loopat 0.1.37 → 0.1.39

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "loopat",
-  "version": "0.1.37",
+  "version": "0.1.39",
   "description": "Self-hosted AI workspace built around context management — works solo, scales to teams",
   "license": "Apache-2.0",
   "homepage": "https://github.com/simpx/loopat",

package/server/src/a2a.ts

@@ -0,0 +1,319 @@
+/**
+ * A2A (Agent-to-Agent) adapter — in-process, standard A2A (Google's Agent2Agent).
+ *
+ * Each loopat account is its own A2A agent:
+ *   - GET  /a2a/<user>/agent-card.json   → that user's Agent Card
+ *   - POST /a2a/<user>                   → JSON-RPC (message/send | message/stream)
+ *
+ * Auth is per-user: the caller presents that user's loopat API token
+ * (`Authorization: Bearer la_…`). We validate the token resolves to <user> and
+ * forward it to loopat's own `/api/v1` over loopback — which already does
+ * per-token-user auth, loop creation, turn execution, and SSE — so this adapter
+ * is a thin protocol translator (A2A ↔ /api/v1 SSE) that can't break web or
+ * /api/v1. The A2A `contextId` (conversation) maps to a loopat loop.
+ */
+import { Hono, type Context } from "hono"
+import { streamSSE } from "hono/streaming"
+import { randomBytes } from "node:crypto"
+import { resolveApiToken } from "./api-tokens"
+import { loadA2AConfig, type A2AUserConfig } from "./config"
+
+const A2A_PROTOCOL_VERSION = "0.3.0"
+const SELF_BASE = `http://127.0.0.1:${process.env.PORT ?? 10001}`
+
+// contextId (A2A conversation) → loopat loopId. In-memory: a restart starts a
+// fresh conversation (acceptable for v1).
+const ctxToLoop = new Map<string, string>()
+
+function resolvePublicUrl(c: Context): string {
+  const configured = process.env.LOOPAT_A2A_PUBLIC_URL
+  if (configured) return configured.replace(/\/+$/, "")
+  const proto = c.req.header("x-forwarded-proto") ?? "http"
+  const host = c.req.header("host") ?? `127.0.0.1:${process.env.PORT ?? 10001}`
+  return `${proto}://${host}`
+}
+
+function agentCard(user: string, publicUrl: string, cfg: A2AUserConfig) {
+  const name = cfg.card?.name?.trim() || `Loopat Agent (${user})`
+  const description = cfg.card?.description?.trim() ||
+    "Self-hosted AI workspace (Claude Agent SDK). Runs development tasks in an isolated sandbox: writing code, reading repos, editing files, running commands, and researching."
+  return {
+    protocolVersion: A2A_PROTOCOL_VERSION,
+    name,
+    description,
+    url: `${publicUrl}/a2a/${encodeURIComponent(user)}`,
+    version: "1.0.0",
+    preferredTransport: "JSONRPC",
+    capabilities: { streaming: true, pushNotifications: false, stateTransitionHistory: false },
+    defaultInputModes: ["text/plain", "application/json"],
+    defaultOutputModes: ["text/plain"],
+    securitySchemes: {
+      bearer: { type: "http", scheme: "bearer", description: "A loopat API token belonging to this user." },
+    },
+    security: [{ bearer: [] }],
+    skills: [
+      {
+        id: "loopat_dev_turn",
+        name: "General development task",
+        description:
+          "Run one development task in a loopat sandbox: write/edit code, read the repo, run commands, research, and return the result. Multi-turn within a conversation (reuse contextId to continue).",
+        tags: ["coding", "agent", "dev", "sandbox"],
+        examples: ["Add a health-check endpoint to the repo and make the tests pass."],
+        inputModes: ["text/plain", "application/json"],
+        outputModes: ["text/plain"],
+      },
+    ],
+  }
+}
+
+type ParsedMsg = { text: string; contextId?: string; taskId?: string }
+
+function parseMessage(params: any): ParsedMsg {
+  const message = params?.message ?? {}
+  let text = ""
+  const parts = Array.isArray(message.parts) ? message.parts : []
+  for (const p of parts) {
+    if (p?.kind === "text" && typeof p.text === "string") { text += p.text }
+    else if (p?.kind === "data" && p.data) {
+      const d = p.data
+      text += typeof d.message === "string" ? d.message
+        : typeof d.text === "string" ? d.text
+        : typeof d === "string" ? d : ""
+    }
+  }
+  return {
+    text: text.trim(),
+    contextId: typeof message.contextId === "string" && message.contextId ? message.contextId : undefined,
+    taskId: typeof message.taskId === "string" && message.taskId ? message.taskId : undefined,
+  }
+}
+
+async function getOrCreateLoop(parsed: ParsedMsg, callerAuth: string, cfg: A2AUserConfig): Promise<{ loopId: string; contextId: string }> {
+  let contextId = parsed.contextId
+  if (contextId && ctxToLoop.has(contextId)) return { loopId: ctxToLoop.get(contextId)!, contextId }
+  if (!contextId) contextId = `ctx_${randomBytes(8).toString("hex")}`
+
+  const title = parsed.text.slice(0, 60) || "a2a"
+  const res = await fetch(`${SELF_BASE}/api/v1/loops`, {
