@agentforge-io/core 2.0.10 → 2.0.11

package/dist/services/agent.service.js

@@ -96,17 +96,27 @@ class AgentService {
      * Returns the runtime `AgentDefinition` ready to feed the runner.
      */
     async resolveAgent(params) {
+        // Public-chat slug lookup MUST gate on isActive — a deactivated
+        // agent shouldn't be reachable from a customer-facing widget.
         if (params.agentSlug && params.tenantId && this.resolver) {
             const record = await this.resolver.findBySlug(params.tenantId, params.agentSlug);
             if (record && record.isActive)
                 return toAgentDefinition(record);
         }
+        // Direct-id lookup does NOT gate on isActive. The caller has the
+        // opaque uuid because they already created a conversation against
+        // that agent (admin UI, system Agent Assist seed, internal job…).
+        // Refusing to stream the next turn just because someone toggled
+        // the agent inactive between turns surfaces as the opaque
+        // "Agent <uuid> not found" the admin saw in prod — actively
+        // hostile to operators. Leave inactive-filtering to the layer
+        // that handed out the agentId in the first place.
         if (params.agentId) {
             if (this.resolver) {
                 const record = await this.resolver
                     .findById(params.agentId)
                     .catch(() => null);
-                if (record && record.isActive)
+                if (record)
                     return toAgentDefinition(record);
             }
             // Final fallback: hardcoded SDK array.

package/dist/services/oauth2.service.d.ts

@@ -19,6 +19,23 @@ export interface OAuth2ProviderConfig {
     /** PKCE: defaults to true for security, but providers that don't support
      *  it (rare in 2026) can opt out. */
     usePkce?: boolean;
+    /**
+     * Optional extractor for non-standard token response shapes. The default
+     * reads `access_token` / `refresh_token` / etc. directly off the JSON
+     * body — RFC 6749 compliant providers (Google, HubSpot, ClickUp) don't
+     * need this.
+     *
+     * Slack's `oauth.v2.access` is the notable exception: when the consent
+     * grants only user scopes, the user token lands at
+     * `json.authed_user.access_token`, not at the root. Connectors with
+     * non-standard envelopes provide this hook to map their response into
+     * the canonical `TokenSet` the registry persists.
+     *
+     * If the extractor returns `accessToken: ''` (or any falsy string), the
+     * service treats the exchange as failed and surfaces a clear error
+     * instead of letting an empty string poison the encrypted-token row.
+     */
+    tokenExtractor?: (json: unknown) => TokenSet;
 }
 export interface AuthorizeUrlResult {
     url: string;

package/dist/services/oauth2.service.js

@@ -45,7 +45,7 @@ class OAuth2Service {
         });
         if (pkceVerifier)
             body.set('code_verifier', pkceVerifier);
-        return this.postToken(cfg.tokenUrl, body);
+        return this.postToken(cfg.tokenUrl, body, cfg.tokenExtractor);
     }
     async refresh(cfg, refreshToken) {
         const body = new URLSearchParams({
@@ -54,9 +54,9 @@ class OAuth2Service {
             client_id: cfg.clientId,
             client_secret: cfg.clientSecret,
         });
-        return this.postToken(cfg.tokenUrl, body);
+        return this.postToken(cfg.tokenUrl, body, cfg.tokenExtractor);
     }
-    async postToken(tokenUrl, body) {
+    async postToken(tokenUrl, body, extractor) {
         const res = await this.fetchImpl(tokenUrl, {
             method: 'POST',
             headers: {
@@ -70,13 +70,30 @@ class OAuth2Service {
             throw new Error(`OAuth2 token endpoint ${tokenUrl} returned ${res.status}: ${text}`);
         }
         const json = (await res.json());
-        return {
-            accessToken: json.access_token,
-            refreshToken: json.refresh_token,
-            expiresIn: json.expires_in,
-            scope: json.scope,
-            tokenType: json.token_type,
-        };
+        const tokens = extractor ? extractor(json) : defaultExtractor(json);
+        // Guard against accidentally persisting an empty-string token — that
+        // would crash the cipher with "Received undefined" downstream and the
+        // operator would chase a confusing stack trace. Better to fail fast
+        // here with a descriptive error so the connector author knows their
+        // extractor (or the default) missed the token.
+        if (!tokens.accessToken) {
+            throw new Error(`OAuth2 token endpoint ${tokenUrl} returned a response without an access token. ` +
+                'If the provider uses a non-standard envelope, supply `tokenExtractor` on the ConnectorDefinition.');
+        }
+        return tokens;
     }
 }
 exports.OAuth2Service = OAuth2Service;
+/** RFC 6749 standard shape — used when the connector doesn't supply a
+ *  custom extractor. Mirrors the original behavior before the
+ *  `tokenExtractor` hook was added. */
+function defaultExtractor(json) {
+    const j = json;
+    return {
+        accessToken: j.access_token ?? '',
+        refreshToken: j.refresh_token,
+        expiresIn: j.expires_in,
+        scope: j.scope,
+        tokenType: j.token_type,
+    };
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agentforge-io/core",
-  "version": "2.0.10",
+  "version": "2.0.11",
   "description": "Framework-free AI runtime SDK. Owns: agent loop (Anthropic), conversations, tools, streaming, agent-job queue, SdkHooks. Identity, billing, infra (email/uploads/secrets) live in the host's modules — not here.",
   "license": "MIT",
   "main": "dist/index.js",