openclaw-groupme 0.0.4 → 0.4.0

package/src/onboarding.ts

@@ -1,8 +1,12 @@
-import type { ChannelOnboardingAdapter } from "openclaw/plugin-sdk";
-import type { OpenClawConfig } from "openclaw/plugin-sdk";
+import { randomBytes } from "node:crypto";
+import type {
+  ChannelOnboardingAdapter,
+  OpenClawConfig,
+} from "openclaw/plugin-sdk";
 import { DEFAULT_ACCOUNT_ID } from "openclaw/plugin-sdk";
-import type { CoreConfig, GroupMeConfig } from "./types.js";
 import { resolveGroupMeAccount } from "./accounts.js";
+import { createBot, fetchGroups } from "./groupme-api.js";
+import type { CoreConfig, GroupMeConfig } from "./types.js";
 
 function applyGroupMeConfig(params: {
   cfg: OpenClawConfig;
@@ -46,6 +50,34 @@ function applyGroupMeConfig(params: {
   };
 }
 
+function parsePublicDomain(raw: string): string {
+  const trimmed = raw.trim();
+  try {
+    if (/^https?:\/\//i.test(trimmed)) {
+      const url = new URL(trimmed);
+      return url.port ? `${url.hostname}:${url.port}` : url.hostname;
+    }
+    const withoutLeadingSlashes = trimmed.replace(/^\/+/, "");
+    return withoutLeadingSlashes.split(/[\/?#]/, 1)[0];
+  } catch {
+    const noScheme = trimmed.replace(/^https?:\/\//i, "");
+    return noScheme.split(/[\/?#]/, 1)[0];
+  }
+}
+
+function generateCallbackUrl(): string {
+  const pathSegment = randomBytes(8).toString("hex");
+  const callbackToken = randomBytes(32).toString("hex");
+  return `/groupme/${pathSegment}?k=${callbackToken}`;
+}
+
+function redactMiddle(value: string): string {
+  if (value.length <= 10) {
+    return value;
+  }
+  return `${value.slice(0, 6)}...${value.slice(-3)}`;
+}
+
 export const groupmeOnboardingAdapter: ChannelOnboardingAdapter = {
   channel: "groupme",
   getStatus: async ({ cfg, accountOverrides }) => {
@@ -56,72 +88,154 @@ export const groupmeOnboardingAdapter: ChannelOnboardingAdapter = {
     });
 
     const configured = account.configured;
+    const callbackUrlConfigured = Boolean(account.config.callbackUrl?.trim());
+    const groupIdConfigured = Boolean(account.config.groupId?.trim());
+    const publicDomainConfigured = Boolean(account.config.publicDomain?.trim());
+
     return {
       channel: "groupme",
       configured,
       statusLines: [
-        `GroupMe (${accountId}): ${configured ? "configured" : "needs botId"}`,
+        `GroupMe (${accountId}): ${configured ? "configured" : "needs access token"}`,
         account.config.accessToken?.trim()
           ? "Access token configured"
-          : "Access token missing (needed for image uploads)",
+          : "Access token missing",
+        callbackUrlConfigured
+          ? "Webhook callback URL configured"
+          : "Webhook callback URL missing",
+        publicDomainConfigured
+          ? "Public domain configured"
+          : "Public domain missing",
+        groupIdConfigured ? "Group ID configured" : "Group ID missing",
       ],
-      selectionHint: configured ? "configured" : "needs bot ID",
+      selectionHint: configured ? "configured" : "needs access token",
       quickstartScore: configured ? 1 : 0,
     };
   },
   configure: async ({ cfg, prompter, accountOverrides }) => {
     const accountId = accountOverrides.groupme ?? DEFAULT_ACCOUNT_ID;
 
-    await prompter.note(
-      [
-        "GroupMe bots are bound to a single group.",
-        "Create a bot at https://dev.groupme.com/bots and copy bot_id + access token.",
-      ].join("\n"),
-      "GroupMe setup",
-    );
-
-    const botId = (
+    const botNameInput = (
       await prompter.text({
-        message: "Bot ID",
-        validate: (value) => (value.trim() ? undefined : "Bot ID is required"),
+        message: "Bot name",
+        initialValue: "openclaw",
       })
     ).trim();
+    const botName = botNameInput || "openclaw";
 
     const accessToken = (
       await prompter.text({
-        message: "Access token",
-        validate: (value) => (value.trim() ? undefined : "Access token is required"),
+        message: "GroupMe access token",
+        validate: (value) =>
+          value.trim() ? undefined : "Access token is required",
       })
     ).trim();
 
