@upload-post/mcp 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (112) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +225 -0
  3. package/dist/client.d.ts +32 -0
  4. package/dist/client.d.ts.map +1 -0
  5. package/dist/client.js +61 -0
  6. package/dist/client.js.map +1 -0
  7. package/dist/index.d.ts +3 -0
  8. package/dist/index.d.ts.map +1 -0
  9. package/dist/index.js +66 -0
  10. package/dist/index.js.map +1 -0
  11. package/dist/oauth/auth_resolver.d.ts +33 -0
  12. package/dist/oauth/auth_resolver.d.ts.map +1 -0
  13. package/dist/oauth/auth_resolver.js +30 -0
  14. package/dist/oauth/auth_resolver.js.map +1 -0
  15. package/dist/oauth/authorize.d.ts +18 -0
  16. package/dist/oauth/authorize.d.ts.map +1 -0
  17. package/dist/oauth/authorize.js +26 -0
  18. package/dist/oauth/authorize.js.map +1 -0
  19. package/dist/oauth/config.d.ts +19 -0
  20. package/dist/oauth/config.d.ts.map +1 -0
  21. package/dist/oauth/config.js +28 -0
  22. package/dist/oauth/config.js.map +1 -0
  23. package/dist/oauth/http_utils.d.ts +8 -0
  24. package/dist/oauth/http_utils.d.ts.map +1 -0
  25. package/dist/oauth/http_utils.js +48 -0
  26. package/dist/oauth/http_utils.js.map +1 -0
  27. package/dist/oauth/introspect_cache.d.ts +19 -0
  28. package/dist/oauth/introspect_cache.d.ts.map +1 -0
  29. package/dist/oauth/introspect_cache.js +40 -0
  30. package/dist/oauth/introspect_cache.js.map +1 -0
  31. package/dist/oauth/metadata.d.ts +35 -0
  32. package/dist/oauth/metadata.d.ts.map +1 -0
  33. package/dist/oauth/metadata.js +43 -0
  34. package/dist/oauth/metadata.js.map +1 -0
  35. package/dist/oauth/registration.d.ts +14 -0
  36. package/dist/oauth/registration.d.ts.map +1 -0
  37. package/dist/oauth/registration.js +40 -0
  38. package/dist/oauth/registration.js.map +1 -0
  39. package/dist/oauth/tokens.d.ts +15 -0
  40. package/dist/oauth/tokens.d.ts.map +1 -0
  41. package/dist/oauth/tokens.js +43 -0
  42. package/dist/oauth/tokens.js.map +1 -0
  43. package/dist/oauth/upstream_client.d.ts +32 -0
  44. package/dist/oauth/upstream_client.d.ts.map +1 -0
  45. package/dist/oauth/upstream_client.js +62 -0
  46. package/dist/oauth/upstream_client.js.map +1 -0
  47. package/dist/schemas.d.ts +38 -0
  48. package/dist/schemas.d.ts.map +1 -0
  49. package/dist/schemas.js +121 -0
  50. package/dist/schemas.js.map +1 -0
  51. package/dist/server.d.ts +4 -0
  52. package/dist/server.d.ts.map +1 -0
  53. package/dist/server.js +36 -0
  54. package/dist/server.js.map +1 -0
  55. package/dist/tools/analytics.d.ts +4 -0
  56. package/dist/tools/analytics.d.ts.map +1 -0
  57. package/dist/tools/analytics.js +74 -0
  58. package/dist/tools/analytics.js.map +1 -0
  59. package/dist/tools/comments.d.ts +4 -0
  60. package/dist/tools/comments.d.ts.map +1 -0
  61. package/dist/tools/comments.js +108 -0
  62. package/dist/tools/comments.js.map +1 -0
  63. package/dist/tools/dms.d.ts +4 -0
  64. package/dist/tools/dms.d.ts.map +1 -0
  65. package/dist/tools/dms.js +100 -0
  66. package/dist/tools/dms.js.map +1 -0
  67. package/dist/tools/ffmpeg.d.ts +4 -0
  68. package/dist/tools/ffmpeg.d.ts.map +1 -0
  69. package/dist/tools/ffmpeg.js +96 -0
  70. package/dist/tools/ffmpeg.js.map +1 -0
  71. package/dist/tools/media_uploads.d.ts +4 -0
  72. package/dist/tools/media_uploads.d.ts.map +1 -0
  73. package/dist/tools/media_uploads.js +106 -0
  74. package/dist/tools/media_uploads.js.map +1 -0
  75. package/dist/tools/pages.d.ts +4 -0
  76. package/dist/tools/pages.d.ts.map +1 -0
  77. package/dist/tools/pages.js +101 -0
  78. package/dist/tools/pages.js.map +1 -0
  79. package/dist/tools/queue.d.ts +4 -0
  80. package/dist/tools/queue.d.ts.map +1 -0
  81. package/dist/tools/queue.js +79 -0
  82. package/dist/tools/queue.js.map +1 -0
  83. package/dist/tools/schedule.d.ts +4 -0
  84. package/dist/tools/schedule.d.ts.map +1 -0
  85. package/dist/tools/schedule.js +48 -0
  86. package/dist/tools/schedule.js.map +1 -0
  87. package/dist/tools/status.d.ts +4 -0
  88. package/dist/tools/status.d.ts.map +1 -0
  89. package/dist/tools/status.js +67 -0
  90. package/dist/tools/status.js.map +1 -0
  91. package/dist/tools/upload.d.ts +10 -0
  92. package/dist/tools/upload.d.ts.map +1 -0
  93. package/dist/tools/upload.js +397 -0
  94. package/dist/tools/upload.js.map +1 -0
  95. package/dist/tools/upload_studio.d.ts +3 -0
  96. package/dist/tools/upload_studio.d.ts.map +1 -0
  97. package/dist/tools/upload_studio.js +808 -0
  98. package/dist/tools/upload_studio.js.map +1 -0
  99. package/dist/tools/users.d.ts +4 -0
  100. package/dist/tools/users.d.ts.map +1 -0
  101. package/dist/tools/users.js +95 -0
  102. package/dist/tools/users.js.map +1 -0
  103. package/dist/transport/http.d.ts +33 -0
  104. package/dist/transport/http.d.ts.map +1 -0
  105. package/dist/transport/http.js +263 -0
  106. package/dist/transport/http.js.map +1 -0
  107. package/dist/transport/stdio.d.ts +3 -0
  108. package/dist/transport/stdio.d.ts.map +1 -0
  109. package/dist/transport/stdio.js +7 -0
