@stackable-labs/mcp-app-extension 0.4.1 → 0.5.0

package/dist/{auth-AJDGAQSE.js → auth-37BRWM34.js}

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { writeAuthState } from './chunk-4XCX3LVH.js';
+import { writeAuthState, STANDALONE_CLIENT_AUTH_FILE } from './chunk-J3MNH4OK.js';
 import { createServer } from 'http';
 import process6 from 'process';
 import { Buffer as Buffer$1 } from 'buffer';
@@ -661,7 +661,7 @@ var performOAuthFlow = async (discoveryUrl) => {
       orgId: payload.orgId,
       userId: payload.sub
     },
-    "mcp-auth.json"
+    STANDALONE_CLIENT_AUTH_FILE.MCP
   );
   return tokenResponse.access_token;
 };

package/dist/{auth-JRYNP3PL.js → auth-7GIVRWDG.js}

@@ -1,4 +1,4 @@
-import { writeAuthState } from './chunk-6EMXRSXY.js';
+import { writeAuthState, STANDALONE_CLIENT_AUTH_FILE } from './chunk-FIIWPDHX.js';
 import { createServer } from 'http';
 import process6 from 'process';
 import { Buffer as Buffer$1 } from 'buffer';
@@ -660,7 +660,7 @@ var performOAuthFlow = async (discoveryUrl) => {
       orgId: payload.orgId,
       userId: payload.sub
     },
-    "mcp-auth.json"
+    STANDALONE_CLIENT_AUTH_FILE.MCP
   );
   return tokenResponse.access_token;
 };

package/dist/{chunk-6EMXRSXY.js → chunk-FIIWPDHX.js}

@@ -3,10 +3,16 @@ import { join } from 'path';
 import { homedir } from 'os';
 
 // ../../lib/utils-auth/src/constants.ts
-var STANDALONE_CLIENT = {
-  CLI: "@stackable-labs/cli-app-extension",
-  MCP: "@stackable-labs/mcp-app-extension"
+var STANDALONE_CLIENT_DATA = {
+  CLI: { name: "@stackable-labs/cli-app-extension", authFile: "auth.json" },
+  MCP: { name: "@stackable-labs/mcp-app-extension", authFile: "mcp-auth.json" }
 };
+var STANDALONE_CLIENT = Object.fromEntries(
+  Object.entries(STANDALONE_CLIENT_DATA).map(([k, v]) => [k, v.name])
+);
+var STANDALONE_CLIENT_AUTH_FILE = Object.fromEntries(
+  Object.entries(STANDALONE_CLIENT_DATA).map(([k, v]) => [k, v.authFile])
+);
 Object.values(STANDALONE_CLIENT);
 
 // ../../lib/contracts/src/permissions.ts
@@ -28,9 +34,9 @@ var EDITOR_ROLES = [
 
 // ../../lib/utils-auth/src/index.ts
 var AUTH_DIR = join(homedir(), ".stackable");
-join(AUTH_DIR, "auth.json");
-join(AUTH_DIR, "mcp-auth.json");
-var resolveAuthFile = (filename) => join(AUTH_DIR, filename ?? "auth.json");
+join(AUTH_DIR, STANDALONE_CLIENT_AUTH_FILE.CLI);
+var MCP_AUTH_FILE = join(AUTH_DIR, STANDALONE_CLIENT_AUTH_FILE.MCP);
+var resolveAuthFile = (filename) => join(AUTH_DIR, filename ?? STANDALONE_CLIENT_AUTH_FILE.CLI);
 var readAuthState = async (filename) => {
   try {
     const content = await readFile(resolveAuthFile(filename), "utf8");
@@ -69,4 +75,4 @@ var getToken = async (filename) => {
   return state.token;
 };
 
-export { STANDALONE_CLIENT, getToken, writeAuthState };
+export { MCP_AUTH_FILE, STANDALONE_CLIENT, STANDALONE_CLIENT_AUTH_FILE, getToken, writeAuthState };

package/dist/{chunk-4XCX3LVH.js → chunk-J3MNH4OK.js}

@@ -3,6 +3,19 @@ import { mkdir, writeFile, readFile } from 'fs/promises';
 import { join } from 'path';
 import { homedir } from 'os';
 