-    const botName = (
-      await prompter.text({
-        message: "Bot name (mention fallback)",
-        initialValue: "openclaw",
-      })
-    ).trim();
+    const groupsSpin = prompter.progress("Fetching your GroupMe groups...");
+    let groups: Awaited<ReturnType<typeof fetchGroups>>;
+    try {
+      groups = await fetchGroups(accessToken);
+    } catch {
+      groupsSpin.stop("Failed");
+      await prompter.note(
+        "Could not fetch groups. Check your access token and try again.",
+        "GroupMe setup failed",
+      );
+      throw new Error("Could not fetch groups");
+    }
 
-    const callbackPath = (
-      await prompter.text({
-        message: "Webhook path",
-        initialValue: "/groupme",
-        validate: (value) => (value.trim().startsWith("/") ? undefined : "Path must start with /"),
-      })
-    ).trim();
+    if (groups.length === 0) {
+      groupsSpin.stop("No groups found");
+      await prompter.note(
+        "No groups found. Create or join a GroupMe group first.",
+        "GroupMe setup failed",
+      );
+      throw new Error("No GroupMe groups found");
+    }
+    groupsSpin.stop(`Found ${groups.length} groups`);
 
+    const groupId = await prompter.select<string>({
+      message: "Select a GroupMe group",
+      options: groups.map((group) => ({
+        value: group.id,
+        label: group.name || group.id,
+        hint: group.id,
+      })),
+    });
+    const selectedGroup = groups.find((group) => group.id === groupId);
     const requireMention = await prompter.confirm({
       message: "Require mention to respond?",
       initialValue: true,
     });
+    const publicDomainRaw = (
+      await prompter.text({
+        message: "Public domain (must be reachable — GroupMe will ping it)",
+        validate: (value) => {
+          const trimmed = value.trim();
+          if (!trimmed) {
+            return "Public domain is required";
+          }
+          const normalized = trimmed
+            .replace(/^https?:\/\//, "")
+            .replace(/\/+$/, "");
+          if (!normalized) {
+            return "Public domain is required";
+          }
+          const parsed = parsePublicDomain(trimmed);
+          if (!parsed) {
+            return "Public domain is required";
+          }
+          return undefined;
+        },
+      })
+    ).trim();
+    const publicDomain = parsePublicDomain(publicDomainRaw);
+
+    const callbackUrl = generateCallbackUrl();
+    const pathSegment = callbackUrl.split("?")[0].split("/").pop()!;
+    await prompter.note(
+      `Generated webhook callback URL: /groupme/${pathSegment}?k=***`,
+      "Generated callback URL",
+    );
+
+    const botSpin = prompter.progress("Registering bot with GroupMe...");
+    let botId = "";
+    try {
+      const bot = await createBot({
+        accessToken,
+        name: botName,
+        groupId,
+        callbackUrl: `https://${publicDomain}${callbackUrl}`,
+      });
+      botId = bot.bot_id;
+      botSpin.stop("Bot registered");
+    } catch (error) {
+      botSpin.stop("Failed");
+      const detail = error instanceof Error ? `\n\nDetails: ${error.message}` : "";
+      await prompter.note(
+        `Failed to register bot with GroupMe. Check your access token and try again.${detail}`,
+        "GroupMe setup failed",
+      );
+      throw new Error("Failed to register GroupMe bot", {
+        cause: error instanceof Error ? error : undefined,
+      });
+    }
+
+    await prompter.note(
+      `Bot "${botName}" registered in group "${selectedGroup?.name ?? groupId}" (bot ID: ${redactMiddle(botId)})`,
+      "GroupMe bot registered",
+    );
 
