@pikku/core 0.12.2 → 0.12.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (282) hide show
  1. package/CHANGELOG.md +24 -0
  2. package/dist/crypto-utils.d.ts +10 -0
  3. package/dist/crypto-utils.js +62 -0
  4. package/dist/function/function-runner.js +4 -4
  5. package/dist/function/functions.types.d.ts +26 -1
  6. package/dist/function/functions.types.js +16 -0
  7. package/dist/handle-error.d.ts +1 -1
  8. package/dist/handle-error.js +7 -3
  9. package/dist/index.d.ts +14 -2
  10. package/dist/index.js +1 -1
  11. package/dist/pikku-state.js +3 -1
  12. package/dist/schema.js +1 -1
  13. package/dist/services/in-memory-workflow-service.d.ts +22 -3
  14. package/dist/services/in-memory-workflow-service.js +77 -1
  15. package/dist/services/workflow-service.d.ts +8 -2
  16. package/dist/testing/index.d.ts +2 -0
  17. package/dist/testing/index.js +1 -0
  18. package/dist/testing/service-tests.d.ts +31 -0
  19. package/dist/testing/service-tests.js +598 -0
  20. package/dist/types/core.types.d.ts +9 -1
  21. package/dist/types/state.types.d.ts +4 -2
  22. package/dist/utils/hash.d.ts +2 -0
  23. package/dist/utils/hash.js +23 -0
  24. package/dist/wirings/ai-agent/agent-dynamic-workflow.d.ts +6 -0
  25. package/dist/wirings/ai-agent/agent-dynamic-workflow.js +348 -0
  26. package/dist/wirings/ai-agent/ai-agent-memory.d.ts +1 -1
  27. package/dist/wirings/ai-agent/ai-agent-memory.js +6 -5
  28. package/dist/wirings/ai-agent/ai-agent-prepare.d.ts +10 -7
  29. package/dist/wirings/ai-agent/ai-agent-prepare.js +127 -47
  30. package/dist/wirings/ai-agent/ai-agent-runner.d.ts +4 -0
  31. package/dist/wirings/ai-agent/ai-agent-runner.js +381 -27
  32. package/dist/wirings/ai-agent/ai-agent-stream.d.ts +7 -2
  33. package/dist/wirings/ai-agent/ai-agent-stream.js +109 -46
  34. package/dist/wirings/ai-agent/ai-agent.types.d.ts +22 -1
  35. package/dist/wirings/ai-agent/index.d.ts +1 -2
  36. package/dist/wirings/ai-agent/index.js +1 -2
  37. package/dist/wirings/channel/channel-handler.js +5 -1
  38. package/dist/wirings/channel/channel.types.d.ts +1 -7
  39. package/dist/wirings/channel/local/local-channel-handler.d.ts +1 -1
  40. package/dist/wirings/channel/local/local-channel-handler.js +5 -3
  41. package/dist/wirings/channel/local/local-channel-runner.js +14 -4
  42. package/dist/wirings/channel/serverless/serverless-channel-runner.js +4 -1
  43. package/dist/wirings/cli/cli-runner.js +10 -2
  44. package/dist/wirings/cli/cli.types.d.ts +1 -0
  45. package/dist/wirings/http/http-routes.js +0 -1
  46. package/dist/wirings/http/http-runner.d.ts +1 -1
  47. package/dist/wirings/http/http-runner.js +25 -3
  48. package/dist/wirings/http/http.types.d.ts +3 -11
  49. package/dist/wirings/http/index.d.ts +2 -1
  50. package/dist/wirings/http/index.js +1 -0
  51. package/dist/wirings/http/pikku-fetch-http-request.d.ts +1 -0
  52. package/dist/wirings/http/pikku-fetch-http-request.js +3 -0
  53. package/dist/wirings/http/pikku-fetch-http-response.d.ts +1 -0
  54. package/dist/wirings/http/pikku-fetch-http-response.js +4 -4
  55. package/dist/wirings/http/web-request.d.ts +12 -0
  56. package/dist/wirings/http/web-request.js +85 -0
  57. package/dist/wirings/mcp/mcp-endpoint-registry.js +1 -1
  58. package/dist/wirings/mcp/mcp-runner.js +13 -1
  59. package/dist/wirings/rpc/rpc-runner.d.ts +30 -6
  60. package/dist/wirings/rpc/rpc-runner.js +36 -14
  61. package/dist/wirings/rpc/rpc-types.d.ts +6 -1
  62. package/dist/wirings/rpc/wire-addon.d.ts +1 -0
  63. package/dist/wirings/rpc/wire-addon.js +1 -1
  64. package/dist/wirings/scheduler/scheduler-runner.js +1 -0
  65. package/dist/wirings/workflow/graph/graph-validation.d.ts +3 -0
