@nestr/mcp 0.1.8

package/build/http.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.js","sourceRoot":"","sources":["../src/http.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAEH,OAAO,OAA8B,MAAM,SAAS,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAEtD,OAAO,EAAE,6BAA6B,EAAE,MAAM,oDAAoD,CAAC;AACnG,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC9C,OAAO,EACL,4BAA4B,EAC5B,8BAA8B,EAC9B,cAAc,GACf,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,0BAA0B,EAC1B,cAAc,EACd,qBAAqB,EACrB,iBAAiB,GAElB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,cAAc,EACd,SAAS,EACT,mBAAmB,GAEpB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AAEpC,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;AAE3C,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,CAAC;AAEtC;;GAEG;AACH,SAAS,UAAU,CAAC,IAAY;IAC9B,MAAM,WAAW,GAA2B;QAC1C,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,MAAM;QACX,GAAG,EAAE,MAAM;QACX,GAAG,EAAE,QAAQ;QACb,GAAG,EAAE,OAAO;KACb,CAAC;IACF,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC;AAC/D,CAAC;AAED,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;AACtB,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;AAExB,wCAAwC;AACxC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;AACjD,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC;AAEhC,eAAe;AACf,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IAC/B,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;AACnD,CAAC,CAAC,CAAC;AAEH,eAAe;AACf,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IACzB,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,CAAC;AAChD,CAAC,CAAC,CAAC;AAEH,+CAA+C;AAC/C,uEAAuE;AACvE,GAAG,CAAC,GAAG,CAAC,uCAAuC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAC5D,MAAM,OAAO,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,4BAA4B,CAAC,OAAO,CAAC,CAAC;IACvD,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;IAClD,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,sBAAsB,CAAC,CAAC,CAAC,mBAAmB;IAC3E,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACrB,CAAC,CAAC,CAAC;AAEH,iDAAiD;AACjD,6DAA6D;AAC7D,GAAG,CAAC,GAAG,CAAC,yCAAyC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAC9D,MAAM,OAAO,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,8BAA8B,CAAC,OAAO,CAAC,CAAC;IACzD,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;IAClD,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,sBAAsB,CAAC,CAAC;IACvD,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACrB,CAAC,CAAC,CAAC;AAEH;;;;;GAKG;AACH,GAAG,CAAC,IAAI,CAAC,iBAAiB,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;IAC1E,IAAI,CAAC;QACH,MAAM,EACJ,WAAW,EACX,aAAa,EACb,WAAW,EACX,cAAc,EACd,0BAA0B,EAC1B,KAAK,GACN,GAAG,GAAG,CAAC,IAAI,CAAC;QAEb,2BAA2B;QAC3B,IAAI,CAAC,aAAa,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,yBAAyB;gBAChC,iBAAiB,EAAE,yDAAyD;aAC7E,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,sDAAsD;QACtD,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;YAChC,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;gBAC5B,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,KAAK,WAAW,IAAI,MAAM,CAAC,QAAQ,KAAK,WAAW,CAAC;gBACvF,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC;gBAE7C,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,CAAC;oBAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,KAAK,EAAE,sBAAsB;wBAC7B,iBAAiB,EAAE,4CAA4C,GAAG,EAAE;qBACrE,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,KAAK,EAAE,sBAAsB;oBAC7B,iBAAiB,EAAE,yBAAyB,GAAG,EAAE;iBAClD,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;QACH,CAAC;QAED,8BAA8B;QAC9B,MAAM,QAAQ,GAAG,OAAO,UAAU,EAAE,EAAE,CAAC;QACvC,MAAM,YAAY,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QAE3D,2BAA2B;QAC3B,MAAM,MAAM,GAAqB;YAC/B,SAAS,EAAE,QAAQ;YACnB,aAAa,EAAE,YAAY;YAC3B,WAAW,EAAE,WAAW,IAAI,YAAY;YACxC,aAAa;YACb,WAAW,EAAE,WAAW,IAAI,CAAC,oBAAoB,EAAE,eAAe,CAAC;YACnE,cAAc,EAAE,cAAc,IAAI,CAAC,MAAM,CAAC;YAC1C,0BAA0B,EAAE,0BAA0B,IAAI,oBAAoB;YAC9E,KAAK,EAAE,KAAK,IAAI,WAAW;YAC3B,aAAa,EAAE,IAAI,CAAC,GAAG,EAAE;SAC1B,CAAC;QAEF,mBAAmB;QACnB,cAAc,CAAC,MAAM,CAAC,CAAC;QAEvB,0CAA0C;QAC1C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,SAAS,EAAE,QAAQ;YACnB,aAAa,EAAE,YAAY;YAC3B,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,cAAc,EAAE,MAAM,CAAC,cAAc;YACrC,0BAA0B,EAAE,MAAM,CAAC,0BAA0B;YAC7D,KAAK,EAAE,MAAM,CAAC,KAAK;SACpB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;QACnD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,cAAc;YACrB,iBAAiB,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,qBAAqB;SAClF,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC,CAAC;AAEH;;GAEG;AACH,SAAS,gBAAgB,CAAC,GAAY;IACpC,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC;IAClE,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAChE,OAAO,GAAG,QAAQ,MAAM,IAAI,EAAE,CAAC;AACjC,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,GAAY;IAClC,OAAO,GAAG,gBAAgB,CAAC,GAAG,CAAC,iBAAiB,CAAC;AACnD,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;IAC1D,MAAM,MAAM,GAAG,cAAc,EAAE,CAAC;IAEhC,2BAA2B;IAC3B,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,SAA+B,CAAC;IAC3D,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC,YAAkC,CAAC;IACjE,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK,CAAC,aAAmC,CAAC;IACnE,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,KAA2B,CAAC;IACpD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,KAA2B,CAAC;IACpD,MAAM,aAAa,GAAG,GAAG,CAAC,KAAK,CAAC,cAAoC,CAAC;IACrE,MAAM,mBAAmB,GAAG,GAAG,CAAC,KAAK,CAAC,qBAA2C,CAAC;IAElF,wEAAwE;IACxE,IAAI,QAAQ,EAAE,CAAC;QACb,kBAAkB;QAClB,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;QACnC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,gBAAgB;gBACvB,iBAAiB,EAAE,sBAAsB,QAAQ,EAAE;aACpD,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,wBAAwB;QACxB,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,iBAAiB;gBACxB,iBAAiB,EAAE,0BAA0B;aAC9C,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,IAAI,CAAC,mBAAmB,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,CAAC;YAChD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,sBAAsB;gBAC7B,iBAAiB,EAAE,6CAA6C;aACjE,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,yBAAyB;QACzB,IAAI,YAAY,KAAK,MAAM,EAAE,CAAC;YAC5B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,2BAA2B;gBAClC,iBAAiB,EAAE,sCAAsC;aAC1D,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,+BAA+B;QAC/B,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,iBAAiB;gBACxB,iBAAiB,EAAE,mCAAmC;aACvD,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,IAAI,mBAAmB,IAAI,mBAAmB,KAAK,MAAM,EAAE,CAAC;YAC1D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,iBAAiB;gBACxB,iBAAiB,EAAE,8CAA8C;aAClE,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,yDAAyD;YACzD,0DAA0D;YAC1D,MAAM,cAAc,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;YAE3C,MAAM,EAAE,OAAO,EAAE,GAAG,0BAA0B,CAAC;gBAC7C,QAAQ;gBACR,WAAW,EAAE,+CAA+C;gBAC5D,KAAK;gBACL,KAAK;gBACL,aAAa;gBACb,mBAAmB,EAAE,mBAAmB,IAAI,MAAM;aACnD,CAAC,CAAC;YAEH,gEAAgE;YAChE,qEAAqE;YACrE,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC;YACpC,UAAU,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,cAAc,CAAC,CAAC;YAE5D,OAAO,CAAC,GAAG,CAAC,qBAAqB,QAAQ,uBAAuB,CAAC,CAAC;YAClE,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;YACpC,OAAO;QACT,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YAC/C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,cAAc;gBACrB,iBAAiB,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,+BAA+B;aAC5F,CAAC,CAAC;YACH,OAAO;QACT,CAAC;IACH,CAAC;IAED,4CAA4C;IAC5C,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QACrB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,sBAAsB;YAC7B,OAAO,EAAE,0EAA0E;SACpF,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,IAAI,CAAC;QACH,MAAM,aAAa,GAAG,WAAW,CAAC;QAClC,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;QAExC,MAAM,EAAE,OAAO,EAAE,GAAG,0BAA0B,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QAE3E,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;QACxD,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACxB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;QAC/C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,aAAa;YACpB,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,+BAA+B;SAClF,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC,CAAC;AAEH;;;;;;;;;;;GAWG;AACH,GAAG,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;IAC/D,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC;IAE5D,sBAAsB;IACtB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,KAAK,CAAC,gBAAgB,KAAK,MAAM,iBAAiB,EAAE,CAAC,CAAC;QAC9D,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,iBAAiB,IAAI,KAAK,CAAC,CAAC,CAAC;QACjE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;;;;;;eAMV,SAAS;;;;KAInB,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,2BAA2B;IAC3B,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACpB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;;;;;;;;;;KAUpB,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,2BAA2B;IAC3B,MAAM,OAAO,GAAG,cAAc,CAAC,KAAe,CAAC,CAAC;IAChD,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;;;;;;;;;;KAUpB,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,IAAI,CAAC;QACH,kEAAkE;QAClE,0DAA0D;QAC1D,kDAAkD;QAClD,IAAI,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,QAAQ,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAClE,OAAO,CAAC,GAAG,CAAC,yCAAyC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;YAEzE,uDAAuD;YACvD,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;YACpD,cAAc,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,IAAc,CAAC,CAAC;YACxD,cAAc,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAe,CAAC,CAAC;YAE1D,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC,CAAC;YACxC,OAAO;QACT,CAAC;QAED,0DAA0D;QAC1D,OAAO,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC;QAC9E,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;QACxC,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,IAAc,EAAE,WAAW,CAAC,CAAC;QAExE,+CAA+C;QAC/C,MAAM,cAAc,GAAG,UAAU,EAAE,CAAC;QACpC,iBAAiB,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAE1C,OAAO,CAAC,GAAG,CAAC,+CAA+C,cAAc,EAAE,CAAC,CAAC;QAE7E,sEAAsE;QACtE,MAAM,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC,MAAM,GAAG,EAAE;YAClD,CAAC,CAAC,GAAG,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE;YACzE,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC;QACxB,yDAAyD;QACzD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAEtD,GAAG,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;;;;8CAsBiC,YAAY;;;;;gCAK1B,SAAS;+BACV,YAAY;;;;;;;;;;;;;;;;;;yDAkBc,YAAY;;;;;YAKzD,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,mCAAmC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,GAAG,EAAE,CAAC,uBAAuB,CAAC,CAAC,CAAC,EAAE;;;;;KAK5H,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,uBAAuB,EAAE,KAAK,CAAC,CAAC;QAC9C,MAAM,YAAY,GAAG,UAAU,CAC7B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,kDAAkD,CAC5F,CAAC;QACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;;;;;;eAMV,YAAY;;;;KAItB,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC,CAAC;AAEH;;;;;;;;;GASG;AACH,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,OAAO,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;IACrG,MAAM,MAAM,GAAG,cAAc,EAAE,CAAC;IAEhC,IAAI,CAAC;QACH,uBAAuB;QACvB,MAAM,EACJ,UAAU,EACV,IAAI,EACJ,YAAY,EACZ,aAAa,EACb,SAAS,EACT,aAAa,EACb,aAAa,GACd,GAAG,GAAG,CAAC,IAAI,CAAC;QAEb,IAAI,UAAU,KAAK,oBAAoB,EAAE,CAAC;YACxC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,KAAK,EAAE,iBAAiB;oBACxB,iBAAiB,EAAE,kCAAkC;iBACtD,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,qEAAqE;YACrE,yEAAyE;YACzE,yFAAyF;YAEzF,wEAAwE;YACxE,IAAI,SAAS,IAAI,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC9C,MAAM,MAAM,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC;gBACpC,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,KAAK,EAAE,gBAAgB;wBACvB,iBAAiB,EAAE,gBAAgB;qBACpC,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,yBAAyB;gBACzB,IAAI,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,aAAa,KAAK,aAAa,EAAE,CAAC;oBACnE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,KAAK,EAAE,gBAAgB;wBACvB,iBAAiB,EAAE,4BAA4B;qBAChD,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,uDAAuD;gBACvD,4DAA4D;gBAC5D,yDAAyD;gBAEzD,uFAAuF;gBACvF,wEAAwE;gBACxE,8CAA8C;gBAC9C,yEAAyE;gBACzE,+CAA+C;gBAC/C,+CAA+C;gBAC/C,mDAAmD;gBAEnD,0EAA0E;gBAC1E,4EAA4E;gBAC5E,kEAAkE;gBAClE,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,KAAK,EAAE,iBAAiB;wBACxB,iBAAiB,EAAE,oCAAoC;qBACxD,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,OAAO,CAAC,GAAG,CAAC,2BAA2B,SAAS,4BAA4B,CAAC,CAAC;YAChF,CAAC;YAED,wFAAwF;YACxF,MAAM,IAAI,GAA2B;gBACnC,UAAU;gBACV,IAAI;gBACJ,SAAS,EAAE,MAAM,CAAC,QAAQ,IAAI,SAAS;aACxC,CAAC;YAEF,kFAAkF;YAClF,8CAA8C;YAC9C,IAAI,SAAS,IAAI,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC9C,6CAA6C;gBAC7C,IAAI,CAAC,YAAY,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;YAC1C,CAAC;iBAAM,IAAI,YAAY,EAAE,CAAC;gBACxB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;YACnC,CAAC;YAED,kDAAkD;YAClD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;gBACxB,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;YAC3C,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,aAAa,EAAE;gBACjD,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,mCAAmC;iBACpD;gBACD,IAAI,EAAE,IAAI,eAAe,CAAC,IAAI,CAAC;aAChC,CAAC,CAAC;YAEH,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC/C,OAAO;QACT,CAAC;QAED,IAAI,UAAU,KAAK,eAAe,EAAE,CAAC;YACnC,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,KAAK,EAAE,iBAAiB;oBACxB,iBAAiB,EAAE,2CAA2C;iBAC/D,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,iCAAiC;YACjC,MAAM,IAAI,GAA2B;gBACnC,UAAU;gBACV,aAAa;gBACb,SAAS,EAAE,MAAM,CAAC,QAAQ,IAAI,SAAS;aACxC,CAAC;YAEF,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;gBACxB,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;YAC3C,CAAC;YAED,