@tangle-network/agent-integrations 0.30.0 → 0.32.0

package/dist/bin/tangle-catalog-runtime.js

@@ -4,16 +4,16 @@ import {
   buildTangleCatalogRuntimePackageManifest,
   renderTangleCatalogRuntimePnpmAddCommand,
   startTangleCatalogRuntimeNodeServer
-} from "../chunk-M2RFFAMB.js";
-import "../chunk-DACSERTI.js";
-import "../chunk-5ASL5XNX.js";
+} from "../chunk-DN6DNPPH.js";
+import "../chunk-JCHD6L3B.js";
+import "../chunk-CDY2ETYT.js";
 import "../chunk-H4XYLS7T.js";
-import "../chunk-FDZIQVK7.js";
+import "../chunk-S2MVWQYL.js";
 import "../chunk-VVC7U7W7.js";
 import "../chunk-376UBTNB.js";
-import "../chunk-JOILC44P.js";
+import "../chunk-F4YILONK.js";
 import "../chunk-2TW2QKGZ.js";
-import "../chunk-Y6O3MIBW.js";
+import "../chunk-Q5X3QNHR.js";
 
 // src/bin/tangle-catalog-runtime.ts
 var args = new Set(process.argv.slice(2));

package/dist/catalog.d.ts

@@ -1,5 +1,5 @@
 export { I as IntegrationCatalogView, a as IntegrationToolDefinition, b as IntegrationToolSearchFilters, c as IntegrationToolSearchResult, M as McpToolDefinition, d as buildIntegrationCatalogView, e as buildIntegrationToolCatalog, f as describeIntegrationTool, g as flattenIntegrationToolDefinition, i as integrationToolName, p as parseIntegrationToolName, s as searchIntegrationTools, t as toMcpTools } from './registry.js';
-import './tangle-id-C6s2NT2r.js';
+import './tangle-id-Dj0ipP4E.js';
 import './errors-Bg3_rxnQ.js';
 import './connect/index.js';
 import './middleware/index.js';

package/dist/catalog.js

@@ -7,16 +7,16 @@ import {
   parseIntegrationToolName,
   searchIntegrationTools,
   toMcpTools
-} from "./chunk-M2RFFAMB.js";
-import "./chunk-DACSERTI.js";
-import "./chunk-5ASL5XNX.js";
+} from "./chunk-DN6DNPPH.js";
+import "./chunk-JCHD6L3B.js";
+import "./chunk-CDY2ETYT.js";
 import "./chunk-H4XYLS7T.js";
-import "./chunk-FDZIQVK7.js";
+import "./chunk-S2MVWQYL.js";
 import "./chunk-VVC7U7W7.js";
 import "./chunk-376UBTNB.js";
-import "./chunk-JOILC44P.js";
+import "./chunk-F4YILONK.js";
 import "./chunk-2TW2QKGZ.js";
-import "./chunk-Y6O3MIBW.js";
+import "./chunk-Q5X3QNHR.js";
 export {
   buildIntegrationCatalogView,
   buildIntegrationToolCatalog,

package/dist/{chunk-5ASL5XNX.js → chunk-CDY2ETYT.js}

@@ -1,7 +1,7 @@
 import {
   TangleIdentityUnreachableError,
   createTangleIdentityClient
-} from "./chunk-Y6O3MIBW.js";
+} from "./chunk-Q5X3QNHR.js";
 
 // src/middleware/index.ts
 async function requireTangleAuth(request, opts = {}) {
@@ -126,4 +126,4 @@ export {
   honoTangleAuthMiddleware,
   expressTangleAuthMiddleware
 };
-//# sourceMappingURL=chunk-5ASL5XNX.js.map
+//# sourceMappingURL=chunk-CDY2ETYT.js.map

