a2acalling 0.6.73 → 0.6.75

package/scripts/verify-app-bundle.sh

@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# A2A-97: verify packaged app has sidecar + expected metadata before release upload.
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+PROJECT_DIR="$(cd "$SCRIPT_DIR/.." && pwd)"
+APP_PATH="${1:-$PROJECT_DIR/native/macos/src-tauri/target/universal-apple-darwin/release/bundle/macos/A2A Callbook.app}"
+
+fail() {
+  echo "App bundle verification failed: $1" >&2
+  if [[ -d "$APP_PATH/Contents/MacOS" ]]; then
+    echo "---- Contents/MacOS ----" >&2
+    ls -la "$APP_PATH/Contents/MacOS" >&2 || true
+  fi
+  exit 1
+}
+
+[[ -d "$APP_PATH" ]] || fail "missing app bundle at $APP_PATH"
+[[ -f "$APP_PATH/Contents/Info.plist" ]] || fail "missing Info.plist"
+[[ -f "$APP_PATH/Contents/Resources/icon.icns" ]] || fail "missing icon.icns"
+
+if ! ls "$APP_PATH/Contents/MacOS"/a2a-server-* >/dev/null 2>&1; then
+  fail "missing bundled a2a-server sidecar binary"
+fi
+
+EXPECTED_VERSION="$(node -p "require('$PROJECT_DIR/package.json').version")"
+ACTUAL_VERSION="$(/usr/libexec/PlistBuddy -c 'Print :CFBundleShortVersionString' "$APP_PATH/Contents/Info.plist" 2>/dev/null || true)"
+[[ -n "$ACTUAL_VERSION" ]] || fail "unable to read CFBundleShortVersionString"
+
+if [[ "$ACTUAL_VERSION" != "$EXPECTED_VERSION" ]]; then
+  fail "bundle version mismatch (expected $EXPECTED_VERSION, got $ACTUAL_VERSION)"
+fi
+
+echo "App bundle verification passed for $APP_PATH"

package/src/lib/agent-card.js

@@ -0,0 +1,111 @@
+/**
+ * Google A2A Agent Card Builder
+ *
+ * Assembles a standards-compliant Agent Card from existing config,
+ * disclosure manifest, and crypto identity. The card is served at
+ * GET /.well-known/a2a-agent-card and mirrored at GET /api/a2a/agent-card.
+ *
+ * Reference: A2A-75 assessment, A2A-76 implementation ticket.
+ */
+
+const crypto = require('node:crypto');
+const { fingerprint } = require('./crypto');
+
+/**
+ * Build a Google A2A-compliant Agent Card.
+ *
+ * @param {object} opts
+ * @param {object} opts.config    - Result of A2AConfig.getAgent()
+ * @param {object} opts.manifest  - Result of getTopicsForTier('public')
+ * @param {string|null} opts.publicKey - Base64-encoded Ed25519 public key (or null)
+ * @param {string} opts.serverUrl - Externally-reachable base URL (e.g. "https://host.com")
+ * @param {string} opts.version   - Package version string
+ * @returns {object} Agent Card JSON
+ */
+function buildAgentCard({ config, manifest, publicKey, serverUrl, version }) {
+  const agentName = config?.name || 'a2a-agent';
+  const agentDescription = config?.description || '';
+  const ownerName = config?.owner || '';
+
+  // Agent ID: Ed25519 fingerprint if available, else deterministic hash of name + hostname
+  const id = publicKey
+    ? fingerprint(publicKey)
+    : crypto.createHash('sha256')
+        .update(`${agentName}:${config?.hostname || 'localhost'}`)
+        .digest('hex')
+        .match(/.{2}/g)
+        .join(':');
+
+  // Map public-tier disclosure topics → Agent Card skills
+  const topics = (manifest && Array.isArray(manifest.topics)) ? manifest.topics : [];
+  const skills = topics
+    .filter(t => t?.topic)
+    .map(t => ({
+      id: t.topic.toLowerCase().replace(/\s+/g, '-').replace(/[^a-z0-9-]/g, ''),
+      name: t.topic,
+      description: t.description || ''
+    }));
+
+  // Normalize server URL (strip trailing slash)
+  const baseUrl = (serverUrl || '').replace(/\/+$/, '');
+
+  const card = {
+    id,
+    name: agentName,
+    version: version || '0.0.0',
+    provider: ownerName ? { name: ownerName } : undefined,
+    description: agentDescription || undefined,
+    capabilities: {
+      streaming: false,
+      pushNotifications: false,
+      extendedAgentCard: false
+    },
+    skills,
+    interfaces: [
+      {
+        type: 'rest',
+        url: `${baseUrl}/api/a2a/`,
+        version: '0.3'
+      }
+    ],
+    securitySchemes: {
+      bearerAuth: {
+        type: 'http',
+        scheme: 'bearer',
+        description: 'A2A federation token (fed_xxx)'
+      }
+    },
+    security: [{ bearerAuth: [] }],
+    extensions: [
+      {
+        uri: 'https://openclaw.dev/a2a/extensions/trust-tiers',
+        version: '1.0.0',
+        required: false,
+        data: {
+          tiers: ['public', 'friends', 'family'],
+          default_tier: 'public',
+          disclosure_levels: ['public', 'minimal', 'none'],
+          default_disclosure: 'minimal',
+          supports_topics: true,
+          supports_goals: true,
+          owner_notifications: true,
+          max_calls_enforced: true
+        }
+      }
+    ]
+  };
+
+  // Include signature identity only when a keypair exists
+  if (publicKey) {
+    card.signature = {
+      algorithm: 'ed25519',
+      publicKey,
+      fingerprint: fingerprint(publicKey)
+    };
+  }
+
+  // Strip undefined values for clean JSON
+  return JSON.parse(JSON.stringify(card));
+}
+
+module.exports = { buildAgentCard };

