@sfranalytics/mcp 0.6.0

package/LICENSE

@@ -0,0 +1,24 @@
+Copyright (c) 2024-2026 SFR Analytics, Inc. All rights reserved.
+
+PROPRIETARY LICENSE
+
+This software and associated documentation files (the "Software") are the
+proprietary property of SFR Analytics, Inc.
+
+Use of this Software is governed by the SFR Analytics Terms of Service
+available at: https://www.sfranalytics.com/terms
+
+You may use this Software only in accordance with a valid SFR Analytics
+subscription and the Terms of Service. You may not copy, modify, distribute,
+sell, or sublicense this Software or any portion thereof without prior written
+consent from SFR Analytics, Inc.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+SFR ANALYTICS, INC. BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
+OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+For licensing inquiries: support@sfranalytics.com

package/README.md

@@ -0,0 +1,147 @@
+# @sfranalytics/mcp
+
+MCP server for [SFR Analytics](https://www.sfranalytics.com) — single-family rental property data, buyer intelligence, and private lending insights for AI assistants.
+
+## Quick Start
+
+### Claude Code
+
+```bash
+claude mcp add sfra -- npx -y @sfranalytics/mcp \
+  --env SFR_API_TOKEN=your-sfr-key \
+  --env PLR_API_TOKEN=your-plr-key
+```
+
+### Claude Desktop
+
+Add to your `claude_desktop_config.json`:
+
+```json
+{
+  "mcpServers": {
+    "sfra": {
+      "command": "npx",
+      "args": ["-y", "@sfranalytics/mcp"],
+      "env": {
+        "SFR_API_TOKEN": "your-sfr-key",
+        "PLR_API_TOKEN": "your-plr-key"
+      }
+    }
+  }
+}
+```
+
+### Hosted HTTP Transport
+
+Run the MCP server over HTTP:
+
+```bash
+npm run dev:http
+```
+
+Connect from Claude Code:
+
+```bash
+claude mcp add sfra-http --transport http http://localhost:3000/mcp \
+  --header "SFR-Api-Token: your-sfr-key" \
+  --header "PLR-Api-Token: your-plr-key"
+```
+
+Production endpoint example:
+
+```bash
+claude mcp add sfra-http --transport http https://mcp.sfranalytics.com/mcp \
+  --header "SFR-Api-Token: your-sfr-key" \
+  --header "PLR-Api-Token: your-plr-key"
+```
+
+Notes:
+
+- Provide at least one token header (`SFR-Api-Token` or `PLR-Api-Token`).
+- `MCP_ALLOWED_ORIGINS` controls allowed `Origin` headers.
+- `MCP_ALLOWED_HOSTS` controls allowed `Host` headers (recommended for public deployments).
+- `MCP_STRICT_TOKEN_VALIDATION=true` optionally validates token(s) on each MCP request via upstream auth probes.
+- In strict mode, explicit auth failures return `401`; temporary probe outages return `503`.
+- Raw HTTP clients should send `Accept: application/json, text/event-stream`.
+- HTTP mode currently excludes Snowflake tools.
+
+## API Keys
+
+You can configure one or both API keys. Tools are enabled based on which keys you provide.
+
+| Key | Enables | Tools |
+|-----|---------|-------|
+| `SFR_API_TOKEN` | Property data, buyer intelligence, market analytics | 21 tools |
+| `PLR_API_TOKEN` | Private lending, borrower/lender intelligence | 15 tools |
+
+Get your API keys at [sfranalytics.com](https://www.sfranalytics.com).
