acuity-mcp-server 1.0.0

package/dist/auth/token-storage.js

@@ -0,0 +1,273 @@
+/**
+ * Secure Token Storage using System Keychain
+ *
+ * Uses keytar for cross-platform keychain access:
+ * - macOS: Keychain Access
+ * - Windows: Credential Manager
+ * - Linux: libsecret
+ *
+ * If keytar is not available (e.g., no native build tools),
+ * falls back to no-op storage and users must use USER_JWT env var.
+ */
+import { getKeychainServiceName } from '../config/environments.js';
+const ACCOUNT_NAME = 'default';
+const PENDING_ACCOUNT_NAME = 'pending-device-code';
+// Cached keytar module (or null if not available)
+let keytarModule = undefined;
+let keytarLoadError = null;
+/**
+ * Dynamically load keytar module
+ * Returns null if keytar is not available (no native build tools, etc.)
+ */
+async function getKeytar() {
+    if (keytarModule !== undefined) {
+        return keytarModule;
+    }
+    try {
+        // Dynamic import to make keytar optional
+        const keytar = await import('keytar');
+        keytarModule = keytar.default || keytar;
+        return keytarModule;
+    }
+    catch (error) {
+        keytarModule = null;
+        keytarLoadError = error instanceof Error ? error.message : String(error);
+        // Only log once
+        console.error('[Auth] Keytar not available - credential storage disabled.');
+        console.error('[Auth] To enable: install build tools (Xcode CLT on macOS, Visual Studio Build Tools on Windows)');
+        console.error('[Auth] Fallback: use USER_JWT environment variable for authentication.');
+        return null;
+    }
+}
+/**
+ * Check if keytar is available
+ */
+export async function isKeytarAvailable() {
+    const keytar = await getKeytar();
+    return keytar !== null;
+}
+/**
+ * Get the error message if keytar failed to load
+ */
+export function getKeytarLoadError() {
+    return keytarLoadError;
+}
+/**
+ * Get the service name for keychain storage
+ * Includes environment name: acuity-mcp-{env}
+ */
+function getServiceName() {
+    return getKeychainServiceName();
+}
+/**
+ * Save credentials to the system keychain
+ * Returns false if keytar is not available
+ */
+export async function saveCredentials(credentials) {
+    const keytar = await getKeytar();
+    if (!keytar) {
+        return false;
+    }
+    const data = JSON.stringify(credentials);
+    await keytar.setPassword(getServiceName(), ACCOUNT_NAME, data);
+    return true;
+}
+/**
+ * Load credentials from the system keychain
+ * Returns null if keytar is not available or no credentials stored
+ */
+export async function loadCredentials() {
+    const keytar = await getKeytar();
+    if (!keytar) {
+        return null;
+    }
+    try {
+        const data = await keytar.getPassword(getServiceName(), ACCOUNT_NAME);
+        if (!data) {
+            return null;
+        }
+        return JSON.parse(data);
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Clear credentials from the system keychain
+ * Returns false if keytar is not available
+ */
+export async function clearCredentials() {
+    const keytar = await getKeytar();
+    if (!keytar) {
+        return false;
+    }
+    return keytar.deletePassword(getServiceName(), ACCOUNT_NAME);
+}
+/**
+ * Check if credentials exist in the keychain
+ */
+export async function hasCredentials() {
+    const creds = await loadCredentials();
+    return creds !== null;
+}
+/**
+ * Check if the stored access token is expired
+ * Returns true if expired or no credentials exist
+ */
+export async function isTokenExpired(bufferSeconds = 60) {
+    const creds = await loadCredentials();
+    if (!creds) {
+        return true;
+    }
+    const now = Math.floor(Date.now() / 1000);
+    return creds.expiresAt - bufferSeconds <= now;
+}
+/**
+ * Convert TokenResponse from Device Flow to StoredCredentials
+ */
+export function tokenResponseToCredentials(token, email) {
+    const now = Math.floor(Date.now() / 1000);
+    return {
+        accessToken: token.access_token,
+        refreshToken: token.refresh_token,
+        idToken: token.id_token,
+        expiresAt: now + token.expires_in,
+        email,
+    };
+}
+/**
+ * Get the access token, refreshing if necessary
+ * Throws if no valid token available and refresh fails
+ */
+export async function getValidAccessToken(refreshFn) {
+    const creds = await loadCredentials();
+    if (!creds) {
+        throw new Error('No credentials stored. Run "init" to authenticate.');
+    }
+    // Check if token is expired
