cc-wechat 0.1.0

package/src/auth.ts

@@ -0,0 +1,400 @@
+/**
+ * QR 扫码登录 — 终端 ASCII 模式 + 浏览器弹窗模式
+ */
+
+import http from 'node:http';
+import { exec } from 'node:child_process';
+import { getQRCode, pollQRStatus, DEFAULT_BASE_URL } from './ilink-api.js';
+
+// ─── 公共类型 ────────────────────────────────────────
+
+export interface LoginResult {
+  token: string;
+  accountId: string;
+  baseUrl?: string;
+}
+
+// ─── 常量 ─────────────────────────────────────────────
+
+const MAX_QR_REFRESH = 3;
+const LOGIN_TIMEOUT_MS = 5 * 60_000; // 5 分钟
+const QR_WEB_PORT_START = 18891;
+const QR_WEB_PORT_END = 18899;
+
+// ─── 终端 ASCII 二维码模式 ────────────────────────────
+
+/**
+ * 终端 ASCII 二维码登录，适用于 CLI 调用
+ * 输出到 stderr 避免干扰 MCP stdio
+ */
+export async function loginTerminal(baseUrl?: string): Promise<LoginResult> {
+  const qrMod = await import('qrcode-terminal');
+  const qrTerminal = (qrMod as unknown as { default: { generate: (text: string, opts: { small: boolean }, cb: (qr: string) => void) => void } }).default ?? qrMod;
+
+  for (let qrRefreshCount = 0; qrRefreshCount < MAX_QR_REFRESH; qrRefreshCount++) {
+    const qrResp = await getQRCode(baseUrl);
+
+    // 输出 ASCII 二维码到 stderr
+    await new Promise<void>((resolve) => {
+      qrTerminal.generate(qrResp.qrcode_img_content, { small: true }, (qr: string) => {
+        process.stderr.write('\n' + qr + '\n');
+        process.stderr.write('请使用微信扫描上方二维码登录\n\n');
+        resolve();
+      });
+    });
+
+    const deadline = Date.now() + LOGIN_TIMEOUT_MS;
+    let scannedNotified = false;
+
+    // 内层轮询循环
+    while (Date.now() < deadline) {
+      const status = await pollQRStatus(qrResp.qrcode, baseUrl);
+
+      switch (status.status) {
+        case 'wait':
+          break;
+
+        case 'scaned':
+          if (!scannedNotified) {
+            process.stderr.write('已扫码，请在手机上确认...\n');
+            scannedNotified = true;
+          }
+          break;
+
+        case 'expired':
+          process.stderr.write('二维码已过期，正在刷新...\n');
+          break;
+
+        case 'confirmed': {
+          if (!status.bot_token || !status.ilink_bot_id) {
+            throw new Error('登录确认但缺少 bot_token 或 ilink_bot_id');
+          }
+          process.stderr.write('登录成功！\n');
+          return {
+            token: status.bot_token,
+            accountId: status.ilink_bot_id,
+            baseUrl: status.baseurl ?? baseUrl ?? DEFAULT_BASE_URL,
+          };
+        }
+      }
+
+      if (status.status === 'expired') break;
+
+      // 轮询间隔 1 秒
+      await new Promise((r) => setTimeout(r, 1000));
+    }
+  }
+
+  throw new Error(`二维码已刷新 ${MAX_QR_REFRESH} 次仍未登录，请重试`);
+}
+
+// ─── 浏览器弹窗模式 ──────────────────────────────────
+
+/**
+ * 浏览器弹窗二维码登录，适用于 MCP 内 login tool
+ * 启动本地 HTTP 服务展示二维码页面
+ */
+export async function loginBrowser(baseUrl?: string): Promise<LoginResult> {
+  const qrResp = await getQRCode(baseUrl);
+
+  // 状态变量
+  let currentStatus: string = 'wait';
+  let currentQrUrl: string = qrResp.qrcode_img_content;
+  let currentQrCode: string = qrResp.qrcode;
+  let failMessage: string = '';
+
+  // 创建 HTTP 服务
+  const server = http.createServer((req, res) => {
