botinabox 0.5.1 → 0.5.3

package/dist/cli.js

@@ -0,0 +1,220 @@
+#!/usr/bin/env node
+
+// src/cli.ts
+import * as readline from "readline";
+import * as fs from "fs";
+import { execSync } from "child_process";
+
+// src/update-check.ts
+import { readFileSync, writeFileSync, mkdirSync, existsSync } from "fs";
+import { join } from "path";
+import { homedir } from "os";
+var ONE_DAY_MS = 864e5;
+function isNewer(latest, current) {
+  const a = latest.split(".").map(Number);
+  const b = current.split(".").map(Number);
+  for (let i = 0; i < Math.max(a.length, b.length); i++) {
+    const av = a[i] ?? 0;
+    const bv = b[i] ?? 0;
+    if (av > bv) return true;
+    if (av < bv) return false;
+  }
+  return false;
+}
+async function checkForUpdate(pkgName, currentVersion) {
+  const cacheDir = join(homedir(), `.${pkgName}`);
+  const cachePath = join(cacheDir, "update-check.json");
+  try {
+    if (existsSync(cachePath)) {
+      const cached = JSON.parse(readFileSync(cachePath, "utf-8"));
+      if (Date.now() - cached.checked < ONE_DAY_MS) {
+        return isNewer(cached.latest, currentVersion) ? cached.latest : null;
+      }
+    }
+  } catch {
+  }
+  const res = await fetch(`https://registry.npmjs.org/${pkgName}/latest`, {
+    headers: { accept: "application/json" },
+    signal: AbortSignal.timeout(5e3)
+  });
+  if (!res.ok) return null;
+  const data = await res.json();
+  const latest = data.version;
+  try {
+    if (!existsSync(cacheDir)) mkdirSync(cacheDir, { recursive: true });
+    writeFileSync(cachePath, JSON.stringify({ latest, checked: Date.now() }));
+  } catch {
+  }
+  return isNewer(latest, currentVersion) ? latest : null;
+}
+
+// src/cli.ts
+function getVersion() {
+  try {
+    const pkgPath = new URL("../package.json", import.meta.url).pathname;
+    const pkg = JSON.parse(fs.readFileSync(pkgPath, "utf-8"));
+    return pkg.version;
+  } catch {
+    return "unknown";
+  }
+}
+async function main(args) {
+  const [command, subcommand, ...rest] = args;
+  const version = getVersion();
+  if (version !== "unknown") {
+    checkForUpdate("botinabox", version).then((latest) => {
+      if (latest) {
+        process.on("exit", () => {
+          console.log(
+            `
+Update available: ${version} \u2192 ${latest} \u2014 run "botinabox update" to upgrade`
+          );
+        });
+      }
+    }).catch(() => {
+    });
+  }
+  if (command === "update") {
+    await runUpdate(version);
+  } else if (command === "--version" || command === "-v") {
+    console.log(version);
+  } else if (command === "auth" && subcommand === "google") {
+    await authGoogle(rest);
+  } else {
+    console.log("Usage:");
+    console.log("  botinabox auth google <account-email> [options]");
+    console.log("  botinabox update                              Upgrade to the latest version");
+    console.log("  botinabox --version                           Print version");
+    console.log("");
+    console.log("Options:");
+    console.log("  --client-id=<id>           Google OAuth client ID");
+    console.log("  --client-secret=<secret>   Google OAuth client secret");
+    console.log("  --credentials=<path>       Path to Google credentials JSON");
+    console.log("  --db=<path>                Path to SQLite database (default: ./data/lattice.db)");
+    console.log("  --scopes=<scopes>          Comma-separated OAuth scopes");
+    process.exit(1);
+  }
+}
+async function runUpdate(currentVersion) {
+  console.log(`Current version: ${currentVersion}`);
+  const latest = await checkForUpdate("botinabox", currentVersion);
+  if (!latest) {
+    console.log("Already up to date.");
+    return;
+  }
+  console.log(`Updating to ${latest}...`);
+  try {
+    execSync("npm install -g botinabox@latest", { stdio: "inherit" });
+    console.log(`Updated botinabox ${currentVersion} \u2192 ${latest}`);
+  } catch {