+    const now = Math.floor(Date.now() / 1000);
+    const isExpired = creds.expiresAt - 60 <= now; // 60 second buffer
+    if (!isExpired) {
+        return creds.accessToken;
+    }
+    // Token is expired, try to refresh
+    if (!creds.refreshToken) {
+        throw new Error('Token expired and no refresh token available. Run "init" to re-authenticate.');
+    }
+    if (!refreshFn) {
+        throw new Error('Token expired and no refresh function provided.');
+    }
+    console.error('[Auth] Access token expired, refreshing...');
+    try {
+        const newToken = await refreshFn(creds.refreshToken);
+        // Save new credentials
+        const newCreds = tokenResponseToCredentials(newToken, creds.email);
+        // Keep the original refresh token if a new one wasn't provided
+        if (!newCreds.refreshToken && creds.refreshToken) {
+            newCreds.refreshToken = creds.refreshToken;
+        }
+        await saveCredentials(newCreds);
+        console.error('[Auth] Token refreshed successfully.');
+        return newCreds.accessToken;
+    }
+    catch (error) {
+        throw new Error(`Failed to refresh token: ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+/**
+ * Save pending device code during two-phase login
+ * Returns false if keytar is not available
+ */
+export async function savePendingDeviceCode(pending) {
+    const keytar = await getKeytar();
+    if (!keytar) {
+        return false;
+    }
+    const data = JSON.stringify(pending);
+    await keytar.setPassword(getServiceName(), PENDING_ACCOUNT_NAME, data);
+    return true;
+}
+/**
+ * Load pending device code
+ * Returns null if keytar is not available or no pending code
+ */
+export async function loadPendingDeviceCode() {
+    const keytar = await getKeytar();
+    if (!keytar) {
+        return null;
+    }
+    try {
+        const data = await keytar.getPassword(getServiceName(), PENDING_ACCOUNT_NAME);
+        if (!data) {
+            return null;
+        }
+        const pending = JSON.parse(data);
+        // Check if expired
+        const now = Math.floor(Date.now() / 1000);
+        if (pending.expiresAt <= now) {
+            await clearPendingDeviceCode();
+            return null;
+        }
+        return pending;
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Clear pending device code
+ * Returns false if keytar is not available
+ */
+export async function clearPendingDeviceCode() {
+    const keytar = await getKeytar();
+    if (!keytar) {
+        return false;
+    }
+    return keytar.deletePassword(getServiceName(), PENDING_ACCOUNT_NAME);
+}
+/**
+ * Get the ID token (JWT) for Hasura authentication, refreshing if necessary
+ * Hasura requires a JWT, not an opaque access token
+ */
+export async function getValidIdToken(refreshFn) {
+    const creds = await loadCredentials();
+    if (!creds) {
+        throw new Error('No credentials stored. Run "init" to authenticate.');
+    }
+    if (!creds.idToken) {
+        throw new Error('No ID token available. Run "init" to re-authenticate.');
+    }
+    // Check if token is expired
+    const now = Math.floor(Date.now() / 1000);
+    const isExpired = creds.expiresAt - 60 <= now; // 60 second buffer
+    if (!isExpired) {
+        return creds.idToken;
+    }
+    // Token is expired, try to refresh
+    if (!creds.refreshToken) {
+        throw new Error('Token expired and no refresh token available. Run "init" to re-authenticate.');
+    }
+    if (!refreshFn) {
+        throw new Error('Token expired and no refresh function provided.');
+    }
+    console.error('[Auth] ID token expired, refreshing...');
+    try {
+        const newToken = await refreshFn(creds.refreshToken);
+        // Save new credentials
+        const newCreds = tokenResponseToCredentials(newToken, creds.email);
+        // Keep the original refresh token if a new one wasn't provided
+        if (!newCreds.refreshToken && creds.refreshToken) {
+            newCreds.refreshToken = creds.refreshToken;
+        }
+        await saveCredentials(newCreds);
+        if (!newCreds.idToken) {
+            throw new Error('Refresh did not return ID token. Run "init" to re-authenticate.');
+        }
+        console.error('[Auth] Token refreshed successfully.');
+        return newCreds.idToken;
+    }
+    catch (error) {
+        throw new Error(`Failed to refresh token: ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+//# sourceMappingURL=token-storage.js.map

