UNPKG

@gguf/claw

Version:

Multi-channel AI gateway with extensible messaging integrations

github.com/openclaw/openclaw

openclaw/openclaw

341 lines (338 loc) 12.9 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
import { t as __exportAll } from "./rolldown-runtime-Cbj13DAv.js"; import { B as theme } from "./utils-CP9YLh6M.js"; import { f as defaultRuntime } from "./subsystem-BCQGGxdd.js"; import { t as runCommandWithTimeout } from "./exec-DYqRzFbo.js"; import { i as loadConfig } from "./config-PQiujvsf.js"; import os from "node:os"; import qrcode from "qrcode-terminal"; //#region src/pairing/setup-code.ts const DEFAULT_GATEWAY_PORT = 18789; function normalizeUrl(raw, schemeFallback) { const trimmed = raw.trim(); if (!trimmed) return null; try { const parsed = new URL(trimmed); const scheme = parsed.protocol.replace(":", ""); if (!scheme) return null; const resolvedScheme = scheme === "http" ? "ws" : scheme === "https" ? "wss" : scheme; if (resolvedScheme !== "ws" && resolvedScheme !== "wss") return null; const host = parsed.hostname; if (!host) return null; return `${resolvedScheme}://${host}${parsed.port ? `:${parsed.port}` : ""}`; } catch {} const withoutPath = trimmed.split("/")[0] ?? ""; if (!withoutPath) return null; return `${schemeFallback}://${withoutPath}`; } function resolveGatewayPort(cfg, env) { const envRaw = env.OPENCLAW_GATEWAY_PORT?.trim() || env.CLAWDBOT_GATEWAY_PORT?.trim(); if (envRaw) { const parsed = Number.parseInt(envRaw, 10); if (Number.isFinite(parsed) && parsed > 0) return parsed; } const configPort = cfg.gateway?.port; if (typeof configPort === "number" && Number.isFinite(configPort) && configPort > 0) return configPort; return DEFAULT_GATEWAY_PORT; } function resolveScheme(cfg, opts) { if (opts?.forceSecure) return "wss"; return cfg.gateway?.tls?.enabled === true ? "wss" : "ws"; } function parseIPv4Octets(address) { const parts = address.split("."); if (parts.length !== 4) return null; const octets = parts.map((part) => Number.parseInt(part, 10)); if (octets.some((value) => !Number.isFinite(value) || value < 0 || value > 255)) return null; return [ octets[0], octets[1], octets[2], octets[3] ]; } function isPrivateIPv4(address) { const octets = parseIPv4Octets(address); if (!octets) return false; const [a, b] = octets; if (a === 10) return true; if (a === 172 && b >= 16 && b <= 31) return true; if (a === 192 && b === 168) return true; return false; } function isTailnetIPv4(address) { const octets = parseIPv4Octets(address); if (!octets) return false; const [a, b] = octets; return a === 100 && b >= 64 && b <= 127; } function pickIPv4Matching(networkInterfaces, matches) { const nets = networkInterfaces(); for (const entries of Object.values(nets)) { if (!entries) continue; for (const entry of entries) { const isIpv4 = entry?.family === "IPv4"; if (!entry || entry.internal || !isIpv4) continue; const address = entry.address?.trim() ?? ""; if (!address) continue; if (matches(address)) return address; } } return null; } function pickLanIPv4(networkInterfaces) { return pickIPv4Matching(networkInterfaces, isPrivateIPv4); } function pickTailnetIPv4(networkInterfaces) { return pickIPv4Matching(networkInterfaces, isTailnetIPv4); } function parsePossiblyNoisyJsonObject(raw) { const start = raw.indexOf("{"); const end = raw.lastIndexOf("}"); if (start === -1 || end <= start) return {}; try { return JSON.parse(raw.slice(start, end + 1)); } catch { return {}; } } async function resolveTailnetHost(runCommandWithTimeout) { if (!runCommandWithTimeout) return null; for (const candidate of ["tailscale", "/Applications/Tailscale.app/Contents/MacOS/Tailscale"]) try { const result = await runCommandWithTimeout([ candidate, "status", "--json" ], { timeoutMs: 5e3 }); if (result.code !== 0) continue; const raw = result.stdout.trim(); if (!raw) continue; const parsed = parsePossiblyNoisyJsonObject(raw); const self = typeof parsed.Self === "object" && parsed.Self !== null ? parsed.Self : void 0; const dns = typeof self?.DNSName === "string" ? self.DNSName : void 0; if (dns && dns.length > 0) return dns.replace(/\.