package/src/lib/client.js

@@ -19,16 +19,198 @@ const RETRYABLE_CODES = ['ECONNRESET', 'ECONNREFUSED', 'EPIPE', 'ENOTFOUND', 'EA
 // A2A-54: exponential backoff — first retry is immediate, then 1s, then 2s
 const RETRY_DELAYS = [0, 1000, 2000];
 
-/**
- * A2A-54: Retry wrapper for transient network failures.
- * Only retries on RETRYABLE_CODES and timeout errors — HTTP status errors
- * bubble up immediately since the remote explicitly rejected the request.
- *
- * @param {Function} fn - async function to retry
- * @param {object} options
- * @param {number[]} options.delays - delay sequence in ms (default: RETRY_DELAYS)
- * @returns {Promise<*>}
- */
+// A2A-80: Agent Card cache — module-level Map with TTL and prune-on-access
+// Each entry: { card: object|null, cachedAt: number }
+// null card = negative cache (failed fetch)
+const _agentCardCache = new Map();
+
+function _readPositiveIntEnv(name, defaultVal) {
+  const raw = process.env[name];
+  if (!raw) return defaultVal;
+  const n = Number.parseInt(raw, 10);
+  return Number.isFinite(n) && n > 0 ? n : defaultVal;
+}
+
+const AGENT_CARD_TTL_MS = _readPositiveIntEnv('A2A_AGENT_CARD_TTL_MS', 300000);
+const AGENT_CARD_MAX_ENTRIES = _readPositiveIntEnv('A2A_AGENT_CARD_MAX_ENTRIES', 200);
+const AGENT_CARD_FETCH_TIMEOUT_MS = 3000;
+
+// A2A-80: Prune-on-access eviction (pattern from A2A-69, NOT imported)
+function _pruneAgentCardCache() {
+  const now = Date.now();
+  for (const [key, entry] of _agentCardCache.entries()) {
+    if (now - entry.cachedAt > AGENT_CARD_TTL_MS) {
+      _agentCardCache.delete(key);
+    }
+  }
+
+  if (_agentCardCache.size <= AGENT_CARD_MAX_ENTRIES) {
+    return;
+  }
+
+  const oldest = Array.from(_agentCardCache.entries())
+    .sort((a, b) => a[1].cachedAt - b[1].cachedAt);
+  const toDelete = _agentCardCache.size - AGENT_CARD_MAX_ENTRIES;
+  for (let i = 0; i < toDelete; i++) {
+    _agentCardCache.delete(oldest[i][0]);
+  }
+}
+
+// A2A-80: Cache key is always hostname:port
+function _agentCardCacheKey(host) {
+  const parsed = splitHostPort(host);
+  const hostname = parsed.hostname;
+  const port = Number.isFinite(parsed.port) ? parsed.port : 80;
+  return `${hostname}:${port}`;
+}
+
+// A2A-80: Validate Agent Card — needs non-empty interfaces[] with { type: 'rest' }
+function _parseAgentCard(json) {
+  if (!json || typeof json !== 'object') return null;
+  if (!Array.isArray(json.interfaces) || json.interfaces.length === 0) return null;
+
+  const restInterface = json.interfaces.find(
+    iface => iface && iface.type === 'rest'
+  );
+  if (!restInterface) return null;
+
+  return json;
+}
+
+// A2A-80: Fetch Agent Card (GET /.well-known/a2a-agent-card, 3s timeout, cached with TTL).
+// TODO: Concurrent call() to same uncached host may duplicate Agent Card fetches.
+function fetchRemoteAgentCard(host) {
+  _pruneAgentCardCache();
+
+  const cacheKey = _agentCardCacheKey(host);
+  const cached = _agentCardCache.get(cacheKey);
+  if (cached) {
+    return Promise.resolve(cached.card);
+  }
+
+  const { protocol, hostname, port } = resolveProtocolAndPort(host);
+
+  return new Promise((resolve) => {
+    const req = protocol.request({
+      hostname,
+      port,
+      path: '/.well-known/a2a-agent-card',
+      method: 'GET',
+      timeout: AGENT_CARD_FETCH_TIMEOUT_MS
+    }, (res) => {
+      let data = '';
+      let bytes = 0;
+      res.on('data', (chunk) => {
+        bytes += chunk.length;
+        if (bytes > MAX_RESPONSE_BYTES) {
+          res.destroy();
+          _agentCardCache.set(cacheKey, { card: null, cachedAt: Date.now() });
+          resolve(null);
