@pellux/goodvibes-sdk 0.37.2 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/contracts/artifacts/operator-contract.json +3171 -929
- package/dist/daemon.d.ts +2 -0
- package/dist/daemon.d.ts.map +1 -1
- package/dist/daemon.js +4 -0
- package/dist/events/communication.d.ts +21 -1
- package/dist/events/communication.d.ts.map +1 -1
- package/dist/events/surfaces.d.ts +25 -3
- package/dist/events/surfaces.d.ts.map +1 -1
- package/dist/events/surfaces.js +22 -1
- package/dist/events/workflows.d.ts +7 -6
- package/dist/events/workflows.d.ts.map +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/platform/agents/archetypes.d.ts.map +1 -1
- package/dist/platform/agents/archetypes.js +7 -0
- package/dist/platform/agents/index.d.ts +1 -0
- package/dist/platform/agents/index.d.ts.map +1 -1
- package/dist/platform/agents/index.js +1 -0
- package/dist/platform/agents/message-bus-core.d.ts +7 -0
- package/dist/platform/agents/message-bus-core.d.ts.map +1 -1
- package/dist/platform/agents/message-bus-core.js +2 -1
- package/dist/platform/agents/orchestrator-runner.d.ts +50 -1
- package/dist/platform/agents/orchestrator-runner.d.ts.map +1 -1
- package/dist/platform/agents/orchestrator-runner.js +172 -7
- package/dist/platform/agents/orchestrator.d.ts +78 -6
- package/dist/platform/agents/orchestrator.d.ts.map +1 -1
- package/dist/platform/agents/orchestrator.js +95 -18
- package/dist/platform/agents/planner-decomposition-runner.d.ts +38 -0
- package/dist/platform/agents/planner-decomposition-runner.d.ts.map +1 -0
- package/dist/platform/agents/planner-decomposition-runner.js +113 -0
- package/dist/platform/agents/turn-knowledge-injection.d.ts +192 -0
- package/dist/platform/agents/turn-knowledge-injection.d.ts.map +1 -0
- package/dist/platform/agents/turn-knowledge-injection.js +269 -0
- package/dist/platform/agents/worktree.d.ts +126 -8
- package/dist/platform/agents/worktree.d.ts.map +1 -1
- package/dist/platform/agents/worktree.js +240 -19
- package/dist/platform/agents/wrfc-controller.d.ts +46 -0
- package/dist/platform/agents/wrfc-controller.d.ts.map +1 -1
- package/dist/platform/agents/wrfc-controller.js +213 -32
- package/dist/platform/agents/wrfc-gate-runtime.d.ts +9 -0
- package/dist/platform/agents/wrfc-gate-runtime.d.ts.map +1 -1
- package/dist/platform/agents/wrfc-gate-runtime.js +7 -3
- package/dist/platform/agents/wrfc-gates.d.ts +1 -1
- package/dist/platform/agents/wrfc-gates.d.ts.map +1 -1
- package/dist/platform/agents/wrfc-gates.js +7 -1
- package/dist/platform/agents/wrfc-types.d.ts +23 -3
- package/dist/platform/agents/wrfc-types.d.ts.map +1 -1
- package/dist/platform/automation/types.d.ts +9 -1
- package/dist/platform/automation/types.d.ts.map +1 -1
- package/dist/platform/calendar/calendar-api-shared.d.ts +25 -0
- package/dist/platform/calendar/calendar-api-shared.d.ts.map +1 -0
- package/dist/platform/calendar/calendar-api-shared.js +100 -0
- package/dist/platform/calendar/calendar-connector.d.ts +79 -0
- package/dist/platform/calendar/calendar-connector.d.ts.map +1 -0
- package/dist/platform/calendar/calendar-connector.js +155 -0
- package/dist/platform/calendar/google-calendar-api.d.ts +25 -0
- package/dist/platform/calendar/google-calendar-api.d.ts.map +1 -0
- package/dist/platform/calendar/google-calendar-api.js +89 -0
- package/dist/platform/calendar/http-fetch-adapter.d.ts +25 -0
- package/dist/platform/calendar/http-fetch-adapter.d.ts.map +1 -0
- package/dist/platform/calendar/http-fetch-adapter.js +25 -0
- package/dist/platform/calendar/ics-parser.d.ts +35 -0
- package/dist/platform/calendar/ics-parser.d.ts.map +1 -0
- package/dist/platform/calendar/ics-parser.js +236 -0
- package/dist/platform/calendar/index.d.ts +41 -0
- package/dist/platform/calendar/index.d.ts.map +1 -0
- package/dist/platform/calendar/index.js +49 -0
- package/dist/platform/calendar/merged-calendar-model.d.ts +67 -0
- package/dist/platform/calendar/merged-calendar-model.d.ts.map +1 -0
- package/dist/platform/calendar/merged-calendar-model.js +181 -0
- package/dist/platform/calendar/microsoft-graph-api.d.ts +25 -0
- package/dist/platform/calendar/microsoft-graph-api.d.ts.map +1 -0
- package/dist/platform/calendar/microsoft-graph-api.js +95 -0
- package/dist/platform/calendar/oauth-flow.d.ts +62 -0
- package/dist/platform/calendar/oauth-flow.d.ts.map +1 -0
- package/dist/platform/calendar/oauth-flow.js +305 -0
- package/dist/platform/calendar/oauth-providers.d.ts +43 -0
- package/dist/platform/calendar/oauth-providers.d.ts.map +1 -0
- package/dist/platform/calendar/oauth-providers.js +120 -0
- package/dist/platform/calendar/oauth-token-store.d.ts +72 -0
- package/dist/platform/calendar/oauth-token-store.d.ts.map +1 -0
- package/dist/platform/calendar/oauth-token-store.js +189 -0
- package/dist/platform/calendar/oauth-types.d.ts +274 -0
- package/dist/platform/calendar/oauth-types.d.ts.map +1 -0
- package/dist/platform/calendar/oauth-types.js +22 -0
- package/dist/platform/calendar/rrule.d.ts +39 -0
- package/dist/platform/calendar/rrule.d.ts.map +1 -0
- package/dist/platform/calendar/rrule.js +261 -0
- package/dist/platform/calendar/subscription-store.d.ts +118 -0
- package/dist/platform/calendar/subscription-store.d.ts.map +1 -0
- package/dist/platform/calendar/subscription-store.js +293 -0
- package/dist/platform/calendar/types.d.ts +170 -0
- package/dist/platform/calendar/types.d.ts.map +1 -0
- package/dist/platform/calendar/types.js +21 -0
- package/dist/platform/companion/companion-chat-attachments.d.ts +29 -0
- package/dist/platform/companion/companion-chat-attachments.d.ts.map +1 -0
- package/dist/platform/companion/companion-chat-attachments.js +121 -0
- package/dist/platform/companion/companion-chat-broker-bridge.d.ts +40 -0
- package/dist/platform/companion/companion-chat-broker-bridge.d.ts.map +1 -0
- package/dist/platform/companion/companion-chat-broker-bridge.js +14 -0
- package/dist/platform/companion/companion-chat-broker-sync.d.ts +38 -0
- package/dist/platform/companion/companion-chat-broker-sync.d.ts.map +1 -0
- package/dist/platform/companion/companion-chat-broker-sync.js +80 -0
- package/dist/platform/companion/companion-chat-gc.d.ts +63 -0
- package/dist/platform/companion/companion-chat-gc.d.ts.map +1 -0
- package/dist/platform/companion/companion-chat-gc.js +38 -0
- package/dist/platform/companion/companion-chat-manager.d.ts +67 -20
- package/dist/platform/companion/companion-chat-manager.d.ts.map +1 -1
- package/dist/platform/companion/companion-chat-manager.js +130 -144
- package/dist/platform/companion/companion-chat-persistence.d.ts +9 -1
- package/dist/platform/companion/companion-chat-persistence.d.ts.map +1 -1
- package/dist/platform/companion/companion-chat-persistence.js +10 -2
- package/dist/platform/companion/companion-chat-routes.d.ts +2 -1
- package/dist/platform/companion/companion-chat-routes.d.ts.map +1 -1
- package/dist/platform/companion/companion-chat-routes.js +37 -4
- package/dist/platform/config/credential-status.d.ts +28 -0
- package/dist/platform/config/credential-status.d.ts.map +1 -0
- package/dist/platform/config/credential-status.js +75 -0
- package/dist/platform/config/index.d.ts +25 -0
- package/dist/platform/config/index.d.ts.map +1 -1
- package/dist/platform/config/index.js +18 -0
- package/dist/platform/config/manager.d.ts +18 -0
- package/dist/platform/config/manager.d.ts.map +1 -1
- package/dist/platform/config/manager.js +36 -2
- package/dist/platform/config/migrations.d.ts +48 -0
- package/dist/platform/config/migrations.d.ts.map +1 -0
- package/dist/platform/config/migrations.js +54 -0
- package/dist/platform/config/schema-domain-core.d.ts +10 -1
- package/dist/platform/config/schema-domain-core.d.ts.map +1 -1
- package/dist/platform/config/schema-domain-core.js +46 -3
- package/dist/platform/config/schema-types.d.ts +13 -7
- package/dist/platform/config/schema-types.d.ts.map +1 -1
- package/dist/platform/config/schema.d.ts.map +1 -1
- package/dist/platform/config/schema.js +2 -0
- package/dist/platform/control-plane/approval-broker.d.ts +11 -0
- package/dist/platform/control-plane/approval-broker.d.ts.map +1 -1
- package/dist/platform/control-plane/approval-broker.js +17 -1
- package/dist/platform/control-plane/approval-hunk-apply.d.ts +77 -0
- package/dist/platform/control-plane/approval-hunk-apply.d.ts.map +1 -0
- package/dist/platform/control-plane/approval-hunk-apply.js +80 -0
- package/dist/platform/control-plane/gateway-disabled-response.d.ts +20 -0
- package/dist/platform/control-plane/gateway-disabled-response.d.ts.map +1 -0
- package/dist/platform/control-plane/gateway-disabled-response.js +24 -0
- package/dist/platform/control-plane/gateway-scope-enforcement.d.ts +68 -0
- package/dist/platform/control-plane/gateway-scope-enforcement.d.ts.map +1 -0
- package/dist/platform/control-plane/gateway-scope-enforcement.js +91 -0
- package/dist/platform/control-plane/gateway-utils.d.ts +17 -0
- package/dist/platform/control-plane/gateway-utils.d.ts.map +1 -1
- package/dist/platform/control-plane/gateway-utils.js +30 -0
- package/dist/platform/control-plane/gateway.d.ts +12 -2
- package/dist/platform/control-plane/gateway.d.ts.map +1 -1
- package/dist/platform/control-plane/gateway.js +27 -31
- package/dist/platform/control-plane/index.d.ts +6 -1
- package/dist/platform/control-plane/index.d.ts.map +1 -1
- package/dist/platform/control-plane/index.js +4 -0
- package/dist/platform/control-plane/invoke-input-validation.d.ts +56 -0
- package/dist/platform/control-plane/invoke-input-validation.d.ts.map +1 -0
- package/dist/platform/control-plane/invoke-input-validation.js +163 -0
- package/dist/platform/control-plane/method-catalog-admin.d.ts.map +1 -1
- package/dist/platform/control-plane/method-catalog-admin.js +12 -1
