veryfront 0.0.45 → 0.0.47

package/dist/integrations/gmail/files/lib/oauth.ts

@@ -0,0 +1,145 @@
+/**
+ * OAuth Helper Functions
+ *
+ * Provides utilities for OAuth 2.0 authorization flows.
+ */
+
+import { type OAuthToken, tokenStore } from "./token-store.ts";
+
+export interface OAuthProvider {
+  name: string;
+  authorizationUrl: string;
+  tokenUrl: string;
+  clientId: string;
+  clientSecret: string;
+  scopes: string[];
+  callbackPath: string;
+}
+
+/**
+ * Generate OAuth authorization URL
+ */
+export function getAuthorizationUrl(
+  provider: OAuthProvider,
+  state: string,
+  redirectUri: string,
+): string {
+  const params = new URLSearchParams({
+    client_id: provider.clientId,
+    redirect_uri: redirectUri,
+    response_type: "code",
+    scope: provider.scopes.join(" "),
+    state,
+    access_type: "offline",
+    prompt: "consent",
+  });
+
+  return `${provider.authorizationUrl}?${params.toString()}`;
+}
+
+/**
+ * Exchange authorization code for tokens
+ */
+export async function exchangeCodeForTokens(
+  provider: OAuthProvider,
+  code: string,
+  redirectUri: string,
+): Promise<OAuthToken> {
+  const response = await fetch(provider.tokenUrl, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+    },
+    body: new URLSearchParams({
+      client_id: provider.clientId,
+      client_secret: provider.clientSecret,
+      code,
+      grant_type: "authorization_code",
+      redirect_uri: redirectUri,
+    }),
+  });
+
+  if (!response.ok) {
+    const error = await response.text();
+    throw new Error(`Token exchange failed: ${response.status} - ${error}`);
+  }
+
+  const data = await response.json();
+
+  return {
+    accessToken: data.access_token,
+    refreshToken: data.refresh_token,
+    expiresAt: data.expires_in ? Date.now() + (data.expires_in * 1000) : undefined,
+    tokenType: data.token_type || "Bearer",
+    scope: data.scope,
+  };
+}
+
+/**
+ * Refresh an expired access token
+ */
+export async function refreshAccessToken(
+  provider: OAuthProvider,
+  refreshToken: string,
+): Promise<OAuthToken> {
+  const response = await fetch(provider.tokenUrl, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+    },
+    body: new URLSearchParams({
+      client_id: provider.clientId,
+      client_secret: provider.clientSecret,
+      refresh_token: refreshToken,
+      grant_type: "refresh_token",
+    }),
+  });
+
+  if (!response.ok) {
+    const error = await response.text();
+    throw new Error(`Token refresh failed: ${response.status} - ${error}`);
+  }
+
+  const data = await response.json();
+
+  return {
+    accessToken: data.access_token,
+    refreshToken: data.refresh_token || refreshToken,
+    expiresAt: data.expires_in ? Date.now() + (data.expires_in * 1000) : undefined,
+    tokenType: data.token_type || "Bearer",
+    scope: data.scope,
+  };
+}
+
+/**
+ * Get a valid access token, refreshing if necessary
+ */
+export async function getValidToken(
+  provider: OAuthProvider,
+  userId: string,
+  service: string,
+): Promise<string | null> {
+  const token = await tokenStore.getToken(userId, service);
+
+  if (!token) {
+    return null;
+  }
+
+  // Check if token is expired (with 5 minute buffer)
+  // If no expiresAt, token doesn't expire (e.g., GitHub)
+  const isExpired = token.expiresAt ? token.expiresAt < Date.now() + 5 * 60 * 1000 : false;
+
+  if (isExpired && token.refreshToken) {
+    try {
+      const newToken = await refreshAccessToken(provider, token.refreshToken);
+      await tokenStore.setToken(userId, service, newToken);
+      return newToken.accessToken;
+    } catch {
+      // Refresh failed, user needs to re-authorize
+      await tokenStore.revokeToken(userId, service);
+      return null;
+    }
+  }
+
+  return token.accessToken;
+}

