npm - @kadoa/mcp - Versions diffs - 0.2.4 → 0.2.5-rc.2 - Mend

@kadoa/mcp 0.2.4 → 0.2.5-rc.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -144,6 +144,8 @@ Get your API key from [kadoa.com/settings](https://kadoa.com/settings).
 | `delete_workflow` | Delete a workflow |
 | `approve_workflow` | Approve and activate a workflow |
 | `update_workflow` | Update workflow configuration and schema |
+| `team_list` | List all teams you belong to and see which is active |
+| `team_switch` | Switch the active team by name or ID |
 ## Usage Examples
@@ -214,6 +216,26 @@ delete_workflow for each, confirming before proceeding.
 - Verify the MCP server is configured correctly
 - Restart your MCP client
+## Deploying the Remote Server
+The remote MCP server at `mcp.kadoa.com` runs as a Docker container on GKE, deployed from the `kadoa-backend` monorepo.
+**To deploy a new version:**
+1. Publish a new `@kadoa/mcp` version to npm (`npm publish`)
+2. In `kadoa-backend`, update `infra/docker/mcp/package.json` to the new version and run `bun install` to regenerate the lockfile
+3. Merge to `main` — the CI pipeline (`main-build-deploy.yml`) builds and pushes the Docker image automatically
+4. Trigger the **Deploy to Production** workflow (`deploy-prod.yml`) with:
+   - **Target cluster:** `gcp`
+   - **Deployment scope:** `mcp`
+   - **Image tag:** the tag from step 3 (shown in the build summary)
+   - **Method:** `kubectl`
+Infrastructure files in `kadoa-backend`:
+- `infra/docker/mcp/Dockerfile.mcp-server` — Docker image definition
+- `infra/docker/mcp/package.json` — pinned `@kadoa/mcp` version
+- `infra/cdk8s/mcp/` — Kubernetes manifests (cdk8s)
 ## Development
 ```bash

package/dist/index.js CHANGED Viewed

@@ -53301,7 +53301,7 @@ async function exchangeSupabaseCode(code, codeVerifier) {
   const data = await res.json();
   return data.access_token;
 }
-async function resolveApiKey2(supabaseJwt) {
+async function fetchUserTeams(supabaseJwt) {
   const kadoaApiUrl = process.env.KADOA_PUBLIC_API_URI || "https://api.kadoa.com";
   const userRes = await fetch(`${kadoaApiUrl}/v4/user`, {
     headers: { Authorization: `Bearer ${supabaseJwt}` }
@@ -53314,7 +53314,14 @@ async function resolveApiKey2(supabaseJwt) {
   if (!userData.teams?.length) {
     throw new Error("User has no teams");
   }
-  const teamId = userData.teams[0].id;
+  return userData.teams.map((t) => ({
+    id: t.id,
+    name: t.name,
+    memberRole: t.memberRole
+  }));
+}
+async function resolveTeamApiKey(supabaseJwt, teamId) {
+  const kadoaApiUrl = process.env.KADOA_PUBLIC_API_URI || "https://api.kadoa.com";
   const keyRes = await fetch(`${kadoaApiUrl}/v4/team/${teamId}/api-key`, {
     headers: { Authorization: `Bearer ${supabaseJwt}` }
   });
@@ -53454,21 +53461,20 @@ class KadoaOAuthProvider {
     pendingAuths.delete(state);
     try {
       const supabaseJwt = await exchangeSupabaseCode(code, pending.supabaseCodeVerifier);
-      const apiKey = await resolveApiKey2(supabaseJwt);
-      const mcpCode = randomToken();
-      authCodes.set(mcpCode, {
-        apiKey,
-        codeChallenge: pending.params.codeChallenge,
-        clientId: pending.client.client_id,
-        redirectUri: pending.params.redirectUri,
-        expiresAt: Date.now() + 10 * 60 * 1000
-      });
-      const redirectUrl = new URL(pending.params.redirectUri);
-      redirectUrl.searchParams.set("code", mcpCode);
-      if (pending.params.state) {
