@web42/cli 0.2.7 → 0.2.9

package/dist/commands/serve.js

@@ -1,13 +1,12 @@
-import { existsSync, readFileSync } from 'fs';
-import { join } from 'path';
-import { Command } from 'commander';
-import chalk from 'chalk';
-import ora from 'ora';
-import express from 'express';
-import { agentCardHandler, jsonRpcHandler, } from '@a2a-js/sdk/server/express';
-import { DefaultRequestHandler, InMemoryTaskStore, } from '@a2a-js/sdk/server';
-import { requireAuth } from '../utils/config.js';
-import { getConfig } from '../utils/config.js';
+import { existsSync, readFileSync } from "fs";
+import { join } from "path";
+import { Command } from "commander";
+import chalk from "chalk";
+import ora from "ora";
+import express from "express";
+import { agentCardHandler, jsonRpcHandler, } from "@a2a-js/sdk/server/express";
+import { DefaultRequestHandler, InMemoryTaskStore, } from "@a2a-js/sdk/server";
+import { requireAuth, getConfig } from "../utils/config.js";
 class OpenClawAgentExecutor {
     opts;
     verbose;
@@ -18,7 +17,7 @@ class OpenClawAgentExecutor {
     async execute(requestContext, eventBus) {
         const { taskId, contextId, userMessage } = requestContext;
         const userText = userMessage.parts
-            .find((p) => p.kind === 'text')?.text ?? '';
+            .find((p) => p.kind === "text")?.text ?? "";
         if (this.verbose) {
             console.log(chalk.gray(`[verbose] → OpenClaw request: agent=${this.opts.openClawAgent} session=${contextId} port=${this.opts.openClawPort}`));
             console.log(chalk.gray(`[verbose] → message text: "${userText.slice(0, 100)}"`));
@@ -26,17 +25,17 @@ class OpenClawAgentExecutor {
         let response;
         try {
             response = await fetch(`http://localhost:${this.opts.openClawPort}/v1/chat/completions`, {
-                method: 'POST',
+                method: "POST",
                 headers: {
                     Authorization: `Bearer ${this.opts.openClawToken}`,
-                    'Content-Type': 'application/json',
-                    'x-openclaw-agent-id': this.opts.openClawAgent,
-                    'x-openclaw-session-key': `agent:${this.opts.openClawAgent}:${contextId}`,
+                    "Content-Type": "application/json",
+                    "x-openclaw-agent-id": this.opts.openClawAgent,
+                    "x-openclaw-session-key": `agent:${this.opts.openClawAgent}:${contextId}`,
                 },
                 body: JSON.stringify({
-                    model: 'openclaw',
+                    model: "openclaw",
                     stream: true,
-                    messages: [{ role: 'user', content: userText }],
+                    messages: [{ role: "user", content: userText }],
                 }),
             });
         }
@@ -49,27 +48,27 @@ class OpenClawAgentExecutor {
         }
         if (!response.ok) {
             if (this.verbose) {
-                const body = await response.text().catch(() => '(unreadable)');
+                const body = await response.text().catch(() => "(unreadable)");
                 console.log(chalk.gray(`[verbose] ← response body: ${body}`));
             }
             throw new Error(`OpenClaw error: ${response.status} ${response.statusText}`);
         }
         const reader = response.body.getReader();
         const decoder = new TextDecoder();
-        let buffer = '';
+        let buffer = "";
         let tokenCount = 0;
         while (true) {
             const { done, value } = await reader.read();
             if (done)
                 break;
             buffer += decoder.decode(value, { stream: true });
-            const lines = buffer.split('\n');
-            buffer = lines.pop() ?? '';
+            const lines = buffer.split("\n");
+            buffer = lines.pop() ?? "";
             for (const line of lines) {
-                if (!line.startsWith('data: '))
+                if (!line.startsWith("data: "))
                     continue;
                 const data = line.slice(6).trim();
