4b6817381b
CI (OpenClaw E2E) / openclaw test (push) Has been cancelled
CI / coverage-report (push) Has been cancelled
CI / test-kubernetes (push) Has been cancelled
CI / should-run-thorough (push) Has been cancelled
CI / test-thorough (cloudwatch-demo) (push) Has been cancelled
CI / test-thorough (flink-ecs) (push) Has been cancelled
CI / test-thorough (upstream-lambda) (push) Has been cancelled
CI / test-thorough (prefect-ecs-fargate) (push) Has been cancelled
Release / build-binaries (zip, opensre.exe, onefile, windows-latest, windows-x64) (push) Has been cancelled
Benchmark image — build + push to ECR (any adapter) / build + push (push) Has been cancelled
CI / quality (ubuntu-latest) (push) Has been cancelled
CI / test (tools-runtime) (push) Has been cancelled
CI / test (e2e-general) (push) Has been cancelled
CI / test (cli-runtime) (push) Has been cancelled
CI / test (e2e-provider-and-openclaw) (push) Has been cancelled
CI / test (integrations-and-misc) (push) Has been cancelled
Release / verify (push) Has been cancelled
Release / build-python-dist (push) Has been cancelled
Release / build-binaries (tar.gz, opensre, onedir, macos-15-intel, darwin-x64) (push) Has been cancelled
Release / build-binaries (tar.gz, opensre, onedir, macos-latest, darwin-arm64) (push) Has been cancelled
Release / build-binaries (tar.gz, opensre, onedir, ubuntu-22.04, linux-x64) (push) Has been cancelled
Release / publish-release (push) Has been cancelled
Release / publish-main-release (push) Has been cancelled
Interactive Shell Live (PR + post-merge) / turn-checks (no-LLM) (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
Interactive Shell Live (PR + post-merge) / turn-live shard ${{ matrix.shard_index }} (push) Has been cancelled
Release / prepare (push) Has been cancelled
Release / build-binaries (tar.gz, opensre, onedir, ubuntu-22.04-arm, linux-arm64) (push) Has been cancelled
Synthetic Deterministic Tests / Synthetic offline (deterministic) (push) Has been cancelled
158 lines
5.2 KiB
Python
158 lines
5.2 KiB
Python
"""Inbound authorization helpers for the messaging gateway."""
|
|
|
|
from __future__ import annotations
|
|
|
|
import hashlib
|
|
from dataclasses import dataclass
|
|
|
|
from integrations.messaging_security import (
|
|
AuthorizationResult,
|
|
MessagingIdentityPolicy,
|
|
MessagingPlatform,
|
|
audit_log_inbound_message,
|
|
authorize_inbound_message,
|
|
complete_pairing,
|
|
)
|
|
from integrations.store import get_integration, upsert_instance
|
|
|
|
|
|
@dataclass(frozen=True)
|
|
class InboundDecision:
|
|
"""Authorization outcome for one inbound Telegram message."""
|
|
|
|
allowed: bool
|
|
reply_text: str = ""
|
|
persist_policy: bool = False
|
|
updated_policy: MessagingIdentityPolicy | None = None
|
|
|
|
|
|
def _load_policy() -> tuple[dict | None, MessagingIdentityPolicy]:
|
|
record = get_integration(MessagingPlatform.TELEGRAM.value)
|
|
if record is None:
|
|
return None, MessagingIdentityPolicy(inbound_enabled=True)
|
|
credentials = record.get("credentials", {})
|
|
raw_policy = credentials.get("identity_policy")
|
|
if raw_policy and isinstance(raw_policy, dict):
|
|
return record, MessagingIdentityPolicy.model_validate(raw_policy)
|
|
return record, MessagingIdentityPolicy(inbound_enabled=True)
|
|
|
|
|
|
def _save_policy(record: dict | None, policy: MessagingIdentityPolicy) -> None:
|
|
instances = record.get("instances", []) if record else []
|
|
first_instance = instances[0] if instances else {}
|
|
instance_name = (
|
|
first_instance.get("name", "default") if isinstance(first_instance, dict) else "default"
|
|
)
|
|
credentials = dict(record.get("credentials", {})) if record else {}
|
|
credentials["identity_policy"] = policy.model_dump(mode="json")
|
|
upsert_instance(
|
|
MessagingPlatform.TELEGRAM.value,
|
|
{
|
|
"name": instance_name,
|
|
"tags": first_instance.get("tags", {}) if isinstance(first_instance, dict) else {},
|
|
"credentials": credentials,
|
|
},
|
|
record_id=record.get("id") if record else None,
|
|
)
|
|
|
|
|
|
def _message_hash(text: str) -> str:
|
|
return hashlib.sha256(text.encode()).hexdigest()[:16]
|
|
|
|
|
|
def enforce_inbound_telegram_message_security(
|
|
*,
|
|
user_id: str,
|
|
chat_id: str,
|
|
text: str,
|
|
env_allowed_user_ids: list[str],
|
|
) -> InboundDecision:
|
|
"""Authorize inbound Telegram DM text and handle /pair attempts."""
