@instantkom/mcp-server 1.0.0 → 3.129.1

package/dist/tools/public/device-flow.js

@@ -0,0 +1,117 @@
+/**
+ * Public Tools - Device Authorization Flow (RFC 8628)
+ * No authentication required for start/poll; JWT required for approve
+ */
+/**
+ * Start a device authorization flow.
+ * Returns device_code, user_code and verification_uri for the CLI auth flow.
+ */
+export async function startDeviceFlow(apiClient, args) {
+    const response = await apiClient.post('/v1/auth/device', {
+        scope: args.scope ?? 'read',
+    });
+    return {
+        content: [
+            {
+                type: 'text',
+                text: JSON.stringify(response, null, 2),
+            },
+        ],
+    };
+}
+/**
+ * Poll for a device authorization token.
+ * Returns access_token when approved, or an RFC 8628 error code otherwise.
+ */
+export async function pollDeviceToken(apiClient, args) {
+    const response = await apiClient.post('/v1/auth/device/token', {
+        grant_type: 'urn:ietf:params:oauth:grant-type:device_code',
+        device_code: args.device_code,
+    });
+    return {
+        content: [
+            {
+                type: 'text',
+                text: JSON.stringify(response, null, 2),
+            },
+        ],
+    };
+}
+/**
+ * Approve or deny a device authorization request.
+ * Requires JWT authentication (frontend session).
+ */
+export async function approveDeviceFlow(apiClient, args) {
+    await apiClient.post('/v1/auth/device/approve', {
+        user_code: args.user_code,
+        scope: args.scope,
+        action: args.action,
+    });
+    return {
+        content: [
+            {
+                type: 'text',
+                text: JSON.stringify({ success: true }, null, 2),
+            },
+        ],
+    };
+}
+export const deviceFlowTools = [
+    {
+        name: 'start_device_flow',
+        description: 'Start an RFC 8628 device authorization flow. ' +
+            'Returns device_code (for polling) and user_code (for the user to enter at verification_uri).',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                scope: {
+                    type: 'string',
+                    enum: ['full', 'send', 'read', 'admin'],
+                    description: 'Requested token scope (default: read)',
+                },
+            },
+            required: [],
+        },
+    },
+    {
+        name: 'poll_device_token',
+        description: 'Poll for a device authorization token after starting a device flow. ' +
+            'Returns the access_token when approved, or an RFC 8628 error code.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                device_code: {
+                    type: 'string',
+                    description: 'Device code from the start_device_flow response',
+                },
+            },
+            required: ['device_code'],
+        },
+    },
+    {
+        name: 'approve_device_flow',
+        description: 'Approve or deny a device authorization request (requires JWT authentication). ' +
+            'Called by the frontend approval page.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                user_code: {
+                    type: 'string',
+                    description: 'User code displayed on the device',
+                },
+                scope: {
+                    type: 'string',
+                    enum: ['full', 'send', 'read', 'admin'],
+                    description: 'Scope to grant to the device token',
+                },
+                action: {
+                    type: 'string',
+                    enum: ['approve', 'deny'],
+                    description: 'Whether to approve or deny the request',
+                },
+            },
+            required: ['user_code', 'scope', 'action'],
+        },
+    },
+];
+//# sourceMappingURL=device-flow.js.map

package/dist/tools/public/device-flow.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"device-flow.js","sourceRoot":"","sources":["../../../src/tools/public/device-flow.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,SAAoB,EACpB,IAAwB;IAExB,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,iBAAiB,EAAE;QACvD,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,MAAM;KAC5B,CAAC,CAAC;IAEH,OAAO;QACL,OAAO,EAAE;YACP;gBACE,IAAI,EAAE,MAAM;gBACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;aACxC;SACF;KACF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,SAAoB,EACpB,IAA6B;IAE7B,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,uBAAuB,EAAE;QAC7D,UAAU,EAAE,8CAA8C;QAC1D,WAAW,EAAE,IAAI,CAAC,WAAW;KAC9B,CAAC,CAAC;IAEH,OAAO;QACL,OAAO,EAAE;YACP;gBACE,IAAI,EAAE,MAAM;gBACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;aACxC;SACF;KACF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,SAAoB,EACpB,IAAsE;IAEtE,MAAM,SAAS,CAAC,IAAI,CAAC,yBAAyB,EAAE;QAC9C,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,MAAM,EAAE,IAAI,CAAC,MAAM;KACpB,CAAC,CAAC;IAEH,OAAO;QACL,OAAO,EAAE;YACP;gBACE,IAAI,EAAE,MAAM;gBACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;aACjD;SACF;KACF,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,eAAe,GAAG;IAC7B;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EACT,+CAA+C;YAC/C,8FAA8F;QAChG,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,KAAK,EAAE;oBACL,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC;oBACvC,WAAW,EAAE,uCAAuC;iBACrD;aACF;YACD,QAAQ,EAAE,EAAE;SACb;KACF;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EACT,sEAAsE;YACtE,oEAAoE;QACtE,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,WAAW,EAAE;oBACX,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,iDAAiD;iBAC/D;aACF;YACD,QAAQ,EAAE,CAAC,aAAa,CAAC;SAC1B;KACF;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EACT,gFAAgF;YAChF,uCAAuC;QACzC,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,SAAS,EAAE;oBACT,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,mCAAmC;iBACjD;gBACD,KAAK,EAAE;oBACL,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC;oBACvC,WAAW,EAAE,oCAAoC;iBAClD;gBACD,MAAM,EAAE;oBACN,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;oBACzB,WAAW,EAAE,wCAAwC;iBACtD;aACF;YACD,QAAQ,EAAE,CAAC,WAAW,EAAE,OAAO,EAAE,QAAQ,CAAC;SAC3C;KACF;CACF,CAAC"}

package/dist/tools/public/health.d.ts

@@ -2,7 +2,7 @@
  * Public Tools - Health Check
  * No authentication required
  */
-import type { ApiClient } from '../../client/api-client.js';
+import type { ApiClient } from '@instantkom/api-client';
 export declare function getHealth(apiClient: ApiClient): Promise<any>;
 export declare const healthTools: {
     name: string;

package/dist/tools/public/health.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"health.d.ts","sourceRoot":"","sources":["../../../src/tools/public/health.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AAE5D,wBAAsB,SAAS,CAAC,SAAS,EAAE,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,CAWlE;AAED,eAAO,MAAM,WAAW;;;;;;;;GAUvB,CAAC"}
+{"version":3,"file":"health.d.ts","sourceRoot":"","sources":["../../../src/tools/public/health.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAExD,wBAAsB,SAAS,CAAC,SAAS,EAAE,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,CAWlE;AAED,eAAO,MAAM,WAAW;;;;;;;;GAUvB,CAAC"}

package/dist/tools/public/index.d.ts

@@ -3,7 +3,8 @@
  * Aggregates all public tools
  */
 export { getHealth, healthTools } from './health.js';
-export declare const publicTools: {
+export { startDeviceFlow, pollDeviceToken, approveDeviceFlow, deviceFlowTools, } from './device-flow.js';
+export declare const publicTools: ({
     name: string;
     description: string;
     inputSchema: {
@@ -11,5 +12,45 @@ export declare const publicTools: {
         properties: {};
         required: never[];
     };
-}[];
+} | {
+    name: string;
+    description: string;
+    inputSchema: {
+        type: string;
+        properties: {
+            device_code: {
+                type: string;
+                description: string;
+            };
+            scope?: undefined;
+            user_code?: undefined;
+            action?: undefined;
+        };
+        required: string[];
+    };
+} | {
+    name: string;
+    description: string;
+    inputSchema: {
+        type: string;
+        properties: {
+            user_code: {
+                type: string;
+                description: string;
+            };
+            scope: {
+                type: string;
+                enum: string[];
+                description: string;
+            };
+            action: {
+                type: string;
+                enum: string[];
+                description: string;
+            };
+            device_code?: undefined;
+        };
+        required: string[];
+    };
+})[];
 //# sourceMappingURL=index.d.ts.map

package/dist/tools/public/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/tools/public/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAErD,eAAO,MAAM,WAAW;;;;;;;;GAEvB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/tools/public/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,EACL,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,eAAe,GAChB,MAAM,kBAAkB,CAAC;AAE1B,eAAO,MAAM,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAAuC,CAAC"}

