@elvatis_com/openclaw-cli-bridge-elvatis 0.2.25 → 0.2.26

package/.ai/handoff/STATUS.md

@@ -11,10 +11,10 @@ _Last session: 2026-03-11 — Akido (claude-sonnet-4-6)_
 
 | Platform | Version | Status |
 |----------|---------|--------|
-| GitHub | v0.2.23 | ✅ Tagged + Release (last published) |
-| npm | 0.2.23 | ✅ Published (last published) |
-| ClawHub | 0.2.23 | ✅ Published (last published) |
-| Local | 0.2.25 | ⏳ Built + tested, not yet published |
+| GitHub | v0.2.25 | ✅ Tagged + Release |
+| npm | 0.2.25 | ✅ Published |
+| ClawHub | 0.2.25 | ✅ Published (direct API — clawhub CLI v0.7.0 bug: missing acceptLicenseTerms) |
+| Local | 0.2.25 | ✅ Up to date |
 <!-- /SECTION: version -->
 
 <!-- SECTION: build_health -->
@@ -55,7 +55,7 @@ _Last session: 2026-03-11 — Akido (claude-sonnet-4-6)_
 <!-- SECTION: what_is_missing -->
 ## What Is Missing / Open
 
-- ⏳ **Publish v0.2.25** — GitHub tag + release, npm publish, ClawHub publish (T-010)
+- ✅ **v0.2.25 published** — GitHub, npm, ClawHub alle auf 0.2.25
 - ℹ️ **Claude CLI auth expires ~90 days** — when `/cli-test` returns 401, run `claude auth login`
 - ℹ️ **Config patcher writes `openclaw.json` directly** — triggers one gateway restart on first install
 - ℹ️ **ClawHub publish ignores `.clawhubignore`** — use rsync workaround (see CONVENTIONS.md)

package/README.md

@@ -2,7 +2,7 @@
 
 > OpenClaw plugin that bridges locally installed AI CLIs (Codex, Gemini, Claude Code) as model providers — with slash commands for instant model switching, restore, health testing, and model listing.
 
-**Current version:** `0.2.25`
+**Current version:** `0.2.26`
 
 ---
 
@@ -287,6 +287,13 @@ npm test            # vitest run (45 tests)
 
 ## Changelog
 
+### v0.2.26
+- **feat:** Grok web-session bridge integrated into cli-bridge proxy — routes `web-grok/*` models through grok.com browser session (SuperGrok subscription, no API credits needed)
+- **feat:** `/grok-login` — opens Chromium for X.com OAuth login, saves session to `~/.openclaw/grok-session.json`
+- **feat:** `/grok-status` — check session validity
+- **feat:** `/grok-logout` — clear session
+- **fix:** Grok web-session plugin removed as separate plugin — consolidated into cli-bridge (fewer running processes, single proxy port)
+
 ### v0.2.25
 - **feat:** Staged model switching — `/cli-*` now stages the switch instead of applying it immediately. Prevents silent session corruption when switching models mid-conversation.
   - `/cli-sonnet` → stages switch, shows warning, does NOT apply

package/SKILL.md

@@ -53,4 +53,4 @@ Each command runs `openclaw models set <model>` atomically and replies with a co
 
 See `README.md` for full configuration reference and architecture diagram.
 
-**Version:** 0.2.25
+**Version:** 0.2.26

package/index.ts

@@ -48,6 +48,16 @@ import {
 } from "./src/codex-auth.js";
 import { startProxyServer } from "./src/proxy-server.js";
 import { patchOpencllawConfig } from "./src/config-patcher.js";
+import {
+  loadSession,
+  deleteSession,
+  isSessionExpiredByAge,
+  verifySession,
+  runInteractiveLogin,
+  createContextFromSession,
+  DEFAULT_SESSION_PATH,
+} from "./src/grok-session.js";
+import type { BrowserContext, Browser } from "playwright";
 