+          return;
+        }
+        data += chunk;
+      });
+      res.on('end', () => {
+        if (res.statusCode !== 200) {
+          _agentCardCache.set(cacheKey, { card: null, cachedAt: Date.now() });
+          resolve(null);
+          return;
+        }
+        try {
+          const json = JSON.parse(data);
+          const card = _parseAgentCard(json);
+          _agentCardCache.set(cacheKey, { card, cachedAt: Date.now() });
+          resolve(card);
+        } catch {
+          _agentCardCache.set(cacheKey, { card: null, cachedAt: Date.now() });
+          resolve(null);
+        }
+      });
+    });
+
+    req.on('error', () => {
+      _agentCardCache.set(cacheKey, { card: null, cachedAt: Date.now() });
+      resolve(null);
+    });
+    req.on('timeout', () => {
+      req.destroy();
+      _agentCardCache.set(cacheKey, { card: null, cachedAt: Date.now() });
+      resolve(null);
+    });
+    req.end();
+  });
+}
+
+// A2A-80: Build Google A2A message/send body (ref: a2a.js translateInternalToGoogle)
+function _translateToGoogleRequest(message, conversationId, options = {}, caller = {}) {
+  return {
+    message: {
+      role: 'user',
+      parts: [{ content: { text: message } }],
+      ...(conversationId ? { context_id: conversationId } : {})
+    },
+    metadata: {
+      caller_name: String(caller.name || '').slice(0, 100),
+      caller_owner: String(caller.owner || '').slice(0, 100),
+      caller_instance: String(caller.instance || '').slice(0, 200)
+    },
+    configuration: {
+      timeout_seconds: options.timeoutSeconds || 60,
+      blocking: true
+    }
+  };
+}
+
+// A2A-80: Translate Google A2A Task response to internal format (ref: a2a.js translateGoogleToInternal)
+function _translateGoogleResponse(taskResponse) {
+  const task = taskResponse?.task;
+  if (!task || !task.status) {
+    throw new A2AError('google_a2a_error', 'Invalid Google A2A response: missing task or status');
+  }
+
+  const parts = task.status.message?.parts || [];
+  const textParts = [];
+  for (const part of parts) {
+    if (part?.content && typeof part.content.text === 'string') {
+      textParts.push(part.content.text);
+    }
+  }
+
+  const response = textParts.join('\n');
+  const state = task.status.state;
+  const canContinue = state === 'input-required';
+
+  return {
+    response,
+    conversation_id: task.context_id || null,
+    can_continue: canContinue
+  };
+}
+
+// A2A-80: Resolve message:send URL from Agent Card REST interface (trailing slash stripped)
+function _resolveGoogleA2AUrl(agentCard, host) {
+  const restInterface = agentCard.interfaces.find(
+    iface => iface && iface.type === 'rest'
+  );
+
+  if (restInterface && restInterface.url) {
+    const baseUrl = restInterface.url.replace(/\/+$/, '');
+    return `${baseUrl}/message:send`;
+  }
+
+  // Fallback: build from host
+  const { hostname, port } = splitHostPort(host);
+  const effectivePort = Number.isFinite(port) ? port : 80;
+  const isLocalhost = hostname === 'localhost' ||
+    hostname === '127.0.0.1' ||
+    hostname === '::1' ||
+    hostname.startsWith('127.');
+  const scheme = (isLocalhost || effectivePort === 80 || (Number.isFinite(port) && port !== 443))
+    ? 'http' : 'https';
+  return `${scheme}://${hostname}:${effectivePort}/message:send`;
+}
+
+// A2A-54: Retry on transient network errors only (not HTTP 4xx/5xx)
 async function withRetry(fn, options = {}) {
   const delays = options.delays || RETRY_DELAYS;
   const maxAttempts = delays.length + 1;
@@ -113,16 +295,7 @@ function resolveProtocolAndPort(host) {
   return { protocol, hostname, port };
 }
 
