@web42/w42 0.1.4 → 0.1.8

package/README.md

@@ -1,73 +1,101 @@
 # @web42/cli
 
-CLI for the Web42 Agent Marketplace - push, install, and remix OpenClaw agent packages.
+CLI for the Web42 Agent Network — authenticate, publish, discover, and interact with A2A agents.
 
 ## Installation
 
-To install the CLI globally, run:
-
-```
+```bash
 npm install -g @web42/cli
 ```
 
 ## Authentication
 
-Authenticate with the marketplace by running:
+```bash
+web42 auth login     # Sign in via GitHub OAuth
+web42 auth logout    # Sign out
+web42 auth whoami    # Show current user
+```
+
+## Commands
 
+### `web42 search <query>`
+
+Search the network for agents.
+
+```bash
+web42 search "data analysis"
+web42 search "image processing" --limit 20
 ```
-web42 login
+
+| Option | Description |
+|---|---|
+| `-l, --limit <number>` | Max results to show (default: 10) |
+
+---
+
+### `web42 send <agent> <message>`
+
+Send a message to an A2A agent. `<agent>` can be a slug (`@user/agent`) or a direct URL (`http://localhost:3001`).
+
+```bash
+web42 send @alice/summarizer "Summarize this document"
+web42 send http://localhost:3001 "Hello"
 ```
 
-## Supported Platforms
+| Option | Description |
+|---|---|
+| `--new` | Start a new conversation (clears saved context) |
+| `--context <id>` | Use a specific context ID |
+| `--task-id <id>` | Reply to a specific task (e.g. one in `input-required` state) |
 
-| Platform  | Status       |
-|-----------|--------------|
-| openclaw  | Fully Supported  |
-| claude    | Fully Supported  |
+---
 
-## CLI Commands Reference
+### `web42 serve`
 
-### General Commands
+Start a local A2A server for your agent, bridging to an OpenClaw gateway.
 
-| Command      | Description                             |
-|--------------|-----------------------------------------|
-| `web42 install <agent>` | Install an agent package from the marketplace |
-| `web42 push` | Push your agent package to the marketplace |
-| `web42 pull` | Pull the latest agent state from the marketplace |
-| `web42 list` | List installed agents                   |
-| `web42 update <agent>` | Update an installed agent to the latest version |
-| `web42 uninstall <agent>` | Uninstall an agent                   |
-| `web42 search <query>` | Search the marketplace for agents      |
-| `web42 remix <agent>` | Remix an agent package to your account |
-| `web42 sync` | Check sync status between local workspace and the marketplace |
+```bash
+web42 serve
+web42 serve --port 3001 --url https://my-agent.ngrok.io --verbose
+```
 
-### Claude-Specific Examples
+| Option | Description |
+|---|---|
+| `--port <port>` | Port to listen on (default: 4000) |
+| `--url <url>` | Public URL for registration and AgentCard (e.g. from ngrok) |
+| `--openclaw-port <port>` | OpenClaw gateway port (default: 18789) |
+| `--openclaw-token <token>` | OpenClaw gateway auth token (or `OPENCLAW_GATEWAY_TOKEN`) |
+| `--openclaw-agent <id>` | OpenClaw agent ID to target (default: `main`) |
+| `--client-id <id>` | Developer app client ID (or `W42_CLIENT_ID`) |
+| `--client-secret <secret>` | Developer app client secret (or `W42_CLIENT_SECRET`) |
+| `--visibility <vis>` | Marketplace visibility: `public` or `private` |
+| `--verbose` | Enable verbose request/response logging |
 
-- **Initialize a Project:**
-  ```
-  web42 init
-  ```
+---
 
-- **Pack an Agent:**
-  ```
-  web42 pack --agent <name>
-  ```
+### `web42 register <url>`
 
-- **Push an Agent:**
-  ```
-  web42 push --agent <name>
-  ```
+Register an agent with the Web42 Network. The URL must serve `/.well-known/agent-card.json`.
