@fuul/mcp-server 0.2.0

package/dist/auth/types.d.ts

@@ -0,0 +1,13 @@
+export interface StoredTokens {
+    access_token: string;
+    refresh_token: string;
+    /** Epoch milliseconds when access_token is expected to expire. */
+    expires_at_ms: number;
+}
+export interface TokenResponse {
+    access_token: string;
+    refresh_token: string;
+    token_type: 'Bearer';
+    expires_in: number;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/auth/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/auth/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,YAAY;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,kEAAkE;IAClE,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,aAAa;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,QAAQ,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;CACpB"}

package/dist/auth/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/auth/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/auth/types.ts"],"names":[],"mappings":""}

package/dist/cli.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":""}

package/dist/cli.js

@@ -0,0 +1,67 @@
+#!/usr/bin/env node
+import { OAuthClient } from './auth/oauth-client.js';
+import { TokenStore } from './auth/token-store.js';
+import { loadEnv } from './config/env.js';
+import { ApiRequestError, FuulApiClient, NotLoggedInError } from './http/fuul-api-client.js';
+function printUsage() {
+    console.log(`Usage: fuul-mcp <command>
+
+Commands:
+  login   Open browser to sign in and save tokens to ~/.fuul/tokens.json
+  logout  Remove saved tokens
+  whoami  Print the current user from GET /api/v1/auth/user
+
+Environment:
+  FUUL_API_BASE_URL         API origin (default https://api.fuul.xyz)
+  FUUL_OAUTH_CLIENT_ID      OAuth client id (default fuul-agent)
+  FUUL_OAUTH_REDIRECT_URI   Callback URL (default http://127.0.0.1:8765/callback)
+  FUUL_MCP_DEBUG            Set to 1 or true for debug logs on stderr
+`);
+}
+async function whoami() {
+    const env = loadEnv();
+    const store = new TokenStore();
+    const oauth = new OAuthClient(env, store);
+    const api = new FuulApiClient(env, store, oauth);
+    try {
+        const user = await api.getAuthUser();
+        console.log(JSON.stringify(user, null, 2));
+    }
+    catch (e) {
+        if (e instanceof NotLoggedInError) {
+            console.error(e.message);
+            process.exit(1);
+        }
+        if (e instanceof ApiRequestError) {
+            console.error(`Failed to load user (HTTP ${e.status}). Try: fuul-mcp login`);
+            process.exit(1);
+        }
+        throw e;
+    }
+}
+async function main() {
+    const cmd = process.argv[2];
+    const env = loadEnv();
+    const store = new TokenStore();
+    const oauth = new OAuthClient(env, store);
+    switch (cmd) {
+        case 'login':
+            await oauth.login();
+            break;
+        case 'logout':
+            await store.clear();
+            console.log('Logged out.');
+            break;
+        case 'whoami':
+            await whoami();
+            break;
+        default:
+            printUsage();
+            process.exit(cmd ? 1 : 0);
+    }
+}
+main().catch((err) => {
+    console.error(err instanceof Error ? err.message : err);
+    process.exit(1);
+});
+//# sourceMappingURL=cli.js.map

package/dist/cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAC1C,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAE7F,SAAS,UAAU;IACjB,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;CAYb,CAAC,CAAC;AACH,CAAC;AAED,KAAK,UAAU,MAAM;IACnB,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;IACtB,MAAM,KAAK,GAAG,IAAI,UAAU,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,IAAI,aAAa,CAAC,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;IAEjD,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,WAAW,EAAE,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,YAAY,gBAAgB,EAAE,CAAC;YAClC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;YACzB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,IAAI,CAAC,YAAY,eAAe,EAAE,CAAC;YACjC,OAAO,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC,MAAM,wBAAwB,CAAC,CAAC;YAC7E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,CAAC,CAAC;IACV,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC5B,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;IACtB,MAAM,KAAK,GAAG,IAAI,UAAU,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAE1C,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,OAAO;YACV,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC;YACpB,MAAM;QACR,KAAK,QAAQ;YACX,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC;YAEpB,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAC3B,MAAM;QACR,KAAK,QAAQ;YACX,MAAM,MAAM,EAAE,CAAC;YACf,MAAM;QACR;YACE,UAAU,EAAE,CAAC;YACb,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;AACH,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;IAC5B,OAAO,CAAC,KAAK,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/config/env.d.ts