  110. package/dist/transport/stdio.js.map +1 -0
  111. package/examples/mcp-config.json +11 -0
  112. package/package.json +68 -0
@@ -0,0 +1 @@
1
+ {"version":3,"file":"upload_studio.js","sourceRoot":"","sources":["../../src/tools/upload_studio.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,MAAM,iBAAiB,GAAG,2CAA2C,CAAC;AACtE,MAAM,aAAa,GAAG,CACpB,OAAO,CAAC,GAAG,CAAC,yBAAyB;IACrC,OAAO,CAAC,GAAG,CAAC,YAAY;IACxB,6BAA6B,CAC9B,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACrB,MAAM,0BAA0B,GAAG;IACjC,mEAAmE;IACnE,8FAA8F;IAC9F,mEAAmE;IACnE,8FAA8F;CAC/F,CAAC;AACF,MAAM,kBAAkB,GAAG,CACzB,OAAO,CAAC,GAAG,CAAC,8BAA8B;IAC1C,OAAO,CAAC,GAAG,CAAC,6BAA6B;IACzC,0BAA0B,CAAC,IAAI,CAAC,GAAG,CAAC,CACrC;KACE,KAAK,CAAC,GAAG,CAAC;KACV,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;KACjD,MAAM,CAAC,OAAO,CAAC,CAAC;AAEnB,MAAM,uBAAuB,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC;AAE7D,MAAM,YAAY,GAAG;IACnB,EAAE,EAAE;QACF,aAAa,EAAE,IAAI;QACnB,MAAM,EAAE,aAAa;QACrB,GAAG,EAAE;YACH,cAAc,EAAE,kBAAkB;YAClC,eAAe,EAAE,EAAE;SACpB;KACF;IACD,0BAA0B,EACxB,wHAAwH;IAC1H,4BAA4B,EAAE,IAAI;IAClC,qBAAqB,EAAE,aAAa;IACpC,kBAAkB,EAAE;QAClB,eAAe,EAAE,kBAAkB;QACnC,gBAAgB,EAAE,EAAE;KACrB;CACF,CAAC;AAEF,MAAM,UAAU,oBAAoB,CAAC,MAAiB;IACpD,MAAM,CAAC,gBAAgB,CACrB,iCAAiC,EACjC,iBAAiB,EACjB;QACE,KAAK,EAAE,0BAA0B;QACjC,WAAW,EAAE,mEAAmE;QAChF,QAAQ,EAAE,qBAAqB;QAC/B,KAAK,EAAE,YAAY;KACpB,EACD,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QACd,QAAQ,EAAE;YACR;gBACE,GAAG,EAAE,GAAG,CAAC,IAAI;gBACb,QAAQ,EAAE,qBAAqB;gBAC/B,IAAI,EAAE,gBAAgB;gBACtB,KAAK,EAAE,YAAY;aACpB;SACF;KACF,CAAC,CACH,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,oBAAoB,EACpB;QACE,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EACT,ibAAib;QACnb,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,+CAA+C,CAAC;YACrF,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,kCAAkC,CAAC;YACzF,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,oCAAoC,CAAC;YAC3E,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,kCAAkC,CAAC;YAC/E,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,oCAAoC,CAAC;YAClF,kBAAkB,EAAE,uBAAuB,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAC7D,sCAAsC,CACvC;SACF;QACD,YAAY,EAAE;YACZ,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;YAChB,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC;YACjC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;YACjB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;YACvB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;YACxB,kBAAkB,EAAE,uBAAuB;SAC5C;QACD,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,aAAa,EAAE,KAAK;YACpB,eAAe,EAAE,KAAK;SACvB;QACD,KAAK,EAAE;YACL,EAAE,EAAE;gBACF,WAAW,EAAE,iBAAiB;gBAC9B,UAAU,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC;aAC7B;YACD,uBAAuB,EAAE,iBAAiB;YAC1C,yBAAyB,EAAE,IAAI;YAC/B,gCAAgC,EAAE,wBAAwB;YAC1D,+BAA+B,EAAE,sBAAsB;SACxD;KACF,EACD,KAAK,EAAE,IAAI,EAAE,EAAE;QACb,MAAM,KAAK,GAAG,IAOb,CAAC;QACF,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,KAAK,CAAC,WAAW,IAAI,EAAE,CAAC;QACrD,OAAO;YACL,iBAAiB,EAAE;gBACjB,IAAI,EAAE,KAAK,CAAC,IAAI,IAAI,EAAE;gBACtB,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;gBACpE,KAAK;gBACL,WAAW,EAAE,KAAK,CAAC,WAAW,IAAI,KAAK;gBACvC,YAAY,EAAE,KAAK,CAAC,YAAY,IAAI,EAAE;gBACtC,kBAAkB,EAAE,KAAK,CAAC,kBAAkB,IAAI,OAAO;aACxD;YACD,OAAO,EAAE;gBACP;oBACE,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,oCAAoC;iBAC3C;aACF;SACF,CAAC;IACJ,CAAC,CACF,CAAC;AACJ,CAAC;AAED,MAAM,gBAAgB,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QA2rBjB,CAAC"}
@@ -0,0 +1,4 @@
1
+ import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
2
+ import type { UploadPostMcpClient } from "../client.js";
3
+ export declare function registerUserTools(server: McpServer, client: UploadPostMcpClient): void;
4
+ //# sourceMappingURL=users.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"users.d.ts","sourceRoot":"","sources":["../../src/tools/users.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACzE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAIxD,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,mBAAmB,GAAG,IAAI,CA2HtF"}
@@ -0,0 +1,95 @@
1
+ import { z } from "zod";
2
+ import { compact } from "../client.js";
3
+ import { genericResultOutputSchema, safe } from "../schemas.js";
4
+ export function registerUserTools(server, client) {
5
+ server.registerTool("get_account_info", {
6
+ title: "Validate API key & get account",
7
+ description: "Validate the current API key and return account information. Useful as a first call to confirm credentials before doing real work.",
8
+ inputSchema: {},
9
+ outputSchema: genericResultOutputSchema,
10
+ annotations: {
11
+ readOnlyHint: true,
12
+ openWorldHint: false,
13
+ destructiveHint: false,
14
+ },
15
+ }, safe(async () => client.request("GET", "/uploadposts/me")));
16
+ server.registerTool("list_users", {
17
+ title: "List profiles",
18
+ description: "List all Upload-Post profiles in the account, with their connected social accounts.",
19
+ inputSchema: {},
20
+ outputSchema: genericResultOutputSchema,