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;YAEpE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,aAAa,EAAE;gBACjD,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,mCAAmC;iBACpD;gBACD,IAAI,EAAE,IAAI,eAAe,CAAC,IAAI,CAAC;aAChC,CAAC,CAAC;YAEH,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC/C,OAAO;QACT,CAAC;QAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,wBAAwB;YAC/B,iBAAiB,EAAE,eAAe,UAAU,oBAAoB;SACjE,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;QACjD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,cAAc;YACrB,iBAAiB,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,+BAA+B;SAC5F,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC,CAAC;AASH,MAAM,QAAQ,GAAgC,EAAE,CAAC;AAEjD;;;;;;;;GAQG;AACH,SAAS,YAAY,CAAC,GAAY;IAChC,sDAAsD;IACtD,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAuB,CAAC;IACpE,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,+BAA+B;IAC/B,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAmC,CAAC;IACnE,IAAI,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACtC,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;IACxD,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,SAAS,0BAA0B,CAAC,GAAY;IAC9C,MAAM,OAAO,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,WAAW,GAAG,GAAG,OAAO,uCAAuC,CAAC;IAEtE,OAAO,6BAA6B,WAAW,GAAG,CAAC;AACrD,CAAC;AAED;;GAEG;AACH,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;IACrD,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAuB,CAAC;IACtE,MAAM,SAAS,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;IAEpC,IAAI,CAAC;QACH,6BAA6B;QAC7B,IAAI,SAAS,IAAI,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YACrC,MAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC;YACpC,MAAM,OAAO,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;YAC1D,OAAO;QACT,CAAC;QAED,2EAA2E;QAC3E,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAChB,GAAG,CAAC,SAAS,CAAC,kBAAkB,EAAE,0BAA0B,CAAC,GAAG,CAAC,CAAC,CAAC;YACnE,GAAG,CAAC,IAAI,CAAC;gBACP,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,IAAI,EAAE,CAAC,KAAK;oBACZ,OAAO,EAAE,yGAAyG;iBACnH;gBACD,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,IAAI,IAAI;aACzB,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACnC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,IAAI,EAAE,CAAC,KAAK;oBACZ,OAAO,EAAE,yFAAyF;iBACnG;gBACD,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,IAAI,IAAI;aACzB,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,+DAA+D;QAC/D,MAAM,aAAa,GAAG,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,IAA0B,CAAC;QAC/E,IAAI,aAAa,EAAE,CAAC;YAClB,OAAO,CAAC,GAAG,CAAC,eAAe,aAAa,EAAE,CAAC,CAAC;QAC9C,CAAC;QAED,6DAA6D;QAC7D,MAAM,MAAM,GAAG,IAAI,WAAW,CAAC;YAC7B,MAAM,EAAE,SAAS;YACjB,SAAS,EAAE,aAAa;SACzB,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;QAExC,MAAM,SAAS,GAAG,IAAI,6BAA6B,CAAC;YAClD,kBAAkB,EAAE,GAAG,EAAE,CAAC,UAAU,EAAE;YACtC,oBAAoB,EAAE,CAAC,YAAY,EAAE,EAAE;gBACrC,OAAO,CAAC,GAAG,CAAC,wBAAwB,YAAY,GAAG,aAAa,CAAC,CAAC,CAAC,aAAa,aAAa,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACzG,QAAQ,CAAC,YAAY,CAAC,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC;YACtF,CAAC;SACF,CAAC,CAAC;QAEH,SAAS,CAAC,OAAO,GAAG,GAAG,EAAE;YACvB,MAAM,GAAG,GAAG,SAAS,CAAC,SAAS,CAAC;YAChC,IAAI,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACzB,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,EAAE,CAAC,CAAC;gBACtC,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC;YACvB,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAChC,MAAM,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;IACpD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;QACzD,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;YACrB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,IAAI,EAAE,CAAC,KAAK;oBACZ,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB;iBAC1E;gBACD,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,IAAI,IAAI;aACzB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEH;;GAEG;AACH,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;IACpD,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAuB,CAAC;IAEtE,IAAI,CAAC,SAAS,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACvC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,KAAK,EAAE;gBACL,IAAI,EAAE,CAAC,KAAK;gBACZ,OAAO,EAAE,+BAA+B;aACzC;YACD,EAAE,EAAE,IAAI;SACT,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,qCAAqC,SAAS,EAAE,CAAC,CAAC;IAC9D,MAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEpC,IAAI,CAAC;QACH,MAAM,OAAO,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAClD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAC;QACxD,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;YACrB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,IAAI,EAAE,CAAC,KAAK;oBACZ,OAAO,EAAE,uBAAuB;iBACjC;gBACD,EAAE,EAAE,IAAI;aACT,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEH;;GAEG;AACH,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;IACvD,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAuB,CAAC;IAEtE,IAAI,CAAC,SAAS,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACvC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,KAAK,EAAE;gBACL,IAAI,EAAE,CAAC,KAAK;gBACZ,OAAO,EAAE,+BAA+B;aACzC;YACD,EAAE,EAAE,IAAI;SACT,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,kCAAkC,SAAS,EAAE,CAAC,CAAC;IAC3D,MAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEpC,IAAI,CAAC;QACH,MAAM,OAAO,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAClD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;QAC3D,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;YACrB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,IAAI,EAAE,CAAC,KAAK;oBACZ,OAAO,EAAE,uBAAuB;iBACjC;gBACD,EAAE,EAAE,IAAI;aACT,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,eAAe;AACf,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE;IACpB,OAAO,CAAC,GAAG,CAAC,sCAAsC,IAAI,EAAE,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,kCAAkC,IAAI,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,kCAAkC,IAAI,MAAM,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,kCAAkC,IAAI,kBAAkB,CAAC,CAAC;IACtE,OAAO,CAAC,GAAG,CAAC,kCAAkC,IAAI,SAAS,CAAC,CAAC;IAE7D,MAAM,MAAM,GAAG,cAAc,EAAE,CAAC;IAChC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,6DAA6D,CAAC,CAAC;IAC7E,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,yBAAyB;AACzB,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,IAAI,EAAE;IAC9B,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IAEzC,KAAK,MAAM,SAAS,IAAI,QAAQ,EAAE,CAAC;QACjC,IAAI,CAAC;YACH,OAAO,CAAC,GAAG,CAAC,oBAAoB,SAAS,EAAE,CAAC,CAAC;YAC7C,MAAM,QAAQ,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;YAC5C,MAAM,QAAQ,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACzC,OAAO,QAAQ,CAAC,SAAS,CAAC,CAAC;QAC7B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,yBAAyB,SAAS,GAAG,EAAE,KAAK,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IACxC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/build/index.d.ts

