@vellumai/assistant 0.7.1 → 0.7.3

package/src/messaging/providers/slack/types.ts

@@ -76,11 +76,6 @@ export interface SlackUser {
   deleted?: boolean;
 }
 
-export interface SlackUsersListResponse extends SlackApiResponse {
-  members: SlackUser[];
-  response_metadata?: { next_cursor?: string };
-}
-
 export interface SlackUserInfoResponse extends SlackApiResponse {
   user: SlackUser;
 }
@@ -110,35 +105,8 @@ export interface SlackSearchMatch {
   thread_ts?: string;
 }
 
-export interface SlackConversationInfoResponse extends SlackApiResponse {
-  channel: SlackConversation;
-}
-
 export interface SlackConversationsOpenResponse extends SlackApiResponse {
   channel: { id: string };
 }
 
-export type SlackReactionAddResponse = SlackApiResponse;
-
-export type SlackConversationJoinResponse = SlackApiResponse & {
-  channel?: SlackConversation;
-};
-
-export type SlackConversationLeaveResponse = SlackApiResponse;
-
-export interface SlackChatDeleteResponse extends SlackApiResponse {
-  channel: string;
-  ts: string;
-}
-
-export interface SlackChatUpdateResponse extends SlackApiResponse {
-  channel: string;
-  ts: string;
-  text: string;
-}
-
 export type SlackConversationMarkResponse = SlackApiResponse;
-
-export interface SlackPostEphemeralResponse extends SlackApiResponse {
-  message_ts: string;
-}

package/src/notifications/README.md

@@ -133,7 +133,7 @@ The system produces **three distinct copy outputs** per notification:
 
 | Output                    | Purpose                                          | Verbosity                |
 | ------------------------- | ------------------------------------------------ | ------------------------ |
-| `title` + `body`          | Native notification popup (macOS/iOS banner)     | Short and glanceable     |
+| `title` + `body`          | Native notification popup (macOS banner)         | Short and glanceable     |
 | `deliveryText`            | Channel-native chat message text (Telegram)      | Natural chat phrasing    |
 | Conversation seed message | Opening message in the notification conversation | Richer and context-aware |
 
@@ -185,7 +185,7 @@ Reminder. Take out the trash. Action required.
 
 ## Conversation Surfacing via `notification_conversation_created` Event (Creation-Only)
 
-The `notification_conversation_created` SSE event is emitted **only when a brand-new conversation is actually created** by the broadcaster. Reused conversations do not trigger this event — the macOS/iOS client already knows about the conversation from the original creation.
+The `notification_conversation_created` SSE event is emitted **only when a brand-new conversation is actually created** by the broadcaster. Reused conversations do not trigger this event — the macOS client already knows about the conversation from the original creation.
 
 This is enforced in `broadcaster.ts` by gating the event emission on `pairing.createdNewConversation === true`:
 
