agent-messenger 2.23.6 → 2.24.0

package/dist/src/vendor/linejs/base/request/mod.test.ts

@@ -0,0 +1,54 @@
+import { describe, expect, it } from 'bun:test'
+
+import { InternalError } from '../core/mod.js'
+import { RequestClient } from './mod.js'
+
+// Regression: a thrift error response can set hasError (empty res.data[0]) while
+// omitting the exception struct (res.data[1] absent), leaving res.data.e undefined.
+function createClient(readThriftResult: { data: Record<string, unknown> }) {
+  const deviceDetails = {
+    device: 'TEST',
+    appVersion: '0.0.0',
+    systemName: 'TEST',
+    systemVersion: '0.0.0',
+  }
+  const stubClient = {
+    deviceDetails,
+    endpoint: 'legy.line-apps.test',
+    authToken: 'expired-token',
+    config: { timeout: 1000 },
+    storage: { get: async () => undefined },
+    log: () => {},
+    emit: () => {},
+    fetch: async () => ({
+      headers: { get: () => null },
+      arrayBuffer: async () => new ArrayBuffer(0),
+    }),
+    thrift: {
+      writeThrift: () => new Uint8Array(),
+      readThrift: () => readThriftResult,
+      rename_data: () => {},
+    },
+  }
+
+  return new RequestClient(stubClient as never)
+}
+
+describe('RequestClient.requestCore error handling', () => {
+  it('throws a clean RequestError when hasError is set but no exception struct is present', async () => {
+    // given: an error response with an empty success slot and no exception struct
+    const client = createClient({ data: { 0: undefined, someField: 1 } })
+
+    // when / then: the error branch must throw InternalError, not a TypeError
+    let thrown: unknown
+    try {
+      await client.requestCore('/S3', [], 'testMethod', 3)
+    } catch (error) {
+      thrown = error
+    }
+
+    expect(thrown).toBeInstanceOf(InternalError)
+    expect((thrown as InternalError).type).toBe('RequestError')
+    expect(thrown).not.toBeInstanceOf(TypeError)
+  })
+})

package/docs/content/docs/cli/slack.mdx

@@ -45,6 +45,28 @@ This command:
 - Stores credentials securely in `~/.config/agent-messenger/`
 - Supports `--browser-profile <path>` for agent-browser profiles, custom Chrome user data dirs, or portable browser profiles
 
+### QR Code Sign-In
+
+When the desktop app isn't installed (or extraction isn't an option), sign in with a QR code from a device where you're already logged into Slack. This runs entirely over HTTP — no browser automation required:
+
+```bash
+# In Slack (desktop or web): your name (top-left) → "Sign in on mobile".
+# Right-click the QR code → "Copy Image Address", then pipe it in:
+pbpaste | agent-slack auth qr
+
+# Or pass the data URL directly:
+agent-slack auth qr "data:image/png;base64,iVBORw0KGgo..."
+
+# Show each redirect hop while debugging:
+agent-slack auth qr --debug
+```
+
+This decodes the QR's one-time `z-app-` login URL, follows Slack's server-side redirect chain to capture the session cookie, retrieves the matching client token, and stores credentials like `auth extract`.
+
+- The QR link is **single-use** — generate a fresh one if it expires.
+- No Chrome/Chromium or desktop app is required.
+- Works with workspaces that allow password/email sign-in. SSO-only / Enterprise Grid workspaces that disable the mobile QR flow are not supported.
+
 ### Multi-Workspace Management
 
 ```bash

package/docs/content/docs/sdk/slack.mdx

@@ -39,6 +39,21 @@ const auth = await client.testAuth()
 // → { user_id: string, team_id: string, user?: string, team?: string }
 ```
 
