@agent-native/core 0.49.24 → 0.49.26

package/dist/provider-api/index.js

@@ -1,7 +1,7 @@
 import { createHash } from "node:crypto";
 import { resolveCredential, } from "../credentials/index.js";
 import { createSsrfSafeDispatcher, isBlockedExtensionUrlWithDns, } from "../extensions/url-safety.js";
-import { listOAuthAccountsByOwner, saveOAuthTokens, } from "../oauth-tokens/index.js";
+import { deleteOAuthTokens, listOAuthAccountsByOwner, saveOAuthTokens, } from "../oauth-tokens/index.js";
 import { getCredentialContext } from "../server/request-context.js";
 import { resolveWorkspaceConnectionCredentialForApp } from "../workspace-connections/credentials.js";
 export { upsertCustomProvider, deleteCustomProvider, listCustomProviders, getCustomProvider, validateCustomBaseUrl, } from "./custom-registry.js";
@@ -32,6 +32,11 @@ export const PROVIDER_API_IDS = [
     "stripe",
     "twitter",
 ];
+const PERMANENT_GOOGLE_OAUTH_REFRESH_ERRORS = new Set([
+    "invalid_grant",
+    "unauthorized_client",
+    "invalid_client",
+]);
 const DEFAULT_TIMEOUT_MS = 30_000;
 const MAX_TIMEOUT_MS = 120_000;
 const DEFAULT_MAX_BYTES = 1024 * 1024;
@@ -94,7 +99,7 @@ const PROVIDER_CONFIGS = {
         },
         credentialKeys: ["APOLLO_API_KEY"],
         docsUrls: ["https://docs.apollo.io/reference/api-reference"],
-        templateUses: ["analytics"],
+        templateUses: ["analytics", "calendar"],
         examples: [
             {
                 label: "Search people",
@@ -270,7 +275,7 @@ const PROVIDER_CONFIGS = {
             Accept: "application/vnd.github+json",
             "X-GitHub-Api-Version": "2022-11-28",
         },
-        templateUses: ["analytics", "brain", "dispatch"],
+        templateUses: ["analytics", "brain", "design", "dispatch"],
         examples: [
             { label: "Authenticated user", method: "GET", path: "/user" },
             { label: "Search issues", method: "GET", path: "/search/issues" },
@@ -319,7 +324,7 @@ const PROVIDER_CONFIGS = {
         },
         credentialKeys: ["GONG_ACCESS_KEY", "GONG_ACCESS_SECRET", "GONG_API_BASE"],
         docsUrls: ["https://gong.app.gong.io/settings/api/documentation"],
-        templateUses: ["analytics"],
+        templateUses: ["analytics", "calendar"],
         examples: [
             { label: "List calls", method: "GET", path: "/calls" },
             {
@@ -328,6 +333,24 @@ const PROVIDER_CONFIGS = {
                 path: "/calls/transcript",
                 body: { filter: { callIds: ["<call-id>"] } },
             },
+            {
+                label: "Calls with parties/content",
+                method: "POST",
+                path: "/calls/extensive",
+                body: {
+                    filter: { fromDateTime: "<iso-date-time>" },
+                    contentSelector: {
+                        exposedFields: {
+                            parties: true,
+                            content: { brief: true, keyPoints: true },
+                        },
+                    },
+                },
+            },
+        ],
+        notes: [
+            "For broad corpus work, call /calls/extensive with provider-api-request and stageAs/saveToFile. Gong returns the next cursor at records.cursor and expects the next cursor in the POST body at cursor, so use pagination { nextCursorPath: 'records.cursor', cursorBodyPath: 'cursor' } for stageAs or fetchAllPages { cursorPath: 'records.cursor', cursorBodyPath: 'cursor' } for saveToFile.",
+            "Batch transcripts with POST /calls/transcript and body { filter: { callIds: [...] } } after narrowing or staging call ids.",
         ],
     },
     google_calendar: {
@@ -343,7 +366,7 @@ const PROVIDER_CONFIGS = {
         docsUrls: ["https://developers.google.com/calendar/api/v3/reference"],
         specUrls: ["https://www.googleapis.com/discovery/v1/apis/calendar/v3/rest"],
         allowedHostSuffixes: ["googleapis.com"],
-        templateUses: ["brain", "calendar", "dispatch"],
+        templateUses: ["brain", "calendar", "dispatch", "mail"],
         examples: [
             {
                 label: "List calendars",
@@ -426,7 +449,7 @@ const PROVIDER_CONFIGS = {
         },
         credentialKeys: ["HUBSPOT_PRIVATE_APP_TOKEN", "HUBSPOT_ACCESS_TOKEN"],
         docsUrls: ["https://developers.hubspot.com/docs/api/overview"],
-        templateUses: ["analytics", "brain", "mail", "dispatch"],
+        templateUses: ["analytics", "brain", "calendar", "mail", "dispatch"],
         examples: [
             {
                 label: "Search deals with any HubSpot CRM filter",
@@ -585,7 +608,7 @@ const PROVIDER_CONFIGS = {
         },