+    const url = new URL(req.url ?? '/', `http://localhost`);
+
+    if (url.pathname === '/' && req.method === 'GET') {
+      // 主页面
+      res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
+      res.end(buildLoginPage(currentQrUrl));
+      return;
+    }
+
+    if (url.pathname === '/status' && req.method === 'GET') {
+      res.writeHead(200, { 'Content-Type': 'application/json' });
+      res.end(JSON.stringify({ status: currentStatus, message: failMessage }));
+      return;
+    }
+
+    if (url.pathname === '/qr-refresh' && req.method === 'GET') {
+      res.writeHead(200, { 'Content-Type': 'application/json' });
+      res.end(JSON.stringify({ url: currentQrUrl }));
+      return;
+    }
+
+    res.writeHead(404);
+    res.end('Not Found');
+  });
+
+  // 尝试绑定端口
+  const port = await findAvailablePort(server);
+
+  try {
+    // 打开浏览器
+    openBrowser(`http://localhost:${port}`);
+
+    process.stderr.write(`登录页面已打开: http://localhost:${port}\n`);
+
+    // 后台轮询循环
+    const deadline = Date.now() + LOGIN_TIMEOUT_MS;
+    let qrRefreshCount = 0;
+
+    while (Date.now() < deadline) {
+      const status = await pollQRStatus(currentQrCode, baseUrl);
+      currentStatus = status.status;
+
+      switch (status.status) {
+        case 'wait':
+          break;
+
+        case 'scaned':
+          break;
+
+        case 'expired': {
+          qrRefreshCount++;
+          if (qrRefreshCount >= MAX_QR_REFRESH) {
+            failMessage = '二维码已多次过期，请重新发起登录';
+            throw new Error(failMessage);
+          }
+          // 刷新二维码
+          const newQr = await getQRCode(baseUrl);
+          currentQrUrl = newQr.qrcode_img_content;
+          currentQrCode = newQr.qrcode;
+          currentStatus = 'wait';
+          break;
+        }
+
+        case 'confirmed': {
+          if (!status.bot_token || !status.ilink_bot_id) {
+            throw new Error('登录确认但缺少 bot_token 或 ilink_bot_id');
+          }
+          currentStatus = 'success';
+          return {
+            token: status.bot_token,
+            accountId: status.ilink_bot_id,
+            baseUrl: status.baseurl ?? baseUrl ?? DEFAULT_BASE_URL,
+          };
+        }
+      }
+
+      await new Promise((r) => setTimeout(r, 1000));
+    }
+
+    throw new Error('登录超时，请重试');
+  } finally {
+    server.close();
+  }
+}
+
+// ─── 辅助函数 ─────────────────────────────────────────
+
+/**
+ * 在端口范围内寻找可用端口并监听
+ */
+function findAvailablePort(server: http.Server): Promise<number> {
+  return new Promise((resolve, reject) => {
+    let port = QR_WEB_PORT_START;
+
+    const tryListen = (): void => {
+      if (port > QR_WEB_PORT_END) {
+        reject(new Error(`端口 ${QR_WEB_PORT_START}-${QR_WEB_PORT_END} 均不可用`));
+        return;
+      }
+
+      server.once('error', () => {
+        port++;
+        tryListen();
+      });
+
+      server.listen(port, '127.0.0.1', () => {
+        // 移除之前绑定的 error 监听器
+        server.removeAllListeners('error');
+        resolve(port);
+      });
+    };
+
+    tryListen();
+  });
+}
+
+/**
+ * 跨平台打开浏览器
+ */
+function openBrowser(url: string): void {
+  switch (process.platform) {
