npm - nothumanallowed - Versions diffs - 9.4.15 → 9.5.0 - Mend

nothumanallowed 9.4.15 → 9.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/package.json +1 -1
package/src/commands/ui.mjs +16 -0
package/src/constants.mjs +1 -1
package/src/services/google-oauth.mjs +12 -21
package/src/services/web-ui.mjs +17 -0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "nothumanallowed",
-  "version": "9.4.15",
+  "version": "9.5.0",
   "description": "NotHumanAllowed — 38 AI agents + 58 tools + browser automation + web search. Streaming chat, headless Chrome CDP, multi-conversation, export. Gmail, Calendar, Drive, GitHub, Notion, Slack. Zero-dependency CLI.",
   "type": "module",
   "bin": {

package/src/commands/ui.mjs CHANGED Viewed

@@ -253,6 +253,22 @@ export async function cmdUI(args) {
         return;
       }
+      // POST /api/google/auth — trigger Google OAuth flow from web UI
+      if (method === 'POST' && pathname === '/api/google/auth') {
+        try {
+          const { runAuthFlow } = await import('../services/google-oauth.mjs');
+          // Run auth flow in background — opens browser
+          runAuthFlow(config).then(success => {
+            if (success) config._googleConnected = true;
+          }).catch(() => {});
+          sendJSON(res, 200, { ok: true, message: 'OAuth flow started. Check the browser window that opened.' });
+        } catch (e) {
+          sendJSON(res, 500, { error: e.message });
+        }
+        logRequest(method, pathname, 200, Date.now() - start);
+        return;
+      }
       // GET /api/health — simple health check
       if (method === 'GET' && pathname === '/api/health') {
         sendJSON(res, 200, { ok: true, version: VERSION });

package/src/constants.mjs CHANGED Viewed

@@ -5,7 +5,7 @@ import { fileURLToPath } from 'url';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
-export const VERSION = '9.4.15';
+export const VERSION = '9.5.0';
 export const BASE_URL = 'https://nothumanallowed.com/cli';
 export const API_BASE = 'https://nothumanallowed.com/api/v1';

