@squadbase/vite-server 0.1.3-dev.0 → 0.1.3-dev.10

package/dist/connectors/gmail.js

@@ -0,0 +1,875 @@
+// ../connectors/src/parameter-definition.ts
+var ParameterDefinition = class {
+  slug;
+  name;
+  description;
+  envVarBaseKey;
+  type;
+  secret;
+  required;
+  constructor(config) {
+    this.slug = config.slug;
+    this.name = config.name;
+    this.description = config.description;
+    this.envVarBaseKey = config.envVarBaseKey;
+    this.type = config.type;
+    this.secret = config.secret;
+    this.required = config.required;
+  }
+  /**
+   * Get the parameter value from a ConnectorConnectionObject.
+   */
+  getValue(connection2) {
+    const param = connection2.parameters.find(
+      (p) => p.parameterSlug === this.slug
+    );
+    if (!param || param.value == null) {
+      throw new Error(
+        `Parameter "${this.slug}" not found or has no value in connection "${connection2.id}"`
+      );
+    }
+    return param.value;
+  }
+  /**
+   * Try to get the parameter value. Returns undefined if not found (for optional params).
+   */
+  tryGetValue(connection2) {
+    const param = connection2.parameters.find(
+      (p) => p.parameterSlug === this.slug
+    );
+    if (!param || param.value == null) return void 0;
+    return param.value;
+  }
+};
+
+// ../connectors/src/connectors/gmail/sdk/index.ts
+import * as crypto from "crypto";
+
+// ../connectors/src/connectors/gmail/parameters.ts
+var parameters = {
+  serviceAccountKeyJsonBase64: new ParameterDefinition({
+    slug: "service-account-key-json-base64",
+    name: "Google Cloud Service Account JSON",
+    description: "The service account JSON key used to authenticate with Google Cloud Platform. The service account must have domain-wide delegation enabled and be granted the Gmail API scope in Google Workspace admin.",
+    envVarBaseKey: "GMAIL_SERVICE_ACCOUNT_JSON_BASE64",
+    type: "base64EncodedJson",
+    secret: true,
+    required: true
+  }),
+  delegatedUserEmail: new ParameterDefinition({
+    slug: "delegated-user-email",
+    name: "Delegated User Email",
+    description: "The email address of the Google Workspace user whose Gmail mailbox the service account will access via domain-wide delegation.",
+    envVarBaseKey: "GMAIL_DELEGATED_USER_EMAIL",
+    type: "text",
+    secret: false,
+    required: true
+  })
+};
+
+// ../connectors/src/connectors/gmail/sdk/index.ts
+var TOKEN_URL = "https://oauth2.googleapis.com/token";
+var BASE_URL = "https://gmail.googleapis.com/gmail/v1/users";
+var SCOPE = "https://www.googleapis.com/auth/gmail.readonly";
+function base64url(input) {
+  const buf = typeof input === "string" ? Buffer.from(input) : input;
+  return buf.toString("base64url");
+}
+function buildJwt(clientEmail, privateKey, subject, nowSec) {
+  const header = base64url(JSON.stringify({ alg: "RS256", typ: "JWT" }));
+  const payload = base64url(
+    JSON.stringify({
+      iss: clientEmail,
+      sub: subject,
+      scope: SCOPE,
+      aud: TOKEN_URL,
+      iat: nowSec,
+      exp: nowSec + 3600
+    })
+  );
+  const signingInput = `${header}.${payload}`;
+  const sign = crypto.createSign("RSA-SHA256");
+  sign.update(signingInput);
+  sign.end();
+  const signature = base64url(sign.sign(privateKey));
+  return `${signingInput}.${signature}`;
+}
+function createClient(params) {
+  const serviceAccountKeyJsonBase64 = params[parameters.serviceAccountKeyJsonBase64.slug];
+  const delegatedUserEmail = params[parameters.delegatedUserEmail.slug];
+  if (!serviceAccountKeyJsonBase64) {
+    throw new Error(
+      `gmail: missing required parameter: ${parameters.serviceAccountKeyJsonBase64.slug}`
+    );
+  }
+  if (!delegatedUserEmail) {
+    throw new Error(
+      `gmail: missing required parameter: ${parameters.delegatedUserEmail.slug}`
+    );
+  }
+  let serviceAccountKey;
+  try {
+    const decoded = Buffer.from(
+      serviceAccountKeyJsonBase64,
+      "base64"
+    ).toString("utf-8");
+    serviceAccountKey = JSON.parse(decoded);
+  } catch {
+    throw new Error(
+      "gmail: failed to decode service account key JSON from base64"
+    );
+  }
+  if (!serviceAccountKey.client_email || !serviceAccountKey.private_key) {
+    throw new Error(
+      "gmail: service account key JSON must contain client_email and private_key"
+    );
+  }
+  let cachedToken = null;
+  let tokenExpiresAt = 0;
+  async function getAccessToken() {
+    const nowSec = Math.floor(Date.now() / 1e3);
+    if (cachedToken && nowSec < tokenExpiresAt - 60) {
+      return cachedToken;
+    }
+    const jwt = buildJwt(
+      serviceAccountKey.client_email,
+      serviceAccountKey.private_key,
+      delegatedUserEmail,
+      nowSec
+    );
+    const response = await fetch(TOKEN_URL, {
+      method: "POST",
+      headers: { "Content-Type": "application/x-www-form-urlencoded" },
+      body: new URLSearchParams({
+        grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
+        assertion: jwt
+      })
+    });
+    if (!response.ok) {
+      const text = await response.text();
+      throw new Error(
+        `gmail: token exchange failed (${response.status}): ${text}`
+      );
+    }
+    const data = await response.json();
+    cachedToken = data.access_token;
+    tokenExpiresAt = nowSec + data.expires_in;
+    return cachedToken;
+  }
+  async function request(path2, init) {
+    const accessToken = await getAccessToken();
+    const url = `${BASE_URL}${path2.startsWith("/") ? "" : "/"}${path2}`;
+    const headers = new Headers(init?.headers);
+    headers.set("Authorization", `Bearer ${accessToken}`);
+    return fetch(url, { ...init, headers });
