@resultcrafter/aimanager-instagram-connector 0.1.2 → 0.2.0

package/aimanager/InstagramOAuth.js

@@ -0,0 +1,155 @@
+var crypto = require('crypto');
+var axios = require('axios');
+
+var INSTAGRAM_OAUTH_BASE = 'https://www.instagram.com/oauth';
+var INSTAGRAM_API_BASE = 'https://api.instagram.com/oauth';
+var INSTAGRAM_GRAPH_BASE = 'https://graph.instagram.com';
+
+function getConfig() {
+  return {
+    appId: process.env.INSTAGRAM_APP_ID,
+    appSecret: process.env.INSTAGRAM_APP_SECRET,
+    redirectUri: process.env.INSTAGRAM_REDIRECT_URI,
+    stateSecret: process.env.OAUTH_STATE_SECRET || process.env.INSTAGRAM_APP_SECRET || 'default_secret',
+    scopes: ['instagram_business_basic', 'instagram_business_manage_messages'].join(',')
+  };
+}
+
+function generateState(sessionId, projectId) {
+  var data = {
+    sessionId: sessionId || crypto.randomBytes(16).toString('hex'),
+    project_id: projectId,
+    timestamp: Date.now(),
+    nonce: crypto.randomBytes(8).toString('hex')
+  };
+  var cfg = getConfig();
+  var hmac = crypto.createHmac('sha256', cfg.stateSecret);
+  hmac.update(JSON.stringify(data));
+  var state = Buffer.from(JSON.stringify({
+    data: data,
+    signature: hmac.digest('hex')
+  })).toString('base64url');
+  return state;
+}
+
+function verifyState(state) {
+  try {
+    var cfg = getConfig();
+    var decoded = JSON.parse(Buffer.from(state, 'base64url').toString());
+    var hmac = crypto.createHmac('sha256', cfg.stateSecret);
+    hmac.update(JSON.stringify(decoded.data));
+    if (decoded.signature !== hmac.digest('hex')) return null;
+    if (Date.now() - decoded.data.timestamp > 600000) return null;
+    return decoded.data;
+  } catch (e) {
+    return null;
+  }
+}
+
+function getAuthorizationUrl(projectId, token, appId) {
+  var cfg = getConfig();
+  if (!cfg.appId) throw new Error('INSTAGRAM_APP_ID not configured');
+  if (!cfg.redirectUri) throw new Error('INSTAGRAM_REDIRECT_URI not configured');
+  var state = generateState(null, projectId);
+  var params = new URLSearchParams({
+    client_id: cfg.appId,
+    redirect_uri: cfg.redirectUri,
+    scope: cfg.scopes,
+    response_type: 'code',
+    state: state
+  });
+  return { url: INSTAGRAM_OAUTH_BASE + '/authorize?' + params.toString(), state: state };
+}
+
+async function exchangeCodeForToken(code) {
+  var cfg = getConfig();
+  if (!cfg.appId || !cfg.appSecret) throw new Error('Instagram app credentials not configured');
+  var tokenRes = await axios.post(INSTAGRAM_API_BASE + '/access_token',
+    new URLSearchParams({
+      client_id: cfg.appId,
+      client_secret: cfg.appSecret,
+      grant_type: 'authorization_code',
+      redirect_uri: cfg.redirectUri,
+      code: code
+    }),
+    { headers: { 'Content-Type': 'application/x-www-form-urlencoded' } }
+  );
+  var shortToken = tokenRes.data.access_token;
+  var userId = tokenRes.data.user_id;
+  var longRes = await axios.get(INSTAGRAM_GRAPH_BASE + '/access_token', {
+    params: { grant_type: 'ig_exchange_token', client_secret: cfg.appSecret, access_token: shortToken }
+  });
+  var longToken = longRes.data.access_token;
+  var userInfo = await getUserInfo(longToken);
+  return {
+    access_token: longToken,
+    token_type: longRes.data.token_type,
+    expires_in: longRes.data.expires_in,
+    user_id: userId,
+    instagram_business_id: userInfo.instagram_business_id || userInfo.user_id || userId,
+    username: userInfo.username,
+    user_info: userInfo,
+    created_at: Date.now(),
+    expires_at: Date.now() + (longRes.data.expires_in * 1000)
+  };
+}
+
+async function refreshToken(currentToken) {
+  var cfg = getConfig();
+  var res = await axios.get(INSTAGRAM_GRAPH_BASE + '/refresh_access_token', {
+    params: { grant_type: 'ig_refresh_token', access_token: currentToken }
+  });
+  return {
+    access_token: res.data.access_token,
+    token_type: res.data.token_type,
+    expires_in: res.data.expires_in,
+    created_at: Date.now(),
+    expires_at: Date.now() + (res.data.expires_in * 1000)
+  };
+}
+
+async function getUserInfo(accessToken) {
+  try {
+    var res = await axios.get(INSTAGRAM_GRAPH_BASE + '/v23.0/me', {
+      params: {
+        fields: 'id,user_id,username,name,account_type,media_count,followers_count,follows_count,profile_picture_url',
+        access_token: accessToken
+      }
+    });
+    return {
+      app_scoped_id: res.data.id,
+      instagram_business_id: res.data.user_id,
+      username: res.data.username,
+      name: res.data.name,
+      account_type: res.data.account_type,
+      profile_picture_url: res.data.profile_picture_url
+    };
+  } catch (e) {
+    return { username: null };
+  }
+}
+
+async function getTokenStatus(db, projectId) {
+  var settings = await db.get('instagram-' + projectId);
+  if (!settings || !settings.ig_oauth_token) {
+    return { connected: false, instagram_username: null };
+  }
+  var token = settings.ig_oauth_token;
+  var daysRemaining = token.expires_at ? Math.floor((token.expires_at - Date.now()) / (1000 * 60 * 60 * 24)) : null;
+  return {
+    connected: true,
+    instagram_username: token.username || settings.instagram_username || 'Instagram Account',
+    user_id: token.instagram_business_id || token.user_id,
+    days_remaining: daysRemaining,
+    needs_refresh: daysRemaining !== null ? daysRemaining < 7 : false
+  };
+}
+
+module.exports = {
+  getAuthorizationUrl: getAuthorizationUrl,
+  exchangeCodeForToken: exchangeCodeForToken,
+  refreshToken: refreshToken,
+  getUserInfo: getUserInfo,
+  verifyState: verifyState,
+  getTokenStatus: getTokenStatus
+};

