@everstateai/mcp 1.3.2 → 1.3.3

package/src/setup/validators/api-key.ts

@@ -0,0 +1,218 @@
+/**
+ * API Key Validator
+ *
+ * Validates that the API key exists, has correct format, and authenticates.
+ */
+
+import * as fs from 'fs';
+import * as https from 'https';
+import {
+  Validator,
+  ValidationResult,
+  ValidationContext,
+  getEverstateDir,
+  EVERSTATE_API_URL,
+} from '../types.js';
+
+export const apiKeyValidator: Validator = {
+  name: 'API Key',
+
+  async validate(context: ValidationContext): Promise<ValidationResult[]> {
+    const results: ValidationResult[] = [];
+    const apiKeyPath = `${getEverstateDir()}/api-key`;
+
+    // Check 1: API key file exists
+    if (!fs.existsSync(apiKeyPath)) {
+      results.push({
+        component: 'API Key',
+        check: 'File exists',
+        status: 'fail',
+        message: `API key file not found at ${apiKeyPath}`,
+        repairAction: {
+          type: 'install',
+          description: 'Run setup with your API key',
+          automatic: false,
+        },
+      });
+      return results; // Can't continue without file
+    }
+
+    results.push({
+      component: 'API Key',
+      check: 'File exists',
+      status: 'pass',
+      message: `Found at ${apiKeyPath}`,
+    });
+
+    // Check 2: File is not empty and has correct format
+    let apiKey: string;
+    try {
+      apiKey = fs.readFileSync(apiKeyPath, 'utf8').trim();
+    } catch (err) {
+      results.push({
+        component: 'API Key',
+        check: 'Readable',
+        status: 'fail',
+        message: `Cannot read API key file: ${err instanceof Error ? err.message : 'Unknown error'}`,
+        repairAction: {
+          type: 'chmod',
+          description: 'Fix file permissions',
+          automatic: true,
+        },
+      });
+      return results;
+    }
+
+    if (!apiKey) {
+      results.push({
+        component: 'API Key',
+        check: 'Not empty',
+        status: 'fail',
+        message: 'API key file is empty',
+        repairAction: {
+          type: 'configure',
+          description: 'Run setup with your API key',
+          automatic: false,
+        },
+      });
+      return results;
+    }
+
+    // Check 3: Format validation
+    if (!apiKey.startsWith('ck_') && !apiKey.startsWith('ckp_')) {
+      results.push({
+        component: 'API Key',
+        check: 'Format',
+        status: 'fail',
+        message: `Invalid format - must start with 'ck_' or 'ckp_'`,
+        details: { keyPrefix: apiKey.substring(0, 4) },
+        repairAction: {
+          type: 'configure',
+          description: 'Replace with valid API key',
+          automatic: false,
+        },
+      });
+      return results;
+    }
+
+    if (apiKey.length < 20) {
+      results.push({
+        component: 'API Key',
+        check: 'Format',
+        status: 'warn',
+        message: 'API key appears unusually short',
+        details: { length: apiKey.length },
+      });
+    } else {
+      results.push({
+        component: 'API Key',
+        check: 'Format',
+        status: 'pass',
+        message: `Valid format (${apiKey.substring(0, 7)}...)`,
+      });
+    }
+
+    // Check 4: Authentication (skip if network checks disabled)
+    if (context.skipNetwork) {
+      results.push({
+        component: 'API Key',
+        check: 'Authentication',
+        status: 'warn',
+        message: 'Skipped (network checks disabled)',
+      });
+      return results;
+    }
+
+    const authResult = await checkAuthentication(apiKey);
+    results.push(authResult);
+
+    return results;
+  },
+
+  async repair(result: ValidationResult, context: ValidationContext): Promise<boolean> {
+    if (result.check === 'Readable' && result.repairAction?.type === 'chmod') {
+      const apiKeyPath = `${getEverstateDir()}/api-key`;
+      try {
+        fs.chmodSync(apiKeyPath, 0o600);
+        return true;
+      } catch {
+        return false;
+      }
+    }
+    // Other repairs require user input (new API key)
+    return false;
+  },
+};
+
+async function checkAuthentication(apiKey: string): Promise<ValidationResult> {
+  return new Promise((resolve) => {
+    const url = new URL(`${EVERSTATE_API_URL}/api/projects`);
+
+    const req = https.request(
+      {
+        hostname: url.hostname,
+        port: 443,
+        path: url.pathname,
+        method: 'GET',
+        headers: {
+          Authorization: `Bearer ${apiKey}`,
+          'Content-Type': 'application/json',
+        },
+        timeout: 10000,
+      },
+      (res) => {
+        if (res.statusCode === 200) {
+          resolve({
+            component: 'API Key',
+            check: 'Authentication',
+            status: 'pass',
+            message: 'Authenticated successfully',
+          });
+        } else if (res.statusCode === 401 || res.statusCode === 403) {
+          resolve({
+            component: 'API Key',
+            check: 'Authentication',
+            status: 'fail',
+            message: 'Authentication failed - invalid or expired key',
+            details: { statusCode: res.statusCode },
+            repairAction: {
+              type: 'configure',
+              description: 'Replace with valid API key',
+              automatic: false,
+            },
+          });
+        } else {
+          resolve({
+            component: 'API Key',
+            check: 'Authentication',
+            status: 'warn',
+            message: `Unexpected response: ${res.statusCode}`,
+            details: { statusCode: res.statusCode },
+          });
+        }
+      }
+    );
+
+    req.on('error', (err) => {
+      resolve({
+        component: 'API Key',
+        check: 'Authentication',
+        status: 'warn',
+        message: `Network error: ${err.message}`,
+        details: { error: err.message },
+      });
+    });
+
+    req.on('timeout', () => {
+      req.destroy();
+      resolve({
+        component: 'API Key',
+        check: 'Authentication',
+        status: 'warn',
+        message: 'Request timed out',
+      });
+    });
+
+    req.end();
+  });
+}

