@vellumai/assistant 0.4.45 → 0.4.48

package/src/watcher/providers/gmail.ts

@@ -9,9 +9,11 @@
 import {
   batchGetMessages,
   getProfile,
+  listMessages,
 } from "../../messaging/providers/gmail/client.js";
 import type { GmailMessage } from "../../messaging/providers/gmail/types.js";
-import { withValidToken } from "../../security/token-manager.js";
+import type { OAuthConnection } from "../../oauth/connection.js";
+import { resolveOAuthConnection } from "../../oauth/connection-resolver.js";
 import { getLogger } from "../../util/logger.js";
 import type {
   FetchResult,
@@ -21,8 +23,6 @@ import type {
 
 const log = getLogger("watcher:gmail");
 
-const GMAIL_API_BASE = "https://gmail.googleapis.com/gmail/v1/users/me";
-
 /** Gmail History API response types */
 interface HistoryMessage {
   id: string;
@@ -71,29 +71,38 @@ function messageToItem(msg: GmailMessage): WatcherItem {
 }
 
 async function fetchHistory(
-  token: string,
+  connection: OAuthConnection,
   startHistoryId: string,
 ): Promise<HistoryListResponse> {
-  const params = new URLSearchParams({
+  const query: Record<string, string> = {
     startHistoryId,
     historyTypes: "messageAdded",
     maxResults: "100",
-  });
-  const url = `${GMAIL_API_BASE}/history?${params}`;
-  const resp = await fetch(url, {
-    headers: { Authorization: `Bearer ${token}` },
+  };
+
+  const resp = await connection.request({
+    method: "GET",
+    path: "/history",
+    query,
   });
 
-  if (!resp.ok) {
-    const body = await resp.text().catch(() => "");
-    if (resp.status === 404) {
-      // historyId expired — caller handles fallback
-      throw new HistoryExpiredError(body);
-    }
+  if (resp.status === 404) {
+    const body =
+      typeof resp.body === "string"
+        ? resp.body
+        : JSON.stringify(resp.body ?? "");
+    throw new HistoryExpiredError(body);
+  }
+
+  if (resp.status < 200 || resp.status >= 300) {
+    const body =
+      typeof resp.body === "string"
+        ? resp.body
+        : JSON.stringify(resp.body ?? "");
     throw new Error(`Gmail History API ${resp.status}: ${body}`);
   }
 
-  return resp.json() as Promise<HistoryListResponse>;
+  return resp.body as HistoryListResponse;
 }
 
 class HistoryExpiredError extends Error {
@@ -109,13 +118,12 @@ export const gmailProvider: WatcherProvider = {
   requiredCredentialService: "integration:gmail",
 
   async getInitialWatermark(credentialService: string): Promise<string> {
-    return withValidToken(credentialService, async (token) => {
-      const profile = await getProfile(token);
-      if (!profile.historyId) {
-        throw new Error("Gmail profile did not return a historyId");
-      }
-      return profile.historyId;
-    });
+    const connection = resolveOAuthConnection(credentialService);
+    const profile = await getProfile(connection);
+    if (!profile.historyId) {
+      throw new Error("Gmail profile did not return a historyId");
+    }
+    return profile.historyId;
   },
 
   async fetchNew(
@@ -124,76 +132,76 @@ export const gmailProvider: WatcherProvider = {
     _config: Record<string, unknown>,
     _watcherKey: string,
   ): Promise<FetchResult> {
-    return withValidToken(credentialService, async (token) => {
-      if (!watermark) {
-        // No watermark — get initial position, return no items
-        const profile = await getProfile(token);
-        return { items: [], watermark: profile.historyId ?? "0" };
-      }
+    const connection = resolveOAuthConnection(credentialService);
 
-      try {
-        const historyResp = await fetchHistory(token, watermark);
-        const newWatermark = historyResp.historyId ?? watermark;
+    if (!watermark) {
+      // No watermark — get initial position, return no items
+      const profile = await getProfile(connection);
+      return { items: [], watermark: profile.historyId ?? "0" };
+    }
 
-        if (!historyResp.history || historyResp.history.length === 0) {
-          return { items: [], watermark: newWatermark };
-        }
+    try {
+      const historyResp = await fetchHistory(connection, watermark);
+      const newWatermark = historyResp.historyId ?? watermark;
 
