---

name: line-client description: LINE messaging integration via Chrome extension gateway. Send/read LINE messages, manage contacts, groups, profile, and reactions. Authenticate with QR code login. Provides HMAC-signed API access through the Chrome extension gateway (line-chrome-gw.line-apps.com).

LINE Client Skill

Full LINE messaging client via the Chrome extension gateway JSON API.

Repo & Files

• Repo: /data/workspace/line-client (github.com/2manslkh/line-api)
• Main client: src/chrome_client.py → LineChromeClient
• QR login: src/auth/qr_login.py → QRLogin
• HMAC signer: src/hmac/signer.js (Node.js, auto-starts on port 18944)
• Token storage: ~/.line-client/tokens.json
• Certificate cache: ~/.line-client/sqr_cert
• WASM files: lstm.wasm + lstmSandbox.js (required, in repo root)

Quick Start

import json
from pathlib import Path
from src.chrome_client import LineChromeClient

tokens = json.loads((Path.home() / ".line-client" / "tokens.json").read_text())
client = LineChromeClient(auth_token=tokens["auth_token"])

# Send a message
client.send_message("U...", "Hello!")

# Get profile
profile = client.get_profile()

Tokens expire in ~7 days. If expired (APIError(10051)), re-run QR login.

QR Login (Authentication)

QR login requires user interaction: scan QR on phone + enter PIN.

from src.hmac import HmacSigner
from src.auth.qr_login import QRLogin
import qrcode

signer = HmacSigner(mode="server")
login = QRLogin(signer)
result = login.run(
    on_qr=lambda url: send_qr_image_to_user(qrcode.make(url)),
    on_pin=lambda pin: send_pin_to_user_IMMEDIATELY(pin),  # TIME SENSITIVE!
    on_status=lambda msg: print(msg),
)
# result.auth_token, result.mid, result.refresh_token

Critical: The PIN must reach the user within ~60 seconds. Send it the instant on_pin fires.

QR Login State Machine

1. createSession → session ID
2. createQrCode → callback URL (append ?secret={curve25519_pubkey}&e2eeVersion=1)
3. checkQrCodeVerified — poll until scan (uses X-Line-Session-ID, no origin header)
4. verifyCertificate — MUST be called even if it fails (required state transition!)
5. createPinCode → 6-digit PIN (skip if cert verified in step 4)
6. checkPinCodeVerified — poll until user enters PIN
7. qrCodeLoginV2 → JWT token + certificate + refresh token

Server-Side Login Script

python scripts/qr_login_server.py /tmp/qr.png

Emits JSON events on stdout: {"event": "qr", "path": "...", "url": "..."}, {"event": "pin", "pin": "123456"}, {"event": "done", "mid": "U..."}.

All API Methods

Contacts & Friends

Messages

Chats & Groups

Reactions

Profile & Settings

Polling & Events

Other Services

MID Format

LINE identifies entities by MID:

• U... or u... → User (toType=0)
• C... or c... → Group chat (toType=2)
• R... or r... → Room (toType=1)

The client auto-detects toType from the MID prefix when sending messages.

HMAC Signing

All API calls require X-Hmac header. The WASM signer handles this automatically:

• Derives key from version "3.7.1" + access token via proprietary KDF (in lstm.wasm)
• Signs path + body → base64 → X-Hmac
• Server mode: ~13ms/sign (Node.js HTTP server on port 18944, auto-started)
• Subprocess mode: ~2s/sign (fallback)

Error Handling

from src.chrome_client import APIError

try:
    client.send_message(mid, "test")
except APIError as e:
    print(e.code, e.api_message)
    # 10051 = session expired / invalid
    # 10052 = HTTP error from backend
    # 10102 = invalid arguments

Architecture

User's Phone (LINE app)
    ↕ (scan QR / enter PIN)
LINE Servers (line-chrome-gw.line-apps.com)
    ↕ (JSON REST + X-Hmac signing)
LineChromeClient (this repo)
    ↕ (WASM HMAC via Node.js signer)
lstm.wasm + lstmSandbox.js

The Chrome Gateway translates JSON ↔ Thrift internally. We never deal with Thrift binary — everything is clean JSON.