npm - @app-connect/core - Versions diffs - 1.7.24 → 1.7.26 - Mend

@app-connect/core 1.7.24 → 1.7.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (137) hide show

package/.env.test +5 -5
package/README.md +441 -441
package/connector/developerPortal.js +31 -42
package/connector/mock.js +84 -77
package/connector/proxy/engine.js +164 -163
package/connector/proxy/index.js +500 -500
package/connector/registry.js +252 -252
package/docs/README.md +50 -50
package/docs/architecture.md +93 -93
package/docs/connectors.md +116 -117
package/docs/handlers.md +125 -125
package/docs/libraries.md +101 -101
package/docs/models.md +144 -144
package/docs/routes.md +115 -115
package/docs/tests.md +73 -73
package/handlers/admin.js +523 -523
package/handlers/appointment.js +193 -0
package/handlers/auth.js +296 -296
package/handlers/calldown.js +99 -99
package/handlers/contact.js +280 -280
package/handlers/disposition.js +82 -80
package/handlers/log.js +984 -973
package/handlers/managedAuth.js +446 -446
package/handlers/plugin.js +208 -208
package/handlers/user.js +142 -142
package/index.js +3140 -2652
package/jest.config.js +56 -56
package/lib/analytics.js +54 -54
package/lib/authSession.js +109 -109
package/lib/cacheCleanup.js +21 -0
package/lib/callLogComposer.js +898 -898
package/lib/callLogLookup.js +34 -0
package/lib/constants.js +8 -8
package/lib/debugTracer.js +177 -177
package/lib/encode.js +30 -30
package/lib/errorHandler.js +218 -206
package/lib/generalErrorMessage.js +41 -41
package/lib/jwt.js +18 -18
package/lib/logger.js +190 -190
package/lib/migrateCallLogsSchema.js +116 -0
package/lib/ringcentral.js +266 -266
package/lib/s3ErrorLogReport.js +65 -65
package/lib/sharedSMSComposer.js +471 -471
package/lib/util.js +67 -67
package/mcp/README.md +412 -395
package/mcp/lib/validator.js +91 -91
package/mcp/mcpHandler.js +425 -425
package/mcp/tools/cancelAppointment.js +101 -0
package/mcp/tools/checkAuthStatus.js +105 -105
package/mcp/tools/confirmAppointment.js +101 -0
package/mcp/tools/createAppointment.js +157 -0
package/mcp/tools/createCallLog.js +327 -316
package/mcp/tools/createContact.js +117 -117
package/mcp/tools/createMessageLog.js +287 -287
package/mcp/tools/doAuth.js +60 -60
package/mcp/tools/findContactByName.js +93 -93
package/mcp/tools/findContactByPhone.js +101 -101
package/mcp/tools/getCallLog.js +111 -102
package/mcp/tools/getGoogleFilePicker.js +99 -99
package/mcp/tools/getHelp.js +43 -43
package/mcp/tools/getPublicConnectors.js +94 -94
package/mcp/tools/getSessionInfo.js +90 -90
package/mcp/tools/index.js +51 -41
package/mcp/tools/listAppointments.js +163 -0
package/mcp/tools/logout.js +96 -96
package/mcp/tools/rcGetCallLogs.js +65 -65
package/mcp/tools/updateAppointment.js +154 -0
package/mcp/tools/updateCallLog.js +130 -126
package/mcp/ui/App/App.tsx +358 -358
package/mcp/ui/App/components/AuthInfoForm.tsx +113 -113
package/mcp/ui/App/components/AuthSuccess.tsx +22 -22
package/mcp/ui/App/components/ConnectorList.tsx +82 -82
package/mcp/ui/App/components/DebugPanel.tsx +43 -43
package/mcp/ui/App/components/OAuthConnect.tsx +270 -270
package/mcp/ui/App/lib/callTool.ts +130 -130
package/mcp/ui/App/lib/debugLog.ts +41 -41
package/mcp/ui/App/lib/developerPortal.ts +111 -111
package/mcp/ui/App/main.css +5 -5
package/mcp/ui/App/root.tsx +13 -13
package/mcp/ui/index.html +13 -13
package/mcp/ui/package-lock.json +6356 -6356
package/mcp/ui/package.json +25 -25
package/mcp/ui/tsconfig.json +26 -26
package/mcp/ui/vite.config.ts +16 -16
package/models/accountDataModel.js +33 -33
package/models/adminConfigModel.js +35 -35
package/models/cacheModel.js +30 -26
package/models/callDownListModel.js +34 -34
package/models/callLogModel.js +33 -27
package/models/dynamo/connectorSchema.js +146 -146
package/models/dynamo/lockSchema.js +24 -24
package/models/dynamo/noteCacheSchema.js +29 -29
package/models/llmSessionModel.js +17 -17
package/models/messageLogModel.js +25 -25
package/models/sequelize.js +16 -16
package/models/userModel.js +45 -45
package/package.json +72 -72
package/releaseNotes.json +1093 -1073
package/test/connector/proxy/engine.test.js +126 -93
package/test/connector/proxy/index.test.js +279 -279
package/test/connector/proxy/sample.json +161 -161
package/test/connector/registry.test.js +415 -415
package/test/handlers/admin.test.js +616 -616
package/test/handlers/auth.test.js +1018 -1015
package/test/handlers/contact.test.js +1014 -1014
package/test/handlers/log.test.js +1298 -1160
package/test/handlers/managedAuth.test.js +458 -458
package/test/handlers/plugin.test.js +380 -380
package/test/index.test.js +105 -105
package/test/lib/cacheCleanup.test.js +42 -0
package/test/lib/callLogComposer.test.js +1231 -1231
package/test/lib/debugTracer.test.js +328 -328
package/test/lib/jwt.test.js +176 -176
package/test/lib/logger.test.js +206 -206
package/test/lib/oauth.test.js +359 -359
package/test/lib/ringcentral.test.js +467 -467
package/test/lib/sharedSMSComposer.test.js +1084 -1084
package/test/lib/util.test.js +329 -329
package/test/mcp/tools/checkAuthStatus.test.js +83 -82
package/test/mcp/tools/createCallLog.test.js +436 -436
package/test/mcp/tools/createContact.test.js +58 -58
package/test/mcp/tools/createMessageLog.test.js +595 -595
package/test/mcp/tools/doAuth.test.js +113 -113
package/test/mcp/tools/findContactByName.test.js +275 -275
package/test/mcp/tools/findContactByPhone.test.js +296 -296
package/test/mcp/tools/getCallLog.test.js +298 -298
package/test/mcp/tools/getGoogleFilePicker.test.js +281 -281
package/test/mcp/tools/getPublicConnectors.test.js +107 -107
package/test/mcp/tools/getSessionInfo.test.js +127 -127
package/test/mcp/tools/logout.test.js +233 -233
package/test/mcp/tools/rcGetCallLogs.test.js +56 -56
package/test/mcp/tools/updateCallLog.test.js +360 -360
package/test/models/accountDataModel.test.js +98 -98
package/test/models/dynamo/connectorSchema.test.js +189 -189
package/test/models/models.test.js +568 -539
package/test/routes/managedAuthRoutes.test.js +104 -129
package/test/setup.js +178 -178

package/test/handlers/auth.test.js CHANGED Viewed

@@ -1,1015 +1,1018 @@
-const authHandler = require('../../handlers/auth');
-const connectorRegistry = require('../../connector/registry');
-// Mock the connector registry
-jest.mock('../../connector/registry');
-jest.mock('../../lib/oauth');
-jest.mock('../../models/dynamo/connectorSchema', () => ({
-  Connector: {
-    getProxyConfig: jest.fn()
-  }
-}));
-jest.mock('../../lib/ringcentral', () => ({
-  RingCentral: jest.fn().mockImplementation(() => ({
-    generateToken: jest.fn()
-  }))
-}));
-jest.mock('../../handlers/admin', () => ({
-  updateAdminRcTokens: jest.fn()
-}));
-const oauth = require('../../lib/oauth');
-const { Connector } = require('../../models/dynamo/connectorSchema');
-const { RingCentral } = require('../../lib/ringcentral');
-const adminCore = require('../../handlers/admin');
-const { AccountDataModel } = require('../../models/accountDataModel');
-const { encode } = require('../../lib/encode');
-describe('Auth Handler', () => {
-  const originalEnv = process.env;
-  beforeEach(() => {
-    // Reset mocks
-    jest.clearAllMocks();
-    global.testUtils.resetConnectorRegistry();
-    process.env = { ...originalEnv };
-    process.env.APP_SERVER_SECRET_KEY = 'test-app-server-secret-key-123456';
-  });
-  afterEach(() => {
-    process.env = originalEnv;
-  });
-  describe('onApiKeyLogin', () => {
-    afterEach(async () => {
-      await AccountDataModel.destroy({ where: {} });
-    });
-    test('should handle successful API key login', async () => {
-      // Arrange
-      const mockUserInfo = {
-        successful: true,
-        platformUserInfo: {
-          id: 'test-user-id',
-          name: 'Test User',
-          timezoneName: 'America/Los_Angeles',
-          timezoneOffset: 0,
-          platformAdditionalInfo: {}
-        },
-        returnMessage: {
-          messageType: 'success',
-          message: 'Login successful',
-          ttl: 1000
-        }
-      };
-      const mockConnector = global.testUtils.createMockConnector({
-        getBasicAuth: jest.fn().mockReturnValue('dGVzdC1hcGkta2V5Og=='),
-        getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      const requestData = {
-        platform: 'testCRM',
-        hostname: 'test.example.com',
-        apiKey: 'test-api-key',
-        additionalInfo: {}
-      };
-      // Act
-      const result = await authHandler.onApiKeyLogin(requestData);
-      // Assert
-      expect(result.userInfo).toBeDefined();
-      expect(result.userInfo.id).toBe('test-user-id');
-      expect(result.userInfo.name).toBe('Test User');
-      expect(result.returnMessage).toEqual(mockUserInfo.returnMessage);
-      expect(mockConnector.getBasicAuth).toHaveBeenCalledWith({ apiKey: 'test-api-key' });