package/dist/tools/public/index.js

@@ -3,8 +3,8 @@
  * Aggregates all public tools
  */
 import { healthTools } from './health.js';
+import { deviceFlowTools } from './device-flow.js';
 export { getHealth, healthTools } from './health.js';
-export const publicTools = [
-    ...healthTools,
-];
+export { startDeviceFlow, pollDeviceToken, approveDeviceFlow, deviceFlowTools, } from './device-flow.js';
+export const publicTools = [...healthTools, ...deviceFlowTools];
 //# sourceMappingURL=index.js.map

package/dist/tools/public/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/tools/public/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE1C,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAErD,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,GAAG,WAAW;CACf,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/tools/public/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAEnD,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,EACL,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,eAAe,GAChB,MAAM,kBAAkB,CAAC;AAE1B,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,GAAG,WAAW,EAAE,GAAG,eAAe,CAAC,CAAC"}

package/dist/tools/tool-router.d.ts

@@ -5,7 +5,7 @@
  * Convention: tool name in snake_case maps to handler function in camelCase.
  * Example: 'list_channels' -> listChannels, 'admin_get_plan' -> adminGetPlan
  */
-import type { ApiClient } from '../client/api-client.js';
+import type { ApiClient } from '@instantkom/api-client';
 /**
  * Execute a tool by name
  */

package/dist/tools/tool-router.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"tool-router.d.ts","sourceRoot":"","sources":["../../src/tools/tool-router.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AAmHzD;;GAEG;AACH,wBAAsB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAQ7F;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEpD;AAED;;GAEG;AACH,wBAAgB,sBAAsB,IAAI,MAAM,CAE/C"}
+{"version":3,"file":"tool-router.d.ts","sourceRoot":"","sources":["../../src/tools/tool-router.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAmHxD;;GAEG;AACH,wBAAsB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAQ7F;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEpD;AAED;;GAEG;AACH,wBAAgB,sBAAsB,IAAI,MAAM,CAE/C"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@instantkom/mcp-server",
-  "version": "1.0.0",
+  "version": "3.129.1",
   "description": "Model Context Protocol Server for the instantKOM REST API. Lets Claude Code, Claude Desktop and other MCP-compatible AI assistants drive your instantKOM messengerzentrale.",
   "main": "dist/index.public.js",
   "types": "dist/index.public.d.ts",
@@ -66,6 +66,7 @@
     "url": "https://github.com/instantKOM/mcp-server/issues"
   },
   "dependencies": {
+    "@instantkom/api-client": "file:../../packages/api-client",
     "@modelcontextprotocol/sdk": "^1.29.0",
     "dotenv": "^17.4.2",
     "node-fetch": "^3.3.2"
@@ -83,7 +84,6 @@
     "ip-address": "^10.2.0"
   },
   "publishConfig": {
-    "access": "public",
-    "provenance": true
+    "access": "public"
   }
 }

package/dist/client/api-client.d.ts

@@ -1,76 +0,0 @@
-/**
- * HTTP Client for instantKOM REST API
- * Handles authentication and request/response transformation
- */
-import type { TenantConfig } from '../types/index.js';
-export declare class ApiClient {
-    private baseUrl;
-    private apiKey;
-    private tenantId;
-    private scope;
-    private username?;
-    private password?;
-    private jwtAccessToken?;
-    private jwtRefreshToken?;
-    private jwtExpiresAt?;
-    constructor(tenant: TenantConfig);
-    /**
-     * Login and cache JWT tokens. Throws if 2FA is required or login fails.
-     */
-    private loginJwt;
-    /**
-     * Refresh the JWT access token using the stored refresh token.
-     * Returns false if refresh fails (caller should re-login).
-     */
-    private refreshJwt;
-    /**
-     * Returns a valid JWT access token, refreshing or re-logging in as needed.
-     */
-    private ensureJwtToken;
-    /**
-     * Make an authenticated request to the API.
-     * Returns parsed response data directly. Throws on HTTP errors.
-     */
-    private request;
-    /**
-     * Invalidate cached JWT tokens. Next request will trigger a fresh login.
-     */
-    resetAuth(): void;
-    /**
-     * GET request
-     */
-    get<T>(path: string, queryParams?: Record<string, any>): Promise<T>;
-    /**
-     * GET request for binary responses.
-     */
-    getBinary(path: string, queryParams?: Record<string, any>): Promise<{
-        buffer: Buffer;
-        contentType: string | null;
-        contentDisposition: string | null;
-    }>;
-    /**
-     * POST request
-     */
-    post<T>(path: string, body?: any): Promise<T>;
-    /**
-     * PUT request
-     */
-    put<T>(path: string, body?: any): Promise<T>;
-    /**
-     * PATCH request
-     */
-    patch<T>(path: string, body?: any): Promise<T>;
-    /**
-     * DELETE request
-     */
-    delete<T>(path: string, body?: any): Promise<T>;
-    /**
-     * Get the base URL
-     */
-    getBaseUrl(): string;
-    /**
-     * Get the tenant ID
-     */
-    getTenantId(): string;
-}
-//# sourceMappingURL=api-client.d.ts.map