|
|
record, policy = _load_policy()
|
|
if env_allowed_user_ids and not policy.allowed_user_ids:
|
|
policy.allowed_user_ids = list(env_allowed_user_ids)
|
|
policy.inbound_enabled = True
|
|
|
|
if text.strip().lower().startswith("/pair "):
|
|
code = text.strip().split(maxsplit=1)[1] if " " in text.strip() else ""
|
|
ok, msg = complete_pairing(policy=policy, user_id=user_id, code=code)
|
|
audit_log_inbound_message(
|
|
platform=MessagingPlatform.TELEGRAM.value,
|
|
user_id=user_id,
|
|
chat_id=chat_id,
|
|
message_hash=_message_hash(text),
|
|
authorized=ok,
|
|
reason=msg,
|
|
)
|
|
return InboundDecision(
|
|
allowed=False,
|
|
reply_text=msg,
|
|
persist_policy=True,
|
|
updated_policy=policy,
|
|
)
|
|
|
|
if text.strip().lower() in {"/start", "/help"}:
|
|
audit_log_inbound_message(
|
|
platform=MessagingPlatform.TELEGRAM.value,
|
|
user_id=user_id,
|
|
chat_id=chat_id,
|
|
message_hash=_message_hash(text),
|
|
authorized=True,
|
|
reason="builtin command",
|
|
)
|
|
return InboundDecision(
|
|
allowed=False,
|
|
reply_text=(
|
|
"OpenSRE Telegram gateway (DM text only).\n"
|
|
"Send a message to chat with the agent.\n"
|
|
"Commands: /new (new session), /help"
|
|
),
|
|
)
|
|
|
|
result: AuthorizationResult = authorize_inbound_message(
|
|
policy=policy,
|
|
user_id=user_id,
|
|
chat_id=chat_id,
|
|
message_text=text,
|
|
)
|
|
|
|
if text.strip().lower() == "/new":
|
|
if not result:
|
|
audit_log_inbound_message(
|
|
platform=MessagingPlatform.TELEGRAM.value,
|
|
user_id=user_id,
|
|
chat_id=chat_id,
|
|
message_hash=_message_hash(text),
|
|
authorized=False,
|
|
reason=result.reason,
|
|
)
|
|
return InboundDecision(allowed=False, reply_text=result.reason)
|
|
audit_log_inbound_message(
|
|
platform=MessagingPlatform.TELEGRAM.value,
|
|
user_id=user_id,
|
|
chat_id=chat_id,
|
|
message_hash=_message_hash(text),
|
|
authorized=True,
|
|
reason="session rotate",
|
|
)
|
|
return InboundDecision(allowed=True, reply_text="__ROTATE_SESSION__")
|
|
|
|
audit_log_inbound_message(
|
|
platform=MessagingPlatform.TELEGRAM.value,
|
|
user_id=user_id,
|
|
chat_id=chat_id,
|
|
message_hash=_message_hash(text),
|
|
authorized=bool(result),
|
|
reason=result.reason,
|
|
)
|
|
if result:
|
|
return InboundDecision(allowed=True)
|
|
return InboundDecision(allowed=False, reply_text=result.reason)
|
|
|
|
|
|
def persist_policy_if_needed(decision: InboundDecision) -> None:
|
|
if not decision.persist_policy or decision.updated_policy is None:
|
|
return
|
|
record, _ = _load_policy()
|
|
_save_policy(record, decision.updated_policy)
|