@agent-native/core 0.46.0 → 0.48.1

package/dist/mcp/connect-store.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"connect-store.d.ts","sourceRoot":"","sources":["../../src/mcp/connect-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAOH;;;;;GAKG;AACH,eAAO,MAAM,iBAAiB,gBAAgB,CAAC;AAE/C;;;GAGG;AACH,eAAO,MAAM,2BAA2B,yBAAyB,CAAC;AAElE,6CAA6C;AAC7C,eAAO,MAAM,kBAAkB,QAAc,CAAC;AAE9C,0EAA0E;AAC1E,eAAO,MAAM,sBAAsB,MAAM,CAAC;AAC1C,eAAO,MAAM,kBAAkB,IAAI,CAAC;AACpC,eAAO,MAAM,kBAAkB,MAAM,CAAC;AAEtC;;;;GAIG;AACH,eAAO,MAAM,gBAAgB,KAAK,CAAC;AACnC,eAAO,MAAM,sBAAsB,QAAS,CAAC;AA+C7C,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED;;;GAGG;AACH,wBAAsB,iBAAiB,CAAC,MAAM,EAAE;IAC9C,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACvB,GAAG,OAAO,CAAC,MAAM,CAAC,CAkBlB;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAiBhE;AAED,wBAAsB,UAAU,CAC9B,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,cAAc,EAAE,CAAC,CAsB3B;AAED;;;;;GAKG;AACH,wBAAsB,WAAW,CAC/B,UAAU,EAAE,MAAM,EAClB,EAAE,EAAE,MAAM,GACT,OAAO,CAAC,OAAO,CAAC,CAQlB;AAED;;;GAGG;AACH,wBAAsB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAW/D;AAMD,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,MAAM,EAAE,SAAS,GAAG,UAAU,GAAG,SAAS,GAAG,UAAU,GAAG,SAAS,CAAC;IACpE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAmBD;;;;;;;;GAQG;AACH,wBAAsB,gBAAgB,IAAI,OAAO,CAAC,aAAa,CAAC,CAgD/D;AAgBD,wBAAsB,aAAa,CACjC,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAc/B;AAoBD;;;;;;;GAOG;AACH,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,MAAM,GAAG,IAAI,GACnB,OAAO,CAAC,aAAa,GAAG,WAAW,GAAG,SAAS,GAAG,SAAS,CAAC,CAuB9D;AAED;;;;;;GAMG;AACH,wBAAsB,iBAAiB,CACrC,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAY/B;AAED;;;;GAIG;AACH,wBAAsB,sBAAsB,CAC1C,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAW/B;AAED,wBAAsB,oBAAoB,CACxC,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,OAAO,CAAC,CAQlB;AAED,wBAAsB,qBAAqB,CACzC,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,IAAI,CAAC,CAYf;AAED;;;GAGG;AACH,wBAAsB,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAYxE"}
+{"version":3,"file":"connect-store.d.ts","sourceRoot":"","sources":["../../src/mcp/connect-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAOH;;;;;GAKG;AACH,eAAO,MAAM,iBAAiB,gBAAgB,CAAC;AAE/C;;;GAGG;AACH,eAAO,MAAM,2BAA2B,yBAAyB,CAAC;AAElE,6CAA6C;AAC7C,eAAO,MAAM,kBAAkB,QAAc,CAAC;AAE9C,0EAA0E;AAC1E,eAAO,MAAM,sBAAsB,MAAM,CAAC;AAC1C,eAAO,MAAM,kBAAkB,IAAI,CAAC;AACpC,eAAO,MAAM,kBAAkB,MAAM,CAAC;AAEtC;;;;GAIG;AACH,eAAO,MAAM,gBAAgB,KAAK,CAAC;AACnC,eAAO,MAAM,sBAAsB,QAAS,CAAC;AAmF7C,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,oEAAoE;IACpE,IAAI,EAAE,UAAU,GAAG,SAAS,CAAC;IAC7B,8FAA8F;IAC9F,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,yFAAyF;IACzF,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,WAAW,EAAE,MAAM,EACnB,KAAK,EAAE,MAAM,GACZ,MAAM,CAER;AAED,oEAAoE;AACpE,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,OAAO,CAEzE;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAYxD;AAED;;;GAGG;AACH,wBAAsB,iBAAiB,CAAC,MAAM,EAAE;IAC9C,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,yEAAyE;IACzE,IAAI,CAAC,EAAE,UAAU,GAAG,SAAS,CAAC;IAC9B,2EAA2E;IAC3E,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,0DAA0D;IAC1D,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B,GAAG,OAAO,CAAC,MAAM,CAAC,CAqBlB;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAiBhE;AAkBD,wBAAsB,UAAU,CAC9B,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,cAAc,EAAE,CAAC,CAa3B;AAED;;;;GAIG;AACH,wBAAsB,oBAAoB,CACxC,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,cAAc,EAAE,CAAC,CAa3B;AAED;;;;;;GAMG;AACH,wBAAsB,qBAAqB,CACzC,KAAK,EAAE,MAAM,EACb,EAAE,EAAE,MAAM,GACT,OAAO,CAAC,OAAO,CAAC,CAQlB;AAED;;;;;GAKG;AACH,wBAAsB,WAAW,CAC/B,UAAU,EAAE,MAAM,EAClB,EAAE,EAAE,MAAM,GACT,OAAO,CAAC,OAAO,CAAC,CAQlB;AAED;;;GAGG;AACH,wBAAsB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAW/D;AAMD,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,MAAM,EAAE,SAAS,GAAG,UAAU,GAAG,SAAS,GAAG,UAAU,GAAG,SAAS,CAAC;IACpE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAmBD;;;;;;;;GAQG;AACH,wBAAsB,gBAAgB,IAAI,OAAO,CAAC,aAAa,CAAC,CAgD/D;AAgBD,wBAAsB,aAAa,CACjC,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAc/B;AAoBD;;;;;;;GAOG;AACH,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,MAAM,GAAG,IAAI,GACnB,OAAO,CAAC,aAAa,GAAG,WAAW,GAAG,SAAS,GAAG,SAAS,CAAC,CAuB9D;AAED;;;;;;GAMG;AACH,wBAAsB,iBAAiB,CACrC,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAY/B;AAED;;;;GAIG;AACH,wBAAsB,sBAAsB,CAC1C,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAW/B;AAED,wBAAsB,oBAAoB,CACxC,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,OAAO,CAAC,CAQlB;AAED,wBAAsB,qBAAqB,CACzC,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,IAAI,CAAC,CAYf;AAED;;;GAGG;AACH,wBAAsB,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAYxE"}

package/dist/mcp/connect-store.js

@@ -57,11 +57,49 @@ async function ensureTable() {
           owner_email TEXT NOT NULL,
           org_id TEXT,
           label TEXT,
+          kind TEXT NOT NULL DEFAULT 'personal',
+          service_name TEXT,
+          created_by TEXT,
           created_at ${intType()},
           last_used_at ${intType()},
           revoked_at ${intType()}
         )
       `);
+            // Additive columns for org service tokens (deployments that created the
+            // table before these columns existed; fresh DBs get them via the CREATE
+            // TABLE above). kind='personal' (default) preserves the original
+            // per-user token; kind='service' marks tokens minted for an org service
+            // principal (e.g. CI) rather than a person. service_name is the
+            // human-readable service label (e.g. "ci"); created_by records the
+            // human who minted it, for audit.
+            for (const [withIfNotExists, plain] of [
+                [
+                    `ALTER TABLE mcp_connect_tokens ADD COLUMN IF NOT EXISTS kind TEXT NOT NULL DEFAULT 'personal'`,
+                    `ALTER TABLE mcp_connect_tokens ADD COLUMN kind TEXT NOT NULL DEFAULT 'personal'`,
+                ],
+                [
+                    `ALTER TABLE mcp_connect_tokens ADD COLUMN IF NOT EXISTS service_name TEXT`,
+                    `ALTER TABLE mcp_connect_tokens ADD COLUMN service_name TEXT`,
+                ],
+                [
+                    `ALTER TABLE mcp_connect_tokens ADD COLUMN IF NOT EXISTS created_by TEXT`,
+                    `ALTER TABLE mcp_connect_tokens ADD COLUMN created_by TEXT`,
+                ],
+            ]) {
+                try {
+                    await client.execute(withIfNotExists);
+                }
+                catch {
+                    // SQLite doesn't support "ADD COLUMN IF NOT EXISTS" — retry the
+                    // plain form and swallow "duplicate column" when it already exists.
+                    try {
+                        await client.execute(plain);
+                    }
+                    catch {
+                        // Column already exists (or was created by CREATE TABLE above).
+                    }
+                }
+            }
             await client.execute(`
         CREATE TABLE IF NOT EXISTS mcp_device_codes (
           device_code TEXT PRIMARY KEY,
@@ -84,6 +122,39 @@ async function ensureTable() {
     }
     return _initPromise;
 }
+/**
+ * Synthetic identity for an org service token: `svc-<name>@service.<orgId>`.
+ * It is email-shaped so the entire existing identity plumbing (JWT `sub`,
+ * `runWithRequestContext({ userEmail })`, ownable-row `owner_email` columns,
+ * display surfaces that render an email) works unchanged, while remaining
+ * clearly distinguishable from a human account. Ownable rows created under
+ * this identity carry the org's `orgId`, so org members can see them.
+ */
+export function serviceIdentityEmail(serviceName, orgId) {
+    return `svc-${normalizeServiceName(serviceName)}@service.${orgId}`;
+}
+/** True when an email is a synthetic org-service-token identity. */
+export function isServiceIdentityEmail(email) {
+    return !!email && /^svc-[a-z0-9-]+@service\./.test(email);
+}
+/**
+ * Normalize a user-supplied service name to a DNS-label-ish slug so the
+ * synthetic identity stays a valid email local part: lowercase, `a-z0-9-`,
+ * max 48 chars. Throws on names that normalize to nothing.
+ */
+export function normalizeServiceName(raw) {
+    const slug = (raw ?? "")
+        .trim()
+        .toLowerCase()
+        .replace(/[^a-z0-9-]+/g, "-")
+        .replace(/-+/g, "-")
+        .replace(/^-|-$/g, "")
+        .slice(0, 48);
+    if (!slug) {
+        throw new Error("Service name must contain at least one letter or number.");
+    }
+    return slug;
+}
 /**
  * Persist a record of a minted token. The token value itself (a signed JWT)
  * is NEVER stored — only its `jti`, so revocation is a cheap SQL lookup.
@@ -93,13 +164,16 @@ export async function recordMintedToken(params) {
     const client = getDbExec();
     const id = randomUUID();
     await client.execute({
-        sql: `INSERT INTO mcp_connect_tokens (id, jti, owner_email, org_id, label, created_at, last_used_at, revoked_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,
+        sql: `INSERT INTO mcp_connect_tokens (id, jti, owner_email, org_id, label, kind, service_name, created_by, created_at, last_used_at, revoked_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
         args: [
             id,
             params.jti,
             params.ownerEmail,
             params.orgId ?? null,
             params.label ?? null,
+            params.kind ?? "personal",
+            params.serviceName ?? null,
+            params.createdBy ?? null,
             Date.now(),
             null,
             null,
@@ -134,24 +208,30 @@ export async function isJtiRevoked(jti) {
         return false;
     }
 }
+function mapTokenRow(r) {
+    return {
+        id: r.id,
+        jti: r.jti,
+        ownerEmail: (r.owner_email ?? r.ownerEmail),
+        orgId: (r.org_id ?? r.orgId ?? null),
+        label: (r.label ?? null),
+        createdAt: numOrNull(r.created_at ?? r.createdAt),
+        lastUsedAt: numOrNull(r.last_used_at ?? r.lastUsedAt),
+        revokedAt: numOrNull(r.revoked_at ?? r.revokedAt),
+        kind: r.kind === "service" ? "service" : "personal",
+        serviceName: (r.service_name ?? r.serviceName ?? null),
+        createdBy: (r.created_by ?? r.createdBy ?? null),
+    };
+}
 export async function listTokens(ownerEmail) {
     try {
         await ensureTable();
         const client = getDbExec();
         const { rows } = await client.execute({
-            sql: `SELECT id, jti, owner_email, org_id, label, created_at, last_used_at, revoked_at FROM mcp_connect_tokens WHERE owner_email = ? ORDER BY created_at DESC`,
+            sql: `SELECT id, jti, owner_email, org_id, label, kind, service_name, created_by, created_at, last_used_at, revoked_at FROM mcp_connect_tokens WHERE owner_email = ? ORDER BY created_at DESC`,
             args: [ownerEmail],
         });
-        return rows.map((r) => ({
-            id: r.id,
-            jti: r.jti,
-            ownerEmail: (r.owner_email ?? r.ownerEmail),
-            orgId: (r.org_id ?? r.orgId ?? null),
-            label: (r.label ?? null),
-            createdAt: numOrNull(r.created_at ?? r.createdAt),
-            lastUsedAt: numOrNull(r.last_used_at ?? r.lastUsedAt),
-            revokedAt: numOrNull(r.revoked_at ?? r.revokedAt),
-        }));
+        return rows.map(mapTokenRow);
     }
     catch (err) {
         if (isConnectionError(err))
@@ -159,6 +239,43 @@ export async function listTokens(ownerEmail) {
         throw err;
     }
 }
+/**
+ * List the org's service tokens (kind = 'service'), newest first. Scoped by
+ * `org_id` — callers must already have established the caller is a member of
+ * `orgId` (the actions in `mcp/actions/` gate on org role).