-/**
- * A2A-54: Create a size-capped response handler.
- * Tracks accumulated bytes and destroys the socket if the cap is exceeded,
- * preventing OOM from malicious or misconfigured remote agents.
- *
- * @param {http.IncomingMessage} res - the response stream
- * @param {Function} resolve - promise resolve
- * @param {Function} reject - promise reject
- * @param {Function} onComplete - called with (data, statusCode) when response ends within cap
- */
+// A2A-54: Size-capped response handler — destroys socket if cap exceeded
 function handleSizeCappedResponse(res, resolve, reject, onComplete) {
   let data = '';
   let bytes = 0;
@@ -159,10 +332,7 @@ class A2AClient {
     this._retryDelays = options._retryDelays || RETRY_DELAYS;
   }
 
-  /**
-   * A2A-52: Build signature headers if keypair is available.
-   * Shared helper used by both call() and end().
-   */
+  // A2A-52: Build signature headers if keypair available
   _signHeaders(method, endpoint, body) {
     if (!this.privateKey || !this.publicKey) return {};
     return signRequest({
@@ -174,9 +344,6 @@ class A2AClient {
     });
   }
 
-  /**
-   * Parse an a2a:// URL
-   */
   static parseInvite(inviteUrl) {
     const match = inviteUrl.match(/^a2a:\/\/([^/]+)\/(.+)$/);
     if (!match) {
@@ -185,14 +352,70 @@ class A2AClient {
     return { host: match[1], token: match[2] };
   }
 
