|
| 1 | +// The connect handoff as a DEVELOPER SESSION — the way a human actually |
| 2 | +// tests this: an agent chat in a real terminal where the agent wires up the |
| 3 | +// API over MCP and drops a connect link, a browser hop to paste the key, |
| 4 | +// then back to the chat to prove the connection works with a live send. |
| 5 | +// |
| 6 | +// No inference, no third-party agent binary: the "agent" is the chat |
| 7 | +// theater (src/clients/chat-theater.ts) presenting REAL mcporter MCP calls |
| 8 | +// — OAuth, execute, approval pause/resume all genuine, every tool spinner |
| 9 | +// on screen bracketing the actual call it narrates. The provider on the |
| 10 | +// other side is real too (resend.emulators.dev); its request ledger is the |
| 11 | +// final evidence. |
| 12 | +import { randomBytes } from "node:crypto"; |
| 13 | +import { join } from "node:path"; |
| 14 | + |
| 15 | +import { expect } from "@effect/vitest"; |
| 16 | +import { Effect } from "effect"; |
| 17 | + |
| 18 | +import { scenario } from "../src/scenario"; |
| 19 | +import { Browser, Cli, Mcp, RunDir, Target } from "../src/services"; |
| 20 | +import { withChatTheater } from "../src/clients/chat-theater"; |
| 21 | +import type { McpSession } from "../src/surfaces/mcp"; |
| 22 | + |
| 23 | +const EMULATOR_BASE = "https://resend.emulators.dev"; |
| 24 | + |
| 25 | +const unique = (prefix: string) => `${prefix}_${randomBytes(4).toString("hex")}`; |
| 26 | + |
| 27 | +// The emulator serves its own OpenAPI document (bearer auth, base URL in |
| 28 | +// `servers`) — adding by URL with nothing else is exactly what an agent |
| 29 | +// does, and the platform derives the paste-a-token auth method from the |
| 30 | +// spec's security scheme. |
| 31 | +const EMULATOR_SPEC_URL = `${EMULATOR_BASE}/openapi.json`; |
| 32 | + |
| 33 | +const addSpecCode = (slug: string) => ` |
| 34 | +const added = await tools.executor.openapi.addSpec({ |
| 35 | + spec: { kind: "url", url: ${JSON.stringify(EMULATOR_SPEC_URL)} }, |
| 36 | + slug: ${JSON.stringify(slug)}, |
| 37 | +}); |
| 38 | +return added.ok ? { ok: true, slug: added.data.slug, toolCount: added.data.toolCount } : { ok: false, error: added.error }; |
| 39 | +`; |
| 40 | + |
| 41 | +const createHandoffCode = (slug: string) => ` |
| 42 | +const handoff = await tools.executor.coreTools.connections.createHandoff({ |
| 43 | + integration: ${JSON.stringify(slug)}, |
| 44 | + owner: "org", |
| 45 | + label: "Resend", |
| 46 | +}); |
| 47 | +return handoff.ok ? { ok: true, url: handoff.data.url } : { ok: false, error: handoff.error }; |
| 48 | +`; |
| 49 | + |
| 50 | +const sendEmailCode = (slug: string, subject: string) => ` |
| 51 | +const found = await tools.search({ namespace: ${JSON.stringify(slug)}, query: "send email", limit: 5 }); |
| 52 | +const path = found.items[0]?.path; |
| 53 | +if (!path) return { ok: false, error: "no send tool found" }; |
| 54 | +let t = tools; |
| 55 | +for (const seg of path.split(".")) t = t[seg]; |
| 56 | +const sent = await t({ |
| 57 | + body: { |
| 58 | + from: "onboarding@example.com", |
| 59 | + to: "dev-session@example.com", |
| 60 | + subject: ${JSON.stringify(subject)}, |
| 61 | + html: "<p>connect-handoff developer session</p>", |
| 62 | + }, |
| 63 | +}); |
| 64 | +return { ok: sent.ok, path, result: sent.ok ? sent.data : sent.error }; |
| 65 | +`; |
| 66 | + |
| 67 | +/** Run `execute`, auto-approving a paused execution (policy elicitation) |
| 68 | + * once, and parse the sandbox's JSON return value. */ |
| 69 | +const executeJson = (session: McpSession, code: string) => |
| 70 | + Effect.gen(function* () { |
| 71 | + let result = yield* session.call("execute", { code }); |
| 72 | + if (result.text.includes("executionId:")) { |
| 73 | + result = yield* session.approvePaused(result.text); |
| 74 | + } |
| 75 | + expect(result.ok, `execute completed (got: ${result.text.slice(0, 400)})`).toBe(true); |
| 76 | + return JSON.parse(result.text) as Record<string, unknown>; |
| 77 | + }); |
| 78 | + |
| 79 | +const mintEmulatorApiKey = Effect.promise(async () => { |
| 80 | + const response = await fetch(`${EMULATOR_BASE}/_emulate/credentials`, { |
| 81 | + method: "POST", |
| 82 | + headers: { "content-type": "application/json" }, |
| 83 | + body: JSON.stringify({ type: "api-key" }), |
| 84 | + }); |
| 85 | + const body = (await response.json()) as { credential?: { token?: string } }; |
| 86 | + const token = body.credential?.token; |
| 87 | + if (!token) throw new Error(`emulator credential mint failed: ${JSON.stringify(body)}`); |
| 88 | + return token; |
| 89 | +}); |
| 90 | + |
| 91 | +scenario( |
