@squadbase/vite-server 0.1.9-dev.87dd3f7 → 0.1.9-dev.a120137

package/dist/connectors/google-search-console-oauth.js

@@ -0,0 +1,923 @@
+// ../connectors/src/parameter-definition.ts
+var ParameterDefinition = class {
+  slug;
+  name;
+  description;
+  envVarBaseKey;
+  type;
+  secret;
+  required;
+  constructor(config) {
+    this.slug = config.slug;
+    this.name = config.name;
+    this.description = config.description;
+    this.envVarBaseKey = config.envVarBaseKey;
+    this.type = config.type;
+    this.secret = config.secret;
+    this.required = config.required;
+  }
+  /**
+   * Get the parameter value from a ConnectorConnectionObject.
+   */
+  getValue(connection2) {
+    const param = connection2.parameters.find(
+      (p) => p.parameterSlug === this.slug
+    );
+    if (!param || param.value == null) {
+      throw new Error(
+        `Parameter "${this.slug}" not found or has no value in connection "${connection2.id}"`
+      );
+    }
+    return param.value;
+  }
+  /**
+   * Try to get the parameter value. Returns undefined if not found (for optional params).
+   */
+  tryGetValue(connection2) {
+    const param = connection2.parameters.find(
+      (p) => p.parameterSlug === this.slug
+    );
+    if (!param || param.value == null) return void 0;
+    return param.value;
+  }
+};
+
+// ../connectors/src/connectors/google-search-console-oauth/parameters.ts
+var parameters = {
+  siteUrl: new ParameterDefinition({
+    slug: "site-url",
+    name: "Default Site URL",
+    description: "The default Google Search Console site URL to use (e.g., 'https://example.com/' or a domain property like 'sc-domain:example.com'). Obtained from the listSites tool during setup.",
+    envVarBaseKey: "GOOGLE_SEARCH_CONSOLE_OAUTH_SITE_URL",
+    type: "text",
+    secret: false,
+    required: false
+  })
+};
+
+// ../connectors/src/connectors/google-search-console-oauth/sdk/index.ts
+var BASE_URL = "https://searchconsole.googleapis.com/webmasters/v3";
+function createClient(params, fetchFn = fetch) {
+  const defaultSiteUrl = params[parameters.siteUrl.slug];
+  function resolveSiteUrl(override) {
+    const url = override ?? defaultSiteUrl;
+    if (!url) {
+      throw new Error(
+        "google-search-console-oauth: siteUrl is required. Configure it via connection parameters or pass it as an argument."
+      );
+    }
+    return url;
+  }
+  return {
+    async request(path2, init) {
+      const resolvedPath = defaultSiteUrl ? path2.replace(/\{siteUrl\}/g, encodeURIComponent(defaultSiteUrl)) : path2;
+      const url = `${BASE_URL}${resolvedPath.startsWith("/") ? "" : "/"}${resolvedPath}`;
+      return fetchFn(url, init);
+    },
+    async listSites() {
+      const response = await this.request("/sites", { method: "GET" });
+      if (!response.ok) {
+        const text = await response.text();
+        throw new Error(
+          `google-search-console-oauth: listSites failed (${response.status}): ${text}`
+        );
+      }
+      const data = await response.json();
+      return data.siteEntry ?? [];
+    },
+    async querySearchAnalytics(request, siteUrl) {
+      const url = resolveSiteUrl(siteUrl);
+      const path2 = `/sites/${encodeURIComponent(url)}/searchAnalytics/query`;
+      const response = await this.request(path2, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify(request)
+      });
+      if (!response.ok) {
+        const text = await response.text();
+        throw new Error(
+          `google-search-console-oauth: querySearchAnalytics failed (${response.status}): ${text}`
+        );
+      }
+      return await response.json();
+    },
+    async listSitemaps(siteUrl) {
+      const url = resolveSiteUrl(siteUrl);
+      const path2 = `/sites/${encodeURIComponent(url)}/sitemaps`;
+      const response = await this.request(path2, { method: "GET" });
+      if (!response.ok) {
+        const text = await response.text();
+        throw new Error(
+          `google-search-console-oauth: listSitemaps failed (${response.status}): ${text}`
+        );
+      }
+      const data = await response.json();
+      return data.sitemap ?? [];
+    }
+  };
+}
+
+// ../connectors/src/connector-onboarding.ts
+var ConnectorOnboarding = class {
+  /** Phase 1: Connection setup instructions (optional — some connectors don't need this) */
+  connectionSetupInstructions;
+  /** Phase 2: Data overview instructions */
+  dataOverviewInstructions;
+  constructor(config) {
+    this.connectionSetupInstructions = config.connectionSetupInstructions;
+    this.dataOverviewInstructions = config.dataOverviewInstructions;
+  }
+  getConnectionSetupPrompt(language) {
+    return this.connectionSetupInstructions?.[language] ?? null;
+  }
+  getDataOverviewInstructions(language) {
+    return this.dataOverviewInstructions[language];
+  }
+};
+
+// ../connectors/src/connector-tool.ts
+var ConnectorTool = class {
+  name;
+  description;
+  inputSchema;
+  outputSchema;
+  _execute;
+  constructor(config) {
+    this.name = config.name;
+    this.description = config.description;
+    this.inputSchema = config.inputSchema;
+    this.outputSchema = config.outputSchema;
+    this._execute = config.execute;
+  }
+  createTool(connections, config) {
+    return {
+      description: this.description,
+      inputSchema: this.inputSchema,
+      outputSchema: this.outputSchema,
+      execute: (input) => this._execute(input, connections, config)
+    };
+  }
+};
+
+// ../connectors/src/connector-plugin.ts
+var ConnectorPlugin = class _ConnectorPlugin {
+  slug;
+  authType;
+  name;
+  description;
+  iconUrl;
+  parameters;
+  releaseFlag;
+  proxyPolicy;
+  experimentalAttributes;
+  categories;
+  onboarding;
+  systemPrompt;
+  tools;
+  query;
+  checkConnection;
+  constructor(config) {
+    this.slug = config.slug;
+    this.authType = config.authType;
+    this.name = config.name;
+    this.description = config.description;
+    this.iconUrl = config.iconUrl;
+    this.parameters = config.parameters;
+    this.releaseFlag = config.releaseFlag;
+    this.proxyPolicy = config.proxyPolicy;
+    this.experimentalAttributes = config.experimentalAttributes;
+    this.categories = config.categories ?? [];
+    this.onboarding = config.onboarding;
+    this.systemPrompt = config.systemPrompt;
+    this.tools = config.tools;
+    this.query = config.query;
+    this.checkConnection = config.checkConnection;
+  }
+  get connectorKey() {
+    return _ConnectorPlugin.deriveKey(this.slug, this.authType);
+  }
+  /**
+   * Create tools for connections that belong to this connector.
