botschat 0.1.10 → 0.1.12

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "botschat",
-  "version": "0.1.10",
+  "version": "0.1.12",
   "description": "A self-hosted chat interface for OpenClaw AI agents",
   "workspaces": [
     "packages/*"
@@ -16,6 +16,10 @@
     "db:migrate:remote": "wrangler d1 migrations apply botschat-db --remote",
     "typecheck": "tsc --noEmit",
     "build:plugin": "npm run build -w packages/plugin",
+    "ios:build": "npm run build -w packages/web && npx cap sync ios",
+    "ios:open": "npx cap open ios",
+    "ios:run": "npx cap run ios",
+    "ios:sync": "npx cap sync ios",
     "test:e2e": "npx tsx scripts/verify-e2e.ts && npx tsx packages/e2e-crypto/e2e-crypto.test.ts",
     "test:e2e-db": "npx tsx scripts/verify-e2e-db.ts"
   },
@@ -49,10 +53,19 @@
     "url": "git+https://github.com/botschat-app/botsChat.git"
   },
   "devDependencies": {
+    "@capacitor/cli": "^8.1.0",
     "typescript": "^5.7.0",
     "wrangler": "^3.100.0"
   },
   "dependencies": {
+    "@capacitor/app": "^8.0.1",
+    "@capacitor/core": "^8.1.0",
+    "@capacitor/haptics": "^8.0.0",
+    "@capacitor/ios": "^8.1.0",
+    "@capacitor/keyboard": "^8.0.0",
+    "@capacitor/splash-screen": "^8.0.1",
+    "@capacitor/status-bar": "^8.0.1",
+    "@capgo/capacitor-social-login": "^8.3.1",
     "react-resizable-panels": "^4.6.2"
   }
 }

package/packages/api/src/do/connection-do.ts

@@ -1,5 +1,5 @@
 import type { Env } from "../env.js";
-import { verifyToken, getJwtSecret } from "../utils/auth.js";
+import { verifyToken, getJwtSecret, signMediaUrl } from "../utils/auth.js";
 import { generateId as generateIdUtil } from "../utils/id.js";
 import { randomUUID } from "../utils/uuid.js";
 
@@ -639,16 +639,11 @@ export class ConnectionDO implements DurableObject {
         return null;
       }
 
-      const contentType = response.headers.get("Content-Type") ?? "image/png";
-      // Validate that the response is actually an image
-      if (!contentType.startsWith("image/")) {
-        console.warn(`[DO] cacheExternalMedia: non-image Content-Type "${contentType}", skipping ${url.slice(0, 120)}`);
-        return null;
-      }
+      const contentType = response.headers.get("Content-Type") ?? "application/octet-stream";
 
-      // Reject SVG (can contain scripts — XSS vector)
-      if (contentType.includes("svg")) {
-        console.warn(`[DO] cacheExternalMedia: blocked SVG content from ${url.slice(0, 120)}`);
+      // Reject SVG (can contain scripts — XSS vector) and executable types
+      if (contentType.includes("svg") || contentType.includes("javascript") || contentType.includes("executable")) {
+        console.warn(`[DO] cacheExternalMedia: blocked dangerous Content-Type "${contentType}" from ${url.slice(0, 120)}`);
         return null;
       }
 
@@ -670,14 +665,18 @@ export class ConnectionDO implements DurableObject {
         return null;
       }
 
-      // Determine extension from Content-Type (no SVG)
+      // Determine extension from Content-Type
       const extMap: Record<string, string> = {
         "image/png": "png",
         "image/jpeg": "jpg",
         "image/gif": "gif",
         "image/webp": "webp",
+        "application/pdf": "pdf",
+        "audio/mpeg": "mp3",
+        "audio/wav": "wav",
+        "video/mp4": "mp4",
       };
-      const ext = extMap[contentType] ?? "png";
+      const ext = extMap[contentType] ?? (contentType.startsWith("image/") ? "png" : "bin");
       const key = `media/${userId}/${Date.now()}-${randomUUID().slice(0, 8)}.${ext}`;
 
       // Upload to R2
@@ -685,7 +684,11 @@ export class ConnectionDO implements DurableObject {
         httpMetadata: { contentType },
       });
 
