@conversionpros/aiva 1.0.0 → 2.0.0

package/notion-oauth.js

@@ -1,323 +0,0 @@
-/**
- * Notion OAuth Integration
- * Handles OAuth flow, token management, and Notion API proxy.
- * 
- * Endpoints:
- *   GET    /api/integrations/notion/auth-url       - Generate OAuth URL
- *   GET    /api/integrations/notion/callback        - Handle OAuth callback
- *   GET    /api/integrations/notion/status          - List connected workspaces
- *   DELETE /api/integrations/notion/disconnect      - Disconnect a workspace
- *   GET    /api/integrations/notion/search          - Proxy search
- *   GET    /api/integrations/notion/pages/:pageId   - Get page content
- *   POST   /api/integrations/notion/pages           - Create page
- */
-
-const express = require('express');
-const crypto = require('crypto');
-const fs = require('fs');
-const path = require('path');
-const os = require('os');
-const { v4: uuidv4 } = require('uuid');
-
-const router = express.Router();
-
-// ─── Config ───────────────────────────────────────────────────────────────────
-
-const NOTION_CLIENT_ID = process.env.NOTION_CLIENT_ID || '315d872b-594c-8176-9040-00378fe5ec21';
-const NOTION_CLIENT_SECRET = process.env.NOTION_CLIENT_SECRET || 'secret_tmzIhJEbTFsM6EmeXQ6oX5IFFPLICS5XPYTx19ZqwVM';
-const NOTION_REDIRECT_URI = process.env.NOTION_REDIRECT_URI || 'https://app.aivahelpme.com/api/integrations/notion/callback';
-const TOKENS_FILE = path.join(__dirname, 'data', 'oauth-tokens.json');
-const NOTION_API_VERSION = '2022-06-28';
-
-// In-memory CSRF state store (5 min TTL)
-const pendingStates = new Map();
-
-// ─── Encryption (matches google-oauth.js) ─────────────────────────────────────
-
-function getEncryptionKey() {
-  return crypto.createHash('sha256').update('aiva-tokens-' + os.hostname()).digest();
-}
-
-function encrypt(text) {
-  const key = getEncryptionKey();
-  const iv = crypto.randomBytes(12);
-  const cipher = crypto.createCipheriv('aes-256-gcm', key, iv);
-  let enc = cipher.update(text, 'utf8', 'hex');
-  enc += cipher.final('hex');
-  const tag = cipher.getAuthTag().toString('hex');
-  return `${iv.toString('hex')}:${tag}:${enc}`;
-}
-
-function decrypt(stored) {
-  const key = getEncryptionKey();
-  const [ivHex, tagHex, enc] = stored.split(':');
-  const decipher = crypto.createDecipheriv('aes-256-gcm', key, Buffer.from(ivHex, 'hex'));
-  decipher.setAuthTag(Buffer.from(tagHex, 'hex'));
-  let dec = decipher.update(enc, 'hex', 'utf8');
-  dec += decipher.final('utf8');
-  return dec;
-}
-
-// ─── Token Storage ────────────────────────────────────────────────────────────
-
-function loadTokens() {
-  try {
-    if (fs.existsSync(TOKENS_FILE)) {
-      return JSON.parse(fs.readFileSync(TOKENS_FILE, 'utf8'));
-    }
-  } catch (e) {
-    console.error('[notion-oauth] Failed to load tokens:', e.message);
-  }
-  return { google: { accounts: [] }, notion: { accounts: [] } };
-}
-
-function saveTokens(data) {
-  const dir = path.dirname(TOKENS_FILE);
-  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
-  fs.writeFileSync(TOKENS_FILE, JSON.stringify(data, null, 2));
-}
-
-// ─── Helper: get token for an account ─────────────────────────────────────────
-
-function getNotionToken(accountId) {
-  const store = loadTokens();
-  if (!store.notion) return null;
-  const account = accountId
-    ? store.notion.accounts.find(a => a.id === accountId)
-    : store.notion.accounts[0];
-  if (!account) return null;
-  return {
-    token: decrypt(account.access_token),
-    workspace_name: account.workspace_name,
-    workspace_id: account.workspace_id,
-    bot_id: account.bot_id,
-  };
-}
-
-// ─── Routes ───────────────────────────────────────────────────────────────────
-
-// Generate OAuth authorization URL
-router.get('/auth-url', (req, res) => {
-  if (!NOTION_CLIENT_ID || !NOTION_CLIENT_SECRET) {
