npm - @lifeaitools/clauth - Versions diffs - 1.5.65 → 1.5.67 - Mend

@lifeaitools/clauth 1.5.65 → 1.5.67

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/cli/commands/serve.js +15 -222
package/package.json +1 -1

package/cli/commands/serve.js CHANGED Viewed

@@ -862,11 +862,6 @@ function dashboardHtml(port, whitelist, isStaged = false) {
         <span class="mcp-val" id="mcp-url">—</span>
         <button class="mcp-copy" onclick="copyMcp('mcp-url')">copy</button>
       </div>
-      <div class="mcp-row">
-        <span class="mcp-label">GWS</span>
-        <span class="mcp-val" id="mcp-gws-url">—</span>
-        <button class="mcp-copy" onclick="copyMcp('mcp-gws-url')">copy</button>
-      </div>
       <div class="mcp-row">
         <span class="mcp-label">Client ID</span>
         <span class="mcp-val" id="mcp-client-id">—</span>
@@ -1959,12 +1954,10 @@ async function toggleMcpSetup() {
     try {
       const m = await fetch(BASE + "/mcp-setup").then(r => r.json());
       document.getElementById("mcp-url").textContent = m.url || "(tunnel not running)";
-      document.getElementById("mcp-gws-url").textContent = m.gwsUrl || "(tunnel not running)";
       document.getElementById("mcp-client-id").textContent = m.clientId || "—";
       document.getElementById("mcp-client-secret").textContent = m.clientSecret || "—";
     } catch {
       document.getElementById("mcp-url").textContent = "(error fetching)";
-      document.getElementById("mcp-gws-url").textContent = "(error fetching)";
     }
   }
 }
@@ -2342,23 +2335,17 @@ async function wizRunCreateTunnel() {
 async function wizShowMcpSetup(hostname) {
   wizStep = "mcp_setup";
   const clauthUrl = \`https://\${hostname}/clauth\`;
-  const gwsUrl = \`https://\${hostname}/gws\`;
   const mcpData = await apiFetch("/mcp-setup");
   renderWizBody(\`
-    <div class="wiz-desc">Add two MCP connectors in claude.ai — one for Clauth, one for GWS:</div>
+    <div class="wiz-desc">Add the Clauth MCP connector in claude.ai:</div>
     <div style="display:flex;flex-direction:column;gap:8px;margin-top:10px">
       <div class="mcp-row">
         <span class="mcp-label">Clauth URL</span>
         <span class="mcp-val" id="wiz-mcp-url">\${clauthUrl}</span>
         <button class="mcp-copy" onclick="wizCopy('wiz-mcp-url',this)">copy</button>
       </div>
-      <div class="mcp-row">
-        <span class="mcp-label">GWS URL</span>
-        <span class="mcp-val" id="wiz-mcp-gws">\${gwsUrl}</span>
-        <button class="mcp-copy" onclick="wizCopy('wiz-mcp-gws',this)">copy</button>
-      </div>
       <div class="mcp-row">
         <span class="mcp-label">Client ID</span>
         <span class="mcp-val" id="wiz-mcp-cid">\${mcpData?.clientId || '(unlock required)'}</span>
@@ -2953,7 +2940,7 @@ function createServer(initPassword, whitelist, port, tunnelHostnameInit = null,
     if (reqPath.startsWith("/.well-known/oauth-protected-resource")) {
       const base = oauthBase();
       const suffix = reqPath.replace("/.well-known/oauth-protected-resource", "").replace(/^\//, "");
-      const resourcePath = suffix && ["/gws", "/clauth", "/mcp", "/fs", "/sse"].includes("/" + suffix) ? "/" + suffix : "/sse";
+      const resourcePath = suffix && ["/clauth", "/mcp", "/sse"].includes("/" + suffix) ? "/" + suffix : "/sse";
       res.writeHead(200, { "Content-Type": "application/json", "Cache-Control": "no-store", ...CORS });
       return res.end(JSON.stringify({
         resource: `${base}${resourcePath}`,
@@ -3133,20 +3120,14 @@ function createServer(initPassword, whitelist, port, tunnelHostnameInit = null,
     }
     // ── MCP path helpers ──
-    const MCP_PATHS = ["/mcp", "/gws", "/clauth", "/fs", "/chitchat"];
+    const MCP_PATHS = ["/mcp", "/clauth"];
     const isMcpPath = MCP_PATHS.includes(reqPath);
     function toolsForPath(p) {
-      if (p === "/gws")      return MCP_TOOLS.filter(t => t.name.startsWith("gws_"));