@@ -0,0 +1,15 @@
+#!/usr/bin/env node
+/**
+ * Nestr MCP Server - stdio entry point
+ *
+ * Run with: npx @nestr/mcp
+ *
+ * Authentication (one of the following):
+ *   NESTR_API_KEY    - Your Nestr API key (get from workspace settings)
+ *   NESTR_OAUTH_TOKEN - OAuth Bearer token from Nestr OAuth flow
+ *
+ * Optional environment variables:
+ *   NESTR_API_BASE - API base URL (default: https://app.nestr.io/api)
+ */
+export {};
+//# sourceMappingURL=index.d.ts.map

package/build/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;GAWG"}

package/build/index.js

@@ -0,0 +1,62 @@
+#!/usr/bin/env node
+/**
+ * Nestr MCP Server - stdio entry point
+ *
+ * Run with: npx @nestr/mcp
+ *
+ * Authentication (one of the following):
+ *   NESTR_API_KEY    - Your Nestr API key (get from workspace settings)
+ *   NESTR_OAUTH_TOKEN - OAuth Bearer token from Nestr OAuth flow
+ *
+ * Optional environment variables:
+ *   NESTR_API_BASE - API base URL (default: https://app.nestr.io/api)
+ */
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { createServer } from "./server.js";
+async function main() {
+    // Validate authentication is present
+    if (!process.env.NESTR_API_KEY && !process.env.NESTR_OAUTH_TOKEN) {
+        console.error("Error: Authentication required.");
+        console.error("");
+        console.error("Option 1: OAuth Token (Recommended)");
+        console.error("  OAuth respects your user-specific permissions in Nestr.");
+        console.error("  Use an OAuth Bearer token from the Nestr OAuth flow.");
+        console.error("");
+        console.error("  Then set: export NESTR_OAUTH_TOKEN=your-oauth-token");
+        console.error("");
+        console.error("Option 2: API Key");
+        console.error("  API keys have full workspace access (ignores user permissions).");
+        console.error("  1. Go to your Nestr workspace");
+        console.error("  2. Click Settings (gear icon)");
+        console.error("  3. Go to Integrations tab");
+        console.error("  4. Find 'Workspace API access' and click Configure");
+        console.error("  5. Create a new API key");
+        console.error("");
+        console.error("  Then set: export NESTR_API_KEY=your-api-key");
+        console.error("");
+        console.error("Or configure in your MCP client (e.g., Claude Desktop):");
+        console.error(JSON.stringify({
+            mcpServers: {
+                nestr: {
+                    command: "npx",
+                    args: ["-y", "@nestr/mcp"],
+                    env: {
+                        NESTR_OAUTH_TOKEN: "your-oauth-token"
+                    }
+                }
+            }
+        }, null, 2));
+        process.exit(1);
+    }
+    const server = createServer();
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+    // Log to stderr so it doesn't interfere with MCP protocol on stdout
+    console.error("Nestr MCP server running on stdio");
+    console.error("Connected to:", process.env.NESTR_API_BASE || "https://app.nestr.io/api");
+}
+main().catch((error) => {
+    console.error("Fatal error:", error);
+    process.exit(1);
+});
+//# sourceMappingURL=index.js.map

package/build/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,KAAK,UAAU,IAAI;IACjB,qCAAqC;IACrC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;QACjE,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;QACjD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACrD,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;QAC3E,OAAO,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACxE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,uDAAuD,CAAC,CAAC;QACvE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACnC,OAAO,CAAC,KAAK,CAAC,mEAAmE,CAAC,CAAC;QACnF,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;QACjD,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;QACjD,OAAO,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAC7C,OAAO,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;QACtE,OAAO,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAC3C,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;QAC/D,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;QACzE,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;YAC3B,UAAU,EAAE;gBACV,KAAK,EAAE;oBACL,OAAO,EAAE,KAAK;oBACd,IAAI,EAAE,CAAC,IAAI,EAAE,YAAY,CAAC;oBAC1B,GAAG,EAAE;wBACH,iBAAiB,EAAE,kBAAkB;qBACtC;iBACF;aACF;SACF,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,EAAE,CAAC;IAC9B,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAE7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAEhC,oEAAoE;IACpE,OAAO,CAAC,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACnD,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,0BAA0B,CAAC,CAAC;AAC3F,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IACrC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/build/oauth/config.d.ts

