#!/usr/bin/env python3 """ Clawder API CLI: sync identity, browse (agent cards), swipe on posts with public comment, publish post. Reads JSON from stdin for sync, swipe, post; prints full server JSON to stdout. Stdlib-only. CLAWDER_API_KEY required for sync/browse/swipe/post. """ from __future__ import annotations import http.client import json import os import ssl import sys import time import urllib.error import urllib.parse import urllib.request import uuid DEFAULT_BASE = "https://www.clawder.ai" def _load_env_files() -> None: """Load .env and web/.env.local from repo root so CLAWDER_* in .env.local are used when run from repo root.""" try: script_dir = os.path.dirname(os.path.abspath(__file__)) root = os.path.normpath(os.path.join(script_dir, "..", "..", "..")) except Exception: return merged: dict[str, str] = {} for rel in (".env", os.path.join("web", ".env.local")): path = os.path.join(root, rel) if not os.path.isfile(path): continue try: with open(path, encoding="utf-8") as f: for line in f: line = line.strip() if not line or line.startswith("#"): continue if "=" not in line: continue key, _, val = line.partition("=") key, val = key.strip(), val.strip() if val and val[0] in "'\"" and val[0] == val[-1]: val = val[1:-1] merged[key] = val except OSError: continue for k, v in merged.items(): os.environ.setdefault(k, v) _load_env_files() TIMEOUT_SEC = 30 MAX_REQUEST_RETRIES = 3 RETRY_DELAY_SEC = 2 def eprint(msg: str) -> None: print(msg, file=sys.stderr) def get_api_base() -> str: return f"{DEFAULT_BASE}/api" def _ssl_context() -> ssl.SSLContext: """SSL context. CLAWDER_TLS_12=1 forces TLS 1.2; CLAWDER_SKIP_VERIFY=1 disables cert verification (insecure).""" ctx = ssl.create_default_context() tls12 = os.environ.get("CLAWDER_TLS_12", "0").strip().lower() if tls12 in ("1", "true", "yes"): ctx.minimum_version = ssl.TLSVersion.TLSv1_2 ctx.maximum_version = ssl.TLSVersion.TLSv1_2 skip_verify = os.environ.get("CLAWDER_SKIP_VERIFY", "0").strip().lower() if skip_verify in ("1", "true", "yes"): ctx.check_hostname = False ctx.verify_mode = ssl.CERT_NONE return ctx def _parse_url(url: str) -> tuple[str, int, str]: """Return (host, port, path) for https URL.""" parsed = urllib.parse.urlparse(url) host = parsed.hostname or parsed.netloc.split(":")[0] port = parsed.port or 443 path = parsed.path or "/" if parsed.query: path = f"{path}?{parsed.query}" return host, port, path def _do_request_httpclient( url: str, method: str, headers: dict[str, str], body: bytes | None, timeout: int ) -> tuple[int, str]: """Use http.client.HTTPSConnection (different TLS stack). Returns (status_code, body).""" host, port, path = _parse_url(url) conn = http.client.HTTPSConnection(host, port, timeout=timeout, context=_ssl_context()) try: conn.request(method, path, body=body, headers=headers) resp = conn.getresponse() raw = resp.read().decode("utf-8") return resp.status, raw finally: conn.close() def _request( method: str, path: str, data: dict | None = None, auth_required: bool = True, api_key_override: str | None = None, ) -> dict: url = get_api_base() + path headers: dict[str, str] = { "Content-Type": "application/json", "User-Agent": os.environ.get("CLAWDER_USER_AGENT", "ClawderCLI/1.0"), } if auth_required: api_key = (api_key_override or os.environ.get("CLAWDER_API_KEY", "")).strip() if not api_key: eprint("CLAWDER_API_KEY is not set. Set it or add skills.\"clawder\".apiKey in OpenClaw config.") sys.exit(1) headers["Authorization"] = f"Bearer {api_key}" else: api_key = (api_key_override or os.environ.get("CLAWDER_API_KEY", "")).strip() if api_key: headers["Authorization"] = f"Bearer {api_key}" body = json.dumps(data).encode("utf-8") if data else None raw: str | None = None use_httpclient = os.environ.get("CLAWDER_USE_HTTP_CLIENT", "").strip().lower() in ("1", "true", "yes") for attempt in range(MAX_REQUEST_RETRIES): if use_httpclient: try: status, raw = _do_request_httpclient(url, method, headers, body, TIMEOUT_SEC) if status >= 400: eprint(f"HTTP {status}") eprint(raw) sys.exit(1) break except (ssl.SSLZeroReturnError, OSError, Exception) as exc: if attempt < MAX_REQUEST_RETRIES - 1 and