@tradeos/tradeos-mcp-test 1.0.0-alpha.1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 TradeOS AI
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,2 @@
+# tradeos-mcp
+Use TradeOS MCP Server to bring your trading data, indicators, strategy logic, and agent workflows into MCP-compatible AI tools. Copy your server URL, add it to GPT or Claude, and let your AI assistant work directly with your TradeOS trading intelligence.

package/build/config.js

@@ -0,0 +1,13 @@
+import { BRIDGE_CONFIG, TRADEOS_CONFIG } from "./constant.js";
+/** Load bridge config from environment (see `.example.env`). */
+export function loadConfig() {
+    const { accessTokenEnv } = BRIDGE_CONFIG;
+    const accessToken = process.env[accessTokenEnv]?.trim();
+    if (!accessToken) {
+        throw new Error(`${accessTokenEnv} is required (OAuth Bearer token for mcp-call)`);
+    }
+    return {
+        accessToken,
+        mcpCallUrl: TRADEOS_CONFIG.mcpCallUrl,
+    };
+}

package/build/constant.js

@@ -0,0 +1,21 @@
+/** TradeOS production endpoints (not overridable via env). */
+export const TRADEOS_CONFIG = {
+    baseUrl: "https://ai.tradeos.xyz",
+    mcpCallPath: "/api/agent/mcp/mcp-call",
+    authorizePath: "/api/agent/mcp/mcp-authorize",
+    tokenPath: "/api/agent/mcp/mcp-token",
+    mcpCallUrl: "https://ai.tradeos.xyz/api/agent/mcp/mcp-call",
+};
+/** OAuth loopback (see `scripts/fetch-token.mjs`). */
+export const OAUTH_CONFIG = {
+    clientId: "claude",
+    redirectUri: "http://127.0.0.1:3847/callback",
+    callbackPath: "/callback",
+    port: 3847,
+};
+export const BRIDGE_CONFIG = {
+    accessTokenEnv: "TRADEOS_ACCESS_TOKEN",
+    server: { name: "tradeos-mcp-test", version: "1.0.0" },
+    client: { name: "tradeos-mcp-test-bridge", version: "1.0.0" },
+    proxyInstructions: "TradeOS MCP bridge. All tools are executed on TradeOS via mcp-call.",
+};

package/build/index.js

@@ -0,0 +1,38 @@
+#!/usr/bin/env node
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { loadConfig } from "./config.js";
+import { createProxyServer } from "./proxy-server.js";
+import { connectRemoteClient } from "./remote-client.js";
+async function shutdown(remoteClient, proxyServer) {
+    try {
+        await proxyServer.close();
+    }
+    catch {
+        /* ignore */
+    }
+    try {
+        await remoteClient.close();
+    }
+    catch {
+        /* ignore */
+    }
+}
+async function main() {
+    const config = loadConfig();
+    console.error(`[tradeos-mcp-test] remote: ${config.mcpCallUrl}`);
+    const remoteClient = await connectRemoteClient(config);
+    const proxyServer = createProxyServer(remoteClient);
+    const stdioTransport = new StdioServerTransport();
+    const onSignal = () => {
+        void shutdown(remoteClient, proxyServer).finally(() => process.exit(0));
+    };
+    process.on("SIGINT", onSignal);
+    process.on("SIGTERM", onSignal);
+    await proxyServer.connect(stdioTransport);
+    console.error("[tradeos-mcp-test] stdio bridge ready");
+}
+main().catch((error) => {
+    const message = error instanceof Error ? error.message : String(error);
+    console.error(`[tradeos-mcp-test] fatal: ${message}`);
+    process.exit(1);
+});

package/build/proxy-server.js

@@ -0,0 +1,21 @@
+import { Server } from "@modelcontextprotocol/sdk/server/index.js";
+import { CallToolRequestSchema, ListToolsRequestSchema, } from "@modelcontextprotocol/sdk/types.js";
+import { BRIDGE_CONFIG } from "./constant.js";
+/**
+ * stdio MCP server that forwards tools/list and tools/call to the remote TradeOS client.
+ */
+export function createProxyServer(remoteClient) {
+    const server = new Server(BRIDGE_CONFIG.server, {
+        capabilities: {
+            tools: {},
+        },
+        instructions: BRIDGE_CONFIG.proxyInstructions,
+    });
+    server.setRequestHandler(ListToolsRequestSchema, async (request) => {
+        return remoteClient.listTools(request.params);
+    });
+    server.setRequestHandler(CallToolRequestSchema, async (request) => {
+        return remoteClient.callTool(request.params);
+    });
+    return server;
+}

package/build/remote-client.js

@@ -0,0 +1,19 @@
+import { Client } from "@modelcontextprotocol/sdk/client/index.js";
+import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
+import { BRIDGE_CONFIG } from "./constant.js";
+/** MCP client connected to TradeOS Streamable HTTP `mcp-call`. */
+export async function connectRemoteClient(config) {
+    const url = new URL(config.mcpCallUrl);
+    const transport = new StreamableHTTPClientTransport(url, {
+        requestInit: {
+            headers: {
+                Authorization: `Bearer ${config.accessToken}`,
+            },
+        },
+    });
+    const client = new Client(BRIDGE_CONFIG.client, {
+        capabilities: {},
+    });
+    await client.connect(transport);
+    return client;
+}

