feishu-user-plugin 1.1.2 → 1.2.0

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "feishu-user-plugin",
-  "version": "1.1.2",
+  "version": "1.2.0",
   "description": "All-in-one Feishu plugin for Claude Code — send messages as yourself, read chats, manage docs/tables/wiki. 33 tools + 9 skills, 3 auth layers.",
   "author": {
     "name": "EthanQC"

package/CHANGELOG.md

@@ -4,6 +4,15 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/), and this project adheres to [Semantic Versioning](https://semver.org/).
 
+## [1.1.3] - 2026-03-11
+
+### Fixed
+- **Case-insensitive chat name matching**: All name resolution strategies (bot group list, im.chat.search, search_contacts) now use case-insensitive matching. "ai技术解决" now correctly matches "AI技术解决（内部）".
+- **expires_in NaN bug**: UAT token refresh and OAuth now validate `expires_in` field, defaulting to 7200s if missing/invalid, preventing NaN corruption in config.
+- **_populateSenderNames inefficiency**: Fixed redundant condition in cookie-based name fallback.
+- **OAuth silent persistence failure**: Now logs warnings when token persistence to `~/.claude.json` fails, instead of silently swallowing errors.
+- **Null safety**: Added null check in `resolveToOcId` for undefined chat_id.
+
 ## [1.1.2] - 2026-03-11
 
 ### Fixed

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "feishu-user-plugin",
-  "version": "1.1.2",
+  "version": "1.2.0",
   "description": "All-in-one Feishu plugin for Claude Code — send messages as yourself, read chats, manage docs/tables/wiki. 33 tools + 9 skills, 3 auth layers.",
   "main": "src/index.js",
   "bin": {

package/skills/feishu-user-plugin/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: feishu-user-plugin
-version: "1.1.2"
+version: "1.1.3"
 description: "All-in-one Feishu plugin — send messages as yourself, read group/P2P chats, manage docs/tables/wiki. Replaces and extends the official Feishu MCP."
 allowed-tools: send_to_user, send_to_group, send_as_user, send_image_as_user, send_file_as_user, send_post_as_user, send_sticker_as_user, send_audio_as_user, search_contacts, create_p2p_chat, get_chat_info, get_user_info, get_login_status, read_p2p_messages, list_user_chats, list_chats, read_messages, reply_message, forward_message, search_docs, read_doc, create_doc, list_bitable_tables, list_bitable_fields, search_bitable_records, create_bitable_record, update_bitable_record, list_wiki_spaces, search_wiki, list_wiki_nodes, list_files, create_folder, find_user
 user_invocable: true

package/src/cli.js

@@ -7,6 +7,7 @@
  *   npx feishu-user-plugin setup    → Interactive setup wizard
  *   npx feishu-user-plugin oauth    → Run OAuth flow for UAT
  *   npx feishu-user-plugin status   → Check auth status
+ *   npx feishu-user-plugin keepalive → Refresh cookie + UAT (for cron)
  */
 
 const cmd = process.argv[2];
@@ -21,6 +22,9 @@ switch (cmd) {
   case 'status':
     checkStatus();
     break;
+  case 'keepalive':
+    keepalive();
+    break;
   case 'help':
   case '--help':
   case '-h':
@@ -41,6 +45,7 @@ Commands:
   setup       Interactive setup wizard — writes MCP config
   oauth       Run OAuth flow to obtain user_access_token
   status      Check authentication status
+  keepalive   Refresh cookie + UAT to prevent expiration (for cron jobs)
   help        Show this help
 
 Quick Start (team members):
@@ -53,20 +58,85 @@ Quick Start (external users):
   2. npx feishu-user-plugin setup
   3. npx feishu-user-plugin oauth
   4. Restart Claude Code
+
+Auto-renewal (optional):
+  Add to crontab to keep tokens alive even when Claude Code is closed:
+  crontab -e → add: 0 */4 * * * npx feishu-user-plugin keepalive >> /tmp/feishu-keepalive.log 2>&1
 `);
 }
 
+async function keepalive() {
+  const { LarkUserClient } = require('./client');
+  const { LarkOfficialClient } = require('./official');
+  const { findMcpConfig, persistToConfig } = require('./config');
+
+  const found = findMcpConfig();
+  if (!found) {
+    console.error('[keepalive] No config found. Run: npx feishu-user-plugin setup');
+    process.exit(1);
+  }
+  const creds = found.serverEnv;
+  let ok = true;
+
+  // 1. Refresh Cookie
+  const cookie = creds.LARK_COOKIE;
+  if (cookie && cookie !== 'SETUP_NEEDED') {
+    try {
+      const client = new LarkUserClient(cookie);
+      await client.init();
+      // init() calls _getCsrfToken which refreshes sl_session
+      persistToConfig({ LARK_COOKIE: client.cookieStr });
+      console.log(`[keepalive] Cookie refreshed (user: ${client.userName})`);
+    } catch (e) {
+      console.error(`[keepalive] Cookie refresh FAILED: ${e.message}`);
+      ok = false;
+    }
+  }
+
+  // 2. Refresh UAT
+  const appId = creds.LARK_APP_ID;
+  const appSecret = creds.LARK_APP_SECRET;
+  const uat = creds.LARK_USER_ACCESS_TOKEN;
+  const rt = creds.LARK_USER_REFRESH_TOKEN;
+  if (appId && appSecret && uat && uat !== 'SETUP_NEEDED' && rt) {
+    try {
+      const official = new LarkOfficialClient(appId, appSecret);
+      official._uat = uat;
+      official._uatRefresh = rt;
+      official._uatExpires = 0; // force refresh
+      await official._refreshUAT(); // refreshes + persists automatically
+      console.log('[keepalive] UAT refreshed');
+    } catch (e) {
+      console.error(`[keepalive] UAT refresh FAILED: ${e.message}`);
+      ok = false;
+    }
+  }
+
+  if (ok) {
+    console.log('[keepalive] All tokens refreshed successfully');
+  }
+  process.exit(ok ? 0 : 1);
+}
+
 async function checkStatus() {
   const { LarkUserClient } = require('./client');
   const { LarkOfficialClient } = require('./official');
-  const path = require('path');
-  require('dotenv').config({ path: path.join(__dirname, '..', '.env') });
+  const { findMcpConfig } = require('./config');
+
+  const found = findMcpConfig();
+  const creds = found ? found.serverEnv : {};
 
   console.log('=== feishu-user-plugin Auth Status ===\n');
+  if (found) {
+    console.log(`Config: ${found.configPath}${found.projectPath ? ` (project: ${found.projectPath})` : ''}`);
+  } else {
+    console.log('Config: NOT FOUND (run: npx feishu-user-plugin setup)');
+  }
+  console.log('');
 
   // Cookie
-  const cookie = process.env.LARK_COOKIE;
-  if (cookie) {
+  const cookie = creds.LARK_COOKIE;
+  if (cookie && cookie !== 'SETUP_NEEDED') {
     try {
       const client = new LarkUserClient(cookie);
       await client.init();
@@ -79,21 +149,24 @@ async function checkStatus() {
   }
 