-    return res.json({ success: false, error: 'Notion OAuth not configured. Set NOTION_CLIENT_ID and NOTION_CLIENT_SECRET.' });
-  }
-
-  const state = crypto.randomBytes(32).toString('hex');
-  pendingStates.set(state, { createdAt: Date.now() });
-  setTimeout(() => pendingStates.delete(state), 5 * 60 * 1000);
-
-  const params = new URLSearchParams({
-    client_id: NOTION_CLIENT_ID,
-    response_type: 'code',
-    owner: 'user',
-    redirect_uri: NOTION_REDIRECT_URI,
-    state,
-  });
-
-  const url = `https://api.notion.com/v1/oauth/authorize?${params}`;
-  res.json({ success: true, data: { url } });
-});
-
-// OAuth callback
-router.get('/callback', async (req, res) => {
-  const { code, state, error } = req.query;
-
-  if (error) {
-    return res.redirect('/#settings?notion_oauth=error&message=' + encodeURIComponent(error));
-  }
-
-  if (!state || !pendingStates.has(state)) {
-    return res.redirect('/#settings?notion_oauth=error&message=Invalid+state+token');
-  }
-
-  pendingStates.delete(state);
-
-  try {
-    // Exchange code for token (Basic auth with client_id:client_secret)
-    const basicAuth = Buffer.from(`${NOTION_CLIENT_ID}:${NOTION_CLIENT_SECRET}`).toString('base64');
-    const tokenResp = await fetch('https://api.notion.com/v1/oauth/token', {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-        'Authorization': `Basic ${basicAuth}`,
-      },
-      body: JSON.stringify({
-        grant_type: 'authorization_code',
-        code,
-        redirect_uri: NOTION_REDIRECT_URI,
-      }),
-    });
-
-    if (!tokenResp.ok) {
-      const err = await tokenResp.text();
-      console.error('[notion-oauth] Token exchange failed:', err);
-      return res.redirect('/#settings?notion_oauth=error&message=Token+exchange+failed');
-    }
-
-    const tokens = await tokenResp.json();
-
-    // Store workspace
-    const store = loadTokens();
-    if (!store.notion) store.notion = { accounts: [] };
-
-    // Check if this workspace is already connected - update if so
-    const existingIdx = store.notion.accounts.findIndex(a => a.workspace_id === tokens.workspace_id);
-    const account = {
-      id: existingIdx >= 0 ? store.notion.accounts[existingIdx].id : uuidv4(),
-      workspace_name: tokens.workspace_name || 'Unnamed Workspace',
-      workspace_id: tokens.workspace_id,
-      bot_id: tokens.bot_id,
-      access_token: encrypt(tokens.access_token),
-      status: 'connected',
-      connected_at: new Date().toISOString(),
-    };
-
-    if (existingIdx >= 0) {
-      store.notion.accounts[existingIdx] = account;
-    } else {
-      store.notion.accounts.push(account);
-    }
-    saveTokens(store);
-
-    console.log(`[notion-oauth] Connected workspace: ${tokens.workspace_name} (${tokens.workspace_id})`);
-    return res.redirect('/#settings?notion_oauth=success&workspace=' + encodeURIComponent(tokens.workspace_name || ''));
-
-  } catch (e) {
-    console.error('[notion-oauth] Callback error:', e);
-    return res.redirect('/#settings?notion_oauth=error&message=' + encodeURIComponent(e.message));
-  }
-});
-
-// Workspace status
-router.get('/status', (req, res) => {
-  const store = loadTokens();
-  const accounts = (store.notion?.accounts || []).map(a => ({
-    id: a.id,
-    workspace_name: a.workspace_name,
-    workspace_id: a.workspace_id,
-    bot_id: a.bot_id,
-    status: a.status || 'connected',
-    connected_at: a.connected_at,
-  }));
-  res.json({ success: true, data: { accounts, configured: !!(NOTION_CLIENT_ID && NOTION_CLIENT_SECRET) } });
-});
-
-// Disconnect workspace
-router.delete('/disconnect', (req, res) => {
-  const { accountId } = req.body || {};
-  if (!accountId) return res.json({ success: false, error: 'accountId required' });
-
-  const store = loadTokens();
-  if (!store.notion) return res.json({ success: false, error: 'No Notion workspaces found' });
-
-  const idx = store.notion.accounts.findIndex(a => a.id === accountId);
