@open-mercato/ai-assistant 0.4.2-canary-c02407ff85

package/src/modules/ai_assistant/lib/mcp-server.ts

@@ -0,0 +1,214 @@
+import { Server } from '@modelcontextprotocol/sdk/server/index.js'
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js'
+import {
+  ListToolsRequestSchema,
+  CallToolRequestSchema,
+} from '@modelcontextprotocol/sdk/types.js'
+import { zodToJsonSchema } from 'zod-to-json-schema'
+import { getToolRegistry } from './tool-registry'
+import { executeTool } from './tool-executor'
+import { loadAllModuleTools, indexToolsForSearch } from './tool-loader'
+import { authenticateMcpRequest, hasRequiredFeatures } from './auth'
+import type { McpServerOptions, McpToolContext } from './types'
+import type { SearchService } from '@open-mercato/search/service'
+
+/**
+ * Create and configure an MCP server instance.
+ */
+export async function createMcpServer(options: McpServerOptions): Promise<Server> {
+  const { config, container, context, apiKeySecret } = options
+
+  let tenantId: string | null = null
+  let organizationId: string | null = null
+  let userId: string | null = null
+  let userFeatures: string[] = []
+  let isSuperAdmin = false
+
+  // API key authentication takes precedence
+  if (apiKeySecret) {
+    const authResult = await authenticateMcpRequest(apiKeySecret, container)
+    if (!authResult.success) {
+      throw new Error(`API key authentication failed: ${authResult.error}`)
+    }
+    tenantId = authResult.tenantId
+    organizationId = authResult.organizationId
+    userId = authResult.userId
+    userFeatures = authResult.features
+    isSuperAdmin = authResult.isSuperAdmin
+    console.error(`[MCP Server] Authenticated via API key: ${authResult.keyName}`)
+  } else if (context) {
+    // Manual context provided
+    tenantId = context.tenantId
+    organizationId = context.organizationId
+    userId = context.userId
+
+    if (userId) {
+      try {
+        const rbacService = container.resolve('rbacService') as {
+          loadAcl: (
+            userId: string,
+            scope: { tenantId: string | null; organizationId: string | null }
+          ) => Promise<{
+            isSuperAdmin: boolean
+            features: string[]
+          }>
+        }
+        const acl = await rbacService.loadAcl(userId, {
+          tenantId,
+          organizationId,
+        })
+        userFeatures = acl.features
+        isSuperAdmin = acl.isSuperAdmin
+      } catch (error) {
+        console.error('[MCP Server] Failed to load user ACL:', error)
+      }
+    } else {
+      // No user specified - grant superadmin access for development/testing
+      isSuperAdmin = true
+      console.error('[MCP Server] No user specified, running with superadmin access')
+    }
+  } else {
+    // No context and no API key - superadmin for dev/testing
+    isSuperAdmin = true
+    console.error('[MCP Server] No auth context, running with superadmin access')
+  }
+
+  const toolContext: McpToolContext = {
+    tenantId,
+    organizationId,
+    userId,
+    container,
+    userFeatures,
+    isSuperAdmin,
+    apiKeySecret,
+  }
+
+  const server = new Server(
+    { name: config.name, version: config.version },
+    { capabilities: { tools: {} } }
+  )
+
+  // List tools handler
+  server.setRequestHandler(ListToolsRequestSchema, async () => {
+    const registry = getToolRegistry()
+    const tools = Array.from(registry.getTools().values())
+
+    // Filter tools based on user permissions
+    const accessibleTools = tools.filter((tool) =>
+      hasRequiredFeatures(tool.requiredFeatures, userFeatures, isSuperAdmin)
+    )
+
+    if (config.debug) {
+      console.error(
+        `[MCP Server] Listing ${accessibleTools.length}/${tools.length} tools (filtered by ACL)`
+      )
+    }
+
+    return {
+      tools: accessibleTools.map((tool) => ({
+        name: tool.name,
+        description: tool.description,
+        // Cast to any for Zod v4 compatibility with zod-to-json-schema
+        inputSchema: zodToJsonSchema(tool.inputSchema as any) as Record<string, unknown>,
+      })),
+    }
+  })
+
+  // Call tool handler
+  server.setRequestHandler(CallToolRequestSchema, async (request) => {
+    const { name, arguments: args } = request.params
+
+    if (config.debug) {
+      console.error(`[MCP Server] Calling tool: ${name}`, JSON.stringify(args))
+    }
+
+    const result = await executeTool(name, args ?? {}, toolContext)
+
+    if (!result.success) {
+      return {
+        content: [
+          {
+            type: 'text',
+            text: JSON.stringify({ error: result.error, code: result.errorCode }),
+          },
+        ],
+        isError: true,
+      }
+    }
+
+    return {
+      content: [
+        {
+          type: 'text',
+          text: JSON.stringify(result.result, null, 2),
+        },
+      ],
+    }
+  })
+
+  return server
+}
+
+/**
+ * Run MCP server with stdio transport.