package/dist/integrations/gmail/files/lib/token-store.ts

@@ -0,0 +1,109 @@
+/**
+ * OAuth Token Store
+ *
+ * Simple in-memory token store for development.
+ * Replace with a database or KV store for production.
+ */
+
+export interface OAuthToken {
+  accessToken: string;
+  refreshToken?: string;
+  expiresAt?: number;
+  tokenType?: string;
+  scope?: string;
+}
+
+export interface TokenStore {
+  getToken(userId: string, service: string): Promise<OAuthToken | null>;
+  setToken(userId: string, service: string, token: OAuthToken): Promise<void>;
+  revokeToken(userId: string, service: string): Promise<void>;
+  isConnected(userId: string, service: string): Promise<boolean>;
+}
+
+// In-memory storage for development
+const tokens = new Map<string, OAuthToken>();
+
+function getKey(userId: string, service: string): string {
+  return `${userId}:${service}`;
+}
+
+/**
+ * Simple in-memory token store
+ *
+ * NOTE: This is for development only. In production, use:
+ * - Database (Postgres, SQLite, etc.)
+ * - KV store (Cloudflare Workers KV, Vercel KV, etc.)
+ * - Encrypted file storage
+ */
+export const tokenStore: TokenStore = {
+  getToken(userId: string, service: string): Promise<OAuthToken | null> {
+    const key = getKey(userId, service);
+    return Promise.resolve(tokens.get(key) || null);
+  },
+
+  setToken(
+    userId: string,
+    service: string,
+    token: OAuthToken,
+  ): Promise<void> {
+    const key = getKey(userId, service);
+    tokens.set(key, token);
+    return Promise.resolve();
+  },
+
+  revokeToken(userId: string, service: string): Promise<void> {
+    const key = getKey(userId, service);
+    tokens.delete(key);
+    return Promise.resolve();
+  },
+
+  async isConnected(userId: string, service: string): Promise<boolean> {
+    const token = await this.getToken(userId, service);
+    if (!token) return false;
+    // Check if token is not expired (if no expiry, token doesn't expire)
+    return !token.expiresAt || token.expiresAt > Date.now();
+  },
+};
+
+/**
+ * Factory function to create a custom token store
+ */
+export function createTokenStore(options: {
+  get: (key: string) => Promise<string | null>;
+  set: (key: string, value: string) => Promise<void>;
+  delete: (key: string) => Promise<void>;
+}): TokenStore {
+  return {
+    async getToken(userId: string, service: string): Promise<OAuthToken | null> {
+      const key = getKey(userId, service);
+      const data = await options.get(key);
+      if (!data) return null;
+      try {
+        return JSON.parse(data) as OAuthToken;
+      } catch {
+        return null;
+      }
+    },
+
+    async setToken(
+      userId: string,
+      service: string,
+      token: OAuthToken,
+    ): Promise<void> {
+      const key = getKey(userId, service);
+      await options.set(key, JSON.stringify(token));
+    },
+
+    async revokeToken(userId: string, service: string): Promise<void> {
+      const key = getKey(userId, service);
+      await options.delete(key);
+    },
+
+    async isConnected(userId: string, service: string): Promise<boolean> {
+      const token = await this.getToken(userId, service);
+      if (!token) return false;
+      // Check if token is not expired (if no expiry, token doesn't expire)
+      return !token.expiresAt || token.expiresAt > Date.now();
+    },
+  };
+}

