mirror of
https://github.com/nexu-io/open-design.git
synced 2026-06-01 03:14:35 +07:00
d592f6087f
* feat(mcp): add external MCP client with daemon-managed OAuth and 17 design-focused templates
Open Design now acts as an MCP CLIENT and surfaces tools from third-party
MCP servers to the underlying agent (Claude Code, Hermes, Kimi).
Daemon
- New mcp-config / mcp-oauth / mcp-tokens modules: persist server entries
to .od/mcp-config.json, run the OAuth dance for HTTP/SSE servers
end-to-end on the daemon (so cloud deployments work and tokens
survive across turns), and inject Authorization: Bearer headers into
the per-spawn .mcp.json the daemon writes for Claude Code (or the
ACP mcpServers map for Hermes/Kimi).
- /api/mcp/servers and /api/mcp/oauth/{start,status,disconnect}
endpoints, plus spawn-time wiring in agents that hands the configured
servers to the active agent CLI.
- System-prompt directive for connected external MCPs so the model
does not chase Claude Code's synthetic *_authenticate /
*_complete_authentication tools when the Bearer is already pinned.
Web
- Settings -> External MCP servers panel with per-row OAuth Connect /
Disconnect / Refresh affordances and per-row template hints.
- New "Add server" picker categorized into 7 groups
(image-generation, image-editing, web-capture, ui-components,
data-viz, publishing, utilities) with a search box, sticky close
button, collapsible <details> sections (auto-expand on search),
60vh capped scroll region, and a pinned Custom-server footer.
- ChatComposer /mcp slash and MCP picker button forward to the new
Settings tab; AssistantMessage renders MCP tool calls inline;
markdown autolinker handles bare http(s) URLs (incl. OAuth links)
before italic markers so OAuth callback URLs do not get
italic-fragmented mid-token.
Contracts
- packages/contracts/src/api/mcp.ts owns the wire shapes
(McpServerConfig, McpTemplate with stable McpTemplateCategory
enum, McpServersResponse, OAuth start/status/disconnect bodies, the
postMessage payload from the OAuth callback).
Templates (17 built-in)
- image-generation: Higgsfield (OpenClaw, OAuth HTTP), Pollinations,
Allyson (animated SVG), AWS Bedrock Image (uvx).
- image-editing: Imagician, ImageSorcery.
- web-capture: just-every screenshot-website-fast, ScreenshotOne.
- ui-components: 21st.dev Magic, shadcn/ui, FlyonUI.
- data-viz: AntV Chart, Mermaid.
- publishing: EdgeOne Pages.
- utilities: Filesystem, GitHub, Fetch.
Tests
- apps/daemon/tests/mcp-{config,oauth,tokens,spawn}.test.ts cover
storage round-trip, OAuth helpers, token persistence, spawn-time
wiring, every template's transport / command / args / env-field
invariants, and the canonical category enum.
- apps/web/tests/runtime/markdown.test.tsx covers the new autolinker
ordering rules.
Co-authored-by: Cursor <cursoragent@cursor.com>
* feat(mcp): add 21 more design-focused templates and a `design-systems` category
Expands the built-in MCP picker from 17 to 38 templates so users can compose
the full Open Design craft loop (design-system intake → generate → edit →
audit → publish) without leaving the Settings dialog. Every install spec is
verified live against the upstream README; templates that needed Go binaries,
multi-step `init` ceremonies, or massive runtime stacks (PostgreSQL + Redis
+ Ollama) are intentionally deferred so picking a template still resolves to
a working server in one click.
New `design-systems` category between `web-capture` and `ui-components`
(reflects the upstream-of-components position in the workflow). Mirrored in
`McpTemplateCategory` on both contracts and daemon, and `CATEGORY_ORDER` on
the web side.
New templates by category:
- image-generation (+4): prompt-to-asset (icons / favicons / OG / logos with
free-tier routing across Cloudflare AI / NVIDIA NIM / HF / Stable Horde),
Nano Banana (hosted streamable HTTP, virtual try-on + product placement),
Seedream (hosted streamable HTTP, ByteDance Seedream v3-v5 + SeedEdit),
fal.ai (uvx, 600+ models incl. FLUX / Kling / Hunyuan / MusicGen).