package/dist/auth/token-storage.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token-storage.js","sourceRoot":"","sources":["../../src/auth/token-storage.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAEnE,MAAM,YAAY,GAAG,SAAS,CAAC;AAC/B,MAAM,oBAAoB,GAAG,qBAAqB,CAAC;AASnD,kDAAkD;AAClD,IAAI,YAAY,GAAoC,SAAS,CAAC;AAC9D,IAAI,eAAe,GAAkB,IAAI,CAAC;AAE1C;;;GAGG;AACH,KAAK,UAAU,SAAS;IACtB,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;QAC/B,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,IAAI,CAAC;QACH,yCAAyC;QACzC,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;QACtC,YAAY,GAAG,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC;QACxC,OAAO,YAAY,CAAC;IACtB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,YAAY,GAAG,IAAI,CAAC;QACpB,eAAe,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAEzE,gBAAgB;QAChB,OAAO,CAAC,KAAK,CAAC,4DAA4D,CAAC,CAAC;QAC5E,OAAO,CAAC,KAAK,CAAC,kGAAkG,CAAC,CAAC;QAClH,OAAO,CAAC,KAAK,CAAC,wEAAwE,CAAC,CAAC;QAExF,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB;IACrC,MAAM,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;IACjC,OAAO,MAAM,KAAK,IAAI,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAChC,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;;GAGG;AACH,SAAS,cAAc;IACrB,OAAO,sBAAsB,EAAE,CAAC;AAClC,CAAC;AAkBD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,WAA8B;IAClE,MAAM,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;IACzC,MAAM,MAAM,CAAC,WAAW,CAAC,cAAc,EAAE,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC;IAC/D,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,MAAM,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,cAAc,EAAE,EAAE,YAAY,CAAC,CAAC;QACtE,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAsB,CAAC;IAC/C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,MAAM,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,MAAM,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,YAAY,CAAC,CAAC;AAC/D,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,MAAM,KAAK,GAAG,MAAM,eAAe,EAAE,CAAC;IACtC,OAAO,KAAK,KAAK,IAAI,CAAC;AACxB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,gBAAwB,EAAE;IAC7D,MAAM,KAAK,GAAG,MAAM,eAAe,EAAE,CAAC;IACtC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,OAAO,KAAK,CAAC,SAAS,GAAG,aAAa,IAAI,GAAG,CAAC;AAChD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,0BAA0B,CACxC,KAAoB,EACpB,KAAc;IAEd,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAE1C,OAAO;QACL,WAAW,EAAE,KAAK,CAAC,YAAY;QAC/B,YAAY,EAAE,KAAK,CAAC,aAAa;QACjC,OAAO,EAAE,KAAK,CAAC,QAAQ;QACvB,SAAS,EAAE,GAAG,GAAG,KAAK,CAAC,UAAU;QACjC,KAAK;KACN,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,SAA4D;IAE5D,MAAM,KAAK,GAAG,MAAM,eAAe,EAAE,CAAC;IAEtC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;IACxE,CAAC;IAED,4BAA4B;IAC5B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,GAAG,EAAE,IAAI,GAAG,CAAC,CAAC,mBAAmB;IAElE,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,KAAK,CAAC,WAAW,CAAC;IAC3B,CAAC;IAED,mCAAmC;IACnC,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,8EAA8E,CAAC,CAAC;IAClG,CAAC;IAED,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IAED,OAAO,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAE5D,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAErD,uBAAuB;QACvB,MAAM,QAAQ,GAAG,0BAA0B,CAAC,QAAQ,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;QACnE,+DAA+D;QAC/D,IAAI,CAAC,QAAQ,CAAC,YAAY,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;YACjD,QAAQ,CAAC,YAAY,GAAG,KAAK,CAAC,YAAY,CAAC;QAC7C,CAAC;QACD,MAAM,eAAe,CAAC,QAAQ,CAAC,CAAC;QAEhC,OAAO,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC;QACtD,OAAO,QAAQ,CAAC,WAAW,CAAC;IAC9B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,4BAA4B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACxG,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,OAA0B;IACpE,MAAM,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IACrC,MAAM,MAAM,CAAC,WAAW,CAAC,cAAc,EAAE,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC;IACvE,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB;IACzC,MAAM,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,cAAc,EAAE,EAAE,oBAAoB,CAAC,CAAC;QAC9E,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAsB,CAAC;QAEtD,mBAAmB;QACnB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,IAAI,OAAO,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC;YAC7B,MAAM,sBAAsB,EAAE,CAAC;YAC/B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB;IAC1C,MAAM,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,MAAM,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,oBAAoB,CAAC,CAAC;AACvE,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,SAA4D;IAE5D,MAAM,KAAK,GAAG,MAAM,eAAe,EAAE,CAAC;IAEtC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;IACxE,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;IAC3E,CAAC;IAED,4BAA4B;IAC5B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,GAAG,EAAE,IAAI,GAAG,CAAC,CAAC,mBAAmB;IAElE,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,KAAK,CAAC,OAAO,CAAC;IACvB,CAAC;IAED,mCAAmC;IACnC,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,8EAA8E,CAAC,CAAC;IAClG,CAAC;IAED,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IAED,OAAO,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAExD,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAErD,uBAAuB;QACvB,MAAM,QAAQ,GAAG,0BAA0B,CAAC,QAAQ,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;QACnE,+DAA+D;QAC/D,IAAI,CAAC,QAAQ,CAAC,YAAY,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;YACjD,QAAQ,CAAC,YAAY,GAAG,KAAK,CAAC,YAAY,CAAC;QAC7C,CAAC;QACD,MAAM,eAAe,CAAC,QAAQ,CAAC,CAAC;QAEhC,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;QACrF,CAAC;QAED,OAAO,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC;QACtD,OAAO,QAAQ,CAAC,OAAO,CAAC;IAC1B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,4BAA4B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACxG,CAAC;AACH,CAAC"}

