@greensecurity/javascript-sdk 0.9.1 → 0.11.0

package/src/mcp-server/tools/organizationsGetFacility.ts

@@ -0,0 +1,37 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { organizationsGetFacility } from "../../funcs/organizationsGetFacility.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.GetFacilityRequest$inboundSchema,
+};
+
+export const tool$organizationsGetFacility: ToolDefinition<typeof args> = {
+  name: "organizations_get-facility",
+  description: `Get facility
+
+Retrieve an individual facility.`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await organizationsGetFacility(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/organizationsListOrSearchFacilities.ts

@@ -0,0 +1,52 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { organizationsListOrSearchFacilities } from "../../funcs/organizationsListOrSearchFacilities.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.ListOrSearchFacilitiesRequest$inboundSchema,
+};
+
+export const tool$organizationsListOrSearchFacilities: ToolDefinition<
+  typeof args
+> = {
+  name: "organizations_list-or-search-facilities",
+  description: `List or search facilities
+
+List or search facilities.
+
+Available \`expand\` scopes are:
+
+- facility.appointment_policy
+- facility.contacts
+- facility.vendor_counts
+- facility.flu_credential
+- facility.scrubs_policy
+- facility.system
+- facility.vendor_guest_policy
+- facility.vendor_policy
+- facility.visitor_policy
+- facility.workflow`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await organizationsListOrSearchFacilities(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/userGetCurrentUser.ts

@@ -0,0 +1,30 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { userGetCurrentUser } from "../../funcs/userGetCurrentUser.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+export const tool$userGetCurrentUser: ToolDefinition = {
+  name: "user_get-current-user",
+  description: `Get current user
+
+Returns a user object for the user represented by the authorization token`,
+  tool: async (client, ctx) => {
+    const [result, apiCall] = await userGetCurrentUser(
+      client,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/userGetUserById.ts

@@ -0,0 +1,37 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { userGetUserById } from "../../funcs/userGetUserById.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.GetUserByIdRequest$inboundSchema,
+};
+
+export const tool$userGetUserById: ToolDefinition<typeof args> = {
+  name: "user_get-user-by-id",
+  description: `Get user by id
+
+Returns a user object for the user represented by the identifier in the path.`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await userGetUserById(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/userLogsUserIntoTheSystem.ts

@@ -0,0 +1,67 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { userLogsUserIntoTheSystem } from "../../funcs/userLogsUserIntoTheSystem.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.LogsUserIntoTheSystemRequestBody$inboundSchema,
+};
+
+export const tool$userLogsUserIntoTheSystem: ToolDefinition<typeof args> = {
+  name: "user_logs-user-into-the-system",
+  description: `Logs user into the system
+
+This endpoint allows a user to authenticate themselves and retrieve a permanent token for access.
+
+Permanent tokens should only ever be stored in an encrypted storage because they represent a fully logged in user.
+
+Users may log in with \`email/password\`, \`SAML\`, \`magic link\` or \`mfa\`. The application should handle all of the above as equally valid login methods.
+
+The most common way to authenticate a user is to log in with an email and password. If the user provides valid credentials, the server will either respond with a full user object including the token.
+
+When the user's account is protected via MFA, the server will send a 6 digit code to the user via their default MFA provider. You should collect that code and resend the email, password and mfa_code together to get a successful authentication.
+
+The ideal flow for a login sequence is the following:
+
+1. Present an email address field only and allow the user to submit
+2. Send \`email\` and \`return_url\` payload to this endpoint
+3. Follow the flow based on the response \`requires\` field
+
+Requires: \`password\`
+
+1. Show a password field for the user to fill out
+2. Submit the \`email\` and \`password\` to this endpoint
+3. If the response is \`200\`, the login is done. If the response is \`201\`, then check if \`requires: mfa_code\` is returned and show MFA flow
+4. Submit \`email\`, \`password\`, \`mfa_code\` to this endpoint
+5. If the response is \`200\`, the login is done. Otherwise, show the appropriate error to the user and go back to step 1 or 3 depending on the error.
+
+Requires: \`saml_login\`
+
+1. [Open a browser](https://docs.expo.dev/versions/latest/sdk/webbrowser/#webbrowseropenauthsessionasyncurl-redirecturl-options) to the url returned in \`sso_url\`
+2. User completes sign-in using their configured SAML IdP
+3. Site redirects to your selected \`return_url\`
+4. The \`user_token\` will be appended as a query string parameter to your \`return_url\` - you must parse this token and store it
+5. Fetch the user object from \`/users/me\` using the token`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await userLogsUserIntoTheSystem(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/userMagiclink.ts