package/dist/client/api-client.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"api-client.d.ts","sourceRoot":"","sources":["../../src/client/api-client.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEtD,qBAAa,SAAS;IACpB,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,QAAQ,CAAC,CAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,CAAS;IAG1B,OAAO,CAAC,cAAc,CAAC,CAAS;IAChC,OAAO,CAAC,eAAe,CAAC,CAAS;IACjC,OAAO,CAAC,YAAY,CAAC,CAAS;gBAElB,MAAM,EAAE,YAAY;IAWhC;;OAEG;YACW,QAAQ;IAoBtB;;;OAGG;YACW,UAAU;IAoBxB;;OAEG;YACW,cAAc;IAa5B;;;OAGG;YACW,OAAO;IA4DrB;;OAEG;IACH,SAAS,IAAI,IAAI;IAOjB;;OAEG;IACG,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAIzE;;OAEG;IACG,SAAS,CACb,IAAI,EAAE,MAAM,EACZ,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAChC,OAAO,CAAC;QACT,MAAM,EAAE,MAAM,CAAC;QACf,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;QAC3B,kBAAkB,EAAE,MAAM,GAAG,IAAI,CAAC;KACnC,CAAC;IA4CF;;OAEG;IACG,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC;IAInD;;OAEG;IACG,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC;IAIlD;;OAEG;IACG,KAAK,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC;IAIpD;;OAEG;IACG,MAAM,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC;IAIrD;;OAEG;IACH,UAAU,IAAI,MAAM;IAIpB;;OAEG;IACH,WAAW,IAAI,MAAM;CAGtB"}