+### QR Code Login
+
+`loginWithQr` turns a Slack "Sign in on mobile" QR image into a usable session (token + cookie) over plain HTTP — no browser or desktop app. `dataUrl` is the QR image as a `data:image/png;base64,...` string.
+
+```typescript
+import { loginWithQr, SlackClient } from 'agent-messenger/slack'
+
+const session = await loginWithQr(dataUrl)
+// → { token: string, cookie: string, workspace: string }
+
+const client = await new SlackClient().login({ token: session.token, cookie: session.cookie })
+```
+
+`loginWithQr(dataUrl, options)` accepts an optional `{ debug, fetchImpl, maxRedirects }` and throws `SlackError` with codes `qr_session_failed` (link expired / no session) or `qr_token_failed` (token unavailable). Use `decodeSlackQr(dataUrl)` to decode the QR without logging in.
+
 ### Messages
 
 ```typescript

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-messenger",
-  "version": "2.23.6",
+  "version": "2.24.0",
   "description": "Multi-platform messaging CLI for AI agents (Slack, Discord, Teams, Webex, Telegram, Telegram Bot, WhatsApp, LINE, Instagram, KakaoTalk, Channel Talk)",
   "repository": {
     "type": "git",
@@ -178,10 +178,12 @@
     "commander": "^11.1.0",
     "crypto-js": "^4.2.0",
     "curve25519-js": "^0.0.4",
+    "jsqr": "^1.4.0",
     "node-bignumber": "^1.2.2",
     "node-int64": "^0.4.0",
     "node-jose": "^2.2.0",
     "pino": "^10.3.1",
+    "pngjs": "^7.0.0",
     "qrcode": "^1.5.4",
     "thrift": "^0.20.0",
     "tweetnacl": "^1.0.3",
@@ -196,6 +198,7 @@
     "@types/hapi__boom": "^9.0.1",
     "@types/node": "^20.10.6",
     "@types/node-jose": "^1.1.13",
+    "@types/pngjs": "^6.0.5",
     "@types/qrcode": "^1.5.6",
     "@types/ws": "^8.18.1",
     "oxfmt": "^0.36.0",

package/skills/agent-channeltalk/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-channeltalk
 description: Interact with Channel Talk using extracted desktop app or browser credentials - read chats, send messages, search messages, manage groups
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-channeltalk:*)
 metadata:
   openclaw:

package/skills/agent-channeltalkbot/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-channeltalkbot
 description: Interact with Channel Talk workspaces using API credentials - send messages, read chats, manage groups and bots
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-channeltalkbot:*)
 metadata:
   openclaw:

package/skills/agent-discord/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-discord
 description: Interact with Discord servers - send messages, read channels, manage reactions
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-discord:*)
 metadata:
   openclaw:

package/skills/agent-discordbot/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-discordbot
 description: Interact with Discord servers using bot tokens - send messages, read channels, manage reactions
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-discordbot:*)
 metadata:
   openclaw:

package/skills/agent-instagram/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-instagram
 description: Interact with Instagram DMs - send messages, read conversations, manage accounts
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-instagram:*)
 metadata:
   openclaw:

package/skills/agent-kakaotalk/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-kakaotalk
 description: Interact with KakaoTalk - send messages, read chats, manage conversations
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-kakaotalk:*)
 metadata:
   openclaw:

package/skills/agent-line/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-line
 description: Interact with LINE - send messages, read chats, manage conversations
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-line:*)
 metadata:
   openclaw:

package/skills/agent-slack/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-slack
 description: Interact with Slack workspaces - send messages, read channels, manage reactions
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-slack:*)
 metadata:
   openclaw:
@@ -39,6 +39,21 @@ On macOS, the system may prompt for your Keychain password the first time (requi
 
 **IMPORTANT**: Always use `agent-slack auth extract` to obtain tokens. The CLI extracts from the desktop app first, falling back to Chromium browsers if the app isn't installed.
 
+### QR Code Sign-In (No Desktop App Required)
+
+If the Slack desktop app isn't installed (or extraction fails), you can sign in with a QR code from any device where you're already logged into Slack — no browser automation, fully over HTTP:
+
+```bash
+# In Slack (desktop or web): your name (top-left) → "Sign in on mobile".
+# Right-click the QR code → "Copy Image Address", then:
+pbpaste | agent-slack auth qr
+
+# Or pass the data URL directly:
+agent-slack auth qr "data:image/png;base64,iVBORw0KGgo..."
+```
+
+This decodes the QR's one-time login link, establishes a session, and stores the resulting credentials like `auth extract` does. The QR link is single-use — generate a fresh one if it expires.
+
 ### Multi-Workspace Support
 
