@app-connect/core 1.7.18 → 1.7.19

package/test/mcp/tools/doAuth.test.js

@@ -1,376 +1,113 @@
 const doAuth = require('../../../mcp/tools/doAuth');
-const authCore = require('../../../handlers/auth');
-const jwt = require('../../../lib/jwt');
+const { createAuthSession } = require('../../../lib/authSession');
 
-// Mock dependencies
-jest.mock('../../../handlers/auth');
-jest.mock('../../../lib/jwt');
+jest.mock('../../../lib/authSession');
 
 describe('MCP Tool: doAuth', () => {
   beforeEach(() => {
     jest.clearAllMocks();
-    process.env.APP_SERVER_SECRET_KEY = 'test-secret-key';
   });
 
   describe('tool definition', () => {
     test('should have correct tool definition', () => {
       expect(doAuth.definition).toBeDefined();
       expect(doAuth.definition.name).toBe('doAuth');
-      expect(doAuth.definition.description).toContain('Auth flow step.4');
+      expect(doAuth.definition.description).toContain('OAuth session');
       expect(doAuth.definition.inputSchema).toBeDefined();
     });
 
-    test('should have optional parameters', () => {
-      expect(doAuth.definition.inputSchema.properties).toHaveProperty('connectorManifest');
+    test('should require connectorName and have optional hostname', () => {
+      expect(doAuth.definition.inputSchema.required).toContain('connectorName');
       expect(doAuth.definition.inputSchema.properties).toHaveProperty('connectorName');
       expect(doAuth.definition.inputSchema.properties).toHaveProperty('hostname');
-      expect(doAuth.definition.inputSchema.properties).toHaveProperty('apiKey');
-      expect(doAuth.definition.inputSchema.properties).toHaveProperty('additionalInfo');
-      expect(doAuth.definition.inputSchema.properties).toHaveProperty('callbackUri');
     });
   });
 
-  describe('execute - apiKey authentication', () => {
-    test('should authenticate with API key successfully', async () => {
+  describe('execute', () => {
+    test('should create auth session successfully', async () => {
       // Arrange
-      const mockManifest = {
-        platforms: {
-          testCRM: {
-            name: 'testCRM',
-            auth: { type: 'apiKey', apiKey: { name: 'apiKey' } },
-            environment: { type: 'fixed' }
-          }
-        }
-      };
-
-      const mockUserInfo = {
-        id: 'test-user-123',
-        name: 'Test User'
-      };
-
-      authCore.onApiKeyLogin.mockResolvedValue({
-        userInfo: mockUserInfo
-      });
-
-      jwt.generateJwt.mockReturnValue('mock-jwt-token');
+      createAuthSession.mockResolvedValue(undefined);
 
       // Act
       const result = await doAuth.execute({
-        connectorManifest: mockManifest,
-        connectorName: 'testCRM',
-        hostname: 'test.crm.com',
-        apiKey: 'test-api-key'
+        sessionId: 'session-abc',
+        connectorName: 'pipedrive',
+        hostname: 'mycompany.pipedrive.com'
       });
 
       // Assert
-      expect(result).toEqual({
-        success: true,
-        data: {
-          jwtToken: 'mock-jwt-token',
-          message: expect.stringContaining('IMPORTANT')
-        }
-      });
-      expect(authCore.onApiKeyLogin).toHaveBeenCalledWith({
-        platform: 'testCRM',
-        hostname: 'test.crm.com',
-        apiKey: 'test-api-key',
-        additionalInfo: undefined
-      });
-      expect(jwt.generateJwt).toHaveBeenCalledWith({
-        id: 'test-user-123',
-        platform: 'testCRM'
+      expect(result).toEqual({ success: true });
+      expect(createAuthSession).toHaveBeenCalledWith('session-abc', {
+        platform: 'pipedrive',
+        hostname: 'mycompany.pipedrive.com'
       });
     });
 
