veryfront 0.0.45 → 0.0.47

package/dist/integrations/calendar/files/app/api/auth/calendar/callback/route.ts

@@ -0,0 +1,114 @@
+/**
+ * Google Calendar OAuth Callback
+ *
+ * Handles the OAuth callback from Google, exchanges code for tokens,
+ * and stores them securely.
+ */
+
+import { exchangeCodeForTokens } from "../../../../../lib/oauth.ts";
+import { tokenStore } from "../../../../../lib/token-store.ts";
+import { calendarOAuthProvider } from "../../../../../lib/calendar-client.ts";
+
+export async function GET(req: Request) {
+  const url = new URL(req.url);
+  const code = url.searchParams.get("code");
+  const state = url.searchParams.get("state");
+  const error = url.searchParams.get("error");
+
+  // Handle OAuth errors
+  if (error) {
+    const errorDescription = url.searchParams.get("error_description") || error;
+    return new Response(
+      `
+      <html>
+        <head><title>Connection Failed</title></head>
+        <body style="font-family: system-ui; padding: 40px; text-align: center;">
+          <h1>Calendar Connection Failed</h1>
+          <p style="color: #666;">${errorDescription}</p>
+          <a href="/" style="color: #0066cc;">Return to App</a>
+        </body>
+      </html>
+      `,
+      {
+        status: 400,
+        headers: { "Content-Type": "text/html" },
+      },
+    );
+  }
+
+  if (!code || !state) {
+    return new Response("Missing code or state parameter", { status: 400 });
+  }
+
+  // Validate state from cookie
+  const cookies = req.headers.get("cookie") || "";
+  const stateCookie = cookies
+    .split(";")
+    .find((c) => c.trim().startsWith("calendar_oauth_state="));
+  const savedState = stateCookie?.split("=")[1]?.trim();
+
+  if (state !== savedState) {
+    return new Response("Invalid state parameter", { status: 400 });
+  }
+
+  try {
+    const origin = url.origin;
+    const redirectUri = `${origin}${calendarOAuthProvider.callbackPath}`;
+
+    // Exchange code for tokens
+    const tokens = await exchangeCodeForTokens(
+      calendarOAuthProvider,
+      code,
+      redirectUri,
+    );
+
+    // Get actual user ID from session in production
+    const userId = "current-user";
+
+    // Store tokens
+    await tokenStore.setToken(userId, "calendar", tokens);
+
+    // Clear state cookie and redirect to success page
+    return new Response(
+      `
+      <html>
+        <head>
+          <title>Calendar Connected</title>
+          <meta http-equiv="refresh" content="2;url=/" />
+        </head>
+        <body style="font-family: system-ui; padding: 40px; text-align: center;">
+          <h1 style="color: #22c55e;">✓ Calendar Connected!</h1>
+          <p style="color: #666;">Your Google Calendar has been connected successfully.</p>
+          <p style="color: #999; font-size: 14px;">Redirecting...</p>
+          <a href="/" style="color: #0066cc;">Return to App</a>
+        </body>
+      </html>
+      `,
+      {
+        status: 200,
+        headers: {
+          "Content-Type": "text/html",
+          "Set-Cookie": "calendar_oauth_state=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0",
+        },
+      },
+    );
+  } catch (err) {
+    console.error("Calendar OAuth error:", err);
+    return new Response(
+      `
+      <html>
+        <head><title>Connection Failed</title></head>
+        <body style="font-family: system-ui; padding: 40px; text-align: center;">
+          <h1>Calendar Connection Failed</h1>
+          <p style="color: #666;">Unable to complete Calendar authorization. Please try again.</p>
+          <a href="/api/auth/calendar" style="color: #0066cc;">Try Again</a>
+        </body>
+      </html>
+      `,
+      {
+        status: 500,
+        headers: { "Content-Type": "text/html" },
+      },
+    );
+  }
+}