-      expect(mockConnector.getUserInfo).toHaveBeenCalledWith({
-        authHeader: 'Basic dGVzdC1hcGkta2V5Og==',
-        hostname: 'test.example.com',
-        additionalInfo: { apiKey: 'test-api-key' },
-        apiKey: 'test-api-key',
-        platform: 'testCRM',
-        proxyId: undefined
-      });
-    });
-    test('should handle failed API key login', async () => {
-      // Arrange
-      const mockUserInfo = {
-        successful: false,
-        platformUserInfo: null,
-        returnMessage: {
-          messageType: 'error',
-          message: 'Invalid API key',
-          ttl: 3000
-        }
-      };
-      const mockConnector = global.testUtils.createMockConnector({
-        getBasicAuth: jest.fn().mockReturnValue('dGVzdC1hcGkta2V5Og=='),
-        getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      const requestData = {
-        platform: 'testCRM',
-        hostname: 'test.example.com',
-        apiKey: 'invalid-api-key',
-        additionalInfo: {}
-      };
-      // Act
-      const result = await authHandler.onApiKeyLogin(requestData);
-      // Assert
-      expect(result.userInfo).toBeNull();
-      expect(result.returnMessage).toEqual(mockUserInfo.returnMessage);
-    });
-    test('should mark managed auth auto-login failure so the next attempt can fall back to manual auth', async () => {
-      connectorRegistry.getManifest.mockReturnValue({
-        platforms: {
-          testCRM: {
-            auth: {
-              type: 'apiKey',
-              apiKey: {
-                page: {
-                  content: [
-                    { const: 'tenantId', required: true, managed: true, managedScope: 'account' },
-                    { const: 'apiKey', required: true, managed: true, managedScope: 'user' }
-                  ]
-                }
-              }
-            }
-          }
-        }
-      });
-      await AccountDataModel.create({
-        rcAccountId: 'rc-account-fail',
-        platformName: 'testCRM',
-        dataKey: 'managed-auth-org',
-        data: {
-          fields: {
-            tenantId: { version: 1, encrypted: true, value: encode(JSON.stringify('tenant-1')) }
-          }
-        }
-      });
-      await AccountDataModel.create({
-        rcAccountId: 'rc-account-fail',
-        platformName: 'testCRM',
-        dataKey: 'managed-auth-user:101',
-        data: {
-          rcExtensionId: '101',
-          rcUserName: 'Agent 101',
-          fields: {
-            apiKey: { version: 1, encrypted: true, value: encode(JSON.stringify('bad-stored-key')) }
-          }
-        }
-      });
-      const mockConnector = global.testUtils.createMockConnector({
-        getBasicAuth: jest.fn().mockReturnValue('encoded-bad-key'),
-        getUserInfo: jest.fn().mockResolvedValue({
-          successful: false,
-          platformUserInfo: null,
-          returnMessage: {
-            messageType: 'error',
-            message: 'Invalid API key',
-            ttl: 3000
-          }
-        })
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      const result = await authHandler.onApiKeyLogin({
-        platform: 'testCRM',
-        hostname: 'test.example.com',
-        rcAccountId: 'rc-account-fail',
-        rcExtensionId: '101',
-        additionalInfo: {}
-      });
-      expect(result.userInfo).toBeNull();
-      const failureRecord = await AccountDataModel.findOne({
-        where: {
-          rcAccountId: 'rc-account-fail',
-          platformName: 'testCRM',
-          dataKey: 'managed-auth-login-failure:101'
-        }
-      });
-      expect(failureRecord).not.toBeNull();
-    });
-    test('should merge stored org managed auth values into additionalInfo', async () => {
-      connectorRegistry.getManifest.mockReturnValue({
-        platforms: {
-          testCRM: {
-            auth: {
-              type: 'apiKey',
-              apiKey: {
-                page: {
-                  content: [
-                    { const: 'apiKey', required: true, managed: true, managedScope: 'account' },
-                    { const: 'tenantId', required: true, managed: true, managedScope: 'account' },
-                    { const: 'userToken', required: true }
-                  ]
-                }
-              }
-            }
-          }
-        }
-      });
-      await AccountDataModel.create({
-        rcAccountId: 'rc-account-1',
-        platformName: 'testCRM',
-        dataKey: 'managed-auth-org',
-        data: {
-          fields: {
-            apiKey: { version: 1, encrypted: true, value: encode(JSON.stringify('stored-api-key')) },
-            tenantId: { version: 1, encrypted: true, value: encode(JSON.stringify('tenant-1')) }
-          }
-        }
-      });
-      const mockUserInfo = {
-        successful: true,
-        platformUserInfo: {
-          id: 'test-user-id',
-          name: 'Test User',
-          platformAdditionalInfo: {}
-        },
-        returnMessage: { messageType: 'success', message: 'ok' }
-      };
-      const mockConnector = global.testUtils.createMockConnector({
-        getBasicAuth: jest.fn().mockReturnValue('encoded-shared'),
-        getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      await authHandler.onApiKeyLogin({
-        platform: 'testCRM',
-        hostname: 'test.example.com',
-        rcAccountId: 'rc-account-1',
-        additionalInfo: { userToken: 'user-token-1' }
-      });
-      expect(mockConnector.getBasicAuth).toHaveBeenCalledWith({ apiKey: 'stored-api-key' });
-      expect(mockConnector.getUserInfo).toHaveBeenCalledWith(expect.objectContaining({
-        additionalInfo: expect.objectContaining({
-          apiKey: 'stored-api-key',
-          tenantId: 'tenant-1',
-          userToken: 'user-token-1'
-        })
-      }));
-    });
-    test('should allow submitted shared fields to satisfy missing required managed auth values', async () => {
-      connectorRegistry.getManifest.mockReturnValue({
-        platforms: {
-          testCRM: {
-            auth: {
-              type: 'apiKey',
-              apiKey: {
-                page: {
-                  content: [
-                    { const: 'companyId', required: true, managed: true, managedScope: 'account' },
-                    { const: 'userToken', required: true }
-                  ]
-                }
-              }
-            }
-          }
-        }
-      });
-      const mockConnector = global.testUtils.createMockConnector({
-        getBasicAuth: jest.fn(),
-        getUserInfo: jest.fn().mockResolvedValue({
-          successful: true,
-          platformUserInfo: {
-            id: 'test-user-id',
-            name: 'Test User',
-            platformAdditionalInfo: {}
-          },
-          returnMessage: { messageType: 'success', message: 'ok' }
-        })
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      const result = await authHandler.onApiKeyLogin({
-        platform: 'testCRM',
-        hostname: 'test.example.com',
-        rcAccountId: 'rc-account-2',
-        additionalInfo: {
-          companyId: 'company-123',
-          userToken: 'user-token-1'
-        }
-      });
-      expect(result.userInfo).not.toBeNull();
-      expect(mockConnector.getUserInfo).toHaveBeenCalledWith(expect.objectContaining({
-        additionalInfo: expect.objectContaining({
-          companyId: 'company-123',
-          userToken: 'user-token-1'
-        })
-      }));
-    });
-    test('should not persist submitted managed auth values from end users', async () => {
-      connectorRegistry.getManifest.mockReturnValue({
-        platforms: {
-          testCRM: {
-            auth: {
-              type: 'apiKey',
-              apiKey: {
-                page: {
-                  content: [
-                    { const: 'companyId', required: false, managed: true, managedScope: 'account' },
-                    { const: 'userToken', required: true }
-                  ]
-                }
-              }
-            }
-          }
-        }
-      });
-      const mockUserInfo = {
-        successful: true,
-        platformUserInfo: {
-          id: 'test-user-id',
-          name: 'Test User',
-          platformAdditionalInfo: {}
-        },
-        returnMessage: { messageType: 'success', message: 'ok' }
-      };
-      const mockConnector = global.testUtils.createMockConnector({
-        getBasicAuth: jest.fn().mockReturnValue('encoded'),
-        getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      await authHandler.onApiKeyLogin({
-        platform: 'testCRM',
-        hostname: 'test.example.com',
-        rcAccountId: 'rc-account-2',
-        additionalInfo: {
-          companyId: 'company-123',
-          userToken: 'user-token-1'
-        }
-      });