       if (p === "/clauth")   return MCP_TOOLS.filter(t => t.name.startsWith("clauth_") || t.name === "monkey_dispatch" || t.name.startsWith("terminal_") || t.name.startsWith("channel_"));
-      if (p === "/fs")       return MCP_TOOLS.filter(t => t.name.startsWith("fs_"));
-      if (p === "/chitchat") return MCP_TOOLS.filter(t => t.name.startsWith("chitchat_"));
       return MCP_TOOLS; // /mcp — all tools
     }
     function serverNameForPath(p) {
-      if (p === "/gws")      return "gws";
       if (p === "/clauth")   return "clauth";
-      if (p === "/fs")       return "fs";
-      if (p === "/chitchat") return "chitchat";
       return "clauth";
     }
@@ -3178,7 +3159,7 @@ function createServer(initPassword, whitelist, port, tunnelHostnameInit = null,
     }
     // ── MCP Streamable HTTP transport ──
-    // POST /sse, /mcp, /gws, /clauth — JSON-RPC over HTTP
+    // POST /sse, /mcp, /clauth — JSON-RPC over HTTP
     // claude.ai requires text/event-stream SSE format (like regen-media/Express).
     if (method === "POST" && (reqPath === "/sse" || isMcpPath)) {
       let body;
@@ -3251,12 +3232,17 @@ function createServer(initPassword, whitelist, port, tunnelHostnameInit = null,
     }
     // ── MCP SSE transport — /sse and namespaced paths ────
-    // GET /sse|/gws|/clauth — open SSE stream, receive endpoint event
-    // Remote clients (claude.ai) use Streamable HTTP (POST only) — return 404 on GET
-    // so claude.ai knows to POST directly rather than trying SSE transport.
-    if (method === "GET" && isMcpPath && req._clauthRemote) {
-      res.writeHead(404, { "Content-Type": "application/json", ...CORS });
-      return res.end(JSON.stringify({ error: "Use POST for Streamable HTTP transport" }));
+    // GET /sse|/clauth — open SSE stream, receive endpoint event
+    // Remote clients (claude.ai) arrive with a Bearer token via OAuth.
+    // They use Streamable HTTP (POST only) — return 405 on GET so claude.ai
+    // knows to POST directly. Local clients have no Bearer token and use SSE.
+    if (method === "GET" && isMcpPath) {
+      const getAuthHeader = req.headers.authorization;
+      const getToken = getAuthHeader?.startsWith("Bearer ") ? getAuthHeader.slice(7) : null;
+      if (!noAuthHost && getToken && oauthTokens.has(getToken)) {
+        res.writeHead(405, { "Content-Type": "application/json", "Allow": "POST", ...CORS });
+        return res.end(JSON.stringify({ error: "Method Not Allowed", detail: "Use POST for Streamable HTTP transport" }));
+      }
     }
     if (method === "GET" && (reqPath === "/sse" || isMcpPath)) {
       const sessionId = `ses_${++sseCounter}_${Date.now()}`;
@@ -3406,90 +3392,6 @@ function createServer(initPassword, whitelist, port, tunnelHostnameInit = null,
       });
     }
-    // GET /chitchat/<session_id>/stream — SSE push stream for Claude Code (inbox events)
-    // Claude Code connects once; daemon pushes an event on every chitchat_send call
-    const inboxStreamMatch = reqPath.match(/^\/chitchat\/([^/]+)\/stream$/);
-    if (method === "GET" && inboxStreamMatch) {
-      const session_id = inboxStreamMatch[1];
-      const session = terminalSessions.get(session_id);
-      if (!session || !session.is_chitchat) {
-        res.writeHead(404, { "Content-Type": "application/json", ...CORS });
-        return res.end(JSON.stringify({ error: "session not found" }));
-      }
-      res.writeHead(200, {
-        "Content-Type": "text/event-stream",
-        "Cache-Control": "no-cache",
-        "Connection": "keep-alive",
-        ...CORS,
-      });
-      // Send any already-queued inbox messages immediately
-      if (session.inbox.length) {
-        for (const entry of session.inbox) {
-          res.write(`event: message\ndata: ${JSON.stringify(entry)}\n\n`);
-        }
-        session.inbox = [];
-      }
-      session.inboxStreams.push(res);
