TW-5785: fix Nylas v3 request shapes + add Scheduler session-token auth#118
Merged
Conversation
Corrects CLI request shapes that hit wrong Nylas v3 endpoints or sent invalid
payloads, and adds the Scheduler session-token auth flow that booking commands
require. Verified against the v3 spec; make ci-full green.
Admin / credentials:
- Fix connector credential URL: /connectors/{provider}/credentials -> /creds
- Connector-scope credential ops; auto-detect the sole connector, validate an
explicit provider against the v3 allow-list, reject the deprecated `inbox`
provider (by name and by legacy connector ID)
- Correct credential --type to the spec enum (connector); require the provider
OAuth app --client-id/--client-secret (spec-required credential_data)
- Trim ConnectorCredential to the fields the v3 CredentialObject returns
(id/name/created_at/updated_at)
- Offset-paginate credential lists so they no longer truncate at the default 10
- Deduplicate connector resolution into domain.ResolveConnectorProvider
Scheduler:
- Booking endpoints authenticate with a session token minted from a now-required
--configuration-id (the API key is not accepted on these endpoints); reworked
GetBooking/ConfirmBooking/RescheduleBooking/CancelBooking + session-token
bearer plumbing in the HTTP client
- Fix reschedule URL (bare PATCH /scheduling/bookings/{id}); read the booking
back with the requested times overlaid (the booking model carries no times)
- Confirm requires salt+status; handle the cancelled no-data envelope
- Cancel sends cancellation_reason in the DELETE body
- Grant-scope configuration endpoints; cursor-paginate the configuration list
- Fix session TTL tag (ttl -> time_to_live)
- Deprecated no-op shims: confirm --reason, reschedule --timezone/--reason
JSON-RPC handlers, mocks/demo adapters, unit/integration tests, and command docs
updated to match.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes several CLI request shapes that hit the wrong Nylas v3 endpoints or sent invalid payloads, and adds the Scheduler session-token auth flow that booking commands require. Every change was verified against the Nylas v3 spec, and
make ci-full(fmt/vet/lint/unit/race/security/vuln/build + the full live-API integration suite) passes.scheduler bookings show|confirm|reschedule|cancelnow require--configuration-id. These endpoints are authorized by a Scheduler session token, not the application API key; the CLI now mints a session from the configuration and uses it as the bearer. Old invocations error withrequired flag(s) "configuration-id" not set.scheduler bookings confirm:--saltis now required (from the booking reference — organizer link, cancel/reschedule URL, or a Scheduler webhook).--reasonis a deprecated no-op.admin credentials create:--typeno longer acceptsoauth/service_account(never valid v3 values) — useconnector.--client-id/--client-secretare now required; these are the provider's OAuth app credentials (e.g. your Google Cloud / Azure app), not your Nylas app's — they populate the spec-requiredcredential_data.admin credentials list/show/createJSON output no longer includesconnector_id/credential_type/credential_data— the v3CredentialObjectreturns onlyid,name,created_at,updated_at.admin credentials create:--connector-idis deprecated (use--connector); passing both is now an error.What changed
Admin / credentials
…/credentials→…/creds; credential ops are connector-scoped (auto-detect the sole connector; validate an explicit provider against the v3 allow-list; reject the deprecatedinboxprovider by name and legacy ID)ConnectorCredentialto the fields the API actually returnsdomain.ResolveConnectorProviderScheduler
configurationIDand mint a sessionPATCH /scheduling/bookings/{id}; the booking is read back with the requested times overlaid (the booking model carries no times)salt+statusand handles the cancelled no-data envelope; cancel sendscancellation_reasonin the DELETE bodyttl→time_to_live)--reason, reschedule--timezone/--reasonJSON-RPC handlers, mock/demo adapters, unit + integration tests, and command docs updated to match.
Testing
make ci-full— exit 0 (all quality gates + full live-API integration suite + cleanup)[]-not-null), booking session-token flow, and the deprecated-flag shimsRelated docs
CLI command reference:
Nylas v3 API: