niahere 0.2.91 → 0.3.1

package/src/types/config.ts

@@ -28,23 +28,36 @@ export interface SlackConfig {
   watch: Record<string, SlackWatchChannel> | null;
 }
 
-export interface PhoneConfig {
-  twilio_sid: string | null;
-  twilio_secret: string | null;
-  /** Account-level Auth Token used to verify X-Twilio-Signature on inbound webhooks.
-   *  Falls back to twilio_secret if not set (works when twilio_sid is the Account SID
-   *  and twilio_secret is the Auth Token). */
-  twilio_auth_token: string | null;
-  /** Twilio number Nia dials from (E.164, e.g. +13025480697) */
-  from_number: string | null;
-  /** Owner's phone number (E.164). Highest-trust caller. */
+/**
+ * Shared config for all Twilio-based channels (phone/sms/whatsapp).
+ * Credentials, owner identity, public URL, and the local webhook port
+ * live here so individual channels don't reach into each other's configs.
+ */
+export interface TwilioConfig {
+  /** SID used for both URL paths and Basic auth.
+   * Usually the Account SID (AC…). Can be an API Key SID (SK…) — Twilio resolves it. */
+  sid: string | null;
+  /** Basic auth password. Account Auth Token if sid is AC…, API Key Secret if SK…. */
+  secret: string | null;
+  /** Account-level Auth Token. Used to verify X-Twilio-Signature on inbound webhooks.
+   * If sid is an API Key SID (SK…), this MUST be set separately. Falls back to `secret`
+   * when sid is an Account SID and `secret` is the Auth Token. */
+  auth_token: string | null;
+  /** Owner's phone number (E.164). Highest-trust caller / messenger. */
   owner_number: string | null;
   /** Extra allowlisted E.164 numbers (family, close contacts). */
   allowlist: string[];
   /** Public base URL Twilio hits (e.g. https://nia.example.com). No trailing slash. */
   public_base_url: string | null;
-  /** Local HTTP port for the Twilio webhook server. */
+  /** Local HTTP port the shared Twilio webhook server binds to. */
   port: number;
+}
+
+/** Voice (Twilio Programmable Voice + OpenAI Realtime). */
+export interface PhoneConfig {
+  enabled: boolean;
+  /** Twilio number Nia dials from / inbound voice number (E.164). */
+  from_number: string | null;
   /** OpenAI API key for the Realtime voice loop. */
   openai_api_key: string | null;
   /** OpenAI Realtime model id. */
@@ -53,12 +66,29 @@ export interface PhoneConfig {
   voice: string;
 }
 
+/** SMS via Twilio (uses the shared TwilioConfig credentials). */
+export interface SmsConfig {
+  enabled: boolean;
+  /** E.164 number SMS is sent from. Defaults to phone.from_number. */
+  from_number: string | null;
+}
+
+/** WhatsApp via Twilio (sandbox by default; uses shared TwilioConfig). */
+export interface WhatsappConfig {
+  enabled: boolean;
+  /** WhatsApp sender E.164. Defaults to Twilio Sandbox shared number +14155238886. */
+  from_number: string | null;
+}
+
 export interface ChannelsConfig {
   enabled: boolean;
   default: string;
   telegram: TelegramConfig;
   slack: SlackConfig;
+  twilio: TwilioConfig;
   phone: PhoneConfig;
+  sms: SmsConfig;
+  whatsapp: WhatsappConfig;
 }
 
 export interface SessionFinalizationConfig {

package/src/types/enums.ts

@@ -17,4 +17,4 @@ export type Mode = "chat" | "job";
 export type AttachmentType = "image" | "document" | "file";
 
 /** Channel names. */
-export type ChannelName = "telegram" | "slack";
+export type ChannelName = "telegram" | "slack" | "phone" | "sms" | "whatsapp";

package/src/types/index.ts

@@ -5,7 +5,16 @@ export type { SendResult, StreamCallback, ActivityCallback, SendCallbacks, ChatE
 export type { AuditEntry, JobState, CronState } from "./audit";
 export type { Channel, ChannelFactory } from "./channel";
 export type { ChatState } from "./chat-state";
-export type { Config, ChannelsConfig, TelegramConfig, SlackConfig, PhoneConfig } from "./config";
+export type {
+  Config,
+  ChannelsConfig,
+  TelegramConfig,
+  SlackConfig,
+  TwilioConfig,
+  PhoneConfig,
+  SmsConfig,
+  WhatsappConfig,
+} from "./config";
 export type { Paths } from "./paths";
 export type { SaveMessageParams, RoomStats, RecentMessage, SearchResult, SessionMessage } from "./message";
 export type { AgentInfo } from "./agent";

