@zuwiki/mcp 0.1.0

package/LICENSE

@@ -0,0 +1,7 @@
+Copyright 2026 The Zu Company
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

package/README.md

@@ -0,0 +1,189 @@
+## Zuwiki MCP
+
+A [Model Context Protocol](https://modelcontextprotocol.io) server for [Zuwiki](https://zuwiki.com). Once connected to any MCP client (Claude, Cursor, Windsurf, VS Code, Zed, and more), your assistant can browse and edit your wikis, categories and pages in natural language.
+
+### Quick start
+
+You do not need to clone anything. All you need is Node.js 20+ installed. The server runs over stdio with the command:
+
+```bash
+npx -y @zuwiki/mcp
+```
+
+Most MCP clients use the same JSON config format, just in different places. On the first start a browser window opens, you sign in to Zuwiki, and you are ready to go.
+
+#### Claude Code
+
+```bash
+claude mcp add zuwiki npx -y @zuwiki/mcp
+```
+
+#### Claude Desktop
+
+`~/Library/Application Support/Claude/claude_desktop_config.json` on macOS, equivalent on other OSes:
+
+```json
+{
+  "mcpServers": {
+    "zuwiki": {
+      "command": "npx",
+      "args": ["-y", "@zuwiki/mcp"]
+    }
+  }
+}
+```
+
+#### Cursor
+
+`~/.cursor/mcp.json` (global) or `.cursor/mcp.json` (per project):
+
+```json
+{
+  "mcpServers": {
+    "zuwiki": {
+      "command": "npx",
+      "args": ["-y", "@zuwiki/mcp"]
+    }
+  }
+}
+```
+
+#### Windsurf
+
+`~/.codeium/windsurf/mcp_config.json`:
+
+```json
+{
+  "mcpServers": {
+    "zuwiki": {
+      "command": "npx",
+      "args": ["-y", "@zuwiki/mcp"]
+    }
+  }
+}
+```
+
+#### VS Code (Continue, Cline, or other MCP enabled extensions)
+
+Add a server entry pointing to the same `npx -y @zuwiki/mcp` command. The exact location depends on the extension; the value is always the same.
+
+#### Any other MCP client
+
+Anything that can launch a stdio MCP server works. Configure it with:
+
+* command: `npx`
+* args: `["-y", "@zuwiki/mcp"]`
+
+Or, if you have installed the package globally with `npm install -g @zuwiki/mcp`:
+
+* command: `zuwiki-mcp`
+* args: `[]`
+
+### Example prompts
+
+Once connected, try things like:
+
+* "List my Zuwiki organizations and switch to the one called Acme."
+* "Show me all wikis in the active organization."
+* "Create a new page called 'Onboarding' in the wiki 'Handbook' with a short welcome text."
+* "Find the deployment page and rewrite the section on staging."
+
+### Organizations
+
+Zuwiki accounts can belong to several organizations and every API request needs to pick one. Easiest way: ask the LLM to call `zuwiki_list_organizations` and then `zuwiki_set_active_organization`. The choice persists for the lifetime of the server. Alternatively set `ZUWIKI_ORGANIZATION_ID` in your MCP config.
+
+### How authentication works
+
+The server uses OAuth 2.1 (Authorization Code Flow with PKCE) against the Zuwiki auth server, with Dynamic Client Registration per RFC 7591 on first start. Access and refresh tokens are stored in `~/.config/zuwiki-mcp/credentials.json` with file mode 0600. Subsequent runs use the refresh token automatically without any user interaction.
+
+To sign in as a different user, or to force a fresh authorization, delete that file.
+
+### Available tools
+
+Read tools:
+
+* `zuwiki_list_organizations`, `zuwiki_get_active_organization`
+* `zuwiki_list_wikis`, `zuwiki_get_wiki`, `zuwiki_get_wiki_editor`
+* `zuwiki_get_page_content`, `zuwiki_get_page_settings`, `zuwiki_get_page_history`
+
+Write tools:
+
+* `zuwiki_set_active_organization`
+* `zuwiki_create_wiki`, `zuwiki_update_wiki`, `zuwiki_delete_wiki`
+* `zuwiki_create_category`, `zuwiki_rename_category`, `zuwiki_delete_category`
+* `zuwiki_create_page`, `zuwiki_rename_page`, `zuwiki_delete_page`
+* `zuwiki_update_page_content`, `zuwiki_update_page_settings`
+* `zuwiki_set_page_status`, `zuwiki_restore_page_history`
+
+On failure each tool returns an `isError: true` result with a descriptive message. Common codes are `insufficient_scope`, `forbidden_or_not_member`, `not_found`, `conflict`, `rate_limited`. 429 responses are retried up to twice with backoff; 401 triggers an automatic token refresh and one retry.
+
+### Configuration
+
+CLI options:
+
+```
+--http                   Use streamable HTTP transport instead of stdio
+--host <host>            HTTP host (default 127.0.0.1)
+--port <port>            HTTP port (default 3333)
+--path <path>            HTTP path (default /mcp)
+--base-url <url>         Zuwiki base URL (default https://zuwiki.com)
+--organization <id>      Active organization id
+--credentials <path>     Path to the credentials file
+--organizations-path <p> Override the API path for the organizations list
+--help                   Show help
+```
+
+All options can also be set via environment variables. CLI flags take precedence:
+
+```
+ZUWIKI_BASE_URL            Zuwiki base URL
+ZUWIKI_ORGANIZATION_ID     Active organization id
+ZUWIKI_CREDENTIALS_PATH    Path to the credentials file
+ZUWIKI_HTTP_HOST           HTTP host
+ZUWIKI_HTTP_PORT           HTTP port
+ZUWIKI_HTTP_PATH           HTTP path
+ZUWIKI_ORGANIZATIONS_PATH  Override the API path for organizations
+```
+
+### Run from source
+
+If you want to hack on the server itself:
+
+```bash
+pnpm install
+pnpm build
+node dist/cli.js
+```
+
+For development without rebuilding each time:
+
+```bash
+pnpm dev
+```
+
+### HTTP mode
+
+```bash
+node dist/cli.js --http --port 3333
+```
+
+The streamable HTTP endpoint listens at `http://127.0.0.1:3333/mcp`. Every client must send its own bearer token via the `Authorization` header on every request. The server forwards that token as is when talking to the Zuwiki API and never persists it. Valid tokens come from the Zuwiki auth server, for example via a client side OAuth flow.
+
+### Tests
+
+```bash
+pnpm test
+```
+
+The tests cover PKCE generation, token refresh logic, HTTP behavior (401 retry, 429 backoff, scope and org errors) and MCP tool registration plus argument validation.
+
+### Security
+
+* Tokens are stored with mode 0600
+* PKCE S256 is mandatory
+* The state parameter is validated against CSRF
+* In HTTP mode the server only forwards incoming bearer tokens and never persists them
+
+### License
+
+MIT