+    case 'win32':
+      exec(`start ${url}`);
+      break;
+    case 'darwin':
+      exec(`open ${url}`);
+      break;
+    default:
+      exec(`xdg-open ${url}`);
+      break;
+  }
+}
+
+/**
+ * 构建登录 HTML 页面
+ */
+function buildLoginPage(qrUrl: string): string {
+  const qrImgUrl = `https://api.qrserver.com/v1/create-qr-code/?size=280x280&data=${encodeURIComponent(qrUrl)}`;
+
+  return `<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<title>WeChat × Claude Code</title>
+<style>
+  * { margin: 0; padding: 0; box-sizing: border-box; }
+  body {
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+    background: #1a1a2e;
+    color: #e0e0e0;
+    display: flex;
+    justify-content: center;
+    align-items: center;
+    min-height: 100vh;
+  }
+  .container {
+    text-align: center;
+    padding: 2rem;
+  }
+  h1 {
+    font-size: 1.8rem;
+    margin-bottom: 0.5rem;
+    color: #fff;
+  }
+  .subtitle {
+    font-size: 1rem;
+    color: #888;
+    margin-bottom: 2rem;
+  }
+  .qr-wrapper {
+    background: #fff;
+    border-radius: 16px;
+    padding: 20px;
+    display: inline-block;
+    margin-bottom: 1.5rem;
+  }
+  .qr-wrapper img {
+    width: 280px;
+    height: 280px;
+    display: block;
+  }
+  .status {
+    font-size: 1.1rem;
+    min-height: 2rem;
+    transition: color 0.3s;
+  }
+  .status.scaned { color: #f0a030; }
+  .status.success { color: #4caf50; }
+  .status.expired { color: #f44336; }
+  .checkmark {
+    font-size: 3rem;
+    color: #4caf50;
+    display: none;
+    margin-bottom: 1rem;
+  }
+  .cmd-hint {
+    display: none;
+    margin-top: 1rem;
+    background: #16213e;
+    border: 1px solid #333;
+    border-radius: 8px;
+    padding: 1rem;
+    font-family: monospace;
+    font-size: 0.9rem;
+    color: #7ec8e3;
+    cursor: pointer;
+    position: relative;
+  }
+  .cmd-hint:hover { background: #1a2744; }
+  .copied {
+    position: absolute;
+    top: -1.5rem;
+    right: 0.5rem;
+    font-size: 0.75rem;
+    color: #4caf50;
+    opacity: 0;
+    transition: opacity 0.3s;
+  }
+  .copied.show { opacity: 1; }
+</style>
+</head>
+<body>
+<div class="container">
+  <h1>WeChat &times; Claude Code</h1>
+  <p class="subtitle">使用微信扫码连接</p>
+  <div class="checkmark" id="checkmark">&#10003;</div>
+  <div class="qr-wrapper" id="qr-wrapper">
+    <img id="qr-img" src="${qrImgUrl}" alt="QR Code">
+  </div>
+  <div class="status" id="status">等待扫码...</div>
+  <div class="cmd-hint" id="cmd-hint" onclick="copyCmd()">
+    npx cc-wechat
+    <span class="copied" id="copied">已复制</span>
+  </div>
+</div>
+<script>
+  const statusEl = document.getElementById('status');
+  const qrImg = document.getElementById('qr-img');
+  const checkmark = document.getElementById('checkmark');
+  const qrWrapper = document.getElementById('qr-wrapper');
+  const cmdHint = document.getElementById('cmd-hint');
+
+  setInterval(async () => {
+    try {
+      const res = await fetch('/status');
+      const data = await res.json();
+      statusEl.className = 'status ' + data.status;
+
+      switch (data.status) {
+        case 'wait':
+          statusEl.textContent = '等待扫码...';
+          break;