@@ -0,0 +1,10 @@
+import { z } from 'zod';
+declare const envSchema: any;
+export type Env = z.infer<typeof envSchema> & {
+    debug: boolean;
+};
+export declare function loadEnv(processEnv?: NodeJS.ProcessEnv): Env;
+/** API origin with no trailing slash (OAuth and REST live under this host). */
+export declare function apiOriginFromEnv(env: Env): string;
+export {};
+//# sourceMappingURL=env.d.ts.map

package/dist/config/env.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../src/config/env.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAIxB,QAAA,MAAM,SAAS,KAMb,CAAC;AAEH,MAAM,MAAM,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,SAAS,CAAC,GAAG;IAAE,KAAK,EAAE,OAAO,CAAA;CAAE,CAAC;AAMjE,wBAAgB,OAAO,CAAC,UAAU,GAAE,MAAM,CAAC,UAAwB,GAAG,GAAG,CAWxE;AAED,+EAA+E;AAC/E,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,GAAG,GAAG,MAAM,CAEjD"}

package/dist/config/env.js

@@ -0,0 +1,30 @@
+import { config as loadDotEnv } from 'dotenv';
+import { z } from 'zod';
+loadDotEnv();
+const envSchema = z.object({
+    FUUL_API_BASE_URL: z.string().url().default('https://api.fuul.xyz'),
+    FUUL_OAUTH_CLIENT_ID: z.string().min(1).default('fuul-agent'),
+    FUUL_OAUTH_REDIRECT_URI: z.string().url().default('http://127.0.0.1:8765/callback'),
+    /** Max wall time per MCP tool call (ms). Covers refresh + retry on 401. */
+    FUUL_MCP_TOOL_TIMEOUT_MS: z.coerce.number().int().positive().default(90_000),
+});
+function unsetIfEmpty(value) {
+    return value === undefined || value === '' ? undefined : value;
+}
+export function loadEnv(processEnv = process.env) {
+    const base = envSchema.parse({
+        FUUL_API_BASE_URL: unsetIfEmpty(processEnv.FUUL_API_BASE_URL),
+        FUUL_OAUTH_CLIENT_ID: unsetIfEmpty(processEnv.FUUL_OAUTH_CLIENT_ID),
+        FUUL_OAUTH_REDIRECT_URI: unsetIfEmpty(processEnv.FUUL_OAUTH_REDIRECT_URI),
+        FUUL_MCP_TOOL_TIMEOUT_MS: unsetIfEmpty(processEnv.FUUL_MCP_TOOL_TIMEOUT_MS),
+    });
+    return {
+        ...base,
+        debug: processEnv.FUUL_MCP_DEBUG === '1' || processEnv.FUUL_MCP_DEBUG === 'true',
+    };
+}
+/** API origin with no trailing slash (OAuth and REST live under this host). */
+export function apiOriginFromEnv(env) {
+    return env.FUUL_API_BASE_URL.replace(/\/+$/, '');
+}
+//# sourceMappingURL=env.js.map

package/dist/config/env.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"env.js","sourceRoot":"","sources":["../../src/config/env.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,UAAU,EAAE,CAAC;AAEb,MAAM,SAAS,GAAG,CAAC,CAAC,MAAM,CAAC;IACzB,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,sBAAsB,CAAC;IACnE,oBAAoB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC;IAC7D,uBAAuB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,gCAAgC,CAAC;IACnF,2EAA2E;IAC3E,wBAAwB,EAAE,CAAC,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC;CAC7E,CAAC,CAAC;AAIH,SAAS,YAAY,CAAC,KAAyB;IAC7C,OAAO,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC;AACjE,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,aAAgC,OAAO,CAAC,GAAG;IACjE,MAAM,IAAI,GAAG,SAAS,CAAC,KAAK,CAAC;QAC3B,iBAAiB,EAAE,YAAY,CAAC,UAAU,CAAC,iBAAiB,CAAC;QAC7D,oBAAoB,EAAE,YAAY,CAAC,UAAU,CAAC,oBAAoB,CAAC;QACnE,uBAAuB,EAAE,YAAY,CAAC,UAAU,CAAC,uBAAuB,CAAC;QACzE,wBAAwB,EAAE,YAAY,CAAC,UAAU,CAAC,wBAAwB,CAAC;KAC5E,CAAC,CAAC;IACH,OAAO;QACL,GAAG,IAAI;QACP,KAAK,EAAE,UAAU,CAAC,cAAc,KAAK,GAAG,IAAI,UAAU,CAAC,cAAc,KAAK,MAAM;KACjF,CAAC;AACJ,CAAC;AAED,+EAA+E;AAC/E,MAAM,UAAU,gBAAgB,CAAC,GAAQ;IACvC,OAAO,GAAG,CAAC,iBAAiB,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACnD,CAAC"}