@@ -0,0 +1,70 @@
+/**
+ * OAuth Configuration for Nestr MCP Server
+ *
+ * Implements MCP Authorization Specification using Nestr as the authorization server.
+ * See: https://modelcontextprotocol.io/specification/draft/basic/authorization
+ */
+export interface OAuthConfig {
+    authorizationEndpoint: string;
+    tokenEndpoint: string;
+    resourceIdentifier: string;
+    clientId?: string;
+    clientSecret?: string;
+    scopes: string[];
+}
+/**
+ * Get OAuth configuration from environment
+ *
+ * For local development, set:
+ *   NESTR_API_BASE=http://localhost:4001/api
+ *   NESTR_OAUTH_CLIENT_ID=your-local-client-id
+ */
+export declare function getOAuthConfig(): OAuthConfig;
+/**
+ * OAuth Protected Resource Metadata (RFC 9728)
+ *
+ * This is returned at /.well-known/oauth-protected-resource
+ * to inform MCP clients how to authenticate.
+ */
+export interface ProtectedResourceMetadata {
+    resource: string;
+    authorization_servers: string[];
+    bearer_methods_supported?: string[];
+    scopes_supported?: string[];
+    resource_documentation?: string;
+}
+/**
+ * Generate Protected Resource Metadata for this MCP server
+ *
+ * Note: We return a placeholder for authorization_servers. The actual
+ * MCP server URL is filled in dynamically by the HTTP handler based
+ * on the request's host header.
+ */
+export declare function getProtectedResourceMetadata(mcpServerBaseUrl?: string): ProtectedResourceMetadata;
+/**
+ * Authorization Server Metadata (RFC 8414)
+ *
+ * Describes our OAuth server capabilities.
+ * We act as an authorization server, proxying to Nestr.
+ */
+export interface AuthorizationServerMetadata {
+    issuer: string;
+    authorization_endpoint: string;
+    token_endpoint: string;
+    registration_endpoint?: string;
+    response_types_supported: string[];
+    grant_types_supported: string[];
+    code_challenge_methods_supported: string[];
+    scopes_supported: string[];
+}
+/**
+ * Get authorization server metadata
+ *
+ * When mcpServerBaseUrl is provided, returns metadata for our MCP server
+ * acting as an authorization server (proxying to Nestr).
+ *
+ * PKCE Support: We advertise S256 support because we handle PKCE verification
+ * in our proxy layer, even though Nestr doesn't support PKCE natively.
+ */
+export declare function getAuthorizationServerMetadata(mcpServerBaseUrl?: string): AuthorizationServerMetadata;
+//# sourceMappingURL=config.d.ts.map

package/build/oauth/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/oauth/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,WAAW,WAAW;IAE1B,qBAAqB,EAAE,MAAM,CAAC;IAC9B,aAAa,EAAE,MAAM,CAAC;IAGtB,kBAAkB,EAAE,MAAM,CAAC;IAG3B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IAGtB,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,IAAI,WAAW,CAiB5C;AAED;;;;;GAKG;AACH,MAAM,WAAW,yBAAyB;IACxC,QAAQ,EAAE,MAAM,CAAC;IACjB,qBAAqB,EAAE,MAAM,EAAE,CAAC;IAChC,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;IACpC,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,sBAAsB,CAAC,EAAE,MAAM,CAAC;CACjC;AAED;;;;;;GAMG;AACH,wBAAgB,4BAA4B,CAAC,gBAAgB,CAAC,EAAE,MAAM,GAAG,yBAAyB,CAcjG;AAED;;;;;GAKG;AACH,MAAM,WAAW,2BAA2B;IAC1C,MAAM,EAAE,MAAM,CAAC;IACf,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,wBAAwB,EAAE,MAAM,EAAE,CAAC;IACnC,qBAAqB,EAAE,MAAM,EAAE,CAAC;IAChC,gCAAgC,EAAE,MAAM,EAAE,CAAC;IAC3C,gBAAgB,EAAE,MAAM,EAAE,CAAC;CAC5B;AAED;;;;;;;;GAQG;AACH,wBAAgB,8BAA8B,CAAC,gBAAgB,CAAC,EAAE,MAAM,GAAG,2BAA2B,CA4BrG"}

