@slashfi/agents-sdk 0.4.0 → 0.6.0

package/src/server.ts

@@ -25,11 +25,23 @@
  * - Recognizes the root key for admin access
  */
 
-import type { AuthStore } from "./auth.js";
+import type { AuthStore } from "./agent-definitions/auth.js";
+import {
+  type SecretStore,
+  processSecretParams,
+} from "./agent-definitions/secrets.js";
+import { verifyJwt } from "./jwt.js";
 import type { AgentRegistry } from "./registry.js";
 import type { AgentDefinition, CallAgentRequest, Visibility } from "./types.js";
-import { verifyJwt } from "./jwt.js";
-import { type SecretStore, createInMemorySecretStore, processSecretParams } from "./secrets.js";
+import { renderLoginPage, renderDashboardPage, renderTenantPage } from "./web-pages.js";
+import { slackAuthUrl, exchangeSlackCode, getSlackProfile, type SlackOAuthConfig } from "./slack-oauth.js";
+
+
+function resolveBaseUrl(req: Request, url: URL): string {
+  const proto = req.headers.get("x-forwarded-proto") || url.protocol.replace(":", "");
+  const host = req.headers.get("x-forwarded-host") || url.host;
+  return `${proto}://${host}`;
+}
 
 // ============================================
 // Server Types
@@ -99,6 +111,61 @@ interface ResolvedAuth {
   isRoot: boolean;
 }
 
