@signdocs-brasil/mcp-server 0.1.0 → 0.2.0

package/README.md

@@ -105,6 +105,63 @@ The server exposes grounding resources the model can read on demand:
 - `signdocs://policy-profiles` — valid `policyProfile` values and CUSTOM steps
 - `signdocs://webhook-events` — all subscribable event types
 
+## Remote HTTP transport (multi-tenant)
+
+The same tools are also served over **Streamable HTTP** so a single deployment
+can serve many AI agents/tenants — each authenticates per session with its own
+SignDocs credentials (no shared secret baked into the server).
+
+```bash
+npm run start:http        # or: signdocs-mcp-http   (listens on PORT, default 3000)
+# or containerized:
+docker build -t signdocs-mcp . && docker run -p 3000:3000 signdocs-mcp
+```
+
+**Endpoint:** `POST /mcp` (Streamable HTTP). Auth is required on the MCP
+`initialize` request, via the `Authorization` header:
+
+- `Authorization: Bearer <token>` — a SignDocs OAuth2 access token (from
+  `/oauth2/token`), passed straight through to the API.
+- `Authorization: Basic base64(clientId:clientSecret)` — the server runs the
+  `client_credentials` exchange for you.
+
+Pick the environment per session with `X-SignDocs-Environment: hml|production`
+(defaults to the server's configured default).
+
+The server behaves as an **OAuth 2.0 Resource Server**: it serves
+`GET /.well-known/oauth-protected-resource` (RFC 9728, pointing at the SignDocs
+authorization server) and answers an unauthenticated `initialize` with `401` +
+`WWW-Authenticate`. The SignDocs API remains the authoritative token validator.
+`GET /healthz` is an unauthenticated health probe.
+
+Example client config (Bearer):
+
+```json
+{
+  "mcpServers": {
+    "signdocs-remote": {
+      "type": "http",
+      "url": "https://your-host.example/mcp",
+      "headers": {
+        "Authorization": "Bearer <signdocs_access_token>",
+        "X-SignDocs-Environment": "hml"
+      }
+    }
+  }
+}
+```
+
+**Server env vars:** `PORT`, `HOST`, `SIGNDOCS_ENVIRONMENT` (default env),
+`MCP_PUBLIC_URL` (for resource metadata behind a proxy), `MCP_CORS_ORIGIN`,
+`MCP_DNS_REBINDING_PROTECTION=true` + `MCP_ALLOWED_HOSTS` / `MCP_ALLOWED_ORIGINS`
+(recommended in production).
+
+> Sessions are held in process memory, so run a single instance or use sticky
+> routing. For multi-instance/serverless, front it with sticky sessions or swap
+> the session map for a shared store + EventStore (resumability). Deploying onto
+> the existing `external-api` Lambda + API Gateway as a NestedStack is the
+> intended production path.
+
 ## Development
 
 ```bash
@@ -116,6 +173,10 @@ npm run inspect    # build + launch MCP Inspector against the stdio server
 
 ## Roadmap
 
-- **v0.1 (this release):** local stdio server, full tool catalog, env credentials.
-- **Phase 2:** remote Streamable-HTTP transport with per-tenant OAuth (the tool
-  layer is already transport-agnostic — see `src/http/server.ts`).
+- **v0.1:** local stdio server, full tool catalog, env credentials.
+- **v0.2 (this release):** remote Streamable-HTTP transport with per-session,
+  per-tenant auth (Bearer passthrough or Basic client-credentials) and OAuth
+  Resource Server discovery. Tool layer is shared between both transports.
+- **Next:** deploy the HTTP transport onto `external-api` (Lambda + API Gateway
+  NestedStack); optional edge JWT validation + shared-store sessions for
+  horizontal scale.

package/dist/bin/http.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/bin/http.js

@@ -0,0 +1,35 @@
+#!/usr/bin/env node
+import { createHttpServer } from '../http/server.js';
+import { resolveEnvironment } from '../client.js';
+/**
+ * Remote HTTP entrypoint. Unlike the stdio server, credentials are NOT read
+ * from env — each request carries its own (Bearer token or Basic client
+ * credentials), so one deployment serves many tenants.
+ */
+function envDefault() {
+    try {
+        return resolveEnvironment(process.env.SIGNDOCS_ENVIRONMENT);
+    }
+    catch {
+        return 'hml';
+    }
+}
+const port = Number(process.env.PORT ?? 3000);
+const host = process.env.HOST ?? '0.0.0.0';
+const server = createHttpServer({
+    defaultEnvironment: envDefault(),
+    corsOrigin: process.env.MCP_CORS_ORIGIN,
+    publicUrl: process.env.MCP_PUBLIC_URL,
+    enableDnsRebindingProtection: process.env.MCP_DNS_REBINDING_PROTECTION === 'true',
+    allowedHosts: process.env.MCP_ALLOWED_HOSTS?.split(',').map((h) => h.trim()).filter(Boolean),
+    allowedOrigins: process.env.MCP_ALLOWED_ORIGINS?.split(',').map((o) => o.trim()).filter(Boolean),
+});
+server.listen(port, host, () => {
+    process.stderr.write(`[signdocs-mcp-http] listening on http://${host}:${port}/mcp (default env: ${envDefault()})\n`);
+});
+for (const sig of ['SIGINT', 'SIGTERM']) {
+    process.on(sig, () => {
+        server.close(() => process.exit(0));
+    });
+}
+//# sourceMappingURL=http.js.map

package/dist/bin/http.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.js","sourceRoot":"","sources":["../../src/bin/http.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAoB,MAAM,cAAc,CAAC;AAEpE;;;;GAIG;AACH,SAAS,UAAU;IACjB,IAAI,CAAC;QACH,OAAO,kBAAkB,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAC9D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC;AAC9C,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,SAAS,CAAC;AAE3C,MAAM,MAAM,GAAG,gBAAgB,CAAC;IAC9B,kBAAkB,EAAE,UAAU,EAAE;IAChC,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe;IACvC,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;IACrC,4BAA4B,EAAE,OAAO,CAAC,GAAG,CAAC,4BAA4B,KAAK,MAAM;IACjF,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;IAC5F,cAAc,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;CACjG,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;IAC7B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,2CAA2C,IAAI,IAAI,IAAI,sBAAsB,UAAU,EAAE,KAAK,CAAC,CAAC;AACvH,CAAC,CAAC,CAAC;AAEH,KAAK,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAU,EAAE,CAAC;IACjD,OAAO,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE;QACnB,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/bin/stdio.js

@@ -1,13 +1,14 @@
 #!/usr/bin/env node
 import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
 import { createServer } from '../server.js';
+import { getStdioContext } from '../client.js';
 /**
  * stdio entrypoint. AI clients (Claude Desktop/Code, Cursor, …) launch this
  * binary and speak MCP over stdin/stdout. NEVER write to stdout here — it is
  * the protocol channel; diagnostics go to stderr.
  */
 async function main() {
-    const server = createServer();
+    const server = createServer(getStdioContext());
     const transport = new StdioServerTransport();
     await server.connect(transport);
     process.stderr.write('[signdocs-mcp] server started on stdio\n');

package/dist/bin/stdio.js.map

@@ -1 +1 @@
-{"version":3,"file":"stdio.js","sourceRoot":"","sources":["../../src/bin/stdio.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAE5C;;;;GAIG;AACH,KAAK,UAAU,IAAI;IACjB,MAAM,MAAM,GAAG,YAAY,EAAE,CAAC;IAC9B,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;AACnE,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACjH,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
+{"version":3,"file":"stdio.js","sourceRoot":"","sources":["../../src/bin/stdio.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAE/C;;;;GAIG;AACH,KAAK,UAAU,IAAI;IACjB,MAAM,MAAM,GAAG,YAAY,CAAC,eAAe,EAAE,CAAC,CAAC;IAC/C,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;AACnE,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACjH,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/client.d.ts

@@ -1,4 +1,5 @@
 import { SignDocsBrasilClient } from '@signdocs-brasil/api';
+import type { TokenCache, CachedToken } from '@signdocs-brasil/api';
 /**
  * Thin wrapper that turns environment variables into a configured
  * {@link SignDocsBrasilClient}. The official SDK owns the OAuth2
@@ -33,3 +34,52 @@ export declare function resetClientCache(): void;
  * link — it must carry the one-time embed token (`clientSecret`) as `?cs=`.
  */
 export declare function buildSigningUrl(url: string, clientSecret: string): string;
+/**
+ * What every tool handler needs to talk to SignDocs. In the stdio server this
+ * is built once from env; in the remote HTTP server it is built per-request so
+ * each tenant is fully isolated (no shared client/token across requests).
+ */
+export interface ToolContext {
+    client: SignDocsBrasilClient;
+    environment: Environment;
+}
+/**
+ * A {@link TokenCache} pre-seeded with a caller-supplied access token. The SDK's
+ * AuthHandler checks the cache before exchanging credentials, so seeding it makes
+ * the SDK use the presented bearer directly and never call `/oauth2/token`.
+ * The SignDocs API remains the real validator — an invalid/expired token yields
+ * a 401 from the API, surfaced to the caller.
+ */
+export declare class StaticTokenCache implements TokenCache {
+    private readonly token;
+    constructor(accessToken: string, ttlMs?: number);
+    get(): CachedToken | null;
+    set(): void;
+    delete(): void;
+}
+export type BuildClientOptions = {
+    mode: 'credentials';
+    clientId: string;
+    clientSecret: string;
+    environment: Environment;
+    baseUrlOverride?: string;
+    scopes?: string[];
+} | {
+    mode: 'bearer';
+    bearer: string;
+    environment: Environment;
+    baseUrlOverride?: string;
+    scopes?: string[];
+};
+/**
+ * Build a fresh, request-scoped SDK client. `credentials` mode lets the SDK run
+ * the OAuth2 client_credentials exchange; `bearer` mode passes a pre-issued
+ * access token straight through via {@link StaticTokenCache}.
+ */
+export declare function buildClient(opts: BuildClientOptions): SignDocsBrasilClient;
+/**
+ * Build the tool context for the stdio server from environment variables.
+ * Credentials are resolved lazily (on first API call); the environment is read
+ * eagerly but does not require credentials.
+ */
+export declare function getStdioContext(env?: NodeJS.ProcessEnv): ToolContext;

package/dist/client.js

@@ -77,4 +77,75 @@ export function resetClientCache() {
 export function buildSigningUrl(url, clientSecret) {
     return `${url}?cs=${encodeURIComponent(clientSecret)}`;
 }
+/**
+ * A {@link TokenCache} pre-seeded with a caller-supplied access token. The SDK's
+ * AuthHandler checks the cache before exchanging credentials, so seeding it makes
+ * the SDK use the presented bearer directly and never call `/oauth2/token`.
+ * The SignDocs API remains the real validator — an invalid/expired token yields
+ * a 401 from the API, surfaced to the caller.
