npm - cclawd - Versions diffs - 1.0.0 → 1.0.2 - Mend

cclawd 1.0.0 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (111) hide show

package/extensions/mfa-auth/package-lock.json ADDED Viewed

@@ -0,0 +1,115 @@
+{
+  "name": "openclaw-mfa-auth",
+  "version": "1.0.0",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "openclaw-mfa-auth",
+      "version": "1.0.0",
+      "dependencies": {
+        "@larksuiteoapi/node-sdk": "^1.59.0",
+        "qrcode-terminal": "^0.12.0",
+        "tsx": "^4.21.0"
+      },
+      "devDependencies": {
+        "@types/node": "^20.0.0"
+      }
+    },
+    "../../node_modules/.pnpm/@larksuiteoapi+node-sdk@1.59.0/node_modules/@larksuiteoapi/node-sdk": {
+      "version": "1.59.0",
+      "license": "MIT",
+      "dependencies": {
+        "axios": "~1.13.3",
+        "lodash.identity": "^3.0.0",
+        "lodash.merge": "^4.6.2",
+        "lodash.pickby": "^4.6.0",
+        "protobufjs": "^7.2.6",
+        "qs": "^6.14.2",
+        "ws": "^8.19.0"
+      },
+      "devDependencies": {
+        "@koa/router": "^12.0.0",
+        "@rollup/plugin-alias": "^3.1.9",
+        "@rollup/plugin-typescript": "^8.3.2",
+        "@types/jest": "^28.1.3",
+        "@types/lodash.merge": "^4.6.7",
+        "@types/lodash.pick": "^4.4.7",
+        "@types/qs": "^6.9.16",
+        "@types/ws": "^8.5.10",
+        "@typescript-eslint/parser": "^5.27.1",
+        "body-parser": "^1.20.1",
+        "eslint": "^8.17.0",
+        "eslint-config-airbnb-base": "^15.0.0",
+        "eslint-config-prettier": "^8.5.0",
+        "eslint-plugin-import": "^2.26.0",
+        "express": "^4.18.2",
+        "jest": "^28.1.1",
+        "koa": "^2.13.4",
+        "koa-body": "^5.0.0",
+        "prettier": "2.6.2",
+        "rollup": "^2.75.5",
+        "rollup-plugin-dts": "^4.2.2",
+        "rollup-plugin-license": "^2.8.1",
+        "ts-jest": "^28.0.5",
+        "ts-node": "^10.8.1",
+        "tsconfig-paths": "^4.0.0",
+        "tslib": "^2.4.0",
+        "typescript": "^4.7.3"
+      }
+    },
+    "../../node_modules/.pnpm/@types+node@20.19.37/node_modules/@types/node": {
+      "version": "20.19.37",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "undici-types": "~6.21.0"
+      }
+    },
+    "../../node_modules/.pnpm/qrcode-terminal@0.12.0/node_modules/qrcode-terminal": {
+      "version": "0.12.0",
+      "bin": {
+        "qrcode-terminal": "bin/qrcode-terminal.js"
+      },
+      "devDependencies": {
+        "expect.js": "*",
+        "jshint": "*",
+        "mocha": "*",
+        "sinon": "*"
+      }
+    },
+    "../../node_modules/.pnpm/tsx@4.21.0/node_modules/tsx": {
+      "version": "4.21.0",
+      "license": "MIT",
+      "dependencies": {
+        "esbuild": "~0.27.0",
+        "get-tsconfig": "^4.7.5"
+      },
+      "bin": {
+        "tsx": "dist/cli.mjs"
+      },
+      "engines": {
+        "node": ">=18.0.0"
+      },
+      "optionalDependencies": {
+        "fsevents": "~2.3.3"
+      }
+    },
+    "node_modules/@larksuiteoapi/node-sdk": {
+      "resolved": "../../node_modules/.pnpm/@larksuiteoapi+node-sdk@1.59.0/node_modules/@larksuiteoapi/node-sdk",
+      "link": true
+    },
+    "node_modules/@types/node": {
+      "resolved": "../../node_modules/.pnpm/@types+node@20.19.37/node_modules/@types/node",
+      "link": true
+    },
+    "node_modules/qrcode-terminal": {
+      "resolved": "../../node_modules/.pnpm/qrcode-terminal@0.12.0/node_modules/qrcode-terminal",
+      "link": true
+    },
+    "node_modules/tsx": {
+      "resolved": "../../node_modules/.pnpm/tsx@4.21.0/node_modules/tsx",
+      "link": true
+    }
+  }
+}