@@ -214,7 +214,7 @@ The SSE event payload:
 }
 ```
 
-The macOS/iOS client listens for this event and surfaces the conversation in the sidebar, enabling deep-link navigation to the notification conversation.
+The macOS client listens for this event and surfaces the conversation in the sidebar, enabling deep-link navigation to the notification conversation.
 
 ### Per-Dispatch Conversation Callback
 
@@ -223,7 +223,7 @@ The macOS/iOS client listens for this event and surfaces the conversation in the
 **Important distinction between the two callbacks:**
 
 - **Per-dispatch `options.onConversationCreated`**: Fires for **both** new and reused vellum conversation pairings. Callers like `dispatchGuardianQuestion` rely on this to create delivery bookkeeping rows before `emitNotificationSignal()` returns, regardless of whether the conversation was newly created or reused.
-- **Class-level `this.onConversationCreated` (SSE broadcast)**: Fires **only** when a brand-new conversation is created (`createdNewConversation === true && strategy === 'start_new_conversation'`). This emits the `notification_conversation_created` SSE event so macOS/iOS clients surface the new conversation in the sidebar. Reused conversations do not trigger this event because the client already knows about the conversation.
+- **Class-level `this.onConversationCreated` (SSE broadcast)**: Fires **only** when a brand-new conversation is created (`createdNewConversation === true && strategy === 'start_new_conversation'`). This emits the `notification_conversation_created` SSE event so macOS clients surface the new conversation in the sidebar. Reused conversations do not trigger this event because the client already knows about the conversation.
 
 ## Schedule Routing Metadata and Trigger-Time Enforcement
 
@@ -295,7 +295,7 @@ Local SSE via the daemon's broadcast mechanism. The `VellumAdapter` emits a `not
 - `title` and `body` -- rendered notification copy
 - `deepLinkMetadata` -- optional metadata for navigating to the relevant context (e.g. `{ conversationId }`)
 
-The macOS/iOS client posts a native `UNUserNotificationCenter` notification from this payload. When the user taps the notification, the client uses `deepLinkMetadata` to navigate to the relevant conversation.
+The macOS client posts a native `UNUserNotificationCenter` notification from this payload. When the user taps the notification, the client uses `deepLinkMetadata` to navigate to the relevant conversation.
 
 ### Telegram (when guardian binding exists)
 
@@ -480,7 +480,7 @@ Three SQLite tables form the audit chain:
 
 ### Client Delivery Ack
 
-For vellum (macOS/iOS) deliveries, the audit trail now extends past the SSE broadcast to the actual OS notification post. The `notification_intent` message carries an optional `deliveryId` that the client echoes back in a `notification_intent_result` ack after `UNUserNotificationCenter.add()` completes (or fails).
+For vellum (macOS) deliveries, the audit trail now extends past the SSE broadcast to the actual OS notification post. The `notification_intent` message carries an optional `deliveryId` that the client echoes back in a `notification_intent_result` ack after `UNUserNotificationCenter.add()` completes (or fails).
 
 The ack populates three columns on `notification_deliveries`:
 
@@ -541,10 +541,10 @@ Preferences are sanitized against prompt injection (angle brackets replaced with
 The decision engine and preference extractor pick their per-call LLM config
 from the unified `llm` block. Override defaults by setting either of:
 
-| Key                                  | Type    | Default        | Description                                                                 |
-| ------------------------------------ | ------- | -------------- | --------------------------------------------------------------------------- |
-| `llm.callSites.notificationDecision` | object  | _(unset)_      | Provider/model/effort/etc. override for the decision engine call site       |
-| `llm.callSites.preferenceExtraction` | object  | _(unset)_      | Provider/model/effort/etc. override for the preference extractor call site  |