+    method: "POST",
+    headers: { authorization: callerAuth, "content-type": "application/json" },
+    body: JSON.stringify({
+      title,
+      profiles: cfg.profiles && cfg.profiles.length ? cfg.profiles : undefined,
+      vault: cfg.vault || undefined,
+      metadata: { a2a_context_id: contextId },
+    }),
+  })
+  if (!res.ok) {
+    const body = await res.text().catch(() => "")
+    throw new Error(`loop create failed: ${res.status} ${body}`)
+  }
+  const loop = await res.json()
+  const loopId = loop.id as string
+  ctxToLoop.set(contextId, loopId)
+  return { loopId, contextId }
+}
+
+type LoopatEvent = { event: string; data: any }
+
+async function* loopbackTurn(loopId: string, content: string, taskId: string, callerAuth: string): AsyncGenerator<LoopatEvent> {
+  const res = await fetch(`${SELF_BASE}/api/v1/loops/${loopId}/messages`, {
+    method: "POST",
+    headers: {
+      authorization: callerAuth,
+      "content-type": "application/json",
+      accept: "text/event-stream",
+      "idempotency-key": taskId,
+    },
+    body: JSON.stringify({ content, permission_mode: "bypassPermissions" }),
+  })
+  if (!res.ok || !res.body) {
+    const body = await res.text().catch(() => "")
+    yield { event: "error", data: { code: "send_failed", message: `${res.status} ${body}` } }
+    return
+  }
+  const reader = res.body.getReader()
+  const decoder = new TextDecoder()
+  let buf = ""
+  let curEvent = "message"
+  let curData = ""
+  const flush = (): LoopatEvent | null => {
+    if (!curData) { curEvent = "message"; return null }
+    let parsed: any = curData
+    try { parsed = JSON.parse(curData) } catch { /* keep string */ }
+    const ev = { event: curEvent, data: parsed }
+    curEvent = "message"; curData = ""
+    return ev
+  }
+  while (true) {
+    const { done, value } = await reader.read()
+    if (done) break
+    buf += decoder.decode(value, { stream: true })
+    const lines = buf.split("\n")
+    buf = lines.pop() ?? ""
+    for (const line of lines) {
+      if (line === "") { const ev = flush(); if (ev) yield ev; continue }
+      if (line.startsWith("event:")) curEvent = line.slice(6).trim()
+      else if (line.startsWith("data:")) curData += line.slice(5).trim()
+    }
+  }
+  const ev = flush(); if (ev) yield ev
+}
+
+function extractAssistantText(d: any): string | null {
+  if (!d || d.type !== "assistant") return null
+  const content = d.message?.content
+  if (!Array.isArray(content)) return null
+  const txt = content.filter((b: any) => b?.type === "text" && typeof b.text === "string").map((b: any) => b.text).join("")
+  return txt || null
+}
+
+function resultError(d: any): string | null {
+  if (!d || d.type !== "result") return null
+  if (d.is_error === true) return typeof d.result === "string" && d.result ? d.result : "agent error"
+  return null
+}
+
+// ── Standard A2A streaming event builders ─────────────────────────────────
+function artifactUpdate(reqId: unknown, taskId: string, contextId: string, artifactId: string, text: string, append: boolean, lastChunk: boolean) {
+  return {
+    jsonrpc: "2.0", id: reqId,
+    result: {
+      kind: "artifact-update",
+      taskId, contextId, append, lastChunk,
+      artifact: { artifactId, name: "response", parts: [{ kind: "text", text }] },
+    },
+  }
+}
+function statusUpdate(reqId: unknown, taskId: string, contextId: string, state: "working" | "completed" | "failed", final: boolean, errorText?: string) {
+  const status: Record<string, unknown> = { state }
+  if (errorText) {
+    status.message = {
+      kind: "message", role: "agent", messageId: `msg_${randomBytes(6).toString("hex")}`,
+      parts: [{ kind: "text", text: errorText }], taskId, contextId,
+    }
+  }
+  return { jsonrpc: "2.0", id: reqId, result: { kind: "status-update", taskId, contextId, status, final } }
+}
+
+async function handleStream(c: Context, reqId: unknown, parsed: ParsedMsg, callerAuth: string, cfg: A2AUserConfig) {
+  return streamSSE(c, async (stream) => {
+    const artifactId = `artifact_${randomBytes(8).toString("hex")}`
+    const taskId = parsed.taskId || `task_${randomBytes(8).toString("hex")}`
+    try {
+      const { loopId, contextId } = await getOrCreateLoop(parsed, callerAuth, cfg)
+      await stream.writeSSE({ data: JSON.stringify(statusUpdate(reqId, taskId, contextId, "working", false)) })
+      let gotDelta = false
+      let fallbackText: string | null = null
+      let errMsg: string | undefined
+      const finish = async () => {
+        if (errMsg) {
+          await stream.writeSSE({ data: JSON.stringify(statusUpdate(reqId, taskId, contextId, "failed", true, errMsg)) })
+          return
+        }
+        if (!gotDelta && fallbackText) {
+          await stream.writeSSE({ data: JSON.stringify(artifactUpdate(reqId, taskId, contextId, artifactId, fallbackText, false, false)) })
