npm - @open-mercato/ai-assistant - Versions diffs - 0.4.2-canary-c02407ff85 - Mend

@open-mercato/ai-assistant 0.4.2-canary-c02407ff85

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (193) hide show

package/src/index.ts ADDED Viewed

@@ -0,0 +1,92 @@
+/**
+ * @open-mercato/ai-assistant
+ *
+ * MCP (Model Context Protocol) server module for AI assistant integration.
+ *
+ * This module provides:
+ * - MCP server with stdio transport for Claude Desktop integration
+ * - Tool registry for modules to register AI-callable tools
+ * - ACL-based permission filtering for tools
+ * - Multi-tenant execution context
+ *
+ * @example
+ * ```typescript
+ * import { registerMcpTool } from '@open-mercato/ai-assistant/tools'
+ * import { z } from 'zod'
+ *
+ * registerMcpTool({
+ *   name: 'customers.search',
+ *   description: 'Search for customers',
+ *   inputSchema: z.object({ query: z.string() }),
+ *   requiredFeatures: ['customers.people.view'],
+ *   handler: async (input, ctx) => {
+ *     // Implementation
+ *   }
+ * }, { moduleId: 'customers' })
+ * ```
+ */
+// Re-export types
+export * from './modules/ai_assistant/lib/types'
+// Tool registry
+export {
+  registerMcpTool,
+  getToolRegistry,
+  unregisterMcpTool,
+  toolRegistry,
+} from './modules/ai_assistant/lib/tool-registry'
+// Tool executor
+export { executeTool } from './modules/ai_assistant/lib/tool-executor'
+// MCP server (stdio)
+export { createMcpServer, runMcpServer } from './modules/ai_assistant/lib/mcp-server'
+// MCP HTTP server
+export { runMcpHttpServer, type McpHttpServerOptions } from './modules/ai_assistant/lib/http-server'
+// MCP auth
+export {
+  authenticateMcpRequest,
+  extractApiKeyFromHeaders,
+  type McpAuthResult,
+  type McpAuthSuccess,
+  type McpAuthFailure,
+} from './modules/ai_assistant/lib/auth'
+// Tool loader
+export { loadAllModuleTools, indexToolsForSearch } from './modules/ai_assistant/lib/tool-loader'
+// OpenCode client
+export {
+  OpenCodeClient,
+  createOpenCodeClient,
+  type OpenCodeClientConfig,
+  type OpenCodeSession,
+  type OpenCodeMessage,
+  type OpenCodeHealth,
+  type OpenCodeMcpStatus,
+} from './modules/ai_assistant/lib/opencode-client'
+// OpenCode route handlers
+export {
+  handleOpenCodeMessage,
+  handleOpenCodeHealth,
+  handleOpenCodeMessageStreaming,
+  handleOpenCodeAnswer,
+  getPendingQuestions,
+  extractTextFromResponse,
+  extractAllPartsFromResponse,
+  extractMetadataFromResponse,
+  type OpenCodeTestRequest,
+  type OpenCodeTestResponse,
+  type OpenCodeHealthResponse,
+  type OpenCodeResponsePart,
+  type OpenCodeResponseMetadata,
+  type OpenCodeStreamEvent,
+  type OpenCodeQuestion,
+} from './modules/ai_assistant/lib/opencode-handlers'
+// Module metadata
+export { metadata, features } from './modules/ai_assistant'

package/src/modules/ai_assistant/acl.ts ADDED Viewed

@@ -0,0 +1,10 @@
+export const features = [
+  { id: 'ai_assistant.view', title: 'View AI Assistant Settings', module: 'ai_assistant' },
+  { id: 'ai_assistant.settings.manage', title: 'Manage AI Assistant Settings', module: 'ai_assistant' },
+  { id: 'ai_assistant.mcp.serve', title: 'Start MCP Server', module: 'ai_assistant' },
+  { id: 'ai_assistant.tools.list', title: 'List MCP Tools', module: 'ai_assistant' },
+  { id: 'ai_assistant.mcp_servers.view', title: 'View MCP Server Configurations', module: 'ai_assistant' },
+  { id: 'ai_assistant.mcp_servers.manage', title: 'Manage MCP Server Configurations', module: 'ai_assistant' },
+]
+export default features