-                if (data === '[DONE]')
+                if (data === "[DONE]")
                     continue;
                 try {
                     const chunk = JSON.parse(data);
@@ -77,12 +76,12 @@ class OpenClawAgentExecutor {
                     if (token) {
                         tokenCount++;
                         eventBus.publish({
-                            kind: 'artifact-update',
+                            kind: "artifact-update",
                             taskId,
                             contextId,
                             artifact: {
-                                artifactId: 'response',
-                                parts: [{ kind: 'text', text: token }],
+                                artifactId: "response",
+                                parts: [{ kind: "text", text: token }],
                             },
                         });
                     }
@@ -96,10 +95,10 @@ class OpenClawAgentExecutor {
             console.log(chalk.gray(`[verbose] ← stream complete: ${tokenCount} tokens received`));
         }
         eventBus.publish({
-            kind: 'status-update',
+            kind: "status-update",
             taskId,
             contextId,
-            status: { state: 'completed', timestamp: new Date().toISOString() },
+            status: { state: "completed", timestamp: new Date().toISOString() },
             final: true,
         });
         eventBus.finished();
@@ -112,35 +111,37 @@ class OpenClawAgentExecutor {
 async function publishLiveUrl({ apiUrl, token, slug, a2aUrl, enabled, gatewayStatus, }) {
     try {
         const res = await fetch(`${apiUrl}/api/agents/${slug}/a2a`, {
-            method: 'POST',
+            method: "POST",
             headers: {
                 Authorization: `Bearer ${token}`,
-                'Content-Type': 'application/json',
+                "Content-Type": "application/json",
             },
             body: JSON.stringify({ a2a_url: a2aUrl, a2a_enabled: enabled, gateway_status: gatewayStatus }),
         });
         if (!res.ok) {
-            console.warn(chalk.yellow(`⚠ Could not register URL with marketplace: ${res.status}`));
+            console.warn(chalk.yellow(`  Could not register URL with marketplace: ${res.status}`));
         }
         else {
-            console.log(chalk.dim('  Registered with marketplace ✓'));
+            console.log(chalk.dim("  Registered with marketplace"));
         }
     }
     catch (err) {
-        console.warn(chalk.yellow(`⚠ Could not register URL with marketplace: ${String(err)}`));
+        console.warn(chalk.yellow(`  Could not register URL with marketplace: ${String(err)}`));
     }
 }
 // ---------------------------------------------------------------------------
 // Command
 // ---------------------------------------------------------------------------
-export const serveCommand = new Command('serve')
-    .description('Start a local A2A server for your agent')
-    .option('--port <port>', 'Port to listen on', '4000')
-    .option('--url <url>', 'Public URL (e.g. from ngrok) shown in logs and AgentCard')
-    .option('--openclaw-port <port>', 'OpenClaw gateway port', '18789')
-    .option('--openclaw-token <token>', 'OpenClaw gateway auth token (or set OPENCLAW_GATEWAY_TOKEN)')
-    .option('--openclaw-agent <id>', 'OpenClaw agent ID to target', 'main')
-    .option('--verbose', 'Enable verbose request/response logging')
+export const serveCommand = new Command("serve")
+    .description("Start a local A2A server for your agent")
+    .option("--port <port>", "Port to listen on", "4000")
+    .option("--url <url>", "Public URL (e.g. from ngrok) for registration and AgentCard")
+    .option("--openclaw-port <port>", "OpenClaw gateway port", "18789")
+    .option("--openclaw-token <token>", "OpenClaw gateway auth token (or set OPENCLAW_GATEWAY_TOKEN)")
+    .option("--openclaw-agent <id>", "OpenClaw agent ID to target", "main")
+    .option("--client-id <id>", "Developer app client ID (or set WEB42_CLIENT_ID)")
