Jayden/AFFiNE-Mirror
1
0
Fork 0
mirror of https://github.com/toeverything/AFFiNE.git synced 2026-02-13 21:05:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: basic caldav support (#14372)

Browse Source 
fix #13531 

#### PR Dependency Tree


* **PR #14372** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* CalDAV calendar integration: link and sync CalDAV-compatible calendars
(discovery, listing, event sync).
* New UI flow and dialog to link CalDAV accounts with provider
selection, credentials, and display name.

* **API / Config**
* Server exposes CalDAV provider presets in config and new GraphQL
mutation to link CalDAV accounts.
  * New calendar config section for CalDAV with validation and defaults.

* **Tests**
  * Comprehensive CalDAV integration test suite added.

* **Chores**
* Removed analytics tokens from build configuration and reduced Cloud
E2E test shards.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This commit is contained in:
DarkSky
2026-02-05 03:04:21 +08:00
committed by GitHub
parent 403f16b404
commit a655b79166
34 changed files with 2995 additions and 217 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
packages/backend/server/migrations/20260110095744_caldav_fields/migration.sql Normal file
View File

@@ -0,0 +1,7 @@
-- AlterTable
ALTER TABLE "calendar_accounts" ADD COLUMN "auth_type" VARCHAR,
ADD COLUMN "calendar_home_url" VARCHAR,
ADD COLUMN "principal_url" VARCHAR,
ADD COLUMN "provider_preset_id" VARCHAR,
ADD COLUMN "server_url" VARCHAR,
ADD COLUMN "username" VARCHAR;

6
packages/backend/server/schema.prisma
View File

@@ -937,6 +937,12 @@ model CalendarAccount {
providerAccountId String @map("provider_account_id") @db.VarChar
displayName String? @map("display_name") @db.VarChar
email String? @db.VarChar
providerPresetId String? @map("provider_preset_id") @db.VarChar
serverUrl String? @map("server_url") @db.VarChar
principalUrl String? @map("principal_url") @db.VarChar
calendarHomeUrl String? @map("calendar_home_url") @db.VarChar
username String? @db.VarChar
authType String? @map("auth_type") @db.VarChar
accessToken String? @map("access_token") @db.Text
refreshToken String? @map("refresh_token") @db.Text
expiresAt DateTime? @map("expires_at") @db.Timestamptz(3)

18
packages/backend/server/src/models/calendar-account.ts
View File

@@ -17,6 +17,12 @@ export interface UpsertCalendarAccountInput extends CalendarAccountTokens {
providerAccountId: string;
displayName?: string | null;
email?: string | null;
providerPresetId?: string | null;
serverUrl?: string | null;
principalUrl?: string | null;
calendarHomeUrl?: string | null;
username?: string | null;
authType?: string | null;
status?: string | null;
lastError?: string | null;
refreshIntervalMinutes?: number | null;
@@ -73,6 +79,12 @@ export class CalendarAccountModel extends BaseModel {
providerAccountId: input.providerAccountId,
displayName: input.displayName ?? null,
email: input.email ?? null,
providerPresetId: input.providerPresetId ?? null,
serverUrl: input.serverUrl ?? null,
principalUrl: input.principalUrl ?? null,
calendarHomeUrl: input.calendarHomeUrl ?? null,
username: input.username ?? null,
authType: input.authType ?? null,
accessToken: accessToken ?? null,
refreshToken: refreshToken ?? null,
expiresAt: input.expiresAt ?? null,
@@ -85,6 +97,12 @@ export class CalendarAccountModel extends BaseModel {
const updateData: Prisma.CalendarAccountUncheckedUpdateInput = {
displayName: data.displayName,
email: data.email,
providerPresetId: data.providerPresetId,
serverUrl: data.serverUrl,
principalUrl: data.principalUrl,
calendarHomeUrl: data.calendarHomeUrl,
username: data.username,
authType: data.authType,
expiresAt: data.expiresAt,
scope: data.scope,
status: data.status,

531
packages/backend/server/src/plugins/calendar/__tests__/caldav.spec.ts Normal file
View File

