openowl 0.3.16 → 0.3.17

package/bin/owl

@@ -1,11 +1,30 @@
 #!/usr/bin/env node
+/**
+ * OpenOwl MCP Launcher — Usage-gated proxy.
+ *
+ * Sits between the MCP client (Claude Code, etc.) and the owl binary.
+ * Intercepts every tool call, checks usage with the server (atomic
+ * check + increment), and blocks if over the daily limit.
+ *
+ * The binary handles all actual tool execution unchanged.
+ */
 "use strict";
 
 const os = require("os");
 const path = require("path");
-const { spawn } = require("child_process");
 const fs = require("fs");
+const https = require("https");
+const crypto = require("crypto");
+const { spawn } = require("child_process");
+
+// ── Version check ──────────────────────────────────────────────
+const VERSION = "0.3.17";
+if (process.argv[2] === "--version" || process.argv[2] === "-v") {
+  console.log(`OpenOwl v${VERSION}`);
+  process.exit(0);
+}
 
+// ── Platform & binary resolution ───────────────────────────────
 const BINARIES = {
   "darwin-arm64": "owl-darwin-arm64",
   "darwin-x64": "owl-darwin-x86_64",
@@ -20,8 +39,6 @@ if (!binaryName) {
   process.exit(1);
 }
 
-
-
 const installDir = path.join(__dirname, "..", ".owl");
 const binaryPath = path.join(installDir, binaryName);
 
@@ -30,12 +47,149 @@ if (!fs.existsSync(binaryPath)) {
   process.exit(1);
 }
 
-// Spawn with inherited stdio — critical for MCP stdio transport
+// ── API key & machine ID ───────────────────────────────────────
+const OWL_DATA = path.join(os.homedir(), ".openowl");
+const API_KEY_FILE = path.join(OWL_DATA, "api.key");
+
+function getApiKey() {
+  const envKey = process.env.OPENOWL_API_KEY;
+  if (envKey) return envKey.trim();
+  try {
+    return fs.readFileSync(API_KEY_FILE, "utf8").trim();
+  } catch {
+    return null;
+  }
+}
+
+function getMachineId() {
+  const ifaces = os.networkInterfaces();
+  let mac = "unknown";
+  for (const name of Object.keys(ifaces)) {
+    for (const iface of ifaces[name]) {
+      if (!iface.internal && iface.mac && iface.mac !== "00:00:00:00:00:00") {
+        mac = iface.mac;
+        break;
+      }
+    }
+    if (mac !== "unknown") break;
+  }
+  const raw = `${mac}-${os.hostname()}`;
+  return crypto.createHash("sha256").update(raw).digest("hex").slice(0, 32);
+}
+
+// ── Usage check (atomic check + track) ─────────────────────────
+function checkUsage(apiKey, toolName, machineId) {
+  return new Promise((resolve) => {
+    const data = JSON.stringify({
+      key: apiKey,
+      machine_id: machineId,
+      tool: toolName,
+    });
+    const req = https.request(
+      {
+        hostname: "openowl.dev",
+        path: "/api/v1/usage/check",
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "Content-Length": Buffer.byteLength(data),
+        },
+        timeout: 5000,
+      },
+      (res) => {
+        let body = "";
+        res.on("data", (chunk) => (body += chunk));
+        res.on("end", () => {
+          try {
+            resolve(JSON.parse(body));
+          } catch {
+            resolve({ allowed: true });
+          }
+        });
+      }
+    );
+    req.on("error", () => resolve({ allowed: true }));
+    req.on("timeout", () => {
+      req.destroy();
+      resolve({ allowed: true });
+    });
+    req.write(data);
+    req.end();
+  });
+}
+
+// ── Main ───────────────────────────────────────────────────────
+const apiKey = getApiKey();
+const machineId = getMachineId();
+
+// Spawn the real owl binary with piped stdin/stdout for interception
 const child = spawn(binaryPath, process.argv.slice(2), {
-  stdio: "inherit",
+  stdio: ["pipe", "pipe", "inherit"],
   env: process.env,
 });
 
+// Parse newline-delimited JSON-RPC from stdin, intercept tool calls
+let stdinBuffer = "";
+
+process.stdin.on("data", async (chunk) => {
+  stdinBuffer += chunk.toString();
+
+  while (stdinBuffer.length > 0) {
+    const newlineIdx = stdinBuffer.indexOf("\n");
+    if (newlineIdx === -1) break;
+
+    const line = stdinBuffer.slice(0, newlineIdx);
+    stdinBuffer = stdinBuffer.slice(newlineIdx + 1);
+
+    if (!line.trim()) {
+      child.stdin.write("\n");
+      continue;
+    }
+
+    let msg;
+    try {
+      msg = JSON.parse(line);
+    } catch {
+      child.stdin.write(line + "\n");
+      continue;
+    }
+
+    // Intercept tool calls for usage enforcement
+    if (msg.method === "tools/call" && apiKey) {
+      const toolName = msg.params?.name || "unknown";
+      const usage = await checkUsage(apiKey, toolName, machineId);
+
+      if (!usage.allowed) {
+        const errorResp = JSON.stringify({
+          jsonrpc: "2.0",
+          id: msg.id,
+          result: {
+            content: [
+              {
+                type: "text",
+                text:
+                  usage.message ||
+                  `You've reached your daily limit of ${usage.daily_limit || 50} tool calls.\n\nUpgrade your plan at https://openowl.dev/pricing\nLimits reset at midnight UTC.`,
+              },
+            ],
+            isError: true,
+          },
+        });
+        process.stdout.write(errorResp + "\n");
+        continue;
+      }
+    }
+
+    // Pass through to binary
+    child.stdin.write(line + "\n");
+  }
+});
+
+process.stdin.on("end", () => child.stdin.end());
+
+// Pass binary stdout to our stdout
+child.stdout.on("data", (data) => process.stdout.write(data));
+
 child.on("exit", (code) => process.exit(code || 0));
 child.on("error", (err) => {
   console.error(`[OpenOwl] ${err.message}`);

package/install.js

@@ -9,7 +9,7 @@ const http = require("http");
 const { execSync } = require("child_process");
 const zlib = require("zlib");
 
-const VERSION = "0.3.16";
+const VERSION = "0.3.17";
 const BASE_URL =
   `https://github.com/mihir-kanzariya/openowl-releases/releases/download/v${VERSION}`;
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "openowl",
-  "version": "0.3.16",
+  "version": "0.3.17",
   "description": "AI desktop automation MCP server — give your AI eyes and hands",
   "homepage": "https://openowl.dev",
   "repository": {