+| Key                                  | Type   | Default   | Description                                                                |
+| ------------------------------------ | ------ | --------- | -------------------------------------------------------------------------- |
+| `llm.callSites.notificationDecision` | object | _(unset)_ | Provider/model/effort/etc. override for the decision engine call site      |
+| `llm.callSites.preferenceExtraction` | object | _(unset)_ | Provider/model/effort/etc. override for the preference extractor call site |
 
 When a call site override is unset, the resolver falls back to `llm.default`.
 

package/src/notifications/broadcaster.ts

@@ -211,7 +211,7 @@ export class NotificationBroadcaster {
       );
 
       // For the vellum channel, merge the conversationId into deep-link metadata
-      // so the macOS/iOS client can navigate directly to the notification conversation.
+      // so the macOS client can navigate directly to the notification conversation.
       let deepLinkTarget = decision.deepLinkTarget;
       if (channel === "vellum" && pairing.conversationId) {
         deepLinkTarget = {

package/src/notifications/copy-composer.ts

@@ -505,6 +505,19 @@ const TEMPLATES: Partial<Record<NotificationSourceEventName, CopyTemplate>> = {
     body: str(payload.body, "A watcher event requires your attention"),
   }),
 
+  "heartbeat.alert": (payload) => {
+    const body = str(
+      payload.summary,
+      str(payload.body, "Your assistant found something worth your attention."),
+    );
+    return {
+      title: str(payload.title, "Heartbeat Alert"),
+      body,
+      conversationTitle: str(payload.conversationTitle, "Heartbeat"),
+      conversationSeedMessage: body,
+    };
+  },
+
   "tool_confirmation.required_action": (payload) => ({
     title: "Tool Confirmation",
     body: str(payload.toolName, "A tool") + " requires your confirmation",

package/src/notifications/guardian-question-mode.ts

@@ -6,12 +6,12 @@
  * fields like `toolName`.
  */
 
-export type GuardianQuestionRequestKind =
+type GuardianQuestionRequestKind =
   | "pending_question"
   | "tool_approval"
   | "tool_grant_request"
   | "access_request";
-export type GuardianQuestionInstructionMode = "approval" | "answer";
+type GuardianQuestionInstructionMode = "approval" | "answer";
 
 interface GuardianRequestKindModeConfig {
   defaultMode: GuardianQuestionInstructionMode;
@@ -48,12 +48,12 @@ interface GuardianQuestionPayloadBaseWithDiscriminator extends GuardianQuestionP
   [key: string]: unknown;
 }
 
-export interface GuardianRequestModeInput {
+interface GuardianRequestModeInput {
   kind: unknown;
   toolName?: unknown;
 }
 
-export interface GuardianRequestTextInput {
+interface GuardianRequestTextInput {
   requestCode: string;
   questionText?: string | null;
   toolName?: string | null;
@@ -136,7 +136,7 @@ export type GuardianQuestionPayload =
   | ToolGrantGuardianPayload
   | AccessRequestGuardianPayload;
 
-export interface GuardianQuestionModeResolution {
+interface GuardianQuestionModeResolution {
   mode: GuardianQuestionInstructionMode;
   requestKind: GuardianQuestionRequestKind | null;
 }

package/src/notifications/signal.ts

@@ -101,6 +101,10 @@ export const NOTIFICATION_SOURCE_EVENT_NAMES = [
     description:
       "OAuth credential health issue detected (expired, revoked, missing scopes)",
   },
+  {
+    id: "heartbeat.alert",
+    description: "Heartbeat found something worth surfacing to the guardian",
+  },
 ] as const;
 
 export type NotificationSourceEventName =

package/src/oauth/AGENTS.md

@@ -54,7 +54,9 @@ Most existing logos come from [Simple Icons](https://simpleicons.org) (CC0-licen
 
 If the service is not on Simple Icons, source or create an SVG and convert it the same way. The result must be a true vector PDF (not a rasterized image wrapped in PDF) so it scales cleanly.
 
-The `logoUrl` field in `seed-providers.ts` still serves as the remote fallback (typically a Simple Icons CDN URL like `https://cdn.simpleicons.org/acme`). The client renders the local PDF first, then falls back to `logoUrl`, then to an initials avatar.
