patchwork-os 0.2.0-alpha.2 → 0.2.0-alpha.22

package/dist/connectors/mcpOAuth.js

@@ -0,0 +1,389 @@
+/**
+ * OAuth 2.1 PKCE helper for upstream MCP servers.
+ *
+ * Supports two vendor modes:
+ *   - dyn-reg (Linear, Sentry): RFC 7591 dynamic client registration.
+ *     Registration data cached alongside tokens so we don't re-register every run.
+ *   - preregistered (GitHub): uses a hardcoded client_id + PKCE-only flow.
+ *
+ * Token files: ~/.patchwork/tokens/<vendor>-mcp.json (mode 0600)
+ *
+ * Flow:
+ *   1. startAuthorize({ vendor, config }) -> { url, state }
+ *      Dashboard opens `url` in a popup; stores `state` to correlate callback.
+ *   2. server.ts callback route calls completeAuthorize({ vendor, config, code, state })
+ *      -> persisted token file.
+ *   3. getAccessToken({ vendor }) reads token, refreshes if needed.
+ *   4. revoke({ vendor }) hits the revocation endpoint + deletes file.
+ */
+import crypto from "node:crypto";
+import { existsSync, readFileSync, unlinkSync } from "node:fs";
+import { homedir } from "node:os";
+import path from "node:path";
+import { deleteSecretJsonSync, getSecretJsonSync, storeSecretJsonSync, } from "./tokenStorage.js";
+// ── Known vendor configs ─────────────────────────────────────────────────────
+function defaultBridgeBase() {
+    const port = process.env.PATCHWORK_BRIDGE_PORT ?? "3101";
+    return (process.env.PATCHWORK_BRIDGE_URL ?? `http://localhost:${port}`).replace(/\/$/, "");
+}
+export function vendorConfig(vendor) {
+    const bridgeBase = defaultBridgeBase();
+    switch (vendor) {
+        case "github":
+            return {
+                vendor,
+                issuer: "https://github.com/login/oauth",
+                authorizationEndpoint: "https://github.com/login/oauth/authorize",
+                tokenEndpoint: "https://github.com/login/oauth/access_token",
+                revocationEndpoint: undefined, // GitHub OAuth apps use a different revoke path; best-effort delete only
+                scopes: ["repo", "read:org", "read:user"],
+                redirectUri: `${bridgeBase}/connections/github/callback`,
+                useDynamicRegistration: false,
+                preregisteredClientId: process.env.PATCHWORK_GITHUB_CLIENT_ID ?? "",
+                preregisteredClientSecret: process.env.PATCHWORK_GITHUB_CLIENT_SECRET,
+                clientName: "Patchwork OS",
+            };
+        case "linear":
+            return {
+                vendor,
+                issuer: "https://mcp.linear.app",
+                authorizationEndpoint: "https://mcp.linear.app/authorize",
+                tokenEndpoint: "https://mcp.linear.app/token",
+                registrationEndpoint: "https://mcp.linear.app/register",
+                revocationEndpoint: "https://mcp.linear.app/token", // per discovery doc
+                scopes: [],
+                redirectUri: `${bridgeBase}/connections/linear/callback`,
+                useDynamicRegistration: true,
+                clientName: "Patchwork OS",
+            };
+        case "sentry":
+            return {
+                vendor,
+                issuer: "https://mcp.sentry.dev",
+                authorizationEndpoint: "https://mcp.sentry.dev/oauth/authorize",
+                tokenEndpoint: "https://mcp.sentry.dev/oauth/token",
+                registrationEndpoint: "https://mcp.sentry.dev/oauth/register",
+                revocationEndpoint: "https://mcp.sentry.dev/oauth/token",
+                scopes: ["org:read", "project:write", "event:write"],
+                redirectUri: `${bridgeBase}/connections/sentry/callback`,
+                useDynamicRegistration: true,
+                clientName: "Patchwork OS",
+            };
+    }
+}
+function tokenPath(vendor) {
+    return path.join(homedir(), ".patchwork", "tokens", `${vendor}-mcp.json`);
+}
+function tokenStorageProvider(vendor) {
+    return `${vendor}-mcp`;
+}
+export function loadTokenFile(vendor) {
+    const secure = getSecretJsonSync(tokenStorageProvider(vendor));
+    if (secure) {
+        return secure;
+    }
+    const p = tokenPath(vendor);
+    if (!existsSync(p))
+        return null;
+    try {
+        const legacy = JSON.parse(readFileSync(p, "utf-8"));
+        saveTokenFile(legacy);
+        return legacy;
+    }
+    catch {
+        return null;
+    }
+}
+function saveTokenFile(file) {
+    storeSecretJsonSync(tokenStorageProvider(file.vendor), file);
+    const p = tokenPath(file.vendor);
+    if (existsSync(p)) {
+        try {
+            unlinkSync(p);
+        }
+        catch { }
+    }
+}
+function deleteTokenFile(vendor) {
+    deleteSecretJsonSync(tokenStorageProvider(vendor));
+    const p = tokenPath(vendor);
+    if (existsSync(p))
+        unlinkSync(p);
+}
+export function updateTokenProfile(vendor, profile) {
+    const file = loadTokenFile(vendor);
+    if (!file) {
+        return;
+    }
+    saveTokenFile({