$/, ""); const ips = Array.isArray(self?.TailscaleIPs) ? self.TailscaleIPs : []; if (ips.length > 0) return ips[0] ?? null; } catch { continue; } return null; } function resolveAuth(cfg, env) { const mode = cfg.gateway?.auth?.mode; const token = env.OPENCLAW_GATEWAY_TOKEN?.trim() || env.CLAWDBOT_GATEWAY_TOKEN?.trim() || cfg.gateway?.auth?.token?.trim(); const password = env.OPENCLAW_GATEWAY_PASSWORD?.trim() || env.CLAWDBOT_GATEWAY_PASSWORD?.trim() || cfg.gateway?.auth?.password?.trim(); if (mode === "password") { if (!password) return { error: "Gateway auth is set to password, but no password is configured." }; return { password, label: "password" }; } if (mode === "token") { if (!token) return { error: "Gateway auth is set to token, but no token is configured." }; return { token, label: "token" }; } if (token) return { token, label: "token" }; if (password) return { password, label: "password" }; return { error: "Gateway auth is not configured (no token or password)." }; } async function resolveGatewayUrl(cfg, opts) { const scheme = resolveScheme(cfg, { forceSecure: opts.forceSecure }); const port = resolveGatewayPort(cfg, opts.env); if (typeof opts.publicUrl === "string" && opts.publicUrl.trim()) { const url = normalizeUrl(opts.publicUrl, scheme); if (url) return { url, source: "plugins.entries.device-pair.config.publicUrl" }; return { error: "Configured publicUrl is invalid." }; } const remoteUrlRaw = cfg.gateway?.remote?.url; const remoteUrl = typeof remoteUrlRaw === "string" && remoteUrlRaw.trim() ? normalizeUrl(remoteUrlRaw, scheme) : null; if (opts.preferRemoteUrl && remoteUrl) return { url: remoteUrl, source: "gateway.remote.url" }; const tailscaleMode = cfg.gateway?.tailscale?.mode ?? "off"; if (tailscaleMode === "serve" || tailscaleMode === "funnel") { const host = await resolveTailnetHost(opts.runCommandWithTimeout); if (!host) return { error: "Tailscale Serve is enabled, but MagicDNS could not be resolved." }; return { url: `wss://${host}`, source: `gateway.tailscale.mode=${tailscaleMode}` }; } if (remoteUrl) return { url: remoteUrl, source: "gateway.remote.url" }; const bind = cfg.gateway?.bind ?? "loopback"; if (bind === "custom") { const host = cfg.gateway?.customBindHost?.trim(); if (host) return { url: `${scheme}://${host}:${port}`, source: "gateway.bind=custom" }; return { error: "gateway.bind=custom requires gateway.customBindHost." }; } if (bind === "tailnet") { const host = pickTailnetIPv4(opts.networkInterfaces); if (host) return { url: `${scheme}://${host}:${port}`, source: "gateway.bind=tailnet" }; return { error: "gateway.bind=tailnet set, but no tailnet IP was found." }; } if (bind === "lan") { const host = pickLanIPv4(opts.networkInterfaces); if (host) return { url: `${scheme}://${host}:${port}`, source: "gateway.bind=lan" }; return { error: "gateway.bind=lan set, but no private LAN IP was found." }; } return { error: "Gateway is only bound to loopback. Set gateway.bind=lan, enable tailscale serve, or configure plugins.entries.device-pair.config.publicUrl." }; } function encodePairingSetupCode(payload) { const json = JSON.stringify(payload); return Buffer.from(json, "utf8").toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, ""); } async function resolvePairingSetupFromConfig(cfg, options = {}) { const env = options.env ?? process.env; const auth = resolveAuth(cfg, env); if (auth.error) return { ok: false, error: auth.error }; const urlResult = await resolveGatewayUrl(cfg, { env, publicUrl: options.publicUrl, preferRemoteUrl: options.preferRemoteUrl, forceSecure: options.forceSecure, runCommandWithTimeout: options.runCommandWithTimeout, networkInterfaces: options.networkInterfaces ?? os.networkInterfaces }); if (!urlResult.url) return { ok: false, error: urlResult.error ?? "Gateway URL unavailable." }; if (!auth.label) return { ok: false, error: "Gateway auth is not configured (no token or password)." }; return { ok: true, payload: { url: urlResult.url, token: auth.token, password: auth.password }, authLabel: auth.label, urlSource: urlResult.source ?? "unknown" }; } //#endregion //#region src/cli/qr-cli.ts var qr_cli_exports = /* @__PURE__ */ __exportAll({ registerQrCli: () => registerQrCli }); function renderQrAscii(data) { return new Promise((resolve) => { qrcode.generate(data, { small: true }, (output) => { resolve(output); }); }); } function readDevicePairPublicUrlFromConfig(cfg) { const value = cfg.plugins?.entries?.