package/dist/integrations/calendar/files/app/api/auth/calendar/route.ts

@@ -0,0 +1,29 @@
+/**
+ * Google Calendar OAuth Initiation
+ *
+ * Redirects to Google OAuth consent screen for Calendar access
+ */
+
+import { getAuthorizationUrl } from "../../../../lib/oauth.ts";
+import { calendarOAuthProvider } from "../../../../lib/calendar-client.ts";
+
+export function GET(req: Request) {
+  const url = new URL(req.url);
+  const origin = url.origin;
+
+  // Generate a random state for CSRF protection
+  const state = crypto.randomUUID();
+
+  // Store state in a cookie for validation
+  const redirectUri = `${origin}${calendarOAuthProvider.callbackPath}`;
+  const authUrl = getAuthorizationUrl(calendarOAuthProvider, state, redirectUri);
+
+  // Set state cookie and redirect to Google
+  return new Response(null, {
+    status: 302,
+    headers: {
+      Location: authUrl,
+      "Set-Cookie": `calendar_oauth_state=${state}; Path=/; HttpOnly; SameSite=Lax; Max-Age=600`,
+    },
+  });
+}

package/dist/integrations/calendar/files/lib/calendar-client.ts

@@ -0,0 +1,309 @@
+/**
+ * Google Calendar API Client
+ *
+ * Provides a type-safe interface to Google Calendar API operations.
+ */
+
+import { tokenStore as _tokenStore } from "./token-store.ts";
+import { getValidToken } from "./oauth.ts";
+
+// Helper for Cross-Platform environment access
+function getEnv(key: string): string | undefined {
+  // @ts-ignore - Deno global
+  if (typeof Deno !== "undefined") {
+    // @ts-ignore - Deno global
+    return Deno.env.get(key);
+  } // @ts-ignore - process global
+  else if (typeof process !== "undefined" && process.env) {
+    // @ts-ignore - process global
+    return process.env[key];
+  }
+  return undefined;
+}
+
+const CALENDAR_API_BASE = "https://www.googleapis.com/calendar/v3";
+
+export interface CalendarEvent {
+  id: string;
+  summary: string;
+  description?: string;
+  location?: string;
+  start: {
+    dateTime?: string;
+    date?: string;
+    timeZone?: string;
+  };
+  end: {
+    dateTime?: string;
+    date?: string;
+    timeZone?: string;
+  };
+  attendees?: Array<{
+    email: string;
+    responseStatus: "needsAction" | "declined" | "tentative" | "accepted";
+    displayName?: string;
+  }>;
+  htmlLink: string;
+  status: "confirmed" | "tentative" | "cancelled";
+  organizer?: { email: string; displayName?: string };
+}
+
+export interface CreateEventOptions {
+  summary: string;
+  description?: string;
+  location?: string;
+  start: Date | string;
+  end: Date | string;
+  attendees?: string[];
+  timeZone?: string;
+}
+
+export interface FreeBusySlot {
+  start: string;
+  end: string;
+}
+
+/**
+ * Google Calendar OAuth provider configuration
+ */
+export const calendarOAuthProvider = {
+  name: "calendar",
+  authorizationUrl: "https://accounts.google.com/o/oauth2/v2/auth",
+  tokenUrl: "https://oauth2.googleapis.com/token",
+  clientId: getEnv("GOOGLE_CLIENT_ID") || "",
+  clientSecret: getEnv("GOOGLE_CLIENT_SECRET") || "",
+  scopes: [
+    "https://www.googleapis.com/auth/calendar.readonly",
+    "https://www.googleapis.com/auth/calendar.events",
+  ],
+  callbackPath: "/api/auth/calendar/callback",
+};
+
+/**
+ * Create a Calendar client for a specific user
+ */
+export function createCalendarClient(userId: string) {
+  async function getAccessToken(): Promise<string> {
+    const token = await getValidToken(calendarOAuthProvider, userId, "calendar");
+    if (!token) {
+      throw new Error("Calendar not connected. Please connect your Google Calendar first.");
+    }
+    return token;
+  }
+
+  async function apiRequest<T>(
+    endpoint: string,
+    options: RequestInit = {},
+  ): Promise<T> {
+    const accessToken = await getAccessToken();
+
+    const response = await fetch(`${CALENDAR_API_BASE}${endpoint}`, {
+      ...options,
+      headers: {
+        Authorization: `Bearer ${accessToken}`,
+        "Content-Type": "application/json",
+        ...options.headers,
+      },
+    });
+
+    if (!response.ok) {
+      const error = await response.text();
+      throw new Error(`Calendar API error: ${response.status} - ${error}`);
+    }
+
+    return response.json();
+  }
+
+  return {
+    /**
+     * List upcoming events
+     */
+    async listEvents(options: {
+      maxResults?: number;
+      timeMin?: Date | string;
+      timeMax?: Date | string;
+      calendarId?: string;
+    } = {}): Promise<CalendarEvent[]> {
+      const params = new URLSearchParams();
+
+      const timeMin = options.timeMin
+        ? new Date(options.timeMin).toISOString()
+        : new Date().toISOString();
+      params.set("timeMin", timeMin);
+
+      if (options.timeMax) {
+        params.set("timeMax", new Date(options.timeMax).toISOString());
+      }
+
+      params.set("maxResults", String(options.maxResults || 10));
+      params.set("singleEvents", "true");
+      params.set("orderBy", "startTime");