+ */
+export class StaticTokenCache {
+    token;
+    constructor(accessToken, ttlMs = 60 * 60 * 1000) {
+        this.token = { accessToken, expiresAt: Date.now() + ttlMs };
+    }
+    get() {
+        return this.token;
+    }
+    set() {
+        /* no-op: the token is fixed for this request */
+    }
+    delete() {
+        /* no-op */
+    }
+}
+/**
+ * Build a fresh, request-scoped SDK client. `credentials` mode lets the SDK run
+ * the OAuth2 client_credentials exchange; `bearer` mode passes a pre-issued
+ * access token straight through via {@link StaticTokenCache}.
+ */
+export function buildClient(opts) {
+    const baseUrl = getBaseUrl(opts.environment, opts.baseUrlOverride);
+    const scopes = opts.scopes ?? DEFAULT_SCOPES;
+    if (opts.mode === 'bearer') {
+        return new SignDocsBrasilClient({
+            clientId: 'mcp-bearer-passthrough',
+            clientSecret: 'unused', // never used: the token cache short-circuits exchange
+            baseUrl,
+            scopes,
+            tokenCache: new StaticTokenCache(opts.bearer),
+        });
+    }
+    return new SignDocsBrasilClient({
+        clientId: opts.clientId,
+        clientSecret: opts.clientSecret,
+        baseUrl,
+        scopes,
+    });
+}
+/**
+ * A client proxy that defers construction until first use, so the stdio server
+ * can start and list tools/resources even with no credentials — a missing-cred
+ * error surfaces only when a tool actually calls the API.
+ */
+function lazyClient(factory) {
+    let instance;
+    return new Proxy({}, {
+        get(_target, prop, receiver) {
+            instance ??= factory();
+            return Reflect.get(instance, prop, receiver);
+        },
+    });
+}
+/**
+ * Build the tool context for the stdio server from environment variables.
+ * Credentials are resolved lazily (on first API call); the environment is read
+ * eagerly but does not require credentials.
+ */
+export function getStdioContext(env = process.env) {
+    return {
+        client: lazyClient(() => getClient(env)),
+        environment: resolveEnvironment(env.SIGNDOCS_ENVIRONMENT),
+    };
+}
 //# sourceMappingURL=client.js.map

package/dist/client.js.map

@@ -1 +1 @@
-{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAW5D,MAAM,SAAS,GAAgC;IAC7C,UAAU,EAAE,6BAA6B;IACzC,uDAAuD;IACvD,GAAG,EAAE,iCAAiC;CACvC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,mBAAmB;IACnB,oBAAoB;IACpB,aAAa;IACb,eAAe;IACf,gBAAgB;IAChB,oBAAoB;CACrB,CAAC;AAUF,MAAM,UAAU,kBAAkB,CAAC,GAAY;IAC7C,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC9C,IAAI,CAAC,KAAK,YAAY,IAAI,CAAC,KAAK,MAAM;QAAE,OAAO,YAAY,CAAC;IAC5D,IAAI,CAAC,KAAK,KAAK,IAAI,CAAC,KAAK,aAAa,IAAI,CAAC,KAAK,aAAa,IAAI,CAAC,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IAC/F,MAAM,IAAI,KAAK,CAAC,iCAAiC,GAAG,+BAA+B,CAAC,CAAC;AACvF,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,WAAwB,EAAE,QAAiB;IACpE,MAAM,OAAO,GAAG,QAAQ,EAAE,IAAI,EAAE,CAAC;IACjC,OAAO,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;AACpD,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,MAAyB,OAAO,CAAC,GAAG;IAC1D,MAAM,QAAQ,GAAG,GAAG,CAAC,kBAAkB,EAAE,IAAI,EAAE,CAAC;IAChD,MAAM,YAAY,GAAG,GAAG,CAAC,sBAAsB,EAAE,IAAI,EAAE,CAAC;IACxD,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CACb,kFAAkF;YAChF,4CAA4C,CAC/C,CAAC;IACJ,CAAC;IACD,MAAM,WAAW,GAAG,kBAAkB,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IACjE,MAAM,OAAO,GAAG,UAAU,CAAC,WAAW,EAAE,GAAG,CAAC,iBAAiB,CAAC,CAAC;IAC/D,MAAM,SAAS,GAAG,GAAG,CAAC,eAAe,EAAE,IAAI,EAAE,CAAC;IAC9C,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC;IACnE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;AAClE,CAAC;AAED,IAAI,MAAwC,CAAC;AAC7C,IAAI,SAAkC,CAAC;AAEvC,kFAAkF;AAClF,MAAM,UAAU,SAAS,CAAC,MAAyB,OAAO,CAAC,GAAG;IAC5D,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IACzB,SAAS,GAAG,GAAG,CAAC;IAChB,MAAM,GAAG,IAAI,oBAAoB,CAAC;QAChC,QAAQ,EAAE,GAAG,CAAC,QAAQ;QACtB,YAAY,EAAE,GAAG,CAAC,YAAY;QAC9B,OAAO,EAAE,GAAG,CAAC,OAAO;QACpB,MAAM,EAAE,GAAG,CAAC,MAAM;KACnB,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,kFAAkF;AAClF,MAAM,UAAU,cAAc,CAAC,MAAyB,OAAO,CAAC,GAAG;IACjE,IAAI,SAAS;QAAE,OAAO,SAAS,CAAC;IAChC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IACzB,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,4CAA4C;AAC5C,MAAM,UAAU,gBAAgB;IAC9B,MAAM,GAAG,SAAS,CAAC;IACnB,SAAS,GAAG,SAAS,CAAC;AACxB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,GAAW,EAAE,YAAoB;IAC/D,OAAO,GAAG,GAAG,OAAO,kBAAkB,CAAC,YAAY,CAAC,EAAE,CAAC;AACzD,CAAC"}
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAY5D,MAAM,SAAS,GAAgC;IAC7C,UAAU,EAAE,6BAA6B;IACzC,uDAAuD;IACvD,GAAG,EAAE,iCAAiC;CACvC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,mBAAmB;IACnB,oBAAoB;IACpB,aAAa;IACb,eAAe;IACf,gBAAgB;IAChB,oBAAoB;CACrB,CAAC;AAUF,MAAM,UAAU,kBAAkB,CAAC,GAAY;IAC7C,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC9C,IAAI,CAAC,KAAK,YAAY,IAAI,CAAC,KAAK,MAAM;QAAE,OAAO,YAAY,CAAC;IAC5D,IAAI,CAAC,KAAK,KAAK,IAAI,CAAC,KAAK,aAAa,IAAI,CAAC,KAAK,aAAa,IAAI,CAAC,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IAC/F,MAAM,IAAI,KAAK,CAAC,iCAAiC,GAAG,+BAA+B,CAAC,CAAC;AACvF,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,WAAwB,EAAE,QAAiB;IACpE,MAAM,OAAO,GAAG,QAAQ,EAAE,IAAI,EAAE,CAAC;IACjC,OAAO,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;AACpD,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,MAAyB,OAAO,CAAC,GAAG;IAC1D,MAAM,QAAQ,GAAG,GAAG,CAAC,kBAAkB,EAAE,IAAI,EAAE,CAAC;IAChD,MAAM,YAAY,GAAG,GAAG,CAAC,sBAAsB,EAAE,IAAI,EAAE,CAAC;IACxD,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CACb,kFAAkF;YAChF,4CAA4C,CAC/C,CAAC;IACJ,CAAC;IACD,MAAM,WAAW,GAAG,kBAAkB,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IACjE,MAAM,OAAO,GAAG,UAAU,CAAC,WAAW,EAAE,GAAG,CAAC,iBAAiB,CAAC,CAAC;IAC/D,MAAM,SAAS,GAAG,GAAG,CAAC,eAAe,EAAE,IAAI,EAAE,CAAC;IAC9C,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC;IACnE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;AAClE,CAAC;AAED,IAAI,MAAwC,CAAC;AAC7C,IAAI,SAAkC,CAAC;AAEvC,kFAAkF;AAClF,MAAM,UAAU,SAAS,CAAC,MAAyB,OAAO,CAAC,GAAG;IAC5D,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IACzB,SAAS,GAAG,GAAG,CAAC;IAChB,MAAM,GAAG,IAAI,oBAAoB,CAAC;QAChC,QAAQ,EAAE,GAAG,CAAC,QAAQ;QACtB,YAAY,EAAE,GAAG,CAAC,YAAY;QAC9B,OAAO,EAAE,GAAG,CAAC,OAAO;QACpB,MAAM,EAAE,GAAG,CAAC,MAAM;KACnB,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,kFAAkF;AAClF,MAAM,UAAU,cAAc,CAAC,MAAyB,OAAO,CAAC,GAAG;IACjE,IAAI,SAAS;QAAE,OAAO,SAAS,CAAC;IAChC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IACzB,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,4CAA4C;AAC5C,MAAM,UAAU,gBAAgB;IAC9B,MAAM,GAAG,SAAS,CAAC;IACnB,SAAS,GAAG,SAAS,CAAC;AACxB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,GAAW,EAAE,YAAoB;IAC/D,OAAO,GAAG,GAAG,OAAO,kBAAkB,CAAC,YAAY,CAAC,EAAE,CAAC;AACzD,CAAC;AAcD;;;;;;GAMG;AACH,MAAM,OAAO,gBAAgB;IACV,KAAK,CAAc;IACpC,YAAY,WAAmB,EAAE,KAAK,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI;QACrD,IAAI,CAAC,KAAK,GAAG,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,CAAC;IAC9D,CAAC;IACD,GAAG;QACD,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IACD,GAAG;QACD,gDAAgD;IAClD,CAAC;IACD,MAAM;QACJ,WAAW;IACb,CAAC;CACF;AAmBD;;;;GAIG;AACH,MAAM,UAAU,WAAW,CAAC,IAAwB;IAClD,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;IACnE,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,cAAc,CAAC;IAC7C,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC3B,OAAO,IAAI,oBAAoB,CAAC;YAC9B,QAAQ,EAAE,wBAAwB;YAClC,YAAY,EAAE,QAAQ,EAAE,sDAAsD;YAC9E,OAAO;YACP,MAAM;YACN,UAAU,EAAE,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC;SAC9C,CAAC,CAAC;IACL,CAAC;IACD,OAAO,IAAI,oBAAoB,CAAC;QAC9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,OAAO;QACP,MAAM;KACP,CAAC,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,SAAS,UAAU,CAAC,OAAmC;IACrD,IAAI,QAA0C,CAAC;IAC/C,OAAO,IAAI,KAAK,CAAC,EAA0B,EAAE;QAC3C,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ;YACzB,QAAQ,KAAK,OAAO,EAAE,CAAC;YACvB,OAAO,OAAO,CAAC,GAAG,CAAC,QAAkB,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;QACzD,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAAC,MAAyB,OAAO,CAAC,GAAG;IAClE,OAAO;QACL,MAAM,EAAE,UAAU,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACxC,WAAW,EAAE,kBAAkB,CAAC,GAAG,CAAC,oBAAoB,CAAC;KAC1D,CAAC;AACJ,CAAC"}

package/dist/http/server.d.ts

@@ -1,34 +1,34 @@
+import { type Server } from 'node:http';
+import { type Environment } from '../client.js';
 /**
- * Phase 2 — remote Streamable-HTTP transport (designed, not yet built).