+ */
+export async function listOrgServiceTokens(orgId) {
+    try {
+        await ensureTable();
+        const client = getDbExec();
+        const { rows } = await client.execute({
+            sql: `SELECT id, jti, owner_email, org_id, label, kind, service_name, created_by, created_at, last_used_at, revoked_at FROM mcp_connect_tokens WHERE org_id = ? AND kind = 'service' ORDER BY created_at DESC`,
+            args: [orgId],
+        });
+        return rows.map(mapTokenRow);
+    }
+    catch (err) {
+        if (isConnectionError(err))
+            return [];
+        throw err;
+    }
+}
+/**
+ * Revoke an org service token by id, scoped to `orgId` AND `kind = 'service'`
+ * so a caller can never revoke another org's token (or someone's personal
+ * token) through this path. Uses the same `revoked_at` gate `isJtiRevoked`
+ * checks, so revocation takes effect on the next request like personal
+ * tokens. Idempotent; returns true when a row actually transitioned.
+ */
+export async function revokeOrgServiceToken(orgId, id) {
+    await ensureTable();
+    const client = getDbExec();
+    const result = await client.execute({
+        sql: `UPDATE mcp_connect_tokens SET revoked_at = ? WHERE id = ? AND org_id = ? AND kind = 'service' AND revoked_at IS NULL`,
+        args: [Date.now(), id, orgId],
+    });
+    return result.rowsAffected > 0;
+}
 /**
  * Revoke a token, but ONLY if it is owned by `ownerEmail` (the caller). The
  * `owner_email = ?` predicate is the access scope — a caller can never revoke

package/dist/mcp/connect-store.js.map

@@ -1 +1 @@
-{"version":3,"file":"connect-store.js","sourceRoot":"","sources":["../../src/mcp/connect-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AACxE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEtD,IAAI,YAAuC,CAAC;AAE5C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,aAAa,CAAC;AAE/C;;;GAGG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAG,sBAAsB,CAAC;AAElE,6CAA6C;AAC7C,MAAM,CAAC,MAAM,kBAAkB,GAAG,EAAE,GAAG,MAAM,CAAC;AAE9C,0EAA0E;AAC1E,MAAM,CAAC,MAAM,sBAAsB,GAAG,GAAG,CAAC;AAC1C,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC;AACpC,MAAM,CAAC,MAAM,kBAAkB,GAAG,GAAG,CAAC;AAEtC;;;;GAIG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,EAAE,CAAC;AACnC,MAAM,CAAC,MAAM,sBAAsB,GAAG,MAAM,CAAC;AAE7C,KAAK,UAAU,WAAW;IACxB,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,YAAY,GAAG,CAAC,KAAK,IAAI,EAAE;YACzB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,qEAAqE;YACrE,6DAA6D;YAC7D,MAAM,MAAM,CAAC,OAAO,CAAC;;;;;;;uBAOJ,OAAO,EAAE;yBACP,OAAO,EAAE;uBACX,OAAO,EAAE;;OAEzB,CAAC,CAAC;YACH,MAAM,MAAM,CAAC,OAAO,CAAC;;;;;;;;uBAQJ,OAAO,EAAE;uBACT,OAAO,EAAE;wBACR,OAAO,EAAE;;OAE1B,CAAC,CAAC;QACL,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACjB,uEAAuE;YACvE,kEAAkE;YAClE,YAAY,GAAG,SAAS,CAAC;YACzB,MAAM,GAAG,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAiBD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAKvC;IACC,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,EAAE,GAAG,UAAU,EAAE,CAAC;IACxB,MAAM,MAAM,CAAC,OAAO,CAAC;QACnB,GAAG,EAAE,4IAA4I;QACjJ,IAAI,EAAE;YACJ,EAAE;YACF,MAAM,CAAC,GAAG;YACV,MAAM,CAAC,UAAU;YACjB,MAAM,CAAC,KAAK,IAAI,IAAI;YACpB,MAAM,CAAC,KAAK,IAAI,IAAI;YACpB,IAAI,CAAC,GAAG,EAAE;YACV,IAAI;YACJ,IAAI;SACL;KACF,CAAC,CAAC;IACH,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,GAAW;IAC5C,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YACpC,GAAG,EAAE,yDAAyD;YAC9D,IAAI,EAAE,CAAC,GAAG,CAAC;SACZ,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAC1D,OAAO,SAAS,IAAI,IAAI,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,oEAAoE;QACpE,uEAAuE;QACvE,IAAI,iBAAiB,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QACzC,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,UAAkB;IAElB,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YACpC,GAAG,EAAE,yJAAyJ;YAC9J,IAAI,EAAE,CAAC,UAAU,CAAC;SACnB,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;YAC3B,EAAE,EAAE,CAAC,CAAC,EAAY;YAClB,GAAG,EAAE,CAAC,CAAC,GAAa;YACpB,UAAU,EAAE,CAAC,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,UAAU,CAAW;YACrD,KAAK,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,KAAK,IAAI,IAAI,CAAkB;YACrD,KAAK,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,CAAkB;YACzC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,SAAS,CAAC;YACjD,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,YAAY,IAAI,CAAC,CAAC,UAAU,CAAC;YACrD,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,SAAS,CAAC;SAClD,CAAC,CAAC,CAAC;IACN,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,iBAAiB,CAAC,GAAG,CAAC;YAAE,OAAO,EAAE,CAAC;QACtC,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,UAAkB,EAClB,EAAU;IAEV,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;QAClC,GAAG,EAAE,sGAAsG;QAC3G,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,UAAU,CAAC;KACnC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC,YAAY,GAAG,CAAC,CAAC;AACjC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,GAAW;IAC9C,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,MAAM,CAAC,OAAO,CAAC;YACnB,GAAG,EAAE,8DAA8D;YACnE,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,GAAG,CAAC;SACxB,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,sEAAsE;IACxE,CAAC;AACH,CAAC;AAkBD,MAAM,kBAAkB,GAAG,kCAAkC,CAAC,CAAC,mCAAmC;AAElG,qEAAqE;AACrE,SAAS,gBAAgB;IACvB,MAAM,KAAK,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IAC7B,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3B,GAAG,IAAI,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAChE,IAAI,CAAC,KAAK,CAAC;YAAE,GAAG,IAAI,GAAG,CAAC;IAC1B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,kBAAkB;IACzB,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAC/C,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YACpC,GAAG,EAAE,iEAAiE;YACtE,IAAI,EAAE,CAAC,GAAG,GAAG,sBAAsB,CAAC;SACrC,CAAC,CAAC;QACH,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC3D,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,gBAAgB,EAAE,CAAC;YAChD,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAAC,OAAO,GAAQ,EAAE,CAAC;QAClB,IAAI,GAAG,EAAE,OAAO,KAAK,cAAc;YAAE,MAAM,GAAG,CAAC;QAC/C,sEAAsE;QACtE,qEAAqE;IACvE,CAAC;IAED,MAAM,UAAU,GAAG,kBAAkB,EAAE,CAAC;IACxC,MAAM,QAAQ,GAAG,gBAAgB,EAAE,CAAC;IACpC,MAAM,SAAS,GAAG,GAAG,GAAG,kBAAkB,CAAC;IAC3C,MAAM,MAAM,CAAC,OAAO,CAAC;QACnB,GAAG,EAAE,uKAAuK;QAC5K,IAAI,EAAE;YACJ,UAAU;YACV,QAAQ;YACR,IAAI;YACJ,IAAI;YACJ,SAAS;YACT,IAAI;YACJ,GAAG;YACH,SAAS;YACT,IAAI;SACL;KACF,CAAC,CAAC;IACH,OAAO;QACL,UAAU;QACV,QAAQ;QACR,UAAU,EAAE,IAAI;QAChB,KAAK,EAAE,IAAI;QACX,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE,IAAI;QACd,SAAS,EAAE,GAAG;QACd,SAAS;QACT,UAAU,EAAE,IAAI;KACjB,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,CAAM;IAC1B,OAAO;QACL,UAAU,EAAE,CAAC,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,UAAU,CAAW;QACrD,QAAQ,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,QAAQ,CAAW;QAC/C,UAAU,EAAE,CAAC,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,UAAU,IAAI,IAAI,CAAkB;QACpE,KAAK,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,KAAK,IAAI,IAAI,CAAkB;QACrD,MAAM,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,SAAS,CAA4B;QAC1D,QAAQ,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAkB;QAC9D,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,SAAS,CAAC;QACjD,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,SAAS,CAAC;QACjD,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,UAAU,CAAC;KACrD,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,UAAkB;IAElB,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YACpC,GAAG,EAAE,sDAAsD;YAC3D,IAAI,EAAE,CAAC,UAAU,CAAC;SACnB,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QACnC,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,iBAAiB,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QACxC,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,uBAAuB,CACpC,QAAgB;IAEhB,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YACpC,GAAG,EAAE,oDAAoD;YACzD,IAAI,EAAE,CAAC,QAAQ,CAAC;SACjB,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QACnC,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,iBAAiB,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QACxC,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,QAAgB,EAChB,UAAkB,EAClB,KAAoB;IAEpB,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,GAAG,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IACpD,IAAI,CAAC,GAAG;QAAE,OAAO,WAAW,CAAC;IAC7B,IAAI,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE;QAAE,OAAO,SAAS,CAAC;IACxD,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS;QAAE,OAAO,SAAS,CAAC;IAE/C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;QAClC,GAAG,EAAE,yHAAyH;QAC9H,IAAI,EAAE,CAAC,UAAU,EAAE,KAAK,EAAE,QAAQ,CAAC;KACpC,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,YAAY,KAAK,CAAC,EAAE,CAAC;QAC9B,uEAAuE;QACvE,MAAM,KAAK,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;QACtD,OAAO,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC;IACvE,CAAC;IACD,OAAO;QACL,GAAG,GAAG;QACN,MAAM,EAAE,UAAU;QAClB,UAAU;QACV,KAAK;KACN,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,UAAkB,EAClB,QAAgB;IAEhB,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,CAAC;IAC5C,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,IAAI,GAAG,CAAC,MAAM,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC;IAC3C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;QAClC,GAAG,EAAE,+HAA+H;QACpI,IAAI,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC;KACzC,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,YAAY,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC,CAAC,2BAA2B;IACvE,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,UAAkB,EAClB,QAAgB;IAEhB,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,CAAC;IAC5C,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC;IACnD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;QAClC,GAAG,EAAE,8HAA8H;QACnI,IAAI,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC;KACzC,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,YAAY,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAC3C,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,UAAkB,EAClB,QAAgB;IAEhB,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;QAClC,GAAG,EAAE,gHAAgH;QACrH,IAAI,EAAE,CAAC,UAAU,EAAE,QAAQ,CAAC;KAC7B,CAAC,CAAC;IACH,OAAO,MAAM,CAAC,YAAY,GAAG,CAAC,CAAC;AACjC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,UAAkB,EAClB,QAAgB;IAEhB,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,MAAM,CAAC,OAAO,CAAC;YACnB,GAAG,EAAE,sJAAsJ;YAC3J,IAAI,EAAE,CAAC,UAAU,EAAE,QAAQ,CAAC;SAC7B,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,sEAAsE;QACtE,wEAAwE;IAC1E,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,UAAkB;IACvD,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,MAAM,CAAC,OAAO,CAAC;YACnB,GAAG,EAAE,2GAA2G;YAChH,IAAI,EAAE,CAAC,UAAU,CAAC;SACnB,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,yEAAyE;QACzE,yCAAyC;IAC3C,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAAC,CAAU;IAC3B,IAAI,CAAC,IAAI,IAAI;QAAE,OAAO,IAAI,CAAC;IAC3B,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACpB,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACvC,CAAC","sourcesContent":["/**\n * Framework-table store for the \"connect external agents\" feature.\n *\n * Two additive, dialect-agnostic tables back the browser **Connect** page and\n * the OAuth-style **device-code flow** a CLI drives:\n *\n *   - `mcp_connect_tokens`  — one row per minted MCP token. We never store the\n *     token value (it's a signed JWT); only its `jti` so revocation is a\n *     SQL lookup. Revoking sets `revoked_at`; the row is never deleted.\n *   - `mcp_device_codes`    — short-lived (10 min) device/user code pairs for\n *     the OAuth 2.0 device-authorization-style CLI flow. Single-use\n *     (`consumed_at`), rate-limited at creation.\n *\n * Mirrors `application-state/store.ts`: lazy `ensureTable()`, `getDbExec()`,\n * `isConnectionError()` swallow so a transient Neon WS drop never 500s.\n * `CREATE TABLE IF NOT EXISTS` only — strictly additive, never DROP / ALTER\n * (shared prod DB rule).\n */\n\nimport { getDbExec, isConnectionError, intType } from \"../db/client.js\";\nimport { randomBytes, randomUUID } from \"node:crypto\";\n\nlet _initPromise: Promise<void> | undefined;\n\n/**\n * Scope claim that marks a connect-minted token (vs. an ordinary A2A\n * delegation JWT). Only tokens carrying this scope go through the revoke\n * lookup in `verifyAuth` — defined here so both `connect-route.ts` and\n * `build-server.ts` import it from the leaf store without a cycle.\n */\nexport const MCP_CONNECT_SCOPE = \"mcp-connect\";\n\n/**\n * Client id used when connect/device flows have to mint a standard MCP OAuth\n * access token instead of an A2A JWT (for deployments without A2A_SECRET).