+
+// ============================================
+// Secrets Collection (one-time tokens)
+// ============================================
+
+
+function escHtml(s: string): string {
+  return s.replace(/&/g,"\&amp;").replace(/</g,"\&lt;").replace(/>/g,"\&gt;").replace(/"/g,"\&quot;");
+}
+
+function renderSecretForm(token: string, pending: PendingCollection, baseUrl: string): string {
+  const fields = pending.fields.map(f => `
+    <div class="field">
+      <label>${escHtml(f.name)}${f.secret ? ` <span class="badge">SECRET</span>` : ""}${f.required ? ` <span class="req">*</span>` : ""}</label>
+      ${f.description ? `<p class="desc">${escHtml(f.description)}</p>` : ""}
+      <input type="${f.secret ? "password" : "text"}" name="${escHtml(f.name)}" ${f.required ? "required" : ""} autocomplete="off" />
+    </div>`).join("");
+
+  return `<!DOCTYPE html>
+<html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>Secure Setup</title>
+<style>*{box-sizing:border-box;margin:0;padding:0}body{font-family:-apple-system,BlinkMacSystemFont,sans-serif;background:#0d1117;color:#c9d1d9;min-height:100vh;display:flex;align-items:center;justify-content:center}.card{background:#161b22;border:1px solid #30363d;border-radius:12px;padding:32px;max-width:480px;width:100%}.header{display:flex;align-items:center;gap:12px;margin-bottom:8px}.lock{font-size:24px}h1{font-size:20px;font-weight:600}.subtitle{color:#8b949e;font-size:14px;margin-bottom:24px}.shield{display:inline-flex;align-items:center;gap:4px;background:#1a2332;border:1px solid #1f6feb33;color:#58a6ff;font-size:12px;padding:2px 8px;border-radius:12px;margin-bottom:20px}label{display:block;font-size:14px;font-weight:500;margin-bottom:6px}.desc{font-size:12px;color:#8b949e;margin-bottom:4px}.badge{background:#3d1f00;color:#f0883e;font-size:10px;padding:1px 6px;border-radius:4px}.req{color:#f85149}input{width:100%;padding:10px 12px;background:#0d1117;border:1px solid #30363d;border-radius:6px;color:#c9d1d9;font-size:14px;margin-bottom:16px;outline:none}input:focus{border-color:#58a6ff;box-shadow:0 0 0 3px #1f6feb33}button{width:100%;padding:12px;background:#238636;border:none;border-radius:6px;color:#fff;font-size:14px;font-weight:600;cursor:pointer}button:hover{background:#2ea043}button:disabled{opacity:.5;cursor:not-allowed}.footer{text-align:center;margin-top:16px;font-size:12px;color:#484f58}.error{background:#3d1418;border:1px solid #f8514966;color:#f85149;padding:10px 12px;border-radius:6px;font-size:13px;margin-bottom:16px;display:none}.ok{text-align:center;padding:40px 0}.ok .icon{font-size:48px;margin-bottom:12px}.ok h2{font-size:18px;margin-bottom:8px;color:#3fb950}.ok p{color:#8b949e;font-size:14px}.field{position:relative}</style></head><body>
+<div class="card" id="fc"><div class="header"><span class="lock">🔐</span><h1>${escHtml(pending.tool)} on ${escHtml(pending.agent)}</h1></div>
+<p class="subtitle">Enter credentials below. They are encrypted and stored securely — they never pass through the AI.</p>
+<div class="shield">🛡️ End-to-end encrypted</div><div id="err" class="error"></div>
+<form id="f">${fields}<button type="submit">Submit Securely</button></form>
+<p class="footer">Expires in 10 minutes</p></div>
+<div class="card ok" id="ok" style="display:none"><div class="icon">✅</div><h2>Done</h2><p>Credentials stored securely. You can close this window.</p></div>
+<script>document.getElementById("f").addEventListener("submit",async e=>{e.preventDefault();const b=e.target.querySelector("button");b.disabled=true;b.textContent="Submitting...";try{const fd=new FormData(e.target),vals=Object.fromEntries(fd.entries());const r=await fetch("${baseUrl}/secrets/collect",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({token:"${token}",values:vals})});const d=await r.json();if(d.success){document.getElementById("fc").style.display="none";document.getElementById("ok").style.display="block";}else throw new Error(d.error?.message||JSON.stringify(d));}catch(err){const el=document.getElementById("err");el.textContent=err.message;el.style.display="block";b.disabled=false;b.textContent="Submit Securely";}});</script></body></html>`;
+}
+
+export interface PendingCollection {
+  /** Partial params already provided by agent */
+  params: Record<string, unknown>;
+  /** Target agent + tool to call after collection */
+  agent: string;
+  tool: string;
+  /** Auth context from original request */
+  auth: ResolvedAuth | null;
+  /** Fields the form needs to collect */
+  fields: Array<{ name: string; description?: string; secret: boolean; required: boolean }>;
+  /** Created timestamp for expiry */
+  createdAt: number;
+}
+
+export const pendingCollections = new Map<string, PendingCollection>();
+
+export function generateCollectionToken(): string {
+  const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+  let token = "sc_";
+  for (let i = 0; i < 32; i++) {
+    token += chars[Math.floor(Math.random() * chars.length)];
+  }
+  return token;
+}
+
 // ============================================
 // Helpers
 // ============================================
@@ -129,7 +196,11 @@ function jsonRpcError(
   message: string,
   data?: unknown,
 ): JsonRpcResponse {
-  return { jsonrpc: "2.0", id, error: { code, message, ...(data !== undefined && { data }) } };
+  return {
+    jsonrpc: "2.0",
+    id,
+    error: { code, message, ...(data !== undefined && { data }) },
+  };
 }
 
 /** Wrap a value as MCP tool result content */
@@ -138,7 +209,8 @@ function mcpResult(value: unknown, isError = false) {
     content: [
       {
         type: "text",
-        text: typeof value === "string" ? value : JSON.stringify(value, null, 2),
+        text:
+          typeof value === "string" ? value : JSON.stringify(value, null, 2),
       },
     ],
     ...(isError && { isError: true }),
@@ -178,7 +250,12 @@ async function resolveAuth(
   if (scheme?.toLowerCase() !== "bearer" || !credential) return null;
 
   if (credential === authConfig.rootKey) {
-    return { callerId: "root", callerType: "system", scopes: ["*"], isRoot: true };
+    return {
+      callerId: "root",
+      callerType: "system",
+      scopes: ["*"],
+      isRoot: true,
+    };
   }
 
