@hapticpaper/mcp-server 1.0.3 → 1.0.5

package/dist/auth/access.js

@@ -14,10 +14,16 @@ function parseScopesFromClaims(claims) {
     }
     return Array.from(new Set(scopes));
 }
-export function verifyAccessToken(extra) {
+/**
+ * Try to verify an access token from the MCP extra.authInfo.
+ * Returns null if no token is present (allows fallback to client tokenProvider for stdio mode).
+ * Throws if token is invalid.
+ */
+export function tryVerifyAccessToken(extra) {
     const token = extra?.authInfo?.token;
     if (!token) {
-        throw new Error('Authentication required: connect your account to use this tool.');
+        // No token in extra - this is OK for stdio transport, let the API client handle auth
+        return null;
     }
     const secret = process.env.JWT_SECRET;
     if (!secret) {
@@ -37,13 +43,30 @@ export function verifyAccessToken(extra) {
         raw: decoded,
     };
 }
+/**
+ * Backwards-compatible - throws if no token. Use tryVerifyAccessToken for nullable return.
+ */
+export function verifyAccessToken(extra) {
+    const auth = tryVerifyAccessToken(extra);
+    if (!auth) {
+        throw new Error('Authentication required: connect your account to use this tool.');
+    }
+    return auth;
+}
+/**
+ * Check scopes. Returns null if no token in extra (for stdio fallback to API client auth).
+ */
 export function requireScopes(extra, required) {
-    const auth = verifyAccessToken(extra);
-    if (required.length === 0)
-        return auth;
-    const ok = required.every((s) => auth.scopes.includes(s));
-    if (!ok) {
-        throw new Error(`Missing required permission(s): ${required.join(', ')}`);
+    const auth = tryVerifyAccessToken(extra);
+    if (!auth) {
+        // No token in extra - let the API client handle auth (stdio mode with tokenProvider)
+        return null;
+    }
+    if (required.length > 0) {
+        const ok = required.every((s) => auth.scopes.includes(s));
+        if (!ok) {
+            throw new Error(`Missing required permission(s): ${required.join(', ')}`);
+        }
     }
     return auth;
 }

package/dist/index.js

@@ -115,6 +115,12 @@ ${widgetJs}
     const client = new HireHumanClient({
         baseUrl: process.env.API_URL || 'https://hapticpaper.com/api/v1',
         tokenProvider: async () => {
+            // 1. Check for API key (CI/headless mode)
+            const apiKey = process.env.HAPTIC_API_KEY;
+            if (apiKey) {
+                return apiKey;
+            }
+            // 2. Check for stored OAuth tokens
             const tokens = await tokenManager.loadTokens();
             if (tokens?.access_token) {
                 // Check if token is expired (with 5 min buffer)
@@ -124,7 +130,7 @@ ${widgetJs}
                 }
                 return tokens.access_token;
             }
-            // No token - auto-trigger OAuth
+            // 3. No token - auto-trigger OAuth
             return runOAuthFlow();
         }
     });

package/dist/tools/account.js

@@ -32,8 +32,9 @@ export function registerAccountTools(server, client) {
     const getAccountInvoked = 'Account details ready';
     const getAccountHandler = async (_args, extra) => {
         try {
+            // For HTTP transport, auth comes from extra.authInfo. For stdio, auth is handled by tokenProvider.
             const auth = requireScopes(extra, ['account:read']);
-            const result = await client.getAccount(auth.token);
+            const result = await client.getAccount(auth?.token);
             const account = result.data;
             const widgetSessionId = `account:${account.userId}`;
             return {

package/dist/tools/estimates.js

@@ -37,8 +37,8 @@ export function registerEstimateTools(server, client) {
     const getEstimateHandler = async (args, extra) => {
         try {
             const auth = requireScopes(extra, ['tasks:read']);
-            const est = await client.getEstimate(args, auth.token);
-            const widgetSessionId = stableSessionId('estimate', JSON.stringify({ userId: auth.userId ?? auth.clientId, args }));
+            const est = await client.getEstimate(args, auth?.token);
+            const widgetSessionId = stableSessionId('estimate', JSON.stringify({ userId: auth?.userId ?? auth?.clientId, args }));
             return {
                 structuredContent: {
                     estimate: {
@@ -90,7 +90,7 @@ export function registerEstimateTools(server, client) {
         try {
             const auth = requireScopes(extra, ['tasks:read']);
             const cats = await client.getSkillCategories();
-            const widgetSessionId = stableSessionId('skills', auth.userId ?? auth.clientId);
+            const widgetSessionId = stableSessionId('skills', auth?.userId ?? auth?.clientId);
             const text = cats
                 .map((c) => `### ${c.name}\n${c.description}\nRange: $${c.priceRange.min}-$${c.priceRange.max}`)
                 .join('\n\n');