\n */\nexport const MCP_CONNECT_OAUTH_CLIENT_ID = \"agent-native-connect\";\n\n/** Device codes are valid for 10 minutes. */\nexport const DEVICE_CODE_TTL_MS = 10 * 60_000;\n\n/** Default minted-token lifetime. Configurable per-request 1–365 days. */\nexport const DEFAULT_TOKEN_TTL_DAYS = 365;\nexport const MIN_TOKEN_TTL_DAYS = 1;\nexport const MAX_TOKEN_TTL_DAYS = 365;\n\n/**\n * Rate limit for `device/start`: at most this many device codes may be created\n * within `DEVICE_START_WINDOW_MS`. Unauthenticated endpoint — keep it tight so\n * a hostile client can't flood the table or brute-force user codes.\n */\nexport const DEVICE_START_MAX = 20;\nexport const DEVICE_START_WINDOW_MS = 60_000;\n\nasync function ensureTable(): Promise<void> {\n  if (!_initPromise) {\n    _initPromise = (async () => {\n      const client = getDbExec();\n      // Additive only. Never DROP / ALTER — this DB is shared across every\n      // deploy context (preview/branch/prod) for hosted templates.\n      await client.execute(`\n        CREATE TABLE IF NOT EXISTS mcp_connect_tokens (\n          id TEXT PRIMARY KEY,\n          jti TEXT UNIQUE NOT NULL,\n          owner_email TEXT NOT NULL,\n          org_id TEXT,\n          label TEXT,\n          created_at ${intType()},\n          last_used_at ${intType()},\n          revoked_at ${intType()}\n        )\n      `);\n      await client.execute(`\n        CREATE TABLE IF NOT EXISTS mcp_device_codes (\n          device_code TEXT PRIMARY KEY,\n          user_code TEXT NOT NULL,\n          owner_email TEXT,\n          org_id TEXT,\n          status TEXT NOT NULL DEFAULT 'pending',\n          token_jti TEXT,\n          created_at ${intType()},\n          expires_at ${intType()},\n          consumed_at ${intType()}\n        )\n      `);\n    })().catch((err) => {\n      // Don't cache a rejected init. A transient DB blip should let the next\n      // connect/mint/revoke call retry rather than wedging the process.\n      _initPromise = undefined;\n      throw err;\n    });\n  }\n  return _initPromise;\n}\n\n// ---------------------------------------------------------------------------\n// Minted-token records\n// ---------------------------------------------------------------------------\n\nexport interface MintedTokenRow {\n  id: string;\n  jti: string;\n  ownerEmail: string;\n  orgId: string | null;\n  label: string | null;\n  createdAt: number | null;\n  lastUsedAt: number | null;\n  revokedAt: number | null;\n}\n\n/**\n * Persist a record of a minted token. The token value itself (a signed JWT)\n * is NEVER stored — only its `jti`, so revocation is a cheap SQL lookup.\n */\nexport async function recordMintedToken(params: {\n  jti: string;\n  ownerEmail: string;\n  orgId?: string | null;\n  label?: string | null;\n}): Promise<string> {\n  await ensureTable();\n  const client = getDbExec();\n  const id = randomUUID();\n  await client.execute({\n    sql: `INSERT INTO mcp_connect_tokens (id, jti, owner_email, org_id, label, created_at, last_used_at, revoked_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,\n    args: [\n      id,\n      params.jti,\n      params.ownerEmail,\n      params.orgId ?? null,\n      params.label ?? null,\n      Date.now(),\n      null,\n      null,\n    ],\n  });\n  return id;\n}\n\n/**\n * Returns true when the given `jti` corresponds to a token that has been\n * revoked. Fails OPEN on a store/DB error: a transient Neon WS drop must not\n * lock every connected agent out. Signature verification is unaffected — this\n * is only the post-verify revoke check (see `verifyAuth` in build-server.ts).\n */\nexport async function isJtiRevoked(jti: string): Promise<boolean> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    const { rows } = await client.execute({\n      sql: `SELECT revoked_at FROM mcp_connect_tokens WHERE jti = ?`,\n      args: [jti],\n    });\n    if (rows.length === 0) return false;\n    const revokedAt = rows[0].revoked_at ?? rows[0].revokedAt;\n    return revokedAt != null;\n  } catch (err) {\n    // Fail open: a DB blip must not turn every minted token into a 401.\n    // (Signature checks already passed; this only gates explicit revokes.)\n    if (isConnectionError(err)) return false;\n    return false;\n  }\n}\n\nexport async function listTokens(\n  ownerEmail: string,\n): Promise<MintedTokenRow[]> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    const { rows } = await client.execute({\n      sql: `SELECT id, jti, owner_email, org_id, label, created_at, last_used_at, revoked_at FROM mcp_connect_tokens WHERE owner_email = ? ORDER BY created_at DESC`,\n      args: [ownerEmail],\n    });\n    return rows.map((r: any) => ({\n      id: r.id as string,\n      jti: r.jti as string,\n      ownerEmail: (r.owner_email ?? r.ownerEmail) as string,\n      orgId: (r.org_id ?? r.orgId ?? null) as string | null,\n      label: (r.label ?? null) as string | null,\n      createdAt: numOrNull(r.created_at ?? r.createdAt),\n      lastUsedAt: numOrNull(r.last_used_at ?? r.lastUsedAt),\n      revokedAt: numOrNull(r.revoked_at ?? r.revokedAt),\n    }));\n  } catch (err) {\n    if (isConnectionError(err)) return [];\n    throw err;\n  }\n}\n\n/**\n * Revoke a token, but ONLY if it is owned by `ownerEmail` (the caller). The\n * `owner_email = ?` predicate is the access scope — a caller can never revoke\n * another user's token. Idempotent: re-revoking keeps the first timestamp.\n * Returns true when a row was actually transitioned to revoked.\n */\nexport async function revokeToken(\n  ownerEmail: string,\n  id: string,\n): Promise<boolean> {\n  await ensureTable();\n  const client = getDbExec();\n  const result = await client.execute({\n    sql: `UPDATE mcp_connect_tokens SET revoked_at = ? WHERE id = ? AND owner_email = ? AND revoked_at IS NULL`,\n    args: [Date.now(), id, ownerEmail],\n  });\n  return result.rowsAffected > 0;\n}\n\n/**\n * Best-effort: stamp `last_used_at` for a token. Swallows all errors — this is\n * pure telemetry and must never affect the auth path.\n */\nexport async function touchTokenUsed(jti: string): Promise<void> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    await client.execute({\n      sql: `UPDATE mcp_connect_tokens SET last_used_at = ? WHERE jti = ?`,\n      args: [Date.now(), jti],\n    });\n  } catch {\n    // last_used_at is informational only — never throw from the hot path.\n  }\n}\n\n// ---------------------------------------------------------------------------\n// Device-code flow (OAuth 2.0 device-authorization style)\n// ---------------------------------------------------------------------------\n\nexport interface DeviceCodeRow {\n  deviceCode: string;\n  userCode: string;\n  ownerEmail: string | null;\n  orgId: string | null;\n  status: \"pending\" | \"approved\" | \"minting\" | \"consumed\" | \"expired\";\n  tokenJti: string | null;\n  createdAt: number | null;\n  expiresAt: number | null;\n  consumedAt: number | null;\n}\n\nconst USER_CODE_ALPHABET = \"ABCDEFGHIJKLMNOPQRSTUVWXYZ234567\"; // Crockford-ish base32, no 0/1/O/I\n\n/** Crypto-random short human-typable code, formatted `XXXX-XXXX`. */\nfunction generateUserCode(): string {\n  const bytes = randomBytes(8);\n  let out = \"\";\n  for (let i = 0; i < 8; i++) {\n    out += USER_CODE_ALPHABET[bytes[i] % USER_CODE_ALPHABET.length];\n    if (i === 3) out += \"-\";\n  }\n  return out;\n}\n\nfunction generateDeviceCode(): string {\n  return randomBytes(32).toString(\"base64url\");\n}\n\n/**\n * Create a new device+user code pair. Rate-limited: at most\n * `DEVICE_START_MAX` codes within `DEVICE_START_WINDOW_MS`. The window count\n * is a coarse global cap (this endpoint is unauthenticated) — enough to stop\n * table flooding / user-code brute force without per-IP plumbing.\n *\n * Throws `RATE_LIMITED` when the cap is exceeded so the route can map it to a\n * 429.\n */\nexport async function createDeviceCode(): Promise<DeviceCodeRow> {\n  await ensureTable();\n  const client = getDbExec();\n\n  const now = Date.now();\n  try {\n    const { rows } = await client.execute({\n      sql: `SELECT COUNT(*) AS n FROM mcp_device_codes WHERE created_at > ?`,\n      args: [now - DEVICE_START_WINDOW_MS],\n    });\n    const n = Number(rows[0]?.n ?? rows[0]?.[\"COUNT(*)\"] ?? 0);\n    if (Number.isFinite(n) && n >= DEVICE_START_MAX) {\n      throw new Error(\"RATE_LIMITED\");\n    }\n  } catch (err: any) {\n    if (err?.message === \"RATE_LIMITED\") throw err;\n    // A read failure here should not block legitimate device starts — the\n    // single-use + short-TTL design is the primary protection. Continue.\n  }\n\n  const deviceCode = generateDeviceCode();\n  const userCode = generateUserCode();\n  const expiresAt = now + DEVICE_CODE_TTL_MS;\n  await client.execute({\n    sql: `INSERT INTO mcp_device_codes (device_code, user_code, owner_email, org_id, status, token_jti, created_at, expires_at, consumed_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,\n    args: [\n      deviceCode,\n      userCode,\n      null,\n      null,\n      \"pending\",\n      null,\n      now,\n      expiresAt,\n      null,\n    ],\n  });\n  return {\n    deviceCode,\n    userCode,\n    ownerEmail: null,\n    orgId: null,\n    status: \"pending\",\n    tokenJti: null,\n    createdAt: now,\n    expiresAt,\n    consumedAt: null,\n  };\n}\n\nfunction mapDeviceRow(r: any): DeviceCodeRow {\n  return {\n    deviceCode: (r.device_code ?? r.deviceCode) as string,\n    userCode: (r.user_code ?? r.userCode) as string,\n    ownerEmail: (r.owner_email ?? r.ownerEmail ?? null) as string | null,\n    orgId: (r.org_id ?? r.orgId ?? null) as string | null,\n    status: (r.status ?? \"pending\") as DeviceCodeRow[\"status\"],\n    tokenJti: (r.token_jti ?? r.tokenJti ?? null) as string | null,\n    createdAt: numOrNull(r.created_at ?? r.createdAt),\n    expiresAt: numOrNull(r.expires_at ?? r.expiresAt),\n    consumedAt: numOrNull(r.consumed_at ?? r.consumedAt),\n  };\n}\n\nexport async function getDeviceCode(\n  deviceCode: string,\n): Promise<DeviceCodeRow | null> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    const { rows } = await client.execute({\n      sql: `SELECT * FROM mcp_device_codes WHERE device_code = ?`,\n      args: [deviceCode],\n    });\n    if (rows.length === 0) return null;\n    return mapDeviceRow(rows[0]);\n  } catch (err) {\n    if (isConnectionError(err)) return null;\n    throw err;\n  }\n}\n\nasync function getDeviceCodeByUserCode(\n  userCode: string,\n): Promise<DeviceCodeRow | null> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    const { rows } = await client.execute({\n      sql: `SELECT * FROM mcp_device_codes WHERE user_code = ?`,\n      args: [userCode],\n    });\n    if (rows.length === 0) return null;\n    return mapDeviceRow(rows[0]);\n  } catch (err) {\n    if (isConnectionError(err)) return null;\n    throw err;\n  }\n}\n\n/**\n * Bind the logged-in user (email + org) to a pending device code, identified\n * by its human-typable `user_code`. Only transitions a non-expired, still\n * `pending` row. Returns the bound row, or a string error code:\n *   - `not_found`  — no such user_code\n *   - `expired`    — past its TTL\n *   - `already`    — already approved/consumed (not re-bindable)\n */\nexport async function approveDeviceCode(\n  userCode: string,\n  ownerEmail: string,\n  orgId: string | null,\n): Promise<DeviceCodeRow | \"not_found\" | \"expired\" | \"already\"> {\n  await ensureTable();\n  const client = getDbExec();\n  const row = await getDeviceCodeByUserCode(userCode);\n  if (!row) return \"not_found\";\n  if ((row.expiresAt ?? 0) < Date.now()) return \"expired\";\n  if (row.status !== \"pending\") return \"already\";\n\n  const result = await client.execute({\n    sql: `UPDATE mcp_device_codes SET status = 'approved', owner_email = ?, org_id = ? WHERE user_code = ? AND status = 'pending'`,\n    args: [ownerEmail, orgId, userCode],\n  });\n  if (result.rowsAffected === 0) {\n    // Lost a race with another approve — re-read to report the real state.\n    const fresh = await getDeviceCodeByUserCode(userCode);\n    return fresh && fresh.status !== \"pending\" ? \"already\" : \"not_found\";\n  }\n  return {\n    ...row,\n    status: \"approved\",\n    ownerEmail,\n    orgId,\n  };\n}\n\n/**\n * Atomically transition an approved device code to consumed and stamp the\n * minted token's jti. Single-use: only succeeds when the row is currently\n * `approved` (not already consumed). Returns the pre-consume row on success,\n * or null when it could not be consumed (already consumed / not approved /\n * gone). The caller mints the token only after this returns a row.\n */\nexport async function consumeDeviceCode(\n  deviceCode: string,\n  tokenJti: string,\n): Promise<DeviceCodeRow | null> {\n  await ensureTable();\n  const client = getDbExec();\n  const row = await getDeviceCode(deviceCode);\n  if (!row) return null;\n  if (row.status !