package/build/oauth/config.js

@@ -0,0 +1,86 @@
+/**
+ * OAuth Configuration for Nestr MCP Server
+ *
+ * Implements MCP Authorization Specification using Nestr as the authorization server.
+ * See: https://modelcontextprotocol.io/specification/draft/basic/authorization
+ */
+/**
+ * Get OAuth configuration from environment
+ *
+ * For local development, set:
+ *   NESTR_API_BASE=http://localhost:4001/api
+ *   NESTR_OAUTH_CLIENT_ID=your-local-client-id
+ */
+export function getOAuthConfig() {
+    const baseUrl = process.env.NESTR_API_BASE || "https://app.nestr.io/api";
+    const nestrBase = baseUrl.replace(/\/api$/, "");
+    // MCP resource identifier - the canonical URL of this MCP server
+    const resourceIdentifier = process.env.MCP_RESOURCE_URL || "https://mcp.nestr.io/mcp";
+    return {
+        // /dialog/oauth is the UI page, /oauth/token is the backend token endpoint
+        // Note: /oauth/* may need to be whitelisted in Cloudflare to avoid bot challenge
+        authorizationEndpoint: `${nestrBase}/dialog/oauth`,
+        tokenEndpoint: `${nestrBase}/oauth/token`,
+        resourceIdentifier,
+        clientId: process.env.NESTR_OAUTH_CLIENT_ID,
+        clientSecret: process.env.NESTR_OAUTH_CLIENT_SECRET,
+        scopes: ["user", "nest"],
+    };
+}
+/**
+ * Generate Protected Resource Metadata for this MCP server
+ *
+ * Note: We return a placeholder for authorization_servers. The actual
+ * MCP server URL is filled in dynamically by the HTTP handler based
+ * on the request's host header.
+ */
+export function getProtectedResourceMetadata(mcpServerBaseUrl) {
+    const config = getOAuthConfig();
+    // If we have the MCP server's base URL, use it as the authorization server
+    // (we proxy OAuth requests to Nestr). Otherwise, fall back to Nestr directly.
+    const authServer = mcpServerBaseUrl || config.authorizationEndpoint.replace(/\/dialog\/oauth$/, "");
+    return {
+        resource: config.resourceIdentifier,
+        authorization_servers: [authServer],
+        bearer_methods_supported: ["header"],
+        scopes_supported: config.scopes,
+        resource_documentation: "https://mcp.nestr.io",
+    };
+}
+/**
+ * Get authorization server metadata
+ *
+ * When mcpServerBaseUrl is provided, returns metadata for our MCP server
+ * acting as an authorization server (proxying to Nestr).
+ *
+ * PKCE Support: We advertise S256 support because we handle PKCE verification
+ * in our proxy layer, even though Nestr doesn't support PKCE natively.
+ */
+export function getAuthorizationServerMetadata(mcpServerBaseUrl) {
+    const config = getOAuthConfig();
+    if (mcpServerBaseUrl) {
+        // Our MCP server acts as the authorization server
+        return {
+            issuer: mcpServerBaseUrl,
+            authorization_endpoint: `${mcpServerBaseUrl}/oauth/authorize`,
+            token_endpoint: `${mcpServerBaseUrl}/oauth/token`,
+            registration_endpoint: `${mcpServerBaseUrl}/oauth/register`,
+            response_types_supported: ["code"],
+            grant_types_supported: ["authorization_code", "refresh_token"],
+            code_challenge_methods_supported: ["S256"], // We handle PKCE in our proxy
+            scopes_supported: config.scopes,
+        };
+    }
+    // Fall back to Nestr directly (no PKCE, no registration)
+    const nestrBase = config.authorizationEndpoint.replace(/\/dialog\/oauth$/, "");
+    return {
+        issuer: nestrBase,
+        authorization_endpoint: config.authorizationEndpoint,
+        token_endpoint: config.tokenEndpoint,
+        response_types_supported: ["code"],
+        grant_types_supported: ["authorization_code", "refresh_token"],
+        code_challenge_methods_supported: [],
+        scopes_supported: config.scopes,
+    };
+}
+//# sourceMappingURL=config.js.map

package/build/oauth/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/oauth/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAkBH;;;;;;GAMG;AACH,MAAM,UAAU,cAAc;IAC5B,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,0BAA0B,CAAC;IACzE,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IAEhD,iEAAiE;IACjE,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,0BAA0B,CAAC;IAEtF,OAAO;QACL,2EAA2E;QAC3E,iFAAiF;QACjF,qBAAqB,EAAE,GAAG,SAAS,eAAe;QAClD,aAAa,EAAE,GAAG,SAAS,cAAc;QACzC,kBAAkB;QAClB,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;QAC3C,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;QACnD,MAAM,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC;KACzB,CAAC;AACJ,CAAC;AAgBD;;;;;;GAMG;AACH,MAAM,UAAU,4BAA4B,CAAC,gBAAyB;IACpE,MAAM,MAAM,GAAG,cAAc,EAAE,CAAC;IAEhC,2EAA2E;IAC3E,8EAA8E;IAC9E,MAAM,UAAU,GAAG,gBAAgB,IAAI,MAAM,CAAC,qBAAqB,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;IAEpG,OAAO;QACL,QAAQ,EAAE,MAAM,CAAC,kBAAkB;QACnC,qBAAqB,EAAE,CAAC,UAAU,CAAC;QACnC,wBAAwB,EAAE,CAAC,QAAQ,CAAC;QACpC,gBAAgB,EAAE,MAAM,CAAC,MAAM;QAC/B,sBAAsB,EAAE,sBAAsB;KAC/C,CAAC;AACJ,CAAC;AAmBD;;;;;;;;GAQG;AACH,MAAM,UAAU,8BAA8B,CAAC,gBAAyB;IACtE,MAAM,MAAM,GAAG,cAAc,EAAE,CAAC;IAEhC,IAAI,gBAAgB,EAAE,CAAC;QACrB,kDAAkD;QAClD,OAAO;YACL,MAAM,EAAE,gBAAgB;YACxB,sBAAsB,EAAE,GAAG,gBAAgB,kBAAkB;YAC7D,cAAc,EAAE,GAAG,gBAAgB,cAAc;YACjD,qBAAqB,EAAE,GAAG,gBAAgB,iBAAiB;YAC3D,wBAAwB,EAAE,CAAC,MAAM,CAAC;YAClC,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;YAC9D,gCAAgC,EAAE,CAAC,MAAM,CAAC,EAAE,8BAA8B;YAC1E,gBAAgB,EAAE,MAAM,CAAC,MAAM;SAChC,CAAC;IACJ,CAAC;IAED,yDAAyD;IACzD,MAAM,SAAS,GAAG,MAAM,CAAC,qBAAqB,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;IAC/E,OAAO;QACL,MAAM,EAAE,SAAS;QACjB,sBAAsB,EAAE,MAAM,CAAC,qBAAqB;QACpD,cAAc,EAAE,MAAM,CAAC,aAAa;QACpC,wBAAwB,EAAE,CAAC,MAAM,CAAC;QAClC,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAC9D,gCAAgC,EAAE,EAAE;QACpC,gBAAgB,EAAE,MAAM,CAAC,MAAM;KAChC,CAAC;AACJ,CAAC"}