package/dist/api/categories.d.ts

@@ -0,0 +1,4 @@
+import type { ApiContext, Category } from "./types.js";
+export declare function createCategory(ctx: ApiContext, wikiId: string, name: string): Promise<Category>;
+export declare function renameCategory(ctx: ApiContext, wikiId: string, categoryId: string, name: string): Promise<Category>;
+export declare function deleteCategory(ctx: ApiContext, wikiId: string, categoryId: string): Promise<void>;

package/dist/api/categories.js

@@ -0,0 +1,14 @@
+import { apiRequest } from "./http.js";
+export function createCategory(ctx, wikiId, name) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/categories`, {
+        method: "POST",
+        body: { name },
+    });
+}
+export function renameCategory(ctx, wikiId, categoryId, name) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/categories/${encodeURIComponent(categoryId)}`, { method: "PATCH", body: { name } });
+}
+export function deleteCategory(ctx, wikiId, categoryId) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/categories/${encodeURIComponent(categoryId)}`, { method: "DELETE" });
+}
+//# sourceMappingURL=categories.js.map

package/dist/api/categories.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"categories.js","sourceRoot":"","sources":["../../src/api/categories.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAGvC,MAAM,UAAU,cAAc,CAC5B,GAAe,EACf,MAAc,EACd,IAAY;IAEZ,OAAO,UAAU,CAAC,GAAG,EAAE,cAAc,kBAAkB,CAAC,MAAM,CAAC,aAAa,EAAE;QAC5E,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,EAAE,IAAI,EAAE;KACf,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,cAAc,CAC5B,GAAe,EACf,MAAc,EACd,UAAkB,EAClB,IAAY;IAEZ,OAAO,UAAU,CACf,GAAG,EACH,cAAc,kBAAkB,CAAC,MAAM,CAAC,eAAe,kBAAkB,CAAC,UAAU,CAAC,EAAE,EACvF,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,EAAE,CACpC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,cAAc,CAC5B,GAAe,EACf,MAAc,EACd,UAAkB;IAElB,OAAO,UAAU,CACf,GAAG,EACH,cAAc,kBAAkB,CAAC,MAAM,CAAC,eAAe,kBAAkB,CAAC,UAAU,CAAC,EAAE,EACvF,EAAE,MAAM,EAAE,QAAQ,EAAE,CACrB,CAAC;AACJ,CAAC"}