package/src/modules/ai_assistant/api/chat/route.ts ADDED Viewed

@@ -0,0 +1,213 @@
+import { NextResponse, type NextRequest } from 'next/server'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import {
+  handleOpenCodeMessageStreaming,
+  type OpenCodeStreamEvent,
+} from '../../lib/opencode-handlers'
+import { createOpenCodeClient } from '../../lib/opencode-client'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import type { EntityManager } from '@mikro-orm/postgresql'
+import {
+  generateSessionToken,
+  createSessionApiKey,
+} from '@open-mercato/core/modules/api_keys/services/apiKeyService'
+import { UserRole } from '@open-mercato/core/modules/auth/data/entities'
+import { findWithDecryption } from '@open-mercato/shared/lib/encryption/find'
+export const metadata = {
+  POST: { requireAuth: true, requireFeatures: ['ai_assistant.view'] },
+}
+/**
+ * Get user's role IDs from the database.
+ */
+async function getUserRoleIds(
+  em: EntityManager,
+  userId: string,
+  tenantId: string | null
+): Promise<string[]> {
+  if (!tenantId) return []
+  const links = await findWithDecryption(
+    em,
+    UserRole,
+    { user: userId as any, role: { tenantId } } as any,
+    { populate: ['role'] },
+    { tenantId, organizationId: null },
+  )
+  const linkList = Array.isArray(links) ? links : []
+  return linkList
+    .map((l) => (l.role as any)?.id)
+    .filter((id): id is string => typeof id === 'string' && id.length > 0)
+}
+/**
+ * Chat endpoint that routes messages to OpenCode agent.
+ * OpenCode connects to MCP server for tool access (api_discover, api_execute, api_schema).
+ *
+ * Emits verbose SSE events for debugging:
+ * - thinking: Agent started processing
+ * - metadata: Model, tokens, timing info
+ * - tool-call: Tool invocation with args
+ * - tool-result: Tool response
+ * - text: Response text
+ * - question: Confirmation question from agent
+ * - done: Complete with session ID
+ * - error: Error occurred
+ */
+export async function POST(req: NextRequest) {
+  const auth = await getAuthFromRequest(req)
+  if (!auth) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+  try {
+    const body = await req.json()
+    const { messages, sessionId, answerQuestion } = body as {
+      messages?: Array<{ role: string; content: string }>
+      sessionId?: string
+      // For answering a question
+      answerQuestion?: {
+        questionId: string
+        answer: number
+        sessionId: string
+      }
+    }
+    // Create SSE stream for frontend compatibility
+    const encoder = new TextEncoder()
+    const stream = new TransformStream()
+    const writer = stream.writable.getWriter()
+    let writerClosed = false
+    const writeSSE = async (event: OpenCodeStreamEvent | { type: string; [key: string]: unknown }) => {
+      if (writerClosed) return // Guard against writes after close
+      try {
+        const jsonStr = JSON.stringify(event)
+        await writer.write(encoder.encode(`data: ${jsonStr}\n\n`))
+      } catch (err) {
+        // Writer may have been closed by client disconnect
+        console.warn('[AI Chat] Failed to write SSE event:', event.type)
+      }
+    }
+    const closeWriter = async () => {
+      if (writerClosed) return
+      writerClosed = true
+      try {
+        await writer.close()
+      } catch {
+        // Already closed
+      }
+    }
+    // Handle question answer - simple JSON response, not SSE
+    // The original SSE stream continues and will receive the follow-up response
+    if (answerQuestion) {
+      try {
+        const client = createOpenCodeClient()
+        await client.answerQuestion(answerQuestion.questionId, answerQuestion.answer)
