agent-messenger 1.0.0 → 1.1.0

package/src/platforms/teams/client.ts

@@ -0,0 +1,365 @@
+import { readFile } from 'node:fs/promises'
+import { basename } from 'node:path'
+import type { TeamsChannel, TeamsFile, TeamsMessage, TeamsTeam, TeamsUser } from './types'
+import { TeamsError } from './types'
+
+interface RateLimitBucket {
+  remaining: number
+  resetAt: number
+}
+
+const MSG_API_BASE = 'https://emea.ng.msg.teams.microsoft.com/v1'
+const CSA_API_BASE = 'https://teams.microsoft.com/api'
+const MAX_RETRIES = 3
+const BASE_BACKOFF_MS = 100
+
+export class TeamsClient {
+  private token: string
+  private tokenExpiresAt?: Date
+  private buckets: Map<string, RateLimitBucket> = new Map()
+  private globalRateLimitUntil: number = 0
+
+  constructor(token: string, tokenExpiresAt?: string) {
+    if (!token) {
+      throw new TeamsError('Token is required', 'missing_token')
+    }
+    this.token = token
+    if (tokenExpiresAt) {
+      this.tokenExpiresAt = new Date(tokenExpiresAt)
+    }
+  }
+
+  private isTokenExpired(): boolean {
+    if (!this.tokenExpiresAt) {
+      return false
+    }
+    return this.tokenExpiresAt.getTime() < Date.now()
+  }
+
+  private getBucketKey(method: string, path: string): string {
+    const normalized = path
+      .replace(/\/teams\/[^/]+/, '/teams/{team_id}')
+      .replace(/\/channels\/[^/]+/, '/channels/{channel_id}')
+      .replace(/\/messages\/[^/]+/, '/messages/{message_id}')
+      .replace(/\/users\/[^/]+/, '/users/{user_id}')
+      .replace(/\/members\/[^/]+/, '/members/{member_id}')
+    return `${method}:${normalized}`
+  }
+
+  private async waitForRateLimit(bucketKey: string): Promise<void> {
+    const now = Date.now()
+
+    if (this.globalRateLimitUntil > now) {
+      await this.sleep(this.globalRateLimitUntil - now)
+    }
+
+    const bucket = this.buckets.get(bucketKey)
+    if (bucket && bucket.remaining === 0 && bucket.resetAt * 1000 > now) {
+      await this.sleep(bucket.resetAt * 1000 - now)
+    }
+  }
+
+  private updateBucket(bucketKey: string, response: Response): void {
+    const remaining = response.headers.get('X-RateLimit-Remaining')
+    const reset = response.headers.get('X-RateLimit-Reset')
+
+    if (remaining !== null && reset !== null) {
+      this.buckets.set(bucketKey, {
+        remaining: parseInt(remaining, 10),
+        resetAt: parseFloat(reset),
+      })
+    }
+  }
+
+  private async handleRateLimitResponse(response: Response): Promise<number> {
+    const retryAfter = response.headers.get('Retry-After')
+    const waitMs = parseFloat(retryAfter || '1') * 1000
+
+    this.globalRateLimitUntil = Date.now() + waitMs
+    await this.sleep(waitMs)
+    return waitMs
+  }
+
+  private sleep(ms: number): Promise<void> {
+    return new Promise((resolve) => setTimeout(resolve, ms))
+  }
+
+  private async request<T>(
+    method: string,
+    path: string,
+    body?: unknown,
+    baseUrl: string = MSG_API_BASE
+  ): Promise<T> {
+    if (this.isTokenExpired()) {
+      throw new TeamsError('Token has expired', 'token_expired')
+    }
+
+    const url = `${baseUrl}${path}`
+    const bucketKey = this.getBucketKey(method, path)
+
+    for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
+      await this.waitForRateLimit(bucketKey)
+
+      const headers: Record<string, string> = {
+        'X-Skypetoken': this.token,
+        'Content-Type': 'application/json',
+      }
+
+      const options: RequestInit = {
+        method,
+        headers,
+      }
+
+      if (body !== undefined) {
+        options.body = JSON.stringify(body)
+      }
+
+      const response = await fetch(url, options)
+      this.updateBucket(bucketKey, response)
+
+      if (response.status === 429) {