   // App credentials
-  const appId = process.env.LARK_APP_ID;
-  const appSecret = process.env.LARK_APP_SECRET;
+  const appId = creds.LARK_APP_ID;
+  const appSecret = creds.LARK_APP_SECRET;
   console.log(`App credentials: ${appId && appSecret ? 'OK' : 'NOT SET'}`);
 
   // UAT
-  const uat = process.env.LARK_USER_ACCESS_TOKEN;
-  const rt = process.env.LARK_USER_REFRESH_TOKEN;
-  if (uat) {
+  const uat = creds.LARK_USER_ACCESS_TOKEN;
+  const rt = creds.LARK_USER_REFRESH_TOKEN;
+  if (uat && uat !== 'SETUP_NEEDED') {
     console.log(`UAT: SET (refresh_token: ${rt ? 'YES' : 'NO'})`);
     if (appId && appSecret) {
       const official = new LarkOfficialClient(appId, appSecret);
-      official.loadUAT();
+      // Set UAT fields directly (bypassing loadUAT which reads from process.env)
+      official._uat = uat;
+      official._uatRefresh = rt || null;
+      official._uatExpires = parseInt(creds.LARK_UAT_EXPIRES || '0');
       try {
-        const chats = await official.listChatsAsUser({ pageSize: 1 });
-        console.log(`  UAT test: OK (can list chats)`);
+        await official.listChatsAsUser({ pageSize: 1 });
+        console.log('  UAT test: OK (can list chats)');
       } catch (e) {
         console.log(`  UAT test: FAILED — ${e.message}`);
       }

package/src/client.js

@@ -90,7 +90,10 @@ class LarkUserClient {
     this._heartbeatTimer = setInterval(async () => {
       try {
         await this._getCsrfToken();
-        console.error('[feishu-user-plugin] Cookie heartbeat: session refreshed');
+        // Lazy require to avoid circular dependency at module load time
+        const { persistToConfig } = require('./config');
+        persistToConfig({ LARK_COOKIE: this.cookieStr });
+        console.error('[feishu-user-plugin] Cookie heartbeat: session refreshed and persisted');
       } catch (e) {
         console.error('[feishu-user-plugin] Cookie heartbeat failed:', e.message);
       }
@@ -252,7 +255,8 @@ class LarkUserClient {
           const propBuf = this._encode('TextProperty', { content: elem.userId });
           dictionary[elemId] = { tag: 5, property: propBuf };
         } else if (elem.tag === 'a') {
-          const propBuf = this._encode('TextProperty', { content: elem.text || elem.href });
+          // Link element: content stores the URL, display text goes through innerText
+          const propBuf = this._encode('TextProperty', { content: elem.href || elem.text || '' });
           dictionary[elemId] = { tag: 6, property: propBuf };
         }
       }

package/src/config.js

@@ -0,0 +1,188 @@
+const fs = require('fs');
+const path = require('path');
+
+const SERVER_NAMES = ['feishu-user-plugin', 'feishu'];
+
+/**
+ * Search an mcpServers object for a feishu-user-plugin entry.
+ * Returns { serverName, serverEnv } or null.
+ */
+function _findInServers(servers) {
+  if (!servers || typeof servers !== 'object') return null;
+  for (const name of SERVER_NAMES) {
+    if (servers[name]) {
+      if (!servers[name].env) servers[name].env = {};
+      return { serverName: name, serverEnv: servers[name].env };
+    }
+  }
+  return null;
+}
+
+/**
+ * Discover the MCP config file containing feishu-user-plugin server entry.
+ *
+ * Search order:
+ *   1. ~/.claude.json — top-level mcpServers
+ *   2. ~/.claude.json — projects[*].mcpServers (Claude Code project-level config)
+ *   3. ~/.claude/.claude.json — same two-level search
+ *   4. <cwd>/.mcp.json — top-level mcpServers (reliable in CLI mode)
+ *
+ * Returns { configPath, config, serverName, serverEnv, projectPath? } or null.
+ */
+function findMcpConfig() {
+  const home = process.env.HOME;
+  const candidates = [
+    ...(home ? [
+      path.join(home, '.claude.json'),
+      path.join(home, '.claude', '.claude.json'),
+    ] : []),
+    path.join(process.cwd(), '.mcp.json'),
+  ];
+
+  for (const configPath of candidates) {
+    try {
+      const raw = fs.readFileSync(configPath, 'utf8');
+      const config = JSON.parse(raw);
+
+      // Strategy 1: top-level mcpServers
+      const topLevel = _findInServers(config.mcpServers);
+      if (topLevel) {
+        return { configPath, config, ...topLevel, projectPath: null };
+      }
+
+      // Strategy 2: projects[*].mcpServers (Claude Code nests project-level config here)
+      if (config.projects) {
+        for (const [projPath, projConfig] of Object.entries(config.projects)) {
+          const nested = _findInServers(projConfig.mcpServers);
+          if (nested) {
+            return { configPath, config, ...nested, projectPath: projPath };
+          }
+        }
+      }
+
+      // Strategy 3: .mcp.json uses top-level keys as server names (no mcpServers wrapper)
+      const bare = _findInServers(config);
+      if (bare) {
+        return { configPath, config, ...bare, projectPath: null };
+      }
+    } catch (e) {
+      // Only warn if the file exists but is invalid (not for missing files)
+      if (e.code !== 'ENOENT') {
+        console.error(`[feishu-user-plugin] Warning: Failed to parse ${configPath}: ${e.message}`);
+      }
+    }
+  }
+  return null;
+}
+
+/**
+ * Read all LARK_* credentials from the discovered MCP config.
+ * Returns an object with all env vars, or {} if no config found.
+ */
+function readCredentials() {
+  const found = findMcpConfig();
+  if (!found) return {};
+  return { ...found.serverEnv };
+}
+
+/**
+ * Persist key-value updates into the MCP config's env block.
+ * Uses findMcpConfig() to locate the correct entry, then writes back.
+ * Returns true if persisted successfully, false otherwise.
+ */
+function persistToConfig(updates) {
+  try {
+    const found = findMcpConfig();
+    if (!found) {
+      console.error('[feishu-user-plugin] WARNING: No MCP config found. Update your config manually.');
+      return false;
+    }
+
+    const { configPath, config, serverName, projectPath } = found;
+
+    // Navigate to the correct env object
+    let env;
+    if (projectPath) {
+      env = config.projects[projectPath].mcpServers[serverName].env;
+    } else if (config.mcpServers?.[serverName]) {
+      env = config.mcpServers[serverName].env;
+    } else {
+      env = config[serverName].env;
+    }
+
+    Object.assign(env, updates);
+    fs.writeFileSync(configPath, JSON.stringify(config, null, 2) + '\n');
+    console.error(`[feishu-user-plugin] Config persisted to ${configPath}${projectPath ? ` (project: ${projectPath})` : ''}`);
+    return true;
+  } catch (e) {
+    console.error(`[feishu-user-plugin] Failed to persist config: ${e.message}`);
+    return false;
+  }
+}
+
+/**
+ * Write a complete feishu-user-plugin MCP server entry to a config file.
+ * Used by the setup wizard.
+ *
+ * If an existing config is found via findMcpConfig(), updates it in-place
+ * (preserving its location — top-level or project-level).
+ * Otherwise, writes to ~/.claude.json top-level mcpServers.
+ *
+ * @param {object} env - The env vars to write
+ * @param {string} [configPath] - Override the target config file path
+ * @param {string} [projectPath] - If writing to a project-level entry
+ * @returns {{ configPath: string }} The path that was written
+ */
+function writeNewConfig(env, configPath, projectPath) {
+  if (!configPath) {
+    configPath = path.join(process.env.HOME || '', '.claude.json');
+  }
+
+  if (projectPath) {
+    // Verify the project entry still exists; warn if it was removed between discovery and write
+    let existing = {};
+    try { existing = JSON.parse(fs.readFileSync(configPath, 'utf8')); } catch {}
+    if (!existing.projects?.[projectPath]) {
+      console.error(`[feishu-user-plugin] Warning: project entry "${projectPath}" not found in ${configPath}, writing to top-level mcpServers`);
+      projectPath = null;
+    }
+  }
+
+  let config = {};
+  try {
+    config = JSON.parse(fs.readFileSync(configPath, 'utf8'));
+  } catch {}
+
+  const serverEntry = {
+    command: 'npx',
+    args: ['-y', 'feishu-user-plugin'],
+    env,
+  };
+
+  if (projectPath && config.projects?.[projectPath]) {
+    // Write into existing project-level config
+    if (!config.projects[projectPath].mcpServers) config.projects[projectPath].mcpServers = {};
+    config.projects[projectPath].mcpServers['feishu-user-plugin'] = serverEntry;
+    if (config.projects[projectPath].mcpServers.feishu) {
+      delete config.projects[projectPath].mcpServers.feishu;
+    }
+  } else if (configPath.endsWith('.mcp.json') && !config.mcpServers) {
+    // Bare .mcp.json format: server entries at top level (no mcpServers wrapper)
+    config['feishu-user-plugin'] = serverEntry;
+    if (config.feishu) {
+      delete config.feishu;
+    }
+  } else {
+    // Write to top-level mcpServers (default for ~/.claude.json)
+    if (!config.mcpServers) config.mcpServers = {};
+    config.mcpServers['feishu-user-plugin'] = serverEntry;
+    if (config.mcpServers.feishu) {
+      delete config.mcpServers.feishu;
+    }
+  }
+
+  fs.writeFileSync(configPath, JSON.stringify(config, null, 2) + '\n');
+  return { configPath };
+}
+
+module.exports = { findMcpConfig, readCredentials, persistToConfig, writeNewConfig, SERVER_NAMES };

