npm - @open-loyalty/mcp-server - Versions diffs - 1.8.0 → 1.13.0 - Mend

@open-loyalty/mcp-server 1.8.0 → 1.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (74) hide show

package/dist/config.d.ts +0 -9
package/dist/config.js +0 -23
package/dist/instructions.d.ts +1 -1
package/dist/instructions.js +58 -22
package/dist/tools/apps/rewards-catalog/handlers.js +2 -1
package/dist/tools/campaign/index.d.ts +16 -3
package/dist/tools/campaign/index.js +15 -4
package/dist/tools/campaign/member-handlers.d.ts +12 -0
package/dist/tools/campaign/member-handlers.js +33 -0
package/dist/tools/campaign/schemas.d.ts +6 -0
package/dist/tools/campaign/schemas.js +6 -0
package/dist/tools/channel/handlers.d.ts +32 -0
package/dist/tools/channel/handlers.js +130 -0
package/dist/tools/channel/index.d.ts +68 -0
package/dist/tools/channel/index.js +59 -0
package/dist/tools/channel/schemas.d.ts +29 -0
package/dist/tools/channel/schemas.js +30 -0
package/dist/tools/context/handlers.d.ts +49 -0
package/dist/tools/context/handlers.js +131 -0
package/dist/tools/context/index.d.ts +15 -0
package/dist/tools/context/index.js +20 -0
package/dist/tools/context/schemas.d.ts +7 -0
package/dist/tools/context/schemas.js +4 -0
package/dist/tools/group-of-values/handlers.d.ts +39 -0
package/dist/tools/group-of-values/handlers.js +133 -0
package/dist/tools/group-of-values/index.d.ts +82 -0
package/dist/tools/group-of-values/index.js +72 -0
package/dist/tools/group-of-values/schemas.d.ts +36 -0
package/dist/tools/group-of-values/schemas.js +39 -0
package/dist/tools/index.js +12 -0
package/dist/tools/language/handlers.d.ts +24 -0
package/dist/tools/language/handlers.js +127 -0
package/dist/tools/language/index.d.ts +64 -0
package/dist/tools/language/index.js +60 -0
package/dist/tools/language/schemas.d.ts +25 -0
package/dist/tools/language/schemas.js +25 -0
package/dist/tools/member/handlers.d.ts +4 -0
package/dist/tools/member/handlers.js +27 -0
package/dist/tools/member/index.d.ts +14 -2
package/dist/tools/member/index.js +15 -2
package/dist/tools/points/fraud-handlers.d.ts +21 -0
package/dist/tools/points/fraud-handlers.js +96 -0
package/dist/tools/points/index.d.ts +50 -1
package/dist/tools/points/index.js +45 -2
package/dist/tools/points/schemas.d.ts +11 -0
package/dist/tools/points/schemas.js +11 -0
package/dist/tools/reward/category-handlers.d.ts +27 -0
package/dist/tools/reward/category-handlers.js +70 -0
package/dist/tools/reward/handlers.d.ts +0 -12
package/dist/tools/reward/handlers.js +0 -28
package/dist/tools/reward/index.d.ts +76 -3
package/dist/tools/reward/index.js +63 -4
package/dist/tools/reward/photo-handlers.d.ts +10 -0
package/dist/tools/reward/photo-handlers.js +97 -0
package/dist/tools/reward/redemption-handlers.d.ts +23 -0
package/dist/tools/reward/redemption-handlers.js +50 -0
package/dist/tools/reward/schemas.d.ts +31 -0
package/dist/tools/reward/schemas.js +33 -0
package/dist/tools/segment/handlers.js +14 -10
package/dist/tools/segment/index.js +1 -1
package/dist/tools/segment/schemas.js +3 -3
package/dist/tools/store/handlers.d.ts +24 -0
package/dist/tools/store/handlers.js +29 -1
package/dist/tools/store/index.d.ts +41 -3
package/dist/tools/store/index.js +27 -4
package/dist/tools/store/schemas.d.ts +24 -0
package/dist/tools/store/schemas.js +24 -0
package/package.json +2 -12
package/dist/auth/provider.d.ts +0 -33
package/dist/auth/provider.js +0 -383
package/dist/auth/storage.d.ts +0 -16
package/dist/auth/storage.js +0 -120
package/dist/http.d.ts +0 -2
package/dist/http.js +0 -319

