@zeulewan/glueclaw-provider 1.4.0 → 1.5.0

package/README.md

@@ -66,7 +66,7 @@ export GLUECLAW_REQUEST_TIMEOUT_MS=600000
 
 - Tested with Telegram and OpenClaw TUI
 - Switching between GlueClaw and other backends (e.g. Codex) works seamlessly via `/model`
-- The installer patches one file in OpenClaw's dist to expose the MCP loopback token to plugins. A `.glueclaw-bak` backup is created.
+- The installer does not patch OpenClaw's dist. GlueClaw starts the MCP loopback in-process when available.
 
 ## Disclaimer
 

package/install.sh

@@ -29,14 +29,6 @@ oc_config() {
   }
 }
 
-sedi() {
-  if [[ "$(uname)" == "Darwin" ]]; then
-    sed -i '' "$@"
-  else
-    sed -i "$@"
-  fi
-}
-
 require_cmd() {
   command -v "$1" >/dev/null 2>&1 || die "$1 not found. $2"
 }
@@ -121,14 +113,6 @@ else
 fi
 echo ""
 
-# Find OpenClaw dist
-OPENCLAW_BIN="$(command -v openclaw)"
-OPENCLAW_ROOT="$(dirname "$OPENCLAW_BIN")/../lib/node_modules/openclaw"
-# Suppress not-found: fallback path may not exist
-[ ! -d "$OPENCLAW_ROOT/dist" ] && OPENCLAW_ROOT="$(npm root -g 2>/dev/null)/openclaw"
-[ ! -d "$OPENCLAW_ROOT/dist" ] && die "Cannot find OpenClaw dist"
-OPENCLAW_DIST="$OPENCLAW_ROOT/dist"
-
 # Detect shell config
 if [ -f "${HOME}/.zshrc" ]; then
   SHELL_RC="${HOME}/.zshrc"
@@ -142,17 +126,7 @@ fi
 
 GW_PID=""
 GW_LOG=""
-BACKUP_FILE=""
 cleanup() {
-  # Restore MCP patch backup if script failed mid-patch
-  if [ -n "$BACKUP_FILE" ] && [ -f "$BACKUP_FILE" ]; then
-    if [ -w "$(dirname "$BACKUP_FILE")" ]; then
-      mv "$BACKUP_FILE" "${BACKUP_FILE%.glueclaw-bak}" 2>/dev/null || true
-    else
-      sudo mv "$BACKUP_FILE" "${BACKUP_FILE%.glueclaw-bak}" 2>/dev/null || true
-    fi
-    echo "  Restored backup: $(basename "$BACKUP_FILE")" >&2
-  fi
   if [ -n "$GW_PID" ] && kill -0 "$GW_PID" 2>/dev/null; then
     kill "$GW_PID" 2>/dev/null || true
   fi
@@ -162,19 +136,19 @@ trap cleanup INT TERM
 
 # --- 1. Dependencies ---
 
-echo "[1/7] Installing dependencies..."
+echo "[1/6] Installing dependencies..."
 cd "$PLUGIN_DIR"
 npm install --silent || die "npm install failed"
 
 # --- 2. Environment ---
 
-echo "[2/7] Setting up environment..."
+echo "[2/6] Setting up environment..."
 ensure_line "$SHELL_RC" "GLUECLAW_KEY" "export GLUECLAW_KEY=local"
 export GLUECLAW_KEY=local
 
 # --- 3. Plugin registration ---
 
-echo "[3/7] Registering plugin..."
+echo "[3/6] Registering plugin..."
 # GlueClaw is on OpenClaw's official safe plugin list. Try standard install first,
 # fall back to --dangerously-force-unsafe-install for older OpenClaw versions,
 # then manual config as last resort.
@@ -188,7 +162,7 @@ fi
 