+ * Phase 2 — remote Streamable-HTTP transport (stateful sessions).
  *
- * The tool/resource layer in ../server.ts is deliberately transport-agnostic,
- * so going remote is purely an entrypoint + auth concern:
+ * One deployment serves many tenants. A session is established on the MCP
+ * `initialize` request, which MUST carry credentials:
+ *   - `Authorization: Bearer <token>`  → a SignDocs OAuth2 access token, passed through.
+ *   - `Authorization: Basic <base64(clientId:clientSecret)>` → server runs client_credentials.
+ * Environment via `X-SignDocs-Environment: hml|production` (default = server default).
  *
- *   import { StreamableHTTPServerTransport } from
- *     '@modelcontextprotocol/sdk/server/streamableHttp.js';
- *   const server = createServer();
- *   const transport = new StreamableHTTPServerTransport({ ...});
- *   await server.connect(transport);
- *   // node:http handler → transport.handleRequest(req, res, body)
+ * The tenant's SDK client is bound to that session; follow-up requests are routed
+ * by the `Mcp-Session-Id` header. Acts as an OAuth Resource Server: advertises the
+ * SignDocs authorization server (RFC 9728) and challenges unauthenticated initialize
+ * requests with WWW-Authenticate. The SignDocs API is the real token validator.
  *
- * Open design decisions to settle before implementing (see plan):
- *
- *  1. AUTH / MULTI-TENANCY. Unlike stdio (one set of env credentials), a
- *     hosted server serves many tenants. The MCP server should act as an
- *     OAuth Resource Server: each connecting AI presents its own SignDocs
- *     bearer token (issued by the existing /oauth2/token AS). Validate it with
- *     the same ES256/KMS verifier external-api uses (auth-middleware.ts) and
- *     build a PER-REQUEST SDK client scoped to that tenant — do NOT reuse the
- *     process-wide getClient() singleton, which would cross tenant boundaries.
- *
- *  2. DEPLOYMENT. Reuse the external-api Lambda + API Gateway pattern via a new
- *     NestedStack (the Core stack is at the CFN 500-resource limit — follow the
- *     EnvelopeHandlersStack precedent), or a small container behind the same WAF.
- *
- *  3. SESSION MODE. Stateless (sessionIdGenerator: undefined) fits serverless;
- *     confirm against the MCP spec version current at build time, plus DCR /
- *     protected-resource metadata discovery needs.
- *
- * Intentionally not wired up yet so the v0.1 stdio package stays dependency-light.
+ * Sessions live in process memory, so a single instance (or sticky routing) is
+ * assumed. For multi-instance/serverless, front with sticky sessions or swap this
+ * map for a shared store + an EventStore for resumability.
  */
-export declare function createHttpServer(): never;
+export interface HttpServerOptions {
+    /** Environment when a request doesn't specify one. Default 'hml'. */
+    defaultEnvironment?: Environment;
+    /** CORS Access-Control-Allow-Origin. Default '*'. */
+    corsOrigin?: string;
+    /** Public base URL for resource metadata (e.g. https://mcp.signdocs.com.br). Derived from the request if unset. */
+    publicUrl?: string;
+    /** DNS-rebinding protection — enable in production and pair with allowedHosts/Origins. Default false. */
+    enableDnsRebindingProtection?: boolean;
+    allowedHosts?: string[];
+    allowedOrigins?: string[];
+}
+/** Build (but do not start) the remote HTTP MCP server. Call `.listen(port)`. */
+export declare function createHttpServer(options?: HttpServerOptions): Server;

package/dist/http/server.js

@@ -1,38 +1,215 @@
-/**
- * Phase 2 — remote Streamable-HTTP transport (designed, not yet built).
- *
- * The tool/resource layer in ../server.ts is deliberately transport-agnostic,
- * so going remote is purely an entrypoint + auth concern:
- *
- *   import { StreamableHTTPServerTransport } from
- *     '@modelcontextprotocol/sdk/server/streamableHttp.js';
- *   const server = createServer();
- *   const transport = new StreamableHTTPServerTransport({ ...});
- *   await server.connect(transport);
- *   // node:http handler → transport.handleRequest(req, res, body)
- *
- * Open design decisions to settle before implementing (see plan):
- *
- *  1. AUTH / MULTI-TENANCY. Unlike stdio (one set of env credentials), a
- *     hosted server serves many tenants. The MCP server should act as an
- *     OAuth Resource Server: each connecting AI presents its own SignDocs
- *     bearer token (issued by the existing /oauth2/token AS). Validate it with
- *     the same ES256/KMS verifier external-api uses (auth-middleware.ts) and
- *     build a PER-REQUEST SDK client scoped to that tenant — do NOT reuse the
- *     process-wide getClient() singleton, which would cross tenant boundaries.
- *
- *  2. DEPLOYMENT. Reuse the external-api Lambda + API Gateway pattern via a new
- *     NestedStack (the Core stack is at the CFN 500-resource limit — follow the
- *     EnvelopeHandlersStack precedent), or a small container behind the same WAF.
- *
- *  3. SESSION MODE. Stateless (sessionIdGenerator: undefined) fits serverless;
- *     confirm against the MCP spec version current at build time, plus DCR /
- *     protected-resource metadata discovery needs.
- *
- * Intentionally not wired up yet so the v0.1 stdio package stays dependency-light.
- */
-export function createHttpServer() {
-    throw new Error('Remote HTTP transport is not implemented in v0.1. Use the stdio entrypoint (bin/stdio.ts). ' +
-        'See src/http/server.ts for the Phase 2 design.');
+import { createServer as createNodeHttpServer, } from 'node:http';
+import { randomUUID } from 'node:crypto';
+import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
+import { isInitializeRequest } from '@modelcontextprotocol/sdk/types.js';
+import { createServer as createMcpServer } from '../server.js';
+import { buildClient, getBaseUrl, resolveEnvironment, DEFAULT_SCOPES, } from '../client.js';
+function applyCors(res, opts) {
+    res.setHeader('Access-Control-Allow-Origin', opts.corsOrigin);
+    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, DELETE, OPTIONS');
+    res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization, Mcp-Session-Id, Mcp-Protocol-Version, X-SignDocs-Environment');
+    res.setHeader('Access-Control-Expose-Headers', 'Mcp-Session-Id, WWW-Authenticate');
+}
+function sendJson(res, status, body, extra) {
+    res.writeHead(status, { 'Content-Type': 'application/json', ...extra });
+    res.end(JSON.stringify(body));
+}
+function publicBase(req, opts) {
+    if (opts.publicUrl)
+        return opts.publicUrl.replace(/\/$/, '');
+    const fwd = req.headers['x-forwarded-proto'];
+    const proto = (Array.isArray(fwd) ? fwd[0] : fwd)?.split(',')[0] ?? 'http';
+    const host = req.headers.host ?? 'localhost';
+    return `${proto}://${host}`;
+}
+function headerValue(req, name) {
+    const raw = req.headers[name];
+    return Array.isArray(raw) ? raw[0] : raw;
+}
+function extractAuth(req) {
+    const header = req.headers.authorization;
+    if (!header)
+        return null;
+    const space = header.indexOf(' ');
+    if (space < 0)
+        return null;
+    const scheme = header.slice(0, space).toLowerCase();
+    const value = header.slice(space + 1).trim();
+    if (!value)
+        return null;
+    if (scheme === 'bearer')
+        return { mode: 'bearer', bearer: value };
+    if (scheme === 'basic') {
+        const decoded = Buffer.from(value, 'base64').toString('utf8');
+        const sep = decoded.indexOf(':');
+        if (sep < 0)
+            return null;
+        return { mode: 'credentials', clientId: decoded.slice(0, sep), clientSecret: decoded.slice(sep + 1) };
+    }
+    return null;
+}
+function requestEnvironment(req, fallback) {
+    const value = headerValue(req, 'x-signdocs-environment');
+    if (value && value.trim()) {
+        try {
+            return resolveEnvironment(value);
+        }
+        catch {
+            /* ignore invalid header, use fallback */
+        }
+    }
+    return fallback;
+}
+function protectedResourceMetadata(req, opts) {
+    return {
+        resource: `${publicBase(req, opts)}/mcp`,
+        authorization_servers: [getBaseUrl(opts.defaultEnvironment)],
+        scopes_supported: DEFAULT_SCOPES,
+        bearer_methods_supported: ['header'],
+    };
+}
+function challenge(req, res, opts) {
+    res.setHeader('WWW-Authenticate', `Bearer resource_metadata="${publicBase(req, opts)}/.well-known/oauth-protected-resource"`);
+    sendJson(res, 401, {
+        error: 'unauthorized',
+        error_description: 'Provide a SignDocs OAuth2 access token (Authorization: Bearer <token>) or client ' +
+            'credentials (Authorization: Basic base64(clientId:clientSecret)) on the initialize request.',
+    });
+}
+function readBody(req) {
+    return new Promise((resolve, reject) => {
+        const chunks = [];
+        req.on('data', (c) => chunks.push(c));
+        req.on('end', () => {
+            const raw = Buffer.concat(chunks).toString('utf8');
+            if (!raw)
+                return resolve(undefined);
+            try {
+                resolve(JSON.parse(raw));
+            }
+            catch (err) {
+                reject(err);
+            }
+        });
+        req.on('error', reject);
+    });
+}
+async function startSession(req, res, opts, sessions, body) {
+    const auth = extractAuth(req);
+    if (!auth) {
+        challenge(req, res, opts);
+        return;
+    }
+    const environment = requestEnvironment(req, opts.defaultEnvironment);
+    const client = auth.mode === 'bearer'
+        ? buildClient({ mode: 'bearer', bearer: auth.bearer, environment })
+        : buildClient({ mode: 'credentials', clientId: auth.clientId, clientSecret: auth.clientSecret, environment });
+    const ctx = { client, environment };
+    const server = createMcpServer(ctx);
+    const transport = new StreamableHTTPServerTransport({
+        sessionIdGenerator: () => randomUUID(),
+        enableJsonResponse: true,
+        enableDnsRebindingProtection: opts.enableDnsRebindingProtection ?? false,
+        ...(opts.allowedHosts ? { allowedHosts: opts.allowedHosts } : {}),
+        ...(opts.allowedOrigins ? { allowedOrigins: opts.allowedOrigins } : {}),
+        onsessioninitialized: (sid) => {
+            sessions.set(sid, { transport, server });
+        },
+        onsessionclosed: (sid) => {
+            sessions.delete(sid);
+        },
+    });
+    transport.onclose = () => {
+        if (transport.sessionId)
+            sessions.delete(transport.sessionId);
+    };
+    await server.connect(transport);
+    await transport.handleRequest(req, res, body);
+}
+async function handlePost(req, res, opts, sessions) {
+    let body;
+    try {
+        body = await readBody(req);
+    }
+    catch {
+        sendJson(res, 400, { error: 'invalid_json', error_description: 'Request body is not valid JSON.' });
+        return;
+    }
+    const sessionId = headerValue(req, 'mcp-session-id');
+    const existing = sessionId ? sessions.get(sessionId) : undefined;
+    if (existing) {
+        await existing.transport.handleRequest(req, res, body);
+        return;
+    }
+    if (isInitializeRequest(body)) {
+        await startSession(req, res, opts, sessions, body);
+        return;
+    }
+    sendJson(res, 400, {
+        error: 'invalid_session',
+        error_description: 'Missing or unknown Mcp-Session-Id. Send an initialize request first.',
+    });
+}
+async function handle(req, res, opts, sessions) {
+    applyCors(res, opts);
+    const method = req.method ?? 'GET';
+    if (method === 'OPTIONS') {
+        res.writeHead(204);
+        res.end();
+        return;
+    }
+    const path = new URL(req.url ?? '/', 'http://localhost').pathname;
+    if (method === 'GET' && path === '/healthz') {
+        sendJson(res, 200, { status: 'ok', transport: 'streamable-http', sessions: sessions.size });
+        return;
+    }
+    if (method === 'GET' && path === '/.well-known/oauth-protected-resource') {
+        sendJson(res, 200, protectedResourceMetadata(req, opts));
+        return;
+    }
+    if (path !== '/mcp') {
+        sendJson(res, 404, { error: 'not_found' });
+        return;
+    }
+    if (method === 'POST') {
+        await handlePost(req, res, opts, sessions);
+        return;
+    }
+    // GET (SSE stream) and DELETE (session teardown) require an established session.