-    test('should handle apiKey authentication with additional info', async () => {
+    test('should create auth session with empty hostname when not provided', async () => {
       // Arrange
-      const mockManifest = {
-        platforms: {
-          testCRM: {
-            name: 'testCRM',
-            auth: { type: 'apiKey', apiKey: { name: 'apiKey' } }
-          }
-        }
-      };
-
-      const additionalInfo = {
-        username: 'testuser',
-        password: 'testpass',
-        apiUrl: 'https://api.test.com'
-      };
-
-      const mockUserInfo = {
-        id: 'test-user-456',
-        name: 'Test User'
-      };
-
-      authCore.onApiKeyLogin.mockResolvedValue({
-        userInfo: mockUserInfo
-      });
-
-      jwt.generateJwt.mockReturnValue('mock-jwt-token-2');
+      createAuthSession.mockResolvedValue(undefined);
 
       // Act
       const result = await doAuth.execute({
-        connectorManifest: mockManifest,
-        connectorName: 'testCRM',
-        hostname: 'test.crm.com',
-        apiKey: 'test-api-key',
-        additionalInfo
+        sessionId: 'session-xyz',
+        connectorName: 'clio'
       });
 
       // Assert
-      expect(result.success).toBe(true);
-      expect(authCore.onApiKeyLogin).toHaveBeenCalledWith({
-        platform: 'testCRM',
-        hostname: 'test.crm.com',
-        apiKey: 'test-api-key',
-        additionalInfo
+      expect(result).toEqual({ success: true });
+      expect(createAuthSession).toHaveBeenCalledWith('session-xyz', {
+        platform: 'clio',
+        hostname: ''
       });
     });
 
-    test('should return error when user info not found', async () => {
-      // Arrange
-      const mockManifest = {
-        platforms: {
-          testCRM: {
-            name: 'testCRM',
-            auth: { type: 'apiKey', apiKey: { name: 'apiKey' } }
-          }
-        }
-      };
-
-      authCore.onApiKeyLogin.mockResolvedValue({
-        userInfo: null
-      });
-
+    test('should return error when sessionId is missing', async () => {
       // Act
-      const result = await doAuth.execute({
-        connectorManifest: mockManifest,
-        connectorName: 'testCRM',
-        hostname: 'test.crm.com',
-        apiKey: 'invalid-api-key'
-      });
+      const result = await doAuth.execute({ connectorName: 'pipedrive' });
 
       // Assert
       expect(result).toEqual({
         success: false,
-        error: 'Authentication failed',
-        errorDetails: 'User info not found'
-      });
-    });
-  });
-
-  describe('execute - OAuth authentication', () => {
-    test('should return auth URI when callback not provided', async () => {
-      // Arrange
-      const mockManifest = {
-        platforms: {
-          salesforce: {
-            name: 'salesforce',
-            auth: {
-              type: 'oauth',
-              oauth: {
-                authUrl: 'https://login.salesforce.com/services/oauth2/authorize',
-                clientId: 'test-client-id',
-                scope: 'api refresh_token',
-                customState: ''
-              }
-            }
-          }
-        }
-      };
-
-      // Act
-      const result = await doAuth.execute({
-        connectorManifest: mockManifest,
-        connectorName: 'salesforce'
+        error: 'Missing required fields: sessionId, connectorName'
       });
-
-      // Assert
-      expect(result.success).toBe(true);
-      expect(result.data.authUri).toContain('https://login.salesforce.com');
-      expect(result.data.authUri).toContain('client_id=test-client-id');
-      expect(result.data.authUri).toContain('response_type=code');
-      expect(result.data.message).toContain('IMPORTANT');
+      expect(createAuthSession).not.toHaveBeenCalled();
     });
 
