@oneuptime/common 9.2.16 → 9.2.17

package/Server/Utils/CodeRepository/GitHub/GitHub.ts

@@ -10,6 +10,29 @@ import OneUptimeDate from "../../../../Types/Date";
 import { JSONArray, JSONObject } from "../../../../Types/JSON";
 import API from "../../../../Utils/API";
 import CaptureSpan from "../../Telemetry/CaptureSpan";
+import {
+  GitHubAppId,
+  GitHubAppPrivateKey,
+  GitHubAppWebhookSecret,
+} from "../../../EnvironmentConfig";
+import BadDataException from "../../../../Types/Exception/BadDataException";
+import * as crypto from "crypto";
+
+export interface GitHubRepository {
+  id: number;
+  name: string;
+  fullName: string;
+  private: boolean;
+  htmlUrl: string;
+  description: string | null;
+  defaultBranch: string;
+  ownerLogin: string;
+}
+
+export interface GitHubInstallationToken {
+  token: string;
+  expiresAt: Date;
+}
 
 export default class GitHubUtil extends HostedCodeRepository {
   private getPullRequestFromJSONObject(data: {
@@ -258,4 +281,207 @@ export default class GitHubUtil extends HostedCodeRepository {
       repositoryName: data.repositoryName,
     });
   }
+
+  // GitHub App Authentication Methods
+
+  /**
+   * Generates a JWT for GitHub App authentication
+   * @returns JWT string valid for 10 minutes
+   */
+  @CaptureSpan()
+  public static generateAppJWT(): string {
+    if (!GitHubAppId) {
+      throw new BadDataException(
+        "GITHUB_APP_ID environment variable is not set",
+      );
+    }
+
+    if (!GitHubAppPrivateKey) {
+      throw new BadDataException(
+        "GITHUB_APP_PRIVATE_KEY environment variable is not set",
+      );
+    }
+
+    const now: number = Math.floor(Date.now() / 1000);
+    const payload: JSONObject = {
+      iat: now - 60, // Issued at time (60 seconds in the past to allow for clock drift)
+      exp: now + 600, // Expiration time (10 minutes from now)
+      iss: GitHubAppId,
+    };
+
+    // Create JWT header
+    const header: JSONObject = {
+      alg: "RS256",
+      typ: "JWT",
+    };
+
+    const encodedHeader: string = Buffer.from(JSON.stringify(header)).toString(
+      "base64url",
+    );
+    const encodedPayload: string = Buffer.from(
+      JSON.stringify(payload),
+    ).toString("base64url");
+
+    const signatureInput: string = `${encodedHeader}.${encodedPayload}`;
+
+    // Sign with private key
+    const sign: crypto.Sign = crypto.createSign("RSA-SHA256");
+    sign.update(signatureInput);
+    const signature: string = sign.sign(GitHubAppPrivateKey, "base64url");
+
+    return `${signatureInput}.${signature}`;
+  }
+
+  /**
+   * Gets an installation access token for a GitHub App installation
+   * @param installationId - The GitHub App installation ID
+   * @returns Installation token and expiration date
+   */
+  @CaptureSpan()
+  public static async getInstallationAccessToken(
+    installationId: string,
+  ): Promise<GitHubInstallationToken> {
+    const jwt: string = GitHubUtil.generateAppJWT();
+
+    const url: URL = URL.fromString(
+      `https://api.github.com/app/installations/${installationId}/access_tokens`,
+    );
+
+    const result: HTTPErrorResponse | HTTPResponse<JSONObject> = await API.post(
+      {
+        url: url,
+        data: {},
+        headers: {
+          Authorization: `Bearer ${jwt}`,
+          Accept: "application/vnd.github+json",
+          "X-GitHub-Api-Version": "2022-11-28",
+        },
+      },
+    );
+
+    if (result instanceof HTTPErrorResponse) {
+      throw result;
+    }
+
+    return {
+      token: result.data["token"] as string,
+      expiresAt: OneUptimeDate.fromString(result.data["expires_at"] as string),
+    };
+  }
+
+  /**
+   * Lists repositories accessible to a GitHub App installation
+   * @param installationId - The GitHub App installation ID
+   * @returns Array of repositories
+   */
+  @CaptureSpan()
+  public static async listRepositoriesForInstallation(
+    installationId: string,
+  ): Promise<Array<GitHubRepository>> {
+    const tokenData: GitHubInstallationToken =
+      await GitHubUtil.getInstallationAccessToken(installationId);
+
+    const allRepositories: Array<GitHubRepository> = [];
+    let page: number = 1;
+    let hasMore: boolean = true;
+
+    while (hasMore) {