-      expect(mockConnector.getUserInfo).toHaveBeenCalledWith(expect.objectContaining({
-        additionalInfo: expect.objectContaining({
-          companyId: 'company-123',
-          userToken: 'user-token-1'
-        })
-      }));
-      const stored = await AccountDataModel.findOne({
-        where: {
-          rcAccountId: 'rc-account-2',
-          platformName: 'testCRM',
-          dataKey: 'managed-auth-org'
-        }
-      });
-      expect(stored).toBeNull();
-    });
-    test('should allow manual fallback values to override stored managed credentials and clear failure state after success', async () => {
-      connectorRegistry.getManifest.mockReturnValue({
-        platforms: {
-          testCRM: {
-            auth: {
-              type: 'apiKey',
-              apiKey: {
-                page: {
-                  content: [
-                    { const: 'apiKey', required: true, managed: true, managedScope: 'user' },
-                    { const: 'tenantId', required: true, managed: true, managedScope: 'account' }
-                  ]
-                }
-              }
-            }
-          }
-        }
-      });
-      await AccountDataModel.create({
-        rcAccountId: 'rc-account-recover',
-        platformName: 'testCRM',
-        dataKey: 'managed-auth-org',
-        data: {
-          fields: {
-            tenantId: { version: 1, encrypted: true, value: encode(JSON.stringify('stored-tenant')) }
-          }
-        }
-      });
-      await AccountDataModel.create({
-        rcAccountId: 'rc-account-recover',
-        platformName: 'testCRM',
-        dataKey: 'managed-auth-user:202',
-        data: {
-          rcExtensionId: '202',
-          rcUserName: 'Agent 202',
-          fields: {
-            apiKey: { version: 1, encrypted: true, value: encode(JSON.stringify('stored-bad-key')) }
-          }
-        }
-      });
-      await AccountDataModel.create({
-        rcAccountId: 'rc-account-recover',
-        platformName: 'testCRM',
-        dataKey: 'managed-auth-login-failure:202',
-        data: {
-          failedAt: '2026-04-07T00:00:00.000Z'
-        }
-      });
-      const mockConnector = global.testUtils.createMockConnector({
-        getBasicAuth: jest.fn().mockReturnValue('encoded-manual-key'),
-        getUserInfo: jest.fn().mockResolvedValue({
-          successful: true,
-          platformUserInfo: {
-            id: 'test-user-id',
-            name: 'Recovered User',
-            platformAdditionalInfo: {}
-          },
-          returnMessage: { messageType: 'success', message: 'ok' }
-        })
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      const result = await authHandler.onApiKeyLogin({
-        platform: 'testCRM',
-        hostname: 'test.example.com',
-        rcAccountId: 'rc-account-recover',
-        rcExtensionId: '202',
-        additionalInfo: {
-          apiKey: 'manual-good-key',
-          tenantId: 'manual-tenant'
-        }
-      });
-      expect(result.userInfo).not.toBeNull();
-      expect(mockConnector.getBasicAuth).toHaveBeenCalledWith({ apiKey: 'manual-good-key' });
-      expect(mockConnector.getUserInfo).toHaveBeenCalledWith(expect.objectContaining({
-        additionalInfo: {
-          apiKey: 'manual-good-key',
-          tenantId: 'manual-tenant'
-        }
-      }));
-      const failureRecord = await AccountDataModel.findOne({
-        where: {
-          rcAccountId: 'rc-account-recover',
-          platformName: 'testCRM',
-          dataKey: 'managed-auth-login-failure:202'
-        }
-      });
-      expect(failureRecord).toBeNull();
-    });
-    test('should return warning when required auth fields are missing', async () => {
-      connectorRegistry.getManifest.mockReturnValue({
-        platforms: {
-          testCRM: {
-            auth: {
-              type: 'apiKey',
-              apiKey: {
-                page: {
-                  content: [
-                    { const: 'tenantId', required: true, managed: true, managedScope: 'account' },
-                    { const: 'userToken', required: true }
-                  ]
-                }
-              }
-            }
-          }
-        }
-      });
-      const mockConnector = global.testUtils.createMockConnector({
-        getBasicAuth: jest.fn(),
-        getUserInfo: jest.fn()
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      const result = await authHandler.onApiKeyLogin({
-        platform: 'testCRM',
-        hostname: 'test.example.com',
-        rcAccountId: 'rc-account-4',
-        additionalInfo: {}
-      });
-      expect(result.userInfo).toBeNull();
-      expect(result.returnMessage).toEqual({
-        messageType: 'warning',
-        message: 'Missing required authentication fields.',
-        ttl: 3000,
-        missingRequiredFieldConsts: ['tenantId', 'userToken']
-      });
-      expect(mockConnector.getBasicAuth).not.toHaveBeenCalled();
-      expect(mockConnector.getUserInfo).not.toHaveBeenCalled();
-    });
-    test('should throw error when connector not found', async () => {
-      // Arrange
-      connectorRegistry.getConnector.mockImplementation(() => {
-        throw new Error('Connector not found for platform: testCRM');
-      });
-      const requestData = {
-        platform: 'testCRM',
-        hostname: 'test.example.com',
-        apiKey: 'test-api-key',
-        additionalInfo: {}
-      };
-      // Act & Assert
-      await expect(authHandler.onApiKeyLogin(requestData))
-        .rejects.toThrow('Connector not found for platform: testCRM');
-    });
-  });
-  describe('authValidation', () => {
-    test('should validate user authentication successfully', async () => {
-      // Arrange
-      const mockUser = global.testUtils.createMockUser();
-      const mockValidationResponse = {
-        successful: true,
-        returnMessage: {
-          messageType: 'success',
-          message: 'Authentication valid',
-          ttl: 1000
-        },
-        status: 200
-      };
-      const mockConnector = global.testUtils.createMockConnector({
-        getOauthInfo: jest.fn().mockResolvedValue({}),
-        authValidation: jest.fn().mockResolvedValue(mockValidationResponse)
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      // Mock UserModel.findOne to return a user
-      const { UserModel } = require('../../models/userModel');
-      jest.spyOn(UserModel, 'findOne').mockResolvedValue(mockUser);
-      // Mock oauth.checkAndRefreshAccessToken
-      const oauth = require('../../lib/oauth');
-      jest.spyOn(oauth, 'checkAndRefreshAccessToken').mockResolvedValue(mockUser);
-      const requestData = {
-        platform: 'testCRM',
-        userId: 'test-user-id'
-      };
-      // Act
-      const result = await authHandler.authValidation(requestData);
-      // Assert
-      expect(result).toEqual({
-        ...mockValidationResponse,
-        failReason: ''
-      });
-      expect(mockConnector.authValidation).toHaveBeenCalledWith({ user: mockUser });
-    });
-    test('should handle user not found in database', async () => {
-      // Arrange
-      const mockConnector = global.testUtils.createMockConnector();
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      // Mock UserModel.findOne to return null (user not found)
-      const { UserModel } = require('../../models/userModel');
-      jest.spyOn(UserModel, 'findOne').mockResolvedValue(null);
-      const requestData = {
-        platform: 'testCRM',
-        userId: 'non-existent-user'
-      };
-      // Act
-      const result = await authHandler.authValidation(requestData);
-      // Assert
-      expect(result).toEqual({
-        successful: false,
-        status: 404,
-        failReason: 'App Connect. User not found in database'
-      });
-    });
-    test('should handle validation failure', async () => {
-      // Arrange
-      const mockUser = global.testUtils.createMockUser();
-      const mockValidationResponse = {
-        successful: false,
-        returnMessage: {
-          messageType: 'error',
-          message: 'Authentication failed',
-          ttl: 3000
-        },
-        status: 401
-      };
-      const mockConnector = global.testUtils.createMockConnector({
-        getOauthInfo: jest.fn().mockResolvedValue({}),
-        authValidation: jest.fn().mockResolvedValue(mockValidationResponse)
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      // Mock UserModel.findOne to return a user
-      const { UserModel } = require('../../models/userModel');
-      jest.spyOn(UserModel, 'findOne').mockResolvedValue(mockUser);
-      // Mock oauth.checkAndRefreshAccessToken
-      const oauth = require('../../lib/oauth');
-      jest.spyOn(oauth, 'checkAndRefreshAccessToken').mockResolvedValue(mockUser);
-      const requestData = {
