Notion and Gmail Auth Fetch Changes

[M3gA-Mind]

Skill Submission

Skill name: skill-name-here
Type: [ ] Prompt-only | [ ] Coded (skill.ts)

Description

Brief description of what this skill does and why it's useful.

Checklist

• SKILL.md has valid YAML frontmatter (name, description)
• Skill name matches directory name (lowercase-hyphens)
• Instructions are clear enough for an AI agent to follow
• Examples demonstrate expected usage
• No hardcoded API keys, tokens, or secrets
• No eval(), Function(), or dynamic code execution
• No direct filesystem or network access (use ctx.readData/ctx.writeData)
• If coded: skill.ts has name, description, version
• If coded: all hooks complete within 10 seconds
• If coded: tools have JSON Schema parameters and return { content: string }
• Tested locally with npx tsx harness/runner.ts ../skills/my-skill
• npm run validate passes in dev/

Testing

Describe how you tested this skill:

Category

• DeFi
• Trading
• Research
• Community
• NFT
• Security
• Other: ___

Summary by CodeRabbit

• New Features

  • Interactive Gmail credential flow for setup during sync.
  • New command to serve the core runtime locally (npm script).

• Bug Fixes

  • Clears Gmail sync error state after successful syncs.
  • Simplified Gmail OAuth routing via proxy.
  • Token cache is no longer automatically cleared on auth changes.

• Chores

  • Test harness default runtime endpoint changed to http://127.0.0.1:7788.

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

📝 Walkthrough

Walkthrough

Refactors Gmail and Notion auth to route through OAuth proxy, removes local token-cache/refresh logic, adds interactive credential resolution for Gmail live tests, introduces a new serve-core script to run the Rust core on port 7788, and updates test-harness default runtime URL accordingly.

Changes

Cohort / File(s)	Summary
Test Infrastructure & Scripts dev/test-harness/index.ts, openhuman, package.json, scripts/serve-core.mjs	Added serve:core npm script and new scripts/serve-core.mjs to spawn openhuman-core (cargo run ... serve --port, default 7788) with .env loading and signal propagation. Updated test harness RUNTIME_URL fallback from 127.0.0.1:7799 → 127.0.0.1:7788. A one-line openhuman file was added.
Gmail API auth refactor src/core/gmail/api/index.ts, src/core/gmail/index.ts	Removed direct HTTP calls and local access-token refresh/cache (deleted resetTokenCache). All Gmail requests now go through oauth.fetch(...). Removed token-cache invalidation calls from auth lifecycle hooks.
Gmail interactive live-test tooling src/core/gmail/live-test-sync.ts	Replaced static env gating with interactive credential resolution: readline prompts, browser-open OAuth flow for encrypted OAuth, self-hosted prompts, resolveCredentials() discriminated return, and updated main() to use oauthComplete(...), authComplete(...), and exported GRANTED_SCOPES.
Gmail sync state src/core/gmail/sync.ts	On successful initial and incremental sync, clear stored API error state (s.lastApiError = null) before ingestion.
Notion auth simplification src/core/notion/helpers.ts	Treat managed OAuth as always { type: 'proxy' }; proxy requests call oauth.fetch(path) (no /v1 prefix). Direct-token branch de-emphasized; logging and JSDoc updated.

Sequence Diagram(s)

sequenceDiagram
    actor User
    participant CLI as CLI Process
    participant Env as Environment/.env
    participant Backend as Backend API
    participant Browser as Browser
    participant OAuth as OAuth Proxy

    User->>CLI: run live-test-sync / main()
    CLI->>Env: read env vars (JWT_TOKEN, GMAIL_*)
    alt Encrypted OAuth flow
        CLI->>Backend: GET /auth/gmail/connect?... (Authorization: Bearer JWT)
        Backend-->>CLI: oauthUrl
        CLI->>Browser: open oauthUrl
        Browser->>User: show consent, user grants
        CLI->>User: prompt for integrationId / clientKeyShare
        User-->>CLI: provide inputs
        CLI->>OAuth: call oauthComplete(credentialId, clientKeyShare, GRANTED_SCOPES)
    else Self-hosted flow
        CLI->>User: prompt client_id, client_secret, refresh_token
        User-->>CLI: provide credentials
        CLI->>OAuth: call authComplete(client_id, client_secret, refresh_token)
    end
    OAuth-->>CLI: credential validated
    CLI->>OAuth: use oauth.fetch(path) for subsequent Gmail API calls

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• feat: advanced authentication modes for Notion and Gmail #5: Modifies Gmail and Notion auth/fetch code paths (overlaps gmail/api/index.ts, notion/helpers.ts), directly related to proxy/token behavior changes.
• feat: ingest synced skill documents into knowledge graph #9: Touches src/core/gmail/sync.ts for sync wiring; related to the s.lastApiError change and sync flow adjustments.

Poem

🐰 I hopped through ports and OAuth streams,

nibbling tokens, chasing dreams.
A browser click, a prompt, a cheer—
Proxy paths now lead us clear.
Porter of creds, I dance with glee, hooray!

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Notion and Gmail Auth Fetch Changes' accurately summarizes the main changes, which center on updating authentication and fetch mechanisms for both Notion and Gmail integrations to use OAuth proxies.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}