     const next = applyGroupMeConfig({
       cfg,
       accountId,
       updates: {
-        botId,
-        accessToken,
         botName,
-        callbackPath,
+        accessToken,
+        botId,
+        groupId,
+        publicDomain,
+        callbackUrl,
         requireMention,
       },
     });
@@ -129,9 +243,8 @@ export const groupmeOnboardingAdapter: ChannelOnboardingAdapter = {
     await prompter.note(
       [
         "Next steps:",
-        `1. Set GroupMe callback URL to https://<your-domain>${callbackPath}`,
-        "2. Restart gateway",
-        "3. Send a message in the group to test",
+        "1. Restart the gateway: openclaw gateway restart",
+        "2. Send a message in the group to test",
       ].join("\n"),
       "GroupMe next steps",
     );
@@ -141,6 +254,268 @@ export const groupmeOnboardingAdapter: ChannelOnboardingAdapter = {
       accountId,
     };
   },
+  configureWhenConfigured: async ({
+    cfg,
+    prompter,
+    runtime,
+    accountOverrides,
+  }) => {
+    const accountId = accountOverrides.groupme ?? DEFAULT_ACCOUNT_ID;
+    const account = resolveGroupMeAccount({
+      cfg: cfg as CoreConfig,
+      accountId,
+    });
+
+    const action = await prompter.select<string>({
+      message: "GroupMe is already configured. What would you like to do?",
+      options: [
+        { value: "skip", label: "Skip", hint: "no changes" },
+        { value: "rotate_token", label: "Rotate access token" },
+        { value: "change_group", label: "Change group" },
+        { value: "regen_callback", label: "Regenerate callback URL" },
+        { value: "toggle_mention", label: "Toggle requireMention" },
+        { value: "update_domain", label: "Update public domain" },
+        { value: "full_setup", label: "Full re-setup", hint: "start from scratch" },
+      ],
+    });
+
+    if (action === "skip") {
+      return "skip";
+    }
+
+    if (action === "full_setup") {
+      return groupmeOnboardingAdapter.configure({
+        cfg,
+        prompter,
+        runtime,
+        accountOverrides,
+        options: {},
+        shouldPromptAccountIds: false,
+        forceAllowFrom: false,
+      });
+    }
+
+    if (action === "rotate_token") {
+      const newToken = (
+        await prompter.text({
+          message: "New GroupMe access token",
+          validate: (value) =>
+            value.trim() ? undefined : "Access token is required",
+        })
+      ).trim();
+
+      const spin = prompter.progress("Validating access token...");
+      try {
+        await fetchGroups(newToken);
+        spin.stop("Token validated");
+      } catch {
+        spin.stop("Failed");
+        await prompter.note(
+          "Could not validate token. Check your access token and try again.",
+          "Validation failed",
+        );
+        throw new Error("Could not validate access token");
+      }
+
+      const next = applyGroupMeConfig({
+        cfg,
+        accountId,
+        updates: { accessToken: newToken },
+      });
+      await prompter.note("Access token updated.", "Token rotated");
+      return { cfg: next, accountId };
+    }
+
+    if (action === "change_group") {
+      const existingToken = account.accessToken;
+      if (!existingToken) {
+        await prompter.note(
+          "No access token configured. Use \"Rotate access token\" first.",
+          "Missing token",
+        );
+        return "skip";
+      }
+
+      const spin = prompter.progress("Fetching your GroupMe groups...");
+      let groups: Awaited<ReturnType<typeof fetchGroups>>;
+      try {
+        groups = await fetchGroups(existingToken);
+      } catch {
+        spin.stop("Failed");
+        await prompter.note(
+          "Could not fetch groups. Check your access token and try again.",
+          "GroupMe error",
+        );
+        throw new Error("Could not fetch groups");
+      }
+
+      if (groups.length === 0) {
+        spin.stop("No groups found");
+        await prompter.note(
+          "No groups found. Create or join a GroupMe group first.",
+          "No groups",
+        );
+        return "skip";
+      }
+      spin.stop(`Found ${groups.length} groups`);
+
+      const newGroupId = await prompter.select<string>({
+        message: "Select a GroupMe group",
+        options: groups.map((group) => ({
+          value: group.id,
+          label: group.name || group.id,
+          hint: group.id === account.config.groupId ? "current" : group.id,
+        })),
+      });
+
+      const selectedGroup = groups.find((g) => g.id === newGroupId);
+      const updates: Record<string, unknown> = { groupId: newGroupId };
+
+      const registerNew = await prompter.confirm({
+        message: "Register a new bot in this group?",
+        initialValue: true,
+      });
+
+      if (!registerNew) {
+        const newBotId = (