 
-- **Install an Agent Globally:**
-  ```
-  web42 claude install @user/agent
-  ```
+```bash
+web42 register https://my-agent.example.com
+web42 register https://my-agent.example.com --visibility private --tags "nlp,summarization"
+```
+
+| Option | Description |
+|---|---|
+| `--price <cents>` | Price in cents (default: 0 = free) |
+| `--license <license>` | License (e.g. `MIT`, `Apache-2.0`) |
+| `--visibility <vis>` | `public` or `private` (default: `public`) |
+| `--tags <tags>` | Comma-separated tags |
+| `--categories <cats>` | Comma-separated categories |
 
-- **Install an Agent Locally:**
-  ```
-  web42 claude install -g @user/agent
-  ```
+---
 
-## Versioning
+## Environment variables
 
-Version `0.2.0` introduces Claude Code support.
+```bash
+W42_CLIENT_ID=your-client-id
+W42_CLIENT_SECRET=your-client-secret
+OPENCLAW_GATEWAY_TOKEN=your-openclaw-token
+```

package/dist/commands/send.js

@@ -1,18 +1,41 @@
-import { Command } from "commander";
+import { ClientFactory, ClientFactoryOptions, JsonRpcTransportFactory, } from "@a2a-js/sdk/client";
 import chalk from "chalk";
+import { Command } from "commander";
 import ora from "ora";
 import { v4 as uuidv4 } from "uuid";
-import { requireAuth, setConfigValue, getConfigValue } from "../utils/config.js";
 import { apiPost } from "../utils/api.js";
+import { getConfigValue, requireAuth, setConfigValue } from "../utils/config.js";
 function isUrl(s) {
     return s.startsWith("http://") || s.startsWith("https://");
 }
+function printPart(part) {
+    if (part.kind === "text") {
+        if (part.text)
+            process.stdout.write(part.text);
+    }
+    else if (part.kind === "file") {
+        const f = part.file;
+        const label = [f.name, f.mimeType].filter(Boolean).join(" ");
+        process.stdout.write(`\n[file${label ? `: ${label}` : ""}]\n`);
+        if ("uri" in f) {
+            process.stdout.write(f.uri + "\n");
+        }
+        else {
+            process.stdout.write(`<${f.bytes.length} base64 chars>\n`);
+        }
+    }
+    else if (part.kind === "data") {
+        process.stdout.write("\n" + JSON.stringify(part.data, null, 2) + "\n");
+    }
+}
 function getCachedToken(slug) {
     const raw = getConfigValue(`agentTokens.${slug}`);
     if (!raw)
         return null;
     try {
-        const cached = typeof raw === "string" ? JSON.parse(raw) : raw;
+        const cached = typeof raw === "string"
+            ? JSON.parse(raw)
+            : raw;
         if (new Date(cached.expiresAt) <= new Date())
             return null;
         return cached;
@@ -27,6 +50,7 @@ export const sendCommand = new Command("send")
     .argument("<message>", "Message to send")
     .option("--new", "Start a new conversation (clears saved context)")
     .option("--context <id>", "Use a specific context ID")
+    .option("--task-id <id>", "Reply to a specific task (e.g. one in input-required state)")
     .action(async (rawAgent, userMessage, opts) => {
     // Normalize slug: @user/name → @user~name (DB format)
     const agent = rawAgent.includes("/") && !isUrl(rawAgent)
@@ -37,10 +61,30 @@ export const sendCommand = new Command("send")
     let bearerToken;
     let agentKey;
     if (isUrl(agent)) {
-        // Direct URL mode — local development, no handshake needed
         agentUrl = agent;
-        bearerToken = config.token;
         agentKey = new URL(agent).host.replace(/[.:]/g, "-");
+        const cached = getCachedToken(agentKey);
+        if (cached) {
+            bearerToken = cached.token;
+        }
+        else {
+            const spinner = ora("Getting auth token...").start();
+            try {
+                const res = await apiPost("/api/auth/token", {});
+                bearerToken = res.token;
+                setConfigValue(`agentTokens.${agentKey}`, JSON.stringify({
+                    token: res.token,
+                    agentUrl,
+                    expiresAt: res.expiresAt,
+                }));
+                spinner.stop();
+            }
+            catch (err) {
+                spinner.fail("Failed to get auth token");
