npm - @epicdm/flowstate-mcp-gateway - Versions diffs - 1.0.0 - Mend

@epicdm/flowstate-mcp-gateway 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/dist/cli.mjs ADDED Viewed

@@ -0,0 +1,372 @@
+#!/usr/bin/env node
+// src/server.ts
+import express from "express";
+import cors from "cors";
+import { FlowStateMCPServer } from "@epicdm/flowstate-mcp";
+// src/InMemoryTransport.ts
+import { EventEmitter } from "events";
+var InMemoryTransport = class {
+  sessionId;
+  onclose;
+  onerror;
+  onmessage;
+  started = false;
+  emitter = new EventEmitter();
+  responseHandlers = /* @__PURE__ */ new Map();
+  async start() {
+    this.started = true;
+    this.sessionId = `inmemory-${Date.now()}-${Math.random().toString(36).substring(7)}`;
+  }
+  async send(message) {
+    if (!this.started) {
+      throw new Error("Transport not started");
+    }
+    if ("result" in message || "error" in message) {
+      const response = message;
+      const handler = this.responseHandlers.get(response.id);
+      if (handler) {
+        handler(message);
+        this.responseHandlers.delete(response.id);
+      }
+    }
+  }
+  async close() {
+    this.started = false;
+    this.responseHandlers.clear();
+    this.onclose?.();
+  }
+  setProtocolVersion(version) {
+  }
+  /**
+   * Send a request and wait for response
+   * Used by the gateway to make programmatic requests
+   */
+  async sendRequest(request) {
+    if (!this.started) {
+      throw new Error("Transport not started");
+    }
+    return new Promise((resolve2, reject) => {
+      const req = request;
+      const timeout = setTimeout(() => {
+        this.responseHandlers.delete(req.id);
+        reject(new Error("Request timeout"));
+      }, 6e4);
+      this.responseHandlers.set(req.id, (response) => {
+        clearTimeout(timeout);
+        resolve2(response);
+      });
+      if (this.onmessage) {
+        this.onmessage(request);
+      } else {
+        reject(new Error("Transport not connected to server"));
+      }
+    });
+  }
+};
+// src/server.ts
+var MCPGatewayServer = class {
+  app;
+  mcpServer;
+  config;
+  isInitialized = false;
+  httpServer;
+  transport;
+  constructor(config2) {
+    this.config = config2;
+    this.app = express();
+    this.mcpServer = new FlowStateMCPServer({
+      rxdbServerUrl: config2.rxdbServerUrl,
+      domainId: config2.domainId,
+      projectPath: config2.projectPath || process.cwd(),
+      ...config2.userId && { userId: config2.userId },
+      ...config2.orgId && { orgId: config2.orgId }
+    });
+    this.setupMiddleware();
+    this.setupRoutes();
+  }
+  /**
+   * Get list of tools from MCP server
+   *
+   * WARNING: This method accesses internal MCP server API via type casting.
+   * This is necessary because FlowStateMCPServer doesn't expose a public method
+   * for listing tools. The underlying server.request() method is used directly.
+   *
+   * RISKS:
+   * - Internal API may change without notice in future versions
+   * - Type casting bypasses TypeScript safety checks
+   * - May break if FlowStateMCPServer implementation changes
+   *
+   * TODO: Consider requesting a public API method in FlowStateMCPServer
+   * for listing and calling tools to avoid internal API access.
+   */
+  async listTools() {
+    if (!this.transport) {
+      return [];
+    }
+    const request = {
+      jsonrpc: "2.0",
+      id: Date.now(),
+      method: "tools/list"
+    };
+    const response = await this.transport.sendRequest(request);
+    if ("error" in response) {
+      throw new Error(response.error.message || "Failed to list tools");
+    }
+    return response.result?.tools || [];
+  }
+  /**
+   * Call a tool on the MCP server
+   *
+   * WARNING: This method accesses internal MCP server API via type casting.
+   * This is necessary because FlowStateMCPServer doesn't expose a public method
+   * for calling tools. The underlying server.request() method is used directly.
+   *
+   * RISKS:
+   * - Internal API may change without notice in future versions
+   * - Type casting bypasses TypeScript safety checks
+   * - May break if FlowStateMCPServer implementation changes
+   *
+   * TODO: Consider requesting a public API method in FlowStateMCPServer
+   * for listing and calling tools to avoid internal API access.
+   *
+   * NOTE: The MCP SDK's server.request() method appears to require the request
+   * object to be passed twice (once as the request, once as params). This seems
+   * to be how the underlying MCP SDK expects the call to be structured based on
+   * the protocol specification.
+   */
+  async callTool(toolName, args) {
+    if (!this.transport) {
+      throw new Error("MCP server not available");
+    }
+    const request = {
+      jsonrpc: "2.0",
+      id: Date.now(),
+      method: "tools/call",
+      params: {
+        name: toolName,
+        arguments: args
+      }
+    };
+    const response = await this.transport.sendRequest(request);
+    if ("error" in response) {
+      throw new Error(response.error.message || "Failed to call tool");
+    }
+    return response.result?.content?.[0]?.text || response.result;
+  }
+  setupMiddleware() {
+    this.app.use(
+      cors({
+        origin: this.config.corsOrigins || "*",
+        methods: ["GET", "POST", "OPTIONS"],
+        allowedHeaders: ["Content-Type", "Authorization"]
+      })
+    );
+    this.app.use(express.json());
+    this.app.use(express.urlencoded({ extended: true }));
+    this.app.use((req, res, next) => {
+      console.log(`${(/* @__PURE__ */ new Date()).toISOString()} ${req.method} ${req.path}`);
+      next();
+    });
+  }
+  /**
+   * Extract and forward auth token from request to MCP server
+   *
+   * This enables per-request auth so each API call can use its own token,
+   * rather than relying on the initial config token.