package/dist/{chunk-M2RFFAMB.js → chunk-DN6DNPPH.js}

@@ -205,6 +205,7 @@ import { createHmac as createHmac2, randomUUID as randomUUID5, timingSafeEqual a
 function createConnectorAdapterProvider(options) {
   const providerId = options.id ?? "first-party";
   const now = options.now ?? (() => /* @__PURE__ */ new Date());
+  const fetchImpl = options.fetchImpl ?? globalThis.fetch?.bind(globalThis);
   const adapters = /* @__PURE__ */ new Map();
   for (const adapter of options.adapters) {
     adapters.set(adapter.manifest.kind, adapter);
@@ -213,6 +214,159 @@ function createConnectorAdapterProvider(options) {
     id: providerId,
     kind: options.kind ?? "first_party",
     listConnectors: () => [...adapters.values()].map((adapter) => manifestToConnector(providerId, adapter)),
+    async startAuth(request) {
+      const adapter = adapters.get(request.connectorId);
+      if (!adapter) {
+        throw new IntegrationError(
+          `Connector adapter ${request.connectorId} not found.`,
+          "connector_not_found"
+        );
+      }
+      const auth = adapter.manifest.auth;
+      if (auth.kind !== "oauth2") {
+        throw new IntegrationError(
+          `Connector ${request.connectorId} does not support OAuth2 authorization (auth kind: ${auth.kind}).`,
+          "auth_not_supported"
+        );
+      }
+      if (!options.resolveOAuthClient) {
+        throw new IntegrationError(
+          `OAuth client resolver missing on adapter provider; cannot start auth for ${request.connectorId}.`,
+          "config_missing"
+        );
+      }
+      const client = await options.resolveOAuthClient({ connectorId: request.connectorId });
+      if (!client || !client.clientId || !client.clientSecret) {
+        throw new IntegrationError(
+          `OAuth client credentials unavailable for ${request.connectorId}.`,
+          "config_missing"
+        );
+      }
+      const scopes = request.requestedScopes && request.requestedScopes.length > 0 ? request.requestedScopes : auth.scopes;
+      const url = new URL(auth.authorizationUrl);
+      url.searchParams.set("response_type", "code");
+      url.searchParams.set("client_id", client.clientId);
+      url.searchParams.set("redirect_uri", request.redirectUri);
+      if (scopes.length > 0) {
+        url.searchParams.set("scope", scopes.join(" "));
+      }
+      const state = request.state ?? randomState();
+      url.searchParams.set("state", state);
+      if (auth.extraAuthParams) {
+        for (const [key, value] of Object.entries(auth.extraAuthParams)) {
+          url.searchParams.set(key, value);
+        }
+      }
+      return {
+        providerId,
+        connectorId: request.connectorId,
+        authUrl: url.toString(),
+        state,
+        metadata: request.metadata
+      };
+    },
+    async completeAuth(request) {
+      const adapter = adapters.get(request.connectorId);
+      if (!adapter) {
+        throw new IntegrationError(
+          `Connector adapter ${request.connectorId} not found.`,
+          "connector_not_found"
+        );
+      }
+      const auth = adapter.manifest.auth;
+      if (auth.kind !== "oauth2") {
+        throw new IntegrationError(
+          `Connector ${request.connectorId} does not support OAuth2 authorization (auth kind: ${auth.kind}).`,
+          "auth_not_supported"
+        );
+      }
+      if (!request.code) {
+        throw new IntegrationError(
+          `Authorization code missing on completeAuth for ${request.connectorId}.`,
+          "config_missing"
+        );
+      }
+      if (!options.resolveOAuthClient) {
+        throw new IntegrationError(
+          `OAuth client resolver missing on adapter provider; cannot complete auth for ${request.connectorId}.`,
+          "config_missing"
+        );
+      }
+      const client = await options.resolveOAuthClient({ connectorId: request.connectorId });
+      if (!client || !client.clientId || !client.clientSecret) {
+        throw new IntegrationError(
+          `OAuth client credentials unavailable for ${request.connectorId}.`,
+          "config_missing"
+        );
+      }
+      if (!fetchImpl) {
+        throw new IntegrationError(