package/src/services/google-oauth.mjs CHANGED Viewed

@@ -11,8 +11,9 @@ import os from 'os';
 import { saveTokens, loadTokens, deleteTokens } from './token-store.mjs';
 import { info, ok, fail, warn } from '../ui.mjs';
-// NHA published OAuth client (Desktop app type — client_id is not a secret)
-const DEFAULT_CLIENT_ID = ''; // Will be set when Google Cloud project is verified
+// NHA published OAuth client — same credentials as the mobile app
+const DEFAULT_CLIENT_ID = '740354841334-o0l6rhkn900jtjtfcls3bkr2n9f1l3tt.apps.googleusercontent.com';
+const DEFAULT_CLIENT_SECRET = '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';
 const SCOPES = [
   'https://www.googleapis.com/auth/gmail.modify',
   'https://www.googleapis.com/auth/gmail.send',
@@ -79,7 +80,7 @@ function waitForCallback(state, port) {
         return;
       }
-      if (!code || returnedState !== state) {
+      if (!code || !returnedState?.startsWith(state.split('|')[0])) {
         res.writeHead(400, { 'Content-Type': 'text/html' });
         res.end('<html><body><h2>Invalid callback</h2><p>Missing code or state mismatch.</p></body></html>');
         server.close();
@@ -159,20 +160,7 @@ async function getUserEmail(accessToken) {
  */
 export async function runAuthFlow(config) {
   const clientId = config.google?.clientId || DEFAULT_CLIENT_ID;
-  const clientSecret = config.google?.clientSecret || '';
-  if (!clientId) {
-    fail('Google OAuth client ID not configured.');
-    info('Get credentials from Google Cloud Console:');
-    info('  1. Go to https://console.cloud.google.com/apis/credentials');
-    info('  2. Create an OAuth 2.0 Client ID (Desktop app type)');
-    info('  3. Enable Gmail API and Calendar API');
-    info('  4. Run:');
-    info('     nha config set google-client-id YOUR_CLIENT_ID');
-    info('     nha config set google-client-secret YOUR_CLIENT_SECRET');
-    info('  5. Run: nha google auth');
-    return false;
-  }
+  const clientSecret = config.google?.clientSecret || DEFAULT_CLIENT_SECRET;
   // Find available port
   let port = 0;
@@ -192,13 +180,16 @@ export async function runAuthFlow(config) {
     return false;
   }
-  const redirectUri = `http://127.0.0.1:${port}/callback`;
+  // Use our server as OAuth redirect (same as mobile app)
+  // The callback page extracts the code and redirects to localhost
+  const serverRedirectUri = 'https://nothumanallowed.com/auth/callback';
+  const localCallbackUrl = `http://127.0.0.1:${port}/callback`;
   const { verifier, challenge } = generatePKCE();
-  const state = crypto.randomBytes(32).toString('hex');
+  const state = crypto.randomBytes(32).toString('hex') + `|localhost:${port}`;
   const authUrl = new URL('https://accounts.google.com/o/oauth2/v2/auth');
   authUrl.searchParams.set('client_id', clientId);
-  authUrl.searchParams.set('redirect_uri', redirectUri);
+  authUrl.searchParams.set('redirect_uri', serverRedirectUri);
   authUrl.searchParams.set('response_type', 'code');
   authUrl.searchParams.set('scope', SCOPES);
   authUrl.searchParams.set('state', state);
@@ -215,7 +206,7 @@ export async function runAuthFlow(config) {
     const { code } = await waitForCallback(state, port);
     info('Authorization code received. Exchanging for tokens...');
-    const tokenData = await exchangeCode(code, verifier, clientId, clientSecret, redirectUri);
+    const tokenData = await exchangeCode(code, verifier, clientId, clientSecret, serverRedirectUri);
     const email = await getUserEmail(tokenData.access_token);
     const tokens = {

package/src/services/web-ui.mjs CHANGED Viewed

@@ -1498,9 +1498,26 @@ function renderSettings(el) {
       ['summary-time', 'Summary Time', '18:00'],
       ['meeting-alert', 'Meeting Alert (minutes)', '30'],
     ]) +
+    '<div class="card" style="margin-top:16px"><div class="card__title">Google Account</div>' +
+    '<div style="font-size:11px;color:var(--dim);margin-bottom:8px">Connect Gmail, Calendar, Drive, Contacts, and Tasks. Opens a browser window for Google sign-in.</div>' +
+    (settingsData.hasGoogle ? '<div style="color:var(--green);font-size:12px;margin-bottom:8px">\\u2705 Connected</div>' : '') +
+    '<button onclick="connectGoogle()" style="background:var(--green3);color:var(--bg);padding:8px 20px;border-radius:var(--r);font-weight:700;font-size:12px;cursor:pointer;border:none">' + (settingsData.hasGoogle ? 'Reconnect Google' : 'Connect Google') + '</button>' +
+    '<div id="googleStatus" style="margin-top:8px;font-size:10px;color:var(--dim)"></div>' +
+    '</div>' +
   '</div>';
 }
+function connectGoogle() {
+  var s = document.getElementById('googleStatus');
+  if (s) s.textContent = 'Starting Google sign-in...';
+  apiPost('/api/google/auth', {}).then(function(r) {
+    if (s) s.textContent = r.message || 'Check the browser window that opened.';
+    if (s) s.style.color = 'var(--green)';
+  }).catch(function(e) {
+    if (s) { s.textContent = 'Error: ' + e.message; s.style.color = 'var(--red)'; }
+  });
+}
 function settingsSection(id, title, desc, fields) {
   var h = '<form class="card" style="margin-bottom:16px" id="settings-' + id + '" onsubmit="event.preventDefault();saveSettingsSection(\\x27' + id + '\\x27)">' +
     '<div class="card__title" style="color:var(--green);font-size:14px;margin-bottom:4px">' + esc(title) + '</div>' +