package/src/index.js

@@ -6,6 +6,8 @@ const {
   ListToolsRequestSchema,
 } = require('@modelcontextprotocol/sdk/types.js');
 const path = require('path');
+// Local dev fallback: MCP clients inject env vars from config's env block at spawn time.
+// This dotenv line only matters when running locally with a .env file (e.g. during development).
 require('dotenv').config({ path: path.join(__dirname, '..', '.env') });
 const { LarkUserClient } = require('./client');
 const { LarkOfficialClient } = require('./official');
@@ -33,20 +35,28 @@ class ChatIdMapper {
     }
   }
 
+  // Case-insensitive name matching helper
+  static _nameMatch(haystack, needle, exact = false) {
+    if (!haystack || !needle) return false;
+    const h = haystack.toLowerCase(), n = needle.toLowerCase();
+    return exact ? h === n : h.includes(n);
+  }
+
   async findByName(name, official) {
     await this._refresh(official);
-    // Exact match first
+    // Exact match first (case-insensitive)
     for (const [ocId, chatName] of this.nameCache) {
-      if (chatName === name) return ocId;
+      if (ChatIdMapper._nameMatch(chatName, name, true)) return ocId;
     }
-    // Partial match
+    // Partial match (case-insensitive)
     for (const [ocId, chatName] of this.nameCache) {
-      if (chatName && chatName.includes(name)) return ocId;
+      if (ChatIdMapper._nameMatch(chatName, name)) return ocId;
     }
     return null;
   }
 
   async resolveToOcId(chatIdOrName, official) {
+    if (!chatIdOrName) return null;
     if (chatIdOrName.startsWith('oc_')) return chatIdOrName;
     // Also accept raw numeric IDs (from search_contacts)
     if (/^\d+$/.test(chatIdOrName)) return chatIdOrName;
@@ -58,11 +68,11 @@ class ChatIdMapper {
       const results = await official.chatSearch(chatIdOrName);
       for (const chat of results) {
         this.nameCache.set(chat.chat_id, chat.name || '');
-        if (chat.name === chatIdOrName) return chat.chat_id;
+        if (ChatIdMapper._nameMatch(chat.name, chatIdOrName, true)) return chat.chat_id;
       }
-      // Partial match on search results
+      // Partial match on search results (case-insensitive)
       for (const chat of results) {
-        if (chat.name && chat.name.includes(chatIdOrName)) return chat.chat_id;
+        if (ChatIdMapper._nameMatch(chat.name, chatIdOrName)) return chat.chat_id;
       }
     } catch (e) {
       console.error('[feishu-user-plugin] chatSearch fallback failed:', e.message);
@@ -77,13 +87,13 @@ class ChatIdMapper {
     try {
       const results = await userClient.search(chatName);
       const groups = results.filter(r => r.type === 'group');
-      // Exact match first
+      // Exact match first (case-insensitive)
       for (const g of groups) {
-        if (g.title === chatName) return String(g.id);
+        if (ChatIdMapper._nameMatch(g.title, chatName, true)) return String(g.id);
       }
-      // Partial match
+      // Partial match (case-insensitive)
       for (const g of groups) {
-        if (g.title && g.title.includes(chatName)) return String(g.id);
+        if (ChatIdMapper._nameMatch(g.title, chatName)) return String(g.id);
       }
     } catch (e) {
       console.error('[feishu-user-plugin] search_contacts fallback failed:', e.message);
@@ -386,6 +396,17 @@ const TOOLS = [
       required: ['document_id'],
     },
   },
+  {
+    name: 'get_doc_blocks',
+    description: '[Official API] Get structured block tree of a document. Returns block types, content, and hierarchy for precise document analysis.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        document_id: { type: 'string', description: 'Document ID (from search_docs or create_doc)' },
+      },
+      required: ['document_id'],
+    },
+  },
   {
     name: 'create_doc',
     description: '[Official API] Create a new Feishu document.',
@@ -514,6 +535,33 @@ const TOOLS = [
     },
   },
 
