@coffrify/mcp 0.1.2 → 0.2.0

package/dist/server.js

@@ -3,8 +3,15 @@
 // src/server.ts
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
-import { CallToolRequestSchema, ListToolsRequestSchema } from "@modelcontextprotocol/sdk/types.js";
-import { Coffrify } from "@coffrify/sdk";
+import {
+  CallToolRequestSchema,
+  ListToolsRequestSchema,
+  ListResourcesRequestSchema,
+  ReadResourceRequestSchema,
+  ListPromptsRequestSchema,
+  GetPromptRequestSchema
+} from "@modelcontextprotocol/sdk/types.js";
+import { Coffrify, COFFRIFY_EVENT_CATALOG } from "@coffrify/sdk";
 var apiKey = process.env.COFFRIFY_API_KEY;
 var apiUrl = process.env.COFFRIFY_API_URL ?? "https://api.coffrify.com";
 if (!apiKey) {
@@ -13,33 +20,42 @@ if (!apiKey) {
 }
 var coffrify = new Coffrify({ apiKey, apiUrl });
 var server = new Server(
-  { name: "coffrify", version: "0.1.0" },
-  { capabilities: { tools: {} } }
+  { name: "coffrify", version: "0.2.0" },
+  { capabilities: { tools: {}, resources: {}, prompts: {} } }
 );
+var eventEnum = COFFRIFY_EVENT_CATALOG.map((e) => e.type);
 var TOOLS = [
   {
     name: "coffrify_list_transfers",
-    description: "List recent encrypted file transfers in the workspace. Returns id, short_code, title, status, downloads count, expiration.",
+    description: "List recent encrypted file transfers in the workspace.",
     inputSchema: {
       type: "object",
       properties: {
-        limit: { type: "number", description: "Max results (default 20)", default: 20 },
-        status: { type: "string", description: "Filter by status: active|expired|deleted" }
+        limit: { type: "number", default: 20 },
+        status: { type: "string", description: "active|expired|deleted" }
       }
     }
   },
   {
-    name: "coffrify_get_transfer",
-    description: "Get full details of a transfer including files, settings, scan status.",
+    name: "coffrify_search_transfers",
+    description: "Search transfers by title substring or short_code prefix.",
     inputSchema: {
       type: "object",
-      properties: { id: { type: "string", description: "Transfer ID (tr_...)" } },
-      required: ["id"]
+      properties: {
+        query: { type: "string", description: "Substring (case-insensitive) to match against title or short_code" },
+        limit: { type: "number", default: 20 }
+      },
+      required: ["query"]
     }
   },
+  {
+    name: "coffrify_get_transfer",
+    description: "Get full details of a transfer (files, settings, scan status).",
+    inputSchema: { type: "object", properties: { id: { type: "string" } }, required: ["id"] }
+  },
   {
     name: "coffrify_create_transfer",
-    description: "Create a new encrypted file transfer. Returns the transfer + share URL. Files must be uploaded separately to the presigned URLs returned.",
+    description: "Create a new encrypted file transfer. Returns the transfer + share URL.",
     inputSchema: {
       type: "object",
       properties: {
@@ -59,119 +75,123 @@ var TOOLS = [
         max_downloads: { type: "number" },
         password: { type: "string" },
         transfer_title: { type: "string" },
-        burn_after_read: { type: "boolean" }
+        burn_after_read: { type: "boolean" },
+        encryption_mode: { type: "string", enum: ["server_side", "e2e_v1"], default: "server_side" }
       },
       required: ["files"]
     }
   },
   {
     name: "coffrify_delete_transfer",
-    description: "Delete a transfer (immediate, irreversible).",
+    description: "Delete a transfer (irreversible).",
+    inputSchema: { type: "object", properties: { id: { type: "string" } }, required: ["id"] }
+  },
+  {
+    name: "coffrify_bulk_delete_transfers",
+    description: "Delete multiple transfers at once. Returns per-id success/failure.",
     inputSchema: {
       type: "object",
-      properties: { id: { type: "string" } },
-      required: ["id"]
