npm - cclawd - Versions diffs - 1.0.0 → 1.0.2 - Mend

cclawd 1.0.0 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (111) hide show

package/extensions/mfa-auth/src/dabby-client.ts CHANGED Viewed

@@ -1,9 +1,8 @@
 import { dabbyConfig } from "./config.js";
 import type {
   DabbyConfig,
-  DabbyAccessTokenResponse,
-  DabbyQrCodeResponse,
-  DabbyAuthResultResponse,
+  DabbyVerifyCodeResponse,
+  DabbyCheckAuthStatusResponse,
 } from "./types.js";
 const resolveFetch = (): typeof fetch => {
@@ -15,110 +14,89 @@ const resolveFetch = (): typeof fetch => {
 };
 export class DabbyClient {
-  private cachedAccessToken: string | null = null;
-  private tokenExpiryTime: number = 0;
   constructor(private config: DabbyConfig = dabbyConfig) {}
-  async getAccessToken(forceRefresh = false): Promise<string> {
-    if (!this.config.clientId || !this.config.clientSecret) {
-      throw new Error("Dabby clientId and clientSecret are not configured");
-    }
-    if (!forceRefresh && this.cachedAccessToken && Date.now() < this.tokenExpiryTime) {
-      return this.cachedAccessToken;
+  async getVerifyCode(): Promise<DabbyVerifyCodeResponse["data"]> {
+    if (!this.config.apiKey) {
+      throw new Error("MFA_AUTH_API_KEY is not configured");
     }
-    const url = `${this.config.apiBaseUrl}/getaccesstoken`;
-    const params = new URLSearchParams({
-      clientId: this.config.clientId,
-      clientSecret: this.config.clientSecret,
-    });
     const fetch = resolveFetch();
-    const fullUrl = `${url}?${params.toString()}`;
-    console.log(`[mfa-auth] Fetching accessToken from: ${fullUrl}`);
+    const url = `${this.config.apiBaseUrl}/api/v1/getVerifyCode`;
+    const requestBody = {
+      apiKey: this.config.apiKey,
+      authType: "ScanAuth",
+      mode: "66",
+    };
+    console.log(`[mfa-auth] Fetching verify code from: ${url}`);
+    console.log(`[mfa-auth] Request body:`, JSON.stringify(requestBody, null, 2));
     let lastError: any;
     for (let i = 0; i < 3; i++) {
       try {
-        const response = await fetch(fullUrl, {
-          method: "GET",
+        const response = await fetch(url, {
+          method: "POST",
           headers: {
             "Content-Type": "application/json",
             "User-Agent": "OpenClaw/1.0 (mfa-auth)",
           },
+          body: JSON.stringify(requestBody),
         });
         if (!response.ok) {
           throw new Error(`HTTP ${response.status}: ${response.statusText}`);
         }
-        const data = (await response.json()) as DabbyAccessTokenResponse;
+        const data = (await response.json()) as DabbyVerifyCodeResponse;
+        console.log(`[mfa-auth] API response:`, JSON.stringify(data, null, 2));
         if (data.retCode !== 0) {
-          throw new Error(`Dabby API error: ${data.retMessage}`);
+          throw new Error(`Dabby API error: ${data.message} (code: ${data.retCode})`);
+        }
+        if (!data.data) {
+          throw new Error("Dabby API returned empty data");
         }
-        this.cachedAccessToken = data.accessToken;
-        this.tokenExpiryTime = Date.now() + data.expireSeconds * 1000;
+        console.log(
+          `[mfa-auth] Verify code generated, certToken: ${data.data.certToken}, qrCodeUrl: ${data.data.qrCodeUrl}`,
+        );
-        console.log(`[mfa-auth] Dabby accessToken refreshed, expires in ${data.expireSeconds}s`);
+        // Append fromSource parameter to qrCodeUrl
+        const qrCodeUrlWithSource = data.data.qrCodeUrl.includes("?")
+          ? `${data.data.qrCodeUrl}&fromSource=Cclawd`
+          : `${data.data.qrCodeUrl}?fromSource=Cclawd`;
-        return this.cachedAccessToken;
+        console.log(`[mfa-auth] QR code URL with fromSource: ${qrCodeUrlWithSource}`);
+        return {
+          ...data.data,
+          qrCodeUrl: qrCodeUrlWithSource,
+        };
       } catch (error: any) {
-        console.error(`[mfa-auth] Attempt ${i + 1} failed to get accessToken: ${error.message}`);
+        console.error(`[mfa-auth] Attempt ${i + 1} failed to get verify code: ${error.message}`);
         if (error.cause) {
           console.error(`[mfa-auth] Failure cause:`, error.cause);
         }
         lastError = error;
-        await new Promise((resolve) => setTimeout(resolve, 1000)); // Wait 1s before retry
+        await new Promise((resolve) => setTimeout(resolve, 1000));
       }
     }
-    console.error(`[mfa-auth] Failed to get accessToken after 3 attempts`);