package/dist/api/http.d.ts

@@ -0,0 +1,8 @@
+import { ApiContext } from "./types.js";
+export interface RequestOptions {
+    method?: "GET" | "POST" | "PATCH" | "PUT" | "DELETE";
+    body?: unknown;
+    /** When true, the x-organization-id header is omitted (e.g. for the organizations list). */
+    withoutOrganization?: boolean;
+}
+export declare function apiRequest<T = unknown>(context: ApiContext, path: string, options?: RequestOptions): Promise<T>;

package/dist/api/http.js

@@ -0,0 +1,119 @@
+import { ApiError } from "./types.js";
+const MAX_RETRY_AFTER_MS = 10_000;
+export async function apiRequest(context, path, options = {}) {
+    const fetchImpl = context.fetchImpl ?? fetch;
+    const method = options.method ?? "GET";
+    if (!options.withoutOrganization && !context.organizationId) {
+        throw new ApiError("No active organization set. Use zuwiki_list_organizations and zuwiki_set_active_organization or set ZUWIKI_ORGANIZATION_ID.", 400, "no_active_organization");
+    }
+    const url = joinUrl(context.baseUrl, path);
+    const buildInit = async (token) => {
+        const headers = {
+            authorization: `Bearer ${token}`,
+            accept: "application/json",
+        };
+        if (!options.withoutOrganization && context.organizationId) {
+            headers["x-organization-id"] = context.organizationId;
+        }
+        let body;
+        if (options.body !== undefined) {
+            headers["content-type"] = "application/json";
+            body = JSON.stringify(options.body);
+        }
+        return { method, headers, body };
+    };
+    let attempt = 0;
+    let token = await context.getAccessToken();
+    while (true) {
+        const init = await buildInit(token);
+        const response = await fetchImpl(url, init);
+        if (response.status === 401 && attempt === 0) {
+            attempt++;
+            try {
+                token = await context.invalidateAndRefreshToken();
+                continue;
+            }
+            catch (err) {
+                throw new ApiError(`Authentication failed and refresh is not possible: ${err.message}`, 401, "unauthorized");
+            }
+        }
+        if (response.status === 429 && attempt < 2) {
+            attempt++;
+            const retryAfter = parseRetryAfter(response.headers.get("retry-after"));
+            await sleep(Math.min(retryAfter, MAX_RETRY_AFTER_MS));
+            continue;
+        }
+        if (!response.ok) {
+            const detail = await readErrorDetail(response);
+            const code = mapStatusToCode(response.status, response.headers.get("www-authenticate"));
+            throw new ApiError(formatErrorMessage(method, path, response.status, code, detail.message), response.status, code, detail.body);
+        }
+        if (response.status === 204) {
+            return undefined;
+        }
+        const contentType = response.headers.get("content-type") ?? "";
+        if (contentType.includes("application/json")) {
+            return (await response.json());
+        }
+        return (await response.text());
+    }
+}
+function joinUrl(base, path) {
+    const trimmedBase = base.replace(/\/+$/, "");
+    const trimmedPath = path.startsWith("/") ? path : `/${path}`;
+    return `${trimmedBase}${trimmedPath}`;
+}
+function parseRetryAfter(value) {
+    if (!value)
+        return 1000;
+    const asSeconds = Number(value);
+    if (!Number.isNaN(asSeconds) && asSeconds >= 0) {
+        return Math.min(asSeconds * 1000, MAX_RETRY_AFTER_MS);
+    }
+    const date = Date.parse(value);
+    if (!Number.isNaN(date)) {
+        return Math.max(0, Math.min(date - Date.now(), MAX_RETRY_AFTER_MS));
+    }
+    return 1000;
+}
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+async function readErrorDetail(response) {
+    const text = await response.text().catch(() => "");
+    if (!text)
+        return { message: response.statusText, body: undefined };
+    try {
+        const parsed = JSON.parse(text);
+        const message = typeof parsed === "object" && parsed !== null && typeof parsed.message === "string"
+            ? (parsed.message)
+            : text;
+        return { message, body: parsed };
+    }
+    catch {
+        return { message: text, body: text };
+    }
+}
+function mapStatusToCode(status, wwwAuthenticate) {
+    if (status === 401)
+        return "unauthorized";
+    if (status === 403) {
+        if (wwwAuthenticate && /insufficient_scope/i.test(wwwAuthenticate)) {
+            return "insufficient_scope";
+        }
+        return "forbidden_or_not_member";
+    }
+    if (status === 404)
+        return "not_found";
+    if (status === 409)
+        return "conflict";
+    if (status === 429)
+        return "rate_limited";
+    if (status >= 500)
+        return "server_error";
+    return "error";
+}
+function formatErrorMessage(method, path, status, code, detail) {
+    return `Zuwiki API error on ${method} ${path}: ${status} ${code}. ${detail}`.trim();
+}
+//# sourceMappingURL=http.js.map