+    console.error("Update failed. Try running manually: npm install -g botinabox@latest");
+    process.exit(1);
+  }
+}
+async function authGoogle(args) {
+  const flags = /* @__PURE__ */ new Map();
+  let account;
+  for (const arg of args) {
+    if (arg.startsWith("--")) {
+      const [key, ...valParts] = arg.slice(2).split("=");
+      flags.set(key, valParts.join("="));
+    } else if (!account) {
+      account = arg;
+    }
+  }
+  if (!account) {
+    console.error("Error: account email is required.");
+    console.error("  botinabox auth google <account-email> --client-id=... --client-secret=...");
+    process.exit(1);
+  }
+  let clientId = flags.get("client-id") ?? process.env.GOOGLE_CLIENT_ID;
+  let clientSecret = flags.get("client-secret") ?? process.env.GOOGLE_CLIENT_SECRET;
+  const credPath = flags.get("credentials");
+  if ((!clientId || !clientSecret) && credPath) {
+    if (fs.existsSync(credPath)) {
+      const creds = JSON.parse(fs.readFileSync(credPath, "utf-8"));
+      const installed = creds.installed ?? creds.web;
+      clientId = clientId ?? installed?.client_id;
+      clientSecret = clientSecret ?? installed?.client_secret;
+    }
+  }
+  if (!clientId || !clientSecret) {
+    console.error(
+      "Error: Google OAuth credentials required.\n  Set --client-id and --client-secret, or --credentials=path/to/credentials.json,\n  or GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET environment variables."
+    );
+    process.exit(1);
+  }
+  const defaultScopes = [
+    "https://www.googleapis.com/auth/gmail.readonly",
+    "https://www.googleapis.com/auth/gmail.send",
+    "https://www.googleapis.com/auth/calendar.readonly"
+  ];
+  const scopes = flags.has("scopes") ? flags.get("scopes").split(",") : defaultScopes;
+  const dbPath = flags.get("db") ?? process.env.DATABASE_PATH ?? "./data/lattice.db";
+  const { DataStore, defineCoreTables } = await import("./index.js");
+  const db = new DataStore({ dbPath });
+  defineCoreTables(db);
+  await db.init();
+  const tokenLoader = async (key) => {
+    const rows = await db.query("secrets", { where: { name: key } });
+    const row = rows.find((r) => r["deleted_at"] == null);
+    return row?.["value"] ?? null;
+  };
+  const tokenSaver = async (key, value) => {
+    const rows = await db.query("secrets", { where: { name: key } });
+    const existing = rows.find((r) => r["deleted_at"] == null);
+    if (existing) {
+      await db.update("secrets", { id: existing["id"] }, {
+        value,
+        type: "oauth2",
+        updated_at: (/* @__PURE__ */ new Date()).toISOString()
+      });
+    } else {
+      await db.insert("secrets", {
+        name: key,
+        type: "oauth2",
+        value,
+        description: `Google OAuth tokens for ${account}`
+      });
+    }
+  };
+  const { GoogleGmailConnector } = await import("./gmail-connector-MNUBRNFM.js");
+  const connector = new GoogleGmailConnector({ tokenLoader, tokenSaver });
+  connector.config = {
+    account,
+    oauth: { clientId, clientSecret, redirectUri: "urn:ietf:wg:oauth:2.0:oob" },
+    scopes
+  };
+  const codeProvider = async (authUrl) => {
+    console.log(`
+Authorize account: ${account}`);
+    console.log(`
+Open this URL in your browser:
+
+  ${authUrl}
+`);
+    const rl = readline.createInterface({
+      input: process.stdin,
+      output: process.stdout
+    });
+    return new Promise((resolve) => {
+      rl.question("Enter the authorization code: ", (answer) => {
+        rl.close();
+        resolve(answer.trim());
+      });
+    });
+  };
+  const result = await connector.authenticate(codeProvider);
+  if (result.success) {
+    console.log(`
+Tokens saved for ${account}. Connector is ready.`);
+  } else {
+    console.error(`
+Authentication failed: ${result.error}`);
+    process.exit(1);
+  }
+  db.close();
+}
+export {
+  main
+};