- package/dist/platform/control-plane/method-catalog-calendar.d.ts +16 -0
- package/dist/platform/control-plane/method-catalog-calendar.d.ts.map +1 -1
- package/dist/platform/control-plane/method-catalog-calendar.js +21 -0
- package/dist/platform/control-plane/method-catalog-channels.d.ts.map +1 -1
- package/dist/platform/control-plane/method-catalog-channels.js +32 -3
- package/dist/platform/control-plane/method-catalog-control-automation.d.ts.map +1 -1
- package/dist/platform/control-plane/method-catalog-control-automation.js +19 -34
- package/dist/platform/control-plane/method-catalog-control-companion.d.ts +15 -0
- package/dist/platform/control-plane/method-catalog-control-companion.d.ts.map +1 -0
- package/dist/platform/control-plane/method-catalog-control-companion.js +133 -0
- package/dist/platform/control-plane/method-catalog-control-core.d.ts.map +1 -1
- package/dist/platform/control-plane/method-catalog-control-core.js +104 -122
- package/dist/platform/control-plane/method-catalog-control.d.ts.map +1 -1
- package/dist/platform/control-plane/method-catalog-control.js +4 -0
- package/dist/platform/control-plane/method-catalog-email.d.ts +17 -0
- package/dist/platform/control-plane/method-catalog-email.d.ts.map +1 -1
- package/dist/platform/control-plane/method-catalog-email.js +21 -0
- package/dist/platform/control-plane/method-catalog-events.d.ts +28 -0
- package/dist/platform/control-plane/method-catalog-events.d.ts.map +1 -1
- package/dist/platform/control-plane/method-catalog-events.js +74 -1
- package/dist/platform/control-plane/method-catalog-fleet.d.ts +24 -0
- package/dist/platform/control-plane/method-catalog-fleet.d.ts.map +1 -0
- package/dist/platform/control-plane/method-catalog-fleet.js +65 -0
- package/dist/platform/control-plane/method-catalog-route-reconcile.d.ts +84 -0
- package/dist/platform/control-plane/method-catalog-route-reconcile.d.ts.map +1 -0
- package/dist/platform/control-plane/method-catalog-route-reconcile.js +103 -0
- package/dist/platform/control-plane/method-catalog-shared.d.ts +29 -0
- package/dist/platform/control-plane/method-catalog-shared.d.ts.map +1 -1
- package/dist/platform/control-plane/method-catalog.d.ts +9 -0
- package/dist/platform/control-plane/method-catalog.d.ts.map +1 -1
- package/dist/platform/control-plane/method-catalog.js +32 -3
- package/dist/platform/control-plane/operator-contract-schemas-admin.d.ts +8 -0
- package/dist/platform/control-plane/operator-contract-schemas-admin.d.ts.map +1 -1
- package/dist/platform/control-plane/operator-contract-schemas-admin.js +22 -1
- package/dist/platform/control-plane/operator-contract-schemas-fleet.d.ts +18 -0
- package/dist/platform/control-plane/operator-contract-schemas-fleet.d.ts.map +1 -0
- package/dist/platform/control-plane/operator-contract-schemas-fleet.js +182 -0
- package/dist/platform/control-plane/operator-contract-schemas-permissions.d.ts.map +1 -1
- package/dist/platform/control-plane/operator-contract-schemas-permissions.js +5 -0
- package/dist/platform/control-plane/operator-contract-schemas-runtime.d.ts +29 -0
- package/dist/platform/control-plane/operator-contract-schemas-runtime.d.ts.map +1 -1
- package/dist/platform/control-plane/operator-contract-schemas-runtime.js +57 -3
- package/dist/platform/control-plane/operator-contract-schemas.d.ts +1 -0
- package/dist/platform/control-plane/operator-contract-schemas.d.ts.map +1 -1
- package/dist/platform/control-plane/operator-contract-schemas.js +1 -0
- package/dist/platform/control-plane/operator-contract.d.ts.map +1 -1
- package/dist/platform/control-plane/operator-contract.js +8 -0
- package/dist/platform/control-plane/routes/checkpoints.d.ts +39 -0
- package/dist/platform/control-plane/routes/checkpoints.d.ts.map +1 -0
- package/dist/platform/control-plane/routes/checkpoints.js +166 -0
- package/dist/platform/control-plane/routes/fleet.d.ts +53 -0
- package/dist/platform/control-plane/routes/fleet.d.ts.map +1 -0
- package/dist/platform/control-plane/routes/fleet.js +153 -0
- package/dist/platform/control-plane/routes/gateway-verb-error.d.ts +30 -0
- package/dist/platform/control-plane/routes/gateway-verb-error.d.ts.map +1 -0
- package/dist/platform/control-plane/routes/gateway-verb-error.js +36 -0
- package/dist/platform/control-plane/routes/index.d.ts +0 -6
- package/dist/platform/control-plane/routes/index.d.ts.map +1 -1
- package/dist/platform/control-plane/routes/index.js +5 -5
- package/dist/platform/control-plane/routes/invocation-params.d.ts +23 -0
- package/dist/platform/control-plane/routes/invocation-params.d.ts.map +1 -0
- package/dist/platform/control-plane/routes/invocation-params.js +9 -0
- package/dist/platform/control-plane/routes/register-w3-s2.d.ts +26 -0
- package/dist/platform/control-plane/routes/register-w3-s2.d.ts.map +1 -0
- package/dist/platform/control-plane/routes/register-w3-s2.js +8 -0
- package/dist/platform/control-plane/routes/session-search.d.ts +37 -0
- package/dist/platform/control-plane/routes/session-search.d.ts.map +1 -0
- package/dist/platform/control-plane/routes/session-search.js +113 -0
- package/dist/platform/control-plane/session-broker-gc.d.ts +16 -0
- package/dist/platform/control-plane/session-broker-gc.d.ts.map +1 -1
- package/dist/platform/control-plane/session-broker-gc.js +23 -6
- package/dist/platform/control-plane/session-broker-helpers.d.ts +3 -3
- package/dist/platform/control-plane/session-broker-helpers.d.ts.map +1 -1
- package/dist/platform/control-plane/session-broker-inputs.d.ts +18 -0
- package/dist/platform/control-plane/session-broker-inputs.d.ts.map +1 -1
- package/dist/platform/control-plane/session-broker-inputs.js +34 -0
- package/dist/platform/control-plane/session-broker-sessions.d.ts +102 -3
- package/dist/platform/control-plane/session-broker-sessions.d.ts.map +1 -1
- package/dist/platform/control-plane/session-broker-sessions.js +179 -5
- package/dist/platform/control-plane/session-broker-state.d.ts +20 -1
- package/dist/platform/control-plane/session-broker-state.d.ts.map +1 -1
- package/dist/platform/control-plane/session-broker-state.js +67 -5
- package/dist/platform/control-plane/session-broker.d.ts +51 -38
- package/dist/platform/control-plane/session-broker.d.ts.map +1 -1
- package/dist/platform/control-plane/session-broker.js +183 -75
- package/dist/platform/control-plane/session-store-importer.d.ts +57 -0
- package/dist/platform/control-plane/session-store-importer.d.ts.map +1 -0
- package/dist/platform/control-plane/session-store-importer.js +227 -0
- package/dist/platform/control-plane/session-types.d.ts +142 -7
- package/dist/platform/control-plane/session-types.d.ts.map +1 -1
- package/dist/platform/core/adaptive-planner.d.ts +50 -0
- package/dist/platform/core/adaptive-planner.d.ts.map +1 -1
- package/dist/platform/core/adaptive-planner.js +49 -0
- package/dist/platform/core/execution-plan.d.ts +43 -1
- package/dist/platform/core/execution-plan.d.ts.map +1 -1
- package/dist/platform/core/execution-plan.js +46 -10
- package/dist/platform/core/index.d.ts +2 -0
- package/dist/platform/core/index.d.ts.map +1 -1
- package/dist/platform/core/index.js +2 -0
- package/dist/platform/core/orchestrator-runtime.d.ts +31 -0
- package/dist/platform/core/orchestrator-runtime.d.ts.map +1 -1
- package/dist/platform/core/orchestrator-tool-runtime.d.ts +7 -0
- package/dist/platform/core/orchestrator-tool-runtime.d.ts.map +1 -1
- package/dist/platform/core/orchestrator-tool-runtime.js +10 -0
- package/dist/platform/core/orchestrator-turn-loop.d.ts +35 -1
- package/dist/platform/core/orchestrator-turn-loop.d.ts.map +1 -1
- package/dist/platform/core/orchestrator-turn-loop.js +121 -3
- package/dist/platform/core/orchestrator.d.ts +67 -0
- package/dist/platform/core/orchestrator.d.ts.map +1 -1
- package/dist/platform/core/orchestrator.js +89 -1
- package/dist/platform/core/plan-decomposition.d.ts +196 -0
- package/dist/platform/core/plan-decomposition.d.ts.map +1 -0
- package/dist/platform/core/plan-decomposition.js +417 -0
- package/dist/platform/core/plan-proposal.d.ts +204 -0
- package/dist/platform/core/plan-proposal.d.ts.map +1 -0
- package/dist/platform/core/plan-proposal.js +296 -0
- package/dist/platform/core/wrfc-routing.d.ts +1 -0
- package/dist/platform/core/wrfc-routing.d.ts.map +1 -1
- package/dist/platform/core/wrfc-routing.js +51 -1
- package/dist/platform/daemon/boot.d.ts +63 -0
- package/dist/platform/daemon/boot.d.ts.map +1 -0
- package/dist/platform/daemon/boot.js +60 -0
- package/dist/platform/daemon/cli.js +2 -1
- package/dist/platform/daemon/control-plane.d.ts.map +1 -1
- package/dist/platform/daemon/control-plane.js +50 -1
- package/dist/platform/daemon/facade-composition.d.ts.map +1 -1
- package/dist/platform/daemon/facade-composition.js +6 -0
- package/dist/platform/daemon/facade.d.ts +18 -6
- package/dist/platform/daemon/facade.d.ts.map +1 -1
- package/dist/platform/daemon/facade.js +50 -43
- package/dist/platform/daemon/http/router-route-contexts.d.ts +1 -0
- package/dist/platform/daemon/http/router-route-contexts.d.ts.map +1 -1
- package/dist/platform/daemon/http/router-route-contexts.js +1 -0
- package/dist/platform/daemon/http/router-session-broker-adapter.d.ts +13 -0
- package/dist/platform/daemon/http/router-session-broker-adapter.d.ts.map +1 -0
- package/dist/platform/daemon/http/router-session-broker-adapter.js +27 -0
- package/dist/platform/daemon/http/router.d.ts +1 -1
- package/dist/platform/daemon/http/router.d.ts.map +1 -1
- package/dist/platform/daemon/http/router.js +7 -22
- package/dist/platform/daemon/http/runtime-route-types.d.ts +42 -4
- package/dist/platform/daemon/http/runtime-route-types.d.ts.map +1 -1
- package/dist/platform/daemon/index.d.ts +2 -0