@@ -0,0 +1,531 @@
import { createServer } from 'node:http';
import type { AddressInfo } from 'node:net';
import test from 'ava';
import { createModule } from '../../../__tests__/create-module';
import { Mockers } from '../../../__tests__/mocks';
import { CryptoHelper, GraphqlBadRequest, Mutex } from '../../../base';
import { ConfigModule } from '../../../base/config';
import { ServerConfigModule } from '../../../core/config';
import { Models } from '../../../models';
import { CalendarModule } from '..';
import {
CalDAVProvider,
CalendarProviderFactory,
CalendarProviderName,
} from '../providers';
import { CalendarService } from '../service';
const USERNAME = 'caldav-user@example.com';
const PASSWORD = 'caldav-pass';
const AUTH_HEADER = `Basic ${Buffer.from(`${USERNAME}:${PASSWORD}`).toString('base64')}`;
const buildVCalendar = (lines: string[]) =>
['BEGIN:VCALENDAR', 'VERSION:2.0', ...lines, 'END:VCALENDAR'].join('\r\n');
const allDayEvent = buildVCalendar([
'BEGIN:VEVENT',
'UID:all-day',
'DTSTART;VALUE=DATE:20250101',
'DTEND;VALUE=DATE:20250102',
'SUMMARY:All Day Event',
'END:VEVENT',
]);
const timezoneEvent = buildVCalendar([
'BEGIN:VEVENT',
'UID:tz-event',
'DTSTART;TZID=America/Los_Angeles:20250103T090000',
'DTEND;TZID=America/Los_Angeles:20250103T100000',
'SUMMARY:Timezone Event',
'END:VEVENT',
]);
const recurrenceEvent = buildVCalendar([
'BEGIN:VEVENT',
'UID:recurrence-event',
'RECURRENCE-ID;TZID=UTC:20250104T090000',
'DTSTART;TZID=UTC:20250104T100000',
'DTEND;TZID=UTC:20250104T110000',
'SUMMARY:Recurring Instance',
'END:VEVENT',
]);
const principalResponse = `<?xml version="1.0" encoding="UTF-8"?>
<multistatus xmlns="DAV:">
<response>
<href>/caldav/</href>
<propstat>
<prop>
<current-user-principal>
<href>/principals/user/</href>
</current-user-principal>
</prop>
<status>HTTP/1.1 200 OK</status>
</propstat>
</response>
</multistatus>`;
const homeSetResponse = `<?xml version="1.0" encoding="UTF-8"?>
<multistatus xmlns="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav">
<response>
<href>/principals/user/</href>
<propstat>
<prop>
<calendar-home-set>
<href>/calendars/user/</href>
</calendar-home-set>
</prop>
<status>HTTP/1.1 200 OK</status>
</propstat>
</response>
</multistatus>`;
const calendarListResponse = `<?xml version="1.0" encoding="UTF-8"?>
<multistatus xmlns="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav" xmlns:IC="http://apple.com/ns/ical/">
<response>
<href>/calendars/user/</href>
<propstat>
<prop>
<resourcetype>
<collection />
</resourcetype>
</prop>
<status>HTTP/1.1 200 OK</status>
</propstat>
</response>
<response>
<href>/calendars/user/home/</href>
<propstat>
<prop>
<displayname>Home</displayname>
<resourcetype>
<collection />
<calendar xmlns="urn:ietf:params:xml:ns:caldav" />
</resourcetype>
<calendar-timezone>BEGIN:VTIMEZONE\nTZID:UTC\nEND:VTIMEZONE</calendar-timezone>
<calendar-color xmlns="http://apple.com/ns/ical/">#ff0000</calendar-color>
</prop>
<status>HTTP/1.1 200 OK</status>
</propstat>
</response>
</multistatus>`;
const calendarQueryResponse = `<?xml version="1.0" encoding="UTF-8"?>
<multistatus xmlns="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav">
<response>
<href>/calendars/user/home/all-day.ics</href>
<propstat>
<prop>
<getetag>"1"</getetag>
<calendar-data>${allDayEvent}</calendar-data>
</prop>
<status>HTTP/1.1 200 OK</status>
</propstat>
</response>
<response>
<href>/calendars/user/home/timezone.ics</href>
<propstat>
<prop>
<getetag>"2"</getetag>
<calendar-data>${timezoneEvent}</calendar-data>
</prop>
<status>HTTP/1.1 200 OK</status>
</propstat>
</response>
<response>
<href>/calendars/user/home/recurrence.ics</href>
<propstat>
<prop>
<getetag>"3"</getetag>
<calendar-data>${recurrenceEvent}</calendar-data>
</prop>
<status>HTTP/1.1 200 OK</status>
</propstat>
</response>
</multistatus>`;
const createCalDAVServer = async (options?: {
syncCollectionStatus?: number;
}) => {
const requests: Array<{ method: string; url: string; body: string }> = [];
const server = createServer(async (req, res) => {
const chunks: Buffer[] = [];
for await (const chunk of req) {
chunks.push(Buffer.from(chunk));
}
const body = Buffer.concat(chunks).toString('utf-8');
requests.push({
method: req.method ?? '',
url: req.url ?? '',
body,
});
if (req.headers.authorization !== AUTH_HEADER) {