+
+      const calendarId = encodeURIComponent(options.calendarId || "primary");
+      const result = await apiRequest<{ items: CalendarEvent[] }>(
+        `/calendars/${calendarId}/events?${params.toString()}`,
+      );
+
+      return result.items || [];
+    },
+
+    /**
+     * Get events for today
+     */
+    getTodayEvents(): Promise<CalendarEvent[]> {
+      const today = new Date();
+      today.setHours(0, 0, 0, 0);
+
+      const tomorrow = new Date(today);
+      tomorrow.setDate(tomorrow.getDate() + 1);
+
+      return this.listEvents({
+        timeMin: today,
+        timeMax: tomorrow,
+        maxResults: 50,
+      });
+    },
+
+    /**
+     * Create a new event
+     */
+    createEvent(
+      options: CreateEventOptions,
+      calendarId = "primary",
+    ): Promise<CalendarEvent> {
+      const startDate = typeof options.start === "string"
+        ? options.start
+        : options.start.toISOString();
+      const endDate = typeof options.end === "string" ? options.end : options.end.toISOString();
+
+      const event = {
+        summary: options.summary,
+        description: options.description,
+        location: options.location,
+        start: {
+          dateTime: startDate,
+          timeZone: options.timeZone || "UTC",
+        },
+        end: {
+          dateTime: endDate,
+          timeZone: options.timeZone || "UTC",
+        },
+        attendees: options.attendees?.map((email) => ({ email })),
+      };
+
+      return apiRequest<CalendarEvent>(
+        `/calendars/${encodeURIComponent(calendarId)}/events`,
+        {
+          method: "POST",
+          body: JSON.stringify(event),
+        },
+      );
+    },
+
+    /**
+     * Get free/busy information
+     */
+    async getFreeBusy(options: {
+      timeMin: Date | string;
+      timeMax: Date | string;
+      calendarId?: string;
+    }): Promise<FreeBusySlot[]> {
+      const result = await apiRequest<{
+        calendars: {
+          [key: string]: { busy: FreeBusySlot[] };
+        };
+      }>("/freeBusy", {
+        method: "POST",
+        body: JSON.stringify({
+          timeMin: new Date(options.timeMin).toISOString(),
+          timeMax: new Date(options.timeMax).toISOString(),
+          items: [{ id: options.calendarId || "primary" }],
+        }),
+      });
+
+      const calendarId = options.calendarId || "primary";
+      return result.calendars[calendarId]?.busy || [];
+    },
+
+    /**
+     * Find free time slots in a given range
+     */
+    async findFreeSlots(options: {
+      timeMin: Date | string;
+      timeMax: Date | string;
+      durationMinutes: number;
+      calendarId?: string;
+    }): Promise<Array<{ start: Date; end: Date }>> {
+      const busySlots = await this.getFreeBusy({
+        timeMin: options.timeMin,
+        timeMax: options.timeMax,
+        calendarId: options.calendarId,
+      });
+
+      const freeSlots: Array<{ start: Date; end: Date }> = [];
+      const rangeStart = new Date(options.timeMin);
+      const rangeEnd = new Date(options.timeMax);
+      const durationMs = options.durationMinutes * 60 * 1000;
+
+      let currentStart = rangeStart;
+
+      // Sort busy slots by start time
+      const sortedBusy = busySlots
+        .map((s) => ({
+          start: new Date(s.start),
+          end: new Date(s.end),
+        }))
+        .sort((a, b) => a.start.getTime() - b.start.getTime());
+
+      for (const busy of sortedBusy) {
+        // Check if there's a free slot before this busy period
+        if (busy.start.getTime() - currentStart.getTime() >= durationMs) {
+          freeSlots.push({
+            start: new Date(currentStart),
+            end: new Date(busy.start),
+          });
+        }
+        // Move current start to after this busy period
+        if (busy.end > currentStart) {
+          currentStart = busy.end;
+        }
+      }
+
+      // Check if there's a free slot after the last busy period
+      if (rangeEnd.getTime() - currentStart.getTime() >= durationMs) {
+        freeSlots.push({
+          start: new Date(currentStart),
+          end: rangeEnd,
+        });
+      }
+
+      return freeSlots;
+    },
+
+    /**
+     * Delete an event
+     */
+    async deleteEvent(
+      eventId: string,
+      calendarId = "primary",
+    ): Promise<void> {
+      const accessToken = await getAccessToken();
+
+      const response = await fetch(
+        `${CALENDAR_API_BASE}/calendars/${encodeURIComponent(calendarId)}/events/${eventId}`,
+        {
+          method: "DELETE",
+          headers: {
+            Authorization: `Bearer ${accessToken}`,
+          },
+        },
+      );
+
+      if (!response.ok && response.status !== 204) {
+        throw new Error(`Failed to delete event: ${response.status}`);
+      }
+    },
+  };
+}
+
+export type CalendarClient = ReturnType<typeof createCalendarClient>;