+          "No fetch implementation available; inject fetchImpl into createConnectorAdapterProvider.",
+          "config_missing"
+        );
+      }
+      const body = new URLSearchParams({
+        grant_type: "authorization_code",
+        code: request.code,
+        client_id: client.clientId,
+        client_secret: client.clientSecret,
+        redirect_uri: request.redirectUri
+      });
+      let res;
+      try {
+        res = await fetchImpl(auth.tokenUrl, {
+          method: "POST",
+          headers: {
+            "content-type": "application/x-www-form-urlencoded",
+            accept: "application/json"
+          },
+          body
+        });
+      } catch (cause) {
+        throw new IntegrationError(
+          `OAuth token exchange transport error for ${request.connectorId}: ${cause?.message ?? "unknown"}`,
+          "provider_failure"
+        );
+      }
+      if (!res.ok) {
+        const text = await res.text().catch(() => "");
+        throw new IntegrationError(
+          `OAuth token exchange failed for ${request.connectorId}: ${res.status} ${res.statusText} \u2014 ${text.slice(0, 200)}`,
+          "provider_failure"
+        );
+      }
+      let json;
+      try {
+        json = await res.json();
+      } catch {
+        throw new IntegrationError(
+          `OAuth token exchange returned non-JSON body for ${request.connectorId}.`,
+          "provider_failure"
+        );
+      }
+      if (!json.access_token) {
+        throw new IntegrationError(
+          `OAuth token exchange returned no access_token for ${request.connectorId}.`,
+          "provider_failure"
+        );
+      }
+      const grantedScopes = typeof json.scope === "string" && json.scope.length > 0 ? json.scope.split(/[\s,]+/).filter(Boolean) : [];
+      const issued = now();
+      const issuedIso = issued.toISOString();
+      const expiresAt = typeof json.expires_in === "number" && json.expires_in > 0 ? new Date(issued.getTime() + json.expires_in * 1e3).toISOString() : void 0;
+      return {
+        id: randomConnectionId(),
+        owner: request.owner,
+        providerId,
+        connectorId: request.connectorId,
+        status: "active",
+        grantedScopes,
+        createdAt: issuedIso,
+        updatedAt: issuedIso,
+        expiresAt,
+        metadata: request.metadata
+      };
+    },
     async invokeAction(connection, request) {
       const adapter = adapters.get(connection.connectorId);
       if (!adapter) {
@@ -368,6 +522,25 @@ function toRecord(input) {
   if (input && typeof input === "object" && !Array.isArray(input)) return input;
   return {};
 }
+function randomState() {
+  const bytes = new Uint8Array(24);
+  globalThis.crypto.getRandomValues(bytes);
+  return base64UrlEncode(bytes);
+}
+function randomConnectionId() {
+  if (typeof globalThis.crypto?.randomUUID === "function") {
+    return `conn_${globalThis.crypto.randomUUID().replace(/-/g, "")}`;
+  }
+  const bytes = new Uint8Array(16);
+  globalThis.crypto.getRandomValues(bytes);
+  return `conn_${base64UrlEncode(bytes)}`;
+}
+function base64UrlEncode(bytes) {
+  let bin = "";
+  for (const b of bytes) bin += String.fromCharCode(b);
+  const b64 = typeof btoa === "function" ? btoa(bin) : Buffer.from(bin, "binary").toString("base64");
+  return b64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
 
 // src/credentials.ts
 var InMemoryIntegrationSecretStore = class {
@@ -3735,7 +3908,7 @@ function createHttpIntegrationProvider(options) {
   };
 }
 function signCapability(capability, secret) {
-  const payload = base64UrlEncode(JSON.stringify(capability));
+  const payload = base64UrlEncode2(JSON.stringify(capability));
   const signature = hmac(payload, secret);
   return `${payload}.${signature}`;
 }
@@ -3779,7 +3952,7 @@ function constantTimeEqual(a, b) {
   const right = Buffer.from(b);
   return left.length === right.length && timingSafeEqual2(left, right);
 }
-function base64UrlEncode(value) {
+function base64UrlEncode2(value) {
   return Buffer.from(value, "utf8").toString("base64url");
 }
 function base64UrlDecode(value) {
@@ -4632,4 +4805,4 @@ export {
   signCapability,
   verifyCapabilityToken
 };
-//# sourceMappingURL=chunk-M2RFFAMB.js.map
+//# sourceMappingURL=chunk-DN6DNPPH.js.map