feat(connectors): allow skipping OAuth with Esc key (#217)

* feat(connectors): add OAuth connector resource schemas and file parsing

Add connector resource module supporting 12 OAuth providers:
googlecalendar, googledrive, gmail, googlesheets, googledocs,
googleslides, slack, notion, salesforce, hubspot, linkedin, tiktok.

- Zod discriminated union schema with type discriminator per provider
- JSDoc links to official OAuth scope documentation for each provider
- JSONC file reading with validation (filename must match type field)
- API response schemas for upstream connector state
- Unit tests with fixtures for valid, invalid, and mismatched connectors

Part of: #184

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* feat(connectors): implement push logic for syncing connectors (#191)

* feat(connectors): implement push logic for syncing connectors

Add pushConnectors function that:
- Syncs all local connectors via /sync endpoint
- Removes upstream-only connectors not in local config
- Returns typed results (synced, removed, needs_oauth, error)

Includes unit tests covering all scenarios.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* feat(connectors): add OAuth flow handling with browser redirect and polling (#192)

* feat(connectors): add OAuth flow handling with browser redirect and polling

Add runOAuthFlow function that:
- Opens OAuth redirect URL in browser
- Polls getOAuthStatus until ACTIVE or FAILED
- Returns PENDING on timeout (5 minutes)

Uses p-wait-for TimeoutError for robust timeout detection.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* connectors: base44 connectors push (#194)

* final connector work sofi 1

* scopes

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

* feat(connectors): support arbitrary OAuth providers

Change provider field from closed enum to flexible union that accepts both
known providers (googlecalendar, notion, slack, etc.) and any arbitrary
provider string. This enables users to configure custom OAuth providers
without waiting for first-class Base44 support.

Schema changes:
- Add GenericConnectorSchema for arbitrary provider types
- Update ConnectorResourceSchema to union of specific + generic schemas
- Update IntegrationTypeSchema to accept known enum OR any non-empty string
- Only reject empty strings

Test coverage:
- Verify known providers continue to work
- Verify arbitrary providers are accepted
- Verify empty strings are rejected
- All 137 tests passing

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* review fixes

* feat(connectors): allow skipping OAuth authorization with Esc key

Override process.exit temporarily during the spinner to intercept
Ctrl+C/Escape (which clack's block() converts to process.exit(0)),
letting users skip individual connector authorizations instead of
killing the entire process. Adds SKIPPED status to the summary.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix

* lint

* review fixes: add process.exit override comment, use try/catch/finally

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

Author: Paveltarno

src/cli/commands/connectors/push.ts

@@ -1,4 +1,4 @@
-import { confirm, isCancel, log } from "@clack/prompts";
+import { confirm, isCancel, log, spinner } from "@clack/prompts";
 import { Command } from "commander";
 import open from "open";
 import pWaitFor, { TimeoutError } from "p-wait-for";
@@ -14,6 +14,86 @@ import {
   pushConnectors,
 } from "@/core/resources/connector/index.js";
 
+const POLL_INTERVAL_MS = 2000;
+const POLL_TIMEOUT_MS = 2 * 60 * 1000; // 2 minutes
+
+interface OAuthFlowParams {
+  type: IntegrationType;
+  redirectUrl: string;
+  connectionId: string;
+}
+
+type OAuthFlowStatus = ConnectorOAuthStatus | "SKIPPED";
+
+interface OAuthFlowResult {
+  type: IntegrationType;
+  status: OAuthFlowStatus;
+}
+
+/**
+ * Clack's block() puts stdin in raw mode where Ctrl+C calls process.exit(0)
+ * directly instead of emitting SIGINT. We override process.exit temporarily
+ * so Ctrl+C skips the current connector instead of killing the process.
+ */
+async function runOAuthFlowWithSkip(
+  params: OAuthFlowParams,
+): Promise<OAuthFlowResult> {
+  await open(params.redirectUrl);
+
+  let finalStatus = "PENDING" as OAuthFlowStatus;
+  let skipped = false;
+
+  const s = spinner();
+
+  // Clack's spinner calls block() which puts stdin in raw mode — Esc/Ctrl+C
+  // calls process.exit(0) directly, bypassing SIGINT. Override to skip instead.
+  const originalExit = process.exit;
+  process.exit = (() => {
+    skipped = true;
+    s.stop(`${params.type} skipped`);
+  }) as unknown as typeof process.exit;
+
+  s.start(`Waiting for ${params.type} authorization... (Esc to skip)`);
+
+  try {
+    await pWaitFor(
+      async () => {
+        if (skipped) {
+          finalStatus = "SKIPPED";
+          return true;
+        }
+        const response = await getOAuthStatus(params.type, params.connectionId);
+        finalStatus = response.status;
+        return response.status !== "PENDING";
+      },
+      {
+        interval: POLL_INTERVAL_MS,
+        timeout: POLL_TIMEOUT_MS,
+      },
+    );
+  } catch (err) {
+    if (err instanceof TimeoutError) {
+      finalStatus = "PENDING";
+    } else {
+      throw err;
+    }
+  } finally {
+    process.exit = originalExit;
+
+    if (!skipped) {
+      if (finalStatus === "ACTIVE") {
+        s.stop(`${params.type} authorization complete`);
+      } else if (finalStatus === "FAILED") {
+        s.stop(`${params.type} authorization failed`);
+      } else {
+        s.stop(`${params.type} authorization timed out`);
+      }
+    }
+  }
+
+  return { type: params.type, status: finalStatus };
+}
+
 type PendingOAuthResult = ConnectorSyncResult & {
   redirectUrl: string;
   connectionId: string;
@@ -25,11 +105,12 @@ function isPendingOAuth(r: ConnectorSyncResult): r is PendingOAuthResult {
 