 // ──────────────────────────────────────────────────────────────────────────────
 // Types derived from SDK (not re-exported by the package)
@@ -66,6 +76,46 @@ interface CliPluginConfig {
   proxyPort?: number;
   proxyApiKey?: string;
   proxyTimeoutMs?: number;
+  grokSessionPath?: string;
+}
+
+// ──────────────────────────────────────────────────────────────────────────────
+// Grok web-session state (module-level, persists across commands)
+// ──────────────────────────────────────────────────────────────────────────────
+
+let grokBrowser: Browser | null = null;
+let grokContext: BrowserContext | null = null;
+
+async function launchGrokBrowser(): Promise<Browser> {
+  const { chromium } = await import("playwright");
+  return chromium.launch({ headless: false });
+}
+
+async function tryRestoreGrokSession(
+  sessionPath: string,
+  log: (msg: string) => void
+): Promise<boolean> {
+  const saved = loadSession(sessionPath);
+  if (!saved || isSessionExpiredByAge(saved)) {
+    log("[cli-bridge:grok] no valid saved session");
+    return false;
+  }
+  try {
+    if (!grokBrowser) grokBrowser = await launchGrokBrowser();
+    const ctx = await createContextFromSession(grokBrowser, saved);
+    const check = await verifySession(ctx, log);
+    if (!check.valid) {
+      log(`[cli-bridge:grok] saved session invalid: ${check.reason}`);
+      await ctx.close().catch(() => {});
+      return false;
+    }
+    grokContext = ctx;
+    log("[cli-bridge:grok] session restored ✅");
+    return true;
+  } catch (err) {
+    log(`[cli-bridge:grok] session restore error: ${(err as Error).message}`);
+    return false;
+  }
 }
 
 const DEFAULT_PROXY_PORT = 31337;
@@ -393,7 +443,7 @@ function proxyTestRequest(
 const plugin = {
   id: "openclaw-cli-bridge-elvatis",
   name: "OpenClaw CLI Bridge",
-  version: "0.2.25",
+  version: "0.2.26",
   description:
     "Phase 1: openai-codex auth bridge. " +
     "Phase 2: HTTP proxy for gemini/claude CLIs. " +
@@ -407,6 +457,10 @@ const plugin = {
     const apiKey = cfg.proxyApiKey ?? DEFAULT_PROXY_API_KEY;
     const timeoutMs = cfg.proxyTimeoutMs ?? 120_000;
     const codexAuthPath = cfg.codexAuthPath ?? DEFAULT_CODEX_AUTH_PATH;
+    const grokSessionPath = cfg.grokSessionPath ?? DEFAULT_SESSION_PATH;
+
+    // ── Grok session restore (non-blocking) ───────────────────────────────────
+    void tryRestoreGrokSession(grokSessionPath, (msg) => api.logger.info(msg));
 
     // ── Phase 1: openai-codex auth bridge ─────────────────────────────────────
     if (enableCodex) {
@@ -503,6 +557,7 @@ const plugin = {
             timeoutMs,
             log: (msg) => api.logger.info(msg),
             warn: (msg) => api.logger.warn(msg),
+            getGrokContext: () => grokContext,
           });
           proxyServer = server;
           api.logger.info(
@@ -526,6 +581,7 @@ const plugin = {
                 port, apiKey, timeoutMs,
                 log: (msg) => api.logger.info(msg),
                 warn: (msg) => api.logger.warn(msg),
+                getGrokContext: () => grokContext,
               });
               proxyServer = server;
               api.logger.info(`[cli-bridge] proxy ready on :${port} (retry)`);
@@ -771,11 +827,64 @@ const plugin = {
       },
     } satisfies OpenClawPluginCommandDefinition);
 