+      const url: URL = URL.fromString(
+        `https://api.github.com/installation/repositories?per_page=100&page=${page}`,
+      );
+
+      const result: HTTPErrorResponse | HTTPResponse<JSONObject> =
+        await API.get({
+          url: url,
+          data: {},
+          headers: {
+            Authorization: `Bearer ${tokenData.token}`,
+            Accept: "application/vnd.github+json",
+            "X-GitHub-Api-Version": "2022-11-28",
+          },
+        });
+
+      if (result instanceof HTTPErrorResponse) {
+        throw result;
+      }
+
+      const repositories: JSONArray =
+        (result.data["repositories"] as JSONArray) || [];
+
+      for (const repo of repositories) {
+        const repoData: JSONObject = repo as JSONObject;
+        const owner: JSONObject = repoData["owner"] as JSONObject;
+
+        allRepositories.push({
+          id: repoData["id"] as number,
+          name: repoData["name"] as string,
+          fullName: repoData["full_name"] as string,
+          private: repoData["private"] as boolean,
+          htmlUrl: repoData["html_url"] as string,
+          description: (repoData["description"] as string) || null,
+          defaultBranch: repoData["default_branch"] as string,
+          ownerLogin: owner["login"] as string,
+        });
+      }
+
+      // Check if there are more pages
+      if (repositories.length < 100) {
+        hasMore = false;
+      } else {
+        page++;
+      }
+    }
+
+    return allRepositories;
+  }
+
+  /**
+   * Verifies a GitHub webhook signature
+   * @param payload - The raw request body
+   * @param signature - The X-Hub-Signature-256 header value
+   * @returns true if signature is valid
+   */
+  public static verifyWebhookSignature(
+    payload: string,
+    signature: string,
+  ): boolean {
+    if (!GitHubAppWebhookSecret) {
+      logger.warn(
+        "GITHUB_APP_WEBHOOK_SECRET is not set, skipping verification",
+      );
+      return true;
+    }
+
+    const expectedSignature: string = `sha256=${crypto
+      .createHmac("sha256", GitHubAppWebhookSecret)
+      .update(payload)
+      .digest("hex")}`;
+
+    try {
+      return crypto.timingSafeEqual(
+        Buffer.from(signature) as Uint8Array,
+        Buffer.from(expectedSignature) as Uint8Array,
+      );
+    } catch {
+      return false;
+    }
+  }
+
+  /**
+   * Gets the GitHub App installation URL for a project to install the app
+   * @returns The installation URL
+   */
+  public static getAppInstallationUrl(): string {
+    if (!GitHubAppId) {
+      throw new BadDataException(
+        "GITHUB_APP_ID environment variable is not set",
+      );
+    }
+
+    /*
+     * This is the standard GitHub App installation URL format
+     * The app slug would typically come from another env var, but we can use the client ID approach
+     */
+    return `https://github.com/apps`;
+  }
 }

package/Server/Utils/LLM/LLMService.ts

@@ -0,0 +1,276 @@
+import HTTPErrorResponse from "../../../Types/API/HTTPErrorResponse";
+import HTTPResponse from "../../../Types/API/HTTPResponse";
+import URL from "../../../Types/API/URL";
+import { JSONObject } from "../../../Types/JSON";
+import API from "../../../Utils/API";
+import LlmType from "../../../Types/LLM/LlmType";
+import BadDataException from "../../../Types/Exception/BadDataException";
+import logger from "../Logger";
+import CaptureSpan from "../Telemetry/CaptureSpan";
+
+export interface LLMMessage {
+  role: "system" | "user" | "assistant";
+  content: string;
+}
+
+export interface LLMCompletionRequest {
+  messages: Array<LLMMessage>;
+  temperature?: number;
+  llmProviderConfig: LLMProviderConfig;
+}
+
+export interface LLMUsage {
+  promptTokens: number;
+  completionTokens: number;
+  totalTokens: number;
+}
+
+export interface LLMCompletionResponse {
+  content: string;
+  usage: LLMUsage | undefined;
+}
+
+export interface LLMProviderConfig {
+  llmType: LlmType;
+  apiKey?: string;
+  baseUrl?: string;
+  modelName?: string;
+}
+
+export default class LLMService {
+  @CaptureSpan()
+  public static async getCompletion(
+    request: LLMCompletionRequest,
+  ): Promise<LLMCompletionResponse> {
+    const config: LLMProviderConfig = request.llmProviderConfig;
+