+  }
+  async function getProfile() {
+    const response = await request("/me/profile");
+    if (!response.ok) {
+      const body = await response.text();
+      throw new Error(
+        `gmail: getProfile failed (${response.status}): ${body}`
+      );
+    }
+    return await response.json();
+  }
+  async function listLabels() {
+    const response = await request("/me/labels");
+    if (!response.ok) {
+      const body = await response.text();
+      throw new Error(
+        `gmail: listLabels failed (${response.status}): ${body}`
+      );
+    }
+    return await response.json();
+  }
+  async function listMessages(options) {
+    const params2 = new URLSearchParams();
+    if (options?.q) params2.set("q", options.q);
+    if (options?.maxResults) params2.set("maxResults", String(options.maxResults));
+    if (options?.pageToken) params2.set("pageToken", options.pageToken);
+    if (options?.labelIds) {
+      for (const labelId of options.labelIds) {
+        params2.append("labelIds", labelId);
+      }
+    }
+    const qs = params2.toString();
+    const response = await request(`/me/messages${qs ? `?${qs}` : ""}`);
+    if (!response.ok) {
+      const body = await response.text();
+      throw new Error(
+        `gmail: listMessages failed (${response.status}): ${body}`
+      );
+    }
+    return await response.json();
+  }
+  async function getMessage(messageId, format) {
+    const p = new URLSearchParams();
+    if (format) p.set("format", format);
+    const qs = p.toString();
+    const response = await request(
+      `/me/messages/${encodeURIComponent(messageId)}${qs ? `?${qs}` : ""}`
+    );
+    if (!response.ok) {
+      const body = await response.text();
+      throw new Error(
+        `gmail: getMessage failed (${response.status}): ${body}`
+      );
+    }
+    return await response.json();
+  }
+  async function listThreads(options) {
+    const params2 = new URLSearchParams();
+    if (options?.q) params2.set("q", options.q);
+    if (options?.maxResults) params2.set("maxResults", String(options.maxResults));
+    if (options?.pageToken) params2.set("pageToken", options.pageToken);
+    if (options?.labelIds) {
+      for (const labelId of options.labelIds) {
+        params2.append("labelIds", labelId);
+      }
+    }
+    const qs = params2.toString();
+    const response = await request(`/me/threads${qs ? `?${qs}` : ""}`);
+    if (!response.ok) {
+      const body = await response.text();
+      throw new Error(
+        `gmail: listThreads failed (${response.status}): ${body}`
+      );
+    }
+    return await response.json();
+  }
+  async function getThread(threadId, format) {
+    const p = new URLSearchParams();
+    if (format) p.set("format", format);
+    const qs = p.toString();
+    const response = await request(
+      `/me/threads/${encodeURIComponent(threadId)}${qs ? `?${qs}` : ""}`
+    );
+    if (!response.ok) {
+      const body = await response.text();
+      throw new Error(
+        `gmail: getThread failed (${response.status}): ${body}`
+      );
+    }
+    return await response.json();
+  }
+  return {
+    request,
+    getProfile,
+    listLabels,
+    listMessages,
+    getMessage,
+    listThreads,
+    getThread
+  };
+}
+
+// ../connectors/src/connector-onboarding.ts
+var ConnectorOnboarding = class {
+  /** Phase 1: Connection setup instructions (optional — some connectors don't need this) */
+  connectionSetupInstructions;
+  /** Phase 2: Data overview instructions */
+  dataOverviewInstructions;
+  constructor(config) {
+    this.connectionSetupInstructions = config.connectionSetupInstructions;
+    this.dataOverviewInstructions = config.dataOverviewInstructions;
+  }
+  getConnectionSetupPrompt(language) {
+    return this.connectionSetupInstructions?.[language] ?? null;
+  }
+  getDataOverviewInstructions(language) {
+    return this.dataOverviewInstructions[language];
+  }
+};
+
+// ../connectors/src/connector-tool.ts
+var ConnectorTool = class {
+  name;
+  description;
+  inputSchema;
+  outputSchema;
+  _execute;
+  constructor(config) {
+    this.name = config.name;
+    this.description = config.description;
+    this.inputSchema = config.inputSchema;
+    this.outputSchema = config.outputSchema;
+    this._execute = config.execute;
+  }
+  createTool(connections, config) {
+    return {
+      description: this.description,
+      inputSchema: this.inputSchema,
+      outputSchema: this.outputSchema,
+      execute: (input) => this._execute(input, connections, config)
+    };
+  }
+};
+
+// ../connectors/src/connector-plugin.ts
+var ConnectorPlugin = class _ConnectorPlugin {
+  slug;
+  authType;
+  name;
+  description;
+  iconUrl;
+  parameters;
+  releaseFlag;
+  proxyPolicy;
+  experimentalAttributes;
+  onboarding;
+  systemPrompt;
+  tools;
+  query;
+  checkConnection;
+  constructor(config) {
+    this.slug = config.slug;
+    this.authType = config.authType;
+    this.name = config.name;
+    this.description = config.description;
+    this.iconUrl = config.iconUrl;
+    this.parameters = config.parameters;
+    this.releaseFlag = config.releaseFlag;
+    this.proxyPolicy = config.proxyPolicy;
+    this.experimentalAttributes = config.experimentalAttributes;
+    this.onboarding = config.onboarding;
+    this.systemPrompt = config.systemPrompt;
+    this.tools = config.tools;
+    this.query = config.query;
+    this.checkConnection = config.checkConnection;
+  }
+  get connectorKey() {
+    return _ConnectorPlugin.deriveKey(this.slug, this.authType);
+  }
+  /**
+   * Create tools for connections that belong to this connector.