-      const localUrl = `/api/media/${key.replace("media/", "")}`;
+      // Sign the cached media URL so the browser can fetch it without Bearer auth.
+      // key is "media/{userId}/{filename}" — extract just the filename part.
+      const cachedFilename = key.replace(`media/${userId}/`, "");
+      const secret = getJwtSecret(this.env);
+      const localUrl = await signMediaUrl(userId, cachedFilename, secret, 3600);
       console.log(`[DO] cacheExternalMedia: OK ${url.slice(0, 80)} → ${localUrl} (${body.byteLength} bytes)`);
       return localUrl;
     } catch (err) {
@@ -694,6 +697,21 @@ export class ConnectionDO implements DurableObject {
     }
   }
 
+  /**
+   * Re-sign a media URL with a fresh signature. Handles both relative
+   * (/api/media/...) and absolute (https://host/api/media/...) URLs.
+   * Returns a freshly signed relative URL, or the original if not a media URL.
+   */
+  private async refreshMediaUrl(url: string, secret: string): Promise<string> {
+    // Extract userId and filename from /api/media/:userId/:filename patterns
+    const match = url.match(/\/api\/media\/([^/?]+)\/([^?]+)/);
+    if (!match) return url; // Not a media URL — return as-is
+
+    const userId = decodeURIComponent(match[1]);
+    const filename = decodeURIComponent(match[2]);
+    return signMediaUrl(userId, filename, secret, 3600);
+  }
+
   // ---- Message persistence ----
 
   private async persistMessage(opts: {
@@ -785,16 +803,27 @@ export class ConnectionDO implements DurableObject {
         }
       }
 
-      const messages = (result.results ?? []).map((row: Record<string, unknown>) => ({
-        id: row.id,
-        sender: row.sender,
-        text: row.text ?? "",
-        timestamp: ((row.created_at as number) ?? 0) * 1000, // unix seconds → ms
-        mediaUrl: row.media_url ?? undefined,
-        a2ui: row.a2ui ?? undefined,
-        threadId: row.thread_id ?? undefined,
-        encrypted: row.encrypted ?? 0,
-      }));
+      // Re-sign media URLs so they're always fresh when loading history.
+      // Stored URLs may have expired signatures or no signature at all.
+      const secret = getJwtSecret(this.env);
+      const messages = await Promise.all(
+        (result.results ?? []).map(async (row: Record<string, unknown>) => {
+          let mediaUrl = (row.media_url as string | null) ?? undefined;
+          if (mediaUrl) {
+            mediaUrl = await this.refreshMediaUrl(mediaUrl, secret);
+          }
+          return {
+            id: row.id,
+            sender: row.sender,
+            text: row.text ?? "",
+            timestamp: ((row.created_at as number) ?? 0) * 1000, // unix seconds → ms
+            mediaUrl,
+            a2ui: row.a2ui ?? undefined,
+            threadId: row.thread_id ?? undefined,
+            encrypted: row.encrypted ?? 0,
+          };
+        }),
+      );
 
       return Response.json({ messages, replyCounts });
     } catch (err) {

package/packages/api/src/env.ts

@@ -6,6 +6,10 @@ export type Env = {
   ENVIRONMENT: string;
   JWT_SECRET?: string;
   FIREBASE_PROJECT_ID?: string;
+  GOOGLE_WEB_CLIENT_ID?: string;
+  GOOGLE_IOS_CLIENT_ID?: string;
   /** Canonical public URL override — if set, always use this as cloudUrl. */
   PUBLIC_URL?: string;
+  /** Secret for dev-token auth bypass (automated testing). Endpoint is 404 when unset. */
+  DEV_AUTH_SECRET?: string;
 };

package/packages/api/src/index.ts

@@ -12,6 +12,7 @@ import { pairing } from "./routes/pairing.js";
 import { sessions } from "./routes/sessions.js";
 import { upload } from "./routes/upload.js";
 import { setup } from "./routes/setup.js";
+import { devAuth } from "./routes/dev-auth.js";
 
 // Re-export the Durable Object class so wrangler can find it
 export { ConnectionDO } from "./do/connection-do.js";
@@ -23,6 +24,8 @@ const PRODUCTION_ORIGINS = [
   "https://console.botschat.app",
   "https://botschat.app",
   "https://botschat-api.auxtenwpc.workers.dev",
+  "capacitor://localhost",  // iOS Capacitor app
+  "http://localhost",       // Android Capacitor app
 ];
 
 // CORS and security headers — skip for WebSocket upgrade requests
@@ -81,6 +84,7 @@ app.get("/api/health", (c) => c.json({ status: "ok", version: "0.1.0" }));
 
