cowork-os 0.3.21 → 0.3.25

package/dist/electron/electron/main.js

@@ -1,11 +1,46 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const path_1 = __importDefault(require("path"));
+const fs = __importStar(require("fs/promises"));
 const url_1 = require("url");
 const electron_1 = require("electron");
+const mime_types_1 = __importDefault(require("mime-types"));
 const schema_1 = require("./database/schema");
 const SecureSettingsRepository_1 = require("./database/SecureSettingsRepository");
 const handlers_1 = require("./ipc/handlers");
@@ -446,3 +481,31 @@ electron_1.ipcMain.handle('dialog:selectFolder', async () => {
     }
     return null;
 });
+// Handle file selection (attachments)
+electron_1.ipcMain.handle('dialog:selectFiles', async () => {
+    const result = await electron_1.dialog.showOpenDialog({
+        properties: ['openFile', 'multiSelections'],
+        title: 'Select Files to Upload',
+    });
+    if (result.canceled || result.filePaths.length === 0) {
+        return [];
+    }
+    const entries = await Promise.all(result.filePaths.map(async (filePath) => {
+        try {
+            const stats = await fs.stat(filePath);
+            if (!stats.isFile()) {
+                return null;
+            }
+            return {
+                path: filePath,
+                name: path_1.default.basename(filePath),
+                size: stats.size,
+                mimeType: (mime_types_1.default.lookup(filePath) || undefined),
+            };
+        }
+        catch {
+            return null;
+        }
+    }));
+    return entries.filter((entry) => Boolean(entry));
+});

package/dist/electron/electron/mcp/oauth/connector-oauth.js

@@ -0,0 +1,333 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.startConnectorOAuth = startConnectorOAuth;
+const electron_1 = require("electron");
+const http_1 = __importDefault(require("http"));
+const crypto_1 = require("crypto");
+const url_1 = require("url");
+const DEFAULT_TIMEOUT_MS = 2 * 60 * 1000;
+const OAUTH_CALLBACK_PORT = 18765;
+async function startConnectorOAuth(request) {
+    switch (request.provider) {
+        case 'salesforce':
+            return startSalesforceOAuth(request);
+        case 'jira':
+            return startJiraOAuth(request);
+        case 'hubspot':
+            return startHubSpotOAuth(request);
+        case 'zendesk':
+            return startZendeskOAuth(request);
+        default:
+            throw new Error(`Unsupported OAuth provider: ${request.provider}`);
+    }
+}
+function createCodeVerifier() {
+    return base64Url((0, crypto_1.randomBytes)(32));
+}
+function createCodeChallenge(verifier) {
+    const hash = (0, crypto_1.createHash)('sha256').update(verifier).digest();
+    return base64Url(hash);
+}
+function base64Url(buffer) {
+    return buffer
+        .toString('base64')
+        .replace(/\+/g, '-')
+        .replace(/\//g, '_')
+        .replace(/=+$/, '');
+}
+async function startOAuthCallbackServer(timeoutMs = DEFAULT_TIMEOUT_MS) {
+    const state = base64Url((0, crypto_1.randomBytes)(16));
+    return new Promise((resolve, reject) => {
+        const server = http_1.default.createServer();
+        let resolveCode = () => { };
+        let rejectCode = () => { };
+        const codePromise = new Promise((innerResolve, innerReject) => {
+            resolveCode = innerResolve;
+            rejectCode = innerReject;
+        });
+        const timeout = setTimeout(() => {
+            server.close();
+            rejectCode(new Error('OAuth timed out. Please try again.'));
+        }, timeoutMs);
+        server.on('request', (req, res) => {
+            if (!req.url) {
+                res.writeHead(400);
+                res.end('Invalid request');
+                return;
+            }
+            const url = new url_1.URL(req.url, 'http://127.0.0.1');
+            if (url.pathname !== '/oauth/callback') {
+                res.writeHead(404);
+                res.end('Not found');
+                return;
+            }
+            const code = url.searchParams.get('code');
+            const returnedState = url.searchParams.get('state');
+            const error = url.searchParams.get('error');
+            const errorDescription = url.searchParams.get('error_description');
+            res.writeHead(200, { 'Content-Type': 'text/html' });
+            res.end(`<!DOCTYPE html><html><body style="font-family: sans-serif; padding: 24px;">
+        <h2>Authorization complete</h2>
+        <p>You can close this window and return to CoWork OS.</p>
+      </body></html>`);
+            clearTimeout(timeout);
+            server.close();
+            if (error) {
+                rejectCode(new Error(errorDescription || error));
+                return;
+            }
+            if (!code || !returnedState) {
+                rejectCode(new Error('Missing OAuth code or state'));
+                return;
+            }
+            if (returnedState !== state) {
+                rejectCode(new Error('OAuth state mismatch'));