package/dist/auth/provider.js DELETED Viewed

@@ -1,383 +0,0 @@
-import crypto from "crypto";
-import { getStorage, KEYS } from "./storage.js";
-// Expiration times
-const AUTH_CODE_TTL_MS = 10 * 60 * 1000; // 10 minutes
-const ACCESS_TOKEN_TTL_MS = 60 * 60 * 1000; // 1 hour
-const CLIENT_TTL_MS = 365 * 24 * 60 * 60 * 1000; // 1 year
-const CONFIG_TTL_MS = 365 * 24 * 60 * 60 * 1000; // 1 year
-/**
- * Storage-backed OAuth clients store
- */
-class StorageClientsStore {
-    async getClient(clientId) {
-        const storage = getStorage();
-        const client = await storage.get(KEYS.client(clientId));
-        return client ?? undefined;
-    }
-    async registerClient(client) {
-        const storage = getStorage();
-        const clientId = crypto.randomBytes(16).toString("hex");
-        const clientIdIssuedAt = Math.floor(Date.now() / 1000);
-        const fullClient = {
-            ...client,
-            client_id: clientId,
-            client_id_issued_at: clientIdIssuedAt,
-        };
-        await storage.set(KEYS.client(clientId), fullClient, CLIENT_TTL_MS);
-        return fullClient;
-    }
-}
-/**
- * Creates the OAuth server provider
- */
-export function createOAuthProvider(issuerUrl) {
-    const clientsStore = new StorageClientsStore();
-    return {
-        get clientsStore() {
-            return clientsStore;
-        },
-        /**
-         * Handles authorization by showing a configuration form
-         */
-        async authorize(client, params, res) {
-            const storage = getStorage();
-            // Generate session ID to track this authorization flow
-            const sessionId = crypto.randomBytes(16).toString("hex");
-            // Store the pending authorization
-            const sessionData = {
-                clientId: client.client_id,
-                redirectUri: params.redirectUri,
-                codeChallenge: params.codeChallenge,
-                state: params.state,
-                scope: params.scopes?.join(" "),
-                expiresAt: Date.now() + AUTH_CODE_TTL_MS,
-            };
-            await storage.set(KEYS.session(sessionId), sessionData, AUTH_CODE_TTL_MS);
-            // Render the configuration form
-            const html = renderAuthorizationForm({
-                sessionId,
-                state: params.state,
-                clientName: client.client_name || "ChatGPT",
-                issuerUrl,
-            });
-            res.setHeader("Content-Type", "text/html");
-            res.send(html);
-        },
-        /**
-         * Returns the code challenge for a given authorization code
-         */
-        async challengeForAuthorizationCode(_client, authorizationCode) {
-            const storage = getStorage();
-            const codeData = await storage.get(KEYS.authCode(authorizationCode));
-            if (!codeData || codeData.expiresAt < Date.now()) {
-                await storage.delete(KEYS.authCode(authorizationCode));
-                throw new Error("Authorization code not found or expired");
-            }
-            return codeData.codeChallenge;
-        },
-        /**
-         * Exchanges authorization code for tokens
-         */
-        async exchangeAuthorizationCode(client, authorizationCode) {
-            const storage = getStorage();
-            const codeData = await storage.get(KEYS.authCode(authorizationCode));
-            if (!codeData || codeData.expiresAt < Date.now()) {
-                await storage.delete(KEYS.authCode(authorizationCode));
-                throw new Error("Authorization code not found or expired");
-            }
-            if (codeData.clientId !== client.client_id) {
-                throw new Error("Authorization code was not issued to this client");
-            }
-            // Delete the code (one-time use)
-            await storage.delete(KEYS.authCode(authorizationCode));
-            // Store the client config if provided
-            if (codeData.pendingConfig) {
-                await storage.set(KEYS.config(client.client_id), codeData.pendingConfig, CONFIG_TTL_MS);
-            }
-            // Generate access token
-            const accessToken = crypto.randomBytes(32).toString("hex");
-            const expiresAt = Date.now() + ACCESS_TOKEN_TTL_MS;
-            const tokenData = {
-                clientId: client.client_id,
-                scope: codeData.scope,
-                expiresAt,
-            };
-            await storage.set(KEYS.token(accessToken), tokenData, ACCESS_TOKEN_TTL_MS);
-            return {
-                access_token: accessToken,
-                token_type: "Bearer",