== \"approved\") return null;\n  const result = await client.execute({\n    sql: `UPDATE mcp_device_codes SET status = 'consumed', token_jti = ?, consumed_at = ? WHERE device_code = ? AND status = 'approved'`,\n    args: [tokenJti, Date.now(), deviceCode],\n  });\n  if (result.rowsAffected === 0) return null; // lost the single-use race\n  return row;\n}\n\n/**\n * Claim an approved device code for token minting without making it terminal.\n * If signing or token recording fails, callers release this back to approved\n * so the CLI can retry the poll instead of being stuck at \"consumed\".\n */\nexport async function claimDeviceCodeForMint(\n  deviceCode: string,\n  tokenJti: string,\n): Promise<DeviceCodeRow | null> {\n  await ensureTable();\n  const client = getDbExec();\n  const row = await getDeviceCode(deviceCode);\n  if (!row || row.status !== \"approved\") return null;\n  const result = await client.execute({\n    sql: `UPDATE mcp_device_codes SET status = 'minting', token_jti = ?, consumed_at = ? WHERE device_code = ? AND status = 'approved'`,\n    args: [tokenJti, Date.now(), deviceCode],\n  });\n  if (result.rowsAffected === 0) return null;\n  return row;\n}\n\nexport async function finishDeviceCodeMint(\n  deviceCode: string,\n  tokenJti: string,\n): Promise<boolean> {\n  await ensureTable();\n  const client = getDbExec();\n  const result = await client.execute({\n    sql: `UPDATE mcp_device_codes SET status = 'consumed' WHERE device_code = ? AND status = 'minting' AND token_jti = ?`,\n    args: [deviceCode, tokenJti],\n  });\n  return result.rowsAffected > 0;\n}\n\nexport async function releaseDeviceCodeMint(\n  deviceCode: string,\n  tokenJti: string,\n): Promise<void> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    await client.execute({\n      sql: `UPDATE mcp_device_codes SET status = 'approved', token_jti = NULL, consumed_at = NULL WHERE device_code = ? AND status = 'minting' AND token_jti = ?`,\n      args: [deviceCode, tokenJti],\n    });\n  } catch {\n    // The next poll will keep returning pending for a minting row until a\n    // later cleanup/retry path can observe or repair it. Do not throw here.\n  }\n}\n\n/**\n * Best-effort: flip an expired, still-pending/approved row to `expired` so\n * the poll endpoint can report a clean terminal state. Swallows errors.\n */\nexport async function expireDeviceCode(deviceCode: string): Promise<void> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    await client.execute({\n      sql: `UPDATE mcp_device_codes SET status = 'expired' WHERE device_code = ? AND status IN ('pending','approved')`,\n      args: [deviceCode],\n    });\n  } catch {\n    // The poll handler already treats past-TTL rows as expired regardless of\n    // whether this housekeeping write lands.\n  }\n}\n\nfunction numOrNull(v: unknown): number | null {\n  if (v == null) return null;\n  const n = Number(v);\n  return Number.isFinite(n) ? n : null;\n}\n"]}
+{"version":3,"file":"connect-store.js","sourceRoot":"","sources":["../../src/mcp/connect-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AACxE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEtD,IAAI,YAAuC,CAAC;AAE5C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,aAAa,CAAC;AAE/C;;;GAGG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAG,sBAAsB,CAAC;AAElE,6CAA6C;AAC7C,MAAM,CAAC,MAAM,kBAAkB,GAAG,EAAE,GAAG,MAAM,CAAC;AAE9C,0EAA0E;AAC1E,MAAM,CAAC,MAAM,sBAAsB,GAAG,GAAG,CAAC;AAC1C,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC;AACpC,MAAM,CAAC,MAAM,kBAAkB,GAAG,GAAG,CAAC;AAEtC;;;;GAIG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,EAAE,CAAC;AACnC,MAAM,CAAC,MAAM,sBAAsB,GAAG,MAAM,CAAC;AAE7C,KAAK,UAAU,WAAW;IACxB,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,YAAY,GAAG,CAAC,KAAK,IAAI,EAAE;YACzB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,qEAAqE;YACrE,6DAA6D;YAC7D,MAAM,MAAM,CAAC,OAAO,CAAC;;;;;;;;;;uBAUJ,OAAO,EAAE;yBACP,OAAO,EAAE;uBACX,OAAO,EAAE;;OAEzB,CAAC,CAAC;YACH,wEAAwE;YACxE,wEAAwE;YACxE,iEAAiE;YACjE,wEAAwE;YACxE,gEAAgE;YAChE,mEAAmE;YACnE,kCAAkC;YAClC,KAAK,MAAM,CAAC,eAAe,EAAE,KAAK,CAAC,IAAI;gBACrC;oBACE,+FAA+F;oBAC/F,iFAAiF;iBAClF;gBACD;oBACE,2EAA2E;oBAC3E,6DAA6D;iBAC9D;gBACD;oBACE,yEAAyE;oBACzE,2DAA2D;iBAC5D;aACF,EAAE,CAAC;gBACF,IAAI,CAAC;oBACH,MAAM,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;gBACxC,CAAC;gBAAC,MAAM,CAAC;oBACP,gEAAgE;oBAChE,oEAAoE;oBACpE,IAAI,CAAC;wBACH,MAAM,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;oBAC9B,CAAC;oBAAC,MAAM,CAAC;wBACP,gEAAgE;oBAClE,CAAC;gBACH,CAAC;YACH,CAAC;YACD,MAAM,MAAM,CAAC,OAAO,CAAC;;;;;;;;uBAQJ,OAAO,EAAE;uBACT,OAAO,EAAE;wBACR,OAAO,EAAE;;OAE1B,CAAC,CAAC;QACL,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACjB,uEAAuE;YACvE,kEAAkE;YAClE,YAAY,GAAG,SAAS,CAAC;YACzB,MAAM,GAAG,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAuBD;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB,CAClC,WAAmB,EACnB,KAAa;IAEb,OAAO,OAAO,oBAAoB,CAAC,WAAW,CAAC,YAAY,KAAK,EAAE,CAAC;AACrE,CAAC;AAED,oEAAoE;AACpE,MAAM,UAAU,sBAAsB,CAAC,KAAyB;IAC9D,OAAO,CAAC,CAAC,KAAK,IAAI,2BAA2B,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC5D,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAAC,GAAW;IAC9C,MAAM,IAAI,GAAG,CAAC,GAAG,IAAI,EAAE,CAAC;SACrB,IAAI,EAAE;SACN,WAAW,EAAE;SACb,OAAO,CAAC,cAAc,EAAE,GAAG,CAAC;SAC5B,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC;SACrB,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAChB,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;IAC9E,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAWvC;IACC,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,EAAE,GAAG,UAAU,EAAE,CAAC;IACxB,MAAM,MAAM,CAAC,OAAO,CAAC;QACnB,GAAG,EAAE,qLAAqL;QAC1L,IAAI,EAAE;YACJ,EAAE;YACF,MAAM,CAAC,GAAG;YACV,MAAM,CAAC,UAAU;YACjB,MAAM,CAAC,KAAK,IAAI,IAAI;YACpB,MAAM,CAAC,KAAK,IAAI,IAAI;YACpB,MAAM,CAAC,IAAI,IAAI,UAAU;YACzB,MAAM,CAAC,WAAW,IAAI,IAAI;YAC1B,MAAM,CAAC,SAAS,IAAI,IAAI;YACxB,IAAI,CAAC,GAAG,EAAE;YACV,IAAI;YACJ,IAAI;SACL;KACF,CAAC,CAAC;IACH,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,GAAW;IAC5C,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YACpC,GAAG,EAAE,yDAAyD;YAC9D,IAAI,EAAE,CAAC,GAAG,CAAC;SACZ,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAC1D,OAAO,SAAS,IAAI,IAAI,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,oEAAoE;QACpE,uEAAuE;QACvE,IAAI,iBAAiB,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QACzC,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,CAAM;IACzB,OAAO;QACL,EAAE,EAAE,CAAC,CAAC,EAAY;QAClB,GAAG,EAAE,CAAC,CAAC,GAAa;QACpB,UAAU,EAAE,CAAC,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,UAAU,CAAW;QACrD,KAAK,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,KAAK,IAAI,IAAI,CAAkB;QACrD,KAAK,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,CAAkB;QACzC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,SAAS,CAAC;QACjD,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,YAAY,IAAI,CAAC,CAAC,UAAU,CAAC;QACrD,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,SAAS,CAAC;QACjD,IAAI,EAAE,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU;QACnD,WAAW,EAAE,CAAC,CAAC,CAAC,YAAY,IAAI,CAAC,CAAC,WAAW,IAAI,IAAI,CAAkB;QACvE,SAAS,EAAE,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,SAAS,IAAI,IAAI,CAAkB;KAClE,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,UAAkB;IAElB,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YACpC,GAAG,EAAE,yLAAyL;YAC9L,IAAI,EAAE,CAAC,UAAU,CAAC;SACnB,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAC/B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,iBAAiB,CAAC,GAAG,CAAC;YAAE,OAAO,EAAE,CAAC;QACtC,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,KAAa;IAEb,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YACpC,GAAG,EAAE,yMAAyM;YAC9M,IAAI,EAAE,CAAC,KAAK,CAAC;SACd,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAC/B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,iBAAiB,CAAC,GAAG,CAAC;YAAE,OAAO,EAAE,CAAC;QACtC,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,KAAa,EACb,EAAU;IAEV,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;QAClC,GAAG,EAAE,sHAAsH;QAC3H,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC;KAC9B,CAAC,CAAC;IACH,OAAO,MAAM,CAAC,YAAY,GAAG,CAAC,CAAC;AACjC,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,UAAkB,EAClB,EAAU;IAEV,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;QAClC,GAAG,EAAE,sGAAsG;QAC3G,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,UAAU,CAAC;KACnC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC,YAAY,GAAG,CAAC,CAAC;AACjC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,GAAW;IAC9C,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,MAAM,CAAC,OAAO,CAAC;YACnB,GAAG,EAAE,8DAA8D;YACnE,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,GAAG,CAAC;SACxB,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,sEAAsE;IACxE,CAAC;AACH,CAAC;AAkBD,MAAM,kBAAkB,GAAG,kCAAkC,CAAC,CAAC,mCAAmC;AAElG,qEAAqE;AACrE,SAAS,gBAAgB;IACvB,MAAM,KAAK,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IAC7B,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3B,GAAG,IAAI,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAChE,IAAI,CAAC,KAAK,CAAC;YAAE,GAAG,IAAI,GAAG,CAAC;IAC1B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,kBAAkB;IACzB,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAC/C,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YACpC,GAAG,EAAE,iEAAiE;YACtE,IAAI,EAAE,CAAC,GAAG,GAAG,sBAAsB,CAAC;SACrC,CAAC,CAAC;QACH,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC3D,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,gBAAgB,EAAE,CAAC;YAChD,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAAC,OAAO,GAAQ,EAAE,CAAC;QAClB,IAAI,GAAG,EAAE,OAAO,KAAK,cAAc;YAAE,MAAM,GAAG,CAAC;QAC/C,sEAAsE;QACtE,qEAAqE;IACvE,CAAC;IAED,MAAM,UAAU,GAAG,kBAAkB,EAAE,CAAC;IACxC,MAAM,QAAQ,GAAG,gBAAgB,EAAE,CAAC;IACpC,MAAM,SAAS,GAAG,GAAG,GAAG,kBAAkB,CAAC;IAC3C,MAAM,MAAM,CAAC,OAAO,CAAC;QACnB,GAAG,EAAE,uKAAuK;QAC5K,IAAI,EAAE;YACJ,UAAU;YACV,QAAQ;YACR,IAAI;YACJ,IAAI;YACJ,SAAS;YACT,IAAI;YACJ,GAAG;YACH,SAAS;YACT,IAAI;SACL;KACF,CAAC,CAAC;IACH,OAAO;QACL,UAAU;QACV,QAAQ;QACR,UAAU,EAAE,IAAI;QAChB,KAAK,EAAE,IAAI;QACX,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE,IAAI;QACd,SAAS,EAAE,GAAG;QACd,SAAS;QACT,UAAU,EAAE,IAAI;KACjB,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,CAAM;IAC1B,OAAO;QACL,UAAU,EAAE,CAAC,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,UAAU,CAAW;QACrD,QAAQ,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,QAAQ,CAAW;QAC/C,UAAU,EAAE,CAAC,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,UAAU,IAAI,IAAI,CAAkB;QACpE,KAAK,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,KAAK,IAAI,IAAI,CAAkB;QACrD,MAAM,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,SAAS,CAA4B;QAC1D,QAAQ,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAkB;QAC9D,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,SAAS,CAAC;QACjD,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,SAAS,CAAC;QACjD,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,UAAU,CAAC;KACrD,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,UAAkB;IAElB,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YACpC,GAAG,EAAE,sDAAsD;YAC3D,IAAI,EAAE,CAAC,UAAU,CAAC;SACnB,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QACnC,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,iBAAiB,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QACxC,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,uBAAuB,CACpC,QAAgB;IAEhB,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YACpC,GAAG,EAAE,oDAAoD;YACzD,IAAI,EAAE,CAAC,QAAQ,CAAC;SACjB,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QACnC,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,iBAAiB,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QACxC,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,QAAgB,EAChB,UAAkB,EAClB,KAAoB;IAEpB,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,GAAG,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IACpD,IAAI,CAAC,GAAG;QAAE,OAAO,WAAW,CAAC;IAC7B,IAAI,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE;QAAE,OAAO,SAAS,CAAC;IACxD,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS;QAAE,OAAO,SAAS,CAAC;IAE/C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;QAClC,GAAG,EAAE,yHAAyH;QAC9H,IAAI,EAAE,CAAC,UAAU,EAAE,KAAK,EAAE,QAAQ,CAAC;KACpC,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,YAAY,KAAK,CAAC,EAAE,CAAC;QAC9B,uEAAuE;QACvE,MAAM,KAAK,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;QACtD,OAAO,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC;IACvE,CAAC;IACD,OAAO;QACL,GAAG,GAAG;QACN,MAAM,EAAE,UAAU;QAClB,UAAU;QACV,KAAK;KACN,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,UAAkB,EAClB,QAAgB;IAEhB,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,CAAC;IAC5C,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,IAAI,GAAG,CAAC,MAAM,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC;IAC3C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;QAClC,GAAG,EAAE,+HAA+H;QACpI,IAAI,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC;KACzC,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,YAAY,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC,CAAC,2BAA2B;IACvE,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,UAAkB,EAClB,QAAgB;IAEhB,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,CAAC;IAC5C,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC;IACnD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;QAClC,GAAG,EAAE,8HAA8H;QACnI,IAAI,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC;KACzC,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,YAAY,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAC3C,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,UAAkB,EAClB,QAAgB;IAEhB,MAAM,WAAW,EAAE,CAAC;IACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;QAClC,GAAG,EAAE,gHAAgH;QACrH,IAAI,EAAE,CAAC,UAAU,EAAE,QAAQ,CAAC;KAC7B,CAAC,CAAC;IACH,OAAO,MAAM,CAAC,YAAY,GAAG,CAAC,CAAC;AACjC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,UAAkB,EAClB,QAAgB;IAEhB,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,MAAM,CAAC,OAAO,CAAC;YACnB,GAAG,EAAE,sJAAsJ;YAC3J,IAAI,EAAE,CAAC,UAAU,EAAE,QAAQ,CAAC;SAC7B,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,sEAAsE;QACtE,wEAAwE;IAC1E,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,UAAkB;IACvD,IAAI,CAAC;QACH,MAAM,WAAW,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,MAAM,CAAC,OAAO,CAAC;YACnB,GAAG,EAAE,2GAA2G;YAChH,IAAI,EAAE,CAAC,UAAU,CAAC;SACnB,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,yEAAyE;QACzE,yCAAyC;IAC3C,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAAC,CAAU;IAC3B,IAAI,CAAC,IAAI,IAAI;QAAE,OAAO,IAAI,CAAC;IAC3B,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACpB,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACvC,CAAC","sourcesContent":["/**\n * Framework-table store for the \"connect external agents\" feature.