amplitude-cli 0.3.0

package/dist/utils/oauth.js

@@ -0,0 +1,344 @@
+/**
+ * OAuth 2.0 utilities for Amplitude MCP server.
+ * Handles:
+ *   - Dynamic client registration
+ *   - Authorization code flow with PKCE (S256)
+ *   - Token storage and refresh
+ *   - Local callback server
+ */
+import { createServer } from "node:http";
+import { randomBytes, createHash } from "node:crypto";
+import { readFileSync, writeFileSync, chmodSync } from "node:fs";
+import { join } from "node:path";
+import { homedir } from "node:os";
+const MCP_REGIONS = {
+    us: "https://mcp.amplitude.com",
+    eu: "https://mcp.eu.amplitude.com",
+};
+const CALLBACK_PORT = 8900;
+const CALLBACK_PATH = "/callback";
+const SCOPES = "mcp:read mcp:write offline_access";
+function configPath() {
+    return join(homedir(), ".amplituderc");
+}
+/**
+ * Read the full config file (may contain apiKey/secretKey AND/OR oauth).
+ */
+export function readConfig() {
+    try {
+        return JSON.parse(readFileSync(configPath(), "utf-8"));
+    }
+    catch {
+        return {};
+    }
+}
+/**
+ * Write config, preserving existing fields.
+ */
+export function writeConfig(updates) {
+    const existing = readConfig();
+    const merged = { ...existing, ...updates };
+    writeFileSync(configPath(), JSON.stringify(merged, null, 2) + "\n", "utf-8");
+    chmodSync(configPath(), 0o600);
+}
+/**
+ * Get stored OAuth tokens if they exist.
+ */
+export function getOAuthConfig() {
+    const config = readConfig();
+    if (config.oauth && typeof config.oauth === "object") {
+        return config.oauth;
+    }
+    return null;
+}
+/**
+ * Check if an OAuth token is available from any source.
+ * Does NOT throw — returns true/false.
+ */
+export function hasOAuthToken() {
+    if (process.env.AMPLITUDE_ACCESS_TOKEN || process.env.AMPLITUDE_OAUTH_TOKEN)
+        return true;
+    const oauth = getOAuthConfig();
+    return !!(oauth?.tokens?.access_token);
+}
+/**
+ * Get a valid access token. Checks sources in order:
+ *   1. AMPLITUDE_ACCESS_TOKEN (or AMPLITUDE_OAUTH_TOKEN) env var (injected by OpenClaw/Masterclaw via Nango)
+ *   2. AMPLITUDE_OAUTH_REFRESH_TOKEN env var (for auto-refresh via env)
+ *   3. ~/.amplituderc oauth config (from `amp auth login`)
+ *
+ * Env vars take priority — this is the managed-environment path where
+ * Masterclaw handles OAuth via Nango and injects tokens through
+ * openclaw.json → skills.entries.amplitude.env.
+ */
+export async function getAccessToken(region = "us") {
+    // 1. Check env var (managed environment — Masterclaw/Nango injects this)
+    const envToken = process.env.AMPLITUDE_ACCESS_TOKEN || process.env.AMPLITUDE_OAUTH_TOKEN;
+    if (envToken) {
+        return envToken;
+    }
+    // 2. Check config file (self-serve — `amp auth login`)
+    const oauth = getOAuthConfig();
+    if (!oauth?.tokens?.access_token) {
+        throw new Error("Not logged in. Run 'amp auth login' to authenticate with Amplitude.");
+    }
+    // Check if token is expired (with 60s buffer)
+    if (oauth.tokens.expires_at && Date.now() > oauth.tokens.expires_at - 60_000) {
+        // Try env refresh token first (managed environment may provide this)
+        const envRefresh = process.env.AMPLITUDE_OAUTH_REFRESH_TOKEN;
+        const refreshToken = envRefresh || oauth.tokens.refresh_token;
+        if (!refreshToken) {
+            throw new Error("Access token expired and no refresh token available. Run 'amp auth login' again.");
+        }
+        console.error("Access token expired, refreshing...");
+        const newTokens = await refreshTokens(oauth.client_id, refreshToken, region);
+        // Save refreshed tokens (only to file, not env)
+        writeConfig({
+            oauth: {
+                ...oauth,
+                tokens: {
+                    ...newTokens,
+                    expires_at: Date.now() + (newTokens.expires_in ?? 3600) * 1000,
+                },
+            },
+        });
+        return newTokens.access_token;
+    }
+    return oauth.tokens.access_token;
+}
+/**
+ * Get MCP base URL for region.