 // ---- Public routes (no auth) ----
 app.route("/api/auth", auth);
+app.route("/api/dev-auth", devAuth);
 app.route("/api/setup", setup);
 
 // ---- Protected routes (require Bearer token) ----

package/packages/api/src/routes/auth.ts

@@ -1,7 +1,7 @@
 import { Hono } from "hono";
 import type { Env } from "../env.js";
 import { createToken, createRefreshToken, verifyRefreshToken, hashPassword, verifyPassword, getJwtSecret } from "../utils/auth.js";
-import { verifyFirebaseIdToken } from "../utils/firebase.js";
+import { verifyAnyGoogleToken } from "../utils/firebase.js";
 import { generateId } from "../utils/id.js";
 
 const auth = new Hono<{ Bindings: Env }>();
@@ -140,10 +140,16 @@ async function handleFirebaseAuth(c: {
     return c.json({ error: "Firebase sign-in is not configured" }, 500);
   }
 
-  // 1. Verify the Firebase ID token
+  // 1. Verify the ID token (Firebase or native Google)
+  // Allowed Google client IDs for native iOS/Android sign-in
+  const allowedGoogleClientIds = [
+    c.env.GOOGLE_WEB_CLIENT_ID,       // Web Client ID (iOSServerClientId)
+    c.env.GOOGLE_IOS_CLIENT_ID,       // iOS Client ID
+  ].filter(Boolean) as string[];
+
   let firebaseUser;
   try {
-    firebaseUser = await verifyFirebaseIdToken(idToken, projectId);
+    firebaseUser = await verifyAnyGoogleToken(idToken, projectId, allowedGoogleClientIds);
   } catch (err) {
     const msg = err instanceof Error ? err.message : "Token verification failed";
     return c.json({ error: msg }, 401);
@@ -236,6 +242,43 @@ auth.post("/firebase", (c) => handleFirebaseAuth(c));
 auth.post("/google", (c) => handleFirebaseAuth(c));
 auth.post("/github", (c) => handleFirebaseAuth(c));
 
+/**
+ * POST /api/auth/dev-login — development-only passwordless login by email.
+ * Used for mobile debugging when OAuth is not yet working.
+ */
+auth.post("/dev-login", async (c) => {
+  if (c.env.ENVIRONMENT !== "development") {
+    return c.json({ error: "Dev login is only available in development mode" }, 403);
+  }
+
+  const { email } = await c.req.json<{ email: string }>();
+  if (!email?.trim()) {
+    return c.json({ error: "email is required" }, 400);
+  }
+
+  const row = await c.env.DB.prepare(
+    "SELECT id, email, display_name FROM users WHERE email = ?",
+  )
+    .bind(email.trim().toLowerCase())
+    .first<{ id: string; email: string; display_name: string | null }>();
+
+  if (!row) {
+    return c.json({ error: "User not found" }, 404);
+  }
+
+  const secret = getJwtSecret(c.env);
+  const token = await createToken(row.id, secret);
+  const refreshToken = await createRefreshToken(row.id, secret);
+
+  return c.json({
+    id: row.id,
+    email: row.email,
+    displayName: row.display_name,
+    token,
+    refreshToken,
+  });
+});
+
 /** POST /api/auth/refresh — exchange a refresh token for a new access token */
 auth.post("/refresh", async (c) => {
   const { refreshToken } = await c.req.json<{ refreshToken: string }>();

package/packages/api/src/routes/channels.ts

@@ -74,10 +74,11 @@ channels.post("/", async (c) => {
     .bind(taskId, id, "Ad Hoc Chat", "adhoc", sessionKey)
     .run();
 
-  // Auto-create a default session
+  // Auto-create a default session (INSERT OR IGNORE to handle duplicate session_key
+  // gracefully — can happen if user re-creates a channel with the same name)
   const sessionId = generateId("ses_");
   await c.env.DB.prepare(
-    "INSERT INTO sessions (id, channel_id, user_id, name, session_key) VALUES (?, ?, ?, ?, ?)",
+    "INSERT OR IGNORE INTO sessions (id, channel_id, user_id, name, session_key) VALUES (?, ?, ?, ?, ?)",
   )
     .bind(sessionId, id, userId, "Session 1", sessionKey)
     .run();