+ * This keeps the process running until terminated.
+ *
+ * Supports two authentication modes:
+ * 1. API key: Provide `apiKeySecret` option
+ * 2. Manual context: Provide `context` with tenant/org/user
+ */
+export async function runMcpServer(options: McpServerOptions): Promise<void> {
+  // Load tools from all modules before starting
+  await loadAllModuleTools()
+
+  // Index tools and API endpoints for hybrid search discovery (if search service available)
+  try {
+    const searchService = options.container.resolve('searchService') as SearchService
+
+    // Index MCP tools
+    await indexToolsForSearch(searchService)
+
+    // Index API endpoints for api_discover
+    const { indexApiEndpoints } = await import('./api-endpoint-index')
+    const endpointCount = await indexApiEndpoints(searchService)
+    if (endpointCount > 0) {
+      console.error(`[MCP Server] Indexed ${endpointCount} API endpoints for hybrid search`)
+    }
+  } catch (error) {
+    // Search service might not be configured - discovery will use fallback
+    console.error('[MCP Server] Search indexing skipped (search service not available)')
+  }
+
+  const server = await createMcpServer(options)
+  const transport = new StdioServerTransport()
+
+  const toolCount = getToolRegistry().listToolNames().length
+
+  console.error(`[MCP Server] Starting ${options.config.name} v${options.config.version}`)
+
+  if (options.apiKeySecret) {
+    console.error(`[MCP Server] Authentication: API key`)
+  } else if (options.context) {
+    console.error(`[MCP Server] Tenant: ${options.context.tenantId ?? '(none)'}`)
+    console.error(`[MCP Server] Organization: ${options.context.organizationId ?? '(none)'}`)
+    console.error(`[MCP Server] User: ${options.context.userId ?? '(superadmin)'}`)
+  } else {
+    console.error(`[MCP Server] Authentication: none (superadmin mode)`)
+  }
+
+  console.error(`[MCP Server] Tools registered: ${toolCount}`)
+
+  await server.connect(transport)
+
+  console.error('[MCP Server] Connected and ready for requests')
+
+  // Handle shutdown gracefully
+  const shutdown = async () => {
+    console.error('[MCP Server] Shutting down...')
+    await server.close()
+    process.exit(0)
+  }
+
+  process.on('SIGINT', shutdown)
+  process.on('SIGTERM', shutdown)
+}

package/src/modules/ai_assistant/lib/mcp-tool-adapter.ts

@@ -0,0 +1,76 @@
+import { dynamicTool, type Tool } from 'ai'
+import type { InProcessMcpClient, ToolInfoWithSchema } from './in-process-client'
+import { toSafeZodSchema } from './schema-utils'
+
+/**
+ * Convert MCP tools to Vercel AI SDK format.
+ *
+ * This adapter takes tools from an MCP client and converts them
+ * to the format expected by the AI SDK's streamText function.
+ *
+ * Uses dynamicTool for dynamic schema support, which allows
+ * tools with runtime-determined schemas (from MCP servers).
