npm - @app-connect/core - Versions diffs - 1.7.21 → 1.7.22 - Mend

@app-connect/core 1.7.21 → 1.7.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (42) hide show

package/README.md +8 -1
package/connector/developerPortal.js +4 -4
package/docs/README.md +50 -0
package/docs/architecture.md +93 -0
package/docs/connectors.md +117 -0
package/docs/handlers.md +125 -0
package/docs/libraries.md +101 -0
package/docs/models.md +144 -0
package/docs/routes.md +115 -0
package/docs/tests.md +73 -0
package/handlers/admin.js +22 -2
package/handlers/auth.js +51 -10
package/handlers/log.js +4 -4
package/handlers/managedAuth.js +446 -0
package/index.js +264 -34
package/lib/jwt.js +1 -1
package/mcp/tools/createCallLog.js +5 -1
package/mcp/tools/createContact.js +5 -1
package/mcp/tools/createMessageLog.js +5 -1
package/mcp/tools/findContactByName.js +5 -1
package/mcp/tools/findContactByPhone.js +6 -2
package/mcp/tools/getCallLog.js +5 -1
package/mcp/tools/rcGetCallLogs.js +6 -2
package/mcp/tools/updateCallLog.js +5 -1
package/mcp/ui/App/lib/developerPortal.ts +1 -1
package/package.json +72 -72
package/releaseNotes.json +8 -0
package/test/handlers/admin.test.js +34 -0
package/test/handlers/auth.test.js +402 -6
package/test/handlers/managedAuth.test.js +458 -0
package/test/index.test.js +105 -0
package/test/lib/jwt.test.js +15 -0
package/test/mcp/tools/createCallLog.test.js +11 -0
package/test/mcp/tools/createContact.test.js +58 -0
package/test/mcp/tools/createMessageLog.test.js +15 -0
package/test/mcp/tools/findContactByName.test.js +12 -0
package/test/mcp/tools/findContactByPhone.test.js +12 -0
package/test/mcp/tools/getCallLog.test.js +12 -0
package/test/mcp/tools/rcGetCallLogs.test.js +56 -0
package/test/mcp/tools/updateCallLog.test.js +14 -0
package/test/routes/managedAuthRoutes.test.js +132 -0
package/test/setup.js +2 -0

package/test/mcp/tools/findContactByPhone.test.js CHANGED Viewed

@@ -211,6 +211,18 @@ describe('MCP Tool: findContactByPhone', () => {
       expect(result.error).toContain('Invalid JWT token');
     });
+    test('should return error when decodeJwt returns null', async () => {
+      jwt.decodeJwt.mockReturnValue(null);
+      const result = await findContactByPhone.execute({
+        jwtToken: 'invalid-token',
+        phoneNumber: '+1234567890'
+      });
+      expect(result.success).toBe(false);
+      expect(result.error).toContain('Invalid JWT token');
+    });
     test('should return error when platform connector not found', async () => {
       // Arrange
       jwt.decodeJwt.mockReturnValue({

package/test/mcp/tools/getCallLog.test.js CHANGED Viewed

@@ -213,6 +213,18 @@ describe('MCP Tool: getCallLog', () => {
       expect(result.error).toContain('Invalid JWT token');
     });
+    test('should return error when decodeJwt returns null', async () => {
+      jwt.decodeJwt.mockReturnValue(null);
+      const result = await getCallLog.execute({
+        jwtToken: 'invalid-token',
+        sessionIds: ['session-123']
+      });
+      expect(result.success).toBe(false);
+      expect(result.error).toContain('Invalid JWT token');
+    });
     test('should return error when platform connector not found', async () => {
       // Arrange
       jwt.decodeJwt.mockReturnValue({