-        // Collect unique new message IDs
-        const messageIds = new Set<string>();
-        for (const record of historyResp.history) {
-          if (record.messagesAdded) {
-            for (const added of record.messagesAdded) {
-              messageIds.add(added.message.id);
-            }
-          }
-        }
+      if (!historyResp.history || historyResp.history.length === 0) {
+        return { items: [], watermark: newWatermark };
+      }
 
-        if (messageIds.size === 0) {
-          return { items: [], watermark: newWatermark };
+      // Collect unique new message IDs
+      const messageIds = new Set<string>();
+      for (const record of historyResp.history) {
+        if (record.messagesAdded) {
+          for (const added of record.messagesAdded) {
+            messageIds.add(added.message.id);
+          }
         }
+      }
 
-        // Fetch metadata for new messages
-        const messages = await batchGetMessages(
-          token,
-          Array.from(messageIds),
-          "metadata",
-          ["From", "Subject", "Date"],
-        );
-
-        // Only include INBOX messages (skip sent, drafts, etc.)
-        const inboxMessages = messages.filter((m) =>
-          m.labelIds?.includes("INBOX"),
-        );
+      if (messageIds.size === 0) {
+        return { items: [], watermark: newWatermark };
+      }
 
-        const items = inboxMessages.map(messageToItem);
-        log.info(
-          { count: items.length, watermark: newWatermark },
-          "Gmail: fetched new messages",
+      // Fetch metadata for new messages
+      const messages = await batchGetMessages(
+        connection,
+        Array.from(messageIds),
+        "metadata",
+        ["From", "Subject", "Date"],
+      );
+
+      // Only include INBOX messages (skip sent, drafts, etc.)
+      const inboxMessages = messages.filter((m) =>
+        m.labelIds?.includes("INBOX"),
+      );
+
+      const items = inboxMessages.map(messageToItem);
+      log.info(
+        { count: items.length, watermark: newWatermark },
+        "Gmail: fetched new messages",
+      );
+
+      return { items, watermark: newWatermark };
+    } catch (err) {
+      if (err instanceof HistoryExpiredError) {
+        log.warn(
+          "Gmail historyId expired, falling back to recent unread messages",
         );
-
-        return { items, watermark: newWatermark };
-      } catch (err) {
-        if (err instanceof HistoryExpiredError) {
-          log.warn(
-            "Gmail historyId expired, falling back to recent unread messages",
-          );
-          return fallbackFetch(token);
-        }
-        throw err;
+        return fallbackFetch(connection);
       }
-    });
+      throw err;
+    }
   },
 };
 
 /**
  * Fallback when historyId expires: list recent unread inbox messages.
  */
-async function fallbackFetch(token: string): Promise<FetchResult> {
-  const { listMessages } =
-    await import("../../messaging/providers/gmail/client.js");
+async function fallbackFetch(
+  connection: OAuthConnection,
+): Promise<FetchResult> {
   const listResp = await listMessages(
-    token,
+    connection,
     "is:unread newer_than:1d",
     20,
     undefined,
@@ -201,12 +209,12 @@ async function fallbackFetch(token: string): Promise<FetchResult> {
   );
 
   if (!listResp.messages || listResp.messages.length === 0) {
-    const profile = await getProfile(token);
+    const profile = await getProfile(connection);
     return { items: [], watermark: profile.historyId ?? "0" };
   }
 
   const messages = await batchGetMessages(
-    token,
+    connection,
     listResp.messages.map((m) => m.id),
     "metadata",
     ["From", "Subject", "Date"],
@@ -215,6 +223,6 @@ async function fallbackFetch(token: string): Promise<FetchResult> {
   const items = messages.map(messageToItem);
 
   // Get fresh historyId for the new watermark
-  const profile = await getProfile(token);
+  const profile = await getProfile(connection);
   return { items, watermark: profile.historyId ?? "0" };
 }

package/src/watcher/providers/google-calendar.ts

@@ -11,7 +11,9 @@ import {
   listEvents,
 } from "../../config/bundled-skills/google-calendar/calendar-client.js";
 import type { CalendarEvent } from "../../config/bundled-skills/google-calendar/types.js";
-import { withValidToken } from "../../security/token-manager.js";
+import type { OAuthConnection } from "../../oauth/connection.js";
+import { resolveOAuthConnection } from "../../oauth/connection-resolver.js";
+import { GOOGLE_CALENDAR_BASE_URL } from "../../oauth/provider-base-urls.js";
 import { getLogger } from "../../util/logger.js";
 import type {
   FetchResult,
@@ -21,8 +23,6 @@ import type {
 
 const log = getLogger("watcher:google-calendar");
 