package/dist/api/http.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.js","sourceRoot":"","sources":["../../src/api/http.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,QAAQ,EAAE,MAAM,YAAY,CAAC;AASlD,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAElC,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,OAAmB,EACnB,IAAY,EACZ,UAA0B,EAAE;IAE5B,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,KAAK,CAAC;IAC7C,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,KAAK,CAAC;IAEvC,IAAI,CAAC,OAAO,CAAC,mBAAmB,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;QAC5D,MAAM,IAAI,QAAQ,CAChB,6HAA6H,EAC7H,GAAG,EACH,wBAAwB,CACzB,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAE3C,MAAM,SAAS,GAAG,KAAK,EAAE,KAAa,EAAwB,EAAE;QAC9D,MAAM,OAAO,GAA2B;YACtC,aAAa,EAAE,UAAU,KAAK,EAAE;YAChC,MAAM,EAAE,kBAAkB;SAC3B,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,mBAAmB,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;YAC3D,OAAO,CAAC,mBAAmB,CAAC,GAAG,OAAO,CAAC,cAAc,CAAC;QACxD,CAAC;QACD,IAAI,IAA0B,CAAC;QAC/B,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC/B,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;YAC7C,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACtC,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IACnC,CAAC,CAAC;IAEF,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,IAAI,KAAK,GAAG,MAAM,OAAO,CAAC,cAAc,EAAE,CAAC;IAE3C,OAAO,IAAI,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,KAAK,CAAC,CAAC;QACpC,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAE5C,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,OAAO,KAAK,CAAC,EAAE,CAAC;YAC7C,OAAO,EAAE,CAAC;YACV,IAAI,CAAC;gBACH,KAAK,GAAG,MAAM,OAAO,CAAC,yBAAyB,EAAE,CAAC;gBAClD,SAAS;YACX,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,QAAQ,CAChB,sDAAuD,GAAa,CAAC,OAAO,EAAE,EAC9E,GAAG,EACH,cAAc,CACf,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;YAC3C,OAAO,EAAE,CAAC;YACV,MAAM,UAAU,GAAG,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC;YACxE,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,kBAAkB,CAAC,CAAC,CAAC;YACtD,SAAS;QACX,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,QAAQ,CAAC,CAAC;YAC/C,MAAM,IAAI,GAAG,eAAe,CAAC,QAAQ,CAAC,MAAM,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC,CAAC;YACxF,MAAM,IAAI,QAAQ,CAChB,kBAAkB,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,EACvE,QAAQ,CAAC,MAAM,EACf,IAAI,EACJ,MAAM,CAAC,IAAI,CACZ,CAAC;QACJ,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO,SAAc,CAAC;QACxB,CAAC;QAED,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;QAC/D,IAAI,WAAW,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;YAC7C,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAM,CAAC;QACtC,CAAC;QACD,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;IACjD,CAAC;AACH,CAAC;AAED,SAAS,OAAO,CAAC,IAAY,EAAE,IAAY;IACzC,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC;IAC7D,OAAO,GAAG,WAAW,GAAG,WAAW,EAAE,CAAC;AACxC,CAAC;AAED,SAAS,eAAe,CAAC,KAAoB;IAC3C,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACxB,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAChC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;QAC/C,OAAO,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,IAAI,EAAE,kBAAkB,CAAC,CAAC;IACxD,CAAC;IACD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,kBAAkB,CAAC,CAAC,CAAC;IACtE,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,QAAkB;IAC/C,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;IACnD,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,CAAC,UAAU,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;IACpE,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAChC,MAAM,OAAO,GACX,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,IAAI,IAAI,OAAQ,MAAgC,CAAC,OAAO,KAAK,QAAQ;YAC5G,CAAC,CAAC,CAAE,MAA8B,CAAC,OAAO,CAAC;YAC3C,CAAC,CAAC,IAAI,CAAC;QACX,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IACnC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACvC,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,MAAc,EAAE,eAA8B;IACrE,IAAI,MAAM,KAAK,GAAG;QAAE,OAAO,cAAc,CAAC;IAC1C,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;QACnB,IAAI,eAAe,IAAI,qBAAqB,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC;YACnE,OAAO,oBAAoB,CAAC;QAC9B,CAAC;QACD,OAAO,yBAAyB,CAAC;IACnC,CAAC;IACD,IAAI,MAAM,KAAK,GAAG;QAAE,OAAO,WAAW,CAAC;IACvC,IAAI,MAAM,KAAK,GAAG;QAAE,OAAO,UAAU,CAAC;IACtC,IAAI,MAAM,KAAK,GAAG;QAAE,OAAO,cAAc,CAAC;IAC1C,IAAI,MAAM,IAAI,GAAG;QAAE,OAAO,cAAc,CAAC;IACzC,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,kBAAkB,CACzB,MAAc,EACd,IAAY,EACZ,MAAc,EACd,IAAY,EACZ,MAAc;IAEd,OAAO,uBAAuB,MAAM,IAAI,IAAI,KAAK,MAAM,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC;AACtF,CAAC"}