+ *
+ * @param mcpClient - MCP client to execute tools
+ * @param mcpTools - List of tools with Zod schemas
+ * @returns Record of AI SDK tools
+ */
+export function convertMcpToolsToAiSdk(
+  mcpClient: InProcessMcpClient,
+  mcpTools: ToolInfoWithSchema[]
+): Record<string, Tool<unknown, unknown>> {
+  const aiTools: Record<string, Tool<unknown, unknown>> = {}
+
+  for (const mcpTool of mcpTools) {
+    try {
+      // Convert schema using Zod4's toJSONSchema with unrepresentable: 'any'
+      // This handles Date types by converting them to 'any' in JSON Schema,
+      // then we convert back to a clean Zod schema
+      const safeSchema = toSafeZodSchema(mcpTool.inputSchema)
+
+      aiTools[mcpTool.name] = dynamicTool({
+        description: mcpTool.description,
+        inputSchema: safeSchema,
+        execute: async (args: unknown) => {
+          const result = await mcpClient.callTool(mcpTool.name, args)
+
+          if (!result.success) {
+            throw new Error(result.error || 'Tool execution failed')
+          }
+
+          // Return the result in a format suitable for LLM consumption
+          return formatToolResult(result.result)
+        },
+      })
+    } catch (error) {
+      console.error(`[MCP Adapter] Error converting tool "${mcpTool.name}":`, error)
+    }
+  }
+
+  return aiTools
+}
+
+/**
+ * Format tool result for LLM consumption.
+ * Converts various result types to a string representation.
+ */
+function formatToolResult(result: unknown): string {
+  if (result === null || result === undefined) {
+    return 'No result returned'
+  }
+
+  if (typeof result === 'string') {
+    return result
+  }
+
+  if (typeof result === 'number' || typeof result === 'boolean') {
+    return String(result)
+  }
+
+  // For objects and arrays, return JSON representation
+  try {
+    return JSON.stringify(result, null, 2)
+  } catch {
+    return String(result)
+  }
+}

package/src/modules/ai_assistant/lib/opencode-client.ts

@@ -0,0 +1,426 @@
+/**
+ * OpenCode Agent Client
+ *
+ * Client for communicating with OpenCode server running in headless mode.
+ * OpenCode is used as an AI agent that can execute MCP tools.
+ */
+
+export type OpenCodeClientConfig = {
+  baseUrl: string
+  password?: string
+}
+
+export type OpenCodeSession = {
+  id: string
+  slug: string
+  version: string
+  projectID: string
+  directory: string
+  title: string
+  time: {
+    created: number
+    updated: number
+  }
+}
+
+export type OpenCodeMessagePart = {
+  type: 'text'
+  text: string
+}
+
+export type OpenCodeMessageInfo = {
+  id: string
+  sessionID: string
+  role: 'user' | 'assistant'
+  time: {
+    created: number
+    completed?: number
+  }
+  modelID?: string
+  providerID?: string
+  tokens?: {
+    input: number
+    output: number
+  }
+  error?: {
+    name: string
+    data: Record<string, unknown>
+  }
+}
+
+export type OpenCodeMessage = {
+  info: OpenCodeMessageInfo
+  parts: Array<{
+    id: string
+    type: string
+    text?: string
+    [key: string]: unknown
+  }>
+}
+
+export type OpenCodeHealth = {
+  healthy: boolean
+  version: string
+}
+
+export type OpenCodeMcpStatus = Record<
+  string,
+  {
+    status: 'connected' | 'failed' | 'connecting'
+    error?: string
+  }
+>
+
+export type OpenCodeQuestionOption = {
+  label: string
+  description: string
+}
+
+export type OpenCodeQuestion = {
+  id: string
+  sessionID: string
+  questions: Array<{
+    question: string
+    header: string
+    options: OpenCodeQuestionOption[]
+  }>
+  tool: {
+    messageID: string
+    callID: string
+  }
+}
+
+/**
+ * SSE Event from OpenCode event stream.
+ */
+export type OpenCodeSSEEvent = {
+  type: string
+  properties: Record<string, unknown>
+}
+
+/**
+ * Callback for SSE events.
+ */
+export type OpenCodeSSECallback = (event: OpenCodeSSEEvent) => void
+
+/**
+ * Client for OpenCode server API.
+ */
+export class OpenCodeClient {
+  private baseUrl: string
+  private headers: Record<string, string>
+
+  constructor(config: OpenCodeClientConfig) {
+    this.baseUrl = config.baseUrl.replace(/\/$/, '')
+    this.headers = {
+      'Content-Type': 'application/json',
+    }
+
+    if (config.password) {
+      const credentials = Buffer.from(`opencode:${config.password}`).toString('base64')
+      this.headers['Authorization'] = `Basic ${credentials}`
+    }
+  }
+
+  /**
+   * Subscribe to SSE event stream for real-time updates.
+   * Returns an abort function to stop the stream.