package/dist/connector-B4Mj0P1b.d.ts

@@ -0,0 +1,79 @@
+/** Connector types — generic external service integrations. */
+interface ConnectorMeta {
+    displayName: string;
+    /** Provider identifier, e.g. "google", "trello", "jira", "salesforce" */
+    provider: string;
+    /** Data type this connector handles, e.g. "email", "calendar", "board", "crm" */
+    dataType: string;
+}
+interface SyncOptions {
+    /** Only sync records after this ISO 8601 timestamp */
+    since?: string;
+    /** Provider-specific incremental sync token */
+    cursor?: string;
+    /** Maximum number of records to fetch */
+    limit?: number;
+    /** Provider-specific query filters */
+    filters?: Record<string, unknown>;
+}
+interface SyncResult<T = Record<string, unknown>> {
+    /** Typed records produced by the connector — consumer decides where to store */
+    records: T[];
+    /** Next incremental sync token (persist for future calls) */
+    cursor?: string;
+    /** Whether more records are available (pagination) */
+    hasMore: boolean;
+    /** Errors encountered during sync (non-fatal per-record failures) */
+    errors: Array<{
+        id?: string;
+        error: string;
+    }>;
+}
+interface PushResult {
+    success: boolean;
+    externalId?: string;
+    error?: string;
+}
+interface AuthResult {
+    success: boolean;
+    account?: string;
+    /** URL the user must visit to authorize (for OAuth flows) */
+    authUrl?: string;
+    error?: string;
+}
+type ConnectorConfig = Record<string, unknown>;
+/**
+ * Generic connector interface for external service integrations.
+ *
+ * Connectors pull and optionally push data to/from external services
+ * (Gmail, Calendar, Trello, Jira, Salesforce, etc.). They produce
+ * typed records — the consuming application decides where to store them.
+ *
+ * @typeParam T - The record type this connector produces/consumes.
+ */
+interface Connector<T = Record<string, unknown>> {
+    readonly id: string;
+    readonly meta: ConnectorMeta;
+    connect(config: ConnectorConfig): Promise<void>;
+    disconnect(): Promise<void>;
+    healthCheck(): Promise<{
+        ok: boolean;
+        account?: string;
+        error?: string;
+    }>;
+    /** Pull records from external source */
+    sync(options?: SyncOptions): Promise<SyncResult<T>>;
+    /** Push a record to external source (optional) */
+    push?(payload: T): Promise<PushResult>;
+    /**
+     * Run the authentication/authorization flow for this connector.
+     * For OAuth connectors, this generates the auth URL and exchanges the code for tokens.
+     *
+     * @param codeProvider - called with the auth URL; must return the authorization code.
+     *   For CLI flows, this prints the URL and reads from stdin.
+     *   For programmatic flows, the caller handles the redirect.
+     */
+    authenticate?(codeProvider: (authUrl: string) => Promise<string>): Promise<AuthResult>;
+}
+
+export type { AuthResult as A, ConnectorConfig as C, PushResult as P, SyncOptions as S, Connector as a, ConnectorMeta as b, SyncResult as c };

package/dist/connectors/google/index.d.ts

@@ -1,4 +1,4 @@
-import { C as ConnectorConfig, a as Connector, b as ConnectorMeta, S as SyncOptions, c as SyncResult, P as PushResult } from '../../connector-DDahQw-2.js';
+import { C as ConnectorConfig, a as Connector, b as ConnectorMeta, A as AuthResult, S as SyncOptions, c as SyncResult, P as PushResult } from '../../connector-B4Mj0P1b.js';
 
 /** Google connector types. */
 
@@ -13,11 +13,26 @@ interface GoogleTokens {
     expiry_date?: number;
     token_type: string;
 }
+interface GoogleServiceAccountConfig {
+    /** Path to service account key JSON file */
+    keyFile?: string;
+    /** Inline service account credentials (alternative to keyFile) */
+    credentials?: {
+        client_email: string;
+        private_key: string;
+        project_id?: string;
+    };
+    /** Email of the user to impersonate via domain-wide delegation */
+    subject: string;
+}
 interface GoogleConnectorConfig extends ConnectorConfig {
     /** Google account email */
     account: string;
-    oauth: GoogleOAuthConfig;
-    scopes: string[];
+    /** OAuth2 user auth (requires browser flow) */
+    oauth?: GoogleOAuthConfig;
+    /** Service account auth (headless, for cloud deployments) */
+    serviceAccount?: GoogleServiceAccountConfig;
+    scopes?: string[];
 }
 interface EmailAddress {
     name?: string;
@@ -84,6 +99,11 @@ declare function getAuthUrl(client: OAuth2Client, scopes: string[]): string;
  * Exchange an authorization code for tokens.
  */
 declare function exchangeCode(client: OAuth2Client, code: string): Promise<GoogleTokens>;
+/**
+ * Create an authenticated client using a service account with
+ * domain-wide delegation (impersonation). No browser flow needed.
+ */
+declare function createServiceAccountClient(config: GoogleServiceAccountConfig, scopes: string[]): Promise<OAuth2Client>;
 /**
  * Load persisted tokens via a generic getter callback.
  *
@@ -115,21 +135,21 @@ declare function refreshIfNeeded(client: OAuth2Client, tokens: GoogleTokens, sav
  */
 
