@kweaver-ai/kweaver-sdk 0.5.2 → 0.6.1

package/README.md

@@ -142,7 +142,7 @@ const skillMd = await client.skills.fetchContent("skill-id");
 ## CLI Reference
 
 ```
-kweaver auth login <url> [--alias name] [-u user] [-p pass] [--playwright] [--insecure|-k]
+kweaver auth login <url> [--alias name] [--no-auth] [--no-browser] [-u user] [-p pass] [--playwright] [--insecure|-k]
 kweaver auth login <url> --client-id ID --client-secret S --refresh-token T   (headless login)
 kweaver auth export [url|alias] [--json]   (export command to run on a headless host)
 kweaver auth status/list/use/delete/logout
@@ -150,6 +150,7 @@ kweaver config show / list-bd / set-bd <value>   # platform business domain —
 kweaver token
 kweaver ds list/get/delete/tables/connect
 kweaver ds import-csv <ds_id> --files <glob> [--table-prefix <p>] [--batch-size 500] [--recreate]
+kweaver dataflow list/run/runs/logs
 kweaver dataview list/find/get/query/delete
 kweaver bkn list/get/stats/export/create/update/delete
 kweaver bkn create-from-ds <ds_id> --name <name> [--tables t1,t2] [--build]
@@ -169,6 +170,22 @@ kweaver context-loader kn-search/query-object-instance/...
 kweaver call <path> [-X METHOD] [-d BODY] [-H header]
 ```
 
+### Dataflow CLI examples
+
+```bash
+kweaver dataflow list
+kweaver dataflow run <dagId> --file ./demo.pdf
+kweaver dataflow run <dagId> --url https://example.com/demo.pdf --name demo.pdf
+kweaver dataflow runs <dagId>
+kweaver dataflow runs <dagId> --since 2026-04-01
+kweaver dataflow logs <dagId> <instanceId>
+kweaver dataflow logs <dagId> <instanceId> --detail
+```
+
+`kweaver dataflow runs --since` filters one local natural day. If the value cannot be parsed by `new Date(...)`, the CLI falls back to the most recent 20 runs. `kweaver dataflow logs` defaults to summary output; add `--detail` to print indented `input` and `output` payloads.
+
+**No-auth platforms:** If OAuth is not enabled, use `kweaver auth <url> --no-auth` (or run a normal `auth login`; a **404** on `POST /oauth2/clients` switches to no-auth automatically). Credentials are still saved under `~/.kweaver/` and work with `auth use` / `auth list`. Optional: `KWEAVER_NO_AUTH=1` with `KWEAVER_BASE_URL` when no token env is set. SDK: `new KWeaverClient({ baseUrl, auth: false })` or `kweaver.configure({ baseUrl, auth: false })`.
+
 ## Environment Variables
 
 | Variable | Description |
@@ -176,6 +193,7 @@ kweaver call <path> [-X METHOD] [-d BODY] [-H header]
 | `KWEAVER_BASE_URL` | KWeaver instance URL |
 | `KWEAVER_BUSINESS_DOMAIN` | Business domain identifier |
 | `KWEAVER_TOKEN` | Access token |
+| `KWEAVER_NO_AUTH` | Set to `1`/`true`/`yes` to use no-auth sentinel when `KWEAVER_TOKEN` is unset (with `KWEAVER_BASE_URL` or active platform) |
 | `KWEAVER_TLS_INSECURE` | Set to `1` or `true` to skip TLS certificate verification for all HTTPS in the process (dev only; prefer `kweaver auth … --insecure` which saves per platform) |
 | `NODE_TLS_REJECT_UNAUTHORIZED` | Node.js built-in TLS switch: set to `0` to skip certificate verification for HTTPS in this process. The `kweaver` CLI sets this when `KWEAVER_TLS_INSECURE` is set or the saved token has insecure TLS (same scope as above; dev only). |
 