-        platform: 'testCRM',
-        userId: 'test-user-id'
-      };
-      // Act
-      const result = await authHandler.authValidation(requestData);
-      // Assert
-      expect(result).toEqual({
-        ...mockValidationResponse,
-        failReason: 'CRM. API failed'
-      });
-      expect(result.successful).toBe(false);
-    });
-  });
-  describe('onOAuthCallback', () => {
-    const mockOAuthApp = {
-      code: {
-        getToken: jest.fn()
-      }
-    };
-    beforeEach(() => {
-      oauth.getOAuthApp.mockReturnValue(mockOAuthApp);
-    });
-    test('should handle successful OAuth callback', async () => {
-      // Arrange
-      const mockUserInfo = {
-        successful: true,
-        platformUserInfo: {
-          id: 'oauth-user-id',
-          name: 'OAuth User',
-          timezoneName: 'America/New_York',
-          timezoneOffset: -300,
-          platformAdditionalInfo: {}
-        },
-        returnMessage: {
-          messageType: 'success',
-          message: 'Connected successfully'
-        }
-      };
-      const mockConnector = global.testUtils.createMockConnector({
-        getOauthInfo: jest.fn().mockResolvedValue({
-          clientId: 'client-id',
-          clientSecret: 'client-secret',
-          accessTokenUri: 'https://api.example.com/oauth/token',
-          authorizationUri: 'https://api.example.com/oauth/authorize'
-        }),
-        getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      mockOAuthApp.code.getToken.mockResolvedValue({
-        accessToken: 'new-access-token',
-        refreshToken: 'new-refresh-token',
-        expires: new Date()
-      });
-      const requestData = {
-        platform: 'testCRM',
-        hostname: 'api.example.com',
-        tokenUrl: 'https://api.example.com/oauth/token',
-        query: {
-          callbackUri: 'https://app.example.com/callback?code=auth-code-123',
-          rcAccountId: 'rc-account-123'
-        }
-      };
-      // Act
-      const result = await authHandler.onOAuthCallback(requestData);
-      // Assert
-      expect(result.userInfo).toBeDefined();
-      expect(result.userInfo.id).toBe('oauth-user-id');
-      expect(oauth.getOAuthApp).toHaveBeenCalled();
-      expect(mockOAuthApp.code.getToken).toHaveBeenCalled();
-    });
-    test('should return fail message when oauthInfo has error', async () => {
-      // Arrange
-      const mockConnector = global.testUtils.createMockConnector({
-        getOauthInfo: jest.fn().mockResolvedValue({
-          failMessage: 'OAuth configuration not found'
-        })
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      const requestData = {
-        platform: 'testCRM',
-        hostname: 'api.example.com',
-        tokenUrl: '',
-        query: { callbackUri: 'https://app.example.com/callback', rcAccountId: 'rc-123' }
-      };
-      // Act
-      const result = await authHandler.onOAuthCallback(requestData);
-      // Assert
-      expect(result.userInfo).toBeNull();
-      expect(result.returnMessage.messageType).toBe('danger');
-      expect(result.returnMessage.message).toBe('OAuth configuration not found');
-    });
-    test('should handle failed user info retrieval', async () => {
-      // Arrange
-      const mockConnector = global.testUtils.createMockConnector({
-        getOauthInfo: jest.fn().mockResolvedValue({ clientId: 'id', clientSecret: 'secret' }),
-        getUserInfo: jest.fn().mockResolvedValue({
-          successful: false,
-          returnMessage: { messageType: 'error', message: 'User not authorized' }
-        })
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      mockOAuthApp.code.getToken.mockResolvedValue({
-        accessToken: 'token',
-        refreshToken: 'refresh',
-        expires: new Date()
-      });
-      const requestData = {
-        platform: 'testCRM',
-        hostname: 'api.example.com',
-        tokenUrl: '',
-        query: { callbackUri: 'https://app.example.com/callback', rcAccountId: 'rc-123' }
-      };
-      // Act
-      const result = await authHandler.onOAuthCallback(requestData);
-      // Assert
-      expect(result.userInfo).toBeNull();
-      expect(result.returnMessage.message).toBe('User not authorized');
-    });
-    test('should handle proxyId in OAuth callback', async () => {
-      // Arrange
-      const proxyConfig = { name: 'Proxy Config', settings: {} };
-      Connector.getProxyConfig.mockResolvedValue(proxyConfig);
-      const mockConnector = global.testUtils.createMockConnector({
-        getOauthInfo: jest.fn().mockResolvedValue({ clientId: 'id', clientSecret: 'secret' }),
-        getUserInfo: jest.fn().mockResolvedValue({
-          successful: true,
-          platformUserInfo: { id: 'proxy-user', name: 'Proxy User' },
-          returnMessage: { messageType: 'success', message: 'OK' }
-        })
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      mockOAuthApp.code.getToken.mockResolvedValue({
-        accessToken: 'token',
-        refreshToken: 'refresh',
-        expires: new Date()
-      });
-      const requestData = {
-        platform: 'testCRM',
-        hostname: 'api.example.com',
-        tokenUrl: '',
-        query: {
-          callbackUri: 'https://app.example.com/callback',
-          proxyId: 'proxy-123',
-          rcAccountId: 'rc-123'
-        }
-      };
-      // Act
-      await authHandler.onOAuthCallback(requestData);
-      // Assert
-      expect(Connector.getProxyConfig).toHaveBeenCalledWith('proxy-123');
-    });
-    test('should call postSaveUserInfo if platform implements it', async () => {
-      // Arrange
-      const postSaveResult = { id: 'user-id', name: 'User', extra: 'data' };
-      const mockConnector = global.testUtils.createMockConnector({
-        getOauthInfo: jest.fn().mockResolvedValue({ clientId: 'id', clientSecret: 'secret' }),
-        getUserInfo: jest.fn().mockResolvedValue({
-          successful: true,
-          platformUserInfo: { id: 'user-id', name: 'User' },
-          returnMessage: { messageType: 'success', message: 'OK' }
-        }),
-        postSaveUserInfo: jest.fn().mockResolvedValue(postSaveResult)
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      mockOAuthApp.code.getToken.mockResolvedValue({
-        accessToken: 'token',
-        refreshToken: 'refresh',
-        expires: new Date()
-      });
-      const requestData = {
-        platform: 'testCRM',
-        hostname: 'api.example.com',
-        tokenUrl: '',
-        query: { callbackUri: 'https://app.example.com/callback', rcAccountId: 'rc-123' }
-      };
-      // Act
-      const result = await authHandler.onOAuthCallback(requestData);
-      // Assert
-      expect(mockConnector.postSaveUserInfo).toHaveBeenCalled();
-      expect(result.userInfo).toEqual(postSaveResult);
-    });
-    test('should use overriding OAuth option if provided', async () => {
-      // Arrange
-      const overridingOption = { redirect_uri: 'custom-redirect' };
-      const mockConnector = global.testUtils.createMockConnector({
-        getOauthInfo: jest.fn().mockResolvedValue({ clientId: 'id', clientSecret: 'secret' }),
-        getOverridingOAuthOption: jest.fn().mockReturnValue(overridingOption),
-        getUserInfo: jest.fn().mockResolvedValue({
-          successful: true,
-          platformUserInfo: { id: 'user-id', name: 'User' },
-          returnMessage: { messageType: 'success', message: 'OK' }
-        })
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      mockOAuthApp.code.getToken.mockResolvedValue({
-        accessToken: 'token',
-        refreshToken: 'refresh',
-        expires: new Date()
-      });
-      const requestData = {
-        platform: 'testCRM',
-        hostname: 'api.example.com',
-        tokenUrl: '',
-        query: { callbackUri: 'https://app.example.com/callback?code=code123', rcAccountId: 'rc-123' }
-      };
-      // Act
-      await authHandler.onOAuthCallback(requestData);
-      // Assert
-      expect(mockConnector.getOverridingOAuthOption).toHaveBeenCalledWith({ code: 'code123' });
-      expect(mockOAuthApp.code.getToken).toHaveBeenCalledWith(
-        expect.any(String),
-        overridingOption
-      );
-    });
-  });
-  describe('getLicenseStatus', () => {
-    test('should return license status from platform module', async () => {
-      // Arrange
-      const mockUser = global.testUtils.createMockUser({ id: 'user-123' });
-      const mockLicenseStatus = {
-        isValid: true,
-        expiresAt: '2025-12-31',
-        features: ['call_logging', 'sms_logging']
-      };
-      const mockConnector = global.testUtils.createMockConnector({
-        getLicenseStatus: jest.fn().mockResolvedValue(mockLicenseStatus)
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      const { UserModel } = require('../../models/userModel');