+        return NextResponse.json({ success: true })
+      } catch (error) {
+        console.error('[AI Chat] Answer error:', error)
+        return NextResponse.json(
+          { error: error instanceof Error ? error.message : 'Failed to answer question' },
+          { status: 500 }
+        )
+      }
+    }
+    // Handle regular message
+    if (!messages || !Array.isArray(messages)) {
+      return NextResponse.json({ error: 'messages array is required' }, { status: 400 })
+    }
+    // Get the latest user message
+    const lastUserMessage = messages.filter((m) => m.role === 'user').pop()?.content
+    if (!lastUserMessage) {
+      return NextResponse.json({ error: 'No user message found' }, { status: 400 })
+    }
+    // For new sessions, create an ephemeral API key that inherits user permissions
+    let sessionToken: string | null = null
+    if (!sessionId) {
+      try {
+        const container = await createRequestContainer()
+        const em = container.resolve<EntityManager>('em')
+        // Get user's role IDs from database
+        const userRoleIds = await getUserRoleIds(em, auth.sub, auth.tenantId)
+        // Generate session token and create ephemeral key
+        sessionToken = generateSessionToken()
+        await createSessionApiKey(em, {
+          sessionToken,
+          userId: auth.sub,
+          userRoles: userRoleIds,
+          tenantId: auth.tenantId,
+          organizationId: auth.orgId,
+          ttlMinutes: 120,
+        })
+        console.log('[AI Chat] Created session token:', sessionToken.slice(0, 12) + '...')
+      } catch (error) {
+        console.error('[AI Chat] Failed to create session key:', error)
+        // Continue without session key - tools will use static API key auth
+      }
+    }
+    // Build the message to send to OpenCode
+    // If we have a session token, prepend explicit instructions for the AI to include it in tool calls
+    let messageToSend = lastUserMessage
+    if (sessionToken) {
+      messageToSend = `[SYSTEM: Your session token is "${sessionToken}". You MUST include "_sessionToken": "${sessionToken}" in EVERY tool call argument object. Without this, tools will fail with authorization errors.]\n\n${lastUserMessage}`
+    }
+    // Process in background - starts AFTER Response is returned so there's a reader for the stream
+    ;(async () => {
+      try {
+        // Emit session-authorized event first (if we have a token)
+        if (sessionToken) {
+          console.log('[AI Chat] Emitting session-authorized event')
+          await writeSSE({
+            type: 'session-authorized',
+            sessionToken: sessionToken.slice(0, 12) + '...',
+          })
+        }
+        // Emit thinking event for UX feedback
+        await writeSSE({ type: 'thinking' })
+        // Use streaming handler that supports questions
+        await handleOpenCodeMessageStreaming(
+          {
+            message: messageToSend,
+            sessionId,
+          },
+          async (event) => {
+            await writeSSE(event)
+          }
+        )
+      } catch (error) {
+        console.error('[AI Chat] OpenCode error:', error)
+        await writeSSE({
+          type: 'error',
+          error: error instanceof Error ? error.message : 'OpenCode request failed',
+        })
+      } finally {
+        await closeWriter()
+      }
+    })()
+    return new Response(stream.readable, {
+      headers: {
+        'Content-Type': 'text/event-stream',
+        'Cache-Control': 'no-cache',
+        Connection: 'keep-alive',
+      },
+    })
+  } catch (error) {
+    console.error('[AI Chat] Error:', error)
+    return NextResponse.json({ error: 'Chat request failed' }, { status: 500 })
+  }
+}

