npm - clementine-agent - Versions diffs - 1.10.4 → 1.11.1 - Mend

clementine-agent 1.10.4 → 1.11.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/integrations/composio/client.d.ts +1 -1
package/dist/integrations/composio/client.js +48 -59
package/dist/integrations/composio/mcp-bridge.js +13 -19
package/package.json +1 -1

package/dist/integrations/composio/client.d.ts CHANGED Viewed

@@ -61,7 +61,7 @@ export declare class ComposioNeedsAuthConfigError extends Error {
     readonly underlying: string;
     constructor(slug: string, underlying: string);
 }
-export declare function authorizeToolkit(slug: string, opts?: {
+export declare function authorizeToolkit(slug: string, _opts?: {
     callbackUrl?: string;
     alias?: string;
 }): Promise<{

package/dist/integrations/composio/client.js CHANGED Viewed

@@ -98,6 +98,10 @@ export async function getPreferredUserId() {
 // calls have to pass *some* user_id, and we want it to match whatever the
 // user already has if possible. detectPreferredUserId() picks the user_id
 // with the most existing connections, falling back to this constant.
+// Used only when there are no existing connections to learn from. The real
+// path is detectPreferredUserId() reading the user_id off existing records
+// via the raw client — that's how we match Composio's web-UI auto-generated
+// IDs like `pg-test-<uuid>`.
 const DEFAULT_NEW_CONNECTION_USER_ID = 'default';
 export function clementineUserId() {
     return readComposioEnv('COMPOSIO_USER_ID') || DEFAULT_NEW_CONNECTION_USER_ID;
@@ -108,26 +112,43 @@ async function detectPreferredUserId(composio) {
     const explicit = readComposioEnv('COMPOSIO_USER_ID');
     if (explicit)
         return explicit;
-    if (detectedPreferredUserId)
+    if (detectedPreferredUserId !== null)
         return detectedPreferredUserId;
+    // The high-level wrapper's list() drops the snake_case `user_id` field
+    // during its camelCase transformation, so connections look like they have
+    // no user_id. Use the raw client (snake_case shape) to actually read the
+    // user_id Composio's web UI assigned (typically `pg-test-<uuid>` for
+    // dashboard-created connections). Without this, we'd default to "default"
+    // and composio.create() / toolkits.authorize() would never see existing
+    // connections — every tool call would 401.
     try {
-        const resp = await composio.connectedAccounts.list({ limit: 100 });
+        const rawClient = composio.client;
+        const resp = await rawClient.connectedAccounts.list({});
+        const items = (resp?.items ?? []);
         const counts = new Map();
-        for (const it of resp.items) {
-            const uid = it.userId ?? it.user_id;
-            if (typeof uid === 'string' && uid.length > 0) {
-                counts.set(uid, (counts.get(uid) ?? 0) + 1);
+        for (const it of items) {
+            // Prefer ACTIVE connections — expired ones often outnumber active ones
+            // (3 outlooks: 1 ACTIVE + 2 EXPIRED in real data).
+            if (it.status === 'ACTIVE' && typeof it.user_id === 'string' && it.user_id.length > 0) {
+                counts.set(it.user_id, (counts.get(it.user_id) ?? 0) + 2); // weight active higher
+            }
+            else if (typeof it.user_id === 'string' && it.user_id.length > 0) {
+                counts.set(it.user_id, (counts.get(it.user_id) ?? 0) + 1);
             }
         }
         if (counts.size > 0) {
             const top = [...counts.entries()].sort((a, b) => b[1] - a[1])[0][0];
+            logger.info({ userId: top, candidates: counts.size }, 'Detected Composio user_id from existing connections');
             detectedPreferredUserId = top;
             return top;
         }
     }
     catch (err) {
-        logger.debug({ err }, 'detectPreferredUserId failed — using default');
+        logger.warn({ err }, 'Raw client user_id probe failed — using fallback');
     }
+    // No existing connections. Fall back to "default" — composio.create()
+    // requires a non-empty string, and "default" is the conventional
+    // single-tenant value that Composio's quickstart uses.
     detectedPreferredUserId = DEFAULT_NEW_CONNECTION_USER_ID;
     return DEFAULT_NEW_CONNECTION_USER_ID;
 }
@@ -388,66 +409,34 @@ export class ComposioNeedsAuthConfigError extends Error {
         this.name = 'ComposioNeedsAuthConfigError';
     }
 }
-export async function authorizeToolkit(slug, opts) {
+export async function authorizeToolkit(slug,
+// Reserved for future per-call overrides (callbackUrl / alias). Currently
+// unused because composio.toolkits.authorize doesn't surface those options
+// — alias is set later via patch, callback uses Composio's hosted page.
+_opts) {
     const composio = getComposio();
     if (!composio)
         throw new Error('COMPOSIO_API_KEY not set');
-    // 1. Find or create an auth config. session.authorize() doesn't auto-create
-    //    so we have to pass authConfigId explicitly to connectedAccounts.initiate.
-    let authConfigId;
-    let existingConfig;
-    try {
-        existingConfig = (await composio.authConfigs.list({ toolkit: slug })).items[0];
-    }
-    catch (err) {
-        logger.error({ err, slug, step: 'authConfigs.list' }, 'Composio authorize failed');
-        throw err;
-    }
-    if (existingConfig) {
-        authConfigId = existingConfig.id;
-        logger.debug({ slug, authConfigId }, 'Reusing existing auth config');
-    }
-    else {
-        try {
-            const created = await composio.authConfigs.create(slug, {
-                type: 'use_composio_managed_auth',
-                name: `${displayNameFor(slug)} Auth Config`,
-            });
-            authConfigId = created.id;
-            logger.debug({ slug, authConfigId }, 'Created managed auth config');
-        }
-        catch (err) {
-            const status = err?.status;
-            logger.warn({ err, slug, status, step: 'authConfigs.create' }, 'authConfigs.create rejected — likely needs BYO setup');
-            // 400 → Composio doesn't host a managed OAuth app for this toolkit.
-            // 401/403 → key lacks permission to create managed auth configs (common
-            //   for Google services where Composio's plan tier requires you to
-            //   register your own Google OAuth project). Either way, the user fix
-            //   is the same: set it up once in Composio's auth-configs dashboard.
-            if (status === 400 || status === 401 || status === 403) {
-                throw new ComposioNeedsAuthConfigError(slug, String(err));
-            }
-            throw err;
-        }
-    }
-    // 2. Initiate the connection. allowMultiple if there's already an active
-    //    connection so we add another account instead of replacing.
-    const existing = (await listConnectedToolkits()).filter(c => c.slug === slug && c.status === 'ACTIVE');
-    // Reuse whichever user_id already owns connections in this account, so a
-    // freshly authorized Gmail lands next to the existing Outlook (etc.) under
-    // the same user_id. Falls back to env override or "default".
+    // Use the SDK's blessed one-liner — handles auth config discovery
+    // (reuses existing managed config if present) AND new-config creation
+    // automatically. Source: README + composio-B75SFMkx.d.cts. Replaces our
+    // older two-step `authConfigs.list/create + connectedAccounts.initiate`
+    // flow which tripped 401s on plans that don't allow programmatic
+    // authConfigs.create even when a managed app exists.
     const userId = await detectPreferredUserId(composio);
     try {
-        const conn = await composio.connectedAccounts.initiate(userId, authConfigId, {
-            ...(existing.length > 0 ? { allowMultiple: true } : {}),
-            ...(opts?.callbackUrl ? { callbackUrl: opts.callbackUrl } : {}),
-            ...(opts?.alias ? { alias: opts.alias } : {}),
-        });
-        logger.debug({ slug, userId, connectionId: conn.id }, 'Initiated connection');
+        const conn = await composio.toolkits.authorize(userId, slug);
+        logger.info({ slug, userId, connectionId: conn.id }, 'Composio authorize OK');
         return { redirectUrl: conn.redirectUrl ?? null, connectionId: conn.id };
     }
     catch (err) {
-        logger.error({ err, slug, userId, authConfigId, step: 'connectedAccounts.initiate' }, 'Composio initiate failed');
+        const status = err?.status;
+        logger.error({ err, slug, userId, status, step: 'toolkits.authorize' }, 'Composio authorize failed');
+        // Translate the documented "no managed auth available" error codes into
+        // the friendly BYO-setup banner the dashboard already renders.
+        if (status === 400 || status === 401 || status === 403) {
+            throw new ComposioNeedsAuthConfigError(slug, String(err));
+        }
         throw err;
     }
 }

