responses-proxy 0.1.0

package/dist/telegram-bot/grants.test.js

@@ -0,0 +1,290 @@
+import assert from "node:assert/strict";
+import { mkdtempSync, rmSync } from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import test from "node:test";
+import { BillingRepository } from "../billing.js";
+import { CustomerKeyRepository } from "../customer-keys.js";
+import { BotIdentityRepository } from "./bot-identity-repository.js";
+import { CustomerWorkspaceRepository } from "./customer-workspace-repository.js";
+import { grantCustomerAccess, renewCustomerAccess } from "./grants.js";
+function createMockProxyClient() {
+    let routeKeys = [];
+    return {
+        client: {
+            async getClientConfigs() {
+                return {
+                    clientRoutes: [{ key: "customers", apiKeys: [...routeKeys] }],
+                };
+            },
+            async setClientRouteApiKeys(input) {
+                if (input.client === "customers") {
+                    routeKeys = [...input.apiKeys];
+                }
+                return { ok: true };
+            },
+        },
+        getRouteKeys() {
+            return [...routeKeys];
+        },
+    };
+}
+function createFailingProxyClient() {
+    let routeKeys = [];
+    return {
+        client: {
+            async getClientConfigs() {
+                return {
+                    clientRoutes: [{ key: "customers", apiKeys: [...routeKeys] }],
+                };
+            },
+            async setClientRouteApiKeys(input) {
+                routeKeys = [...input.apiKeys];
+                throw new Error("proxy sync failed");
+            },
+        },
+        getRouteKeys() {
+            return [...routeKeys];
+        },
+    };
+}
+async function withRepos(fn) {
+    const dir = mkdtempSync(path.join(os.tmpdir(), "grant-customer-access-"));
+    try {
+        const dbFile = path.join(dir, "bot.sqlite");
+        await fn({
+            identities: BotIdentityRepository.create(dbFile),
+            workspaces: CustomerWorkspaceRepository.create(dbFile),
+            customerKeys: CustomerKeyRepository.create(dbFile),
+            billing: BillingRepository.create(dbFile),
+        });
+    }
+    finally {
+        rmSync(dir, { recursive: true, force: true });
+    }
+}
+test("grantCustomerAccess creates workspace, entitlement, and a new key", async () => {
+    await withRepos(async ({ identities, workspaces, customerKeys, billing }) => {
+        const proxy = createMockProxyClient();
+        const result = await grantCustomerAccess({
+            telegramUserId: "1283361952",
+            planId: "basic",
+            days: 30,
+            defaultClientRoute: "customers",
+            identities,
+            workspaces,
+            customerKeys,
+            billing,
+            proxyClient: proxy.client,
+        });
+        assert.equal(result.mode, "new_key_created");
+        assert.equal(typeof result.apiKey, "string");
+        assert.equal(proxy.getRouteKeys().length, 1);
+        assert.equal(customerKeys.getActiveKeyForUser("1283361952")?.id, result.keyId);
+        assert.equal(identities.getUser("1283361952")?.status, "active");
+        assert.equal(workspaces.getDefaultWorkspace("1283361952")?.status, "active");
+        assert.ok(billing.getActiveEntitlementForWorkspace(result.workspaceId));
+    });
+});
+test("grantCustomerAccess revokes a newly created key when proxy sync fails", async () => {
+    await withRepos(async ({ identities, workspaces, customerKeys, billing }) => {
+        const proxy = createFailingProxyClient();
+        await assert.rejects(() => grantCustomerAccess({
+            telegramUserId: "1283361952",
+            planId: "basic",
+            days: 30,
+            defaultClientRoute: "customers",
+            identities,
+            workspaces,
+            customerKeys,
+            billing,
+            proxyClient: proxy.client,
+        }), /proxy sync failed/);
+        const workspace = workspaces.getDefaultWorkspace("1283361952");
+        assert.ok(workspace);
+        const keys = customerKeys.listKeysByWorkspace(workspace.id);
+        assert.equal(keys.length, 1);
+        assert.equal(keys[0]?.status, "revoked");
+        assert.equal(customerKeys.getActiveKeyForUser("1283361952"), undefined);
+        assert.equal(billing.getActiveEntitlementForWorkspace(workspace.id), undefined);
+    });
+});
+test("grantCustomerAccess reactivates an existing suspended key", async () => {
+    await withRepos(async ({ identities, workspaces, customerKeys, billing }) => {
+        const proxy = createMockProxyClient();
+        const workspace = workspaces.ensureDefaultWorkspace({
+            ownerTelegramUserId: "42",
+            defaultClientRoute: "customers",
+            status: "suspended",
+        });
+        const created = customerKeys.createKey({
+            workspaceId: workspace.id,
+            telegramUserId: "42",
+            clientRoute: "customers",
+        });
+        customerKeys.setStatus(created.record.id, "suspended");
+        const result = await grantCustomerAccess({
+            telegramUserId: "42",
+            planId: "basic",
+            days: 7,
+            defaultClientRoute: "customers",
+            identities,
+            workspaces,
+            customerKeys,
+            billing,
+            proxyClient: proxy.client,
+        });
+        assert.equal(result.mode, "existing_key_reactivated");
+        assert.equal(result.apiKey, created.apiKey);
+        assert.equal(customerKeys.getActiveKeyForUser("42")?.id, created.record.id);
+        assert.equal(workspaces.getById(workspace.id)?.status, "active");
+    });
+});
+test("renewCustomerAccess extends an active subscription window", async () => {
+    await withRepos(async ({ identities, workspaces, customerKeys, billing }) => {
+        const proxy = createMockProxyClient();