["device-pair"]?.config?.["publicUrl"]; if (typeof value !== "string") return; const trimmed = value.trim(); return trimmed.length > 0 ? trimmed : void 0; } function registerQrCli(program) { program.command("qr").description("Generate an iOS pairing QR code and setup code").option("--remote", "Use gateway.remote.url and gateway.remote token/password (ignores device-pair publicUrl)", false).option("--url <url>", "Override gateway URL used in the setup payload").option("--public-url <url>", "Override gateway public URL used in the setup payload").option("--token <token>", "Override gateway token for setup payload").option("--password <password>", "Override gateway password for setup payload").option("--setup-code-only", "Print only the setup code", false).option("--no-ascii", "Skip ASCII QR rendering").option("--json", "Output JSON", false).action(async (opts) => { try { if (opts.token && opts.password) throw new Error("Use either --token or --password, not both."); const loaded = loadConfig(); const cfg = { ...loaded, gateway: { ...loaded.gateway, auth: { ...loaded.gateway?.auth } } }; const token = typeof opts.token === "string" ? opts.token.trim() : ""; const password = typeof opts.password === "string" ? opts.password.trim() : ""; const wantsRemote = opts.remote === true; if (token) { cfg.gateway.auth.mode = "token"; cfg.gateway.auth.token = token; } if (password) { cfg.gateway.auth.mode = "password"; cfg.gateway.auth.password = password; } if (wantsRemote && !token && !password) { const remoteToken = typeof cfg.gateway?.remote?.token === "string" ? cfg.gateway.remote.token.trim() : ""; const remotePassword = typeof cfg.gateway?.remote?.password === "string" ? cfg.gateway.remote.password.trim() : ""; if (remoteToken) { cfg.gateway.auth.mode = "token"; cfg.gateway.auth.token = remoteToken; cfg.gateway.auth.password = void 0; } else if (remotePassword) { cfg.gateway.auth.mode = "password"; cfg.gateway.auth.password = remotePassword; cfg.gateway.auth.token = void 0; } } if (wantsRemote && !opts.url && !opts.publicUrl) { const tailscaleMode = cfg.gateway?.tailscale?.mode ?? "off"; const remoteUrl = cfg.gateway?.remote?.url; if (!(typeof remoteUrl === "string" && remoteUrl.trim().length > 0) && !(tailscaleMode === "serve" || tailscaleMode === "funnel")) throw new Error("qr --remote requires gateway.remote.url (or gateway.tailscale.mode=serve/funnel)."); } const resolved = await resolvePairingSetupFromConfig(cfg, { publicUrl: (typeof opts.url === "string" && opts.url.trim() ? opts.url.trim() : typeof opts.publicUrl === "string" && opts.publicUrl.trim() ? opts.publicUrl.trim() : void 0) ?? (wantsRemote ? void 0 : readDevicePairPublicUrlFromConfig(cfg)), preferRemoteUrl: wantsRemote, runCommandWithTimeout: async (argv, runOpts) => await runCommandWithTimeout(argv, { timeoutMs: runOpts.timeoutMs }) }); if (!resolved.ok) throw new Error(resolved.error); const setupCode = encodePairingSetupCode(resolved.payload); if (opts.setupCodeOnly) { defaultRuntime.log(setupCode); return; } if (opts.json) { defaultRuntime.log(JSON.stringify({ setupCode, gatewayUrl: resolved.payload.url, auth: resolved.authLabel, urlSource: resolved.urlSource }, null, 2)); return; } const lines = [ theme.heading("Pairing QR"), "Scan this with the OpenClaw iOS app (Onboarding -> Scan QR).", "" ]; if (opts.ascii !== false) { const qrAscii = await renderQrAscii(setupCode); lines.push(qrAscii.trimEnd(), ""); } lines.push(`${theme.muted("Setup code:")} ${setupCode}`, `${theme.muted("Gateway:")} ${resolved.payload.url}`, `${theme.muted("Auth:")} ${resolved.authLabel}`, `${theme.muted("Source:")} ${resolved.urlSource}`, "", "Approve after scan with:", ` ${theme.command("openclaw devices list")}`, ` ${theme.command("openclaw devices approve <requestId>")}`); defaultRuntime.log(lines.join("\n")); } catch (err) { defaultRuntime.error(String(err)); defaultRuntime.exit(1); } }); } //#endregion export { registerQrCli as n, qr_cli_exports as t };