+          await prompter.text({
+            message:
+              "Bot ID for the new group (existing bot won't work in a different group)",
+            validate: (value) =>
+              value.trim() ? undefined : "Bot ID is required",
+          })
+        ).trim();
+        updates.botId = newBotId;
+      }
+
+      if (registerNew) {
+        const botName = account.config.botName || "openclaw";
+        let publicDomain = account.config.publicDomain;
+        if (!publicDomain) {
+          const domainRaw = (
+            await prompter.text({
+              message: "Public domain (required for bot registration)",
+              validate: (value) => {
+                const trimmed = value.trim();
+                if (!trimmed) return "Public domain is required";
+                const normalized = trimmed
+                  .replace(/^https?:\/\//, "")
+                  .replace(/\/+$/, "");
+                if (!normalized) return "Public domain is required";
+                const parsed = parsePublicDomain(trimmed);
+                if (!parsed) return "Public domain is required";
+                return undefined;
+              },
+            })
+          ).trim();
+          publicDomain = parsePublicDomain(domainRaw);
+          updates.publicDomain = publicDomain;
+        }
+        let rawCallbackUrl = account.config.callbackUrl;
+        if (!rawCallbackUrl) {
+          rawCallbackUrl = generateCallbackUrl();
+          updates.callbackUrl = rawCallbackUrl;
+        }
+        const parsedCallback = new URL(rawCallbackUrl, "http://localhost");
+        const callbackPath = `${parsedCallback.pathname}${parsedCallback.search}`;
+
+        const botSpin = prompter.progress("Registering bot with GroupMe...");
+        try {
+          const bot = await createBot({
+            accessToken: existingToken,
+            name: botName,
+            groupId: newGroupId,
+            callbackUrl: `https://${publicDomain}${callbackPath}`,
+          });
+          updates.botId = bot.bot_id;
+          botSpin.stop("Bot registered");
+        } catch (error) {
+          botSpin.stop("Failed");
+          const detail =
+            error instanceof Error ? `\n\nDetails: ${error.message}` : "";
+          await prompter.note(
+            `Failed to register bot.${detail}`,
+            "Bot registration failed",
+          );
+          throw new Error("Failed to register GroupMe bot", {
+            cause: error instanceof Error ? error : undefined,
+          });
+        }
+      }
+
+      const next = applyGroupMeConfig({ cfg, accountId, updates });
+      await prompter.note(
+        `Group changed to "${selectedGroup?.name ?? newGroupId}".`,
+        "Group updated",
+      );
+      return { cfg: next, accountId };
+    }
+
+    if (action === "regen_callback") {
+      const callbackUrl = generateCallbackUrl();
+      const next = applyGroupMeConfig({
+        cfg,
+        accountId,
+        updates: { callbackUrl },
+      });
+      await prompter.note(
+        [
+          "Callback URL regenerated.",
+          "Remember to update your GroupMe bot settings or re-register the bot.",
+        ].join("\n"),
+        "Callback URL updated",
+      );
+      return { cfg: next, accountId };
+    }
+
+    if (action === "toggle_mention") {
+      const current = account.config.requireMention ?? true;
+      const next = applyGroupMeConfig({
+        cfg,
+        accountId,
+        updates: { requireMention: !current },
+      });
+      await prompter.note(
+        `requireMention changed from ${current} to ${!current}.`,
+        "Mention setting updated",
+      );
+      return { cfg: next, accountId };
+    }
+
+    if (action === "update_domain") {
+      const newDomainRaw = (
+        await prompter.text({
+          message: "New public domain",
+          initialValue: account.config.publicDomain ?? "",
+          validate: (value) => {
+            const trimmed = value.trim();
+            if (!trimmed) return "Public domain is required";
+            const normalized = trimmed
+              .replace(/^https?:\/\//, "")
+              .replace(/\/+$/, "");
+            if (!normalized) return "Public domain is required";
+            const parsed = parsePublicDomain(trimmed);
+            if (!parsed) return "Public domain is required";
+            return undefined;
+          },
+        })
+      ).trim();
+
+      const publicDomain = parsePublicDomain(newDomainRaw);
+      const next = applyGroupMeConfig({
+        cfg,
+        accountId,
+        updates: { publicDomain },
+      });
+      await prompter.note(
+        `Public domain updated to "${publicDomain}".`,
+        "Domain updated",
+      );
+      return { cfg: next, accountId };
+    }
+
+    return "skip";
+  },
   disable: (cfg) => ({
     ...cfg,
     channels: {