package/README.zh.md

@@ -131,13 +131,14 @@ const skillMd = await client.skills.fetchContent("skill-id");
 ## 命令速查
 
 ```
-kweaver auth login <url> [--alias name] [-u user] [-p pass] [--playwright] [--insecure|-k]
+kweaver auth login <url> [--alias name] [--no-auth] [--no-browser] [-u user] [-p pass] [--playwright] [--insecure|-k]
 kweaver auth login <url> --client-id ID --client-secret S --refresh-token T   (无浏览器登录)
 kweaver auth export [url|alias] [--json]   (导出在无浏览器机器上运行的命令)
 kweaver auth status/list/use/delete/logout
 kweaver config show / list-bd / set-bd <value>   # 平台业务域，登录后优先
 kweaver token
 kweaver ds list/get/delete/tables/connect
+kweaver dataflow list/run/runs/logs
 kweaver dataview list/find/get/query/delete
 kweaver bkn list/get/stats/export/create/update/delete
 kweaver bkn object-type list/get/create/update/delete/query/properties
@@ -153,6 +154,22 @@ kweaver context-loader kn-search/query-object-instance/...
 kweaver call <path> [-X METHOD] [-d BODY] [-H header]
 ```
 
+### Dataflow CLI 示例
+
+```bash
+kweaver dataflow list
+kweaver dataflow run <dagId> --file ./demo.pdf
+kweaver dataflow run <dagId> --url https://example.com/demo.pdf --name demo.pdf
+kweaver dataflow runs <dagId>
+kweaver dataflow runs <dagId> --since 2026-04-01
+kweaver dataflow logs <dagId> <instanceId>
+kweaver dataflow logs <dagId> <instanceId> --detail
+```
+
+`kweaver dataflow runs --since` 会按本地自然日过滤；如果参数无法被 `new Date(...)` 解析，CLI 会回退到最近 20 条运行记录。`kweaver dataflow logs` 默认输出摘要；加上 `--detail` 会打印带缩进的 `input` 和 `output` 载荷。
+
+**无 OAuth 的平台：** 使用 `kweaver auth <url> --no-auth`，或照常 `auth login`；若 `POST /oauth2/clients` 返回 **404**，CLI 会提示并自动保存为 no-auth。凭据仍在 `~/.kweaver/`，可用 `auth use` / `auth list` 切换。可选环境变量 `KWEAVER_NO_AUTH=1`（未设置 `KWEAVER_TOKEN` 时）配合 `KWEAVER_BASE_URL`。SDK：`new KWeaverClient({ baseUrl, auth: false })` 或 `kweaver.configure({ baseUrl, auth: false })`。
+
 ## 环境变量
 
 | 变量 | 说明 |
@@ -160,6 +177,7 @@ kweaver call <path> [-X METHOD] [-d BODY] [-H header]
 | `KWEAVER_BASE_URL` | KWeaver 实例地址 |
 | `KWEAVER_BUSINESS_DOMAIN` | 业务域标识 |
 | `KWEAVER_TOKEN` | 访问令牌 |
+| `KWEAVER_NO_AUTH` | 设为 `1`/`true`/`yes` 且未设置 `KWEAVER_TOKEN` 时使用 no-auth 占位（需 `KWEAVER_BASE_URL` 或已选平台） |
 | `KWEAVER_TLS_INSECURE` | 设为 `1` 或 `true` 时跳过 TLS 证书校验（仅开发；更推荐 `kweaver auth … --insecure` 以按平台持久化） |
 | `NODE_TLS_REJECT_UNAUTHORIZED` | Node.js 内置 TLS 开关：设为 `0` 时在本进程内跳过 HTTPS 证书校验。`kweaver` 在 `KWEAVER_TLS_INSECURE` 生效或已保存 token 为不安全 TLS 时会设置此项（范围同上；仅开发）。 |
 