-  /**
-   * Call a remote agent
-   *
-   * @param {string|object} endpoint - a2a:// URL or {host, token}
-   * @param {string} message - Message to send
-   * @param {object} options - Additional options
-   * @returns {Promise<object>} Response from remote agent
-   */
+  // A2A-80: Send message via Google A2A protocol (message/send format)
+  _callGoogleA2A(host, token, body, agentCard) {
+    const url = _resolveGoogleA2AUrl(agentCard, host);
+    // Parse the URL to extract components for http/https request
+    const parsed = new URL(url);
+    const proto = parsed.protocol === 'https:' ? https : http;
+    const path = parsed.pathname;
+
+    // A2A-52: attach signature headers when keypair available
+    const sigHeaders = this._signHeaders('POST', path, body);
+
+    const makeRequest = () => new Promise((resolve, reject) => {
+      const req = proto.request({
+        hostname: parsed.hostname,
+        port: parsed.port || (parsed.protocol === 'https:' ? 443 : 80),
+        path,
+        method: 'POST',
+        headers: {
+          'Authorization': `Bearer ${token}`,
+          'Content-Type': 'application/json',
+          'Content-Length': Buffer.byteLength(body),
+          ...sigHeaders
+        },
+        timeout: this.timeout
+      }, (res) => {
+        handleSizeCappedResponse(res, resolve, reject, (data, statusCode) => {
+          try {
+            const json = JSON.parse(data);
+            if (statusCode >= 400) {
+              // A2A-80: map Google A2A error format to A2AError
+              const errObj = json.error || {};
+              const code = errObj.code || json.error || 'google_a2a_error';
+              const message = errObj.message || json.message || data;
+              reject(new A2AError(String(code), message, statusCode));
+            } else {
+              resolve(_translateGoogleResponse(json));
+            }
+          } catch (e) {
+            if (e instanceof A2AError) {
+              reject(e);
+            } else {
+              reject(new A2AError('parse_error', `Failed to parse Google A2A response: ${data}`, statusCode));
+            }
+          }
+        });
+      });
+
+      req.on('error', (e) => {
+        reject(new A2AError('network_error', e.code ? `${e.code}: ${e.message}` : e.message));
+      });
+
+      req.on('timeout', () => {
+        req.destroy();
+        reject(new A2AError('timeout', 'Request timed out'));
+      });
+
+      req.write(body);
+      req.end();
+    });
+
+    return withRetry(makeRequest, { delays: this._retryDelays });
+  }
+
+  // Call a remote agent — auto-detects Google A2A via Agent Card
   async call(endpoint, message, options = {}) {
     let host, token;
 
@@ -204,6 +427,18 @@ class A2AClient {
 
     const { conversationId, context, timeoutSeconds } = options;
 
+    // A2A-80: check Agent Card to decide Google A2A vs proprietary format
+    const agentCard = await fetchRemoteAgentCard(host);
+
+    if (agentCard) {
+      // Google A2A format path
+      const googleBody = JSON.stringify(
+        _translateToGoogleRequest(message, conversationId, { timeoutSeconds }, this.caller)
+      );
+      return this._callGoogleA2A(host, token, googleBody, agentCard);
+    }
+
+    // Proprietary format path (unchanged)
     const body = JSON.stringify({
       message,
       conversation_id: conversationId,
@@ -262,13 +497,7 @@ class A2AClient {
     return withRetry(makeRequest, { delays: this._retryDelays });
   }
 
-  /**
-   * Explicitly end a remote conversation and trigger call conclusion
-   *
-   * @param {string|object} endpoint - a2a:// URL or {host, token}
-   * @param {string} conversationId - Conversation ID to conclude
-   * @returns {Promise<object>} End response from remote agent
-   */
+  // End a remote conversation — no-op for Google A2A remotes
   async end(endpoint, conversationId) {
     if (!conversationId) {
       throw new A2AError('missing_conversation_id', 'conversationId is required');
@@ -282,6 +511,17 @@ class A2AClient {
       ({ host, token } = endpoint);
     }
 
+    // A2A-80: Google A2A remotes don't have an end endpoint — return synthetic response
+    const agentCard = await fetchRemoteAgentCard(host);
+    if (agentCard) {
+      logger.info('Skipping end() for Google A2A remote', {
+        event: 'google_a2a_end_skipped',
+        data: { conversationId, host }
+      });
+      return { ended: true, summary: null };
+    }
+
+    // Proprietary format path (unchanged)
     const body = JSON.stringify({
       conversation_id: conversationId
     });
@@ -336,9 +576,6 @@ class A2AClient {
     return withRetry(makeRequest, { delays: this._retryDelays });
   }
 
-  /**
-   * Check if a remote agent is available
-   */
   async ping(endpoint) {
     let host;
 
@@ -378,9 +615,6 @@ class A2AClient {
     });
   }
 
-  /**
-   * Get A2A status of a remote
-   */
   async status(endpoint) {
     let host;
 