+        }
+        await stream.writeSSE({ data: JSON.stringify(artifactUpdate(reqId, taskId, contextId, artifactId, "", true, true)) })
+        await stream.writeSSE({ data: JSON.stringify(statusUpdate(reqId, taskId, contextId, "completed", true)) })
+      }
+      for await (const ev of loopbackTurn(loopId, parsed.text, taskId, callerAuth)) {
+        if (ev.event === "assistant_delta" && typeof ev.data?.text === "string") {
+          await stream.writeSSE({ data: JSON.stringify(artifactUpdate(reqId, taskId, contextId, artifactId, ev.data.text, gotDelta, false)) })
+          gotDelta = true
+        } else if (ev.event === "sdk_message") {
+          const t = extractAssistantText(ev.data); if (t) fallbackText = t
+          const e = resultError(ev.data); if (e) errMsg = e
+        } else if (ev.event === "done") {
+          await finish(); return
+        } else if (ev.event === "error" || ev.event === "interrupted") {
+          errMsg = ev.data?.message ?? ev.event
+          await finish(); return
+        }
+      }
+      await finish()
+    } catch (e: any) {
+      const taskIdSafe = taskId
+      await stream.writeSSE({ data: JSON.stringify(statusUpdate(reqId, taskIdSafe, parsed.contextId ?? "", "failed", true, e?.message ?? String(e))) })
+    }
+  })
+}
+
+async function handleSend(c: Context, reqId: unknown, parsed: ParsedMsg, callerAuth: string, cfg: A2AUserConfig) {
+  const artifactId = `artifact_${randomBytes(8).toString("hex")}`
+  const taskId = parsed.taskId || `task_${randomBytes(8).toString("hex")}`
+  try {
+    const { loopId, contextId } = await getOrCreateLoop(parsed, callerAuth, cfg)
+    let full = ""
+    let fallbackText: string | null = null
+    let errMsg: string | undefined
+    for await (const ev of loopbackTurn(loopId, parsed.text, taskId, callerAuth)) {
+      if (ev.event === "assistant_delta" && typeof ev.data?.text === "string") full += ev.data.text
+      else if (ev.event === "sdk_message") {
+        const t = extractAssistantText(ev.data); if (t) fallbackText = t
+        const e = resultError(ev.data); if (e) errMsg = e
+      }
+      else if (ev.event === "error" || ev.event === "interrupted") errMsg = ev.data?.message ?? ev.event
+      else if (ev.event === "done") break
+    }
+    if (!full && fallbackText) full = fallbackText
+    if (errMsg && !full) full = errMsg
+    const success = !errMsg
+    // A2A Task object.
+    return c.json({
+      jsonrpc: "2.0",
+      id: reqId,
+      result: {
+        kind: "task",
+        id: taskId,
+        contextId,
+        status: { state: success ? "completed" : "failed" },
+        artifacts: [{ artifactId, name: "response", parts: [{ kind: "text", text: full }] }],
+      },
+    })
+  } catch (e: any) {
+    return c.json({ jsonrpc: "2.0", id: reqId, error: { code: -32603, message: e?.message ?? String(e) } })
+  }
+}
+
+export function buildA2A() {
+  const a = new Hono()
+
+  const cardHandler = async (c: Context) => {
+    const user = c.req.param("user")
+    if (!user) return c.json({ error: "not found" }, 404)
+    const cfg = await loadA2AConfig(user)
+    return c.json(agentCard(user, resolvePublicUrl(c), cfg))
+  }
+  a.get("/a2a/:user/agent-card.json", cardHandler)
+  a.get("/a2a/:user/.well-known/agent-card.json", cardHandler)
+  a.get("/a2a/:user/agent.json", cardHandler) // legacy filename alias
+
+  a.post("/a2a/:user", async (c) => {
+    const user = c.req.param("user")
+    const rpc = await c.req.json().catch(() => null)
+    const reqId = rpc?.id ?? null
+    if (!rpc || typeof rpc.method !== "string") {
+      return c.json({ jsonrpc: "2.0", id: reqId, error: { code: -32600, message: "invalid request" } }, 400)
+    }
+    // Per-user auth: the caller must present THIS user's loopat API token.
+    const auth = c.req.header("authorization") ?? null
+    const tokenUser = await resolveApiToken(auth)
+    if (!tokenUser) {
+      return c.json({ jsonrpc: "2.0", id: reqId, error: { code: -32000, message: "unauthorized: present a loopat API token" } }, 401)
+    }
+    if (tokenUser !== user) {
+      return c.json({ jsonrpc: "2.0", id: reqId, error: { code: -32000, message: "token does not belong to this agent" } }, 403)
+    }
+    const cfg = await loadA2AConfig(user)
+    const parsed = parseMessage(rpc.params)
+    if (!parsed.text) {
+      return c.json({ jsonrpc: "2.0", id: reqId, error: { code: -32602, message: "empty message" } }, 400)
+    }
+    if (rpc.method === "message/stream") return handleStream(c, reqId, parsed, auth!, cfg)
+    if (rpc.method === "message/send") return handleSend(c, reqId, parsed, auth!, cfg)
+    return c.json({ jsonrpc: "2.0", id: reqId, error: { code: -32601, message: `method not found: ${rpc.method}` } }, 404)
+  })
+
+  return a
+}