package/dist/integrations/slack/connector.json

@@ -0,0 +1,74 @@
+{
+  "name": "slack",
+  "displayName": "Slack",
+  "icon": "slack.svg",
+  "description": "Send messages, read channels, and manage Slack workspace",
+  "auth": {
+    "type": "oauth2",
+    "provider": "slack",
+    "authorizationUrl": "https://slack.com/oauth/v2/authorize",
+    "tokenUrl": "https://slack.com/api/oauth.v2.access",
+    "scopes": [
+      "channels:history",
+      "channels:read",
+      "chat:write",
+      "users:read",
+      "im:history",
+      "im:read"
+    ],
+    "callbackPath": "/api/auth/slack/callback"
+  },
+  "envVars": [
+    {
+      "name": "SLACK_CLIENT_ID",
+      "description": "Slack App Client ID",
+      "required": true,
+      "sensitive": false,
+      "docsUrl": "https://api.slack.com/apps"
+    },
+    {
+      "name": "SLACK_CLIENT_SECRET",
+      "description": "Slack App Client Secret",
+      "required": true,
+      "sensitive": true,
+      "docsUrl": "https://api.slack.com/apps"
+    }
+  ],
+  "tools": [
+    {
+      "id": "list-channels",
+      "name": "List Channels",
+      "description": "Get list of Slack channels",
+      "requiresWrite": false
+    },
+    {
+      "id": "send-message",
+      "name": "Send Message",
+      "description": "Send a message to a Slack channel",
+      "requiresWrite": true
+    },
+    {
+      "id": "get-messages",
+      "name": "Get Messages",
+      "description": "Get recent messages from a channel",
+      "requiresWrite": false
+    }
+  ],
+  "prompts": [
+    {
+      "id": "catch-up-slack",
+      "title": "Catch up on Slack",
+      "prompt": "Summarize the important messages from my Slack channels from today. Highlight any mentions or urgent items.",
+      "category": "productivity",
+      "icon": "slack"
+    },
+    {
+      "id": "post-update",
+      "title": "Post team update",
+      "prompt": "Help me write and post a team update to Slack about my current work progress.",
+      "category": "productivity",
+      "icon": "message"
+    }
+  ],
+  "suggestedWith": ["gmail", "calendar", "jira"]
+}

package/dist/integrations/slack/files/ai/tools/get-messages.ts

@@ -0,0 +1,65 @@
+import { tool } from "veryfront/ai";
+import { z } from "zod";
+import { createSlackClient } from "../../lib/slack-client.ts";
+
+export default tool({
+  id: "get-messages",
+  description: "Get recent messages from a Slack channel",
+  inputSchema: z.object({
+    channel: z
+      .string()
+      .describe("Channel ID (e.g., 'C1234567890')"),
+    limit: z
+      .number()
+      .min(1)
+      .max(100)
+      .default(20)
+      .describe("Maximum number of messages to return"),
+  }),
+  execute: async ({ channel, limit }, context) => {
+    const userId = context?.userId as string | undefined;
+    if (!userId) {
+      return {
+        error: "User not authenticated. Please log in first.",
+      };
+    }
+
+    try {
+      const slack = createSlackClient(userId);
+      const messages = await slack.getMessages(channel, { limit });
+
+      return {
+        messages: messages.map((
+          msg: {
+            text?: string;
+            user?: string;
+            ts: string;
+            thread_ts?: string;
+            reply_count?: number;
+            reactions?: Array<{ name: string; count: number }>;
+          },
+        ) => ({
+          text: msg.text || "",
+          user: msg.user || "unknown",
+          timestamp: msg.ts,
+          threadTs: msg.thread_ts,
+          replyCount: msg.reply_count || 0,
+          reactions: msg.reactions?.map((r: { name: string; count: number }) =>
+            `${r.name} (${r.count})`
+          ) || [],
+        })),
+        count: messages.length,
+        channel,
+        message: `Retrieved ${messages.length} message(s) from channel.`,
+      };
+    } catch (error) {
+      if (error instanceof Error && error.message.includes("not connected")) {
+        return {
+          error: "Slack not connected. Please connect your Slack account.",
+          connectUrl: "/api/auth/slack",
+        };
+      }
+      throw error;
+    }
+  },
+});