21
+ annotations: {
22
+ readOnlyHint: true,
23
+ openWorldHint: false,
24
+ destructiveHint: false,
25
+ },
26
+ }, safe(async () => client.sdk.listUsers()));
27
+ server.registerTool("create_user", {
28
+ title: "Create profile",
29
+ description: "Create a new Upload-Post profile (logical container for connected socials).",
30
+ inputSchema: {
31
+ username: z.string(),
32
+ },
33
+ outputSchema: genericResultOutputSchema,
34
+ annotations: {
35
+ readOnlyHint: false,
36
+ openWorldHint: false,
37
+ destructiveHint: false,
38
+ },
39
+ }, safe(async ({ username }) => client.sdk.createUser(username)));
40
+ server.registerTool("delete_user", {
41
+ title: "Delete profile",
42
+ description: "Permanently delete a profile and disconnect its socials.",
43
+ inputSchema: {
44
+ username: z.string(),
45
+ },
46
+ outputSchema: genericResultOutputSchema,
47
+ annotations: {
48
+ readOnlyHint: false,
49
+ openWorldHint: false,
50
+ destructiveHint: true,
51
+ },
52
+ }, safe(async ({ username }) => client.sdk.deleteUser(username)));
53
+ server.registerTool("generate_jwt", {
54
+ title: "Generate platform-integration JWT",
55
+ description: "Generate a JWT + connection URL so an end-user can connect socials inside an embedded Upload-Post flow (white-label integration).",
56
+ inputSchema: {
57
+ username: z.string(),
58
+ redirectUrl: z.string().optional(),
59
+ logoImage: z.string().optional(),
60
+ redirectButtonText: z.string().optional(),
61
+ platforms: z.array(z.string()).optional(),
62
+ showCalendar: z.boolean().optional(),
63
+ readonlyCalendar: z.boolean().optional(),
64
+ connectTitle: z.string().optional(),
65
+ connectDescription: z.string().optional(),
66
+ language: z
67
+ .enum(["en", "es", "de", "fr", "pt"])
68
+ .optional()
69
+ .describe("Force the connection page language for this profile. When omitted, the page auto-detects the visitor's browser language and falls back to English."),
70
+ },
71
+ outputSchema: genericResultOutputSchema,
72
+ annotations: {
73
+ readOnlyHint: false,
74
+ openWorldHint: false,
75
+ destructiveHint: false,
76
+ },
77
+ }, safe(async (args) => {
78
+ const { username, ...rest } = args;
79
+ return client.sdk.generateJwt(username, compact(rest));
80
+ }));
81
+ server.registerTool("validate_jwt", {
82
+ title: "Validate platform-integration JWT",
83
+ description: "Verify a JWT previously issued by `generate_jwt`.",
84
+ inputSchema: {
85
+ jwt: z.string(),
86
+ },
87
+ outputSchema: genericResultOutputSchema,
88
+ annotations: {
89
+ readOnlyHint: true,
90
+ openWorldHint: false,
91
+ destructiveHint: false,
92
+ },
93
+ }, safe(async ({ jwt }) => client.sdk.validateJwt(jwt)));
94
+ }
95
+ //# sourceMappingURL=users.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"users.js","sourceRoot":"","sources":["../../src/tools/users.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAEhE,MAAM,UAAU,iBAAiB,CAAC,MAAiB,EAAE,MAA2B;IAC9E,MAAM,CAAC,YAAY,CACjB,kBAAkB,EAClB;QACE,KAAK,EAAE,gCAAgC;QACvC,WAAW,EACT,oIAAoI;QACtI,WAAW,EAAE,EAAE;QACf,YAAY,EAAE,yBAAyB;QACvC,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,aAAa,EAAE,KAAK;YACpB,eAAe,EAAE,KAAK;SACvB;KACF,EACD,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,iBAAiB,CAAC,CAAC,CAC3D,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,YAAY,EACZ;QACE,KAAK,EAAE,eAAe;QACtB,WAAW,EAAE,qFAAqF;QAClG,WAAW,EAAE,EAAE;QACf,YAAY,EAAE,yBAAyB;QACvC,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,aAAa,EAAE,KAAK;YACpB,eAAe,EAAE,KAAK;SACvB;KACF,EACD,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CACzC,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,aAAa,EACb;QACE,KAAK,EAAE,gBAAgB;QACvB,WAAW,EAAE,6EAA6E;QAC1F,WAAW,EAAE;YACX,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;SACrB;QACD,YAAY,EAAE,yBAAyB;QACvC,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;YACnB,aAAa,EAAE,KAAK;YACpB,eAAe,EAAE,KAAK;SACvB;KACF,EACD,IAAI,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,QAAkB,CAAC,CAAC,CACxE,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,aAAa,EACb;QACE,KAAK,EAAE,gBAAgB;QACvB,WAAW,EAAE,0DAA0D;QACvE,WAAW,EAAE;YACX,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;SACrB;QACD,YAAY,EAAE,yBAAyB;QACvC,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;YACnB,aAAa,EAAE,KAAK;YACpB,eAAe,EAAE,IAAI;SACtB;KACF,EACD,IAAI,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,QAAkB,CAAC,CAAC,CACxE,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,cAAc,EACd;QACE,KAAK,EAAE,mCAAmC;QAC1C,WAAW,EACT,mIAAmI;QACrI,WAAW,EAAE;YACX,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;YACpB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAClC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAChC,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YACzC,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;YACzC,YAAY,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;YACpC,gBAAgB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;YACxC,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YACnC,