+The `logoUrl` field in `seed-providers.ts` serves as the remote fallback (most providers use a Simple Icons CDN URL like `https://cdn.simpleicons.org/acme`). The client renders the local PDF first, then falls back to `logoUrl`, then to an initials avatar.
+
+For brands Simple Icons doesn't host (e.g. Salesforce, which Simple Icons removed for trademark reasons), use the same `glincker/thesvg` source via jsDelivr — `https://cdn.jsdelivr.net/gh/glincker/thesvg@main/public/icons/<key>/default.svg`. The recognised `logoUrl` prefixes are enforced by `oauth-provider-seed-logos.test.ts`; if you need a third source, extend that allowlist alongside the manifest in `clients/shared/Resources/integration-logos-manifest.json`.
 
 ### 5. Secret patterns (if applicable) — `../security/secret-patterns.ts`
 

package/src/oauth/__tests__/oauth-connect-state.test.ts

@@ -0,0 +1,137 @@
+import { beforeEach, describe, expect, test } from "bun:test";
+
+import {
+  _clearAllOAuthConnectStates,
+  clearExpiredOAuthConnectStates,
+  getOAuthConnectState,
+  setOAuthConnectComplete,
+  setOAuthConnectError,
+  setOAuthConnectPending,
+} from "../oauth-connect-state.js";
+
+describe("oauth-connect-state", () => {
+  beforeEach(() => {
+    _clearAllOAuthConnectStates();
+  });
+
+  test("setOAuthConnectPending → getOAuthConnectState returns pending", () => {
+    setOAuthConnectPending("state-1", "google");
+    const result = getOAuthConnectState("state-1");
+    expect(result).toMatchObject({ status: "pending", service: "google" });
+  });
+
+  test("setOAuthConnectComplete without accountInfo → returns complete", () => {
+    setOAuthConnectComplete("state-1", "google");
+    const result = getOAuthConnectState("state-1");
+    expect(result).toMatchObject({ status: "complete", service: "google" });
+  });
+
+  test("setOAuthConnectComplete with accountInfo → returns complete with accountInfo", () => {
+    setOAuthConnectComplete("state-1", "google", "user@example.com");
+    const result = getOAuthConnectState("state-1");
+    expect(result).toMatchObject({
+      status: "complete",
+      service: "google",
+      accountInfo: "user@example.com",
+    });
+  });
+
+  test("setOAuthConnectComplete with grantedScopes → returns complete with grantedScopes", () => {
+    setOAuthConnectComplete("state-1", "google", "user@example.com", ["scope:read", "scope:write"]);
+    const result = getOAuthConnectState("state-1");
+    expect(result).toMatchObject({
+      status: "complete",
+      service: "google",
+      accountInfo: "user@example.com",
+      grantedScopes: ["scope:read", "scope:write"],
+    });
+  });
+
+  test("setOAuthConnectError → returns error with message", () => {
+    setOAuthConnectError("state-1", "google", "token exchange failed");
+    const result = getOAuthConnectState("state-1");
+    expect(result).toMatchObject({
+      status: "error",
+      service: "google",
+      error: "token exchange failed",
+    });
+  });
+
+  test("re-setting same state token overwrites previous", () => {
+    setOAuthConnectPending("state-1", "google");
+    setOAuthConnectComplete("state-1", "google", "user@example.com");
+    const result = getOAuthConnectState("state-1");
+    expect(result?.status).toBe("complete");
+  });
+
+  test("getOAuthConnectState returns null for unknown state", () => {
+    expect(getOAuthConnectState("nonexistent")).toBeNull();
+  });
+
+  test("_clearAllOAuthConnectStates removes all entries", () => {
+    setOAuthConnectPending("state-1", "google");
+    setOAuthConnectPending("state-2", "github");
+    _clearAllOAuthConnectStates();
+    expect(getOAuthConnectState("state-1")).toBeNull();
+    expect(getOAuthConnectState("state-2")).toBeNull();
+  });
+
+  test("clearExpiredOAuthConnectStates removes expired pending entries", () => {
+    setOAuthConnectPending("state-1", "google");
+    // Advance Date.now by 6 minutes past PENDING_TTL_MS (5 min)
+    const originalNow = Date.now;
+    Date.now = () => originalNow() + 6 * 60 * 1000;
+    clearExpiredOAuthConnectStates();
+    Date.now = originalNow;
+    expect(getOAuthConnectState("state-1")).toBeNull();
+  });
+
+  test("clearExpiredOAuthConnectStates removes expired complete entries (past 60s grace)", () => {
