@framingui/mcp-server 0.5.0

package/dist/auth/cache.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Simple in-memory cache with TTL support
+ * SPEC-DEPLOY-001 Phase 4.1: MCP Server Authentication Layer
+ */
+export declare class MemoryCache<T> {
+    private cache;
+    /**
+     * Set a cache entry with TTL in milliseconds
+     */
+    set(key: string, value: T, ttlMs: number): void;
+    /**
+     * Get a cache entry if it exists and hasn't expired
+     */
+    get(key: string): T | null;
+    /**
+     * Clear a specific cache entry
+     */
+    delete(key: string): void;
+    /**
+     * Clear all cache entries
+     */
+    clear(): void;
+    /**
+     * Get cache size
+     */
+    size(): number;
+}
+//# sourceMappingURL=cache.d.ts.map

package/dist/auth/cache.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cache.d.ts","sourceRoot":"","sources":["../../src/auth/cache.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAOH,qBAAa,WAAW,CAAC,CAAC;IACxB,OAAO,CAAC,KAAK,CAAoC;IAEjD;;OAEG;IACH,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI;IAK/C;;OAEG;IACH,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,IAAI;IAgB1B;;OAEG;IACH,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAIzB;;OAEG;IACH,KAAK,IAAI,IAAI;IAIb;;OAEG;IACH,IAAI,IAAI,MAAM;CAGf"}

package/dist/auth/cache.js

@@ -0,0 +1,48 @@
+/**
+ * Simple in-memory cache with TTL support
+ * SPEC-DEPLOY-001 Phase 4.1: MCP Server Authentication Layer
+ */
+export class MemoryCache {
+    cache = new Map();
+    /**
+     * Set a cache entry with TTL in milliseconds
+     */
+    set(key, value, ttlMs) {
+        const expiresAt = Date.now() + ttlMs;
+        this.cache.set(key, { value, expiresAt });
+    }
+    /**
+     * Get a cache entry if it exists and hasn't expired
+     */
+    get(key) {
+        const entry = this.cache.get(key);
+        if (!entry) {
+            return null;
+        }
+        // Check if expired
+        if (Date.now() > entry.expiresAt) {
+            this.cache.delete(key);
+            return null;
+        }
+        return entry.value;
+    }
+    /**
+     * Clear a specific cache entry
+     */
+    delete(key) {
+        this.cache.delete(key);
+    }
+    /**
+     * Clear all cache entries
+     */
+    clear() {
+        this.cache.clear();
+    }
+    /**
+     * Get cache size
+     */
+    size() {
+        return this.cache.size;
+    }
+}
+//# sourceMappingURL=cache.js.map

package/dist/auth/cache.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cache.js","sourceRoot":"","sources":["../../src/auth/cache.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAOH,MAAM,OAAO,WAAW;IACd,KAAK,GAAG,IAAI,GAAG,EAAyB,CAAC;IAEjD;;OAEG;IACH,GAAG,CAAC,GAAW,EAAE,KAAQ,EAAE,KAAa;QACtC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;QACrC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,GAAG,CAAC,GAAW;QACb,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAElC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,mBAAmB;QACnB,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC,KAAK,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,GAAW;QAChB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,IAAI;QACF,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;IACzB,CAAC;CACF"}

package/dist/auth/guard.d.ts

@@ -0,0 +1,22 @@
+/**
+ * 인증 가드 - 모든 도구 호출 전 인증 상태 확인
+ * SPEC-DEPLOY-001: 모든 테마 유료화, 인증 필수
+ */
+export declare class AuthRequiredError extends Error {
+    constructor();
+}
+export declare class WhoamiRequiredError extends Error {
+    constructor();
+}
+/**
+ * 인증 필수 가드
+ * 인증되지 않은 경우 AuthRequiredError를 throw
+ */
+export declare function requireAuth(): void;
+/**
+ * whoami 필수 가드 (서버 사이드 강제)
+ * whoami 미호출 시 WhoamiRequiredError를 throw
+ * 프롬프트 인젝션으로 우회 불가
+ */
+export declare function requireWhoami(): void;
+//# sourceMappingURL=guard.d.ts.map

package/dist/auth/guard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guard.d.ts","sourceRoot":"","sources":["../../src/auth/guard.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,qBAAa,iBAAkB,SAAQ,KAAK;;CAO3C;AAED,qBAAa,mBAAoB,SAAQ,KAAK;;CAO7C;AAED;;;GAGG;AACH,wBAAgB,WAAW,IAAI,IAAI,CAIlC;AAED;;;;GAIG;AACH,wBAAgB,aAAa,IAAI,IAAI,CAIpC"}