 # --- 4. Model config ---
 
-echo "[4/7] Configuring models..."
+echo "[4/6] Configuring models..."
 # These two are fatal — without them, nothing works
 oc_config models.providers.glueclaw \
   '{"baseUrl":"local://glueclaw","models":[{"id":"glueclaw-opus","name":"GlueClaw Opus","contextWindow":1000000},{"id":"glueclaw-sonnet","name":"GlueClaw Sonnet","contextWindow":1000000},{"id":"glueclaw-haiku","name":"GlueClaw Haiku","contextWindow":200000}]}' \
@@ -211,47 +185,20 @@ oc_config gateway.tools.allow \
 
 # --- 5. Auth profile ---
 
-echo "[5/7] Setting up auth..."
+echo "[5/6] Setting up auth..."
 AGENT_DIR="${HOME}/.openclaw/agents/main/agent"
 mkdir -p "$AGENT_DIR" || die "Cannot create $AGENT_DIR"
 AUTH_FILE="$AGENT_DIR/auth-profiles.json"
 write_auth_profile "$AUTH_FILE"
 
-# --- 6. Patch: MCP bridge ---
-
-echo "[6/7] Patching gateway for MCP bridge..."
-SERVER_FILE=$(grep -rl "mcp loopback listening" "$OPENCLAW_DIST"/*.js 2>/dev/null | head -n 1)
-[ -z "$SERVER_FILE" ] && die "Cannot find MCP loopback in OpenClaw dist — incompatible version?"
-
-# Use sudo for file operations if dist directory is not writable (global npm install)
-ELEVATE=""
-if [ ! -w "$OPENCLAW_DIST" ]; then
-  echo "  OpenClaw dist is root-owned, using sudo for patch..."
-  ELEVATE="sudo"
-fi
-
-if ! grep -q "__GLUECLAW_MCP" "$SERVER_FILE"; then
-  $ELEVATE cp "$SERVER_FILE" "${SERVER_FILE}.glueclaw-bak" || die "Cannot backup $SERVER_FILE"
-  BACKUP_FILE="${SERVER_FILE}.glueclaw-bak"
-  # shellcheck disable=SC2016
-  if [ -n "$ELEVATE" ]; then
-    $ELEVATE sed -i 's/logDebug(`mcp loopback listening/process.env.__GLUECLAW_MCP_PORT = String(address.port); process.env.__GLUECLAW_MCP_TOKEN = token; logDebug(`mcp loopback listening/' "$SERVER_FILE" ||
-      die "Failed to patch $SERVER_FILE"
-  else
-    sedi 's/logDebug(`mcp loopback listening/process.env.__GLUECLAW_MCP_PORT = String(address.port); process.env.__GLUECLAW_MCP_TOKEN = token; logDebug(`mcp loopback listening/' "$SERVER_FILE" ||
-      die "Failed to patch $SERVER_FILE"
-  fi
-  # Validate the patch actually applied
-  grep -q "__GLUECLAW_MCP_PORT" "$SERVER_FILE" || die "MCP patch did not apply — sed replacement failed"
-  BACKUP_FILE=""  # Patch succeeded, don't restore on cleanup
-  echo "  Patched $(basename "$SERVER_FILE")"
-else
-  echo "  Already patched"
-fi
-
-# --- 7. Restart gateway ---
+# --- 6. Restart gateway ---
+# Note: GlueClaw bootstraps OpenClaw's MCP loopback in-process from
+# src/stream.ts (see docs/RFC-001-sessions-send-native.md). No dist patching
+# is needed — GlueClaw shares OpenClaw's module cache as an in-process
+# provider, so calling ensureMcpLoopbackServer() and getActiveMcpLoopbackRuntime()
+# directly is sufficient.
 