+   * Filters connections by connectorKey internally.
+   * Returns tools keyed as `${connectorKey}_${toolName}`.
+   */
+  createTools(connections, config) {
+    const myConnections = connections.filter(
+      (c) => _ConnectorPlugin.deriveKey(c.connector.slug, c.connector.authType) === this.connectorKey
+    );
+    const result = {};
+    for (const t of Object.values(this.tools)) {
+      result[`${this.connectorKey}_${t.name}`] = t.createTool(
+        myConnections,
+        config
+      );
+    }
+    return result;
+  }
+  static deriveKey(slug, authType) {
+    return authType ? `${slug}-${authType}` : slug;
+  }
+};
+
+// ../connectors/src/auth-types.ts
+var AUTH_TYPES = {
+  OAUTH: "oauth",
+  API_KEY: "api-key",
+  JWT: "jwt",
+  SERVICE_ACCOUNT: "service-account",
+  PAT: "pat",
+  USER_PASSWORD: "user-password"
+};
+
+// ../connectors/src/connectors/gmail/tools/request.ts
+import { z } from "zod";
+var BASE_URL2 = "https://gmail.googleapis.com/gmail/v1/users";
+var REQUEST_TIMEOUT_MS = 6e4;
+var inputSchema = z.object({
+  toolUseIntent: z.string().optional().describe(
+    "Brief description of what you intend to accomplish with this tool call"
+  ),
+  connectionId: z.string().describe("ID of the Gmail service account connection to use"),
+  method: z.enum(["GET"]).describe("HTTP method (read-only, GET only)"),
+  path: z.string().describe(
+    "API path appended to https://gmail.googleapis.com/gmail/v1/users (e.g., '/me/messages', '/me/messages/{id}', '/me/labels'). Use '/me' as the userId."
+  ),
+  queryParams: z.record(z.string(), z.string()).optional().describe(
+    "Query parameters to append to the URL (e.g., { q: 'from:example@gmail.com', maxResults: '10' })"
+  )
+});
+var outputSchema = z.discriminatedUnion("success", [
+  z.object({
+    success: z.literal(true),
+    status: z.number(),
+    data: z.record(z.string(), z.unknown())
+  }),
+  z.object({
+    success: z.literal(false),
+    error: z.string()
+  })
+]);
+var requestTool = new ConnectorTool({
+  name: "request",
+  description: `Send authenticated GET requests to the Gmail API v1.
+Authentication is handled automatically using a service account with domain-wide delegation.
+All paths are relative to https://gmail.googleapis.com/gmail/v1/users. Use '/me' as the userId prefix (e.g., '/me/messages').`,
+  inputSchema,
+  outputSchema,
+  async execute({ connectionId, method, path: path2, queryParams }, connections) {
+    const connection2 = connections.find((c) => c.id === connectionId);
+    if (!connection2) {
+      return {
+        success: false,
+        error: `Connection ${connectionId} not found`
+      };
+    }
+    console.log(
+      `[connector-request] gmail/${connection2.name}: ${method} ${path2}`
+    );
+    try {
+      const { GoogleAuth } = await import("google-auth-library");
+      const keyJsonBase64 = parameters.serviceAccountKeyJsonBase64.getValue(connection2);
+      const delegatedUserEmail = parameters.delegatedUserEmail.getValue(connection2);
+      const credentials = JSON.parse(
+        Buffer.from(keyJsonBase64, "base64").toString("utf-8")
+      );
+      const auth = new GoogleAuth({
+        credentials,
+        scopes: ["https://www.googleapis.com/auth/gmail.readonly"],
+        clientOptions: {
+          subject: delegatedUserEmail
+        }
+      });
+      const token = await auth.getAccessToken();
+      if (!token) {
+        return {
+          success: false,
+          error: "Failed to obtain access token"
+        };
+      }
+      let url = `${BASE_URL2}${path2.startsWith("/") ? "" : "/"}${path2}`;
+      if (queryParams) {
+        const searchParams = new URLSearchParams(queryParams);