 ```bash
@@ -145,6 +160,11 @@ agent-slack auth extract --browser-profile ~/work-profile --browser-profile ~/pe
 
 # --browser-profile accepts repeatable or comma-separated Chromium profile/user-data dirs
 
+# Sign in with a QR code from Slack's "Sign in on mobile" screen (no desktop app needed)
+agent-slack auth qr "data:image/png;base64,..."
+pbpaste | agent-slack auth qr
+agent-slack auth qr --debug   # show each redirect hop for troubleshooting
+
 # Check auth status
 agent-slack auth status
 
@@ -562,6 +582,30 @@ Common errors:
 
 Credentials stored in `~/.config/agent-messenger/slack-credentials.json` (0600 permissions). See [references/authentication.md](references/authentication.md) for format and security details.
 
+## SDK: QR Code Login
+
+`loginWithQr` turns a Slack "Sign in on mobile" QR image into a usable session (token + cookie) over plain HTTP — no browser, no desktop app.
+
+```typescript
+import { loginWithQr, SlackClient, SlackCredentialManager } from 'agent-messenger/slack'
+
+// dataUrl is the QR image as a "data:image/png;base64,..." string
+const session = await loginWithQr(dataUrl)
+
+const client = await new SlackClient().login({ token: session.token, cookie: session.cookie })
+const { team_id, team } = await client.testAuth()
+
+// Persist for later, like the CLI does
+await new SlackCredentialManager().setWorkspace({
+  workspace_id: team_id,
+  workspace_name: team ?? session.workspace,
+  token: session.token,
+  cookie: session.cookie,
+})
+```
+
+`loginWithQr(dataUrl, options)` accepts an optional `{ debug, fetchImpl, maxRedirects }`. It throws `SlackError` with codes `qr_session_failed` (link expired / no session) or `qr_token_failed` (token could not be retrieved). To decode the QR without logging in, use `decodeSlackQr(dataUrl)` which returns `{ url, workspace, teamId, userId }`.
+
 ## SDK: Real-Time Events
 
 `SlackListener` connects to Slack's RTM WebSocket for instant event streaming. No polling — events arrive in real time.

package/skills/agent-slack/references/authentication.md

@@ -34,6 +34,35 @@ This command:
 
 Use `--browser-profile <path>` for agent-browser profiles, custom Chrome user data dirs, or portable browser profiles. The option can be repeated or given comma-separated paths, and explicit paths are included even when desktop credentials are also present.
 
+### QR Code Sign-In
+
+When the desktop app isn't installed and browser extraction isn't an option, you can sign in with a QR code from a device where you're already logged into Slack. This runs entirely over HTTP — no browser automation:
+
+```bash
+# In Slack (desktop or web): your name (top-left) → "Sign in on mobile".
+# Right-click the QR code → "Copy Image Address", then pipe it in:
+pbpaste | agent-slack auth qr
+
+# Or pass the data URL directly:
+agent-slack auth qr "data:image/png;base64,iVBORw0KGgo..."
+
+# Show each redirect hop while debugging:
+agent-slack auth qr --debug
+```
+
+How it works:
+
+1. Decodes the QR image (a `data:image/png;base64,...` string) to its one-time `z-app-` login URL
+2. Follows Slack's server-side redirect chain, capturing the session `d` cookie (`xoxd-...`)
+3. Retrieves the matching `xoxc-` client token from the established session
+4. Validates against the Slack API and stores credentials like `auth extract`
+
+Notes:
+
+- The QR link is **single-use** — if it expires, generate a fresh one from Slack's "Sign in on mobile" screen.
+- No Chrome/Chromium or desktop app is required; the flow uses plain HTTP requests.
+- Works with workspaces that allow password/email sign-in. SSO-only / Enterprise Grid workspaces that disable the mobile QR flow are not supported.
+
 ### Platform-Specific Paths
 