-      console.log(`[ClaudeAItoCLI] session ${session_id} inbox stream connected (${session.inboxStreams.length} total)`);
-      const keepalive = setInterval(() => {
-        try { res.write(": keepalive\n\n"); } catch {}
-      }, 15_000);
-      req.on("close", () => {
-        clearInterval(keepalive);
-        session.inboxStreams = session.inboxStreams.filter(r => r !== res);
-        console.log(`[ClaudeAItoCLI] session ${session_id} inbox stream disconnected`);
-      });
-      return;
-    }
-    // GET /chitchat/<session_id>/watch — SSE push stream for claude.ai (outbox events)
-    // claude.ai connects once; daemon pushes an event on every chitchat_reply call
-    const outboxStreamMatch = reqPath.match(/^\/chitchat\/([^/]+)\/watch$/);
-    if (method === "GET" && outboxStreamMatch) {
-      const session_id = outboxStreamMatch[1];
-      const session = terminalSessions.get(session_id);
-      if (!session || !session.is_chitchat) {
-        res.writeHead(404, { "Content-Type": "application/json", ...CORS });
-        return res.end(JSON.stringify({ error: "session not found" }));
-      }
-      res.writeHead(200, {
-        "Content-Type": "text/event-stream",
-        "Cache-Control": "no-cache",
-        "Connection": "keep-alive",
-        ...CORS,
-      });
-      // Send any already-queued outbox messages immediately
-      if (session.outbox.length) {
-        for (const entry of session.outbox) {
-          res.write(`event: message\ndata: ${JSON.stringify(entry)}\n\n`);
-        }
-        session.outbox = [];
-      }
-      session.outboxStreams.push(res);
-      console.log(`[ClaudeAItoCLI] session ${session_id} outbox stream connected (${session.outboxStreams.length} total)`);
-      const keepalive = setInterval(() => {
-        try { res.write(": keepalive\n\n"); } catch {}
-      }, 15_000);
-      req.on("close", () => {
-        clearInterval(keepalive);
-        session.outboxStreams = session.outboxStreams.filter(r => r !== res);
-        console.log(`[ClaudeAItoCLI] session ${session_id} outbox stream disconnected`);
-      });
-      return;
-    }
     // GET /debug/sessions — live view of all terminal/chitchat sessions
     if (method === "GET" && reqPath === "/debug/sessions") {
       const now = Date.now();
@@ -3584,7 +3486,6 @@ function createServer(initPassword, whitelist, port, tunnelHostnameInit = null,
       const base = tunnelUrl && tunnelUrl.startsWith("http") ? tunnelUrl : null;
       return ok(res, {
         url: base ? `${base}/clauth` : null,
-        gwsUrl: base ? `${base}/gws` : null,
         note: "OAuth 2.1 public client — Claude registers dynamically, no client_secret needed",
       });
     }
@@ -3680,114 +3581,6 @@ function createServer(initPassword, whitelist, port, tunnelHostnameInit = null,
       return;
     }
-    // GET /chitchat/:id — session status (used by clauth chitchat CLI to verify session exists)
-    const chitchatStatusMatch = reqPath.match(/^\/chitchat\/([^/]+)$/);
-    if (method === "GET" && chitchatStatusMatch) {
-      const sid = chitchatStatusMatch[1];
-      const s = terminalSessions.get(sid);
-      if (!s || !s.is_chitchat) {
-        res.writeHead(404, { "Content-Type": "application/json", ...CORS });
-        return res.end(JSON.stringify({ error: "not_found" }));
-      }
-      res.writeHead(200, { "Content-Type": "application/json", ...CORS });
-      return res.end(JSON.stringify({ session_id: sid, status: s.status, name: s.name, turn: s.turn }));
-    }
-    // POST /chitchat/start — start a chitchat collab session (local REST, same as MCP chitchat_start)
-    if (method === "POST" && reqPath === "/chitchat/start") {
-      let body = "";
-      req.on("data", d => body += d);
-      req.on("end", async () => {
-        try {
-          const { name } = JSON.parse(body || "{}");
-          const result = await startChitchatSession(name || "collab");