+                return;
+            }
+            resolveCode({ code, state: returnedState });
+        });
+        server.on('error', (error) => {
+            clearTimeout(timeout);
+            const portMessage = error.code === 'EADDRINUSE'
+                ? `Port ${OAUTH_CALLBACK_PORT} is already in use. Close the conflicting app and try again.`
+                : error.message;
+            reject(new Error(`OAuth callback server failed: ${portMessage}`));
+        });
+        server.listen(OAUTH_CALLBACK_PORT, '127.0.0.1', () => {
+            const address = server.address();
+            if (!address || typeof address === 'string') {
+                clearTimeout(timeout);
+                server.close();
+                reject(new Error('Failed to start OAuth callback server'));
+                return;
+            }
+            const redirectUri = `http://127.0.0.1:${address.port}/oauth/callback`;
+            resolve({
+                redirectUri,
+                state,
+                waitForCode: () => codePromise,
+            });
+        });
+    });
+}
+async function startSalesforceOAuth(request) {
+    const loginUrl = request.loginUrl || 'https://login.salesforce.com';
+    if (!request.clientId) {
+        throw new Error('Salesforce OAuth requires a client ID');
+    }
+    if (!request.clientSecret) {
+        throw new Error('Salesforce OAuth requires a client secret');
+    }
+    const scope = (request.scopes && request.scopes.length > 0)
+        ? request.scopes.join(' ')
+        : 'api refresh_token';
+    const { redirectUri, waitForCode, state } = await startOAuthCallbackServer();
+    const authUrl = new url_1.URL(`${loginUrl.replace(/\/$/, '')}/services/oauth2/authorize`);
+    authUrl.searchParams.set('response_type', 'code');
+    authUrl.searchParams.set('client_id', request.clientId);
+    authUrl.searchParams.set('redirect_uri', redirectUri);
+    authUrl.searchParams.set('scope', scope);
+    authUrl.searchParams.set('state', state);
+    await electron_1.shell.openExternal(authUrl.toString());
+    const { code } = await waitForCode();
+    const tokenUrl = `${loginUrl.replace(/\/$/, '')}/services/oauth2/token`;
+    const params = new URLSearchParams({
+        grant_type: 'authorization_code',
+        code,
+        client_id: request.clientId,
+        client_secret: request.clientSecret,
+        redirect_uri: redirectUri,
+    });
+    const tokenResponse = await fetch(tokenUrl, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+        body: params.toString(),
+    });
+    if (!tokenResponse.ok) {
+        const text = await tokenResponse.text();
+        throw new Error(`Salesforce OAuth failed: ${text}`);
+    }
+    const tokenData = await tokenResponse.json();
+    if (!tokenData.access_token) {
+        throw new Error('Salesforce OAuth did not return an access_token');
+    }
+    return {
+        provider: 'salesforce',
+        accessToken: tokenData.access_token,
+        refreshToken: tokenData.refresh_token,
+        instanceUrl: tokenData.instance_url,
+        tokenType: tokenData.token_type,
+    };
+}
+async function startJiraOAuth(request) {
+    if (!request.clientId) {
+        throw new Error('Jira OAuth requires a client ID');
+    }
+    if (!request.clientSecret) {
+        throw new Error('Jira OAuth requires a client secret');
+    }
+    const scope = (request.scopes && request.scopes.length > 0)
+        ? request.scopes.join(' ')
+        : 'read:jira-user read:jira-work write:jira-work offline_access';
+    const { redirectUri, waitForCode, state } = await startOAuthCallbackServer();
+    const codeVerifier = createCodeVerifier();
+    const codeChallenge = createCodeChallenge(codeVerifier);
+    const authUrl = new url_1.URL('https://auth.atlassian.com/authorize');
+    authUrl.searchParams.set('audience', 'api.atlassian.com');
+    authUrl.searchParams.set('client_id', request.clientId);
+    authUrl.searchParams.set('scope', scope);
+    authUrl.searchParams.set('redirect_uri', redirectUri);
+    authUrl.searchParams.set('response_type', 'code');
+    authUrl.searchParams.set('prompt', 'consent');
+    authUrl.searchParams.set('state', state);
+    authUrl.searchParams.set('code_challenge', codeChallenge);
+    authUrl.searchParams.set('code_challenge_method', 'S256');
+    await electron_1.shell.openExternal(authUrl.toString());
+    const { code } = await waitForCode();
+    const tokenResponse = await fetch('https://auth.atlassian.com/oauth/token', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+            grant_type: 'authorization_code',
+            client_id: request.clientId,
+            client_secret: request.clientSecret,
+            code,
+            redirect_uri: redirectUri,
+            code_verifier: codeVerifier,
+        }),
+    });
+    if (!tokenResponse.ok) {
+        const text = await tokenResponse.text();
+        throw new Error(`Jira OAuth failed: ${text}`);
+    }
+    const tokenData = await tokenResponse.json();
