hyperclaw 5.2.7 → 5.2.9

package/dist/connector-UYu_TS0X.js

@@ -0,0 +1,204 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const chalk = require_chunk.__toESM(require("chalk"));
+const fs_extra = require_chunk.__toESM(require("fs-extra"));
+const path = require_chunk.__toESM(require("path"));
+const os = require_chunk.__toESM(require("os"));
+const ws = require_chunk.__toESM(require("ws"));
+const http = require_chunk.__toESM(require("http"));
+const https = require_chunk.__toESM(require("https"));
+const events = require_chunk.__toESM(require("events"));
+
+//#region extensions/bluebubbles/src/connector.ts
+const STATE_FILE = path.default.join(os.default.homedir(), ".hyperclaw", "bluebubbles-state.json");
+const MAX_CA_CERT_BYTES = 1024 * 1024;
+const ALLOWED_CA_CERT_EXTENSIONS = new Set([
+	".pem",
+	".crt",
+	".cer"
+]);
+function loadCaCert(caCertPath) {
+	if (!caCertPath) return void 0;
+	const resolved = path.default.resolve(caCertPath.replace(/^~/, os.default.homedir()));
+	const ext = path.default.extname(resolved).toLowerCase();
+	if (!ALLOWED_CA_CERT_EXTENSIONS.has(ext)) throw new Error(`Unsupported CA certificate file type: ${ext || "unknown"}`);
+	const certificate = fs_extra.default.readFileSync(resolved);
+	if (certificate.length === 0) throw new Error("CA certificate file is empty");
+	if (certificate.length > MAX_CA_CERT_BYTES) throw new Error(`CA certificate file exceeds ${MAX_CA_CERT_BYTES} bytes`);
+	return certificate;
+}
+function bbReq(serverUrl, password, method, endpoint, body, caCertPath) {
+	return new Promise((resolve, reject) => {
+		const url = new URL(`${serverUrl}/api/v1${endpoint}`);
+		url.searchParams.set("password", password);
+		const isHttps = url.protocol === "https:";
+		const mod = isHttps ? https.default : http.default;
+		const payload = body ? JSON.stringify(body) : null;
+		const ca = isHttps ? loadCaCert(caCertPath) : void 0;
+		const req = mod.request({
+			hostname: url.hostname,
+			port: url.port || (isHttps ? 443 : 1234),
+			path: url.pathname + url.search,
+			method,
+			headers: payload ? {
+				"Content-Type": "application/json",
+				"Content-Length": Buffer.byteLength(payload)
+			} : {},
+			...ca ? { ca } : {}
+		}, (res) => {
+			let data = "";
+			res.on("data", (c) => data += c);
+			res.on("end", () => {
+				try {
+					const r = JSON.parse(data);
+					if (r.status !== 200) reject(new Error(r.error?.message || "BB error"));
+					else resolve(r.data);
+				} catch {
+					reject(new Error("Invalid JSON"));
+				}
+			});
+		});
+		req.on("error", reject);
+		if (payload) req.write(payload);
+		req.end();
+	});
+}
+var BlueBubblesConnector = class extends events.EventEmitter {
+	config;
+	running = false;
+	ws = null;
+	lastMessageTs = 0;
+	insecureTlsWarned = false;
+	constructor(config) {
+		super();
+		this.config = {
+			dmPolicy: "allowlist",
+			allowFrom: [],
+			approvedPairings: [],
+			pendingPairings: {},
+			...config
+		};
+	}
+	async connect() {
+		if (this.config.allowInsecureSsl && !this.insecureTlsWarned) {
+			this.insecureTlsWarned = true;
+			console.log(chalk.default.yellow("  ⚠ BlueBubbles: allowInsecureSsl is ignored. Use HTTP locally or configure caCertPath for private HTTPS."));
+		}
+		const info = await bbReq(this.config.serverUrl, this.config.password, "GET", "/server/info", void 0, this.config.caCertPath);
+		await this.loadState();
+		this.running = true;
+		console.log(chalk.default.green(`  🦅 BlueBubbles (iMessage): ${info?.os_version || "macOS"} server connected`));
+		this.emit("connected", { serverInfo: info });
+		this.connectWebSocket();
+	}
+	connectWebSocket() {
+		const url = new URL(this.config.serverUrl);
+		const wsUrl = `${url.protocol === "https:" ? "wss" : "ws"}://${url.hostname}:${url.port || 1234}`;
+		const ca = url.protocol === "https:" ? loadCaCert(this.config.caCertPath) : void 0;
+		this.ws = new ws.WebSocket(`${wsUrl}?password=${encodeURIComponent(this.config.password)}`, { ...ca ? { ca } : {} });