+   * Filters connections by connectorKey internally.
+   * Returns tools keyed as `${connectorKey}_${toolName}`.
+   */
+  createTools(connections, config, opts) {
+    const myConnections = connections.filter(
+      (c) => _ConnectorPlugin.deriveKey(c.connector.slug, c.connector.authType) === this.connectorKey
+    );
+    const result = {};
+    for (const t of Object.values(this.tools)) {
+      const tool = t.createTool(myConnections, config);
+      const originalToModelOutput = tool.toModelOutput;
+      result[`${this.connectorKey}_${t.name}`] = {
+        ...tool,
+        toModelOutput: async (options) => {
+          if (!originalToModelOutput) {
+            return opts.truncateOutput(options.output);
+          }
+          const modelOutput = await originalToModelOutput(options);
+          if (modelOutput.type === "text" || modelOutput.type === "json") {
+            return opts.truncateOutput(modelOutput.value);
+          }
+          return modelOutput;
+        }
+      };
+    }
+    return result;
+  }
+  static deriveKey(slug, authType) {
+    if (authType) return `${slug}-${authType}`;
+    const LEGACY_NULL_AUTH_TYPE_MAP = {
+      // user-password
+      "postgresql": "user-password",
+      "mysql": "user-password",
+      "clickhouse": "user-password",
+      "kintone": "user-password",
+      "squadbase-db": "user-password",
+      // service-account
+      "snowflake": "service-account",
+      "bigquery": "service-account",
+      "google-analytics": "service-account",
+      "google-calendar": "service-account",
+      "aws-athena": "service-account",
+      "redshift": "service-account",
+      // api-key
+      "databricks": "api-key",
+      "dbt": "api-key",
+      "airtable": "api-key",
+      "openai": "api-key",
+      "gemini": "api-key",
+      "anthropic": "api-key",
+      "wix-store": "api-key"
+    };
+    const fallbackAuthType = LEGACY_NULL_AUTH_TYPE_MAP[slug];
+    if (fallbackAuthType) return `${slug}-${fallbackAuthType}`;
+    return slug;
+  }
+};
+
+// ../connectors/src/auth-types.ts
+var AUTH_TYPES = {
+  OAUTH: "oauth",
+  API_KEY: "api-key",
+  JWT: "jwt",
+  SERVICE_ACCOUNT: "service-account",
+  PAT: "pat",
+  USER_PASSWORD: "user-password"
+};
+
+// ../connectors/src/lib/normalize-path.ts
+function normalizeRequestPath(path2, basePathSegment) {
+  let p = path2.trim();
+  if (!p.startsWith("/")) p = "/" + p;
+  if (p === basePathSegment || p.startsWith(basePathSegment + "/")) {
+    p = p.slice(basePathSegment.length) || "/";
+  }
+  return p;
+}
+
+// ../connectors/src/connectors/google-search-console-oauth/tools/list-sites.ts
+import { z } from "zod";
+var BASE_URL2 = "https://searchconsole.googleapis.com/webmasters/v3";
+var REQUEST_TIMEOUT_MS = 6e4;
+var cachedToken = null;
+async function getProxyToken(config) {
+  if (cachedToken && cachedToken.expiresAt > Date.now() + 6e4) {
+    return cachedToken.token;
+  }
+  const url = `${config.appApiBaseUrl}/v0/database/${config.projectId}/environment/${config.environmentId}/oauth-request-proxy-token`;
+  const res = await fetch(url, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      "x-api-key": config.appApiKey,
+      "project-id": config.projectId
+    },
+    body: JSON.stringify({
+      sandboxId: config.sandboxId,
+      issuedBy: "coding-agent"
+    })
+  });
+  if (!res.ok) {
+    const errorText = await res.text().catch(() => res.statusText);
+    throw new Error(
+      `Failed to get proxy token: HTTP ${res.status} ${errorText}`
+    );
+  }
+  const data = await res.json();
+  cachedToken = {
+    token: data.token,
+    expiresAt: new Date(data.expiresAt).getTime()
+  };
+  return data.token;
+}
+var inputSchema = z.object({
+  toolUseIntent: z.string().optional().describe(
+    "Brief description of what you intend to accomplish with this tool call"
+  ),
+  connectionId: z.string().describe("ID of the Google Search Console OAuth connection to use")
+});
+var outputSchema = z.discriminatedUnion("success", [
+  z.object({
+    success: z.literal(true),
+    sites: z.array(
+      z.object({
+        siteUrl: z.string(),
+        permissionLevel: z.string()
+      })
+    )
+  }),
+  z.object({
+    success: z.literal(false),
+    error: z.string()
+  })
+]);
+var listSitesTool = new ConnectorTool({
+  name: "listSites",
+  description: "List all Google Search Console sites accessible with the OAuth credentials. Returns each site's URL (URL-prefix property like 'https://example.com/' or domain property like 'sc-domain:example.com') and the user's permission level. Use during setup to discover available sites.",