package/server/src/config.ts

@@ -483,6 +483,38 @@ export async function loadPersonalConfig(
   return cfg
 }
 
+// ── Per-user A2A config ───────────────────────────────────────────────────
+// The user's A2A agent: editable card fields + which profiles/vault loops
+// created by A2A use. No secrets (the credential is the user's API token), so
+// it's plain JSON next to config.json. `$LOOPAT_HOME/personal/<user>/.loopat/a2a.json`.
+export type A2AUserConfig = {
+  card?: { name?: string; description?: string }
+  profiles?: string[]
+  vault?: string
+}
+function a2aConfigPath(user: string): string {
+  return join(personalLoopatDir(user), "a2a.json")
+}
+export async function loadA2AConfig(user: string): Promise<A2AUserConfig> {
+  const p = a2aConfigPath(user)
+  if (!existsSync(p)) return {}
+  try {
+    const j = JSON.parse(await readFile(p, "utf8")) as A2AUserConfig
+    return j && typeof j === "object" ? j : {}
+  } catch { return {} }
+}
+export async function saveA2AConfig(user: string, patch: A2AUserConfig): Promise<void> {
+  const cur = await loadA2AConfig(user)
+  const next: A2AUserConfig = {
+    card: patch.card !== undefined ? patch.card : cur.card,
+    profiles: patch.profiles !== undefined ? patch.profiles : cur.profiles,
+    vault: patch.vault !== undefined ? patch.vault : cur.vault,
+  }
+  const p = a2aConfigPath(user)
+  await mkdir(dirname(p), { recursive: true })
+  await writeFile(p, JSON.stringify(next, null, 2) + "\n")
+}
+
 export function getActiveProvider(cfg: PersonalConfig): { name: string; provider: ProviderConfig } | null {
   const raw = cfg.default
   if (!raw) return null

package/server/src/index.ts

@@ -6,7 +6,7 @@ import { execFile, execFileSync } from "node:child_process"
 import { promisify } from "node:util"
 import { listLoops, createLoop, getLoop, loopExists, patchLoopMeta, backfillAllMounts, ensureWorkspaceDirs, provisionUserPersonal, importPersonalFromRepo, setupPersonalViaProvider, listPersonalReposViaProvider, authenticateViaProvider, isPersonalFresh, ensureUiNotesWorktree, syncUiNotes, ffUpdateUiNotes, notesBehind, inspectPersonalDirty, syncPersonalToRemote, deletePersonalVault, pullPersonalFromRemote, pushPersonalToRemote, ensureContextMounts, effectiveDriver, isDriver, distillLoop, inspectRepoSync, pullRepoFromRemote, pushRepoToRemote, ensureUserContext, promoteKnowledgeConfig, listVaultPublicKeys, userOnboarding, submitOnboarding } from "./loops"
 import { getEphemeralHostPort, probePodman, stopAllWorkspaceContainers, ensureServeContainer, ensurePortProxyContainer, ensureSandboxImage } from "./podman"
-import { startMcpAuth, completeMcpAuth, probeOAuthSupport, evictOAuthProbe, parseBearerEnvName, type OAuthSupport } from "./mcp-oauth"
+import { startMcpAuth, completeMcpAuth, probeOAuthSupport, evictOAuthProbe, parseBearerEnvName, mcpRequiredEnvs, parseTemplateVars, type OAuthSupport } from "./mcp-oauth"
 import { DEFAULT_VAULT, loadVaultEnvs } from "./vaults"
 import {
   initChat,
@@ -55,7 +55,8 @@ import {
   personalReposDir,
   loopsDir,
 } from "./paths"
-import { loadConfig, loadPersonalConfig, savePersonalConfig, saveWorkspaceConfig, loadTokenUsage, getActiveProvider, readPersonalDiskRaw, savePersonalDisk, describeApiKeyRef, writeVaultEnv, deleteVaultEnv, loadKnowledgeConfig, saveKnowledgeConfig, type ProviderConfig, type ModelEntry } from "./config"
+import { loadConfig, loadPersonalConfig, savePersonalConfig, saveWorkspaceConfig, loadTokenUsage, getActiveProvider, readPersonalDiskRaw, savePersonalDisk, describeApiKeyRef, writeVaultEnv, deleteVaultEnv, loadKnowledgeConfig, saveKnowledgeConfig, loadA2AConfig, saveA2AConfig, type ProviderConfig, type ModelEntry } from "./config"
+import { createApiToken, listApiTokens, revokeApiToken } from "./api-tokens"
 import { listBoards, createBoard, renameBoard, listKanbanColumns, addCard, toggleCard, deleteCard, moveCard, updateCardMeta, updateCardBlock, reorderCards, createColumn, deleteColumn, readKanbanConfig, saveColumnOrder, setColumnColor, renameColumn, assignDriverForCard, createLoopFromCard, linkLoopToCard, kanbanUserCtx } from "./kanban"
 import { printBootstrapBanner, printReadyLine } from "./bootstrap"
 import { resolveProvider } from "./providers"
@@ -127,6 +128,11 @@ app.get("/api/version", (c) => {
 import { buildApiV1 } from "./api-v1"
 app.route("/api/v1", buildApiV1())
 