+		this.ws.on("message", async (data) => {
+			try {
+				const event = JSON.parse(data.toString());
+				if (event.type === "new-message" || event.type === "updated-message") await this.handleMessage(event.data);
+			} catch {}
+		});
+		this.ws.on("close", () => {
+			if (this.running) setTimeout(() => this.connectWebSocket(), 5e3);
+		});
+		this.ws.on("error", () => {});
+		setInterval(() => {
+			if (this.ws?.readyState === ws.WebSocket.OPEN) this.ws.send(JSON.stringify({ type: "ping" }));
+		}, 3e4);
+	}
+	async handleMessage(msg) {
+		if (!msg || msg.isFromMe) return;
+		const text = msg.text;
+		const from = msg.handle?.address;
+		if (!text || !from) return;
+		const ts = msg.dateCreated || 0;
+		if (ts <= this.lastMessageTs) return;
+		this.lastMessageTs = ts;
+		await this.saveState();
+		const allowed = await this.checkDMPolicy(from, text);
+		if (!allowed) return;
+		this.emit("message", {
+			id: msg.guid,
+			channelId: "bluebubbles",
+			from,
+			chatId: msg.chats?.[0]?.guid || from,
+			text,
+			timestamp: new Date(ts).toISOString(),
+			isDM: !msg.isGroup
+		});
+	}
+	async checkDMPolicy(from, text) {
+		if (this.config.dmPolicy === "none") return false;
+		if (this.config.dmPolicy === "open") return true;
+		if (this.config.dmPolicy === "allowlist") {
+			if (this.config.allowFrom.includes(from)) return true;
+			await this.sendMessage(from, "🦅 HyperClaw: Not on allowlist.");
+			return false;
+		}
+		if (this.config.dmPolicy === "pairing") {
+			if (this.config.approvedPairings.includes(from)) return true;
+			const upper = text.trim().toUpperCase();
+			if (this.config.pendingPairings[upper]) {
+				this.config.approvedPairings.push(from);
+				delete this.config.pendingPairings[upper];
+				await this.saveState();
+				await this.sendMessage(from, "🦅 Paired!");
+				this.emit("pairing:approved", {
+					userId: from,
+					channelId: "bluebubbles"
+				});
+				return true;
+			}
+			const code = Array.from({ length: 6 }, () => "ABCDEFGHJKLMNPQRSTUVWXYZ23456789"[Math.floor(Math.random() * 32)]).join("");
+			this.config.pendingPairings[code] = from;
+			await this.saveState();
+			await this.sendMessage(from, `🦅 Pairing code: ${code}\nApprove: hyperclaw pairing approve bluebubbles ${code}`);
+			return false;
+		}
+		return false;
+	}
+	async sendMessage(address, text) {
+		await bbReq(this.config.serverUrl, this.config.password, "POST", "/message/text", {
+			chatGuid: `iMessage;-;${address}`,
+			message: text.slice(0, 65536),
+			method: "apple-script"
+		}, this.config.caCertPath);
+	}
+	disconnect() {
+		this.running = false;
+		this.ws?.close();
+	}
+	approvePairing(code) {
+		const upper = code.toUpperCase();
+		if (!this.config.pendingPairings[upper]) return false;
+		this.config.approvedPairings.push(this.config.pendingPairings[upper]);
+		delete this.config.pendingPairings[upper];
+		this.saveState();
+		return true;
+	}
+	async loadState() {
+		try {
+			const s = await fs_extra.default.readJson(STATE_FILE);
+			this.lastMessageTs = s.lastTs || 0;
+			if (s.p) this.config.pendingPairings = s.p;
+			if (s.a) this.config.approvedPairings = s.a;
+		} catch {}
+	}
+	async saveState() {
+		await fs_extra.default.ensureDir(path.default.dirname(STATE_FILE));
+		await fs_extra.default.writeJson(STATE_FILE, {
+			lastTs: this.lastMessageTs,
+			p: this.config.pendingPairings,
+			a: this.config.approvedPairings
+		}, { spaces: 2 });
+	}
+	isRunning() {
+		return this.running;
+	}
+};
+
+//#endregion
+exports.BlueBubblesConnector = BlueBubblesConnector;

package/dist/connector-cCA5ffmp.js

@@ -0,0 +1,340 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const chalk = require_chunk.__toESM(require("chalk"));
+const fs_extra = require_chunk.__toESM(require("fs-extra"));
+const path = require_chunk.__toESM(require("path"));
+const os = require_chunk.__toESM(require("os"));
+const crypto = require_chunk.__toESM(require("crypto"));