- image-editing (+3): Photopea (34 layered-editor tools — closes the PSD
gap), Topaz Labs (AI upscale / denoise / sharpen), Transloadit (86+ media
pipeline robots).
- web-capture (+1): Pagecast (browser → demo GIF / MP4 with auto-zoom).
- design-systems (+4, NEW category): Figma-Context (Framelink, designs →
code), Design Token Bridge (Tailwind ⇄ CSS ⇄ Figma ⇄ M3 / SwiftUI / W3C
DTCG + WCAG contrast), Design System Extractor (Storybook scrape),
Aesthetics Wiki (cottagecore / dark-academia / y2k / … moodboards).
- data-viz (+2): MCP Dashboards (45+ chart types + KPI dashboards),
Excalidraw Architect (hand-drawn architecture diagrams).
- publishing (+6): PageDrop, PDFSpark, OGForge, QRMint, Slideshot
(HTML → PDF / PPTX / PNG with 7 themes), Deckrun (Markdown → PDF / video,
hosted free tier with no key required).
- utilities (+1): A11y axe-core (WCAG 2.0/2.1/2.2 + color-contrast + ARIA).
Tests cover every new template's wiring (command, args, env / header
required-vs-optional, secret flag), the category enum invariant, and
in-category declaration order for image-generation, design-systems and
publishing buckets where the order is what users see in the picker. 21 new
test cases pass; full mcp-config suite is green.
Templates intentionally deferred (documented in PR body): figma-use
(needs Figma desktop with --remote-debugging-port=9222), m-moire (multi-step
`memi suite init` + daemon ceremony), gemini-media-mcp + trident-mcp (Go
binaries — no npx / uvx path), Pixelle-MCP (full app with web UI + ComfyUI
backend), storybook-addon-mcp (lives inside user's Storybook, not standalone),
primitiv (multi-step init / build / serve), ReftrixMCP (PostgreSQL + Redis +
Ollama + DINOv2), narasimhaponnada/mermaid (overlap with peng-shawn).
Co-authored-by: Cursor <cursoragent@cursor.com>
* feat(mcp): add figma-use template (write designs from chat) under design-systems
figma-use is the natural counterpart to Figma-Context already in this PR:
where Framelink reads Figma designs into the model, figma-use writes back
into the canvas (90+ tools — create frames / text / components / variants,
render JSX into Figma, export PNG/SVG, query nodes via XPath, lint for
WCAG / auto-layout / hardcoded colors, analyze design systems).
Wired as an HTTP MCP template (`http://localhost:38451/mcp`) because
`figma-use mcp serve` only exposes HTTP — there's no stdio mode in the
upstream `serve.ts`. No API key. Two prerequisites the user owns are
spelled out in the description so picking the template still resolves to
a working server: (1) start Figma with `--remote-debugging-port=9222`
(or `figma-use daemon start --pipe` on Figma 126+), and (2) leave
`npx figma-use mcp serve` running in a terminal.
Inserted between `design-system-extractor` and `aesthetics-wiki` so the
design-systems category reads as a workflow: read existing design (Figma
Context) → translate tokens (Token Bridge) → extract from Storybook
(Extractor) → write back to Figma (figma-use) → break creative block
(Aesthetics Wiki).
Tests cover the new template's transport (`http`), endpoint URL, the
empty header-fields invariant (no auth required), and bump the
design-systems group order to include it.
Co-authored-by: Cursor <cursoragent@cursor.com>
* feat(settings): i18n the External MCP / MCP server / Connectors sidebar entries and make the dialog header track the active section
The External MCP sidebar entry this PR introduces was hardcoded English
("External MCP / Add MCP tools (Higgsfield, GitHub…)"). Same for the
adjacent Connectors and MCP server entries. The dialog header was also
pinned to "Execution & model" copy, so opening Settings → External MCP
showed a header that lied about which section the user was on.
Adds six translation keys — `settings.connectorsTitle/Hint`,
`settings.mcpServerTitle/Hint`, `settings.externalMcpTitle/Hint` — and
translates them across all 17 locales (ar, de, en, es-ES, fa, fr, hu, id,
ja, ko, pl, pt-BR, ru, tr, uk, zh-CN, zh-TW).