+        ...file,
+        profile: { ...(file.profile ?? {}), ...profile },
+    });
+}
+// ── PKCE helpers ─────────────────────────────────────────────────────────────
+function base64url(buf) {
+    return buf
+        .toString("base64")
+        .replace(/=/g, "")
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_");
+}
+function genVerifier() {
+    return base64url(crypto.randomBytes(32));
+}
+function challenge(verifier) {
+    return base64url(crypto.createHash("sha256").update(verifier).digest());
+}
+const pending = new Map();
+function gcPending() {
+    const now = Date.now();
+    for (const [k, v] of pending.entries()) {
+        if (v.expiresAt < now)
+            pending.delete(k);
+    }
+}
+async function dynamicRegister(config) {
+    if (!config.registrationEndpoint) {
+        throw new Error(`${config.vendor}: no registration endpoint configured`);
+    }
+    const body = {
+        client_name: config.clientName ?? "Patchwork OS",
+        redirect_uris: [config.redirectUri],
+        grant_types: ["authorization_code", "refresh_token"],
+        response_types: ["code"],
+        token_endpoint_auth_method: "none",
+        scope: config.scopes.join(" "),
+    };
+    const res = await fetch(config.registrationEndpoint, {
+        method: "POST",
+        headers: { "Content-Type": "application/json", Accept: "application/json" },
+        body: JSON.stringify(body),
+    });
+    if (!res.ok) {
+        const snippet = (await res.text()).slice(0, 300);
+        throw new Error(`${config.vendor} dyn-reg failed ${res.status}: ${snippet}`);
+    }
+    const json = (await res.json());
+    if (!json.client_id)
+        throw new Error(`${config.vendor} dyn-reg missing client_id`);
+    return { clientId: json.client_id, clientSecret: json.client_secret };
+}
+// ── Authorize flow ───────────────────────────────────────────────────────────
+/**
+ * Returns the authorize URL for the popup, and a `state` cookie value
+ * the callback must match. For dyn-reg vendors, registers a fresh client
+ * if we don't have one yet (re-uses existing one from token file on reconnect).
+ */
+export async function startAuthorize(config) {
+    gcPending();
+    let clientId = config.preregisteredClientId ?? "";
+    let clientSecret = config.preregisteredClientSecret;
+    if (config.useDynamicRegistration) {
+        // Re-use cached registration if available
+        const existing = loadTokenFile(config.vendor);
+        if (existing?.client_id) {
+            clientId = existing.client_id;
+            clientSecret = existing.client_secret;
+        }
+        else {
+            const reg = await dynamicRegister(config);
+            clientId = reg.clientId;
+            clientSecret = reg.clientSecret;
+        }
+    }
+    if (!clientId) {
+        throw new Error(`${config.vendor}: client_id not configured (set PATCHWORK_${config.vendor.toUpperCase()}_CLIENT_ID)`);
+    }
+    if (!config.useDynamicRegistration &&
+        config.preregisteredClientSecret === undefined &&
+        config.vendor === "github") {
+        throw new Error("github: client_secret not configured (set PATCHWORK_GITHUB_CLIENT_SECRET)");
+    }
+    const verifier = genVerifier();
+    const state = base64url(crypto.randomBytes(24));
+    pending.set(state, {
+        vendor: config.vendor,
+        verifier,
+        clientId,
+        clientSecret,
+        expiresAt: Date.now() + 10 * 60 * 1000,
+    });
+    const params = new URLSearchParams({
+        response_type: "code",
+        client_id: clientId,
+        redirect_uri: config.redirectUri,
+        state,
+        code_challenge: challenge(verifier),
+        code_challenge_method: "S256",
+    });
+    if (config.scopes.length)
+        params.set("scope", config.scopes.join(" "));
+    const authorizeUrl = config.authorizationEndpoint;
+    if (!authorizeUrl)
+        throw new Error(`${config.vendor}: no authorization_endpoint`);
+    return { url: `${authorizeUrl}?${params.toString()}`, state };
+}
+async function exchangeCode(config, code, verifier, clientId, clientSecret) {
+    if (!config.tokenEndpoint)
+        throw new Error(`${config.vendor}: no token_endpoint`);
+    const body = new URLSearchParams({
+        grant_type: "authorization_code",
+        code,
+        redirect_uri: config.redirectUri,
+        client_id: clientId,
+        code_verifier: verifier,
+    });
+    if (clientSecret)
+        body.set("client_secret", clientSecret);
+    const res = await fetch(config.tokenEndpoint, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/x-www-form-urlencoded",
+            Accept: "application/json",
+        },
+        body: body.toString(),
+    });
+    if (!res.ok) {
+        const snippet = (await res.text()).slice(0, 300);
+        throw new Error(`${config.vendor} token exchange ${res.status}: ${snippet}`);
+    }