-        redirectUrl.searchParams.set("state", pending.params.state);
+      const teams = await fetchUserTeams(supabaseJwt);
+      if (teams.length === 1) {
+        const apiKey = await resolveTeamApiKey(supabaseJwt, teams[0].id);
+        this.completeAuthFlow(pending, apiKey, res);
+        return;
       }
-      res.redirect(redirectUrl.toString());
+      const selectionToken = randomToken();
+      pendingTeamSelections.set(selectionToken, {
+        supabaseJwt,
+        teams,
+        pending,
+        expiresAt: Date.now() + TEAM_SELECTION_TTL
+      });
+      res.type("html").send(renderTeamSelectionPage(teams, selectionToken));
     } catch (error48) {
       console.error("Auth callback error:", error48);
       const redirectUrl = new URL(pending.params.redirectUri);
@@ -53480,14 +53486,183 @@ class KadoaOAuthProvider {
       res.redirect(redirectUrl.toString());
     }
   }
+  async handleTeamSelection(req, res) {
+    const { token, teamId } = req.body;
+    if (!token || !teamId) {
+      res.status(400).send("Missing token or teamId");
+      return;
+    }
+    const entry = pendingTeamSelections.get(token);
+    if (!entry) {
+      res.status(400).send("Unknown or expired team selection token");
+      return;
+    }
+    if (entry.expiresAt < Date.now()) {
+      pendingTeamSelections.delete(token);
+      res.status(400).send("Team selection expired — please log in again");
+      return;
+    }
+    if (!entry.teams.some((t) => t.id === teamId)) {
+      res.status(403).send("Invalid team selection");
+      return;
+    }
+    pendingTeamSelections.delete(token);
+    try {
+      const apiKey = await resolveTeamApiKey(entry.supabaseJwt, teamId);
+      this.completeAuthFlow(entry.pending, apiKey, res);
+    } catch (error48) {
+      console.error("Team selection error:", error48);
+      const redirectUrl = new URL(entry.pending.params.redirectUri);
+      redirectUrl.searchParams.set("error", "server_error");
+      redirectUrl.searchParams.set("error_description", error48 instanceof Error ? error48.message : "Failed to resolve team API key");
+      if (entry.pending.params.state) {
+        redirectUrl.searchParams.set("state", entry.pending.params.state);
+      }
+      res.redirect(redirectUrl.toString());
+    }
+  }
+  completeAuthFlow(pending, apiKey, res) {
+    const mcpCode = randomToken();
+    authCodes.set(mcpCode, {
+      apiKey,
+      codeChallenge: pending.params.codeChallenge,
+      clientId: pending.client.client_id,
+      redirectUri: pending.params.redirectUri,
+      expiresAt: Date.now() + 10 * 60 * 1000
+    });
+    const redirectUrl = new URL(pending.params.redirectUri);
+    redirectUrl.searchParams.set("code", mcpCode);
+    if (pending.params.state) {
+      redirectUrl.searchParams.set("state", pending.params.state);
+    }
+    res.redirect(redirectUrl.toString());
+  }
 }
-var clients, pendingAuths, authCodes, accessTokens, refreshTokens, ACCESS_TOKEN_TTL = 3600, kadoaClientsStore;
+function renderTeamSelectionPage(teams, selectionToken) {
+  const teamButtons = teams.map((t) => `
+      <button type="submit" name="teamId" value="${t.id}" class="team-btn">
+        <span class="team-name">${escapeHtml(t.name)}</span>
+        ${t.memberRole ? `<span class="team-role">${escapeHtml(t.memberRole.toLowerCase())}</span>` : ""}
+      </button>`).join(`
+`);
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <title>Select Team - Kadoa</title>