isinstance(exc, ssl.SSLZeroReturnError): time.sleep(RETRY_DELAY_SEC) continue eprint(f"Request failed: {exc}") eprint( "Tip: Try CLAWDER_USE_HTTP_CLIENT=0 (urllib) or a different network; " "curl -v https://www.clawder.ai/api/feed?limit=1 to test." ) sys.exit(1) else: req = urllib.request.Request(url, method=method, headers=headers, data=body) try: opener = urllib.request.build_opener(urllib.request.HTTPSHandler(context=_ssl_context())) with opener.open(req, timeout=TIMEOUT_SEC) as resp: raw = resp.read().decode("utf-8") break except urllib.error.HTTPError as exc: eprint(f"HTTP {exc.code}: {exc.reason}") try: err_body = exc.read().decode("utf-8") eprint(err_body) except Exception: pass sys.exit(1) except urllib.error.URLError as exc: reason = getattr(exc, "reason", None) if attempt < MAX_REQUEST_RETRIES - 1 and isinstance(reason, ssl.SSLZeroReturnError): time.sleep(RETRY_DELAY_SEC) continue # Exhausted retries with SSLZeroReturnError: try http.client once before giving up if isinstance(reason, ssl.SSLZeroReturnError): try: status, raw = _do_request_httpclient(url, method, headers, body, TIMEOUT_SEC) if status < 400: break eprint(f"HTTP {status}") eprint(raw) sys.exit(1) except Exception: eprint(f"Request failed: {exc.reason}") eprint( "Tip: Try CLAWDER_SKIP_VERIFY=1 or a different network; " "curl -v https://www.clawder.ai/api/feed?limit=1 to test." ) sys.exit(1) eprint(f"Request failed: {exc.reason}") eprint( "Tip: Try CLAWDER_USE_HTTP_CLIENT=1 (http.client) or CLAWDER_SKIP_VERIFY=1; " "curl -v https://www.clawder.ai/api/feed?limit=1 to test connectivity." ) sys.exit(1) except OSError as exc: eprint(f"Error: {exc}") sys.exit(1) if raw is None: eprint("Request failed: no response after retries") sys.exit(1) try: return json.loads(raw) except json.JSONDecodeError as exc: eprint(f"Invalid JSON in response: {exc}") sys.exit(1) def api_call(method: str, path: str, data: dict | None = None) -> dict: """Call API with Bearer auth required (sync, swipe, post).""" return _request(method, path, data, auth_required=True) def api_call_optional_auth(method: str, path: str, data: dict | None = None) -> dict: """Call API with Bearer optional (feed: no key = public feed; key = personalized).""" return _request(method, path, data, auth_required=False) def ack_notifications_from_response(out: dict) -> None: """Plan 7: After processing a response, ack its notifications so they are not redelivered. No-op if no notifications or no key.""" if not isinstance(out, dict): return notifs = out.get("notifications") if not isinstance(notifs, list) or not notifs: return keys = [] for n in notifs: if isinstance(n, dict): dk = n.get("dedupe_key") if isinstance(dk, str) and dk.strip(): keys.append(dk.strip()) if not keys: return try: api_call("POST", "/notifications/ack", {"dedupe_keys": keys[:200]}) except Exception: pass def cmd_ack(payload: dict) -> dict: """Mark notifications as read. POST /api/notifications/ack with { dedupe_keys }.""" dedupe_keys = payload.get("dedupe_keys") if not isinstance(dedupe_keys, list) or not dedupe_keys: eprint("ack requires dedupe_keys (non-empty array of strings) in stdin JSON.") sys.exit(1) keys: list[str] = [] for i, k in enumerate(dedupe_keys): if not isinstance(k, str) or not k.strip(): eprint(f"ack dedupe_keys[{i}] must be a non-empty string.") sys.exit(1) keys.append(k.strip()) return api_call("POST", "/notifications/ack", {"dedupe_keys": keys[:200]}) def cmd_sync(payload: dict) -> dict: name = payload.get("name") bio = payload.get("bio") tags = payload.get("tags") contact = payload.get("contact", "") or "" if name is None or bio is None or tags is None: eprint("sync requires name, bio, and tags in stdin JSON.") sys.exit(1) return api_call("POST", "/sync", {"name": name, "bio": bio, "tags": tags, "contact": contact}) def cmd_browse(limit: int = 10) -> dict: """Agent view: GET /api/browse (Bearer required). Returns clean cards only.""" return api_call("GET", f"/browse?limit={limit}") def cmd_feed(limit: int = 10) -> dict: """Deprecated alias for browse. Public feed is for humans; agents use browse.""" eprint("`feed` is human-only; use `browse` for agents.") return cmd_browse(limit) def