@greensecurity/javascript-sdk 0.10.2 → 0.12.0

package/src/mcp-server/console-logger.ts

@@ -0,0 +1,71 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+export const consoleLoggerLevels = [
+  "debug",
+  "warning",
+  "info",
+  "error",
+] as const;
+
+export type ConsoleLoggerLevel = (typeof consoleLoggerLevels)[number];
+
+export type ConsoleLogger = {
+  [key in ConsoleLoggerLevel]: (
+    message: string,
+    data?: Record<string, unknown>,
+  ) => void;
+};
+
+export function createConsoleLogger(level: ConsoleLoggerLevel): ConsoleLogger {
+  const min = consoleLoggerLevels.indexOf(level);
+  const noop = () => {};
+
+  const logger: ConsoleLogger = {
+    debug: noop,
+    warning: noop,
+    info: noop,
+    error: noop,
+  };
+
+  return consoleLoggerLevels.reduce((logger, level, i) => {
+    if (i < min) {
+      return logger;
+    }
+
+    logger[level] = log.bind(null, level);
+
+    return logger;
+  }, logger);
+}
+
+function log(
+  level: ConsoleLoggerLevel,
+  message: string,
+  data?: Record<string, unknown>,
+) {
+  let line = "";
+  const allData = [{ msg: message, l: level }, data];
+
+  for (const ctx of allData) {
+    for (const [key, value] of Object.entries(ctx || {})) {
+      if (value == null) {
+        line += ` ${key}=<${value}>`;
+      } else if (typeof value === "function") {
+        line += ` ${key}=<function>`;
+      } else if (typeof value === "symbol") {
+        line += ` ${key}=${value.toString()}`;
+      } else if (typeof value === "string") {
+        const v = value.search(/\s/g) >= 0 ? JSON.stringify(value) : value;
+        line += ` ${key}=${v}`;
+      } else if (typeof value !== "object") {
+        line += ` ${key}=${value}`;
+      } else {
+        line += ` ${key}="${JSON.stringify(value)}"`;
+      }
+    }
+  }
+
+  console.error(line);
+}

package/src/mcp-server/mcp-server.ts

@@ -0,0 +1,26 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { buildApplication, buildRouteMap, run } from "@stricli/core";
+import process from "node:process";
+import { buildContext } from "./cli.js";
+import { startCommand } from "./cli/start/command.js";
+
+const routes = buildRouteMap({
+  routes: {
+    start: startCommand,
+  },
+  docs: {
+    brief: "MCP server CLI",
+  },
+});
+
+export const app = buildApplication(routes, {
+  name: "mcp",
+  versionInfo: {
+    currentVersion: "0.12.0",
+  },
+});
+
+run(app, process.argv.slice(2), buildContext(process));