+// ../../lib/utils-auth/src/constants.ts
+var STANDALONE_CLIENT_DATA = {
+  CLI: { name: "@stackable-labs/cli-app-extension", authFile: "auth.json" },
+  MCP: { name: "@stackable-labs/mcp-app-extension", authFile: "mcp-auth.json" }
+};
+var STANDALONE_CLIENT = Object.fromEntries(
+  Object.entries(STANDALONE_CLIENT_DATA).map(([k, v]) => [k, v.name])
+);
+var STANDALONE_CLIENT_AUTH_FILE = Object.fromEntries(
+  Object.entries(STANDALONE_CLIENT_DATA).map(([k, v]) => [k, v.authFile])
+);
+Object.values(STANDALONE_CLIENT);
+
 // ../../lib/contracts/src/permissions.ts
 var SUPER_ROLE = {
   ADMIN: "org:super_admin"
@@ -20,18 +33,11 @@ var EDITOR_ROLES = [
   ...Object.values(EDITOR_ROLES)
 ];
 
-// ../../lib/utils-auth/src/constants.ts
-var STANDALONE_CLIENT = {
-  CLI: "@stackable-labs/cli-app-extension",
-  MCP: "@stackable-labs/mcp-app-extension"
-};
-Object.values(STANDALONE_CLIENT);
-
 // ../../lib/utils-auth/src/index.ts
 var AUTH_DIR = join(homedir(), ".stackable");
-join(AUTH_DIR, "auth.json");
-join(AUTH_DIR, "mcp-auth.json");
-var resolveAuthFile = (filename) => join(AUTH_DIR, filename ?? "auth.json");
+join(AUTH_DIR, STANDALONE_CLIENT_AUTH_FILE.CLI);
+var MCP_AUTH_FILE = join(AUTH_DIR, STANDALONE_CLIENT_AUTH_FILE.MCP);
+var resolveAuthFile = (filename) => join(AUTH_DIR, filename ?? STANDALONE_CLIENT_AUTH_FILE.CLI);
 var readAuthState = async (filename) => {
   try {
     const content = await readFile(resolveAuthFile(filename), "utf8");
@@ -70,4 +76,4 @@ var getToken = async (filename) => {
   return state.token;
 };
 
-export { STANDALONE_CLIENT, getToken, writeAuthState };
+export { MCP_AUTH_FILE, STANDALONE_CLIENT, STANDALONE_CLIENT_AUTH_FILE, getToken, writeAuthState };

package/dist/index.js

@@ -1,8 +1,8 @@
 #!/usr/bin/env node
-import { STANDALONE_CLIENT, getToken } from './chunk-4XCX3LVH.js';
+import { STANDALONE_CLIENT, MCP_AUTH_FILE, getToken, STANDALONE_CLIENT_AUTH_FILE } from './chunk-J3MNH4OK.js';
 import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-import { IDENTITY_EVENTS, ACTIVITY_EVENTS, SURFACE_TARGETS, PERMISSIONS, CAPABILITY_PERMISSION_MAP, ALLOWED_ICONS, UI_TAGS, UI_TAG_ATTRIBUTES, tagToComponentName } from '@stackable-labs/sdk-extension-contracts';
+import { IDENTITY_EVENT, ACTIVITY_EVENT, SURFACE_TARGET, PERMISSIONS, CAPABILITY_PERMISSION_MAP, ALLOWED_ICONS, UI_TAGS, UI_TAG_ATTRIBUTES, tagToComponentName } from '@stackable-labs/sdk-extension-contracts';
 import { z } from 'zod';
 
 // ../../sdk/extension/ai-docs/src/generated/template-content.ts
@@ -431,8 +431,8 @@ useExtendIdentity(handleExtend)`
 };
 
 // ../../sdk/extension/ai-docs/src/generators/capabilities.ts
-var identityEventTypes = Object.values(IDENTITY_EVENTS).map((e) => `'${e}'`).join(" | ");
-var activityEventTypes = Object.values(ACTIVITY_EVENTS).map((e) => `'${e}'`).join(" | ");
+var IDENTITY_EVENT_VALUES = Object.values(IDENTITY_EVENT).map((e) => `'${e}'`).join(" | ");
+var ACTIVITY_EVENT_VALUES = Object.values(ACTIVITY_EVENT).map((e) => `'${e}'`).join(" | ");
 var generateCapabilities = () => {
   const fm = frontmatter({
     root: false,
@@ -539,7 +539,7 @@ Subscribe to real-time identity events (login, logout, refresh, expired) pushed
 - **Permission required:** \`events:identity\`
 - **Manifest events array:** Declare specific events to listen for (e.g. \`["identity:login", "identity:logout"]\`)
 - **Hook:** \`useIdentityEvent(eventType, handler)\`
-- **Event types:** \`${identityEventTypes}\`
+- **Event types:** \`${IDENTITY_EVENT_VALUES}\`
 