package/dist/integrations/slack/files/ai/tools/list-channels.ts

@@ -0,0 +1,63 @@
+import { tool } from "veryfront/ai";
+import { z } from "zod";
+import { createSlackClient } from "../../lib/slack-client.ts";
+
+export default tool({
+  id: "list-channels",
+  description: "List Slack channels the user is a member of",
+  inputSchema: z.object({
+    limit: z
+      .number()
+      .min(1)
+      .max(100)
+      .default(20)
+      .describe("Maximum number of channels to return"),
+    excludeArchived: z
+      .boolean()
+      .default(true)
+      .describe("Exclude archived channels"),
+  }),
+  execute: async ({ limit, excludeArchived }, context) => {
+    const userId = context?.userId as string | undefined;
+    if (!userId) {
+      return {
+        error: "User not authenticated. Please log in first.",
+      };
+    }
+
+    try {
+      const slack = createSlackClient(userId);
+      const channels = await slack.listChannels({ limit, excludeArchived });
+
+      return {
+        channels: channels.map((
+          ch: {
+            id: string;
+            name: string;
+            is_private: boolean;
+            is_member: boolean;
+            topic?: { value: string };
+            purpose?: { value: string };
+          },
+        ) => ({
+          id: ch.id,
+          name: ch.name,
+          isPrivate: ch.is_private,
+          isMember: ch.is_member,
+          topic: ch.topic?.value || null,
+          purpose: ch.purpose?.value || null,
+        })),
+        count: channels.length,
+        message: `Found ${channels.length} channel(s).`,
+      };
+    } catch (error) {
+      if (error instanceof Error && error.message.includes("not connected")) {
+        return {
+          error: "Slack not connected. Please connect your Slack account.",
+          connectUrl: "/api/auth/slack",
+        };
+      }
+      throw error;
+    }
+  },
+});

package/dist/integrations/slack/files/ai/tools/send-message.ts

@@ -0,0 +1,49 @@
+import { tool } from "veryfront/ai";
+import { z } from "zod";
+import { createSlackClient } from "../../lib/slack-client.ts";
+
+export default tool({
+  id: "send-message",
+  description: "Send a message to a Slack channel",
+  inputSchema: z.object({
+    channel: z
+      .string()
+      .describe("Channel ID or name (e.g., 'C1234567890' or '#general')"),
+    text: z
+      .string()
+      .min(1)
+      .describe("Message text to send"),
+    threadTs: z
+      .string()
+      .optional()
+      .describe("Thread timestamp to reply to (for threaded messages)"),
+  }),
+  execute: async ({ channel, text, threadTs }, context) => {
+    const userId = context?.userId as string | undefined;
+    if (!userId) {
+      return {
+        error: "User not authenticated. Please log in first.",
+      };
+    }
+
+    try {
+      const slack = createSlackClient(userId);
+      const result = await slack.sendMessage(channel, text, { threadTs });
+
+      return {
+        success: true,
+        messageTs: result.ts,
+        channel: result.channel,
+        message: threadTs ? `Reply sent to thread in ${channel}.` : `Message sent to ${channel}.`,
+      };
+    } catch (error) {
+      if (error instanceof Error && error.message.includes("not connected")) {
+        return {
+          error: "Slack not connected. Please connect your Slack account.",
+          connectUrl: "/api/auth/slack",
+        };
+      }
+      throw error;
+    }
+  },
+});

