@aion0/forge 0.9.15 → 0.9.18

package/RELEASE_NOTES.md

@@ -1,11 +1,22 @@
-# Forge v0.9.15
+# Forge v0.9.18
 
-Released: 2026-05-27
+Released: 2026-05-28
 
-## Changes since v0.9.14
+## Changes since v0.9.16
 
 ### Other
-- fix(connectors): derive mode label from tool protocols
+- feat(chat): trigger_pipeline accepts skills array
+- feat(connectors): body_form_inject_from + nested instances UI
+- fix(http-protocol): JSON.parse args[X] when LLM stringified it + template inject keys
+- feat(connectors): http body_form_inject for server-side credential injection
+- Revert "feat(connectors): {secret:...} refs for cross-connector + global secrets"
+- Revert "fix(chat): make secret-refs system prompt push the tool-call path"
+- fix(chat): make secret-refs system prompt push the tool-call path
+- revert: drop migrateConnectorInstanceSecrets startup hook
+- fix(connectors): encrypt nested secrets inside type:instances rows
+- feat(connectors): {secret:...} refs for cross-connector + global secrets
+- feat(connectors): generic 'type: instances' field renderer + v0.9.17
+- feat(connectors): generic auth + url_encoding + body_form + multi-instance
 
 
-**Full Changelog**: https://github.com/aiwatching/forge/compare/v0.9.14...v0.9.15
+**Full Changelog**: https://github.com/aiwatching/forge/compare/v0.9.16...v0.9.18

package/app/api/connectors/[id]/settings/route.ts

@@ -41,17 +41,76 @@ function defaultsFor(id: string): Record<string, any> {
 
 const SECRET_MASK = '••••••••';
 
-function isSecretField(schema: ConnectorFieldSchema | undefined): boolean {
-  if (!schema) return false;
-  return schema.type === 'secret' || (schema.type as string) === 'password';
+/**
+ * Walk `value` against `schema`, applying `mask` (plaintext → ••••) or
+ * `restore` (•••• → stored plaintext). Recurses into `type: 'instances'`
+ * arrays so per-row sub-secrets get the same mask treatment as flat
+ * top-level secrets. Mirrors the encrypt/decrypt walker in
+ * lib/connectors/registry.ts so the on-disk and over-the-wire
+ * representations stay symmetric.
+ */
+function transformFieldSecrets(
+  value: any,
+  schema: ConnectorFieldSchema | undefined,
+  existingValue: any,
+  op: 'mask' | 'restore',
+): any {
+  if (!schema) return value;
+  const t = String((schema as any)?.type || '');
+
+  if (t === 'secret' || t === 'password') {
+    if (op === 'mask') {
+      return typeof value === 'string' && value ? SECRET_MASK : value;
+    }
+    // restore
+    if (value === SECRET_MASK) {
+      return typeof existingValue === 'string' ? existingValue : undefined;
+    }
+    return value;
+  }
+
+  if (t === 'instances' && (schema as any).fields) {
+    const wasString = typeof value === 'string';
+    let rows: any;
+    if (wasString) {
+      try { rows = JSON.parse(value); } catch { return value; }
+    } else {
+      rows = value;
+    }
+    if (!Array.isArray(rows)) return value;
+
+    // Build name→row map of the existing stored value so per-instance
+    // mask restoration can find the corresponding row by name.
+    let existingRows: any[] = [];
+    if (typeof existingValue === 'string') {
+      try { existingRows = JSON.parse(existingValue); } catch { existingRows = []; }
+    } else if (Array.isArray(existingValue)) {
+      existingRows = existingValue;
+    }
+    const existingByName = new Map<string, any>();
+    for (const r of existingRows) {
+      if (r && typeof r === 'object' && typeof r.name === 'string') existingByName.set(r.name, r);
+    }
+
+    const transformed = rows.map((row: any) => {
+      if (!row || typeof row !== 'object') return row;
+      const existingRow = (typeof row.name === 'string' && existingByName.get(row.name)) || {};
+      const out: any = { ...row };
+      for (const [k, sub] of Object.entries((schema as any).fields)) {
+        out[k] = transformFieldSecrets(out[k], sub as ConnectorFieldSchema, existingRow[k], op);
+      }
+      return out;
+    });
+    return wasString ? JSON.stringify(transformed) : transformed;
+  }
+
+  return value;
 }
 