  66. package/dist/wirings/workflow/graph/graph-validation.js +175 -0
  67. package/dist/wirings/workflow/graph/index.d.ts +1 -0
  68. package/dist/wirings/workflow/graph/index.js +1 -0
  69. package/dist/wirings/workflow/index.d.ts +1 -1
  70. package/dist/wirings/workflow/pikku-workflow-service.d.ts +8 -2
  71. package/dist/wirings/workflow/pikku-workflow-service.js +1 -2
  72. package/dist/wirings/workflow/workflow.types.d.ts +10 -1
  73. package/lcov.info +18891 -0
  74. package/package.json +4 -2
  75. package/dist/wirings/ai-agent/ai-agent-assistant-ui.d.ts +0 -5
  76. package/dist/wirings/ai-agent/ai-agent-assistant-ui.js +0 -168
  77. package/src/crypto-utils.test.ts +0 -116
  78. package/src/crypto-utils.ts +0 -99
  79. package/src/errors/error-handler.ts +0 -62
  80. package/src/errors/error.test.ts +0 -195
  81. package/src/errors/errors.ts +0 -374
  82. package/src/errors/index.ts +0 -2
  83. package/src/factory-functions.test.ts +0 -109
  84. package/src/function/function-runner.test.ts +0 -536
  85. package/src/function/function-runner.ts +0 -365
  86. package/src/function/functions.types.ts +0 -267
  87. package/src/function/index.ts +0 -5
  88. package/src/handle-error.test.ts +0 -361
  89. package/src/handle-error.ts +0 -65
  90. package/src/index.ts +0 -104
  91. package/src/internal.ts +0 -6
  92. package/src/middleware/auth-apikey.test.ts +0 -363
  93. package/src/middleware/auth-apikey.ts +0 -47
  94. package/src/middleware/auth-bearer.test.ts +0 -450
  95. package/src/middleware/auth-bearer.ts +0 -72
  96. package/src/middleware/auth-cookie.test.ts +0 -528
  97. package/src/middleware/auth-cookie.ts +0 -80
  98. package/src/middleware/cors.test.ts +0 -424
  99. package/src/middleware/cors.ts +0 -104
  100. package/src/middleware/index.ts +0 -5
  101. package/src/middleware/remote-auth.test.ts +0 -488
  102. package/src/middleware/remote-auth.ts +0 -68
  103. package/src/middleware/timeout.ts +0 -15
  104. package/src/middleware-runner.test.ts +0 -418
  105. package/src/middleware-runner.ts +0 -234
  106. package/src/permissions.test.ts +0 -434
  107. package/src/permissions.ts +0 -319
  108. package/src/pikku-request.ts +0 -23
  109. package/src/pikku-response.ts +0 -5
  110. package/src/pikku-state.test.ts +0 -224
  111. package/src/pikku-state.ts +0 -214
  112. package/src/run-tests-script.test.ts +0 -49
  113. package/src/schema.test.ts +0 -249
  114. package/src/schema.ts +0 -151
  115. package/src/services/ai-agent-runner-service.ts +0 -41
  116. package/src/services/ai-run-state-service.ts +0 -20
  117. package/src/services/ai-storage-service.ts +0 -39
  118. package/src/services/content-service.ts +0 -76
  119. package/src/services/deployment-service.ts +0 -22
  120. package/src/services/gateway-service.ts +0 -20
  121. package/src/services/gopass-secrets.ts +0 -98
  122. package/src/services/in-memory-ai-run-state-service.ts +0 -73
  123. package/src/services/in-memory-trigger-service.ts +0 -64
  124. package/src/services/in-memory-workflow-service.test.ts +0 -351
  125. package/src/services/in-memory-workflow-service.ts +0 -395
  126. package/src/services/index.ts +0 -56
  127. package/src/services/jwt-service.ts +0 -30
  128. package/src/services/local-content.ts +0 -120
  129. package/src/services/local-gateway-service.ts +0 -62
  130. package/src/services/local-secrets.test.ts +0 -80
  131. package/src/services/local-secrets.ts +0 -94
  132. package/src/services/local-variables.test.ts +0 -61
  133. package/src/services/local-variables.ts +0 -39
  134. package/src/services/logger-console.test.ts +0 -118
  135. package/src/services/logger-console.ts +0 -98
  136. package/src/services/logger.ts +0 -57