+   */
+  updateAuthFromRequest(req) {
+    const authHeader = req.headers["authorization"];
+    if (!authHeader) {
+      console.log("[MCP Gateway] No Authorization header in request");
+      return;
+    }
+    const token = authHeader.toString().replace("Bearer ", "");
+    if (!token) {
+      console.log("[MCP Gateway] Empty token after Bearer prefix removal");
+      return;
+    }
+    if (!token.startsWith("eyJ") && !token.startsWith("epic_")) {
+      console.log(`[MCP Gateway] Invalid token format (starts with: ${token.substring(0, 10)}...)`);
+      return;
+    }
+    try {
+      ;
+      this.mcpServer.config.authToken = token;
+      console.log("[MCP Gateway] Auth token updated from request");
+    } catch (error) {
+      console.error("[MCP Gateway] Failed to update auth config:", error);
+    }
+  }
+  setupRoutes() {
+    this.app.get("/health", (req, res) => {
+      res.json({
+        status: "ok",
+        initialized: this.isInitialized,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      });
+    });
+    this.app.get("/mcp/tools", async (req, res) => {
+      try {
+        if (!this.isInitialized) {
+          return res.status(503).json({
+            error: "Server not initialized"
+          });
+        }
+        this.updateAuthFromRequest(req);
+        const tools = await this.listTools();
+        res.json({ tools });
+      } catch (error) {
+        console.error("Error listing tools:", error);
+        res.status(500).json({
+          error: error instanceof Error ? error.message : "Unknown error"
+        });
+      }
+    });
+    this.app.post("/mcp/tools/call", async (req, res) => {
+      try {
+        if (!this.isInitialized) {
+          return res.status(503).json({
+            success: false,
+            error: "Server not initialized"
+          });
+        }
+        this.updateAuthFromRequest(req);
+        const { toolName, arguments: args } = req.body;
+        if (!toolName) {
+          return res.status(400).json({
+            success: false,
+            error: "toolName is required"
+          });
+        }
+        const result = await this.callTool(toolName, args || {});
+        const response = {
+          success: true,
+          result
+        };
+        res.json(response);
+      } catch (error) {
+        console.error("Error calling tool:", error);
+        const response = {
+          success: false,
+          error: error instanceof Error ? error.message : "Unknown error"
+        };
+        res.status(500).json(response);
+      }
+    });
+  }
+  async initialize() {
+    await this.mcpServer.initialize();
+    this.transport = new InMemoryTransport();
+    const server = this.mcpServer.server;
+    if (server) {
+      await server.connect(this.transport);
+    }
+    this.isInitialized = true;
+    console.log("MCP Gateway initialized");
+  }
+  async start() {
+    await this.initialize();
+    return new Promise((resolve2) => {
+      this.httpServer = this.app.listen(this.config.port, this.config.host, () => {
+        console.log(`MCP Gateway listening on http://${this.config.host}:${this.config.port}`);
+        resolve2();
+      });
+    });
+  }
+  async close() {
+    if (this.httpServer) {
+      await new Promise((resolve2, reject) => {
+        this.httpServer.close((err) => {
+          if (err) {
+            console.error("Error closing HTTP server:", err);
+            reject(err);
+          } else {
+            console.log("HTTP server closed");
+            resolve2();
+          }
+        });
+      });
+    }
+    await this.mcpServer.close();
+    console.log("MCP Gateway closed");
+  }
+};
+// src/cli.ts
+import { config } from "dotenv";
+import { resolve } from "path";
+config({ path: resolve(process.cwd(), ".env") });
+var isShuttingDown = false;
+process.on("unhandledRejection", (reason, promise) => {
+  console.error("Unhandled Rejection at:", promise, "reason:", reason);
+  process.exit(1);
+});
+process.on("uncaughtException", (error) => {
+  console.error("Uncaught Exception:", error);
+  process.exit(1);
+});
+async function main() {
+  const gatewayConfig = {
+    port: parseInt(process.env.MCP_GATEWAY_PORT || "7081", 10),
+    host: process.env.MCP_GATEWAY_HOST || "0.0.0.0",
+    rxdbServerUrl: process.env.RXDB_SERVER_URL || "",
+    authToken: process.env.RXDB_AUTH_TOKEN || "",
+    domainId: process.env.RXDB_DOMAIN_ID || "",
+    projectPath: process.env.PROJECT_PATH,
+    userId: process.env.USER_ID,
+    orgId: process.env.ORG_ID,
+    corsOrigins: process.env.CORS_ORIGINS?.split(",")
+  };
+  if (!gatewayConfig.rxdbServerUrl) {
+    console.error("ERROR: RXDB_SERVER_URL is required");
+    process.exit(1);
+  }