-    test('should handle OAuth callback successfully', async () => {
-      // Arrange
-      const mockManifest = {
-        platforms: {
-          salesforce: {
-            name: 'salesforce',
-            auth: {
-              type: 'oauth',
-              oauth: {
-                authUrl: 'https://login.salesforce.com/services/oauth2/authorize',
-                clientId: 'test-client-id'
-              }
-            }
-          }
-        }
-      };
-
-      const mockUserInfo = {
-        id: 'sf-user-123',
-        name: 'SF User'
-      };
-
-      authCore.onOAuthCallback.mockResolvedValue({
-        userInfo: mockUserInfo
-      });
-
-      jwt.generateJwt.mockReturnValue('mock-jwt-token-oauth');
-
+    test('should return error when connectorName is missing', async () => {
       // Act
-      const result = await doAuth.execute({
-        connectorManifest: mockManifest,
-        connectorName: 'salesforce',
-        hostname: 'login.salesforce.com',
-        callbackUri: 'https://redirect.com?code=test-code&state=test-state'
-      });
-
-      // Assert
-      expect(result).toEqual({
-        success: true,
-        data: {
-          jwtToken: 'mock-jwt-token-oauth',
-          message: expect.stringContaining('IMPORTANT')
-        }
-      });
-      expect(authCore.onOAuthCallback).toHaveBeenCalledWith({
-        platform: 'salesforce',
-        hostname: 'login.salesforce.com',
-        callbackUri: 'https://redirect.com?code=test-code&state=test-state',
-        query: expect.objectContaining({
-          hostname: 'login.salesforce.com'
-        })
-      });
-    });
-
-    test('should return error when OAuth callback fails', async () => {
-      // Arrange
-      const mockManifest = {
-        platforms: {
-          salesforce: {
-            name: 'salesforce',
-            auth: {
-              type: 'oauth',
-              oauth: {
-                authUrl: 'https://login.salesforce.com/services/oauth2/authorize',
-                clientId: 'test-client-id'
-              }
-            }
-          }
-        }
-      };
-
-      authCore.onOAuthCallback.mockResolvedValue({
-        userInfo: null
-      });
-
-      // Act - callbackUri needs code= and state= to be treated as OAuth callback
-      const result = await doAuth.execute({
-        connectorManifest: mockManifest,
-        connectorName: 'salesforce',
-        hostname: 'login.salesforce.com',
-        callbackUri: 'https://redirect.com?code=invalid-code&state=test-state'
-      });
+      const result = await doAuth.execute({ sessionId: 'session-abc' });
 
       // Assert
       expect(result).toEqual({
         success: false,
-        error: 'Authentication failed',
-        errorDetails: 'User info not found'
+        error: 'Missing required fields: sessionId, connectorName'
       });
+      expect(createAuthSession).not.toHaveBeenCalled();
     });
 
-    test('should include custom state in auth URI', async () => {
-      // Arrange
-      const mockManifest = {
-        platforms: {
-          customCRM: {
-            name: 'customCRM',
-            auth: {
-              type: 'oauth',
-              oauth: {
-                authUrl: 'https://custom.com/oauth',
-                clientId: 'custom-client-id',
-                scope: '',
-                customState: 'custom=state&other=value'
-              }
-            }
-          }
-        }
-      };
-
-      // Act
-      const result = await doAuth.execute({
-        connectorManifest: mockManifest,
-        connectorName: 'customCRM'
-      });
-
-      // Assert - state is now URL-encoded and includes sessionId, platform, hostname, plus customState
-      expect(result.success).toBe(true);
-      // The state parameter now contains session info and custom state appended
-      // Decode and verify custom state is included
-      const stateMatch = result.data.authUri.match(/state=([^&]+)/);
-      expect(stateMatch).toBeTruthy();
-      const decodedState = decodeURIComponent(stateMatch[1]);
-      expect(decodedState).toContain('custom=state&other=value');
-      expect(decodedState).toContain('sessionId=');
-      expect(decodedState).toContain('platform=customCRM');
-    });
-  });
-
-  describe('error handling', () => {
-    test('should handle authentication errors gracefully', async () => {
-      // Arrange
-      const mockManifest = {
-        platforms: {
-          testCRM: {
-            name: 'testCRM',
-            auth: { type: 'apiKey', apiKey: { name: 'apiKey' } }
-          }
-        }
-      };
-
-      authCore.onApiKeyLogin.mockRejectedValue(
-        new Error('Invalid credentials')
-      );
-
+    test('should return error when both sessionId and connectorName are missing', async () => {
       // Act
-      const result = await doAuth.execute({
-        connectorManifest: mockManifest,
-        connectorName: 'testCRM',
-        hostname: 'test.crm.com',
-        apiKey: 'bad-key'
-      });
+      const result = await doAuth.execute({});
 