 **macOS (Direct Download):**

package/skills/agent-slackbot/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-slackbot
 description: Interact with Slack workspaces using bot tokens - send messages, read channels, manage reactions
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-slackbot:*)
 metadata:
   openclaw:

package/skills/agent-teams/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-teams
 description: Interact with Microsoft Teams - send messages, read channels, manage reactions
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-teams:*)
 metadata:
   openclaw:

package/skills/agent-telegram/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-telegram
 description: Interact with Telegram through TDLib - authenticate, inspect chats, and send messages
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-telegram:*)
 ---
 

package/skills/agent-telegrambot/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-telegrambot
 description: Interact with Telegram using bot tokens - send messages, read chats, manage reactions
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-telegrambot:*)
 metadata:
   openclaw:

package/skills/agent-webex/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-webex
 description: Interact with Cisco Webex - send messages, read spaces, manage memberships
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-webex:*)
 metadata:
   openclaw:

package/skills/agent-webexbot/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-webexbot
 description: Interact with Cisco Webex using bot tokens - send messages, reply in threads, upload and download files, look up people, read spaces, manage memberships, stream real-time events
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-webexbot:*)
 metadata:
   openclaw:

package/skills/agent-wechatbot/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-wechatbot
 description: Interact with WeChat Official Account using API credentials - send messages, manage templates, list followers
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-wechatbot:*)
 metadata:
   openclaw:

package/skills/agent-whatsapp/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-whatsapp
 description: Interact with WhatsApp - send messages, read chats, manage conversations
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-whatsapp:*)
 metadata:
   openclaw:

package/skills/agent-whatsappbot/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: agent-whatsappbot
 description: Interact with WhatsApp using Cloud API credentials - send messages, manage templates
-version: 2.23.6
+version: 2.24.0
 allowed-tools: Bash(agent-whatsappbot:*)
 metadata:
   openclaw:

package/src/platforms/slack/commands/auth.ts

@@ -9,6 +9,7 @@ import { debug } from '@/shared/utils/stderr'
 import { SlackClient, SlackError } from '../client'
 import { CredentialManager } from '../credential-manager'
 import { refreshCookie, tryWebTokenRefresh } from '../ensure-auth'
+import { loginWithQr } from '../qr-http-login'
 import { type ExtractedWorkspace, TokenExtractor } from '../token-extractor'
 
 export function formatCredentialDebug(ws: ExtractedWorkspace, showSecrets?: boolean): string {
@@ -230,6 +231,70 @@ async function statusAction(options: { pretty?: boolean }): Promise<void> {
   }
 }
 
