groove-dev 0.17.6 → 0.17.8

package/node_modules/@groove-dev/gui/dist/index.html

@@ -4,7 +4,7 @@
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>GROOVE</title>
-    <script type="module" crossorigin src="/assets/index-CsymvgNh.js"></script>
+    <script type="module" crossorigin src="/assets/index-D5dtDQf0.js"></script>
     <link rel="stylesheet" crossorigin href="/assets/index-BhjOFLBc.css">
   </head>
   <body>

package/node_modules/@groove-dev/gui/src/views/IntegrationsStore.jsx

@@ -86,8 +86,9 @@ function CredentialModal({ integration, onClose }) {
   const [showGoogleSetup, setShowGoogleSetup] = useState(false);
 
   useEffect(() => {
-    if (integration?.authType === 'oauth-google') {
+    if (integration?.authType === 'oauth-google' || integration?.authType === 'google-autoauth' || integration?._googleSetupNeeded) {
       setOauthStatus('checking');
+      setShowGoogleSetup(integration?._googleSetupNeeded || false);
       fetch('/api/integrations/google-oauth/status')
         .then((r) => r.json())
         .then((data) => setOauthStatus(data.configured ? 'ready' : 'not-configured'))
@@ -98,6 +99,7 @@ function CredentialModal({ integration, onClose }) {
   if (!integration) return null;
 
   const isOAuth = integration.authType === 'oauth-google';
+  const isGoogleAutoAuth = integration.authType === 'google-autoauth' || integration._googleSetupNeeded;
   const envKeys = (integration.envKeys || []).filter((ek) => !ek.hidden);
   const setupSteps = integration.setupSteps || [];
 
@@ -133,6 +135,22 @@ function CredentialModal({ integration, onClose }) {
     setSaving(false);
   }
 
+  async function handleAutoAuthConnect() {
+    setOauthStatus('connecting');
+    try {
+      const res = await fetch(`/api/integrations/${integration.id}/authenticate`, { method: 'POST' });
+      const data = await res.json();
+      if (!data.ok) {
+        setOauthStatus('ready');
+      }
+      // The MCP server will open a browser — poll isn't needed since
+      // the server handles auth internally. Just close after a moment.
+      setTimeout(() => onClose(), 2000);
+    } catch {
+      setOauthStatus('ready');
+    }
+  }
+
   async function handleOAuthConnect() {
     setOauthStatus('connecting');
     try {
@@ -218,12 +236,14 @@ function CredentialModal({ integration, onClose }) {
             </a>
           )}
 
-          {/* OAuth flow for Google integrations */}
-          {isOAuth && (
+          {/* OAuth flow for Google integrations (both oauth-google and google-autoauth) */}
+          {(isOAuth || isGoogleAutoAuth) && (
             <div style={{ marginBottom: 16 }}>
               {/* Always show the primary Connect button */}
               <button
-                onClick={oauthStatus === 'ready' ? handleOAuthConnect : () => setShowGoogleSetup(true)}
+                onClick={oauthStatus === 'ready'
+                  ? (isGoogleAutoAuth ? handleAutoAuthConnect : handleOAuthConnect)
+                  : () => setShowGoogleSetup(true)}
                 disabled={oauthStatus === 'checking' || oauthStatus === 'connecting'}
                 style={{
                   display: 'flex', alignItems: 'center', justifyContent: 'center', gap: 8,
@@ -292,9 +312,12 @@ function CredentialModal({ integration, onClose }) {
                     <button
                       onClick={async () => {
                         await handleGoogleSetup();
-                        // After saving, immediately trigger the OAuth connect flow
+                        // After saving, immediately trigger the appropriate connect flow
                         if (googleClientId && googleClientSecret) {
-                          setTimeout(() => handleOAuthConnect(), 500);
+                          setTimeout(() => {
+                            if (isGoogleAutoAuth) handleAutoAuthConnect();
+                            else handleOAuthConnect();
+                          }, 500);
                         }
                       }}
                       disabled={saving || !googleClientId || !googleClientSecret}
@@ -369,7 +392,8 @@ function CredentialModal({ integration, onClose }) {
 function IntegrationDetailModal({ integration, installing, onInstall, onUninstall, onConfigure, onAuthenticate, onClose }) {
   if (!integration) return null;
 