  137. package/src/services/scheduler-service.ts +0 -86
  138. package/src/services/schema-service.ts +0 -33
  139. package/src/services/scoped-secret-service.test.ts +0 -74
  140. package/src/services/scoped-secret-service.ts +0 -41
  141. package/src/services/secret-service.ts +0 -38
  142. package/src/services/trigger-service.ts +0 -17
  143. package/src/services/typed-secret-service.test.ts +0 -93
  144. package/src/services/typed-secret-service.ts +0 -70
  145. package/src/services/typed-variables-service.test.ts +0 -73
  146. package/src/services/typed-variables-service.ts +0 -81
  147. package/src/services/user-session-service.test.ts +0 -113
  148. package/src/services/user-session-service.ts +0 -86
  149. package/src/services/variables-service.ts +0 -11
  150. package/src/services/workflow-service.ts +0 -84
  151. package/src/time-utils.test.ts +0 -56
  152. package/src/time-utils.ts +0 -107
  153. package/src/types/core.types.ts +0 -470
  154. package/src/types/state.types.ts +0 -186
  155. package/src/utils.test.ts +0 -350
  156. package/src/utils.ts +0 -129
  157. package/src/version.test.ts +0 -80
  158. package/src/version.ts +0 -25
  159. package/src/wirings/ai-agent/ai-agent-assistant-ui.test.ts +0 -363
  160. package/src/wirings/ai-agent/ai-agent-assistant-ui.ts +0 -238
  161. package/src/wirings/ai-agent/ai-agent-helpers.test.ts +0 -152
  162. package/src/wirings/ai-agent/ai-agent-helpers.ts +0 -76
  163. package/src/wirings/ai-agent/ai-agent-memory.ts +0 -309
  164. package/src/wirings/ai-agent/ai-agent-model-config.test.ts +0 -115
  165. package/src/wirings/ai-agent/ai-agent-model-config.ts +0 -43
  166. package/src/wirings/ai-agent/ai-agent-prepare.ts +0 -522
  167. package/src/wirings/ai-agent/ai-agent-registry.test.ts +0 -37
  168. package/src/wirings/ai-agent/ai-agent-registry.ts +0 -82
  169. package/src/wirings/ai-agent/ai-agent-runner.test.ts +0 -317
  170. package/src/wirings/ai-agent/ai-agent-runner.ts +0 -251
  171. package/src/wirings/ai-agent/ai-agent-stream.test.ts +0 -652
  172. package/src/wirings/ai-agent/ai-agent-stream.ts +0 -1060
  173. package/src/wirings/ai-agent/ai-agent.types.ts +0 -360
  174. package/src/wirings/ai-agent/index.ts +0 -41
  175. package/src/wirings/channel/channel-common.ts +0 -90
  176. package/src/wirings/channel/channel-handler.ts +0 -241
  177. package/src/wirings/channel/channel-middleware-runner.ts +0 -120
  178. package/src/wirings/channel/channel-runner.ts +0 -166
  179. package/src/wirings/channel/channel-store.ts +0 -29
  180. package/src/wirings/channel/channel.types.ts +0 -178
  181. package/src/wirings/channel/define-channel-routes.ts +0 -25
  182. package/src/wirings/channel/eventhub-service.ts +0 -34
  183. package/src/wirings/channel/eventhub-store.ts +0 -13
  184. package/src/wirings/channel/index.ts +0 -24
  185. package/src/wirings/channel/local/index.ts +0 -3
  186. package/src/wirings/channel/local/local-channel-handler.ts +0 -79
  187. package/src/wirings/channel/local/local-channel-runner.test.ts +0 -215
  188. package/src/wirings/channel/local/local-channel-runner.ts +0 -200
  189. package/src/wirings/channel/local/local-eventhub-service.test.ts +0 -95
  190. package/src/wirings/channel/local/local-eventhub-service.ts +0 -101
  191. package/src/wirings/channel/log-channels.ts +0 -20
  192. package/src/wirings/channel/pikku-abstract-channel-handler.test.ts +0 -54
  193. package/src/wirings/channel/pikku-abstract-channel-handler.ts +0 -45
  194. package/src/wirings/channel/serverless/index.ts +0 -5
  195. package/src/wirings/channel/serverless/serverless-channel-runner.ts +0 -286
  196. package/src/wirings/cli/channel/cli-channel-runner.ts +0 -136