package/dist/integrations/calendar/files/lib/oauth.ts

@@ -0,0 +1,145 @@
+/**
+ * OAuth Helper Functions
+ *
+ * Provides utilities for OAuth 2.0 authorization flows.
+ */
+
+import { type OAuthToken, tokenStore } from "./token-store.ts";
+
+export interface OAuthProvider {
+  name: string;
+  authorizationUrl: string;
+  tokenUrl: string;
+  clientId: string;
+  clientSecret: string;
+  scopes: string[];
+  callbackPath: string;
+}
+
+/**
+ * Generate OAuth authorization URL
+ */
+export function getAuthorizationUrl(
+  provider: OAuthProvider,
+  state: string,
+  redirectUri: string,
+): string {
+  const params = new URLSearchParams({
+    client_id: provider.clientId,
+    redirect_uri: redirectUri,
+    response_type: "code",
+    scope: provider.scopes.join(" "),
+    state,
+    access_type: "offline",
+    prompt: "consent",
+  });
+
+  return `${provider.authorizationUrl}?${params.toString()}`;
+}
+
+/**
+ * Exchange authorization code for tokens
+ */
+export async function exchangeCodeForTokens(
+  provider: OAuthProvider,
+  code: string,
+  redirectUri: string,
+): Promise<OAuthToken> {
+  const response = await fetch(provider.tokenUrl, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+    },
+    body: new URLSearchParams({
+      client_id: provider.clientId,
+      client_secret: provider.clientSecret,
+      code,
+      grant_type: "authorization_code",
+      redirect_uri: redirectUri,
+    }),
+  });
+
+  if (!response.ok) {
+    const error = await response.text();
+    throw new Error(`Token exchange failed: ${response.status} - ${error}`);
+  }
+
+  const data = await response.json();
+
+  return {
+    accessToken: data.access_token,
+    refreshToken: data.refresh_token,
+    expiresAt: data.expires_in ? Date.now() + (data.expires_in * 1000) : undefined,
+    tokenType: data.token_type || "Bearer",
+    scope: data.scope,
+  };
+}
+
+/**
+ * Refresh an expired access token
+ */
+export async function refreshAccessToken(
+  provider: OAuthProvider,
+  refreshToken: string,
+): Promise<OAuthToken> {
+  const response = await fetch(provider.tokenUrl, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+    },
+    body: new URLSearchParams({
+      client_id: provider.clientId,
+      client_secret: provider.clientSecret,
+      refresh_token: refreshToken,
+      grant_type: "refresh_token",
+    }),
+  });
+
+  if (!response.ok) {
+    const error = await response.text();
+    throw new Error(`Token refresh failed: ${response.status} - ${error}`);
+  }
+
+  const data = await response.json();
+
+  return {
+    accessToken: data.access_token,
+    refreshToken: data.refresh_token || refreshToken,
+    expiresAt: data.expires_in ? Date.now() + (data.expires_in * 1000) : undefined,
+    tokenType: data.token_type || "Bearer",
+    scope: data.scope,
+  };
+}
+
+/**
+ * Get a valid access token, refreshing if necessary
+ */
+export async function getValidToken(
+  provider: OAuthProvider,
+  userId: string,
+  service: string,
+): Promise<string | null> {
+  const token = await tokenStore.getToken(userId, service);
+
+  if (!token) {
+    return null;
+  }
+
+  // Check if token is expired (with 5 minute buffer)
+  // If no expiresAt, token doesn't expire (e.g., GitHub)
+  const isExpired = token.expiresAt ? token.expiresAt < Date.now() + 5 * 60 * 1000 : false;
+
+  if (isExpired && token.refreshToken) {
+    try {
+      const newToken = await refreshAccessToken(provider, token.refreshToken);
+      await tokenStore.setToken(userId, service, newToken);
+      return newToken.accessToken;
+    } catch {
+      // Refresh failed, user needs to re-authorize
+      await tokenStore.revokeToken(userId, service);
+      return null;
+    }
+  }
+
+  return token.accessToken;
+}