+  <style>
+    * { margin: 0; padding: 0; box-sizing: border-box; }
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+      background: oklch(1 0 0);
+      color: oklch(0.17 0.02 228);
+      min-height: 100vh;
+      display: flex;
+      align-items: center;
+      justify-content: center;
+    }
+    .container {
+      width: 100%;
+      max-width: 420px;
+      padding: 2rem;
+    }
+    .logo {
+      text-align: center;
+      margin-bottom: 2rem;
+    }
+    h1 {
+      font-size: 1.25rem;
+      font-weight: 600;
+      text-align: center;
+      margin-bottom: 0.5rem;
+      color: oklch(0.17 0.02 228);
+    }
+    .subtitle {
+      text-align: center;
+      color: oklch(0.56 0.02 228);
+      font-size: 0.875rem;
+      margin-bottom: 1.5rem;
+    }
+    .team-btn {
+      width: 100%;
+      display: flex;
+      align-items: center;
+      justify-content: space-between;
+      padding: 0.875rem 1rem;
+      margin-bottom: 0.5rem;
+      background: oklch(1 0 0);
+      border: 1px solid oklch(0.5 0.02 228 / 0.4);
+      border-radius: 0.3rem;
+      color: oklch(0.17 0.02 228);
+      font-size: 15px;
+      cursor: pointer;
+      transition: background 0.15s, border-color 0.15s, box-shadow 0.15s;
+      box-shadow: 0px 1px 1px 0px oklch(0.68 0.01 60.13 / 0.11);
+    }
+    .team-btn:hover {
+      background: oklch(0.96 0 286);
+      border-color: oklch(0.7 0.18 42);
+    }
+    .team-btn:active {
+      background: oklch(0.72 0.23 54 / 0.13);
+    }
+    .team-name { font-weight: 500; }
+    .team-role {
+      font-size: 13px;
+      color: oklch(0.56 0.02 228 / 0.67);
+      text-transform: capitalize;
+    }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <div class="logo">
+      <svg width="108" height="32" viewBox="0 0 108 32" fill="none" xmlns="http://www.w3.org/2000/svg">
+        <g clip-path="url(#clip0)">
+          <path d="M4.5 27V20.0059C4.49955 18.6288 3.38499 17.5105 2.00781 17.5059L-0.00585938 17.5V14.5L2.00781 14.4941C3.38499 14.4895 4.49955 13.3712 4.5 11.9941V5C4.5 2.51472 6.51472 0.5 9 0.5H12V3.5H9C8.17157 3.5 7.5 4.17157 7.5 5V11.9941C7.49977 13.5757 6.82719 14.9966 5.75781 16C6.82719 17.0034 7.49977 18.4243 7.5 20.0059V27C7.5 27.8284 8.17157 28.5 9 28.5H12V31.5H9C6.51472 31.5 4.5 29.4853 4.5 27Z" fill="#FD7412"/>
+          <path d="M103.5 27V20.0059C103.5 18.6288 104.615 17.5105 105.992 17.5059L108.006 17.5V14.5L105.992 14.4941C104.615 14.4895 103.5 13.3712 103.5 11.9941V5C103.5 2.51472 101.485 0.5 99 0.5H96V3.5H99C99.8284 3.5 100.5 4.17157 100.5 5V11.9941C100.5 13.5757 101.173 14.9966 102.242 16C101.173 17.0034 100.5 18.4243 100.5 20.0059V27C100.5 27.8284 99.8284 28.5 99 28.5H96V31.5H99C101.485 31.5 103.5 29.4853 103.5 27Z" fill="#FD7412"/>
+          <path d="M85.2346 26.308C84.0026 26.308 82.92 26.0093 81.9866 25.412C81.0533 24.8147 80.3253 23.9653 79.8026 22.864C79.28 21.7627 79.0186 20.4373 79.0186 18.888C79.0186 17.3573 79.28 16.0413 79.8026 14.94C80.3253 13.8387 81.0533 12.9987 81.9866 12.42C82.92 11.8227 84.0026 11.524 85.2346 11.524C86.3733 11.524 87.3906 11.804 88.2866 12.364C89.2013 12.9053 89.7986 13.6427 90.0786 14.576H89.7706L90.1066 11.804H94.1666C94.1106 12.42 94.0546 13.0453 93.9986 13.68C93.9613 14.296 93.9426 14.9027 93.9426 15.5V26H89.7426L89.7146 23.34H90.0506C89.752 24.236 89.1546 24.9547 88.2586 25.496C87.3626 26.0373 86.3546 26.308 85.2346 26.308ZM86.5226 23.116C87.4933 23.116 88.2773 22.7707 88.8746 22.08C89.472 21.3893 89.7706 20.3253 89.7706 18.888C89.7706 17.4507 89.472 16.396 88.8746 15.724C88.2773 15.052 87.4933 14.716 86.5226 14.716C85.552 14.716 84.768 15.052 84.1706 15.724C83.5733 16.396 83.2746 17.4507 83.2746 18.888C83.2746 20.3253 83.564 21.3893 84.1426 22.08C84.74 22.7707 85.5333 23.116 86.5226 23.116Z" fill="#18181B"/>