package/src/utils/config.ts

@@ -36,19 +36,30 @@ const DEFAULTS: Config = {
       workspace_url: null,
       watch: null,
     },
-    phone: {
-      twilio_sid: null,
-      twilio_secret: null,
-      twilio_auth_token: null,
-      from_number: null,
+    twilio: {
+      sid: null,
+      secret: null,
+      auth_token: null,
       owner_number: null,
       allowlist: [],
       public_base_url: null,
       port: 7079,
+    },
+    phone: {
+      enabled: true,
+      from_number: null,
       openai_api_key: null,
       realtime_model: "gpt-realtime",
       voice: "marin",
     },
+    sms: {
+      enabled: true,
+      from_number: null,
+    },
+    whatsapp: {
+      enabled: true,
+      from_number: "+14155238886",
+    },
   },
 };
 
@@ -131,6 +142,19 @@ export function loadConfig(): Config {
   const chTg = (ch.telegram || {}) as Record<string, unknown>;
   const chSl = (ch.slack || {}) as Record<string, unknown>;
   const chPh = (ch.phone || {}) as Record<string, unknown>;
+  const chTw = (ch.twilio || {}) as Record<string, unknown>;
+  const chSms = (ch.sms || {}) as Record<string, unknown>;
+  const chWa = (ch.whatsapp || {}) as Record<string, unknown>;
+
+  // Helper: read a value from `channels.twilio.<newKey>`, falling back to
+  // legacy `channels.phone.<oldKey>` (the pre-refactor location), then env.
+  const twilioOrPhone = (newKey: string, oldKey: string, envKey: string | null): string | null => {
+    const envVal = envKey ? process.env[envKey] : undefined;
+    if (envVal) return envVal;
+    if (typeof chTw[newKey] === "string") return chTw[newKey] as string;
+    if (typeof chPh[oldKey] === "string") return chPh[oldKey] as string;
+    return null;
+  };
 
   const channelsEnabled = ch.enabled !== false;
 
@@ -162,29 +186,42 @@ export function loadConfig(): Config {
   const slWorkspaceId = typeof chSl.workspace_id === "string" ? chSl.workspace_id : null;
   const slWorkspaceUrl = typeof chSl.workspace_url === "string" ? chSl.workspace_url : null;
 
-  // Phone — env vars override config; secrets are env-only by convention
-  const phTwilioSid = process.env.TWILIO_SID || (typeof chPh.twilio_sid === "string" ? chPh.twilio_sid : null);
-  const phTwilioSecret =
-    process.env.TWILIO_SECRET || (typeof chPh.twilio_secret === "string" ? chPh.twilio_secret : null);
-  const phTwilioAuthToken =
-    process.env.TWILIO_AUTH_TOKEN || (typeof chPh.twilio_auth_token === "string" ? chPh.twilio_auth_token : null);
+  // --- Twilio shared config (used by phone, sms, whatsapp) ---
+  // New shape: channels.twilio.{sid,secret,auth_token,owner_number,allowlist,public_base_url,port}.
+  // Legacy shape kept for one release: channels.phone.{twilio_sid,twilio_secret,twilio_auth_token,
+  // owner_number,allowlist,public_base_url,port}. Env vars take precedence over both.
+  const twSid = twilioOrPhone("sid", "twilio_sid", "TWILIO_SID");
+  const twSecret = twilioOrPhone("secret", "twilio_secret", "TWILIO_SECRET");
+  const twAuthToken = twilioOrPhone("auth_token", "twilio_auth_token", "TWILIO_AUTH_TOKEN");
+  const twOwnerNumber = twilioOrPhone("owner_number", "owner_number", "PRIMARY_PHONE_USER");
+  const twPublicBaseUrl =
+    (twilioOrPhone("public_base_url", "public_base_url", "PUBLIC_BASE_URL") || "").replace(/\/$/, "") || null;
+
+  const twPortRaw = process.env.PHONE_PORT ? Number(process.env.PHONE_PORT) : null;
+  const twPort =
+    twPortRaw && Number.isFinite(twPortRaw)
+      ? twPortRaw
+      : typeof chTw.port === "number"
+        ? chTw.port
+        : typeof chPh.port === "number"
+          ? chPh.port
+          : DEFAULTS.channels.twilio.port;
+
+  const twAllowlistRaw =
+    process.env.PHONE_ALLOWLIST ||
+    (Array.isArray(chTw.allowlist)
+      ? (chTw.allowlist as unknown[]).filter((x): x is string => typeof x === "string").join(",")
+      : Array.isArray(chPh.allowlist)
+        ? (chPh.allowlist as unknown[]).filter((x): x is string => typeof x === "string").join(",")
+        : "");
+  const twAllowlist = twAllowlistRaw
+    .split(",")
+    .map((s) => s.trim())
+    .filter((s) => s.length > 0);
+
+  // --- Phone (voice) — env vars and new keys override legacy ---
   const phFromNumber =
     process.env.PHONE_FROM_NUMBER || (typeof chPh.from_number === "string" ? chPh.from_number : null);
-  const phOwnerNumber =
-    process.env.PRIMARY_PHONE_USER || (typeof chPh.owner_number === "string" ? chPh.owner_number : null);
-  const phPublicBaseUrl =
-    (
-      process.env.PUBLIC_BASE_URL ||
-      (typeof chPh.public_base_url === "string" ? chPh.public_base_url : null) ||
-      ""
-    ).replace(/\/$/, "") || null;
-  const phPortRaw = process.env.PHONE_PORT ? Number(process.env.PHONE_PORT) : null;
-  const phPort =
-    phPortRaw && Number.isFinite(phPortRaw)
-      ? phPortRaw
-      : typeof chPh.port === "number"
-        ? chPh.port
-        : DEFAULTS.channels.phone.port;
   const phOpenAiKey =
     process.env.OPENAI_API_KEY || (typeof chPh.openai_api_key === "string" ? chPh.openai_api_key : null);
   const phRealtimeModel =
@@ -192,16 +229,18 @@ export function loadConfig(): Config {
     (typeof chPh.realtime_model === "string" ? chPh.realtime_model : DEFAULTS.channels.phone.realtime_model);
   const phVoice =
     process.env.PHONE_VOICE || (typeof chPh.voice === "string" ? chPh.voice : DEFAULTS.channels.phone.voice);
+  const phEnabled = chPh.enabled !== false;
 