+  if (!gatewayConfig.authToken) {
+    console.error("ERROR: RXDB_AUTH_TOKEN is required");
+    process.exit(1);
+  }
+  if (!gatewayConfig.domainId) {
+    console.error("ERROR: RXDB_DOMAIN_ID is required");
+    process.exit(1);
+  }
+  console.log("MCP Gateway starting with configuration:");
+  console.log(`  Port: ${gatewayConfig.port}`);
+  console.log(`  Host: ${gatewayConfig.host}`);
+  console.log(`  RxDB Server URL: ${gatewayConfig.rxdbServerUrl}`);
+  console.log(`  Domain ID: ${gatewayConfig.domainId}`);
+  console.log(`  Project Path: ${gatewayConfig.projectPath || "not set"}`);
+  console.log(`  User ID: ${gatewayConfig.userId || "not set"}`);
+  console.log(`  Org ID: ${gatewayConfig.orgId || "not set"}`);
+  console.log(`  CORS Origins: ${gatewayConfig.corsOrigins?.join(", ") || "not set"}`);
+  const server = new MCPGatewayServer(gatewayConfig);
+  const gracefulShutdown = async (signal) => {
+    if (isShuttingDown) {
+      console.log("Shutdown already in progress, ignoring signal:", signal);
+      return;
+    }
+    isShuttingDown = true;
+    console.log(`
+Received ${signal}, shutting down gracefully...`);
+    try {
+      await server.close();
+      console.log("Server closed successfully");
+      process.exit(0);
+    } catch (error) {
+      console.error("Error during shutdown:", error);
+      process.exit(1);
+    }
+  };
+  process.on("SIGINT", () => gracefulShutdown("SIGINT"));
+  process.on("SIGTERM", () => gracefulShutdown("SIGTERM"));
+  try {
+    await server.start();
+  } catch (error) {
+    console.error("Failed to start MCP Gateway:", error);
+    process.exit(1);
+  }
+}
+main();
+//# sourceMappingURL=cli.mjs.map

package/dist/cli.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/server.ts","../src/InMemoryTransport.ts","../src/cli.ts"],"sourcesContent":["// Copyright 2026 Epic Digital Interactive Media LLC\n// SPDX-License-Identifier: Apache-2.0\n\nimport express, { Express, Request, Response } from 'express'\nimport cors from 'cors'\nimport { FlowStateMCPServer } from '@epicdm/flowstate-mcp'\nimport { InMemoryTransport } from './InMemoryTransport'\nimport type { MCPGatewayConfig, ToolCallRequest, ToolCallResponse } from './types'\n\nexport class MCPGatewayServer {\n private app: Express\n private mcpServer: FlowStateMCPServer\n private config: MCPGatewayConfig\n private isInitialized = false\n private httpServer?: ReturnType<Express['listen']>\n private transport?: InMemoryTransport\n\n constructor(config: MCPGatewayConfig) {\n this.config = config\n this.app = express()\n\n // Initialize MCP Server\n this.mcpServer = new FlowStateMCPServer({\n rxdbServerUrl: config.rxdbServerUrl,\n domainId: config.domainId,\n projectPath: config.projectPath || process.cwd(),\n ...(config.userId && { userId: config.userId }),\n ...(config.orgId && { orgId: config.orgId }),\n } as any)\n\n this.setupMiddleware()\n this.setupRoutes()\n }\n\n /**\n * Get list of tools from MCP server\n *\n * WARNING: This method accesses internal MCP server API via type casting.\n * This is necessary because FlowStateMCPServer doesn't expose a public method\n * for listing tools. The underlying server.request() method is used directly.\n *\n * RISKS:\n * - Internal API may change without notice in future versions\n * - Type casting bypasses TypeScript safety checks\n * - May break if FlowStateMCPServer implementation changes\n *\n * TODO: Consider requesting a public API method in FlowStateMCPServer\n * for listing and calling tools to avoid internal API access.\n */\n private async listTools(): Promise<any[]> {\n if (!this.transport) {\n return []\n }\n\n // Send request through transport\n const request = {\n jsonrpc: '2.0' as const,\n id: Date.now(),\n method: 'tools/list' as const,\n }\n\n const response: any = await this.transport.sendRequest(request)\n\n if ('error' in response) {\n throw new Error(response.error.message || 'Failed to list tools')\n }\n\n return response.result?.tools || []\n }\n\n /**\n * Call a tool on the MCP server\n *\n * WARNING: This method accesses internal MCP server API via type casting.\n * This is necessary because FlowStateMCPServer doesn't expose a public method\n * for calling tools. The underlying server.request() method is used directly.\n *\n * RISKS:\n * - Internal API may change without notice in future versions\n * - Type casting bypasses TypeScript safety checks\n * - May break if FlowStateMCPServer implementation changes\n *\n * TODO: Consider requesting a public API method in FlowStateMCPServer\n * for listing and calling tools to avoid internal API access.\n *\n * NOTE: The MCP SDK's server.request() method appears to require the request\n * object to be passed twice (once as the request, once as params). This seems\n * to be how the underlying MCP SDK expects the call to be structured based on\n * the protocol specification.