@perfai/mcp 1.0.24

package/dist/auth/sessionStorage.js

@@ -0,0 +1,234 @@
+import * as fs from 'fs';
+import * as path from 'path';
+import * as os from 'os';
+import { createHash, createCipheriv, createDecipheriv, randomBytes } from 'crypto';
+/**
+ * Secure session storage for MCP PerfAI server
+ * Handles persistent storage of authentication sessions with encryption
+ */
+export class SessionStorage {
+    storageDir;
+    sessionFile;
+    keyFile;
+    encryptionKey = null;
+    constructor(appName = 'mcp-perfai') {
+        // Use OS-specific config directory for npm package compatibility
+        this.storageDir = this.getConfigDirectory(appName);
+        this.sessionFile = path.join(this.storageDir, 'session.enc');
+        this.keyFile = path.join(this.storageDir, 'session.key');
+        this.ensureStorageDirectory();
+        this.initializeEncryptionKey();
+    }
+    /**
+     * Get OS-specific configuration directory
+     */
+    getConfigDirectory(appName) {
+        const platform = os.platform();
+        let configDir;
+        switch (platform) {
+            case 'win32':
+                configDir = path.join(os.homedir(), 'AppData', 'Local', appName);
+                break;
+            case 'darwin':
+                configDir = path.join(os.homedir(), 'Library', 'Application Support', appName);
+                break;
+            default: // linux and others
+                configDir = path.join(os.homedir(), '.config', appName);
+                break;
+        }
+        return configDir;
+    }
+    /**
+     * Ensure storage directory exists
+     */
+    ensureStorageDirectory() {
+        try {
+            if (!fs.existsSync(this.storageDir)) {
+                fs.mkdirSync(this.storageDir, { recursive: true, mode: 0o700 });
+            }
+        }
+        catch (error) {
+            console.error('Failed to create storage directory:', error);
+            throw new Error('Cannot initialize session storage');
+        }
+    }
+    /**
+     * Initialize or load encryption key
+     */
+    initializeEncryptionKey() {
+        try {
+            if (fs.existsSync(this.keyFile)) {
+                // Load existing key
+                this.encryptionKey = fs.readFileSync(this.keyFile, 'utf8').trim();
+            }
+            else {
+                // Generate new key
+                this.encryptionKey = randomBytes(32).toString('hex');
+                fs.writeFileSync(this.keyFile, this.encryptionKey, { mode: 0o600 });
+            }
+        }
+        catch (error) {
+            console.error('Failed to initialize encryption key:', error);
+            // Fall back to in-memory key (less secure but functional)
+            this.encryptionKey = randomBytes(32).toString('hex');
+        }
+    }
+    /**
+     * Encrypt data using AES-256-CBC
+     */
+    encrypt(data) {
+        try {
+            if (!this.encryptionKey) {
+                throw new Error('Encryption key not available');
+            }
+            const algorithm = 'aes-256-cbc';
+            const iv = randomBytes(16);
+            const key = createHash('sha256').update(this.encryptionKey).digest();
+            const cipher = createCipheriv(algorithm, key, iv);
+            let encrypted = cipher.update(data, 'utf8', 'hex');
+            encrypted += cipher.final('hex');
+            return iv.toString('hex') + ':' + encrypted;
+        }
+        catch (error) {
+            console.error('Encryption failed:', error);
+            throw new Error('Failed to encrypt session data');
+        }
+    }
+    /**
+     * Decrypt data using AES-256-CBC
+     */
+    decrypt(encryptedData) {
+        try {
+            if (!this.encryptionKey) {
+                throw new Error('Encryption key not available');
+            }
+            const algorithm = 'aes-256-cbc';
+            const parts = encryptedData.split(':');
+            if (parts.length !== 2) {
+                throw new Error('Invalid encrypted data format');
+            }
+            const iv = Buffer.from(parts[0], 'hex');
+            const encrypted = parts[1];
+            const key = createHash('sha256').update(this.encryptionKey).digest();
+            const decipher = createDecipheriv(algorithm, key, iv);
+            let decrypted = decipher.update(encrypted, 'hex', 'utf8');