package/dist/integrations/calendar/files/lib/token-store.ts

@@ -0,0 +1,109 @@
+/**
+ * OAuth Token Store
+ *
+ * Simple in-memory token store for development.
+ * Replace with a database or KV store for production.
+ */
+
+export interface OAuthToken {
+  accessToken: string;
+  refreshToken?: string;
+  expiresAt?: number;
+  tokenType?: string;
+  scope?: string;
+}
+
+export interface TokenStore {
+  getToken(userId: string, service: string): Promise<OAuthToken | null>;
+  setToken(userId: string, service: string, token: OAuthToken): Promise<void>;
+  revokeToken(userId: string, service: string): Promise<void>;
+  isConnected(userId: string, service: string): Promise<boolean>;
+}
+
+// In-memory storage for development
+const tokens = new Map<string, OAuthToken>();
+
+function getKey(userId: string, service: string): string {
+  return `${userId}:${service}`;
+}
+
+/**
+ * Simple in-memory token store
+ *
+ * NOTE: This is for development only. In production, use:
+ * - Database (Postgres, SQLite, etc.)
+ * - KV store (Cloudflare Workers KV, Vercel KV, etc.)
+ * - Encrypted file storage
+ */
+export const tokenStore: TokenStore = {
+  getToken(userId: string, service: string): Promise<OAuthToken | null> {
+    const key = getKey(userId, service);
+    return Promise.resolve(tokens.get(key) || null);
+  },
+
+  setToken(
+    userId: string,
+    service: string,
+    token: OAuthToken,
+  ): Promise<void> {
+    const key = getKey(userId, service);
+    tokens.set(key, token);
+    return Promise.resolve();
+  },
+
+  revokeToken(userId: string, service: string): Promise<void> {
+    const key = getKey(userId, service);
+    tokens.delete(key);
+    return Promise.resolve();
+  },
+
+  async isConnected(userId: string, service: string): Promise<boolean> {
+    const token = await this.getToken(userId, service);
+    if (!token) return false;
+    // Check if token is not expired (if no expiry, token doesn't expire)
+    return !token.expiresAt || token.expiresAt > Date.now();
+  },
+};
+
+/**
+ * Factory function to create a custom token store
+ */
+export function createTokenStore(options: {
+  get: (key: string) => Promise<string | null>;
+  set: (key: string, value: string) => Promise<void>;
+  delete: (key: string) => Promise<void>;
+}): TokenStore {
+  return {
+    async getToken(userId: string, service: string): Promise<OAuthToken | null> {
+      const key = getKey(userId, service);
+      const data = await options.get(key);
+      if (!data) return null;
+      try {
+        return JSON.parse(data) as OAuthToken;
+      } catch {
+        return null;
+      }
+    },
+
+    async setToken(
+      userId: string,
+      service: string,
+      token: OAuthToken,
+    ): Promise<void> {
+      const key = getKey(userId, service);
+      await options.set(key, JSON.stringify(token));
+    },
+
+    async revokeToken(userId: string, service: string): Promise<void> {
+      const key = getKey(userId, service);
+      await options.delete(key);
+    },
+
+    async isConnected(userId: string, service: string): Promise<boolean> {
+      const token = await this.getToken(userId, service);
+      if (!token) return false;
+      // Check if token is not expired (if no expiry, token doesn't expire)
+      return !token.expiresAt || token.expiresAt > Date.now();
+    },
+  };
+}