   // Try JWT verification first (stateless)
@@ -190,7 +267,12 @@ async function resolveAuth(
     try {
       const payloadB64 = parts[1];
       const padded = payloadB64.replace(/-/g, "+").replace(/_/g, "/");
-      const payload = JSON.parse(atob(padded)) as { sub?: string; name?: string; scopes?: string[]; exp?: number };
+      const payload = JSON.parse(atob(padded)) as {
+        sub?: string;
+        name?: string;
+        scopes?: string[];
+        exp?: number;
+      };
 
       if (payload.sub) {
         // Look up client to get the signing secret (secret hash)
@@ -225,8 +307,13 @@ async function resolveAuth(
   };
 }
 
-function canSeeAgent(agent: AgentDefinition, auth: ResolvedAuth | null): boolean {
-  const visibility = ((agent as any).visibility ?? agent.config?.visibility ?? "internal") as Visibility;
+function canSeeAgent(
+  agent: AgentDefinition,
+  auth: ResolvedAuth | null,
+): boolean {
+  const visibility = ((agent as any).visibility ??
+    agent.config?.visibility ??
+    "internal") as Visibility;
   if (auth?.isRoot) return true;
   if (visibility === "public") return true;
   if (visibility === "internal" && auth) return true;
@@ -301,7 +388,7 @@ export function createAgentServer(
     cors = true,
     serverName = "agents-sdk",
     serverVersion = "1.0.0",
-    secretStore = createInMemorySecretStore(),
+    secretStore,
   } = options;
 
   let serverInstance: ReturnType<typeof Bun.serve> | null = null;
@@ -346,7 +433,7 @@ export function createAgentServer(
           const result = await handleToolCall(name, args ?? {}, auth);
           return jsonRpcSuccess(request.id, result);
         } catch (err) {
-      console.error("[server] Request error:", err);
+          console.error("[server] Request error:", err);
           return jsonRpcSuccess(
             request.id,
             mcpResult(
@@ -392,6 +479,7 @@ export function createAgentServer(
         }
 
         // Process secret params: resolve refs, store raw secrets
+        // Auto-resolve secret:xxx refs in tool params before execution
         if ((req as any).params && secretStore) {
           const ownerId = auth?.callerId ?? "anonymous";
           // Find the tool schema to check for secret: true fields
@@ -422,6 +510,7 @@ export function createAgentServer(
             name: agent.config?.name,
             description: agent.config?.description,
             supportedActions: agent.config?.supportedActions,
+            integration: agent.config?.integration || null,
             tools: agent.tools
               .filter((t) => {
                 const tv = t.visibility ?? "internal";
@@ -469,42 +558,73 @@ export function createAgentServer(
 
     if (grantType !== "client_credentials") {
       return jsonResponse(
-        { error: "unsupported_grant_type", error_description: "Only client_credentials is supported" },
+        {
+          error: "unsupported_grant_type",
+          error_description: "Only client_credentials is supported",
+        },
         400,
       );
     }
 
     if (!clientId || !clientSecret) {
       return jsonResponse(
-        { error: "invalid_request", error_description: "Missing client_id or client_secret" },
+        {
+          error: "invalid_request",
+          error_description: "Missing client_id or client_secret",
+        },
         400,
       );
     }
 
-    const client = await authConfig.store.validateClient(clientId, clientSecret);
+    const client = await authConfig.store.validateClient(
+      clientId,
+      clientSecret,
+    );
     if (!client) {
       return jsonResponse(
-        { error: "invalid_client", error_description: "Invalid client credentials" },
+        {
+          error: "invalid_client",
+          error_description: "Invalid client credentials",
+        },
         401,
       );
     }
 
-    const tokenString = `at_${Date.now().toString(36)}_${Math.random().toString(36).slice(2)}`;
-    const now = Date.now();
+    // Delegate to @auth agent's token tool which generates proper JWTs
+    const tokenResult = await registry.call({
+      action: "execute_tool",
+      path: "@auth",
+      tool: "token",
+      params: {
+        grantType: "client_credentials",
+        clientId,
+        clientSecret,
+      },
+      context: {
+        tenantId: "default",
+        agentPath: "@auth",
+        callerId: "oauth_endpoint",
+        callerType: "system",
+      },
+    } as any);
 