-  if (idx < 0) return res.json({ success: false, error: 'Workspace not found' });
-
-  const account = store.notion.accounts[idx];
-  store.notion.accounts.splice(idx, 1);
-  saveTokens(store);
-
-  console.log(`[notion-oauth] Disconnected workspace: ${account.workspace_name}`);
-  res.json({ success: true, data: { workspace_name: account.workspace_name } });
-});
-
-// Search Notion
-router.get('/search', async (req, res) => {
-  const { q, accountId } = req.query;
-  const tokenInfo = getNotionToken(accountId);
-  if (!tokenInfo) return res.json({ success: false, error: 'No Notion workspace connected' });
-
-  try {
-    const body = {};
-    if (q) body.query = q;
-
-    const resp = await fetch('https://api.notion.com/v1/search', {
-      method: 'POST',
-      headers: {
-        'Authorization': `Bearer ${tokenInfo.token}`,
-        'Notion-Version': NOTION_API_VERSION,
-        'Content-Type': 'application/json',
-      },
-      body: JSON.stringify(body),
-    });
-
-    if (!resp.ok) {
-      const err = await resp.text();
-      console.error('[notion-oauth] Search failed:', err);
-      return res.json({ success: false, error: 'Notion search failed' });
-    }
-
-    const data = await resp.json();
-    res.json({ success: true, data });
-  } catch (e) {
-    res.json({ success: false, error: e.message });
-  }
-});
-
-// Get page content (blocks)
-router.get('/pages/:pageId', async (req, res) => {
-  const { accountId } = req.query;
-  const tokenInfo = getNotionToken(accountId);
-  if (!tokenInfo) return res.json({ success: false, error: 'No Notion workspace connected' });
-
-  try {
-    // Get page properties
-    const pageResp = await fetch(`https://api.notion.com/v1/pages/${req.params.pageId}`, {
-      headers: {
-        'Authorization': `Bearer ${tokenInfo.token}`,
-        'Notion-Version': NOTION_API_VERSION,
-      },
-    });
-
-    // Get page blocks (content)
-    const blocksResp = await fetch(`https://api.notion.com/v1/blocks/${req.params.pageId}/children?page_size=100`, {
-      headers: {
-        'Authorization': `Bearer ${tokenInfo.token}`,
-        'Notion-Version': NOTION_API_VERSION,
-      },
-    });
-
-    if (!pageResp.ok || !blocksResp.ok) {
-      return res.json({ success: false, error: 'Failed to fetch page' });
-    }
-
-    const page = await pageResp.json();
-    const blocks = await blocksResp.json();
-
-    res.json({ success: true, data: { page, blocks: blocks.results } });
-  } catch (e) {
-    res.json({ success: false, error: e.message });
-  }
-});
-
-// Create page
-router.post('/pages', async (req, res) => {
-  const { accountId } = req.query;
-  const tokenInfo = getNotionToken(accountId);
-  if (!tokenInfo) return res.json({ success: false, error: 'No Notion workspace connected' });
-
-  try {
-    const resp = await fetch('https://api.notion.com/v1/pages', {
-      method: 'POST',
-      headers: {
-        'Authorization': `Bearer ${tokenInfo.token}`,
-        'Notion-Version': NOTION_API_VERSION,
-        'Content-Type': 'application/json',
-      },
-      body: JSON.stringify(req.body),
-    });
-
-    if (!resp.ok) {
-      const err = await resp.text();
-      console.error('[notion-oauth] Create page failed:', err);
-      return res.json({ success: false, error: 'Failed to create page' });
-    }
-
-    const data = await resp.json();
-    res.json({ success: true, data });
-  } catch (e) {
-    res.json({ success: false, error: e.message });
-  }
-});
-
-module.exports = { router, getNotionToken };

package/public/agent-config.html

@@ -1,241 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<link rel="stylesheet" href="/styles/design-system.css">
-<title>AIVA - Agent Configuration</title>
-<style>
-body{font-family:var(--font-sans);background:var(--bg-secondary);color:var(--text);min-height:100vh;display:flex;flex-direction:column;align-items:center;padding:20px}
