feishu-user-plugin 1.3.6 → 1.3.8

package/src/{client.js → clients/user.js}

@@ -1,6 +1,7 @@
 const path = require('path');
 const protobuf = require('protobufjs');
-const { generateRequestId, generateCid, parseCookie, formatCookie, fetchWithTimeout } = require('./utils');
+const { generateRequestId, generateCid, parseCookie, formatCookie, fetchWithTimeout } = require('../utils');
+const cookieHeartbeat = require('../auth/cookie');
 
 const GATEWAY_URL = 'https://internal-api-lark-api.feishu.cn/im/gateway/';
 const CSRF_URL = 'https://internal-api-lark-api.feishu.cn/accounts/csrf';
@@ -34,7 +35,10 @@ class LarkUserClient {
   }
 
   async init() {
-    this.proto = await protobuf.load(path.join(__dirname, '..', 'proto', 'lark.proto'));
+    // Path: clients/user.js → ../../proto/lark.proto. Phase A refactor moved
+    // the file from src/client.js to src/clients/user.js but didn't deepen the
+    // relative path, so cookie init would ENOENT. Fixed here as part of B2.
+    this.proto = await protobuf.load(path.join(__dirname, '..', '..', 'proto', 'lark.proto'));
     await this._getCsrfToken();
     await this._getUserInfo();
     if (!this.userId) {
@@ -83,24 +87,9 @@ class LarkUserClient {
   }
 
   // --- Cookie Heartbeat ---
-
-  _startHeartbeat() {
-    // Refresh CSRF token every 4 hours to keep session alive
-    // Feishu sl_session has 12h max-age; CSRF refresh also refreshes sl_session
-    this._heartbeatTimer = setInterval(async () => {
-      try {
-        await this._getCsrfToken();
-        // Lazy require to avoid circular dependency at module load time
-        const { persistToConfig } = require('./config');
-        persistToConfig({ LARK_COOKIE: this.cookieStr });
-        console.error('[feishu-user-plugin] Cookie heartbeat: session refreshed and persisted');
-      } catch (e) {
-        console.error('[feishu-user-plugin] Cookie heartbeat failed:', e.message);
-      }
-    }, 4 * 60 * 60 * 1000); // 4 hours
-    // Don't keep the process alive just for heartbeat
-    if (this._heartbeatTimer.unref) this._heartbeatTimer.unref();
-  }
+  // Body extracted to src/auth/cookie.js (v1.3.8 D.2). Timer state stays on
+  // this instance; auth/cookie.js mutates this._heartbeatTimer.
+  _startHeartbeat() { cookieHeartbeat.startHeartbeat(this); }
 
   async checkSession() {
     try {
@@ -195,7 +184,22 @@ class LarkUserClient {
     if (rootId) req.rootId = rootId;
     if (parentId) req.parentId = parentId;
     const { packet, ok } = await this._gateway(5, 'PutMessageRequest', req, '5.7.0');
-    return { success: ok && (packet.status === 0 || packet.status == null), status: packet.status };
+    if (!ok) {
+      // The cookie protobuf gateway returns HTTP 400 when our wire format is
+      // missing required fields. Verified for IMAGE (v1.3.7 testing): the
+      // simple {imageKey} content payload is rejected — Feishu Web encodes
+      // images with extra metadata (image dimensions, mime type, etc.) that
+      // we don't have in proto/lark.proto. v1.3.8 shipped the capture/decode
+      // tooling (scripts/decode-feishu-protobuf.js + capture-feishu-protobuf.js
+      // + docs/COOKIE-PROTOBUF-CAPTURES.md). Actual reverse-engineering moved
+      // to v1.3.9. Surface a clear error routing the user to
+      // send_message_as_bot, which works.
+      if (type === MsgType.IMAGE) {
+        throw new Error('send_image_as_user: Feishu cookie protobuf gateway rejected the IMAGE wire format (HTTP 400). User-identity image sends are not yet supported — wire format reverse-engineering is deferred to v1.3.9 (v1.3.8 shipped the capture/decode tooling at scripts/decode-feishu-protobuf.js). Workaround: use send_message_as_bot(chat_id, msg_type="image", payload={image_key:"..."}).');
+      }
+      throw new Error(`_sendMsg: cookie protobuf gateway returned non-2xx for type=${type}. The wire format likely doesn't match what Feishu expects.`);
+    }
+    return { success: true, status: packet.status };
   }
 
   // --- Send Text Message ---
@@ -275,18 +279,6 @@ class LarkUserClient {
     return this._sendMsg(MsgType.FILE, chatId, { fileKey, fileName }, opts);
   }
 