package/dist/clients/hasura-client.d.ts

@@ -0,0 +1,33 @@
+/**
+ * Hasura GraphQL Client
+ * Provides authenticated GraphQL queries with automatic row-level security
+ */
+export declare class HasuraClient {
+    private client;
+    private userEmail;
+    private jwtToken?;
+    /**
+     * Creates a new Hasura client for a specific user
+     *
+     * @param userEmail - Email address for row-level security filtering
+     * @param jwtToken - Optional JWT token for authorization
+     */
+    constructor(userEmail: string, jwtToken?: string);
+    /**
+     * Execute a GraphQL query
+     *
+     * @param query - GraphQL query string
+     * @param variables - Query variables
+     * @returns Query result
+     */
+    query<T = any>(query: string, variables?: Record<string, any>): Promise<T>;
+    /**
+     * Get the user email this client is scoped to
+     */
+    getUserEmail(): string;
+    /**
+     * Create a new client for a different user
+     */
+    static forUser(userEmail: string, jwtToken?: string): HasuraClient;
+}
+//# sourceMappingURL=hasura-client.d.ts.map

package/dist/clients/hasura-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hasura-client.d.ts","sourceRoot":"","sources":["../../src/clients/hasura-client.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,qBAAa,YAAY;IACvB,OAAO,CAAC,MAAM,CAAgB;IAC9B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,CAAS;IAE1B;;;;;OAKG;gBACS,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM;IAuChD;;;;;;OAMG;IACG,KAAK,CAAC,CAAC,GAAG,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAUhF;;OAEG;IACH,YAAY,IAAI,MAAM;IAItB;;OAEG;IACH,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,YAAY;CAGnE"}

package/dist/clients/hasura-client.js

@@ -0,0 +1,79 @@
+/**
+ * Hasura GraphQL Client
+ * Provides authenticated GraphQL queries with automatic row-level security
+ */
+import { GraphQLClient } from 'graphql-request';
+import { getEnvironment } from '../config/environments.js';
+export class HasuraClient {
+    client;
+    userEmail;
+    jwtToken;
+    /**
+     * Creates a new Hasura client for a specific user
+     *
+     * @param userEmail - Email address for row-level security filtering
+     * @param jwtToken - Optional JWT token for authorization
+     */
+    constructor(userEmail, jwtToken) {
+        const env = getEnvironment();
+        const endpoint = process.env.HASURA_GRAPHQL_ENDPOINT || env.hasuraEndpoint;
+        this.userEmail = userEmail;
+        this.jwtToken = jwtToken;
+        // Build headers
+        const headers = {
+            'Content-Type': 'application/json',
+            'X-Hasura-Role': 'user',
+            'X-Hasura-Email': userEmail
+        };
+        // JWT token is REQUIRED for security - never fallback to admin secret
+        if (!jwtToken) {
+            throw new Error('JWT token is required for Hasura authentication. Cannot use admin secret for user queries.');
+        }
+        headers['Authorization'] = `Bearer ${jwtToken}`;
+        // Debug: Log headers being sent (in debug mode)
+        if (process.env.LOG_LEVEL === 'debug') {
+            console.error('[HasuraClient] Creating client for user:', userEmail);
+            console.error('[HasuraClient] Headers:', {
+                'X-Hasura-Role': headers['X-Hasura-Role'],
+                'X-Hasura-Email': headers['X-Hasura-Email'],
+                'Authorization': `Bearer ${jwtToken.substring(0, 20)}...`
+            });
+        }
+        // Create GraphQL client with Hasura session variables
+        // Use native fetch from Node.js 18+
+        this.client = new GraphQLClient(endpoint, {
+            headers,
+            fetch: fetch // Use global fetch from Node.js
+        });
+    }
+    /**
+     * Execute a GraphQL query
+     *
+     * @param query - GraphQL query string
+     * @param variables - Query variables
+     * @returns Query result
+     */
+    async query(query, variables) {
+        try {
+            return await this.client.request(query, variables);
+        }
+        catch (error) {
+            // Enhance error message with context
+            const message = error.response?.errors?.[0]?.message || error.message;
+            throw new Error(`GraphQL query failed: ${message}`);
+        }
+    }
+    /**
+     * Get the user email this client is scoped to
+     */
+    getUserEmail() {
+        return this.userEmail;
+    }
+    /**
+     * Create a new client for a different user
+     */
+    static forUser(userEmail, jwtToken) {
+        return new HasuraClient(userEmail, jwtToken);
+    }
+}
+//# sourceMappingURL=hasura-client.js.map

