@businessmaps/bifrost 0.0.1 → 0.0.2

package/README.md

@@ -71,15 +71,21 @@ There's a working [live demo](https://business-maps.github.io/mcp/demo/) with fi
 
 ## Auth
 
-The daemon generates a token on startup and prints it to stderr. Pass it to the client — the token is sent via the `Sec-WebSocket-Protocol` header during the WebSocket handshake. Auth is always enabled.
+The daemon generates a token on startup and prints it to stderr. Pass it to the client — the token is sent via the `Sec-WebSocket-Protocol` header during the WebSocket handshake. Skip with `--no-auth` during local dev.
 
 ## Multiple tabs
 
 Each tab registers its own tools. Calls route to whoever owns the tool. Disconnecting a tab removes its tools.
 
-## Configuration
+## Options
 
-The daemon reads its port from the `PORT` environment variable (default: `3099`).
+```
+--port <port>     WebSocket port        (default: 3099)
+--timeout <secs>  Tool call timeout     (default: 120)
+--no-auth         Disable token auth    (dev only)
+--help, -h        Show this message
+--version, -v     Show version
+```
 
 ## Dev
 

package/bin/bifrost

@@ -4,9 +4,158 @@ import { createInterface } from "readline";
 import { randomBytes } from "crypto";
 import { fileURLToPath } from "url";
 import { dirname, join } from "path";
+import { readFileSync } from "fs";
 
 const __dirname = dirname(fileURLToPath(import.meta.url));
 