+    if (!tokenData.access_token) {
+        throw new Error('Jira OAuth did not return an access_token');
+    }
+    const resourcesResponse = await fetch('https://api.atlassian.com/oauth/token/accessible-resources', {
+        headers: {
+            Authorization: `Bearer ${tokenData.access_token}`,
+            Accept: 'application/json',
+        },
+    });
+    if (!resourcesResponse.ok) {
+        const text = await resourcesResponse.text();
+        throw new Error(`Jira OAuth resources fetch failed: ${text}`);
+    }
+    const resourcesData = await resourcesResponse.json();
+    const resources = Array.isArray(resourcesData)
+        ? resourcesData.map((resource) => ({
+            id: resource.id,
+            name: resource.name,
+            url: resource.url,
+            scopes: resource.scopes,
+        }))
+        : [];
+    return {
+        provider: 'jira',
+        accessToken: tokenData.access_token,
+        refreshToken: tokenData.refresh_token,
+        expiresIn: tokenData.expires_in,
+        tokenType: tokenData.token_type,
+        resources,
+    };
+}
+async function startHubSpotOAuth(request) {
+    if (!request.clientId) {
+        throw new Error('HubSpot OAuth requires a client ID');
+    }
+    if (!request.clientSecret) {
+        throw new Error('HubSpot OAuth requires a client secret');
+    }
+    const scope = (request.scopes && request.scopes.length > 0)
+        ? request.scopes.join(' ')
+        : 'crm.objects.contacts.read crm.objects.contacts.write crm.objects.companies.read crm.objects.companies.write crm.objects.deals.read crm.objects.deals.write';
+    const { redirectUri, waitForCode, state } = await startOAuthCallbackServer();
+    const authUrl = new url_1.URL('https://app.hubspot.com/oauth/authorize');
+    authUrl.searchParams.set('client_id', request.clientId);
+    authUrl.searchParams.set('redirect_uri', redirectUri);
+    authUrl.searchParams.set('scope', scope);
+    authUrl.searchParams.set('state', state);
+    await electron_1.shell.openExternal(authUrl.toString());
+    const { code } = await waitForCode();
+    const params = new URLSearchParams({
+        grant_type: 'authorization_code',
+        client_id: request.clientId,
+        client_secret: request.clientSecret,
+        redirect_uri: redirectUri,
+        code,
+    });
+    const tokenResponse = await fetch('https://api.hubapi.com/oauth/v1/token', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+        body: params.toString(),
+    });
+    if (!tokenResponse.ok) {
+        const text = await tokenResponse.text();
+        throw new Error(`HubSpot OAuth failed: ${text}`);
+    }
+    const tokenData = await tokenResponse.json();
+    if (!tokenData.access_token) {
+        throw new Error('HubSpot OAuth did not return an access_token');
+    }
+    return {
+        provider: 'hubspot',
+        accessToken: tokenData.access_token,
+        refreshToken: tokenData.refresh_token,
+        expiresIn: tokenData.expires_in,
+        tokenType: tokenData.token_type,
+    };
+}
+async function startZendeskOAuth(request) {
+    if (!request.clientId) {
+        throw new Error('Zendesk OAuth requires a client ID');
+    }
+    if (!request.clientSecret) {
+        throw new Error('Zendesk OAuth requires a client secret');
+    }
+    if (!request.subdomain) {
+        throw new Error('Zendesk OAuth requires a subdomain');
+    }
+    const scope = (request.scopes && request.scopes.length > 0)
+        ? request.scopes.join(' ')
+        : 'read write';
+    const baseUrl = `https://${request.subdomain}.zendesk.com`;
+    const { redirectUri, waitForCode, state } = await startOAuthCallbackServer();
+    const authUrl = new url_1.URL(`${baseUrl}/oauth/authorizations/new`);
+    authUrl.searchParams.set('response_type', 'code');
+    authUrl.searchParams.set('client_id', request.clientId);
+    authUrl.searchParams.set('redirect_uri', redirectUri);
+    authUrl.searchParams.set('scope', scope);
+    authUrl.searchParams.set('state', state);
+    await electron_1.shell.openExternal(authUrl.toString());
+    const { code } = await waitForCode();
+    const tokenResponse = await fetch(`${baseUrl}/oauth/tokens`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+            grant_type: 'authorization_code',
+            code,
+            client_id: request.clientId,
+            client_secret: request.clientSecret,
+            redirect_uri: redirectUri,
+        }),
+    });
+    if (!tokenResponse.ok) {
+        const text = await tokenResponse.text();
+        throw new Error(`Zendesk OAuth failed: ${text}`);
+    }
+    const tokenData = await tokenResponse.json();
+    if (!tokenData.access_token) {
+        throw new Error('Zendesk OAuth did not return an access_token');
+    }
+    return {
+        provider: 'zendesk',
+        accessToken: tokenData.access_token,
+        refreshToken: tokenData.refresh_token,
+        tokenType: tokenData.token_type,
+        expiresIn: tokenData.expires_in,
+    };
+}