res.writeHead(401, { 'WWW-Authenticate': 'Basic realm="CalDAV"' });
res.end();
return;
}
if (req.url === '/.well-known/caldav') {
res.writeHead(302, { Location: '/caldav/' });
res.end();
return;
}
if (req.method === 'PROPFIND' && req.url === '/caldav/') {
res.writeHead(207, { 'Content-Type': 'application/xml' });
res.end(principalResponse);
return;
}
if (req.method === 'PROPFIND' && req.url === '/principals/user/') {
res.writeHead(207, { 'Content-Type': 'application/xml' });
res.end(homeSetResponse);
return;
}
if (req.method === 'PROPFIND' && req.url === '/calendars/user/') {
res.writeHead(207, { 'Content-Type': 'application/xml' });
res.end(calendarListResponse);
return;
}
if (req.method === 'REPORT' && req.url === '/calendars/user/home/') {
if (body.includes('sync-collection')) {
const status = options?.syncCollectionStatus ?? 207;
if (status !== 207) {
res.writeHead(status);
res.end();
return;
}
}
res.writeHead(207, { 'Content-Type': 'application/xml' });
res.end(calendarQueryResponse);
return;
}
res.writeHead(404);
res.end();
});
await new Promise<void>(resolve => server.listen(0, resolve));
const port = (server.address() as AddressInfo).port;
return {
server,
baseUrl: `http://127.0.0.1:${port}`,
requests,
};
};
const createRedirectServer = async () => {
const server = createServer((req, res) => {
if (req.url === '/.well-known/caldav') {
res.writeHead(302, { Location: '/.well-known/caldav' });
res.end();
return;
}
res.writeHead(404);
res.end();
});
await new Promise<void>(resolve => server.listen(0, resolve));
const port = (server.address() as AddressInfo).port;
return {
server,
baseUrl: `http://127.0.0.1:${port}`,
};
};
const createCalendarModule = async (caldavConfig: Record<string, unknown>) => {
const module = await createModule({
imports: [
ServerConfigModule,
CalendarModule,
ConfigModule.override({
calendar: {
google: {
enabled: false,
clientId: '',
clientSecret: '',
externalWebhookUrl: '',
webhookVerificationToken: '',
},
caldav: caldavConfig,
},
}),
],
tapModule: builder => {
const testLock = {
fromTest: true,
async [Symbol.asyncDispose]() {},
};
builder.overrideProvider(Mutex).useValue({
acquire: async () => testLock,
});
},
});
module.get(CryptoHelper).onConfigInit();
const caldavProvider = module.get(CalDAVProvider);
caldavProvider.onConfigInit();
module.get(CalendarProviderFactory).register(caldavProvider);
return module;
};
test('linkCalDAVAccount discovers calendars and parses events', async t => {
const server = await createCalDAVServer();
t.teardown(() => server.server.close());
const module = await createCalendarModule({
enabled: true,
allowInsecureHttp: true,
blockPrivateNetwork: false,
providers: [
{
id: 'test',
label: 'Test CalDAV',
serverUrl: `${server.baseUrl}/caldav/`,
authType: 'basic',
},
],
});
t.teardown(() => module.close());
const calendarService = module.get(CalendarService);
const models = module.get(Models) as any;
const user = await module.create(Mockers.User);
const account = await calendarService.linkCalDAVAccount({
userId: user.id,
input: {
providerPresetId: 'test',
username: USERNAME,
password: PASSWORD,
displayName: 'Test CalDAV',
},
});
const subscriptions = await models.calendarSubscription.listByAccount(
account.id
);
t.is(subscriptions.length, 1);
const events = await models.calendarEvent.listBySubscriptionsInRange(
[subscriptions[0].id],
new Date('2020-01-01T00:00:00.000Z'),
new Date('2030-01-01T00:00:00.000Z')
);
t.is(events.length, 3);
const allDay = events.find(
(event: (typeof events)[number]) => event.title === 'All Day Event'
);
t.truthy(allDay);
t.is(allDay?.allDay, true);
t.is(allDay?.startAtUtc.toISOString(), '2025-01-01T00:00:00.000Z');
t.is(allDay?.endAtUtc.toISOString(), '2025-01-02T00:00:00.000Z');
t.is(allDay?.originalTimezone, 'UTC');
const tzEvent = events.find(
(event: (typeof events)[number]) => event.title === 'Timezone Event'
);
t.truthy(tzEvent);
t.is(tzEvent?.originalTimezone, 'America/Los_Angeles');
t.is(tzEvent?.startAtUtc.toISOString(), '2025-01-03T17:00:00.000Z');
t.is(tzEvent?.endAtUtc.toISOString(), '2025-01-03T18:00:00.000Z');
const recurrence = events.find(
(event: (typeof events)[number]) => event.title === 'Recurring Instance'
);
t.truthy(recurrence);
t.is(recurrence?.recurrenceId, '2025-01-04T09:00:00.000Z');
});
test('syncSubscription falls back when sync-collection is rejected', async t => {