package/dist/integrations/slack/files/app/api/auth/slack/callback/route.ts

@@ -0,0 +1,132 @@
+/**
+ * Slack OAuth Callback
+ *
+ * Handles the OAuth callback from Slack, exchanges code for tokens,
+ * and stores them securely.
+ */
+
+import { tokenStore } from "../../../../../lib/token-store.ts";
+import { slackOAuthProvider } from "../../../../../lib/slack-client.ts";
+
+export async function GET(req: Request) {
+  const url = new URL(req.url);
+  const code = url.searchParams.get("code");
+  const state = url.searchParams.get("state");
+  const error = url.searchParams.get("error");
+
+  // Handle OAuth errors
+  if (error) {
+    const errorDescription = url.searchParams.get("error_description") || error;
+    return new Response(
+      `
+      <html>
+        <head><title>Connection Failed</title></head>
+        <body style="font-family: system-ui; padding: 40px; text-align: center;">
+          <h1>Slack Connection Failed</h1>
+          <p style="color: #666;">${errorDescription}</p>
+          <a href="/" style="color: #0066cc;">Return to App</a>
+        </body>
+      </html>
+      `,
+      {
+        status: 400,
+        headers: { "Content-Type": "text/html" },
+      },
+    );
+  }
+
+  if (!code || !state) {
+    return new Response("Missing code or state parameter", { status: 400 });
+  }
+
+  // Validate state from cookie
+  const cookies = req.headers.get("cookie") || "";
+  const stateCookie = cookies
+    .split(";")
+    .find((c) => c.trim().startsWith("slack_oauth_state="));
+  const savedState = stateCookie?.split("=")[1]?.trim();
+
+  if (state !== savedState) {
+    return new Response("Invalid state parameter", { status: 400 });
+  }
+
+  try {
+    const origin = url.origin;
+    const redirectUri = `${origin}${slackOAuthProvider.callbackPath}`;
+
+    // Exchange code for tokens using Slack's specific OAuth flow
+    const response = await fetch(slackOAuthProvider.tokenUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+      },
+      body: new URLSearchParams({
+        client_id: slackOAuthProvider.clientId,
+        client_secret: slackOAuthProvider.clientSecret,
+        code,
+        redirect_uri: redirectUri,
+      }),
+    });
+
+    const data = await response.json();
+
+    if (!data.ok) {
+      throw new Error(data.error || "Token exchange failed");
+    }
+
+    // Get actual user ID from session in production
+    const userId = "current-user";
+
+    // Store tokens (Slack returns access_token in authed_user or at top level)
+    const accessToken = data.authed_user?.access_token || data.access_token;
+    await tokenStore.setToken(userId, "slack", {
+      accessToken,
+      refreshToken: data.refresh_token,
+      scope: data.scope,
+      tokenType: data.token_type,
+    });
+
+    // Clear state cookie and redirect to success page
+    return new Response(
+      `
+      <html>
+        <head>
+          <title>Slack Connected</title>
+          <meta http-equiv="refresh" content="2;url=/" />
+        </head>
+        <body style="font-family: system-ui; padding: 40px; text-align: center;">
+          <h1 style="color: #22c55e;">✓ Slack Connected!</h1>
+          <p style="color: #666;">Your Slack workspace has been connected successfully.</p>
+          <p style="color: #999; font-size: 14px;">Redirecting...</p>
+          <a href="/" style="color: #0066cc;">Return to App</a>
+        </body>
+      </html>
+      `,
+      {
+        status: 200,
+        headers: {
+          "Content-Type": "text/html",
+          "Set-Cookie": "slack_oauth_state=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0",
+        },
+      },
+    );
+  } catch (err) {
+    console.error("Slack OAuth error:", err);
+    return new Response(
+      `
+      <html>
+        <head><title>Connection Failed</title></head>
+        <body style="font-family: system-ui; padding: 40px; text-align: center;">
+          <h1>Slack Connection Failed</h1>
+          <p style="color: #666;">Unable to complete Slack authorization. Please try again.</p>
+          <a href="/api/auth/slack" style="color: #0066cc;">Try Again</a>
+        </body>
+      </html>
+      `,
+      {
+        status: 500,
+        headers: { "Content-Type": "text/html" },
+      },
+    );
+  }
+}

package/dist/integrations/slack/files/app/api/auth/slack/route.ts

@@ -0,0 +1,29 @@
+/**
+ * Slack OAuth Initiation
+ *
+ * Redirects to Slack OAuth consent screen
+ */
+
+import { getAuthorizationUrl } from "../../../../lib/oauth.ts";
+import { slackOAuthProvider } from "../../../../lib/slack-client.ts";
+
+export function GET(req: Request) {
+  const url = new URL(req.url);
+  const origin = url.origin;
+
+  // Generate a random state for CSRF protection
+  const state = crypto.randomUUID();
+
+  // Store state in a cookie for validation
+  const redirectUri = `${origin}${slackOAuthProvider.callbackPath}`;
+  const authUrl = getAuthorizationUrl(slackOAuthProvider, state, redirectUri);
+
+  // Set state cookie and redirect to Slack
+  return new Response(null, {
+    status: 302,
+    headers: {
+      Location: authUrl,
+      "Set-Cookie": `slack_oauth_state=${state}; Path=/; HttpOnly; SameSite=Lax; Max-Age=600`,
+    },
+  });
+}