       // Assert
       expect(result.success).toBe(false);
-      expect(result.error).toBe('Invalid credentials');
-      expect(result.errorDetails).toBeDefined();
+      expect(result.error).toContain('Missing required fields');
     });
 
-    test('should handle missing platform in manifest', async () => {
+    test('should handle unexpected errors gracefully', async () => {
       // Arrange
-      const mockManifest = {
-        platforms: {}
-      };
+      createAuthSession.mockRejectedValue(new Error('DB write failed'));
 
       // Act
       const result = await doAuth.execute({
-        connectorManifest: mockManifest,
-        connectorName: 'nonExistent',
-        apiKey: 'test-key'
+        sessionId: 'session-abc',
+        connectorName: 'pipedrive'
       });
 
       // Assert
       expect(result.success).toBe(false);
-      expect(result.error).toBeDefined();
+      expect(result.error).toBe('DB write failed');
+      expect(result.errorDetails).toBeDefined();
     });
   });
 });
-

package/test/mcp/tools/findContactByName.test.js

@@ -17,12 +17,12 @@ describe('MCP Tool: findContactByName', () => {
     test('should have correct tool definition', () => {
       expect(findContactByName.definition).toBeDefined();
       expect(findContactByName.definition.name).toBe('findContactByName');
-      expect(findContactByName.definition.description).toContain('REQUIRES AUTHENTICATION');
+      expect(findContactByName.definition.description).toContain('REQUIRES CRM CONNECTION');
       expect(findContactByName.definition.inputSchema).toBeDefined();
     });
 
-    test('should require jwtToken and name parameters', () => {
-      expect(findContactByName.definition.inputSchema.required).toContain('jwtToken');
+    test('should require name parameter (jwtToken is server-injected)', () => {
+      expect(findContactByName.definition.inputSchema.required).not.toContain('jwtToken');
       expect(findContactByName.definition.inputSchema.required).toContain('name');
     });
   });

package/test/mcp/tools/findContactByPhone.test.js

@@ -17,12 +17,12 @@ describe('MCP Tool: findContactByPhone', () => {
     test('should have correct tool definition', () => {
       expect(findContactByPhone.definition).toBeDefined();
       expect(findContactByPhone.definition.name).toBe('findContactByPhone');
-      expect(findContactByPhone.definition.description).toContain('REQUIRES AUTHENTICATION');
+      expect(findContactByPhone.definition.description).toContain('REQUIRES CRM CONNECTION');
       expect(findContactByPhone.definition.inputSchema).toBeDefined();
     });
 
-    test('should require jwtToken and phoneNumber parameters', () => {
-      expect(findContactByPhone.definition.inputSchema.required).toContain('jwtToken');
+    test('should require phoneNumber parameter (jwtToken is server-injected)', () => {
+      expect(findContactByPhone.definition.inputSchema.required).not.toContain('jwtToken');
       expect(findContactByPhone.definition.inputSchema.required).toContain('phoneNumber');
     });
 

package/test/mcp/tools/getGoogleFilePicker.test.js

@@ -18,13 +18,13 @@ describe('MCP Tool: getGoogleFilePicker', () => {
     test('should have correct tool definition', () => {
       expect(getGoogleFilePicker.definition).toBeDefined();
       expect(getGoogleFilePicker.definition.name).toBe('getGoogleFilePicker');
-      expect(getGoogleFilePicker.definition.description).toContain('REQUIRES AUTHENTICATION');
+      expect(getGoogleFilePicker.definition.description).toContain('REQUIRES CRM CONNECTION');
       expect(getGoogleFilePicker.definition.description).toContain('Google Sheets file picker');
       expect(getGoogleFilePicker.definition.inputSchema).toBeDefined();
     });
 