+  inputSchema,
+  outputSchema,
+  async execute({ connectionId }, connections, config) {
+    const connection2 = connections.find((c) => c.id === connectionId);
+    if (!connection2) {
+      return {
+        success: false,
+        error: `Connection ${connectionId} not found`
+      };
+    }
+    console.log(
+      `[connector-request] google-search-console-oauth/${connection2.name}: listSites`
+    );
+    try {
+      const url = `${BASE_URL2}/sites`;
+      const token = await getProxyToken(config.oauthProxy);
+      const proxyUrl = `https://${config.oauthProxy.sandboxId}.${config.oauthProxy.previewBaseDomain}/_sqcore/connections/${connectionId}/request`;
+      const controller = new AbortController();
+      const timeout = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
+      try {
+        const response = await fetch(proxyUrl, {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${token}`
+          },
+          body: JSON.stringify({
+            url,
+            method: "GET"
+          }),
+          signal: controller.signal
+        });
+        const data = await response.json();
+        if (!response.ok) {
+          const errorMessage = typeof data?.error === "string" ? data.error : typeof data?.message === "string" ? data.message : `HTTP ${response.status} ${response.statusText}`;
+          return { success: false, error: errorMessage };
+        }
+        const siteEntry = data.siteEntry ?? [];
+        return {
+          success: true,
+          sites: siteEntry.map((s) => ({
+            siteUrl: s.siteUrl ?? "",
+            permissionLevel: s.permissionLevel ?? ""
+          }))
+        };
+      } finally {
+        clearTimeout(timeout);
+      }
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      return { success: false, error: msg };
+    }
+  }
+});
+
+// ../connectors/src/connectors/google-search-console-oauth/setup.ts
+var listSitesToolName = `google-search-console-oauth_${listSitesTool.name}`;
+var googleSearchConsoleOauthOnboarding = new ConnectorOnboarding({
+  connectionSetupInstructions: {
+    ja: `\u4EE5\u4E0B\u306E\u624B\u9806\u3067Google Search Console (OAuth) \u30B3\u30CD\u30AF\u30B7\u30E7\u30F3\u306E\u30BB\u30C3\u30C8\u30A2\u30C3\u30D7\u3092\u884C\u3063\u3066\u304F\u3060\u3055\u3044\u3002
+
+1. \`${listSitesToolName}\` \u3092\u547C\u3073\u51FA\u3057\u3066\u3001OAuth\u3067\u30A2\u30AF\u30BB\u30B9\u53EF\u80FD\u306A\u30B5\u30A4\u30C8\u4E00\u89A7\u3092\u53D6\u5F97\u3059\u308B
+2. \u30B5\u30A4\u30C8\u306E\u9078\u629E:
+   - \u30B5\u30A4\u30C8\u304C **2\u4EF6\u4EE5\u4E0A**: \u300C\u4F7F\u7528\u3059\u308B\u30B5\u30A4\u30C8\u3092\u9078\u629E\u3057\u3066\u304F\u3060\u3055\u3044\u3002\u300D\u3068\u30E6\u30FC\u30B6\u30FC\u306B\u4F1D\u3048\u305F\u4E0A\u3067\u3001\`updateConnectionParameters\` \u3092\u547C\u3073\u51FA\u3059:
+     - \`parameterSlug\`: \`"site-url"\`
+     - \`options\`: \u30B5\u30A4\u30C8\u4E00\u89A7\u3002\u5404 option \u306E \`label\` \u306F \`\u30B5\u30A4\u30C8URL (\u6A29\u9650: permissionLevel)\` \u306E\u5F62\u5F0F\u3001\`value\` \u306F \`siteUrl\`
+   - \u30B5\u30A4\u30C8\u304C **1\u4EF6\u306E\u307F**: \`updateConnectionParameters\` \u3067 \`value\` \u306B\u305D\u306E\u30B5\u30A4\u30C8URL\u3092\u76F4\u63A5\u6307\u5B9A\u3057\u3066\u4FDD\u5B58\u3059\u308B
+   - \u30B5\u30A4\u30C8\u304C **0\u4EF6**: \u30BB\u30C3\u30C8\u30A2\u30C3\u30D7\u3092\u4E2D\u65AD\u3057\u3001\u30E6\u30FC\u30B6\u30FC\u306B\u30A2\u30AF\u30BB\u30B9\u53EF\u80FD\u306A\u30B5\u30A4\u30C8\u304C\u306A\u3044\u65E8\u3092\u4F1D\u3048\u308B\uFF08Search Console\u3067\u30B5\u30A4\u30C8\u3092\u6240\u6709\u78BA\u8A8D\u3057\u3066\u304B\u3089\u518D\u8A66\u884C\u3059\u308B\u3088\u3046\u6848\u5185\uFF09
+3. \u30E6\u30FC\u30B6\u30FC\u304C\u9078\u629E\u3057\u305F\u30B5\u30A4\u30C8\u306E \`label\` \u304C\u30E1\u30C3\u30BB\u30FC\u30B8\u3068\u3057\u3066\u5C4A\u304F\u306E\u3067\u3001\u6B21\u306E\u30B9\u30C6\u30C3\u30D7\u306B\u9032\u3080
+
+#### \u5236\u7D04
+- **\u30BB\u30C3\u30C8\u30A2\u30C3\u30D7\u4E2D\u306BSearch Analytics\u30C7\u30FC\u30BF\u3092\u53D6\u5F97\u3057\u306A\u3044\u3053\u3068**\u3002\u5B9F\u884C\u3057\u3066\u3088\u3044\u306E\u306F\u4E0A\u8A18\u624B\u9806\u3067\u6307\u5B9A\u3055\u308C\u305F\u30E1\u30BF\u30C7\u30FC\u30BF\u53D6\u5F97\u306E\u307F
+- \u30C4\u30FC\u30EB\u9593\u306F1\u6587\u3060\u3051\u66F8\u3044\u3066\u5373\u6B21\u306E\u30C4\u30FC\u30EB\u547C\u3073\u51FA\u3057\u3002\u4E0D\u8981\u306A\u8AAC\u660E\u306F\u7701\u7565\u3057\u3001\u52B9\u7387\u7684\u306B\u9032\u3081\u308B`,
+    en: `Follow these steps to set up the Google Search Console (OAuth) connection.
