feat: add BigBlueButton video integration

packages/app-store/apps.keys-schemas.generated.ts

@@ -4,6 +4,7 @@
 **/
 import { appKeysSchema as alby_zod_ts } from "./alby/zod";
 import { appKeysSchema as basecamp3_zod_ts } from "./basecamp3/zod";
+import { appKeysSchema as bigbluebutton_zod_ts } from "./bigbluebutton/zod";
 import { appKeysSchema as btcpayserver_zod_ts } from "./btcpayserver/zod";
 import { appKeysSchema as closecom_zod_ts } from "./closecom/zod";
 import { appKeysSchema as dailyvideo_zod_ts } from "./dailyvideo/zod";
@@ -55,6 +56,7 @@ import { appKeysSchema as zoomvideo_zod_ts } from "./zoomvideo/zod";
 export const appKeysSchemas = {
   alby: alby_zod_ts,
   basecamp3: basecamp3_zod_ts,
+  bigbluebutton: bigbluebutton_zod_ts,
   btcpayserver: btcpayserver_zod_ts,
   closecom: closecom_zod_ts,
   dailyvideo: dailyvideo_zod_ts,

packages/app-store/apps.metadata.generated.ts

@@ -9,6 +9,7 @@ import attio_config_json from "./attio/config.json";
 import autocheckin_config_json from "./autocheckin/config.json";
 import baa_for_hipaa_config_json from "./baa-for-hipaa/config.json";
 import basecamp3_config_json from "./basecamp3/config.json";
+import { metadata as bigbluebutton__metadata_ts } from "./bigbluebutton/_metadata";
 import bolna_config_json from "./bolna/config.json";
 import btcpayserver_config_json from "./btcpayserver/config.json";
 import { metadata as caldavcalendar__metadata_ts } from "./caldavcalendar/_metadata";
@@ -121,6 +122,7 @@ export const appStoreMetadata = {
   autocheckin: autocheckin_config_json,
   "baa-for-hipaa": baa_for_hipaa_config_json,
   basecamp3: basecamp3_config_json,
+  bigbluebutton: bigbluebutton__metadata_ts,
   bolna: bolna_config_json,
   btcpayserver: btcpayserver_config_json,
   caldavcalendar: caldavcalendar__metadata_ts,

packages/app-store/apps.schemas.generated.ts

@@ -4,6 +4,7 @@
 **/
 import { appDataSchema as alby_zod_ts } from "./alby/zod";
 import { appDataSchema as basecamp3_zod_ts } from "./basecamp3/zod";
+import { appDataSchema as bigbluebutton_zod_ts } from "./bigbluebutton/zod";
 import { appDataSchema as btcpayserver_zod_ts } from "./btcpayserver/zod";
 import { appDataSchema as closecom_zod_ts } from "./closecom/zod";
 import { appDataSchema as dailyvideo_zod_ts } from "./dailyvideo/zod";
@@ -55,6 +56,7 @@ import { appDataSchema as zoomvideo_zod_ts } from "./zoomvideo/zod";
 export const appDataSchemas = {
   alby: alby_zod_ts,
   basecamp3: basecamp3_zod_ts,
+  bigbluebutton: bigbluebutton_zod_ts,
   btcpayserver: btcpayserver_zod_ts,
   closecom: closecom_zod_ts,
   dailyvideo: dailyvideo_zod_ts,

packages/app-store/apps.server.generated.ts

@@ -7,6 +7,7 @@ export const apiHandlers = {
   applecalendar: import("./applecalendar/api"),
   attio: import("./attio/api"),
   basecamp3: import("./basecamp3/api"),
+  bigbluebutton: import("./bigbluebutton/api"),
   btcpayserver: import("./btcpayserver/api"),
   caldavcalendar: import("./caldavcalendar/api"),
   campfire: import("./campfire/api"),

packages/app-store/bigbluebutton/DESCRIPTION.md

@@ -0,0 +1,3 @@
+BigBlueButton is an open-source web conferencing system built for online learning and webinars.
+
+This integration lets Cal.com create a BigBlueButton meeting URL for bookings.

packages/app-store/bigbluebutton/_metadata.ts

@@ -0,0 +1,29 @@
+import type { AppMeta } from "@calcom/types/App";
+
+export const metadata = {
+  name: "BigBlueButton",
+  description: "Open-source video conferencing for online learning and webinars.",
+  installed: true,
+  type: "bigbluebutton_video",
+  variant: "conferencing",
+  categories: ["conferencing"],
+  logo: "icon.svg",
+  publisher: "Cal.diy",
+  url: "https://bigbluebutton.org/",
+  slug: "bigbluebutton",
+  title: "BigBlueButton",
+  isGlobal: false,
+  email: "help@cal.com",
+  appData: {
+    location: {
+      linkType: "dynamic",
+      type: "integrations:bigbluebutton",
+      label: "BigBlueButton",
+    },
+  },
+  dirName: "bigbluebutton",
+  concurrentMeetings: true,
+  isOAuth: false,
+} as AppMeta;
+
+export default metadata;