package/packages/api/src/routes/dev-auth.ts

@@ -0,0 +1,45 @@
+import { Hono } from "hono";
+import type { Env } from "../env.js";
+import { createToken, getJwtSecret } from "../utils/auth.js";
+import { generateId } from "../utils/id.js";
+
+const devAuth = new Hono<{ Bindings: Env }>();
+
+/**
+ * POST /api/dev-auth/login — secret-gated dev login for automated testing.
+ * Returns 404 when DEV_AUTH_SECRET is not configured (endpoint invisible).
+ * Auto-creates the user record in D1 if it doesn't exist (upsert).
+ */
+devAuth.post("/login", async (c) => {
+  const devSecret = c.env.DEV_AUTH_SECRET;
+  if (!devSecret || c.env.ENVIRONMENT !== "development") {
+    return c.json({ error: "Not found" }, 404);
+  }
+
+  const { secret, userId: requestedUserId } = await c.req.json<{ secret: string; userId?: string }>();
+  if (!secret || secret !== devSecret) {
+    return c.json({ error: "Forbidden" }, 403);
+  }
+
+  const userId = requestedUserId || "dev-test-user";
+  const jwtSecret = getJwtSecret(c.env);
+  const token = await createToken(userId, jwtSecret);
+
+  // Ensure the user exists in D1 (upsert) so foreign key constraints are satisfied.
+  // Dev-auth users get a placeholder email and no password (login only via dev-auth).
+  try {
+    const existing = await c.env.DB.prepare("SELECT id FROM users WHERE id = ?").bind(userId).first();
+    if (!existing) {
+      const email = `${userId}@dev.botschat.test`;
+      await c.env.DB.prepare(
+        "INSERT INTO users (id, email, password_hash, display_name) VALUES (?, ?, '', ?)",
+      ).bind(userId, email, userId).run();
+    }
+  } catch (err) {
+    console.error("[dev-auth] Failed to upsert user:", err);
+  }
+
+  return c.json({ token, userId });
+});
+
+export { devAuth };

package/packages/api/src/routes/upload.ts

@@ -8,50 +8,85 @@ export const upload = new Hono<{
   Variables: { userId: string };
 }>();
 
+/** Allowed non-image MIME types for file attachments. */
+const ALLOWED_FILE_TYPES = new Set([
+  "application/pdf",
+  "text/plain",
+  "text/csv",
+  "text/markdown",
+  "application/json",
+  "application/zip",
+  "application/gzip",
+  "application/x-tar",
+  "audio/mpeg", "audio/wav", "audio/ogg", "audio/mp4", "audio/webm", "audio/aac",
+  "video/mp4", "video/webm", "video/quicktime",
+]);
+
+/** Safe file extensions for each category. */
+const SAFE_EXTENSIONS = new Set([
+  "jpg", "jpeg", "png", "gif", "webp", "bmp", "ico",
+  "pdf", "txt", "csv", "md", "json", "zip", "gz", "tar",
+  "mp3", "wav", "ogg", "m4a", "aac", "webm",
+  "mp4", "mov",
+]);
+
 /** POST / — Upload a file to R2 and return a signed URL. */
 upload.post("/", async (c) => {
-  const userId = c.get("userId");
-  const contentType = c.req.header("Content-Type") ?? "";
+  try {
+    const userId = c.get("userId");
+    const contentType = c.req.header("Content-Type") ?? "";
 
-  if (!contentType.includes("multipart/form-data")) {
-    return c.json({ error: "Expected multipart/form-data" }, 400);
-  }
+    if (!contentType.includes("multipart/form-data")) {
+      return c.json({ error: "Expected multipart/form-data" }, 400);
+    }
 
-  const formData = await c.req.formData();
-  const file = formData.get("file") as File | null;
+    const formData = await c.req.formData();
+    const file = formData.get("file") as File | null;
 
-  if (!file) {
-    return c.json({ error: "No file provided" }, 400);
-  }
+    if (!file) {
+      return c.json({ error: "No file provided" }, 400);
+    }
 
-  // Validate file type — only raster images allowed (SVG is an XSS vector)
-  if (!file.type.startsWith("image/") || file.type.includes("svg")) {
-    return c.json({ error: "Only image files are allowed (SVG is not permitted)" }, 400);
-  }
+    const fileType = file.type || "";
 
-  // Limit file size to 10 MB
-  const MAX_SIZE = 10 * 1024 * 1024;
-  if (file.size > MAX_SIZE) {
-    return c.json({ error: "File too large (max 10 MB)" }, 413);
-  }
+    // Block SVG (XSS vector) and executables
+    if (fileType.includes("svg") || fileType.includes("executable") || fileType.includes("javascript")) {
+      return c.json({ error: "File type not permitted (SVG, executables, scripts are blocked)" }, 400);
+    }
 