+
+1. Call \`${listSitesToolName}\` to get the list of sites accessible with the OAuth credentials
+2. Select a site:
+   - **2 or more sites**: Tell the user "Please select a site.", then call \`updateConnectionParameters\`:
+     - \`parameterSlug\`: \`"site-url"\`
+     - \`options\`: The site list. Each option's \`label\` should be \`siteUrl (permission: permissionLevel)\`, \`value\` should be the \`siteUrl\`
+   - **Only 1 site**: Call \`updateConnectionParameters\` directly with that site URL as \`value\`
+   - **0 sites**: Abort setup and inform the user that no accessible sites are available (advise them to verify ownership in Search Console and retry)
+3. The \`label\` of the user's selected site will arrive as a message. Proceed to the next step
+
+#### Constraints
+- **Do NOT fetch Search Analytics data during setup**. Only the metadata requests specified in the steps above are allowed
+- Write only 1 sentence between tool calls, then immediately call the next tool. Skip unnecessary explanations and proceed efficiently`
+  },
+  dataOverviewInstructions: {
+    en: `1. Call google-search-console-oauth_request with GET /sites/{siteUrl} to fetch metadata for the configured site
+2. Call google-search-console-oauth_request with POST /sites/{siteUrl}/searchAnalytics/query and a small body \u2014 startDate/endDate covering the last 7 days, dimensions ["date"], rowLimit 7 \u2014 to verify that performance data is available`,
+    ja: `1. google-search-console-oauth_request \u3067 GET /sites/{siteUrl} \u3092\u547C\u3073\u51FA\u3057\u3001\u8A2D\u5B9A\u3055\u308C\u305F\u30B5\u30A4\u30C8\u306E\u30E1\u30BF\u30C7\u30FC\u30BF\u3092\u53D6\u5F97
+2. google-search-console-oauth_request \u3067 POST /sites/{siteUrl}/searchAnalytics/query \u3092\u76F4\u8FD17\u65E5\u9593\u306E startDate/endDate\u3001dimensions ["date"]\u3001rowLimit 7 \u3067\u547C\u3073\u51FA\u3057\u3001\u30D1\u30D5\u30A9\u30FC\u30DE\u30F3\u30B9\u30C7\u30FC\u30BF\u306E\u53EF\u7528\u6027\u3092\u78BA\u8A8D`
+  }
+});
+
+// ../connectors/src/connectors/google-search-console-oauth/tools/request.ts
+import { z as z2 } from "zod";
+var BASE_HOST = "https://searchconsole.googleapis.com";
+var BASE_PATH_SEGMENT = "/webmasters/v3";
+var BASE_URL3 = `${BASE_HOST}${BASE_PATH_SEGMENT}`;
+var REQUEST_TIMEOUT_MS2 = 6e4;
+var cachedToken2 = null;
+async function getProxyToken2(config) {
+  if (cachedToken2 && cachedToken2.expiresAt > Date.now() + 6e4) {
+    return cachedToken2.token;
+  }
+  const url = `${config.appApiBaseUrl}/v0/database/${config.projectId}/environment/${config.environmentId}/oauth-request-proxy-token`;
+  const res = await fetch(url, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      "x-api-key": config.appApiKey,
+      "project-id": config.projectId
+    },
+    body: JSON.stringify({
+      sandboxId: config.sandboxId,
+      issuedBy: "coding-agent"
+    })
+  });
+  if (!res.ok) {
+    const errorText = await res.text().catch(() => res.statusText);
+    throw new Error(
+      `Failed to get proxy token: HTTP ${res.status} ${errorText}`
+    );
+  }
+  const data = await res.json();
+  cachedToken2 = {
+    token: data.token,
+    expiresAt: new Date(data.expiresAt).getTime()
+  };
+  return data.token;
+}
+var inputSchema2 = z2.object({
+  toolUseIntent: z2.string().optional().describe(
+    "Brief description of what you intend to accomplish with this tool call"
+  ),
+  connectionId: z2.string().describe("ID of the Google Search Console OAuth connection to use"),
+  method: z2.enum(["GET", "POST", "PUT", "DELETE"]).describe(
+    "HTTP method. Use POST for searchAnalytics queries and sitemap submission, GET for listing/inspecting resources, PUT for sitemap upsert, DELETE for sitemap removal."
+  ),
+  path: z2.string().describe(
+    "API path appended to https://searchconsole.googleapis.com/webmasters/v3 (e.g., '/sites/{siteUrl}/searchAnalytics/query'). {siteUrl} is automatically replaced with the connection's default site URL and URL-encoded."
+  ),
+  queryParams: z2.record(z2.string(), z2.string()).optional().describe("Query parameters to append to the URL"),
+  body: z2.record(z2.string(), z2.unknown()).optional().describe("Request body (JSON) for POST/PUT methods")
+});
+var outputSchema2 = z2.discriminatedUnion("success", [
+  z2.object({
+    success: z2.literal(true),
+    status: z2.number(),
+    data: z2.record(z2.string(), z2.unknown())
+  }),
+  z2.object({
+    success: z2.literal(false),
+    error: z2.string()
+  })
+]);
+var requestTool = new ConnectorTool({
+  name: "request",
+  description: `Send authenticated requests to the Google Search Console API (Webmasters v3).
+Use this tool to query Search Analytics data (clicks, impressions, CTR, position), list/inspect sitemaps, and read site metadata.
+Authentication is handled automatically via OAuth proxy.
+{siteUrl} in the path is automatically replaced with the connection's default site URL and URL-encoded.
