agentlang 0.10.2 → 0.10.3

package/src/api/http.ts

@@ -1,5 +1,5 @@
 import chalk from 'chalk';
-import express, { Request, Response } from 'express';
+import express, { Express, Request, Response } from 'express';
 import * as path from 'path';
 import {
   getAllChildRelationships,
@@ -8,6 +8,7 @@ import {
   Instance,
   InstanceAttributes,
   isBetweenRelationship,
+  getRelationship,
   makeInstance,
   objectAsInstanceAttributes,
   Relationship,
@@ -58,15 +59,15 @@ import {
   createFileRecord,
   deleteFileRecord,
 } from '../runtime/modules/files.js';
+import {
+  getOAuthAuthorizeUrl,
+  exchangeOAuthCode,
+  getIntegrationAccessToken,
+} from '../runtime/integration-client.js';
 import * as XLSX from 'xlsx';
 import { objectToQueryPattern } from '../language/parser.js';
 
-export async function startServer(
-  appSpec: ApplicationSpec,
-  port: number,
-  host?: string,
-  config?: Config
-) {
+export async function createApp(appSpec: ApplicationSpec, config?: Config): Promise<Express> {
   const app = express();
   app.use(express.json());
 
@@ -207,6 +208,79 @@ export async function startServer(
     handleQueryAsXlsxPost(req, res);
   });
 
+  // --- Built-in OAuth proxy ---
+  if (config?.integrations?.oauth) {
+    const connections = config.integrations.connections;
+
+    // Resolve provider key (e.g. 'google_drive') to integration entity name
+    // (e.g. 'google-drive') by extracting from the config path.
+    function resolveIntegrationName(provider: string): string {
+      const entry = connections[provider];
+      if (!entry) return provider;
+      const configPath = typeof entry === 'string' ? entry : entry.config;
+      if (!configPath) return provider;
+      return configPath.split('/')[0];
+    }
+
+    app.get('/agentlang/oauth/authorize-url', async (req: Request, res: Response) => {
+      try {
+        const provider = req.query.provider as string;
+        const redirectUri = req.query.redirectUri as string;
+        if (!provider || !redirectUri) {
+          res.status(400).json({ error: 'provider and redirectUri query params are required' });
+          return;
+        }
+        if (!connections[provider]) {
+          res.status(400).json({ error: `Unknown provider: ${provider}` });
+          return;
+        }
+        const result = await getOAuthAuthorizeUrl(resolveIntegrationName(provider), redirectUri);
+        res.json(result);
+      } catch (err: any) {
+        logger.error(`OAuth authorize-url error: ${err}`);
+        res.status(500).json({ error: err.message || 'Failed to get authorization URL' });
+      }
+    });
+
+    app.post('/agentlang/oauth/exchange', async (req: Request, res: Response) => {
+      try {
+        const { provider, code, state } = req.body;
+        if (!provider || !code || !state) {
+          res.status(400).json({ error: 'provider, code, and state are required in request body' });
+          return;
+        }
+        if (!connections[provider]) {
+          res.status(400).json({ error: `Unknown provider: ${provider}` });
+          return;
+        }
+        const result = await exchangeOAuthCode(resolveIntegrationName(provider), code, state);
+        res.json(result);
+      } catch (err: any) {
+        logger.error(`OAuth exchange error: ${err}`);
+        res.status(500).json({ error: err.message || 'Failed to exchange authorization code' });
+      }
+    });
+
+    app.get('/agentlang/oauth/access-token', async (req: Request, res: Response) => {
+      try {
+        const provider = req.query.provider as string;
+        if (!provider) {
+          res.status(400).json({ error: 'provider query param is required' });
+          return;
+        }
+        if (!connections[provider]) {
+          res.status(400).json({ error: `Unknown provider: ${provider}` });
+          return;
+        }
+        const result = await getIntegrationAccessToken(resolveIntegrationName(provider));
+        res.json(result);
+      } catch (err: any) {
+        logger.error(`OAuth access-token error: ${err}`);
+        res.status(500).json({ error: err.message || 'Failed to get access token' });
+      }
+    });
+  }
+
   if (isNodeEnv && upload && uploadDir) {
     app.post('/uploadFile', upload.single('file'), (req: Request, res: Response) => {
       handleFileUpload(req, res, config);
@@ -295,19 +369,6 @@ export async function startServer(
     });
   });
 
