@teamclaw/feishu-agent 1.0.0

package/src/core/auth-manager.ts

@@ -0,0 +1,214 @@
+import { FeishuConfig, TenantAccessTokenResponse, FeishuError } from "../types";
+
+interface UserToken {
+  accessToken: string;
+  refreshToken: string;
+  expireTime: number;
+}
+
+export class AuthManager {
+  private config: FeishuConfig;
+  private tenantToken: string | null = null;
+  private tenantExpireTime: number = 0;
+  private userToken: UserToken | null = null;
+
+  constructor(config: FeishuConfig) {
+    this.config = config;
+    // If userAccessToken is provided, use it directly (will be refreshed if expired)
+    if (config.userAccessToken) {
+      this.userToken = {
+        accessToken: config.userAccessToken,
+        refreshToken: config.refreshToken || "",
+        expireTime: Date.now() + (2 * 60 * 60 * 1000), // Default 2 hours if not expired
+      };
+    }
+  }
+
+  /**
+   * Get tenant access token (for app-level API calls)
+   */
+  async getTenantAccessToken(): Promise<string> {
+    if (this.tenantToken && Date.now() < this.tenantExpireTime) {
+      return this.tenantToken;
+    }
+
+    return this.refreshTenantToken();
+  }
+
+  /**
+   * Get user access token (for user-level API calls like calendar)
+   * Automatically refreshes if expired
+   */
+  async getUserAccessToken(): Promise<string> {
+    if (!this.userToken) {
+      throw new FeishuError("User access token not configured", 401);
+    }
+
+    // Refresh if expired (with 5 min buffer)
+    if (Date.now() >= this.userToken.expireTime - 300000) {
+      await this.refreshUserToken();
+    }
+
+    return this.userToken.accessToken;
+  }
+
+  /**
+   * Check if user has authorized (has user_access_token)
+   */
+  hasUserToken(): boolean {
+    return this.userToken !== null;
+  }
+
+  /**
+   * Get current user info from token
+   */
+  async getCurrentUser(): Promise<{ user_id: string; name: string } | null> {
+    if (!this.userToken) {
+      return null;
+    }
+
+    // Fetch user info using the access token
+    try {
+      const response = await fetch("https://open.feishu.cn/open-apis/authen/v1/user_info", {
+        headers: {
+          "Authorization": `Bearer ${this.userToken.accessToken}`,
+        },
+      });
+
+      const data = await response.json();
+      if (data.code === 0 && data.data) {
+        return {
+          user_id: data.data.user_id,
+          name: data.data.name,
+        };
+      }
+      return null;
+    } catch {
+      return null;
+    }
+  }
+
+  private async refreshTenantToken(): Promise<string> {
+    const url = `${this.config.baseUrl || "https://open.feishu.cn"}/open-apis/auth/v3/tenant_access_token/internal`;
+
+    // Add 10s timeout for auth
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), 10000);
+
+    try {
+      const response = await fetch(url, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json; charset=utf-8",
+        },
+        body: JSON.stringify({
+          app_id: this.config.appId,
+          app_secret: this.config.appSecret,
+        }),
+        signal: controller.signal,
+      });
+
+      if (!response.ok) {
+        throw new FeishuError(`Auth request failed: ${response.statusText}`, response.status);
+      }
+
+      const data = await response.json() as TenantAccessTokenResponse;
+
+      if (data.code !== 0) {
+        throw new FeishuError(`Feishu API Error: ${data.msg}`, data.code);
+      }
+
+      this.tenantToken = data.tenant_access_token;
+      // Expire time is in seconds, convert to ms. Subtract buffer (e.g., 5 mins) to be safe.