package/src/modules/ai_assistant/api/health/route.ts ADDED Viewed

@@ -0,0 +1,30 @@
+import { NextResponse, type NextRequest } from 'next/server'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import { handleOpenCodeHealth } from '../../lib/opencode-handlers'
+export const metadata = {
+  GET: { requireAuth: true, requireFeatures: ['ai_assistant.view'] },
+}
+/**
+ * GET /api/ai_assistant/health
+ *
+ * Returns OpenCode and MCP connection status.
+ */
+export async function GET(req: NextRequest) {
+  const auth = await getAuthFromRequest(req)
+  if (!auth?.sub) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+  try {
+    const health = await handleOpenCodeHealth()
+    return NextResponse.json(health)
+  } catch (error) {
+    console.error('[AI Health] Error:', error)
+    return NextResponse.json(
+      { error: 'Failed to check health', message: error instanceof Error ? error.message : 'Unknown error' },
+      { status: 500 }
+    )
+  }
+}

package/src/modules/ai_assistant/api/route/route.ts ADDED Viewed

@@ -0,0 +1,149 @@
+import { NextResponse, type NextRequest } from 'next/server'
+import { generateObject } from '../../lib/ai-sdk'
+import {
+  createOpenAI,
+  createAnthropic,
+  createGoogleGenerativeAI,
+} from '../../lib/ai-sdk'
+import { z } from 'zod'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import {
+  resolveChatConfig,
+  isProviderConfigured,
+  type ChatProviderId,
+} from '../../lib/chat-config'
+export const metadata = {
+  POST: { requireAuth: true, requireFeatures: ['ai_assistant.view'] },
+}
+const RouteResultSchema = z.object({
+  intent: z.enum(['tool', 'general_chat']),
+  toolName: z.string().optional(),
+  confidence: z.number().min(0).max(1),
+  reasoning: z.string(),
+})
+// Fast/cheap models for each provider
+const ROUTING_MODELS: Record<ChatProviderId, string> = {
+  anthropic: 'claude-3-5-haiku-20241022',
+  openai: 'gpt-4o-mini',
+  google: 'gemini-1.5-flash',
+}
+function createRoutingModel(providerId: ChatProviderId) {
+  const modelId = ROUTING_MODELS[providerId]
+  switch (providerId) {
+    case 'openai': {
+      const apiKey = process.env.OPENAI_API_KEY
+      if (!apiKey) throw new Error('OPENAI_API_KEY not configured')
+      const openai = createOpenAI({ apiKey })
+      return openai(modelId) as unknown as Parameters<typeof generateObject>[0]['model']
+    }
+    case 'anthropic': {
+      const apiKey = process.env.ANTHROPIC_API_KEY
+      if (!apiKey) throw new Error('ANTHROPIC_API_KEY not configured')
+      const anthropic = createAnthropic({ apiKey })
+      return anthropic(modelId) as unknown as Parameters<typeof generateObject>[0]['model']
+    }
+    case 'google': {
+      const apiKey = process.env.GOOGLE_GENERATIVE_AI_API_KEY
+      if (!apiKey) throw new Error('GOOGLE_GENERATIVE_AI_API_KEY not configured')
+      const google = createGoogleGenerativeAI({ apiKey })
+      return google(modelId) as unknown as Parameters<typeof generateObject>[0]['model']
+    }
+    default:
+      throw new Error(`Unknown provider: ${providerId}`)
+  }
+}
+export async function POST(req: NextRequest) {
+  const auth = await getAuthFromRequest(req)
+  if (!auth) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+  try {
+    const body = await req.json()
+    const { query, availableTools } = body as {
+      query: string
+      availableTools: Array<{ name: string; description: string }>
+    }
+    console.log('[AI Route] Routing query:', query)
+    console.log('[AI Route] Available tools count:', availableTools?.length)
+    if (!query || typeof query !== 'string') {
+      return NextResponse.json({ error: 'query is required' }, { status: 400 })
+    }
+    if (!availableTools || !Array.isArray(availableTools)) {
+      return NextResponse.json({ error: 'availableTools array is required' }, { status: 400 })
+    }
+    // Get user's configured provider
+    const container = await createRequestContainer()
+    let config = await resolveChatConfig(container)
+    // Fallback to first configured provider
+    if (!config) {
+      const providers: ChatProviderId[] = ['openai', 'anthropic', 'google']
+      const configuredProvider = providers.find((p) => isProviderConfigured(p))
+      if (!configuredProvider) {
+        return NextResponse.json(
+          { error: 'No AI provider configured. Please set an API key for OpenAI, Anthropic, or Google.' },
+          { status: 503 }
+        )
+      }
+      config = { providerId: configuredProvider, model: '', updatedAt: '' }
+    }
+    console.log('[AI Route] Using provider:', config.providerId)
+    // Verify the configured provider is still available
+    if (!isProviderConfigured(config.providerId)) {
+      return NextResponse.json(
+        { error: `Configured provider ${config.providerId} is no longer available. Please update settings.` },
+        { status: 503 }
+      )
+    }
+    // Use fast model for the configured provider
+    const model = createRoutingModel(config.providerId)
+    const toolList = availableTools
+      .map((t) => `- ${t.name}: ${t.description}`)
+      .join('\n')
+    console.log('[AI Route] Calling generateObject with', ROUTING_MODELS[config.providerId])
+    const result = await generateObject({
+      model,
+      schema: RouteResultSchema,
+      prompt: `You are a routing assistant. Given a user query, determine if they want to use a specific tool or have a general conversation.
+Available tools:
+${toolList}
+User query: "${query}"
+Respond with:
+- intent: "tool" if user wants to perform an action with a specific tool, "general_chat" otherwise
+- toolName: the exact tool name if intent is "tool"
+- confidence: 0-1 how confident you are
+- reasoning: brief explanation`,
+    })
+    console.log('[AI Route] Result:', result.object)
+    return NextResponse.json(result.object)
+  } catch (error) {
+    console.error('[AI Route] Error routing query:', error)
+    return NextResponse.json(
+      { error: 'Routing request failed' },
+      { status: 500 }
+    )
+  }
+}