+// A2A (Agent-to-Agent) adapter — per-user Agent Card + JSON-RPC under /a2a/<user>.
+// Mounted before the SPA catch-all so those routes resolve.
+import { buildA2A } from "./a2a"
+app.route("/", buildA2A())
+
 // ── workspace serve config ──
 
 function getLocalIp(): string {
@@ -761,7 +767,16 @@ app.get("/api/mcp-servers", requireAuth, async (c) => {
       const type = (srv?.type ?? "stdio") as string
       const url = (srv as any)?.url as string | undefined
       const authTokenEnv = parseBearerEnvName(srv)
-      const authed = authTokenEnv ? !!envs[authTokenEnv] : false
+      // Generalized: a server is authed when EVERY ${VAR} it references (in url
+      // or headers) is set in the vault — not just a Bearer header token.
+      const requiredEnvs = mcpRequiredEnvs(srv)
+      const authed = requiredEnvs.length > 0
+        ? requiredEnvs.every((e) => !!envs[e])
+        : (authTokenEnv ? !!envs[authTokenEnv] : false)
+      // Inline loopat metadata (CC never sees it — stripped before the SDK):
+      // a setup page where the user gets their credentials, for the auth flow.
+      const setupResource = typeof (srv as any)?.["x-loopat-resource"] === "string"
+        ? (srv as any)["x-loopat-resource"] as string : undefined
       let oauthSupport: OAuthSupport | undefined
       if (url && (type === "http" || type === "sse")) {
         try {
@@ -770,13 +785,55 @@ app.get("/api/mcp-servers", requireAuth, async (c) => {
           oauthSupport = "unreachable"
         }
       }
-      return { name, type, url, authTokenEnv, authed, oauthSupport }
+      return { name, type, url, authTokenEnv, requiredEnvs, authed, setupResource, oauthSupport }
     }),
   )
 
   return c.json({ servers })
 })
 