+const http = require_chunk.__toESM(require("http"));
+const https = require_chunk.__toESM(require("https"));
+const events = require_chunk.__toESM(require("events"));
+
+//#region extensions/nextcloud/src/connector.ts
+const STATE_FILE = path.default.join(os.default.homedir(), ".hyperclaw", "nextcloud-talk-state.json");
+const DEFAULT_PORT = 8788;
+const DEFAULT_HOST = "0.0.0.0";
+const DEFAULT_PATH = "/nextcloud-talk-webhook";
+const DEFAULT_CHUNK = 32e3;
+function ocsReq(baseUrl, user, password, method, apiPath, body) {
+	return new Promise((resolve, reject) => {
+		const url = new URL(`${baseUrl}/ocs/v2.php/apps/spreed/api/v4${apiPath}`);
+		const isHttps = url.protocol === "https:";
+		const mod = isHttps ? https.default : http.default;
+		const auth = Buffer.from(`${user}:${password}`).toString("base64");
+		const payload = body ? JSON.stringify(body) : null;
+		const req = mod.request({
+			hostname: url.hostname,
+			port: url.port || (isHttps ? 443 : 80),
+			path: url.pathname + url.search,
+			method,
+			headers: {
+				Authorization: `Basic ${auth}`,
+				"OCS-APIRequest": "true",
+				Accept: "application/json",
+				...payload ? {
+					"Content-Type": "application/json",
+					"Content-Length": Buffer.byteLength(payload)
+				} : {}
+			}
+		}, (res) => {
+			let data = "";
+			res.on("data", (c) => data += c);
+			res.on("end", () => {
+				try {
+					const parsed = JSON.parse(data);
+					const ocs = parsed?.ocs;
+					if (ocs?.meta?.statuscode >= 400) reject(new Error(ocs.meta.message || "OCS error"));
+					else resolve(ocs?.data ?? parsed);
+				} catch {
+					reject(new Error("Nextcloud: invalid JSON"));
+				}
+			});
+		});
+		req.on("error", reject);
+		if (payload) req.write(payload);
+		req.end();
+	});
+}
+/** Send a message via the Talk bot API (X-Nextcloud-Talk-Bot-Secret auth). */
+function botSend(baseUrl, secret, token, message, referenceId) {
+	return new Promise((resolve, reject) => {
+		const url = new URL(`${baseUrl}/ocs/v2.php/apps/spreed/api/v1/bot/${token}/message`);
+		const isHttps = url.protocol === "https:";
+		const mod = isHttps ? https.default : http.default;
+		const payload = JSON.stringify({
+			message,
+			referenceId: referenceId || crypto.default.randomBytes(8).toString("hex")
+		});
+		const req = mod.request({
+			hostname: url.hostname,
+			port: url.port || (isHttps ? 443 : 80),
+			path: url.pathname,
+			method: "POST",
+			headers: {
+				"X-Nextcloud-Talk-Bot-Secret": secret,
+				"OCS-APIRequest": "true",
+				"Content-Type": "application/json",
+				"Content-Length": Buffer.byteLength(payload)
+			}
+		}, (res) => {
+			let data = "";
+			res.on("data", (c) => data += c);
+			res.on("end", () => {
+				try {
+					resolve(JSON.parse(data));
+				} catch {
+					resolve({});
+				}
+			});
+		});
+		req.on("error", reject);
+		req.write(payload);
+		req.end();
+	});
+}
+function chunkText(text, limit, mode) {
+	if (mode === "newline") {
+		const paras = text.split(/\n\n+/);
+		const chunks$1 = [];
+		let cur = "";
+		for (const p of paras) if ((cur + "\n\n" + p).length > limit && cur) {
+			chunks$1.push(cur.trim());
+			cur = p;
+		} else cur = cur ? cur + "\n\n" + p : p;
+		if (cur) chunks$1.push(cur.trim());
+		return chunks$1.filter(Boolean);
+	}
+	const chunks = [];
+	for (let i = 0; i < text.length; i += limit) chunks.push(text.slice(i, i + limit));
+	return chunks.length ? chunks : [""];
+}
+var NextcloudTalkConnector = class extends events.EventEmitter {
+	config;
+	server = null;
+	running = false;
+	resolvedSecret = "";
+	resolvedApiPassword = "";
+	/** Cache: room token → isDM (room.type === 1) */
+	roomTypeCache = /* @__PURE__ */ new Map();
+	constructor(config) {
+		super();
+		this.config = {
+			dmPolicy: "pairing",
+			allowFrom: [],
+			groupPolicy: "allowlist",
+			groupAllowFrom: [],
+			rooms: {},
+			approvedPairings: [],
+			pendingPairings: {},
+			...config
+		};
+	}
+	async resolveCredentials() {