+    // GitHub returns form-encoded by default unless Accept: application/json is honored
+    const ct = res.headers.get("content-type") ?? "";
+    if (ct.includes("application/x-www-form-urlencoded")) {
+        const text = await res.text();
+        const p = new URLSearchParams(text);
+        if (p.get("error"))
+            throw new Error(`${config.vendor}: ${p.get("error_description") ?? p.get("error")}`);
+        return {
+            access_token: p.get("access_token") ?? "",
+            refresh_token: p.get("refresh_token") ?? undefined,
+            expires_in: p.get("expires_in") ? Number(p.get("expires_in")) : undefined,
+            scope: p.get("scope") ?? undefined,
+        };
+    }
+    return (await res.json());
+}
+/** Complete the authorize flow. Persists token file. */
+export async function completeAuthorize(config, code, state, profile) {
+    gcPending();
+    const p = pending.get(state);
+    if (!p)
+        throw new Error(`${config.vendor}: invalid or expired state`);
+    pending.delete(state);
+    if (p.vendor !== config.vendor)
+        throw new Error(`${config.vendor}: vendor mismatch on state`);
+    const tok = await exchangeCode(config, code, p.verifier, p.clientId, p.clientSecret);
+    if (!tok.access_token)
+        throw new Error(`${config.vendor}: empty access_token`);
+    const expiresAt = tok.expires_in
+        ? Date.now() + tok.expires_in * 1000
+        : undefined;
+    saveTokenFile({
+        vendor: config.vendor,
+        client_id: p.clientId,
+        client_secret: p.clientSecret,
+        access_token: tok.access_token,
+        refresh_token: tok.refresh_token,
+        expires_at: expiresAt,
+        scope: tok.scope,
+        connected_at: new Date().toISOString(),
+        profile,
+    });
+    return { ok: true, profile };
+}
+// ── Token refresh ────────────────────────────────────────────────────────────
+async function refreshIfNeeded(config, file) {
+    const buffer = 300_000; // 5-minute buffer — avoid mid-call expiry
+    if (!file.expires_at || Date.now() < file.expires_at - buffer)
+        return file;
+    if (!file.refresh_token) {
+        // No refresh token — token is expired and can't be renewed automatically
+        if (file.expires_at && Date.now() >= file.expires_at) {
+            throw new Error(`${file.vendor}: token expired. Re-authorize via GET /connections/${file.vendor}/authorize`);
+        }
+        return file;
+    }
+    if (!config.tokenEndpoint)
+        return file;
+    const body = new URLSearchParams({
+        grant_type: "refresh_token",
+        refresh_token: file.refresh_token,
+        client_id: file.client_id,
+    });
+    if (file.client_secret)
+        body.set("client_secret", file.client_secret);
+    const res = await fetch(config.tokenEndpoint, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/x-www-form-urlencoded",
+            Accept: "application/json",
+        },
+        body: body.toString(),
+    });
+    if (!res.ok) {
+        throw new Error(`${file.vendor}: token refresh failed (${res.status}). Re-authorize via GET /connections/${file.vendor}/authorize`);
+    }
+    const json = (await res.json());
+    const updated = {
+        ...file,
+        access_token: json.access_token,
+        refresh_token: json.refresh_token ?? file.refresh_token,
+        expires_at: json.expires_in
+            ? Date.now() + json.expires_in * 1000
+            : undefined,
+    };
+    saveTokenFile(updated);
+    return updated;
+}
+export function getConnectorStatus(vendor) {
+    const file = loadTokenFile(vendor);
+    if (!file)
+        return { vendor, connected: false, needsReauth: false };
+    const now = Date.now();
+    const expiresAt = file.expires_at;
+    const expiresInMs = expiresAt ? expiresAt - now : undefined;
+    const needsReauth = !file.refresh_token && expiresAt !== undefined && now >= expiresAt;
+    return {
+        vendor,
+        connected: true,
+        expiresAt,
+        expiresInMs,
+        needsReauth,
+        profile: file.profile,
+    };
+}
+export function getAllConnectorStatuses() {
+    const vendors = ["github", "linear", "sentry"];
+    return vendors.map(getConnectorStatus);
+}
+export async function getAccessToken(vendor) {
+    const file = loadTokenFile(vendor);
+    if (!file)
+        throw new Error(`${vendor}: not connected`);
+    const config = vendorConfig(vendor);
+    const fresh = await refreshIfNeeded(config, file);
+    return fresh.access_token;
+}
+// ── Revocation ───────────────────────────────────────────────────────────────
+export async function revoke(vendor) {
+    const file = loadTokenFile(vendor);
+    const config = vendorConfig(vendor);
+    if (file && config.revocationEndpoint) {
+        const body = new URLSearchParams({
+            token: file.access_token,
+            client_id: file.client_id,
+        });
+        if (file.client_secret)
+            body.set("client_secret", file.client_secret);