 function maskSecrets(settings: Record<string, any>, schema: Record<string, ConnectorFieldSchema>): Record<string, any> {
   const out: Record<string, any> = { ...settings };
   for (const [k, v] of Object.entries(schema)) {
-    if (isSecretField(v) && typeof out[k] === 'string' && out[k]) {
-      out[k] = SECRET_MASK;
-    }
+    out[k] = transformFieldSecrets(out[k], v, undefined, 'mask');
   }
   return out;
 }
@@ -63,10 +122,9 @@ function restoreSecrets(
 ): Record<string, any> {
   const out: Record<string, any> = { ...incoming };
   for (const [k, v] of Object.entries(schema)) {
-    if (isSecretField(v) && out[k] === SECRET_MASK) {
-      if (typeof existing[k] === 'string') out[k] = existing[k];
-      else delete out[k];
-    }
+    const restored = transformFieldSecrets(out[k], v, existing[k], 'restore');
+    if (restored === undefined) delete out[k];
+    else out[k] = restored;
   }
   return out;
 }

package/app/api/connectors/[id]/test/route.ts

@@ -34,6 +34,7 @@ import {
 } from '@/lib/connectors/registry';
 import { expandSettingsTokens, expandAllTokens } from '@/lib/plugins/templates';
 import { bridgeRpc } from '@/lib/chat/bridge-client';
+import { applyAuth } from '@/lib/chat/protocols/http';
 import type { ConnectorDefinition, ConnectorTest, HttpRequestSpec } from '@/lib/connectors/types';
 
 const DEFAULT_TIMEOUT_MS = 15_000;
@@ -106,17 +107,39 @@ interface TestResult {
   body_preview?: string;
 }
 
-async function runHttpProbe(test: ConnectorTest, settings: Record<string, unknown>): Promise<TestResult> {
+async function runHttpProbe(test: ConnectorTest, settings: Record<string, unknown>, def: ConnectorDefinition): Promise<TestResult> {
   const spec = test.request;
   if (!spec?.url) return { ok: false, error: 'test.request.url is required for http probe' };
 
+  // Multi-instance overlay: test probe always uses the first instance
+  // (same guard as tool-dispatcher — only kicks in when instances is a
+  // well-formed array, so single-instance connectors are unaffected).
+  let effectiveSettings = settings as Record<string, any>;
+  let instances = effectiveSettings?.instances;
+  // type: json fields persist as strings — parse before checking.
+  if (typeof instances === 'string') {
+    try { instances = JSON.parse(instances); } catch { instances = null; }
+  }
+  if (
+    Array.isArray(instances) &&
+    instances.length > 0 &&
+    instances.every((i: any) => i && typeof i === 'object' && typeof i.name === 'string')
+  ) {
+    effectiveSettings = { ...effectiveSettings, ...instances[0] };
+  }
+
   const method = (spec.method || 'GET').toUpperCase();
-  const url = buildUrl(spec, settings);
-  const headers = buildHeaders(spec, settings);
-  const { body, contentType } = buildBody(spec, settings);
+  let url = buildUrl(spec, effectiveSettings);
+  const headers = buildHeaders(spec, effectiveSettings);
+  const { body, contentType } = buildBody(spec, effectiveSettings);
   if (body != null && contentType && !headers.has('content-type')) {
     headers.set('content-type', contentType);
   }
+  // Apply connector-level auth so the test probe uses the same scheme
+  // as live tool calls (e.g. Basic auth for Jenkins). Manifests that
+  // hand-craft Authorization in test.request.headers still work — the
+  // auth scheme would just overwrite the header.
+  url = applyAuth(url, headers, def.auth, effectiveSettings);
 
   const timeoutMs = test.timeout_ms || DEFAULT_TIMEOUT_MS;
   const okStatus = test.ok_status?.length ? test.ok_status : [200];
@@ -255,6 +278,6 @@ export async function POST(req: Request, { params }: { params: Promise<{ id: str
   const probe = def.test.probe || 'http';
   const r = probe === 'browser'
     ? await runBrowserProbe(def, inst.config)
-    : await runHttpProbe(def.test, inst.config);
+    : await runHttpProbe(def.test, inst.config, def);
   return NextResponse.json(r);
 }