 \`\`\`json
 {
@@ -579,7 +579,7 @@ Subscribe to host activity events (e.g. page views, clicks, purchases) pushed fr
 - **Permission required:** \`events:activity\`
 - **Manifest events array:** Declare specific events to listen for (e.g. \`["activity:product_view", "activity:add_to_cart"]\`) \u2014 manifest uses fully-qualified strings
 - **Hook:** \`useActivityEvent(eventType, handler)\` \u2014 \`ActivityEventHandler\` type exported for use with \`useCallback\`
-- **Event types (domain-stripped):** \`${activityEventTypes} | '*'\`
+- **Event types (domain-stripped):** \`${ACTIVITY_EVENT_VALUES} | '*'\`
 - **Well-known event names:**
 
 | Event | Example payload fields |
@@ -930,8 +930,8 @@ export function Content(): React.ReactElement {
 
 // ../../sdk/extension/ai-docs/src/generators/hooks-and-api.ts
 var stripImports = (snippet) => snippet.split("\n").filter((line) => !line.startsWith("import ")).join("\n").trim();
-var identityEventTypes2 = Object.values(IDENTITY_EVENTS).map((e) => `'${e}'`).join(" | ");
-var activityEventTypes2 = Object.values(ACTIVITY_EVENTS).map((e) => `'${e}'`).join(" | ");
+var identityEventTypes = Object.values(IDENTITY_EVENT).map((e) => `'${e}'`).join(" | ");
+var activityEventTypes = Object.values(ACTIVITY_EVENT).map((e) => `'${e}'`).join(" | ");
 var generateHooksAndApi = () => {
   const fm = frontmatter({
     root: false,
@@ -1007,7 +1007,7 @@ const appStore = createStore<AppState>({ viewState: { type: 'menu' } })
 
 ## useIdentityEvent(eventType, handler)
 Subscribe to identity events pushed from the host. Requires \`events:identity\` permission and matching entries in manifest \`events\` array.
-- \`eventType: ${identityEventTypes2}\`
+- \`eventType: ${identityEventTypes}\`
 - \`handler: (event: IdentityEvent) => void\`
 - \`IdentityEvent: { eventName: IdentityEventType, data: { state: IdentityState, timestamp: string } }\`
 - \`IdentityState: { authenticated: boolean, user: UserIdentity | null, expiresAt?: string }\`
@@ -1035,7 +1035,7 @@ ${HOOK_SNIPPETS_MEMOIZED["events:messaging"]}
 
 ## useActivityEvent(eventType, handler)
 Subscribe to host activity events. Requires \`events:activity\` permission and matching entries in manifest \`events\` array.
-- \`eventType: ${activityEventTypes2} | '*'\` (domain-stripped)
+- \`eventType: ${activityEventTypes} | '*'\` (domain-stripped)
 - \`handler: ActivityEventHandler\` \u2014 \`(event: ActivityEvent) => void\`
 - \`ActivityEvent: { eventName: string, data: Record<string, unknown> }\`
 - \`'*'\` receives ALL activity events
@@ -1340,7 +1340,7 @@ ${references}
 ${body}`;
 };
 var SURFACE_SNIPPETS = {
-  [SURFACE_TARGETS.HEADER]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
+  [SURFACE_TARGET.HEADER]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
 
 export function Header() {
   return (
@@ -1349,7 +1349,7 @@ export function Header() {
     </Surface>
   )
 }`,
-  [SURFACE_TARGETS.CONTENT]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
+  [SURFACE_TARGET.CONTENT]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
 
 export function Content() {
   return (
@@ -1362,7 +1362,7 @@ export function Content() {
     </Surface>
   )
 }`,
-  [SURFACE_TARGETS.FOOTER]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
+  [SURFACE_TARGET.FOOTER]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
 
 export function Footer() {
   return (
@@ -1371,7 +1371,7 @@ export function Footer() {
     </Surface>
   )
 }`,
-  [SURFACE_TARGETS.FOOTER_LINKS]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
+  [SURFACE_TARGET.FOOTER_LINKS]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
 
 export function FooterLinks() {
   return (
@@ -1412,7 +1412,7 @@ the \`<Surface>\` wrapper from \`@stackable-labs/sdk-extension-react\`.
 Each surface is a React component wrapped in \`<Surface>\`:
 