+        await fetch(config.revocationEndpoint, {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: body.toString(),
+        }).catch(() => { });
+    }
+    deleteTokenFile(vendor);
+}
+export function isConnected(vendor) {
+    return loadTokenFile(vendor) !== null;
+}
+//# sourceMappingURL=mcpOAuth.js.map

package/dist/connectors/mcpOAuth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcpOAuth.js","sourceRoot":"","sources":["../../src/connectors/mcpOAuth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,mBAAmB,GACpB,MAAM,mBAAmB,CAAC;AA6B3B,gFAAgF;AAEhF,SAAS,iBAAiB;IACxB,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,MAAM,CAAC;IACzD,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,oBAAoB,IAAI,EAAE,CAC/D,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACvB,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,MAAgB;IAC3C,MAAM,UAAU,GAAG,iBAAiB,EAAE,CAAC;IACvC,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,QAAQ;YACX,OAAO;gBACL,MAAM;gBACN,MAAM,EAAE,gCAAgC;gBACxC,qBAAqB,EAAE,0CAA0C;gBACjE,aAAa,EAAE,6CAA6C;gBAC5D,kBAAkB,EAAE,SAAS,EAAE,yEAAyE;gBACxG,MAAM,EAAE,CAAC,MAAM,EAAE,UAAU,EAAE,WAAW,CAAC;gBACzC,WAAW,EAAE,GAAG,UAAU,8BAA8B;gBACxD,sBAAsB,EAAE,KAAK;gBAC7B,qBAAqB,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B,IAAI,EAAE;gBACnE,yBAAyB,EAAE,OAAO,CAAC,GAAG,CAAC,8BAA8B;gBACrE,UAAU,EAAE,cAAc;aAC3B,CAAC;QACJ,KAAK,QAAQ;YACX,OAAO;gBACL,MAAM;gBACN,MAAM,EAAE,wBAAwB;gBAChC,qBAAqB,EAAE,kCAAkC;gBACzD,aAAa,EAAE,8BAA8B;gBAC7C,oBAAoB,EAAE,iCAAiC;gBACvD,kBAAkB,EAAE,8BAA8B,EAAE,oBAAoB;gBACxE,MAAM,EAAE,EAAE;gBACV,WAAW,EAAE,GAAG,UAAU,8BAA8B;gBACxD,sBAAsB,EAAE,IAAI;gBAC5B,UAAU,EAAE,cAAc;aAC3B,CAAC;QACJ,KAAK,QAAQ;YACX,OAAO;gBACL,MAAM;gBACN,MAAM,EAAE,wBAAwB;gBAChC,qBAAqB,EAAE,wCAAwC;gBAC/D,aAAa,EAAE,oCAAoC;gBACnD,oBAAoB,EAAE,uCAAuC;gBAC7D,kBAAkB,EAAE,oCAAoC;gBACxD,MAAM,EAAE,CAAC,UAAU,EAAE,eAAe,EAAE,aAAa,CAAC;gBACpD,WAAW,EAAE,GAAG,UAAU,8BAA8B;gBACxD,sBAAsB,EAAE,IAAI;gBAC5B,UAAU,EAAE,cAAc;aAC3B,CAAC;IACN,CAAC;AACH,CAAC;AAiBD,SAAS,SAAS,CAAC,MAAgB;IACjC,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,YAAY,EAAE,QAAQ,EAAE,GAAG,MAAM,WAAW,CAAC,CAAC;AAC5E,CAAC;AAED,SAAS,oBAAoB,CAAC,MAAgB;IAC5C,OAAO,GAAG,MAAM,MAAM,CAAC;AACzB,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,MAAgB;IAC5C,MAAM,MAAM,GAAG,iBAAiB,CAAe,oBAAoB,CAAC,MAAM,CAAC,CAAC,CAAC;IAC7E,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IAC5B,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAChC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAiB,CAAC;QACpE,aAAa,CAAC,MAAM,CAAC,CAAC;QACtB,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,IAAkB;IACvC,mBAAmB,CAAC,oBAAoB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;IAE7D,MAAM,CAAC,GAAG,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACjC,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;QAClB,IAAI,CAAC;YACH,UAAU,CAAC,CAAC,CAAC,CAAC;QAChB,CAAC;QAAC,MAAM,CAAC,CAAA,CAAC;IACZ,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,MAAgB;IACvC,oBAAoB,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,CAAC;IAEnD,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IAC5B,IAAI,UAAU,CAAC,CAAC,CAAC;QAAE,UAAU,CAAC,CAAC,CAAC,CAAC;AACnC,CAAC;AAED,MAAM,UAAU,kBAAkB,CAChC,MAAgB,EAChB,OAA+B;IAE/B,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO;IACT,CAAC;IAED,aAAa,CAAC;QACZ,GAAG,IAAI;QACP,OAAO,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,GAAG,OAAO,EAAE;KACjD,CAAC,CAAC;AACL,CAAC;AAED,gFAAgF;AAEhF,SAAS,SAAS,CAAC,GAAW;IAC5B,OAAO,GAAG;SACP,QAAQ,CAAC,QAAQ,CAAC;SAClB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;SACjB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AACzB,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,SAAS,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,SAAS,CAAC,QAAgB;IACjC,OAAO,SAAS,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;AAC1E,CAAC;AAYD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAuB,CAAC;AAE/C,SAAS,SAAS;IAChB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;QACvC,IAAI,CAAC,CAAC,SAAS,GAAG,GAAG;YAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AASD,KAAK,UAAU,eAAe,CAC5B,MAAoB;IAEpB,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,uCAAuC,CAAC,CAAC;IAC3E,CAAC;IACD,MAAM,IAAI,GAAG;QACX,WAAW,EAAE,MAAM,CAAC,UAAU,IAAI,cAAc;QAChD,aAAa,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC;QACnC,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QACpD,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,0BAA0B,EAAE,MAAM;QAClC,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;KAC/B,CAAC;IACF,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,oBAAoB,EAAE;QACnD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,EAAE,kBAAkB,EAAE;QAC3E,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;KAC3B,CAAC,CAAC;IACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACjD,MAAM,IAAI,KAAK,CACb,GAAG,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,MAAM,KAAK,OAAO,EAAE,CAC5D,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAyB,CAAC;IACxD,IAAI,CAAC,IAAI,CAAC,SAAS;QACjB,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,4BAA4B,CAAC,CAAC;IAChE,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,YAAY,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC;AACxE,CAAC;AAED,gFAAgF;AAEhF;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,MAAoB;IAEpB,SAAS,EAAE,CAAC;IAEZ,IAAI,QAAQ,GAAG,MAAM,CAAC,qBAAqB,IAAI,EAAE,CAAC;IAClD,IAAI,YAAY,GAAuB,MAAM,CAAC,yBAAyB,CAAC;IAExE,IAAI,MAAM,CAAC,sBAAsB,EAAE,CAAC;QAClC,0CAA0C;QAC1C,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC9C,IAAI,QAAQ,EAAE,SAAS,EAAE,CAAC;YACxB,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC;YAC9B,YAAY,GAAG,QAAQ,CAAC,aAAa,CAAC;QACxC,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,GAAG,MAAM,eAAe,CAAC,MAAM,CAAC,CAAC;YAC1C,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;YACxB,YAAY,GAAG,GAAG,CAAC,YAAY,CAAC;QAClC,CAAC;IACH,CAAC;IACD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CACb,GAAG,MAAM,CAAC,MAAM,6CAA6C,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,aAAa,CACtG,CAAC;IACJ,CAAC;IACD,IACE,CAAC,MAAM,CAAC,sBAAsB;QAC9B,MAAM,CAAC,yBAAyB,KAAK,SAAS;QAC9C,MAAM,CAAC,MAAM,KAAK,QAAQ,EAC1B,CAAC;QACD,MAAM,IAAI,KAAK,CACb,2EAA2E,CAC5E,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,SAAS,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE;QACjB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,QAAQ;QACR,QAAQ;QACR,YAAY;QACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI;KACvC,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;QACjC,aAAa,EAAE,MAAM;QACrB,SAAS,EAAE,QAAQ;QACnB,YAAY,EAAE,MAAM,CAAC,WAAW;QAChC,KAAK;QACL,cAAc,EAAE,SAAS,CAAC,QAAQ,CAAC;QACnC,qBAAqB,EAAE,MAAM;KAC9B,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM;QAAE,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAEvE,MAAM,YAAY,GAAG,MAAM,CAAC,qBAAqB,CAAC;IAClD,IAAI,CAAC,YAAY;QACf,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,6BAA6B,CAAC,CAAC;IACjE,OAAO,EAAE,GAAG,EAAE,GAAG,YAAY,IAAI,MAAM,CAAC,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC;AAChE,CAAC;AAOD,KAAK,UAAU,YAAY,CACzB,MAAoB,EACpB,IAAY,EACZ,QAAgB,EAChB,QAAgB,EAChB,YAAgC;IAOhC,IAAI,CAAC,MAAM,CAAC,aAAa;QACvB,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,qBAAqB,CAAC,CAAC;IACzD,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,UAAU,EAAE,oBAAoB;QAChC,IAAI;QACJ,YAAY,EAAE,MAAM,CAAC,WAAW;QAChC,SAAS,EAAE,QAAQ;QACnB,aAAa,EAAE,QAAQ;KACxB,CAAC,CAAC;IACH,IAAI,YAAY;QAAE,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;IAE1D,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,aAAa,EAAE;QAC5C,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,mCAAmC;YACnD,MAAM,EAAE,kBAAkB;SAC3B;QACD,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;KACtB,CAAC,CAAC;IACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACjD,MAAM,IAAI,KAAK,CACb,GAAG,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,MAAM,KAAK,OAAO,EAAE,CAC5D,CAAC;IACJ,CAAC;IACD,oFAAoF;IACpF,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;IACjD,IAAI,EAAE,CAAC,QAAQ,CAAC,mCAAmC,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,CAAC,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC;YAChB,MAAM,IAAI,KAAK,CACb,GAAG,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CACpE,CAAC;QACJ,OAAO;YACL,YAAY,EAAE,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE;YACzC,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,SAAS;YAClD,UAAU,EAAE,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;YACzE,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS;SACnC,CAAC;IACJ,CAAC;IACD,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAKvB,CAAC;AACJ,CAAC;AAED,wDAAwD;AACxD,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,MAAoB,EACpB,IAAY,EACZ,KAAa,EACb,OAAgC;IAEhC,SAAS,EAAE,CAAC;IACZ,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC7B,IAAI,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,4BAA4B,CAAC,CAAC;IACtE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACtB,IAAI,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM;QAC5B,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,4BAA4B,CAAC,CAAC;IAEhE,MAAM,GAAG,GAAG,MAAM,YAAY,CAC5B,MAAM,EACN,IAAI,EACJ,CAAC,CAAC,QAAQ,EACV,CAAC,CAAC,QAAQ,EACV,CAAC,CAAC,YAAY,CACf,CAAC;IACF,IAAI,CAAC,GAAG,CAAC,YAAY;QACnB,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,sBAAsB,CAAC,CAAC;IAC1D,MAAM,SAAS,GAAG,GAAG,CAAC,UAAU;QAC9B,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,UAAU,GAAG,IAAI;QACpC,CAAC,CAAC,SAAS,CAAC;IAEd,aAAa,CAAC;QACZ,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,SAAS,EAAE,CAAC,CAAC,QAAQ;QACrB,aAAa,EAAE,CAAC,CAAC,YAAY;QAC7B,YAAY,EAAE,GAAG,CAAC,YAAY;QAC9B,aAAa,EAAE,GAAG,CAAC,aAAa;QAChC,UAAU,EAAE,SAAS;QACrB,KAAK,EAAE,GAAG,CAAC,KAAK;QAChB,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACtC,OAAO;KACR,CAAC,CAAC;IACH,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;AAC/B,CAAC;AAED,gFAAgF;AAEhF,KAAK,UAAU,eAAe,CAC5B,MAAoB,EACpB,IAAkB;IAElB,