+
+## Tool Categories
+
+### SFR API (21 tools)
+
+| Category | Tools | Description |
+|----------|-------|-------------|
+| Property Research | 6 | Search transactions, property details, history, MLS listings, comparables, distress/foreclosure |
+| Rental Analysis | 3 | Market-level rental stats, nearby rental comps, rent growth trends |
+| Zip/Market Screening | 3 | Rank zips by yield/rent/value, zip deep-dives, institutional ownership |
+| Buyer Intelligence | 5 | Top buyers, investor profiles, growth trends, best deals, market highlights |
+| Market Activity | 4 | Investor transactions, flip stats, flip activity, activity snapshots |
+
+### PLR API (15 tools)
+
+| Category | Tools | Description |
+|----------|-------|-------------|
+| Borrower Intelligence | 6 | Search, profiles, rankings, top borrowers, loan history, contacts |
+| Lender Intelligence | 4 | Rankings, top lenders, lender clients, churned borrowers |
+| Market & Portfolio | 5 | Nationwide trends, MSA rankings, nearby loans, transaction feed, portfolio totals |
+
+### Shared
+
+| Tool | Description |
+|------|-------------|
+| `sfra_health` | Connectivity check for configured APIs |
+
+## Configuration
+
+| Variable | Required | Default | Description |
+|----------|----------|---------|-------------|
+| `SFR_API_TOKEN` | One or both | — | SFR Analytics API token |
+| `PLR_API_TOKEN` | One or both | — | Private Lender Radar API token |
+| `SFR_BASE_URL` | No | `https://api.sfranalytics.com` | SFR API base URL |
+| `PLR_BASE_URL` | No | `https://radar-api.sfranalytics.com` | PLR API base URL |
+| `HTTP_TIMEOUT_MS` | No | `20000` | HTTP request timeout (ms) |
+| `PORT` | No | `3000` | HTTP server port (`dev:http` / `start:http`) |
+| `MCP_BIND_HOST` | No | `127.0.0.1` | HTTP bind host |
+| `MCP_ALLOWED_ORIGINS` | No | — | Comma-separated allowed `Origin` values for `/mcp` |
+| `MCP_ALLOWED_HOSTS` | No | — | Comma-separated allowed `Host` values for DNS rebinding protection |
+| `MCP_STRICT_TOKEN_VALIDATION` | No | `false` | If `true`, validate provided HTTP token(s) on each request using upstream auth probes |
+| `MCP_SFR_TOKEN_PROBE_ADDRESS` | No | `123 Main St, Phoenix, AZ 85004` | Address used for SFR strict-token auth probe |
+
+At least one API token must be provided.
+
+## Example Prompts
+
+The server includes built-in prompts for common workflows:
+
+- **market-screen** — Find top zip codes by investment criteria
+- **buyer-research** — Research a property investor's portfolio and strategy
+- **property-analysis** — Evaluate a property for SFR investment
+- **lending-overview** — Private lending market overview
+- **borrower-outreach** — Build a targeted borrower outreach list
+
+Prompts are scoped to your configured APIs.
+
+## Requirements
+
+- Node.js >= 18.0.0
+- An MCP-compatible client (Claude Code, Claude Desktop, etc.)
+
+## Support
+
+- Email: support@sfranalytics.com
+- Website: [sfranalytics.com](https://www.sfranalytics.com)
+
+## License
+
+Proprietary. See [LICENSE](./LICENSE) and [Terms of Service](https://www.sfranalytics.com/terms).

package/dist/config.d.ts

@@ -0,0 +1,28 @@
+export type ServiceConfig = {
+    baseUrl: string;
+    apiToken: string;
+    apiTokenHeader: string;
+};
+export type SnowflakeConfig = {
+    account: string;
+    username: string;
+    password: string;
+    database: string;
+    schema: string;
+    warehouse: string;
+};
+export type AppConfig = {
+    sfr: ServiceConfig | null;
+    plr: ServiceConfig | null;
+    snowflake: SnowflakeConfig | null;
+    http: {
+        timeoutMs: number;
+    };
+};
+export type HeaderConfigInput = {
+    sfrToken?: string;
+    plrToken?: string;
+    timeoutMs?: number;
+};
+export declare function loadConfig(): AppConfig;
+export declare function configFromHeaders(input: HeaderConfigInput): AppConfig;

package/dist/config.js

@@ -0,0 +1,101 @@
+import fs from "node:fs";
+import path from "node:path";
+import os from "node:os";
+function env(name) {
+    const v = process.env[name];
+    return v && v.trim() ? v.trim() : undefined;
+}
+/** Optional local secrets file for dev convenience. Keep it out of git. */
+function loadLocalSecrets() {
+    const filename = env("MCP_LOCAL_SECRETS") ??