+        url += `?${searchParams.toString()}`;
+      }
+      const controller = new AbortController();
+      const timeout = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
+      try {
+        const response = await fetch(url, {
+          method,
+          headers: {
+            Authorization: `Bearer ${token}`,
+            "Content-Type": "application/json"
+          },
+          signal: controller.signal
+        });
+        const data = await response.json();
+        if (!response.ok) {
+          const errorMessage = typeof data?.error === "string" ? data.error : typeof data?.message === "string" ? data.message : `HTTP ${response.status} ${response.statusText}`;
+          return { success: false, error: errorMessage };
+        }
+        return { success: true, status: response.status, data };
+      } finally {
+        clearTimeout(timeout);
+      }
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      return { success: false, error: msg };
+    }
+  }
+});
+
+// ../connectors/src/connectors/gmail/setup.ts
+var requestToolName = `gmail_${requestTool.name}`;
+var gmailOnboarding = new ConnectorOnboarding({
+  connectionSetupInstructions: {
+    ja: `\u4EE5\u4E0B\u306E\u624B\u9806\u3067Gmail\uFF08\u30B5\u30FC\u30D3\u30B9\u30A2\u30AB\u30A6\u30F3\u30C8\uFF09\u30B3\u30CD\u30AF\u30B7\u30E7\u30F3\u306E\u30BB\u30C3\u30C8\u30A2\u30C3\u30D7\u3092\u884C\u3063\u3066\u304F\u3060\u3055\u3044\u3002
+
+1. \`${requestToolName}\` \u3092\u547C\u3073\u51FA\u3057\u3066\u30E6\u30FC\u30B6\u30FC\u306E\u30D7\u30ED\u30D5\u30A3\u30FC\u30EB\u3092\u53D6\u5F97\u3059\u308B:
+   - \`method\`: \`"GET"\`
+   - \`path\`: \`"/me/profile"\`
+2. \u30A8\u30E9\u30FC\u304C\u8FD4\u3055\u308C\u305F\u5834\u5408\u3001\u4EE5\u4E0B\u3092\u78BA\u8A8D\u3059\u308B\u3088\u3046\u30E6\u30FC\u30B6\u30FC\u306B\u4F1D\u3048\u308B:
+   - \u30B5\u30FC\u30D3\u30B9\u30A2\u30AB\u30A6\u30F3\u30C8\u306E\u30C9\u30E1\u30A4\u30F3\u5168\u4F53\u306E\u59D4\u4EFB\u304C\u6709\u52B9\u304B
+   - Google Workspace\u7BA1\u7406\u30B3\u30F3\u30BD\u30FC\u30EB\u3067Gmail API\u30B9\u30B3\u30FC\u30D7\u304C\u8A31\u53EF\u3055\u308C\u3066\u3044\u308B\u304B
+   - \u59D4\u4EFB\u5BFE\u8C61\u306E\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9\u304C\u6B63\u3057\u3044\u304B
+3. \`${requestToolName}\` \u3092\u547C\u3073\u51FA\u3057\u3066\u30E9\u30D9\u30EB\u4E00\u89A7\u3092\u53D6\u5F97\u3059\u308B:
+   - \`method\`: \`"GET"\`
+   - \`path\`: \`"/me/labels"\`
+4. \`updateConnectionContext\` \u3092\u547C\u3073\u51FA\u3059:
+   - \`email\`: \u30E6\u30FC\u30B6\u30FC\u306E\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9
+   - \`labels\`: \u4E3B\u8981\u306A\u30E9\u30D9\u30EB\u540D\u4E00\u89A7\uFF08\u30AB\u30F3\u30DE\u533A\u5207\u308A\u3001INBOX, SENT, DRAFT, SPAM, TRASH\u7B49\u306E\u30B7\u30B9\u30C6\u30E0\u30E9\u30D9\u30EB\u3092\u542B\u3080\uFF09
+   - \`note\`: \u30BB\u30C3\u30C8\u30A2\u30C3\u30D7\u5185\u5BB9\u306E\u7C21\u5358\u306A\u8AAC\u660E
+
+#### \u5236\u7D04
+- **\u30BB\u30C3\u30C8\u30A2\u30C3\u30D7\u4E2D\u306B\u30E1\u30C3\u30BB\u30FC\u30B8\u672C\u6587\u3092\u8AAD\u307F\u53D6\u3089\u306A\u3044\u3053\u3068**\u3002\u5B9F\u884C\u3057\u3066\u3088\u3044\u306E\u306F\u4E0A\u8A18\u624B\u9806\u3067\u6307\u5B9A\u3055\u308C\u305F\u30D7\u30ED\u30D5\u30A3\u30FC\u30EB\u53D6\u5F97\u3068\u30E9\u30D9\u30EB\u4E00\u89A7\u53D6\u5F97\u306E\u307F
+- \u30C4\u30FC\u30EB\u9593\u306F1\u6587\u3060\u3051\u66F8\u3044\u3066\u5373\u6B21\u306E\u30C4\u30FC\u30EB\u547C\u3073\u51FA\u3057\u3002\u4E0D\u8981\u306A\u8AAC\u660E\u306F\u7701\u7565\u3057\u3001\u52B9\u7387\u7684\u306B\u9032\u3081\u308B`,
+    en: `Follow these steps to set up the Gmail (Service Account) connection.