package/dist/client/api-client.js

@@ -1,234 +0,0 @@
-/**
- * HTTP Client for instantKOM REST API
- * Handles authentication and request/response transformation
- */
-import fetch from 'node-fetch';
-export class ApiClient {
-    baseUrl;
-    apiKey;
-    tenantId;
-    scope;
-    username;
-    password;
-    // JWT token cache
-    jwtAccessToken;
-    jwtRefreshToken;
-    jwtExpiresAt; // ms timestamp
-    constructor(tenant) {
-        this.baseUrl = tenant.apiUrl;
-        this.apiKey = tenant.apiKey;
-        this.tenantId = tenant.id;
-        this.scope = tenant.scope;
-        // App-scope tenants use the Public API (/v1/*) which only accepts API keys.
-        // Only admin-scope tenants use JWT authentication.
-        this.username = tenant.scope === 'admin' ? tenant.username : undefined;
-        this.password = tenant.scope === 'admin' ? tenant.password : undefined;
-    }
-    /**
-     * Login and cache JWT tokens. Throws if 2FA is required or login fails.
-     */
-    async loginJwt() {
-        const url = new URL('/auth/login', this.baseUrl);
-        const response = await fetch(url.toString(), {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json', 'User-Agent': 'instantKOM-MCP-Server/1.0.0' },
-            body: JSON.stringify({ username: this.username, password: this.password }),
-        });
-        const data = await response.json();
-        if (!response.ok) {
-            throw new Error(`JWT login failed (${response.status}): ${data?.message || response.statusText}`);
-        }
-        if (data.requiresTwoFactor) {
-            throw new Error('JWT login requires 2FA — use a service account without 2FA enabled');
-        }
-        this.jwtAccessToken = data.accessToken;
-        this.jwtRefreshToken = data.refreshToken;
-        this.jwtExpiresAt = Date.now() + (data.expiresIn ?? 900) * 1000;
-        console.error(`[API] JWT login successful (tenant: ${this.tenantId}), expires in ${data.expiresIn}s`);
-    }
-    /**
-     * Refresh the JWT access token using the stored refresh token.
-     * Returns false if refresh fails (caller should re-login).
-     */
-    async refreshJwt() {
-        try {
-            const url = new URL('/auth/refresh', this.baseUrl);
-            const response = await fetch(url.toString(), {
-                method: 'POST',
-                headers: { 'Content-Type': 'application/json', 'User-Agent': 'instantKOM-MCP-Server/1.0.0' },
-                body: JSON.stringify({ refreshToken: this.jwtRefreshToken }),
-            });
-            if (!response.ok)
-                return false;
-            const data = await response.json();
-            this.jwtAccessToken = data.accessToken;
-            if (data.refreshToken)
-                this.jwtRefreshToken = data.refreshToken;
-            this.jwtExpiresAt = Date.now() + (data.expiresIn ?? 900) * 1000;
-            console.error('[API] JWT token refreshed');
-            return true;
-        }
-        catch {
-            return false;
-        }
-    }
-    /**
-     * Returns a valid JWT access token, refreshing or re-logging in as needed.
-     */
-    async ensureJwtToken() {
-        const buffer = 60_000; // 1 min safety margin before expiry
-        if (this.jwtAccessToken && this.jwtExpiresAt && Date.now() < this.jwtExpiresAt - buffer) {
-            return this.jwtAccessToken;
-        }
-        if (this.jwtRefreshToken) {
-            const refreshed = await this.refreshJwt();
-            if (refreshed)
-                return this.jwtAccessToken;
-        }
-        await this.loginJwt();
-        return this.jwtAccessToken;
-    }
-    /**
-     * Make an authenticated request to the API.
-     * Returns parsed response data directly. Throws on HTTP errors.
-     */
-    async request(method, path, body, queryParams) {
-        // Build URL with query parameters
-        const url = new URL(path.startsWith('/') ? path : `/${path}`, this.baseUrl);
-        if (queryParams) {
-            Object.entries(queryParams).forEach(([key, value]) => {
-                if (value !== undefined && value !== null) {
-                    url.searchParams.append(key, String(value));
-                }
-            });