+      this.tenantExpireTime = Date.now() + (data.expire * 1000) - 300000;
+
+      return this.tenantToken;
+    } catch (error) {
+      if (error instanceof Error && error.name === 'AbortError') {
+        throw new Error("Auth token refresh timed out after 10s");
+      }
+      if (error instanceof FeishuError) {
+        throw error;
+      }
+      throw new Error(`Failed to refresh token: ${error instanceof Error ? error.message : String(error)}`);
+    } finally {
+      clearTimeout(timeoutId);
+    }
+  }
+
+  private async refreshToken(): Promise<UserToken> {
+    if (!this.userToken?.refreshToken) {
+      throw new FeishuError("Refresh token not available", 401);
+    }
+
+    const response = await fetch("https://open.feishu.cn/open-apis/authen/v1/refresh_access_token", {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json; charset=utf-8",
+      },
+      body: JSON.stringify({
+        grant_type: "refresh_token",
+        refresh_token: this.userToken.refreshToken,
+        app_id: this.config.appId,
+        app_secret: this.config.appSecret,
+      }),
+    });
+
+    const data = await response.json();
+
+    if (data.code !== 0) {
+      throw new FeishuError(`Failed to refresh user token: ${data.msg}`, data.code);
+    }
+
+    // Update user token
+    const newToken: UserToken = {
+      accessToken: data.data.access_token,
+      refreshToken: data.data.refresh_token || this.userToken.refreshToken,
+      expireTime: Date.now() + (data.data.expires_in * 1000),
+    };
+
+    this.userToken = newToken;
+
+    // Save updated token to config file
+    await this.saveUserToken(newToken);
+
+    return newToken;
+  }
+
+  private async saveUserToken(token: UserToken): Promise<void> {
+    // Try to save to local config first, then global config
+    try {
+      const { writeFile, readFile, mkdir } = await import("fs/promises");
+      const { join } = await import("path");
+      const { homedir } = await import("os");
+
+      // Try local config
+      const localConfigPath = ".feishu_agent/config.json";
+      try {
+        const content = await readFile(localConfigPath, "utf-8");
+        const config = JSON.parse(content);
+        config.userAccessToken = token.accessToken;
+        config.refreshToken = token.refreshToken;
+        await mkdir(".feishu_agent", { recursive: true });
+        await writeFile(localConfigPath, JSON.stringify(config, null, 2));
+        return;
+      } catch {
+        // Local config doesn't exist, try global config
+      }
+
+      // Global config
+      const globalConfigPath = join(homedir(), ".feishu-agent", "config.json");
+      try {
+        const content = await readFile(globalConfigPath, "utf-8");
+        const config = JSON.parse(content);
+        config.userAccessToken = token.accessToken;
+        config.refreshToken = token.refreshToken;
+        await writeFile(globalConfigPath, JSON.stringify(config, null, 2));
+      } catch {
+        // Global config doesn't exist either
+      }
+    } catch {
+      // Ignore save errors - token will still work until next restart
+    }
+  }
+}

package/src/core/calendar.ts

@@ -0,0 +1,276 @@
+import { FeishuClient } from "./client";
+import {
+  CalendarEvent,
+  ListCalendarsResponse,
+  ListEventsResponse,
+  CreateEventResponse,
+  CalendarTime,
+  CalendarAttendee,
+  CreateCalendarPayload,
+  CreateCalendarResponse,
+  FreeBusyResponse,
+} from "../types";
+
+export class CalendarManager {
+  private client: FeishuClient;
+
+  constructor(client: FeishuClient) {
+    this.client = client;
+
+    // Require user authorization for calendar operations
+    if (!client.hasUserToken()) {
+      throw new Error(
+        "User authorization required for calendar access. " +
+        "Run 'feishu-agent auth' to authorize with your Feishu account."
+      );
+    }
+  }
+
+  /**
+   * List all calendars for the authenticated user
+   * Uses user_access_token if available
+   */
+  async listCalendars(pageSize: number = 500, pageToken?: string): Promise<ListCalendarsResponse["data"]> {
+    const params: Record<string, string> = {
+      page_size: pageSize.toString(),
+    };
+    if (pageToken) params.page_token = pageToken;
+
+    // Use user token if available to get user's personal calendars
+    const res = await this.client.get<ListCalendarsResponse["data"]>(
+      "/open-apis/calendar/v4/calendars",
+      params,
+      true // useUserToken = true
+    );
+    return res;
+  }
+
+  /**
+   * Get the primary calendar for the authenticated user
+   */
+  async getPrimaryCalendar(): Promise<string> {
+    const calendars = await this.listCalendars();
+    const primary = calendars.calendar_list.find((c) => c.type === "primary");
+
+    if (primary) return primary.calendar_id;
+    throw new Error("Primary calendar not found");
+  }
+
+  /**
+   * List events for a specific calendar
+   */
+  async listEvents(
+    calendarId: string,
+    options?: {
+      pageSize?: number;
+      pageToken?: string;
+      startTime?: string;
+      endTime?: string;
+    }
+  ): Promise<ListEventsResponse["data"]> {
+    const params: Record<string, string> = {
+      page_size: (options?.pageSize || 500).toString(),
+    };
+
+    if (options?.pageToken) params.page_token = options.pageToken;
+    if (options?.startTime) params.start_time = options.startTime;
+    if (options?.endTime) params.end_time = options.endTime;
+
+    const res = await this.client.get<ListEventsResponse["data"]>(