package/dist/integrations/composio/mcp-bridge.js CHANGED Viewed

@@ -48,29 +48,23 @@ export async function buildComposioMcpServers(slugs) {
     }
     return out;
 }
-async function buildOne(composio, slug, connected) {
-    // If 2+ active connections for this toolkit, force Composio to require
-    // explicit account selection per tool call — otherwise it silently picks
-    // the default (newest) account.
-    const activeCount = connected.filter(c => c.slug === slug && c.status === 'ACTIVE').length;
-    // Look up auth config explicitly. Without this, composio.create() tries to
-    // auto-create one and 400s for BYO toolkits (Twitter etc.) that don't have
-    // a managed OAuth app available.
-    const authConfig = (await composio.authConfigs.list({ toolkit: slug })).items[0];
+async function buildOne(composio, slug, _connected) {
+    // composio.tools.get() returns the FLAT toolkit tools (OUTLOOK_LIST_MESSAGES,
+    // GMAIL_SEND_EMAIL, …) — exactly the namespacing the agent expects as
+    // mcp__outlook__OUTLOOK_LIST_MESSAGES. The alternative, composio.create()
+    // + session.tools(), uses Composio's tool-router pattern and only returns
+    // 5 meta-tools (COMPOSIO_SEARCH_TOOLS, COMPOSIO_MULTI_EXECUTE_TOOL, …),
+    // which doesn't match what the agent calls. Verified empirically:
+    // tools.get returns 50+ actual Outlook tools.
     const userId = await getPreferredUserId();
-    const session = await composio.create(userId, {
-        toolkits: [slug],
-        manageConnections: false,
-        ...(authConfig ? { authConfigs: { [slug]: authConfig.id } } : {}),
-        ...(activeCount >= 2
-            ? { multiAccount: { enable: true, requireExplicitSelection: true } }
-            : {}),
-    });
-    const tools = await session.tools();
+    const toolsRaw = await composio.tools.get(userId, { toolkits: [slug], limit: 200 });
+    // tools.get can return an array OR an object depending on provider; normalise.
+    const toolsArr = Array.isArray(toolsRaw) ? toolsRaw : Object.values(toolsRaw);
+    const tools = toolsArr.filter((t) => t && typeof t.name === 'string' && typeof t.handler === 'function');
     return createSdkMcpServer({
         name: slug,
         version: '0.1.0',
-        tools,
+        tools: tools,
     });
 }
 //# sourceMappingURL=mcp-bridge.js.map

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "clementine-agent",
-  "version": "1.10.4",
+  "version": "1.11.1",
   "description": "Clementine — Personal AI Assistant (TypeScript)",
   "type": "module",
   "main": "dist/index.js",