- package/dist/platform/daemon/index.d.ts.map +1 -1
- package/dist/platform/daemon/index.js +1 -0
- package/dist/platform/daemon/service-manager.d.ts +16 -0
- package/dist/platform/daemon/service-manager.d.ts.map +1 -1
- package/dist/platform/daemon/service-manager.js +79 -15
- package/dist/platform/intelligence/tree-sitter/service.d.ts.map +1 -1
- package/dist/platform/intelligence/tree-sitter/service.js +16 -2
- package/dist/platform/knowledge/browser-history/readers.d.ts.map +1 -1
- package/dist/platform/knowledge/browser-history/readers.js +15 -5
- package/dist/platform/knowledge/knowledge-api.d.ts +26 -0
- package/dist/platform/knowledge/knowledge-api.d.ts.map +1 -1
- package/dist/platform/knowledge/knowledge-api.js +11 -0
- package/dist/platform/knowledge/project-planning/service.d.ts +14 -1
- package/dist/platform/knowledge/project-planning/service.d.ts.map +1 -1
- package/dist/platform/knowledge/project-planning/service.js +77 -0
- package/dist/platform/knowledge/project-planning/types.d.ts +32 -0
- package/dist/platform/knowledge/project-planning/types.d.ts.map +1 -1
- package/dist/platform/orchestration/bookkeeping.d.ts +12 -0
- package/dist/platform/orchestration/bookkeeping.d.ts.map +1 -0
- package/dist/platform/orchestration/bookkeeping.js +91 -0
- package/dist/platform/orchestration/budget.d.ts +22 -0
- package/dist/platform/orchestration/budget.d.ts.map +1 -0
- package/dist/platform/orchestration/budget.js +35 -0
- package/dist/platform/orchestration/cancellation.d.ts +31 -0
- package/dist/platform/orchestration/cancellation.d.ts.map +1 -0
- package/dist/platform/orchestration/cancellation.js +25 -0
- package/dist/platform/orchestration/controller-compat.d.ts +46 -0
- package/dist/platform/orchestration/controller-compat.d.ts.map +1 -0
- package/dist/platform/orchestration/controller-compat.js +27 -0
- package/dist/platform/orchestration/dirty-guard.d.ts +32 -0
- package/dist/platform/orchestration/dirty-guard.d.ts.map +1 -0
- package/dist/platform/orchestration/dirty-guard.js +147 -0
- package/dist/platform/orchestration/engine.d.ts +82 -0
- package/dist/platform/orchestration/engine.d.ts.map +1 -0
- package/dist/platform/orchestration/engine.js +623 -0
- package/dist/platform/orchestration/index.d.ts +20 -0
- package/dist/platform/orchestration/index.d.ts.map +1 -0
- package/dist/platform/orchestration/index.js +11 -0
- package/dist/platform/orchestration/persistence.d.ts +24 -0
- package/dist/platform/orchestration/persistence.d.ts.map +1 -0
- package/dist/platform/orchestration/persistence.js +179 -0
- package/dist/platform/orchestration/phase-runner.d.ts +114 -0
- package/dist/platform/orchestration/phase-runner.d.ts.map +1 -0
- package/dist/platform/orchestration/phase-runner.js +347 -0
- package/dist/platform/orchestration/proposal-workstream.d.ts +56 -0
- package/dist/platform/orchestration/proposal-workstream.d.ts.map +1 -0
- package/dist/platform/orchestration/proposal-workstream.js +76 -0
- package/dist/platform/orchestration/scheduler.d.ts +64 -0
- package/dist/platform/orchestration/scheduler.d.ts.map +1 -0
- package/dist/platform/orchestration/scheduler.js +73 -0
- package/dist/platform/orchestration/types.d.ts +535 -0
- package/dist/platform/orchestration/types.d.ts.map +1 -0
- package/dist/platform/orchestration/types.js +47 -0
- package/dist/platform/orchestration/worktree-isolation.d.ts +33 -0
- package/dist/platform/orchestration/worktree-isolation.d.ts.map +1 -0
- package/dist/platform/orchestration/worktree-isolation.js +248 -0
- package/dist/platform/presentation/glyphs.d.ts +91 -0
- package/dist/platform/presentation/glyphs.d.ts.map +1 -0
- package/dist/platform/presentation/glyphs.js +93 -0
- package/dist/platform/presentation/index.d.ts +28 -0
- package/dist/platform/presentation/index.d.ts.map +1 -0
- package/dist/platform/presentation/index.js +27 -0
- package/dist/platform/presentation/thinking-phrases.d.ts +12 -0
- package/dist/platform/presentation/thinking-phrases.d.ts.map +1 -0
- package/dist/platform/presentation/thinking-phrases.js +32 -0
- package/dist/platform/presentation/tones.d.ts +121 -0
- package/dist/platform/presentation/tones.d.ts.map +1 -0
- package/dist/platform/presentation/tones.js +145 -0
- package/dist/platform/presentation/waiting-wording.d.ts +54 -0
- package/dist/platform/presentation/waiting-wording.d.ts.map +1 -0
- package/dist/platform/presentation/waiting-wording.js +51 -0
- package/dist/platform/providers/runtime-snapshot.d.ts.map +1 -1
- package/dist/platform/providers/runtime-snapshot.js +12 -2
- package/dist/platform/runtime/bootstrap-services.d.ts +62 -2
- package/dist/platform/runtime/bootstrap-services.d.ts.map +1 -1
- package/dist/platform/runtime/bootstrap-services.js +217 -50
- package/dist/platform/runtime/daemon-version-compat.d.ts +39 -0
- package/dist/platform/runtime/daemon-version-compat.d.ts.map +1 -0
- package/dist/platform/runtime/daemon-version-compat.js +75 -0
- package/dist/platform/runtime/detached-daemon-runtime.d.ts +26 -0
- package/dist/platform/runtime/detached-daemon-runtime.d.ts.map +1 -0
- package/dist/platform/runtime/detached-daemon-runtime.js +49 -0
- package/dist/platform/runtime/emitters/communication.d.ts +11 -0
- package/dist/platform/runtime/emitters/communication.d.ts.map +1 -1
- package/dist/platform/runtime/emitters/communication.js +9 -0
- package/dist/platform/runtime/emitters/workflows.d.ts +1 -1
- package/dist/platform/runtime/emitters/workflows.d.ts.map +1 -1
- package/dist/platform/runtime/events/index.d.ts +13 -0
- package/dist/platform/runtime/events/index.d.ts.map +1 -1
- package/dist/platform/runtime/events/index.js +13 -0
- package/dist/platform/runtime/feature-flags/flags.d.ts.map +1 -1
- package/dist/platform/runtime/feature-flags/flags.js +56 -1
- package/dist/platform/runtime/fleet/adapters/agent.d.ts +56 -0
- package/dist/platform/runtime/fleet/adapters/agent.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/adapters/agent.js +143 -0
- package/dist/platform/runtime/fleet/adapters/automation.d.ts +30 -0
- package/dist/platform/runtime/fleet/adapters/automation.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/adapters/automation.js +41 -0
- package/dist/platform/runtime/fleet/adapters/background-process.d.ts +12 -0
- package/dist/platform/runtime/fleet/adapters/background-process.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/adapters/background-process.js +46 -0
- package/dist/platform/runtime/fleet/adapters/code-index.d.ts +21 -0
- package/dist/platform/runtime/fleet/adapters/code-index.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/adapters/code-index.js +44 -0
- package/dist/platform/runtime/fleet/adapters/orchestration.d.ts +69 -0
- package/dist/platform/runtime/fleet/adapters/orchestration.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/adapters/orchestration.js +329 -0
- package/dist/platform/runtime/fleet/adapters/schedule.d.ts +14 -0
- package/dist/platform/runtime/fleet/adapters/schedule.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/adapters/schedule.js +28 -0
- package/dist/platform/runtime/fleet/adapters/trigger.d.ts +12 -0
- package/dist/platform/runtime/fleet/adapters/trigger.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/adapters/trigger.js +22 -0
- package/dist/platform/runtime/fleet/adapters/watcher.d.ts +13 -0
- package/dist/platform/runtime/fleet/adapters/watcher.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/adapters/watcher.js +47 -0
- package/dist/platform/runtime/fleet/adapters/workflow.d.ts +11 -0
- package/dist/platform/runtime/fleet/adapters/workflow.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/adapters/workflow.js +34 -0
- package/dist/platform/runtime/fleet/adapters/wrfc.d.ts +35 -0
- package/dist/platform/runtime/fleet/adapters/wrfc.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/adapters/wrfc.js +275 -0
- package/dist/platform/runtime/fleet/index.d.ts +10 -0
- package/dist/platform/runtime/fleet/index.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/index.js +6 -0
- package/dist/platform/runtime/fleet/registry.d.ts +113 -0
- package/dist/platform/runtime/fleet/registry.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/registry.js +664 -0
- package/dist/platform/runtime/fleet/types.d.ts +199 -0
- package/dist/platform/runtime/fleet/types.d.ts.map +1 -0
- package/dist/platform/runtime/fleet/types.js +2 -0
- package/dist/platform/runtime/operator-client.d.ts +20 -2
- package/dist/platform/runtime/operator-client.d.ts.map +1 -1
- package/dist/platform/runtime/operator-client.js +11 -1
- package/dist/platform/runtime/provider-accounts/registry.d.ts.map +1 -1
- package/dist/platform/runtime/provider-accounts/registry.js +11 -1
- package/dist/platform/runtime/runtime-knowledge-api.d.ts +1 -1
- package/dist/platform/runtime/runtime-knowledge-api.d.ts.map +1 -1
- package/dist/platform/runtime/runtime-knowledge-api.js +1 -0
- package/dist/platform/runtime/services.d.ts +48 -0
- package/dist/platform/runtime/services.d.ts.map +1 -1
- package/dist/platform/runtime/services.js +95 -2
- package/dist/platform/runtime/session-spine/client.d.ts +234 -0
- package/dist/platform/runtime/session-spine/client.d.ts.map +1 -0
- package/dist/platform/runtime/session-spine/client.js +449 -0
- package/dist/platform/runtime/session-spine/index.d.ts +12 -0
- package/dist/platform/runtime/session-spine/index.d.ts.map +1 -0
- package/dist/platform/runtime/session-spine/index.js +11 -0
- package/dist/platform/runtime/session-spine/union-cache.d.ts +225 -0
- package/dist/platform/runtime/session-spine/union-cache.d.ts.map +1 -0
- package/dist/platform/runtime/session-spine/union-cache.js +333 -0
- package/dist/platform/runtime/shell-command-ops.d.ts +3 -1