-    await authConfig.store.storeToken({
-      token: tokenString,
-      clientId: client.clientId,
-      scopes: client.scopes,
-      issuedAt: now,
-      expiresAt: now + authConfig.tokenTtl * 1000,
-    });
+    // Extract the result - registry.call returns { success, result: { accessToken, tokenType, expiresIn, scopes } }
+    const callResponse = tokenResult as any;
+    if (!callResponse.success) {
+      return jsonResponse({ error: "token_generation_failed", error_description: callResponse.error ?? "Unknown error" }, 500);
+    }
+    const tokenData = callResponse.result;
+
+    // accessToken may be wrapped as { $agent_type: "secret", value: "<jwt>" }
+    const accessToken = tokenData.accessToken?.$agent_type === "secret"
+      ? tokenData.accessToken.value
+      : tokenData.accessToken;
 
     return jsonResponse({
-      access_token: tokenString,
-      token_type: "Bearer",
-      expires_in: authConfig.tokenTtl,
-      scope: client.scopes.join(" "),
+      access_token: accessToken,
+      token_type: tokenData.tokenType ?? "Bearer",
+      expires_in: tokenData.expiresIn ?? authConfig.tokenTtl,
+      scope: Array.isArray(tokenData.scopes) ? tokenData.scopes.join(" ") : client.scopes.join(" "),
     });
   }
 
@@ -566,6 +686,7 @@ export function createAgentServer(
               name: agent.config?.name,
               description: agent.config?.description,
               supportedActions: agent.config?.supportedActions,
+              integration: agent.config?.integration || null,
               tools: agent.tools
                 .filter((t) => {
                   const tv = t.visibility ?? "internal";
@@ -580,12 +701,423 @@ export function createAgentServer(
         );
       }
 
