/* |-------------------------------------------------------------------------- | Agência PSI — Edge Function: evolution-whatsapp-inbound |-------------------------------------------------------------------------- | Recebe webhooks da Evolution API (self-hosted WhatsApp Baileys-based) para | mensagens recebidas pelos tenants. | | Midia (audio/imagem/video/doc): | A Evolution envia a URL criptografada da Meta (mmg.whatsapp.net/...) | que NAO e diretamente tocavel. Chamamos o endpoint | POST /chat/getBase64FromMediaMessage/{instance} pra Evolution decriptar, | decodamos o base64 e subimos pro bucket privado `whatsapp-media` do | Supabase Storage. Salvamos apenas o PATH em media_url; o frontend gera | signed URL on-demand. | | URL do webhook: | https://.supabase.co/functions/v1/evolution-whatsapp-inbound?tenant_id= |-------------------------------------------------------------------------- */ import { createClient, SupabaseClient } from 'https://esm.sh/@supabase/supabase-js@2' import { buildThreadKey, detectOptoutKeyword, maybeOptIn, maybeSendAutoReply, registerOptout, type SendFn } from '../_shared/whatsapp-hooks.ts' const corsHeaders = { 'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Headers': 'authorization, x-client-info, apikey, content-type', 'Access-Control-Allow-Methods': 'POST, GET, OPTIONS', } const BUCKET = 'whatsapp-media' // Edge function roda em container — localhost aponta pra ele mesmo, nao pro host. function rewriteForContainer(apiUrl: string): string { try { const u = new URL(apiUrl) if (u.hostname === 'localhost' || u.hostname === '127.0.0.1') { u.hostname = 'host.docker.internal' return u.toString().replace(/\/+$/, '') } return apiUrl.replace(/\/+$/, '') } catch { return apiUrl } } function jidToPhone(jid: string | undefined | null): string | null { if (!jid) return null const m = String(jid).match(/^(\d+)@/) return m ? m[1] : null } // Mapeia mime → extensao pra nome do arquivo function extFromMime(mime: string | null | undefined): string { if (!mime) return 'bin' const m = mime.toLowerCase().split(';')[0].trim() const map: Record = { 'audio/ogg': 'ogg', 'audio/mpeg': 'mp3', 'audio/mp4': 'm4a', 'audio/aac': 'aac', 'audio/wav': 'wav', 'audio/webm': 'webm', 'image/jpeg': 'jpg', 'image/png': 'png', 'image/webp': 'webp', 'image/gif': 'gif', 'video/mp4': 'mp4', 'video/3gpp': '3gp', 'video/quicktime': 'mov', 'video/webm': 'webm', 'application/pdf': 'pdf', 'application/msword': 'doc', 'application/vnd.openxmlformats-officedocument.wordprocessingml.document': 'docx', 'application/vnd.ms-excel': 'xls', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet': 'xlsx', 'text/plain': 'txt', 'application/zip': 'zip' } return map[m] ?? 'bin' } // Extrai body + indicador de tipo de midia do payload type MessageParts = { body: string | null mediaUrl: string | null mediaMime: string | null hasEncryptedMedia: boolean // true se precisa chamar getBase64 pra decriptar } function extractMessageBody(message: Record | null | undefined): MessageParts { if (!message) return { body: null, mediaUrl: null, mediaMime: null, hasEncryptedMedia: false } if (typeof (message as { conversation?: unknown }).conversation === 'string') { return { body: (message as { conversation: string }).conversation, mediaUrl: null, mediaMime: null, hasEncryptedMedia: false } } const ext = (message as { extendedTextMessage?: { text?: string } }).extendedTextMessage if (ext?.text) { return { body: ext.text, mediaUrl: null, mediaMime: null, hasEncryptedMedia: false } } const img = (message as { imageMessage?: { caption?: string; url?: string; mimetype?: string } }).imageMessage if (img) { return { body: img.caption ?? '[imagem]', mediaUrl: img.url ?? null, mediaMime: img.mimetype ?? 'image/jpeg', hasEncryptedMedia: true } } const aud = (message as { audioMessage?: { url?: string; mimetype?: string } }).audioMessage if (aud) { return { body: '[áudio]', mediaUrl: aud.url ?? null, mediaMime: aud.mimetype ?? 'audio/ogg', hasEncryptedMedia: true } } const vid = (message as { videoMessage?: { caption?: string; url?: string; mimetype?: string } }).videoMessage if (vid) { return { body: vid.caption ?? '[vídeo]', mediaUrl: vid.url ?? null, mediaMime: vid.mimetype ?? 