package/package.json

@@ -0,0 +1,50 @@
+{
+  "name": "@tradeos/tradeos-mcp-test",
+  "version": "1.0.0-alpha.1",
+  "description": "[TEST] stdio MCP bridge to TradeOS mcp-call (https://ai.tradeos.xyz). Publish as TradeOS-AI org member 0xFar777.",
+  "type": "module",
+  "main": "build/index.js",
+  "mcpName": "io.github.TradeOS-AI/tradeos-mcp-test",
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/TradeOS-AI/tradeos-mcp.git"
+  },
+  "bin": {
+    "tradeos-mcp-test": "build/index.js",
+    "tradeos-mcp-test-oauth": "scripts/fetch-token.mjs"
+  },
+  "files": [
+    "build",
+    "scripts/fetch-token.mjs",
+    "server.json"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json",
+    "build:all": "tsc",
+    "start": "node build/index.js",
+    "oauth:token": "pnpm run build && node scripts/fetch-token.mjs",
+    "smoke": "pnpm run build:all && node --env-file=.env build/smoke-remote.js",
+    "registry:verify": "node scripts/verify-registry.mjs",
+    "registry:sync-version": "node scripts/sync-registry-version.mjs"
+  },
+  "keywords": [
+    "mcp",
+    "tradeos",
+    "modelcontextprotocol",
+    "test"
+  ],
+  "license": "ISC",
+  "engines": {
+    "node": ">=18"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.29.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.19.2",
+    "typescript": "^5.9.3"
+  }
+}