+    if (method === 'GET' || method === 'DELETE') {
+        const sessionId = headerValue(req, 'mcp-session-id');
+        const session = sessionId ? sessions.get(sessionId) : undefined;
+        if (!session) {
+            sendJson(res, 400, { error: 'invalid_session', error_description: 'Unknown or missing Mcp-Session-Id.' });
+            return;
+        }
+        await session.transport.handleRequest(req, res);
+        return;
+    }
+    sendJson(res, 405, { error: 'method_not_allowed' }, { Allow: 'GET, POST, DELETE, OPTIONS' });
+}
+/** Build (but do not start) the remote HTTP MCP server. Call `.listen(port)`. */
+export function createHttpServer(options = {}) {
+    const opts = {
+        ...options,
+        defaultEnvironment: options.defaultEnvironment ?? 'hml',
+        corsOrigin: options.corsOrigin ?? '*',
+    };
+    const sessions = new Map();
+    return createNodeHttpServer((req, res) => {
+        handle(req, res, opts, sessions).catch((err) => {
+            try {
+                if (!res.headersSent) {
+                    sendJson(res, 500, { error: 'internal_error', message: err instanceof Error ? err.message : String(err) });
+                }
+                else {
+                    res.end();
+                }
+            }
+            catch {
+                /* response already torn down */
+            }
+        });
+    });
 }
 //# sourceMappingURL=server.js.map

package/dist/http/server.js.map

@@ -1 +1 @@
-{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/http/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,MAAM,UAAU,gBAAgB;IAC9B,MAAM,IAAI,KAAK,CACb,6FAA6F;QAC3F,gDAAgD,CACnD,CAAC;AACJ,CAAC"}
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/http/server.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,IAAI,oBAAoB,GAIrC,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,6BAA6B,EAAE,MAAM,oDAAoD,CAAC;AACnG,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAEzE,OAAO,EAAE,YAAY,IAAI,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/D,OAAO,EACL,WAAW,EACX,UAAU,EACV,kBAAkB,EAClB,cAAc,GAGf,MAAM,cAAc,CAAC;AAgDtB,SAAS,SAAS,CAAC,GAAmB,EAAE,IAAqB;IAC3D,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IAC9D,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,4BAA4B,CAAC,CAAC;IAC5E,GAAG,CAAC,SAAS,CACX,8BAA8B,EAC9B,2FAA2F,CAC5F,CAAC;IACF,GAAG,CAAC,SAAS,CAAC,+BAA+B,EAAE,kCAAkC,CAAC,CAAC;AACrF,CAAC;AAED,SAAS,QAAQ,CAAC,GAAmB,EAAE,MAAc,EAAE,IAAa,EAAE,KAA8B;IAClG,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,GAAG,KAAK,EAAE,CAAC,CAAC;IACxE,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,UAAU,CAAC,GAAoB,EAAE,IAAqB;IAC7D,IAAI,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAC7C,MAAM,KAAK,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;IAC3E,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,WAAW,CAAC;IAC7C,OAAO,GAAG,KAAK,MAAM,IAAI,EAAE,CAAC;AAC9B,CAAC;AAED,SAAS,WAAW,CAAC,GAAoB,EAAE,IAAY;IACrD,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC9B,OAAO,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;AAC3C,CAAC;AAED,SAAS,WAAW,CAAC,GAAoB;IACvC,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;IACzC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,KAAK,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC3B,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;IACpD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC7C,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACxB,IAAI,MAAM,KAAK,QAAQ;QAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAClE,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC9D,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,GAAG,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QACzB,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,YAAY,EAAE,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC;IACxG,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAoB,EAAE,QAAqB;IACrE,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,EAAE,wBAAwB,CAAC,CAAC;IACzD,IAAI,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;QAC1B,IAAI,CAAC;YACH,OAAO,kBAAkB,CAAC,KAAK,CAAC,CAAC;QACnC,CAAC;QAAC,MAAM,CAAC;YACP,yCAAyC;QAC3C,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,yBAAyB,CAAC,GAAoB,EAAE,IAAqB;IAC5E,OAAO;QACL,QAAQ,EAAE,GAAG,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM;QACxC,qBAAqB,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAC5D,gBAAgB,EAAE,cAAc;QAChC,wBAAwB,EAAE,CAAC,QAAQ,CAAC;KACrC,CAAC;AACJ,CAAC;AAED,SAAS,SAAS,CAAC,GAAoB,EAAE,GAAmB,EAAE,IAAqB;IACjF,GAAG,CAAC,SAAS,CACX,kBAAkB,EAClB,6BAA6B,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,wCAAwC,CAC3F,CAAC;IACF,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;QACjB,KAAK,EAAE,cAAc;QACrB,iBAAiB,EACf,mFAAmF;YACnF,6FAA6F;KAChG,CAAC,CAAC;AACL,CAAC;AAED,SAAS,QAAQ,CAAC,GAAoB;IACpC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAa,EAAE,CAAC;QAC5B,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9C,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;YACjB,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACnD,IAAI,CAAC,GAAG;gBAAE,OAAO,OAAO,CAAC,SAAS,CAAC,CAAC;YACpC,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,GAAoB,EACpB,GAAmB,EACnB,IAAqB,EACrB,QAA8B,EAC9B,IAAa;IAEb,MAAM,IAAI,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;QAC1B,OAAO;IACT,CAAC;IACD,MAAM,WAAW,GAAG,kBAAkB,CAAC,GAAG,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACrE,MAAM,MAAM,GACV,IAAI,CAAC,IAAI,KAAK,QAAQ;QACpB,CAAC,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,WAAW,EAAE,CAAC;QACnE,CAAC,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,WAAW,EAAE,CAAC,CAAC;IAElH,MAAM,GAAG,GAAgB,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IACjD,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IACpC,MAAM,SAAS,GAAG,IAAI,6BAA6B,CAAC;QAClD,kBAAkB,EAAE,GAAG,EAAE,CAAC,UAAU,EAAE;QACtC,kBAAkB,EAAE,IAAI;QACxB,4BAA4B,EAAE,IAAI,CAAC,4BAA4B,IAAI,KAAK;QACxE,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjE,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,oBAAoB,EAAE,CAAC,GAAG,EAAE,EAAE;YAC5B,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;QAC3C,CAAC;QACD,eAAe,EAAE,CAAC,GAAG,EAAE,EAAE;YACvB,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,CAAC;KACF,CAAC,CAAC;IACH,SAAS,CAAC,OAAO,GAAG,GAAG,EAAE;QACvB,IAAI,SAAS,CAAC,SAAS;YAAE,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IAChE,CAAC,CAAC;IAEF,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,MAAM,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;AAChD,CAAC;AAED,KAAK,UAAU,UAAU,CACvB,GAAoB,EACpB,GAAmB,EACnB,IAAqB,EACrB,QAA8B;IAE9B,IAAI,IAAa,CAAC;IAClB,IAAI,CAAC;QACH,IAAI,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE,iBAAiB,EAAE,iCAAiC,EAAE,CAAC,CAAC;QACpG,OAAO;IACT,CAAC;IAED,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;IACrD,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACjE,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,QAAQ,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;QACvD,OAAO;IACT,CAAC;IAED,IAAI,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9B,MAAM,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QACnD,OAAO;IACT,CAAC;IAED,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;QACjB,KAAK,EAAE,iBAAiB;QACxB,iBAAiB,EAAE,sEAAsE;KAC1F,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,MAAM,CACnB,GAAoB,EACpB,GAAmB,EACnB,IAAqB,EACrB,QAA8B;IAE9B,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACrB,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,KAAK,CAAC;IAEnC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACnB,GAAG,CAAC,GAAG,EAAE,CAAC;QACV,OAAO;IACT,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC;IAElE,IAAI,MAAM,KAAK,KAAK,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;QAC5C,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;QAC5F,OAAO;IACT,CAAC;IACD,IAAI,MAAM,KAAK,KAAK,IAAI,IAAI,KAAK,uCAAuC,EAAE,CAAC;QACzE,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,yBAAyB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QACzD,OAAO;IACT,CAAC;IAED,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;QACpB,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;QAC3C,OAAO;IACT,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,MAAM,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;QAC3C,OAAO;IACT,CAAC;IAED,iFAAiF;IACjF,IAAI,MAAM,KAAK,KAAK,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC5C,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;QACrD,MAAM,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAChE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,oCAAoC,EAAE,CAAC,CAAC;YAC1G,OAAO;QACT,CAAC;QACD,MAAM,OAAO,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAChD,OAAO;IACT,CAAC;IAED,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,EAAE,KAAK,EAAE,4BAA4B,EAAE,CAAC,CAAC;AAC/F,CAAC;AAED,iFAAiF;AACjF,MAAM,UAAU,gBAAgB,CAAC,UAA6B,EAAE;IAC9D,MAAM,IAAI,GAAoB;QAC5B,GAAG,OAAO;QACV,kBAAkB,EAAE,OAAO,CAAC,kBAAkB,IAAI,KAAK;QACvD,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,GAAG;KACtC,CAAC;IACF,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAmB,CAAC;IAC5C,OAAO,oBAAoB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACvC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YAC7C,IAAI,CAAC;gBACH,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;oBACrB,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,gBAAgB,EAAE,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBAC7G,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,GAAG,EAAE,CAAC;gBACZ,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/server.d.ts

@@ -1,9 +1,11 @@
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import type { ToolContext } from './client.js';
 export declare const SERVER_NAME = "signdocs-brasil";
-export declare const SERVER_VERSION = "0.1.0";
+export declare const SERVER_VERSION = "0.2.0";
 /**
- * Build a fully-wired MCP server. Transport-agnostic: the same instance is
- * mounted on stdio (bin/stdio.ts) today and on Streamable HTTP later
- * (http/server.ts).