+    switch (config.llmType) {
+      case LlmType.OpenAI:
+        return await this.getOpenAICompletion(config, request);
+      case LlmType.Anthropic:
+        return await this.getAnthropicCompletion(config, request);
+      case LlmType.Ollama:
+        return await this.getOllamaCompletion(config, request);
+      default:
+        throw new BadDataException(`Unsupported LLM type: ${config.llmType}`);
+    }
+  }
+
+  @CaptureSpan()
+  private static async getOpenAICompletion(
+    config: LLMProviderConfig,
+    request: LLMCompletionRequest,
+  ): Promise<LLMCompletionResponse> {
+    if (!config.apiKey) {
+      throw new BadDataException("OpenAI API key is required");
+    }
+
+    const baseUrl: string = config.baseUrl || "https://api.openai.com/v1";
+    const modelName: string = config.modelName || "gpt-4o";
+
+    const response: HTTPErrorResponse | HTTPResponse<JSONObject> =
+      await API.post<JSONObject>({
+        url: URL.fromString(`${baseUrl}/chat/completions`),
+        data: {
+          model: modelName,
+          messages: request.messages.map((msg: LLMMessage) => {
+            return {
+              role: msg.role,
+              content: msg.content,
+            };
+          }),
+          temperature: request.temperature ?? 0.7,
+        },
+        headers: {
+          Authorization: `Bearer ${config.apiKey}`,
+          "Content-Type": "application/json",
+        },
+        options: {
+          retries: 2,
+          exponentialBackoff: true,
+          timeout: 120000, // 2 minutes timeout for LLM calls
+        },
+      });
+
+    if (response instanceof HTTPErrorResponse) {
+      logger.error("Error from OpenAI API:");
+      logger.error(response);
+      throw new BadDataException(
+        `OpenAI API error: ${JSON.stringify(response.jsonData)}`,
+      );
+    }
+
+    const jsonData: JSONObject = response.jsonData as JSONObject;
+    const choices: Array<JSONObject> = jsonData["choices"] as Array<JSONObject>;
+
+    if (!choices || choices.length === 0) {
+      throw new BadDataException("No response from OpenAI");
+    }
+
+    const message: JSONObject = choices[0]!["message"] as JSONObject;
+    const usage: JSONObject = jsonData["usage"] as JSONObject;
+
+    return {
+      content: message["content"] as string,
+      usage: usage
+        ? {
+            promptTokens: usage["prompt_tokens"] as number,
+            completionTokens: usage["completion_tokens"] as number,
+            totalTokens: usage["total_tokens"] as number,
+          }
+        : undefined,
+    };
+  }
+
+  @CaptureSpan()
+  private static async getAnthropicCompletion(
+    config: LLMProviderConfig,
+    request: LLMCompletionRequest,
+  ): Promise<LLMCompletionResponse> {
+    if (!config.apiKey) {
+      throw new BadDataException("Anthropic API key is required");
+    }
+
+    const baseUrl: string = config.baseUrl || "https://api.anthropic.com/v1";
+    const modelName: string = config.modelName || "claude-sonnet-4-20250514";
+
+    // Anthropic requires system message to be separate
+    let systemMessage: string = "";
+    const userMessages: Array<{ role: string; content: string }> = [];
+
+    for (const msg of request.messages) {
+      if (msg.role === "system") {
+        systemMessage = msg.content;
+      } else {
+        userMessages.push({
+          role: msg.role,
+          content: msg.content,
+        });
+      }
+    }
+
+    const requestData: JSONObject = {
+      model: modelName,
+      messages: userMessages,
+      temperature: request.temperature ?? 0.7,
+    };
+
+    if (systemMessage) {
+      requestData["system"] = systemMessage;
+    }
+
+    const response: HTTPErrorResponse | HTTPResponse<JSONObject> =
+      await API.post<JSONObject>({
+        url: URL.fromString(`${baseUrl}/messages`),
+        data: requestData,
+        headers: {
+          "x-api-key": config.apiKey,
+          "anthropic-version": "2023-06-01",
+          "Content-Type": "application/json",
+        },
+        options: {
+          retries: 2,
+          exponentialBackoff: true,
+          timeout: 120000,
+        },
+      });
+
+    if (response instanceof HTTPErrorResponse) {
+      logger.error("Error from Anthropic API:");