package/components/ConnectorsPanel.tsx

@@ -44,6 +44,8 @@ interface FieldSchema {
   required?: boolean;
   default?: any;
   options?: string[];
+  /** For type: 'instances' — schema of each row's inner fields. */
+  fields?: Record<string, FieldSchema>;
 }
 
 interface ConnectorTool {
@@ -532,7 +534,13 @@ export default function ConnectorsPanel() {
                           <label className="text-[10px] text-[var(--text-secondary)] block mb-0.5">
                             {sc.label || key} {sc.required && <span className="text-red-400">*</span>}
                           </label>
-                          {sc.type === 'boolean' ? (
+                          {sc.type === 'instances' ? (
+                            <InstancesField
+                              schema={sc}
+                              rawValue={values[key]}
+                              onChange={(v) => setValues({ ...values, [key]: v })}
+                            />
+                          ) : sc.type === 'boolean' ? (
                             <input
                               type="checkbox"
                               checked={values[key] === true || values[key] === 'true'}
@@ -634,3 +642,135 @@ export default function ConnectorsPanel() {
     </div>
   );
 }
+
+/**
+ * Generic renderer for `type: instances` — a list of named records
+ * configured per-connector (Jenkins instances, GitLab tenants, etc.).
+ * Each row collapses into the connector's declared sub-fields. Value
+ * is round-tripped as a JSON-stringified array so the existing
+ * connector-configs.json shape (the textarea-saved string) keeps
+ * working unchanged.
+ */
+function InstancesField({
+  schema,
+  rawValue,
+  onChange,
+}: {
+  schema: FieldSchema;
+  rawValue: any;
+  onChange: (next: string) => void;
+}) {
+  const subFields = schema.fields || {};
+  const subKeys = Object.keys(subFields);
+
+  // Parse incoming value: accept stored JSON string, in-memory array,
+  // null, or anything malformed (treat as empty).
+  const rows: Record<string, any>[] = (() => {
+    let v: any = rawValue;
+    if (v == null || v === '') return [];
+    if (typeof v === 'string') {
+      try { v = JSON.parse(v); } catch { return []; }
+    }
+    return Array.isArray(v) ? v : [];
+  })();
+
+  const commit = (next: Record<string, any>[]) => onChange(JSON.stringify(next));
+
+  const addRow = () => {
+    const blank: Record<string, any> = {};
+    for (const k of subKeys) blank[k] = subFields[k]?.default ?? '';
+    commit([...rows, blank]);
+  };
+  const removeRow = (i: number) => commit(rows.filter((_, idx) => idx !== i));
+  const updateRow = (i: number, key: string, val: any) => {
+    const next = rows.map((r, idx) => (idx === i ? { ...r, [key]: val } : r));
+    commit(next);
+  };
+
+  return (
+    <div className="space-y-1.5">
+      {rows.length === 0 && (
+        <div className="text-[10px] text-[var(--text-secondary)] italic py-1">
+          No entries yet — click “+ Add” to create one.
+        </div>
+      )}
+      {rows.map((row, i) => {
+        const rowLabel =
+          (typeof row.name === 'string' && row.name.trim()) || `(unnamed #${i + 1})`;
+        return (
+          <div
+            key={i}
+            className="border border-[var(--border)] rounded p-2 bg-[var(--bg-secondary)]"
+          >
+            <div className="flex items-center justify-between mb-1.5">
+              <span className="text-[10px] font-semibold text-[var(--text-primary)]">
+                {rowLabel}
+              </span>
+              <button
+                type="button"
+                onClick={() => removeRow(i)}
+                title="Remove this entry"
+                className="text-[10px] text-red-400 hover:text-red-300"
+              >
+                ✕
+              </button>
+            </div>
+            <div className="space-y-1.5">
+              {subKeys.map((k) => {
+                const f = subFields[k];
+                // Nested instances — render the same component recursively.
+                // Lets a connector model "rows of rows" (e.g. Jenkins
+                // instances each with a list of inject_params key/value
+                // pairs).
+                if (f.type === 'instances') {
+                  return (
+                    <div key={k}>
+                      <label className="text-[9px] text-[var(--text-secondary)] block mb-0.5">
+                        {f.label || k} {f.required && <span className="text-red-400">*</span>}
+                      </label>
+                      <InstancesField
+                        schema={f}
+                        rawValue={row[k]}
+                        onChange={(next) => updateRow(i, k, next)}
+                      />
+                      {f.description && (
+                        <p className="text-[9px] text-[var(--text-secondary)] mt-0.5">{f.description}</p>
+                      )}
+                    </div>
+                  );
+                }
+                const inputType =
+                  f.type === 'secret' || f.type === 'password'
+                    ? 'password'
+                    : f.type === 'number'
+                      ? 'number'
+                      : 'text';
+                return (
+                  <div key={k}>
+                    <label className="text-[9px] text-[var(--text-secondary)] block mb-0.5">
+                      {f.label || k} {f.required && <span className="text-red-400">*</span>}
+                    </label>
+                    <input
+                      type={inputType}
+                      value={row[k] ?? ''}
+                      onChange={(e) => updateRow(i, k, e.target.value)}
+                      placeholder={f.description || ''}
+                      className="w-full bg-[var(--bg-tertiary)] border border-[var(--border)] rounded px-2 py-1 text-[10px] text-[var(--text-primary)] font-mono"
+                    />
+                  </div>
+                );
+              })}
+            </div>
+          </div>
+        );
+      })}
+      <button
+        type="button"
+        onClick={addRow}
+        className="text-[10px] px-2 py-1 rounded border border-dashed border-[var(--border)] text-[var(--text-secondary)] hover:border-[var(--accent)] hover:text-[var(--accent)] transition-colors w-full"
+      >
+        + Add {schema.label || 'instance'}
+      </button>
+    </div>
+  );
+}

