web-agent-bridge 1.2.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (94) hide show
  1. package/LICENSE +21 -21
  2. package/README.ar.md +446 -446
  3. package/README.md +780 -933
  4. package/bin/cli.js +80 -80
  5. package/bin/wab.js +80 -80
  6. package/examples/bidi-agent.js +119 -119
  7. package/examples/mcp-agent.js +94 -94
  8. package/examples/next-app-router/README.md +44 -0
  9. package/examples/puppeteer-agent.js +108 -108
  10. package/examples/saas-dashboard/README.md +55 -0
  11. package/examples/shopify-hydrogen/README.md +74 -0
  12. package/examples/vision-agent.js +171 -171
  13. package/examples/wordpress-elementor/README.md +77 -0
  14. package/package.json +69 -78
  15. package/public/.well-known/ai-assets.json +59 -0
  16. package/public/admin/login.html +84 -84
  17. package/public/ai.html +196 -0
  18. package/public/cookies.html +208 -208
  19. package/public/css/premium.css +317 -0
  20. package/public/css/styles.css +1235 -1235
  21. package/public/dashboard.html +704 -704
  22. package/public/demo.html +259 -0
  23. package/public/docs.html +585 -585
  24. package/public/feed.xml +89 -0
  25. package/public/index.html +495 -332
  26. package/public/js/auth-nav.js +31 -31
  27. package/public/js/auth-redirect.js +12 -12
  28. package/public/js/cookie-consent.js +56 -56
  29. package/public/js/wab-demo-page.js +721 -0
  30. package/public/js/ws-client.js +74 -74
  31. package/public/llms-full.txt +309 -0
  32. package/public/llms.txt +85 -0
  33. package/public/login.html +83 -83
  34. package/public/openapi.json +580 -0
  35. package/public/premium-dashboard.html +2487 -0
  36. package/public/premium.html +791 -0
  37. package/public/privacy.html +295 -295
  38. package/public/register.html +103 -103
  39. package/public/robots.txt +87 -0
  40. package/public/script/wab-consent.d.ts +36 -0
  41. package/public/script/wab-consent.js +104 -0
  42. package/public/script/wab-schema.js +131 -0
  43. package/public/script/wab.d.ts +108 -0
  44. package/public/script/wab.min.js +234 -0
  45. package/public/sitemap.xml +93 -0
  46. package/public/terms.html +254 -254
  47. package/public/video/tutorial.mp4 +0 -0
  48. package/script/ai-agent-bridge.js +1558 -1513
  49. package/sdk/README.md +55 -55
  50. package/sdk/index.d.ts +118 -0
  51. package/sdk/index.js +257 -203
  52. package/sdk/package.json +14 -14
  53. package/sdk/schema-discovery.js +83 -0
  54. package/server/config/secrets.js +94 -92
  55. package/server/index.js +0 -9
  56. package/server/middleware/adminAuth.js +30 -30
  57. package/server/middleware/auth.js +41 -41
  58. package/server/middleware/rateLimits.js +24 -24
  59. package/server/migrations/001_add_analytics_indexes.sql +7 -7
  60. package/server/migrations/002_premium_features.sql +418 -0
  61. package/server/models/adapters/index.js +33 -33
  62. package/server/models/adapters/mysql.js +183 -183
  63. package/server/models/adapters/postgresql.js +172 -172
  64. package/server/models/adapters/sqlite.js +7 -7
  65. package/server/models/db.js +561 -561
  66. package/server/routes/admin-premium.js +671 -0
  67. package/server/routes/admin.js +247 -247
  68. package/server/routes/api.js +131 -138
  69. package/server/routes/auth.js +51 -51
  70. package/server/routes/billing.js +45 -45
  71. package/server/routes/discovery.js +406 -329
  72. package/server/routes/license.js +240 -240
  73. package/server/routes/noscript.js +543 -543
  74. package/server/routes/premium-v2.js +686 -0
  75. package/server/routes/premium.js +724 -0
  76. package/server/routes/wab-api.js +476 -476