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YACzC,QAAQ,EAAE,CAAC;iBACR,IAAI,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;iBACpC,QAAQ,EAAE;iBACV,QAAQ,CACP,oJAAoJ,CACrJ;SACJ;QACD,YAAY,EAAE,yBAAyB;QACvC,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;YACnB,aAAa,EAAE,KAAK;YACpB,eAAe,EAAE,KAAK;SACvB;KACF,EACD,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;QAClB,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,EAAE,GAAG,IAAkD,CAAC;QACjF,OAAO,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAU,CAAC,CAAC;IAClE,CAAC,CAAC,CACH,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,cAAc,EACd;QACE,KAAK,EAAE,mCAAmC;QAC1C,WAAW,EAAE,mDAAmD;QAChE,WAAW,EAAE;YACX,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;SAChB;QACD,YAAY,EAAE,yBAAyB;QACvC,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,aAAa,EAAE,KAAK;YACpB,eAAe,EAAE,KAAK;SACvB;KACF,EACD,IAAI,CAAC,KAAK,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,GAAa,CAAC,CAAC,CAC/D,CAAC;AACJ,CAAC"}
@@ -0,0 +1,33 @@
1
+ import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
2
+ import { UploadPostMcpClient } from "../client.js";
3
+ export interface HttpOptions {
4
+ port: number;
5
+ /** Optional override for upstream Upload-Post base URL. */
6
+ baseUrl?: string;
7
+ /**
8
+ * Factory that turns a freshly-built per-session `UploadPostMcpClient` into
9
+ * an `McpServer` with the tools registered. Injected so transport stays
10
+ * unaware of which tools exist.
11
+ */
12
+ buildServer: (client: UploadPostMcpClient) => McpServer;
13
+ }
14
+ /**
15
+ * Multi-tenant streamable-HTTP host.
16
+ *
17
+ * Each MCP session owns:
18
+ * - one Upload-Post API key (either pasted directly via `Authorization:
19
+ * ApiKey/Bearer <key>`, or resolved from an OAuth `Bearer up_oauth_...`
20
+ * access token via upstream introspection),
21
+ * - one `UploadPostMcpClient` bound to that key,
22
+ * - one `McpServer` with tools that close over that client.
23
+ *
24
+ * Subsequent requests on the same session route to the same transport via the
25
+ * `mcp-session-id` header. Closing the transport drops the session from the
26
+ * map so the per-user state can be GC'd.
27
+ *
28
+ * The server itself stores nothing permanently — keys live only inside the
29
+ * in-memory client of the session that received them. The OAuth introspection
30
+ * cache is a TTL'd lookup table keyed by SHA-256(token), not raw plaintexts.
31
+ */
32
+ export declare function runHttp(opts: HttpOptions): Promise<void>;
33
+ //# sourceMappingURL=http.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../../src/transport/http.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACzE,OAAO,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAenD,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,2DAA2D;IAC3D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB;;;;OAIG;IACH,WAAW,EAAE,CAAC,MAAM,EAAE,mBAAmB,KAAK,SAAS,CAAC;CACzD;AAgBD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,OAAO,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CA4I9D"}
@@ -0,0 +1,263 @@
1
+ import { createServer } from "node:http";
2
+ import { randomUUID } from "node:crypto";
3
+ import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
4
+ import { UploadPostMcpClient } from "../client.js";
5
+ import { loadOAuthConfig } from "../oauth/config.js";
6
+ import { authorizationServerMetadata, protectedResourceMetadata, serveJson, } from "../oauth/metadata.js";
7
+ import { handleRegistration } from "../oauth/registration.js";
8
+ import { handleAuthorize } from "../oauth/authorize.js";
9
+ import { handleToken, handleRevoke } from "../oauth/tokens.js";
10
+ import { UpstreamOAuthClient } from "../oauth/upstream_client.js";
11
+ import { IntrospectCache } from "../oauth/introspect_cache.js";
12
+ import { resolveAuth } from "../oauth/auth_resolver.js";
13
+ const OPENAI_APPS_CHALLENGE_PATH = "/.well-known/openai-apps-challenge";
14
+ // Glama directory ownership verification. Glama claims a connector by fetching
15
+ // /.well-known/glama.json from the server's domain and matching a maintainer
16
+ // email. Override the email via GLAMA_MAINTAINER_EMAIL if needed.
17
+ const GLAMA_WELL_KNOWN_PATH = "/.well-known/glama.json";
18
+ const GLAMA_MAINTAINER_EMAIL = process.env.GLAMA_MAINTAINER_EMAIL ?? "jc.caverogracia@gmail.com";
19
+ const DEFAULT_OPENAI_APPS_CHALLENGE_TOKEN = "9O0B9c5XudnvLv1et2HdZ9WG2_H85jGPciJ7c8QBHjY";
20
+ /**
21
+ * Multi-tenant streamable-HTTP host.
22
+ *
23
+ * Each MCP session owns:
24
+ * - one Upload-Post API key (either pasted directly via `Authorization:
25
+ * ApiKey/Bearer <key>`, or resolved from an OAuth `Bearer up_oauth_...`
26
+ * access token via upstream introspection),
27
+ * - one `UploadPostMcpClient` bound to that key,
28
+ * - one `McpServer` with tools that close over that client.
29
+ *
30
+ * Subsequent requests on the same session route to the same transport via the
31
+ * `mcp-session-id` header. Closing the transport drops the session from the
32
+ * map so the per-user state can be GC'd.
