lazyclaw 3.99.28 → 4.2.1

package/channels/slack.mjs

@@ -0,0 +1,465 @@
+// Slack channel adapter.
+//
+// Reads three secrets from the environment ONLY (never from goal files,
+// never logged):
+//   SLACK_BOT_TOKEN       xoxb-… — used to call chat.postMessage etc.
+//   SLACK_APP_TOKEN       xapp-… — required for Socket Mode (inbound)
+//   SLACK_SIGNING_SECRET  …      — used to verify webhook payloads when
+//                                  we add Events API mode (not yet)
+//
+// Outbound (`send(threadId, text)`) only needs the bot token. Inbound
+// arrives via Socket Mode — `_connectSocketMode()` opens a WebSocket to
+// Slack's gateway (negotiated by `apps.connections.open`) and dispatches
+// every `events_api` envelope through `_simulateInbound(text, threadId)`.
+// `start()` only validates env so unit tests can drive `_simulateInbound`
+// directly without bringing up a WebSocket; the CLI's `slack listen`
+// subcommand calls `_connectSocketMode()` explicitly after `start()`.
+//
+// SLACK_API_BASE (test-only) overrides the Slack Web API base URL so the
+// Phase 8 spec can point the adapter at a local mock HTTP server.
+
+import { Channel, ChannelGated } from './base.mjs';
+
+const DEFAULT_API_BASE = 'https://slack.com/api';
+
+export class SlackError extends Error {
+  constructor(message, code, missing) {
+    super(message);
+    this.name = 'SlackError';
+    this.code = code || 'SLACK_ERR';
+    if (Array.isArray(missing)) this.missing = missing;
+  }
+}
+
+// Decide whether a Socket Mode event should drive a handler call.
+// Pulled out of dispatchEvent so we can unit-test the filter without
+// standing up a WebSocket. Returns false (= skip) for:
+//   - non-objects / null
+//   - the bot's own message in any of the four wire shapes Slack uses
+//     (legacy bot_id, legacy bot_message subtype, modern bot_profile.id,
+//     or the message.user field matching our cached auth.test user_id —
+//     this last one is the chat:write.customize trap that caused the
+//     v4.2.0 listener-loop)
+//   - non-message-shaped events (we only handle `message` and
+//     `app_mention`)
+//   - empty / whitespace-only text bodies (defense in depth so a
+//     stray blocks-only post can't loop us back into "(empty message)"
+//     fallback)
+export function shouldDispatchEvent(event, { selfUserId = null, selfBotId = null } = {}) {
+  if (!event || typeof event !== 'object') return false;
+  if (event.bot_id || event.subtype === 'bot_message') return false;
+  if (selfUserId && event.user === selfUserId) return false;
+  if (selfBotId && event.bot_id === selfBotId) return false;
+  if (selfBotId && event.bot_profile && event.bot_profile.id === selfBotId) return false;
+  if (event.type !== 'app_mention' && event.type !== 'message') return false;
+  const text = typeof event.text === 'string' ? event.text : '';
+  if (text.trim() === '') return false;
+  return true;
+}
+
+export function readSlackEnv(env = process.env) {
+  const out = {
+    botToken: env.SLACK_BOT_TOKEN || null,
+    appToken: env.SLACK_APP_TOKEN || null,
+    signingSecret: env.SLACK_SIGNING_SECRET || null,
+    apiBase: env.SLACK_API_BASE || DEFAULT_API_BASE,
+  };
+  return out;
+}
+
+function validateEnv(env, { requireInbound = false } = {}) {
+  const missing = [];
+  if (!env.botToken) missing.push('SLACK_BOT_TOKEN');
+  else if (!env.botToken.startsWith('xoxb-')) {
+    throw new SlackError('SLACK_BOT_TOKEN must start with "xoxb-"', 'SLACK_BAD_TOKEN', ['SLACK_BOT_TOKEN']);
+  }
+  if (requireInbound) {
+    if (!env.appToken) missing.push('SLACK_APP_TOKEN');
+    else if (!env.appToken.startsWith('xapp-')) {
+      throw new SlackError('SLACK_APP_TOKEN must start with "xapp-"', 'SLACK_BAD_TOKEN', ['SLACK_APP_TOKEN']);
+    }
+    if (!env.signingSecret) missing.push('SLACK_SIGNING_SECRET');
+  }
+  if (missing.length) {
+    throw new SlackError(`missing Slack env vars: ${missing.join(', ')}`, 'SLACK_MISSING_ENV', missing);
+  }
+}
+
+export class SlackChannel extends Channel {
+  constructor(opts = {}) {
+    super('slack');
+    this._env = { ...readSlackEnv(), ...opts };
+    this._requireInbound = opts.requireInbound !== false; // default true
+    this._socketHandle = null; // populated when Socket Mode connects
+  }
+
+  async start(handler, opts = {}) {
+    // Validate up-front so a missing-token daemon fails loudly at boot
+    // (the Phase 8 spec test asserts this).
