@obtoai/agent-bridge 0.1.0-beta.4 → 0.1.0-beta.6

package/README.md

@@ -1,20 +1,28 @@
 # @obtoai/agent-bridge
 
-A local daemon that lets a coding agent — [Claude Code](https://claude.ai/code) or [OpenAI Codex](https://developers.openai.com/codex) — running on your machine be driven from the [OBTO Agent Bridge](https://obto.co) web UI, even when you're away from the keyboard.
+A local daemon that lets coding agents — [Claude Code](https://claude.ai/code), [OpenAI Codex](https://developers.openai.com/codex), or [opencode](https://opencode.ai) — running on your machine be driven from the [OBTO Agent Bridge](https://obto.co) web UI, even when you're away from the keyboard.
 
-You post a message on a thread from your phone or laptop. The daemon (running on your machine, no port forwarding required) receives it over a long-lived HTTPS stream, spawns or resumes an agent session in your project directory, and the response posts back to the bridge thread within seconds.
+You post a message on a thread from your phone or laptop. The daemon (running on your machine, no port forwarding required) receives it over a long-lived HTTPS stream, spawns or resumes a session for the agent that thread is bound to, and the response posts back to the bridge thread within seconds.
+
+**Three commands, you're driving Claude/Codex/opencode on your phone:**
+
+```bash
+npm install -g @obtoai/agent-bridge
+obto-bridge init     # creates a free account inline — no card, no invite
+obto-bridge start    # daemon connects, you're live
+```
 
 ## Status
 
-**Closed beta.** Need an invite? Email **support@obto.co** with your name and a short note about what you'd use it for. We'll provision an account and mail you credentials.
+**Public beta.** Self-serve, no card. `obto-bridge init` creates a free account inline — no waiting on an invite, no support email loop. A Pro tier with longer Hindsight memory retention is coming; until then everyone gets the same daemon features on the free tier.
 
 ## What you'll need
 
 - macOS, Linux, or Windows, **Node.js 18.17+**
-- One coding agent installed, with your own auth:
-  - **Claude** — Claude Code / the Claude Agent SDK, billed to your Anthropic account; or
-  - **Codex** — the `codex` CLI (`npm i -g @openai/codex`), signed in to your OpenAI/ChatGPT account
-- An invite from `support@obto.co` (gives you an `accountId`, browser username/password, and an API token)
+- At least one coding agent installed on the machine (the daemon drives whichever ones it finds, with your own auth):
+  - **Claude** — Claude Code / the Claude Agent SDK, billed to your Anthropic account.
+  - **Codex** — the `codex` CLI (`npm i -g @openai/codex`), signed in to your OpenAI/ChatGPT account.
+  - **opencode** — `npm i -g opencode-ai` (the `opencode` CLI; the daemon bundles the `@opencode-ai/sdk`). Auth is your own provider key (Anthropic by default; override with env vars below).
 