-  // --- Send Audio ---
-
-  async sendAudio(chatId, audioKey, opts = {}) {
-    return this._sendMsg(MsgType.AUDIO, chatId, { audioKey }, opts);
-  }
-
-  // --- Send Sticker ---
-
-  async sendSticker(chatId, stickerId, stickerSetId, opts = {}) {
-    return this._sendMsg(MsgType.STICKER, chatId, { stickerId, stickerSetId }, opts);
-  }
-
   // --- Send Rich Text / POST ---
 
   async sendPost(chatId, title, paragraphs, opts = {}) {

package/src/config.js

@@ -274,23 +274,23 @@ function persistToConfig(updates) {
  *   client: 'claude' (default) | 'codex' | 'both'
  * @returns {{ configPath: string, codexConfigPath?: string }}
  */
-function writeNewConfig(env, configPath, projectPath, client) {
+function writeNewConfig(env, configPath, projectPath, client, options = {}) {
   const results = {};
 
   // --- Claude Code (JSON) ---
   if (client !== 'codex') {
-    results.configPath = _writeClaudeConfig(env, configPath, projectPath);
+    results.configPath = _writeClaudeConfig(env, configPath, projectPath, options);
   }
 
   // --- Codex (TOML) ---
   if (client === 'codex' || client === 'both') {
-    results.codexConfigPath = _writeCodexConfig(env);
+    results.codexConfigPath = _writeCodexConfig(env, options);
   }
 
   return results;
 }
 
-function _writeClaudeConfig(env, configPath, projectPath) {
+function _writeClaudeConfig(env, configPath, projectPath, options = {}) {
   if (!configPath) {
     configPath = path.join(process.env.HOME || '', '.claude.json');
   }
@@ -312,7 +312,9 @@ function _writeClaudeConfig(env, configPath, projectPath) {
   const serverEntry = {
     command: 'npx',
     args: ['-y', 'feishu-user-plugin'],
-    env,
+    env: options.pointerOnly
+      ? { FEISHU_PLUGIN_PROFILE: env.FEISHU_PLUGIN_PROFILE || 'default' }
+      : env,
   };
 
   if (projectPath && config.projects?.[projectPath]) {
@@ -334,7 +336,7 @@ function _writeClaudeConfig(env, configPath, projectPath) {
   return configPath;
 }
 
-function _writeCodexConfig(env) {
+function _writeCodexConfig(env, options = {}) {
   const home = process.env.HOME || '';
   const codexDir = path.join(home, '.codex');
   const configPath = path.join(codexDir, 'config.toml');
@@ -352,8 +354,11 @@ function _writeCodexConfig(env) {
     content = _removeTomlServer(content, name);
   }
 
-  // Append new entry
-  content = content.trimEnd() + '\n\n' + _generateTomlServerEntry('feishu-user-plugin', env);
+  // Append new entry — pointer-only writes only FEISHU_PLUGIN_PROFILE
+  const envToWrite = options.pointerOnly
+    ? { FEISHU_PLUGIN_PROFILE: env.FEISHU_PLUGIN_PROFILE || 'default' }
+    : env;
+  content = content.trimEnd() + '\n\n' + _generateTomlServerEntry('feishu-user-plugin', envToWrite);
 
   _atomicWrite(configPath, content);
   console.error(`[feishu-user-plugin] Codex config written to ${configPath}`);

package/src/events/event-buffer.js

@@ -0,0 +1,100 @@
+// src/events/event-buffer.js — in-memory FIFO buffer for WS events.
+//
+// Single-consumer model: tools/events.js pulls events with `drain()`, which
+// removes them from the buffer. If multiple agents read concurrently they'll
+// see partial sets — explicitly NOT designed to fan out the same event to N
+// consumers, since the MCP server already serializes tool calls.
+//
+// What this owns:
+//   - _events: ordered list of events (oldest first)
+//   - cap: max retained; oldest dropped when full
+//   - push(event): append + trim
+//   - drain(filter?): remove and return matching events
+//   - peek(filter?): return matching events without removing
+//   - size, cap accessors
+
+const DEFAULT_CAP = 1000;
+
+class EventBuffer {
+  constructor({ cap = DEFAULT_CAP } = {}) {
+    this._events = [];
+    this._cap = Math.max(1, cap | 0);
+    this._totalSeen = 0;
+    this._totalDropped = 0;
+  }
+
+  push(event) {
+    if (!event || typeof event !== 'object') return;
+    if (!event._received_at) event._received_at = Math.floor(Date.now() / 1000);
+    this._events.push(event);
+    this._totalSeen++;
+    while (this._events.length > this._cap) {
+      this._events.shift();
+      this._totalDropped++;
+    }
+  }
+
+  drain(filter) {
+    if (!filter) {
+      const out = this._events;
+      this._events = [];
+      return out;
+    }
+    const fn = this._compileFilter(filter);
+    const kept = [];
+    const drained = [];
+    for (const e of this._events) {
+      if (fn(e)) drained.push(e);
+      else kept.push(e);
+    }
+    this._events = kept;
+    return drained;
+  }
+
+  peek(filter) {
+    if (!filter) return [...this._events];
+    const fn = this._compileFilter(filter);
+    return this._events.filter(fn);
+  }
+
+  size() { return this._events.length; }
+  cap() { return this._cap; }
+  stats() {
+    return {
+      size: this._events.length,
+      cap: this._cap,
+      totalSeen: this._totalSeen,
+      totalDropped: this._totalDropped,
+    };
+  }
+
+  // Filter language (intentionally narrow — extend on demand):
+  //   { event_type: "im.message.receive_v1" }       — exact match on type
+  //   { chat_id: "oc_zzz" }                         — extract from event payload
+  //   { since_seconds: 60 }                         — only events received in last N sec
+  //   { event_types: ["a", "b"] }                   — any of these types
+  // Multiple keys = AND.
+  _compileFilter(filter) {
+    return (e) => {
+      if (filter.event_type && e.event_type !== filter.event_type) return false;
+      if (filter.event_types && !filter.event_types.includes(e.event_type)) return false;
+      if (filter.chat_id) {
+        const chatId = this._extractChatId(e);
+        if (chatId !== filter.chat_id) return false;
+      }
+      if (filter.since_seconds) {
+        const cutoff = Math.floor(Date.now() / 1000) - filter.since_seconds;
+        if ((e._received_at || 0) < cutoff) return false;
+      }
+      return true;
+    };
+  }
+
+  _extractChatId(e) {
+    return e?.event?.message?.chat_id
+        || e?.event?.chat_id
+        || null;
+  }
+}
+
+module.exports = { EventBuffer, DEFAULT_CAP };