\n */\n private async callTool(toolName: string, args: Record<string, any>): Promise<any> {\n if (!this.transport) {\n throw new Error('MCP server not available')\n }\n\n // Send request through transport\n const request = {\n jsonrpc: '2.0' as const,\n id: Date.now(),\n method: 'tools/call' as const,\n params: {\n name: toolName,\n arguments: args,\n },\n }\n\n const response: any = await this.transport.sendRequest(request)\n\n if ('error' in response) {\n throw new Error(response.error.message || 'Failed to call tool')\n }\n\n return response.result?.content?.[0]?.text || response.result\n }\n\n private setupMiddleware(): void {\n // CORS\n this.app.use(\n cors({\n origin: this.config.corsOrigins || '*',\n methods: ['GET', 'POST', 'OPTIONS'],\n allowedHeaders: ['Content-Type', 'Authorization'],\n })\n )\n\n // Body parsing\n this.app.use(express.json())\n this.app.use(express.urlencoded({ extended: true }))\n\n // Request logging\n this.app.use((req, res, next) => {\n console.log(`${new Date().toISOString()} ${req.method} ${req.path}`)\n next()\n })\n }\n\n /**\n * Extract and forward auth token from request to MCP server\n *\n * This enables per-request auth so each API call can use its own token,\n * rather than relying on the initial config token.\n */\n private updateAuthFromRequest(req: Request): void {\n const authHeader = req.headers['authorization']\n if (!authHeader) {\n console.log('[MCP Gateway] No Authorization header in request')\n return\n }\n\n const token = authHeader.toString().replace('Bearer ', '')\n if (!token) {\n console.log('[MCP Gateway] Empty token after Bearer prefix removal')\n return\n }\n\n // Only accept valid-looking tokens (JWT or API tokens)\n if (!token.startsWith('eyJ') && !token.startsWith('epic_')) {\n console.log(`[MCP Gateway] Invalid token format (starts with: ${token.substring(0, 10)}...)`)\n return\n }\n\n try {\n ;(this.mcpServer as any).config.authToken = token\n console.log('[MCP Gateway] Auth token updated from request')\n } catch (error) {\n console.error('[MCP Gateway] Failed to update auth config:', error)\n }\n }\n\n private setupRoutes(): void {\n // Health check\n this.app.get('/health', (req: Request, res: Response) => {\n res.json({\n status: 'ok',\n initialized: this.isInitialized,\n timestamp: new Date().toISOString(),\n })\n })\n\n // List available tools\n this.app.get('/mcp/tools', async (req: Request, res: Response) => {\n try {\n if (!this.isInitialized) {\n return res.status(503).json({\n error: 'Server not initialized',\n })\n }\n\n // Forward per-request auth to MCP server\n this.updateAuthFromRequest(req)\n\n const tools = await this.listTools()\n res.json({ tools })\n } catch (error) {\n console.error('Error listing tools:', error)\n res.status(500).json({\n error: error instanceof Error ? error.message : 'Unknown error',\n })\n }\n })\n\n // Execute a tool\n this.app.post('/mcp/tools/call', async (req: Request, res: Response) => {\n try {\n if (!this.isInitialized) {\n return res.status(503).json({\n success: false,\n error: 'Server not initialized',\n })\n }\n\n // Forward per-request auth to MCP server\n this.updateAuthFromRequest(req)\n\n const { toolName, arguments: args } = req.body as ToolCallRequest\n\n if (!toolName) {\n return res.status(400).json({\n success: false,\n error: 'toolName is required',\n })\n }\n\n const result = await this.callTool(toolName, args || {})\n\n const response: ToolCallResponse = {\n success: true,\n result,\n }\n\n res.json(response)\n } catch (error) {\n console.error('Error calling tool:', error)\n const response: ToolCallResponse = {\n success: false,\n error: error instanceof Error ? error.message : 'Unknown error',\n }\n res.status(500).json(response)\n }\n })\n }\n\n async initialize(): Promise<void> {\n await this.mcpServer.initialize()\n\n // Connect the MCP server to an in-memory transport\n // This is required for the MCP SDK to handle requests\n this.transport = new InMemoryTransport()\n const server = (this.mcpServer as any).server\n if (server) {\n await server.connect(this.transport)\n }\n\n this.isInitialized = true\n console.log('MCP Gateway initialized')\n }\n\n async start(): Promise<void> {\n await this.initialize()\n\n return new Promise(resolve => {\n this.httpServer = this.app.listen(this.config.port, this.config.host, () => {\n console.log(`MCP Gateway listening on http://${this.config.host}:${this.config.port}`)\n resolve()\n })\n })\n }\n\n async close(): Promise<void> {\n // Close HTTP server first\n if (this.httpServer) {\n await new Promise<void>((resolve, reject) => {\n this.httpServer!.close(err => {\n if (err) {\n console.error('Error closing HTTP server:', err)\n reject(err)\n } else {\n console.log('HTTP server closed')\n resolve()\n }\n })\n })\n }\n\n // Then close MCP server\n await this.mcpServer.close()\n console.log('MCP Gateway closed')\n }\n}\n","// Copyright 2026 Epic Digital Interactive Media LLC\n// SPDX-License-Identifier: Apache-2.0\n\nimport type { Transport } from '@modelcontextprotocol/sdk/shared/transport.js';\nimport type { JSONRPCMessage, JSONRPCRequest, JSONRPCResponse, JSONRPCErrorResponse } from '@modelcontextprotocol/sdk/types.js';\nimport { EventEmitter } from 'events';\n\n/**\n * In-Memory Transport for programmatic MCP server usage\n *\n * This transport creates a bidirectional message channel that allows\n * the MCP server to be used programmatically without stdio/SSE.\n */\nexport class InMemoryTransport implements Transport {\n sessionId?: string;\n onclose?: () => void;\n onerror?: (error: Error) => void;\n onmessage?: (message: JSONRPCMessage) => void;\n\n private started = false;\n private emitter = new EventEmitter();\n private responseHandlers = new Map<string | number, (response: JSONRPCMessage) => void>();\n\n async start(): Promise<void> {\n this.started = true;\n this.sessionId = `inmemory-${Date.now()}-${Math.random().toString(36).substring(7)}`;\n }\n\n async send(message: JSONRPCMessage): Promise<void> {\n if (!this.started) {\n throw new Error('Transport not started');\n }\n\n // If this is a response (has 'result' or 'error' and 'id')\n if ('result' in message || 'error' in message) {\n const response = message as JSONRPCResponse | JSONRPCErrorResponse;\n const handler = this.responseHandlers.get(response.id!);\n if (handler) {\n handler(message);\n this.responseHandlers.delete(response.id!);\n }\n }\n }\n\n async close(): Promise<void> {\n this.started = false;\n this.responseHandlers.clear();\n this.onclose?.();\n }\n\n setProtocolVersion?(version: string): void {\n // No-op for in-memory transport\n }\n\n /**\n * Send a request and wait for response\n * Used by the gateway to make programmatic requests\n */\n async sendRequest(request: JSONRPCMessage): Promise<JSONRPCMessage> {\n if (!this.started) {\n throw new Error('Transport not started');\n }\n\n return new Promise((resolve, reject) => {\n const req = request as JSONRPCRequest;\n const timeout = setTimeout(() => {\n this.responseHandlers.delete(req.id);\n reject(new Error('Request timeout'));\n }, 60000);\n\n this.responseHandlers.set(req.id, (response) => {\n clearTimeout(timeout);\n resolve(response);\n });\n\n // Route request to server's message handler\n if (this.onmessage) {\n this.onmessage(request);\n } else {\n reject(new Error('Transport not connected to server'));\n }\n });\n }\n}\n","#!/usr/bin/env node\n// Copyright 2026 Epic Digital Interactive Media LLC\n// SPDX-License-Identifier: Apache-2.0\n\nimport { MCPGatewayServer } from './server';\nimport { config } from 'dotenv';\nimport { resolve } from 'path';\n\n// Load environment variables\nconfig({ path: resolve(process.cwd(), '.env') });\n\n// Shutdown guard to prevent race conditions\nlet isShuttingDown = false;\n\n// Global error handlers\nprocess.on('unhandledRejection', (reason, promise) => {\n console.error('Unhandled Rejection at:', promise, 'reason:', reason);\n process.exit(1);\n});\n\nprocess.on('uncaughtException', (error) => {\n console.error('Uncaught Exception:', error);\n process.exit(1);\n});\n\nasync function main() {\n const gatewayConfig = {\n port: parseInt(process.env.MCP_GATEWAY_PORT || '7081', 10),\n host: process.env.MCP_GATEWAY_HOST || '0.0.0.0',\n rxdbServerUrl: process.env.RXDB_SERVER_URL || '',\n authToken: process.env.RXDB_AUTH_TOKEN || '',\n domainId: process.env.RXDB_DOMAIN_ID || '',\n projectPath: process.env.PROJECT_PATH,\n userId: process.env.USER_ID,\n orgId: process.env.ORG_ID,\n corsOrigins: process.env.CORS_ORIGINS?.split(','),\n };\n\n // Validate required config\n if (!gatewayConfig.rxdbServerUrl) {\n console.error('ERROR: RXDB_SERVER_URL is required');\n process.exit(1);\n }\n if (!gatewayConfig.authToken) {\n console.error('ERROR: RXDB_AUTH_TOKEN is required');\n process.exit(1);\n }\n if (!gatewayConfig.domainId) {\n console.error('ERROR: RXDB_DOMAIN_ID is required');\n process.exit(1);\n }\n\n // Log non-sensitive configuration on startup\n console.log('MCP Gateway starting with configuration:');\n console.log(` Port: ${gatewayConfig.port}`);\n console.log(` Host: ${gatewayConfig.host}`);\n console.log(` RxDB Server URL: ${gatewayConfig.rxdbServerUrl}`);\n console.log(` Domain ID: ${gatewayConfig.domainId}`);\n console.log(` Project Path: ${gatewayConfig.projectPath || 'not set'}`);\n console.log(` User ID: ${gatewayConfig.userId || 'not set'}`);\n console.log(` Org ID: ${gatewayConfig.orgId || 'not set'}`);\n console.log(` CORS Origins: ${gatewayConfig.corsOrigins?.join(', ') || 'not set'}`);\n\n const server = new MCPGatewayServer(gatewayConfig);\n\n // Graceful shutdown handler\n const gracefulShutdown = async (signal: string) => {\n if (isShuttingDown) {\n console.log('Shutdown already in progress, ignoring signal:', signal);\n return;\n }\n\n isShuttingDown = true;\n console.log(`\\nReceived ${signal}, shutting down gracefully...