@nordsym/apiclaw 2.2.0 → 2.3.0

package/convex/directCall.ts

@@ -1,713 +0,0 @@
-import { v } from "convex/values";
-import { mutation, query } from "./_generated/server";
-
-// ============================================
-// MUTATIONS
-// ============================================
-
-/**
- * Save/update provider's Direct Call configuration
- */
-export const saveDirectCallConfig = mutation({
-  args: {
-    id: v.optional(v.id("providerDirectCall")),
-    providerId: v.id("providers"),
-    apiId: v.optional(v.id("providerAPIs")),
-    baseUrl: v.string(),
-    authType: v.string(),
-    authHeader: v.string(),
-    authPrefix: v.string(),
-    encryptedMasterKey: v.string(),
-    rateLimitPerUser: v.number(),
-    rateLimitPerDay: v.number(),
-    pricePerRequest: v.number(),
-  },
-  handler: async (ctx, args) => {
-    const now = Date.now();
-
-    if (args.id) {
-      // Update existing
-      await ctx.db.patch(args.id, {
-        baseUrl: args.baseUrl,
-        authType: args.authType,
-        authHeader: args.authHeader,
-        authPrefix: args.authPrefix,
-        encryptedMasterKey: args.encryptedMasterKey,
-        rateLimitPerUser: args.rateLimitPerUser,
-        rateLimitPerDay: args.rateLimitPerDay,
-        pricePerRequest: args.pricePerRequest,
-        updatedAt: now,
-      });
-      return args.id;
-    }
-
-    // Create new
-    return await ctx.db.insert("providerDirectCall", {
-      providerId: args.providerId,
-      apiId: args.apiId,
-      baseUrl: args.baseUrl,
-      authType: args.authType,
-      authHeader: args.authHeader,
-      authPrefix: args.authPrefix,
-      encryptedMasterKey: args.encryptedMasterKey,
-      rateLimitPerUser: args.rateLimitPerUser,
-      rateLimitPerDay: args.rateLimitPerDay,
-      pricePerRequest: args.pricePerRequest,
-      status: "draft",
-      createdAt: now,
-      updatedAt: now,
-    });
-  },
-});
-
-/**
- * Save Direct Call config with token auth (used by frontend)
- */
-export const saveConfig = mutation({
-  args: {
-    token: v.string(),
-    config: v.object({
-      apiId: v.string(),
-      baseUrl: v.string(),
-      authType: v.string(),
-      authHeader: v.string(),
-      authPrefix: v.string(),
-      masterApiKey: v.optional(v.string()),
-      rateLimitPerUser: v.number(),
-      rateLimitPerDay: v.number(),
-      pricePerRequest: v.number(),
-      status: v.string(),
-      allowCustomerKeys: v.optional(v.boolean()),
-      requireCustomerKeys: v.optional(v.boolean()),
-    }),
-  },
-  handler: async (ctx, args) => {
-    // Verify session (unified: agentSessions first, fallback to legacy sessions)
-    let providerId: any = null;
-
-    const agentSession = await ctx.db
-      .query("agentSessions")
-      .withIndex("by_sessionToken", (q) => q.eq("sessionToken", args.token))
-      .first();
-
-    if (agentSession) {
-      const provider = await ctx.db
-        .query("providers")
-        .withIndex("by_workspaceId", (q) => q.eq("workspaceId", agentSession.workspaceId))
-        .first();
-      if (!provider) throw new Error("No provider linked to workspace");
-      providerId = provider._id;
-    } else {
-      // Fallback: legacy sessions
-      const session = await ctx.db
-        .query("sessions")
-        .withIndex("by_token", (q) => q.eq("token", args.token))
-        .first();
-      if (!session || session.expiresAt < Date.now()) {
-        throw new Error("Invalid or expired session");
-      }
-      providerId = session.providerId;
-    }
-
-    const now = Date.now();
-    const { config } = args;
-
-    // Check if config already exists for this API
-    const existing = await ctx.db
-      .query("providerDirectCall")
-      .filter((q) => q.eq(q.field("apiId"), config.apiId as any))
-      .first();
-
-    if (existing) {
-      // Update existing
-      const updateData: Record<string, unknown> = {
-        baseUrl: config.baseUrl,
-        authType: config.authType,
-        authHeader: config.authHeader,
-        authPrefix: config.authPrefix,
-        rateLimitPerUser: config.rateLimitPerUser,