+            decrypted += decipher.final('utf8');
+            return decrypted;
+        }
+        catch (error) {
+            console.error('Decryption failed:', error);
+            throw new Error('Failed to decrypt session data');
+        }
+    }
+    /**
+     * Save session to persistent storage
+     */
+    async saveSession(session) {
+        try {
+            // Add metadata for validation
+            const sessionData = {
+                version: '1.0.0',
+                savedAt: Date.now(),
+                session: {
+                    ...session,
+                    // Convert Date objects to timestamps for JSON serialization
+                    fixedIssues: session.fixedIssues?.map(issue => ({
+                        ...issue,
+                        fixedAt: issue.fixedAt instanceof Date ? issue.fixedAt.getTime() : issue.fixedAt
+                    }))
+                }
+            };
+            const jsonData = JSON.stringify(sessionData, null, 2);
+            const encryptedData = this.encrypt(jsonData);
+            fs.writeFileSync(this.sessionFile, encryptedData, { mode: 0o600 });
+            console.error('💾 Session saved successfully');
+        }
+        catch (error) {
+            console.error('❌ Failed to save session:', error);
+            // Don't throw - allow app to continue without persistence
+        }
+    }
+    /**
+     * Load session from persistent storage
+     */
+    async loadSession() {
+        try {
+            if (!fs.existsSync(this.sessionFile)) {
+                console.error('📂 No saved session found');
+                return null;
+            }
+            const encryptedData = fs.readFileSync(this.sessionFile, 'utf8');
+            const jsonData = this.decrypt(encryptedData);
+            const sessionData = JSON.parse(jsonData);
+            // Validate session format and version
+            if (!sessionData.version || !sessionData.session) {
+                console.error('⚠️  Invalid session format, clearing storage');
+                this.clearSession();
+                return null;
+            }
+            const session = sessionData.session;
+            // Check if session is expired
+            if (Date.now() >= session.expiresAt) {
+                console.error('⏰ Saved session has expired, clearing storage');
+                this.clearSession();
+                return null;
+            }
+            // Restore Date objects
+            if (session.fixedIssues) {
+                session.fixedIssues = session.fixedIssues.map(issue => ({
+                    ...issue,
+                    fixedAt: new Date(issue.fixedAt)
+                }));
+            }
+            const timeLeft = Math.round((session.expiresAt - Date.now()) / (1000 * 60 * 60));
+            console.error(`✅ Session loaded successfully, expires in ${timeLeft} hours`);
+            return session;
+        }
+        catch (error) {
+            console.error('❌ Failed to load session:', error);
+            // Clear corrupted session
+            this.clearSession();
+            return null;
+        }
+    }
+    /**
+     * Clear stored session
+     */
+    clearSession() {
+        try {
+            if (fs.existsSync(this.sessionFile)) {
+                fs.unlinkSync(this.sessionFile);
+                console.error('🗑️  Session storage cleared');
+            }
+        }
+        catch (error) {
+            console.error('❌ Failed to clear session storage:', error);
+        }
+    }
+    /**
+     * Check if session exists and is valid
+     */
+    hasValidSession() {
+        try {
+            if (!fs.existsSync(this.sessionFile)) {
+                return false;
+            }
+            const encryptedData = fs.readFileSync(this.sessionFile, 'utf8');
+            const jsonData = this.decrypt(encryptedData);
+            const sessionData = JSON.parse(jsonData);
+            if (!sessionData.session?.expiresAt) {
+                return false;
+            }
+            return Date.now() < sessionData.session.expiresAt;
+        }
+        catch (error) {
+            return false;
+        }
+    }
+    /**
+     * Get session storage location (for debugging)
+     */
+    getStorageLocation() {
+        return this.storageDir;
+    }
+}