-          res.writeHead(200, { "Content-Type": "application/json", ...CORS });
-          res.end(JSON.stringify(result));
-        } catch (e) {
-          res.writeHead(500, { "Content-Type": "application/json", ...CORS });
-          res.end(JSON.stringify({ error: e.message }));
-        }
-      });
-      return;
-    }
-    // POST /terminal/start — start a named terminal session
-    if (method === "POST" && reqPath === "/terminal/start") {
-      let body = "";
-      req.on("data", d => body += d);
-      req.on("end", () => {
-        try {
-          const { name, knowledge_tier, context_md } = JSON.parse(body);
-          if (!name) {
-            res.writeHead(400, { "Content-Type": "application/json", ...CORS });
-            return res.end(JSON.stringify({ error: "name required" }));
-          }
-          const tier = knowledge_tier || 'db_only';
-          const result = startTerminalSession(name, tier, context_md || null);
-          const status = result.error ? 503 : 200;
-          res.writeHead(status, { "Content-Type": "application/json", ...CORS });
-          res.end(JSON.stringify(result));
-        } catch {
-          res.writeHead(400, { "Content-Type": "application/json", ...CORS });
-          res.end(JSON.stringify({ error: "invalid JSON" }));
-        }
-      });
-      return;
-    }
-    // POST /terminal/send — send a message to a running terminal session
-    if (method === "POST" && reqPath === "/terminal/send") {
-      let body = "";
-      req.on("data", d => body += d);
-      req.on("end", () => {
-        try {
-          const { session_id, message } = JSON.parse(body);
-          if (!session_id || !message) {
-            res.writeHead(400, { "Content-Type": "application/json", ...CORS });
-            return res.end(JSON.stringify({ error: "session_id and message required" }));
-          }
-          const result = sendTerminalMessage(session_id, message);
-          const status = result.error === 'session_busy' ? 409 : result.error ? 404 : 200;
-          res.writeHead(status, { "Content-Type": "application/json", ...CORS });
-          res.end(JSON.stringify(result));
-        } catch {
-          res.writeHead(400, { "Content-Type": "application/json", ...CORS });
-          res.end(JSON.stringify({ error: "invalid JSON" }));
-        }
-      });
-      return;
-    }
-    // GET /terminal/list — list all active terminal sessions
-    if (method === "GET" && reqPath === "/terminal/list") {
-      res.writeHead(200, { "Content-Type": "application/json", ...CORS });
-      res.end(JSON.stringify(listTerminalSessions()));
-      return;
-    }
-    // POST /terminal/stop — stop a terminal session
-    if (method === "POST" && reqPath === "/terminal/stop") {
-      let body = "";
-      req.on("data", d => body += d);
-      req.on("end", () => {
-        try {
-          const { session_id } = JSON.parse(body);
-          if (!session_id) {
-            res.writeHead(400, { "Content-Type": "application/json", ...CORS });
-            return res.end(JSON.stringify({ error: "session_id required" }));
-          }
-          const result = stopTerminalSession(session_id);
-          const status = result.error ? 404 : 200;
-          res.writeHead(status, { "Content-Type": "application/json", ...CORS });
-          res.end(JSON.stringify(result));
-        } catch {
-          res.writeHead(400, { "Content-Type": "application/json", ...CORS });
-          res.end(JSON.stringify({ error: "invalid JSON" }));
-        }
-      });
-      return;
-    }
     // POST /channel — receive Coolify/GitHub webhook events
     if (method === "POST" && reqPath === "/channel") {
       let body = "";

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lifeaitools/clauth",
-  "version": "1.5.65",
+  "version": "1.5.67",
   "description": "Hardware-bound credential vault for the LIFEAI infrastructure stack",
   "type": "module",
   "bin": {