+For URL Inspection API requests, use the absolute path '/v1/urlInspection/index:inspect' \u2014 the leading /webmasters/v3 prefix will be stripped if you accidentally include it.`,
+  inputSchema: inputSchema2,
+  outputSchema: outputSchema2,
+  async execute({ connectionId, method, path: path2, queryParams, body }, connections, config) {
+    const connection2 = connections.find((c) => c.id === connectionId);
+    if (!connection2) {
+      return {
+        success: false,
+        error: `Connection ${connectionId} not found`
+      };
+    }
+    console.log(
+      `[connector-request] google-search-console-oauth/${connection2.name}: ${method} ${path2}`
+    );
+    try {
+      const siteUrl = parameters.siteUrl.tryGetValue(connection2);
+      const resolvedPath = siteUrl ? path2.replace(/\{siteUrl\}/g, encodeURIComponent(siteUrl)) : path2;
+      const normalizedPath = normalizeRequestPath(
+        resolvedPath,
+        BASE_PATH_SEGMENT
+      );
+      let url = `${BASE_URL3}${normalizedPath}`;
+      if (queryParams) {
+        const searchParams = new URLSearchParams(queryParams);
+        url += `?${searchParams.toString()}`;
+      }
+      const token = await getProxyToken2(config.oauthProxy);
+      const proxyUrl = `https://${config.oauthProxy.sandboxId}.${config.oauthProxy.previewBaseDomain}/_sqcore/connections/${connectionId}/request`;
+      const controller = new AbortController();
+      const timeout = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS2);
+      try {
+        const response = await fetch(proxyUrl, {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${token}`
+          },
+          body: JSON.stringify({
+            url,
+            method,
+            ...body && ["POST", "PUT"].includes(method) ? {
+              headers: { "Content-Type": "application/json" },
+              body: JSON.stringify(body)
+            } : {}
+          }),
+          signal: controller.signal
+        });
+        const data = await response.json();
+        if (!response.ok) {
+          const errorMessage = typeof data?.error === "string" ? data.error : typeof data?.message === "string" ? data.message : `HTTP ${response.status} ${response.statusText}`;
+          return { success: false, error: errorMessage };
+        }
+        return { success: true, status: response.status, data };
+      } finally {
+        clearTimeout(timeout);
+      }
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      return { success: false, error: msg };
+    }
+  }
+});
+
+// ../connectors/src/connectors/google-search-console-oauth/index.ts
+var tools = {
+  request: requestTool,
+  listSites: listSitesTool
+};
+var googleSearchConsoleOauthConnector = new ConnectorPlugin({
+  slug: "google-search-console",
+  authType: AUTH_TYPES.OAUTH,
+  name: "Google Search Console",
+  description: "Connect to Google Search Console for search performance, indexing, and sitemap data using OAuth.",
+  iconUrl: "https://images.ctfassets.net/9ncizv60xc5y/3rPusKosno7i1emOCmskTp/9ed092a4dc95efb74e34e83098ef3905/google-search-console-icon.webp",
+  parameters,
+  releaseFlag: { dev1: true, dev2: false, prod: false },
+  categories: ["marketing"],
+  onboarding: googleSearchConsoleOauthOnboarding,
+  proxyPolicy: {
+    allowlist: [
+      {
+        host: "searchconsole.googleapis.com",
+        methods: ["GET", "POST", "PUT", "DELETE"]
+      }
+    ]
+  },
+  systemPrompt: {
+    en: `### Tools
+
+- \`google-search-console-oauth_request\`: Send authenticated requests to the Google Search Console API (Webmasters v3). Use it for searchAnalytics queries, sitemap inspection, and site metadata. The {siteUrl} placeholder in paths is automatically replaced and URL-encoded. Authentication is configured automatically via OAuth.
+- \`google-search-console-oauth_listSites\`: List accessible Search Console sites. Use during setup to discover available properties.
+
+### Search Console API Reference
+
+#### Available Endpoints
+- GET \`/sites\` \u2014 List sites accessible by the authenticated user
+- GET \`/sites/{siteUrl}\` \u2014 Get a single site's metadata and permission level
+- POST \`/sites/{siteUrl}/searchAnalytics/query\` \u2014 Query search performance data (clicks, impressions, CTR, position)
+- GET \`/sites/{siteUrl}/sitemaps\` \u2014 List sitemaps submitted for a site
+- GET \`/sites/{siteUrl}/sitemaps/{feedpath}\` \u2014 Get a single sitemap
+
+#### searchAnalytics/query \u2014 Body
+\`\`\`json
+{
+  "startDate": "2024-01-01",
+  "endDate": "2024-01-31",
+  "dimensions": ["query", "page"],
+  "type": "web",
+  "rowLimit": 1000,
+  "startRow": 0
+}
+\`\`\`
+
+#### Common Dimensions
+\`query\`, \`page\`, \`country\`, \`device\`, \`date\`, \`searchAppearance\`
+
+#### Common Metrics (returned automatically)
+\`clicks\`, \`impressions\`, \`ctr\`, \`position\`
+
+#### type values
+\`web\` (default), \`image\`, \`video\`, \`news\`, \`discover\`, \`googleNews\`
+
+#### siteUrl formats
+- URL-prefix property: \`https://www.example.com/\` (must include protocol and trailing slash)
+- Domain property: \`sc-domain:example.com\`
+
+In paths, use the \`{siteUrl}\` placeholder \u2014 it is automatically URL-encoded with the connection's configured site.
+
+#### Date format
+\`YYYY-MM-DD\` (Pacific time zone). Search Console data has roughly a 2-day delay; query \`endDate\` no later than 2 days before today for stable results.
+
+### Business Logic
+
+The business logic type for this connector is "typescript". Write handler code using the connector SDK shown below. Do NOT access credentials directly from environment variables and do NOT read \`INTERNAL_SQUADBASE_*\` env vars \u2014 the SDK takes care of OAuth.
+
+SDK surface (client created via \`connection(connectionId)\`):
+- \`client.request(path, init?)\` \u2014 low-level authenticated fetch (\`path\` is appended to \`https://searchconsole.googleapis.com/webmasters/v3\`; \`{siteUrl}\` placeholders are auto-replaced and URL-encoded).
+- \`client.listSites()\` \u2014 list sites accessible by the OAuth user.
+- \`client.querySearchAnalytics(request, siteUrl?)\` \u2014 query Search Analytics performance data.
+- \`client.listSitemaps(siteUrl?)\` \u2014 list sitemaps submitted for a site.
+
+If a handler test fails with \`Connection proxy is not configured\`, retry \u2014 the sandbox is still initializing. Do NOT abandon the SDK and construct OAuth proxy URLs manually.