package/dist/clients/hasura-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hasura-client.js","sourceRoot":"","sources":["../../src/clients/hasura-client.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAE3D,MAAM,OAAO,YAAY;IACf,MAAM,CAAgB;IACtB,SAAS,CAAS;IAClB,QAAQ,CAAU;IAE1B;;;;;OAKG;IACH,YAAY,SAAiB,EAAE,QAAiB;QAC9C,MAAM,GAAG,GAAG,cAAc,EAAE,CAAC;QAC7B,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,IAAI,GAAG,CAAC,cAAc,CAAC;QAE3E,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,gBAAgB;QAChB,MAAM,OAAO,GAA2B;YACtC,cAAc,EAAE,kBAAkB;YAClC,eAAe,EAAE,MAAM;YACvB,gBAAgB,EAAE,SAAS;SAC5B,CAAC;QAEF,sEAAsE;QACtE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;QAChH,CAAC;QAED,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,QAAQ,EAAE,CAAC;QAEhD,gDAAgD;QAChD,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,OAAO,EAAE,CAAC;YACtC,OAAO,CAAC,KAAK,CAAC,0CAA0C,EAAE,SAAS,CAAC,CAAC;YACrE,OAAO,CAAC,KAAK,CAAC,yBAAyB,EAAE;gBACvC,eAAe,EAAE,OAAO,CAAC,eAAe,CAAC;gBACzC,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,CAAC;gBAC3C,eAAe,EAAE,UAAU,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK;aAC1D,CAAC,CAAC;QACL,CAAC;QAED,sDAAsD;QACtD,oCAAoC;QACpC,IAAI,CAAC,MAAM,GAAG,IAAI,aAAa,CAAC,QAAQ,EAAE;YACxC,OAAO;YACP,KAAK,EAAE,KAAK,CAAC,gCAAgC;SAC9C,CAAC,CAAC;IACL,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,KAAK,CAAU,KAAa,EAAE,SAA+B;QACjE,IAAI,CAAC;YACH,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAI,KAAK,EAAE,SAAS,CAAC,CAAC;QACxD,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,qCAAqC;YACrC,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,KAAK,CAAC,OAAO,CAAC;YACtE,MAAM,IAAI,KAAK,CAAC,yBAAyB,OAAO,EAAE,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAED;;OAEG;IACH,YAAY;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,OAAO,CAAC,SAAiB,EAAE,QAAiB;QACjD,OAAO,IAAI,YAAY,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAC/C,CAAC;CACF"}

package/dist/config/environments.d.ts

@@ -0,0 +1,51 @@
+/**
+ * Environment Configuration
+ *
+ * Supports multiple Acuity environments via ACUITY_ENV environment variable.
+ * Each environment has its own Hasura endpoint, Auth0 tenant, and keychain storage.
+ *
+ * ACUITY_ENV is REQUIRED - there is no default environment.
+ * Users must specify which environment to connect to.
+ */
+export interface EnvironmentConfig {
+    id: string;
+    name: string;
+    hasuraEndpoint: string;
+    auth0Domain: string;
+    auth0ClientId: string;
+}
+/**
+ * All available Acuity environments
+ *
+ * MCP Client IDs marked as TODO need to be created in Auth0:
+ * 1. Go to Auth0 Dashboard → Applications → Create Application
+ * 2. Name: "Acuity MCP Server"
+ * 3. Type: Native
+ * 4. Enable Grant Types: Device Code, Refresh Token
+ * 5. Copy Client ID here
+ */
+export declare const ENVIRONMENTS: Record<string, EnvironmentConfig>;
+/**
+ * Get the current environment name from ACUITY_ENV
+ * Throws if ACUITY_ENV is not set - environment selection is required
+ */
+export declare function getEnvironmentName(): string;
+/**
+ * Get the current environment configuration
+ * Throws if environment is not found
+ */
+export declare function getEnvironment(): EnvironmentConfig;
+/**
+ * Get the keychain service name for the current environment
+ * Format: acuity-mcp-{env}
+ */
+export declare function getKeychainServiceName(): string;
+/**
+ * List all available environments (for help/status commands)
+ */
+export declare function listEnvironments(): EnvironmentConfig[];
+/**
+ * Check if an environment is fully configured (has Auth0 Client ID)
+ */
+export declare function isEnvironmentConfigured(envId: string): boolean;
+//# sourceMappingURL=environments.d.ts.map