-      jest.spyOn(UserModel, 'findByPk').mockResolvedValue(mockUser);
-      // Act
-      const result = await authHandler.getLicenseStatus({
-        userId: 'user-123',
-        platform: 'testCRM'
-      });
-      // Assert
-      expect(result).toEqual(mockLicenseStatus);
-      expect(mockConnector.getLicenseStatus).toHaveBeenCalledWith({
-        userId: 'user-123',
-        platform: 'testCRM',
-        user: mockUser
-      });
-    });
-    test('should return invalid license status when user not found', async () => {
-      // Arrange
-      const mockConnector = global.testUtils.createMockConnector({
-        getLicenseStatus: jest.fn()
-      });
-      connectorRegistry.getConnector.mockReturnValue(mockConnector);
-      const { UserModel } = require('../../models/userModel');
-      jest.spyOn(UserModel, 'findByPk').mockResolvedValue(null);
-      // Act
-      const result = await authHandler.getLicenseStatus({
-        userId: 'missing-user',
-        platform: 'testCRM'
-      });
-      // Assert
-      expect(result).toEqual({
-        isLicenseValid: false,
-        licenseStatus: 'Invalid (User not found)',
-        licenseStatusDescription: ''
-      });
-      expect(connectorRegistry.getConnector).not.toHaveBeenCalled();
-      expect(mockConnector.getLicenseStatus).not.toHaveBeenCalled();
-    });
-  });
-  describe('onRingcentralOAuthCallback', () => {
-    beforeEach(() => {
-      process.env.RINGCENTRAL_SERVER = 'https://platform.ringcentral.com';
-      process.env.RINGCENTRAL_CLIENT_ID = 'rc-client-id';
-      process.env.RINGCENTRAL_CLIENT_SECRET = 'rc-client-secret';
-      process.env.APP_SERVER = 'https://app.example.com';
-    });
-    test('should handle successful RingCentral OAuth callback', async () => {
-      // Arrange
-      const mockGenerateToken = jest.fn().mockResolvedValue({
-        access_token: 'rc-access-token',
-        refresh_token: 'rc-refresh-token',
-        expire_time: Date.now() + 3600000
-      });
-      RingCentral.mockImplementation(() => ({
-        generateToken: mockGenerateToken
-      }));
-      // Act
-      await authHandler.onRingcentralOAuthCallback({
-        code: 'rc-auth-code',
-        rcAccountId: 'hashed-rc-account-id'
-      });
-      // Assert
-      expect(RingCentral).toHaveBeenCalledWith({
-        server: 'https://platform.ringcentral.com',
-        clientId: 'rc-client-id',
-        clientSecret: 'rc-client-secret',
-        redirectUri: 'https://app.example.com/ringcentral/oauth/callback'
-      });
-      expect(mockGenerateToken).toHaveBeenCalledWith({ code: 'rc-auth-code' });
-      expect(adminCore.updateAdminRcTokens).toHaveBeenCalledWith({
-        hashedRcAccountId: 'hashed-rc-account-id',
-        adminAccessToken: 'rc-access-token',
-        adminRefreshToken: 'rc-refresh-token',
-        adminTokenExpiry: expect.any(Number)
-      });
-    });
-    test('should return early if environment variables are not set', async () => {
-      // Arrange
-      delete process.env.RINGCENTRAL_SERVER;
-      // Act
-      const result = await authHandler.onRingcentralOAuthCallback({
-        code: 'rc-auth-code',
-        rcAccountId: 'hashed-rc-account-id'
-      });
-      // Assert
-      expect(result).toBeUndefined();
-      expect(RingCentral).not.toHaveBeenCalled();
-    });
-  });
-});
+const authHandler = require('../../handlers/auth');
+const connectorRegistry = require('../../connector/registry');
+// Mock the connector registry
+jest.mock('../../connector/registry');
+jest.mock('../../lib/oauth');
+jest.mock('../../models/dynamo/connectorSchema', () => ({
+  Connector: {
+    getProxyConfig: jest.fn()
+  }
+}));
+jest.mock('../../lib/ringcentral', () => ({
+  RingCentral: jest.fn().mockImplementation(() => ({
+    generateToken: jest.fn()
+  }))
+}));
+jest.mock('../../handlers/admin', () => ({
+  updateAdminRcTokens: jest.fn()
+}));
+const oauth = require('../../lib/oauth');
+const { Connector } = require('../../models/dynamo/connectorSchema');
+const { RingCentral } = require('../../lib/ringcentral');
+const adminCore = require('../../handlers/admin');
+const { AccountDataModel } = require('../../models/accountDataModel');
+const { encode } = require('../../lib/encode');
+const { getHashValue } = require('../../lib/util');
+describe('Auth Handler', () => {
+  const originalEnv = process.env;
+  beforeEach(() => {
+    // Reset mocks
+    jest.clearAllMocks();
+    global.testUtils.resetConnectorRegistry();
+    process.env = { ...originalEnv };
+    process.env.APP_SERVER_SECRET_KEY = 'test-app-server-secret-key-123456';
+  });
+  afterEach(() => {
+    process.env = originalEnv;
+  });
+  describe('onApiKeyLogin', () => {
+    afterEach(async () => {
+      await AccountDataModel.destroy({ where: {} });
+    });
+    test('should handle successful API key login', async () => {
+      // Arrange
+      const mockUserInfo = {
+        successful: true,
+        platformUserInfo: {
+          id: 'test-user-id',
+          name: 'Test User',
+          timezoneName: 'America/Los_Angeles',
+          timezoneOffset: 0,
+          platformAdditionalInfo: {}
+        },
+        returnMessage: {
+          messageType: 'success',
+          message: 'Login successful',
+          ttl: 1000
+        }
+      };
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn().mockReturnValue('dGVzdC1hcGkta2V5Og=='),
+        getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      const requestData = {
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        apiKey: 'test-api-key',
+        additionalInfo: {}
+      };
+      // Act
+      const result = await authHandler.onApiKeyLogin(requestData);
+      // Assert
+      expect(result.userInfo).toBeDefined();
+      expect(result.userInfo.id).toBe('test-user-id');
+      expect(result.userInfo.name).toBe('Test User');
+      expect(result.returnMessage).toEqual(mockUserInfo.returnMessage);
+      expect(mockConnector.getBasicAuth).toHaveBeenCalledWith({ apiKey: 'test-api-key' });
+      expect(mockConnector.getUserInfo).toHaveBeenCalledWith({
+        authHeader: 'Basic dGVzdC1hcGkta2V5Og==',
+        hostname: 'test.example.com',
+        additionalInfo: { apiKey: 'test-api-key' },
+        apiKey: 'test-api-key',
+        platform: 'testCRM',
+        proxyId: undefined
+      });
+    });
+    test('should handle failed API key login', async () => {
+      // Arrange
+      const mockUserInfo = {
+        successful: false,
+        platformUserInfo: null,
+        returnMessage: {
+          messageType: 'error',
+          message: 'Invalid API key',
+          ttl: 3000
+        }
+      };
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn().mockReturnValue('dGVzdC1hcGkta2V5Og=='),
+        getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      const requestData = {
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        apiKey: 'invalid-api-key',
+        additionalInfo: {}
+      };
+      // Act
+      const result = await authHandler.onApiKeyLogin(requestData);
+      // Assert
+      expect(result.userInfo).toBeNull();
+      expect(result.returnMessage).toEqual(mockUserInfo.returnMessage);
+    });
+    test('should mark managed auth auto-login failure so the next attempt can fall back to manual auth', async () => {
+      connectorRegistry.getManifest.mockReturnValue({
+        platforms: {
+          testCRM: {
+            auth: {
+              type: 'apiKey',
+              apiKey: {
+                page: {
+                  content: [
+                    { const: 'tenantId', required: true, managed: true, managedScope: 'account' },
+                    { const: 'apiKey', required: true, managed: true, managedScope: 'user' }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      });
+      await AccountDataModel.create({
+        rcAccountId: 'rc-account-fail',
+        platformName: 'testCRM',
+        dataKey: 'managed-auth-org',
+        data: {
+          fields: {
+            tenantId: { version: 1, encrypted: true, value: encode(JSON.stringify('tenant-1')) }
+          }
+        }
+      });
+      await AccountDataModel.create({
+        rcAccountId: 'rc-account-fail',
+        platformName: 'testCRM',
+        dataKey: 'managed-auth-user:101',
+        data: {
+          rcExtensionId: '101',
+          rcUserName: 'Agent 101',
+          fields: {
+            apiKey: { version: 1, encrypted: true, value: encode(JSON.stringify('bad-stored-key')) }
+          }
+        }
+      });
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn().mockReturnValue('encoded-bad-key'),
+        getUserInfo: jest.fn().mockResolvedValue({
+          successful: false,
+          platformUserInfo: null,