+   */
+  subscribeToEvents(
+    onEvent: OpenCodeSSECallback,
+    onError?: (error: Error) => void
+  ): () => void {
+    const controller = new AbortController()
+
+    const connect = async () => {
+      try {
+        const res = await fetch(`${this.baseUrl}/event`, {
+          headers: {
+            ...this.headers,
+            Accept: 'text/event-stream',
+          },
+          signal: controller.signal,
+        })
+
+        if (!res.ok || !res.body) {
+          throw new Error(`SSE connection failed: ${res.status}`)
+        }
+
+        const reader = res.body.getReader()
+        const decoder = new TextDecoder()
+        let buffer = ''
+
+        while (true) {
+          const { done, value } = await reader.read()
+          if (done) break
+
+          buffer += decoder.decode(value, { stream: true })
+
+          // Process complete SSE messages
+          const lines = buffer.split('\n')
+          buffer = lines.pop() || '' // Keep incomplete line in buffer
+
+          for (const line of lines) {
+            if (line.startsWith('data: ')) {
+              try {
+                const data = JSON.parse(line.slice(6))
+                onEvent(data)
+              } catch {
+                // Ignore parse errors
+              }
+            }
+          }
+        }
+      } catch (error) {
+        if ((error as Error).name !== 'AbortError') {
+          onError?.(error as Error)
+        }
+      }
+    }
+
+    connect()
+
+    return () => controller.abort()
+  }
+
+  /**
+   * Check OpenCode server health.
+   */
+  async health(): Promise<OpenCodeHealth> {
+    const res = await fetch(`${this.baseUrl}/global/health`, {
+      headers: this.headers,
+    })
+
+    if (!res.ok) {
+      throw new Error(`Health check failed: ${res.status}`)
+    }
+
+    return res.json()
+  }
+
+  /**
+   * Get MCP server connection status.
+   */
+  async mcpStatus(): Promise<OpenCodeMcpStatus> {
+    const res = await fetch(`${this.baseUrl}/mcp`, {
+      headers: this.headers,
+    })
+
+    if (!res.ok) {
+      throw new Error(`MCP status check failed: ${res.status}`)
+    }
+
+    return res.json()
+  }
+
+  /**
+   * Create a new conversation session.
+   */
+  async createSession(): Promise<OpenCodeSession> {
+    const res = await fetch(`${this.baseUrl}/session`, {
+      method: 'POST',
+      headers: this.headers,
+      body: JSON.stringify({}),
+    })
+
+    if (!res.ok) {
+      const error = await res.text()
+      throw new Error(`Failed to create session: ${error}`)
+    }
+
+    return res.json()
+  }
+
+  /**
+   * Get an existing session by ID.
+   */
+  async getSession(sessionId: string): Promise<OpenCodeSession> {
+    const res = await fetch(`${this.baseUrl}/session/${sessionId}`, {
+      headers: this.headers,
+    })
+
+    if (!res.ok) {
+      throw new Error(`Failed to get session: ${res.status}`)
+    }
+
+    return res.json()
+  }
+
+  /**
+   * Send a message to a session and wait for response.
+   */
+  async sendMessage(
+    sessionId: string,
+    message: string,
+    options?: {
+      model?: { providerID: string; modelID: string }
+    }
+  ): Promise<OpenCodeMessage> {
+    const body: Record<string, unknown> = {
+      parts: [{ type: 'text', text: message }],
+    }
+
+    if (options?.model) {
+      body.model = options.model
+    }
+
+    const res = await fetch(`${this.baseUrl}/session/${sessionId}/message`, {
+      method: 'POST',
+      headers: this.headers,
+      body: JSON.stringify(body),
+    })
+
+    if (!res.ok) {
+      const error = await res.text()
+      throw new Error(`Failed to send message: ${error}`)
+    }
+
+    return res.json()
+  }
+
+  /**
+   * Set authentication credentials for a provider.
+   */
+  async setAuth(providerId: string, apiKey: string): Promise<void> {
+    const res = await fetch(`${this.baseUrl}/auth/${providerId}`, {
+      method: 'PUT',
+      headers: this.headers,
+      body: JSON.stringify({ type: 'api', key: apiKey }),
+    })
+
+    if (!res.ok) {
+      throw new Error(`Failed to set auth: ${res.status}`)
+    }
+  }
+
+  /**
+   * Get current configuration.