package/src/modules/ai_assistant/api/settings/route.ts ADDED Viewed

@@ -0,0 +1,73 @@
+import { NextResponse, type NextRequest } from 'next/server'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+export const metadata = {
+  GET: { requireAuth: true, requireFeatures: ['ai_assistant.view'] },
+}
+// Provider information
+const PROVIDERS = {
+  anthropic: {
+    name: 'Anthropic',
+    defaultModel: 'claude-haiku-4-5-20251001',
+    envKey: 'OPENCODE_ANTHROPIC_API_KEY',
+  },
+  openai: {
+    name: 'OpenAI',
+    defaultModel: 'gpt-4o-mini',
+    envKey: 'OPENCODE_OPENAI_API_KEY',
+  },
+  google: {
+    name: 'Google',
+    defaultModel: 'gemini-2.0-flash',
+    envKey: 'OPENCODE_GOOGLE_API_KEY',
+  },
+} as const
+type ProviderId = keyof typeof PROVIDERS
+/**
+ * GET /api/ai_assistant/settings
+ *
+ * Returns the current OpenCode provider configuration from environment variables.
+ */
+export async function GET(req: NextRequest) {
+  const auth = await getAuthFromRequest(req)
+  if (!auth?.sub) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+  try {
+    // Read provider config from environment
+    const providerId = (process.env.OPENCODE_PROVIDER || 'anthropic') as ProviderId
+    const providerInfo = PROVIDERS[providerId] || PROVIDERS.anthropic
+    // Check if the provider's API key is configured
+    const apiKeyConfigured = !!process.env[providerInfo.envKey]
+    // Get model (custom or default)
+    const customModel = process.env.OPENCODE_MODEL
+    const model = customModel || `${providerId}/${providerInfo.defaultModel}`
+    return NextResponse.json({
+      provider: {
+        id: providerId,
+        name: providerInfo.name,
+        model,
+        defaultModel: providerInfo.defaultModel,
+        envKey: providerInfo.envKey,
+        configured: apiKeyConfigured,
+      },
+      availableProviders: Object.entries(PROVIDERS).map(([id, info]) => ({
+        id,
+        name: info.name,
+        defaultModel: info.defaultModel,
+        envKey: info.envKey,
+        configured: !!process.env[info.envKey],
+      })),
+    })
+  } catch (error) {
+    console.error('[AI Settings] GET error:', error)
+    return NextResponse.json({ error: 'Failed to fetch settings' }, { status: 500 })
+  }
+}