-        rateLimitPerDay: config.rateLimitPerDay,
-        pricePerRequest: config.pricePerRequest,
-        status: config.status,
-        allowCustomerKeys: config.allowCustomerKeys ?? true,
-        requireCustomerKeys: config.requireCustomerKeys ?? false,
-        updatedAt: now,
-      };
-
-      // Only update master key if provided (not empty)
-      if (config.masterApiKey) {
-        updateData.encryptedMasterKey = config.masterApiKey; // In prod: encrypt this
-      }
-
-      await ctx.db.patch(existing._id, updateData);
-      return existing._id;
-    }
-
-    // Create new config
-    return await ctx.db.insert("providerDirectCall", {
-      providerId,
-      apiId: config.apiId as any,
-      baseUrl: config.baseUrl,
-      authType: config.authType,
-      authHeader: config.authHeader,
-      authPrefix: config.authPrefix,
-      encryptedMasterKey: config.masterApiKey || "",
-      rateLimitPerUser: config.rateLimitPerUser,
-      rateLimitPerDay: config.rateLimitPerDay,
-      pricePerRequest: config.pricePerRequest,
-      status: config.status as "draft" | "testing" | "live",
-      allowCustomerKeys: config.allowCustomerKeys ?? true,
-      requireCustomerKeys: config.requireCustomerKeys ?? false,
-      createdAt: now,
-      updatedAt: now,
-    });
-  },
-});
-
-/**
- * Create/update an action for a Direct Call config
- */
-export const saveAction = mutation({
-  args: {
-    id: v.optional(v.id("providerActions")),
-    directCallId: v.id("providerDirectCall"),
-    name: v.string(),
-    displayName: v.string(),
-    description: v.string(),
-    method: v.string(),
-    path: v.string(),
-    params: v.array(v.object({
-      name: v.string(),
-      type: v.string(),
-      required: v.boolean(),
-      description: v.string(),
-      default: v.optional(v.any()),
-      in: v.string(),
-    })),
-    responseMapping: v.array(v.object({
-      name: v.string(),
-      path: v.string(),
-    })),
-    enabled: v.boolean(),
-  },
-  handler: async (ctx, args) => {
-    const now = Date.now();
-
-    if (args.id) {
-      // Update existing
-      await ctx.db.patch(args.id, {
-        name: args.name,
-        displayName: args.displayName,
-        description: args.description,
-        method: args.method,
-        path: args.path,
-        params: args.params,
-        responseMapping: args.responseMapping,
-        enabled: args.enabled,
-        updatedAt: now,
-      });
-      return args.id;
-    }
-
-    // Create new
-    return await ctx.db.insert("providerActions", {
-      directCallId: args.directCallId,
-      name: args.name,
-      displayName: args.displayName,
-      description: args.description,
-      method: args.method,
-      path: args.path,
-      params: args.params,
-      responseMapping: args.responseMapping,
-      enabled: args.enabled,
-      createdAt: now,
-      updatedAt: now,
-    });
-  },
-});
-
-/**
- * Delete an action
- */
-export const deleteAction = mutation({
-  args: {
-    id: v.id("providerActions"),
-  },
-  handler: async (ctx, args) => {
-    await ctx.db.delete(args.id);
-    return { success: true };
-  },
-});
-
-/**
- * Publish Direct Call - set status to live
- * Also marks apiListed earn progress for the provider's workspace
- */
-export const publishDirectCall = mutation({
-  args: {
-    id: v.id("providerDirectCall"),
-  },
-  handler: async (ctx, args) => {
-    const now = Date.now();
-    
-    // Get the direct call config to find the provider
-    const config = await ctx.db.get(args.id);
-    if (!config) {
-      throw new Error("Direct Call config not found");
-    }
-
-    await ctx.db.patch(args.id, {
-      status: "live",
-      publishedAt: now,
-      updatedAt: now,
-    });
-
-    // Try to mark apiListed for earn progress
-    // First, get the provider to find their session/workspace
-    const provider = await ctx.db.get(config.providerId);
-    if (provider) {
-      // Find workspace by provider email
-      const workspace = await ctx.db
-        .query("workspaces")
-        .withIndex("by_email", (q) => q.eq("email", provider.email))
-        .first();
-
-      if (workspace) {
-        // Update earn progress
-        const earnProgress = await ctx.db
-          .query("earnProgress")
-          .withIndex("by_workspaceId", (q) => q.eq("workspaceId", workspace._id))
-          .first();
-
-        if (earnProgress && !earnProgress.apiListed) {
-          const newTotal = calculateEarnTotal({ ...earnProgress, apiListed: true });
-          await ctx.db.patch(earnProgress._id, {
-            apiListed: true,
-            apiListedAt: now,
-            totalEarned: newTotal,
-            updatedAt: now,
-          });
-          // Add 10 calls to workspace limit
-          await ctx.db.patch(workspace._id, {
-            usageLimit: workspace.usageLimit + 10,
-            updatedAt: now,
-          });
-        } else if (!earnProgress) {
-          // Create earn progress with apiListed
-          await ctx.db.insert("earnProgress", {
-            workspaceId: workspace._id,
-            firstDirectCall: false,
-            apisUsed: [],
-            apisUsedComplete: false,
-            agentListed: false,
-            apiListed: true,
-            apiListedAt: now,
-            byokSetup: false,
-            githubStarred: false,
-            twitterFollowed: false,
-            referralCount: 0,
-            totalEarned: 10,
-            createdAt: now,
-            updatedAt: now,
-          });
-          // Add 10 calls to workspace limit
-          await ctx.db.patch(workspace._id, {
-            usageLimit: workspace.usageLimit + 10,
-            updatedAt: now,
-          });
-        }
-      }
-    }
-
-    return { success: true, publishedAt: now };
-  },
-});
-
-// Helper to calculate earn total (duplicated to avoid circular import)
-function calculateEarnTotal(progress: any): number {
-  let total = 0;
-  if (progress.firstDirectCall) total += 15;
-  if (progress.apisUsedComplete) total += 10;
-  if (progress.agentListed) total += 10;
-  if (progress.apiListed) total += 10;
-  if (progress.byokSetup) total += 5;
-  if (progress.githubStarred) total += 10;
-  if (progress.twitterFollowed) total += 5;
-  total += (progress.referralCount || 0) * 10;
-  return total;
-}
-
-/**
- * Set Direct Call status (draft, testing, live)
- */
-export const setStatus = mutation({
-  args: {
-    id: v.id("providerDirectCall"),
-    status: v.string(),
-  },
-  handler: async (ctx, args) => {
-    const now = Date.now();
-    const update: { status: string; updatedAt: number; publishedAt?: number } = {
-      status: args.status,
-      updatedAt: now,
-    };
-    if (args.status === "live") {
-      update.publishedAt = now;
-    }
-    await ctx.db.patch(args.id, update);
-    return { success: true };
-  },
-});
-
-// ============================================
-// QUERIES
-// ============================================
-
-/**
- * Get Direct Call config by providerId
- */
-export const getDirectCallConfig = query({
-  args: {
-    providerId: v.id("providers"),
-  },
-  handler: async (ctx, args) => {
-    return await ctx.db
-      .query("providerDirectCall")
-      .withIndex("by_providerId", (q) => q.eq("providerId", args.providerId))
-      .first();
-  },
-});
-
-/**
- * Get Direct Call config by ID
- */
-export const getDirectCallConfigById = query({
-  args: {
-    id: v.id("providerDirectCall"),
-  },
-  handler: async (ctx, args) => {
-    return await ctx.db.get(args.id);
-  },
-});
-
-/**
- * Get Direct Call config by API ID
- */
-export const getDirectCallConfigByApiId = query({
-  args: {
-    apiId: v.string(), // Accept string since that's what frontend passes
-  },
-  handler: async (ctx, args) => {
-    return await ctx.db
-      .query("providerDirectCall")
-      .filter((q) => q.eq(q.field("apiId"), args.apiId as any))
-      .first();
-  },
-});
-
-/**
- * Get all actions for a Direct Call config
- */
-export const getActions = query({
-  args: {
-    directCallId: v.id("providerDirectCall"),
-  },
-  handler: async (ctx, args) => {
-    return await ctx.db
-      .query("providerActions")
