Commit 06a8b9a
feat: Artist TikTok Connections via Composio (#170)
* feat: [US-002] Create Supabase functions for artist_composio_connections
- Add artist_composio_connections type to database.types.ts
- Create selectArtistComposioConnection.ts (single lookup by artist+toolkit)
- Create selectArtistComposioConnections.ts (all connections for artist)
- Create insertArtistComposioConnection.ts (upsert on unique constraint)
- Create deleteArtistComposioConnection.ts (delete by id)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: [US-003] Create GET /api/artist-connectors endpoint
- Add ALLOWED_ARTIST_CONNECTORS constant with 'tiktok' as first connector
- Create checkAccountArtistAccess function in Recoup-API (migrated from Recoup-Chat)
- Create getArtistConnectors function to return connector status for artists
- Create GET /api/artist-connectors endpoint with:
- Bearer token and API key auth via validateAuthContext
- Artist access validation via checkAccountArtistAccess
- Returns list of allowed connectors with connection status
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: [US-004] Create POST /api/artist-connectors/authorize endpoint
- Add validateAuthorizeArtistConnectorBody.ts with Zod schema for request validation
- Add authorizeArtistConnector.ts to generate OAuth URLs via Composio
- Add POST /api/artist-connectors/authorize route with auth and access control
- Callback URL redirects to /chat?artist_connected={artistId}&toolkit={slug}
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: [US-005] Add DELETE /api/artist-connectors endpoint
- Add DELETE handler to disconnect an artist's connector from Composio
- Create validateDisconnectArtistConnectorBody.ts with Zod schema
- Create verifyArtistConnectorOwnership.ts to check connection ownership
- Create disconnectArtistConnector.ts to remove from Composio and DB
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: [US-006] Add artist-connectors callback URL destination
- Add 'artist-connectors' to CallbackDestination type in getCallbackUrl.ts
- Add artistId and toolkit to CallbackOptions interface
- Handle artist-connectors destination returning /chat?artist_connected={artistId}&toolkit={toolkit}
- Update authorizeArtistConnector.ts to use getCallbackUrl instead of local function
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: [US-007] Add TikTok to enabled toolkits
Add 'tiktok' to the ENABLED_TOOLKITS array so TikTok tools are available
in Tool Router sessions, enabling the LLM to access TikTok data.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: [US-008] Modify createSession to accept connectedAccounts
- Add artistConnections parameter to createToolRouterSession (Record<string, string> | undefined)
- Pass connectedAccounts option to composio.create() call
- Update getComposioTools to accept and pass artistConnections parameter
- Add JSDoc documentation for the new parameter
This enables artist-specific Composio connections to be used when creating
Tool Router sessions, allowing the LLM to use the correct TikTok account
for the selected artist.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: [US-009] Wire up artistId in chat tool setup
- Modified getComposioTools to accept artistId parameter
- If artistId provided, fetches artist_composio_connections from DB
- Transforms connections to Record<string, string> format
- Passes artistConnections to createToolRouterSession
- Modified setupToolsForRequest to extract artistId from body
- Passes artistId through to getComposioTools
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: [US-014] Handle OAuth callback with complete endpoint
Add POST /api/artist-connectors/complete endpoint to finalize OAuth flow:
- Query Composio for the user's connected account after OAuth redirect
- Store the connection mapping in artist_composio_connections table
- Add Zod validation for request body (artist_id, toolkit_slug)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor: use artistId as Composio entity for artist connections
- Remove artist_composio_connections table and related code
- Remove /complete endpoint (no longer needed)
- Use artistId directly as Composio entity when connecting
- Query Composio at chat time for artist connections
- Pass connections to user session via connectedAccounts
Composio is now the source of truth for artist connections.