-echo "[7/7] Starting gateway..."
+echo "[6/6] Starting gateway..."
 # Stop any existing gateway first
 pkill -f "openclaw.*gateway" 2>/dev/null || true
 openclaw gateway stop 2>/dev/null || true
@@ -312,4 +259,4 @@ echo "  Default: glueclaw/glueclaw-sonnet"
 echo ""
 echo "  Run: openclaw tui"
 echo ""
-echo "  Re-run after OpenClaw updates to re-apply patches."
+echo "  Re-run after OpenClaw updates to refresh plugin registration."

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zeulewan/glueclaw-provider",
-  "version": "1.4.0",
+  "version": "1.5.0",
   "description": "GlueClaw - Claude CLI subprocess provider for Max subscription",
   "type": "module",
   "engines": {

package/src/stream.ts

@@ -7,12 +7,14 @@ import {
   rmSync,
   renameSync,
 } from "node:fs";
-import { join } from "node:path";
+import { basename, delimiter, dirname, join, normalize } from "node:path";
 import { tmpdir } from "node:os";
 import { randomBytes } from "node:crypto";
+import { pathToFileURL } from "node:url";
 import { createAssistantMessageEventStream } from "@mariozechner/pi-ai";
 import type { StreamFn } from "@mariozechner/pi-agent-core";
 import type { AssistantMessage, Usage, TextContent } from "@mariozechner/pi-ai";
+import { deriveTurnSessionKey } from "./session-key.js";
 
 const PROCESS_TIMEOUT_MS = 5000;
 const REQUEST_TIMEOUT_MS = 120_000;
@@ -91,12 +93,99 @@ export function buildMsg(
   };
 }
 
-/** Get the MCP loopback port and token from process.env.
- *  The gateway patches write these during MCP server startup. */
-export function getMcpLoopback(): { port: number; token: string } | undefined {
-  const port = process.env.__GLUECLAW_MCP_PORT;
+interface McpLoopbackRuntime {
+  port: number;
+  ownerToken: string;
+  nonOwnerToken?: string;
+}
+
+let _mcpLoopback: { port: number; token: string } | undefined;
+let _mcpBootstrapAttempted = false;
+
+function getEnvMcpLoopback(): { port: number; token: string } | undefined {
+  const portRaw = process.env.__GLUECLAW_MCP_PORT;
   const token = process.env.__GLUECLAW_MCP_TOKEN;
-  if (port && token) return { port: parseInt(port, 10), token };
+  if (!portRaw || !token) return undefined;
+
+  const port = Number.parseInt(portRaw, 10);
+  if (!Number.isFinite(port) || port <= 0) return undefined;
+  return { port, token };
+}
+
+function openClawDistFromNodePath(nodePath: string): string | undefined {
+  const normalized = normalize(nodePath);
+  if (!normalized.includes("openclaw")) return undefined;
+  if (basename(normalized) !== "node_modules") return undefined;
+  return join(dirname(normalized), "dist");
+}
+
+export function resetMcpLoopbackForTests(): void {
+  _mcpLoopback = undefined;
+  _mcpBootstrapAttempted = false;
+}
+
+/** Bootstrap OpenClaw's MCP loopback server in-process and return the
+ *  port + owner token. GlueClaw runs inside the gateway process, so we
+ *  share OpenClaw's module cache: importing the same `mcp-http-*.js`
+ *  the gateway loaded gives us the singleton, and a no-op when another
+ *  caller already started it.
+ *
+ *  Returns undefined if the OpenClaw dist cannot be located or its API
+ *  has changed — in that case the claude subprocess simply runs without
+ *  session tools, matching pre-RFC-001 behavior. */
+export async function getMcpLoopback(): Promise<
+  { port: number; token: string } | undefined
+> {
+  const envLoopback = getEnvMcpLoopback();
+  if (envLoopback) return envLoopback;
+
+  if (_mcpLoopback) return _mcpLoopback;
+  if (_mcpBootstrapAttempted) return undefined;
+  _mcpBootstrapAttempted = true;
+
+  try {
+    const { readdir } = await import("node:fs/promises");
+    const nodePaths = (process.env.NODE_PATH ?? "").split(delimiter);
+    const distDirs = nodePaths
+      .map(openClawDistFromNodePath)
+      .filter((p): p is string => Boolean(p));
+
+    for (const distDir of distDirs) {
+      try {
+        const files = await readdir(distDir);
+        const mcpFile = files.find(
+          (f) => f.startsWith("mcp-http-") && f.endsWith(".js"),
+        );
+        if (!mcpFile) continue;
+        const mod = (await import(
+          pathToFileURL(join(distDir, mcpFile)).href
+        )) as Record<string, unknown>;
+        // Minified aliases: n=ensureMcpLoopbackServer, i=getActiveMcpLoopbackRuntime
+        const ensureFn = (mod["n"] ?? mod["ensureMcpLoopbackServer"]) as
+          | (() => Promise<unknown>)
+          | undefined;
+        const getRuntime = (mod["i"] ?? mod["getActiveMcpLoopbackRuntime"]) as
+          | (() => McpLoopbackRuntime | undefined)
+          | undefined;
+        if (
+          typeof ensureFn !== "function" ||
+          typeof getRuntime !== "function"
+        ) {
+          continue;
+        }
+        await ensureFn();
+        const runtime = getRuntime();
+        if (runtime?.port && runtime.ownerToken) {
+          _mcpLoopback = { port: runtime.port, token: runtime.ownerToken };
+          return _mcpLoopback;
+        }
+      } catch {
+        continue;
+      }
+    }
+  } catch {
+    // Non-fatal: session tools simply won't be available
+  }
   return undefined;
 }
 