+// "I copied my MCP URL from the provider's page" setup flow: reverse the
+// server's ${VAR} url template against the pasted concrete URL and store the
+// extracted secrets in the vault. The template is read server-side (from the
+// loop's merged settings, falling back to team settings) so only the vars the
+// server actually declares can be written.
+app.post("/api/mcp-setup/parse", requireAuth, async (c) => {
+  const userId = c.get("userId") as string
+  const body = await c.req.json().catch(() => ({}))
+  const serverName = typeof body.server === "string" ? body.server : ""
+  const pasted = typeof body.pastedUrl === "string" ? body.pastedUrl.trim() : ""
+  const loopId = typeof body.loopId === "string" && body.loopId ? body.loopId : undefined
+  if (!serverName || !pasted) return c.json({ error: "server and pastedUrl required" }, 400)
+
+  // Locate the server's url TEMPLATE (with ${VAR}s).
+  const { readFile: rf } = await import("node:fs/promises")
+  const readMcp = async (p: string): Promise<Record<string, any>> => {
+    if (!existsSync(p)) return {}
+    try { return (JSON.parse(await rf(p, "utf8"))?.mcpServers ?? {}) as Record<string, any> } catch { return {} }
+  }
+  let mcp: Record<string, any> = {}
+  if (loopId) {
+    const { loopClaudeDir } = await import("./paths")
+    mcp = await readMcp(pathJoin(loopClaudeDir(loopId), "settings.json"))
+  }
+  if (!mcp[serverName]) {
+    const { workspaceTeamSettingsPath } = await import("./paths")
+    mcp = { ...(await readMcp(workspaceTeamSettingsPath())), ...mcp }
+  }
+  const template = typeof mcp[serverName]?.url === "string" ? (mcp[serverName].url as string) : ""
+  if (!template) return c.json({ error: `no url template for server "${serverName}"` }, 404)
+
+  const vars = parseTemplateVars(template, pasted)
+  if (!vars || Object.keys(vars).length === 0) {
+    return c.json({ error: "pasted URL doesn't match this server's URL shape" }, 400)
+  }
+  for (const [name, value] of Object.entries(vars)) {
+    const r = await writeVaultEnv(userId, DEFAULT_VAULT, name, value)
+    if (!r.ok) return c.json({ error: `couldn't save ${name}: ${r.error}` }, 400)
+  }
+  return c.json({ ok: true, set: Object.keys(vars) })
+})
+
 // Force re-probe of OAuth support. POST with no body clears entire cache;
 // body {url: ...} evicts just that URL. Useful after admin fixes a server
 // URL or adds a previously-unreachable server.
@@ -1500,6 +1557,58 @@ app.get("/api/vaults", requireAuth, async (c) => {
   return c.json({ vaults: listVaults(userId) })
 })
 
+// ── A2A settings (per-user agent card + default profiles/vault + key) ──
+const A2A_KEY_LABEL = "a2a"
+function a2aPublicBase(c: any): string {
+  const configured = process.env.LOOPAT_A2A_PUBLIC_URL
+  if (configured) return configured.replace(/\/+$/, "")
+  const proto = c.req.header("x-forwarded-proto") ?? "http"
+  const host = c.req.header("host") ?? `127.0.0.1:${process.env.PORT ?? 10001}`
+  return `${proto}://${host}`
+}
+app.get("/api/a2a", requireAuth, async (c) => {
+  const userId = c.get("userId") as string
+  const cfg = await loadA2AConfig(userId)
+  const { listVaults } = await import("./vaults")
+  const { listProfiles } = await import("./profiles")
+  const tokens = await listApiTokens(userId)
+  const base = a2aPublicBase(c)
+  return c.json({
+    card: { name: cfg.card?.name ?? "", description: cfg.card?.description ?? "" },
+    profiles: cfg.profiles ?? [],
+    vault: cfg.vault ?? "",
+    cardUrl: `${base}/a2a/${encodeURIComponent(userId)}/agent-card.json`,
+    endpoint: `${base}/a2a/${encodeURIComponent(userId)}`,
+    hasKey: tokens.some((t) => t.label === A2A_KEY_LABEL),
+    availableProfiles: await listProfiles(userId),
+    availableVaults: listVaults(userId),
+  })
+})
+app.put("/api/a2a", requireAuth, async (c) => {
+  const userId = c.get("userId") as string
+  const body = await c.req.json().catch(() => ({}))
+  const patch: { card?: { name?: string; description?: string }; profiles?: string[]; vault?: string } = {}
+  if (body.card && typeof body.card === "object") {
+    patch.card = {
+      name: typeof body.card.name === "string" ? body.card.name.slice(0, 200) : undefined,
+      description: typeof body.card.description === "string" ? body.card.description.slice(0, 2000) : undefined,
+    }
+  }
+  if (Array.isArray(body.profiles)) patch.profiles = body.profiles.filter((p: unknown): p is string => typeof p === "string")
+  if (typeof body.vault === "string") patch.vault = body.vault
+  await saveA2AConfig(userId, patch)
+  return c.json({ ok: true })
+})
+// Rotate the A2A key: revoke any prior a2a-labelled token, mint a fresh one
+// (returned once — store it in the orchestrator).
+app.post("/api/a2a/key", requireAuth, async (c) => {
+  const userId = c.get("userId") as string
+  const existing = await listApiTokens(userId)
+  for (const t of existing) if (t.label === A2A_KEY_LABEL) await revokeApiToken(userId, t.tokenId)
+  const created = await createApiToken(userId, A2A_KEY_LABEL)
+  return c.json({ token: created.token })
+})
+
 // Return the current user's `default_profiles` from
 // personal/<u>/.loopat/config.json. Used by NewLoopDialog to pre-check the
 // user's typical setup. Returns [] if config absent / field missing.

package/server/src/mcp-oauth.ts

@@ -78,6 +78,51 @@ export function parseBearerEnvName(server: McpServerConfig | undefined | null):
   return null
 }
 