package/dist/config/environments.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"environments.d.ts","sourceRoot":"","sources":["../../src/config/environments.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,iBAAiB,CA2G1D,CAAC;AAEF;;;GAGG;AACH,wBAAgB,kBAAkB,IAAI,MAAM,CAgB3C;AAED;;;GAGG;AACH,wBAAgB,cAAc,IAAI,iBAAiB,CAuBlD;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,IAAI,MAAM,CAE/C;AAED;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,iBAAiB,EAAE,CAEtD;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAG9D"}

package/dist/config/environments.js

@@ -0,0 +1,183 @@
+/**
+ * Environment Configuration
+ *
+ * Supports multiple Acuity environments via ACUITY_ENV environment variable.
+ * Each environment has its own Hasura endpoint, Auth0 tenant, and keychain storage.
+ *
+ * ACUITY_ENV is REQUIRED - there is no default environment.
+ * Users must specify which environment to connect to.
+ */
+/**
+ * All available Acuity environments
+ *
+ * MCP Client IDs marked as TODO need to be created in Auth0:
+ * 1. Go to Auth0 Dashboard → Applications → Create Application
+ * 2. Name: "Acuity MCP Server"
+ * 3. Type: Native
+ * 4. Enable Grant Types: Device Code, Refresh Token
+ * 5. Copy Client ID here
+ */
+export const ENVIRONMENTS = {
+    // ============================================
+    // US Region
+    // ============================================
+    'US-1': {
+        id: 'US-1',
+        name: 'Production US',
+        hasuraEndpoint: 'https://hasura-prod.acuityppm.link/v1/graphql',
+        auth0Domain: 'acuityppm.auth0.com',
+        auth0ClientId: 'w1nhNpUEdSybNrJaHfeKNlLv6yQ5UuTA',
+    },
+    'US-staging': {
+        id: 'US-staging',
+        name: 'Staging US',
+        hasuraEndpoint: 'https://hasura-staging.acuityppm.link/v1/graphql',
+        auth0Domain: 'acuityppm.auth0.com',
+        auth0ClientId: 'w1nhNpUEdSybNrJaHfeKNlLv6yQ5UuTA',
+    },
+    'US-2': {
+        id: 'US-2',
+        name: 'CAAT',
+        hasuraEndpoint: 'https://hasura-caat.acuityppm.link/v1/graphql',
+        auth0Domain: 'caat-ppm.us.auth0.com',
+        auth0ClientId: 'jLC3FAQebNzDcaUZmBRtCxw4xJOmgo25',
+    },
+    'US-3': {
+        id: 'US-3',
+        name: 'Members 1st',
+        hasuraEndpoint: 'https://hasura-members1st.acuityppm.link/v1/graphql',
+        auth0Domain: 'acuity-members1st.us.auth0.com',
+        auth0ClientId: 'vNYlDJL85gk379NzcMI2dfw4d6sPOngQ',
+    },
+    'US-5': {
+        id: 'US-5',
+        name: 'Geelong Port',
+        hasuraEndpoint: 'https://hasura-geelongport.acuityppm.link/v1/graphql',
+        auth0Domain: 'acuity-geelongport.us.auth0.com',
+        auth0ClientId: 'JF7MR6diZRpoR70xYNqZsQHptP4GJB49',
+    },
+    'US-6': {
+        id: 'US-6',
+        name: 'Hypertherm',
+        hasuraEndpoint: 'https://hasura-hypertherm.acuityppm.link/v1/graphql',
+        auth0Domain: 'acuity-hypertherm.us.auth0.com',
+        auth0ClientId: 'S8ZSktKYrtl8pZ8N0H1toXRRMDDapYLN',
+    },
+    'US-7': {
+        id: 'US-7',
+        name: 'Wannon Water',
+        hasuraEndpoint: 'https://hasura-wannonwater.acuityppm.link/v1/graphql',
+        auth0Domain: 'acuityppm-wannonwater.us.auth0.com',
+        auth0ClientId: '2vdIA8X7q3oWqT1eFnozOO06Vt3Qi5OZ',
+    },
+    // ============================================
+    // EU Region
+    // ============================================
+    'EU-1': {
+        id: 'EU-1',
+        name: 'Production EU',
+        hasuraEndpoint: 'https://hasura-eu.acuityppm.link/v1/graphql',
+        auth0Domain: 'acuityppm-eu.eu.auth0.com',
+        auth0ClientId: 'MIwZGLZHThyBGcRuMseAkmo5O6ZxwCBq',
+    },
+    'EU-2': {
+        id: 'EU-2',