- package/dist/platform/runtime/shell-command-ops.d.ts.map +1 -1
- package/dist/platform/runtime/transports/daemon-http-client-validators.d.ts.map +1 -1
- package/dist/platform/runtime/transports/daemon-http-client-validators.js +22 -0
- package/dist/platform/runtime/transports/daemon-http-client.d.ts.map +1 -1
- package/dist/platform/runtime/transports/daemon-http-client.js +25 -2
- package/dist/platform/runtime/transports/http-types.d.ts +9 -2
- package/dist/platform/runtime/transports/http-types.d.ts.map +1 -1
- package/dist/platform/state/canonical-memory.d.ts +95 -0
- package/dist/platform/state/canonical-memory.d.ts.map +1 -0
- package/dist/platform/state/canonical-memory.js +155 -0
- package/dist/platform/state/code-index-chunking.d.ts +49 -0
- package/dist/platform/state/code-index-chunking.d.ts.map +1 -0
- package/dist/platform/state/code-index-chunking.js +111 -0
- package/dist/platform/state/code-index-db.d.ts +53 -0
- package/dist/platform/state/code-index-db.d.ts.map +1 -0
- package/dist/platform/state/code-index-db.js +101 -0
- package/dist/platform/state/code-index-reindex.d.ts +73 -0
- package/dist/platform/state/code-index-reindex.d.ts.map +1 -0
- package/dist/platform/state/code-index-reindex.js +156 -0
- package/dist/platform/state/code-index-store.d.ts +175 -0
- package/dist/platform/state/code-index-store.d.ts.map +1 -0
- package/dist/platform/state/code-index-store.js +620 -0
- package/dist/platform/state/index.d.ts +12 -2
- package/dist/platform/state/index.d.ts.map +1 -1
- package/dist/platform/state/index.js +6 -1
- package/dist/platform/state/knowledge-injection.d.ts +23 -0
- package/dist/platform/state/knowledge-injection.d.ts.map +1 -1
- package/dist/platform/state/knowledge-injection.js +34 -19
- package/dist/platform/state/memory-recall-contract.d.ts +63 -0
- package/dist/platform/state/memory-recall-contract.d.ts.map +1 -0
- package/dist/platform/state/memory-recall-contract.js +94 -0
- package/dist/platform/state/memory-store.d.ts +2 -0
- package/dist/platform/state/memory-store.d.ts.map +1 -1
- package/dist/platform/state/memory-store.js +4 -0
- package/dist/platform/state/memory-vector-store.d.ts +1 -13
- package/dist/platform/state/memory-vector-store.d.ts.map +1 -1
- package/dist/platform/state/memory-vector-store.js +18 -39
- package/dist/platform/state/sqlite-store.d.ts +2 -0
- package/dist/platform/state/sqlite-store.d.ts.map +1 -1
- package/dist/platform/state/sqlite-store.js +4 -0
- package/dist/platform/state/sqlite-vec-loader.d.ts +25 -0
- package/dist/platform/state/sqlite-vec-loader.d.ts.map +1 -0
- package/dist/platform/state/sqlite-vec-loader.js +43 -0
- package/dist/platform/state/vibe-projection.d.ts +67 -0
- package/dist/platform/state/vibe-projection.d.ts.map +1 -0
- package/dist/platform/state/vibe-projection.js +115 -0
- package/dist/platform/tools/agent/index.d.ts.map +1 -1
- package/dist/platform/tools/agent/index.js +8 -0
- package/dist/platform/tools/agent/manager.d.ts +140 -1
- package/dist/platform/tools/agent/manager.d.ts.map +1 -1
- package/dist/platform/tools/agent/manager.js +143 -1
- package/dist/platform/tools/agent/schema.d.ts +26 -0
- package/dist/platform/tools/agent/schema.d.ts.map +1 -1
- package/dist/platform/tools/agent/schema.js +2 -2
- package/dist/platform/tools/agent/wrfc-batch-policy.d.ts +13 -0
- package/dist/platform/tools/agent/wrfc-batch-policy.d.ts.map +1 -1
- package/dist/platform/tools/agent/wrfc-batch-policy.js +60 -0
- package/dist/platform/tools/exec/runtime.d.ts +10 -0
- package/dist/platform/tools/exec/runtime.d.ts.map +1 -1
- package/dist/platform/tools/exec/runtime.js +161 -49
- package/dist/platform/tools/exec/schema.d.ts +3 -1
- package/dist/platform/tools/exec/schema.d.ts.map +1 -1
- package/dist/platform/tools/exec/schema.js +2 -1
- package/dist/platform/tools/fetch/runtime.d.ts +7 -0
- package/dist/platform/tools/fetch/runtime.d.ts.map +1 -1
- package/dist/platform/tools/fetch/runtime.js +8 -6
- package/dist/platform/tools/index.d.ts +2 -0
- package/dist/platform/tools/index.d.ts.map +1 -1
- package/dist/platform/tools/index.js +2 -0
- package/dist/platform/tools/registry.d.ts +9 -3
- package/dist/platform/tools/registry.d.ts.map +1 -1
- package/dist/platform/tools/registry.js +9 -3
- package/dist/platform/tools/state/index.d.ts +9 -0
- package/dist/platform/tools/state/index.d.ts.map +1 -1
- package/dist/platform/tools/state/index.js +60 -3
- package/dist/platform/types/foundation-contract.d.ts +1 -1
- package/dist/platform/types/foundation-contract.d.ts.map +1 -1
- package/dist/platform/types/index.d.ts +1 -1
- package/dist/platform/types/index.d.ts.map +1 -1
- package/dist/platform/types/tools.d.ts +14 -1
- package/dist/platform/types/tools.d.ts.map +1 -1
- package/dist/platform/version.js +1 -1
- package/package.json +29 -9
- package/dist/platform/control-plane/routes/automation.d.ts +0 -3
- package/dist/platform/control-plane/routes/automation.d.ts.map +0 -1
- package/dist/platform/control-plane/routes/automation.js +0 -63
- package/dist/platform/control-plane/routes/context.d.ts +0 -2
- package/dist/platform/control-plane/routes/context.d.ts.map +0 -1
- package/dist/platform/control-plane/routes/context.js +0 -1
- package/dist/platform/control-plane/routes/operator.d.ts +0 -8
- package/dist/platform/control-plane/routes/operator.d.ts.map +0 -1
- package/dist/platform/control-plane/routes/operator.js +0 -415
- package/dist/platform/control-plane/routes/remote.d.ts +0 -3
- package/dist/platform/control-plane/routes/remote.d.ts.map +0 -1
- package/dist/platform/control-plane/routes/remote.js +0 -35
- package/dist/platform/control-plane/routes/sessions.d.ts +0 -3
- package/dist/platform/control-plane/routes/sessions.d.ts.map +0 -1
- package/dist/platform/control-plane/routes/sessions.js +0 -43
- package/dist/platform/control-plane/routes/tasks.d.ts +0 -3
- package/dist/platform/control-plane/routes/tasks.d.ts.map +0 -1
- package/dist/platform/control-plane/routes/tasks.js +0 -22
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* oauth-token-store.ts — token persistence + honest lifecycle over the injected
|
|
3
|
+
* secret store. Tokens (access + refresh) live ONLY in the secret store, never in
|
|
4
|
+
* plain config and never echoed. The store computes an honest connection state from
|
|
5
|
+
* the stored set + the clock, auto-refreshes when the access token is due, and — when
|
|
6
|
+
* a refresh fails — records a durable `reconnect-needed` marker so every later read is
|
|
7
|
+
* honest about the account being broken until the user reconnects.
|
|
8
|
+
*/
|
|
9
|
+
import type { CalendarProviderId, Clock, ConnectedAccount, ConnectionState, HttpFetch, ResolvedClientConfig, SecretStoreSlice, StoredTokenSet } from './oauth-types.js';
|
|
10
|
+
export interface CalendarTokenStoreOptions {
|
|
11
|
+
readonly secrets: SecretStoreSlice;
|
|
12
|
+
readonly clock?: Clock;
|
|
13
|
+
/** How long before expiry a token counts as due for refresh. */
|
|
14
|
+
readonly refreshLeewayMs?: number;
|
|
15
|
+
}
|
|
16
|
+
/** A refresh failure the caller turns into a "reconnect needed" surface. */
|
|
17
|
+
export declare class TokenRefreshError extends Error {
|
|
18
|
+
readonly provider: CalendarProviderId;
|
|
19
|
+
constructor(provider: CalendarProviderId, message: string);
|
|
20
|
+
}
|
|
21
|
+
export declare class CalendarTokenStore {
|
|
22
|
+
private readonly secrets;
|
|
23
|
+
private readonly clock;
|
|
24
|
+
private readonly leewayMs;
|
|
25
|
+
/**
|
|
26
|
+
* In-instance single-flight dedup for concurrent refreshes of the same provider.
|
|
27
|
+
* Providers that rotate refresh tokens (Microsoft) invalidate the prior refresh
|
|
28
|
+
* token the moment one refresh succeeds — a second concurrent call that still
|
|
29
|
+
* holds the OLD refresh token would otherwise lose the race with invalid_grant
|
|
30
|
+
* and stamp reconnect-needed over a perfectly working account. Every concurrent
|
|
31
|
+
* caller for a given provider instead awaits the SAME in-flight refresh.
|
|
32
|
+
*/
|
|
33
|
+
private readonly inflightRefresh;
|
|
34
|
+
constructor(options: CalendarTokenStoreOptions);
|
|
35
|
+
/** Persist a fresh token set + account metadata; clears any reconnect marker. */
|
|
36
|
+
save(provider: CalendarProviderId, tokens: StoredTokenSet, account: ConnectedAccount): Promise<void>;
|
|
37
|
+
/** Read the stored token set for a provider, or null when disconnected. */
|
|
38
|
+
load(provider: CalendarProviderId): Promise<StoredTokenSet | null>;
|
|
39
|
+
/** Read the account metadata for a provider, or null. */
|
|
40
|
+
loadAccount(provider: CalendarProviderId): Promise<ConnectedAccount | null>;
|
|
41
|
+
/** List every connected account across providers. */
|
|
42
|
+
listAccounts(): Promise<ConnectedAccount[]>;
|
|
43
|
+
/** The honest connection state, from the marker + stored set + clock. */
|
|
44
|
+
connectionState(provider: CalendarProviderId): Promise<ConnectionState>;
|
|
45
|
+
/**
|
|
46
|
+
* Return a usable access token, refreshing first when it is due. On a refresh
|
|
47
|
+
* failure this records a durable reconnect-needed marker and throws
|
|
48
|
+
* TokenRefreshError — never returns a stale/invalid token as if it were good.
|
|
49
|
+
*/
|
|
50
|
+
getFreshAccessToken(provider: CalendarProviderId, config: ResolvedClientConfig, fetchImpl: HttpFetch): Promise<string>;
|
|
51
|
+
private performRefresh;
|
|
52
|
+
/**
|
|
53
|
+
* Disconnect a provider: revoke the token at the provider when possible, then
|
|
54
|
+
* delete every stored key. Returns whether the provider-side revocation succeeded
|
|
55
|
+
* (false for providers without a revocation endpoint — disconnect is still local).