-      return addCors(jsonResponse({ jsonrpc: "2.0", id: null, error: { code: -32601, message: `Not found: ${req.method} ${path}` } }, 404));
+
+      // GET /integrations/callback/:provider - OAuth callback
+      if (path.startsWith("/integrations/callback/") && req.method === "GET") {
+        const provider = path.split("/integrations/callback/")[1]?.split("?")[0];
+        if (!provider) {
+          return addCors(jsonResponse({ error: "Missing provider" }, 400));
+        }
+
+        const url = new URL(req.url);
+        const code = url.searchParams.get("code");
+        const state = url.searchParams.get("state");
+        const oauthError = url.searchParams.get("error");
+        const errorDescription = url.searchParams.get("error_description");
+
+        if (oauthError) {
+          return new Response(
+            `<html><body><h1>Authorization Failed</h1><p>${errorDescription ?? oauthError}</p></body></html>`,
+            { status: 400, headers: { "Content-Type": "text/html", ...corsHeaders() } },
+          );
+        }
+
+        if (!code) {
+          return addCors(jsonResponse({ error: "Missing authorization code" }, 400));
+        }
+
+        // Call handle_oauth_callback tool on @integrations
+        try {
+          await registry.call({
+            action: "execute_tool",
+            path: "@integrations",
+            tool: "handle_oauth_callback",
+            params: { provider, code, state: state ?? undefined },
+            context: {
+              tenantId: "default",
+              agentPath: "@integrations",
+              callerId: "oauth_callback",
+              callerType: "system",
+            },
+          } as any);
+
+          // Parse redirect URL from state
+          let redirectUrl = "/";
+          if (state) {
+            try {
+              const parsed = JSON.parse(state);
+              if (parsed.redirectUrl) redirectUrl = parsed.redirectUrl;
+            } catch {}
+          }
+
+          const sep = redirectUrl.includes("?") ? "&" : "?";
+          return Response.redirect(`${redirectUrl}${sep}connected=${provider}`, 302);
+        } catch (err) {
+          return new Response(
+            `<html><body><h1>Connection Failed</h1><p>${err instanceof Error ? err.message : String(err)}</p></body></html>`,
+            { status: 500, headers: { "Content-Type": "text/html", ...corsHeaders() } },
+          );
+        }
+      }
+
+
+      // GET /secrets/form/:token - Serve hosted secrets form
+      if (path.startsWith("/secrets/form/") && req.method === "GET") {
+        const token = path.split("/").pop() ?? "";
+        const pending = pendingCollections.get(token);
+        if (!pending) {
+          return addCors(new Response("Invalid or expired form link", { status: 404 }));
+        }
+        if (Date.now() - pending.createdAt > 10 * 60 * 1000) {
+          pendingCollections.delete(token);
+          return addCors(new Response("Form link expired", { status: 410 }));
+        }
+        const reqUrl = new URL(req.url); const baseUrl = resolveBaseUrl(req, reqUrl);
+        const html = renderSecretForm(token, pending, baseUrl);
+        return addCors(new Response(html, { headers: { "Content-Type": "text/html" } }));
+      }
+
+      // POST /secrets/collect - Submit collected secrets and auto-forward to tool
+      if (path === "/secrets/collect" && req.method === "POST") {
+        const body = (await req.json()) as {
+          token: string;
+          values: Record<string, string>;
+        };
+
+        const pending = pendingCollections.get(body.token);
+        if (!pending) {
+          return addCors(
+            jsonResponse({ error: "Invalid or expired collection token" }, 400),
+          );
+        }
+
+        // One-time use
+        pendingCollections.delete(body.token);
+
+        // Check expiry (10 min)
+        if (Date.now() - pending.createdAt > 10 * 60 * 1000) {
+          return addCors(
+            jsonResponse({ error: "Collection token expired" }, 400),
+          );
+        }
+
+        // Encrypt secret values and store as refs
+        const mergedParams = { ...pending.params };
+        for (const [fieldName, value] of Object.entries(body.values)) {
+          const fieldDef = pending.fields.find((f) => f.name === fieldName);
+          if (fieldDef?.secret && secretStore) {
+            // Store encrypted, get ref
+            const ownerId = pending.auth?.callerId ?? "anonymous";
+            const secretId = await secretStore.store(value, ownerId);
+            mergedParams[fieldName] = `secret:${secretId}`;
+          } else {
+            mergedParams[fieldName] = value;
+          }
+        }
+
+        // Auto-forward to the target tool
+        const callRequest = {
+          action: "execute_tool" as const,
+          path: pending.agent,
+          tool: pending.tool,
+          params: mergedParams,
+        };
+
+        const toolCtx = {
+          tenantId: "default",