package/extensions/mfa-auth/package.json CHANGED Viewed

@@ -6,7 +6,7 @@
     "dev": "tsx watch index.ts"
   },
   "dependencies": {
-    "@larksuiteoapi/node-sdk": "^1.24.0",
+    "@larksuiteoapi/node-sdk": "^1.59.0",
     "qrcode-terminal": "^0.12.0",
     "tsx": "^4.21.0"
   },

package/extensions/mfa-auth/src/auth-manager.ts CHANGED Viewed

@@ -171,12 +171,12 @@ export class AuthManager {
     return this.providers.get(methodType);
   }
-  generateSession(
+  async generateSession(
     userId: string,
     originalContext: PendingAuthContext,
     authMethod: string = this.config.defaultAuthMethod,
     extraFields?: Partial<AuthSession>,
-  ): AuthSession | null {
+  ): Promise<AuthSession | null> {
     const provider = this.getProvider(authMethod);
     if (!provider) {
       console.error(`[mfa-auth] Auth provider not found: ${authMethod}`);
@@ -195,6 +195,8 @@ export class AuthManager {
     this.sessions.set(sessionId, session);
+    await provider.initialize(session);
     if (this.config.debug) {
       console.log(`[mfa-auth] Generated session: ${sessionId}`);
       console.log(`[mfa-auth] User ID: ${userId}`);

package/extensions/mfa-auth/src/config.ts CHANGED Viewed

@@ -19,7 +19,6 @@ export const config: MfaConfig = {
   timeout: 5 * 60 * 1000,
   verificationDuration:
     Number.parseInt(process.env.MFA_VERIFICATION_DURATION || "", 10) || 2 * 60 * 1000,
-  port: 18801,
   domain: process.env.MFA_AUTH_DOMAIN || "",
   allowlistUsers: [],
   enabledAuthMethods: ["qr-code"],
@@ -38,9 +37,7 @@ export const config: MfaConfig = {
 };
 export const dabbyConfig: DabbyConfig = {
-  clientId: process.env.DABBY_CLIENT_ID || "",
-  clientSecret: process.env.DABBY_CLIENT_SECRET || "",
+  apiKey: process.env.MFA_AUTH_API_KEY || "",
   apiBaseUrl: process.env.DABBY_API_BASE_URL || "",
-  tokenCacheDuration: 7000000,
   pollInterval: 2000,
 };