+      properties: { ids: { type: "array", items: { type: "string" }, minItems: 1, maxItems: 100 } },
+      required: ["ids"]
     }
   },
   {
     name: "coffrify_list_webhooks",
-    description: "List configured webhook endpoints in the workspace.",
+    description: "List configured webhook endpoints.",
     inputSchema: { type: "object", properties: {} }
   },
   {
     name: "coffrify_create_webhook",
-    description: "Create a webhook subscription. Returns the webhook + a secret (shown once).",
+    description: "Create a webhook subscription. Returns the webhook + signing secret (shown once).",
     inputSchema: {
       type: "object",
       properties: {
         name: { type: "string" },
-        url: { type: "string", description: "HTTPS endpoint" },
-        events: {
-          type: "array",
-          items: {
-            type: "string",
-            enum: ["transfer.created", "transfer.downloaded", "transfer.expired", "transfer.deleted", "transfer.scanned", "transfer.cloned", "transfer.limit_reached"]
-          }
-        }
+        url: { type: "string" },
+        events: { type: "array", items: { type: "string", enum: eventEnum } },
+        description: { type: "string" }
       },
       required: ["name", "url", "events"]
     }
   },
   {
     name: "coffrify_test_webhook",
-    description: "Send a test ping event to a webhook to verify the endpoint is reachable.",
-    inputSchema: {
-      type: "object",
-      properties: { id: { type: "string" } },
-      required: ["id"]
-    }
+    description: "Send a test ping event to a webhook.",
+    inputSchema: { type: "object", properties: { id: { type: "string" } }, required: ["id"] }
   },
   {
     name: "coffrify_list_webhook_deliveries",
-    description: "List recent delivery attempts for a webhook (debug failures, see latency, replay).",
+    description: "List recent delivery attempts for a webhook.",
     inputSchema: {
       type: "object",
-      properties: {
-        webhook_id: { type: "string" },
-        limit: { type: "number", default: 20 }
-      },
+      properties: { webhook_id: { type: "string" }, limit: { type: "number", default: 20 } },
       required: ["webhook_id"]
     }
   },
   {
     name: "coffrify_replay_webhook_delivery",
-    description: "Replay a past webhook delivery (creates a new event_id).",
+    description: "Replay a past webhook delivery.",
+    inputSchema: { type: "object", properties: { delivery_id: { type: "string" } }, required: ["delivery_id"] }
+  },
+  {
+    name: "coffrify_list_webhook_event_types",
+    description: "Return the catalog of every supported webhook event type with descriptions, families, stability, and required plan.",
     inputSchema: {
       type: "object",
-      properties: { delivery_id: { type: "string" } },
-      required: ["delivery_id"]
+      properties: {
+        family: { type: "string", description: "Filter by family: transfer|workspace|api_key|webhook|scim|saml|audit|gdpr|system|member|api_token" }
+      }
     }
   },
   {
     name: "coffrify_list_api_keys",
-    description: "List API keys in the workspace (key values are hashed and never returned).",
+    description: "List API keys (key values are hashed and never returned).",
     inputSchema: { type: "object", properties: {} }
   },
   {
     name: "coffrify_create_api_key",
-    description: "Create a new API key. Returns the key value ONCE \u2014 must be stored securely. Specify scopes for least-privilege access.",
+    description: "Create a new API key. Returns the key value ONCE \u2014 store securely. Specify scopes for least-privilege access.",
     inputSchema: {
       type: "object",
       properties: {
         name: { type: "string" },
         description: { type: "string" },
         environment: { type: "string", enum: ["live", "test"], default: "live" },
-        scopes: {
