,
+      configured: false,
+      lastError: conflict.message,
+    });
+    throw new Error(conflict.message);
+  }
+  const mode = detectMode(cfg.channels?.wecom as WecomConfig | undefined);
+  const matrixMode = mode === "matrix";
+  const bot = account.bot;
+  const agent = account.agent;
+  const botConfigured = Boolean(bot?.configured);
+  const agentConfigured = Boolean(agent?.configured);
+
+  if (mode === "legacy" && (botConfigured || agentConfigured)) {
+    if (agentConfigured && !botConfigured) {
+      ctx.log?.warn(
+        `[${account.accountId}] 检测到仍在使用单 Agent 兼容模式。建议尽快升级为多账号模式：` +
+        `将 channels.wecom.agent 迁移到 channels.wecom.accounts.<accountId>.agent，` +
+        `并设置 channels.wecom.defaultAccount。`,
+      );
+    } else {
+      ctx.log?.warn(
+        `[${account.accountId}] 检测到仍在使用单账号兼容模式。建议尽快升级为多账号模式：` +
+        `将 channels.wecom.bot/agent 迁移到 channels.wecom.accounts.<accountId>.bot/agent，` +
+        `并设置 channels.wecom.defaultAccount。`,
+      );
+    }
+  }
+
+  if (!botConfigured && !agentConfigured) {
+    ctx.log?.warn(`[${account.accountId}] wecom not configured; channel is idle`);
+    ctx.setStatus({ accountId: account.accountId, running: false, configured: false });
+    await waitForAbortSignal(ctx.abortSignal);
+    return;
+  }
+
+  const unregisters: Array<() => void> = [];
+  const botPaths: string[] = [];
+  let agentPath: string | undefined;
+  try {
+    if (bot && botConfigured) {
+      const paths = matrixMode
+        ? [`/wecom/bot/${account.accountId}`]
+        : ["/wecom", "/wecom/bot"];
+      for (const path of paths) {
+        unregisters.push(
+          registerWecomWebhookTarget({
+            account: bot,
+            config: cfg,
+            runtime: ctx.runtime,
+            // The HTTP handler resolves the active PluginRuntime via getWecomRuntime().
+            // The stored target only needs to be decrypt/verify-capable.
+            core: {} as PluginRuntime,
+            path,
+            statusSink: (patch) => ctx.setStatus({ accountId: ctx.accountId, ...patch }),
+          }),
+        );
+      }
+      botPaths.push(...paths);
+      ctx.log?.info(`[${account.accountId}] wecom bot webhook registered at ${paths.join(", ")}`);
+    }
+
+    if (agent && agentConfigured) {
+      const path = matrixMode ? `/wecom/agent/${account.accountId}` : "/wecom/agent";
+      unregisters.push(
+        registerAgentWebhookTarget({
+          agent,
+          config: cfg,
+          runtime: ctx.runtime,
+          path,
+        }),
+      );
+      agentPath = path;
+      ctx.log?.info(`[${account.accountId}] wecom agent webhook registered at ${path}`);
+    }
+
+    accountRouteRegistry.set(account.accountId, { botPaths, agentPath });
+    const shouldLogSummary =
+      expectedRouteSummaryAccountIds.length <= 1 ||
+      expectedRouteSummaryAccountIds.every((accountId) => accountRouteRegistry.has(accountId));
+    if (shouldLogSummary) {
+      logRegisteredRouteSummary(ctx, expectedRouteSummaryAccountIds);
+    }
+
+    ctx.setStatus({
+      accountId: account.accountId,
+      running: true,
+      configured: true,
+      webhookPath: botConfigured
+        ? (matrixMode ? `/wecom/bot/${account.accountId}` : "/wecom/bot")
+        : (matrixMode ? `/wecom/agent/${account.accountId}` : "/wecom/agent"),
+      lastStartAt: Date.now(),
+    });
+
+    await waitForAbortSignal(ctx.abortSignal);
+  } finally {
+    for (const unregister of unregisters) {
+      unregister();
+    }
+    accountRouteRegistry.delete(account.accountId);
+    ctx.setStatus({
+      accountId: account.accountId,
+      running: false,
+      lastStopAt: Date.now(),
+    });
+  }
+}

package/src/http.ts

@@ -57,13 +57,28 @@ export async function wecomFetch(input: string | URL, init?: RequestInit, opts?:
 
   const initSignal = init?.signal ?? undefined;
   const signal = mergeAbortSignal({ signal: opts?.signal ?? initSignal, timeoutMs: opts?.timeoutMs });
+  
+  const headers = new Headers(init?.headers ?? {});
+  if (!headers.has("User-Agent")) {
+    headers.set("User-Agent", "OpenClaw/2.0 (WeCom-Agent)");
+  }
+
   const nextInit: RequestInit & { dispatcher?: Dispatcher } = {
     ...(init ?? {}),
     ...(signal ? { signal } : {}),
     ...(dispatcher ? { dispatcher } : {}),
+    headers,
   };
 
