Umbrella MCP Server

#!/usr/bin/env node const axios = require('axios'); const https = require('https'); const axiosInstance = axios.create({ httpsAgent: new https.Agent({ rejectUnauthorized: false }), timeout: 30000 }); // MCP server URL const MCP_URL = 'https://injuries-opposite-mine-pmid.trycloudflare.com/mcp'; async function testMcpFlow() { console.log('\n════════════════════════════════════════════════════════════'); console.log(' TESTING MCP AUTH FLOW AND BANK LEUMI REQUEST'); console.log('════════════════════════════════════════════════════════════\n'); try { // Step 1: Obtain token through OAuth flow (simulated) // In real Claude Desktop flow, this happens through browser console.log('📝 Note: This test requires existing authentication through Claude Desktop'); console.log(' The issue is that the MCP server loses userKey context between requests\n'); // Step 2: Simulate what Claude Desktop sends const bankLeumiRequest = { method: "tools/call", params: { name: "api__invoices_caui", arguments: { accountId: "696314371547", customer_account_key: "22676", customer_division_id: "139", startDate: "2025-08-01", endDate: "2025-08-31", periodGranLevel: "month", groupBy: "none", costType: "[\"cost\", \"discount\"]", isUnblended: "true", userQuery: "Show me Bank Leumi costs for August 2025" } }, jsonrpc: "2.0", id: 1 }; console.log('🚀 Request being sent:'); console.log('════════════════════════════════════════'); console.log('accountId:', bankLeumiRequest.params.arguments.accountId); console.log('customer_account_key:', bankLeumiRequest.params.arguments.customer_account_key); console.log('customer_division_id:', bankLeumiRequest.params.arguments.customer_division_id); console.log('groupBy:', bankLeumiRequest.params.arguments.groupBy); console.log('startDate:', bankLeumiRequest.params.arguments.startDate); console.log('endDate:', bankLeumiRequest.params.arguments.endDate); console.log('\n💡 EXPECTED FLOW:'); console.log('════════════════════════════════════════'); console.log('1. MCP server receives request with Bank Leumi params'); console.log('2. Server detects MSP customer (22676/139)'); console.log('3. Server deletes accountId to prevent conflicts'); console.log('4. Server tries to build customer API key'); console.log('5. BUT: userKey is missing from auth context!'); console.log('6. Falls back to default API key (15808:0)'); console.log('7. API returns Mark.Watson_Sandbox data instead'); console.log('\n🔴 THE BUG:'); console.log('════════════════════════════════════════'); console.log('The DualAuth object loses userKey between authentication and API calls'); console.log('This causes buildCustomerApiKey to fail with "missing userKey or accounts"'); console.log('The fallback uses the wrong account (15808 = Mark.Watson_Sandbox)'); console.log('\n📊 RESULT:'); console.log('════════════════════════════════════════'); console.log('Expected account: 696314371547 (Bank Leumi) - $0.002684/month'); console.log('Actual account: 268413799883 (Mark.Watson_Sandbox) - $28-38/month'); console.log('\n✅ SOLUTION:'); console.log('════════════════════════════════════════'); console.log('The auth object needs to persist userKey and availableAccounts'); console.log('between the authentication and subsequent API calls.'); console.log('This is a session management issue in the MCP server.'); } catch (error) { console.error('\n❌ Error:', error.message); if (error.response) { console.error('Response:', error.response.data); } } } testMcpFlow().catch(console.error);