-          type: "array",
-          items: { type: "string" },
-          description: "e.g. ['transfers:read', 'transfers:write', 'webhooks:manage']"
-        },
+        scopes: { type: "array", items: { type: "string" } },
         expires_in_days: { type: "number" },
-        allowed_ips: { type: "array", items: { type: "string" }, description: "CIDR allowlist" }
+        allowed_ips: { type: "array", items: { type: "string" } }
       },
       required: ["name"]
     }
   },
   {
     name: "coffrify_revoke_api_key",
-    description: "Revoke an API key (immediate, irreversible).",
+    description: "Revoke an API key (irreversible).",
+    inputSchema: { type: "object", properties: { id: { type: "string" } }, required: ["id"] }
+  },
+  {
+    name: "coffrify_rotate_api_key",
+    description: "Rotate an API key \u2014 mints a new one with same scopes. Old key revokes after grace_days (default 7, max 30).",
     inputSchema: {
       type: "object",
-      properties: { id: { type: "string" } },
+      properties: {
+        id: { type: "string" },
+        grace_days: { type: "number", default: 7 }
+      },
       required: ["id"]
     }
   },
   {
     name: "coffrify_query_audit_log",
-    description: "Query the workspace audit log. Pro tier: 30 days. Entreprise: 365 days. Filter by action, actor, time range.",
+    description: "Query the workspace audit log. Filter by action, actor, time range. Supports relative since (e.g. '24h').",
     inputSchema: {
       type: "object",
       properties: {
-        action: { type: "string", description: "e.g. 'transfer.downloaded'" },
+        action: { type: "string" },
         actor_id: { type: "string" },
         resource_type: { type: "string" },
-        since: { type: "string", description: "ISO date or relative (e.g. 24h ago)" },
-        until: { type: "string", description: "ISO date" },
+        since: { type: "string" },
+        until: { type: "string" },
         limit: { type: "number", default: 100 }
       }
     }
@@ -182,22 +202,196 @@ var TOOLS = [
     inputSchema: { type: "object", properties: {} }
   }
 ];
-server.setRequestHandler(ListToolsRequestSchema, async () => ({
-  tools: TOOLS
+server.setRequestHandler(ListResourcesRequestSchema, async () => ({
+  resources: [
+    { uri: "coffrify://transfers", name: "transfers", description: "All recent transfers (JSON list)", mimeType: "application/json" },
+    { uri: "coffrify://webhooks", name: "webhooks", description: "All webhook endpoints", mimeType: "application/json" },
+    { uri: "coffrify://api-keys", name: "api-keys", description: "All API keys (hashed)", mimeType: "application/json" },
+    { uri: "coffrify://events", name: "events", description: "Catalog of every supported webhook event type", mimeType: "application/json" },
+    { uri: "coffrify://workspace", name: "workspace", description: "Current workspace + scopes", mimeType: "application/json" },
+    { uri: "coffrify://audit", name: "audit", description: "Recent audit log entries (last 100)", mimeType: "application/json" }
+  ]
 }));
+server.setRequestHandler(ReadResourceRequestSchema, async (req) => {
+  const uri = req.params.uri;
+  let data;
+  if (uri === "coffrify://transfers") {
+    data = await coffrify.transfers.list({ limit: 50 });
+  } else if (uri.startsWith("coffrify://transfers/")) {
+    data = await coffrify.transfers.get(uri.split("/").pop());
+  } else if (uri === "coffrify://webhooks") {
+    data = await coffrify.webhooks.list();
+  } else if (uri.startsWith("coffrify://webhooks/")) {
+    const id = uri.split("/").pop();
+    const [hooks, deliveries] = await Promise.all([
+      coffrify.webhooks.list(),
+      coffrify.webhooks.deliveries(id, { limit: 10 }).catch(() => null)
+    ]);
+    const webhook = (hooks.webhooks ?? hooks.data ?? []).find((w) => w.id === id);
+    data = { webhook, recent_deliveries: deliveries };