packages/app-store/bigbluebutton/api/add.ts

@@ -0,0 +1,109 @@
+import { throwIfNotHaveAdminAccessToTeam } from "@calcom/app-store/_utils/throwIfNotHaveAdminAccessToTeam";
+import { ErrorCode } from "@calcom/lib/errorCodes";
+import { ErrorWithCode } from "@calcom/lib/errors";
+import { getServerErrorFromUnknown } from "@calcom/lib/server/getServerErrorFromUnknown";
+import prisma from "@calcom/prisma";
+import type { NextApiRequest, NextApiResponse } from "next";
+import getInstalledAppPath from "../../_utils/getInstalledAppPath";
+
+const getSingleQueryValue = (value: string | string[] | undefined) =>
+  Array.isArray(value) ? value[0] : value;
+
+const getTeamId = (value: string | string[] | undefined) => {
+  const rawTeamId = getSingleQueryValue(value);
+  if (!rawTeamId) {
+    return null;
+  }
+
+  if (!/^\d+$/.test(rawTeamId)) {
+    throw new ErrorWithCode(ErrorCode.BadRequest, "Invalid teamId");
+  }
+
+  return Number(rawTeamId);
+};
+
+const getSafeReturnTo = (value: string | string[] | undefined) => {
+  const returnTo = getSingleQueryValue(value);
+  if (
+    !returnTo ||
+    !returnTo.startsWith("/") ||
+    returnTo.startsWith("//") ||
+    /^[a-z][a-z\d+.-]*:/i.test(returnTo)
+  ) {
+    return getInstalledAppPath({
+      variant: "conferencing",
+      slug: "bigbluebutton",
+    });
+  }
+
+  return returnTo;
+};
+
+export default async function handler(
+  req: NextApiRequest,
+  res: NextApiResponse,
+) {
+  if (!req.session?.user?.id) {
+    return res
+      .status(401)
+      .json({ message: "You must be logged in to do this" });
+  }
+
+  const { teamId, returnTo } = req.query;
+
+  try {
+    const teamIdNumber = getTeamId(teamId);
+
+    await throwIfNotHaveAdminAccessToTeam({
+      teamId: teamIdNumber,
+      userId: req.session.user.id,
+    });
+
+    const installForObject = teamIdNumber
+      ? { teamId: teamIdNumber }
+      : { userId: req.session.user.id };
+    const appType = "bigbluebutton_video";
+
+    const alreadyInstalled = await prisma.credential.findFirst({
+      where: {
+        type: appType,
+        ...installForObject,
+      },
+      select: {
+        id: true,
+      },
+    });
+
+    if (alreadyInstalled) {
+      throw new ErrorWithCode(ErrorCode.BookingConflict, "Already installed");
+    }
+
+    const installation = await prisma.credential.create({
+      data: {
+        type: appType,
+        key: {},
+        ...installForObject,
+        appId: "bigbluebutton",
+      },
+      select: {
+        id: true,
+      },
+    });
+
+    if (!installation) {
+      throw new ErrorWithCode(
+        ErrorCode.InternalServerError,
+        "Unable to create user credential for bigbluebutton",
+      );
+    }
+  } catch (error: unknown) {
+    const httpError = getServerErrorFromUnknown(error);
+    return res
+      .status(httpError.statusCode)
+      .json({ message: httpError.message });
+  }
+
+  return res.status(200).json({
+    url: getSafeReturnTo(returnTo),
+  });
+}

packages/app-store/bigbluebutton/api/index.ts

@@ -0,0 +1 @@
+export { default as add } from "./add";

packages/app-store/bigbluebutton/index.ts

@@ -0,0 +1,3 @@
+export { metadata } from "./_metadata";
+export * as api from "./api";
+export * as lib from "./lib";

