npm - groove-dev - Versions diffs - 0.17.5 → 0.17.7 - Mend

groove-dev 0.17.5 → 0.17.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/node_modules/@groove-dev/daemon/integrations-registry.json CHANGED Viewed

@@ -102,9 +102,9 @@
     "authType": "none",
     "envKeys": [],
     "setupSteps": [
-      "Just install — the server handles Google sign-in automatically",
-      "On first use, a browser window will open for you to authorize",
-      "That's it — no API keys or tokens needed"
+      "Click Install, then click 'Sign in with Google'",
+      "A browser window will open — authorize Groove",
+      "Done — no API keys or tokens needed"
     ],
     "featured": false,
     "downloads": 0,
@@ -127,9 +127,9 @@
     "authType": "none",
     "envKeys": [],
     "setupSteps": [
-      "Just install — the server handles Google sign-in automatically",
-      "On first use, a browser window will open for you to authorize",
-      "That's it — no API keys or tokens needed"
+      "Click Install, then click 'Sign in with Google'",
+      "A browser window will open — authorize Groove",
+      "Done — no API keys or tokens needed"
     ],
     "featured": false,
     "downloads": 0,

package/node_modules/@groove-dev/daemon/src/api.js CHANGED Viewed

@@ -506,6 +506,16 @@ export function createApi(app, daemon) {
   // Parameterized :id routes (after specific routes above)
+  app.post('/api/integrations/:id/authenticate', (req, res) => {
+    try {
+      const handle = daemon.integrations.authenticate(req.params.id);
+      res.json({ ok: true, pid: handle.pid });
+      // Auto-cleanup tracked by the handle timeout
+    } catch (err) {
+      res.status(400).json({ error: err.message });
+    }
+  });
   app.post('/api/integrations/:id/install', async (req, res) => {
     try {
       const result = await daemon.integrations.install(req.params.id);

package/node_modules/@groove-dev/daemon/src/integrations.js CHANGED Viewed

@@ -4,7 +4,7 @@
 import { existsSync, mkdirSync, writeFileSync, readFileSync, readdirSync, rmSync } from 'fs';
 import { resolve, dirname } from 'path';
 import { fileURLToPath } from 'url';
-import { execFileSync } from 'child_process';
+import { execFileSync, spawn as cpSpawn } from 'child_process';
 const __dirname = dirname(fileURLToPath(import.meta.url));
@@ -457,6 +457,80 @@ export class IntegrationStore {
     return !!(clientId && clientSecret);
   }
+  /**
+   * Pre-authenticate an auto-auth integration by running its MCP server
+   * and sending the MCP handshake (initialize + tools/list). This triggers
+   * the server's built-in OAuth flow which opens a browser for sign-in.
+   * Returns a handle to track the auth process.
+   */
+  authenticate(integrationId) {
+    const entry = this.registry.find((s) => s.id === integrationId);
+    if (!entry) throw new Error(`Integration not found: ${integrationId}`);
+    const command = entry.command || 'npx';
+    const args = entry.args || ['-y', entry.npmPackage];
+    // Build env with any configured credentials
+    const env = {};
+    for (const ek of (entry.envKeys || [])) {
+      const val = this.getCredential(integrationId, ek.key);
+      if (val) env[ek.key] = val;
+    }
+    // Spawn the MCP server with stdin/stdout for JSON-RPC,
+    // stderr inherited so it can open browsers and show auth prompts
+    const proc = cpSpawn(command, args, {
+      env: { ...process.env, ...env },
+      stdio: ['pipe', 'pipe', 'inherit'],
+      detached: false,
+    });
+    // Send MCP handshake to initialize the server — this triggers auth
+    const initMsg = JSON.stringify({
+      jsonrpc: '2.0', id: 1, method: 'initialize',
+      params: {
+        protocolVersion: '2024-11-05',
+        capabilities: {},
+        clientInfo: { name: 'groove', version: '1.0.0' },
+      },
+    });
+    const listToolsMsg = JSON.stringify({
+      jsonrpc: '2.0', id: 2, method: 'tools/list', params: {},
+    });
+    const initializedNotif = JSON.stringify({
+      jsonrpc: '2.0', method: 'notifications/initialized',
+    });
+    // Wait a moment for npx to download + start, then send handshake
+    proc.stdout.on('data', (chunk) => {
+      const text = chunk.toString();
+      // After initialize response, send initialized notification + tools/list
+      if (text.includes('"id":1') || text.includes('"id": 1')) {
+        proc.stdin.write(initializedNotif + '\n');
+        setTimeout(() => proc.stdin.write(listToolsMsg + '\n'), 500);
+      }
+    });
+    // Send initialize after a brief delay for npx startup
+    setTimeout(() => {
+      try { proc.stdin.write(initMsg + '\n'); } catch { /* process may have exited */ }
+    }, 3000);
+    // Auto-kill after 2 minutes (auth should complete well before that)
+    const timeout = setTimeout(() => {
+      try { proc.kill('SIGTERM'); } catch { /* ignore */ }
+    }, 120_000);
+    proc.on('exit', () => clearTimeout(timeout));
+    this.daemon.audit.log('integration.authenticate', { id: integrationId });
+    return {
+      pid: proc.pid,
+      kill: () => { clearTimeout(timeout); try { proc.kill('SIGTERM'); } catch { /* ignore */ } },
+    };
+  }
   // --- Internal ---
   _isInstalled(integrationId) {