+    .option("--client-secret <secret>", "Developer app client secret (or set WEB42_CLIENT_SECRET)")
+    .option("--verbose", "Enable verbose request/response logging")
     .action(async (opts) => {
     const verbose = opts.verbose ?? false;
     // 1. Must be logged into web42
@@ -150,131 +151,176 @@ export const serveCommand = new Command('serve')
         token = authConfig.token;
     }
     catch {
-        console.error(chalk.red('Not authenticated. Run `web42 auth login` first.'));
+        console.error(chalk.red("Not authenticated. Run `web42 auth login` first."));
+        process.exit(1);
+    }
+    const clientId = opts.clientId ?? process.env.WEB42_CLIENT_ID;
+    const clientSecret = opts.clientSecret ?? process.env.WEB42_CLIENT_SECRET;
+    if (!clientId || !clientSecret) {
+        console.error(chalk.red("Developer app credentials required.\n" +
+            "  Provide --client-id and --client-secret flags,\n" +
+            "  or set WEB42_CLIENT_ID and WEB42_CLIENT_SECRET env vars.\n" +
+            "  Create them at: https://web42.ai/settings/developer-apps"));
         process.exit(1);
     }
-    const cwd = process.cwd();
-    const port = parseInt(opts.port, 10);
     const openClawPort = parseInt(opts.openclawPort, 10);
-    const openClawToken = opts.openclawToken ?? process.env.OPENCLAW_GATEWAY_TOKEN ?? '';
+    const openClawToken = opts.openclawToken ?? process.env.OPENCLAW_GATEWAY_TOKEN ?? "";
     const openClawAgent = opts.openclawAgent;
+    const cwd = process.cwd();
+    const port = parseInt(opts.port, 10);
     const publicUrl = opts.url;
-    // 2. Read manifest.json
-    const manifestPath = join(cwd, 'manifest.json');
-    if (!existsSync(manifestPath)) {
-        console.error(chalk.red('No manifest.json found in current directory.'));
-        console.error(chalk.dim('Run `web42 init` to create one.'));
+    const config = getConfig();
+    const web42ApiUrl = config.apiUrl ?? "https://web42.ai";
+    // 2. Read agent-card.json from cwd
+    const cardPath = join(cwd, "agent-card.json");
+    if (!existsSync(cardPath)) {
+        console.error(chalk.red("No agent-card.json found in current directory."));
+        console.error(chalk.dim("Create an agent-card.json with your agent's A2A card."));
         process.exit(1);
     }
-    let manifest;
+    let cardData;
     try {
-        manifest = JSON.parse(readFileSync(manifestPath, 'utf-8'));
+        cardData = JSON.parse(readFileSync(cardPath, "utf-8"));
     }
     catch {
-        console.error(chalk.red('Failed to parse manifest.json.'));
+        console.error(chalk.red("Failed to parse agent-card.json."));
         process.exit(1);
     }
-    if (!manifest.name) {
-        console.error(chalk.red('manifest.json must have a "name" field.'));
+    const agentName = cardData.name ?? "Untitled Agent";
+    if (!agentName || agentName === "Untitled Agent") {
+        console.error(chalk.red('agent-card.json must have a "name" field.'));
         process.exit(1);
     }
-    const config = getConfig();
-    const web42ApiUrl = config.apiUrl ?? 'https://web42.ai';
-    const spinner = ora('Starting A2A server...').start();
-    // 3. Build AgentCard from manifest
+    const spinner = ora("Starting A2A server...").start();
+    // 3. Build AgentCard from local file + overrides
     const agentCard = {
-        name: manifest.name,
-        description: manifest.description ?? '',
-        protocolVersion: '0.3.0',
-        version: manifest.version ?? '1.0.0',
+        name: agentName,
+        description: cardData.description ?? "",
+        protocolVersion: cardData.protocolVersion ?? "0.3.0",
+        version: cardData.version ?? "1.0.0",
         url: `${publicUrl ?? `http://localhost:${port}`}/a2a/jsonrpc`,
-        skills: (manifest.skills ?? []).map((s) => ({
-            id: s.name.toLowerCase().replace(/\s+/g, '-'),
-            name: s.name,
-            description: s.description ?? '',
-            tags: [],
-        })),