package/dist/http/fuul-api-client.d.ts

@@ -0,0 +1,51 @@
+import { type AxiosResponse } from 'axios';
+import { OAuthClient } from '../auth/oauth-client.js';
+import { TokenStore } from '../auth/token-store.js';
+import { type Env } from '../config/env.js';
+export declare class NotLoggedInError extends Error {
+    readonly code: "NOT_LOGGED_IN";
+    constructor();
+}
+export declare class ApiRequestError extends Error {
+    readonly status: number;
+    readonly body?: unknown | undefined;
+    /** Seconds until retry when HTTP 429 and Retry-After is present. */
+    readonly retryAfterSeconds?: number | undefined;
+    readonly code: "API_REQUEST_ERROR";
+    constructor(message: string, status: number, body?: unknown | undefined, 
+    /** Seconds until retry when HTTP 429 and Retry-After is present. */
+    retryAfterSeconds?: number | undefined);
+}
+/**
+ * Authenticated Fuul API client: Bearer from ~/.fuul/tokens.json, refresh + one retry on 401.
+ */
+export declare class FuulApiClient {
+    private readonly tokenStore;
+    private readonly oauth;
+    private readonly http;
+    constructor(env: Env, tokenStore: TokenStore, oauth: OAuthClient);
+    /** GET /api/v1/auth/user — same contract as `fuul-mcp whoami`. */
+    getAuthUser(): Promise<unknown>;
+    /**
+     * Authenticated GET (Bearer + refresh on 401). Exposes status and headers for cacheable endpoints (e.g. metadata).
+     */
+    getAuthorized(url: string, extraHeaders?: Record<string, string>, query?: Record<string, unknown>): Promise<{
+        status: number;
+        data: unknown;
+        etag: string | undefined;
+        cacheControl: string | undefined;
+        retryAfterSeconds: number | undefined;
+    }>;
+    /**
+     * GET expecting 2xx JSON body; throws {@link ApiRequestError} otherwise (including 429 with retry hint).
+     */
+    getJson(url: string, options?: {
+        query?: Record<string, unknown>;
+        headers?: Record<string, string>;
+    }): Promise<unknown>;
+    postJson(url: string, body: unknown): Promise<unknown>;
+    patchJson(url: string, body: unknown): Promise<unknown>;
+    private executeAuthorizedRequest;
+}
+export declare function throwIfNotSuccess(res: AxiosResponse): void;
+//# sourceMappingURL=fuul-api-client.d.ts.map

package/dist/http/fuul-api-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fuul-api-client.d.ts","sourceRoot":"","sources":["../../src/http/fuul-api-client.ts"],"names":[],"mappings":"AAAA,OAAc,EAAsB,KAAK,aAAa,EAAE,MAAM,OAAO,CAAC;AAEtE,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAoB,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAK9D,qBAAa,gBAAiB,SAAQ,KAAK;IACzC,QAAQ,CAAC,IAAI,EAAG,eAAe,CAAU;;CAO1C;AAED,qBAAa,eAAgB,SAAQ,KAAK;IAKtC,QAAQ,CAAC,MAAM,EAAE,MAAM;IACvB,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO;IACvB,oEAAoE;IACpE,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM;IAPrC,QAAQ,CAAC,IAAI,EAAG,mBAAmB,CAAU;gBAG3C,OAAO,EAAE,MAAM,EACN,MAAM,EAAE,MAAM,EACd,IAAI,CAAC,EAAE,OAAO,YAAA;IACvB,oEAAoE;IAC3D,iBAAiB,CAAC,EAAE,MAAM,YAAA;CAMtC;AAWD;;GAEG;AACH,qBAAa,aAAa;IAKtB,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,KAAK;IALxB,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAgB;gBAGnC,GAAG,EAAE,GAAG,EACS,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,WAAW;IAUrC,kEAAkE;IAC5D,WAAW,IAAI,OAAO,CAAC,OAAO,CAAC;IAWrC;;OAEG;IACG,aAAa,CACjB,GAAG,EAAE,MAAM,EACX,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EACrC,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC9B,OAAO,CAAC;QACT,MAAM,EAAE,MAAM,CAAC;QACf,IAAI,EAAE,OAAO,CAAC;QACd,IAAI,EAAE,MAAM,GAAG,SAAS,CAAC;QACzB,YAAY,EAAE,MAAM,GAAG,SAAS,CAAC;QACjC,iBAAiB,EAAE,MAAM,GAAG,SAAS,CAAC;KACvC,CAAC;IAgBF;;OAEG;IACG,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAWvH,QAAQ,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;IAUtD,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;YAU/C,wBAAwB;CA2BvC;AAED,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,aAAa,GAAG,IAAI,CAK1D"}