+                console.error(chalk.red(String(err)));
+                process.exit(1);
+            }
+        }
     }
     else {
         // Slug mode — handshake with Web42 Network platform
@@ -85,20 +129,6 @@ export const sendCommand = new Command("send")
         contextId = getConfigValue(contextKey) ?? uuidv4();
     }
     setConfigValue(contextKey, contextId);
-    // Dynamically import @a2a-js/sdk client
-    let ClientFactory;
-    let JsonRpcTransportFactory;
-    let ClientFactoryOptions;
-    try {
-        const clientModule = await import("@a2a-js/sdk/client");
-        ClientFactory = clientModule.ClientFactory;
-        JsonRpcTransportFactory = clientModule.JsonRpcTransportFactory;
-        ClientFactoryOptions = clientModule.ClientFactoryOptions;
-    }
-    catch {
-        console.error(chalk.red("Failed to load @a2a-js/sdk. Run: pnpm add @a2a-js/sdk"));
-        process.exit(1);
-    }
     const bearerInterceptor = {
         before: async (args) => {
             if (!args.options)
@@ -119,8 +149,7 @@ export const sendCommand = new Command("send")
                 interceptors: [bearerInterceptor],
             },
         }));
-        const a2aBaseUrl = new URL(agentUrl).origin;
-        client = await factory.createFromUrl(a2aBaseUrl);
+        client = await factory.createFromUrl(agentUrl);
         connectSpinner.stop();
     }
     catch {
@@ -136,22 +165,67 @@ export const sendCommand = new Command("send")
                 parts: [{ kind: "text", text: userMessage }],
                 kind: "message",
                 contextId,
+                ...(opts.taskId ? { taskId: opts.taskId } : {}),
             },
         });
         for await (const event of stream) {
-            if (event.kind === "artifact-update") {
-                const artifact = event.artifact;
-                const text = (artifact.parts ?? [])
-                    .filter((p) => p.kind === "text")
-                    .map((p) => p.text ?? "")
-                    .join("");
-                if (text)
-                    process.stdout.write(text);
+            if (event.kind === "message" && event.role === "agent") {
+                for (const part of event.parts)
+                    printPart(part);
+            }
+            else if (event.kind === "artifact-update") {
+                // When append is true we're receiving streaming chunks — write inline.
+                // When it's a new artifact (append falsy), separate from prior output.
+                if (!event.append)
+                    process.stdout.write("\n");
+                for (const part of event.artifact.parts ?? [])
+                    printPart(part);
             }
-            if (event.kind === "status-update") {
-                const update = event;
-                if (update.status?.state === "failed") {
-                    console.error(chalk.red("\nAgent returned an error."));
+            else if (event.kind === "status-update") {
+                if (event.status?.message) {
+                    for (const part of event.status.message.parts ?? [])
+                        printPart(part);
+                }
+                const state = event.status?.state;
+                if (state === "input-required") {
+                    process.stdout.write("\n");
+                    console.log(chalk.yellow(`[task ${event.taskId} is awaiting input — reply with --task-id ${event.taskId}]`));
+                }
+                else if (state === "auth-required") {
+                    console.error(chalk.red("\nAgent requires authentication."));
+                    process.exit(1);
+                }
+                else if (state === "failed" ||
+                    state === "canceled" ||
+                    state === "rejected") {
+                    console.error(chalk.red(`\nAgent ${state}.`));
+                    process.exit(1);
+                }
+            }
+            else if (event.kind === "task") {
+                // Non-streaming fallback: server returned the full task object.
+                // Print accumulated artifacts and handle terminal state.