package/extensions/mfa-auth/src/dabby-client.test.ts CHANGED Viewed

@@ -9,223 +9,144 @@ describe("DabbyClient", () => {
   beforeEach(() => {
     mockFetch = vi.fn();
     global.fetch = mockFetch as any;
+    // Ensure apiKey is set for tests
+    dabbyConfig.apiKey = "test-api-key";
     client = new DabbyClient(dabbyConfig);
   });
-  describe("getAccessToken", () => {
-    it("should fetch and cache access token", async () => {
+  describe("getVerifyCode", () => {
+    it("should fetch verify code with API key", async () => {
+      const testQrCodeUrl = "https://example.com/auth?certToken=cert-token-789";
       mockFetch.mockResolvedValueOnce({
         ok: true,
         json: async () => ({
           retCode: 0,
-          retMessage: "成功",
-          accessToken: "test-token-123",
-          expireSeconds: 7200,
-          apiVersion: "3.3.0",
-          timestamp: Date.now(),
-        }),
-      });
-      const token = await client.getAccessToken();
-      expect(token).toBe("test-token-123");
-      expect(mockFetch).toHaveBeenCalledTimes(1);
-    });
-    it("should use cached token if not expired", async () => {
-      mockFetch.mockResolvedValueOnce({
-        ok: true,
-        json: async () => ({
-          retCode: 0,
-          retMessage: "成功",
-          accessToken: "test-token-123",
-          expireSeconds: 7200,
-          apiVersion: "3.3.0",
-          timestamp: Date.now(),
+          message: "成功",
+          data: {
+            certToken: "cert-token-789",
+            qrCodeUrl: testQrCodeUrl,
+          },
         }),
       });
-      await client.getAccessToken();
-      await client.getAccessToken();
-      expect(mockFetch).toHaveBeenCalledTimes(1);
-    });
+      const result = await client.getVerifyCode();
+      expect(result.certToken).toBe("cert-token-789");
+      expect(result.qrCodeUrl).toBe(`${testQrCodeUrl}&fromSource=Cclawd`);
-    it("should refresh token when forced", async () => {
-      mockFetch.mockResolvedValue({
-        ok: true,
-        json: async () => ({
-          retCode: 0,
-          retMessage: "成功",
-          accessToken: "new-token-456",
-          expireSeconds: 7200,
-          apiVersion: "3.3.0",
-          timestamp: Date.now(),
+      expect(mockFetch).toHaveBeenCalledWith(
+        expect.stringContaining("/api/v1/getVerifyCode"),
+        expect.objectContaining({
+          method: "POST",
+          body: expect.stringContaining('"apiKey":"test-api-key"'),
         }),
-      });
-      await client.getAccessToken();
-      await client.refreshAccessToken();
-      expect(mockFetch).toHaveBeenCalledTimes(2);
-    });
-    it("should throw error when clientId or clientSecret is missing", async () => {
-      const emptyClient = new DabbyClient({
-        clientId: "",
-        clientSecret: "",
-        apiBaseUrl: "https://api.dabby.com.cn/v2/api",
-        tokenCacheDuration: 7000000,
-        pollInterval: 2000,
-      });
-      await expect(emptyClient.getAccessToken()).rejects.toThrow(
-        "Dabby clientId and clientSecret are not configured",
       );
     });
     it("should throw error when API returns non-zero retCode", async () => {
-      mockFetch.mockResolvedValueOnce({
+      mockFetch.mockResolvedValue({
         ok: true,
         json: async () => ({
           retCode: 1001,
-          retMessage: "认证失败",
-          accessToken: "",
-          expireSeconds: 0,
-          apiVersion: "3.3.0",
-          timestamp: Date.now(),
+          message: "生成二维码失败",
+          data: null,
         }),
       });
-      await expect(client.getAccessToken()).rejects.toThrow("Dabby API error: 认证失败");
+      await expect(client.getVerifyCode()).rejects.toThrow("Dabby API error: 生成二维码失败");
     });
   });
-  describe("getQrCode", () => {
-    it("should fetch QR code with access token", async () => {
-      mockFetch.mockResolvedValueOnce({
-        ok: true,
-        json: async () => ({
-          retCode: 0,
-          retMessage: "成功",
-          accessToken: "test-token",
-          expireSeconds: 7200,
-          apiVersion: "3.3.0",
-          timestamp: Date.now(),
-        }),
-      });
+  describe("getAuthResult", () => {
+    it("should return verified status when authSuccess is true", async () => {
       mockFetch.mockResolvedValueOnce({
         ok: true,
         json: async () => ({
           retCode: 0,
-          retMessage: "成功",
-          apiVersion: "3.3.0",
-          tokenInfo: {
-            authType: "ScanAuth",
-            certToken: "cert-token-789",
-            createdAt: "2024-01-01 00:00:00",
-            expireAt: "2024-01-01 00:05:00",
-            expireTimeMs: Date.now() + 5 * 60 * 1000,
-            qrcodeContent: "https://h5.dabby.com.cn/authhtml/#/auth?certToken=cert-token-789",