+    validateEnv(this._env, { requireInbound: this._requireInbound });
+    await super.start(handler, opts);
+    // Socket Mode connect is intentionally deferred — we keep the
+    // adapter pure for the test surface; the production wiring imports
+    // @slack/socket-mode or implements the WS handshake directly and
+    // funnels every inbound event through _simulateInbound.
+    return this;
+  }
+
+  // Called by Socket Mode wiring (or tests) for every inbound message
+  // routed to this app. The handler returns the bot's reply; the
+  // adapter posts it back to Slack in the same thread. A null /
+  // empty-string reply skips the send entirely (Phase 19.2) so a
+  // handler that decided to stay silent — e.g. the listener dropping
+  // an empty-after-mention-strip inbound — doesn't leak a "(empty
+  // reply)" placeholder into the channel.
+  async _simulateInbound(text, threadId) {
+    let reply;
+    try {
+      reply = await this._processInbound({ threadId, text, gateInput: {} });
+    } catch (err) {
+      if (err instanceof ChannelGated || err?.code === 'CHANNEL_GATED') {
+        await this.send(threadId, `(gated: ${err.message})`);
+        return;
+      }
+      await this.send(threadId, `(error: ${err?.message || err})`);
+      return;
+    }
+    if (reply == null || (typeof reply === 'string' && reply.trim() === '')) return;
+    await this.send(threadId, reply);
+  }
+
+  // Translate a target spec like `slack:#deploys` or `slack:U012345` into
+  // a Slack `channel` string. Threads are addressed by a `threadId` of
+  // shape `<channel>:<thread_ts>` or plain channel/user id.
+  //
+  // opts (Phase 16):
+  //   username: string  — overrides the bot's display name for this
+  //                       single message (requires chat:write.customize
+  //                       scope on the bot token). Silently no-op when
+  //                       the scope is missing.
+  //   icon_emoji: string — e.g. ":rocket:" — same scope.
+  async send(threadId, text, opts = {}) {
+    if (!this._env.botToken) throw new SlackError('cannot send without SLACK_BOT_TOKEN', 'SLACK_NO_TOKEN');
+    let channel = threadId, thread_ts;
+    if (typeof threadId === 'string' && threadId.includes(':')) {
+      const ix = threadId.indexOf(':');
+      // Allow the test-style "slack:#chan" prefix to flow through.
+      if (threadId.slice(0, ix) === 'slack') {
+        channel = threadId.slice(ix + 1);
+      } else {
+        channel = threadId.slice(0, ix);
+        thread_ts = threadId.slice(ix + 1);
+      }
+    }
+    const url = `${this._env.apiBase.replace(/\/$/, '')}/chat.postMessage`;
+    const body = {
+      channel,
+      text: String(text),
+      ...(thread_ts ? { thread_ts } : {}),
+      ...(opts && opts.username ? { username: String(opts.username) } : {}),
+      ...(opts && opts.icon_emoji ? { icon_emoji: String(opts.icon_emoji) } : {}),
+    };
+    const res = await fetch(url, {
+      method: 'POST',
+      headers: {
+        'Authorization': `Bearer ${this._env.botToken}`,
+        'Content-Type': 'application/json; charset=utf-8',
+      },
+      body: JSON.stringify(body),
+    });
+    if (!res.ok) {
+      throw new SlackError(`slack send failed: HTTP ${res.status}`, 'SLACK_HTTP_FAIL');
+    }
+    const json = await res.json().catch(() => ({}));
+    if (!json.ok) {
+      throw new SlackError(`slack send failed: ${json.error || 'unknown'}`, 'SLACK_API_FAIL');
+    }
+    return json;
+  }
+
+  // Open a Socket Mode WebSocket and route every inbound event through
+  // `_simulateInbound`. Returns when the listener is connected; the
+  // returned object exposes `.close()` for graceful shutdown.
+  //
+  // opts.logger?: (line: string) => void — diagnostic sink (stderr in
+  //   the CLI, no-op in tests).
+  // opts.maxReconnects?: number — cap reconnect attempts (default ∞).