  197. package/src/wirings/cli/channel/index.ts +0 -1
  198. package/src/wirings/cli/cli-runner.test.ts +0 -403
  199. package/src/wirings/cli/cli-runner.ts +0 -519
  200. package/src/wirings/cli/cli.types.ts +0 -357
  201. package/src/wirings/cli/command-parser.test.ts +0 -445
  202. package/src/wirings/cli/command-parser.ts +0 -504
  203. package/src/wirings/cli/define-cli-commands.ts +0 -24
  204. package/src/wirings/cli/index.ts +0 -19
  205. package/src/wirings/gateway/gateway-runner.test.ts +0 -474
  206. package/src/wirings/gateway/gateway-runner.ts +0 -411
  207. package/src/wirings/gateway/gateway.types.ts +0 -149
  208. package/src/wirings/gateway/index.ts +0 -13
  209. package/src/wirings/http/http-routes.test.ts +0 -322
  210. package/src/wirings/http/http-routes.ts +0 -198
  211. package/src/wirings/http/http-runner.test.ts +0 -144
  212. package/src/wirings/http/http-runner.ts +0 -563
  213. package/src/wirings/http/http.types.ts +0 -378
  214. package/src/wirings/http/index.ts +0 -25
  215. package/src/wirings/http/log-http-routes.ts +0 -22
  216. package/src/wirings/http/pikku-fetch-http-request.test.ts +0 -237
  217. package/src/wirings/http/pikku-fetch-http-request.ts +0 -166
  218. package/src/wirings/http/pikku-fetch-http-response.test.ts +0 -82
  219. package/src/wirings/http/pikku-fetch-http-response.ts +0 -147
  220. package/src/wirings/http/routers/http-router.ts +0 -13
  221. package/src/wirings/http/routers/path-to-regex.test.ts +0 -319
  222. package/src/wirings/http/routers/path-to-regex.ts +0 -126
  223. package/src/wirings/mcp/index.ts +0 -27
  224. package/src/wirings/mcp/mcp-endpoint-registry.test.ts +0 -389
  225. package/src/wirings/mcp/mcp-endpoint-registry.ts +0 -159
  226. package/src/wirings/mcp/mcp-runner.ts +0 -305
  227. package/src/wirings/mcp/mcp.types.ts +0 -216
  228. package/src/wirings/node/index.ts +0 -2
  229. package/src/wirings/node/node.types.ts +0 -23
  230. package/src/wirings/oauth2/index.ts +0 -3
  231. package/src/wirings/oauth2/oauth2-client.test.ts +0 -929
  232. package/src/wirings/oauth2/oauth2-client.ts +0 -335
  233. package/src/wirings/oauth2/oauth2.types.ts +0 -69
  234. package/src/wirings/oauth2/wire-oauth2-credential.ts +0 -23
  235. package/src/wirings/queue/index.ts +0 -31
  236. package/src/wirings/queue/queue-runner.test.ts +0 -710
  237. package/src/wirings/queue/queue-runner.ts +0 -192
  238. package/src/wirings/queue/queue.types.ts +0 -189
  239. package/src/wirings/queue/register-queue-helper.ts +0 -60
  240. package/src/wirings/queue/validate-worker-config.test.ts +0 -108
  241. package/src/wirings/queue/validate-worker-config.ts +0 -116
  242. package/src/wirings/rpc/index.ts +0 -4
  243. package/src/wirings/rpc/rpc-runner.ts +0 -439
  244. package/src/wirings/rpc/rpc-types.ts +0 -51
  245. package/src/wirings/rpc/wire-addon.ts +0 -20
  246. package/src/wirings/scheduler/index.ts +0 -11
  247. package/src/wirings/scheduler/log-schedulers.ts +0 -20
  248. package/src/wirings/scheduler/scheduler-runner.test.ts +0 -660
  249. package/src/wirings/scheduler/scheduler-runner.ts +0 -132
  250. package/src/wirings/scheduler/scheduler.types.ts +0 -53
  251. package/src/wirings/secret/index.ts +0 -9
  252. package/src/wirings/secret/secret.types.ts +0 -32
  253. package/src/wirings/secret/validate-secret-definitions.test.ts +0 -140
  254. package/src/wirings/secret/validate-secret-definitions.ts +0 -82
  255. package/src/wirings/trigger/index.ts +0 -10
  256. package/src/wirings/trigger/pikku-trigger-service.ts +0 -112
  257. package/src/wirings/trigger/trigger-runner.test.ts +0 -79
  258. package/src/wirings/trigger/trigger-runner.ts +0 -135