package/dist/api/organizations.d.ts

@@ -0,0 +1,14 @@
+import type { ApiContext, Organization } from "./types.js";
+/**
+ * Returns the organizations the currently signed in user is a member of.
+ *
+ * The endpoint is called without the x-organization-id header because the
+ * token is user-scoped and the goal is to discover which organizations
+ * exist for this user.
+ *
+ * The exact path is configurable via ZUWIKI_ORGANIZATIONS_PATH (see cli.ts).
+ * Default is /api/organizations.
+ */
+export declare function listOrganizations(ctx: ApiContext, path?: string): Promise<Organization[] | {
+    items: Organization[];
+}>;

package/dist/api/organizations.js

@@ -0,0 +1,15 @@
+import { apiRequest } from "./http.js";
+/**
+ * Returns the organizations the currently signed in user is a member of.
+ *
+ * The endpoint is called without the x-organization-id header because the
+ * token is user-scoped and the goal is to discover which organizations
+ * exist for this user.
+ *
+ * The exact path is configurable via ZUWIKI_ORGANIZATIONS_PATH (see cli.ts).
+ * Default is /api/organizations.
+ */
+export function listOrganizations(ctx, path = "/api/organizations") {
+    return apiRequest(ctx, path, { withoutOrganization: true });
+}
+//# sourceMappingURL=organizations.js.map

package/dist/api/organizations.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"organizations.js","sourceRoot":"","sources":["../../src/api/organizations.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAGvC;;;;;;;;;GASG;AACH,MAAM,UAAU,iBAAiB,CAC/B,GAAe,EACf,IAAI,GAAG,oBAAoB;IAE3B,OAAO,UAAU,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,CAAC"}

package/dist/api/pages.d.ts

@@ -0,0 +1,16 @@
+import type { ApiContext, Page, PageContent, PageHistoryEntry, PageSettings } from "./types.js";
+export declare function createPage(ctx: ApiContext, wikiId: string, body: {
+    title: string;
+    categoryId?: string | null;
+}): Promise<Page>;
+export declare function renamePage(ctx: ApiContext, wikiId: string, pageId: string, title: string): Promise<Page>;
+export declare function deletePage(ctx: ApiContext, wikiId: string, pageId: string): Promise<void>;
+export declare function getPageContent(ctx: ApiContext, wikiId: string, pageId: string): Promise<PageContent>;
+export declare function updatePageContent(ctx: ApiContext, wikiId: string, pageId: string, content: string): Promise<PageContent | void>;
+export declare function getPageSettings(ctx: ApiContext, wikiId: string, pageId: string): Promise<PageSettings>;
+export declare function updatePageSettings(ctx: ApiContext, wikiId: string, pageId: string, patch: PageSettings): Promise<PageSettings>;
+export declare function setPageStatus(ctx: ApiContext, wikiId: string, pageId: string, status: "DRAFT" | "PUBLISHED"): Promise<Page>;
+export declare function getPageHistory(ctx: ApiContext, wikiId: string, pageId: string): Promise<PageHistoryEntry[] | {
+    items: PageHistoryEntry[];
+}>;
+export declare function restorePageHistory(ctx: ApiContext, wikiId: string, pageId: string, historyId: string): Promise<Page | void>;