package/dist/api/agent-chat.d.ts

@@ -58,9 +58,15 @@ export declare function processIncrementalUpdate(data: {
 }, result: Record<string, unknown>): void;
 export declare function sendChatRequest(options: SendChatRequestOptions): Promise<ChatResult>;
 export interface SendChatRequestStreamCallbacks {
-    onTextDelta: (fullText: string) => void;
+    onTextDelta: (fullText: string, currentSegmentText: string) => void;
     /** Optional: called when message.content.middle_answer.progress updates (tool/skill steps). */
     onProgress?: (progress: ProgressItem[]) => void;
+    /** Optional: called when a text segment is completed and a new phase starts. */
+    onSegmentComplete?: (segmentText: string, segmentIndex: number) => void;
+    /** Optional: called when answer_type_other changes (step metadata like status, tool info). */
+    onStepMeta?: (meta: Record<string, unknown>) => void;
+    /** Optional: called as soon as conversationId is discovered in the stream. */
+    onConversationId?: (conversationId: string) => void;
 }
 /**
  * Stream-only entry point for TUI: same as sendChatRequest with stream=true,

package/dist/api/agent-chat.js

@@ -1,4 +1,5 @@
-import { fetchTextOrThrow, HttpError } from "../utils/http.js";
+import { isNoAuth } from "../config/no-auth.js";
+import { fetchTextOrThrow, fetchWithRetry, HttpError } from "../utils/http.js";
 import { normalizeDisplayText } from "../utils/display-text.js";
 const CHAT_PATH = "/api/agent-factory/v1/app";
 const AGENT_INFO_PATH = "/api/agent-factory/v3/agent-market/agent";
@@ -13,16 +14,19 @@ export function buildAgentInfoUrl(baseUrl, agentId, version) {
 export async function fetchAgentInfo(options) {
     const { baseUrl, accessToken, agentId, version, businessDomain = "bd_public" } = options;
     const url = buildAgentInfoUrl(baseUrl, agentId, version);
+    const agentHeaders = {
+        accept: "application/json, text/plain, */*",
+        "x-business-domain": businessDomain,
+        "x-language": "zh-CN",
+        "x-requested-with": "XMLHttpRequest",
+    };
+    if (!isNoAuth(accessToken)) {
+        agentHeaders.Authorization = `Bearer ${accessToken}`;
+        agentHeaders.token = accessToken;
+    }
     const { body } = await fetchTextOrThrow(url, {
         method: "GET",
-        headers: {
-            accept: "application/json, text/plain, */*",
-            Authorization: `Bearer ${accessToken}`,
-            token: accessToken,
-            "x-business-domain": businessDomain,
-            "x-language": "zh-CN",
-            "x-requested-with": "XMLHttpRequest",
-        },
+        headers: agentHeaders,
     });
     const data = JSON.parse(body);
     if (!data.id || !data.key) {
@@ -67,6 +71,19 @@ function stringFromAnswerObject(obj) {
     const parts = [d, c ? `code: ${c}` : "", s ? `solution: ${s}` : ""].filter(Boolean);
     return parts.join("\n");
 }
+/** Format answer_type_other which may be an array of strings or an object. */
+function stringFromAnswerTypeOther(other) {
+    if (Array.isArray(other)) {
+        const strings = other.filter((s) => typeof s === "string" && s);
+        if (strings.length > 0)
+            return JSON.stringify(strings);
+        return "";
+    }
+    if (other && typeof other === "object") {
+        return stringFromAnswerObject(other);
+    }
+    return "";
+}
 export function extractText(data) {
     if (!data || typeof data !== "object")
         return "";
@@ -74,44 +91,44 @@ export function extractText(data) {
     const fa = obj.final_answer;
     if (fa?.answer && typeof fa.answer === "object") {
         const ans = fa.answer;
-        if (typeof ans.text === "string")
+        if (typeof ans.text === "string" && ans.text)
             return ans.text;
     }
-    if (typeof fa?.text === "string") {
+    if (typeof fa?.text === "string" && fa.text) {
         return fa.text;
     }
+    // Check answer_type_other at final_answer level (for content_type "other")
+    if (fa?.answer_type_other) {