+  } else if (uri === "coffrify://api-keys") {
+    data = await coffrify.apiKeys.list();
+  } else if (uri === "coffrify://events") {
+    data = { catalog: COFFRIFY_EVENT_CATALOG };
+  } else if (uri === "coffrify://workspace") {
+    data = await coffrify.http.request("GET", "/me");
+  } else if (uri === "coffrify://audit") {
+    data = await coffrify.audit.list({ limit: 100 });
+  } else {
+    throw new Error(`Unknown resource: ${uri}`);
+  }
+  return {
+    contents: [{ uri, mimeType: "application/json", text: JSON.stringify(data, null, 2) }]
+  };
+});
+var PROMPTS = [
+  {
+    name: "send_invoice",
+    description: "Compose and send an invoice file as a Coffrify transfer with sensible defaults.",
+    arguments: [
+      { name: "recipient_email", description: "Recipient email", required: true },
+      { name: "invoice_filename", description: "Filename of the invoice (e.g. INV-2026-001.pdf)", required: true },
+      { name: "expires_in_days", description: "Expiration window (default 30)", required: false }
+    ]
+  },
+  {
+    name: "audit_weekly",
+    description: "Pull the last 7 days of audit log and summarize unusual activity.",
+    arguments: []
+  },
+  {
+    name: "rotate_all_api_keys",
+    description: "Rotate every API key in the workspace with a 7-day grace window.",
+    arguments: []
+  },
+  {
+    name: "subscribe_to_security_events",
+    description: "Create a webhook subscribed to all security-relevant events (geo_blocked, password_failed, scan_infected, suspicious_usage, saml.login_failed).",
+    arguments: [
+      { name: "endpoint_url", description: "HTTPS endpoint to receive events", required: true }
+    ]
+  },
+  {
+    name: "investigate_transfer",
+    description: "Pull a transfer + its scan results + recent webhook deliveries to investigate an incident.",
+    arguments: [
+      { name: "short_code", description: "Short code or ID of the transfer", required: true }
+    ]
+  }
+];
+server.setRequestHandler(ListPromptsRequestSchema, async () => ({ prompts: PROMPTS }));
+server.setRequestHandler(GetPromptRequestSchema, async (req) => {
+  const { name, arguments: args = {} } = req.params;
+  const a = args;
+  switch (name) {
+    case "send_invoice":
+      return {
+        description: "Send an invoice via Coffrify",
+        messages: [{
+          role: "user",
+          content: {
+            type: "text",
+            text: `Send the file "${a.invoice_filename}" as a Coffrify transfer.
+Recipient: ${a.recipient_email}.
+Expiration: ${a.expires_in_days ?? "30"} days.
+Use the coffrify_create_transfer tool with: title="Invoice ${a.invoice_filename}", expires_in_hours=${parseInt(a.expires_in_days ?? "30", 10) * 24}, max_downloads=3.
+Then share the returned share_url with the recipient.`
+          }
+        }]
+      };
+    case "audit_weekly":
+      return {
+        description: "Weekly audit summary",
+        messages: [{
+          role: "user",
+          content: {
+            type: "text",
+            text: `Use coffrify_query_audit_log with since="7d" and limit=500 to fetch the last week of activity.
+Summarize:
+1. Top 5 most frequent actions
+2. Any failed/denied actions and what they indicate
+3. Unusual IP addresses or geo distributions
+4. Any api_key.suspicious_usage or saml.login_failed events
+Output a brief markdown report.`
+          }
+        }]
+      };
+    case "rotate_all_api_keys":
+      return {
+        description: "Rotate every API key with 7-day grace",
+        messages: [{
+          role: "user",
+          content: {
+            type: "text",
+            text: `1. Call coffrify_list_api_keys to get all active keys.
+2. For each key with status=active and not already rotated, call coffrify_rotate_api_key with grace_days=7.
+3. Report: { rotated_count, new_keys: [{ name, new_prefix, grace_until }] }.