  77. package/server/services/agent-memory.js +625 -0
  78. package/server/services/email.js +204 -204
  79. package/server/services/fairness.js +420 -420
  80. package/server/services/plugins.js +747 -0
  81. package/server/services/premium.js +1883 -0
  82. package/server/services/self-healing.js +843 -0
  83. package/server/services/stripe.js +192 -192
  84. package/server/services/swarm.js +788 -0
  85. package/server/services/vision.js +871 -0
  86. package/server/utils/cache.js +125 -125
  87. package/server/utils/migrate.js +81 -81
  88. package/server/utils/secureFields.js +50 -50
  89. package/server/ws.js +101 -101
  90. package/docs/DEPLOY.md +0 -118
  91. package/docs/SPEC.md +0 -1540
  92. package/wab-mcp-adapter/README.md +0 -136
  93. package/wab-mcp-adapter/index.js +0 -555
  94. package/wab-mcp-adapter/package.json +0 -17
package/public/openapi.json ADDED
@@ -0,0 +1,580 @@
1
+ {
2
+ "openapi": "3.1.0",
3
+ "info": {
4
+ "title": "Web Agent Bridge (WAB) API",
5
+ "description": "Open protocol API for AI agent ↔ website interaction. Provides discovery, command execution, fairness-weighted search, and plan management for the Agentic Web.",
6
+ "version": "1.2.0",
7
+ "license": {
8
+ "name": "MIT",
9
+ "url": "https://opensource.org/licenses/MIT"
10
+ },
11
+ "contact": {
12
+ "name": "WAB Support",
13
+ "email": "support@webagentbridge.com",
14
+ "url": "https://webagentbridge.com"
15
+ },
16
+ "termsOfService": "https://webagentbridge.com/terms",
17
+ "x-logo": {
18
+ "url": "https://webagentbridge.com/favicon.ico"
19
+ }
20
+ },
21
+ "servers": [
22
+ {
23
+ "url": "https://webagentbridge.com",
24
+ "description": "Production"
25
+ }
26
+ ],
27
+ "tags": [
28
+ {"name": "Discovery", "description": "WAB Discovery Protocol endpoints"},
29
+ {"name": "WAB Protocol", "description": "Core WAB command protocol over HTTP"},
30
+ {"name": "Registry", "description": "Public directory of WAB-enabled sites"},
31
+ {"name": "Plans", "description": "Subscription plan information"},
32
+ {"name": "Authentication", "description": "User authentication"},
33
+ {"name": "Sites", "description": "Site management"},
34
+ {"name": "License", "description": "License verification"},
35
+ {"name": "NoScript", "description": "Fallback for JS-disabled agents"}
36
+ ],
37
+ "paths": {
38
+ "/agent-bridge.json": {
39
+ "get": {
40
+ "tags": ["Discovery"],
41
+ "summary": "Discovery document (root)",
42
+ "description": "Returns the WAB discovery document for the requesting domain. This is the primary entry point for AI agents discovering site capabilities.",
43
+ "operationId": "getAgentBridgeJson",
44
+ "responses": {
45
+ "200": {
46
+ "description": "WAB discovery document",
47
+ "content": {
48
+ "application/json": {
49
+ "schema": {"$ref": "#/components/schemas/DiscoveryDocument"}
50
+ }
51
+ }
52
+ },
53
+ "404": {
54
+ "description": "No WAB-enabled site found for this domain"
55
+ }
56
+ }
57
+ }
58
+ },
59
+ "/.well-known/wab.json": {
60
+ "get": {
61
+ "tags": ["Discovery"],
62
+ "summary": "Discovery document (well-known)",
63
+ "description": "Standard well-known location for WAB discovery. Identical to /agent-bridge.json.",
64
+ "operationId": "getWellKnownWab",
65
+ "responses": {
66
+ "200": {
67
+ "description": "WAB discovery document",
68
+ "content": {
69
+ "application/json": {
70
+ "schema": {"$ref": "#/components/schemas/DiscoveryDocument"}
71
+ }
72
+ }
73
+ }
74
+ }
75
+ }
76
+ },
77
+ "/api/wab/ping": {
78
+ "get": {
79
+ "tags": ["WAB Protocol"],
80
+ "summary": "Health check",
81
+ "description": "Returns server status, WAB version, and protocol version. No authentication required.",