         credentialKeys: ["PYLON_API_KEY"],
         docsUrls: ["https://docs.usepylon.com/pylon-docs/developer/api-reference"],
-        templateUses: ["analytics"],
+        templateUses: ["analytics", "calendar"],
         examples: [{ label: "List issues", method: "GET", path: "/issues" }],
     },
     sentry: {
@@ -822,9 +845,9 @@ export async function executeProviderApiRequest(args, runtime) {
     // --- fetchAllPages mode ---
     if (args.fetchAllPages) {
         const pageCfg = args.fetchAllPages;
-        const { items, pageCount, lastStatus, lastContentType } = await fetchAllPages(pageCfg, async (extraQuery) => {
-            const queryWithCursor = extraQuery
-                ? mergeQueryObjects(substituteUnknown(args.query, placeholders), extraQuery)
+        const { items, pageCount, lastStatus, lastContentType } = await fetchAllPages(pageCfg, async (extra) => {
+            const queryWithCursor = extra?.query
+                ? mergeQueryObjects(substituteUnknown(args.query, placeholders), extra.query)
                 : substituteUnknown(args.query, placeholders);
             const pageUrl = buildProviderUrl({
                 config,
@@ -832,7 +855,10 @@ export async function executeProviderApiRequest(args, runtime) {
                 rawPath: substituteString(args.path, placeholders),
                 query: queryWithCursor,
             });
-            const pageBody = prepareBody(substituteUnknown(args.body, placeholders), { ...headers });
+            const bodyWithCursor = extra?.bodyCursor
+                ? setValueAtPath(substituteUnknown(args.body, placeholders), extra.bodyCursor.path, extra.bodyCursor.value)
+                : substituteUnknown(args.body, placeholders);
+            const pageBody = prepareBody(bodyWithCursor, { ...headers });
             const resp = await fetchWithTimeout(pageUrl.href, {
                 method,
                 headers,
@@ -955,9 +981,9 @@ async function executeCustomProviderApiRequest(args, customConfig, runtime) {
     // --- fetchAllPages mode (same cursor pagination as built-in providers) ---
     if (args.fetchAllPages) {
         const pageCfg = args.fetchAllPages;
-        const { items, pageCount, lastStatus, lastContentType } = await fetchAllPages(pageCfg, async (extraQuery) => {
-            const queryWithCursor = extraQuery
-                ? mergeQueryObjects(args.query, extraQuery)
+        const { items, pageCount, lastStatus, lastContentType } = await fetchAllPages(pageCfg, async (extra) => {
+            const queryWithCursor = extra?.query
+                ? mergeQueryObjects(args.query, extra.query)
                 : args.query;
             const pageUrl = buildProviderUrl({
                 config: syntheticConfig,
@@ -965,7 +991,10 @@ async function executeCustomProviderApiRequest(args, customConfig, runtime) {
                 rawPath: args.path,
                 query: queryWithCursor,
             });
-            const pageBody = prepareBody(args.body, { ...headers });
+            const bodyWithCursor = extra?.bodyCursor
+                ? setValueAtPath(args.body, extra.bodyCursor.path, extra.bodyCursor.value)
+                : args.body;
+            const pageBody = prepareBody(bodyWithCursor, { ...headers });
             const resp = await fetchWithTimeout(pageUrl.href, {
                 method,
                 headers,
@@ -1394,7 +1423,7 @@ function buildProviderUrl(options) {
     const rawPath = options.rawPath.trim();
     const url = /^https?:\/\//i.test(rawPath)
         ? new URL(rawPath)
-        : new URL(rawPath.startsWith("/") ? rawPath : `/${rawPath}`, base);
+        : new URL(joinProviderUrlPath(base, rawPath), base.origin);
     if (!isAllowedProviderUrl(url, base, options.config)) {
         throw new Error(`${options.config.label} API requests must stay on the configured provider host or registered provider host suffix.`);
     }
@@ -1403,6 +1432,20 @@ function buildProviderUrl(options) {
     }
     return url;
 }
+function joinProviderUrlPath(base, rawPath) {
+    const basePath = base.pathname.replace(/\/+$/, "");
+    const providerPath = rawPath.replace(/^\/+/, "");
+    if (!providerPath)
+        return basePath || "/";
+    const baseSegments = basePath.split("/").filter(Boolean);
+    const providerSegments = providerPath.split("/").filter(Boolean);
+    if (baseSegments.length > 0 &&
+        providerSegments.length >= baseSegments.length &&
+        baseSegments.every((segment, index) => segment === providerSegments[index])) {
+        return `/${providerPath}`;
+    }
+    return `${basePath}/${providerPath}`;
+}
 function isAllowedProviderUrl(url, base, config) {