 ## Install
 
@@ -34,18 +42,31 @@ npx @obtoai/agent-bridge <command>
 obto-bridge init
 ```
 
-Walks you through a few questions: your account ID, API token, an agent name (to distinguish multiple machines on one account), which coding agent to drive (`claude` or `codex`), the project directory to work in, and whether to relay tool-permission requests via the bridge. (The server URL is a built-in default; advanced / self-hosted users can override it with the `BRIDGE_BASE_URL` env var.)
+`init` prompts for an email, a username (3-40 chars, lowercase + digits + `_`/`-`), and a password, then creates the account inline via `POST /api/bridge/register` and saves the returned token to `~/.obto-bridge/config.json` (mode 0600). It then asks for an agent name (so multiple machines on the same account don't collide), the project directory the daemon should work in, a *fallback* agent (`claude` / `codex` / `opencode` — used only for legacy events without an explicit agent), and whether to relay tool-permission requests via the bridge. Done — you can sign in to the web UI as `@username` with your password to start a thread.
 
-Config lands at `~/.obto-bridge/config.json` (mode 0600). Safe to commit your account ID; **never commit the `apiToken`**.
+Already have a token from an earlier invite or another machine? Skip the registration step:
 
-### claude vs codex
+```bash
+obto-bridge init --token obto_xxxxxxxx --account acc_xxxxxxxx
+```
 
-Both drive real coding work on your machine; they differ in how they report back:
+The token is shown to you exactly once at registration time. **Save it.** If you lose it, rotate it from your account settings — it is not stored in readable form server-side. Safe to commit your `accountId`; **never commit the `apiToken`**. (Server URL is a built-in default; advanced / self-hosted users can override with the `BRIDGE_BASE_URL` env var.)
 
-- **claude** — the fuller integration. Posts status updates, questions, and results as it works (via an in-process MCP tool), and supports the human-in-the-loop tool-permission relay.
-- **codex** — runs the task and delivers one final answer per turn. No mid-task updates and no per-tool relay (the Codex SDK exposes neither); it runs unattended inside a sandbox (`workspace-write` by default, override with `BRIDGE_CODEX_SANDBOX`).
+### Agents (claude / codex / opencode)
 
-One daemon drives one agent. To run both, use two daemons on two accounts.
+v1.1 makes the daemon **agent-agnostic per event**: at startup it detects which of `claude`, `codex`, and `opencode` are installed on the machine, advertises that to the bridge, and routes each incoming reply to the right driver based on what the thread is bound to in the UI. You can switch a thread's agent live from the thread header; each engine keeps its own session for that thread, so flipping claude→codex→claude resumes each side's context.
+
+How the three differ in how they report back:
+
+- **claude** — the fullest integration. Posts status updates, mid-task questions, and final results as it works (via an in-process MCP tool), and supports the human-in-the-loop tool-permission relay.
+- **codex** — runs the turn and delivers one final answer per turn. No mid-task updates and no per-tool relay (the Codex SDK exposes neither). Runs unattended inside a sandbox (`workspace-write` by default, override with `BRIDGE_CODEX_SANDBOX`).
+- **opencode** — same capture-model shape as codex: one final answer per turn, no mid-task chatter. Defaults to provider `anthropic` and model `claude-sonnet-4-5`; override with `BRIDGE_OPENCODE_PROVIDER` and `BRIDGE_OPENCODE_MODEL`.
+
+Picking a model is done in the bridge UI's **+ New thread** dialog and the thread-header switcher — not in the daemon config.
+
+### Multi-daemon (running across more than one machine)
+
+You can run the same account's daemon on more than one machine (e.g. a Mac and a Windows box). Each daemon advertises its `agentId` (machine name) + capabilities on connect; threads are atomically **first-touch claimed** by whichever daemon gets the event first, and every other daemon skips the event cleanly. No duplicate replies, no special configuration — just install + start the daemon on each machine.
 
 ## Run
 
@@ -56,14 +77,16 @@ obto-bridge start
 You'll see two log lines and then the daemon waits silently:
 
 ```
-{"msg":"starting daemon","data":{"accountId":"acc_...","agentId":"my-mac",...}}
+{"msg":"starting daemon","data":{"accountId":"acc_...","agentId":"my-mac","capabilities":["claude","codex"],...}}
 {"msg":"sse stream connected","data":{"status":200}}
 ```
 
+`capabilities` is the list of agents this daemon will accept — the bridge UI offers exactly the union across your connected machines.
+
 Now open the bridge UI in any browser, log in with the browser credentials from your invite, and either:
 
-- Reply on an existing thread — daemon resumes the session bound to that thread
-- Start a new thread via the **+ New thread** button — daemon spawns a fresh session in your project directory
+- Reply on an existing thread — daemon resumes the session bound to that thread (and to whichever agent the thread currently uses).
+- Start a new thread via the **+ New thread** button — pick Claude, Codex, or Opencode; the daemon spawns a fresh session in your project directory.
 
 Within ~5–10 seconds you should see the agent's reply appear back on the thread.
 
@@ -72,40 +95,41 @@ Within ~5–10 seconds you should see the agent's reply appear back on the threa
 | Command | What it does |
 |---|---|
 | `obto-bridge whoami` | Verify your token works + show your account info |
-| `obto-bridge status` | List active thread→session bindings |
+| `obto-bridge status` | List bindings per (thread, agent) — one row per engine that's ever driven a thread |
 | `obto-bridge logout` | Wipe `~/.obto-bridge/config.json` |
 
 ## How it actually works
 