-.container{max-width:520px;width:100%}
-.header{text-align:center;margin-bottom:24px;padding:16px 0;border-bottom:1px solid var(--border-dim)}
-.header h1{font-size:18px;color:var(--text-dim);font-weight:500;letter-spacing:1px}
-.header .subtitle{font-size:14px;color:var(--text-dim);margin-top:6px}
-.header .contact-name{font-size:20px;font-weight:600;color:var(--text);margin-top:8px}
-.header .contact-phone{font-size:14px;color:var(--blue);margin-top:2px}
-
-.section{background:var(--surface-glass);border:1px solid var(--border-dim);border-radius:var(--radius-lg);padding:var(--space-lg);margin-bottom:var(--space-lg)}
-.section-title{font-size:16px;font-weight:600;color:var(--text);margin-bottom:var(--space-xs)}
-.section-desc{font-size:13px;color:var(--text-dim);margin-bottom:var(--space-lg);line-height:1.4}
-
-.presets{display:flex;gap:var(--space-sm);margin-bottom:var(--space-lg)}
-.preset-btn{flex:1;padding:8px 4px;background:var(--bg);border:1px solid var(--border);border-radius:var(--radius-md);color:var(--text-dim);font-size:12px;font-weight:600;cursor:pointer;transition:all .2s;font-family:inherit}
-.preset-btn:hover{border-color:var(--blue);color:var(--blue)}
-.preset-btn.active{border-color:var(--blue);background:#1c2333;color:var(--blue)}
-
-.skill-item{display:flex;align-items:flex-start;justify-content:space-between;padding:12px 0;border-bottom:1px solid var(--border-dim)}
-.skill-item:last-child{border-bottom:none}
-.skill-info{flex:1;margin-right:12px}
-.skill-name{font-size:14px;font-weight:600;color:var(--text-secondary)}
-.skill-desc{font-size:12px;color:var(--text-dim);margin-top:2px;line-height:1.4}
-
-.toggle{position:relative;width:44px;height:24px;flex-shrink:0;margin-top:2px}
-.toggle input{opacity:0;width:0;height:0}
-.toggle .slider{position:absolute;cursor:pointer;top:0;left:0;right:0;bottom:0;background:var(--border);border-radius:24px;transition:.2s}
-.toggle .slider:before{content:'';position:absolute;height:18px;width:18px;left:3px;bottom:3px;background:var(--text-dim);border-radius:50%;transition:.2s}
-.toggle input:checked+.slider{background:var(--green-border)}
-.toggle input:checked+.slider:before{transform:translateX(20px);background:#fff}
-
-.warning-banner{background:var(--yellow-bg);border:1px solid var(--yellow-border);border-radius:var(--radius-md);padding:10px 12px;margin-bottom:var(--space-lg);font-size:12px;color:var(--yellow-border);line-height:1.4}
-
-.collapsible-header{display:flex;align-items:center;justify-content:space-between;cursor:pointer;user-select:none}
-.collapsible-header .chevron{color:var(--text-dim);font-size:14px;transition:transform .2s}
-.collapsible-header.open .chevron{transform:rotate(180deg)}
-.collapsible-body{display:none;margin-top:var(--space-lg)}
-.collapsible-body.open{display:block}
-
-textarea{width:100%;background:var(--bg);border:1px solid var(--border);border-radius:var(--radius-md);padding:12px;font-size:14px;color:var(--text);resize:vertical;font-family:inherit;min-height:100px;transition:border-color .2s}
-textarea:focus{outline:none;border-color:var(--blue)}
-.char-count{text-align:right;font-size:11px;color:var(--text-muted);margin-top:var(--space-xs)}
-
-.btn{width:100%;padding:14px;background:var(--green-border);color:#fff;border:none;border-radius:var(--radius-lg);font-size:16px;font-weight:600;cursor:pointer;margin-top:var(--space-sm);transition:background .2s}
-.btn:hover{background:#2ea043}
-.btn:disabled{background:var(--border-dim);color:var(--text-muted);cursor:not-allowed}
-
-.status{text-align:center;padding:12px;border-radius:var(--radius-lg);margin-top:var(--space-md);font-size:14px;display:none}
-.status.success{display:block;background:var(--green-bg);border:1px solid var(--green-border);color:var(--green)}
-.status.error{display:block;background:var(--red-bg);border:1px solid var(--red-border);color:var(--red)}