+        skills: cardData.skills ?? [],
         capabilities: {
             streaming: true,
             pushNotifications: false,
+            ...(cardData.capabilities ?? {}),
         },
-        defaultInputModes: ['text'],
-        defaultOutputModes: ['text'],
+        defaultInputModes: cardData.defaultInputModes ?? ["text"],
+        defaultOutputModes: cardData.defaultOutputModes ?? ["text"],
         securitySchemes: {
-            Web42Bearer: { type: 'http', scheme: 'bearer' },
+            Web42Bearer: { type: "http", scheme: "bearer" },
         },
         security: [{ Web42Bearer: [] }],
     };
     // 4. Start Express server
     const app = express();
-    // Auth: validate caller's web42 Bearer token against marketplace introspect endpoint
+    // Auth: validate caller's Bearer token via Web42 introspection with Basic auth
+    const basicAuth = `Basic ${Buffer.from(`${clientId}:${clientSecret}`).toString("base64")}`;
     const userBuilder = async (req) => {
-        const callerToken = req.headers.authorization?.split(' ')[1];
+        const callerToken = req.headers.authorization?.split(" ")[1];
         if (!callerToken)
-            throw new Error('Missing token');
+            throw new Error("Missing token");
         if (verbose) {
-            const masked = `${callerToken.slice(0, 8)}...`;
-            console.log(chalk.gray(`[verbose] userBuilder: token=${masked} → introspecting...`));
+            console.log(chalk.gray(`[verbose] Introspecting token ${callerToken.slice(0, 8)}...`));
         }
         const res = await fetch(`${web42ApiUrl}/api/auth/introspect`, {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({ token: callerToken }),
+            method: "POST",
+            headers: {
+                Authorization: basicAuth,
+                "Content-Type": "application/x-www-form-urlencoded",
+            },
+            body: new URLSearchParams({ token: callerToken }),
         });
         if (!res.ok)
-            throw new Error('Introspect call failed');
+            throw new Error("Introspect call failed");
         const result = (await res.json());
         if (verbose) {
-            console.log(chalk.gray(`[verbose] userBuilder: token=${callerToken.slice(0, 8)}... → active=${result.active} sub=${result.sub ?? '(none)'}`));
+            console.log(chalk.gray(`[verbose] active=${result.active} sub=${result.sub ?? "(none)"}`));
         }
         if (!result.active)
-            throw new Error('Unauthorized');
-        const userId = result.sub ?? '';
+            throw new Error("Unauthorized");
         return {
             get isAuthenticated() { return true; },
-            get userName() { return userId; },
+            get userName() { return result.sub ?? ""; },
         };
     };
-    const executor = new OpenClawAgentExecutor({ openClawPort, openClawToken, openClawAgent, verbose });
+    const executor = new OpenClawAgentExecutor({
+        openClawPort,
+        openClawToken,
+        openClawAgent,
+        verbose,
+    });
     const requestHandler = new DefaultRequestHandler(agentCard, new InMemoryTaskStore(), executor);
     // 5. Mount A2A SDK handlers
-    app.use('/.well-known/agent-card.json', agentCardHandler({ agentCardProvider: requestHandler }));
-    app.use('/a2a/jsonrpc', jsonRpcHandler({ requestHandler, userBuilder }));
+    app.use("/.well-known/agent-card.json", agentCardHandler({ agentCardProvider: requestHandler }));
+    app.use("/a2a/jsonrpc", jsonRpcHandler({ requestHandler, userBuilder }));
     const a2aUrl = `${publicUrl ?? `http://localhost:${port}`}/a2a/jsonrpc`;
-    // 6. Start listening
+    // 6. Start listening, then register
     app.listen(port, async () => {
         spinner.stop();
-        console.log(chalk.green(`\n✓ Agent "${manifest.name}" is live`));
-        console.log(chalk.dim(`  Local:  http://localhost:${port}`));
+        console.log(chalk.green(`\n Agent "${agentName}" is live`));
+        console.log(chalk.dim(`  Local:      http://localhost:${port}`));