'video/mp4', hasEncryptedMedia: true } } const doc = (message as { documentMessage?: { title?: string; fileName?: string; url?: string; mimetype?: string } }).documentMessage if (doc) { return { body: `[doc] ${doc.title ?? doc.fileName ?? ''}`.trim(), mediaUrl: doc.url ?? null, mediaMime: doc.mimetype ?? 'application/octet-stream', hasEncryptedMedia: true } } return { body: '[mensagem não textual]', mediaUrl: null, mediaMime: null, hasEncryptedMedia: false } } // Decodifica base64 (com ou sem prefixo data: URI) para Uint8Array function base64ToBytes(b64: string): Uint8Array { const clean = b64.replace(/^data:[^;]+;base64,/, '') const bin = atob(clean) const out = new Uint8Array(bin.length) for (let i = 0; i < bin.length; i++) out[i] = bin.charCodeAt(i) return out } type EvolutionCreds = { apiUrl: string; apiKey: string; instance: string } // Busca credenciais Evolution do tenant em notification_channels async function getTenantEvolutionCreds(supa: SupabaseClient, tenantId: string): Promise { const { data: channel, error } = await supa .from('notification_channels') .select('credentials') .eq('tenant_id', tenantId) .eq('channel', 'whatsapp') .is('deleted_at', null) .maybeSingle() if (error || !channel) return null const c = (channel.credentials ?? {}) as Record if (!c.api_url || !c.api_key || !c.instance_name) return null return { apiUrl: c.api_url, apiKey: c.api_key, instance: c.instance_name } } // Chama Evolution pra decriptar a midia; retorna base64 string async function fetchMediaBase64FromEvolution(creds: EvolutionCreds, messageNode: Record): Promise { const endpoint = `${rewriteForContainer(creds.apiUrl)}/chat/getBase64FromMediaMessage/${encodeURIComponent(creds.instance)}` try { const resp = await fetch(endpoint, { method: 'POST', headers: { 'Content-Type': 'application/json', apikey: creds.apiKey }, // Evolution v2 aceita o proprio data.message (node com key + message) ou so a key body: JSON.stringify({ message: messageNode, convertToMp4: false }) }) const text = await resp.text() if (!resp.ok) { console.error('[evolution-whatsapp-inbound] getBase64 HTTP error', resp.status, text.slice(0, 300)) return null } let j: Record | null = null try { j = JSON.parse(text) } catch { /* fica null */ } if (!j) return null // Resposta pode vir como { base64: "..." } ou { data: { base64: "..." } } const b64 = (j as { base64?: string }).base64 ?? (j as { data?: { base64?: string } }).data?.base64 ?? null return typeof b64 === 'string' && b64.length > 0 ? b64 : null } catch (err) { console.error('[evolution-whatsapp-inbound] getBase64 fetch error:', err) return null } } // Envia texto via Evolution (usado como SendFn injetado nos hooks compartilhados) async function sendViaEvolution( creds: EvolutionCreds, phone: string, text: string ): Promise<{ ok: boolean; messageId?: string | null; error?: string }> { try { const endpoint = `${rewriteForContainer(creds.apiUrl)}/message/sendText/${encodeURIComponent(creds.instance)}` const resp = await fetch(endpoint, { method: 'POST', headers: { 'Content-Type': 'application/json', apikey: creds.apiKey }, body: JSON.stringify({ number: phone, text }) }) if (!resp.ok) { const t = await resp.text() return { ok: false, error: `HTTP ${resp.status}: ${t.slice(0, 200)}` } } const j = await resp.json().catch(() => null) as Record | null const msgId = (j?.key as { id?: string })?.id ?? null return { ok: true, messageId: msgId } } catch (err) { return { ok: false, error: String(err) } } } // Sobe os bytes decodificados pro bucket, retorna path relativo (sem bucket prefix) async function uploadToBucket( supa: SupabaseClient, tenantId: string, bytes: Uint8Array, mime: string, messageId: string | null ): Promise { const now = new Date() const yyyy = now.getFullYear() const mm = String(now.getMonth() + 1).padStart(2, '0') const safeId = (messageId ?? crypto.randomUUID()).replace(/[^A-Za-z0-9_-]/g, '_').slice(0, 64) const ext = extFromMime(mime) const path = `${tenantId}/${yyyy}/${mm}/${safeId}_${Date.now()}.