-  const phAllowlistRaw =
-    process.env.PHONE_ALLOWLIST ||
-    (Array.isArray(chPh.allowlist)
-      ? (chPh.allowlist as unknown[]).filter((x): x is string => typeof x === "string").join(",")
-      : "");
-  const phAllowlist = phAllowlistRaw
-    .split(",")
-    .map((s) => s.trim())
-    .filter((s) => s.length > 0);
+  // --- SMS ---
+  const smsFromNumber =
+    process.env.SMS_FROM_NUMBER || (typeof chSms.from_number === "string" ? chSms.from_number : null);
+  const smsEnabled = chSms.enabled !== false;
+
+  // --- WhatsApp ---
+  const waFromNumber =
+    process.env.WHATSAPP_FROM_NUMBER ||
+    (typeof chWa.from_number === "string" ? chWa.from_number : DEFAULTS.channels.whatsapp.from_number);
+  const waEnabled = chWa.enabled !== false;
 
   // Slack watch channels — behavior is optional (defaults to key name lookup)
   const rawWatch = chSl.watch as Record<string, unknown> | undefined;
@@ -242,19 +281,30 @@ export function loadConfig(): Config {
         workspace_url: slWorkspaceUrl,
         watch: slWatch,
       },
+      twilio: {
+        sid: twSid,
+        secret: twSecret,
+        auth_token: twAuthToken,
+        owner_number: twOwnerNumber,
+        allowlist: twAllowlist,
+        public_base_url: twPublicBaseUrl,
+        port: twPort,
+      },
       phone: {
-        twilio_sid: phTwilioSid,
-        twilio_secret: phTwilioSecret,
-        twilio_auth_token: phTwilioAuthToken,
+        enabled: phEnabled,
         from_number: phFromNumber,
-        owner_number: phOwnerNumber,
-        allowlist: phAllowlist,
-        public_base_url: phPublicBaseUrl,
-        port: phPort,
         openai_api_key: phOpenAiKey,
         realtime_model: phRealtimeModel,
         voice: phVoice,
       },
+      sms: {
+        enabled: smsEnabled,
+        from_number: smsFromNumber,
+      },
+      whatsapp: {
+        enabled: waEnabled,
+        from_number: waFromNumber,
+      },
     },
   };
 }