|
|
56
|
+
*/
|
|
57
|
+
disconnect(provider: CalendarProviderId, config: ResolvedClientConfig, fetchImpl: HttpFetch): Promise<{
|
|
58
|
+
readonly revokedRemotely: boolean;
|
|
59
|
+
}>;
|
|
60
|
+
/**
|
|
61
|
+
* Stamp the durable reconnect-needed marker — UNLESS a valid (non-expired) token
|
|
62
|
+
* set already exists. A refresh can fail here while a concurrent winner (this
|
|
63
|
+
* instance's own single-flight already prevents an in-process race, but a
|
|
64
|
+
* separate process/instance sharing the same secret store is not covered by
|
|
65
|
+
* that) has already stored a fresh, working token set for the same provider.
|
|
66
|
+
* Re-reading state immediately before writing the marker means a genuinely
|
|
67
|
+
* working account is never overwritten with a false "reconnect needed".
|
|
68
|
+
*/
|
|
69
|
+
private markReconnectNeeded;
|
|
70
|
+
private syntheticAccount;
|
|
71
|
+
}
|
|
72
|
+
//# sourceMappingURL=oauth-token-store.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-token-store.d.ts","sourceRoot":"","sources":["../../../src/platform/calendar/oauth-token-store.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EACV,kBAAkB,EAClB,KAAK,EACL,gBAAgB,EAChB,eAAe,EACf,SAAS,EACT,oBAAoB,EACpB,gBAAgB,EAChB,cAAc,EACf,MAAM,kBAAkB,CAAC;AAgB1B,MAAM,WAAW,yBAAyB;IACxC,QAAQ,CAAC,OAAO,EAAE,gBAAgB,CAAC;IACnC,QAAQ,CAAC,KAAK,CAAC,EAAE,KAAK,CAAC;IACvB,gEAAgE;IAChE,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC;CACnC;AAED,4EAA4E;AAC5E,qBAAa,iBAAkB,SAAQ,KAAK;IAC1C,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;gBAC1B,QAAQ,EAAE,kBAAkB,EAAE,OAAO,EAAE,MAAM;CAK1D;AAED,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAmB;IAC3C,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAQ;IAC9B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC;;;;;;;OAOG;IACH,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkD;gBAEtE,OAAO,EAAE,yBAAyB;IAM9C,iFAAiF;IAC3E,IAAI,CAAC,QAAQ,EAAE,kBAAkB,EAAE,MAAM,EAAE,cAAc,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IAM1G,2EAA2E;IACrE,IAAI,CAAC,QAAQ,EAAE,kBAAkB,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IAUxE,yDAAyD;IACnD,WAAW,CAAC,QAAQ,EAAE,kBAAkB,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC;IAUjF,qDAAqD;IAC/C,YAAY,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;IASjD,yEAAyE;IACnE,eAAe,CAAC,QAAQ,EAAE,kBAAkB,GAAG,OAAO,CAAC,eAAe,CAAC;IAS7E;;;;OAIG;IACG,mBAAmB,CACvB,QAAQ,EAAE,kBAAkB,EAC5B,MAAM,EAAE,oBAAoB,EAC5B,SAAS,EAAE,SAAS,GACnB,OAAO,CAAC,MAAM,CAAC;YAuBJ,cAAc;IAmB5B;;;;OAIG;IACG,UAAU,CACd,QAAQ,EAAE,kBAAkB,EAC5B,MAAM,EAAE,oBAAoB,EAC5B,SAAS,EAAE,SAAS,GACnB,OAAO,CAAC;QAAE,QAAQ,CAAC,eAAe,EAAE,OAAO,CAAA;KAAE,CAAC;IAYjD;;;;;;;;OAQG;YACW,mBAAmB;IASjC,OAAO,CAAC,gBAAgB;CASzB"}
|
|
@@ -0,0 +1,189 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* oauth-token-store.ts — token persistence + honest lifecycle over the injected
|
|
3
|
+
* secret store. Tokens (access + refresh) live ONLY in the secret store, never in
|
|
4
|
+
* plain config and never echoed. The store computes an honest connection state from
|
|
5
|
+
* the stored set + the clock, auto-refreshes when the access token is due, and — when
|
|
6
|
+
* a refresh fails — records a durable `reconnect-needed` marker so every later read is
|
|
7
|
+
* honest about the account being broken until the user reconnects.
|
|
8
|
+
*/
|
|
9
|
+
import { OAuthFlowError, refreshAccessToken, revokeToken } from './oauth-flow.js';
|
|
10
|
+
const DEFAULT_REFRESH_LEEWAY_MS = 60_000;
|
|
11
|
+
function tokenKey(provider) {
|
|
12
|
+
return `GOODVIBES_CALENDAR_${provider.toUpperCase()}_TOKENS`;
|
|
13
|
+
}
|
|
14
|
+
function accountKey(provider) {
|
|
15
|
+
return `GOODVIBES_CALENDAR_${provider.toUpperCase()}_ACCOUNT`;
|
|
16
|
+
}
|
|
17
|
+
function statusKey(provider) {
|
|
18
|
+
return `GOODVIBES_CALENDAR_${provider.toUpperCase()}_STATUS`;
|
|
19
|
+
}
|
|
20
|
+
const ALL_PROVIDERS = ['google', 'microsoft'];
|
|
21
|
+
/** A refresh failure the caller turns into a "reconnect needed" surface. */
|
|
22
|
+
export class TokenRefreshError extends Error {
|
|
23
|
+
provider;
|
|
24
|
+
constructor(provider, message) {
|
|
25
|
+
super(message);
|
|
26
|
+
this.name = 'TokenRefreshError';
|
|
27
|
+
this.provider = provider;
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
export class CalendarTokenStore {
|
|
31
|
+
secrets;
|
|
32
|
+
clock;
|
|
33
|
+
leewayMs;
|
|
34
|
+
/**
|
|
35
|
+
* In-instance single-flight dedup for concurrent refreshes of the same provider.
|
|
36
|
+
* Providers that rotate refresh tokens (Microsoft) invalidate the prior refresh
|
|
37
|
+
* token the moment one refresh succeeds — a second concurrent call that still
|
|
38
|
+
* holds the OLD refresh token would otherwise lose the race with invalid_grant
|
|
39
|
+
* and stamp reconnect-needed over a perfectly working account. Every concurrent
|
|
40
|
+
* caller for a given provider instead awaits the SAME in-flight refresh.
|
|
41
|
+
*/
|
|
42
|
+
inflightRefresh = new Map();
|
|
43
|
+
constructor(options) {
|
|
44
|
+
this.secrets = options.secrets;
|
|
45
|
+
this.clock = options.clock ?? (() => Date.now());
|
|
46
|
+
this.leewayMs = options.refreshLeewayMs ?? DEFAULT_REFRESH_LEEWAY_MS;
|
|
47
|
+
}
|
|
48
|
+
/** Persist a fresh token set + account metadata; clears any reconnect marker. */
|
|
49
|
+
async save(provider, tokens, account) {
|
|
50
|
+
await this.secrets.set(tokenKey(provider), JSON.stringify(tokens));
|
|
51
|
+
await this.secrets.set(accountKey(provider), JSON.stringify(account));
|
|
52
|
+
await this.secrets.delete(statusKey(provider));
|
|
53
|
+
}
|
|
54
|
+
/** Read the stored token set for a provider, or null when disconnected. */
|
|
55
|
+
async load(provider) {
|
|
56
|
+
const raw = await this.secrets.get(tokenKey(provider));
|
|
57
|
+
if (!raw)
|
|
58
|
+
return null;
|
|
59
|
+
try {
|
|
60
|
+
return JSON.parse(raw);
|
|
61
|
+
}
|
|
62
|
+
catch {
|
|
63
|
+
return null;
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
/** Read the account metadata for a provider, or null. */
|
|
67
|
+
async loadAccount(provider) {
|
|
68
|
+
const raw = await this.secrets.get(accountKey(provider));
|
|
69
|
+
if (!raw)
|
|
70
|
+
return null;
|
|
71
|
+
try {
|
|
72
|
+
return JSON.parse(raw);
|
|
73
|
+
}
|
|
74
|
+
catch {
|
|
75
|
+
return null;
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
/** List every connected account across providers. */
|
|
79
|
+
async listAccounts() {
|
|
80
|
+
const out = [];
|
|
81
|
+
for (const provider of ALL_PROVIDERS) {
|
|
82
|
+
const account = await this.loadAccount(provider);
|
|
83
|
+
if (account)
|
|
84
|
+
out.push(account);
|
|
85
|
+
}
|
|
86
|
+
return out;
|
|
87
|
+
}
|
|
88
|
+
/** The honest connection state, from the marker + stored set + clock. */
|
|
89
|
+
async connectionState(provider) {
|
|
90
|
+
if (await this.secrets.get(statusKey(provider)))
|
|
91
|
+
return 'reconnect-needed';
|
|
92
|
+
const tokens = await this.load(provider);
|
|
93
|
+
if (!tokens)
|
|
94
|
+
return 'disconnected';
|
|
95
|
+
if (typeof tokens.expiresAt !== 'number')
|
|
96
|
+
return 'connected';
|
|
97
|
+
if (this.clock() < tokens.expiresAt - this.leewayMs)
|
|
98
|
+
return 'connected';
|
|
99
|
+
return tokens.refreshToken ? 'refresh-due' : 'reconnect-needed';
|
|
100
|
+
}
|
|
101
|
+
/**
|
|
102
|
+
* Return a usable access token, refreshing first when it is due. On a refresh
|
|
103
|
+
* failure this records a durable reconnect-needed marker and throws
|
|
104
|
+
* TokenRefreshError — never returns a stale/invalid token as if it were good.
|
|
105
|
+
*/
|
|
106
|
+
async getFreshAccessToken(provider, config, fetchImpl) {
|
|
107
|
+
const tokens = await this.load(provider);
|
|
108
|
+
if (!tokens)
|
|
109
|
+
throw new TokenRefreshError(provider, `No ${provider} account is connected.`);
|
|
110
|
+
const due = typeof tokens.expiresAt === 'number' && this.clock() >= tokens.expiresAt - this.leewayMs;
|
|
111
|
+
if (!due)
|
|
112
|
+
return tokens.accessToken;
|
|
113
|
+
if (!tokens.refreshToken) {
|
|
114
|
+
await this.markReconnectNeeded(provider);
|
|
115
|
+
throw new TokenRefreshError(provider, `The ${provider} access token expired and no refresh token is stored.`);
|
|
116
|
+
}
|
|
117
|
+
// Single-flight: a refresh already in progress for this provider serves every
|
|
118
|
+
// concurrent caller instead of each racing the provider with the same (possibly
|
|
119
|
+
// about-to-be-rotated) refresh token.