+// ---------------------------------------------------------------------------
+// ANSI helpers
+// ---------------------------------------------------------------------------
+const c = process.stderr.isTTY ? {
+  r: "\x1b[0m",       // reset
+  red: "\x1b[31m",
+  RED: "\x1b[91m",    // bright red
+  dim: "\x1b[2m",
+  bold: "\x1b[1m",
+  white: "\x1b[97m",
+  black: "\x1b[30m",
+  bgRed: "\x1b[41m",
+  gray: "\x1b[90m",
+} : { r:"",red:"",RED:"",dim:"",bold:"",white:"",black:"",bgRed:"",gray:"" };
+
+function log(msg) { process.stderr.write(msg + "\n"); }
+
+// ---------------------------------------------------------------------------
+// ASCII globe — red sphere with black lat/long grid
+// ---------------------------------------------------------------------------
+function renderGlobe() {
+  const R = 9;
+  const lines = [];
+  for (let y = -R; y <= R; y++) {
+    let row = "";
+    const rSlice = Math.sqrt(R * R - y * y);
+    for (let x = -R * 2; x <= R * 2; x++) {
+      const nx = x / 2;
+      if (nx * nx + y * y > R * R) {
+        row += " ";
+        continue;
+      }
+      // spherical coords for grid
+      const z = Math.sqrt(Math.max(0, R * R - nx * nx - y * y));
+      const theta = Math.atan2(y, nx);
+      const phi = Math.acos(z / R);
+      const lat = Math.abs(y);
+      const lonAngle = Math.atan2(nx, z);
+
+      // grid lines: latitudes every ~3 units, longitudes every ~30 degrees
+      const isLat = lat % 3 < 0.8;
+      const lonDeg = ((lonAngle * 180 / Math.PI) + 360) % 360;
+      const isLon = lonDeg % 30 < 6;
+      // equator
+      const isEquator = Math.abs(y) < 1;
+
+      if (isEquator || isLat || isLon) {
+        row += `${c.black}${c.bgRed}+${c.r}`;
+      } else {
+        row += `${c.RED}.${c.r}`;
+      }
+    }
+    lines.push(row);
+  }
+  return lines;
+}
+
+// ---------------------------------------------------------------------------
+// Startup banner
+// ---------------------------------------------------------------------------
+function printBanner(version) {
+  log("");
+
+  const globe = renderGlobe();
+  const bannerLines = [
+    "",
+    "",
+    "",
+    `${c.bold}${c.RED}  ██████╗ ██╗███████╗██████╗  ██████╗ ███████╗████████╗${c.r}`,
+    `${c.bold}${c.RED}  ██╔══██╗██║██╔════╝██╔══██╗██╔═══██╗██╔════╝╚══██╔══╝${c.r}`,
+    `${c.bold}${c.RED}  ██████╔╝██║█████╗  ██████╔╝██║   ██║███████╗   ██║   ${c.r}`,
+    `${c.bold}${c.RED}  ██╔══██╗██║██╔══╝  ██╔══██╗██║   ██║╚════██║   ██║   ${c.r}`,
+    `${c.bold}${c.RED}  ██████╔╝██║██║     ██║  ██║╚██████╔╝███████║   ██║   ${c.r}`,
+    `${c.bold}${c.RED}  ╚═════╝ ╚═╝╚═╝     ╚═╝  ╚═╝ ╚═════╝ ╚══════╝   ╚═╝   ${c.r}`,
+    "",
+    `${c.dim}${c.red}  ── SECURE BRIDGE PROTOCOL ──────────────── v${version} ──${c.r}`,
+    "",
+    "",
+    "",
+    "",
+    "",
+    "",
+    "",
+    "",
+    "",
+  ];
+
+  const globeW = globe.length;
+  const bannerW = bannerLines.length;
+  const rows = Math.max(globeW, bannerW);
+
+  for (let i = 0; i < rows; i++) {
+    const gLine = i < globe.length ? globe[i] : "";
+    const bLine = i < bannerLines.length ? bannerLines[i] : "";
+    log(`  ${gLine}  ${bLine}`);
+  }
+}
+
+// ---------------------------------------------------------------------------
+// Styled help
+// ---------------------------------------------------------------------------
+function printHelp() {
+  log("");
+  log(`  ${c.bold}${c.RED}BIFROST${c.r} ${c.dim}${c.red}── SECURE BRIDGE PROTOCOL${c.r}`);
+  log("");
+  log(`  ${c.dim}MCP browser bridge daemon${c.r}`);
+  log("");
+  log(`  ${c.white}${c.bold}USAGE${c.r}`);
+  log(`    ${c.gray}$${c.r} bifrost ${c.dim}[options]${c.r}`);
+  log("");
+  log(`  ${c.white}${c.bold}OPTIONS${c.r}`);
+  log(`    ${c.RED}--port${c.r} ${c.dim}<port>${c.r}       WebSocket port        ${c.gray}(default: 3099)${c.r}`);
+  log(`    ${c.RED}--timeout${c.r} ${c.dim}<secs>${c.r}    Tool call timeout     ${c.gray}(default: 120)${c.r}`);
+  log(`    ${c.RED}--no-auth${c.r}            Disable token auth    ${c.gray}(dev only)${c.r}`);
+  log(`    ${c.RED}--help${c.r}, ${c.RED}-h${c.r}           Show this message`);
+  log(`    ${c.RED}--version${c.r}, ${c.RED}-v${c.r}        Show version`);
+  log("");
+  log(`  ${c.dim}${c.red}────────────────────────────────────────────────────${c.r}`);
+  log("");
+}
+
+// ---------------------------------------------------------------------------
+// CLI argument parsing
+// ---------------------------------------------------------------------------
+const args = process.argv.slice(2);
+
+function flag(name) { return args.includes(name); }
+function option(name, fallback) {
+  const idx = args.indexOf(name);
+  return idx !== -1 && idx + 1 < args.length ? args[idx + 1] : fallback;
+}
+
+let VERSION = "0.0.1";
+try {
+  const pkg = JSON.parse(readFileSync(join(__dirname, "..", "package.json"), "utf8"));
+  VERSION = pkg.version || VERSION;
+} catch {}
+
+if (flag("--help") || flag("-h")) {
+  printHelp();
+  process.exit(0);
+}
+
+if (flag("--version") || flag("-v")) {
+  log(`${c.bold}${c.RED}bifrost${c.r} ${c.dim}${VERSION}${c.r}`);
+  process.exit(0);
+}
+
 const { MiniWebSocketServer } = await import(
   new URL(`file://${join(__dirname, "..", "lib", "websocket.js")}`)
 ).catch(() =>
@@ -16,20 +165,26 @@ const { MiniWebSocketServer } = await import(
 // ---------------------------------------------------------------------------
 // Config
 // ---------------------------------------------------------------------------
-const PORT = parseInt(process.env.PORT || "3099", 10);
-const TIMEOUT_MS = 120_000;
+const PORT = parseInt(option("--port", process.env.PORT || "3099"), 10);
+const TIMEOUT_MS = parseInt(option("--timeout", "120"), 10) * 1000;
+const NO_AUTH = flag("--no-auth");
 const MAX_MESSAGE_SIZE = 1 * 1024 * 1024; // 1MB
 const MAX_PENDING_CALLS = 100;
 const MAX_CALLS_PER_MIN = 120;
 const HEARTBEAT_INTERVAL = 30_000;
 const HEARTBEAT_TIMEOUT = 10_000;
 
-const ALLOWED_ORIGINS = new Set([
-  "http://localhost",
-  "http://127.0.0.1",
-]);
+function isLocalOrigin(origin) {
+  if (!origin) return true;
+  try {
+    const url = new URL(origin);
+    return url.hostname === "localhost" || url.hostname === "127.0.0.1";
+  } catch {
+    return false;
+  }
+}
 