package/src/channels/phone/twilio.ts

@@ -1,125 +0,0 @@
-/**
- * Minimal Twilio REST + webhook-signature helpers.
- * Skips the official SDK so the daemon's dependency surface stays small —
- * the surface we use (place call, hang up, swap URL, validate signature) is
- * a handful of well-documented endpoints.
- */
-import { createHmac, timingSafeEqual } from "crypto";
-
-const TWILIO_BASE = "https://api.twilio.com/2010-04-01";
-
-interface TwilioCreds {
-  accountSid: string;
-  authToken: string;
-}
-
-function basicAuth({ accountSid, authToken }: TwilioCreds): string {
-  return `Basic ${Buffer.from(`${accountSid}:${authToken}`).toString("base64")}`;
-}
-
-function accountUrl({ accountSid }: TwilioCreds, suffix: string): string {
-  return `${TWILIO_BASE}/Accounts/${encodeURIComponent(accountSid)}${suffix}`;
-}
-
-/**
- * Validate a Twilio webhook signature.
- * Algorithm (per Twilio's webhook security docs):
- *   1. Take the full URL Twilio sent the request to (including query string).
- *   2. For application/x-www-form-urlencoded bodies, sort POST keys and
- *      append each "key" + "value" to the URL string.
- *   3. HMAC-SHA1 with the account AuthToken, base64-encode.
- *   4. Timing-safe compare with the X-Twilio-Signature header.
- */
-export function validateTwilioSignature(opts: {
-  authToken: string;
-  fullUrl: string;
-  params: Record<string, string>;
-  signature: string;
-}): boolean {
-  const { authToken, fullUrl, params, signature } = opts;
-  if (!signature) return false;
-
-  const sortedKeys = Object.keys(params).sort();
-  let data = fullUrl;
-  for (const key of sortedKeys) {
-    data += key + params[key];
-  }
-
-  const computed = createHmac("sha1", authToken).update(data, "utf8").digest("base64");
-  const a = Buffer.from(computed);
-  const b = Buffer.from(signature);
-  if (a.length !== b.length) return false;
-  return timingSafeEqual(a, b);
-}
-
-export interface PlaceCallOpts extends TwilioCreds {
-  to: string;
-  from: string;
-  twimlUrl: string;
-  statusCallbackUrl?: string;
-  /** Hard cap on call duration (seconds). Maps to Twilio's TimeLimit param. */
-  maxDurationSec?: number;
-}
-
-export interface PlaceCallResult {
-  callSid: string;
-  status: string;
-}
-
-export async function placeCall(opts: PlaceCallOpts): Promise<PlaceCallResult> {
-  const body = new URLSearchParams({
-    To: opts.to,
-    From: opts.from,
-    Url: opts.twimlUrl,
-    Method: "POST",
-  });
-  if (opts.statusCallbackUrl) {
-    body.set("StatusCallback", opts.statusCallbackUrl);
-    body.set("StatusCallbackMethod", "POST");
-    body.append("StatusCallbackEvent", "initiated");
-    body.append("StatusCallbackEvent", "answered");
-    body.append("StatusCallbackEvent", "completed");
-  }
-  if (opts.maxDurationSec && opts.maxDurationSec > 0) {
-    body.set("TimeLimit", String(opts.maxDurationSec));
-  }
-
-  const resp = await fetch(accountUrl(opts, "/Calls.json"), {
-    method: "POST",
-    headers: { Authorization: basicAuth(opts), "Content-Type": "application/x-www-form-urlencoded" },
-    body: body.toString(),
-  });
-  if (!resp.ok) {
-    const text = await resp.text().catch(() => "");
-    throw new Error(`Twilio placeCall failed: ${resp.status} ${text}`);
-  }
-  const data = (await resp.json()) as { sid: string; status: string };
-  return { callSid: data.sid, status: data.status };
-}
-
-/** Swap the TwiML URL on an in-flight call (used to inject the real callSid into the path). */
-export async function updateCallUrl(opts: TwilioCreds & { callSid: string; url: string }): Promise<void> {
-  const body = new URLSearchParams({ Url: opts.url, Method: "POST" });
-  const resp = await fetch(accountUrl(opts, `/Calls/${encodeURIComponent(opts.callSid)}.json`), {
-    method: "POST",
-    headers: { Authorization: basicAuth(opts), "Content-Type": "application/x-www-form-urlencoded" },
-    body: body.toString(),
-  });
-  if (!resp.ok) {
-    const text = await resp.text().catch(() => "");
-    throw new Error(`Twilio updateCallUrl failed: ${resp.status} ${text}`);
-  }
-}
-
-export async function hangupCall(opts: TwilioCreds & { callSid: string }): Promise<void> {
-  const body = new URLSearchParams({ Status: "completed" });
-  const resp = await fetch(accountUrl(opts, `/Calls/${encodeURIComponent(opts.callSid)}.json`), {
-    method: "POST",
-    headers: { Authorization: basicAuth(opts), "Content-Type": "application/x-www-form-urlencoded" },
-    body: body.toString(),
-  });
-  if (!resp.ok) {
-    const text = await resp.text().catch(() => "");
-    throw new Error(`Twilio hangupCall failed: ${resp.status} ${text}`);
-  }
-}