@@ -0,0 +1,37 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { userMagiclink } from "../../funcs/userMagiclink.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.MagiclinkRequestBody$inboundSchema,
+};
+
+export const tool$userMagiclink: ToolDefinition<typeof args> = {
+  name: "user_magiclink",
+  description: `Magic link
+
+It sends an email with a magic link to allow the user to log in.`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await userMagiclink(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/userPassword.ts

@@ -0,0 +1,38 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { userPassword } from "../../funcs/userPassword.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.PasswordRequestBody$inboundSchema,
+};
+
+export const tool$userPassword: ToolDefinition<typeof args> = {
+  name: "user_password",
+  description: `Password reset
+
+Resets the a user's password using a password_reset_id that was sent to them via email.
+See /users/passwordresetrequest to initiate a password reset flow.`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await userPassword(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/userPasswordResetRequest.ts

@@ -0,0 +1,37 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { userPasswordResetRequest } from "../../funcs/userPasswordResetRequest.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.PasswordResetRequestRequestBody$inboundSchema,
+};
+
+export const tool$userPasswordResetRequest: ToolDefinition<typeof args> = {
+  name: "user_password-reset-request",
+  description: `Password reset request
+
+It sends an email with a link for resetting a user's password.`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await userPasswordResetRequest(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools/vendorsCreateVendorRegistration.ts

@@ -0,0 +1,38 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { vendorsCreateVendorRegistration } from "../../funcs/vendorsCreateVendorRegistration.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.CreateVendorRegistrationRequestBody$inboundSchema,
+};
+
+export const tool$vendorsCreateVendorRegistration: ToolDefinition<typeof args> =
+  {
+    name: "vendors_create-vendor-registration",
+    description: `Create vendor registration
+
+Create an initial vendor registration. Once successful, the vendor will be able to continue to filling out the rest of their onboarding profile.`,
+    args,
+    tool: async (client, args, ctx) => {
+      const [result, apiCall] = await vendorsCreateVendorRegistration(
+        client,
+        args.request,
+        { fetchOptions: { signal: ctx.signal } },
+      ).$inspect();
+
+      if (!result.ok) {
+        return {
+          content: [{ type: "text", text: result.error.message }],
+          isError: true,
+        };
+      }
+
+      const value = result.value;
+
+      return formatResult(value, apiCall);
+    },
+  };

package/src/mcp-server/tools/vendorsListVendorJobTitles.ts

@@ -0,0 +1,37 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { vendorsListVendorJobTitles } from "../../funcs/vendorsListVendorJobTitles.js";
+import * as operations from "../../models/operations/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+
+const args = {
+  request: operations.ListVendorJobTitlesRequest$inboundSchema,
+};
+
+export const tool$vendorsListVendorJobTitles: ToolDefinition<typeof args> = {
+  name: "vendors_list-vendor-job-titles",
+  description: `List vendor job titles
+
+List valid job titles for Vendors. This can be used during sign up or in a filter.`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await vendorsListVendorJobTitles(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+
+    const value = result.value;
+
+    return formatResult(value, apiCall);
+  },
+};