+        name: 'MAI',
+        hasuraEndpoint: 'https://hasura-mai.acuityppm.link/v1/graphql',
+        auth0Domain: 'acuityppm-mai.eu.auth0.com',
+        auth0ClientId: 'ygp8UJhG16vm1dGx4uChlS0mBqGyO6YP',
+    },
+    'EU-3': {
+        id: 'EU-3',
+        name: 'Westfund',
+        hasuraEndpoint: 'https://hasura-westfund.acuityppm.link/v1/graphql',
+        auth0Domain: 'acuity-westfund.us.auth0.com',
+        auth0ClientId: 'q3QdV4YOVATWnK728eSNEknExOiVlbhP',
+    },
+    'EU-4': {
+        id: 'EU-4',
+        name: 'SMBC Group',
+        hasuraEndpoint: 'https://hasura-smbcgroup.acuityppm.link/v1/graphql',
+        auth0Domain: 'acuityppm-smbc.eu.auth0.com',
+        auth0ClientId: 'J031PmZXSFDVFhO6CuJxowQy5YfcLOHe',
+    },
+    // ============================================
+    // UAE Region
+    // ============================================
+    'UAE-1': {
+        id: 'UAE-1',
+        name: 'Production UAE',
+        hasuraEndpoint: 'https://hasura-uae.acuityppm.link/v1/graphql',
+        auth0Domain: 'acuity-uae.eu.auth0.com',
+        auth0ClientId: 'L9PvXQa31UYzWQe2bU2f2mnRuAvDtfb2',
+    },
+    // ============================================
+    // Development (local)
+    // ============================================
+    'dev': {
+        id: 'dev',
+        name: 'Local Development',
+        hasuraEndpoint: 'http://localhost:8080/v1/graphql',
+        auth0Domain: 'acuityppm.auth0.com',
+        auth0ClientId: 'w1nhNpUEdSybNrJaHfeKNlLv6yQ5UuTA',
+    },
+};
+/**
+ * Get the current environment name from ACUITY_ENV
+ * Throws if ACUITY_ENV is not set - environment selection is required
+ */
+export function getEnvironmentName() {
+    const envName = process.env.ACUITY_ENV;
+    if (!envName) {
+        const available = Object.keys(ENVIRONMENTS).join(', ');
+        throw new Error(`ACUITY_ENV environment variable is required.\n` +
+            `Available environments: ${available}\n\n` +
+            `Set it in your MCP client config:\n` +
+            `  "env": { "ACUITY_ENV": "US-1" }\n\n` +
+            `Or via command line:\n` +
+            `  ACUITY_ENV=US-1 npx acuity-mcp-server`);
+    }
+    return envName;
+}
+/**
+ * Get the current environment configuration
+ * Throws if environment is not found
+ */
+export function getEnvironment() {
+    const envName = getEnvironmentName();
+    const config = ENVIRONMENTS[envName];
+    if (!config) {
+        const available = Object.keys(ENVIRONMENTS).join(', ');
+        throw new Error(`Unknown environment: "${envName}".\n` +
+            `Available environments: ${available}`);
+    }
+    // Check if Auth0 Client ID is configured
+    if (config.auth0ClientId === 'TODO') {
+        throw new Error(`Environment "${envName}" is not fully configured.\n` +
+            `Missing Auth0 MCP Client ID for tenant: ${config.auth0Domain}\n\n` +
+            `To fix: Create a Native Application in Auth0 with Device Code grant enabled,\n` +
+            `then add the Client ID to environments.ts`);
+    }
+    return config;
+}
+/**
+ * Get the keychain service name for the current environment
+ * Format: acuity-mcp-{env}
+ */
+export function getKeychainServiceName() {
+    return `acuity-mcp-${getEnvironmentName()}`;
+}
+/**
+ * List all available environments (for help/status commands)
+ */
+export function listEnvironments() {
+    return Object.values(ENVIRONMENTS);
+}
+/**
+ * Check if an environment is fully configured (has Auth0 Client ID)
+ */
+export function isEnvironmentConfigured(envId) {
+    const config = ENVIRONMENTS[envId];
+    return config !== undefined && config.auth0ClientId !== 'TODO';
+}
+//# sourceMappingURL=environments.js.map