+ * Build a fully-wired MCP server bound to a request/session-scoped
+ * {@link ToolContext}. Transport-agnostic: stdio (bin/stdio.ts) builds one
+ * context from env; the HTTP transport (http/server.ts) builds one per request
+ * so tenants stay isolated.
  */
-export declare function createServer(): McpServer;
+export declare function createServer(ctx: ToolContext): McpServer;

package/dist/server.js

@@ -8,7 +8,7 @@ import { registerVerifyTools } from './tools/verify.js';
 import { registerWebhookTools } from './tools/webhooks.js';
 import { registerResources } from './resources.js';
 export const SERVER_NAME = 'signdocs-brasil';
-export const SERVER_VERSION = '0.1.0';
+export const SERVER_VERSION = '0.2.0';
 const INSTRUCTIONS = `SignDocs Brasil electronic-signature API.
 
 Use signing sessions for single-signer flows and envelopes for multi-signer
@@ -19,19 +19,20 @@ Tools whose names start with create_, add_, cancel_, delete_, or verify_document
 take real, quota-consuming, and often legally-binding actions — confirm with the
 human before invoking them. All other tools are read-only or non-binding.`;
 /**
- * Build a fully-wired MCP server. Transport-agnostic: the same instance is
- * mounted on stdio (bin/stdio.ts) today and on Streamable HTTP later
- * (http/server.ts).
+ * Build a fully-wired MCP server bound to a request/session-scoped
+ * {@link ToolContext}. Transport-agnostic: stdio (bin/stdio.ts) builds one
+ * context from env; the HTTP transport (http/server.ts) builds one per request
+ * so tenants stay isolated.
  */
-export function createServer() {
+export function createServer(ctx) {
     const server = new McpServer({ name: SERVER_NAME, version: SERVER_VERSION }, { instructions: INSTRUCTIONS });
-    registerSigningSessionTools(server);
-    registerEnvelopeTools(server);
-    registerDocumentTools(server);
-    registerTransactionTools(server);
-    registerEvidenceTools(server);
-    registerVerifyTools(server);
-    registerWebhookTools(server);
+    registerSigningSessionTools(server, ctx);
+    registerEnvelopeTools(server, ctx);
+    registerDocumentTools(server, ctx);
+    registerTransactionTools(server, ctx);
+    registerEvidenceTools(server, ctx);
+    registerVerifyTools(server, ctx);
+    registerWebhookTools(server, ctx);
     registerResources(server);
     return server;
 }

package/dist/server.js.map

@@ -1 +1 @@
-{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,2BAA2B,EAAE,MAAM,4BAA4B,CAAC;AACzE,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,wBAAwB,EAAE,MAAM,yBAAyB,CAAC;AACnE,OAAO,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAC5D,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AAEnD,MAAM,CAAC,MAAM,WAAW,GAAG,iBAAiB,CAAC;AAC7C,MAAM,CAAC,MAAM,cAAc,GAAG,OAAO,CAAC;AAEtC,MAAM,YAAY,GAAG;;;;;;;;0EAQqD,CAAC;AAE3E;;;;GAIG;AACH,MAAM,UAAU,YAAY;IAC1B,MAAM,MAAM,GAAG,IAAI,SAAS,CAC1B,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,cAAc,EAAE,EAC9C,EAAE,YAAY,EAAE,YAAY,EAAE,CAC/B,CAAC;IAEF,2BAA2B,CAAC,MAAM,CAAC,CAAC;IACpC,qBAAqB,CAAC,MAAM,CAAC,CAAC;IAC9B,qBAAqB,CAAC,MAAM,CAAC,CAAC;IAC9B,wBAAwB,CAAC,MAAM,CAAC,CAAC;IACjC,qBAAqB,CAAC,MAAM,CAAC,CAAC;IAC9B,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC5B,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAC7B,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAE1B,OAAO,MAAM,CAAC;AAChB,CAAC"}
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAEpE,OAAO,EAAE,2BAA2B,EAAE,MAAM,4BAA4B,CAAC;AACzE,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,wBAAwB,EAAE,MAAM,yBAAyB,CAAC;AACnE,OAAO,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAC5D,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AAEnD,MAAM,CAAC,MAAM,WAAW,GAAG,iBAAiB,CAAC;AAC7C,MAAM,CAAC,MAAM,cAAc,GAAG,OAAO,CAAC;AAEtC,MAAM,YAAY,GAAG;;;;;;;;0EAQqD,CAAC;AAE3E;;;;;GAKG;AACH,MAAM,UAAU,YAAY,CAAC,GAAgB;IAC3C,MAAM,MAAM,GAAG,IAAI,SAAS,CAC1B,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,cAAc,EAAE,EAC9C,EAAE,YAAY,EAAE,YAAY,EAAE,CAC/B,CAAC;IAEF,2BAA2B,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACzC,qBAAqB,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACnC,qBAAqB,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACnC,wBAAwB,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACtC,qBAAqB,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACnC,mBAAmB,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACjC,oBAAoB,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAClC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAE1B,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/tools/documents.d.ts

@@ -1,2 +1,3 @@
 import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-export declare function registerDocumentTools(server: McpServer): void;
+import type { ToolContext } from '../client.js';
+export declare function registerDocumentTools(server: McpServer, ctx: ToolContext): void;

package/dist/tools/documents.js

@@ -1,14 +1,13 @@
-import { getClient } from '../client.js';
 import { READ_ONLY, WRITE_SAFE } from '../annotations.js';
 import { run } from './helpers.js';
 import { uploadDocumentShape, transactionIdShape } from '../schemas.js';
-export function registerDocumentTools(server) {
+export function registerDocumentTools(server, ctx) {
     server.registerTool('upload_document', {
         title: 'Upload document',
         description: 'Upload a base64-encoded PDF to an existing transaction (≤10MB inline; use presign for larger).',
         inputSchema: uploadDocumentShape,
         annotations: WRITE_SAFE,
-    }, async (args) => run(() => getClient().documents.upload(args.transactionId, {
+    }, async (args) => run(() => ctx.client.documents.upload(args.transactionId, {
         content: args.documentBase64,
         ...(args.filename ? { filename: args.filename } : {}),
     })));
@@ -17,6 +16,6 @@ export function registerDocumentTools(server) {
         description: 'Get presigned download URLs for a transaction’s document and signed artifacts.',
         inputSchema: transactionIdShape,
         annotations: READ_ONLY,
-    }, async (args) => run(() => getClient().documents.download(args.transactionId)));
+    }, async (args) => run(() => ctx.client.documents.download(args.transactionId)));
 }
 //# sourceMappingURL=documents.js.map

package/dist/tools/documents.js.map

@@ -1 +1 @@
-{"version":3,"file":"documents.js","sourceRoot":"","sources":["../../src/tools/documents.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAExE,MAAM,UAAU,qBAAqB,CAAC,MAAiB;IACrD,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,iBAAiB;QACxB,WAAW,EAAE,gGAAgG;QAC7G,WAAW,EAAE,mBAAmB;QAChC,WAAW,EAAE,UAAU;KACxB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,GAAG,EAAE,CACP,SAAS,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE;QAC/C,OAAO,EAAE,IAAI,CAAC,cAAc;QAC5B,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACtD,CAAC,CACH,CACJ,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,mBAAmB,EACnB;QACE,KAAK,EAAE,mBAAmB;QAC1B,WAAW,EAAE,gFAAgF;QAC7F,WAAW,EAAE,kBAAkB;QAC/B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAC9E,CAAC;AACJ,CAAC"}
+{"version":3,"file":"documents.js","sourceRoot":"","sources":["../../src/tools/documents.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAExE,MAAM,UAAU,qBAAqB,CAAC,MAAiB,EAAE,GAAgB;IACvE,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,iBAAiB;QACxB,WAAW,EAAE,gGAAgG;QAC7G,WAAW,EAAE,mBAAmB;QAChC,WAAW,EAAE,UAAU;KACxB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,GAAG,EAAE,CACP,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE;QAC9C,OAAO,EAAE,IAAI,CAAC,cAAc;QAC5B,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACtD,CAAC,CACH,CACJ,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,mBAAmB,EACnB;QACE,KAAK,EAAE,mBAAmB;QAC1B,WAAW,EAAE,gFAAgF;QAC7F,WAAW,EAAE,kBAAkB;QAC/B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAC7E,CAAC;AACJ,CAAC"}

package/dist/tools/envelopes.d.ts

@@ -1,2 +1,3 @@
 import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-export declare function registerEnvelopeTools(server: McpServer): void;
+import type { ToolContext } from '../client.js';
+export declare function registerEnvelopeTools(server: McpServer, ctx: ToolContext): void;

package/dist/tools/envelopes.js

@@ -1,8 +1,8 @@
-import { getClient, buildSigningUrl } from '../client.js';
+import { buildSigningUrl } from '../client.js';
 import { CONFIRM_WARNING, DESTRUCTIVE, READ_ONLY } from '../annotations.js';
 import { run, idempotencyKey } from './helpers.js';
 import { createEnvelopeShape, envelopeIdShape, addEnvelopeSessionShape } from '../schemas.js';
-export function registerEnvelopeTools(server) {
+export function registerEnvelopeTools(server, ctx) {
     server.registerTool('create_envelope', {
         title: 'Create envelope',
         description: CONFIRM_WARNING +
@@ -22,14 +22,14 @@ export function registerEnvelopeTools(server) {
             ...(args.expiresInMinutes ? { expiresInMinutes: args.expiresInMinutes } : {}),
             ...(args.owner ? { owner: args.owner } : {}),
         };
-        return getClient().envelopes.create(req, idempotencyKey(args.idempotencyKey));
+        return ctx.client.envelopes.create(req, idempotencyKey(args.idempotencyKey));
     }));
     server.registerTool('get_envelope', {
         title: 'Get envelope',
         description: 'Get envelope details including per-signer session summaries and completion counts.',
         inputSchema: envelopeIdShape,
         annotations: READ_ONLY,
-    }, async (args) => run(() => getClient().envelopes.get(args.envelopeId)));
+    }, async (args) => run(() => ctx.client.envelopes.get(args.envelopeId)));
     server.registerTool('add_session_to_envelope', {
         title: 'Add signer to envelope',
         description: CONFIRM_WARNING +
@@ -46,7 +46,7 @@ export function registerEnvelopeTools(server) {
             ...(args.cancelUrl ? { cancelUrl: args.cancelUrl } : {}),
             ...(args.metadata ? { metadata: args.metadata } : {}),
         };
-        const session = await getClient().envelopes.addSession(args.envelopeId, req);
+        const session = await ctx.client.envelopes.addSession(args.envelopeId, req);
         return { ...session, signingUrl: buildSigningUrl(session.url, session.clientSecret) };
     }));
     server.registerTool('get_envelope_combined_stamp', {
@@ -54,6 +54,6 @@ export function registerEnvelopeTools(server) {
         description: 'Generate the combined stamped PDF (all signers) for a COMPLETED envelope and return a download URL.',
         inputSchema: envelopeIdShape,
         annotations: READ_ONLY,
-    }, async (args) => run(() => getClient().envelopes.combinedStamp(args.envelopeId)));
+    }, async (args) => run(() => ctx.client.envelopes.combinedStamp(args.envelopeId)));
 }
 //# sourceMappingURL=envelopes.js.map

package/dist/tools/envelopes.js.map

@@ -1 +1 @@
