npm - trapic-mcp - Versions diffs - 0.1.0 → 0.1.3 - Mend

trapic-mcp 0.1.0 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/bin/trapic-mcp.mjs CHANGED Viewed

@@ -379,9 +379,16 @@ async function cmdServeDev() {
 }
 async function cmdLogin() {
+  const useBrowser = process.argv.includes("--browser") || process.argv.includes("-b");
+  if (useBrowser) {
+    return cmdLoginBrowser();
+  }
   const rl = createInterface({ input: process.stdin, output: process.stdout });
   try {
+    console.log("Login with email/password. For GitHub/Google, use: trapic login --browser\n");
     const serverUrl =
       (await rl.question(`Server URL [${DEFAULT_URL}]: `)).trim() || DEFAULT_URL;
     const email = (await rl.question("Email: ")).trim();
@@ -483,6 +490,90 @@ async function cmdLogin() {
   }
 }
+async function cmdLoginBrowser() {
+  const { exec } = await import("child_process");
+  console.log("Opening browser to create an API token...\n");
+  const tokenUrl = "https://trapic.ai/tokens";
+  const openCmd = process.platform === "darwin" ? "open" : process.platform === "win32" ? "start" : "xdg-open";
+  exec(`${openCmd} ${tokenUrl}`);
+  console.log("1. Sign in with GitHub, Google, or email in the browser");
+  console.log("2. Create a new API token");
+  console.log("3. Copy the token and paste it below\n");
+  const rl = createInterface({ input: process.stdin, output: process.stdout });
+  const token = (await rl.question("Paste your API token (tr_...): ")).trim();
+  rl.close();
+  if (!token || !token.startsWith("tr_")) {
+    console.error("Error: Invalid token. Must start with tr_");
+    process.exit(1);
+  }
+  // Verify token
+  const res = await fetch("https://mcp.trapic.ai/auth/whoami", {
+    headers: { Authorization: `Bearer ${token}` },
+  });
+  if (!res.ok) {
+    console.error("Error: Token verification failed. Check your token and try again.");
+    process.exit(1);
+  }
+  const data = await res.json();
+  const mcpUrl = "https://mcp.trapic.ai/mcp";
+  await saveCredentials({ url: mcpUrl, token, email: data.user?.email || "" });
+  console.log(`\nLogged in as ${data.user?.email || "unknown"}`);
+  console.log(`Credentials saved to ${CRED_FILE}`);
+  // Configure Claude Code
+  const rl2 = createInterface({ input: process.stdin, output: process.stdout });
+  try {
+    const setupClaude = (
+      await rl2.question("\nConfigure for Claude Code? [Y/n]: ")
+    ).trim().toLowerCase();
+    if (setupClaude !== "n" && setupClaude !== "no") {
+      const scope = (
+        await rl2.question("Scope — global or project? [global]: ")
+      ).trim().toLowerCase();
+      const mcpEntry = {
+        command: "npx",
+        args: ["-y", "trapic-mcp"],
+        env: { TRAPIC_TOKEN: token },
+      };
+      if (scope === "project" || scope === "p") {
+        const projectDir = process.cwd();
+        const claudeDir = join(projectDir, ".claude");
+        const claudeJson = join(claudeDir, "mcp.json");
+        await mkdir(claudeDir, { recursive: true });
+        let existing = {};
+        try { existing = JSON.parse(await readFile(claudeJson, "utf-8")); } catch {}
+        existing.mcpServers = existing.mcpServers || {};
+        existing.mcpServers.trapic = mcpEntry;
+        await writeFile(claudeJson, JSON.stringify(existing, null, 2) + "\n");
+        console.log(`Saved to ${claudeJson}`);
+      } else {
+        const globalDir = join(homedir(), ".claude");
+        const globalJson = join(globalDir, "mcp.json");
+        await mkdir(globalDir, { recursive: true });
+        let existing = {};
+        try { existing = JSON.parse(await readFile(globalJson, "utf-8")); } catch {}
+        existing.mcpServers = existing.mcpServers || {};
+        existing.mcpServers.trapic = mcpEntry;