+        if (attempt < MAX_RETRIES) {
+          await this.handleRateLimitResponse(response)
+          continue
+        }
+        const errorBody = (await response.json().catch(() => null)) as {
+          message?: string
+        } | null
+        throw new TeamsError(errorBody?.message ?? 'Rate limited', 'rate_limited')
+      }
+
+      if (response.status >= 500 && attempt < MAX_RETRIES) {
+        await this.sleep(BASE_BACKOFF_MS * 2 ** attempt)
+        continue
+      }
+
+      if (!response.ok) {
+        const errorBody = (await response.json().catch(() => null)) as {
+          message?: string
+          code?: string | number
+        } | null
+        throw new TeamsError(
+          errorBody?.message ?? `HTTP ${response.status}`,
+          errorBody?.code?.toString() ?? `http_${response.status}`
+        )
+      }
+
+      if (response.status === 204) {
+        return undefined as T
+      }
+
+      return response.json() as Promise<T>
+    }
+
+    throw new TeamsError('Request failed after retries', 'max_retries')
+  }
+
+  private async requestFormData<T>(
+    path: string,
+    formData: FormData,
+    baseUrl: string = MSG_API_BASE
+  ): Promise<T> {
+    if (this.isTokenExpired()) {
+      throw new TeamsError('Token has expired', 'token_expired')
+    }
+
+    const url = `${baseUrl}${path}`
+    const bucketKey = this.getBucketKey('POST', path)
+
+    await this.waitForRateLimit(bucketKey)
+
+    const response = await fetch(url, {
+      method: 'POST',
+      headers: {
+        'X-Skypetoken': this.token,
+      },
+      body: formData,
+    })
+
+    this.updateBucket(bucketKey, response)
+
+    if (!response.ok) {
+      const errorBody = (await response.json().catch(() => null)) as {
+        message?: string
+        code?: string | number
+      } | null
+      throw new TeamsError(
+        errorBody?.message ?? `HTTP ${response.status}`,
+        errorBody?.code?.toString() ?? `http_${response.status}`
+      )
+    }
+
+    return response.json() as Promise<T>
+  }
+
+  async testAuth(): Promise<TeamsUser> {
+    interface UserProperties {
+      userDetails?: string
+      locale?: string
+    }
+    const props = await this.request<UserProperties>('GET', '/users/ME/properties')
+    const userDetails = props.userDetails ? JSON.parse(props.userDetails) : {}
+    return {
+      id: 'ME',
+      displayName: userDetails.name || 'Teams User',
+    }
+  }
+
+  async listTeams(): Promise<TeamsTeam[]> {
+    interface Conversation {
+      id: string
+      threadProperties?: {
+        groupId?: string
+        spaceThreadTopic?: string
+        productThreadType?: string
+        threadType?: string
+      }
+    }
+    interface ConversationsResponse {
+      conversations: Conversation[]
+    }
+    const data = await this.request<ConversationsResponse>('GET', '/users/ME/conversations')
+
+    const teamsMap = new Map<string, TeamsTeam>()
+    for (const conv of data.conversations) {
+      const tp = conv.threadProperties
+      if (!tp?.groupId) continue
+      if (!tp.productThreadType?.includes('Teams') && tp.threadType !== 'space') continue
+
+      if (!teamsMap.has(tp.groupId)) {
+        teamsMap.set(tp.groupId, {
+          id: tp.groupId,
+          name: tp.spaceThreadTopic || 'Unknown Team',
+        })
+      }
+    }
+
+    return Array.from(teamsMap.values())
+  }
+
+  async getTeam(teamId: string): Promise<TeamsTeam> {
+    return this.request<TeamsTeam>('GET', `/csa/api/v1/teams/${teamId}`, undefined, CSA_API_BASE)
+  }
+
+  async listChannels(teamId: string): Promise<TeamsChannel[]> {
+    return this.request<TeamsChannel[]>(
+      'GET',
+      `/csa/api/v1/teams/${teamId}/channels`,