+        path.join(os.homedir(), ".sfra-mcp.secrets.json");
+    try {
+        if (!fs.existsSync(filename))
+            return {};
+        const raw = fs.readFileSync(filename, "utf8");
+        const json = JSON.parse(raw);
+        return typeof json === "object" && json ? json : {};
+    }
+    catch {
+        return {};
+    }
+}
+export function loadConfig() {
+    const secrets = loadLocalSecrets();
+    const get = (name) => env(name) ?? secrets[name];
+    const sfrToken = get("SFR_API_TOKEN");
+    const plrToken = get("PLR_API_TOKEN");
+    const sfAccount = get("SNOWFLAKE_ACCOUNT");
+    const sfUser = get("SNOWFLAKE_USERNAME");
+    const sfPass = get("SNOWFLAKE_PASSWORD");
+    if (!sfrToken && !plrToken && !sfAccount) {
+        throw new Error([
+            "No API tokens configured. Set at least one:",
+            "",
+            "  SFR_API_TOKEN      — property data, buyer intelligence, market analytics (21 tools)",
+            "  PLR_API_TOKEN      — private lending, borrower/lender intelligence (15 tools)",
+            "  SNOWFLAKE_ACCOUNT  — Redfin market data, census, rental yield, investor activity (10 tools)",
+            "",
+            "Get your API keys at https://www.sfranalytics.com",
+            "Questions? support@sfranalytics.com",
+        ].join("\n"));
+    }
+    const snowflake = sfAccount && sfUser && sfPass
+        ? {
+            account: sfAccount,
+            username: sfUser,
+            password: sfPass,
+            database: get("SNOWFLAKE_DATABASE") ?? "ANALYTICS",
+            schema: get("SNOWFLAKE_SCHEMA") ?? "PUBLIC",
+            warehouse: get("SNOWFLAKE_WAREHOUSE") ?? "COMPUTE_WH",
+        }
+        : null;
+    return {
+        sfr: sfrToken
+            ? {
+                baseUrl: (get("SFR_BASE_URL") ?? "https://api.sfranalytics.com").replace(/\/$/, ""),
+                apiToken: sfrToken,
+                apiTokenHeader: get("SFR_API_TOKEN_HEADER") ?? "X-API-TOKEN",
+            }
+            : null,
+        plr: plrToken
+            ? {
+                baseUrl: (get("PLR_BASE_URL") ?? "https://radar-api.sfranalytics.com").replace(/\/$/, ""),
+                apiToken: plrToken,
+                apiTokenHeader: get("PLR_API_TOKEN_HEADER") ?? "X-API-Key",
+            }
+            : null,
+        snowflake,
+        http: {
+            timeoutMs: Number(get("HTTP_TIMEOUT_MS") ?? 20000),
+        },
+    };
+}
+export function configFromHeaders(input) {
+    const get = (name) => env(name);
+    const timeoutFromEnv = Number(get("HTTP_TIMEOUT_MS") ?? 20000);
+    const timeoutMs = typeof input.timeoutMs === "number" && Number.isFinite(input.timeoutMs)
+        ? input.timeoutMs
+        : timeoutFromEnv;
+    return {
+        sfr: input.sfrToken
+            ? {
+                baseUrl: (get("SFR_BASE_URL") ?? "https://api.sfranalytics.com").replace(/\/$/, ""),
+                apiToken: input.sfrToken,
+                apiTokenHeader: get("SFR_API_TOKEN_HEADER") ?? "X-API-TOKEN",
+            }
+            : null,
+        plr: input.plrToken
+            ? {
+                baseUrl: (get("PLR_BASE_URL") ?? "https://radar-api.sfranalytics.com").replace(/\/$/, ""),
+                apiToken: input.plrToken,
+                apiTokenHeader: get("PLR_API_TOKEN_HEADER") ?? "X-API-Key",
+            }
+            : null,
+        snowflake: null,
+        http: {
+            timeoutMs,
+        },
+    };
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AA8BzB,SAAS,GAAG,CAAC,IAAY;IACvB,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAC5B,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AAC9C,CAAC;AAED,2EAA2E;AAC3E,SAAS,gBAAgB;IACvB,MAAM,QAAQ,GACZ,GAAG,CAAC,mBAAmB,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,wBAAwB,CAAC,CAAC;IACpD,IAAI,CAAC;QACH,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;YAAE,OAAO,EAAE,CAAC;QACxC,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC9C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7B,OAAO,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAE,IAA+B,CAAC,CAAC,CAAC,EAAE,CAAC;IAClF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,UAAU;IACxB,MAAM,OAAO,GAAG,gBAAgB,EAAE,CAAC;IACnC,MAAM,GAAG,GAAG,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAEzD,MAAM,QAAQ,GAAG,GAAG,CAAC,eAAe,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,eAAe,CAAC,CAAC;IAEtC,MAAM,SAAS,GAAG,GAAG,CAAC,mBAAmB,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,GAAG,CAAC,oBAAoB,CAAC,CAAC;IACzC,MAAM,MAAM,GAAG,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAEzC,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,IAAI,CAAC,SAAS,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CACb;YACE,6CAA6C;YAC7C,EAAE;YACF,uFAAuF;YACvF,iFAAiF;YACjF,+FAA+F;YAC/F,EAAE;YACF,mDAAmD;YACnD,qCAAqC;SACtC,CAAC,IAAI,CAAC,IAAI,CAAC,CACb,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GACb,SAAS,IAAI,MAAM,IAAI,MAAM;QAC3B,CAAC,CAAC;YACE,OAAO,EAAE,SAAS;YAClB,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,GAAG,CAAC,oBAAoB,CAAC,IAAI,WAAW;YAClD,MAAM,EAAE,GAAG,CAAC,kBAAkB,CAAC,IAAI,QAAQ;YAC3C,SAAS,EAAE,GAAG,CAAC,qBAAqB,CAAC,IAAI,YAAY;SACtD;QACH,CAAC,CAAC,IAAI,CAAC;IAEX,OAAO;QACL,GAAG,EAAE,QAAQ;YACX,CAAC,CAAC;gBACE,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,8BAA8B,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;gBACnF,QAAQ,EAAE,QAAQ;gBAClB,cAAc,EAAE,GAAG,CAAC,sBAAsB,CAAC,IAAI,aAAa;aAC7D;YACH,CAAC,CAAC,IAAI;QACR,GAAG,EAAE,QAAQ;YACX,CAAC,CAAC;gBACE,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,oCAAoC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;gBACzF,QAAQ,EAAE,QAAQ;gBAClB,cAAc,EAAE,GAAG,CAAC,sBAAsB,CAAC,IAAI,WAAW;aAC3D;YACH,CAAC,CAAC,IAAI;QACR,SAAS;QACT,IAAI,EAAE;YACJ,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,KAAK,CAAC;SACnD;KACF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,KAAwB;IACxD,MAAM,GAAG,GAAG,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACxC,MAAM,cAAc,GAAG,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,KAAK,CAAC,CAAC;IAC/D,MAAM,SAAS,GACb,OAAO,KAAK,CAAC,SAAS,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,SAAS,CAAC;QACrE,CAAC,CAAC,KAAK,CAAC,SAAS;QACjB,CAAC,CAAC,cAAc,CAAC;IAErB,OAAO;QACL,GAAG,EAAE,KAAK,CAAC,QAAQ;YACjB,CAAC,CAAC;gBACE,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,8BAA8B,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;gBACnF,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,cAAc,EAAE,GAAG,CAAC,sBAAsB,CAAC,IAAI,aAAa;aAC7D;YACH,CAAC,CAAC,IAAI;QACR,GAAG,EAAE,KAAK,CAAC,QAAQ;YACjB,CAAC,CAAC;gBACE,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,oCAAoC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;gBACzF,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,cAAc,EAAE,GAAG,CAAC,sBAAsB,CAAC,IAAI,WAAW;aAC3D;YACH,CAAC,CAAC,IAAI;QACR,SAAS,EAAE,IAAI;QACf,IAAI,EAAE;YACJ,SAAS;SACV;KACF,CAAC;AACJ,CAAC"}

package/dist/http.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/http.js

@@ -0,0 +1,252 @@
+#!/usr/bin/env node
+import cors from "cors";
+import { createMcpExpressApp } from "@modelcontextprotocol/sdk/server/express.js";
+import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
+import { configFromHeaders } from "./config.js";
+import { createServer } from "./server.js";
+import { ApiError, HttpClient } from "./services/httpClient.js";
+import { VERSION } from "./version.js";
+function env(name) {
+    const value = process.env[name];
+    return value && value.trim().length > 0 ? value.trim() : undefined;
+}
+function parseCsv(input) {
+    if (!input)
+        return [];
+    return input
+        .split(",")
+        .map((part) => part.trim())
+        .filter((part) => part.length > 0);
+}
+function parseBoolean(input) {
+    if (!input)
+        return false;
+    const normalized = input.trim().toLowerCase();
+    return normalized === "1" || normalized === "true" || normalized === "yes" || normalized === "on";
+}
+function headerValue(req, name) {
+    const value = req.get(name);
+    if (!value)
+        return undefined;
+    const trimmed = value.trim();
+    return trimmed.length > 0 ? trimmed : undefined;
+}
+function jsonRpcError(code, message, id = null) {
+    return {
+        jsonrpc: "2.0",
+        error: { code, message },
+        id,
+    };
+}
+function safeErrorMessage(error) {
+    if (error instanceof Error && error.message)
+        return error.message;
+    return "unknown error";
+}
+const host = env("MCP_BIND_HOST") ?? env("HOST") ?? "127.0.0.1";
+const parsedPort = Number.parseInt(env("PORT") ?? "3000", 10);
+const port = Number.isFinite(parsedPort) && parsedPort > 0 ? parsedPort : 3000;
+const allowedHosts = parseCsv(env("MCP_ALLOWED_HOSTS"));
+const allowedOrigins = parseCsv(env("MCP_ALLOWED_ORIGINS"));
+const allowAnyOrigin = allowedOrigins.includes("*");
+const allowedOriginSet = new Set(allowedOrigins.filter((origin) => origin !== "*"));
+const strictTokenValidation = parseBoolean(env("MCP_STRICT_TOKEN_VALIDATION"));
+const app = createMcpExpressApp({
+    host,
+    allowedHosts: allowedHosts.length > 0 ? allowedHosts : undefined,
+});
+function isOriginAllowed(origin) {
+    return allowAnyOrigin || allowedOriginSet.has(origin);
+}
+function validateOrigin(req, res, next) {
+    const origin = headerValue(req, "Origin");
+    if (!origin || isOriginAllowed(origin)) {
+        next();
+        return;
+    }
+    res.status(403).json(jsonRpcError(-32001, "Origin not allowed"));
+}
+const corsOptions = {
+    origin(origin, callback) {
+        if (!origin || isOriginAllowed(origin)) {
+            callback(null, true);
+            return;