+        await writeFile(globalJson, JSON.stringify(existing, null, 2) + "\n");
+        console.log(`Saved to ${globalJson}`);
+      }
+    }
+  } finally {
+    rl2.close();
+  }
+}
 async function cmdLogout() {
   const config = await loadConfig();
   if (!config) {
@@ -873,12 +964,33 @@ switch (command) {
   case "token":
     await cmdToken(args[1]);
     break;
+  case "upgrade":
+  case "update": {
+    const { execSync } = await import("child_process");
+    console.log("Checking for updates...");
+    try {
+      const latest = execSync("npm view trapic-mcp version", { encoding: "utf-8" }).trim();
+      const pkg = JSON.parse(await readFile(resolve(__dirname, "../package.json"), "utf-8"));
+      if (latest === pkg.version) {
+        console.log(`Already on latest version (${pkg.version})`);
+      } else {
+        console.log(`Upgrading ${pkg.version} → ${latest}...`);
+        execSync("npm install -g trapic-mcp@latest", { stdio: "inherit" });
+        console.log(`\nUpgraded to ${latest}`);
+      }
+    } catch (e) {
+      console.error("Upgrade failed:", e.message);
+      console.log("Try manually: npm install -g trapic-mcp@latest");
+    }
+    break;
+  }
   default:
     console.log(`trapic-mcp — CLI & MCP proxy for Trapic
 Usage:
   trapic-mcp                     Start stdio proxy (for Claude Code)
   trapic-mcp login               Login with email/password
+  trapic-mcp login --browser     Login with GitHub/Google (opens browser)
   trapic-mcp logout              Revoke token and clear credentials
   trapic-mcp whoami              Show current user and token info
   trapic-mcp init                Manual setup with token (--global | --project)
@@ -888,6 +1000,7 @@ Usage:
   trapic-mcp token list          List API tokens
   trapic-mcp token create [name] Create new API token
   trapic-mcp token revoke <id>   Revoke an API token
+  trapic-mcp upgrade             Upgrade to latest version
   trapic-mcp serve:dev           Start local dev MCP server
 Environment:

package/dist/worker.js CHANGED Viewed

@@ -110,7 +110,7 @@ function getCorsOrigin(request) {
 function isValidRedirectUri(uri) {
     try {
         const parsed = new URL(uri);
-        const allowed = ["localhost", "127.0.0.1", "trapic.ai"];
+        const allowed = ["localhost", "127.0.0.1", "trapic.ai", "claude.ai"];
         return allowed.some(h => parsed.hostname === h || parsed.hostname.endsWith("." + h));
     }
     catch {
@@ -249,8 +249,12 @@ export default {
     label { display: block; font-size: 0.8rem; color: #a3a3a3; margin-bottom: 0.25rem; }
     input[type="email"], input[type="password"] { width: 100%; padding: 0.6rem 0.75rem; background: #0a0a0a; border: 1px solid #333; border-radius: 8px; color: #e5e5e5; font-size: 0.9rem; margin-bottom: 1rem; outline: none; }
     input:focus { border-color: #525252; }
-    button { width: 100%; padding: 0.6rem; background: #fff; color: #000; border: none; border-radius: 9999px; font-size: 0.9rem; font-weight: 600; cursor: pointer; }
-    button:hover { opacity: 0.9; }
+    button, .oauth-btn { width: 100%; padding: 0.6rem; background: #fff; color: #000; border: none; border-radius: 9999px; font-size: 0.9rem; font-weight: 600; cursor: pointer; display: flex; align-items: center; justify-content: center; gap: 0.5rem; text-decoration: none; }
+    button:hover, .oauth-btn:hover { opacity: 0.9; }
+    .oauth-btn { background: #262626; color: #e5e5e5; border: 1px solid #333; margin-bottom: 0.5rem; }
+    .divider { display: flex; align-items: center; gap: 0.75rem; margin: 1.25rem 0; }
+    .divider::before, .divider::after { content: ''; flex: 1; height: 1px; background: #333; }
+    .divider span { font-size: 0.75rem; color: #525252; }