+
+1. Call \`${requestToolName}\` to get the user's profile:
+   - \`method\`: \`"GET"\`
+   - \`path\`: \`"/me/profile"\`
+2. If an error is returned, ask the user to verify:
+   - Domain-wide delegation is enabled for the service account
+   - Gmail API scope is authorized in Google Workspace admin console
+   - The delegated user email address is correct
+3. Call \`${requestToolName}\` to get the label list:
+   - \`method\`: \`"GET"\`
+   - \`path\`: \`"/me/labels"\`
+4. Call \`updateConnectionContext\`:
+   - \`email\`: The user's email address
+   - \`labels\`: Key label names (comma-separated, including system labels like INBOX, SENT, DRAFT, SPAM, TRASH)
+   - \`note\`: Brief description of the setup
+
+#### Constraints
+- **Do NOT read message bodies during setup**. Only the profile and label list requests specified above are allowed
+- Write only 1 sentence between tool calls, then immediately call the next tool. Skip unnecessary explanations and proceed efficiently`
+  },
+  dataOverviewInstructions: {
+    en: `1. Call gmail_request with GET /me/labels to list all labels
+2. Call gmail_request with GET /me/messages?maxResults=5 to get recent message IDs
+3. Call gmail_request with GET /me/messages/{id}?format=metadata for each message to see subjects and senders`,
+    ja: `1. gmail_request \u3067 GET /me/labels \u3092\u547C\u3073\u51FA\u3057\u3001\u5168\u30E9\u30D9\u30EB\u4E00\u89A7\u3092\u53D6\u5F97
+2. gmail_request \u3067 GET /me/messages?maxResults=5 \u3092\u547C\u3073\u51FA\u3057\u3001\u6700\u65B0\u30E1\u30C3\u30BB\u30FC\u30B8ID\u3092\u53D6\u5F97
+3. \u5404\u30E1\u30C3\u30BB\u30FC\u30B8\u306B\u3064\u3044\u3066 gmail_request \u3067 GET /me/messages/{id}?format=metadata \u3092\u547C\u3073\u51FA\u3057\u3001\u4EF6\u540D\u3068\u9001\u4FE1\u8005\u3092\u78BA\u8A8D`
+  }
+});
+
+// ../connectors/src/connectors/gmail/index.ts
+var tools = { request: requestTool };
+var gmailConnector = new ConnectorPlugin({
+  slug: "gmail",
+  authType: AUTH_TYPES.SERVICE_ACCOUNT,
+  name: "Gmail",
+  description: "Connect to Gmail for email data access using a service account with domain-wide delegation. Read-only access to messages, threads, and labels.",
+  iconUrl: "https://images.ctfassets.net/9ncizv60xc5y/4V3rfaSc1ksFIt2eHBNIwJ/7f3be41a154a6d96dcf229ed0e5858c9/Gmail_icon__2020_.svg.png",
+  parameters,
+  releaseFlag: { dev1: true, dev2: false, prod: false },
+  onboarding: gmailOnboarding,
+  systemPrompt: {
+    en: `### Tools
+
+- \`gmail_request\`: The only way to call the Gmail API (read-only). Use it to list messages, get message details, list labels, list threads, and get user profile. Authentication is handled automatically using a service account with domain-wide delegation.
+
+### Gmail API Reference
+
+#### Available Endpoints
+- GET \`/me/profile\` \u2014 Get the delegated user's profile (email address, total messages/threads)
+- GET \`/me/labels\` \u2014 List all labels in the mailbox
+- GET \`/me/labels/{id}\` \u2014 Get details for a specific label
+- GET \`/me/messages\` \u2014 List messages (returns IDs only; use format param on individual messages)
+- GET \`/me/messages/{id}\` \u2014 Get a specific message
+- GET \`/me/threads\` \u2014 List threads
+- GET \`/me/threads/{id}\` \u2014 Get a specific thread with all its messages
+
+#### Key Query Parameters
+- \`q\` \u2014 Gmail search query (same syntax as Gmail search box). Examples:
+  - \`from:user@example.com\` \u2014 Messages from a specific sender
+  - \`subject:meeting\` \u2014 Messages with "meeting" in the subject
+  - \`after:2025/01/01 before:2025/02/01\` \u2014 Messages within a date range
+  - \`label:INBOX is:unread\` \u2014 Unread messages in inbox
+  - \`has:attachment\` \u2014 Messages with attachments
+- \`maxResults\` \u2014 Maximum number of results (default 100, max 500)
+- \`pageToken\` \u2014 Token for pagination (from nextPageToken in response)
+- \`labelIds\` \u2014 Filter by label IDs (e.g., \`INBOX\`, \`SENT\`, \`DRAFT\`)
+- \`format\` \u2014 Message format for /messages/{id} and /threads/{id}:
+  - \`full\` \u2014 Complete message with parsed payload (default)
+  - \`metadata\` \u2014 Only headers (Subject, From, To, Date) without body
+  - \`minimal\` \u2014 Only IDs, labels, and snippet
+  - \`raw\` \u2014 Full RFC 2822 formatted message in base64url
+
+#### Tips
+- Always use \`/me\` as the userId \u2014 it refers to the delegated user
+- List endpoints return only IDs; fetch individual resources for details
+- Use \`format=metadata\` to efficiently get subject/sender without full body
+- Message body content is base64url encoded in \`payload.body.data\` or nested \`payload.parts[].body.data\`
+- Use \`q\` parameter for powerful search filtering (same as Gmail search syntax)
+- System labels include: INBOX, SENT, DRAFT, SPAM, TRASH, UNREAD, STARRED, IMPORTANT, CATEGORY_PERSONAL, CATEGORY_SOCIAL, CATEGORY_PROMOTIONS, CATEGORY_UPDATES, CATEGORY_FORUMS
+
+### Business Logic
+
+The business logic type for this connector is "typescript". Write handler code using the connector SDK shown below. Do NOT access credentials directly from environment variables.