+          <path d="M70.1002 26.308C68.5882 26.308 67.2722 26.0093 66.1522 25.412C65.0509 24.796 64.1922 23.9373 63.5762 22.836C62.9789 21.7347 62.6802 20.4187 62.6802 18.888C62.6802 17.376 62.9789 16.0693 63.5762 14.968C64.1922 13.8667 65.0509 13.0173 66.1522 12.42C67.2722 11.8227 68.5882 11.524 70.1002 11.524C71.6122 11.524 72.9282 11.8227 74.0482 12.42C75.1682 13.0173 76.0269 13.8667 76.6242 14.968C77.2402 16.0693 77.5482 17.376 77.5482 18.888C77.5482 20.4187 77.2402 21.7347 76.6242 22.836C76.0269 23.9373 75.1682 24.796 74.0482 25.412C72.9282 26.0093 71.6122 26.308 70.1002 26.308ZM70.1002 23.116C71.0709 23.116 71.8362 22.7707 72.3962 22.08C72.9749 21.3893 73.2642 20.3253 73.2642 18.888C73.2642 17.4507 72.9749 16.396 72.3962 15.724C71.8362 15.052 71.0709 14.716 70.1002 14.716C69.1295 14.716 68.3549 15.052 67.7762 15.724C67.2162 16.396 66.9362 17.4507 66.9362 18.888C66.9362 20.3253 67.2162 21.3893 67.7762 22.08C68.3549 22.7707 69.1295 23.116 70.1002 23.116Z" fill="#18181B"/>
+          <path d="M51.8208 26.308C50.5888 26.308 49.4968 26.0093 48.5448 25.412C47.6115 24.8147 46.8741 23.9653 46.3328 22.864C45.8101 21.7627 45.5488 20.4373 45.5488 18.888C45.5488 17.3573 45.8101 16.0413 46.3328 14.94C46.8555 13.8387 47.5928 12.9987 48.5448 12.42C49.4968 11.8227 50.5888 11.524 51.8208 11.524C52.9408 11.524 53.9395 11.7947 54.8168 12.336C55.7128 12.8587 56.3101 13.568 56.6088 14.464H56.2448V5.392H60.4728V26H56.3008V23.228H56.6648C56.3661 24.1613 55.7688 24.908 54.8728 25.468C53.9768 26.028 52.9595 26.308 51.8208 26.308ZM53.0808 23.116C54.0515 23.116 54.8355 22.7707 55.4328 22.08C56.0301 21.3893 56.3288 20.3253 56.3288 18.888C56.3288 17.4507 56.0301 16.396 55.4328 15.724C54.8355 15.052 54.0515 14.716 53.0808 14.716C52.1101 14.716 51.3168 15.052 50.7008 15.724C50.1035 16.396 49.8048 17.4507 49.8048 18.888C49.8048 20.3253 50.1035 21.3893 50.7008 22.08C51.3168 22.7707 52.1101 23.116 53.0808 23.116Z" fill="#18181B"/>
+          <path d="M34.6334 26.308C33.4014 26.308 32.3187 26.0093 31.3854 25.412C30.4521 24.8147 29.7241 23.9653 29.2014 22.864C28.6787 21.7627 28.4174 20.4373 28.4174 18.888C28.4174 17.3573 28.6787 16.0413 29.2014 14.94C29.7241 13.8387 30.4521 12.9987 31.3854 12.42C32.3187 11.8227 33.4014 11.524 34.6334 11.524C35.7721 11.524 36.7894 11.804 37.6854 12.364C38.6001 12.9053 39.1974 13.6427 39.4774 14.576H39.1694L39.5054 11.804H43.5654C43.5094 12.42 43.4534 13.0453 43.3974 13.68C43.3601 14.296 43.3414 14.9027 43.3414 15.5V26H39.1414L39.1134 23.34H39.4494C39.1507 24.236 38.5534 24.9547 37.6574 25.496C36.7614 26.0373 35.7534 26.308 34.6334 26.308ZM35.9214 23.116C36.8921 23.116 37.6761 22.7707 38.2734 22.08C38.8707 21.3893 39.1694 20.3253 39.1694 18.888C39.1694 17.4507 38.8707 16.396 38.2734 15.724C37.6761 15.052 36.8921 14.716 35.9214 14.716C34.9507 14.716 34.1667 15.052 33.5694 15.724C32.9721 16.396 32.6734 17.4507 32.6734 18.888C32.6734 20.3253 32.9627 21.3893 33.5414 22.08C34.1387 22.7707 34.9321 23.116 35.9214 23.116Z" fill="#18181B"/>
+          <path d="M13.736 26V5.392H17.964V17.712H18.02L23.284 11.804H28.324L21.52 19.364V17.824L28.688 26H23.508L18.02 19.84H17.964V26H13.736Z" fill="#18181B"/>