-  // Generate a unique key: media/{userId}/{timestamp}-{random}.{ext}
-  const ext = file.name.split(".").pop()?.toLowerCase() ?? "png";
-  // SVG is excluded — it can contain <script> tags and is a known XSS vector
-  const safeExt = ["jpg", "jpeg", "png", "gif", "webp", "bmp", "ico"].includes(ext) ? ext : "png";
-  const filename = `${Date.now()}-${randomUUID().slice(0, 8)}.${safeExt}`;
-  const key = `media/${userId}/${filename}`;
-
-  // Upload to R2
-  await c.env.MEDIA.put(key, file.stream(), {
-    httpMetadata: {
-      contentType: file.type,
-    },
-  });
-
-  // Return a signed URL (1 hour expiry)
-  const secret = getJwtSecret(c.env);
-  const url = await signMediaUrl(userId, filename, secret, 3600);
-
-  return c.json({ url, key });
+    // Allow images (except SVG) and a curated set of other file types
+    const isImage = fileType.startsWith("image/");
+    const isAllowedFile = ALLOWED_FILE_TYPES.has(fileType);
+    if (!isImage && !isAllowedFile) {
+      return c.json({ error: `File type '${fileType}' is not supported` }, 400);
+    }
+
+    // Limit file size to 10 MB
+    const MAX_SIZE = 10 * 1024 * 1024;
+    if (file.size > MAX_SIZE) {
+      return c.json({ error: "File too large (max 10 MB)" }, 413);
+    }
+
+    // Generate a unique key: media/{userId}/{timestamp}-{random}.{ext}
+    const ext = file.name.split(".").pop()?.toLowerCase() ?? "bin";
+    const safeExt = SAFE_EXTENSIONS.has(ext) ? ext : (isImage ? "png" : "bin");
+    const filename = `${Date.now()}-${randomUUID().slice(0, 8)}.${safeExt}`;
+    const key = `media/${userId}/${filename}`;
+
+    // Upload to R2
+    await c.env.MEDIA.put(key, file.stream(), {
+      httpMetadata: {
+        contentType: fileType || "application/octet-stream",
+      },
+    });
+
+    // Return a signed URL (1 hour expiry)
+    const secret = getJwtSecret(c.env);
+    const url = await signMediaUrl(userId, filename, secret, 3600);
+
+    return c.json({ url, key });
+  } catch (err) {
+    console.error("[upload] Error:", err);
+    return c.json({ error: `Upload failed: ${err instanceof Error ? err.message : String(err)}` }, 500);
+  }
 });

package/packages/api/src/utils/firebase.ts

@@ -121,6 +121,136 @@ export async function verifyFirebaseIdToken(
   return verifyWithKey(matchingKey, signedContent, signatureBytes, payload, projectId);
 }
 