-                expires_in: Math.floor(ACCESS_TOKEN_TTL_MS / 1000),
-                scope: codeData.scope,
-            };
-        },
-        /**
-         * Exchanges refresh token (not supported)
-         */
-        async exchangeRefreshToken() {
-            throw new Error("Refresh tokens are not supported");
-        },
-        /**
-         * Verifies an access token
-         */
-        async verifyAccessToken(token) {
-            const storage = getStorage();
-            const tokenData = await storage.get(KEYS.token(token));
-            if (!tokenData) {
-                throw new Error("Invalid access token");
-            }
-            if (tokenData.expiresAt < Date.now()) {
-                await storage.delete(KEYS.token(token));
-                throw new Error("Access token has expired");
-            }
-            return {
-                token,
-                clientId: tokenData.clientId,
-                scopes: tokenData.scope ? tokenData.scope.split(" ") : [],
-                expiresAt: Math.floor(tokenData.expiresAt / 1000),
-            };
-        },
-    };
-}
-/**
- * Completes authorization after form submission
- */
-export async function completeAuthorization(sessionId, config) {
-    const storage = getStorage();
-    const sessionData = await storage.get(KEYS.session(sessionId));
-    if (!sessionData || sessionData.expiresAt < Date.now()) {
-        await storage.delete(KEYS.session(sessionId));
-        return { error: "Session expired. Please start the authorization process again." };
-    }
-    // Delete session
-    await storage.delete(KEYS.session(sessionId));
-    // Generate authorization code
-    const authorizationCode = crypto.randomBytes(32).toString("hex");
-    // Store with pending config
-    const codeData = {
-        ...sessionData,
-        pendingConfig: config,
-        expiresAt: Date.now() + AUTH_CODE_TTL_MS,
-    };
-    await storage.set(KEYS.authCode(authorizationCode), codeData, AUTH_CODE_TTL_MS);
-    // Build redirect URL
-    const redirectUrl = new URL(sessionData.redirectUri);
-    redirectUrl.searchParams.set("code", authorizationCode);
-    if (sessionData.state) {
-        redirectUrl.searchParams.set("state", sessionData.state);
-    }
-    return { redirectUrl: redirectUrl.toString() };
-}
-/**
- * Gets the Open Loyalty config for a client
- */
-export async function getClientConfig(clientId) {
-    const storage = getStorage();
-    const config = await storage.get(KEYS.config(clientId));
-    return config ?? undefined;
-}
-/**
- * Validates Open Loyalty credentials
- * Uses the member list endpoint to validate both API token and store code
- */
-export async function validateOpenLoyaltyCredentials(config) {
-    try {
-        // Use member list endpoint with limit=1 to validate credentials
-        // This validates both the API token and the store code existence
-        const response = await fetch(`${config.apiUrl}/${config.storeCode}/member?_itemsOnPage=1`, {
-            method: "GET",
-            headers: {
-                "Content-Type": "application/json",
-                "X-AUTH-TOKEN": config.apiToken,
-            },
-        });
-        if (response.status === 401) {
-            return { valid: false, error: "Invalid API token" };
-        }
-        if (response.status === 403) {
-            return { valid: false, error: "API token does not have required permissions" };
-        }
-        if (response.status === 404) {
-            return { valid: false, error: "Store code not found or invalid API URL" };
-        }
-        if (!response.ok) {
-            return { valid: false, error: `API returned status ${response.status}` };
-        }
-        return { valid: true };
-    }
-    catch (error) {
-        const message = error instanceof Error ? error.message : "Unknown error";
-        return { valid: false, error: `Failed to connect: ${message}` };
-    }
-}
-/**
- * Renders the authorization form HTML
- */
-function renderAuthorizationForm(params) {
-    const { sessionId, state, clientName, issuerUrl } = params;
-    return `<!DOCTYPE html>
-<html lang="en">
-<head>
-  <meta charset="UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1.0">
-  <title>Connect to Open Loyalty</title>
-  <style>
-    * { box-sizing: border-box; }
-    body {
-      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
-      background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
-      min-height: 100vh;
-      margin: 0;
-      padding: 20px;
-      display: flex;
-      justify-content: center;
-      align-items: center;
-    }
-    .container {