package/dist/http/fuul-api-client.js

@@ -0,0 +1,161 @@
+import axios from 'axios';
+import { apiOriginFromEnv } from '../config/env.js';
+import { formatRateLimitMessage, parseRetryAfterFromHeaders } from './retry-after.js';
+const REQUEST_TIMEOUT_MS = 30_000;
+export class NotLoggedInError extends Error {
+    code = 'NOT_LOGGED_IN';
+    constructor() {
+        super('Not logged in. Run: fuul-mcp login');
+        this.name = 'NotLoggedInError';
+        Object.setPrototypeOf(this, new.target.prototype);
+    }
+}
+export class ApiRequestError extends Error {
+    status;
+    body;
+    retryAfterSeconds;
+    code = 'API_REQUEST_ERROR';
+    constructor(message, status, body, 
+    /** Seconds until retry when HTTP 429 and Retry-After is present. */
+    retryAfterSeconds) {
+        super(message);
+        this.status = status;
+        this.body = body;
+        this.retryAfterSeconds = retryAfterSeconds;
+        this.name = 'ApiRequestError';
+        Object.setPrototypeOf(this, new.target.prototype);
+    }
+}
+/**
+ * Authenticated Fuul API client: Bearer from ~/.fuul/tokens.json, refresh + one retry on 401.
+ */
+export class FuulApiClient {
+    tokenStore;
+    oauth;
+    http;
+    constructor(env, tokenStore, oauth) {
+        this.tokenStore = tokenStore;
+        this.oauth = oauth;
+        this.http = axios.create({
+            baseURL: apiOriginFromEnv(env),
+            timeout: REQUEST_TIMEOUT_MS,
+            headers: { 'Content-Type': 'application/json' },
+            validateStatus: () => true,
+        });
+    }
+    /** GET /api/v1/auth/user — same contract as `fuul-mcp whoami`. */
+    async getAuthUser() {
+        const res = await this.executeAuthorizedRequest({
+            method: 'GET',
+            url: '/api/v1/auth/user',
+        });
+        if (res.status !== 200) {
+            throw apiErrorFromResponse(res);
+        }
+        return res.data;
+    }
+    /**
+     * Authenticated GET (Bearer + refresh on 401). Exposes status and headers for cacheable endpoints (e.g. metadata).
+     */
+    async getAuthorized(url, extraHeaders, query) {
+        const res = await this.executeAuthorizedRequest({
+            method: 'GET',
+            url,
+            headers: extraHeaders,
+            params: query,
+        });
+        return {
+            status: res.status,
+            data: res.data,
+            etag: readHeader(res, 'etag'),
+            cacheControl: readHeader(res, 'cache-control'),
+            retryAfterSeconds: parseRetryAfterFromHeaders(res.headers),
+        };
+    }
+    /**
+     * GET expecting 2xx JSON body; throws {@link ApiRequestError} otherwise (including 429 with retry hint).
+     */
+    async getJson(url, options) {
+        const res = await this.executeAuthorizedRequest({
+            method: 'GET',
+            url,
+            headers: options?.headers,
+            params: options?.query,
+        });
+        throwIfNotSuccess(res);
+        return res.data;
+    }
+    async postJson(url, body) {
+        const res = await this.executeAuthorizedRequest({
+            method: 'POST',
+            url,
+            data: body,
+        });
+        throwIfNotSuccess(res);
+        return res.data;
+    }
+    async patchJson(url, body) {
+        const res = await this.executeAuthorizedRequest({
+            method: 'PATCH',
+            url,
+            data: body,
+        });
+        throwIfNotSuccess(res);
+        return res.data;
+    }
+    async executeAuthorizedRequest(opts) {
+        let tokens = await this.tokenStore.read();
+        if (!tokens?.access_token) {
+            throw new NotLoggedInError();
+        }
+        const run = (accessToken) => this.http.request({
+            method: opts.method,
+            url: opts.url,
+            headers: { Authorization: `Bearer ${accessToken}`, ...opts.headers },
+            params: opts.params,
+            data: opts.data,
+        });
+        let res = await run(tokens.access_token);
+        if (res.status === 401 && tokens.refresh_token) {
+            const refreshed = await this.oauth.refreshFromStore();
+            if (refreshed) {
+                tokens = refreshed;
+                res = await run(tokens.access_token);
+            }
+        }
+        return res;
+    }
+}
+export function throwIfNotSuccess(res) {
+    if (res.status >= 200 && res.status < 300) {
+        return;
+    }
+    throw apiErrorFromResponse(res);
+}
+function apiErrorFromResponse(res) {
+    if (res.status === 429) {
+        const retryAfter = parseRetryAfterFromHeaders(res.headers);
+        return new ApiRequestError(formatRateLimitMessage(retryAfter), 429, res.data, retryAfter);
+    }
+    return new ApiRequestError(messageFromBody(res.data, res.status), res.status, res.data);
+}
+function messageFromBody(data, status) {
+    if (data && typeof data === 'object') {
+        const o = data;
+        if (typeof o.message === 'string') {
+            return o.message;
+        }
+        if (Array.isArray(o.message)) {
+            return o.message.map(String).join('; ');
+        }
+    }
+    return `Request failed (HTTP ${status})`;
+}
+function readHeader(res, name) {
+    const raw = res.headers[name] ?? res.headers[name.toLowerCase()];
+    if (raw == null) {
+        return undefined;
+    }
+    return Array.isArray(raw) ? String(raw[0]) : String(raw);
+}
+//# sourceMappingURL=fuul-api-client.js.map