+
+#### Example
+
+\`\`\`ts
+import { connection } from "@squadbase/vite-server/connectors/gmail";
+
+const gmail = connection("<connectionId>");
+
+// Get user profile
+const profile = await gmail.getProfile();
+console.log(profile.emailAddress, profile.messagesTotal);
+
+// List recent messages
+const messages = await gmail.listMessages({ maxResults: 10 });
+for (const msg of messages.messages) {
+  const detail = await gmail.getMessage(msg.id, "metadata");
+  const subject = detail.payload.headers.find(h => h.name === "Subject")?.value;
+  console.log(subject, detail.snippet);
+}
+
+// Search messages
+const results = await gmail.listMessages({ q: "from:boss@company.com is:unread" });
+
+// List labels
+const labels = await gmail.listLabels();
+labels.labels.forEach(l => console.log(l.name, l.messagesTotal));
+
+// Get a thread
+const thread = await gmail.getThread("<threadId>");
+thread.messages.forEach(m => console.log(m.snippet));
+\`\`\``,
+    ja: `### \u30C4\u30FC\u30EB
+
+- \`gmail_request\`: Gmail API\u3092\u547C\u3073\u51FA\u3059\u552F\u4E00\u306E\u624B\u6BB5\u3067\u3059\uFF08\u8AAD\u307F\u53D6\u308A\u5C02\u7528\uFF09\u3002\u30E1\u30C3\u30BB\u30FC\u30B8\u4E00\u89A7\u306E\u53D6\u5F97\u3001\u30E1\u30C3\u30BB\u30FC\u30B8\u8A73\u7D30\u306E\u53D6\u5F97\u3001\u30E9\u30D9\u30EB\u4E00\u89A7\u3001\u30B9\u30EC\u30C3\u30C9\u4E00\u89A7\u3001\u30E6\u30FC\u30B6\u30FC\u30D7\u30ED\u30D5\u30A3\u30FC\u30EB\u306E\u53D6\u5F97\u306B\u4F7F\u7528\u3057\u307E\u3059\u3002\u30B5\u30FC\u30D3\u30B9\u30A2\u30AB\u30A6\u30F3\u30C8\u306E\u30C9\u30E1\u30A4\u30F3\u5168\u4F53\u306E\u59D4\u4EFB\u3092\u4F7F\u7528\u3057\u3066\u8A8D\u8A3C\u306F\u81EA\u52D5\u7684\u306B\u51E6\u7406\u3055\u308C\u307E\u3059\u3002
+
+### Gmail API \u30EA\u30D5\u30A1\u30EC\u30F3\u30B9
+
+#### \u5229\u7528\u53EF\u80FD\u306A\u30A8\u30F3\u30C9\u30DD\u30A4\u30F3\u30C8
+- GET \`/me/profile\` \u2014 \u59D4\u4EFB\u30E6\u30FC\u30B6\u30FC\u306E\u30D7\u30ED\u30D5\u30A3\u30FC\u30EB\u3092\u53D6\u5F97\uFF08\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9\u3001\u30E1\u30C3\u30BB\u30FC\u30B8/\u30B9\u30EC\u30C3\u30C9\u7DCF\u6570\uFF09
+- GET \`/me/labels\` \u2014 \u30E1\u30FC\u30EB\u30DC\u30C3\u30AF\u30B9\u306E\u5168\u30E9\u30D9\u30EB\u3092\u4E00\u89A7
+- GET \`/me/labels/{id}\` \u2014 \u7279\u5B9A\u30E9\u30D9\u30EB\u306E\u8A73\u7D30\u3092\u53D6\u5F97
+- GET \`/me/messages\` \u2014 \u30E1\u30C3\u30BB\u30FC\u30B8\u4E00\u89A7\uFF08ID\u306E\u307F\u8FD4\u5374\u3002\u500B\u5225\u30E1\u30C3\u30BB\u30FC\u30B8\u3067format\u30D1\u30E9\u30E1\u30FC\u30BF\u3092\u4F7F\u7528\uFF09
+- GET \`/me/messages/{id}\` \u2014 \u7279\u5B9A\u30E1\u30C3\u30BB\u30FC\u30B8\u3092\u53D6\u5F97
+- GET \`/me/threads\` \u2014 \u30B9\u30EC\u30C3\u30C9\u4E00\u89A7
+- GET \`/me/threads/{id}\` \u2014 \u7279\u5B9A\u30B9\u30EC\u30C3\u30C9\u306E\u5168\u30E1\u30C3\u30BB\u30FC\u30B8\u3092\u53D6\u5F97
+
+#### \u4E3B\u8981\u306A\u30AF\u30A8\u30EA\u30D1\u30E9\u30E1\u30FC\u30BF
+- \`q\` \u2014 Gmail\u691C\u7D22\u30AF\u30A8\u30EA\uFF08Gmail\u691C\u7D22\u30DC\u30C3\u30AF\u30B9\u3068\u540C\u3058\u69CB\u6587\uFF09\u3002\u4F8B\uFF1A
+  - \`from:user@example.com\` \u2014 \u7279\u5B9A\u306E\u9001\u4FE1\u8005\u304B\u3089\u306E\u30E1\u30C3\u30BB\u30FC\u30B8
+  - \`subject:meeting\` \u2014 \u4EF6\u540D\u306B\u300Cmeeting\u300D\u3092\u542B\u3080\u30E1\u30C3\u30BB\u30FC\u30B8
+  - \`after:2025/01/01 before:2025/02/01\` \u2014 \u65E5\u4ED8\u7BC4\u56F2\u5185\u306E\u30E1\u30C3\u30BB\u30FC\u30B8
+  - \`label:INBOX is:unread\` \u2014 \u53D7\u4FE1\u30C8\u30EC\u30A4\u306E\u672A\u8AAD\u30E1\u30C3\u30BB\u30FC\u30B8
+  - \`has:attachment\` \u2014 \u6DFB\u4ED8\u30D5\u30A1\u30A4\u30EB\u4ED8\u304D\u30E1\u30C3\u30BB\u30FC\u30B8
+- \`maxResults\` \u2014 \u6700\u5927\u7D50\u679C\u6570\uFF08\u30C7\u30D5\u30A9\u30EB\u30C8100\u3001\u6700\u5927500\uFF09
+- \`pageToken\` \u2014 \u30DA\u30FC\u30B8\u30CD\u30FC\u30B7\u30E7\u30F3\u7528\u30C8\u30FC\u30AF\u30F3\uFF08\u30EC\u30B9\u30DD\u30F3\u30B9\u306EnextPageToken\u304B\u3089\u53D6\u5F97\uFF09
+- \`labelIds\` \u2014 \u30E9\u30D9\u30EBID\u3067\u30D5\u30A3\u30EB\u30BF\uFF08\u4F8B\uFF1A\`INBOX\`, \`SENT\`, \`DRAFT\`\uFF09
+- \`format\` \u2014 /messages/{id} \u3068 /threads/{id} \u306E\u30E1\u30C3\u30BB\u30FC\u30B8\u30D5\u30A9\u30FC\u30DE\u30C3\u30C8\uFF1A
+  - \`full\` \u2014 \u30D1\u30FC\u30B9\u6E08\u307F\u30DA\u30A4\u30ED\u30FC\u30C9\u4ED8\u304D\u306E\u5B8C\u5168\u306A\u30E1\u30C3\u30BB\u30FC\u30B8\uFF08\u30C7\u30D5\u30A9\u30EB\u30C8\uFF09