+async function qrAction(imageArg: string | undefined, options: { pretty?: boolean; debug?: boolean }): Promise<void> {
+  try {
+    const dataUrl = imageArg ?? (await readStdin())
+    if (!dataUrl) {
+      console.log(
+        formatOutput(
+          {
+            error: 'No QR image provided. Pass the copied QR image data URL as an argument, or pipe it via stdin.',
+            hint: 'In Slack: your name (top-left) → "Sign in on mobile" → right-click the QR → Copy Image Address.',
+          },
+          options.pretty,
+        ),
+      )
+      process.exit(1)
+    }
+
+    const debugLog = options.debug ? (msg: string) => debug(`[debug] ${msg}`) : undefined
+    const session = await loginWithQr(dataUrl, { debug: debugLog })
+
+    const client = await new SlackClient().login({ token: session.token, cookie: session.cookie })
+    const authInfo = await client.testAuth()
+
+    const credManager = new CredentialManager()
+    const workspace: ExtractedWorkspace = {
+      workspace_id: authInfo.team_id,
+      workspace_name: authInfo.team || session.workspace,
+      token: session.token,
+      cookie: session.cookie,
+    }
+    await credManager.setWorkspace(workspace)
+
+    const config = await credManager.load()
+    if (!config.current_workspace) {
+      await credManager.setCurrentWorkspace(workspace.workspace_id)
+    }
+
+    console.log(
+      formatOutput(
+        {
+          workspace: `${workspace.workspace_id}/${workspace.workspace_name}`,
+          user: authInfo.user,
+          current: (await credManager.load()).current_workspace,
+        },
+        options.pretty,
+      ),
+    )
+  } catch (error) {
+    handleError(error as Error)
+  }
+}
+
+function readStdin(): Promise<string> {
+  if (process.stdin.isTTY) return Promise.resolve('')
+  return new Promise((resolve) => {
+    let data = ''
+    process.stdin.setEncoding('utf8')
+    process.stdin.on('data', (chunk) => {
+      data += chunk
+    })
+    process.stdin.on('end', () => resolve(data))
+    process.stdin.on('error', () => resolve(data))
+  })
+}
+
 export function getExtractionErrorMessage(failureReasons: string[]): string {
   if (failureReasons.includes('missing_cookie')) {
     return 'Cookie extraction failed. Grant Keychain access when prompted, and make sure you are signed into Slack in the desktop app or a supported Chromium browser.'
@@ -260,6 +325,14 @@ export const authCommand = new Command('auth')
       .option('--unsafely-show-secrets', 'Show full token and cookie values in debug output')
       .action((options: BrowserProfileOption & Parameters<typeof extractAction>[0]) => extractAction(options)),
   )
+  .addCommand(
+    new Command('qr')
+      .description('Sign in by pasting a QR code from Slack\u2019s "Sign in on mobile" screen')
+      .argument('[image]', 'QR image data URL (data:image/png;base64,...); read from stdin if omitted')
+      .option('--pretty', 'Pretty print JSON output')
+      .option('--debug', 'Show debug output for troubleshooting')
+      .action(qrAction),
+  )
   .addCommand(
     new Command('logout')
       .description('Logout from workspace')

package/src/platforms/slack/ensure-auth.ts

@@ -145,9 +145,13 @@ async function refreshAndVerify(cookie: string, domain: string, fallbackName: st
 
 const TOKEN_REGEX = /"api_token":"(xoxc-[a-zA-Z0-9-]+)"/
 
-export async function refreshTokenFromWeb(domain: string, cookie: string): Promise<string | null> {
+export async function refreshTokenFromWeb(
+  domain: string,
+  cookie: string,
+  fetchImpl: typeof fetch = fetch,
+): Promise<string | null> {
   try {
-    const response = await fetch(`https://${domain}.slack.com/ssb/redirect`, {
+    const response = await fetchImpl(`https://${domain}.slack.com/ssb/redirect`, {
       headers: { Cookie: `d=${cookie}` },
       redirect: 'follow',
     })

package/src/platforms/slack/index.test.ts

@@ -12,6 +12,8 @@ import {
   SlackUserSchema,
   WorkspaceCredentialsSchema,
   ConfigSchema,
+  decodeSlackQr,
+  loginWithQr,
 } from '@/platforms/slack/index'
 
 it('SlackClient is exported from barrel', () => {
@@ -57,3 +59,11 @@ it('WorkspaceCredentialsSchema is exported from barrel', () => {
 it('ConfigSchema is exported from barrel', () => {
   expect(typeof ConfigSchema.parse).toBe('function')
 })
+
+it('loginWithQr is exported from barrel', () => {
+  expect(typeof loginWithQr).toBe('function')
+})
+
+it('decodeSlackQr is exported from barrel', () => {
+  expect(typeof decodeSlackQr).toBe('function')
+})

package/src/platforms/slack/index.ts

@@ -1,6 +1,10 @@
 export { SlackClient, SlackError } from './client'
 export { SlackCredentialManager, CredentialManager } from './credential-manager'
 export { SlackListener } from './listener'
+export { loginWithQr } from './qr-http-login'
+export type { QrLoginOptions, QrSession } from './qr-http-login'
+export { decodeSlackQr } from './qr-login'
+export type { SlackQrLogin } from './qr-login'
 export type {
   SlackBookmark,
   SlackChannel,