+          returnMessage: {
+            messageType: 'error',
+            message: 'Invalid API key',
+            ttl: 3000
+          }
+        })
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      const result = await authHandler.onApiKeyLogin({
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        rcAccountId: 'rc-account-fail',
+        rcExtensionId: '101',
+        additionalInfo: {}
+      });
+      expect(result.userInfo).toBeNull();
+      const failureRecord = await AccountDataModel.findOne({
+        where: {
+          rcAccountId: 'rc-account-fail',
+          platformName: 'testCRM',
+          dataKey: 'managed-auth-login-failure:101'
+        }
+      });
+      expect(failureRecord).not.toBeNull();
+    });
+    test('should merge stored org managed auth values into additionalInfo', async () => {
+      connectorRegistry.getManifest.mockReturnValue({
+        platforms: {
+          testCRM: {
+            auth: {
+              type: 'apiKey',
+              apiKey: {
+                page: {
+                  content: [
+                    { const: 'apiKey', required: true, managed: true, managedScope: 'account' },
+                    { const: 'tenantId', required: true, managed: true, managedScope: 'account' },
+                    { const: 'userToken', required: true }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      });
+      await AccountDataModel.create({
+        rcAccountId: 'rc-account-1',
+        platformName: 'testCRM',
+        dataKey: 'managed-auth-org',
+        data: {
+          fields: {
+            apiKey: { version: 1, encrypted: true, value: encode(JSON.stringify('stored-api-key')) },
+            tenantId: { version: 1, encrypted: true, value: encode(JSON.stringify('tenant-1')) }
+          }
+        }
+      });
+      const mockUserInfo = {
+        successful: true,
+        platformUserInfo: {
+          id: 'test-user-id',
+          name: 'Test User',
+          platformAdditionalInfo: {}
+        },
+        returnMessage: { messageType: 'success', message: 'ok' }
+      };
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn().mockReturnValue('encoded-shared'),
+        getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      await authHandler.onApiKeyLogin({
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        rcAccountId: 'rc-account-1',
+        additionalInfo: { userToken: 'user-token-1' }
+      });
+      expect(mockConnector.getBasicAuth).toHaveBeenCalledWith({ apiKey: 'stored-api-key' });
+      expect(mockConnector.getUserInfo).toHaveBeenCalledWith(expect.objectContaining({
+        additionalInfo: expect.objectContaining({
+          apiKey: 'stored-api-key',
+          tenantId: 'tenant-1',
+          userToken: 'user-token-1'
+        })
+      }));
+    });
+    test('should allow submitted shared fields to satisfy missing required managed auth values', async () => {
+      connectorRegistry.getManifest.mockReturnValue({
+        platforms: {
+          testCRM: {
+            auth: {
+              type: 'apiKey',
+              apiKey: {
+                page: {
+                  content: [
+                    { const: 'companyId', required: true, managed: true, managedScope: 'account' },
+                    { const: 'userToken', required: true }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      });
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn(),
+        getUserInfo: jest.fn().mockResolvedValue({
+          successful: true,
+          platformUserInfo: {
+            id: 'test-user-id',
+            name: 'Test User',
+            platformAdditionalInfo: {}
+          },
+          returnMessage: { messageType: 'success', message: 'ok' }
+        })
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      const result = await authHandler.onApiKeyLogin({
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        rcAccountId: 'rc-account-2',
+        additionalInfo: {
+          companyId: 'company-123',
+          userToken: 'user-token-1'
+        }
+      });
+      expect(result.userInfo).not.toBeNull();
+      expect(mockConnector.getUserInfo).toHaveBeenCalledWith(expect.objectContaining({
+        additionalInfo: expect.objectContaining({
+          companyId: 'company-123',
+          userToken: 'user-token-1'
+        })
+      }));
+    });
+    test('should not persist submitted managed auth values from end users', async () => {
+      connectorRegistry.getManifest.mockReturnValue({
+        platforms: {
+          testCRM: {
+            auth: {
+              type: 'apiKey',
+              apiKey: {
+                page: {
+                  content: [
+                    { const: 'companyId', required: false, managed: true, managedScope: 'account' },
+                    { const: 'userToken', required: true }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      });
+      const mockUserInfo = {
+        successful: true,
+        platformUserInfo: {
+          id: 'test-user-id',
+          name: 'Test User',
+          platformAdditionalInfo: {}
+        },
+        returnMessage: { messageType: 'success', message: 'ok' }
+      };
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn().mockReturnValue('encoded'),
+        getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      await authHandler.onApiKeyLogin({
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        rcAccountId: 'rc-account-2',
+        additionalInfo: {
+          companyId: 'company-123',
+          userToken: 'user-token-1'
+        }
+      });
+      expect(mockConnector.getUserInfo).toHaveBeenCalledWith(expect.objectContaining({
+        additionalInfo: expect.objectContaining({
+          companyId: 'company-123',
+          userToken: 'user-token-1'
+        })
+      }));
+      const stored = await AccountDataModel.findOne({
+        where: {
+          rcAccountId: 'rc-account-2',
+          platformName: 'testCRM',
+          dataKey: 'managed-auth-org'
+        }
+      });
+      expect(stored).toBeNull();
+    });
+    test('should allow manual fallback values to override stored managed credentials and clear failure state after success', async () => {
+      connectorRegistry.getManifest.mockReturnValue({
+        platforms: {
+          testCRM: {
+            auth: {
+              type: 'apiKey',
+              apiKey: {
+                page: {
+                  content: [
+                    { const: 'apiKey', required: true, managed: true, managedScope: 'user' },
+                    { const: 'tenantId', required: true, managed: true, managedScope: 'account' }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      });
+      await AccountDataModel.create({
+        rcAccountId: 'rc-account-recover',
+        platformName: 'testCRM',
+        dataKey: 'managed-auth-org',
+        data: {
+          fields: {
+            tenantId: { version: 1, encrypted: true, value: encode(JSON.stringify('stored-tenant')) }
+          }
+        }
+      });
+      await AccountDataModel.create({
+        rcAccountId: 'rc-account-recover',
+        platformName: 'testCRM',
+        dataKey: 'managed-auth-user:202',
+        data: {
+          rcExtensionId: '202',
+          rcUserName: 'Agent 202',
+          fields: {
+            apiKey: { version: 1, encrypted: true, value: encode(JSON.stringify('stored-bad-key')) }
+          }
+        }
+      });
+      await AccountDataModel.create({
+        rcAccountId: 'rc-account-recover',
+        platformName: 'testCRM',
+        dataKey: 'managed-auth-login-failure:202',
+        data: {
+          failedAt: '2026-04-07T00:00:00.000Z'
+        }
+      });
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn().mockReturnValue('encoded-manual-key'),
+        getUserInfo: jest.fn().mockResolvedValue({
+          successful: true,
+          platformUserInfo: {
+            id: 'test-user-id',
+            name: 'Recovered User',
+            platformAdditionalInfo: {}
+          },
+          returnMessage: { messageType: 'success', message: 'ok' }
+        })
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      const result = await authHandler.onApiKeyLogin({
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        rcAccountId: 'rc-account-recover',
+        rcExtensionId: '202',
+        additionalInfo: {
+          apiKey: 'manual-good-key',
+          tenantId: 'manual-tenant'
+        }
+      });
+      expect(result.userInfo).not.toBeNull();
+      expect(mockConnector.getBasicAuth).toHaveBeenCalledWith({ apiKey: 'manual-good-key' });
+      expect(mockConnector.getUserInfo).toHaveBeenCalledWith(expect.objectContaining({
+        additionalInfo: {
+          apiKey: 'manual-good-key',
+          tenantId: 'manual-tenant'
+        }