+  async _connectSocketMode({ logger = () => {}, maxReconnects = Infinity } = {}) {
+    validateEnv(this._env, { requireInbound: true });
+    if (typeof globalThis.WebSocket !== 'function') {
+      throw new SlackError(
+        'global WebSocket is not available — Node 22+ required for Socket Mode',
+        'SLACK_NO_WS'
+      );
+    }
+    const apiBase = this._env.apiBase.replace(/\/$/, '');
+    const appToken = this._env.appToken;
+    const seenEnvelopes = new Set();
+    let closed = false;
+    let ws = null;
+    let attempts = 0;
+
+    const openConnection = async () => {
+      const url = `${apiBase}/apps.connections.open`;
+      const res = await fetch(url, {
+        method: 'POST',
+        headers: {
+          'Authorization': `Bearer ${appToken}`,
+          'Content-Type': 'application/x-www-form-urlencoded',
+        },
+      });
+      if (!res.ok) {
+        throw new SlackError(`apps.connections.open HTTP ${res.status}`, 'SLACK_OPEN_HTTP');
+      }
+      const json = await res.json().catch(() => ({}));
+      if (!json.ok || !json.url) {
+        throw new SlackError(`apps.connections.open failed: ${json.error || 'no url'}`, 'SLACK_OPEN_FAIL');
+      }
+      return json.url;
+    };
+
+    // Resolve our own identity so dispatchEvent can refuse loops where
+    // the router posted a message with chat:write.customize (Slack
+    // strips bot_id / subtype from those events, so the original
+    // filter missed them and we replied to ourselves). Best-effort —
+    // a failed auth.test leaves the filter relying on the legacy
+    // bot_id / subtype check; better than refusing to start.
+    let selfUserId = null;
+    let selfBotId = null;
+    try {
+      const authUrl = `${apiBase}/auth.test`;
+      const r = await fetch(authUrl, {
+        method: 'POST',
+        headers: {
+          'Authorization': `Bearer ${this._env.botToken}`,
+          'Content-Type': 'application/x-www-form-urlencoded',
+        },
+      });
+      if (r.ok) {
+        const j = await r.json().catch(() => ({}));
+        if (j && j.ok) {
+          selfUserId = j.user_id || null;
+          selfBotId = j.bot_id || null;
+          logger(`[slack] auth.test OK — self user=${selfUserId} bot=${selfBotId}\n`);
+        }
+      }
+    } catch (err) {
+      logger(`[slack] auth.test failed: ${err?.message || err}\n`);
+    }
+    this._selfUserId = selfUserId;
+    this._selfBotId = selfBotId;
+
+    // (channel, ts) dedupe — a single user message can fire both
+    // `message` and `app_mention` events in the same channel. Both
+    // arrive as separate Socket Mode envelopes (different envelope_id),
+    // so the envelope_id-level dedupe upstream doesn't catch them. We
+    // claim the pair on first dispatch and reject the second.
+    const seenMessages = new Map();  // key → expiresAt(ms)
+    const MSG_TTL_MS = 60_000;
+    const claimMessage = (channel, ts) => {
+      const key = `${channel}:${ts}`;
+      const now = Date.now();
+      // Sweep expired entries opportunistically so the map doesn't grow
+      // unbounded over a long-running session.
+      if (seenMessages.size > 256) {
+        for (const [k, exp] of seenMessages) if (exp < now) seenMessages.delete(k);
+      }
+      const exp = seenMessages.get(key);
+      if (exp && exp >= now) return false;
+      seenMessages.set(key, now + MSG_TTL_MS);
+      return true;
+    };
+
+    const dispatchEvent = async (event) => {
+      if (!shouldDispatchEvent(event, { selfUserId: this._selfUserId, selfBotId: this._selfBotId })) {
+        // shouldDispatchEvent already encodes the "skip the bot's own
+        // chat:write.customize message" trap that caused the v4.2.0
+        // listener loop. Bail before the reaction / handler call.
+        if (event && (event.type === 'message' || event.type === 'app_mention')) {
+          logger(`[slack] skipping ${event.type} from ${event.channel || '?'}:${event.ts || '?'}\n`);
+        }
+        return;
+      }
+      // For DMs (`im`) channel_type is 'im'; for channel mentions we only
+      // get app_mention events. Either way we have channel + ts.