package/dist/api/pages.js

@@ -0,0 +1,35 @@
+import { apiRequest } from "./http.js";
+export function createPage(ctx, wikiId, body) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/pages`, {
+        method: "POST",
+        body,
+    });
+}
+export function renamePage(ctx, wikiId, pageId, title) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/pages/${encodeURIComponent(pageId)}`, { method: "PATCH", body: { title } });
+}
+export function deletePage(ctx, wikiId, pageId) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/pages/${encodeURIComponent(pageId)}`, { method: "DELETE" });
+}
+export function getPageContent(ctx, wikiId, pageId) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/pages/${encodeURIComponent(pageId)}/content`);
+}
+export function updatePageContent(ctx, wikiId, pageId, content) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/pages/${encodeURIComponent(pageId)}/content`, { method: "PUT", body: { content } });
+}
+export function getPageSettings(ctx, wikiId, pageId) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/pages/${encodeURIComponent(pageId)}/settings`);
+}
+export function updatePageSettings(ctx, wikiId, pageId, patch) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/pages/${encodeURIComponent(pageId)}/settings`, { method: "PATCH", body: patch });
+}
+export function setPageStatus(ctx, wikiId, pageId, status) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/pages/${encodeURIComponent(pageId)}/status`, { method: "PATCH", body: { status } });
+}
+export function getPageHistory(ctx, wikiId, pageId) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/pages/${encodeURIComponent(pageId)}/history`);
+}
+export function restorePageHistory(ctx, wikiId, pageId, historyId) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/pages/${encodeURIComponent(pageId)}/history/${encodeURIComponent(historyId)}/restore`, { method: "POST" });
+}
+//# sourceMappingURL=pages.js.map

package/dist/api/pages.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pages.js","sourceRoot":"","sources":["../../src/api/pages.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AASvC,MAAM,UAAU,UAAU,CACxB,GAAe,EACf,MAAc,EACd,IAAmD;IAEnD,OAAO,UAAU,CAAC,GAAG,EAAE,cAAc,kBAAkB,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvE,MAAM,EAAE,MAAM;QACd,IAAI;KACL,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,UAAU,CACxB,GAAe,EACf,MAAc,EACd,MAAc,EACd,KAAa;IAEb,OAAO,UAAU,CACf,GAAG,EACH,cAAc,kBAAkB,CAAC,MAAM,CAAC,UAAU,kBAAkB,CAAC,MAAM,CAAC,EAAE,EAC9E,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,EAAE,CACrC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,UAAU,CACxB,GAAe,EACf,MAAc,EACd,MAAc;IAEd,OAAO,UAAU,CACf,GAAG,EACH,cAAc,kBAAkB,CAAC,MAAM,CAAC,UAAU,kBAAkB,CAAC,MAAM,CAAC,EAAE,EAC9E,EAAE,MAAM,EAAE,QAAQ,EAAE,CACrB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,cAAc,CAC5B,GAAe,EACf,MAAc,EACd,MAAc;IAEd,OAAO,UAAU,CACf,GAAG,EACH,cAAc,kBAAkB,CAAC,MAAM,CAAC,UAAU,kBAAkB,CAAC,MAAM,CAAC,UAAU,CACvF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,GAAe,EACf,MAAc,EACd,MAAc,EACd,OAAe;IAEf,OAAO,UAAU,CACf,GAAG,EACH,cAAc,kBAAkB,CAAC,MAAM,CAAC,UAAU,kBAAkB,CAAC,MAAM,CAAC,UAAU,EACtF,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,EAAE,CACrC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,eAAe,CAC7B,GAAe,EACf,MAAc,EACd,MAAc;IAEd,OAAO,UAAU,CACf,GAAG,EACH,cAAc,kBAAkB,CAAC,MAAM,CAAC,UAAU,kBAAkB,CAAC,MAAM,CAAC,WAAW,CACxF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,kBAAkB,CAChC,GAAe,EACf,MAAc,EACd,MAAc,EACd,KAAmB;IAEnB,OAAO,UAAU,CACf,GAAG,EACH,cAAc,kBAAkB,CAAC,MAAM,CAAC,UAAU,kBAAkB,CAAC,MAAM,CAAC,WAAW,EACvF,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CACjC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,aAAa,CAC3B,GAAe,EACf,MAAc,EACd,MAAc,EACd,MAA6B;IAE7B,OAAO,UAAU,CACf,GAAG,EACH,cAAc,kBAAkB,CAAC,MAAM,CAAC,UAAU,kBAAkB,CAAC,MAAM,CAAC,SAAS,EACrF,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,CACtC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,cAAc,CAC5B,GAAe,EACf,MAAc,EACd,MAAc;IAEd,OAAO,UAAU,CACf,GAAG,EACH,cAAc,kBAAkB,CAAC,MAAM,CAAC,UAAU,kBAAkB,CAAC,MAAM,CAAC,UAAU,CACvF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,kBAAkB,CAChC,GAAe,EACf,MAAc,EACd,MAAc,EACd,SAAiB;IAEjB,OAAO,UAAU,CACf,GAAG,EACH,cAAc,kBAAkB,CAAC,MAAM,CAAC,UAAU,kBAAkB,CAAC,MAAM,CAAC,YAAY,kBAAkB,CAAC,SAAS,CAAC,UAAU,EAC/H,EAAE,MAAM,EAAE,MAAM,EAAE,CACnB,CAAC;AACJ,CAAC"}