-const CALENDAR_API_BASE = "https://www.googleapis.com/calendar/v3";
-
 /** The credential service — calendar shares OAuth tokens with Gmail. */
 const CREDENTIAL_SERVICE = "integration:gmail";
 
@@ -69,7 +69,7 @@ interface SyncResponse {
  * Returns all accumulated events and the final nextSyncToken.
  */
 async function incrementalSync(
-  token: string,
+  connection: OAuthConnection,
   syncToken: string,
 ): Promise<SyncResponse> {
   let allItems: CalendarEvent[] = [];
@@ -77,27 +77,32 @@ async function incrementalSync(
   let nextSyncToken: string | undefined;
 
   do {
-    const params = new URLSearchParams({ syncToken });
-    if (pageToken) params.set("pageToken", pageToken);
-    const url = `${CALENDAR_API_BASE}/calendars/primary/events?${params}`;
-    const resp = await fetch(url, {
-      headers: { Authorization: `Bearer ${token}` },
+    const query: Record<string, string> = { syncToken };
+    if (pageToken) query.pageToken = pageToken;
+
+    const resp = await connection.request({
+      method: "GET",
+      path: "/calendars/primary/events",
+      query,
+      baseUrl: GOOGLE_CALENDAR_BASE_URL,
     });
 
-    if (!resp.ok) {
-      const body = await resp.text().catch(() => "");
+    if (resp.status < 200 || resp.status >= 300) {
+      const bodyStr =
+        typeof resp.body === "string"
+          ? resp.body
+          : JSON.stringify(resp.body ?? "");
       if (resp.status === 410) {
-        throw new SyncTokenExpiredError(body);
+        throw new SyncTokenExpiredError(bodyStr);
       }
-      // Throw CalendarApiError so withValidToken can detect 401s via the status property
       throw new CalendarApiError(
         resp.status,
-        resp.statusText,
-        `Calendar Sync API ${resp.status}: ${body}`,
+        "",
+        `Calendar Sync API ${resp.status}: ${bodyStr}`,
       );
     }
 
-    const page = (await resp.json()) as SyncResponse;
+    const page = resp.body as SyncResponse;
     if (page.items) allItems = allItems.concat(page.items);
     pageToken = page.nextPageToken;
     nextSyncToken = page.nextSyncToken;
@@ -119,16 +124,48 @@ export const googleCalendarProvider: WatcherProvider = {
   requiredCredentialService: CREDENTIAL_SERVICE,
 
   async getInitialWatermark(credentialService: string): Promise<string> {
-    return withValidToken(credentialService, async (token) => {
-      // Do a full sync with a narrow window to get the initial syncToken.
-      // The API may paginate even for small result sets, so follow nextPageToken
-      // until we reach the final page that carries the nextSyncToken.
+    const connection = resolveOAuthConnection(credentialService);
+
+    // Do a full sync with a narrow window to get the initial syncToken.
+    // The API may paginate even for small result sets, so follow nextPageToken
+    // until we reach the final page that carries the nextSyncToken.
+    const now = new Date().toISOString();
+    let pageToken: string | undefined;
+    let syncToken: string | undefined;
+
+    do {
+      const result = await listEvents(connection, "primary", {
+        timeMin: now,
+        maxResults: 250,
+        singleEvents: true,
+        pageToken,
+      });
+      syncToken = result.nextSyncToken;
+      pageToken = result.nextPageToken;
+    } while (pageToken && !syncToken);
+
+    if (!syncToken) {
+      throw new Error("Calendar API did not return a syncToken");
+    }
+    return syncToken;
+  },
+
+  async fetchNew(
+    credentialService: string,
+    watermark: string | null,
+    _config: Record<string, unknown>,
+    _watcherKey: string,
+  ): Promise<FetchResult> {
+    const connection = resolveOAuthConnection(credentialService);
+
+    if (!watermark) {
+      // No watermark — paginate through to get the initial syncToken, return no items
       const now = new Date().toISOString();
       let pageToken: string | undefined;
       let syncToken: string | undefined;
 
       do {
-        const result = await listEvents(token, "primary", {
+        const result = await listEvents(connection, "primary", {
           timeMin: now,
           maxResults: 250,
           singleEvents: true,
@@ -138,82 +175,52 @@ export const googleCalendarProvider: WatcherProvider = {
         pageToken = result.nextPageToken;
       } while (pageToken && !syncToken);
 