-  const isAutoAuth = integration.authType === 'none' && (integration.envKeys || []).length === 0;
+  const isAutoAuth = (integration.authType === 'none' || integration.authType === 'google-autoauth')
+    && (integration.envKeys || []).length === 0;
   const hasCredentials = (integration.envKeys || []).filter((ek) => !ek.hidden).length > 0
     || integration.authType === 'oauth-google';
 
@@ -716,6 +740,20 @@ export default function IntegrationsStore() {
   }
 
   async function handleAuthenticate(item) {
+    // For google-autoauth, check if Google OAuth is configured first
+    if (item.authType === 'google-autoauth') {
+      try {
+        const statusRes = await fetch('/api/integrations/google-oauth/status');
+        const statusData = await statusRes.json();
+        if (!statusData.configured) {
+          // Need Google OAuth setup first — open the credential modal
+          setSelectedItem(null);
+          setConfiguring({ ...item, _googleSetupNeeded: true });
+          return;
+        }
+      } catch { /* proceed anyway */ }
+    }
+
     setSelectedItem(null);
     try {
       const res = await fetch(`/api/integrations/${item.id}/authenticate`, { method: 'POST' });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "groove-dev",
-  "version": "0.17.6",
+  "version": "0.17.8",
   "description": "Open-source agent orchestration layer — the AI company OS. MCP integrations (Slack, Gmail, Stripe, 15+), agent scheduling (cron), business roles (CMO, CFO, EA). GUI dashboard, multi-agent coordination, zero cold-start, infinite sessions. Works with Claude Code, Codex, Gemini CLI, Ollama.",
   "license": "FSL-1.1-Apache-2.0",
   "author": "Groove Dev <hello@groovedev.ai> (https://groovedev.ai)",

package/packages/daemon/integrations-registry.json

@@ -99,12 +99,13 @@
     "transport": "stdio",
     "command": "npx",
     "args": ["-y", "@gongrzhe/server-calendar-autoauth-mcp"],
-    "authType": "none",
+    "authType": "google-autoauth",
+    "oauthKeysDir": ".calendar-mcp",
     "envKeys": [],
     "setupSteps": [
-      "Click Install, then click 'Sign in with Google'",
-      "A browser window will open — authorize Groove",
-      "Done — no API keys or tokens needed"
+      "One-time: link your Google Cloud OAuth app (shared across all Google integrations)",
+      "Click 'Sign in with Google' — a browser opens for authorization",
+      "Done — the MCP server handles token refresh automatically"
     ],
     "featured": false,
     "downloads": 0,
@@ -124,12 +125,13 @@
     "transport": "stdio",
     "command": "npx",
     "args": ["-y", "@gongrzhe/server-gmail-autoauth-mcp"],
-    "authType": "none",
+    "authType": "google-autoauth",
+    "oauthKeysDir": ".gmail-mcp",
     "envKeys": [],
     "setupSteps": [
-      "Click Install, then click 'Sign in with Google'",
-      "A browser window will open — authorize Groove",
-      "Done — no API keys or tokens needed"
+      "One-time: link your Google Cloud OAuth app (shared across all Google integrations)",
+      "Click 'Sign in with Google' — a browser opens for authorization",
+      "Done — the MCP server handles token refresh automatically"
     ],
     "featured": false,
     "downloads": 0,

package/packages/daemon/src/integrations.js

@@ -458,15 +458,21 @@ export class IntegrationStore {
   }
 
   /**
-   * Pre-authenticate an auto-auth integration by running its MCP server briefly.
-   * The server will open a browser for OAuth. Once auth completes, the server
-   * stores tokens locally so future agent spawns work without prompting.
+   * Pre-authenticate an auto-auth integration by running its MCP server
+   * and sending the MCP handshake (initialize + tools/list). This triggers
+   * the server's built-in OAuth flow which opens a browser for sign-in.
    * Returns a handle to track the auth process.
    */
   authenticate(integrationId) {
     const entry = this.registry.find((s) => s.id === integrationId);
     if (!entry) throw new Error(`Integration not found: ${integrationId}`);
 
