feat(MK8S-196): add WebMCP protocol support to shell-ui

[JBWatenbergScality]

Summary

Implements the WebMCP standard so that shell-ui can expose AI-agent tools registered by micro-apps via navigator.modelContext.registerTool(). Tools are declared in each micro-app's WebFinger spec and loaded by shell-ui through the existing Module Federation infrastructure.

• ConfigurationProviders – adds optional mcpTools: FederatedModuleInfo field to BuildtimeWebFinger.spec, parallel to existing navbarUpdaterComponents
• src/mcp/types.ts – ambient Navigator.modelContext types + MCPToolDefinition / ToolContext contracts
• src/mcp/userAgent.ts – isAIUserAgent(): UA-pattern-based detection of known AI agent crawlers (GPTBot, ClaudeBot, Gemini, Perplexity, …) to suppress Keycloak auto-redirect
• src/mcp/MCPRegistrar.tsx – uses ComponentWithFederatedImports (same pattern as InstanceName.tsx) to load each micro-app's tool module and call registerTool() for every exported tool; authRequired: true tools are wrapped with a PKCE auth modal via OidcClient + requestUserInteraction
• AuthProvider – exposes userManager from useAuth(); adds autoSignIn: !isAIUserAgent() so the app loads without redirecting to Keycloak in AI sessions
• FederatedApp – mounts <MCPRegistrar /> inside the status === 'success' block alongside SolutionsNavbar
• rspack.config.ts – copies @mcp-b/webmcp-local-relay browser assets (embed.js, widget.html) to build output via CopyRspackPlugin; patches widget.html to raise the relay request timeout from 10 s → 60 s; excludes @mcp-b/* from Module Federation shared config

How a micro-app declares tools

Add mcpTools to spec in the app's micro-app-configuration WebFinger:

{
  "spec": {
    "mcpTools": { "module": "./MCPTools", "scope": "my-app" }
  }
}

Expose the module in rspack:

exposes: { './MCPTools': './src/mcp/index.ts' }

The module exports a plain { tools: MCPToolDefinition[] } — no React component required.

Example: a weather micro-app

// src/mcp/tools/getCurrentWeatherTool.ts
export const getCurrentWeatherTool = {
  name: 'getCurrentWeather',
  description: 'Returns the current weather for a given city displayed in the app.',
  authRequired: false,
  inputSchema: {
    type: 'object',
    properties: {
      city: { type: 'string', description: 'City name, e.g. "Paris"' },
    },
    required: ['city'],
  },
  execute: async ({ city }: { city: string; context: ToolContext }) => {
    const res = await fetch(`/api/weather?city=${encodeURIComponent(city)}`);
    return res.json(); // { temperature: 18, unit: 'C', condition: 'Cloudy' }
  },
};

// src/mcp/tools/setLocationTool.ts
export const setLocationTool = {
  name: 'setLocation',
  description: 'Changes the city shown in the weather dashboard.',
  authRequired: true,           // triggers PKCE modal if not logged in
  inputSchema: {
    type: 'object',
    properties: {
      city: { type: 'string' },
    },
    required: ['city'],
  },
  execute: async ({ city, context }: { city: string; context: ToolContext }) => {
    const token = await context.getToken();
    await fetch('/api/location', {
      method: 'PUT',
      headers: { Authorization: `Bearer ${token}`, 'Content-Type': 'application/json' },
      body: JSON.stringify({ city }),
    });
    return { success: true, city };
  },
};

// src/mcp/index.ts
export const tools = [getCurrentWeatherTool, setLocationTool];

An AI agent connected via the WebMCP local relay can then call getCurrentWeather({ city: "Paris" }) or setLocation({ city: "Tokyo" }) directly against the running UI.

Test plan

• Normal browser session: autoSignIn remains true → existing Keycloak redirect behaviour unchanged
• AI agent session (matching UA): page loads without redirect; tools appear in navigator.modelContext
• Calling an authRequired tool when unauthenticated shows PKCE modal; cancelling returns { success: false, error: { code: 'AUTH_REQUIRED' } }
• Existing NavbarUpdaterComponents and InstanceName patterns unaffected

🤖 Generated with Claude Code

[bert-e]

Hello jbwatenbergscality,

My role is to assist you with the merge of this
pull request. Please type @bert-e help to get information
on this process, or consult the user documentation.

Available options

name	description	privileged	authored
/after_pull_request	Wait for the given pull request id to be merged before continuing with the current one.
/bypass_author_approval	Bypass the pull request author's approval	⭐
/bypass_build_status	Bypass the build and test status	⭐
/bypass_commit_size	Bypass the check on the size of the changeset TBA	⭐
/bypass_incompatible_branch	Bypass the check on the source branch prefix	⭐
/bypass_jira_check	Bypass the Jira issue check	⭐
/bypass_peer_approval	Bypass the pull request peers' approval	⭐
/bypass_leader_approval	Bypass the pull request leaders' approval	⭐
/approve	Instruct Bert-E that the author has approved the pull request.		✍️
/create_pull_requests	Allow the creation of integration pull requests.
/create_integration_branches	Allow the creation of integration branches.
/no_octopus	Prevent Wall-E from doing any octopus merge and use multiple consecutive merge instead
/unanimity	Change review acceptance criteria from one reviewer at least to all reviewers
/wait	Instruct Bert-E not to run until further notice.

Available commands

name	description	privileged
/help	Print Bert-E's manual in the pull request.
/status	Print Bert-E's current status in the pull request TBA
/clear	Remove all comments from Bert-E from the history TBA
/retry	Re-start a fresh build TBA
/build	Re-start a fresh build TBA
/force_reset	Delete integration branches & pull requests, and restart merge process from the beginning.
/reset	Try to remove integration branches unless there are commits on them which do not appear on the source branch.

Status report is not available.

[bert-e]

Request integration branches

Waiting for integration branch creation to be requested by the user.

To request integration branches, please comment on this pull request with the following command:

/create_integration_branches

Alternatively, the /approve and /create_pull_requests commands will automatically
create the integration branches.