package/src/mcp-server/tools.ts

@@ -0,0 +1,116 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { RequestHandlerExtra } from "@modelcontextprotocol/sdk/shared/protocol.js";
+import { CallToolResult } from "@modelcontextprotocol/sdk/types.js";
+import { objectOutputType, ZodRawShape, ZodTypeAny } from "zod";
+import { GreenSecurityCore } from "../core.js";
+import { ConsoleLogger } from "./console-logger.js";
+import { MCPScope } from "./scopes.js";
+import { isAsyncIterable, isBinaryData, valueToBase64 } from "./shared.js";
+
+export type ToolDefinition<Args extends undefined | ZodRawShape = undefined> =
+  Args extends ZodRawShape ? {
+      name: string;
+      description: string;
+      scopes?: MCPScope[];
+      args: Args;
+      tool: (
+        client: GreenSecurityCore,
+        args: objectOutputType<Args, ZodTypeAny>,
+        extra: RequestHandlerExtra,
+      ) => CallToolResult | Promise<CallToolResult>;
+    }
+    : {
+      name: string;
+      description: string;
+      scopes?: MCPScope[];
+      args?: undefined;
+      tool: (
+        client: GreenSecurityCore,
+        extra: RequestHandlerExtra,
+      ) => CallToolResult | Promise<CallToolResult>;
+    };
+
+export async function formatResult(
+  value: unknown,
+  init: { response?: Response | undefined },
+): Promise<CallToolResult> {
+  if (typeof value === "undefined") {
+    return { content: [] };
+  }
+
+  const { response } = init;
+  const contentType = response?.headers.get("content-type") ?? "";
+  let content: CallToolResult["content"] = [];
+
+  if (contentType.search(/\bjson\b/g)) {
+    content = [{ type: "text", text: JSON.stringify(value) }];
+  } else if (
+    contentType.startsWith("text/event-stream")
+    && isAsyncIterable(value)
+  ) {
+    content = await consumeSSE(value);
+  } else if (contentType.startsWith("text/") && typeof value === "string") {
+    content = [{ type: "text", text: value }];
+  } else if (isBinaryData(value) && contentType.startsWith("image/")) {
+    const data = await valueToBase64(value);
+    content = data == null
+      ? []
+      : [{ type: "image", data, mimeType: contentType }];
+  } else {
+    return {
+      content: [{
+        type: "text",
+        text: `Unsupported content type: "${contentType}"`,
+      }],
+      isError: true,
+    };
+  }
+
+  return { content };
+}
+
+async function consumeSSE(
+  value: AsyncIterable<unknown>,
+): Promise<CallToolResult["content"]> {
+  const content: CallToolResult["content"] = [];
+
+  for await (const chunk of value) {
+    if (typeof chunk === "string") {
+      content.push({ type: "text", text: chunk });
+    } else {
+      content.push({ type: "text", text: JSON.stringify(chunk) });
+    }
+  }
+
+  return content;
+}
+
+export function createRegisterTool(
+  logger: ConsoleLogger,
+  server: McpServer,
+  sdk: GreenSecurityCore,
+  allowedScopes: Set<MCPScope>,
+): <A extends ZodRawShape | undefined>(tool: ToolDefinition<A>) => void {
+  return <A extends ZodRawShape | undefined>(tool: ToolDefinition<A>): void => {
+    const toolScopes = tool.scopes ?? [];
+    if (!toolScopes.every((s) => allowedScopes.has(s))) {
+      return;
+    }
+
+    if (tool.args) {
+      server.tool(tool.name, tool.description, tool.args, async (args, ctx) => {
+        return tool.tool(sdk, args, ctx);
+      });
+    } else {
+      server.tool(tool.name, tool.description, async (ctx) => {
+        return tool.tool(sdk, ctx);
+      });
+    }
+
+    logger.debug("Registered tool", { name: tool.name });
+  };
+}

package/src/models/operations/index.ts

@@ -8,3 +8,6 @@ export * from "./getuserbyid.js";
 export * from "./listorsearchfacilities.js";
 export * from "./listvendorjobtitles.js";
 export * from "./logsuserintothesystem.js";
+export * from "./magiclink.js";
+export * from "./password.js";
+export * from "./passwordresetrequest.js";