package/index.js

@@ -16,6 +16,7 @@ const { TiledeskInstagramTranslator } = require('./aimanager/TiledeskInstagramTr
 const { TiledeskSubscriptionClient } = require('./aimanager/TiledeskSubscriptionClient');
 const { FacebookClient } = require('./aimanager/FacebookClient');
 const { MessageHandler } = require('./aimanager/MessageHandler');
+const instagramOAuth = require('./aimanager/InstagramOAuth');
 
 
 // mongo
@@ -110,13 +111,14 @@ router.post('/install', async (req, res) => {
       query: {
         "project_id": project_id,
         "app_id": app_id,
-        "token": token
+        "token": token,
+        "oauth_url": BASE_URL + '/auth/instagram/start'
       }
     }));
 
   }).catch((err) => {
-    winston.error("(fbm) installation error: ", err.data)
-    winston.error("(fbm) installation error: " + err.data)    
+    winston.error("(ig) installation error: ", err.data)
+    winston.error("(ig) installation error: " + err.data)    
     res.send("An error occurred during the installation");
   })
 
@@ -184,6 +186,8 @@ router.get('/configure', async (req, res) => {
     return []
   })
 
+  var tokenStatus = await instagramOAuth.getTokenStatus(db, project_id);
+
   if (settings) {
     winston.debug("(fbm) settings found: ", settings);
 
@@ -192,7 +196,7 @@ router.get('/configure', async (req, res) => {
       var replacements = {
         app_version: pjson.version,
         project_id: project_id,
-        ig_token: settings.ig_token || settings.access_token,
+        ig_token: tokenStatus.connected ? tokenStatus.instagram_username : null,
         token: token,
         app_id: app_id,
         endpoint: BASE_URL,
@@ -201,9 +205,10 @@ router.get('/configure', async (req, res) => {
         department_id: settings.department_id,
         departments: departments,
         brand_name: BRAND_NAME,
-        instagram_username: settings.instagram_username || settings.user_info?.username || 'Instagram Account',
+        instagram_username: tokenStatus.instagram_username || 'Instagram Account',
         show_info_message: settings.show_info_message !== undefined ? settings.show_info_message : true,
-        subscription_id: settings.subscription_id
+        subscription_id: settings.subscription_id,
+        oauth_url: BASE_URL + '/auth/instagram/start?project_id=' + project_id + '&token=' + token + '&app_id=' + app_id
       }
       var html = template(replacements)
       res.send(html);
@@ -221,7 +226,8 @@ router.get('/configure', async (req, res) => {
         app_id: app_id,
         endpoint: BASE_URL,
         departments: departments,
-        brand_name: BRAND_NAME
+        brand_name: BRAND_NAME,
+        oauth_url: BASE_URL + '/auth/instagram/start?project_id=' + project_id + '&token=' + token + '&app_id=' + app_id
       }
       var html = template(replacements);
       res.send(html);
@@ -232,7 +238,7 @@ router.get('/configure', async (req, res) => {
 })
 