+        const desc = stringFromAnswerTypeOther(fa.answer_type_other);
+        if (desc)
+            return desc;
+    }
     const msg = obj.message;
-    if (typeof msg?.text === "string") {
+    if (typeof msg?.text === "string" && msg.text) {
         return msg.text;
     }
     if (msg?.content && typeof msg.content === "object") {
         const content = msg.content;
-        if (typeof content.text === "string")
+        if (typeof content.text === "string" && content.text)
             return content.text;
         const contentFinalAnswer = content.final_answer;
         if (contentFinalAnswer?.answer && typeof contentFinalAnswer.answer === "object") {
             const answer = contentFinalAnswer.answer;
-            if (typeof answer.text === "string")
+            if (typeof answer.text === "string" && answer.text)
                 return answer.text;
         }
-        if (typeof contentFinalAnswer?.text === "string") {
+        if (typeof contentFinalAnswer?.text === "string" && contentFinalAnswer.text) {
             return contentFinalAnswer.text;
         }
-        const other = contentFinalAnswer?.answer_type_other;
-        if (other && typeof other === "object") {
-            const desc = stringFromAnswerObject(other);
+        // Check answer_type_other at content.final_answer level
+        if (contentFinalAnswer?.answer_type_other) {
+            const desc = stringFromAnswerTypeOther(contentFinalAnswer.answer_type_other);
             if (desc)
                 return desc;
         }
     }
-    const topOther = fa?.answer_type_other;
-    if (topOther && typeof topOther === "object") {
-        const desc = stringFromAnswerObject(topOther);
-        if (desc)
-            return desc;
-    }
     const answer = obj.answer;
-    if (typeof answer?.text === "string") {
+    if (typeof answer?.text === "string" && answer.text) {
         return answer.text;
     }
     return "";
@@ -194,7 +211,7 @@ function getProgressFromResult(result) {
         };
     });
 }
-function applySseDataLine(line, state, verbose, onTextDelta, onProgress) {
+function applySseDataLine(line, state, verbose, onTextDelta, onProgress, onSegmentComplete, onStepMeta, onConversationId) {
     if (!line.startsWith("data: ")) {
         return;
     }
@@ -208,21 +225,45 @@ function applySseDataLine(line, state, verbose, onTextDelta, onProgress) {
         if (data.key?.length === 1 && data.key[0] === "conversation_id" && data.action === "upsert") {
             state.conversationId =
                 typeof data.content === "string" ? data.content : String(data.content ?? "");
+            if (state.conversationId && onConversationId) {
+                onConversationId(state.conversationId);
+            }
+        }
+        // Detect answer_type_other changes (step metadata: status, end_time, etc.)
+        if (data.key && data.key.join(".").includes("answer_type_other") && data.action === "upsert") {
+            const ato = getByPath(state.result, ["message", "content", "final_answer", "answer_type_other"]);
+            console.error(`[STEP_META] ${JSON.stringify(ato).slice(0, 500)}`);
+            if (ato && typeof ato === "object" && onStepMeta) {
+                onStepMeta(ato);
+            }
         }
         const progress = getProgressFromResult(state.result);
         if (progress.length > 0 && onProgress) {
             onProgress(progress);
         }
-        const text = normalizeDisplayText(extractText(state.result));
-        if (text && text !== state.lastText) {
+        const rawText = normalizeDisplayText(extractText(state.result));
+        // Detect when the upstream clears text between steps: previous had content, now empty or
+        // significantly shorter (new segment starting). Save the completed segment.
+        if (state.prevRawText && (!rawText || rawText.length < state.prevRawText.length * 0.5)) {
+            state.completedSegments.push(state.prevRawText);