+        }
+        callback(null, false);
+    },
+    methods: ["POST", "GET", "DELETE", "OPTIONS"],
+    allowedHeaders: [
+        "Content-Type",
+        "Accept",
+        "Mcp-Protocol-Version",
+        "Mcp-Session-Id",
+        "SFR-Api-Token",
+        "PLR-Api-Token",
+    ],
+    exposedHeaders: [
+        "Mcp-Session-Id",
+        "Mcp-Protocol-Version",
+        "mcp-session-id",
+        "mcp-protocol-version",
+    ],
+};
+// Security + protocol hygiene
+app.use("/mcp", validateOrigin);
+app.use(cors(corsOptions));
+app.use((_req, res, next) => {
+    res.setHeader("Cache-Control", "no-store");
+    next();
+});
+async function quickTokenCheck(config) {
+    const checks = [];
+    if (config.sfr) {
+        const sfrHttp = new HttpClient({
+            baseUrl: config.sfr.baseUrl,
+            defaultHeaders: { [config.sfr.apiTokenHeader]: config.sfr.apiToken },
+            timeoutMs: config.http.timeoutMs,
+        });
+        checks.push((async () => {
+            try {
+                const probeAddress = env("MCP_SFR_TOKEN_PROBE_ADDRESS") ?? "123 Main St, Phoenix, AZ 85004";
+                await sfrHttp.request("GET", "/properties/by-address", { query: { address: probeAddress } });
+                return "valid";
+            }
+            catch (error) {
+                if (error instanceof ApiError && (error.status === 401 || error.status === 403))
+                    return "invalid";
+                if (error instanceof ApiError && (error.status === 408 || error.status === 429 || error.status >= 500)) {
+                    return "unavailable";
+                }
+                if (error instanceof ApiError) {
+                    // Non-auth client errors (400, 404, 422) mean the server authenticated the request
+                    // but the probe query was invalid — token is valid, probe params are just wrong
+                    if (error.status !== 200) {
+                        console.error(`SFR token probe returned unexpected status ${error.status}`);
+                    }
+                    return "valid";
+                }
+                return "unavailable";
+            }
+        })());
+    }
+    if (config.plr) {
+        const plrHttp = new HttpClient({
+            baseUrl: config.plr.baseUrl,
+            defaultHeaders: { [config.plr.apiTokenHeader]: config.plr.apiToken },
+            timeoutMs: config.http.timeoutMs,
+        });
+        checks.push((async () => {
+            try {
+                await plrHttp.request("GET", "/api/v1/analytics/portfolio/portfolio_summary/", {
+                    query: { start_date: "2024-01-01", end_date: "2024-01-31" },
+                });
+                return "valid";
+            }
+            catch (error) {
+                if (error instanceof ApiError && (error.status === 401 || error.status === 403))
+                    return "invalid";
+                if (error instanceof ApiError && (error.status === 408 || error.status === 429 || error.status >= 500)) {
+                    return "unavailable";
+                }
+                if (error instanceof ApiError) {
+                    if (error.status !== 200) {
+                        console.error(`PLR token probe returned unexpected status ${error.status}`);
+                    }
+                    return "valid";
+                }
+                return "unavailable";
+            }
+        })());
+    }
+    if (checks.length === 0)
+        return "invalid";
+    const results = await Promise.all(checks);
+    if (results.includes("invalid"))
+        return "invalid";
+    if (results.includes("unavailable"))
+        return "unavailable";
+    return "valid";
+}
+app.post("/mcp", async (req, res) => {
+    const sfrToken = headerValue(req, "SFR-Api-Token");
+    const plrToken = headerValue(req, "PLR-Api-Token");
+    if (!sfrToken && !plrToken) {
+        res
+            .status(401)
+            .json(jsonRpcError(-32001, "Missing API token. Provide SFR-Api-Token and/or PLR-Api-Token."));
+        return;
+    }
+    const config = configFromHeaders({ sfrToken, plrToken });
+    if (strictTokenValidation) {
+        try {
+            const validationResult = await quickTokenCheck(config);
+            if (validationResult === "invalid") {
+                res.status(401).json(jsonRpcError(-32001, "Invalid API token."));
+                return;
+            }
+            if (validationResult === "unavailable") {
+                res.status(503).json(jsonRpcError(-32603, "Token validation unavailable. Try again later."));
+                return;
+            }
+        }
+        catch (error) {
+            console.error(`Token validation error: ${safeErrorMessage(error)}`);