+  // ========== Upload — Official API ==========
+  {
+    name: 'upload_image',
+    description: '[Official API] Upload an image file to Feishu. Returns image_key for use with send_image_as_user.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        image_path: { type: 'string', description: 'Absolute path to the image file on disk' },
+        image_type: { type: 'string', enum: ['message', 'avatar'], description: 'Image usage type (default: message)' },
+      },
+      required: ['image_path'],
+    },
+  },
+  {
+    name: 'upload_file',
+    description: '[Official API] Upload a file to Feishu. Returns file_key for use with send_file_as_user.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        file_path: { type: 'string', description: 'Absolute path to the file on disk' },
+        file_type: { type: 'string', enum: ['opus', 'mp4', 'pdf', 'doc', 'xls', 'ppt', 'stream'], description: 'File type (default: stream for generic files)' },
+        file_name: { type: 'string', description: 'Display file name (optional, defaults to basename)' },
+      },
+      required: ['file_path'],
+    },
+  },
+
   // ========== Contact — Official API ==========
   {
     name: 'find_user',
@@ -531,7 +579,7 @@ const TOOLS = [
 // --- Server ---
 
 const server = new Server(
-  { name: 'feishu-user-plugin', version: '1.1.2' },
+  { name: 'feishu-user-plugin', version: require('../package.json').version },
   { capabilities: { tools: {} } }
 );
 
@@ -563,8 +611,13 @@ async function handleTool(name, args) {
     case 'send_to_user': {
       const c = await getUserClient();
       const results = await c.search(args.user_name);
-      const user = results.find(r => r.type === 'user');
-      if (!user) return text(`User "${args.user_name}" not found. Results: ${JSON.stringify(results)}`);
+      const users = results.filter(r => r.type === 'user');
+      if (users.length === 0) return text(`User "${args.user_name}" not found. Results: ${JSON.stringify(results)}`);
+      if (users.length > 1) {
+        const candidates = users.slice(0, 5).map(u => `  - ${u.title} (ID: ${u.id})`).join('\n');
+        return text(`Multiple users match "${args.user_name}":\n${candidates}\nUse search_contacts to find the exact user, then create_p2p_chat + send_as_user.`);
+      }
+      const user = users[0];
       const chatId = await c.createChat(user.id);
       if (!chatId) return text(`Failed to create chat with ${user.title}`);
       const r = await c.sendMessage(chatId, args.text);
@@ -573,8 +626,13 @@ async function handleTool(name, args) {
     case 'send_to_group': {
       const c = await getUserClient();
       const results = await c.search(args.group_name);
-      const group = results.find(r => r.type === 'group');
-      if (!group) return text(`Group "${args.group_name}" not found. Results: ${JSON.stringify(results)}`);
+      const groups = results.filter(r => r.type === 'group');
+      if (groups.length === 0) return text(`Group "${args.group_name}" not found. Results: ${JSON.stringify(results)}`);
+      if (groups.length > 1) {
+        const candidates = groups.slice(0, 5).map(g => `  - ${g.title} (ID: ${g.id})`).join('\n');
+        return text(`Multiple groups match "${args.group_name}":\n${candidates}\nUse search_contacts to find the exact group, then send_as_user with the ID.`);
+      }
+      const group = groups[0];
       const r = await c.sendMessage(group.id, args.text);
       return sendResult(r, `Text sent to group "${group.title}" (${group.id})`);
     }
@@ -625,20 +683,16 @@ async function handleTool(name, args) {
     }
     case 'get_user_info': {
       let n = null;
-      // Strategy 1: User identity client cache
+      // Strategy 1: Official API contact lookup (works for same-tenant users by open_id)
       try {
-        const c = await getUserClient();
-        n = await c.getUserName(args.user_id);
-        if (!n && args.user_id) {
-          await c.search(args.user_id);
-          n = await c.getUserName(args.user_id);
-        }
+        const official = getOfficialClient();
+        n = await official.getUserById(args.user_id, 'open_id');
       } catch {}
-      // Strategy 2: Official API contact lookup (works for same-tenant users)
+      // Strategy 2: User identity client cache (populated by previous search/init calls)
       if (!n) {
         try {
-          const official = getOfficialClient();
-          n = await official.getUserById(args.user_id, 'open_id');
+          const c = await getUserClient();
+          n = await c.getUserName(args.user_id);
         } catch {}
       }
       return text(n ? `User ${args.user_id}: ${n}` : `Could not resolve user ${args.user_id}. This user may be from an external tenant. Try search_contacts with the user's display name instead.`);
@@ -663,10 +717,11 @@ async function handleTool(name, args) {
     case 'read_p2p_messages': {
       const official = getOfficialClient();
       let chatId = args.chat_id;
+      let uc = null;
+      let ucError = null;
+      try { uc = await getUserClient(); } catch (e) { ucError = e; }
       // If chat_id is not numeric or oc_, try to resolve as user name → P2P chat
       if (!/^\d+$/.test(chatId) && !chatId.startsWith('oc_')) {
-        let uc = null;
-        try { uc = await getUserClient(); } catch (_) {}
         if (uc) {
           const results = await uc.search(chatId);
           const user = results.find(r => r.type === 'user');
@@ -681,11 +736,10 @@ async function handleTool(name, args) {
             else return text(`Cannot resolve "${args.chat_id}" to a chat. Use search_contacts to find the ID first.`);
           }
         } else {
-          return text(`"${args.chat_id}" is not a valid chat ID. Provide a numeric ID or oc_xxx format. Use search_contacts + create_p2p_chat to get the ID.`);
+          const hint = ucError ? `Cookie auth failed: ${ucError.message}. Fix LARK_COOKIE first, or p` : 'P';
+          return text(`"${args.chat_id}" is not a valid chat ID. ${hint}rovide a numeric ID or oc_xxx format. Use search_contacts + create_p2p_chat to get the ID.`);
         }
       }
-      let uc = null;
-      try { uc = await getUserClient(); } catch (_) {}
       return json(await official.readMessagesAsUser(chatId, {
         pageSize: args.page_size, startTime: args.start_time, endTime: args.end_time,
         sortType: args.sort_type,
@@ -746,6 +800,8 @@ async function handleTool(name, args) {
       return json(await getOfficialClient().searchDocs(args.query));
     case 'read_doc':
       return json(await getOfficialClient().readDoc(args.document_id));
+    case 'get_doc_blocks':
+      return json(await getOfficialClient().getDocBlocks(args.document_id));
     case 'create_doc':
       return text(`Document created: ${(await getOfficialClient().createDoc(args.title, args.folder_id)).documentId}`);
 
@@ -785,6 +841,17 @@ async function handleTool(name, args) {
     case 'find_user':
       return json(await getOfficialClient().findUserByIdentity({ emails: args.email, mobiles: args.mobile }));
 