package/dist/api/types.d.ts

@@ -0,0 +1,69 @@
+export interface ApiContext {
+    baseUrl: string;
+    organizationId: string | null;
+    getAccessToken(): Promise<string>;
+    /** Forces a token refresh. Throws when not supported (HTTP mode). */
+    invalidateAndRefreshToken(): Promise<string>;
+    fetchImpl?: typeof fetch;
+}
+export declare class ApiError extends Error {
+    readonly status: number;
+    readonly code?: string | undefined;
+    readonly body?: unknown | undefined;
+    constructor(message: string, status: number, code?: string | undefined, body?: unknown | undefined);
+}
+export interface Wiki {
+    id: string;
+    title: string;
+    slug?: string;
+    organizationId?: string;
+    createdAt?: string;
+    updatedAt?: string;
+    [key: string]: unknown;
+}
+export interface Category {
+    id: string;
+    name: string;
+    wikiId: string;
+    [key: string]: unknown;
+}
+export interface Page {
+    id: string;
+    title: string;
+    slug?: string;
+    status?: "DRAFT" | "PUBLISHED";
+    categoryId?: string | null;
+    wikiId: string;
+    [key: string]: unknown;
+}
+export interface PageContent {
+    content: string;
+}
+export interface PageSettings {
+    title?: string;
+    slug?: string;
+    hidden?: boolean;
+    pageVisibility?: "PUBLIC" | "PRIVATE_ACCOUNT" | "PRIVATE_PASSWORD" | "PRIVATE_EMAIL_DOMAIN";
+    seoTitle?: string;
+    seoDescription?: string;
+    seoKeywords?: string;
+    icon?: string;
+    [key: string]: unknown;
+}
+export interface PageHistoryEntry {
+    id: string;
+    createdAt?: string;
+    authorId?: string;
+    [key: string]: unknown;
+}
+export interface EditorSnapshot {
+    categories?: unknown;
+    rootPages?: unknown;
+    rootLinks?: unknown;
+    [key: string]: unknown;
+}
+export interface Organization {
+    id: string;
+    name?: string;
+    [key: string]: unknown;
+}

package/dist/api/types.js

@@ -0,0 +1,13 @@
+export class ApiError extends Error {
+    status;
+    code;
+    body;
+    constructor(message, status, code, body) {
+        super(message);
+        this.status = status;
+        this.code = code;
+        this.body = body;
+        this.name = "ApiError";
+    }
+}
+//# sourceMappingURL=types.js.map

package/dist/api/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/api/types.ts"],"names":[],"mappings":"AASA,MAAM,OAAO,QAAS,SAAQ,KAAK;IAGf;IACA;IACA;IAJlB,YACE,OAAe,EACC,MAAc,EACd,IAAa,EACb,IAAc;QAE9B,KAAK,CAAC,OAAO,CAAC,CAAC;QAJC,WAAM,GAAN,MAAM,CAAQ;QACd,SAAI,GAAJ,IAAI,CAAS;QACb,SAAI,GAAJ,IAAI,CAAU;QAG9B,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC;IACzB,CAAC;CACF"}

package/dist/api/wikis.d.ts

@@ -0,0 +1,12 @@
+import type { ApiContext, EditorSnapshot, Wiki } from "./types.js";
+export declare function listWikis(ctx: ApiContext): Promise<Wiki[] | {
+    items: Wiki[];
+}>;
+export declare function getWiki(ctx: ApiContext, wikiId: string): Promise<Wiki>;
+export declare function createWiki(ctx: ApiContext, title: string): Promise<Wiki>;
+export declare function updateWiki(ctx: ApiContext, wikiId: string, patch: {
+    title?: string;
+    slug?: string;
+}): Promise<Wiki>;
+export declare function deleteWiki(ctx: ApiContext, wikiId: string): Promise<void>;
+export declare function getWikiEditor(ctx: ApiContext, wikiId: string): Promise<EditorSnapshot>;