|
|
120
|
+
const existing = this.inflightRefresh.get(provider);
|
|
121
|
+
if (existing)
|
|
122
|
+
return existing;
|
|
123
|
+
const refreshToken = tokens.refreshToken;
|
|
124
|
+
const inFlight = this.performRefresh(provider, config, fetchImpl, refreshToken)
|
|
125
|
+
.finally(() => {
|
|
126
|
+
if (this.inflightRefresh.get(provider) === inFlight)
|
|
127
|
+
this.inflightRefresh.delete(provider);
|
|
128
|
+
});
|
|
129
|
+
this.inflightRefresh.set(provider, inFlight);
|
|
130
|
+
return inFlight;
|
|
131
|
+
}
|
|
132
|
+
async performRefresh(provider, config, fetchImpl, refreshToken) {
|
|
133
|
+
let refreshed;
|
|
134
|
+
try {
|
|
135
|
+
refreshed = await refreshAccessToken(config, fetchImpl, refreshToken, this.clock());
|
|
136
|
+
}
|
|
137
|
+
catch (error) {
|
|
138
|
+
await this.markReconnectNeeded(provider);
|
|
139
|
+
const detail = error instanceof OAuthFlowError ? error.message : String(error);
|
|
140
|
+
throw new TokenRefreshError(provider, `Refreshing the ${provider} token failed: ${detail}`);
|
|
141
|
+
}
|
|
142
|
+
const account = (await this.loadAccount(provider)) ?? this.syntheticAccount(provider, refreshed);
|
|
143
|
+
await this.save(provider, refreshed, account);
|
|
144
|
+
return refreshed.accessToken;
|
|
145
|
+
}
|
|
146
|
+
/**
|
|
147
|
+
* Disconnect a provider: revoke the token at the provider when possible, then
|
|
148
|
+
* delete every stored key. Returns whether the provider-side revocation succeeded
|
|
149
|
+
* (false for providers without a revocation endpoint — disconnect is still local).
|
|
150
|
+
*/
|
|
151
|
+
async disconnect(provider, config, fetchImpl) {
|
|
152
|
+
const tokens = await this.load(provider);
|
|
153
|
+
let revokedRemotely = false;
|
|
154
|
+
if (tokens) {
|
|
155
|
+
revokedRemotely = await revokeToken(config, fetchImpl, tokens.refreshToken ?? tokens.accessToken);
|
|
156
|
+
}
|
|
157
|
+
await this.secrets.delete(tokenKey(provider));
|
|
158
|
+
await this.secrets.delete(accountKey(provider));
|
|
159
|
+
await this.secrets.delete(statusKey(provider));
|
|
160
|
+
return { revokedRemotely };
|
|
161
|
+
}
|
|
162
|
+
/**
|
|
163
|
+
* Stamp the durable reconnect-needed marker — UNLESS a valid (non-expired) token
|
|
164
|
+
* set already exists. A refresh can fail here while a concurrent winner (this
|
|
165
|
+
* instance's own single-flight already prevents an in-process race, but a
|
|
166
|
+
* separate process/instance sharing the same secret store is not covered by
|
|
167
|
+
* that) has already stored a fresh, working token set for the same provider.
|
|
168
|
+
* Re-reading state immediately before writing the marker means a genuinely
|
|
169
|
+
* working account is never overwritten with a false "reconnect needed".
|
|
170
|
+
*/
|
|
171
|
+
async markReconnectNeeded(provider) {
|
|
172
|
+
const current = await this.load(provider);
|
|
173
|
+
if (current) {
|
|
174
|
+
const stillValid = typeof current.expiresAt !== 'number' || this.clock() < current.expiresAt - this.leewayMs;
|
|
175
|
+
if (stillValid)
|
|
176
|
+
return;
|
|
177
|
+
}
|
|
178
|
+
await this.secrets.set(statusKey(provider), 'reconnect-needed');
|
|
179
|
+
}
|
|
180
|
+
syntheticAccount(provider, tokens) {
|
|
181
|
+
return {
|
|
182
|
+
provider,
|
|
183
|
+
accountId: provider,
|
|
184
|
+
label: provider === 'google' ? 'Google Calendar' : 'Microsoft Outlook',
|
|
185
|
+
scopes: tokens.scopes ?? [],
|
|
186
|
+
connectedAt: tokens.obtainedAt,
|
|
187
|
+
};
|
|
188
|
+
}
|
|
189
|
+
}
|
|
@@ -0,0 +1,274 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* oauth-types.ts — the shared type surface for the calendar OAuth + API connector
|
|
3
|
+
* layer (One-Platform Wave 4, A10). Sits alongside A9's .ics reader/subscription
|
|
4
|
+
* store in the same module: A9 owns file/feed reading; this half owns authenticated
|
|
5
|
+
* provider connectivity (Google Calendar API v3, Microsoft Graph) over OAuth 2.0.
|
|
6
|
+
*
|
|
7
|
+
* Pure data shapes only — no fs, no network, no process globals. The network is an
|
|
8
|
+
* INJECTED boundary (HttpFetch); the loopback redirect capture is an INJECTED
|
|
9
|
+
* boundary (LoopbackWaiter); token persistence is an INJECTED secret store slice.
|
|
10
|
+
* Tests supply fakes for all three, so nothing here ever reaches a real network,
|
|
11
|
+
* a real port, or a real keychain.
|
|
12
|
+
*
|
|
13
|
+
* Honesty contract (see docs/decisions/2026-07-06-calendar-oauth-connector-sdk.md):
|
|
14
|
+
* - a token whose refresh fails is NEVER silently treated as valid; it surfaces as
|
|
15
|
+
* `connection-state: 'reconnect-needed'` naming the reason.
|
|
16
|
+
* - a 403 that names a missing scope surfaces as `insufficient-scope` naming the
|
|
17
|
+
* exact scope, not a generic failure.
|
|
18
|
+
* - the bundled project client id is an honest placeholder until Mike registers the
|
|
19
|
+
* project apps; a flow attempted against the placeholder reports
|
|
20
|
+
* `client-not-configured`, never a fake success.
|
|
21
|
+
*/
|
|
22
|
+
import type { CalendarEvent, EventDateTime } from './types.js';
|
|
23
|
+
export type { Clock } from './types.js';
|
|
24
|
+
/** Which authenticated calendar provider a connection speaks to. */
|
|
25
|
+
export type CalendarProviderId = 'google' | 'microsoft';
|
|
26
|
+
/** The label recorded on every event so a merged view can say where it came from. */
|
|
27
|
+
export type CalendarSource = 'google-api' | 'microsoft-graph' | 'ics-feed' | 'local';
|
|
28
|
+
/**
|
|
29
|
+
* A provider profile: the fixed OAuth + API endpoints and defaults for one provider.
|
|
30
|
+
* Everything a user does NOT supply (endpoints, default scopes, the bundled project
|
|
31
|
+
* client id) lives here; what the user CAN supply (their own client id/secret,
|
|
32
|
+
* scope overrides) arrives as OAuthClientOverrides and is merged in at resolve time.
|
|
33
|
+
*/
|
|
34
|
+
export interface OAuthProviderProfile {
|
|
35
|
+
readonly provider: CalendarProviderId;
|
|
36
|
+
/** Human label, e.g. 'Google Calendar' / 'Microsoft Outlook'. */
|
|
37
|
+
readonly displayName: string;
|
|
38
|
+
readonly authorizationEndpoint: string;
|
|
39
|
+
readonly tokenEndpoint: string;
|
|
40
|
+
/** Device-authorization endpoint; both providers support the device-code grant. */
|
|
41
|
+
readonly deviceAuthorizationEndpoint: string;
|
|
42
|
+
/** Token-revocation endpoint, when the provider offers one (Google does; MS does not). */
|
|
43
|
+
readonly revocationEndpoint?: string;
|
|
44
|
+
/** The API base the calendar client talks to after auth. */
|
|
45
|
+
readonly apiBaseUrl: string;
|
|
46
|
+
/** Default scopes when the user does not override them. */
|
|
47
|
+
readonly defaultScopes: readonly string[];
|
|
48
|
+
/**
|
|
49
|
+
* The project-level ("bundled") client id shipped in config defaults — the
|
|
50
|
+
* rclone/gh pattern. Native-app client ids are not secrets (RFC 8252); paired
|
|
51
|
+
* with PKCE no client secret is needed for the installed-app / public-client
|
|
52
|
+
* profile. Ships as an honest PLACEHOLDER until Mike registers the project apps.
|
|
53
|
+
*/
|
|
54
|
+
readonly bundledClientId: string;
|
|
55
|
+
/**
|
|
56
|
+
* The literal placeholder value bundledClientId holds before real registration.
|
|
57
|
+
* When the resolved client id still equals this, the flow reports
|
|
58
|
+
* `client-not-configured` instead of attempting a doomed round-trip.
|
|
59
|
+
*/
|
|
60
|
+
readonly placeholderClientId: string;
|
|
61
|
+
/** Extra fixed authorization-request params (e.g. Google's access_type=offline). */
|
|
62
|
+
readonly extraAuthParams?: Readonly<Record<string, string>>;
|
|
63
|
+
}
|
|
64
|
+
/** What a user MAY override — never required; surfaced only under "advanced". */
|
|
65
|
+
export interface OAuthClientOverrides {
|
|
66
|
+
/** A user's own registered client id (confidential- or public-client). */
|
|
67
|
+
readonly clientId?: string;
|
|
68
|
+
/**
|
|
69
|
+
* A user's own client secret, for a confidential-client registration. Absent for
|
|
70
|
+
* the default public native-app profile (PKCE, no secret). Secret-stored, never
|
|
71
|
+
* echoed.
|
|
72
|
+
*/
|
|
73
|
+
readonly clientSecret?: string;
|
|
74
|
+
/** Scope override; when absent the profile's defaultScopes are used. */
|
|
75
|
+
readonly scopes?: readonly string[];
|
|
76
|
+
/** Loopback redirect host/port override for the auth-code flow. */
|
|
77
|
+
readonly redirectHost?: string;
|
|
78
|
+
readonly redirectPort?: number;
|
|
79
|
+
}
|
|
80
|
+
/** The fully-resolved client config a flow actually runs with. */
|
|
81
|
+
export interface ResolvedClientConfig {
|
|
82
|
+
readonly provider: CalendarProviderId;
|
|
83
|
+
readonly clientId: string;
|
|
84
|
+
readonly clientSecret?: string;
|
|
85
|
+
readonly scopes: readonly string[];
|
|
86
|
+
readonly authorizationEndpoint: string;
|
|
87
|
+
readonly tokenEndpoint: string;
|
|
88
|
+
readonly deviceAuthorizationEndpoint: string;
|
|
89
|
+
readonly revocationEndpoint?: string;
|
|
90
|
+
readonly apiBaseUrl: string;
|
|
91
|
+
readonly extraAuthParams?: Readonly<Record<string, string>>;
|
|
92
|
+
readonly redirectHost?: string;
|
|
93
|
+
readonly redirectPort?: number;
|
|
94
|
+
/** True when clientId came from the bundled project default, not a user override. */
|
|
95
|
+
readonly usingBundledDefault: boolean;
|
|
96
|
+
/**
|
|
97
|
+
* True when the resolved clientId is still the honest placeholder — i.e. neither
|
|
98
|
+
* Mike's project registration nor a user override supplied a real id. A flow must
|
|
99
|
+
* refuse with `client-not-configured` in this state.