 ```
-Your phone        OBTO server                      Your machine
-─────────         ───────────                      ────────────
+Your phone        OBTO server                      Your machine(s)
+─────────         ───────────                      ───────────────
 [reply form] ──►  /api/reply ─► Mongo (durable)
-                  └─►  RabbitMQ (publish bridge.<acct>.reply.<thread>)
+                  └─►  RabbitMQ (publish bridge.<acct>.reply.<thread>,
+                                 payload carries agent + agentId)
                                                 ◄── /api/bridge/stream  (SSE, Bearer auth)
-                                                    └─► daemon process
-                                                        └─► Claude Agent SDK
-                                                            └─► session JSONL in
-                                                                ~/.claude/projects/...
-                  /api/message ◄────  bridge_post (in-process MCP tool from daemon)
+                                                    └─► daemon (dispatches per payload.agent)
+                                                        ├─► Claude Agent SDK   → ~/.claude/projects/...
+                                                        ├─► @openai/codex-sdk  → ~/.codex/sessions/...
+                                                        └─► @opencode-ai/sdk   → opencode server
+                  /api/message ◄────  bridge_post (in-process MCP tool, Claude only)
 [poll: /api/messages] ◄──── (4s loop)
 ```
 
 Key bits:
 
 - The daemon **never** holds RabbitMQ credentials; broker access stays server-side. Per-account routing key isolation enforced by `BridgeAuth`.
-- The daemon's spawned Claude session uses an **in-process MCP server** (`mcp__bridge__bridge_post`) — not the platform's hosted MCP, so the daemon's tools don't depend on a long-lived OBTO MCP proxy session.
-- Each bridge **thread** binds to its own agent **session ID** at first message. Subsequent messages on the same thread resume the same session, so the agent keeps full context. Your interactive sessions are unaffected — they live in separate session stores.
+- For the **claude** driver, the spawned Claude session uses an **in-process MCP server** (`mcp__bridge__bridge_post`) — not the platform's hosted MCP, so the daemon's tools don't depend on a long-lived OBTO MCP proxy session. For **codex** and **opencode**, the SDKs can't auto-approve a write tool when run unattended, so the daemon captures the final response and posts it to the thread on the agent's behalf.
+- Each bridge **thread** binds to its own session ID **per agent**. Subsequent messages on the same thread + same agent resume the same engine-specific session, so the agent keeps full context. Switching the thread's agent in the UI starts (or resumes) the other engine's session — each side's state stays intact. Your interactive sessions are unaffected — they live in separate session stores.
 - Per-thread serialization means rapid bursts on the same thread are handled in order, never racing the same session.
-- With **codex**, there is no in-process MCP tool — the Codex SDK can't auto-approve a write tool when run unattended, so the daemon captures Codex's final response and posts it to the thread on the agent's behalf.
+- Multi-daemon races are killed by atomic first-touch claim against the thread record on the bridge.
 
 ## Agent costs
 
-The daemon runs your chosen agent on your machine with **your** credentials — Anthropic for `claude` (whatever Claude Code uses: `ANTHROPIC_API_KEY` or your Claude.ai session), or your OpenAI/ChatGPT account for `codex`. Every bridge-driven turn is a normal API call billed to you. We don't proxy.
+The daemon runs your chosen agent on your machine with **your** credentials — Anthropic for `claude` (whatever Claude Code uses: `ANTHROPIC_API_KEY` or your Claude.ai session); your OpenAI/ChatGPT account for `codex`; whichever provider you've configured `opencode` to call (Anthropic by default for this daemon). Every bridge-driven turn is a normal API call billed to you. We don't proxy.
 
 ## Data handling
 
-**Your model traffic never touches us.** The daemon runs on your machine and calls Anthropic or OpenAI with *your own* credentials. Your prompts, your code, and the model's responses pass directly between your machine and the model provider, under your own API account and its terms. OBTO does not proxy, route, or see that traffic.
+**Your model traffic never touches us.** The daemon runs on your machine and calls Anthropic, OpenAI, or whichever provider opencode is configured for, with *your own* credentials. Your prompts, your code, and the model's responses pass directly between your machine and the model provider, under your own API account and its terms. OBTO does not proxy, route, or see that traffic.
 