  259. package/src/wirings/trigger/trigger.types.ts +0 -178
  260. package/src/wirings/variable/index.ts +0 -8
  261. package/src/wirings/variable/validate-variable-definitions.test.ts +0 -91
  262. package/src/wirings/variable/validate-variable-definitions.ts +0 -69
  263. package/src/wirings/variable/variable.types.ts +0 -22
  264. package/src/wirings/workflow/dsl/index.ts +0 -31
  265. package/src/wirings/workflow/dsl/workflow-dsl.types.ts +0 -320
  266. package/src/wirings/workflow/dsl/workflow-runner.ts +0 -28
  267. package/src/wirings/workflow/graph/graph-node.ts +0 -222
  268. package/src/wirings/workflow/graph/graph-runner.test.ts +0 -487
  269. package/src/wirings/workflow/graph/graph-runner.ts +0 -816
  270. package/src/wirings/workflow/graph/index.ts +0 -14
  271. package/src/wirings/workflow/graph/template.test.ts +0 -49
  272. package/src/wirings/workflow/graph/template.ts +0 -42
  273. package/src/wirings/workflow/graph/wire-workflow-graph.ts +0 -29
  274. package/src/wirings/workflow/graph/workflow-graph.types.ts +0 -104
  275. package/src/wirings/workflow/index.ts +0 -81
  276. package/src/wirings/workflow/pikku-workflow-service.test.ts +0 -200
  277. package/src/wirings/workflow/pikku-workflow-service.ts +0 -1165
  278. package/src/wirings/workflow/workflow-helpers.test.ts +0 -129
  279. package/src/wirings/workflow/workflow-helpers.ts +0 -79
  280. package/src/wirings/workflow/workflow.types.ts +0 -266
  281. package/tsconfig.json +0 -14
  282. package/tsconfig.tsbuildinfo +0 -1
@@ -1,335 +0,0 @@
1
- import type { OAuth2Token, OAuth2AppCredential } from './oauth2.types.js'
2
- import type { OAuth2CredentialConfig } from '../secret/secret.types.js'
3
- import type { SecretService } from '../../services/secret-service.js'
4
-
5
- /**
6
- * OAuth2 client that acts as a service.
7
- * Created once in createSingletonServices, handles token caching and refresh internally.
8
- * Functions use it directly via oauth.request().
9
- *
10
- * @example
11
- * ```typescript
12
- * // In services.ts
13
- * export const createSingletonServices = async (config, { secrets }) => {
14
- * return {
15
- * slackOAuth: new OAuth2Client(
16
- * { tokenSecretId: 'SLACK_TOKENS', authorizationUrl: '...', tokenUrl: '...', scopes: [] },
17
- * 'SLACK_APP_CREDS',
18
- * secrets
19
- * ),
20
- * }
21
- * }
22
- *
23
- * // In function
24
- * export const postMessage = pikkuFunc(async ({ slackOAuth }, { channel, text }) => {
25
- * const response = await slackOAuth.request('https://slack.com/api/chat.postMessage', {
26
- * method: 'POST',
27
- * body: JSON.stringify({ channel, text }),
28
- * })
29
- * return response.json()
30
- * })
31
- * ```
32
- */
33
- const DEFAULT_TIMEOUT_MS = 30000
34
-
35
- /**
36
- * Helper to fetch with a timeout using AbortController.
37
- */
38
- async function fetchWithTimeout(
39
- url: string,
40
- options: RequestInit,
41
- timeoutMs: number = DEFAULT_TIMEOUT_MS
42
- ): Promise<Response> {
43
- const controller = new AbortController()
44
- const timeoutId = setTimeout(() => controller.abort(), timeoutMs)
45
-
46
- try {
47
- return await fetch(url, {
48
- ...options,
49
- signal: controller.signal,
50
- })
51
- } finally {
52
- clearTimeout(timeoutId)
53
- }
54
- }
55
-
56
- export class OAuth2Client {
57
- private cachedToken: OAuth2Token | null = null
58
- private cachedAppCredential: OAuth2AppCredential | null = null
59
- private refreshPromise: Promise<OAuth2Token> | null = null
60
-
61
- constructor(
62
- private oauth2Config: OAuth2CredentialConfig,
63
- private appCredentialSecretId: string,
64
- private secrets: SecretService
65
- ) {}
66
-
67
- /**
68
- * Make an authenticated request. Handles token caching and 401 refresh.