+    // ── Phase 4: Grok web-session commands ────────────────────────────────────
+
+    api.registerCommand({
+      name: "grok-login",
+      description: "Open browser to log in to grok.com (X/Twitter account)",
+      handler: async (): Promise<PluginCommandResult> => {
+        if (grokContext) {
+          return { text: "✅ Already logged in to grok.com. Use /grok-logout first to re-authenticate." };
+        }
+        api.logger.info("[cli-bridge:grok] starting interactive login...");
+        try {
+          if (!grokBrowser) grokBrowser = await launchGrokBrowser();
+          const session = await runInteractiveLogin(grokBrowser, grokSessionPath, (msg) => api.logger.info(msg));
+          grokContext = await createContextFromSession(grokBrowser, session);
+          return { text: "✅ Logged in to grok.com!\n\nGrok models available:\n• `vllm/web-grok/grok-3`\n• `vllm/web-grok/grok-3-fast`\n• `vllm/web-grok/grok-3-mini`\n\nUse `/cli-grok` to switch." };
+        } catch (err) {
+          return { text: `❌ Login failed: ${(err as Error).message}` };
+        }
+      },
+    } satisfies OpenClawPluginCommandDefinition);
+
+    api.registerCommand({
+      name: "grok-status",
+      description: "Check grok.com session status",
+      handler: async (): Promise<PluginCommandResult> => {
+        if (!grokContext) {
+          return { text: "❌ No active grok.com session\nRun `/grok-login` to authenticate." };
+        }
+        const check = await verifySession(grokContext, (msg) => api.logger.info(msg));
+        if (check.valid) {
+          return { text: `✅ grok.com session active\nProxy: \`127.0.0.1:${port}\`\nModels: web-grok/grok-3, web-grok/grok-3-fast, web-grok/grok-3-mini, web-grok/grok-3-mini-fast` };
+        }
+        grokContext = null;
+        return { text: `❌ Session expired: ${check.reason}\nRun \`/grok-login\` to re-authenticate.` };
+      },
+    } satisfies OpenClawPluginCommandDefinition);
+
+    api.registerCommand({
+      name: "grok-logout",
+      description: "Clear saved grok.com session",
+      handler: async (): Promise<PluginCommandResult> => {
+        if (grokContext) {
+          await grokContext.close().catch(() => {});
+          grokContext = null;
+        }
+        deleteSession(grokSessionPath);
+        return { text: "✅ Logged out from grok.com. Session file deleted." };
+      },
+    } satisfies OpenClawPluginCommandDefinition);
+
     const allCommands = [
       ...CLI_MODEL_COMMANDS.map((c) => `/${c.name}`),
       "/cli-back",
       "/cli-test",
       "/cli-list",
+      "/grok-login",
+      "/grok-status",
+      "/grok-logout",
     ];
     api.logger.info(`[cli-bridge] registered ${allCommands.length} commands: ${allCommands.join(", ")}`);
   },

package/openclaw.plugin.json

@@ -1,7 +1,7 @@
 {
   "id": "openclaw-cli-bridge-elvatis",
   "name": "OpenClaw CLI Bridge",
-  "version": "0.2.25",
+  "version": "0.2.26",
   "description": "Phase 1: openai-codex auth bridge. Phase 2: local HTTP proxy routing model calls through gemini/claude CLIs (vllm provider).",
   "providers": [
     "openai-codex"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@elvatis_com/openclaw-cli-bridge-elvatis",
-  "version": "0.2.25",
+  "version": "0.2.26",
   "description": "Bridges gemini, claude, and codex CLI tools as OpenClaw model providers. Reads existing CLI auth without re-login.",
   "type": "module",
   "openclaw": {
@@ -18,5 +18,8 @@
     "@types/node": "^25.3.2",
     "typescript": "^5.9.3",
     "vitest": "^4.0.18"
+  },
+  "dependencies": {
+    "playwright": "^1.58.2"
   }
 }