+   */
+  async getConfig(): Promise<Record<string, unknown>> {
+    const res = await fetch(`${this.baseUrl}/config`, {
+      headers: this.headers,
+    })
+
+    if (!res.ok) {
+      throw new Error(`Failed to get config: ${res.status}`)
+    }
+
+    return res.json()
+  }
+
+  /**
+   * Get pending questions that need user response.
+   */
+  async getPendingQuestions(): Promise<OpenCodeQuestion[]> {
+    const res = await fetch(`${this.baseUrl}/question`, {
+      headers: this.headers,
+    })
+
+    if (!res.ok) {
+      throw new Error(`Failed to get questions: ${res.status}`)
+    }
+
+    return res.json()
+  }
+
+  /**
+   * Answer a pending question.
+   * OpenCode expects: POST /question/{requestID}/reply with { answers: [["label"]] }
+   * Each answer is an array of selected option labels (for multi-select support).
+   */
+  async answerQuestion(questionId: string, answerIndex: number): Promise<void> {
+    // First get the question to find the selected option label
+    const questions = await this.getPendingQuestions()
+    const question = questions.find((q) => q.id === questionId)
+
+    if (!question) {
+      throw new Error(`Question ${questionId} not found`)
+    }
+
+    // Build answers array - each question's answer is an array of selected labels
+    const answers: string[][] = []
+    for (const q of question.questions) {
+      const selectedOption = q.options[answerIndex]
+      if (selectedOption) {
+        // Each answer is an array of selected labels (supports multi-select)
+        answers.push([selectedOption.label])
+      }
+    }
+
+    const body = { answers }
+
+    console.log('[OpenCode Client] Answering question', questionId, 'with body:', JSON.stringify(body))
+
+    const res = await fetch(`${this.baseUrl}/question/${questionId}/reply`, {
+      method: 'POST',
+      headers: this.headers,
+      body: JSON.stringify(body),
+    })
+
+    const responseText = await res.text()
+    console.log('[OpenCode Client] Answer response:', res.status, responseText.substring(0, 200))
+
+    if (!res.ok) {
+      throw new Error(`Failed to answer question: ${res.status} - ${responseText}`)
+    }
+  }
+
+  /**
+   * Reject a pending question.
+   */
+  async rejectQuestion(questionId: string): Promise<void> {
+    console.log('[OpenCode Client] Rejecting question', questionId)
+
+    const res = await fetch(`${this.baseUrl}/question/${questionId}/reject`, {
+      method: 'POST',
+      headers: this.headers,
+    })
+
+    if (!res.ok) {
+      const responseText = await res.text()
+      throw new Error(`Failed to reject question: ${res.status} - ${responseText}`)
+    }
+  }
+
+  /**
+   * Get session status (idle, busy, waiting for question).
+   * Falls back to inferring status from pending questions if endpoint doesn't exist.
+   */
+  async getSessionStatus(sessionId: string): Promise<{ status: string; questionId?: string }> {
+    try {
+      const res = await fetch(`${this.baseUrl}/session/${sessionId}/status`, {
+        headers: this.headers,
+      })
+
+      if (res.ok) {
+        const contentType = res.headers.get('content-type')
+        if (contentType && contentType.includes('application/json')) {
+          return res.json()
+        }
+      }
+    } catch {
+      // Endpoint doesn't exist or network error - fall through to inference
+    }
+
+    // Fall back to inferring status from pending questions
+    // Note: We can't tell if OpenCode is busy without the status endpoint
+    // Return 'unknown' to let SSE events determine actual state
+    const questions = await this.getPendingQuestions()
+    const sessionQuestion = questions.find((q) => q.sessionID === sessionId)
+    if (sessionQuestion) {
+      return { status: 'waiting', questionId: sessionQuestion.id }
+    }
+    // Don't assume idle - we can't know without SSE events
+    return { status: 'unknown' }
+  }
+}
+
+/**
+ * Create an OpenCode client with default configuration from environment.
+ */
+export function createOpenCodeClient(config?: Partial<OpenCodeClientConfig>): OpenCodeClient {
+  return new OpenCodeClient({
+    baseUrl: config?.baseUrl ?? process.env.OPENCODE_URL ?? 'http://localhost:4096',
+    password: config?.password ?? process.env.OPENCODE_PASSWORD,
+  })
+}