@@ -431,6 +665,7 @@ class A2AError extends Error {
 }
 
 // A2A-54: export internals for testing (splitHostPort, resolveProtocolAndPort, constants)
+// A2A-80: export Agent Card cache and helpers for testing
 module.exports = {
   A2AClient,
   A2AError,
@@ -438,5 +673,11 @@ module.exports = {
   _resolveProtocolAndPort: resolveProtocolAndPort,
   _MAX_RESPONSE_BYTES: MAX_RESPONSE_BYTES,
   _RETRYABLE_CODES: RETRYABLE_CODES,
-  _RETRY_DELAYS: RETRY_DELAYS
+  _RETRY_DELAYS: RETRY_DELAYS,
+  _agentCardCache,
+  _parseAgentCard,
+  _translateToGoogleRequest,
+  _translateGoogleResponse,
+  _resolveGoogleA2AUrl,
+  fetchRemoteAgentCard
 };

package/src/lib/conversations.js

@@ -82,6 +82,8 @@ class ConversationStore {
    */
   _migrate() {
     this.db.exec(`
+      PRAGMA journal_mode = WAL;
+
       -- Conversations with remote agents
       CREATE TABLE IF NOT EXISTS conversations (
         id TEXT PRIMARY KEY,

package/src/lib/local-request.js

@@ -0,0 +1,69 @@
+/**
+ * Local Request Detection Utilities
+ *
+ * A2A-73: Extracted from dashboard.js and a2a.js to provide a single,
+ * proxy-aware implementation of local request detection. The previous
+ * isLoopbackAddress(req.ip) check was insufficient behind reverse proxies
+ * because Express (without trust proxy) reports the proxy's IP, not the
+ * real client IP.
+ */
+
+'use strict';
+
+/**
+ * Check if an IP address is a loopback address.
+ * Handles IPv4, IPv6, and IPv4-mapped IPv6 formats.
+ */
+function isLoopbackAddress(ip) {
+  if (!ip) return false;
+  if (ip === '::1' || ip === '127.0.0.1' || ip === '::ffff:127.0.0.1') {
+    return true;
+  }
+  // Full 127.0.0.0/8 range is loopback in IPv4
+  if (ip.startsWith('127.')) return true;
+  return ip.startsWith('::ffff:127.');
+}
+
+/**
+ * Determine if a request is a direct local connection (not proxied).
+ *
+ * A2A-73: This is the security-critical check. A request is only considered
+ * "direct local" if ALL of these conditions hold:
+ * 1. Socket remote address is loopback (the TCP connection is local)
+ * 2. Host header targets localhost (not a public hostname)
+ * 3. No proxy-forwarding headers are present (rules out nginx/CDN traffic)
+ *
+ * Without condition 3, any request through a reverse proxy would pass
+ * because the proxy connects from 127.0.0.1 to the backend.
+ */
+function isDirectLocalRequest(req) {
+  const ip = (req && req.socket && req.socket.remoteAddress) ? req.socket.remoteAddress : req.ip;
+  if (!isLoopbackAddress(ip)) return false;
+
+  const rawHost = String(req.headers.host || '').toLowerCase();
+  // Strip port suffix to get the bare hostname for exact matching.
+  // This prevents DNS rebinding via e.g. localhost.evil.com or 127.0.0.1.nip.io.
+  // Negative lookbehind avoids stripping `:1` from bare IPv6 `::1`.
+  const hostname = rawHost.replace(/(?<!:):\d+$/, '');
+  const isLocalHost = hostname === 'localhost' ||
+    hostname === '127.0.0.1' ||
+    hostname === '[::1]' ||
+    hostname === '::1';
+  if (!isLocalHost) return false;
+
+  // A2A-73: Reject requests with any proxy-forwarding header. These indicate
+  // the request was relayed by nginx, a CDN, or another reverse proxy —
+  // even though the socket address is loopback (proxy → backend is local).
+  const forwarded = req.headers['x-forwarded-for'] ||
+    req.headers['x-forwarded-proto'] ||
+    req.headers['x-forwarded-host'] ||
+    req.headers['cf-connecting-ip'] ||
+    req.headers['x-forwarded-by'] ||
+    req.headers['x-real-ip'] ||
+    req.headers['forwarded'];
+  if (forwarded) return false;
+
+  return true;
+}
+
+module.exports = { isLoopbackAddress, isDirectLocalRequest };

package/src/lib/logger.js

@@ -161,6 +161,8 @@ class LogStore {
 
   _ensureSchema() {
     this.db.exec(`
+      PRAGMA journal_mode = WAL;
+
       CREATE TABLE IF NOT EXISTS logs (
         id INTEGER PRIMARY KEY AUTOINCREMENT,
         timestamp TEXT NOT NULL,