Fix composio_auth_link connect link generation

[konard]

Summary

Fixes #160 by making composio_auth_link generate real Composio Connect Links through the documented v3 auth flow instead of relying on the SDK toolkits.authorize shortcut that can return Default auth config not found for toolkits without managed credentials.

Changes

• Use the explicit auth_configs plus connected_accounts/link HTTP flow for composio_auth_link.
• Return an actionable error when Composio-managed auth is unavailable, telling the agent/user to create an auth config and retry with auth_config_id.
• Keep callback_url and alias support in the link request body and cover it with a regression test.
• Update README examples so agents do not surface stale https://app.composio.dev/connect?... example links.

Reproduction

Before this change, requesting an auth link for a toolkit like openai could fail with:

Default auth config not found for toolkit "openai". Composio does not have managed credentials for this toolkit.

The new regression test simulates that Composio response and verifies the plugin returns a clear instruction to use a real auth config ID instead of handing back an unusable example link.

Verification

• node --test plugins/composio-direct/test/unit/composio-direct.test.js
• node --test plugins/composio-direct/tests/index.test.js plugins/composio-direct/test/integration/composio-api.test.js
• npm run lint passes with existing warnings only
• npm run typecheck
• npm test

npm run validate still reports unrelated missing plugin-local optional packages for evaa (@evaafi/sdk), multisend (@tonkite/highload-wallet-v3), and stonfi (@ston-fi/api). composio-direct validates successfully.

[konard]

Solution summary

Implemented and pushed the fix for issue 160.

PR: #161
Commit: cbdfe33 on issue-160-4702d68e86d1

What changed:

• composio_auth_link now uses the documented Composio v3 flow directly: auth_configs then connected_accounts/link.
• Removed the SDK toolkits.authorize shortcut from auth-link generation, which was the path that could surface Default auth config not found.
• Added an actionable error for toolkits without Composio-managed auth, telling the agent/user to create an auth config and retry with auth_config_id.
• Added regression tests for the managed-auth failure and for forwarding callback_url/alias.
• Updated README examples so agents stop surfacing stale https://app.composio.dev/connect?... example links.

Verification:

• node --test plugins/composio-direct/test/unit/composio-direct.test.js passed.
• node --test plugins/composio-direct/tests/index.test.js plugins/composio-direct/test/integration/composio-api.test.js passed.
• npm run lint passed with existing warnings only.
• npm run typecheck passed.
• npm test passed.
• npm run validate still fails on unrelated plugin-local missing optional deps for evaa, multisend, and stonfi; composio-direct validates successfully.

PR 161 is marked ready for review, and GitHub Actions for the pushed commit are green: CI, Deploy to Vercel, and CodeQL all passed.

---

This summary was automatically extracted from the AI working session output.

[konard]

🤖 Solution Draft Log

This log file contains the complete execution trace of the AI solution draft process.

💰 Cost estimation:

• Model: gpt-5.4
• Provider: OpenAI
• Public pricing estimate: unknown
• Token usage: 130,585 input, 9,431 output, 1,769,472 cache read

📊 Context and tokens usage:

Total: (130.6K + 1.8M cached) input tokens, 9.4K output tokens

🤖 Models used:

• Tool: OpenAI Codex
• Requested: gpt-5.4
• Model: GPT-5.4 (gpt-5.4)

📎 Log file uploaded as Gist (5943KB)

• View complete solution draft log

---

Now working session is ended, feel free to review and add any feedback on the solution draft.

[konard]

✅ Ready to merge

This pull request is now ready to be merged:

• All CI checks have passed
• No merge conflicts
• No pending changes

---

Monitored by hive-mind with --auto-restart-until-mergeable flag