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,0CAA0C;IAClE,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,MAAM;QAAE,OAAO,IAAI,CAAC;IAC3E,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;QACxB,yEAAyE;QACzE,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACrD,MAAM,IAAI,KAAK,CACb,GAAG,IAAI,CAAC,MAAM,sDAAsD,IAAI,CAAC,MAAM,YAAY,CAC5F,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,aAAa;QAAE,OAAO,IAAI,CAAC;IAEvC,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,UAAU,EAAE,eAAe;QAC3B,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,SAAS,EAAE,IAAI,CAAC,SAAS;KAC1B,CAAC,CAAC;IACH,IAAI,IAAI,CAAC,aAAa;QAAE,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IAEtE,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,aAAa,EAAE;QAC5C,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,mCAAmC;YACnD,MAAM,EAAE,kBAAkB;SAC3B;QACD,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;KACtB,CAAC,CAAC;IACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CACb,GAAG,IAAI,CAAC,MAAM,2BAA2B,GAAG,CAAC,MAAM,wCAAwC,IAAI,CAAC,MAAM,YAAY,CACnH,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAI7B,CAAC;IACF,MAAM,OAAO,GAAiB;QAC5B,GAAG,IAAI;QACP,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,aAAa,EAAE,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,aAAa;QACvD,UAAU,EAAE,IAAI,CAAC,UAAU;YACzB,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI;YACrC,CAAC,CAAC,SAAS;KACd,CAAC;IACF,aAAa,CAAC,OAAO,CAAC,CAAC;IACvB,OAAO,OAAO,CAAC;AACjB,CAAC;AAWD,MAAM,UAAU,kBAAkB,CAAC,MAAgB;IACjD,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;IACnE,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC;IAClC,MAAM,WAAW,GAAG,SAAS,CAAC,CAAC,CAAC,SAAS,GAAG,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5D,MAAM,WAAW,GACf,CAAC,IAAI,CAAC,aAAa,IAAI,SAAS,KAAK,SAAS,IAAI,GAAG,IAAI,SAAS,CAAC;IACrE,OAAO;QACL,MAAM;QACN,SAAS,EAAE,IAAI;QACf,SAAS;QACT,WAAW;QACX,WAAW;QACX,OAAO,EAAE,IAAI,CAAC,OAAO;KACtB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,uBAAuB;IACrC,MAAM,OAAO,GAAe,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC3D,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;AACzC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,MAAgB;IACnD,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,iBAAiB,CAAC,CAAC;IACvD,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACpC,MAAM,KAAK,GAAG,MAAM,eAAe,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAClD,OAAO,KAAK,CAAC,YAAY,CAAC;AAC5B,CAAC;AAED,gFAAgF;AAEhF,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,MAAgB;IAC3C,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACpC,IAAI,IAAI,IAAI,MAAM,CAAC,kBAAkB,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;YAC/B,KAAK,EAAE,IAAI,CAAC,YAAY;YACxB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,aAAa;YAAE,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QACtE,MAAM,KAAK,CAAC,MAAM,CAAC,kBAAkB,EAAE;YACrC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;YAChE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;SACtB,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACrB,CAAC;IACD,eAAe,CAAC,MAAM,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAgB;IAC1C,OAAO,aAAa,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC;AACxC,CAAC"}

package/dist/connectors/mockConnector.d.ts

@@ -0,0 +1,28 @@
+import { type AuthContext, BaseConnector, type ConnectorError, type ConnectorStatus, type OAuthConfig } from "./baseConnector.js";
+import { type FixtureEntry, type FixtureLibrary } from "./fixtureLibrary.js";
+export interface MockCall {
+    operation: string;
+    input?: unknown;
+    matched: boolean;
+}
+export declare class MockConnector extends BaseConnector {
+    readonly providerName: string;
+    private readonly fixturePath?;
+    private readonly library;
+    private readonly calls;
+    constructor(providerName: string, options?: {
+        fixturePath?: string;
+    });
+    protected getOAuthConfig(): OAuthConfig | null;
+    authenticate(): Promise<AuthContext>;
+    healthCheck(): Promise<{
+        ok: boolean;
+        error?: ConnectorError;
+    }>;
+    normalizeError(error: unknown): ConnectorError;
+    getStatus(): ConnectorStatus;
+    invoke<TOutput = unknown>(operation: string, input?: unknown): Promise<TOutput>;
+    addFixture(entry: FixtureEntry): void;
+    getCalls(): MockCall[];
+    getLibrary(): FixtureLibrary;
+}

package/dist/connectors/mockConnector.js

@@ -0,0 +1,81 @@
+import { BaseConnector, } from "./baseConnector.js";
+import { createFixtureLibrary, findFixture, loadFixtureLibrary, recordFixture, } from "./fixtureLibrary.js";
+export class MockConnector extends BaseConnector {
+    providerName;
+    fixturePath;
+    library;
+    calls = [];
+    constructor(providerName, options = {}) {
+        super();
+        this.providerName = providerName;
+        this.fixturePath = options.fixturePath;
+        this.library = options.fixturePath
+            ? (loadFixtureLibrary(options.fixturePath) ??