${ext}` // Strip codec params (ex: "audio/ogg; codecs=opus" → "audio/ogg") // Supabase Storage allowed_mime_types faz match exato contra o contentType const cleanMime = (mime || '').split(';')[0].trim() || 'application/octet-stream' const { error } = await supa.storage.from(BUCKET).upload(path, bytes, { contentType: cleanMime, upsert: false, cacheControl: '3600' }) if (error) { console.error('[evolution-whatsapp-inbound] upload error:', error.message, 'mime:', cleanMime, 'path:', path) return null } return path } Deno.serve(async (req: Request) => { if (req.method === 'OPTIONS') { return new Response('ok', { headers: corsHeaders }) } if (req.method !== 'POST') { return new Response(JSON.stringify({ ok: true }), { status: 200, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }) } try { const url = new URL(req.url) const tenantId = url.searchParams.get('tenant_id') if (!tenantId) { return new Response(JSON.stringify({ ok: false, error: 'tenant_id ausente' }), { status: 200, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }) } const supabase = createClient( Deno.env.get('SUPABASE_URL')!, Deno.env.get('SUPABASE_SERVICE_ROLE_KEY')! ) const payload = await req.json().catch(() => null) if (!payload || typeof payload !== 'object') { return new Response(JSON.stringify({ ok: true, skipped: 'payload invalido' }), { status: 200, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }) } const eventName = (payload as { event?: string }).event // messages.update → atualiza delivery_status da outbound if (eventName === 'messages.update') { const updates = ((payload as { data?: unknown }).data ?? []) as Array> const arr = Array.isArray(updates) ? updates : [updates] for (const u of arr) { const k = (u as { key?: Record }).key ?? {} const msgId = (k as { id?: string }).id const rawStatus = String((u as { status?: string }).status ?? '').toUpperCase() if (!msgId || !rawStatus) continue const delivery = rawStatus === 'READ' ? 'read' : rawStatus === 'DELIVERY_ACK' || rawStatus === 'DELIVERED' ? 'delivered' : rawStatus === 'SERVER_ACK' || rawStatus === 'SENT' ? 'sent' : rawStatus === 'ERROR' || rawStatus === 'FAILED' ? 'failed' : null if (!delivery) continue const patch: Record = { delivery_status: delivery } if (delivery === 'delivered') patch.delivered_at = new Date().toISOString() if (delivery === 'read') { patch.read_by_recipient_at = new Date().toISOString() patch.delivered_at = patch.delivered_at ?? new Date().toISOString() } await supabase .from('conversation_messages') .update(patch) .eq('tenant_id', tenantId) .eq('provider_message_id', msgId) .eq('direction', 'outbound') } return new Response(JSON.stringify({ ok: true, event: eventName, processed: arr.length }), { status: 200, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }) } if (eventName !== 'messages.upsert') { return new Response(JSON.stringify({ ok: true, skipped: eventName }), { status: 200, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }) } const data = (payload as { data?: Record }).data ?? {} const key = (data as { key?: Record }).key ?? {} const fromMe = (key as { fromMe?: boolean }).fromMe === true const messageId = (key as { id?: string }).id ?? null const remoteJid = (key as { remoteJid?: string }).remoteJid if (!remoteJid || remoteJid.endsWith('@g.us')) { return new Response(JSON.stringify({ ok: true, skipped: 'grupo/sem jid' }), { status: 200, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }) } const fromPhone = jidToPhone(remoteJid) const messageObj = (data as { message?: Record }).message const pushName = (data as { pushName?: string }).pushName ?? null const ts = (data as { messageTimestamp?: number | string }).messageTimestamp const parts = extractMessageBody(messageObj) const cleanBody = parts.body ? String(parts.body).replace(/[\x00-\x08\x0B\x0C\x0E-\x1F]/g, '').slice(0, 4000) : null // Decripta + sobe midia pro bucket se necessario let storedMediaUrl: string | null = parts.mediaUrl let mediaError: string | null = null if (parts.hasEncryptedMedia && messageObj && parts.mediaMime) { const creds = await