burn-mcp-server 2.0.5 → 2.0.7

package/glama.json

@@ -0,0 +1,3 @@
+{
+  "maintainers": ["Fisher521"]
+}

package/package.json

@@ -1,15 +1,20 @@
 {
   "name": "burn-mcp-server",
-  "version": "2.0.5",
+  "version": "2.0.7",
   "mcpName": "io.github.Fisher521/burn-mcp-server",
-  "description": "MCP Server for Burn — 22 tools to let your AI agent search, triage, and organize your reading. Works with Claude, Cursor, Windsurf.",
+  "description": "Burn MCP — give your AI agent a reading workflow. 26 tools to search, triage, burn, vault, and analyze your saved articles. Works with Claude, Cursor, Windsurf.",
   "main": "dist/index.js",
   "bin": {
     "burn-mcp": "dist/index.js"
   },
   "scripts": {
-    "build": "tsc",
-    "start": "node dist/index.js"
+    "build": "esbuild src/index.ts --bundle --platform=node --target=node18 --outfile=dist/index.js --format=cjs --packages=external",
+    "build:http": "esbuild src/http-dev.ts --bundle --platform=node --target=node18 --outfile=dist/http.mjs --format=esm --packages=external",
+    "build:vercel": "esbuild src/vercel-node-handler.ts --bundle --platform=node --target=node20 --outfile=api/mcp.js --format=cjs",
+    "build:all": "npm run build && npm run build:http && npm run build:vercel",
+    "typecheck": "node --max-old-space-size=4096 node_modules/typescript/bin/tsc --noEmit",
+    "start": "node dist/index.js",
+    "dev:http": "npm run build:http && node dist/http.mjs"
   },
   "keywords": [
     "mcp",
@@ -49,7 +54,8 @@
     "zod": "^3.22.0"
   },
   "devDependencies": {
-    "typescript": "^5.3.0",
-    "@types/node": "^20.0.0"
+    "@types/node": "^20.0.0",
+    "esbuild": "^0.28.0",
+    "typescript": "^5.3.0"
   }
 }

package/public/index.html

@@ -0,0 +1,47 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>Burn MCP Server</title>
+  <meta name="viewport" content="width=device-width, initial-scale=1">
+  <style>
+    body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif; max-width: 640px; margin: 80px auto; padding: 0 20px; line-height: 1.6; color: #1a1a1a; }
+    h1 { font-size: 28px; margin-bottom: 8px; }
+    .tag { display: inline-block; background: #ff6a00; color: white; padding: 2px 10px; border-radius: 10px; font-size: 12px; margin-right: 6px; }
+    pre { background: #f5f5f5; padding: 16px; border-radius: 8px; overflow-x: auto; font-size: 13px; }
+    a { color: #ff6a00; text-decoration: none; }
+    a:hover { text-decoration: underline; }
+    code { background: #f5f5f5; padding: 2px 6px; border-radius: 4px; font-size: 13px; }
+  </style>
+</head>
+<body>
+  <h1>Burn MCP Server</h1>
+  <p><span class="tag">MCP</span> <span class="tag">Streamable HTTP</span> Read less, absorb more.</p>
+  <p>This is the remote HTTP endpoint for <a href="https://burn451.cloud">Burn</a>'s Model Context Protocol server. 26 tools to let Claude / Cursor / Windsurf search, triage, and analyze your saved reading.</p>
+
+  <h2>Connect</h2>
+  <p>Paste this into your MCP client (Claude Desktop, Cursor, Windsurf, etc.):</p>
+  <pre>{
+  "mcpServers": {
+    "burn": {
+      "url": "https://mcp.burn451.cloud/mcp",
+      "headers": {
+        "Authorization": "Bearer &lt;your-token&gt;"
+      }
+    }
+  }
+}</pre>
+
+  <p>Get your token: <a href="https://burn451.cloud">burn451.cloud</a> → Settings → MCP Server → Copy Access Token</p>
+
+  <h2>Links</h2>
+  <ul>
+    <li><a href="https://github.com/Fisher521/burn-mcp-server">Source code on GitHub</a></li>
+    <li><a href="https://www.npmjs.com/package/burn-mcp-server">npm package (stdio mode)</a></li>
+    <li><a href="https://burn451.cloud">Burn web app</a></li>
+    <li><a href="https://x.com/hawking520">Built by @hawking520</a></li>
+  </ul>
+
+  <p style="color: #888; font-size: 13px; margin-top: 40px;">MIT licensed. Part of an open ecosystem of AI-era reading tools.</p>
+</body>
+</html>