+// ---------------------------------------------------------------------------
+// Google ID Token verification (for native iOS/Android sign-in)
+// ---------------------------------------------------------------------------
+
+const GOOGLE_OAUTH_JWKS_URL =
+  "https://www.googleapis.com/oauth2/v3/certs";
+
+let cachedGoogleOAuthKeys: JsonWebKey[] | null = null;
+let cachedGoogleOAuthAt = 0;
+
+async function getGoogleOAuthPublicKeys(): Promise<JsonWebKey[]> {
+  const now = Date.now();
+  if (cachedGoogleOAuthKeys && now - cachedGoogleOAuthAt < CACHE_TTL_MS) {
+    return cachedGoogleOAuthKeys;
+  }
+  const resp = await fetch(GOOGLE_OAUTH_JWKS_URL);
+  if (!resp.ok) {
+    throw new Error(`Failed to fetch Google OAuth JWKS: ${resp.status}`);
+  }
+  const jwks = (await resp.json()) as { keys: JsonWebKey[] };
+  cachedGoogleOAuthKeys = jwks.keys;
+  cachedGoogleOAuthAt = now;
+  return jwks.keys;
+}
+
+/**
+ * Verify a Google ID token (from native Google Sign-In) and return the payload.
+ * Google ID tokens have iss=accounts.google.com and aud=<web-client-id>.
+ */
+export async function verifyGoogleIdToken(
+  idToken: string,
+  allowedClientIds: string[],
+): Promise<FirebaseTokenPayload> {
+  const { header, payload, signatureBytes, signedContent } =
+    parseJwtUnverified(idToken);
+
+  if (header.alg !== "RS256") {
+    throw new Error(`Unsupported algorithm: ${header.alg}`);
+  }
+
+  // Find matching key from Google's OAuth JWKS
+  let keys = await getGoogleOAuthPublicKeys();
+  let matchingKey = keys.find((k) => (k as { kid?: string }).kid === header.kid);
+  if (!matchingKey) {
+    cachedGoogleOAuthKeys = null;
+    keys = await getGoogleOAuthPublicKeys();
+    matchingKey = keys.find((k) => (k as { kid?: string }).kid === header.kid);
+    if (!matchingKey) {
+      throw new Error(`No matching Google OAuth key for kid: ${header.kid}`);
+    }
+  }
+
+  return verifyGoogleTokenWithKey(matchingKey, signedContent, signatureBytes, payload, allowedClientIds);
+}
+
+async function verifyGoogleTokenWithKey(
+  jwk: JsonWebKey,
+  signedContent: string,
+  signatureBytes: Uint8Array,
+  payload: FirebaseTokenPayload,
+  allowedClientIds: string[],
+): Promise<FirebaseTokenPayload> {
+  const key = await crypto.subtle.importKey(
+    "jwk", jwk,
+    { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+    false, ["verify"],
+  );
+
+  const valid = await crypto.subtle.verify(
+    "RSASSA-PKCS1-v1_5", key, signatureBytes,
+    new TextEncoder().encode(signedContent),
+  );
+  if (!valid) throw new Error("Invalid Google token signature");
+
+  const now = Math.floor(Date.now() / 1000);
+  if (payload.exp < now) throw new Error("Google token has expired");
+  if (payload.iat > now + 300) throw new Error("Google token issued in the future");
+
+  // Google ID tokens have iss = "accounts.google.com" or "https://accounts.google.com"
+  if (payload.iss !== "accounts.google.com" && payload.iss !== "https://accounts.google.com") {
+    throw new Error(`Invalid Google token issuer: ${payload.iss}`);
+  }
+
+  // Audience must be one of our allowed client IDs
+  if (!allowedClientIds.includes(payload.aud)) {
+    throw new Error(`Invalid Google token audience: ${payload.aud}`);
+  }
+
+  if (!payload.sub) throw new Error("Missing subject in Google token");
+
+  // Synthesize firebase-like fields so the rest of the auth flow works
+  if (!payload.firebase) {
+    payload.firebase = {
+      sign_in_provider: "google.com",
+      identities: { "google.com": [payload.sub] },
+    };
+  }
+
+  return payload;
+}
+
+/**
+ * Detect whether a token is a Firebase ID token or a Google ID token,
+ * and verify accordingly.
+ */
+export async function verifyAnyGoogleToken(
+  idToken: string,
+  firebaseProjectId: string,
+  allowedGoogleClientIds: string[],
+): Promise<FirebaseTokenPayload> {
+  // Peek at the issuer to decide which verification path to use
+  const { payload: peek } = parseJwtUnverified(idToken);
+
+  if (peek.iss === `${FIREBASE_TOKEN_ISSUER_PREFIX}${firebaseProjectId}`) {
+    // Standard Firebase ID token
+    return verifyFirebaseIdToken(idToken, firebaseProjectId);
+  }
+
+  if (peek.iss === "accounts.google.com" || peek.iss === "https://accounts.google.com") {
+    // Native Google ID token (from iOS/Android)
+    return verifyGoogleIdToken(idToken, allowedGoogleClientIds);
+  }
+
+  throw new Error(`Unrecognized token issuer: ${peek.iss}`);
+}
+
+// ---------------------------------------------------------------------------
+// Shared verification helpers
+// ---------------------------------------------------------------------------
+
 async function verifyWithKey(
   jwk: JsonWebKey,
   signedContent: string,

package/packages/plugin/dist/src/channel.d.ts

@@ -22,6 +22,12 @@ export declare const botschatPlugin: {
     readonly agentPrompt: {
         readonly messageToolHints: () => string[];
     };
+    readonly messaging: {
+        readonly targetResolver: {
+            readonly hint: "Use the session key (e.g. agent:botschat:botschat:u_xxx:ses:ses_xxx)";
+            readonly looksLikeId: (raw: string, _normalized: string) => boolean;
+        };
+    };
     readonly reload: {
         readonly configPrefixes: readonly ["channels.botschat"];
     };