-{"version":3,"file":"envelopes.js","sourceRoot":"","sources":["../../src/tools/envelopes.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC5E,OAAO,EAAE,GAAG,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AAE9F,MAAM,UAAU,qBAAqB,CAAC,MAAiB;IACrD,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,iBAAiB;QACxB,WAAW,EACT,eAAe;YACf,sFAAsF;YACtF,0CAA0C;QAC5C,WAAW,EAAE,mBAAmB;QAChC,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,GAAG,EAAE;QACP,MAAM,GAAG,GAA0B;YACjC,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,QAAQ,EAAE,EAAE,OAAO,EAAE,IAAI,CAAC,cAAc,EAAE,QAAQ,EAAE,IAAI,CAAC,gBAAgB,EAAE;YAC3E,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACrD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7E,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC7C,CAAC;QACF,OAAO,SAAS,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,cAAc,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC;IAChF,CAAC,CAAC,CACL,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,cAAc,EACd;QACE,KAAK,EAAE,cAAc;QACrB,WAAW,EAAE,oFAAoF;QACjG,WAAW,EAAE,eAAe;QAC5B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CACtE,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,yBAAyB,EACzB;QACE,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EACT,eAAe;YACf,sGAAsG;QACxG,WAAW,EAAE,uBAAuB;QACpC,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,KAAK,IAAI,EAAE;QACb,MAAM,GAAG,GAA8B;YACrC,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,MAAM,EAAE,EAAE,OAAO,EAAE,IAAI,CAAC,aAAa,EAAE;YACvC,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAClD,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtD,CAAC;QACF,MAAM,OAAO,GAAG,MAAM,SAAS,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;QAC7E,OAAO,EAAE,GAAG,OAAO,EAAE,UAAU,EAAE,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;IACxF,CAAC,CAAC,CACL,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,6BAA6B,EAC7B;QACE,KAAK,EAAE,6BAA6B;QACpC,WAAW,EACT,qGAAqG;QACvG,WAAW,EAAE,eAAe;QAC5B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,SAAS,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAChF,CAAC;AACJ,CAAC"}
+{"version":3,"file":"envelopes.js","sourceRoot":"","sources":["../../src/tools/envelopes.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC5E,OAAO,EAAE,GAAG,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AAE9F,MAAM,UAAU,qBAAqB,CAAC,MAAiB,EAAE,GAAgB;IACvE,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,iBAAiB;QACxB,WAAW,EACT,eAAe;YACf,sFAAsF;YACtF,0CAA0C;QAC5C,WAAW,EAAE,mBAAmB;QAChC,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,GAAG,EAAE;QACP,MAAM,GAAG,GAA0B;YACjC,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,QAAQ,EAAE,EAAE,OAAO,EAAE,IAAI,CAAC,cAAc,EAAE,QAAQ,EAAE,IAAI,CAAC,gBAAgB,EAAE;YAC3E,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACrD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7E,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC7C,CAAC;QACF,OAAO,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,cAAc,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC;IAC/E,CAAC,CAAC,CACL,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,cAAc,EACd;QACE,KAAK,EAAE,cAAc;QACrB,WAAW,EAAE,oFAAoF;QACjG,WAAW,EAAE,eAAe;QAC5B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CACrE,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,yBAAyB,EACzB;QACE,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EACT,eAAe;YACf,sGAAsG;QACxG,WAAW,EAAE,uBAAuB;QACpC,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,KAAK,IAAI,EAAE;QACb,MAAM,GAAG,GAA8B;YACrC,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,MAAM,EAAE,EAAE,OAAO,EAAE,IAAI,CAAC,aAAa,EAAE;YACvC,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAClD,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtD,CAAC;QACF,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;QAC5E,OAAO,EAAE,GAAG,OAAO,EAAE,UAAU,EAAE,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;IACxF,CAAC,CAAC,CACL,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,6BAA6B,EAC7B;QACE,KAAK,EAAE,6BAA6B;QACpC,WAAW,EACT,qGAAqG;QACvG,WAAW,EAAE,eAAe;QAC5B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAC/E,CAAC;AACJ,CAAC"}

package/dist/tools/evidence.d.ts

@@ -1,2 +1,3 @@
 import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-export declare function registerEvidenceTools(server: McpServer): void;
+import type { ToolContext } from '../client.js';
+export declare function registerEvidenceTools(server: McpServer, ctx: ToolContext): void;

package/dist/tools/evidence.js

@@ -1,13 +1,12 @@
-import { getClient } from '../client.js';
 import { READ_ONLY } from '../annotations.js';
 import { run } from './helpers.js';
 import { transactionIdShape } from '../schemas.js';
-export function registerEvidenceTools(server) {
+export function registerEvidenceTools(server, ctx) {
     server.registerTool('get_evidence', {
         title: 'Get evidence',
         description: 'Retrieve the cryptographic evidence (hashes, step proofs, evidenceId) for a completed transaction.',
         inputSchema: transactionIdShape,
         annotations: READ_ONLY,
-    }, async (args) => run(() => getClient().evidence.get(args.transactionId)));
+    }, async (args) => run(() => ctx.client.evidence.get(args.transactionId)));
 }
 //# sourceMappingURL=evidence.js.map

package/dist/tools/evidence.js.map

@@ -1 +1 @@
-{"version":3,"file":"evidence.js","sourceRoot":"","sources":["../../src/tools/evidence.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,UAAU,qBAAqB,CAAC,MAAiB;IACrD,MAAM,CAAC,YAAY,CACjB,cAAc,EACd;QACE,KAAK,EAAE,cAAc;QACrB,WAAW,EACT,oGAAoG;QACtG,WAAW,EAAE,kBAAkB;QAC/B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CACxE,CAAC;AACJ,CAAC"}
+{"version":3,"file":"evidence.js","sourceRoot":"","sources":["../../src/tools/evidence.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,UAAU,qBAAqB,CAAC,MAAiB,EAAE,GAAgB;IACvE,MAAM,CAAC,YAAY,CACjB,cAAc,EACd;QACE,KAAK,EAAE,cAAc;QACrB,WAAW,EACT,oGAAoG;QACtG,WAAW,EAAE,kBAAkB;QAC/B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CACvE,CAAC;AACJ,CAAC"}

package/dist/tools/signingSessions.d.ts

@@ -1,2 +1,3 @@
 import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-export declare function registerSigningSessionTools(server: McpServer): void;
+import type { ToolContext } from '../client.js';
+export declare function registerSigningSessionTools(server: McpServer, ctx: ToolContext): void;

package/dist/tools/signingSessions.js

@@ -1,8 +1,8 @@
-import { getClient, buildSigningUrl } from '../client.js';
+import { buildSigningUrl } from '../client.js';
 import { CONFIRM_WARNING, DESTRUCTIVE, READ_ONLY, WRITE_SAFE } from '../annotations.js';
 import { run, idempotencyKey } from './helpers.js';
 import { createSigningSessionShape, sessionIdShape, listSigningSessionsShape, resendOtpShape, } from '../schemas.js';
-export function registerSigningSessionTools(server) {
+export function registerSigningSessionTools(server, ctx) {
     server.registerTool('create_signing_session', {
         title: 'Create signing session',
         description: CONFIRM_WARNING +
@@ -29,7 +29,7 @@ export function registerSigningSessionTools(server) {
             ...(args.expiresInMinutes ? { expiresInMinutes: args.expiresInMinutes } : {}),
             ...(args.owner ? { owner: args.owner } : {}),
         };
-        const session = await getClient().signingSessions.create(req, idempotencyKey(args.idempotencyKey));
+        const session = await ctx.client.signingSessions.create(req, idempotencyKey(args.idempotencyKey));
         return { ...session, signingUrl: buildSigningUrl(session.url, session.clientSecret) };
     }));
     server.registerTool('get_signing_session_status', {
@@ -37,19 +37,19 @@ export function registerSigningSessionTools(server) {
         description: 'Poll the current status of a signing session (ACTIVE/COMPLETED/CANCELLED/EXPIRED/FAILED).',
         inputSchema: sessionIdShape,
         annotations: READ_ONLY,
-    }, async (args) => run(() => getClient().signingSessions.getStatus(args.sessionId)));
+    }, async (args) => run(() => ctx.client.signingSessions.getStatus(args.sessionId)));
     server.registerTool('get_signing_session', {
         title: 'Get signing session details',
         description: 'Get full bootstrap data for a signing session (signer, steps, document, appearance).',
         inputSchema: sessionIdShape,
         annotations: READ_ONLY,
-    }, async (args) => run(() => getClient().signingSessions.get(args.sessionId)));
+    }, async (args) => run(() => ctx.client.signingSessions.get(args.sessionId)));
     server.registerTool('list_signing_sessions', {
         title: 'List signing sessions',
         description: 'List signing sessions filtered by status, with cursor pagination.',
         inputSchema: listSigningSessionsShape,
         annotations: READ_ONLY,
-    }, async (args) => run(() => getClient().signingSessions.list({
+    }, async (args) => run(() => ctx.client.signingSessions.list({
         status: args.status,
         ...(args.limit !== undefined ? { limit: args.limit } : {}),
         ...(args.cursor ? { cursor: args.cursor } : {}),
@@ -59,12 +59,12 @@ export function registerSigningSessionTools(server) {
         description: CONFIRM_WARNING + 'Cancel an active signing session. This cannot be undone.',
         inputSchema: sessionIdShape,
         annotations: DESTRUCTIVE,
-    }, async (args) => run(() => getClient().signingSessions.cancel(args.sessionId)));
+    }, async (args) => run(() => ctx.client.signingSessions.cancel(args.sessionId)));
     server.registerTool('resend_signing_session_otp', {
         title: 'Resend signing session OTP',
         description: 'Resend the OTP challenge for a signing session, optionally over a specific channel (email/sms).',
         inputSchema: resendOtpShape,
         annotations: WRITE_SAFE,
-    }, async (args) => run(() => getClient().signingSessions.resendOtp(args.sessionId, args.channel ? { channel: args.channel } : undefined)));
+    }, async (args) => run(() => ctx.client.signingSessions.resendOtp(args.sessionId, args.channel ? { channel: args.channel } : undefined)));
 }
 //# sourceMappingURL=signingSessions.js.map

package/dist/tools/signingSessions.js.map

@@ -1 +1 @@