-  const cb = () => {
-    console.log(
-      chalk.green(
-        `Application ${chalk.bold(appName + ' version ' + appVersion)} started on port ${chalk.bold(port)}`
-      )
-    );
-  };
-  if (host) {
-    app.listen(port, host, cb);
-  } else {
-    app.listen(port, cb);
-  }
-
   setEventEndpointsUpdater((moduleName: string) => {
     const m = fetchModule(moduleName);
     const eventNames = m.getEventNames();
@@ -329,6 +390,39 @@ export async function startServer(
       addBetweenHandlers(moduleName, n);
     });
   });
+
+  return app;
+}
+
+export async function startServer(
+  appSpec: ApplicationSpec,
+  port: number,
+  host?: string,
+  config?: Config
+) {
+  const app = await createApp(appSpec, config);
+  const appName: string = appSpec.name;
+  const appVersion: string = appSpec.version;
+
+  // Expose port and host on globalThis so resolver code (e.g. integration-manager's
+  // auth-resolver) can make self-referencing HTTP calls to the correct address.
+  (globalThis as any).__agentlang_port = port;
+  if (host) {
+    (globalThis as any).__agentlang_host = host;
+  }
+
+  const cb = () => {
+    console.log(
+      chalk.green(
+        `Application ${chalk.bold(appName + ' version ' + appVersion)} started on port ${chalk.bold(port)}`
+      )
+    );
+  };
+  if (host) {
+    app.listen(port, host, cb);
+  } else {
+    app.listen(port, cb);
+  }
 }
 
 function ok(res: Response) {
@@ -356,23 +450,69 @@ function internalError(res: Response) {
   };
 }
 
-function patternFromAttributes(
+function formatAttrValue(v: any, n: string): string {
+  let av = isString(v) ? `"${v}"` : v;
+  if (av instanceof Object) {
+    av = JSON.stringify(av);
+  }
+  if (isPathAttribute(n)) {
+    av = escapeSepInPath(av);
+  }
+  return `${n} ${av}`;
+}
+
+function buildChildPattern(otherFqName: string, childObj: { [key: string]: any }): string {
+  const childAttrs = Object.entries(childObj)
+    .map(([k, v]: [string, any]) => {
+      let av: any;
+      if (isString(v)) {
+        av = `"${v}"`;
+      } else if (v instanceof Object) {
+        av = JSON.stringify(v);
+      } else {
+        av = v;
+      }
+      return `${k} ${av}`;
+    })
+    .join(', ');
+  return `{${otherFqName} {${childAttrs}}, @upsert}`;
+}
+
+export function patternFromAttributes(
   moduleName: string,
   recName: string,
-  attrs: InstanceAttributes
+  attrs: InstanceAttributes,
+  entityFqName?: string
 ): string {
   const attrsStrs = new Array<string>();
+  const relPatterns = new Array<string>();
+
   attrs.forEach((v: any, n: string) => {
-    let av = isString(v) ? `"${v}"` : v;
-    if (av instanceof Object) {
-      av = JSON.stringify(av);
-    }
-    if (isPathAttribute(n)) {
-      av = escapeSepInPath(av);
+    if (entityFqName) {
+      try {
+        if (isBetweenRelationship(n, moduleName)) {
+          const rel = getRelationship(n, moduleName);
+          const otherFqName =
+            rel.getParentFqName() === entityFqName ? rel.getChildFqName() : rel.getParentFqName();
+          const children = Array.isArray(v) ? v : [v];
+          const childPatterns = children
+            .map((child: any) => buildChildPattern(otherFqName, child))
+            .join(', ');
+          relPatterns.push(`${n} [${childPatterns}]`);
+          return;
+        }
+      } catch {
+        // Not a relationship — fall through to normal attribute handling
+      }
     }
-    attrsStrs.push(`${n} ${av}`);
+    attrsStrs.push(formatAttrValue(v, n));
   });
-  return `{${moduleName}/${recName} { ${attrsStrs.join(',\n')} }}`;
+
+  const entityPat = `{${moduleName}/${recName} {${attrsStrs.join(',\n')}}`;
+  if (relPatterns.length > 0) {
+    return `${entityPat}, ${relPatterns.join(', ')}}`;
+  }
+  return `${entityPat}}`;
 }
 
 function normalizeRequestPath(path: string[], moduleName: string): string[] {
@@ -433,7 +573,7 @@ async function handleEventPost(
       eventName,
       objectAsInstanceAttributes(req.body)
     ).setAuthContext(sessionInfo);
-    evaluate(inst, ok(res)).catch(internalError(res));
+    evaluate(inst).then(ok(res)).catch(internalError(res));
   } catch (err: any) {
     logger.error(err);
     res.status(500).send(err.toString());
@@ -452,9 +592,15 @@ async function handleEntityPost(
       res.status(401).send('Authorization required');
       return;
     }
+    const entityFqName = makeFqName(moduleName, entityName);
     const pattern = req.params.path
       ? createChildPattern(moduleName, entityName, req)
-      : patternFromAttributes(moduleName, entityName, objectAsInstanceAttributes(req.body));
+      : patternFromAttributes(
+          moduleName,
+          entityName,
+          objectAsInstanceAttributes(req.body),
+          entityFqName
+        );
     parseAndEvaluateStatement(pattern, sessionInfo.userId).then(ok(res)).catch(internalError(res));
   } catch (err: any) {
     logger.error(err);
@@ -493,15 +639,23 @@ const joinTags = new Map()
   .set('@leftJoinOn', '@left_join')
   .set('@rightJoinOn', '@right_join');
 