     if (url.protocol !== "https:" && url.protocol !== "http:")
         return false;
@@ -1533,8 +1576,9 @@ async function resolveAuth(config, runtime, ctx, args) {
         };
     }
     if (auth.type === "oauth-bearer") {
+        const oauthProvider = runtime.oauthProviderOverrides?.[config.id] ?? auth.oauthProvider;
         const credential = await resolveOAuthBearerToken({
-            auth,
+            auth: { ...auth, oauthProvider },
             ctx,
             accountId: args.accountId,
         });
@@ -1733,7 +1777,8 @@ async function getValidOAuthAccessToken(options) {
     const refreshToken = options.tokens.refresh_token ?? options.tokens.refreshToken;
     if (!refreshToken)
         return accessToken;
-    if (options.oauthProvider === "google") {
+    if (options.oauthProvider === "google" ||
+        options.oauthProvider === "google-docs") {
         return refreshGoogleOAuthToken(options, refreshToken);
     }
     throw new Error(`${options.oauthProvider} OAuth token is expired and automatic refresh is not configured for provider-api.`);
@@ -1756,6 +1801,9 @@ async function refreshGoogleOAuthToken(options, refreshToken) {
     });
     const data = (await res.json());
     if (!res.ok || !data.access_token) {
+        if (data.error && PERMANENT_GOOGLE_OAUTH_REFRESH_ERRORS.has(data.error)) {
+            await deleteOAuthTokens(options.oauthProvider, options.accountId);
+        }
         const detail = data.error_description ?? data.error ?? res.statusText;
         throw new Error(`Google OAuth refresh failed: ${detail}`);
     }
@@ -1811,11 +1859,14 @@ function prepareBody(body, headers) {
 }
 async function fetchWithTimeout(optionsUrl, options) {
     const controller = new AbortController();
-    const timeout = setTimeout(() => controller.abort(), clampTimeout(options.timeoutMs));
+    const timeoutMs = clampTimeout(options.timeoutMs);
+    const timeout = setTimeout(() => controller.abort(), timeoutMs);
+    const method = options.method ?? "GET";
+    const secretValues = options.secretValues ?? [];
     try {
         const dispatcher = (await createSsrfSafeDispatcher()) ?? undefined;
         const fetchOptions = {
-            method: options.method ?? "GET",
+            method,
             headers: options.headers,
             body: options.body,
             signal: controller.signal,
@@ -1823,30 +1874,93 @@ async function fetchWithTimeout(optionsUrl, options) {
         };
         if (dispatcher)
             fetchOptions.dispatcher = dispatcher;
-        const startedAt = Date.now();
-        const res = await fetch(optionsUrl, fetchOptions);
-        const elapsedMs = Date.now() - startedAt;
-        const rawText = await readResponseTextWithLimit(res, clampMaxBytes(options.maxBytes));
-        const secretValues = options.secretValues ?? [];
-        const redactedText = redactString(rawText.text, secretValues);
-        const parsed = tryParseJson(redactedText);
-        return {
-            status: res.status,
-            statusText: res.statusText,
-            ok: res.ok,
-            elapsedMs,
-            headers: redactSecrets(headersToObject(res.headers), secretValues),
-            contentType: res.headers.get("content-type") ?? null,
-            size: rawText.size,
-            truncated: rawText.truncated,
-            text: parsed === undefined ? redactedText : undefined,
-            json: parsed,
-        };
+        try {
+            return await fetchProviderResponse(optionsUrl, fetchOptions, {
+                maxBytes: options.maxBytes,
+                secretValues,
+            });
+        }
+        catch (error) {
+            if (dispatcher && isDispatcherCompatibilityError(error)) {
+                const fallbackOptions = { ...fetchOptions };
+                delete fallbackOptions.dispatcher;
+                return await fetchProviderResponse(optionsUrl, fallbackOptions, {
+                    maxBytes: options.maxBytes,
+                    secretValues,
+                });
+            }
+            throw error;
+        }
+    }
+    catch (error) {
+        throw normalizeFetchError(error, {
+            method,
+            url: optionsUrl,
+            timeoutMs,
+            secretValues,
+        });
     }
     finally {
         clearTimeout(timeout);
     }
 }
+async function fetchProviderResponse(url, fetchOptions, options) {
+    const startedAt = Date.now();
+    const res = await fetch(url, fetchOptions);
+    const elapsedMs = Date.now() - startedAt;
+    const rawText = await readResponseTextWithLimit(res, clampMaxBytes(options.maxBytes));
+    const redactedText = redactString(rawText.text, options.secretValues);