+		this.resolvedSecret = this.config.botSecret || (this.config.botSecretFile ? (await fs_extra.default.readFile(this.config.botSecretFile, "utf8")).trim() : "");
+		if (!this.resolvedSecret) throw new Error("nextcloud-talk: botSecret or botSecretFile is required");
+		this.resolvedApiPassword = this.config.apiPassword || (this.config.apiPasswordFile ? (await fs_extra.default.readFile(this.config.apiPasswordFile, "utf8")).trim() : "");
+	}
+	async connect() {
+		await this.resolveCredentials();
+		await this.loadState();
+		this.running = true;
+		await this.startWebhookServer();
+		const port = this.config.webhookPort ?? DEFAULT_PORT;
+		const wPath = this.config.webhookPath ?? DEFAULT_PATH;
+		const publicUrl = this.config.webhookPublicUrl || `http://localhost:${port}${wPath}`;
+		console.log(chalk.default.green(`  ☁️  Nextcloud Talk: webhook listening at ${publicUrl}`));
+		this.emit("connected", { webhookUrl: publicUrl });
+	}
+	disconnect() {
+		this.running = false;
+		this.server?.close();
+		this.server = null;
+	}
+	startWebhookServer() {
+		return new Promise((resolve, reject) => {
+			this.server = http.default.createServer((req, res) => {
+				const wPath = this.config.webhookPath ?? DEFAULT_PATH;
+				if (req.url !== wPath || req.method !== "POST") {
+					res.writeHead(404);
+					res.end();
+					return;
+				}
+				let body = "";
+				req.on("data", (c) => body += c.toString());
+				req.on("end", () => {
+					const random = req.headers["x-nextcloud-talk-random"];
+					const sig = req.headers["x-nextcloud-talk-signature"];
+					if (!this.verifySignature(random || "", body, sig || "")) {
+						console.log(chalk.default.yellow("  ⚠  Nextcloud Talk: invalid webhook signature"));
+						res.writeHead(401);
+						res.end();
+						return;
+					}
+					res.writeHead(200);
+					res.end();
+					this.handlePayload(body).catch((e) => console.error(`[nextcloud-talk] handler error: ${e.message}`));
+				});
+			});
+			const port = this.config.webhookPort ?? DEFAULT_PORT;
+			const host = this.config.webhookHost ?? DEFAULT_HOST;
+			this.server.listen(port, host, () => resolve());
+			this.server.on("error", reject);
+		});
+	}
+	verifySignature(random, body, signature) {
+		if (!this.resolvedSecret) return false;
+		const expected = crypto.default.createHmac("sha256", this.resolvedSecret).update(random + body).digest("hex");
+		try {
+			return crypto.default.timingSafeEqual(Buffer.from(signature.toLowerCase()), Buffer.from(expected.toLowerCase()));
+		} catch {
+			return false;
+		}
+	}
+	async handlePayload(raw) {
+		let payload;
+		try {
+			payload = JSON.parse(raw);
+		} catch {
+			return;
+		}
+		const objectType = payload?.object?.type || "";
+		const actorId = payload?.actor?.id || "";
+		const actorName = payload?.actor?.name || actorId;
+		const token = payload?.target?.id || "";
+		if (!token || !actorId) return;
+		switch (objectType) {
+			case "chat-message": {
+				const msgContent = payload.object?.content;
+				const text = (typeof msgContent === "object" ? msgContent?.message : msgContent) || payload.object?.name || "";
+				if (!text) return;
+				await this.routeMessage(token, actorId, actorName, text);
+				break;
+			}
+			case "reaction": {
+				const emoji = payload.object?.name || payload.object?.content || "";
+				const reactedId = String(payload.object?.id || "");
+				if (!emoji) return;
+				const text = `[reaction:${emoji}:${reactedId}]`;
+				await this.routeMessage(token, actorId, actorName, text);
+				break;
+			}
+			default: break;
+		}
+	}
+	async routeMessage(token, userId, displayName, text) {
+		const isDM = await this.detectDM(token);
+		if (isDM) {
+			const allowed = await this.checkDMPolicy(userId, text, token);
+			if (!allowed) return;
+		} else if (!this.checkGroupPolicy(token, userId, text)) return;
+		this.emit("message", {
+			channelId: "nextcloud-talk",
+			chatId: token,
+			from: userId,
+			displayName,
+			text,
+			isDM
+		});
+	}