+  - \`metadata\` \u2014 \u30D8\u30C3\u30C0\u30FC\u306E\u307F\uFF08Subject, From, To, Date\uFF09\u3001\u672C\u6587\u306A\u3057
+  - \`minimal\` \u2014 ID\u3001\u30E9\u30D9\u30EB\u3001\u30B9\u30CB\u30DA\u30C3\u30C8\u306E\u307F
+  - \`raw\` \u2014 base64url\u30A8\u30F3\u30B3\u30FC\u30C9\u3055\u308C\u305F\u5B8C\u5168\u306ARFC 2822\u30D5\u30A9\u30FC\u30DE\u30C3\u30C8\u30E1\u30C3\u30BB\u30FC\u30B8
+
+#### \u30D2\u30F3\u30C8
+- userId\u306B\u306F\u5E38\u306B \`/me\` \u3092\u4F7F\u7528 \u2014 \u59D4\u4EFB\u30E6\u30FC\u30B6\u30FC\u3092\u6307\u3057\u307E\u3059
+- \u4E00\u89A7\u30A8\u30F3\u30C9\u30DD\u30A4\u30F3\u30C8\u306FID\u306E\u307F\u8FD4\u5374\u3057\u307E\u3059\u3002\u8A73\u7D30\u306F\u500B\u5225\u30EA\u30BD\u30FC\u30B9\u3092\u53D6\u5F97\u3057\u3066\u304F\u3060\u3055\u3044
+- \u4EF6\u540D/\u9001\u4FE1\u8005\u3092\u52B9\u7387\u7684\u306B\u53D6\u5F97\u3059\u308B\u306B\u306F \`format=metadata\` \u3092\u4F7F\u7528\u3057\u307E\u3059
+- \u30E1\u30C3\u30BB\u30FC\u30B8\u672C\u6587\u306F \`payload.body.data\` \u307E\u305F\u306F\u30CD\u30B9\u30C8\u3055\u308C\u305F \`payload.parts[].body.data\` \u306Bbase64url\u30A8\u30F3\u30B3\u30FC\u30C9\u3067\u683C\u7D0D\u3055\u308C\u3066\u3044\u307E\u3059
+- \u5F37\u529B\u306A\u691C\u7D22\u30D5\u30A3\u30EB\u30BF\u30EA\u30F3\u30B0\u306B\u306F \`q\` \u30D1\u30E9\u30E1\u30FC\u30BF\u3092\u4F7F\u7528\uFF08Gmail\u691C\u7D22\u3068\u540C\u3058\u69CB\u6587\uFF09
+- \u30B7\u30B9\u30C6\u30E0\u30E9\u30D9\u30EB: INBOX, SENT, DRAFT, SPAM, TRASH, UNREAD, STARRED, IMPORTANT, CATEGORY_PERSONAL, CATEGORY_SOCIAL, CATEGORY_PROMOTIONS, CATEGORY_UPDATES, CATEGORY_FORUMS
+
+### Business Logic
+
+\u3053\u306E\u30B3\u30CD\u30AF\u30BF\u306E\u30D3\u30B8\u30CD\u30B9\u30ED\u30B8\u30C3\u30AF\u30BF\u30A4\u30D7\u306F "typescript" \u3067\u3059\u3002\u4EE5\u4E0B\u306B\u793A\u3059\u30B3\u30CD\u30AF\u30BFSDK\u3092\u4F7F\u7528\u3057\u3066\u30CF\u30F3\u30C9\u30E9\u30B3\u30FC\u30C9\u3092\u8A18\u8FF0\u3057\u3066\u304F\u3060\u3055\u3044\u3002\u74B0\u5883\u5909\u6570\u304B\u3089\u76F4\u63A5\u8A8D\u8A3C\u60C5\u5831\u306B\u30A2\u30AF\u30BB\u30B9\u3057\u306A\u3044\u3067\u304F\u3060\u3055\u3044\u3002
+
+#### Example
+
+\`\`\`ts
+import { connection } from "@squadbase/vite-server/connectors/gmail";
+
+const gmail = connection("<connectionId>");
+
+// Get user profile
+const profile = await gmail.getProfile();
+console.log(profile.emailAddress, profile.messagesTotal);
+
+// List recent messages
+const messages = await gmail.listMessages({ maxResults: 10 });
+for (const msg of messages.messages) {
+  const detail = await gmail.getMessage(msg.id, "metadata");
+  const subject = detail.payload.headers.find(h => h.name === "Subject")?.value;
+  console.log(subject, detail.snippet);
+}
+
+// Search messages
+const results = await gmail.listMessages({ q: "from:boss@company.com is:unread" });
+
+// List labels
+const labels = await gmail.listLabels();
+labels.labels.forEach(l => console.log(l.name, l.messagesTotal));
+
+// Get a thread
+const thread = await gmail.getThread("<threadId>");
+thread.messages.forEach(m => console.log(m.snippet));
+\`\`\``
+  },
+  tools,
+  async checkConnection(params, _config) {
+    const { GoogleAuth } = await import("google-auth-library");
+    const credentials = JSON.parse(
+      Buffer.from(
+        params[parameters.serviceAccountKeyJsonBase64.slug],
+        "base64"
+      ).toString("utf-8")
+    );
+    const delegatedUserEmail = params[parameters.delegatedUserEmail.slug];
+    const auth = new GoogleAuth({
+      credentials,
+      scopes: ["https://www.googleapis.com/auth/gmail.readonly"],
+      clientOptions: {
+        subject: delegatedUserEmail
+      }
+    });
+    try {
+      const token = await auth.getAccessToken();
+      if (!token) {
+        return {
+          success: false,
+          error: "Failed to obtain access token"
+        };
+      }
+      const res = await fetch(
+        "https://gmail.googleapis.com/gmail/v1/users/me/profile",
+        {
+          method: "GET",
+          headers: { Authorization: `Bearer ${token}` }
+        }
+      );
+      if (!res.ok) {
+        const errorText = await res.text().catch(() => res.statusText);
+        return {
+          success: false,
+          error: `Gmail API failed: HTTP ${res.status} ${errorText}`
+        };
+      }
+      return { success: true };
+    } catch (error) {
+      return {
+        success: false,
+        error: error instanceof Error ? error.message : String(error)
+      };
+    }
+  }
+});
+
+// src/connectors/create-connector-sdk.ts