+        const first = await grantCustomerAccess({
+            telegramUserId: "77",
+            planId: "basic",
+            days: 30,
+            defaultClientRoute: "customers",
+            identities,
+            workspaces,
+            customerKeys,
+            billing,
+            proxyClient: proxy.client,
+        });
+        const before = billing.getLatestSubscriptionForWorkspace(first.workspaceId);
+        assert.ok(before);
+        const renewed = await renewCustomerAccess({
+            telegramUserId: "77",
+            planId: "basic",
+            days: 15,
+            defaultClientRoute: "customers",
+            identities,
+            workspaces,
+            customerKeys,
+            billing,
+            proxyClient: proxy.client,
+        });
+        const after = billing.getLatestSubscriptionForWorkspace(first.workspaceId);
+        assert.ok(after);
+        assert.equal(renewed.mode, "existing_key_already_active");
+        assert.equal(renewed.apiKey, first.apiKey);
+        assert.ok(new Date(after.currentPeriodEnd).getTime() > new Date(before.currentPeriodEnd).getTime());
+    });
+});
+test("renewCustomerAccess rotates legacy active keys that cannot reveal a full secret", async () => {
+    await withRepos(async ({ identities, workspaces, customerKeys, billing }) => {
+        const proxy = createMockProxyClient();
+        const workspace = workspaces.ensureDefaultWorkspace({
+            ownerTelegramUserId: "99",
+            defaultClientRoute: "customers",
+            status: "active",
+        });
+        const legacy = customerKeys.createKey({
+            workspaceId: workspace.id,
+            telegramUserId: "99",
+            clientRoute: "customers",
+        });
+        customerKeys.db
+            .prepare("UPDATE customer_api_keys SET api_key_secret = NULL WHERE id = ?")
+            .run(legacy.record.id);
+        billing.grantSubscription({
+            workspaceId: workspace.id,
+            planId: "basic",
+            days: 30,
+        });
+        const renewed = await renewCustomerAccess({
+            telegramUserId: "99",
+            planId: "basic",
+            days: 15,
+            defaultClientRoute: "customers",
+            identities,
+            workspaces,
+            customerKeys,
+            billing,
+            proxyClient: proxy.client,
+        });
+        assert.equal(renewed.mode, "existing_key_replaced");
+        assert.equal(typeof renewed.apiKey, "string");
+        assert.equal(customerKeys.getById(legacy.record.id)?.status, "revoked");
+        assert.equal(customerKeys.getActiveKeyForUser("99")?.id, renewed.keyId);
+        assert.equal(proxy.getRouteKeys().includes(renewed.apiKey), true);
+    });
+});
+test("renewCustomerAccess can replace the latest key", async () => {
+    await withRepos(async ({ identities, workspaces, customerKeys, billing }) => {
+        const proxy = createMockProxyClient();
+        const first = await grantCustomerAccess({
+            telegramUserId: "88",
+            planId: "basic",
+            days: 30,
+            defaultClientRoute: "customers",
+            identities,
+            workspaces,
+            customerKeys,
+            billing,
+            proxyClient: proxy.client,
+        });
+        const previousKey = customerKeys.getLatestKeyForUser("88");
+        assert.ok(previousKey);
+        const renewed = await renewCustomerAccess({
+            telegramUserId: "88",
+            planId: "basic",
+            days: 30,
+            replaceKey: true,
+            defaultClientRoute: "customers",
+            identities,
+            workspaces,
+            customerKeys,
+            billing,
+            proxyClient: proxy.client,
+        });
+        const latestKey = customerKeys.getLatestKeyForUser("88");
+        assert.equal(renewed.mode, "existing_key_replaced");
+        assert.equal(typeof renewed.apiKey, "string");
+        assert.ok(latestKey);
+        assert.notEqual(latestKey.id, previousKey.id);
+        assert.equal(customerKeys.getById(previousKey.id)?.status, "revoked");
+        assert.equal(customerKeys.getById(latestKey.id)?.status, "active");
+        assert.equal(proxy.getRouteKeys().includes(renewed.apiKey), true);
+        assert.equal(first.apiKey === renewed.apiKey, false);
+    });
+});
+test("renewCustomerAccess keeps the old active key when replacement sync fails", async () => {
+    await withRepos(async ({ identities, workspaces, customerKeys, billing }) => {
+        const firstProxy = createMockProxyClient();
+        const first = await grantCustomerAccess({
+            telegramUserId: "88",
+            planId: "basic",
+            days: 30,
+            defaultClientRoute: "customers",
+            identities,
+            workspaces,
+            customerKeys,
+            billing,
+            proxyClient: firstProxy.client,
+        });
+        const failingProxy = createFailingProxyClient();
+        const before = billing.getLatestSubscriptionForWorkspace(first.workspaceId);
+        assert.ok(before);
+        await assert.rejects(() => renewCustomerAccess({
+            telegramUserId: "88",
+            planId: "basic",
+            days: 30,
+            defaultClientRoute: "customers",
+            identities,
+            workspaces,
+            customerKeys,
+            billing,
+            proxyClient: failingProxy.client,
+            replaceKey: true,
+        }), /proxy sync failed/);
+        assert.equal(customerKeys.getActiveKeyForUser("88")?.id, first.keyId);
+        assert.equal(billing.getLatestSubscriptionForWorkspace(first.workspaceId)?.currentPeriodEnd, before.currentPeriodEnd);
+        const keys = customerKeys.listKeysByWorkspace(first.workspaceId);
+        assert.equal(keys.filter((key) => key.status === "active").length, 1);
+        assert.equal(keys.filter((key) => key.status === "revoked").length, 1);
+    });
+});