69
- */
70
- async request(
71
- url: string,
72
- options?: RequestInit,
73
- timeoutMs: number = DEFAULT_TIMEOUT_MS
74
- ): Promise<Response> {
75
- const token = await this.getAccessToken()
76
-
77
- const response = await fetchWithTimeout(
78
- url,
79
- {
80
- ...options,
81
- headers: {
82
- ...options?.headers,
83
- Authorization: `Bearer ${token}`,
84
- },
85
- },
86
- timeoutMs
87
- )
88
-
89
- // Auto-retry on 401 after refresh
90
- if (response.status === 401) {
91
- const newToken = await this.refreshAndGetToken()
92
- return fetchWithTimeout(
93
- url,
94
- {
95
- ...options,
96
- headers: {
97
- ...options?.headers,
98
- Authorization: `Bearer ${newToken}`,
99
- },
100
- },
101
- timeoutMs
102
- )
103
- }
104
-
105
- return response
106
- }
107
-
108
- /**
109
- * Get cached token or load from secrets.
110
- */
111
- async getAccessToken(): Promise<string> {
112
- // Return cached token if valid
113
- if (this.cachedToken) {
114
- if (this.isTokenValid(this.cachedToken)) {
115
- return this.cachedToken.accessToken
116
- }
117
- // Token expired, try to refresh
118
- if (this.cachedToken.refreshToken) {
119
- return this.refreshAndGetToken()
120
- }
121
- // Token expired and no refresh token available
122
- throw new Error('OAuth2 token expired and no refresh token available')
123
- }
124
-
125
- // Load from secrets
126
- const token = await this.secrets.getSecretJSON<OAuth2Token>(
127
- this.oauth2Config.tokenSecretId
128
- )
129
- this.cachedToken = token
130
-
131
- // Check if loaded token is expired and needs refresh
132
- if (!this.isTokenValid(token)) {
133
- if (token.refreshToken) {
134
- return this.refreshAndGetToken()
135
- }
136
- // Token expired and no refresh token available
137
- throw new Error('OAuth2 token expired and no refresh token available')
138
- }
139
-
140
- return token.accessToken
141
- }
142
-
143
- /**
144
- * Refresh token and update cache.
145
- * Uses a promise lock to prevent concurrent refresh attempts.
146
- */
147
- private async refreshAndGetToken(): Promise<string> {
148
- // If already refreshing, wait for that to complete
149
- if (this.refreshPromise) {
150
- const token = await this.refreshPromise
151
- return token.accessToken
152
- }
153
-
154
- // Start refresh
155
- this.refreshPromise = this.doRefreshToken()
156
-
157
- try {
158
- const token = await this.refreshPromise
159
- this.cachedToken = token
160
- return token.accessToken
161
- } finally {
162
- this.refreshPromise = null
163
- }
164
- }
165
-
166
- /**
167
- * Perform the actual token refresh.
168
- */
169
- private async doRefreshToken(): Promise<OAuth2Token> {
170
- if (!this.cachedToken?.refreshToken) {
171
- throw new Error('No refresh token available')
172
- }
173
-
174
- const appCredential = await this.getAppCredential()
175
-
176
- const params = new URLSearchParams({
177
- grant_type: 'refresh_token',
178
- refresh_token: this.cachedToken.refreshToken,
179
- client_id: appCredential.clientId,
180
- })
181
-
182
- if (appCredential.clientSecret) {
183
- params.set('client_secret', appCredential.clientSecret)
184
- }
185
-
186
- const response = await fetchWithTimeout(this.oauth2Config.tokenUrl, {
187
- method: 'POST',
188
- headers: {
189
- 'Content-Type': 'application/x-www-form-urlencoded',
190
- },
191
- body: params.toString(),
192
- })
193
-
194
- if (!response.ok) {
195
- throw new Error(`Token refresh failed: ${response.status}`)
196
- }
197
-
198
- const data = await response.json()
199
-
200
- if (!data.access_token || typeof data.access_token !== 'string') {
201
- throw new Error('Invalid token response: missing access_token')
202
- }
203
-
204
- const token: OAuth2Token = {
205
- accessToken: data.access_token,
206
- refreshToken: data.refresh_token || this.cachedToken.refreshToken,
207
- expiresAt: data.expires_in
208
- ? Date.now() + data.expires_in * 1000
209
- : undefined,
210
- tokenType: data.token_type || 'Bearer',
211
- scope: data.scope,
212
- }
213
-
214
- // Cache and persist the refreshed token
215
- this.cachedToken = token
216
- await this.secrets.setSecretJSON(this.oauth2Config.tokenSecretId, token)
217
-
218
- return token
219
- }
220
-
221
- /**
222
- * Check if token is valid (not expired).