+    // --- Upload ---
+
+    case 'upload_image': {
+      const r = await getOfficialClient().uploadImage(args.image_path, args.image_type);
+      return text(`Image uploaded: ${r.imageKey}\nUse this image_key with send_image_as_user to send it.`);
+    }
+    case 'upload_file': {
+      const r = await getOfficialClient().uploadFile(args.file_path, args.file_type, args.file_name);
+      return text(`File uploaded: ${r.fileKey}\nUse this file_key with send_file_as_user to send it.`);
+    }
+
     default:
       return text(`Unknown tool: ${name}`);
   }
@@ -798,7 +865,7 @@ async function main() {
   const hasCookie = !!process.env.LARK_COOKIE;
   const hasApp = !!(process.env.LARK_APP_ID && process.env.LARK_APP_SECRET);
   const hasUAT = !!process.env.LARK_USER_ACCESS_TOKEN;
-  console.error(`[feishu-user-plugin] MCP Server v1.1.2 — ${TOOLS.length} tools`);
+  console.error(`[feishu-user-plugin] MCP Server v${require('../package.json').version} — ${TOOLS.length} tools`);
   console.error(`[feishu-user-plugin] Auth: Cookie=${hasCookie ? 'YES' : 'NO'} App=${hasApp ? 'YES' : 'NO'} UAT=${hasUAT ? 'YES' : 'NO'}`);
   if (!hasCookie) console.error('[feishu-user-plugin] WARNING: LARK_COOKIE not set — user identity tools (send_to_user, etc.) will fail');
   if (!hasApp) console.error('[feishu-user-plugin] WARNING: LARK_APP_ID/SECRET not set — official API tools (read_messages, docs, etc.) will fail');

package/src/oauth-auto.js

@@ -1,5 +1,7 @@
 #!/usr/bin/env node
-// Automated OAuth flow using Playwright — single page, no extra tabs
+// DEV ONLY: Automated OAuth using local Playwright (not used in production).
+// Uses .env directly; not migrated to config module.
+// Requires: npm install playwright (not in package.json dependencies)
 const http = require('http');
 const { chromium } = require('playwright');
 const fs = require('fs');
@@ -30,7 +32,7 @@ function saveToken(tokenData) {
     LARK_USER_ACCESS_TOKEN: tokenData.access_token,
     LARK_USER_REFRESH_TOKEN: tokenData.refresh_token || '',
     LARK_UAT_SCOPE: tokenData.scope || '',
-    LARK_UAT_EXPIRES: String(Math.floor(Date.now() / 1000 + tokenData.expires_in)),
+    LARK_UAT_EXPIRES: String(Math.floor(Date.now() / 1000 + (typeof tokenData.expires_in === 'number' && tokenData.expires_in > 0 ? tokenData.expires_in : 7200))),
   };
   for (const [key, val] of Object.entries(updates)) {
     const regex = new RegExp(`^${key}=.*$`, 'm');
@@ -161,29 +163,6 @@ async function run() {
     console.log('scope:', tokenData.scope);
     console.log('expires_in:', tokenData.expires_in, 's');
 
-    // Test P2P message reading
-    console.log('\n[test] Testing P2P message reading...');
-    const testRes = await fetch('https://open.feishu.cn/open-apis/im/v1/messages?container_id_type=chat&container_id=oc_97a52756ee2c4351a2a86e6aa33e8ca4&page_size=2&sort_type=ByCreateTimeDesc', {
-      headers: { 'Authorization': `Bearer ${tokenData.access_token}` },
-    });
-    const testData = await testRes.json();
-    if (testData.code === 0) {
-      console.log('[test] P2P: SUCCESS!', testData.data?.items?.length, 'messages');
-    } else {
-      console.log('[test] P2P: Error', testData.code, testData.msg);
-    }
-
-    // Test group messages
-    const grpRes = await fetch('https://open.feishu.cn/open-apis/im/v1/messages?container_id_type=chat&container_id=oc_6ae081b457d07e9651d615493b7f1096&page_size=2&sort_type=ByCreateTimeDesc', {
-      headers: { 'Authorization': `Bearer ${tokenData.access_token}` },
-    });
-    const grpData = await grpRes.json();
-    if (grpData.code === 0) {
-      console.log('[test] Group: SUCCESS!', grpData.data?.items?.length, 'messages');
-    } else {
-      console.log('[test] Group: Error', grpData.code, grpData.msg);
-    }
-
   } catch (e) {
     console.error('\nError:', e.message);
     await page.screenshot({ path: '/tmp/feishu-oauth-error.png' }).catch(() => {});

package/src/oauth.js

@@ -2,33 +2,31 @@
 /**
  * OAuth 授权脚本 — 获取带 IM 权限的 user_access_token
  *
- * 用法: node src/oauth.js
+ * 用法: npx feishu-user-plugin oauth
  *
  * 流程 (新版 End User Consent):
  * 1. 查询应用信息，提示用户选择正确的飞书账号
  * 2. 启动本地 HTTP 服务器 (端口 9997)
  * 3. 打开 accounts.feishu.cn 授权页面 (新版 OAuth 2.0)
  * 4. 用户点击"授权"后，用 /authen/v2/oauth/token 交换 token
- * 5. 保存 access_token + refresh_token 到 .env
+ * 5. 保存 token 到 MCP 配置文件
  */
 
 const http = require('http');
 const { execSync } = require('child_process');
-const fs = require('fs');
-const path = require('path');
-const dotenv = require('dotenv');
+const { readCredentials, persistToConfig } = require('./config');
 
-dotenv.config({ path: path.join(__dirname, '..', '.env') });
-
-const APP_ID = process.env.LARK_APP_ID;
-const APP_SECRET = process.env.LARK_APP_SECRET;
+const creds = readCredentials();
+const APP_ID = creds.LARK_APP_ID;
+const APP_SECRET = creds.LARK_APP_SECRET;
 const PORT = 9997;
 const REDIRECT_URI = `http://127.0.0.1:${PORT}/callback`;
 // offline_access is required to get refresh_token for auto-renewal
 const SCOPES = 'offline_access im:message im:message:readonly im:chat:readonly contact:user.base:readonly';
 
 if (!APP_ID || !APP_SECRET) {
-  console.error('Missing LARK_APP_ID or LARK_APP_SECRET in .env');
+  console.error('Missing LARK_APP_ID or LARK_APP_SECRET.');
+  console.error('Run "npx feishu-user-plugin setup" first to configure app credentials.');
   process.exit(1);
 }
 
@@ -100,52 +98,20 @@ async function exchangeCode(code) {
 }
 
 function saveToken(tokenData) {
-  const envPath = path.join(__dirname, '..', '.env');
-  let envContent = '';
-  try { envContent = fs.readFileSync(envPath, 'utf8'); } catch {}
-
   const updates = {
     LARK_USER_ACCESS_TOKEN: tokenData.access_token,
     LARK_USER_REFRESH_TOKEN: tokenData.refresh_token || '',
     LARK_UAT_SCOPE: tokenData.scope || '',
-    LARK_UAT_EXPIRES: String(Math.floor(Date.now() / 1000 + tokenData.expires_in)),
+    LARK_UAT_EXPIRES: String(Math.floor(Date.now() / 1000 + (typeof tokenData.expires_in === 'number' && tokenData.expires_in > 0 ? tokenData.expires_in : 7200))),
   };
 