package/test/mcp/tools/rcGetCallLogs.test.js ADDED Viewed

@@ -0,0 +1,56 @@
+const rcGetCallLogs = require('../../../mcp/tools/rcGetCallLogs');
+const jwt = require('../../../lib/jwt');
+const { RingCentral } = require('../../../lib/ringcentral');
+jest.mock('../../../lib/jwt');
+jest.mock('../../../lib/ringcentral', () => ({
+  RingCentral: jest.fn()
+}));
+describe('MCP Tool: rcGetCallLogs', () => {
+  beforeEach(() => {
+    jest.clearAllMocks();
+    process.env.RINGCENTRAL_SERVER = 'https://platform.ringcentral.com';
+    process.env.RINGCENTRAL_CLIENT_ID = 'client-id';
+    process.env.RINGCENTRAL_CLIENT_SECRET = 'client-secret';
+    process.env.APP_SERVER = 'https://app.example.com';
+  });
+  test('should have correct tool definition', () => {
+    expect(rcGetCallLogs.definition).toBeDefined();
+    expect(rcGetCallLogs.definition.name).toBe('rcGetCallLogs');
+  });
+  test('should return call logs successfully', async () => {
+    jwt.decodeJwt.mockReturnValue({ id: 'user-123' });
+    const getCallLogData = jest.fn().mockResolvedValue({ records: [{ id: '1' }] });
+    RingCentral.mockImplementation(() => ({ getCallLogData }));
+    const result = await rcGetCallLogs.execute({
+      jwtToken: 'mock-jwt',
+      rcAccessToken: 'rc-token',
+      timeFrom: '2026-04-01T00:00:00.000Z',
+      timeTo: '2026-04-02T00:00:00.000Z'
+    });
+    expect(result).toEqual({ records: [{ id: '1' }] });
+    expect(getCallLogData).toHaveBeenCalledWith({
+      token: { access_token: 'rc-token', token_type: 'Bearer' },
+      timeFrom: '2026-04-01T00:00:00.000Z',
+      timeTo: '2026-04-02T00:00:00.000Z'
+    });
+  });
+  test('should return error when decodeJwt returns null', async () => {
+    jwt.decodeJwt.mockReturnValue(null);
+    const result = await rcGetCallLogs.execute({
+      jwtToken: 'bad-jwt',
+      rcAccessToken: 'rc-token'
+    });
+    expect(result.success).toBe(false);
+    expect(result.error).toContain('Invalid JWT token');
+  });
+});

package/test/mcp/tools/updateCallLog.test.js CHANGED Viewed

@@ -191,6 +191,20 @@ describe('MCP Tool: updateCallLog', () => {
       expect(result.error).toContain('Invalid JWT token');
     });
+    test('should return error when decodeJwt returns null', async () => {
+      jwt.decodeJwt.mockReturnValue(null);
+      const result = await updateCallLog.execute({
+        jwtToken: 'invalid-token',
+        incomingData: {
+          logData: { sessionId: 'session-123' }
+        }
+      });
+      expect(result.success).toBe(false);
+      expect(result.error).toContain('Invalid JWT token');
+    });
     test('should return error when platform connector not found', async () => {
       // Arrange
       const mockIncomingData = {