 \`\`\`tsx
-${SURFACE_SNIPPETS[SURFACE_TARGETS.CONTENT]}
+${SURFACE_SNIPPETS[SURFACE_TARGET.CONTENT]}
 \`\`\`
 
 The \`id\` prop must match a target declared in your \`manifest.json\`:
@@ -2197,7 +2197,7 @@ to read state with minimal re-renders.
 Each surface is a React component in \`src/surfaces/\`:
 
 \`\`\`tsx
-${SURFACE_SNIPPETS[SURFACE_TARGETS.CONTENT]}
+${SURFACE_SNIPPETS[SURFACE_TARGET.CONTENT]}
 \`\`\`
 
 The \`id\` prop must match a target in \`manifest.json\`.
@@ -2578,25 +2578,25 @@ The \`id\` prop must match a target declared in your \`manifest.json\`.
 ### Header
 
 \`\`\`tsx
-${SURFACE_SNIPPETS[SURFACE_TARGETS.HEADER]}
+${SURFACE_SNIPPETS[SURFACE_TARGET.HEADER]}
 \`\`\`
 
 ### Content
 
 \`\`\`tsx
-${SURFACE_SNIPPETS[SURFACE_TARGETS.CONTENT]}
+${SURFACE_SNIPPETS[SURFACE_TARGET.CONTENT]}
 \`\`\`
 
 ### Footer
 
 \`\`\`tsx
-${SURFACE_SNIPPETS[SURFACE_TARGETS.FOOTER]}
+${SURFACE_SNIPPETS[SURFACE_TARGET.FOOTER]}
 \`\`\`
 
 ### Footer Links
 
 \`\`\`tsx
-${SURFACE_SNIPPETS[SURFACE_TARGETS.FOOTER_LINKS]}
+${SURFACE_SNIPPETS[SURFACE_TARGET.FOOTER_LINKS]}
 \`\`\`
 
 ## Store \u2014 Cross-Surface State & Navigation
@@ -2628,8 +2628,8 @@ ${EXAMPLE_SNIPPETS.surfaceContext}
 \`\`\`
 `;
 };
-var identityEventTypes3 = Object.values(IDENTITY_EVENTS).map((e) => `\`${e}\``).join(", ");
-var activityEventTypes3 = Object.values(ACTIVITY_EVENTS).map((e) => `\`${e}\``).join(", ");
+var identityEventTypes2 = Object.values(IDENTITY_EVENT).map((e) => `\`${e}\``).join(", ");
+var activityEventTypes2 = Object.values(ACTIVITY_EVENT).map((e) => `\`${e}\``).join(", ");
 var generateCookbookEvents = () => {
   const fm = frontmatter({
     root: false,
@@ -2650,7 +2650,7 @@ Subscribe to login, logout, refresh, and expired events. Useful for tracking
 agent authentication state in your extension.
 
 **Permission:** \`events:identity\`
-**Event types:** ${identityEventTypes3}
+**Event types:** ${identityEventTypes2}
 
 ### Hook usage
 
@@ -2690,7 +2690,7 @@ Activity event names are domain-stripped \u2014 use \`useActivityEvent('product_
 not \`'activity:product_view'\`.
 