-      background: white;
-      border-radius: 16px;
-      box-shadow: 0 25px 50px -12px rgba(0, 0, 0, 0.25);
-      padding: 40px;
-      width: 100%;
-      max-width: 420px;
-    }
-    h1 {
-      color: #1a1a2e;
-      font-size: 24px;
-      text-align: center;
-      margin: 0 0 8px 0;
-    }
-    .subtitle {
-      color: #6b7280;
-      text-align: center;
-      font-size: 14px;
-      margin-bottom: 32px;
-    }
-    .client-name { color: #667eea; font-weight: 500; }
-    .form-group { margin-bottom: 20px; }
-    label {
-      display: block;
-      color: #374151;
-      font-size: 14px;
-      font-weight: 500;
-      margin-bottom: 6px;
-    }
-    input {
-      width: 100%;
-      padding: 12px 16px;
-      border: 2px solid #e5e7eb;
-      border-radius: 8px;
-      font-size: 14px;
-    }
-    input:focus {
-      outline: none;
-      border-color: #667eea;
-    }
-    .help-text { color: #6b7280; font-size: 12px; margin-top: 4px; }
-    button {
-      width: 100%;
-      padding: 14px 24px;
-      background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
-      color: white;
-      border: none;
-      border-radius: 8px;
-      font-size: 16px;
-      font-weight: 600;
-      cursor: pointer;
-    }
-    button:hover { opacity: 0.9; }
-    button:disabled { opacity: 0.7; cursor: not-allowed; }
-    .error { background: #fef2f2; border: 1px solid #fecaca; color: #dc2626; padding: 12px; border-radius: 8px; margin-bottom: 20px; display: none; }
-    .error.visible { display: block; }
-  </style>
-</head>
-<body>
-  <div class="container">
-    <h1>Connect to Open Loyalty</h1>
-    <p class="subtitle">
-      <span class="client-name">${escapeHtml(clientName)}</span> wants to access your Open Loyalty account
-    </p>
-    <div id="error" class="error"></div>
-    <form id="authForm">
-      <input type="hidden" name="session_id" value="${escapeHtml(sessionId)}">
-      ${state ? `<input type="hidden" name="state" value="${escapeHtml(state)}">` : ""}
-      <div class="form-group">
-        <label for="apiUrl">API URL</label>
-        <input type="url" id="apiUrl" name="api_url" placeholder="https://api.openloyalty.io" required>
-        <p class="help-text">Your Open Loyalty API endpoint</p>
-      </div>
-      <div class="form-group">
-        <label for="apiToken">API Token</label>
-        <input type="password" id="apiToken" name="api_token" required>
-        <p class="help-text">From your Open Loyalty admin panel</p>
-      </div>
-      <div class="form-group">
-        <label for="storeCode">Store Code</label>
-        <input type="text" id="storeCode" name="store_code" value="default" required>
-        <p class="help-text">Usually "default"</p>
-      </div>
-      <button type="submit" id="submitBtn">Connect Account</button>
-    </form>
-  </div>
-  <script>
-    const form = document.getElementById('authForm');
-    const errorEl = document.getElementById('error');
-    const submitBtn = document.getElementById('submitBtn');
-    form.addEventListener('submit', async (e) => {
-      e.preventDefault();
-      errorEl.classList.remove('visible');
-      submitBtn.disabled = true;
-      submitBtn.textContent = 'Connecting...';
-      try {
-        const formData = new FormData(form);
-        const response = await fetch('${issuerUrl}/authorize/submit', {
-          method: 'POST',
-          headers: { 'Content-Type': 'application/json' },
-          body: JSON.stringify({
-            session_id: formData.get('session_id'),
-            state: formData.get('state'),
-            api_url: formData.get('api_url'),
-            api_token: formData.get('api_token'),
-            store_code: formData.get('store_code'),
-          }),
-        });
-        const result = await response.json();
-        if (result.redirect_url) {
-          window.location.href = result.redirect_url;
-        } else if (result.error) {
-          errorEl.textContent = result.error;
-          errorEl.classList.add('visible');
-          submitBtn.disabled = false;
-          submitBtn.textContent = 'Connect Account';
-        }
-      } catch (err) {
-        errorEl.textContent = 'Connection failed. Please try again.';
-        errorEl.classList.add('visible');
-        submitBtn.disabled = false;
-        submitBtn.textContent = 'Connect Account';
-      }
-    });
-  </script>
-</body>
-</html>`;
-}
-function escapeHtml(text) {
-    const escapes = {
-        "&": "&amp;",
-        "<": "&lt;",
-        ">": "&gt;",
-        '"': "&quot;",
-        "'": "&#39;",
-    };
-    return text.replace(/[&<>"']/g, (c) => escapes[c]);
-}