const server = await createCalDAVServer({ syncCollectionStatus: 403 });
t.teardown(() => server.server.close());
const module = await createCalendarModule({
enabled: true,
allowInsecureHttp: true,
blockPrivateNetwork: false,
providers: [
{
id: 'test',
label: 'Test CalDAV',
serverUrl: `${server.baseUrl}/caldav/`,
authType: 'basic',
},
],
});
t.teardown(() => module.close());
const calendarService = module.get(CalendarService);
const models = module.get(Models) as any;
const user = await module.create(Mockers.User);
const account = await models.calendarAccount.upsert({
userId: user.id,
provider: CalendarProviderName.CalDAV,
providerAccountId: `${server.baseUrl}/principals/user/`,
displayName: 'Test',
email: USERNAME,
accessToken: PASSWORD,
refreshToken: null,
expiresAt: null,
scope: null,
status: 'active',
lastError: null,
providerPresetId: 'test',
serverUrl: server.baseUrl,
principalUrl: `${server.baseUrl}/principals/user/`,
calendarHomeUrl: `${server.baseUrl}/calendars/user/`,
username: USERNAME,
authType: 'basic',
});
const subscription = await models.calendarSubscription.upsert({
accountId: account.id,
provider: CalendarProviderName.CalDAV,
externalCalendarId: `${server.baseUrl}/calendars/user/home/`,
displayName: 'Home',
timezone: 'UTC',
color: null,
enabled: true,
});
await models.calendarSubscription.updateSync(subscription.id, {
syncToken: 'stale-token',
});
await calendarService.syncSubscription(subscription.id);
t.true(
server.requests.some(
request =>
request.method === 'REPORT' &&
request.url === '/calendars/user/home/' &&
request.body.includes('sync-collection')
)
);
const updatedSubscription = await models.calendarSubscription.get(
subscription.id
);
t.is(updatedSubscription?.syncToken, null);
const events = await models.calendarEvent.listBySubscriptionsInRange(
[subscription.id],
new Date('2020-01-01T00:00:00.000Z'),
new Date('2030-01-01T00:00:00.000Z')
);
t.is(events.length, 3);
});
test('linkCalDAVAccount blocks private network hosts', async t => {
const module = await createCalendarModule({
enabled: true,
allowInsecureHttp: true,
blockPrivateNetwork: true,
providers: [
{
id: 'blocked',
label: 'Blocked CalDAV',
serverUrl: 'http://127.0.0.1:1/caldav/',
},
],
});
t.teardown(() => module.close());
const calendarService = module.get(CalendarService);
const user = await module.create(Mockers.User);
const error = await t.throwsAsync(async () => {
await calendarService.linkCalDAVAccount({
userId: user.id,
input: {
providerPresetId: 'blocked',
username: USERNAME,
password: PASSWORD,
displayName: null,
},
});
});
t.true(error instanceof GraphqlBadRequest);
t.is((error as GraphqlBadRequest).data?.code, 'caldav_private_network');
});
test('linkCalDAVAccount enforces allowed hosts', async t => {
const module = await createCalendarModule({
enabled: true,
providers: [
{
id: 'blocked',
label: 'Blocked CalDAV',
serverUrl: 'https://blocked.example.com/caldav/',
},
],
allowedHosts: ['allowed.com'],
});
t.teardown(() => module.close());
const calendarService = module.get(CalendarService);
const user = await module.create(Mockers.User);
const error = await t.throwsAsync(async () => {
await calendarService.linkCalDAVAccount({
userId: user.id,
input: {
providerPresetId: 'blocked',
username: USERNAME,
password: PASSWORD,
displayName: null,
},
});
});
t.true(error instanceof GraphqlBadRequest);
t.is((error as GraphqlBadRequest).data?.code, 'caldav_host_blocked');
});
test('linkCalDAVAccount enforces redirect limits', async t => {
const server = await createRedirectServer();
t.teardown(() => server.server.close());
const module = await createCalendarModule({
enabled: true,
allowInsecureHttp: true,
blockPrivateNetwork: false,
maxRedirects: 0,
providers: [
{
id: 'redirect',
label: 'Redirect CalDAV',
serverUrl: `${server.baseUrl}/caldav/`,
authType: 'basic',
},
],
});
t.teardown(() => module.close());
const calendarService = module.get(CalendarService);
const user = await module.create(Mockers.User);
const error = await t.throwsAsync(async () => {
await calendarService.linkCalDAVAccount({
userId: user.id,
input: {
providerPresetId: 'redirect',
username: USERNAME,
password: PASSWORD,
displayName: null,
},
});
});
t.true(error instanceof GraphqlBadRequest);
t.is((error as GraphqlBadRequest).data?.code, 'caldav_max_redirects');
});