package/dist/telegram-bot/index.js

@@ -0,0 +1,85 @@
+import { createTelegramBot } from "./telegram-adapter.js";
+import { readTelegramBotConfig } from "./config.js";
+import { ResponsesProxyClient } from "./proxy-client.js";
+const config = readTelegramBotConfig(process.env);
+const proxyClient = new ResponsesProxyClient(config.proxyAdminBaseUrl, config.proxyClientApiKey, config.proxyRequestTimeoutMs);
+if (config.botMode === "webhook") {
+    throw new Error("Webhook mode is not implemented yet. Use TELEGRAM_BOT_MODE=polling.");
+}
+let stopping = false;
+let activeBot;
+async function registerCommandMetadata(bot) {
+    await bot.api.setMyCommands([
+        { command: "plans", description: "List billing plan ids and limits" },
+        { command: "grant", description: "Activate paid access for a customer" },
+        { command: "renewuser", description: "Renew access or rotate a customer key" },
+        { command: "renew", description: "Choose plan and send a renewal request" },
+        { command: "apikey", description: "Show or issue customer API keys" },
+        { command: "usage", description: "Show customer usage for the current period" },
+        { command: "quota", description: "Show customer quota and expiration" },
+        { command: "tailscale", description: "Install Tailscale and ask admin for invite" },
+        { command: "help", description: "Show ops help, /help customer, /help proxy" },
+        { command: "status", description: "Check proxy health and active provider" },
+        { command: "providers", description: "Show provider and client route mapping" },
+        { command: "clients", description: "Show Hermes and Codex quick config status" },
+        { command: "models", description: "List routed models through the proxy" },
+        { command: "apply", description: "Apply proxy config to Hermes or Codex" },
+        { command: "oauth", description: "Inspect or start ChatGPT OAuth setup" },
+        { command: "accounts", description: "List and manage OAuth accounts" },
+        { command: "test", description: "Send a small proxy test request" },
+    ]);
+}
+const stopBot = (signal) => {
+    if (stopping) {
+        return;
+    }
+    stopping = true;
+    console.info(`telegram bot stopping on ${signal}`);
+    activeBot?.stop();
+};
+process.once("SIGINT", () => stopBot("SIGINT"));
+process.once("SIGTERM", () => stopBot("SIGTERM"));
+while (!stopping) {
+    const bot = createTelegramBot({ config, proxyClient });
+    activeBot = bot;
+    try {
+        await registerCommandMetadata(bot);
+    }
+    catch (error) {
+        console.warn("telegram bot could not register command metadata", {
+            error: error instanceof Error ? error.message : String(error),
+        });
+    }
+    try {
+        console.info("telegram bot starting in polling mode");
+        await bot.start();
+        break;
+    }
+    catch (error) {
+        if (stopping) {
+            break;
+        }
+        if (isTelegramPollingConflict(error)) {
+            console.warn("telegram polling conflict; retrying after 35 seconds", {
+                error: error instanceof Error ? error.message : String(error),
+            });
+            await sleep(35_000);
+            continue;
+        }
+        throw error;
+    }
+}
+console.info("telegram bot stopped");
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function isTelegramPollingConflict(error) {
+    if (typeof error !== "object" || error === null) {
+        return false;
+    }
+    const candidate = error;
+    const description = typeof candidate.description === "string" ? candidate.description : "";
+    return (candidate.method === "getUpdates" &&
+        candidate.error_code === 409 &&
+        description.includes("Conflict"));
+}