+
+#### Example
+
+\`\`\`ts
+import { connection } from "@squadbase/vite-server/connectors/google-search-console-oauth";
+
+const gsc = connection("<connectionId>");
+
+// List all accessible sites
+const sites = await gsc.listSites();
+console.log(sites.map(s => \`\${s.siteUrl} (\${s.permissionLevel})\`));
+
+// Top queries for the last 28 days
+const { rows } = await gsc.querySearchAnalytics({
+  startDate: "2024-01-01",
+  endDate: "2024-01-28",
+  dimensions: ["query"],
+  rowLimit: 100,
+});
+rows?.forEach(r => console.log(r.keys?.[0], r.clicks, r.impressions));
+
+// List sitemaps
+const sitemaps = await gsc.listSitemaps();
+sitemaps.forEach(s => console.log(s.path, s.lastSubmitted));
+\`\`\``,
+    ja: `### \u30C4\u30FC\u30EB
+
+- \`google-search-console-oauth_request\`: Google Search Console API (Webmasters v3) \u3078\u8A8D\u8A3C\u6E08\u307F\u30EA\u30AF\u30A8\u30B9\u30C8\u3092\u9001\u4FE1\u3057\u307E\u3059\u3002searchAnalytics \u30AF\u30A8\u30EA\u3001\u30B5\u30A4\u30C8\u30DE\u30C3\u30D7\u78BA\u8A8D\u3001\u30B5\u30A4\u30C8\u30E1\u30BF\u30C7\u30FC\u30BF\u306E\u53D6\u5F97\u306B\u4F7F\u7528\u3057\u307E\u3059\u3002\u30D1\u30B9\u5185\u306E{siteUrl}\u30D7\u30EC\u30FC\u30B9\u30DB\u30EB\u30C0\u30FC\u306F\u81EA\u52D5\u7684\u306BURL\u30A8\u30F3\u30B3\u30FC\u30C9\u3055\u308C\u7F6E\u63DB\u3055\u308C\u307E\u3059\u3002OAuth\u7D4C\u7531\u3067\u8A8D\u8A3C\u306F\u81EA\u52D5\u8A2D\u5B9A\u3055\u308C\u307E\u3059\u3002
+- \`google-search-console-oauth_listSites\`: \u30A2\u30AF\u30BB\u30B9\u53EF\u80FD\u306ASearch Console\u30B5\u30A4\u30C8\u306E\u4E00\u89A7\u3092\u53D6\u5F97\u3057\u307E\u3059\u3002\u30BB\u30C3\u30C8\u30A2\u30C3\u30D7\u6642\u306B\u5229\u7528\u53EF\u80FD\u306A\u30D7\u30ED\u30D1\u30C6\u30A3\u3092\u78BA\u8A8D\u3059\u308B\u305F\u3081\u306B\u4F7F\u7528\u3057\u307E\u3059\u3002
+
+### Search Console API \u30EA\u30D5\u30A1\u30EC\u30F3\u30B9
+
+#### \u5229\u7528\u53EF\u80FD\u306A\u30A8\u30F3\u30C9\u30DD\u30A4\u30F3\u30C8
+- GET \`/sites\` \u2014 \u8A8D\u8A3C\u30E6\u30FC\u30B6\u30FC\u304C\u30A2\u30AF\u30BB\u30B9\u53EF\u80FD\u306A\u5168\u30B5\u30A4\u30C8\u306E\u4E00\u89A7
+- GET \`/sites/{siteUrl}\` \u2014 \u5358\u4E00\u30B5\u30A4\u30C8\u306E\u30E1\u30BF\u30C7\u30FC\u30BF\u3068\u6A29\u9650\u3092\u53D6\u5F97
+- POST \`/sites/{siteUrl}/searchAnalytics/query\` \u2014 \u691C\u7D22\u30D1\u30D5\u30A9\u30FC\u30DE\u30F3\u30B9\u30C7\u30FC\u30BF\uFF08clicks, impressions, CTR, position\uFF09\u306E\u53D6\u5F97
+- GET \`/sites/{siteUrl}/sitemaps\` \u2014 \u30B5\u30A4\u30C8\u306B\u63D0\u51FA\u6E08\u307F\u306E\u30B5\u30A4\u30C8\u30DE\u30C3\u30D7\u4E00\u89A7
+- GET \`/sites/{siteUrl}/sitemaps/{feedpath}\` \u2014 \u5358\u4E00\u30B5\u30A4\u30C8\u30DE\u30C3\u30D7\u306E\u53D6\u5F97
+
+#### searchAnalytics/query \u2014 Body\u4F8B
+\`\`\`json
+{
+  "startDate": "2024-01-01",
+  "endDate": "2024-01-31",
+  "dimensions": ["query", "page"],
+  "type": "web",
+  "rowLimit": 1000,
+  "startRow": 0
+}
+\`\`\`
+
+#### \u4E3B\u8981\u306A\u30C7\u30A3\u30E1\u30F3\u30B7\u30E7\u30F3
+\`query\`, \`page\`, \`country\`, \`device\`, \`date\`, \`searchAppearance\`
+
+#### \u4E3B\u8981\u306A\u30E1\u30C8\u30EA\u30AF\u30B9\uFF08\u81EA\u52D5\u7684\u306B\u8FD4\u5374\u3055\u308C\u308B\uFF09
+\`clicks\`, \`impressions\`, \`ctr\`, \`position\`
+
+#### type \u306E\u5024
+\`web\`\uFF08\u30C7\u30D5\u30A9\u30EB\u30C8\uFF09, \`image\`, \`video\`, \`news\`, \`discover\`, \`googleNews\`
+
+#### siteUrl \u306E\u5F62\u5F0F
+- URL\u30D7\u30EC\u30D5\u30A3\u30C3\u30AF\u30B9\u30D7\u30ED\u30D1\u30C6\u30A3: \`https://www.example.com/\`\uFF08\u30D7\u30ED\u30C8\u30B3\u30EB\u3068\u672B\u5C3E\u30B9\u30E9\u30C3\u30B7\u30E5\u304C\u5FC5\u9808\uFF09
+- \u30C9\u30E1\u30A4\u30F3\u30D7\u30ED\u30D1\u30C6\u30A3: \`sc-domain:example.com\`
+
+\u30D1\u30B9\u3067\u306F \`{siteUrl}\` \u30D7\u30EC\u30FC\u30B9\u30DB\u30EB\u30C0\u3092\u4F7F\u7528\u3057\u3066\u304F\u3060\u3055\u3044\u3002\u30B3\u30CD\u30AF\u30B7\u30E7\u30F3\u306B\u8A2D\u5B9A\u3055\u308C\u305F\u30B5\u30A4\u30C8\u3067\u81EA\u52D5\u7684\u306BURL\u30A8\u30F3\u30B3\u30FC\u30C9\u3055\u308C\u307E\u3059\u3002
+
+#### \u65E5\u4ED8\u5F62\u5F0F
+\`YYYY-MM-DD\`\uFF08\u592A\u5E73\u6D0B\u6642\u9593\uFF09\u3002Search Console \u306E\u30C7\u30FC\u30BF\u306F\u7D042\u65E5\u306E\u9045\u5EF6\u304C\u3042\u308B\u305F\u3081\u3001\u5B89\u5B9A\u3057\u305F\u7D50\u679C\u3092\u5F97\u308B\u306B\u306F \`endDate\` \u3092\u672C\u65E5\u306E2\u65E5\u524D\u4EE5\u524D\u306B\u3057\u3066\u304F\u3060\u3055\u3044\u3002