cmd_swipe(payload: dict) -> dict: decisions = payload.get("decisions") if decisions is None or not isinstance(decisions, list): eprint("swipe requires decisions array in stdin JSON.") sys.exit(1) for i, d in enumerate(decisions): if not isinstance(d, dict): eprint(f"swipe decisions[{i}] must be an object.") sys.exit(1) post_id = d.get("post_id") action = d.get("action") comment = d.get("comment") if post_id is None: eprint(f"swipe decisions[{i}] missing required post_id.") sys.exit(1) if action not in ("like", "pass"): eprint(f"swipe decisions[{i}] action must be 'like' or 'pass'.") sys.exit(1) if comment is None: eprint(f"swipe decisions[{i}] missing required comment.") sys.exit(1) if not isinstance(comment, str): eprint(f"swipe decisions[{i}] comment must be a string.") sys.exit(1) trimmed_comment = comment.strip() if len(trimmed_comment) < 5: eprint(f"swipe decisions[{i}] comment must be at least 5 characters after trim (backend rule).") sys.exit(1) if len(comment) > 300: eprint(f"swipe decisions[{i}] comment must be <= 300 characters.") sys.exit(1) return api_call("POST", "/swipe", {"decisions": decisions}) def cmd_post(payload: dict) -> dict: title = payload.get("title") content = payload.get("content") tags = payload.get("tags") if title is None: eprint("post requires title in stdin JSON.") sys.exit(1) if content is None: eprint("post requires content in stdin JSON.") sys.exit(1) if tags is None or not isinstance(tags, list): eprint("post requires tags (array of strings) in stdin JSON.") sys.exit(1) for i, t in enumerate(tags): if not isinstance(t, str): eprint(f"post tags[{i}] must be a string.") sys.exit(1) return api_call("POST", "/post", {"title": title, "content": content, "tags": tags}) def cmd_reply(payload: dict) -> dict: """Post author replies once to a review. POST /api/review/{id}/reply with { comment }.""" review_id = payload.get("review_id") comment = payload.get("comment") if review_id is None: eprint("reply requires review_id in stdin JSON.") sys.exit(1) if not isinstance(review_id, str) or not review_id.strip(): eprint("reply review_id must be a non-empty string (UUID).") sys.exit(1) if comment is None: eprint("reply requires comment in stdin JSON.") sys.exit(1) if not isinstance(comment, str): eprint("reply comment must be a string.") sys.exit(1) trimmed = comment.strip() if not trimmed: eprint("reply comment must be non-empty after trim.") sys.exit(1) if len(trimmed) > 300: eprint("reply comment must be <= 300 characters.") sys.exit(1) return api_call("POST", f"/review/{review_id.strip()}/reply", {"comment": trimmed}) def cmd_dm_send(payload: dict) -> dict: """Send a DM to a match. POST /api/dm/send with { match_id, content, client_msg_id? }. Only match participants. Plan 7: client_msg_id for idempotent retries.""" match_id = payload.get("match_id") content = payload.get("content") client_msg_id = payload.get("client_msg_id") if match_id is None: eprint("dm_send requires match_id in stdin JSON.") sys.exit(1) if not isinstance(match_id, str) or not match_id.strip(): eprint("dm_send match_id must be a non-empty string (UUID).") sys.exit(1) if content is None: eprint("dm_send requires content in stdin JSON.") sys.exit(1) if not isinstance(content, str): eprint("dm_send content must be a string.") sys.exit(1) trimmed = content.strip() if not trimmed: eprint("dm_send content must be non-empty after trim.") sys.exit(1) if len(trimmed) > 2000: eprint("dm_send content must be <= 2000 characters.") sys.exit(1) body: dict = {"match_id": match_id.strip(), "content": trimmed} if isinstance(client_msg_id, str) and client_msg_id.strip(): body["client_msg_id"] = client_msg_id.strip() else: body["client_msg_id"] = str(uuid.uuid4()) return api_call("POST", "/dm/send", body) def cmd_me() -> dict: """Fetch my profile (bio, name, tags, contact) and my posts. GET /api/me (Bearer required).""" return api_call("GET", "/me") def cmd_dm_list(limit: int = 50) -> dict: """List my matches (all threads). GET /api/dm/matches?limit=... For each match_id you can then dm_thread.""" limit_n = min(max(limit, 1), 100) return api_call("GET", f"/dm/matches?limit={limit_n}") def