\n *\n * Two additive, dialect-agnostic tables back the browser **Connect** page and\n * the OAuth-style **device-code flow** a CLI drives:\n *\n *   - `mcp_connect_tokens`  — one row per minted MCP token. We never store the\n *     token value (it's a signed JWT); only its `jti` so revocation is a\n *     SQL lookup. Revoking sets `revoked_at`; the row is never deleted.\n *   - `mcp_device_codes`    — short-lived (10 min) device/user code pairs for\n *     the OAuth 2.0 device-authorization-style CLI flow. Single-use\n *     (`consumed_at`), rate-limited at creation.\n *\n * Mirrors `application-state/store.ts`: lazy `ensureTable()`, `getDbExec()`,\n * `isConnectionError()` swallow so a transient Neon WS drop never 500s.\n * `CREATE TABLE IF NOT EXISTS` only — strictly additive, never DROP / ALTER\n * (shared prod DB rule).\n */\n\nimport { getDbExec, isConnectionError, intType } from \"../db/client.js\";\nimport { randomBytes, randomUUID } from \"node:crypto\";\n\nlet _initPromise: Promise<void> | undefined;\n\n/**\n * Scope claim that marks a connect-minted token (vs. an ordinary A2A\n * delegation JWT). Only tokens carrying this scope go through the revoke\n * lookup in `verifyAuth` — defined here so both `connect-route.ts` and\n * `build-server.ts` import it from the leaf store without a cycle.\n */\nexport const MCP_CONNECT_SCOPE = \"mcp-connect\";\n\n/**\n * Client id used when connect/device flows have to mint a standard MCP OAuth\n * access token instead of an A2A JWT (for deployments without A2A_SECRET).\n */\nexport const MCP_CONNECT_OAUTH_CLIENT_ID = \"agent-native-connect\";\n\n/** Device codes are valid for 10 minutes. */\nexport const DEVICE_CODE_TTL_MS = 10 * 60_000;\n\n/** Default minted-token lifetime. Configurable per-request 1–365 days. */\nexport const DEFAULT_TOKEN_TTL_DAYS = 365;\nexport const MIN_TOKEN_TTL_DAYS = 1;\nexport const MAX_TOKEN_TTL_DAYS = 365;\n\n/**\n * Rate limit for `device/start`: at most this many device codes may be created\n * within `DEVICE_START_WINDOW_MS`. Unauthenticated endpoint — keep it tight so\n * a hostile client can't flood the table or brute-force user codes.\n */\nexport const DEVICE_START_MAX = 20;\nexport const DEVICE_START_WINDOW_MS = 60_000;\n\nasync function ensureTable(): Promise<void> {\n  if (!_initPromise) {\n    _initPromise = (async () => {\n      const client = getDbExec();\n      // Additive only. Never DROP / ALTER — this DB is shared across every\n      // deploy context (preview/branch/prod) for hosted templates.\n      await client.execute(`\n        CREATE TABLE IF NOT EXISTS mcp_connect_tokens (\n          id TEXT PRIMARY KEY,\n          jti TEXT UNIQUE NOT NULL,\n          owner_email TEXT NOT NULL,\n          org_id TEXT,\n          label TEXT,\n          kind TEXT NOT NULL DEFAULT 'personal',\n          service_name TEXT,\n          created_by TEXT,\n          created_at ${intType()},\n          last_used_at ${intType()},\n          revoked_at ${intType()}\n        )\n      `);\n      // Additive columns for org service tokens (deployments that created the\n      // table before these columns existed; fresh DBs get them via the CREATE\n      // TABLE above). kind='personal' (default) preserves the original\n      // per-user token; kind='service' marks tokens minted for an org service\n      // principal (e.g. CI) rather than a person. service_name is the\n      // human-readable service label (e.g. \"ci\"); created_by records the\n      // human who minted it, for audit.\n      for (const [withIfNotExists, plain] of [\n        [\n          `ALTER TABLE mcp_connect_tokens ADD COLUMN IF NOT EXISTS kind TEXT NOT NULL DEFAULT 'personal'`,\n          `ALTER TABLE mcp_connect_tokens ADD COLUMN kind TEXT NOT NULL DEFAULT 'personal'`,\n        ],\n        [\n          `ALTER TABLE mcp_connect_tokens ADD COLUMN IF NOT EXISTS service_name TEXT`,\n          `ALTER TABLE mcp_connect_tokens ADD COLUMN service_name TEXT`,\n        ],\n        [\n          `ALTER TABLE mcp_connect_tokens ADD COLUMN IF NOT EXISTS created_by TEXT`,\n          `ALTER TABLE mcp_connect_tokens ADD COLUMN created_by TEXT`,\n        ],\n      ]) {\n        try {\n          await client.execute(withIfNotExists);\n        } catch {\n          // SQLite doesn't support \"ADD COLUMN IF NOT EXISTS\" — retry the\n          // plain form and swallow \"duplicate column\" when it already exists.\n          try {\n            await client.execute(plain);\n          } catch {\n            // Column already exists (or was created by CREATE TABLE above).\n          }\n        }\n      }\n      await client.execute(`\n        CREATE TABLE IF NOT EXISTS mcp_device_codes (\n          device_code TEXT PRIMARY KEY,\n          user_code TEXT NOT NULL,\n          owner_email TEXT,\n          org_id TEXT,\n          status TEXT NOT NULL DEFAULT 'pending',\n          token_jti TEXT,\n          created_at ${intType()},\n          expires_at ${intType()},\n          consumed_at ${intType()}\n        )\n      `);\n    })().catch((err) => {\n      // Don't cache a rejected init. A transient DB blip should let the next\n      // connect/mint/revoke call retry rather than wedging the process.\n      _initPromise = undefined;\n      throw err;\n    });\n  }\n  return _initPromise;\n}\n\n// ---------------------------------------------------------------------------\n// Minted-token records\n// ---------------------------------------------------------------------------\n\nexport interface MintedTokenRow {\n  id: string;\n  jti: string;\n  ownerEmail: string;\n  orgId: string | null;\n  label: string | null;\n  createdAt: number | null;\n  lastUsedAt: number | null;\n  revokedAt: number | null;\n  /** `'personal'` (default) or `'service'` for org service tokens. */\n  kind: \"personal\" | \"service\";\n  /** Human-readable service principal name, e.g. `\"ci\"`. Only set when `kind === 'service'`. */\n  serviceName: string | null;\n  /** Email of the human who minted a service token. Only set when `kind === 'service'`. */\n  createdBy: string | null;\n}\n\n/**\n * Synthetic identity for an org service token: `svc-<name>@service.<orgId>`.\n * It is email-shaped so the entire existing identity plumbing (JWT `sub`,\n * `runWithRequestContext({ userEmail })`, ownable-row `owner_email` columns,\n * display surfaces that render an email) works unchanged, while remaining\n * clearly distinguishable from a human account. Ownable rows created under\n * this identity carry the org's `orgId`, so org members can see them.\n */\nexport function serviceIdentityEmail(\n  serviceName: string,\n  orgId: string,\n): string {\n  return `svc-${normalizeServiceName(serviceName)}@service.${orgId}`;\n}\n\n/** True when an email is a synthetic org-service-token identity. */\nexport function isServiceIdentityEmail(email: string | undefined): boolean {\n  return !!email && /^svc-[a-z0-9-]+@service\\./.test(email);\n}\n\n/**\n * Normalize a user-supplied service name to a DNS-label-ish slug so the\n * synthetic identity stays a valid email local part: lowercase, `a-z0-9-`,\n * max 48 chars. Throws on names that normalize to nothing.\n */\nexport function normalizeServiceName(raw: string): string {\n  const slug = (raw ?? \"\")\n    .trim()\n    .toLowerCase()\n    .replace(/[^a-z0-9-]+/g, \"-\")\n    .replace(/-+/g, \"-\")\n    .replace(/^-|-$/g, \"\")\n    .slice(0, 48);\n  if (!slug) {\n    throw new Error(\"Service name must contain at least one letter or number.\");\n  }\n  return slug;\n}\n\n/**\n * Persist a record of a minted token. The token value itself (a signed JWT)\n * is NEVER stored — only its `jti`, so revocation is a cheap SQL lookup.\n */\nexport async function recordMintedToken(params: {\n  jti: string;\n  ownerEmail: string;\n  orgId?: string | null;\n  label?: string | null;\n  /** Defaults to `'personal'`. Pass `'service'` for org service tokens. */\n  kind?: \"personal\" | \"service\";\n  /** Service principal name — required semantics when kind === 'service'. */\n  serviceName?: string | null;\n  /** The human who minted a service token (audit trail). */\n  createdBy?: string | null;\n}): Promise<string> {\n  await ensureTable();\n  const client = getDbExec();\n  const id = randomUUID();\n  await client.execute({\n    sql: `INSERT INTO mcp_connect_tokens (id, jti, owner_email, org_id, label, kind, service_name, created_by, created_at, last_used_at, revoked_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,\n    args: [\n      id,\n      params.jti,\n      params.ownerEmail,\n      params.orgId ?? null,\n      params.label ?? null,\n      params.kind ?? \"personal\",\n      params.serviceName ?? null,\n      params.createdBy ?? null,\n      Date.now(),\n      null,\n      null,\n    ],\n  });\n  return id;\n}\n\n/**\n * Returns true when the given `jti` corresponds to a token that has been\n * revoked. Fails OPEN on a store/DB error: a transient Neon WS drop must not\n * lock every connected agent out. Signature verification is unaffected — this\n * is only the post-verify revoke check (see `verifyAuth` in build-server.ts).\n */\nexport async function isJtiRevoked(jti: string): Promise<boolean> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    const { rows } = await client.execute({\n      sql: `SELECT revoked_at FROM mcp_connect_tokens WHERE jti = ?`,\n      args: [jti],\n    });\n    if (rows.length === 0) return false;\n    const revokedAt = rows[0].revoked_at ?? rows[0].revokedAt;\n    return revokedAt != null;\n  } catch (err) {\n    // Fail open: a DB blip must not turn every minted token into a 401.\n    // (Signature checks already passed; this only gates explicit revokes.)\n    if (isConnectionError(err)) return false;\n    return false;\n  }\n}\n\nfunction mapTokenRow(r: any): MintedTokenRow {\n  return {\n    id: r.id as string,\n    jti: r.jti as string,\n    ownerEmail: (r.owner_email ?? r.ownerEmail) as string,\n    orgId: (r.org_id ?? r.orgId ?? null) as string | null,\n    label: (r.label ?? null) as string | null,\n    createdAt: numOrNull(r.created_at ?? r.createdAt),\n    lastUsedAt: numOrNull(r.last_used_at ?? r.lastUsedAt),\n    revokedAt: numOrNull(r.revoked_at ?? r.revokedAt),\n    kind: r.kind === \"service\" ? \"service\" : \"personal\",\n    serviceName: (r.service_name ?? r.serviceName ?? null) as string | null,\n    createdBy: (r.created_by ?? r.createdBy ?? null) as string | null,\n  };\n}\n\nexport async function listTokens(\n  ownerEmail: string,\n): Promise<MintedTokenRow[]> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    const { rows } = await client.execute({\n      sql: `SELECT id, jti, owner_email, org_id, label, kind, service_name, created_by, created_at, last_used_at, revoked_at FROM mcp_connect_tokens WHERE owner_email = ? ORDER BY created_at DESC`,\n      args: [ownerEmail],\n    });\n    return rows.map(mapTokenRow);\n  } catch (err) {\n    if (isConnectionError(err)) return [];\n    throw err;\n  }\n}\n\n/**\n * List the org's service tokens (kind = 'service'), newest first. Scoped by\n * `org_id` — callers must already have established the caller is a member of\n * `orgId` (the actions in `mcp/actions/` gate on org role).