 router.post('/update', async (req, res) => {
-  winston.verbose("(fbm) /update");
+  winston.verbose("(ig) /update");
 
   let project_id = req.body.project_id;
   let token = req.body.token;
@@ -247,10 +253,11 @@ router.post('/update', async (req, res) => {
     await db.set(CONTENT_KEY, settings);
   }
 
-  // get departments
+  var tokenStatus = await instagramOAuth.getTokenStatus(db, project_id);
+
   const tdChannel = new TiledeskChannel({ settings: { project_id: project_id, token: token }, API_URL: API_URL });
   let departments = await tdChannel.getDepartments(token);
-  winston.verbose("(fbm) found " + departments.length + " departments")
+  winston.verbose("(ig) found " + departments.length + " departments")
 
   readHTMLFile('/configure.html', (err, html) => {
 
@@ -258,7 +265,7 @@ router.post('/update', async (req, res) => {
     var replacements = {
       app_version: pjson.version,
       project_id: project_id,
-      ig_token: settings ? (settings.ig_token || settings.access_token) : null,
+      ig_token: tokenStatus.connected ? tokenStatus.instagram_username : null,
       token: token,
       app_id: app_id,
       endpoint: BASE_URL,
@@ -268,8 +275,9 @@ router.post('/update', async (req, res) => {
       departments: departments,
       brand_name: BRAND_NAME,
       show_info_message: settings ? (settings.show_info_message !== undefined ? settings.show_info_message : true) : true,
-      instagram_username: settings ? (settings.instagram_username || settings.user_info?.username || 'Instagram Account') : null,
-      subscription_id: settings ? settings.subscription_id : null
+      instagram_username: tokenStatus.instagram_username || 'Instagram Account',
+      subscription_id: settings ? settings.subscription_id : null,
+      oauth_url: BASE_URL + '/auth/instagram/start?project_id=' + project_id + '&token=' + token + '&app_id=' + app_id
     }
     var html = template(replacements)
     res.send(html);
@@ -278,7 +286,7 @@ router.post('/update', async (req, res) => {
 })
 
 router.post('/update_advanced', async (req, res) => {
-  winston.verbose("(fbm) /update_advanced");
+  winston.verbose("(ig) /update_advanced");
 
   let project_id = req.body.project_id;
   let show_info_message = req.body.show_info_message === 'on';
@@ -291,6 +299,8 @@ router.post('/update_advanced', async (req, res) => {
     await db.set(CONTENT_KEY, settings);
   }
 
+  var tokenStatus = await instagramOAuth.getTokenStatus(db, project_id);
+
   const tdChannel = new TiledeskChannel({ settings: { project_id: project_id, token: req.body.token }, API_URL: API_URL });
   let departments = await tdChannel.getDepartments(req.body.token).catch(() => []);
 
@@ -299,7 +309,7 @@ router.post('/update_advanced', async (req, res) => {
     var replacements = {
       app_version: pjson.version,
       project_id: project_id,
-      ig_token: settings ? (settings.ig_token || settings.access_token) : null,
+      ig_token: tokenStatus.connected ? tokenStatus.instagram_username : null,
       token: req.body.token,
       endpoint: BASE_URL,
       pages: settings ? settings.pages : null,
@@ -308,8 +318,9 @@ router.post('/update_advanced', async (req, res) => {
       departments: departments,
       brand_name: BRAND_NAME,
       show_info_message: show_info_message,
-      instagram_username: settings ? (settings.instagram_username || settings.user_info?.username || 'Instagram Account') : null,
-      subscription_id: settings ? settings.subscription_id : null
+      instagram_username: tokenStatus.instagram_username || 'Instagram Account',
+      subscription_id: settings ? settings.subscription_id : null,
+      oauth_url: BASE_URL + '/auth/instagram/start?project_id=' + project_id + '&token=' + req.body.token
     }
     var html = template(replacements)
     res.send(html);
@@ -632,93 +643,63 @@ router.get('/webhookFB', async (req, res) => {
   return res.sendStatus(403);
 })
 