* fix: resolve TypeScript errors with readonly array types
* refactor: DRY up composio connectors - unified authorizeConnector, getConnectors, disconnectConnector
* refactor: unify /api/connectors with entity_type support, delete /api/artist-connectors
* refactor: address code review - SRP handlers, unified validators, tests, file rename
* docs: add API route patterns and reviewer principles to CLAUDE.md
- Add TDD to code principles
- Document thin route files pattern (follow /api/pulses)
- Document handler functions pattern
- Document combined request validators (validateXxxRequest)
- Add DRY guidance for entity types (use options, not duplicate files)
- Add file naming convention (name after function, not constant)
- Add testing requirements for API changes
* fix: update setupToolsForRequest test for new artistId parameter
- Merge test branch to sync with base
- Update test to expect (accountId, artistId, roomId) signature
- Add test case for when artistId is provided
* refactor: extract getArtistConnectionsFromComposio to own file (SRP)
* refactor: rename createSession.ts to createToolRouterSession.ts
* test: add unit tests for composio toolRouter changes
* test: add comprehensive unit tests for all changed files
Added tests for:
- Handlers: authorizeConnectorHandler, disconnectConnectorHandler, getConnectorsHandler
- Validators: validateGetConnectorsQuery, validateAuthorizeConnectorBody, validateDisconnectConnectorBody, validateCreateChatBody
- Core functions: authorizeConnector, disconnectConnector, getConnectors, isAllowedArtistConnector
- Utilities: getCallbackUrl, checkAccountArtistAccess, createNewRoom, createToolRouterSession
Total: 120 tests passing
* fix: revert validateCreateChatBody.test.ts to original (no changes needed)
* refactor: remove entity_type, use entity_id presence for connection type
- Remove entity_type parameter from API (authorize, disconnect, get connectors)
- Infer isEntityConnection from entity_id presence instead
- Update callback URLs: entity connections → /chat?artist_connected=...
- Rename 'user' → 'account' in tests for consistency
- All 892 tests pass
* fix: remove unrelated changes, keep only composio feature
Reverted all non-composio files to main:
- Removed createNewRoom.test.ts (unrelated)
- Removed evals.yml (unrelated)
- Restored all lib/chat, lib/chats, lib/sandbox, lib/tasks, lib/trigger files
- Restored package.json, pnpm-lock.yaml, types/database.types.ts
PR now contains only:
- lib/composio/* (connectors + toolRouter)
- app/api/connectors/*
- lib/supabase/account_artist_ids/*
* fix: remove entity_type from JSDoc comments in route files
* fix: replace 'user' with 'account' in all composio JSDoc comments
* refactor: use validateAuthContext instead of validateAccountIdHeaders
Updated all connector validation files to use validateAuthContext()
for consistent auth handling across the codebase:
- validateAuthorizeConnectorRequest.ts
- validateDisconnectConnectorRequest.ts
- validateGetConnectorsRequest.ts
- Updated corresponding test files
validateAuthContext supports both x-api-key and Bearer token auth,
plus account_id override and organization access validation.
* fix: restore artistId wiring and add access check in getComposioTools
- Restored artistId parameter in setupToolsForRequest (accidentally reverted)
- Added checkAccountArtistAccess() before fetching artist connections
- If access denied, silently skips artist connections (no throw)
- Updated tests for both setupToolsForRequest and getComposioTools
* refactor: remove entity-connectors callback URL logic (deferred to separate PR)
* refactor: rename entity_id to account_id in connectors API
* feat: broaden account_id access to support self, artist, workspace, and org entities
- Create checkAccountAccess in lib/auth for unified access check
- Create checkAccountWorkspaceAccess in supabase lib
- Move artist connector restriction from body validator to request validator
- Add message field to disconnect response
- Update all tests for broadened access patterns
* docs: add terminology and flat response shape rules to CLAUDE.md
* refactor: move connector restrictions from API to tool router level
- API is now unopinionated: any account can connect any service
- Tool router handles collision prevention in createToolRouterSession
- Account connections always win over artist connections (no duplicates)
- Remove allowedToolkits from GET/authorize validation
- Update tests for new architecture
* refactor: move POST /api/connectors/authorize to POST /api/connectors
Consolidates the authorize endpoint into the main connectors route
to match the updated API docs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: extract standalone supabase queries from checkAccountArtistAccess
SRP: each query is now its own file with dedicated tests:
- selectAccountArtistId (account_artist_ids)
- selectArtistOrganizationIds (artist_organization_ids)
- selectAccountOrganizationIds (account_organization_ids)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: extract selectAccountWorkspaceId from checkAccountWorkspaceAccess
SRP: standalone supabase query with dedicated tests.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: rename entityId to accountId across all connector code
Use "account" terminology consistently per codebase conventions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: remove unused allowedToolkits filtering from getConnectors
No caller uses this option — YAGNI.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: correct misleading docstring in validateDisconnectConnectorBody
The comment claimed ownership verification that the function doesn't do.