-      .withIndex("by_directCallId", (q) => q.eq("directCallId", args.directCallId))
-      .collect();
-  },
-});
-
-/**
- * Get single action by directCallId + name
- */
-export const getActionByName = query({
-  args: {
-    directCallId: v.id("providerDirectCall"),
-    name: v.string(),
-  },
-  handler: async (ctx, args) => {
-    return await ctx.db
-      .query("providerActions")
-      .withIndex("by_directCallId_name", (q) =>
-        q.eq("directCallId", args.directCallId).eq("name", args.name)
-      )
-      .first();
-  },
-});
-
-/**
- * Get action by ID
- */
-export const getActionById = query({
-  args: {
-    id: v.id("providerActions"),
-  },
-  handler: async (ctx, args) => {
-    return await ctx.db.get(args.id);
-  },
-});
-
-/**
- * DEBUG: Get all Direct Call configs
- */
-export const getAllConfigs = query({
-  args: {},
-  handler: async (ctx) => {
-    return await ctx.db.query("providerDirectCall").collect();
-  },
-});
-
-/**
- * Get all live Direct Call configs (for public API discovery)
- */
-export const getLiveConfigs = query({
-  args: {},
-  handler: async (ctx) => {
-    return await ctx.db
-      .query("providerDirectCall")
-      .withIndex("by_status", (q) => q.eq("status", "live"))
-      .collect();
-  },
-});
-
-/**
- * Get Direct Call config by API ID (for test console)
- */
-export const getConfig = query({
-  args: {
-    apiId: v.string(),
-  },
-  handler: async (ctx, args) => {
-    // Try as providerAPIs ID first
-    const config = await ctx.db
-      .query("providerDirectCall")
-      .withIndex("by_apiId")
-      .filter((q) => q.eq(q.field("apiId"), args.apiId as any))
-      .first();
-    
-    return config;
-  },
-});
-
-/**
- * Get Direct Call config by API slug (for MCP/agent execution)
- * Looks up API by name, then gets the Direct Call config
- */
-export const getByApiSlug = query({
-  args: {
-    slug: v.string(),
-  },
-  handler: async (ctx, args) => {
-    // Normalize slug (lowercase, replace spaces/dashes)
-    const normalizedSlug = args.slug.toLowerCase().replace(/[\s-]/g, '_');
-    
-    // Find API by name (case-insensitive match)
-    const apis = await ctx.db.query("providerAPIs").collect();
-    const api = apis.find(a => 
-      a.name.toLowerCase().replace(/[\s-]/g, '_') === normalizedSlug ||
-      a.name.toLowerCase() === args.slug.toLowerCase()
-    );
-    
-    if (!api) {
-      return null;
-    }
-    
-    // Get Direct Call config for this API
-    const config = await ctx.db
-      .query("providerDirectCall")
-      .withIndex("by_apiId")
-      .filter((q) => q.eq(q.field("apiId"), api._id))
-      .first();
-    
-    if (!config || config.status !== 'live') {
-      return null;
-    }
-    
-    return {
-      ...config,
-      apiName: api.name,
-      apiSlug: normalizedSlug,
-    };
-  },
-});
-
-// ============================================
-// TEST ACTION
-// ============================================
-
-/**
- * Test an action by calling the actual provider API
- * For V1: Provider passes their own test key
- */
-export const testAction = mutation({
-  args: {
-    token: v.string(),
-    directCallId: v.id("providerDirectCall"),
-    actionId: v.id("providerActions"),
-    params: v.record(v.string(), v.any()),
-    testKey: v.optional(v.string()),
-  },
-  handler: async (ctx, args) => {
-    const startTime = Date.now();
-    
-    // 1. Verify provider session (unified: agentSessions first, fallback to legacy)
-    let sessionProviderId: any = null;
-
-    const agentSession = await ctx.db
-      .query("agentSessions")
-      .withIndex("by_sessionToken", (q) => q.eq("sessionToken", args.token))
-      .first();
-
-    if (agentSession) {
-      const provider = await ctx.db
-        .query("providers")
-        .withIndex("by_workspaceId", (q) => q.eq("workspaceId", agentSession.workspaceId))
-        .first();
-      if (provider) sessionProviderId = provider._id;
-    } else {
-      const session = await ctx.db
-        .query("sessions")
-        .withIndex("by_token", (q) => q.eq("token", args.token))
-        .first();