package/scripts/fetch-token.mjs

@@ -0,0 +1,192 @@
+#!/usr/bin/env node
+/**
+ * Get TRADEOS_ACCESS_TOKEN via browser OAuth (PKCE + loopback callback).
+ *
+ * Usage:
+ *   npx tradeos-mcp-test-oauth
+ *   pnpm run oauth:token
+ *
+ * Opens browser → log in on TradeOS → prints access_token for .env
+ */
+import { createHash, randomBytes } from "node:crypto";
+import { exec } from "node:child_process";
+import { createServer } from "node:http";
+import { URL } from "node:url";
+import {
+  BRIDGE_CONFIG,
+  OAUTH_CONFIG,
+  TRADEOS_CONFIG,
+} from "../build/constant.js";
+
+function base64Url(buffer) {
+  return buffer.toString("base64url");
+}
+
+function generateCodeVerifier() {
+  return base64Url(randomBytes(32));
+}
+
+function generateCodeChallenge(verifier) {
+  return createHash("sha256").update(verifier).digest("base64url");
+}
+
+function openBrowser(url) {
+  const platform = process.platform;
+  const cmd =
+    platform === "win32"
+      ? `start "" "${url}"`
+      : platform === "darwin"
+        ? `open "${url}"`
+        : `xdg-open "${url}"`;
+  exec(cmd, (err) => {
+    if (err) {
+      console.error(
+        `[fetch-token] Could not open browser automatically. Open:\n${url}\n`,
+      );
+    }
+  });
+}
+
+function buildAuthorizeUrl(codeChallenge, state) {
+  const url = new URL(
+    `${TRADEOS_CONFIG.baseUrl}${TRADEOS_CONFIG.authorizePath}`,
+  );
+  url.searchParams.set("response_type", "code");
+  url.searchParams.set("client_id", OAUTH_CONFIG.clientId);
+  url.searchParams.set("redirect_uri", OAUTH_CONFIG.redirectUri);
+  url.searchParams.set("code_challenge", codeChallenge);
+  url.searchParams.set("code_challenge_method", "S256");
+  url.searchParams.set("state", state);
+  return url.toString();
+}
+
+async function exchangeCodeForToken(code, codeVerifier) {
+  const res = await fetch(
+    `${TRADEOS_CONFIG.baseUrl}${TRADEOS_CONFIG.tokenPath}`,
+    {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        grant_type: "authorization_code",
+        code,
+        redirect_uri: OAUTH_CONFIG.redirectUri,
+        code_verifier: codeVerifier,
+      }),
+    },
+  );
+
+  const text = await res.text();
+  let body;
+  try {
+    body = JSON.parse(text);
+  } catch {
+    body = { raw: text };
+  }
+
+  if (!res.ok) {
+    throw new Error(
+      `mcp-token failed (${res.status}): ${JSON.stringify(body)}`,
+    );
+  }
+
+  if (!body.access_token) {
+    throw new Error(`No access_token in response: ${JSON.stringify(body)}`);
+  }
+
+  return body.access_token;
+}
+
+function waitForAuthorizationCode(codeVerifier) {
+  return new Promise((resolve, reject) => {
+    const expectedState = base64Url(randomBytes(16));
+    const authorizeUrl = buildAuthorizeUrl(
+      generateCodeChallenge(codeVerifier),
+      expectedState,
+    );
+
+    const server = createServer((req, res) => {
+      try {
+        const incoming = new URL(
+          req.url ?? "/",
+          `http://127.0.0.1:${OAUTH_CONFIG.port}`,
+        );
+        if (incoming.pathname !== OAUTH_CONFIG.callbackPath) {
+          res.writeHead(404, { "Content-Type": "text/plain; charset=utf-8" });
+          res.end("Not found");
+          return;
+        }
+
+        const error = incoming.searchParams.get("error");
+        if (error) {
+          res.writeHead(400, { "Content-Type": "text/html; charset=utf-8" });
+          res.end(`<h1>OAuth error</h1><pre>${error}</pre>`);
+          reject(new Error(`OAuth error: ${error}`));
+          server.close();
+          return;
+        }
+
+        const state = incoming.searchParams.get("state");
+        if (state !== expectedState) {
+          res.writeHead(400, { "Content-Type": "text/html; charset=utf-8" });
+          res.end("<h1>Invalid state</h1>");
+          reject(new Error("OAuth state mismatch"));
+          server.close();
+          return;
+        }
+
+        const code = incoming.searchParams.get("code");
+        if (!code) {
+          res.writeHead(400, { "Content-Type": "text/html; charset=utf-8" });
+          res.end("<h1>Missing code</h1>");
+          reject(new Error("Missing authorization code in callback"));
+          server.close();
+          return;
+        }
+
+        res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
+        res.end(
+          "<h1>TradeOS MCP</h1><p>Login OK. Return to the terminal for your access_token.</p><script>setTimeout(()=>window.close(),1500)</script>",
+        );
+        resolve(code);
+        server.close();
+      } catch (e) {
+        reject(e);
+        server.close();
+      }
+    });
+
+    server.listen(OAUTH_CONFIG.port, "127.0.0.1", () => {
+      console.error(
+        `[fetch-token] Waiting for callback on ${OAUTH_CONFIG.redirectUri}`,
+      );
+      console.error(`[fetch-token] Opening browser…\n`);
+      console.error(`If it does not open, visit:\n${authorizeUrl}\n`);
+      openBrowser(authorizeUrl);
+    });
+
+    server.on("error", reject);
+  });
+}
+
+async function main() {
+  console.error(`[fetch-token] TradeOS: ${TRADEOS_CONFIG.baseUrl}`);
+  console.error(`[fetch-token] redirect_uri: ${OAUTH_CONFIG.redirectUri}`);
+  console.error(
+    "[fetch-token] Log in with your TradeOS account when the browser opens.\n",
+  );
+
+  const codeVerifier = generateCodeVerifier();
+  const code = await waitForAuthorizationCode(codeVerifier);
+  const accessToken = await exchangeCodeForToken(code, codeVerifier);
+
+  console.error("\n[fetch-token] Success. Put this in .env:\n");
+  console.log(`${BRIDGE_CONFIG.accessTokenEnv}=${accessToken}`);
+  console.error(
+    "\n[fetch-token] Token is a JWT (starts with eyJ…). Do not commit it to git.\n",
+  );
+}
+
+main().catch((e) => {
+  console.error(`[fetch-token] ${e instanceof Error ? e.message : String(e)}`);
+  process.exit(1);
+});

package/server.json

@@ -0,0 +1,45 @@
+{
+  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
+  "name": "io.github.TradeOS-AI/tradeos-mcp-test",
+  "title": "TradeOS (test)",
+  "description": "[TEST] TradeOS MCP bridge: ticker search, My Agent, chart TA, macro news. npm or HTTP.",
+  "websiteUrl": "https://tradeos.gitbook.io/tradeosaifaq/tradeos-mcp-integration-and-usage",
+  "repository": {
+    "url": "https://github.com/TradeOS-AI/tradeos-mcp",
+    "source": "github"
+  },
+  "version": "1.0.0-alpha.1",
+  "remotes": [
+    {
+      "type": "streamable-http",
+      "url": "https://ai.tradeos.xyz/api/agent/mcp/mcp-call"
+    }
+  ],
+  "packages": [
+    {
+      "registryType": "npm",
+      "registryBaseUrl": "https://registry.npmjs.org",
+      "identifier": "@tradeos/tradeos-mcp-test",
+      "version": "1.0.0-alpha.1",
+      "runtimeHint": "npx",
+      "runtimeArguments": [
+        {
+          "type": "positional",
+          "value": "-y"
+        }
+      ],
+      "transport": {
+        "type": "stdio"
+      },
+      "environmentVariables": [
+        {
+          "name": "TRADEOS_ACCESS_TOKEN",
+          "description": "OAuth Bearer for mcp-call. Run: npx tradeos-mcp-test-oauth, then paste the printed token.",
+          "format": "string",
+          "isRequired": true,
+          "isSecret": true
+        }
+      ]
+    }
+  ]
+}