-  for (const [key, val] of Object.entries(updates)) {
-    const regex = new RegExp(`^${key}=.*$`, 'm');
-    if (regex.test(envContent)) {
-      envContent = envContent.replace(regex, `${key}=${val}`);
-    } else {
-      envContent += `\n${key}=${val}`;
+  const ok = persistToConfig(updates);
+  if (!ok) {
+    console.error('WARNING: Tokens could not be saved to config. Copy them manually:');
+    for (const [k, v] of Object.entries(updates)) {
+      console.error(`  ${k}=${v}`);
     }
   }
-
-  fs.writeFileSync(envPath, envContent.trim() + '\n');
-
-  // Also persist to ~/.claude.json MCP config so MCP restart picks up tokens immediately
-  _persistToClaudeJson(updates);
-}
-
-function _persistToClaudeJson(updates) {
-  const claudeJsonPaths = [
-    path.join(process.env.HOME || '', '.claude.json'),
-    path.join(process.env.HOME || '', '.claude', '.claude.json'),
-  ];
-  for (const cjPath of claudeJsonPaths) {
-    try {
-      const raw = fs.readFileSync(cjPath, 'utf8');
-      const config = JSON.parse(raw);
-      const servers = config.mcpServers || {};
-      for (const name of ['feishu-user-plugin', 'feishu']) {
-        if (servers[name]?.env) {
-          Object.assign(servers[name].env, updates);
-          fs.writeFileSync(cjPath, JSON.stringify(config, null, 2) + '\n');
-          console.log(`[feishu-user-plugin] OAuth tokens persisted to ${cjPath}`);
-          return;
-        }
-      }
-    } catch {}
-  }
 }
 
 const server = http.createServer(async (req, res) => {
@@ -170,7 +136,7 @@ const server = http.createServer(async (req, res) => {
 <p>scope: ${tokenData.scope}</p>
 <p>expires_in: ${tokenData.expires_in}s</p>
 <p>refresh_token: ${hasRefresh ? '✅ 已获取（30天有效，支持自动续期）' : '❌ 未返回（token 将在 2 小时后过期，需重新授权）'}</p>
-<p>已保存到 .env，可以关闭此页面。</p>`);
+<p>已保存到 MCP 配置文件，可以关闭此页面。</p>`);
 
       console.log('\n=== OAuth 授权成功 ===');
       console.log('scope:', tokenData.scope);
@@ -182,7 +148,7 @@ const server = http.createServer(async (req, res) => {
         console.log('   - 授权时 scope 中未包含 offline_access');
         console.log('   Token 将在 2 小时后过期，届时需要重新运行此脚本。');
       }
-      console.log('token 已保存到 .env');
+      console.log('token 已保存到 MCP 配置文件');
 
       setTimeout(() => { server.close(); process.exit(0); }, 1000);
     } catch (e) {
@@ -197,6 +163,16 @@ const server = http.createServer(async (req, res) => {
   res.end('Not found');
 });
 
+server.on('error', (e) => {
+  if (e.code === 'EADDRINUSE') {
+    console.error(`\nPort ${PORT} is already in use. Another OAuth process may be running.`);
+    console.error('Wait a minute and try again, or kill the process using the port.');
+  } else {
+    console.error('Server error:', e.message);
+  }
+  process.exit(1);
+});
+
 server.listen(PORT, '127.0.0.1', async () => {
   const authUrl = `https://accounts.feishu.cn/open-apis/authen/v1/authorize?client_id=${APP_ID}&redirect_uri=${encodeURIComponent(REDIRECT_URI)}&response_type=code&scope=${encodeURIComponent(SCOPES)}`;
 
@@ -226,7 +202,8 @@ server.listen(PORT, '127.0.0.1', async () => {
   console.log('授权 URL:', authUrl);
 
   try {
-    execSync(`open "${authUrl}"`);
+    const openCmd = process.platform === 'win32' ? 'start' : process.platform === 'darwin' ? 'open' : 'xdg-open';
+    execSync(`${openCmd} "${authUrl}"`);
   } catch {
     console.log('\n请手动在浏览器中打开上面的 URL');
   }

package/src/official.js

@@ -58,84 +58,31 @@ class LarkOfficialClient {
 
     this._uat = tokenData.access_token;
     this._uatRefresh = tokenData.refresh_token || this._uatRefresh;
-    this._uatExpires = Math.floor(Date.now() / 1000) + tokenData.expires_in;
+    const expiresIn = typeof tokenData.expires_in === 'number' && tokenData.expires_in > 0 ? tokenData.expires_in : 7200;
+    this._uatExpires = Math.floor(Date.now() / 1000) + expiresIn;
     this._persistUAT();
     console.error('[feishu-user-plugin] UAT refreshed successfully');
     return this._uat;
   }
 
   _persistUAT() {
-    const fs = require('fs');
-    const path = require('path');
-    const updates = {
+    // Lazy require to avoid circular dependency at module load time
+    const { persistToConfig } = require('./config');
+    persistToConfig({
       LARK_USER_ACCESS_TOKEN: this._uat,
       LARK_USER_REFRESH_TOKEN: this._uatRefresh,
       LARK_UAT_EXPIRES: String(this._uatExpires),
-    };
-
-    // Strategy 1: Update ~/.claude.json MCP config (works for npx users)
-    const claudeJsonPaths = [
-      path.join(process.env.HOME || '', '.claude.json'),
-      path.join(process.env.HOME || '', '.claude', '.claude.json'),
-    ];
-    for (const cjPath of claudeJsonPaths) {
-      try {
-        const raw = fs.readFileSync(cjPath, 'utf8');
-        const config = JSON.parse(raw);
-        const servers = config.mcpServers || {};
-        // Find our server entry by name
-        for (const name of ['feishu-user-plugin', 'feishu']) {
-          if (servers[name]?.env) {
-            Object.assign(servers[name].env, updates);
-            fs.writeFileSync(cjPath, JSON.stringify(config, null, 2) + '\n');
-            console.error('[feishu-user-plugin] UAT persisted to', cjPath);
-            return;
-          }
-        }
-      } catch {}
-    }
-
-    // Strategy 2: Update project .mcp.json
-    const mcpJsonPaths = [
-      path.join(process.cwd(), '.mcp.json'),
-    ];
-    for (const mjPath of mcpJsonPaths) {
-      try {
-        const raw = fs.readFileSync(mjPath, 'utf8');
-        const config = JSON.parse(raw);
-        const servers = config.mcpServers || config;
-        for (const name of ['feishu-user-plugin', 'feishu']) {
-          if (servers[name]?.env) {
-            Object.assign(servers[name].env, updates);
-            fs.writeFileSync(mjPath, JSON.stringify(config, null, 2) + '\n');
-            console.error('[feishu-user-plugin] UAT persisted to', mjPath);
-            return;
-          }
-        }
-      } catch {}
-    }
-
-    // Strategy 3: Fallback to .env in project root (for local dev)
-    const envPath = path.join(__dirname, '..', '.env');
-    try {
-      let env = '';
-      try { env = fs.readFileSync(envPath, 'utf8'); } catch {}
-      for (const [key, val] of Object.entries(updates)) {
-        const regex = new RegExp(`^${key}=.*$`, 'm');
-        if (regex.test(env)) env = env.replace(regex, `${key}=${val}`);
-        else env += `\n${key}=${val}`;
-      }
-      fs.writeFileSync(envPath, env.trim() + '\n');
-    } catch {}
+    });
   }
 