package/src/mcp-server/resources.ts

@@ -0,0 +1,96 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { ResourceTemplate } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { RequestHandlerExtra } from "@modelcontextprotocol/sdk/shared/protocol.js";
+import { Variables } from "@modelcontextprotocol/sdk/shared/uriTemplate.js";
+import { ReadResourceResult } from "@modelcontextprotocol/sdk/types.js";
+import { GreenSecurityCore } from "../core.js";
+import { Result } from "../types/fp.js";
+import { MCPScope } from "./scopes.js";
+import { isAsyncIterable, isBinaryData, valueToBase64 } from "./shared.js";
+
+export type ReadResourceCallback = (
+  client: GreenSecurityCore,
+  uri: URL,
+  extra: RequestHandlerExtra,
+) => ReadResourceResult | Promise<ReadResourceResult>;
+
+export type ResourceDefinition = {
+  name: string;
+  description: string;
+  scopes?: MCPScope[];
+  resource: string;
+  read: ReadResourceCallback;
+};
+
+export type ReadResourceTemplateCallback = (
+  client: GreenSecurityCore,
+  uri: URL,
+  vars: Variables,
+  extra: RequestHandlerExtra,
+) => ReadResourceResult | Promise<ReadResourceResult>;
+
+export type ResourceTemplateDefinition = {
+  name: string;
+  description: string;
+  scopes?: MCPScope[];
+  resource: ResourceTemplate;
+  read: ReadResourceTemplateCallback;
+};
+
+export async function formatResult(
+  result: Result<unknown, Error>,
+  uri: URL,
+  init: { response?: Response | undefined },
+): Promise<ReadResourceResult> {
+  if (!result.ok) {
+    throw result.error;
+  }
+
+  const { value } = result;
+  if (typeof value === "undefined") {
+    return { contents: [] };
+  }
+
+  const { response } = init;
+  const mimeType = response?.headers.get("content-type") ?? "";
+  let contents: ReadResourceResult["contents"] = [];
+
+  if (mimeType.search(/\bjson\b/g)) {
+    contents = [{ uri: uri.toString(), mimeType, text: JSON.stringify(value) }];
+  } else if (
+    mimeType.startsWith("text/event-stream")
+    && isAsyncIterable(value)
+  ) {
+    contents = [
+      {
+        uri: uri.toString(),
+        mimeType: "application/json",
+        text: await stringifySSEToJSON(value),
+      },
+    ];
+  } else if (mimeType.startsWith("text/") && typeof value === "string") {
+    contents = [{ uri: uri.toString(), mimeType, text: value }];
+  } else if (isBinaryData(value)) {
+    const blob = await valueToBase64(value);
+    contents = blob == null ? [] : [{ uri: uri.toString(), blob, mimeType }];
+  } else {
+    throw new Error(`Unsupported content type: "${mimeType}"`);
+  }
+
+  return { contents };
+}
+
+async function stringifySSEToJSON(
+  value: AsyncIterable<unknown>,
+): Promise<string> {
+  const payloads = [];
+
+  for await (const chunk of value) {
+    payloads.push(chunk);
+  }
+
+  return JSON.stringify(payloads);
+}

package/src/mcp-server/scopes.ts

@@ -0,0 +1,7 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+export const mcpScopes = [] as const;
+
+export type MCPScope = (typeof mcpScopes)[number];

package/src/mcp-server/server.ts

@@ -0,0 +1,54 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { GreenSecurityCore } from "../core.js";
+import { SDKOptions } from "../lib/config.js";
+import type { ConsoleLogger } from "./console-logger.js";
+import { MCPScope, mcpScopes } from "./scopes.js";
+import { createRegisterTool } from "./tools.js";
+import { tool$organizationsGetFacility } from "./tools/organizationsGetFacility.js";
+import { tool$organizationsListOrSearchFacilities } from "./tools/organizationsListOrSearchFacilities.js";
+import { tool$userGetCurrentUser } from "./tools/userGetCurrentUser.js";
+import { tool$userGetUserById } from "./tools/userGetUserById.js";
+import { tool$userLogsUserIntoTheSystem } from "./tools/userLogsUserIntoTheSystem.js";
+import { tool$userMagiclink } from "./tools/userMagiclink.js";
+import { tool$userPassword } from "./tools/userPassword.js";
+import { tool$userPasswordResetRequest } from "./tools/userPasswordResetRequest.js";
+import { tool$vendorsCreateVendorRegistration } from "./tools/vendorsCreateVendorRegistration.js";
+import { tool$vendorsListVendorJobTitles } from "./tools/vendorsListVendorJobTitles.js";
+
+export function createMCPServer(deps: {
+  logger: ConsoleLogger;
+  scopes?: MCPScope[] | undefined;
+  serverURL?: string | undefined;
+  security?: SDKOptions["security"] | undefined;
+  serverIdx?: SDKOptions["serverIdx"] | undefined;
+}) {
+  const server = new McpServer({
+    name: "GreenSecurity",
+    version: "0.12.0",
+  });
+
+  const client = new GreenSecurityCore({
+    security: deps.security,
+    serverURL: deps.serverURL,
+    serverIdx: deps.serverIdx,
+  });
+  const scopes = new Set(deps.scopes ?? mcpScopes);
+  const tool = createRegisterTool(deps.logger, server, client, scopes);
+
+  tool(tool$vendorsCreateVendorRegistration);
+  tool(tool$vendorsListVendorJobTitles);
+  tool(tool$userGetCurrentUser);
+  tool(tool$userGetUserById);
+  tool(tool$userLogsUserIntoTheSystem);
+  tool(tool$userMagiclink);
+  tool(tool$userPasswordResetRequest);
+  tool(tool$userPassword);
+  tool(tool$organizationsListOrSearchFacilities);
+  tool(tool$organizationsGetFacility);
+
+  return server;
+}