 **Permission:** \`events:activity\`
-**Well-known events:** ${activityEventTypes3}
+**Well-known events:** ${activityEventTypes2}
 
 ### Hook usage
 
@@ -3772,10 +3772,10 @@ var createMcpServer = (options = {}) => {
       return options.authContext.token;
     }
     try {
-      return await getToken("mcp-auth.json");
+      return await getToken(STANDALONE_CLIENT_AUTH_FILE.MCP);
     } catch {
     }
-    const { performOAuthFlow } = await import('./auth-AJDGAQSE.js');
+    const { performOAuthFlow } = await import('./auth-37BRWM34.js');
     const MCP_API_BASE_URL = process.env.MCP_API_BASE_URL ?? DEFAULT_MCP_API_BASE_URL;
     return performOAuthFlow(`${MCP_API_BASE_URL}/.well-known/oauth-authorization-server`);
   };
@@ -3810,7 +3810,7 @@ var createMcpServer = (options = {}) => {
       if (e.message.includes("fetch")) {
         const MCP_API_BASE_URL = process.env.MCP_API_BASE_URL ?? DEFAULT_MCP_API_BASE_URL;
         return errorContent(
-          `MCP auth flow failed: ${e.message}. Check MCP_API_BASE_URL env var (currently "${MCP_API_BASE_URL}"). To re-auth from scratch: rm ~/.stackable/mcp-auth.json`
+          `MCP auth flow failed: ${e.message}. Check MCP_API_BASE_URL env var (currently "${MCP_API_BASE_URL}"). To re-auth from scratch: rm ${MCP_AUTH_FILE}`
         );
       }
       return errorContent(e.message);

package/dist/server.js

@@ -1,6 +1,6 @@
-import { STANDALONE_CLIENT, getToken } from './chunk-6EMXRSXY.js';
+import { STANDALONE_CLIENT, MCP_AUTH_FILE, getToken, STANDALONE_CLIENT_AUTH_FILE } from './chunk-FIIWPDHX.js';
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-import { IDENTITY_EVENTS, ACTIVITY_EVENTS, SURFACE_TARGETS, PERMISSIONS, CAPABILITY_PERMISSION_MAP, ALLOWED_ICONS, UI_TAGS, UI_TAG_ATTRIBUTES, tagToComponentName } from '@stackable-labs/sdk-extension-contracts';
+import { IDENTITY_EVENT, ACTIVITY_EVENT, SURFACE_TARGET, PERMISSIONS, CAPABILITY_PERMISSION_MAP, ALLOWED_ICONS, UI_TAGS, UI_TAG_ATTRIBUTES, tagToComponentName } from '@stackable-labs/sdk-extension-contracts';
 import { z } from 'zod';
 
 // ../../sdk/extension/ai-docs/src/generated/template-content.ts
@@ -429,8 +429,8 @@ useExtendIdentity(handleExtend)`
 };
 
 // ../../sdk/extension/ai-docs/src/generators/capabilities.ts
-var identityEventTypes = Object.values(IDENTITY_EVENTS).map((e) => `'${e}'`).join(" | ");
-var activityEventTypes = Object.values(ACTIVITY_EVENTS).map((e) => `'${e}'`).join(" | ");
+var IDENTITY_EVENT_VALUES = Object.values(IDENTITY_EVENT).map((e) => `'${e}'`).join(" | ");
+var ACTIVITY_EVENT_VALUES = Object.values(ACTIVITY_EVENT).map((e) => `'${e}'`).join(" | ");
 var generateCapabilities = () => {
   const fm = frontmatter({
     root: false,
@@ -537,7 +537,7 @@ Subscribe to real-time identity events (login, logout, refresh, expired) pushed
 - **Permission required:** \`events:identity\`
 - **Manifest events array:** Declare specific events to listen for (e.g. \`["identity:login", "identity:logout"]\`)
 - **Hook:** \`useIdentityEvent(eventType, handler)\`
-- **Event types:** \`${identityEventTypes}\`
+- **Event types:** \`${IDENTITY_EVENT_VALUES}\`
 
 \`\`\`json
 {
@@ -577,7 +577,7 @@ Subscribe to host activity events (e.g. page views, clicks, purchases) pushed fr
 - **Permission required:** \`events:activity\`
 - **Manifest events array:** Declare specific events to listen for (e.g. \`["activity:product_view", "activity:add_to_cart"]\`) \u2014 manifest uses fully-qualified strings
 - **Hook:** \`useActivityEvent(eventType, handler)\` \u2014 \`ActivityEventHandler\` type exported for use with \`useCallback\`
-- **Event types (domain-stripped):** \`${activityEventTypes} | '*'\`
+- **Event types (domain-stripped):** \`${ACTIVITY_EVENT_VALUES} | '*'\`
 - **Well-known event names:**
 
 | Event | Example payload fields |
@@ -928,8 +928,8 @@ export function Content(): React.ReactElement {
 