+    // For google-autoauth integrations, write the gcp-oauth.keys.json file
+    // that the MCP server expects before it can start the OAuth browser flow
+    if (entry.authType === 'google-autoauth') {
+      this._writeGoogleOAuthKeys(entry);
+    }
+
     const command = entry.command || 'npx';
     const args = entry.args || ['-y', entry.npmPackage];
 
@@ -477,13 +483,45 @@ export class IntegrationStore {
       if (val) env[ek.key] = val;
     }
 
-    // Spawn the MCP server — it will trigger OAuth on startup
+    // Spawn the MCP server with stdin/stdout for JSON-RPC,
+    // stderr inherited so it can open browsers and show auth prompts
     const proc = cpSpawn(command, args, {
       env: { ...process.env, ...env },
-      stdio: ['pipe', 'pipe', 'pipe'],
+      stdio: ['pipe', 'pipe', 'inherit'],
       detached: false,
     });
 
+    // Send MCP handshake to initialize the server — this triggers auth
+    const initMsg = JSON.stringify({
+      jsonrpc: '2.0', id: 1, method: 'initialize',
+      params: {
+        protocolVersion: '2024-11-05',
+        capabilities: {},
+        clientInfo: { name: 'groove', version: '1.0.0' },
+      },
+    });
+    const listToolsMsg = JSON.stringify({
+      jsonrpc: '2.0', id: 2, method: 'tools/list', params: {},
+    });
+    const initializedNotif = JSON.stringify({
+      jsonrpc: '2.0', method: 'notifications/initialized',
+    });
+
+    // Wait a moment for npx to download + start, then send handshake
+    proc.stdout.on('data', (chunk) => {
+      const text = chunk.toString();
+      // After initialize response, send initialized notification + tools/list
+      if (text.includes('"id":1') || text.includes('"id": 1')) {
+        proc.stdin.write(initializedNotif + '\n');
+        setTimeout(() => proc.stdin.write(listToolsMsg + '\n'), 500);
+      }
+    });
+
+    // Send initialize after a brief delay for npx startup
+    setTimeout(() => {
+      try { proc.stdin.write(initMsg + '\n'); } catch { /* process may have exited */ }
+    }, 3000);
+
     // Auto-kill after 2 minutes (auth should complete well before that)
     const timeout = setTimeout(() => {
       try { proc.kill('SIGTERM'); } catch { /* ignore */ }
@@ -499,6 +537,39 @@ export class IntegrationStore {
     };
   }
 
+  /**
+   * Write gcp-oauth.keys.json for Google auto-auth MCP servers.
+   * These servers need a Google Cloud OAuth client file at a specific path
+   * before they can open the browser for user consent.
+   */
+  _writeGoogleOAuthKeys(entry) {
+    const clientId = this.getCredential('google-oauth', 'GOOGLE_CLIENT_ID');
+    const clientSecret = this.getCredential('google-oauth', 'GOOGLE_CLIENT_SECRET');
+    if (!clientId || !clientSecret) {
+      throw new Error('Google OAuth not configured. Click "Sign in with Google" to set up your Google Cloud credentials first.');
+    }
+
+    const keysContent = JSON.stringify({
+      installed: {
+        client_id: clientId,
+        client_secret: clientSecret,
+        auth_uri: 'https://accounts.google.com/o/oauth2/auth',
+        token_uri: 'https://oauth2.googleapis.com/token',
+        redirect_uris: ['http://localhost'],
+      },
+    }, null, 2);
+
+    // Write to the directory the MCP server expects (e.g., ~/.gmail-mcp/)
+    const keysDir = entry.oauthKeysDir;
+    if (keysDir) {
+      const homedir = process.env.HOME || process.env.USERPROFILE || '~';
+      const dirPath = resolve(homedir, keysDir);
+      mkdirSync(dirPath, { recursive: true });
+      const keysPath = resolve(dirPath, 'gcp-oauth.keys.json');
+      writeFileSync(keysPath, keysContent, { mode: 0o600 });
+    }
+  }
+
   // --- Internal ---
 
   _isInstalled(integrationId) {