package/src/setup/validators/connectivity.ts

@@ -0,0 +1,176 @@
+/**
+ * Connectivity Validator
+ *
+ * Tests API connectivity and response times.
+ */
+
+import {
+  Validator,
+  ValidationResult,
+  ValidationContext,
+  EVERSTATE_API_URL,
+} from '../types.js';
+
+const SLOW_THRESHOLD_MS = 2000;
+const TIMEOUT_MS = 10000;
+
+export const connectivityValidator: Validator = {
+  name: 'Connectivity',
+
+  async validate(context: ValidationContext): Promise<ValidationResult[]> {
+    const results: ValidationResult[] = [];
+
+    if (context.skipNetwork) {
+      results.push({
+        component: 'Connectivity',
+        check: 'API reachable',
+        status: 'warn',
+        message: 'Skipped (--skip-network)',
+      });
+      return results;
+    }
+
+    // Check 1: Health endpoint
+    const healthResult = await checkHealth();
+    results.push(healthResult);
+
+    // Check 2: Authenticated endpoint (if API key available)
+    if (context.apiKey && healthResult.status === 'pass') {
+      const authResult = await checkAuthenticated(context.apiKey);
+      results.push(authResult);
+    }
+
+    return results;
+  },
+};
+
+async function checkHealth(): Promise<ValidationResult> {
+  const startTime = Date.now();
+
+  try {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), TIMEOUT_MS);
+
+    const response = await fetch(`${EVERSTATE_API_URL}/health`, {
+      signal: controller.signal,
+    });
+
+    clearTimeout(timeoutId);
+
+    const elapsed = Date.now() - startTime;
+
+    if (!response.ok) {
+      return {
+        component: 'Connectivity',
+        check: 'API reachable',
+        status: 'fail',
+        message: `Health check failed: ${response.status}`,
+        details: { status: response.status, elapsed },
+      };
+    }
+
+    if (elapsed > SLOW_THRESHOLD_MS) {
+      return {
+        component: 'Connectivity',
+        check: 'API reachable',
+        status: 'warn',
+        message: `Slow response (${elapsed}ms)`,
+        details: { elapsed, threshold: SLOW_THRESHOLD_MS },
+      };
+    }
+
+    return {
+      component: 'Connectivity',
+      check: 'API reachable',
+      status: 'pass',
+      message: `OK (${elapsed}ms)`,
+      details: { elapsed },
+    };
+  } catch (error) {
+    const elapsed = Date.now() - startTime;
+
+    if (error instanceof Error && error.name === 'AbortError') {
+      return {
+        component: 'Connectivity',
+        check: 'API reachable',
+        status: 'fail',
+        message: `Timeout after ${TIMEOUT_MS}ms`,
+        details: { timeout: TIMEOUT_MS },
+      };
+    }
+
+    return {
+      component: 'Connectivity',
+      check: 'API reachable',
+      status: 'fail',
+      message: 'Network error',
+      details: { error: String(error), elapsed },
+    };
+  }
+}
+
+async function checkAuthenticated(apiKey: string): Promise<ValidationResult> {
+  const startTime = Date.now();
+
+  try {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), TIMEOUT_MS);
+
+    const response = await fetch(`${EVERSTATE_API_URL}/api/context`, {
+      headers: {
+        Authorization: `Bearer ${apiKey}`,
+      },
+      signal: controller.signal,
+    });
+
+    clearTimeout(timeoutId);
+
+    const elapsed = Date.now() - startTime;
+
+    if (response.status === 401) {
+      return {
+        component: 'Connectivity',
+        check: 'Authenticated access',
+        status: 'fail',
+        message: 'API key rejected',
+        details: { elapsed },
+      };
+    }
+
+    if (!response.ok) {
+      return {
+        component: 'Connectivity',
+        check: 'Authenticated access',
+        status: 'warn',
+        message: `Unexpected status: ${response.status}`,
+        details: { status: response.status, elapsed },
+      };
+    }
+
+    if (elapsed > SLOW_THRESHOLD_MS) {
+      return {
+        component: 'Connectivity',
+        check: 'Authenticated access',
+        status: 'warn',
+        message: `Slow response (${elapsed}ms)`,
+        details: { elapsed, threshold: SLOW_THRESHOLD_MS },
+      };
+    }
+
+    return {
+      component: 'Connectivity',
+      check: 'Authenticated access',
+      status: 'pass',
+      message: `OK (${elapsed}ms)`,
+      details: { elapsed },
+    };
+  } catch (error) {
+    return {
+      component: 'Connectivity',
+      check: 'Authenticated access',
+      status: 'warn',
+      message: 'Could not verify authenticated access',
+      details: { error: String(error) },
+    };
+  }
+}