+    console.error(`[mfa-auth] Failed to get verify code after 3 attempts`);
     throw lastError;
   }
-  async refreshAccessToken(): Promise<string> {
-    return this.getAccessToken(true);
-  }
-  async getQrCode(): Promise<DabbyQrCodeResponse["tokenInfo"]> {
-    try {
-      const accessToken = await this.getAccessToken();
-      const fetch = resolveFetch();
-      const url = `${this.config.apiBaseUrl}/authreq`;
-      const response = await fetch(url, {
-        method: "POST",
-        headers: {
-          "Content-Type": "application/json",
-          "User-Agent": "OpenClaw/1.0 (mfa-auth)",
-        },
-        body: JSON.stringify({
-          accessToken,
-          authType: "ScanAuth",
-          mode: 66,
-        }),
-      });
-      if (!response.ok) {
-        throw new Error(`HTTP ${response.status}: ${response.statusText}`);
-      }
-      const data = (await response.json()) as DabbyQrCodeResponse;
-      if (data.retCode !== 0) {
-        throw new Error(`Dabby API error: ${data.retMessage}`);
-      }
-      console.log(`[mfa-auth] QR code generated, certToken: ${data.tokenInfo.certToken}`);
-      return data.tokenInfo;
-    } catch (error: any) {
-      console.error(`[mfa-auth] Failed to generate QR code: ${error.message}`);
-      throw error;
-    }
+  // Alias for backward compatibility if needed by other files, or just refactor them too.
+  // The plan said "Rename or keep original name". I'll keep this alias to minimize changes in other files for now,
+  // but I'll also update the other files to use getVerifyCode if I can.
+  // Actually, I'll update other files to use getVerifyCode as per plan step 4.
+  // But keeping it as alias is safer during transition.
+  async getQrCode(): Promise<DabbyVerifyCodeResponse["data"]> {
+    return this.getVerifyCode();
   }
   async getAuthResult(certToken: string): Promise<{
@@ -126,50 +104,53 @@ export class DabbyClient {
     error?: string;
     authObject?: { idNum: string; fullName: string };
   }> {
+    if (!this.config.apiKey) {
+      return { status: "failed", error: "MFA_AUTH_API_KEY is not configured" };
+    }
     try {
-      const accessToken = await this.getAccessToken();
       const fetch = resolveFetch();
+      const url = `${this.config.apiBaseUrl}/api/v1/checkAuthStatus`;
+      const requestBody = {
+        apiKey: this.config.apiKey,
+        certToken,
+      };
+      console.log(`[mfa-auth] Checking auth status for certToken: ${certToken}`);
+      console.log(`[mfa-auth] CheckAuthStatus request body:`, JSON.stringify(requestBody, null, 2));
-      const url = `${this.config.apiBaseUrl}/authhist`;
       const response = await fetch(url, {
         method: "POST",
         headers: {
           "Content-Type": "application/json",
           "User-Agent": "OpenClaw/1.0 (mfa-auth)",
         },
-        body: JSON.stringify({
-          accessToken,
-          authHistQry: { certToken },
-        }),
+        body: JSON.stringify(requestBody),
       });
       if (!response.ok) {
         throw new Error(`HTTP ${response.status}: ${response.statusText}`);
       }
-      const data: DabbyAuthResultResponse = await response.json();
+      const data = (await response.json()) as DabbyCheckAuthStatusResponse;
+      console.log(`[mfa-auth] CheckAuthStatus response:`, JSON.stringify(data, null, 2));
-      // 处理特定的“等待中”状态码
-      // 4401: 该 certToken 未进行认证 -> 视为 Pending 状态，继续轮询
       if (data.retCode !== 0) {
         if (data.retCode === 4401) {
           return { status: "pending" };
         }
-        // 其他错误才抛出异常
-        throw new Error(`Dabby API error: ${data.retMessage} (code: ${data.retCode})`);
+        throw new Error(`Dabby API error: ${data.message} (code: ${data.retCode})`);
       }
-      const resCode = data.authData.resCode;
-      const authObject = data.authData.authObject;
-      if (resCode === 0) {
-        return { status: "verified", authObject };
+      if (data.data.authSuccess) {
+        return { status: "verified", authObject: data.data.authResult };
       }
-      return { status: "failed", error: `认证失败 (resCode: ${resCode})` };
+      return { status: "failed", error: data.data.message || "认证失败" };
     } catch (error: any) {
       console.error(`[mfa-auth] Failed to get auth result: ${error.message}`);
-      // Don't throw here, return error status so polling can continue or fail gracefully
       return { status: "failed", error: error.message };
     }
   }