-{"version":3,"file":"signingSessions.js","sourceRoot":"","sources":["../../src/tools/signingSessions.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AACxF,OAAO,EAAE,GAAG,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,EACL,yBAAyB,EACzB,cAAc,EACd,wBAAwB,EACxB,cAAc,GACf,MAAM,eAAe,CAAC;AAEvB,MAAM,UAAU,2BAA2B,CAAC,MAAiB;IAC3D,MAAM,CAAC,YAAY,CACjB,wBAAwB,EACxB;QACE,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EACT,eAAe;YACf,6FAA6F;YAC7F,uFAAuF;QACzF,WAAW,EAAE,yBAAyB;QACtC,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,KAAK,IAAI,EAAE;QACb,MAAM,GAAG,GAAgC;YACvC,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,MAAM,EAAE;gBACN,OAAO,EAAE,IAAI,CAAC,aAAa;gBAC3B,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC/D;YACD,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,GAAG,CAAC,IAAI,CAAC,cAAc;gBACrB,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,OAAO,EAAE,IAAI,CAAC,cAAc,EAAE,QAAQ,EAAE,IAAI,CAAC,gBAAgB,EAAE,EAAE;gBACjF,CAAC,CAAC,EAAE,CAAC;YACP,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACrD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7E,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC7C,CAAC;QACF,MAAM,OAAO,GAAG,MAAM,SAAS,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,GAAG,EAAE,cAAc,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC;QACnG,OAAO,EAAE,GAAG,OAAO,EAAE,UAAU,EAAE,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;IACxF,CAAC,CAAC,CACL,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,4BAA4B,EAC5B;QACE,KAAK,EAAE,4BAA4B;QACnC,WAAW,EAAE,2FAA2F;QACxG,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CACjF,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,qBAAqB,EACrB;QACE,KAAK,EAAE,6BAA6B;QACpC,WAAW,EAAE,sFAAsF;QACnG,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAC3E,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,uBAAuB,EACvB;QACE,KAAK,EAAE,uBAAuB;QAC9B,WAAW,EAAE,mEAAmE;QAChF,WAAW,EAAE,wBAAwB;QACrC,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,GAAG,EAAE,CACP,SAAS,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QAC/B,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,GAAG,CAAC,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1D,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAChD,CAAC,CACH,CACJ,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,wBAAwB,EACxB;QACE,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EAAE,eAAe,GAAG,0DAA0D;QACzF,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAC9E,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,4BAA4B,EAC5B;QACE,KAAK,EAAE,4BAA4B;QACnC,WAAW,EAAE,iGAAiG;QAC9G,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,UAAU;KACxB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,GAAG,EAAE,CACP,SAAS,EAAE,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAC5G,CACJ,CAAC;AACJ,CAAC"}
+{"version":3,"file":"signingSessions.js","sourceRoot":"","sources":["../../src/tools/signingSessions.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AACxF,OAAO,EAAE,GAAG,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,EACL,yBAAyB,EACzB,cAAc,EACd,wBAAwB,EACxB,cAAc,GACf,MAAM,eAAe,CAAC;AAEvB,MAAM,UAAU,2BAA2B,CAAC,MAAiB,EAAE,GAAgB;IAC7E,MAAM,CAAC,YAAY,CACjB,wBAAwB,EACxB;QACE,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EACT,eAAe;YACf,6FAA6F;YAC7F,uFAAuF;QACzF,WAAW,EAAE,yBAAyB;QACtC,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,KAAK,IAAI,EAAE;QACb,MAAM,GAAG,GAAgC;YACvC,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,MAAM,EAAE;gBACN,OAAO,EAAE,IAAI,CAAC,aAAa;gBAC3B,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC/D;YACD,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,GAAG,CAAC,IAAI,CAAC,cAAc;gBACrB,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,OAAO,EAAE,IAAI,CAAC,cAAc,EAAE,QAAQ,EAAE,IAAI,CAAC,gBAAgB,EAAE,EAAE;gBACjF,CAAC,CAAC,EAAE,CAAC;YACP,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACrD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7E,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC7C,CAAC;QACF,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,GAAG,EAAE,cAAc,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC;QAClG,OAAO,EAAE,GAAG,OAAO,EAAE,UAAU,EAAE,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;IACxF,CAAC,CAAC,CACL,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,4BAA4B,EAC5B;QACE,KAAK,EAAE,4BAA4B;QACnC,WAAW,EAAE,2FAA2F;QACxG,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAChF,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,qBAAqB,EACrB;QACE,KAAK,EAAE,6BAA6B;QACpC,WAAW,EAAE,sFAAsF;QACnG,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAC1E,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,uBAAuB,EACvB;QACE,KAAK,EAAE,uBAAuB;QAC9B,WAAW,EAAE,mEAAmE;QAChF,WAAW,EAAE,wBAAwB;QACrC,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,GAAG,EAAE,CACP,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC;QAC9B,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,GAAG,CAAC,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1D,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAChD,CAAC,CACH,CACJ,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,wBAAwB,EACxB;QACE,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EAAE,eAAe,GAAG,0DAA0D;QACzF,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAC7E,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,4BAA4B,EAC5B;QACE,KAAK,EAAE,4BAA4B;QACnC,WAAW,EAAE,iGAAiG;QAC9G,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,UAAU;KACxB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,GAAG,EAAE,CACP,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAC3G,CACJ,CAAC;AACJ,CAAC"}

package/dist/tools/transactions.d.ts

@@ -1,2 +1,3 @@
 import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-export declare function registerTransactionTools(server: McpServer): void;
+import type { ToolContext } from '../client.js';
+export declare function registerTransactionTools(server: McpServer, ctx: ToolContext): void;

package/dist/tools/transactions.js

@@ -1,8 +1,7 @@
-import { getClient } from '../client.js';
 import { CONFIRM_WARNING, DESTRUCTIVE, READ_ONLY } from '../annotations.js';
 import { run } from './helpers.js';
 import { listTransactionsShape, transactionIdShape } from '../schemas.js';
-export function registerTransactionTools(server) {
+export function registerTransactionTools(server, ctx) {
     server.registerTool('list_transactions', {
         title: 'List / find transactions',
         description: 'Search transactions by status, signer external ID, document group, or date range (cursor pagination). ' +
@@ -19,19 +18,19 @@ export function registerTransactionTools(server) {
             ...(args.startDate ? { startDate: args.startDate } : {}),
             ...(args.endDate ? { endDate: args.endDate } : {}),
         };
-        return run(() => getClient().transactions.list(params));
+        return run(() => ctx.client.transactions.list(params));
     });
     server.registerTool('get_transaction', {
         title: 'Get transaction',
         description: 'Get full details of a single transaction, including its steps and results.',
         inputSchema: transactionIdShape,
         annotations: READ_ONLY,
-    }, async (args) => run(() => getClient().transactions.get(args.transactionId)));
+    }, async (args) => run(() => ctx.client.transactions.get(args.transactionId)));
     server.registerTool('cancel_transaction', {
         title: 'Cancel transaction',
         description: CONFIRM_WARNING + 'Cancel a low-level transaction. This cannot be undone.',
         inputSchema: transactionIdShape,
         annotations: DESTRUCTIVE,
-    }, async (args) => run(() => getClient().transactions.cancel(args.transactionId)));
+    }, async (args) => run(() => ctx.client.transactions.cancel(args.transactionId)));
 }
 //# sourceMappingURL=transactions.js.map

package/dist/tools/transactions.js.map

@@ -1 +1 @@
-{"version":3,"file":"transactions.js","sourceRoot":"","sources":["../../src/tools/transactions.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC5E,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAE1E,MAAM,UAAU,wBAAwB,CAAC,MAAiB;IACxD,MAAM,CAAC,YAAY,CACjB,mBAAmB,EACnB;QACE,KAAK,EAAE,0BAA0B;QACjC,WAAW,EACT,wGAAwG;YACxG,0DAA0D;QAC5D,WAAW,EAAE,qBAAqB;QAClC,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE;QACb,MAAM,MAAM,GAA0B;YACpC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAA2B,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACpE,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvE,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1E,GAAG,CAAC,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1D,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACnD,CAAC;QACF,OAAO,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IAC1D,CAAC,CACF,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,iBAAiB;QACxB,WAAW,EAAE,4EAA4E;QACzF,WAAW,EAAE,kBAAkB;QAC/B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAC5E,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,oBAAoB,EACpB;QACE,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EAAE,eAAe,GAAG,wDAAwD;QACvF,WAAW,EAAE,kBAAkB;QAC/B,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAC/E,CAAC;AACJ,CAAC"}
+{"version":3,"file":"transactions.js","sourceRoot":"","sources":["../../src/tools/transactions.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC5E,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAE1E,MAAM,UAAU,wBAAwB,CAAC,MAAiB,EAAE,GAAgB;IAC1E,MAAM,CAAC,YAAY,CACjB,mBAAmB,EACnB;QACE,KAAK,EAAE,0BAA0B;QACjC,WAAW,EACT,wGAAwG;YACxG,0DAA0D;QAC5D,WAAW,EAAE,qBAAqB;QAClC,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE;QACb,MAAM,MAAM,GAA0B;YACpC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAA2B,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACpE,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvE,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1E,GAAG,CAAC,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1D,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACnD,CAAC;QACF,OAAO,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IACzD,CAAC,CACF,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,iBAAiB;QACxB,WAAW,EAAE,4EAA4E;QACzF,WAAW,EAAE,kBAAkB;QAC/B,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAC3E,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,oBAAoB,EACpB;QACE,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EAAE,eAAe,GAAG,wDAAwD;QACvF,WAAW,EAAE,kBAAkB;QAC/B,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAC9E,CAAC;AACJ,CAAC"}

package/dist/tools/verify.d.ts

@@ -1,2 +1,3 @@
 import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-export declare function registerVerifyTools(server: McpServer): void;
+import type { ToolContext } from '../client.js';
+export declare function registerVerifyTools(server: McpServer, ctx: ToolContext): void;

package/dist/tools/verify.js

@@ -1,21 +1,20 @@
-import { getClient, getResolvedEnv } from '../client.js';
 import { CONFIRM_WARNING, DESTRUCTIVE, READ_ONLY } from '../annotations.js';
 import { run, errorContent } from './helpers.js';
 import { verifyEvidenceShape, verifyEnvelopeShape, verifyDocumentShape } from '../schemas.js';
-export function registerVerifyTools(server) {
+export function registerVerifyTools(server, ctx) {
     server.registerTool('verify_evidence', {
         title: 'Verify evidence (public)',
         description: 'Publicly verify a completed signature by its evidenceId. Returns status, document/evidence hashes, ' +
             'steps and signer display info. No authentication needed.',
         inputSchema: verifyEvidenceShape,
         annotations: READ_ONLY,
-    }, async (args) => run(() => getClient().verification.verify(args.evidenceId)));
+    }, async (args) => run(() => ctx.client.verification.verify(args.evidenceId)));