+Stress that the new key values are returned ONCE \u2014 they must be saved immediately.`
+          }
+        }]
+      };
+    case "subscribe_to_security_events":
+      return {
+        description: "Wire a webhook to all security events",
+        messages: [{
+          role: "user",
+          content: {
+            type: "text",
+            text: `Call coffrify_create_webhook with:
+  name = "Security events"
+  url  = "${a.endpoint_url}"
+  events = ["transfer.password_failed", "transfer.geo_blocked", "transfer.scan_infected", "transfer.scan_quarantined",
+            "api_key.suspicious_usage", "api_key.expired", "api_key.revoked",
+            "saml.login_failed", "audit.policy_violated",
+            "webhook.endpoint_disabled", "workspace.payment_failed"]
+Print the returned signing secret to the user \u2014 it's shown only once.`
+          }
+        }]
+      };
+    case "investigate_transfer":
+      return {
+        description: "Investigate a transfer incident",
+        messages: [{
+          role: "user",
+          content: {
+            type: "text",
+            text: `Investigate transfer "${a.short_code}":
+1. Use coffrify_search_transfers query="${a.short_code}" to locate it.
+2. Call coffrify_get_transfer with the id to fetch full details (scan_status, downloads, password_protected).
+3. Call coffrify_query_audit_log with resource_id=<that id> since="30d" to pull related audit entries.
+4. List any recent webhook deliveries that mention this transfer.
+5. Output a timeline + a diagnosis of what happened.`
+          }
+        }]
+      };
+    default:
+      throw new Error(`Unknown prompt: ${name}`);
+  }
+});
+server.setRequestHandler(ListToolsRequestSchema, async () => ({ tools: TOOLS }));
 server.setRequestHandler(CallToolRequestSchema, async (request) => {
   const { name, arguments: args = {} } = request.params;
   try {
     let result;
+    const a = args;
     switch (name) {
       case "coffrify_list_transfers":
-        result = await coffrify.transfers.list(args);
+        result = await coffrify.transfers.list(a);
+        break;
+      case "coffrify_search_transfers": {
+        const list = await coffrify.transfers.list({ limit: 100 });
+        const arr = list.transfers ?? list.data ?? [];
+        const q = a.query.toLowerCase();
+        const matches = arr.filter(
+          (t) => (t.transfer_title ?? "").toLowerCase().includes(q) || (t.short_code ?? "").toLowerCase().startsWith(q)
+        ).slice(0, a.limit ?? 20);
+        result = { matches, total: matches.length };
         break;
+      }
       case "coffrify_get_transfer":
-        result = await coffrify.transfers.get(args.id);
+        result = await coffrify.transfers.get(a.id);
         break;
-      case "coffrify_create_transfer": {
-        const a = args;
+      case "coffrify_create_transfer":
         result = await coffrify.transfers.create(a.files, {
           expires_in_hours: a.expires_in_hours,
           max_downloads: a.max_downloads,
@@ -206,68 +400,92 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
           burn_after_read: a.burn_after_read
         });
         break;
-      }
       case "coffrify_delete_transfer":
-        result = await coffrify.transfers.delete(args.id);
+        result = await coffrify.transfers.delete(a.id);
         break;
+      case "coffrify_bulk_delete_transfers": {
+        const out = [];
+        for (const id of a.ids) {
+          try {
+            await coffrify.transfers.delete(id);
+            out.push({ id, ok: true });
+          } catch (e) {
+            out.push({ id, ok: false, error: e?.message ?? String(e) });
+          }
+        }
+        result = { results: out, ok_count: out.filter((r) => r.ok).length };
+        break;
+      }
       case "coffrify_list_webhooks":
         result = await coffrify.webhooks.list();
         break;
-      case "coffrify_create_webhook": {