223
- */
224
- private isTokenValid(token: OAuth2Token): boolean {
225
- if (!token.expiresAt) {
226
- return true // No expiry info, assume valid
227
- }
228
- // Add 60 second buffer to account for clock skew
229
- return token.expiresAt > Date.now() + 60000
230
- }
231
-
232
- /**
233
- * Get app credentials (cached).
234
- */
235
- private async getAppCredential(): Promise<OAuth2AppCredential> {
236
- if (this.cachedAppCredential) {
237
- return this.cachedAppCredential
238
- }
239
- this.cachedAppCredential =
240
- await this.secrets.getSecretJSON<OAuth2AppCredential>(
241
- this.appCredentialSecretId
242
- )
243
- return this.cachedAppCredential
244
- }
245
-
246
- // ========================================
247
- // CLI-only methods (for pikku oauth connect)
248
- // ========================================
249
-
250
- /**
251
- * Generate OAuth2 authorization URL.
252
- * Used by CLI during `pikku oauth connect`.
253
- */
254
- async getAuthorizationUrl(
255
- state: string,
256
- redirectUri: string
257
- ): Promise<string> {
258
- const appCredential = await this.getAppCredential()
259
-
260
- const params = new URLSearchParams({
261
- response_type: 'code',
262
- client_id: appCredential.clientId,
263
- redirect_uri: redirectUri,
264
- scope: this.oauth2Config.scopes.join(' '),
265
- state,
266
- })
267
-
268
- // Add PKCE if enabled
269
- // Note: code_verifier should be stored and passed to exchangeCode
270
- // For now, PKCE implementation is simplified
271
-
272
- // Add any additional params
273
- if (this.oauth2Config.additionalParams) {
274
- for (const [key, value] of Object.entries(
275
- this.oauth2Config.additionalParams
276
- )) {
277
- params.set(key, value)
278
- }
279
- }
280
-
281
- return `${this.oauth2Config.authorizationUrl}?${params.toString()}`
282
- }
283
-
284
- /**
285
- * Exchange authorization code for tokens.
286
- * Used by CLI during `pikku oauth connect`.
287
- */
288
- async exchangeCode(code: string, redirectUri: string): Promise<OAuth2Token> {
289
- const appCredential = await this.getAppCredential()
290
-
291
- const params = new URLSearchParams({
292
- grant_type: 'authorization_code',
293
- code,
294
- redirect_uri: redirectUri,
295
- client_id: appCredential.clientId,
296
- })
297
-
298
- if (appCredential.clientSecret) {
299
- params.set('client_secret', appCredential.clientSecret)
300
- }
301
-
302
- const response = await fetchWithTimeout(this.oauth2Config.tokenUrl, {
303
- method: 'POST',
304
- headers: {
305
- 'Content-Type': 'application/x-www-form-urlencoded',
306
- },
307
- body: params.toString(),
308
- })
309
-
310
- if (!response.ok) {
311
- throw new Error(`Token exchange failed: ${response.status}`)
312
- }
313
-
314
- const data = await response.json()
315
-
316
- if (!data.access_token || typeof data.access_token !== 'string') {
317
- throw new Error('Invalid token response: missing access_token')
318
- }
319
-
320
- const token: OAuth2Token = {
321
- accessToken: data.access_token,
322
- refreshToken: data.refresh_token,
323
- expiresAt: data.expires_in
324
- ? Date.now() + data.expires_in * 1000
325
- : undefined,
326
- tokenType: data.token_type || 'Bearer',
327
- scope: data.scope,
328
- }
329
-
330
- // Cache the token
331
- this.cachedToken = token
332
-
333
- return token
334
- }
335
- }
@@ -1,69 +0,0 @@
1
- /**
2
- * OAuth2 credential and token types.