+      undefined,
+      CSA_API_BASE
+    )
+  }
+
+  async getChannel(teamId: string, channelId: string): Promise<TeamsChannel> {
+    return this.request<TeamsChannel>(
+      'GET',
+      `/csa/api/v1/teams/${teamId}/channels/${channelId}`,
+      undefined,
+      CSA_API_BASE
+    )
+  }
+
+  async sendMessage(teamId: string, channelId: string, content: string): Promise<TeamsMessage> {
+    return this.request<TeamsMessage>(
+      'POST',
+      `/csa/emea/api/v2/teams/${teamId}/channels/${channelId}/messages`,
+      { content },
+      CSA_API_BASE
+    )
+  }
+
+  async getMessages(
+    teamId: string,
+    channelId: string,
+    limit: number = 50
+  ): Promise<TeamsMessage[]> {
+    return this.request<TeamsMessage[]>(
+      'GET',
+      `/csa/emea/api/v2/teams/${teamId}/channels/${channelId}/messages?limit=${limit}`,
+      undefined,
+      CSA_API_BASE
+    )
+  }
+
+  async getMessage(teamId: string, channelId: string, messageId: string): Promise<TeamsMessage> {
+    return this.request<TeamsMessage>(
+      'GET',
+      `/csa/emea/api/v2/teams/${teamId}/channels/${channelId}/messages/${messageId}`,
+      undefined,
+      CSA_API_BASE
+    )
+  }
+
+  async deleteMessage(teamId: string, channelId: string, messageId: string): Promise<void> {
+    return this.request<void>(
+      'DELETE',
+      `/csa/emea/api/v2/teams/${teamId}/channels/${channelId}/messages/${messageId}`,
+      undefined,
+      CSA_API_BASE
+    )
+  }
+
+  async addReaction(
+    teamId: string,
+    channelId: string,
+    messageId: string,
+    emoji: string
+  ): Promise<void> {
+    return this.request<void>(
+      'POST',
+      `/csa/emea/api/v2/teams/${teamId}/channels/${channelId}/messages/${messageId}/reactions`,
+      { emoji },
+      CSA_API_BASE
+    )
+  }
+
+  async removeReaction(
+    teamId: string,
+    channelId: string,
+    messageId: string,
+    emoji: string
+  ): Promise<void> {
+    return this.request<void>(
+      'DELETE',
+      `/csa/emea/api/v2/teams/${teamId}/channels/${channelId}/messages/${messageId}/reactions/${emoji}`,
+      undefined,
+      CSA_API_BASE
+    )
+  }
+
+  async listUsers(teamId: string): Promise<TeamsUser[]> {
+    return this.request<TeamsUser[]>(
+      'GET',
+      `/csa/api/v1/teams/${teamId}/members`,
+      undefined,
+      CSA_API_BASE
+    )
+  }
+
+  async getUser(userId: string): Promise<TeamsUser> {
+    return this.request<TeamsUser>('GET', `/csa/api/v1/users/${userId}`, undefined, CSA_API_BASE)
+  }
+
+  async uploadFile(teamId: string, channelId: string, filePath: string): Promise<TeamsFile> {
+    const fileBuffer = await readFile(filePath)
+    const filename = basename(filePath) || 'file'
+
+    const formData = new FormData()
+    formData.append('file', new Blob([fileBuffer]), filename)
+
+    return this.requestFormData<TeamsFile>(
+      `/csa/emea/api/v2/teams/${teamId}/channels/${channelId}/files`,
+      formData,
+      CSA_API_BASE
+    )
+  }
+
+  async listFiles(teamId: string, channelId: string): Promise<TeamsFile[]> {
+    return this.request<TeamsFile[]>(
+      'GET',
+      `/csa/emea/api/v2/teams/${teamId}/channels/${channelId}/files`,
+      undefined,
+      CSA_API_BASE
+    )
+  }
+}

package/src/platforms/teams/commands/auth.test.ts

@@ -0,0 +1,99 @@
+import { afterEach, beforeEach, expect, spyOn, test } from 'bun:test'
+import { TeamsClient } from '../client'
+import { TeamsCredentialManager } from '../credential-manager'
+import { TeamsTokenExtractor } from '../token-extractor'
+
+let extractorExtractSpy: ReturnType<typeof spyOn>
+let clientTestAuthSpy: ReturnType<typeof spyOn>
+let clientListTeamsSpy: ReturnType<typeof spyOn>