package/src/modules/ai_assistant/api/tools/execute/route.ts ADDED Viewed

@@ -0,0 +1,71 @@
+import { NextResponse, type NextRequest } from 'next/server'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import { executeTool } from '../../../lib/tool-executor'
+import { loadAllModuleTools } from '../../../lib/tool-loader'
+import type { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'
+import type { McpToolContext } from '../../../lib/types'
+export const metadata = {
+  POST: { requireAuth: true, requireFeatures: ['ai_assistant.view'] },
+}
+export async function POST(req: NextRequest) {
+  const auth = await getAuthFromRequest(req)
+  if (!auth) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+  try {
+    const body = await req.json()
+    const { toolName, args = {} } = body
+    if (!toolName || typeof toolName !== 'string') {
+      return NextResponse.json({ error: 'toolName is required' }, { status: 400 })
+    }
+    const container = await createRequestContainer()
+    const rbacService = container.resolve<RbacService>('rbacService')
+    // Load ACL for user
+    const acl = await rbacService.loadAcl(auth.sub, {
+      tenantId: auth.tenantId,
+      organizationId: auth.orgId,
+    })
+    // Ensure tools are loaded
+    await loadAllModuleTools()
+    // Build tool context
+    const toolContext: McpToolContext = {
+      tenantId: auth.tenantId,
+      organizationId: auth.orgId,
+      userId: auth.sub,
+      container,
+      userFeatures: acl.features,
+      isSuperAdmin: acl.isSuperAdmin,
+    }
+    // Execute the tool
+    const result = await executeTool(toolName, args, toolContext)
+    if (!result.success) {
+      return NextResponse.json(
+        { success: false, error: result.error },
+        { status: result.errorCode === 'UNAUTHORIZED' ? 403 : 400 }
+      )
+    }
+    return NextResponse.json({
+      success: true,
+      result: result.result,
+    })
+  } catch (error) {
+    console.error('[AI Tools] Error executing tool:', error)
+    return NextResponse.json(
+      { success: false, error: 'Tool execution failed' },
+      { status: 500 }
+    )
+  }
+}

package/src/modules/ai_assistant/api/tools/route.ts ADDED Viewed

@@ -0,0 +1,57 @@
+import { NextResponse, type NextRequest } from 'next/server'
+import { zodToJsonSchema } from 'zod-to-json-schema'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import { getToolRegistry } from '../../lib/tool-registry'
+import { loadAllModuleTools } from '../../lib/tool-loader'
+import { hasRequiredFeatures } from '../../lib/auth'
+import type { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'
+export const metadata = {
+  GET: { requireAuth: true, requireFeatures: ['ai_assistant.view'] },
+}
+export async function GET(req: NextRequest) {
+  const auth = await getAuthFromRequest(req)
+  if (!auth) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+  try {
+    const container = await createRequestContainer()
+    const rbacService = container.resolve<RbacService>('rbacService')
+    // Load ACL for user
+    const acl = await rbacService.loadAcl(auth.sub, {
+      tenantId: auth.tenantId,
+      organizationId: auth.orgId,
+    })
+    // Ensure tools are loaded
+    await loadAllModuleTools()
+    // Get tools filtered by ACL
+    const registry = getToolRegistry()
+    const allTools = Array.from(registry.getTools().values())
+    const accessibleTools = allTools.filter((tool) =>
+      hasRequiredFeatures(tool.requiredFeatures, acl.features, acl.isSuperAdmin)
+    )
+    const tools = accessibleTools.map((tool) => {
+      const nameParts = tool.name.split('.')
+      return {
+        name: tool.name,
+        description: tool.description,
+        inputSchema: zodToJsonSchema(tool.inputSchema as any) as Record<string, unknown>,
+        module: nameParts[0] || 'other',
+      }
+    })
+    return NextResponse.json({ tools })
+  } catch (error) {
+    console.error('[AI Tools] Error listing tools:', error)
+    return NextResponse.json({ error: 'Failed to list tools' }, { status: 500 })
+  }
+}