         if (publicUrl)
-            console.log(chalk.dim(`  Public: ${publicUrl}`));
+            console.log(chalk.dim(`  Public:     ${publicUrl}`));
         console.log(chalk.dim(`  Agent card: http://localhost:${port}/.well-known/agent-card.json`));
         console.log(chalk.dim(`  JSON-RPC:   http://localhost:${port}/a2a/jsonrpc`));
         if (verbose) {
-            console.log(chalk.gray(`[verbose] agent card url: http://localhost:${port}/.well-known/agent-card.json`));
-            console.log(chalk.gray(`[verbose] openclaw target: http://localhost:${openClawPort}/v1/chat/completions agent=${openClawAgent}`));
+            console.log(chalk.gray(`[verbose] OpenClaw target: http://localhost:${openClawPort}/v1/chat/completions agent=${openClawAgent}`));
+        }
+        // Register agent with marketplace — API crawls back to fetch the card
+        const registrationUrl = publicUrl ?? `http://localhost:${port}`;
+        let registeredSlug = null;
+        try {
+            const regRes = await fetch(`${web42ApiUrl}/api/agents`, {
+                method: "POST",
+                headers: {
+                    Authorization: `Bearer ${token}`,
+                    "Content-Type": "application/json",
+                },
+                body: JSON.stringify({ url: registrationUrl }),
+            });
+            if (regRes.ok) {
+                const regData = (await regRes.json());
+                registeredSlug = regData.agent?.slug ?? null;
+                console.log(chalk.dim(`  Registered with marketplace (slug: ${registeredSlug})`));
+            }
+            else {
+                const errBody = await regRes.json().catch(() => ({}));
+                console.warn(chalk.yellow(`  Could not register with marketplace: ${errBody.error ?? regRes.status}`));
+            }
+        }
+        catch (err) {
+            console.warn(chalk.yellow(`  Could not register with marketplace: ${String(err)}`));
+        }
+        // Publish live A2A URL
+        if (registeredSlug) {
+            await publishLiveUrl({
+                apiUrl: web42ApiUrl,
+                token,
+                slug: registeredSlug,
+                a2aUrl,
+                enabled: true,
+                gatewayStatus: "live",
+            });
         }
-        await publishLiveUrl({
-            apiUrl: web42ApiUrl,
-            token,
-            slug: manifest.name,
-            a2aUrl,
-            enabled: true,
-            gatewayStatus: 'live',
-        });
         if (!publicUrl) {
-            console.log(chalk.yellow('  ⚠ No --url provided. Registered localhost URL is not publicly reachable; buyers cannot connect.'));
+            console.log(chalk.yellow("  No --url provided. Registered localhost URL is not publicly reachable."));
         }
-        console.log(chalk.dim('\nWaiting for requests... (Ctrl+C to stop)\n'));
-    });
-    // 7. Keep process alive
-    process.on('SIGINT', async () => {
-        console.log(chalk.dim('\nShutting down...'));
-        await fetch(`${web42ApiUrl}/api/agents/${manifest.name}/a2a`, {
-            method: 'POST',
-            headers: { Authorization: `Bearer ${token}`, 'Content-Type': 'application/json' },
-            body: JSON.stringify({ a2a_url: null, a2a_enabled: false, gateway_status: 'offline' }),
-        }).catch(() => { }); // best-effort
-        process.exit(0);
+        console.log(chalk.dim("\nWaiting for requests... (Ctrl+C to stop)\n"));
+        // 7. Graceful shutdown
+        process.on("SIGINT", async () => {
+            console.log(chalk.dim("\nShutting down..."));
+            if (registeredSlug) {
+                await publishLiveUrl({
+                    apiUrl: web42ApiUrl,
+                    token,
+                    slug: registeredSlug,
+                    a2aUrl: null,
+                    enabled: false,
+                    gatewayStatus: "offline",
+                }).catch(() => { });
+            }
+            process.exit(0);
+        });
     });
 });