package/install.sh

@@ -76,11 +76,25 @@ if [ ${#missing_opts[@]} -gt 0 ]; then
 fi
 
 if [ "$1" = "local" ] || [ "$1" = "--local" ]; then
-  echo "[forge] Installing from local source..."
-  npm uninstall -g @aion0/forge 2>/dev/null || true
-  npm link
-  echo "[forge] Building..."
+  # Build a real npm tarball from the current working tree and install it
+  # globally exactly the way `npm install -g @aion0/forge` would after a
+  # publish. This runs the `prepack` hook (bundles cli/mw.mjs), respects
+  # .npmignore, and uses npm (not pnpm) for the global install — so the
+  # behaviour matches what a real user gets from `forge upgrade`.
+  echo "[forge] Building from local source (npm pack flow)..."
+  SRC_DIR="$(pwd)"
+  echo "[forge] Running pnpm build..."
   pnpm build || echo "[forge] Build completed with warnings (non-critical)"
+  echo "[forge] Packing tarball..."
+  PACK_DIR="$(mktemp -d -t forge-pack-XXXXXX)"
+  TARBALL="$(cd "$PACK_DIR" && npm pack "$SRC_DIR" --silent)"
+  TARBALL_PATH="$PACK_DIR/$TARBALL"
+  echo "[forge] Built $TARBALL_PATH"
+  echo "[forge] Uninstalling previous global install..."
+  npm uninstall -g @aion0/forge 2>/dev/null || true
+  echo "[forge] Installing tarball globally..."
+  (cd /tmp && npm install -g "$TARBALL_PATH")
+  rm -rf "$PACK_DIR"
 else
   echo "[forge] Installing from npm..."
   rm -rf "$(npm root -g)/@aion0/forge" 2>/dev/null || true

package/lib/chat/protocols/http.ts

@@ -15,13 +15,20 @@
  * is_error so the LLM can react.
  */
 
-import type { HttpRequestSpec, ConnectorTool } from '../../connectors/types';
+import type { HttpRequestSpec, ConnectorTool, ConnectorAuth, ConnectorFieldSchema } from '../../connectors/types';
 import { expandAllTokens } from '../../plugins/templates';
 
 export interface HttpProtocolArgs {
   tool: ConnectorTool;
   settings: Record<string, any>;
   args: Record<string, any>;
+  /**
+   * Connector-level auth. Tool-level `tool.auth` takes precedence.
+   * Forge resolves the scheme into the right header/query at dispatch
+   * time so manifests don't have to hand-craft Authorization headers
+   * or base64-encode credentials.
+   */
+  connectorAuth?: ConnectorAuth;
   /**
    * When true, return the full response body without the 8KB cap. Used by
    * the Jobs scheduler — it parses JSON, not feeds the response into an
@@ -53,22 +60,42 @@ function expandObjectLeaves(obj: any, settings: Record<string, any>, args: Recor
 }
 