+ */
+export function getMcpBaseUrl(region = "us") {
+    return MCP_REGIONS[region] || MCP_REGIONS.us;
+}
+/**
+ * Register a dynamic OAuth client with the MCP server.
+ */
+async function registerClient(region) {
+    const baseUrl = getMcpBaseUrl(region);
+    const res = await fetch(`${baseUrl}/register`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+            client_name: "amplitude-cli",
+            redirect_uris: [`http://localhost:${CALLBACK_PORT}${CALLBACK_PATH}`],
+            grant_types: ["authorization_code", "refresh_token"],
+            response_types: ["code"],
+            scope: SCOPES,
+            token_endpoint_auth_method: "none",
+        }),
+    });
+    if (!res.ok) {
+        const body = await res.text();
+        throw new Error(`Client registration failed (${res.status}): ${body}`);
+    }
+    return (await res.json());
+}
+/**
+ * Generate PKCE code_verifier and code_challenge.
+ */
+function generatePKCE() {
+    const verifier = randomBytes(32)
+        .toString("base64url")
+        .replace(/[^a-zA-Z0-9\-._~]/g, "")
+        .slice(0, 128);
+    const challenge = createHash("sha256").update(verifier).digest("base64url");
+    return { verifier, challenge };
+}
+/**
+ * Exchange authorization code for tokens.
+ */
+async function exchangeCode(clientId, code, codeVerifier, region) {
+    const baseUrl = getMcpBaseUrl(region);
+    const res = await fetch(`${baseUrl}/token`, {
+        method: "POST",
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: new URLSearchParams({
+            grant_type: "authorization_code",
+            client_id: clientId,
+            code,
+            code_verifier: codeVerifier,
+            redirect_uri: `http://localhost:${CALLBACK_PORT}${CALLBACK_PATH}`,
+        }),
+    });
+    if (!res.ok) {
+        const body = await res.text();
+        throw new Error(`Token exchange failed (${res.status}): ${body}`);
+    }
+    return (await res.json());
+}
+/**
+ * Refresh an expired access token.
+ */
+async function refreshTokens(clientId, refreshToken, region) {
+    const baseUrl = getMcpBaseUrl(region);
+    const res = await fetch(`${baseUrl}/token`, {
+        method: "POST",
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: new URLSearchParams({
+            grant_type: "refresh_token",
+            client_id: clientId,
+            refresh_token: refreshToken,
+        }),
+    });
+    if (!res.ok) {
+        const body = await res.text();
+        throw new Error(`Token refresh failed (${res.status}): ${body}`);
+    }
+    return (await res.json());
+}
+/**
+ * Start a local HTTP server to catch the OAuth callback.