package/dist/tools/tasks.js

@@ -53,7 +53,7 @@ export function registerTaskTools(server, client) {
     const createTaskHandler = async (args, extra) => {
         try {
             const auth = requireScopes(extra, ['tasks:write']);
-            const task = await client.createTask(args, auth.token);
+            const task = await client.createTask(args, auth?.token);
             const widgetSessionId = `task:${task.id}`;
             return {
                 structuredContent: {
@@ -101,7 +101,7 @@ export function registerTaskTools(server, client) {
     const getTaskHandler = async (args, extra) => {
         try {
             const auth = requireScopes(extra, ['tasks:read']);
-            const task = await client.getTask(args.taskId, auth.token);
+            const task = await client.getTask(args.taskId, auth?.token);
             const widgetSessionId = `task:${args.taskId}`;
             return {
                 structuredContent: {
@@ -144,9 +144,9 @@ export function registerTaskTools(server, client) {
     const listTasksHandler = async (args, extra) => {
         try {
             const auth = requireScopes(extra, ['tasks:read']);
-            const tasks = await client.listTasks(args, auth.token);
+            const tasks = await client.listTasks(args, auth?.token);
             const items = Array.isArray(tasks) ? tasks : tasks?.tasks ?? [];
-            const widgetSessionId = stableSessionId('tasks', auth.userId ?? auth.clientId);
+            const widgetSessionId = stableSessionId('tasks', auth?.userId ?? auth?.clientId);
             if (items.length === 0) {
                 return {
                     structuredContent: { tasks: [] },
@@ -204,7 +204,7 @@ export function registerTaskTools(server, client) {
     const cancelTaskHandler = async (args, extra) => {
         try {
             const auth = requireScopes(extra, ['tasks:write']);
-            const res = await client.cancelTask(args.taskId, args.reason, auth.token);
+            const res = await client.cancelTask(args.taskId, args.reason, auth?.token);
             const widgetSessionId = `task:${args.taskId}`;
             return {
                 structuredContent: {

package/dist/tools/workers.js

@@ -45,8 +45,8 @@ export function registerWorkerTools(server, client) {
     const searchWorkersHandler = async (args, extra) => {
         try {
             const auth = requireScopes(extra, ['workers:read']);
-            const result = await client.searchWorkers(args, auth.token);
-            const widgetSessionId = stableSessionId('workers', JSON.stringify({ userId: auth.userId ?? auth.clientId, args }));
+            const result = await client.searchWorkers(args, auth?.token);
+            const widgetSessionId = stableSessionId('workers', JSON.stringify({ userId: auth?.userId ?? auth?.clientId, args }));
             if (!result.workers || result.workers.length === 0) {
                 return {
                     structuredContent: { workers: [], suggestedBudget: result?.suggestedBudget },
@@ -105,7 +105,7 @@ export function registerWorkerTools(server, client) {
     const getWorkerProfileHandler = async (args, extra) => {
         try {
             const auth = requireScopes(extra, ['workers:read']);
-            const worker = await client.getWorkerProfile(args.workerId, auth.token);
+            const worker = await client.getWorkerProfile(args.workerId, auth?.token);
             const widgetSessionId = `worker:${args.workerId}`;
             return {
                 structuredContent: { worker },

package/package.json

@@ -1,6 +1,7 @@
 {
   "name": "@hapticpaper/mcp-server",
-  "version": "1.0.3",
+  "mcpName": "com.hapticpaper/mcp",
+  "version": "1.0.5",
   "description": "Official MCP Server for Haptic Paper - Connect your account to AI models",
   "type": "module",
   "main": "dist/index.js",
@@ -13,6 +14,7 @@
   },
   "files": [
     "dist",
+    "server.json",
     "README.md"
   ],
   "scripts": {

package/server.json

@@ -0,0 +1,47 @@
+{
+  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
+  "name": "com.hapticpaper/mcp",
+  "title": "Haptic Paper",
+  "description": "Connect your AI to human workers. When AI needs help, Haptic Paper makes it happen - from data labeling to physical tasks.",
+  "icons": [
+    {
+      "mimeType": "image/png",
+      "sizes": ["32x32"],
+      "src": "https://hapticpaper.com/favicon-32x32.png"
+    },
+    {
+      "mimeType": "image/png",
+      "sizes": ["192x192"],
+      "src": "https://hapticpaper.com/android-chrome-192x192.png"
+    }
+  ],
+  "repository": {
+    "url": "https://github.com/hapticpaper/hh",
+    "source": "github",
+    "subfolder": "packages/mcp-server"
+  },
+  "websiteUrl": "https://hapticpaper.com/developer",
+  "version": "1.0.4",
+  "packages": [
+    {
+      "registryType": "npm",
+      "registryBaseUrl": "https://registry.npmjs.org",
+      "identifier": "@hapticpaper/mcp-server",
+      "version": "1.0.4",
+      "transport": {
+        "type": "stdio"
+      },
+      "runtimeHint": "npx",
+      "runtimeArguments": [],
+      "environmentVariables": [
+        {
+          "name": "HAPTIC_API_KEY",
+          "description": "Your Haptic Paper API key. Generate one at https://hapticpaper.com/developer",
+          "format": "string",
+          "isRequired": false,
+          "isSecret": true
+        }
+      ]
+    }
+  ]
+}