-  return undiciFetch(input, nextInit as Parameters<typeof undiciFetch>[1]) as unknown as Promise<Response>;
+  try {
+    return await undiciFetch(input, nextInit as Parameters<typeof undiciFetch>[1]) as unknown as Response;
+  } catch (err: unknown) {
+    if (err instanceof Error && err.name === "TypeError" && err.message === "fetch failed") {
+      const cause = (err as any).cause;
+      console.error(`[wecom-http] fetch failed: ${input} (proxy: ${proxyUrl || "none"})${cause ? ` - cause: ${String(cause)}` : ""}`);
+    }
+    throw err;
+  }
 }
 
 /**
@@ -99,4 +114,3 @@ export async function readResponseBodyAsBuffer(res: Response, maxBytes?: number)
 
   return Buffer.concat(chunks.map((c) => Buffer.from(c)));
 }
-

package/src/media.test.ts

@@ -1,5 +1,5 @@
 import { describe, it, expect, vi } from "vitest";
-import { decryptWecomMedia } from "./media.js";
+import { decryptWecomMedia, decryptWecomMediaWithMeta } from "./media.js";
 import { WECOM_PKCS7_BLOCK_SIZE } from "./crypto.js";
 import crypto from "node:crypto";
 
@@ -52,4 +52,31 @@ describe("decryptWecomMedia", () => {
     it("should fail if key is invalid", async () => {
         await expect(decryptWecomMedia("http://url", "invalid-key")).rejects.toThrow();
     });
+
+    it("should return source metadata when using decryptWecomMediaWithMeta", async () => {
+        const aesKeyBase64 = "jWmYm7qr5nMoCAstdRmNjt3p7vsH8HkK+qiJqQ0aaaa=";
+        const aesKey = Buffer.from(aesKeyBase64 + "=", "base64");
+        const iv = aesKey.subarray(0, 16);
+        const originalData = Buffer.from("meta test", "utf8");
+        const padded = pkcs7Pad(originalData, WECOM_PKCS7_BLOCK_SIZE);
+        const cipher = crypto.createCipheriv("aes-256-cbc", aesKey, iv);
+        cipher.setAutoPadding(false);
+        const encrypted = Buffer.concat([cipher.update(padded), cipher.final()]);
+
+        undiciFetch.mockResolvedValue(
+            new Response(encrypted, {
+                status: 200,
+                headers: {
+                    "content-type": "application/octet-stream; charset=binary",
+                    "content-disposition": "attachment; filename*=UTF-8''report%20v1.docx",
+                },
+            }),
+        );
+
+        const decrypted = await decryptWecomMediaWithMeta("http://mock.url/media?id=1", aesKeyBase64);
+        expect(decrypted.buffer.toString("utf8")).toBe("meta test");
+        expect(decrypted.sourceContentType).toBe("application/octet-stream");
+        expect(decrypted.sourceFilename).toBe("report v1.docx");
+        expect(decrypted.sourceUrl).toBe("http://mock.url/media?id=1");
+    });
 });

package/src/media.ts

@@ -2,6 +2,41 @@ import crypto from "node:crypto";
 import { decodeEncodingAESKey, pkcs7Unpad, WECOM_PKCS7_BLOCK_SIZE } from "./crypto.js";
 import { readResponseBodyAsBuffer, wecomFetch, type WecomHttpOptions } from "./http.js";
 