package/src/models/operations/magiclink.ts

@@ -0,0 +1,127 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import * as z from "zod";
+import { safeParse } from "../../lib/schemas.js";
+import { Result as SafeParseResult } from "../../types/fp.js";
+import { SDKValidationError } from "../errors/sdkvalidationerror.js";
+
+export type MagiclinkRequestBody = {
+  email: string;
+};
+
+/**
+ * The request was successful, and the server has returned the requested resource in the response body.
+ */
+export type MagiclinkResponseBody = {
+  success: boolean;
+};
+
+/** @internal */
+export const MagiclinkRequestBody$inboundSchema: z.ZodType<
+  MagiclinkRequestBody,
+  z.ZodTypeDef,
+  unknown
+> = z.object({
+  email: z.string(),
+});
+
+/** @internal */
+export type MagiclinkRequestBody$Outbound = {
+  email: string;
+};
+
+/** @internal */
+export const MagiclinkRequestBody$outboundSchema: z.ZodType<
+  MagiclinkRequestBody$Outbound,
+  z.ZodTypeDef,
+  MagiclinkRequestBody
+> = z.object({
+  email: z.string(),
+});
+
+/**
+ * @internal
+ * @deprecated This namespace will be removed in future versions. Use schemas and types that are exported directly from this module.
+ */
+export namespace MagiclinkRequestBody$ {
+  /** @deprecated use `MagiclinkRequestBody$inboundSchema` instead. */
+  export const inboundSchema = MagiclinkRequestBody$inboundSchema;
+  /** @deprecated use `MagiclinkRequestBody$outboundSchema` instead. */
+  export const outboundSchema = MagiclinkRequestBody$outboundSchema;
+  /** @deprecated use `MagiclinkRequestBody$Outbound` instead. */
+  export type Outbound = MagiclinkRequestBody$Outbound;
+}
+
+export function magiclinkRequestBodyToJSON(
+  magiclinkRequestBody: MagiclinkRequestBody,
+): string {
+  return JSON.stringify(
+    MagiclinkRequestBody$outboundSchema.parse(magiclinkRequestBody),
+  );
+}
+
+export function magiclinkRequestBodyFromJSON(
+  jsonString: string,
+): SafeParseResult<MagiclinkRequestBody, SDKValidationError> {
+  return safeParse(
+    jsonString,
+    (x) => MagiclinkRequestBody$inboundSchema.parse(JSON.parse(x)),
+    `Failed to parse 'MagiclinkRequestBody' from JSON`,
+  );
+}
+
+/** @internal */
+export const MagiclinkResponseBody$inboundSchema: z.ZodType<
+  MagiclinkResponseBody,
+  z.ZodTypeDef,
+  unknown
+> = z.object({
+  success: z.boolean(),
+});
+
+/** @internal */
+export type MagiclinkResponseBody$Outbound = {
+  success: boolean;
+};
+
+/** @internal */
+export const MagiclinkResponseBody$outboundSchema: z.ZodType<
+  MagiclinkResponseBody$Outbound,
+  z.ZodTypeDef,
+  MagiclinkResponseBody
+> = z.object({
+  success: z.boolean(),
+});
+
+/**
+ * @internal
+ * @deprecated This namespace will be removed in future versions. Use schemas and types that are exported directly from this module.
+ */
+export namespace MagiclinkResponseBody$ {
+  /** @deprecated use `MagiclinkResponseBody$inboundSchema` instead. */
+  export const inboundSchema = MagiclinkResponseBody$inboundSchema;
+  /** @deprecated use `MagiclinkResponseBody$outboundSchema` instead. */
+  export const outboundSchema = MagiclinkResponseBody$outboundSchema;
+  /** @deprecated use `MagiclinkResponseBody$Outbound` instead. */
+  export type Outbound = MagiclinkResponseBody$Outbound;
+}
+
+export function magiclinkResponseBodyToJSON(
+  magiclinkResponseBody: MagiclinkResponseBody,
+): string {
+  return JSON.stringify(
+    MagiclinkResponseBody$outboundSchema.parse(magiclinkResponseBody),
+  );
+}
+
+export function magiclinkResponseBodyFromJSON(
+  jsonString: string,
+): SafeParseResult<MagiclinkResponseBody, SDKValidationError> {
+  return safeParse(
+    jsonString,
+    (x) => MagiclinkResponseBody$inboundSchema.parse(JSON.parse(x)),
+    `Failed to parse 'MagiclinkResponseBody' from JSON`,
+  );
+}