+      `/open-apis/calendar/v4/calendars/${calendarId}/events`,
+      params,
+      true // useUserToken = true
+    );
+    return res;
+  }
+
+  /**
+   * Get attendees for a specific event
+   */
+  async getEventAttendees(calendarId: string, eventId: string): Promise<CalendarAttendee[]> {
+    const res = await this.client.get<{ items: CalendarAttendee[] }>(
+      `/open-apis/calendar/v4/calendars/${calendarId}/events/${eventId}/attendees`,
+      {},
+      true // useUserToken = true
+    );
+    return res.items || [];
+  }
+
+  /**
+   * Get details of a specific event
+   */
+  async getEvent(calendarId: string, eventId: string): Promise<CalendarEvent> {
+    const res = await this.client.get<{ event: CalendarEvent }>(
+      `/open-apis/calendar/v4/calendars/${calendarId}/events/${eventId}`,
+      { user_id_type: "union_id" },
+      true // useUserToken = true
+    );
+    return res.event;
+  }
+
+  /**
+   * List attendees of a specific event
+   */
+  async listEventAttendees(
+    calendarId: string,
+    eventId: string,
+    options?: {
+      pageSize?: number;
+      pageToken?: string;
+    }
+  ): Promise<{ items: CalendarAttendee[]; page_token: string; has_more: boolean }> {
+    const params: Record<string, string> = {
+      page_size: (options?.pageSize || 50).toString(),
+    };
+    if (options?.pageToken) params.page_token = options.pageToken;
+
+    const res = await this.client.get<{ items: CalendarAttendee[]; page_token: string; has_more: boolean }>(
+      `/open-apis/calendar/v4/calendars/${calendarId}/events/${eventId}/attendees`,
+      params,
+      true // useUserToken = true
+    );
+    return res;
+  }
+
+  /**
+   * Create a new event
+   */
+  async createEvent(
+    calendarId: string,
+    event: {
+      summary: string;
+      description?: string;
+      startTime: CalendarTime;
+      endTime: CalendarTime;
+      attendeeUserIds?: string[];
+    }
+  ): Promise<CalendarEvent> {
+    // Step 1: Create the event
+    const body: Record<string, any> = {
+      summary: event.summary,
+      description: event.description,
+      start_time: event.startTime,
+      end_time: event.endTime,
+    };
+
+    const res = await this.client.post<CreateEventResponse["data"]>(
+      `/open-apis/calendar/v4/calendars/${calendarId}/events`,
+      body,
+      { user_id_type: "union_id" },
+      true
+    );
+
+    const createdEvent = res.event;
+
+    // Step 2: Add attendees if specified
+    if (event.attendeeUserIds && event.attendeeUserIds.length > 0) {
+      await this.client.post(
+        `/open-apis/calendar/v4/calendars/${calendarId}/events/${createdEvent.event_id}/attendees`,
+        { attendees: event.attendeeUserIds.map(id => ({ type: "user", user_id: id })) },
+        { user_id_type: "union_id" },
+        true
+      );
+    }
+
+    return createdEvent;
+  }
+
+  /**
+   * Delete an event
+   */
+  async deleteEvent(calendarId: string, eventId: string): Promise<void> {
+    await this.client.request(
+      `/open-apis/calendar/v4/calendars/${calendarId}/events/${eventId}`,
+      { method: "DELETE" },
+      true // useUserToken = true
+    );
+  }
+
+  /**
+   * Create a secondary calendar
+   */
+  async createCalendar(payload: CreateCalendarPayload): Promise<string> {
+    const res = await this.client.post<CreateCalendarResponse["data"]>(
+      "/open-apis/calendar/v4/calendars",
+      payload,
+      undefined,
+      true // useUserToken = true
+    );
+    return res.calendar.calendar_id;
+  }
+
+  /**
+   * Get free/busy information for a user
+   */
+  async getUserFreeBusy(userId: string, timeMin: string, timeMax: string): Promise<FreeBusyResponse["data"]> {
+    const body = {
+      time_min: timeMin,
+      time_max: timeMax,
+      user_id: userId
+    };
+
+    // Assume union_id (starts with on_) or user_id, default to union_id
+    let userIdType = "union_id";
+    if (userId.startsWith("on_")) userIdType = "union_id";
+
+    const res = await this.client.post<FreeBusyResponse["data"]>(
+      "/open-apis/calendar/v4/freebusy/list",
+      body,
+      { user_id_type: userIdType },
+      true // useUserToken = true
+    );
+    return res;
+  }
+
+  /**
+   * Update an event
+   */
+  async updateEvent(
+    calendarId: string,
+    eventId: string,
+    updates: {
+      summary?: string;
+      description?: string;
+      startTime?: CalendarTime;
+      endTime?: CalendarTime;
+      attendees?: CalendarAttendee[];
+    }
+  ): Promise<CalendarEvent> {
+    const body: Record<string, any> = {};
+    if (updates.summary !== undefined) body.summary = updates.summary;
+    if (updates.description !== undefined) body.description = updates.description;
+    if (updates.startTime !== undefined) body.start_time = updates.startTime;
+    if (updates.endTime !== undefined) body.end_time = updates.endTime;
+    if (updates.attendees !== undefined) body.attendees = updates.attendees;
+
+    const res = await this.client.post<CreateEventResponse["data"]>(
+      `/open-apis/calendar/v4/calendars/${calendarId}/events/${eventId}`,
+      body,
+      undefined,
+      true // useUserToken = true
+    );
+    return res.event;
+  }
+
+  /**
+   * Share a calendar with a user
+   */
+  async shareCalendarWithUser(
+    calendarId: string,
+    userId: string,
+    role: "reader" | "writer" | "free_busy_reader" = "reader"
+  ): Promise<void> {
+    throw new Error(
+      "Calendar sharing requires user authorization. " +
+      "Please share the calendar manually in Feishu app."