@@ -184,6 +273,15 @@ export function createClaudeCliStreamFn(opts: {
       let mcpCleanup: (() => void) | undefined;
       let stderrBuf = "";
       try {
+        const turnSessionKey = deriveTurnSessionKey({
+          agentId: opts.agentId,
+          systemPrompt: context.systemPrompt,
+          messages: context.messages as
+            | Array<{ role: string; content: unknown }>
+            | undefined,
+        });
+        const effectiveSessionKey =
+          turnSessionKey ?? opts.sessionKey ?? "default";
         // Scrub Anthropic detection triggers (see docs/detection-patterns.md)
         const cleanPrompt = scrubPrompt(context.systemPrompt ?? "");
         const resolvedModel = opts.modelOverride ?? model.id;
@@ -200,7 +298,7 @@ export function createClaudeCliStreamFn(opts: {
         // otherwise stick to whatever identity was used on the first turn,
         // leaving no way for callers to reinforce or correct an agent's
         // identity across turns.
-        const sessionKey = `glueclaw:${opts.sessionKey ?? "default"}`;
+        const sessionKey = `glueclaw:${effectiveSessionKey}`;
         const existingSessionId = sessionMap.get(sessionKey);
         if (existingSessionId) {
           args.push("--resume", existingSessionId);
@@ -230,13 +328,13 @@ export function createClaudeCliStreamFn(opts: {
         delete env.ANTHROPIC_API_KEY_OLD;
 
         // Wire up MCP bridge for OpenClaw gateway tools
-        const loopback = getMcpLoopback();
+        const loopback = await getMcpLoopback();
         if (loopback) {
           const mcp = writeMcpConfig(loopback.port);
           mcpCleanup = mcp.cleanup;
           args.push("--strict-mcp-config", "--mcp-config", mcp.path);
           env.OPENCLAW_MCP_TOKEN = loopback.token;
-          env.OPENCLAW_MCP_SESSION_KEY = opts.sessionKey ?? "";
+          env.OPENCLAW_MCP_SESSION_KEY = effectiveSessionKey;
           env.OPENCLAW_MCP_AGENT_ID = opts.agentId ?? "main";
           env.OPENCLAW_MCP_ACCOUNT_ID = "";
           env.OPENCLAW_MCP_MESSAGE_CHANNEL = "";