+    setOAuthConnectComplete("state-1", "google");
+    const originalNow = Date.now;
+    Date.now = () => originalNow() + 2 * 60 * 1000; // advance 2 minutes past 60s grace
+    clearExpiredOAuthConnectStates();
+    Date.now = originalNow;
+    expect(getOAuthConnectState("state-1")).toBeNull();
+  });
+
+  test("clearExpiredOAuthConnectStates removes expired error entries (past 60s grace)", () => {
+    setOAuthConnectError("state-1", "google", "token exchange failed");
+    const originalNow = Date.now;
+    Date.now = () => originalNow() + 2 * 60 * 1000; // advance 2 minutes past 60s grace
+    clearExpiredOAuthConnectStates();
+    Date.now = originalNow;
+    expect(getOAuthConnectState("state-1")).toBeNull();
+  });
+
+  test("clearExpiredOAuthConnectStates does not remove non-expired pending entries", () => {
+    setOAuthConnectPending("state-1", "google");
+    clearExpiredOAuthConnectStates(); // called without advancing time
+    expect(getOAuthConnectState("state-1")).not.toBeNull();
+  });
+
+  test("sweep-on-insert: setOAuthConnectPending purges expired entries before inserting new one", () => {
+    // 1. Add an entry that will expire
+    setOAuthConnectPending("expired-state", "google");
+
+    // 2. Advance Date.now past the PENDING_TTL_MS (5 min)
+    const originalNow = Date.now;
+    Date.now = () => originalNow() + 6 * 60 * 1000;
+
+    // 3. Insert a new entry — this should trigger clearExpiredOAuthConnectStates() internally
+    setOAuthConnectPending("new-state", "github");
+
+    // 4. Restore Date.now before assertions (getOAuthConnectState also calls clearExpiredOAuthConnectStates)
+    Date.now = originalNow;
+
+    // The expired entry must have been swept out during the insert
+    // Use the map directly via getOAuthConnectState — expired-state is gone
+    // We call _clearAllOAuthConnectStates in beforeEach so we know the map started empty.
+    // After the insert the map should only contain "new-state".
+    const expiredResult = getOAuthConnectState("expired-state");
+    expect(expiredResult).toBeNull();
+
+    const newResult = getOAuthConnectState("new-state");
+    expect(newResult).toMatchObject({ status: "pending", service: "github" });
+  });
+});

package/src/oauth/connect-orchestrator.ts

@@ -19,6 +19,7 @@
  * - Running identity verifiers
  */
 
+import { emitPostConnectNudge } from "../home/post-connect-feed.js";
 import type { TokenEndpointAuthMethod } from "../security/oauth2.js";
 import { prepareOAuth2Flow, startOAuth2Flow } from "../security/oauth2.js";
 import { getLogger } from "../util/logger.js";
@@ -80,6 +81,7 @@ export interface OAuthConnectOptions {
     success: boolean;
     service: string;
     accountInfo?: string;
+    grantedScopes?: string[];
     error?: string;
   }) => void;
 }
@@ -250,10 +252,12 @@ export async function orchestrateOAuthConnect(
               },
               "Deferred OAuth2 flow completed — tokens stored",
             );
+            void emitPostConnectNudge(options.service);
             options.onDeferredComplete?.({
               success: true,
               service: options.service,
               accountInfo: stored.accountInfo ?? parsedAccountIdentifier,
+              grantedScopes: result.grantedScopes,
             });
           } catch (err) {
             log.error(
@@ -371,6 +375,8 @@ export async function orchestrateOAuthConnect(
       "orchestrateOAuthConnect: tokens stored, connect complete",
     );
 
+    void emitPostConnectNudge(options.service);
+
     return {
       success: true,
       deferred: false,

package/src/oauth/connection-resolver.test.ts

@@ -62,7 +62,10 @@ mock.module("../platform/client.js", () => ({
 // ---------------------------------------------------------------------------
 
 import { BYOOAuthConnection } from "./byo-connection.js";
-import { resolveOAuthConnection } from "./connection-resolver.js";
+import {
+  resolveEffectiveBaseUrl,
+  resolveOAuthConnection,
+} from "./connection-resolver.js";
 import { PlatformOAuthConnection } from "./platform-connection.js";
 
 // ---------------------------------------------------------------------------