\n */\nexport async function listOrgServiceTokens(\n  orgId: string,\n): Promise<MintedTokenRow[]> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    const { rows } = await client.execute({\n      sql: `SELECT id, jti, owner_email, org_id, label, kind, service_name, created_by, created_at, last_used_at, revoked_at FROM mcp_connect_tokens WHERE org_id = ? AND kind = 'service' ORDER BY created_at DESC`,\n      args: [orgId],\n    });\n    return rows.map(mapTokenRow);\n  } catch (err) {\n    if (isConnectionError(err)) return [];\n    throw err;\n  }\n}\n\n/**\n * Revoke an org service token by id, scoped to `orgId` AND `kind = 'service'`\n * so a caller can never revoke another org's token (or someone's personal\n * token) through this path. Uses the same `revoked_at` gate `isJtiRevoked`\n * checks, so revocation takes effect on the next request like personal\n * tokens. Idempotent; returns true when a row actually transitioned.\n */\nexport async function revokeOrgServiceToken(\n  orgId: string,\n  id: string,\n): Promise<boolean> {\n  await ensureTable();\n  const client = getDbExec();\n  const result = await client.execute({\n    sql: `UPDATE mcp_connect_tokens SET revoked_at = ? WHERE id = ? AND org_id = ? AND kind = 'service' AND revoked_at IS NULL`,\n    args: [Date.now(), id, orgId],\n  });\n  return result.rowsAffected > 0;\n}\n\n/**\n * Revoke a token, but ONLY if it is owned by `ownerEmail` (the caller). The\n * `owner_email = ?` predicate is the access scope — a caller can never revoke\n * another user's token. Idempotent: re-revoking keeps the first timestamp.\n * Returns true when a row was actually transitioned to revoked.\n */\nexport async function revokeToken(\n  ownerEmail: string,\n  id: string,\n): Promise<boolean> {\n  await ensureTable();\n  const client = getDbExec();\n  const result = await client.execute({\n    sql: `UPDATE mcp_connect_tokens SET revoked_at = ? WHERE id = ? AND owner_email = ? AND revoked_at IS NULL`,\n    args: [Date.now(), id, ownerEmail],\n  });\n  return result.rowsAffected > 0;\n}\n\n/**\n * Best-effort: stamp `last_used_at` for a token. Swallows all errors — this is\n * pure telemetry and must never affect the auth path.\n */\nexport async function touchTokenUsed(jti: string): Promise<void> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    await client.execute({\n      sql: `UPDATE mcp_connect_tokens SET last_used_at = ? WHERE jti = ?`,\n      args: [Date.now(), jti],\n    });\n  } catch {\n    // last_used_at is informational only — never throw from the hot path.\n  }\n}\n\n// ---------------------------------------------------------------------------\n// Device-code flow (OAuth 2.0 device-authorization style)\n// ---------------------------------------------------------------------------\n\nexport interface DeviceCodeRow {\n  deviceCode: string;\n  userCode: string;\n  ownerEmail: string | null;\n  orgId: string | null;\n  status: \"pending\" | \"approved\" | \"minting\" | \"consumed\" | \"expired\";\n  tokenJti: string | null;\n  createdAt: number | null;\n  expiresAt: number | null;\n  consumedAt: number | null;\n}\n\nconst USER_CODE_ALPHABET = \"ABCDEFGHIJKLMNOPQRSTUVWXYZ234567\"; // Crockford-ish base32, no 0/1/O/I\n\n/** Crypto-random short human-typable code, formatted `XXXX-XXXX`. */\nfunction generateUserCode(): string {\n  const bytes = randomBytes(8);\n  let out = \"\";\n  for (let i = 0; i < 8; i++) {\n    out += USER_CODE_ALPHABET[bytes[i] % USER_CODE_ALPHABET.length];\n    if (i === 3) out += \"-\";\n  }\n  return out;\n}\n\nfunction generateDeviceCode(): string {\n  return randomBytes(32).toString(\"base64url\");\n}\n\n/**\n * Create a new device+user code pair. Rate-limited: at most\n * `DEVICE_START_MAX` codes within `DEVICE_START_WINDOW_MS`. The window count\n * is a coarse global cap (this endpoint is unauthenticated) — enough to stop\n * table flooding / user-code brute force without per-IP plumbing.\n *\n * Throws `RATE_LIMITED` when the cap is exceeded so the route can map it to a\n * 429.\n */\nexport async function createDeviceCode(): Promise<DeviceCodeRow> {\n  await ensureTable();\n  const client = getDbExec();\n\n  const now = Date.now();\n  try {\n    const { rows } = await client.execute({\n      sql: `SELECT COUNT(*) AS n FROM mcp_device_codes WHERE created_at > ?`,\n      args: [now - DEVICE_START_WINDOW_MS],\n    });\n    const n = Number(rows[0]?.n ?? rows[0]?.[\"COUNT(*)\"] ?? 0);\n    if (Number.isFinite(n) && n >= DEVICE_START_MAX) {\n      throw new Error(\"RATE_LIMITED\");\n    }\n  } catch (err: any) {\n    if (err?.message === \"RATE_LIMITED\") throw err;\n    // A read failure here should not block legitimate device starts — the\n    // single-use + short-TTL design is the primary protection. Continue.\n  }\n\n  const deviceCode = generateDeviceCode();\n  const userCode = generateUserCode();\n  const expiresAt = now + DEVICE_CODE_TTL_MS;\n  await client.execute({\n    sql: `INSERT INTO mcp_device_codes (device_code, user_code, owner_email, org_id, status, token_jti, created_at, expires_at, consumed_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,\n    args: [\n      deviceCode,\n      userCode,\n      null,\n      null,\n      \"pending\",\n      null,\n      now,\n      expiresAt,\n      null,\n    ],\n  });\n  return {\n    deviceCode,\n    userCode,\n    ownerEmail: null,\n    orgId: null,\n    status: \"pending\",\n    tokenJti: null,\n    createdAt: now,\n    expiresAt,\n    consumedAt: null,\n  };\n}\n\nfunction mapDeviceRow(r: any): DeviceCodeRow {\n  return {\n    deviceCode: (r.device_code ?? r.deviceCode) as string,\n    userCode: (r.user_code ?? r.userCode) as string,\n    ownerEmail: (r.owner_email ?? r.ownerEmail ?? null) as string | null,\n    orgId: (r.org_id ?? r.orgId ?? null) as string | null,\n    status: (r.status ?? \"pending\") as DeviceCodeRow[\"status\"],\n    tokenJti: (r.token_jti ?? r.tokenJti ?? null) as string | null,\n    createdAt: numOrNull(r.created_at ?? r.createdAt),\n    expiresAt: numOrNull(r.expires_at ?? r.expiresAt),\n    consumedAt: numOrNull(r.consumed_at ?? r.consumedAt),\n  };\n}\n\nexport async function getDeviceCode(\n  deviceCode: string,\n): Promise<DeviceCodeRow | null> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    const { rows } = await client.execute({\n      sql: `SELECT * FROM mcp_device_codes WHERE device_code = ?`,\n      args: [deviceCode],\n    });\n    if (rows.length === 0) return null;\n    return mapDeviceRow(rows[0]);\n  } catch (err) {\n    if (isConnectionError(err)) return null;\n    throw err;\n  }\n}\n\nasync function getDeviceCodeByUserCode(\n  userCode: string,\n): Promise<DeviceCodeRow | null> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    const { rows } = await client.execute({\n      sql: `SELECT * FROM mcp_device_codes WHERE user_code = ?`,\n      args: [userCode],\n    });\n    if (rows.length === 0) return null;\n    return mapDeviceRow(rows[0]);\n  } catch (err) {\n    if (isConnectionError(err)) return null;\n    throw err;\n  }\n}\n\n/**\n * Bind the logged-in user (email + org) to a pending device code, identified\n * by its human-typable `user_code`. Only transitions a non-expired, still\n * `pending` row. Returns the bound row, or a string error code:\n *   - `not_found`  — no such user_code\n *   - `expired`    — past its TTL\n *   - `already`    — already approved/consumed (not re-bindable)\n */\nexport async function approveDeviceCode(\n  userCode: string,\n  ownerEmail: string,\n  orgId: string | null,\n): Promise<DeviceCodeRow | \"not_found\" | \"expired\" | \"already\"> {\n  await ensureTable();\n  const client = getDbExec();\n  const row = await getDeviceCodeByUserCode(userCode);\n  if (!row) return \"not_found\";\n  if ((row.expiresAt ?? 0) < Date.now()) return \"expired\";\n  if (row.status !== \"pending\") return \"already\";\n\n  const result = await client.execute({\n    sql: `UPDATE mcp_device_codes SET status = 'approved', owner_email = ?, org_id = ? WHERE user_code = ? AND status = 'pending'`,\n    args: [ownerEmail, orgId, userCode],\n  });\n  if (result.rowsAffected === 0) {\n    // Lost a race with another approve — re-read to report the real state.\n    const fresh = await getDeviceCodeByUserCode(userCode);\n    return fresh && fresh.status !== \"pending\" ? \"already\" : \"not_found\";\n  }\n  return {\n    ...row,\n    status: \"approved\",\n    ownerEmail,\n    orgId,\n  };\n}\n\n/**\n * Atomically transition an approved device code to consumed and stamp the\n * minted token's jti. Single-use: only succeeds when the row is currently\n * `approved` (not already consumed). Returns the pre-consume row on success,\n * or null when it could not be consumed (already consumed / not approved /\n * gone). The caller mints the token only after this returns a row.\n */\nexport async function consumeDeviceCode(\n  deviceCode: string,\n  tokenJti: string,\n): Promise<DeviceCodeRow | null> {\n  await ensureTable();\n  const client = getDbExec();\n  const row = await getDeviceCode(deviceCode);\n  if (!row) return null;\n  if (row.status !== \"approved\") return null;\n  const result = await client.execute({\n    sql: `UPDATE mcp_device_codes SET status = 'consumed', token_jti = ?, consumed_at = ? WHERE device_code = ? AND status = 'approved'`,\n    args: [tokenJti, Date.now(), deviceCode],\n  });\n  if (result.rowsAffected === 0) return null; // lost the single-use race\n  return row;\n}\n\n/**\n * Claim an approved device code for token minting without making it terminal.\n * If signing or token recording fails, callers release this back to approved\n * so the CLI can retry the poll instead of being stuck at \"consumed\".\n */\nexport async function claimDeviceCodeForMint(\n  deviceCode: string,\n  tokenJti: string,\n): Promise<DeviceCodeRow | null> {\n  await ensureTable();\n  const client = getDbExec();\n  const row = await getDeviceCode(deviceCode);\n  if (!row || row.status !== \"approved\") return null;\n  const result = await client.execute({\n    sql: `UPDATE mcp_device_codes SET status = 'minting', token_jti = ?, consumed_at = ? WHERE device_code = ? AND status = 'approved'`,\n    args: [tokenJti, Date.now(), deviceCode],\n  });\n  if (result.rowsAffected === 0) return null;\n  return row;\n}\n\nexport async function finishDeviceCodeMint(\n  deviceCode: string,\n  tokenJti: string,\n): Promise<boolean> {\n  await ensureTable();\n  const client = getDbExec();\n  const result = await client.execute({\n    sql: `UPDATE mcp_device_codes SET status = 'consumed' WHERE device_code = ? AND status = 'minting' AND token_jti = ?`,\n    args: [deviceCode, tokenJti],\n  });\n  return result.rowsAffected > 0;\n}\n\nexport async function releaseDeviceCodeMint(\n  deviceCode: string,\n  tokenJti: string,\n): Promise<void> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    await client.execute({\n      sql: `UPDATE mcp_device_codes SET status = 'approved', token_jti = NULL, consumed_at = NULL WHERE device_code = ? AND status = 'minting' AND token_jti = ?`,\n      args: [deviceCode, tokenJti],\n    });\n  } catch {\n    // The next poll will keep returning pending for a minting row until a\n    // later cleanup/retry path can observe or repair it. Do not throw here.\n  }\n}\n\n/**\n * Best-effort: flip an expired, still-pending/approved row to `expired` so\n * the poll endpoint can report a clean terminal state. Swallows errors.\n */\nexport async function expireDeviceCode(deviceCode: string): Promise<void> {\n  try {\n    await ensureTable();\n    const client = getDbExec();\n    await client.execute({\n      sql: `UPDATE mcp_device_codes SET status = 'expired' WHERE device_code = ? AND status IN ('pending','approved')`,\n      args: [deviceCode],\n    });\n  } catch {\n    // The poll handler already treats past-TTL rows as expired regardless of\n    // whether this housekeeping write lands.\n  }\n}\n\nfunction numOrNull(v: unknown): number | null {\n  if (v == null) return null;\n  const n = Number(v);\n  return Number.isFinite(n) ? n : null;\n}\n"]}

package/dist/mcp/oauth-token.d.ts

@@ -23,6 +23,13 @@ export declare function signMcpOAuthAccessToken(params: {
     issuer: string;
     jti?: string;
     expiresIn?: string | number;
+    /**
+     * When `"full"`, embed a `catalog_scope: "full"` custom claim so that on
+     * hosted multi-tenant deployments (AGENT_NATIVE_CONNECTOR_CATALOG=1) this
+     * token bypasses the connector-catalog tier filter. Used when the connect
+     * flow is initiated with `--full-catalog`.