package/dist/index.js

@@ -1,23 +1,15 @@
 #!/usr/bin/env node
 import { Command } from "commander";
 import { authCommand } from "./commands/auth.js";
-import { configCommand } from "./commands/config.js";
-import { initCommand } from "./commands/init.js";
-import { packCommand } from "./commands/pack.js";
-import { pushCommand } from "./commands/push.js";
-import { pullCommand } from "./commands/pull.js";
-import { remixCommand } from "./commands/remix.js";
 import { searchCommand } from "./commands/search.js";
 import { sendCommand } from "./commands/send.js";
 import { serveCommand } from "./commands/serve.js";
-import { syncCommand } from "./commands/sync.js";
-import { getAllPlatformCommands } from "./platforms/registry.js";
 import { setApiUrl } from "./utils/config.js";
 import { CLI_VERSION } from "./version.js";
 const program = new Command();
 program
     .name("web42")
-    .description("Web42 Agent Marketplace CLI — manage, install, and publish agent packages")
+    .description("Web42 CLI — authenticate, discover, and communicate with A2A agents")
     .version(CLI_VERSION)
     .option("--api-url <url>", "Override the API URL for this invocation")
     .hook("preAction", (thisCommand) => {
@@ -27,17 +19,7 @@ program
     }
 });
 program.addCommand(authCommand);
-program.addCommand(configCommand);
-program.addCommand(initCommand);
-program.addCommand(packCommand);
-program.addCommand(pushCommand);
-program.addCommand(pullCommand);
-program.addCommand(remixCommand);
 program.addCommand(searchCommand);
 program.addCommand(sendCommand);
 program.addCommand(serveCommand);
-program.addCommand(syncCommand);
-for (const platformCmd of getAllPlatformCommands()) {
-    program.addCommand(platformCmd);
-}
 program.parse();

package/dist/version.d.ts

@@ -1 +1 @@
-export declare const CLI_VERSION = "0.2.7";
+export declare const CLI_VERSION = "0.2.9";

package/dist/version.js

@@ -1 +1 @@
-export const CLI_VERSION = "0.2.7";
+export const CLI_VERSION = "0.2.9";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@web42/cli",
-  "version": "0.2.7",
+  "version": "0.2.9",
   "description": "CLI for the Web42 Agent Marketplace - push, install, and remix OpenClaw agent packages",
   "type": "module",
   "bin": {

package/dist/commands/config.d.ts

@@ -1,2 +0,0 @@
-import { Command } from "commander";
-export declare const configCommand: Command;

package/dist/commands/config.js

@@ -1,27 +0,0 @@
-import { Command } from "commander";
-import chalk from "chalk";
-import { getConfig, setApiUrl } from "../utils/config.js";
-export const configCommand = new Command("config").description("View or update CLI configuration");
-configCommand
-    .command("show")
-    .description("Show the current configuration")
-    .action(() => {
-    const cfg = getConfig();
-    console.log(chalk.bold("Web42 CLI Configuration"));
-    console.log();
-    console.log(`  API URL:        ${chalk.cyan(cfg.apiUrl)}`);
-    console.log(`  Authenticated:  ${cfg.authenticated ? chalk.green("yes") : chalk.yellow("no")}`);
-    if (cfg.username) {
-        console.log(`  User:           ${chalk.cyan(`@${cfg.username}`)}`);
-    }
-    if (cfg.fullName) {
-        console.log(`  Name:           ${cfg.fullName}`);
-    }
-});
-configCommand
-    .command("set-url <url>")
-    .description("Persistently set the API URL (e.g. http://localhost:3000)")
-    .action((url) => {
-    setApiUrl(url);
-    console.log(chalk.green(`API URL set to ${chalk.bold(url)}`));
-});

package/dist/commands/init.d.ts

@@ -1,2 +0,0 @@
-import { Command } from "commander";
-export declare const initCommand: Command;