     .error { color: #ef4444; font-size: 0.8rem; margin-bottom: 1rem; }
   </style>
 </head>
@@ -259,6 +263,15 @@ export default {
     <div class="logo">Trapic</div>
     <div class="desc">Sign in to authorize access to your knowledge base</div>
     ${errorMsg ? `<div class="error">${escapeHtml(errorMsg)}</div>` : ""}
+    <a class="oauth-btn" href="${env.SUPABASE_URL}/auth/v1/authorize?provider=github&redirect_to=${encodeURIComponent(origin + '/oauth/callback-social?' + new URLSearchParams({ client_id: clientId, redirect_uri: redirectUri, state, code_challenge: codeChallenge, code_challenge_method: codeChallengeMethod }).toString())}">
+      <svg width="16" height="16" viewBox="0 0 24 24" fill="currentColor"><path d="M12 0C5.37 0 0 5.37 0 12c0 5.31 3.435 9.795 8.205 11.385.6.105.825-.255.825-.57 0-.285-.015-1.23-.015-2.235-3.015.555-3.795-.735-4.035-1.41-.135-.345-.72-1.41-1.23-1.695-.42-.225-1.02-.78-.015-.795.945-.015 1.62.87 1.845 1.23 1.08 1.815 2.805 1.305 3.495.99.105-.78.42-1.305.765-1.605-2.67-.3-5.46-1.335-5.46-5.925 0-1.305.465-2.385 1.23-3.225-.12-.3-.54-1.53.12-3.18 0 0 1.005-.315 3.3 1.23.96-.27 1.98-.405 3-.405s2.04.135 3 .405c2.295-1.56 3.3-1.23 3.3-1.23.66 1.65.24 2.88.12 3.18.765.84 1.23 1.905 1.23 3.225 0 4.605-2.805 5.625-5.475 5.925.435.375.81 1.095.81 2.22 0 1.605-.015 2.895-.015 3.3 0 .315.225.69.825.57A12.02 12.02 0 0024 12c0-6.63-5.37-12-12-12z"/></svg>
+      Continue with GitHub
+    </a>
+    <a class="oauth-btn" href="${env.SUPABASE_URL}/auth/v1/authorize?provider=google&redirect_to=${encodeURIComponent(origin + '/oauth/callback-social?' + new URLSearchParams({ client_id: clientId, redirect_uri: redirectUri, state, code_challenge: codeChallenge, code_challenge_method: codeChallengeMethod }).toString())}">
+      <svg width="16" height="16" viewBox="0 0 24 24"><path d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92a5.06 5.06 0 01-2.2 3.32v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.1z" fill="#4285F4"/><path d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z" fill="#34A853"/><path d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z" fill="#FBBC05"/><path d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z" fill="#EA4335"/></svg>
+      Continue with Google
+    </a>
+    <div class="divider"><span>or</span></div>
     <form method="POST" action="/oauth/authorize">
       <input type="hidden" name="client_id" value="${escapeHtml(clientId)}" />
       <input type="hidden" name="redirect_uri" value="${escapeHtml(redirectUri)}" />
@@ -266,7 +279,7 @@ export default {
       <input type="hidden" name="code_challenge" value="${escapeHtml(codeChallenge)}" />
       <input type="hidden" name="code_challenge_method" value="${escapeHtml(codeChallengeMethod)}" />
       <label>Email</label>
-      <input type="email" name="email" required autocomplete="email" autofocus />
+      <input type="email" name="email" required autocomplete="email" />
       <label>Password</label>
       <input type="password" name="password" required autocomplete="current-password" />
       <button type="submit">Sign In</button>
@@ -283,6 +296,66 @@ export default {
                 },
             });
         }
+        // OAuth social callback — client-side page that reads hash fragment token
+        if (url.pathname === "/oauth/callback-social") {
+            // Serve a small HTML page that extracts access_token from hash and POSTs to server
+            const html = `<!DOCTYPE html><html><head><title>Authenticating...</title></head>
+<body style="background:#0a0a0a;color:#e5e5e5;font-family:sans-serif;display:flex;align-items:center;justify-content:center;min-height:100vh;">
+<div style="text-align:center"><p>Authenticating...</p></div>
+<script>
+(function(){
+  var hash = window.location.hash.substring(1);