-router.get('/oauth', async (req, res) => {
-  winston.verbose("(fbm) /oauth")
-
-  let project_id = JSON.parse(req.query.state).project_id;
-  var code = req.query.code;
-  let token = JSON.parse(req.query.state).token;
-  let app_id = JSON.parse(req.query.state).app_id;
+router.get('/auth/instagram/start', async (req, res) => {
+  winston.verbose("(ig) /auth/instagram/start");
 
-  const tdClient = new TiledeskSubscriptionClient({ API_URL: API_URL, project_id: project_id, token: token })
-  const fbClient = new FacebookClient({ GRAPH_URL: GRAPH_URL, FB_APP_ID: FB_APP_ID, APP_SECRET: APP_SECRET, BASE_URL: BASE_URL });
+  let project_id = req.query.project_id;
+  let token = req.query.token;
+  let app_id = req.query.app_id;
 
-  const subscription_info = {
-    target: BASE_URL + '/tiledesk',
-    event: 'message.create.request.channel.instagram',
+  if (!project_id) {
+    return res.status(400).send('Missing project_id parameter');
   }
 
-  let subscription, access_token, pages_list;
   try {
-    subscription = await tdClient.subscribe(subscription_info);
-    access_token = await fbClient.getAccessTokenFromCode(code);
-    pages_list = await fbClient.getPages(access_token);
+    var auth = instagramOAuth.getAuthorizationUrl(project_id, token, app_id);
+    winston.info("(ig) Redirecting to Instagram OAuth for project " + project_id);
+    res.redirect(auth.url);
   } catch (err) {
-    winston.error("(fbm) /oauth error: ", err?.response?.data || err.message || err);
-    return res.status(500).send("Error during Facebook connection. Please verify the authorization and retry.");
+    winston.error("(ig) OAuth start error: ", err.message);
+    res.status(500).send('OAuth configuration error: ' + err.message);
   }
+});
 
-  winston.debug("(fbm) subscription: " + subscription);
-  winston.debug("(fbm) access_token: " + access_token);
-  winston.debug("(fbm) pages_list: " + pages_list);
-
-  let CONTENT_KEY = "instagram-" + project_id;
+router.get('/oauth-callback', async (req, res) => {
+  winston.verbose("(ig) /oauth-callback");
 
-  let pages = [];
-  pages_list.forEach(async (single_page) => {
-    let page = {
-      id: single_page.id,
-      name: single_page.name,
-      access_token: single_page.access_token,
-      category: single_page.category,
-      active: false
-    }
-    pages.push(page);
-    try {
-      let event_sub = await fbClient.messageEventSubscription(single_page.id, single_page.access_token);
-      winston.debug("(fbm) event subscription: " + event_sub?.status + " " + event_sub?.statusText)
-    } catch (err) {
-      winston.error("(fbm) event subscription error: ", err?.response?.data || err.message || err);
-    }
-  })
-
-  let settings = {
-    project_id: project_id,
-    token: token,
-    access_token: access_token,
-    subscription_id: subscription._id,
-    secret: subscription.secret,
-    pages: pages,
-    app_id: app_id
+  var code = req.query.code;
+  var stateStr = req.query.state;
+  if (!code || !stateStr) {
+    winston.error("(ig) Missing code or state parameter");
+    return res.status(400).send("Missing authorization code or state");
   }
 
-  await db.set(CONTENT_KEY, settings);
+  var state = instagramOAuth.verifyState(stateStr);
+  if (!state) {
+    winston.error("(ig) Invalid or expired state");
+    return res.status(400).send("Invalid or expired state parameter. Please try connecting again.");
+  }
 
-  //let settings_retrived = await db.get(CONTENT_KEY);
-  //var redirect_uri = DASHBOARD_BASE_URL + "/#/project/" + project_id + "/app-store-install/" + app_id + "/run";
-  var redirect_uri = DASHBOARD_BASE_URL + "/#/project/" + project_id + "/integrations?name=instagram";
-  console.log("(fbm) redirect_uri: ", redirect_uri);
-  res.redirect(redirect_uri);
+  var projectId = state.project_id;
 