package/build/oauth/flow.d.ts

@@ -0,0 +1,113 @@
+/**
+ * OAuth Authorization Code Flow with PKCE
+ *
+ * Handles the OAuth flow where the MCP server acts as the OAuth client
+ * and users authenticate directly with Nestr.
+ *
+ * PKCE Support:
+ * - MCP clients send PKCE parameters (code_challenge) to this server
+ * - We verify the code_verifier against the stored code_challenge
+ * - We proxy to Nestr WITHOUT PKCE (Nestr doesn't support it)
+ * - This provides PKCE security from the MCP client's perspective
+ */
+import { type PendingAuthWithPKCE } from "./storage.js";
+/**
+ * Pending OAuth authorization request
+ * @deprecated Use PendingAuthWithPKCE from storage.ts
+ */
+export interface PendingAuth {
+    state: string;
+    redirectUri: string;
+    createdAt: number;
+    finalRedirect?: string;
+}
+/**
+ * OAuth token response from Nestr
+ */
+export interface TokenResponse {
+    access_token: string;
+    refresh_token?: string;
+    token_type: string;
+    expires_in: number;
+    scope?: string;
+}
+/**
+ * Stored OAuth session after successful authentication
+ */
+export interface OAuthSession {
+    accessToken: string;
+    refreshToken?: string;
+    expiresAt: number;
+    scope?: string;
+}
+/**
+ * Generate PKCE code verifier (43-128 characters)
+ */
+export declare function generateCodeVerifier(): string;
+/**
+ * Generate PKCE code challenge from verifier (S256 method)
+ */
+export declare function generateCodeChallenge(verifier: string): string;
+/**
+ * Generate OAuth state parameter
+ */
+export declare function generateState(): string;
+/**
+ * Parameters for creating an authorization request
+ */
+export interface AuthorizationRequestParams {
+    clientId: string;
+    redirectUri: string;
+    scope?: string;
+    state?: string;
+    codeChallenge?: string;
+    codeChallengeMethod?: string;
+}
+/**
+ * Create a new pending auth request and return the authorization URL
+ *
+ * Supports PKCE: We store the code_challenge and verify it when the client
+ * exchanges the code. Nestr doesn't support PKCE, so we handle it in our proxy.
+ */
+export declare function createAuthorizationRequest(redirectUri: string, finalRedirect?: string): {
+    authUrl: string;
+    state: string;
+};
+export declare function createAuthorizationRequest(params: AuthorizationRequestParams): {
+    authUrl: string;
+    state: string;
+};
+/**
+ * Get and remove a pending auth request
+ */
+export declare function getPendingAuth(state: string): PendingAuthWithPKCE | undefined;
+/**
+ * Verify PKCE code_verifier against stored code_challenge
+ *
+ * @param codeVerifier - The code_verifier from the token request
+ * @param codeChallenge - The stored code_challenge from the auth request
+ * @param method - The code_challenge_method (only S256 is supported)
+ * @returns true if verification passes
+ */
+export declare function verifyPKCE(codeVerifier: string, codeChallenge: string, method?: string): boolean;
+/**
+ * Exchange authorization code for tokens
+ */
+export declare function exchangeCodeForTokens(code: string, redirectUri: string): Promise<TokenResponse>;
+/**
+ * Refresh an access token using refresh token
+ */
+export declare function refreshAccessToken(refreshToken: string): Promise<TokenResponse>;
+/**
+ * Store an OAuth session
+ */
+export declare function storeOAuthSession(sessionId: string, tokens: TokenResponse): void;
+/**
+ * Get an OAuth session, refreshing if needed
+ */
+export declare function getOAuthSession(sessionId: string): Promise<OAuthSession | undefined>;
+/**
+ * Remove an OAuth session
+ */
+export declare function removeOAuthSession(sessionId: string): void;
+//# sourceMappingURL=flow.d.ts.map

package/build/oauth/flow.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"flow.d.ts","sourceRoot":"","sources":["../../src/oauth/flow.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,OAAO,EAGL,KAAK,mBAAmB,EACzB,MAAM,cAAc,CAAC;AAEtB;;;GAGG;AACH,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAElB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAeD;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,MAAM,CAE7C;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAE9D;AAED;;GAEG;AACH,wBAAgB,aAAa,IAAI,MAAM,CAEtC;AAED;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED;;;;;GAKG;AACH,wBAAgB,0BAA0B,CACxC,WAAW,EAAE,MAAM,EACnB,aAAa,CAAC,EAAE,MAAM,GACrB;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AACtC,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,0BAA0B,GACjC;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AA0EtC;;GAEG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,mBAAmB,GAAG,SAAS,CAE7E;AAED;;;;;;;GAOG;AACH,wBAAgB,UAAU,CACxB,YAAY,EAAE,MAAM,EACpB,aAAa,EAAE,MAAM,EACrB,MAAM,GAAE,MAAe,GACtB,OAAO,CAST;AAED;;GAEG;AACH,wBAAsB,qBAAqB,CACzC,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,aAAa,CAAC,CAiCxB;AAED;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,aAAa,CAAC,CA+BxB;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,aAAa,GACpB,IAAI,CAON;AAED;;GAEG;AACH,wBAAsB,eAAe,CACnC,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,YAAY,GAAG,SAAS,CAAC,CA4BnC;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAE1D"}