+
+### Business Logic
+
+\u3053\u306E\u30B3\u30CD\u30AF\u30BF\u306E\u30D3\u30B8\u30CD\u30B9\u30ED\u30B8\u30C3\u30AF\u30BF\u30A4\u30D7\u306F "typescript" \u3067\u3059\u3002\u4EE5\u4E0B\u306B\u793A\u3059\u30B3\u30CD\u30AF\u30BF SDK \u3092\u4F7F\u7528\u3057\u3066\u30CF\u30F3\u30C9\u30E9\u30B3\u30FC\u30C9\u3092\u8A18\u8FF0\u3057\u3066\u304F\u3060\u3055\u3044\u3002\u74B0\u5883\u5909\u6570\u304B\u3089\u76F4\u63A5\u8A8D\u8A3C\u60C5\u5831\u306B\u30A2\u30AF\u30BB\u30B9\u3057\u306A\u3044\u3067\u304F\u3060\u3055\u3044\u3002\`INTERNAL_SQUADBASE_*\` \u306E\u74B0\u5883\u5909\u6570\u3092\u4F7F\u3063\u3066\u624B\u52D5\u3067 OAuth \u30D7\u30ED\u30AD\u30B7\u3092\u53E9\u304F\u3053\u3068\u3082\u3057\u306A\u3044\u3067\u304F\u3060\u3055\u3044 \u2014 SDK \u304C OAuth \u3092\u51E6\u7406\u3057\u307E\u3059\u3002
+
+SDK\uFF08\`connection(connectionId)\` \u3067\u4F5C\u6210\u3057\u305F\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\uFF09:
+- \`client.request(path, init?)\` \u2014 \u4F4E\u30EC\u30D9\u30EB\u306E\u8A8D\u8A3C\u4ED8\u304D fetch\uFF08\`path\` \u306F \`https://searchconsole.googleapis.com/webmasters/v3\` \u306B\u8FFD\u52A0\u3055\u308C\u3001\`{siteUrl}\` \u30D7\u30EC\u30FC\u30B9\u30DB\u30EB\u30C0\u306F\u81EA\u52D5\u7684\u306BURL\u30A8\u30F3\u30B3\u30FC\u30C9\u3055\u308C\u7F6E\u63DB\u3055\u308C\u307E\u3059\uFF09\u3002
+- \`client.listSites()\` \u2014 OAuth \u30E6\u30FC\u30B6\u30FC\u304C\u30A2\u30AF\u30BB\u30B9\u53EF\u80FD\u306A\u30B5\u30A4\u30C8\u4E00\u89A7\u3092\u53D6\u5F97\u3002
+- \`client.querySearchAnalytics(request, siteUrl?)\` \u2014 \u691C\u7D22\u30D1\u30D5\u30A9\u30FC\u30DE\u30F3\u30B9\u30C7\u30FC\u30BF\u3092\u53D6\u5F97\u3002
+- \`client.listSitemaps(siteUrl?)\` \u2014 \u30B5\u30A4\u30C8\u306B\u63D0\u51FA\u6E08\u307F\u306E\u30B5\u30A4\u30C8\u30DE\u30C3\u30D7\u4E00\u89A7\u3092\u53D6\u5F97\u3002
+
+\u30CF\u30F3\u30C9\u30E9\u306E\u30C6\u30B9\u30C8\u304C \`Connection proxy is not configured\` \u3067\u5931\u6557\u3059\u308B\u5834\u5408\u306F\u518D\u8A66\u884C\u3057\u3066\u304F\u3060\u3055\u3044\u3002\u901A\u5E38\u306F\u30B5\u30F3\u30C9\u30DC\u30C3\u30AF\u30B9\u306E\u521D\u671F\u5316\u4E2D\u306B\u8D77\u304D\u307E\u3059\u3002SDK \u3092\u8AE6\u3081\u3066 OAuth \u30D7\u30ED\u30AD\u30B7\u306E URL \u3092\u81EA\u5206\u3067\u7D44\u307F\u7ACB\u3066\u308B\u3053\u3068\u306F **\u3057\u306A\u3044\u3067\u304F\u3060\u3055\u3044**\u3002
+
+#### Example
+
+\`\`\`ts
+import { connection } from "@squadbase/vite-server/connectors/google-search-console-oauth";
+
+const gsc = connection("<connectionId>");
+
+// List all accessible sites
+const sites = await gsc.listSites();
+console.log(sites.map(s => \`\${s.siteUrl} (\${s.permissionLevel})\`));
+
+// Top queries for the last 28 days
+const { rows } = await gsc.querySearchAnalytics({
+  startDate: "2024-01-01",
+  endDate: "2024-01-28",
+  dimensions: ["query"],
+  rowLimit: 100,
+});
+rows?.forEach(r => console.log(r.keys?.[0], r.clicks, r.impressions));
+
+// List sitemaps
+const sitemaps = await gsc.listSitemaps();
+sitemaps.forEach(s => console.log(s.path, s.lastSubmitted));
+\`\`\``
+  },
+  tools,
+  async checkConnection(params, config) {
+    const { proxyFetch } = config;
+    const siteUrl = params[parameters.siteUrl.slug];
+    const url = siteUrl ? `https://searchconsole.googleapis.com/webmasters/v3/sites/${encodeURIComponent(siteUrl)}` : `https://searchconsole.googleapis.com/webmasters/v3/sites`;
+    try {
+      const res = await proxyFetch(url, { method: "GET" });
+      if (!res.ok) {
+        const errorText = await res.text().catch(() => res.statusText);
+        return {
+          success: false,
+          error: `Google Search Console API failed: HTTP ${res.status} ${errorText}`
+        };
+      }
+      return { success: true };
+    } catch (error) {
+      return {
+        success: false,
+        error: error instanceof Error ? error.message : String(error)
+      };
+    }
+  }
+});
+
+// src/connectors/create-connector-sdk.ts
+import { readFileSync } from "fs";
+import path from "path";
+
+// src/connector-client/env.ts
+function resolveEnvVar(entry, key, connectionId) {
+  const envVarName = entry.envVars[key];
+  if (!envVarName) {
+    throw new Error(`Connection "${connectionId}" is missing envVars mapping for key "${key}"`);
+  }
+  const value = process.env[envVarName];
+  if (!value) {