 // ../../sdk/extension/ai-docs/src/generators/hooks-and-api.ts
 var stripImports = (snippet) => snippet.split("\n").filter((line) => !line.startsWith("import ")).join("\n").trim();
-var identityEventTypes2 = Object.values(IDENTITY_EVENTS).map((e) => `'${e}'`).join(" | ");
-var activityEventTypes2 = Object.values(ACTIVITY_EVENTS).map((e) => `'${e}'`).join(" | ");
+var identityEventTypes = Object.values(IDENTITY_EVENT).map((e) => `'${e}'`).join(" | ");
+var activityEventTypes = Object.values(ACTIVITY_EVENT).map((e) => `'${e}'`).join(" | ");
 var generateHooksAndApi = () => {
   const fm = frontmatter({
     root: false,
@@ -1005,7 +1005,7 @@ const appStore = createStore<AppState>({ viewState: { type: 'menu' } })
 
 ## useIdentityEvent(eventType, handler)
 Subscribe to identity events pushed from the host. Requires \`events:identity\` permission and matching entries in manifest \`events\` array.
-- \`eventType: ${identityEventTypes2}\`
+- \`eventType: ${identityEventTypes}\`
 - \`handler: (event: IdentityEvent) => void\`
 - \`IdentityEvent: { eventName: IdentityEventType, data: { state: IdentityState, timestamp: string } }\`
 - \`IdentityState: { authenticated: boolean, user: UserIdentity | null, expiresAt?: string }\`
@@ -1033,7 +1033,7 @@ ${HOOK_SNIPPETS_MEMOIZED["events:messaging"]}
 
 ## useActivityEvent(eventType, handler)
 Subscribe to host activity events. Requires \`events:activity\` permission and matching entries in manifest \`events\` array.
-- \`eventType: ${activityEventTypes2} | '*'\` (domain-stripped)
+- \`eventType: ${activityEventTypes} | '*'\` (domain-stripped)
 - \`handler: ActivityEventHandler\` \u2014 \`(event: ActivityEvent) => void\`
 - \`ActivityEvent: { eventName: string, data: Record<string, unknown> }\`
 - \`'*'\` receives ALL activity events
@@ -1338,7 +1338,7 @@ ${references}
 ${body}`;
 };
 var SURFACE_SNIPPETS = {
-  [SURFACE_TARGETS.HEADER]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
+  [SURFACE_TARGET.HEADER]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
 
 export function Header() {
   return (
@@ -1347,7 +1347,7 @@ export function Header() {
     </Surface>
   )
 }`,
-  [SURFACE_TARGETS.CONTENT]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
+  [SURFACE_TARGET.CONTENT]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
 
 export function Content() {
   return (
@@ -1360,7 +1360,7 @@ export function Content() {
     </Surface>
   )
 }`,
-  [SURFACE_TARGETS.FOOTER]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
+  [SURFACE_TARGET.FOOTER]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
 
 export function Footer() {
   return (
@@ -1369,7 +1369,7 @@ export function Footer() {
     </Surface>
   )
 }`,
-  [SURFACE_TARGETS.FOOTER_LINKS]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
+  [SURFACE_TARGET.FOOTER_LINKS]: `import { Surface, ui } from '@stackable-labs/sdk-extension-react'
 
 export function FooterLinks() {
   return (
@@ -1410,7 +1410,7 @@ the \`<Surface>\` wrapper from \`@stackable-labs/sdk-extension-react\`.
 Each surface is a React component wrapped in \`<Surface>\`:
 
 \`\`\`tsx
-${SURFACE_SNIPPETS[SURFACE_TARGETS.CONTENT]}
+${SURFACE_SNIPPETS[SURFACE_TARGET.CONTENT]}
 \`\`\`
 
 The \`id\` prop must match a target declared in your \`manifest.json\`:
@@ -2195,7 +2195,7 @@ to read state with minimal re-renders.
 Each surface is a React component in \`src/surfaces/\`:
 
 \`\`\`tsx
-${SURFACE_SNIPPETS[SURFACE_TARGETS.CONTENT]}
+${SURFACE_SNIPPETS[SURFACE_TARGET.CONTENT]}
 \`\`\`
 
 The \`id\` prop must match a target in \`manifest.json\`.
@@ -2576,25 +2576,25 @@ The \`id\` prop must match a target declared in your \`manifest.json\`.
 ### Header
 