package/dist/auth/storage.d.ts DELETED Viewed

@@ -1,16 +0,0 @@
-export interface StorageBackend {
-    get<T>(key: string): Promise<T | null>;
-    set<T>(key: string, value: T, ttlMs?: number): Promise<void>;
-    delete(key: string): Promise<void>;
-}
-/**
- * Get the storage backend (Redis if available, otherwise in-memory)
- */
-export declare function getStorage(): StorageBackend;
-export declare const KEYS: {
-    client: (id: string) => string;
-    authCode: (code: string) => string;
-    session: (id: string) => string;
-    token: (token: string) => string;
-    config: (clientId: string) => string;
-};

package/dist/auth/storage.js DELETED Viewed

@@ -1,120 +0,0 @@
-/**
- * Storage abstraction for OAuth data
- * Uses Redis if REDIS_URL is set, otherwise falls back to in-memory storage
- */
-import { Redis } from "ioredis";
-/**
- * In-memory storage for local development
- * Includes periodic cleanup to prevent memory leaks from expired entries
- */
-class InMemoryStorage {
-    data = new Map();
-    cleanupInterval;
-    constructor() {
-        // Periodic cleanup every 5 minutes to remove expired entries
-        this.cleanupInterval = setInterval(() => this.cleanup(), 5 * 60 * 1000);
-        this.cleanupInterval.unref(); // Don't prevent process exit
-    }
-    cleanup() {
-        const now = Date.now();
-        for (const [key, entry] of this.data) {
-            if (entry.expiresAt && entry.expiresAt < now) {
-                this.data.delete(key);
-            }
-        }
-    }
-    async get(key) {
-        const entry = this.data.get(key);
-        if (!entry)
-            return null;
-        if (entry.expiresAt && entry.expiresAt < Date.now()) {
-            this.data.delete(key);
-            return null;
-        }
-        return entry.value;
-    }
-    async set(key, value, ttlMs) {
-        this.data.set(key, {
-            value,
-            expiresAt: ttlMs ? Date.now() + ttlMs : undefined,
-        });
-    }
-    async delete(key) {
-        this.data.delete(key);
-    }
-    /**
-     * Close the storage and clean up resources
-     */
-    close() {
-        clearInterval(this.cleanupInterval);
-        this.data.clear();
-    }
-}
-/**
- * Redis storage for production
- */
-class RedisStorage {
-    client;
-    constructor(redisUrl) {
-        this.client = new Redis(redisUrl, {
-            maxRetriesPerRequest: 3,
-            retryStrategy: (times) => Math.min(times * 100, 3000),
-        });
-        this.client.on("error", (err) => {
-            console.error("Redis connection error:", err.message);
-        });
-        this.client.on("connect", () => {
-            console.log("Connected to Redis");
-        });
-    }
-    async get(key) {
-        const data = await this.client.get(key);
-        if (!data)
-            return null;
-        try {
-            return JSON.parse(data);
-        }
-        catch {
-            return null;
-        }
-    }
-    async set(key, value, ttlMs) {
-        const data = JSON.stringify(value);
-        if (ttlMs) {
-            await this.client.set(key, data, "PX", ttlMs);
-        }
-        else {
-            await this.client.set(key, data);
-        }
-    }
-    async delete(key) {
-        await this.client.del(key);
-    }
-}
-// Singleton storage instance
-let storage = null;
-/**
- * Get the storage backend (Redis if available, otherwise in-memory)
- */
-export function getStorage() {
-    if (storage)
-        return storage;
-    const redisUrl = process.env.REDIS_URL;
-    if (redisUrl) {
-        console.log("Using Redis for OAuth storage");
-        storage = new RedisStorage(redisUrl);
-    }
-    else {
-        console.log("Using in-memory storage for OAuth (set REDIS_URL for persistence)");
-        storage = new InMemoryStorage();
-    }
-    return storage;
-}
-// Storage key prefixes
-export const KEYS = {
-    client: (id) => `oauth:client:${id}`,
-    authCode: (code) => `oauth:code:${code}`,
-    session: (id) => `oauth:session:${id}`,
-    token: (token) => `oauth:token:${token}`,
-    config: (clientId) => `oauth:config:${clientId}`,
-};

package/dist/http.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- #!/usr/bin/env node
2	- import "dotenv/config";