package/dist/api/wikis.js

@@ -0,0 +1,25 @@
+import { apiRequest } from "./http.js";
+export function listWikis(ctx) {
+    return apiRequest(ctx, "/api/wikis");
+}
+export function getWiki(ctx, wikiId) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}`);
+}
+export function createWiki(ctx, title) {
+    return apiRequest(ctx, "/api/wikis", { method: "POST", body: { title } });
+}
+export function updateWiki(ctx, wikiId, patch) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}`, {
+        method: "PATCH",
+        body: patch,
+    });
+}
+export function deleteWiki(ctx, wikiId) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}`, {
+        method: "DELETE",
+    });
+}
+export function getWikiEditor(ctx, wikiId) {
+    return apiRequest(ctx, `/api/wikis/${encodeURIComponent(wikiId)}/editor`);
+}
+//# sourceMappingURL=wikis.js.map

package/dist/api/wikis.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"wikis.js","sourceRoot":"","sources":["../../src/api/wikis.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAGvC,MAAM,UAAU,SAAS,CAAC,GAAe;IACvC,OAAO,UAAU,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,GAAe,EAAE,MAAc;IACrD,OAAO,UAAU,CAAC,GAAG,EAAE,cAAc,kBAAkB,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AACrE,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,GAAe,EAAE,KAAa;IACvD,OAAO,UAAU,CAAC,GAAG,EAAE,YAAY,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;AAC5E,CAAC;AAED,MAAM,UAAU,UAAU,CACxB,GAAe,EACf,MAAc,EACd,KAAwC;IAExC,OAAO,UAAU,CAAC,GAAG,EAAE,cAAc,kBAAkB,CAAC,MAAM,CAAC,EAAE,EAAE;QACjE,MAAM,EAAE,OAAO;QACf,IAAI,EAAE,KAAK;KACZ,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,GAAe,EAAE,MAAc;IACxD,OAAO,UAAU,CAAC,GAAG,EAAE,cAAc,kBAAkB,CAAC,MAAM,CAAC,EAAE,EAAE;QACjE,MAAM,EAAE,QAAQ;KACjB,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,GAAe,EAAE,MAAc;IAC3D,OAAO,UAAU,CAAC,GAAG,EAAE,cAAc,kBAAkB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;AAC5E,CAAC"}

package/dist/auth/client.d.ts

@@ -0,0 +1,54 @@
+export declare const DEFAULT_SCOPE = "openid profile email offline_access wiki:read wiki:write";
+export interface AuthManagerOptions {
+    baseUrl: string;
+    credentialsPath?: string;
+    scope?: string;
+    clientName?: string;
+    fetchImpl?: typeof fetch;
+    loopbackPorts?: number[];
+    /** Logger for status messages, defaults to process.stderr.write. */
+    log?: (message: string) => void;
+    openBrowser?: (url: string) => Promise<unknown>;
+    /** If false, the interactive browser flow is never triggered. Used for HTTP mode. */
+    interactive?: boolean;
+}
+/**
+ * Manages OAuth credentials for the local server.
+ *
+ * On the first call to ensureAccessToken it runs discovery, dynamic client
+ * registration and the authorization code flow if needed. Later calls reuse
+ * the refresh token as long as possible.
+ */
+export declare class AuthManager {
+    private readonly baseUrl;
+    private readonly credentialsPath;
+    private readonly scope;
+    private readonly clientName;
+    private readonly fetchImpl;
+    private readonly loopbackPorts;
+    private readonly log;
+    private readonly openBrowser?;
+    private readonly interactive;
+    private credentials;
+    private metadata;
+    private inflight;
+    constructor(options: AuthManagerOptions);
+    getBaseUrl(): string;
+    ensureAccessToken(): Promise<string>;
+    private ensureAccessTokenInner;
+    /** Forces a refresh, for example after a 401 response. */
+    invalidateAndRefresh(): Promise<string>;
+    private getCredentials;
+    private getMetadata;
+    private runInitialAuth;
+}
+/**
+ * Holds the active organization id and lets callers update it at runtime.
+ * Shared with the server so that zuwiki_set_active_organization can take effect.
+ */
+export declare class OrganizationState {
+    private organizationId;
+    constructor(organizationId: string | null);
+    get(): string | null;
+    set(id: string | null): void;
+}