-function objectAsAttributesPattern(entityFqName: string, obj: object): [string, boolean] {
+const paginationTags = new Set(['@limit', '@offset']);
+
+function objectAsAttributesPattern(entityFqName: string, obj: object): [string, boolean, string] {
   const attrs = new Array<string>();
   let joinType: string | undefined;
   let joinOnAttr: string | undefined;
+  const paginationParts = new Array<string>();
   Object.keys(obj).forEach(key => {
     const s: string = obj[key as keyof object];
     if (joinTags.has(key)) {
       joinType = joinTags.get(key);
       joinOnAttr = s;
+    } else if (paginationTags.has(key)) {
+      const n = parseInt(s, 10);
+      if (!Number.isNaN(n) && Number.isInteger(n) && n >= 0) {
+        paginationParts.push(`${key}(${n})`);
+      }
     } else {
       let v = s;
       if (!s.startsWith('"')) {
@@ -529,12 +683,18 @@ function objectAsAttributesPattern(entityFqName: string, obj: object): [string,
     });
     const intoPat = `@into {${intoSpec.join(', ')}}`;
     joinOnAttr = reverseJoin ? splitRefs(joinOnAttr)[1] : joinOnAttr;
+    const paginationStr = paginationParts.length > 0 ? `,\n${paginationParts.join(',\n')}` : '';
     return [
-      `${pat},\n${joinType} ${targetEntity} {${targetAttr}? ${entityFqName}.${joinOnAttr}}, \n${intoPat}`,
+      `${pat},\n${joinType} ${targetEntity} {${targetAttr}? ${entityFqName}.${joinOnAttr}}, \n${intoPat}${paginationStr}`,
       hasQueryAttrs,
+      '',
     ];
   } else {
-    return [pat, hasQueryAttrs];
+    return [
+      pat,
+      hasQueryAttrs,
+      paginationParts.length > 0 ? `,\n${paginationParts.join(',\n')}` : '',
+    ];
   }
 }
 
@@ -547,9 +707,9 @@ function queryPatternFromPath(path: string, req: Request): string {
   const fqName = `${moduleName}/${entityName}`;
   if (parts.length == 2 && id === undefined) {
     if (req.query && Object.keys(req.query).length > 0) {
-      const [pat, hasQueryAttrs] = objectAsAttributesPattern(fqName, req.query);
+      const [pat, hasQueryAttrs, paginationPat] = objectAsAttributesPattern(fqName, req.query);
       const n = hasQueryAttrs ? fqName : `${fqName}?`;
-      return `{${n} ${pat}}`;
+      return `{${n} ${pat}${paginationPat}}`;
     } else {
       return `{${fqName}? {}}`;
     }

package/src/cli/main.ts

@@ -21,6 +21,7 @@ import { Instance, Module } from '../runtime/module.js';
 import { ModuleDefinition } from '../language/generated/ast.js';
 import { Config } from '../runtime/state.js';
 import { prepareIntegrations } from '../runtime/integrations.js';
+import { configureIntegrationClient } from '../runtime/integration-client.js';
 import { isExecGraphEnabled, isNodeEnv } from '../utils/runtime.js';
 import { OpenAPIClientAxios } from 'openapi-client-axios';
 import { registerOpenApiModule } from '../runtime/openapi.js';
@@ -239,6 +240,8 @@ export const runModule = async (fileName: string, releaseDb: boolean = false): P
       config.integrations.password,
       config.integrations.connections
     );
+    // Configure the thin HTTP client to talk to integration-manager for auth
+    configureIntegrationClient(config.integrations.host);
   }
   if (config.openapi) {
     await loadOpenApiSpec(config.openapi);

package/src/language/agentlang-validator.ts

@@ -25,6 +25,9 @@ export class AgentlangValidator {
     if (def.$type === 'PublicEventDefinition') {
       def = def.def;
     }
+    if (!def?.schema?.attributes) {
+      return;
+    }
     def.schema.attributes.forEach((a: AttributeDefinition) => {
       if (reported.has(a.name)) {
         accept('error', `'${def.name} " - attribute has non-unique name '${a.name}'.`, {

package/src/language/agentlang.langium

@@ -131,7 +131,7 @@ CrudMap: '{' (name=QueryId (':')? '{''}'
           '}';
 
 QueryOption: join=JoinSpec | into=SelectIntoSpec | where=WhereSpec | groupByClause=GroupByClause | orderByClause=OrderByClause
-| upsert='@upsert' | distinct='@distinct';
+| limitClause=LimitClause | offsetClause=OffsetClause | upsert='@upsert' | distinct='@distinct';
 
 CrudMapBody: '{' (attributes+=SetAttribute (',' attributes+=SetAttribute)*)+ properties+=PropertyDefinition* '}';
 
@@ -148,6 +148,8 @@ WhereSpecClause: lhs=QueryId op=SqlComparisonOpr? rhs=Expr;
 
 GroupByClause: '@groupBy' ('(' (colNames+=QualifiedName (',' colNames+=QualifiedName)*)+ ')');
 OrderByClause: '@orderBy' ('(' (colNames+=QualifiedName (',' colNames+=QualifiedName)*)+ ')') (order=('@asc' | '@desc'))?;
+LimitClause: '@limit' '(' value=INT ')';
+OffsetClause: '@offset' '(' value=INT ')';
 
 FullTextSearch: '{' name=QueryId query=Literal options=MapLiteral? '}';