+ */
+function waitForCallback() {
+    return new Promise((resolve, reject) => {
+        const server = createServer((req, res) => {
+            const url = new URL(req.url || "/", `http://localhost:${CALLBACK_PORT}`);
+            if (url.pathname !== CALLBACK_PATH) {
+                res.writeHead(404);
+                res.end("Not found");
+                return;
+            }
+            const code = url.searchParams.get("code");
+            const state = url.searchParams.get("state");
+            const error = url.searchParams.get("error");
+            if (error) {
+                const desc = url.searchParams.get("error_description") || error;
+                res.writeHead(200, { "Content-Type": "text/html" });
+                res.end(`
+          <html><body style="font-family:system-ui;text-align:center;padding:60px">
+            <h2>❌ Authentication Failed</h2>
+            <p>${desc}</p>
+            <p>You can close this tab.</p>
+          </body></html>
+        `);
+                server.close();
+                reject(new Error(`OAuth error: ${desc}`));
+                return;
+            }
+            if (!code || !state) {
+                res.writeHead(400);
+                res.end("Missing code or state");
+                return;
+            }
+            res.writeHead(200, { "Content-Type": "text/html" });
+            res.end(`
+        <html><body style="font-family:system-ui;text-align:center;padding:60px">
+          <h2>✅ Authenticated with Amplitude</h2>
+          <p>You can close this tab and return to the terminal.</p>
+        </body></html>
+      `);
+            server.close();
+            resolve({ code, state });
+        });
+        server.listen(CALLBACK_PORT, "127.0.0.1", () => {
+            // Server ready
+        });
+        // Timeout after 5 minutes
+        setTimeout(() => {
+            server.close();
+            reject(new Error("OAuth callback timed out (5 minutes). Try again."));
+        }, 5 * 60 * 1000);
+    });
+}
+/**
+ * Run the full OAuth login flow.
+ * Returns the stored OAuth config.
+ */
+export async function login(region = "us") {
+    // 1. Register a client (or reuse existing)
+    const existing = getOAuthConfig();
+    let clientId;
+    if (existing?.client_id && existing?.region === region) {
+        clientId = existing.client_id;
+        console.error("Using existing OAuth client registration.");
+    }
+    else {
+        console.error("Registering OAuth client with Amplitude...");
+        const reg = await registerClient(region);
+        clientId = reg.client_id;
+        console.error(`Registered client: ${clientId}`);
+    }
+    // 2. Generate PKCE challenge
+    const { verifier, challenge } = generatePKCE();
+    const state = randomBytes(16).toString("hex");
+    // 3. Build authorization URL
+    const baseUrl = getMcpBaseUrl(region);
+    const authUrl = new URL(`${baseUrl}/authorize`);
+    authUrl.searchParams.set("client_id", clientId);
+    authUrl.searchParams.set("redirect_uri", `http://localhost:${CALLBACK_PORT}${CALLBACK_PATH}`);
+    authUrl.searchParams.set("response_type", "code");
+    authUrl.searchParams.set("scope", SCOPES);
+    authUrl.searchParams.set("state", state);
+    authUrl.searchParams.set("code_challenge", challenge);
+    authUrl.searchParams.set("code_challenge_method", "S256");
+    // 4. Start callback server and open browser
+    console.error(`\nOpening browser for Amplitude login...\n`);
+    console.error(`If the browser doesn't open, visit:\n${authUrl.toString()}\n`);
+    const callbackPromise = waitForCallback();
+    // Try to open the browser (best-effort)
+    try {
+        const { exec } = await import("node:child_process");
+        const cmd = process.platform === "darwin"
+            ? `open "${authUrl.toString()}"`
+            : process.platform === "win32"
+                ? `start "${authUrl.toString()}"`
+                : `xdg-open "${authUrl.toString()}" 2>/dev/null || echo "${authUrl.toString()}"`;
+        exec(cmd);
+    }
+    catch {
+        // Browser open failed — user can copy the URL
+    }
+    // 5. Wait for callback
+    const { code, state: returnedState } = await callbackPromise;
+    if (returnedState !== state) {
+        throw new Error("OAuth state mismatch — possible CSRF attack. Try again.");
+    }
+    // 6. Exchange code for tokens
+    console.error("Exchanging authorization code for tokens...");
+    const tokens = await exchangeCode(clientId, code, verifier, region);
+    // 7. Save
+    const oauthConfig = {
+        client_id: clientId,
+        region,
+        tokens: {
+            ...tokens,
+            expires_at: Date.now() + (tokens.expires_in ?? 3600) * 1000,
+        },
+    };
+    writeConfig({ oauth: oauthConfig });
+    console.error("✓ Logged in and tokens saved to ~/.amplituderc");
+    return oauthConfig;
+}
+/**
+ * Revoke tokens and clear OAuth config.
