@tymio/mcp-server 1.0.0 → 1.0.1

package/dist/oauthCallbackServer.js

@@ -0,0 +1,89 @@
+import http from "node:http";
+/**
+ * Listens on the host/port of `redirectUrl` and resolves with the authorization `code`
+ * once the browser hits the redirect URI. Resolves after the socket is accepting connections.
+ */
+export async function startOAuthCallbackServer(redirectUrl, provider) {
+    const pathname = redirectUrl.pathname || "/";
+    let resolveCode;
+    let rejectWait;
+    const waitForCode = new Promise((resolve, reject) => {
+        resolveCode = resolve;
+        rejectWait = reject;
+    });
+    const server = http.createServer(async (req, res) => {
+        try {
+            if (!req.url) {
+                res.writeHead(400);
+                res.end("Bad request");
+                return;
+            }
+            const u = new URL(req.url, `http://${req.headers.host ?? "127.0.0.1"}`);
+            if (u.pathname !== pathname) {
+                res.writeHead(404);
+                res.end("Not found");
+                return;
+            }
+            const code = u.searchParams.get("code");
+            const state = u.searchParams.get("state");
+            const errParam = u.searchParams.get("error");
+            if (errParam) {
+                const desc = u.searchParams.get("error_description") ?? errParam;
+                res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
+                res.end(`<p>Authorization failed: ${escapeHtml(desc)}</p>`);
+                rejectWait(new Error(desc));
+                return;
+            }
+            if (!code || !state) {
+                res.writeHead(400);
+                res.end("Missing code or state");
+                rejectWait(new Error("Missing authorization code"));
+                return;
+            }
+            const expected = await provider.state();
+            if (state !== expected) {
+                res.writeHead(400);
+                res.end("Invalid state");
+                rejectWait(new Error("OAuth state mismatch"));
+                return;
+            }
+            res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
+            res.end("<p>Signed in to Tymio. You can close this tab and return to the terminal.</p>");
+            resolveCode(code);
+        }
+        catch (e) {
+            res.writeHead(500);
+            res.end("Internal error");
+            rejectWait(e instanceof Error ? e : new Error(String(e)));
+        }
+    });
+    const host = redirectUrl.hostname;
+    const port = Number(redirectUrl.port) || (redirectUrl.protocol === "https:" ? 443 : 80);
+    const listening = new Promise((resolve, reject) => {
+        server.once("error", reject);
+        server.listen(port, host, () => {
+            process.stderr.write(`Listening for OAuth callback on ${redirectUrl.origin}${pathname}\n`);
+            server.off("error", reject);
+            resolve();
+        });
+    });
+    try {
+        await listening;
+    }
+    catch (err) {
+        server.close();
+        throw err instanceof Error ? err : new Error(String(err));
+    }
+    server.on("error", (err) => {
+        rejectWait(err instanceof Error ? err : new Error(String(err)));
+    });
+    return {
+        waitForCode,
+        close: () => {
+            server.close();
+        }
+    };
+}
+function escapeHtml(s) {
+    return s.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;");
+}

package/dist/stdioHints.d.ts

@@ -0,0 +1,5 @@
+/**
+ * One-line stderr hint when starting stdio (does not touch stdout — MCP JSON-RPC stays clean).
+ * Suppress with TYMIO_MCP_QUIET=1 or non-TTY stderr.
+ */
+export declare function writeStdioStartupHint(mode: "oauth" | "api-key"): void;

package/dist/stdioHints.js

@@ -0,0 +1,16 @@
+/**
+ * One-line stderr hint when starting stdio (does not touch stdout — MCP JSON-RPC stays clean).
+ * Suppress with TYMIO_MCP_QUIET=1 or non-TTY stderr.
+ */
+export function writeStdioStartupHint(mode) {
+    if (process.env.TYMIO_MCP_QUIET)
+        return;
+    if (!process.stderr.isTTY)
+        return;
+    if (mode === "oauth") {
+        process.stderr.write("[tymio-mcp] OAuth proxy to Tymio MCP. No MCP key in Tymio Settings — use login/OAuth. First run: `tymio-mcp login`. Guide: `tymio-mcp instructions` | `tymio-mcp help`\n");
+    }
+    else {
+        process.stderr.write("[tymio-mcp] API-key REST bridge. Set DRD_API_BASE_URL + DRD_API_KEY. Agent guide: `tymio-mcp instructions`\n");
+    }
+}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@tymio/mcp-server",
-  "version": "1.0.0",
-  "description": "Tymio hub MCP server (stdio) — exposes REST APIs as MCP tools via API key",
+  "version": "1.0.1",
+  "description": "Tymio MCP CLI: OAuth stdio proxy to hosted MCP, or API-key REST tool bridge",
   "type": "module",
   "main": "dist/index.js",
   "bin": {
@@ -9,13 +9,16 @@
   },
   "files": [
     "dist",
-    "README.md"
+    "README.md",
+    "TYMIO_MCP_CLI_AGENT_GUIDANCE.md"
   ],
   "scripts": {
     "clean": "rm -rf dist",
     "build": "tsc -p tsconfig.json",
     "start": "node dist/index.js",
     "dev": "tsx src/index.ts",
+    "test": "vitest run",
+    "test:watch": "vitest",
     "prepublishOnly": "npm run clean && npm run build"
   },
   "dependencies": {
@@ -25,9 +28,18 @@
   "devDependencies": {
     "@types/node": "^22.13.14",
     "tsx": "^4.19.3",
-    "typescript": "^5.8.2"
+    "typescript": "^5.8.2",
+    "vitest": "^4.0.18"
   },
   "engines": {
     "node": ">=20.0.0"
-  }
+  },
+  "keywords": [
+    "mcp",
+    "tymio",
+    "model-context-protocol",
+    "cursor",
+    "oauth",
+    "stdio"
+  ]
 }