+            if (onSegmentComplete) {
+                onSegmentComplete(state.prevRawText, state.completedSegments.length - 1);
+            }
+        }
+        state.prevRawText = rawText;
+        // Build full text: completed segments + current segment
+        const fullText = state.completedSegments.length > 0
+            ? state.completedSegments.join("\n\n") + (rawText ? "\n\n" + rawText : "")
+            : rawText;
+        if (fullText && fullText !== state.lastText) {
             if (onTextDelta) {
-                onTextDelta(text);
+                onTextDelta(fullText, rawText);
             }
             else {
-                const delta = text.slice(state.lastText.length);
+                const delta = fullText.slice(state.lastText.length);
                 process.stdout.write(delta);
             }
-            state.lastText = text;
+            state.lastText = fullText;
         }
     }
     catch {
@@ -247,11 +288,13 @@ export async function sendChatRequest(options) {
     const headers = {
         "Content-Type": "application/json",
         accept: stream ? "text/event-stream" : "application/json",
-        Authorization: `Bearer ${accessToken}`,
         "Accept-Language": "zh-CN",
         "x-Language": "zh-CN",
         "x-business-domain": businessDomain,
     };
+    if (!isNoAuth(accessToken)) {
+        headers.Authorization = `Bearer ${accessToken}`;
+    }
     if (verbose) {
         console.error(`POST ${url}`);
         const safeHeaders = Object.fromEntries(Object.entries(headers).map(([k, v]) => k.toLowerCase() === "authorization" ? [k, "Bearer ***"] : [k, v]));
@@ -260,7 +303,7 @@ export async function sendChatRequest(options) {
     }
     let response;
     try {
-        response = await fetch(url, {
+        response = await fetchWithRetry(url, {
             method: "POST",
             headers,
             body: JSON.stringify(body),
@@ -306,11 +349,13 @@ export async function sendChatRequestStream(options, callbacks) {
     const headers = {
         "Content-Type": "application/json",
         accept: "text/event-stream",
-        Authorization: `Bearer ${accessToken}`,
         "Accept-Language": "zh-CN",
         "x-Language": "zh-CN",
         "x-business-domain": businessDomain,
     };
+    if (!isNoAuth(accessToken)) {
+        headers.Authorization = `Bearer ${accessToken}`;
+    }
     if (verbose) {
         console.error(`POST ${url}`);
         const safeHeaders = Object.fromEntries(Object.entries(headers).map(([k, v]) => k.toLowerCase() === "authorization" ? [k, "Bearer ***"] : [k, v]));
@@ -319,7 +364,7 @@ export async function sendChatRequestStream(options, callbacks) {
     }
     let response;
     try {
-        response = await fetch(url, {
+        response = await fetchWithRetry(url, {
             method: "POST",
             headers,
             body: JSON.stringify(body),
@@ -335,29 +380,75 @@ export async function sendChatRequestStream(options, callbacks) {
         throw new HttpError(response.status, response.statusText, text);
     }
     if (contentType.includes("text/event-stream")) {
-        return handleStreamResponse(response, verbose, callbacks.onTextDelta, callbacks.onProgress);
+        return handleStreamResponse(response, verbose, callbacks.onTextDelta, callbacks.onProgress, callbacks.onSegmentComplete, callbacks.onStepMeta, callbacks.onConversationId);
     }
     const text = await response.text();
     const json = parseJsonResponse(text);
     const resultText = normalizeDisplayText(extractText(json));
     const convId = json.conversation_id;
-    callbacks.onTextDelta(resultText);
+    callbacks.onTextDelta(resultText, resultText);
     return { text: resultText, conversationId: convId, progress: getProgressFromResult(json) };
 }
-async function handleStreamResponse(response, verbose, onTextDelta, onProgress) {
+async function handleStreamResponse(response, verbose, onTextDelta, onProgress, onSegmentComplete, onStepMeta, onConversationId) {