+            res.status(503).json(jsonRpcError(-32603, "Token validation unavailable. Try again later."));
+            return;
+        }
+    }
+    const server = createServer(config);
+    const transport = new StreamableHTTPServerTransport({
+        sessionIdGenerator: undefined,
+        enableJsonResponse: true,
+    });
+    const cleanup = () => {
+        res.off("close", cleanup);
+        void transport.close().catch(() => { });
+        void server.close().catch(() => { });
+    };
+    res.on("close", cleanup);
+    try {
+        await server.connect(transport);
+        await transport.handleRequest(req, res, req.body);
+    }
+    catch (error) {
+        console.error(`Error handling MCP request: ${safeErrorMessage(error)}`);
+        if (!res.headersSent) {
+            res.status(500).json(jsonRpcError(-32603, "Internal server error"));
+        }
+        cleanup();
+    }
+});
+const methodNotAllowed = (_req, res) => {
+    res.status(405).json(jsonRpcError(-32000, "Method not allowed."));
+};
+app.get("/mcp", methodNotAllowed);
+app.delete("/mcp", methodNotAllowed);
+app.options("/mcp", cors(corsOptions));
+app.get("/health", (_req, res) => {
+    res.status(200).json({ ok: true, version: VERSION });
+});
+const httpServer = app.listen(port, host, () => {
+    if (allowedOriginSet.size === 0 && !allowAnyOrigin) {
+        console.error("MCP_ALLOWED_ORIGINS not set. Requests with an Origin header will be rejected.");
+    }
+    console.error(`@sfranalytics/mcp-http v${VERSION} listening on http://${host}:${port}/mcp`);
+});
+httpServer.on("error", (error) => {
+    console.error("Failed to start HTTP server:", error);
+    process.exit(1);
+});
+function shutdown(signal) {
+    console.error(`Received ${signal}; shutting down HTTP server...`);
+    httpServer.close((error) => {
+        if (error) {
+            console.error("Error during shutdown:", error);
+            process.exit(1);
+        }
+        process.exit(0);
+    });
+}
+process.on("SIGINT", () => shutdown("SIGINT"));
+process.on("SIGTERM", () => shutdown("SIGTERM"));
+//# sourceMappingURL=http.js.map

package/dist/http.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.js","sourceRoot":"","sources":["../src/http.ts"],"names":[],"mappings":";AACA,OAAO,IAA0B,MAAM,MAAM,CAAC;AAE9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,6CAA6C,CAAC;AAClF,OAAO,EAAE,6BAA6B,EAAE,MAAM,oDAAoD,CAAC;AACnG,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEvC,SAAS,GAAG,CAAC,IAAY;IACvB,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAChC,OAAO,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACrE,CAAC;AAED,SAAS,QAAQ,CAAC,KAAyB;IACzC,IAAI,CAAC,KAAK;QAAE,OAAO,EAAE,CAAC;IACtB,OAAO,KAAK;SACT,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;SAC1B,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,SAAS,YAAY,CAAC,KAAyB;IAC7C,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IACzB,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC9C,OAAO,UAAU,KAAK,GAAG,IAAI,UAAU,KAAK,MAAM,IAAI,UAAU,KAAK,KAAK,IAAI,UAAU,KAAK,IAAI,CAAC;AACpG,CAAC;AAED,SAAS,WAAW,CAAC,GAAY,EAAE,IAAY;IAC7C,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAC5B,IAAI,CAAC,KAAK;QAAE,OAAO,SAAS,CAAC;IAC7B,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC7B,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;AAClD,CAAC;AAED,SAAS,YAAY,CAAC,IAAY,EAAE,OAAe,EAAE,KAA6B,IAAI;IACpF,OAAO;QACL,OAAO,EAAE,KAAK;QACd,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE;QACxB,EAAE;KACH,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAc;IACtC,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO;QAAE,OAAO,KAAK,CAAC,OAAO,CAAC;IAClE,OAAO,eAAe,CAAC;AACzB,CAAC;AAID,MAAM,IAAI,GAAG,GAAG,CAAC,eAAe,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,WAAW,CAAC;AAChE,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,MAAM,EAAE,EAAE,CAAC,CAAC;AAC9D,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC;AAE/E,MAAM,YAAY,GAAG,QAAQ,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC;AACxD,MAAM,cAAc,GAAG,QAAQ,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC,CAAC;AAC5D,MAAM,cAAc,GAAG,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AACpD,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC;AACpF,MAAM,qBAAqB,GAAG,YAAY,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC,CAAC;AAE/E,MAAM,GAAG,GAAG,mBAAmB,CAAC;IAC9B,IAAI;IACJ,YAAY,EAAE,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS;CACjE,CAAC,CAAC;AAEH,SAAS,eAAe,CAAC,MAAc;IACrC,OAAO,cAAc,IAAI,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,cAAc,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;IACrE,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAC1C,IAAI,CAAC,MAAM,IAAI,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;QACvC,IAAI,EAAE,CAAC;QACP,OAAO;IACT,CAAC;IACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,oBAAoB,CAAC,CAAC,CAAC;AACnE,CAAC;AAED,MAAM,WAAW,GAAgB;IAC/B,MAAM,CAAC,MAAM,EAAE,QAAQ;QACrB,IAAI,CAAC,MAAM,IAAI,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;YACvC,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;QACD,QAAQ,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACxB,CAAC;IACD,OAAO,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,CAAC;IAC7C,cAAc,EAAE;QACd,cAAc;QACd,QAAQ;QACR,sBAAsB;QACtB,gBAAgB;QAChB,eAAe;QACf,eAAe;KAChB;IACD,cAAc,EAAE;QACd,gBAAgB;QAChB,sBAAsB;QACtB,gBAAgB;QAChB,sBAAsB;KACvB;CACF,CAAC;AAEF,8BAA8B;AAC9B,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;AAChC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;AAC3B,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAC1B,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;IAC3C,IAAI,EAAE,CAAC;AACT,CAAC,CAAC,CAAC;AAEH,KAAK,UAAU,eAAe,CAC5B,MAA4C;IAE5C,MAAM,MAAM,GAAqC,EAAE,CAAC;IAEpD,IAAI,MAAM,CAAC,GAAG,EAAE,CAAC;QACf,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC;YAC7B,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,OAAO;YAC3B,cAAc,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE;YACpE,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS;SACjC,CAAC,CAAC;QACH,MAAM,CAAC,IAAI,CACT,CAAC,KAAK,IAAI,EAAE;YACV,IAAI,CAAC;gBACH,MAAM,YAAY,GAAG,GAAG,CAAC,6BAA6B,CAAC,IAAI,gCAAgC,CAAC;gBAC5F,MAAM,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,wBAAwB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC;gBAC7F,OAAO,OAAO,CAAC;YACjB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,KAAK,YAAY,QAAQ,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,CAAC;oBAAE,OAAO,SAAS,CAAC;gBAClG,IAAI,KAAK,YAAY,QAAQ,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,IAAI,GAAG,CAAC,EAAE,CAAC;oBACvG,OAAO,aAAa,CAAC;gBACvB,CAAC;gBACD,IAAI,KAAK,YAAY,QAAQ,EAAE,CAAC;oBAC9B,mFAAmF;oBACnF,gFAAgF;oBAChF,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACzB,OAAO,CAAC,KAAK,CAAC,8CAA8C,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;oBAC9E,CAAC;oBACD,OAAO,OAAO,CAAC;gBACjB,CAAC;gBACD,OAAO,aAAa,CAAC;YACvB,CAAC;QACH,CAAC,CAAC,EAAE,CACL,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,CAAC,GAAG,EAAE,CAAC;QACf,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC;YAC7B,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,OAAO;YAC3B,cAAc,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE;YACpE,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS;SACjC,CAAC,CAAC;QACH,MAAM,CAAC,IAAI,CACT,CAAC,KAAK,IAAI,EAAE;YACV,IAAI,CAAC;gBACH,MAAM,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,gDAAgD,EAAE;oBAC7E,KAAK,EAAE,EAAE,UAAU,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE;iBAC5D,CAAC,CAAC;gBACH,OAAO,OAAO,CAAC;YACjB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,KAAK,YAAY,QAAQ,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,CAAC;oBAAE,OAAO,SAAS,CAAC;gBAClG,IAAI,KAAK,YAAY,QAAQ,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,IAAI,GAAG,CAAC,EAAE,CAAC;oBACvG,OAAO,aAAa,CAAC;gBACvB,CAAC;gBACD,IAAI,KAAK,YAAY,QAAQ,EAAE,CAAC;oBAC9B,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACzB,OAAO,CAAC,KAAK,CAAC,8CAA8C,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;oBAC9E,CAAC;oBACD,OAAO,OAAO,CAAC;gBACjB,CAAC;gBACD,OAAO,aAAa,CAAC;YACvB,CAAC;QACH,CAAC,CAAC,EAAE,CACL,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IAC1C,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC1C,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;QAAE,OAAO,SAAS,CAAC;IAClD,IAAI,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC;QAAE,OAAO,aAAa,CAAC;IAC1D,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;IAClC,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC;IACnD,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC;IAEnD,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC3B,GAAG;aACA,MAAM,CAAC,GAAG,CAAC;aACX,IAAI,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,gEAAgE,CAAC,CAAC,CAAC;QAChG,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,iBAAiB,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;IACzD,IAAI,qBAAqB,EAAE,CAAC;QAC1B,IAAI,CAAC;YACH,MAAM,gBAAgB,GAAG,MAAM,eAAe,CAAC,MAAM,CAAC,CAAC;YACvD,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;gBACnC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,oBAAoB,CAAC,CAAC,CAAC;gBACjE,OAAO;YACT,CAAC;YACD,IAAI,gBAAgB,KAAK,aAAa,EAAE,CAAC;gBACvC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,gDAAgD,CAAC,CAAC,CAAC;gBAC7F,OAAO;YACT,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,2BAA2B,gBAAgB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACpE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,gDAAgD,CAAC,CAAC,CAAC;YAC7F,OAAO;QACT,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACpC,MAAM,SAAS,GAAG,IAAI,6BAA6B,CAAC;QAClD,kBAAkB,EAAE,SAAS;QAC7B,kBAAkB,EAAE,IAAI;KACzB,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,GAAG,