package/dist/telegram-bot/message-cleanup.js

@@ -0,0 +1,55 @@
+import { isAdmin } from "./auth.js";
+const customerCleanupCommands = new Set([
+    "start",
+    "help",
+    "me",
+    "apikey",
+    "usage",
+    "quota",
+    "renew",
+    "tailscale",
+]);
+export function createCustomerMessageCleanupMiddleware(config) {
+    return async (ctx, next) => {
+        const cleanupTarget = readCustomerCleanupTarget(ctx, config);
+        try {
+            await next();
+        }
+        finally {
+            if (cleanupTarget) {
+                await deleteMessageBestEffort(ctx, cleanupTarget);
+            }
+        }
+    };
+}
+export async function deleteMessageBestEffort(ctx, target) {
+    try {
+        await ctx.api.deleteMessage(target.chatId, target.messageId);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+function readCustomerCleanupTarget(ctx, config) {
+    if (isAdmin(ctx, config)) {
+        return undefined;
+    }
+    const message = ctx.message;
+    if (!message || !("text" in message) || typeof message.text !== "string") {
+        return undefined;
+    }
+    const command = parseCommand(message.text);
+    if (!command || !customerCleanupCommands.has(command)) {
+        return undefined;
+    }
+    const chatId = ctx.chat?.id;
+    const messageId = message.message_id;
+    return typeof chatId === "number" && typeof messageId === "number"
+        ? { chatId, messageId }
+        : undefined;
+}
+function parseCommand(text) {
+    const match = text.trim().match(/^\/([A-Za-z0-9_]+)(?:@[A-Za-z0-9_]+)?(?:\s|$)/);
+    return match?.[1]?.toLowerCase();
+}