+export type DecryptedWecomMedia = {
+    buffer: Buffer;
+    sourceContentType?: string;
+    sourceFilename?: string;
+    sourceUrl?: string;
+};
+
+function normalizeMime(contentType?: string | null): string | undefined {
+    const raw = String(contentType ?? "").trim();
+    if (!raw) return undefined;
+    return raw.split(";")[0]?.trim().toLowerCase() || undefined;
+}
+
+function extractFilenameFromContentDisposition(disposition?: string | null): string | undefined {
+    const raw = String(disposition ?? "").trim();
+    if (!raw) return undefined;
+
+    const star = raw.match(/filename\*\s*=\s*([^;]+)/i);
+    if (star?.[1]) {
+        const v = star[1].trim().replace(/^UTF-8''/i, "").replace(/^"(.*)"$/, "$1");
+        try {
+            const decoded = decodeURIComponent(v);
+            if (decoded.trim()) return decoded.trim();
+        } catch { /* ignore */ }
+        if (v.trim()) return v.trim();
+    }
+
+    const plain = raw.match(/filename\s*=\s*([^;]+)/i);
+    if (plain?.[1]) {
+        const v = plain[1].trim().replace(/^"(.*)"$/, "$1").trim();
+        if (v) return v;
+    }
+    return undefined;
+}
+
 /**
  * **decryptWecomMedia (解密企业微信媒体文件)**
  * 
@@ -28,11 +63,29 @@ export async function decryptWecomMediaWithHttp(
     encodingAESKey: string,
     params?: { maxBytes?: number; http?: WecomHttpOptions },
 ): Promise<Buffer> {
+    const decrypted = await decryptWecomMediaWithMeta(url, encodingAESKey, params);
+    return decrypted.buffer;
+}
+
+/**
+ * **decryptWecomMediaWithMeta (解密企业微信媒体并返回源信息)**
+ * 
+ * 在返回解密结果的同时，保留下载响应中的元信息（content-type / filename / final url），
+ * 供上层更准确地推断文件后缀和 MIME。
+ */
+export async function decryptWecomMediaWithMeta(
+    url: string,
+    encodingAESKey: string,
+    params?: { maxBytes?: number; http?: WecomHttpOptions },
+): Promise<DecryptedWecomMedia> {
     // 1. Download encrypted content
     const res = await wecomFetch(url, undefined, { ...params?.http, timeoutMs: params?.http?.timeoutMs ?? 15_000 });
     if (!res.ok) {
         throw new Error(`failed to download media: ${res.status}`);
     }
+    const sourceContentType = normalizeMime(res.headers.get("content-type"));
+    const sourceFilename = extractFilenameFromContentDisposition(res.headers.get("content-disposition"));
+    const sourceUrl = res.url || url;
     const encryptedData = await readResponseBodyAsBuffer(res, params?.maxBytes);
 
     // 2. Prepare Key and IV
@@ -51,5 +104,10 @@ export async function decryptWecomMediaWithHttp(
     // Note: Unlike msg bodies, usually removing PKCS#7 padding is enough for media files.
     // The Python SDK logic: pad_len = decrypted_data[-1]; decrypted_data = decrypted_data[:-pad_len]
     // Our pkcs7Unpad function does exactly this + validation.
-    return pkcs7Unpad(decryptedPadded, WECOM_PKCS7_BLOCK_SIZE);
+    return {
+        buffer: pkcs7Unpad(decryptedPadded, WECOM_PKCS7_BLOCK_SIZE),
+        sourceContentType,
+        sourceFilename,
+        sourceUrl,
+    };
 }

package/src/monitor/state.queue.test.ts

@@ -1,6 +1,6 @@
 import { describe, expect, test, vi } from "vitest";
 
-import type { WecomInboundMessage } from "../types.js";
+import type { WecomBotInboundMessage as WecomInboundMessage } from "../types/index.js";
 import type { WecomWebhookTarget } from "./types.js";
 import { StreamStore } from "./state.js";
 

package/src/monitor/state.ts

@@ -1,6 +1,6 @@
 import crypto from "node:crypto";
 import type { StreamState, PendingInbound, ActiveReplyState, WecomWebhookTarget } from "./types.js";
-import type { WecomInboundMessage } from "../types.js";
+import type { WecomBotInboundMessage as WecomInboundMessage } from "../types/index.js";
 
 // Constants
 export const LIMITS = {

package/src/monitor/types.ts

@@ -1,7 +1,7 @@
 
 import type { OpenClawConfig, PluginRuntime } from "openclaw/plugin-sdk";
 import type { ResolvedBotAccount } from "../types/index.js";
-import type { WecomInboundMessage } from "../types.js";
+import type { WecomBotInboundMessage as WecomInboundMessage } from "../types/index.js";
 
 /**
  * **WecomRuntimeEnv (运行时环境)**

package/src/monitor.active.test.ts

@@ -45,6 +45,7 @@ function createMockResponse(): ServerResponse {
 
 describe("Monitor Active Features", () => {
     let capturedDeliver: ((payload: { text: string }) => Promise<void>) | undefined;
+    let unregisterTarget: (() => void) | undefined;
     let mockCore: any;
     let msgSeq = 0;
     let senderUserId = "";
@@ -109,7 +110,7 @@ describe("Monitor Active Features", () => {
                         return;
                     }
                 },
-                routing: { resolveAgentRoute: () => ({ agentId: "1", sessionKey: "1", accountId: "1" }) },
+                routing: { resolveAgentRoute: () => ({ agentId: "1", sessionKey: "1", accountId: "default" }) },
                 session: {
                     resolveStorePath: () => "",
                     readSessionUpdatedAt: () => 0,
@@ -121,8 +122,8 @@ describe("Monitor Active Features", () => {
 
         vi.spyOn(runtime, "getWecomRuntime").mockReturnValue(mockCore);
 