package/server.json

@@ -1,27 +1,42 @@
 {
   "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
   "name": "io.github.Fisher521/burn-mcp-server",
-  "description": "22 tools to let your AI agent search, triage, and organize your reading list.",
+  "description": "AI-powered reading triage MCP. 26 tools with a 24h burn timer. Read less, absorb more.",
   "repository": {
     "url": "https://github.com/Fisher521/burn-mcp-server",
     "source": "github"
   },
-  "version": "2.0.4",
+  "websiteUrl": "https://burn451.cloud",
+  "version": "2.0.7",
   "packages": [
     {
       "registryType": "npm",
       "identifier": "burn-mcp-server",
-      "version": "2.0.4",
+      "version": "2.0.7",
       "transport": {
         "type": "stdio"
       },
       "environmentVariables": [
         {
-          "description": "Long-lived MCP access token from Burn App Settings",
+          "name": "BURN_MCP_TOKEN",
+          "description": "Long-lived MCP token from Burn App → Settings → MCP Server",
           "isRequired": true,
           "format": "string",
-          "isSecret": true,
-          "name": "BURN_MCP_TOKEN"
+          "isSecret": true
+        }
+      ]
+    }
+  ],
+  "remotes": [
+    {
+      "type": "streamable-http",
+      "url": "https://burn-mcp-server.vercel.app/mcp",
+      "headers": [
+        {
+          "name": "Authorization",
+          "description": "Bearer <BURN_MCP_TOKEN> — get your token at https://burn451.cloud → Settings → MCP Server",
+          "isRequired": true,
+          "isSecret": true
         }
       ]
     }

package/src/http-dev.ts

@@ -0,0 +1,56 @@
+// Burn MCP — standalone Node HTTP dev server for local testing.
+// For production deploy, see api/mcp.ts (Vercel Edge) or src/http.ts (the handler).
+
+import { createServer } from 'node:http'
+import { handleMcpRequest } from './http.js'
+
+const PORT = Number(process.env.PORT) || 3001
+
+const server = createServer(async (nodeReq, nodeRes) => {
+  try {
+    const url = new URL(nodeReq.url || '/', `http://${nodeReq.headers.host || 'localhost'}`)
+    const headers = new Headers()
+    for (const [k, v] of Object.entries(nodeReq.headers)) {
+      if (typeof v === 'string') headers.set(k, v)
+    }
+    const body = ['GET', 'HEAD'].includes(nodeReq.method || 'GET')
+      ? null
+      : await new Promise<Buffer>((resolve, reject) => {
+          const chunks: Buffer[] = []
+          nodeReq.on('data', c => chunks.push(c))
+          nodeReq.on('end', () => resolve(Buffer.concat(chunks)))
+          nodeReq.on('error', reject)
+        })
+
+    const webReq = new Request(url, {
+      method: nodeReq.method,
+      headers,
+      body: body && body.length > 0 ? body : null,
+    })
+
+    const webRes = await handleMcpRequest(webReq)
+
+    nodeRes.statusCode = webRes.status
+    webRes.headers.forEach((v, k) => nodeRes.setHeader(k, v))
+    if (webRes.body) {
+      const reader = webRes.body.getReader()
+      while (true) {
+        const { done, value } = await reader.read()
+        if (done) break
+        nodeRes.write(value)
+      }
+    }
+    nodeRes.end()
+  } catch (e: any) {
+    nodeRes.statusCode = 500
+    nodeRes.setHeader('content-type', 'application/json')
+    nodeRes.end(JSON.stringify({ error: 'Internal error', detail: String(e?.message || e) }))
+  }
+})
+
+server.listen(PORT, () => {
+  console.log(`Burn MCP HTTP server listening on http://localhost:${PORT}`)
+  console.log(`Test: curl -H "Authorization: Bearer <TOKEN>" -X POST http://localhost:${PORT}/mcp \\`)
+  console.log(`  -H 'Content-Type: application/json' -H 'Accept: application/json, text/event-stream' \\`)
+  console.log(`  -d '{"jsonrpc":"2.0","method":"tools/list","id":1}'`)
+})