package/dist/telegram-bot/message-cleanup.test.js

@@ -0,0 +1,77 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import { createCustomerMessageCleanupMiddleware } from "./message-cleanup.js";
+function createConfig() {
+    return {
+        telegramBotToken: "token",
+        allowedUserIds: new Set(),
+        allowedChatIds: new Set(),
+        ownerUserIds: new Set(["1"]),
+        adminUserIds: new Set(),
+        botMode: "polling",
+        proxyAdminBaseUrl: "http://127.0.0.1:8318",
+        defaultModel: "gpt-5.5",
+        publicSignupEnabled: true,
+        requireAdminApproval: false,
+        defaultCustomerRoute: "customers",
+        publicResponsesBaseUrl: "http://127.0.0.1:8318/v1",
+        proxyRequestTimeoutMs: 30_000,
+        sessionDbPath: ":memory:",
+        sessionTtlMs: 900_000,
+        rateLimitWindowMs: 60_000,
+        rateLimitMaxRequests: 12,
+        logLevel: "info",
+    };
+}
+function createContext(input) {
+    const deleted = [];
+    return {
+        from: { id: input.userId, is_bot: false, first_name: "User" },
+        chat: { id: input.chatId, type: "private", first_name: "User" },
+        message: {
+            message_id: 99,
+            date: 0,
+            chat: { id: input.chatId, type: "private", first_name: "User" },
+            text: input.text,
+        },
+        api: {
+            async deleteMessage(chatId, messageId) {
+                if (input.deleteImpl) {
+                    await input.deleteImpl(chatId, messageId);
+                }
+                deleted.push({ chatId, messageId });
+                return true;
+            },
+        },
+        deleted,
+    };
+}
+test("cleanup middleware deletes customer command messages after handling", async () => {
+    const ctx = createContext({ userId: 42, chatId: 42, text: "/renew" });
+    const middleware = createCustomerMessageCleanupMiddleware(createConfig());
+    let handled = false;
+    await middleware(ctx, async () => {
+        handled = true;
+    });
+    assert.equal(handled, true);
+    assert.deepEqual(ctx.deleted, [{ chatId: 42, messageId: 99 }]);
+});
+test("cleanup middleware does not delete admin command messages", async () => {
+    const ctx = createContext({ userId: 1, chatId: 1, text: "/renew" });
+    const middleware = createCustomerMessageCleanupMiddleware(createConfig());
+    await middleware(ctx, async () => { });
+    assert.deepEqual(ctx.deleted, []);
+});
+test("cleanup middleware ignores delete errors", async () => {
+    const ctx = createContext({
+        userId: 42,
+        chatId: 42,
+        text: "/start",
+        deleteImpl: async () => {
+            throw new Error("delete forbidden");
+        },
+    });
+    const middleware = createCustomerMessageCleanupMiddleware(createConfig());
+    await middleware(ctx, async () => { });
+    assert.deepEqual(ctx.deleted, []);
+});

package/dist/telegram-bot/message-format.js

@@ -0,0 +1,45 @@
+export function formatMessage(title, lines) {
+    return [title, ...lines.filter(Boolean)].join("\n");
+}
+export function formatSection(title, lines) {
+    const visibleLines = lines.filter(Boolean);
+    return visibleLines.length > 0 ? [title, ...visibleLines].join("\n") : title;
+}
+export function formatField(label, value) {
+    return `• ${label}: ${value ?? "none"}`;
+}
+const DISPLAY_DATE_TIME_FORMATTER = new Intl.DateTimeFormat("vi-VN", {
+    timeZone: "Asia/Ho_Chi_Minh",
+    day: "2-digit",
+    month: "2-digit",
+    year: "numeric",
+    hour: "2-digit",
+    minute: "2-digit",
+    hour12: false,
+});
+export function formatDateTime(value) {
+    if (value === null || value === undefined || value === "") {
+        return "none";
+    }
+    const date = value instanceof Date ? value : new Date(value);
+    if (Number.isNaN(date.getTime())) {
+        return String(value);
+    }
+    const parts = DISPLAY_DATE_TIME_FORMATTER.formatToParts(date);
+    const lookup = new Map(parts.filter((part) => part.type !== "literal").map((part) => [part.type, part.value]));
+    const day = lookup.get("day");
+    const month = lookup.get("month");
+    const year = lookup.get("year");
+    const hour = lookup.get("hour");
+    const minute = lookup.get("minute");
+    if (!day || !month || !year || !hour || !minute) {
+        return DISPLAY_DATE_TIME_FORMATTER.format(date);
+    }
+    return `${day}/${month}/${year} ${hour}:${minute}`;
+}
+export function formatRawField(label, value) {
+    return `${label}: ${value ?? "none"}`;
+}
+export function formatEmptyState(title, hint) {
+    return [title, hint].join("\n");
+}

package/dist/telegram-bot/message-format.test.js

@@ -0,0 +1,10 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import { formatDateTime } from "./message-format.js";
+test("formatDateTime renders a compact Vietnam-local timestamp", () => {
+    assert.equal(formatDateTime("2026-05-11T07:30:00.000Z"), "11/05/2026 14:30");
+});
+test("formatDateTime keeps invalid values visible", () => {
+    assert.equal(formatDateTime("not-a-date"), "not-a-date");
+    assert.equal(formatDateTime(undefined), "none");
+});