     const reader = response.body?.getReader();
     if (!reader) {
         throw new Error("No response body for stream");
     }
     const decoder = new TextDecoder();
     let buffer = "";
+    let pendingEventType = "";
     const state = {
         result: {},
         conversationId: undefined,
         lastText: "",
+        completedSegments: [],
+        prevRawText: "",
     };
     const applyLine = (line) => {
-        applySseDataLine(line, state, verbose, onTextDelta, onProgress);
+        // Track SSE event type (e.g., "event:error")
+        if (line.startsWith("event:")) {
+            pendingEventType = line.slice(6).trim();
+            return;
+        }
+        // If we have an error event type, handle the data line as an error
+        if (pendingEventType === "error" && line.startsWith("data: ")) {
+            pendingEventType = "";
+            const errStr = line.slice(6).trim();
+            // Emit as error text rather than processing as incremental update
+            if (onTextDelta) {
+                let errMsg = errStr;
+                let errDetail = "";
+                try {
+                    const errObj = JSON.parse(errStr);
+                    errMsg = errObj.description || errObj.details || errStr;
+                    if (errObj.solution && errObj.solution !== "无")
+                        errMsg += "\n💡 " + errObj.solution;
+                    // Collect all remaining fields as detail context
+                    const detailFields = {};
+                    for (const [k, v] of Object.entries(errObj)) {
+                        if (k !== "description" && k !== "solution" && v != null && v !== "") {
+                            detailFields[k] = v;
+                        }
+                    }
+                    if (Object.keys(detailFields).length > 0) {
+                        errDetail = "\n\n<details><summary>详细错误信息</summary>\n\n```json\n" + JSON.stringify(detailFields, null, 2) + "\n```\n</details>";
+                    }
+                }
+                catch {
+                    if (verbose)
+                        console.error("Failed to parse SSE error JSON:", errStr);
+                }
+                const errText = "⚠️ " + errMsg + errDetail;
+                const fullText = state.completedSegments.length > 0
+                    ? state.completedSegments.join("\n\n") + "\n\n" + errText
+                    : errText;
+                onTextDelta(fullText, errText);
+                state.lastText = fullText;
+            }
+            return;
+        }
+        pendingEventType = "";
+        applySseDataLine(line, state, verbose, onTextDelta, onProgress, onSegmentComplete, onStepMeta, onConversationId);
     };
     while (true) {
         const { done, value } = await reader.read();
@@ -376,6 +467,21 @@ async function handleStreamResponse(response, verbose, onTextDelta, onProgress)
     if (!onTextDelta && state.lastText && !state.lastText.endsWith("\n")) {
         process.stdout.write("\n");
     }
-    const finalText = normalizeDisplayText(extractText(state.result) || state.lastText);
+    // Fallback: try to extract conversationId from accumulated result if not found in stream
+    if (!state.conversationId) {
+        const r = state.result;
+        const candidate = r.conversation_id ??
+            r.message?.conversation_id ??
+            r.conversationId;
+        if (typeof candidate === "string" && candidate) {
+            state.conversationId = candidate;
+            if (onConversationId)
+                onConversationId(candidate);
+        }
+    }
+    const rawFinal = normalizeDisplayText(extractText(state.result));
+    const finalText = state.completedSegments.length > 0
+        ? state.completedSegments.join("\n\n") + (rawFinal ? "\n\n" + rawFinal : "")
+        : rawFinal || state.lastText;
     return { text: finalText, conversationId: state.conversationId };
 }