   // --- UAT-based IM operations (for P2P chats) ---
 
-  // Wrapper: call fn with UAT, retry once after refresh if auth fails (code 99991668/99991663)
+  // Wrapper: call fn with UAT, retry once after refresh if auth fails
   async _withUAT(fn) {
     let uat = await this._getValidUAT();
     const data = await fn(uat);
-    if (data.code === 99991668 || data.code === 99991663) {
+    // Known auth error codes: 99991668 (invalid), 99991663 (expired), 99991677 (auth_expired)
+    if (data.code === 99991668 || data.code === 99991663 || data.code === 99991677) {
       // Token invalid/expired — try refresh once
       uat = await this._refreshUAT();
       return fn(uat);
@@ -230,6 +177,36 @@ class LarkOfficialClient {
     return { messageId: res.data.message_id };
   }
 
+  // --- Upload ---
+
+  async uploadImage(imagePath, imageType = 'message') {
+    const fs = require('fs');
+    const res = await this._safeSDKCall(
+      () => this.client.im.image.create({
+        data: { image_type: imageType, image: fs.createReadStream(imagePath) },
+      }),
+      'uploadImage'
+    );
+    return { imageKey: res.data.image_key };
+  }
+
+  async uploadFile(filePath, fileType = 'stream', fileName) {
+    const fs = require('fs');
+    const path = require('path');
+    if (!fileName) fileName = path.basename(filePath);
+    const res = await this._safeSDKCall(
+      () => this.client.im.file.create({
+        data: {
+          file_type: fileType,
+          file_name: fileName,
+          file: fs.createReadStream(filePath),
+        },
+      }),
+      'uploadFile'
+    );
+    return { fileKey: res.data.file_key };
+  }
+
   // --- Docs ---
 
   async searchDocs(query, { pageSize = 10, pageToken } = {}) {
@@ -441,14 +418,14 @@ class LarkOfficialClient {
         unknownIds.add(item.senderId);
       }
     }
-    // Batch resolve via official contact API
-    for (const id of unknownIds) {
-      await this.getUserById(id);
+    // Parallel resolve via official contact API (instead of sequential N calls)
+    if (unknownIds.size > 0) {
+      await Promise.allSettled([...unknownIds].map(id => this.getUserById(id)));
     }
     // Fallback: resolve remaining unknowns via cookie-based user identity client
     if (userClient) {
       for (const id of unknownIds) {
-        if (!this._userNameCache.has(id) || !this._userNameCache.get(id)) {
+        if (!this._userNameCache.has(id)) {
           try {
             const name = await userClient.getUserName(id);
             if (name) this._userNameCache.set(id, name);

package/src/setup.js

@@ -1,67 +1,92 @@
 #!/usr/bin/env node
 /**
- * Interactive setup wizard for feishu-user-plugin
+ * Setup wizard for feishu-user-plugin
  *
- * Writes MCP config to ~/.claude.json (or .mcp.json) with credentials.
- * Does NOT require cloning the repo.
+ * Two modes:
+ *   Interactive:     npx feishu-user-plugin setup
+ *   Non-interactive: npx feishu-user-plugin setup --app-id xxx --app-secret yyy
+ *
+ * Writes MCP config to ~/.claude.json top-level mcpServers (global).
  */
 
-const fs = require('fs');
-const path = require('path');
 const readline = require('readline');
+const { findMcpConfig, writeNewConfig } = require('./config');
+
+// Parse CLI args: --app-id, --app-secret, --cookie
+function parseArgs() {
+  const args = {};
+  const argv = process.argv.slice(2);
+  for (let i = 0; i < argv.length; i++) {
+    if (argv[i] === '--app-id' && argv[i + 1]) args.appId = argv[++i];
+    else if (argv[i] === '--app-secret' && argv[i + 1]) args.appSecret = argv[++i];
+    else if (argv[i] === '--cookie' && argv[i + 1]) args.cookie = argv[++i];
+  }
+  return args;
+}
 
-const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
-const ask = (q) => new Promise(resolve => rl.question(q, resolve));
+async function main() {
+  const cliArgs = parseArgs();
+  const nonInteractive = !!(cliArgs.appId && cliArgs.appSecret);
 
-const CLAUDE_JSON_PATH = path.join(process.env.HOME || '', '.claude.json');
-const SERVER_NAME = 'feishu-user-plugin';
+  const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+  const ask = (q) => new Promise(resolve => rl.question(q, resolve));
 
-async function main() {
   console.log('='.repeat(60));
-  console.log('  feishu-user-plugin Setup Wizard');
+  console.log('  feishu-user-plugin Setup');
   console.log('='.repeat(60));
-  console.log('');
 
   // Check existing config
-  let config = {};
   let existingEnv = {};
-  try {
-    config = JSON.parse(fs.readFileSync(CLAUDE_JSON_PATH, 'utf8'));
-    const existing = config.mcpServers?.[SERVER_NAME]?.env || config.mcpServers?.feishu?.env;
-    if (existing) {
-      existingEnv = existing;
-      console.log('Found existing feishu-user-plugin config in ~/.claude.json');
-      const update = await ask('Update existing config? (Y/n): ');
+  const found = findMcpConfig();
+  if (found) {
+    existingEnv = found.serverEnv;
+    if (found.projectPath) {
+      console.log(`\nFound project-level config in ${found.configPath} (project: ${found.projectPath})`);
+      console.log('This setup will write to global config instead (recommended).');
+      console.log('You can remove the project-level entry later to avoid conflicts.');
+    } else {
+      console.log(`\nFound existing config in ${found.configPath}`);
+    }
+    if (!nonInteractive) {
+      const update = await ask('Update config? (Y/n): ');
       if (update.toLowerCase() === 'n') {
         console.log('Cancelled.');
         rl.close();
         return;
       }
     }
-  } catch {}
-
-  // Collect credentials
-  console.log('\n--- App Credentials ---');
-  console.log('Team members: press Enter to use the shared defaults.');
-  console.log('External users: get these from https://open.feishu.cn/app\n');
-
-  const defaultAppId = existingEnv.LARK_APP_ID || '';
-  const defaultAppSecret = existingEnv.LARK_APP_SECRET || '';
-
-  let appId = await ask(`LARK_APP_ID [${defaultAppId || 'required'}]: `);
-  appId = appId.trim() || defaultAppId;
-  if (!appId) {
-    console.error('Error: LARK_APP_ID is required.');
-    rl.close();
-    process.exit(1);
   }
 
-  let appSecret = await ask(`LARK_APP_SECRET [${defaultAppSecret ? '***' : 'required'}]: `);
-  appSecret = appSecret.trim() || defaultAppSecret;
-  if (!appSecret) {
-    console.error('Error: LARK_APP_SECRET is required.');
-    rl.close();
-    process.exit(1);
+  // Resolve App credentials
+  let appId, appSecret;
+
+  if (nonInteractive) {
+    // CLI args provided — no prompting
+    appId = cliArgs.appId;
+    appSecret = cliArgs.appSecret;
+    console.log(`\nApp ID: ${appId}`);
+    console.log('App Secret: ***');
+  } else {
+    // Interactive mode
+    console.log('\n--- App Credentials ---');
+    console.log('Get these from https://open.feishu.cn/app\n');
+
+    const defaultAppId = existingEnv.LARK_APP_ID || '';
+    const defaultAppSecret = existingEnv.LARK_APP_SECRET || '';
+
+    appId = (await ask(`LARK_APP_ID [${defaultAppId || 'required'}]: `)).trim() || defaultAppId;
+    if (!appId) {
+      console.error('Error: LARK_APP_ID is required.');
+      rl.close();
+      process.exit(1);
+    }
+
+    appSecret = (await ask(`LARK_APP_SECRET [${defaultAppSecret ? '***' : 'required'}]: `)).trim() || defaultAppSecret;
+    if (!appSecret) {
+      console.error('Error: LARK_APP_SECRET is required.');
+      rl.close();
+      process.exit(1);
+    }
   }
 