+    const parsed = tryParseJson(redactedText);
+    return {
+        status: res.status,
+        statusText: res.statusText,
+        ok: res.ok,
+        elapsedMs,
+        headers: redactSecrets(headersToObject(res.headers), options.secretValues),
+        contentType: res.headers.get("content-type") ?? null,
+        size: rawText.size,
+        truncated: rawText.truncated,
+        text: parsed === undefined ? redactedText : undefined,
+        json: parsed,
+    };
+}
+function isDispatcherCompatibilityError(error) {
+    const err = error;
+    const code = typeof err?.cause?.code === "string" ? err.cause.code : "";
+    const detail = [
+        typeof err?.message === "string" ? err.message : "",
+        typeof err?.cause?.message === "string" ? err.cause.message : "",
+    ]
+        .join(" ")
+        .toLowerCase();
+    return (code === "UND_ERR_INVALID_ARG" &&
+        detail.includes("invalid onrequeststart method"));
+}
+function normalizeFetchError(error, options) {
+    const target = describeProviderRequestTarget(options.url, options.secretValues);
+    const err = error;
+    if (err?.name === "AbortError") {
+        return new Error(`Provider API request timed out after ${options.timeoutMs}ms: ${options.method} ${target}`, { cause: error });
+    }
+    const causeCode = typeof err?.cause?.code === "string" && err.cause.code
+        ? ` (${err.cause.code})`
+        : "";
+    const detail = typeof err?.cause?.message === "string" && err.cause.message
+        ? err.cause.message
+        : typeof err?.message === "string" && err.message
+            ? err.message
+            : String(error);
+    return new Error(`Provider API request failed${causeCode}: ${options.method} ${target}: ${redactString(detail, options.secretValues)}`, { cause: error });
+}
+function describeProviderRequestTarget(rawUrl, secretValues) {
+    try {
+        const url = new URL(rawUrl);
+        return redactString(`${url.host}${url.pathname}${url.search}`, secretValues);
+    }
+    catch {
+        return redactString(rawUrl, secretValues);
+    }
+}
 async function readResponseTextWithLimit(response, maxBytes) {
     const contentLength = response.headers.get("content-length");
     if (contentLength && Number(contentLength) > maxBytes) {
@@ -1928,6 +2042,25 @@ function mergeQueryObjects(base, extra) {
     }
     return extra;
 }
+function setValueAtPath(base, path, value) {
+    const root = base && typeof base === "object" && !Array.isArray(base)
+        ? { ...base }
+        : {};
+    const parts = path.split(".").filter(Boolean);
+    if (!parts.length)
+        return root;
+    let current = root;
+    for (const part of parts.slice(0, -1)) {
+        const existing = current[part];
+        const next = existing && typeof existing === "object" && !Array.isArray(existing)
+            ? { ...existing }
+            : {};
+        current[part] = next;
+        current = next;
+    }
+    current[parts[parts.length - 1]] = value;
+    return root;
+}
 function clampTimeout(timeoutMs) {
     if (!Number.isFinite(timeoutMs))
         return DEFAULT_TIMEOUT_MS;
@@ -1995,14 +2128,29 @@ async function fetchAllPages(config, executeOnePage) {
     let pageCount = 0;
     let lastStatus = 0;
     let lastContentType = null;
+    if (!config.cursorParam && !config.cursorBodyPath) {
+        throw new Error("fetchAllPages requires cursorParam or cursorBodyPath to send the next cursor.");
+    }
+    if (config.cursorParam && config.cursorBodyPath) {
+        throw new Error("fetchAllPages accepts exactly one cursor method: cursorParam or cursorBodyPath.");
+    }
     while (pageCount < maxPages) {
-        const extraQuery = {};
-        if (cursor)
-            extraQuery[config.cursorParam] = cursor;
-        const page = await executeOnePage(pageCount > 0 ? extraQuery : undefined);
+        const extra = {};
+        if (cursor) {
+            if (config.cursorParam)
+                extra.query = { [config.cursorParam]: cursor };
+            if (config.cursorBodyPath) {
+                extra.bodyCursor = { path: config.cursorBodyPath, value: cursor };
+            }
+        }
+        const page = await executeOnePage(pageCount > 0 ? extra : undefined);
         lastStatus = page.status;
         lastContentType = page.contentType;
         pageCount++;
+        if (!page.ok) {
+            const preview = page.text.replace(/\s+/g, " ").trim().slice(0, 500);
+            throw new Error(`fetchAllPages request failed with HTTP ${page.status}${preview ? `: ${preview}` : ""}`);
+        }
         let body;
         try {
             body = JSON.parse(page.text);