82
+ "operationId": "wabPing",
83
+ "responses": {
84
+ "200": {
85
+ "description": "Server status",
86
+ "content": {
87
+ "application/json": {
88
+ "schema": {
89
+ "type": "object",
90
+ "properties": {
91
+ "status": {"type": "string", "example": "ok"},
92
+ "wab_version": {"type": "string", "example": "1.2.0"},
93
+ "protocol_version": {"type": "string", "example": "1.0"},
94
+ "timestamp": {"type": "string", "format": "date-time"}
95
+ }
96
+ }
97
+ }
98
+ }
99
+ }
100
+ }
101
+ }
102
+ },
103
+ "/api/wab/discover": {
104
+ "get": {
105
+ "tags": ["WAB Protocol"],
106
+ "summary": "Discover site capabilities",
107
+ "description": "Returns capabilities, actions, permissions, and fairness data for a WAB-enabled site. Agents should call this first.",
108
+ "operationId": "wabDiscover",
109
+ "parameters": [
110
+ {
111
+ "name": "siteId",
112
+ "in": "query",
113
+ "description": "The site ID to discover",
114
+ "required": false,
115
+ "schema": {"type": "string"}
116
+ }
117
+ ],
118
+ "responses": {
119
+ "200": {
120
+ "description": "Site capabilities and metadata",
121
+ "content": {
122
+ "application/json": {
123
+ "schema": {"$ref": "#/components/schemas/DiscoveryDocument"}
124
+ }
125
+ }
126
+ }
127
+ }
128
+ }
129
+ },
130
+ "/api/wab/authenticate": {
131
+ "post": {
132
+ "tags": ["WAB Protocol"],
133
+ "summary": "Authenticate agent session",
134
+ "description": "Exchanges a license key for a session token. Required before executing commands.",
135
+ "operationId": "wabAuthenticate",
136
+ "requestBody": {
137
+ "required": true,
138
+ "content": {
139
+ "application/json": {
140
+ "schema": {
141
+ "type": "object",
142
+ "required": ["licenseKey"],
143
+ "properties": {
144
+ "licenseKey": {"type": "string", "description": "WAB license key"},
145
+ "agentId": {"type": "string", "description": "Agent identifier"},
146
+ "agentName": {"type": "string", "description": "Human-readable agent name"}
147
+ }
148
+ }
149
+ }
150
+ }
151
+ },
152
+ "responses": {
153
+ "200": {
154
+ "description": "Session token issued",
155
+ "content": {
156
+ "application/json": {
157
+ "schema": {
158
+ "type": "object",
159
+ "properties": {
160
+ "type": {"type": "string", "example": "auth_success"},
161
+ "session": {
162
+ "type": "object",
163
+ "properties": {
164
+ "token": {"type": "string"},
165
+ "expiresIn": {"type": "integer"},
166
+ "permissions": {"type": "object"}
167
+ }
168
+ }
169
+ }
170
+ }
171
+ }
172
+ }
173
+ },
174
+ "401": {"description": "Invalid license key"}
175
+ }
176
+ }
177
+ },
178
+ "/api/wab/actions": {
179
+ "get": {
180
+ "tags": ["WAB Protocol"],
181
+ "summary": "List available actions",
182
+ "description": "Returns all registered actions for a site, including parameters and permissions.",
183
+ "operationId": "wabListActions",
184
+ "parameters": [
185
+ {
186
+ "name": "siteId",
187
+ "in": "query",
188
+ "required": false,
189
+ "schema": {"type": "string"}
190
+ }
191
+ ],
192
+ "security": [{"bearerAuth": []}],
193
+ "responses": {
194
+ "200": {
195
+ "description": "List of available actions",
196
+ "content": {
197
+ "application/json": {
198
+ "schema": {
199
+ "type": "object",
200
+ "properties": {
201
+ "type": {"type": "string", "example": "actions_list"},
202
+ "actions": {
203
+ "type": "array",
204
+ "items": {"$ref": "#/components/schemas/Action"}
205
+ }
206
+ }
207
+ }
208
+ }
209
+ }
210
+ }
211
+ }
212
+ }
213
+ },
214
+ "/api/wab/execute": {
215
+ "post": {
216
+ "tags": ["WAB Protocol"],
217
+ "summary": "Execute a command",
218