package/src/mcp-server/shared.ts

@@ -0,0 +1,75 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import * as z from "zod";
+import { bytesToBase64 } from "../lib/base64.js";
+
+type BinaryData =
+  | Uint8Array
+  | ArrayBuffer
+  | Blob
+  | ReadableStream
+  | Response
+  | string;
+
+export async function consumeStream(
+  stream: ReadableStream<Uint8Array>,
+): Promise<Uint8Array> {
+  const reader = stream.getReader();
+  const chunks: Uint8Array[] = [];
+
+  try {
+    while (true) {
+      const { done, value } = await reader.read();
+      if (value != null) chunks.push(value);
+      if (done) break;
+    }
+  } finally {
+    reader.releaseLock();
+  }
+
+  return new Uint8Array(await new Blob(chunks).arrayBuffer());
+}
+
+export function isAsyncIterable(
+  value: unknown,
+): value is AsyncIterable<string> {
+  return (
+    typeof value === "object" && value != null && Symbol.asyncIterator in value
+  );
+}
+
+export function isBinaryData(value: unknown): value is BinaryData {
+  return (
+    value instanceof Uint8Array
+    || value instanceof ArrayBuffer
+    || value instanceof Blob
+    || value instanceof ReadableStream
+    || value instanceof Response
+    || typeof value === "string"
+  );
+}
+
+const base64Schema = z.string().base64();
+
+export async function valueToBase64(
+  value: BinaryData | null | undefined,
+): Promise<string | null> {
+  if (value == null) {
+    return null;
+  } else if (value instanceof Uint8Array) {
+    return bytesToBase64(value);
+  } else if (value instanceof ArrayBuffer) {
+    return bytesToBase64(new Uint8Array(value));
+  } else if (value instanceof Response || value instanceof Blob) {
+    return bytesToBase64(new Uint8Array(await value.arrayBuffer()));
+  } else if (value instanceof ReadableStream) {
+    return bytesToBase64(await consumeStream(value));
+  } else if (typeof value === "string") {
+    return base64Schema.parse(value);
+  } else {
+    value satisfies never;
+    throw new Error(`Unsupported image value type: ${typeof value}`);
+  }
+}

package/src/mcp-server/tools/organizationsGetFacility.ts

@@ -0,0 +1,37 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { organizationsGetFacility } from "../../funcs/organizationsGetFacility.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.GetFacilityRequest$inboundSchema,
+};
+
+export const tool$organizationsGetFacility: ToolDefinition<typeof args> = {
+  name: "organizations_get-facility",
+  description: `Get facility
+
+Retrieve an individual facility.`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await organizationsGetFacility(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/organizationsListOrSearchFacilities.ts

@@ -0,0 +1,52 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { organizationsListOrSearchFacilities } from "../../funcs/organizationsListOrSearchFacilities.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.ListOrSearchFacilitiesRequest$inboundSchema,
+};
+
+export const tool$organizationsListOrSearchFacilities: ToolDefinition<
+  typeof args
+> = {
+  name: "organizations_list-or-search-facilities",
+  description: `List or search facilities
+
+List or search facilities.
+
+Available \`expand\` scopes are:
+
+- facility.appointment_policy
+- facility.contacts
+- facility.vendor_counts
+- facility.flu_credential
+- facility.scrubs_policy
+- facility.system
+- facility.vendor_guest_policy
+- facility.vendor_policy
+- facility.visitor_policy
+- facility.workflow`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await organizationsListOrSearchFacilities(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/userGetCurrentUser.ts

@@ -0,0 +1,30 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { userGetCurrentUser } from "../../funcs/userGetCurrentUser.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+export const tool$userGetCurrentUser: ToolDefinition = {
+  name: "user_get-current-user",
+  description: `Get current user
+
+Returns a user object for the user represented by the authorization token`,
+  tool: async (client, ctx) => {
+    const [result, apiCall] = await userGetCurrentUser(
+      client,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/userGetUserById.ts