package/test/routes/managedAuthRoutes.test.js ADDED Viewed

@@ -0,0 +1,132 @@
+const express = require('express');
+const request = require('supertest');
+jest.mock('../../handlers/admin', () => ({
+  validateRcUserToken: jest.fn(),
+  validateAdminRole: jest.fn(),
+}));
+jest.mock('../../handlers/managedAuth', () => ({
+  getManagedAuthState: jest.fn(),
+}));
+jest.mock('../../handlers/auth', () => ({
+  onApiKeyLogin: jest.fn(),
+}));
+jest.mock('../../lib/jwt', () => ({
+  generateJwt: jest.fn().mockReturnValue('jwt-token'),
+  decodeJwt: jest.fn(),
+}));
+const adminCore = require('../../handlers/admin');
+const managedAuthCore = require('../../handlers/managedAuth');
+const authCore = require('../../handlers/auth');
+const { createCoreRouter } = require('../../index');
+describe('Managed Auth Routes', () => {
+  let app;
+  beforeEach(() => {
+    jest.clearAllMocks();
+    app = express();
+    app.use(express.json());
+    app.use('/', createCoreRouter());
+  });
+  describe('GET /apiKeyManagedAuthState', () => {
+    test('should require rcAccessToken', async () => {
+      const response = await request(app)
+        .get('/apiKeyManagedAuthState')
+        .query({ platform: 'testCRM' });
+      expect(response.status).toBe(400);
+      expect(response.text).toContain('Missing RingCentral access token');
+      expect(adminCore.validateRcUserToken).not.toHaveBeenCalled();
+      expect(managedAuthCore.getManagedAuthState).not.toHaveBeenCalled();
+    });
+    test('should validate rcAccessToken and use validated identity', async () => {
+      adminCore.validateRcUserToken.mockResolvedValue({
+        rcAccountId: 'validated-account-id',
+        rcExtensionId: 'validated-extension-id',
+        rcUserName: 'Validated User',
+      });
+      managedAuthCore.getManagedAuthState.mockResolvedValue({
+        hasManagedAuth: true,
+        allRequiredFieldsSatisfied: true,
+        visibleFieldConsts: [],
+        missingRequiredFieldConsts: [],
+      });
+      const response = await request(app)
+        .get('/apiKeyManagedAuthState')
+        .query({
+          platform: 'testCRM',
+          rcAccessToken: 'valid-rc-token',
+          rcAccountId: 'spoofed-account-id',
+          rcExtensionId: 'spoofed-extension-id',
+        });
+      expect(response.status).toBe(200);
+      expect(adminCore.validateRcUserToken).toHaveBeenCalledWith({ rcAccessToken: 'valid-rc-token' });
+      expect(managedAuthCore.getManagedAuthState).toHaveBeenCalledWith(expect.objectContaining({
+        platform: 'testCRM',
+        rcAccountId: 'validated-account-id',
+        rcExtensionId: 'validated-extension-id',
+      }));
+    });
+  });
+  describe('POST /apiKeyLogin', () => {
+    test('should require rcAccessToken', async () => {
+      const response = await request(app)
+        .post('/apiKeyLogin')
+        .send({
+          platform: 'testCRM',
+          apiKey: 'api-key',
+          hostname: 'test.example.com',
+        });
+      expect(response.status).toBe(400);
+      expect(response.text).toContain('Missing RingCentral access token');
+      expect(adminCore.validateRcUserToken).not.toHaveBeenCalled();
+      expect(authCore.onApiKeyLogin).not.toHaveBeenCalled();
+    });
+    test('should validate rcAccessToken and ignore spoofed rc ids in body', async () => {
+      adminCore.validateRcUserToken.mockResolvedValue({
+        rcAccountId: 'validated-account-id',
+        rcExtensionId: 'validated-extension-id',
+        rcUserName: 'Validated User',
+      });
+      authCore.onApiKeyLogin.mockResolvedValue({
+        userInfo: {
+          id: 'crm-user-id',
+          name: 'CRM User',
+        },
+        returnMessage: {
+          messageType: 'success',
+          message: 'ok',
+        },
+      });
+      const response = await request(app)
+        .post('/apiKeyLogin')
+        .send({
+          platform: 'testCRM',
+          apiKey: 'api-key',
+          hostname: 'test.example.com',
+          rcAccessToken: 'valid-rc-token',
+          rcAccountId: 'spoofed-account-id',
+          rcExtensionId: 'spoofed-extension-id',
+        });
+      expect(response.status).toBe(200);
+      expect(adminCore.validateRcUserToken).toHaveBeenCalledWith({ rcAccessToken: 'valid-rc-token' });
+      expect(authCore.onApiKeyLogin).toHaveBeenCalledWith(expect.objectContaining({
+        platform: 'testCRM',
+        rcAccountId: 'validated-account-id',
+        rcExtensionId: 'validated-extension-id',
+        rcUserName: 'Validated User',
+      }));
+    });
+  });
+});

package/test/setup.js CHANGED Viewed

@@ -29,6 +29,7 @@ beforeAll(async () => {
     const { UserModel } = require('../models/userModel');
     const { CacheModel } = require('../models/cacheModel');
     const { AdminConfigModel } = require('../models/adminConfigModel');
+    const { AccountDataModel } = require('../models/accountDataModel');
     // Sync database models
     await CallLogModel.sync({ force: true });
@@ -36,6 +37,7 @@ beforeAll(async () => {
     await UserModel.sync({ force: true });
     await CacheModel.sync({ force: true });
     await AdminConfigModel.sync({ force: true });
+    await AccountDataModel.sync({ force: true });
     console.log('Database models synced for testing');
   } catch (error) {