+    throw new Error(`Environment variable "${envVarName}" (for connection "${connectionId}", key "${key}") is not set`);
+  }
+  return value;
+}
+function resolveEnvVarOptional(entry, key) {
+  const envVarName = entry.envVars[key];
+  if (!envVarName) return void 0;
+  return process.env[envVarName] || void 0;
+}
+
+// src/connector-client/proxy-fetch.ts
+import { getContext } from "hono/context-storage";
+import { getCookie } from "hono/cookie";
+var APP_SESSION_COOKIE_NAME = "__Host-squadbase-session";
+function normalizeHeaders(input) {
+  const out = {};
+  if (!input) return out;
+  new Headers(input).forEach((value, key) => {
+    out[key] = value;
+  });
+  return out;
+}
+function createSandboxProxyFetch(connectionId) {
+  return async (input, init) => {
+    const token = process.env.INTERNAL_SQUADBASE_OAUTH_MACHINE_CREDENTIAL;
+    const sandboxId = process.env.INTERNAL_SQUADBASE_SANDBOX_ID;
+    if (!token || !sandboxId) {
+      throw new Error(
+        "Connection proxy is not configured. Please check your deployment settings."
+      );
+    }
+    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+    const originalMethod = init?.method ?? "GET";
+    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
+    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
+    const proxyUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
+    return fetch(proxyUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${token}`
+      },
+      body: JSON.stringify({
+        url: originalUrl,
+        method: originalMethod,
+        headers: normalizeHeaders(init?.headers),
+        body: originalBody
+      })
+    });
+  };
+}
+function createDeployedAppProxyFetch(connectionId) {
+  const projectId = process.env["SQUADBASE_PROJECT_ID"];
+  if (!projectId) {
+    throw new Error(
+      "Connection proxy is not configured. Please check your deployment settings."
+    );
+  }
+  const baseDomain = process.env["SQUADBASE_APP_BASE_DOMAIN"] ?? "squadbase.app";
+  const proxyUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
+  return async (input, init) => {
+    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+    const originalMethod = init?.method ?? "GET";
+    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
+    const c = getContext();
+    const appSession = getCookie(c, APP_SESSION_COOKIE_NAME);
+    if (!appSession) {
+      throw new Error(
+        "No authentication method available for connection proxy."
+      );
+    }
+    return fetch(proxyUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${appSession}`
+      },
+      body: JSON.stringify({
+        url: originalUrl,
+        method: originalMethod,
+        headers: normalizeHeaders(init?.headers),
+        body: originalBody
+      })
+    });
+  };
+}
+function createProxyFetch(connectionId) {
+  if (process.env.INTERNAL_SQUADBASE_SANDBOX_ID) {
+    return createSandboxProxyFetch(connectionId);
+  }
+  return createDeployedAppProxyFetch(connectionId);
+}
+
+// src/connectors/create-connector-sdk.ts
+function loadConnectionsSync() {
+  const filePath = process.env.CONNECTIONS_PATH ?? path.join(process.cwd(), ".squadbase/connections.json");
+  try {
+    const raw = readFileSync(filePath, "utf-8");
+    return JSON.parse(raw);
+  } catch {
+    return {};
+  }
+}
+function createConnectorSdk(plugin, createClient2) {
+  return (connectionId) => {
+    const connections = loadConnectionsSync();
+    const entry = connections[connectionId];
+    if (!entry) {
+      throw new Error(
+        `Connection "${connectionId}" not found in .squadbase/connections.json`
+      );
+    }
+    if (entry.connector.slug !== plugin.slug) {
+      throw new Error(
+        `Connection "${connectionId}" is not a ${plugin.slug} connection (got "${entry.connector.slug}")`
+      );
+    }
+    const params = {};
+    for (const param of Object.values(plugin.parameters)) {
+      if (param.required) {
+        params[param.slug] = resolveEnvVar(entry, param.slug, connectionId);
+      } else {
+        const val = resolveEnvVarOptional(entry, param.slug);
+        if (val !== void 0) params[param.slug] = val;
+      }
+    }
+    return createClient2(params, createProxyFetch(connectionId));
+  };
+}
+
+// src/connectors/entries/google-search-console-oauth.ts
+var connection = createConnectorSdk(
+  googleSearchConsoleOauthConnector,
+  createClient
+);
+export {
+  connection
+};