@@ -214,3 +217,65 @@ describe("resolveOAuthConnection", () => {
     ).rejects.toThrow(/No active OAuth connection found/);
   });
 });
+
+describe("resolveEffectiveBaseUrl", () => {
+  const fallback = "https://login.salesforce.com";
+
+  test("uses instance_url from JSON-string metadata for Salesforce", () => {
+    const metadata = JSON.stringify({
+      instance_url: "https://acme.my.salesforce.com",
+      issued_at: "1714000000000",
+    });
+    expect(resolveEffectiveBaseUrl("salesforce", fallback, metadata)).toBe(
+      "https://acme.my.salesforce.com",
+    );
+  });
+
+  test("uses instance_url from already-parsed object metadata", () => {
+    const metadata = { instance_url: "https://na162.salesforce.com" };
+    expect(resolveEffectiveBaseUrl("salesforce", fallback, metadata)).toBe(
+      "https://na162.salesforce.com",
+    );
+  });
+
+  test("falls back to seed baseUrl when metadata is null", () => {
+    expect(resolveEffectiveBaseUrl("salesforce", fallback, null)).toBe(
+      fallback,
+    );
+  });
+
+  test("falls back to seed baseUrl when instance_url is empty string", () => {
+    const metadata = JSON.stringify({ instance_url: "" });
+    expect(resolveEffectiveBaseUrl("salesforce", fallback, metadata)).toBe(
+      fallback,
+    );
+  });
+
+  test("falls back to seed baseUrl when metadata is unparseable JSON", () => {
+    expect(
+      resolveEffectiveBaseUrl("salesforce", fallback, "{ not valid json"),
+    ).toBe(fallback);
+  });
+
+  test("falls back to seed baseUrl when instance_url is the wrong type", () => {
+    const metadata = JSON.stringify({ instance_url: 12345 });
+    expect(resolveEffectiveBaseUrl("salesforce", fallback, metadata)).toBe(
+      fallback,
+    );
+  });
+
+  test("ignores instance_url for non-Salesforce providers", () => {
+    // A different provider whose token response happens to include an
+    // instance_url-shaped field MUST NOT have its baseUrl rewritten.
+    const metadata = JSON.stringify({
+      instance_url: "https://attacker.example.com",
+    });
+    expect(
+      resolveEffectiveBaseUrl(
+        "google",
+        "https://gmail.googleapis.com/gmail/v1/users/me",
+        metadata,
+      ),
+    ).toBe("https://gmail.googleapis.com/gmail/v1/users/me");
+  });
+});

package/src/oauth/connection-resolver.ts

@@ -116,11 +116,65 @@ export async function resolveOAuthConnection(
   return new BYOOAuthConnection({
     id: conn.id,
     provider: conn.provider,
-    baseUrl,
+    baseUrl: resolveEffectiveBaseUrl(conn.provider, baseUrl, conn.metadata),
     accountInfo: conn.accountInfo,
   });
 }
 
+/**
+ * Resolve the effective API base URL for a connection, preferring per-tenant
+ * values stored on the connection's `metadata` over the provider's static
+ * seed value when applicable.
+ *
+ * Salesforce is the only provider that needs this: every org has its own
+ * API instance host (``acme.my.salesforce.com``, ``na162.salesforce.com``)
+ * which is returned in the OAuth token response as ``instance_url`` and
+ * captured into ``oauth_connection.metadata`` by ``storeOAuth2Tokens``.
+ * The seed's ``baseUrl`` for Salesforce is the login domain
+ * (``https://login.salesforce.com``) — correct for the OAuth handshake but
+ * wrong for REST API calls. Pulling the per-connection ``instance_url``
+ * here avoids forcing every caller to override ``baseUrl`` per-request.
+ *
+ * For all other providers the seed value is correct (single API domain),
+ * so we return it unchanged.
+ *
+ * If a future provider needs the same treatment, generalize via a
+ * declarative ``baseUrlMetadataKey`` field on the seed entry rather than
+ * adding more provider-name branches here.
+ */
+export function resolveEffectiveBaseUrl(
+  provider: string,
+  fallbackBaseUrl: string,
+  rawMetadata: unknown,
+): string {
+  if (provider !== "salesforce") return fallbackBaseUrl;
+
+  const metadata = parseConnectionMetadata(rawMetadata);
+  const instanceUrl = metadata?.instance_url;
+  if (typeof instanceUrl === "string" && instanceUrl.length > 0) {
+    return instanceUrl;
+  }
+  return fallbackBaseUrl;
+}
+