+// ${VAR} or ${VAR:-default}, anywhere in a string.
+const ENV_REF_G = /\$\{([A-Za-z_][A-Za-z0-9_]*)(?::-[^}]*)?\}/g
+
+function escapeRegex(s: string): string {
+  return s.replace(/[.*+?^${}()|[\]\\]/g, "\\$&")
+}
+
+/** Every env-var name referenced via ${VAR} in a server's url + header values.
+ *  Generalizes parseBearerEnvName beyond `Authorization: Bearer ${VAR}` (e.g. a
+ *  key embedded in the url). A server is "authed" when ALL of these are set. */
+export function mcpRequiredEnvs(server: McpServerConfig | undefined | null): string[] {
+  if (!server) return []
+  const out = new Set<string>()
+  const scan = (s: unknown) => {
+    if (typeof s !== "string") return
+    for (const m of s.matchAll(ENV_REF_G)) out.add(m[1])
+  }
+  scan((server as any).url)
+  const headers = (server as any).headers
+  if (headers && typeof headers === "object") for (const v of Object.values(headers)) scan(v)
+  return [...out]
+}
+
+/** Reverse a `${VAR}`-templated string (e.g. the server url) against a concrete
+ *  pasted value, extracting each VAR. Returns null if the paste doesn't match
+ *  the template's shape. Powers the "paste your MCP URL → auto-fill the secrets"
+ *  setup flow. */
+export function parseTemplateVars(template: string, pasted: string): Record<string, string> | null {
+  const names: string[] = []
+  let re = "^"
+  let last = 0
+  for (const m of template.matchAll(ENV_REF_G)) {
+    const idx = m.index ?? 0
+    re += escapeRegex(template.slice(last, idx)) + "(.+?)"
+    names.push(m[1])
+    last = idx + m[0].length
+  }
+  re += escapeRegex(template.slice(last)) + "$"
+  const match = pasted.trim().match(new RegExp(re))
+  if (!match) return null
+  const out: Record<string, string> = {}
+  names.forEach((n, i) => { out[n] = match[i + 1] })
+  return out
+}
+
 const STATE_TTL_MS = 10 * 60 * 1000 // 10 minutes — generous; OAuth flows are slow
 
 type FlowState = {

package/server/src/session.ts

@@ -429,7 +429,18 @@ class LoopSession {
     if (existsSync(mergedSettingsPath)) {
       try {
         const merged = JSON.parse(await readFile(mergedSettingsPath, "utf8"))
-        mcpServers = { ...(merged.mcpServers ?? {}) }
+        // Strip loopat-only inline metadata (e.g. `x-loopat-resource`, used by
+        // the MCP setup UI) so the SDK / CC only sees standard MCP fields.
+        mcpServers = Object.fromEntries(
+          Object.entries((merged.mcpServers ?? {}) as Record<string, any>).map(([name, srv]) => {
+            if (srv && typeof srv === "object") {
+              const clean: Record<string, any> = {}
+              for (const [k, v] of Object.entries(srv)) if (!k.startsWith("x-loopat")) clean[k] = v
+              return [name, clean]
+            }
+            return [name, srv]
+          }),
+        )
       } catch (e: any) {
         console.warn(`[session ${loopId.slice(0,8)}] could not read merged mcpServers: ${e?.message ?? e}`)
       }