package/dist/auth/types.d.ts

@@ -0,0 +1,28 @@
+import { ApiCatalog, ApiSelection } from '../types/api.js';
+export interface FixedIssue {
+    issueId: string;
+    issue: any;
+    fixedAt: Date;
+    prompt: string;
+    status: "ai-fixed" | "pending-validation";
+}
+export interface UserSession {
+    accessToken: string;
+    idToken: string;
+    tokenType: string;
+    userInfo: any;
+    expiresAt: number;
+    organizations?: any[];
+    selectedOrgId?: string;
+    selectedApiId?: string;
+    selectedApiData?: ApiCatalog;
+    selectedApiIdentifier?: ApiSelection;
+    selectedSecurityAppId?: string;
+    selectedDesignAppId?: string;
+    selectedQualityAppId?: string;
+    fixedIssues?: FixedIssue[];
+    fixedDesignIssues?: FixedIssue[];
+    fixedQualityIssues?: FixedIssue[];
+    appSequenceMap?: Map<number, string>;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/auth/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/auth/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAG3D,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,GAAG,CAAC;IACX,OAAO,EAAE,IAAI,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,UAAU,GAAG,oBAAoB,CAAC;CAC3C;AAGD,MAAM,WAAW,WAAW;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,GAAG,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,GAAG,EAAE,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,eAAe,CAAC,EAAE,UAAU,CAAC;IAC7B,qBAAqB,CAAC,EAAE,YAAY,CAAC;IACrC,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAC3B,iBAAiB,CAAC,EAAE,UAAU,EAAE,CAAC;IACjC,kBAAkB,CAAC,EAAE,UAAU,EAAE,CAAC;IAClC,cAAc,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACtC"}

package/dist/auth/types.js

@@ -0,0 +1 @@
+export {};

package/dist/config.d.ts

@@ -0,0 +1,65 @@
+export declare const SERVER_INFO: {
+    name: string;
+    version: string;
+};
+export declare const AUTH0_DOMAIN: string;
+export declare const CLIENT_ID: string;
+export declare const CLIENT_SECRET: string;
+export declare const REDIRECT_URI: string;
+export declare const API_ENDPOINTS: {
+    readonly TOKEN: `https://${string}/oauth/token`;
+    readonly USERINFO: `https://${string}/userinfo`;
+    readonly ORGANIZATIONS: "https://api.perfai.ai/api/v1/org-users/get_users_orgs";
+    readonly SECURITY_ISSUES: "https://api.perfai.ai/api/v1/sensitive-data-service/apps/issues/all-by-org";
+    readonly SECURITY_ISSUES_BY_APP: "https://api.perfai.ai/api/v1/sensitive-data-service/apps/issues/by-app";
+    readonly DESIGN_ISSUES_BY_APP: "https://api.perfai.ai/api/v1/design-analysis-service/apps/org/issues";
+    readonly APP_SUMMARY: "https://api.perfai.ai/api/v1/api-catalog/apps/summary";
+    readonly QUALITY_ISSUES_BY_APP: "https://api.perfai.ai/api/v1/spec-validation/tests";
+    readonly API_CATALOG: "https://api.perfai.ai/api/v1/api-catalog/apps/catalog_id_name_label";
+    readonly API_CATALOG_SERVICE_IDS: "https://api.perfai.ai/api/v1/api-catalog/apps/service-ids";
+    readonly WEBAPP_API: "https://api.perfai.ai/api/v1";
+    readonly DASHBOARD_API: "https://lm.perfai.ai/api/v1";
+    readonly DASHBOARD_API_AUTH: string;
+    readonly LLM_API: "https://llmservice.dev.perfai.ai/api/tokens";
+    readonly LLM_GENERATE_API: "http://localhost:4000/api/generate";
+};
+export declare const DOCKER_HUB: {
+    readonly USERNAME: string;
+    readonly PAT: string;
+};
+export declare const DOCKER_CONFIG: {
+    readonly IMAGE: "mohdrashid1/perfai-agent";
+    readonly TIMEOUT: number;
+    readonly ENV_VARS: {
+        readonly MODE: "LOCAL";
+        readonly TASK_TYPE: "PRIVACY";
+        readonly AGENT_ID: "MCP_LOCAL_DOCKER_PERFAI_AGENT";
+        readonly PERF_CATEGORY_FILE: "perf_categories.csv";
+        readonly TEST_CATEGORY_FILE: "test_categories.csv";
+        readonly PRIVACY_CATEGORY_FILE: "privacy_categories.csv";
+        readonly SPEC_VALIDATION_CATEGORY_FILE: "spec_validation_categories.csv";
+    };
+};
+export declare const DOCKER_CONFIG_VISION_AI_APP_LEARNING: {
+    readonly IMAGE: "mohdrashid1/vision-ai-agent";
+    readonly TIMEOUT: number;
+};
+export declare const DESIGN_DOCKER_CONFIG: {
+    readonly IMAGE: "mohdrashid1/perfai-agent";
+    readonly TIMEOUT: number;
+    readonly ENV_VARS: {
+        readonly MODE: "LOCAL";
+        readonly TASK_TYPE: "GOVERNANCE";
+        readonly AGENT_ID: "MCP_LOCAL_DOCKER_PERFAI_AGENT_DESIGN";
+    };
+};
+export declare const QUALITY_DOCKER_CONFIG: {
+    readonly IMAGE: "mohdrashid1/perfai-agent";
+    readonly TIMEOUT: number;
+    readonly ENV_VARS: {
+        readonly MODE: "LOCAL";
+        readonly TASK_TYPE: "SPEC_VALIDATION";
+        readonly AGENT_ID: "MCP_LOCAL_DOCKER_PERFAI_AGENT_QUALITY";
+    };
+};
+//# sourceMappingURL=config.d.ts.map