+ "description": "Execute a WAB command on a site. Requires an authenticated session.",
219
+ "operationId": "wabExecute",
220
+ "security": [{"bearerAuth": []}],
221
+ "requestBody": {
222
+ "required": true,
223
+ "content": {
224
+ "application/json": {
225
+ "schema": {
226
+ "type": "object",
227
+ "required": ["action"],
228
+ "properties": {
229
+ "action": {"type": "string", "description": "Command name (click, fill, navigate, read, submit, etc.)"},
230
+ "target": {"type": "string", "description": "CSS selector or URL"},
231
+ "value": {"type": "string", "description": "Value for fill commands"},
232
+ "context": {"type": "object", "description": "Additional context"}
233
+ }
234
+ }
235
+ }
236
+ }
237
+ },
238
+ "responses": {
239
+ "200": {
240
+ "description": "Command executed successfully",
241
+ "content": {
242
+ "application/json": {
243
+ "schema": {
244
+ "type": "object",
245
+ "properties": {
246
+ "type": {"type": "string", "example": "action_result"},
247
+ "success": {"type": "boolean"},
248
+ "result": {"type": "object"}
249
+ }
250
+ }
251
+ }
252
+ }
253
+ },
254
+ "401": {"description": "Authentication required"},
255
+ "403": {"description": "Permission denied for this action"}
256
+ }
257
+ }
258
+ },
259
+ "/api/wab/page-info": {
260
+ "get": {
261
+ "tags": ["WAB Protocol"],
262
+ "summary": "Get page information",
263
+ "description": "Returns metadata, headings, links, forms, and images for a site page.",
264
+ "operationId": "wabPageInfo",
265
+ "parameters": [
266
+ {"name": "siteId", "in": "query", "schema": {"type": "string"}},
267
+ {"name": "url", "in": "query", "schema": {"type": "string"}}
268
+ ],
269
+ "responses": {
270
+ "200": {"description": "Page metadata and structure"}
271
+ }
272
+ }
273
+ },
274
+ "/api/wab/search": {
275
+ "get": {
276
+ "tags": ["WAB Protocol"],
277
+ "summary": "Fairness-weighted search",
278
+ "description": "Search WAB-enabled sites with fairness scoring that gives equal weight to small businesses.",
279
+ "operationId": "wabSearch",
280
+ "parameters": [
281
+ {"name": "q", "in": "query", "required": true, "schema": {"type": "string"}, "description": "Search query"},
282
+ {"name": "category", "in": "query", "schema": {"type": "string"}, "description": "Filter by category"},
283
+ {"name": "limit", "in": "query", "schema": {"type": "integer", "default": 20, "maximum": 100}}
284
+ ],
285
+ "responses": {
286
+ "200": {
287
+ "description": "Fairness-weighted search results",
288
+ "content": {
289
+ "application/json": {
290
+ "schema": {
291
+ "type": "object",
292
+ "properties": {
293
+ "wab_version": {"type": "string"},
294
+ "query": {"type": "string"},
295
+ "total": {"type": "integer"},
296
+ "results": {
297
+ "type": "array",
298
+ "items": {
299
+ "type": "object",
300
+ "properties": {
301
+ "siteId": {"type": "string"},
302
+ "name": {"type": "string"},
303
+ "domain": {"type": "string"},
304
+ "neutrality_score": {"type": "number"},
305
+ "fairness_boost": {"type": "number"}
306
+ }
307
+ }
308
+ }
309
+ }
310
+ }
311
+ }
312
+ }
313
+ }
314
+ }
315
+ }
316
+ },
317
+ "/api/discovery/registry": {
318
+ "get": {
319
+ "tags": ["Registry"],
320
+ "summary": "Public WAB registry",
321
+ "description": "Browse all WAB-enabled sites registered in the public directory, with fairness scoring.",
322
+ "operationId": "getRegistry",
323
+ "parameters": [
324
+ {"name": "category", "in": "query", "schema": {"type": "string", "default": "all"}},
325
+ {"name": "limit", "in": "query", "schema": {"type": "integer", "default": 50, "maximum": 200}},
326
+ {"name": "offset", "in": "query", "schema": {"type": "integer", "default": 0}}