package/src/grok-client.ts

@@ -0,0 +1,428 @@
+/**
+ * grok-client.ts
+ *
+ * HTTP client that sends chat completion requests to grok.com's internal REST API
+ * using an authenticated browser session (cookies).
+ *
+ * Endpoint: POST https://grok.com/rest/app-chat/conversations/new
+ * Response: Server-Sent Events (SSE) stream
+ *
+ * This mimics what the grok.com web UI does internally.
+ */
+
+import type { BrowserContext } from "playwright";
+
+// ──────────────────────────────────────────────────────────────────────────────
+// Types
+// ──────────────────────────────────────────────────────────────────────────────
+
+export interface ChatMessage {
+  role: "system" | "user" | "assistant";
+  content: string;
+}
+
+export interface GrokCompleteOptions {
+  messages: ChatMessage[];
+  model?: string;       // "grok-3" | "grok-3-fast" | "grok-3-mini" | "grok-3-mini-fast"
+  stream?: boolean;
+  maxTokens?: number;
+  temperature?: number;
+  timeoutMs?: number;
+}
+
+export interface GrokCompleteResult {
+  content: string;
+  model: string;
+  finishReason: string;
+  /** estimated — grok.com doesn't expose exact token counts */
+  promptTokens?: number;
+  completionTokens?: number;
+}
+
+/** SSE token event from grok.com */
+interface GrokTokenEvent {
+  result?: {
+    response?: {
+      token?: string;
+      finalMetadata?: {
+        inputTokenCount?: number;
+        outputTokenCount?: number;
+      };
+      modelResponse?: {
+        responseId?: string;
+        message?: string;
+      };
+    };
+    isSoftStop?: boolean;
+  };
+  error?: string;
+}
+
+// ──────────────────────────────────────────────────────────────────────────────
+// Model ID mapping: OpenAI-style → grok.com internal IDs
+// ──────────────────────────────────────────────────────────────────────────────
+
+const MODEL_MAP: Record<string, string> = {
+  "grok-3": "grok-3",
+  "grok-3-fast": "grok-3-fast",
+  "grok-3-mini": "grok-3-mini",
+  "grok-3-mini-fast": "grok-3-mini-fast",
+  // aliases
+  "grok": "grok-3",
+  "grok-fast": "grok-3-fast",
+  "grok-mini": "grok-3-mini",
+};
+
+function resolveModel(model?: string): string {
+  if (!model) return "grok-3";
+  return MODEL_MAP[model] ?? model;
+}
+
+// ──────────────────────────────────────────────────────────────────────────────
+// Request builder
+// ──────────────────────────────────────────────────────────────────────────────
+
+/** Build the request body for grok.com's internal API */
+function buildRequestBody(opts: GrokCompleteOptions): Record<string, unknown> {
+  const model = resolveModel(opts.model);
+
+  // Combine messages into a single user prompt (grok.com web doesn't expose multi-turn directly)
+  // System prompt → prepended to first user message
+  const systemMsgs = opts.messages.filter((m) => m.role === "system");
+  const convMsgs = opts.messages.filter((m) => m.role !== "system");
+
+  let userPrompt = "";
+  if (systemMsgs.length > 0) {
+    userPrompt = systemMsgs.map((m) => m.content).join("\n") + "\n\n";
+  }
+
+  // Build conversation history for multi-turn
+  const history: Array<{ role: string; content: string }> = [];
+  for (let i = 0; i < convMsgs.length - 1; i++) {
+    history.push({ role: convMsgs[i].role, content: convMsgs[i].content });
+  }
+  const lastMsg = convMsgs[convMsgs.length - 1];
+  userPrompt += lastMsg?.content ?? "";
+
+  return {
+    temporary: false,
+    modelName: model,
+    message: userPrompt,
+    fileAttachments: [],
+    imageAttachments: [],
+    disableSearch: false,
+    enableImageGeneration: false,
+    returnImageBytes: false,
+    returnRawGrokInXaiRequest: false,
+    enableSideBySide: false,
+    isReasoning: model.includes("mini"), // mini models support reasoning
+    conversationHistory: history,
+    toolOverrides: {},
+    enableCustomization: false,
+    deepsearchPreset: "",
+    isPreset: false,
+  };
+}
+
+// ──────────────────────────────────────────────────────────────────────────────
+// SSE parser
+// ──────────────────────────────────────────────────────────────────────────────
+
+function parseSSELine(line: string): GrokTokenEvent | null {
+  if (!line.startsWith("data: ")) return null;
+  const data = line.slice(6).trim();
+  if (data === "[DONE]") return null;
+  try {
+    return JSON.parse(data) as GrokTokenEvent;
+  } catch {
+    return null;
+  }
+}
+
+// ──────────────────────────────────────────────────────────────────────────────
+// Main client function
+// ──────────────────────────────────────────────────────────────────────────────
+
+const GROK_API_URL = "https://grok.com/rest/app-chat/conversations/new";
+const DEFAULT_TIMEOUT_MS = 120_000;
+
+/**
+ * Complete a chat via grok.com's internal API using a browser session context.