+                createFixtureLibrary(providerName))
+            : createFixtureLibrary(providerName);
+    }
+    getOAuthConfig() {
+        return null;
+    }
+    async authenticate() {
+        return {
+            token: `mock-${this.providerName}`,
+            scopes: ["mock"],
+        };
+    }
+    async healthCheck() {
+        return { ok: true };
+    }
+    normalizeError(error) {
+        if (error && typeof error === "object" && "message" in error) {
+            const err = error;
+            return {
+                code: err.code ?? "provider_error",
+                message: err.message,
+                retryable: err.retryable ?? false,
+            };
+        }
+        return {
+            code: "provider_error",
+            message: String(error),
+            retryable: false,
+        };
+    }
+    getStatus() {
+        return {
+            id: this.providerName,
+            status: "connected",
+        };
+    }
+    async invoke(operation, input) {
+        const fixture = findFixture(this.library, operation, input);
+        this.calls.push({ operation, input, matched: fixture !== null });
+        if (!fixture) {
+            throw new Error(`No mock fixture for ${this.providerName}.${operation} with input ${JSON.stringify(input ?? null)}`);
+        }
+        if (fixture.error) {
+            throw Object.assign(new Error(fixture.error.message), {
+                code: fixture.error.code,
+                retryable: fixture.error.retryable,
+            });
+        }
+        return fixture.output;
+    }
+    addFixture(entry) {
+        this.library.fixtures.push(entry);
+        if (this.fixturePath) {
+            recordFixture(this.fixturePath, this.providerName, entry);
+        }
+    }
+    getCalls() {
+        return [...this.calls];
+    }
+    getLibrary() {
+        return {
+            version: this.library.version,
+            provider: this.library.provider,
+            fixtures: [...this.library.fixtures],
+        };
+    }
+}
+//# sourceMappingURL=mockConnector.js.map

package/dist/connectors/mockConnector.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mockConnector.js","sourceRoot":"","sources":["../../src/connectors/mockConnector.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,aAAa,GAId,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,oBAAoB,EAGpB,WAAW,EACX,kBAAkB,EAClB,aAAa,GACd,MAAM,qBAAqB,CAAC;AAQ7B,MAAM,OAAO,aAAc,SAAQ,aAAa;IACrC,YAAY,CAAS;IACb,WAAW,CAAU;IACrB,OAAO,CAAiB;IACxB,KAAK,GAAe,EAAE,CAAC;IAExC,YAAY,YAAoB,EAAE,UAAoC,EAAE;QACtE,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;QACvC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,WAAW;YAChC,CAAC,CAAC,CAAC,kBAAkB,CAAC,OAAO,CAAC,WAAW,CAAC;gBACxC,oBAAoB,CAAC,YAAY,CAAC,CAAC;YACrC,CAAC,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC;IACzC,CAAC;IAES,cAAc;QACtB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,YAAY;QAChB,OAAO;YACL,KAAK,EAAE,QAAQ,IAAI,CAAC,YAAY,EAAE;YAClC,MAAM,EAAE,CAAC,MAAM,CAAC;SACjB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,WAAW;QACf,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;IACtB,CAAC;IAED,cAAc,CAAC,KAAc;QAC3B,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,SAAS,IAAI,KAAK,EAAE,CAAC;YAC7D,MAAM,GAAG,GAAG,KAIX,CAAC;YACF,OAAO;gBACL,IAAI,EACD,GAAG,CAAC,IAA2C,IAAI,gBAAgB;gBACtE,OAAO,EAAE,GAAG,CAAC,OAAO;gBACpB,SAAS,EAAE,GAAG,CAAC,SAAS,IAAI,KAAK;aAClC,CAAC;QACJ,CAAC;QACD,OAAO;YACL,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC;YACtB,SAAS,EAAE,KAAK;SACjB,CAAC;IACJ,CAAC;IAED,SAAS;QACP,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,YAAY;YACrB,MAAM,EAAE,WAAW;SACpB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CACV,SAAiB,EACjB,KAAe;QAEf,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;QAC5D,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,KAAK,IAAI,EAAE,CAAC,CAAC;QAEjE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CACb,uBAAuB,IAAI,CAAC,YAAY,IAAI,SAAS,eAAe,IAAI,CAAC,SAAS,CAAC,KAAK,IAAI,IAAI,CAAC,EAAE,CACpG,CAAC;QACJ,CAAC;QAED,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE;gBACpD,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI;gBACxB,SAAS,EAAE,OAAO,CAAC,KAAK,CAAC,SAAS;aACnC,CAAC,CAAC;QACL,CAAC;QAED,OAAO,OAAO,CAAC,MAAiB,CAAC;IACnC,CAAC;IAED,UAAU,CAAC,KAAmB;QAC5B,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAClC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,aAAa,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,QAAQ;QACN,OAAO,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IACzB,CAAC;IAED,UAAU;QACR,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;YAC7B,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,QAAQ;YAC/B,QAAQ,EAAE,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC;SACrC,CAAC;IACJ,CAAC;CACF"}

package/dist/connectors/notion.d.ts

@@ -0,0 +1,143 @@
+/**
+ * Notion connector — read/write Notion databases and pages via the Notion API.