+                const task = event;
+                for (const artifact of task.artifacts ?? []) {
+                    process.stdout.write("\n");
+                    for (const part of artifact.parts ?? [])
+                        printPart(part);
+                }
+                if (task.status?.message) {
+                    for (const part of task.status.message.parts ?? [])
+                        printPart(part);
+                }
+                const taskState = task.status?.state;
+                if (taskState === "input-required") {
+                    process.stdout.write("\n");
+                    console.log(chalk.yellow(`[task ${task.id} is awaiting input — reply with --task-id ${task.id}]`));
+                }
+                else if (taskState === "auth-required") {
+                    console.error(chalk.red("\nAgent requires authentication."));
+                    process.exit(1);
+                }
+                else if (taskState === "failed" || taskState === "canceled" || taskState === "rejected") {
+                    console.error(chalk.red(`\nAgent ${taskState}.`));
                     process.exit(1);
                 }
             }

package/dist/commands/serve.js

@@ -1,13 +1,11 @@
 import { existsSync, readFileSync } from "fs";
 import { join } from "path";
-import { Command } from "commander";
+import { Web42Client, createA2AServer, } from "@web42/auth";
 import chalk from "chalk";
+import { Command } from "commander";
 import ora from "ora";
-import express from "express";
-import { agentCardHandler, jsonRpcHandler, } from "@a2a-js/sdk/server/express";
-import { DefaultRequestHandler, InMemoryTaskStore, } from "@a2a-js/sdk/server";
 import { printBanner } from "../utils/banner.js";
-import { requireAuth, getConfig } from "../utils/config.js";
+import { getConfig, requireAuth } from "../utils/config.js";
 class OpenClawAgentExecutor {
     opts;
     verbose;
@@ -17,8 +15,7 @@ class OpenClawAgentExecutor {
     }
     async execute(requestContext, eventBus) {
         const { taskId, contextId, userMessage } = requestContext;
-        const userText = userMessage.parts
-            .find((p) => p.kind === "text")?.text ?? "";
+        const userText = userMessage.parts.find((p) => p.kind === "text")?.text ?? "";
         if (this.verbose) {
             console.log(chalk.gray(`[verbose] → OpenClaw request: agent=${this.opts.openClawAgent} session=${contextId} port=${this.opts.openClawPort}`));
             console.log(chalk.gray(`[verbose] → message text: "${userText.slice(0, 100)}"`));
@@ -35,7 +32,7 @@ class OpenClawAgentExecutor {
                 },
                 body: JSON.stringify({
                     model: "openclaw",
-                    stream: true,
+                    stream: false,
                     messages: [{ role: "user", content: userText }],
                 }),
             });
@@ -54,53 +51,15 @@ class OpenClawAgentExecutor {
             }
             throw new Error(`OpenClaw error: ${response.status} ${response.statusText}`);
         }
-        const reader = response.body.getReader();
-        const decoder = new TextDecoder();
-        let buffer = "";
-        let tokenCount = 0;
-        while (true) {
-            const { done, value } = await reader.read();
-            if (done)
-                break;
-            buffer += decoder.decode(value, { stream: true });
-            const lines = buffer.split("\n");
-            buffer = lines.pop() ?? "";
-            for (const line of lines) {
-                if (!line.startsWith("data: "))
-                    continue;
-                const data = line.slice(6).trim();
-                if (data === "[DONE]")
-                    continue;
-                try {
-                    const chunk = JSON.parse(data);
-                    const token = chunk.choices?.[0]?.delta?.content;
-                    if (token) {
-                        tokenCount++;
-                        eventBus.publish({
-                            kind: "artifact-update",
-                            taskId,
-                            contextId,
-                            artifact: {
-                                artifactId: "response",
-                                parts: [{ kind: "text", text: token }],
-                            },
-                        });
-                    }