+let credManagerLoadConfigSpy: ReturnType<typeof spyOn>
+let credManagerSaveConfigSpy: ReturnType<typeof spyOn>
+let credManagerClearCredentialsSpy: ReturnType<typeof spyOn>
+let credManagerIsTokenExpiredSpy: ReturnType<typeof spyOn>
+
+beforeEach(() => {
+  extractorExtractSpy = spyOn(TeamsTokenExtractor.prototype, 'extract').mockResolvedValue({
+    token: 'test-skype-token-123',
+  })
+
+  clientTestAuthSpy = spyOn(TeamsClient.prototype, 'testAuth').mockResolvedValue({
+    id: 'user-123',
+    displayName: 'Test User',
+    email: 'test@example.com',
+  })
+
+  clientListTeamsSpy = spyOn(TeamsClient.prototype, 'listTeams').mockResolvedValue([
+    { id: 'team-1', name: 'Team One' },
+    { id: 'team-2', name: 'Team Two' },
+  ])
+
+  credManagerLoadConfigSpy = spyOn(
+    TeamsCredentialManager.prototype,
+    'loadConfig'
+  ).mockResolvedValue(null)
+
+  credManagerSaveConfigSpy = spyOn(
+    TeamsCredentialManager.prototype,
+    'saveConfig'
+  ).mockResolvedValue(undefined)
+
+  credManagerClearCredentialsSpy = spyOn(
+    TeamsCredentialManager.prototype,
+    'clearCredentials'
+  ).mockResolvedValue(undefined)
+
+  credManagerIsTokenExpiredSpy = spyOn(
+    TeamsCredentialManager.prototype,
+    'isTokenExpired'
+  ).mockResolvedValue(false)
+})
+
+afterEach(() => {
+  extractorExtractSpy?.mockRestore()
+  clientTestAuthSpy?.mockRestore()
+  clientListTeamsSpy?.mockRestore()
+  credManagerLoadConfigSpy?.mockRestore()
+  credManagerSaveConfigSpy?.mockRestore()
+  credManagerClearCredentialsSpy?.mockRestore()
+  credManagerIsTokenExpiredSpy?.mockRestore()
+})
+
+test('extract: calls TeamsTokenExtractor', async () => {
+  const extractor = new TeamsTokenExtractor()
+  const result = await extractor.extract()
+  expect(result).toBeDefined()
+  expect(result?.token).toBe('test-skype-token-123')
+})
+
+test('extract: validates token with TeamsClient', async () => {
+  const client = new TeamsClient('test-skype-token-123')
+  const authInfo = await client.testAuth()
+  expect(authInfo).toBeDefined()
+  expect(authInfo.id).toBe('user-123')
+  expect(authInfo.displayName).toBe('Test User')
+})
+
+test('extract: discovers teams', async () => {
+  const client = new TeamsClient('test-skype-token-123')
+  const teams = await client.listTeams()
+  expect(teams).toHaveLength(2)
+  expect(teams[0].id).toBe('team-1')
+})
+
+test('logout: clears credentials', async () => {
+  const credManager = new TeamsCredentialManager()
+  await credManager.clearCredentials()
+  expect(credManager.clearCredentials).toHaveBeenCalled()
+})
+
+test('status: returns auth state when not authenticated', async () => {
+  const credManager = new TeamsCredentialManager()
+  const config = await credManager.loadConfig()
+  expect(config).toBeNull()
+})
+
+test('status: checks token expiry', async () => {
+  const credManager = new TeamsCredentialManager()
+  const isExpired = await credManager.isTokenExpired()
+  expect(isExpired).toBe(false)
+})

package/src/platforms/teams/commands/auth.ts

@@ -0,0 +1,232 @@
+import { Command } from 'commander'
+import { handleError } from '../../../shared/utils/error-handler'
+import { formatOutput } from '../../../shared/utils/output'
+import { TeamsClient } from '../client'
+import { TeamsCredentialManager } from '../credential-manager'
+import { TeamsTokenExtractor } from '../token-extractor'
+
+export async function extractAction(options: {
+  pretty?: boolean
+  debug?: boolean
+  token?: string
+}): Promise<void> {
+  try {
+    let token: string
+
+    if (options.token) {
+      token = options.token
+      if (options.debug) {
+        console.error(`[debug] Using provided token: ${token.substring(0, 20)}...`)
+      }
+    } else {