-        registerWecomWebhookTarget({
-            account: { accountId: "1", enabled: true, configured: true, token: "T", encodingAESKey: validKey, receiveId: "R", config: {} as any },
+        unregisterTarget = registerWecomWebhookTarget({
+            account: { accountId: "default", enabled: true, configured: true, token: "T", encodingAESKey: validKey, receiveId: "R", config: {} as any },
             config: {
                 channels: {
                     wecom: {
@@ -144,6 +145,8 @@ describe("Monitor Active Features", () => {
     });
 
     afterEach(() => {
+        unregisterTarget?.();
+        unregisterTarget = undefined;
         vi.useRealTimers();
     });
 
@@ -187,14 +190,17 @@ describe("Monitor Active Features", () => {
         undiciFetch.mockResolvedValue(new Response("ok", { status: 200 }));
         await sendActiveMessage(streamId, "Active Hello");
 
-        expect(undiciFetch).toHaveBeenCalledWith(
-            "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test-key",
+        expect(undiciFetch).toHaveBeenCalled();
+        const [url, init] = undiciFetch.mock.calls.at(-1)! as [string, RequestInit];
+        expect(url).toBe("https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test-key");
+        expect(init).toEqual(
             expect.objectContaining({
                 method: "POST",
-                headers: expect.objectContaining({ "Content-Type": "application/json" }),
                 body: JSON.stringify({ msgtype: "text", text: { content: "Active Hello" } }),
             }),
         );
+        const headers = new Headers(init.headers);
+        expect(headers.get("content-type")).toBe("application/json");
     });
 
     it("should fallback non-image media to agent DM (and push a Chinese prompt)", async () => {
@@ -234,6 +240,6 @@ describe("Monitor Active Features", () => {
         expect(undiciFetch).toHaveBeenCalled();
     });
 
-    // 注：本机路径（/Users/... 或 /tmp/...）短路发图逻辑属于运行态特性，
+    // 注：本机路径（/Users/...、/tmp/...、/root/...、/home/...）短路发图逻辑属于运行态特性，
     // 单测在 fake timers + module singleton 状态下容易引入脆弱性；这里优先覆盖更关键的兜底链路与去重逻辑。
 });

package/src/monitor.inbound-filter.test.ts

@@ -0,0 +1,63 @@
+import { describe, expect, it } from "vitest";
+
+import { shouldProcessBotInboundMessage } from "./monitor.js";
+
+describe("shouldProcessBotInboundMessage", () => {
+  it("skips payloads without sender id", () => {
+    const result = shouldProcessBotInboundMessage({
+      msgtype: "text",
+      from: {},
+      text: { content: "hello" },
+    });
+    expect(result.shouldProcess).toBe(false);
+    expect(result.reason).toBe("missing_sender");
+  });
+
+  it("skips system sender payloads", () => {
+    const result = shouldProcessBotInboundMessage({
+      msgtype: "text",
+      from: { userid: "sys" },
+      text: { content: "hello" },
+    });
+    expect(result.shouldProcess).toBe(false);
+    expect(result.reason).toBe("system_sender");
+  });
+
+  it("skips group payloads without chatid", () => {
+    const result = shouldProcessBotInboundMessage({
+      msgtype: "text",
+      chattype: "group",
+      from: { userid: "zhangsan" },
+      text: { content: "hello" },
+    });
+    expect(result.shouldProcess).toBe(false);
+    expect(result.reason).toBe("missing_chatid");
+  });
+
+  it("accepts normal direct-user messages", () => {
+    const result = shouldProcessBotInboundMessage({
+      msgtype: "text",
+      chattype: "single",
+      from: { userid: "zhangsan" },
+      text: { content: "hello" },
+    });
+    expect(result.shouldProcess).toBe(true);
+    expect(result.reason).toBe("user_message");
+    expect(result.senderUserId).toBe("zhangsan");
+    expect(result.chatId).toBe("zhangsan");
+  });
+
+  it("accepts normal group messages with chatid", () => {
+    const result = shouldProcessBotInboundMessage({
+      msgtype: "text",
+      chattype: "group",
+      chatid: "wr123",
+      from: { userid: "zhangsan" },
+      text: { content: "hello" },
+    });
+    expect(result.shouldProcess).toBe(true);
+    expect(result.reason).toBe("user_message");
+    expect(result.senderUserId).toBe("zhangsan");
+    expect(result.chatId).toBe("wr123");
+  });
+});