package/dist/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AACA,eAAO,MAAM,WAAW;;;CAGvB,CAAC;AAGF,eAAO,MAAM,YAAY,QAAsD,CAAC;AAChF,eAAO,MAAM,SAAS,QAA2E,CAAC;AAElG,eAAO,MAAM,aAAa,QAA+C,CAAC;AAE1E,eAAO,MAAM,YAAY,QAA6D,CAAC;AAGvF,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;CAiBhB,CAAC;AAGX,eAAO,MAAM,UAAU;;;CAGb,CAAC;AAGX,eAAO,MAAM,aAAa;;;;;;;;;;;;CAYhB,CAAC;AAGX,eAAO,MAAM,oCAAoC;;;CAGvC,CAAC;AAGX,eAAO,MAAM,oBAAoB;;;;;;;;CAQvB,CAAC;AAGX,eAAO,MAAM,qBAAqB;;;;;;;;CAQxB,CAAC"}

package/dist/config.js

@@ -0,0 +1,74 @@
+// Server configuration
+export const SERVER_INFO = {
+    name: "mcp-typescript-server",
+    version: "1.0.0",
+};
+// Auth0 / PerfAI configuration (override via env / K8s Secret)
+export const AUTH0_DOMAIN = process.env.PERFAI_AUTH0_DOMAIN || "auth.perfai.ai";
+export const CLIENT_ID = process.env.PERFAI_AUTH0_CLIENT_ID || "OxipoJS8EIdpN3KzhVQ280zkKxwzGLfI";
+// Leave empty by default to avoid bundling secrets in source.
+export const CLIENT_SECRET = process.env.PERFAI_AUTH0_CLIENT_SECRET || "";
+export const REDIRECT_URI = process.env.PERFAI_REDIRECT_URI || "http://localhost:5173";
+// API endpoints
+export const API_ENDPOINTS = {
+    TOKEN: `https://${AUTH0_DOMAIN}/oauth/token`,
+    USERINFO: `https://${AUTH0_DOMAIN}/userinfo`,
+    ORGANIZATIONS: 'https://api.perfai.ai/api/v1/org-users/get_users_orgs',
+    SECURITY_ISSUES: 'https://api.perfai.ai/api/v1/sensitive-data-service/apps/issues/all-by-org',
+    SECURITY_ISSUES_BY_APP: 'https://api.perfai.ai/api/v1/sensitive-data-service/apps/issues/by-app',
+    DESIGN_ISSUES_BY_APP: 'https://api.perfai.ai/api/v1/design-analysis-service/apps/org/issues',
+    APP_SUMMARY: 'https://api.perfai.ai/api/v1/api-catalog/apps/summary',
+    QUALITY_ISSUES_BY_APP: 'https://api.perfai.ai/api/v1/spec-validation/tests',
+    API_CATALOG: 'https://api.perfai.ai/api/v1/api-catalog/apps/catalog_id_name_label',
+    API_CATALOG_SERVICE_IDS: 'https://api.perfai.ai/api/v1/api-catalog/apps/service-ids',
+    WEBAPP_API: 'https://api.perfai.ai/api/v1',
+    DASHBOARD_API: 'https://lm.perfai.ai/api/v1',