+          agentPath: pending.agent,
+          callerId: pending.auth?.callerId ?? "anonymous",
+          callerType: pending.auth?.callerType ?? ("system" as const),
+        };
+
+        const result = await registry.call({
+          ...callRequest,
+          context: toolCtx,
+        } as any);
+
+        return addCors(jsonResponse({ success: true, result }));
+      }
+
+
+      // --- Web pages (plain HTML, served from same server) ---
+      const htmlRes = (body: string) => addCors(new Response(body, { headers: { "Content-Type": "text/html; charset=utf-8" } }));
+      const reqUrl = new URL(req.url);
+      const baseUrl = resolveBaseUrl(req, reqUrl);
+
+      const slackConfig: SlackOAuthConfig | null =
+        process.env.SLACK_CLIENT_ID && process.env.SLACK_CLIENT_SECRET
+          ? {
+              clientId: process.env.SLACK_CLIENT_ID,
+              clientSecret: process.env.SLACK_CLIENT_SECRET,
+              redirectUri: `${baseUrl}/auth/slack/callback`,
+            }
+          : null;
+
+      // Helper: read session from cookie
+      function getSession(r: Request): Record<string, any> | null {
+        const c = r.headers.get("Cookie") || "";
+        const m = c.match(/s_session=([^;]+)/);
+        if (!m) return null;
+        try { return JSON.parse(Buffer.from(m[1], "base64url").toString()); }
+        catch { return null; }
+      }
+
+      // Helper: generate JWT from client credentials
+      async function generateMcpToken(): Promise<string> {
+        const clientRes = await registry.call({ action: "execute_tool", path: "@auth", tool: "create_client", callerType: "system", params: {
+          name: "mcp-" + Date.now(),
+          scopes: ["*"],
+        }} as any) as any;
+        const cid = clientRes?.result?.clientId;
+        const csec = clientRes?.result?.clientSecret;
+        if (!cid || !csec) throw new Error("Failed to create client: " + JSON.stringify(clientRes));
+
+        const tokenRes = await globalThis.fetch(`http://localhost:${port}/oauth/token`, {
+          method: "POST",
+          headers: { "Content-Type": "application/x-www-form-urlencoded" },
+          body: new URLSearchParams({ grant_type: "client_credentials", client_id: cid, client_secret: csec }),
+        });
+        const tokenData = await tokenRes.json() as any;
+        if (!tokenData.access_token) throw new Error("Failed to get JWT: " + JSON.stringify(tokenData));
+        return tokenData.access_token;
+      }
+
+      // Helper: set session cookie and redirect
+      function sessionRedirect(location: string, session: Record<string, any>): Response {
+        const data = Buffer.from(JSON.stringify(session)).toString("base64url");
+        return new Response(null, {
+          status: 302,
+          headers: {
+            Location: location,
+            "Set-Cookie": `s_session=${data}; Path=/; HttpOnly; SameSite=Lax; Max-Age=604800`,
+          },
+        });
+      }
+
+      // GET / — login page (or redirect to dashboard if session exists)
+      if (path === "/" && req.method === "GET") {
+        const session = getSession(req);
+        if (session?.token) return Response.redirect(`${baseUrl}/dashboard`, 302);
+        return htmlRes(renderLoginPage(baseUrl, !!slackConfig));
+      }
+
+      // GET /auth/slack — start Slack OAuth
+      if (path === "/auth/slack" && req.method === "GET") {
+        if (!slackConfig) return htmlRes("<h1>Slack OAuth not configured</h1>");
+        return Response.redirect(slackAuthUrl(slackConfig), 302);
+      }
+
+      // GET /auth/slack/callback — handle Slack OAuth callback
+      if (path === "/auth/slack/callback" && req.method === "GET") {
+        if (!slackConfig) return htmlRes("<h1>Slack OAuth not configured</h1>");
+        const authCode = reqUrl.searchParams.get("code");
+        const authError = reqUrl.searchParams.get("error");
+        if (authError || !authCode) return Response.redirect(`${baseUrl}/?error=${authError || "no_code"}`, 302);
+
+        try {
+          const tokens = await exchangeSlackCode(authCode, slackConfig);
+          const profile = await getSlackProfile(tokens.access_token);
+          const teamId = profile["https://slack.com/team_id"] || "";
+          const teamName = profile["https://slack.com/team_name"] || "";
+
+          // Check if user already exists
+          console.log("[auth] Looking up slack user:", profile.sub, profile.email);
+          const existing = await registry.call({
+            action: "execute_tool", path: "@users", callerType: "system", tool: "resolve_identity",
+            params: { provider: "slack", providerUserId: profile.sub },
+          } as any) as any;
+          console.log("[auth] resolve_identity:", JSON.stringify(existing));
+
+          if (existing?.result?.found && existing?.result?.user?.tenantId) {
+            // Returning user — generate token and go to dashboard
+            console.log("[auth] Returning user, generating token...");