+ */
+export async function logout() {
+    const oauth = getOAuthConfig();
+    if (!oauth?.tokens) {
+        console.error("Not logged in.");
+        return;
+    }
+    // Best-effort revoke
+    try {
+        const baseUrl = getMcpBaseUrl(oauth.region);
+        await fetch(`${baseUrl}/revoke`, {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: new URLSearchParams({
+                client_id: oauth.client_id,
+                token: oauth.tokens.refresh_token || oauth.tokens.access_token,
+            }),
+        });
+    }
+    catch {
+        // Revocation is best-effort
+    }
+    // Clear OAuth from config (keep apiKey/secretKey if present)
+    const config = readConfig();
+    delete config.oauth;
+    writeFileSync(configPath(), JSON.stringify(config, null, 2) + "\n", "utf-8");
+    console.error("✓ Logged out. OAuth tokens removed.");
+}
+//# sourceMappingURL=oauth.js.map

package/dist/utils/oauth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../src/utils/oauth.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,YAAY,EAA6C,MAAM,WAAW,CAAC;AACpF,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AACjE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAElC,MAAM,WAAW,GAA2B;IAC1C,EAAE,EAAE,2BAA2B;IAC/B,EAAE,EAAE,8BAA8B;CACnC,CAAC;AAEF,MAAM,aAAa,GAAG,IAAI,CAAC;AAC3B,MAAM,aAAa,GAAG,WAAW,CAAC;AAClC,MAAM,MAAM,GAAG,mCAAmC,CAAC;AAiBnD,SAAS,UAAU;IACjB,OAAO,IAAI,CAAC,OAAO,EAAE,EAAE,cAAc,CAAC,CAAC;AACzC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU;IACxB,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,OAAgC;IAC1D,MAAM,QAAQ,GAAG,UAAU,EAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,EAAE,CAAC;IAC3C,aAAa,CAAC,UAAU,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;IAC7E,SAAS,CAAC,UAAU,EAAE,EAAE,KAAK,CAAC,CAAC;AACjC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc;IAC5B,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,IAAI,MAAM,CAAC,KAAK,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QACrD,OAAO,MAAM,CAAC,KAAoB,CAAC;IACrC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa;IAC3B,IAAI,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI,OAAO,CAAC,GAAG,CAAC,qBAAqB;QAAE,OAAO,IAAI,CAAC;IACzF,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC;AACzC,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,SAAiB,IAAI;IACxD,yEAAyE;IACzE,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC;IACzF,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,uDAAuD;IACvD,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CACb,qEAAqE,CACtE,CAAC;IACJ,CAAC;IAED,8CAA8C;IAC9C,IAAI,KAAK,CAAC,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC,UAAU,GAAG,MAAM,EAAE,CAAC;QAC7E,qEAAqE;QACrE,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;QAC7D,MAAM,YAAY,GAAG,UAAU,IAAI,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC;QAE9D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACrD,MAAM,SAAS,GAAG,MAAM,aAAa,CACnC,KAAK,CAAC,SAAS,EACf,YAAY,EACZ,MAAM,CACP,CAAC;QACF,gDAAgD;QAChD,WAAW,CAAC;YACV,KAAK,EAAE;gBACL,GAAG,KAAK;gBACR,MAAM,EAAE;oBACN,GAAG,SAAS;oBACZ,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,SAAS,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,IAAI;iBAC/D;aACF;SACF,CAAC,CAAC;QACH,OAAO,SAAS,CAAC,YAAY,CAAC;IAChC,CAAC;IAED,OAAO,KAAK,CAAC,MAAM,CAAC,YAAY,CAAC;AACnC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,SAAiB,IAAI;IACjD,OAAO,WAAW,CAAC,MAAM,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,cAAc,CAC3B,MAAc;IAEd,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,WAAW,EAAE;QAC7C,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;QAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,WAAW,EAAE,