3
packages/backend/server/src/plugins/calendar/__tests__/service.spec.ts
View File

@@ -21,6 +21,7 @@ import {
CalendarSyncTokenInvalid,
} from '../providers';
import type {
CalendarProviderListCalendarsParams,
CalendarProviderListEventsParams,
CalendarProviderStopParams,
CalendarProviderWatchParams,
@@ -46,7 +47,7 @@ class MockCalendarProvider extends CalendarProvider {
return { providerAccountId: 'mock-account' };
}
override async listCalendars(_accessToken: string) {
override async listCalendars(_params: CalendarProviderListCalendarsParams) {
return [];
}

83
packages/backend/server/src/plugins/calendar/config.ts
View File

@@ -10,10 +10,33 @@ export interface CalendarGoogleConfig {
webhookVerificationToken?: string;
}
export type CalendarCalDAVAuthType = 'auto' | 'basic' | 'digest';
export interface CalendarCalDAVProviderPreset {
id: string;
label: string;
serverUrl: string;
authType?: CalendarCalDAVAuthType;
requiresAppPassword?: boolean;
docsUrl?: string;
}
export interface CalendarCalDAVConfig {
enabled: boolean;
allowCustomProvider?: boolean;
providers: CalendarCalDAVProviderPreset[];
allowInsecureHttp?: boolean;
allowedHosts?: string[];
blockPrivateNetwork?: boolean;
requestTimeoutMs?: number;
maxRedirects?: number;
}
declare global {
interface AppConfigSchema {
calendar: {
google: ConfigItem<CalendarGoogleConfig>;
caldav: ConfigItem<CalendarCalDAVConfig>;
};
}
}
@@ -29,6 +52,33 @@ const schema: JSONSchema = {
},
};
const caldavSchema: JSONSchema = {
type: 'object',
properties: {
enabled: { type: 'boolean' },
allowCustomProvider: { type: 'boolean' },
providers: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
label: { type: 'string' },
serverUrl: { type: 'string' },
authType: { type: 'string' },
requiresAppPassword: { type: 'boolean' },
docsUrl: { type: 'string' },
},
},
},
allowInsecureHttp: { type: 'boolean' },
allowedHosts: { type: 'array', items: { type: 'string' } },
blockPrivateNetwork: { type: 'boolean' },
requestTimeoutMs: { type: 'number' },
maxRedirects: { type: 'number' },
},
};
defineModuleConfig('calendar', {
google: {
desc: 'Google Calendar integration config',
@@ -54,4 +104,37 @@ defineModuleConfig('calendar', {
}),
link: 'https://developers.google.com/calendar/api/guides/push',
},
caldav: {
desc: 'CalDAV integration config',
default: {
enabled: false,
allowCustomProvider: false,
providers: [],
allowInsecureHttp: false,
allowedHosts: [],
blockPrivateNetwork: true,
requestTimeoutMs: 10_000,
maxRedirects: 5,
},
schema: caldavSchema,
shape: z.object({
enabled: z.boolean(),
allowCustomProvider: z.boolean().optional(),
providers: z.array(
z.object({
id: z.string(),
label: z.string(),
serverUrl: z.string().url(),
authType: z.enum(['auto', 'basic', 'digest']).optional(),
requiresAppPassword: z.boolean().optional(),
docsUrl: z.string().url().optional(),
})
),
allowInsecureHttp: z.boolean().optional(),
allowedHosts: z.array(z.string()).optional(),
blockPrivateNetwork: z.boolean().optional(),
requestTimeoutMs: z.number().int().positive().optional(),
maxRedirects: z.number().int().nonnegative().optional(),
}),
},
});

5
packages/backend/server/src/plugins/calendar/controller.ts
View File

@@ -42,7 +42,7 @@ export class CalendarController {
throw new MissingOauthQueryParameter({ name: 'provider' });
}
if (!this.calendar.isProviderAvailable(providerName)) {
if (!this.calendar.isProviderAvailableFor(providerName, { oauth: true })) {
throw new UnknownOauthProvider({ name: providerName });
}
@@ -157,7 +157,8 @@ export class CalendarController {
private getCallbackErrorMessage(error: unknown) {
if (error instanceof CalendarProviderRequestError) {
if (error.status === 403) {
const status = error.data?.status ?? error.status;
if (status === 403) {
return 'Calendar authorization failed: insufficient permissions. Please reauthorize and allow Calendar access.';
}
return 'Calendar authorization failed. Please try again.';

1256
packages/backend/server/src/plugins/calendar/providers/caldav.ts Normal file
View File