+      const extractor = new TeamsTokenExtractor()
+
+      if (process.platform === 'darwin') {
+        console.log('')
+        console.log('  Extracting your Microsoft Teams credentials...')
+        console.log('')
+        console.log('  Your Mac may ask for your password to access Keychain.')
+        console.log('  This is required because Teams encrypts your login token')
+        console.log('  using macOS Keychain for security.')
+        console.log('')
+        console.log('  What happens:')
+        console.log("    1. We read the encrypted token from Teams' cookies")
+        console.log('    2. macOS Keychain decrypts it (requires your password)')
+        console.log('    3. The token is stored locally in ~/.config/agent-messenger/')
+        console.log('')
+        console.log('  Your password is never stored or transmitted anywhere.')
+        console.log('')
+      }
+
+      if (options.debug) {
+        console.error(`[debug] Extracting Teams token...`)
+      }
+
+      const extracted = await extractor.extract()
+
+      if (!extracted) {
+        console.log(
+          formatOutput(
+            {
+              error:
+                'No Teams token found. Make sure Microsoft Teams desktop app is installed and logged in.',
+              hint: 'Run with --token <token> to manually provide a token, or --debug for more info.',
+            },
+            options.pretty
+          )
+        )
+        process.exit(1)
+      }
+      token = extracted.token
+    }
+
+    if (options.debug) {
+      console.error(`[debug] Token extracted: ${token.substring(0, 20)}...`)
+    }
+
+    try {
+      const client = new TeamsClient(token)
+
+      if (options.debug) {
+        console.error(`[debug] Testing token validity...`)
+      }
+
+      const authInfo = await client.testAuth()
+
+      if (options.debug) {
+        console.error(`[debug] ✓ Token valid for user: ${authInfo.displayName}`)
+        console.error(`[debug] Discovering teams...`)
+      }
+
+      const teams = await client.listTeams()
+
+      if (options.debug) {
+        console.error(`[debug] ✓ Found ${teams.length} team(s)`)
+      }
+
+      if (teams.length === 0) {
+        console.log(
+          formatOutput(
+            {
+              error:
+                'No teams found. Make sure you are a member of at least one Microsoft Teams team.',
+            },
+            options.pretty
+          )
+        )
+        process.exit(1)
+      }
+
+      const credManager = new TeamsCredentialManager()
+      const teamMap: Record<string, { team_id: string; team_name: string }> = {}
+
+      for (const team of teams) {
+        teamMap[team.id] = {
+          team_id: team.id,
+          team_name: team.name,
+        }
+      }
+
+      const config = {
+        token: token,
+        current_team: teams[0].id,
+        teams: teamMap,
+        token_expires_at: new Date(Date.now() + 60 * 60 * 1000).toISOString(),
+      }
+
+      await credManager.saveConfig(config)
+
+      if (options.debug) {
+        console.error(`[debug] ✓ Credentials saved`)
+      }
+
+      const output = {
+        teams: teams.map((t) => `${t.id}/${t.name}`),
+        current: teams[0].id,
+      }
+
+      console.log(formatOutput(output, options.pretty))
+    } catch (error) {
+      const errorMessage = (error as Error).message
+      const is401 = errorMessage.includes('401') || errorMessage.includes('Unauthorized')
+      console.log(
+        formatOutput(
+          {
+            error: `Token validation failed: ${errorMessage}`,
+            hint: is401
+              ? 'Token expired. Open Microsoft Teams, send a message to refresh your session, then run "auth extract" again.'