package/dist/auth/guard.js

@@ -0,0 +1,37 @@
+/**
+ * 인증 가드 - 모든 도구 호출 전 인증 상태 확인
+ * SPEC-DEPLOY-001: 모든 테마 유료화, 인증 필수
+ */
+import { isAuthenticated, isWhoamiCompleted } from './state.js';
+export class AuthRequiredError extends Error {
+    constructor() {
+        super('Authentication required. Run `tekton-mcp login` to authenticate, or set TEKTON_API_KEY environment variable.');
+        this.name = 'AuthRequiredError';
+    }
+}
+export class WhoamiRequiredError extends Error {
+    constructor() {
+        super('Please call the "whoami" tool first to verify your account and license status before using other tools.');
+        this.name = 'WhoamiRequiredError';
+    }
+}
+/**
+ * 인증 필수 가드
+ * 인증되지 않은 경우 AuthRequiredError를 throw
+ */
+export function requireAuth() {
+    if (!isAuthenticated()) {
+        throw new AuthRequiredError();
+    }
+}
+/**
+ * whoami 필수 가드 (서버 사이드 강제)
+ * whoami 미호출 시 WhoamiRequiredError를 throw
+ * 프롬프트 인젝션으로 우회 불가
+ */
+export function requireWhoami() {
+    if (!isWhoamiCompleted()) {
+        throw new WhoamiRequiredError();
+    }
+}
+//# sourceMappingURL=guard.js.map

package/dist/auth/guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"guard.js","sourceRoot":"","sources":["../../src/auth/guard.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAEhE,MAAM,OAAO,iBAAkB,SAAQ,KAAK;IAC1C;QACE,KAAK,CACH,8GAA8G,CAC/G,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,mBAAmB,CAAC;IAClC,CAAC;CACF;AAED,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IAC5C;QACE,KAAK,CACH,yGAAyG,CAC1G,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;IACpC,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,UAAU,WAAW;IACzB,IAAI,CAAC,eAAe,EAAE,EAAE,CAAC;QACvB,MAAM,IAAI,iBAAiB,EAAE,CAAC;IAChC,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,aAAa;IAC3B,IAAI,CAAC,iBAAiB,EAAE,EAAE,CAAC;QACzB,MAAM,IAAI,mBAAmB,EAAE,CAAC;IAClC,CAAC;AACH,CAAC"}

package/dist/auth/state.d.ts

@@ -0,0 +1,42 @@
+/**
+ * Global authentication state for MCP server
+ * SPEC-DEPLOY-001 Phase 4.1: MCP Server Authentication Layer
+ */
+import type { VerifyResponse } from './verify.js';
+/**
+ * Set authentication data and cache it
+ * @param authData - Verification response from API
+ */
+export declare function setAuthData(authData: VerifyResponse | null): void;
+/**
+ * Get current authentication data
+ * @returns Current authentication data or null if not authenticated
+ */
+export declare function getAuthData(): VerifyResponse | null;
+/**
+ * Clear authentication data and cache
+ */
+export declare function clearAuthData(): void;
+/**
+ * whoami 도구 호출 완료 표시
+ */
+export declare function setWhoamiCompleted(): void;
+/**
+ * whoami 도구 호출 여부 확인
+ * @returns whoami가 호출되었으면 true
+ */
+export declare function isWhoamiCompleted(): boolean;
+/**
+ * Check if user is authenticated
+ * @returns true if authenticated with valid data
+ */
+export declare function isAuthenticated(): boolean;
+/**
+ * Get accessible theme IDs based on current authentication
+ * 마스터 계정: 모든 테마 접근 가능
+ * 일반 사용자: 라이선스 보유 테마만 반환
+ * @param allThemeIds - All available theme IDs
+ * @returns Array of accessible theme IDs
+ */
+export declare function getAccessibleThemes(allThemeIds: string[]): string[];
+//# sourceMappingURL=state.d.ts.map