File diff suppressed because it is too large Load Diff

26
packages/backend/server/src/plugins/calendar/providers/def.ts
View File

@@ -1,4 +1,5 @@
import { Inject, Injectable, Logger } from '@nestjs/common';
import type { CalendarAccount } from '@prisma/client';
import { CalendarProviderRequestError, Config, OnEvent } from '../../../base';
import { CalendarProviderFactory } from './factory';
@@ -54,11 +55,17 @@ export interface CalendarProviderEvent {
export interface CalendarProviderListEventsParams {
accessToken: string;
calendarId: string;
account?: CalendarAccount;
timeMin?: string;
timeMax?: string;
syncToken?: string;
}
export interface CalendarProviderListCalendarsParams {
accessToken: string;
account?: CalendarAccount;
}
export interface CalendarProviderListEventsResult {
events: CalendarProviderEvent[];
nextSyncToken?: string;
@@ -97,7 +104,7 @@ export abstract class CalendarProvider {
accessToken: string
): Promise<CalendarAccountProfile>;
abstract listCalendars(
accessToken: string
params: CalendarProviderListCalendarsParams
): Promise<CalendarProviderCalendar[]>;
abstract listEvents(
params: CalendarProviderListEventsParams
@@ -117,12 +124,17 @@ export abstract class CalendarProvider {
}
get configured() {
return (
!!this.config &&
!!this.config.enabled &&
!!this.config.clientId &&
!!this.config.clientSecret
);
if (!this.config || !this.config.enabled) {
return false;
}
if ('clientId' in this.config || 'clientSecret' in this.config) {
return Boolean(this.config.clientId && this.config.clientSecret);
}
return true;
}
get supportsOAuth() {
return true;
}
@OnEvent('config.init')

5
packages/backend/server/src/plugins/calendar/providers/google.ts
View File

@@ -4,6 +4,7 @@ import { CalendarProviderRequestError } from '../../../base';
import { CalendarProvider } from './def';
import {
CalendarProviderEvent,
CalendarProviderListCalendarsParams,
CalendarProviderListEventsParams,
CalendarProviderListEventsResult,
CalendarProviderName,
@@ -171,7 +172,7 @@ export class GoogleCalendarProvider extends CalendarProvider {
};
}
async listCalendars(accessToken: string) {
async listCalendars(params: CalendarProviderListCalendarsParams) {
const calendars: GoogleCalendarListResponse['items'] = [];
let pageToken: string | undefined;
@@ -188,7 +189,7 @@ export class GoogleCalendarProvider extends CalendarProvider {
url.toString(),
{
headers: {
Authorization: `Bearer ${accessToken}`,
Authorization: `Bearer ${params.accessToken}`,
},
}
);

5
packages/backend/server/src/plugins/calendar/providers/index.ts
View File

@@ -1,10 +1,13 @@
import { CalDAVProvider } from './caldav';
import { GoogleCalendarProvider } from './google';
export { CalDAVProvider } from './caldav';
export type {
CalendarAccountProfile,
CalendarProviderCalendar,
CalendarProviderEvent,
CalendarProviderEventTime,
CalendarProviderListCalendarsParams,
CalendarProviderListEventsParams,
CalendarProviderListEventsResult,
CalendarProviderTokens,
@@ -16,4 +19,4 @@ export { CalendarProvider } from './def';
export { CalendarProviderFactory } from './factory';
export { CalendarSyncTokenInvalid, GoogleCalendarProvider } from './google';
export const CalendarProviders = [GoogleCalendarProvider];
export const CalendarProviders = [GoogleCalendarProvider, CalDAVProvider];