@@ -0,0 +1,37 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { userGetUserById } from "../../funcs/userGetUserById.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.GetUserByIdRequest$inboundSchema,
+};
+
+export const tool$userGetUserById: ToolDefinition<typeof args> = {
+  name: "user_get-user-by-id",
+  description: `Get user by id
+
+Returns a user object for the user represented by the identifier in the path.`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await userGetUserById(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/userLogsUserIntoTheSystem.ts

@@ -0,0 +1,67 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { userLogsUserIntoTheSystem } from "../../funcs/userLogsUserIntoTheSystem.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.LogsUserIntoTheSystemRequestBody$inboundSchema,
+};
+
+export const tool$userLogsUserIntoTheSystem: ToolDefinition<typeof args> = {
+  name: "user_logs-user-into-the-system",
+  description: `Logs user into the system
+
+This endpoint allows a user to authenticate themselves and retrieve a permanent token for access.
+
+Permanent tokens should only ever be stored in an encrypted storage because they represent a fully logged in user.
+
+Users may log in with \`email/password\`, \`SAML\`, \`magic link\` or \`mfa\`. The application should handle all of the above as equally valid login methods.
+
+The most common way to authenticate a user is to log in with an email and password. If the user provides valid credentials, the server will either respond with a full user object including the token.
+
+When the user's account is protected via MFA, the server will send a 6 digit code to the user via their default MFA provider. You should collect that code and resend the email, password and mfa_code together to get a successful authentication.
+
+The ideal flow for a login sequence is the following:
+
+1. Present an email address field only and allow the user to submit
+2. Send \`email\` and \`return_url\` payload to this endpoint
+3. Follow the flow based on the response \`requires\` field
+
+Requires: \`password\`
+
+1. Show a password field for the user to fill out
+2. Submit the \`email\` and \`password\` to this endpoint
+3. If the response is \`200\`, the login is done. If the response is \`201\`, then check if \`requires: mfa_code\` is returned and show MFA flow
+4. Submit \`email\`, \`password\`, \`mfa_code\` to this endpoint
+5. If the response is \`200\`, the login is done. Otherwise, show the appropriate error to the user and go back to step 1 or 3 depending on the error.
+
+Requires: \`saml_login\`
+
+1. [Open a browser](https://docs.expo.dev/versions/latest/sdk/webbrowser/#webbrowseropenauthsessionasyncurl-redirecturl-options) to the url returned in \`sso_url\`
+2. User completes sign-in using their configured SAML IdP
+3. Site redirects to your selected \`return_url\`
+4. The \`user_token\` will be appended as a query string parameter to your \`return_url\` - you must parse this token and store it
+5. Fetch the user object from \`/users/me\` using the token`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await userLogsUserIntoTheSystem(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/userMagiclink.ts

@@ -0,0 +1,37 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { userMagiclink } from "../../funcs/userMagiclink.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.MagiclinkRequestBody$inboundSchema,
+};
+
+export const tool$userMagiclink: ToolDefinition<typeof args> = {
+  name: "user_magiclink",
+  description: `Magic link
+
+It sends an email with a magic link to allow the user to log in.`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await userMagiclink(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/userPassword.ts

@@ -0,0 +1,38 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { userPassword } from "../../funcs/userPassword.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.PasswordRequestBody$inboundSchema,
+};
+
+export const tool$userPassword: ToolDefinition<typeof args> = {
+  name: "user_password",
+  description: `Password reset
+
+Resets the a user's password using a password_reset_id that was sent to them via email.
+See /users/passwordresetrequest to initiate a password reset flow.`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await userPassword(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/userPasswordResetRequest.ts

@@ -0,0 +1,37 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { userPasswordResetRequest } from "../../funcs/userPasswordResetRequest.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.PasswordResetRequestRequestBody$inboundSchema,
+};
+
+export const tool$userPasswordResetRequest: ToolDefinition<typeof args> = {
+  name: "user_password-reset-request",
+  description: `Password reset request
+
+It sends an email with a link for resetting a user's password.`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await userPasswordResetRequest(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};