package/dist/api/agent-list.js

@@ -1,4 +1,4 @@
-import { HttpError } from "../utils/http.js";
+import { HttpError, fetchWithRetry } from "../utils/http.js";
 import { buildHeaders } from "./headers.js";
 export async function listAgents(options) {
     const { baseUrl, accessToken, businessDomain = "bd_public", name = "", offset = 0, limit = 50, category_id = "", custom_space_id = "", is_to_square = 1, } = options;
@@ -12,7 +12,7 @@ export async function listAgents(options) {
         custom_space_id,
         is_to_square,
     });
-    const response = await fetch(url, {
+    const response = await fetchWithRetry(url, {
         method: "POST",
         headers: buildHeaders(accessToken, businessDomain),
         body,
@@ -27,7 +27,7 @@ export async function getAgent(options) {
     const { baseUrl, accessToken, agentId, businessDomain = "bd_public", } = options;
     const base = baseUrl.replace(/\/+$/, "");
     const url = `${base}/api/agent-factory/v3/agent/${encodeURIComponent(agentId)}`;
-    const response = await fetch(url, {
+    const response = await fetchWithRetry(url, {
         method: "GET",
         headers: buildHeaders(accessToken, businessDomain),
     });
@@ -41,7 +41,7 @@ export async function getAgentByKey(options) {
     const { baseUrl, accessToken, key, businessDomain = "bd_public", } = options;
     const base = baseUrl.replace(/\/+$/, "");
     const url = `${base}/api/agent-factory/v3/agent/by-key/${encodeURIComponent(key)}`;
-    const response = await fetch(url, {
+    const response = await fetchWithRetry(url, {
         method: "GET",
         headers: buildHeaders(accessToken, businessDomain),
     });
@@ -55,7 +55,7 @@ export async function createAgent(options) {
     const { baseUrl, accessToken, body, businessDomain = "bd_public", } = options;
     const base = baseUrl.replace(/\/+$/, "");
     const url = `${base}/api/agent-factory/v3/agent`;
-    const response = await fetch(url, {
+    const response = await fetchWithRetry(url, {
         method: "POST",
         headers: {
             ...buildHeaders(accessToken, businessDomain),
@@ -73,7 +73,7 @@ export async function updateAgent(options) {
     const { baseUrl, accessToken, agentId, body, businessDomain = "bd_public", } = options;
     const base = baseUrl.replace(/\/+$/, "");
     const url = `${base}/api/agent-factory/v3/agent/${encodeURIComponent(agentId)}`;
-    const response = await fetch(url, {
+    const response = await fetchWithRetry(url, {
         method: "PUT",
         headers: {
             ...buildHeaders(accessToken, businessDomain),
@@ -91,7 +91,7 @@ export async function deleteAgent(options) {
     const { baseUrl, accessToken, agentId, businessDomain = "bd_public", } = options;
     const base = baseUrl.replace(/\/+$/, "");
     const url = `${base}/api/agent-factory/v3/agent/${encodeURIComponent(agentId)}`;
-    const response = await fetch(url, {
+    const response = await fetchWithRetry(url, {
         method: "DELETE",
         headers: buildHeaders(accessToken, businessDomain),
     });
@@ -113,7 +113,7 @@ export async function publishAgent(options) {
         publish_to_bes: ["skill_agent"],
         pms_control: null,
     });
-    const response = await fetch(url, {
+    const response = await fetchWithRetry(url, {
         method: "POST",
         headers: {
             ...buildHeaders(accessToken, businessDomain),
@@ -131,7 +131,7 @@ export async function unpublishAgent(options) {
     const { baseUrl, accessToken, agentId, businessDomain = "bd_public", } = options;
     const base = baseUrl.replace(/\/+$/, "");
     const url = `${base}/api/agent-factory/v3/agent/${encodeURIComponent(agentId)}/unpublish`;
-    const response = await fetch(url, {
+    const response = await fetchWithRetry(url, {
         method: "PUT",
         headers: buildHeaders(accessToken, businessDomain),
     });
@@ -154,7 +154,7 @@ export async function listPersonalAgents(options) {
         params.append("publish_to_be", publish_to_be);
     params.append("size", String(size));
     const url = `${base}/api/agent-factory/v3/personal-space/agent-list?${params.toString()}`;
-    const response = await fetch(url, {
+    const response = await fetchWithRetry(url, {
         method: "GET",
         headers: buildHeaders(accessToken, businessDomain),
     });
@@ -176,7 +176,7 @@ export async function listPublishedAgentTemplates(options) {
         params.append("pagination_marker_str", pagination_marker_str);
     params.append("size", String(size));
     const url = `${base}/api/agent-factory/v3/published/agent-tpl?${params.toString()}`;
-    const response = await fetch(url, {
+    const response = await fetchWithRetry(url, {
         method: "GET",
         headers: buildHeaders(accessToken, businessDomain),
     });
@@ -190,7 +190,7 @@ export async function getPublishedAgentTemplate(options) {
     const { baseUrl, accessToken, templateId, businessDomain = "bd_public", } = options;
     const base = baseUrl.replace(/\/+$/, "");
     const url = `${base}/api/agent-factory/v3/published/agent-tpl/${encodeURIComponent(templateId)}`;
-    const response = await fetch(url, {
+    const response = await fetchWithRetry(url, {
         method: "GET",
         headers: buildHeaders(accessToken, businessDomain),
     });
@@ -204,7 +204,7 @@ export async function listAgentCategories(options) {
     const { baseUrl, accessToken, businessDomain = "bd_public", } = options;
     const base = baseUrl.replace(/\/+$/, "");
     const url = `${base}/api/agent-factory/v3/category`;
-    const response = await fetch(url, {
+    const response = await fetchWithRetry(url, {
         method: "GET",
         headers: buildHeaders(accessToken, businessDomain),
     });