-    test('should require jwtToken parameter', () => {
-      expect(getGoogleFilePicker.definition.inputSchema.required).toContain('jwtToken');
+    test('should not require jwtToken in schema (it is server-injected)', () => {
+      expect(getGoogleFilePicker.definition.inputSchema.required).not.toContain('jwtToken');
     });
 
     test('should have optional sheetName parameter', () => {
@@ -62,7 +62,7 @@ describe('MCP Tool: getGoogleFilePicker', () => {
       expect(result).toEqual({
         success: true,
         data: {
-          filePickerUrl: 'https://test-app-server.com/googleSheets/filePicker?token=mock-jwt-token}',
+          filePickerUrl: 'https://test-app-server.com/googleSheets/filePicker?token=mock-jwt-token',
           message: expect.stringContaining('Please open this URL')
         }
       });
@@ -149,7 +149,7 @@ describe('MCP Tool: getGoogleFilePicker', () => {
       // Assert
       expect(result).toEqual({
         success: false,
-        error: 'JWT token is required. Please authenticate with googleSheets platform first using the doAuth tool.'
+        error: 'JWT token is required. Please connect to the CRM first using getPublicConnectors.'
       });
     });
 
@@ -162,7 +162,7 @@ describe('MCP Tool: getGoogleFilePicker', () => {
       // Assert
       expect(result).toEqual({
         success: false,
-        error: 'JWT token is required. Please authenticate with googleSheets platform first using the doAuth tool.'
+        error: 'JWT token is required. Please connect to the CRM first using getPublicConnectors.'
       });
     });
 
@@ -217,7 +217,7 @@ describe('MCP Tool: getGoogleFilePicker', () => {
       // Assert
       expect(result).toEqual({
         success: false,
-        error: 'User not found. Please authenticate with googleSheets platform first.'
+        error: 'User not found. Please connect to the CRM first using getPublicConnectors.'
       });
       expect(UserModel.findByPk).toHaveBeenCalledWith('nonexistent-user');
     });

package/test/mcp/tools/getPublicConnectors.test.js

@@ -1,20 +1,19 @@
 const getPublicConnectors = require('../../../mcp/tools/getPublicConnectors');
-const developerPortal = require('../../../connector/developerPortal');
+const axios = require('axios');
 
-// Mock the developerPortal module
-jest.mock('../../../connector/developerPortal');
+jest.mock('axios');
 
 describe('MCP Tool: getPublicConnectors', () => {
   beforeEach(() => {
     jest.clearAllMocks();
-    delete process.env.RC_ACCOUNT_ID;
+    process.env.APP_SERVER = 'https://test-server.com';
   });
 
   describe('tool definition', () => {
     test('should have correct tool definition', () => {
       expect(getPublicConnectors.definition).toBeDefined();
       expect(getPublicConnectors.definition.name).toBe('getPublicConnectors');
-      expect(getPublicConnectors.definition.description).toContain('Auth flow step.1');
+      expect(getPublicConnectors.definition.description).toContain('connectors');
       expect(getPublicConnectors.definition.inputSchema).toBeDefined();
       expect(getPublicConnectors.definition.inputSchema.type).toBe('object');
     });
@@ -25,104 +24,84 @@ describe('MCP Tool: getPublicConnectors', () => {
   });
 
   describe('execute', () => {
-    test('should return public connectors successfully', async () => {
-      // Arrange - use supported platform names: 'googleSheets' and 'clio'
-      const mockConnectors = [
-        { id: '1', name: 'googleSheets', displayName: 'Google Sheets' },
-        { id: '2', name: 'clio', displayName: 'Clio' }
-      ];
-
-      developerPortal.getPublicConnectorList.mockResolvedValue({
-        connectors: mockConnectors
-      });
-
+    test('should return structuredContent with server URL when no rcAccessToken', async () => {
       // Act
-      const result = await getPublicConnectors.execute();
+      const result = await getPublicConnectors.execute({});
 
       // Assert
       expect(result).toEqual({
-        success: true,
-        data: ['Google Sheets', 'Clio']
+        structuredContent: {
+          serverUrl: 'https://test-server.com',
+          rcExtensionId: null,
+          rcAccountId: null,
+          openaiSessionId: null,
+        }
       });
-      expect(developerPortal.getPublicConnectorList).toHaveBeenCalledTimes(1);
+      expect(axios.get).not.toHaveBeenCalled();
     });
 