-      if (session && session.expiresAt >= Date.now()) {
-        sessionProviderId = session.providerId;
-      }
-    }
-
-    if (!sessionProviderId) {
-      return {
-        success: false,
-        error: "Unauthorized - invalid or expired session",
-        latencyMs: Date.now() - startTime,
-      };
-    }
-    
-    // 2. Get directCallConfig
-    const config = await ctx.db.get(args.directCallId);
-    if (!config) {
-      return {
-        success: false,
-        error: "Direct Call config not found",
-        latencyMs: Date.now() - startTime,
-      };
-    }
-    
-    // Verify ownership
-    if (config.providerId !== sessionProviderId) {
-      return {
-        success: false,
-        error: "Unauthorized - you don't own this config",
-        latencyMs: Date.now() - startTime,
-      };
-    }
-    
-    // 3. Get action
-    const action = await ctx.db.get(args.actionId);
-    if (!action) {
-      return {
-        success: false,
-        error: "Action not found",
-        latencyMs: Date.now() - startTime,
-      };
-    }
-    
-    // 4. Get API key (use testKey if provided, else use stored key)
-    // Note: For production, encryptedMasterKey would need server-side decryption
-    // For V1 test console, we use testKey directly
-    const apiKey = args.testKey || config.encryptedMasterKey;
-    if (!apiKey) {
-      return {
-        success: false,
-        error: "No API key provided. Add a test key or configure master key.",
-        latencyMs: Date.now() - startTime,
-      };
-    }
-    
-    // 5. Build URL with path params
-    let path = action.path;
-    const queryParams: Record<string, string> = {};
-    const bodyParams: Record<string, unknown> = {};
-    
-    for (const paramDef of action.params) {
-      const value = args.params[paramDef.name];
-      if (value === undefined || value === "") continue;
-      
-      if (paramDef.in === "path") {
-        // Replace {paramName} in path
-        path = path.replace(`{${paramDef.name}}`, String(value));
-      } else if (paramDef.in === "query") {
-        queryParams[paramDef.name] = String(value);
-      } else if (paramDef.in === "body") {
-        bodyParams[paramDef.name] = value;
-      }
-    }
-    
-    // Build full URL
-    let url = config.baseUrl.replace(/\/$/, "") + path;
-    const queryString = new URLSearchParams(queryParams).toString();
-    if (queryString) {
-      url += (url.includes("?") ? "&" : "?") + queryString;
-    }
-    
-    // 6. Build headers with auth
-    const headers: Record<string, string> = {
-      "Content-Type": "application/json",
-      "Accept": "application/json",
-    };
-    
-    // Add auth header
-    if (config.authType !== "none" && apiKey) {
-      const authValue = config.authPrefix 
-        ? `${config.authPrefix}${apiKey}` 
-        : apiKey;
-      headers[config.authHeader] = authValue;
-    }
-    
-    // 7. Build fetch options
-    const fetchOptions: RequestInit = {
-      method: action.method,
-      headers,
-    };
-    
-    // Add body for non-GET requests
-    if (action.method !== "GET" && Object.keys(bodyParams).length > 0) {
-      fetchOptions.body = JSON.stringify(bodyParams);
-    }
-    
-    // 8. Execute request
-    try {
-      const response = await fetch(url, fetchOptions);
-      const latencyMs = Date.now() - startTime;
-      
-      // Try to parse response as JSON, fallback to text
-      let data: unknown;
-      const contentType = response.headers.get("content-type") || "";
-      
-      if (contentType.includes("application/json")) {
-        try {
-          data = await response.json();
-        } catch {
-          data = await response.text();
-        }
-      } else {
-        data = await response.text();
-      }
-      
-      return {
-        success: response.ok,
-        status: response.status,
-        data,
-        latencyMs,
-      };
-    } catch (error) {
-      return {
-        success: false,
-        error: error instanceof Error ? error.message : "Request failed",
-        latencyMs: Date.now() - startTime,
-      };
-    }
-  },
-});