`SettingsDialog` now derives the header title/subtitle from the active
section (11 sections total) instead of a single hardcoded pair, so each
section renders an honest header.
Co-authored-by: Cursor <cursoragent@cursor.com>
* test(e2e): pin level: 3 on dialog heading lookups for Pets and Connectors
CI's Validate workspace job (#1479) failed two Playwright cases with the
strict-mode violation:
getByRole('dialog').getByRole('heading', { name: 'Pets' })
resolved to 2 elements:
1) <h2>Pets</h2>
2) <h3>Pets</h3>
Same root cause as the unit-test fix already in this PR: the dynamic
dialog `<h2>` now echoes the section's own `<h3>` because the dialog
header tracks the active section. Disambiguate to `level: 3` so each
assertion still pins the section heading specifically (which is what
the test intends to verify).
Audit of the rest of e2e/ for `dialog.getByRole('heading', ...)` —
settings-api-protocol.test.ts looks for "OpenAI API" / "Anthropic API"
section h3s which never appear in the dialog `<h2>` (always
"Execution & model"), so those stay safe.
Co-authored-by: Cursor <cursoragent@cursor.com>
* fix(mcp): bind OAuth refresh to the issuing client and skip stale tokens
Persist the OAuth client context (token endpoint, client_id, client_secret,
issuer, redirect_uri, resource) alongside the bearer token so refresh hits
the same client the refresh_token was bound to (RFC 6749 §6). The previous
refresh path re-ran beginAuth with a dummy OOB redirect URI, which kept
getOrRegisterClient from finding the original DCR client and made
providers reject the refresh on the next chat turn. Refreshes now reuse
the persisted endpoint/client pair directly.
Also stop injecting expired access tokens at spawn time when refresh is
unavailable or fails. Pinning a stale Bearer made every Claude MCP call
401 while the prompt still treated the server as connected; on that path
we now skip the entry and let the UI surface a reconnect.
Generated-By: looper 0.6.1 (runner=fixer, agent=claude-code)
---------
Co-authored-by: Cursor <cursoragent@cursor.com>
354 lines
12 KiB
TypeScript
354 lines
12 KiB
TypeScript
import { expect, test } from '@playwright/test';
|
|
import type { Locator, Page } from '@playwright/test';
|
|
|
|
const STORAGE_KEY = 'open-design:config';
|
|
|
|
const CONNECTORS = [
|
|
{
|
|
id: 'github',
|
|
name: 'GitHub',
|
|
provider: 'composio',
|
|
category: 'Developer tools',
|
|
description: 'Read repository issues and pull requests.',
|
|
status: 'available',
|
|
auth: { provider: 'composio', configured: true },
|
|
tools: [
|
|
{
|
|
name: 'list_issues',
|
|
title: 'List issues',
|
|
description: 'List recent issues from a repository.',
|
|
safety: {
|
|
sideEffect: 'read',
|
|
approval: 'auto',
|
|
reason: 'Read-only issue lookup.',
|
|
},
|
|
refreshEligible: true,
|
|
},
|
|
],
|
|
},
|
|
{
|
|
id: 'slack',
|
|
name: 'Slack',
|
|
provider: 'composio',
|
|
category: 'Communication',
|
|
description: 'Search channels and messages.',
|
|
status: 'connected',
|
|
accountLabel: 'design-team',
|
|
auth: { provider: 'composio', configured: true },
|
|
tools: [],
|
|
},
|
|
];
|
|
|
|
const IMAGE_TEMPLATE = {
|
|
id: 'editorial-poster',
|
|
surface: 'image',
|
|
title: 'Editorial Poster',
|
|
summary: 'A punchy launch poster for a product announcement.',
|
|
category: 'Marketing',
|
|
tags: ['poster', 'launch'],
|
|
model: 'gpt-image-1',
|
|
aspect: '4:5',
|
|
source: {
|
|
repo: 'open-design/test-prompts',
|
|
license: 'MIT',
|
|
author: 'Open Design QA',
|
|
},
|
|
};
|
|
|
|
async function readSavedConfig(page: Page) {