package/packages/plugin/dist/src/channel.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"channel.d.ts","sourceRoot":"","sources":["../../src/channel.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAuC,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAC/F,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAqDrD,eAAO,MAAM,cAAc;;;;;;;;;;;;;4BAeqB,MAAM,EAAE;;;;;;;;;;;;;uCAc9B,OAAO;uCACP,OAAO,cAAc,MAAM,GAAG,IAAI;yCAEhC,OAAO;kEACkB;YAAE,GAAG,EAAE,OAAO,CAAC;YAAC,SAAS,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,OAAO,CAAA;SAAE;qDAElE;YAAE,GAAG,EAAE,OAAO,CAAC;YAAC,SAAS,EAAE,MAAM,CAAA;SAAE;yCAE/C,uBAAuB;sCAC1B,uBAAuB;4CACjB,uBAAuB;;;;;;;;;;iCAY5B;YACpB,EAAE,EAAE,MAAM,CAAC;YACX,IAAI,EAAE,MAAM,CAAC;YACb,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;YAC1B,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;YAClC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;SAC3B;;;;;;;kCAqCsB;YACrB,EAAE,EAAE,MAAM,CAAC;YACX,IAAI,EAAE,MAAM,CAAC;YACb,QAAQ,CAAC,EAAE,MAAM,CAAC;YAClB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;SAC3B;;;;;;;;;qCA2CyB;YACxB,GAAG,EAAE,OAAO,CAAC;YACb,SAAS,EAAE,MAAM,CAAC;YAClB,OAAO,EAAE,uBAAuB,CAAC;YACjC,OAAO,EAAE,OAAO,CAAC;YACjB,WAAW,EAAE,WAAW,CAAC;YACzB,GAAG,CAAC,EAAE;gBAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;gBAAC,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;gBAAC,KAAK,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,IAAI,CAAA;aAAE,CAAC;YAC3F,SAAS,EAAE,MAAM,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACzC,SAAS,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,IAAI,CAAC;SACjD;oCAoDwB;YACvB,SAAS,EAAE,MAAM,CAAC;YAClB,SAAS,EAAE,MAAM,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACzC,SAAS,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,IAAI,CAAC;SACjD;;;;gEAiB8C;YAC7C,OAAO,EAAE;gBAAE,EAAE,CAAC,EAAE,MAAM,CAAC;gBAAC,eAAe,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;gBAAC,SAAS,CAAC,EAAE,MAAM,CAAA;aAAE,CAAC;YAChF,aAAa,CAAC,EAAE;gBAAE,KAAK,EAAE,OAAO,CAAA;aAAE,CAAC;SACpC;;;;;uBAD0B,OAAO;;;;;;8CAWL,MAAM;;;yCAIX;YAAE,OAAO,EAAE,uBAAuB,CAAA;SAAE;;uBAEzC,MAAM,EAAE;;;;;;;sDAQU;YACnC,GAAG,EAAE,OAAO,CAAC;YACb,SAAS,EAAE,MAAM,CAAC;YAClB,KAAK,EAAE;gBAAE,GAAG,CAAC,EAAE,MAAM,CAAC;gBAAC,KAAK,CAAC,EAAE,MAAM,CAAC;gBAAC,IAAI,CAAC,EAAE,MAAM,CAAC;gBAAC,MAAM,CAAC,EAAE,OAAO,CAAA;aAAE,CAAC;SAC1E;;;;;;;;;;;;4CAiB0B;YACzB,GAAG,EAAE,OAAO,CAAC;YACb,SAAS,EAAE,MAAM,CAAC;YAClB,KAAK,EAAE;gBAAE,GAAG,CAAC,EAAE,MAAM,CAAC;gBAAC,KAAK,CAAC,EAAE,MAAM,CAAC;gBAAC,MAAM,CAAC,EAAE,OAAO,CAAA;aAAE,CAAC;SAC3D;;;;;;;;;;;8DAiB4C;YAC3C,OAAO,EAAE,uBAAuB,CAAC;YACjC,GAAG,EAAE,OAAO,CAAC;YACb,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACnC;;;;;;;;;;;;;;iDAc+B,KAAK,CAAC;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;YAAC,SAAS,CAAC,EAAE,OAAO,CAAC;YAAC,UAAU,CAAC,EAAE,OAAO,CAAA;SAAE,CAAC;qBAE/F,MAAM;uBAAa,MAAM;kBAAQ,MAAM;qBAAW,MAAM;;;CAerF,CAAC"}