+    // Provide full header value (e.g. "Authorization: Basic <base64>") via env / K8s Secret.
+    DASHBOARD_API_AUTH: process.env.PERFAI_DASHBOARD_API_AUTH || '',
+    LLM_API: 'https://llmservice.dev.perfai.ai/api/tokens',
+    LLM_GENERATE_API: 'http://localhost:4000/api/generate',
+};
+// Docker Hub credentials for pulling private images
+export const DOCKER_HUB = {
+    USERNAME: process.env.DOCKER_HUB_USERNAME || 'mohdrashid1',
+    PAT: process.env.DOCKER_HUB_PAT || 'dckr_pat_g3sj9rLa0sYrlzT5BmgZS_24vl8',
+};
+// Docker configuration
+export const DOCKER_CONFIG = {
+    IMAGE: 'mohdrashid1/perfai-agent',
+    TIMEOUT: 30 * 60 * 1000, // 30 minutes
+    ENV_VARS: {
+        MODE: 'LOCAL',
+        TASK_TYPE: 'PRIVACY',
+        AGENT_ID: 'MCP_LOCAL_DOCKER_PERFAI_AGENT',
+        PERF_CATEGORY_FILE: 'perf_categories.csv',
+        TEST_CATEGORY_FILE: 'test_categories.csv',
+        PRIVACY_CATEGORY_FILE: 'privacy_categories.csv',
+        SPEC_VALIDATION_CATEGORY_FILE: 'spec_validation_categories.csv',
+    }
+};
+// Docker configuration for Vision AI App Learning (GENERATE_SPEC / OAS generation)
+export const DOCKER_CONFIG_VISION_AI_APP_LEARNING = {
+    IMAGE: 'mohdrashid1/vision-ai-agent',
+    TIMEOUT: 45 * 60 * 1000, // 45 minutes (OAS generation can be long)
+};
+// Design-specific Docker configuration (matches extension implementation)
+export const DESIGN_DOCKER_CONFIG = {
+    IMAGE: 'mohdrashid1/perfai-agent',
+    TIMEOUT: 30 * 60 * 1000, // 30 minutes
+    ENV_VARS: {
+        MODE: 'LOCAL',
+        TASK_TYPE: 'GOVERNANCE', // Design testing uses GOVERNANCE task type
+        AGENT_ID: 'MCP_LOCAL_DOCKER_PERFAI_AGENT_DESIGN',
+    }
+};
+// Quality-specific Docker configuration (matches extension implementation)
+export const QUALITY_DOCKER_CONFIG = {
+    IMAGE: 'mohdrashid1/perfai-agent',
+    TIMEOUT: 30 * 60 * 1000, // 30 minutes
+    ENV_VARS: {
+        MODE: 'LOCAL',
+        TASK_TYPE: 'SPEC_VALIDATION', // Quality testing uses SPEC_VALIDATION task type
+        AGENT_ID: 'MCP_LOCAL_DOCKER_PERFAI_AGENT_QUALITY',
+    }
+};

package/dist/server.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=server.d.ts.map