327
+ ],
328
+ "responses": {
329
+ "200": {
330
+ "description": "Registry listings with fairness scores"
331
+ }
332
+ }
333
+ }
334
+ },
335
+ "/api/discovery/search": {
336
+ "get": {
337
+ "tags": ["Registry"],
338
+ "summary": "Search WAB directory",
339
+ "description": "Search the WAB directory with fairness-weighted ranking.",
340
+ "operationId": "searchDirectory",
341
+ "parameters": [
342
+ {"name": "q", "in": "query", "required": true, "schema": {"type": "string"}},
343
+ {"name": "category", "in": "query", "schema": {"type": "string"}},
344
+ {"name": "limit", "in": "query", "schema": {"type": "integer", "default": 20}}
345
+ ],
346
+ "responses": {
347
+ "200": {"description": "Fairness-weighted search results"}
348
+ }
349
+ }
350
+ },
351
+ "/api/plans": {
352
+ "get": {
353
+ "tags": ["Plans"],
354
+ "summary": "List subscription plans",
355
+ "description": "Returns all active subscription plans with features, pricing, and limits.",
356
+ "operationId": "getPlans",
357
+ "responses": {
358
+ "200": {
359
+ "description": "Active plans",
360
+ "content": {
361
+ "application/json": {
362
+ "schema": {
363
+ "type": "object",
364
+ "properties": {
365
+ "plans": {
366
+ "type": "array",
367
+ "items": {"$ref": "#/components/schemas/Plan"}
368
+ }
369
+ }
370
+ }
371
+ }
372
+ }
373
+ }
374
+ }
375
+ }
376
+ },
377
+ "/api/auth/register": {
378
+ "post": {
379
+ "tags": ["Authentication"],
380
+ "summary": "Create account",
381
+ "operationId": "register",
382
+ "requestBody": {
383
+ "required": true,
384
+ "content": {
385
+ "application/json": {
386
+ "schema": {
387
+ "type": "object",
388
+ "required": ["email", "password", "name"],
389
+ "properties": {
390
+ "email": {"type": "string", "format": "email"},
391
+ "password": {"type": "string", "minLength": 8},
392
+ "name": {"type": "string"}
393
+ }
394
+ }
395
+ }
396
+ }
397
+ },
398
+ "responses": {
399
+ "201": {"description": "Account created"},
400
+ "400": {"description": "Validation error"}
401
+ }
402
+ }
403
+ },
404
+ "/api/auth/login": {
405
+ "post": {
406
+ "tags": ["Authentication"],
407
+ "summary": "Sign in",
408
+ "operationId": "login",
409
+ "requestBody": {
410
+ "required": true,
411
+ "content": {
412
+ "application/json": {
413
+ "schema": {
414
+ "type": "object",
415
+ "required": ["email", "password"],
416
+ "properties": {
417
+ "email": {"type": "string", "format": "email"},
418
+ "password": {"type": "string"}
419
+ }
420
+ }
421
+ }
422
+ }
423
+ },
424
+ "responses": {
425
+ "200": {"description": "JWT token returned"},
426
+ "401": {"description": "Invalid credentials"}
427
+ }
428
+ }
429
+ },
430
+ "/api/license/verify": {
431
+ "post": {
432
+ "tags": ["License"],
433
+ "summary": "Verify license key",
434
+ "description": "Validates a WAB license key and returns site configuration.",
435
+ "operationId": "verifyLicense",
436
+ "requestBody": {
437
+ "required": true,
438
+ "content": {
439
+ "application/json": {
440
+ "schema": {
441
+ "type": "object",
442
+ "required": ["licenseKey", "domain"],
443
+ "properties": {
444
+ "licenseKey": {"type": "string"},
445
+ "domain": {"type": "string"}
446
+ }
447
+ }
448
+ }
449
+ }
450
+ },
451
+ "responses": {
452
+ "200": {"description": "License valid"},
453
+ "403": {"description": "License invalid or expired"}
454
+ }
455
+ }
456
+ },
457
+ "/api/noscript/bridge/{siteId}": {
458
+ "get": {
459
+ "tags": ["NoScript"],
460
+ "summary": "NoScript bridge page",
461
+ "description": "HTML bridge page for agents that cannot execute JavaScript. Provides structured page metadata via HTTP.",