33
+ *
34
+ * The server itself stores nothing permanently — keys live only inside the
35
+ * in-memory client of the session that received them. The OAuth introspection
36
+ * cache is a TTL'd lookup table keyed by SHA-256(token), not raw plaintexts.
37
+ */
38
+ export async function runHttp(opts) {
39
+ const sessions = new Map();
40
+ const oauthCfg = loadOAuthConfig();
41
+ const upstream = new UpstreamOAuthClient(oauthCfg);
42
+ const introspectCache = new IntrospectCache(oauthCfg.introspectCacheTtlMs);
43
+ const authDeps = { cfg: oauthCfg, upstream, cache: introspectCache };
44
+ const httpServer = createServer(async (req, res) => {
45
+ const url = req.url ?? "";
46
+ const method = req.method ?? "GET";
47
+ // ----- ChatGPT Apps domain verification -----------------------------
48
+ // This must be reachable publicly before Origin validation because the
49
+ // OpenAI verifier may include its own browser/developer-console Origin.
50
+ if (isOpenAiAppsChallengePath(url)) {
51
+ if (method === "OPTIONS") {
52
+ return sendOpenAiAppsChallengeOptions(res);
53
+ }
54
+ if (method === "GET" || method === "HEAD") {
55
+ return sendOpenAiAppsChallenge(res, method);
56
+ }
57
+ res.statusCode = 405;
58
+ res.setHeader("allow", "GET, HEAD, OPTIONS");
59
+ res.end("Method Not Allowed");
60
+ return;
61
+ }
62
+ // ----- Glama directory ownership verification -----------------------
63
+ // Served publicly (before Origin validation) so Glama's verifier can fetch
64
+ // it. Static file matching the connector.json schema with our maintainer.
65
+ if (method === "GET" && url === GLAMA_WELL_KNOWN_PATH) {
66
+ return serveJson(res, {
67
+ $schema: "https://glama.ai/mcp/schemas/connector.json",
68
+ maintainers: [{ email: GLAMA_MAINTAINER_EMAIL }],
69
+ });
70
+ }
71
+ // ----- Defense-in-depth: Origin validation --------------------------
72
+ // The MCP spec recommends rejecting requests whose `Origin` header (when
73
+ // present) is not on a known allow-list, to prevent DNS-rebinding attacks
74
+ // against agents that connect from a browser. Server-to-server callers
75
+ // (claude.ai backend, curl, etc.) typically omit the header — those pass
76
+ // through unchanged. Bearer/ApiKey auth on /mcp remains the primary gate.
77
+ if (!isOriginAllowed(req.headers["origin"])) {
78
+ res.statusCode = 403;
79
+ res.setHeader("content-type", "application/json");
80
+ res.end(JSON.stringify({ error: "origin_not_allowed" }));
81
+ return;
82
+ }
83
+ // ----- Liveness ------------------------------------------------------
84
+ if (method === "GET" && (url === "/healthz" || url === "/health")) {
85
+ res.statusCode = 200;
86
+ res.setHeader("content-type", "application/json");
87
+ res.end(JSON.stringify({ ok: true, oauth: oauthCfg.enabled }));
88
+ return;
89
+ }
90
+ // ----- OAuth surface (only if configured) ----------------------------
91
+ if (oauthCfg.enabled) {
92
+ if (method === "GET" && url === "/.well-known/oauth-protected-resource") {
93
+ return serveJson(res, protectedResourceMetadata(oauthCfg));
94
+ }
95
+ if (method === "GET" && url === "/.well-known/oauth-authorization-server") {
96
+ return serveJson(res, authorizationServerMetadata(oauthCfg));
97
+ }
98
+ if (method === "POST" && url === "/register") {
99
+ return handleRegistration(req, res);
100
+ }
101
+ if (method === "GET" && url.startsWith("/authorize")) {
102
+ return handleAuthorize(req, res, oauthCfg);
103
+ }
104
+ if (method === "POST" && url === "/token") {
105
+ return handleToken(req, res, upstream);
106
+ }
107
+ if (method === "POST" && url === "/revoke") {
108
+ return handleRevoke(req, res, upstream, introspectCache);
109
+ }
110
+ }
111
+ // ----- MCP -----------------------------------------------------------
112
+ if (url !== "/mcp") {
113
+ res.statusCode = 404;
114
+ res.end("Not Found");
115
+ return;
116
+ }
117
+ const sessionId = req.headers["mcp-session-id"];
118
+ let session = sessionId ? sessions.get(sessionId) : undefined;
119
+ if (!session) {
120
+ const resolution = await resolveAuth(req.headers["authorization"], authDeps);
121
+ if (!resolution) {
122
+ return sendUnauthorized(res, oauthCfg.enabled, oauthCfg.issuer);
123
+ }
124
+ const client = new UploadPostMcpClient({ apiKey: resolution.apiKey, baseUrl: opts.baseUrl });
125
+ const server = opts.buildServer(client);
126
+ const transport = new StreamableHTTPServerTransport({
127
+ sessionIdGenerator: () => randomUUID(),
128
+ onsessioninitialized: (id) => {
129
+ sessions.set(id, { transport, server });
130
+ },
131
+ });
132
+ transport.onclose = () => {
133
+ if (transport.sessionId)
134
+ sessions.delete(transport.sessionId);
135
+ };
136
+ await server.connect(transport);
137
+ session = { transport, server };
138
+ }
139
+ let body = undefined;
140
+ if (method === "POST") {
141
+ const chunks = [];
142
+ for await (const chunk of req)
143
+ chunks.push(chunk);
144
+ const raw = Buffer.concat(chunks).toString("utf8");
145
+ if (raw.length) {
146
+ try {
147
+ body = JSON.parse(raw);
148
+ }
149
+ catch {
150
+ res.statusCode = 400;
151
+ res.end("Invalid JSON");
152
+ return;
153
+ }
154
+ }
155
+ }
156
+ await session.transport.handleRequest(req, res, body);
157
+ });
158
+ await new Promise((resolve) => {
159
+ httpServer.listen(opts.port, () => {
160
+ process.stderr.write(`[upload-post-mcp] streamable HTTP listening on http://0.0.0.0:${opts.port}/mcp ` +
161
+ `(auth: ApiKey/Bearer header${oauthCfg.enabled ? " + OAuth 2.1 (PKCE+DCR)" : ""})\n`);
162
+ resolve();
163
+ });
164
+ });
165
+ }
166
+ /**
167
+ * 401 with both a legacy `ApiKey` challenge and (when OAuth is enabled) the
168
+ * `Bearer resource_metadata=...` challenge that claude.ai needs to discover
169
+ * the authorization server. Sending BOTH keeps the existing API-key flow
170
+ * working and unlocks the OAuth Custom-Connector flow on the same endpoint.