-  /*
-  readHTMLFile('/configure.html', (err, html) => {
-    var template = handlebars.compile(html);
-    var replacements = {
-      app_version: pjson.version,
-      project_id: project_id,
-      connected: true,
-      token: token,
-      app_id: app_id,
-      endpoint: BASE_URL,
-      subscription_id: settings.subscription_id,
-      secret: settings.secret,
-      pages: settings.pages
-    }
-    var html = template(replacements)
-    res.send(html);
-  })
-  */
+  try {
+    var tokenData = await instagramOAuth.exchangeCodeForToken(code);
+    winston.info("(ig) Token obtained for project " + projectId + ", user: " + (tokenData.username || 'unknown'));
+
+    var CONTENT_KEY = "instagram-" + projectId;
+    var settings = await db.get(CONTENT_KEY) || {};
+    settings.ig_oauth_token = tokenData;
+    settings.instagram_username = tokenData.username;
+    settings.instagram_business_id = tokenData.instagram_business_id;
+    settings.connected = true;
+    await db.set(CONTENT_KEY, settings);
 
+    var redirect_uri = DASHBOARD_BASE_URL + "/#/project/" + projectId + "/integrations?name=instagram";
+    res.redirect(redirect_uri);
+  } catch (err) {
+    winston.error("(ig) OAuth callback error: ", err?.response?.data || err.message || err);
+    res.status(500).send("Authentication failed: " + (err.message || 'Unknown error'));
+  }
 })
 
 router.post('/enablePage', async (req, res) => {
@@ -858,38 +839,25 @@ router.post('/disablePage', async (req, res) => {
 })
 
 router.post('/disconnect', async (req, res) => {
-  winston.verbose("(fbm) /disconnect");
+  winston.verbose("(ig) /disconnect");
 
   let project_id = req.body.project_id;
   let token = req.body.token;
-  let subscription_id = req.body.subscription_id;
 
   let CONTENT_KEY = "instagram-" + project_id;
-
   let settings = await db.get(CONTENT_KEY);
 
-  if (settings && settings.pages) {
-    const active_page = settings.pages.find(p => p.active === true);
-    if (active_page) {
-      let PAGE_KEY = "instagram-page-" + active_page.id;
-      await db.remove(PAGE_KEY)
-      winston.debug("(fbm) Page deleted.");
-    }
-  }
-
-  await db.remove(CONTENT_KEY)
-  winston.verbose("(fbm) Content deleted.");
-
-  const tdClient = new TiledeskSubscriptionClient({ API_URL: API_URL, project_id: project_id, token: token })
-  if (settings && settings.subscription_id) {
-    tdClient.unsubscribe(settings.subscription_id).catch((err) => {
-      winston.error("(fbm) unsubscribe error: ", err);
-    });
+  if (settings) {
+    settings.ig_oauth_token = null;
+    settings.instagram_username = null;
+    settings.instagram_business_id = null;
+    settings.connected = false;
+    await db.set(CONTENT_KEY, settings);
+    winston.info("(ig) OAuth token cleared for project " + project_id);
   }
 
   const tdChannel = new TiledeskChannel({ settings: { project_id: project_id, token: token }, API_URL: API_URL })
   let departments = await tdChannel.getDepartments(token).catch(() => []);
-  winston.debug("(fbm) found " + departments.length + " departments")
 
   readHTMLFile('/configure.html', (err, html) => {
     var template = handlebars.compile(html);
@@ -900,12 +868,12 @@ router.post('/disconnect', async (req, res) => {
       token: token,
       endpoint: BASE_URL,
       departments: departments,
-      brand_name: BRAND_NAME
+      brand_name: BRAND_NAME,
+      oauth_url: BASE_URL + '/auth/instagram/start?project_id=' + project_id + '&token=' + token
     }
     var html = template(replacements)
     return res.send(html);
   })
-
 })
 
 function startApp(settings, callback) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@resultcrafter/aimanager-instagram-connector",
-  "version": "0.1.2",
+  "version": "0.2.0",
   "description": "AI Manager Instagram DM connector",
   "main": "index.js",
   "scripts": {

package/template/configure.html

@@ -247,7 +247,7 @@
       var height = 700;
       var left = (screen.width - width) / 2;
       var top = (screen.height - height) / 2;
-      var oauthUrl = './auth/instagram/start?project_id={{ project_id }}&token={{ token }}&app_id={{ app_id }}';
+      var oauthUrl = '{{ oauth_url }}';
       var popup = window.open(oauthUrl, 'instagram-oauth', 'width=' + width + ',height=' + height + ',left=' + left + ',top=' + top);
 
       var timer = setInterval(function() {