+      const text = typeof event.text === 'string' ? event.text : '';
+      const channel = event.channel;
+      const sourceTs = event.ts;                       // the message we react to
+      const replyTs = event.thread_ts || event.ts;     // the thread root for replies
+      if (!channel || !sourceTs) return;
+      if (!claimMessage(channel, sourceTs)) {
+        logger(`[slack] duplicate ${event.type} for ${channel}:${sourceTs} — skipping\n`);
+        return;
+      }
+      const threadId = `${channel}:${replyTs}`;
+      logger(`[slack] inbound ${event.type} from ${channel} (${text.length} chars)\n`);
+
+      // Immediate acknowledgement. _ackInbound is silent when
+      // reactions:write is missing (Phase 19.2 — no more text-ack
+      // spam).
+      const eyesOk = await this._ackInbound(channel, sourceTs, logger);
+
+      try {
+        await this._simulateInbound(text, threadId);
+        if (eyesOk) {
+          // Swap the "working" reaction for a "done" one so the user can
+          // tell at a glance which messages have been answered.
+          await this._reaction('remove', channel, sourceTs, 'eyes');
+          await this._reaction('add', channel, sourceTs, 'white_check_mark');
+        }
+      } catch (err) {
+        logger(`[slack] handler error: ${err?.message || err}\n`);
+        if (eyesOk) {
+          await this._reaction('remove', channel, sourceTs, 'eyes');
+          await this._reaction('add', channel, sourceTs, 'x');
+        }
+      }
+    };
+
+    const connectOnce = () => new Promise((resolve, reject) => {
+      let wsUrl;
+      openConnection()
+        .then((u) => { wsUrl = u; })
+        .catch(reject)
+        .then(() => {
+          if (!wsUrl) return;
+          logger(`[slack] socket-mode dialing wss gateway\n`);
+          ws = new WebSocket(wsUrl);
+          ws.addEventListener('open', () => {
+            attempts = 0;
+            logger(`[slack] socket-mode connected\n`);
+            resolve();
+          });
+          ws.addEventListener('message', async (ev) => {
+            let frame;
+            try { frame = JSON.parse(typeof ev.data === 'string' ? ev.data : ev.data.toString()); }
+            catch { return; }
+            if (frame.type === 'hello') {
+              logger(`[slack] hello (num_connections=${frame.num_connections || '?'})\n`);
+              return;
+            }
+            if (frame.type === 'disconnect') {
+              logger(`[slack] disconnect requested (reason=${frame.reason || '?'})\n`);
+              try { ws.close(1000); } catch { /* best-effort */ }
+              return;
+            }
+            if (frame.type === 'events_api') {
+              if (frame.envelope_id) {
+                if (seenEnvelopes.has(frame.envelope_id)) return;
+                seenEnvelopes.add(frame.envelope_id);
+                // Bound the dedupe set so it doesn't grow forever.
+                if (seenEnvelopes.size > 1024) {
+                  const trimTo = 512;
+                  const it = seenEnvelopes.values();
+                  while (seenEnvelopes.size > trimTo) seenEnvelopes.delete(it.next().value);
+                }
+                try { ws.send(JSON.stringify({ envelope_id: frame.envelope_id })); }
+                catch (err) { logger(`[slack] ack send failed: ${err?.message || err}\n`); }
+              }
+              const event = frame.payload?.event;
+              await dispatchEvent(event);
+            }
+          });
+          ws.addEventListener('close', () => {
+            logger(`[slack] socket closed\n`);
+            if (closed) return;
+            attempts++;
+            if (attempts > maxReconnects) {
+              logger(`[slack] giving up after ${attempts} reconnect attempts\n`);
+              return;
+            }
+            const backoff = Math.min(30000, 1000 * Math.pow(2, Math.min(attempts, 5)));
+            logger(`[slack] reconnecting in ${backoff}ms (attempt ${attempts})\n`);
+            setTimeout(() => { if (!closed) connectOnce().catch((e) => logger(`[slack] reconnect failed: ${e?.message || e}\n`)); }, backoff);
+          });
+          ws.addEventListener('error', (ev) => {
+            // The 'error' event fires before 'close'; we let 'close' drive
+            // the reconnect so we don't reconnect twice for one failure.
+            logger(`[slack] socket error: ${ev?.message || 'unknown'}\n`);
+          });
+        });
+    });
+
+    await connectOnce();
+    this._socketHandle = {
+      disconnect: async () => {
+        closed = true;
+        try { ws?.close(1000); } catch { /* best-effort */ }
+      },
+    };
+    return this._socketHandle;
+  }
+
+  // Mark an inbound message as "being worked on" without spamming the
+  // channel. Tries the :eyes: reaction first (silent UX). When
+  // reactions:write is missing we used to fall back to a text post
+  // ("확인해보겠습니다…") which doubled the noise per turn; Phase 19.2
+  // dropped that fallback so the channel stays clean when the scope
+  // is unavailable. The operator can flip reactions:write on at any
+  // time to bring the visible signal back.