package/dist/api/business-domains.js

@@ -1,3 +1,4 @@
+import { isNoAuth } from "../config/no-auth.js";
 import { HttpError } from "../utils/http.js";
 async function withTlsInsecure(tlsInsecure, fn) {
     if (!tlsInsecure) {
@@ -26,13 +27,16 @@ export async function listBusinessDomains(options) {
     const base = baseUrl.replace(/\/+$/, "");
     const url = `${base}/api/business-system/v1/business-domain`;
     return withTlsInsecure(tlsInsecure, async () => {
+        const headers = {
+            accept: "application/json, text/plain, */*",
+        };
+        if (!isNoAuth(accessToken)) {
+            headers.authorization = `Bearer ${accessToken}`;
+            headers.token = accessToken;
+        }
         const response = await fetch(url, {
             method: "GET",
-            headers: {
-                accept: "application/json, text/plain, */*",
-                authorization: `Bearer ${accessToken}`,
-                token: accessToken,
-            },
+            headers,
         });
         const body = await response.text();
         if (!response.ok) {

package/dist/api/context-loader.js

@@ -1,3 +1,4 @@
+import { isNoAuth } from "../config/no-auth.js";
 import { fetchTextOrThrow } from "../utils/http.js";
 const MCP_PROTOCOL_VERSION = "2024-11-05";
 const SESSION_TTL_MS = 300_000; // 5 minutes
@@ -9,10 +10,12 @@ function buildHeaders(options, sessionId) {
     const headers = {
         "Content-Type": "application/json",
         Accept: "application/json, text/event-stream",
-        Authorization: `Bearer ${options.accessToken}`,
         "X-Kn-ID": options.knId,
         "MCP-Protocol-Version": MCP_PROTOCOL_VERSION,
     };
+    if (!isNoAuth(options.accessToken)) {
+        headers.Authorization = `Bearer ${options.accessToken}`;
+    }
     if (sessionId) {
         headers["MCP-Session-Id"] = sessionId;
     }

package/dist/api/conversations.js

@@ -1,3 +1,4 @@
+import { buildHeaders } from "./headers.js";
 function buildConversationsUrl(baseUrl, agentKey) {
     const base = baseUrl.replace(/\/+$/, "");
     return `${base}/api/agent-factory/v1/app/${agentKey}/conversation`;
@@ -19,9 +20,7 @@ export async function listConversations(opts) {
         method: "GET",
         headers: {
             accept: "application/json",
-            authorization: `Bearer ${accessToken}`,
-            token: accessToken,
-            "x-business-domain": businessDomain,
+            ...buildHeaders(accessToken, businessDomain),
         },
     });
     const body = await response.text();
@@ -42,9 +41,7 @@ export async function getTracesByConversation(opts) {
         headers: {
             "Content-Type": "application/json",
             accept: "application/json",
-            authorization: `Bearer ${accessToken}`,
-            token: accessToken,
-            "x-business-domain": businessDomain,
+            ...buildHeaders(accessToken, businessDomain),
         },
         body: JSON.stringify({
             agent_id: agentId,
@@ -71,9 +68,7 @@ export async function listMessages(opts) {
         method: "GET",
         headers: {
             accept: "application/json",
-            authorization: `Bearer ${accessToken}`,
-            token: accessToken,
-            "x-business-domain": businessDomain,
+            ...buildHeaders(accessToken, businessDomain),
         },
     });
     const body = await response.text();