+function parseConnectionMetadata(
+  raw: unknown,
+): Record<string, unknown> | undefined {
+  if (raw == null) return undefined;
+  if (typeof raw === "object") {
+    return raw as Record<string, unknown>;
+  }
+  if (typeof raw !== "string") return undefined;
+  try {
+    const parsed = JSON.parse(raw);
+    return typeof parsed === "object" && parsed !== null
+      ? (parsed as Record<string, unknown>)
+      : undefined;
+  } catch {
+    return undefined;
+  }
+}
+
 // ---------------------------------------------------------------------------
 // Platform connection ID resolution
 // ---------------------------------------------------------------------------

package/src/oauth/credential-token-resolver.ts

@@ -43,9 +43,7 @@ export interface ConnectionAccessTokenResult {
  * providers (e.g. credential-health checks) must resolve the path through here
  * rather than assuming the OAuth access-token path.
  */
-export function manualTokenAccessCredentialKey(
-  provider: string,
-): string | null {
+function manualTokenAccessCredentialKey(provider: string): string | null {
   switch (provider) {
     case "slack_channel":
       return credentialKey("slack_channel", "bot_token");

package/src/oauth/manual-token-connection.ts

@@ -19,10 +19,6 @@ import {
   upsertApp,
 } from "./oauth-store.js";
 
-// Re-export from the centralized resolver so existing callers that import
-// from this module continue to work without changes.
-export { manualTokenAccessCredentialKey } from "./credential-token-resolver.js";
-
 const log = getLogger("manual-token-connection");
 
 /** Sentinel client_id used for non-OAuth providers that don't have a real app. */

package/src/oauth/oauth-connect-state.ts

@@ -0,0 +1,77 @@
+/**
+ * In-memory OAuth connect flow status map.
+ *
+ * Tracks the current state of daemon-owned OAuth connect flows so the CLI
+ * can poll for completion via the IPC route.
+ */
+type OAuthConnectState =
+  | { status: "pending"; service: string; expiresAt: number }
+  | { status: "complete"; service: string; accountInfo?: string; grantedScopes?: string[]; completedAt: number }
+  | { status: "error"; service: string; error: string; failedAt: number };
+
+const activeOAuthConnectFlows = new Map<string, OAuthConnectState>();
+
+const PENDING_TTL_MS = 5 * 60 * 1000; // 5 min — matches oauth-callback-registry.ts:14
+const COMPLETION_GRACE_MS = 60 * 1000; // 60s so the polling CLI gets one final read
+
+export function setOAuthConnectPending(state: string, service: string): void {
+  clearExpiredOAuthConnectStates();
+  activeOAuthConnectFlows.set(state, {
+    status: "pending",
+    service,
+    expiresAt: Date.now() + PENDING_TTL_MS,
+  });
+}
+
+export function setOAuthConnectComplete(
+  state: string,
+  service: string,
+  accountInfo?: string,
+  grantedScopes?: string[],
+): void {
+  clearExpiredOAuthConnectStates();
+  activeOAuthConnectFlows.set(state, {
+    status: "complete",
+    service,
+    accountInfo,
+    grantedScopes,
+    completedAt: Date.now(),
+  });
+}
+
+export function setOAuthConnectError(
+  state: string,
+  service: string,
+  error: string,
+): void {
+  clearExpiredOAuthConnectStates();
+  activeOAuthConnectFlows.set(state, {
+    status: "error",
+    service,
+    error,
+    failedAt: Date.now(),
+  });
+}
+
+export function getOAuthConnectState(state: string): OAuthConnectState | null {
+  clearExpiredOAuthConnectStates();
+  return activeOAuthConnectFlows.get(state) ?? null;
+}
+
+export function clearExpiredOAuthConnectStates(): void {
+  const now = Date.now();
+  for (const [key, state] of activeOAuthConnectFlows) {
+    if (state.status === "pending" && now > state.expiresAt) {
+      activeOAuthConnectFlows.delete(key);
+    } else if (state.status === "complete" && now > state.completedAt + COMPLETION_GRACE_MS) {
+      activeOAuthConnectFlows.delete(key);
+    } else if (state.status === "error" && now > state.failedAt + COMPLETION_GRACE_MS) {
+      activeOAuthConnectFlows.delete(key);
+    }
+  }
+}
+
+/** Test-only helper — clears all state for test isolation. */
+export function _clearAllOAuthConnectStates(): void {
+  activeOAuthConnectFlows.clear();
+}