eAAe;YAC5B,aAAa,EAAE,CAAC,oBAAoB,aAAa,GAAG,aAAa,EAAE,CAAC;YACpE,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;YACpD,cAAc,EAAE,CAAC,MAAM,CAAC;YACxB,KAAK,EAAE,MAAM;YACb,0BAA0B,EAAE,MAAM;SACnC,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,+BAA+B,GAAG,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IACzE,CAAC;IAED,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA0B,CAAC;AACrD,CAAC;AAED;;GAEG;AACH,SAAS,YAAY;IACnB,MAAM,QAAQ,GAAG,WAAW,CAAC,EAAE,CAAC;SAC7B,QAAQ,CAAC,WAAW,CAAC;SACrB,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC;SACjC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACjB,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IAC5E,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;AACjC,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,YAAY,CACzB,QAAgB,EAChB,IAAY,EACZ,YAAoB,EACpB,MAAc;IAEd,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,QAAQ,EAAE;QAC1C,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,UAAU,EAAE,oBAAoB;YAChC,SAAS,EAAE,QAAQ;YACnB,IAAI;YACJ,aAAa,EAAE,YAAY;YAC3B,YAAY,EAAE,oBAAoB,aAAa,GAAG,aAAa,EAAE;SAClE,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IACpE,CAAC;IAED,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAgB,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,aAAa,CAC1B,QAAgB,EAChB,YAAoB,EACpB,MAAc;IAEd,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,QAAQ,EAAE;QAC1C,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,UAAU,EAAE,eAAe;YAC3B,SAAS,EAAE,QAAQ;YACnB,aAAa,EAAE,YAAY;SAC5B,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IACnE,CAAC;IAED,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAgB,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,SAAS,eAAe;IACtB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,YAAY,CAAC,CAAC,GAAoB,EAAE,GAAmB,EAAE,EAAE;YACxE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,oBAAoB,aAAa,EAAE,CAAC,CAAC;YAEzE,IAAI,GAAG,CAAC,QAAQ,KAAK,aAAa,EAAE,CAAC;gBACnC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBACnB,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;gBACrB,OAAO;YACT,CAAC;YAED,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC5C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAE5C,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,KAAK,CAAC;gBAChE,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;gBACpD,GAAG,CAAC,GAAG,CAAC;;;iBAGC,IAAI;;;SAGZ,CAAC,CAAC;gBACH,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,IAAI,KAAK,CAAC,gBAAgB,IAAI,EAAE,CAAC,CAAC,CAAC;gBAC1C,OAAO;YACT,CAAC;YAED,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBACpB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBACnB,GAAG,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;gBACjC,OAAO;YACT,CAAC;YAED,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;YACpD,GAAG,CAAC,GAAG,CAAC;;;;;OAKP,CAAC,CAAC;YAEH,MAAM,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,WAAW,EAAE,GAAG,EAAE;YAC7C,eAAe;QACjB,CAAC,CAAC,CAAC;QAEH,0BAA0B;QAC1B,UAAU,CAAC,GAAG,EAAE;YACd,MAAM,CAAC,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC,CAAC;QACxE,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IACpB,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,KAAK,CAAC,SAAiB,IAAI;IAC/C,2CAA2C;IAC3C,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAC;IAClC,IAAI,QAAgB,CAAC;IAErB,IAAI,QAAQ,EAAE,SAAS,IAAI,QAAQ,EAAE,MAAM,KAAK,MAAM,EAAE,CAAC;QACvD,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC;QAC9B,OAAO,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC7D,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;QAC5D,MAAM,GAAG,GAAG,MAAM,cAAc,CAAC,MAAM,CAAC,CAAC;QACzC,QAAQ,GAAG,GAAG,CAAC,SAAS,CAAC;QACzB,OAAO,CAAC,KAAK,CAAC,sBAAsB,