-        }
-        // Resolve auth: JWT (if credentials configured) or API key
-        const token = this.username && this.password
-            ? await this.ensureJwtToken()
-            : this.apiKey;
-        // Prepare request options
-        const options = {
-            method,
-            headers: {
-                'Content-Type': 'application/json',
-                'Authorization': `Bearer ${token}`,
-                'User-Agent': 'instantKOM-MCP-Server/1.0.0',
-            },
-        };
-        if (body && (method === 'POST' || method === 'PUT' || method === 'PATCH' || method === 'DELETE')) {
-            options.body = JSON.stringify(body);
-        }
-        console.error(`[API] ${method} ${url.pathname}${url.search}`);
-        // Make the request
-        const response = await fetch(url.toString(), options);
-        const responseText = await response.text();
-        // Try to parse JSON response
-        let data;
-        try {
-            data = responseText ? JSON.parse(responseText) : null;
-        }
-        catch {
-            data = responseText;
-        }
-        // Handle error responses
-        if (!response.ok) {
-            const message = data?.message || response.statusText;
-            console.error(`[API] Error ${response.status}: ${responseText}`);
-            throw new Error(`HTTP ${response.status}: ${message}`);
-        }
-        return data;
-    }
-    /**
-     * Invalidate cached JWT tokens. Next request will trigger a fresh login.
-     */
-    resetAuth() {
-        this.jwtAccessToken = undefined;
-        this.jwtRefreshToken = undefined;
-        this.jwtExpiresAt = undefined;
-        console.error(`[API] Auth cache cleared (tenant: ${this.tenantId})`);
-    }
-    /**
-     * GET request
-     */
-    async get(path, queryParams) {
-        return this.request('GET', path, undefined, queryParams);
-    }
-    /**
-     * GET request for binary responses.
-     */
-    async getBinary(path, queryParams) {
-        const url = new URL(path.startsWith('/') ? path : `/${path}`, this.baseUrl);
-        if (queryParams) {
-            Object.entries(queryParams).forEach(([key, value]) => {
-                if (value !== undefined && value !== null) {
-                    url.searchParams.append(key, String(value));
-                }
-            });
-        }
-        const token = this.username && this.password
-            ? await this.ensureJwtToken()
-            : this.apiKey;
-        const response = await fetch(url.toString(), {
-            method: 'GET',
-            headers: {
-                'Authorization': `Bearer ${token}`,
-                'User-Agent': 'instantKOM-MCP-Server/1.0.0',
-            },
-        });
-        if (!response.ok) {
-            const responseText = await response.text();
-            let data;
-            try {
-                data = responseText ? JSON.parse(responseText) : null;
-            }
-            catch {
-                data = responseText;
-            }
-            const message = data?.message || response.statusText;
-            throw new Error(`HTTP ${response.status}: ${message}`);
-        }
-        const arrayBuffer = await response.arrayBuffer();
-        return {
-            buffer: Buffer.from(arrayBuffer),
-            contentType: response.headers.get('content-type'),
-            contentDisposition: response.headers.get('content-disposition'),
-        };
-    }
-    /**
-     * POST request
-     */
-    async post(path, body) {
-        return this.request('POST', path, body);
-    }
-    /**
-     * PUT request
-     */
-    async put(path, body) {
-        return this.request('PUT', path, body);
-    }
-    /**
-     * PATCH request
-     */
-    async patch(path, body) {
-        return this.request('PATCH', path, body);
-    }
-    /**
-     * DELETE request
-     */
-    async delete(path, body) {
-        return this.request('DELETE', path, body);
-    }
-    /**
-     * Get the base URL
-     */
-    getBaseUrl() {
-        return this.baseUrl;
-    }
-    /**
-     * Get the tenant ID
-     */
-    getTenantId() {
-        return this.tenantId;
-    }
-}
-//# sourceMappingURL=api-client.js.map

