#16619: fix(line): allow signatureless empty-events webhook verification

## Describe your changes - Classify LINE webhook payloads before signature checks so `events: []` verification probes are handled correctly. - Bypass signature validation only for empty-events verification probes, while preserving strict signature enforcement for actual event deliveries. - Reuse shared webhook payload classification helpers across both LINE webhook entrypoints (`monitor` and Express middleware) to keep behavior consistent. ## Screenshot or video (only for visual changes) - N/A ## GitHub Issue Link (if applicable) - https://github.com/openclaw/openclaw/issues/16425 ## Testing Plan - Explanation of why no additional tests are needed: - Added focused unit tests for verification probe classification and signature-header validation behavior. - Unit Tests (JS and/or Python): - `pnpm test -- src/line/webhook.test.ts src/line/signature.test.ts src/line/webhook-verification.test.ts src/line/monitor.read-body.test.ts` - E2E Tests: - Not run (requires live LINE webhook callbacks). - Any manual testing needed?: - Optional: use LINE Developers Console webhook "Verify" and confirm a clean HTTP 200 response without signature errors. --- **Contribution License Agreement** By submitting this pull request you agree that all contributions to this project are made under the Apache 2.0 license.