package/src/http.ts

@@ -0,0 +1,62 @@
+// Burn MCP — HTTP transport entry (Web Standard fetch API)
+//
+// Works on Vercel Edge / Node runtime, Cloudflare Workers, Deno, Bun.
+// Users connect by adding ONE URL to Claude/Cursor/Windsurf MCP settings instead of installing npx.
+//
+// Auth: each request carries `Authorization: Bearer <BURN_MCP_TOKEN>` header.
+// Stateless: fresh Supabase client per request (short in-memory session cache for performance).
+
+import { WebStandardStreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/webStandardStreamableHttp.js'
+import { createClient } from '@supabase/supabase-js'
+import { getOrExchangeSession, applySession } from './lib/auth.js'
+import { createBurnServer } from './setup.js'
+
+const SUPABASE_URL = process.env.BURN_SUPABASE_URL || 'https://juqtxylquemiuvvmgbej.supabase.co'
+const SUPABASE_ANON_KEY = process.env.BURN_SUPABASE_ANON_KEY || 'sb_publishable_reVgmmCC6ndIo6jFRMM2LQ_wujj5FrO'
+
+/** Main handler — turn an incoming HTTP Request into a JSON-RPC MCP Response. */
+export async function handleMcpRequest(req: Request): Promise<Response> {
+  // --- Auth: require Bearer token ---
+  const authHeader = req.headers.get('authorization') || req.headers.get('Authorization') || ''
+  const match = authHeader.match(/^Bearer\s+(.+)$/i)
+  const token = match?.[1]?.trim()
+
+  if (!token) {
+    return new Response(JSON.stringify({
+      error: 'Missing Authorization header',
+      hint: 'Add `Authorization: Bearer <BURN_MCP_TOKEN>` header. Get your token at https://burn451.cloud → Settings → MCP Server.',
+    }), { status: 401, headers: { 'content-type': 'application/json' } })
+  }
+
+  // --- Exchange token → Supabase session (cached in memory 5 min per token) ---
+  let session
+  try {
+    session = await getOrExchangeSession(token)
+  } catch (e: any) {
+    return new Response(JSON.stringify({
+      error: 'Invalid or expired Burn MCP token',
+      detail: String(e?.message || e),
+    }), { status: 401, headers: { 'content-type': 'application/json' } })
+  }
+
+  // --- Build per-request Supabase client with JWT in headers (faster than setSession, Edge-safe) ---
+  const supabase = createClient(SUPABASE_URL, SUPABASE_ANON_KEY, {
+    auth: { persistSession: false, autoRefreshToken: false, detectSessionInUrl: false },
+    global: {
+      headers: { Authorization: `Bearer ${session.access_token}` },
+    },
+  })
+
+  const server = createBurnServer(supabase, { rateLimitPerMin: 60 })
+
+  // --- Streamable HTTP transport (stateless mode — no session reuse across requests) ---
+  const transport = new WebStandardStreamableHTTPServerTransport({
+    sessionIdGenerator: undefined, // stateless mode — MCP SDK treats each request as a new conversation
+    enableJsonResponse: true,
+  })
+
+  await server.connect(transport)
+  return transport.handleRequest(req)
+}
+
+// Standalone Node dev server is in src/http-dev.ts (npm run dev:http)