     server.registerTool('verify_envelope', {
         title: 'Verify envelope (public)',
         description: 'Publicly verify all signers of an envelope and get consolidated download URLs.',
         inputSchema: verifyEnvelopeShape,
         annotations: READ_ONLY,
-    }, async (args) => run(() => getClient().verification.verifyEnvelope(args.envelopeId)));
+    }, async (args) => run(() => ctx.client.verification.verifyEnvelope(args.envelopeId)));
     server.registerTool('verify_document', {
         title: 'Verify document signatures',
         description: CONFIRM_WARNING +
@@ -25,12 +24,11 @@ export function registerVerifyTools(server) {
         inputSchema: verifyDocumentShape,
         annotations: DESTRUCTIVE,
     }, async (args) => {
-        const env = getResolvedEnv();
-        if (env.environment !== 'production') {
+        if (ctx.environment !== 'production') {
             return errorContent(new Error('verify_document is PRODUCTION-only — the signature-detection backend is not provisioned in HML. ' +
                 'Set SIGNDOCS_ENVIRONMENT=production with a production credential to use it.'));
         }
-        return run(() => getClient().verification.verifyDocument({
+        return run(() => ctx.client.verification.verifyDocument({
             content: args.documentBase64,
             ...(args.filename ? { filename: args.filename } : {}),
         }));

package/dist/tools/verify.js.map

@@ -1 +1 @@
-{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/tools/verify.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC5E,OAAO,EAAE,GAAG,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AACjD,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAE9F,MAAM,UAAU,mBAAmB,CAAC,MAAiB;IACnD,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,0BAA0B;QACjC,WAAW,EACT,qGAAqG;YACrG,0DAA0D;QAC5D,WAAW,EAAE,mBAAmB;QAChC,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAC5E,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,0BAA0B;QACjC,WAAW,EAAE,gFAAgF;QAC7F,WAAW,EAAE,mBAAmB;QAChC,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,YAAY,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CACpF,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,4BAA4B;QACnC,WAAW,EACT,eAAe;YACf,sEAAsE;YACtE,kGAAkG;YAClG,uBAAuB;QACzB,WAAW,EAAE,mBAAmB;QAChC,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE;QACb,MAAM,GAAG,GAAG,cAAc,EAAE,CAAC;QAC7B,IAAI,GAAG,CAAC,WAAW,KAAK,YAAY,EAAE,CAAC;YACrC,OAAO,YAAY,CACjB,IAAI,KAAK,CACP,kGAAkG;gBAChG,6EAA6E,CAChF,CACF,CAAC;QACJ,CAAC;QACD,OAAO,GAAG,CAAC,GAAG,EAAE,CACd,SAAS,EAAE,CAAC,YAAY,CAAC,cAAc,CAAC;YACtC,OAAO,EAAE,IAAI,CAAC,cAAc;YAC5B,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtD,CAAC,CACH,CAAC;IACJ,CAAC,CACF,CAAC;AACJ,CAAC"}
+{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/tools/verify.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC5E,OAAO,EAAE,GAAG,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AACjD,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAE9F,MAAM,UAAU,mBAAmB,CAAC,MAAiB,EAAE,GAAgB;IACrE,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,0BAA0B;QACjC,WAAW,EACT,qGAAqG;YACrG,0DAA0D;QAC5D,WAAW,EAAE,mBAAmB;QAChC,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAC3E,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,0BAA0B;QACjC,WAAW,EAAE,gFAAgF;QAC7F,WAAW,EAAE,mBAAmB;QAChC,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CACnF,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,4BAA4B;QACnC,WAAW,EACT,eAAe;YACf,sEAAsE;YACtE,kGAAkG;YAClG,uBAAuB;QACzB,WAAW,EAAE,mBAAmB;QAChC,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE;QACb,IAAI,GAAG,CAAC,WAAW,KAAK,YAAY,EAAE,CAAC;YACrC,OAAO,YAAY,CACjB,IAAI,KAAK,CACP,kGAAkG;gBAChG,6EAA6E,CAChF,CACF,CAAC;QACJ,CAAC;QACD,OAAO,GAAG,CAAC,GAAG,EAAE,CACd,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,cAAc,CAAC;YACrC,OAAO,EAAE,IAAI,CAAC,cAAc;YAC5B,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtD,CAAC,CACH,CAAC;IACJ,CAAC,CACF,CAAC;AACJ,CAAC"}

package/dist/tools/webhooks.d.ts

@@ -1,2 +1,3 @@
 import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-export declare function registerWebhookTools(server: McpServer): void;
+import type { ToolContext } from '../client.js';
+export declare function registerWebhookTools(server: McpServer, ctx: ToolContext): void;

package/dist/tools/webhooks.js

@@ -1,28 +1,27 @@
-import { getClient } from '../client.js';
 import { CONFIRM_WARNING, DESTRUCTIVE, READ_ONLY, WRITE_SAFE } from '../annotations.js';
 import { run } from './helpers.js';
 import { registerWebhookShape, webhookIdShape } from '../schemas.js';
-export function registerWebhookTools(server) {
+export function registerWebhookTools(server, ctx) {
     server.registerTool('register_webhook', {
         title: 'Register webhook',
         description: 'Register an HTTPS endpoint to receive event notifications. The response returns a signing secret ' +
             '— store it to verify the HMAC-SHA256 signature on incoming payloads.',
         inputSchema: registerWebhookShape,
         annotations: WRITE_SAFE,
-    }, async (args) => run(() => getClient().webhooks.register({ url: args.url, events: args.events })));
+    }, async (args) => run(() => ctx.client.webhooks.register({ url: args.url, events: args.events })));
     server.registerTool('list_webhooks', {
         title: 'List webhooks',
         description: 'List all registered webhooks for the tenant.',
         inputSchema: {},
         annotations: READ_ONLY,
-    }, async () => run(() => getClient().webhooks.list()));
+    }, async () => run(() => ctx.client.webhooks.list()));
     server.registerTool('delete_webhook', {
         title: 'Delete webhook',
         description: CONFIRM_WARNING + 'Delete a registered webhook. Event delivery to it stops immediately.',
         inputSchema: webhookIdShape,
         annotations: DESTRUCTIVE,
     }, async (args) => run(async () => {
-        await getClient().webhooks.delete(args.webhookId);
+        await ctx.client.webhooks.delete(args.webhookId);
         return { webhookId: args.webhookId, deleted: true };
     }));
     server.registerTool('test_webhook', {
@@ -30,6 +29,6 @@ export function registerWebhookTools(server) {
         description: 'Send a sample payload to a registered webhook and return the delivery result.',
         inputSchema: webhookIdShape,
         annotations: WRITE_SAFE,
-    }, async (args) => run(() => getClient().webhooks.test(args.webhookId)));
+    }, async (args) => run(() => ctx.client.webhooks.test(args.webhookId)));
 }
 //# sourceMappingURL=webhooks.js.map

package/dist/tools/webhooks.js.map

@@ -1 +1 @@
-{"version":3,"file":"webhooks.js","sourceRoot":"","sources":["../../src/tools/webhooks.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AACxF,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,oBAAoB,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAErE,MAAM,UAAU,oBAAoB,CAAC,MAAiB;IACpD,MAAM,CAAC,YAAY,CACjB,kBAAkB,EAClB;QACE,KAAK,EAAE,kBAAkB;QACzB,WAAW,EACT,mGAAmG;YACnG,sEAAsE;QACxE,WAAW,EAAE,oBAAoB;QACjC,WAAW,EAAE,UAAU;KACxB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,GAAG,EAAE,CACP,SAAS,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,MAA4B,EAAE,CAAC,CAC5F,CACJ,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,eAAe,EACf;QACE,KAAK,EAAE,eAAe;QACtB,WAAW,EAAE,8CAA8C;QAC3D,WAAW,EAAE,EAAE;QACf,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,IAAI,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CACnD,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,gBAAgB,EAChB;QACE,KAAK,EAAE,gBAAgB;QACvB,WAAW,EAAE,eAAe,GAAG,sEAAsE;QACrG,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,KAAK,IAAI,EAAE;QACb,MAAM,SAAS,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAClD,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IACtD,CAAC,CAAC,CACL,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,cAAc,EACd;QACE,KAAK,EAAE,cAAc;QACrB,WAAW,EAAE,+EAA+E;QAC5F,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,UAAU;KACxB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CACrE,CAAC;AACJ,CAAC"}
+{"version":3,"file":"webhooks.js","sourceRoot":"","sources":["../../src/tools/webhooks.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AACxF,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,oBAAoB,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAErE,MAAM,UAAU,oBAAoB,CAAC,MAAiB,EAAE,GAAgB;IACtE,MAAM,CAAC,YAAY,CACjB,kBAAkB,EAClB;QACE,KAAK,EAAE,kBAAkB;QACzB,WAAW,EACT,mGAAmG;YACnG,sEAAsE;QACxE,WAAW,EAAE,oBAAoB;QACjC,WAAW,EAAE,UAAU;KACxB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,GAAG,EAAE,CACP,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,MAA4B,EAAE,CAAC,CAC3F,CACJ,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,eAAe,EACf;QACE,KAAK,EAAE,eAAe;QACtB,WAAW,EAAE,8CAA8C;QAC3D,WAAW,EAAE,EAAE;QACf,WAAW,EAAE,SAAS;KACvB,EACD,KAAK,IAAI,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAClD,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,gBAAgB,EAChB;QACE,KAAK,EAAE,gBAAgB;QACvB,WAAW,EAAE,eAAe,GAAG,sEAAsE;QACrG,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,WAAW;KACzB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CACb,GAAG,CAAC,KAAK,IAAI,EAAE;QACb,MAAM,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACjD,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IACtD,CAAC,CAAC,CACL,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,cAAc,EACd;QACE,KAAK,EAAE,cAAc;QACrB,WAAW,EAAE,+EAA+E;QAC5F,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,UAAU;KACxB,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CACpE,CAAC;AACJ,CAAC"}

package/package.json

@@ -1,14 +1,15 @@
 {
   "name": "@signdocs-brasil/mcp-server",
-  "version": "0.1.0",
-  "description": "Model Context Protocol (MCP) server for the SignDocs Brasil e-signature API — lets AI agents create signing sessions, manage envelopes, verify documents and more.",
+  "version": "0.2.0",
+  "description": "Model Context Protocol (MCP) server for the SignDocs Brasil e-signature API — lets AI agents create signing sessions, manage envelopes, verify documents and more. Local stdio + remote HTTP transports.",
   "license": "MIT",
   "type": "module",
   "engines": {
     "node": ">=18"
   },
   "bin": {
-    "signdocs-mcp": "dist/bin/stdio.js"
+    "signdocs-mcp": "dist/bin/stdio.js",
+    "signdocs-mcp-http": "dist/bin/http.js"
   },
   "main": "dist/server.js",
   "types": "dist/server.d.ts",
@@ -18,12 +19,13 @@
     "LICENSE"
   ],
   "scripts": {
-    "build": "tsc -p tsconfig.json && chmod +x dist/bin/stdio.js",
+    "build": "tsc -p tsconfig.json && chmod +x dist/bin/stdio.js dist/bin/http.js",
     "typecheck": "tsc -p tsconfig.json --noEmit",
     "test": "vitest run",
     "test:watch": "vitest",
     "inspect": "npm run build && npx @modelcontextprotocol/inspector node dist/bin/stdio.js",
     "start": "node dist/bin/stdio.js",
+    "start:http": "node dist/bin/http.js",
     "prepublishOnly": "npm run build && npm test"
   },
   "keywords": [