|
|
return page.evaluate((key) => {
|
|
const raw = window.localStorage.getItem(key);
|
|
return raw ? JSON.parse(raw) : null;
|
|
}, STORAGE_KEY);
|
|
}
|
|
|
|
test.beforeEach(async ({ page }) => {
|
|
await page.addInitScript((key) => {
|
|
window.localStorage.setItem(
|
|
key,
|
|
JSON.stringify({
|
|
mode: 'daemon',
|
|
apiKey: '',
|
|
baseUrl: 'https://api.anthropic.com',
|
|
model: 'claude-sonnet-4-5',
|
|
agentId: 'mock',
|
|
skillId: null,
|
|
designSystemId: null,
|
|
onboardingCompleted: true,
|
|
agentModels: {},
|
|
}),
|
|
);
|
|
}, STORAGE_KEY);
|
|
|
|
await page.route('**/api/agents', async (route) => {
|
|
await route.fulfill({
|
|
json: {
|
|
agents: [
|
|
{
|
|
id: 'mock',
|
|
name: 'Mock Agent',
|
|
bin: 'mock-agent',
|
|
available: true,
|
|
version: 'test',
|
|
models: [{ id: 'default', label: 'Default' }],
|
|
},
|
|
],
|
|
},
|
|
});
|
|
});
|
|
});
|
|
|
|
test('prompt template retry preserves the edited body in project metadata', async ({ page }) => {
|
|
let detailRequests = 0;
|
|
await page.route('**/api/prompt-templates', async (route) => {
|
|
await route.fulfill({ json: { promptTemplates: [IMAGE_TEMPLATE] } });
|
|
});
|
|
await page.route('**/api/prompt-templates/image/editorial-poster', async (route) => {
|
|
detailRequests += 1;
|
|
if (detailRequests === 1) {
|
|
await route.fulfill({ status: 500, body: 'template unavailable' });
|
|
return;
|
|
}
|
|
await route.fulfill({
|
|
json: {
|
|
promptTemplate: {
|
|
...IMAGE_TEMPLATE,
|
|
prompt: 'Original poster prompt with dramatic type and product photography.',
|
|
},
|
|
},
|
|
});
|
|
});
|
|
|
|
await gotoEntryHome(page);
|
|
await page.getByTestId('new-project-tab-image').click();
|
|
await page.getByTestId('new-project-name').fill('Prompt template retry metadata');
|
|
|
|
await page.getByTestId('prompt-template-trigger').click();
|
|
await page.getByTestId('prompt-template-search').fill('poster');
|
|
await page.getByRole('option', { name: /Editorial Poster/i }).click();
|
|
|
|
await expect(page.getByTestId('prompt-template-error')).toBeVisible();
|
|
await page.getByTestId('prompt-template-retry').click();
|
|
await expect(page.getByTestId('prompt-template-error')).toHaveCount(0);
|
|
await expect(page.getByTestId('prompt-template-body')).toContainText('Original poster prompt');
|
|
|
|
await page.getByTestId('prompt-template-body').fill('');
|
|
await expect(page.getByTestId('prompt-template-empty-hint')).toBeVisible();
|
|
await page.getByTestId('prompt-template-body').fill(
|
|
'Edited QA prompt: bold poster, one hero product, crisp headline.',
|
|
);
|
|
await page.getByTestId('create-project').click();
|
|
|
|
const project = await fetchCurrentProject(page);
|
|
expect(project.metadata?.promptTemplate).toMatchObject({
|
|
id: 'editorial-poster',
|
|
surface: 'image',
|
|
title: 'Editorial Poster',
|
|
prompt: 'Edited QA prompt: bold poster, one hero product, crisp headline.',
|
|
});
|
|
});
|
|
|
|
test('live artifact empty connector CTA opens the gated connector setup path', async ({ page }) => {
|
|
await routeConnectors(page, []);
|
|
await routeComposioConfig(page, { configured: false, apiKeyTail: '' });
|
|
|
|
await gotoEntryHome(page);
|
|
await page.getByTestId('new-project-tab-live-artifact').click();
|
|
await expect(page.getByTestId('new-project-connectors')).toBeVisible();
|
|
|
|
// The empty CTA now opens Settings → Connectors directly. The Composio API
|
|
// key field sits at the top of the section; the catalog (and its gate)
|
|
// sits below it.