+        </g>
+        <defs><clipPath id="clip0"><rect width="108" height="32" fill="white"/></clipPath></defs>
+      </svg>
+    </div>
+    <h1>Select a team</h1>
+    <p class="subtitle">Choose which team to connect with this MCP session</p>
+    <form method="POST" action="/team-select">
+      <input type="hidden" name="token" value="${selectionToken}" />
+      ${teamButtons}
+    </form>
+  </div>
+</body>
+</html>`;
+}
+function escapeHtml(str) {
+  return str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
+}
+var clients, pendingAuths, pendingTeamSelections, authCodes, accessTokens, refreshTokens, TEAM_SELECTION_TTL, ACCESS_TOKEN_TTL = 3600, kadoaClientsStore;
 var init_auth2 = __esm(() => {
   clients = new Map;
   pendingAuths = new Map;
+  pendingTeamSelections = new Map;
   authCodes = new Map;
   accessTokens = new Map;
   refreshTokens = new Map;
+  TEAM_SELECTION_TTL = 10 * 60 * 1000;
   kadoaClientsStore = {
     getClient(clientId) {
       return clients.get(clientId);
@@ -53511,7 +53686,8 @@ __export(exports_http, {
   startHttpServer: () => startHttpServer
 });
 import { randomUUID as randomUUID2 } from "node:crypto";
-function resolveApiKey3(req) {
+import express8 from "express";
+function resolveApiKey2(req) {
   return req.auth?.extra?.apiKey;
 }
 async function startHttpServer() {
@@ -53530,13 +53706,16 @@ async function startHttpServer() {
   app.get("/auth/callback", (req, res) => {
     provider.handleAuthCallback(req, res);
   });
+  app.post("/team-select", express8.urlencoded({ extended: false }), (req, res) => {
+    provider.handleTeamSelection(req, res);
+  });
   app.get("/health", (_req, res) => {
     res.json({ status: "ok", sessions: Object.keys(sessions).length });
   });
   const bearerAuth = requireBearerAuth({ verifier: provider });
   app.post("/mcp", bearerAuth, async (req, res) => {
     const sessionId = req.headers["mcp-session-id"];
-    const apiKey = resolveApiKey3(req);
+    const apiKey = resolveApiKey2(req);
     if (!apiKey) {
       res.status(401).json({
         jsonrpc: "2.0",
@@ -53593,7 +53772,7 @@ async function startHttpServer() {
   });
   app.get("/mcp", bearerAuth, async (req, res) => {
     const sessionId = req.headers["mcp-session-id"];
-    const apiKey = resolveApiKey3(req);
+    const apiKey = resolveApiKey2(req);
     if (!apiKey) {
       res.status(401).send("Unauthorized: Bearer token required");
       return;
@@ -53610,7 +53789,7 @@ async function startHttpServer() {
   });
   app.delete("/mcp", bearerAuth, async (req, res) => {
     const sessionId = req.headers["mcp-session-id"];
-    const apiKey = resolveApiKey3(req);
+    const apiKey = resolveApiKey2(req);
     if (!apiKey) {
       res.status(401).send("Unauthorized: Bearer token required");
       return;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@kadoa/mcp",
-  "version": "0.2.4",
+  "version": "0.2.5-rc.2",
   "description": "Kadoa MCP Server — manage workflows from Claude Desktop, Cursor, and other MCP clients",
   "type": "module",
   "main": "dist/index.js",
@@ -39,6 +39,12 @@
     "bun-types": "^1.3.3",
     "typescript": "^5.9.3"
   },
-  "keywords": ["kadoa", "mcp", "model-context-protocol", "web-scraping", "data-extraction"],
+  "keywords": [
+    "kadoa",
+    "mcp",
+    "model-context-protocol",
+    "web-scraping",
+    "data-extraction"
+  ],
   "license": "MIT"
 }