package/dist/client/api-client.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../../src/client/api-client.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAgC,MAAM,YAAY,CAAC;AAG1D,MAAM,OAAO,SAAS;IACZ,OAAO,CAAS;IAChB,MAAM,CAAS;IACf,QAAQ,CAAS;IACjB,KAAK,CAAS;IACd,QAAQ,CAAU;IAClB,QAAQ,CAAU;IAE1B,kBAAkB;IACV,cAAc,CAAU;IACxB,eAAe,CAAU;IACzB,YAAY,CAAU,CAAC,eAAe;IAE9C,YAAY,MAAoB;QAC9B,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QAC5B,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,EAAE,CAAC;QAC1B,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QAC1B,4EAA4E;QAC5E,mDAAmD;QACnD,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,KAAK,KAAK,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;QACvE,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,KAAK,KAAK,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IACzE,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,QAAQ;QACpB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,YAAY,EAAE,6BAA6B,EAAE;YAC5F,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;SAC3E,CAAC,CAAC;QACH,MAAM,IAAI,GAAQ,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACxC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,qBAAqB,QAAQ,CAAC,MAAM,MAAM,IAAI,EAAE,OAAO,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;QACpG,CAAC;QACD,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;QACxF,CAAC;QACD,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,WAAW,CAAC;QACvC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,SAAS,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC;QAChE,OAAO,CAAC,KAAK,CAAC,uCAAuC,IAAI,CAAC,QAAQ,iBAAiB,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC;IACxG,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,UAAU;QACtB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,eAAe,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YACnD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;gBAC3C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,YAAY,EAAE,6BAA6B,EAAE;gBAC5F,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,YAAY,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC;aAC7D,CAAC,CAAC;YACH,IAAI,CAAC,QAAQ,CAAC,EAAE;gBAAE,OAAO,KAAK,CAAC;YAC/B,MAAM,IAAI,GAAQ,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACxC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,WAAW,CAAC;YACvC,IAAI,IAAI,CAAC,YAAY;gBAAE,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,YAAY,CAAC;YAChE,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,SAAS,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC;YAChE,OAAO,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC3C,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc;QAC1B,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,oCAAoC;QAC3D,IAAI,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,YAAY,GAAG,MAAM,EAAE,CAAC;YACxF,OAAO,IAAI,CAAC,cAAc,CAAC;QAC7B,CAAC;QACD,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACzB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;YAC1C,IAAI,SAAS;gBAAE,OAAO,IAAI,CAAC,cAAe,CAAC;QAC7C,CAAC;QACD,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACtB,OAAO,IAAI,CAAC,cAAe,CAAC;IAC9B,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,OAAO,CACnB,MAAc,EACd,IAAY,EACZ,IAAU,EACV,WAAiC;QAEjC,kCAAkC;QAClC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QAE5E,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;gBACnD,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;oBAC1C,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QAED,2DAA2D;QAC3D,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ;YAC1C,CAAC,CAAC,MAAM,IAAI,CAAC,cAAc,EAAE;YAC7B,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC;QAEhB,0BAA0B;QAC1B,MAAM,OAAO,GAAgB;YAC3B,MAAM;YACN,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,eAAe,EAAE,UAAU,KAAK,EAAE;gBAClC,YAAY,EAAE,6BAA6B;aAC5C;SACF,CAAC;QAEF,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,MAAM,IAAI,MAAM,KAAK,KAAK,IAAI,MAAM,KAAK,OAAO,IAAI,MAAM,KAAK,QAAQ,CAAC,EAAE,CAAC;YACjG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QACtC,CAAC;QAED,OAAO,CAAC,KAAK,CAAC,SAAS,MAAM,IAAI,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QAE9D,mBAAmB;QACnB,MAAM,QAAQ,GAAa,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,OAAO,CAAC,CAAC;QAChE,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAE3C,6BAA6B;QAC7B,IAAI,IAAS,CAAC;QACd,IAAI,CAAC;YACH,IAAI,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACxD,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,GAAG,YAAY,CAAC;QACtB,CAAC;QAED,yBAAyB;QACzB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,OAAO,GAAG,IAAI,EAAE,OAAO,IAAI,QAAQ,CAAC,UAAU,CAAC;YACrD,OAAO,CAAC,KAAK,CAAC,eAAe,QAAQ,CAAC,MAAM,KAAK,YAAY,EAAE,CAAC,CAAC;YACjE,MAAM,IAAI,KAAK,CAAC,QAAQ,QAAQ,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC,CAAC;QACzD,CAAC;QAED,OAAO,IAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,SAAS;QACP,IAAI,CAAC,cAAc,GAAG,SAAS,CAAC;QAChC,IAAI,CAAC,eAAe,GAAG,SAAS,CAAC;QACjC,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,OAAO,CAAC,KAAK,CAAC,qCAAqC,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAI,IAAY,EAAE,WAAiC;QAC1D,OAAO,IAAI,CAAC,OAAO,CAAI,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CACb,IAAY,EACZ,WAAiC;QAMjC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QAE5E,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;gBACnD,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;oBAC1C,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ;YAC1C,CAAC,CAAC,MAAM,IAAI,CAAC,cAAc,EAAE;YAC7B,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC;QAEhB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,eAAe,EAAE,UAAU,KAAK,EAAE;gBAClC,YAAY,EAAE,6BAA6B;aAC5C;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,IAAI,IAAS,CAAC;YACd,IAAI,CAAC;gBACH,IAAI,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACxD,CAAC;YAAC,MAAM,CAAC;gBACP,IAAI,GAAG,YAAY,CAAC;YACtB,CAAC;YACD,MAAM,OAAO,GAAG,IAAI,EAAE,OAAO,IAAI,QAAQ,CAAC,UAAU,CAAC;YACrD,MAAM,IAAI,KAAK,CAAC,QAAQ,QAAQ,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,WAAW,EAAE,CAAC;QAEjD,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC;YAChC,WAAW,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;YACjD,kBAAkB,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC;SAChE,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAI,IAAY,EAAE,IAAU;QACpC,OAAO,IAAI,CAAC,OAAO,CAAI,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAI,IAAY,EAAE,IAAU;QACnC,OAAO,IAAI,CAAC,OAAO,CAAI,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAI,IAAY,EAAE,IAAU;QACrC,OAAO,IAAI,CAAC,OAAO,CAAI,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAI,IAAY,EAAE,IAAU;QACtC,OAAO,IAAI,CAAC,OAAO,CAAI,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,UAAU;QACR,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;CACF"}