package/extensions/mfa-auth/src/feishu-support/index.ts CHANGED Viewed

@@ -12,14 +12,14 @@ export type FeishuConfig = {
   domain?: FeishuDomain;
   accounts?: Record<string, FeishuAccountConfig>;
   defaultAccount?: string;
-  // 鍏朵粬瀛楁蹇界暐
+  // 其他字段忽略
 };
 export type FeishuAccountConfig = {
   appId?: string;
   appSecret?: string | { source: string; id: string };
   domain?: FeishuDomain;
-  // 鍏朵粬瀛楁蹇界暐
+  // 其他字段忽略
 };
 export type ResolvedFeishuAccount = {

package/extensions/mfa-auth/src/notification-service.ts CHANGED Viewed

@@ -29,8 +29,8 @@ class NotificationService {
       return;
     }
-    if (channel === "webchat" || channel === "web") {
-      console.log(`[mfa-auth] Web/webchat channel: sending notification via WebSocket`);
+    if (channel === "webchat" || channel === "web" || channel === "main" || channel === "desktop") {
+      console.log(`[mfa-auth] ${channel} channel: sending notification via WebSocket`);
       await this.sendToWebChat(session, message);
       return;
     }
@@ -172,8 +172,7 @@ class NotificationService {
               ),
             );
           }
-        } catch (e) {
-        }
+        } catch (e) {}
       });
       // eslint-disable-next-line @typescript-eslint/no-explicit-any
@@ -205,29 +204,35 @@ class NotificationService {
         : undefined;
     const sessionsRaw = Array.isArray(resultObject?.sessions) ? resultObject.sessions : [];
     const webchatRows = sessionsRaw
-      .map((row) =>
-        row && typeof row === "object" ? (row as Record<string, unknown>) : undefined,
-      )
+      .map((row) => (row && typeof row === "object" ? (row as Record<string, unknown>) : undefined))
       .filter((row): row is Record<string, unknown> => Boolean(row))
       .filter((row) => {
-        const ch = String(row.channel ?? "").trim().toLowerCase();
+        const ch = String(row.channel ?? "")
+          .trim()
+          .toLowerCase();
         const dc = row.deliveryContext as Record<string, unknown> | undefined;
-        const dcChannel = String(dc?.channel ?? "").trim().toLowerCase();
+        const dcChannel = String(dc?.channel ?? "")
+          .trim()
+          .toLowerCase();
         return ch === "webchat" || ch === "web" || dcChannel === "webchat" || dcChannel === "web";
       });
     const exactRows = webchatRows.filter((row) => {
       const dc = row.deliveryContext as Record<string, unknown> | undefined;
-      const peer = String(dc?.to ?? row.lastTo ?? "").trim().toLowerCase();
+      const peer = String(dc?.to ?? row.lastTo ?? "")
+        .trim()
+        .toLowerCase();
       return peer.length > 0 && peer === normalizedTarget;
     });
     const fallbackRows = webchatRows.filter((row) => !exactRows.includes(row));
     // Fuzzy match: include any webchat session that contains the userId in its key
     const fuzzyRows = webchatRows.filter((row) => {
       const key = String(row.key ?? "").toLowerCase();
       // Ensure we don't duplicate rows already found
-      return key.includes(normalizedTarget) && !exactRows.includes(row) && !fallbackRows.includes(row);
+      return (
+        key.includes(normalizedTarget) && !exactRows.includes(row) && !fallbackRows.includes(row)
+      );
     });
     const sortByUpdatedAtDesc = (a: Record<string, unknown>, b: Record<string, unknown>) => {
@@ -302,9 +307,9 @@ class NotificationService {
       // Simplified assertion
       if (response.code !== 0) {
-         throw new Error(`Feishu API error ${response.code}: ${response.msg}`);
+        throw new Error(`Feishu API error ${response.code}: ${response.msg}`);
       }
       const messageId = response.data?.message_id || "unknown";
       console.log(`[mfa-auth] Feishu message sent: ${messageId} to ${to}`);
     } catch (error) {

package/extensions/mfa-auth/src/providers/base.ts CHANGED Viewed

@@ -7,7 +7,6 @@ export abstract class BaseAuthProvider implements AuthMethodProvider {
   abstract initialize(session: AuthSession): Promise<void>;
   abstract verify(sessionId: string, userInput?: string): Promise<AuthResult>;
-  abstract generateAuthPage(session: AuthSession, authUrl: string): Promise<string>;
   cleanup(sessionId: string): void {}
 }