package/dist/server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":""}

package/dist/server.js

@@ -0,0 +1,144 @@
+#!/usr/bin/env node
+import dotenv from "dotenv";
+import { Server } from "@modelcontextprotocol/sdk/server/index.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { CallToolRequestSchema, ErrorCode, ListToolsRequestSchema, McpError, } from "@modelcontextprotocol/sdk/types.js";
+dotenv.config();
+// Import configuration and types
+import { SERVER_INFO } from './config.js';
+import { AuthenticationManager } from './auth/authManager.js';
+// Import tool definitions and handlers
+import { PUBLIC_TOOLS, PROTECTED_TOOLS, handleLogin, handleAuthStatus, handleUserInfo, handleLogout, handleSetup, handleShowSecurityIssues, handleShowDesignIssues, handleShowQualityIssues, handleManageOrganizations, handleListApis, handleSelectApi, handleAiFixSecurityIssue, handleAiFixDesignIssue, handleAiFixQualityIssue, handleShowFixedIssues, handleCheckSecurityFixes, handleCheckDesignFixes, handleCheckQualityFixes, handleSummarizeIssues } from './tools/index.js';
+const authManager = new AuthenticationManager();
+// Create the server instance
+const server = new Server(SERVER_INFO, {
+    capabilities: {
+        tools: { listChanged: true }, // 👈 Enable dynamic tool list updates
+    },
+});
+// List tools handler - returns different tools based on authentication status
+server.setRequestHandler(ListToolsRequestSchema, async () => {
+    const isAuthenticated = await authManager.isAuthenticated();
+    console.error(`🔍 ListTools called - Authenticated: ${isAuthenticated}`);
+    // ALWAYS show all tools - authentication is enforced in CallToolRequestSchema
+    console.error(`🛠️  Always returning all ${Object.keys(PUBLIC_TOOLS).length + Object.keys(PROTECTED_TOOLS).length} tools`);
+    return {
+        tools: [...Object.values(PUBLIC_TOOLS), ...Object.values(PROTECTED_TOOLS)],
+    };
+});
+// Call tool handler with authentication logic
+server.setRequestHandler(CallToolRequestSchema, async (request) => {
+    const { name, arguments: args } = request.params;
+    try {
+        // Handle public tools (authentication tools)
+        switch (name) {
+            case "login": {
+                return await handleLogin(authManager);
+            }
+            case "auth_status": {
+                return await handleAuthStatus(authManager);
+            }
+        }
+        // Check authentication for protected tools
+        if (!(await authManager.isAuthenticated())) {
+            throw new McpError(ErrorCode.InvalidRequest, `🔐 Authentication required. Please run the 'login' tool first to access '${name}'.`);
+        }
+        // Handle protected tools (require authentication)
+        switch (name) {
+            case "user_info": {
+                return await handleUserInfo(authManager);
+            }
+            case "logout": {
+                return await handleLogout(authManager);
+            }
+            case "setup": {
+                return await handleSetup(authManager, args);
+            }
+            case "show_security_issues": {
+                return await handleShowSecurityIssues(authManager, args);
+            }
+            case "show_design_issues": {
+                return await handleShowDesignIssues(authManager, args);
+            }
+            case "show_quality_issues": {
+                return await handleShowQualityIssues(authManager, args);
+            }
+            case "manage_organizations": {
+                return await handleManageOrganizations(authManager, args);
+            }
+            case "list_apps": {
+                return await handleListApis(authManager);
+            }
+            case "select_app": {
+                return await handleSelectApi(authManager, args);
+            }
+            case "ai_fix_security_issue": {
+                return await handleAiFixSecurityIssue(authManager, args);
+            }
+            case "ai_fix_design_issue": {
+                return await handleAiFixDesignIssue(authManager, args);
+            }
+            case "ai_fix_quality_issue": {
+                return await handleAiFixQualityIssue(authManager, args);
+            }
+            case "show_fixed_issues": {
+                return await handleShowFixedIssues(authManager);
+            }
+            case "check_security_fixes": {
+                return await handleCheckSecurityFixes(authManager, args);
+            }
+            case "check_design_fixes": {
+                return await handleCheckDesignFixes(authManager, args);
+            }
+            case "check_quality_fixes": {
+                return await handleCheckQualityFixes(authManager, args);
+            }
+            case "summarize_issues": {
+                return await handleSummarizeIssues(authManager);
+            }
+            default:
+                throw new McpError(ErrorCode.MethodNotFound, `Unknown tool: ${name}`);
+        }
+    }
+    catch (error) {
+        if (error instanceof McpError) {
+            throw error;
+        }
+        throw new McpError(ErrorCode.InternalError, `Tool execution failed: ${error}`);
+    }
+});
+// Error handling
+server.onerror = (error) => {
+    // Log errors to stderr to avoid interfering with STDIO transport
+    console.error("[MCP Error]", error);
+};
+process.on("SIGINT", async () => {
+    await server.close();
+    process.exit(0);
+});
+// Start the server
+async function main() {
+    // Only log to stderr for STDIO transport compatibility
+    console.error("🚀 Starting PerfAI MCP TypeScript Server with Authentication...");
+    console.error(`🔧 Server: ${SERVER_INFO.name} v${SERVER_INFO.version}`);
+    console.error("📋 Public tools:", Object.keys(PUBLIC_TOOLS).join(", "));
+    console.error("🔒 Protected tools:", Object.keys(PROTECTED_TOOLS).join(", "));
+    console.error("⚠️  Note: Protected tools require authentication via 'login' tool");
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+    console.error("✅ PerfAI MCP Server is running and ready to accept connections!");
+    console.error("🔑 Run 'login' tool to authenticate and access all features");
+}
+// Handle uncaught exceptions
+process.on("uncaughtException", (error) => {
+    console.error("Uncaught Exception:", error);
+    process.exit(1);
+});
+process.on("unhandledRejection", (reason, promise) => {
+    console.error("Unhandled Rejection at:", promise, "reason:", reason);
+    process.exit(1);
+});
+main().catch((error) => {
+    console.error("Failed to start server:", error);
+    process.exit(1);
+});