   // Validate app credentials
@@ -77,7 +102,6 @@ async function main() {
       console.log('App credentials: VALID');
     } else {
       console.error(`App credentials: INVALID — ${data.msg || JSON.stringify(data)}`);
-      console.error('Please check your LARK_APP_ID and LARK_APP_SECRET.');
       rl.close();
       process.exit(1);
     }
@@ -85,86 +109,57 @@ async function main() {
     console.warn(`Could not validate: ${e.message}. Continuing anyway.`);
   }
 
-  // Cookie
-  console.log('\n--- Cookie ---');
-  console.log('Get your cookie from feishu.cn (Network tab → first request → Cookie header).');
-  console.log('Or let Claude Code + Playwright extract it automatically after setup.\n');
-
-  const existingCookie = existingEnv.LARK_COOKIE;
-  const hasCookie = existingCookie && existingCookie !== 'PLACEHOLDER' && existingCookie.includes('session=');
-  if (hasCookie) {
-    console.log('Existing cookie found (has session token).');
-    const keepCookie = await ask('Keep existing cookie? (Y/n): ');
-    if (keepCookie.toLowerCase() === 'n') {
-      console.log('You can update it later or use Playwright extraction.');
-    }
+  // Resolve Cookie
+  let cookie;
+  if (cliArgs.cookie) {
+    cookie = cliArgs.cookie;
   } else {
-    console.log('No valid cookie found. You can add it later via:');
-    console.log('  1. Tell Claude Code: "帮我设置飞书 Cookie" (with Playwright MCP)');
-    console.log('  2. Manual: DevTools → Network → Cookie header → paste into config');
+    const existingCookie = existingEnv.LARK_COOKIE;
+    const hasCookie = existingCookie && existingCookie !== 'SETUP_NEEDED' && existingCookie.includes('session=');
+    if (hasCookie) {
+      cookie = existingCookie;
+      console.log('\nKeeping existing cookie (has session token).');
+    } else {
+      cookie = 'SETUP_NEEDED';
+      if (!nonInteractive) {
+        console.log('\n--- Cookie ---');
+        console.log('No valid cookie found. After setup:');
+        console.log('  Tell Claude Code: "帮我设置飞书 Cookie" (with Playwright MCP)');
+        console.log('  Or manually copy from DevTools → Network → Cookie header');
+      }
+    }
   }
 
-  const cookie = hasCookie ? existingCookie : 'SETUP_NEEDED';
-
-  // UAT
+  // Resolve UAT
   const existingUAT = existingEnv.LARK_USER_ACCESS_TOKEN;
   const existingRT = existingEnv.LARK_USER_REFRESH_TOKEN;
-  const hasUAT = existingUAT && existingUAT !== 'PLACEHOLDER' && existingUAT.length > 20;
-
-  if (!hasUAT) {
-    console.log('\n--- OAuth UAT ---');
-    console.log('UAT not configured. After setup, run:');
-    console.log('  npx feishu-user-plugin oauth');
-    console.log('This will open a browser for OAuth consent.');
-  }
+  const hasUAT = existingUAT && existingUAT !== 'SETUP_NEEDED' && existingUAT.length > 20;
 
   // Write config
   console.log('\n--- Writing Config ---');
 
-  if (!config.mcpServers) config.mcpServers = {};
-  config.mcpServers[SERVER_NAME] = {
-    command: 'npx',
-    args: ['-y', 'feishu-user-plugin'],
-    env: {
-      LARK_COOKIE: cookie,
-      LARK_APP_ID: appId,
-      LARK_APP_SECRET: appSecret,
-      LARK_USER_ACCESS_TOKEN: hasUAT ? existingUAT : 'SETUP_NEEDED',
-      LARK_USER_REFRESH_TOKEN: hasUAT ? (existingRT || '') : '',
-    },
+  const env = {
+    LARK_COOKIE: cookie,
+    LARK_APP_ID: appId,
+    LARK_APP_SECRET: appSecret,
+    LARK_USER_ACCESS_TOKEN: hasUAT ? existingUAT : 'SETUP_NEEDED',
+    LARK_USER_REFRESH_TOKEN: hasUAT ? (existingRT || '') : '',
   };
 
-  // Remove old 'feishu' entry if exists (consolidate)
-  if (config.mcpServers.feishu && config.mcpServers[SERVER_NAME]) {
-    delete config.mcpServers.feishu;
-  }
-
-  fs.writeFileSync(CLAUDE_JSON_PATH, JSON.stringify(config, null, 2) + '\n');
-  console.log(`Written to ${CLAUDE_JSON_PATH}`);
-
-  // Also write .env for oauth.js to use
-  const envPath = path.join(__dirname, '..', '.env');
-  const envContent = [
-    `LARK_APP_ID=${appId}`,
-    `LARK_APP_SECRET=${appSecret}`,
-    cookie !== 'SETUP_NEEDED' ? `LARK_COOKIE=${cookie}` : '',
-    hasUAT ? `LARK_USER_ACCESS_TOKEN=${existingUAT}` : '',
-    hasUAT && existingRT ? `LARK_USER_REFRESH_TOKEN=${existingRT}` : '',
-  ].filter(Boolean).join('\n') + '\n';
-  fs.writeFileSync(envPath, envContent);
+  const result = writeNewConfig(env);
+  console.log(`Written to ${result.configPath} (global)`);
 
   // Summary
   console.log('\n' + '='.repeat(60));
   console.log('  Setup Complete!');
   console.log('='.repeat(60));
-  console.log('');
 
   const todo = [];
   if (cookie === 'SETUP_NEEDED') todo.push('Get Cookie: tell Claude Code "帮我设置飞书 Cookie"');
   if (!hasUAT) todo.push('Get UAT: run "npx feishu-user-plugin oauth"');
   todo.push('Restart Claude Code');
 
-  console.log('Next steps:');
+  console.log('\nNext steps:');
   todo.forEach((t, i) => console.log(`  ${i + 1}. ${t}`));
   console.log('');
 
@@ -173,6 +168,5 @@ async function main() {
 
 main().catch(e => {
   console.error('Setup failed:', e.message);
-  rl.close();
   process.exit(1);
 });

package/src/test-comprehensive.js

@@ -274,7 +274,7 @@ async function testUAT() {
 }
 
 async function main() {
-  console.log('=== feishu-user-plugin v1.1.2 — Comprehensive Test ===\n');
+  console.log('=== feishu-user-plugin v1.1.3 — Comprehensive Test ===\n');
 
   await testUserIdentity();
   console.log('');