-      if (!syncToken) {
-        throw new Error("Calendar API did not return a syncToken");
+      return { items: [], watermark: syncToken ?? "" };
+    }
+
+    try {
+      const syncResp = await incrementalSync(connection, watermark);
+      const newWatermark = syncResp.nextSyncToken ?? watermark;
+
+      if (!syncResp.items || syncResp.items.length === 0) {
+        return { items: [], watermark: newWatermark };
       }
-      return syncToken;
-    });
-  },
 
-  async fetchNew(
-    credentialService: string,
-    watermark: string | null,
-    _config: Record<string, unknown>,
-    _watcherKey: string,
-  ): Promise<FetchResult> {
-    return withValidToken(credentialService, async (token) => {
-      if (!watermark) {
-        // No watermark — paginate through to get the initial syncToken, return no items
-        const now = new Date().toISOString();
-        let pageToken: string | undefined;
-        let syncToken: string | undefined;
-
-        do {
-          const result = await listEvents(token, "primary", {
-            timeMin: now,
-            maxResults: 250,
-            singleEvents: true,
-            pageToken,
-          });
-          syncToken = result.nextSyncToken;
-          pageToken = result.nextPageToken;
-        } while (pageToken && !syncToken);
-
-        return { items: [], watermark: syncToken ?? "" };
+      // Convert events to watcher items, distinguishing new vs updated
+      const items: WatcherItem[] = [];
+      for (const event of syncResp.items) {
+        if (event.status === "cancelled") continue;
+
+        const eventType =
+          event.created === event.updated
+            ? "new_calendar_event"
+            : "updated_calendar_event";
+        items.push(eventToItem(event, eventType));
       }
 
-      try {
-        const syncResp = await incrementalSync(token, watermark);
-        const newWatermark = syncResp.nextSyncToken ?? watermark;
-
-        if (!syncResp.items || syncResp.items.length === 0) {
-          return { items: [], watermark: newWatermark };
-        }
-
-        // Convert events to watcher items, distinguishing new vs updated
-        const items: WatcherItem[] = [];
-        for (const event of syncResp.items) {
-          if (event.status === "cancelled") continue;
-
-          const eventType =
-            event.created === event.updated
-              ? "new_calendar_event"
-              : "updated_calendar_event";
-          items.push(eventToItem(event, eventType));
-        }
-
-        log.info(
-          { count: items.length, watermark: newWatermark },
-          "Calendar: fetched event changes",
-        );
-        return { items, watermark: newWatermark };
-      } catch (err) {
-        if (err instanceof SyncTokenExpiredError) {
-          log.warn("Calendar syncToken expired, falling back to recent events");
-          return fallbackFetch(token);
-        }
-        throw err;
+      log.info(
+        { count: items.length, watermark: newWatermark },
+        "Calendar: fetched event changes",
+      );
+      return { items, watermark: newWatermark };
+    } catch (err) {
+      if (err instanceof SyncTokenExpiredError) {
+        log.warn("Calendar syncToken expired, falling back to recent events");
+        return fallbackFetch(connection);
       }
-    });
+      throw err;
+    }
   },
 };
 
 /**
  * Fallback when syncToken expires: list upcoming events from today.
  */
-async function fallbackFetch(token: string): Promise<FetchResult> {
+async function fallbackFetch(
+  connection: OAuthConnection,
+): Promise<FetchResult> {
   const now = new Date().toISOString();
-  const result = await listEvents(token, "primary", {
+  const result = await listEvents(connection, "primary", {
     timeMin: now,
     maxResults: 25,
     singleEvents: true,
@@ -229,7 +236,7 @@ async function fallbackFetch(token: string): Promise<FetchResult> {
   let syncToken: string | undefined;
 
   do {
-    const syncResult = await listEvents(token, "primary", {
+    const syncResult = await listEvents(connection, "primary", {
       timeMin: now,
       maxResults: 250,
       singleEvents: true,