package/dist/setup-config.d.ts

@@ -0,0 +1,4 @@
+#!/usr/bin/env node
+declare function generateConfigFiles(): void;
+export { generateConfigFiles };
+//# sourceMappingURL=setup-config.d.ts.map

package/dist/setup-config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"setup-config.d.ts","sourceRoot":"","sources":["../src/setup-config.ts"],"names":[],"mappings":";AAOA,iBAAS,mBAAmB,SA2D3B;AAUD,OAAO,EAAE,mBAAmB,EAAE,CAAC"}

package/dist/setup-config.js

@@ -0,0 +1,69 @@
+#!/usr/bin/env node
+import * as fs from 'fs';
+import * as path from 'path';
+// Generate MCP configuration files
+function generateConfigFiles() {
+    const configs = {
+        cursor: {
+            mcpServers: {
+                "perfai-mcp": {
+                    type: "stdio",
+                    command: "npx",
+                    args: ["perfai-mcp-server"],
+                    env: {
+                        PERFAI_USERNAME: "your-username-here",
+                        PERFAI_PASSWORD: "your-password-here"
+                    }
+                }
+            }
+        },
+        vscode: {
+            mcpServers: {
+                "perfai-mcp": {
+                    type: "stdio",
+                    command: "npx",
+                    args: ["perfai-mcp-server"],
+                    env: {
+                        PERFAI_USERNAME: "your-username-here",
+                        PERFAI_PASSWORD: "your-password-here"
+                    }
+                }
+            }
+        }
+    };
+    // Get current working directory
+    const currentDir = process.cwd();
+    // Generate Cursor config
+    const cursorConfigPath = path.join(currentDir, 'cursor_mcp_config.json');
+    fs.writeFileSync(cursorConfigPath, JSON.stringify(configs.cursor, null, 2));
+    // Generate VS Code config
+    const vscodeConfigPath = path.join(currentDir, 'vscode_mcp_config.json');
+    fs.writeFileSync(vscodeConfigPath, JSON.stringify(configs.vscode, null, 2));
+    console.log('🎉 MCP Configuration files generated successfully!');
+    console.log('');
+    console.log('📁 Files created:');
+    console.log(`   • ${cursorConfigPath}`);
+    console.log(`   • ${vscodeConfigPath}`);
+    console.log('');
+    console.log('📝 Next steps:');
+    console.log('1. Edit the config files and replace the placeholder credentials:');
+    console.log('   - Replace "your-username-here" with your PerfAI username');
+    console.log('   - Replace "your-password-here" with your PerfAI password');
+    console.log('');
+    console.log('2. Copy the config to your MCP client:');
+    console.log('   • For Cursor: Copy cursor_mcp_config.json to your Cursor config directory');
+    console.log('   • For VS Code: Copy vscode_mcp_config.json to your VS Code config directory');
+    console.log('');
+    console.log('3. Restart your MCP client to load the new configuration');
+    console.log('');
+    console.log('🔗 Package URL: https://www.npmjs.com/package/perfai-mcp-server');
+}
+// Main execution
+try {
+    generateConfigFiles();
+}
+catch (error) {
+    console.error('❌ Error generating config files:', error);
+    process.exit(1);
+}
+export { generateConfigFiles };