+            const mcpToken = await generateMcpToken();
+            return sessionRedirect(`${baseUrl}/dashboard`, {
+              userId: existing.result.user.id,
+              tenantId: existing.result.user.tenantId,
+              email: existing.result.user.email,
+              name: existing.result.user.name,
+              token: mcpToken,
+            });
+          }
+
+          // Check if Slack team already has a tenant
+          if (teamId) {
+            console.log("[auth] Checking tenant_identities for team:", teamId);
+            try {
+              // Direct DB query via the auth store's underlying connection
+              // We'll use a simple fetch to our own MCP endpoint to call @db-connections
+              // Actually, simpler: just query the DB directly via the server's context
+              // For now, use registry.call to a custom tool or direct SQL
+              // Simplest: call @auth list_tenants and check metadata
+              // Even simpler: direct SQL via globalThis.fetch to ourselves
+              const dbUrl = process.env.DATABASE_URL;
+              if (dbUrl) {
+                const { default: postgres } = await import("postgres");
+                const sql = postgres(dbUrl);
+                const rows = await sql`SELECT tenant_id FROM tenant_identities WHERE provider = 'slack' AND provider_org_id = ${teamId} LIMIT 1`;
+                await sql.end();
+                if (rows.length > 0) {
+                  const existingTenantId = rows[0].tenant_id;
+                  console.log("[auth] Found existing tenant for team:", existingTenantId);
+                  
+                  // Create user on existing tenant
+                  const userRes = await registry.call({ action: "execute_tool", path: "@users", callerType: "system", tool: "create_user", params: {
+                    email: profile.email, name: profile.name, tenantId: existingTenantId,
+                  }} as any) as any;
+                  const newUserId = userRes?.result?.id || userRes?.result?.user?.id;
+                  console.log("[auth] Created user on existing tenant:", newUserId);
+
+                  // Link identity
+                  if (newUserId) {
+                    await registry.call({ action: "execute_tool", path: "@users", callerType: "system", tool: "link_identity", params: {
+                      userId: newUserId, provider: "slack", providerUserId: profile.sub,
+                      email: profile.email, name: profile.name,
+                      metadata: { slackTeamId: teamId, slackTeamName: teamName },
+                    }} as any);
+                  }
+
+                  // Generate token and go to dashboard
+                  const mcpToken = await generateMcpToken();
+                  return sessionRedirect(`${baseUrl}/dashboard`, {
+                    userId: newUserId, tenantId: existingTenantId,
+                    email: profile.email, name: profile.name, token: mcpToken,
+                  });
+                }
+              }
+            } catch (e: any) {
+              console.error("[auth] tenant_identity lookup error:", e.message);
+            }
+          }
+
+          // New user — redirect to setup
+          return sessionRedirect(`${baseUrl}/setup`, {
+            email: profile.email,
+            name: profile.name,
+            picture: profile.picture,
+            slackUserId: profile.sub,
+            slackTeamId: teamId,
+            slackTeamName: teamName,
+          });
+        } catch (err: any) {
+          console.error("[auth] callback error:", err);
+          return Response.redirect(`${baseUrl}/?error=oauth_failed`, 302);
+        }
+      }
+
+      // GET /setup — tenant creation page
+      if (path === "/setup" && req.method === "GET") {
+        const session = getSession(req);
+        if (!session?.email) return Response.redirect(`${baseUrl}/`, 302);
+        return htmlRes(renderTenantPage(baseUrl, session.email, session.name || ""));
+      }
+
+      // POST /setup — create tenant + user + link identity + generate token
+      if (path === "/setup" && req.method === "POST") {
+        try {
+          const body = await req.json() as { email?: string; tenant?: string; name?: string };
+          const session = getSession(req);
+          console.log("[setup] body:", JSON.stringify(body), "session:", JSON.stringify(session));
+
+          // 1. Create tenant
+          const tenantRes = await registry.call({ action: "execute_tool", path: "@auth", callerType: "system", tool: "create_tenant", params: { name: body.tenant } } as any) as any;
+          const tenantId = tenantRes?.result?.tenantId;
+          if (!tenantId) return addCors(jsonResponse({ error: "Failed to create tenant" }, 400));
+          console.log("[setup] tenant created:", tenantId);
+
+          // 2. Create user