 /**
- * Expand `{args.X}` placeholders in a URL path with the value URL-
- * encoded. `{settings.X}` is NOT encoded — `{settings.base_url}` is the
- * scheme + host (with its own `://` and `/`), which must stay literal.
- *
- * Why: GitLab and many REST APIs accept either a numeric id or a
- * URL-encoded namespace path (`fortinac%2FFortiNAC`) as the project
- * identifier in the path. Without encoding, `args.project_id =
- * "fortinac/FortiNAC"` interpolates as a raw `/` and turns
- * `/projects/{args.project_id}/...` into `/projects/fortinac/FortiNAC/...`
- * (extra path segment), which the API can't parse. Numeric ids encode
- * to themselves — no regression.
+ * Encode a string value per its parameter's `url_encoding` declaration.
+ * Default `uri_component` matches encodeURIComponent (slashes encoded).
+ * `none` is raw, for pre-formatted paths (e.g. Jenkins folder paths
+ * `job/team/job/build`). `path_segments` encodes each `/`-separated
+ * piece but preserves the slashes — good for human-readable paths
+ * that contain spaces or unicode.
+ */
+function encodePathValue(raw: string, mode: ConnectorFieldSchema['url_encoding'] | undefined): string {
+  switch (mode) {
+    case 'none':
+      return raw;
+    case 'path_segments':
+      return raw.split('/').map(encodeURIComponent).join('/');
+    case 'uri_component':
+    case undefined:
+    default:
+      return encodeURIComponent(raw);
+  }
+}
+
+/**
+ * Expand `{args.X}` placeholders in a URL path. Each arg's encoding is
+ * decided by its parameter schema's `url_encoding` field (default
+ * `uri_component` — see `encodePathValue` for the modes). `{settings.X}`
+ * is NOT encoded — `{settings.base_url}` is the scheme + host (with its
+ * own `://` and `/`), which must stay literal.
  */
-function expandUrlPath(template: string, settings: Record<string, any>, args: Record<string, any>): string {
+function expandUrlPath(
+  template: string,
+  settings: Record<string, any>,
+  args: Record<string, any>,
+  paramSchemas?: Record<string, ConnectorFieldSchema>,
+): string {
   // First handle settings.* with raw substitution (keeps base_url intact).
   let out = expandAllTokens(template, settings, {});
-  // Then handle args.* with URL-encoding.
+  // Then handle args.* with per-parameter URL encoding.
   out = out.replace(/\{args\.([^{}]+)\}/g, (full, rawKey) => {
     const path = String(rawKey).trim().split('.');
     let v: any = args;
@@ -78,13 +105,23 @@ function expandUrlPath(template: string, settings: Record<string, any>, args: Re
     }
     if (v == null) return full;
     const s = typeof v === 'string' ? v : (typeof v === 'number' || typeof v === 'boolean' ? String(v) : JSON.stringify(v));
-    return encodeURIComponent(s);
+    // Encoding mode comes from the top-level parameter's schema. Nested
+    // arg paths inherit their root parameter's encoding — common case is
+    // a flat scalar parameter so this matters rarely.
+    const rootParam = path[0];
+    const mode = paramSchemas?.[rootParam]?.url_encoding;
+    return encodePathValue(s, mode);
   });
   return out;
 }
 
-function buildUrl(spec: HttpRequestSpec, settings: Record<string, any>, args: Record<string, any>): string {
-  const base = expandUrlPath(spec.url, settings, args);
+function buildUrl(
+  spec: HttpRequestSpec,
+  settings: Record<string, any>,
+  args: Record<string, any>,
+  paramSchemas?: Record<string, ConnectorFieldSchema>,
+): string {
+  const base = expandUrlPath(spec.url, settings, args, paramSchemas);
   if (!spec.query) return base;
   const url = new URL(base);
   for (const [k, raw] of Object.entries(spec.query)) {
@@ -98,6 +135,48 @@ function buildUrl(spec: HttpRequestSpec, settings: Record<string, any>, args: Re
   return url.toString();
 }
 