package/build/oauth/flow.js

@@ -0,0 +1,233 @@
+/**
+ * OAuth Authorization Code Flow with PKCE
+ *
+ * Handles the OAuth flow where the MCP server acts as the OAuth client
+ * and users authenticate directly with Nestr.
+ *
+ * PKCE Support:
+ * - MCP clients send PKCE parameters (code_challenge) to this server
+ * - We verify the code_verifier against the stored code_challenge
+ * - We proxy to Nestr WITHOUT PKCE (Nestr doesn't support it)
+ * - This provides PKCE security from the MCP client's perspective
+ */
+import { randomBytes, createHash } from "node:crypto";
+import { getOAuthConfig } from "./config.js";
+import { storePendingAuth as storePendingAuthToDisk, consumePendingAuth as consumePendingAuthFromDisk, } from "./storage.js";
+// In-memory storage for OAuth sessions (keyed by session ID)
+const oauthSessions = new Map();
+// Buffer time before token expiration to trigger refresh (60 seconds)
+const TOKEN_EXPIRY_BUFFER_MS = 60 * 1000;
+/**
+ * Generate a cryptographically secure random string
+ */
+function generateRandomString(length) {
+    return randomBytes(length).toString("base64url").slice(0, length);
+}
+/**
+ * Generate PKCE code verifier (43-128 characters)
+ */
+export function generateCodeVerifier() {
+    return generateRandomString(64);
+}
+/**
+ * Generate PKCE code challenge from verifier (S256 method)
+ */
+export function generateCodeChallenge(verifier) {
+    return createHash("sha256").update(verifier).digest("base64url");
+}
+/**
+ * Generate OAuth state parameter
+ */
+export function generateState() {
+    return generateRandomString(32);
+}
+export function createAuthorizationRequest(redirectUriOrParams, finalRedirect) {
+    const config = getOAuthConfig();
+    // Handle legacy signature (redirectUri, finalRedirect)
+    if (typeof redirectUriOrParams === "string") {
+        if (!config.clientId) {
+            throw new Error("NESTR_OAUTH_CLIENT_ID environment variable is required for OAuth flow");
+        }
+        const state = generateState();
+        // Store pending auth with disk persistence
+        storePendingAuthToDisk({
+            state,
+            redirectUri: redirectUriOrParams,
+            clientId: config.clientId,
+            createdAt: Date.now(),
+        });
+        // Build authorization URL (without PKCE - Nestr doesn't support it)
+        const urlParams = new URLSearchParams({
+            response_type: "code",
+            client_id: config.clientId,
+            redirect_uri: redirectUriOrParams,
+            state,
+            scope: config.scopes.join(" "),
+        });
+        const authUrl = `${config.authorizationEndpoint}?${urlParams}`;
+        return { authUrl, state };
+    }
+    // New signature with full params (for dynamic client registration)
+    const params = redirectUriOrParams;
+    const state = params.state || generateState();
+    // Store pending auth with PKCE info
+    // redirectUri here is the MCP CLIENT's redirect_uri (where we redirect with the code)
+    storePendingAuthToDisk({
+        state,
+        redirectUri: params.redirectUri, // MCP client's callback URL
+        clientId: params.clientId,
+        codeChallenge: params.codeChallenge,
+        codeChallengeMethod: params.codeChallengeMethod,
+        createdAt: Date.now(),
+        scope: params.scope,
+    });
+    // Build authorization URL for Nestr (without PKCE - we handle it ourselves)
+    // Use our configured client_id to talk to Nestr
+    // IMPORTANT: We tell Nestr to redirect back to OUR callback, not the MCP client's
+    const nestrClientId = config.clientId || params.clientId;
+    // We need our own callback URL to be passed here, not the MCP client's
+    // The caller should pass ourCallbackUrl in a separate field if needed
+    // For now, we construct it - this will be overridden by http.ts
+    const urlParams = new URLSearchParams({
+        response_type: "code",
+        client_id: nestrClientId,
+        redirect_uri: params.redirectUri, // Will be overridden by caller with our callback URL
+        state,
+        scope: params.scope || config.scopes.join(" "),
+    });
+    const authUrl = `${config.authorizationEndpoint}?${urlParams}`;
+    return { authUrl, state };
+}
+/**
+ * Get and remove a pending auth request
+ */
+export function getPendingAuth(state) {
+    return consumePendingAuthFromDisk(state);
+}
+/**
+ * Verify PKCE code_verifier against stored code_challenge
+ *
+ * @param codeVerifier - The code_verifier from the token request
+ * @param codeChallenge - The stored code_challenge from the auth request
+ * @param method - The code_challenge_method (only S256 is supported)
+ * @returns true if verification passes
+ */
+export function verifyPKCE(codeVerifier, codeChallenge, method = "S256") {
+    if (method !== "S256") {
+        // Only S256 is supported per OAuth 2.1
+        return false;
+    }
+    // Generate challenge from verifier and compare
+    const computedChallenge = generateCodeChallenge(codeVerifier);
+    return computedChallenge === codeChallenge;
+}
+/**
+ * Exchange authorization code for tokens
+ */
+export async function exchangeCodeForTokens(code, redirectUri) {
+    const config = getOAuthConfig();
+    if (!config.clientId) {
+        throw new Error("NESTR_OAUTH_CLIENT_ID is required");
+    }
+    const body = {
+        grant_type: "authorization_code",
+        code,
+        redirect_uri: redirectUri,
+        client_id: config.clientId,
+    };
+    // Add client secret (required by Nestr)
+    if (config.clientSecret) {
+        body.client_secret = config.clientSecret;
+    }
+    const response = await fetch(config.tokenEndpoint, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/x-www-form-urlencoded",
+        },
+        body: new URLSearchParams(body),
+    });
+    if (!response.ok) {
+        const errorText = await response.text();
+        throw new Error(`Token exchange failed: ${response.status} - ${errorText}`);
+    }
+    return response.json();
+}
+/**
+ * Refresh an access token using refresh token
+ */
+export async function refreshAccessToken(refreshToken) {
+    const config = getOAuthConfig();
+    if (!config.clientId) {
+        throw new Error("NESTR_OAUTH_CLIENT_ID is required");
+    }
+    const body = {
+        grant_type: "refresh_token",
+        refresh_token: refreshToken,
+        client_id: config.clientId,
+    };
+    if (config.clientSecret) {
+        body.client_secret = config.clientSecret;
+    }
+    const response = await fetch(config.tokenEndpoint, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/x-www-form-urlencoded",
+        },
+        body: new URLSearchParams(body),
+    });
+    if (!response.ok) {
+        const errorText = await response.text();
+        throw new Error(`Token refresh failed: ${response.status} - ${errorText}`);
+    }
+    return response.json();
+}
+/**
+ * Store an OAuth session
+ */
+export function storeOAuthSession(sessionId, tokens) {
+    oauthSessions.set(sessionId, {
+        accessToken: tokens.access_token,
+        refreshToken: tokens.refresh_token,
+        expiresAt: Date.now() + tokens.expires_in * 1000,
+        scope: tokens.scope,
+    });
+}
+/**
+ * Get an OAuth session, refreshing if needed
+ */
+export async function getOAuthSession(sessionId) {
+    const session = oauthSessions.get(sessionId);
+    if (!session) {
+        return undefined;
+    }
+    // Check if token is expired (with buffer to allow for refresh)
+    if (Date.now() >= session.expiresAt - TOKEN_EXPIRY_BUFFER_MS) {
+        // Try to refresh
+        if (session.refreshToken) {
+            try {
+                const tokens = await refreshAccessToken(session.refreshToken);
+                storeOAuthSession(sessionId, tokens);
+                return oauthSessions.get(sessionId);
+            }
+            catch {
+                // Refresh failed, remove session
+                oauthSessions.delete(sessionId);
+                return undefined;
+            }
+        }
+        else {
+            // No refresh token, session expired
+            oauthSessions.delete(sessionId);
+            return undefined;
+        }
+    }
+    return session;
+}
+/**
+ * Remove an OAuth session
+ */
+export function removeOAuthSession(sessionId) {
+    oauthSessions.delete(sessionId);
+}
+// Cleanup is now handled by storage.ts
+//# sourceMappingURL=flow.js.map