+    );
+  }
+
+  /**
+   * Get calendar share link
+   */
+  getCalendarShareLink(calendarId: string): string {
+    return `https://applink.feishu.cn/client/calendar/?calendarId=${encodeURIComponent(calendarId)}`;
+  }
+
+}

package/src/core/client.ts

@@ -0,0 +1,100 @@
+import { AuthManager } from "./auth-manager";
+import { FeishuConfig, FeishuError } from "../types";
+
+export class FeishuClient {
+  private authManager: AuthManager;
+  private baseUrl: string;
+
+  constructor(config: FeishuConfig) {
+    this.authManager = new AuthManager(config);
+    this.baseUrl = config.baseUrl || "https://open.feishu.cn";
+  }
+
+  /**
+   * Check if user has authorized (has user_access_token)
+   */
+  hasUserToken(): boolean {
+    return this.authManager.hasUserToken();
+  }
+
+  /**
+   * Get current user info
+   */
+  async getCurrentUser(): Promise<{ user_id: string; name: string } | null> {
+    return this.authManager.getCurrentUser();
+  }
+
+  private async request<T>(path: string, options: RequestInit = {}, useUserToken = false): Promise<T> {
+    // Use user_access_token for user-level APIs (calendar, etc.)
+    const token = useUserToken
+      ? await this.authManager.getUserAccessToken()
+      : await this.authManager.getTenantAccessToken();
+    const url = `${this.baseUrl}${path}`;
+
+    const headers = {
+      "Authorization": `Bearer ${token}`,
+      "Content-Type": "application/json; charset=utf-8",
+      ...options.headers,
+    };
+
+    // Add 30s timeout
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), 30000);
+
+    try {
+      const response = await fetch(url, {
+        ...options,
+        headers,
+        signal: controller.signal,
+      });
+
+      if (!response.ok) {
+        try {
+          const errorData = await response.json();
+          // Try to extract permission info if it exists
+          let errorMsg = `Request failed: ${response.statusText}`;
+          if (errorData.code) {
+             errorMsg = `Feishu API Error: ${errorData.msg} (Code: ${errorData.code})`;
+          } else if (errorData.error && errorData.error.message) {
+             errorMsg = `Feishu API Error: ${errorData.error.message}`;
+          }
+
+          throw new FeishuError(errorMsg, errorData.code || response.status, errorData);
+        } catch (e) {
+          if (e instanceof FeishuError) throw e;
+          // If JSON parsing fails, fall back to status text
+          throw new FeishuError(`Request failed: ${response.statusText}`, response.status);
+        }
+      }
+
+      const data = await response.json();
+
+      if (data.code !== 0) {
+        throw new FeishuError(`Feishu API Error: ${data.msg}`, data.code, data);
+      }
+
+      return data.data as T;
+    } catch (error) {
+      if (error instanceof Error && error.name === 'AbortError') {
+        throw new Error(`Request timed out after 30s: ${path}`);
+      }
+      throw error;
+    } finally {
+      clearTimeout(timeoutId);
+    }
+  }
+
+  async get<T>(path: string, params?: Record<string, string>, useUserToken = false): Promise<T> {
+    const queryString = params ? "?" + new URLSearchParams(params).toString() : "";
+    return this.request<T>(`${path}${queryString}`, { method: "GET" }, useUserToken);
+  }
+
+  async post<T>(path: string, body: any, params?: Record<string, string>, useUserToken = false): Promise<T> {
+    const queryString = params ? "?" + new URLSearchParams(params).toString() : "";
+    return this.request<T>(`${path}${queryString}`, {
+      method: "POST",
+      body: JSON.stringify(body),
+    }, useUserToken);
+  }
+
+}