@commerce.io/mcp 0.1.0

package/package.json

@@ -0,0 +1,15 @@
+{
+  "name": "@commerce.io/mcp",
+  "version": "0.1.0",
+  "type": "module",
+  "bin": {
+    "commerce-mcp": "./src/cli.mjs"
+  },
+  "scripts": {
+    "lint": "eslint src",
+    "clean": "rm -rf dist"
+  },
+  "devDependencies": {
+    "typescript": "^5.6.0"
+  }
+}

package/src/cli.mjs

@@ -0,0 +1,105 @@
+#!/usr/bin/env node
+import { randomUUID } from 'node:crypto';
+import { createInterface } from 'node:readline';
+
+function parseArgs() {
+  const args = process.argv.slice(2);
+  const urlIdx = args.indexOf('--url');
+  if (urlIdx === -1 || urlIdx + 1 >= args.length) {
+    process.stderr.write('Usage: npx @commerce/mcp --url <mcp-endpoint-url>\n');
+    process.exit(1);
+  }
+  return { remoteUrl: args[urlIdx + 1] };
+}
+
+const { remoteUrl } = parseArgs();
+
+const rl = createInterface({ input: process.stdin, crlfDelay: Infinity });
+let sessionId = null;
+let bearerToken = null;
+let authPollTimer = null;
+
+function send(msg) {
+  process.stdout.write(JSON.stringify(msg) + '\n');
+}
+
+async function mcpFetch(reqBody) {
+  const headers = { 'content-type': 'application/json' };
+  if (bearerToken !== null) headers['authorization'] = `Bearer ${bearerToken}`;
+  if (sessionId !== null && reqBody.method !== 'initialize') headers['mcp-session-id'] = sessionId;
+  const res = await fetch(remoteUrl, { method: 'POST', headers, body: JSON.stringify(reqBody) });
+  const text = await res.text();
+  if (reqBody.method === 'initialize') {
+    const newSession = res.headers.get('mcp-session-id');
+    if (newSession !== null) sessionId = newSession;
+  }
+  if (res.status === 404) {
+    try { const b = JSON.parse(text); if (b?.error?.message === 'Session not found') sessionId = null; } catch {}
+  }
+  return { text, status: res.status };
+}
+
+function captureToken(text) {
+  try {
+    const body = JSON.parse(text);
+    const sc = body?.result?.structuredContent ?? body?.result ?? body?.ucp;
+    if (sc?.access_token) bearerToken = sc.access_token;
+  } catch {}
+}
+
+function startAuthPolling(deviceCode, interval) {
+  if (authPollTimer) clearInterval(authPollTimer);
+  const ms = Math.max(3000, (interval || 5) * 1000);
+  authPollTimer = setInterval(async () => {
+    const { text } = await mcpFetch({
+      jsonrpc: '2.0',
+      id: 'poll-' + Date.now(),
+      method: 'tools/call',
+      params: { name: 'customer.auth_status', arguments: { device_code: deviceCode } },
+    });
+    try {
+      const body = JSON.parse(text);
+      const sc = body?.result?.structuredContent ?? body?.result;
+      if (sc?.status === 'completed' && sc?.access_token) {
+        bearerToken = sc.access_token;
+        clearInterval(authPollTimer);
+        authPollTimer = null;
+      }
+    } catch {}
+  }, ms);
+}
+
+for await (const line of rl) {
+  if (!line.trim()) continue;
+
+  let req;
+  try { req = JSON.parse(line); } catch {
+    send({ jsonrpc: '2.0', id: null, error: { code: -32700, message: 'Parse error' } });
+    continue;
+  }
+
+  if (req.method === 'tools/call' && req.params) {
+    req.params.meta ??= {};
+    req.params.meta['idempotency-key'] ??= randomUUID();
+  }
+
+  try {
+    const { text } = await mcpFetch(req);
+    captureToken(text);
+
+    if (req.method === 'tools/call' && req.params?.name === 'customer.authenticate') {
+      try {
+        const body = JSON.parse(text);
+        const sc = body?.result?.structuredContent ?? body?.result;
+        if (sc?.device_code && sc?.interval) {
+          startAuthPolling(sc.device_code, sc.interval);
+        }
+      } catch {}
+    }
+
+    process.stdout.write(text + '\n');
+  } catch (err) {
+    if (req.method !== 'initialize') sessionId = null;
+    send({ jsonrpc: '2.0', id: req.id ?? null, error: { code: -32603, message: err.message } });
+  }
+}