+ * Uses page.evaluate to make the fetch from inside the authenticated browser context.
+ */
+export async function grokComplete(
+  context: BrowserContext,
+  opts: GrokCompleteOptions,
+  log: (msg: string) => void
+): Promise<GrokCompleteResult> {
+  const timeoutMs = opts.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+  const model = resolveModel(opts.model);
+  const body = buildRequestBody(opts);
+
+  log(`grok-client: POST ${GROK_API_URL} model=${model}`);
+
+  // Open a background page in the authenticated context
+  const page = await context.newPage();
+
+  try {
+    // Navigate to grok.com first to ensure cookies are sent correctly
+    await page.goto("https://grok.com", {
+      waitUntil: "domcontentloaded",
+      timeout: 15_000,
+    });
+
+    // Make the API call from within the page (inherits cookies automatically)
+    const result = await page.evaluate(
+      async ({ url, requestBody, timeout }: { url: string; requestBody: unknown; timeout: number }) => {
+        const controller = new AbortController();
+        const timer = setTimeout(() => controller.abort(), timeout);
+
+        try {
+          const resp = await fetch(url, {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json",
+              Accept: "text/event-stream",
+            },
+            body: JSON.stringify(requestBody),
+            credentials: "include",
+            signal: controller.signal,
+          });
+
+          if (!resp.ok) {
+            const errText = await resp.text().catch(() => "");
+            return {
+              error: `HTTP ${resp.status}: ${errText.substring(0, 300)}`,
+              content: "",
+            };
+          }
+
+          const reader = resp.body!.getReader();
+          const decoder = new TextDecoder();
+          let fullText = "";
+          let buffer = "";
+          let inputTokens = 0;
+          let outputTokens = 0;
+          let finishReason = "stop";
+
+          while (true) {
+            const { done, value } = await reader.read();
+            if (done) break;
+
+            buffer += decoder.decode(value, { stream: true });
+            const lines = buffer.split("\n");
+            buffer = lines.pop() ?? "";
+
+            for (const line of lines) {
+              if (!line.startsWith("data: ")) continue;
+              const data = line.slice(6).trim();
+              if (data === "[DONE]") {
+                finishReason = "stop";
+                continue;
+              }
+              try {
+                const evt = JSON.parse(data);
+                const response = evt?.result?.response;
+                if (response?.token) {
+                  fullText += response.token;
+                }
+                if (response?.finalMetadata) {
+                  inputTokens = response.finalMetadata.inputTokenCount ?? 0;
+                  outputTokens = response.finalMetadata.outputTokenCount ?? 0;
+                }
+                if (evt?.result?.isSoftStop) {
+                  finishReason = "stop";
+                }
+                if (evt?.error) {
+                  return { error: String(evt.error), content: fullText };
+                }
+              } catch {
+                // ignore parse errors on individual SSE lines
+              }
+            }
+          }
+
+          return {
+            content: fullText,
+            inputTokens,
+            outputTokens,
+            finishReason,
+          };
+        } finally {
+          clearTimeout(timer);
+        }
+      },
+      { url: GROK_API_URL, requestBody: body, timeout: timeoutMs }
+    );
+
+    if ("error" in result && result.error) {
+      throw new Error(`grok.com API error: ${result.error}`);
+    }
+
+    log(
+      `grok-client: done — ${result.outputTokens ?? "?"} output tokens`
+    );
+
+    return {
+      content: result.content ?? "",
+      model,
+      finishReason: result.finishReason ?? "stop",
+      promptTokens: result.inputTokens,
+      completionTokens: result.outputTokens,
+    };
+  } finally {
+    await page.close();
+  }
+}
+
+// ──────────────────────────────────────────────────────────────────────────────
+// Streaming variant — yields tokens via callback
+// ──────────────────────────────────────────────────────────────────────────────
+
+export async function grokCompleteStream(
+  context: BrowserContext,
+  opts: GrokCompleteOptions,
+  onToken: (token: string) => void,
+  log: (msg: string) => void
+): Promise<GrokCompleteResult> {
+  // grok.com streams via SSE; we accumulate on the JS side and call onToken per chunk.
+  // Because page.evaluate can't stream back to Node, we use a polling approach:
+  // write tokens to window.__grokTokenBuf, poll from Node side.