+        case 'scaned':
+          statusEl.textContent = '已扫码，请在手机上确认...';
+          break;
+        case 'expired':
+          statusEl.textContent = '二维码已过期，正在刷新...';
+          refreshQR();
+          break;
+        case 'success':
+          statusEl.textContent = '登录成功！';
+          checkmark.style.display = 'block';
+          qrWrapper.style.display = 'none';
+          cmdHint.style.display = 'block';
+          copyCmd();
+          break;
+        default:
+          if (data.message) statusEl.textContent = data.message;
+      }
+    } catch {}
+  }, 2000);
+
+  async function refreshQR() {
+    try {
+      const res = await fetch('/qr-refresh');
+      const data = await res.json();
+      const newUrl = 'https://api.qrserver.com/v1/create-qr-code/?size=280x280&data=' + encodeURIComponent(data.url);
+      qrImg.src = newUrl;
+    } catch {}
+  }
+
+  function copyCmd() {
+    navigator.clipboard.writeText('npx cc-wechat').then(() => {
+      const copied = document.getElementById('copied');
+      copied.classList.add('show');
+      setTimeout(() => copied.classList.remove('show'), 1500);
+    }).catch(() => {});
+  }
+</script>
+</body>
+</html>`;
+}

package/src/cdn.ts

@@ -0,0 +1,261 @@
+/**
+ * cc-wechat CDN 媒体操作 — AES-128-ECB 加解密 + 上传/下载
+ */
+import * as crypto from 'node:crypto';
+import * as fs from 'node:fs';
+import * as os from 'node:os';
+import * as path from 'node:path';
+import { apiFetch, buildHeaders, getUploadUrl, buildBaseInfo } from './ilink-api.js';
+
+const CDN_BASE_URL = 'https://novac2c.cdn.weixin.qq.com/c2c';
+
+// ─── AES-128-ECB 加解密 ──────────────────────────────
+
+/** AES-128-ECB 加密（PKCS7 padding 由 Node.js 自动处理） */
+export function encryptAesEcb(plaintext: Buffer, key: Buffer): Buffer {
+  const cipher = crypto.createCipheriv('aes-128-ecb', key, null);
+  return Buffer.concat([cipher.update(plaintext), cipher.final()]);
+}
+
+/** AES-128-ECB 解密 */
+export function decryptAesEcb(ciphertext: Buffer, key: Buffer): Buffer {
+  const decipher = crypto.createDecipheriv('aes-128-ecb', key, null);
+  return Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+}
+
+/** 计算 AES-ECB PKCS7 padding 后的密文大小 */
+export function aesEcbPaddedSize(plaintextSize: number): number {
+  return Math.ceil((plaintextSize + 1) / 16) * 16;
+}
+
+// ─── 文件类型检测 ─────────────────────────────────────
+
+/** 通过文件头 magic bytes 检测扩展名 */
+function detectExtByMagic(buf: Buffer): string {
+  if (buf.length < 4) return '';
+  // JPEG: FF D8 FF
+  if (buf[0] === 0xFF && buf[1] === 0xD8 && buf[2] === 0xFF) return '.jpg';
+  // PNG: 89 50 4E 47
+  if (buf[0] === 0x89 && buf[1] === 0x50 && buf[2] === 0x4E && buf[3] === 0x47) return '.png';
+  // GIF: 47 49 46 38
+  if (buf[0] === 0x47 && buf[1] === 0x49 && buf[2] === 0x46 && buf[3] === 0x38) return '.gif';
+  // BMP: 42 4D
+  if (buf[0] === 0x42 && buf[1] === 0x4D) return '.bmp';
+  // WEBP: 52 49 46 46 ... 57 45 42 50
+  if (buf.length >= 12 && buf[0] === 0x52 && buf[1] === 0x49 && buf[8] === 0x57 && buf[9] === 0x45) return '.webp';
+  // MP4: ... 66 74 79 70 (ftyp at offset 4)