+      }));
+      const failureRecord = await AccountDataModel.findOne({
+        where: {
+          rcAccountId: 'rc-account-recover',
+          platformName: 'testCRM',
+          dataKey: 'managed-auth-login-failure:202'
+        }
+      });
+      expect(failureRecord).toBeNull();
+    });
+    test('should return warning when required auth fields are missing', async () => {
+      connectorRegistry.getManifest.mockReturnValue({
+        platforms: {
+          testCRM: {
+            auth: {
+              type: 'apiKey',
+              apiKey: {
+                page: {
+                  content: [
+                    { const: 'tenantId', required: true, managed: true, managedScope: 'account' },
+                    { const: 'userToken', required: true }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      });
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn(),
+        getUserInfo: jest.fn()
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      const result = await authHandler.onApiKeyLogin({
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        rcAccountId: 'rc-account-4',
+        additionalInfo: {}
+      });
+      expect(result.userInfo).toBeNull();
+      expect(result.returnMessage).toEqual({
+        messageType: 'warning',
+        message: 'Missing required authentication fields.',
+        ttl: 3000,
+        missingRequiredFieldConsts: ['tenantId', 'userToken']
+      });
+      expect(mockConnector.getBasicAuth).not.toHaveBeenCalled();
+      expect(mockConnector.getUserInfo).not.toHaveBeenCalled();
+    });
+    test('should throw error when connector not found', async () => {
+      // Arrange
+      connectorRegistry.getConnector.mockImplementation(() => {
+        throw new Error('Connector not found for platform: testCRM');
+      });
+      const requestData = {
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        apiKey: 'test-api-key',
+        additionalInfo: {}
+      };
+      // Act & Assert
+      await expect(authHandler.onApiKeyLogin(requestData))
+        .rejects.toThrow('Connector not found for platform: testCRM');
+    });
+  });
+  describe('authValidation', () => {
+    test('should validate user authentication successfully', async () => {
+      // Arrange
+      const mockUser = global.testUtils.createMockUser();
+      const mockValidationResponse = {
+        successful: true,
+        returnMessage: {
+          messageType: 'success',
+          message: 'Authentication valid',
+          ttl: 1000
+        },
+        status: 200
+      };
+      const mockConnector = global.testUtils.createMockConnector({
+        getOauthInfo: jest.fn().mockResolvedValue({}),
+        authValidation: jest.fn().mockResolvedValue(mockValidationResponse)
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      // Mock UserModel.findOne to return a user
+      const { UserModel } = require('../../models/userModel');
+      jest.spyOn(UserModel, 'findOne').mockResolvedValue(mockUser);
+      // Mock oauth.checkAndRefreshAccessToken
+      const oauth = require('../../lib/oauth');
+      jest.spyOn(oauth, 'checkAndRefreshAccessToken').mockResolvedValue(mockUser);
+      const requestData = {
+        platform: 'testCRM',
+        userId: 'test-user-id'
+      };
+      // Act
+      const result = await authHandler.authValidation(requestData);
+      // Assert
+      expect(result).toEqual({
+        ...mockValidationResponse,
+        failReason: ''
+      });
+      expect(mockConnector.authValidation).toHaveBeenCalledWith({ user: mockUser });
+    });
+    test('should handle user not found in database', async () => {
+      // Arrange
+      const mockConnector = global.testUtils.createMockConnector();
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      // Mock UserModel.findOne to return null (user not found)
+      const { UserModel } = require('../../models/userModel');
+      jest.spyOn(UserModel, 'findOne').mockResolvedValue(null);
+      const requestData = {
+        platform: 'testCRM',
+        userId: 'non-existent-user'
+      };
+      // Act
+      const result = await authHandler.authValidation(requestData);
+      // Assert
+      expect(result).toEqual({
+        successful: false,
+        status: 404,
+        failReason: 'App Connect. User not found in database'
+      });
+    });
+    test('should handle validation failure', async () => {
+      // Arrange
+      const mockUser = global.testUtils.createMockUser();
+      const mockValidationResponse = {
+        successful: false,
+        returnMessage: {
+          messageType: 'error',
+          message: 'Authentication failed',
+          ttl: 3000
+        },
+        status: 401
+      };
+      const mockConnector = global.testUtils.createMockConnector({
+        getOauthInfo: jest.fn().mockResolvedValue({}),
+        authValidation: jest.fn().mockResolvedValue(mockValidationResponse)
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      // Mock UserModel.findOne to return a user
+      const { UserModel } = require('../../models/userModel');
+      jest.spyOn(UserModel, 'findOne').mockResolvedValue(mockUser);
+      // Mock oauth.checkAndRefreshAccessToken
+      const oauth = require('../../lib/oauth');
+      jest.spyOn(oauth, 'checkAndRefreshAccessToken').mockResolvedValue(mockUser);
+      const requestData = {
+        platform: 'testCRM',
+        userId: 'test-user-id'
+      };
+      // Act
+      const result = await authHandler.authValidation(requestData);
+      // Assert
+      expect(result).toEqual({
+        ...mockValidationResponse,
+        failReason: 'CRM. API failed'
+      });
+      expect(result.successful).toBe(false);
+    });
+  });
+  describe('onOAuthCallback', () => {
+    const mockOAuthApp = {
+      code: {
+        getToken: jest.fn()
+      }
+    };
+    beforeEach(() => {
+      oauth.getOAuthApp.mockReturnValue(mockOAuthApp);
+    });
+    test('should handle successful OAuth callback', async () => {
+      // Arrange
+      const mockUserInfo = {
+        successful: true,
+        platformUserInfo: {
+          id: 'oauth-user-id',
+          name: 'OAuth User',
+          timezoneName: 'America/New_York',
+          timezoneOffset: -300,
+          platformAdditionalInfo: {}
+        },
+        returnMessage: {
+          messageType: 'success',
+          message: 'Connected successfully'
+        }
+      };
+      const mockConnector = global.testUtils.createMockConnector({
+        getOauthInfo: jest.fn().mockResolvedValue({
+          clientId: 'client-id',
+          clientSecret: 'client-secret',
+          accessTokenUri: 'https://api.example.com/oauth/token',
+          authorizationUri: 'https://api.example.com/oauth/authorize'
+        }),
+        getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      mockOAuthApp.code.getToken.mockResolvedValue({
+        accessToken: 'new-access-token',
+        refreshToken: 'new-refresh-token',
+        expires: new Date()
+      });
+      const requestData = {
+        platform: 'testCRM',
+        hostname: 'api.example.com',
+        tokenUrl: 'https://api.example.com/oauth/token',
+        query: {
+          callbackUri: 'https://app.example.com/callback?code=auth-code-123',
+          rcAccountId: 'rc-account-123'
+        }
+      };
+      // Act
+      const result = await authHandler.onOAuthCallback(requestData);
+      // Assert
+      expect(result.userInfo).toBeDefined();
+      expect(result.userInfo.id).toBe('oauth-user-id');
+      expect(oauth.getOAuthApp).toHaveBeenCalled();
+      expect(mockOAuthApp.code.getToken).toHaveBeenCalled();
+    });
+    test('should return fail message when oauthInfo has error', async () => {
+      // Arrange
+      const mockConnector = global.testUtils.createMockConnector({
+        getOauthInfo: jest.fn().mockResolvedValue({
+          failMessage: 'OAuth configuration not found'
+        })
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      const requestData = {
+        platform: 'testCRM',
+        hostname: 'api.example.com',
+        tokenUrl: '',
+        query: { callbackUri: 'https://app.example.com/callback', rcAccountId: 'rc-123' }
+      };
+      // Act
+      const result = await authHandler.onOAuthCallback(requestData);
+      // Assert
+      expect(result.userInfo).toBeNull();
+      expect(result.returnMessage.messageType).toBe('danger');
+      expect(result.returnMessage.message).toBe('OAuth configuration not found');
+    });
+    test('should handle failed user info retrieval', async () => {
+      // Arrange
+      const mockConnector = global.testUtils.createMockConnector({
+        getOauthInfo: jest.fn().mockResolvedValue({ clientId: 'id', clientSecret: 'secret' }),
+        getUserInfo: jest.fn().mockResolvedValue({