packages/app-store/bigbluebutton/lib/VideoApiAdapter.ts

@@ -0,0 +1,156 @@
+import { createHash, randomUUID } from "node:crypto";
+import type { CalendarEvent, EventBusyDate } from "@calcom/types/Calendar";
+import type { PartialReference } from "@calcom/types/EventManager";
+import type {
+  VideoApiAdapter,
+  VideoCallData,
+} from "@calcom/types/VideoApiAdapter";
+import getAppKeysFromSlug from "../../_utils/getAppKeysFromSlug";
+import { metadata } from "../_metadata";
+
+type BigBlueButtonKeys = {
+  bigBlueButtonServerUrl?: string;
+  bigBlueButtonSharedSecret?: string;
+};
+
+const normalizeApiUrl = (serverUrl: string) => {
+  const url = serverUrl.trim().replace(/\/+$/, "");
+  return url.endsWith("/bigbluebutton/api") ? url : `${url}/bigbluebutton/api`;
+};
+
+const checksum = (method: string, query: string, sharedSecret: string) =>
+  createHash("sha1").update(`${method}${query}${sharedSecret}`).digest("hex");
+
+const deriveMeetingPassword = (
+  role: "attendee" | "moderator",
+  meetingID: string,
+  sharedSecret: string,
+) =>
+  createHash("sha256")
+    .update(`${role}:${meetingID}:${sharedSecret}`)
+    .digest("hex")
+    .slice(0, 24);
+
+const buildApiUrl = (
+  apiUrl: string,
+  method: string,
+  params: URLSearchParams,
+  sharedSecret: string,
+) => {
+  const query = params.toString();
+  const signedQuery = new URLSearchParams(params);
+  signedQuery.set("checksum", checksum(method, query, sharedSecret));
+  return `${apiUrl}/${method}?${signedQuery.toString()}`;
+};
+
+const assertSuccessResponse = async (response: Response) => {
+  const body = await response.text();
+
+  if (!response.ok || !body.includes("<returncode>SUCCESS</returncode>")) {
+    throw new Error(`BigBlueButton API request failed: ${body}`);
+  }
+};
+
+const getBigBlueButtonConfig = async () => {
+  const appKeys = (await getAppKeysFromSlug(
+    metadata.slug,
+  )) as BigBlueButtonKeys;
+  const serverUrl = appKeys.bigBlueButtonServerUrl?.trim();
+  const sharedSecret = appKeys.bigBlueButtonSharedSecret?.trim();
+
+  if (!serverUrl || !sharedSecret) {
+    throw new Error("BigBlueButton server URL and shared secret are required");
+  }
+
+  return {
+    apiUrl: normalizeApiUrl(serverUrl),
+    sharedSecret,
+  };
+};
+
+const BigBlueButtonVideoApiAdapter = (): VideoApiAdapter => {
+  return {
+    getAvailability: (): Promise<EventBusyDate[]> => {
+      return Promise.resolve([]);
+    },
+    createMeeting: async (eventData: CalendarEvent): Promise<VideoCallData> => {
+      const { apiUrl, sharedSecret } = await getBigBlueButtonConfig();
+      const meetingID = eventData.uid || randomUUID();
+      const attendeePassword = deriveMeetingPassword(
+        "attendee",
+        meetingID,
+        sharedSecret,
+      );
+      const moderatorPassword = deriveMeetingPassword(
+        "moderator",
+        meetingID,
+        sharedSecret,
+      );
+
+      const createParams = new URLSearchParams({
+        name: eventData.title,
+        meetingID,
+        attendeePW: attendeePassword,
+        moderatorPW: moderatorPassword,
+        record: "false",
+      });
+
+      const createUrl = buildApiUrl(
+        apiUrl,
+        "create",
+        createParams,
+        sharedSecret,
+      );
+      await assertSuccessResponse(await fetch(createUrl));
+
+      const joinParams = new URLSearchParams({
+        fullName: "Guest",
+        meetingID,
+        password: attendeePassword,
+        redirect: "true",
+      });
+
+      return {
+        type: metadata.type,
+        id: meetingID,
+        password: moderatorPassword,
+        url: buildApiUrl(apiUrl, "join", joinParams, sharedSecret),
+      };
+    },
+    deleteMeeting: async (uid: string): Promise<void> => {
+      const { apiUrl, sharedSecret } = await getBigBlueButtonConfig();
+      const moderatorPassword = deriveMeetingPassword(
+        "moderator",
+        uid,
+        sharedSecret,
+      );
+
+      const endParams = new URLSearchParams({
+        meetingID: uid,
+        password: moderatorPassword,
+      });
+
+      await assertSuccessResponse(
+        await fetch(buildApiUrl(apiUrl, "end", endParams, sharedSecret)),
+      );
+    },
+    updateMeeting: (bookingRef: PartialReference): Promise<VideoCallData> => {
+      const { meetingId, meetingPassword, meetingUrl } = bookingRef;
+
+      if (!meetingId || !meetingPassword || !meetingUrl) {
+        throw new Error(
+          "BigBlueButton booking reference is missing meeting data",
+        );
+      }
+
+      return Promise.resolve({
+        type: metadata.type,
+        id: meetingId,
+        password: meetingPassword,
+        url: meetingUrl,
+      });
+    },
+  };
+};
+
+export default BigBlueButtonVideoApiAdapter;

packages/app-store/bigbluebutton/lib/index.ts

@@ -0,0 +1 @@
+export { default as VideoApiAdapter } from "./VideoApiAdapter";

packages/app-store/bigbluebutton/package.json

@@ -0,0 +1,13 @@
+{
+  "private": true,
+  "name": "@calcom/bigbluebutton",
+  "version": "0.0.0",
+  "main": "./index.ts",
+  "description": "BigBlueButton is an open-source web conferencing system built for online learning and webinars.",
+  "dependencies": {
+    "@calcom/lib": "workspace:*"
+  },
+  "devDependencies": {
+    "@calcom/types": "workspace:*"
+  }
+}

packages/app-store/bigbluebutton/zod.ts

@@ -0,0 +1,8 @@
+import { z } from "zod";
+
+export const appKeysSchema = z.object({
+  bigBlueButtonServerUrl: z.string().url().optional(),
+  bigBlueButtonSharedSecret: z.string().min(1).optional(),
+});
+
+export const appDataSchema = z.object({});