package/dist/config/environments.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"environments.js","sourceRoot":"","sources":["../../src/config/environments.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAUH;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,YAAY,GAAsC;IAC7D,+CAA+C;IAC/C,YAAY;IACZ,+CAA+C;IAC/C,MAAM,EAAE;QACN,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,eAAe;QACrB,cAAc,EAAE,+CAA+C;QAC/D,WAAW,EAAE,qBAAqB;QAClC,aAAa,EAAE,kCAAkC;KAClD;IACD,YAAY,EAAE;QACZ,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,YAAY;QAClB,cAAc,EAAE,kDAAkD;QAClE,WAAW,EAAE,qBAAqB;QAClC,aAAa,EAAE,kCAAkC;KAClD;IACD,MAAM,EAAE;QACN,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,MAAM;QACZ,cAAc,EAAE,+CAA+C;QAC/D,WAAW,EAAE,uBAAuB;QACpC,aAAa,EAAE,kCAAkC;KAClD;IACD,MAAM,EAAE;QACN,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,aAAa;QACnB,cAAc,EAAE,qDAAqD;QACrE,WAAW,EAAE,gCAAgC;QAC7C,aAAa,EAAE,kCAAkC;KAClD;IACD,MAAM,EAAE;QACN,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,cAAc;QACpB,cAAc,EAAE,sDAAsD;QACtE,WAAW,EAAE,iCAAiC;QAC9C,aAAa,EAAE,kCAAkC;KAClD;IACD,MAAM,EAAE;QACN,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,YAAY;QAClB,cAAc,EAAE,qDAAqD;QACrE,WAAW,EAAE,gCAAgC;QAC7C,aAAa,EAAE,kCAAkC;KAClD;IACD,MAAM,EAAE;QACN,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,cAAc;QACpB,cAAc,EAAE,sDAAsD;QACtE,WAAW,EAAE,oCAAoC;QACjD,aAAa,EAAE,kCAAkC;KAClD;IAED,+CAA+C;IAC/C,YAAY;IACZ,+CAA+C;IAC/C,MAAM,EAAE;QACN,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,eAAe;QACrB,cAAc,EAAE,6CAA6C;QAC7D,WAAW,EAAE,2BAA2B;QACxC,aAAa,EAAE,kCAAkC;KAClD;IACD,MAAM,EAAE;QACN,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,KAAK;QACX,cAAc,EAAE,8CAA8C;QAC9D,WAAW,EAAE,4BAA4B;QACzC,aAAa,EAAE,kCAAkC;KAClD;IACD,MAAM,EAAE;QACN,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,UAAU;QAChB,cAAc,EAAE,mDAAmD;QACnE,WAAW,EAAE,8BAA8B;QAC3C,aAAa,EAAE,kCAAkC;KAClD;IACD,MAAM,EAAE;QACN,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,YAAY;QAClB,cAAc,EAAE,oDAAoD;QACpE,WAAW,EAAE,6BAA6B;QAC1C,aAAa,EAAE,kCAAkC;KAClD;IAED,+CAA+C;IAC/C,aAAa;IACb,+CAA+C;IAC/C,OAAO,EAAE;QACP,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,gBAAgB;QACtB,cAAc,EAAE,8CAA8C;QAC9D,WAAW,EAAE,yBAAyB;QACtC,aAAa,EAAE,kCAAkC;KAClD;IAED,+CAA+C;IAC/C,sBAAsB;IACtB,+CAA+C;IAC/C,KAAK,EAAE;QACL,EAAE,EAAE,KAAK;QACT,IAAI,EAAE,mBAAmB;QACzB,cAAc,EAAE,kCAAkC;QAClD,WAAW,EAAE,qBAAqB;QAClC,aAAa,EAAE,kCAAkC;KAClD;CACF,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,kBAAkB;IAChC,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;IAEvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,IAAI,KAAK,CACb,gDAAgD;YAChD,2BAA2B,SAAS,MAAM;YAC1C,qCAAqC;YACrC,uCAAuC;YACvC,wBAAwB;YACxB,yCAAyC,CAC1C,CAAC;IACJ,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,cAAc;IAC5B,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAC;IACrC,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IAErC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,IAAI,KAAK,CACb,yBAAyB,OAAO,MAAM;YACtC,2BAA2B,SAAS,EAAE,CACvC,CAAC;IACJ,CAAC;IAED,yCAAyC;IACzC,IAAI,MAAM,CAAC,aAAa,KAAK,MAAM,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CACb,gBAAgB,OAAO,8BAA8B;YACrD,2CAA2C,MAAM,CAAC,WAAW,MAAM;YACnE,gFAAgF;YAChF,2CAA2C,CAC5C,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB;IACpC,OAAO,cAAc,kBAAkB,EAAE,EAAE,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB;IAC9B,OAAO,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;AACrC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CAAC,KAAa;IACnD,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;IACnC,OAAO,MAAM,KAAK,SAAS,IAAI,MAAM,CAAC,aAAa,KAAK,MAAM,CAAC;AACjE,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,7 @@
+#!/usr/bin/env node
+/**
+ * Acuity MCP Server
+ * Enables LLM access to Acuity project management data
+ */
+import 'dotenv/config';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;GAGG;AAGH,OAAO,eAAe,CAAC"}