|
|
await page.getByTestId('new-project-connectors-empty').click();
|
|
const settingsDialog = page.getByRole('dialog');
|
|
await expect(settingsDialog).toBeVisible();
|
|
await expect(
|
|
settingsDialog.getByRole('heading', { level: 3, name: 'Connectors' }),
|
|
).toBeVisible();
|
|
await expect(settingsDialog.getByPlaceholder('Paste Composio API key')).toBeVisible();
|
|
await expect(settingsDialog.getByTestId('connector-gate')).toBeVisible();
|
|
await expect(settingsDialog.getByTestId('connectors-search-input')).toBeDisabled();
|
|
});
|
|
|
|
test('connectors search supports empty results and keyboard-closeable details', async ({ page }) => {
|
|
await routeConnectors(page, CONNECTORS);
|
|
await routeComposioConfig(page, { configured: true, apiKeyTail: '1234' });
|
|
await page.addInitScript((key) => {
|
|
const next = {
|
|
mode: 'daemon',
|
|
apiKey: '',
|
|
baseUrl: 'https://api.anthropic.com',
|
|
model: 'claude-sonnet-4-5',
|
|
agentId: 'mock',
|
|
skillId: null,
|
|
designSystemId: null,
|
|
onboardingCompleted: true,
|
|
agentModels: {},
|
|
composio: {
|
|
apiKey: '',
|
|
apiKeyConfigured: true,
|
|
apiKeyTail: '1234',
|
|
},
|
|
};
|
|
window.localStorage.setItem(key, JSON.stringify(next));
|
|
}, STORAGE_KEY);
|
|
|
|
await page.goto('/');
|
|
// Connector cards + search now live under Settings → Connectors. Open the
|
|
// settings dialog via the entry sidebar's "Configure execution mode" pill
|
|
// and switch to the Connectors section before exercising the
|
|
// search/empty/details flow.
|
|
await page.getByRole('button', { name: 'Configure execution mode' }).click();
|
|
const settingsDialog = page.getByRole('dialog');
|
|
await expect(settingsDialog).toBeVisible();
|
|
await settingsDialog.getByRole('button', { name: /^Connectors\b/ }).click();
|
|
await expect(settingsDialog.getByTestId('connector-grid-wrap')).toBeVisible();
|
|
|
|
const search = settingsDialog.getByTestId('connectors-search-input');
|
|
await search.fill('git');
|
|
await expect(connectorCard(settingsDialog, 'github')).toBeVisible();
|
|
await expect(connectorCard(settingsDialog, 'slack')).toHaveCount(0);
|
|
|
|
await search.fill('missing connector');
|
|
await expect(settingsDialog.getByTestId('connectors-empty')).toBeVisible();
|
|
await settingsDialog.getByTestId('connectors-search-clear').click();
|
|
await expect(settingsDialog.getByTestId('connectors-empty')).toHaveCount(0);
|
|
await expect(connectorCard(settingsDialog, 'github')).toBeVisible();
|
|
await expect(connectorCard(settingsDialog, 'slack')).toBeVisible();
|
|
|
|
await connectorCard(settingsDialog, 'github').focus();
|
|
await connectorCard(settingsDialog, 'github').press('Enter');
|
|
await expect(page.getByTestId('connector-drawer')).toBeVisible();
|
|
await expect(page.getByTestId('connector-drawer')).toContainText('List issues');
|
|
await page.keyboard.press('Escape');
|
|
await expect(page.getByTestId('connector-drawer')).toHaveCount(0);
|
|
});
|
|
|
|
test('saving a Composio key from Settings unlocks the connectors gate immediately', async ({ page }) => {
|
|
const { accountLabel: _unusedAccountLabel, ...slackConnector } = CONNECTORS[1]!;
|
|
await routeConnectors(page, [
|
|
{
|
|
...CONNECTORS[0]!,
|
|
status: 'available',
|
|
auth: { provider: 'composio', configured: false },
|
|
},
|
|
{
|
|
...slackConnector,
|
|
status: 'available',
|
|
auth: { provider: 'composio', configured: false },
|
|
},
|
|
]);
|
|
|
|
let savedComposioBody: unknown = null;
|
|
await page.route('**/api/connectors/composio/config', async (route) => {
|
|