462
+ "operationId": "getNoscriptBridge",
463
+ "parameters": [
464
+ {"name": "siteId", "in": "path", "required": true, "schema": {"type": "string"}}
465
+ ],
466
+ "responses": {
467
+ "200": {
468
+ "description": "HTML page with structured WAB metadata",
469
+ "content": {"text/html": {}}
470
+ }
471
+ }
472
+ }
473
+ }
474
+ },
475
+ "components": {
476
+ "securitySchemes": {
477
+ "bearerAuth": {
478
+ "type": "http",
479
+ "scheme": "bearer",
480
+ "description": "WAB session token obtained from /api/wab/authenticate"
481
+ }
482
+ },
483
+ "schemas": {
484
+ "DiscoveryDocument": {
485
+ "type": "object",
486
+ "properties": {
487
+ "wab_version": {"type": "string", "example": "1.2.0"},
488
+ "generated_at": {"type": "string", "format": "date-time"},
489
+ "provider": {
490
+ "type": "object",
491
+ "properties": {
492
+ "name": {"type": "string"},
493
+ "domain": {"type": "string"},
494
+ "category": {"type": "string"},
495
+ "description": {"type": "string"}
496
+ }
497
+ },
498
+ "capabilities": {
499
+ "type": "object",
500
+ "properties": {
501
+ "commands": {"type": "array", "items": {"type": "string"}},
502
+ "permissions": {"type": "object"},
503
+ "tier": {"type": "string"},
504
+ "transport": {"type": "array", "items": {"type": "string"}},
505
+ "features": {"type": "array", "items": {"type": "string"}}
506
+ }
507
+ },
508
+ "agent_access": {
509
+ "type": "object",
510
+ "properties": {
511
+ "bridge_script": {"type": "string"},
512
+ "api_base": {"type": "string"},
513
+ "websocket": {"type": "string"},
514
+ "noscript": {"type": "string"},
515
+ "discovery": {"type": "string"}
516
+ }
517
+ },
518
+ "fairness": {
519
+ "type": "object",
520
+ "properties": {
521
+ "is_independent": {"type": "boolean"},
522
+ "commission_rate": {"type": "number"},
523
+ "direct_benefit": {"type": "string"},
524
+ "neutrality_score": {"type": "number", "minimum": 0, "maximum": 100}
525
+ }
526
+ },
527
+ "security": {
528
+ "type": "object",
529
+ "properties": {
530
+ "session_required": {"type": "boolean"},
531
+ "origin_validation": {"type": "boolean"},
532
+ "rate_limit": {"type": "integer"},
533
+ "sandbox": {"type": "boolean"}
534
+ }
535
+ },
536
+ "endpoints": {"type": "object"}
537
+ }
538
+ },
539
+ "Action": {
540
+ "type": "object",
541
+ "properties": {
542
+ "name": {"type": "string", "description": "Action identifier"},
543
+ "description": {"type": "string"},
544
+ "category": {"type": "string", "enum": ["navigation", "form", "commerce", "content", "custom"]},
545
+ "parameters": {
546
+ "type": "array",
547
+ "items": {
548
+ "type": "object",
549
+ "properties": {
550
+ "name": {"type": "string"},
551
+ "type": {"type": "string"},
552
+ "required": {"type": "boolean"},
553
+ "description": {"type": "string"}
554
+ }
555
+ }
556
+ },
557
+ "permissions_required": {"type": "array", "items": {"type": "string"}}
558
+ }
559
+ },
560
+ "Plan": {
561
+ "type": "object",
562
+ "properties": {
563
+ "id": {"type": "integer"},
564
+ "tier": {"type": "string", "enum": ["free", "starter", "pro", "enterprise"]},
565
+ "name": {"type": "string"},
566
+ "price": {"type": "number"},
567
+ "currency": {"type": "string"},
568
+ "billing_cycle": {"type": "string"},
569
+ "description": {"type": "string"},
570
+ "features": {"type": "string", "description": "JSON array of feature strings"},
571
+ "max_sites": {"type": "integer"},
572
+ "max_actions_per_month": {"type": "integer"},
573
+ "rate_limit": {"type": "integer"},
574
+ "is_featured": {"type": "boolean"},
575
+ "is_contact_sales": {"type": "boolean"}
576
+ }
577
+ }
578
+ }
579
+ }
580
+ }