+  const timeoutMs = opts.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+  const model = resolveModel(opts.model);
+  const body = buildRequestBody(opts);
+
+  log(`grok-client: streaming POST ${GROK_API_URL} model=${model}`);
+
+  const page = await context.newPage();
+
+  try {
+    await page.goto("https://grok.com", {
+      waitUntil: "domcontentloaded",
+      timeout: 15_000,
+    });
+
+    // Initialize token buffer on the page
+    await page.evaluate(() => {
+      (window as unknown as Record<string, unknown>).__grokTokenBuf = [];
+      (window as unknown as Record<string, unknown>).__grokDone = false;
+      (window as unknown as Record<string, unknown>).__grokError = null;
+      (window as unknown as Record<string, unknown>).__grokMeta = null;
+    });
+
+    // Start the fetch in the page (non-blocking — we poll from Node)
+    await page.evaluate(
+      async ({ url, requestBody, timeout }: { url: string; requestBody: unknown; timeout: number }) => {
+        const w = window as unknown as Record<string, unknown>;
+        const controller = new AbortController();
+        setTimeout(() => controller.abort(), timeout);
+
+        (async () => {
+          try {
+            const resp = await fetch(url, {
+              method: "POST",
+              headers: {
+                "Content-Type": "application/json",
+                Accept: "text/event-stream",
+              },
+              body: JSON.stringify(requestBody),
+              credentials: "include",
+              signal: controller.signal,
+            });
+
+            if (!resp.ok) {
+              const errText = await resp.text().catch(() => "");
+              w.__grokError = `HTTP ${resp.status}: ${errText.substring(0, 300)}`;
+              w.__grokDone = true;
+              return;
+            }
+
+            const reader = resp.body!.getReader();
+            const decoder = new TextDecoder();
+            let buffer = "";
+
+            while (true) {
+              const { done, value } = await reader.read();
+              if (done) break;
+              buffer += decoder.decode(value, { stream: true });
+              const lines = buffer.split("\n");
+              buffer = lines.pop() ?? "";
+
+              for (const line of lines) {
+                if (!line.startsWith("data: ")) continue;
+                const data = line.slice(6).trim();
+                if (data === "[DONE]") continue;
+                try {
+                  const evt = JSON.parse(data);
+                  const response = evt?.result?.response;
+                  if (response?.token) {
+                    (w.__grokTokenBuf as string[]).push(response.token);
+                  }
+                  if (response?.finalMetadata) {
+                    w.__grokMeta = response.finalMetadata;
+                  }
+                  if (evt?.error) {
+                    w.__grokError = String(evt.error);
+                  }
+                } catch {
+                  // ignore
+                }
+              }
+            }
+          } catch (e: unknown) {
+            w.__grokError = String(e);
+          } finally {
+            w.__grokDone = true;
+          }
+        })();
+      },
+      { url: GROK_API_URL, requestBody: body, timeout: timeoutMs }
+    );
+
+    // Poll the token buffer from Node side
+    let fullContent = "";
+    const pollInterval = 100; // ms
+    const deadline = Date.now() + timeoutMs;
+
+    while (Date.now() < deadline) {
+      const state = await page.evaluate(() => {
+        const w = window as unknown as Record<string, unknown>;
+        const tokens = (w.__grokTokenBuf as string[]).splice(0);
+        return {
+          tokens,
+          done: w.__grokDone as boolean,
+          error: w.__grokError as string | null,
+          meta: w.__grokMeta as { inputTokenCount?: number; outputTokenCount?: number } | null,
+        };
+      });
+
+      for (const token of state.tokens) {
+        onToken(token);
+        fullContent += token;
+      }
+
+      if (state.error) {
+        throw new Error(`grok.com stream error: ${state.error}`);
+      }
+
+      if (state.done) {
+        log(
+          `grok-client: stream done — ${state.meta?.outputTokenCount ?? "?"} tokens`
+        );
+        return {
+          content: fullContent,
+          model,
+          finishReason: "stop",
+          promptTokens: state.meta?.inputTokenCount,
+          completionTokens: state.meta?.outputTokenCount,
+        };
+      }
+
+      await new Promise((r) => setTimeout(r, pollInterval));
+    }
+
+    throw new Error(`grok.com stream timeout after ${timeoutMs}ms`);
+  } finally {
+    await page.close();
+  }
+}