`);\n\n try {\n await server.close();\n console.log('Server closed successfully');\n process.exit(0);\n } catch (error) {\n console.error('Error during shutdown:', error);\n process.exit(1);\n }\n };\n\n // Register signal handlers\n process.on('SIGINT', () => gracefulShutdown('SIGINT'));\n process.on('SIGTERM', () => gracefulShutdown('SIGTERM'));\n\n try {\n await server.start();\n } catch (error) {\n console.error('Failed to start MCP Gateway:', error);\n process.exit(1);\n }\n}\n\nmain();\n"],"mappings":";;;AAGA,OAAO,aAA6C;AACpD,OAAO,UAAU;AACjB,SAAS,0BAA0B;;;ACAnC,SAAS,oBAAoB;AAQtB,IAAM,oBAAN,MAA6C;AAAA,EAClD;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEQ,UAAU;AAAA,EACV,UAAU,IAAI,aAAa;AAAA,EAC3B,mBAAmB,oBAAI,IAAyD;AAAA,EAExF,MAAM,QAAuB;AAC3B,SAAK,UAAU;AACf,SAAK,YAAY,YAAY,KAAK,IAAI,CAAC,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,UAAU,CAAC,CAAC;AAAA,EACpF;AAAA,EAEA,MAAM,KAAK,SAAwC;AACjD,QAAI,CAAC,KAAK,SAAS;AACjB,YAAM,IAAI,MAAM,uBAAuB;AAAA,IACzC;AAGA,QAAI,YAAY,WAAW,WAAW,SAAS;AAC7C,YAAM,WAAW;AACjB,YAAM,UAAU,KAAK,iBAAiB,IAAI,SAAS,EAAG;AACtD,UAAI,SAAS;AACX,gBAAQ,OAAO;AACf,aAAK,iBAAiB,OAAO,SAAS,EAAG;AAAA,MAC3C;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,QAAuB;AAC3B,SAAK,UAAU;AACf,SAAK,iBAAiB,MAAM;AAC5B,SAAK,UAAU;AAAA,EACjB;AAAA,EAEA,mBAAoB,SAAuB;AAAA,EAE3C;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,YAAY,SAAkD;AAClE,QAAI,CAAC,KAAK,SAAS;AACjB,YAAM,IAAI,MAAM,uBAAuB;AAAA,IACzC;AAEA,WAAO,IAAI,QAAQ,CAACA,UAAS,WAAW;AACtC,YAAM,MAAM;AACZ,YAAM,UAAU,WAAW,MAAM;AAC/B,aAAK,iBAAiB,OAAO,IAAI,EAAE;AACnC,eAAO,IAAI,MAAM,iBAAiB,CAAC;AAAA,MACrC,GAAG,GAAK;AAER,WAAK,iBAAiB,IAAI,IAAI,IAAI,CAAC,aAAa;AAC9C,qBAAa,OAAO;AACpB,QAAAA,SAAQ,QAAQ;AAAA,MAClB,CAAC;AAGD,UAAI,KAAK,WAAW;AAClB,aAAK,UAAU,OAAO;AAAA,MACxB,OAAO;AACL,eAAO,IAAI,MAAM,mCAAmC,CAAC;AAAA,MACvD;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AD1EO,IAAM,mBAAN,MAAuB;AAAA,EACpB;AAAA,EACA;AAAA,EACA;AAAA,EACA,gBAAgB;AAAA,EAChB;AAAA,EACA;AAAA,EAER,YAAYC,SAA0B;AACpC,SAAK,SAASA;AACd,SAAK,MAAM,QAAQ;AAGnB,SAAK,YAAY,IAAI,mBAAmB;AAAA,MACtC,eAAeA,QAAO;AAAA,MACtB,UAAUA,QAAO;AAAA,MACjB,aAAaA,QAAO,eAAe,QAAQ,IAAI;AAAA,MAC/C,GAAIA,QAAO,UAAU,EAAE,QAAQA,QAAO,OAAO;AAAA,MAC7C,GAAIA,QAAO,SAAS,EAAE,OAAOA,QAAO,MAAM;AAAA,IAC5C,CAAQ;AAER,SAAK,gBAAgB;AACrB,SAAK,YAAY;AAAA,EACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,MAAc,YAA4B;AACxC,QAAI,CAAC,KAAK,WAAW;AACnB,aAAO,CAAC;AAAA,IACV;AAGA,UAAM,UAAU;AAAA,MACd,SAAS;AAAA,MACT,IAAI,KAAK,IAAI;AAAA,MACb,QAAQ;AAAA,IACV;AAEA,UAAM,WAAgB,MAAM,KAAK,UAAU,YAAY,OAAO;AAE9D,QAAI,WAAW,UAAU;AACvB,YAAM,IAAI,MAAM,SAAS,MAAM,WAAW,sBAAsB;AAAA,IAClE;AAEA,WAAO,SAAS,QAAQ,SAAS,CAAC;AAAA,EACpC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAsBA,MAAc,SAAS,UAAkB,MAAyC;AAChF,QAAI,CAAC,KAAK,WAAW;AACnB,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAGA,UAAM,UAAU;AAAA,MACd,SAAS;AAAA,MACT,IAAI,KAAK,IAAI;AAAA,MACb,QAAQ;AAAA,MACR,QAAQ;AAAA,QACN,MAAM;AAAA,QACN,WAAW;AAAA,MACb;AAAA,IACF;AAEA,UAAM,WAAgB,MAAM,KAAK,UAAU,YAAY,OAAO;AAE9D,QAAI,WAAW,UAAU;AACvB,YAAM,IAAI,MAAM,SAAS,MAAM,WAAW,qBAAqB;AAAA,IACjE;AAEA,WAAO,SAAS,QAAQ,UAAU,CAAC,GAAG,QAAQ,SAAS;AAAA,EACzD;AAAA,EAEQ,kBAAwB;AAE9B,SAAK,IAAI;AAAA,MACP,KAAK;AAAA,QACH,QAAQ,KAAK,OAAO,eAAe;AAAA,QACnC,SAAS,CAAC,OAAO,QAAQ,SAAS;AAAA,QAClC,gBAAgB,CAAC,gBAAgB,eAAe;AAAA,MAClD,CAAC;AAAA,IACH;AAGA,SAAK,IAAI,IAAI,QAAQ,KAAK,CAAC;AAC3B,SAAK,IAAI,IAAI,QAAQ,WAAW,EAAE,UAAU,KAAK,CAAC,CAAC;AAGnD,SAAK,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS;AAC/B,cAAQ,IAAI,IAAG,oBAAI,KAAK,GAAE,YAAY,CAAC,IAAI,IAAI,MAAM,IAAI,IAAI,IAAI,EAAE;AACnE,WAAK;AAAA,IACP,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQQ,sBAAsB,KAAoB;AAChD,UAAM,aAAa,IAAI,QAAQ,eAAe;AAC9C,QAAI,CAAC,YAAY;AACf,cAAQ,IAAI,kDAAkD;AAC9D;AAAA,IACF;AAEA,UAAM,QAAQ,WAAW,SAAS,EAAE,QAAQ,WAAW,EAAE;AACzD,QAAI,CAAC,OAAO;AACV,cAAQ,IAAI,uDAAuD;AACnE;AAAA,IACF;AAGA,QAAI,CAAC,MAAM,WAAW,KAAK,KAAK,CAAC,MAAM,WAAW,OAAO,GAAG;AAC1D,cAAQ,IAAI,oDAAoD,MAAM,UAAU,GAAG,EAAE,CAAC,MAAM;AAC5F;AAAA,IACF;AAEA,QAAI;AACF;AAAC,MAAC,KAAK,UAAkB,OAAO,YAAY;AAC5C,cAAQ,IAAI,+CAA+C;AAAA,IAC7D,SAAS,OAAO;AACd,cAAQ,MAAM,+CAA+C,KAAK;AAAA,IACpE;AAAA,EACF;AAAA,EAEQ,cAAoB;AAE1B,SAAK,IAAI,IAAI,WAAW,CAAC,KAAc,QAAkB;AACvD,UAAI,KAAK;AAAA,QACP,QAAQ;AAAA,QACR,aAAa,KAAK;AAAA,QAClB,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,MACpC,CAAC;AAAA,IACH,CAAC;AAGD,SAAK,IAAI,IAAI,cAAc,OAAO,KAAc,QAAkB;AAChE,UAAI;AACF,YAAI,CAAC,KAAK,eAAe;AACvB,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,OAAO;AAAA,UACT,CAAC;AAAA,QACH;AAGA,aAAK,sBAAsB,GAAG;AAE9B,cAAM,QAAQ,MAAM,KAAK,UAAU;AACnC,YAAI,KAAK,EAAE,MAAM,CAAC;AAAA,MACpB,SAAS,OAAO;AACd,gBAAQ,MAAM,wBAAwB,KAAK;AAC3C,YAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UACnB,OAAO,iBAAiB,QAAQ,MAAM,UAAU;AAAA,QAClD,CAAC;AAAA,MACH;AAAA,IACF,CAAC;AAGD,SAAK,IAAI,KAAK,mBAAmB,OAAO,KAAc,QAAkB;AACtE,UAAI;AACF,YAAI,CAAC,KAAK,eAAe;AACvB,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,OAAO;AAAA,UACT,CAAC;AAAA,QACH;AAGA,aAAK,sBAAsB,GAAG;AAE9B,cAAM,EAAE,UAAU,WAAW,KAAK,IAAI,IAAI;AAE1C,YAAI,CAAC,UAAU;AACb,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,OAAO;AAAA,UACT,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,KAAK,SAAS,UAAU,QAAQ,CAAC,CAAC;AAEvD,cAAM,WAA6B;AAAA,UACjC,SAAS;AAAA,UACT;AAAA,QACF;AAEA,YAAI,KAAK,QAAQ;AAAA,MACnB,SAAS,OAAO;AACd,gBAAQ,MAAM,uBAAuB,KAAK;AAC1C,cAAM,WAA6B;AAAA,UACjC,SAAS;AAAA,UACT,OAAO,iBAAiB,QAAQ,MAAM,UAAU;AAAA,QAClD;AACA,YAAI,OAAO,GAAG,EAAE,KAAK,QAAQ;AAAA,MAC/B;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,aAA4B;AAChC,UAAM,KAAK,UAAU,WAAW;AAIhC,SAAK,YAAY,IAAI,kBAAkB;AACvC,UAAM,SAAU,KAAK,UAAkB;AACvC,QAAI,QAAQ;AACV,YAAM,OAAO,QAAQ,KAAK,SAAS;AAAA,IACrC;AAEA,SAAK,gBAAgB;AACrB,YAAQ,IAAI,yBAAyB;AAAA,EACvC;AAAA,EAEA,MAAM,QAAuB;AAC3B,UAAM,KAAK,WAAW;AAEtB,WAAO,IAAI,QAAQ,CAAAC,aAAW;AAC5B,WAAK,aAAa,KAAK,IAAI,OAAO,KAAK,OAAO,MAAM,KAAK,OAAO,MAAM,MAAM;AAC1E,gBAAQ,IAAI,mCAAmC,KAAK,OAAO,IAAI,IAAI,KAAK,OAAO,IAAI,EAAE;AACrF,QAAAA,SAAQ;AAAA,MACV,CAAC;AAAA,IACH,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,QAAuB;AAE3B,QAAI,KAAK,YAAY;AACnB,YAAM,IAAI,QAAc,CAACA,UAAS,WAAW;AAC3C,aAAK,WAAY,MAAM,SAAO;AAC5B,cAAI,KAAK;AACP,oBAAQ,MAAM,8BAA8B,GAAG;AAC/C,mBAAO,GAAG;AAAA,UACZ,OAAO;AACL,oBAAQ,IAAI,oBAAoB;AAChC,YAAAA,SAAQ;AAAA,UACV;AAAA,QACF,CAAC;AAAA,MACH,CAAC;AAAA,IACH;AAGA,UAAM,KAAK,UAAU,MAAM;AAC3B,YAAQ,IAAI,oBAAoB;AAAA,EAClC;AACF;;;AE3RA,SAAS,cAAc;AACvB,SAAS,eAAe;AAGxB,OAAO,EAAE,MAAM,QAAQ,QAAQ,IAAI,GAAG,MAAM,EAAE,CAAC;AAG/C,IAAI,iBAAiB;AAGrB,QAAQ,GAAG,sBAAsB,CAAC,QAAQ,YAAY;AACpD,UAAQ,MAAM,2BAA2B,SAAS,WAAW,MAAM;AACnE,UAAQ,KAAK,CAAC;AAChB,CAAC;AAED,QAAQ,GAAG,qBAAqB,CAAC,UAAU;AACzC,UAAQ,MAAM,uBAAuB,KAAK;AAC1C,UAAQ,KAAK,CAAC;AAChB,CAAC;AAED,eAAe,OAAO;AACpB,QAAM,gBAAgB;AAAA,IACpB,MAAM,SAAS,QAAQ,IAAI,oBAAoB,QAAQ,EAAE;AAAA,IACzD,MAAM,QAAQ,IAAI,oBAAoB;AAAA,IACtC,eAAe,QAAQ,IAAI,mBAAmB;AAAA,IAC9C,WAAW,QAAQ,IAAI,mBAAmB;AAAA,IAC1C,UAAU,QAAQ,IAAI,kBAAkB;AAAA,IACxC,aAAa,QAAQ,IAAI;AAAA,IACzB,QAAQ,QAAQ,IAAI;AAAA,IACpB,OAAO,QAAQ,IAAI;AAAA,IACnB,aAAa,QAAQ,IAAI,cAAc,MAAM,GAAG;AAAA,EAClD;AAGA,MAAI,CAAC,cAAc,eAAe;AAChC,YAAQ,MAAM,oCAAoC;AAClD,YAAQ,KAAK,CAAC;AAAA,EAChB;AACA,MAAI,CAAC,cAAc,WAAW;AAC5B,YAAQ,MAAM,oCAAoC;AAClD,YAAQ,KAAK,CAAC;AAAA,EAChB;AACA,MAAI,CAAC,cAAc,UAAU;AAC3B,YAAQ,MAAM,mCAAmC;AACjD,YAAQ,KAAK,CAAC;AAAA,EAChB;AAGA,UAAQ,IAAI,0CAA0C;AACtD,UAAQ,IAAI,WAAW,cAAc,IAAI,EAAE;AAC3C,UAAQ,IAAI,WAAW,cAAc,IAAI,EAAE;AAC3C,UAAQ,IAAI,sBAAsB,cAAc,aAAa,EAAE;AAC/D,UAAQ,IAAI,gBAAgB,cAAc,QAAQ,EAAE;AACpD,UAAQ,IAAI,mBAAmB,cAAc,eAAe,SAAS,EAAE;AACvE,UAAQ,IAAI,cAAc,cAAc,UAAU,SAAS,EAAE;AAC7D,UAAQ,IAAI,aAAa,cAAc,SAAS,SAAS,EAAE;AAC3D,UAAQ,IAAI,mBAAmB,cAAc,aAAa,KAAK,IAAI,KAAK,SAAS,EAAE;AAEnF,QAAM,SAAS,IAAI,iBAAiB,aAAa;AAGjD,QAAM,mBAAmB,OAAO,WAAmB;AACjD,QAAI,gBAAgB;AAClB,cAAQ,IAAI,kDAAkD,MAAM;AACpE;AAAA,IACF;AAEA,qBAAiB;AACjB,YAAQ,IAAI;AAAA,WAAc,MAAM,+BAA+B;AAE/D,QAAI;AACF,YAAM,OAAO,MAAM;AACnB,cAAQ,IAAI,4BAA4B;AACxC,cAAQ,KAAK,CAAC;AAAA,IAChB,SAAS,OAAO;AACd,cAAQ,MAAM,0BAA0B,KAAK;AAC7C,cAAQ,KAAK,CAAC;AAAA,IAChB;AAAA,EACF;AAGA,UAAQ,GAAG,UAAU,MAAM,iBAAiB,QAAQ,CAAC;AACrD,UAAQ,GAAG,WAAW,MAAM,iBAAiB,SAAS,CAAC;AAEvD,MAAI;AACF,UAAM,OAAO,MAAM;AAAA,EACrB,SAAS,OAAO;AACd,YAAQ,MAAM,gCAAgC,KAAK;AACnD,YAAQ,KAAK,CAAC;AAAA,EAChB;AACF;AAEA,KAAK;","names":["resolve","config","resolve"]}

package/dist/index.d.mts ADDED Viewed

@@ -0,0 +1,86 @@
+interface MCPGatewayConfig {
+    port: number;
+    host: string;
+    rxdbServerUrl: string;
+    authToken: string;
+    domainId: string;
+    projectPath?: string;
+    userId?: string;
+    orgId?: string;
+    corsOrigins?: string[];
+}
+interface ToolDefinition {
+    name: string;
+    description: string;
+    inputSchema: any;
+}
+interface ToolCallRequest {
+    toolName: string;
+    arguments: Record<string, any>;
+}
+interface ToolCallResponse {
+    success: boolean;
+    result?: any;
+    error?: string;
+}
+declare class MCPGatewayServer {
+    private app;
+    private mcpServer;
+    private config;
+    private isInitialized;
+    private httpServer?;
+    private transport?;
+    constructor(config: MCPGatewayConfig);
+    /**
+     * Get list of tools from MCP server
+     *
+     * WARNING: This method accesses internal MCP server API via type casting.