-                }
-                catch {
-                    // ignore malformed SSE lines
-                }
-            }
-        }
-        if (this.verbose) {
-            console.log(chalk.gray(`[verbose] ← stream complete: ${tokenCount} tokens received`));
-        }
+        const data = (await response.json());
+        const text = data.choices?.[0]?.message?.content ?? "";
         eventBus.publish({
-            kind: "status-update",
-            taskId,
+            kind: "message",
+            messageId: crypto.randomUUID(),
+            role: "agent",
+            parts: [{ kind: "text", text }],
             contextId,
-            status: { state: "completed", timestamp: new Date().toISOString() },
-            final: true,
+            taskId,
         });
         eventBus.finished();
     }
@@ -117,10 +76,14 @@ async function publishLiveUrl({ apiUrl, token, slug, a2aUrl, enabled, gatewaySta
                 Authorization: `Bearer ${token}`,
                 "Content-Type": "application/json",
             },
-            body: JSON.stringify({ a2a_url: a2aUrl, a2a_enabled: enabled, gateway_status: gatewayStatus }),
+            body: JSON.stringify({
+                a2a_url: a2aUrl,
+                a2a_enabled: enabled,
+                gateway_status: gatewayStatus,
+            }),
         });
         if (!res.ok) {
-            const errBody = await res.json().catch(() => ({}));
+            const errBody = (await res.json().catch(() => ({})));
             console.warn(chalk.yellow(`  Could not register URL with marketplace: ${errBody.error ?? res.status}`));
         }
         else {
@@ -195,71 +158,42 @@ export const serveCommand = new Command("serve")
         process.exit(1);
     }
     const spinner = ora("Starting A2A server...").start();
-    // 3. Build AgentCard from local file + overrides
-    const agentCard = {
-        name: agentName,
-        description: cardData.description ?? "",
-        protocolVersion: cardData.protocolVersion ?? "0.3.0",
-        version: cardData.version ?? "1.0.0",
-        url: `${publicUrl ?? `http://localhost:${port}`}/a2a/jsonrpc`,
-        skills: cardData.skills ?? [],
-        capabilities: {
-            streaming: true,
-            pushNotifications: false,
-            ...(cardData.capabilities ?? {}),
-        },
-        defaultInputModes: cardData.defaultInputModes ?? ["text"],
-        defaultOutputModes: cardData.defaultOutputModes ?? ["text"],
-        securitySchemes: {
-            W42Bearer: { type: "http", scheme: "bearer" },
-        },
-        security: [{ W42Bearer: [] }],
-    };
-    // 4. Start Express server
-    const app = express();
-    // Auth: validate caller's Bearer token via Web42 introspection with Basic auth
-    const basicAuth = `Basic ${Buffer.from(`${clientId}:${clientSecret}`).toString("base64")}`;
-    const userBuilder = async (req) => {
-        const callerToken = req.headers.authorization?.split(" ")[1];
-        if (!callerToken)
-            throw new Error("Missing token");
-        if (verbose) {
-            console.log(chalk.gray(`[verbose] Introspecting token ${callerToken.slice(0, 8)}...`));
-        }
-        const res = await fetch(`${web42ApiUrl}/api/auth/introspect`, {
-            method: "POST",
-            headers: {
-                Authorization: basicAuth,
-                "Content-Type": "application/x-www-form-urlencoded",
-            },
-            body: new URLSearchParams({ token: callerToken }),
-        });
-        if (!res.ok)
-            throw new Error("Introspect call failed");
-        const result = (await res.json());
-        if (verbose) {
-            console.log(chalk.gray(`[verbose] active=${result.active} sub=${result.sub ?? "(none)"}`));
-        }
-        if (!result.active)
-            throw new Error("Unauthorized");
-        return {
-            get isAuthenticated() { return true; },
-            get userName() { return result.sub ?? ""; },
-        };
-    };
+    const web42Client = new Web42Client({
+        baseUrl: web42ApiUrl,
+        clientId,
+        clientSecret,
+    });
     const executor = new OpenClawAgentExecutor({
         openClawPort,
         openClawToken,
         openClawAgent,
         verbose,
     });
-    const requestHandler = new DefaultRequestHandler(agentCard, new InMemoryTaskStore(), executor);