 \`\`\`tsx
-${SURFACE_SNIPPETS[SURFACE_TARGETS.HEADER]}
+${SURFACE_SNIPPETS[SURFACE_TARGET.HEADER]}
 \`\`\`
 
 ### Content
 
 \`\`\`tsx
-${SURFACE_SNIPPETS[SURFACE_TARGETS.CONTENT]}
+${SURFACE_SNIPPETS[SURFACE_TARGET.CONTENT]}
 \`\`\`
 
 ### Footer
 
 \`\`\`tsx
-${SURFACE_SNIPPETS[SURFACE_TARGETS.FOOTER]}
+${SURFACE_SNIPPETS[SURFACE_TARGET.FOOTER]}
 \`\`\`
 
 ### Footer Links
 
 \`\`\`tsx
-${SURFACE_SNIPPETS[SURFACE_TARGETS.FOOTER_LINKS]}
+${SURFACE_SNIPPETS[SURFACE_TARGET.FOOTER_LINKS]}
 \`\`\`
 
 ## Store \u2014 Cross-Surface State & Navigation
@@ -2626,8 +2626,8 @@ ${EXAMPLE_SNIPPETS.surfaceContext}
 \`\`\`
 `;
 };
-var identityEventTypes3 = Object.values(IDENTITY_EVENTS).map((e) => `\`${e}\``).join(", ");
-var activityEventTypes3 = Object.values(ACTIVITY_EVENTS).map((e) => `\`${e}\``).join(", ");
+var identityEventTypes2 = Object.values(IDENTITY_EVENT).map((e) => `\`${e}\``).join(", ");
+var activityEventTypes2 = Object.values(ACTIVITY_EVENT).map((e) => `\`${e}\``).join(", ");
 var generateCookbookEvents = () => {
   const fm = frontmatter({
     root: false,
@@ -2648,7 +2648,7 @@ Subscribe to login, logout, refresh, and expired events. Useful for tracking
 agent authentication state in your extension.
 
 **Permission:** \`events:identity\`
-**Event types:** ${identityEventTypes3}
+**Event types:** ${identityEventTypes2}
 
 ### Hook usage
 
@@ -2688,7 +2688,7 @@ Activity event names are domain-stripped \u2014 use \`useActivityEvent('product_
 not \`'activity:product_view'\`.
 
 **Permission:** \`events:activity\`
-**Well-known events:** ${activityEventTypes3}
+**Well-known events:** ${activityEventTypes2}
 
 ### Hook usage
 
@@ -3770,10 +3770,10 @@ var createMcpServer = (options = {}) => {
       return options.authContext.token;
     }
     try {
-      return await getToken("mcp-auth.json");
+      return await getToken(STANDALONE_CLIENT_AUTH_FILE.MCP);
     } catch {
     }
-    const { performOAuthFlow } = await import('./auth-JRYNP3PL.js');
+    const { performOAuthFlow } = await import('./auth-7GIVRWDG.js');
     const MCP_API_BASE_URL = process.env.MCP_API_BASE_URL ?? DEFAULT_MCP_API_BASE_URL;
     return performOAuthFlow(`${MCP_API_BASE_URL}/.well-known/oauth-authorization-server`);
   };
@@ -3808,7 +3808,7 @@ var createMcpServer = (options = {}) => {
       if (e.message.includes("fetch")) {
         const MCP_API_BASE_URL = process.env.MCP_API_BASE_URL ?? DEFAULT_MCP_API_BASE_URL;
         return errorContent(
-          `MCP auth flow failed: ${e.message}. Check MCP_API_BASE_URL env var (currently "${MCP_API_BASE_URL}"). To re-auth from scratch: rm ~/.stackable/mcp-auth.json`
+          `MCP auth flow failed: ${e.message}. Check MCP_API_BASE_URL env var (currently "${MCP_API_BASE_URL}"). To re-auth from scratch: rm ${MCP_AUTH_FILE}`
         );
       }
       return errorContent(e.message);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stackable-labs/mcp-app-extension",
-  "version": "0.4.1",
+  "version": "0.5.0",
   "type": "module",
   "bin": {
     "mcp-app-extension": "./dist/index.js"