+      logger.error(response);
+      throw new BadDataException(
+        `Anthropic API error: ${JSON.stringify(response.jsonData)}`,
+      );
+    }
+
+    const jsonData: JSONObject = response.jsonData as JSONObject;
+    const content: Array<JSONObject> = jsonData["content"] as Array<JSONObject>;
+
+    if (!content || content.length === 0) {
+      throw new BadDataException("No response from Anthropic");
+    }
+
+    const textContent: JSONObject | undefined = content.find(
+      (c: JSONObject) => {
+        return c["type"] === "text";
+      },
+    );
+
+    if (!textContent) {
+      throw new BadDataException("No text content in Anthropic response");
+    }
+
+    const usage: JSONObject = jsonData["usage"] as JSONObject;
+
+    return {
+      content: textContent["text"] as string,
+      usage: usage
+        ? {
+            promptTokens: usage["input_tokens"] as number,
+            completionTokens: usage["output_tokens"] as number,
+            totalTokens:
+              ((usage["input_tokens"] as number) || 0) +
+              ((usage["output_tokens"] as number) || 0),
+          }
+        : undefined,
+    };
+  }
+
+  @CaptureSpan()
+  private static async getOllamaCompletion(
+    config: LLMProviderConfig,
+    request: LLMCompletionRequest,
+  ): Promise<LLMCompletionResponse> {
+    if (!config.baseUrl) {
+      throw new BadDataException("Ollama base URL is required");
+    }
+
+    const modelName: string = config.modelName || "llama2";
+
+    const response: HTTPErrorResponse | HTTPResponse<JSONObject> =
+      await API.post<JSONObject>({
+        url: URL.fromString(`${config.baseUrl}/api/chat`),
+        data: {
+          model: modelName,
+          messages: request.messages.map((msg: LLMMessage) => {
+            return {
+              role: msg.role,
+              content: msg.content,
+            };
+          }),
+          stream: false,
+          options: {
+            temperature: request.temperature ?? 0.7,
+          },
+        },
+        headers: {
+          "Content-Type": "application/json",
+        },
+        options: {
+          retries: 2,
+          exponentialBackoff: true,
+          timeout: 300000, // 5 minutes for Ollama as it may be slower
+        },
+      });
+
+    if (response instanceof HTTPErrorResponse) {
+      logger.error("Error from Ollama API:");
+      logger.error(response);
+      throw new BadDataException(
+        `Ollama API error: ${JSON.stringify(response.jsonData)}`,
+      );
+    }
+
+    const jsonData: JSONObject = response.jsonData as JSONObject;
+    const message: JSONObject = jsonData["message"] as JSONObject;
+
+    if (!message) {
+      throw new BadDataException("No response from Ollama");
+    }
+
+    return {
+      content: message["content"] as string,
+      usage: undefined, // Ollama doesn't provide token usage in the same way
+    };
+  }
+}

package/Server/Utils/Workspace/MicrosoftTeams/MicrosoftTeams.ts

@@ -1,3 +1,4 @@
+import { WorkspaceChannelMessage } from "../Workspace";
 import HTTPErrorResponse from "../../../../Types/API/HTTPErrorResponse";
 import HTTPResponse from "../../../../Types/API/HTTPResponse";
 import URL from "../../../../Types/API/URL";
@@ -3062,4 +3063,169 @@ All monitoring checks are passing normally.`;
       throw error;
     }
   }
+
+  @CaptureSpan()
+  public static async getChannelMessages(params: {
+    channelId: string;
+    teamId: string;
+    projectId: ObjectID;
+    limit?: number;
+    oldestTimestamp?: Date;
+  }): Promise<
+    Array<{
+      messageId: string;
+      text: string;
+      userId?: string;
+      username?: string;
+      timestamp: Date;
+      isBot: boolean;
+    }>
+  > {
+    const messages: Array<{
+      messageId: string;
+      text: string;
+      userId?: string;
+      username?: string;
+      timestamp: Date;
+      isBot: boolean;
+    }> = [];
+
+    try {
+      // Get valid access token
+      const projectAuth: WorkspaceProjectAuthToken | null =
+        await WorkspaceProjectAuthTokenService.getProjectAuth({
+          projectId: params.projectId,
+          workspaceType: WorkspaceType.MicrosoftTeams,
+        });
+
+      if (!projectAuth || !projectAuth.miscData) {