+import { readFileSync } from "fs";
+import path from "path";
+
+// src/connector-client/env.ts
+function resolveEnvVar(entry, key, connectionId) {
+  const envVarName = entry.envVars[key];
+  if (!envVarName) {
+    throw new Error(`Connection "${connectionId}" is missing envVars mapping for key "${key}"`);
+  }
+  const value = process.env[envVarName];
+  if (!value) {
+    throw new Error(`Environment variable "${envVarName}" (for connection "${connectionId}", key "${key}") is not set`);
+  }
+  return value;
+}
+function resolveEnvVarOptional(entry, key) {
+  const envVarName = entry.envVars[key];
+  if (!envVarName) return void 0;
+  return process.env[envVarName] || void 0;
+}
+
+// src/connector-client/proxy-fetch.ts
+import { getContext } from "hono/context-storage";
+import { getCookie } from "hono/cookie";
+var APP_SESSION_COOKIE_NAME = "__Host-squadbase-session";
+function createSandboxProxyFetch(connectionId) {
+  return async (input, init) => {
+    const token = process.env.INTERNAL_SQUADBASE_OAUTH_MACHINE_CREDENTIAL;
+    const sandboxId = process.env.INTERNAL_SQUADBASE_SANDBOX_ID;
+    if (!token || !sandboxId) {
+      throw new Error(
+        "Connection proxy is not configured. Please check your deployment settings."
+      );
+    }
+    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+    const originalMethod = init?.method ?? "GET";
+    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
+    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
+    const proxyUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
+    return fetch(proxyUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${token}`
+      },
+      body: JSON.stringify({
+        url: originalUrl,
+        method: originalMethod,
+        body: originalBody
+      })
+    });
+  };
+}
+function createDeployedAppProxyFetch(connectionId) {
+  const projectId = process.env["SQUADBASE_PROJECT_ID"];
+  if (!projectId) {
+    throw new Error(
+      "Connection proxy is not configured. Please check your deployment settings."
+    );
+  }
+  const baseDomain = process.env["SQUADBASE_APP_BASE_DOMAIN"] ?? "squadbase.app";
+  const proxyUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
+  return async (input, init) => {
+    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+    const originalMethod = init?.method ?? "GET";
+    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
+    const c = getContext();
+    const appSession = getCookie(c, APP_SESSION_COOKIE_NAME);
+    if (!appSession) {
+      throw new Error(
+        "No authentication method available for connection proxy."
+      );
+    }
+    return fetch(proxyUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${appSession}`
+      },
+      body: JSON.stringify({
+        url: originalUrl,
+        method: originalMethod,
+        body: originalBody
+      })
+    });
+  };
+}
+function createProxyFetch(connectionId) {
+  if (process.env.INTERNAL_SQUADBASE_SANDBOX_ID) {
+    return createSandboxProxyFetch(connectionId);
+  }
+  return createDeployedAppProxyFetch(connectionId);
+}
+
+// src/connectors/create-connector-sdk.ts
+function loadConnectionsSync() {
+  const filePath = process.env.CONNECTIONS_PATH ?? path.join(process.cwd(), ".squadbase/connections.json");
+  try {
+    const raw = readFileSync(filePath, "utf-8");
+    return JSON.parse(raw);
+  } catch {
+    return {};
+  }
+}
+function createConnectorSdk(plugin, createClient2) {
+  return (connectionId) => {
+    const connections = loadConnectionsSync();
+    const entry = connections[connectionId];
+    if (!entry) {
+      throw new Error(
+        `Connection "${connectionId}" not found in .squadbase/connections.json`
+      );
+    }
+    if (entry.connector.slug !== plugin.slug) {
+      throw new Error(
+        `Connection "${connectionId}" is not a ${plugin.slug} connection (got "${entry.connector.slug}")`
+      );
+    }
+    const params = {};
+    for (const param of Object.values(plugin.parameters)) {
+      if (param.required) {
+        params[param.slug] = resolveEnvVar(entry, param.slug, connectionId);
+      } else {
+        const val = resolveEnvVarOptional(entry, param.slug);
+        if (val !== void 0) params[param.slug] = val;
+      }
+    }
+    return createClient2(params, createProxyFetch(connectionId));
+  };
+}
+
+// src/connectors/entries/gmail.ts
+var connection = createConnectorSdk(gmailConnector, createClient);
+export {
+  connection
+};