-    // 5. Mount A2A SDK handlers
-    app.use("/.well-known/agent-card.json", agentCardHandler({ agentCardProvider: requestHandler }));
-    app.use("/a2a/jsonrpc", jsonRpcHandler({ requestHandler, userBuilder }));
-    const a2aUrl = `${publicUrl ?? `http://localhost:${port}`}/a2a/jsonrpc`;
-    // 6. Start listening, then register
-    app.listen(port, async () => {
+    const { listen } = createA2AServer({
+        web42: web42Client,
+        card: {
+            name: agentName,
+            description: cardData.description ?? "",
+            version: cardData.version ?? "1.0.0",
+            skills: cardData.skills ?? [],
+            capabilities: {
+                streaming: true,
+                pushNotifications: false,
+                ...(cardData.capabilities ?? {}),
+            },
+            defaultInputModes: cardData.defaultInputModes ?? [
+                "text",
+            ],
+            defaultOutputModes: cardData.defaultOutputModes ?? [
+                "text",
+            ],
+        },
+        executor,
+        port,
+        baseUrl: publicUrl ?? `http://localhost:${port}`,
+    });
+    const a2aUrl = publicUrl ?? `http://localhost:${port}`;
+    listen(async () => {
         spinner.stop();
         printBanner();
         console.log(chalk.green(` Agent "${agentName}" is live`));
@@ -281,7 +215,10 @@ export const serveCommand = new Command("serve")
                     Authorization: `Bearer ${token}`,
                     "Content-Type": "application/json",
                 },
-                body: JSON.stringify({ url: registrationUrl, visibility: opts.visibility }),
+                body: JSON.stringify({
+                    url: registrationUrl,
+                    visibility: opts.visibility,
+                }),
             });
             if (regRes.ok) {
                 const regData = (await regRes.json());
@@ -289,7 +226,7 @@ export const serveCommand = new Command("serve")
                 console.log(chalk.dim(`  Registered with marketplace (slug: ${registeredSlug})`));
             }
             else {
-                const errBody = await regRes.json().catch(() => ({}));
+                const errBody = (await regRes.json().catch(() => ({})));
                 console.warn(chalk.yellow(`  Could not register with marketplace: ${errBody.error ?? regRes.status}`));
             }
         }
@@ -311,7 +248,7 @@ export const serveCommand = new Command("serve")
             console.log(chalk.yellow("  No --url provided. Registered localhost URL is not publicly reachable."));
         }
         console.log(chalk.dim("\nWaiting for requests... (Ctrl+C to stop)\n"));
-        // 7. Graceful shutdown
+        // Graceful shutdown
         process.on("SIGINT", async () => {
             console.log(chalk.dim("\nShutting down..."));
             if (registeredSlug) {

package/dist/version.d.ts

@@ -1 +1 @@
-export declare const CLI_VERSION = "0.1.4";
+export declare const CLI_VERSION = "0.1.8";

package/dist/version.js

@@ -1 +1 @@
-export const CLI_VERSION = "0.1.4";
+export const CLI_VERSION = "0.1.8";

package/package.json

@@ -1,20 +1,20 @@
 {
   "name": "@web42/w42",
-  "version": "0.1.4",
+  "version": "0.1.8",
   "description": "CLI for the Web42 Agent Network — discover, register, and communicate with A2A agents",
   "type": "module",
   "bin": {
     "w42": "./dist/index.js"
   },
   "scripts": {
-    "embed-skills": "npx tsx scripts/embed-skills.ts",
-    "build": "npm run embed-skills && tsc",
-    "build:binary": "bash scripts/sync-version.sh && npm run embed-skills && bash scripts/build-binaries.sh",
+    "build": "tsc",
+    "build:binary": "bash scripts/sync-version.sh  && bash scripts/build-binaries.sh",
     "dev": "tsc --watch",
     "start": "node dist/index.js"
   },
   "dependencies": {
     "@a2a-js/sdk": "^0.3.13",
+    "@web42/auth": "workspace:*",
     "chalk": "^5.3.0",
     "commander": "^12.1.0",
     "conf": "^13.0.1",
@@ -39,8 +39,7 @@
   },
   "files": [
     "dist/**/*.js",
-    "dist/**/*.d.ts",
-    "skills/**"
+    "dist/**/*.d.ts"
   ],
   "keywords": [
     "web42",

package/dist/generated/embedded-skills.d.ts

@@ -1,9 +0,0 @@
-export interface EmbeddedFile {
-    path: string;
-    content: string;
-}
-export interface EmbeddedSkill {
-    name: string;
-    files: EmbeddedFile[];
-}
-export declare const EMBEDDED_SKILLS: EmbeddedSkill[];