-
-.loading{text-align:center;padding:60px;color:var(--text-dim)}
-.loading .spinner{display:inline-block;width:24px;height:24px;border:3px solid var(--border);border-top-color:var(--blue);border-radius:50%;animation:spin .8s linear infinite;margin-bottom:12px}
-@keyframes spin{to{transform:rotate(360deg)}}
-
-.error-page{text-align:center;padding:40px 20px}
-.error-page h2{color:var(--red);margin-bottom:12px}
-.error-page p{color:var(--text-dim)}
-</style>
-</head>
-<body>
-<div class="container" id="app">
-<div class="loading" id="loading"><div class="spinner"></div><br>Loading configuration...</div>
-</div>
-<script>
-const phone = new URLSearchParams(window.location.search).get('phone');
-const app = document.getElementById('app');
-
-const BASIC_SKILLS = ['search', 'calendar', 'knowledge', 'contacts'];
-
-function esc(s) { const d = document.createElement('div'); d.textContent = s || ''; return d.innerHTML; }
-
-if (!phone) {
-  app.innerHTML = '<div class="error-page"><h2>Invalid Link</h2><p>Missing phone number parameter.</p></div>';
-} else {
-  loadConfig();
-}
-
-async function loadConfig() {
-  try {
-    const res = await fetch(`/api/agent-sessions/${encodeURIComponent(phone)}/config`);
-    if (!res.ok) throw new Error(res.status === 404 ? 'Session not found for this contact.' : 'Failed to load configuration.');
-    const data = await res.json();
-    render(data);
-  } catch (e) {
-    app.innerHTML = `<div class="error-page"><h2>Error</h2><p>${esc(e.message)}</p></div>`;
-  }
-}
-
-function render(data) {
-  const contactName = data.contactName || 'this contact';
-  const skills = data.skills || [];
-  const toolPolicies = data.toolPolicies || [];
-  const instructions = data.instructions || '';
-  const enabledSkills = new Set(data.enabledSkills || []);
-  const enabledPolicies = data.enabledPolicies || {};
-
-  app.innerHTML = `
-    <div class="header">
-      <h1>AGENT CONFIGURATION</h1>
-      <div class="contact-name">${esc(contactName)}</div>
-      <div class="contact-phone">${esc(phone)}</div>
-    </div>
-
-    <div class="section">
-      <div class="section-title">Agent Skills</div>
-      <div class="section-desc">Choose what this agent can do for ${esc(contactName)}</div>
-      <div class="presets">
-        <button class="preset-btn" onclick="applyPreset('demo')">Demo (none)</button>
-        <button class="preset-btn" onclick="applyPreset('basic')">Basic</button>
-        <button class="preset-btn" onclick="applyPreset('full')">Full Access</button>
-      </div>
-      <div id="skills-list">
-        ${skills.map(s => `
-          <div class="skill-item">
-            <div class="skill-info">
-              <div class="skill-name">${esc(s.name)}</div>
-              <div class="skill-desc">${esc(s.description)}</div>
-            </div>
-            <label class="toggle">
-              <input type="checkbox" data-skill-id="${esc(s.id)}" ${enabledSkills.has(s.id) ? 'checked' : ''} onchange="updatePresetHighlight()">
-              <span class="slider"></span>
-            </label>
-          </div>
-        `).join('')}
-      </div>
-    </div>
-
-    <div class="section">
-      <div class="collapsible-header" onclick="togglePolicies()">
-        <div>
-          <div class="section-title">Tool Policies</div>
-          <div class="section-desc" style="margin-bottom:0">Advanced system-level permissions</div>
-        </div>
-        <span class="chevron">▼</span>
-      </div>
-      <div class="collapsible-body" id="policies-body">
-        <div class="warning-banner">⚠️ These controls grant low-level system access. Most contacts should not need any of these enabled.</div>
-        <div id="policies-list">
-          ${toolPolicies.map(p => `
-            <div class="skill-item">
-              <div class="skill-info">