+  var params = new URLSearchParams(hash);
+  var accessToken = params.get('access_token');
+  var search = new URLSearchParams(window.location.search);
+  if (accessToken) {
+    // Forward to server endpoint with token in query
+    var url = '/oauth/complete-social?access_token=' + encodeURIComponent(accessToken)
+      + '&client_id=' + encodeURIComponent(search.get('client_id') || '')
+      + '&redirect_uri=' + encodeURIComponent(search.get('redirect_uri') || '')
+      + '&state=' + encodeURIComponent(search.get('state') || '')
+      + '&code_challenge=' + encodeURIComponent(search.get('code_challenge') || '')
+      + '&code_challenge_method=' + encodeURIComponent(search.get('code_challenge_method') || '');
+    window.location.replace(url);
+  } else {
+    document.body.innerHTML = '<div style="text-align:center;padding:2rem;"><p>Authentication failed. Please try again.</p><a href="/" style="color:#60a5fa;">Go back</a></div>';
+  }
+})();
+</script></body></html>`;
+            return new Response(html, { headers: { "Content-Type": "text/html; charset=utf-8" } });
+        }
+        // OAuth social complete — server receives access_token, issues auth code
+        if (url.pathname === "/oauth/complete-social") {
+            const accessToken = url.searchParams.get("access_token") || "";
+            const clientId = url.searchParams.get("client_id") || "";
+            const redirectUri = url.searchParams.get("redirect_uri") || "";
+            const state = url.searchParams.get("state") || "";
+            const codeChallenge = url.searchParams.get("code_challenge") || "";
+            if (!redirectUri || !codeChallenge || !accessToken) {
+                return new Response("Missing parameters", { status: 400 });
+            }
+            if (!isValidRedirectUri(redirectUri)) {
+                return new Response("Invalid redirect_uri", { status: 400 });
+            }
+            const supabase = getSupabase();
+            const { data: { user: authUser }, error: authErr } = await supabase.auth.getUser(accessToken);
+            if (authErr || !authUser) {
+                const backUrl = new URL(`${origin}/oauth/authorize`);
+                backUrl.searchParams.set("client_id", clientId);
+                backUrl.searchParams.set("redirect_uri", redirectUri);
+                backUrl.searchParams.set("state", state);
+                backUrl.searchParams.set("code_challenge", codeChallenge);
+                backUrl.searchParams.set("code_challenge_method", "S256");
+                backUrl.searchParams.set("error", "Social login failed. Please try again.");
+                return new Response(null, { status: 302, headers: { "Location": backUrl.toString() } });
+            }
+            const code = await createAuthCode(env, authUser.id, codeChallenge, redirectUri);
+            const redirectUrl = new URL(redirectUri);
+            redirectUrl.searchParams.set("code", code);
+            if (state)
+                redirectUrl.searchParams.set("state", state);
+            return new Response(null, { status: 302, headers: { "Location": redirectUrl.toString() } });
+        }
         // OAuth Authorize POST — validates credentials, issues auth code via 302 redirect
         if (url.pathname === "/oauth/authorize" && request.method === "POST") {
             // Parse form body (native form POST sends application/x-www-form-urlencoded)

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "trapic-mcp",
-  "version": "0.1.0",
+  "version": "0.1.3",
   "description": "AI knowledge management MCP server — automatically capture, search, and connect decisions, facts, and conventions across AI coding sessions",
   "type": "module",
   "main": "dist/index.js",