package/dist/auth/state.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"state.d.ts","sourceRoot":"","sources":["../../src/auth/state.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAiBlD;;;GAGG;AACH,wBAAgB,WAAW,CAAC,QAAQ,EAAE,cAAc,GAAG,IAAI,GAAG,IAAI,CAOjE;AAED;;;GAGG;AACH,wBAAgB,WAAW,IAAI,cAAc,GAAG,IAAI,CAWnD;AAED;;GAEG;AACH,wBAAgB,aAAa,IAAI,IAAI,CAKpC;AAED;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,IAAI,CAGzC;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,IAAI,OAAO,CAE3C;AAED;;;GAGG;AACH,wBAAgB,eAAe,IAAI,OAAO,CAGzC;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAoBnE"}

package/dist/auth/state.js

@@ -0,0 +1,96 @@
+/**
+ * Global authentication state for MCP server
+ * SPEC-DEPLOY-001 Phase 4.1: MCP Server Authentication Layer
+ */
+import { MemoryCache } from './cache.js';
+import { info } from '../utils/logger.js';
+import { isMasterAccount } from './theme-access.js';
+// Cache TTL: 5 minutes (300,000 milliseconds)
+const CACHE_TTL_MS = 5 * 60 * 1000;
+// Global authentication data cache
+const authCache = new MemoryCache();
+// Current authentication state
+let currentAuthData = null;
+// whoami 도구 호출 완료 여부 (서버 사이드 게이트)
+let whoamiCompleted = false;
+/**
+ * Set authentication data and cache it
+ * @param authData - Verification response from API
+ */
+export function setAuthData(authData) {
+    currentAuthData = authData;
+    if (authData && authData.valid) {
+        authCache.set('auth', authData, CACHE_TTL_MS);
+        info('Authentication data cached for 5 minutes');
+    }
+}
+/**
+ * Get current authentication data
+ * @returns Current authentication data or null if not authenticated
+ */
+export function getAuthData() {
+    // Try to get from cache first
+    const cachedAuth = authCache.get('auth');
+    if (cachedAuth) {
+        info('Using cached authentication data');
+        return cachedAuth;
+    }
+    // Return current state
+    return currentAuthData;
+}
+/**
+ * Clear authentication data and cache
+ */
+export function clearAuthData() {
+    currentAuthData = null;
+    whoamiCompleted = false;
+    authCache.clear();
+    info('Authentication data cleared');
+}
+/**
+ * whoami 도구 호출 완료 표시
+ */
+export function setWhoamiCompleted() {
+    whoamiCompleted = true;
+    info('whoami completed - all tools unlocked');
+}
+/**
+ * whoami 도구 호출 여부 확인
+ * @returns whoami가 호출되었으면 true
+ */
+export function isWhoamiCompleted() {
+    return whoamiCompleted;
+}
+/**
+ * Check if user is authenticated
+ * @returns true if authenticated with valid data
+ */
+export function isAuthenticated() {
+    const authData = getAuthData();
+    return authData !== null && authData.valid === true;
+}
+/**
+ * Get accessible theme IDs based on current authentication
+ * 마스터 계정: 모든 테마 접근 가능
+ * 일반 사용자: 라이선스 보유 테마만 반환
+ * @param allThemeIds - All available theme IDs
+ * @returns Array of accessible theme IDs
+ */
+export function getAccessibleThemes(allThemeIds) {
+    const authData = getAuthData();
+    // 인증 없음: 접근 가능 테마 없음
+    if (!authData || !authData.valid) {
+        return [];
+    }
+    // 마스터 계정: 모든 테마 접근 가능
+    const email = authData.user?.email;
+    if (email && isMasterAccount(email)) {
+        return [...allThemeIds];
+    }
+    // 일반 사용자: 라이선스 보유 테마만
+    const licensedThemes = authData.themes?.licensed || [];
+    const accessibleThemes = new Set(licensedThemes);
+    // 실제 존재하는 테마만 필터링
+    return allThemeIds.filter(id => accessibleThemes.has(id));
+}
+//# sourceMappingURL=state.js.map