+  if (buf.length >= 8 && buf[4] === 0x66 && buf[5] === 0x74 && buf[6] === 0x79 && buf[7] === 0x70) return '.mp4';
+  // PDF: 25 50 44 46
+  if (buf[0] === 0x25 && buf[1] === 0x50 && buf[2] === 0x44 && buf[3] === 0x46) return '.pdf';
+  return '';
+}
+
+/** 根据扩展名检测媒体类型：IMAGE=1, VIDEO=2, FILE=3 */
+function detectMediaType(filePath: string): number {
+  const ext = path.extname(filePath).toLowerCase();
+  if (['.jpg', '.jpeg', '.png', '.gif', '.bmp', '.webp'].includes(ext)) return 1;
+  if (['.mp4', '.mov', '.avi', '.mkv'].includes(ext)) return 2;
+  return 3;
+}
+
+// ─── 上传媒体 ─────────────────────────────────────────
+
+/**
+ * 上传媒体文件到微信 CDN 并发送消息
+ * @param params.token - Bot 认证 token
+ * @param params.toUser - 目标用户 ID
+ * @param params.contextToken - 会话上下文 token
+ * @param params.filePath - 本地文件路径
+ * @param params.baseUrl - iLink API 基址（可选）
+ * @param params.cdnBaseUrl - CDN 基址（可选）
+ */
+export async function uploadMedia(params: {
+  token: string;
+  toUser: string;
+  contextToken: string;
+  filePath: string;
+  baseUrl?: string;
+  cdnBaseUrl?: string;
+}): Promise<void> {
+  const { token, toUser, contextToken, filePath, baseUrl, cdnBaseUrl } = params;
+
+  // 1. 读取文件
+  const fileData = fs.readFileSync(filePath);
+  const rawsize = fileData.length;
+  const rawfilemd5 = crypto.createHash('md5').update(fileData).digest('hex');
+
+  // 2. 生成 AES key 并检测媒体类型
+  const aesKey = crypto.randomBytes(16);
+  const mediaType = detectMediaType(filePath);
+
+  // 3. 加密文件
+  const ciphertext = encryptAesEcb(fileData, aesKey);
+
+  // 4. 构造 filekey
+  const extname = path.extname(filePath);
+  const rand = crypto.randomBytes(3).toString('hex');
+  const filekey = `cc-wechat-${Date.now()}-${rand}${extname}`;
+
+  // 5. 获取上传地址
+  const uploadResp = await getUploadUrl(token, {
+    filekey,
+    media_type: mediaType,
+    to_user_id: toUser,
+    rawsize,
+    rawfilemd5,
+    filesize: ciphertext.length,
+    no_need_thumb: true,
+    aeskey: aesKey.toString('hex'),
+    base_info: buildBaseInfo(),
+  }, baseUrl);
+
+  const uploadParam = uploadResp.upload_param ?? '';
+  const serverFilekey = uploadResp.filekey ?? filekey;
+
+  // 6. 上传到 CDN
+  const cdnUrl =
+    `${cdnBaseUrl ?? CDN_BASE_URL}/upload` +
+    `?encrypted_query_param=${encodeURIComponent(uploadParam)}` +
+    `&filekey=${encodeURIComponent(serverFilekey)}`;
+
+  const authHeaders = buildHeaders(token);
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), 60_000);
+
+  let downloadParam: string;
+  try {
+    const cdnResp = await fetch(cdnUrl, {
+      method: 'POST',
+      headers: {
+        ...authHeaders,
+        'Content-Type': 'application/octet-stream',
+      },
+      body: new Uint8Array(ciphertext) as unknown as BodyInit,
+      signal: controller.signal,
+    });
+    if (!cdnResp.ok) {
+      const errText = await cdnResp.text();
+      throw new Error(`[uploadMedia] CDN HTTP ${cdnResp.status}: ${errText}`);
+    }
+    downloadParam = cdnResp.headers.get('x-encrypted-param') ?? '';
+  } finally {
+    clearTimeout(timer);
+  }
+
+  // 7. 构造媒体信息
+  const aesKeyBase64 = Buffer.from(aesKey.toString('hex')).toString('base64');
+  const mediaInfo = {
+    encrypt_query_param: downloadParam,