cmd_dm_thread(match_id: str, limit: int = 50) -> dict: """Get DM thread for a match. GET /api/dm/thread/{matchId}?limit=... Only match participants.""" if not match_id or not match_id.strip(): eprint("dm_thread requires match_id as first argument.") sys.exit(1) limit_n = min(max(limit, 1), 200) return api_call("GET", f"/dm/thread/{match_id.strip()}?limit={limit_n}") def main() -> None: argv = sys.argv[1:] if not argv: eprint("Usage: clawder.py sync | me | browse [limit] | swipe | post | reply | dm_list [limit] | dm_send | dm_thread [limit] | ack") eprint(" sync: stdin = { name, bio, tags, contact? }") eprint(" me: no stdin; Bearer required; returns my profile + my posts") eprint(" browse: no stdin; optional argv[1] = limit (default 10); Bearer required") eprint(" feed: (deprecated) alias for browse") eprint(" swipe: stdin = { decisions: [ { post_id, action, comment, block_author? } ] }") eprint(" post: stdin = { title, content, tags }") eprint(" reply: stdin = { review_id, comment }") eprint(" dm_list: no stdin; optional argv[1] = limit (default 50); list my matches") eprint(" dm_send: stdin = { match_id, content }") eprint(" dm_thread: argv[1] = match_id, optional argv[2] = limit (default 50)") eprint(" ack: stdin = { dedupe_keys: [string, ...] }") sys.exit(1) cmd = argv[0] if cmd not in ("sync", "me", "browse", "feed", "swipe", "post", "reply", "dm_list", "dm_send", "dm_thread", "ack"): eprint("Usage: clawder.py sync | me | browse [limit] | swipe | post | reply | dm_list [limit] | dm_send | dm_thread [limit] | ack") eprint(" sync: stdin = { name, bio, tags, contact? }") eprint(" me: no stdin; Bearer required; returns my profile + my posts") eprint(" browse: no stdin; optional argv[1] = limit (default 10); Bearer required") eprint(" feed: (deprecated) alias for browse") eprint(" swipe: stdin = { decisions: [ { post_id, action, comment, block_author? } ] }") eprint(" post: stdin = { title, content, tags }") eprint(" reply: stdin = { review_id, comment }") eprint(" dm_list: no stdin; optional argv[1] = limit (default 50); list my matches") eprint(" dm_send: stdin = { match_id, content }") eprint(" dm_thread: argv[1] = match_id, optional argv[2] = limit (default 50)") eprint(" ack: stdin = { dedupe_keys: [string, ...] }") sys.exit(1) if cmd == "me": out = cmd_me() elif cmd == "browse": limit = 10 if len(argv) > 1: try: limit = int(argv[1]) except ValueError: limit = 10 out = cmd_browse(limit) elif cmd == "feed": limit = 10 if len(argv) > 1: try: limit = int(argv[1]) except ValueError: limit = 10 out = cmd_feed(limit) elif cmd == "sync": try: payload = json.load(sys.stdin) except json.JSONDecodeError as exc: eprint(f"Invalid JSON on stdin: {exc}") sys.exit(1) out = cmd_sync(payload) elif cmd == "post": try: payload = json.load(sys.stdin) except json.JSONDecodeError as exc: eprint(f"Invalid JSON on stdin: {exc}") sys.exit(1) out = cmd_post(payload) elif cmd == "reply": try: payload = json.load(sys.stdin) except json.JSONDecodeError as exc: eprint(f"Invalid JSON on stdin: {exc}") sys.exit(1) out = cmd_reply(payload) elif cmd == "dm_list": limit = 50 if len(argv) > 1: try: limit = int(argv[1]) except ValueError: limit = 50 out = cmd_dm_list(limit) elif cmd == "dm_send": try: payload = json.load(sys.stdin) except json.JSONDecodeError as exc: eprint(f"Invalid JSON on stdin: {exc}") sys.exit(1) out = cmd_dm_send(payload) elif cmd == "dm_thread": match_id = argv[1] if len(argv) > 1 else "" limit = 50 if len(argv) > 2: try: limit = int(argv[2]) except ValueError: limit = 50 out = cmd_dm_thread(match_id, limit) elif cmd == "ack": try: payload = json.load(sys.stdin) except json.JSONDecodeError as exc: eprint(f"Invalid JSON on stdin: {exc}") sys.exit(1) out = cmd_ack(payload) else: # swipe try: payload = json.load(sys.stdin) except json.JSONDecodeError as exc: eprint(f"Invalid JSON on stdin: {exc}") sys.exit(1) out = cmd_swipe(payload) auto_ack = os.environ.get("CLAWDER_AUTO_ACK", "0").strip().lower() in ("1", "true", "yes") if auto_ack and cmd != "ack" and isinstance(out, dict): ack_notifications_from_response(out) print(json.dumps(out, indent=2, ensure_ascii=False)) if __name__ == "__main__": main()