+     * This is necessary because FlowStateMCPServer doesn't expose a public method
+     * for listing tools. The underlying server.request() method is used directly.
+     *
+     * RISKS:
+     * - Internal API may change without notice in future versions
+     * - Type casting bypasses TypeScript safety checks
+     * - May break if FlowStateMCPServer implementation changes
+     *
+     * TODO: Consider requesting a public API method in FlowStateMCPServer
+     * for listing and calling tools to avoid internal API access.
+     */
+    private listTools;
+    /**
+     * Call a tool on the MCP server
+     *
+     * WARNING: This method accesses internal MCP server API via type casting.
+     * This is necessary because FlowStateMCPServer doesn't expose a public method
+     * for calling tools. The underlying server.request() method is used directly.
+     *
+     * RISKS:
+     * - Internal API may change without notice in future versions
+     * - Type casting bypasses TypeScript safety checks
+     * - May break if FlowStateMCPServer implementation changes
+     *
+     * TODO: Consider requesting a public API method in FlowStateMCPServer
+     * for listing and calling tools to avoid internal API access.
+     *
+     * NOTE: The MCP SDK's server.request() method appears to require the request
+     * object to be passed twice (once as the request, once as params). This seems
+     * to be how the underlying MCP SDK expects the call to be structured based on
+     * the protocol specification.
+     */
+    private callTool;
+    private setupMiddleware;
+    /**
+     * Extract and forward auth token from request to MCP server
+     *
+     * This enables per-request auth so each API call can use its own token,
+     * rather than relying on the initial config token.
+     */
+    private updateAuthFromRequest;
+    private setupRoutes;
+    initialize(): Promise<void>;
+    start(): Promise<void>;
+    close(): Promise<void>;
+}
+export { type MCPGatewayConfig, MCPGatewayServer, type ToolCallRequest, type ToolCallResponse, type ToolDefinition };

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,86 @@
+interface MCPGatewayConfig {
+    port: number;
+    host: string;
+    rxdbServerUrl: string;
+    authToken: string;
+    domainId: string;
+    projectPath?: string;
+    userId?: string;
+    orgId?: string;
+    corsOrigins?: string[];
+}
+interface ToolDefinition {
+    name: string;
+    description: string;
+    inputSchema: any;
+}
+interface ToolCallRequest {
+    toolName: string;
+    arguments: Record<string, any>;
+}
+interface ToolCallResponse {
+    success: boolean;
+    result?: any;
+    error?: string;
+}
+declare class MCPGatewayServer {
+    private app;
+    private mcpServer;
+    private config;
+    private isInitialized;
+    private httpServer?;
+    private transport?;
+    constructor(config: MCPGatewayConfig);
+    /**
+     * Get list of tools from MCP server
+     *
+     * WARNING: This method accesses internal MCP server API via type casting.
+     * This is necessary because FlowStateMCPServer doesn't expose a public method
+     * for listing tools. The underlying server.request() method is used directly.
+     *
+     * RISKS:
+     * - Internal API may change without notice in future versions
+     * - Type casting bypasses TypeScript safety checks
+     * - May break if FlowStateMCPServer implementation changes
+     *
+     * TODO: Consider requesting a public API method in FlowStateMCPServer
+     * for listing and calling tools to avoid internal API access.
+     */
+    private listTools;
+    /**
+     * Call a tool on the MCP server
+     *
+     * WARNING: This method accesses internal MCP server API via type casting.
+     * This is necessary because FlowStateMCPServer doesn't expose a public method
+     * for calling tools. The underlying server.request() method is used directly.
+     *
+     * RISKS:
+     * - Internal API may change without notice in future versions
+     * - Type casting bypasses TypeScript safety checks
+     * - May break if FlowStateMCPServer implementation changes
+     *
+     * TODO: Consider requesting a public API method in FlowStateMCPServer
+     * for listing and calling tools to avoid internal API access.
+     *
+     * NOTE: The MCP SDK's server.request() method appears to require the request
+     * object to be passed twice (once as the request, once as params). This seems
+     * to be how the underlying MCP SDK expects the call to be structured based on
+     * the protocol specification.
+     */
+    private callTool;
+    private setupMiddleware;
+    /**
+     * Extract and forward auth token from request to MCP server
+     *
+     * This enables per-request auth so each API call can use its own token,
+     * rather than relying on the initial config token.
+     */
+    private updateAuthFromRequest;
+    private setupRoutes;
+    initialize(): Promise<void>;
+    start(): Promise<void>;
+    close(): Promise<void>;
+}
+export { type MCPGatewayConfig, MCPGatewayServer, type ToolCallRequest, type ToolCallResponse, type ToolDefinition };