+        logger.error("Microsoft Teams integration not found for this project");
+        return messages;
+      }
+
+      const miscData: JSONObject = projectAuth.miscData as JSONObject;
+      const accessToken: string = miscData["appAccessToken"] as string;
+      const tokenExpiresAt: string = miscData[
+        "appAccessTokenExpiresAt"
+      ] as string;
+
+      // Check if token is expired
+      if (
+        !accessToken ||
+        (tokenExpiresAt &&
+          OneUptimeDate.isInThePast(OneUptimeDate.fromString(tokenExpiresAt)))
+      ) {
+        logger.debug(
+          "Microsoft Teams access token expired or missing, skipping message fetch",
+        );
+        return messages;
+      }
+
+      // Fetch messages from Microsoft Teams channel
+      let nextLink: string | undefined = undefined;
+      const maxMessages: number = params.limit || 1000;
+      const maxPages: number = 10;
+      let pageCount: number = 0;
+
+      do {
+        let requestUrl: string;
+
+        if (nextLink) {
+          requestUrl = nextLink;
+        } else {
+          requestUrl = `https://graph.microsoft.com/v1.0/teams/${params.teamId}/channels/${params.channelId}/messages`;
+          requestUrl += `?$top=${Math.min(50, maxMessages - messages.length)}`;
+        }
+
+        const response: HTTPErrorResponse | HTTPResponse<JSONObject> =
+          await API.get<JSONObject>({
+            url: URL.fromString(requestUrl),
+            headers: {
+              Authorization: `Bearer ${accessToken}`,
+              "Content-Type": "application/json",
+            },
+            options: {
+              retries: 2,
+              exponentialBackoff: true,
+            },
+          });
+
+        if (response instanceof HTTPErrorResponse) {
+          logger.error(
+            "Error response from Microsoft Teams API for channel messages:",
+          );
+          logger.error(response);
+          break;
+        }
+
+        const jsonData: JSONObject = response.jsonData as JSONObject;
+        const teamsMessages: Array<JSONObject> =
+          (jsonData["value"] as Array<JSONObject>) || [];
+
+        for (const msg of teamsMessages) {
+          // Skip system messages
+          if (msg["messageType"] !== "message") {
+            continue;
+          }
+
+          const body: JSONObject = msg["body"] as JSONObject;
+          let text: string = (body?.["content"] as string) || "";
+
+          // Remove HTML tags if present (Teams uses HTML)
+          text = text.replace(/<[^>]*>/g, "");
+          text = text.trim();
+
+          // Skip empty messages
+          if (!text) {
+            continue;
+          }
+
+          const from: JSONObject = msg["from"] as JSONObject;
+          const user: JSONObject = from?.["user"] as JSONObject;
+          const isBot: boolean = Boolean(from?.["application"]);
+
+          const createdDateTime: string = msg["createdDateTime"] as string;
+          const timestamp: Date = createdDateTime
+            ? new Date(createdDateTime)
+            : new Date();
+
+          // Check if message is older than the oldest timestamp filter
+          if (params.oldestTimestamp && timestamp < params.oldestTimestamp) {
+            continue;
+          }
+
+          messages.push({
+            messageId: msg["id"] as string,
+            text: text,
+            userId: user?.["id"] as string,
+            username: user?.["displayName"] as string,
+            timestamp: timestamp,
+            isBot: isBot,
+          });
+        }
+
+        nextLink = jsonData["@odata.nextLink"] as string;
+        pageCount++;
+      } while (
+        nextLink &&
+        messages.length < maxMessages &&
+        pageCount < maxPages
+      );
+
+      logger.debug(
+        `Retrieved ${messages.length} messages from Microsoft Teams channel ${params.channelId}`,
+      );
+
+      // Sort by timestamp (oldest first)
+      messages.sort(
+        (a: WorkspaceChannelMessage, b: WorkspaceChannelMessage) => {
+          return a.timestamp.getTime() - b.timestamp.getTime();
+        },
+      );
+    } catch (error) {
+      logger.error(`Error fetching Microsoft Teams channel messages: ${error}`);
+    }
+
+    return messages;
+  }
 }