package/dist/auth/state.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"state.js","sourceRoot":"","sources":["../../src/auth/state.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACzC,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAEpD,8CAA8C;AAC9C,MAAM,YAAY,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAEnC,mCAAmC;AACnC,MAAM,SAAS,GAAG,IAAI,WAAW,EAAkB,CAAC;AAEpD,+BAA+B;AAC/B,IAAI,eAAe,GAA0B,IAAI,CAAC;AAElD,kCAAkC;AAClC,IAAI,eAAe,GAAG,KAAK,CAAC;AAE5B;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,QAA+B;IACzD,eAAe,GAAG,QAAQ,CAAC;IAE3B,IAAI,QAAQ,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;QAC/B,SAAS,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QAC9C,IAAI,CAAC,0CAA0C,CAAC,CAAC;IACnD,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,WAAW;IACzB,8BAA8B;IAC9B,MAAM,UAAU,GAAG,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAEzC,IAAI,UAAU,EAAE,CAAC;QACf,IAAI,CAAC,kCAAkC,CAAC,CAAC;QACzC,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,uBAAuB;IACvB,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa;IAC3B,eAAe,GAAG,IAAI,CAAC;IACvB,eAAe,GAAG,KAAK,CAAC;IACxB,SAAS,CAAC,KAAK,EAAE,CAAC;IAClB,IAAI,CAAC,6BAA6B,CAAC,CAAC;AACtC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAChC,eAAe,GAAG,IAAI,CAAC;IACvB,IAAI,CAAC,uCAAuC,CAAC,CAAC;AAChD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB;IAC/B,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe;IAC7B,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,OAAO,QAAQ,KAAK,IAAI,IAAI,QAAQ,CAAC,KAAK,KAAK,IAAI,CAAC;AACtD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CAAC,WAAqB;IACvD,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAE/B,qBAAqB;IACrB,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;QACjC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,sBAAsB;IACtB,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,EAAE,KAAK,CAAC;IACnC,IAAI,KAAK,IAAI,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC;QACpC,OAAO,CAAC,GAAG,WAAW,CAAC,CAAC;IAC1B,CAAC;IAED,sBAAsB;IACtB,MAAM,cAAc,GAAG,QAAQ,CAAC,MAAM,EAAE,QAAQ,IAAI,EAAE,CAAC;IACvD,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC,CAAC;IAEjD,kBAAkB;IAClB,OAAO,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;AAC5D,CAAC"}

package/dist/auth/theme-access.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Theme access configuration
+ * SPEC-DEPLOY-001: 모든 테마 유료 - 인증 필수
+ */
+/**
+ * 모든 프리미엄 테마 목록 (실제 존재하는 6개 테마만)
+ * 인증된 사용자만 라이선스 보유 테마에 접근 가능
+ */
+export declare const PREMIUM_THEMES: string[];
+/**
+ * 마스터 계정 이메일 목록
+ * 마스터 계정은 모든 테마에 무제한 접근 가능
+ */
+export declare const MASTER_EMAILS: string[];
+/**
+ * 마스터 계정 여부 확인
+ * @param email - 사용자 이메일
+ * @returns 마스터 계정이면 true
+ */
+export declare function isMasterAccount(email: string): boolean;
+//# sourceMappingURL=theme-access.d.ts.map

package/dist/auth/theme-access.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"theme-access.d.ts","sourceRoot":"","sources":["../../src/auth/theme-access.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;;GAGG;AACH,eAAO,MAAM,cAAc,UAO1B,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,aAAa,UAA8B,CAAC;AAEzD;;;;GAIG;AACH,wBAAgB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAEtD"}

package/dist/auth/theme-access.js

@@ -0,0 +1,30 @@
+/**
+ * Theme access configuration
+ * SPEC-DEPLOY-001: 모든 테마 유료 - 인증 필수
+ */
+/**
+ * 모든 프리미엄 테마 목록 (실제 존재하는 6개 테마만)
+ * 인증된 사용자만 라이선스 보유 테마에 접근 가능
+ */
+export const PREMIUM_THEMES = [
+    'classic-magazine',
+    'dark-boldness',
+    'minimal-workspace',
+    'neutral-workspace',
+    'pebble',
+    'square-minimalism',
+];
+/**
+ * 마스터 계정 이메일 목록
+ * 마스터 계정은 모든 테마에 무제한 접근 가능
+ */
+export const MASTER_EMAILS = ['soo.kate.yeon@gmail.com'];
+/**
+ * 마스터 계정 여부 확인
+ * @param email - 사용자 이메일
+ * @returns 마스터 계정이면 true
+ */
+export function isMasterAccount(email) {
+    return MASTER_EMAILS.includes(email.toLowerCase());
+}
+//# sourceMappingURL=theme-access.js.map