Updated to reflect it only validates request shape.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: move checkAccountArtistAccess to lib/artists/
Not a direct Supabase query — it aggregates supabase calls, so it
belongs in the domain layer.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: delete checkAccountWorkspaceAccess wrapper, use selectAccountWorkspaceId directly
YAGNI — the wrapper was just !!data. The sole consumer now calls
the supabase query directly.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: filter artist connections locally after allowedToolkits removal
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: add missing_fields to connector validation error responses
Adds custom Zod messages and missing_fields/status fields to error
responses for both POST and DELETE /api/connectors validation, matching
the standard pattern used across other API endpoints.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Sweets Sweetman <sweetmantech@gmail.com>1 parent 322cc70 commit 06a8b9a
File tree
52 files changed
+2935
-224
lines changed- app/api/connectors
- authorize
- lib
- artists
- __tests__
- auth
- chat
- __tests__
- composio
- connectors
- __tests__
- toolRouter
- __tests__
- supabase
- account_artist_ids
- __tests__
- account_organization_ids
- __tests__
- account_workspace_ids
- __tests__
- artist_organization_ids
- __tests__
Some content is hidden
Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
52 files changed
+2935
-224
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
144 | 144 | | |
145 | 145 | | |
146 | 146 | | |
| 147 | + | |
| 148 | + | |
| 149 | + | |
| 150 | + | |
| 151 | + | |
| 152 | + | |
| 153 | + | |
| 154 | + | |
| 155 | + | |
| 156 | + | |
| 157 | + | |
| 158 | + | |
| 159 | + | |
| 160 | + | |
| 161 | + | |
| 162 | + | |
| 163 | + | |
| 164 | + | |
| 165 | + | |
147 | 166 | | |
148 | 167 | | |
149 | 168 | | |
| |||
This file was deleted.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | 3 | | |
4 | | - | |
5 | | - | |
6 | | - | |
7 | | - | |
8 | | - | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
9 | 7 | | |
10 | 8 | | |
11 | 9 | | |
| |||
20 | 18 | | |
21 | 19 | | |
22 | 20 | | |
23 | | - | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
24 | 25 | | |
25 | 26 | | |
26 | 27 | | |
| 28 | + | |
27 | 29 | | |
28 | 30 | | |
29 | | - | |
30 | | - | |
31 | | - | |
32 | | - | |
33 | | - | |
34 | | - | |
35 | | - | |
36 | | - | |
37 | | - | |
38 | | - | |
39 | | - | |
40 | | - | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
41 | 34 | | |
42 | | - | |
43 | | - | |
44 | | - | |
45 | | - | |
46 | | - | |
47 | | - | |
48 | | - | |
49 | | - | |
50 | | - | |
51 | | - | |
52 | | - | |
53 | | - | |
54 | | - | |
55 | | - | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
56 | 52 | | |
57 | 53 | | |
58 | 54 | | |
59 | 55 | | |
60 | 56 | | |
61 | 57 | | |
62 | 58 | | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
63 | 63 | | |
64 | 64 | | |
65 | | - | |
| 65 | + | |
66 | 66 | | |
67 | | - | |
68 | | - | |
69 | | - | |
70 | | - | |
71 | | - | |
72 | | - | |
73 | | - | |
74 | | - | |
75 | | - | |
76 | | - | |
77 | | - | |
78 | | - | |
79 | | - | |
80 | | - | |
81 | | - | |
82 | | - | |
83 | | - | |
84 | | - | |
85 | | - | |
86 | | - | |
87 | | - | |
88 | | - | |
89 | | - | |
90 | | - | |
91 | | - | |
92 | | - | |
93 | | - | |
94 | | - | |
95 | | - | |
96 | | - | |
97 | | - | |
98 | | - | |
99 | | - | |
100 | | - | |
101 | | - | |
102 | | - | |
103 | | - | |
104 | | - | |
105 | | - | |
106 | | - | |
107 | | - | |
108 | | - | |
| 67 | + | |
| 68 | + | |
109 | 69 | | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
| 58 | + | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
| 63 | + | |
| 64 | + | |
| 65 | + | |
| 66 | + | |
| 67 | + | |
| 68 | + | |
| 69 | + | |
| 70 | + | |
| 71 | + | |
| 72 | + | |
| 73 | + | |
| 74 | + | |
| 75 | + | |
| 76 | + | |
| 77 | + | |
| 78 | + | |
| 79 | + | |
| 80 | + | |
| 81 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
0 commit comments