 **What the bridge stores.** For threads to work, the messages you and the agent post are saved in OBTO's database — that's what makes a thread durable and readable from your phone. Threads are strictly scoped to your account; one tenant can never see another's. Your daemon's API token is stored server-side only as a SHA-256 hash; the plaintext token never leaves your local config file.
 

package/bin/obto-bridge.js

@@ -14,7 +14,8 @@ const usage = () => {
   console.error('Usage: obto-bridge <command>');
   console.error('');
   console.error('Commands:');
-  console.error('  init           One-time setup: paste credentials, choose agent name + project dir.');
+  console.error('  init           Create a free account (or paste an existing token via --token/--account)');
+  console.error('                 and write ~/.obto-bridge/config.json.');
   console.error('  start          Run the daemon (foreground).');
   console.error('  status         Print active thread/session bindings.');
   console.error('  whoami         Verify config and show your account info from the server.');
@@ -22,10 +23,10 @@ const usage = () => {
   console.error('  logout         Wipe local credentials at ~/.obto-bridge/config.json.');
   console.error('');
   console.error('Flags:');
-  console.error('  --version, -v  Print the installed package version.');
-  console.error('  --help, -h     Show this help.');
-  console.error('');
-  console.error('Get an invite: support@obto.co');
+  console.error('  --version, -v          Print the installed package version.');
+  console.error('  --help, -h             Show this help.');
+  console.error('  --token <obto_…>       (init only) Skip self-serve register, use this token.');
+  console.error('  --account <acc_…>      (init only) Pair with --token for paste-in mode.');
 };
 
 const cmd = process.argv[2];

package/cli/init.js

@@ -1,9 +1,17 @@
 'use strict';
 
-// `obto-bridge init` — interactive setup wizard. Prompts for credentials,
-// writes ~/.obto-bridge/config.json with mode 0600, then validates the token
-// against the server via GET /api/bridge/whoami so the user knows immediately
-// if anything is wrong.
+// `obto-bridge init` — interactive setup wizard.
+//
+// Default (>=0.1.0-beta.6): self-serve registration. Prompts for email,
+// username, password and POSTs to /api/bridge/register, which returns a
+// freshly-minted free-tier account + API token. No invite, no waiting.
+//
+// Legacy paste-in (for users with an existing token, e.g. from before
+// self-serve, or migrating across machines): `obto-bridge init --token <obto_…>
+// --account <acc_…>` skips the register step and uses the supplied creds.
+//
+// Either way the wizard writes ~/.obto-bridge/config.json with mode 0600 and
+// then validates the token against the server via GET /api/bridge/whoami.
 
 const fs = require('fs');
 const path = require('path');
@@ -19,6 +27,15 @@ const DEFAULTS = {
   relayPermissions: true,
 };
 
+// argv after `obto-bridge init` — for --token / --account paste-in mode.
+const argv = process.argv.slice(3);
+const flagValue = (name) => {
+  const i = argv.indexOf(name);
+  return i !== -1 && argv[i + 1] && !argv[i + 1].startsWith('--') ? argv[i + 1] : null;
+};
+const cliToken = flagValue('--token');
+const cliAccount = flagValue('--account');
+
 const loadExisting = () => {
   try { return JSON.parse(fs.readFileSync(CONFIG_PATH, 'utf8')); }
   catch (_) { return {}; }
@@ -35,6 +52,32 @@ const ask = (rl, prompt, def) =>
     });
   });
 
+// Password echoes (readline + raw mode is gnarly to do portably). Users doing
+// scripted/headless deploys should set BRIDGE_API_TOKEN env directly instead.
+const askPassword = (rl, prompt) =>
+  new Promise((resolve) => {
+    rl.question(prompt + ': ', (answer) => resolve(answer));
+  });
+
+const registerSelfServe = async ({ baseUrl, originHost, email, username, password }) => {
+  const url = baseUrl.replace(/\/$/, '') + '/api/bridge/register';
+  const res = await fetch(url, {
+    method: 'POST',
+    headers: {
+      Accept: 'application/json',
+      'Content-Type': 'application/x-www-form-urlencoded',
+      'OBTO-ORIGIN-HOST': originHost,
+    },
+    body: new URLSearchParams({ email, username, password }).toString(),
+    cache: 'no-store',
+    redirect: 'manual',
+  });
+  const text = await res.text();
+  let data;
+  try { data = JSON.parse(text); } catch (_) { data = { _rawBody: text }; }
+  return { status: res.status, ok: res.ok, data };
+};
+
 const validateAgainstServer = async (cfg) => {
   const url = cfg.baseUrl.replace(/\/$/, '') + '/api/bridge/whoami';
   const res = await fetch(url, {
@@ -55,25 +98,74 @@ const validateAgainstServer = async (cfg) => {
 const main = async () => {
   console.log('OBTO Agent Bridge — setup');
   console.log('-------------------------');
-  console.log('Need credentials? Email support@obto.co for an invite.');
   console.log('Config will be written to: ' + CONFIG_PATH);
   console.log('');
 
   const existing = loadExisting();
   const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
 