+     */
+    catalogScope?: "full";
 }): Promise<string>;
 export declare function verifyMcpOAuthAccessToken(token: string, resource: string | undefined): Promise<{
     userEmail: string;
@@ -31,5 +38,8 @@ export declare function verifyMcpOAuthAccessToken(token: string, resource: strin
     scopes: string[];
     clientId: string;
     jti?: string;
+    /** Present when the token was minted with `--full-catalog`; bypasses the
+     *  connector-catalog tier filter on hosted multi-tenant deployments. */
+    catalogScope?: "full";
 } | null>;
 //# sourceMappingURL=oauth-token.d.ts.map

package/dist/mcp/oauth-token.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-token.d.ts","sourceRoot":"","sources":["../../src/mcp/oauth-token.ts"],"names":[],"mappings":"AAKA,eAAO,MAAM,gBAAgB,gDAAiD,CAAC;AAE/E,eAAO,MAAM,uBAAuB,QAA6B,CAAC;AAElE,MAAM,WAAW,yBAAyB;IACxC,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,wBAAwB,CAAC;CAC/B;AAQD,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,GAAG,IAAI,CAYjE;AAED,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,MAAM,EAAE,CAK7D;AAED,wBAAgB,gBAAgB,CAC9B,MAAM,EAAE,MAAM,EAAE,GAAG,SAAS,EAC5B,KAAK,EAAE,CAAC,OAAO,gBAAgB,CAAC,CAAC,MAAM,CAAC,GACvC,OAAO,CAGT;AAED,wBAAsB,uBAAuB,CAAC,MAAM,EAAE;IACpD,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;CAC7B,GAAG,OAAO,CAAC,MAAM,CAAC,CAiBlB;AAED,wBAAsB,yBAAyB,CAC7C,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GAAG,SAAS,GAC3B,OAAO,CAAC;IACT,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,IAAI,CAAC,CA6BR"}
+{"version":3,"file":"oauth-token.d.ts","sourceRoot":"","sources":["../../src/mcp/oauth-token.ts"],"names":[],"mappings":"AAKA,eAAO,MAAM,gBAAgB,gDAAiD,CAAC;AAE/E,eAAO,MAAM,uBAAuB,QAA6B,CAAC;AAElE,MAAM,WAAW,yBAAyB;IACxC,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,wBAAwB,CAAC;CAC/B;AAQD,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,GAAG,IAAI,CAYjE;AAED,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,MAAM,EAAE,CAK7D;AAED,wBAAgB,gBAAgB,CAC9B,MAAM,EAAE,MAAM,EAAE,GAAG,SAAS,EAC5B,KAAK,EAAE,CAAC,OAAO,gBAAgB,CAAC,CAAC,MAAM,CAAC,GACvC,OAAO,CAGT;AAED,wBAAsB,uBAAuB,CAAC,MAAM,EAAE;IACpD,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAC5B;;;;;OAKG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,GAAG,OAAO,CAAC,MAAM,CAAC,CAkBlB;AAED,wBAAsB,yBAAyB,CAC7C,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GAAG,SAAS,GAC3B,OAAO,CAAC;IACT,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;4EACwE;IACxE,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,GAAG,IAAI,CAAC,CA8BR"}

package/dist/mcp/oauth-token.js

@@ -40,6 +40,7 @@ export async function signMcpOAuthAccessToken(params) {
         scope: params.scope,
         client_id: params.clientId,
         resource: params.resource,
+        ...(params.catalogScope === "full" ? { catalog_scope: "full" } : {}),
     })
         .setProtectedHeader({ alg: "HS256" })
         .setIssuer(params.issuer)
@@ -77,6 +78,7 @@ export async function verifyMcpOAuthAccessToken(token, resource) {
             scopes,
             clientId: payload.client_id,
             jti: typeof payload.jti === "string" ? payload.jti : undefined,
+            ...(payload.catalog_scope === "full" ? { catalogScope: "full" } : {}),
         };
     }
     catch {

package/dist/mcp/oauth-token.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-token.js","sourceRoot":"","sources":["../../src/mcp/oauth-token.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,mCAAmC,CAAC;AAClE,OAAO,EAAE,0BAA0B,EAAE,MAAM,kBAAkB,CAAC;AAE9D,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,UAAU,EAAE,WAAW,EAAE,UAAU,CAAU,CAAC;AAE/E,MAAM,CAAC,MAAM,uBAAuB,GAAG,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAalE,SAAS,aAAa;IACpB,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAC7B,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,EAAE,IAAI,aAAa,EAAE,CAClD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,KAAc;IAChD,MAAM,SAAS,GACb,OAAO,KAAK,KAAK,QAAQ;QACvB,CAAC,CAAC,KAAK;aACF,KAAK,CAAC,KAAK,CAAC;aACZ,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB,MAAM,CAAC,OAAO,CAAC;QACpB,CAAC,CAAC,EAAE,CAAC;IACT,MAAM,OAAO,GAAG,IAAI,GAAG,CAAS,gBAAgB,CAAC,CAAC;IAClD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,uBAAuB,CAAC;IAC3D,MAAM,QAAQ,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IACjE,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACnE,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,KAAyB;IACjD,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;SACjB,KAAK,CAAC,KAAK,CAAC;SACZ,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,OAAO,CAAC,CAAC;AACrB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAC9B,MAA4B,EAC5B,KAAwC;IAExC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,OAAO,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,MAU7C;IACC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC;QACtB,GAAG,EAAE,wBAAwB;QAC7B,GAAG,EAAE,MAAM,CAAC,UAAU;QACtB,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjD,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7D,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,QAAQ,EAAE,MAAM,CAAC,QAAQ;KAC1B,CAAC;SACC,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;SACpC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC;SACxB,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC;SAC5B,MAAM,CAAC,MAAM,CAAC,GAAG,IAAI,UAAU,EAAE,CAAC;SAClC,WAAW,EAAE;SACb,iBAAiB,CAAC,MAAM,CAAC,SAAS,IAAI,0BAA0B,CAAC;SACjE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;AAC3B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,KAAa,EACb,QAA4B;IAS5B,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC3B,IAAI,CAAC;QACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,aAAa,EAAE,EAAE;YAC/D,QAAQ,EAAE,QAAQ;SACnB,CAAC,CAAC;QACH,IAAI,OAAO,CAAC,GAAG,KAAK,wBAAwB;YAAE,OAAO,IAAI,CAAC;QAC1D,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAC/C,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QACjE,IAAI,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;YAChE,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,KAAK,GAAG,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QACrE,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAChC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAQ,CAAC,CAAC,EAAE,CAAC;YAC7D,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO;YACL,SAAS,EAAE,OAAO,CAAC,GAAG;YACtB,KAAK,EAAE,OAAO,OAAO,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;YACtE,SAAS,EACP,OAAO,OAAO,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;YACzE,MAAM;YACN,QAAQ,EAAE,OAAO,CAAC,SAAS;YAC3B,GAAG,EAAE,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;SAC/D,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC","sourcesContent":["import * as jose from \"jose\";\nimport { randomUUID } from \"node:crypto\";\nimport { getAuthSecret } from \"../server/better-auth-instance.js\";\nimport { MCP_OAUTH_ACCESS_TOKEN_TTL } from \"./oauth-store.js\";\n\nexport const MCP_OAUTH_SCOPES = [\"mcp:read\", \"mcp:write\", \"mcp:apps\"] as const;\n\nexport const MCP_OAUTH_DEFAULT_SCOPE = MCP_OAUTH_SCOPES.join(\" \");\n\nexport interface McpOAuthAccessTokenClaims {\n  sub: string;\n  org_id?: string;\n  org_domain?: string;\n  scope: string;\n  client_id: string;\n  resource: string;\n  jti?: string;\n  typ: \"agent-native-mcp-oauth\";\n}\n\nfunction signingSecret(): Uint8Array {\n  return new TextEncoder().encode(\n    process.env.A2A_SECRET?.trim() || getAuthSecret(),\n  );\n}\n\nexport function normalizeOAuthScope(input: unknown): string | null {\n  const requested =\n    typeof input === \"string\"\n      ? input\n          .split(/\\s+/)\n          .map((s) => s.trim())\n          .filter(Boolean)\n      : [];\n  const allowed = new Set<string>(MCP_OAUTH_SCOPES);\n  if (requested.length === 0) return MCP_OAUTH_DEFAULT_SCOPE;\n  const selected = requested.filter((scope) => allowed.has(scope));\n  return selected.length ? [...new Set(selected)].join(\" \") : null;\n}\n\nexport function scopeList(scope: string | undefined): string[] {\n  return (scope ?? \"\")\n    .split(/\\s+/)\n    .map((s) => s.trim())\n    .filter(Boolean);\n}\n\nexport function hasMcpOAuthScope(\n  scopes: string[] | undefined,\n  scope: (typeof MCP_OAUTH_SCOPES)[number],\n): boolean {\n  if (!scopes) return true;\n  return scopes.includes(scope);\n}\n\nexport async function signMcpOAuthAccessToken(params: {\n  ownerEmail: string;\n  orgId?: string | null;\n  orgDomain?: string | null;\n  clientId: string;\n  scope: string;\n  resource: string;\n  issuer: string;\n  jti?: string;\n  expiresIn?: string | number;\n}): Promise<string> {\n  return new jose.SignJWT({\n    typ: \"agent-native-mcp-oauth\",\n    sub: params.ownerEmail,\n    ...(params.orgId ? { org_id: params.orgId } : {}),\n    ...(params.orgDomain ? { org_domain: params.orgDomain } : {}),\n    scope: params.scope,\n    client_id: params.clientId,\n    resource: params.resource,\n  })\n    .setProtectedHeader({ alg: \"HS256\" })\n    .setIssuer(params.issuer)\n    .setAudience(params.resource)\n    .setJti(params.jti ?? randomUUID())\n    .setIssuedAt()\n    .setExpirationTime(params.expiresIn ?? MCP_OAUTH_ACCESS_TOKEN_TTL)\n    .sign(signingSecret());\n}\n\nexport async function verifyMcpOAuthAccessToken(\n  token: string,\n  resource: string | undefined,\n): Promise<{\n  userEmail: string;\n  orgId?: string;\n  orgDomain?: string;\n  scopes: string[];\n  clientId: string;\n  jti?: string;\n} | null> {\n  if (!resource) return null;\n  try {\n    const { payload } = await jose.jwtVerify(token, signingSecret(), {\n      audience: resource,\n    });\n    if (payload.typ !== \"agent-native-mcp-oauth\") return null;\n    if (payload.resource !== resource) return null;\n    if (typeof payload.sub !== \"string\" || !payload.sub) return null;\n    if (typeof payload.client_id !== \"string\" || !payload.client_id) {\n      return null;\n    }\n    const scope = typeof payload.scope === \"string\" ? payload.scope : \"\";\n    const scopes = scopeList(scope);\n    if (!scopes.some((s) => MCP_OAUTH_SCOPES.includes(s as any))) {\n      return null;\n    }\n    return {\n      userEmail: payload.sub,\n      orgId: typeof payload.org_id === \"string\" ? payload.org_id : undefined,\n      orgDomain:\n        typeof payload.org_domain === \"string\" ? payload.org_domain : undefined,\n      scopes,\n      clientId: payload.client_id,\n      jti: typeof payload.jti === \"string\" ? payload.jti : undefined,\n    };\n  } catch {\n    return null;\n  }\n}\n"]}