-    test('should include private connectors when RC_ACCOUNT_ID is set', async () => {
-      // Arrange - use supported platform names
-      process.env.RC_ACCOUNT_ID = 'test-account-id';
-      
-      const mockPublicConnectors = [
-        { id: '1', name: 'googleSheets', displayName: 'Google Sheets' }
-      ];
-      const mockPrivateConnectors = [
-        { id: '3', name: 'clio', displayName: 'Clio' }
-      ];
-
-      developerPortal.getPublicConnectorList.mockResolvedValue({
-        connectors: mockPublicConnectors
-      });
-      developerPortal.getPrivateConnectorList.mockResolvedValue({
-        privateConnectors: mockPrivateConnectors
+    test('should resolve RC account and extension IDs when rcAccessToken provided', async () => {
+      // Arrange
+      axios.get.mockResolvedValue({
+        data: { id: 'ext-456', account: { id: 'acc-789' } }
       });
 
       // Act
-      const result = await getPublicConnectors.execute();
+      const result = await getPublicConnectors.execute({
+        rcAccessToken: 'valid-rc-token',
+        openaiSessionId: 'session-abc'
+      });
 
       // Assert
       expect(result).toEqual({
-        success: true,
-        data: ['Google Sheets', 'Clio']
+        structuredContent: {
+          serverUrl: 'https://test-server.com',
+          rcExtensionId: 'ext-456',
+          rcAccountId: 'acc-789',
+          openaiSessionId: 'session-abc',
+        }
       });
-      expect(developerPortal.getPublicConnectorList).toHaveBeenCalledTimes(1);
-      expect(developerPortal.getPrivateConnectorList).toHaveBeenCalledTimes(1);
+      expect(axios.get).toHaveBeenCalledWith(
+        'https://platform.ringcentral.com/restapi/v1.0/account/~/extension/~',
+        { headers: { Authorization: 'Bearer valid-rc-token' } }
+      );
     });
 
-    test('should return empty array when no connectors available', async () => {
-      // Arrange
-      developerPortal.getPublicConnectorList.mockResolvedValue({
-        connectors: []
-      });
+    test('should return null RC IDs and continue when RC API call fails', async () => {
+      // Arrange — RC API failure is non-fatal: widget only shows public connectors
+      axios.get.mockRejectedValue(new Error('RC API unavailable'));
 
       // Act
-      const result = await getPublicConnectors.execute();
+      const result = await getPublicConnectors.execute({ rcAccessToken: 'bad-token' });
 
-      // Assert
+      // Assert — still returns structuredContent, just without RC IDs
       expect(result).toEqual({
-        success: true,
-        data: []
+        structuredContent: {
+          serverUrl: 'https://test-server.com',
+          rcExtensionId: null,
+          rcAccountId: null,
+          openaiSessionId: null,
+        }
       });
     });
 
-    test('should handle errors gracefully', async () => {
-      // Arrange
-      const errorMessage = 'Failed to fetch connectors';
-      developerPortal.getPublicConnectorList.mockRejectedValue(
-        new Error(errorMessage)
-      );
-
+    test('should include openaiSessionId when provided', async () => {
       // Act
-      const result = await getPublicConnectors.execute();
+      const result = await getPublicConnectors.execute({ openaiSessionId: 'my-session' });
 
       // Assert
-      expect(result.success).toBe(false);
-      expect(result.error).toBe(errorMessage);
-      expect(result.errorDetails).toBeDefined();
+      expect(result.structuredContent.openaiSessionId).toBe('my-session');
     });
 
-    test('should handle network errors', async () => {
+    test('should use default server URL when APP_SERVER is not set', async () => {
       // Arrange
-      const networkError = new Error('Network request failed');
-      networkError.code = 'ECONNREFUSED';
-      developerPortal.getPublicConnectorList.mockRejectedValue(networkError);
+      delete process.env.APP_SERVER;
 
       // Act
-      const result = await getPublicConnectors.execute();
+      const result = await getPublicConnectors.execute({});
 
       // Assert
-      expect(result.success).toBe(false);
-      expect(result.error).toBe('Network request failed');
-      expect(result.errorDetails).toBeDefined();
+      expect(result.structuredContent.serverUrl).toBe('https://localhost:6066');
     });
   });
 });
-