package/dist/auth/theme-access.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"theme-access.js","sourceRoot":"","sources":["../../src/auth/theme-access.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;;GAGG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,kBAAkB;IAClB,eAAe;IACf,mBAAmB;IACnB,mBAAmB;IACnB,QAAQ;IACR,mBAAmB;CACpB,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,yBAAyB,CAAC,CAAC;AAEzD;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAAC,KAAa;IAC3C,OAAO,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;AACrD,CAAC"}

package/dist/auth/verify.d.ts

@@ -0,0 +1,44 @@
+/**
+ * API Key verification for Tekton MCP Server
+ * SPEC-DEPLOY-001 Phase 4.1: MCP Server Authentication Layer
+ */
+export interface VerifyResponse {
+    valid: boolean;
+    user?: {
+        id: string;
+        email: string;
+        plan: string;
+    };
+    licenses?: Array<{
+        themeId: string;
+        tier: string;
+        isActive: boolean;
+        expiresAt: string | null;
+    }>;
+    themes?: {
+        licensed: string[];
+        /** @deprecated free 테마 개념 제거됨 - 하위 호환용 */
+        free?: string[];
+    };
+    error?: string;
+}
+/**
+ * Verify API key with Tekton backend
+ * @param apiKey - The API key to verify
+ * @returns VerifyResponse with user data and licenses
+ */
+export declare function verifyApiKey(apiKey: string): Promise<VerifyResponse>;
+/**
+ * Extract licensed theme IDs from verification response
+ * @param verifyResponse - Verification response from verifyApiKey
+ * @returns Array of licensed theme IDs
+ */
+export declare function extractThemeAccess(verifyResponse: VerifyResponse): string[];
+/**
+ * Check if a theme is accessible for the current authentication state
+ * @param themeId - Theme ID to check
+ * @param verifyResponse - Verification response (null for unauthenticated)
+ * @returns true if theme is in user's licenses
+ */
+export declare function isThemeAccessible(themeId: string, verifyResponse: VerifyResponse | null): boolean;
+//# sourceMappingURL=verify.d.ts.map

package/dist/auth/verify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../src/auth/verify.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,OAAO,CAAC;IACf,IAAI,CAAC,EAAE;QACL,EAAE,EAAE,MAAM,CAAC;QACX,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,QAAQ,CAAC,EAAE,KAAK,CAAC;QACf,OAAO,EAAE,MAAM,CAAC;QAChB,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,EAAE,OAAO,CAAC;QAClB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;KAC1B,CAAC,CAAC;IACH,MAAM,CAAC,EAAE;QACP,QAAQ,EAAE,MAAM,EAAE,CAAC;QACnB,0CAA0C;QAC1C,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;KACjB,CAAC;IACF,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAiD1E;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,cAAc,EAAE,cAAc,GAAG,MAAM,EAAE,CAM3E;AAED;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,cAAc,GAAG,IAAI,GAAG,OAAO,CASjG"}

package/dist/auth/verify.js

@@ -0,0 +1,77 @@
+/**
+ * API Key verification for Tekton MCP Server
+ * SPEC-DEPLOY-001 Phase 4.1: MCP Server Authentication Layer
+ */
+import { info, error as logError } from '../utils/logger.js';
+/**
+ * Verify API key with Tekton backend
+ * @param apiKey - The API key to verify
+ * @returns VerifyResponse with user data and licenses
+ */
+export async function verifyApiKey(apiKey) {
+    const apiUrl = process.env.TEKTON_API_URL || 'https://framingui.com';
+    const endpoint = `${apiUrl}/api/mcp/verify`;
+    try {
+        info(`Verifying API key with endpoint: ${endpoint}`);
+        const response = await fetch(endpoint, {
+            method: 'GET',
+            headers: {
+                Authorization: `Bearer ${apiKey}`,
+                'Content-Type': 'application/json',
+            },
+        });
+        if (!response.ok) {
+            const errorText = await response.text();
+            logError(`API key verification failed: ${response.status} ${response.statusText}`);
+            return {
+                valid: false,
+                error: `Verification failed: ${response.status} ${response.statusText} - ${errorText}`,
+            };
+        }
+        const data = (await response.json());
+        if (!data.valid) {
+            logError(`API key is invalid: ${data.error || 'Unknown reason'}`);
+            return {
+                valid: false,
+                error: data.error || 'API key is invalid',
+            };
+        }
+        info(`API key verified successfully for user: ${data.user?.email || 'unknown'} (plan: ${data.user?.plan || 'unknown'})`);
+        return data;
+    }
+    catch (err) {
+        const errorMessage = err instanceof Error ? err.message : String(err);
+        logError(`API key verification error: ${errorMessage}`);
+        return {
+            valid: false,
+            error: `Network error: ${errorMessage}`,
+        };
+    }
+}
+/**
+ * Extract licensed theme IDs from verification response
+ * @param verifyResponse - Verification response from verifyApiKey
+ * @returns Array of licensed theme IDs
+ */
+export function extractThemeAccess(verifyResponse) {
+    if (!verifyResponse.valid || !verifyResponse.themes) {
+        return [];
+    }
+    return verifyResponse.themes.licensed || [];
+}
+/**
+ * Check if a theme is accessible for the current authentication state
+ * @param themeId - Theme ID to check
+ * @param verifyResponse - Verification response (null for unauthenticated)
+ * @returns true if theme is in user's licenses
+ */
+export function isThemeAccessible(themeId, verifyResponse) {
+    // 인증 필수
+    if (!verifyResponse || !verifyResponse.valid) {
+        return false;
+    }
+    // 라이선스 보유 테마만 접근 가능
+    const licensed = extractThemeAccess(verifyResponse);
+    return licensed.includes(themeId);
+}
+//# sourceMappingURL=verify.js.map