QAAQ,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,6BAA6B;IAC7B,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,YAAY,EAAE,CAAC;IAC/C,MAAM,KAAK,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAE9C,6BAA6B;IAC7B,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,OAAO,YAAY,CAAC,CAAC;IAChD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAChD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,oBAAoB,aAAa,GAAG,aAAa,EAAE,CAAC,CAAC;IAC9F,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAClD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC1C,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACzC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;IACtD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IAE1D,4CAA4C;IAC5C,OAAO,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAC5D,OAAO,CAAC,KAAK,CAAC,wCAAwC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAE9E,MAAM,eAAe,GAAG,eAAe,EAAE,CAAC;IAE1C,wCAAwC;IACxC,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;QACpD,MAAM,GAAG,GACP,OAAO,CAAC,QAAQ,KAAK,QAAQ;YAC3B,CAAC,CAAC,SAAS,OAAO,CAAC,QAAQ,EAAE,GAAG;YAChC,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,OAAO;gBAC5B,CAAC,CAAC,UAAU,OAAO,CAAC,QAAQ,EAAE,GAAG;gBACjC,CAAC,CAAC,aAAa,OAAO,CAAC,QAAQ,EAAE,0BAA0B,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC;QACvF,IAAI,CAAC,GAAG,CAAC,CAAC;IACZ,CAAC;IAAC,MAAM,CAAC;QACP,8CAA8C;IAChD,CAAC;IAED,uBAAuB;IACvB,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,aAAa,EAAE,GAAG,MAAM,eAAe,CAAC;IAE7D,IAAI,aAAa,KAAK,KAAK,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;IAC7E,CAAC;IAED,8BAA8B;IAC9B,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC7D,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;IAEpE,UAAU;IACV,MAAM,WAAW,GAAgB;QAC/B,SAAS,EAAE,QAAQ;QACnB,MAAM;QACN,MAAM,EAAE;YACN,GAAG,MAAM;YACT,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,IAAI;SAC5D;KACF,CAAC;IAEF,WAAW,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;IACpC,OAAO,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;IAEhE,OAAO,WAAW,CAAC;AACrB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM;IAC1B,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,CAAC;QACnB,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;QAChC,OAAO;IACT,CAAC;IAED,qBAAqB;IACrB,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,aAAa,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC5C,MAAM,KAAK,CAAC,GAAG,OAAO,SAAS,EAAE;YAC/B,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;YAChE,IAAI,EAAE,IAAI,eAAe,CAAC;gBACxB,SAAS,EAAE,KAAK,CAAC,SAAS;gBAC1B,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,aAAa,IAAI,KAAK,CAAC,MAAM,CAAC,YAAY;aAC/D,CAAC;SACH,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,4BAA4B;IAC9B,CAAC;IAED,6DAA6D;IAC7D,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,OAAO,MAAM,CAAC,KAAK,CAAC;IACpB,aAAa,CAAC,UAAU,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;IAC7E,OAAO,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;AACvD,CAAC"}

package/package.json

@@ -0,0 +1,30 @@
+{
+  "name": "amplitude-cli",
+  "version": "0.3.0",
+  "description": "CLI for Amplitude analytics via MCP server. OAuth only. Designed for AI agents and humans.",
+  "type": "module",
+  "bin": {
+    "amp": "dist/index.js"
+  },
+  "scripts": {
+    "build": "npx tsc",
+    "dev": "tsx src/index.ts",
+    "start": "node dist/index.js"
+  },
+  "dependencies": {
+    "commander": "^13.1.0"
+  },
+  "devDependencies": {
+    "typescript": "^5.7.0",
+    "tsx": "^4.19.0",
+    "@types/node": "^22.0.0"
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "engines": {
+    "node": ">=20"
+  },
+  "license": "MIT"
+}