-            timestamp: Date.now(),
+          message: "成功",
+          data: {
+            authSuccess: true,
+            authResult: {
+              idNum: "44000000000000",
+              fullName: "张三",
+            },
+            message: "成功",
           },
         }),
       });
-      const result = await client.getQrCode();
-      expect(result.certToken).toBe("cert-token-789");
-      expect(result.qrcodeContent).toContain("h5.dabby.com.cn");
-    });
-  });
+      const result = await client.getAuthResult("cert-token-789");
+      expect(result.status).toBe("verified");
+      expect(result.authObject?.fullName).toBe("张三");
-  describe("getAuthResult", () => {
-    it("should return verified status when resCode is 0", async () => {
-      mockFetch.mockResolvedValueOnce({
-        ok: true,
-        json: async () => ({
-          retCode: 0,
-          retMessage: "成功",
-          accessToken: "test-token",
-          expireSeconds: 7200,
-          apiVersion: "3.3.0",
-          timestamp: Date.now(),
+      expect(mockFetch).toHaveBeenCalledWith(
+        expect.stringContaining("/api/v1/checkAuthStatus"),
+        expect.objectContaining({
+          method: "POST",
+          body: expect.stringContaining('"apiKey":"test-api-key"'),
         }),
-      });
+      );
+    });
+    it("should return failed status when authSuccess is false", async () => {
       mockFetch.mockResolvedValueOnce({
         ok: true,
         json: async () => ({
           retCode: 0,
-          retMessage: "成功",
-          apiVersion: "3.3.0",
-          authData: {
-            authMode: 66,
-            authObject: {
-              idNum: "44000000000000",
-              fullName: "张三",
-            },
-            authType: "ScanAuth",
-            portrait: "",
-            resCode: 0,
-            resStr: "00XX",
+          message: "成功",
+          data: {
+            authSuccess: false,
+            authResult: {},
+            message: "认证失败或超时",
           },
-          authInfo: {},
         }),
       });
       const result = await client.getAuthResult("cert-token-789");
-      expect(result.status).toBe("verified");
-      expect(result.authObject?.fullName).toBe("张三");
+      expect(result.status).toBe("failed");
+      expect(result.error).toContain("认证失败或超时");
     });
-    it("should return failed status when resCode is not 0", async () => {
+    it("should return pending status when retCode is 4401", async () => {
       mockFetch.mockResolvedValueOnce({
         ok: true,
         json: async () => ({
-          retCode: 0,
-          retMessage: "成功",
-          accessToken: "test-token",
-          expireSeconds: 7200,
-          apiVersion: "3.3.0",
-          timestamp: Date.now(),
+          retCode: 4401,
+          message: "等待认证",
+          data: null,
         }),
       });
+      const result = await client.getAuthResult("cert-token-789");
+      expect(result.status).toBe("pending");
+    });
+    it("should return failed status on API error", async () => {
       mockFetch.mockResolvedValueOnce({
         ok: true,
         json: async () => ({
-          retCode: 0,
-          retMessage: "成功",
-          apiVersion: "3.3.0",
-          authData: {
-            authMode: 66,
-            authObject: {
-              idNum: "",
-              fullName: "",
-            },
-            authType: "ScanAuth",
-            portrait: "",
-            resCode: 1002,
-            resStr: "01XX",
-          },
-          authInfo: {},
+          retCode: 500,
+          message: "服务器错误",
+          data: null,
         }),
       });
       const result = await client.getAuthResult("cert-token-789");
       expect(result.status).toBe("failed");
-      expect(result.error).toContain("认证失败");
+      expect(result.error).toContain("服务器错误");
     });
   });
   describe("checkQrCodeExpired", () => {
-    it("should return true when QR code is expired", () => {
+    // This is not using config so we need to instantiate client
+    it("should return true when QR code is expired", async () => {
       const expiredTime = Date.now() - 1000;
-      const isExpired = client.checkQrCodeExpired("cert-token", expiredTime);
+      const isExpired = await client.checkQrCodeExpired("cert-token", expiredTime);
       expect(isExpired).toBe(true);
     });
-    it("should return false when QR code is not expired", () => {
+    it("should return false when QR code is not expired", async () => {
       const futureTime = Date.now() + 5 * 60 * 1000;
-      const isExpired = client.checkQrCodeExpired("cert-token", futureTime);
+      const isExpired = await client.checkQrCodeExpired("cert-token", futureTime);
       expect(isExpired).toBe(false);
     });
   });