+              : 'Make sure Microsoft Teams desktop app is running and you are logged in.',
+          },
+          options.pretty
+        )
+      )
+      process.exit(1)
+    }
+  } catch (error) {
+    handleError(error as Error)
+  }
+}
+
+export async function logoutAction(options: { pretty?: boolean }): Promise<void> {
+  try {
+    const credManager = new TeamsCredentialManager()
+    const config = await credManager.loadConfig()
+
+    if (!config?.token) {
+      console.log(
+        formatOutput({ error: 'Not authenticated. Run "auth extract" first.' }, options.pretty)
+      )
+      process.exit(1)
+    }
+
+    await credManager.clearCredentials()
+
+    console.log(formatOutput({ removed: 'teams', success: true }, options.pretty))
+  } catch (error) {
+    handleError(error as Error)
+  }
+}
+
+export async function statusAction(options: { pretty?: boolean }): Promise<void> {
+  try {
+    const credManager = new TeamsCredentialManager()
+    const config = await credManager.loadConfig()
+
+    if (!config?.token) {
+      console.log(
+        formatOutput({ error: 'Not authenticated. Run "auth extract" first.' }, options.pretty)
+      )
+      process.exit(1)
+    }
+
+    let authInfo: { id: string; displayName: string } | null = null
+    let valid = false
+    const isExpired = await credManager.isTokenExpired()
+
+    if (!isExpired) {
+      try {
+        const client = new TeamsClient(config.token, config.token_expires_at)
+        authInfo = await client.testAuth()
+        valid = true
+      } catch {
+        valid = false
+      }
+    }
+
+    const output = {
+      authenticated: valid,
+      user: authInfo?.displayName,
+      current_team: config.current_team,
+      teams_count: Object.keys(config.teams).length,
+      token_expires_at: config.token_expires_at ?? null,
+      token_expired: isExpired,
+    }
+
+    console.log(formatOutput(output, options.pretty))
+  } catch (error) {
+    handleError(error as Error)
+  }
+}
+
+export const authCommand = new Command('auth')
+  .description('Authentication commands')
+  .addCommand(
+    new Command('extract')
+      .description('Extract token from Microsoft Teams desktop app')
+      .option('--pretty', 'Pretty print JSON output')
+      .option('--debug', 'Show debug output for troubleshooting')
+      .option('--token <token>', 'Manually provide a token (bypasses auto-extraction)')
+      .action(extractAction)
+  )
+  .addCommand(
+    new Command('logout')
+      .description('Logout from Microsoft Teams')
+      .option('--pretty', 'Pretty print JSON output')
+      .action(logoutAction)
+  )
+  .addCommand(
+    new Command('status')
+      .description('Show authentication status')
+      .option('--pretty', 'Pretty print JSON output')
+      .action(statusAction)
+  )