-const AUTH_TOKEN = randomBytes(32).toString("base64url");
+const AUTH_TOKEN = NO_AUTH ? null : randomBytes(32).toString("base64url");
 
 // ---------------------------------------------------------------------------
 // State
@@ -47,6 +202,10 @@ const rateMap = new Map();
 // ---------------------------------------------------------------------------
 function now() { return Date.now(); }
 
+function timestamp() {
+  return new Date().toLocaleTimeString("en-US", { hour12: false });
+}
+
 function rateLimit(key) {
   const bucket = rateMap.get(key) || { count: 0, ts: now() };
   if (now() - bucket.ts > 60_000) {
@@ -170,23 +329,46 @@ function handleMcp(msg) {
 // WebSocket server
 // ---------------------------------------------------------------------------
 const wss = new MiniWebSocketServer({ port: PORT }, () => {
-  console.error(`Secure MCP bridge running on ws://localhost:${PORT}`);
-  console.error(`Auth token (use as header): ${AUTH_TOKEN}`);
+  printBanner(VERSION);
+
+  log(`  ${c.dim}${c.red}────────────────────────────────────────────────────${c.r}`);
+  log("");
+  log(`  ${c.gray}PORT${c.r}      ${c.white}${PORT}${c.r}`);
+  log(`  ${c.gray}TIMEOUT${c.r}   ${c.white}${TIMEOUT_MS / 1000}s${c.r}`);
+  log(`  ${c.gray}AUTH${c.r}      ${AUTH_TOKEN ? `${c.RED}ENABLED${c.r}` : `${c.dim}DISABLED${c.r}`}`);
+  log("");
+
+  // These lines must remain parseable by tests
+  log(`  Secure MCP bridge running on ws://localhost:${PORT}`);
+  if (AUTH_TOKEN) {
+    // Token value stays raw (no ANSI) so test regex can capture it
+    log(`  Auth token (use as header): ${AUTH_TOKEN}`);
+  } else {
+    log(`  ${c.dim}Auth disabled (--no-auth)${c.r}`);
+  }
+
+  log("");
+  log(`  ${c.dim}${c.red}────────────────────────────────────────────────────${c.r}`);
+  log(`  ${c.gray}Waiting for connections...${c.r}`);
+  log("");
 });
 
 wss.on("connection", (ws, req) => {
-  // 🔐 Origin check
-  const origin = req.headers.origin;
-  if (origin && !ALLOWED_ORIGINS.has(origin)) {
+  // Origin check — allow any localhost origin (any port)
+  if (!isLocalOrigin(req.headers.origin)) {
     ws.close();
     return;
   }
 
-  // 🔐 Header-based auth
-  const token = req.headers["sec-websocket-protocol"];
-  if (token !== AUTH_TOKEN) {
-    ws.close();
-    return;
+  // Auth check (unless --no-auth) — supports both query param and subprotocol header
+  if (AUTH_TOKEN) {
+    const url = new URL(req.url, `http://${req.headers.host || "localhost"}`);
+    const queryToken = url.searchParams.get("token");
+    const headerToken = req.headers["sec-websocket-protocol"];
+    if (queryToken !== AUTH_TOKEN && headerToken !== AUTH_TOKEN) {
+      ws.close();
+      return;
+    }
   }
 
   const connId = `conn_${++connectionIdCounter}`;
@@ -198,6 +380,7 @@ wss.on("connection", (ws, req) => {
   };
 
   connections.set(connId, conn);
+  log(`  ${c.gray}${timestamp()}${c.r} ${c.RED}+${c.r} ${c.white}${connId}${c.r} ${c.dim}connected${c.r}`);
 
   // heartbeat
   const interval = setInterval(() => {
@@ -227,6 +410,8 @@ wss.on("connection", (ws, req) => {
         conn.tools.set(tool.name, tool);
       }
 
+      log(`  ${c.gray}${timestamp()}${c.r} ${c.RED}*${c.r} ${c.white}${connId}${c.r} ${c.dim}registered${c.r} ${c.RED}${conn.tools.size}${c.r} ${c.dim}tools${c.r}`);
+
       sendMcp({
         jsonrpc: "2.0",
         method: "notifications/tools/list_changed",
@@ -267,10 +452,11 @@ wss.on("connection", (ws, req) => {
     }
 
     connections.delete(connId);
+    log(`  ${c.gray}${timestamp()}${c.r} ${c.dim}-${c.r} ${c.dim}${connId} disconnected${c.r}`);
 
     sendMcp({
       jsonrpc: "2.0",
       method: "notifications/tools/list_changed",
     });
   });
-});
+});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@businessmaps/bifrost",
-  "version": "0.0.1",
+  "version": "0.0.2",
   "description": "Bridge any browser web app to Claude Code via MCP",
   "type": "module",
   "bin": {