38
packages/backend/server/src/plugins/calendar/resolver.ts
View File

@@ -7,7 +7,7 @@ import {
Resolver,
} from '@nestjs/graphql';
import { ActionForbidden, AuthenticationRequired } from '../../base';
import { ActionForbidden, AuthenticationRequired, Config } from '../../base';
import { CurrentUser } from '../../core/auth';
import { ServerConfigType } from '../../core/config/types';
import { AccessController } from '../../core/permission';
@@ -19,8 +19,10 @@ import { CalendarProviderFactory, CalendarProviderName } from './providers';
import { CalendarService } from './service';
import {
CalendarAccountObjectType,
CalendarCalDAVProviderPresetObjectType,
CalendarEventObjectType,
CalendarSubscriptionObjectType,
LinkCalDAVAccountInput,
LinkCalendarAccountInput,
UpdateWorkspaceCalendarsInput,
WorkspaceCalendarObjectType,
@@ -28,12 +30,29 @@ import {
@Resolver(() => ServerConfigType)
export class CalendarServerConfigResolver {
constructor(private readonly providerFactory: CalendarProviderFactory) {}
constructor(
private readonly providerFactory: CalendarProviderFactory,
private readonly config: Config
) {}
@ResolveField(() => [CalendarProviderName])
calendarProviders() {
return this.providerFactory.providers;
}
@ResolveField(() => [CalendarCalDAVProviderPresetObjectType])
calendarCalDAVProviders() {
const caldavConfig = this.config.calendar.caldav;
if (!caldavConfig?.enabled) {
return [];
}
return caldavConfig.providers.map(provider => ({
id: provider.id,
label: provider.label,
requiresAppPassword: provider.requiresAppPassword ?? null,
docsUrl: provider.docsUrl ?? null,
}));
}
}
@Resolver(() => UserType)
@@ -140,6 +159,21 @@ export class CalendarMutationResolver {
return this.calendar.getAuthUrl(input.provider, state, callbackUrl);
}
@Mutation(() => CalendarAccountObjectType)
async linkCalDAVAccount(
@CurrentUser() user: CurrentUser | null,
@Args('input') input: LinkCalDAVAccountInput
) {
if (!user) {
throw new AuthenticationRequired();
}
return await this.calendar.linkCalDAVAccount({
userId: user.id,
input,
});
}
@Mutation(() => CalendarAccountObjectType, { nullable: true })
async updateCalendarAccount(
@CurrentUser() user: CurrentUser,

126
packages/backend/server/src/plugins/calendar/service.ts
View File

@@ -8,10 +8,12 @@ import { addDays, subDays } from 'date-fns';
import {
CalendarProviderRequestError,
Config,
GraphqlBadRequest,
Mutex,
URLHelper,
} from '../../base';
import { Models } from '../../models';
import type { CalendarCalDAVProviderPreset } from './config';
import {
CalendarProvider,
CalendarProviderEvent,
@@ -20,6 +22,7 @@ import {
CalendarSyncTokenInvalid,
} from './providers';
import { CalendarProviderFactory } from './providers';
import type { LinkCalDAVAccountInput } from './types';
const TOKEN_REFRESH_SKEW_MS = 60 * 1000;
const DEFAULT_PAST_DAYS = 90;
@@ -159,6 +162,92 @@ export class CalendarService {
return account;
}
async linkCalDAVAccount(params: {
userId: string;
input: LinkCalDAVAccountInput;
}) {
const caldavConfig = this.config.calendar.caldav;
if (!caldavConfig?.enabled) {
throw new GraphqlBadRequest({
code: 'caldav_disabled',
message: 'CalDAV integration is not enabled.',
});
}
const preset = caldavConfig.providers.find(
provider => provider.id === params.input.providerPresetId
);
if (!preset) {
throw new GraphqlBadRequest({
code: 'caldav_provider_not_found',
message: 'CalDAV provider is not available.',
});
}
const provider = this.requireProvider(CalendarProviderName.CalDAV);
if (!('discoverAccount' in provider)) {
throw new GraphqlBadRequest({
code: 'caldav_provider_unavailable',
message: 'CalDAV provider is not configured.',
});
}
const discovery = await (
provider as CalendarProvider & {
discoverAccount: (input: {
preset: CalendarCalDAVProviderPreset;
username: string;
password: string;
}) => Promise<{
providerAccountId: string;
serverUrl: string;
principalUrl: string;
calendarHomeUrl: string;
authType?: string | null;
}>;
}
).discoverAccount({
preset,
username: params.input.username,
password: params.input.password,
});
const account = await this.models.calendarAccount.upsert({
userId: params.userId,
provider: CalendarProviderName.CalDAV,
providerAccountId: discovery.providerAccountId,
displayName: params.input.displayName ?? null,
email: params.input.username,
accessToken: params.input.password,
refreshToken: null,
expiresAt: null,
scope: null,
status: 'active',
lastError: null,
providerPresetId: params.input.providerPresetId,
serverUrl: discovery.serverUrl,
principalUrl: discovery.principalUrl,
calendarHomeUrl: discovery.calendarHomeUrl,
username: params.input.username,
authType: discovery.authType ?? null,
});
try {
await this.syncAccountCalendars(account.id);
} catch (error) {
if (error instanceof CalendarProviderRequestError) {
await this.models.calendarAccount.updateStatus(
account.id,
'invalid',
error.message
);
}
throw error;
}
return account;
}
async syncAccountCalendars(accountId: string) {
const account = await this.models.calendarAccount.get(accountId);
if (!account) {
@@ -177,7 +266,10 @@ export class CalendarService {
return;
}
const calendars = await provider.listCalendars(accessToken);
const calendars = await provider.listCalendars({
accessToken,
account,
});
const upserted = [];
for (const calendar of calendars) {
upserted.push(
@@ -245,6 +337,7 @@ export class CalendarService {
subscriptionId: subscription.id,
calendarId: subscription.externalCalendarId,
accessToken,
account,
syncToken: shouldUseSyncToken
? (subscription.syncToken ?? undefined)
: undefined,
@@ -264,6 +357,7 @@ export class CalendarService {
subscriptionId: subscription.id,
calendarId: subscription.externalCalendarId,
accessToken,
account,
timeMin,
timeMax,
subscriptionTimezone: subscription.timezone ?? undefined,
@@ -410,7 +504,21 @@ export class CalendarService {
}
isProviderAvailable(provider: CalendarProviderName) {
return !!this.providerFactory.get(provider);
return this.isProviderAvailableFor(provider);
}
isProviderAvailableFor(
provider: CalendarProviderName,
options?: { oauth?: boolean }
) {
const instance = this.providerFactory.get(provider);
if (!instance) {
return false;
}
if (options?.oauth) {
return instance.supportsOAuth;
}
return true;
}
getAuthUrl(
@@ -418,7 +526,14 @@ export class CalendarService {
state: string,
redirectUri: string
) {
return this.requireProvider(provider).getAuthUrl(state, redirectUri);
const instance = this.requireProvider(provider);
if (!instance.supportsOAuth) {
throw new GraphqlBadRequest({
code: 'calendar_provider_oauth_unsupported',
message: 'Selected calendar provider does not support OAuth.',
});
}
return instance.getAuthUrl(state, redirectUri);
}
private async syncWithProvider(params: {
@@ -426,6 +541,7 @@ export class CalendarService {
subscriptionId: string;
calendarId: string;
accessToken: string;
account: CalendarAccount;
syncToken?: string;
timeMin?: string;
timeMax?: string;
@@ -434,6 +550,7 @@ export class CalendarService {
const response = await params.provider.listEvents({
accessToken: params.accessToken,
calendarId: params.calendarId,
account: params.account,
syncToken: params.syncToken,
timeMin: params.timeMin,
timeMax: params.timeMax,
@@ -632,7 +749,8 @@ export class CalendarService {
private isTokenInvalidError(error: unknown) {
if (error instanceof CalendarProviderRequestError) {
if (error.status === 401) {
const status = error.data?.status ?? error.status;
if (status === 401) {
return true;
}
return error.message.includes('invalid_grant');