package/src/events/index.js

@@ -0,0 +1,5 @@
+// src/events/index.js — barrel import for the events subsystem.
+const { EventBuffer, DEFAULT_CAP } = require('./event-buffer');
+const { createWSServer } = require('./ws-server');
+
+module.exports = { EventBuffer, DEFAULT_CAP, createWSServer };

package/src/events/ws-server.js

@@ -0,0 +1,86 @@
+// src/events/ws-server.js — Feishu WebSocket subscription wrapper.
+//
+// Owns the WSClient + EventDispatcher pair. The MCP main() in server.js calls
+// startWS() at boot if APP_ID + APP_SECRET are configured; failures are
+// logged-and-tolerated (MCP keeps serving tool calls without realtime).
+//
+// What this owns:
+//   - createWSServer(opts) → { buffer, start(), stop() } factory
+//   - Default event registrations (im.message.receive_v1)
+//   - Reconnect via SDK's built-in handling (WSClient does this internally)
+//
+// What it does NOT own:
+//   - The buffer's persistence — it's in-memory only.
+//   - Multi-profile fan-out — single WS per process, per active profile.
+
+const lark = require('@larksuiteoapi/node-sdk');
+const { EventBuffer, DEFAULT_CAP } = require('./event-buffer');
+const { stderrLogger } = require('../logger');
+
+// Wrap an SDK event handler so the payload always lands in the buffer with
+// a stable shape. The SDK passes the raw event payload — we add metadata
+// for downstream filtering / display.
+function _bufferEventHandler(buffer, eventType) {
+  return async (data) => {
+    const event = {
+      event_type: eventType,
+      event_id: data?.event_id || data?.header?.event_id || null,
+      _received_at: Math.floor(Date.now() / 1000),
+      header: data?.header || null,
+      event: data?.event || data,
+    };
+    buffer.push(event);
+  };
+}
+
+function createWSServer({ appId, appSecret, bufferCap = DEFAULT_CAP, registrations = ['im.message.receive_v1'] } = {}) {
+  if (!appId || !appSecret) throw new Error('createWSServer: appId + appSecret required');
+
+  const buffer = new EventBuffer({ cap: bufferCap });
+  let wsClient = null;
+  let started = false;
+  let stopped = false;
+
+  const dispatcher = new lark.EventDispatcher({
+    logger: stderrLogger,
+    loggerLevel: lark.LoggerLevel.warn,
+  });
+
+  // Register handlers for each requested event type.
+  const handlers = {};
+  for (const t of registrations) {
+    handlers[t] = _bufferEventHandler(buffer, t);
+  }
+  dispatcher.register(handlers);
+
+  async function start() {
+    if (started) return;
+    started = true;
+    wsClient = new lark.WSClient({
+      appId, appSecret,
+      logger: stderrLogger,
+      loggerLevel: lark.LoggerLevel.warn,
+    });
+    try {
+      await wsClient.start({ eventDispatcher: dispatcher });
+      console.error(`[feishu-user-plugin] WS connected — listening for: ${registrations.join(', ')}`);
+    } catch (e) {
+      console.error(`[feishu-user-plugin] WS start failed: ${e.message}. Continuing without realtime events.`);
+      started = false;
+      wsClient = null;
+    }
+  }
+
+  function stop() {
+    if (stopped) return;
+    stopped = true;
+    if (wsClient) {
+      try { wsClient.close(); } catch (e) { console.error(`[feishu-user-plugin] WS close error: ${e.message}`); }
+      wsClient = null;
+    }
+  }
+
+  return { buffer, start, stop, get isRunning() { return started && !stopped; } };
+}
+
+module.exports = { createWSServer };