|
|
100
|
+
*/
|
|
101
|
+
readonly isPlaceholder: boolean;
|
|
102
|
+
}
|
|
103
|
+
/** A minimal HTTP response shape the connector reads. */
|
|
104
|
+
export interface HttpResponse {
|
|
105
|
+
readonly status: number;
|
|
106
|
+
readonly ok: boolean;
|
|
107
|
+
/** Response header lookup, case-insensitive by the fetch impl's contract. */
|
|
108
|
+
header(name: string): string | null;
|
|
109
|
+
json(): Promise<unknown>;
|
|
110
|
+
text(): Promise<string>;
|
|
111
|
+
}
|
|
112
|
+
/** A single outbound HTTP request the connector issues. */
|
|
113
|
+
export interface HttpRequest {
|
|
114
|
+
readonly url: string;
|
|
115
|
+
readonly method: 'GET' | 'POST' | 'DELETE' | 'PATCH';
|
|
116
|
+
readonly headers?: Readonly<Record<string, string>>;
|
|
117
|
+
readonly body?: string;
|
|
118
|
+
}
|
|
119
|
+
/** Injected network boundary. Tests supply a fake server behind this. */
|
|
120
|
+
export type HttpFetch = (req: HttpRequest) => Promise<HttpResponse>;
|
|
121
|
+
/**
|
|
122
|
+
* Injected loopback-redirect capture for the authorization-code flow. The real
|
|
123
|
+
* implementation binds 127.0.0.1 and waits for the browser callback; tests supply a
|
|
124
|
+
* fake that returns a canned code/state without any port.
|
|
125
|
+
*/
|
|
126
|
+
export interface LoopbackWaiter {
|
|
127
|
+
/** The redirect_uri the listener is bound to (http://127.0.0.1:<port>/<path>). */
|
|
128
|
+
readonly redirectUri: string;
|
|
129
|
+
/** Resolves with the authorization code once the browser hits the redirect. */
|
|
130
|
+
waitForCode(): Promise<{
|
|
131
|
+
readonly code: string;
|
|
132
|
+
readonly state: string;
|
|
133
|
+
}>;
|
|
134
|
+
close(): void;
|
|
135
|
+
}
|
|
136
|
+
/** Factory for a LoopbackWaiter bound to an expected state. Injected. */
|
|
137
|
+
export type LoopbackListenerFactory = (input: {
|
|
138
|
+
readonly expectedState: string;
|
|
139
|
+
readonly host?: string;
|
|
140
|
+
readonly port?: number;
|
|
141
|
+
readonly timeoutMs?: number;
|
|
142
|
+
}) => Promise<LoopbackWaiter>;
|
|
143
|
+
/**
|
|
144
|
+
* The narrow secret-store slice the token store needs. Matches the SDK
|
|
145
|
+
* SecretsManager surface (`Pick<SecretsManager, 'get' | 'set' | 'delete'>`), so a
|
|
146
|
+
* caller passes the real manager and tests pass a Map-backed fake.
|
|
147
|
+
*/
|
|
148
|
+
export interface SecretStoreSlice {
|
|
149
|
+
get(key: string): Promise<string | null>;
|
|
150
|
+
set(key: string, value: string): Promise<void>;
|
|
151
|
+
delete(key: string): Promise<void>;
|
|
152
|
+
}
|
|
153
|
+
/** A stored token set for one connected account. Persisted via the secret store. */
|
|
154
|
+
export interface StoredTokenSet {
|
|
155
|
+
readonly accessToken: string;
|
|
156
|
+
readonly refreshToken?: string;
|
|
157
|
+
readonly tokenType: string;
|
|
158
|
+
/**
|
|
159
|
+
* Epoch ms the access token expires. `parseTokenResponse` (oauth-flow.ts) always
|
|
160
|
+
* sets this — coercing a numeric-string `expires_in`, or falling back to a
|
|
161
|
+
* conservative default when the provider omits it or sends something unparsable —
|
|
162
|
+
* so a token set produced by this build's flows never reads as "never expires".
|
|
163
|
+
* Still optional at the type level for token sets constructed directly (e.g. tests,
|
|
164
|
+
* or a caller building one by hand) rather than through `parseTokenResponse`.
|
|
165
|
+
*/
|
|
166
|
+
readonly expiresAt?: number;
|
|
167
|
+
/** The scopes actually granted (from the token response), when stated. */
|
|
168
|
+
readonly scopes?: readonly string[];
|
|
169
|
+
/** Epoch ms this set was last written. */
|
|
170
|
+
readonly obtainedAt: number;
|
|
171
|
+
}
|
|
172
|
+
/** The honest live state of a connection, computed from its stored token set. */
|
|
173
|
+
export type ConnectionState =
|
|
174
|
+
/** Access token present and not past expiry (minus leeway). */
|
|
175
|
+
'connected'
|
|
176
|
+
/** Access token expired but a refresh token is present — a refresh will be tried. */
|
|
177
|
+
| 'refresh-due'
|
|
178
|
+
/** Refresh was attempted and failed; the user must reconnect. */
|
|
179
|
+
| 'reconnect-needed'
|
|
180
|
+
/** No token stored for this account. */
|
|
181
|
+
| 'disconnected';
|
|
182
|
+
/** Why a flow could not even start or complete, named honestly. */
|
|
183
|
+
export type FlowFailureReason =
|
|
184
|
+
/** The resolved client id is still the placeholder (project app not registered
|
|
185
|
+
* and no user override). */
|
|
186
|
+
'client-not-configured'
|
|
187
|
+
/** The provider rejected the token request (bad code, expired device code, etc.). */
|
|
188
|
+
| 'token-request-rejected'
|
|
189
|
+
/** The loopback redirect timed out waiting for the browser. */
|
|
190
|
+
| 'redirect-timeout'
|
|
191
|
+
/** The device-code authorization was declined or expired before approval. */
|
|
192
|
+
| 'device-code-expired'
|
|
193
|
+
/** A network-layer failure reaching the provider. */
|
|
194
|
+
| 'network-error';
|
|
195
|
+
/** The outcome of beginning an authorization-code flow. */
|
|
196
|
+
export interface AuthCodeFlowStart {
|
|
197
|
+
readonly authorizationUrl: string;
|
|
198
|
+
readonly state: string;
|
|
199
|
+
readonly verifier: string;
|
|
200
|
+
readonly redirectUri: string;
|
|
201
|
+
}
|
|
202
|
+
/** A device-code flow's user-facing step: show these, then poll. */
|
|
203
|
+
export interface DeviceCodeFlowStart {
|
|
204
|
+
readonly deviceCode: string;
|
|
205
|
+
readonly userCode: string;
|
|
206
|
+
readonly verificationUri: string;
|
|
207
|
+
/** Present when the provider returns a pre-filled verification URL. */
|
|
208
|
+
readonly verificationUriComplete?: string;
|
|
209
|
+
readonly expiresAt: number;
|
|
210
|
+
readonly intervalMs: number;
|
|
211
|
+
}
|
|
212
|
+
/** A degraded API state, each variant naming exactly what went wrong. */
|
|
213
|
+
export type ApiDegradedState = {
|
|
214
|
+
readonly kind: 'reconnect-needed';
|
|
215
|
+
readonly detail: string;
|
|
216
|
+
} | {
|
|
217
|
+
readonly kind: 'insufficient-scope';
|
|
218
|
+
readonly missingScope: string;
|
|
219
|
+
readonly detail: string;
|
|
220
|
+
} | {
|
|
221
|
+
readonly kind: 'rate-limited';
|
|
222
|
+
readonly retryAfterMs: number;
|
|
223
|
+
readonly detail: string;
|
|
224
|
+
} | {
|
|
225
|
+
readonly kind: 'network-error';
|
|
226
|
+
readonly detail: string;
|
|
227
|
+
} | {
|
|
228
|
+
readonly kind: 'provider-error';
|
|
229
|
+
readonly status: number;
|
|
230
|
+
readonly detail: string;
|
|
231
|
+
};
|
|
232
|
+
/**
|
|
233
|
+
* The one merged event model every source normalizes into. It is A9's CalendarEvent
|
|
234
|
+
* plus provenance: a source label and the provider ids needed to write back or
|
|
235
|
+
* de-duplicate. ICS/local events set source and omit the api-only ids.