getTenantEvolutionCreds(supabase, tenantId) if (!creds) { mediaError = 'creds_not_found' storedMediaUrl = null } else { // Evolution v2 espera o node completo {key, message} const messageNode = { key, message: messageObj } const b64 = await fetchMediaBase64FromEvolution(creds, messageNode) if (!b64) { mediaError = 'decrypt_failed' storedMediaUrl = null } else { try { const bytes = base64ToBytes(b64) // Sanity check: nao aceita arquivo vazio ou gigante if (bytes.length === 0) { mediaError = 'empty_media' storedMediaUrl = null } else if (bytes.length > 26214400) { mediaError = 'too_large' storedMediaUrl = null } else { const path = await uploadToBucket(supabase, tenantId, bytes, parts.mediaMime, messageId) if (path) { storedMediaUrl = path // salva apenas o PATH (frontend gera signed URL) } else { mediaError = 'upload_failed' storedMediaUrl = null } } } catch (err) { console.error('[evolution-whatsapp-inbound] decode error:', err) mediaError = 'decode_error' storedMediaUrl = null } } } } const { data: matchData } = await supabase.rpc('match_patient_by_phone', { p_tenant_id: tenantId, p_phone: fromPhone }) const patientId = matchData as string | null const receivedAt = ts ? new Date(Number(ts) * (String(ts).length === 10 ? 1000 : 1)).toISOString() : new Date().toISOString() // Dedup outbound echo if (fromMe && messageId) { const { data: existing } = await supabase .from('conversation_messages') .select('id') .eq('tenant_id', tenantId) .eq('provider_message_id', messageId) .eq('direction', 'outbound') .maybeSingle() if (existing?.id) { return new Response(JSON.stringify({ ok: true, echo_dedup: true }), { status: 200, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }) } } const direction = fromMe ? 'outbound' : 'inbound' const kanbanStatus = fromMe ? 'awaiting_patient' : 'awaiting_us' const { error: insErr } = await supabase.from('conversation_messages').insert({ tenant_id: tenantId, patient_id: patientId, channel: 'whatsapp', direction, from_number: fromMe ? null : fromPhone, to_number: fromMe ? fromPhone : null, body: cleanBody, media_url: storedMediaUrl, media_mime: parts.mediaMime, provider: 'evolution', provider_message_id: messageId ?? null, provider_raw: { event: eventName, pushName, remoteJid, fromMe, mediaError }, kanban_status: kanbanStatus, received_at: fromMe ? null : receivedAt, responded_at: fromMe ? receivedAt : null }) if (insErr) { console.error('[evolution-whatsapp-inbound] insert error:', insErr) } // Opt-out / Opt-in detection (apenas pra inbound) let optoutAction: 'out' | 'in' | null = null let autoReplyResult: { sent: boolean; reason?: string } | null = null if (!fromMe && !insErr && fromPhone) { // SendFn injetado: Evolution nao deduz creditos (provider gratis/self-hosted) const creds = await getTenantEvolutionCreds(supabase, tenantId) const sendFn: SendFn = creds ? (phone, text) => sendViaEvolution(creds, phone, text) : async () => ({ ok: false, error: 'creds_missing' }) try { const optedBackIn = await maybeOptIn(supabase, tenantId, fromPhone, cleanBody) if (optedBackIn) optoutAction = 'in' } catch (err) { console.error('[optout] opt-in check error:', err) } if (!optoutAction) { try { const keyword = await detectOptoutKeyword(supabase, tenantId, cleanBody) if (keyword) { await registerOptout(supabase, tenantId, fromPhone, patientId, cleanBody, keyword, 'evolution', sendFn) optoutAction = 'out' } } catch (err) { console.error('[optout] detect error:', err) } } if (optoutAction !== 'out') { const threadKey = buildThreadKey(patientId, fromPhone) try { autoReplyResult = await maybeSendAutoReply(supabase, tenantId, threadKey, fromPhone, 'evolution', sendFn) } catch (err) { console.error('[auto-reply] unexpected error:', err) } } } return new Response(JSON.stringify({ ok: true, mediaError, optoutAction, autoReply: autoReplyResult }), { status: 200, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }) } catch (err) { console.error('[evolution-whatsapp-inbound] fatal:', err) return new Response(JSON.stringify({ ok: false, error: String(err) }), { status: 200, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }) } })