+/**
+ * Apply a connector/tool auth scheme onto an outbound request. Resolves
+ * templated `{settings.*}` inside auth values, base64-encodes basic
+ * credentials, and chooses between header / query placement. The URL is
+ * passed by reference (returned as a new string if the auth scheme
+ * appends a query param). Centralised so the chat dispatcher and the
+ * connector-test probe stay consistent.
+ */
+export function applyAuth(
+  url: string,
+  headers: Headers,
+  auth: ConnectorAuth | undefined,
+  settings: Record<string, any>,
+  args: Record<string, any> = {},
+): string {
+  if (!auth || auth.type === 'none') return url;
+  const exp = (s: string) => expandAllTokens(String(s ?? ''), settings, args);
+  switch (auth.type) {
+    case 'basic': {
+      const u = exp(auth.username);
+      const p = exp(auth.password);
+      const token = Buffer.from(`${u}:${p}`, 'utf-8').toString('base64');
+      headers.set('Authorization', `Basic ${token}`);
+      return url;
+    }
+    case 'bearer': {
+      headers.set('Authorization', `Bearer ${exp(auth.token)}`);
+      return url;
+    }
+    case 'header': {
+      headers.set(auth.name, exp(auth.value));
+      return url;
+    }
+    case 'query': {
+      const u = new URL(url);
+      u.searchParams.set(auth.name, exp(auth.value));
+      return u.toString();
+    }
+  }
+  return url;
+}
+
 function buildHeaders(spec: HttpRequestSpec, settings: Record<string, any>, args: Record<string, any>): Headers {
   const h = new Headers();
   if (spec.headers) {
@@ -109,12 +188,102 @@ function buildHeaders(spec: HttpRequestSpec, settings: Record<string, any>, args
 }
 