package/dist/http/fuul-api-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fuul-api-client.js","sourceRoot":"","sources":["../../src/http/fuul-api-client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAiD,MAAM,OAAO,CAAC;AAItE,OAAO,EAAE,gBAAgB,EAAY,MAAM,kBAAkB,CAAC;AAC9D,OAAO,EAAE,sBAAsB,EAAE,0BAA0B,EAAE,MAAM,kBAAkB,CAAC;AAEtF,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAElC,MAAM,OAAO,gBAAiB,SAAQ,KAAK;IAChC,IAAI,GAAG,eAAwB,CAAC;IAEzC;QACE,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAC5C,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;QAC/B,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpD,CAAC;CACF;AAED,MAAM,OAAO,eAAgB,SAAQ,KAAK;IAK7B;IACA;IAEA;IAPF,IAAI,GAAG,mBAA4B,CAAC;IAE7C,YACE,OAAe,EACN,MAAc,EACd,IAAc;IACvB,oEAAoE;IAC3D,iBAA0B;QAEnC,KAAK,CAAC,OAAO,CAAC,CAAC;QALN,WAAM,GAAN,MAAM,CAAQ;QACd,SAAI,GAAJ,IAAI,CAAU;QAEd,sBAAiB,GAAjB,iBAAiB,CAAS;QAGnC,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;QAC9B,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpD,CAAC;CACF;AAWD;;GAEG;AACH,MAAM,OAAO,aAAa;IAKL;IACA;IALF,IAAI,CAAgB;IAErC,YACE,GAAQ,EACS,UAAsB,EACtB,KAAkB;QADlB,eAAU,GAAV,UAAU,CAAY;QACtB,UAAK,GAAL,KAAK,CAAa;QAEnC,IAAI,CAAC,IAAI,GAAG,KAAK,CAAC,MAAM,CAAC;YACvB,OAAO,EAAE,gBAAgB,CAAC,GAAG,CAAC;YAC9B,OAAO,EAAE,kBAAkB;YAC3B,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,cAAc,EAAE,GAAG,EAAE,CAAC,IAAI;SAC3B,CAAC,CAAC;IACL,CAAC;IAED,kEAAkE;IAClE,KAAK,CAAC,WAAW;QACf,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAU;YACvD,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,mBAAmB;SACzB,CAAC,CAAC;QACH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACvB,MAAM,oBAAoB,CAAC,GAAG,CAAC,CAAC;QAClC,CAAC;QACD,OAAO,GAAG,CAAC,IAAI,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CACjB,GAAW,EACX,YAAqC,EACrC,KAA+B;QAQ/B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAU;YACvD,MAAM,EAAE,KAAK;YACb,GAAG;YACH,OAAO,EAAE,YAAY;YACrB,MAAM,EAAE,KAAK;SACd,CAAC,CAAC;QACH,OAAO;YACL,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,IAAI,EAAE,UAAU,CAAC,GAAG,EAAE,MAAM,CAAC;YAC7B,YAAY,EAAE,UAAU,CAAC,GAAG,EAAE,eAAe,CAAC;YAC9C,iBAAiB,EAAE,0BAA0B,CAAC,GAAG,CAAC,OAAO,CAAC;SAC3D,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,GAAW,EAAE,OAA+E;QACxG,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAU;YACvD,MAAM,EAAE,KAAK;YACb,GAAG;YACH,OAAO,EAAE,OAAO,EAAE,OAAO;YACzB,MAAM,EAAE,OAAO,EAAE,KAAK;SACvB,CAAC,CAAC;QACH,iBAAiB,CAAC,GAAG,CAAC,CAAC;QACvB,OAAO,GAAG,CAAC,IAAI,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,GAAW,EAAE,IAAa;QACvC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAU;YACvD,MAAM,EAAE,MAAM;YACd,GAAG;YACH,IAAI,EAAE,IAAI;SACX,CAAC,CAAC;QACH,iBAAiB,CAAC,GAAG,CAAC,CAAC;QACvB,OAAO,GAAG,CAAC,IAAI,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,GAAW,EAAE,IAAa;QACxC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAU;YACvD,MAAM,EAAE,OAAO;YACf,GAAG;YACH,IAAI,EAAE,IAAI;SACX,CAAC,CAAC;QACH,iBAAiB,CAAC,GAAG,CAAC,CAAC;QACvB,OAAO,GAAG,CAAC,IAAI,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,wBAAwB,CAAI,IAA8B;QACtE,IAAI,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;QAC1C,IAAI,CAAC,MAAM,EAAE,YAAY,EAAE,CAAC;YAC1B,MAAM,IAAI,gBAAgB,EAAE,CAAC;QAC/B,CAAC;QAED,MAAM,GAAG,GAAG,CAAC,WAAmB,EAAE,EAAE,CAClC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAI;YACnB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,EAAE;YACpE,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,IAAI,EAAE,IAAI,CAAC,IAAI;SAChB,CAAC,CAAC;QAEL,IAAI,GAAG,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAEzC,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;YAC/C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC;YACtD,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,GAAG,SAAS,CAAC;gBACnB,GAAG,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AAED,MAAM,UAAU,iBAAiB,CAAC,GAAkB;IAClD,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QAC1C,OAAO;IACT,CAAC;IACD,MAAM,oBAAoB,CAAC,GAAG,CAAC,CAAC;AAClC,CAAC;AAED,SAAS,oBAAoB,CAAC,GAAkB;IAC9C,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QACvB,MAAM,UAAU,GAAG,0BAA0B,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAC3D,OAAO,IAAI,eAAe,CAAC,sBAAsB,CAAC,UAAU,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IAC5F,CAAC;IACD,OAAO,IAAI,eAAe,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;AAC1F,CAAC;AAED,SAAS,eAAe,CAAC,IAAa,EAAE,MAAc;IACpD,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,IAA+B,CAAC;QAC1C,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;YAClC,OAAO,CAAC,CAAC,OAAO,CAAC;QACnB,CAAC;QACD,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7B,OAAO,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;IACD,OAAO,wBAAwB,MAAM,GAAG,CAAC;AAC3C,CAAC;AAED,SAAS,UAAU,CAAC,GAAkB,EAAE,IAAY;IAClD,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IACjE,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAChB,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;AAC3D,CAAC"}