| 92 | + "Connect · developer session: agent chat → handoff link → paste key → verified send", |
| 93 | + { timeout: 240_000 }, |
| 94 | + Effect.scoped( |
| 95 | + Effect.gen(function* () { |
| 96 | + const target = yield* Target; |
| 97 | + const mcp = yield* Mcp; |
| 98 | + const browser = yield* Browser; |
| 99 | + const cli = yield* Cli; |
| 100 | + const runDir = yield* RunDir; |
| 101 | + |
| 102 | + const integration = unique("resendsesh"); |
| 103 | + const emailSubject = unique("dev-session"); |
| 104 | + const apiKey = yield* mintEmulatorApiKey; |
| 105 | + const identity = yield* target.newIdentity(); |
| 106 | + const session = mcp.session(identity); |
| 107 | + |
| 108 | + yield* withChatTheater( |
| 109 | + cli, |
| 110 | + { title: "executor agent — connect Resend", record: join(runDir, "terminal.cast") }, |
| 111 | + (chat) => |
| 112 | + Effect.gen(function* () { |
| 113 | + // Real MCP OAuth + tool discovery happens behind this call. |
| 114 | + yield* chat.tool( |
| 115 | + { name: "executor (mcp)", result: (tools) => `${tools.length} tools available` }, |
| 116 | + session.listTools(), |
| 117 | + ); |
| 118 | + |
| 119 | + yield* chat.user( |
| 120 | + "Add the Resend API to my executor and give me a link to connect my account", |
| 121 | + ); |
| 122 | + yield* chat.assistant("I'll register the Resend API in your Executor now."); |
| 123 | + const added = yield* chat.tool( |
| 124 | + { name: "execute", input: addSpecCode(integration) }, |
| 125 | + executeJson(session, addSpecCode(integration)), |
| 126 | + ); |
| 127 | + expect(added.ok, `addSpec succeeded: ${JSON.stringify(added)}`).toBe(true); |
| 128 | + |
| 129 | + yield* chat.assistant("Registered. Creating your connect link…"); |
| 130 | + const handoff = yield* chat.tool( |
| 131 | + { name: "execute", input: createHandoffCode(integration) }, |
| 132 | + executeJson(session, createHandoffCode(integration)), |
| 133 | + ); |
| 134 | + expect(handoff.ok, `createHandoff succeeded: ${JSON.stringify(handoff)}`).toBe(true); |
| 135 | + const handoffUrl = String(handoff.url); |
| 136 | + expect(new URL(handoffUrl).origin, "handoff targets this deployment").toBe( |
| 137 | + new URL(target.baseUrl).origin, |
| 138 | + ); |
| 139 | + |
| 140 | + yield* chat.assistant( |
| 141 | + `Open this link to connect your Resend account:\n\n${handoffUrl}\n\nTell me once you've pasted your API key.`, |
| 142 | + ); |
| 143 | + |
| 144 | + // The browser hop — the terminal session stays open while the |
| 145 | + // "user" pastes the key; the paste is the real add-account UI. |
| 146 | + yield* chat.status("you, in the browser: opening the link and pasting the API key…"); |
| 147 | + yield* browser.session(identity, async ({ page, step }) => { |
| 148 | + await step("Open the connect link from the chat", async () => { |
| 149 | + await page.goto(handoffUrl, { waitUntil: "networkidle" }); |
| 150 | + await page |
| 151 | + .getByRole("heading", { name: /Add connection/ }) |
| 152 | + .waitFor({ timeout: 15_000 }); |
| 153 | + }); |
| 154 | + await step("Paste the Resend API key and connect", async () => { |
| 155 | + const credential = page.getByPlaceholder(/paste the value \/ token/i); |
| 156 | + await credential.waitFor({ timeout: 15_000 }); |
| 157 | + await credential.fill(apiKey); |
| 158 | + await page.getByRole("button", { name: "Add connection", exact: true }).click(); |
| 159 | + await page |
| 160 | + .getByRole("heading", { name: /Add connection/ }) |
| 161 | + .waitFor({ state: "hidden", timeout: 20_000 }); |
| 162 | + }); |
| 163 | + }); |
| 164 | + |
| 165 | + yield* chat.user("Connected, now send a test email to prove it works"); |
| 166 | + yield* chat.assistant("Sending a test email through your new connection…"); |
| 167 | + const sent = yield* chat.tool( |
| 168 | + { name: "execute", input: sendEmailCode(integration, emailSubject) }, |
| 169 | + executeJson(session, sendEmailCode(integration, emailSubject)), |
| 170 | + ); |
| 171 | + expect(sent.ok, `email sent through the connection: ${JSON.stringify(sent)}`).toBe( |
| 172 | + true, |
| 173 | + ); |
| 174 | + |
| 175 | + yield* chat.assistant("Test email sent - your Resend connection works."); |
| 176 | + }), |
| 177 | + ); |
| 178 | + |
| 179 | + // Final evidence: the emulator's ledger saw the send from Executor. |
| 180 | + const ledger = yield* Effect.promise(async () => |
| 181 | + (await fetch(`${EMULATOR_BASE}/_emulate/ledger`)).text(), |
| 182 | + ); |
| 183 | + expect( |
| 184 | + ledger.includes(emailSubject), |
| 185 | + "the emulator request ledger recorded the test email", |
| 186 | + ).toBe(true); |
| 187 | + }), |
| 188 | + ), |
| 189 | +); |
0 commit comments