package/src/parse.ts

@@ -51,7 +51,7 @@ function parseNumberMatrix(value: unknown): number[][] {
     const parsedRow: number[] = [];
     for (const cell of row) {
       const num = readNumber(cell);
-      if (typeof num !== "number") {
+      if (num === undefined) {
         continue;
       }
       parsedRow.push(num);
@@ -68,7 +68,9 @@ function parseStringArray(value: unknown): string[] {
     return [];
   }
 
-  return value.map((entry) => readString(entry)).filter((entry): entry is string => Boolean(entry));
+  return value
+    .map((entry) => readString(entry))
+    .filter((entry): entry is string => Boolean(entry));
 }
 
 function parseAttachment(entry: unknown): GroupMeAttachment | null {
@@ -86,11 +88,7 @@ function parseAttachment(entry: unknown): GroupMeAttachment | null {
     if (!url) {
       return null;
     }
-    const imageAttachment: GroupMeImageAttachment = {
-      type,
-      url,
-    };
-    return imageAttachment;
+    return { type, url } satisfies GroupMeImageAttachment;
   }
 
   if (type === "location") {
@@ -100,22 +98,15 @@ function parseAttachment(entry: unknown): GroupMeAttachment | null {
     if (!lat || !lng || !name) {
       return null;
     }
-    const locationAttachment: GroupMeLocationAttachment = {
-      type,
-      lat,
-      lng,
-      name,
-    };
-    return locationAttachment;
+    return { type, lat, lng, name } satisfies GroupMeLocationAttachment;
   }
 
   if (type === "mentions") {
-    const mentionsAttachment: GroupMeMentionsAttachment = {
+    return {
       type,
       user_ids: parseStringArray(entry.user_ids),
       loci: parseNumberMatrix(entry.loci),
-    };
-    return mentionsAttachment;
+    } satisfies GroupMeMentionsAttachment;
   }
 
   if (type === "emoji") {
@@ -123,12 +114,11 @@ function parseAttachment(entry: unknown): GroupMeAttachment | null {
     if (!placeholder) {
       return null;
     }
-    const emojiAttachment: GroupMeEmojiAttachment = {
+    return {
       type,
       placeholder,
       charmap: parseNumberMatrix(entry.charmap),
-    };
-    return emojiAttachment;
+    } satisfies GroupMeEmojiAttachment;
   }
 
   return {
@@ -141,18 +131,14 @@ function parseAttachments(value: unknown): GroupMeAttachment[] {
   if (!Array.isArray(value)) {
     return [];
   }
-
-  const attachments: GroupMeAttachment[] = [];
-  for (const entry of value) {
-    const parsed = parseAttachment(entry);
-    if (parsed) {
-      attachments.push(parsed);
-    }
-  }
-  return attachments;
+  return value
+    .map((entry) => parseAttachment(entry))
+    .filter((parsed): parsed is GroupMeAttachment => parsed !== null);
 }
 
-export function parseGroupMeCallback(data: unknown): GroupMeCallbackData | null {
+export function parseGroupMeCallback(
+  data: unknown,
+): GroupMeCallbackData | null {
   if (!isRecord(data)) {
     return null;
   }
@@ -166,7 +152,15 @@ export function parseGroupMeCallback(data: unknown): GroupMeCallbackData | null
   const sourceGuid = readString(data.source_guid);
   const createdAt = readNumber(data.created_at);
 
-  if (!id || !name || !senderType || !senderId || !userId || !groupId || !sourceGuid) {
+  if (
+    !id ||
+    !name ||
+    !senderType ||
+    !senderId ||
+    !userId ||
+    !groupId ||
+    !sourceGuid
+  ) {
     return null;
   }
   if (typeof createdAt !== "number") {
@@ -212,12 +206,17 @@ export function shouldProcessCallback(msg: GroupMeCallbackData): string | null {
 
 export function extractImageUrls(attachments: GroupMeAttachment[]): string[] {
   return attachments
-    .filter((attachment): attachment is GroupMeImageAttachment => attachment.type === "image")
+    .filter(
+      (attachment): attachment is GroupMeImageAttachment =>
+        attachment.type === "image",
+    )
     .map((attachment) => attachment.url);
 }
 
 function normalizeMentionText(text: string): string {
-  return text.replace(/[\u200b-\u200f\u202a-\u202e\u2060-\u206f]/g, "").toLowerCase();
+  return text
+    .replace(/[\u200b-\u200f\u202a-\u202e\u2060-\u206f]/g, "")
+    .toLowerCase();
 }
 
 function buildRegexes(patterns?: string[]): RegExp[] {

package/src/policy.ts

@@ -1,10 +1,13 @@
-import { normalizeGroupMeAllowEntry, normalizeGroupMeUserId } from "./normalize.js";
+import {
+  normalizeGroupMeAllowEntry,
+  normalizeStringId,
+} from "./normalize.js";
 
 export function resolveSenderAccess(params: {
   senderId: string;
   allowFrom?: Array<string | number>;
 }): boolean {
-  const senderId = normalizeGroupMeUserId(params.senderId);
+  const senderId = normalizeStringId(params.senderId);
   if (!senderId) {
     return false;
   }