+{"version":3,"file":"oauth-token.js","sourceRoot":"","sources":["../../src/mcp/oauth-token.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,mCAAmC,CAAC;AAClE,OAAO,EAAE,0BAA0B,EAAE,MAAM,kBAAkB,CAAC;AAE9D,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,UAAU,EAAE,WAAW,EAAE,UAAU,CAAU,CAAC;AAE/E,MAAM,CAAC,MAAM,uBAAuB,GAAG,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAalE,SAAS,aAAa;IACpB,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAC7B,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,EAAE,IAAI,aAAa,EAAE,CAClD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,KAAc;IAChD,MAAM,SAAS,GACb,OAAO,KAAK,KAAK,QAAQ;QACvB,CAAC,CAAC,KAAK;aACF,KAAK,CAAC,KAAK,CAAC;aACZ,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB,MAAM,CAAC,OAAO,CAAC;QACpB,CAAC,CAAC,EAAE,CAAC;IACT,MAAM,OAAO,GAAG,IAAI,GAAG,CAAS,gBAAgB,CAAC,CAAC;IAClD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,uBAAuB,CAAC;IAC3D,MAAM,QAAQ,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IACjE,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACnE,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,KAAyB;IACjD,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;SACjB,KAAK,CAAC,KAAK,CAAC;SACZ,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,OAAO,CAAC,CAAC;AACrB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAC9B,MAA4B,EAC5B,KAAwC;IAExC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,OAAO,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,MAiB7C;IACC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC;QACtB,GAAG,EAAE,wBAAwB;QAC7B,GAAG,EAAE,MAAM,CAAC,UAAU;QACtB,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjD,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7D,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,GAAG,CAAC,MAAM,CAAC,YAAY,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACrE,CAAC;SACC,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;SACpC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC;SACxB,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC;SAC5B,MAAM,CAAC,MAAM,CAAC,GAAG,IAAI,UAAU,EAAE,CAAC;SAClC,WAAW,EAAE;SACb,iBAAiB,CAAC,MAAM,CAAC,SAAS,IAAI,0BAA0B,CAAC;SACjE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;AAC3B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,KAAa,EACb,QAA4B;IAY5B,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC3B,IAAI,CAAC;QACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,aAAa,EAAE,EAAE;YAC/D,QAAQ,EAAE,QAAQ;SACnB,CAAC,CAAC;QACH,IAAI,OAAO,CAAC,GAAG,KAAK,wBAAwB;YAAE,OAAO,IAAI,CAAC;QAC1D,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAC/C,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QACjE,IAAI,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;YAChE,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,KAAK,GAAG,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QACrE,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAChC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAQ,CAAC,CAAC,EAAE,CAAC;YAC7D,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO;YACL,SAAS,EAAE,OAAO,CAAC,GAAG;YACtB,KAAK,EAAE,OAAO,OAAO,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;YACtE,SAAS,EACP,OAAO,OAAO,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;YACzE,MAAM;YACN,QAAQ,EAAE,OAAO,CAAC,SAAS;YAC3B,GAAG,EAAE,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;YAC9D,GAAG,CAAC,OAAO,CAAC,aAAa,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtE,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC","sourcesContent":["import * as jose from \"jose\";\nimport { randomUUID } from \"node:crypto\";\nimport { getAuthSecret } from \"../server/better-auth-instance.js\";\nimport { MCP_OAUTH_ACCESS_TOKEN_TTL } from \"./oauth-store.js\";\n\nexport const MCP_OAUTH_SCOPES = [\"mcp:read\", \"mcp:write\", \"mcp:apps\"] as const;\n\nexport const MCP_OAUTH_DEFAULT_SCOPE = MCP_OAUTH_SCOPES.join(\" \");\n\nexport interface McpOAuthAccessTokenClaims {\n  sub: string;\n  org_id?: string;\n  org_domain?: string;\n  scope: string;\n  client_id: string;\n  resource: string;\n  jti?: string;\n  typ: \"agent-native-mcp-oauth\";\n}\n\nfunction signingSecret(): Uint8Array {\n  return new TextEncoder().encode(\n    process.env.A2A_SECRET?.trim() || getAuthSecret(),\n  );\n}\n\nexport function normalizeOAuthScope(input: unknown): string | null {\n  const requested =\n    typeof input === \"string\"\n      ? input\n          .split(/\\s+/)\n          .map((s) => s.trim())\n          .filter(Boolean)\n      : [];\n  const allowed = new Set<string>(MCP_OAUTH_SCOPES);\n  if (requested.length === 0) return MCP_OAUTH_DEFAULT_SCOPE;\n  const selected = requested.filter((scope) => allowed.has(scope));\n  return selected.length ? [...new Set(selected)].join(\" \") : null;\n}\n\nexport function scopeList(scope: string | undefined): string[] {\n  return (scope ?? \"\")\n    .split(/\\s+/)\n    .map((s) => s.trim())\n    .filter(Boolean);\n}\n\nexport function hasMcpOAuthScope(\n  scopes: string[] | undefined,\n  scope: (typeof MCP_OAUTH_SCOPES)[number],\n): boolean {\n  if (!scopes) return true;\n  return scopes.includes(scope);\n}\n\nexport async function signMcpOAuthAccessToken(params: {\n  ownerEmail: string;\n  orgId?: string | null;\n  orgDomain?: string | null;\n  clientId: string;\n  scope: string;\n  resource: string;\n  issuer: string;\n  jti?: string;\n  expiresIn?: string | number;\n  /**\n   * When `\"full\"`, embed a `catalog_scope: \"full\"` custom claim so that on\n   * hosted multi-tenant deployments (AGENT_NATIVE_CONNECTOR_CATALOG=1) this\n   * token bypasses the connector-catalog tier filter. Used when the connect\n   * flow is initiated with `--full-catalog`.\n   */\n  catalogScope?: \"full\";\n}): Promise<string> {\n  return new jose.SignJWT({\n    typ: \"agent-native-mcp-oauth\",\n    sub: params.ownerEmail,\n    ...(params.orgId ? { org_id: params.orgId } : {}),\n    ...(params.orgDomain ? { org_domain: params.orgDomain } : {}),\n    scope: params.scope,\n    client_id: params.clientId,\n    resource: params.resource,\n    ...(params.catalogScope === \"full\" ? { catalog_scope: \"full\" } : {}),\n  })\n    .setProtectedHeader({ alg: \"HS256\" })\n    .setIssuer(params.issuer)\n    .setAudience(params.resource)\n    .setJti(params.jti ?? randomUUID())\n    .setIssuedAt()\n    .setExpirationTime(params.expiresIn ?? MCP_OAUTH_ACCESS_TOKEN_TTL)\n    .sign(signingSecret());\n}\n\nexport async function verifyMcpOAuthAccessToken(\n  token: string,\n  resource: string | undefined,\n): Promise<{\n  userEmail: string;\n  orgId?: string;\n  orgDomain?: string;\n  scopes: string[];\n  clientId: string;\n  jti?: string;\n  /** Present when the token was minted with `--full-catalog`; bypasses the\n   *  connector-catalog tier filter on hosted multi-tenant deployments. */\n  catalogScope?: \"full\";\n} | null> {\n  if (!resource) return null;\n  try {\n    const { payload } = await jose.jwtVerify(token, signingSecret(), {\n      audience: resource,\n    });\n    if (payload.typ !== \"agent-native-mcp-oauth\") return null;\n    if (payload.resource !== resource) return null;\n    if (typeof payload.sub !== \"string\" || !payload.sub) return null;\n    if (typeof payload.client_id !== \"string\" || !payload.client_id) {\n      return null;\n    }\n    const scope = typeof payload.scope === \"string\" ? payload.scope : \"\";\n    const scopes = scopeList(scope);\n    if (!scopes.some((s) => MCP_OAUTH_SCOPES.includes(s as any))) {\n      return null;\n    }\n    return {\n      userEmail: payload.sub,\n      orgId: typeof payload.org_id === \"string\" ? payload.org_id : undefined,\n      orgDomain:\n        typeof payload.org_domain === \"string\" ? payload.org_domain : undefined,\n      scopes,\n      clientId: payload.client_id,\n      jti: typeof payload.jti === \"string\" ? payload.jti : undefined,\n      ...(payload.catalog_scope === \"full\" ? { catalogScope: \"full\" } : {}),\n    };\n  } catch {\n    return null;\n  }\n}\n"]}

package/dist/mcp/server.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,IAAI,CAAC;AAYlC,OAAO,EACL,yBAAyB,EACzB,UAAU,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,EAClB,KAAK,SAAS,EACd,KAAK,iBAAiB,EACtB,KAAK,cAAc,EACpB,MAAM,mBAAmB,CAAC;AAW3B,OAAO,EACL,yBAAyB,EACzB,UAAU,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,GACnB,CAAC;AACF,YAAY,EAAE,SAAS,EAAE,iBAAiB,EAAE,cAAc,EAAE,CAAC;AAoM7D;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,OAAO,EACd,MAAM,EAAE,SAAS,GAChB,OAAO,CACR,QAAQ,GAAG,MAAM,GAAG;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,CAC5E,CA+JA;AAMD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,QAAQ,CACtB,QAAQ,EAAE,GAAG,EACb,MAAM,EAAE,SAAS,EACjB,WAAW,SAAmB,GAC7B,IAAI,CAYN"}
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,IAAI,CAAC;AAYlC,OAAO,EACL,yBAAyB,EACzB,UAAU,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,EAClB,KAAK,SAAS,EACd,KAAK,iBAAiB,EACtB,KAAK,cAAc,EACpB,MAAM,mBAAmB,CAAC;AAW3B,OAAO,EACL,yBAAyB,EACzB,UAAU,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,GACnB,CAAC;AACF,YAAY,EAAE,SAAS,EAAE,iBAAiB,EAAE,cAAc,EAAE,CAAC;AAoM7D;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,OAAO,EACd,MAAM,EAAE,SAAS,GAChB,OAAO,CACR,QAAQ,GAAG,MAAM,GAAG;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,CAC5E,CAkKA;AAMD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,QAAQ,CACtB,QAAQ,EAAE,GAAG,EACb,MAAM,EAAE,SAAS,EACjB,WAAW,SAAmB,GAC7B,IAAI,CAYN"}

package/dist/mcp/server.js

@@ -263,6 +263,9 @@ export async function handleMcpRequest(event, config) {
     const server = await createMCPServerForRequest(config, authResult.identity, {
         ...requestMeta,
         fullSurface: authResult.fullSurface === true,
+        // When the caller minted their token with --full-catalog (catalog_scope:
+        // "full" JWT claim), bypass the connector-catalog tier filter.
+        ...(authResult.fullCatalog === true ? { fullCatalog: true } : {}),
     });
     if (shouldUseNodeFastPath(event)) {
         const { nodeReq, nodeRes } = getNodeReqRes(event);