package/web/dist/assets/{Editor-COLw6QZY.js → Editor-D4hrkS4P.js}

@@ -1 +1 @@
-import{n as e,o as t,t as n}from"./jsx-runtime-Bt-cYkS5.js";import{_ as r,v as i,y as a}from"./index-DpqDiByg.js";import{CodeEditor as o}from"./CodeEditor-DtHZtsPs.js";var s=a(`text-wrap`,[[`path`,{d:`m16 16-3 3 3 3`,key:`117b85`}],[`path`,{d:`M3 12h14.5a1 1 0 0 1 0 7H13`,key:`18xa6z`}],[`path`,{d:`M3 19h6`,key:`1ygdsz`}],[`path`,{d:`M3 5h18`,key:`1u36vt`}]]),c=t(e(),1),l=n();function u(){try{if(localStorage.getItem(`loopat:editor:wordWrap`)===`0`)return!1}catch{}return!0}function d({loopId:e,path:t,onSelectionChange:n}){let[a,d]=(0,c.useState)(``),[f,p]=(0,c.useState)(``),[m,h]=(0,c.useState)(!1),[g,_]=(0,c.useState)(!1),[v,y]=(0,c.useState)(u);(0,c.useEffect)(()=>{if(!t){d(``),p(``);return}h(!0),r(e,t).then(e=>{let t=e?.content??``;d(t),p(t)}).finally(()=>h(!1))},[e,t]);let b=t&&f!==a,x=async()=>{if(!(!t||g)){_(!0);try{await i(e,t,f)&&d(f)}finally{_(!1)}}};return t?(0,l.jsxs)(l.Fragment,{children:[(0,l.jsx)(`div`,{className:`flex-1 min-h-0 relative`,onKeyDown:e=>{(e.metaKey||e.ctrlKey)&&e.key===`s`&&(e.preventDefault(),x())},children:m?(0,l.jsx)(`div`,{className:`h-full w-full flex items-center justify-center text-[12px] text-gray-400`,children:`loading…`}):(0,l.jsx)(o,{path:t,value:f,onChange:p,wordWrap:v,onSelectionChange:n})}),(0,l.jsxs)(`div`,{className:`border-t border-gray-200 px-3 py-1.5 text-[11px] text-gray-500 flex items-center gap-3`,children:[(0,l.jsx)(`span`,{className:`truncate`,children:t}),b&&(0,l.jsx)(`button`,{onClick:x,className:`text-orange-600 hover:underline`,title:`ctrl/⌘+S`,children:g?`saving…`:`unsaved · save`}),(0,l.jsx)(`span`,{className:`flex-1`}),(0,l.jsx)(`button`,{onClick:()=>{let e=!v;y(e);try{localStorage.setItem(`loopat:editor:wordWrap`,e?`1`:`0`)}catch{}},className:`flex items-center gap-1 hover:text-gray-700 transition-colors ${v?`text-gray-500`:`text-gray-300`}`,title:v?`word wrap: on`:`word wrap: off`,children:(0,l.jsx)(s,{size:13})}),(0,l.jsx)(`span`,{children:`utf-8 · LF`})]})]}):(0,l.jsx)(`div`,{className:`flex-1 min-h-0 flex items-center justify-center text-[13px] text-gray-500 px-8 text-center`,children:`没打开文件 · 在 ▤ workdir 里点一个`})}export{d as Editor};
+import{n as e,o as t,t as n}from"./jsx-runtime-Bt-cYkS5.js";import{_ as r,v as i,y as a}from"./index-CaZDV18H.js";import{CodeEditor as o}from"./CodeEditor-DtHZtsPs.js";var s=a(`text-wrap`,[[`path`,{d:`m16 16-3 3 3 3`,key:`117b85`}],[`path`,{d:`M3 12h14.5a1 1 0 0 1 0 7H13`,key:`18xa6z`}],[`path`,{d:`M3 19h6`,key:`1ygdsz`}],[`path`,{d:`M3 5h18`,key:`1u36vt`}]]),c=t(e(),1),l=n();function u(){try{if(localStorage.getItem(`loopat:editor:wordWrap`)===`0`)return!1}catch{}return!0}function d({loopId:e,path:t,onSelectionChange:n}){let[a,d]=(0,c.useState)(``),[f,p]=(0,c.useState)(``),[m,h]=(0,c.useState)(!1),[g,_]=(0,c.useState)(!1),[v,y]=(0,c.useState)(u);(0,c.useEffect)(()=>{if(!t){d(``),p(``);return}h(!0),r(e,t).then(e=>{let t=e?.content??``;d(t),p(t)}).finally(()=>h(!1))},[e,t]);let b=t&&f!==a,x=async()=>{if(!(!t||g)){_(!0);try{await i(e,t,f)&&d(f)}finally{_(!1)}}};return t?(0,l.jsxs)(l.Fragment,{children:[(0,l.jsx)(`div`,{className:`flex-1 min-h-0 relative`,onKeyDown:e=>{(e.metaKey||e.ctrlKey)&&e.key===`s`&&(e.preventDefault(),x())},children:m?(0,l.jsx)(`div`,{className:`h-full w-full flex items-center justify-center text-[12px] text-gray-400`,children:`loading…`}):(0,l.jsx)(o,{path:t,value:f,onChange:p,wordWrap:v,onSelectionChange:n})}),(0,l.jsxs)(`div`,{className:`border-t border-gray-200 px-3 py-1.5 text-[11px] text-gray-500 flex items-center gap-3`,children:[(0,l.jsx)(`span`,{className:`truncate`,children:t}),b&&(0,l.jsx)(`button`,{onClick:x,className:`text-orange-600 hover:underline`,title:`ctrl/⌘+S`,children:g?`saving…`:`unsaved · save`}),(0,l.jsx)(`span`,{className:`flex-1`}),(0,l.jsx)(`button`,{onClick:()=>{let e=!v;y(e);try{localStorage.setItem(`loopat:editor:wordWrap`,e?`1`:`0`)}catch{}},className:`flex items-center gap-1 hover:text-gray-700 transition-colors ${v?`text-gray-500`:`text-gray-300`}`,title:v?`word wrap: on`:`word wrap: off`,children:(0,l.jsx)(s,{size:13})}),(0,l.jsx)(`span`,{children:`utf-8 · LF`})]})]}):(0,l.jsx)(`div`,{className:`flex-1 min-h-0 flex items-center justify-center text-[13px] text-gray-500 px-8 text-center`,children:`没打开文件 · 在 ▤ workdir 里点一个`})}export{d as Editor};