+  //
+  // Exposed as a method (not closure-private in dispatchEvent) so the
+  // listener-noise unit tests can drive it directly.
+  async _ackInbound(channel, sourceTs, logger = () => {}) {
+    const eyesOk = await this._reaction('add', channel, sourceTs, 'eyes');
+    if (!eyesOk) {
+      logger('[slack] reactions:write missing — silent ack only (no text fallback)\n');
+    }
+    return eyesOk;
+  }
+
+  // Best-effort chat.delete — used by typing-indicator workflows where
+  // we post a placeholder and want to clean it up. Returns true on
+  // success, silent false otherwise.
+  async deleteMessage(channel, ts) {
+    if (!this._env.botToken || !channel || !ts) return false;
+    const url = `${this._env.apiBase.replace(/\/$/, '')}/chat.delete`;
+    try {
+      const res = await fetch(url, {
+        method: 'POST',
+        headers: {
+          'Authorization': `Bearer ${this._env.botToken}`,
+          'Content-Type': 'application/json; charset=utf-8',
+        },
+        body: JSON.stringify({ channel, ts }),
+      });
+      if (!res.ok) return false;
+      const json = await res.json().catch(() => ({}));
+      return !!json.ok;
+    } catch {
+      return false;
+    }
+  }
+
+  // Best-effort reaction add / remove. Returns true on success. Silent
+  // false on any failure (missing reactions:write scope, transport
+  // error, …) so callers can chain without noise.
+  async _reaction(action, channel, ts, name) {
+    if (!this._env.botToken || !channel || !ts) return false;
+    const endpoint = action === 'remove' ? 'reactions.remove' : 'reactions.add';
+    const url = `${this._env.apiBase.replace(/\/$/, '')}/${endpoint}`;
+    try {
+      const res = await fetch(url, {
+        method: 'POST',
+        headers: {
+          'Authorization': `Bearer ${this._env.botToken}`,
+          'Content-Type': 'application/json; charset=utf-8',
+        },
+        body: JSON.stringify({ channel, timestamp: ts, name }),
+      });
+      if (!res.ok) return false;
+      const json = await res.json().catch(() => ({}));
+      return !!json.ok;
+    } catch {
+      return false;
+    }
+  }
+
+  async stop() {
+    if (this._socketHandle && typeof this._socketHandle.disconnect === 'function') {
+      try { await this._socketHandle.disconnect(); } catch { /* best-effort */ }
+    }
+    this._socketHandle = null;
+    await super.stop();
+  }
+}

package/channels/stub.mjs

@@ -0,0 +1,52 @@
+// In-memory channel used for tests and for any caller that wants to
+// drive the daemon without a real transport. `inbox.push({ threadId,
+// text, token? })` triggers the handler; replies land in `outbox`.
+//
+// The stub respects the same gate object the HTTP channel uses so
+// auth-token + rate-limit assertions on the daemon's middleware chain
+// can be exercised without round-tripping through TCP.
+
+import { Channel } from './base.mjs';
+
+export class StubChannel extends Channel {
+  constructor() {
+    super('stub');
+    /** @type {Array<{ threadId: string, text: string, token?: string|null, key?: string|null }>} */
+    this.inbox = [];
+    /** @type {Array<{ threadId: string, text: string, error?: string }>} */
+    this.outbox = [];
+    this._pump = null;
+  }
+
+  async start(handler, opts = {}) {
+    await super.start(handler, opts);
+    this._pump = setInterval(() => this._drain(), 5);
+    // unref so a hanging interval doesn't keep the process alive
+    if (typeof this._pump.unref === 'function') this._pump.unref();
+  }
+
+  async _drain() {
+    while (this.inbox.length) {
+      const item = this.inbox.shift();
+      try {
+        const reply = await this._processInbound({
+          threadId: item.threadId,
+          text: item.text,
+          gateInput: { token: item.token, key: item.key },
+        });
+        this.outbox.push({ threadId: item.threadId, text: String(reply) });
+      } catch (err) {
+        this.outbox.push({ threadId: item.threadId, text: '', error: err?.message || String(err), code: err?.code });
+      }
+    }
+  }
+
+  async send(threadId, text) {
+    this.outbox.push({ threadId, text: String(text) });
+  }
+
+  async stop() {
+    if (this._pump) { clearInterval(this._pump); this._pump = null; }
+    await super.stop();
+  }
+}