171
+ */
172
+ function sendUnauthorized(res, oauthEnabled, issuer) {
173
+ const challenges = [];
174
+ if (oauthEnabled) {
175
+ challenges.push(`Bearer realm="upload-post", resource_metadata="${issuer}/.well-known/oauth-protected-resource"`);
176
+ }
177
+ challenges.push('ApiKey realm="upload-post"');
178
+ res.statusCode = 401;
179
+ res.setHeader("www-authenticate", challenges.join(", "));
180
+ res.setHeader("content-type", "application/json");
181
+ res.end(JSON.stringify({
182
+ error: "Missing or malformed Authorization header. Send 'Authorization: ApiKey <your_upload_post_api_key>' (or 'Bearer <key>'). Get your key at https://app.upload-post.com" +
183
+ (oauthEnabled
184
+ ? " — or connect via OAuth from a Custom Connector–capable client (e.g. claude.ai)."
185
+ : ""),
186
+ }));
187
+ }
188
+ function requestPath(url) {
189
+ const queryStart = url.indexOf("?");
190
+ return queryStart >= 0 ? url.slice(0, queryStart) : url;
191
+ }
192
+ function isOpenAiAppsChallengePath(url) {
193
+ const path = requestPath(url).replace(/\/+$/, "");
194
+ return path === OPENAI_APPS_CHALLENGE_PATH;
195
+ }
196
+ function openAiAppsChallengeToken() {
197
+ return (process.env.OPENAI_APPS_CHALLENGE_TOKEN?.trim() ||
198
+ DEFAULT_OPENAI_APPS_CHALLENGE_TOKEN);
199
+ }
200
+ function setOpenAiAppsChallengeHeaders(res) {
201
+ res.setHeader("access-control-allow-origin", "*");
202
+ res.setHeader("access-control-allow-methods", "GET, HEAD, OPTIONS");
203
+ res.setHeader("access-control-allow-headers", "*");
204
+ res.setHeader("cache-control", "no-store");
205
+ res.setHeader("vary", "Origin");
206
+ }
207
+ function sendOpenAiAppsChallengeOptions(res) {
208
+ res.statusCode = 204;
209
+ setOpenAiAppsChallengeHeaders(res);
210
+ res.end();
211
+ }
212
+ function sendOpenAiAppsChallenge(res, method) {
213
+ const token = openAiAppsChallengeToken();
214
+ res.statusCode = 200;
215
+ setOpenAiAppsChallengeHeaders(res);
216
+ res.setHeader("content-type", "text/plain; charset=utf-8");
217
+ res.setHeader("content-length", Buffer.byteLength(token));
218
+ res.end(method === "HEAD" ? undefined : token);
219
+ }
220
+ /**
221
+ * Allow-list of Origins permitted to call this server from a browser context.
222
+ * Augmented via the OAUTH_EXTRA_ALLOWED_ORIGINS env var (comma-separated)
223
+ * for self-hosters that front the server with their own dashboard origin.
224
+ *
225
+ * Requests WITHOUT an Origin header (server-to-server: claude.ai backend,
226
+ * curl, MCP stdio bridges, etc.) are allowed through — Origin only ships
227
+ * from browsers, where the DNS-rebinding risk lives.
228
+ */
229
+ function isOriginAllowed(origin) {
230
+ if (!origin || Array.isArray(origin))
231
+ return true;
232
+ const value = origin.trim();
233
+ if (!value)
234
+ return true;
235
+ const defaults = new Set([
236
+ "https://claude.ai",
237
+ "https://claude.com",
238
+ "https://www.claude.ai",
239
+ "https://chatgpt.com",
240
+ "https://chat.openai.com",
241
+ "https://app.upload-post.com",
242
+ "http://localhost",
243
+ "http://127.0.0.1",
244
+ ]);
245
+ for (const extra of (process.env.OAUTH_EXTRA_ALLOWED_ORIGINS ?? "").split(",")) {
246
+ const trimmed = extra.trim();
247
+ if (trimmed)
248
+ defaults.add(trimmed);
249
+ }
250
+ if (defaults.has(value))
251
+ return true;
252
+ // Allow any localhost / 127.0.0.1 port combination for local dev.