package/dist/auth/verify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/auth/verify.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,IAAI,EAAE,KAAK,IAAI,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAuB7D;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,MAAc;IAC/C,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,uBAAuB,CAAC;IACrE,MAAM,QAAQ,GAAG,GAAG,MAAM,iBAAiB,CAAC;IAE5C,IAAI,CAAC;QACH,IAAI,CAAC,oCAAoC,QAAQ,EAAE,CAAC,CAAC;QAErD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;YACrC,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,MAAM,EAAE;gBACjC,cAAc,EAAE,kBAAkB;aACnC;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACxC,QAAQ,CAAC,gCAAgC,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;YAEnF,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,wBAAwB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,MAAM,SAAS,EAAE;aACvF,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAmB,CAAC;QAEvD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YAChB,QAAQ,CAAC,uBAAuB,IAAI,CAAC,KAAK,IAAI,gBAAgB,EAAE,CAAC,CAAC;YAClE,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,oBAAoB;aAC1C,CAAC;QACJ,CAAC;QAED,IAAI,CACF,2CAA2C,IAAI,CAAC,IAAI,EAAE,KAAK,IAAI,SAAS,WAAW,IAAI,CAAC,IAAI,EAAE,IAAI,IAAI,SAAS,GAAG,CACnH,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,YAAY,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACtE,QAAQ,CAAC,+BAA+B,YAAY,EAAE,CAAC,CAAC;QAExD,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,kBAAkB,YAAY,EAAE;SACxC,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,cAA8B;IAC/D,IAAI,CAAC,cAAc,CAAC,KAAK,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;QACpD,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,OAAO,cAAc,CAAC,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;AAC9C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAe,EAAE,cAAqC;IACtF,QAAQ;IACR,IAAI,CAAC,cAAc,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,CAAC;QAC7C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,oBAAoB;IACpB,MAAM,QAAQ,GAAG,kBAAkB,CAAC,cAAc,CAAC,CAAC;IACpD,OAAO,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AACpC,CAAC"}

package/dist/cli/agent-md-templates.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Agent guidance templates for CLAUDE.md and AGENTS.md
+ * Provides framework-specific Tekton workflow instructions
+ */
+export type Framework = 'nextjs' | 'vite';
+/**
+ * Generate CLAUDE.md section for Claude Code
+ * (Claude Code-specific patterns and MCP integration)
+ */
+export declare function generateClaudeMdSection(framework: Framework): string;
+/**
+ * Generate AGENTS.md section for generic AI agents
+ * (Platform-agnostic guidance for OpenAI Codex, Cursor, Windsurf, etc.)
+ */
+export declare function generateAgentsMdSection(framework: Framework): string;
+//# sourceMappingURL=agent-md-templates.d.ts.map

package/dist/cli/agent-md-templates.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent-md-templates.d.ts","sourceRoot":"","sources":["../../src/cli/agent-md-templates.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,MAAM,SAAS,GAAG,QAAQ,GAAG,MAAM,CAAC;AAE1C;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,SAAS,EAAE,SAAS,GAAG,MAAM,CAsHpE;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,SAAS,EAAE,SAAS,GAAG,MAAM,CAoLpE"}