EAAE;QACnB,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC1B,KAAK,SAAS,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACvC,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACtC,CAAC,CAAC;IACF,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAEzB,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAChC,MAAM,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;IACpD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,+BAA+B,gBAAgB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACxE,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;YACrB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,uBAAuB,CAAC,CAAC,CAAC;QACtE,CAAC;QACD,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,MAAM,gBAAgB,GAAG,CAAC,IAAa,EAAE,GAAa,EAAE,EAAE;IACxD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,qBAAqB,CAAC,CAAC,CAAC;AACpE,CAAC,CAAC;AAEF,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;AAClC,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;AACrC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;AAEvC,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IAC/B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;AACvD,CAAC,CAAC,CAAC;AAEH,MAAM,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;IAC7C,IAAI,gBAAgB,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QACnD,OAAO,CAAC,KAAK,CAAC,+EAA+E,CAAC,CAAC;IACjG,CAAC;IACD,OAAO,CAAC,KAAK,CAAC,2BAA2B,OAAO,wBAAwB,IAAI,IAAI,IAAI,MAAM,CAAC,CAAC;AAC9F,CAAC,CAAC,CAAC;AAEH,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAY,EAAE,EAAE;IACtC,OAAO,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;IACrD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC;AAEH,SAAS,QAAQ,CAAC,MAAc;IAC9B,OAAO,CAAC,KAAK,CAAC,YAAY,MAAM,gCAAgC,CAAC,CAAC;IAClE,UAAU,CAAC,KAAK,CAAC,CAAC,KAAa,EAAE,EAAE;QACjC,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YAC/C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC;AAED,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;AAC/C,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/index.js

@@ -0,0 +1,41 @@
+#!/usr/bin/env node
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { loadConfig } from "./config.js";
+import { createServer } from "./server.js";
+import { VERSION } from "./version.js";
+import { disconnectSnowflake, isSnowflakeConfigured } from "./services/snowflake.js";
+async function main() {
+    const config = loadConfig();
+    const sfrCount = config.sfr ? 21 : 0;
+    const plrCount = config.plr ? 15 : 0;
+    const sfCount = config.snowflake ? 10 : 0;
+    const parts = [];
+    if (config.sfr)
+        parts.push(`SFR (${sfrCount} tools)`);
+    if (config.plr)
+        parts.push(`PLR (${plrCount} tools)`);
+    if (config.snowflake)
+        parts.push(`Snowflake (${sfCount} tools)`);
+    const server = createServer(config);
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+    // stdout is reserved for MCP messages — log to stderr only
+    console.error(`@sfranalytics/mcp v${VERSION} — ${parts.join(" + ")} + health`);
+}
+// Graceful shutdown
+async function cleanup() {
+    if (isSnowflakeConfigured()) {
+        try {
+            await disconnectSnowflake();
+        }
+        catch { /* ignore */ }
+    }
+    process.exit(0);
+}
+process.on("SIGINT", cleanup);
+process.on("SIGTERM", cleanup);
+main().catch((err) => {
+    console.error("Fatal:", err);
+    process.exit(1);
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAErF,KAAK,UAAU,IAAI;IACjB,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAE5B,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;IACrC,MAAM,OAAO,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1C,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,MAAM,CAAC,GAAG;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,QAAQ,SAAS,CAAC,CAAC;IACtD,IAAI,MAAM,CAAC,GAAG;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,QAAQ,SAAS,CAAC,CAAC;IACtD,IAAI,MAAM,CAAC,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,cAAc,OAAO,SAAS,CAAC,CAAC;IAEjE,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACpC,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,2DAA2D;IAC3D,OAAO,CAAC,KAAK,CAAC,sBAAsB,OAAO,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;AACjF,CAAC;AAED,oBAAoB;AACpB,KAAK,UAAU,OAAO;IACpB,IAAI,qBAAqB,EAAE,EAAE,CAAC;QAC5B,IAAI,CAAC;YAAC,MAAM,mBAAmB,EAAE,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;IAC7D,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AACD,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;AAC9B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;AAE/B,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/server.d.ts

@@ -0,0 +1,3 @@
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import type { AppConfig } from "./config.js";
+export declare function createServer(config: AppConfig): McpServer;