+{"version":3,"file":"channel.d.ts","sourceRoot":"","sources":["../../src/channel.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAuC,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAC/F,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAqDrD,eAAO,MAAM,cAAc;;;;;;;;;;;;;4BAeqB,MAAM,EAAE;;;;;;;;;;;;wCAc/B,MAAM,eAAe,MAAM;;;;;;;uCAY1B,OAAO;uCACP,OAAO,cAAc,MAAM,GAAG,IAAI;yCAEhC,OAAO;kEACkB;YAAE,GAAG,EAAE,OAAO,CAAC;YAAC,SAAS,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,OAAO,CAAA;SAAE;qDAElE;YAAE,GAAG,EAAE,OAAO,CAAC;YAAC,SAAS,EAAE,MAAM,CAAA;SAAE;yCAE/C,uBAAuB;sCAC1B,uBAAuB;4CACjB,uBAAuB;;;;;;;;;;iCAY5B;YACpB,EAAE,EAAE,MAAM,CAAC;YACX,IAAI,EAAE,MAAM,CAAC;YACb,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;YAC1B,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;YAClC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;SAC3B;;;;;;;kCAqCsB;YACrB,EAAE,EAAE,MAAM,CAAC;YACX,IAAI,EAAE,MAAM,CAAC;YACb,QAAQ,CAAC,EAAE,MAAM,CAAC;YAClB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;SAC3B;;;;;;;;;qCA2CyB;YACxB,GAAG,EAAE,OAAO,CAAC;YACb,SAAS,EAAE,MAAM,CAAC;YAClB,OAAO,EAAE,uBAAuB,CAAC;YACjC,OAAO,EAAE,OAAO,CAAC;YACjB,WAAW,EAAE,WAAW,CAAC;YACzB,GAAG,CAAC,EAAE;gBAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;gBAAC,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;gBAAC,KAAK,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,IAAI,CAAA;aAAE,CAAC;YAC3F,SAAS,EAAE,MAAM,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACzC,SAAS,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,IAAI,CAAC;SACjD;oCAoDwB;YACvB,SAAS,EAAE,MAAM,CAAC;YAClB,SAAS,EAAE,MAAM,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACzC,SAAS,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,IAAI,CAAC;SACjD;;;;gEAiB8C;YAC7C,OAAO,EAAE;gBAAE,EAAE,CAAC,EAAE,MAAM,CAAC;gBAAC,eAAe,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;gBAAC,SAAS,CAAC,EAAE,MAAM,CAAA;aAAE,CAAC;YAChF,aAAa,CAAC,EAAE;gBAAE,KAAK,EAAE,OAAO,CAAA;aAAE,CAAC;SACpC;;;;;uBAD0B,OAAO;;;;;;8CAWL,MAAM;;;yCAIX;YAAE,OAAO,EAAE,uBAAuB,CAAA;SAAE;;uBAEzC,MAAM,EAAE;;;;;;;sDAQU;YACnC,GAAG,EAAE,OAAO,CAAC;YACb,SAAS,EAAE,MAAM,CAAC;YAClB,KAAK,EAAE;gBAAE,GAAG,CAAC,EAAE,MAAM,CAAC;gBAAC,KAAK,CAAC,EAAE,MAAM,CAAC;gBAAC,IAAI,CAAC,EAAE,MAAM,CAAC;gBAAC,MAAM,CAAC,EAAE,OAAO,CAAA;aAAE,CAAC;SAC1E;;;;;;;;;;;;4CAiB0B;YACzB,GAAG,EAAE,OAAO,CAAC;YACb,SAAS,EAAE,MAAM,CAAC;YAClB,KAAK,EAAE;gBAAE,GAAG,CAAC,EAAE,MAAM,CAAC;gBAAC,KAAK,CAAC,EAAE,MAAM,CAAC;gBAAC,MAAM,CAAC,EAAE,OAAO,CAAA;aAAE,CAAC;SAC3D;;;;;;;;;;;8DAiB4C;YAC3C,OAAO,EAAE,uBAAuB,CAAC;YACjC,GAAG,EAAE,OAAO,CAAC;YACb,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACnC;;;;;;;;;;;;;;iDAc+B,KAAK,CAAC;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;YAAC,SAAS,CAAC,EAAE,OAAO,CAAC;YAAC,UAAU,CAAC,EAAE,OAAO,CAAA;SAAE,CAAC;qBAE/F,MAAM;uBAAa,MAAM;kBAAQ,MAAM;qBAAW,MAAM;;;CAerF,CAAC"}