 interface GmailConnectorOpts {
-    /** Load persisted tokens for a given account key. */
-    tokenLoader: (key: string) => Promise<string | null>;
-    /** Persist tokens for a given account key. */
-    tokenSaver: (key: string, value: string) => Promise<void>;
+    /** Load persisted tokens for a given account key (OAuth2 flow only). */
+    tokenLoader?: (key: string) => Promise<string | null>;
+    /** Persist tokens for a given account key (OAuth2 flow only). */
+    tokenSaver?: (key: string, value: string) => Promise<void>;
 }
 declare class GoogleGmailConnector implements Connector<EmailRecord> {
     readonly id = "google-gmail";
     readonly meta: ConnectorMeta;
-    private tokenLoader;
-    private tokenSaver;
+    private tokenLoader?;
+    private tokenSaver?;
     private client;
     private config;
     private tokens;
     private gmail;
-    constructor(opts: GmailConnectorOpts);
+    constructor(opts?: GmailConnectorOpts);
     connect(config: GoogleConnectorConfig): Promise<void>;
     disconnect(): Promise<void>;
     healthCheck(): Promise<{
@@ -137,6 +157,7 @@ declare class GoogleGmailConnector implements Connector<EmailRecord> {
         account?: string;
         error?: string;
     }>;
+    authenticate(codeProvider: (authUrl: string) => Promise<string>): Promise<AuthResult>;
     sync(options?: SyncOptions): Promise<SyncResult<EmailRecord>>;
     /** Incremental sync using Gmail history API. */
     private syncIncremental;
@@ -156,21 +177,21 @@ declare class GoogleGmailConnector implements Connector<EmailRecord> {
  */
 
 interface CalendarConnectorOpts {
-    /** Load persisted tokens for a given account key. */
-    tokenLoader: (key: string) => Promise<string | null>;
-    /** Persist tokens for a given account key. */
-    tokenSaver: (key: string, value: string) => Promise<void>;
+    /** Load persisted tokens for a given account key (OAuth2 flow only). */
+    tokenLoader?: (key: string) => Promise<string | null>;
+    /** Persist tokens for a given account key (OAuth2 flow only). */
+    tokenSaver?: (key: string, value: string) => Promise<void>;
 }
 declare class GoogleCalendarConnector implements Connector<CalendarEventRecord> {
     readonly id = "google-calendar";
     readonly meta: ConnectorMeta;
-    private tokenLoader;
-    private tokenSaver;
+    private tokenLoader?;
+    private tokenSaver?;
     private client;
     private config;
     private tokens;
     private calendar;
-    constructor(opts: CalendarConnectorOpts);
+    constructor(opts?: CalendarConnectorOpts);
     connect(config: GoogleConnectorConfig): Promise<void>;
     disconnect(): Promise<void>;
     healthCheck(): Promise<{
@@ -178,6 +199,7 @@ declare class GoogleCalendarConnector implements Connector<CalendarEventRecord>
         account?: string;
         error?: string;
     }>;
+    authenticate(codeProvider: (authUrl: string) => Promise<string>): Promise<AuthResult>;
     sync(options?: SyncOptions): Promise<SyncResult<CalendarEventRecord>>;
     /** Incremental sync using Calendar syncToken. */
     private syncIncremental;
@@ -187,4 +209,4 @@ declare class GoogleCalendarConnector implements Connector<CalendarEventRecord>
     private mapEvent;
 }
 
-export { type CalendarAttendee, type CalendarConnectorOpts, type CalendarEventRecord, type EmailAddress, type EmailRecord, type GmailConnectorOpts, GoogleCalendarConnector, type GoogleConnectorConfig, GoogleGmailConnector, type GoogleOAuthConfig, type GoogleTokens, createOAuth2Client, exchangeCode, getAuthUrl, loadTokens, refreshIfNeeded, saveTokens };
+export { type CalendarAttendee, type CalendarConnectorOpts, type CalendarEventRecord, type EmailAddress, type EmailRecord, type GmailConnectorOpts, GoogleCalendarConnector, type GoogleConnectorConfig, GoogleGmailConnector, type GoogleOAuthConfig, type GoogleServiceAccountConfig, type GoogleTokens, createOAuth2Client, createServiceAccountClient, exchangeCode, getAuthUrl, loadTokens, refreshIfNeeded, saveTokens };