30
packages/backend/server/src/plugins/calendar/types.ts
View File

@@ -76,6 +76,21 @@ export class CalendarSubscriptionObjectType {
lastSyncAt?: Date | null;
}
@ObjectType()
export class CalendarCalDAVProviderPresetObjectType {
@Field()
id!: string;
@Field()
label!: string;
@Field(() => Boolean, { nullable: true })
requiresAppPassword?: boolean | null;
@Field(() => String, { nullable: true })
docsUrl?: string | null;
}
@ObjectType()
export class WorkspaceCalendarItemObjectType {
@Field()
@@ -186,3 +201,18 @@ export class LinkCalendarAccountInput {
@Field(() => String, { nullable: true })
redirectUri?: string | null;
}
@InputType()
export class LinkCalDAVAccountInput {
@Field()
providerPresetId!: string;
@Field()
username!: string;
@Field()
password!: string;
@Field(() => String, { nullable: true })
displayName?: string | null;
}

16
packages/backend/server/src/schema.gql
View File

@@ -206,6 +206,13 @@ type CalendarAccountObjectType {
updatedAt: DateTime!
}
type CalendarCalDAVProviderPresetObjectType {
docsUrl: String
id: String!
label: String!
requiresAppPassword: Boolean
}
type CalendarEventObjectType {
allDay: Boolean!
description: String
@@ -1274,6 +1281,13 @@ type LimitedUserType {
hasPassword: Boolean
}
input LinkCalDAVAccountInput {
displayName: String
password: String!
providerPresetId: String!
username: String!
}
input LinkCalendarAccountInput {
provider: CalendarProviderType!
redirectUri: String
@@ -1462,6 +1476,7 @@ type Mutation {
installLicense(license: Upload!, workspaceId: String!): License!
inviteMembers(emails: [String!]!, workspaceId: String!): [InviteResult!]!
leaveWorkspace(sendLeaveMail: Boolean @deprecated(reason: "no used anymore"), workspaceId: String!, workspaceName: String @deprecated(reason: "no longer used")): Boolean!
linkCalDAVAccount(input: LinkCalDAVAccountInput!): CalendarAccountObjectType!
linkCalendarAccount(input: LinkCalendarAccountInput!): String!
"""mention user in a doc"""
@@ -2039,6 +2054,7 @@ type ServerConfigType {
"""server base url"""
baseUrl: String!
calendarCalDAVProviders: [CalendarCalDAVProviderPresetObjectType!]!
calendarProviders: [CalendarProviderType!]!
"""credentials requirement"""