+          const userRes = await registry.call({ action: "execute_tool", path: "@users", callerType: "system", tool: "create_user", params: { email: body.email, name: session?.name, tenantId } } as any) as any;
+          const userId = userRes?.result?.id || userRes?.result?.user?.id;
+          console.log("[setup] user created:", userId);
+
+          // 2b. Link tenant to Slack team
+          if (session?.slackTeamId) {
+            try {
+              const dbUrl = process.env.DATABASE_URL;
+              if (dbUrl) {
+                const { default: postgres } = await import("postgres");
+                const sql = postgres(dbUrl);
+                const id = "ti_" + Math.random().toString(36).slice(2, 14);
+                await sql`INSERT INTO tenant_identities (id, tenant_id, provider, provider_org_id, name) VALUES (${id}, ${tenantId}, 'slack', ${session.slackTeamId}, ${session.slackTeamName || ''})`;
+                await sql.end();
+                console.log("[setup] Created tenant_identity for slack team:", session.slackTeamId);
+              }
+            } catch (e: any) { console.error("[setup] tenant_identity insert error:", e.message); }
+          }
+
+          // 3. Link Slack identity
+          if (session?.slackUserId && userId) {
+            console.log("[setup] linking slack identity:", session.slackUserId);
+            const linkRes = await registry.call({ action: "execute_tool", path: "@users", callerType: "system", tool: "link_identity", params: {
+              userId,
+              provider: "slack",
+              providerUserId: session.slackUserId,
+              email: body.email,
+              name: session.name,
+              metadata:{ slackTeamId: session.slackTeamId, slackTeamName: session.slackTeamName }, callerType: "system" }} as any);
+            console.log("[setup] link_identity result:", JSON.stringify(linkRes));
+          }
+
+          // 4. Generate MCP token
+          const mcpToken = await generateMcpToken();
+          console.log("[setup] token generated, length:", mcpToken.length);
+
+          return addCors(jsonResponse({ success: true, result: { tenantId, userId, token: mcpToken } }));
+        } catch (err: any) {
+          console.error("[setup] error:", err);
+          return addCors(jsonResponse({ error: err.message }, 400));
+        }
+      }
+
+      // POST /logout — clear session
+      if (path === "/logout" && req.method === "POST") {
+        return new Response(null, {
+          status: 302,
+          headers: {
+            Location: `${baseUrl}/`,
+            "Set-Cookie": "s_session=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0",
+          },
+        });
+      }
+
+      // GET /dashboard — show MCP URL and setup instructions
+      if (path === "/dashboard" && req.method === "GET") {
+        const session = getSession(req);
+        let token = session?.token || reqUrl.searchParams.get("token") || "";
+        if (!token) return Response.redirect(`${baseUrl}/`, 302);
+
+        // Persist token in cookie
+        const sessData = Buffer.from(JSON.stringify({ ...session, token })).toString("base64url");
+        return new Response(renderDashboardPage(baseUrl, token, session || undefined), {
+          headers: {
+            "Content-Type": "text/html; charset=utf-8",
+            "Set-Cookie": `s_session=${sessData}; Path=/; HttpOnly; SameSite=Lax; Max-Age=604800`,
+          },
+        });
+      }
+
+      return addCors(
+        jsonResponse(
+          {
+            jsonrpc: "2.0",
+            id: null,
+            error: {
+              code: -32601,
+              message: `Not found: ${req.method} ${path}`,
+            },
+          },
+          404,
+        ),
+      );
     } catch (err) {
       console.error("[server] Request error:", err);
       return addCors(
         jsonResponse(
-          { jsonrpc: "2.0", id: null, error: { code: -32603, message: "Internal error" } },
+          {
+            jsonrpc: "2.0",
+            id: null,
+            error: { code: -32603, message: "Internal error" },
+          },
           500,
         ),
       );
@@ -604,14 +1136,14 @@ export function createAgentServer(
       serverUrl = `http://${hostname}:${port}${basePath}`;
 
       console.log(`Agent server running at ${serverUrl}`);
-      console.log(`  POST /     - MCP JSON-RPC endpoint`);
-      console.log(`  POST /mcp  - MCP JSON-RPC endpoint (alias)`);
-      console.log(`  GET  /health - Health check`);
+      console.log("  POST /     - MCP JSON-RPC endpoint");
+      console.log("  POST /mcp  - MCP JSON-RPC endpoint (alias)");
+      console.log("  GET  /health - Health check");
       if (authConfig) {
-        console.log(`  POST /oauth/token - OAuth2 token endpoint`);
+        console.log("  POST /oauth/token - OAuth2 token endpoint");
         console.log("  Auth: enabled");
       }
-      console.log(`  MCP tools: call_agent, list_agents`);
+      console.log("  MCP tools: call_agent, list_agents");
     },
 
     async stop(): Promise<void> {