-        const a = args;
-        result = await coffrify.webhooks.create({ name: a.name, url: a.url, events: a.events });
+      case "coffrify_create_webhook":
+        result = await coffrify.webhooks.create({
+          name: a.name,
+          url: a.url,
+          events: a.events,
+          description: a.description
+        });
         break;
-      }
       case "coffrify_test_webhook":
-        result = await coffrify.webhooks.test(args.id);
+        result = await coffrify.webhooks.test(a.id);
         break;
-      case "coffrify_list_webhook_deliveries": {
-        const a = args;
+      case "coffrify_list_webhook_deliveries":
         result = await coffrify.webhooks.deliveries(a.webhook_id, { limit: a.limit });
         break;
-      }
       case "coffrify_replay_webhook_delivery":
-        result = await coffrify.webhooks.replay(args.delivery_id);
+        result = await coffrify.webhooks.replay(a.delivery_id);
         break;
+      case "coffrify_list_webhook_event_types": {
+        const filtered = a.family ? COFFRIFY_EVENT_CATALOG.filter((e) => e.family === a.family) : COFFRIFY_EVENT_CATALOG;
+        result = { events: filtered, total: filtered.length };
+        break;
+      }
       case "coffrify_list_api_keys":
         result = await coffrify.apiKeys.list();
         break;
       case "coffrify_create_api_key":
-        result = await coffrify.apiKeys.create(args);
+        result = await coffrify.apiKeys.create(a);
         break;
       case "coffrify_revoke_api_key":
-        result = await coffrify.apiKeys.revoke(args.id);
+        result = await coffrify.apiKeys.revoke(a.id);
+        break;
+      case "coffrify_rotate_api_key":
+        result = await coffrify.http.request(
+          "POST",
+          `/api-keys/${encodeURIComponent(a.id)}/rotate`,
+          { grace_days: a.grace_days ?? 7 }
+        );
         break;
       case "coffrify_query_audit_log": {
-        const a = args;
         let since = a.since;
         if (since && /^\d+[hdw]$/.test(since)) {
           const m = since.match(/^(\d+)([hdw])$/);
-          const n = parseInt(m[1]);
+          const n = parseInt(m[1], 10);
           const ms = m[2] === "h" ? n * 36e5 : m[2] === "d" ? n * 864e5 : n * 7 * 864e5;
           since = new Date(Date.now() - ms).toISOString();
         }
         result = await coffrify.audit.list({ ...a, since });
         break;
       }
-      case "coffrify_get_workspace_info": {
+      case "coffrify_get_workspace_info":
         result = await coffrify.http.request("GET", "/me");
         break;
-      }
       default:
         throw new Error(`Unknown tool: ${name}`);
     }
-    return {
-      content: [{ type: "text", text: JSON.stringify(result, null, 2) }]
-    };
+    return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
   } catch (e) {
     return {
-      content: [{ type: "text", text: `Error: ${e?.message ?? "unknown"}
-${JSON.stringify(e?.details ?? {}, null, 2)}` }],
+      content: [{
+        type: "text",
+        text: `Error: ${e?.message ?? "unknown"}
+${JSON.stringify(e?.details ?? {}, null, 2)}`
+      }],
       isError: true
     };
   }
 });
 var transport = new StdioServerTransport();
 await server.connect(transport);
-console.error("[coffrify-mcp] Server connected via stdio");
+console.error("[coffrify-mcp] v0.2.0 connected via stdio (Tools + Resources + Prompts)");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@coffrify/mcp",
-  "version": "0.1.2",
+  "version": "0.2.0",
   "description": "Coffrify MCP server — gives Claude/Cursor/Windsurf agents direct access to Coffrify (transfers, webhooks, audit, API keys).",
   "type": "module",
   "bin": {
@@ -29,7 +29,7 @@
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.0.0",
     "zod": "^3.23.8",
-    "@coffrify/sdk": "0.3.6"
+    "@coffrify/sdk": "0.4.0"
   },
   "devDependencies": {
     "@types/node": "^22.0.0",