|
|
236
|
+
*/
|
|
237
|
+
export interface MergedCalendarEvent extends CalendarEvent {
|
|
238
|
+
readonly source: CalendarSource;
|
|
239
|
+
/** The provider's own event id (Google eventId / Graph id), when from an API. */
|
|
240
|
+
readonly sourceEventId?: string;
|
|
241
|
+
/** The provider calendar this event belongs to, when from an API. */
|
|
242
|
+
readonly calendarId?: string;
|
|
243
|
+
/** A display label for the owning calendar/account, for source-labeled views. */
|
|
244
|
+
readonly calendarLabel?: string;
|
|
245
|
+
}
|
|
246
|
+
/** One connected calendar as listed from a provider (calendarList / me/calendars). */
|
|
247
|
+
export interface ProviderCalendar {
|
|
248
|
+
readonly id: string;
|
|
249
|
+
readonly name: string;
|
|
250
|
+
readonly provider: CalendarProviderId;
|
|
251
|
+
/** True for the account's primary calendar, when the provider marks one. */
|
|
252
|
+
readonly primary?: boolean;
|
|
253
|
+
/** True when the connected scopes allow creating events on this calendar. */
|
|
254
|
+
readonly canWrite: boolean;
|
|
255
|
+
}
|
|
256
|
+
/** A new event to create through a provider, in the shared shape. */
|
|
257
|
+
export interface NewCalendarEvent {
|
|
258
|
+
readonly summary: string;
|
|
259
|
+
readonly start: EventDateTime;
|
|
260
|
+
readonly end?: EventDateTime;
|
|
261
|
+
readonly location?: string;
|
|
262
|
+
readonly description?: string;
|
|
263
|
+
}
|
|
264
|
+
/** A connected account record (metadata; tokens live in the secret store). */
|
|
265
|
+
export interface ConnectedAccount {
|
|
266
|
+
readonly provider: CalendarProviderId;
|
|
267
|
+
/** A stable local id for this account (provider + a discriminator). */
|
|
268
|
+
readonly accountId: string;
|
|
269
|
+
/** A human label (the account email/UPN when known, else the provider name). */
|
|
270
|
+
readonly label: string;
|
|
271
|
+
readonly scopes: readonly string[];
|
|
272
|
+
readonly connectedAt: number;
|
|
273
|
+
}
|
|
274
|
+
//# sourceMappingURL=oauth-types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-types.d.ts","sourceRoot":"","sources":["../../../src/platform/calendar/oauth-types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAI/D,YAAY,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AAMxC,oEAAoE;AACpE,MAAM,MAAM,kBAAkB,GAAG,QAAQ,GAAG,WAAW,CAAC;AAExD,qFAAqF;AACrF,MAAM,MAAM,cAAc,GAAG,YAAY,GAAG,iBAAiB,GAAG,UAAU,GAAG,OAAO,CAAC;AAErF;;;;;GAKG;AACH,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;IACtC,iEAAiE;IACjE,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,qBAAqB,EAAE,MAAM,CAAC;IACvC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,mFAAmF;IACnF,QAAQ,CAAC,2BAA2B,EAAE,MAAM,CAAC;IAC7C,0FAA0F;IAC1F,QAAQ,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IACrC,4DAA4D;IAC5D,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,2DAA2D;IAC3D,QAAQ,CAAC,aAAa,EAAE,SAAS,MAAM,EAAE,CAAC;IAC1C;;;;;OAKG;IACH,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC;;;;OAIG;IACH,QAAQ,CAAC,mBAAmB,EAAE,MAAM,CAAC;IACrC,oFAAoF;IACpF,QAAQ,CAAC,eAAe,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;CAC7D;AAED,iFAAiF;AACjF,MAAM,WAAW,oBAAoB;IACnC,0EAA0E;IAC1E,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B;;;;OAIG;IACH,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,wEAAwE;IACxE,QAAQ,CAAC,MAAM,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACpC,mEAAmE;IACnE,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;CAChC;AAED,kEAAkE;AAClE,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;IACtC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,MAAM,EAAE,SAAS,MAAM,EAAE,CAAC;IACnC,QAAQ,CAAC,qBAAqB,EAAE,MAAM,CAAC;IACvC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,2BAA2B,EAAE,MAAM,CAAC;IAC7C,QAAQ,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IACrC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,eAAe,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5D,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,qFAAqF;IACrF,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC;IACtC;;;;OAIG;IACH,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;CACjC;AAMD,yDAAyD;AACzD,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAC;IACrB,6EAA6E;IAC7E,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;IACpC,IAAI,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;IACzB,IAAI,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CACzB;AAED,2DAA2D;AAC3D,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,MAAM,EAAE,KAAK,GAAG,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAC;IACrD,QAAQ,CAAC,OAAO,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IACpD,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,yEAAyE;AACzE,MAAM,MAAM,SAAS,GAAG,CAAC,GAAG,EAAE,WAAW,KAAK,OAAO,CAAC,YAAY,CAAC,CAAC;AAEpE;;;;GAIG;AACH,MAAM,WAAW,cAAc;IAC7B,kFAAkF;IAClF,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,+EAA+E;IAC/E,WAAW,IAAI,OAAO,CAAC;QAAE,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC1E,KAAK,IAAI,IAAI,CAAC;CACf;AAED,yEAAyE;AACzE,MAAM,MAAM,uBAAuB,GAAG,CAAC,KAAK,EAAE;IAC5C,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;CAC7B,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;AAE9B;;;;GAIG;AACH,MAAM,WAAW,gBAAgB;IAC/B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACpC;AAMD,oFAAoF;AACpF,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B;;;;;;;OAOG;IACH,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,0EAA0E;IAC1E,QAAQ,CAAC,MAAM,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACpC,0CAA0C;IAC1C,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;CAC7B;AAED,iFAAiF;AACjF,MAAM,MAAM,eAAe;AACzB,+DAA+D;AAC7D,WAAW;AACb,qFAAqF;GACnF,aAAa;AACf,iEAAiE;GAC/D,kBAAkB;AACpB,wCAAwC;GACtC,cAAc,CAAC;AAMnB,mEAAmE;AACnE,MAAM,MAAM,iBAAiB;AAC3B;6BAC6B;AAC3B,uBAAuB;AACzB,qFAAqF;GACnF,wBAAwB;AAC1B,+DAA+D;GAC7D,kBAAkB;AACpB,6EAA6E;GAC3E,qBAAqB;AACvB,qDAAqD;GACnD,eAAe,CAAC;AAEpB,2DAA2D;AAC3D,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;CAC9B;AAED,oEAAoE;AACpE,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC,uEAAuE;IACvE,QAAQ,CAAC,uBAAuB,CAAC,EAAE,MAAM,CAAC;IAC1C,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;CAC7B;AAED,yEAAyE;AACzE,MAAM,MAAM,gBAAgB,GACxB;IAAE,QAAQ,CAAC,IAAI,EAAE,kBAAkB,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CAAE,GAC9D;IAAE,QAAQ,CAAC,IAAI,EAAE,oBAAoB,CAAC;IAAC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CAAE,GAC/F;IAAE,QAAQ,CAAC,IAAI,EAAE,cAAc,CAAC;IAAC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CAAE,GACzF;IAAE,QAAQ,CAAC,IAAI,EAAE,eAAe,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CAAE,GAC3D;IAAE,QAAQ,CAAC,IAAI,EAAE,gBAAgB,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAM1F;;;;GAIG;AACH,MAAM,WAAW,mBAAoB,SAAQ,aAAa;IACxD,QAAQ,CAAC,MAAM,EAAE,cAAc,CAAC;IAChC,iFAAiF;IACjF,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,qEAAqE;IACrE,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,iFAAiF;IACjF,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;CACjC;AAED,sFAAsF;AACtF,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;IACtC,4EAA4E;IAC5E,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;IAC3B,6EAA6E;IAC7E,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;CAC5B;AAED,qEAAqE;AACrE,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,KAAK,EAAE,aAAa,CAAC;IAC9B,QAAQ,CAAC,GAAG,CAAC,EAAE,aAAa,CAAC;IAC7B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED,8EAA8E;AAC9E,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;IACtC,uEAAuE;IACvE,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,gFAAgF;IAChF,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,MAAM,EAAE,SAAS,MAAM,EAAE,CAAC;IACnC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;CAC9B"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* oauth-types.ts — the shared type surface for the calendar OAuth + API connector
|
|
3
|
+
* layer (One-Platform Wave 4, A10). Sits alongside A9's .ics reader/subscription
|
|
4
|
+
* store in the same module: A9 owns file/feed reading; this half owns authenticated
|
|
5
|
+
* provider connectivity (Google Calendar API v3, Microsoft Graph) over OAuth 2.0.
|
|
6
|
+
*
|
|
7
|
+
* Pure data shapes only — no fs, no network, no process globals. The network is an
|
|
8
|
+
* INJECTED boundary (HttpFetch); the loopback redirect capture is an INJECTED
|
|
9
|
+
* boundary (LoopbackWaiter); token persistence is an INJECTED secret store slice.
|
|
10
|
+
* Tests supply fakes for all three, so nothing here ever reaches a real network,
|
|
11
|
+
* a real port, or a real keychain.
|
|
12
|
+
*
|
|
13
|
+
* Honesty contract (see docs/decisions/2026-07-06-calendar-oauth-connector-sdk.md):
|
|
14
|
+
* - a token whose refresh fails is NEVER silently treated as valid; it surfaces as
|
|
15
|
+
* `connection-state: 'reconnect-needed'` naming the reason.
|
|
16
|
+
* - a 403 that names a missing scope surfaces as `insufficient-scope` naming the
|
|
17
|
+
* exact scope, not a generic failure.
|
|
18
|
+
* - the bundled project client id is an honest placeholder until Mike registers the
|
|
19
|
+
* project apps; a flow attempted against the placeholder reports
|
|
20
|
+
* `client-not-configured`, never a fake success.
|
|
21
|
+
*/
|
|
22
|
+
export {};
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* rrule.ts — a pure RRULE reader for an honest, deliberately-bounded subset.
|
|
3
|
+
*
|
|
4
|
+
* The honesty rule (see the decision record): an event's recurrence is either
|
|
5
|
+
* FULLY and correctly expanded, or NOT expanded at all with an explicit reason.
|
|
6
|
+
* We never emit occurrences from a rule we do not completely honor — a half-honored
|
|
7
|
+
* BYMONTHDAY would put events on wrong dates, which is worse than not expanding.
|
|
8
|
+
*
|
|
9
|
+
* Fully supported (expanded to real occurrences):
|
|
10
|
+
* - FREQ = DAILY | WEEKLY | MONTHLY | YEARLY
|
|
11
|
+
* - INTERVAL (default 1)
|
|
12
|
+
* - COUNT (occurrence cap)
|
|
13
|
+
* - UNTIL (inclusive end bound; DATE or date-time, 'Z' or floating)
|
|
14
|
+
* - BYDAY — ONLY for FREQ=WEEKLY with INTERVAL=1 and weekday-only tokens
|
|
15
|
+
* (MO,TU,WE,TH,FR,SA,SU with no leading ordinal). Under those
|
|
16
|
+
* conditions WKST does not change the matched set, so it is ignored
|
|
17
|
+
* safely. Any BYDAY outside that condition is treated as unsupported.
|
|
18
|
+
*
|
|
19
|
+
* Everything else present in the RRULE (BYMONTHDAY, BYMONTH, BYSETPOS, BYHOUR,
|
|
20
|
+
* BYWEEKNO, BYYEARDAY, ordinal BYDAY, BYDAY on non-weekly, INTERVAL>1 with BYDAY,
|
|
21
|
+
* or an unknown FREQ) marks the rule `unsupported` and names the offending part.
|
|
22
|
+
*
|
|
23
|
+
* PURE: no fs, no network, no process globals.
|
|
24
|
+
*/
|
|
25
|
+
import type { CalendarEvent, DateWindow, EventOccurrence, RecurrenceInfo } from './types.js';
|
|
26
|
+
/**
|
|
27
|
+
* Classify a raw RRULE into an honest RecurrenceInfo. Called by the parser at read
|
|
28
|
+
* time so the event carries its expansion verdict before any window is known.
|
|
29
|
+
*/
|
|
30
|
+
export declare function describeRecurrence(rule: string): RecurrenceInfo;
|
|
31
|
+
/**
|
|
32
|
+
* Expand a (possibly recurring) event into concrete occurrences inside [window.from,
|
|
33
|
+
* window.to] inclusive. A non-recurring event yields at most its single seed. An
|
|
34
|
+
* event whose recurrence is `unsupported` yields ONLY its seed (if in-window),
|
|
35
|
+
* flagged `isSeed`, never a fabricated series — the caller reads
|
|
36
|
+
* `event.recurrence.expansion` to label it "recurrence not fully expanded".
|
|
37
|
+
*/
|
|
38
|
+
export declare function expandEvent(event: CalendarEvent, window: DateWindow): EventOccurrence[];
|
|
39
|
+
//# sourceMappingURL=rrule.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rrule.d.ts","sourceRoot":"","sources":["../../../src/platform/calendar/rrule.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,KAAK,EACV,aAAa,EACb,UAAU,EACV,eAAe,EACf,cAAc,EACf,MAAM,YAAY,CAAC;AA0BpB;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,cAAc,CAoB/D;AAiED;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,UAAU,GAAG,eAAe,EAAE,CAqEvF"}
|