3
- */
4
-
5
- /**
6
- * App credentials for OAuth2 (client ID and secret).
7
- * These are typically set once and stored in the secret service.
8
- */
9
- export type OAuth2AppCredential = {
10
- clientId: string
11
- clientSecret?: string // Optional for PKCE flows
12
- }
13
-
14
- /**
15
- * OAuth2 token data returned from token endpoint.
16
- */
17
- export type OAuth2Token = {
18
- accessToken: string
19
- refreshToken?: string
20
- expiresAt?: number // Unix timestamp
21
- tokenType: string
22
- scope?: string
23
- }
24
-
25
- /**
26
- * OAuth2-specific configuration that extends a credential.
27
- * This is stored in SecretDefinitionMeta.oauth2 field.
28
- */
29
- export type OAuth2Config = {
30
- /** Where access/refresh tokens are stored */
31
- tokenSecretId: string
32
- /** OAuth2 authorization URL */
33
- authorizationUrl: string
34
- /** OAuth2 token exchange URL */
35
- tokenUrl: string
36
- /** Required scopes */
37
- scopes: string[]
38
- /** Use PKCE flow */
39
- pkce?: boolean
40
- /** Additional query parameters for authorization URL */
41
- additionalParams?: Record<string, string>
42
- }
43
-
44
- /**
45
- * Configuration for wireOAuth2Credential.
46
- * Combines standard credential fields with OAuth2-specific config.
47
- */
48
- export type CoreOAuth2Credential = {
49
- /** Unique identifier for this credential */
50
- name: string
51
- /** Human-readable name for UI display */
52
- displayName: string
53
- /** Optional description for UI */
54
- description?: string
55
- /** Key used with SecretService to retrieve app credentials (clientId/clientSecret) */
56
- secretId: string
57
- /** Where access/refresh tokens are stored */
58
- tokenSecretId: string
59
- /** OAuth2 authorization URL */
60
- authorizationUrl: string
61
- /** OAuth2 token exchange URL */
62
- tokenUrl: string
63
- /** Required scopes */
64
- scopes: string[]
65
- /** Use PKCE flow */
66
- pkce?: boolean
67
- /** Additional query parameters for authorization URL */
68
- additionalParams?: Record<string, string>
69
- }
@@ -1,23 +0,0 @@
1
- import type { CoreOAuth2Credential } from './oauth2.types.js'
2
-
3
- /**
4
- * No-op function for declaring OAuth2 credentials.
5
- * This exists purely for TypeScript type checking and will be tree-shaken.
6
- * The CLI extracts metadata via AST parsing.
7
- *
8
- * @example
9
- * ```typescript
10
- * wireOAuth2Credential({
11
- * name: 'slackOAuth',
12
- * displayName: 'Slack OAuth',
13
- * secretId: 'SLACK_OAUTH_APP',
14
- * tokenSecretId: 'SLACK_OAUTH_TOKENS',
15
- * authorizationUrl: 'https://slack.com/oauth/v2/authorize',
16
- * tokenUrl: 'https://slack.com/api/oauth.v2.access',
17
- * scopes: ['chat:write', 'channels:read'],
18
- * })
19
- * ```
20
- */
21
- export const wireOAuth2Credential = (_config: CoreOAuth2Credential): void => {
22
- // No-op - metadata only, extracted by CLI via AST
23
- }
@@ -1,31 +0,0 @@
1
- export type {
2
- ConfigValidationResult,
3
- CoreQueueWorker,
4
- JobOptions,
5
- PikkuJobConfig,
6
- PikkuWorkerConfig,
7
- PikkuQueue,
8
- QueueJob,
9
- QueueJobStatus,
10
- QueueService,
11
- QueueWorkers,
12
- QueueWorkersMeta,
13
- } from './queue.types.js'
14
-
15
- // Queue processor management
16
- export {
17
- wireQueueWorker,
18
- runQueueJob,
19
- getQueueWorkers,
20
- removeQueueWorker,
21
- QueueJobDiscardedError,
22
- QueueJobFailedError,
23
- } from './queue-runner.js'
24
-
25
- // Configuration validation
26
- export { validateWorkerConfig } from './validate-worker-config.js'
27
- export type { QueueConfigMapping } from './validate-worker-config.js'
28
-
29
- // Queue registration helper
30
- export { registerQueueWorkers } from './register-queue-helper.js'
31
- export type { QueueRegistrationCallback } from './register-queue-helper.js'