+    aes_key: aesKeyBase64,
+    encrypt_type: 1,
+  };
+
+  // 8. 根据媒体类型构造 MessageItem
+  let mediaItem: Record<string, unknown>;
+  if (mediaType === 1) {
+    // 图片
+    mediaItem = { type: 2, image_item: { media: mediaInfo, mid_size: ciphertext.length } };
+  } else if (mediaType === 2) {
+    // 视频
+    mediaItem = { type: 5, video_item: { media: mediaInfo, video_size: ciphertext.length } };
+  } else {
+    // 文件
+    mediaItem = {
+      type: 4,
+      file_item: {
+        media: mediaInfo,
+        file_name: path.basename(filePath),
+        len: String(rawsize),
+        md5: rawfilemd5,
+      },
+    };
+  }
+
+  // 9. 发送消息
+  const clientId = `cc-wechat-${crypto.randomBytes(4).toString('hex')}`;
+  const body = JSON.stringify({
+    msg: {
+      from_user_id: '',
+      to_user_id: toUser,
+      client_id: clientId,
+      message_type: 2,
+      message_state: 2,
+      item_list: [mediaItem],
+      context_token: contextToken,
+    },
+    base_info: buildBaseInfo(),
+  });
+
+  await apiFetch({
+    baseUrl,
+    endpoint: 'ilink/bot/sendmessage',
+    body,
+    token,
+    timeoutMs: 10_000,
+    label: 'uploadMedia',
+  });
+}
+
+// ─── 下载媒体 ─────────────────────────────────────────
+
+/**
+ * 从微信 CDN 下载并解密媒体文件
+ * @param params.encryptQueryParam - CDN 加密查询参数
+ * @param params.aesKeyBase64 - Base64 编码的 AES key
+ * @param params.cdnBaseUrl - CDN 基址（可选）
+ * @param params.outDir - 输出目录（可选，默认临时目录）
+ * @param params.fileName - 输出文件名（可选）
+ * @returns 文件绝对路径
+ */
+export async function downloadMedia(params: {
+  encryptQueryParam: string;
+  aesKeyBase64: string;
+  cdnBaseUrl?: string;
+  outDir?: string;
+  fileName?: string;
+}): Promise<string> {
+  const { encryptQueryParam, aesKeyBase64, cdnBaseUrl, outDir, fileName } = params;
+
+  // 1. 构造下载 URL
+  const downloadUrl =
+    `${cdnBaseUrl ?? CDN_BASE_URL}/download` +
+    `?encrypted_query_param=${encodeURIComponent(encryptQueryParam)}`;
+
+  // 2. 下载密文
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), 60_000);
+
+  let ciphertext: Buffer;
+  try {
+    const resp = await fetch(downloadUrl, { signal: controller.signal });
+    if (!resp.ok) {
+      const errText = await resp.text();
+      throw new Error(`[downloadMedia] CDN HTTP ${resp.status}: ${errText}`);
+    }
+    ciphertext = Buffer.from(await resp.arrayBuffer());
+  } finally {
+    clearTimeout(timer);
+  }
+
+  // 3. 解码 AES key（base64 → hex string → 16 字节 key）
+  const hexStr = Buffer.from(aesKeyBase64, 'base64').toString('utf-8');
+  const aesKey = Buffer.from(hexStr, 'hex');
+
+  // 4. 解密
+  const plaintext = decryptAesEcb(ciphertext, aesKey);
+
+  // 5. 通过文件头检测类型并加后缀
+  const ext = detectExtByMagic(plaintext);
+  const targetDir = outDir ?? path.join(os.tmpdir(), 'cc-wechat', 'media');
+  fs.mkdirSync(targetDir, { recursive: true });
+
+  let targetName = fileName ?? `media-${Date.now()}`;
+  // 如果文件名没有后缀，根据 magic bytes 补上
+  if (!path.extname(targetName) && ext) {
+    targetName += ext;
+  }
+  const targetPath = path.join(targetDir, targetName);
+  fs.writeFileSync(targetPath, plaintext);
+
+  return path.resolve(targetPath);
+}