+          successful: false,
+          returnMessage: { messageType: 'error', message: 'User not authorized' }
+        })
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      mockOAuthApp.code.getToken.mockResolvedValue({
+        accessToken: 'token',
+        refreshToken: 'refresh',
+        expires: new Date()
+      });
+      const requestData = {
+        platform: 'testCRM',
+        hostname: 'api.example.com',
+        tokenUrl: '',
+        query: { callbackUri: 'https://app.example.com/callback', rcAccountId: 'rc-123' }
+      };
+      // Act
+      const result = await authHandler.onOAuthCallback(requestData);
+      // Assert
+      expect(result.userInfo).toBeNull();
+      expect(result.returnMessage.message).toBe('User not authorized');
+    });
+    test('should handle proxyId in OAuth callback', async () => {
+      // Arrange
+      const proxyConfig = { name: 'Proxy Config', settings: {} };
+      Connector.getProxyConfig.mockResolvedValue(proxyConfig);
+      const mockConnector = global.testUtils.createMockConnector({
+        getOauthInfo: jest.fn().mockResolvedValue({ clientId: 'id', clientSecret: 'secret' }),
+        getUserInfo: jest.fn().mockResolvedValue({
+          successful: true,
+          platformUserInfo: { id: 'proxy-user', name: 'Proxy User' },
+          returnMessage: { messageType: 'success', message: 'OK' }
+        })
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      mockOAuthApp.code.getToken.mockResolvedValue({
+        accessToken: 'token',
+        refreshToken: 'refresh',
+        expires: new Date()
+      });
+      const requestData = {
+        platform: 'testCRM',
+        hostname: 'api.example.com',
+        tokenUrl: '',
+        query: {
+          callbackUri: 'https://app.example.com/callback',
+          proxyId: 'proxy-123',
+          rcAccountId: 'rc-123'
+        }
+      };
+      // Act
+      await authHandler.onOAuthCallback(requestData);
+      // Assert
+      expect(Connector.getProxyConfig).toHaveBeenCalledWith('proxy-123');
+    });
+    test('should call postSaveUserInfo if platform implements it', async () => {
+      // Arrange
+      const postSaveResult = { id: 'user-id', name: 'User', extra: 'data' };
+      const mockConnector = global.testUtils.createMockConnector({
+        getOauthInfo: jest.fn().mockResolvedValue({ clientId: 'id', clientSecret: 'secret' }),
+        getUserInfo: jest.fn().mockResolvedValue({
+          successful: true,
+          platformUserInfo: { id: 'user-id', name: 'User' },
+          returnMessage: { messageType: 'success', message: 'OK' }
+        }),
+        postSaveUserInfo: jest.fn().mockResolvedValue(postSaveResult)
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      mockOAuthApp.code.getToken.mockResolvedValue({
+        accessToken: 'token',
+        refreshToken: 'refresh',
+        expires: new Date()
+      });
+      const requestData = {
+        platform: 'testCRM',
+        hostname: 'api.example.com',
+        tokenUrl: '',
+        query: { callbackUri: 'https://app.example.com/callback', rcAccountId: 'rc-123' }
+      };
+      // Act
+      const result = await authHandler.onOAuthCallback(requestData);
+      // Assert
+      expect(mockConnector.postSaveUserInfo).toHaveBeenCalled();
+      expect(result.userInfo).toEqual(postSaveResult);
+    });
+    test('should use overriding OAuth option if provided', async () => {
+      // Arrange
+      const overridingOption = { redirect_uri: 'custom-redirect' };
+      const mockConnector = global.testUtils.createMockConnector({
+        getOauthInfo: jest.fn().mockResolvedValue({ clientId: 'id', clientSecret: 'secret' }),
+        getOverridingOAuthOption: jest.fn().mockReturnValue(overridingOption),
+        getUserInfo: jest.fn().mockResolvedValue({
+          successful: true,
+          platformUserInfo: { id: 'user-id', name: 'User' },
+          returnMessage: { messageType: 'success', message: 'OK' }
+        })
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      mockOAuthApp.code.getToken.mockResolvedValue({
+        accessToken: 'token',
+        refreshToken: 'refresh',
+        expires: new Date()
+      });
+      const requestData = {
+        platform: 'testCRM',
+        hostname: 'api.example.com',
+        tokenUrl: '',
+        query: { callbackUri: 'https://app.example.com/callback?code=code123', rcAccountId: 'rc-123' }
+      };
+      // Act
+      await authHandler.onOAuthCallback(requestData);
+      // Assert
+      expect(mockConnector.getOverridingOAuthOption).toHaveBeenCalledWith({ code: 'code123' });
+      expect(mockOAuthApp.code.getToken).toHaveBeenCalledWith(
+        expect.any(String),
+        overridingOption
+      );
+    });
+  });
+  describe('getLicenseStatus', () => {
+    test('should return license status from platform module', async () => {
+      // Arrange
+      const mockUser = global.testUtils.createMockUser({ id: 'user-123' });
+      const mockLicenseStatus = {
+        isValid: true,
+        expiresAt: '2025-12-31',
+        features: ['call_logging', 'sms_logging']
+      };
+      const mockConnector = global.testUtils.createMockConnector({
+        getLicenseStatus: jest.fn().mockResolvedValue(mockLicenseStatus)
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      const { UserModel } = require('../../models/userModel');
+      jest.spyOn(UserModel, 'findByPk').mockResolvedValue(mockUser);
+      // Act
+      const result = await authHandler.getLicenseStatus({
+        userId: 'user-123',
+        platform: 'testCRM'
+      });
+      // Assert
+      expect(result).toEqual(mockLicenseStatus);
+      expect(mockConnector.getLicenseStatus).toHaveBeenCalledWith({
+        userId: 'user-123',
+        platform: 'testCRM',
+        user: mockUser
+      });
+    });
+    test('should return invalid license status when user not found', async () => {
+      // Arrange
+      const mockConnector = global.testUtils.createMockConnector({
+        getLicenseStatus: jest.fn()
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      const { UserModel } = require('../../models/userModel');
+      jest.spyOn(UserModel, 'findByPk').mockResolvedValue(null);
+      // Act
+      const result = await authHandler.getLicenseStatus({
+        userId: 'missing-user',
+        platform: 'testCRM'
+      });
+      // Assert
+      expect(result).toEqual({
+        isLicenseValid: false,
+        licenseStatus: 'Invalid (User not found)',
+        licenseStatusDescription: ''
+      });
+      expect(connectorRegistry.getConnector).not.toHaveBeenCalled();
+      expect(mockConnector.getLicenseStatus).not.toHaveBeenCalled();
+    });
+  });
+  describe('onRingcentralOAuthCallback', () => {
+    beforeEach(() => {
+      process.env.RINGCENTRAL_SERVER = 'https://platform.ringcentral.com';
+      process.env.RINGCENTRAL_CLIENT_ID = 'rc-client-id';
+      process.env.RINGCENTRAL_CLIENT_SECRET = 'rc-client-secret';
+      process.env.APP_SERVER = 'https://app.example.com';
+    });
+    test('should handle successful RingCentral OAuth callback', async () => {
+      // Arrange
+      process.env.HASH_KEY = 'test-hash-key';
+      const rcAccountId = 'rc-account-id';
+      const mockGenerateToken = jest.fn().mockResolvedValue({
+        access_token: 'rc-access-token',
+        refresh_token: 'rc-refresh-token',
+        expire_time: Date.now() + 3600000
+      });
+      RingCentral.mockImplementation(() => ({
+        generateToken: mockGenerateToken
+      }));
+      // Act
+      await authHandler.onRingcentralOAuthCallback({
+        code: 'rc-auth-code',
+        rcAccountId
+      });
+      // Assert
+      expect(RingCentral).toHaveBeenCalledWith({
+        server: 'https://platform.ringcentral.com',
+        clientId: 'rc-client-id',
+        clientSecret: 'rc-client-secret',
+        redirectUri: 'https://app.example.com/ringcentral/oauth/callback'
+      });
+      expect(mockGenerateToken).toHaveBeenCalledWith({ code: 'rc-auth-code' });
+      expect(adminCore.updateAdminRcTokens).toHaveBeenCalledWith({
+        hashedRcAccountId: getHashValue(rcAccountId, 'test-hash-key'),
+        adminAccessToken: 'rc-access-token',
+        adminRefreshToken: 'rc-refresh-token',
+        adminTokenExpiry: expect.any(Number)
+      });
+    });
+    test('should return early if environment variables are not set', async () => {
+      // Arrange
+      delete process.env.RINGCENTRAL_SERVER;
+      // Act
+      const result = await authHandler.onRingcentralOAuthCallback({
+        code: 'rc-auth-code',
+        rcAccountId: 'hashed-rc-account-id'
+      });
+      // Assert
+      expect(result).toBeUndefined();
+      expect(RingCentral).not.toHaveBeenCalled();
+    });
+  });
+});