 function printSummary(
   results: ConnectorSyncResult[],
-  oauthOutcomes: Map<IntegrationType, ConnectorOAuthStatus>,
+  oauthOutcomes: Map<IntegrationType, OAuthFlowStatus>,
 ): void {
   const synced: IntegrationType[] = [];
   const added: IntegrationType[] = [];
   const removed: IntegrationType[] = [];
+  const skipped: IntegrationType[] = [];
   const failed: { type: IntegrationType; error?: string }[] = [];
 
   for (const r of results) {
@@ -44,6 +125,8 @@ function printSummary(
     } else if (r.action === "needs_oauth") {
       if (oauthStatus === "ACTIVE") {
         added.push(r.type);
+      } else if (oauthStatus === "SKIPPED") {
+        skipped.push(r.type);
       } else if (oauthStatus === "PENDING") {
         failed.push({ type: r.type, error: "authorization timed out" });
       } else if (oauthStatus === "FAILED") {
@@ -66,6 +149,9 @@ function printSummary(
   if (removed.length > 0) {
     log.info(theme.styles.dim(`Removed: ${removed.join(", ")}`));
   }
+  if (skipped.length > 0) {
+    log.warn(`Skipped: ${skipped.join(", ")}`);
+  }
   for (const r of failed) {
     log.error(`Failed: ${r.type}${r.error ? ` - ${r.error}` : ""}`);
   }
@@ -92,7 +178,7 @@ async function pushConnectorsAction(): Promise<RunCommandResult> {
     },
   );
 
-  const oauthOutcomes = new Map<IntegrationType, ConnectorOAuthStatus>();
+  const oauthOutcomes = new Map<IntegrationType, OAuthFlowStatus>();
   const needsOAuth = results.filter(isPendingOAuth);
   let outroMessage = "Connectors pushed to Base44";
 
@@ -125,41 +211,14 @@ async function pushConnectorsAction(): Promise<RunCommandResult> {
       for (const connector of needsOAuth) {
         try {
           log.info(`\nOpening browser for '${connector.type}'...`);
-          await open(connector.redirectUrl);
-
-          let finalStatus: ConnectorOAuthStatus = "PENDING";
-
-          await runTask(
-            `Waiting for '${connector.type}' authorization...`,
-            async () => {
-              await pWaitFor(
-                async () => {
-                  const response = await getOAuthStatus(
-                    connector.type,
-                    connector.connectionId,
-                  );
-                  finalStatus = response.status;
-                  return response.status !== "PENDING";
-                },
-                {
-                  interval: 2000,
-                  timeout: 2 * 60 * 1000,
-                },
-              );
-            },
-            {
-              successMessage: `'${connector.type}' authorization complete`,
-              errorMessage: `'${connector.type}' authorization failed`,
-            },
-          ).catch((err) => {
-            if (err instanceof TimeoutError) {
-              finalStatus = "PENDING";
-            } else {
-              throw err;
-            }
+
+          const oauthResult = await runOAuthFlowWithSkip({
+            type: connector.type,
+            redirectUrl: connector.redirectUrl,
+            connectionId: connector.connectionId,
           });
 
-          oauthOutcomes.set(connector.type, finalStatus);
+          oauthOutcomes.set(connector.type, oauthResult.status);
         } catch (err) {
           log.error(
             `Failed to authorize '${connector.type}': ${err instanceof Error ? err.message : String(err)}`,