-  // Server base URL and OBTO-ORIGIN-HOST are constants of the platform, not
-  // per-user config — every daemon talks to the same bridge app. They are no
-  // longer prompted. Advanced / self-hosted users can still override them via
-  // the BRIDGE_BASE_URL / BRIDGE_ORIGIN_HOST env vars or by editing config.json.
   const baseUrl    = process.env.BRIDGE_BASE_URL    || existing.baseUrl    || DEFAULTS.baseUrl;
   const originHost = process.env.BRIDGE_ORIGIN_HOST || existing.originHost || DEFAULTS.originHost;
-  const accountId  = await ask(rl, 'Account ID (acc_…)',       existing.accountId  || '');
-  const apiToken   = await ask(rl, 'API token (obto_…)',       existing.apiToken   || '');
-  const agentId    = await ask(rl, 'Agent name (e.g. my-mac)', existing.agentId    || os.hostname().split('.')[0] || 'unnamed-agent');
+
+  let accountId = existing.accountId || '';
+  let apiToken = existing.apiToken || '';
+
+  // Pick the credential path. Order of precedence:
+  //   1. --token + --account flags (machine-paste, scripted).
+  //   2. Existing config from a prior init (carry over).
+  //   3. Self-serve registration via /api/bridge/register (default for new users).
+  const haveCliPaste = !!(cliToken && cliAccount);
+  const haveExisting = !!(existing.accountId && existing.apiToken);
+
+  if (haveCliPaste) {
+    apiToken = cliToken;
+    accountId = cliAccount;
+    console.log('Using credentials from --token / --account flags.');
+    console.log('');
+  } else if (haveExisting) {
+    console.log('Existing config found:');
+    console.log('  Account: ' + existing.accountId);
+    console.log('  Token:   ' + (existing.apiToken || '').slice(0, 10) + '…');
+    console.log('Reusing those credentials. To re-register from scratch, remove ' + CONFIG_PATH + ' first.');
+    console.log('');
+  } else {
+    console.log('Create a free account (no card needed):');
+    const email = await ask(rl, '  Email', '');
+    const username = await ask(rl, '  Username (3-40 chars: a-z, 0-9, _ or -)', '');
+    const password = await askPassword(rl, '  Password (min 8 chars)');
+    console.log('');
+    console.log('Creating account at ' + baseUrl + ' ...');
+    let r;
+    try {
+      r = await registerSelfServe({ baseUrl, originHost, email, username, password });
+    } catch (e) {
+      console.error('error: registration request failed: ' + (e && e.message ? e.message : e));
+      console.error('       (network problem? you can also paste an existing token via:');
+      console.error('        `obto-bridge init --token <obto_…> --account <acc_…>`)');
+      rl.close();
+      process.exit(1);
+    }
+    if (!r.ok || !r.data || !r.data.ok) {
+      const msg = (r.data && (r.data.error || r.data._rawBody)) || ('HTTP ' + r.status);
+      console.error('error: registration rejected: ' + msg);
+      rl.close();
+      process.exit(1);
+    }
+    accountId = r.data.accountId;
+    apiToken = r.data.apiToken;
+    console.log('  ✓ Free account created.');
+    console.log('    Account: ' + accountId);
+    console.log('    User:    @' + (r.data.basicAuthUser || username));
+    console.log('    Plan:    ' + (r.data.plan || 'free'));
+    console.log('    Sign in at ' + baseUrl + ' as @' + (r.data.basicAuthUser || username) + ' with the password you just set.');
+    console.log('');
+  }
+
+  const agentId    = await ask(rl, 'Agent name (e.g. my-mac)', existing.agentId || os.hostname().split('.')[0] || 'unnamed-agent');
   const projectDir = await ask(rl, 'Project working dir',      existing.projectDir || process.cwd());
-  const agentAns   = await ask(rl, 'Coding agent — claude or codex', existing.agent || 'claude');
-  const agent      = String(agentAns).trim().toLowerCase() === 'codex' ? 'codex' : 'claude';
+  const agentAns   = await ask(rl, 'Coding agent fallback — claude / codex / opencode', existing.agent || 'claude');
+  const agentLow   = String(agentAns).trim().toLowerCase();
+  const agent      = ['claude', 'codex', 'opencode'].indexOf(agentLow) !== -1 ? agentLow : 'claude';
   const relayAns   = await ask(rl, 'Relay permission requests via bridge? (y/n)', existing.relayPermissions !== false ? 'y' : 'n');
   const relayPermissions = String(relayAns).toLowerCase().startsWith('y');
 
@@ -138,7 +230,7 @@ const main = async () => {
   }
 
   if (result.status === 401) {
-    console.error('  ✗ Server rejected the API token (HTTP 401). Double-check that you pasted the full token from your invite email.');
+    console.error('  ✗ Server rejected the API token (HTTP 401). Re-run `obto-bridge init` to reset.');
     process.exit(2);
   }
   if (result.status === 403) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@obtoai/agent-bridge",
-  "version": "0.1.0-beta.4",
+  "version": "0.1.0-beta.6",
   "description": "Local consumer for the OBTO Agent Bridge. Receives bridge events over SSE and drives a coding agent (Claude Code or OpenAI Codex) on your machine.",
   "license": "Apache-2.0",
   "author": "OBTO Inc.",