+ *
+ * Auth: API token (internal integration) or OAuth 2.0 (public integration).
+ *   - Env var: NOTION_TOKEN overrides stored token for CI/headless use.
+ *   - Stored: getSecretJsonSync("notion") → NotionTokens
+ *
+ * Tools: queryDatabase, getPage, search, createPage, appendBlock
+ *
+ * Extends BaseConnector for unified auth, retry, rate-limit, error handling.
+ */
+import { type AuthContext, BaseConnector, type ConnectorError, type ConnectorStatus } from "./baseConnector.js";
+export interface NotionTokens {
+    accessToken: string;
+    workspaceName?: string;
+    workspaceId?: string;
+    botId?: string;
+    connected_at: string;
+}
+export interface NotionUser {
+    object: "user";
+    id: string;
+    name?: string;
+    avatar_url?: string;
+    type: "person" | "bot";
+}
+export interface NotionRichText {
+    type: "text";
+    text: {
+        content: string;
+        link?: {
+            url: string;
+        } | null;
+    };
+    plain_text: string;
+    href?: string | null;
+}
+export interface NotionPage {
+    object: "page";
+    id: string;
+    created_time: string;
+    last_edited_time: string;
+    archived: boolean;
+    url: string;
+    properties: Record<string, unknown>;
+    parent: {
+        type: string;
+        database_id?: string;
+        page_id?: string;
+    };
+}
+export interface NotionDatabase {
+    object: "database";
+    id: string;
+    title: NotionRichText[];
+    description?: NotionRichText[];
+    created_time: string;
+    last_edited_time: string;
+    url: string;
+    properties: Record<string, unknown>;
+}
+export interface NotionBlock {
+    object: "block";
+    id: string;
+    type: string;
+    created_time: string;
+    last_edited_time: string;
+    has_children: boolean;
+    [key: string]: unknown;
+}
+export interface NotionQueryResult {
+    object: "list";
+    results: NotionPage[];
+    next_cursor: string | null;
+    has_more: boolean;
+}
+export interface NotionSearchResult {
+    object: "list";
+    results: Array<NotionPage | NotionDatabase>;
+    next_cursor: string | null;
+    has_more: boolean;
+}
+export interface CreatePageParams {
+    parentId: string;
+    parentType: "database" | "page";
+    title: string;
+    properties?: Record<string, unknown>;
+    content?: string;
+}
+export interface AppendBlockParams {
+    pageId: string;
+    content: string;
+    blockType?: "paragraph" | "bulleted_list_item" | "numbered_list_item" | "heading_1" | "heading_2" | "heading_3" | "quote" | "code";
+}
+export declare function loadTokens(): NotionTokens | null;
+export declare function saveTokens(tokens: NotionTokens): void;
+export declare function clearTokens(): void;
+export declare class NotionConnector extends BaseConnector {
+    readonly providerName = "notion";
+    protected cachedTokens: NotionTokens | null;
+    protected getOAuthConfig(): null;
+    authenticate(): Promise<AuthContext>;
+    healthCheck(): Promise<{
+        ok: boolean;
+        error?: ConnectorError;
+    }>;
+    normalizeError(error: unknown): ConnectorError;
+    getStatus(): ConnectorStatus;
+    private buildHeaders;
+    queryDatabase(databaseId: string, filter?: Record<string, unknown>, sorts?: Array<{
+        property: string;
+        direction: "ascending" | "descending";
+    }>, pageSize?: number): Promise<NotionQueryResult>;
+    getPage(pageId: string): Promise<NotionPage>;
+    search(query: string, filterType?: "page" | "database", pageSize?: number): Promise<NotionSearchResult>;
+    createPage(params: CreatePageParams): Promise<NotionPage>;
+    appendBlock(params: AppendBlockParams): Promise<{
+        results: NotionBlock[];
+    }>;
+}
+export declare function getNotionConnector(): NotionConnector;
+export declare function resetNotionConnector(): void;
+export { loadTokens as isConnected };
+export interface ConnectorHandlerResult {
+    status: number;
+    body: string;
+    contentType?: string;
+}
+/**
+ * POST /connections/notion/connect  { token: "secret_..." }
+ * Stores the integration token and verifies it by calling /users/me.
+ */
+export declare function handleNotionConnect(body: string): Promise<ConnectorHandlerResult>;
+/**
+ * POST /connections/notion/test
+ * Verifies stored token is still valid.
+ */
+export declare function handleNotionTest(): Promise<ConnectorHandlerResult>;
+/**
+ * DELETE /connections/notion
+ * Removes stored token.
+ */
+export declare function handleNotionDisconnect(): ConnectorHandlerResult;