savedComposioBody = route.request().postDataJSON();
|
|
await route.fulfill({ status: 200, body: '{}' });
|
|
});
|
|
await page.route('**/api/app-config', async (route) => {
|
|
if (route.request().method() === 'GET') {
|
|
await route.fulfill({ status: 200, json: { config: null } });
|
|
return;
|
|
}
|
|
await route.fulfill({ status: 200, body: '{}' });
|
|
});
|
|
|
|
await gotoEntryHome(page);
|
|
await page.getByRole('button', { name: 'Configure execution mode' }).click();
|
|
const settingsDialog = page.getByRole('dialog');
|
|
await expect(settingsDialog).toBeVisible();
|
|
await settingsDialog.getByRole('button', { name: /^Connectors\b/ }).click();
|
|
await expect(settingsDialog.getByTestId('connectors-search-input')).toBeDisabled();
|
|
|
|
await settingsDialog.getByPlaceholder('Paste Composio API key').fill('cmp-secret-1234');
|
|
await settingsDialog.getByRole('button', { name: 'Save key', exact: true }).click();
|
|
|
|
expect(savedComposioBody).toEqual({ apiKey: 'cmp-secret-1234' });
|
|
await expect(settingsDialog.getByTestId('connectors-search-input')).toBeEnabled();
|
|
await expect(connectorCard(settingsDialog, 'github')).toBeVisible();
|
|
|
|
await expect.poll(async () => readSavedConfig(page)).toMatchObject({
|
|
composio: {
|
|
apiKey: '',
|
|
apiKeyConfigured: true,
|
|
apiKeyTail: '1234',
|
|
},
|
|
});
|
|
const savedConfig = await readSavedConfig(page);
|
|
expect(savedConfig?.composio).toMatchObject({
|
|
apiKey: '',
|
|
apiKeyConfigured: true,
|
|
apiKeyTail: '1234',
|
|
});
|
|
});
|
|
|
|
async function routeConnectors(page: Page, connectors: typeof CONNECTORS) {
|
|
await page.route('**/api/connectors', async (route) => {
|
|
await route.fulfill({ json: { connectors } });
|
|
});
|
|
await page.route('**/api/connectors/status', async (route) => {
|
|
const statuses = Object.fromEntries(
|
|
connectors.map((connector) => [
|
|
connector.id,
|
|
{
|
|
status: connector.status,
|
|
accountLabel: connector.accountLabel,
|
|
},
|
|
]),
|
|
);
|
|
await route.fulfill({ json: { statuses } });
|
|
});
|
|
await page.route('**/api/connectors/discovery*', async (route) => {
|
|
await route.fulfill({
|
|
json: {
|
|
connectors,
|
|
meta: { provider: 'composio' },
|
|
},
|
|
});
|
|
});
|
|
}
|
|
|
|
async function gotoEntryHome(page: Page) {
|
|
await page.goto('/', { waitUntil: 'domcontentloaded' });
|
|
await expect(page.getByTestId('new-project-panel')).toBeVisible();
|
|
}
|
|
|
|
async function routeComposioConfig(
|
|
page: Page,
|
|
config: { configured: boolean; apiKeyTail?: string },
|
|
) {
|
|
await page.route('**/api/connectors/composio/config', async (route) => {
|
|
if (route.request().method() === 'GET') {
|
|
await route.fulfill({ json: config });
|
|
return;
|
|
}
|
|
|
|
await route.fulfill({ json: { ok: true } });
|
|
});
|
|
}
|
|
|
|
function connectorCard(scope: Page | Locator, id: string) {
|
|
return scope.locator(`article.connector-card[data-connector-id="${id}"]`);
|
|
}
|
|
|
|
async function fetchCurrentProject(page: Page) {
|
|
await expect(page).toHaveURL(/\/projects\/[^/]+/);
|
|
const url = new URL(page.url());
|
|
const [, projectId] = url.pathname.match(/\/projects\/([^/]+)/) ?? [];
|
|
expect(projectId).toBeTruthy();
|
|
|
|
const response = await page.request.get(`/api/projects/${projectId}`);
|
|
expect(response.ok()).toBeTruthy();
|
|
const body = (await response.json()) as {
|
|
project: {
|
|
metadata?: {
|
|
promptTemplate?: {
|
|
id: string;
|
|
surface: string;
|
|
title: string;
|
|
prompt: string;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
return body.project;
|
|
}
|