package/dist/http/nest-query.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Serialize query params for NestJS controllers that expect repeated keys
+ * (e.g. statuses=Active&statuses=Paused) instead of axios default bracket indexing.
+ */
+export declare function buildNestQueryString(params: Record<string, unknown>): string;
+//# sourceMappingURL=nest-query.d.ts.map

package/dist/http/nest-query.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nest-query.d.ts","sourceRoot":"","sources":["../../src/http/nest-query.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAiB5E"}

package/dist/http/nest-query.js

@@ -0,0 +1,24 @@
+/**
+ * Serialize query params for NestJS controllers that expect repeated keys
+ * (e.g. statuses=Active&statuses=Paused) instead of axios default bracket indexing.
+ */
+export function buildNestQueryString(params) {
+    const search = new URLSearchParams();
+    for (const [key, value] of Object.entries(params)) {
+        if (value === undefined || value === null || value === '') {
+            continue;
+        }
+        if (Array.isArray(value)) {
+            for (const item of value) {
+                if (item !== undefined && item !== null && item !== '') {
+                    search.append(key, String(item));
+                }
+            }
+        }
+        else {
+            search.append(key, String(value));
+        }
+    }
+    return search.toString();
+}
+//# sourceMappingURL=nest-query.js.map

package/dist/http/nest-query.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"nest-query.js","sourceRoot":"","sources":["../../src/http/nest-query.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,MAA+B;IAClE,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;IACrC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,EAAE,EAAE,CAAC;YAC1D,SAAS;QACX,CAAC;QACD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,EAAE,EAAE,CAAC;oBACvD,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;gBACnC,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;AAC3B,CAAC"}

package/dist/http/retry-after.d.ts

@@ -0,0 +1,8 @@
+import type { AxiosResponseHeaders, RawAxiosResponseHeaders } from 'axios';
+/**
+ * Parses Retry-After from response headers (seconds or HTTP-date).
+ * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Retry-After
+ */
+export declare function parseRetryAfterFromHeaders(headers: RawAxiosResponseHeaders | AxiosResponseHeaders): number | undefined;
+export declare function formatRateLimitMessage(retryAfterSeconds?: number): string;
+//# sourceMappingURL=retry-after.d.ts.map

package/dist/http/retry-after.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"retry-after.d.ts","sourceRoot":"","sources":["../../src/http/retry-after.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,uBAAuB,EAAE,MAAM,OAAO,CAAC;AAE3E;;;GAGG;AACH,wBAAgB,0BAA0B,CAAC,OAAO,EAAE,uBAAuB,GAAG,oBAAoB,GAAG,MAAM,GAAG,SAAS,CAgBtH;AAED,wBAAgB,sBAAsB,CAAC,iBAAiB,CAAC,EAAE,MAAM,GAAG,MAAM,CAKzE"}

package/dist/http/retry-after.js

@@ -0,0 +1,28 @@
+/**
+ * Parses Retry-After from response headers (seconds or HTTP-date).
+ * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Retry-After
+ */
+export function parseRetryAfterFromHeaders(headers) {
+    const raw = headers['retry-after'] ?? headers['Retry-After'];
+    const v = Array.isArray(raw) ? raw[0] : raw;
+    if (v == null || v === '') {
+        return undefined;
+    }
+    const s = String(v).trim();
+    const asNum = Number(s);
+    if (Number.isFinite(asNum) && asNum >= 0) {
+        return Math.ceil(asNum);
+    }
+    const dateMs = Date.parse(s);
+    if (Number.isFinite(dateMs)) {
+        return Math.max(0, Math.ceil((dateMs - Date.now()) / 1000));
+    }
+    return undefined;
+}
+export function formatRateLimitMessage(retryAfterSeconds) {
+    if (retryAfterSeconds != null && retryAfterSeconds > 0) {
+        return `Rate limited (HTTP 429). Retry after approximately ${retryAfterSeconds} second(s). Back off and avoid parallel bursts.`;
+    }
+    return 'Rate limited (HTTP 429). Back off and retry later; respect Retry-After when present.';
+}
+//# sourceMappingURL=retry-after.js.map

package/dist/http/retry-after.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"retry-after.js","sourceRoot":"","sources":["../../src/http/retry-after.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,MAAM,UAAU,0BAA0B,CAAC,OAAuD;IAChG,MAAM,GAAG,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,OAAO,CAAC,aAAa,CAAC,CAAC;IAC7D,MAAM,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAC5C,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;QAC1B,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC3B,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACxB,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;QACzC,OAAO,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC1B,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC7B,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5B,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;IAC9D,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,iBAA0B;IAC/D,IAAI,iBAAiB,IAAI,IAAI,IAAI,iBAAiB,GAAG,CAAC,EAAE,CAAC;QACvD,OAAO,sDAAsD,iBAAiB,iDAAiD,CAAC;IAClI,CAAC;IACD,OAAO,sFAAsF,CAAC;AAChG,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":""}