+	/** Look up whether a room token is a DM (type=1). Caches results. */
+	async detectDM(token) {
+		if (this.roomTypeCache.has(token)) return this.roomTypeCache.get(token);
+		if (!this.config.apiUser || !this.resolvedApiPassword) {
+			this.roomTypeCache.set(token, false);
+			return false;
+		}
+		try {
+			const room = await ocsReq(this.config.baseUrl, this.config.apiUser, this.resolvedApiPassword, "GET", `/room/${token}`);
+			const isDM = room?.type === 1;
+			this.roomTypeCache.set(token, isDM);
+			return isDM;
+		} catch {
+			this.roomTypeCache.set(token, false);
+			return false;
+		}
+	}
+	async checkDMPolicy(userId, text, token) {
+		switch (this.config.dmPolicy) {
+			case "disabled": return false;
+			case "open": return true;
+			case "allowlist":
+				if (this.config.allowFrom.includes(userId) || this.config.allowFrom.includes("*")) return true;
+				await this.sendMessage(token, "HyperClaw: Not on allowlist.");
+				return false;
+			case "pairing": {
+				if (this.config.approvedPairings.includes(userId)) return true;
+				const upper = text.trim().toUpperCase().match(/[A-Z0-9]{6}/)?.[0];
+				if (upper && this.config.pendingPairings[upper]) {
+					this.config.approvedPairings.push(userId);
+					delete this.config.pendingPairings[upper];
+					await this.saveState();
+					await this.sendMessage(token, "Paired!");
+					this.emit("pairing:approved", {
+						userId,
+						channelId: "nextcloud-talk"
+					});
+					return true;
+				}
+				const code = Array.from({ length: 6 }, () => "ABCDEFGHJKLMNPQRSTUVWXYZ23456789"[Math.floor(Math.random() * 32)]).join("");
+				this.config.pendingPairings[code] = userId;
+				await this.saveState();
+				await this.sendMessage(token, `Pairing code: ${code}\nApprove: hyperclaw pairing approve nextcloud-talk ${code}`);
+				return false;
+			}
+		}
+		return false;
+	}
+	checkGroupPolicy(token, userId, text) {
+		const policy = this.config.groupPolicy;
+		if (policy === "disabled") return false;
+		const roomCfg = this.config.rooms[token];
+		if (policy === "open") {
+			if (roomCfg?.allowFrom?.length && !roomCfg.allowFrom.includes(userId)) return false;
+			const global$1 = this.config.groupAllowFrom;
+			if (global$1.length && !global$1.includes(userId)) return false;
+			return true;
+		}
+		if (!roomCfg) return false;
+		const global = this.config.groupAllowFrom;
+		if (global.length && !global.includes(userId)) return false;
+		if (roomCfg.allowFrom?.length && !roomCfg.allowFrom.includes(userId)) return false;
+		if (roomCfg.requireMention !== false) {
+			if (!text.includes("@HyperClaw") && !text.startsWith("!")) return false;
+		}
+		return true;
+	}
+	async sendMessage(token, text) {
+		const limit = this.config.textChunkLimit ?? DEFAULT_CHUNK;
+		const mode = this.config.chunkMode ?? "length";
+		const chunks = chunkText(text, limit, mode);
+		for (const chunk of chunks) if (this.config.apiUser && this.resolvedApiPassword) await ocsReq(this.config.baseUrl, this.config.apiUser, this.resolvedApiPassword, "POST", `/chat/${token}`, { message: chunk });
+		else await botSend(this.config.baseUrl, this.resolvedSecret, token, chunk);
+	}
+	approvePairing(code) {
+		const upper = code.toUpperCase();
+		if (!this.config.pendingPairings[upper]) return false;
+		this.config.approvedPairings.push(this.config.pendingPairings[upper]);
+		delete this.config.pendingPairings[upper];
+		this.saveState();
+		return true;
+	}
+	async loadState() {
+		try {
+			const s = await fs_extra.default.readJson(STATE_FILE);
+			if (s.p) this.config.pendingPairings = s.p;
+			if (s.a) this.config.approvedPairings = s.a;
+		} catch {}
+	}
+	async saveState() {
+		await fs_extra.default.ensureDir(path.default.dirname(STATE_FILE));
+		await fs_extra.default.writeJson(STATE_FILE, {
+			p: this.config.pendingPairings,
+			a: this.config.approvedPairings
+		}, { spaces: 2 });
+	}
+	isRunning() {
+		return this.running;
+	}
+};
+
+//#endregion
+exports.NextcloudTalkConnector = NextcloudTalkConnector;