253
+ try {
254
+ const url = new URL(value);
255
+ if (url.hostname === "localhost" || url.hostname === "127.0.0.1")
256
+ return true;
257
+ }
258
+ catch {
259
+ return false;
260
+ }
261
+ return false;
262
+ }
263
+ //# sourceMappingURL=http.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"http.js","sourceRoot":"","sources":["../../src/transport/http.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAmC,MAAM,WAAW,CAAC;AAC1E,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,6BAA6B,EAAE,MAAM,oDAAoD,CAAC;AAEnG,OAAO,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAEnD,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,SAAS,GACV,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAC/D,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAmBxD,MAAM,0BAA0B,GAAG,oCAAoC,CAAC;AAExE,+EAA+E;AAC/E,6EAA6E;AAC7E,kEAAkE;AAClE,MAAM,qBAAqB,GAAG,yBAAyB,CAAC;AACxD,MAAM,sBAAsB,GAAG,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI,2BAA2B,CAAC;AACjG,MAAM,mCAAmC,GAAG,6CAA6C,CAAC;AAE1F;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,IAAiB;IAC7C,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAmB,CAAC;IAE5C,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAC;IACnC,MAAM,QAAQ,GAAG,IAAI,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IACnD,MAAM,eAAe,GAAG,IAAI,eAAe,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IAC3E,MAAM,QAAQ,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC;IAErE,MAAM,UAAU,GAAG,YAAY,CAAC,KAAK,EAAE,GAAoB,EAAE,GAAmB,EAAE,EAAE;QAClF,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,IAAI,EAAE,CAAC;QAC1B,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,KAAK,CAAC;QAEnC,uEAAuE;QACvE,uEAAuE;QACvE,wEAAwE;QACxE,IAAI,yBAAyB,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;gBACzB,OAAO,8BAA8B,CAAC,GAAG,CAAC,CAAC;YAC7C,CAAC;YACD,IAAI,MAAM,KAAK,KAAK,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC1C,OAAO,uBAAuB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAC9C,CAAC;YACD,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;YACrB,GAAG,CAAC,SAAS,CAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC;YAC7C,GAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;YAC9B,OAAO;QACT,CAAC;QAED,uEAAuE;QACvE,2EAA2E;QAC3E,0EAA0E;QAC1E,IAAI,MAAM,KAAK,KAAK,IAAI,GAAG,KAAK,qBAAqB,EAAE,CAAC;YACtD,OAAO,SAAS,CAAC,GAAG,EAAE;gBACpB,OAAO,EAAE,6CAA6C;gBACtD,WAAW,EAAE,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC;aACjD,CAAC,CAAC;QACL,CAAC;QAED,uEAAuE;QACvE,yEAAyE;QACzE,0EAA0E;QAC1E,uEAAuE;QACvE,yEAAyE;QACzE,0EAA0E;QAC1E,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAC5C,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;YACrB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAClD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC,CAAC,CAAC;YACzD,OAAO;QACT,CAAC;QAED,wEAAwE;QACxE,IAAI,MAAM,KAAK,KAAK,IAAI,CAAC,GAAG,KAAK,UAAU,IAAI,GAAG,KAAK,SAAS,CAAC,EAAE,CAAC;YAClE,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;YACrB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAClD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;YAC/D,OAAO;QACT,CAAC;QAED,wEAAwE;QACxE,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACrB,IAAI,MAAM,KAAK,KAAK,IAAI,GAAG,KAAK,uCAAuC,EAAE,CAAC;gBACxE,OAAO,SAAS,CAAC,GAAG,EAAE,yBAAyB,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC7D,CAAC;YACD,IAAI,MAAM,KAAK,KAAK,IAAI,GAAG,KAAK,yCAAyC,EAAE,CAAC;gBAC1E,OAAO,SAAS,CAAC,GAAG,EAAE,2BAA2B,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC/D,CAAC;YACD,IAAI,MAAM,KAAK,MAAM,IAAI,GAAG,KAAK,WAAW,EAAE,CAAC;gBAC7C,OAAO,kBAAkB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACtC,CAAC;YACD,IAAI,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;gBACrD,OAAO,eAAe,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC7C,CAAC;YACD,IAAI,MAAM,KAAK,MAAM,IAAI,GAAG,KAAK,QAAQ,EAAE,CAAC;gBAC1C,OAAO,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;YACzC,CAAC;YACD,IAAI,MAAM,KAAK,MAAM,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;gBAC3C,OAAO,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;QAED,wEAAwE;QACxE,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;YACnB,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;YACrB,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAuB,CAAC;QACtE,IAAI,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE9D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,QAAQ,CAAC,CAAC;YAC7E,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,OAAO,gBAAgB,CAAC,GAAG,EAAE,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;YAClE,CAAC;YAED,MAAM,MAAM,GAAG,IAAI,mBAAmB,CAAC,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;YAC7F,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YACxC,MAAM,SAAS,GAAG,IAAI,6BAA6B,CAAC;gBAClD,kBAAkB,EAAE,GAAG,EAAE,CAAC,UAAU,EAAE;gBACtC,oBAAoB,EAAE,CAAC,EAAE,EAAE,EAAE;oBAC3B,QAAQ,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;gBAC1C,CAAC;aACF,CAAC,CAAC;YACH,SAAS,CAAC,OAAO,GAAG,GAAG,EAAE;gBACvB,IAAI,SAAS,CAAC,SAAS;oBAAE,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;YAChE,CAAC,CAAC;YACF,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YAChC,OAAO,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC;QAClC,CAAC;QAED,IAAI,IAAI,GAAY,SAAS,CAAC;QAC9B,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,MAAM,MAAM,GAAa,EAAE,CAAC;YAC5B,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,GAAG;gBAAE,MAAM,CAAC,IAAI,CAAC,KAAe,CAAC,CAAC;YAC5D,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACnD,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;gBACf,IAAI,CAAC;oBACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACzB,CAAC;gBAAC,MAAM,CAAC;oBACP,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;oBACrB,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;oBACxB,OAAO;gBACT,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,OAAO,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;QAClC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE;YAChC,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,iEAAiE,IAAI,CAAC,IAAI,OAAO;gBAC/E,8BAA8B,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,yBAAyB,CAAC,CAAC,CAAC,EAAE,KAAK,CACvF,CAAC;YACF,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,SAAS,gBAAgB,CAAC,GAAmB,EAAE,YAAqB,EAAE,MAAc;IAClF,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,IAAI,YAAY,EAAE,CAAC;QACjB,UAAU,CAAC,IAAI,CACb,kDAAkD,MAAM,wCAAwC,CACjG,CAAC;IACJ,CAAC;IACD,UAAU,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;IAC9C,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;IACrB,GAAG,CAAC,SAAS,CAAC,kBAAkB,EAAE,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IACzD,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;IAClD,GAAG,CAAC,GAAG,CACL,IAAI,CAAC,SAAS,CAAC;QACb,KAAK,EACH,qKAAqK;YACrK,CAAC,YAAY;gBACX,CAAC,CAAC,kFAAkF;gBACpF,CAAC,CAAC,EAAE,CAAC;KACV,CAAC,CACH,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAAC,GAAW;IAC9B,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACpC,OAAO,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;AAC1D,CAAC;AAED,SAAS,yBAAyB,CAAC,GAAW;IAC5C,MAAM,IAAI,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAClD,OAAO,IAAI,KAAK,0BAA0B,CAAC;AAC7C,CAAC;AAED,SAAS,wBAAwB;IAC/B,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,IAAI,EAAE;QAC/C,mCAAmC,CACpC,CAAC;AACJ,CAAC;AAED,SAAS,6BAA6B,CAAC,GAAmB;IACxD,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;IAClD,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,oBAAoB,CAAC,CAAC;IACpE,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;IACnD,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;IAC3C,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC;AAED,SAAS,8BAA8B,CAAC,GAAmB;IACzD,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;IACrB,6BAA6B,CAAC,GAAG,CAAC,CAAC;IACnC,GAAG,CAAC,GAAG,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,uBAAuB,CAAC,GAAmB,EAAE,MAAc;IAClE,MAAM,KAAK,GAAG,wBAAwB,EAAE,CAAC;IACzC,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;IACrB,6BAA6B,CAAC,GAAG,CAAC,CAAC;IACnC,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,2BAA2B,CAAC,CAAC;IAC3D,GAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;IAC1D,GAAG,CAAC,GAAG,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;AACjD,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,eAAe,CAAC,MAAqC;IAC5D,IAAI,CAAC,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAClD,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;IAC5B,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACxB,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC;QACvB,mBAAmB;QACnB,oBAAoB;QACpB,uBAAuB;QACvB,qBAAqB;QACrB,yBAAyB;QACzB,6BAA6B;QAC7B,kBAAkB;QAClB,kBAAkB;KACnB,CAAC,CAAC;IACH,KAAK,MAAM,KAAK,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/E,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;QAC7B,IAAI,OAAO;YAAE,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACrC,CAAC;IACD,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACrC,kEAAkE;IAClE,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;QAC3B,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW;YAAE,OAAO,IAAI,CAAC;IAChF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}
@@ -0,0 +1,3 @@
1
+ import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
2
+ export declare function runStdio(server: McpServer): Promise<void>;
3
+ //# sourceMappingURL=stdio.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"stdio.d.ts","sourceRoot":"","sources":["../../src/transport/stdio.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAEzE,wBAAsB,QAAQ,CAAC,MAAM,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,CAI/D"}
@@ -0,0 +1,7 @@
1
+ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
2
+ export async function runStdio(server) {
3
+ const transport = new StdioServerTransport();
4
+ await server.connect(transport);
5
+ // stdio servers are kept alive by the parent process pipe; nothing else to do.
6
+ }
7
+ //# sourceMappingURL=stdio.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"stdio.js","sourceRoot":"","sources":["../../src/transport/stdio.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AAGjF,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,MAAiB;IAC9C,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,+EAA+E;AACjF,CAAC"}
@@ -0,0 +1,11 @@
1
+ {
2
+ "mcpServers": {
3
+ "upload-post": {
4
+ "command": "npx",
5
+ "args": ["-y", "@upload-post/mcp"],
6
+ "env": {
7
+ "UPLOAD_POST_API_KEY": "YOUR_API_KEY"
8
+ }
9
+ }
10
+ }
11
+ }
package/package.json ADDED
@@ -0,0 +1,68 @@
1
+ {
2
+ "name": "@upload-post/mcp",
3
+ "version": "0.3.0",
4
+ "description": "Official Model Context Protocol (MCP) server for Upload-Post — publish, schedule, analyze and manage social media across TikTok, Instagram, YouTube, LinkedIn, Facebook, Pinterest, Threads, Reddit, Bluesky, X and more from any MCP-compatible AI agent (Claude Desktop, Claude Code, Cursor, ...).",
5
+ "license": "MIT",
6
+ "type": "module",
7
+ "main": "dist/index.js",
8
+ "types": "dist/index.d.ts",
9
+ "bin": {
10
+ "upload-post-mcp": "dist/index.js"
11
+ },
12
+ "files": [
13
+ "dist",
14
+ "examples",
15
+ "README.md",
16
+ "LICENSE"
17
+ ],
18
+ "scripts": {
19
+ "build": "tsc",
20
+ "start": "node dist/index.js",
21
+ "dev": "tsc --watch",
22
+ "prepublishOnly": "npm run build"
23
+ },
24
+ "engines": {
25
+ "node": ">=18"
26
+ },
27
+ "keywords": [
28
+ "mcp",
29
+ "model-context-protocol",
30
+ "upload-post",
31
+ "social-media",
32
+ "tiktok",
33
+ "instagram",
34
+ "youtube",
35
+ "linkedin",
36
+ "facebook",
37
+ "pinterest",
38
+ "threads",
39
+ "reddit",
40
+ "bluesky",
41
+ "x",
42
+ "twitter",
43
+ "claude",
44
+ "claude-desktop",
45
+ "cursor",
46
+ "ai-agent"
47
+ ],
48
+ "repository": {
49
+ "type": "git",
50
+ "url": "git+https://github.com/Upload-Post/upload-post-mcp.git"
51
+ },
52
+ "homepage": "https://www.upload-post.com",
53
+ "bugs": {
54
+ "url": "https://github.com/Upload-Post/upload-post-mcp/issues"
55
+ },
56
+ "author": "Upload-Post <info@upload-post.com>",
57
+ "dependencies": {
58
+ "@modelcontextprotocol/sdk": "^1.0.4",
59
+ "axios": "^1.7.7",
60
+ "form-data": "^4.0.1",
61
+ "upload-post": "^2.2.0",
62
+ "zod": "^3.23.8"
63
+ },
64
+ "devDependencies": {
65
+ "@types/node": "^20.14.0",
66
+ "typescript": "^5.5.0"
67
+ }
68
+ }