-                <div class="skill-name">${esc(p.name)}</div>
-                <div class="skill-desc">${esc(p.description)}</div>
-              </div>
-              <label class="toggle">
-                <input type="checkbox" data-policy-id="${esc(p.id)}" ${enabledPolicies[p.id] ? 'checked' : ''}>
-                <span class="slider"></span>
-              </label>
-            </div>
-          `).join('')}
-        </div>
-      </div>
-    </div>
-
-    <div class="section">
-      <div class="section-title">Custom Instructions</div>
-      <div class="section-desc">Tell the agent how to behave with this contact</div>
-      <textarea id="instructions" maxlength="2000" placeholder="e.g., 'Be friendly and casual. This is my mom, help her with tech questions. Never discuss business details.'" oninput="updateCharCount()">${esc(instructions)}</textarea>
-      <div class="char-count" id="char-count">${instructions.length}/2000</div>
-    </div>
-
-    <button class="btn" id="save-btn" onclick="saveConfig()">Save Configuration</button>
-    <div class="status" id="status"></div>
-  `;
-
-  window._skillIds = skills.map(s => s.id);
-  updatePresetHighlight();
-}
-
-window.applyPreset = function(preset) {
-  const checkboxes = document.querySelectorAll('[data-skill-id]');
-  checkboxes.forEach(cb => {
-    if (preset === 'demo') cb.checked = false;
-    else if (preset === 'basic') cb.checked = BASIC_SKILLS.includes(cb.dataset.skillId);
-    else if (preset === 'full') cb.checked = true;
-  });
-  updatePresetHighlight();
-};
-
-window.updatePresetHighlight = function() {
-  const checkboxes = [...document.querySelectorAll('[data-skill-id]')];
-  const allOff = checkboxes.every(c => !c.checked);
-  const allOn = checkboxes.every(c => c.checked);
-  const isBasic = checkboxes.every(c => c.checked === BASIC_SKILLS.includes(c.dataset.skillId));
-  document.querySelectorAll('.preset-btn').forEach(b => b.classList.remove('active'));
-  if (allOff) document.querySelectorAll('.preset-btn')[0]?.classList.add('active');
-  else if (isBasic) document.querySelectorAll('.preset-btn')[1]?.classList.add('active');
-  else if (allOn) document.querySelectorAll('.preset-btn')[2]?.classList.add('active');
-};
-
-window.togglePolicies = function() {
-  const header = document.querySelector('.collapsible-header');
-  const body = document.getElementById('policies-body');
-  header.classList.toggle('open');
-  body.classList.toggle('open');
-};
-
-window.updateCharCount = function() {
-  const ta = document.getElementById('instructions');
-  document.getElementById('char-count').textContent = `${ta.value.length}/2000`;
-};
-
-window.saveConfig = async function() {
-  const btn = document.getElementById('save-btn');
-  const status = document.getElementById('status');
-  status.className = 'status';
-  btn.disabled = true;
-  btn.textContent = 'Saving...';
-
-  const skills = [...document.querySelectorAll('[data-skill-id]:checked')].map(c => c.dataset.skillId);
-  const tool_policies = {};
-  document.querySelectorAll('[data-policy-id]').forEach(c => { tool_policies[c.dataset.policyId] = c.checked; });
-  const instructions = document.getElementById('instructions').value.trim();
-
-  try {
-    const res = await fetch(`/api/agent-sessions/${encodeURIComponent(phone)}/config`, {
-      method: 'POST',
-      headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({ skills, tool_policies, instructions })
-    });
-    if (!res.ok) { const d = await res.json().catch(() => ({})); throw new Error(d.error || 'Failed to save.'); }
-    status.className = 'status success';
-    status.textContent = '✓ Configuration saved successfully.';
-  } catch (e) {
-    status.className = 'status error';
-    status.textContent = e.message || 'Network error. Please try again.';
-  }
-  btn.disabled = false;
-  btn.textContent = 'Save Configuration';
-};
-</script>
-</body>
-</html>