TheDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/DavidCevallos15/inforario-IA-null/llms.txt
Use this file to discover all available pages before exploring further.
google-calendar-sync function is a Deno Edge Function deployed on Supabase. It reads a signed-in user’s Google OAuth2 tokens from the user_calendar_tokens database table, automatically refreshes the access token if it is about to expire, and then creates the supplied events in the user’s Google Calendar. All token management — including persisting refreshed tokens back to the database — happens inside the function; the calling client never handles OAuth credentials directly.
The function is implemented using serve from deno.land/std@0.224.0/http/server.ts, not the newer Deno.serve global.
Endpoint
POST requests only. OPTIONS preflight requests are answered immediately with the shared CORS headers and a 200 ok body.
CORS headers
All responses (includingOPTIONS preflight) include the following headers defined in _shared/cors.ts:
| Header | Value |
|---|---|
Access-Control-Allow-Origin | * |
Access-Control-Allow-Headers | authorization, x-client-info, apikey, content-type |
Access-Control-Allow-Methods | POST, GET, OPTIONS, PUT, DELETE |
Authentication
This endpoint requires a Supabase user JWT — not the anon key. The token must belong to an authenticated user whose session was obtained viasupabase.auth.signIn*. The function calls supabase.auth.getUser() to verify the token server-side and resolve the caller’s user_id.
Passing the anon key in the
Authorization header will cause supabase.auth.getUser() to return no user, and the function will respond with 401 Usuario no autenticado.Request
Headers
| Header | Required | Value |
|---|---|---|
Authorization | ✅ | Bearer <supabase-user-jwt> |
Content-Type | ✅ | application/json |
Body
Array of one or more event objects to create in Google Calendar. Must contain at least one entry — an empty array returns
400.Google Calendar ID to add the events to. Defaults to
"primary" (the user’s default calendar) when not provided.TypeScript type
Example request
Response
200 — Success
Always
true on a 200 response.Human-readable summary, e.g.
"Se crearon 2 evento(s) en Google Calendar.".Array of objects describing each event that was successfully created in Google Calendar.
Example success response
Error responses
All error responses include asuccess: false field alongside the message field.
| Status | Condition | message value |
|---|---|---|
400 | events array is missing or empty | "Debes enviar al menos un evento." |
400 | No token row found in user_calendar_tokens for the user | "No hay tokens de Google Calendar para este usuario. Conecta Google primero." |
400 | Access token is expired but refresh_token is null | "Tu cuenta no tiene refresh token. Reconecta Google Calendar para continuar." |
401 | Authorization header is absent | "Falta el token de autenticación." |
401 | JWT is present but resolves to no user | "Usuario no autenticado." |
405 | Request method is not POST | "Método no permitido." |
500 | SUPABASE_URL or SUPABASE_ANON_KEY not set | "Faltan variables SUPABASE_URL o SUPABASE_ANON_KEY." |
500 | GOOGLE_CLIENT_ID or GOOGLE_CLIENT_SECRET not set | "Faltan secretos GOOGLE_CLIENT_ID o GOOGLE_CLIENT_SECRET." |
500 | Token DB update failed after a mid-flight refresh | "No se pudo guardar el token refrescado después de un 401." |
500 | Unexpected runtime error | "<error message>" |
502+ | Google Calendar API returned a non-OK status | Forwarded Google error message |
Environment variables
The base URL of your Supabase project (e.g.,
https://xxxx.supabase.co). Used to initialise the Supabase client that verifies the user JWT and reads/writes token rows.The public anon key of your Supabase project. Combined with the user-supplied JWT via the
Authorization header to create an RLS-aware Supabase client.OAuth2 client ID from Google Cloud Console. Required to refresh expired access tokens.
OAuth2 client secret from Google Cloud Console. Required to refresh expired access tokens.
Token refresh logic
The function checks whether the stored access token needs refreshing before it attempts to create any calendar events. The check uses a 60-second safety margin (REFRESH_MARGIN_MS = 60 * 1000 ms): if the stored expiry_date is within 60 seconds of the current time — or is null, missing, or unparseable — the token is considered expired and is refreshed proactively.
The token refresh endpoint used is https://oauth2.googleapis.com/token and the Google Calendar API base URL is https://www.googleapis.com/calendar/v3.
Pre-flight refresh flow:
401 or 403 during event insertion (e.g., the token was silently invalidated between the pre-flight check and the API call), and a refresh_token is available, the function performs a second full refresh, updates the user_calendar_tokens row in the database, and retries the failing event once. If the retry also fails, the error is propagated and the entire request returns 500.
If Google issues a new
refresh_token during either refresh cycle (uncommon but possible when access_type=offline is set without prompt=consent), the new value replaces the old one in user_calendar_tokens. If Google does not return a new refresh_token, the existing stored value is preserved.Database table: user_calendar_tokens
The function reads from and writes to a single Supabase table. The Supabase client is created with the user’s JWT in the Authorization header so that RLS policies apply automatically.
| Column | Type | Description |
|---|---|---|
user_id | uuid | Foreign key to the Supabase auth.users table. Used as the lookup key. |
access_token | text | Current Google OAuth2 access token. |
refresh_token | text? | Google OAuth2 refresh token. May be null if the OAuth flow did not return one. |
expiry_date | text? | ISO 8601 datetime string representing when access_token expires. |