 function buildBody(spec: HttpRequestSpec, settings: Record<string, any>, args: Record<string, any>): { body?: string; contentType?: string } {
-  if (spec.body == null) return {};
-  if (typeof spec.body === 'string') {
-    return { body: expandAllTokens(spec.body, settings, args) };
+  if (spec.body != null) {
+    if (typeof spec.body === 'string') {
+      return { body: expandAllTokens(spec.body, settings, args) };
+    }
+    const obj = expandObjectLeaves(spec.body, settings, args);
+    return { body: JSON.stringify(obj), contentType: 'application/json' };
+  }
+  if (spec.body_form != null || spec.body_form_inject != null || spec.body_form_inject_from != null) {
+    return buildFormBody(spec.body_form, spec.body_form_inject, spec.body_form_inject_from, settings, args);
   }
-  const obj = expandObjectLeaves(spec.body, settings, args);
-  return { body: JSON.stringify(obj), contentType: 'application/json' };
+  return {};
+}
+
+/**
+ * Serialise an object into application/x-www-form-urlencoded body.
+ * The spec value can be:
+ *  - a literal placeholder `{args.NAME}` — resolved to the named arg
+ *    (must be a plain object); used by Jenkins trigger_build to take a
+ *    dynamic `params` map of build parameters.
+ *  - an inline object whose leaves get template-expanded — used when
+ *    the form keys are static.
+ *  - any other string — treated as a JSON-string template, parsed, then
+ *    serialised (less common, but lets manifests build the body inline).
+ *
+ * null/undefined values are dropped (no empty `KEY=`). Non-string values
+ * are stringified.
+ */
+function buildFormBody(spec: string | Record<string, unknown> | undefined, inject: Record<string, string> | undefined, injectFrom: string | undefined, settings: Record<string, any>, args: Record<string, any>): { body?: string; contentType?: string } {
+  let obj: any = null;
+  if (spec != null) {
+    if (typeof spec === 'string') {
+      const m = spec.match(/^\{args\.([^{}]+)\}$/);
+      if (m) {
+        obj = args[m[1]];
+        // LLMs frequently JSON-stringify an object arg even when the
+        // tool schema declares it as `type: json`. Parse it back so the
+        // form serialisation works either way.
+        if (typeof obj === 'string') {
+          try { obj = JSON.parse(obj); } catch { /* leave as null below */ }
+        }
+      } else {
+        const expanded = expandAllTokens(spec, settings, args);
+        try { obj = JSON.parse(expanded); } catch { obj = null; }
+      }
+    } else {
+      obj = expandObjectLeaves(spec, settings, args);
+    }
+  }
+  if (obj == null) obj = {};
+  if (typeof obj !== 'object' || Array.isArray(obj)) obj = {};
+
+  // Server-side inject — typically secrets pulled from settings.
+  // BOTH key and value are templated (against settings only, NOT args,
+  // so the LLM can't shadow injected keys). Templated keys let one
+  // manifest target different Jenkins jobs whose param names vary —
+  // each instance config sets the key name (e.g. TOKEN_PASSWORD)
+  // alongside the value source (e.g. {settings.gitlab_pat}). Entries
+  // where the key OR value comes back empty / unresolved get dropped.
+  if (inject) {
+    for (const [rawKey, rawVal] of Object.entries(inject)) {
+      const k = expandAllTokens(String(rawKey), settings, {});
+      if (!k || /\{(settings|args)\./.test(k)) continue;
+      const v = expandAllTokens(String(rawVal), settings, {});
+      if (!v || /\{(settings|args)\./.test(v)) continue;
+      obj[k] = v;
+    }
+  }
+
+  // body_form_inject_from — settings[X] is expected to be an
+  // `instances`-shaped array (each row { name, value, ... }). Inject
+  // every row as one form key/value pair. Lets the connector defer
+  // the actual key+value choices to per-user instance config without
+  // hardcoding them in the manifest. Rows with empty name or value
+  // are dropped.
+  if (injectFrom) {
+    let rows: any = (settings as any)[injectFrom];
+    if (typeof rows === 'string') {
+      try { rows = JSON.parse(rows); } catch { rows = null; }
+    }
+    if (Array.isArray(rows)) {
+      for (const row of rows) {
+        if (!row || typeof row !== 'object') continue;
+        const k = typeof row.name === 'string' ? row.name.trim() : '';
+        const v = typeof row.value === 'string' ? row.value : (row.value == null ? '' : String(row.value));
+        if (!k || !v) continue;
+        obj[k] = v;
+      }
+    }
+  }
+
+  const usp = new URLSearchParams();
+  for (const [k, v] of Object.entries(obj)) {
+    if (v == null) continue;
+    usp.append(k, typeof v === 'string' ? v : String(v));
+  }
+  return { body: usp.toString(), contentType: 'application/x-www-form-urlencoded' };
 }
 
 function truncate(s: string): { text: string; truncated: boolean; totalBytes: number } {
@@ -124,7 +293,7 @@ function truncate(s: string): { text: string; truncated: boolean; totalBytes: nu
   return { text: slice, truncated: true, totalBytes: buf.byteLength };
 }
 
-export async function runHttp({ tool, settings, args, noTruncation }: HttpProtocolArgs): Promise<HttpProtocolResult> {
+export async function runHttp({ tool, settings, args, connectorAuth, noTruncation }: HttpProtocolArgs): Promise<HttpProtocolResult> {
   const spec = tool.request;
   if (!spec || !spec.url) {
     return { content: 'http tool missing `request.url`', is_error: true };
@@ -145,11 +314,16 @@ export async function runHttp({ tool, settings, args, noTruncation }: HttpProtoc
     }
   }
 
-  const url = buildUrl(spec, settings, argsWithDefaults);
+  let url = buildUrl(spec, settings, argsWithDefaults, tool.parameters);
   const headers = buildHeaders(spec, settings, argsWithDefaults);
   const { body, contentType } = buildBody(spec, settings, argsWithDefaults);
   if (body != null && contentType && !headers.has('content-type')) headers.set('content-type', contentType);
 
+  // Tool-level auth overrides connector-level. `{ type: 'none' }` is a
+  // valid override that disables auth entirely (public endpoint).
+  const effectiveAuth = tool.auth ?? connectorAuth;
+  url = applyAuth(url, headers, effectiveAuth, settings, argsWithDefaults);
+
   const controller = new AbortController();
   const timer = setTimeout(() => controller.abort(), timeoutMs);